crypto/ecdsa: fix condition for fips140=only check
Fixes #70894 Change-Id: I78c9f2e46006ffc5f1d2886218f8aaaf3f1b59eb GitHub-Last-Rev: 11f0b452f57aacc40139eab557a8bed1386ad07b GitHub-Pull-Request: golang/go#70904 Reviewed-on: https://go-review.googlesource.com/c/go/+/637455 Reviewed-by: Filippo Valsorda <filippo@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Carlos Amedee <carlos@golang.org> Reviewed-by: David Chase <drchase@google.com>
This commit is contained in:
Mauri de Souza Meneguzzo
committed by
Carlos Amedee
Carlos Amedee
parent
6aa46eb750
commit
f4e3ec3dbe
@@ -183,7 +183,7 @@ func GenerateKey(c elliptic.Curve, rand io.Reader) (*PrivateKey, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func generateFIPS[P ecdsa.Point[P]](curve elliptic.Curve, c *ecdsa.Curve[P], rand io.Reader) (*PrivateKey, error) {
|
func generateFIPS[P ecdsa.Point[P]](curve elliptic.Curve, c *ecdsa.Curve[P], rand io.Reader) (*PrivateKey, error) {
|
||||||
if fips140only.Enabled && fips140only.ApprovedRandomReader(rand) {
|
if fips140only.Enabled && !fips140only.ApprovedRandomReader(rand) {
|
||||||
return nil, errors.New("crypto/ecdsa: only crypto/rand.Reader is allowed in FIPS 140-only mode")
|
return nil, errors.New("crypto/ecdsa: only crypto/rand.Reader is allowed in FIPS 140-only mode")
|
||||||
}
|
}
|
||||||
privateKey, err := ecdsa.GenerateKey(c, rand)
|
privateKey, err := ecdsa.GenerateKey(c, rand)
|
||||||
|
|||||||
Reference in New Issue
Block a user