rpms / openssl098e

Clone
Source Code
GIT

Blame SOURCES/openssl-fips-0.9.8e-aescfb.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta
  1.   c92cf81146758bcd9a03cfbec97a254a566685ed
  2.   SOURCES
  3.   openssl-fips-0.9.8e-aescfb.patch
Blob History Raw
c4366c 
Add flag EVP_CIPH_FLAG_LENGTH_BITS to indicate that input buffer length
c4366c 
is in bits not bytes. The Monte Carlo FIPS140-2 CFB1 tests require this.
c4366c 
[Steve Henson]
c4366c
c4366c 
openssl/crypto/evp/evp.h     1.112.2.4.2.8 -> 1.112.2.4.2.9
c4366c
c4366c 
--- openssl/crypto/evp/evp.h 2007/12/14 01:15:44 1.112.2.4.2.8
c4366c 
+++ openssl/crypto/evp/evp.h 2007/12/26 19:04:57 1.112.2.4.2.9
c4366c 
@@ -378,6 +378,8 @@
c4366c 
 #define		EVP_CIPH_FLAG_NON_FIPS_ALLOW	0x800
c4366c 
 /* Allow use default ASN1 get/set iv */
c4366c 
 #define		EVP_CIPH_FLAG_DEFAULT_ASN1	0x1000
c4366c 
+/* Buffer length in bits not bytes: CFB1 mode only */
c4366c 
+#define		EVP_CIPH_FLAG_LENGTH_BITS	0x2000
c4366c
c4366c 
 /* ctrl() values */
c4366c
c4366c 
@@ -470,6 +472,7 @@
c4366c 
 #define M_EVP_MD_CTX_type(e)		M_EVP_MD_type(M_EVP_MD_CTX_md(e))
c4366c 
 #define M_EVP_MD_CTX_md(e)			((e)->digest)
c4366c
c4366c 
+#define M_EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
c4366c
c4366c 
 int EVP_MD_type(const EVP_MD *md);
c4366c 
 #define EVP_MD_nid(e)			EVP_MD_type(e)
c4366c
c4366c 
openssl/crypto/evp/evp_locl.h     1.10.2.1.2.3 -> 1.10.2.1.2.4
c4366c
c4366c 
--- openssl/crypto/evp/evp_locl.h 2007/07/08 19:20:48 1.10.2.1.2.3
c4366c 
+++ openssl/crypto/evp/evp_locl.h 2007/12/26 19:04:57 1.10.2.1.2.4
c4366c 
@@ -92,7 +92,7 @@
c4366c 
 #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
c4366c 
 static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
c4366c 
 {\
c4366c 
-	cprefix##_cfb##cbits##_encrypt(in, out, (long)(cbits==1?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
c4366c 
+	cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
c4366c 
 	return 1;\
c4366c 
 }
c4366c
c4366c
c4366c 
openssl/fips/aes/fips_aesavs.c     1.1.4.3 -> 1.1.4.4
c4366c
c4366c 
--- openssl/fips/aes/fips_aesavs.c 2007/09/21 18:00:23 1.1.4.3
c4366c 
+++ openssl/fips/aes/fips_aesavs.c 2007/12/26 19:04:58 1.1.4.4
c4366c 
@@ -212,6 +212,8 @@
c4366c 
 	}
c4366c 
     if (EVP_CipherInit_ex(ctx, cipher, NULL, aKey, iVec, dir) <= 0)
c4366c 
 	return 0;
c4366c 
+    if(!strcasecmp(amode,"CFB1"))
c4366c 
+	M_EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS);
c4366c 
     if (dir)
c4366c 
 		EVP_Cipher(ctx, ciphertext, plaintext, len);
c4366c 
 	else
c4366c 
@@ -377,9 +379,11 @@
c4366c 
 	    case CFB1:
c4366c 
 		if(j == 0)
c4366c 
 		    {
c4366c 
+#if 0
c4366c 
 		    /* compensate for wrong endianness of input file */
c4366c 
 		    if(i == 0)
c4366c 
 			ptext[0][0]<<=7;
c4366c 
+#endif
c4366c 
 		    ret = AESTest(&ctx,amode,akeysz,key[i],iv[i],dir,
c4366c 
 				ptext[j], ctext[j], len);
c4366c 
 		    }

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation