Don't advertise or use MD5 for TLS v1.2 in FIPS mode

author Dr. Stephen Henson <steve@openssl.org>

Wed, 25 May 2011 15:31:32 +0000 (15:31 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Wed, 25 May 2011 15:31:32 +0000 (15:31 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Wed, 25 May 2011 15:31:32 +0000 (15:31 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Wed, 25 May 2011 15:31:32 +0000 (15:31 +0000)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c

index e673ec007c6551d2c77fadc0cf6bd0986ba00df4..43ca29adcd501be777d1c9ba68ef109afe3c0128 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -317,9 +317,15 @@ static unsigned char tls12_sigalgs[] = {
  
  int tls12_get_req_sig_algs(SSL *s, unsigned char *p)
         {
+       size_t slen = sizeof(tls12_sigalgs);
+#ifdef OPENSSL_FIPS
+       /* If FIPS mode don't include MD5 which is last */
+       if (FIPS_mode())
+               slen -= 2;
+#endif
         if (p)
-               memcpy(p, tls12_sigalgs, sizeof(tls12_sigalgs));
-       return (int)sizeof(tls12_sigalgs);
+               memcpy(p, tls12_sigalgs, slen);
+       return (int)slen;
         }
  
  unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
@@ -2066,6 +2072,10 @@ const EVP_MD *tls12_get_hash(unsigned char hash_alg)
                 {
  #ifndef OPENSSL_NO_MD5
                 case TLSEXT_hash_md5:
+#ifdef OPENSSL_FIPS
+               if (FIPS_mode())
+                       return NULL;
+#endif
                 return EVP_md5();
  #endif
  #ifndef OPENSSL_NO_SHA
author	Dr. Stephen Henson <steve@openssl.org>
	Wed, 25 May 2011 15:31:32 +0000 (15:31 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Wed, 25 May 2011 15:31:32 +0000 (15:31 +0000)