2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include <openssl/core.h>
13 #include <openssl/core_numbers.h>
14 #include <openssl/core_names.h>
15 #include <openssl/params.h>
16 #include <openssl/err.h>
17 #include <openssl/evp.h>
18 #include <openssl/kdf.h>
20 /* TODO(3.0): Needed for dummy_evp_call(). To be removed */
21 #include <openssl/sha.h>
22 #include <openssl/rand_drbg.h>
23 #include <openssl/ec.h>
24 #include <openssl/fips_names.h>
26 #include "internal/cryptlib.h"
27 #include "internal/property.h"
28 #include "internal/nelem.h"
29 #include "openssl/param_build.h"
30 #include "crypto/evp.h"
31 #include "prov/implementations.h"
32 #include "prov/provider_ctx.h"
33 #include "prov/providercommon.h"
34 #include "prov/provider_util.h"
35 #include "self_test.h"
38 * Forward declarations to ensure that interface functions are correctly
41 static OSSL_provider_teardown_fn fips_teardown;
42 static OSSL_provider_gettable_params_fn fips_gettable_params;
43 static OSSL_provider_get_params_fn fips_get_params;
44 static OSSL_provider_query_operation_fn fips_query;
46 #define ALGC(NAMES, FUNC, CHECK) { { NAMES, "provider=fips,fips=yes", FUNC }, CHECK }
47 #define ALG(NAMES, FUNC) ALGC(NAMES, FUNC, NULL)
49 extern OSSL_core_thread_start_fn *c_thread_start;
52 * TODO(3.0): Should these be stored in the provider side provctx? Could they
53 * ever be different from one init to the next? Unfortunately we can't do this
54 * at the moment because c_put_error/c_add_error_vdata do not provide
55 * us with the OPENSSL_CTX as a parameter.
58 static SELF_TEST_POST_PARAMS selftest_params;
60 /* Functions provided by the core */
61 static OSSL_core_gettable_params_fn *c_gettable_params;
62 static OSSL_core_get_params_fn *c_get_params;
63 OSSL_core_thread_start_fn *c_thread_start;
64 static OSSL_core_new_error_fn *c_new_error;
65 static OSSL_core_set_error_debug_fn *c_set_error_debug;
66 static OSSL_core_vset_error_fn *c_vset_error;
67 static OSSL_core_set_error_mark_fn *c_set_error_mark;
68 static OSSL_core_clear_last_error_mark_fn *c_clear_last_error_mark;
69 static OSSL_core_pop_error_to_mark_fn *c_pop_error_to_mark;
70 static OSSL_CRYPTO_malloc_fn *c_CRYPTO_malloc;
71 static OSSL_CRYPTO_zalloc_fn *c_CRYPTO_zalloc;
72 static OSSL_CRYPTO_free_fn *c_CRYPTO_free;
73 static OSSL_CRYPTO_clear_free_fn *c_CRYPTO_clear_free;
74 static OSSL_CRYPTO_realloc_fn *c_CRYPTO_realloc;
75 static OSSL_CRYPTO_clear_realloc_fn *c_CRYPTO_clear_realloc;
76 static OSSL_CRYPTO_secure_malloc_fn *c_CRYPTO_secure_malloc;
77 static OSSL_CRYPTO_secure_zalloc_fn *c_CRYPTO_secure_zalloc;
78 static OSSL_CRYPTO_secure_free_fn *c_CRYPTO_secure_free;
79 static OSSL_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free;
80 static OSSL_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated;
81 static OSSL_BIO_vsnprintf_fn *c_BIO_vsnprintf;
83 typedef struct fips_global_st {
84 const OSSL_CORE_HANDLE *handle;
87 static void *fips_prov_ossl_ctx_new(OPENSSL_CTX *libctx)
89 FIPS_GLOBAL *fgbl = OPENSSL_zalloc(sizeof(*fgbl));
94 static void fips_prov_ossl_ctx_free(void *fgbl)
99 static const OPENSSL_CTX_METHOD fips_prov_ossl_ctx_method = {
100 fips_prov_ossl_ctx_new,
101 fips_prov_ossl_ctx_free,
105 /* Parameters we provide to the core */
106 static const OSSL_PARAM fips_param_types[] = {
107 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0),
108 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0),
109 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0),
114 * Parameters to retrieve from the core provider - required for self testing.
