]> git.ipfire.org Git - thirdparty/openssl.git/blob - providers/fips/fipsprov.c
Add ECDH to fips provider
[thirdparty/openssl.git] / providers / fips / fipsprov.c
1 /*
2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <string.h>
11 #include <stdio.h>
12 #include <openssl/core.h>
13 #include <openssl/core_numbers.h>
14 #include <openssl/core_names.h>
15 #include <openssl/params.h>
16 #include <openssl/err.h>
17 #include <openssl/evp.h>
18 #include <openssl/kdf.h>
19
20 /* TODO(3.0): Needed for dummy_evp_call(). To be removed */
21 #include <openssl/sha.h>
22 #include <openssl/rand_drbg.h>
23 #include <openssl/ec.h>
24 #include <openssl/fips_names.h>
25
26 #include "internal/cryptlib.h"
27 #include "internal/property.h"
28 #include "internal/nelem.h"
29 #include "internal/param_build.h"
30 #include "crypto/evp.h"
31 #include "prov/implementations.h"
32 #include "prov/provider_ctx.h"
33 #include "prov/providercommon.h"
34 #include "prov/provider_util.h"
35 #include "self_test.h"
36
37 #define ALGC(NAMES, FUNC, CHECK) { { NAMES, "provider=fips,fips=yes", FUNC }, CHECK }
38 #define ALG(NAMES, FUNC) ALGC(NAMES, FUNC, NULL)
39
40 extern OSSL_core_thread_start_fn *c_thread_start;
41
42 /*
43 * TODO(3.0): Should these be stored in the provider side provctx? Could they
44 * ever be different from one init to the next? Unfortunately we can't do this
45 * at the moment because c_put_error/c_add_error_vdata do not provide
46 * us with the OPENSSL_CTX as a parameter.
47 */
48
49 static SELF_TEST_POST_PARAMS selftest_params;
50
51 /* Functions provided by the core */
52 static OSSL_core_gettable_params_fn *c_gettable_params;
53 static OSSL_core_get_params_fn *c_get_params;
54 OSSL_core_thread_start_fn *c_thread_start;
55 static OSSL_core_new_error_fn *c_new_error;
56 static OSSL_core_set_error_debug_fn *c_set_error_debug;
57 static OSSL_core_vset_error_fn *c_vset_error;
58 static OSSL_core_set_error_mark_fn *c_set_error_mark;
59 static OSSL_core_clear_last_error_mark_fn *c_clear_last_error_mark;
60 static OSSL_core_pop_error_to_mark_fn *c_pop_error_to_mark;
61 static OSSL_CRYPTO_malloc_fn *c_CRYPTO_malloc;
62 static OSSL_CRYPTO_zalloc_fn *c_CRYPTO_zalloc;
63 static OSSL_CRYPTO_free_fn *c_CRYPTO_free;
64 static OSSL_CRYPTO_clear_free_fn *c_CRYPTO_clear_free;
65 static OSSL_CRYPTO_realloc_fn *c_CRYPTO_realloc;
66 static OSSL_CRYPTO_clear_realloc_fn *c_CRYPTO_clear_realloc;
67 static OSSL_CRYPTO_secure_malloc_fn *c_CRYPTO_secure_malloc;
68 static OSSL_CRYPTO_secure_zalloc_fn *c_CRYPTO_secure_zalloc;
69 static OSSL_CRYPTO_secure_free_fn *c_CRYPTO_secure_free;
70 static OSSL_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free;
71 static OSSL_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated;
72
73 typedef struct fips_global_st {
74 const OSSL_PROVIDER *prov;
75 } FIPS_GLOBAL;
76
77 static void *fips_prov_ossl_ctx_new(OPENSSL_CTX *libctx)
78 {
79 FIPS_GLOBAL *fgbl = OPENSSL_zalloc(sizeof(*fgbl));
80
81 return fgbl;
82 }
83
84 static void fips_prov_ossl_ctx_free(void *fgbl)
85 {
86 OPENSSL_free(fgbl);
87 }
88
89 static const OPENSSL_CTX_METHOD fips_prov_ossl_ctx_method = {
90 fips_prov_ossl_ctx_new,
91 fips_prov_ossl_ctx_free,
92 };
93
94
95 /* Parameters we provide to the core */
96 static const OSSL_PARAM fips_param_types[] = {
97 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0),
98 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0),
99 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0),
100 OSSL_PARAM_END
101 };
102
103 /*
104 * Parameters to retrieve from the core provider - required for self testing.
105 * NOTE: inside core_get_params() these will be loaded from config items
106 * stored inside prov->parameters (except for OSSL_PROV_PARAM_MODULE_FILENAME).
107 */
108 static OSSL_PARAM core_params[] =
109 {
110 OSSL_PARAM_utf8_ptr(OSSL_PROV_PARAM_MODULE_FILENAME,
111 selftest_params.module_filename,
112 sizeof(selftest_params.module_filename)),
113 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_MODULE_MAC,
114 selftest_params.module_checksum_data,
115 sizeof(selftest_params.module_checksum_data)),
116 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_INSTALL_MAC,
117 selftest_params.indicator_checksum_data,
118 sizeof(selftest_params.indicator_checksum_data)),
119 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_INSTALL_STATUS,
120 selftest_params.indicator_data,
121 sizeof(selftest_params.indicator_data)),
122 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_INSTALL_VERSION,
123 selftest_params.indicator_version,
124 sizeof(selftest_params.indicator_version)),
125 OSSL_PARAM_END
126 };
127
128 /*
129 * Convert a string into a bignumber.
130 * The array of hex_data is used to get around compilers that dont like
131 * strings longer than 509 bytes,
132 */
133 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA)
134 static int hextobn(const char *hex_data[], BIGNUM **bn)
135 {
136 int ret = 0;
137 int i, slen;
138 char *str = NULL;
139
140 /* Get the total length of the strings */
141 for (slen = 0, i = 0; hex_data[i] != NULL; ++i)
142 slen += strlen(hex_data[i]);
143
144 /* Add 1 for the string terminator */
145 str = OPENSSL_zalloc(slen + 1);
146 if (str == NULL)
147 return 0;
148
149 /* join the strings together into 1 buffer */
150 for (i = 0; hex_data[i] != NULL; ++i)
151 strcat(str, hex_data[i]);
152
153 if (BN_hex2bn(bn, str) <= 0)
154 goto err;
155 ret = 1;
156 err:
157 OPENSSL_free(str);
158 return ret;
159 }
160 #endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) */
161
162 #ifndef OPENSSL_NO_DH
163 static int hextobin(const char *hex_data[], unsigned char **out, size_t *len)
164 {
165 int ret = 0, sz;
166 BIGNUM *bn = NULL;
167 unsigned char *buf = NULL;
168
169 if (!hextobn(hex_data, &bn))
170 return 0;
171 sz = BN_num_bytes(bn);
172 buf = OPENSSL_zalloc(sz);
173 if (buf == NULL)
174 goto err;
175 if (BN_bn2binpad(bn, buf, sz) <= 0)
176 goto err;
177
178 *out = buf;
179 *len = sz;
180 buf = NULL; /* Set to NULL so it is not freed */
181 ret = 1;
182 err:
183 OPENSSL_free(buf);
184 BN_free(bn);
185 return ret;
186 }
187 #endif
188
189 #ifndef OPENSSL_NO_DSA
190 static int dsa_key_signature_test(OPENSSL_CTX *libctx)
191 {
192 int ret = 0;
193 BIGNUM *p = NULL, *q = NULL, *g = NULL;
194 BIGNUM *pub = NULL, *priv = NULL;
195 OSSL_PARAM *params = NULL, *params_sig = NULL;
196 OSSL_PARAM_BLD bld;
197 EVP_PKEY_CTX *sctx = NULL, *kctx = NULL;
198 EVP_PKEY *pkey = NULL;
199 unsigned char sig[64];
200 size_t siglen;
201
202 static const unsigned char dgst[SHA256_DIGEST_LENGTH] = {
203 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
204 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,
205 0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69
206 };
207 /* dsa 2048 */
208 static const char *dsa_p_hex[] = {
209 "a29b8872ce8b8423b7d5d21d4b02f57e03e9e6b8a258dc16611ba098ab543415"
210 "e415f156997a3ee236658fa093260de3ad422e05e046f9ec29161a375f0eb4ef"
211 "fcef58285c5d39ed425d7a62ca12896c4a92cb1946f2952a48133f07da364d1b"
212 "df6b0f7139983e693c80059b0eacd1479ba9f2857754ede75f112b07ebbf3534",
213 "8bbf3e01e02f2d473de39453f99dd2367541caca3ba01166343d7b5b58a37bd1"
214 "b7521db2f13b86707132fe09f4cd09dc1618fa3401ebf9cc7b19fa94aa472088"
215 "133d6cb2d35c1179c8c8ff368758d507d9f9a17d46c110fe3144ce9b022b42e4"
216 "19eb4f5388613bfc3e26241a432e8706bc58ef76117278deab6cf692618291b7",
217 NULL
218 };
219 static const char *dsa_q_hex[] = {
220 "a3bfd9ab7884794e383450d5891dc18b65157bdcfcdac51518902867",
221 NULL
222 };
223 static const char *dsa_g_hex[] = {
224 "6819278869c7fd3d2d7b77f77e8150d9ad433bea3ba85efc80415aa3545f78f7"
225 "2296f06cb19ceda06c94b0551cfe6e6f863e31d1de6eed7dab8b0c9df231e084"
226 "34d1184f91d033696bb382f8455e9888f5d31d4784ec40120246f4bea61794bb"
227 "a5866f09746463bdf8e9e108cd9529c3d0f6df80316e2e70aaeb1b26cdb8ad97",
228 "bc3d287e0b8d616c42e65b87db20deb7005bc416747a6470147a68a7820388eb"
229 "f44d52e0628af9cf1b7166d03465f35acc31b6110c43dabc7c5d591e671eaf7c"
230 "252c1c145336a1a4ddf13244d55e835680cab2533b82df2efe55ec18c1e6cd00"
231 "7bb089758bb17c2cbe14441bd093ae66e5976d53733f4fa3269701d31d23d467",
232 NULL
233 };
234 static const char *dsa_pub_hex[] = {
235 "a012b3b170b307227957b7ca2061a816ac7a2b3d9ae995a5119c385b603bf6f6"
236 "c5de4dc5ecb5dfa4a41c68662eb25b638b7e2620ba898d07da6c4991e76cc0ec"
237 "d1ad3421077067e47c18f58a92a72ad43199ecb7bd84e7d3afb9019f0e9dd0fb"
238 "aa487300b13081e33c902876436f7b03c345528481d362815e24fe59dac5ac34",
239 "660d4c8a76cb99a7c7de93eb956cd6bc88e58d901034944a094b01803a43c672"
240 "b9688c0e01d8f4fc91c62a3f88021f7bd6a651b1a88f43aa4ef27653d12bf8b7"
241 "099fdf6b461082f8e939107bfd2f7210087d326c375200f1f51e7e74a3413190"
242 "1bcd0863521ff8d676c48581868736c5e51b16a4e39215ea0b17c4735974c516",
243 NULL
244 };
245 static const char *dsa_priv_hex[] = {
246 "6ccaeef6d73b4e80f11c17b8e9627c036635bac39423505e407e5cb7",
247 NULL
248 };
249
250 if (!hextobn(dsa_p_hex, &p)
251 || !hextobn(dsa_q_hex, &q)
252 || !hextobn(dsa_g_hex, &g)
253 || !hextobn(dsa_pub_hex, &pub)
254 || !hextobn(dsa_priv_hex, &priv))
255 goto err;
256
257 ossl_param_bld_init(&bld);
258 if (!ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_FFC_P, p)
259 || !ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_FFC_Q, q)
260 || !ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_FFC_G, g)
261 || !ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_PUB_KEY, pub)
262 || !ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
263 goto err;
264 params = ossl_param_bld_to_param(&bld);
265
266 /* Create a EVP_PKEY_CTX to load the DSA key into */
267 kctx = EVP_PKEY_CTX_new_from_name(libctx, SN_dsa, "");
268 if (kctx == NULL || params == NULL)
269 goto err;
270 if (EVP_PKEY_key_fromdata_init(kctx) <= 0
