generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make null cipher work in FIPS mode.

Browse Source
This commit is contained in:
Dr. Stephen Henson 2014-03-02 13:34:40 +00:00
parent 8394109c89
commit 3956bfce60
3 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/evp/evp_enc.c
View File

@ -174,7 +174,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
{
const EVP_CIPHER *fcipher;
if (cipher)
fcipher = FIPS_get_cipherbynid(EVP_CIPHER_type(cipher));
fcipher = evp_get_fips_cipher(cipher);
if (fcipher)
cipher = fcipher;
return FIPS_cipherinit(ctx, cipher, key, iv, enc);

11
crypto/evp/evp_lib.c
View File

@ -218,7 +218,7 @@ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
{
#ifdef OPENSSL_FIPS
const EVP_CIPHER *fcipher;
fcipher = FIPS_get_cipherbynid(EVP_CIPHER_type(cipher));
fcipher = evp_get_fips_cipher(cipher);
if (fcipher && fcipher->flags & EVP_CIPH_FLAG_FIPS)
return cipher->flags | EVP_CIPH_FLAG_FIPS;
#endif
@ -313,6 +313,15 @@ const EVP_MD *evp_get_fips_md(const EVP_MD *md)
else
return FIPS_get_digestbynid(nid);
}
const EVP_CIPHER *evp_get_fips_cipher(const EVP_CIPHER *cipher)
{
if (cipher->nid == NID_undef)
return FIPS_evp_enc_null();
else
return FIPS_get_cipherbynid(EVP_CIPHER_type(cipher));
}
#endif
unsigned long EVP_MD_flags(const EVP_MD *md)

1
crypto/evp/evp_locl.h
View File

@ -349,6 +349,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
const EVP_CIPHER *c, const EVP_MD *md, int en_de);
const EVP_MD *evp_get_fips_md(const EVP_MD *md);
const EVP_CIPHER *evp_get_fips_cipher(const EVP_CIPHER *cipher);
#ifdef OPENSSL_FIPS