Overview

File 0682-crypto-Initialize-the-curve-s-cache-fully-at-start-o.patch of Package erlang

From 77bd4e5f7edd1a21b8b45f3684cf7cc0722c74bb Mon Sep 17 00:00:00 2001
From: Hans Nilsson <hans@erlang.org>
Date: Fri, 1 Oct 2021 16:36:30 +0200
Subject: [PATCH 2/2] crypto: Initialize the curve's cache fully at start of
 crypto

the FIPS part is also initialized.
---
 lib/crypto/c_src/algorithms.c | 41 +++++++++++++++++++++--------------
 1 file changed, 25 insertions(+), 16 deletions(-)

diff --git a/lib/crypto/c_src/algorithms.c b/lib/crypto/c_src/algorithms.c
index dcd95f1099..f8f6057551 100644
--- a/lib/crypto/c_src/algorithms.c
+++ b/lib/crypto/c_src/algorithms.c
@@ -253,25 +253,34 @@ int get_curve_cnt(ErlNifEnv* env, int fips) {
 }
 
 void init_curve_types(ErlNifEnv* env) {
-#if defined(DEBUG)
-    int curve_cnt = 0;
+    /* Initialize the curve counters and curve's lists
+       by calling get_curve_cnt
+    */
+#ifdef FIPS_SUPPORT
+    if (FIPS_mode()) {
+        // FIPS enabled
+        get_curve_cnt(env, 1);
+        FIPS_mode_set(0); // disable
+        get_curve_cnt(env, 0);
+        FIPS_mode_set(1); // re-enable
+    } else {
+        // FIPS disabled but available
+        get_curve_cnt(env, 0);
+        FIPS_mode_set(1); // enable
+        get_curve_cnt(env, 1);
+        FIPS_mode_set(0); // re-disable
+    }
+#else
+    // FIPS mode is not available
+    get_curve_cnt(env, 0);
 #endif
 
-#if defined(HAVE_EC)
-    int fips_mode = 0;
-
-# ifdef FIPS_SUPPORT
-    if (FIPS_mode()) fips_mode = 1;
-# endif
-
 # ifdef DEBUG
-        curve_cnt =
-# endif
-            get_curve_cnt(env, fips_mode);
-
-#endif /* defined(HAVE_EC) */
-
-    ASSERT(curve_cnt <= sizeof(algo_curve[0])/sizeof(ERL_NIF_TERM));
+    {
+        int curve_cnt = get_curve_cnt(env, 0);
+        ASSERT(curve_cnt <= sizeof(algo_curve[0])/sizeof(ERL_NIF_TERM));
+    }
+# endif 
 }
 
 
-- 
2.31.1
openSUSE Build Service is sponsored by
Places