#include <openssl/proverr.h>
#include "internal/nelem.h"
#include "internal/sizes.h"
-#include "prov/fipscommon.h"
-#include "prov/fipsindicator.h"
#include "prov/providercommon.h"
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
unsigned char context_string[EDDSA_MAX_CONTEXT_STRING_LEN];
size_t context_string_len;
- OSSL_FIPS_IND_DECLARE
} PROV_EDDSA_CTX;
static void *eddsa_newctx(void *provctx, const char *propq_unused)
return NULL;
peddsactx->libctx = PROV_LIBCTX_OF(provctx);
- OSSL_FIPS_IND_INIT(peddsactx)
return peddsactx;
}
return 0;
}
- OSSL_FIPS_IND_SET_APPROVED(peddsactx)
peddsactx->dom2_flag = 0;
peddsactx->prehash_flag = 0;
peddsactx->context_string_flag = 0;
return 1;
}
-static int ed25519_digest_sign(void *vpeddsactx, unsigned char *sigret,
- size_t *siglen, size_t sigsize,
- const unsigned char *tbs, size_t tbslen)
+int ed25519_digest_sign(void *vpeddsactx, unsigned char *sigret,
+ size_t *siglen, size_t sigsize,
+ const unsigned char *tbs, size_t tbslen)
{
PROV_EDDSA_CTX *peddsactx = (PROV_EDDSA_CTX *)vpeddsactx;
const ECX_KEY *edkey = peddsactx->key;
return ret;
}
-static int ed448_digest_sign(void *vpeddsactx, unsigned char *sigret,
- size_t *siglen, size_t sigsize,
- const unsigned char *tbs, size_t tbslen)
+int ed448_digest_sign(void *vpeddsactx, unsigned char *sigret,
+ size_t *siglen, size_t sigsize,
+ const unsigned char *tbs, size_t tbslen)
{
PROV_EDDSA_CTX *peddsactx = (PROV_EDDSA_CTX *)vpeddsactx;
const ECX_KEY *edkey = peddsactx->key;
return 1;
}
-static int fips_check_verify(PROV_EDDSA_CTX *ctx)
-{
-#ifdef FIPS_MODULE
- if (!OSSL_FIPS_IND_ON_UNAPPROVED(ctx, OSSL_FIPS_IND_SETTABLE0,
- ctx->libctx, "Verify", "EdDSA",
- FIPS_eddsa_no_verify_digested))
- return 0;
-#endif /* FIPS_MODULE */
- return 1;
-}
-
-static int ed25519_digest_verify(void *vpeddsactx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs,
- size_t tbslen)
+int ed25519_digest_verify(void *vpeddsactx, const unsigned char *sig,
+ size_t siglen, const unsigned char *tbs,
+ size_t tbslen)
{
PROV_EDDSA_CTX *peddsactx = (PROV_EDDSA_CTX *)vpeddsactx;
const ECX_KEY *edkey = peddsactx->key;
uint8_t md[EVP_MAX_MD_SIZE];
size_t mdlen;
- if (!ossl_prov_is_running()
- || siglen != ED25519_SIGSIZE
- || !fips_check_verify(peddsactx))
+ if (!ossl_prov_is_running() || siglen != ED25519_SIGSIZE)
return 0;
#ifdef S390X_EC_ASM
peddsactx->libctx, edkey->propq);
}
-static int ed448_digest_verify(void *vpeddsactx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs,
- size_t tbslen)
+int ed448_digest_verify(void *vpeddsactx, const unsigned char *sig,
+ size_t siglen, const unsigned char *tbs,
+ size_t tbslen)
{
PROV_EDDSA_CTX *peddsactx = (PROV_EDDSA_CTX *)vpeddsactx;
const ECX_KEY *edkey = peddsactx->key;
uint8_t md[EDDSA_PREHASH_OUTPUT_LEN];
size_t mdlen = sizeof(md);
- if (!ossl_prov_is_running()
- || siglen != ED448_SIGSIZE
- || !fips_check_verify(peddsactx))
+ if (!ossl_prov_is_running() || siglen != ED448_SIGSIZE)
return 0;
#ifdef S390X_EC_ASM
peddsactx->aid_len))
return 0;
- if (!OSSL_FIPS_IND_GET_CTX_PARAM(peddsactx, params))
- return 0;
return 1;
}
OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_INSTANCE, NULL, 0),
OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_CONTEXT_STRING, NULL, 0),
- OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
OSSL_PARAM_END
};
if (params == NULL)
return 1;
- if (!OSSL_FIPS_IND_SET_CTX_PARAM(peddsactx, OSSL_FIPS_IND_SETTABLE0, params,
- OSSL_SIGNATURE_PARAM_EDDSA_VERIFY_DIGESTED))
- return 0;
-
p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_INSTANCE);
if (p != NULL) {
char instance_name[OSSL_MAX_NAME_SIZE] = "";
static const OSSL_PARAM settable_ctx_params[] = {
OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_INSTANCE, NULL, 0),
OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_CONTEXT_STRING, NULL, 0),
- OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_EDDSA_VERIFY_DIGESTED)
OSSL_PARAM_END
};
projects / thirdparty / openssl.git / commitdiff
