[go/release-branch.go1.26] [release-branch.go1.26] crypto/internal/fips140/drbg: fix Wasm stub

0 views
Skip to first unread message

Gopher Robot (Gerrit)

unread,
May 15, 2026, 12:23:16 PM (17 hours ago) May 15
to Filippo Valsorda, goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, Dmitri Shuralyov, Dmitri Shuralyov, Cherry Mui, golang...@luci-project-accounts.iam.gserviceaccount.com, Roland Shoemaker, golang-co...@googlegroups.com

Gopher Robot submitted the change

Change information

Commit message:
[release-branch.go1.26] crypto/internal/fips140/drbg: fix Wasm stub

This partially reverts CL 758361. The result is functionally equivalent,
but the previous readFromEntropy function was actually reading from a
DRBG which in turn is seeded from the Entropy Source (and mixed with the
system RNG), not directly from the Entropy Source. I'm sorry to be
pedantic about this but

  1. the whole randomness and entropy machinery is already very complex
     and we should avoid any confusion;

  2. this is the kind of code that auditors might read, and they have a
     dreadful sense of humor.

I also slightly prefer having fewer levels of indirection, and we
already have the getEntropy function to stub out.

Updates #78321
Fixes #79226

Change-Id: Ic95bbb0061b7d519f2a1e80c667f4f8b6a6a6964
Reviewed-on: https://go-review.googlesource.com/c/go/+/774221
Auto-Submit: Filippo Valsorda <fil...@golang.org>
Reviewed-by: Roland Shoemaker <rol...@golang.org>
Reviewed-by: Cherry Mui <cher...@google.com>
LUCI-TryBot-Result: golang...@luci-project-accounts.iam.gserviceaccount.com <golang...@luci-project-accounts.iam.gserviceaccount.com>
(cherry picked from commit 1bd98fab2ca1bcb8ab75a36b3fa5436f6debae02)
Reviewed-on: https://go-review.googlesource.com/c/go/+/774980
Reviewed-by: Dmitri Shuralyov <dmit...@google.com>
Auto-Submit: Dmitri Shuralyov <dmit...@google.com>
Files:
  • M src/crypto/internal/fips140/drbg/entropy_fips140.go
  • M src/crypto/internal/fips140/drbg/entropy_wasm.go
  • M src/crypto/internal/fips140/drbg/rand.go
Change size: M
Delta: 3 files changed, 54 insertions(+), 62 deletions(-)
Branch: refs/heads/release-branch.go1.26
Submit Requirements:
Open in Gerrit
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
Gerrit-MessageType: merged
Gerrit-Project: go
Gerrit-Branch: release-branch.go1.26
Gerrit-Change-Id: Ic95bbb0061b7d519f2a1e80c667f4f8b6a6a6964
Gerrit-Change-Number: 774980
Gerrit-PatchSet: 3
Gerrit-Owner: Filippo Valsorda <fil...@golang.org>
Gerrit-Reviewer: Cherry Mui <cher...@google.com>
Gerrit-Reviewer: Dmitri Shuralyov <dmit...@google.com>
Gerrit-Reviewer: Filippo Valsorda <fil...@golang.org>
Gerrit-Reviewer: Gopher Robot <go...@golang.org>
Gerrit-Reviewer: Roland Shoemaker <rol...@golang.org>
Gerrit-CC: Dmitri Shuralyov <dmit...@golang.org>
open
diffy
satisfied_requirement
Reply all
Reply to author
Forward
0 new messages