/*
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <string.h>
#include <stdio.h>
#include <openssl/core.h>
#include <openssl/core_numbers.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/kdf.h>
/* TODO(3.0): Needed for dummy_evp_call(). To be removed */
#include <openssl/sha.h>
#include <openssl/rand_drbg.h>
#include <openssl/ec.h>
#include <openssl/fips_names.h>
#include "internal/cryptlib.h"
#include "internal/property.h"
#include "internal/nelem.h"
#include "openssl/param_build.h"
#include "crypto/evp.h"
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "prov/providercommon.h"
#include "prov/provider_util.h"
#include "self_test.h"
#define ALGC(NAMES, FUNC, CHECK) { { NAMES, "provider=fips,fips=yes", FUNC }, CHECK }
#define ALG(NAMES, FUNC) ALGC(NAMES, FUNC, NULL)
extern OSSL_core_thread_start_fn *c_thread_start;
/*
* TODO(3.0): Should these be stored in the provider side provctx? Could they
* ever be different from one init to the next? Unfortunately we can't do this
* at the moment because c_put_error/c_add_error_vdata do not provide
* us with the OPENSSL_CTX as a parameter.
*/
static SELF_TEST_POST_PARAMS selftest_params;
/* Functions provided by the core */
static OSSL_core_gettable_params_fn *c_gettable_params;
static OSSL_core_get_params_fn *c_get_params;
OSSL_core_thread_start_fn *c_thread_start;
static OSSL_core_new_error_fn *c_new_error;
static OSSL_core_set_error_debug_fn *c_set_error_debug;
static OSSL_core_vset_error_fn *c_vset_error;
static OSSL_core_set_error_mark_fn *c_set_error_mark;
static OSSL_core_clear_last_error_mark_fn *c_clear_last_error_mark;
static OSSL_core_pop_error_to_mark_fn *c_pop_error_to_mark;
static OSSL_CRYPTO_malloc_fn *c_CRYPTO_malloc;
static OSSL_CRYPTO_zalloc_fn *c_CRYPTO_zalloc;
static OSSL_CRYPTO_free_fn *c_CRYPTO_free;
static OSSL_CRYPTO_clear_free_fn *c_CRYPTO_clear_free;
static OSSL_CRYPTO_realloc_fn *c_CRYPTO_realloc;
static OSSL_CRYPTO_clear_realloc_fn *c_CRYPTO_clear_realloc;
static OSSL_CRYPTO_secure_malloc_fn *c_CRYPTO_secure_malloc;
static OSSL_CRYPTO_secure_zalloc_fn *c_CRYPTO_secure_zalloc;
static OSSL_CRYPTO_secure_free_fn *c_CRYPTO_secure_free;
static OSSL_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free;
static OSSL_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated;
static OSSL_BIO_vsnprintf_fn *c_BIO_vsnprintf;
typedef struct fips_global_st {
const OSSL_PROVIDER *prov;
} FIPS_GLOBAL;
static void *fips_prov_ossl_ctx_new(OPENSSL_CTX *libctx)
{
FIPS_GLOBAL *fgbl = OPENSSL_zalloc(sizeof(*fgbl));
return fgbl;
}
static void fips_prov_ossl_ctx_free(void *fgbl)
{
OPENSSL_free(fgbl);
}
static const OPENSSL_CTX_METHOD fips_prov_ossl_ctx_method = {
fips_prov_ossl_ctx_new,
fips_prov_ossl_ctx_free,
};
/* Parameters we provide to the core */
static const OSSL_PARAM fips_param_types[] = {
OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0),
OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0),
OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0),
OSSL_PARAM_END
};
/*
* Parameters to retrieve from the core provider - required for self testing.
* NOTE: inside core_get_params() these will be loaded from config items
* stored inside prov->parameters (except for OSSL_PROV_PARAM_MODULE_FILENAME).
*/
static OSSL_PARAM core_params[] =
{
OSSL_PARAM_utf8_ptr(OSSL_PROV_PARAM_MODULE_FILENAME,
selftest_params.module_filename,
sizeof(selftest_params.module_filename)),
OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_MODULE_MAC,
selftest_params.module_checksum_data,