diff options
author | Jung-uk Kim <jkim@FreeBSD.org> | 2012-07-11 23:31:36 +0000 |
---|---|---|
committer | Jung-uk Kim <jkim@FreeBSD.org> | 2012-07-11 23:31:36 +0000 |
commit | 0758ab5ea778e4ba36d2150af1bba602a48d6467 (patch) | |
tree | 0c30591ac90cb5e07a0763793709fd1056b67f57 /crypto/ecdh/ech_lib.c | |
parent | 2b8b5455829304396e38200c205612c4dc57c052 (diff) | |
download | src-0758ab5ea778e4ba36d2150af1bba602a48d6467.tar.gz src-0758ab5ea778e4ba36d2150af1bba602a48d6467.zip |
Import OpenSSL 1.0.1c.vendor/openssl/1.0.1c
Approved by: benl (maintainer)
Notes
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=238384
svn path=/vendor-crypto/openssl/1.0.1c/; revision=238385; tag=vendor/openssl/1.0.1c
Diffstat (limited to 'crypto/ecdh/ech_lib.c')
-rw-r--r-- | crypto/ecdh/ech_lib.c | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c index bf2223477852..dadbfd3c49f5 100644 --- a/crypto/ecdh/ech_lib.c +++ b/crypto/ecdh/ech_lib.c @@ -73,6 +73,9 @@ #include <openssl/engine.h> #endif #include <openssl/err.h> +#ifdef OPENSSL_FIPS +#include <openssl/fips.h> +#endif const char ECDH_version[]="ECDH" OPENSSL_VERSION_PTEXT; @@ -90,7 +93,16 @@ void ECDH_set_default_method(const ECDH_METHOD *meth) const ECDH_METHOD *ECDH_get_default_method(void) { if(!default_ECDH_method) + { +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return FIPS_ecdh_openssl(); + else + return ECDH_OpenSSL(); +#else default_ECDH_method = ECDH_OpenSSL(); +#endif + } return default_ECDH_method; } @@ -103,6 +115,11 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth) if (ecdh == NULL) return 0; +#if 0 + mtmp = ecdh->meth; + if (mtmp->finish) + mtmp->finish(eckey); +#endif #ifndef OPENSSL_NO_ENGINE if (ecdh->engine) { @@ -210,6 +227,14 @@ ECDH_DATA *ecdh_check(EC_KEY *key) } else ecdh_data = (ECDH_DATA *)data; +#ifdef OPENSSL_FIPS + if (FIPS_mode() && !(ecdh_data->flags & ECDH_FLAG_FIPS_METHOD) + && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) + { + ECDHerr(ECDH_F_ECDH_CHECK, ECDH_R_NON_FIPS_METHOD); + return NULL; + } +#endif return ecdh_data; |