diff options
author | Richard Levitte <levitte@openssl.org> | 2020-04-13 22:34:56 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-04-28 15:37:37 +0200 |
commit | f844f9eb44186df2f8b0cfd3264b4eb003d8c61a (patch) | |
tree | 29860f9c269b67546a418c0197066164e455a362 /crypto/rand | |
parent | cf86057a1acd13b13c9bd8f7b8a14bbc0e3ffd56 (diff) |
Rename FIPS_MODE to FIPS_MODULE
This macro is used to determine if certain pieces of code should
become part of the FIPS module or not. The old name was confusing.
Fixes #11538
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11539)
Diffstat (limited to 'crypto/rand')
-rw-r--r-- | crypto/rand/drbg_ctr.c | 2 | ||||
-rw-r--r-- | crypto/rand/drbg_lib.c | 12 | ||||
-rw-r--r-- | crypto/rand/rand_lib.c | 16 | ||||
-rw-r--r-- | crypto/rand/rand_local.h | 2 | ||||
-rw-r--r-- | crypto/rand/rand_unix.c | 6 | ||||
-rw-r--r-- | crypto/rand/rand_win.c | 2 |
6 files changed, 20 insertions, 20 deletions
diff --git a/crypto/rand/drbg_ctr.c b/crypto/rand/drbg_ctr.c index 063e3bb110..050ae49652 100644 --- a/crypto/rand/drbg_ctr.c +++ b/crypto/rand/drbg_ctr.c @@ -480,7 +480,7 @@ int drbg_ctr_init(RAND_DRBG *drbg) drbg->max_perslen = DRBG_MAX_LENGTH; drbg->max_adinlen = DRBG_MAX_LENGTH; } else { -#ifdef FIPS_MODE +#ifdef FIPS_MODULE RANDerr(RAND_F_DRBG_CTR_INIT, RAND_R_DERIVATION_FUNCTION_MANDATORY_FOR_FIPS); return 0; diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c index c3f3b4ebe7..cda13595e3 100644 --- a/crypto/rand/drbg_lib.c +++ b/crypto/rand/drbg_lib.c @@ -161,7 +161,7 @@ static void *drbg_ossl_ctx_new(OPENSSL_CTX *libctx) if (dgbl == NULL) return NULL; -#ifndef FIPS_MODE +#ifndef FIPS_MODULE /* * We need to ensure that base libcrypto thread handling has been * initialised. @@ -468,7 +468,7 @@ static RAND_DRBG *rand_drbg_new(OPENSSL_CTX *ctx, drbg->parent = parent; if (parent == NULL) { -#ifdef FIPS_MODE +#ifdef FIPS_MODULE drbg->get_entropy = rand_crngt_get_entropy; drbg->cleanup_entropy = rand_crngt_cleanup_entropy; #else @@ -552,7 +552,7 @@ void RAND_DRBG_free(RAND_DRBG *drbg) drbg->meth->uninstantiate(drbg); rand_pool_free(drbg->adin_pool); CRYPTO_THREAD_lock_free(drbg->lock); -#ifndef FIPS_MODE +#ifndef FIPS_MODULE CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RAND_DRBG, drbg, &drbg->ex_data); #endif @@ -1143,7 +1143,7 @@ int rand_drbg_enable_locking(RAND_DRBG *drbg) return 1; } -#ifndef FIPS_MODE +#ifndef FIPS_MODULE /* * Get and set the EXDATA */ @@ -1287,7 +1287,7 @@ static int drbg_add(const void *buf, int num, double randomness) buflen = (size_t)num; -#ifdef FIPS_MODE +#ifdef FIPS_MODULE /* * NIST SP-800-90A mandates that entropy *shall not* be provided * by the consuming application. By setting the randomness to zero, @@ -1458,7 +1458,7 @@ RAND_METHOD rand_meth = { RAND_METHOD *RAND_OpenSSL(void) { -#ifndef FIPS_MODE +#ifndef FIPS_MODULE return &rand_meth; #else return NULL; diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 2e21ddfc21..a5eb0bc7ae 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -17,7 +17,7 @@ #include "rand_local.h" #include "e_os.h" -#ifndef FIPS_MODE +#ifndef FIPS_MODULE # ifndef OPENSSL_NO_ENGINE /* non-NULL if default_RAND_meth is ENGINE-provided */ static ENGINE *funct_ref; @@ -28,7 +28,7 @@ static const RAND_METHOD *default_RAND_meth; static CRYPTO_ONCE rand_init = CRYPTO_ONCE_STATIC_INIT; static