Make core code available within the FIPS module (3593266d) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/build.info

+5 −1

Original line number	Diff line number	Diff line
		@@ -12,6 +12,9 @@ LIBS=../libcrypto
		SOURCE[../libcrypto]=provider_core.c provider_predefined.c provider_conf.c \
		core_fetch.c core_namemap.c

		SOURCE[../providers/fips]=provider_core.c provider_predefined.c \
		core_fetch.c core_namemap.c

		# Central utilities
		SOURCE[../libcrypto]=\
		cryptlib.c mem.c mem_dbg.c cversion.c info.c ex_data.c cpt_err.c \
		@@ -23,7 +26,8 @@ SOURCE[../libcrypto]=\

		# FIPS module
		SOURCE[../providers/fips]=\
		cryptlib.c mem.c mem_clr.c params.c bsearch.c
		cryptlib.c mem.c mem_clr.c params.c bsearch.c ex_data.c o_str.c \
		threads_pthread.c threads_win.c threads_none.c context.c


		DEPEND[cversion.o]=buildinf.h

crypto/context.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -36,10 +36,10 @@ struct openssl_ctx_st {

		#ifndef FIPS_MODE
		static OPENSSL_CTX default_context_int;
		#endif

		/* Always points at default_context_int if it has been initialised */
		static OPENSSL_CTX *default_context = NULL;
		#endif

		static int context_init(OPENSSL_CTX *ctx)
		{

crypto/provider_core.c

+18 −0

Original line number	Diff line number	Diff line
		@@ -275,7 +275,9 @@ void ossl_provider_free(OSSL_PROVIDER *prov)
		* the store. All we have to do here is clean it out.
		*/
		if (ref == 0) {
		#ifndef FIPS_MODE
		DSO_free(prov->module);
		#endif
		OPENSSL_free(prov->name);
		OPENSSL_free(prov->path);
		sk_INFOPAIR_pop_free(prov->parameters, free_infopair);
		@@ -352,6 +354,9 @@ static int provider_activate(OSSL_PROVIDER *prov)
		* a loadable module.
		*/
		if (prov->init_function == NULL) {
		#ifdef FIPS_MODE
		return 0;
		#else
		if (prov->module == NULL) {
		char *allocated_path = NULL;
		const char *module_path = NULL;
		@@ -389,6 +394,7 @@ static int provider_activate(OSSL_PROVIDER *prov)
		if (prov->module != NULL)
		prov->init_function = (OSSL_provider_init_fn *)
		DSO_bind_func(prov->module, "OSSL_provider_init");
		#endif
		}

		if (prov->init_function == NULL
		@@ -396,8 +402,10 @@ static int provider_activate(OSSL_PROVIDER *prov)
		&prov->provctx)) {
		CRYPTOerr(CRYPTO_F_PROVIDER_ACTIVATE, ERR_R_INIT_FAIL);
		ERR_add_error_data(2, "name=", prov->name);
		#ifndef FIPS_MODE
		DSO_free(prov->module);
		prov->module = NULL;
		#endif
		return 0;
		}

		@@ -557,13 +565,21 @@ const DSO ossl_provider_dso(OSSL_PROVIDER prov)

		const char ossl_provider_module_name(OSSL_PROVIDER prov)
		{
		#ifdef FIPS_MODE
		return NULL;
		#else
		return DSO_get_filename(prov->module);
		#endif
		}

		const char ossl_provider_module_path(OSSL_PROVIDER prov)
		{
		#ifdef FIPS_MODE
		return NULL;
		#else
		/* FIXME: Ensure it's a full path */
		return DSO_get_filename(prov->module);
		#endif
		}

		/* Wrappers around calls to the provider */
		@@ -643,6 +659,8 @@ static int core_get_params(const OSSL_PROVIDER *prov, const OSSL_PARAM params[])
		static const OSSL_DISPATCH core_dispatch_[] = {
		{ OSSL_FUNC_CORE_GET_PARAM_TYPES, (void (*)(void))core_get_param_types },
		{ OSSL_FUNC_CORE_GET_PARAMS, (void (*)(void))core_get_params },
		{ OSSL_FUNC_CORE_PUT_ERROR, (void (*)(void))ERR_put_error },
		{ OSSL_FUNC_CORE_ADD_ERROR_VDATA, (void (*)(void))ERR_add_error_vdata },
		{ 0, NULL }
		};
		static const OSSL_DISPATCH *core_dispatch = core_dispatch_;

crypto/provider_predefined.c

+5 −0

Original line number	Diff line number	Diff line
		@@ -11,8 +11,13 @@
		#include "provider_local.h"

		OSSL_provider_init_fn ossl_default_provider_init;
		OSSL_provider_init_fn fips_intern_provider_init;

		const struct predefined_providers_st predefined_providers[] = {
		#ifdef FIPS_MODE
		{ "fips", fips_intern_provider_init, 1 },
		#else
		{ "default", ossl_default_provider_init, 1 },
		#endif
		{ NULL, NULL, 0 }
		};

crypto/stack/build.info

+1 −0

Original line number	Diff line number	Diff line
		LIBS=../../libcrypto
		SOURCE[../../libcrypto]=stack.c
		SOURCE[../../providers/fips]=stack.c