STACK_OF(INFOPAIR) *parameters;
OPENSSL_CTX *libctx; /* The library context this instance is in */
struct provider_store_st *store; /* The store this instance belongs to */
+#ifndef FIPS_MODE
+ /*
+ * In the FIPS module inner provider, this isn't needed, since the
+ * error upcalls are always direct calls to the outer provider.
+ */
int error_lib; /* ERR library number, one for each provider */
-#ifndef OPENSSL_NO_ERR
+# ifndef OPENSSL_NO_ERR
ERR_STRING_DATA *error_strings; /* Copy of what the provider gives us */
+# endif
#endif
/* Provider side functions */
}
prov->libctx = ctx;
prov->store = store;
+#ifndef FIPS_MODE
prov->error_lib = ERR_get_next_error_library();
+#endif
if(p->is_fallback)
ossl_provider_set_fallback(prov);
}
} else {
prov->libctx = libctx;
prov->store = store;
+#ifndef FIPS_MODE
prov->error_lib = ERR_get_next_error_library();
+#endif
}
CRYPTO_THREAD_unlock(store->lock);
{
const OSSL_DISPATCH *provider_dispatch = NULL;
#ifndef OPENSSL_NO_ERR
+# ifndef FIPS_MODE
OSSL_provider_get_reason_strings_fn *p_get_reason_strings = NULL;
+# endif
#endif
if (prov->flag_initialized)
OSSL_get_provider_query_operation(provider_dispatch);
break;
#ifndef OPENSSL_NO_ERR
+# ifndef FIPS_MODE
case OSSL_FUNC_PROVIDER_GET_REASON_STRINGS:
p_get_reason_strings =
OSSL_get_provider_get_reason_strings(provider_dispatch);
break;
+# endif
#endif
}
}
#ifndef OPENSSL_NO_ERR
+# ifndef FIPS_MODE
if (p_get_reason_strings != NULL) {
const OSSL_ITEM *reasonstrings = p_get_reason_strings(prov->provctx);
size_t cnt, cnt2;
ERR_load_strings(prov->error_lib, prov->error_strings);
}
+# endif
#endif
/* With this flag set, this provider has become fully "loaded". */
return ossl_init_thread_start(prov, prov->provctx, handfn);
}
+/*
+ * The FIPS module inner provider doesn't implement these. They aren't
+ * needed there, since the FIPS module upcalls are always the outer provider
+ * ones.
+ */
+#ifndef FIPS_MODE
static void core_put_error(const OSSL_PROVIDER *prov,
uint32_t reason, const char *file, int line)
{
{
ERR_add_error_vdata(num, args);
}
+#endif
static const OSSL_DISPATCH core_dispatch_[] = {
{ OSSL_FUNC_CORE_GET_PARAM_TYPES, (void (*)(void))core_get_param_types },
{ OSSL_FUNC_CORE_GET_PARAMS, (void (*)(void))core_get_params },
{ OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT, (void (*)(void))core_get_libctx },
{ OSSL_FUNC_CORE_THREAD_START, (void (*)(void))core_thread_start },
+#ifndef FIPS_MODE
{ OSSL_FUNC_CORE_PUT_ERROR, (void (*)(void))core_put_error },
{ OSSL_FUNC_CORE_ADD_ERROR_VDATA, (void (*)(void))core_add_error_vdata },
+#endif
{ 0, NULL }
};
static const OSSL_DISPATCH *core_dispatch = core_dispatch_;
void ERR_put_error(int lib, int func, int reason, const char *file, int line)
{
/*
- * TODO(3.0): This works for the FIPS module because we're going to be
- * using lib/func/reason codes that libcrypto already knows about. This
- * won't work for third party providers that have their own error mechanisms,
- * so we'll need to come up with something else for them.
+ * TODO(3.0) the first argument is currently NULL but is expected to
+ * be passed something else in the future, either an OSSL_PROVIDER or
+ * a OPENSSL_CTX pointer.
*/
- c_put_error(lib, func, reason, file, line);
+ c_put_error(NULL, ERR_PACK(lib, func, reason), file, line);
ERR_add_error_data(1, "(in the FIPS module)");
}
void ERR_add_error_vdata(int num, va_list args)
{
- c_add_error_vdata(num, args);
+ c_add_error_vdata(NULL, num, args);
}
const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *ctx)
projects / oweals / openssl.git / commitdiff