summaryrefslogtreecommitdiffstats
path: root/crypto/evp/enc_min.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/evp/enc_min.c')
-rw-r--r--crypto/evp/enc_min.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/crypto/evp/enc_min.c b/crypto/evp/enc_min.c
index b7b4d1cd48..0368e53236 100644
--- a/crypto/evp/enc_min.c
+++ b/crypto/evp/enc_min.c
@@ -199,6 +199,14 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
enc = 1;
ctx->encrypt = enc;
}
+#ifdef OPENSSL_NO_FIPS
+ if(FIPS_selftest_failed())
+ {
+ FIPSerr(FIPS_F_EVP_CIPHERINIT_EX,FIPS_R_FIPS_SELFTEST_FAILED);
+ ctx->cipher = &bad_cipher;
+ return 0;
+ }
+#endif
#ifndef OPENSSL_NO_ENGINE
/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
* so this context may already have an ENGINE! Try to avoid releasing
@@ -339,6 +347,9 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl)
{
+#ifdef OPENSSL_FIPS
+ FIPS_selftest_check();
+#endif
return ctx->cipher->do_cipher(ctx,out,in,inl);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-02 03:53:06 +0000