summaryrefslogtreecommitdiff
path: root/random
diff options
context:
space:
mode:
authorWerner Koch <wk@gnupg.org>2013-10-22 14:26:53 +0200
committerWerner Koch <wk@gnupg.org>2013-12-05 08:27:48 +0100
commit7bacf1812b55fa78db63abaa1f5a9220e9c6cccc (patch)
tree4141585ef24a83e22e411355585784f24b78f58f /random
parent85bb0a98ea5add0296cbcc415d557eaa1f6bd294 (diff)
downloadlibgcrypt-7bacf1812b55fa78db63abaa1f5a9220e9c6cccc.tar.gz
Remove macro hacks for internal vs. external functions. Part 1.
* src/visibility.h: Remove almost all define/undef hacks for symbol visibility. Add macros to detect the use of the public functions. Change all affected functions by prefixing them explicitly with an underscore and change all internal callers to call the underscore prefixed versions. Provide convenience macros from sexp and mpi functions. * src/visibility.c: Change all functions to use only gpg_err_code_t and translate to gpg_error_t only in visibility.c. -- The use of the macro magic made if hard to follow the function calls in the source. It was not easy to see if an internal or external function (as defined by visibility.c) was called. The change is quite large but hopefully makes Libgcrypt easier to maintain. Some function have not yet been fixed; this will be done soon. Because Libgcrypt does no make use of any other libgpg-error using libraries it is useless to always translate between gpg_error_t and gpg_err_code_t (i.e with and w/o error source identifier). This translation has no mostly be moved to the function wrappers in visibility.c. An additional advantage of using gpg_err_code_t is that comparison can be done without using gpg_err_code(). I am sorry for that large patch, but a series of patches would actually be more work to audit. Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'random')
-rw-r--r--random/random-daemon.c4
-rw-r--r--random/random-fips.c56
-rw-r--r--random/random.c18
3 files changed, 39 insertions, 39 deletions
diff --git a/random/random-daemon.c b/random/random-daemon.c
index 26d77f8c..98a01536 100644
--- a/random/random-daemon.c
+++ b/random/random-daemon.c
@@ -270,7 +270,7 @@ call_daemon (const char *socketname,
if (rc == -1)
{
err = gcry_error_from_errno (errno);
- log_error ("read error: %s\n", gcry_strerror (err));
+ log_error ("read error: %s\n", _gcry_strerror (err));
break;
}
if (nread && buf[0])
@@ -308,7 +308,7 @@ call_daemon (const char *socketname,
if (rc == -1)
{
err = gcry_error_from_errno (errno);
- log_error ("read error: %s\n", gcry_strerror (err));
+ log_error ("read error: %s\n", _gcry_strerror (err));
break;
}
diff --git a/random/random-fips.c b/random/random-fips.c
index 7f205d29..c8100a21 100644
--- a/random/random-fips.c
+++ b/random/random-fips.c
@@ -390,9 +390,9 @@ encrypt_aes (gcry_cipher_hd_t key,
gcry_assert (length == 16);
- err = gcry_cipher_encrypt (key, output, length, input, length);
+ err = _gcry_cipher_encrypt (key, output, length, input, length);
if (err)
- log_fatal ("AES encryption in RNG failed: %s\n", gcry_strerror (err));
+ log_fatal ("AES encryption in RNG failed: %s\n", _gcry_strerror (err));
}
@@ -595,18 +595,18 @@ static gcry_cipher_hd_t
x931_generate_key (int for_nonce)
{
gcry_cipher_hd_t hd;
- gpg_error_t err;
+ gpg_err_code_t rc;
void *buffer;
gcry_assert (fips_rng_is_locked);
/* Allocate a cipher context. */
