new function to lookup FIPS supported ciphers by NID

diff --git a/CHANGES b/CHANGES
index 8fa3e5436625695cc87d0350c6f6f6b48abb84b2..c4e8639122091cc8751f1dc29db8fd645c684bfb 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]
 
+  *) New function FIPS_get_cipherbynid() to lookup FIPS supported ciphers
+     based on NID.
+     [Steve Henson]
+
   *) More extensive health check for DRBG checking many more failure modes.
      New function FIPS_selftest_drbg_all() to handle every possible DRBG
      combination: call this in fips_test_suite.

diff --git a/fips/fips.h b/fips/fips.h
index 17dd0666438c25212a564044954c1935daec9f93..27242f15991d0b6c06fb89285d83068ce6631d85 100644 (file)
--- a/fips/fips.h
+++ b/fips/fips.h
@@ -193,6 +193,8 @@ int fips_cipher_test(int id, struct evp_cipher_ctx_st *ctx,
 
 const struct env_md_st *FIPS_get_digestbynid(int nid);
 
+const struct evp_cipher_st *FIPS_get_cipherbynid(int nid);
+
 struct rsa_st *FIPS_rsa_new(void);
 void FIPS_rsa_free(struct rsa_st *r);
 int FIPS_rsa_sign_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx,

diff --git a/fips/utl/fips_enc.c b/fips/utl/fips_enc.c
index fcff5ece879a64dbdb50c4dff252998709410090..9ed9dbf35a034bad9ace973e94b5e607b013267a 100644 (file)
--- a/fips/utl/fips_enc.c
+++ b/fips/utl/fips_enc.c
@@ -338,3 +338,131 @@ int FIPS_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                }
        return ctx->cipher->do_cipher(ctx,out,in,inl);
        }
+
+const EVP_CIPHER *FIPS_get_cipherbynid(int nid)
+       {
+       switch (nid)
+               {
+               case NID_aes_128_cbc:
+               return FIPS_evp_aes_128_cbc();
+
+               case NID_aes_128_ccm:
+               return FIPS_evp_aes_128_ccm();
+
+               case NID_aes_128_cfb1:
+               return FIPS_evp_aes_128_cfb1();
+
+               case NID_aes_128_cfb128:
+               return FIPS_evp_aes_128_cfb128();
+
+               case NID_aes_128_cfb8:
+               return FIPS_evp_aes_128_cfb8();
+
+               case NID_aes_128_ctr:
+               return FIPS_evp_aes_128_ctr();
+
+               case NID_aes_128_ecb:
+               return FIPS_evp_aes_128_ecb();
+
+               case NID_aes_128_gcm:
+               return FIPS_evp_aes_128_gcm();
+
+               case NID_aes_128_ofb128:
+               return FIPS_evp_aes_128_ofb();
+
+               case NID_aes_128_xts:
+               return FIPS_evp_aes_128_xts();
+
+               case NID_aes_192_cbc:
+               return FIPS_evp_aes_192_cbc();
+
+               case NID_aes_192_ccm:
+               return FIPS_evp_aes_192_ccm();
+
+               case NID_aes_192_cfb1:
+               return FIPS_evp_aes_192_cfb1();
+
+               case NID_aes_192_cfb128:
+               return FIPS_evp_aes_192_cfb128();
+
+               case NID_aes_192_cfb8:
+               return FIPS_evp_aes_192_cfb8();
+
+               case NID_aes_192_ctr:
+               return FIPS_evp_aes_192_ctr();
+
+               case NID_aes_192_ecb:
+               return FIPS_evp_aes_192_ecb();
+
+               case NID_aes_192_gcm:
+               return FIPS_evp_aes_192_gcm();
+
+               case NID_aes_192_ofb128:
+               return FIPS_evp_aes_192_ofb();
+
+               case NID_aes_256_cbc:
+               return FIPS_evp_aes_256_cbc();
+
+               case NID_aes_256_ccm:
+               return FIPS_evp_aes_256_ccm();
+
+               case NID_aes_256_cfb1:
+               return FIPS_evp_aes_256_cfb1();
+
+               case NID_aes_256_cfb128:
+               return FIPS_evp_aes_256_cfb128();
+
+               case NID_aes_256_cfb8:
+               return FIPS_evp_aes_256_cfb8();
+
+               case NID_aes_256_ctr:
+               return FIPS_evp_aes_256_ctr();
+
+               case NID_aes_256_ecb:
+               return FIPS_evp_aes_256_ecb();
+
+               case NID_aes_256_gcm:
+               return FIPS_evp_aes_256_gcm();
+
+               case NID_aes_256_ofb128:
+               return FIPS_evp_aes_256_ofb();
+
+               case NID_aes_256_xts:
+               return FIPS_evp_aes_256_xts();
+
+               case NID_des_ede_ecb:
+               return FIPS_evp_des_ede();
+
+               case NID_des_ede3_ecb:
+               return FIPS_evp_des_ede3();
+
+               case NID_des_ede3_cbc:
+               return FIPS_evp_des_ede3_cbc();
+
+               case NID_des_ede3_cfb1:
+               return FIPS_evp_des_ede3_cfb1();
+
+               case NID_des_ede3_cfb64:
+               return FIPS_evp_des_ede3_cfb64();
+
+               case NID_des_ede3_cfb8:
+               return FIPS_evp_des_ede3_cfb8();
+
+               case NID_des_ede3_ofb64:
+               return FIPS_evp_des_ede3_ofb();
+
+               case NID_des_ede_cbc:
+               return FIPS_evp_des_ede_cbc();
+
+               case NID_des_ede_cfb64:
+               return FIPS_evp_des_ede_cfb64();
+
+               case NID_des_ede_ofb64:
+               return FIPS_evp_des_ede_ofb();
+
+               default:
+               return NULL;
+
+               }
+       }
+