diff options
| author | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2018-06-19 18:34:33 +0300 |
|---|---|---|
| committer | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2018-06-19 19:29:25 +0300 |
| commit | b6e6ace324440f564df664e27f8276ef01f76795 (patch) | |
| tree | 3281fd2dd4fdaf2473d91bfb03b609c4d4c8889d /src/fips.c | |
| parent | 233e2049a2cc1c1110f541b6a7ef145a737e2c65 (diff) | |
| download | libgcrypt-b6e6ace324440f564df664e27f8276ef01f76795.tar.gz | |
Add fast path for _gcry_fips_is_operational
* src/fips.c (no_fips_mode_required): Rename to...
(_gcry_no_fips_mode_required): ...this and make externally available.
* src/g10lib.h (_gcry_no_fips_mode_required): New extern.
(fips_mode): Inline _gcry_fips_mode to macro, use
_gcry_no_fips_mode_required directly.
(fips_is_operational): Inline fips_mode check from
_gcry_fips_in_operational.
--
Add fast path to reduce call overhead in src/visibility.c where
fips_is_operational is called before cipher/md/etc operations.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Diffstat (limited to 'src/fips.c')
| -rw-r--r-- | src/fips.c | 14 |
1 files changed, 7 insertions, 7 deletions
@@ -57,7 +57,7 @@ enum module_states that fips mode is the default unless changed by the initialization code. To check whether fips mode is enabled, use the function fips_mode()! */ -static int no_fips_mode_required; +int _gcry_no_fips_mode_required; /* Flag to indicate that we are in the enforced FIPS mode. */ static int enforced_fips_mode; @@ -118,7 +118,7 @@ _gcry_initialize_fips_mode (int force) /* If the calling application explicitly requested fipsmode, do so. */ if (force) { - gcry_assert (!no_fips_mode_required); + gcry_assert (!_gcry_no_fips_mode_required); goto leave; } @@ -129,7 +129,7 @@ _gcry_initialize_fips_mode (int force) actually used. The file itself may be empty. */ if ( !access (FIPS_FORCE_FILE, F_OK) ) { - gcry_assert (!no_fips_mode_required); + gcry_assert (!_gcry_no_fips_mode_required); goto leave; } @@ -148,7 +148,7 @@ _gcry_initialize_fips_mode (int force) { /* System is in fips mode. */ fclose (fp); - gcry_assert (!no_fips_mode_required); + gcry_assert (!_gcry_no_fips_mode_required); goto leave; } fclose (fp); @@ -171,10 +171,10 @@ _gcry_initialize_fips_mode (int force) } /* Fips not not requested, set flag. */ - no_fips_mode_required = 1; + _gcry_no_fips_mode_required = 1; leave: - if (!no_fips_mode_required) + if (!_gcry_no_fips_mode_required) { /* Yes, we are in FIPS mode. */ FILE *fp; @@ -265,7 +265,7 @@ _gcry_fips_mode (void) /* No locking is required because we have the requirement that this variable is only initialized once with no other threads existing. */ - return !no_fips_mode_required; + return !_gcry_no_fips_mode_required; } |