2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include <openssl/core.h>
13 #include <openssl/core_dispatch.h>
14 #include <openssl/core_names.h>
15 #include <openssl/params.h>
16 #include <openssl/err.h>
17 #include <openssl/evp.h>
18 #include <openssl/kdf.h>
20 /* TODO(3.0): Needed for dummy_evp_call(). To be removed */
21 #include <openssl/sha.h>
22 #include <openssl/rand_drbg.h>
23 #include <openssl/ec.h>
24 #include <openssl/fips_names.h>
26 #include "internal/cryptlib.h"
27 #include "internal/property.h"
28 #include "internal/nelem.h"
29 #include "openssl/param_build.h"
30 #include "crypto/evp.h"
31 #include "prov/implementations.h"
32 #include "prov/provider_ctx.h"
33 #include "prov/providercommon.h"
34 #include "prov/providercommonerr.h"
35 #include "prov/provider_util.h"
36 #include "self_test.h"
39 * Forward declarations to ensure that interface functions are correctly
42 static OSSL_FUNC_provider_teardown_fn fips_teardown;
43 static OSSL_FUNC_provider_gettable_params_fn fips_gettable_params;
44 static OSSL_FUNC_provider_get_params_fn fips_get_params;
45 static OSSL_FUNC_provider_query_operation_fn fips_query;
47 #define ALGC(NAMES, FUNC, CHECK) { { NAMES, "provider=fips,fips=yes", FUNC }, CHECK }
48 #define ALG(NAMES, FUNC) ALGC(NAMES, FUNC, NULL)
50 extern OSSL_FUNC_core_thread_start_fn *c_thread_start;
53 * TODO(3.0): Should these be stored in the provider side provctx? Could they
54 * ever be different from one init to the next? Unfortunately we can't do this
55 * at the moment because c_put_error/c_add_error_vdata do not provide
56 * us with the OPENSSL_CTX as a parameter.
59 static SELF_TEST_POST_PARAMS selftest_params;
61 /* Functions provided by the core */
62 static OSSL_FUNC_core_gettable_params_fn *c_gettable_params;
63 static OSSL_FUNC_core_get_params_fn *c_get_params;
64 OSSL_FUNC_core_thread_start_fn *c_thread_start;
65 static OSSL_FUNC_core_new_error_fn *c_new_error;
66 static OSSL_FUNC_core_set_error_debug_fn *c_set_error_debug;
67 static OSSL_FUNC_core_vset_error_fn *c_vset_error;
68 static OSSL_FUNC_core_set_error_mark_fn *c_set_error_mark;
69 static OSSL_FUNC_core_clear_last_error_mark_fn *c_clear_last_error_mark;
70 static OSSL_FUNC_core_pop_error_to_mark_fn *c_pop_error_to_mark;
71 static OSSL_FUNC_CRYPTO_malloc_fn *c_CRYPTO_malloc;
72 static OSSL_FUNC_CRYPTO_zalloc_fn *c_CRYPTO_zalloc;
73 static OSSL_FUNC_CRYPTO_free_fn *c_CRYPTO_free;
74 static OSSL_FUNC_CRYPTO_clear_free_fn *c_CRYPTO_clear_free;
75 static OSSL_FUNC_CRYPTO_realloc_fn *c_CRYPTO_realloc;
76 static OSSL_FUNC_CRYPTO_clear_realloc_fn *c_CRYPTO_clear_realloc;
77 static OSSL_FUNC_CRYPTO_secure_malloc_fn *c_CRYPTO_secure_malloc;
78 static OSSL_FUNC_CRYPTO_secure_zalloc_fn *c_CRYPTO_secure_zalloc;
79 static OSSL_FUNC_CRYPTO_secure_free_fn *c_CRYPTO_secure_free;
80 static OSSL_FUNC_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free;
81 static OSSL_FUNC_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated;
82 static OSSL_FUNC_BIO_vsnprintf_fn *c_BIO_vsnprintf;
84 typedef struct fips_global_st {
85 const OSSL_CORE_HANDLE *handle;
88 static void *fips_prov_ossl_ctx_new(OPENSSL_CTX *libctx)
90 FIPS_GLOBAL *fgbl = OPENSSL_zalloc(sizeof(*fgbl));
95 static void fips_prov_ossl_ctx_free(void *fgbl)
100 static const OPENSSL_CTX_METHOD fips_prov_ossl_ctx_method = {
101 fips_prov_ossl_ctx_new,
102 fips_prov_ossl_ctx_free,
106 /* Parameters we provide to the core */
107 static const OSSL_PARAM fips_param_types[] = {
108 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0),
109 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0),
110 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0),
115 * Parameters to retrieve from the core provider - required for self testing.
