New FIPS_lock() function for minimal FIPS locking API: to avoid dependencies

on OpenSSL locking code. Use API in some internal FIPS files.

Remove redundant ENGINE defines from fips.h
This commit is contained in:
Dr. Stephen Henson 2011-01-27 14:29:48 +00:00
parent ad6019d6c0
commit 6ff9c48811
4 changed files with 80 additions and 13 deletions

View file

@ -119,16 +119,8 @@ int FIPS_evp_digest(const void *data, size_t count,
void FIPS_evp_md_ctx_destroy(EVP_MD_CTX *ctx); void FIPS_evp_md_ctx_destroy(EVP_MD_CTX *ctx);
int FIPS_evp_md_ctx_cleanup(EVP_MD_CTX *ctx); int FIPS_evp_md_ctx_cleanup(EVP_MD_CTX *ctx);
#ifdef OPENSSL_FIPS_SOURCE void FIPS_set_locking_callback (void (*func)(int mode, int type,
#define ENGINE_init FIPS_engine_init const char *file,int line));
#define ENGINE_finish FIPS_engine_finish
#define ENGINE_get_digest FIPS_engine_get_digest
#define ENGINE_get_digest_engine FIPS_engine_get_digest_engine
#define ENGINE_get_RAND FIPS_engine_get_rand
#define ENGINE_get_default_RAND FIPS_engine_get_default_rand
#define EVP_SignFinal FIPS_evp_signfinal
#define EVP_VerifyFinal FIPS_evp_verifyfinal
#endif
/* BEGIN ERROR CODES */ /* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes /* The following lines are auto generated by the script mkerr.pl. Any changes

View file

@ -47,6 +47,8 @@
* *
*/ */
#define OPENSSL_FIPSEVP
/* /*
* This is a FIPS approved AES PRNG based on ANSI X9.31 A.2.4. * This is a FIPS approved AES PRNG based on ANSI X9.31 A.2.4.
*/ */

View file

@ -2,7 +2,7 @@
# OpenSSL/fips/utl/Makefile # OpenSSL/fips/utl/Makefile
# #
DIR= callback DIR= utl
TOP= ../.. TOP= ../..
CC= cc CC= cc
INCLUDES= INCLUDES=
@ -22,8 +22,8 @@ TEST=
APPS= APPS=
LIB=$(TOP)/libcrypto.a LIB=$(TOP)/libcrypto.a
LIBSRC= fips_err.c fips_md.c fips_enc.c LIBSRC= fips_err.c fips_md.c fips_enc.c fips_lck.c
LIBOBJ= fips_err.o fips_md.o fips_enc.o LIBOBJ= fips_err.o fips_md.o fips_enc.o fips_lck.o
SRC= $(LIBSRC) SRC= $(LIBSRC)

73
fips/utl/fips_lck.c Normal file
View file

@ -0,0 +1,73 @@
/* fips/utl/fips_lck.c */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
/* ====================================================================
* Copyright (c) 2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#define OPENSSL_FIPSEVP
#include <openssl/evp.h>
#include <openssl/fips.h>
/* FIPS locking callbacks */
void (*fips_lck_cb)(int mode, int type,const char *file,int line) = 0;
void FIPS_lock(int mode, int type,const char *file,int line)
{
if (fips_lck_cb)
fips_lck_cb(mode, type, file, line);
}
void FIPS_set_locking_callback (void (*func)(int mode, int type,
const char *file,int line))
{
fips_lck_cb = func;
}