Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in

the FIPS capable OpenSSL.

CHANGES

@@ -4,6 +4,11 @@
 
  Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]
 
+  *) Rename FIPS_mode_set and FIPS_mode to FIPS_module_mode_set and
+     FIPS_module_mode. FIPS_mode and FIPS_mode_set will be implmeneted
+     outside the validated module in the FIPS capable OpenSSL.
+     [Steve Henson]
+
   *) Initial TLS v1.2 client support. Add a default signature algorithms
      extension including all the algorithms we support. Parse new signature
      format in client key exchange. Relax some ECC signing restrictions for

crypto/bn/bn_rand.c

@@ -252,7 +252,7 @@ static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
 	 * generated. So we just use the second case which is equivalent to
 	 * "Generation by Testing Candidates" mentioned in B.1.2 et al.
 	 */
-	else if (!FIPS_mode() && !BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3))
+	else if (!FIPS_module_mode() && !BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3))
 #else
 	else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3))
 #endif

crypto/dh/dh_gen.c

@@ -118,7 +118,7 @@ static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB
 		return 0;
 		}
 
-	if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
+	if (FIPS_module_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
 		{
 		DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL);
 		goto err;

crypto/dh/dh_key.c

@@ -128,7 +128,7 @@ static int generate_key(DH *dh)
 	BIGNUM *pub_key=NULL,*priv_key=NULL;
 
 #ifdef OPENSSL_FIPS
-	if (FIPS_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
+	if (FIPS_module_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
 		{
 		DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL);
 		return 0;
@@ -227,7 +227,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
 		}
 
 #ifdef OPENSSL_FIPS
-	if (FIPS_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
+	if (FIPS_module_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
 		{
 		DHerr(DH_F_COMPUTE_KEY, DH_R_KEY_SIZE_TOO_SMALL);
 		goto err;

crypto/dsa/dsa_gen.c

@@ -141,7 +141,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
 	    goto err;
 	    }
 
-	if (FIPS_mode() && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW) 
+	if (FIPS_module_mode() && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW) 
 			&& (bits < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
 		{
 		DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN, DSA_R_KEY_SIZE_TOO_SMALL);
@@ -412,7 +412,7 @@ static int dsa2_valid_parameters(size_t L, size_t N)
 int fips_check_dsa_prng(DSA *dsa, size_t L, size_t N)
 	{
 	int strength;
-	if (!FIPS_mode())
+	if (!FIPS_module_mode())
 		return 1;
 
 	if (dsa->flags & (DSA_FLAG_NON_FIPS_ALLOW|DSA_FLAG_FIPS_CHECKED))

crypto/dsa/dsa_key.c

@@ -106,7 +106,7 @@ static int dsa_builtin_keygen(DSA *dsa)
 	BIGNUM *pub_key=NULL,*priv_key=NULL;
 
 #ifdef OPENSSL_FIPS
-	if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)
+	if (FIPS_module_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)
 		&& (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
 		{
 		DSAerr(DSA_F_DSA_BUILTIN_KEYGEN, DSA_R_KEY_SIZE_TOO_SMALL);

crypto/dsa/dsa_ossl.c

@@ -150,7 +150,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	    return NULL;
 	    }
 
-	if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) 
+	if (FIPS_module_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) 
 		&& (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
 		{
 		DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_KEY_SIZE_TOO_SMALL);
@@ -353,7 +353,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 	    return -1;
 	    }
 
-	if (FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) 
+	if (FIPS_module_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW) 
 		&& (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS))
 		{
 		DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_KEY_SIZE_TOO_SMALL);

crypto/ec/ec_key.c

@@ -260,7 +260,7 @@ static int fips_check_ec(EC_KEY *key)
 int fips_check_ec_prng(EC_KEY *ec)
 	{
 	int bits, strength;
-	if (!FIPS_mode())
+	if (!FIPS_module_mode())
 		return 1;
 
 	if (ec->flags & (EC_FLAG_NON_FIPS_ALLOW|EC_FLAG_FIPS_CHECKED))

crypto/evp/e_aes.c

@@ -247,7 +247,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 		if (arg <= 0)
 			return 0;
 #ifdef OPENSSL_FIPS
-		if (FIPS_mode() && !(c->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)
+		if (FIPS_module_mode() && !(c->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)
 						 && arg < 12)
 			return 0;
 #endif
@@ -519,7 +519,7 @@ static int aes_xts(EVP_CIPHER_CTX *ctx, unsigned char *out,
 		return -1;
 #ifdef OPENSSL_FIPS
 	/* Requirement of SP800-38E */
-	if (FIPS_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
+	if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
 			(len > (1L<<20)*16))
 		{
 		EVPerr(EVP_F_AES_XTS, EVP_R_TOO_LARGE);

crypto/rsa/rsa_eay.c

@@ -170,7 +170,7 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
 		goto err;
 		}
 