116 * NOTE: inside core_get_params() these will be loaded from config items
117 * stored inside prov->parameters (except for
118 * OSSL_PROV_PARAM_CORE_MODULE_FILENAME).
120 static OSSL_PARAM core_params[] =
122 OSSL_PARAM_utf8_ptr(OSSL_PROV_PARAM_CORE_MODULE_FILENAME,
123 selftest_params.module_filename,
124 sizeof(selftest_params.module_filename)),
125 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_MODULE_MAC,
126 selftest_params.module_checksum_data,
127 sizeof(selftest_params.module_checksum_data)),
128 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_INSTALL_MAC,
129 selftest_params.indicator_checksum_data,
130 sizeof(selftest_params.indicator_checksum_data)),
131 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_INSTALL_STATUS,
132 selftest_params.indicator_data,
133 sizeof(selftest_params.indicator_data)),
134 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_INSTALL_VERSION,
135 selftest_params.indicator_version,
136 sizeof(selftest_params.indicator_version)),
140 /* TODO(3.0): To be removed */
141 static int dummy_evp_call(OPENSSL_CTX *libctx)
143 EVP_MD_CTX *ctx = EVP_MD_CTX_new();
144 EVP_MD *sha256 = EVP_MD_fetch(libctx, "SHA256", NULL);
145 EVP_KDF *kdf = EVP_KDF_fetch(libctx, OSSL_KDF_NAME_PBKDF2, NULL);
146 unsigned char dgst[SHA256_DIGEST_LENGTH];
147 unsigned int dgstlen;
149 BN_CTX *bnctx = NULL;
150 BIGNUM *a = NULL, *b = NULL;
151 unsigned char randbuf[128];
152 RAND_DRBG *drbg = OPENSSL_CTX_get0_public_drbg(libctx);
153 #ifndef OPENSSL_NO_EC
157 static const char msg[] = "Hello World!";
158 static const unsigned char exptd[] = {
159 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
160 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,
161 0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69
164 if (ctx == NULL || sha256 == NULL || drbg == NULL || kdf == NULL)
167 if (!EVP_DigestInit_ex(ctx, sha256, NULL))
169 if (!EVP_DigestUpdate(ctx, msg, sizeof(msg) - 1))
171 if (!EVP_DigestFinal(ctx, dgst, &dgstlen))
173 if (dgstlen != sizeof(exptd) || memcmp(dgst, exptd, sizeof(exptd)) != 0)
176 bnctx = BN_CTX_new_ex(libctx);
180 a = BN_CTX_get(bnctx);
181 b = BN_CTX_get(bnctx);
187 || BN_cmp(a, b) != 0)
190 if (RAND_DRBG_bytes(drbg, randbuf, sizeof(randbuf)) <= 0)
193 if (!BN_rand_ex(a, 256, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, bnctx))
196 #ifndef OPENSSL_NO_EC
197 /* Do some dummy EC calls */
198 key = EC_KEY_new_by_curve_name_with_libctx(libctx, NULL, NID_X9_62_prime256v1);
202 if (!EC_KEY_generate_key(key))
212 EVP_MD_CTX_free(ctx);
215 #ifndef OPENSSL_NO_EC
221 static const OSSL_PARAM *fips_gettable_params(void *provctx)
223 return fips_param_types;
226 static int fips_get_params(void *provctx, OSSL_PARAM params[])
230 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME);
231 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL FIPS Provider"))
233 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION);
234 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR))
236 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO);
237 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR))
243 /* FIPS specific version of the function of the same name in provlib.c */
244 const char *ossl_prov_util_nid_to_name(int nid)
246 /* We don't have OBJ_nid2n() in FIPS_MODULE so we have an explicit list */
261 return "SHA-512/224";
263 return "SHA-512/256";
274 case NID_aes_256_ecb:
275 return "AES-256-ECB";
276 case NID_aes_192_ecb:
277 return "AES-192-ECB";
278 case NID_aes_128_ecb:
279 return "AES-128-ECB";
280 case NID_aes_256_cbc:
