diff options
author | Werner Koch <wk@gnupg.org> | 2008-09-18 12:14:09 +0000 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2008-09-18 12:14:09 +0000 |
commit | 29e44067f0797219b115fabf069e279283f13c13 (patch) | |
tree | 3ac09da7677080eb352c6957031724bc40521877 /src/fips.c | |
parent | 58b91cf9cc72e7a7247f88279e3fbeba71619237 (diff) | |
download | libgcrypt-29e44067f0797219b115fabf069e279283f13c13.tar.gz |
Implemented an Enforced FIPS mode.
Documentation updates.
Diffstat (limited to 'src/fips.c')
-rw-r--r-- | src/fips.c | 39 |
1 files changed, 33 insertions, 6 deletions
@@ -35,6 +35,11 @@ #include "cipher-proto.h" #include "hmac256.h" + +/* The name of the file used to foce libgcrypt into fips mode. */ +#define FIPS_FORCE_FILE "/etc/gcrypt/fips_enabled" + + /* The states of the finite state machine used in fips mode. */ enum module_states { @@ -55,6 +60,9 @@ enum module_states fips_mode()! */ static int no_fips_mode_required; +/* Flag to indicate that we are in the enforced FIPS mode. */ +static int enforced_fips_mode; + /* This is the lock we use to protect the FSM. */ static ath_mutex_t fsm_lock = ATH_MUTEX_INITIALIZER; @@ -103,7 +111,7 @@ _gcry_initialize_fips_mode (int force) } done = 1; - /* If the calling applicatione explicitly requested fipsmode, do so. */ + /* If the calling application explicitly requested fipsmode, do so. */ if (force) { gcry_assert (!no_fips_mode_required); @@ -114,11 +122,8 @@ _gcry_initialize_fips_mode (int force) provided detection of the FIPS mode and force FIPS mode using a file. The filename is hardwired so that there won't be any confusion on whether /etc/gcrypt/ or /usr/local/etc/gcrypt/ is - actually used. The file itself may be empty. A comment may be - included in the file, but comment lines need to be prefixed with - a hash mark; only such comment lines and empty lines are - allowed. */ - if ( !access ("/etc/gcrypt/fips140.force", F_OK) ) + actually used. The file itself may be empty. */ + if ( !access (FIPS_FORCE_FILE, F_OK) ) { gcry_assert (!no_fips_mode_required); goto leave; @@ -167,6 +172,7 @@ _gcry_initialize_fips_mode (int force) if (!no_fips_mode_required) { /* Yes, we are in FIPS mode. */ + FILE *fp; /* Intitialize the lock to protect the FSM. */ err = ath_mutex_init (&fsm_lock); @@ -184,7 +190,20 @@ _gcry_initialize_fips_mode (int force) #endif /*HAVE_SYSLOG*/ abort (); } + + /* If the FIPS force files exists, is readable and has a number + != 0 on its first line, we enable the enforced fips mode. */ + fp = fopen (FIPS_FORCE_FILE, "r"); + if (fp) + { + char line[256]; + + if (fgets (line, sizeof line, fp) && atoi (line)) + enforced_fips_mode = 1; + fclose (fp); + } + /* Now get us into the INIT state. */ fips_new_state (STATE_INIT); @@ -245,6 +264,14 @@ _gcry_fips_mode (void) } +/* Return a flag telling whether we are in the enforced fips mode. */ +int +_gcry_enforced_fips_mode (void) +{ + return enforced_fips_mode; +} + + static const char * state2str (enum module_states state) { |