projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cc8f2fb)
only call FIPS_cipherinit in FIPS mode
authorDr. Stephen Henson <steve@openssl.org>
Wed, 18 Apr 2012 22:42:06 +0000 (22:42 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 18 Apr 2012 22:42:06 +0000 (22:42 +0000)
crypto/evp/evp_enc.c patch | blob | history

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 691072655b4f0e50cfc1f0e32eb8b596a634a118..8835d9a6ede827c7cef891206742fcf3bbe22ba0 100644 (file)
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -170,7 +170,8 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
 #endif
 
 #ifdef OPENSSL_FIPS
-               return FIPS_cipherinit(ctx, cipher, key, iv, enc);
+               if (FIPS_mode())
+                       return FIPS_cipherinit(ctx, cipher, key, iv, enc);
 #else
                ctx->cipher=cipher;
                if (ctx->cipher->ctx_size)
@@ -207,7 +208,8 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
 skip_to_init:
 #endif
 #ifdef OPENSSL_FIPS
-       return FIPS_cipherinit(ctx, cipher, key, iv, enc);
+       if (FIPS_mode())
+               return FIPS_cipherinit(ctx, cipher, key, iv, enc);
 #else
        /* we assume block size is a power of 2 in *cryptUpdate */
        OPENSSL_assert(ctx->cipher->block_size == 1
Unnamed repository; edit this file 'description' to name the repository.