diff options
| author | Tom Thorogood <me+google@tomthorogood.co.uk> | 2024-12-10 23:22:49 +1030 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2024-12-10 18:14:33 +0000 |
| commit | fce17b0c774593da0dfb39b829464d1da8ceca77 (patch) | |
| tree | 4f27c75c22babab34bfa266e2156473b17d2bf9e /src | |
| parent | d87878c62b2db318a12e5bd2126a82c117961156 (diff) | |
| download | go-fce17b0c774593da0dfb39b829464d1da8ceca77.tar.xz | |
crypto/internal/fips140/ecdsa: fix reseed_counter check for HMAC_DRBG_Generate_algorithm
SP 800-90A Rev. 1 10.1.2.5 step 7 requires
reseed_counter = reseed_counter + 1
as the final step before returning SUCCESS.
This increment of reseedCounter was missing, meaning the reseed interval
check at the start of Generate wasn't actually functional.
Given how it's used, and that it has a reseed interval of 2^48, this
condition will never actually occur but the check is still required by
the standard.
For #69536
Change-Id: I314a7eee5852e6d0fa1a0a04842003553cd803e7
Reviewed-on: https://go-review.googlesource.com/c/go/+/634775
Reviewed-by: Carlos Amedee <carlos@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/crypto/internal/fips140/ecdsa/hmacdrbg.go | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/crypto/internal/fips140/ecdsa/hmacdrbg.go b/src/crypto/internal/fips140/ecdsa/hmacdrbg.go index 6fd7ac6974..4f085e2801 100644 --- a/src/crypto/internal/fips140/ecdsa/hmacdrbg.go +++ b/src/crypto/internal/fips140/ecdsa/hmacdrbg.go @@ -160,4 +160,6 @@ func (d *hmacDRBG) Generate(out []byte) { d.hK = d.newHMAC(K) d.hK.Write(d.V) d.V = d.hK.Sum(d.V[:0]) + + d.reseedCounter++ } |