Check for provider being runnable in new, dup, init and final calls.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12801)
#include "internal/cryptlib.h"
#include "prov/providercommonerr.h"
#include "prov/implementations.h"
+#include "prov/providercommon.h"
/*
* Forward declaration of everything implemented here. This is not strictly
static void *blake2_mac_new(void *unused_provctx)
{
- struct blake2_mac_data_st *macctx = OPENSSL_zalloc(sizeof(*macctx));
+ struct blake2_mac_data_st *macctx;
+ if (!ossl_prov_is_running())
+ return NULL;
+
+ macctx = OPENSSL_zalloc(sizeof(*macctx));
if (macctx != NULL) {
BLAKE2_PARAM_INIT(&macctx->params);
/* ctx initialization is deferred to BLAKE2b_Init() */
struct blake2_mac_data_st *dst;
struct blake2_mac_data_st *src = vsrc;
+ if (!ossl_prov_is_running())
+ return NULL;
+
dst = OPENSSL_zalloc(sizeof(*dst));
if (dst == NULL)
return NULL;
{
struct blake2_mac_data_st *macctx = vmacctx;
+ if (!ossl_prov_is_running())
+ return 0;
+
/* Check key has been set */
if (macctx->params.key_length == 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
{
struct blake2_mac_data_st *macctx = vmacctx;
+ if (!ossl_prov_is_running())
+ return 0;
+
*outl = blake2_mac_size(macctx);
return BLAKE2_FINAL(out, &macctx->ctx);
}
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "prov/provider_util.h"
+#include "prov/providercommon.h"
/*
* Forward declaration of everything implemented here. This is not strictly
{
struct cmac_data_st *macctx;
+ if (!ossl_prov_is_running())
+ return NULL;
+
if ((macctx = OPENSSL_zalloc(sizeof(*macctx))) == NULL
|| (macctx->ctx = CMAC_CTX_new()) == NULL) {
OPENSSL_free(macctx);
static void *cmac_dup(void *vsrc)
{
struct cmac_data_st *src = vsrc;
- struct cmac_data_st *dst = cmac_new(src->provctx);
+ struct cmac_data_st *dst;
+ if (!ossl_prov_is_running())
+ return NULL;
+
+ dst = cmac_new(src->provctx);
if (!CMAC_CTX_copy(dst->ctx, src->ctx)
|| !ossl_prov_cipher_copy(&dst->cipher, &src->cipher)) {
cmac_free(dst);
static int cmac_init(void *vmacctx)
{
struct cmac_data_st *macctx = vmacctx;
- int rv = CMAC_Init(macctx->ctx, NULL, 0,
- ossl_prov_cipher_cipher(&macctx->cipher),
- ossl_prov_cipher_engine(&macctx->cipher));
+ int rv;
+
+ if (!ossl_prov_is_running())
+ return 0;
+
+ rv = CMAC_Init(macctx->ctx, NULL, 0,
+ ossl_prov_cipher_cipher(&macctx->cipher),
+ ossl_prov_cipher_engine(&macctx->cipher));
ossl_prov_cipher_reset(&macctx->cipher);
return rv;
{
struct cmac_data_st *macctx = vmacctx;
+ if (!ossl_prov_is_running())
+ return 0;
+
return CMAC_Final(macctx->ctx, out, outl);
}
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "prov/provider_util.h"
+#include "prov/providercommon.h"
/*
* Forward declaration of everything implemented here. This is not strictly
{
struct gmac_data_st *macctx;
+ if (!ossl_prov_is_running())
+ return NULL;
+
if ((macctx = OPENSSL_zalloc(sizeof(*macctx))) == NULL
|| (macctx->ctx = EVP_CIPHER_CTX_new()) == NULL) {
gmac_free(macctx);
static void *gmac_dup(void *vsrc)
{
struct gmac_data_st *src = vsrc;
- struct gmac_data_st *dst = gmac_new(src->provctx);
+ struct gmac_data_st *dst;
+
+ if (!ossl_prov_is_running())
+ return NULL;
+ dst = gmac_new(src->provctx);
if (dst == NULL)
return NULL;
static int gmac_init(void *vmacctx)
{
- return 1;
+ return ossl_prov_is_running();
}
static int gmac_update(void *vmacctx, const unsigned char *data,
struct gmac_data_st *macctx = vmacctx;
int hlen = 0;
+ if (!ossl_prov_is_running())
+ return 0;
+
if (!EVP_EncryptFinal_ex(macctx->ctx, out, &hlen))
return 0;
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "prov/provider_util.h"
+#include "prov/providercommon.h"
/*
* Forward declaration of everything implemented here. This is not strictly
{
struct hmac_data_st *macctx;
+ if (!ossl_prov_is_running())
+ return NULL;
+
if ((macctx = OPENSSL_zalloc(sizeof(*macctx))) == NULL
|| (macctx->ctx = HMAC_CTX_new()) == NULL) {
OPENSSL_free(macctx);
static void *hmac_dup(void *vsrc)
{
struct hmac_data_st *src = vsrc;
- struct hmac_data_st *dst = hmac_new(src->provctx);
