diff options
| -rw-r--r-- | fuzz/Makefile.am | 2 | ||||
| -rw-r--r-- | lib/nettle/mac.c | 13 | ||||
| -rw-r--r-- | tests/simple.c | 16 |
3 files changed, 23 insertions, 8 deletions
diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am index 31690a1295..34a8919994 100644 --- a/fuzz/Makefile.am +++ b/fuzz/Makefile.am @@ -95,7 +95,7 @@ oss-fuzz: $$CC $$CFLAGS -I$(top_srcdir)/lib/includes/ -I$(top_srcdir) \ -c "$${fuzzer}.c" -o "$${fuzzer}.o" ; \ $$CXX $$CXXFLAGS "$${fuzzer}.o" -o "$${fuzzer}" \ - ../lib/.libs/libgnutls.a $${LIB_FUZZING_ENGINE} \ + $$LDFLAGS ../lib/.libs/libgnutls.a $${LIB_FUZZING_ENGINE} \ -Wl,-z,muldefs \ -Wl,-Bstatic \ $${XLIBS} \ diff --git a/lib/nettle/mac.c b/lib/nettle/mac.c index 1b20a0cf82..f9d4d7a8df 100644 --- a/lib/nettle/mac.c +++ b/lib/nettle/mac.c @@ -608,17 +608,20 @@ static int wrap_nettle_hash_exists(gnutls_digest_algorithm_t algo) case GNUTLS_DIG_SHA256: case GNUTLS_DIG_SHA384: case GNUTLS_DIG_SHA512: - return 1; + +#ifdef NETTLE_SHA3_FIPS202 case GNUTLS_DIG_SHA3_224: case GNUTLS_DIG_SHA3_256: case GNUTLS_DIG_SHA3_384: case GNUTLS_DIG_SHA3_512: -#ifdef NETTLE_SHA3_FIPS202 - return 1; -#else - return 0; #endif + + case GNUTLS_DIG_SHAKE_128: + case GNUTLS_DIG_SHAKE_256: + case GNUTLS_DIG_MD2: + case GNUTLS_DIG_RMD160: + #if ENABLE_GOST case GNUTLS_DIG_GOSTR_94: case GNUTLS_DIG_STREEBOG_256: diff --git a/tests/simple.c b/tests/simple.c index ef37e3689e..5e20c61182 100644 --- a/tests/simple.c +++ b/tests/simple.c @@ -88,7 +88,7 @@ void doit(void) if (gnutls_pk_get_id (gnutls_pk_algorithm_get_name(algs[i])) != algs[i]) - fail("gnutls_pk id's doesn't match\n"); + fail("gnutls_pk id doesn't match\n"); } pk = gnutls_pk_get_id("foo"); @@ -109,6 +109,8 @@ void doit(void) fail("gnutls_sign_list return NULL\n"); for (i = 0; algs[i]; i++) { + gnutls_digest_algorithm_t hash; + if (debug) printf("sign_list[%d] = %d = %s = %d\n", (int) i, algs[i], @@ -120,7 +122,17 @@ void doit(void) if (gnutls_sign_get_id (gnutls_sign_algorithm_get_name(algs[i])) != algs[i]) - fail("gnutls_sign id's doesn't match\n"); + fail("gnutls_sign id for %s doesn't match\n", + gnutls_sign_algorithm_get_name(algs[i])); + + hash = gnutls_sign_get_hash_algorithm(algs[i]); + if (hash != GNUTLS_DIG_UNKNOWN) { + const char *name = gnutls_digest_get_name(hash); + if (gnutls_digest_get_id(name) != hash) + fail("gnutls_digest id for %s doesn't match %s\n", + gnutls_sign_algorithm_get_name(algs[i]), + name); + } } pk = gnutls_sign_get_id("foo"); |