Make FIPS work again.

diff --git a/Makefile.org b/Makefile.org
index ca0b363e02f9cd48f0af18840e7534ab0cb5ad2c..9eafb68a96dcb539fd13d503c5615a701ba8acdb 100644 (file)
--- a/Makefile.org
+++ b/Makefile.org
@@ -184,7 +184,7 @@ SDIRS=  objects \
        buffer bio stack lhash rand err \
        evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
 
-FDIRS= sha1 rand des aes dsa
+FDIRS= sha1 rand des aes dsa rsa
 
 # tests to perform.  "alltests" is a special word indicating that all tests
 # should be performed.

diff --git a/fips/aes/fingerprint.sha1 b/fips/aes/fingerprint.sha1
index 8ffba23ecf005ff481472f943ec235413a79106a..ead8f8a5ad1025bd91eff79466da4f26b8eb49f7 100644 (file)
--- a/fips/aes/fingerprint.sha1
+++ b/fips/aes/fingerprint.sha1
@@ -1,3 +1,3 @@
-SHA1(fips_aes_core.c)= 5298df7807877eed470a1ee5f8331fc0876689da
-SHA1(fips_aes_selftest.c)= 49cd793c702170721385f4efc1dc15cf7b18eff0
+SHA1(fips_aes_core.c)= 638c2707398fea4181243b0d7a2d6acd33084659
+SHA1(fips_aes_selftest.c)= b41f520aa90f813de815ee77ade4e7c73ef147b0
 SHA1(fips_aes_locl.h)= a3c01d9a4f9d5211e9e785852f6f1a2febfd73b6

diff --git a/fips/des/fingerprint.sha1 b/fips/des/fingerprint.sha1
index ea283abc46b8ff80b2892f798fb903cbd2100f05..742465a5f09d388f0775c924c26502fc62b08408 100644 (file)
--- a/fips/des/fingerprint.sha1
+++ b/fips/des/fingerprint.sha1
@@ -1,3 +1,3 @@
-SHA1(fips_des_enc.c)= a4b88bb16782604a298d74de04a8b3bc3a204c5a
-SHA1(fips_des_selftest.c)= f516832dcb9c49c20adc35c14e2b00ed0ebd36b2
+SHA1(fips_des_enc.c)= 75389f527cc456178e6a2e35f82bf49f98fe3e90
+SHA1(fips_des_selftest.c)= 4165967e54097aab14e6737525c7f34e052d7b16
 SHA1(fips_des_locl.h)= a4cf60ca32476a2483b3e4460ec9a19c0444fd20

diff --git a/fips/des/fips_des_selftest.c b/fips/des/fips_des_selftest.c
index 30d5e6fa2c244b99f421f06d3de8e8ee27ed3c82..811581f032a3f5abb33f6659b3dac9aa61d9691a 100644 (file)
--- a/fips/des/fips_des_selftest.c
+++ b/fips/des/fips_des_selftest.c
@@ -51,8 +51,9 @@
 #include <openssl/err.h>
 #include <openssl/fips.h>
 #include <openssl/des.h>
+#include <openssl/opensslconf.h>
 
-#ifdef FIPS
+#ifdef OPENSSL_FIPS
 static struct
     {
     DES_cblock key;

diff --git a/fips/dsa/Makefile.ssl b/fips/dsa/Makefile.ssl
index 4b981fd5f424941bc9712525afa6092189747408..edd6b4444cdd615b9be5f3bd74311dea3a053fdc 100644 (file)
--- a/fips/dsa/Makefile.ssl
+++ b/fips/dsa/Makefile.ssl
@@ -1,5 +1,5 @@
 #
-# SSLeay/fips/sha1/Makefile
+# SSLeay/fips/dsa/Makefile
 #
 
 DIR=   dsa

diff --git a/fips/dsa/fingerprint.sha1 b/fips/dsa/fingerprint.sha1
index c484664730f70073c75c57339006974c81f16dc2..ed1eae4a0ec94a68b1c9670658b7d21639ad467b 100644 (file)
--- a/fips/dsa/fingerprint.sha1
+++ b/fips/dsa/fingerprint.sha1
@@ -1,2 +1,2 @@
-SHA1(fips_dsa_ossl.c)= eb769361b524507754bcbfbda92b973e37433478
-SHA1(fips_dsa_gen.c)= 6cd992b01f8b612dcdda7273cdc2302b05e39175
+SHA1(fips_dsa_ossl.c)= 7902d159932771d749ecba2ebf78995240356990
+SHA1(fips_dsa_gen.c)= 37549c7769084e9989a3a26f7732557d3b691812

diff --git a/fips/fingerprint.sha1 b/fips/fingerprint.sha1
index 31db32e753298142c7a23bdc7c42a2c2312bec31..44277a95c347aad2a110fe398324fb61a739ea1b 100644 (file)
--- a/fips/fingerprint.sha1
+++ b/fips/fingerprint.sha1
@@ -1,4 +1,4 @@
-SHA1(fips.c)= e7af483a2ca3c0a845b4528b936e143bfdae945e
-SHA1(fips_err_wrapper.c)= 527047304bfaa75f6ace20b4f7ac3afb6d89d480
-SHA1(fips.h)= 58386539af75f8f622b041a43bf1880fee8642f7
+SHA1(fips.c)= 3224544013a0115b0e1516f2b4c248b0b7f5e820
+SHA1(fips_err_wrapper.c)= ad4a2ffa18743c83827de398c811eb6124ba0b27
+SHA1(fips.h)= 638e5f4d564fd503a6060bc49567c52fc21d8d10
 SHA1(fips_err.h)= 8d9fd3ab3e6ca5297c5714e7f6cd9834e22b4cba

diff --git a/fips/fips_check_sha1 b/fips/fips_check_sha1
index 3c94c35771d5df6069f69379233fc498788d8ad2..d24f4e2145eee68b3c25bc29beaab5aeeb9775dd 100755 (executable)
--- a/fips/fips_check_sha1
+++ b/fips/fips_check_sha1
@@ -3,6 +3,6 @@
 FP=$1
 shift
 
