]> git.ipfire.org Git - thirdparty/openssl.git/blob - providers/fips/fipsprov.c
projects / thirdparty / openssl.git / blob
? search:


bbf95b750560ca6576dd6e735c86d13fae8bd95f
[thirdparty/openssl.git] / providers / fips / fipsprov.c
1 /*
2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <string.h>
11 #include <stdio.h>
12 #include <openssl/core.h>
13 #include <openssl/core_numbers.h>
14 #include <openssl/core_names.h>
15 #include <openssl/params.h>
16 #include <openssl/err.h>
17 #include <openssl/evp.h>
18 #include <openssl/kdf.h>
19
20 /* TODO(3.0): Needed for dummy_evp_call(). To be removed */
21 #include <openssl/sha.h>
22 #include <openssl/rand_drbg.h>
23 #include <openssl/ec.h>
24 #include <openssl/fips_names.h>
25
26 #include "internal/cryptlib.h"
27 #include "internal/property.h"
28 #include "internal/nelem.h"
29 #include "openssl/param_build.h"
30 #include "crypto/evp.h"
31 #include "prov/implementations.h"
32 #include "prov/provider_ctx.h"
33 #include "prov/providercommon.h"
34 #include "prov/provider_util.h"
35 #include "self_test.h"
36
37 /*
38 * Forward declarations to ensure that interface functions are correctly
39 * defined.
40 */
41 static OSSL_provider_teardown_fn fips_teardown;
42 static OSSL_provider_gettable_params_fn fips_gettable_params;
43 static OSSL_provider_get_params_fn fips_get_params;
44 static OSSL_provider_query_operation_fn fips_query;
45
46 #define ALGC(NAMES, FUNC, CHECK) { { NAMES, "provider=fips,fips=yes", FUNC }, CHECK }
47 #define ALG(NAMES, FUNC) ALGC(NAMES, FUNC, NULL)
48
49 extern OSSL_core_thread_start_fn *c_thread_start;
50
51 /*
52 * TODO(3.0): Should these be stored in the provider side provctx? Could they
53 * ever be different from one init to the next? Unfortunately we can't do this
54 * at the moment because c_put_error/c_add_error_vdata do not provide
55 * us with the OPENSSL_CTX as a parameter.
56 */
57
58 static SELF_TEST_POST_PARAMS selftest_params;
59
60 /* Functions provided by the core */
61 static OSSL_core_gettable_params_fn *c_gettable_params;
62 static OSSL_core_get_params_fn *c_get_params;
63 OSSL_core_thread_start_fn *c_thread_start;
64 static OSSL_core_new_error_fn *c_new_error;
65 static OSSL_core_set_error_debug_fn *c_set_error_debug;
66 static OSSL_core_vset_error_fn *c_vset_error;
67 static OSSL_core_set_error_mark_fn *c_set_error_mark;
68 static OSSL_core_clear_last_error_mark_fn *c_clear_last_error_mark;
69 static OSSL_core_pop_error_to_mark_fn *c_pop_error_to_mark;
70 static OSSL_CRYPTO_malloc_fn *c_CRYPTO_malloc;
71 static OSSL_CRYPTO_zalloc_fn *c_CRYPTO_zalloc;
72 static OSSL_CRYPTO_free_fn *c_CRYPTO_free;
73 static OSSL_CRYPTO_clear_free_fn *c_CRYPTO_clear_free;
74 static OSSL_CRYPTO_realloc_fn *c_CRYPTO_realloc;
75 static OSSL_CRYPTO_clear_realloc_fn *c_CRYPTO_clear_realloc;
76 static OSSL_CRYPTO_secure_malloc_fn *c_CRYPTO_secure_malloc;
77 static OSSL_CRYPTO_secure_zalloc_fn *c_CRYPTO_secure_zalloc;
78 static OSSL_CRYPTO_secure_free_fn *c_CRYPTO_secure_free;
79 static OSSL_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free;
80 static OSSL_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated;
81 static OSSL_BIO_vsnprintf_fn *c_BIO_vsnprintf;
82
83 typedef struct fips_global_st {
84 const OSSL_CORE_HANDLE *handle;
85 } FIPS_GLOBAL;
86
87 static void *fips_prov_ossl_ctx_new(OPENSSL_CTX *libctx)
88 {
89 FIPS_GLOBAL *fgbl = OPENSSL_zalloc(sizeof(*fgbl));
90
91 return fgbl;
92 }
93
94 static void fips_prov_ossl_ctx_free(void *fgbl)
95 {
96 OPENSSL_free(fgbl);
97 }
98
99 static const OPENSSL_CTX_METHOD fips_prov_ossl_ctx_method = {
100 fips_prov_ossl_ctx_new,
101 fips_prov_ossl_ctx_free,
102 };
103
104
105 /* Parameters we provide to the core */
106 static const OSSL_PARAM fips_param_types[] = {
107 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0),
108 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0),
109 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0),
110 OSSL_PARAM_END
111 };
112
113 /*
114 * Parameters to retrieve from the core provider - required for self testing.
