1 /* 2 * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <assert.h> 11 #include <openssl/core_dispatch.h> 12 #include <openssl/core_names.h> 13 #include <openssl/params.h> 14 #include <openssl/fips_names.h> 15 #include <openssl/fipskey.h> 16 #include <openssl/rand.h> /* RAND_get0_public() */ 17 #include <openssl/proverr.h> 18 #include <openssl/indicator.h> 19 #include "internal/cryptlib.h" 20 #include "internal/provider.h" 21 #include "prov/implementations.h" 22 #include "prov/names.h" 23 #include "prov/provider_ctx.h" 24 #include "prov/providercommon.h" 25 #include "prov/provider_util.h" 26 #include "prov/seeding.h" 27 #include "internal/nelem.h" 28 #include "self_test.h" 29 #include "crypto/context.h" 30 #include "fipscommon.h" 31 #include "internal/core.h" 32 33 static const char FIPS_DEFAULT_PROPERTIES[] = "provider=fips,fips=yes"; 34 static const char FIPS_UNAPPROVED_PROPERTIES[] = "provider=fips,fips=no"; 35 36 /* 37 * Forward declarations to ensure that interface functions are correctly 38 * defined. 39 */ 40 static OSSL_FUNC_provider_teardown_fn fips_teardown; 41 static OSSL_FUNC_provider_gettable_params_fn fips_gettable_params; 42 static OSSL_FUNC_provider_get_params_fn fips_get_params; 43 static OSSL_FUNC_provider_query_operation_fn fips_query; 44 static OSSL_FUNC_provider_query_operation_fn fips_query_internal; 45 static OSSL_FUNC_provider_random_bytes_fn fips_random_bytes; 46 47 #define ALGC(NAMES, FUNC, CHECK) \ 48 { { NAMES, FIPS_DEFAULT_PROPERTIES, FUNC }, CHECK } 49 #define ALG(NAMES, FUNC) ALGC(NAMES, FUNC, NULL) 50 51 extern OSSL_FUNC_core_thread_start_fn *c_thread_start; 52 53 /* 54 * Should these function pointers be stored in the provider side provctx? Could 55 * they ever be different from one init to the next? We assume not for now. 56 */ 57 58 /* Functions provided by the core */ 59 static OSSL_FUNC_core_gettable_params_fn *c_gettable_params; 60 static OSSL_FUNC_core_get_params_fn *c_get_params; 61 OSSL_FUNC_core_thread_start_fn *c_thread_start; 62 static OSSL_FUNC_core_new_error_fn *c_new_error; 63 static OSSL_FUNC_core_set_error_debug_fn *c_set_error_debug; 64 static OSSL_FUNC_core_vset_error_fn *c_vset_error; 65 static OSSL_FUNC_core_set_error_mark_fn *c_set_error_mark; 66 static OSSL_FUNC_core_clear_last_error_mark_fn *c_clear_last_error_mark; 67 static OSSL_FUNC_core_pop_error_to_mark_fn *c_pop_error_to_mark; 68 static OSSL_FUNC_core_count_to_mark_fn *c_count_to_mark; 69 static OSSL_FUNC_CRYPTO_malloc_fn *c_CRYPTO_malloc; 70 static OSSL_FUNC_CRYPTO_zalloc_fn *c_CRYPTO_zalloc; 71 static OSSL_FUNC_CRYPTO_free_fn *c_CRYPTO_free; 72 static OSSL_FUNC_CRYPTO_clear_free_fn *c_CRYPTO_clear_free; 73 static OSSL_FUNC_CRYPTO_realloc_fn *c_CRYPTO_realloc; 74 static OSSL_FUNC_CRYPTO_clear_realloc_fn *c_CRYPTO_clear_realloc; 75 static OSSL_FUNC_CRYPTO_secure_malloc_fn *c_CRYPTO_secure_malloc; 76 static OSSL_FUNC_CRYPTO_secure_zalloc_fn *c_CRYPTO_secure_zalloc; 77 static OSSL_FUNC_CRYPTO_secure_free_fn *c_CRYPTO_secure_free; 78 static OSSL_FUNC_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free; 79 static OSSL_FUNC_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated; 80 static OSSL_FUNC_BIO_vsnprintf_fn *c_BIO_vsnprintf; 81 static OSSL_FUNC_self_test_cb_fn *c_stcbfn = NULL; 82 static OSSL_FUNC_indicator_cb_fn *c_indcbfn = NULL; 83 static OSSL_FUNC_core_get_libctx_fn *c_get_libctx = NULL; 84 85 typedef struct { 86 const char *option; 87 unsigned char enabled; 88 } FIPS_OPTION; 89 90 typedef struct fips_global_st { 91 const OSSL_CORE_HANDLE *handle; 92 SELF_TEST_POST_PARAMS selftest_params; 93 94 #define OSSL_FIPS_PARAM(structname, paramname, initvalue) \ 95 FIPS_OPTION fips_##structname; 96 #include "fips_indicator_params.inc" 97 #undef OSSL_FIPS_PARAM 98 99 } FIPS_GLOBAL; 100 101 static void init_fips_option(FIPS_OPTION *opt, int enabled) 102 { 103 opt->enabled = enabled; 104 opt->option = enabled ? "1" : "0"; 105 } 106 107 void *ossl_fips_prov_ossl_ctx_new(OSSL_LIB_CTX *libctx) 108 { 109 FIPS_GLOBAL *fgbl = OPENSSL_zalloc(sizeof(*fgbl)); 110 111 if (fgbl == NULL) 112 return NULL; 113 114 #define OSSL_FIPS_PARAM(structname, paramname, initvalue) \ 115 init_fips_option(&fgbl->fips_##structname, initvalue); 116 #include "fips_indicator_params.inc" 117 #undef OSSL_FIPS_PARAM 118 119 return fgbl; 120 } 121 122 void ossl_fips_prov_ossl_ctx_free(void *fgbl) 123 { 124 OPENSSL_free(fgbl); 125 } 126 127 static int fips_random_bytes(ossl_unused void *vprov, int which, 128 void *buf, size_t n, unsigned int strength) 129 { 130 OSSL_LIB_CTX *libctx; 131 PROV_CTX *prov = (PROV_CTX *)vprov; 132 133 if (prov == NULL) 134 return 0; 135 libctx = ossl_prov_ctx_get0_libctx(prov); 