115 * NOTE: inside core_get_params() these will be loaded from config items
116 * stored inside prov->parameters (except for
117 * OSSL_PROV_PARAM_CORE_MODULE_FILENAME).
119 static OSSL_PARAM core_params[] =
121 OSSL_PARAM_utf8_ptr(OSSL_PROV_PARAM_CORE_MODULE_FILENAME,
122 selftest_params.module_filename,
123 sizeof(selftest_params.module_filename)),
124 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_MODULE_MAC,
125 selftest_params.module_checksum_data,
126 sizeof(selftest_params.module_checksum_data)),
127 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_INSTALL_MAC,
128 selftest_params.indicator_checksum_data,
129 sizeof(selftest_params.indicator_checksum_data)),
130 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_INSTALL_STATUS,
131 selftest_params.indicator_data,
132 sizeof(selftest_params.indicator_data)),
133 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_INSTALL_VERSION,
134 selftest_params.indicator_version,
135 sizeof(selftest_params.indicator_version)),
139 /* TODO(3.0): To be removed */
140 static int dummy_evp_call(OPENSSL_CTX *libctx)
142 EVP_MD_CTX *ctx = EVP_MD_CTX_new();
143 EVP_MD *sha256 = EVP_MD_fetch(libctx, "SHA256", NULL);
144 EVP_KDF *kdf = EVP_KDF_fetch(libctx, OSSL_KDF_NAME_PBKDF2, NULL);
145 unsigned char dgst[SHA256_DIGEST_LENGTH];
146 unsigned int dgstlen;
148 BN_CTX *bnctx = NULL;
149 BIGNUM *a = NULL, *b = NULL;
150 unsigned char randbuf[128];
151 RAND_DRBG *drbg = OPENSSL_CTX_get0_public_drbg(libctx);
152 #ifndef OPENSSL_NO_EC
156 static const char msg[] = "Hello World!";
157 static const unsigned char exptd[] = {
158 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
159 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,
160 0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69
163 if (ctx == NULL || sha256 == NULL || drbg == NULL || kdf == NULL)
166 if (!EVP_DigestInit_ex(ctx, sha256, NULL))
168 if (!EVP_DigestUpdate(ctx, msg, sizeof(msg) - 1))
170 if (!EVP_DigestFinal(ctx, dgst, &dgstlen))
172 if (dgstlen != sizeof(exptd) || memcmp(dgst, exptd, sizeof(exptd)) != 0)
175 bnctx = BN_CTX_new_ex(libctx);
179 a = BN_CTX_get(bnctx);
180 b = BN_CTX_get(bnctx);
186 || BN_cmp(a, b) != 0)
189 if (RAND_DRBG_bytes(drbg, randbuf, sizeof(randbuf)) <= 0)
192 if (!BN_rand_ex(a, 256, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, bnctx))
195 #ifndef OPENSSL_NO_EC
196 /* Do some dummy EC calls */
197 key = EC_KEY_new_by_curve_name_with_libctx(libctx, NULL, NID_X9_62_prime256v1);
201 if (!EC_KEY_generate_key(key))
211 EVP_MD_CTX_free(ctx);
214 #ifndef OPENSSL_NO_EC
220 static const OSSL_PARAM *fips_gettable_params(void *provctx)
222 return fips_param_types;
225 static int fips_get_params(void *provctx, OSSL_PARAM params[])
229 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME);
230 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL FIPS Provider"))
232 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION);
233 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR))
235 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO);
236 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR))
242 /* FIPS specific version of the function of the same name in provlib.c */
243 const char *ossl_prov_util_nid_to_name(int nid)
245 /* We don't have OBJ_nid2n() in FIPS_MODULE so we have an explicit list */
260 return "SHA-512/224";
262 return "SHA-512/256";
273 case NID_aes_256_ecb:
274 return "AES-256-ECB";
275 case NID_aes_192_ecb:
276 return "AES-192-ECB";
277 case NID_aes_128_ecb:
278 return "AES-128-ECB";
279 case NID_aes_256_cbc:
