wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Override flag for XTS length limit.

Browse source
This commit is contained in:
Dr. Stephen Henson 2011-04-18 17:31:28 +00:00
parent b3a45e7db5
commit 62dc7ed67c
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
crypto/evp/e_aes.c
View file

@ -519,7 +519,8 @@ static int aes_xts(EVP_CIPHER_CTX *ctx, unsigned char *out,
return -1;
#ifdef OPENSSL_FIPS
/* Requirement of SP800-38E */
if (FIPS_mode() && len > (1L<<20)*16)
if (FIPS_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
(len > (1L<<20)*16))
{
EVPerr(EVP_F_AES_XTS, EVP_R_TOO_LARGE);
return -1;