fips140: set the key via a configure argument

author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2015-09-22 08:31:04 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2015-09-22 08:46:37 +0200
commit: 0967e498a5c506947962c33dbe48070c064dd270 (patch)
tree: 1154583b0e876eb869b2eec9f55ea2b7f9f6ef04 /lib/fips.c
parent: 2d4d9ec52dc6c14887cfe411a3a44e3eea153f56 (diff)
download: gnutls-0967e498a5c506947962c33dbe48070c064dd270.tar.gz
1 files changed, 1 insertions, 3 deletions
diff --git a/lib/fips.c b/lib/fips.c
index 54a706c27a..2fdc80a4d5 100644
--- a/lib/fips.c
+++ b/lib/fips.c
@@ -114,8 +114,6 @@ void _gnutls_fips_mode_reset_zombie(void)
 #define HOGWEED_LIBRARY_NAME "libhogweed.so.2"
 #define GMP_LIBRARY_NAME "libgmp.so.10"
 
-static const char fips_key[] = "orboDeJITITejsirpADONivirpUkvarP";
-
 #define HMAC_SUFFIX ".hmac"
 #define HMAC_SIZE 32
 #define HMAC_ALGO GNUTLS_MAC_SHA256
@@ -203,7 +201,7 @@ static unsigned check_binary_integrity(const char* libname, const char* symbol)
 
 	prev = _gnutls_get_lib_state();
 	_gnutls_switch_lib_state(LIB_STATE_OPERATIONAL);
-	ret = gnutls_hmac_fast(HMAC_ALGO, fips_key, sizeof(fips_key)-1,
+	ret = gnutls_hmac_fast(HMAC_ALGO, FIPS_KEY, sizeof(FIPS_KEY)-1,
 		data.data, data.size, new_hmac);
 	_gnutls_switch_lib_state(prev);
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2015-09-22 08:31:04 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2015-09-22 08:46:37 +0200
commit	0967e498a5c506947962c33dbe48070c064dd270 (patch)
tree	1154583b0e876eb869b2eec9f55ea2b7f9f6ef04 /lib/fips.c
parent	2d4d9ec52dc6c14887cfe411a3a44e3eea153f56 (diff)
download	gnutls-0967e498a5c506947962c33dbe48070c064dd270.tar.gz