diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-04-18 17:31:28 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-04-18 17:31:28 +0000 |
commit | 62dc7ed67c00a81801c7a3a7d37e54b2b7b04106 (patch) | |
tree | 487bf1793cbf3ef11efd978a7b4891f87cb52d3f /crypto/evp | |
parent | b3a45e7db53a71c17a214c60909a430daeff3ac1 (diff) |
Override flag for XTS length limit.
Diffstat (limited to 'crypto/evp')
-rw-r--r-- | crypto/evp/e_aes.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 9b2f2a7441..2d33837478 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -519,7 +519,8 @@ static int aes_xts(EVP_CIPHER_CTX *ctx, unsigned char *out, return -1; #ifdef OPENSSL_FIPS /* Requirement of SP800-38E */ - if (FIPS_mode() && len > (1L<<20)*16) + if (FIPS_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) && + (len > (1L<<20)*16)) { EVPerr(EVP_F_AES_XTS, EVP_R_TOO_LARGE); return -1; |