-egrep '^CFLAG=.*-DFIPS( |$)' $TOP/Makefile || exit 0
+egrep 'define OPENSSL_FIPS' $TOP/include/openssl/opensslconf.h > /dev/null || exit 0
 
 $TOP/fips/sha1/fips_standalone_sha1 $@ | diff -u $FP - || { echo; echo "*** Your source code does not match the FIPS certified source ***"; echo; exit 1; }

diff --git a/fips/fips_err_wrapper.c b/fips/fips_err_wrapper.c
index 08975516719c286443beffe8246f784d2c5f531d..09f11748f609e695ca0969939974dc6ebaa35fe5 100644 (file)
--- a/fips/fips_err_wrapper.c
+++ b/fips/fips_err_wrapper.c
@@ -1,3 +1,5 @@
+#include <openssl/opensslconf.h>
+
 #ifdef OPENSSL_FIPS
 # include "fips_err.h"
 #else

diff --git a/fips/sha1/fingerprint.sha1 b/fips/sha1/fingerprint.sha1
index 4037968ac8f0fa3843482a162618058cdbb9f356..75aced78fab7ad129ef14d5143b2000d653d000f 100644 (file)
--- a/fips/sha1/fingerprint.sha1
+++ b/fips/sha1/fingerprint.sha1
@@ -1,4 +1,4 @@
-SHA1(fips_sha1dgst.c)= 609e2cbf5d3cdcf318ec10238a0e82b93b78e6b5
-SHA1(fips_sha1_selftest.c)= 2be7c82cba769de0bcce0539ecc854b74a1d16fd
+SHA1(fips_sha1dgst.c)= c197020b866c1ab32f1e30f5599592e14fcaa925
+SHA1(fips_sha1_selftest.c)= 55fef82fa5f4aec6b1359847fe50555ff77cec49
 SHA1(fips_sha_locl.h)= 677427c495b571991f013939ea7e5dea87828f8c
 SHA1(fips_md32_common.h)= 4f41bcde24750b3b8c99a06bcba2fe06ff8db4d0

diff --git a/fips/sha1/fips_sha1dgst.c b/fips/sha1/fips_sha1dgst.c
index 89462fcc64f9bc58d3bee97bd924468bfe42674a..2ca2f75fa84d175401605f3b3a130a696ed6d208 100644 (file)
--- a/fips/sha1/fips_sha1dgst.c
+++ b/fips/sha1/fips_sha1dgst.c
@@ -62,6 +62,7 @@
 #define SHA_1
 
 #include <openssl/opensslv.h>
+#include <openssl/opensslconf.h>
 
 #ifdef OPENSSL_FIPS
 const char *SHA1_version="SHA1" OPENSSL_VERSION_PTEXT;

diff --git a/fips/sha1/fips_standalone_sha1.c b/fips/sha1/fips_standalone_sha1.c
index 9631470ccd951628d25207ef73d846527770e3de..5e1984ab8e5cb3c3a5ab5ee0e3935a309f5a9961 100644 (file)
--- a/fips/sha1/fips_standalone_sha1.c
+++ b/fips/sha1/fips_standalone_sha1.c
@@ -48,6 +48,7 @@
  */
 
 #include <openssl/sha.h>
+#include <openssl/opensslconf.h>
 #include <stdio.h>
 #include <stdlib.h>
 

diff --git a/fips/sha1/standalone.sha1 b/fips/sha1/standalone.sha1
index 23992498c5ce700513b24fb87b4d5a7263c077bb..48e72564405d8a8d124041db2d8edacabba55423 100644 (file)
--- a/fips/sha1/standalone.sha1
+++ b/fips/sha1/standalone.sha1
@@ -1,5 +1,5 @@
-SHA1(fips_sha1dgst.c)= 609e2cbf5d3cdcf318ec10238a0e82b93b78e6b5
-SHA1(fips_sha1_selftest.c)= 2be7c82cba769de0bcce0539ecc854b74a1d16fd
-SHA1(fips_standalone_sha1.c)= 3af5efe6edb65bd4ab2f5de5db425a8295a897b1
+SHA1(fips_sha1dgst.c)= c197020b866c1ab32f1e30f5599592e14fcaa925
+SHA1(fips_sha1_selftest.c)= 55fef82fa5f4aec6b1359847fe50555ff77cec49
+SHA1(fips_standalone_sha1.c)= cee2161ed76a5d5146ae2f2c28012d5764830d7f
 SHA1(fips_sha_locl.h)= 677427c495b571991f013939ea7e5dea87828f8c
 SHA1(fips_md32_common.h)= 4f41bcde24750b3b8c99a06bcba2fe06ff8db4d0