From: beck Date: Sat, 23 Oct 2021 09:13:51 +0000 (+0000) Subject: Add back the fips mode test functions, new stuff requires this. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=2b65cbb3ad9fb619e7bf555fe3196be3ecdb2456;p=openbsd Add back the fips mode test functions, new stuff requires this. Symbols.list changes to follow with tb's upcoming bump ok jsing@ --- diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index 2bc065afe27..1caac51601f 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.46 2021/09/03 23:30:42 job Exp $ +# $OpenBSD: Makefile,v 1.47 2021/10/23 09:13:51 beck Exp $ LIB= crypto LIBREBUILD=y @@ -41,7 +41,7 @@ SYMBOL_LIST= ${.CURDIR}/Symbols.list # crypto/ SRCS+= cryptlib.c malloc-wrapper.c mem_dbg.c cversion.c ex_data.c cpt_err.c -SRCS+= o_time.c o_str.c o_init.c +SRCS+= o_time.c o_str.c o_init.c o_fips.c SRCS+= mem_clr.c crypto_init.c crypto_lock.c # aes/ diff --git a/lib/libcrypto/crypto.h b/lib/libcrypto/crypto.h index 7de8abb437e..aba55560296 100644 --- a/lib/libcrypto/crypto.h +++ b/lib/libcrypto/crypto.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.h,v 1.50 2019/01/19 01:07:00 tb Exp $ */ +/* $OpenBSD: crypto.h,v 1.51 2021/10/23 09:13:51 beck Exp $ */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * @@ -505,6 +505,11 @@ uint64_t OPENSSL_cpu_caps(void); int OPENSSL_isservice(void); #ifndef LIBRESSL_INTERNAL +#if defined(LIBRESSL_NEW_API) +int FIPS_mode(void); +int FIPS_mode_set(int r); +#endif + void OPENSSL_init(void); /* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It diff --git a/lib/libcrypto/o_fips.c b/lib/libcrypto/o_fips.c new file mode 100644 index 00000000000..fe3861c5538 --- /dev/null +++ b/lib/libcrypto/o_fips.c @@ -0,0 +1,75 @@ +/* Written by Stephen henson (steve@@openssl.org) for the OpenSSL + * project 2011. + */ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@@cryptsoft.com). + * + */ + +#include + +#include "cryptlib.h" + +int +FIPS_mode(void) +{ + return 0; +} + +int +FIPS_mode_set(int r) +{ + if (r == 0) + return 1; + CRYPTOerror(CRYPTO_R_FIPS_MODE_NOT_SUPPORTED); + return 0; +}