1 files changed, 119 insertions, 0 deletions
diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c
index fe4402389a..60da93873c 100644
--- a/src/lib/libcrypto/evp/m_sha1.c
+++ b/src/lib/libcrypto/evp/m_sha1.c
@@ -67,7 +67,14 @@ static int init(EVP_MD_CTX *ctx)
        { return SHA1_Init(ctx->md_data); }
 static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+#ifndef OPENSSL_FIPS
        { return SHA1_Update(ctx->md_data,data,count); }
+#else
+        {
+        OPENSSL_assert(sizeof(count)<=sizeof(size_t));
+        return SHA1_Update(ctx->md_data,data,count);
+        }
+#endif
 static int final(EVP_MD_CTX *ctx,unsigned char *md)
        { return SHA1_Final(md,ctx->md_data); }
@@ -93,3 +100,115 @@ const EVP_MD *EVP_sha1(void)
        return(&sha1_md);
        }
 #endif
+#ifdef OPENSSL_FIPS
+#ifndef OPENSSL_NO_SHA256
+static int init224(EVP_MD_CTX *ctx)
+        { return SHA224_Init(ctx->md_data); }
+static int init256(EVP_MD_CTX *ctx)
+        { return SHA256_Init(ctx->md_data); }
+/*
+ * Even though there're separate SHA224_[Update|Final], we call
+ * SHA256 functions even in SHA224 context. This is what happens
+ * there anyway, so we can spare few CPU cycles:-)
+ */
+static int update256(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+        {
+        OPENSSL_assert(sizeof(count)<=sizeof(size_t));
+        return SHA256_Update(ctx->md_data,data,count);
+        }
+static int final256(EVP_MD_CTX *ctx,unsigned char *md)
+        { return SHA256_Final(md,ctx->md_data); }
+static const EVP_MD sha224_md=
+        {
+        NID_sha224,
+        NID_sha224WithRSAEncryption,
+        SHA224_DIGEST_LENGTH,
+        EVP_MD_FLAG_FIPS,
+        init224,
+        update256,
+        final256,
+        NULL,
+        NULL,
+        EVP_PKEY_RSA_method,
+        SHA256_CBLOCK,
+        sizeof(EVP_MD *)+sizeof(SHA256_CTX),
+        };
+const EVP_MD *EVP_sha224(void)
+        { return(&sha224_md); }
+static const EVP_MD sha256_md=
+        {
+        NID_sha256,
+        NID_sha256WithRSAEncryption,
+        SHA256_DIGEST_LENGTH,
+        EVP_MD_FLAG_FIPS,
+        init256,
+        update256,
+        final256,
+        NULL,
+        NULL,
+        EVP_PKEY_RSA_method,
+        SHA256_CBLOCK,
+        sizeof(EVP_MD *)+sizeof(SHA256_CTX),
+        };
+const EVP_MD *EVP_sha256(void)
+        { return(&sha256_md); }
+#endif /* ifndef OPENSSL_NO_SHA256 */
+#ifndef OPENSSL_NO_SHA512
+static int init384(EVP_MD_CTX *ctx)
+        { return SHA384_Init(ctx->md_data); }
+static int init512(EVP_MD_CTX *ctx)
+        { return SHA512_Init(ctx->md_data); }
+/* See comment in SHA224/256 section */
+static int update512(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+        {
+        OPENSSL_assert(sizeof(count)<=sizeof(size_t));
+        return SHA512_Update(ctx->md_data,data,count);
+        }
+static int final512(EVP_MD_CTX *ctx,unsigned char *md)
+        { return SHA512_Final(md,ctx->md_data); }
+static const EVP_MD sha384_md=
+        {
+        NID_sha384,
+        NID_sha384WithRSAEncryption,
+        SHA384_DIGEST_LENGTH,
+        EVP_MD_FLAG_FIPS,
+        init384,
+        update512,
+        final512,
+        NULL,
+        NULL,
+        EVP_PKEY_RSA_method,
+        SHA512_CBLOCK,
+        sizeof(EVP_MD *)+sizeof(SHA512_CTX),
+        };
+const EVP_MD *EVP_sha384(void)
+        { return(&sha384_md); }
+static const EVP_MD sha512_md=
+        {
+        NID_sha512,
+        NID_sha512WithRSAEncryption,
+        SHA512_DIGEST_LENGTH,
+        EVP_MD_FLAG_FIPS,
+        init512,
+        update512,
+        final512,
+        NULL,
+        NULL,
+        EVP_PKEY_RSA_method,
+        SHA512_CBLOCK,
+        sizeof(EVP_MD *)+sizeof(SHA512_CTX),
+        };
+const EVP_MD *EVP_sha512(void)
+        { return(&sha512_md); }
+#endif /* ifndef OPENSSL_NO_SHA512 */
+#endif /* ifdef OPENSSL_FIPS */

diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c index fe4402389a..60da93873c 100644 --- a/src/lib/libcrypto/evp/m_sha1.c +++ b/src/lib/libcrypto/evp/m_sha1.c
