diff options
| author | Matt Caswell <matt@openssl.org> | 2020-05-06 12:29:57 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2020-05-16 17:10:03 +0100 |
| commit | d40b42ab4c8a88740a2cc2a20c709fe869c4dd1e (patch) | |
| tree | 0dfa4439f3de544d7e52abf56c578e10e5346458 /providers/common/include/prov | |
| parent | 827f04d5105e9bec0af214c42b8ad799fba5bb0d (diff) | |
Maintain strict type discipline between the core and providers
A provider could be linked against a different version of libcrypto than
the version of libcrypto that loaded the provider. Different versions of
libcrypto could define opaque types differently. It must never occur that
a type created in one libcrypto is used directly by the other libcrypto.
This will cause crashes.
We can "cheat" for "built-in" providers that are part of libcrypto itself,
because we know that the two libcrypto versions are the same - but not for
other providers.
To ensure this does not occur we use different types names for the handful
of opaque types that are passed between the core and providers.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11758)
Diffstat (limited to 'providers/common/include/prov')
| -rw-r--r-- | providers/common/include/prov/bio.h | 18 | ||||
| -rw-r--r-- | providers/common/include/prov/provider_ctx.h | 22 | ||||
| -rw-r--r-- | providers/common/include/prov/providercommon.h | 2 |
3 files changed, 29 insertions, 13 deletions
diff --git a/providers/common/include/prov/bio.h b/providers/common/include/prov/bio.h index 63f9d4ec3a..732dc06f03 100644 --- a/providers/common/include/prov/bio.h +++ b/providers/common/include/prov/bio.h @@ -10,13 +10,19 @@ #include <stdarg.h> #include <openssl/bio.h> #include <openssl/core.h> +#include "prov/provider_ctx.h" int ossl_prov_bio_from_dispatch(const OSSL_DISPATCH *fns); -BIO *ossl_prov_bio_new_file(const char *filename, const char *mode); -BIO *ossl_prov_bio_new_membuf(const char *filename, int len); -int ossl_prov_bio_read_ex(BIO *bio, void *data, size_t data_len, +OSSL_CORE_BIO *ossl_prov_bio_new_file(const char *filename, const char *mode); +OSSL_CORE_BIO *ossl_prov_bio_new_membuf(const char *filename, int len); +int ossl_prov_bio_read_ex(OSSL_CORE_BIO *bio, void *data, size_t data_len, size_t *bytes_read); -int ossl_prov_bio_free(BIO *bio); -int ossl_prov_bio_vprintf(BIO *bio, const char *format, va_list ap); -int ossl_prov_bio_printf(BIO *bio, const char *format, ...); +int ossl_prov_bio_write_ex(OSSL_CORE_BIO *bio, const void *data, size_t data_len, + size_t *written); +int ossl_prov_bio_free(OSSL_CORE_BIO *bio); +int ossl_prov_bio_vprintf(OSSL_CORE_BIO *bio, const char *format, va_list ap); +int ossl_prov_bio_printf(OSSL_CORE_BIO *bio, const char *format, ...); + +BIO_METHOD *bio_prov_init_bio_method(void); +BIO *bio_new_from_core_bio(PROV_CTX *provctx, OSSL_CORE_BIO *corebio); diff --git a/providers/common/include/prov/provider_ctx.h b/providers/common/include/prov/provider_ctx.h index fc2df2ee67..a252143e81 100644 --- a/providers/common/include/prov/provider_ctx.h +++ b/providers/common/include/prov/provider_ctx.h @@ -7,24 +7,34 @@ * https://www.openssl.org/source/license.html */ -#include <openssl/types.h> -#include <openssl/crypto.h> +#ifndef OSSL_PROV_PROVIDER_CTX_H +# define OSSL_PROV_PROVIDER_CTX_H + +# include <openssl/types.h> +# include <openssl/crypto.h> +# include <openssl/bio.h> +# include <openssl/core.h> typedef struct prov_ctx_st { - const OSSL_PROVIDER *provider; + const OSSL_CORE_HANDLE *handle; OPENSSL_CTX *libctx; /* For all provider modules */ + BIO_METHOD *corebiometh; } PROV_CTX; /* * To be used anywhere the library context needs to be passed, such as to * fetching functions. */ -#define PROV_LIBRARY_CONTEXT_OF(provctx) \ +# define PROV_LIBRARY_CONTEXT_OF(provctx) \ PROV_CTX_get0_library_context((provctx)) PROV_CTX *PROV_CTX_new(void); void PROV_CTX_free(PROV_CTX *ctx); void PROV_CTX_set0_library_context(PROV_CTX *ctx, OPENSSL_CTX *libctx); -void PROV_CTX_set0_provider(PROV_CTX *ctx, const OSSL_PROVIDER *libctx); +void PROV_CTX_set0_handle(PROV_CTX *ctx, const OSSL_CORE_HANDLE *handle); +void PROV_CTX_set0_core_bio_method(PROV_CTX *ctx, BIO_METHOD *corebiometh); OPENSSL_CTX *PROV_CTX_get0_library_context(PROV_CTX *ctx); -const OSSL_PROVIDER *PROV_CTX_get0_provider(PROV_CTX *ctx); +const OSSL_CORE_HANDLE *PROV_CTX_get0_handle(PROV_CTX *ctx); +BIO_METHOD *PROV_CTX_get0_core_bio_method(PROV_CTX *ctx); + +#endif diff --git a/providers/common/include/prov/providercommon.h b/providers/common/include/prov/providercommon.h index 5123f78ee1..07c5a67f38 100644 --- a/providers/common/include/prov/providercommon.h +++ b/providers/common/include/prov/providercommon.h @@ -9,7 +9,7 @@ #include <openssl/provider.h> -const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *ctx); +const OSSL_CORE_HANDLE *FIPS_get_core_handle(OPENSSL_CTX *ctx); const char *ossl_prov_util_nid_to_name(int nid); |