271 || EVP_PKEY_fromdata(kctx, &pkey, params) <= 0)
272 goto err;
273
274 /* Create a EVP_PKEY_CTX to use for the signing operation */
275 sctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, NULL);
276 if (sctx == NULL
277 || EVP_PKEY_sign_init(sctx) <= 0)
278 goto err;
279
280 /* set signature parameters */
281 ossl_param_bld_init(&bld);
282 if (!ossl_param_bld_push_utf8_string(&bld, OSSL_SIGNATURE_PARAM_DIGEST,
283 SN_sha256,strlen(SN_sha256) + 1))
284 goto err;
285 params_sig = ossl_param_bld_to_param(&bld);
286 if (EVP_PKEY_CTX_set_params(sctx, params_sig) <= 0)
287 goto err;
288
289 if (EVP_PKEY_sign(sctx, sig, &siglen, dgst, sizeof(dgst)) <= 0
290 || EVP_PKEY_verify_init(sctx) <= 0
291 || EVP_PKEY_verify(sctx, sig, siglen, dgst, sizeof(dgst)) <= 0)
292 goto err;
293 ret = 1;
294 err:
295 ossl_param_bld_free(params);
296 ossl_param_bld_free(params_sig);
297 BN_free(p);
298 BN_free(q);
299 BN_free(g);
300 BN_free(pub);
301 BN_free(priv);
302 EVP_PKEY_free(pkey);
303 EVP_PKEY_CTX_free(kctx);
304 EVP_PKEY_CTX_free(sctx);
305 return ret;
306 }
307 #endif /* OPENSSL_NO_DSA */
308
309 #ifndef OPENSSL_NO_DH
310 static int dh_key_exchange_test(OPENSSL_CTX *libctx)
311 {
312 int ret = 0;
313 BIGNUM *p = NULL, *q = NULL, *g = NULL;
314 BIGNUM *pub = NULL, *priv = NULL, *pub_peer = NULL;
315 unsigned char *kat_secret = NULL;
316 EVP_PKEY_CTX *kactx = NULL, *dctx = NULL;
317 EVP_PKEY *pkey = NULL, *peerkey = NULL;
318 OSSL_PARAM *params = NULL;
319 OSSL_PARAM *params_peer = NULL;
320 unsigned char secret[256];
321 size_t secret_len, kat_secret_len = 0;
322 OSSL_PARAM_BLD bld;
323
324 /* DH KAT */
325 static const char *dh_p_hex[] = {
326 "dcca1511b2313225f52116e1542789e001f0425bccc7f366f7406407f1c9fa8b"
327 "e610f1778bb170be39dbb76f85bf24ce6880adb7629f7c6d015e61d43fa3ee4d"
328 "e185f2cfd041ffde9d418407e15138bb021daeb35f762d1782acc658d32bd4b0"
329 "232c927dd38fa097b3d1859fa8acafb98f066608fc644ec7ddb6f08599f92ac1",
330 "b59825da8432077def695646063c20823c9507ab6f0176d4730d990dbbe6361c"
331 "d8b2b94d3d2f329b82099bd661f42950f403df3ede62a33188b02798ba823f44"
332 "b946fe9df677a0c5a1238eaa97b70f80da8cac88e092b1127060ffbf45579994"
333 "011dc2faa5e7f6c76245e1cc312231c17d1ca6b19007ef0db99f9cb60e1d5f69",
334 NULL
335 };
336 static const char *dh_q_hex[] = {
337 "898b226717ef039e603e82e5c7afe48374ac5f625c54f1ea11acb57d",
338 NULL
339 };
340 static const char *dh_g_hex[] = {
341 "5ef7b88f2df60139351dfbfe1266805fdf356cdfd13a4da0050c7ede"
342 "246df59f6abf96ade5f2b28ffe88d6bce7f7894a3d535fc82126ddd4"
343 "24872e16b838df8c51e9016f889c7c203e98a8b631f9c72563d38a49"
344 "589a0753d358e783318cefd9677c7b2dbb77d6dce2a1963795ca64b9",
345 "2d1c9aac6d0e8d431de5e50060dff78689c9eca1c1248c16ed09c7ad",
346 "412a17406d2b525aa1cabb237b9734ec7b8ce3fae02f29c5efed30d6"
347 "9187da109c2c9fe2aadbb0c22af54c616655000c431c6b4a379763b0"
348 "a91658efc84e8b06358c8b4f213710fd10172cf39b830c2dd84a0c8a"
349 "b82516ecab995fa4215e023e4ecf8074c39d6c88b70d1ee4e96fdc20",
350 "ea115c32",
351 NULL
352 };
353 static const char *dh_priv_hex[] = {
354 "1433e0b5a917b60a3023f2f8aa2c2d70d2968aba9aeac81540b8fce6",
355 NULL
356 };
357 static const char *dh_pub_hex[] = {
358 "95dd338d29e5710492b918317b72a36936e1951a2ee5a5591699c048"
359 "6d0d4f9bdd6d5a3f6b98890c62b37652d36e712111e68a7355372506"
360 "99efe330537391fbc2c548bc5ac3e5b23386c3eef5eb43c099d70a52"
361 "02687e83964248fca91f40908e8fb3319315f6d2606d7f7cd52cc6e7",
362 "c5843afb22519cf0f0f9d3a0a4e8c88899efede7364351fb6a363ee7"
363 "17e5445adab4c931a6483997b87dad83677e4d1d3a7775e0f6d00fdf"
364 "73c7ad801e665a0e5a796d0a0380a19fa182efc8a04f5e4db90d1a86"
365 "37f95db16436bdc8f3fc096c4ff7f234be8fef479ac4b0dc4b77263e",
366 "07d9959de0f1bf3f0ae3d9d50e4b89c99e3ea1217343dd8c6581acc4"
367 "959c91d3",
368 NULL
369 };
370 static const char *dh_peer_pub_hex[] = {
371 "1fc1da341d1a846a96b7be24340f877dd010aa0356d5ad58aae9c7b0"
372 "8f749a32235110b5d88eb5dbfa978d27ecc530f02d3114005b64b1c0"
373 "e024cb8ae21698bca9e60d42808622f181c56e1de7a96e6efee9d665"
374 "67e91b977042c7e3d0448f05fb77f522b9bfc8d33cc3c31ed3b31f0f",
375 "ecb6db4f6ea311e77afdbcd47aee1bb150f216873578fb96468e8f9f"
376 "3de8efbfce75624b1df05322a34f1463e839e8984c4ad0a96e1ac842"
377 "e5318cc23c062a8ca171b8d575980dde7fc56f1536523820d43192bf"
378 "d51e8e228978aca5b94472f339caeb9931b42be301268bc99789c9b2",
379 "5571c3c0e4cb3f007f1a511cbb53c8519cdd1302abca6c0f34f96739"
380 "f17ff48b",
381 NULL
382 };
383 static const char *dh_secret_exptd_hex[] = {
384 "08ff33bb2ecff49a7d4a7912aeb1bb6ab511641b4a76770c8cc1bcc2"
385 "33343dfe700d11813d2c9ed23b211ca9e8786921edca283c68b16153"
386 "fa01e91ab82c90ddab4a95816770a98710e14c92ab83b6e46e1e426e"
387 "e852430d6187daa3720a6bcd73235c6b0f941f3364f50420551a4bfe",
388 "afe2bc438505a59a4a40daca7a895a73db575c74c13a23ad8832957d"
389 "582d38f0a6165fb0d7e9b8799e42fd3220e332e98185a0c9429757b2"
390 "d0d02c17dbaa1ff6ed93d7e73e241eaed90caf394d2bc6570f18c81f"
391 "2be5d01a2ca99ff142b5d963f9f500325e7556f95849b3ffc7479486",
392 "be1d4596a3106bd5cb4f61c57ec5f100fb7a0c82a10b82526a97d1d9"
