[thirdparty/openssl.git] / providers / fips / fipsprov.c

/*
 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <string.h>
#include <stdio.h>
#include <openssl/core.h>
#include <openssl/core_numbers.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/err.h>
#include <openssl/evp.h>

/* TODO(3.0): Needed for dummy_evp_call(). To be removed */
#include <openssl/sha.h>
#include <openssl/rand_drbg.h>

#include "internal/cryptlib.h"
#include "internal/property.h"
#include "internal/evp_int.h"
#include "internal/provider_algs.h"
#include "internal/provider_ctx.h"
#include "internal/providercommon.h"

extern OSSL_core_thread_start_fn *c_thread_start;

/*
 * TODO(3.0): Should these be stored in the provider side provctx? Could they
 * ever be different from one init to the next? Unfortunately we can't do this
 * at the moment because c_put_error/c_add_error_vdata do not provide
 * us with the OPENSSL_CTX as a parameter.
 */
/* Functions provided by the core */
static OSSL_core_get_param_types_fn *c_get_param_types;
static OSSL_core_get_params_fn *c_get_params;
OSSL_core_thread_start_fn *c_thread_start;
static OSSL_core_new_error_fn *c_new_error;
static OSSL_core_set_error_debug_fn *c_set_error_debug;
static OSSL_core_vset_error_fn *c_vset_error;
static OSSL_CRYPTO_malloc_fn *c_CRYPTO_malloc;
static OSSL_CRYPTO_zalloc_fn *c_CRYPTO_zalloc;
static OSSL_CRYPTO_free_fn *c_CRYPTO_free;
static OSSL_CRYPTO_clear_free_fn *c_CRYPTO_clear_free;
static OSSL_CRYPTO_realloc_fn *c_CRYPTO_realloc;
static OSSL_CRYPTO_clear_realloc_fn *c_CRYPTO_clear_realloc;
static OSSL_CRYPTO_secure_malloc_fn *c_CRYPTO_secure_malloc;
static OSSL_CRYPTO_secure_zalloc_fn *c_CRYPTO_secure_zalloc;
static OSSL_CRYPTO_secure_free_fn *c_CRYPTO_secure_free;
static OSSL_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free;
static OSSL_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated;

typedef struct fips_global_st {
    const OSSL_PROVIDER *prov;
} FIPS_GLOBAL;

static void *fips_prov_ossl_ctx_new(OPENSSL_CTX *libctx)
{
    FIPS_GLOBAL *fgbl = OPENSSL_zalloc(sizeof(*fgbl));

    return fgbl;
}

static void fips_prov_ossl_ctx_free(void *fgbl)
{
    OPENSSL_free(fgbl);
}

static const OPENSSL_CTX_METHOD fips_prov_ossl_ctx_method = {
    fips_prov_ossl_ctx_new,
    fips_prov_ossl_ctx_free,
};


/* Parameters we provide to the core */
static const OSSL_PARAM fips_param_types[] = {
    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0),
    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0),
    OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0),
    OSSL_PARAM_END
};

/* TODO(3.0): To be removed */
static int dummy_evp_call(void *provctx)
{
    OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
    EVP_MD_CTX *ctx = EVP_MD_CTX_new();
    EVP_MD *sha256 = EVP_MD_fetch(libctx, "SHA256", NULL);
    char msg[] = "Hello World!";
    const unsigned char exptd[] = {
        0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
        0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,
        0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69
    };
    unsigned int dgstlen = 0;
    unsigned char dgst[SHA256_DIGEST_LENGTH];
    int ret = 0;
    BN_CTX *bnctx = NULL;
    BIGNUM *a = NULL, *b = NULL;
    unsigned char randbuf[128];
    RAND_DRBG *drbg = OPENSSL_CTX_get0_public_drbg(libctx);

    if (ctx == NULL || sha256 == NULL || drbg == NULL)
        goto err;

    if (!EVP_DigestInit_ex(ctx, sha256, NULL))
        goto err;
    if (!EVP_DigestUpdate(ctx, msg, sizeof(msg) - 1))
        goto err;
    if (!EVP_DigestFinal(ctx, dgst, &dgstlen))
        goto err;
    if (dgstlen != sizeof(exptd) || memcmp(dgst, exptd, sizeof(exptd)) != 0)
        goto err;

    bnctx = BN_CTX_new_ex(libctx);
    if (bnctx == NULL)
        goto err;
    BN_CTX_start(bnctx);
    a = BN_CTX_get(bnctx);
    b = BN_CTX_get(bnctx);
    if (b == NULL)
        goto err;
    BN_zero(a);
    if (!BN_one(b)
        || !BN_add(a, a, b)
        || BN_cmp(a, b) != 0)
        goto err;

    if (RAND_DRBG_bytes(drbg, randbuf, sizeof(randbuf)) <= 0)
        goto err;

    if (!BN_rand_ex(a, 256, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, bnctx))
        goto err;

    ret = 1;
 err:
    BN_CTX_end(bnctx);
    BN_CTX_free(bnctx);

