Blame SOURCES/gnutls-3.7.6-fips-ecdsa-hash-check.patch

a74aed
From 171b934a8c054e98b110892cae4130e1db64e656 Mon Sep 17 00:00:00 2001
a74aed
From: rpm-build <rpm-build>
a74aed
Date: Thu, 29 Sep 2022 21:28:19 +0900
a74aed
Subject: [PATCH] gnutls-3.7.6-fips-ecdsa-hash-check.patch
a74aed
a74aed
---
a74aed
 lib/crypto-backend.h |  12 ++--
a74aed
 lib/nettle/pk.c      |  33 +++++-----
a74aed
 lib/privkey.c        |  42 ++++++++----
a74aed
 lib/pubkey.c         |   5 +-
a74aed
 tests/fips-test.c    | 150 ++++++++++++++++++++++++++++++++++++++++++-
a74aed
 5 files changed, 205 insertions(+), 37 deletions(-)
a74aed
a74aed
diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h
a74aed
index f0f68c3..4dd1ae2 100644
a74aed
--- a/lib/crypto-backend.h
a74aed
+++ b/lib/crypto-backend.h
a74aed
@@ -247,11 +247,13 @@ typedef enum {
a74aed
 	GNUTLS_PK_FLAG_RSA_PSS_FIXED_SALT_LENGTH = 4
a74aed
 } gnutls_pk_flag_t;
a74aed
 
a74aed
-#define FIX_SIGN_PARAMS(params, flags, dig) do {		\
a74aed
-	if ((flags) & GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE) {	\
a74aed
-		(params).flags |= GNUTLS_PK_FLAG_REPRODUCIBLE;	\
a74aed
-		(params).dsa_dig = (dig);			\
a74aed
-	}							\
a74aed
+#define FIX_SIGN_PARAMS(params, flags, dig) do {			\
a74aed
+	if ((flags) & GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE) {		\
a74aed
+		(params).flags |= GNUTLS_PK_FLAG_REPRODUCIBLE;		\
a74aed
+	}								\
a74aed
+	if ((params).pk == GNUTLS_PK_DSA || (params).pk == GNUTLS_PK_ECDSA) { \
a74aed
+		(params).dsa_dig = (dig);				\
a74aed
+	}								\
a74aed
 } while (0)
a74aed
 
a74aed
 void gnutls_pk_params_release(gnutls_pk_params_st * p);
a74aed
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
a74aed
index f38016b..c098e2a 100644
a74aed
--- a/lib/nettle/pk.c
a74aed
+++ b/lib/nettle/pk.c
a74aed
@@ -1104,8 +1104,16 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
a74aed
 			me = _gnutls_dsa_q_to_hash(pk_params,
a74aed
 						   &hash_len);
a74aed
 
a74aed
+			if (hash_len > vdata->size) {
a74aed
+				gnutls_assert();
a74aed
+				_gnutls_debug_log
a74aed
+				    ("Security level of algorithm requires hash %s(%d) or better\n",
a74aed
+				     _gnutls_mac_get_name(me), hash_len);
a74aed
+				hash_len = vdata->size;
a74aed
+			}
a74aed
+
a74aed
 			/* Only SHA-2 is allowed in FIPS 140-3 */
a74aed
-			switch (me->id) {
a74aed
+			switch (DIG_TO_MAC(sign_params->dsa_dig)) {
a74aed
 			case GNUTLS_MAC_SHA256:
a74aed
 			case GNUTLS_MAC_SHA384:
a74aed
 			case GNUTLS_MAC_SHA512:
a74aed
@@ -1115,14 +1123,6 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
a74aed
 				not_approved = true;
a74aed
 			}
a74aed
 
