1
1
/* global.c - global control functions
2
2
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
3
* 2004, 2005, 2006 Free Software Foundation, Inc.
3
* 2004, 2005, 2006, 2008 Free Software Foundation, Inc.
5
5
* This file is part of Libgcrypt.
94
err = _gcry_ac_init ();
109
/* Hmmm, as of now ac_init does nothing. */
112
err = _gcry_ac_init ();
102
/* FIXME: use `err'? */
125
/* This function is called by the macro fips_is_operational and makes
126
sure that the minimal initialization has been done. This is far
127
from a perfect solution and hides problems with an improper
128
initialization but at least in single-threaded mode it should work
131
The reason we need this is that a lot of applications don't use
132
Libgcrypt properly by not running any initialization code at all.
133
They just call a Libgcrypt function and that is all what they want.
134
Now with the FIPS mode, that has the side effect of entering FIPS
135
mode (for security reasons, FIPS mode is the default if no
136
initialization has been done) and bailing out immediately because
137
the FSM is in the wrong state. If we always run the init code,
138
Libgcrypt can test for FIPS mode and at least if not in FIPS mode,
139
it will behave as before. Note that this on-the-fly initialization
140
is only done for the cryptographic functions subject to FIPS mode
141
and thus not all API calls will do such an initialization. */
143
_gcry_global_is_operational (void)
148
syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: "
149
"missing initialization - please fix the application");
150
#endif /*HAVE_SYSLOG*/
153
return _gcry_fips_is_operational ();
108
159
/* Version number parsing. */
110
161
/* This function parses the first portion of the version number S and
243
294
if ( (hwf & hwflist[i].flag) )
244
295
fnc (fp, "%s:", hwflist[i].desc);
297
/* We use y/n instead of 1/0 for the simple reason that Emacsen's
298
compile error parser would accidently flag that line when printed
299
during "make check" as an error. */
300
fnc (fp, "fips-mode:%c:%c:\n",
301
fips_mode ()? 'y':'n',
302
_gcry_enforced_fips_mode ()? 'y':'n' );
367
426
are started. It is not really needed but the only way to be
368
427
really sure that all initialization for thread-safety has
373
/* Do only a basic random initialization, i.e. init the
375
_gcry_random_initialize (0);
432
/* Do only a basic random initialization, i.e. init the
434
_gcry_random_initialize (0);
436
/* Force us into operational state if in FIPS mode. */
437
(void)fips_is_operational ();
380
441
case GCRYCTL_SET_THREAD_CBS:
381
442
err = ath_install (va_arg (arg_ptr, void *), any_init_done);
486
case GCRYCTL_OPERATIONAL_P:
487
/* Returns true if the library is in an operational state. This
488
is always true for non-fips mode. */
489
if (_gcry_fips_test_operational ())
490
err = GPG_ERR_GENERAL; /* Used as TRUE value */
493
case GCRYCTL_FIPS_MODE_P:
495
&& !_gcry_is_fips_mode_inactive ()
496
&& !no_secure_memory)
497
err = GPG_ERR_GENERAL; /* Used as TRUE value */
500
case GCRYCTL_FORCE_FIPS_MODE:
501
/* Performing this command puts the library into fips mode. If
502
the library has already been initialized into fips mode, a
503
selftest is triggered. it is not possible to put the libraty
504
into fips mode after having passed the initialization. */
507
/* Not yet intialized at all. Set a flag so that we are put
508
into fips mode during initialization. */
513
/* Already initialized. If we are already operational we
514
run a selftest. If not we use the is_operational call to
515
force us into operational state if possible. */
516
if (_gcry_fips_test_error_or_operational ())
517
_gcry_fips_run_selftests (1);
518
if (_gcry_fips_is_operational ())
519
err = GPG_ERR_GENERAL; /* Used as TRUE value */
523
case GCRYCTL_SELFTEST:
524
/* Run a selftest. This works in fips mode as well as in
525
standard mode. In contrast to the power-up tests, we use an
526
extended version of the selftests. Returns 0 on success or an
529
err = _gcry_fips_run_selftests (1);
532
case 58: /* Init external random test. */
534
void **rctx = va_arg (arg_ptr, void **);
535
unsigned int flags = va_arg (arg_ptr, unsigned int);
536
const void *key = va_arg (arg_ptr, const void *);
537
size_t keylen = va_arg (arg_ptr, size_t);
538
const void *seed = va_arg (arg_ptr, const void *);
539
size_t seedlen = va_arg (arg_ptr, size_t);
540
const void *dt = va_arg (arg_ptr, const void *);
541
size_t dtlen = va_arg (arg_ptr, size_t);
542
if (!fips_is_operational ())
543
err = fips_not_operational ();
545
err = _gcry_random_init_external_test (rctx, flags, key, keylen,
546
seed, seedlen, dt, dtlen);
549
case 59: /* Run external random test. */
551
void *ctx = va_arg (arg_ptr, void *);
552
void *buffer = va_arg (arg_ptr, void *);
553
size_t buflen = va_arg (arg_ptr, size_t);
554
if (!fips_is_operational ())
555
err = fips_not_operational ();
557
err = _gcry_random_run_external_test (ctx, buffer, buflen);
560
case 60: /* Deinit external random test. */
562
void *ctx = va_arg (arg_ptr, void *);
563
_gcry_random_deinit_external_test (ctx);
424
569
err = GPG_ERR_INV_OP;
533
689
gcry_set_outofcore_handler( int (*f)( void*, size_t, unsigned int ),
538
outofcore_handler = f;
539
outofcore_handler_value = value;
696
log_info ("out of core handler ignored in FIPS mode\n");
700
outofcore_handler = f;
701
outofcore_handler_value = value;
704
/* Return the no_secure_memory flag. */
706
get_no_secure_memory (void)
708
if (!no_secure_memory)
710
if (_gcry_enforced_fips_mode ())
712
no_secure_memory = 0;
715
return no_secure_memory;
542
719
static gcry_err_code_t
543
720
do_malloc (size_t n, unsigned int flags, void **mem)
713
899
gcry_xmalloc( size_t n )
717
while ( !(p = gcry_malloc( n )) ) {
718
if( !outofcore_handler
719
|| !outofcore_handler( outofcore_handler_value, n, 0 ) ) {
720
_gcry_fatal_error(gpg_err_code_from_errno (errno), NULL );
903
while ( !(p = gcry_malloc( n )) )
906
|| !outofcore_handler
907
|| !outofcore_handler (outofcore_handler_value, n, 0) )
909
_gcry_fatal_error (gpg_err_code_from_errno (errno), NULL);
727
916
gcry_xrealloc( void *a, size_t n )
731
while ( !(p = gcry_realloc( a, n )) ) {
732
if( !outofcore_handler
733
|| !outofcore_handler( outofcore_handler_value, n,
734
gcry_is_secure(a)? 3:2 ) ) {
735
_gcry_fatal_error(gpg_err_code_from_errno (errno), NULL );
920
while ( !(p = gcry_realloc( a, n )) )
923
|| !outofcore_handler
924
|| !outofcore_handler (outofcore_handler_value, n,
925
gcry_is_secure(a)? 3:2 ) )
927
_gcry_fatal_error (gpg_err_code_from_errno (errno), NULL );
742
934
gcry_xmalloc_secure( size_t n )
746
while ( !(p = gcry_malloc_secure( n )) ) {
747
if( !outofcore_handler
748
|| !outofcore_handler( outofcore_handler_value, n, 1 ) ) {
749
_gcry_fatal_error(gpg_err_code_from_errno (errno),
750
_("out of core in secure memory"));
938
while ( !(p = gcry_malloc_secure( n )) )
941
|| !outofcore_handler
942
|| !outofcore_handler (outofcore_handler_value, n, 1) )
944
_gcry_fatal_error (gpg_err_code_from_errno (errno),
945
_("out of core in secure memory"));