diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-09-15 14:32:40 +1000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2020-09-19 18:21:09 +1000 |
commit | f8e747471ebb5e6d65264de91e26fbc439841bc4 (patch) | |
tree | 226e22ff5e49a8807d21e06bb312ef56312741aa /crypto/self_test_core.c | |
parent | 80f4fd18f72c0d3faae864da6979b83acc4f89a2 (diff) |
Add a copy of OSSL_SELF_TEST_get_callback() to the fips module.
The user can set up a self test callback that should be activated when a keygen operation (e.g ec) occurs for the fips module.
The callback information is stored inside the applications library context, but this was not being triggered since the
library context used for the key generation operation was the internal library context used by the fips module (which is not
the same as the application's library context). During the keygen operation the OSSL_SELF_TEST_get_callback() function is used
to retrieve the callback info.
By having a seperate copy of OSSL_SELF_TEST_get_callback() for the fips module we can ensure that the parent library context
is used instead.
The core OSSL_SELF_TEST_get_callback() function pointer is passed across the boundary during the fips modules entry point
such that the fips version of the function can call it after changing the libctx.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12877)
Diffstat (limited to 'crypto/self_test_core.c')
-rw-r--r-- | crypto/self_test_core.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/self_test_core.c b/crypto/self_test_core.c index ca8925abe5..7aa8490ddf 100644 --- a/crypto/self_test_core.c +++ b/crypto/self_test_core.c @@ -31,6 +31,7 @@ struct ossl_self_test_st void *cb_arg; }; +#ifndef FIPS_MODULE static void *self_test_set_callback_new(OPENSSL_CTX *ctx) { SELF_TEST_CB *stcb; @@ -55,7 +56,6 @@ static SELF_TEST_CB *get_self_test_callback(OPENSSL_CTX *libctx) &self_test_set_callback_method); } -#ifndef FIPS_MODULE void OSSL_SELF_TEST_set_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK *cb, void *cbarg) { @@ -66,7 +66,6 @@ void OSSL_SELF_TEST_set_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK *cb, stcb->cbarg = cbarg; } } -#endif /* FIPS_MODULE */ void OSSL_SELF_TEST_get_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK **cb, void **cbarg) @@ -78,6 +77,7 @@ void OSSL_SELF_TEST_get_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK **cb, if (cbarg != NULL) *cbarg = (stcb != NULL ? stcb->cbarg : NULL); } +#endif /* FIPS_MODULE */ static void self_test_setparams(OSSL_SELF_TEST *st) { |