a74aed
-			if (hash_len > vdata->size) {
a74aed
-				gnutls_assert();
a74aed
-				_gnutls_debug_log
a74aed
-				    ("Security level of algorithm requires hash %s(%d) or better\n",
a74aed
-				     _gnutls_mac_get_name(me), hash_len);
a74aed
-				hash_len = vdata->size;
a74aed
-			}
a74aed
-
a74aed
 			mpz_init(k);
a74aed
 			if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST ||
a74aed
 			    (sign_params->flags & GNUTLS_PK_FLAG_REPRODUCIBLE)) {
a74aed
@@ -1545,7 +1545,6 @@ _wrap_nettle_pk_verify(gnutls_pk_algorithm_t algo,
a74aed
 			struct dsa_signature sig;
a74aed
 			int curve_id = pk_params->curve;
a74aed
 			const struct ecc_curve *curve;
a74aed
-			const mac_entry_st *me;
a74aed
 
a74aed
 			curve = get_supported_nist_curve(curve_id);
a74aed
 			if (curve == NULL) {
a74aed
@@ -1571,11 +1570,14 @@ _wrap_nettle_pk_verify(gnutls_pk_algorithm_t algo,
a74aed
 			memcpy(sig.r, tmp[0], SIZEOF_MPZT);
a74aed
 			memcpy(sig.s, tmp[1], SIZEOF_MPZT);
a74aed
 
a74aed
-			me = _gnutls_dsa_q_to_hash(pk_params, &hash_len);
a74aed
+			(void)_gnutls_dsa_q_to_hash(pk_params, &hash_len);
a74aed
+
a74aed
+			if (hash_len > vdata->size)
a74aed
+				hash_len = vdata->size;
a74aed
 
a74aed
 			/* SHA-1 is allowed for SigVer in FIPS 140-3 in legacy
a74aed
 			 * mode */
a74aed
-			switch (me->id) {
a74aed
+			switch (DIG_TO_MAC(sign_params->dsa_dig)) {
a74aed
 			case GNUTLS_MAC_SHA1:
a74aed
 			case GNUTLS_MAC_SHA256:
a74aed
 			case GNUTLS_MAC_SHA384:
a74aed
@@ -1586,9 +1588,6 @@ _wrap_nettle_pk_verify(gnutls_pk_algorithm_t algo,
a74aed
 				not_approved = true;
a74aed
 			}
a74aed
 
a74aed
-			if (hash_len > vdata->size)
a74aed
-				hash_len = vdata->size;
a74aed
-
a74aed
 			ret =
a74aed
 			    ecdsa_verify(&pub, hash_len, vdata->data,
a74aed
 					 &sig);
a74aed
@@ -2390,8 +2389,10 @@ static int pct_test(gnutls_pk_algorithm_t algo, const gnutls_pk_params_st* param
a74aed
 
a74aed
 	if (algo == GNUTLS_PK_DSA || algo == GNUTLS_PK_EC) {
a74aed
 		unsigned hash_len;
a74aed
+		const mac_entry_st *me;
a74aed
 
a74aed
-		_gnutls_dsa_q_to_hash(params, &hash_len);
a74aed
+		me = _gnutls_dsa_q_to_hash(params, &hash_len);
a74aed
+		spki.dsa_dig = MAC_TO_DIG(me->id);
a74aed
 		gen_data = gnutls_malloc(hash_len);
a74aed
 		gnutls_rnd(GNUTLS_RND_NONCE, gen_data, hash_len);
a74aed
 
a74aed
diff --git a/lib/privkey.c b/lib/privkey.c
a74aed
index 0b77443..2069fc0 100644
a74aed
--- a/lib/privkey.c
a74aed
+++ b/lib/privkey.c
a74aed
@@ -1251,27 +1251,36 @@ gnutls_privkey_sign_hash2(gnutls_privkey_t signer,
a74aed
 		se = _gnutls_sign_to_entry(GNUTLS_SIGN_RSA_RAW);
a74aed
 	} else {
a74aed
 		se = _gnutls_sign_to_entry(algo);
a74aed
-		if (unlikely(se == NULL))
a74aed
-			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
a74aed
-
a74aed
+		if (unlikely(se == NULL)) {
a74aed
+			ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
a74aed
+			goto cleanup;
a74aed
+		}
a74aed
 	}
a74aed
 
