diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-01-26 15:25:33 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-01-26 15:25:33 +0000 |
commit | 7a4bd34a4f6d0c0745dd5710c0f4dba614e8dfac (patch) | |
tree | f7bf636ada3cb66b3e3b22f6ee37d49701f3f4a1 /crypto/evp/evp_locl.h | |
parent | 4ead4e5241bd08989f9d6305ff21f9da0614f955 (diff) | |
download | openssl-7a4bd34a4f6d0c0745dd5710c0f4dba614e8dfac.zip openssl-7a4bd34a4f6d0c0745dd5710c0f4dba614e8dfac.tar.gz openssl-7a4bd34a4f6d0c0745dd5710c0f4dba614e8dfac.tar.bz2 |
FIPS mode EVP changes:
Set EVP_CIPH_FLAG_FIPS on approved ciphers.
Support "default ASN1" flag which avoids need for ASN1 dependencies in FIPS
code.
Include some defines to redirect operations to a "tiny EVP" implementation
in some FIPS source files.
Change m_sha1.c to use EVP_PKEY_NULL_method: the EVP_MD sign/verify functions
are not used in OpenSSL 1.0 and later for SHA1 and SHA2 ciphers: the EVP_PKEY
API is used instead.
Diffstat (limited to 'crypto/evp/evp_locl.h')
-rw-r--r-- | crypto/evp/evp_locl.h | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h index 1b6c811..94162d6 100644 --- a/crypto/evp/evp_locl.h +++ b/crypto/evp/evp_locl.h @@ -254,14 +254,12 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } #define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data) -#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \ +#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \ BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ - 0, cipher##_init_key, NULL, \ - EVP_CIPHER_set_asn1_iv, \ - EVP_CIPHER_get_asn1_iv, \ - NULL) + (fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \ + cipher##_init_key, NULL, NULL, NULL, NULL) struct evp_pkey_ctx_st { |