115 * NOTE: inside core_get_params() these will be loaded from config items
116 * stored inside prov->parameters (except for
117 * OSSL_PROV_PARAM_CORE_MODULE_FILENAME).
118 */
119 static OSSL_PARAM core_params[] =
120 {
121 OSSL_PARAM_utf8_ptr(OSSL_PROV_PARAM_CORE_MODULE_FILENAME,
122 selftest_params.module_filename,
123 sizeof(selftest_params.module_filename)),
124 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_MODULE_MAC,
125 selftest_params.module_checksum_data,
126 sizeof(selftest_params.module_checksum_data)),
127 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_INSTALL_MAC,
128 selftest_params.indicator_checksum_data,
129 sizeof(selftest_params.indicator_checksum_data)),
130 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_INSTALL_STATUS,
131 selftest_params.indicator_data,
132 sizeof(selftest_params.indicator_data)),
133 OSSL_PARAM_utf8_ptr(OSSL_PROV_FIPS_PARAM_INSTALL_VERSION,
134 selftest_params.indicator_version,
135 sizeof(selftest_params.indicator_version)),
136 OSSL_PARAM_END
137 };
138
139 /* TODO(3.0): To be removed */
140 static int dummy_evp_call(OPENSSL_CTX *libctx)
141 {
142 EVP_MD_CTX *ctx = EVP_MD_CTX_new();
143 EVP_MD *sha256 = EVP_MD_fetch(libctx, "SHA256", NULL);
144 EVP_KDF *kdf = EVP_KDF_fetch(libctx, OSSL_KDF_NAME_PBKDF2, NULL);
145 unsigned char dgst[SHA256_DIGEST_LENGTH];
146 unsigned int dgstlen;
147 int ret = 0;
148 BN_CTX *bnctx = NULL;
149 BIGNUM *a = NULL, *b = NULL;
150 unsigned char randbuf[128];
151 RAND_DRBG *drbg = OPENSSL_CTX_get0_public_drbg(libctx);
152 #ifndef OPENSSL_NO_EC
153 EC_KEY *key = NULL;
154 #endif
155
156 static const char msg[] = "Hello World!";
157 static const unsigned char exptd[] = {
158 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
159 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,
160 0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69
161 };
162
163 if (ctx == NULL || sha256 == NULL || drbg == NULL || kdf == NULL)
164 goto err;
165
166 if (!EVP_DigestInit_ex(ctx, sha256, NULL))
167 goto err;
168 if (!EVP_DigestUpdate(ctx, msg, sizeof(msg) - 1))
169 goto err;
170 if (!EVP_DigestFinal(ctx, dgst, &dgstlen))
171 goto err;
172 if (dgstlen != sizeof(exptd) || memcmp(dgst, exptd, sizeof(exptd)) != 0)
173 goto err;
174
175 bnctx = BN_CTX_new_ex(libctx);
176 if (bnctx == NULL)
177 goto err;
178 BN_CTX_start(bnctx);
179 a = BN_CTX_get(bnctx);
180 b = BN_CTX_get(bnctx);
181 if (b == NULL)
182 goto err;
183 BN_zero(a);
184 if (!BN_one(b)
185 || !BN_add(a, a, b)
186 || BN_cmp(a, b) != 0)
187 goto err;
188
189 if (RAND_DRBG_bytes(drbg, randbuf, sizeof(randbuf)) <= 0)
190 goto err;
191
192 if (!BN_rand_ex(a, 256, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, bnctx))
193 goto err;
194
195 #ifndef OPENSSL_NO_EC
196 /* Do some dummy EC calls */
197 key = EC_KEY_new_by_curve_name_ex(libctx, NID_X9_62_prime256v1);
198 if (key == NULL)
199 goto err;
200
201 if (!EC_KEY_generate_key(key))
202 goto err;
203 #endif
204
205 ret = 1;
206 err:
207 BN_CTX_end(bnctx);
208 BN_CTX_free(bnctx);
209
210 EVP_KDF_free(kdf);
211 EVP_MD_CTX_free(ctx);
212 EVP_MD_free(sha256);
213
214 #ifndef OPENSSL_NO_EC
215 EC_KEY_free(key);
216 #endif
217 return ret;
218 }
219
220 static const OSSL_PARAM *fips_gettable_params(void *provctx)
221 {
222 return fips_param_types;
223 }
224
225 static int fips_get_params(void *provctx, OSSL_PARAM params[])
226 {
227 OSSL_PARAM *p;