a74aed
 	ret = _gnutls_privkey_get_spki_params(signer, &params);
a74aed
 	if (ret < 0) {
a74aed
 		gnutls_assert();
a74aed
-		return ret;
a74aed
+		goto cleanup;
a74aed
 	}
a74aed
 
a74aed
 	ret = _gnutls_privkey_update_spki_params(signer, se->pk, se->hash,
a74aed
 					         flags, &params);
a74aed
 	if (ret < 0) {
a74aed
 		gnutls_assert();
a74aed
-		return ret;
a74aed
+		goto cleanup;
a74aed
 	}
a74aed
 
a74aed
 	FIX_SIGN_PARAMS(params, flags, se->hash);
a74aed
 
a74aed
-	return privkey_sign_prehashed(signer, se, hash_data, signature, &params);
a74aed
+	ret = privkey_sign_prehashed(signer, se, hash_data, signature, &params);
a74aed
+
a74aed
+ cleanup:
a74aed
+	if (ret < 0) {
a74aed
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
a74aed
+	} else {
a74aed
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
a74aed
+	}
a74aed
+	return ret;
a74aed
 }
a74aed
 
a74aed
 int
a74aed
@@ -1366,14 +1375,14 @@ gnutls_privkey_sign_hash(gnutls_privkey_t signer,
a74aed
 	ret = _gnutls_privkey_get_spki_params(signer, &params);
a74aed
 	if (ret < 0) {
a74aed
 		gnutls_assert();
a74aed
-		return ret;
a74aed
+		goto cleanup;
a74aed
 	}
a74aed
 
a74aed
 	ret = _gnutls_privkey_update_spki_params(signer, signer->pk_algorithm,
a74aed
 					       hash_algo, flags, &params);
a74aed
 	if (ret < 0) {
a74aed
 		gnutls_assert();
a74aed
-		return ret;
a74aed
+		goto cleanup;
a74aed
 	}
a74aed
 
a74aed
 	/* legacy callers of this API could use a hash algorithm of 0 (unknown)
a74aed
@@ -1391,13 +1400,22 @@ gnutls_privkey_sign_hash(gnutls_privkey_t signer,
a74aed
 		se = _gnutls_pk_to_sign_entry(params.pk, hash_algo);
a74aed
 	}
a74aed
 
a74aed
-	if (unlikely(se == NULL))
a74aed
-		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
a74aed
+	if (unlikely(se == NULL)) {
a74aed
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
a74aed
+		goto cleanup;
a74aed
+	}
a74aed
 
a74aed
 	FIX_SIGN_PARAMS(params, flags, hash_algo);
a74aed
 
a74aed
-	return privkey_sign_prehashed(signer, se,
a74aed
-				      hash_data, signature, &params);
a74aed
+	ret = privkey_sign_prehashed(signer, se,
a74aed
+				     hash_data, signature, &params);
a74aed
+ cleanup:
a74aed
+	if (ret < 0) {
a74aed
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
a74aed
+	} else {
a74aed
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
a74aed
+	}
a74aed
+	return ret;
a74aed
 }
a74aed
 
a74aed
 static int
a74aed
diff --git a/lib/pubkey.c b/lib/pubkey.c
a74aed
index eba1f5b..35126f3 100644
a74aed
--- a/lib/pubkey.c
a74aed
+++ b/lib/pubkey.c
a74aed
@@ -1985,7 +1985,7 @@ gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key,
a74aed
  * parameters (if any) with the signature algorithm */
a74aed
 static
a74aed
 int fixup_spki_params(const gnutls_pk_params_st *key_params, const gnutls_sign_entry_st *se,
a74aed
-		       const mac_entry_st *me, gnutls_x509_spki_st *params)
a74aed
+		      const mac_entry_st *me, gnutls_x509_spki_st *params)
a74aed
 {
a74aed
 	unsigned bits;
a74aed
 
a74aed
@@ -2018,6 +2018,9 @@ int fixup_spki_params(const gnutls_pk_params_st *key_params, const gnutls_sign_e
a74aed
 
a74aed
 		if (params->rsa_pss_dig != se->hash)
a74aed
 			return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR);
a74aed
+	} else if (params->pk == GNUTLS_PK_DSA ||
a74aed
+		   params->pk == GNUTLS_PK_ECDSA) {
a74aed
+		params->dsa_dig = se->hash;
a74aed
 	}
a74aed
 
a74aed
 	return 0;
a74aed
diff --git a/tests/fips-test.c b/tests/fips-test.c
a74aed
index 788f4ab..ec0f4b4 100644
a74aed
--- a/tests/fips-test.c
a74aed
+++ b/tests/fips-test.c
a74aed
@@ -80,8 +80,22 @@ static const gnutls_datum_t rsa2342_sha1_sig = {
a74aed
 	.size = sizeof(rsa2342_sha1_sig_data),
a74aed
 };
a74aed
 
a74aed
+static const uint8_t ecc256_sha1_sig_data[] = {
a74aed
+	0x30, 0x45, 0x02, 0x21, 0x00, 0x9a, 0x28, 0xc9, 0xbf, 0xc8, 0x70, 0x4f, 
a74aed
+	0x27, 0x2d, 0xe1, 0x66, 0xc4, 0xa5, 0xc6, 0xf2, 0xdc, 0x33, 0xb9, 0x41, 
a74aed
+	0xdf, 0x78, 0x98, 0x8a, 0x22, 0x4d, 0x29, 0x37, 0xa0, 0x0f, 0x6f, 0xd4, 
a74aed
+	0xed, 0x02, 0x20, 0x0b, 0x15, 0xca, 0x30, 0x09, 0x2d, 0x55, 0x44, 0xb4, 
a74aed
+	0x1d, 0x3f, 0x48, 0x7a, 0xc3, 0xd1, 0x2a, 0xc1, 0x0e, 0x47, 0xfa, 0xe6, 
a74aed
+	0xe9, 0x0f, 0x03, 0xe2, 0x01, 0x4e, 0xe4, 0x73, 0x37, 0xa7, 0x90, 
a74aed
+};
a74aed
+
a74aed
+static const gnutls_datum_t ecc256_sha1_sig = {
a74aed
+	.data = (unsigned char *)ecc256_sha1_sig_data,
a74aed
+	.size = sizeof(ecc256_sha1_sig_data),
a74aed
+};
a74aed
+
a74aed
 static void
a74aed
-rsa_import_keypair(gnutls_privkey_t *privkey, gnutls_pubkey_t *pubkey,
a74aed
+import_keypair(gnutls_privkey_t *privkey, gnutls_pubkey_t *pubkey,
a74aed
 		   const char *filename)
a74aed
 {
a74aed
 	const char *srcdir;
a74aed
@@ -274,6 +288,8 @@ void doit(void)
a74aed
 	gnutls_datum_t signature;
a74aed
 	unsigned int bits;
a74aed
 	uint8_t hmac[64];
a74aed
+	uint8_t hash[64];
a74aed
+	gnutls_datum_t hashed_data;
a74aed
 	uint8_t pbkdf2[64];
a74aed
 	gnutls_datum_t temp_key = { NULL, 0 };
a74aed
 
a74aed
@@ -473,7 +489,7 @@ void doit(void)
a74aed
 
a74aed
 	/* Import 2432-bit RSA key; not a security function */
a74aed
 	FIPS_PUSH_CONTEXT();
a74aed
-	rsa_import_keypair(&privkey, &pubkey, "rsa-2432.pem");
a74aed
+	import_keypair(&privkey, &pubkey, "rsa-2432.pem");
a74aed
 	FIPS_POP_CONTEXT(INITIAL);
a74aed
 