136 if (which == OSSL_PROV_RANDOM_PRIVATE) 137 return RAND_priv_bytes_ex(libctx, buf, n, strength); 138 return RAND_bytes_ex(libctx, buf, n, strength); 139 } 140 141 /* 142 * Parameters to retrieve from the core provider 143 * NOTE: inside core_get_params() these will be loaded from config items 144 * stored inside prov->parameters 145 */ 146 static int fips_get_params_from_core(FIPS_GLOBAL *fgbl) 147 { 148 OSSL_PARAM core_params[32], *p = core_params; 149 150 #define OSSL_FIPS_PARAM(structname, paramname) \ 151 *p++ = OSSL_PARAM_construct_utf8_ptr( \ 152 paramname, (char **)&fgbl->selftest_params.structname, \ 153 sizeof(fgbl->selftest_params.structname)); 154 155 /* Parameters required for self testing */ 156 #include "fips_selftest_params.inc" 157 #undef OSSL_FIPS_PARAM 158 159 /* FIPS indicator options can be enabled or disabled independently */ 160 #define OSSL_FIPS_PARAM(structname, paramname, initvalue) \ 161 *p++ = OSSL_PARAM_construct_utf8_ptr( \ 162 OSSL_PROV_PARAM_##paramname, \ 163 (char **)&fgbl->fips_##structname.option, \ 164 sizeof(fgbl->fips_##structname.option)); 165 #include "fips_indicator_params.inc" 166 #undef OSSL_FIPS_PARAM 167 168 *p = OSSL_PARAM_construct_end(); 169 170 if (!c_get_params(fgbl->handle, core_params)) { 171 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 172 return 0; 173 } 174 175 return 1; 176 } 177 178 static const OSSL_PARAM *fips_gettable_params(void *provctx) 179 { 180 /* Parameters we provide to the core */ 181 static const OSSL_PARAM fips_param_types[] = { 182 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0), 183 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0), 184 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0), 185 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_STATUS, OSSL_PARAM_INTEGER, NULL, 0), 186 187 #define OSSL_FIPS_PARAM(structname, paramname, initvalue) \ 188 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_##paramname, OSSL_PARAM_INTEGER, NULL, 0), 189 #include "fips_indicator_params.inc" 190 #undef OSSL_FIPS_PARAM 191 192 OSSL_PARAM_END 193 }; 194 return fips_param_types; 195 } 196 197 static int fips_get_params(void *provctx, OSSL_PARAM params[]) 198 { 199 OSSL_PARAM *p; 200 FIPS_GLOBAL *fgbl = ossl_lib_ctx_get_data(ossl_prov_ctx_get0_libctx(provctx), 201 OSSL_LIB_CTX_FIPS_PROV_INDEX); 202 203 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME); 204 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, FIPS_VENDOR)) 205 return 0; 206 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION); 207 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR)) 208 return 0; 209 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO); 210 if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR)) 211 return 0; 212 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_STATUS); 213 if (p != NULL && !OSSL_PARAM_set_int(p, ossl_prov_is_running())) 214 return 0; 215 216 #define OSSL_FIPS_PARAM(structname, paramname, initvalue) \ 217 p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_##paramname); \ 218 if (p != NULL && !OSSL_PARAM_set_int(p, fgbl->fips_##structname.enabled)) \ 219 return 0; 220 #include "fips_indicator_params.inc" 221 #undef OSSL_FIPS_PARAM 222 223 return 1; 224 } 225 226 static void set_self_test_cb(FIPS_GLOBAL *fgbl) 227 { 228 const OSSL_CORE_HANDLE *handle = FIPS_get_core_handle(fgbl->selftest_params.libctx); 229 230 if (c_stcbfn != NULL && c_get_libctx != NULL) { 231 c_stcbfn(c_get_libctx(handle), &fgbl->selftest_params.cb, 232 &fgbl->selftest_params.cb_arg); 233 } else { 234 fgbl->selftest_params.cb = NULL; 235 fgbl->selftest_params.cb_arg = NULL; 236 } 237 } 238 239 static int fips_self_test(void *provctx) 240 { 241 FIPS_GLOBAL *fgbl = ossl_lib_ctx_get_data(ossl_prov_ctx_get0_libctx(provctx), 242 OSSL_LIB_CTX_FIPS_PROV_INDEX); 243 244 set_self_test_cb(fgbl); 245 return SELF_TEST_post(&fgbl->selftest_params, 1) ? 1 : 0; 246 } 247 248 /* 249 * For the algorithm names, we use the following formula for our primary 250 * names: 251 * 252 * ALGNAME[VERSION?][-SUBNAME[VERSION?]?][-SIZE?][-MODE?] 253 * 254 * VERSION is only present if there are multiple versions of 255 * an alg (MD2, MD4, MD5). It may be omitted if there is only 256 * one version (if a subsequent version is released in the future, 257 * we can always change the canonical name, and add the old name 258 * as an alias). 259 * 260 * SUBNAME may be present where we are combining multiple 261 * algorithms together, e.g. MD5-SHA1. 262 * 263 * SIZE is only present if multiple versions of an algorithm exist 264 * with different sizes (e.g. AES-128-CBC, AES-256-CBC) 265 * 266 * MODE is only present where applicable. 