chacha-riscv64-v-zbb.pl: better format

[openssl.git] / crypto / evp / evp_cnf.c

diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c
index fa35fd168c3499b56b0b199d03be652e3385358d..0e7fe64cf92e4b73b3bf873895e73fa9646df86d 100644 (file)
--- a/crypto/evp/evp_cnf.c
+++ b/crypto/evp/evp_cnf.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2012-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -14,12 +14,10 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/trace.h>
-
-DEFINE_STACK_OF(CONF_VALUE)
+#include "crypto/evp.h"
 
 /* Algorithm configuration module. */
 
-/* TODO(3.0): the config module functions should be passed a library context */
 static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
 {
     int i;
@@ -32,7 +30,7 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
 
     oid_section = CONF_imodule_get_value(md);
     if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) {
-        EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
+        ERR_raise(ERR_LIB_EVP, EVP_R_ERROR_LOADING_SECTION);
         return 0;
     }
     for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
@@ -40,24 +38,28 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
         if (strcmp(oval->name, "fips_mode") == 0) {
             int m;
 
-            if (!X509V3_get_value_bool(oval, &m)) {
-                EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
+            /* Detailed error already reported. */
+            if (!X509V3_get_value_bool(oval, &m))
                 return 0;
-            }
+
             /*
              * fips_mode is deprecated and should not be used in new
-             * configurations.  Old configurations are likely to ONLY
-             * have this, so we assume that no default properties have
-             * been set before this.
+             * configurations.
              */
-            if (m > 0)
-                EVP_set_default_properties(NULL, "fips=yes");
+            if (!evp_default_properties_enable_fips_int(
+                    NCONF_get0_libctx((CONF *)cnf), m > 0, 0)) {
+                ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
+                return 0;
+            }
         } else if (strcmp(oval->name, "default_properties") == 0) {
-            EVP_set_default_properties(NULL, oval->value);
+            if (!evp_set_default_properties_int(NCONF_get0_libctx((CONF *)cnf),
+                        oval->value, 0, 0)) {
+                ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
+                return 0;
+            }
         } else {
-            EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
-            ERR_add_error_data(4, "name=", oval->name,
-                               ", value=", oval->value);
+            ERR_raise_data(ERR_LIB_EVP, EVP_R_UNKNOWN_OPTION,
+                           "name=%s, value=%s", oval->name, oval->value);
             return 0;
         }