diff options
| author | Matt Caswell <matt@openssl.org> | 2019-04-10 15:01:40 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2019-05-23 11:02:04 +0100 |
| commit | 3593266d1c924ea595a1074e78381890f964392c (patch) | |
| tree | 79a8cd84bb1413f1f692022d433d2fbfa1255bb9 /providers | |
| parent | ecb0f148a94c9b0076240ca1d7904ab50a7dc9a4 (diff) | |
| download | openssl-3593266d1c924ea595a1074e78381890f964392c.zip openssl-3593266d1c924ea595a1074e78381890f964392c.tar.gz openssl-3593266d1c924ea595a1074e78381890f964392c.tar.bz2 | |
Make core code available within the FIPS module
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8728)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/fips/fipsprov.c | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 1b83163..026dd2f 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -13,10 +13,14 @@ #include <openssl/core_numbers.h> #include <openssl/core_names.h> #include <openssl/params.h> +#include <openssl/err.h> +#include "internal/cryptlib.h" /* Functions provided by the core */ static OSSL_core_get_param_types_fn *c_get_param_types = NULL; static OSSL_core_get_params_fn *c_get_params = NULL; +static OSSL_core_put_error_fn *c_put_error = NULL; +static OSSL_core_add_error_vdata_fn *c_add_error_vdata = NULL; /* Parameters we provide to the core */ static const OSSL_ITEM fips_param_types[] = { @@ -26,6 +30,11 @@ static const OSSL_ITEM fips_param_types[] = { { 0, NULL } }; +static void fips_teardown(void) +{ + do_default_context_deinit(); +} + static const OSSL_ITEM *fips_get_param_types(const OSSL_PROVIDER *prov) { return fips_param_types; @@ -70,6 +79,7 @@ static const OSSL_ALGORITHM *fips_query(OSSL_PROVIDER *prov, /* Functions we provide to the core */ static const OSSL_DISPATCH fips_dispatch_table[] = { + { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fips_teardown }, { OSSL_FUNC_PROVIDER_GET_PARAM_TYPES, (void (*)(void))fips_get_param_types }, { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))fips_get_params }, { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query }, @@ -89,6 +99,12 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, case OSSL_FUNC_CORE_GET_PARAMS: c_get_params = OSSL_get_core_get_params(in); break; + case OSSL_FUNC_CORE_PUT_ERROR: + c_put_error = OSSL_get_core_put_error(in); + break; + case OSSL_FUNC_CORE_ADD_ERROR_VDATA: + c_add_error_vdata = OSSL_get_core_add_error_vdata(in); + break; /* Just ignore anything we don't understand */ default: break; @@ -98,3 +114,39 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, *out = fips_dispatch_table; return 1; } + +OSSL_provider_init_fn fips_intern_provider_init; +int fips_intern_provider_init(const OSSL_PROVIDER *provider, + const OSSL_DISPATCH *in, + const OSSL_DISPATCH **out) +{ + /* + * The internal init function used when the FIPS module uses EVP to call + * another algorithm also in the FIPS module. + */ + return 1; +} + +void ERR_put_error(int lib, int func, int reason, const char *file, int line) +{ + /* + * TODO(3.0): This works for the FIPS module because we're going to be + * using lib/func/reason codes that libcrypto already knows about. This + * won't work for third party providers that have their own error mechanisms, + * so we'll need to come up with something else for them. + */ + c_put_error(lib, func, reason, file, line); +} + +void ERR_add_error_data(int num, ...) +{ + va_list args; + va_start(args, num); + ERR_add_error_vdata(num, args); + va_end(args); +} + +void ERR_add_error_vdata(int num, va_list args) +{ + c_add_error_vdata(num, args); +} |