Stowage/go
2
0
Fork 0
mirror of https://github.com/golang/go.git synced 2025-12-08 06:10:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

crypto/internal/fips140/entropy: fix benign race

Browse source 
Fixes #75690
Fixes #75842

Change-Id: I6a6a696420f51f28f48535c34cf347e2cbd4add5
Reviewed-on: https://go-review.googlesource.com/c/go/+/710058
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This commit is contained in:
Filippo Valsorda 2025-10-08 13:30:34 +02:00 committed by Gopher Robot
parent 60f6d2f623
commit f6b9d56aff
2 changed files with 6 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/crypto/internal/fips140/entropy/entropy.go
View file

@ -123,7 +123,9 @@ func (s *source) Sample() uint8 {
// Perform a few memory accesses in an unpredictable pattern to expose the // Perform a few memory accesses in an unpredictable pattern to expose the
// next measurement to as much system noise as possible. // next measurement to as much system noise as possible.
memory, lcgState := s.memory, s.lcgState memory, lcgState := s.memory, s.lcgState
_ = memory[0] // hoist the nil check out of touchMemory if memory == nil { // remove the nil check from the inlined touchMemory calls
panic("entropy: nil memory buffer")
}
for range 64 { for range 64 {
lcgState = 1664525*lcgState + 1013904223 lcgState = 1664525*lcgState + 1013904223
// Discard the lower bits, which tend to fall into short cycles. // Discard the lower bits, which tend to fall into short cycles.

6
src/crypto/internal/fips140test/entropy_test.go
View file

@ -241,7 +241,7 @@ func TestEntropyUnchanged(t *testing.T) {
// entropy source through the Entropy Source Validation program, // entropy source through the Entropy Source Validation program,
// independently of the FIPS 140-3 module. It must not change even across // independently of the FIPS 140-3 module. It must not change even across
// FIPS 140-3 module versions, in order to reuse the ESV certificate. // FIPS 140-3 module versions, in order to reuse the ESV certificate.
exp := "1b68d4c091ef66c6006602e4ed3ac10f8a82ad193708ec99d63b145e3baa3e6c" exp := "2541273241ae8aafe55026328354ed3799df1e2fb308b2097833203a42911b53"
if got := hex.EncodeToString(h.Sum(nil)); got != exp { if got := hex.EncodeToString(h.Sum(nil)); got != exp {
t.Errorf("hash of crypto/internal/fips140/entropy = %s, want %s", got, exp) t.Errorf("hash of crypto/internal/fips140/entropy = %s, want %s", got, exp)
} }
@ -249,12 +249,12 @@ func TestEntropyUnchanged(t *testing.T) {
func TestEntropyRace(t *testing.T) { func TestEntropyRace(t *testing.T) {
// Check that concurrent calls to Seed don't trigger the race detector. // Check that concurrent calls to Seed don't trigger the race detector.
for range 2 { for range 16 {
go func() { go func() {
_, _ = entropy.Seed(&memory) _, _ = entropy.Seed(&memory)
}() }()
} }
// Same, with the higher-level DRBG. More concurrent calls to hit the Pool. // Same, with the higher-level DRBG.
for range 16 { for range 16 {
go func() { go func() {
var b [64]byte var b [64]byte