/*
- * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* https://www.openssl.org/source/license.html
*/
+/* We need to use some engine deprecated APIs */
+#define OPENSSL_SUPPRESS_DEPRECATED
+
#include <openssl/evp.h>
#include <openssl/core_names.h>
-#include "internal/provider_util.h"
+#include <openssl/err.h>
+#include "prov/provider_util.h"
void ossl_prov_cipher_reset(PROV_CIPHER *pc)
{
*engine = NULL;
/* TODO legacy stuff, to be removed */
/* Inside the FIPS module, we don't support legacy ciphers */
-#if !defined(FIPS_MODE) && !defined(OPENSSL_NO_ENGINE)
- p = OSSL_PARAM_locate_const(params, OSSL_ALG_PARAM_ENGINE);
+#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE)
+ p = OSSL_PARAM_locate_const(params, "engine");
if (p != NULL) {
if (p->data_type != OSSL_PARAM_UTF8_STRING)
return 0;
return 0;
EVP_CIPHER_free(pc->alloc_cipher);
+ ERR_set_mark();
pc->cipher = pc->alloc_cipher = EVP_CIPHER_fetch(ctx, p->data, propquery);
/* TODO legacy stuff, to be removed */
-#ifndef FIPS_MODE /* Inside the FIPS module, we don't support legacy ciphers */
+#ifndef FIPS_MODULE /* Inside the FIPS module, we don't support legacy ciphers */
if (pc->cipher == NULL)
pc->cipher = EVP_get_cipherbyname(p->data);
#endif
+ if (pc->cipher != NULL)
+ ERR_pop_to_mark();
+ else
+ ERR_clear_last_mark();
return pc->cipher != NULL;
}
return 0;
EVP_MD_free(pd->alloc_md);
+ ERR_set_mark();
pd->md = pd->alloc_md = EVP_MD_fetch(ctx, p->data, propquery);
/* TODO legacy stuff, to be removed */
-#ifndef FIPS_MODE /* Inside the FIPS module, we don't support legacy digests */
+#ifndef FIPS_MODULE /* Inside the FIPS module, we don't support legacy digests */
if (pd->md == NULL)
pd->md = EVP_get_digestbyname(p->data);
#endif
+ if (pd->md != NULL)
+ ERR_pop_to_mark();
+ else
+ ERR_clear_last_mark();
return pd->md != NULL;
}
return pd->engine;
}
+int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx,
+ const OSSL_PARAM params[],
+ const char *macname,
+ const char *ciphername,
+ const char *mdname,
+ OPENSSL_CTX *libctx)
+{
+ const OSSL_PARAM *p;
+ OSSL_PARAM mac_params[5], *mp = mac_params;
+ const char *properties = NULL;
+
+ if (macname == NULL
+ && (p = OSSL_PARAM_locate_const(params, OSSL_ALG_PARAM_MAC)) != NULL) {
+ if (p->data_type != OSSL_PARAM_UTF8_STRING)
+ return 0;
+ macname = p->data;
+ }
+ if ((p = OSSL_PARAM_locate_const(params,
+ OSSL_ALG_PARAM_PROPERTIES)) != NULL) {
+ if (p->data_type != OSSL_PARAM_UTF8_STRING)
+ return 0;
+ properties = p->data;
+ }
+
+ /* If we got a new mac name, we make a new EVP_MAC_CTX */
+ if (macname != NULL) {
+ EVP_MAC *mac = EVP_MAC_fetch(libctx, macname, properties);
+
+ EVP_MAC_CTX_free(*macctx);
+ *macctx = mac == NULL ? NULL : EVP_MAC_CTX_new(mac);
+ /* The context holds on to the MAC */
+ EVP_MAC_free(mac);
+ if (*macctx == NULL)
+ return 0;
+ }
+
+ /*
+ * If there is no MAC yet (and therefore, no MAC context), we ignore
+ * all other parameters.
+ */
+ if (*macctx == NULL)
+ return 1;
+
+ if (mdname == NULL) {
+ if ((p = OSSL_PARAM_locate_const(params,
+ OSSL_ALG_PARAM_DIGEST)) != NULL) {
+ if (p->data_type != OSSL_PARAM_UTF8_STRING)
+ return 0;
+ mdname = p->data;
+ }
+ }
+ if (ciphername == NULL) {
+ if ((p = OSSL_PARAM_locate_const(params,
+ OSSL_ALG_PARAM_CIPHER)) != NULL) {
+ if (p->data_type != OSSL_PARAM_UTF8_STRING)
+ return 0;
+ ciphername = p->data;
+ }
+ }
+
+ if (mdname != NULL)
+ *mp++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
+ (char *)mdname, 0);
+ if (ciphername != NULL)
+ *mp++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
+ (char *)ciphername, 0);
+ if (properties != NULL)
+ *mp++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_PROPERTIES,
+ (char *)properties, 0);
+
+#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
+ if ((p = OSSL_PARAM_locate_const(params, "engine")) != NULL) {
+ if (p->data_type != OSSL_PARAM_UTF8_STRING)
+ return 0;
+ *mp++ = OSSL_PARAM_construct_utf8_string("engine",
+ p->data, p->data_size);
+ }
+#endif
+ *mp = OSSL_PARAM_construct_end();
+
+ if (EVP_MAC_CTX_set_params(*macctx, mac_params))
+ return 1;
+
+ EVP_MAC_CTX_free(*macctx);
+ *macctx = NULL;
+ return 0;
+}
+
+void ossl_prov_cache_exported_algorithms(const OSSL_ALGORITHM_CAPABLE *in,
+ OSSL_ALGORITHM *out)
+{
+ int i, j;
+
+ if (out[0].algorithm_names == NULL) {
+ for (i = j = 0; in[i].alg.algorithm_names != NULL; ++i) {
+ if (in[i].capable == NULL || in[i].capable())
+ out[j++] = in[i].alg;
+ }
+ out[j++] = in[i].alg;
+ }
+}
projects / openssl.git / blobdiff