- err = gcry_cipher_open (&hd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_ECB,
+ rc = _gcry_cipher_open (&hd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_ECB,
GCRY_CIPHER_SECURE);
- if (err)
+ if (rc)
{
log_error ("error creating cipher context for RNG: %s\n",
- gcry_strerror (err));
+ _gcry_strerror (rc));
return NULL;
}
@@ -623,13 +623,13 @@ x931_generate_key (int for_nonce)
/* Set the key and delete the buffer because the key is now part of
the cipher context. */
- err = gcry_cipher_setkey (hd, buffer, X931_AES_KEYLEN);
+ rc = _gcry_cipher_setkey (hd, buffer, X931_AES_KEYLEN);
wipememory (buffer, X931_AES_KEYLEN);
gcry_free (buffer);
- if (err)
+ if (rc)
{
- log_error ("error creating key for RNG: %s\n", gcry_strerror (err));
- gcry_cipher_close (hd);
+ log_error ("error creating key for RNG: %s\n", _gcry_strerror (rc));
+ _gcry_cipher_close (hd);
return NULL;
}
@@ -897,7 +897,7 @@ selftest_kat (selftest_report_func_t report)
};
int tvidx, ridx;
rng_context_t test_ctx;
- gpg_error_t err;
+ gpg_err_code_t rc;
const char *errtxt = NULL;
unsigned char result[16];
@@ -911,17 +911,17 @@ selftest_kat (selftest_report_func_t report)
for (tvidx=0; tvidx < DIM (tv); tvidx++)
{
/* Setup the key. */
- err = gcry_cipher_open (&test_ctx->cipher_hd,
+ rc = _gcry_cipher_open (&test_ctx->cipher_hd,
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_ECB,
GCRY_CIPHER_SECURE);
- if (err)
+ if (rc)
{
errtxt = "error creating cipher context for RNG";
goto leave;
}
- err = gcry_cipher_setkey (test_ctx->cipher_hd, tv[tvidx].key, 16);
- if (err)
+ rc = _gcry_cipher_setkey (test_ctx->cipher_hd, tv[tvidx].key, 16);
+ if (rc)
{
errtxt = "error setting key for RNG";
goto leave;
@@ -969,7 +969,7 @@ selftest_kat (selftest_report_func_t report)
goto leave;
}
- gcry_cipher_close (test_ctx->cipher_hd);
+ _gcry_cipher_close (test_ctx->cipher_hd);
test_ctx->cipher_hd = NULL;
test_ctx->is_seeded = 0;
check_guards (test_ctx);
@@ -977,7 +977,7 @@ selftest_kat (selftest_report_func_t report)
leave:
unlock_rng ();
- gcry_cipher_close (test_ctx->cipher_hd);
+ _gcry_cipher_close (test_ctx->cipher_hd);
check_guards (test_ctx);
gcry_free (test_ctx);
if (report && errtxt)
@@ -1000,7 +1000,7 @@ _gcry_rngfips_selftest (selftest_report_func_t report)
enforce full initialization of the RNG. We need to be fully
initialized due to the global requirement of the
tempvalue_for_x931_aes_driver stuff. */
- gcry_randomize (buffer, sizeof buffer, GCRY_STRONG_RANDOM);
+ _gcry_randomize (buffer, sizeof buffer, GCRY_STRONG_RANDOM);
}
ec = selftest_kat (report);
@@ -1022,7 +1022,7 @@ _gcry_rngfips_init_external_test (void **r_context, unsigned int flags,
const void *seed, size_t seedlen,
const void *dt, size_t dtlen)
{
- gpg_error_t err;
+ gpg_err_code_t rc;
rng_context_t test_ctx;
_gcry_rngfips_initialize (1); /* Auto-initialize if needed. */
@@ -1039,14 +1039,14 @@ _gcry_rngfips_init_external_test (void **r_context, unsigned int flags,
setup_guards (test_ctx);
/* Setup the key. */
- err = gcry_cipher_open (&test_ctx->cipher_hd,
+ rc = _gcry_cipher_open (&test_ctx->cipher_hd,
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_ECB,
GCRY_CIPHER_SECURE);
- if (err)
+ if (rc)
goto leave;
- err = gcry_cipher_setkey (test_ctx->cipher_hd, key, keylen);
- if (err)
+ rc = _gcry_cipher_setkey (test_ctx->cipher_hd, key, keylen);