+ struct hmac_data_st *dst;
HMAC_CTX *ctx;
+ if (!ossl_prov_is_running())
+ return NULL;
+ dst = hmac_new(src->provctx);
if (dst == NULL)
return NULL;
static int hmac_init(void *vmacctx)
{
struct hmac_data_st *macctx = vmacctx;
- const EVP_MD *digest = ossl_prov_digest_md(&macctx->digest);
+ const EVP_MD *digest;
int rv = 1;
+ if (!ossl_prov_is_running())
+ return 0;
+
+ digest = ossl_prov_digest_md(&macctx->digest);
/* HMAC_Init_ex doesn't tolerate all zero params, so we must be careful */
if (macctx->tls_data_size == 0 && digest != NULL)
rv = HMAC_Init_ex(macctx->ctx, NULL, 0, digest,
unsigned int hlen;
struct hmac_data_st *macctx = vmacctx;
+ if (!ossl_prov_is_running())
+ return 0;
if (macctx->tls_data_size > 0) {
if (macctx->tls_mac_out_size == 0)
return 0;
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "prov/provider_util.h"
+#include "prov/providercommon.h"
/*
* Forward declaration of everything implemented here. This is not strictly
{
struct kmac_data_st *kctx;
+ if (!ossl_prov_is_running())
+ return NULL;
+
if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL
|| (kctx->ctx = EVP_MD_CTX_new()) == NULL) {
kmac_free(kctx);
static void *kmac_dup(void *vsrc)
{
struct kmac_data_st *src = vsrc;
- struct kmac_data_st *dst = kmac_new(src->provctx);
+ struct kmac_data_st *dst;
+
+ if (!ossl_prov_is_running())
+ return NULL;
+ dst = kmac_new(src->provctx);
if (dst == NULL)
return NULL;
unsigned char out[KMAC_MAX_BLOCKSIZE];
int out_len, block_len;
+ if (!ossl_prov_is_running())
+ return 0;
/* Check key has been set */
if (kctx->key_len == 0) {
unsigned char encoded_outlen[KMAC_MAX_ENCODED_HEADER_LEN];
int ok;
+ if (!ossl_prov_is_running())
+ return 0;
+
/* KMAC XOF mode sets the encoded length to 0 */
lbits = (kctx->xof_mode ? 0 : (kctx->out_len * 8));
#include "prov/providercommonerr.h"
#include "prov/implementations.h"
+#include "prov/providercommon.h"
/*
* Forward declaration of everything implemented here. This is not strictly
static void *poly1305_new(void *provctx)
{
- struct poly1305_data_st *ctx = OPENSSL_zalloc(sizeof(*ctx));
+ struct poly1305_data_st *ctx;
+ if (!ossl_prov_is_running())
+ return NULL;
+ ctx = OPENSSL_zalloc(sizeof(*ctx));
if (ctx != NULL)
ctx->provctx = provctx;
return ctx;
static void *poly1305_dup(void *vsrc)
{
struct poly1305_data_st *src = vsrc;
- struct poly1305_data_st *dst = poly1305_new(src->provctx);
+ struct poly1305_data_st *dst;
+ if (!ossl_prov_is_running())
+ return NULL;
+ dst = poly1305_new(src->provctx);
if (dst == NULL)
return NULL;
static int poly1305_init(void *vmacctx)
{
/* initialize the context in MAC_ctrl function */
- return 1;
+ return ossl_prov_is_running();
}
static int poly1305_update(void *vmacctx, const unsigned char *data,
{
struct poly1305_data_st *ctx = vmacctx;
+ if (!ossl_prov_is_running())
+ return 0;
Poly1305_Final(&ctx->poly1305, out);
*outl = poly1305_size();
return 1;
#include "prov/providercommonerr.h"
#include "prov/implementations.h"
+#include "prov/providercommon.h"
/*
* Forward declaration of everything implemented here. This is not strictly
static void *siphash_new(void *provctx)
{
- struct siphash_data_st *ctx = OPENSSL_zalloc(sizeof(*ctx));
+ struct siphash_data_st *ctx;
+ if (!ossl_prov_is_running())
+ return NULL;
+ ctx = OPENSSL_zalloc(sizeof(*ctx));
if (ctx != NULL)
ctx->provctx = provctx;
return ctx;
static void *siphash_dup(void *vsrc)
{
struct siphash_data_st *ssrc = vsrc;
- struct siphash_data_st *sdst = siphash_new(ssrc->provctx);
+ struct siphash_data_st *sdst;
+ if (!ossl_prov_is_running())
+ return NULL;
+ sdst = siphash_new(ssrc->provctx);
if (sdst == NULL)
return NULL;
static int siphash_init(void *vmacctx)
{
/* Not much to do here, actual initialization happens through controls */
- return 1;
+ return ossl_prov_is_running();
}
static int siphash_update(void *vmacctx, const unsigned char *data,
struct siphash_data_st *ctx = vmacctx;
size_t hlen = siphash_size(ctx);
- if (outsize < hlen)
+ if (!ossl_prov_is_running() || outsize < hlen)
return 0;
*outl = hlen;