diff options
Diffstat (limited to 'src/crypto/tls/auth.go')
| -rw-r--r-- | src/crypto/tls/auth.go | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/crypto/tls/auth.go b/src/crypto/tls/auth.go index a9df0da6d6..17595f0c35 100644 --- a/src/crypto/tls/auth.go +++ b/src/crypto/tls/auth.go @@ -241,6 +241,9 @@ func selectSignatureScheme(vers uint16, c *Certificate, peerAlgs []SignatureSche // Pick signature scheme in the peer's preference order, as our // preference order is not configurable. for _, preferredAlg := range peerAlgs { + if needFIPS() && !isSupportedSignatureAlgorithm(preferredAlg, fipsSupportedSignatureAlgorithms) { + continue + } if isSupportedSignatureAlgorithm(preferredAlg, supportedAlgs) { return preferredAlg, nil } |