generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Override flag for XTS length limit.

Browse Source
This commit is contained in:
Dr. Stephen Henson 2011-04-18 17:31:28 +00:00
parent b3a45e7db5
commit 62dc7ed67c
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/evp/e_aes.c
View File

@ -519,7 +519,8 @@ static int aes_xts(EVP_CIPHER_CTX *ctx, unsigned char *out,
return -1; return -1;
#ifdef OPENSSL_FIPS #ifdef OPENSSL_FIPS
/* Requirement of SP800-38E */ /* Requirement of SP800-38E */
if (FIPS_mode() && len > (1L<<20)*16) if (FIPS_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
(len > (1L<<20)*16))
{ {
EVPerr(EVP_F_AES_XTS, EVP_R_TOO_LARGE); EVPerr(EVP_F_AES_XTS, EVP_R_TOO_LARGE);
return -1; return -1;