forked from rpms/openssl
48 lines
1.4 KiB
Diff
48 lines
1.4 KiB
Diff
diff -up openssl-1.0.0/crypto/engine/eng_aesni.c.fips-aesni openssl-1.0.0/crypto/engine/eng_aesni.c
|
|
--- openssl-1.0.0/crypto/engine/eng_aesni.c.fips-aesni 2011-05-24 15:20:29.000000000 +0200
|
|
+++ openssl-1.0.0/crypto/engine/eng_aesni.c 2011-06-08 14:19:22.000000000 +0200
|
|
@@ -323,7 +323,7 @@ static const EVP_CIPHER aesni_##ksize##_
|
|
EVP_CIPHER_block_size_##umode, \
|
|
ksize / 8, \
|
|
AES_BLOCK_SIZE, \
|
|
- 0 | EVP_CIPH_##umode##_MODE, \
|
|
+ EVP_CIPH_FLAG_FIPS | EVP_CIPH_##umode##_MODE, \
|
|
aesni_init_key, \
|
|
aesni_cipher_##lmode, \
|
|
NULL, \
|
|
diff -up openssl-1.0.0/crypto/fips/fips.c.fips-aesni openssl-1.0.0/crypto/fips/fips.c
|
|
--- openssl-1.0.0/crypto/fips/fips.c.fips-aesni 2011-05-24 15:20:29.000000000 +0200
|
|
+++ openssl-1.0.0/crypto/fips/fips.c 2011-06-08 17:31:35.000000000 +0200
|
|
@@ -55,6 +55,7 @@
|
|
#include <openssl/bio.h>
|
|
#include <openssl/hmac.h>
|
|
#include <openssl/rsa.h>
|
|
+#include <openssl/engine.h>
|
|
#include <string.h>
|
|
#include <limits.h>
|
|
#include <dlfcn.h>
|
|
@@ -444,14 +445,17 @@ int FIPS_mode_set(int onoff)
|
|
}
|
|
|
|
if(FIPS_selftest())
|
|
- fips_set_mode(1);
|
|
- else
|
|
{
|
|
- fips_selftest_fail = 1;
|
|
- ret = 0;
|
|
- goto end;
|
|
+ ENGINE_load_aesni();
|
|
+ if (FIPS_selftest_aes())
|
|
+ {
|
|
+ fips_set_mode(1);
|
|
+ ret = 1;
|
|
+ goto end;
|
|
+ }
|
|
}
|
|
- ret = 1;
|
|
+ fips_selftest_fail = 1;
|
|
+ ret = 0;
|
|
goto end;
|
|
}
|
|
fips_set_mode(0);
|