diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-12-04 15:48:49 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-12-04 15:48:49 +0100 |
commit | 4123494385f4c0916923a870c8a69cf664e99df4 (patch) | |
tree | c9d226e3fe255a61f3bf99a832979e66c82987c8 /lib/crypto-api.c | |
parent | d0b75ec928a2eb1a9d5b10ec2d0127111544c7a1 (diff) | |
download | gnutls-4123494385f4c0916923a870c8a69cf664e99df4.tar.gz |
removed zombie mode, and no longer use fips140.h
Diffstat (limited to 'lib/crypto-api.c')
-rw-r--r-- | lib/crypto-api.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/crypto-api.c b/lib/crypto-api.c index 8618e1a139..850e206898 100644 --- a/lib/crypto-api.c +++ b/lib/crypto-api.c @@ -317,8 +317,9 @@ gnutls_hmac_init(gnutls_hmac_hd_t * dig, { #ifdef ENABLE_FIPS140 /* MD5 is only allowed internally for TLS */ - if (_gnutls_get_lib_state() != LIB_STATE_SELFTEST && - _gnutls_get_lib_state() != LIB_STATE_ZOMBIE) { + if (gnutls_fips140_mode_enabled() != 0 && + _gnutls_get_lib_state() != LIB_STATE_SELFTEST) { + if (algorithm == GNUTLS_MAC_MD5) return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM); } @@ -463,8 +464,9 @@ gnutls_hash_init(gnutls_hash_hd_t * dig, { #ifdef ENABLE_FIPS140 /* MD5 is only allowed internally for TLS */ - if (_gnutls_get_lib_state() != LIB_STATE_SELFTEST && - _gnutls_get_lib_state() != LIB_STATE_ZOMBIE) { + if (gnutls_fips140_mode_enabled() != 0 && + _gnutls_get_lib_state() != LIB_STATE_SELFTEST) { + if (algorithm == GNUTLS_DIG_MD5) return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM); } |