228
229 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME);
230 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL FIPS Provider"))
231 return 0;
232 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION);
233 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR))
234 return 0;
235 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO);
236 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR))
237 return 0;
238
239 return 1;
240 }
241
242 /* FIPS specific version of the function of the same name in provlib.c */
243 const char *ossl_prov_util_nid_to_name(int nid)
244 {
245 /* We don't have OBJ_nid2n() in FIPS_MODULE so we have an explicit list */
246
247 switch (nid) {
248 /* Digests */
249 case NID_sha1:
250 return "SHA1";
251 case NID_sha224:
252 return "SHA-224";
253 case NID_sha256:
254 return "SHA-256";
255 case NID_sha384:
256 return "SHA-384";
257 case NID_sha512:
258 return "SHA-512";
259 case NID_sha512_224:
260 return "SHA-512/224";
261 case NID_sha512_256:
262 return "SHA-512/256";
263 case NID_sha3_224:
264 return "SHA3-224";
265 case NID_sha3_256:
266 return "SHA3-256";
267 case NID_sha3_384:
268 return "SHA3-384";
269 case NID_sha3_512:
270 return "SHA3-512";
271
272 /* Ciphers */
273 case NID_aes_256_ecb:
274 return "AES-256-ECB";
275 case NID_aes_192_ecb:
276 return "AES-192-ECB";
277 case NID_aes_128_ecb:
278 return "AES-128-ECB";
279 case NID_aes_256_cbc:
280 return "AES-256-CBC";
281 case NID_aes_192_cbc:
282 return "AES-192-CBC";
283 case NID_aes_128_cbc:
284 return "AES-128-CBC";
285 case NID_aes_256_ctr:
286 return "AES-256-CTR";
287 case NID_aes_192_ctr:
288 return "AES-192-CTR";
289 case NID_aes_128_ctr:
290 return "AES-128-CTR";
291 case NID_aes_256_xts:
292 return "AES-256-XTS";
293 case NID_aes_128_xts:
294 return "AES-128-XTS";
295 case NID_aes_256_gcm:
296 return "AES-256-GCM";
297 case NID_aes_192_gcm:
298 return "AES-192-GCM";
299 case NID_aes_128_gcm:
300 return "AES-128-GCM";
301 case NID_aes_256_ccm:
302 return "AES-256-CCM";
303 case NID_aes_192_ccm:
304 return "AES-192-CCM";
305 case NID_aes_128_ccm:
306 return "AES-128-CCM";
307 case NID_id_aes256_wrap:
308 return "AES-256-WRAP";
309 case NID_id_aes192_wrap:
310 return "AES-192-WRAP";
311 case NID_id_aes128_wrap:
312 return "AES-128-WRAP";
313 case NID_id_aes256_wrap_pad:
314 return "AES-256-WRAP-PAD";
315 case NID_id_aes192_wrap_pad:
316 return "AES-192-WRAP-PAD";
317 case NID_id_aes128_wrap_pad:
318 return "AES-128-WRAP-PAD";
319 case NID_des_ede3_ecb:
320 return "DES-EDE3";
321 case NID_des_ede3_cbc:
322 return "DES-EDE3-CBC";
323 case NID_aes_256_cbc_hmac_sha256:
324 return "AES-256-CBC-HMAC-SHA256";
325 case NID_aes_128_cbc_hmac_sha256:
326 return "AES-128-CBC-HMAC-SHA256";
327 case NID_aes_256_cbc_hmac_sha1:
328 return "AES-256-CBC-HMAC-SHA1";
329 case NID_aes_128_cbc_hmac_sha1:
330 return "AES-128-CBC-HMAC-SHA1";
331 default:
332 break;
333 }
334
335 return NULL;
336 }
337
338 /*
339 * For the algorithm names, we use the following formula for our primary
340 * names:
341 *
342 * ALGNAME[VERSION?][-SUBNAME[VERSION?]?][-SIZE?][-MODE?]
343 *
344 * VERSION is only present if there are multiple versions of
345 * an alg (MD2, MD4, MD5). It may be omitted if there is only
346 * one version (if a subsequent version is released in the future,
347 * we can always change the canonical name, and add the old name
348 * as an alias).
