tolerate broken CMS/PKCS7 implementations using signature OID instead of digest

[oweals/openssl.git] / crypto / hmac / hmac.c

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index b1aa05b2eaa5b2b2e3a8cbc79f81307286b05f47..cbc1c76a57b3d7b56d9ab12819993326840b043e 100644 (file)
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -58,8 +58,10 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <openssl/hmac.h>
 #include "cryptlib.h"
+#include <openssl/hmac.h>
+
+#ifndef OPENSSL_FIPS
 
 void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
                  const EVP_MD *md, ENGINE *impl)
@@ -89,7 +91,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
                        }
                else
                        {
-                       OPENSSL_assert(len>0 && len <= (int)sizeof(ctx->key));
+                       OPENSSL_assert(len>=0 && len<=(int)sizeof(ctx->key));
                        memcpy(ctx->key,key,len);
                        ctx->key_length=len;
                        }
@@ -171,3 +173,11 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
        return(md);
        }
 
+void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
+       {
+       EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
+       EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
+       EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
+       }
+
+#endif