/[smeserver]/rpms/openssl/sme8/openssl-fips-0.9.8e-evp-nonfips.patch
ViewVC logotype

Contents of /rpms/openssl/sme8/openssl-fips-0.9.8e-evp-nonfips.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Tue Feb 18 03:03:10 2014 UTC (10 years, 9 months ago) by wellsi
Branch: MAIN
CVS Tags: openssl-0_9_8e-28_el5_sme, openssl-0_9_8e-33_1_el5_sme, openssl-0_9_8e-32_1_el5_sme, openssl-0_9_8e-27_1_el5_sme, openssl-0_9_8e-27_el5_10_1, openssl-0_9_8e-31_1_el5_sme, HEAD
Branch point for: upstream
Initial import

1 diff -up openssl-fips-0.9.8e/crypto/engine/eng_all.c.nonfips openssl-fips-0.9.8e/crypto/engine/eng_all.c
2 --- openssl-fips-0.9.8e/crypto/engine/eng_all.c.nonfips 2009-04-15 14:26:12.000000000 +0200
3 +++ openssl-fips-0.9.8e/crypto/engine/eng_all.c 2009-04-15 14:24:20.000000000 +0200
4 @@ -58,9 +58,23 @@
5
6 #include "cryptlib.h"
7 #include "eng_int.h"
8 +#ifdef OPENSSL_FIPS
9 +#include <openssl/fips.h>
10 +#endif
11
12 void ENGINE_load_builtin_engines(void)
13 {
14 +#ifdef OPENSSL_FIPS
15 + OPENSSL_init();
16 + if (FIPS_mode()) {
17 + /* We allow loading dynamic engine as a third party
18 + engine might be FIPS validated.
19 + User is disallowed to load non-validated engines
20 + by security policy. */
21 + ENGINE_load_dynamic();
22 + return;
23 + }
24 +#endif
25 /* There's no longer any need for an "openssl" ENGINE unless, one day,
26 * it is the *only* way for standard builtin implementations to be be
27 * accessed (ie. it would be possible to statically link binaries with
28 diff -up openssl-fips-0.9.8e/crypto/evp/c_allc.c.nonfips openssl-fips-0.9.8e/crypto/evp/c_allc.c
29 --- openssl-fips-0.9.8e/crypto/evp/c_allc.c.nonfips 2007-04-24 13:30:34.000000000 +0200
30 +++ openssl-fips-0.9.8e/crypto/evp/c_allc.c 2009-04-15 13:48:51.000000000 +0200
31 @@ -65,6 +65,11 @@
32 void OpenSSL_add_all_ciphers(void)
33 {
34
35 +#ifdef OPENSSL_FIPS
36 + OPENSSL_init();
37 + if(!FIPS_mode())
38 + {
39 +#endif
40 #ifndef OPENSSL_NO_DES
41 EVP_add_cipher(EVP_des_cfb());
42 EVP_add_cipher(EVP_des_cfb1());
43 @@ -219,6 +224,63 @@ void OpenSSL_add_all_ciphers(void)
44 EVP_add_cipher_alias(SN_camellia_256_cbc,"CAMELLIA256");
45 EVP_add_cipher_alias(SN_camellia_256_cbc,"camellia256");
46 #endif
47 +#ifdef OPENSSL_FIPS
48 + }
49 + else
50 + {
51 +#ifndef OPENSSL_NO_DES
52 + EVP_add_cipher(EVP_des_ede_cfb());
53 + EVP_add_cipher(EVP_des_ede3_cfb());
54 +
55 + EVP_add_cipher(EVP_des_ede_ofb());
56 + EVP_add_cipher(EVP_des_ede3_ofb());
57 +
58 + EVP_add_cipher(EVP_des_ede_cbc());
59 + EVP_add_cipher(EVP_des_ede3_cbc());
60 + EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3");
61 + EVP_add_cipher_alias(SN_des_ede3_cbc,"des3");
62 +
63 + EVP_add_cipher(EVP_des_ede());
64 + EVP_add_cipher(EVP_des_ede3());
65 +#endif
66 +
67 +#ifndef OPENSSL_NO_AES
68 + EVP_add_cipher(EVP_aes_128_ecb());