393 "7d98eaf6",
394 NULL
395 };
396
397 if (!hextobn(dh_p_hex, &p)
398 || !hextobn(dh_q_hex, &q)
399 || !hextobn(dh_g_hex, &g)
400 || !hextobn(dh_pub_hex, &pub)
401 || !hextobn(dh_priv_hex, &priv)
402 || !hextobn(dh_peer_pub_hex, &pub_peer)
403 || !hextobin(dh_secret_exptd_hex, &kat_secret, &kat_secret_len))
404 goto err;
405
406 ossl_param_bld_init(&bld);
407 if (!ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_FFC_P, p)
408 || !ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_FFC_Q, q)
409 || !ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_FFC_G, g)
410 || !ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_PUB_KEY, pub)
411 || !ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
412 goto err;
413 params = ossl_param_bld_to_param(&bld);
414
415 ossl_param_bld_init(&bld);
416 if (!ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_FFC_P, p)
417 || !ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_FFC_Q, q)
418 || !ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_FFC_G, g)
419 || !ossl_param_bld_push_BN(&bld, OSSL_PKEY_PARAM_PUB_KEY, pub_peer))
420 goto err;
421
422 params_peer = ossl_param_bld_to_param(&bld);
423 if (params == NULL || params_peer == NULL)
424 goto err;
425
426 /* Create a EVP_PKEY_CTX to load the DH keys into */
427 kactx = EVP_PKEY_CTX_new_from_name(libctx, "DH", "");
428 if (kactx == NULL)
429 goto err;
430 if (EVP_PKEY_key_fromdata_init(kactx) <= 0
431 || EVP_PKEY_fromdata(kactx, &pkey, params) <= 0)
432 goto err;
433 if (EVP_PKEY_key_fromdata_init(kactx) <= 0
434 || EVP_PKEY_fromdata(kactx, &peerkey, params_peer) <= 0)
435 goto err;
436
437 /* Create a EVP_PKEY_CTX to perform key derivation */
438 dctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, NULL);
439 if (dctx == NULL)
440 goto err;
441
442 if (EVP_PKEY_derive_init(dctx) <= 0
443 || EVP_PKEY_derive_set_peer(dctx, peerkey) <= 0
444 || EVP_PKEY_derive(dctx, secret, &secret_len) <= 0)
445 goto err;
446
447 if (secret_len != kat_secret_len
448 || memcmp(secret, kat_secret, secret_len) != 0)
449 goto err;
450 ret = 1;
451 err:
452 ossl_param_bld_free(params_peer);
453 ossl_param_bld_free(params);
454 BN_free(p);
455 BN_free(q);
456 BN_free(g);
457 BN_free(pub);
458 BN_free(priv);
459 BN_free(pub_peer);
460 OPENSSL_free(kat_secret);
461 EVP_PKEY_free(pkey);
462 EVP_PKEY_free(peerkey);
463 EVP_PKEY_CTX_free(kactx);
464 EVP_PKEY_CTX_free(dctx);
465 return ret;
466 }
467 #endif /* OPENSSL_NO_DH */
468
469 /* TODO(3.0): To be removed */
470 static int dummy_evp_call(void *provctx)
471 {
472 OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
473 EVP_MD_CTX *ctx = EVP_MD_CTX_new();
474 EVP_MD *sha256 = EVP_MD_fetch(libctx, "SHA256", NULL);
475 EVP_KDF *kdf = EVP_KDF_fetch(libctx, OSSL_KDF_NAME_PBKDF2, NULL);
476 unsigned char dgst[SHA256_DIGEST_LENGTH];
477 unsigned int dgstlen;
478 int ret = 0;
479 BN_CTX *bnctx = NULL;
480 BIGNUM *a = NULL, *b = NULL;
481 unsigned char randbuf[128];
482 RAND_DRBG *drbg = OPENSSL_CTX_get0_public_drbg(libctx);
483 #ifndef OPENSSL_NO_EC
484 EC_KEY *key = NULL;
485 #endif
486
487 static const char msg[] = "Hello World!";
488 static const unsigned char exptd[] = {
489 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
490 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,
491 0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69
492 };
493
494 if (ctx == NULL || sha256 == NULL || drbg == NULL || kdf == NULL)
495 goto err;
496
497 if (!EVP_DigestInit_ex(ctx, sha256, NULL))
498 goto err;
499 if (!EVP_DigestUpdate(ctx, msg, sizeof(msg) - 1))
500 goto err;
501 if (!EVP_DigestFinal(ctx, dgst, &dgstlen))
502 goto err;
503 if (dgstlen != sizeof(exptd) || memcmp(dgst, exptd, sizeof(exptd)) != 0)
504 goto err;
505
506 bnctx = BN_CTX_new_ex(libctx);
507 if (bnctx == NULL)
508 goto err;
509 BN_CTX_start(bnctx);
510 a = BN_CTX_get(bnctx);
511 b = BN_CTX_get(bnctx);
512 if (b == NULL)
513 goto err;
514 BN_zero(a);
515 if (!BN_one(b)
516 || !BN_add(a, a, b)
517 || BN_cmp(a, b) != 0)
518 goto err;
519
520 if (RAND_DRBG_bytes(drbg, randbuf, sizeof(randbuf)) <= 0)
521 goto err;
522
523 if (!BN_rand_ex(a, 256, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, bnctx))
524 goto err;
525
526 #ifndef OPENSSL_NO_EC
527 /* Do some dummy EC calls */
528 key = EC_KEY_new_by_curve_name_ex(libctx, NID_X9_62_prime256v1);
529 if (key == NULL)
530 goto err;
531
532 if (!EC_KEY_generate_key(key))
533 goto err;
534 #endif
535
536 #ifndef OPENSSL_NO_DSA
537 if (!dsa_key_signature_test(libctx))
538 goto err;
539 #endif
540
541 #ifndef OPENSSL_NO_DH
542 if (!dh_key_exchange_test(libctx))
543 goto err;
544 #endif /* OPENSSL_NO_DH */
545
546 ret = 1;
547 err:
548 BN_CTX_end(bnctx);
549 BN_CTX_free(bnctx);
550
551 EVP_KDF_free(kdf);
552 EVP_MD_CTX_free(ctx);
553 EVP_MD_free(sha256);
554
555 #ifndef OPENSSL_NO_EC
556 EC_KEY_free(key);
557 #endif
558 return ret;
559 }
560
561 static const OSSL_PARAM *fips_gettable_params(const OSSL_PROVIDER *prov)
562 {
563 return fips_param_types;
564 }
565
566 static int fips_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[])