349 *
350 * SUBNAME may be present where we are combining multiple
351 * algorithms together, e.g. MD5-SHA1.
352 *
353 * SIZE is only present if multiple versions of an algorithm exist
354 * with different sizes (e.g. AES-128-CBC, AES-256-CBC)
355 *
356 * MODE is only present where applicable.
357 *
358 * We add diverse other names where applicable, such as the names that
359 * NIST uses, or that are used for ASN.1 OBJECT IDENTIFIERs, or names
360 * we have used historically.
361 */
362 static const OSSL_ALGORITHM fips_digests[] = {
363 /* Our primary name:NiST name[:our older names] */
364 { "SHA1:SHA-1", "provider=fips,fips=yes", sha1_functions },
365 { "SHA2-224:SHA-224:SHA224", "provider=fips,fips=yes", sha224_functions },
366 { "SHA2-256:SHA-256:SHA256", "provider=fips,fips=yes", sha256_functions },
367 { "SHA2-384:SHA-384:SHA384", "provider=fips,fips=yes", sha384_functions },
368 { "SHA2-512:SHA-512:SHA512", "provider=fips,fips=yes", sha512_functions },
369 { "SHA2-512/224:SHA-512/224:SHA512-224", "provider=fips,fips=yes",
370 sha512_224_functions },
371 { "SHA2-512/256:SHA-512/256:SHA512-256", "provider=fips,fips=yes",
372 sha512_256_functions },
373
374 /* We agree with NIST here, so one name only */
375 { "SHA3-224", "provider=fips,fips=yes", sha3_224_functions },
376 { "SHA3-256", "provider=fips,fips=yes", sha3_256_functions },
377 { "SHA3-384", "provider=fips,fips=yes", sha3_384_functions },
378 { "SHA3-512", "provider=fips,fips=yes", sha3_512_functions },
379
380 /* Non-FIPS algorithm to support oneshot_hash in the Ed448 code */
381 { "SHAKE-256:SHAKE256", "provider=fips,fips=no", shake_256_functions },
382 { NULL, NULL, NULL }
383 };
384
385 static const OSSL_ALGORITHM_CAPABLE fips_ciphers[] = {
386 /* Our primary name[:ASN.1 OID name][:our older names] */
387 ALG("AES-256-ECB", aes256ecb_functions),
388 ALG("AES-192-ECB", aes192ecb_functions),
389 ALG("AES-128-ECB", aes128ecb_functions),
390 ALG("AES-256-CBC", aes256cbc_functions),
391 ALG("AES-192-CBC", aes192cbc_functions),
392 ALG("AES-128-CBC", aes128cbc_functions),
393 ALG("AES-256-CTR", aes256ctr_functions),
394 ALG("AES-192-CTR", aes192ctr_functions),
395 ALG("AES-128-CTR", aes128ctr_functions),
396 ALG("AES-256-XTS", aes256xts_functions),
397 ALG("AES-128-XTS", aes128xts_functions),
398 ALG("AES-256-GCM:id-aes256-GCM", aes256gcm_functions),
399 ALG("AES-192-GCM:id-aes192-GCM", aes192gcm_functions),
400 ALG("AES-128-GCM:id-aes128-GCM", aes128gcm_functions),
401 ALG("AES-256-CCM:id-aes256-CCM", aes256ccm_functions),
402 ALG("AES-192-CCM:id-aes192-CCM", aes192ccm_functions),
403 ALG("AES-128-CCM:id-aes128-CCM", aes128ccm_functions),
404 ALG("AES-256-WRAP:id-aes256-wrap:AES256-WRAP", aes256wrap_functions),
405 ALG("AES-192-WRAP:id-aes192-wrap:AES192-WRAP", aes192wrap_functions),
406 ALG("AES-128-WRAP:id-aes128-wrap:AES128-WRAP", aes128wrap_functions),
407 ALG("AES-256-WRAP-PAD:id-aes256-wrap-pad:AES256-WRAP-PAD",
408 aes256wrappad_functions),
409 ALG("AES-192-WRAP-PAD:id-aes192-wrap-pad:AES192-WRAP-PAD",
410 aes192wrappad_functions),
411 ALG("AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD",
412 aes128wrappad_functions),
413 ALGC("AES-128-CBC-HMAC-SHA1", aes128cbc_hmac_sha1_functions,
414 cipher_capable_aes_cbc_hmac_sha1),
415 ALGC("AES-256-CBC-HMAC-SHA1", aes256cbc_hmac_sha1_functions,
416 cipher_capable_aes_cbc_hmac_sha1),
417 ALGC("AES-128-CBC-HMAC-SHA256", aes128cbc_hmac_sha256_functions,
418 cipher_capable_aes_cbc_hmac_sha256),
419 ALGC("AES-256-CBC-HMAC-SHA256", aes256cbc_hmac_sha256_functions,
420 cipher_capable_aes_cbc_hmac_sha256),
421 #ifndef OPENSSL_NO_DES
422 ALG("DES-EDE3-ECB:DES-EDE3", tdes_ede3_ecb_functions),
423 ALG("DES-EDE3-CBC:DES3", tdes_ede3_cbc_functions),
