Move TLS 1.3 key schedule to cryptobackend

[qmuntal]

Summary

• Move the TLS 1.3 key schedule implementation into cryptobackend/tls13 and switch crypto/tls to import it directly.
• Keep the TLS 1.3 backend KDF hooks unexported now that they are package-local.
• Regenerate the vendor and crypto backend patches, including removing the stray cmd/go/internal/modindex/build_test.go addition.

Validation

• go test ./tls13
• go test -run "TestACVPVectors|TestTrafficKey|TestDependencies" ./crypto/tls ./go/build
• MS_GO_NOSYSTEMCRYPTO=1 go test -run "TestACVPVectors|TestTrafficKey|TestDependencies" ./crypto/tls ./go/build
• go test ./cmd/go/internal/modindex
• go test -run "TestDependencies" ./go/build

[Copilot]

Pull request overview

This PR moves the TLS 1.3 key schedule implementation into github.com/microsoft/go/cryptobackend/tls13, updates the Microsoft-patched crypto/tls sources (via 0002-Add-crypto-backends.patch) to use that package, and regenerates the patch set/vendor patch accordingly.

Changes:

• Add a new cryptobackend/tls13 package implementing the TLS 1.3 key schedule with optional backend KDF acceleration behind package-local hooks.
• Update the crypto backend patch to switch TLS 1.3 key schedule imports over to github.com/microsoft/go/cryptobackend/tls13 and adjust dependency rules.
• Update the vendor patch to include the new vendored cryptobackend/tls13/tls13.go and keep backend KDF hooks unexported.

Patch consistency: Patches are happy!

Show a summary per file

File	Description
patches/0002-Add-crypto-backends.patch	Switch crypto/tls TLS 1.3 key schedule usage to cryptobackend/tls13, plus related dependency rule updates and patch regeneration cleanup.
patches/0001-Vendor-external-dependencies.patch	Vendor the new cryptobackend/tls13/tls13.go and adjust TLS 1.3 backend hook visibility in vendored sources.
cryptobackend/tls13/tls13.go	New TLS 1.3 key schedule implementation with HKDF fallback and optional backend KDF path.
cryptobackend/tls13/tls13_linux.go	Linux backend hook implementation delegating to OpenSSL TLS 1.3 KDF support.
cryptobackend/tls13/tls13_windows.go	Windows backend hook stub (currently unsupported).
cryptobackend/tls13/tls13_darwin.go	Darwin backend hook stub (currently unsupported).
cryptobackend/tls13/nobackend.go	No-backend stubs for non-goexperiment.systemcrypto builds.

Copilot's findings

Comments suppressed due to low confidence (1)

patches/0002-Add-crypto-backends.patch:5968

• In the patch for src/crypto/tls/handshake_server_tls13.go, the cloneHash hunk removes the if !ok { return nil } guard but leaves ok declared (marshaler, ok := ...) and then calls marshaler.MarshalBinary() unconditionally. This makes the patched Go source fail to compile (unused ok) and would also panic at runtime if in doesn't implement binaryMarshaler.

 	marshaler, ok := in.(binaryMarshaler)
-	if !ok {
-		return nil
-	}
 	state, err := marshaler.MarshalBinary()

• Files reviewed: 7/7 changed files
• Comments generated: 0

[qmuntal]

@copilot resolve conflicts

[Copilot]

@copilot resolve conflicts

Resolved the conflicts with microsoft/main in commit d60c790. The patch stack applies cleanly after the merge.