    EVP_MD_CTX_free(ctx);
    EVP_MD_meth_free(sha256);
    return ret;
}

static const OSSL_PARAM *fips_get_param_types(const OSSL_PROVIDER *prov)
{
    return fips_param_types;
}

static int fips_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[])
{
    OSSL_PARAM *p;

    p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME);
    if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL FIPS Provider"))
        return 0;
    p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION);
    if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR))
        return 0;
    p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO);
    if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR))
        return 0;

    return 1;
}

/* FIPS specific version of the function of the same name in provlib.c */
const char *ossl_prov_util_nid_to_name(int nid)
{
    /* We don't have OBJ_nid2n() in FIPS_MODE so we have an explicit list */

    switch (nid) {
    /* Digests */
    case NID_sha1:
        return "SHA224";
    case NID_sha224:
        return "SHA224";
    case NID_sha256:
        return "SHA256";
    case NID_sha384:
        return "SHA384";
    case NID_sha512:
        return "SHA512";
    case NID_sha512_224:
        return "SHA512-224";
    case NID_sha512_256:
        return "SHA512-256";
    case NID_sha3_224:
        return "SHA3-224";
    case NID_sha3_256:
        return "SHA3-256";
    case NID_sha3_384:
        return "SHA3-384";
    case NID_sha3_512:
        return "SHA3-512";

    /* Ciphers */
    case NID_aes_256_ecb:
        return "AES-256-ECB";
    case NID_aes_192_ecb:
        return "AES-192-ECB";
    case NID_aes_128_ecb:
        return "AES-128-ECB";
    case NID_aes_256_cbc:
        return "AES-256-CBC";
    case NID_aes_192_cbc:
        return "AES-192-CBC";
    case NID_aes_128_cbc:
        return "AES-128-CBC";
    case NID_aes_256_ctr:
        return "AES-256-CTR";
    case NID_aes_192_ctr:
        return "AES-192-CTR";
    case NID_aes_128_ctr:
        return "AES-128-CTR";
    }

    return NULL;
}

static const OSSL_ALGORITHM fips_digests[] = {
    { "SHA1", "fips=yes", sha1_functions },
    { "SHA224", "fips=yes", sha224_functions },
    { "SHA256", "fips=yes", sha256_functions },
    { "SHA384", "fips=yes", sha384_functions },
    { "SHA512", "fips=yes", sha512_functions },
    { "SHA512-224", "fips=yes", sha512_224_functions },
    { "SHA512-256", "fips=yes", sha512_256_functions },
    { "SHA3-224", "fips=yes", sha3_224_functions },
    { "SHA3-256", "fips=yes", sha3_256_functions },
    { "SHA3-384", "fips=yes", sha3_384_functions },
    { "SHA3-512", "fips=yes", sha3_512_functions },
    { "KMAC128", "fips=yes", keccak_kmac_128_functions },
    { "KMAC256", "fips=yes", keccak_kmac_256_functions },

    { NULL, NULL, NULL }
};

static const OSSL_ALGORITHM fips_ciphers[] = {
    { "AES-256-ECB", "fips=yes", aes256ecb_functions },
    { "AES-192-ECB", "fips=yes", aes192ecb_functions },
    { "AES-128-ECB", "fips=yes", aes128ecb_functions },
    { "AES-256-CBC", "fips=yes", aes256cbc_functions },
    { "AES-192-CBC", "fips=yes", aes192cbc_functions },
    { "AES-128-CBC", "fips=yes", aes128cbc_functions },
    { "AES-256-CTR", "fips=yes", aes256ctr_functions },
    { "AES-192-CTR", "fips=yes", aes192ctr_functions },
    { "AES-128-CTR", "fips=yes", aes128ctr_functions },
    { "id-aes256-GCM", "fips=yes", aes256gcm_functions },
    { "id-aes192-GCM", "fips=yes", aes192gcm_functions },
    { "id-aes128-GCM", "fips=yes", aes128gcm_functions },
    { NULL, NULL, NULL }
};

static const OSSL_ALGORITHM *fips_query(OSSL_PROVIDER *prov,
                                         int operation_id,
                                         int *no_cache)
{
    *no_cache = 0;
    switch (operation_id) {
    case OSSL_OP_DIGEST:
        return fips_digests;
    case OSSL_OP_CIPHER:
        return fips_ciphers;
    }
    return NULL;
}

/* Functions we provide to the core */
static const OSSL_DISPATCH fips_dispatch_table[] = {
    /*
     * To release our resources we just need to free the OPENSSL_CTX so we just
     * use OPENSSL_CTX_free directly as our teardown function
     */
    { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))OPENSSL_CTX_free },
    { OSSL_FUNC_PROVIDER_GET_PARAM_TYPES, (void (*)(void))fips_get_param_types },
    { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))fips_get_params },
    { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
    { 0, NULL }
};