69 + EVP_add_cipher(EVP_aes_128_cbc());
70 + EVP_add_cipher(EVP_aes_128_cfb());
71 + EVP_add_cipher(EVP_aes_128_cfb1());
72 + EVP_add_cipher(EVP_aes_128_cfb8());
73 + EVP_add_cipher(EVP_aes_128_ofb());
74 +#if 0
75 + EVP_add_cipher(EVP_aes_128_ctr());
76 +#endif
77 + EVP_add_cipher_alias(SN_aes_128_cbc,"AES128");
78 + EVP_add_cipher_alias(SN_aes_128_cbc,"aes128");
79 + EVP_add_cipher(EVP_aes_192_ecb());
80 + EVP_add_cipher(EVP_aes_192_cbc());
81 + EVP_add_cipher(EVP_aes_192_cfb());
82 + EVP_add_cipher(EVP_aes_192_cfb1());
83 + EVP_add_cipher(EVP_aes_192_cfb8());
84 + EVP_add_cipher(EVP_aes_192_ofb());
85 +#if 0
86 + EVP_add_cipher(EVP_aes_192_ctr());
87 +#endif
88 + EVP_add_cipher_alias(SN_aes_192_cbc,"AES192");
89 + EVP_add_cipher_alias(SN_aes_192_cbc,"aes192");
90 + EVP_add_cipher(EVP_aes_256_ecb());
91 + EVP_add_cipher(EVP_aes_256_cbc());
92 + EVP_add_cipher(EVP_aes_256_cfb());
93 + EVP_add_cipher(EVP_aes_256_cfb1());
94 + EVP_add_cipher(EVP_aes_256_cfb8());
95 + EVP_add_cipher(EVP_aes_256_ofb());
96 +#if 0
97 + EVP_add_cipher(EVP_aes_256_ctr());
98 +#endif
99 + EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
100 + EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
101 +#endif
102 + }
103 +#endif
104
105 PKCS12_PBE_add();
106 PKCS5_PBE_add();
107 diff -up openssl-fips-0.9.8e/crypto/evp/c_alld.c.nonfips openssl-fips-0.9.8e/crypto/evp/c_alld.c
108 --- openssl-fips-0.9.8e/crypto/evp/c_alld.c.nonfips 2005-04-30 23:51:40.000000000 +0200
109 +++ openssl-fips-0.9.8e/crypto/evp/c_alld.c 2009-04-15 13:48:51.000000000 +0200
110 @@ -64,6 +64,11 @@
111
112 void OpenSSL_add_all_digests(void)
113 {
114 +#ifdef OPENSSL_FIPS
115 + OPENSSL_init();
116 + if (!FIPS_mode())
117 + {
118 +#endif
119 #ifndef OPENSSL_NO_MD2
120 EVP_add_digest(EVP_md2());
121 #endif
122 @@ -111,4 +116,32 @@ void OpenSSL_add_all_digests(void)
123 EVP_add_digest(EVP_sha384());
124 EVP_add_digest(EVP_sha512());
125 #endif
126 +#ifdef OPENSSL_FIPS
127 + }
128 + else
129 + {
130 +#ifndef OPENSSL_NO_SHA
131 + EVP_add_digest(EVP_sha1());
132 + EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
133 + EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
134 +#ifndef OPENSSL_NO_DSA
135 + EVP_add_digest(EVP_dss1());
136 + EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
137 + EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
138 + EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
139 +#endif
140 +#ifndef OPENSSL_NO_ECDSA
141 + EVP_add_digest(EVP_ecdsa());
142 +#endif
143 +#endif
144 +#ifndef OPENSSL_NO_SHA256
145 + EVP_add_digest(EVP_sha224());
146 + EVP_add_digest(EVP_sha256());
147 +#endif
148 +#ifndef OPENSSL_NO_SHA512
149 + EVP_add_digest(EVP_sha384());
150 + EVP_add_digest(EVP_sha512());
151 +#endif
152 + }
153 +#endif
154 }

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed