Update fipssyms.h to keep all symbols in FIPS,fips namespace.

Rename drbg_cprng_test to fips_drbg_cprng_test.

Remove rand files from Makefile.fips.
This commit is contained in:
Dr. Stephen Henson 2011-04-05 15:48:05 +00:00
parent 05e24c87dd
commit 42bd0a6b3c
6 changed files with 18 additions and 33 deletions

View File

@ -148,7 +148,7 @@ SHLIBDIRS= crypto
SDIRS= \
sha hmac des aes modes \
bn ec rsa dsa ecdsa dh \
buffer rand evp ecdh cmac
buffer evp ecdh cmac
# keep in mind that the above list is adjusted by ./Configure
# according to no-xxx arguments...
@ -338,13 +338,6 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
../crypto/modes/ctr128.o \
../crypto/modes/gcm128.o \
../crypto/modes/ofb128.o \
../crypto/rand/md_rand.o \
../crypto/rand/rand_egd.o \
../crypto/rand/randfile.o \
../crypto/rand/rand_lib.o \
../crypto/rand/rand_os2.o \
../crypto/rand/rand_unix.o \
../crypto/rand/rand_win.o \
../crypto/rsa/rsa_eay.o \
../crypto/rsa/rsa_gen.o \
../crypto/rsa/rsa_crpt.o \

View File

@ -347,25 +347,6 @@
#define OPENSSL_stderr FIPS_openssl_stderr
#define OpenSSLDie FIPS_openssldie
#define PKCS1_MGF1 FIPS_pkcs1_mgf1
#define RAND_SSLeay FIPS_rand_ssleay
#define RAND_add FIPS_rand_add
#define RAND_bytes FIPS_ossl_rand_bytes
#define RAND_cleanup FIPS_rand_cleanup
#define RAND_egd FIPS_rand_egd
#define RAND_egd_bytes FIPS_rand_egd_bytes
#define RAND_event FIPS_rand_event
#define RAND_file_name FIPS_rand_file_name
#define RAND_get_rand_method FIPS_rand_get_rand_method
#define RAND_load_file FIPS_rand_load_file
#define RAND_poll FIPS_rand_poll
#define RAND_pseudo_bytes FIPS_rand_pseudo_bytes
#define RAND_query_egd_bytes FIPS_rand_query_egd_bytes
#define RAND_screen FIPS_rand_screen
#define RAND_seed FIPS_ossl_rand_seed
#define RAND_set_rand_method FIPS_rand_set_rand_method
#define RAND_status FIPS_ossl_rand_status
#define RAND_version FIPS_rand_version
#define RAND_write_file FIPS_rand_write_file
#define RSA_PKCS1_SSLeay FIPS_rsa_pkcs1_ssleay
#define RSA_X931_derive_ex FIPS_rsa_x931_derive_ex
#define RSA_X931_generate_key_ex FIPS_rsa_x931_generate_key_ex
@ -513,6 +494,17 @@
#define DH_compute_key_padded FIPS_dh_compute_key_padded
#define ECDH_OpenSSL FIPS_ecdh_openssl
#define ECDH_compute_key FIPS_ecdh_compute_key
#define CMAC_CTX_cleanup FIPS_cmac_ctx_cleanup
#define CMAC_CTX_copy FIPS_cmac_ctx_copy
#define CMAC_CTX_free FIPS_cmac_ctx_free
#define CMAC_CTX_get0_cipher_ctx FIPS_cmac_ctx_get0_cipher_ctx
#define CMAC_CTX_new FIPS_cmac_ctx_new
#define CMAC_Init FIPS_cmac_init
#define CMAC_Update FIPS_cmac_update
#define CMAC_Final FIPS_cmac_final
#define CMAC_resume FIPS_cmac_resume
/* assembler symbols */
#define gcm_gmult_4bit_x86 fips_gcm_gmult_4bit_x86
#define gcm_ghash_4bit_x86 fips_gcm_ghash_4bit_x86

View File

@ -340,13 +340,13 @@ static int drbg_ctr_generate(DRBG_CTX *dctx,
{
/* Use K as temp space as it will be updated */
AES_encrypt(cctx->V, cctx->K, &cctx->ks);
if (!drbg_cprng_test(dctx, cctx->K))
if (!fips_drbg_cprng_test(dctx, cctx->K))
return 0;
memcpy(out, cctx->K, outlen);
break;
}
AES_encrypt(cctx->V, out, &cctx->ks);
if (!drbg_cprng_test(dctx, out))
if (!fips_drbg_cprng_test(dctx, out))
return 0;
out += 16;
outlen -= 16;

View File

@ -204,13 +204,13 @@ static int hash_gen(DRBG_CTX *dctx, unsigned char *out, size_t outlen)
if (outlen < dctx->blocklength)
{
FIPS_digestfinal(&hctx->mctx, hctx->vtmp, NULL);
if (!drbg_cprng_test(dctx, hctx->vtmp))
if (!fips_drbg_cprng_test(dctx, hctx->vtmp))
return 0;
memcpy(out, hctx->vtmp, outlen);
return 1;
}
FIPS_digestfinal(&hctx->mctx, out, NULL);
if (!drbg_cprng_test(dctx, out))
if (!fips_drbg_cprng_test(dctx, out))
return 0;
outlen -= dctx->blocklength;
if (outlen == 0)

View File

@ -406,7 +406,7 @@ void FIPS_drbg_stick(void)
}
/* Continuous DRBG utility function */
int drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out)
int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out)
{
/* No CPRNG in test mode */
if (dctx->flags & DRBG_FLAG_TEST)

View File

@ -185,4 +185,4 @@ struct drbg_ctx_st
int fips_drbg_ctr_init(DRBG_CTX *dctx);
int fips_drbg_hash_init(DRBG_CTX *dctx);
int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags);
int drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out);
int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out);