|
 |
bf760f |
From 5b2ec9a54037d7b007324bf53e067e73511cdfe4 Mon Sep 17 00:00:00 2001
|
|
|
bf760f |
From: Tomas Mraz <tmraz@fedoraproject.org>
|
|
|
bf760f |
Date: Thu, 26 Nov 2020 14:00:16 +0100
|
|
|
bf760f |
Subject: Add FIPS_mode() compatibility macro
|
|
|
bf760f |
|
|
|
bf760f |
The macro calls EVP_default_properties_is_fips_enabled() on the
|
|
|
bf760f |
default context.
|
|
|
bf760f |
---
|
|
|
bf760f |
include/openssl/crypto.h.in | 1 +
|
|
|
bf760f |
include/openssl/fips.h | 25 +++++++++++++++++++++++++
|
|
|
bf760f |
test/property_test.c | 13 +++++++++++++
|
|
|
bf760f |
3 files changed, 39 insertions(+)
|
|
|
bf760f |
create mode 100644 include/openssl/fips.h
|
|
|
bf760f |
|
|
|
bf760f |
diff --git a/include/openssl/fips.h b/include/openssl/fips.h
|
|
|
bf760f |
new file mode 100644
|
|
|
bf760f |
index 0000000000..c64f0f8e8f
|
|
|
bf760f |
--- /dev/null
|
|
|
bf760f |
+++ b/include/openssl/fips.h
|
|
|
d8c783 |
@@ -0,0 +1,26 @@
|
|
|
bf760f |
+/*
|
|
|
bf760f |
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
bf760f |
+ *
|
|
|
bf760f |
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
|
bf760f |
+ * this file except in compliance with the License. You can obtain a copy
|
|
|
bf760f |
+ * in the file LICENSE in the source distribution or at
|
|
|
bf760f |
+ * https://www.openssl.org/source/license.html
|
|
|
bf760f |
+ */
|
|
|
bf760f |
+
|
|
|
bf760f |
+#ifndef OPENSSL_FIPS_H
|
|
|
bf760f |
+# define OPENSSL_FIPS_H
|
|
|
bf760f |
+# pragma once
|
|
|
bf760f |
+
|
|
|
d8c783 |
+# include <openssl/evp.h>
|
|
|
bf760f |
+# include <openssl/macros.h>
|
|
|
bf760f |
+
|
|
|
bf760f |
+# ifdef __cplusplus
|
|
|
bf760f |
+extern "C" {
|
|
|
bf760f |
+# endif
|
|
|
bf760f |
+
|
|
|
bf760f |
+# define FIPS_mode() EVP_default_properties_is_fips_enabled(NULL)
|
|
|
bf760f |
+
|
|
|
bf760f |
+# ifdef __cplusplus
|
|
|
bf760f |
+}
|
|
|
bf760f |
+# endif
|
|
|
bf760f |
+#endif
|
|
|
bf760f |
diff -up openssl-3.0.0-beta1/test/property_test.c.fips-macro openssl-3.0.0-beta1/test/property_test.c
|
|
|
bf760f |
--- openssl-3.0.0-beta1/test/property_test.c.fips-macro 2021-06-29 12:14:58.851557698 +0200
|
|
|
bf760f |
+++ openssl-3.0.0-beta1/test/property_test.c 2021-06-29 12:17:14.630143832 +0200
|
|
|
d8c783 |
@@ -488,6 +488,19 @@ static int test_property_list_to_string(
|
|
|
bf760f |
return ret;
|
|
|
bf760f |
}
|
|
|
d8c783 |
|
|
|
d8c783 |
+#include <openssl/fips.h>
|
|
|
bf760f |
+static int test_downstream_FIPS_mode(void)
|
|
|
bf760f |
+{
|
|
|
bf760f |
+ int ret = 0;
|
|
|
bf760f |
+
|
|
|
bf760f |
+ ret = TEST_true(EVP_set_default_properties(NULL, "fips=yes"))
|
|
|
bf760f |
+ && TEST_true(FIPS_mode())
|
|
|
bf760f |
+ && TEST_true(EVP_set_default_properties(NULL, "fips=no"))
|
|
|
bf760f |
+ && TEST_false(FIPS_mode());
|
|
|
bf760f |
+
|
|
|
bf760f |
+ return ret;
|
|
|
bf760f |
+}
|
|
|
bf760f |
+
|
|
|
bf760f |
int setup_tests(void)
|
|
|
bf760f |
{
|
|
|
bf760f |
ADD_TEST(test_property_string);
|
|
|
bf760f |
@@ -500,6 +512,7 @@ int setup_tests(void)
|
|
|
bf760f |
ADD_TEST(test_property);
|
|
|
bf760f |
ADD_TEST(test_query_cache_stochastic);
|
|
|
bf760f |
ADD_TEST(test_fips_mode);
|
|
|
bf760f |
+ ADD_TEST(test_downstream_FIPS_mode);
|
|
|
bf760f |
ADD_ALL_TESTS(test_property_list_to_string, OSSL_NELEM(to_string_tests));
|
|
|
bf760f |
return 1;
|
|
|
bf760f |
}
|