567 {
568 OSSL_PARAM *p;
569
570 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME);
571 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL FIPS Provider"))
572 return 0;
573 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION);
574 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR))
575 return 0;
576 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO);
577 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR))
578 return 0;
579
580 return 1;
581 }
582
583 /* FIPS specific version of the function of the same name in provlib.c */
584 const char *ossl_prov_util_nid_to_name(int nid)
585 {
586 /* We don't have OBJ_nid2n() in FIPS_MODE so we have an explicit list */
587
588 switch (nid) {
589 /* Digests */
590 case NID_sha1:
591 return "SHA1";
592 case NID_sha224:
593 return "SHA-224";
594 case NID_sha256:
595 return "SHA-256";
596 case NID_sha384:
597 return "SHA-384";
598 case NID_sha512:
599 return "SHA-512";
600 case NID_sha512_224:
601 return "SHA-512/224";
602 case NID_sha512_256:
603 return "SHA-512/256";
604 case NID_sha3_224:
605 return "SHA3-224";
606 case NID_sha3_256:
607 return "SHA3-256";
608 case NID_sha3_384:
609 return "SHA3-384";
610 case NID_sha3_512:
611 return "SHA3-512";
612
613 /* Ciphers */
614 case NID_aes_256_ecb:
615 return "AES-256-ECB";
616 case NID_aes_192_ecb:
617 return "AES-192-ECB";
618 case NID_aes_128_ecb:
619 return "AES-128-ECB";
620 case NID_aes_256_cbc:
621 return "AES-256-CBC";
622 case NID_aes_192_cbc:
623 return "AES-192-CBC";
624 case NID_aes_128_cbc:
625 return "AES-128-CBC";
626 case NID_aes_256_ctr:
627 return "AES-256-CTR";
628 case NID_aes_192_ctr:
629 return "AES-192-CTR";
630 case NID_aes_128_ctr:
631 return "AES-128-CTR";
632 case NID_aes_256_xts:
633 return "AES-256-XTS";
634 case NID_aes_128_xts:
635 return "AES-128-XTS";
636 case NID_aes_256_gcm:
637 return "AES-256-GCM";
638 case NID_aes_192_gcm:
639 return "AES-192-GCM";
640 case NID_aes_128_gcm:
641 return "AES-128-GCM";
642 case NID_aes_256_ccm:
643 return "AES-256-CCM";
644 case NID_aes_192_ccm:
645 return "AES-192-CCM";
646 case NID_aes_128_ccm:
647 return "AES-128-CCM";
648 case NID_id_aes256_wrap:
649 return "AES-256-WRAP";
650 case NID_id_aes192_wrap:
651 return "AES-192-WRAP";
652 case NID_id_aes128_wrap:
653 return "AES-128-WRAP";
654 case NID_id_aes256_wrap_pad:
655 return "AES-256-WRAP-PAD";
656 case NID_id_aes192_wrap_pad:
657 return "AES-192-WRAP-PAD";
658 case NID_id_aes128_wrap_pad:
659 return "AES-128-WRAP-PAD";
660 case NID_des_ede3_ecb:
661 return "DES-EDE3";
662 case NID_des_ede3_cbc:
663 return "DES-EDE3-CBC";
664 case NID_aes_256_cbc_hmac_sha256:
665 return "AES-256-CBC-HMAC-SHA256";
666 case NID_aes_128_cbc_hmac_sha256:
667 return "AES-128-CBC-HMAC-SHA256";
668 case NID_aes_256_cbc_hmac_sha1:
669 return "AES-256-CBC-HMAC-SHA1";
670 case NID_aes_128_cbc_hmac_sha1:
671 return "AES-128-CBC-HMAC-SHA1";
672 default:
673 break;
674 }
675
676 return NULL;
677 }
678
679 /*
680 * For the algorithm names, we use the following formula for our primary
681 * names:
682 *
683 * ALGNAME[VERSION?][-SUBNAME[VERSION?]?][-SIZE?][-MODE?]
684 *
685 * VERSION is only present if there are multiple versions of
686 * an alg (MD2, MD4, MD5). It may be omitted if there is only
687 * one version (if a subsequent version is released in the future,
688 * we can always change the canonical name, and add the old name
689 * as an alias).
690 *
691 * SUBNAME may be present where we are combining multiple
692 * algorithms together, e.g. MD5-SHA1.
693 *
694 * SIZE is only present if multiple versions of an algorithm exist
695 * with different sizes (e.g. AES-128-CBC, AES-256-CBC)
696 *
697 * MODE is only present where applicable.
698 *
699 * We add diverse other names where applicable, such as the names that
700 * NIST uses, or that are used for ASN.1 OBJECT IDENTIFIERs, or names
701 * we have used historically.
702 */
703 static const OSSL_ALGORITHM fips_digests[] = {
704 /* Our primary name:NiST name[:our older names] */
705 { "SHA1:SHA-1", "provider=fips,fips=yes", sha1_functions },
706 { "SHA2-224:SHA-224:SHA224", "provider=fips,fips=yes", sha224_functions },
707 { "SHA2-256:SHA-256:SHA256", "provider=fips,fips=yes", sha256_functions },
708 { "SHA2-384:SHA-384:SHA384", "provider=fips,fips=yes", sha384_functions },
709 { "SHA2-512:SHA-512:SHA512", "provider=fips,fips=yes", sha512_functions },
710 { "SHA2-512/224:SHA-512/224:SHA512-224", "provider=fips,fips=yes",
711 sha512_224_functions },
712 { "SHA2-512/256:SHA-512/256:SHA512-256", "provider=fips,fips=yes",
713 sha512_256_functions },
714
715 /* We agree with NIST here, so one name only */
716 { "SHA3-224", "provider=fips,fips=yes", sha3_224_functions },
717 { "SHA3-256", "provider=fips,fips=yes", sha3_256_functions },
718 { "SHA3-384", "provider=fips,fips=yes", sha3_384_functions },
719 { "SHA3-512", "provider=fips,fips=yes", sha3_512_functions },
720 /*
721 * KECCAK-KMAC-128 and KECCAK-KMAC-256 as hashes are mostly useful for
722 * KMAC128 and KMAC256.