281 return "AES-256-CBC";
282 case NID_aes_192_cbc:
283 return "AES-192-CBC";
284 case NID_aes_128_cbc:
285 return "AES-128-CBC";
286 case NID_aes_256_ctr:
287 return "AES-256-CTR";
288 case NID_aes_192_ctr:
289 return "AES-192-CTR";
290 case NID_aes_128_ctr:
291 return "AES-128-CTR";
292 case NID_aes_256_xts:
293 return "AES-256-XTS";
294 case NID_aes_128_xts:
295 return "AES-128-XTS";
296 case NID_aes_256_gcm:
297 return "AES-256-GCM";
298 case NID_aes_192_gcm:
299 return "AES-192-GCM";
300 case NID_aes_128_gcm:
301 return "AES-128-GCM";
302 case NID_aes_256_ccm:
303 return "AES-256-CCM";
304 case NID_aes_192_ccm:
305 return "AES-192-CCM";
306 case NID_aes_128_ccm:
307 return "AES-128-CCM";
308 case NID_id_aes256_wrap:
309 return "AES-256-WRAP";
310 case NID_id_aes192_wrap:
311 return "AES-192-WRAP";
312 case NID_id_aes128_wrap:
313 return "AES-128-WRAP";
314 case NID_id_aes256_wrap_pad:
315 return "AES-256-WRAP-PAD";
316 case NID_id_aes192_wrap_pad:
317 return "AES-192-WRAP-PAD";
318 case NID_id_aes128_wrap_pad:
319 return "AES-128-WRAP-PAD";
320 case NID_des_ede3_ecb:
322 case NID_des_ede3_cbc:
323 return "DES-EDE3-CBC";
324 case NID_aes_256_cbc_hmac_sha256:
325 return "AES-256-CBC-HMAC-SHA256";
326 case NID_aes_128_cbc_hmac_sha256:
327 return "AES-128-CBC-HMAC-SHA256";
328 case NID_aes_256_cbc_hmac_sha1:
329 return "AES-256-CBC-HMAC-SHA1";
330 case NID_aes_128_cbc_hmac_sha1:
331 return "AES-128-CBC-HMAC-SHA1";
340 * For the algorithm names, we use the following formula for our primary
343 * ALGNAME[VERSION?][-SUBNAME[VERSION?]?][-SIZE?][-MODE?]
345 * VERSION is only present if there are multiple versions of
346 * an alg (MD2, MD4, MD5). It may be omitted if there is only
347 * one version (if a subsequent version is released in the future,
348 * we can always change the canonical name, and add the old name
351 * SUBNAME may be present where we are combining multiple
352 * algorithms together, e.g. MD5-SHA1.
354 * SIZE is only present if multiple versions of an algorithm exist
355 * with different sizes (e.g. AES-128-CBC, AES-256-CBC)
357 * MODE is only present where applicable.
359 * We add diverse other names where applicable, such as the names that
360 * NIST uses, or that are used for ASN.1 OBJECT IDENTIFIERs, or names
361 * we have used historically.
363 static const OSSL_ALGORITHM fips_digests[] = {
364 /* Our primary name:NiST name[:our older names] */
365 { "SHA1:SHA-1", "provider=fips,fips=yes", sha1_functions },
366 { "SHA2-224:SHA-224:SHA224", "provider=fips,fips=yes", sha224_functions },
367 { "SHA2-256:SHA-256:SHA256", "provider=fips,fips=yes", sha256_functions },
368 { "SHA2-384:SHA-384:SHA384", "provider=fips,fips=yes", sha384_functions },
369 { "SHA2-512:SHA-512:SHA512", "provider=fips,fips=yes", sha512_functions },
370 { "SHA2-512/224:SHA-512/224:SHA512-224", "provider=fips,fips=yes",
371 sha512_224_functions },
372 { "SHA2-512/256:SHA-512/256:SHA512-256", "provider=fips,fips=yes",
373 sha512_256_functions },
375 /* We agree with NIST here, so one name only */
376 { "SHA3-224", "provider=fips,fips=yes", sha3_224_functions },
377 { "SHA3-256", "provider=fips,fips=yes", sha3_256_functions },
378 { "SHA3-384", "provider=fips,fips=yes", sha3_384_functions },
379 { "SHA3-512", "provider=fips,fips=yes", sha3_512_functions },
381 { "SHAKE-128:SHAKE128", "provider=fips,fips=yes", shake_128_functions },
382 { "SHAKE-256:SHAKE256", "provider=fips,fips=yes", shake_256_functions },
385 * KECCAK-KMAC-128 and KECCAK-KMAC-256 as hashes are mostly useful for
386 * KMAC128 and KMAC256.
