diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-06-01 16:54:06 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-06-01 16:54:06 +0000 |
commit | 916bcab28eab0752765d05dd8767ef7ad8b47485 (patch) | |
tree | 369f967632324c7636396102679970571d0adfa1 /crypto/rc2 | |
parent | c7373c3dee87f3bebb67b4bff03c30356fafd09d (diff) |
Prohibit low level cipher APIs in FIPS mode.
Not complete: ciphers with assembly language key setup are not
covered yet.
Diffstat (limited to 'crypto/rc2')
-rw-r--r-- | crypto/rc2/rc2.h | 4 | ||||
-rw-r--r-- | crypto/rc2/rc2_skey.c | 8 |
2 files changed, 11 insertions, 1 deletions
diff --git a/crypto/rc2/rc2.h b/crypto/rc2/rc2.h index 34c8362317..e542ec94ff 100644 --- a/crypto/rc2/rc2.h +++ b/crypto/rc2/rc2.h @@ -79,7 +79,9 @@ typedef struct rc2_key_st RC2_INT data[64]; } RC2_KEY; - +#ifdef OPENSSL_FIPS +void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); +#endif void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, int enc); diff --git a/crypto/rc2/rc2_skey.c b/crypto/rc2/rc2_skey.c index 0150b0e035..6668ac011f 100644 --- a/crypto/rc2/rc2_skey.c +++ b/crypto/rc2/rc2_skey.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include <openssl/crypto.h> #include <openssl/rc2.h> #include "rc2_locl.h" @@ -95,6 +96,13 @@ static const unsigned char key_table[256]={ * the same as specifying 1024 for the 'bits' parameter. Bsafe uses * a version where the bits parameter is the same as len*8 */ void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) +#ifdef OPENSSL_FIPS + { + fips_cipher_abort(RC2); + private_RC2_set_key(key, len, data, bits); + } +void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) +#endif { int i,j; unsigned char *k; |