File openssl-fips__0100_aes_EVP_CIPH_FLAG_FIPS_-_the_fenzke_code.diff of Package compat-openssl098.703

diff -rNU 30 ../openssl-0.9.8j-o/crypto/evp/e_aes.c ./crypto/evp/e_aes.c
--- ../openssl-0.9.8j-o/crypto/evp/e_aes.c	2011-09-15 02:08:05.000000000 +0200
+++ ./crypto/evp/e_aes.c	2011-09-15 02:11:45.000000000 +0200
@@ -161,62 +161,62 @@
 	aes_init_key,			\
 	aes_##mode##_cipher,		\
 	NULL,				\
 	sizeof(EVP_AES_KEY),		\
 	(flags)&EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv,	\
 	(flags)&EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv,	\
 	NULL,NULL };			\
 const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
 { return (OPENSSL_ia32cap_P[1]&AESNI_CAPABLE)? \
   &aesni_##keylen##_##mode:&aes_##keylen##_##mode; }
 
 #else
 
 #define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
 static const EVP_CIPHER aes_##keylen##_##mode = { \
 	nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
 	flags|EVP_CIPH_##MODE##_MODE,	\
 	aes_init_key,			\
 	aes_##mode##_cipher,		\
 	NULL,				\
 	sizeof(EVP_AES_KEY),		\
 	(flags)&EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv,	\
 	(flags)&EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv,	\
 	NULL,NULL };			\	
 const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
 { return &aes_##keylen##_##mode; }
 
 #endif
 
 #define BLOCK_CIPHER_generic_pack(nid,keylen,flags)		\
-	BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)	\
-	BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)
+	BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1)	\
+	BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1)
 
 static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
 	const unsigned char *in, unsigned int len)
 {
 	AES_cbc_encrypt(in,out,len,ctx->cipher_data,ctx->iv,ctx->encrypt);
 
 	return 1;
 }
 
 static int aes_ecb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
 	const unsigned char *in, unsigned int len)
 {
 	size_t	bl = ctx->cipher->block_size;
 	size_t	i;
 
 	if (len<bl)	return 1;
 
 	if (ctx->encrypt) {
 		for (i=0,len-=bl;i<=len;i+=bl)
 			AES_encrypt(in+i,out+i,ctx->cipher_data);
 	} else {
 		for (i=0,len-=bl;i<=len;i+=bl)
 			AES_decrypt(in+i,out+i,ctx->cipher_data);
 	}
 
 	return 1;
 }
 
 BLOCK_CIPHER_generic_pack(NID_aes,128,0)
 BLOCK_CIPHER_generic_pack(NID_aes,192,0)