]> granicus.if.org Git - openssl/commitdiff
projects / openssl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bb987c7)
In FIPS mode use SHA1 as default digest in x509 and req
authorDr. Stephen Henson <steve@openssl.org>
Sat, 5 Feb 2005 18:24:50 +0000 (18:24 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Sat, 5 Feb 2005 18:24:50 +0000 (18:24 +0000)
utilities.

apps/req.c patch | blob | history
apps/x509.c patch | blob | history

diff --git a/apps/req.c b/apps/req.c
index d33cddc94dd68e899915b4bdd597e5aa2142ba89..eebe71b15e87c03ced46e63b43ba1b2b4d080d95 100644 (file)
--- a/apps/req.c
+++ b/apps/req.c
@@ -175,7 +175,7 @@ int MAIN(int argc, char **argv)
        char *passin = NULL, *passout = NULL;
        char *p;
        char *subj = NULL;
-       const EVP_MD *md_alg=NULL,*digest=EVP_md5();
+       const EVP_MD *md_alg=NULL,*digest;
        unsigned long chtype = MBSTRING_ASC;
 #ifndef MONOLITH
        char *to_free;
@@ -197,6 +197,13 @@ int MAIN(int argc, char **argv)
        informat=FORMAT_PEM;
        outformat=FORMAT_PEM;
 
+#ifdef  OPENSSL_FIPS
+       if (FIPS_mode())
+               digest = EVP_sha1();
+       else
+#endif
+               digest = EVP_md5();
+
        prog=argv[0];
        argc--;
        argv++;
diff --git a/apps/x509.c b/apps/x509.c
index 7a998523c77dfbc5e8427dab194dc151ada5d82c..e7115cac67088fda6f126dcae95192af293c718d 100644 (file)
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -179,7 +179,7 @@ int MAIN(int argc, char **argv)
        X509_REQ *rq=NULL;
        int fingerprint=0;
        char buf[256];
-       const EVP_MD *md_alg,*digest=EVP_md5();
+       const EVP_MD *md_alg,*digest;
        CONF *extconf = NULL;
        char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL;
        int need_rand = 0;
@@ -216,6 +216,13 @@ int MAIN(int argc, char **argv)
        if (ctx == NULL) goto end;
        X509_STORE_set_verify_cb_func(ctx,callb);
 
+#ifdef  OPENSSL_FIPS
+       if (FIPS_mode())
+               digest = EVP_sha1();
+       else
+#endif
+               digest = EVP_md5();
+
        argc--;
        argv++;
        num=0;
Unnamed repository; edit this file 'description' to name the repository.