Hi Steve, thanks. This also seems to be a general issue with setting other
fields in the context, for example to override the key length (even in non-FIPS
mode) you have to initialize the cipher context with the cipher, then set the
fields in the context, then reinitialize it without specifying the cipher (I
found via googling that you had to do this):
EVP_CIPHER_CTX_init(&m_ctx);
EVP_CipherInit_ex(&m_ctx, EVP_rc4(), NULL, NULL, NULL, 1); // first
time don't pass key
EVP_CIPHER_CTX_set_key_length(&m_ctx, (int)nKeySize); // specify
key length
EVP_CipherInit_ex(&m_ctx, NULL, NULL, pKey, NULL, 1); // now set
the key
Ideally one should be able to omit the extra step, since I thought one of the
points of the _ex form was to assume the CTX is already set up?
EVP_CIPHER_CTX_init(&m_ctx);
EVP_CIPHER_CTX_set_key_length(&m_ctx, (int)nKeySize);
EVP_CipherInit_ex(&m_ctx, EVP_rc4(), NULL, pKey, NULL, 1);
I think the following in evp_enc.c at line 123 might work to only clean up the
CTX if you were specifying a cipher and one was already present:
if (cipher)
{
/* Ensure a context left lying around from last time is cleared
* (the previous check attempted to avoid this if the same
* ENGINE and EVP_CIPHER could be used). */
+++> if (ctx->cipher)
EVP_CIPHER_CTX_cleanup(ctx);
Thanks,
Erik
....................................
Erik Tkal
Juniper OAC/UAC/Pulse Development
-----Original Message-----
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On
Behalf Of Dr. Stephen Henson
Sent: Friday, February 10, 2012 11:15 AM
To: openssl-dev@openssl.org
Subject: Re: FIPS Module 2.0 -- using non-FIPS ciphers
On Fri, Feb 10, 2012, Erik Tkal wrote:
> I'm just saying that there are options to allow this and it just doesn't seem
> to work.
>
>
> #define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non
> FIPS digest
> * in FIPS mode */
>
> /* Allow non FIPS cipher in FIPS mode */
> #define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
>
>
> Obviously the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW flag handling works, since the
> SSL/TLS processing uses this to allow MD5 during the handshake.
>
That's a bug. Looking into a fix.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
