Do not allow MD5 in the high level crypto-api in FIPS mode.

1 files changed, 12 insertions, 0 deletions

diff --git a/lib/crypto-api.c b/lib/crypto-api.c
index 4a56bedd3c..354dd14b6c 100644
--- a/lib/crypto-api.c
+++ b/lib/crypto-api.c
@@ -314,6 +314,12 @@ gnutls_hmac_init(gnutls_hmac_hd_t * dig,
 		 gnutls_mac_algorithm_t algorithm,
 		 const void *key, size_t keylen)
 {
+#ifdef ENABLE_FIPS140
+	/* MD5 is only allowed internally for TLS */
+	if (algorithm == GNUTLS_MAC_MD5)
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+#endif
+
 	*dig = gnutls_malloc(sizeof(mac_hd_st));
 	if (*dig == NULL) {
 		gnutls_assert();
@@ -451,6 +457,12 @@ int
 gnutls_hash_init(gnutls_hash_hd_t * dig,
 		 gnutls_digest_algorithm_t algorithm)
 {
+#ifdef ENABLE_FIPS140
+	/* MD5 is only allowed internally for TLS */
+	if (algorithm == GNUTLS_DIG_MD5)
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+#endif
+
 	*dig = gnutls_malloc(sizeof(digest_hd_st));
 	if (*dig == NULL) {
 		gnutls_assert();