When initialising HMAC support check that the crypto library
supports the algorithm rather than just assuming it is supported.
memset(dst_t_func, 0, sizeof(dst_t_func));
RETERR(dst__openssl_init(engine)); /* Sets FIPS mode. */
- if (!isc_fips_mode()) {
- RETERR(dst__hmacmd5_init(&dst_t_func[DST_ALG_HMACMD5]));
- }
+ RETERR(dst__hmacmd5_init(&dst_t_func[DST_ALG_HMACMD5]));
RETERR(dst__hmacsha1_init(&dst_t_func[DST_ALG_HMACSHA1]));
RETERR(dst__hmacsha224_init(&dst_t_func[DST_ALG_HMACSHA224]));
RETERR(dst__hmacsha256_init(&dst_t_func[DST_ALG_HMACSHA256]));
isc_result_t dst__hmac##alg##_init(dst_func_t **funcp) { \
REQUIRE(funcp != NULL); \
if (*funcp == NULL) { \
- *funcp = &hmac##alg##_functions; \
+ isc_hmac_t *ctx = isc_hmac_new(); \
+ if (isc_hmac_init(ctx, "test", 4, ISC_MD_##alg) == \
+ ISC_R_SUCCESS) \
+ { \
+ *funcp = &hmac##alg##_functions; \
+ } \
+ isc_hmac_free(ctx); \
} \
return (ISC_R_SUCCESS); \
}
projects / thirdparty / bind9.git / commitdiff
