diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-05-02 14:17:54 +1000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2020-05-02 14:17:54 +1000 |
commit | e0624f0d702b57e23ecaf5236ce1bafdd85ec649 (patch) | |
tree | efb58c3011ac51de4fdcf093380e76df083941fa /crypto/property | |
parent | e908f292de6383c5d4dbece9381b523d4ce41c69 (diff) |
Add default property API's to enable and test for fips
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11239)
Diffstat (limited to 'crypto/property')
-rw-r--r-- | crypto/property/property.c | 63 | ||||
-rw-r--r-- | crypto/property/property_parse.c | 29 |
2 files changed, 89 insertions, 3 deletions
diff --git a/crypto/property/property.c b/crypto/property/property.c index 2bcbc85813..93df1bb679 100644 --- a/crypto/property/property.c +++ b/crypto/property/property.c @@ -362,8 +362,24 @@ fin: return ret; } +int ossl_method_store_global_property_is_enabled(OSSL_METHOD_STORE *store, + const char *prop_name) +{ + int ret = 0; + + if (store == NULL) + return 0; + + ossl_property_read_lock(store); + ret = ossl_property_is_enabled(store->ctx, prop_name, + store->global_properties); + ossl_property_unlock(store); + return ret; +} + int ossl_method_store_set_global_properties(OSSL_METHOD_STORE *store, - const char *prop_query) { + const char *prop_query) +{ int ret = 0; if (store == NULL) @@ -371,9 +387,11 @@ int ossl_method_store_set_global_properties(OSSL_METHOD_STORE *store, ossl_property_write_lock(store); ossl_method_cache_flush_all(store); + + ossl_property_free(store->global_properties); + store->global_properties = NULL; + if (prop_query == NULL) { - ossl_property_free(store->global_properties); - store->global_properties = NULL; ossl_property_unlock(store); return 1; } @@ -383,6 +401,45 @@ int ossl_method_store_set_global_properties(OSSL_METHOD_STORE *store, return ret; } +int ossl_method_store_merge_global_properties(OSSL_METHOD_STORE *store, + const char *prop_query) +{ + int ret = 0; + OSSL_PROPERTY_LIST *prop = NULL, *global; + + if (store == NULL) + return 1; + + ossl_property_write_lock(store); + ossl_method_cache_flush_all(store); + if (prop_query == NULL) { + ossl_property_free(store->global_properties); + store->global_properties = NULL; + goto success; + } + prop = ossl_parse_query(store->ctx, prop_query); + if (prop == NULL) + goto end; + + if (store->global_properties == NULL) { + store->global_properties = prop; + prop = NULL; + goto success; + } + global = ossl_property_merge(prop, store->global_properties); + if (global == NULL) + goto end; + ossl_property_free(store->global_properties); + store->global_properties = global; + success: + ret = 1; + end: + ossl_property_unlock(store); + ossl_property_free(prop); + return ret; +} + + static void impl_cache_flush_alg(ossl_uintmax_t idx, ALGORITHM *alg) { lh_QUERY_doall(alg->cache, &impl_cache_free); diff --git a/crypto/property/property_parse.c b/crypto/property/property_parse.c index eee76abc2c..21f78c02e2 100644 --- a/crypto/property/property_parse.c +++ b/crypto/property/property_parse.c @@ -453,6 +453,35 @@ int ossl_property_has_optional(const OSSL_PROPERTY_LIST *query) return query->has_optional ? 1 : 0; } +int ossl_property_is_enabled(OPENSSL_CTX *ctx, const char *property_name, + const OSSL_PROPERTY_LIST *prop_list) +{ + int i; + OSSL_PROPERTY_IDX name_id; + const PROPERTY_DEFINITION *prop = NULL; + + if (prop_list == NULL) + return 0; + + if (!parse_name(ctx, &property_name, 0, &name_id)) + return 0; + + prop = prop_list->properties; + for (i = 0; i < prop_list->n; ++i) { + if (prop[i].name_idx == name_id) { + /* Do a separate check for override as it does not set type */ + if (prop[i].optional || prop[i].oper == PROPERTY_OVERRIDE) + return 0; + return (prop[i].type == PROPERTY_TYPE_STRING + && ((prop[i].oper == PROPERTY_OPER_EQ + && prop[i].v.str_val == ossl_property_true) + || (prop[i].oper == PROPERTY_OPER_NE + && prop[i].v.str_val != ossl_property_true))); + } + } + return 0; +} + /* * Compare a query against a definition. * Return the number of clauses matched or -1 if a mandatory clause is false. |