File openssl-fips__0200_CFB1_enable.diff of Package compat-openssl098.1339

diff -rNU 20 ../openssl-0.9.8j-o/fips/des/fips_desmovs.c ./fips/des/fips_desmovs.c
--- ../openssl-0.9.8j-o/fips/des/fips_desmovs.c	2008-09-21 13:40:34.000000000 +0200
+++ ./fips/des/fips_desmovs.c	2011-10-21 01:11:45.000000000 +0200
@@ -93,57 +93,54 @@
 	    unsigned char *iVec, 
 	    int dir,  /* 0 = decrypt, 1 = encrypt */
 	    unsigned char *out, unsigned char *in, int len)
     {
     const EVP_CIPHER *cipher = NULL;
 
     if (akeysz != 192)
 	{
 	printf("Invalid key size: %d\n", akeysz);
 	EXIT(1);
 	}
 
     if (strcasecmp(amode, "CBC") == 0)
 	cipher = EVP_des_ede3_cbc();
     else if (strcasecmp(amode, "ECB") == 0)
 	cipher = EVP_des_ede3_ecb();
     else if (strcasecmp(amode, "CFB64") == 0)
 	cipher = EVP_des_ede3_cfb64();
     else if (strncasecmp(amode, "OFB", 3) == 0)
 	cipher = EVP_des_ede3_ofb();
-#if 0
-    else if(!strcasecmp(amode,"CFB1"))
-	{
-	ctx->cbits = 1;
-	ctx->cmode = EVP_CIPH_CFB_MODE;
-	}
-#endif
     else if(!strcasecmp(amode,"CFB8"))
 	cipher = EVP_des_ede3_cfb8();
+    else if(!strcasecmp(amode,"CFB1"))
+        cipher = EVP_des_ede3_cfb1();
     else
 	{
 	printf("Unknown mode: %s\n", amode);
 	EXIT(1);
 	}
 
     if (EVP_CipherInit_ex(ctx, cipher, NULL, aKey, iVec, dir) <= 0)
 	return 0;
+    if(!strcasecmp(amode,"CFB1"))
+       M_EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS);
     EVP_Cipher(ctx, out, in, len);
 
     return 1;
     }
 
 void DebugValue(char *tag, unsigned char *val, int len)
     {
     char obuf[2048];
     int olen;
     olen = bin2hex(val, len, obuf);
     printf("%s = %.*s\n", tag, olen, obuf);
     }
 
 void shiftin(unsigned char *dst,unsigned char *src,int nbits)
     {
     int n;
 
     /* move the bytes... */
     memmove(dst,dst+nbits/8,3*8-nbits/8);
     /* append new data */
@@ -184,44 +181,45 @@
 	int n;
 	int kp=akeysz/64;
 	unsigned char old_iv[8];
 	EVP_CIPHER_CTX ctx;
 	EVP_CIPHER_CTX_init(&ctx);
 
 	fprintf(rfp,"\nCOUNT = %d\n",i);
 	if(kp == 1)
 	    OutputValue("KEY",akey,8,rfp,0);
 	else
 	    for(n=0 ; n < kp ; ++n)
 		{
 		fprintf(rfp,"KEY%d",n+1);
 		OutputValue("",akey+n*8,8,rfp,0);
 		}
 
 	if(imode != ECB)
 	    OutputValue("IV",ivec,8,rfp,0);
 	OutputValue(t_tag[dir^1],text,len,rfp,imode == CFB1);
 
+#if 0
 	/* compensate for endianness */
 	if(imode == CFB1)
 	    text[0]<<=7;
-
+#endif
 	memcpy(text0,text,8);
 
 	for(j=0 ; j < 10000 ; ++j)
 	    {
 	    unsigned char old_text[8];
 
 	    memcpy(old_text,text,8);
 	    if(j == 0)
 		{
 		memcpy(old_iv,ivec,8);
 		DESTest(&ctx,amode,akeysz,akey,ivec,dir,text,text,len);
 		}
 	    else
 		{
 		memcpy(old_iv,ctx.iv,8);
 		EVP_Cipher(&ctx,text,text,len);
 		}
 	    if(j == 9999)
 		{
 		OutputValue(t_tag[dir],text,len,rfp,imode == CFB1);
openSUSE Build Service is sponsored by