Merge FIPS low level algorithm blocking code. Give hard errors if non-FIPS

algorithms are use in FIPS mode using low level API. No effect in non-FIPS mode.
2008-09-16 10:47:28 +00:00
parent 59f3477b82
commit 96a259e81e
35 changed files with 255 additions and 17 deletions
--- a/crypto/mdc2/mdc2.h
+++ b/crypto/mdc2/mdc2.h
@@ -80,7 +80,9 @@ typedef struct mdc2_ctx_st
 	int pad_type; /* either 1 or 2, default 1 */
 	} MDC2_CTX;

-
+#ifdef OPENSSL_FIPS
+int private_MDC2_Init(MDC2_CTX *c);
+#endif
 int MDC2_Init(MDC2_CTX *c);
 int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
 int MDC2_Final(unsigned char *md, MDC2_CTX *c);
--- a/crypto/mdc2/mdc2dgst.c
+++ b/crypto/mdc2/mdc2dgst.c
@@ -61,6 +61,11 @@
 #include <string.h>
 #include <openssl/des.h>
 #include <openssl/mdc2.h>
+#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+

 #undef c2l
 #define c2l(c,l)	(l =((DES_LONG)(*((c)++)))    , \
@@ -75,7 +80,7 @@
 			*((c)++)=(unsigned char)(((l)>>24L)&0xff))

 static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len);
-int MDC2_Init(MDC2_CTX *c)
+FIPS_NON_FIPS_MD_Init(MDC2)
 	{
 	c->num=0;
 	c->pad_type=1;