Have a single function for FIPS test failures.
Change-Id: Iab7a738a8981de7c56d1585050e78699cb876dab Reviewed-on: https://boringssl-review.googlesource.com/16467 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
parent
5f107ce4d8
commit
429e85b516
@ -637,9 +637,13 @@ static void BORINGSSL_bcm_power_on_self_test(void) {
|
||||
return;
|
||||
|
||||
err:
|
||||
BORINGSSL_FIPS_abort();
|
||||
}
|
||||
|
||||
void BORINGSSL_FIPS_abort(void) {
|
||||
for (;;) {
|
||||
exit(1);
|
||||
abort();
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
#endif /* BORINGSSL_FIPS */
|
||||
|
@ -141,17 +141,14 @@ static void rand_get_seed(struct rand_thread_state *state,
|
||||
* generator test” which causes the program to randomly abort. Hopefully the
|
||||
* rate of failure is small enough not to be a problem in practice. */
|
||||
if (CRYPTO_memcmp(state->last_block, entropy, CRNGT_BLOCK_SIZE) == 0) {
|
||||
for (;;) {
|
||||
exit(1);
|
||||
abort();
|
||||
}
|
||||
BORINGSSL_FIPS_abort();
|
||||
}
|
||||
|
||||
for (size_t i = CRNGT_BLOCK_SIZE; i < sizeof(entropy);
|
||||
i += CRNGT_BLOCK_SIZE) {
|
||||
if (CRYPTO_memcmp(entropy + i - CRNGT_BLOCK_SIZE, entropy + i,
|
||||
CRNGT_BLOCK_SIZE) == 0) {
|
||||
abort();
|
||||
BORINGSSL_FIPS_abort();
|
||||
}
|
||||
}
|
||||
OPENSSL_memcpy(state->last_block,
|
||||
|
@ -631,6 +631,12 @@ static inline void *OPENSSL_memset(void *dst, int c, size_t n) {
|
||||
return memset(dst, c, n);
|
||||
}
|
||||
|
||||
#if defined(BORINGSSL_FIPS)
|
||||
/* BORINGSSL_FIPS_abort is called when a FIPS power-on or continuous test
|
||||
* fails. It prevents any further cryptographic operations by the current
|
||||
* process. */
|
||||
void BORINGSSL_FIPS_abort(void) __attribute__((noreturn));
|
||||
#endif
|
||||
|
||||
#if defined(__cplusplus)
|
||||
} /* extern C */
|
||||
|
Loading…
Reference in New Issue
Block a user