424 #endif /* OPENSSL_NO_DES */
425 { { NULL, NULL, NULL }, NULL }
426 };
427 static OSSL_ALGORITHM exported_fips_ciphers[OSSL_NELEM(fips_ciphers)];
428
429 static const OSSL_ALGORITHM fips_macs[] = {
430 { "GMAC", "provider=fips,fips=yes", gmac_functions },
431 { "HMAC", "provider=fips,fips=yes", hmac_functions },
432 { NULL, NULL, NULL }
433 };
434
435 static const OSSL_ALGORITHM fips_kdfs[] = {
436 { "HKDF", "provider=fips,fips=yes", kdf_hkdf_functions },
437 { "SSKDF", "provider=fips,fips=yes", kdf_sskdf_functions },
438 { "PBKDF2", "provider=fips,fips=yes", kdf_pbkdf2_functions },
439 { "TLS1-PRF", "provider=fips,fips=yes", kdf_tls1_prf_functions },
440 { NULL, NULL, NULL }
441 };
442
443 static const OSSL_ALGORITHM fips_keyexch[] = {
444 #ifndef OPENSSL_NO_DH
445 { "DH:dhKeyAgreement", "provider=fips,fips=yes", dh_keyexch_functions },
446 #endif
447 #ifndef OPENSSL_NO_EC
448 { "ECDH", "provider=fips,fips=yes", ecdh_keyexch_functions },
449 { "X25519", "provider=fips,fips=no", x25519_keyexch_functions },
450 { "X448", "provider=fips,fips=no", x448_keyexch_functions },
451 #endif
452 { NULL, NULL, NULL }
453 };
454
455 static const OSSL_ALGORITHM fips_signature[] = {
456 #ifndef OPENSSL_NO_DSA
457 { "DSA:dsaEncryption", "provider=fips,fips=yes", dsa_signature_functions },
458 #endif
459 { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_signature_functions },
460 #ifndef OPENSSL_NO_EC
461 { "ED25519", "provider=fips,fips=no", ed25519_signature_functions },
462 { "ED448", "provider=fips,fips=no", ed448_signature_functions },
463 { "ECDSA", "provider=fips,fips=yes", ecdsa_signature_functions },
464 #endif
465 { NULL, NULL, NULL }
466 };
467
468 static const OSSL_ALGORITHM fips_asym_cipher[] = {
469 { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_asym_cipher_functions },
470 { NULL, NULL, NULL }
471 };
472
473 static const OSSL_ALGORITHM fips_keymgmt[] = {
474 #ifndef OPENSSL_NO_DH
475 { "DH:dhKeyAgreement", "provider=fips,fips=yes", dh_keymgmt_functions },
476 #endif
477 #ifndef OPENSSL_NO_DSA
478 { "DSA", "provider=fips,fips=yes", dsa_keymgmt_functions },
479 #endif
480 { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_keymgmt_functions },
481 { "RSA-PSS:RSASSA-PSS", "provider=default", rsapss_keymgmt_functions },
482 #ifndef OPENSSL_NO_EC
483 { "EC:id-ecPublicKey", "provider=fips,fips=yes", ec_keymgmt_functions },
484 { "X25519", "provider=fips,fips=no", x25519_keymgmt_functions },
485 { "X448", "provider=fips,fips=no", x448_keymgmt_functions },
486 { "ED25519", "provider=fips,fips=no", ed25519_keymgmt_functions },
487 { "ED448", "provider=fips,fips=no", ed448_keymgmt_functions },
488 #endif
489 { NULL, NULL, NULL }
490 };
491
492 static const OSSL_ALGORITHM *fips_query(void *provctx, int operation_id,
493 int *no_cache)
494 {
495 *no_cache = 0;
496 switch (operation_id) {
497 case OSSL_OP_DIGEST:
498 return fips_digests;
499 case OSSL_OP_CIPHER:
500 ossl_prov_cache_exported_algorithms(fips_ciphers, exported_fips_ciphers);
501 return exported_fips_ciphers;
502 case OSSL_OP_MAC:
503 return fips_macs;
504 case OSSL_OP_KDF:
505 return fips_kdfs;
506 case OSSL_OP_KEYMGMT:
507 return fips_keymgmt;
508 case OSSL_OP_KEYEXCH:
509 return fips_keyexch;
510 case OSSL_OP_SIGNATURE:
511 return fips_signature;
512 case OSSL_OP_ASYM_CIPHER:
513 return fips_asym_cipher;
514 }
515 return NULL;
516 }
517
518 static void fips_teardown(void *provctx)
519 {
520 OPENSSL_CTX_free(PROV_LIBRARY_CONTEXT_OF(provctx));
521 PROV_CTX_free(provctx);
522 }
523
524 static void fips_intern_teardown(void *provctx)
525 {
526 /*
527 * We know that the library context is the same as for the outer provider,
528 * so no need to destroy it here.
