crypto/rsa: apply fips140=only to opts.Hash in SignPSS

Change-Id: I6a6a46569bd364b36f83b9aef640eca94e045173 Reviewed-on: https://go-review.googlesource.com/c/go/+/641315 Reviewed-by: Roland Shoemaker <roland@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Russ Cox <rsc@golang.org> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
2025-12-08 06:10:04 +00:00 · 2025-01-06 21:12:03 +01:00 · 2025-01-06 21:12:03 +01:00 · 4640e92af7
commit 4640e92af7
parent e966a2773c
1 changed files with 5 additions and 4 deletions
--- a/src/crypto/rsa/fips.go
+++ b/src/crypto/rsa/fips.go
@ -67,6 +67,11 @@ func SignPSS(rand io.Reader, priv *PrivateKey, hash crypto.Hash, digest []byte,
 	if err := checkFIPS140OnlyPrivateKey(priv); err != nil {
 		return nil, err
 	}
+
+	if opts != nil && opts.Hash != 0 {
+		hash = opts.Hash
+	}
+
 	if fips140only.Enabled && !fips140only.ApprovedHash(hash.New()) {
 		return nil, errors.New("crypto/rsa: use of hash functions other than SHA-2 or SHA-3 is not allowed in FIPS 140-only mode")
 	}
@ -74,10 +79,6 @@ func SignPSS(rand io.Reader, priv *PrivateKey, hash crypto.Hash, digest []byte,
 		return nil, errors.New("crypto/rsa: only crypto/rand.Reader is allowed in FIPS 140-only mode")
 	}

-	if opts != nil && opts.Hash != 0 {
-		hash = opts.Hash
-	}
-
 	if boring.Enabled && rand == boring.RandReader {
 		bkey, err := boringPrivateKey(priv)
 		if err != nil {