+ if (rc)
goto leave;
test_ctx->key_init_pid = getpid ();
@@ -1071,18 +1071,18 @@ _gcry_rngfips_init_external_test (void **r_context, unsigned int flags,
check_guards (test_ctx);
/* All fine. */
- err = 0;
+ rc = 0;
leave:
- if (err)
+ if (rc)
{
- gcry_cipher_close (test_ctx->cipher_hd);
+ _gcry_cipher_close (test_ctx->cipher_hd);
gcry_free (test_ctx);
*r_context = NULL;
}
else
*r_context = test_ctx;
- return gcry_err_code (err);
+ return rc;
}
@@ -1110,7 +1110,7 @@ _gcry_rngfips_deinit_external_test (void *context)
if (test_ctx)
{
- gcry_cipher_close (test_ctx->cipher_hd);
+ _gcry_cipher_close (test_ctx->cipher_hd);
gcry_free (test_ctx);
}
}
diff --git a/random/random.c b/random/random.c
index e56eb8a9..46793013 100644
--- a/random/random.c
+++ b/random/random.c
@@ -259,19 +259,19 @@ _gcry_random_is_faked (void)
/* Add BUFLEN bytes from BUF to the internal random pool. QUALITY
should be in the range of 0..100 to indicate the goodness of the
entropy added, or -1 for goodness not known. */
-gcry_error_t
-gcry_random_add_bytes (const void *buf, size_t buflen, int quality)
+gcry_err_code_t
+_gcry_random_add_bytes (const void *buf, size_t buflen, int quality)
{
if (fips_mode ())
return 0; /* No need for this in fips mode. */
else if (rng_types.standard)
- return _gcry_rngcsprng_add_bytes (buf, buflen, quality);
+ return gpg_err_code (_gcry_rngcsprng_add_bytes (buf, buflen, quality));
else if (rng_types.fips)
return 0;
else if (rng_types.system)
return 0;
else /* default */
- return _gcry_rngcsprng_add_bytes (buf, buflen, quality);
+ return gpg_err_code (_gcry_rngcsprng_add_bytes (buf, buflen, quality));
}
@@ -295,7 +295,7 @@ do_randomize (void *buffer, size_t length, enum gcry_random_level level)
Returns a pointer to a newly allocated and randomized buffer of
LEVEL and NBYTES length. Caller must free the buffer. */
void *
-gcry_random_bytes (size_t nbytes, enum gcry_random_level level)
+_gcry_random_bytes (size_t nbytes, enum gcry_random_level level)
{
void *buffer;
@@ -309,7 +309,7 @@ gcry_random_bytes (size_t nbytes, enum gcry_random_level level)
this version of the function returns the random in a buffer allocated
in secure memory. Caller must free the buffer. */
void *
-gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level)
+_gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level)
{
void *buffer;
@@ -328,7 +328,7 @@ gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level)
usage, GCRY_VERY_STRONG_RANDOM is good for key generation stuff but
may be very slow. */
void
-gcry_randomize (void *buffer, size_t length, enum gcry_random_level level)
+_gcry_randomize (void *buffer, size_t length, enum gcry_random_level level)
{
do_randomize (buffer, length, level);
}
@@ -398,7 +398,7 @@ _gcry_fast_random_poll (void)
/* Create an unpredicable nonce of LENGTH bytes in BUFFER. */
void
-gcry_create_nonce (void *buffer, size_t length)
+_gcry_create_nonce (void *buffer, size_t length)
{
static unsigned char nonce_buffer[20+8];
static int nonce_buffer_initialized = 0;
@@ -455,7 +455,7 @@ gcry_create_nonce (void *buffer, size_t length)
memcpy (p, &atime, sizeof atime);
/* Initialize the never changing private part of 64 bits. */
- gcry_randomize (nonce_buffer+20, 8, GCRY_WEAK_RANDOM);
+ _gcry_randomize (nonce_buffer+20, 8, GCRY_WEAK_RANDOM);
nonce_buffer_initialized = 1;
}