Move all FIPSAPI renames into fips.h header file, include early in

crypto.h if needed. Modify source tree to handle change.
author: Dr. Stephen Henson <steve@openssl.org> 2011-01-27 19:10:56 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2011-01-27 19:10:56 +0000
commit: 7edfe6745670d2f4d53d96f268f2dba11326a51c (patch)
tree: 781e222d8af65fec366d3af0d132022a62c95435 /crypto
parent: d8ad2e6112d4757eeca8d6dac9cabf9fed330321 (diff)
13 files changed, 24 insertions, 102 deletions
diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c
index d2bba48b0d..2dc677c739 100644
--- a/crypto/bn/bn_blind.c
+++ b/crypto/bn/bn_blind.c
@@ -109,16 +109,12 @@
  * [including the GNU Public Licence.]
  */
 
+#define OPENSSL_FIPSAPI
+
 #include <stdio.h>
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
-#define OPENSSL_FIPSAPI
-
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
 #define BN_BLINDING_COUNTER	32
 
 struct bn_blinding_st
diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c
index f16fb35f5a..0272dbb62b 100644
--- a/crypto/bn/bn_ctx.c
+++ b/crypto/bn/bn_ctx.c
@@ -68,10 +68,6 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
 /* TODO list
  *
  * 1. Check a bunch of "(words+1)" type hacks in various bignum functions and
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index 2267367793..ce31ad0a58 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -109,15 +109,11 @@
  *
  */
 
+#define OPENSSL_FIPSAPI
 
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
-#define OPENSSL_FIPSAPI
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
 /* maximum precomputation table size for *variable* sliding windows */
 #define TABLE_SIZE	32
 
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 503762b31e..e7dea71911 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -61,17 +61,14 @@
 # define NDEBUG
 #endif
 
+#define OPENSSL_FIPSAPI
+
 #include <assert.h>
 #include <limits.h>
 #include <stdio.h>
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
-#define OPENSSL_FIPSAPI
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
 const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT;
 
 /* This stuff appears to be completely unused, so is deprecated */
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index ba659cfd1d..2f7fb843a9 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -122,10 +122,6 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
 #define MONT_WORD /* use the faster word-based algorithm */
 
 #ifdef MONT_WORD
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index 070b1e4ed2..215285b90f 100644
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -109,17 +109,14 @@
  *
  */
 
+#define OPENSSL_FIPSAPI
+
 #include <stdio.h>
 #include <time.h>
 #include "cryptlib.h"
 #include "bn_lcl.h"
 #include <openssl/rand.h>
 
-#define OPENSSL_FIPSAPI
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
 static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
 	{
 	unsigned char *buf=NULL;
diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c
index dde27ae71a..c086af6d0b 100644
--- a/crypto/bn/bn_recp.c
+++ b/crypto/bn/bn_recp.c
@@ -56,14 +56,12 @@
  * [including the GNU Public Licence.]
  */
 
+#define OPENSSL_FIPSAPI
+
 #include <stdio.h>
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
-#define OPENSSL_FIPSAPI
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
 
 void BN_RECP_CTX_init(BN_RECP_CTX *recp)
 	{
diff --git a/crypto/buffer/buf_str.c b/crypto/buffer/buf_str.c
index 6d94942df8..11241f8727 100644
--- a/crypto/buffer/buf_str.c
+++ b/crypto/buffer/buf_str.c
@@ -56,15 +56,12 @@
  * [including the GNU Public Licence.]
  */
 
+#define OPENSSL_FIPSAPI
+
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/buffer.h>
 
-#define OPENSSL_FIPSAPI
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
 char *BUF_strdup(const char *str)
 	{
 	if (str == NULL) return(NULL);
diff --git a/crypto/crypto.h b/crypto/crypto.h
index 5089c65882..938c2bc144 100644
--- a/crypto/crypto.h
+++ b/crypto/crypto.h
@@ -125,6 +125,11 @@
 #include <stdio.h>
 #endif
 
+/* Get FIPS renames if needed */
+#if defined(OPENSSL_FIPSCANISTER) && defined(OPENSSL_FIPSAPI)
+#include <openssl/fips.h>
+#endif
+
 #include <openssl/stack.h>
 #include <openssl/safestack.h>
 #include <openssl/opensslv.h>
diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c
index 3684960203..d983471e3b 100644
--- a/crypto/dsa/dsa_sign.c
+++ b/crypto/dsa/dsa_sign.c
@@ -58,16 +58,13 @@
 
 /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
 
+#define OPENSSL_FIPSAPI
+
 #include "cryptlib.h"
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 #include <openssl/bn.h>
 