280 return "AES-256-CBC";
281 case NID_aes_192_cbc:
282 return "AES-192-CBC";
283 case NID_aes_128_cbc:
284 return "AES-128-CBC";
285 case NID_aes_256_ctr:
286 return "AES-256-CTR";
287 case NID_aes_192_ctr:
288 return "AES-192-CTR";
289 case NID_aes_128_ctr:
290 return "AES-128-CTR";
291 case NID_aes_256_xts:
292 return "AES-256-XTS";
293 case NID_aes_128_xts:
294 return "AES-128-XTS";
295 case NID_aes_256_gcm:
296 return "AES-256-GCM";
297 case NID_aes_192_gcm:
298 return "AES-192-GCM";
299 case NID_aes_128_gcm:
300 return "AES-128-GCM";
301 case NID_aes_256_ccm:
302 return "AES-256-CCM";
303 case NID_aes_192_ccm:
304 return "AES-192-CCM";
305 case NID_aes_128_ccm:
306 return "AES-128-CCM";
307 case NID_id_aes256_wrap:
308 return "AES-256-WRAP";
309 case NID_id_aes192_wrap:
310 return "AES-192-WRAP";
311 case NID_id_aes128_wrap:
312 return "AES-128-WRAP";
313 case NID_id_aes256_wrap_pad:
314 return "AES-256-WRAP-PAD";
315 case NID_id_aes192_wrap_pad:
316 return "AES-192-WRAP-PAD";
317 case NID_id_aes128_wrap_pad:
318 return "AES-128-WRAP-PAD";
319 case NID_des_ede3_ecb:
321 case NID_des_ede3_cbc:
322 return "DES-EDE3-CBC";
323 case NID_aes_256_cbc_hmac_sha256:
324 return "AES-256-CBC-HMAC-SHA256";
325 case NID_aes_128_cbc_hmac_sha256:
326 return "AES-128-CBC-HMAC-SHA256";
327 case NID_aes_256_cbc_hmac_sha1:
328 return "AES-256-CBC-HMAC-SHA1";
329 case NID_aes_128_cbc_hmac_sha1:
330 return "AES-128-CBC-HMAC-SHA1";
339 * For the algorithm names, we use the following formula for our primary
342 * ALGNAME[VERSION?][-SUBNAME[VERSION?]?][-SIZE?][-MODE?]
344 * VERSION is only present if there are multiple versions of
345 * an alg (MD2, MD4, MD5). It may be omitted if there is only
346 * one version (if a subsequent version is released in the future,
347 * we can always change the canonical name, and add the old name
350 * SUBNAME may be present where we are combining multiple
351 * algorithms together, e.g. MD5-SHA1.
353 * SIZE is only present if multiple versions of an algorithm exist
354 * with different sizes (e.g. AES-128-CBC, AES-256-CBC)
356 * MODE is only present where applicable.
358 * We add diverse other names where applicable, such as the names that
359 * NIST uses, or that are used for ASN.1 OBJECT IDENTIFIERs, or names
360 * we have used historically.
362 static const OSSL_ALGORITHM fips_digests[] = {
363 /* Our primary name:NiST name[:our older names] */
364 { "SHA1:SHA-1", "provider=fips,fips=yes", sha1_functions },
365 { "SHA2-224:SHA-224:SHA224", "provider=fips,fips=yes", sha224_functions },
366 { "SHA2-256:SHA-256:SHA256", "provider=fips,fips=yes", sha256_functions },
367 { "SHA2-384:SHA-384:SHA384", "provider=fips,fips=yes", sha384_functions },
368 { "SHA2-512:SHA-512:SHA512", "provider=fips,fips=yes", sha512_functions },
369 { "SHA2-512/224:SHA-512/224:SHA512-224", "provider=fips,fips=yes",
370 sha512_224_functions },
371 { "SHA2-512/256:SHA-512/256:SHA512-256", "provider=fips,fips=yes",
372 sha512_256_functions },
374 /* We agree with NIST here, so one name only */
375 { "SHA3-224", "provider=fips,fips=yes", sha3_224_functions },
376 { "SHA3-256", "provider=fips,fips=yes", sha3_256_functions },
377 { "SHA3-384", "provider=fips,fips=yes", sha3_384_functions },
378 { "SHA3-512", "provider=fips,fips=yes", sha3_512_functions },
380 { "SHAKE-128:SHAKE128", "provider=fips,fips=yes", shake_128_functions },
381 { "SHAKE-256:SHAKE256", "provider=fips,fips=yes", shake_256_functions },
384 * KECCAK-KMAC-128 and KECCAK-KMAC-256 as hashes are mostly useful for
385 * KMAC128 and KMAC256.
