From c483fdbfcfba9c86dbe93a096f120cc15f783d38 Mon Sep 17 00:00:00 2001 From: Filippo Valsorda Date: Wed, 20 Nov 2024 16:11:49 +0100 Subject: [PATCH] crypto/ed25519: fix TestAllocations in FIPS mode Change-Id: Ic36e95dba29d43e73ddf105d538c4795bc4ce557 Reviewed-on: https://go-review.googlesource.com/c/go/+/630097 Reviewed-by: Russ Cox Reviewed-by: Daniel McCarney Auto-Submit: Filippo Valsorda LUCI-TryBot-Result: Go LUCI Reviewed-by: Dmitri Shuralyov --- src/crypto/internal/fips/ed25519/cast.go | 26 +++++++++++++++--------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/src/crypto/internal/fips/ed25519/cast.go b/src/crypto/internal/fips/ed25519/cast.go index aa6ba668c02..8ac7a6f6884 100644 --- a/src/crypto/internal/fips/ed25519/cast.go +++ b/src/crypto/internal/fips/ed25519/cast.go @@ -14,19 +14,25 @@ import ( func fipsPCT(k *PrivateKey) error { return fips.PCT("Ed25519 sign and verify PCT", func() error { - msg := []byte("PCT") - sig := Sign(k, msg) - // Note that this runs pub.a.SetBytes. If we wanted to make key generation - // in FIPS mode faster, we could reuse A from GenerateKey. But another thing - // that could make it faster is just _not doing a useless self-test_. - pub, err := NewPublicKey(k.PublicKey()) - if err != nil { - return err - } - return Verify(pub, msg, sig) + return pairwiseTest(k) }) } +// pairwiseTest needs to be a top-level function declaration to let the calls +// inline and their allocations not escape. +func pairwiseTest(k *PrivateKey) error { + msg := []byte("PCT") + sig := Sign(k, msg) + // Note that this runs pub.a.SetBytes. If we wanted to make key generation + // in FIPS mode faster, we could reuse A from GenerateKey. But another thing + // that could make it faster is just _not doing a useless self-test_. + pub, err := NewPublicKey(k.PublicKey()) + if err != nil { + return err + } + return Verify(pub, msg, sig) +} + func signWithoutSelfTest(priv *PrivateKey, message []byte) []byte { signature := make([]byte, signatureSize) return signWithDom(signature, priv, message, domPrefixPure, "")