[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Dr. Stephen Henson
steve at openssl.org
Tue Feb 16 22:54:42 UTC 2016
The branch OpenSSL_1_0_2-stable has been updated
via 866b282d1b288c2738318aac4360eba71b72d10f (commit)
from 24e6a0dba44a610d4c58239b715569316d473904 (commit)
- Log -----------------------------------------------------------------
commit 866b282d1b288c2738318aac4360eba71b72d10f
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Tue Feb 16 22:17:43 2016 +0000
Switch to FIPS implementation for CMAC.
Reviewed-by: Tim Hudson <tjh at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/cmac/cmac.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c
index 774e6dc..2954b6e 100644
--- a/crypto/cmac/cmac.c
+++ b/crypto/cmac/cmac.c
@@ -160,6 +160,14 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
EVPerr(EVP_F_CMAC_INIT, EVP_R_DISABLED_FOR_FIPS);
return 0;
}
+
+ /* Switch to FIPS cipher implementation if possible */
+ if (cipher != NULL) {
+ const EVP_CIPHER *fcipher;
+ fcipher = FIPS_get_cipherbynid(EVP_CIPHER_nid(cipher));
+ if (fcipher != NULL)
+ cipher = fcipher;
+ }
/*
* Other algorithm blocking will be done in FIPS_cmac_init, via
* FIPS_cipherinit().
More information about the openssl-commits
mailing list