PR: 2840
authorDr. Stephen Henson <steve@openssl.org>
Tue, 3 Jul 2012 20:30:40 +0000 (20:30 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 3 Jul 2012 20:30:40 +0000 (20:30 +0000)
Reported by: David McCullough <david_mccullough@mcafee.com>

Restore fips configuration module from 0.9.8.

crypto/conf/conf_mall.c
crypto/evp/Makefile
crypto/evp/evp.h
crypto/evp/evp_err.c
util/libeay.num

index c6f4cb2..213890e 100644 (file)
@@ -76,5 +76,6 @@ void OPENSSL_load_builtin_modules(void)
 #ifndef OPENSSL_NO_ENGINE
        ENGINE_add_conf_module();
 #endif
+       EVP_add_alg_module();
        }
 
index 90d6dbd..216aa94 100644 (file)
@@ -18,7 +18,7 @@ TESTDATA=evptests.txt
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
+LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
        e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
        e_rc4.c e_aes.c names.c e_seed.c \
        e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
@@ -31,7 +31,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
        e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
        e_aes_cbc_hmac_sha1.c e_rc4_hmac_md5.c
 
-LIBOBJ=        encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
+LIBOBJ=        encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
        e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
        e_rc4.o e_aes.o names.o e_seed.o \
        e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
index 7f57e6a..c30d06a 100644 (file)
@@ -1271,6 +1271,8 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
        int (*ctrl_str)(EVP_PKEY_CTX *ctx,
                                        const char *type, const char *value));
 
