hash: allow non-security MD5 use in FIPS mode

gnutls running in the FIPS140-2 mode does not allow MD5 to be initialized, which breaks chronyd using MD5 to calculate reference ID of IPv6 addresses. Specify a new hash algorithm for non-security MD5 use and temporarily switch to the lax mode when initializing the hash function.
2025-12-03 18:05:06 -05:00 · 2021-09-02 11:44:15 +02:00
parent f363998517
commit 36441fabde
8 changed files with 28 additions and 3 deletions
--- a/hash_gnutls.c
+++ b/hash_gnutls.c
@@ -40,6 +40,7 @@ struct hash {
 };

 static struct hash hashes[] = {
+  { HSH_MD5_NONCRYPTO, GNUTLS_DIG_MD5, NULL },
  { HSH_MD5, GNUTLS_DIG_MD5, NULL },
  { HSH_SHA1, GNUTLS_DIG_SHA1, NULL },
  { HSH_SHA256, GNUTLS_DIG_SHA256, NULL },
@@ -77,7 +78,14 @@ HSH_GetHashId(HSH_Algorithm algorithm)
  if (hashes[id].handle)
    return id;

+  if (algorithm == HSH_MD5_NONCRYPTO)
+    GNUTLS_FIPS140_SET_LAX_MODE();
+
  r = gnutls_hash_init(&hashes[id].handle, hashes[id].type);
+
+  if (algorithm == HSH_MD5_NONCRYPTO)
+    GNUTLS_FIPS140_SET_STRICT_MODE();
+
  if (r < 0) {
    DEBUG_LOG("Could not initialise %s : %s", "hash", gnutls_strerror(r));
    hashes[id].handle = NULL;