-	if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
+	if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
 		&& (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
 		{
 		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
@@ -382,7 +382,7 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
 		goto err;
 		}
 
-	if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
+	if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
 		&& (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
 		{
 		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
@@ -530,7 +530,7 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
 		goto err;
 		}
 
-	if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
+	if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
 		&& (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
 		{
 		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL);
@@ -674,7 +674,7 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
 		goto err;
 		}
 
-	if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
+	if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
 		&& (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
 		{
 		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL);

crypto/rsa/rsa_gen.c

@@ -82,7 +82,7 @@
 int fips_check_rsa_prng(RSA *rsa, int bits)
 	{
 	int strength;
-	if (!FIPS_mode())
+	if (!FIPS_module_mode())
 		return 1;
 
 	if (rsa->flags & (RSA_FLAG_NON_FIPS_ALLOW|RSA_FLAG_CHECKED))
@@ -205,7 +205,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
 	    return 0;
 	    }
 
-	if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) 
+	if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) 
 		&& (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
 	    {
 	    FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_KEY_TOO_SHORT);

crypto/rsa/rsa_x931g.c

@@ -210,7 +210,7 @@ int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb)
 	BN_CTX *ctx = NULL;
 
 #ifdef OPENSSL_FIPS
-	if (FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) && 
+	if (FIPS_module_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW) && 
 		(bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS))
 	    {
 	    FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_KEY_TOO_SHORT);

fips/fips.c

@@ -96,7 +96,7 @@ static void fips_set_mode(int onoff)
 		}
 	}
 
-int FIPS_mode(void)
+int FIPS_module_mode(void)
 	{
 	int ret = 0;
 	int owning_thread = fips_is_owning_thread();
@@ -237,7 +237,7 @@ int FIPS_check_incore_fingerprint(void)
     return rv;
     }
 
-int FIPS_mode_set(int onoff)
+int FIPS_module_mode_set(int onoff)
     {
     int fips_set_owning_thread();
     int fips_clear_owning_thread();
@@ -254,7 +254,7 @@ int FIPS_mode_set(int onoff)
 
 	/* Don't go into FIPS mode twice, just so we can do automagic
 	   seeding */
-	if(FIPS_mode())
+	if(FIPS_module_mode())
 	    {
 	    FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FIPS_MODE_ALREADY_SET);
 	    fips_selftest_fail = 1;

fips/fips.h

@@ -67,8 +67,8 @@ struct env_md_st;
 struct evp_cipher_st;
 struct evp_cipher_ctx_st;
 
-int FIPS_mode_set(int onoff);
-int FIPS_mode(void);
+int FIPS_module_mode_set(int onoff);
+int FIPS_module_mode(void);
 const void *FIPS_rand_check(void);
 int FIPS_selftest(void);
 int FIPS_selftest_failed(void);

fips/fips_test_suite.c

@@ -945,7 +945,7 @@ int main(int argc,char **argv)
         }
 	if (!no_exit) {
     		fips_algtest_init_nofips();
-        	if (!FIPS_mode_set(1)) {
+        	if (!FIPS_module_mode_set(1)) {
         	    printf("Power-up self test failed\n");
 		    exit(1);
 		}
@@ -964,8 +964,8 @@ int main(int argc,char **argv)
     /* Power-up self test
     */
     ERR_clear_error();
-    test_msg("2. Automatic power-up self test", FIPS_mode_set(1));
-    if (!FIPS_mode())
+    test_msg("2. Automatic power-up self test", FIPS_module_mode_set(1));
+    if (!FIPS_module_mode())
 	exit(1);
     if (do_drbg_stick)
             FIPS_drbg_stick();

fips/fips_utl.h

@@ -136,7 +136,7 @@ void do_entropy_stick(void)
 void fips_algtest_init(void)
 	{
 	fips_algtest_init_nofips();
-	if (!FIPS_mode_set(1))
+	if (!FIPS_module_mode_set(1))
 		{
 		fprintf(stderr, "Error entering FIPS mode\n");
 		exit(1);

fips/rand/fips_rand_lib.c

@@ -72,7 +72,7 @@ int FIPS_rand_set_method(const RAND_METHOD *meth)
 	else
 		fips_approved_rand_meth = 0;
 
