projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Make ssl code consistent with FIPS branch. The new code has no effect
[openssl.git] / ssl / s3_enc.c
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 2859351b001f6343d72b2adf4023f3bf6a74474b..06e54666b2774a6109f19fbdae5e2c585fc91ab6 100644 (file)
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -146,6 +146,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
 #endif
        k=0;
        EVP_MD_CTX_init(&m5);
+       EVP_MD_CTX_set_flags(&m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
        EVP_MD_CTX_init(&s1);
        for (i=0; (int)i<num; i+=MD5_DIGEST_LENGTH)
                {
@@ -518,6 +519,8 @@ int ssl3_enc(SSL *s, int send)
 
 void ssl3_init_finished_mac(SSL *s)
        {
+       EVP_MD_CTX_set_flags(&(s->s3->finish_dgst1),
+               EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
        EVP_DigestInit_ex(&(s->s3->finish_dgst1),s->ctx->md5, NULL);
        EVP_DigestInit_ex(&(s->s3->finish_dgst2),s->ctx->sha1, NULL);
        }
@@ -554,6 +557,7 @@ static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
        EVP_MD_CTX ctx;
 
        EVP_MD_CTX_init(&ctx);
+       EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
        EVP_MD_CTX_copy_ex(&ctx,in_ctx);
 
        n=EVP_MD_CTX_size(&ctx);
Unnamed repository; edit this file 'description' to name the repository.