/*
- * Copyright 2012-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2012-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/trace.h>
-
-DEFINE_STACK_OF(CONF_VALUE)
+#include "crypto/evp.h"
/* Algorithm configuration module. */
-/* TODO(3.0): the config module functions should be passed a library context */
static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
{
int i;
oid_section = CONF_imodule_get_value(md);
if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) {
- EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
+ ERR_raise(ERR_LIB_EVP, EVP_R_ERROR_LOADING_SECTION);
return 0;
}
for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
if (strcmp(oval->name, "fips_mode") == 0) {
int m;
- if (!X509V3_get_value_bool(oval, &m)) {
- EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
+ /* Detailed error already reported. */
+ if (!X509V3_get_value_bool(oval, &m))
return 0;
- }
+
/*
* fips_mode is deprecated and should not be used in new
- * configurations. Old configurations are likely to ONLY
- * have this, so we assume that no default properties have
- * been set before this.
+ * configurations.
*/
- if (m > 0)
- EVP_set_default_properties(NULL, "fips=yes");
+ if (!evp_default_properties_enable_fips_int(
+ NCONF_get0_libctx((CONF *)cnf), m > 0, 0)) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
+ return 0;
+ }
} else if (strcmp(oval->name, "default_properties") == 0) {
- EVP_set_default_properties(NULL, oval->value);
+ if (!evp_set_default_properties_int(NCONF_get0_libctx((CONF *)cnf),
+ oval->value, 0, 0)) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
+ return 0;
+ }
} else {
- EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
- ERR_add_error_data(4, "name=", oval->name,
- ", value=", oval->value);
+ ERR_raise_data(ERR_LIB_EVP, EVP_R_UNKNOWN_OPTION,
+ "name=%s, value=%s", oval->name, oval->value);
return 0;
}