diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-01-26 15:25:33 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-01-26 15:25:33 +0000 |
commit | 7a4bd34a4f6d0c0745dd5710c0f4dba614e8dfac (patch) | |
tree | f7bf636ada3cb66b3e3b22f6ee37d49701f3f4a1 /crypto/evp/m_sha1.c | |
parent | 4ead4e5241bd08989f9d6305ff21f9da0614f955 (diff) | |
download | openssl-7a4bd34a4f6d0c0745dd5710c0f4dba614e8dfac.tar.gz |
FIPS mode EVP changes:
Set EVP_CIPH_FLAG_FIPS on approved ciphers.
Support "default ASN1" flag which avoids need for ASN1 dependencies in FIPS
code.
Include some defines to redirect operations to a "tiny EVP" implementation
in some FIPS source files.
Change m_sha1.c to use EVP_PKEY_NULL_method: the EVP_MD sign/verify functions
are not used in OpenSSL 1.0 and later for SHA1 and SHA2 ciphers: the EVP_PKEY
API is used instead.
Diffstat (limited to 'crypto/evp/m_sha1.c')
-rw-r--r-- | crypto/evp/m_sha1.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c index 9a2790fdea..8c7e780a6d 100644 --- a/crypto/evp/m_sha1.c +++ b/crypto/evp/m_sha1.c @@ -68,6 +68,11 @@ #include <openssl/rsa.h> #endif +#ifdef OPENSSL_FIPS +#include <openssl/fips.h> +#endif + + static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } @@ -88,7 +93,7 @@ static const EVP_MD sha1_md= final, NULL, NULL, - EVP_PKEY_RSA_method, + EVP_PKEY_NULL_method, SHA_CBLOCK, sizeof(EVP_MD *)+sizeof(SHA_CTX), }; @@ -125,7 +130,7 @@ static const EVP_MD sha224_md= final256, NULL, NULL, - EVP_PKEY_RSA_method, + EVP_PKEY_NULL_method, SHA256_CBLOCK, sizeof(EVP_MD *)+sizeof(SHA256_CTX), }; @@ -144,7 +149,7 @@ static const EVP_MD sha256_md= final256, NULL, NULL, - EVP_PKEY_RSA_method, + EVP_PKEY_NULL_method, SHA256_CBLOCK, sizeof(EVP_MD *)+sizeof(SHA256_CTX), }; @@ -175,7 +180,7 @@ static const EVP_MD sha384_md= final512, NULL, NULL, - EVP_PKEY_RSA_method, + EVP_PKEY_NULL_method, SHA512_CBLOCK, sizeof(EVP_MD *)+sizeof(SHA512_CTX), }; @@ -194,7 +199,7 @@ static const EVP_MD sha512_md= final512, NULL, NULL, - EVP_PKEY_RSA_method, + EVP_PKEY_NULL_method, SHA512_CBLOCK, sizeof(EVP_MD *)+sizeof(SHA512_CTX), }; @@ -202,3 +207,4 @@ static const EVP_MD sha512_md= const EVP_MD *EVP_sha512(void) { return(&sha512_md); } #endif /* ifndef OPENSSL_NO_SHA512 */ + |