723 */
724 { "KECCAK-KMAC-128:KECCAK-KMAC128", "provider=fips,fips=yes", keccak_kmac_128_functions },
725 { "KECCAK-KMAC-256:KECCAK-KMAC256", "provider=fips,fips=yes", keccak_kmac_256_functions },
726
727 { NULL, NULL, NULL }
728 };
729
730 static const OSSL_ALGORITHM_CAPABLE fips_ciphers[] = {
731 /* Our primary name[:ASN.1 OID name][:our older names] */
732 ALG("AES-256-ECB", aes256ecb_functions),
733 ALG("AES-192-ECB", aes192ecb_functions),
734 ALG("AES-128-ECB", aes128ecb_functions),
735 ALG("AES-256-CBC", aes256cbc_functions),
736 ALG("AES-192-CBC", aes192cbc_functions),
737 ALG("AES-128-CBC", aes128cbc_functions),
738 ALG("AES-256-CTR", aes256ctr_functions),
739 ALG("AES-192-CTR", aes192ctr_functions),
740 ALG("AES-128-CTR", aes128ctr_functions),
741 ALG("AES-256-XTS", aes256xts_functions),
742 ALG("AES-128-XTS", aes128xts_functions),
743 ALG("AES-256-GCM:id-aes256-GCM", aes256gcm_functions),
744 ALG("AES-192-GCM:id-aes192-GCM", aes192gcm_functions),
745 ALG("AES-128-GCM:id-aes128-GCM", aes128gcm_functions),
746 ALG("AES-256-CCM:id-aes256-CCM", aes256ccm_functions),
747 ALG("AES-192-CCM:id-aes192-CCM", aes192ccm_functions),
748 ALG("AES-128-CCM:id-aes128-CCM", aes128ccm_functions),
749 ALG("AES-256-WRAP:id-aes256-wrap:AES256-WRAP", aes256wrap_functions),
750 ALG("AES-192-WRAP:id-aes192-wrap:AES192-WRAP", aes192wrap_functions),
751 ALG("AES-128-WRAP:id-aes128-wrap:AES128-WRAP", aes128wrap_functions),
752 ALG("AES-256-WRAP-PAD:id-aes256-wrap-pad:AES256-WRAP-PAD",
753 aes256wrappad_functions),
754 ALG("AES-192-WRAP-PAD:id-aes192-wrap-pad:AES192-WRAP-PAD",
755 aes192wrappad_functions),
756 ALG("AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD",
757 aes128wrappad_functions),
758 ALGC("AES-128-CBC-HMAC-SHA1", aes128cbc_hmac_sha1_functions,
759 cipher_capable_aes_cbc_hmac_sha1),
760 ALGC("AES-256-CBC-HMAC-SHA1", aes256cbc_hmac_sha1_functions,
761 cipher_capable_aes_cbc_hmac_sha1),
762 ALGC("AES-128-CBC-HMAC-SHA256", aes128cbc_hmac_sha256_functions,
763 cipher_capable_aes_cbc_hmac_sha256),
764 ALGC("AES-256-CBC-HMAC-SHA256", aes256cbc_hmac_sha256_functions,
765 cipher_capable_aes_cbc_hmac_sha256),
766 #ifndef OPENSSL_NO_DES
767 ALG("DES-EDE3-ECB:DES-EDE3", tdes_ede3_ecb_functions),
768 ALG("DES-EDE3-CBC:DES3", tdes_ede3_cbc_functions),
769 #endif /* OPENSSL_NO_DES */
770 { { NULL, NULL, NULL }, NULL }
771 };
772 static OSSL_ALGORITHM exported_fips_ciphers[OSSL_NELEM(fips_ciphers)];
773
774 static const OSSL_ALGORITHM fips_macs[] = {
775 #ifndef OPENSSL_NO_CMAC
776 { "CMAC", "provider=fips,fips=yes", cmac_functions },
777 #endif
778 { "GMAC", "provider=fips,fips=yes", gmac_functions },
779 { "HMAC", "provider=fips,fips=yes", hmac_functions },
780 { "KMAC-128:KMAC128", "provider=fips,fips=yes", kmac128_functions },
781 { "KMAC-256:KMAC256", "provider=fips,fips=yes", kmac256_functions },
782 { NULL, NULL, NULL }
783 };
784
785 static const OSSL_ALGORITHM fips_kdfs[] = {
786 { "HKDF", "provider=fips,fips=yes", kdf_hkdf_functions },
787 { "SSKDF", "provider=fips,fips=yes", kdf_sskdf_functions },
788 { "PBKDF2", "provider=fips,fips=yes", kdf_pbkdf2_functions },
789 { "TLS1-PRF", "provider=fips,fips=yes", kdf_tls1_prf_functions },
790 { "KBKDF", "provider=fips,fips=yes", kdf_kbkdf_functions },
791 { NULL, NULL, NULL }
792 };
793
794 static const OSSL_ALGORITHM fips_keyexch[] = {
795 #ifndef OPENSSL_NO_DH
796 { "DH:dhKeyAgreement", "provider=fips,fips=yes", dh_keyexch_functions },
797 #endif
798 #ifndef OPENSSL_NO_EC
799 { "ECDH:id-ecPublicKey", "provider=fips,fips=yes", ecdh_keyexch_functions },
800 #endif
801 { NULL, NULL, NULL }
802 };
803
804 static const OSSL_ALGORITHM fips_signature[] = {
805 #ifndef OPENSSL_NO_DSA
806 { "DSA:dsaEncryption", "provider=fips,fips=yes", dsa_signature_functions },
807 #endif
808 { NULL, NULL, NULL }
809 };
810
811 static const OSSL_ALGORITHM fips_asym_cipher[] = {
812 { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_asym_cipher_functions },
813 { NULL, NULL, NULL }
814 };
815
816 static const OSSL_ALGORITHM fips_keymgmt[] = {
817 #ifndef OPENSSL_NO_DH
818 { "DH:dhKeyAgreement", "provider=fips,fips=yes", dh_keymgmt_functions },
819 #endif
820 #ifndef OPENSSL_NO_DSA
821 { "DSA", "provider=fips,fips=yes", dsa_keymgmt_functions },
822 #endif
823 { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_keymgmt_functions },
824 #ifndef OPENSSL_NO_EC
825 { "EC:id-ecPublicKey", "provider=fips,fips=yes", ec_keymgmt_functions },
826 #endif
827 { NULL, NULL, NULL }
828 };
829
830 static const OSSL_ALGORITHM *fips_query(OSSL_PROVIDER *prov,
831 int operation_id,
832 int *no_cache)
833 {
834 *no_cache = 0;
835 switch (operation_id) {
836 case OSSL_OP_DIGEST:
837 return fips_digests;
838 case OSSL_OP_CIPHER:
839 ossl_prov_cache_exported_algorithms(fips_ciphers, exported_fips_ciphers);
840 return exported_fips_ciphers;
841 case OSSL_OP_MAC:
842 return fips_macs;
843 case OSSL_OP_KDF:
844 return fips_kdfs;
845 case OSSL_OP_KEYMGMT:
846 return fips_keymgmt;
847 case OSSL_OP_KEYEXCH:
848 return fips_keyexch;
849 case OSSL_OP_SIGNATURE:
850 return fips_signature;
851 case OSSL_OP_ASYM_CIPHER:
852 return fips_asym_cipher;
853 }
854 return NULL;
855 }
856
857 /* Functions we provide to the core */
858 static const OSSL_DISPATCH fips_dispatch_table[] = {
859 /*
860 * To release our resources we just need to free the OPENSSL_CTX so we just
861 * use OPENSSL_CTX_free directly as our teardown function
862 */
863 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))OPENSSL_CTX_free },
864 { OSSL_FUNC_PROVIDER_GETTABLE_PARAMS, (void (*)(void))fips_gettable_params },
865 { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))fips_get_params },
866 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
867 { 0, NULL }
868 };
869
870 /* Functions we provide to ourself */
871 static const OSSL_DISPATCH intern_dispatch_table[] = {
872 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
873 { 0, NULL }
874 };
875
876
877 int OSSL_provider_init(const OSSL_PROVIDER *provider,
878 const OSSL_DISPATCH *in,
879 const OSSL_DISPATCH **out,
880 void **provctx)
881 {
882 FIPS_GLOBAL *fgbl;
883 OPENSSL_CTX *ctx;
884 OSSL_self_test_cb_fn *stcbfn = NULL;
885 OSSL_core_get_library_context_fn *c_get_libctx = NULL;
886
887 for (; in->function_id != 0; in++) {
888 switch (in->function_id) {
889 case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT:
890 c_get_libctx = OSSL_get_core_get_library_context(in);
891 break;
892 case OSSL_FUNC_CORE_GETTABLE_PARAMS:
893 c_gettable_params = OSSL_get_core_gettable_params(in);
894 break;
895 case OSSL_FUNC_CORE_GET_PARAMS:
896 c_get_params = OSSL_get_core_get_params(in);
897 break;
898 case OSSL_FUNC_CORE_THREAD_START:
899 c_thread_start = OSSL_get_core_thread_start(in);
900 break;
901 case OSSL_FUNC_CORE_NEW_ERROR:
902 c_new_error = OSSL_get_core_new_error(in);
903 break;
904 case OSSL_FUNC_CORE_SET_ERROR_DEBUG:
905 c_set_error_debug = OSSL_get_core_set_error_debug(in);
906 break;
907 case OSSL_FUNC_CORE_VSET_ERROR:
908 c_vset_error = OSSL_get_core_vset_error(in);
909 break;
910 case OSSL_FUNC_CORE_SET_ERROR_MARK:
911 c_set_error_mark = OSSL_get_core_set_error_mark(in);
912 break;
913 case OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK:
914 c_clear_last_error_mark = OSSL_get_core_clear_last_error_mark(in);
915 break;
916 case OSSL_FUNC_CORE_POP_ERROR_TO_MARK:
917 c_pop_error_to_mark = OSSL_get_core_pop_error_to_mark(in);
918 break;
919 case OSSL_FUNC_CRYPTO_MALLOC:
920 c_CRYPTO_malloc = OSSL_get_CRYPTO_malloc(in);
921 break;
922 case OSSL_FUNC_CRYPTO_ZALLOC:
923 c_CRYPTO_zalloc = OSSL_get_CRYPTO_zalloc(in);
924 break;
925 case OSSL_FUNC_CRYPTO_FREE:
926 c_CRYPTO_free = OSSL_get_CRYPTO_free(in);
927 break;
928 case OSSL_FUNC_CRYPTO_CLEAR_FREE:
929 c_CRYPTO_clear_free = OSSL_get_CRYPTO_clear_free(in);
930 break;
931 case OSSL_FUNC_CRYPTO_REALLOC:
932 c_CRYPTO_realloc = OSSL_get_CRYPTO_realloc(in);
933 break;
934 case OSSL_FUNC_CRYPTO_CLEAR_REALLOC:
935 c_CRYPTO_clear_realloc = OSSL_get_CRYPTO_clear_realloc(in);
936 break;
937 case OSSL_FUNC_CRYPTO_SECURE_MALLOC:
938 c_CRYPTO_secure_malloc = OSSL_get_CRYPTO_secure_malloc(in);
939 break;
940 case OSSL_FUNC_CRYPTO_SECURE_ZALLOC:
941 c_CRYPTO_secure_zalloc = OSSL_get_CRYPTO_secure_zalloc(in);
942 break;
943 case OSSL_FUNC_CRYPTO_SECURE_FREE:
944 c_CRYPTO_secure_free = OSSL_get_CRYPTO_secure_free(in);
945 break;
946 case OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE:
947 c_CRYPTO_secure_clear_free = OSSL_get_CRYPTO_secure_clear_free(in);
948 break;
949 case OSSL_FUNC_CRYPTO_SECURE_ALLOCATED:
950 c_CRYPTO_secure_allocated = OSSL_get_CRYPTO_secure_allocated(in);
951 break;
952 case OSSL_FUNC_BIO_NEW_FILE:
953 selftest_params.bio_new_file_cb = OSSL_get_BIO_new_file(in);
954 break;
955 case OSSL_FUNC_BIO_NEW_MEMBUF:
956 selftest_params.bio_new_buffer_cb = OSSL_get_BIO_new_membuf(in);
957 break;
958 case OSSL_FUNC_BIO_READ_EX:
959 selftest_params.bio_read_ex_cb = OSSL_get_BIO_read_ex(in);
960 break;
961 case OSSL_FUNC_BIO_FREE:
962 selftest_params.bio_free_cb = OSSL_get_BIO_free(in);
963 break;
964 case OSSL_FUNC_SELF_TEST_CB: {
965 stcbfn = OSSL_get_self_test_cb(in);
966 break;
967 }
968 default:
969 /* Just ignore anything we don't understand */
970 break;
971 }
972 }
973
974 if (stcbfn != NULL && c_get_libctx != NULL) {
975 stcbfn(c_get_libctx(provider), &selftest_params.cb,
976 &selftest_params.cb_arg);
977 }
978 else {
979 selftest_params.cb = NULL;
980 selftest_params.cb_arg = NULL;
981 }
982
983 if (!c_get_params(provider, core_params))
984 return 0;
985
986 /* Create a context. */
987 if ((ctx = OPENSSL_CTX_new()) == NULL)
988 return 0;
989 if ((fgbl = openssl_ctx_get_data(ctx, OPENSSL_CTX_FIPS_PROV_INDEX,
990 &fips_prov_ossl_ctx_method)) == NULL) {
991 OPENSSL_CTX_free(ctx);
992 return 0;
993 }
994
995 fgbl->prov = provider;
996
997 selftest_params.libctx = PROV_LIBRARY_CONTEXT_OF(ctx);
998 if (!SELF_TEST_post(&selftest_params, 0)) {
999 OPENSSL_CTX_free(ctx);
1000 return 0;
1001 }
1002
1003 /*
1004 * TODO(3.0): Remove me. This is just a dummy call to demonstrate making
1005 * EVP calls from within the FIPS module.