529 */
530 PROV_CTX_free(provctx);
531 }
532
533 /* Functions we provide to the core */
534 static const OSSL_DISPATCH fips_dispatch_table[] = {
535 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fips_teardown },
536 { OSSL_FUNC_PROVIDER_GETTABLE_PARAMS, (void (*)(void))fips_gettable_params },
537 { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))fips_get_params },
538 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
539 { 0, NULL }
540 };
541
542 /* Functions we provide to ourself */
543 static const OSSL_DISPATCH intern_dispatch_table[] = {
544 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fips_intern_teardown },
545 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
546 { 0, NULL }
547 };
548
549
550 int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
551 const OSSL_DISPATCH *in,
552 const OSSL_DISPATCH **out,
553 void **provctx)
554 {
555 FIPS_GLOBAL *fgbl;
556 OPENSSL_CTX *libctx = NULL;
557 OSSL_self_test_cb_fn *stcbfn = NULL;
558 OSSL_core_get_library_context_fn *c_get_libctx = NULL;
559
560 for (; in->function_id != 0; in++) {
561 switch (in->function_id) {
562 case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT:
563 c_get_libctx = OSSL_get_core_get_library_context(in);
564 break;
565 case OSSL_FUNC_CORE_GETTABLE_PARAMS:
566 c_gettable_params = OSSL_get_core_gettable_params(in);
567 break;
568 case OSSL_FUNC_CORE_GET_PARAMS:
569 c_get_params = OSSL_get_core_get_params(in);
570 break;
571 case OSSL_FUNC_CORE_THREAD_START:
572 c_thread_start = OSSL_get_core_thread_start(in);
573 break;
574 case OSSL_FUNC_CORE_NEW_ERROR:
575 c_new_error = OSSL_get_core_new_error(in);
576 break;
577 case OSSL_FUNC_CORE_SET_ERROR_DEBUG:
578 c_set_error_debug = OSSL_get_core_set_error_debug(in);
579 break;
580 case OSSL_FUNC_CORE_VSET_ERROR:
581 c_vset_error = OSSL_get_core_vset_error(in);
582 break;
583 case OSSL_FUNC_CORE_SET_ERROR_MARK:
584 c_set_error_mark = OSSL_get_core_set_error_mark(in);
585 break;
586 case OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK:
587 c_clear_last_error_mark = OSSL_get_core_clear_last_error_mark(in);
588 break;
589 case OSSL_FUNC_CORE_POP_ERROR_TO_MARK:
590 c_pop_error_to_mark = OSSL_get_core_pop_error_to_mark(in);
591 break;
592 case OSSL_FUNC_CRYPTO_MALLOC:
593 c_CRYPTO_malloc = OSSL_get_CRYPTO_malloc(in);
594 break;
595 case OSSL_FUNC_CRYPTO_ZALLOC:
596 c_CRYPTO_zalloc = OSSL_get_CRYPTO_zalloc(in);
597 break;
598 case OSSL_FUNC_CRYPTO_FREE:
599 c_CRYPTO_free = OSSL_get_CRYPTO_free(in);
600 break;
601 case OSSL_FUNC_CRYPTO_CLEAR_FREE:
602 c_CRYPTO_clear_free = OSSL_get_CRYPTO_clear_free(in);
603 break;
604 case OSSL_FUNC_CRYPTO_REALLOC:
605 c_CRYPTO_realloc = OSSL_get_CRYPTO_realloc(in);
606 break;
607 case OSSL_FUNC_CRYPTO_CLEAR_REALLOC:
608 c_CRYPTO_clear_realloc = OSSL_get_CRYPTO_clear_realloc(in);
609 break;
610 case OSSL_FUNC_CRYPTO_SECURE_MALLOC:
611 c_CRYPTO_secure_malloc = OSSL_get_CRYPTO_secure_malloc(in);