/* Functions we provide to ourself */
static const OSSL_DISPATCH intern_dispatch_table[] = {
    { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
    { 0, NULL }
};


int OSSL_provider_init(const OSSL_PROVIDER *provider,
                       const OSSL_DISPATCH *in,
                       const OSSL_DISPATCH **out,
                       void **provctx)
{
    FIPS_GLOBAL *fgbl;
    OPENSSL_CTX *ctx;

    for (; in->function_id != 0; in++) {
        switch (in->function_id) {
        case OSSL_FUNC_CORE_GET_PARAM_TYPES:
            c_get_param_types = OSSL_get_core_get_param_types(in);
            break;
        case OSSL_FUNC_CORE_GET_PARAMS:
            c_get_params = OSSL_get_core_get_params(in);
            break;
        case OSSL_FUNC_CORE_THREAD_START:
            c_thread_start = OSSL_get_core_thread_start(in);
            break;
        case OSSL_FUNC_CORE_NEW_ERROR:
            c_new_error = OSSL_get_core_new_error(in);
            break;
        case OSSL_FUNC_CORE_SET_ERROR_DEBUG:
            c_set_error_debug = OSSL_get_core_set_error_debug(in);
            break;
        case OSSL_FUNC_CORE_VSET_ERROR:
            c_vset_error = OSSL_get_core_vset_error(in);
            break;
        case OSSL_FUNC_CRYPTO_MALLOC:
            c_CRYPTO_malloc = OSSL_get_CRYPTO_malloc(in);
            break;
        case OSSL_FUNC_CRYPTO_ZALLOC:
            c_CRYPTO_zalloc = OSSL_get_CRYPTO_zalloc(in);
            break;
        case OSSL_FUNC_CRYPTO_FREE:
            c_CRYPTO_free = OSSL_get_CRYPTO_free(in);
            break;
        case OSSL_FUNC_CRYPTO_CLEAR_FREE:
            c_CRYPTO_clear_free = OSSL_get_CRYPTO_clear_free(in);
            break;
        case OSSL_FUNC_CRYPTO_REALLOC:
            c_CRYPTO_realloc = OSSL_get_CRYPTO_realloc(in);
            break;
        case OSSL_FUNC_CRYPTO_CLEAR_REALLOC:
            c_CRYPTO_clear_realloc = OSSL_get_CRYPTO_clear_realloc(in);
            break;
        case OSSL_FUNC_CRYPTO_SECURE_MALLOC:
            c_CRYPTO_secure_malloc = OSSL_get_CRYPTO_secure_malloc(in);
            break;
        case OSSL_FUNC_CRYPTO_SECURE_ZALLOC:
            c_CRYPTO_secure_zalloc = OSSL_get_CRYPTO_secure_zalloc(in);
            break;
        case OSSL_FUNC_CRYPTO_SECURE_FREE:
            c_CRYPTO_secure_free = OSSL_get_CRYPTO_secure_free(in);
            break;
        case OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE:
            c_CRYPTO_secure_clear_free = OSSL_get_CRYPTO_secure_clear_free(in);
            break;
        case OSSL_FUNC_CRYPTO_SECURE_ALLOCATED:
            c_CRYPTO_secure_allocated = OSSL_get_CRYPTO_secure_allocated(in);
            break;
        default:
            /* Just ignore anything we don't understand */
            break;
        }
    }

    /*  Create a context. */
    if ((ctx = OPENSSL_CTX_new()) == NULL)
        return 0;
    if ((fgbl = openssl_ctx_get_data(ctx, OPENSSL_CTX_FIPS_PROV_INDEX,
                                     &fips_prov_ossl_ctx_method)) == NULL) {
        OPENSSL_CTX_free(ctx);
        return 0;
    }
    fgbl->prov = provider;
    *out = fips_dispatch_table;
    *provctx = ctx;

    /*
     * TODO(3.0): Remove me. This is just a dummy call to demonstrate making
     * EVP calls from within the FIPS module.
     */
    if (!dummy_evp_call(*provctx)) {
        OPENSSL_CTX_free(*provctx);
        *provctx = NULL;
        return 0;
    }

    return 1;
}

/*
 * The internal init function used when the FIPS module uses EVP to call
 * another algorithm also in the FIPS module. This is a recursive call that has
 * been made from within the FIPS module itself. To make this work, we populate
 * the provider context of this inner instance with the same library context
 * that was used in the EVP call that initiated this recursive call.
 */
OSSL_provider_init_fn fips_intern_provider_init;
int fips_intern_provider_init(const OSSL_PROVIDER *provider,
                              const OSSL_DISPATCH *in,
                              const OSSL_DISPATCH **out,
                              void **provctx)
{
    OSSL_core_get_library_context_fn *c_get_libctx = NULL;

    for (; in->function_id != 0; in++) {
        switch (in->function_id) {
        case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT:
            c_get_libctx = OSSL_get_core_get_library_context(in);
            break;
        default:
            break;
        }
    }

    if (c_get_libctx == NULL)
        return 0;

    *provctx = c_get_libctx(provider);

    /*
     * Safety measure...  we should get the library context that was
     * created up in OSSL_provider_init().
     */
    if (*provctx == NULL)
        return 0;

