crypto/mlkem/mlkemtest: error out in fips140=only mode

author Filippo Valsorda <filippo@golang.org>

Mon, 8 Dec 2025 23:39:54 +0000 (00:39 +0100)

committer Gopher Robot <gobot@golang.org>

Wed, 10 Dec 2025 21:45:57 +0000 (13:45 -0800)
author Filippo Valsorda <filippo@golang.org>
Mon, 8 Dec 2025 23:39:54 +0000 (00:39 +0100)
committer Gopher Robot <gobot@golang.org>
Wed, 10 Dec 2025 21:45:57 +0000 (13:45 -0800)
diff --git a/src/crypto/mlkem/mlkemtest/mlkemtest.go b/src/crypto/mlkem/mlkemtest/mlkemtest.go

index 39e3994ea9beb2c995dbd329720f2d4bd3aa8fc8..40f64862bd49eb1fa6760f6e14e630fd5d97aea5 100644 (file)
--- a/src/crypto/mlkem/mlkemtest/mlkemtest.go
+++ b/src/crypto/mlkem/mlkemtest/mlkemtest.go
@@ -7,6 +7,7 @@ package mlkemtest
  
  import (
         fips140mlkem "crypto/internal/fips140/mlkem"
+       "crypto/internal/fips140only"
         "crypto/mlkem"
         "errors"
  )
@@ -20,6 +21,9 @@ func Encapsulate768(ek *mlkem.EncapsulationKey768, random []byte) (sharedKey, ci
         if len(random) != 32 {
                 return nil, nil, errors.New("mlkemtest: Encapsulate768: random must be 32 bytes")
         }
+       if fips140only.Enforced() {
+               return nil, nil, errors.New("crypto/mlkem/mlkemtest: use of derandomized encapsulation is not allowed in FIPS 140-only mode")
+       }
         k, err := fips140mlkem.NewEncapsulationKey768(ek.Bytes())
         if err != nil {
                 return nil, nil, errors.New("mlkemtest: Encapsulate768: failed to reconstruct key: " + err.Error())
@@ -37,6 +41,9 @@ func Encapsulate1024(ek *mlkem.EncapsulationKey1024, random []byte) (sharedKey,
         if len(random) != 32 {
                 return nil, nil, errors.New("mlkemtest: Encapsulate1024: random must be 32 bytes")
         }
+       if fips140only.Enforced() {
+               return nil, nil, errors.New("crypto/mlkem/mlkemtest: use of derandomized encapsulation is not allowed in FIPS 140-only mode")
+       }
         k, err := fips140mlkem.NewEncapsulationKey1024(ek.Bytes())
         if err != nil {
                 return nil, nil, errors.New("mlkemtest: Encapsulate1024: failed to reconstruct key: " + err.Error())
author	Filippo Valsorda <filippo@golang.org>
	Mon, 8 Dec 2025 23:39:54 +0000 (00:39 +0100)
committer	Gopher Robot <gobot@golang.org>
	Wed, 10 Dec 2025 21:45:57 +0000 (13:45 -0800)