612 break;
613 case OSSL_FUNC_CRYPTO_SECURE_ZALLOC:
614 c_CRYPTO_secure_zalloc = OSSL_get_CRYPTO_secure_zalloc(in);
615 break;
616 case OSSL_FUNC_CRYPTO_SECURE_FREE:
617 c_CRYPTO_secure_free = OSSL_get_CRYPTO_secure_free(in);
618 break;
619 case OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE:
620 c_CRYPTO_secure_clear_free = OSSL_get_CRYPTO_secure_clear_free(in);
621 break;
622 case OSSL_FUNC_CRYPTO_SECURE_ALLOCATED:
623 c_CRYPTO_secure_allocated = OSSL_get_CRYPTO_secure_allocated(in);
624 break;
625 case OSSL_FUNC_BIO_NEW_FILE:
626 selftest_params.bio_new_file_cb = OSSL_get_BIO_new_file(in);
627 break;
628 case OSSL_FUNC_BIO_NEW_MEMBUF:
629 selftest_params.bio_new_buffer_cb = OSSL_get_BIO_new_membuf(in);
630 break;
631 case OSSL_FUNC_BIO_READ_EX:
632 selftest_params.bio_read_ex_cb = OSSL_get_BIO_read_ex(in);
633 break;
634 case OSSL_FUNC_BIO_FREE:
635 selftest_params.bio_free_cb = OSSL_get_BIO_free(in);
636 break;
637 case OSSL_FUNC_BIO_VSNPRINTF:
638 c_BIO_vsnprintf = OSSL_get_BIO_vsnprintf(in);
639 break;
640 case OSSL_FUNC_SELF_TEST_CB: {
641 stcbfn = OSSL_get_self_test_cb(in);
642 break;
643 }
644 default:
645 /* Just ignore anything we don't understand */
646 break;
647 }
648 }
649
650 if (stcbfn != NULL && c_get_libctx != NULL) {
651 stcbfn(c_get_libctx(handle), &selftest_params.cb,
652 &selftest_params.cb_arg);
653 }
654 else {
655 selftest_params.cb = NULL;
656 selftest_params.cb_arg = NULL;
657 }
658
659 if (!c_get_params(handle, core_params))
660 return 0;
661
662 /* Create a context. */
663 if ((*provctx = PROV_CTX_new()) == NULL
664 || (libctx = OPENSSL_CTX_new()) == NULL) {
665 /*
666 * We free libctx separately here and only here because it hasn't
667 * been attached to *provctx. All other error paths below rely
668 * solely on fips_teardown.
669 */
670 OPENSSL_CTX_free(libctx);
671 goto err;
672 }
673 PROV_CTX_set0_library_context(*provctx, libctx);
674 PROV_CTX_set0_handle(*provctx, handle);
675
676 if ((fgbl = openssl_ctx_get_data(libctx, OPENSSL_CTX_FIPS_PROV_INDEX,
677 &fips_prov_ossl_ctx_method)) == NULL)
678 goto err;
679
680 fgbl->handle = handle;
681
682 selftest_params.libctx = libctx;
683 if (!SELF_TEST_post(&selftest_params, 0))
684 goto err;
685
686 /*
687 * TODO(3.0): Remove me. This is just a dummy call to demonstrate making
688 * EVP calls from within the FIPS module.
689 */
690 if (!dummy_evp_call(libctx))
691 goto err;
692
693 *out = fips_dispatch_table;
694
695 return 1;
696 err:
697 fips_teardown(*provctx);
698 *provctx = NULL;
699 return 0;
700 }
701
702 /*
703 * The internal init function used when the FIPS module uses EVP to call
704 * another algorithm also in the FIPS module. This is a recursive call that has
705 * been made from within the FIPS module itself. To make this work, we populate
706 * the provider context of this inner instance with the same library context
707 * that was used in the EVP call that initiated this recursive call.
