diff options
| -rw-r--r-- | lib/crypto/c_src/mac.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/lib/crypto/c_src/mac.c b/lib/crypto/c_src/mac.c index ed09dae8e4..cec9996afc 100644 --- a/lib/crypto/c_src/mac.c +++ b/lib/crypto/c_src/mac.c @@ -245,7 +245,11 @@ ERL_NIF_TERM mac_one_time(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) return_term = EXCP_NOTSUP(env, "Unsupported digest algorithm"); goto err; } - + if (DIGEST_FORBIDDEN_IN_FIPS(digp)) + { + return_term = EXCP_NOTSUP(env, "Digest algorithm for HMAC forbidden in FIPS"); + goto err; + } md = digp->md.p; #ifdef HAS_EVP_PKEY_CTX @@ -522,7 +526,11 @@ ERL_NIF_TERM mac_init_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) return_term = EXCP_NOTSUP(env, "Unsupported digest algorithm"); goto err; } - + if (DIGEST_FORBIDDEN_IN_FIPS(digp)) + { + return_term = EXCP_NOTSUP(env, "Digest algorithm for HMAC forbidden in FIPS"); + goto err; + } md = digp->md.p; # ifdef HAVE_PKEY_new_raw_private_key |