From 42bd0a6b3c73c71b69967503c0ee0a3598b52655 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 5 Apr 2011 15:48:05 +0000 Subject: [PATCH] Update fipssyms.h to keep all symbols in FIPS,fips namespace. Rename drbg_cprng_test to fips_drbg_cprng_test. Remove rand files from Makefile.fips. --- Makefile.fips | 9 +-------- fips/fipssyms.h | 30 +++++++++++------------------- fips/rand/fips_drbg_ctr.c | 4 ++-- fips/rand/fips_drbg_hash.c | 4 ++-- fips/rand/fips_drbg_lib.c | 2 +- fips/rand/fips_rand_lcl.h | 2 +- 6 files changed, 18 insertions(+), 33 deletions(-) diff --git a/Makefile.fips b/Makefile.fips index 8d967b7f2a..65bc582ca7 100644 --- a/Makefile.fips +++ b/Makefile.fips @@ -148,7 +148,7 @@ SHLIBDIRS= crypto SDIRS= \ sha hmac des aes modes \ bn ec rsa dsa ecdsa dh \ - buffer rand evp ecdh cmac + buffer evp ecdh cmac # keep in mind that the above list is adjusted by ./Configure # according to no-xxx arguments... @@ -338,13 +338,6 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \ ../crypto/modes/ctr128.o \ ../crypto/modes/gcm128.o \ ../crypto/modes/ofb128.o \ - ../crypto/rand/md_rand.o \ - ../crypto/rand/rand_egd.o \ - ../crypto/rand/randfile.o \ - ../crypto/rand/rand_lib.o \ - ../crypto/rand/rand_os2.o \ - ../crypto/rand/rand_unix.o \ - ../crypto/rand/rand_win.o \ ../crypto/rsa/rsa_eay.o \ ../crypto/rsa/rsa_gen.o \ ../crypto/rsa/rsa_crpt.o \ diff --git a/fips/fipssyms.h b/fips/fipssyms.h index 0b24c32ade..226e603d0a 100644 --- a/fips/fipssyms.h +++ b/fips/fipssyms.h @@ -347,25 +347,6 @@ #define OPENSSL_stderr FIPS_openssl_stderr #define OpenSSLDie FIPS_openssldie #define PKCS1_MGF1 FIPS_pkcs1_mgf1 -#define RAND_SSLeay FIPS_rand_ssleay -#define RAND_add FIPS_rand_add -#define RAND_bytes FIPS_ossl_rand_bytes -#define RAND_cleanup FIPS_rand_cleanup -#define RAND_egd FIPS_rand_egd -#define RAND_egd_bytes FIPS_rand_egd_bytes -#define RAND_event FIPS_rand_event -#define RAND_file_name FIPS_rand_file_name -#define RAND_get_rand_method FIPS_rand_get_rand_method -#define RAND_load_file FIPS_rand_load_file -#define RAND_poll FIPS_rand_poll -#define RAND_pseudo_bytes FIPS_rand_pseudo_bytes -#define RAND_query_egd_bytes FIPS_rand_query_egd_bytes -#define RAND_screen FIPS_rand_screen -#define RAND_seed FIPS_ossl_rand_seed -#define RAND_set_rand_method FIPS_rand_set_rand_method -#define RAND_status FIPS_ossl_rand_status -#define RAND_version FIPS_rand_version -#define RAND_write_file FIPS_rand_write_file #define RSA_PKCS1_SSLeay FIPS_rsa_pkcs1_ssleay #define RSA_X931_derive_ex FIPS_rsa_x931_derive_ex #define RSA_X931_generate_key_ex FIPS_rsa_x931_generate_key_ex @@ -513,6 +494,17 @@ #define DH_compute_key_padded FIPS_dh_compute_key_padded #define ECDH_OpenSSL FIPS_ecdh_openssl #define ECDH_compute_key FIPS_ecdh_compute_key + +#define CMAC_CTX_cleanup FIPS_cmac_ctx_cleanup +#define CMAC_CTX_copy FIPS_cmac_ctx_copy +#define CMAC_CTX_free FIPS_cmac_ctx_free +#define CMAC_CTX_get0_cipher_ctx FIPS_cmac_ctx_get0_cipher_ctx +#define CMAC_CTX_new FIPS_cmac_ctx_new +#define CMAC_Init FIPS_cmac_init +#define CMAC_Update FIPS_cmac_update +#define CMAC_Final FIPS_cmac_final +#define CMAC_resume FIPS_cmac_resume + /* assembler symbols */ #define gcm_gmult_4bit_x86 fips_gcm_gmult_4bit_x86 #define gcm_ghash_4bit_x86 fips_gcm_ghash_4bit_x86 diff --git a/fips/rand/fips_drbg_ctr.c b/fips/rand/fips_drbg_ctr.c index 2a3c321618..4045e2d627 100644 --- a/fips/rand/fips_drbg_ctr.c +++ b/fips/rand/fips_drbg_ctr.c @@ -340,13 +340,13 @@ static int drbg_ctr_generate(DRBG_CTX *dctx, { /* Use K as temp space as it will be updated */ AES_encrypt(cctx->V, cctx->K, &cctx->ks); - if (!drbg_cprng_test(dctx, cctx->K)) + if (!fips_drbg_cprng_test(dctx, cctx->K)) return 0; memcpy(out, cctx->K, outlen); break; } AES_encrypt(cctx->V, out, &cctx->ks); - if (!drbg_cprng_test(dctx, out)) + if (!fips_drbg_cprng_test(dctx, out)) return 0; out += 16; outlen -= 16; diff --git a/fips/rand/fips_drbg_hash.c b/fips/rand/fips_drbg_hash.c index 8b49f33a63..a94170f135 100644 --- a/fips/rand/fips_drbg_hash.c +++ b/fips/rand/fips_drbg_hash.c @@ -204,13 +204,13 @@ static int hash_gen(DRBG_CTX *dctx, unsigned char *out, size_t outlen) if (outlen < dctx->blocklength) { FIPS_digestfinal(&hctx->mctx, hctx->vtmp, NULL); - if (!drbg_cprng_test(dctx, hctx->vtmp)) + if (!fips_drbg_cprng_test(dctx, hctx->vtmp)) return 0; memcpy(out, hctx->vtmp, outlen); return 1; } FIPS_digestfinal(&hctx->mctx, out, NULL); - if (!drbg_cprng_test(dctx, out)) + if (!fips_drbg_cprng_test(dctx, out)) return 0; outlen -= dctx->blocklength; if (outlen == 0) diff --git a/fips/rand/fips_drbg_lib.c b/fips/rand/fips_drbg_lib.c index 920a61a97a..7a0a1070e2 100644 --- a/fips/rand/fips_drbg_lib.c +++ b/fips/rand/fips_drbg_lib.c @@ -406,7 +406,7 @@ void FIPS_drbg_stick(void) } /* Continuous DRBG utility function */ -int drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out) +int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out) { /* No CPRNG in test mode */ if (dctx->flags & DRBG_FLAG_TEST) diff --git a/fips/rand/fips_rand_lcl.h b/fips/rand/fips_rand_lcl.h index 2d63409537..94f58ea4cd 100644 --- a/fips/rand/fips_rand_lcl.h +++ b/fips/rand/fips_rand_lcl.h @@ -185,4 +185,4 @@ struct drbg_ctx_st int fips_drbg_ctr_init(DRBG_CTX *dctx); int fips_drbg_hash_init(DRBG_CTX *dctx); int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags); -int drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out); +int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out); -- 2.40.0