Workaround for some CMS signature formats.
[openssl.git] / fips / utl / fips_md.c
index 5562679..5e9fe4e 100644 (file)
@@ -171,13 +171,15 @@ int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type)
                {
                FIPSerr(FIPS_F_FIPS_DIGESTINIT,FIPS_R_FIPS_SELFTEST_FAILED);
                ctx->digest = &bad_md;
+               ctx->update = bad_update;
                return 0;
                }
-       if(FIPS_mode() && !(type->flags & EVP_MD_FLAG_FIPS) &&
+       if(FIPS_module_mode() && !(type->flags & EVP_MD_FLAG_FIPS) &&
                !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW))
                {
                EVPerr(EVP_F_FIPS_DIGESTINIT, EVP_R_DISABLED_FOR_FIPS);
                ctx->digest = &bad_md;
+               ctx->update = bad_update;
                return 0;
                }
        if (ctx->digest != type)
@@ -319,3 +321,27 @@ int FIPS_md_ctx_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
        
        return 1;
        }
+
+const EVP_MD *FIPS_get_digestbynid(int nid)
+       {
+       switch (nid)
+               {
+               case NID_sha1:
+               return EVP_sha1();
+
+               case NID_sha224:
+               return EVP_sha224();
+
+               case NID_sha256:
+               return EVP_sha256();
+
+               case NID_sha384:
+               return EVP_sha384();
+
+               case NID_sha512:
+               return EVP_sha512();
+
+               default:
+               return NULL;
+               }
+       }