Always pass in and check Q in TLS 1.3

In FIPS mode do an extra check that we did have Q, but it is always passed into the tls13 derive function from the callers. Signed-off-by: Simo Sorce <simo@redhat.com>
author: Simo Sorce <simo@redhat.com> 2019-05-20 17:13:12 -0400
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2019-05-23 11:35:12 +0200
commit: 30cd55456b574b2eadd0bea93ca12492441e0d5d (patch)
tree: 349453667651a2f51fa0f7dc4cda4dbe1328fb28 /lib/nettle/pk.c
parent: 12d98928e776ddc09f78d3e2c5b615872576c720 (diff)
download: gnutls-30cd55456b574b2eadd0bea93ca12492441e0d5d.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index 6bb2cef877..08117c2d82 100644
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -282,6 +282,11 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo,
 				ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
 				goto dh_cleanup;
 			}
+		} else if ((flags & PK_DERIVE_TLS13) &&
+			   _gnutls_fips_mode_enabled()) {
+			/* Mandatory in FIPS mode for TLS 1.3 */
+			ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+			goto dh_cleanup;
 		}
 
 		/* prevent denial of service */
author	Simo Sorce <simo@redhat.com>	2019-05-20 17:13:12 -0400
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2019-05-23 11:35:12 +0200
commit	30cd55456b574b2eadd0bea93ca12492441e0d5d (patch)
tree	349453667651a2f51fa0f7dc4cda4dbe1328fb28 /lib/nettle/pk.c
parent	12d98928e776ddc09f78d3e2c5b615872576c720 (diff)
download	gnutls-30cd55456b574b2eadd0bea93ca12492441e0d5d.tar.gz