From: Dr. Stephen Henson Date: Sun, 2 Mar 2014 13:34:40 +0000 (+0000) Subject: Make null cipher work in FIPS mode. X-Git-Tag: OpenSSL_1_0_2-beta2~291 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3956bfce60ed573b71c0d30a21735496a730d930;p=openssl Make null cipher work in FIPS mode. --- diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 177fe43ac6..84a3f864da 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -174,7 +174,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp { const EVP_CIPHER *fcipher; if (cipher) - fcipher = FIPS_get_cipherbynid(EVP_CIPHER_type(cipher)); + fcipher = evp_get_fips_cipher(cipher); if (fcipher) cipher = fcipher; return FIPS_cipherinit(ctx, cipher, key, iv, enc); diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index d548ad1d31..cf8a0c9a4b 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -218,7 +218,7 @@ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher) { #ifdef OPENSSL_FIPS const EVP_CIPHER *fcipher; - fcipher = FIPS_get_cipherbynid(EVP_CIPHER_type(cipher)); + fcipher = evp_get_fips_cipher(cipher); if (fcipher && fcipher->flags & EVP_CIPH_FLAG_FIPS) return cipher->flags | EVP_CIPH_FLAG_FIPS; #endif @@ -313,6 +313,15 @@ const EVP_MD *evp_get_fips_md(const EVP_MD *md) else return FIPS_get_digestbynid(nid); } + +const EVP_CIPHER *evp_get_fips_cipher(const EVP_CIPHER *cipher) + { + if (cipher->nid == NID_undef) + return FIPS_evp_enc_null(); + else + return FIPS_get_cipherbynid(EVP_CIPHER_type(cipher)); + } + #endif unsigned long EVP_MD_flags(const EVP_MD *md) diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h index f4a943a716..ca0d4558c9 100644 --- a/crypto/evp/evp_locl.h +++ b/crypto/evp/evp_locl.h @@ -349,6 +349,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, const EVP_CIPHER *c, const EVP_MD *md, int en_de); const EVP_MD *evp_get_fips_md(const EVP_MD *md); +const EVP_CIPHER *evp_get_fips_cipher(const EVP_CIPHER *cipher); #ifdef OPENSSL_FIPS