Overview

File gnutls-FIPS-p192-disabled.patch of Package gnutls.36178

Index: gnutls-3.8.3/lib/nettle/pk.c
===================================================================
--- gnutls-3.8.3.orig/lib/nettle/pk.c
+++ gnutls-3.8.3/lib/nettle/pk.c
@@ -1622,6 +1622,11 @@ static int _wrap_nettle_pk_verify(gnutls
 			goto cleanup;
 		}
 
+		/* P-192 is not supported in FIPS 140-3 */
+		if (curve_id == GNUTLS_ECC_CURVE_SECP192R1) {
+			not_approved = true;
+		}
+
 		ret = _gnutls_decode_ber_rs(signature, &tmp[0], &tmp[1]);
 		if (ret < 0) {
 			gnutls_assert();
openSUSE Build Service is sponsored by
Places