From fcc39fb11f82f1e6540a85fb2a1295640397778e Mon Sep 17 00:00:00 2001
From: Doug Hogan <hogand@users.noreply.github.com>
Date: Thu, 20 Dec 2018 02:04:39 -0800
Subject: Move RC4 functionality to a new file

Also, move a FIPS check macro to the common openssl_config.h.
---
 lib/crypto/c_src/Makefile.in      |  1 +
 lib/crypto/c_src/crypto.c         | 54 +--------------------------------------
 lib/crypto/c_src/openssl_config.h |  7 +++++
 lib/crypto/c_src/rc4.c            | 46 +++++++++++++++++++++++++++++++++
 lib/crypto/c_src/rc4.h            |  9 +++++++
 5 files changed, 64 insertions(+), 53 deletions(-)
 create mode 100644 lib/crypto/c_src/rc4.c
 create mode 100644 lib/crypto/c_src/rc4.h

(limited to 'lib/crypto')

diff --git a/lib/crypto/c_src/Makefile.in b/lib/crypto/c_src/Makefile.in
index 1caee06646..4a42fcc793 100644
--- a/lib/crypto/c_src/Makefile.in
+++ b/lib/crypto/c_src/Makefile.in
@@ -80,6 +80,7 @@ CRYPTO_OBJS = $(OBJDIR)/crypto$(TYPEMARKER).o \
 	$(OBJDIR)/engine$(TYPEMARKER).o \
 	$(OBJDIR)/hash$(TYPEMARKER).o \
 	$(OBJDIR)/hmac$(TYPEMARKER).o \
+	$(OBJDIR)/rc4$(TYPEMARKER).o \
 	$(OBJDIR)/rsa$(TYPEMARKER).o
 CALLBACK_OBJS = $(OBJDIR)/crypto_callback$(TYPEMARKER).o
 NIF_MAKEFILE = $(PRIVDIR)/Makefile
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 9cdc6eed17..dd2dddc58a 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -32,6 +32,7 @@
 #include "engine.h"
 #include "hash.h"
 #include "hmac.h"
+#include "rc4.h"
 #include "rsa.h"
 
 /* NIF interface declarations */
@@ -54,8 +55,6 @@ static ERL_NIF_TERM strong_rand_bytes_nif(ErlNifEnv* env, int argc, const ERL_NI
 static ERL_NIF_TERM strong_rand_range_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM rand_uniform_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM do_exor(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-static ERL_NIF_TERM rc4_set_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-static ERL_NIF_TERM rc4_encrypt_with_state(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM pkey_sign_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM pkey_verify_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM pkey_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
@@ -188,13 +187,6 @@ static int verify_lib_version(void)
     return 1;
 }
 
-#ifdef FIPS_SUPPORT
-/* In FIPS mode non-FIPS algorithms are disabled and return badarg. */
-#define CHECK_NO_FIPS_MODE() { if (FIPS_mode()) return atom_notsup; }
-#else
-#define CHECK_NO_FIPS_MODE()
-#endif
-
 #ifdef HAVE_DYNAMIC_CRYPTO_LIB
 
 # if defined(DEBUG)
@@ -1521,50 +1513,6 @@ static ERL_NIF_TERM do_exor(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
     return ret;
 }
 
