diff options
| author | Matt Caswell <matt@openssl.org> | 2019-05-28 11:25:08 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2019-06-03 12:56:53 +0100 |
| commit | 66ad63e80198800ad94e4e4168a6b9b6a7c0fcd4 (patch) | |
| tree | aaa621a4f3ac852a7ac2dfbde449f29746361cc7 /providers | |
| parent | a77b4dba237d001073d2d1c5d55c674a196c949f (diff) | |
| download | openssl-66ad63e80198800ad94e4e4168a6b9b6a7c0fcd4.zip openssl-66ad63e80198800ad94e4e4168a6b9b6a7c0fcd4.tar.gz openssl-66ad63e80198800ad94e4e4168a6b9b6a7c0fcd4.tar.bz2 | |
Make basic AES ciphers available from within the FIPS providers
These ciphers were already provider aware, and were available from the
default provider. We move them into the FIPS provider too.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9038)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/common/ciphers/build.info | 3 | ||||
| -rw-r--r-- | providers/fips/fipsprov.c | 18 |
2 files changed, 19 insertions, 2 deletions
diff --git a/providers/common/ciphers/build.info b/providers/common/ciphers/build.info index f4ff2ce..b8c3172 100644 --- a/providers/common/ciphers/build.info +++ b/providers/common/ciphers/build.info @@ -2,3 +2,6 @@ LIBS=../../../libcrypto SOURCE[../../../libcrypto]=\ block.c aes.c aes_basic.c INCLUDE[../../../libcrypto]=. ../../../crypto + +SOURCE[../../fips]=\ + block.c aes.c aes_basic.c diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 7842f90..37d7c5b 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -20,6 +20,7 @@ #include "internal/cryptlib.h" #include "internal/property.h" #include "internal/evp_int.h" +#include "internal/provider_algs.h" /* Functions provided by the core */ static OSSL_core_get_param_types_fn *c_get_param_types = NULL; @@ -92,13 +93,24 @@ static int fips_get_params(const OSSL_PROVIDER *prov, return 1; } -extern const OSSL_DISPATCH sha256_functions[]; - static const OSSL_ALGORITHM fips_digests[] = { { "SHA256", "fips=yes", sha256_functions }, { NULL, NULL, NULL } }; +static const OSSL_ALGORITHM fips_ciphers[] = { + { "AES-256-ECB", "fips=yes", aes256ecb_functions }, + { "AES-192-ECB", "fips=yes", aes192ecb_functions }, + { "AES-128-ECB", "fips=yes", aes128ecb_functions }, + { "AES-256-CBC", "fips=yes", aes256cbc_functions }, + { "AES-192-CBC", "fips=yes", aes192cbc_functions }, + { "AES-128-CBC", "fips=yes", aes128cbc_functions }, + { "AES-256-CTR", "fips=yes", aes256ctr_functions }, + { "AES-192-CTR", "fips=yes", aes192ctr_functions }, + { "AES-128-CTR", "fips=yes", aes128ctr_functions }, + { NULL, NULL, NULL } +}; + static const OSSL_ALGORITHM *fips_query(OSSL_PROVIDER *prov, int operation_id, int *no_cache) @@ -107,6 +119,8 @@ static const OSSL_ALGORITHM *fips_query(OSSL_PROVIDER *prov, switch (operation_id) { case OSSL_OP_DIGEST: return fips_digests; + case OSSL_OP_CIPHER: + return fips_ciphers; } return NULL; } |