From 0fec38d0aa78151762304f9d5b0c492d78a74d73 Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Tue, 19 Mar 2024 13:51:07 +0800 Subject: [PATCH 1/2] test Signed-off-by: Ze Gan --- src/crypto/aes-omac1.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/crypto/aes-omac1.c b/src/crypto/aes-omac1.c index 864251634..3eb69fa8d 100644 --- a/src/crypto/aes-omac1.c +++ b/src/crypto/aes-omac1.c @@ -43,6 +43,7 @@ static void gf_mulx(u8 *pad) int omac1_aes_vector(const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) { + wpa_printf(MSG_ERROR, "Self CMAC: omac1_aes_vector"); void *ctx; u8 cbc[AES_BLOCK_SIZE], pad[AES_BLOCK_SIZE]; const u8 *pos, *end; From 35c8bca730dbbcdbe0d25e32534d7f51b20039e7 Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Tue, 19 Mar 2024 20:38:33 +0800 Subject: [PATCH 2/2] enable fips Signed-off-by: Ze Gan --- debian/config/wpasupplicant/linux | 3 +++ src/crypto/crypto_openssl.c | 1 + 2 files changed, 4 insertions(+) diff --git a/debian/config/wpasupplicant/linux b/debian/config/wpasupplicant/linux index 55c8ee570..9c3dfa4c3 100644 --- a/debian/config/wpasupplicant/linux +++ b/debian/config/wpasupplicant/linux @@ -603,3 +603,6 @@ CONFIG_OWE=y # This requires CONFIG_IEEE80211W=y to be enabled, too. (see # wpa_supplicant/README-DPP for details) CONFIG_DPP=y + +# CONFIG_FIPS=y +CONFIG_OPENSSL_CMAC=y diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 8c3484abe..68adda153 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -1218,6 +1218,7 @@ int crypto_get_random(void *buf, size_t len) int omac1_aes_vector(const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) { + wpa_printf(MSG_ERROR, "Openssl CMAC: omac1_aes_vector"); #if OPENSSL_VERSION_NUMBER >= 0x30000000L EVP_MAC_CTX *ctx = NULL; EVP_MAC *emac;