2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include <openssl/core.h>
13 #include <openssl/core_numbers.h>
14 #include <openssl/core_names.h>
15 #include <openssl/params.h>
16 #include <openssl/err.h>
17 #include "internal/cryptlib.h"
19 /* Functions provided by the core */
20 static OSSL_core_get_param_types_fn *c_get_param_types = NULL;
21 static OSSL_core_get_params_fn *c_get_params = NULL;
22 static OSSL_core_put_error_fn *c_put_error = NULL;
23 static OSSL_core_add_error_vdata_fn *c_add_error_vdata = NULL;
25 /* Parameters we provide to the core */
26 static const OSSL_ITEM fips_param_types[] = {
27 { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_NAME },
28 { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_VERSION },
29 { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_BUILDINFO },
33 static void fips_teardown(void)
35 do_default_context_deinit();
38 static const OSSL_ITEM *fips_get_param_types(const OSSL_PROVIDER *prov)
40 return fips_param_types;
43 static int fips_get_params(const OSSL_PROVIDER *prov,
44 const OSSL_PARAM params[])
48 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME);
49 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL FIPS Provider"))
51 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION);
52 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR))
54 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO);
55 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR))
61 extern const OSSL_DISPATCH sha256_functions[];
63 static const OSSL_ALGORITHM fips_digests[] = {
64 { "SHA256", "fips=yes", sha256_functions },
68 static const OSSL_ALGORITHM *fips_query(OSSL_PROVIDER *prov,
73 switch (operation_id) {
80 /* Functions we provide to the core */
81 static const OSSL_DISPATCH fips_dispatch_table[] = {
82 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fips_teardown },
83 { OSSL_FUNC_PROVIDER_GET_PARAM_TYPES, (void (*)(void))fips_get_param_types },
84 { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))fips_get_params },
85 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
89 int OSSL_provider_init(const OSSL_PROVIDER *provider,
90 const OSSL_DISPATCH *in,
91 const OSSL_DISPATCH **out,
94 for (; in->function_id != 0; in++) {
95 switch (in->function_id) {
96 case OSSL_FUNC_CORE_GET_PARAM_TYPES:
97 c_get_param_types = OSSL_get_core_get_param_types(in);
99 case OSSL_FUNC_CORE_GET_PARAMS:
100 c_get_params = OSSL_get_core_get_params(in);
102 case OSSL_FUNC_CORE_PUT_ERROR:
103 c_put_error = OSSL_get_core_put_error(in);
105 case OSSL_FUNC_CORE_ADD_ERROR_VDATA:
106 c_add_error_vdata = OSSL_get_core_add_error_vdata(in);
108 /* Just ignore anything we don't understand */
114 *out = fips_dispatch_table;
118 OSSL_provider_init_fn fips_intern_provider_init;
119 int fips_intern_provider_init(const OSSL_PROVIDER *provider,
120 const OSSL_DISPATCH *in,
121 const OSSL_DISPATCH **out)
124 * The internal init function used when the FIPS module uses EVP to call
125 * another algorithm also in the FIPS module.
130 void ERR_put_error(int lib, int func, int reason, const char *file, int line)
133 * TODO(3.0): This works for the FIPS module because we're going to be
134 * using lib/func/reason codes that libcrypto already knows about. This
135 * won't work for third party providers that have their own error mechanisms,
136 * so we'll need to come up with something else for them.
138 c_put_error(lib, func, reason, file, line);
141 void ERR_add_error_data(int num, ...)
145 ERR_add_error_vdata(num, args);
149 void ERR_add_error_vdata(int num, va_list args)
151 c_add_error_vdata(num, args);