diff options
| author | Filippo Valsorda <filippo@golang.org> | 2025-10-08 13:30:34 +0200 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2025-10-14 07:57:03 -0700 |
| commit | f6b9d56affb75103507f2b6ed4ffa98ca899b39d (patch) | |
| tree | 6dee1a5f4f25f6ba206af8569296279f8df8416f /src | |
| parent | 60f6d2f6230c5085ad25a9e3ebdaaae2aefdfe36 (diff) | |
| download | go-f6b9d56affb75103507f2b6ed4ffa98ca899b39d.tar.xz | |
crypto/internal/fips140/entropy: fix benign race
Fixes #75690
Fixes #75842
Change-Id: I6a6a696420f51f28f48535c34cf347e2cbd4add5
Reviewed-on: https://go-review.googlesource.com/c/go/+/710058
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/crypto/internal/fips140/entropy/entropy.go | 4 | ||||
| -rw-r--r-- | src/crypto/internal/fips140test/entropy_test.go | 6 |
2 files changed, 6 insertions, 4 deletions
diff --git a/src/crypto/internal/fips140/entropy/entropy.go b/src/crypto/internal/fips140/entropy/entropy.go index 273f05c817..f5b2f53752 100644 --- a/src/crypto/internal/fips140/entropy/entropy.go +++ b/src/crypto/internal/fips140/entropy/entropy.go @@ -123,7 +123,9 @@ func (s *source) Sample() uint8 { // Perform a few memory accesses in an unpredictable pattern to expose the // next measurement to as much system noise as possible. memory, lcgState := s.memory, s.lcgState - _ = memory[0] // hoist the nil check out of touchMemory + if memory == nil { // remove the nil check from the inlined touchMemory calls + panic("entropy: nil memory buffer") + } for range 64 { lcgState = 1664525*lcgState + 1013904223 // Discard the lower bits, which tend to fall into short cycles. diff --git a/src/crypto/internal/fips140test/entropy_test.go b/src/crypto/internal/fips140test/entropy_test.go index ef6909efba..a33e2e7bbc 100644 --- a/src/crypto/internal/fips140test/entropy_test.go +++ b/src/crypto/internal/fips140test/entropy_test.go @@ -241,7 +241,7 @@ func TestEntropyUnchanged(t *testing.T) { // entropy source through the Entropy Source Validation program, // independently of the FIPS 140-3 module. It must not change even across // FIPS 140-3 module versions, in order to reuse the ESV certificate. - exp := "1b68d4c091ef66c6006602e4ed3ac10f8a82ad193708ec99d63b145e3baa3e6c" + exp := "2541273241ae8aafe55026328354ed3799df1e2fb308b2097833203a42911b53" if got := hex.EncodeToString(h.Sum(nil)); got != exp { t.Errorf("hash of crypto/internal/fips140/entropy = %s, want %s", got, exp) } @@ -249,12 +249,12 @@ func TestEntropyUnchanged(t *testing.T) { func TestEntropyRace(t *testing.T) { // Check that concurrent calls to Seed don't trigger the race detector. - for range 2 { + for range 16 { go func() { _, _ = entropy.Seed(&memory) }() } - // Same, with the higher-level DRBG. More concurrent calls to hit the Pool. + // Same, with the higher-level DRBG. for range 16 { go func() { var b [64]byte |