387 { "KECCAK-KMAC-128:KECCAK-KMAC128", "provider=fips,fips=yes",
388 keccak_kmac_128_functions },
389 { "KECCAK-KMAC-256:KECCAK-KMAC256", "provider=fips,fips=yes",
390 keccak_kmac_256_functions },
394 static const OSSL_ALGORITHM_CAPABLE fips_ciphers[] = {
395 /* Our primary name[:ASN.1 OID name][:our older names] */
396 ALG("AES-256-ECB", aes256ecb_functions),
397 ALG("AES-192-ECB", aes192ecb_functions),
398 ALG("AES-128-ECB", aes128ecb_functions),
399 ALG("AES-256-CBC", aes256cbc_functions),
400 ALG("AES-192-CBC", aes192cbc_functions),
401 ALG("AES-128-CBC", aes128cbc_functions),
402 ALG("AES-256-OFB", aes256ofb_functions),
403 ALG("AES-192-OFB", aes192ofb_functions),
404 ALG("AES-128-OFB", aes128ofb_functions),
405 ALG("AES-256-CFB", aes256cfb_functions),
406 ALG("AES-192-CFB", aes192cfb_functions),
407 ALG("AES-128-CFB", aes128cfb_functions),
408 ALG("AES-256-CFB1", aes256cfb1_functions),
409 ALG("AES-192-CFB1", aes192cfb1_functions),
410 ALG("AES-128-CFB1", aes128cfb1_functions),
411 ALG("AES-256-CFB8", aes256cfb8_functions),
412 ALG("AES-192-CFB8", aes192cfb8_functions),
413 ALG("AES-128-CFB8", aes128cfb8_functions),
414 ALG("AES-256-CTR", aes256ctr_functions),
415 ALG("AES-192-CTR", aes192ctr_functions),
416 ALG("AES-128-CTR", aes128ctr_functions),
417 ALG("AES-256-XTS", aes256xts_functions),
418 ALG("AES-128-XTS", aes128xts_functions),
419 ALG("AES-256-GCM:id-aes256-GCM", aes256gcm_functions),
420 ALG("AES-192-GCM:id-aes192-GCM", aes192gcm_functions),
421 ALG("AES-128-GCM:id-aes128-GCM", aes128gcm_functions),
422 ALG("AES-256-CCM:id-aes256-CCM", aes256ccm_functions),
423 ALG("AES-192-CCM:id-aes192-CCM", aes192ccm_functions),
424 ALG("AES-128-CCM:id-aes128-CCM", aes128ccm_functions),
425 ALG("AES-256-WRAP:id-aes256-wrap:AES256-WRAP", aes256wrap_functions),
426 ALG("AES-192-WRAP:id-aes192-wrap:AES192-WRAP", aes192wrap_functions),
427 ALG("AES-128-WRAP:id-aes128-wrap:AES128-WRAP", aes128wrap_functions),
428 ALG("AES-256-WRAP-PAD:id-aes256-wrap-pad:AES256-WRAP-PAD",
429 aes256wrappad_functions),
430 ALG("AES-192-WRAP-PAD:id-aes192-wrap-pad:AES192-WRAP-PAD",
431 aes192wrappad_functions),
432 ALG("AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD",
433 aes128wrappad_functions),
434 ALGC("AES-128-CBC-HMAC-SHA1", aes128cbc_hmac_sha1_functions,
435 cipher_capable_aes_cbc_hmac_sha1),
436 ALGC("AES-256-CBC-HMAC-SHA1", aes256cbc_hmac_sha1_functions,
437 cipher_capable_aes_cbc_hmac_sha1),
438 ALGC("AES-128-CBC-HMAC-SHA256", aes128cbc_hmac_sha256_functions,
439 cipher_capable_aes_cbc_hmac_sha256),
440 ALGC("AES-256-CBC-HMAC-SHA256", aes256cbc_hmac_sha256_functions,
441 cipher_capable_aes_cbc_hmac_sha256),
442 #ifndef OPENSSL_NO_DES
443 ALG("DES-EDE3-ECB:DES-EDE3", tdes_ede3_ecb_functions),
444 ALG("DES-EDE3-CBC:DES3", tdes_ede3_cbc_functions),
445 #endif /* OPENSSL_NO_DES */
