2 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * This is a very simple provider that does absolutely nothing except respond
12 * to provider global parameter requests. It does this by simply echoing back
13 * a parameter request it makes to the loading library.
20 * When built as an object file to link the application with, we get the
21 * init function name through the macro PROVIDER_INIT_FUNCTION_NAME. If
22 * not defined, we use the standard init function name for the shared
25 #ifdef PROVIDER_INIT_FUNCTION_NAME
26 # define OSSL_provider_init PROVIDER_INIT_FUNCTION_NAME
29 #include "internal/e_os.h"
30 #include <openssl/core.h>
31 #include <openssl/core_dispatch.h>
32 #include <openssl/err.h>
33 #include <openssl/evp.h>
34 #include <openssl/crypto.h>
35 #include <openssl/provider.h>
37 typedef struct p_test_ctx {
40 const OSSL_CORE_HANDLE *handle;
44 static OSSL_FUNC_core_gettable_params_fn *c_gettable_params = NULL;
45 static OSSL_FUNC_core_get_params_fn *c_get_params = NULL;
46 static OSSL_FUNC_core_new_error_fn *c_new_error;
47 static OSSL_FUNC_core_set_error_debug_fn *c_set_error_debug;
48 static OSSL_FUNC_core_vset_error_fn *c_vset_error;
50 /* Tell the core what params we provide and what type they are */
51 static const OSSL_PARAM p_param_types[] = {
52 { "greeting", OSSL_PARAM_UTF8_STRING, NULL, 0, 0 },
53 { "digest-check", OSSL_PARAM_UNSIGNED_INTEGER, NULL, 0, 0},
54 { NULL, 0, NULL, 0, 0 }
57 /* This is a trick to ensure we define the provider functions correctly */
58 static OSSL_FUNC_provider_gettable_params_fn p_gettable_params;
59 static OSSL_FUNC_provider_get_params_fn p_get_params;
60 static OSSL_FUNC_provider_get_reason_strings_fn p_get_reason_strings;
61 static OSSL_FUNC_provider_teardown_fn p_teardown;
63 static void p_set_error(int lib, int reason, const char *file, int line,
64 const char *func, const char *fmt, ...)
70 c_set_error_debug(NULL, file, line, func);
71 c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, ap);
75 static const OSSL_PARAM *p_gettable_params(void *_)
80 static int p_get_params(void *provctx, OSSL_PARAM params[])
82 P_TEST_CTX *ctx = (P_TEST_CTX *)provctx;
83 const OSSL_CORE_HANDLE *hand = ctx->handle;
84 OSSL_PARAM *p = params;
87 for (; ok && p->key != NULL; p++) {
88 if (strcmp(p->key, "greeting") == 0) {
89 static char *opensslv;
90 static char *provname;
91 static char *greeting;
92 static OSSL_PARAM counter_request[] = {
93 /* Known libcrypto provided parameters */
94 { "openssl-version", OSSL_PARAM_UTF8_PTR,
95 &opensslv, sizeof(&opensslv), 0 },
96 { "provider-name", OSSL_PARAM_UTF8_PTR,
97 &provname, sizeof(&provname), 0},
99 /* This might be present, if there's such a configuration */
100 { "greeting", OSSL_PARAM_UTF8_PTR,
101 &greeting, sizeof(&greeting), 0 },
103 { NULL, 0, NULL, 0, 0 }
108 opensslv = provname = greeting = NULL;
110 if (c_get_params(hand, counter_request)) {
112 strcpy(buf, greeting);
114 const char *versionp = *(void **)counter_request[0].data;
115 const char *namep = *(void **)counter_request[1].data;
117 sprintf(buf, "Hello OpenSSL %.20s, greetings from %s!",
121 sprintf(buf, "Howdy stranger...");
124 p->return_size = buf_l = strlen(buf) + 1;
125 if (p->data_size >= buf_l)
126 strcpy(p->data, buf);
129 } else if (strcmp(p->key, "digest-check") == 0) {
130 unsigned int digestsuccess = 0;
133 * Test we can use an algorithm from another provider. We're using
134 * legacy to check that legacy is actually available and we haven't
135 * just fallen back to default.
137 #ifdef PROVIDER_INIT_FUNCTION_NAME
138 EVP_MD *md4 = EVP_MD_fetch(ctx->libctx, "MD4", NULL);
139 EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
140 const char *msg = "Hello world";
141 unsigned char out[16];
142 OSSL_PROVIDER *deflt;
145 * "default" has not been loaded into the parent libctx. We should be able
146 * to explicitly load it as a non-child provider.