    *out = intern_dispatch_table;
    return 1;
}

void ERR_new(void)
{
    c_new_error(NULL);
}

void ERR_set_debug(const char *file, int line, const char *func)
{
    c_set_error_debug(NULL, file, line, func);
}

void ERR_set_error(int lib, int reason, const char *fmt, ...)
{
    va_list args;

    va_start(args, fmt);
    c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
    va_end(args);
}

void ERR_vset_error(int lib, int reason, const char *fmt, va_list args)
{
    c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
}

const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *ctx)
{
    FIPS_GLOBAL *fgbl = openssl_ctx_get_data(ctx, OPENSSL_CTX_FIPS_PROV_INDEX,
                                             &fips_prov_ossl_ctx_method);

    if (fgbl == NULL)
        return NULL;

    return fgbl->prov;
}

void *CRYPTO_malloc(size_t num, const char *file, int line)
{
    return c_CRYPTO_malloc(num, file, line);
}

void *CRYPTO_zalloc(size_t num, const char *file, int line)
{
    return c_CRYPTO_zalloc(num, file, line);
}

void CRYPTO_free(void *ptr, const char *file, int line)
{
    c_CRYPTO_free(ptr, file, line);
}

void CRYPTO_clear_free(void *ptr, size_t num, const char *file, int line)
{
    c_CRYPTO_clear_free(ptr, num, file, line);
}

void *CRYPTO_realloc(void *addr, size_t num, const char *file, int line)
{
    return c_CRYPTO_realloc(addr, num, file, line);
}

void *CRYPTO_clear_realloc(void *addr, size_t old_num, size_t num,
                           const char *file, int line)
{
    return c_CRYPTO_clear_realloc(addr, old_num, num, file, line);
}

void *CRYPTO_secure_malloc(size_t num, const char *file, int line)
{
    return c_CRYPTO_secure_malloc(num, file, line);
}

void *CRYPTO_secure_zalloc(size_t num, const char *file, int line)
{
    return c_CRYPTO_secure_zalloc(num, file, line);
}

void CRYPTO_secure_free(void *ptr, const char *file, int line)
{
    c_CRYPTO_secure_free(ptr, file, line);
}

void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *file, int line)
{
    c_CRYPTO_secure_clear_free(ptr, num, file, line);
}