446 { { NULL, NULL, NULL }, NULL }
448 static OSSL_ALGORITHM exported_fips_ciphers[OSSL_NELEM(fips_ciphers)];
450 static const OSSL_ALGORITHM fips_macs[] = {
451 #ifndef OPENSSL_NO_CMAC
452 { "CMAC", "provider=fips,fips=yes", cmac_functions },
454 { "GMAC", "provider=fips,fips=yes", gmac_functions },
455 { "HMAC", "provider=fips,fips=yes", hmac_functions },
456 { "KMAC-128:KMAC128", "provider=fips,fips=yes", kmac128_functions },
457 { "KMAC-256:KMAC256", "provider=fips,fips=yes", kmac256_functions },
461 static const OSSL_ALGORITHM fips_kdfs[] = {
462 { "HKDF", "provider=fips,fips=yes", kdf_hkdf_functions },
463 { "SSKDF", "provider=fips,fips=yes", kdf_sskdf_functions },
464 { "PBKDF2", "provider=fips,fips=yes", kdf_pbkdf2_functions },
465 { "SSHKDF", "provider=fips,fips=yes", kdf_sshkdf_functions },
466 { "X963KDF", "provider=fips,fips=yes", kdf_x963_kdf_functions },
467 { "TLS1-PRF", "provider=fips,fips=yes", kdf_tls1_prf_functions },
468 { "KBKDF", "provider=fips,fips=yes", kdf_kbkdf_functions },
472 static const OSSL_ALGORITHM fips_rands[] = {
473 { "CTR-DRBG", "provider=fips", drbg_ctr_functions },
474 { "HASH-DRBG", "provider=fips", drbg_hash_functions },
475 { "HMAC-DRBG", "provider=fips", drbg_hmac_functions },
476 { "TEST-RAND", "provider=fips", test_rng_functions },
480 static const OSSL_ALGORITHM fips_keyexch[] = {
481 #ifndef OPENSSL_NO_DH
482 { "DH:dhKeyAgreement", "provider=fips,fips=yes", dh_keyexch_functions },
484 #ifndef OPENSSL_NO_EC
485 { "ECDH", "provider=fips,fips=yes", ecdh_keyexch_functions },
486 { "X25519", "provider=fips,fips=no", x25519_keyexch_functions },
487 { "X448", "provider=fips,fips=no", x448_keyexch_functions },
492 static const OSSL_ALGORITHM fips_signature[] = {
493 #ifndef OPENSSL_NO_DSA
494 { "DSA:dsaEncryption", "provider=fips,fips=yes", dsa_signature_functions },
496 { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_signature_functions },
497 #ifndef OPENSSL_NO_EC
498 { "ED25519", "provider=fips,fips=no", ed25519_signature_functions },
499 { "ED448", "provider=fips,fips=no", ed448_signature_functions },
500 { "ECDSA", "provider=fips,fips=yes", ecdsa_signature_functions },
505 static const OSSL_ALGORITHM fips_asym_cipher[] = {
506 { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_asym_cipher_functions },
510 static const OSSL_ALGORITHM fips_keymgmt[] = {
511 #ifndef OPENSSL_NO_DH
512 { "DH:dhKeyAgreement", "provider=fips,fips=yes", dh_keymgmt_functions },
514 #ifndef OPENSSL_NO_DSA
515 { "DSA", "provider=fips,fips=yes", dsa_keymgmt_functions },
517 { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_keymgmt_functions },
518 { "RSA-PSS:RSASSA-PSS", "provider=fips,fips=yes",
519 rsapss_keymgmt_functions },
520 #ifndef OPENSSL_NO_EC
521 { "EC:id-ecPublicKey", "provider=fips,fips=yes", ec_keymgmt_functions },
522 { "X25519", "provider=fips,fips=no", x25519_keymgmt_functions },
