DEFINE_STACK_OF_STRING()
#define BUFSIZE 4096
-#define DEFAULT_MAC_NAME "HMAC"
-#define DEFAULT_FIPS_SECTION "fips_check_section"
/* Configuration file values */
#define VERSION_KEY "version"
int fipsinstall_main(int argc, char **argv)
{
int ret = 1, verify = 0, gotkey = 0, gotdigest = 0;
+ const char *section_name = "fips_sect";
+ const char *mac_name = "HMAC";
+ const char *prov_name = "fips";
BIO *module_bio = NULL, *mem_bio = NULL, *fout = NULL;
- char *in_fname = NULL, *out_fname = NULL, *prog, *section_name = NULL;
- char *prov_name = NULL, *module_fname = NULL;
- static const char *mac_name = DEFAULT_MAC_NAME;
+ char *in_fname = NULL, *out_fname = NULL, *prog;
+ char *module_fname = NULL;
EVP_MAC_CTX *ctx = NULL, *ctx2 = NULL;
STACK_OF(OPENSSL_STRING) *opts = NULL;
OPTION_CHOICE o;
EVP_MAC *mac = NULL;
CONF *conf = NULL;
- section_name = DEFAULT_FIPS_SECTION;
if ((opts = sk_OPENSSL_STRING_new_null()) == NULL)
goto end;
argc = opt_num_rest();
if (module_fname == NULL
|| (verify && in_fname == NULL)
- || (!verify && (out_fname == NULL || prov_name == NULL))
+ || (!verify && out_fname == NULL)
|| argc != 0)
goto opthelp;
/* Use the default FIPS HMAC digest and key if not specified. */
if (!gotdigest && !sk_OPENSSL_STRING_push(opts, "digest:SHA256"))
goto end;
- /* Use the default FIPS HMAC key if not specified. */
if (!gotkey && !sk_OPENSSL_STRING_push(opts, "hexkey:" FIPS_KEY_STRING))
goto end;
=item B<-provider_name> I<providername>
Name of the provider inside the configuration file.
-This must be specified.
+The default value is C<fips>.
=item B<-section_name> I<sectionname>
Name of the section inside the configuration file.
-This must be specified.
+The default value is C<fips_sect>.
=item B<-mac_name> I<name>
ok(run(app(['openssl', 'fipsinstall',
'-out', bldtop_file('providers', 'fipsmodule.cnf'),
- '-module', $infile,
- '-provider_name', 'fips',
- '-section_name', 'fips_sect'])),
+ '-module', $infile])),
"fipsinstall");
ok(run(test(["acvp_test", "-config", srctop_file("test","fips.cnf")])),
ok(run(app(['openssl', 'fipsinstall',
'-out', bldtop_file('providers', 'fipsmodule.cnf'),
- '-module', $infile,
- '-provider_name', 'fips',
- '-section_name', 'fips_sect'])),
+ '-module', $infile])),
"fipsinstall");
}
use platform;
my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
+my $infile = bldtop_file('providers', platform->dso('fips'));
my @types = ( "digest", "cipher" );
push @setups, {
cmd => app(['openssl', 'fipsinstall',
'-out', bldtop_file('providers', 'fipsmodule.cnf'),
- '-module', bldtop_file('providers', platform->dso('fips')),
- '-provider_name', 'fips',
- '-section_name', 'fips_sect']),
+ '-module', $infile]),
message => "fipsinstall"
};
push @testdata, (
use platform;
my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
+my $infile = bldtop_file('providers', platform->dso('fips'));
$ENV{TEST_CERTS_DIR} = srctop_dir("test", "certs");
unless ($no_fips) {
ok(run(app(['openssl', 'fipsinstall',
'-out', bldtop_file('providers', 'fipsmodule.cnf'),
- '-module', bldtop_file('providers', platform->dso('fips')),
- '-provider_name', 'fips',
- '-section_name', 'fips_sect'])),
+ '-module', $infile])),
"fipsinstall");
}
use platform;
my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
+my $infile = bldtop_file('providers', platform->dso('fips'));
+
my ($no_rsa, $no_dsa, $no_dh, $no_ec, $no_psk,
$no_ssl3, $no_tls1, $no_tls1_1, $no_tls1_2, $no_tls1_3,
$no_dtls, $no_dtls1, $no_dtls1_2, $no_ct) =
unless ($no_fips) {
ok(run(app(['openssl', 'fipsinstall',
'-out', bldtop_file('providers', 'fipsmodule.cnf'),
- '-module', bldtop_file('providers', platform->dso('fips')),
- '-provider_name', 'fips',
- '-section_name', 'fips_sect'])),
+ '-module', $infile])),
"fipsinstall");
}
unless ($no_fips) {
ok(run(app(['openssl', 'fipsinstall',
'-out', bldtop_file('providers', 'fipsmodule.cnf'),
- '-module', bldtop_file('providers', platform->dso('fips')),
- '-provider_name', 'fips',
- '-section_name', 'fips_sect'])),
+ '-module', bldtop_file('providers', platform->dso('fips'))])),
"fipsinstall");
ok(run(test(["sslapitest", srctop_dir("test", "certs"),