Blame openssl-1.0.0-fips-aesni.patch
|
|
f4fb849 |
diff -up openssl-1.0.0/crypto/engine/eng_aesni.c.fips-aesni openssl-1.0.0/crypto/engine/eng_aesni.c
|
|
|
f4fb849 |
--- openssl-1.0.0/crypto/engine/eng_aesni.c.fips-aesni 2011-05-24 15:20:29.000000000 +0200
|
|
|
f4fb849 |
+++ openssl-1.0.0/crypto/engine/eng_aesni.c 2011-06-08 14:19:22.000000000 +0200
|
|
|
f4fb849 |
@@ -323,7 +323,7 @@ static const EVP_CIPHER aesni_##ksize##_
|
|
|
f4fb849 |
EVP_CIPHER_block_size_##umode, \
|
|
|
f4fb849 |
ksize / 8, \
|
|
|
f4fb849 |
AES_BLOCK_SIZE, \
|
|
|
f4fb849 |
- 0 | EVP_CIPH_##umode##_MODE, \
|
|
|
f4fb849 |
+ EVP_CIPH_FLAG_FIPS | EVP_CIPH_##umode##_MODE, \
|
|
|
f4fb849 |
aesni_init_key, \
|
|
|
f4fb849 |
aesni_cipher_##lmode, \
|
|
|
f4fb849 |
NULL, \
|
|
|
f4fb849 |
diff -up openssl-1.0.0/crypto/fips/fips.c.fips-aesni openssl-1.0.0/crypto/fips/fips.c
|
|
|
f4fb849 |
--- openssl-1.0.0/crypto/fips/fips.c.fips-aesni 2011-05-24 15:20:29.000000000 +0200
|
|
|
f4fb849 |
+++ openssl-1.0.0/crypto/fips/fips.c 2011-06-08 17:31:35.000000000 +0200
|
|
|
f4fb849 |
@@ -55,6 +55,7 @@
|
|
|
f4fb849 |
#include <openssl/bio.h>
|
|
|
f4fb849 |
#include <openssl/hmac.h>
|
|
|
f4fb849 |
#include <openssl/rsa.h>
|
|
|
f4fb849 |
+#include <openssl/engine.h>
|
|
|
f4fb849 |
#include <string.h>
|
|
|
f4fb849 |
#include <limits.h>
|
|
|
f4fb849 |
#include <dlfcn.h>
|
|
|
f4fb849 |
@@ -444,14 +445,17 @@ int FIPS_mode_set(int onoff)
|
|
|
f4fb849 |
}
|
|
|
f4fb849 |
|
|
|
f4fb849 |
if(FIPS_selftest())
|
|
|
f4fb849 |
- fips_set_mode(1);
|
|
|
f4fb849 |
- else
|
|
|
f4fb849 |
{
|
|
|
f4fb849 |
- fips_selftest_fail = 1;
|
|
|
f4fb849 |
- ret = 0;
|
|
|
f4fb849 |
- goto end;
|
|
|
f4fb849 |
+ ENGINE_load_aesni();
|
|
|
f4fb849 |
+ if (FIPS_selftest_aes())
|
|
|
f4fb849 |
+ {
|
|
|
f4fb849 |
+ fips_set_mode(1);
|
|
|
f4fb849 |
+ ret = 1;
|
|
|
f4fb849 |
+ goto end;
|
|
|
f4fb849 |
+ }
|
|
|
f4fb849 |
}
|
|
|
f4fb849 |
- ret = 1;
|
|
|
f4fb849 |
+ fips_selftest_fail = 1;
|
|
|
f4fb849 |
+ ret = 0;
|
|
|
f4fb849 |
goto end;
|
|
|
f4fb849 |
}
|
|
|
f4fb849 |
fips_set_mode(0);
|