523 { "X448", "provider=fips,fips=no", x448_keymgmt_functions },
524 { "ED25519", "provider=fips,fips=no", ed25519_keymgmt_functions },
525 { "ED448", "provider=fips,fips=no", ed448_keymgmt_functions },
530 static const OSSL_ALGORITHM *fips_query(void *provctx, int operation_id,
534 switch (operation_id) {
538 ossl_prov_cache_exported_algorithms(fips_ciphers, exported_fips_ciphers);
539 return exported_fips_ciphers;
546 case OSSL_OP_KEYMGMT:
548 case OSSL_OP_KEYEXCH:
550 case OSSL_OP_SIGNATURE:
551 return fips_signature;
552 case OSSL_OP_ASYM_CIPHER:
553 return fips_asym_cipher;
558 static void fips_teardown(void *provctx)
560 OPENSSL_CTX_free(PROV_LIBRARY_CONTEXT_OF(provctx));
561 PROV_CTX_free(provctx);
564 static void fips_intern_teardown(void *provctx)
567 * We know that the library context is the same as for the outer provider,
568 * so no need to destroy it here.
570 PROV_CTX_free(provctx);
573 /* Functions we provide to the core */
574 static const OSSL_DISPATCH fips_dispatch_table[] = {
575 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fips_teardown },
576 { OSSL_FUNC_PROVIDER_GETTABLE_PARAMS, (void (*)(void))fips_gettable_params },
577 { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))fips_get_params },
578 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
579 { OSSL_FUNC_PROVIDER_GET_CAPABILITIES, (void (*)(void))provider_get_capabilities },
583 /* Functions we provide to ourself */
584 static const OSSL_DISPATCH intern_dispatch_table[] = {
585 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fips_intern_teardown },
586 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
591 int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
592 const OSSL_DISPATCH *in,
593 const OSSL_DISPATCH **out,
597 OPENSSL_CTX *libctx = NULL;
598 OSSL_self_test_cb_fn *stcbfn = NULL;
599 OSSL_core_get_library_context_fn *c_get_libctx = NULL;
601 for (; in->function_id != 0; in++) {
602 switch (in->function_id) {
603 case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT:
604 c_get_libctx = OSSL_get_core_get_library_context(in);
606 case OSSL_FUNC_CORE_GETTABLE_PARAMS:
607 c_gettable_params = OSSL_get_core_gettable_params(in);
609 case OSSL_FUNC_CORE_GET_PARAMS:
610 c_get_params = OSSL_get_core_get_params(in);
612 case OSSL_FUNC_CORE_THREAD_START:
613 c_thread_start = OSSL_get_core_thread_start(in);
615 case OSSL_FUNC_CORE_NEW_ERROR:
616 c_new_error = OSSL_get_core_new_error(in);
618 case OSSL_FUNC_CORE_SET_ERROR_DEBUG:
619 c_set_error_debug = OSSL_get_core_set_error_debug(in);
621 case OSSL_FUNC_CORE_VSET_ERROR:
622 c_vset_error = OSSL_get_core_vset_error(in);
624 case OSSL_FUNC_CORE_SET_ERROR_MARK:
625 c_set_error_mark = OSSL_get_core_set_error_mark(in);
627 case OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK:
