diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-01-26 15:25:33 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-01-26 15:25:33 +0000 |
commit | 7a4bd34a4f6d0c0745dd5710c0f4dba614e8dfac (patch) | |
tree | f7bf636ada3cb66b3e3b22f6ee37d49701f3f4a1 /crypto/evp/evp_lib.c | |
parent | 4ead4e5241bd08989f9d6305ff21f9da0614f955 (diff) | |
download | openssl-7a4bd34a4f6d0c0745dd5710c0f4dba614e8dfac.tar.gz |
FIPS mode EVP changes:
Set EVP_CIPH_FLAG_FIPS on approved ciphers.
Support "default ASN1" flag which avoids need for ASN1 dependencies in FIPS
code.
Include some defines to redirect operations to a "tiny EVP" implementation
in some FIPS source files.
Change m_sha1.c to use EVP_PKEY_NULL_method: the EVP_MD sign/verify functions
are not used in OpenSSL 1.0 and later for SHA1 and SHA2 ciphers: the EVP_PKEY
API is used instead.
Diffstat (limited to 'crypto/evp/evp_lib.c')
-rw-r--r-- | crypto/evp/evp_lib.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index 40951a04f0..138dd47c3d 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -67,6 +67,8 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) if (c->cipher->set_asn1_parameters != NULL) ret=c->cipher->set_asn1_parameters(c,type); + else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) + ret=EVP_CIPHER_set_asn1_iv(c, type); else ret=-1; return(ret); |