make EVP_dss() work for DSA signing

[oweals/openssl.git] / crypto / aes / aes_misc.c

diff --git a/crypto/aes/aes_misc.c b/crypto/aes/aes_misc.c
index 4fead1b4c7c553b656c5d6eccdb527fdedfbd349..f083488ecb34aa842c7e8637945df1bf4fa72192 100644 (file)
--- a/crypto/aes/aes_misc.c
+++ b/crypto/aes/aes_misc.c
@@ -50,6 +50,7 @@
  */
 
 #include <openssl/opensslv.h>
+#include <openssl/crypto.h>
 #include <openssl/aes.h>
 #include "aes_locl.h"
 
@@ -62,3 +63,23 @@ const char *AES_options(void) {
         return "aes(partial)";
 #endif
 }
+
+/* FIPS wrapper functions to block low level AES calls in FIPS mode */
+
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+                       AES_KEY *key)
+       {
+#ifdef OPENSSL_FIPS
+       fips_cipher_abort(AES);
+#endif
+       return private_AES_set_encrypt_key(userKey, bits, key);
+       }
+
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+                       AES_KEY *key)
+       {
+#ifdef OPENSSL_FIPS
+       fips_cipher_abort(AES);
+#endif
+       return private_AES_set_decrypt_key(userKey, bits, key);
+       }