708 */
709 OSSL_provider_init_fn fips_intern_provider_init;
710 int fips_intern_provider_init(const OSSL_CORE_HANDLE *handle,
711 const OSSL_DISPATCH *in,
712 const OSSL_DISPATCH **out,
713 void **provctx)
714 {
715 OSSL_core_get_library_context_fn *c_get_libctx = NULL;
716
717 for (; in->function_id != 0; in++) {
718 switch (in->function_id) {
719 case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT:
720 c_get_libctx = OSSL_get_core_get_library_context(in);
721 break;
722 default:
723 break;
724 }
725 }
726
727 if (c_get_libctx == NULL)
728 return 0;
729
730 if ((*provctx = PROV_CTX_new()) == NULL)
731 return 0;
732 /*
733 * Using the parent library context only works because we are a built-in
734 * internal provider. This is not something that most providers would be
735 * able to do.
736 */
737 PROV_CTX_set0_library_context(*provctx, (OPENSSL_CTX *)c_get_libctx(handle));
738 PROV_CTX_set0_handle(*provctx, handle);
739
740 *out = intern_dispatch_table;
741 return 1;
742 }
743
744 void ERR_new(void)
745 {
746 c_new_error(NULL);
747 }
748
749 void ERR_set_debug(const char *file, int line, const char *func)
750 {
751 c_set_error_debug(NULL, file, line, func);
752 }
753
754 void ERR_set_error(int lib, int reason, const char *fmt, ...)
755 {
756 va_list args;
757
758 va_start(args, fmt);
759 c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
760 va_end(args);
761 }
762
763 void ERR_vset_error(int lib, int reason, const char *fmt, va_list args)
764 {
765 c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
766 }
767
768 int ERR_set_mark(void)
769 {
770 return c_set_error_mark(NULL);
771 }
772
773 int ERR_clear_last_mark(void)
774 {
775 return c_clear_last_error_mark(NULL);
776 }
777
778 int ERR_pop_to_mark(void)
779 {
780 return c_pop_error_to_mark(NULL);
781 }
782
783 /*
784 * This must take a library context, since it's called from the depths
785 * of crypto/initthread.c code, where it's (correctly) assumed that the
786 * passed caller argument is an OPENSSL_CTX pointer (since the same routine
787 * is also called from other parts of libcrypto, which all pass around a
788 * OPENSSL_CTX pointer)
789 */
790 const OSSL_CORE_HANDLE *FIPS_get_core_handle(OPENSSL_CTX *libctx)
791 {
792 FIPS_GLOBAL *fgbl = openssl_ctx_get_data(libctx,
793 OPENSSL_CTX_FIPS_PROV_INDEX,
794 &fips_prov_ossl_ctx_method);
795
796 if (fgbl == NULL)
797 return NULL;
798
799 return fgbl->handle;
800 }
801
802 void *CRYPTO_malloc(size_t num, const char *file, int line)
803 {
804 return c_CRYPTO_malloc(num, file, line);
805 }
806
807 void *CRYPTO_zalloc(size_t num, const char *file, int line)
808 {
809 return c_CRYPTO_zalloc(num, file, line);
810 }
811
812 void CRYPTO_free(void *ptr, const char *file, int line)
813 {
814 c_CRYPTO_free(ptr, file, line);
815 }
816
817 void CRYPTO_clear_free(void *ptr, size_t num, const char *file, int line)
818 {
819 c_CRYPTO_clear_free(ptr, num, file, line);
820 }
821
822 void *CRYPTO_realloc(void *addr, size_t num, const char *file, int line)
823 {
824 return c_CRYPTO_realloc(addr, num, file, line);
825 }
826
827 void *CRYPTO_clear_realloc(void *addr, size_t old_num, size_t num,
828 const char *file, int line)
829 {
830 return c_CRYPTO_clear_realloc(addr, old_num, num, file, line);
831 }
832
833 void *CRYPTO_secure_malloc(size_t num, const char *file, int line)
834 {
835 return c_CRYPTO_secure_malloc(num, file, line);
836 }
837
838 void *CRYPTO_secure_zalloc(size_t num, const char *file, int line)
839 {
840 return c_CRYPTO_secure_zalloc(num, file, line);
841 }
842
843 void CRYPTO_secure_free(void *ptr, const char *file, int line)
844 {
845 c_CRYPTO_secure_free(ptr, file, line);
846 }
847
848 void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *file, int line)
849 {
850 c_CRYPTO_secure_clear_free(ptr, num, file, line);
851 }
852
853 int CRYPTO_secure_allocated(const void *ptr)
854 {
855 return c_CRYPTO_secure_allocated(ptr);
856 }
857
858 int BIO_snprintf(char *buf, size_t n, const char *format, ...)
859 {
860 va_list args;
861 int ret;
862
863 va_start(args, format);
864 ret = c_BIO_vsnprintf(buf, n, format, args);
865 va_end(args);
866 return ret;
867 }
A mirror of the official openssl repository