diff options
author | Doug Hogan <[email protected]> | 2018-12-20 02:14:19 -0800 |
---|---|---|
committer | Doug Hogan <[email protected]> | 2018-12-20 02:30:58 -0800 |
commit | 49663961687dbf3beda19d875f91730b719e9f6f (patch) | |
tree | 1cb5adc0a03bc03319ef3672394fee4549f5e192 | |
parent | 910700572a9ad3b8bda0ea79832d338e626f6a54 (diff) | |
download | otp-49663961687dbf3beda19d875f91730b719e9f6f.tar.gz otp-49663961687dbf3beda19d875f91730b719e9f6f.tar.bz2 otp-49663961687dbf3beda19d875f91730b719e9f6f.zip |
Move most FIPS functionality to a new file
-rw-r--r-- | lib/crypto/c_src/Makefile.in | 1 | ||||
-rw-r--r-- | lib/crypto/c_src/crypto.c | 34 | ||||
-rw-r--r-- | lib/crypto/c_src/fips.c | 32 | ||||
-rw-r--r-- | lib/crypto/c_src/fips.h | 9 |
4 files changed, 43 insertions, 33 deletions
diff --git a/lib/crypto/c_src/Makefile.in b/lib/crypto/c_src/Makefile.in index 4d2f490f37..8a2d0ed471 100644 --- a/lib/crypto/c_src/Makefile.in +++ b/lib/crypto/c_src/Makefile.in @@ -88,6 +88,7 @@ CRYPTO_OBJS = $(OBJDIR)/crypto$(TYPEMARKER).o \ $(OBJDIR)/eddsa$(TYPEMARKER).o \ $(OBJDIR)/engine$(TYPEMARKER).o \ $(OBJDIR)/evp$(TYPEMARKER).o \ + $(OBJDIR)/fips$(TYPEMARKER).o \ $(OBJDIR)/hash$(TYPEMARKER).o \ $(OBJDIR)/hmac$(TYPEMARKER).o \ $(OBJDIR)/info$(TYPEMARKER).o \ diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c index b8525ee617..25dbb74e60 100644 --- a/lib/crypto/c_src/crypto.c +++ b/lib/crypto/c_src/crypto.c @@ -40,6 +40,7 @@ #include "eddsa.h" #include "engine.h" #include "evp.h" +#include "fips.h" #include "hash.h" #include "hmac.h" #include "info.h" @@ -57,8 +58,6 @@ static int upgrade(ErlNifEnv* env, void** priv_data, void** old_priv_data, ERL_N static void unload(ErlNifEnv* env, void* priv_data); /* The NIFs: */ -static ERL_NIF_TERM info_fips(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); -static ERL_NIF_TERM enable_fips_mode(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); static ERL_NIF_TERM algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); /* helpers */ @@ -623,34 +622,3 @@ static ERL_NIF_TERM algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv enif_make_list_from_array(env, algo_rsa_opts, rsa_opts_cnt) ); } - -static ERL_NIF_TERM info_fips(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) -{ -#ifdef FIPS_SUPPORT - return FIPS_mode() ? atom_enabled : atom_not_enabled; -#else - return atom_not_supported; -#endif -} - -static ERL_NIF_TERM enable_fips_mode(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) -{/* (Boolean) */ - if (argv[0] == atom_true) { -#ifdef FIPS_SUPPORT - if (FIPS_mode_set(1)) { - return atom_true; - } -#endif - PRINTF_ERR0("CRYPTO: Could not setup FIPS mode"); - return atom_false; - } else if (argv[0] == atom_false) { -#ifdef FIPS_SUPPORT - if (!FIPS_mode_set(0)) { - return atom_false; - } -#endif - return atom_true; - } else { - return enif_make_badarg(env); - } -} diff --git a/lib/crypto/c_src/fips.c b/lib/crypto/c_src/fips.c new file mode 100644 index 0000000000..5d6adb730c --- /dev/null +++ b/lib/crypto/c_src/fips.c @@ -0,0 +1,32 @@ +#include "fips.h" + +ERL_NIF_TERM info_fips(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) +{ +#ifdef FIPS_SUPPORT + return FIPS_mode() ? atom_enabled : atom_not_enabled; +#else + return atom_not_supported; +#endif +} + +ERL_NIF_TERM enable_fips_mode(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) +{/* (Boolean) */ + if (argv[0] == atom_true) { +#ifdef FIPS_SUPPORT + if (FIPS_mode_set(1)) { + return atom_true; + } +#endif + PRINTF_ERR0("CRYPTO: Could not setup FIPS mode"); + return atom_false; + } else if (argv[0] == atom_false) { +#ifdef FIPS_SUPPORT + if (!FIPS_mode_set(0)) { + return atom_false; + } +#endif + return atom_true; + } else { + return enif_make_badarg(env); + } +} diff --git a/lib/crypto/c_src/fips.h b/lib/crypto/c_src/fips.h new file mode 100644 index 0000000000..60ffe396c4 --- /dev/null +++ b/lib/crypto/c_src/fips.h @@ -0,0 +1,9 @@ +#ifndef E_FIPS_H__ +#define E_FIPS_H__ 1 + +#include "common.h" + +ERL_NIF_TERM info_fips(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); +ERL_NIF_TERM enable_fips_mode(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); + +#endif /* E_FIPS_H__ */ |