Home GnuPG
Diffusion libgcrypt c88672a327f6

fips: Add explicit indicators for md and mac algorithms.
c88672a327f6
Actions

Description

fips: Add explicit indicators for md and mac algorithms.

* src/fips.c (_gcry_fips_indicator_mac): New function indicating
non-approved mac algorithms.
(_gcry_fips_indicator_md): new functions indicating non-approved
message digest algorithms.
* src/g10lib.h (_gcry_fips_indicator_mac): New function.
(_gcry_fips_indicator_md): Ditto.
* src/gcrypt.h.in (enum gcry_ctl_cmds): New symbols,
GCRYCTL_FIPS_SERVICE_INDICATOR_MAC and
GCRYCTL_FIPS_SERVICE_INDICATOR_MD.
* src/global.c (_gcry_vcontrol): Handle new FIPS indicators.
  • GnuPG-bug-id: T6376
  • Signed-off-by: Tobias Heider <tobias.heider@canonical.com>

Details

Provenance
tobheAuthored on Feb 16 2023, 3:20 AM
gniibeCommitted on Mar 8 2023, 2:18 AM
Parents
rCf5fe94810f30: kdf: Update tests in regards to the allowed parameters in FIPS mode.
Branches
Unknown
Tags
Unknown
Tasks
T6376: FIPS 140-3: add explicit indicators for md and mac to unblock MD5 in apt

Changes (4)

PathSize
src/

rCc88672a327f6

View Options

src/fips.c

Loading...
View Options

src/g10lib.h

Loading...
View Options

src/gcrypt.h.in

Loading...
View Options

src/global.c

Loading...