crypto/ecdsa: fix condition for FIPS check

2024-12-18 12:33:28 -03:00 · 2024-12-18 12:33:28 -03:00 · 11f0b452f5
parent 95b433eed4
commit 11f0b452f5
1 changed files with 1 additions and 1 deletions
--- a/src/crypto/ecdsa/ecdsa.go
+++ b/src/crypto/ecdsa/ecdsa.go
@ -183,7 +183,7 @@ func GenerateKey(c elliptic.Curve, rand io.Reader) (*PrivateKey, error) {
 }

 func generateFIPS[P ecdsa.Point[P]](curve elliptic.Curve, c *ecdsa.Curve[P], rand io.Reader) (*PrivateKey, error) {
-	if fips140only.Enabled && fips140only.ApprovedRandomReader(rand) {
+	if fips140only.Enabled && !fips140only.ApprovedRandomReader(rand) {
 		return nil, errors.New("crypto/ecdsa: only crypto/rand.Reader is allowed in FIPS 140-only mode")
 	}
 	privateKey, err := ecdsa.GenerateKey(c, rand)