@@ -67,7 +67,14 @@ static int init(EVP_MD_CTX *ctx)
67	{ return SHA1_Init(ctx->md_data); }	67	{ return SHA1_Init(ctx->md_data); }
68		68
69	static int update(EVP_MD_CTX ctx,const void data,unsigned long count)	69	static int update(EVP_MD_CTX ctx,const void data,unsigned long count)
		70	#ifndef OPENSSL_FIPS
70	{ return SHA1_Update(ctx->md_data,data,count); }	71	{ return SHA1_Update(ctx->md_data,data,count); }
		72	#else
		73	{
		74	OPENSSL_assert(sizeof(count)<=sizeof(size_t));
		75	return SHA1_Update(ctx->md_data,data,count);
		76	}
		77	#endif
71		78
72	static int final(EVP_MD_CTX ctx,unsigned char md)	79	static int final(EVP_MD_CTX ctx,unsigned char md)
73	{ return SHA1_Final(md,ctx->md_data); }	80	{ return SHA1_Final(md,ctx->md_data); }
@@ -93,3 +100,115 @@ const EVP_MD *EVP_sha1(void)
93	return(&sha1_md);	100	return(&sha1_md);
94	}	101	}
95	#endif	102	#endif
		103
		104	#ifdef OPENSSL_FIPS
		105	#ifndef OPENSSL_NO_SHA256
		106	static int init224(EVP_MD_CTX *ctx)
		107	{ return SHA224_Init(ctx->md_data); }
		108	static int init256(EVP_MD_CTX *ctx)
		109	{ return SHA256_Init(ctx->md_data); }
		110	/*
		111	* Even though there're separate SHA224_[Update\|Final], we call
		112	* SHA256 functions even in SHA224 context. This is what happens
		113	* there anyway, so we can spare few CPU cycles:-)
		114	*/
		115	static int update256(EVP_MD_CTX ctx,const void data,unsigned long count)
		116	{
		117	OPENSSL_assert(sizeof(count)<=sizeof(size_t));
		118	return SHA256_Update(ctx->md_data,data,count);
		119	}
		120	static int final256(EVP_MD_CTX ctx,unsigned char md)
		121	{ return SHA256_Final(md,ctx->md_data); }
		122
		123	static const EVP_MD sha224_md=
		124	{
		125	NID_sha224,
		126	NID_sha224WithRSAEncryption,
		127	SHA224_DIGEST_LENGTH,
		128	EVP_MD_FLAG_FIPS,
		129	init224,
		130	update256,
		131	final256,
		132	NULL,
		133	NULL,
		134	EVP_PKEY_RSA_method,
		135	SHA256_CBLOCK,
		136	sizeof(EVP_MD *)+sizeof(SHA256_CTX),
		137	};
		138
		139	const EVP_MD *EVP_sha224(void)
		140	{ return(&sha224_md); }
		141
		142	static const EVP_MD sha256_md=
		143	{
		144	NID_sha256,
		145	NID_sha256WithRSAEncryption,
		146	SHA256_DIGEST_LENGTH,
		147	EVP_MD_FLAG_FIPS,
		148	init256,
		149	update256,
		150	final256,
		151	NULL,
		152	NULL,
		153	EVP_PKEY_RSA_method,
		154	SHA256_CBLOCK,
		155	sizeof(EVP_MD *)+sizeof(SHA256_CTX),
		156	};
		157
		158	const EVP_MD *EVP_sha256(void)
		159	{ return(&sha256_md); }
		160	#endif /* ifndef OPENSSL_NO_SHA256 */
		161
		162	#ifndef OPENSSL_NO_SHA512
		163	static int init384(EVP_MD_CTX *ctx)
		164	{ return SHA384_Init(ctx->md_data); }
		165	static int init512(EVP_MD_CTX *ctx)
		166	{ return SHA512_Init(ctx->md_data); }
		167	/* See comment in SHA224/256 section */
		168	static int update512(EVP_MD_CTX ctx,const void data,unsigned long count)
		169	{
		170	OPENSSL_assert(sizeof(count)<=sizeof(size_t));
		171	return SHA512_Update(ctx->md_data,data,count);
		172	}
		173	static int final512(EVP_MD_CTX ctx,unsigned char md)
		174	{ return SHA512_Final(md,ctx->md_data); }
		175
		176	static const EVP_MD sha384_md=
		177	{
		178	NID_sha384,
		179	NID_sha384WithRSAEncryption,
		180	SHA384_DIGEST_LENGTH,
		181	EVP_MD_FLAG_FIPS,
		182	init384,
		183	update512,
		184	final512,
		185	NULL,
		186	NULL,
		187	EVP_PKEY_RSA_method,
		188	SHA512_CBLOCK,
		189	sizeof(EVP_MD *)+sizeof(SHA512_CTX),
		190	};
		191
		192	const EVP_MD *EVP_sha384(void)
		193	{ return(&sha384_md); }
		194
		195	static const EVP_MD sha512_md=
		196	{
		197	NID_sha512,
		198	NID_sha512WithRSAEncryption,
		199	SHA512_DIGEST_LENGTH,
		200	EVP_MD_FLAG_FIPS,
		201	init512,
		202	update512,
		203	final512,
		204	NULL,
		205	NULL,
		206	EVP_PKEY_RSA_method,
		207	SHA512_CBLOCK,
		208	sizeof(EVP_MD *)+sizeof(SHA512_CTX),
		209	};
		210
		211	const EVP_MD *EVP_sha512(void)
		212	{ return(&sha512_md); }
		213	#endif /* ifndef OPENSSL_NO_SHA512 */
		214	#endif /* ifdef OPENSSL_FIPS */