diff options
| author | NIIBE Yutaka <gniibe@fsij.org> | 2021-12-06 11:28:05 +0900 |
|---|---|---|
| committer | NIIBE Yutaka <gniibe@fsij.org> | 2021-12-06 11:28:05 +0900 |
| commit | 5425052f38cd41a99469e4c3245a1c3e037410fe (patch) | |
| tree | 4a1e1eab7cabc0940be535da3440d34ac8d2e268 /src | |
| parent | b14aaf1a2dc71560e1f7c19ac88a7b16cc491f25 (diff) | |
| download | libgcrypt-5425052f38cd41a99469e4c3245a1c3e037410fe.tar.gz | |
fips: Factor out check_fips_system_setting function.
* src/fips.c (check_fips_system_setting): New.
(_gcry_initialize_fips_mode): Use the new function.
--
GnuPG-bug-id: 5636
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/fips.c | 85 |
1 files changed, 49 insertions, 36 deletions
@@ -82,36 +82,12 @@ static void fips_new_state (enum module_states new_state); -/* Check whether the OS is in FIPS mode and record that in a module - local variable. If FORCE is passed as true, fips mode will be - enabled anyway. Note: This function is not thread-safe and should - be called before any threads are created. This function may only - be called once. */ -void -_gcry_initialize_fips_mode (int force) +static int +check_fips_system_setting (void) { - static int done; - gpg_error_t err; - - /* Make sure we are not accidentally called twice. */ - if (done) - { - if ( fips_mode () ) - { - fips_new_state (STATE_FATALERROR); - fips_noreturn (); - } - /* If not in fips mode an assert is sufficient. */ - gcry_assert (!done); - } - done = 1; - - /* If the calling application explicitly requested fipsmode, do so. */ - if (force || getenv ("LIBGCRYPT_FORCE_FIPS_MODE")) - { - gcry_assert (!_gcry_no_fips_mode_required); - goto leave; - } + /* Do we have the environment variable set? */ + if (getenv ("LIBGCRYPT_FORCE_FIPS_MODE")) + return 1; /* For testing the system it is useful to override the system provided detection of the FIPS mode and force FIPS mode using a @@ -119,10 +95,7 @@ _gcry_initialize_fips_mode (int force) confusion on whether /etc/gcrypt/ or /usr/local/etc/gcrypt/ is actually used. The file itself may be empty. */ if ( !access (FIPS_FORCE_FILE, F_OK) ) - { - gcry_assert (!_gcry_no_fips_mode_required); - goto leave; - } + return 1; /* Checking based on /proc file properties. */ { @@ -139,8 +112,7 @@ _gcry_initialize_fips_mode (int force) { /* System is in fips mode. */ fclose (fp); - gcry_assert (!_gcry_no_fips_mode_required); - goto leave; + return 1; } fclose (fp); } @@ -161,6 +133,47 @@ _gcry_initialize_fips_mode (int force) } } + return 0; +} + +/* Check whether the OS is in FIPS mode and record that in a module + local variable. If FORCE is passed as true, fips mode will be + enabled anyway. Note: This function is not thread-safe and should + be called before any threads are created. This function may only + be called once. */ +void +_gcry_initialize_fips_mode (int force) +{ + static int done; + gpg_error_t err; + + /* Make sure we are not accidentally called twice. */ + if (done) + { + if ( fips_mode () ) + { + fips_new_state (STATE_FATALERROR); + fips_noreturn (); + } + /* If not in fips mode an assert is sufficient. */ + gcry_assert (!done); + } + done = 1; + + /* If the calling application explicitly requested fipsmode, do so. */ + if (force) + { + gcry_assert (!_gcry_no_fips_mode_required); + goto leave; + } + + /* If the system explicitly requested fipsmode, do so. */ + if (check_fips_system_setting ()) + { + gcry_assert (!_gcry_no_fips_mode_required); + goto leave; + } + /* Fips not not requested, set flag. */ _gcry_no_fips_mode_required = 1; @@ -188,8 +201,8 @@ _gcry_initialize_fips_mode (int force) /* Now get us into the INIT state. */ fips_new_state (STATE_INIT); - } + return; } |