generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Block low level public key signature operations in FIPS mode.

Browse Source 
Update self tests for all modes and use EVP.

Update pairwise consistency checks.
This commit is contained in:
Dr. Stephen Henson
2007-04-06 00:30:24 +00:00
parent 1729dca9a8
commit a81f337331
24 changed files with 688 additions and 241 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
fips-1.0/dsa/fips_dsa_ossl.c
View File

@@ -92,10 +92,10 @@ dsa_mod_exp,
dsa_bn_mod_exp,
dsa_init,
dsa_finish,
0,
DSA_FLAG_FIPS_METHOD,
NULL
};
#if 0
int FIPS_dsa_check(struct dsa_st *dsa)
{
if(dsa->meth != &openssl_dsa_meth || dsa->meth->dsa_do_sign != dsa_do_sign
@@ -110,6 +110,7 @@ int FIPS_dsa_check(struct dsa_st *dsa)
}
return 1;
}
#endif
const DSA_METHOD *DSA_OpenSSL(void)
{
@@ -153,7 +154,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
if (!dsa->meth->dsa_sign_setup(dsa,ctx,&kinv,&r)) goto err;
if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err;