diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-06-04 17:01:24 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-06-07 08:37:09 +0200 |
commit | dce7272d08601929a494b9367f4e70163c524cb3 (patch) | |
tree | 7b8647052d14f593b115c84d852dd5e3567587a0 /crypto/rand | |
parent | 97cf9b05fa1cdb8e4e7f60016aa95ae0e976e8c3 (diff) | |
download | openssl-new-dce7272d08601929a494b9367f4e70163c524cb3.tar.gz |
Elimination of some sources not needed in the FIPS_MODULE
Unfortunately in terms of fips.sources this does not mean much
given the way how the .h files are added via the dependency
information from the compiler.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15622)
Diffstat (limited to 'crypto/rand')
-rw-r--r-- | crypto/rand/build.info | 2 | ||||
-rw-r--r-- | crypto/rand/rand_lib.c | 24 | ||||
-rw-r--r-- | crypto/rand/rand_local.h | 2 | ||||
-rw-r--r-- | crypto/rand/rand_meth.c | 4 |
4 files changed, 15 insertions, 17 deletions
diff --git a/crypto/rand/build.info b/crypto/rand/build.info index 500667c332..a74282516f 100644 --- a/crypto/rand/build.info +++ b/crypto/rand/build.info @@ -7,7 +7,7 @@ IF[{- !$disabled{'egd'} -}] $CRYPTO=$CRYPTO rand_egd.c ENDIF IF[{- !$disabled{'deprecated-3.0'} -}] - $COMMON=$COMMON rand_meth.c + $CRYPTO=$CRYPTO rand_meth.c ENDIF SOURCE[../../libcrypto]=$COMMON $CRYPTO diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index a3305b76b4..62bd1d6796 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -10,25 +10,25 @@ /* We need to use some engine deprecated APIs */ #define OPENSSL_SUPPRESS_DEPRECATED -#include <stdio.h> -#include <time.h> -#include <limits.h> -#include <openssl/trace.h> #include <openssl/err.h> -#include <openssl/conf.h> -#include "internal/cryptlib.h" #include <openssl/opensslconf.h> -#include "crypto/rand.h" -#include "crypto/cryptlib.h" -#include <openssl/engine.h> #include <openssl/core_names.h> +#include "internal/cryptlib.h" #include "internal/thread_once.h" +#include "crypto/rand.h" +#include "crypto/cryptlib.h" #include "rand_local.h" -#include "e_os.h" #ifndef FIPS_MODULE +# include <stdio.h> +# include <time.h> +# include <limits.h> +# include <openssl/conf.h> +# include <openssl/trace.h> +# include <openssl/engine.h> # include "crypto/rand_pool.h" # include "prov/seeding.h" +# include "e_os.h" # ifndef OPENSSL_NO_ENGINE /* non-NULL if default_RAND_meth is ENGINE-provided */ @@ -319,7 +319,7 @@ int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num, unsigned int strength) { EVP_RAND_CTX *rand; -#ifndef OPENSSL_NO_DEPRECATED_3_0 +#if !defined(OPENSSL_NO_DEPRECATED_3_0) && !defined(FIPS_MODULE) const RAND_METHOD *meth = RAND_get_rand_method(); if (meth != NULL && meth != RAND_OpenSSL()) { @@ -348,7 +348,7 @@ int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num, unsigned int strength) { EVP_RAND_CTX *rand; -#ifndef OPENSSL_NO_DEPRECATED_3_0 +#if !defined(OPENSSL_NO_DEPRECATED_3_0) && !defined(FIPS_MODULE) const RAND_METHOD *meth = RAND_get_rand_method(); if (meth != NULL && meth != RAND_OpenSSL()) { diff --git a/crypto/rand/rand_local.h b/crypto/rand/rand_local.h index 3b4ad8ca65..31428f20c8 100644 --- a/crypto/rand/rand_local.h +++ b/crypto/rand/rand_local.h @@ -25,7 +25,9 @@ # define PRIMARY_RESEED_TIME_INTERVAL (60 * 60) /* 1 hour */ # define SECONDARY_RESEED_TIME_INTERVAL (7 * 60) /* 7 minutes */ +# ifndef FIPS_MODULE /* The global RAND method, and the global buffer and DRBG instance. */ extern RAND_METHOD ossl_rand_meth; +# endif #endif diff --git a/crypto/rand/rand_meth.c b/crypto/rand/rand_meth.c index 49bf0acdf5..276763057d 100644 --- a/crypto/rand/rand_meth.c +++ b/crypto/rand/rand_meth.c @@ -61,9 +61,5 @@ RAND_METHOD ossl_rand_meth = { RAND_METHOD *RAND_OpenSSL(void) { -#ifndef FIPS_MODULE return &ossl_rand_meth; -#else - return NULL; -#endif } |