1238384Sjkim/* Written by Stephen henson (steve@openssl.org) for the OpenSSL 2238384Sjkim * project 2011. 3238384Sjkim */ 4238384Sjkim/* ==================================================================== 5238384Sjkim * Copyright (c) 2011 The OpenSSL Project. All rights reserved. 6238384Sjkim * 7238384Sjkim * Redistribution and use in source and binary forms, with or without 8238384Sjkim * modification, are permitted provided that the following conditions 9238384Sjkim * are met: 10238384Sjkim * 11238384Sjkim * 1. Redistributions of source code must retain the above copyright 12238384Sjkim * notice, this list of conditions and the following disclaimer. 13238384Sjkim * 14238384Sjkim * 2. Redistributions in binary form must reproduce the above copyright 15238384Sjkim * notice, this list of conditions and the following disclaimer in 16238384Sjkim * the documentation and/or other materials provided with the 17238384Sjkim * distribution. 18238384Sjkim * 19238384Sjkim * 3. All advertising materials mentioning features or use of this 20238384Sjkim * software must display the following acknowledgment: 21238384Sjkim * "This product includes software developed by the OpenSSL Project 22238384Sjkim * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 23238384Sjkim * 24238384Sjkim * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 25238384Sjkim * endorse or promote products derived from this software without 26238384Sjkim * prior written permission. For written permission, please contact 27238384Sjkim * openssl-core@openssl.org. 28238384Sjkim * 29238384Sjkim * 5. Products derived from this software may not be called "OpenSSL" 30238384Sjkim * nor may "OpenSSL" appear in their names without prior written 31238384Sjkim * permission of the OpenSSL Project. 32238384Sjkim * 33238384Sjkim * 6. Redistributions of any form whatsoever must retain the following 34238384Sjkim * acknowledgment: 35238384Sjkim * "This product includes software developed by the OpenSSL Project 36238384Sjkim * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 37238384Sjkim * 38238384Sjkim * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 39238384Sjkim * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 40238384Sjkim * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 41238384Sjkim * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 42238384Sjkim * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 43238384Sjkim * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 44238384Sjkim * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 45238384Sjkim * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 46238384Sjkim * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 47238384Sjkim * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 48238384Sjkim * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49238384Sjkim * OF THE POSSIBILITY OF SUCH DAMAGE. 50238384Sjkim * ==================================================================== 51238384Sjkim * 52238384Sjkim * This product includes cryptographic software written by Eric Young 53238384Sjkim * (eay@cryptsoft.com). This product includes software written by Tim 54238384Sjkim * Hudson (tjh@cryptsoft.com). 55238384Sjkim * 56238384Sjkim */ 57238384Sjkim 58238384Sjkim#include "cryptlib.h" 59238384Sjkim#ifdef OPENSSL_FIPS 60238384Sjkim#include <openssl/fips.h> 61238384Sjkim#include <openssl/fips_rand.h> 62238384Sjkim#include <openssl/rand.h> 63238384Sjkim#endif 64238384Sjkim 65238384Sjkimint FIPS_mode(void) 66238384Sjkim { 67238384Sjkim OPENSSL_init(); 68238384Sjkim#ifdef OPENSSL_FIPS 69238384Sjkim return FIPS_module_mode(); 70238384Sjkim#else 71238384Sjkim return 0; 72238384Sjkim#endif 73238384Sjkim } 74238384Sjkim 75238384Sjkimint FIPS_mode_set(int r) 76238384Sjkim { 77238384Sjkim OPENSSL_init(); 78238384Sjkim#ifdef OPENSSL_FIPS 79238384Sjkim#ifndef FIPS_AUTH_USER_PASS 80238384Sjkim#define FIPS_AUTH_USER_PASS "Default FIPS Crypto User Password" 81238384Sjkim#endif 82238384Sjkim if (!FIPS_module_mode_set(r, FIPS_AUTH_USER_PASS)) 83238384Sjkim return 0; 84238384Sjkim if (r) 85238384Sjkim RAND_set_rand_method(FIPS_rand_get_method()); 86238384Sjkim else 87238384Sjkim RAND_set_rand_method(NULL); 88238384Sjkim return 1; 89238384Sjkim#else 90238384Sjkim if (r == 0) 91238384Sjkim return 1; 92238384Sjkim CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED); 93238384Sjkim return 0; 94238384Sjkim#endif 95238384Sjkim } 96238384Sjkim 97