int CRYPTO_secure_allocated(const void *ptr)
{
    return c_CRYPTO_secure_allocated(ptr);
}
Commit	Line	Data
9efa0ae0 MC	1	/*
	2	* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	#include <string.h>
	11	#include <stdio.h>
	12	#include <openssl/core.h>
	13	#include <openssl/core_numbers.h>
	14	#include <openssl/core_names.h>
	15	#include <openssl/params.h>
3593266d	16	#include <openssl/err.h>
319e518a	17	#include <openssl/evp.h>
45c54042	18
319e518a MC	19	/* TODO(3.0): Needed for dummy_evp_call(). To be removed */
319e518a MC	20	#include <openssl/sha.h>
45c54042 MC	21	#include <openssl/rand_drbg.h>
45c54042 MC	22
3593266d	23	#include "internal/cryptlib.h"
319e518a MC	24	#include "internal/property.h"
319e518a MC	25	#include "internal/evp_int.h"
66ad63e8	26	#include "internal/provider_algs.h"
bb751e11	27	#include "internal/provider_ctx.h"
da747958	28	#include "internal/providercommon.h"
9efa0ae0	29
b60cba3c RS	30	extern OSSL_core_thread_start_fn *c_thread_start;
b60cba3c RS	31
da747958 MC	32	/*
	33	* TODO(3.0): Should these be stored in the provider side provctx? Could they
	34	* ever be different from one init to the next? Unfortunately we can't do this
b60cba3c RS	35	* at the moment because c_put_error/c_add_error_vdata do not provide
b60cba3c RS	36	* us with the OPENSSL_CTX as a parameter.
da747958	37	*/
9efa0ae0	38	/* Functions provided by the core */
b60cba3c RS	39	static OSSL_core_get_param_types_fn *c_get_param_types;
	40	static OSSL_core_get_params_fn *c_get_params;
	41	OSSL_core_thread_start_fn *c_thread_start;
036913b1 RL	42	static OSSL_core_new_error_fn *c_new_error;
	43	static OSSL_core_set_error_debug_fn *c_set_error_debug;
	44	static OSSL_core_vset_error_fn *c_vset_error;
b60cba3c RS	45	static OSSL_CRYPTO_malloc_fn *c_CRYPTO_malloc;
b60cba3c RS	46	static OSSL_CRYPTO_zalloc_fn *c_CRYPTO_zalloc;
b60cba3c RS	47	static OSSL_CRYPTO_free_fn *c_CRYPTO_free;
	48	static OSSL_CRYPTO_clear_free_fn *c_CRYPTO_clear_free;
	49	static OSSL_CRYPTO_realloc_fn *c_CRYPTO_realloc;
	50	static OSSL_CRYPTO_clear_realloc_fn *c_CRYPTO_clear_realloc;
	51	static OSSL_CRYPTO_secure_malloc_fn *c_CRYPTO_secure_malloc;
	52	static OSSL_CRYPTO_secure_zalloc_fn *c_CRYPTO_secure_zalloc;
	53	static OSSL_CRYPTO_secure_free_fn *c_CRYPTO_secure_free;
	54	static OSSL_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free;
	55	static OSSL_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated;
9efa0ae0	56
da747958 MC	57	typedef struct fips_global_st {
	58	const OSSL_PROVIDER *prov;
	59	} FIPS_GLOBAL;
	60
	61	static void fips_prov_ossl_ctx_new(OPENSSL_CTX libctx)
	62	{
	63	FIPS_GLOBAL fgbl = OPENSSL_zalloc(sizeof(fgbl));
	64
	65	return fgbl;
	66	}
	67
	68	static void fips_prov_ossl_ctx_free(void *fgbl)
	69	{
	70	OPENSSL_free(fgbl);
	71	}
	72
	73	static const OPENSSL_CTX_METHOD fips_prov_ossl_ctx_method = {
	74	fips_prov_ossl_ctx_new,
	75	fips_prov_ossl_ctx_free,
	76	};
	77
	78
9efa0ae0	79	/* Parameters we provide to the core */
26175013 RL	80	static const OSSL_PARAM fips_param_types[] = {
	81	OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0),
	82	OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0),
	83	OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0),
	84	OSSL_PARAM_END
9efa0ae0 MC	85	};
9efa0ae0 MC	86
319e518a	87	/* TODO(3.0): To be removed */
bb751e11	88	static int dummy_evp_call(void *provctx)
3593266d	89	{
bb751e11	90	OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
319e518a MC	91	EVP_MD_CTX *ctx = EVP_MD_CTX_new();
	92	EVP_MD *sha256 = EVP_MD_fetch(libctx, "SHA256", NULL);
	93	char msg[] = "Hello World!";
	94	const unsigned char exptd[] = {
	95	0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
	96	0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,
	97	0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69
	98	};
	99	unsigned int dgstlen = 0;
	100	unsigned char dgst[SHA256_DIGEST_LENGTH];
	101	int ret = 0;
444ab3ab MC	102	BN_CTX *bnctx = NULL;
444ab3ab MC	103	BIGNUM a = NULL, b = NULL;
45c54042 MC	104	unsigned char randbuf[128];
45c54042 MC	105	RAND_DRBG *drbg = OPENSSL_CTX_get0_public_drbg(libctx);
319e518a	106
45c54042	107	if (ctx == NULL \|\| sha256 == NULL \|\| drbg == NULL)
319e518a MC	108	goto err;
	109
	110	if (!EVP_DigestInit_ex(ctx, sha256, NULL))
	111	goto err;
	112	if (!EVP_DigestUpdate(ctx, msg, sizeof(msg) - 1))
	113	goto err;