267 * 268 * We add diverse other names where applicable, such as the names that 269 * NIST uses, or that are used for ASN.1 OBJECT IDENTIFIERs, or names 270 * we have used historically. 271 */ 272 static const OSSL_ALGORITHM fips_digests[] = { 273 /* Our primary name:NiST name[:our older names] */ 274 { PROV_NAMES_SHA1, FIPS_DEFAULT_PROPERTIES, ossl_sha1_functions }, 275 { PROV_NAMES_SHA2_224, FIPS_DEFAULT_PROPERTIES, ossl_sha224_functions }, 276 { PROV_NAMES_SHA2_256, FIPS_DEFAULT_PROPERTIES, ossl_sha256_functions }, 277 { PROV_NAMES_SHA2_384, FIPS_DEFAULT_PROPERTIES, ossl_sha384_functions }, 278 { PROV_NAMES_SHA2_512, FIPS_DEFAULT_PROPERTIES, ossl_sha512_functions }, 279 { PROV_NAMES_SHA2_512_224, FIPS_DEFAULT_PROPERTIES, 280 ossl_sha512_224_functions }, 281 { PROV_NAMES_SHA2_512_256, FIPS_DEFAULT_PROPERTIES, 282 ossl_sha512_256_functions }, 283 284 /* We agree with NIST here, so one name only */ 285 { PROV_NAMES_SHA3_224, FIPS_DEFAULT_PROPERTIES, ossl_sha3_224_functions }, 286 { PROV_NAMES_SHA3_256, FIPS_DEFAULT_PROPERTIES, ossl_sha3_256_functions }, 287 { PROV_NAMES_SHA3_384, FIPS_DEFAULT_PROPERTIES, ossl_sha3_384_functions }, 288 { PROV_NAMES_SHA3_512, FIPS_DEFAULT_PROPERTIES, ossl_sha3_512_functions }, 289 290 { PROV_NAMES_SHAKE_128, FIPS_DEFAULT_PROPERTIES, ossl_shake_128_functions }, 291 { PROV_NAMES_SHAKE_256, FIPS_DEFAULT_PROPERTIES, ossl_shake_256_functions }, 292 293 /* 294 * KECCAK-KMAC-128 and KECCAK-KMAC-256 as hashes are mostly useful for 295 * KMAC128 and KMAC256. 296 */ 297 { PROV_NAMES_KECCAK_KMAC_128, FIPS_DEFAULT_PROPERTIES, 298 ossl_keccak_kmac_128_functions }, 299 { PROV_NAMES_KECCAK_KMAC_256, FIPS_DEFAULT_PROPERTIES, 300 ossl_keccak_kmac_256_functions }, 301 { NULL, NULL, NULL } 302 }; 303 304 static const OSSL_ALGORITHM_CAPABLE fips_ciphers[] = { 305 /* Our primary name[:ASN.1 OID name][:our older names] */ 306 ALG(PROV_NAMES_AES_256_ECB, ossl_aes256ecb_functions), 307 ALG(PROV_NAMES_AES_192_ECB, ossl_aes192ecb_functions), 308 ALG(PROV_NAMES_AES_128_ECB, ossl_aes128ecb_functions), 309 ALG(PROV_NAMES_AES_256_CBC, ossl_aes256cbc_functions), 310 ALG(PROV_NAMES_AES_192_CBC, ossl_aes192cbc_functions), 311 ALG(PROV_NAMES_AES_128_CBC, ossl_aes128cbc_functions), 312 ALG(PROV_NAMES_AES_256_CBC_CTS, ossl_aes256cbc_cts_functions), 313 ALG(PROV_NAMES_AES_192_CBC_CTS, ossl_aes192cbc_cts_functions), 314 ALG(PROV_NAMES_AES_128_CBC_CTS, ossl_aes128cbc_cts_functions), 315 ALG(PROV_NAMES_AES_256_OFB, ossl_aes256ofb_functions), 316 ALG(PROV_NAMES_AES_192_OFB, ossl_aes192ofb_functions), 317 ALG(PROV_NAMES_AES_128_OFB, ossl_aes128ofb_functions), 318 ALG(PROV_NAMES_AES_256_CFB, ossl_aes256cfb_functions), 319 ALG(PROV_NAMES_AES_192_CFB, ossl_aes192cfb_functions), 320 ALG(PROV_NAMES_AES_128_CFB, ossl_aes128cfb_functions), 321 ALG(PROV_NAMES_AES_256_CFB1, ossl_aes256cfb1_functions), 322 ALG(PROV_NAMES_AES_192_CFB1, ossl_aes192cfb1_functions), 323 ALG(PROV_NAMES_AES_128_CFB1, ossl_aes128cfb1_functions), 324 ALG(PROV_NAMES_AES_256_CFB8, ossl_aes256cfb8_functions), 325 ALG(PROV_NAMES_AES_192_CFB8, ossl_aes192cfb8_functions), 326 ALG(PROV_NAMES_AES_128_CFB8, ossl_aes128cfb8_functions), 327 ALG(PROV_NAMES_AES_256_CTR, ossl_aes256ctr_functions), 328 ALG(PROV_NAMES_AES_192_CTR, ossl_aes192ctr_functions), 329 ALG(PROV_NAMES_AES_128_CTR, ossl_aes128ctr_functions), 330 ALG(PROV_NAMES_AES_256_XTS, ossl_aes256xts_functions), 331 ALG(PROV_NAMES_AES_128_XTS, ossl_aes128xts_functions), 332 ALG(PROV_NAMES_AES_256_GCM, ossl_aes256gcm_functions), 333 ALG(PROV_NAMES_AES_192_GCM, ossl_aes192gcm_functions), 334 ALG(PROV_NAMES_AES_128_GCM, ossl_aes128gcm_functions), 335 ALG(PROV_NAMES_AES_256_CCM, ossl_aes256ccm_functions), 336 ALG(PROV_NAMES_AES_192_CCM, ossl_aes192ccm_functions), 337 ALG(PROV_NAMES_AES_128_CCM, ossl_aes128ccm_functions), 338 ALG(PROV_NAMES_AES_256_WRAP, ossl_aes256wrap_functions), 339 ALG(PROV_NAMES_AES_192_WRAP, ossl_aes192wrap_functions), 340 ALG(PROV_NAMES_AES_128_WRAP, ossl_aes128wrap_functions), 341 ALG(PROV_NAMES_AES_256_WRAP_PAD, ossl_aes256wrappad_functions), 342 ALG(PROV_NAMES_AES_192_WRAP_PAD, ossl_aes192wrappad_functions), 343 ALG(PROV_NAMES_AES_128_WRAP_PAD, ossl_aes128wrappad_functions), 344 ALG(PROV_NAMES_AES_256_WRAP_INV, ossl_aes256wrapinv_functions), 345 ALG(PROV_NAMES_AES_192_WRAP_INV, ossl_aes192wrapinv_functions), 346 ALG(PROV_NAMES_AES_128_WRAP_INV, ossl_aes128wrapinv_functions), 347 ALG(PROV_NAMES_AES_256_WRAP_PAD_INV, ossl_aes256wrappadinv_functions), 348 ALG(PROV_NAMES_AES_192_WRAP_PAD_INV, ossl_aes192wrappadinv_functions), 349 ALG(PROV_NAMES_AES_128_WRAP_PAD_INV, ossl_aes128wrappadinv_functions), 350 ALGC(PROV_NAMES_AES_128_CBC_HMAC_SHA1, ossl_aes128cbc_hmac_sha1_functions, 