36 lines
1.5 KiB
Diff
36 lines
1.5 KiB
Diff
diff -up libgcrypt-1.7.3/src/visibility.c.fips-reqs libgcrypt-1.7.3/src/visibility.c
|
|
--- libgcrypt-1.7.3/src/visibility.c.fips-reqs 2016-03-23 12:59:34.000000000 +0100
|
|
+++ libgcrypt-1.7.3/src/visibility.c 2016-11-22 16:29:36.992042480 +0100
|
|
@@ -1288,6 +1288,8 @@ gcry_kdf_derive (const void *passphrase,
|
|
unsigned long iterations,
|
|
size_t keysize, void *keybuffer)
|
|
{
|
|
+ if (!fips_is_operational ())
|
|
+ return gpg_error (fips_not_operational ());
|
|
return gpg_error (_gcry_kdf_derive (passphrase, passphraselen, algo, hashalgo,
|
|
salt, saltlen, iterations,
|
|
keysize, keybuffer));
|
|
@@ -1343,6 +1345,13 @@ void
|
|
gcry_mpi_randomize (gcry_mpi_t w,
|
|
unsigned int nbits, enum gcry_random_level level)
|
|
{
|
|
+ if (!fips_is_operational ())
|
|
+ {
|
|
+ (void)fips_not_operational ();
|
|
+ fips_signal_fatal_error ("called in non-operational state");
|
|
+ fips_noreturn ();
|
|
+ }
|
|
+
|
|
_gcry_mpi_randomize (w, nbits, level);
|
|
}
|
|
|
|
@@ -1368,6 +1377,8 @@ gcry_prime_generate (gcry_mpi_t *prime,
|
|
gcry_random_level_t random_level,
|
|
unsigned int flags)
|
|
{
|
|
+ if (!fips_is_operational ())
|
|
+ return gpg_error (fips_not_operational ());
|
|
return gpg_error (_gcry_prime_generate (prime, prime_bits, factor_bits,
|
|
factors, cb_func, cb_arg,
|
|
random_level, flags));
|