diff options
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/dsa/dsa_key.c | 3 | ||||
| -rw-r--r-- | crypto/ec/ec_key.c | 3 | ||||
| -rw-r--r-- | crypto/evp/evp.h | 1 | ||||
| -rw-r--r-- | crypto/rsa/rsa_gen.c | 6 |
4 files changed, 8 insertions, 5 deletions
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c index fa4fb09c31..39cf6b790d 100644 --- a/crypto/dsa/dsa_key.c +++ b/crypto/dsa/dsa_key.c @@ -85,7 +85,8 @@ static int fips_check_dsa(DSA *dsa) pk.type = EVP_PKEY_DSA; pk.pkey.dsa = dsa; - if (!fips_pkey_signature_test(&pk, tbs, -1, NULL, 0, NULL, 0, NULL)) + if (!fips_pkey_signature_test(FIPS_TEST_PAIRWISE, + &pk, tbs, -1, NULL, 0, NULL, 0, NULL)) { FIPSerr(FIPS_F_FIPS_CHECK_DSA,FIPS_R_PAIRWISE_TEST_FAILED); fips_set_selftest_fail(); diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index 1615ec8a5a..1f048948e2 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -250,7 +250,8 @@ static int fips_check_ec(EC_KEY *key) pk.type = EVP_PKEY_EC; pk.pkey.ec = key; - if (!fips_pkey_signature_test(&pk, tbs, -1, NULL, 0, NULL, 0, NULL)) + if (!fips_pkey_signature_test(FIPS_TEST_PAIRWISE, + &pk, tbs, -1, NULL, 0, NULL, 0, NULL)) { FIPSerr(FIPS_F_FIPS_CHECK_EC,FIPS_R_PAIRWISE_TEST_FAILED); fips_set_selftest_fail(); diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index d51e0d3403..b4c8675043 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -460,6 +460,7 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, #define M_EVP_MD_CTX_type(e) M_EVP_MD_type(M_EVP_MD_CTX_md(e)) #define M_EVP_MD_CTX_md(e) ((e)->digest) +#define M_EVP_CIPHER_nid(e) ((e)->nid) #define M_EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len) #define M_EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags) #define M_EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size) diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index 7bef5dd6bf..977e461ef0 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -93,11 +93,11 @@ int fips_check_rsa(RSA *rsa) pk.pkey.rsa = rsa; /* Perform pairwise consistency signature test */ - if (!fips_pkey_signature_test(&pk, tbs, -1, + if (!fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, -1, NULL, 0, NULL, RSA_PKCS1_PADDING, NULL) - || !fips_pkey_signature_test(&pk, tbs, -1, + || !fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, -1, NULL, 0, NULL, RSA_X931_PADDING, NULL) - || !fips_pkey_signature_test(&pk, tbs, -1, + || !fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, -1, NULL, 0, NULL, RSA_PKCS1_PSS_PADDING, NULL)) goto err; /* Now perform pairwise consistency encrypt/decrypt test */ |