From: Keith Randall <khr@golang.org>
Date: Fri, 22 Nov 2024 21:37:26 +0000 (-0800)
Subject: crypto/internal/fips140/aes: handle fallback correctly, take 2
X-Git-Tag: go1.24rc1~83
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=8397de2241ca71ba5df2fa60564a8559b9a2d25d;p=gostls13.git

crypto/internal/fips140/aes: handle fallback correctly, take 2

Don't fallthrough to the hardware version if we used the generic version.

Missed one case of this in CL 631315.

(Originally broken on CL 624738.)

Change-Id: I5bf485ac8b0007769e4e935794defe2a3592376e
Reviewed-on: https://go-review.googlesource.com/c/go/+/631136
Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
---

diff --git a/src/crypto/internal/fips140/aes/ctr_s390x.go b/src/crypto/internal/fips140/aes/ctr_s390x.go
index 2d6e17927e..afa8786a72 100644
--- a/src/crypto/internal/fips140/aes/ctr_s390x.go
+++ b/src/crypto/internal/fips140/aes/ctr_s390x.go
@@ -30,6 +30,7 @@ func ctrBlocks8(b *Block, dst, src *[8 * BlockSize]byte, ivlo, ivhi uint64) {
 func ctrBlocksS390x(b *Block, dst, src []byte, ivlo, ivhi uint64) {
 	if b.fallback != nil {
 		ctrBlocks(b, dst, src, ivlo, ivhi)
+		return
 	}
 
 	buf := make([]byte, len(src), 8*BlockSize)