diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-22 12:27:57 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-27 11:41:44 +0100 |
commit | 9bab9962c2f423ba7cd8e774cf571632a7672eba (patch) | |
tree | 3d8f72a5f480ac5fa9530c3649268d8337a6c75a /lib/crypto-api.c | |
parent | 0d0bd4ce53623590fd1009e59bda0af05413afdf (diff) | |
download | gnutls-9bab9962c2f423ba7cd8e774cf571632a7672eba.tar.gz |
gnutls_key_generate() is restricted by the size of the initial RNG seed in FIPS140-2 mode.
Diffstat (limited to 'lib/crypto-api.c')
-rw-r--r-- | lib/crypto-api.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/lib/crypto-api.c b/lib/crypto-api.c index 354dd14b6c..0f421fae22 100644 --- a/lib/crypto-api.c +++ b/lib/crypto-api.c @@ -28,6 +28,7 @@ #include <algorithms.h> #include <random.h> #include <crypto.h> +#include <fips.h> typedef struct api_cipher_hd_st { cipher_hd_st ctx_enc; @@ -576,6 +577,14 @@ int gnutls_key_generate(gnutls_datum_t * key, unsigned int key_size) { int ret; +#ifdef ENABLE_FIPS140 + /* The FIPS140 approved RNGs are not allowed to be used + * to extract key sizes longer than their original seed. + */ + if (key_size > FIPS140_RND_KEY_SIZE) + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); +#endif + key->size = key_size; key->data = gnutls_malloc(key->size); if (!key->data) { |