File openssl-fips__0100_aes_EVP_CIPH_FLAG_FIPS_-_the_fenzke_code.diff of Package compat-openssl098.703
diff -rNU 30 ../openssl-0.9.8j-o/crypto/evp/e_aes.c ./crypto/evp/e_aes.c
--- ../openssl-0.9.8j-o/crypto/evp/e_aes.c 2011-09-15 02:08:05.000000000 +0200
+++ ./crypto/evp/e_aes.c 2011-09-15 02:11:45.000000000 +0200
@@ -161,62 +161,62 @@
aes_init_key, \
aes_##mode##_cipher, \
NULL, \
sizeof(EVP_AES_KEY), \
(flags)&EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv, \
(flags)&EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv, \
NULL,NULL }; \
const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
{ return (OPENSSL_ia32cap_P[1]&AESNI_CAPABLE)? \
&aesni_##keylen##_##mode:&aes_##keylen##_##mode; }
#else
#define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
static const EVP_CIPHER aes_##keylen##_##mode = { \
nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
flags|EVP_CIPH_##MODE##_MODE, \
aes_init_key, \
aes_##mode##_cipher, \
NULL, \
sizeof(EVP_AES_KEY), \
(flags)&EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv, \
(flags)&EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv, \
NULL,NULL }; \
const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
{ return &aes_##keylen##_##mode; }
#endif
#define BLOCK_CIPHER_generic_pack(nid,keylen,flags) \
- BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
- BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)
+ BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1) \
+ BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1)
static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
const unsigned char *in, unsigned int len)
{
AES_cbc_encrypt(in,out,len,ctx->cipher_data,ctx->iv,ctx->encrypt);
return 1;
}
static int aes_ecb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
const unsigned char *in, unsigned int len)
{
size_t bl = ctx->cipher->block_size;
size_t i;
if (len<bl) return 1;
if (ctx->encrypt) {
for (i=0,len-=bl;i<=len;i+=bl)
AES_encrypt(in+i,out+i,ctx->cipher_data);
} else {
for (i=0,len-=bl;i<=len;i+=bl)
AES_decrypt(in+i,out+i,ctx->cipher_data);
}
return 1;
}
BLOCK_CIPHER_generic_pack(NID_aes,128,0)
BLOCK_CIPHER_generic_pack(NID_aes,192,0)