← Back to branch summary

~ubuntu-branches/ubuntu/utopic/openssl/utopic

« back to all changes in this revision

Viewing changes to crypto/ecdsa/ecs_lib.c

  • Committer: Package Import Robot
  • Author(s): Kurt Roeckx
  • Date: 2012-03-19 18:23:32 UTC
  • mfrom: (1.2.6)
  • mto: This revision was merged to the branch mainline in revision 64.
  • Revision ID: package-import@ubuntu.com-20120319182332-q4zgqvw51ahauk27
Tags: 1.0.1-1
http://bugs.debian.org/644743
http://bugs.debian.org/663977
http://bugs.debian.org/653495
http://bugs.debian.org/664454
* New upstream version
  - Remove kfreebsd-pipe.patch, fixed upstream
  - Update pic.patch, openssl-pod-misspell.patch and make-targets.patch
  - Add OPENSSL_1.0.1 to version-script.patch and libssl1.0.0.symbols for
    the new functions.
  - AES-NI support (Closes: #644743)
* pic.patch: upstream made OPENSSL_ia32cap_P and OPENSSL_cpuid_setup
  hidden on amd64, no need to access it PIC anymore.
* pic.patch: Make OPENSSL_ia32cap_P hidden on i386 too (Closes: #663977)
* Enable hardening using dpkg-buildflags (Closes: #653495)
* s_client and s_server were forcing SSLv3 only connection when SSLv2 was
  disabled instead of the SSLv2 with upgrade method.  (Closes: #664454)
* Add Beaks on openssh < 1:5.9p1-4, it has a too strict version check.

Show diffs side-by-side

added added

removed removed

Lines of Context:
crypto/ecdsa/ecs_lib.c
60
60
#endif
61
61
#include <openssl/err.h>
62
62
#include <openssl/bn.h>
 
63
#ifdef OPENSSL_FIPS
 
64
#include <openssl/fips.h>
 
65
#endif
63
66
 
64
67
const char ECDSA_version[]="ECDSA" OPENSSL_VERSION_PTEXT;
65
68
 
77
80
const ECDSA_METHOD *ECDSA_get_default_method(void)
78
81
{
79
82
        if(!default_ECDSA_method) 
 
83
                {
 
84
#ifdef OPENSSL_FIPS
 
85
                if (FIPS_mode())
 
86
                        return FIPS_ecdsa_openssl();
 
87
                else
 
88
                        return ECDSA_OpenSSL();
 
89
#else
80
90
                default_ECDSA_method = ECDSA_OpenSSL();
 
91
#endif
 
92
                }
81
93
        return default_ECDSA_method;
82
94
}
83
95
 
193
205
        }
194
206
        else
195
207
                ecdsa_data = (ECDSA_DATA *)data;
196
 
        
 
208
#ifdef OPENSSL_FIPS
 
209
        if (FIPS_mode() && !(ecdsa_data->flags & ECDSA_FLAG_FIPS_METHOD)
 
210
                        && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW))
 
211
                {
 
212
                ECDSAerr(ECDSA_F_ECDSA_CHECK, ECDSA_R_NON_FIPS_METHOD);
 
213
                return NULL;
 
214
                }
 
215
#endif
197
216
 
198
217
        return ecdsa_data;
199
218
}