628 c_clear_last_error_mark = OSSL_get_core_clear_last_error_mark(in);
630 case OSSL_FUNC_CORE_POP_ERROR_TO_MARK:
631 c_pop_error_to_mark = OSSL_get_core_pop_error_to_mark(in);
633 case OSSL_FUNC_CRYPTO_MALLOC:
634 c_CRYPTO_malloc = OSSL_get_CRYPTO_malloc(in);
636 case OSSL_FUNC_CRYPTO_ZALLOC:
637 c_CRYPTO_zalloc = OSSL_get_CRYPTO_zalloc(in);
639 case OSSL_FUNC_CRYPTO_FREE:
640 c_CRYPTO_free = OSSL_get_CRYPTO_free(in);
642 case OSSL_FUNC_CRYPTO_CLEAR_FREE:
643 c_CRYPTO_clear_free = OSSL_get_CRYPTO_clear_free(in);
645 case OSSL_FUNC_CRYPTO_REALLOC:
646 c_CRYPTO_realloc = OSSL_get_CRYPTO_realloc(in);
648 case OSSL_FUNC_CRYPTO_CLEAR_REALLOC:
649 c_CRYPTO_clear_realloc = OSSL_get_CRYPTO_clear_realloc(in);
651 case OSSL_FUNC_CRYPTO_SECURE_MALLOC:
652 c_CRYPTO_secure_malloc = OSSL_get_CRYPTO_secure_malloc(in);
654 case OSSL_FUNC_CRYPTO_SECURE_ZALLOC:
655 c_CRYPTO_secure_zalloc = OSSL_get_CRYPTO_secure_zalloc(in);
657 case OSSL_FUNC_CRYPTO_SECURE_FREE:
658 c_CRYPTO_secure_free = OSSL_get_CRYPTO_secure_free(in);
660 case OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE:
661 c_CRYPTO_secure_clear_free = OSSL_get_CRYPTO_secure_clear_free(in);
663 case OSSL_FUNC_CRYPTO_SECURE_ALLOCATED:
664 c_CRYPTO_secure_allocated = OSSL_get_CRYPTO_secure_allocated(in);
666 case OSSL_FUNC_BIO_NEW_FILE:
667 selftest_params.bio_new_file_cb = OSSL_get_BIO_new_file(in);
669 case OSSL_FUNC_BIO_NEW_MEMBUF:
670 selftest_params.bio_new_buffer_cb = OSSL_get_BIO_new_membuf(in);
672 case OSSL_FUNC_BIO_READ_EX:
673 selftest_params.bio_read_ex_cb = OSSL_get_BIO_read_ex(in);
675 case OSSL_FUNC_BIO_FREE:
676 selftest_params.bio_free_cb = OSSL_get_BIO_free(in);
678 case OSSL_FUNC_BIO_VSNPRINTF:
679 c_BIO_vsnprintf = OSSL_get_BIO_vsnprintf(in);
681 case OSSL_FUNC_SELF_TEST_CB: {
682 stcbfn = OSSL_get_self_test_cb(in);
686 /* Just ignore anything we don't understand */
691 if (stcbfn != NULL && c_get_libctx != NULL) {
692 stcbfn(c_get_libctx(handle), &selftest_params.cb,
693 &selftest_params.cb_arg);
696 selftest_params.cb = NULL;
697 selftest_params.cb_arg = NULL;
700 if (!c_get_params(handle, core_params))
703 /* Create a context. */
704 if ((*provctx = PROV_CTX_new()) == NULL
705 || (libctx = OPENSSL_CTX_new()) == NULL) {
707 * We free libctx separately here and only here because it hasn't
708 * been attached to *provctx. All other error paths below rely
709 * solely on fips_teardown.
711 OPENSSL_CTX_free(libctx);
714 PROV_CTX_set0_library_context(*provctx, libctx);
715 PROV_CTX_set0_handle(*provctx, handle);
717 if ((fgbl = openssl_ctx_get_data(libctx, OPENSSL_CTX_FIPS_PROV_INDEX,
718 &fips_prov_ossl_ctx_method)) == NULL)
721 fgbl->handle = handle;
723 selftest_params.libctx = libctx;
724 if (!SELF_TEST_post(&selftest_params, 0))
728 * TODO(3.0): Remove me. This is just a dummy call to demonstrate making
729 * EVP calls from within the FIPS module.