a74aed
 	/* Create a signature with 2432-bit RSA and SHA256; approved */
a74aed
@@ -519,7 +535,7 @@ void doit(void)
a74aed
 
a74aed
 	/* Import 512-bit RSA key; not a security function */
a74aed
 	FIPS_PUSH_CONTEXT();
a74aed
-	rsa_import_keypair(&privkey, &pubkey, "rsa-512.pem");
a74aed
+	import_keypair(&privkey, &pubkey, "rsa-512.pem");
a74aed
 	FIPS_POP_CONTEXT(INITIAL);
a74aed
 
a74aed
 	/* Create a signature with 512-bit RSA and SHA256; not approved */
a74aed
@@ -543,6 +559,134 @@ void doit(void)
a74aed
 	gnutls_pubkey_deinit(pubkey);
a74aed
 	gnutls_privkey_deinit(privkey);
a74aed
 
a74aed
+	/* Import ECDSA key; not a security function */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	import_keypair(&privkey, &pubkey, "ecc256.pem");
a74aed
+	FIPS_POP_CONTEXT(INITIAL);
a74aed
+
a74aed
+	/* Create a signature with ECDSA and SHA256; approved */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	ret = gnutls_privkey_sign_data2(privkey, GNUTLS_SIGN_ECDSA_SHA256, 0,
a74aed
+					&data, &signature);
a74aed
+	if (ret < 0) {
a74aed
+		fail("gnutls_privkey_sign_data2 failed\n");
a74aed
+	}
a74aed
+	FIPS_POP_CONTEXT(APPROVED);
a74aed
+
a74aed
+	/* Verify a signature with ECDSA and SHA256; approved */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	ret = gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_ECDSA_SHA256, 0,
a74aed
+					 &data, &signature);
a74aed
+	if (ret < 0) {
a74aed
+		fail("gnutls_pubkey_verify_data2 failed\n");
a74aed
+	}
a74aed
+	FIPS_POP_CONTEXT(APPROVED);
a74aed
+	gnutls_free(signature.data);
a74aed
+
a74aed
+	/* Create a signature with ECDSA and SHA256 (old API); approved */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA256, 0,
a74aed
+				       &data, &signature);
a74aed
+	if (ret < 0) {
a74aed
+		fail("gnutls_privkey_sign_data failed\n");
a74aed
+	}
a74aed
+	FIPS_POP_CONTEXT(APPROVED);
a74aed
+
a74aed
+	/* Create a SHA256 hashed data for 2-pass signature API; not a
a74aed
+	 * crypto operation */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	ret = gnutls_hash_fast(GNUTLS_DIG_SHA256, data.data, data.size, hash);
a74aed
+	if (ret < 0) {
a74aed
+		fail("gnutls_hash_fast failed\n");
a74aed
+	}
a74aed
+	hashed_data.data = hash;
a74aed
+	hashed_data.size = 32;
a74aed
+	FIPS_POP_CONTEXT(INITIAL);
a74aed
+
a74aed
+	/* Create a signature with ECDSA and SHA256 (2-pass API); not-approved */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	ret = gnutls_privkey_sign_hash2(privkey, GNUTLS_SIGN_ECDSA_SHA256, 0,
a74aed
+					&hashed_data, &signature);
a74aed
+	if (ret < 0) {
a74aed
+		fail("gnutls_privkey_sign_hash2 failed\n");
a74aed
+	}
a74aed
+	FIPS_POP_CONTEXT(NOT_APPROVED);
a74aed
+	gnutls_free(signature.data);
a74aed
+
a74aed
+	/* Create a signature with ECDSA and SHA256 (2-pass old API); not-approved */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	ret = gnutls_privkey_sign_hash(privkey, GNUTLS_DIG_SHA256, 0,
