Cypherpunks repositories - gostls13.git/commit

author	Filippo Valsorda <filippo@golang.org>
	Sun, 17 Nov 2024 17:38:29 +0000 (18:38 +0100)
committer	Gopher Robot <gobot@golang.org>
	Tue, 19 Nov 2024 23:02:31 +0000 (23:02 +0000)
commit	7e1af3bf741862deb91f048a92e91d3b31301f90
tree	ba25c0876cd2ac41bc98f53c93219c278bca364c	tree
parent	931700a95e2463c75b62e3c232ef47207921ed5d	commit \| diff

crypto/internal/fips: handle the one possible PCT failure

Since ECDSA private keys are irredeemably malleable, an application
could construct one where the public key doesn't match the private key.
They'd be very much on their own, but crashing the program feels a bit
harsh.

Add this one to the list of issues caused by exposing the ECDSA (and
RSA) key values as big.Ints.

For #69536

Change-Id: Iaa65c73d7145e74f860ca097fa9641448442fbf9
Reviewed-on: https://go-review.googlesource.com/c/go/+/628855
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

src/crypto/internal/fips/cast.go		diff \| blob \| history
src/crypto/internal/fips/ecdh/ecdh.go		diff \| blob \| history
src/crypto/internal/fips/ecdsa/cast.go		diff \| blob \| history
src/crypto/internal/fips/ecdsa/ecdsa.go		diff \| blob \| history
src/crypto/internal/fips/mlkem/mlkem1024.go		diff \| blob \| history
src/crypto/internal/fips/mlkem/mlkem768.go		diff \| blob \| history
src/crypto/internal/fipstest/cast_test.go		diff \| blob \| history