351 ossl_cipher_capable_aes_cbc_hmac_sha1), 352 ALGC(PROV_NAMES_AES_256_CBC_HMAC_SHA1, ossl_aes256cbc_hmac_sha1_functions, 353 ossl_cipher_capable_aes_cbc_hmac_sha1), 354 ALGC(PROV_NAMES_AES_128_CBC_HMAC_SHA256, ossl_aes128cbc_hmac_sha256_functions, 355 ossl_cipher_capable_aes_cbc_hmac_sha256), 356 ALGC(PROV_NAMES_AES_256_CBC_HMAC_SHA256, ossl_aes256cbc_hmac_sha256_functions, 357 ossl_cipher_capable_aes_cbc_hmac_sha256), 358 #ifndef OPENSSL_NO_DES 359 ALG(PROV_NAMES_DES_EDE3_ECB, ossl_tdes_ede3_ecb_functions), 360 ALG(PROV_NAMES_DES_EDE3_CBC, ossl_tdes_ede3_cbc_functions), 361 #endif /* OPENSSL_NO_DES */ 362 { { NULL, NULL, NULL }, NULL } 363 }; 364 static OSSL_ALGORITHM exported_fips_ciphers[OSSL_NELEM(fips_ciphers)]; 365 366 static const OSSL_ALGORITHM fips_macs[] = { 367 #ifndef OPENSSL_NO_CMAC 368 { PROV_NAMES_CMAC, FIPS_DEFAULT_PROPERTIES, ossl_cmac_functions }, 369 #endif 370 { PROV_NAMES_GMAC, FIPS_DEFAULT_PROPERTIES, ossl_gmac_functions }, 371 { PROV_NAMES_HMAC, FIPS_DEFAULT_PROPERTIES, ossl_hmac_functions }, 372 { PROV_NAMES_KMAC_128, FIPS_DEFAULT_PROPERTIES, ossl_kmac128_functions }, 373 { PROV_NAMES_KMAC_256, FIPS_DEFAULT_PROPERTIES, ossl_kmac256_functions }, 374 { NULL, NULL, NULL } 375 }; 376 377 static const OSSL_ALGORITHM fips_macs_internal[] = { 378 #ifndef OPENSSL_NO_CMAC 379 { PROV_NAMES_CMAC, FIPS_DEFAULT_PROPERTIES, ossl_cmac_functions }, 380 #endif 381 { PROV_NAMES_HMAC, FIPS_DEFAULT_PROPERTIES, ossl_hmac_internal_functions }, 382 { PROV_NAMES_KMAC_128, FIPS_DEFAULT_PROPERTIES, ossl_kmac128_internal_functions }, 383 { PROV_NAMES_KMAC_256, FIPS_DEFAULT_PROPERTIES, ossl_kmac256_internal_functions }, 384 { NULL, NULL, NULL } 385 }; 386 387 static const OSSL_ALGORITHM fips_kdfs[] = { 388 { PROV_NAMES_HKDF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_hkdf_functions }, 389 { PROV_NAMES_TLS1_3_KDF, FIPS_DEFAULT_PROPERTIES, 390 ossl_kdf_tls1_3_kdf_functions }, 391 { PROV_NAMES_SSKDF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_sskdf_functions }, 392 { PROV_NAMES_PBKDF2, FIPS_DEFAULT_PROPERTIES, ossl_kdf_pbkdf2_functions }, 393 { PROV_NAMES_SSHKDF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_sshkdf_functions }, 394 { PROV_NAMES_X963KDF, FIPS_DEFAULT_PROPERTIES, 395 ossl_kdf_x963_kdf_functions }, 396 { PROV_NAMES_X942KDF_ASN1, FIPS_DEFAULT_PROPERTIES, 397 ossl_kdf_x942_kdf_functions }, 398 { PROV_NAMES_TLS1_PRF, FIPS_DEFAULT_PROPERTIES, 399 ossl_kdf_tls1_prf_functions }, 400 { PROV_NAMES_KBKDF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_kbkdf_functions }, 401 { NULL, NULL, NULL } 402 }; 403 404 static const OSSL_ALGORITHM fips_rands[] = { 405 { PROV_NAMES_CRNG_TEST, FIPS_UNAPPROVED_PROPERTIES, ossl_crng_test_functions }, 406 { PROV_NAMES_CTR_DRBG, FIPS_DEFAULT_PROPERTIES, ossl_drbg_ctr_functions }, 407 { PROV_NAMES_HASH_DRBG, FIPS_DEFAULT_PROPERTIES, ossl_drbg_hash_functions }, 408 { PROV_NAMES_HMAC_DRBG, FIPS_DEFAULT_PROPERTIES, ossl_drbg_ossl_hmac_functions }, 409 #ifndef OPENSSL_NO_FIPS_JITTER 410 { PROV_NAMES_JITTER, FIPS_DEFAULT_PROPERTIES, ossl_jitter_functions }, 411 #endif 412 { PROV_NAMES_TEST_RAND, FIPS_UNAPPROVED_PROPERTIES, ossl_test_rng_functions }, 413 { NULL, NULL, NULL } 414 }; 415 416 static const OSSL_ALGORITHM fips_keyexch[] = { 417 #ifndef OPENSSL_NO_DH 418 { PROV_NAMES_DH, FIPS_DEFAULT_PROPERTIES, ossl_dh_keyexch_functions }, 419 #endif 420 #ifndef OPENSSL_NO_EC 421 { PROV_NAMES_ECDH, FIPS_DEFAULT_PROPERTIES, ossl_ecdh_keyexch_functions }, 422 #ifndef OPENSSL_NO_ECX 423 { PROV_NAMES_X25519, FIPS_UNAPPROVED_PROPERTIES, ossl_x25519_keyexch_functions }, 424 { PROV_NAMES_X448, FIPS_UNAPPROVED_PROPERTIES, ossl_x448_keyexch_functions }, 425 #endif 426 #endif 427 { PROV_NAMES_TLS1_PRF, FIPS_DEFAULT_PROPERTIES, 428 ossl_kdf_tls1_prf_keyexch_functions }, 429 { PROV_NAMES_HKDF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_hkdf_keyexch_functions }, 430 { NULL, NULL, NULL } 431 }; 432 433 static const OSSL_ALGORITHM fips_signature[] = { 434 #ifndef OPENSSL_NO_DSA 435 { PROV_NAMES_DSA, FIPS_DEFAULT_PROPERTIES, ossl_dsa_signature_functions }, 436 { PROV_NAMES_DSA_SHA1, FIPS_DEFAULT_PROPERTIES, ossl_dsa_sha1_signature_functions }, 437 { PROV_NAMES_DSA_SHA224, FIPS_DEFAULT_PROPERTIES, ossl_dsa_sha224_signature_functions }, 438 { PROV_NAMES_DSA_SHA256, FIPS_DEFAULT_PROPERTIES, ossl_dsa_sha256_signature_functions }, 439 { PROV_NAMES_DSA_SHA384, FIPS_DEFAULT_PROPERTIES, ossl_dsa_sha384_signature_functions }, 440 { PROV_NAMES_DSA_SHA512, FIPS_DEFAULT_PROPERTIES, ossl_dsa_sha512_signature_functions }, 441 { PROV_NAMES_DSA_SHA3_224, FIPS_DEFAULT_PROPERTIES, ossl_dsa_sha3_224_signature_functions }, 442 { PROV_NAMES_DSA_SHA3_256, FIPS_DEFAULT_PROPERTIES, ossl_dsa_sha3_256_signature_functions }, 443 { PROV_NAMES_DSA_SHA3_384, FIPS_DEFAULT_PROPERTIES, ossl_dsa_sha3_384_signature_functions }, 444 { PROV_NAMES_DSA_SHA3_512, FIPS_DEFAULT_PROPERTIES, ossl_dsa_sha3_512_signature_functions }, 445 #endif 446 { PROV_NAMES_RSA, FIPS_DEFAULT_PROPERTIES, ossl_rsa_signature_functions }, 447 { PROV_NAMES_RSA_SHA1, FIPS_DEFAULT_PROPERTIES, 448 ossl_rsa_sha1_signature_functions }, 449 { PROV_NAMES_RSA_SHA224, FIPS_DEFAULT_PROPERTIES, 450 ossl_rsa_sha224_signature_functions }, 451 { PROV_NAMES_RSA_SHA256, FIPS_DEFAULT_PROPERTIES, 452 ossl_rsa_sha256_signature_functions }, 453 { PROV_NAMES_RSA_SHA384, FIPS_DEFAULT_PROPERTIES, 454 ossl_rsa_sha384_signature_functions }, 455 { PROV_NAMES_RSA_SHA512, FIPS_DEFAULT_PROPERTIES, 456 ossl_rsa_sha512_signature_functions }, 457 { PROV_NAMES_RSA_SHA512_224, FIPS_DEFAULT_PROPERTIES, 458 ossl_rsa_sha512_224_signature_functions }, 459 { PROV_NAMES_RSA_SHA512_256, FIPS_DEFAULT_PROPERTIES, 460 ossl_rsa_sha512_256_signature_functions }, 461 { PROV_NAMES_RSA_SHA3_224, FIPS_DEFAULT_PROPERTIES, 462 ossl_rsa_sha3_224_signature_functions }, 463 { PROV_NAMES_RSA_SHA3_256, FIPS_DEFAULT_PROPERTIES, 464 ossl_rsa_sha3_256_signature_functions }, 465 { PROV_NAMES_RSA_SHA3_384, FIPS_DEFAULT_PROPERTIES, 466 ossl_rsa_sha3_384_signature_functions }, 467 { PROV_NAMES_RSA_SHA3_512, FIPS_DEFAULT_PROPERTIES, 468 ossl_rsa_sha3_512_signature_functions }, 469 #ifndef OPENSSL_NO_EC 470 #ifndef OPENSSL_NO_ECX 471 { PROV_NAMES_ED25519, FIPS_DEFAULT_PROPERTIES, 472 ossl_ed25519_signature_functions }, 473 { PROV_NAMES_ED25519ph, FIPS_DEFAULT_PROPERTIES, 474 ossl_ed25519ph_signature_functions }, 475 { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES, 476 ossl_ed448_signature_functions }, 477 { PROV_NAMES_ED448ph, FIPS_DEFAULT_PROPERTIES, 478 ossl_ed448ph_signature_functions }, 479 #endif 480 { PROV_NAMES_ECDSA, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_signature_functions }, 481 { PROV_NAMES_ECDSA_SHA1, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_sha1_signature_functions }, 482 { PROV_NAMES_ECDSA_SHA224, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_sha224_signature_functions }, 483 { PROV_NAMES_ECDSA_SHA256, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_sha256_signature_functions }, 484 { PROV_NAMES_ECDSA_SHA384, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_sha384_signature_functions }, 485 { PROV_NAMES_ECDSA_SHA512, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_sha512_signature_functions }, 486 { PROV_NAMES_ECDSA_SHA3_224, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_sha3_224_signature_functions }, 487 { PROV_NAMES_ECDSA_SHA3_256, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_sha3_256_signature_functions }, 488 { PROV_NAMES_ECDSA_SHA3_384, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_sha3_384_signature_functions }, 489 { PROV_NAMES_ECDSA_SHA3_512, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_sha3_512_signature_functions }, 490 #endif 491 #ifndef OPENSSL_NO_ML_DSA 492 { PROV_NAMES_ML_DSA_44, FIPS_DEFAULT_PROPERTIES, ossl_ml_dsa_44_signature_functions }, 493 { PROV_NAMES_ML_DSA_65, FIPS_DEFAULT_PROPERTIES, ossl_ml_dsa_65_signature_functions }, 494 { PROV_NAMES_ML_DSA_87, FIPS_DEFAULT_PROPERTIES, ossl_ml_dsa_87_signature_functions }, 495 #endif 496 { PROV_NAMES_HMAC, FIPS_DEFAULT_PROPERTIES, 497 ossl_mac_legacy_hmac_signature_functions }, 498 #ifndef OPENSSL_NO_CMAC 499 { PROV_NAMES_CMAC, FIPS_DEFAULT_PROPERTIES, 500 ossl_mac_legacy_cmac_signature_functions }, 501 #endif 502 #ifndef OPENSSL_NO_SLH_DSA 503 { PROV_NAMES_SLH_DSA_SHA2_128S, FIPS_DEFAULT_PROPERTIES, 504 ossl_slh_dsa_sha2_128s_signature_functions, PROV_DESCS_SLH_DSA_SHA2_128S }, 505 { PROV_NAMES_SLH_DSA_SHA2_128F, FIPS_DEFAULT_PROPERTIES, 506 ossl_slh_dsa_sha2_128f_signature_functions, PROV_DESCS_SLH_DSA_SHA2_128F }, 507 { PROV_NAMES_SLH_DSA_SHA2_192S, FIPS_DEFAULT_PROPERTIES, 508 ossl_slh_dsa_sha2_192s_signature_functions, PROV_DESCS_SLH_DSA_SHA2_192S }, 509 { PROV_NAMES_SLH_DSA_SHA2_192F, FIPS_DEFAULT_PROPERTIES, 510 ossl_slh_dsa_sha2_192f_signature_functions, PROV_DESCS_SLH_DSA_SHA2_192F }, 511 { PROV_NAMES_SLH_DSA_SHA2_256S, FIPS_DEFAULT_PROPERTIES, 512 ossl_slh_dsa_sha2_256s_signature_functions, PROV_DESCS_SLH_DSA_SHA2_256S }, 513 { PROV_NAMES_SLH_DSA_SHA2_256F, FIPS_DEFAULT_PROPERTIES, 514 ossl_slh_dsa_sha2_256f_signature_functions, PROV_DESCS_SLH_DSA_SHA2_256F }, 515 { PROV_NAMES_SLH_DSA_SHAKE_128S, FIPS_DEFAULT_PROPERTIES, 516 ossl_slh_dsa_shake_128s_signature_functions, PROV_DESCS_SLH_DSA_SHAKE_128S }, 517 { PROV_NAMES_SLH_DSA_SHAKE_128F, FIPS_DEFAULT_PROPERTIES, 