Add FIPS flags to AES ciphers and SHA* digests. (14567b14) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/evp/e_aes.c

+9 −6

Original line number	Diff line number	Diff line
		@@ -119,7 +119,7 @@ static int aes_counter (EVP_CIPHER_CTX ctx, unsigned char out,
		static const EVP_CIPHER aes_128_ctr_cipher=
		{
		NID_aes_128_ctr,1,16,16,
		EVP_CIPH_CTR_MODE,
		EVP_CIPH_CTR_MODE\|EVP_CIPH_FLAG_FIPS,
		aes_init_key,
		aes_counter,
		NULL,
		@@ -136,7 +136,7 @@ const EVP_CIPHER *EVP_aes_128_ctr (void)
		static const EVP_CIPHER aes_192_ctr_cipher=
		{
		NID_aes_192_ctr,1,24,16,
		EVP_CIPH_CTR_MODE,
		EVP_CIPH_CTR_MODE\|EVP_CIPH_FLAG_FIPS,
		aes_init_key,
		aes_counter,
		NULL,
		@@ -153,7 +153,7 @@ const EVP_CIPHER *EVP_aes_192_ctr (void)
		static const EVP_CIPHER aes_256_ctr_cipher=
		{
		NID_aes_256_ctr,1,32,16,
		EVP_CIPH_CTR_MODE,
		EVP_CIPH_CTR_MODE\|EVP_CIPH_FLAG_FIPS,
		aes_init_key,
		aes_counter,
		NULL,
		@@ -415,7 +415,8 @@ static const EVP_CIPHER aes_128_gcm_cipher=
		NID_aes_128_gcm,1,16,12,
		EVP_CIPH_GCM_MODE\|EVP_CIPH_FLAG_FIPS\|EVP_CIPH_FLAG_DEFAULT_ASN1
		\| EVP_CIPH_CUSTOM_IV \| EVP_CIPH_FLAG_CUSTOM_CIPHER
		\| EVP_CIPH_ALWAYS_CALL_INIT \| EVP_CIPH_CTRL_INIT,
		\| EVP_CIPH_ALWAYS_CALL_INIT \| EVP_CIPH_CTRL_INIT
		\| EVP_CIPH_FLAG_FIPS,
		aes_gcm_init_key,
		aes_gcm,
		aes_gcm_cleanup,
		@@ -434,7 +435,8 @@ static const EVP_CIPHER aes_192_gcm_cipher=
		NID_aes_128_gcm,1,24,12,
		EVP_CIPH_GCM_MODE\|EVP_CIPH_FLAG_FIPS\|EVP_CIPH_FLAG_DEFAULT_ASN1
		\| EVP_CIPH_CUSTOM_IV \| EVP_CIPH_FLAG_CUSTOM_CIPHER
		\| EVP_CIPH_ALWAYS_CALL_INIT \| EVP_CIPH_CTRL_INIT,
		\| EVP_CIPH_ALWAYS_CALL_INIT \| EVP_CIPH_CTRL_INIT
		\| EVP_CIPH_FLAG_FIPS,
		aes_gcm_init_key,
		aes_gcm,
		aes_gcm_cleanup,
		@@ -453,7 +455,8 @@ static const EVP_CIPHER aes_256_gcm_cipher=
		NID_aes_128_gcm,1,32,12,
		EVP_CIPH_GCM_MODE\|EVP_CIPH_FLAG_FIPS\|EVP_CIPH_FLAG_DEFAULT_ASN1
		\| EVP_CIPH_CUSTOM_IV \| EVP_CIPH_FLAG_CUSTOM_CIPHER
		\| EVP_CIPH_ALWAYS_CALL_INIT \| EVP_CIPH_CTRL_INIT,
		\| EVP_CIPH_ALWAYS_CALL_INIT \| EVP_CIPH_CTRL_INIT
		\| EVP_CIPH_FLAG_FIPS,
		aes_gcm_init_key,
		aes_gcm,
		aes_gcm_cleanup,

crypto/evp/m_sha1.c

+5 −5

Original line number	Diff line number	Diff line
		@@ -87,7 +87,7 @@ static const EVP_MD sha1_md=
		NID_sha1,
		NID_sha1WithRSAEncryption,
		SHA_DIGEST_LENGTH,
		EVP_MD_FLAG_PKEY_METHOD_SIGNATURE\|EVP_MD_FLAG_DIGALGID_ABSENT,
		EVP_MD_FLAG_PKEY_METHOD_SIGNATURE\|EVP_MD_FLAG_DIGALGID_ABSENT\|EVP_MD_FLAG_FIPS,
		init,
		update,
		final,
		@@ -124,7 +124,7 @@ static const EVP_MD sha224_md=
		NID_sha224,
		NID_sha224WithRSAEncryption,
		SHA224_DIGEST_LENGTH,
		EVP_MD_FLAG_PKEY_METHOD_SIGNATURE\|EVP_MD_FLAG_DIGALGID_ABSENT,
		EVP_MD_FLAG_PKEY_METHOD_SIGNATURE\|EVP_MD_FLAG_DIGALGID_ABSENT\|EVP_MD_FLAG_FIPS,
		init224,
		update256,
		final256,
		@@ -143,7 +143,7 @@ static const EVP_MD sha256_md=
		NID_sha256,
		NID_sha256WithRSAEncryption,
		SHA256_DIGEST_LENGTH,
		EVP_MD_FLAG_PKEY_METHOD_SIGNATURE\|EVP_MD_FLAG_DIGALGID_ABSENT,
		EVP_MD_FLAG_PKEY_METHOD_SIGNATURE\|EVP_MD_FLAG_DIGALGID_ABSENT\|EVP_MD_FLAG_FIPS,
		init256,
		update256,
		final256,
		@@ -174,7 +174,7 @@ static const EVP_MD sha384_md=
		NID_sha384,
		NID_sha384WithRSAEncryption,
		SHA384_DIGEST_LENGTH,
		EVP_MD_FLAG_PKEY_METHOD_SIGNATURE\|EVP_MD_FLAG_DIGALGID_ABSENT,
		EVP_MD_FLAG_PKEY_METHOD_SIGNATURE\|EVP_MD_FLAG_DIGALGID_ABSENT\|EVP_MD_FLAG_FIPS,
		init384,
		update512,
		final512,
		@@ -193,7 +193,7 @@ static const EVP_MD sha512_md=
		NID_sha512,
		NID_sha512WithRSAEncryption,
		SHA512_DIGEST_LENGTH,
		EVP_MD_FLAG_PKEY_METHOD_SIGNATURE\|EVP_MD_FLAG_DIGALGID_ABSENT,
		EVP_MD_FLAG_PKEY_METHOD_SIGNATURE\|EVP_MD_FLAG_DIGALGID_ABSENT\|EVP_MD_FLAG_FIPS,
		init512,
		update512,
		final512,