Google Git
Sign in
boringssl / boringssl / 49350b22bebe0f0ec4d6279f268b19b612abba68^! / .
commit49350b22bebe0f0ec4d6279f268b19b612abba68[log] [tgz]
authorAdam Langley <alangley@gmail.com>Mon May 23 15:09:50 2022 -0700
committerAdam Langley <agl@google.com>Tue May 31 22:43:21 2022 +0000
treeba66cf1ca989991cb6e7ac1c456c772883abff3f
parent67d4f28357eb3e48fba5a4fa0ff2e9805d3bab3f [diff]
Move digestsign.c into the module.

For now, it contains a call to set the service indicator so it should
live in the module. In term it would be nice to move it back out and
have the service indicator set in RSA and ECDSA functions themselves
once the ECDSA functions can take an indicator of the hash function
used.

Change-Id: I2a3c262f66b1881a96ae3e49784a0dc9fc8c4589
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/52705
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>

diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
index 99cb4b5..cf7199c 100644
--- a/crypto/CMakeLists.txt
+++ b/crypto/CMakeLists.txt

@@ -288,7 +288,6 @@
   err/err.c
   err_data.c
   engine/engine.c
-  evp/digestsign.c
   evp/evp.c
   evp/evp_asn1.c
   evp/evp_ctx.c

diff --git a/crypto/fipsmodule/bcm.c b/crypto/fipsmodule/bcm.c
index cc80b51..1792134 100644
--- a/crypto/fipsmodule/bcm.c
+++ b/crypto/fipsmodule/bcm.c

@@ -64,6 +64,7 @@
 #include "dh/dh.c"
 #include "digest/digest.c"
 #include "digest/digests.c"
+#include "digestsign/digestsign.c"
 #include "ecdh/ecdh.c"
 #include "ecdsa/ecdsa.c"
 #include "ec/ec.c"

diff --git a/crypto/evp/digestsign.c b/crypto/fipsmodule/digestsign/digestsign.c
similarity index 95%
rename from crypto/evp/digestsign.c
rename to crypto/fipsmodule/digestsign/digestsign.c
index ec9322b..ec3744c 100644
--- a/crypto/evp/digestsign.c
+++ b/crypto/fipsmodule/digestsign/digestsign.c

@@ -57,11 +57,9 @@
 
 #include <openssl/err.h>
 
-#include "internal.h"
-#include "../fipsmodule/digest/internal.h"
-#include "../fipsmodule/service_indicator/internal.h"
-
-// TODO(agl): this will have to be moved into the FIPS module.
+#include "../../evp/internal.h"
+#include "../digest/internal.h"
+#include "../service_indicator/internal.h"
 
 
 enum evp_sign_verify_t {
@@ -69,9 +67,9 @@
   evp_verify,
 };
 
-static const struct evp_md_pctx_ops md_pctx_ops = {
-  EVP_PKEY_CTX_free,
-  EVP_PKEY_CTX_dup,
+DEFINE_LOCAL_DATA(struct evp_md_pctx_ops, md_pctx_ops) {
+  out->free = EVP_PKEY_CTX_free;
+  out->dup = EVP_PKEY_CTX_dup;
 };
 
 static int uses_prehash(EVP_MD_CTX *ctx, enum evp_sign_verify_t op) {
@@ -88,7 +86,7 @@
   if (ctx->pctx == NULL) {
     return 0;
   }
-  ctx->pctx_ops = &md_pctx_ops;
+  ctx->pctx_ops = md_pctx_ops();
 
   if (op == evp_verify) {
     if (!EVP_PKEY_verify_init(ctx->pctx)) {