388 { "KECCAK-KMAC-128:KECCAK-KMAC128", "provider=fips,fips=yes",
389 keccak_kmac_128_functions },
390 { "KECCAK-KMAC-256:KECCAK-KMAC256", "provider=fips,fips=yes",
391 keccak_kmac_256_functions },
395 static const OSSL_ALGORITHM_CAPABLE fips_ciphers[] = {
396 /* Our primary name[:ASN.1 OID name][:our older names] */
397 ALG("AES-256-ECB", aes256ecb_functions),
398 ALG("AES-192-ECB", aes192ecb_functions),
399 ALG("AES-128-ECB", aes128ecb_functions),
400 ALG("AES-256-CBC", aes256cbc_functions),
401 ALG("AES-192-CBC", aes192cbc_functions),
402 ALG("AES-128-CBC", aes128cbc_functions),
403 ALG("AES-256-CBC-CTS", aes256cbc_cts_functions),
404 ALG("AES-192-CBC-CTS", aes192cbc_cts_functions),
405 ALG("AES-128-CBC-CTS", aes128cbc_cts_functions),
406 ALG("AES-256-OFB", aes256ofb_functions),
407 ALG("AES-192-OFB", aes192ofb_functions),
408 ALG("AES-128-OFB", aes128ofb_functions),
409 ALG("AES-256-CFB", aes256cfb_functions),
410 ALG("AES-192-CFB", aes192cfb_functions),
411 ALG("AES-128-CFB", aes128cfb_functions),
412 ALG("AES-256-CFB1", aes256cfb1_functions),
413 ALG("AES-192-CFB1", aes192cfb1_functions),
414 ALG("AES-128-CFB1", aes128cfb1_functions),
415 ALG("AES-256-CFB8", aes256cfb8_functions),
416 ALG("AES-192-CFB8", aes192cfb8_functions),
417 ALG("AES-128-CFB8", aes128cfb8_functions),
418 ALG("AES-256-CTR", aes256ctr_functions),
419 ALG("AES-192-CTR", aes192ctr_functions),
420 ALG("AES-128-CTR", aes128ctr_functions),
421 ALG("AES-256-XTS", aes256xts_functions),
422 ALG("AES-128-XTS", aes128xts_functions),
423 ALG("AES-256-GCM:id-aes256-GCM", aes256gcm_functions),
424 ALG("AES-192-GCM:id-aes192-GCM", aes192gcm_functions),
425 ALG("AES-128-GCM:id-aes128-GCM", aes128gcm_functions),
426 ALG("AES-256-CCM:id-aes256-CCM", aes256ccm_functions),
427 ALG("AES-192-CCM:id-aes192-CCM", aes192ccm_functions),
428 ALG("AES-128-CCM:id-aes128-CCM", aes128ccm_functions),
429 ALG("AES-256-WRAP:id-aes256-wrap:AES256-WRAP", aes256wrap_functions),
430 ALG("AES-192-WRAP:id-aes192-wrap:AES192-WRAP", aes192wrap_functions),
431 ALG("AES-128-WRAP:id-aes128-wrap:AES128-WRAP", aes128wrap_functions),
432 ALG("AES-256-WRAP-PAD:id-aes256-wrap-pad:AES256-WRAP-PAD",
433 aes256wrappad_functions),
434 ALG("AES-192-WRAP-PAD:id-aes192-wrap-pad:AES192-WRAP-PAD",
435 aes192wrappad_functions),
436 ALG("AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD",
437 aes128wrappad_functions),
438 ALGC("AES-128-CBC-HMAC-SHA1", aes128cbc_hmac_sha1_functions,
439 cipher_capable_aes_cbc_hmac_sha1),
440 ALGC("AES-256-CBC-HMAC-SHA1", aes256cbc_hmac_sha1_functions,
441 cipher_capable_aes_cbc_hmac_sha1),
442 ALGC("AES-128-CBC-HMAC-SHA256", aes128cbc_hmac_sha256_functions,
443 cipher_capable_aes_cbc_hmac_sha256),
444 ALGC("AES-256-CBC-HMAC-SHA256", aes256cbc_hmac_sha256_functions,
445 cipher_capable_aes_cbc_hmac_sha256),
446 #ifndef OPENSSL_NO_DES
447 ALG("DES-EDE3-ECB:DES-EDE3", tdes_ede3_ecb_functions),
