Home GnuPG

fips: Rejection by GCRYCTL_FIPS_REJECT_NON_FIPS, not by open flags.

Description

fips: Rejection by GCRYCTL_FIPS_REJECT_NON_FIPS, not by open flags.

* src/gcrypt.h.in (GCRY_CIPHER_FLAG_REJECT_NON_FIPS): Remove.
(GCRY_MD_FLAG_REJECT_NON_FIPS): Remove.
(GCRY_MAC_FLAG_REJECT_NON_FIPS): Remove.
* tests/t-fips-service-ind.c: Update tests with
GCRYCTL_FIPS_REJECT_NON_FIPS.
* cipher/cipher.c (_gcry_cipher_open_internal, cipher_setkey): Use
fips_check_rejection.
* cipher/mac.c (mac_open): Likewise.
* cipher/md.c (struct gcry_md_context): Remove reject_non_fips.
(md_open, md_enable): Use fips_check_rejection.
(_gcry_md_enable, md_copy): Likewise.
  • GnuPG-bug-id: T7338
  • Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

Details

Provenance
gniibeAuthored on Fri, Dec 20, 1:38 AM
Parents
rCb4eb23dc01a4: Fix the previous change.
Branches
Unknown
Tags
Unknown
References
HEAD -> master
Tasks
T7338: Revamp the FIPS service indicator