generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check for FIPS mode after loading config.

Browse Source 
PR#3958

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 2aa5a2c76656f3873fecd0f0bcc628c1861c27a9)
This commit is contained in:
Dr. Stephen Henson 2015-09-12 00:44:07 +01:00
parent 8b5ac90e5e
commit 421baf1862
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
apps/pkcs12.c
View File

@ -134,13 +134,6 @@ int MAIN(int argc, char **argv)
apps_startup(); apps_startup();
# ifdef OPENSSL_FIPS
if (FIPS_mode())
cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
else
# endif
cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
enc = EVP_des_ede3_cbc(); enc = EVP_des_ede3_cbc();
if (bio_err == NULL) if (bio_err == NULL)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
@ -148,6 +141,13 @@ int MAIN(int argc, char **argv)
if (!load_config(bio_err, NULL)) if (!load_config(bio_err, NULL))
goto end; goto end;
# ifdef OPENSSL_FIPS
if (FIPS_mode())
cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
else
# endif
cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
args = argv + 1; args = argv + 1;
while (*args) { while (*args) {