wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

pkcs12 FIPS changes.

Browse source
This commit is contained in:
Dr. Stephen Henson 2008-09-15 20:16:04 +00:00
parent 8ec86dcf04
commit 5d582fd516
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
crypto/pkcs12/p12_crt.c
View file

@ -59,6 +59,10 @@
#include <stdio.h> #include <stdio.h>
#include "cryptlib.h" #include "cryptlib.h"
#include <openssl/pkcs12.h> #include <openssl/pkcs12.h>
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
#endif
static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag); static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag);
@ -90,7 +94,14 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
/* Set defaults */ /* Set defaults */
if (!nid_cert) if (!nid_cert)
{
#ifdef OPENSSL_FIPS
if (FIPS_mode())
nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
else
#endif
nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
}
if (!nid_key) if (!nid_key)
nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
if (!iter) if (!iter)