crypto/evp/evp_cnf.c

   1 /*
   2  * Copyright 2012-2017 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the OpenSSL license (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <stdio.h>
  11 #include <openssl/crypto.h>
  12 #include "internal/cryptlib.h"
  13 #include <openssl/conf.h>
  14 #include <openssl/x509.h>
  15 #include <openssl/x509v3.h>
  16
  17 /* Algorithm configuration module. */
  18
  19 static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
  20 {
  21     int i;
  22     const char *oid_section;
  23     STACK_OF(CONF_VALUE) *sktmp;
  24     CONF_VALUE *oval;
  25
  26     oid_section = CONF_imodule_get_value(md);
  27     if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) {
  28         EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
  29         return 0;
  30     }
  31     for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
  32         oval = sk_CONF_VALUE_value(sktmp, i);
  33         if (strcmp(oval->name, "fips_mode") == 0) {
  34             int m;
  35             if (!X509V3_get_value_bool(oval, &m)) {
  36                 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
  37                 return 0;
  38             }
  39             if (m > 0) {
  40                 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED);
  41                 return 0;
  42             }
  43         } else {
  44             EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
  45             ERR_add_error_data(4, "name=", oval->name,
  46                                ", value=", oval->value);
  47         }
  48
  49     }
  50     return 1;
  51 }
  52
  53 void EVP_add_alg_module(void)
  54 {
  55     CONF_module_add("alg_section", alg_module_init, 0);
  56 }