summaryrefslogtreecommitdiff
path: root/app/openssl/apps/openssl.c
diff options
context:
space:
mode:
Diffstat (limited to 'app/openssl/apps/openssl.c')
-rw-r--r--app/openssl/apps/openssl.c17
1 files changed, 17 insertions, 0 deletions
diff --git a/app/openssl/apps/openssl.c b/app/openssl/apps/openssl.c
index 10689573..a9fa1e3f 100644
--- a/app/openssl/apps/openssl.c
+++ b/app/openssl/apps/openssl.c
@@ -117,6 +117,7 @@
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/crypto.h>
+#include <openssl/rand.h>
#include <openssl/lhash.h>
#include <openssl/conf.h>
#include <openssl/x509.h>
@@ -129,6 +130,9 @@
#include "progs.h"
#include "s_apps.h"
#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
/* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the
* base prototypes (we cast each variable inside the function to the required
@@ -310,6 +314,19 @@ int main(int Argc, char *ARGV[])
CRYPTO_set_locking_callback(lock_dbg_cb);
}
+ if(getenv("OPENSSL_FIPS")) {
+#ifdef OPENSSL_FIPS
+ if (!FIPS_mode_set(1)) {
+ ERR_load_crypto_strings();
+ ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
+ EXIT(1);
+ }
+#else
+ fprintf(stderr, "FIPS mode not supported.\n");
+ EXIT(1);
+#endif
+ }
+
apps_startup();
/* Lets load up our environment a little */
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 05:48:48 +0000