forked from pool/openssl-1_1
Pedro Monreal Gonzalez
9fd6ae9e88
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=166
40 lines
1.5 KiB
Diff
40 lines
1.5 KiB
Diff
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
|
|
index 6adff696c..29b23f9f7 100644
|
|
--- a/crypto/evp/e_aes.c
|
|
+++ b/crypto/evp/e_aes.c
|
|
@@ -4366,6 +4366,21 @@ FIPS_STATUS EVP_CIPHER_get_fips_status(const EVP_CIPHER *cipher) {
|
|
/* intended fall-through */
|
|
case 256:
|
|
return FIPS_APPROVED;
|
|
+ case 512:
|
|
+ if (cipher->do_cipher == aes_xts_cipher
|
|
+ #if defined(OPENSSL_CPUID_OBJ) && ( \
|
|
+ ((defined(__i386) || defined(__i386__) || defined(_M_IX86))\
|
|
+ && defined(OPENSSL_IA32_SSE2)) \
|
|
+ || defined(__x86_64) || defined(__x86_64__) \
|
|
+ || defined(_M_AMD64) || defined(_M_X64))
|
|
+ || cipher->do_cipher == aesni_xts_cipher
|
|
+ #elif defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
|
|
+ || cipher->do_cipher == s390x_aes_xts_cipher
|
|
+ #endif
|
|
+ )
|
|
+ return FIPS_APPROVED;
|
|
+ else
|
|
+ return FIPS_ERROR;
|
|
}
|
|
}
|
|
/* disapproved for enc and dec: all others, including
|
|
diff --git a/test/fips_slitest.c b/test/fips_slitest.c
|
|
index d32f748a6..9e37cf36b 100644
|
|
--- a/test/fips_slitest.c
|
|
+++ b/test/fips_slitest.c
|
|
@@ -260,6 +260,8 @@ static const SLI_CIPHER_TEST cipher_tests[] = {
|
|
{0, NID_des_ede_ecb},
|
|
{0, NID_des_ede_ofb64},
|
|
{0, NID_idea_cbc},
|
|
+ {1, NID_aes_128_xts},
|
|
+ {1, NID_aes_256_xts},
|
|
};
|
|
static const size_t cipher_tests_len = sizeof(cipher_tests) / sizeof(cipher_tests[0]);
|
|
|