-	if (!fips_approved_rand_meth && FIPS_mode())
+	if (!fips_approved_rand_meth && FIPS_module_mode())
 		{
 		FIPSerr(FIPS_F_FIPS_RAND_SET_METHOD, FIPS_R_NON_FIPS_METHOD);
 		return 0;
@@ -83,7 +83,7 @@ int FIPS_rand_set_method(const RAND_METHOD *meth)
 
 void FIPS_rand_seed(const void *buf, int num)
 	{
-	if (!fips_approved_rand_meth && FIPS_mode())
+	if (!fips_approved_rand_meth && FIPS_module_mode())
 		{
 		FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD);
 		return;
@@ -94,7 +94,7 @@ void FIPS_rand_seed(const void *buf, int num)
 
 void FIPS_rand_add(const void *buf, int num, double entropy)
 	{
-	if (!fips_approved_rand_meth && FIPS_mode())
+	if (!fips_approved_rand_meth && FIPS_module_mode())
 		{
 		FIPSerr(FIPS_F_FIPS_RAND_ADD, FIPS_R_NON_FIPS_METHOD);
 		return;
@@ -105,7 +105,7 @@ void FIPS_rand_add(const void *buf, int num, double entropy)
 
 int FIPS_rand_bytes(unsigned char *buf, int num)
 	{
-	if (!fips_approved_rand_meth && FIPS_mode())
+	if (!fips_approved_rand_meth && FIPS_module_mode())
 		{
 		FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD);
 		return 0;
@@ -117,7 +117,7 @@ int FIPS_rand_bytes(unsigned char *buf, int num)
 
 int FIPS_rand_pseudo_bytes(unsigned char *buf, int num)
 	{
-	if (!fips_approved_rand_meth && FIPS_mode())
+	if (!fips_approved_rand_meth && FIPS_module_mode())
 		{
 		FIPSerr(FIPS_F_FIPS_RAND_PSEUDO_BYTES, FIPS_R_NON_FIPS_METHOD);
 		return 0;
@@ -129,7 +129,7 @@ int FIPS_rand_pseudo_bytes(unsigned char *buf, int num)
 
 int FIPS_rand_status(void)
 	{
-	if (!fips_approved_rand_meth && FIPS_mode())
+	if (!fips_approved_rand_meth && FIPS_module_mode())
 		{
 		FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD);
 		return 0;
@@ -153,7 +153,7 @@ int FIPS_rand_strength(void)
 		return 80;
 	else if (fips_approved_rand_meth == 0)
 		{
-		if (FIPS_mode())
+		if (FIPS_module_mode())
 			return 0;
 		else
 			return 256;

fips/utl/fips_enc.c

@@ -136,7 +136,7 @@ int FIPS_cipherinit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
 	if (cipher)
 		{
 		/* Only FIPS ciphers allowed */
-		if (FIPS_mode() && !(cipher->flags & EVP_CIPH_FLAG_FIPS) &&
+		if (FIPS_module_mode() && !(cipher->flags & EVP_CIPH_FLAG_FIPS) &&
 			!(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW))
 			{
 			EVPerr(EVP_F_FIPS_CIPHERINIT, EVP_R_DISABLED_FOR_FIPS);
@@ -288,7 +288,7 @@ int FIPS_cipher_ctx_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
 		}
 
 	/* Only FIPS ciphers allowed */
-	if (FIPS_mode() && !(in->cipher->flags & EVP_CIPH_FLAG_FIPS) &&
+	if (FIPS_module_mode() && !(in->cipher->flags & EVP_CIPH_FLAG_FIPS) &&
 		!(out->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW))
 		{
 		EVPerr(EVP_F_FIPS_CIPHER_CTX_COPY, EVP_R_DISABLED_FOR_FIPS);

fips/utl/fips_md.c

@@ -173,7 +173,7 @@ int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type)
 		ctx->digest = &bad_md;
 		return 0;
 		}
-	if(FIPS_mode() && !(type->flags & EVP_MD_FLAG_FIPS) &&
+	if(FIPS_module_mode() && !(type->flags & EVP_MD_FLAG_FIPS) &&
 		!(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW))
 		{
 		EVPerr(EVP_F_FIPS_DIGESTINIT, EVP_R_DISABLED_FOR_FIPS);