diff options
author | Pauli <paul.dale@oracle.com> | 2020-09-08 12:56:34 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-09-12 16:46:51 +1000 |
commit | f99d3eedf7c3e1e2b10aad911f469f1fc783a395 (patch) | |
tree | 3fae1a4f153367e1296c2c61d782bd59acbf73dc /providers/implementations/ciphers/cipher_chacha20.c | |
parent | 422cbcee6167faa20f439726a8b7bff0af51edc9 (diff) |
ciphers: add FIPS error state handling
The functions that check for the provider being runnable are: new, init, final
and dupctx.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12801)
Diffstat (limited to 'providers/implementations/ciphers/cipher_chacha20.c')
-rw-r--r-- | providers/implementations/ciphers/cipher_chacha20.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/providers/implementations/ciphers/cipher_chacha20.c b/providers/implementations/ciphers/cipher_chacha20.c index 4e02ce9493..56bc1b95af 100644 --- a/providers/implementations/ciphers/cipher_chacha20.c +++ b/providers/implementations/ciphers/cipher_chacha20.c @@ -11,6 +11,7 @@ #include "cipher_chacha20.h" #include "prov/implementations.h" +#include "prov/providercommon.h" #include "prov/providercommonerr.h" #define CHACHA20_KEYLEN (CHACHA_KEY_SIZE) @@ -43,11 +44,15 @@ void chacha20_initctx(PROV_CHACHA20_CTX *ctx) static void *chacha20_newctx(void *provctx) { - PROV_CHACHA20_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); + PROV_CHACHA20_CTX *ctx; - if (ctx != NULL) - chacha20_initctx(ctx); - return ctx; + if (!ossl_prov_is_running()) + return NULL; + + ctx = OPENSSL_zalloc(sizeof(*ctx)); + if (ctx != NULL) + chacha20_initctx(ctx); + return ctx; } static void chacha20_freectx(void *vctx) @@ -141,6 +146,7 @@ int chacha20_einit(void *vctx, const unsigned char *key, size_t keylen, { int ret; + /* The generic function checks for ossl_prov_is_running() */ ret= cipher_generic_einit(vctx, key, keylen, iv, ivlen); if (ret && iv != NULL) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; @@ -156,6 +162,7 @@ int chacha20_dinit(void *vctx, const unsigned char *key, size_t keylen, { int ret; + /* The generic function checks for ossl_prov_is_running() */ ret= cipher_generic_dinit(vctx, key, keylen, iv, ivlen); if (ret && iv != NULL) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; |