Home GnuPG

Check if FIPS is operational and error return if not.

Description

Check if FIPS is operational and error return if not.

* src/visibility.c (gcry_kdf_derive): Add the check.
(gcry_prime_generate, gcry_prime_group_generator): Likewise.
(gcry_mpi_randomize): Likewise, but no return.

Original work was libgcrypt-1.7.3-fips-reqs.patch from Red Hat.

Also, adding the check to gcry_prime_group_generator.

  • GnuPG-bug-id: T5243
  • Co-authored-by: Tomáš Mráz <tm@t8m.info>
  • Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

Details

Provenance
gniibeAuthored on Jan 19 2021, 6:29 AM
Parents
rC7a0da2492536: kdf: Add selftest.
Branches
Unknown
Tags
Unknown
Tasks
T5243: libgcrypt "check if fips_is_operational and error return if not" patch for FIPS 140