148 deflt = OSSL_PROVIDER_load(ctx->libctx, "default");
150 || !OSSL_PROVIDER_available(ctx->libctx, "default")) {
151 /* We set error "3" for a failure to load the default provider */
152 p_set_error(ERR_LIB_PROV, 3, ctx->thisfile, OPENSSL_LINE,
153 ctx->thisfunc, NULL);
158 * We should have the default provider available that we loaded
159 * ourselves, and the base and legacy providers which we inherit
160 * from the parent libctx. We should also have "this" provider
164 && OSSL_PROVIDER_available(ctx->libctx, "default")
165 && OSSL_PROVIDER_available(ctx->libctx, "base")
166 && OSSL_PROVIDER_available(ctx->libctx, "legacy")
167 && OSSL_PROVIDER_available(ctx->libctx, "p_test")
170 if (EVP_DigestInit_ex(mdctx, md4, NULL)
171 && EVP_DigestUpdate(mdctx, (const unsigned char *)msg,
173 && EVP_DigestFinal(mdctx, out, NULL))
176 EVP_MD_CTX_free(mdctx);
178 OSSL_PROVIDER_unload(deflt);
180 if (p->data_size >= sizeof(digestsuccess)) {
181 *(unsigned int *)p->data = digestsuccess;
182 p->return_size = sizeof(digestsuccess);
186 } else if (strcmp(p->key, "stop-property-mirror") == 0) {
188 * Setting the default properties explicitly should stop mirroring
189 * of properties from the parent libctx.
191 unsigned int stopsuccess = 0;
193 #ifdef PROVIDER_INIT_FUNCTION_NAME
194 stopsuccess = EVP_set_default_properties(ctx->libctx, NULL);
196 if (p->data_size >= sizeof(stopsuccess)) {
197 *(unsigned int *)p->data = stopsuccess;
198 p->return_size = sizeof(stopsuccess);
207 static const OSSL_ITEM *p_get_reason_strings(void *_)
209 static const OSSL_ITEM reason_strings[] = {
210 {1, "dummy reason string"},
211 {2, "Can't create child library context"},
212 {3, "Can't load default provider"},
216 return reason_strings;
219 static const OSSL_DISPATCH p_test_table[] = {
220 { OSSL_FUNC_PROVIDER_GETTABLE_PARAMS, (void (*)(void))p_gettable_params },
221 { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))p_get_params },
222 { OSSL_FUNC_PROVIDER_GET_REASON_STRINGS,
223 (void (*)(void))p_get_reason_strings},
224 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))p_teardown },
228 int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
229 const OSSL_DISPATCH *oin,
230 const OSSL_DISPATCH **out,
234 const OSSL_DISPATCH *in = oin;
236 for (; in->function_id != 0; in++) {
237 switch (in->function_id) {
238 case OSSL_FUNC_CORE_GETTABLE_PARAMS:
239 c_gettable_params = OSSL_FUNC_core_gettable_params(in);
241 case OSSL_FUNC_CORE_GET_PARAMS:
242 c_get_params = OSSL_FUNC_core_get_params(in);
244 case OSSL_FUNC_CORE_NEW_ERROR:
245 c_new_error = OSSL_FUNC_core_new_error(in);
247 case OSSL_FUNC_CORE_SET_ERROR_DEBUG:
248 c_set_error_debug = OSSL_FUNC_core_set_error_debug(in);
250 case OSSL_FUNC_CORE_VSET_ERROR:
251 c_vset_error = OSSL_FUNC_core_vset_error(in);
254 /* Just ignore anything we don't understand */
260 * We want to test that libcrypto doesn't use the file and func pointers
261 * that we provide to it via c_set_error_debug beyond the time that they
262 * are valid for. Therefore we dynamically allocate these strings now and
263 * free them again when the provider is torn down. If anything tries to
264 * use those strings after that point there will be a use-after-free and
265 * asan will complain (and hence the tests will fail).
266 * This file isn't linked against libcrypto, so we use malloc and strdup
267 * instead of OPENSSL_malloc and OPENSSL_strdup
269 ctx = malloc(sizeof(*ctx));
272 ctx->thisfile = strdup(OPENSSL_FILE);
273 ctx->thisfunc = strdup(OPENSSL_FUNC);
274 ctx->handle = handle;
275 #ifdef PROVIDER_INIT_FUNCTION_NAME
276 /* We only do this if we are linked with libcrypto */
277 ctx->libctx = OSSL_LIB_CTX_new_child(handle, oin);
278 if (ctx->libctx == NULL) {
279 /* We set error "2" for a failure to create the child libctx*/
280 p_set_error(ERR_LIB_PROV, 2, ctx->thisfile, OPENSSL_LINE, ctx->thisfunc,
286 * The default provider is loaded - but the default properties should not
290 EVP_MD *sha256 = EVP_MD_fetch(ctx->libctx, "SHA2-256", NULL);
291 if (sha256 != NULL) {
300 * Set a spurious error to check error handling works correctly. This will
303 p_set_error(ERR_LIB_PROV, 1, ctx->thisfile, OPENSSL_LINE, ctx->thisfunc, NULL);
305 *provctx = (void *)ctx;
310 static void p_teardown(void *provctx)
312 P_TEST_CTX *ctx = (P_TEST_CTX *)provctx;
314 #ifdef PROVIDER_INIT_FUNCTION_NAME
315 OSSL_LIB_CTX_free(ctx->libctx);