731 if (!dummy_evp_call(libctx))
734 *out = fips_dispatch_table;
738 fips_teardown(*provctx);
744 * The internal init function used when the FIPS module uses EVP to call
745 * another algorithm also in the FIPS module. This is a recursive call that has
746 * been made from within the FIPS module itself. To make this work, we populate
747 * the provider context of this inner instance with the same library context
748 * that was used in the EVP call that initiated this recursive call.
750 OSSL_provider_init_fn fips_intern_provider_init;
751 int fips_intern_provider_init(const OSSL_CORE_HANDLE *handle,
752 const OSSL_DISPATCH *in,
753 const OSSL_DISPATCH **out,
756 OSSL_core_get_library_context_fn *c_get_libctx = NULL;
758 for (; in->function_id != 0; in++) {
759 switch (in->function_id) {
760 case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT:
761 c_get_libctx = OSSL_get_core_get_library_context(in);
768 if (c_get_libctx == NULL)
771 if ((*provctx = PROV_CTX_new()) == NULL)
774 * Using the parent library context only works because we are a built-in
775 * internal provider. This is not something that most providers would be
778 PROV_CTX_set0_library_context(*provctx, (OPENSSL_CTX *)c_get_libctx(handle));
779 PROV_CTX_set0_handle(*provctx, handle);
781 *out = intern_dispatch_table;
790 void ERR_set_debug(const char *file, int line, const char *func)
792 c_set_error_debug(NULL, file, line, func);
795 void ERR_set_error(int lib, int reason, const char *fmt, ...)
800 c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
804 void ERR_vset_error(int lib, int reason, const char *fmt, va_list args)
806 c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
809 int ERR_set_mark(void)
811 return c_set_error_mark(NULL);
814 int ERR_clear_last_mark(void)
816 return c_clear_last_error_mark(NULL);
819 int ERR_pop_to_mark(void)
821 return c_pop_error_to_mark(NULL);
825 * This must take a library context, since it's called from the depths
826 * of crypto/initthread.c code, where it's (correctly) assumed that the
827 * passed caller argument is an OPENSSL_CTX pointer (since the same routine
828 * is also called from other parts of libcrypto, which all pass around a
829 * OPENSSL_CTX pointer)
831 const OSSL_CORE_HANDLE *FIPS_get_core_handle(OPENSSL_CTX *libctx)
833 FIPS_GLOBAL *fgbl = openssl_ctx_get_data(libctx,
834 OPENSSL_CTX_FIPS_PROV_INDEX,
835 &fips_prov_ossl_ctx_method);
843 void *CRYPTO_malloc(size_t num, const char *file, int line)
845 return c_CRYPTO_malloc(num, file, line);
848 void *CRYPTO_zalloc(size_t num, const char *file, int line)
850 return c_CRYPTO_zalloc(num, file, line);
853 void CRYPTO_free(void *ptr, const char *file, int line)
855 c_CRYPTO_free(ptr, file, line);
858 void CRYPTO_clear_free(void *ptr, size_t num, const char *file, int line)
860 c_CRYPTO_clear_free(ptr, num, file, line);
863 void *CRYPTO_realloc(void *addr, size_t num, const char *file, int line)
865 return c_CRYPTO_realloc(addr, num, file, line);
868 void *CRYPTO_clear_realloc(void *addr, size_t old_num, size_t num,
869 const char *file, int line)
871 return c_CRYPTO_clear_realloc(addr, old_num, num, file, line);
874 void *CRYPTO_secure_malloc(size_t num, const char *file, int line)
876 return c_CRYPTO_secure_malloc(num, file, line);
879 void *CRYPTO_secure_zalloc(size_t num, const char *file, int line)
881 return c_CRYPTO_secure_zalloc(num, file, line);
884 void CRYPTO_secure_free(void *ptr, const char *file, int line)
886 c_CRYPTO_secure_free(ptr, file, line);
889 void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *file, int line)
891 c_CRYPTO_secure_clear_free(ptr, num, file, line);
894 int CRYPTO_secure_allocated(const void *ptr)
896 return c_CRYPTO_secure_allocated(ptr);
899 int BIO_snprintf(char *buf, size_t n, const char *format, ...)
904 va_start(args, format);
905 ret = c_BIO_vsnprintf(buf, n, format, args);