MeshCentral/MeshAgent
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshAgent synced 2025-12-15 15:53:55 +00:00
Code Issues Releases Wiki Activity

Added ability to compile for FIPS mode

Browse Source
This commit is contained in:
Bryan Roe
2021-01-21 20:13:15 -08:00
parent 22e5693253
commit 4daedfd081
8 changed files with 54 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
microstack/ILibCrypto.c
View File

@@ -458,9 +458,19 @@ void __fastcall util_openssl_init()
SSL_load_error_strings();
ERR_load_crypto_strings(); // ONE LEAK IN LINUX
OpenSSL_add_all_algorithms(); // OpenSSL 1.1
OpenSSL_add_all_ciphers(); // OpenSSL 1.1
OpenSSL_add_all_digests(); // OpenSSL 1.1
OpenSSL_add_all_algorithms(); // OpenSSL 1.1
OpenSSL_add_all_ciphers(); // OpenSSL 1.1
OpenSSL_add_all_digests(); // OpenSSL 1.1
#ifdef FIPSMODE
if (FIPS_mode() || FIPS_mode_set(1))
{
printf("ENTERED FIPS mode\n");
}
else
{
ILIBCRITICALEXITMSG(200, "FAILED to enter FIPS mode");
}
#endif
// Add more random seeding in Windows (This is probably useful since OpenSSL in Windows has weaker seeding)
#if defined(WIN32) && !defined(_MINCORE)
@@ -503,7 +513,9 @@ void __fastcall util_openssl_uninit()
ERR_free_strings();
//ERR_remove_state(0); // Deprecated in OpenSSL/1.1.x
#ifndef OLDSSL
OPENSSL_cleanup();
#endif
}
// Add extension using V3 code: we can set the config file as NULL because we wont reference any other sections.