Update fipssyms.h to keep all symbols in FIPS,fips namespace.

Rename drbg_cprng_test to fips_drbg_cprng_test.

Remove rand files from Makefile.fips.

6 files changed, 18 insertions, 33 deletions

diff --git a/Makefile.fips b/Makefile.fips
index 8d967b7f2a..65bc582ca7 100644
--- a/Makefile.fips
+++ b/Makefile.fips
@@ -148,7 +148,7 @@ SHLIBDIRS= crypto
 SDIRS=  \
 	sha hmac des aes modes \
 	bn ec rsa dsa ecdsa dh \
-	buffer rand evp ecdh cmac
+	buffer evp ecdh cmac
 # keep in mind that the above list is adjusted by ./Configure
 # according to no-xxx arguments...
 
@@ -338,13 +338,6 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
 	../crypto/modes/ctr128.o \
 	../crypto/modes/gcm128.o \
 	../crypto/modes/ofb128.o \
-	../crypto/rand/md_rand.o \
-	../crypto/rand/rand_egd.o \
-	../crypto/rand/randfile.o \
-	../crypto/rand/rand_lib.o \
-	../crypto/rand/rand_os2.o \
-	../crypto/rand/rand_unix.o \
-	../crypto/rand/rand_win.o \
 	../crypto/rsa/rsa_eay.o \
 	../crypto/rsa/rsa_gen.o \
 	../crypto/rsa/rsa_crpt.o \
diff --git a/fips/fipssyms.h b/fips/fipssyms.h
index 0b24c32ade..226e603d0a 100644
--- a/fips/fipssyms.h
+++ b/fips/fipssyms.h
@@ -347,25 +347,6 @@
 #define OPENSSL_stderr FIPS_openssl_stderr
 #define OpenSSLDie FIPS_openssldie
 #define PKCS1_MGF1 FIPS_pkcs1_mgf1
-#define RAND_SSLeay FIPS_rand_ssleay
-#define RAND_add FIPS_rand_add
-#define RAND_bytes FIPS_ossl_rand_bytes
-#define RAND_cleanup FIPS_rand_cleanup
-#define RAND_egd FIPS_rand_egd
-#define RAND_egd_bytes FIPS_rand_egd_bytes
-#define RAND_event FIPS_rand_event
-#define RAND_file_name FIPS_rand_file_name
-#define RAND_get_rand_method FIPS_rand_get_rand_method
-#define RAND_load_file FIPS_rand_load_file
-#define RAND_poll FIPS_rand_poll
-#define RAND_pseudo_bytes FIPS_rand_pseudo_bytes
-#define RAND_query_egd_bytes FIPS_rand_query_egd_bytes
-#define RAND_screen FIPS_rand_screen
-#define RAND_seed FIPS_ossl_rand_seed
-#define RAND_set_rand_method FIPS_rand_set_rand_method
-#define RAND_status FIPS_ossl_rand_status
-#define RAND_version FIPS_rand_version
-#define RAND_write_file FIPS_rand_write_file
 #define RSA_PKCS1_SSLeay FIPS_rsa_pkcs1_ssleay
 #define RSA_X931_derive_ex FIPS_rsa_x931_derive_ex
 #define RSA_X931_generate_key_ex FIPS_rsa_x931_generate_key_ex
@@ -513,6 +494,17 @@
 #define DH_compute_key_padded FIPS_dh_compute_key_padded
 #define ECDH_OpenSSL FIPS_ecdh_openssl
 #define ECDH_compute_key FIPS_ecdh_compute_key
+
+#define CMAC_CTX_cleanup FIPS_cmac_ctx_cleanup
+#define CMAC_CTX_copy FIPS_cmac_ctx_copy
+#define CMAC_CTX_free FIPS_cmac_ctx_free
+#define CMAC_CTX_get0_cipher_ctx FIPS_cmac_ctx_get0_cipher_ctx
+#define CMAC_CTX_new FIPS_cmac_ctx_new
+#define CMAC_Init FIPS_cmac_init
+#define CMAC_Update FIPS_cmac_update
+#define CMAC_Final FIPS_cmac_final
+#define CMAC_resume FIPS_cmac_resume
+
 /* assembler symbols */
 #define gcm_gmult_4bit_x86 fips_gcm_gmult_4bit_x86
 #define gcm_ghash_4bit_x86 fips_gcm_ghash_4bit_x86
diff --git a/fips/rand/fips_drbg_ctr.c b/fips/rand/fips_drbg_ctr.c
index 2a3c321618..4045e2d627 100644
--- a/fips/rand/fips_drbg_ctr.c
+++ b/fips/rand/fips_drbg_ctr.c
@@ -340,13 +340,13 @@ static int drbg_ctr_generate(DRBG_CTX *dctx,
 			{
 			/* Use K as temp space as it will be updated */
 			AES_encrypt(cctx->V, cctx->K, &cctx->ks);
-			if (!drbg_cprng_test(dctx, cctx->K))
+			if (!fips_drbg_cprng_test(dctx, cctx->K))
 				return 0;
 			memcpy(out, cctx->K, outlen);
 			break;
 			}
 		AES_encrypt(cctx->V, out, &cctx->ks);
-		if (!drbg_cprng_test(dctx, out))
+		if (!fips_drbg_cprng_test(dctx, out))
 			return 0;
 		out += 16;
 		outlen -= 16;
diff --git a/fips/rand/fips_drbg_hash.c b/fips/rand/fips_drbg_hash.c
index 8b49f33a63..a94170f135 100644
--- a/fips/rand/fips_drbg_hash.c
+++ b/fips/rand/fips_drbg_hash.c
@@ -204,13 +204,13 @@ static int hash_gen(DRBG_CTX *dctx, unsigned char *out, size_t outlen)
 		if (outlen < dctx->blocklength)
 			{
 			FIPS_digestfinal(&hctx->mctx, hctx->vtmp, NULL);
-			if (!drbg_cprng_test(dctx, hctx->vtmp))
+			if (!fips_drbg_cprng_test(dctx, hctx->vtmp))
 				return 0;
 			memcpy(out, hctx->vtmp, outlen);
 			return 1;
 			}
 		FIPS_digestfinal(&hctx->mctx, out, NULL);
-		if (!drbg_cprng_test(dctx, out))
+		if (!fips_drbg_cprng_test(dctx, out))
 			return 0;
 		outlen -= dctx->blocklength;
 		if (outlen == 0)
diff --git a/fips/rand/fips_drbg_lib.c b/fips/rand/fips_drbg_lib.c
index 920a61a97a..7a0a1070e2 100644
--- a/fips/rand/fips_drbg_lib.c
+++ b/fips/rand/fips_drbg_lib.c
@@ -406,7 +406,7 @@ void FIPS_drbg_stick(void)
 	}
 
 /* Continuous DRBG utility function */
-int drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out)
+int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out)
 	{
 	/* No CPRNG in test mode */
 	if (dctx->flags & DRBG_FLAG_TEST)
diff --git a/fips/rand/fips_rand_lcl.h b/fips/rand/fips_rand_lcl.h
index 2d63409537..94f58ea4cd 100644
--- a/fips/rand/fips_rand_lcl.h
+++ b/fips/rand/fips_rand_lcl.h
@@ -185,4 +185,4 @@ struct drbg_ctx_st
 int fips_drbg_ctr_init(DRBG_CTX *dctx);
 int fips_drbg_hash_init(DRBG_CTX *dctx);
 int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags);
-int drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out);
+int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out);