a74aed
+					&hashed_data, &signature);
a74aed
+	if (ret < 0) {
a74aed
+		fail("gnutls_privkey_sign_hash failed\n");
a74aed
+	}
a74aed
+	FIPS_POP_CONTEXT(NOT_APPROVED);
a74aed
+	gnutls_free(signature.data);
a74aed
+
a74aed
+	/* Create a signature with ECDSA and SHA-1; not approved */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	ret = gnutls_privkey_sign_data2(privkey, GNUTLS_SIGN_ECDSA_SHA1, 0,
a74aed
+					&data, &signature);
a74aed
+	if (ret < 0) {
a74aed
+		fail("gnutls_privkey_sign_data2 failed\n");
a74aed
+	}
a74aed
+	FIPS_POP_CONTEXT(NOT_APPROVED);
a74aed
+
a74aed
+	/* Verify a signature created with ECDSA and SHA-1; approved */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	ret = gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_ECDSA_SHA1,
a74aed
+					 GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1, &data,
a74aed
+					 &ecc256_sha1_sig);
a74aed
+	if (ret < 0) {
a74aed
+		fail("gnutls_pubkey_verify_data2 failed\n");
a74aed
+	}
a74aed
+	FIPS_POP_CONTEXT(APPROVED);
a74aed
+	gnutls_free(signature.data);
a74aed
+
a74aed
+	/* Create a signature with ECDSA and SHA-1 (old API); not approved */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA1, 0,
a74aed
+					&data, &signature);
a74aed
+	if (ret < 0) {
a74aed
+		fail("gnutls_privkey_sign_data failed\n");
a74aed
+	}
a74aed
+	FIPS_POP_CONTEXT(NOT_APPROVED);
a74aed
+	gnutls_free(signature.data);
a74aed
+
a74aed
+	/* Create a SHA1 hashed data for 2-pass signature API; not a
a74aed
+	 * crypto operation */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	ret = gnutls_hash_fast(GNUTLS_DIG_SHA1, data.data, data.size, hash);
a74aed
+	if (ret < 0) {
a74aed
+		fail("gnutls_hash_fast failed\n");
a74aed
+	}
a74aed
+	hashed_data.data = hash;
a74aed
+	hashed_data.size = 20;
a74aed
+	FIPS_POP_CONTEXT(INITIAL);
a74aed
+
a74aed
+	/* Create a signature with ECDSA and SHA1 (2-pass API); not-approved */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	ret = gnutls_privkey_sign_hash2(privkey, GNUTLS_SIGN_ECDSA_SHA1, 0,
a74aed
+					&hashed_data, &signature);
a74aed
+	if (ret < 0) {
a74aed
+		fail("gnutls_privkey_sign_hash2 failed\n");
a74aed
+	}
a74aed
+	FIPS_POP_CONTEXT(NOT_APPROVED);
a74aed
+	gnutls_free(signature.data);
a74aed
+
a74aed
+	/* Create a signature with ECDSA and SHA1 (2-pass old API); not-approved */
a74aed
+	FIPS_PUSH_CONTEXT();
a74aed
+	ret = gnutls_privkey_sign_hash(privkey, GNUTLS_DIG_SHA1, 0,
a74aed
+					&hashed_data, &signature);
a74aed
+	if (ret < 0) {
a74aed
+		fail("gnutls_privkey_sign_hash failed\n");
a74aed
+	}
a74aed
+	FIPS_POP_CONTEXT(NOT_APPROVED);
a74aed
+	gnutls_free(signature.data);
a74aed
+
a74aed
+	gnutls_pubkey_deinit(pubkey);
a74aed
+	gnutls_privkey_deinit(privkey);
a74aed
+
a74aed
         /* Test RND functions */
a74aed
 	FIPS_PUSH_CONTEXT();
a74aed
 	ret = gnutls_rnd(GNUTLS_RND_RANDOM, key16, sizeof(key16));
a74aed
-- 
a74aed
2.37.3
a74aed