448 ALG("DES-EDE3-CBC:DES3", tdes_ede3_cbc_functions),
449 #endif /* OPENSSL_NO_DES */
450 { { NULL, NULL, NULL }, NULL }
452 static OSSL_ALGORITHM exported_fips_ciphers[OSSL_NELEM(fips_ciphers)];
454 static const OSSL_ALGORITHM fips_macs[] = {
455 #ifndef OPENSSL_NO_CMAC
456 { "CMAC", "provider=fips,fips=yes", cmac_functions },
458 { "GMAC", "provider=fips,fips=yes", gmac_functions },
459 { "HMAC", "provider=fips,fips=yes", hmac_functions },
460 { "KMAC-128:KMAC128", "provider=fips,fips=yes", kmac128_functions },
461 { "KMAC-256:KMAC256", "provider=fips,fips=yes", kmac256_functions },
465 static const OSSL_ALGORITHM fips_kdfs[] = {
466 { "HKDF", "provider=fips,fips=yes", kdf_hkdf_functions },
467 { "SSKDF", "provider=fips,fips=yes", kdf_sskdf_functions },
468 { "PBKDF2", "provider=fips,fips=yes", kdf_pbkdf2_functions },
469 { "SSHKDF", "provider=fips,fips=yes", kdf_sshkdf_functions },
470 { "X963KDF", "provider=fips,fips=yes", kdf_x963_kdf_functions },
471 { "TLS1-PRF", "provider=fips,fips=yes", kdf_tls1_prf_functions },
472 { "KBKDF", "provider=fips,fips=yes", kdf_kbkdf_functions },
476 static const OSSL_ALGORITHM fips_rands[] = {
477 { "CTR-DRBG", "provider=fips", drbg_ctr_functions },
478 { "HASH-DRBG", "provider=fips", drbg_hash_functions },
479 { "HMAC-DRBG", "provider=fips", drbg_hmac_functions },
480 { "TEST-RAND", "provider=fips", test_rng_functions },
484 static const OSSL_ALGORITHM fips_keyexch[] = {
485 #ifndef OPENSSL_NO_DH
486 { "DH:dhKeyAgreement", "provider=fips,fips=yes", dh_keyexch_functions },
488 #ifndef OPENSSL_NO_EC
489 { "ECDH", "provider=fips,fips=yes", ecdh_keyexch_functions },
490 { "X25519", "provider=fips,fips=no", x25519_keyexch_functions },
491 { "X448", "provider=fips,fips=no", x448_keyexch_functions },
496 static const OSSL_ALGORITHM fips_signature[] = {
497 #ifndef OPENSSL_NO_DSA
498 { "DSA:dsaEncryption", "provider=fips,fips=yes", dsa_signature_functions },
500 { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_signature_functions },
501 #ifndef OPENSSL_NO_EC
502 { "ED25519", "provider=fips,fips=no", ed25519_signature_functions },
503 { "ED448", "provider=fips,fips=no", ed448_signature_functions },
504 { "ECDSA", "provider=fips,fips=yes", ecdsa_signature_functions },
509 static const OSSL_ALGORITHM fips_asym_cipher[] = {
510 { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_asym_cipher_functions },
514 static const OSSL_ALGORITHM fips_keymgmt[] = {
515 #ifndef OPENSSL_NO_DH
516 { "DH:dhKeyAgreement", "provider=fips,fips=yes", dh_keymgmt_functions },
518 #ifndef OPENSSL_NO_DSA
519 { "DSA", "provider=fips,fips=yes", dsa_keymgmt_functions },
521 { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_keymgmt_functions },
522 { "RSA-PSS:RSASSA-PSS", "provider=fips,fips=yes",
523 rsapss_keymgmt_functions },
524 #ifndef OPENSSL_NO_EC
525 { "EC:id-ecPublicKey", "provider=fips,fips=yes", ec_keymgmt_functions },
526 { "X25519", "provider=fips,fips=no", x25519_keymgmt_functions },
