mirror of
https://github.com/openssl/openssl.git
synced 2025-01-18 13:44:20 +08:00
Update fipssyms.h to keep all symbols in FIPS,fips namespace.
Rename drbg_cprng_test to fips_drbg_cprng_test. Remove rand files from Makefile.fips.
This commit is contained in:
parent
05e24c87dd
commit
42bd0a6b3c
@ -148,7 +148,7 @@ SHLIBDIRS= crypto
|
||||
SDIRS= \
|
||||
sha hmac des aes modes \
|
||||
bn ec rsa dsa ecdsa dh \
|
||||
buffer rand evp ecdh cmac
|
||||
buffer evp ecdh cmac
|
||||
# keep in mind that the above list is adjusted by ./Configure
|
||||
# according to no-xxx arguments...
|
||||
|
||||
@ -338,13 +338,6 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
|
||||
../crypto/modes/ctr128.o \
|
||||
../crypto/modes/gcm128.o \
|
||||
../crypto/modes/ofb128.o \
|
||||
../crypto/rand/md_rand.o \
|
||||
../crypto/rand/rand_egd.o \
|
||||
../crypto/rand/randfile.o \
|
||||
../crypto/rand/rand_lib.o \
|
||||
../crypto/rand/rand_os2.o \
|
||||
../crypto/rand/rand_unix.o \
|
||||
../crypto/rand/rand_win.o \
|
||||
../crypto/rsa/rsa_eay.o \
|
||||
../crypto/rsa/rsa_gen.o \
|
||||
../crypto/rsa/rsa_crpt.o \
|
||||
|
@ -347,25 +347,6 @@
|
||||
#define OPENSSL_stderr FIPS_openssl_stderr
|
||||
#define OpenSSLDie FIPS_openssldie
|
||||
#define PKCS1_MGF1 FIPS_pkcs1_mgf1
|
||||
#define RAND_SSLeay FIPS_rand_ssleay
|
||||
#define RAND_add FIPS_rand_add
|
||||
#define RAND_bytes FIPS_ossl_rand_bytes
|
||||
#define RAND_cleanup FIPS_rand_cleanup
|
||||
#define RAND_egd FIPS_rand_egd
|
||||
#define RAND_egd_bytes FIPS_rand_egd_bytes
|
||||
#define RAND_event FIPS_rand_event
|
||||
#define RAND_file_name FIPS_rand_file_name
|
||||
#define RAND_get_rand_method FIPS_rand_get_rand_method
|
||||
#define RAND_load_file FIPS_rand_load_file
|
||||
#define RAND_poll FIPS_rand_poll
|
||||
#define RAND_pseudo_bytes FIPS_rand_pseudo_bytes
|
||||
#define RAND_query_egd_bytes FIPS_rand_query_egd_bytes
|
||||
#define RAND_screen FIPS_rand_screen
|
||||
#define RAND_seed FIPS_ossl_rand_seed
|
||||
#define RAND_set_rand_method FIPS_rand_set_rand_method
|
||||
#define RAND_status FIPS_ossl_rand_status
|
||||
#define RAND_version FIPS_rand_version
|
||||
#define RAND_write_file FIPS_rand_write_file
|
||||
#define RSA_PKCS1_SSLeay FIPS_rsa_pkcs1_ssleay
|
||||
#define RSA_X931_derive_ex FIPS_rsa_x931_derive_ex
|
||||
#define RSA_X931_generate_key_ex FIPS_rsa_x931_generate_key_ex
|
||||
@ -513,6 +494,17 @@
|
||||
#define DH_compute_key_padded FIPS_dh_compute_key_padded
|
||||
#define ECDH_OpenSSL FIPS_ecdh_openssl
|
||||
#define ECDH_compute_key FIPS_ecdh_compute_key
|
||||
|
||||
#define CMAC_CTX_cleanup FIPS_cmac_ctx_cleanup
|
||||
#define CMAC_CTX_copy FIPS_cmac_ctx_copy
|
||||
#define CMAC_CTX_free FIPS_cmac_ctx_free
|
||||
#define CMAC_CTX_get0_cipher_ctx FIPS_cmac_ctx_get0_cipher_ctx
|
||||
#define CMAC_CTX_new FIPS_cmac_ctx_new
|
||||
#define CMAC_Init FIPS_cmac_init
|
||||
#define CMAC_Update FIPS_cmac_update
|
||||
#define CMAC_Final FIPS_cmac_final
|
||||
#define CMAC_resume FIPS_cmac_resume
|
||||
|
||||
/* assembler symbols */
|
||||
#define gcm_gmult_4bit_x86 fips_gcm_gmult_4bit_x86
|
||||
#define gcm_ghash_4bit_x86 fips_gcm_ghash_4bit_x86
|
||||
|
@ -340,13 +340,13 @@ static int drbg_ctr_generate(DRBG_CTX *dctx,
|
||||
{
|
||||
/* Use K as temp space as it will be updated */
|
||||
AES_encrypt(cctx->V, cctx->K, &cctx->ks);
|
||||
if (!drbg_cprng_test(dctx, cctx->K))
|
||||
if (!fips_drbg_cprng_test(dctx, cctx->K))
|
||||
return 0;
|
||||
memcpy(out, cctx->K, outlen);
|
||||
break;
|
||||
}
|
||||
AES_encrypt(cctx->V, out, &cctx->ks);
|
||||
if (!drbg_cprng_test(dctx, out))
|
||||
if (!fips_drbg_cprng_test(dctx, out))
|
||||
return 0;
|
||||
out += 16;
|
||||
outlen -= 16;
|
||||
|
@ -204,13 +204,13 @@ static int hash_gen(DRBG_CTX *dctx, unsigned char *out, size_t outlen)
|
||||
if (outlen < dctx->blocklength)
|
||||
{
|
||||
FIPS_digestfinal(&hctx->mctx, hctx->vtmp, NULL);
|
||||
if (!drbg_cprng_test(dctx, hctx->vtmp))
|
||||
if (!fips_drbg_cprng_test(dctx, hctx->vtmp))
|
||||
return 0;
|
||||
memcpy(out, hctx->vtmp, outlen);
|
||||
return 1;
|
||||
}
|
||||
FIPS_digestfinal(&hctx->mctx, out, NULL);
|
||||
if (!drbg_cprng_test(dctx, out))
|
||||
if (!fips_drbg_cprng_test(dctx, out))
|
||||
return 0;
|
||||
outlen -= dctx->blocklength;
|
||||
if (outlen == 0)
|
||||
|
@ -406,7 +406,7 @@ void FIPS_drbg_stick(void)
|
||||
}
|
||||
|
||||
/* Continuous DRBG utility function */
|
||||
int drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out)
|
||||
int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out)
|
||||
{
|
||||
/* No CPRNG in test mode */
|
||||
if (dctx->flags & DRBG_FLAG_TEST)
|
||||
|
@ -185,4 +185,4 @@ struct drbg_ctx_st
|
||||
int fips_drbg_ctr_init(DRBG_CTX *dctx);
|
||||
int fips_drbg_hash_init(DRBG_CTX *dctx);
|
||||
int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags);
|
||||
int drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out);
|
||||
int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out);
|
||||
|
Loading…
Reference in New Issue
Block a user