#include <openssl/proverr.h>
#ifndef FIPS_MODULE
# include <openssl/engine.h>
+# include "crypto/evp.h"
#endif
#include "prov/provider_util.h"
#include "internal/nelem.h"
ERR_set_mark();
pc->cipher = pc->alloc_cipher = EVP_CIPHER_fetch(ctx, p->data, propquery);
#ifndef FIPS_MODULE /* Inside the FIPS module, we don't support legacy ciphers */
- if (pc->cipher == NULL)
- pc->cipher = EVP_get_cipherbyname(p->data);
+ if (pc->cipher == NULL) {
+ const EVP_CIPHER *cipher;
+
+ cipher = EVP_get_cipherbyname(p->data);
+ /* Do not use global EVP_CIPHERs */
+ if (cipher != NULL && cipher->origin != EVP_ORIG_GLOBAL)
+ pc->cipher = cipher;
+ }
#endif
if (pc->cipher != NULL)
ERR_pop_to_mark();
ERR_set_mark();
ossl_prov_digest_fetch(pd, ctx, p->data, propquery);
#ifndef FIPS_MODULE /* Inside the FIPS module, we don't support legacy digests */
- if (pd->md == NULL)
- pd->md = EVP_get_digestbyname(p->data);
+ if (pd->md == NULL) {
+ const EVP_MD *md;
+
+ md = EVP_get_digestbyname(p->data);
+ /* Do not use global EVP_MDs */
+ if (md != NULL && md->origin != EVP_ORIG_GLOBAL)
+ pd->md = md;
+ }
#endif
if (pd->md != NULL)
ERR_pop_to_mark();
unsigned int iterations = 4096;
OSSL_LIB_CTX *libctx = NULL;
OSSL_PARAM *params = NULL;
- OSSL_PROVIDER *prov = NULL;
+ OSSL_PROVIDER *legacyprov = NULL;
+ OSSL_PROVIDER *defprov = NULL;
const unsigned char expected[sizeof(out)] = {
0xfb, 0x83, 0x4d, 0x36, 0x6d, 0xbc, 0x53, 0x87, 0x35, 0x1b, 0x34, 0x75,
0x95, 0x88, 0x32, 0x4f, 0x3e, 0x82, 0x81, 0x01, 0x21, 0x93, 0x64, 0x00,
goto err;
/* PBKDF1 only available in the legacy provider */
- prov = OSSL_PROVIDER_load(libctx, "legacy");
- if (prov == NULL) {
+ legacyprov = OSSL_PROVIDER_load(libctx, "legacy");
+ if (legacyprov == NULL) {
OSSL_LIB_CTX_free(libctx);
return TEST_skip("PBKDF1 only available in legacy provider");
}
+ if (!TEST_ptr(defprov = OSSL_PROVIDER_load(libctx, "default")))
+ goto err;
+
params = construct_pbkdf1_params("passwordPASSWORDpassword", "sha256",
"saltSALTsaltSALTsaltSALTsaltSALTsalt",
&iterations);
err:
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
- OSSL_PROVIDER_unload(prov);
+ OSSL_PROVIDER_unload(defprov);
+ OSSL_PROVIDER_unload(legacyprov);
OSSL_LIB_CTX_free(libctx);
return ret;
}