fips: Explicitly disable overriding random in FIPS mode.

* src/fips.c: (_gcry_fips_indicator_function): Mark using random override non-approved in FIPS mode. -- Signed-off-by: Jakub Jelen <jjelen@redhat.com>
author: Jakub Jelen <jjelen@redhat.com> 2023-03-06 16:05:07 +0100
committer: NIIBE Yutaka <gniibe@fsij.org> 2023-03-14 11:57:54 +0900
commit: e0a5a9eb8301991c28fae8632add8dacce81aeb4 (patch)
tree: e18914dc7ecba385bda0a924b7cfbcb2368f78b2
parent: 4c1c8a707f9652dbfad8f8b531d8b84556f655f1 (diff)
download: libgcrypt-e0a5a9eb8301991c28fae8632add8dacce81aeb4.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/src/fips.c b/src/fips.c
index cb547aa2..a7342030 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -450,7 +450,8 @@ _gcry_fips_indicator_function (va_list arg_ptr)
   if (strcmp (function, "gcry_pk_sign") == 0 ||
       strcmp (function, "gcry_pk_verify") == 0 ||
       strcmp (function, "gcry_pk_encrypt") == 0 ||
-      strcmp (function, "gcry_pk_decrypt") == 0)
+      strcmp (function, "gcry_pk_decrypt") == 0 ||
+      strcmp (function, "gcry_pk_random_override_new") == 0)
     return GPG_ERR_NOT_SUPPORTED;
 
   return GPG_ERR_NO_ERROR;
author	Jakub Jelen <jjelen@redhat.com>	2023-03-06 16:05:07 +0100
committer	NIIBE Yutaka <gniibe@fsij.org>	2023-03-14 11:57:54 +0900
commit	e0a5a9eb8301991c28fae8632add8dacce81aeb4 (patch)
tree	e18914dc7ecba385bda0a924b7cfbcb2368f78b2
parent	4c1c8a707f9652dbfad8f8b531d8b84556f655f1 (diff)
download	libgcrypt-e0a5a9eb8301991c28fae8632add8dacce81aeb4.tar.gz