527 { "X448", "provider=fips,fips=no", x448_keymgmt_functions },
528 { "ED25519", "provider=fips,fips=no", ed25519_keymgmt_functions },
529 { "ED448", "provider=fips,fips=no", ed448_keymgmt_functions },
534 static const OSSL_ALGORITHM *fips_query(void *provctx, int operation_id,
538 switch (operation_id) {
542 ossl_prov_cache_exported_algorithms(fips_ciphers, exported_fips_ciphers);
543 return exported_fips_ciphers;
550 case OSSL_OP_KEYMGMT:
552 case OSSL_OP_KEYEXCH:
554 case OSSL_OP_SIGNATURE:
555 return fips_signature;
556 case OSSL_OP_ASYM_CIPHER:
557 return fips_asym_cipher;
562 static void fips_teardown(void *provctx)
564 OPENSSL_CTX_free(PROV_LIBRARY_CONTEXT_OF(provctx));
565 PROV_CTX_free(provctx);
568 static void fips_intern_teardown(void *provctx)
571 * We know that the library context is the same as for the outer provider,
572 * so no need to destroy it here.
574 PROV_CTX_free(provctx);
577 /* Functions we provide to the core */
578 static const OSSL_DISPATCH fips_dispatch_table[] = {
579 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fips_teardown },
580 { OSSL_FUNC_PROVIDER_GETTABLE_PARAMS, (void (*)(void))fips_gettable_params },
581 { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))fips_get_params },
582 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
583 { OSSL_FUNC_PROVIDER_GET_CAPABILITIES, (void (*)(void))provider_get_capabilities },
587 /* Functions we provide to ourself */
588 static const OSSL_DISPATCH intern_dispatch_table[] = {
589 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fips_intern_teardown },
590 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
595 int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
596 const OSSL_DISPATCH *in,
597 const OSSL_DISPATCH **out,
601 OPENSSL_CTX *libctx = NULL;
602 OSSL_FUNC_self_test_cb_fn *stcbfn = NULL;
603 OSSL_FUNC_core_get_library_context_fn *c_get_libctx = NULL;
605 for (; in->function_id != 0; in++) {
606 switch (in->function_id) {
607 case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT:
608 c_get_libctx = OSSL_FUNC_core_get_library_context(in);
610 case OSSL_FUNC_CORE_GETTABLE_PARAMS:
611 c_gettable_params = OSSL_FUNC_core_gettable_params(in);
613 case OSSL_FUNC_CORE_GET_PARAMS:
614 c_get_params = OSSL_FUNC_core_get_params(in);
616 case OSSL_FUNC_CORE_THREAD_START:
617 c_thread_start = OSSL_FUNC_core_thread_start(in);
619 case OSSL_FUNC_CORE_NEW_ERROR:
620 c_new_error = OSSL_FUNC_core_new_error(in);
622 case OSSL_FUNC_CORE_SET_ERROR_DEBUG:
623 c_set_error_debug = OSSL_FUNC_core_set_error_debug(in);
625 case OSSL_FUNC_CORE_VSET_ERROR:
626 c_vset_error = OSSL_FUNC_core_vset_error(in);
628 case OSSL_FUNC_CORE_SET_ERROR_MARK:
629 c_set_error_mark = OSSL_FUNC_core_set_error_mark(in);
631 case OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK:
632 c_clear_last_error_mark = OSSL_FUNC_core_clear_last_error_mark(in);