518 ossl_slh_dsa_shake_128f_signature_functions, PROV_DESCS_SLH_DSA_SHAKE_128F }, 519 { PROV_NAMES_SLH_DSA_SHAKE_192S, FIPS_DEFAULT_PROPERTIES, 520 ossl_slh_dsa_shake_192s_signature_functions, PROV_DESCS_SLH_DSA_SHAKE_192S }, 521 { PROV_NAMES_SLH_DSA_SHAKE_192F, FIPS_DEFAULT_PROPERTIES, 522 ossl_slh_dsa_shake_192f_signature_functions, PROV_DESCS_SLH_DSA_SHAKE_192F }, 523 { PROV_NAMES_SLH_DSA_SHAKE_256S, FIPS_DEFAULT_PROPERTIES, 524 ossl_slh_dsa_shake_256s_signature_functions, PROV_DESCS_SLH_DSA_SHAKE_256S }, 525 { PROV_NAMES_SLH_DSA_SHAKE_256F, FIPS_DEFAULT_PROPERTIES, 526 ossl_slh_dsa_shake_256f_signature_functions, PROV_DESCS_SLH_DSA_SHAKE_256F }, 527 #endif /* OPENSSL_NO_SLH_DSA */ 528 { NULL, NULL, NULL } 529 }; 530 531 static const OSSL_ALGORITHM fips_asym_cipher[] = { 532 { PROV_NAMES_RSA, FIPS_DEFAULT_PROPERTIES, ossl_rsa_asym_cipher_functions }, 533 { NULL, NULL, NULL } 534 }; 535 536 static const OSSL_ALGORITHM fips_asym_kem[] = { 537 { PROV_NAMES_RSA, FIPS_DEFAULT_PROPERTIES, ossl_rsa_asym_kem_functions }, 538 #ifndef OPENSSL_NO_ML_KEM 539 { PROV_NAMES_ML_KEM_512, FIPS_DEFAULT_PROPERTIES, ossl_ml_kem_asym_kem_functions }, 540 { PROV_NAMES_ML_KEM_768, FIPS_DEFAULT_PROPERTIES, ossl_ml_kem_asym_kem_functions }, 541 { PROV_NAMES_ML_KEM_1024, FIPS_DEFAULT_PROPERTIES, ossl_ml_kem_asym_kem_functions }, 542 #if !defined(OPENSSL_NO_ECX) 543 { "X25519MLKEM768", FIPS_DEFAULT_PROPERTIES, ossl_mlx_kem_asym_kem_functions }, 544 { "X448MLKEM1024", FIPS_DEFAULT_PROPERTIES, ossl_mlx_kem_asym_kem_functions }, 545 #endif 546 #if !defined(OPENSSL_NO_EC) 547 { "SecP256r1MLKEM768", FIPS_DEFAULT_PROPERTIES, ossl_mlx_kem_asym_kem_functions }, 548 { "SecP384r1MLKEM1024", FIPS_DEFAULT_PROPERTIES, ossl_mlx_kem_asym_kem_functions }, 549 #endif 550 #endif 551 { NULL, NULL, NULL } 552 }; 553 554 static const OSSL_ALGORITHM fips_keymgmt[] = { 555 #ifndef OPENSSL_NO_DH 556 { PROV_NAMES_DH, FIPS_DEFAULT_PROPERTIES, ossl_dh_keymgmt_functions, 557 PROV_DESCS_DH }, 558 { PROV_NAMES_DHX, FIPS_DEFAULT_PROPERTIES, ossl_dhx_keymgmt_functions, 559 PROV_DESCS_DHX }, 560 #endif 561 #ifndef OPENSSL_NO_DSA 562 { PROV_NAMES_DSA, FIPS_DEFAULT_PROPERTIES, ossl_dsa_keymgmt_functions, 563 PROV_DESCS_DSA }, 564 #endif 565 { PROV_NAMES_RSA, FIPS_DEFAULT_PROPERTIES, ossl_rsa_keymgmt_functions, 566 PROV_DESCS_RSA }, 567 { PROV_NAMES_RSA_PSS, FIPS_DEFAULT_PROPERTIES, 568 ossl_rsapss_keymgmt_functions, PROV_DESCS_RSA_PSS }, 569 #ifndef OPENSSL_NO_EC 570 { PROV_NAMES_EC, FIPS_DEFAULT_PROPERTIES, ossl_ec_keymgmt_functions, 571 PROV_DESCS_EC }, 572 #ifndef OPENSSL_NO_ECX 573 { PROV_NAMES_X25519, FIPS_UNAPPROVED_PROPERTIES, ossl_x25519_keymgmt_functions, 574 PROV_DESCS_X25519 }, 575 { PROV_NAMES_X448, FIPS_UNAPPROVED_PROPERTIES, ossl_x448_keymgmt_functions, 576 PROV_DESCS_X448 }, 577 { PROV_NAMES_ED25519, FIPS_DEFAULT_PROPERTIES, ossl_ed25519_keymgmt_functions, 578 PROV_DESCS_ED25519 }, 579 { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES, ossl_ed448_keymgmt_functions, 580 PROV_DESCS_ED448 }, 581 #endif 582 #endif 583 #ifndef OPENSSL_NO_ML_DSA 584 { PROV_NAMES_ML_DSA_44, FIPS_DEFAULT_PROPERTIES, ossl_ml_dsa_44_keymgmt_functions, 585 PROV_DESCS_ML_DSA_44 }, 586 { PROV_NAMES_ML_DSA_65, FIPS_DEFAULT_PROPERTIES, ossl_ml_dsa_65_keymgmt_functions, 587 PROV_DESCS_ML_DSA_65 }, 588 { PROV_NAMES_ML_DSA_87, FIPS_DEFAULT_PROPERTIES, ossl_ml_dsa_87_keymgmt_functions, 589 PROV_DESCS_ML_DSA_87 }, 590 #endif /* OPENSSL_NO_ML_DSA */ 591 { PROV_NAMES_TLS1_PRF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_keymgmt_functions, 592 PROV_DESCS_TLS1_PRF_SIGN }, 593 { PROV_NAMES_HKDF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_keymgmt_functions, 594 PROV_DESCS_HKDF_SIGN }, 595 { PROV_NAMES_HMAC, FIPS_DEFAULT_PROPERTIES, ossl_mac_legacy_keymgmt_functions, 596 PROV_DESCS_HMAC_SIGN }, 597 #ifndef OPENSSL_NO_CMAC 598 { PROV_NAMES_CMAC, FIPS_DEFAULT_PROPERTIES, 599 ossl_cmac_legacy_keymgmt_functions, PROV_DESCS_CMAC_SIGN }, 600 #endif 601 #ifndef OPENSSL_NO_ML_KEM 602 { PROV_NAMES_ML_KEM_512, FIPS_DEFAULT_PROPERTIES, ossl_ml_kem_512_keymgmt_functions, 603 PROV_DESCS_ML_KEM_512 }, 604 { PROV_NAMES_ML_KEM_768, FIPS_DEFAULT_PROPERTIES, ossl_ml_kem_768_keymgmt_functions, 605 PROV_DESCS_ML_KEM_768 }, 606 { PROV_NAMES_ML_KEM_1024, FIPS_DEFAULT_PROPERTIES, ossl_ml_kem_1024_keymgmt_functions, 607 PROV_DESCS_ML_KEM_1024 }, 608 #if !defined(OPENSSL_NO_ECX) 609 { PROV_NAMES_X25519MLKEM768, FIPS_DEFAULT_PROPERTIES, ossl_mlx_x25519_kem_kmgmt_functions, 610 PROV_DESCS_X25519MLKEM768 }, 611 { PROV_NAMES_X448MLKEM1024, FIPS_DEFAULT_PROPERTIES, ossl_mlx_x448_kem_kmgmt_functions, 612 PROV_DESCS_X448MLKEM1024 }, 613 #endif 614 #if !defined(OPENSSL_NO_EC) 615 { PROV_NAMES_SecP256r1MLKEM768, FIPS_DEFAULT_PROPERTIES, ossl_mlx_p256_kem_kmgmt_functions, 616 PROV_DESCS_SecP256r1MLKEM768 }, 617 { PROV_NAMES_SecP384r1MLKEM1024, FIPS_DEFAULT_PROPERTIES, ossl_mlx_p384_kem_kmgmt_functions, 618 PROV_DESCS_SecP384r1MLKEM1024 }, 619 #endif 620 #endif 621 #ifndef OPENSSL_NO_SLH_DSA 622 { PROV_NAMES_SLH_DSA_SHA2_128S, FIPS_DEFAULT_PROPERTIES, 623 ossl_slh_dsa_sha2_128s_keymgmt_functions, PROV_DESCS_SLH_DSA_SHA2_128S }, 624 { PROV_NAMES_SLH_DSA_SHA2_128F, FIPS_DEFAULT_PROPERTIES, 625 ossl_slh_dsa_sha2_128f_keymgmt_functions, PROV_DESCS_SLH_DSA_SHA2_128F }, 626 { PROV_NAMES_SLH_DSA_SHA2_192S, FIPS_DEFAULT_PROPERTIES, 627 ossl_slh_dsa_sha2_192s_keymgmt_functions, PROV_DESCS_SLH_DSA_SHA2_192S }, 628 { PROV_NAMES_SLH_DSA_SHA2_192F, FIPS_DEFAULT_PROPERTIES, 629 ossl_slh_dsa_sha2_192f_keymgmt_functions, PROV_DESCS_SLH_DSA_SHA2_192F }, 630 { PROV_NAMES_SLH_DSA_SHA2_256S, FIPS_DEFAULT_PROPERTIES, 631 ossl_slh_dsa_sha2_256s_keymgmt_functions, PROV_DESCS_SLH_DSA_SHA2_256S }, 632 { PROV_NAMES_SLH_DSA_SHA2_256F, FIPS_DEFAULT_PROPERTIES, 633 ossl_slh_dsa_sha2_256f_keymgmt_functions, PROV_DESCS_SLH_DSA_SHA2_256F }, 634 { PROV_NAMES_SLH_DSA_SHAKE_128S, FIPS_DEFAULT_PROPERTIES, 635 ossl_slh_dsa_shake_128s_keymgmt_functions, PROV_DESCS_SLH_DSA_SHAKE_128S }, 636 { PROV_NAMES_SLH_DSA_SHAKE_128F, FIPS_DEFAULT_PROPERTIES, 637 ossl_slh_dsa_shake_128f_keymgmt_functions, PROV_DESCS_SLH_DSA_SHAKE_128F }, 638 { PROV_NAMES_SLH_DSA_SHAKE_192S, FIPS_DEFAULT_PROPERTIES, 639 ossl_slh_dsa_shake_192s_keymgmt_functions, PROV_DESCS_SLH_DSA_SHAKE_192S }, 640 { PROV_NAMES_SLH_DSA_SHAKE_192F, FIPS_DEFAULT_PROPERTIES, 641 ossl_slh_dsa_shake_192f_keymgmt_functions, PROV_DESCS_SLH_DSA_SHAKE_192F }, 642 { PROV_NAMES_SLH_DSA_SHAKE_256S, FIPS_DEFAULT_PROPERTIES, 643 ossl_slh_dsa_shake_256s_keymgmt_functions, PROV_DESCS_SLH_DSA_SHAKE_256S }, 644 { PROV_NAMES_SLH_DSA_SHAKE_256F, FIPS_DEFAULT_PROPERTIES, 645 ossl_slh_dsa_shake_256f_keymgmt_functions, PROV_DESCS_SLH_DSA_SHAKE_256F }, 646 #endif /* OPENSSL_NO_SLH_DSA */ 647 { NULL, NULL, NULL } 648 }; 649 650 static const OSSL_ALGORITHM *fips_query(void *provctx, int operation_id, 651 int *no_cache) 652 { 653 *no_cache = 0; 654 655 if (!ossl_prov_is_running()) 656 return NULL; 657 658 switch (operation_id) { 659 case OSSL_OP_DIGEST: 660 return fips_digests; 661 case OSSL_OP_CIPHER: 662 return exported_fips_ciphers; 663 case OSSL_OP_MAC: 664 return fips_macs; 665 case OSSL_OP_KDF: 666 return fips_kdfs; 667 case OSSL_OP_RAND: 668 return fips_rands; 669 case OSSL_OP_KEYMGMT: 670 return fips_keymgmt; 671 case OSSL_OP_KEYEXCH: 672 return fips_keyexch; 673 case OSSL_OP_SIGNATURE: 674 return fips_signature; 675 case OSSL_OP_ASYM_CIPHER: 676 return fips_asym_cipher; 677 case OSSL_OP_KEM: 678 return fips_asym_kem; 679 } 680 return NULL; 681 } 682 683 static const OSSL_ALGORITHM *fips_query_internal(void *provctx, int operation_id, 684 int *no_cache) 685 { 686 if (operation_id == OSSL_OP_MAC) { 687 *no_cache = 0; 688 if (!ossl_prov_is_running()) 689 return NULL; 690 return fips_macs_internal; 691 } 692 return fips_query(provctx, operation_id, no_cache); 693 } 694 695 static void fips_teardown(void *provctx) 696 { 697 OSSL_LIB_CTX_free(PROV_LIBCTX_OF(provctx)); 698 ossl_prov_ctx_free(provctx); 699 } 700 701 static void fips_intern_teardown(void *provctx) 702 { 703 /* 704 * We know that the library context is the same as for the outer provider, 705 * so no need to destroy it here. 706 */ 707 ossl_prov_ctx_free(provctx); 708 } 709 710 /* Functions we provide to the core */ 711 static const OSSL_DISPATCH fips_dispatch_table[] = { 712 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fips_teardown }, 713 { OSSL_FUNC_PROVIDER_GETTABLE_PARAMS, (void (*)(void))fips_gettable_params }, 714 { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))fips_get_params }, 715 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query }, 716 { OSSL_FUNC_PROVIDER_GET_CAPABILITIES, 717 (void (*)(void))ossl_prov_get_capabilities }, 718 { OSSL_FUNC_PROVIDER_SELF_TEST, (void (*)(void))fips_self_test }, 719 { OSSL_FUNC_PROVIDER_RANDOM_BYTES, (void (*)(void))fips_random_bytes }, 720 OSSL_DISPATCH_END 721 }; 722 723 /* Functions we provide to ourself */ 724 static const OSSL_DISPATCH intern_dispatch_table[] = { 725 { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))fips_intern_teardown }, 726 { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query_internal }, 727 OSSL_DISPATCH_END 728 }; 729 730 /* 731 * On VMS, the provider init function name is expected to be uppercase, 732 * see the pragmas in <openssl/core.h>. Let's do the same with this 733 * internal