	114	if (!EVP_DigestFinal(ctx, dgst, &dgstlen))
	115	goto err;
	116	if (dgstlen != sizeof(exptd) \|\| memcmp(dgst, exptd, sizeof(exptd)) != 0)
	117	goto err;
	118
444ab3ab MC	119	bnctx = BN_CTX_new_ex(libctx);
	120	if (bnctx == NULL)
	121	goto err;
	122	BN_CTX_start(bnctx);
	123	a = BN_CTX_get(bnctx);
	124	b = BN_CTX_get(bnctx);
	125	if (b == NULL)
	126	goto err;
	127	BN_zero(a);
	128	if (!BN_one(b)
	129	\|\| !BN_add(a, a, b)
	130	\|\| BN_cmp(a, b) != 0)
	131	goto err;
4bd8b240	132
45c54042 MC	133	if (RAND_DRBG_bytes(drbg, randbuf, sizeof(randbuf)) <= 0)
	134	goto err;
	135
eba3ebd7 MC	136	if (!BN_rand_ex(a, 256, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, bnctx))
	137	goto err;
	138
319e518a MC	139	ret = 1;
319e518a MC	140	err:
444ab3ab MC	141	BN_CTX_end(bnctx);
444ab3ab MC	142	BN_CTX_free(bnctx);
4bd8b240	143
319e518a MC	144	EVP_MD_CTX_free(ctx);
	145	EVP_MD_meth_free(sha256);
	146	return ret;
3593266d MC	147	}
3593266d MC	148
26175013	149	static const OSSL_PARAM fips_get_param_types(const OSSL_PROVIDER prov)
9efa0ae0 MC	150	{
	151	return fips_param_types;
	152	}
	153
4e7991b4	154	static int fips_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[])
9efa0ae0	155	{
4e7991b4	156	OSSL_PARAM *p;
9efa0ae0 MC	157
	158	p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME);
	159	if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL FIPS Provider"))
	160	return 0;
	161	p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION);
	162	if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR))
	163	return 0;
	164	p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO);
	165	if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR))
	166	return 0;
	167
	168	return 1;
	169	}
	170
4cecf7a1 MC	171	/* FIPS specific version of the function of the same name in provlib.c */
	172	const char *ossl_prov_util_nid_to_name(int nid)
	173	{
	174	/* We don't have OBJ_nid2n() in FIPS_MODE so we have an explicit list */
	175
	176	switch (nid) {
	177	/* Digests */
	178	case NID_sha1:
	179	return "SHA224";
	180	case NID_sha224:
	181	return "SHA224";
	182	case NID_sha256:
	183	return "SHA256";
	184	case NID_sha384:
	185	return "SHA384";
	186	case NID_sha512:
	187	return "SHA512";
	188	case NID_sha512_224:
	189	return "SHA512-224";
	190	case NID_sha512_256:
	191	return "SHA512-256";
	192	case NID_sha3_224:
	193	return "SHA3-224";
	194	case NID_sha3_256:
	195	return "SHA3-256";
	196	case NID_sha3_384:
	197	return "SHA3-384";
	198	case NID_sha3_512:
	199	return "SHA3-512";
	200
	201	/* Ciphers */
	202	case NID_aes_256_ecb:
	203	return "AES-256-ECB";
	204	case NID_aes_192_ecb:
	205	return "AES-192-ECB";
	206	case NID_aes_128_ecb:
	207	return "AES-128-ECB";
	208	case NID_aes_256_cbc:
	209	return "AES-256-CBC";
	210	case NID_aes_192_cbc:
	211	return "AES-192-CBC";
	212	case NID_aes_128_cbc:
	213	return "AES-128-CBC";
	214	case NID_aes_256_ctr:
	215	return "AES-256-CTR";
	216	case NID_aes_192_ctr:
	217	return "AES-192-CTR";
	218	case NID_aes_128_ctr:
	219	return "AES-128-CTR";
	220	}
	221
	222	return NULL;
	223	}
	224
9efa0ae0	225	static const OSSL_ALGORITHM fips_digests[] = {
d5e5e2ff SL	226	{ "SHA1", "fips=yes", sha1_functions },
d5e5e2ff SL	227	{ "SHA224", "fips=yes", sha224_functions },
9efa0ae0	228	{ "SHA256", "fips=yes", sha256_functions },
d5e5e2ff SL	229	{ "SHA384", "fips=yes", sha384_functions },
	230	{ "SHA512", "fips=yes", sha512_functions },
	231	{ "SHA512-224", "fips=yes", sha512_224_functions },
	232	{ "SHA512-256", "fips=yes", sha512_256_functions },
	233	{ "SHA3-224", "fips=yes", sha3_224_functions },
	234	{ "SHA3-256", "fips=yes", sha3_256_functions },
	235	{ "SHA3-384", "fips=yes", sha3_384_functions },
	236	{ "SHA3-512", "fips=yes", sha3_512_functions },
	237	{ "KMAC128", "fips=yes", keccak_kmac_128_functions },
	238	{ "KMAC256", "fips=yes", keccak_kmac_256_functions },
	239
9efa0ae0 MC	240	{ NULL, NULL, NULL }
	241	};
	242
66ad63e8 MC	243	static const OSSL_ALGORITHM fips_ciphers[] = {
	244	{ "AES-256-ECB", "fips=yes", aes256ecb_functions },
	245	{ "AES-192-ECB", "fips=yes", aes192ecb_functions },
	246	{ "AES-128-ECB", "fips=yes", aes128ecb_functions },
	247	{ "AES-256-CBC", "fips=yes", aes256cbc_functions },
	248	{ "AES-192-CBC", "fips=yes", aes192cbc_functions },
	249	{ "AES-128-CBC", "fips=yes", aes128cbc_functions },
	250	{ "AES-256-CTR", "fips=yes", aes256ctr_functions },