634 case OSSL_FUNC_CORE_POP_ERROR_TO_MARK:
635 c_pop_error_to_mark = OSSL_FUNC_core_pop_error_to_mark(in);
637 case OSSL_FUNC_CRYPTO_MALLOC:
638 c_CRYPTO_malloc = OSSL_FUNC_CRYPTO_malloc(in);
640 case OSSL_FUNC_CRYPTO_ZALLOC:
641 c_CRYPTO_zalloc = OSSL_FUNC_CRYPTO_zalloc(in);
643 case OSSL_FUNC_CRYPTO_FREE:
644 c_CRYPTO_free = OSSL_FUNC_CRYPTO_free(in);
646 case OSSL_FUNC_CRYPTO_CLEAR_FREE:
647 c_CRYPTO_clear_free = OSSL_FUNC_CRYPTO_clear_free(in);
649 case OSSL_FUNC_CRYPTO_REALLOC:
650 c_CRYPTO_realloc = OSSL_FUNC_CRYPTO_realloc(in);
652 case OSSL_FUNC_CRYPTO_CLEAR_REALLOC:
653 c_CRYPTO_clear_realloc = OSSL_FUNC_CRYPTO_clear_realloc(in);
655 case OSSL_FUNC_CRYPTO_SECURE_MALLOC:
656 c_CRYPTO_secure_malloc = OSSL_FUNC_CRYPTO_secure_malloc(in);
658 case OSSL_FUNC_CRYPTO_SECURE_ZALLOC:
659 c_CRYPTO_secure_zalloc = OSSL_FUNC_CRYPTO_secure_zalloc(in);
661 case OSSL_FUNC_CRYPTO_SECURE_FREE:
662 c_CRYPTO_secure_free = OSSL_FUNC_CRYPTO_secure_free(in);
664 case OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE:
665 c_CRYPTO_secure_clear_free = OSSL_FUNC_CRYPTO_secure_clear_free(in);
667 case OSSL_FUNC_CRYPTO_SECURE_ALLOCATED:
668 c_CRYPTO_secure_allocated = OSSL_FUNC_CRYPTO_secure_allocated(in);
670 case OSSL_FUNC_BIO_NEW_FILE:
671 selftest_params.bio_new_file_cb = OSSL_FUNC_BIO_new_file(in);
673 case OSSL_FUNC_BIO_NEW_MEMBUF:
674 selftest_params.bio_new_buffer_cb = OSSL_FUNC_BIO_new_membuf(in);
676 case OSSL_FUNC_BIO_READ_EX:
677 selftest_params.bio_read_ex_cb = OSSL_FUNC_BIO_read_ex(in);
679 case OSSL_FUNC_BIO_FREE:
680 selftest_params.bio_free_cb = OSSL_FUNC_BIO_free(in);
682 case OSSL_FUNC_BIO_VSNPRINTF:
683 c_BIO_vsnprintf = OSSL_FUNC_BIO_vsnprintf(in);
685 case OSSL_FUNC_SELF_TEST_CB: {
686 stcbfn = OSSL_FUNC_self_test_cb(in);
690 /* Just ignore anything we don't understand */
695 if (stcbfn != NULL && c_get_libctx != NULL) {
696 stcbfn(c_get_libctx(handle), &selftest_params.cb,
697 &selftest_params.cb_arg);
700 selftest_params.cb = NULL;
701 selftest_params.cb_arg = NULL;
704 if (!c_get_params(handle, core_params)) {
705 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
709 /* Create a context. */
710 if ((*provctx = PROV_CTX_new()) == NULL
711 || (libctx = OPENSSL_CTX_new()) == NULL) {
713 * We free libctx separately here and only here because it hasn't
714 * been attached to *provctx. All other error paths below rely
715 * solely on fips_teardown.
717 OPENSSL_CTX_free(libctx);
720 PROV_CTX_set0_library_context(*provctx, libctx);
721 PROV_CTX_set0_handle(*provctx, handle);
723 if ((fgbl = openssl_ctx_get_data(libctx, OPENSSL_CTX_FIPS_PROV_INDEX,
724 &fips_prov_ossl_ctx_method)) == NULL)
727 fgbl->handle = handle;
729 selftest_params.libctx = libctx;
730 if (!SELF_TEST_post(&selftest_params, 0)) {
731 ERR_raise(ERR_LIB_PROV, PROV_R_SELF_TEST_POST_FAILURE);
736 * TODO(3.0): Remove me. This is just a dummy call to demonstrate making
737 * EVP calls from within the FIPS module.
