Include support for an add_lock callback to tiny FIPS locking API.

This commit is contained in:
Dr. Stephen Henson 2011-02-14 17:05:42 +00:00
parent c966120412
commit c876a4b7b1
4 changed files with 24 additions and 7 deletions

View File

@ -384,7 +384,7 @@ void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode,
struct CRYPTO_dynlock_value *l, const char *file, int line))
{
#ifdef OPENSSL_FIPS
FIPS_set_locking_callback(CRYPTO_lock);
FIPS_set_locking_callbacks(CRYPTO_lock, CRYPTO_add_lock);
#endif
dynlock_lock_callback=func;
}
@ -412,7 +412,7 @@ void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
const char *file,int line))
{
#ifdef OPENSSL_FIPS
FIPS_set_locking_callback(CRYPTO_lock);
FIPS_set_locking_callbacks(CRYPTO_lock, CRYPTO_add_lock);
#endif
locking_callback=func;
}

View File

@ -109,14 +109,17 @@ int fips_cipher_test(struct evp_cipher_ctx_st *ctx,
void fips_set_selftest_fail(void);
int fips_check_rsa(struct rsa_st *rsa);
void FIPS_set_locking_callback(void (*func)(int mode, int type,
const char *file,int line));
void FIPS_set_locking_callbacks(void (*func)(int mode, int type,
const char *file,int line),
int (*add_cb)(int *pointer, int amount,
int type, const char *file, int line));
/* Where necessary redirect standard OpenSSL APIs to FIPS versions */
#if defined(OPENSSL_FIPSCANISTER) && defined(OPENSSL_FIPSAPI)
#define CRYPTO_lock FIPS_lock
#define CRYPTO_add_lock FIPS_add_lock
#define CRYPTO_malloc FIPS_malloc
#define CRYPTO_free FIPS_free

View File

@ -59,6 +59,8 @@
/* FIPS locking callbacks */
static void (*fips_lck_cb)(int mode, int type,const char *file,int line) = 0;
static int (*fips_add_cb)(int *pointer, int amount, int type, const char *file,
int line);
void FIPS_lock(int mode, int type,const char *file,int line)
{
@ -66,8 +68,20 @@ void FIPS_lock(int mode, int type,const char *file,int line)
fips_lck_cb(mode, type, file, line);
}
void FIPS_set_locking_callback (void (*func)(int mode, int type,
const char *file,int line))
void FIPS_set_locking_callbacks(void (*func)(int mode, int type,
const char *file,int line),
int (*add_cb)(int *pointer, int amount,
int type, const char *file, int line))
{
fips_lck_cb = func;
fips_add_cb = add_cb;
}
int FIPS_add_lock(int *pointer, int amount, int type, const char *file,
int line)
{
if (fips_add_cb)
return fips_add_cb(pointer, amount, type, file, line);
*pointer += amount;
return *pointer;
}

View File

@ -4251,7 +4251,7 @@ ASN1_SCTX_new 4621 EXIST::FUNCTION:
EC_GFp_nistp224_method 4622 EXIST:!WIN32:FUNCTION:EC
FIPS_rsa_verify_ctx 4623 EXIST:OPENSSL_FIPS:FUNCTION:RSA
FIPS_selftest 4624 EXIST:OPENSSL_FIPS:FUNCTION:
FIPS_set_locking_callback 4625 EXIST:OPENSSL_FIPS:FUNCTION:
FIPS_set_locking_callbacks 4625 EXIST:OPENSSL_FIPS:FUNCTION:
fips_set_selftest_fail 4626 EXIST:OPENSSL_FIPS:FUNCTION:
fips_check_rsa 4627 EXIST:OPENSSL_FIPS:FUNCTION:
FIPS_check_incore_fingerprint 4628 EXIST:OPENSSL_FIPS:FUNCTION: