Adjust FIPS initialization and status query

2025-02-23 17:28:17 +00:00 · 2015-03-17 16:05:54 -05:00 · 2015-03-17 16:05:54 -05:00 · 5fd8abafb0
commit 5fd8abafb0
parent 29b00cb2fc
1 changed files with 7 additions and 6 deletions
--- a/src/crypto_openssl.c
+++ b/src/crypto_openssl.c
@ -42,7 +42,6 @@ typedef struct {
  EVP_CIPHER *evp_cipher;
 } openssl_ctx;

-static int openssl_fips_status = 0;
 static unsigned int openssl_external_init = 0;
 static unsigned int openssl_init_count = 0;
 static sqlite3_mutex* openssl_rand_mutex = NULL;
@ -77,14 +76,16 @@ static int sqlcipher_openssl_activate(void *ctx) {
    openssl_external_init = 1;
  }

-  if(openssl_init_count == 0 && openssl_external_init == 0)  {
 #ifdef SQLCIPHER_FIPS
-    openssl_fips_status = FIPS_mode_set(1);
-    if(!openssl_fips_status){
+  if(!FIPS_mode()){
+    if(!FIPS_mode_set(1)){
      ERR_load_crypto_strings();
-      ERR_print_errors_fp(stdout);
+      ERR_print_errors_fp(stderr);
    }
+  }
 #endif
+
+  if(openssl_init_count == 0 && openssl_external_init == 0)  {
    /* if the library was not externally initialized, then should be now */
    OpenSSL_add_all_algorithms();
  } 
@ -232,7 +233,7 @@ static int sqlcipher_openssl_ctx_free(void **ctx) {
 }

 static int sqlcipher_openssl_fips_status(void *ctx) {
-  return openssl_fips_status;
+  return FIPS_mode();
 }

 int sqlcipher_openssl_setup(sqlcipher_provider *p) {