Workaround for some CMS signature formats.

[openssl.git] / fips / fips_utl.h

diff --git a/fips/fips_utl.h b/fips/fips_utl.h
index c0ce613f47d378e7b40047a618b2fda921374d2f..491bc2ace9ab3897982a3c043f4ebd7b699ff2de 100644 (file)
--- a/fips/fips_utl.h
+++ b/fips/fips_utl.h
@@ -47,6 +47,9 @@
  *
  */
 
+#ifndef FIPS_UTL_H
+#define FIPS_UTL_H
+
 #define OPENSSL_FIPSAPI
 
 #include <openssl/fips_rand.h>
@@ -58,6 +61,15 @@
 #define RESP_EOL       "\r\n"
 #endif
 
+#ifndef FIPS_AUTH_OFFICER_PASS
+#define FIPS_AUTH_OFFICER_PASS "Default FIPS Crypto Officer Password"
+#endif
+
+#ifndef FIPS_AUTH_USER_PASS
+#define FIPS_AUTH_USER_PASS    "Default FIPS Crypto User Password"
+#endif
+
+
 int hex2bin(const char *in, unsigned char *out);
 unsigned char *hex2bin_m(const char *in, long *plen);
 int do_hex2bn(BIGNUM **pr, const char *in);
@@ -144,7 +156,7 @@ void do_entropy_stick(void)
 void fips_algtest_init(void)
        {
        fips_algtest_init_nofips();
-       if (!FIPS_module_mode_set(1))
+       if (!FIPS_module_mode_set(1, FIPS_AUTH_USER_PASS))
                {
                fprintf(stderr, "Error entering FIPS mode\n");
                exit(1);
@@ -478,3 +490,5 @@ int fips_strcasecmp(const char *str1, const char *str2)
        return fips_strncasecmp(str1, str2, (size_t)-1);
        }
 
+
+#endif