From 9e9f48f0b1f4cdf7e5020035b49c591a6871acd4 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Fri, 16 Apr 2004 09:52:50 +0000 Subject: [PATCH] Don't use global variables. Instead, use a function that returns the proper value. There are a few more spots where FIPS makes use of global variables. This is problematic on some non-Unix platforms. I will deal with them later. --- fips/fingerprint.sha1 | 4 ++-- fips/fips.c | 4 ++-- fips/rand/fingerprint.sha1 | 4 ++-- fips/rand/fips_rand.c | 5 +++++ fips/rand/fips_rand.h | 17 ++++++++++++++++- fips/rand/fips_randtest.c | 2 +- 6 files changed, 28 insertions(+), 8 deletions(-) diff --git a/fips/fingerprint.sha1 b/fips/fingerprint.sha1 index 7c18824a10..21ae776bb8 100644 --- a/fips/fingerprint.sha1 +++ b/fips/fingerprint.sha1 @@ -1,4 +1,4 @@ -HMAC-SHA1(fips.c)= 694287eefbf2d0a4fe1e4abc6c4f485375598e3a +HMAC-SHA1(fips.c)= 4e9bf09e312073c9bc11420cc000c1ddc6f7013c HMAC-SHA1(fips_err_wrapper.c)= d3e2be316062510312269e98f964cb87e7577898 -HMAC-SHA1(fips.h)= aeab7ad3b7a84dc83cf5099cffdec07a3f995dea +HMAC-SHA1(fips.h)= d6cd192b06fc002a2ca12296a4082de5f2ffa273 HMAC-SHA1(fips_err.h)= f4203a47100a815c21cf3a97092f91a595938f7c diff --git a/fips/fips.c b/fips/fips.c index f802130ef7..30bb5fba48 100644 --- a/fips/fips.c +++ b/fips/fips.c @@ -156,8 +156,8 @@ int FIPS_mode_set(int onoff,const char *path) } /* now switch into FIPS mode */ - FIPS_rand_check=&rand_fips_meth; - RAND_set_rand_method(&rand_fips_meth); + FIPS_rand_check=FIPS_rand_method(); + RAND_set_rand_method(FIPS_rand_method()); if(FIPS_selftest()) FIPS_mode=1; else diff --git a/fips/rand/fingerprint.sha1 b/fips/rand/fingerprint.sha1 index 4b9ab6cd54..f87df9f65e 100644 --- a/fips/rand/fingerprint.sha1 +++ b/fips/rand/fingerprint.sha1 @@ -1,2 +1,2 @@ -HMAC-SHA1(fips_rand.c)= 26921aa3f66397c57791f7c015c053ce84532e54 -HMAC-SHA1(fips_rand.h)= 72cff1a7ca7f33fe9df6b9da30e6420874eeb623 +HMAC-SHA1(fips_rand.c)= ab4f589420935782c6bffc4499959ac532c02682 +HMAC-SHA1(fips_rand.h)= 889afc9a526fe59138326134950b733627a7e9cf diff --git a/fips/rand/fips_rand.c b/fips/rand/fips_rand.c index 76c08af92c..6348c95e53 100644 --- a/fips/rand/fips_rand.c +++ b/fips/rand/fips_rand.c @@ -99,6 +99,11 @@ RAND_METHOD rand_fips_meth= static int second; +RAND_METHOD *FIPS_rand_method(void) +{ + return &rand_fips_meth; +} + void FIPS_set_prng_key(const unsigned char k1[8],const unsigned char k2[8]) { memcpy(&key1,k1,sizeof key1); diff --git a/fips/rand/fips_rand.h b/fips/rand/fips_rand.h index aa8961fdfc..d50eaa8a50 100644 --- a/fips/rand/fips_rand.h +++ b/fips/rand/fips_rand.h @@ -47,12 +47,27 @@ * */ +#ifndef HEADER_FIPS_RAND_H +#define HEADER_FIPS_RAND_H + #include "des.h" +#ifdef OPENSSL_FIPS + +#ifdef __cplusplus +extern "C" { +#endif + void FIPS_set_prng_key(const unsigned char k1[8],const unsigned char k2[8]); void FIPS_test_mode(int test,const unsigned char faketime[8]); void FIPS_rand_seed(const void *buf, int num); /* NB: this returns true if _partially_ seeded */ int FIPS_rand_seeded(void); -extern RAND_METHOD rand_fips_meth; +RAND_METHOD *FIPS_rand_method(void); + +#ifdef __cplusplus +} +#endif +#endif +#endif diff --git a/fips/rand/fips_randtest.c b/fips/rand/fips_randtest.c index 3e2f58e16d..ff9c91cd36 100644 --- a/fips/rand/fips_randtest.c +++ b/fips/rand/fips_randtest.c @@ -218,7 +218,7 @@ int main() long d; ERR_load_crypto_strings(); - RAND_set_rand_method(&rand_fips_meth); + RAND_set_rand_method(FIPS_rand_method()); run_test(&t1); run_test(&t2); -- 2.25.1