+void EVP_add_alg_module(void);
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -1285,6 +1287,7 @@ void ERR_load_EVP_strings(void);
 #define EVP_F_AES_INIT_KEY                              133
 #define EVP_F_AES_XTS                                   172
 #define EVP_F_AES_XTS_CIPHER                            175
+#define EVP_F_ALG_MODULE_INIT                           177
 #define EVP_F_CAMELLIA_INIT_KEY                                 159
 #define EVP_F_CMAC_INIT                                         173
 #define EVP_F_D2I_PKEY                                  100
@@ -1378,15 +1381,19 @@ void ERR_load_EVP_strings(void);
 #define EVP_R_DIFFERENT_PARAMETERS                      153
 #define EVP_R_DISABLED_FOR_FIPS                                 163
 #define EVP_R_ENCODE_ERROR                              115
+#define EVP_R_ERROR_LOADING_SECTION                     165
+#define EVP_R_ERROR_SETTING_FIPS_MODE                   166
 #define EVP_R_EVP_PBE_CIPHERINIT_ERROR                  119
 #define EVP_R_EXPECTING_AN_RSA_KEY                      127
 #define EVP_R_EXPECTING_A_DH_KEY                        128
 #define EVP_R_EXPECTING_A_DSA_KEY                       129
 #define EVP_R_EXPECTING_A_ECDSA_KEY                     141
 #define EVP_R_EXPECTING_A_EC_KEY                        142
+#define EVP_R_FIPS_MODE_NOT_SUPPORTED                   167
 #define EVP_R_INITIALIZATION_ERROR                      134
 #define EVP_R_INPUT_NOT_INITIALIZED                     111
 #define EVP_R_INVALID_DIGEST                            152
+#define EVP_R_INVALID_FIPS_MODE                                 168
 #define EVP_R_INVALID_KEY_LENGTH                        130
 #define EVP_R_INVALID_OPERATION                                 148
 #define EVP_R_IV_TOO_LARGE                              102
@@ -1411,6 +1418,7 @@ void ERR_load_EVP_strings(void);
 #define EVP_R_TOO_LARGE                                         164
 #define EVP_R_UNKNOWN_CIPHER                            160
 #define EVP_R_UNKNOWN_DIGEST                            161
+#define EVP_R_UNKNOWN_OPTION                            169
 #define EVP_R_UNKNOWN_PBE_ALGORITHM                     121
 #define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS               135
 #define EVP_R_UNSUPPORTED_ALGORITHM                     156
index ddac5df..ab099f9 100644 (file)
@@ -75,7 +75,9 @@ static ERR_STRING_DATA EVP_str_functs[]=
 {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
 {ERR_FUNC(EVP_F_AES_XTS),      "AES_XTS"},
 {ERR_FUNC(EVP_F_AES_XTS_CIPHER),       "AES_XTS_CIPHER"},
+{ERR_FUNC(EVP_F_ALG_MODULE_INIT),      "ALG_MODULE_INIT"},
 {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY),    "CAMELLIA_INIT_KEY"},
+{ERR_FUNC(EVP_F_CMAC_INIT),    "CMAC_INIT"},
 {ERR_FUNC(EVP_F_D2I_PKEY),     "D2I_PKEY"},
 {ERR_FUNC(EVP_F_DO_SIGVER_INIT),       "DO_SIGVER_INIT"},
 {ERR_FUNC(EVP_F_DSAPKEY2PKCS8),        "DSAPKEY2PKCS8"},
@@ -136,6 +138,7 @@ static ERR_STRING_DATA EVP_str_functs[]=
 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH),       "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
 {ERR_FUNC(EVP_F_FIPS_DIGESTINIT),      "FIPS_digestinit"},
 {ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY),     "FIPS_MD_CTX_COPY"},
+{ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
 {ERR_FUNC(EVP_F_INT_CTX_NEW),  "INT_CTX_NEW"},
 {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN),   "PKCS5_PBE_keyivgen"},
 {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN),        "PKCS5_v2_PBE_keyivgen"},
@@ -169,15 +172,19 @@ static ERR_STRING_DATA EVP_str_reasons[]=
 {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS)  ,"different parameters"},
 {ERR_REASON(EVP_R_DISABLED_FOR_FIPS)     ,"disabled for fips"},
 {ERR_REASON(EVP_R_ENCODE_ERROR)          ,"encode error"},
+{ERR_REASON(EVP_R_ERROR_LOADING_SECTION) ,"error loading section"},
+{ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE),"error setting fips mode"},
 {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"},
 {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY)  ,"expecting an rsa key"},
 {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY)    ,"expecting a dh key"},
 {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY)   ,"expecting a dsa key"},
 {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"},
 {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY)    ,"expecting a ec key"},
+{ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED),"fips mode not supported"},
 {ERR_REASON(EVP_R_INITIALIZATION_ERROR)  ,"initialization error"},
 {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"},
 {ERR_REASON(EVP_R_INVALID_DIGEST)        ,"invalid digest"},
+{ERR_REASON(EVP_R_INVALID_FIPS_MODE)     ,"invalid fips mode"},
 {ERR_REASON(EVP_R_INVALID_KEY_LENGTH)    ,"invalid key length"},
 {ERR_REASON(EVP_R_INVALID_OPERATION)     ,"invalid operation"},
 {ERR_REASON(EVP_R_IV_TOO_LARGE)          ,"iv too large"},
@@ -202,6 +209,7 @@ static ERR_STRING_DATA EVP_str_reasons[]=
 {ERR_REASON(EVP_R_TOO_LARGE)             ,"too large"},
 {ERR_REASON(EVP_R_UNKNOWN_CIPHER)        ,"unknown cipher"},
 {ERR_REASON(EVP_R_UNKNOWN_DIGEST)        ,"unknown digest"},
+{ERR_REASON(EVP_R_UNKNOWN_OPTION)        ,"unknown option"},
 {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"},
 {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"},
 {ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"},
index 3f81a91..397a686 100755 (executable)
@@ -3687,7 +3687,7 @@ FIPS_dh_new                             4073      EXIST:OPENSSL_FIPS:FUNCTION:DH
 FIPS_corrupt_dsa_keygen                 4074   NOEXIST::FUNCTION:
 FIPS_dh_free                            4075   EXIST:OPENSSL_FIPS:FUNCTION:DH
 fips_pkey_signature_test                4076   EXIST:OPENSSL_FIPS:FUNCTION:
-EVP_add_alg_module                      4077   NOEXIST::FUNCTION:
+EVP_add_alg_module                      4077   EXIST::FUNCTION:
 int_RAND_init_engine_callbacks          4078   NOEXIST::FUNCTION:
 int_EVP_CIPHER_set_engine_callbacks     4079   NOEXIST::FUNCTION:
 int_EVP_MD_init_engine_callbacks        4080   NOEXIST::FUNCTION: