diff options
| author | Filippo Valsorda <filippo@golang.org> | 2024-12-17 20:03:22 +0100 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2025-01-03 08:29:24 -0800 |
| commit | e7a8bd5d8bd950764cbc48656fcc5456df7b1e9a (patch) | |
| tree | c55e19d64fdc8f1aebf07b2159920156f4d3e7f9 /src/crypto | |
| parent | 4b652e9f5f5c0793f2e41cd2876bce5a241b2c95 (diff) | |
| download | go-e7a8bd5d8bd950764cbc48656fcc5456df7b1e9a.tar.xz | |
crypto/internal/fips140/check: remove Enabled
check.Enabled, internal/fips140.Enabled, and crypto/fips140.Enabled were
redundant. Package check can just use internal/fips140.Enabled.
check.Verified is still there for the tests and belt-and-suspenders
assurance in crypto/fips140.Enabled, although it's implied by Enabled.
For #69536
Change-Id: I83921cc925da841aba4da79a9a5e9ac526a3f2bf
Reviewed-on: https://go-review.googlesource.com/c/go/+/638855
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Diffstat (limited to 'src/crypto')
| -rw-r--r-- | src/crypto/fips140/fips140.go | 2 | ||||
| -rw-r--r-- | src/crypto/internal/fips140/check/check.go | 28 | ||||
| -rw-r--r-- | src/crypto/internal/fips140/fips140.go | 6 |
3 files changed, 13 insertions, 23 deletions
diff --git a/src/crypto/fips140/fips140.go b/src/crypto/fips140/fips140.go index 9fd8fe76e5..41d0d170cf 100644 --- a/src/crypto/fips140/fips140.go +++ b/src/crypto/fips140/fips140.go @@ -26,7 +26,7 @@ func Enabled() bool { if currentlyEnabled != fips140.Enabled { panic("crypto/fips140: GODEBUG setting changed after program start") } - if fips140.Enabled && !check.Enabled() { + if fips140.Enabled && !check.Verified { panic("crypto/fips140: FIPS 140-3 mode enabled, but integrity check didn't pass") } return fips140.Enabled diff --git a/src/crypto/internal/fips140/check/check.go b/src/crypto/internal/fips140/check/check.go index ff61b80cb3..cf33a1efbe 100644 --- a/src/crypto/internal/fips140/check/check.go +++ b/src/crypto/internal/fips140/check/check.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// Package check implements the FIPS-140 load-time code+data verification. +// Package check implements the FIPS 140 load-time code+data verification. // Every FIPS package providing cryptographic functionality except hmac and sha256 // must import crypto/internal/fips140/check, so that the verification happens // before initialization of package global variables. @@ -13,6 +13,7 @@ package check import ( + "crypto/internal/fips140" "crypto/internal/fips140/hmac" "crypto/internal/fips140/sha256" "crypto/internal/fips140deps/byteorder" @@ -22,15 +23,9 @@ import ( "unsafe" ) -// Enabled reports whether verification was enabled. -// If Enabled returns true, then verification succeeded, -// because if it failed the binary would have panicked at init time. -func Enabled() bool { - return enabled -} - -var enabled bool // set when verification is enabled -var Verified bool // set when verification succeeds, for testing +// Verified is set when verification succeeded. It can be expected to always be +// true when [fips140.Enabled] is true, or init would have panicked. +var Verified bool // Supported reports whether the current GOOS/GOARCH is Supported at all. func Supported() bool { @@ -71,9 +66,7 @@ const fipsMagic = " Go fipsinfo \xff\x00" var zeroSum [32]byte func init() { - v := godebug.Value("#fips140") - enabled = v != "" && v != "off" - if !enabled { + if !fips140.Enabled { return } @@ -88,13 +81,6 @@ func init() { panic("fips140: cannot verify in asan mode") } - switch v { - case "on", "only", "debug": - // ok - default: - panic("fips140: unknown GODEBUG setting fips140=" + v) - } - if !Supported() { panic("fips140: unavailable on " + runtime.GOOS + "-" + runtime.GOARCH) } @@ -132,7 +118,7 @@ func init() { panic("fips140: verification mismatch") } - if v == "debug" { + if godebug.Value("#fips140") == "debug" { println("fips140: verified code+data") } diff --git a/src/crypto/internal/fips140/fips140.go b/src/crypto/internal/fips140/fips140.go index d30433debf..55b5dd43ce 100644 --- a/src/crypto/internal/fips140/fips140.go +++ b/src/crypto/internal/fips140/fips140.go @@ -11,12 +11,16 @@ var Enabled bool var debug bool func init() { - switch godebug.Value("#fips140") { + v := godebug.Value("#fips140") + switch v { case "on", "only": Enabled = true case "debug": Enabled = true debug = true + case "off", "": + default: + panic("fips140: unknown GODEBUG setting fips140=" + v) } } |