int rand_inited = 0; -#endif /* FIPS_MODE */ +#endif /* FIPS_MODULE */ #ifdef OPENSSL_RAND_SEED_RDTSC /* @@ -238,7 +238,7 @@ void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out) rand_pool_reattach(pool, out); } -#ifndef FIPS_MODE +#ifndef FIPS_MODULE DEFINE_RUN_ONCE_STATIC(do_rand_init) { # ifndef OPENSSL_NO_ENGINE @@ -354,7 +354,7 @@ int RAND_poll(void) return ret; } -#endif /* FIPS_MODE */ +#endif /* FIPS_MODULE */ /* * Allocate memory and initialize a new random pool @@ -753,7 +753,7 @@ int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy) return 1; } -#ifndef FIPS_MODE +#ifndef FIPS_MODULE int RAND_set_rand_method(const RAND_METHOD *meth) { if (!RUN_ONCE(&rand_init, do_rand_init)) @@ -772,7 +772,7 @@ int RAND_set_rand_method(const RAND_METHOD *meth) const RAND_METHOD *RAND_get_rand_method(void) { -#ifdef FIPS_MODE +#ifdef FIPS_MODULE return NULL; #else const RAND_METHOD *tmp_meth = NULL; @@ -804,7 +804,7 @@ const RAND_METHOD *RAND_get_rand_method(void) #endif } -#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODE) +#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE) int RAND_set_rand_engine(ENGINE *engine) { const RAND_METHOD *tmp_meth = NULL; @@ -899,7 +899,7 @@ int RAND_bytes(unsigned char *buf, int num) return RAND_bytes_ex(NULL, buf, num); } -#if !defined(OPENSSL_NO_DEPRECATED_1_1_0) && !defined(FIPS_MODE) +#if !defined(OPENSSL_NO_DEPRECATED_1_1_0) && !defined(FIPS_MODULE) int RAND_pseudo_bytes(unsigned char *buf, int num) { const RAND_METHOD *meth = RAND_get_rand_method(); diff --git a/crypto/rand/rand_local.h b/crypto/rand/rand_local.h index 5152bf805e..76e50fa2fa 100644 --- a/crypto/rand/rand_local.h +++ b/crypto/rand/rand_local.h @@ -310,7 +310,7 @@ struct rand_drbg_st { size_t seedlen; DRBG_STATUS state; -#ifndef FIPS_MODE +#ifndef FIPS_MODULE /* Application data, mainly used in the KATs. */ CRYPTO_EX_DATA ex_data; #endif diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index bef4af8d9d..319c6e4c53 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -349,7 +349,7 @@ static ssize_t syscall_random(void *buf, size_t buflen) if (getentropy != NULL) return getentropy(buf, buflen) == 0 ? (ssize_t)buflen : -1; -# elif !defined(FIPS_MODE) +# elif !defined(FIPS_MODULE) union { void *p; int (*f)(void *buffer, size_t length); @@ -392,7 +392,7 @@ static int keep_random_devices_open = 1; # if defined(__linux) && defined(DEVRANDOM_WAIT) static void *shm_addr; -# if !defined(FIPS_MODE) +# if !defined(FIPS_MODULE) static void cleanup_shm(void) { shmdt(shm_addr); @@ -463,7 +463,7 @@ static int wait_random_seeded(void) * If this call fails, it isn't a big problem. */ shm_addr = shmat(shm_id, NULL, SHM_RDONLY); -# ifndef FIPS_MODE +# ifndef FIPS_MODULE /* TODO 3.0: The FIPS provider doesn't have OPENSSL_atexit */ if (shm_addr != (void *)-1) OPENSSL_atexit(&cleanup_shm); diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c index 213a742529..a154ad7bf3 100644 --- a/crypto/rand/rand_win.c +++ b/crypto/rand/rand_win.c @@ -163,7 +163,7 @@ int rand_pool_add_additional_data(RAND_POOL *pool) return rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0); } -# if !defined(OPENSSL_NO_DEPRECATED_1_1_0) && !defined(FIPS_MODE) +# if !defined(OPENSSL_NO_DEPRECATED_1_1_0) && !defined(FIPS_MODULE) int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam) { RAND_poll(); |