-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto: Split up crypto.c into multiple files #2068
Conversation
Also move some of the common functionality that's used in the NIF implementations.
Also, move a FIPS check macro to the common openssl_config.h.
crypto.c is now only responsible for declaring NIFs and setup/tear down.
While it uses chacha20, it doesn't use Erlang chacha20 functions.
Using the same copyright header as crypto.c
Thanks for the PR! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good over all.
To reap further benefit of this modularization, you could move the calls to enif_open_resource_type into *_initialize functions within the corresponding .c file. That would make the resource types and their destructor functions internal to each .c file without the need to be exposed in the .h files.
I noticed in the existing code that if FIPS mode is enabled but runs into a problem in initialize() (fails to load or not passed a boolean), it returns 0 which indicates success. It seems like that should return __LINE__ like the rest of the function to indicate failure. In this PR, since init_atoms() has that FIPS init procedure, initialize() will return __LINE__ when FIPS init fails. That is a change in behavior compared to master, but it seems like a bug fix. I was keeping the same behavior as master until that last commit. |
Thank you very much for the PR. More are welcome! |
This is phase one of revamping crypto.c by splitting it up into many files. I tried to make as few changes as possible other than moving things around.
The order of the functions in each new C file is the same as in crypto.c so it's easier to verify that I didn't accidentally change anything. I used meld to double check each file against master crypto.c.
There should be no change in functionality with this PR. crypto_SUITE passes with OpenSSL 1.1.1a.