1006 */
1007 if (!dummy_evp_call(ctx)) {
1008 OPENSSL_CTX_free(ctx);
1009 return 0;
1010 }
1011
1012 *out = fips_dispatch_table;
1013 *provctx = ctx;
1014
1015 return 1;
1016 }
1017
1018 /*
1019 * The internal init function used when the FIPS module uses EVP to call
1020 * another algorithm also in the FIPS module. This is a recursive call that has
1021 * been made from within the FIPS module itself. To make this work, we populate
1022 * the provider context of this inner instance with the same library context
1023 * that was used in the EVP call that initiated this recursive call.
1024 */
1025 OSSL_provider_init_fn fips_intern_provider_init;
1026 int fips_intern_provider_init(const OSSL_PROVIDER *provider,
1027 const OSSL_DISPATCH *in,
1028 const OSSL_DISPATCH **out,
1029 void **provctx)
1030 {
1031 OSSL_core_get_library_context_fn *c_get_libctx = NULL;
1032
1033 for (; in->function_id != 0; in++) {
1034 switch (in->function_id) {
1035 case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT:
1036 c_get_libctx = OSSL_get_core_get_library_context(in);
1037 break;
1038 default:
1039 break;
1040 }
1041 }
1042
1043 if (c_get_libctx == NULL)
1044 return 0;
1045
1046 *provctx = c_get_libctx(provider);
1047
1048 /*
1049 * Safety measure... we should get the library context that was
1050 * created up in OSSL_provider_init().
1051 */
1052 if (*provctx == NULL)
1053 return 0;
1054
1055 *out = intern_dispatch_table;
1056 return 1;
1057 }
1058
1059 void ERR_new(void)
1060 {
1061 c_new_error(NULL);
1062 }
1063
1064 void ERR_set_debug(const char *file, int line, const char *func)
1065 {
1066 c_set_error_debug(NULL, file, line, func);
1067 }
1068
1069 void ERR_set_error(int lib, int reason, const char *fmt, ...)
1070 {
1071 va_list args;
1072
1073 va_start(args, fmt);
1074 c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
1075 va_end(args);
1076 }
1077
1078 void ERR_vset_error(int lib, int reason, const char *fmt, va_list args)
1079 {
1080 c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
1081 }
1082
1083 int ERR_set_mark(void)
1084 {
1085 return c_set_error_mark(NULL);
1086 }
1087
1088 int ERR_clear_last_mark(void)
1089 {
1090 return c_clear_last_error_mark(NULL);
1091 }
1092
1093 int ERR_pop_to_mark(void)
1094 {
1095 return c_pop_error_to_mark(NULL);
1096 }
1097
1098 const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *ctx)
1099 {
1100 FIPS_GLOBAL *fgbl = openssl_ctx_get_data(ctx, OPENSSL_CTX_FIPS_PROV_INDEX,
1101 &fips_prov_ossl_ctx_method);
1102
1103 if (fgbl == NULL)
1104 return NULL;
1105
1106 return fgbl->prov;
1107 }
1108
1109 void *CRYPTO_malloc(size_t num, const char *file, int line)
1110 {
1111 return c_CRYPTO_malloc(num, file, line);
1112 }
1113
1114 void *CRYPTO_zalloc(size_t num, const char *file, int line)
1115 {
1116 return c_CRYPTO_zalloc(num, file, line);
1117 }
1118
1119 void CRYPTO_free(void *ptr, const char *file, int line)
1120 {
1121 c_CRYPTO_free(ptr, file, line);
1122 }
1123
1124 void CRYPTO_clear_free(void *ptr, size_t num, const char *file, int line)
1125 {
1126 c_CRYPTO_clear_free(ptr, num, file, line);
1127 }
1128
1129 void *CRYPTO_realloc(void *addr, size_t num, const char *file, int line)
1130 {
1131 return c_CRYPTO_realloc(addr, num, file, line);
1132 }
1133
1134 void *CRYPTO_clear_realloc(void *addr, size_t old_num, size_t num,
1135 const char *file, int line)
1136 {
1137 return c_CRYPTO_clear_realloc(addr, old_num, num, file, line);
1138 }
1139
1140 void *CRYPTO_secure_malloc(size_t num, const char *file, int line)
1141 {
1142 return c_CRYPTO_secure_malloc(num, file, line);
1143 }
1144
1145 void *CRYPTO_secure_zalloc(size_t num, const char *file, int line)
1146 {
1147 return c_CRYPTO_secure_zalloc(num, file, line);
1148 }
1149
1150 void CRYPTO_secure_free(void *ptr, const char *file, int line)
1151 {
1152 c_CRYPTO_secure_free(ptr, file, line);
1153 }
1154
1155 void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *file, int line)
1156 {
1157 c_CRYPTO_secure_clear_free(ptr, num, file, line);
1158 }
1159
1160 int CRYPTO_secure_allocated(const void *ptr)
1161 {
1162 return c_CRYPTO_secure_allocated(ptr);
1163 }