From 14567b145199739656e2bf8dd34f5da71f785802 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 15 Feb 2011 15:57:54 +0000 Subject: [PATCH] Add FIPS flags to AES ciphers and SHA* digests. --- crypto/evp/e_aes.c | 15 +++++++++------ crypto/evp/m_sha1.c | 10 +++++----- 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 4206fd0da4..2f937af0ba 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -119,7 +119,7 @@ static int aes_counter (EVP_CIPHER_CTX *ctx, unsigned char *out, static const EVP_CIPHER aes_128_ctr_cipher= { NID_aes_128_ctr,1,16,16, - EVP_CIPH_CTR_MODE, + EVP_CIPH_CTR_MODE|EVP_CIPH_FLAG_FIPS, aes_init_key, aes_counter, NULL, @@ -136,7 +136,7 @@ const EVP_CIPHER *EVP_aes_128_ctr (void) static const EVP_CIPHER aes_192_ctr_cipher= { NID_aes_192_ctr,1,24,16, - EVP_CIPH_CTR_MODE, + EVP_CIPH_CTR_MODE|EVP_CIPH_FLAG_FIPS, aes_init_key, aes_counter, NULL, @@ -153,7 +153,7 @@ const EVP_CIPHER *EVP_aes_192_ctr (void) static const EVP_CIPHER aes_256_ctr_cipher= { NID_aes_256_ctr,1,32,16, - EVP_CIPH_CTR_MODE, + EVP_CIPH_CTR_MODE|EVP_CIPH_FLAG_FIPS, aes_init_key, aes_counter, NULL, @@ -415,7 +415,8 @@ static const EVP_CIPHER aes_128_gcm_cipher= NID_aes_128_gcm,1,16,12, EVP_CIPH_GCM_MODE|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT, + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT + | EVP_CIPH_FLAG_FIPS, aes_gcm_init_key, aes_gcm, aes_gcm_cleanup, @@ -434,7 +435,8 @@ static const EVP_CIPHER aes_192_gcm_cipher= NID_aes_128_gcm,1,24,12, EVP_CIPH_GCM_MODE|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT, + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT + | EVP_CIPH_FLAG_FIPS, aes_gcm_init_key, aes_gcm, aes_gcm_cleanup, @@ -453,7 +455,8 @@ static const EVP_CIPHER aes_256_gcm_cipher= NID_aes_128_gcm,1,32,12, EVP_CIPH_GCM_MODE|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT, + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT + | EVP_CIPH_FLAG_FIPS, aes_gcm_init_key, aes_gcm, aes_gcm_cleanup, diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c index 8c7e780a6d..62b4dc68c9 100644 --- a/crypto/evp/m_sha1.c +++ b/crypto/evp/m_sha1.c @@ -87,7 +87,7 @@ static const EVP_MD sha1_md= NID_sha1, NID_sha1WithRSAEncryption, SHA_DIGEST_LENGTH, - EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_FIPS, init, update, final, @@ -124,7 +124,7 @@ static const EVP_MD sha224_md= NID_sha224, NID_sha224WithRSAEncryption, SHA224_DIGEST_LENGTH, - EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_FIPS, init224, update256, final256, @@ -143,7 +143,7 @@ static const EVP_MD sha256_md= NID_sha256, NID_sha256WithRSAEncryption, SHA256_DIGEST_LENGTH, - EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_FIPS, init256, update256, final256, @@ -174,7 +174,7 @@ static const EVP_MD sha384_md= NID_sha384, NID_sha384WithRSAEncryption, SHA384_DIGEST_LENGTH, - EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_FIPS, init384, update512, final512, @@ -193,7 +193,7 @@ static const EVP_MD sha512_md= NID_sha512, NID_sha512WithRSAEncryption, SHA512_DIGEST_LENGTH, - EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_FIPS, init512, update512, final512, -- 2.25.1