New FIPS_lock() function for minimal FIPS locking API: to avoid dependencies
on OpenSSL locking code. Use API in some internal FIPS files. Remove redundant ENGINE defines from fips.h
This commit is contained in:
parent
ad6019d6c0
commit
6ff9c48811
4 changed files with 80 additions and 13 deletions
12
fips/fips.h
12
fips/fips.h
|
@ -119,16 +119,8 @@ int FIPS_evp_digest(const void *data, size_t count,
|
||||||
void FIPS_evp_md_ctx_destroy(EVP_MD_CTX *ctx);
|
void FIPS_evp_md_ctx_destroy(EVP_MD_CTX *ctx);
|
||||||
int FIPS_evp_md_ctx_cleanup(EVP_MD_CTX *ctx);
|
int FIPS_evp_md_ctx_cleanup(EVP_MD_CTX *ctx);
|
||||||
|
|
||||||
#ifdef OPENSSL_FIPS_SOURCE
|
void FIPS_set_locking_callback (void (*func)(int mode, int type,
|
||||||
#define ENGINE_init FIPS_engine_init
|
const char *file,int line));
|
||||||
#define ENGINE_finish FIPS_engine_finish
|
|
||||||
#define ENGINE_get_digest FIPS_engine_get_digest
|
|
||||||
#define ENGINE_get_digest_engine FIPS_engine_get_digest_engine
|
|
||||||
#define ENGINE_get_RAND FIPS_engine_get_rand
|
|
||||||
#define ENGINE_get_default_RAND FIPS_engine_get_default_rand
|
|
||||||
#define EVP_SignFinal FIPS_evp_signfinal
|
|
||||||
#define EVP_VerifyFinal FIPS_evp_verifyfinal
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
/* BEGIN ERROR CODES */
|
||||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
|
|
@ -47,6 +47,8 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#define OPENSSL_FIPSEVP
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* This is a FIPS approved AES PRNG based on ANSI X9.31 A.2.4.
|
* This is a FIPS approved AES PRNG based on ANSI X9.31 A.2.4.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
# OpenSSL/fips/utl/Makefile
|
# OpenSSL/fips/utl/Makefile
|
||||||
#
|
#
|
||||||
|
|
||||||
DIR= callback
|
DIR= utl
|
||||||
TOP= ../..
|
TOP= ../..
|
||||||
CC= cc
|
CC= cc
|
||||||
INCLUDES=
|
INCLUDES=
|
||||||
|
@ -22,8 +22,8 @@ TEST=
|
||||||
APPS=
|
APPS=
|
||||||
|
|
||||||
LIB=$(TOP)/libcrypto.a
|
LIB=$(TOP)/libcrypto.a
|
||||||
LIBSRC= fips_err.c fips_md.c fips_enc.c
|
LIBSRC= fips_err.c fips_md.c fips_enc.c fips_lck.c
|
||||||
LIBOBJ= fips_err.o fips_md.o fips_enc.o
|
LIBOBJ= fips_err.o fips_md.o fips_enc.o fips_lck.o
|
||||||
|
|
||||||
SRC= $(LIBSRC)
|
SRC= $(LIBSRC)
|
||||||
|
|
||||||
|
|
73
fips/utl/fips_lck.c
Normal file
73
fips/utl/fips_lck.c
Normal file
|
@ -0,0 +1,73 @@
|
||||||
|
/* fips/utl/fips_lck.c */
|
||||||
|
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||||
|
* project.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2011 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*/
|
||||||
|
|
||||||
|
#define OPENSSL_FIPSEVP
|
||||||
|
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/fips.h>
|
||||||
|
|
||||||
|
/* FIPS locking callbacks */
|
||||||
|
|
||||||
|
void (*fips_lck_cb)(int mode, int type,const char *file,int line) = 0;
|
||||||
|
|
||||||
|
void FIPS_lock(int mode, int type,const char *file,int line)
|
||||||
|
{
|
||||||
|
if (fips_lck_cb)
|
||||||
|
fips_lck_cb(mode, type, file, line);
|
||||||
|
}
|
||||||
|
|
||||||
|
void FIPS_set_locking_callback (void (*func)(int mode, int type,
|
||||||
|
const char *file,int line))
|
||||||
|
{
|
||||||
|
fips_lck_cb = func;
|
||||||
|
}
|
Loading…
Reference in a new issue