739 if (!dummy_evp_call(libctx))
742 *out = fips_dispatch_table;
745 fips_teardown(*provctx);
751 * The internal init function used when the FIPS module uses EVP to call
752 * another algorithm also in the FIPS module. This is a recursive call that has
753 * been made from within the FIPS module itself. To make this work, we populate
754 * the provider context of this inner instance with the same library context
755 * that was used in the EVP call that initiated this recursive call.
757 OSSL_provider_init_fn fips_intern_provider_init;
758 int fips_intern_provider_init(const OSSL_CORE_HANDLE *handle,
759 const OSSL_DISPATCH *in,
760 const OSSL_DISPATCH **out,
763 OSSL_FUNC_core_get_library_context_fn *c_get_libctx = NULL;
765 for (; in->function_id != 0; in++) {
766 switch (in->function_id) {
767 case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT:
768 c_get_libctx = OSSL_FUNC_core_get_library_context(in);
775 if (c_get_libctx == NULL)
778 if ((*provctx = PROV_CTX_new()) == NULL)
781 * Using the parent library context only works because we are a built-in
782 * internal provider. This is not something that most providers would be
785 PROV_CTX_set0_library_context(*provctx, (OPENSSL_CTX *)c_get_libctx(handle));
786 PROV_CTX_set0_handle(*provctx, handle);
788 *out = intern_dispatch_table;
797 void ERR_set_debug(const char *file, int line, const char *func)
799 c_set_error_debug(NULL, file, line, func);
802 void ERR_set_error(int lib, int reason, const char *fmt, ...)
807 c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
811 void ERR_vset_error(int lib, int reason, const char *fmt, va_list args)
813 c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
816 int ERR_set_mark(void)
818 return c_set_error_mark(NULL);
821 int ERR_clear_last_mark(void)
823 return c_clear_last_error_mark(NULL);
826 int ERR_pop_to_mark(void)
828 return c_pop_error_to_mark(NULL);
832 * This must take a library context, since it's called from the depths
833 * of crypto/initthread.c code, where it's (correctly) assumed that the
834 * passed caller argument is an OPENSSL_CTX pointer (since the same routine
835 * is also called from other parts of libcrypto, which all pass around a
836 * OPENSSL_CTX pointer)
838 const OSSL_CORE_HANDLE *FIPS_get_core_handle(OPENSSL_CTX *libctx)
840 FIPS_GLOBAL *fgbl = openssl_ctx_get_data(libctx,
841 OPENSSL_CTX_FIPS_PROV_INDEX,
842 &fips_prov_ossl_ctx_method);
850 void *CRYPTO_malloc(size_t num, const char *file, int line)
852 return c_CRYPTO_malloc(num, file, line);
855 void *CRYPTO_zalloc(size_t num, const char *file, int line)
857 return c_CRYPTO_zalloc(num, file, line);
860 void CRYPTO_free(void *ptr, const char *file, int line)
862 c_CRYPTO_free(ptr, file, line);
865 void CRYPTO_clear_free(void *ptr, size_t num, const char *file, int line)
867 c_CRYPTO_clear_free(ptr, num, file, line);
870 void *CRYPTO_realloc(void *addr, size_t num, const char *file, int line)
872 return c_CRYPTO_realloc(addr, num, file, line);
875 void *CRYPTO_clear_realloc(void *addr, size_t old_num, size_t num,
876 const char *file, int line)
878 return c_CRYPTO_clear_realloc(addr, old_num, num, file, line);
881 void *CRYPTO_secure_malloc(size_t num, const char *file, int line)
883 return c_CRYPTO_secure_malloc(num, file, line);
886 void *CRYPTO_secure_zalloc(size_t num, const char *file, int line)
888 return c_CRYPTO_secure_zalloc(num, file, line);
891 void CRYPTO_secure_free(void *ptr, const char *file, int line)
893 c_CRYPTO_secure_free(ptr, file, line);
896 void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *file, int line)
898 c_CRYPTO_secure_clear_free(ptr, num, file, line);
901 int CRYPTO_secure_allocated(const void *ptr)
903 return c_CRYPTO_secure_allocated(ptr);
906 int BIO_snprintf(char *buf, size_t n, const char *format, ...)
911 va_start(args, format);
912 ret = c_BIO_vsnprintf(buf, n, format, args);