-#define OPENSSL_FIPSAPI
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
 DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	{
 	return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 086da7c794..01f43993aa 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -526,70 +526,20 @@ __owur int EVP_Cipher(EVP_CIPHER_CTX *c,
 #define EVP_delete_digest_alias(alias) \
 	OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
 
-#ifdef OPENSSL_FIPS
-void FIPS_md_ctx_init(EVP_MD_CTX *ctx);
-EVP_MD_CTX *FIPS_md_ctx_create(void);
-void FIPS_md_ctx_destroy(EVP_MD_CTX *ctx);
-int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type);
-int FIPS_digestupdate(EVP_MD_CTX *ctx, const void *data, size_t count);
-int FIPS_digestfinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size);
-int FIPS_digest(const void *data, size_t count,
-		unsigned char *md, unsigned int *size, const EVP_MD *type);
-int FIPS_md_ctx_cleanup(EVP_MD_CTX *ctx);
-int     FIPS_md_ctx_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
-
-
-void FIPS_cipher_ctx_init(EVP_CIPHER_CTX *ctx);
-int FIPS_cipher_ctx_cleanup(EVP_CIPHER_CTX *c);
-EVP_CIPHER_CTX *FIPS_cipher_ctx_new(void);
-void FIPS_cipher_ctx_free(EVP_CIPHER_CTX *ctx);
-int FIPS_cipherinit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-	     const unsigned char *key, const unsigned char *iv, int enc);
-int FIPS_cipher_ctx_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
-int FIPS_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			const unsigned char *in, unsigned int inl);
-
-#endif
-
-#if defined(OPENSSL_FIPSCANISTER) && defined(OPENSSL_FIPSAPI)
-
-#define EVP_MD_CTX_init FIPS_md_ctx_init
-#define EVP_MD_CTX_cleanup FIPS_md_ctx_cleanup
-#define EVP_MD_CTX_create FIPS_md_ctx_create
-#define EVP_MD_CTX_destroy FIPS_md_ctx_destroy
-#define EVP_DigestInit_ex(ctx, type, impl) FIPS_digestinit(ctx, type)
-#define EVP_DigestUpdate FIPS_digestupdate
-#define EVP_Digest(data, count, md, size, type, impl) \
-			FIPS_digest(data, count, md, size, type)
-#define EVP_DigestFinal_ex FIPS_digestfinal
-#define EVP_MD_CTX_copy_ex FIPS_md_ctx_copy
-
-#define EVP_CipherInit_ex(ctx, cipher, impl, key, iv, enc) \
-				FIPS_cipherinit(ctx, cipher, key, iv, enc)
-
-#define EVP_CIPHER_CTX_init FIPS_cipher_ctx_init
-#define EVP_CIPHER_CTX_cleanup FIPS_cipher_ctx_cleanup
-#define EVP_Cipher FIPS_cipher
-#define EVP_CIPHER_CTX_ctrl FIPS_cipher_ctx_ctrl
-
-#else
-
 void	EVP_MD_CTX_init(EVP_MD_CTX *ctx);
 int	EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
 EVP_MD_CTX *EVP_MD_CTX_create(void);
 void	EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
+__owur int     EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
+void	EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+void	EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+int 	EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx,int flags);
 __owur int	EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
 __owur int	EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
 			 size_t cnt);
 __owur int	EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
 __owur int	EVP_Digest(const void *data, size_t count,
 		unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl);
-#endif
-
-__owur int     EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
-void	EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
-void	EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
-int 	EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx,int flags);
 
 __owur int     EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
 __owur int	EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index e82a81b03a..90d6b3cd7c 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -62,6 +62,8 @@
  * - Geoff
  */
 
+#define OPENSSL_FIPSAPI
+
 #include <stdio.h>
 #include <time.h>
 #include "cryptlib.h"
@@ -70,7 +72,6 @@
 
 #ifdef OPENSSL_FIPS
 
-#define OPENSSL_FIPSAPI
 
 #include <openssl/fips.h>
 #include <openssl/evp.h>
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
index 48cd89dd48..eaae712236 100644
--- a/crypto/rsa/rsa_oaep.c
+++ b/crypto/rsa/rsa_oaep.c
@@ -30,10 +30,6 @@
 #include <openssl/rand.h>
 #include <openssl/sha.h>
 
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
 static int MGF1(unsigned char *mask, long len,
 	const unsigned char *seed, long seedlen);
author	Dr. Stephen Henson <steve@openssl.org>	2011-01-27 19:10:56 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2011-01-27 19:10:56 +0000
commit	7edfe6745670d2f4d53d96f268f2dba11326a51c (patch)
tree	781e222d8af65fec366d3af0d132022a62c95435 /crypto
parent	d8ad2e6112d4757eeca8d6dac9cabf9fed330321 (diff)