	251	{ "AES-192-CTR", "fips=yes", aes192ctr_functions },
	252	{ "AES-128-CTR", "fips=yes", aes128ctr_functions },
a672a02a SL	253	{ "id-aes256-GCM", "fips=yes", aes256gcm_functions },
	254	{ "id-aes192-GCM", "fips=yes", aes192gcm_functions },
	255	{ "id-aes128-GCM", "fips=yes", aes128gcm_functions },
66ad63e8 MC	256	{ NULL, NULL, NULL }
	257	};
	258
9efa0ae0 MC	259	static const OSSL_ALGORITHM fips_query(OSSL_PROVIDER prov,
	260	int operation_id,
	261	int *no_cache)
	262	{
	263	*no_cache = 0;
	264	switch (operation_id) {
	265	case OSSL_OP_DIGEST:
	266	return fips_digests;
66ad63e8 MC	267	case OSSL_OP_CIPHER:
66ad63e8 MC	268	return fips_ciphers;
9efa0ae0 MC	269	}
	270	return NULL;
	271	}
	272
	273	/* Functions we provide to the core */
	274	static const OSSL_DISPATCH fips_dispatch_table[] = {
319e518a MC	275	/*
	276	* To release our resources we just need to free the OPENSSL_CTX so we just
	277	* use OPENSSL_CTX_free directly as our teardown function
	278	*/
	279	{ OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))OPENSSL_CTX_free },
9efa0ae0 MC	280	{ OSSL_FUNC_PROVIDER_GET_PARAM_TYPES, (void (*)(void))fips_get_param_types },
	281	{ OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))fips_get_params },
	282	{ OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
	283	{ 0, NULL }
	284	};
	285
319e518a MC	286	/* Functions we provide to ourself */
	287	static const OSSL_DISPATCH intern_dispatch_table[] = {
	288	{ OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
	289	{ 0, NULL }
	290	};
	291
	292
9efa0ae0 MC	293	int OSSL_provider_init(const OSSL_PROVIDER *provider,
9efa0ae0 MC	294	const OSSL_DISPATCH *in,
a39eb840 RL	295	const OSSL_DISPATCH **out,
a39eb840 RL	296	void **provctx)
9efa0ae0	297	{
da747958	298	FIPS_GLOBAL *fgbl;
03361afb	299	OPENSSL_CTX *ctx;
319e518a	300
9efa0ae0 MC	301	for (; in->function_id != 0; in++) {
	302	switch (in->function_id) {
	303	case OSSL_FUNC_CORE_GET_PARAM_TYPES:
	304	c_get_param_types = OSSL_get_core_get_param_types(in);
	305	break;
	306	case OSSL_FUNC_CORE_GET_PARAMS:
	307	c_get_params = OSSL_get_core_get_params(in);
	308	break;
da747958 MC	309	case OSSL_FUNC_CORE_THREAD_START:
	310	c_thread_start = OSSL_get_core_thread_start(in);
	311	break;
036913b1 RL	312	case OSSL_FUNC_CORE_NEW_ERROR:
036913b1 RL	313	c_new_error = OSSL_get_core_new_error(in);
3593266d	314	break;
036913b1 RL	315	case OSSL_FUNC_CORE_SET_ERROR_DEBUG:
	316	c_set_error_debug = OSSL_get_core_set_error_debug(in);
	317	break;
	318	case OSSL_FUNC_CORE_VSET_ERROR:
	319	c_vset_error = OSSL_get_core_vset_error(in);
3593266d	320	break;
b60cba3c RS	321	case OSSL_FUNC_CRYPTO_MALLOC:
	322	c_CRYPTO_malloc = OSSL_get_CRYPTO_malloc(in);
	323	break;
	324	case OSSL_FUNC_CRYPTO_ZALLOC:
	325	c_CRYPTO_zalloc = OSSL_get_CRYPTO_zalloc(in);
	326	break;
b60cba3c RS	327	case OSSL_FUNC_CRYPTO_FREE:
	328	c_CRYPTO_free = OSSL_get_CRYPTO_free(in);
	329	break;
	330	case OSSL_FUNC_CRYPTO_CLEAR_FREE:
	331	c_CRYPTO_clear_free = OSSL_get_CRYPTO_clear_free(in);
	332	break;
	333	case OSSL_FUNC_CRYPTO_REALLOC:
	334	c_CRYPTO_realloc = OSSL_get_CRYPTO_realloc(in);
	335	break;
	336	case OSSL_FUNC_CRYPTO_CLEAR_REALLOC:
	337	c_CRYPTO_clear_realloc = OSSL_get_CRYPTO_clear_realloc(in);
	338	break;
	339	case OSSL_FUNC_CRYPTO_SECURE_MALLOC:
	340	c_CRYPTO_secure_malloc = OSSL_get_CRYPTO_secure_malloc(in);
	341	break;
	342	case OSSL_FUNC_CRYPTO_SECURE_ZALLOC:
	343	c_CRYPTO_secure_zalloc = OSSL_get_CRYPTO_secure_zalloc(in);
	344	break;
	345	case OSSL_FUNC_CRYPTO_SECURE_FREE:
	346	c_CRYPTO_secure_free = OSSL_get_CRYPTO_secure_free(in);
	347	break;
	348	case OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE:
	349	c_CRYPTO_secure_clear_free = OSSL_get_CRYPTO_secure_clear_free(in);
	350	break;
	351	case OSSL_FUNC_CRYPTO_SECURE_ALLOCATED:
	352	c_CRYPTO_secure_allocated = OSSL_get_CRYPTO_secure_allocated(in);
	353	break;
9efa0ae0	354	default:
b60cba3c	355	/* Just ignore anything we don't understand */
9efa0ae0 MC	356	break;
	357	}
	358	}
	359
b60cba3c RS	360	/* Create a context. */
b60cba3c RS	361	if ((ctx = OPENSSL_CTX_new()) == NULL)
319e518a	362	return 0;
b60cba3c RS	363	if ((fgbl = openssl_ctx_get_data(ctx, OPENSSL_CTX_FIPS_PROV_INDEX,
	364	&fips_prov_ossl_ctx_method)) == NULL) {
	365	OPENSSL_CTX_free(ctx);
	366	return 0;
	367	}
03361afb	368	fgbl->prov = provider;
bb751e11 RL	369	*out = fips_dispatch_table;
