Robert Sloan | 572a4e2 | 2017-04-17 10:52:19 -0700 | [diff] [blame^] | 1 | /* Copyright (c) 2017, Google Inc. |
| 2 | * |
| 3 | * Permission to use, copy, modify, and/or distribute this software for any |
| 4 | * purpose with or without fee is hereby granted, provided that the above |
| 5 | * copyright notice and this permission notice appear in all copies. |
| 6 | * |
| 7 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
| 8 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
| 9 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY |
| 10 | * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
| 11 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION |
| 12 | * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN |
| 13 | * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ |
| 14 | |
| 15 | #ifndef OPENSSL_HEADER_FIPSMODULE_DELOCATE_H |
| 16 | #define OPENSSL_HEADER_FIPSMODULE_DELOCATE_H |
| 17 | |
| 18 | #include <openssl/base.h> |
| 19 | |
| 20 | #include "../internal.h" |
| 21 | |
| 22 | |
| 23 | #if defined(BORINGSSL_FIPS) |
| 24 | #define DEFINE_BSS_GET(type, name) \ |
| 25 | static type name __attribute__((used)); \ |
| 26 | type *name##_bss_get(void); |
| 27 | #else |
| 28 | #define DEFINE_BSS_GET(type, name) \ |
| 29 | static type name; \ |
| 30 | static type *name##_bss_get(void) { return &name; } |
| 31 | #endif |
| 32 | |
| 33 | /* DEFINE_METHOD_FUNCTION defines a function named |name| which returns a |
| 34 | * method table of type const |type|*. In FIPS mode, to avoid rel.ro data, it |
| 35 | * is split into a CRYPTO_once_t-guarded initializer in the module and |
| 36 | * unhashed, non-module accessor functions to space reserved in the BSS. The |
| 37 | * method table is initialized by a caller-supplied function which takes a |
| 38 | * parameter named |out| of type |type|*. The caller should follow the macro |
| 39 | * invocation with the body of this function: |
| 40 | * |
| 41 | * DEFINE_METHOD_FUNCTION(EVP_MD, EVP_md4) { |
| 42 | * out->type = NID_md4; |
| 43 | * out->md_size = MD4_DIGEST_LENGTH; |
| 44 | * out->flags = 0; |
| 45 | * out->init = md4_init; |
| 46 | * out->update = md4_update; |
| 47 | * out->final = md4_final; |
| 48 | * out->block_size = 64; |
| 49 | * out->ctx_size = sizeof(MD4_CTX); |
| 50 | * } |
| 51 | * |
| 52 | * This mechanism does not use a static initializer because their execution |
| 53 | * order is undefined. See FIPS.md for more details. */ |
| 54 | #define DEFINE_METHOD_FUNCTION(type, name) \ |
| 55 | DEFINE_BSS_GET(type, name##_storage) \ |
| 56 | DEFINE_BSS_GET(CRYPTO_once_t, name##_once) \ |
| 57 | static void name##_do_init(type *out); \ |
| 58 | static void name##_init(void) { name##_do_init(name##_storage_bss_get()); } \ |
| 59 | const type *name(void) { \ |
| 60 | CRYPTO_once(name##_once_bss_get(), name##_init); \ |
| 61 | return name##_storage_bss_get(); \ |
| 62 | } \ |
| 63 | static void name##_do_init(type *out) |
| 64 | |
| 65 | |
| 66 | #endif /* OPENSSL_HEADER_FIPSMODULE_DELOCATE_H */ |