Move most FIPS functionality to a new file

4 files changed, 43 insertions, 33 deletions

diff --git a/lib/crypto/c_src/Makefile.in b/lib/crypto/c_src/Makefile.in
index 4d2f490f37..8a2d0ed471 100644
--- a/lib/crypto/c_src/Makefile.in
+++ b/lib/crypto/c_src/Makefile.in
@@ -88,6 +88,7 @@ CRYPTO_OBJS = $(OBJDIR)/crypto$(TYPEMARKER).o \
 	$(OBJDIR)/eddsa$(TYPEMARKER).o \
 	$(OBJDIR)/engine$(TYPEMARKER).o \
 	$(OBJDIR)/evp$(TYPEMARKER).o \
+	$(OBJDIR)/fips$(TYPEMARKER).o \
 	$(OBJDIR)/hash$(TYPEMARKER).o \
 	$(OBJDIR)/hmac$(TYPEMARKER).o \
 	$(OBJDIR)/info$(TYPEMARKER).o \
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index b8525ee617..25dbb74e60 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -40,6 +40,7 @@
 #include "eddsa.h"
 #include "engine.h"
 #include "evp.h"
+#include "fips.h"
 #include "hash.h"
 #include "hmac.h"
 #include "info.h"
@@ -57,8 +58,6 @@ static int upgrade(ErlNifEnv* env, void** priv_data, void** old_priv_data, ERL_N
 static void unload(ErlNifEnv* env, void* priv_data);
 
 /* The NIFs: */
-static ERL_NIF_TERM info_fips(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-static ERL_NIF_TERM enable_fips_mode(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 
 /* helpers */
@@ -623,34 +622,3 @@ static ERL_NIF_TERM algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv
 			    enif_make_list_from_array(env, algo_rsa_opts, rsa_opts_cnt)
                             );
 }
-
-static ERL_NIF_TERM info_fips(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{
-#ifdef FIPS_SUPPORT
-    return FIPS_mode() ? atom_enabled : atom_not_enabled;
-#else
-    return atom_not_supported;
-#endif
-}
-
-static ERL_NIF_TERM enable_fips_mode(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Boolean) */
-    if (argv[0] == atom_true) {
-#ifdef FIPS_SUPPORT
-        if (FIPS_mode_set(1)) {
-            return atom_true;
-        }
-#endif
-        PRINTF_ERR0("CRYPTO: Could not setup FIPS mode");
-        return atom_false;
-    } else if (argv[0] == atom_false) {
-#ifdef FIPS_SUPPORT
-        if (!FIPS_mode_set(0)) {
-            return atom_false;
-        }
-#endif
-        return atom_true;
-    } else {
-        return enif_make_badarg(env);
-    }
-}
diff --git a/lib/crypto/c_src/fips.c b/lib/crypto/c_src/fips.c
new file mode 100644
index 0000000000..5d6adb730c
--- /dev/null
+++ b/lib/crypto/c_src/fips.c
@@ -0,0 +1,32 @@
+#include "fips.h"
+
+ERL_NIF_TERM info_fips(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{
+#ifdef FIPS_SUPPORT
+    return FIPS_mode() ? atom_enabled : atom_not_enabled;
+#else
+    return atom_not_supported;
+#endif
+}
+
+ERL_NIF_TERM enable_fips_mode(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Boolean) */
+    if (argv[0] == atom_true) {
+#ifdef FIPS_SUPPORT
+        if (FIPS_mode_set(1)) {
+            return atom_true;
+        }
+#endif
+        PRINTF_ERR0("CRYPTO: Could not setup FIPS mode");
+        return atom_false;
+    } else if (argv[0] == atom_false) {
+#ifdef FIPS_SUPPORT
+        if (!FIPS_mode_set(0)) {
+            return atom_false;
+        }
+#endif
+        return atom_true;
+    } else {
+        return enif_make_badarg(env);
+    }
+}
diff --git a/lib/crypto/c_src/fips.h b/lib/crypto/c_src/fips.h
new file mode 100644
index 0000000000..60ffe396c4
--- /dev/null
+++ b/lib/crypto/c_src/fips.h
@@ -0,0 +1,9 @@
+#ifndef E_FIPS_H__
+#define E_FIPS_H__ 1
+
+#include "common.h"
+
+ERL_NIF_TERM info_fips(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+ERL_NIF_TERM enable_fips_mode(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+
+#endif /* E_FIPS_H__ */