]> Cypherpunks repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dd7a7ba)
crypto/cipher: block non-AES CTR and CBC in fips140=only mode
authorFilippo Valsorda <filippo@golang.org>
Mon, 16 Dec 2024 18:30:58 +0000 (19:30 +0100)
committerGopher Robot <gobot@golang.org>
Tue, 17 Dec 2024 16:02:43 +0000 (08:02 -0800)
Somehow I had missed these.

For #69536

Change-Id: I5e60b6f052bbfb707742ad15f663517c6c5f68d3
Reviewed-on: https://go-review.googlesource.com/c/go/+/636795
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: David Chase <drchase@google.com>
src/crypto/cipher/cbc.go patch | blob | history
src/crypto/cipher/ctr.go patch | blob | history

diff --git a/src/crypto/cipher/cbc.go b/src/crypto/cipher/cbc.go
index b4536aceb9c22452c5e38fb2b8a466ced180304d..8e6140629699545b35b0f65f4e87eebac56a43b9 100644 (file)
--- a/src/crypto/cipher/cbc.go
+++ b/src/crypto/cipher/cbc.go
@@ -15,6 +15,7 @@ import (
        "bytes"
        "crypto/internal/fips140/aes"
        "crypto/internal/fips140/alias"
+       "crypto/internal/fips140only"
        "crypto/subtle"
 )
 
@@ -53,6 +54,9 @@ func NewCBCEncrypter(b Block, iv []byte) BlockMode {
        if b, ok := b.(*aes.Block); ok {
                return aes.NewCBCEncrypter(b, [16]byte(iv))
        }
+       if fips140only.Enabled {
+               panic("crypto/cipher: use of CBC with non-AES ciphers is not allowed in FIPS 140-only mode")
+       }
        if cbc, ok := b.(cbcEncAble); ok {
                return cbc.NewCBCEncrypter(iv)
        }
@@ -129,6 +133,9 @@ func NewCBCDecrypter(b Block, iv []byte) BlockMode {
        if b, ok := b.(*aes.Block); ok {
                return aes.NewCBCDecrypter(b, [16]byte(iv))
        }
+       if fips140only.Enabled {
+               panic("crypto/cipher: use of CBC with non-AES ciphers is not allowed in FIPS 140-only mode")
+       }
        if cbc, ok := b.(cbcDecAble); ok {
                return cbc.NewCBCDecrypter(iv)
        }
diff --git a/src/crypto/cipher/ctr.go b/src/crypto/cipher/ctr.go
index c868635b8a7a86a6cff9a5519c2f29c261303215..49512ca5dd8b8eb37be0f55ef62c67b6daf46eb5 100644 (file)
--- a/src/crypto/cipher/ctr.go
+++ b/src/crypto/cipher/ctr.go
@@ -16,6 +16,7 @@ import (
        "bytes"
        "crypto/internal/fips140/aes"
        "crypto/internal/fips140/alias"
+       "crypto/internal/fips140only"
        "crypto/subtle"
 )
 
@@ -41,6 +42,9 @@ func NewCTR(block Block, iv []byte) Stream {
        if block, ok := block.(*aes.Block); ok {
                return aesCtrWrapper{aes.NewCTR(block, iv)}
        }
+       if fips140only.Enabled {
+               panic("crypto/cipher: use of CTR with non-AES ciphers is not allowed in FIPS 140-only mode")
+       }
        if ctr, ok := block.(ctrAble); ok {
                return ctr.NewCTR(iv)
        }
Go GOST TLS 1.3