	370	*provctx = ctx;
	371
319e518a MC	372	/*
	373	* TODO(3.0): Remove me. This is just a dummy call to demonstrate making
	374	* EVP calls from within the FIPS module.
	375	*/
bb751e11 RL	376	if (!dummy_evp_call(*provctx)) {
	377	OPENSSL_CTX_free(*provctx);
	378	*provctx = NULL;
319e518a MC	379	return 0;
	380	}
	381
9efa0ae0 MC	382	return 1;
9efa0ae0 MC	383	}
3593266d	384
319e518a MC	385	/*
319e518a MC	386	* The internal init function used when the FIPS module uses EVP to call
b1eb3fd7	387	* another algorithm also in the FIPS module. This is a recursive call that has
bb751e11 RL	388	* been made from within the FIPS module itself. To make this work, we populate
	389	* the provider context of this inner instance with the same library context
	390	* that was used in the EVP call that initiated this recursive call.
319e518a	391	*/
3593266d MC	392	OSSL_provider_init_fn fips_intern_provider_init;
	393	int fips_intern_provider_init(const OSSL_PROVIDER *provider,
	394	const OSSL_DISPATCH *in,
319e518a MC	395	const OSSL_DISPATCH **out,
319e518a MC	396	void **provctx)
3593266d	397	{
bb751e11 RL	398	OSSL_core_get_library_context_fn *c_get_libctx = NULL;
	399
	400	for (; in->function_id != 0; in++) {
	401	switch (in->function_id) {
	402	case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT:
	403	c_get_libctx = OSSL_get_core_get_library_context(in);
	404	break;
	405	default:
	406	break;
	407	}
	408	}
	409
	410	if (c_get_libctx == NULL)
	411	return 0;
	412
	413	*provctx = c_get_libctx(provider);
	414
	415	/*
	416	* Safety measure... we should get the library context that was
	417	* created up in OSSL_provider_init().
	418	*/
	419	if (*provctx == NULL)
	420	return 0;
	421
319e518a	422	*out = intern_dispatch_table;
3593266d MC	423	return 1;
	424	}
	425
036913b1	426	void ERR_new(void)
3593266d	427	{
036913b1 RL	428	c_new_error(NULL);
	429	}
	430
	431	void ERR_set_debug(const char file, int line, const char func)
	432	{
	433	c_set_error_debug(NULL, file, line, func);
3593266d MC	434	}
3593266d MC	435
036913b1	436	void ERR_set_error(int lib, int reason, const char *fmt, ...)
3593266d MC	437	{
3593266d MC	438	va_list args;
8908d18c	439
036913b1 RL	440	va_start(args, fmt);
036913b1 RL	441	c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
3593266d MC	442	va_end(args);
	443	}
	444
036913b1	445	void ERR_vset_error(int lib, int reason, const char *fmt, va_list args)
3593266d	446	{
036913b1	447	c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
3593266d	448	}
da747958 MC	449
	450	const OSSL_PROVIDER FIPS_get_provider(OPENSSL_CTX ctx)
	451	{
	452	FIPS_GLOBAL *fgbl = openssl_ctx_get_data(ctx, OPENSSL_CTX_FIPS_PROV_INDEX,
	453	&fips_prov_ossl_ctx_method);
	454
	455	if (fgbl == NULL)
	456	return NULL;
	457
	458	return fgbl->prov;
	459	}
b60cba3c RS	460
	461	void CRYPTO_malloc(size_t num, const char file, int line)
	462	{
	463	return c_CRYPTO_malloc(num, file, line);
	464	}
	465
	466	void CRYPTO_zalloc(size_t num, const char file, int line)
	467	{
	468	return c_CRYPTO_zalloc(num, file, line);
	469	}
	470
b60cba3c RS	471	void CRYPTO_free(void ptr, const char file, int line)
	472	{
	473	c_CRYPTO_free(ptr, file, line);
	474	}
	475
	476	void CRYPTO_clear_free(void ptr, size_t num, const char file, int line)
	477	{
	478	c_CRYPTO_clear_free(ptr, num, file, line);
	479	}
	480
	481	void CRYPTO_realloc(void addr, size_t num, const char *file, int line)
	482	{
	483	return c_CRYPTO_realloc(addr, num, file, line);
	484	}
	485
	486	void CRYPTO_clear_realloc(void addr, size_t old_num, size_t num,
	487	const char *file, int line)
	488	{
	489	return c_CRYPTO_clear_realloc(addr, old_num, num, file, line);
	490	}
	491
	492	void CRYPTO_secure_malloc(size_t num, const char file, int line)
	493	{
	494	return c_CRYPTO_secure_malloc(num, file, line);
	495	}
	496
	497	void CRYPTO_secure_zalloc(size_t num, const char file, int line)
	498	{
	499	return c_CRYPTO_secure_zalloc(num, file, line);
	500	}
	501
	502	void CRYPTO_secure_free(void ptr, const char file, int line)
	503	{
	504	c_CRYPTO_secure_free(ptr, file, line);
	505	}
	506
	507	void CRYPTO_secure_clear_free(void ptr, size_t num, const char file, int line)
	508	{
	509	c_CRYPTO_secure_clear_free(ptr, num, file, line);
	510	}
	511
b60cba3c RS	512	int CRYPTO_secure_allocated(const void *ptr)
	513	{
	514	return c_CRYPTO_secure_allocated(ptr);
	515	}