-static ERL_NIF_TERM rc4_set_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Key) */
-#ifndef OPENSSL_NO_RC4
-    ErlNifBinary key;
-    ERL_NIF_TERM ret;
-
-    CHECK_NO_FIPS_MODE();
-
-    if (!enif_inspect_iolist_as_binary(env,argv[0], &key)) {
-	return enif_make_badarg(env);
-    }
-    RC4_set_key((RC4_KEY*)enif_make_new_binary(env, sizeof(RC4_KEY), &ret),
-		key.size, key.data);
-    return ret;
-#else
-    return enif_raise_exception(env, atom_notsup);
-#endif
-}
-
-static ERL_NIF_TERM rc4_encrypt_with_state(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (State, Data) */
-#ifndef OPENSSL_NO_RC4
-    ErlNifBinary state, data;
-    RC4_KEY* rc4_key;
-    ERL_NIF_TERM new_state, new_data;
-
-    CHECK_NO_FIPS_MODE();
-
-    if (!enif_inspect_iolist_as_binary(env,argv[0], &state)
-	|| state.size != sizeof(RC4_KEY)
-	|| !enif_inspect_iolist_as_binary(env,argv[1], &data)) {
-	return enif_make_badarg(env);
-    }
-    rc4_key = (RC4_KEY*)enif_make_new_binary(env, sizeof(RC4_KEY), &new_state);
-    memcpy(rc4_key, state.data, sizeof(RC4_KEY));
-    RC4(rc4_key, data.size, data.data,
-	enif_make_new_binary(env, data.size, &new_data));
-    CONSUME_REDS(env,data);
-    return enif_make_tuple2(env,new_state,new_data);
-#else
-    return enif_raise_exception(env, atom_notsup);
-#endif
-}
-
 #ifdef HAVE_EDDSA
  static int get_eddsa_key(ErlNifEnv* env, int public, ERL_NIF_TERM key, EVP_PKEY **pkey)
 {
diff --git a/lib/crypto/c_src/openssl_config.h b/lib/crypto/c_src/openssl_config.h
index 9550785190..802fb3e83c 100644
--- a/lib/crypto/c_src/openssl_config.h
+++ b/lib/crypto/c_src/openssl_config.h
@@ -307,4 +307,11 @@ do {							\
 #define PRINTF_ERR1(FMT,A1)
 #define PRINTF_ERR2(FMT,A1,A2)
 
+#ifdef FIPS_SUPPORT
+/* In FIPS mode non-FIPS algorithms are disabled and return badarg. */
+#define CHECK_NO_FIPS_MODE() { if (FIPS_mode()) return atom_notsup; }
+#else
+#define CHECK_NO_FIPS_MODE()
+#endif
+
 #endif /* E_OPENSSL_CONFIG_H__ */
diff --git a/lib/crypto/c_src/rc4.c b/lib/crypto/c_src/rc4.c
new file mode 100644
index 0000000000..9285c6ed87
--- /dev/null
+++ b/lib/crypto/c_src/rc4.c
@@ -0,0 +1,46 @@
+#include "rc4.h"
+
+ERL_NIF_TERM rc4_set_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Key) */
+#ifndef OPENSSL_NO_RC4
+    ErlNifBinary key;
+    ERL_NIF_TERM ret;
+
+    CHECK_NO_FIPS_MODE();
+
+    if (!enif_inspect_iolist_as_binary(env,argv[0], &key)) {
+	return enif_make_badarg(env);
+    }
+    RC4_set_key((RC4_KEY*)enif_make_new_binary(env, sizeof(RC4_KEY), &ret),
+		key.size, key.data);
+    return ret;
+#else
+    return enif_raise_exception(env, atom_notsup);
+#endif
+}
+
+ERL_NIF_TERM rc4_encrypt_with_state(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (State, Data) */
+#ifndef OPENSSL_NO_RC4
+    ErlNifBinary state, data;
+    RC4_KEY* rc4_key;
+    ERL_NIF_TERM new_state, new_data;
+
+    CHECK_NO_FIPS_MODE();
+
+    if (!enif_inspect_iolist_as_binary(env,argv[0], &state)
+	|| state.size != sizeof(RC4_KEY)
+	|| !enif_inspect_iolist_as_binary(env,argv[1], &data)) {
+	return enif_make_badarg(env);
+    }
+    rc4_key = (RC4_KEY*)enif_make_new_binary(env, sizeof(RC4_KEY), &new_state);
+    memcpy(rc4_key, state.data, sizeof(RC4_KEY));
+    RC4(rc4_key, data.size, data.data,
+	enif_make_new_binary(env, data.size, &new_data));
+    CONSUME_REDS(env,data);
+    return enif_make_tuple2(env,new_state,new_data);
+#else
+    return enif_raise_exception(env, atom_notsup);
+#endif
+}
+
diff --git a/lib/crypto/c_src/rc4.h b/lib/crypto/c_src/rc4.h
new file mode 100644
index 0000000000..23d0ae56dc
--- /dev/null
+++ b/lib/crypto/c_src/rc4.h
@@ -0,0 +1,9 @@
+#ifndef E_RC4_H__
+#define E_RC4_H__ 1
+
+#include "common.h"
+
+ERL_NIF_TERM rc4_set_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+ERL_NIF_TERM rc4_encrypt_with_state(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+
+#endif /* E_RC4_H__ */
-- 
cgit v1.2.3