summaryrefslogtreecommitdiff
path: root/src/lib/libssl/t1_enc.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/t1_enc.c')
-rw-r--r--src/lib/libssl/t1_enc.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 271e247eea..2c6246abf5 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -115,6 +115,7 @@
115#include <openssl/evp.h> 115#include <openssl/evp.h>
116#include <openssl/hmac.h> 116#include <openssl/hmac.h>
117#include <openssl/md5.h> 117#include <openssl/md5.h>
118#include <openssl/fips.h>
118 119
119static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, 120static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
120 int sec_len, unsigned char *seed, int seed_len, 121 int sec_len, unsigned char *seed, int seed_len,
@@ -131,6 +132,8 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
131 132
132 HMAC_CTX_init(&ctx); 133 HMAC_CTX_init(&ctx);
133 HMAC_CTX_init(&ctx_tmp); 134 HMAC_CTX_init(&ctx_tmp);
135 HMAC_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
136 HMAC_CTX_set_flags(&ctx_tmp, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
134 HMAC_Init_ex(&ctx,sec,sec_len,md, NULL); 137 HMAC_Init_ex(&ctx,sec,sec_len,md, NULL);
135 HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL); 138 HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL);
136 HMAC_Update(&ctx,seed,seed_len); 139 HMAC_Update(&ctx,seed,seed_len);
@@ -177,7 +180,6 @@ static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1,
177 S2= &(sec[len]); 180 S2= &(sec[len]);
178 len+=(slen&1); /* add for odd, make longer */ 181 len+=(slen&1); /* add for odd, make longer */
179 182
180
181 tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen); 183 tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen);
182 tls1_P_hash(sha1,S2,len,label,label_len,out2,olen); 184 tls1_P_hash(sha1,S2,len,label,label_len,out2,olen);
183 185
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 13:21:04 +0000