#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
+#include "evp_locl.h"
#endif
void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
const EVP_MD *fipsmd;
if (type)
{
- fipsmd = FIPS_get_digestbynid(EVP_MD_type(type));
+ fipsmd = evp_get_fips_md(type);
if (fipsmd)
type = fipsmd;
}
#include <openssl/objects.h>
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
+#include "evp_locl.h"
#endif
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
return md->md_size;
}
+#ifdef OPENSSL_FIPS
+
+const EVP_MD *evp_get_fips_md(const EVP_MD *md)
+ {
+ int nid = EVP_MD_type(md);
+ if (nid == NID_dsa)
+ return FIPS_evp_dss1();
+ else if (nid == NID_dsaWithSHA)
+ return FIPS_evp_dss();
+ else if (nid == NID_ecdsa_with_SHA1)
+ return FIPS_evp_ecdsa();
+ else
+ return FIPS_get_digestbynid(nid);
+ }
+#endif
+
unsigned long EVP_MD_flags(const EVP_MD *md)
{
#ifdef OPENSSL_FIPS
const EVP_MD *fmd;
- fmd = FIPS_get_digestbynid(EVP_MD_type(md));
+ fmd = evp_get_fips_md(md);
if (fmd && fmd->flags & EVP_MD_FLAG_FIPS)
return md->flags | EVP_MD_FLAG_FIPS;
#endif
ASN1_TYPE *param,
const EVP_CIPHER *c, const EVP_MD *md, int en_de);
+const EVP_MD *evp_get_fips_md(const EVP_MD *md);
+
#ifdef OPENSSL_FIPS
#ifdef OPENSSL_DOING_MAKEDEPEND
projects / openssl.git / commitdiff