PR: 2840
Reported by: David McCullough <david_mccullough@mcafee.com> Restore fips configuration module from 0.9.8.
This commit is contained in:
Dr. Stephen Henson
parent
f142a71c3d
commit
74d89b0d93
6 changed files with 20 additions and 5 deletions
|
|
@ -76,5 +76,6 @@ void OPENSSL_load_builtin_modules(void)
|
|||
#ifndef OPENSSL_NO_ENGINE
|
||||
ENGINE_add_conf_module();
|
||||
#endif
|
||||
EVP_add_alg_module();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ TESTDATA=evptests.txt
|
|||
APPS=
|
||||
|
||||
LIB=$(TOP)/libcrypto.a
|
||||
LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
|
||||
LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
|
||||
e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
|
||||
e_rc4.c e_aes.c names.c e_seed.c \
|
||||
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
|
||||
|
|
@ -31,7 +31,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
|
|||
e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
|
||||
e_aes_cbc_hmac_sha1.c e_rc4_hmac_md5.c
|
||||
|
||||
LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
|
||||
LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
|
||||
e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
|
||||
e_rc4.o e_aes.o names.o e_seed.o \
|
||||
e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
|
||||
|
|
|
|||
|
|
@ -1243,6 +1243,8 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
|
|||
int (*ctrl_str)(EVP_PKEY_CTX *ctx,
|
||||
const char *type, const char *value));
|
||||
|
||||
void EVP_add_alg_module(void);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
|
@ -1257,6 +1259,7 @@ void ERR_load_EVP_strings(void);
|
|||
#define EVP_F_AES_INIT_KEY 133
|
||||
#define EVP_F_AES_XTS 172
|
||||
#define EVP_F_AES_XTS_CIPHER 175
|
||||
#define EVP_F_ALG_MODULE_INIT 177
|
||||
#define EVP_F_CAMELLIA_INIT_KEY 159
|
||||
#define EVP_F_CMAC_INIT 173
|
||||
#define EVP_F_D2I_PKEY 100
|
||||
|
|
@ -1350,15 +1353,19 @@ void ERR_load_EVP_strings(void);
|
|||
#define EVP_R_DIFFERENT_PARAMETERS 153
|
||||
#define EVP_R_DISABLED_FOR_FIPS 163
|
||||
#define EVP_R_ENCODE_ERROR 115
|
||||
#define EVP_R_ERROR_LOADING_SECTION 165
|
||||
#define EVP_R_ERROR_SETTING_FIPS_MODE 166
|
||||
#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
|
||||
#define EVP_R_EXPECTING_AN_RSA_KEY 127
|
||||
#define EVP_R_EXPECTING_A_DH_KEY 128
|
||||
#define EVP_R_EXPECTING_A_DSA_KEY 129
|
||||
#define EVP_R_EXPECTING_A_ECDSA_KEY 141
|
||||
#define EVP_R_EXPECTING_A_EC_KEY 142
|
||||
#define EVP_R_FIPS_MODE_NOT_SUPPORTED 167
|
||||
#define EVP_R_INITIALIZATION_ERROR 134
|
||||
#define EVP_R_INPUT_NOT_INITIALIZED 111
|
||||
#define EVP_R_INVALID_DIGEST 152
|
||||
#define EVP_R_INVALID_FIPS_MODE 168
|
||||
#define EVP_R_INVALID_KEY_LENGTH 130
|
||||
#define EVP_R_INVALID_OPERATION 148
|
||||
#define EVP_R_IV_TOO_LARGE 102
|
||||
|
|
@ -1383,6 +1390,7 @@ void ERR_load_EVP_strings(void);
|
|||
#define EVP_R_TOO_LARGE 164
|
||||
#define EVP_R_UNKNOWN_CIPHER 160
|
||||
#define EVP_R_UNKNOWN_DIGEST 161
|
||||
#define EVP_R_UNKNOWN_OPTION 169
|
||||
#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
|
||||
#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
|
||||
#define EVP_R_UNSUPPORTED_ALGORITHM 156
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
/* crypto/evp/evp_err.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1999-2012 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
|
|
@ -75,6 +75,7 @@ static ERR_STRING_DATA EVP_str_functs[]=
|
|||
{ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
|
||||
{ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
|
||||
{ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
|
||||
{ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"},
|
||||
{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
|
||||
{ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
|
||||
{ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
|
||||
|
|
@ -171,15 +172,19 @@ static ERR_STRING_DATA EVP_str_reasons[]=
|
|||
{ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"},
|
||||
{ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"},
|
||||
{ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"},
|
||||
{ERR_REASON(EVP_R_ERROR_LOADING_SECTION) ,"error loading section"},
|
||||
{ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE),"error setting fips mode"},
|
||||
{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"},
|
||||
{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"},
|
||||
{ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"},
|
||||
{ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"},
|
||||
{ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"},
|
||||
{ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"},
|
||||
{ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED),"fips mode not supported"},
|
||||
{ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"},
|
||||
{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"},
|
||||
{ERR_REASON(EVP_R_INVALID_DIGEST) ,"invalid digest"},
|
||||
{ERR_REASON(EVP_R_INVALID_FIPS_MODE) ,"invalid fips mode"},
|
||||
{ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"},
|
||||
{ERR_REASON(EVP_R_INVALID_OPERATION) ,"invalid operation"},
|
||||
{ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"},
|
||||
|
|
@ -204,6 +209,7 @@ static ERR_STRING_DATA EVP_str_reasons[]=
|
|||
{ERR_REASON(EVP_R_TOO_LARGE) ,"too large"},
|
||||
{ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"},
|
||||
{ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"},
|
||||
{ERR_REASON(EVP_R_UNKNOWN_OPTION) ,"unknown option"},
|
||||
{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"},
|
||||
{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"},
|
||||
{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"},
|
||||
|
|
|
|||
|
|
@ -872,7 +872,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
|
|||
}
|
||||
skip_ext:
|
||||
|
||||
if (TLS1_get_client_version(s) >= TLS1_2_VERSION)
|
||||
if (TLS1_get_client_version(s) >= TLS1_2_VERSION && 0)
|
||||
{
|
||||
if ((size_t)(limit - ret) < sizeof(tls12_sigalgs) + 6)
|
||||
return NULL;
|
||||
|
|
|
|||
|
|
@ -3687,7 +3687,7 @@ FIPS_dh_new 4073 NOEXIST::FUNCTION:
|
|||
FIPS_corrupt_dsa_keygen 4074 NOEXIST::FUNCTION:
|
||||
FIPS_dh_free 4075 NOEXIST::FUNCTION:
|
||||
fips_pkey_signature_test 4076 NOEXIST::FUNCTION:
|
||||
EVP_add_alg_module 4077 NOEXIST::FUNCTION:
|
||||
EVP_add_alg_module 4077 EXIST::FUNCTION:
|
||||
int_RAND_init_engine_callbacks 4078 NOEXIST::FUNCTION:
|
||||
int_EVP_CIPHER_set_engine_callbacks 4079 NOEXIST::FUNCTION:
|
||||
int_EVP_MD_init_engine_callbacks 4080 NOEXIST::FUNCTION:
|
||||
|
|
|
|||
Loading…
Reference in a new issue