name. This is how symbol names are treated by default 734 * by the compiler if nothing else is said, but since this is part 735 * of libfips, and we build our libraries with mixed case symbol names, 736 * we must switch back to this default explicitly here. 737 */ 738 #ifdef __VMS 739 #pragma names save 740 #pragma names uppercase, truncated 741 #endif 742 OSSL_provider_init_fn OSSL_provider_init_int; 743 #ifdef __VMS 744 #pragma names restore 745 #endif 746 int OSSL_provider_init_int(const OSSL_CORE_HANDLE *handle, 747 const OSSL_DISPATCH *in, 748 const OSSL_DISPATCH **out, 749 void **provctx) 750 { 751 FIPS_GLOBAL *fgbl; 752 OSSL_LIB_CTX *libctx = NULL; 753 SELF_TEST_POST_PARAMS selftest_params; 754 755 memset(&selftest_params, 0, sizeof(selftest_params)); 756 757 if (!ossl_prov_seeding_from_dispatch(in)) 758 goto err; 759 for (; in->function_id != 0; in++) { 760 /* 761 * We do not support the scenario of an application linked against 762 * multiple versions of libcrypto (e.g. one static and one dynamic), but 763 * sharing a single fips.so. We do a simple sanity check here. 764 */ 765 #define set_func(c, f) \ 766 if (c == NULL) \ 767 c = f; \ 768 else if (c != f) \ 769 return 0; 770 switch (in->function_id) { 771 case OSSL_FUNC_CORE_GET_LIBCTX: 772 set_func(c_get_libctx, OSSL_FUNC_core_get_libctx(in)); 773 break; 774 case OSSL_FUNC_CORE_GETTABLE_PARAMS: 775 set_func(c_gettable_params, OSSL_FUNC_core_gettable_params(in)); 776 break; 777 case OSSL_FUNC_CORE_GET_PARAMS: 778 set_func(c_get_params, OSSL_FUNC_core_get_params(in)); 779 break; 780 case OSSL_FUNC_CORE_THREAD_START: 781 set_func(c_thread_start, OSSL_FUNC_core_thread_start(in)); 782 break; 783 case OSSL_FUNC_CORE_NEW_ERROR: 784 set_func(c_new_error, OSSL_FUNC_core_new_error(in)); 785 break; 786 case OSSL_FUNC_CORE_SET_ERROR_DEBUG: 787 set_func(c_set_error_debug, OSSL_FUNC_core_set_error_debug(in)); 788 break; 789 case OSSL_FUNC_CORE_VSET_ERROR: 790 set_func(c_vset_error, OSSL_FUNC_core_vset_error(in)); 791 break; 792 case OSSL_FUNC_CORE_SET_ERROR_MARK: 793 set_func(c_set_error_mark, OSSL_FUNC_core_set_error_mark(in)); 794 break; 795 case OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK: 796 set_func(c_clear_last_error_mark, 797 OSSL_FUNC_core_clear_last_error_mark(in)); 798 break; 799 case OSSL_FUNC_CORE_POP_ERROR_TO_MARK: 800 set_func(c_pop_error_to_mark, OSSL_FUNC_core_pop_error_to_mark(in)); 801 break; 802 case OSSL_FUNC_CORE_COUNT_TO_MARK: 803 set_func(c_count_to_mark, OSSL_FUNC_core_count_to_mark(in)); 804 break; 805 case OSSL_FUNC_CRYPTO_MALLOC: 806 set_func(c_CRYPTO_malloc, OSSL_FUNC_CRYPTO_malloc(in)); 807 break; 808 case OSSL_FUNC_CRYPTO_ZALLOC: 809 set_func(c_CRYPTO_zalloc, OSSL_FUNC_CRYPTO_zalloc(in)); 810 break; 811 case OSSL_FUNC_CRYPTO_FREE: 812 set_func(c_CRYPTO_free, OSSL_FUNC_CRYPTO_free(in)); 813 break; 814 case OSSL_FUNC_CRYPTO_CLEAR_FREE: 815 set_func(c_CRYPTO_clear_free, OSSL_FUNC_CRYPTO_clear_free(in)); 816 break; 817 case OSSL_FUNC_CRYPTO_REALLOC: 818 set_func(c_CRYPTO_realloc, OSSL_FUNC_CRYPTO_realloc(in)); 819 break; 820 case OSSL_FUNC_CRYPTO_CLEAR_REALLOC: 821 set_func(c_CRYPTO_clear_realloc, 822 OSSL_FUNC_CRYPTO_clear_realloc(in)); 823 break; 824 case OSSL_FUNC_CRYPTO_SECURE_MALLOC: 825 set_func(c_CRYPTO_secure_malloc, 826 OSSL_FUNC_CRYPTO_secure_malloc(in)); 827 break; 828 case OSSL_FUNC_CRYPTO_SECURE_ZALLOC: 829 set_func(c_CRYPTO_secure_zalloc, 830 OSSL_FUNC_CRYPTO_secure_zalloc(in)); 831 break; 832 case OSSL_FUNC_CRYPTO_SECURE_FREE: 833 set_func(c_CRYPTO_secure_free, 834 OSSL_FUNC_CRYPTO_secure_free(in)); 835 break; 836 case OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE: 837 set_func(c_CRYPTO_secure_clear_free, 838 OSSL_FUNC_CRYPTO_secure_clear_free(in)); 839 break; 840 case OSSL_FUNC_CRYPTO_SECURE_ALLOCATED: 841 set_func(c_CRYPTO_secure_allocated, 842 OSSL_FUNC_CRYPTO_secure_allocated(in)); 843 break; 844 case OSSL_FUNC_BIO_NEW_FILE: 845 set_func(selftest_params.bio_new_file_cb, 846 OSSL_FUNC_BIO_new_file(in)); 847 break; 848 case OSSL_FUNC_BIO_NEW_MEMBUF: 849 set_func(selftest_params.bio_new_buffer_cb, 850 OSSL_FUNC_BIO_new_membuf(in)); 851 break; 852 case OSSL_FUNC_BIO_READ_EX: 853 set_func(selftest_params.bio_read_ex_cb, 854 OSSL_FUNC_BIO_read_ex(in)); 855 break; 856 case OSSL_FUNC_BIO_FREE: 857 set_func(selftest_params.bio_free_cb, OSSL_FUNC_BIO_free(in)); 858 break; 859 case OSSL_FUNC_BIO_VSNPRINTF: 860 set_func(c_BIO_vsnprintf, OSSL_FUNC_BIO_vsnprintf(in)); 861 break; 862 case OSSL_FUNC_SELF_TEST_CB: 863 set_func(c_stcbfn, OSSL_FUNC_self_test_cb(in)); 864 break; 865 case OSSL_FUNC_INDICATOR_CB: 866 set_func(c_indcbfn, OSSL_FUNC_indicator_cb(in)); 867 break; 868 default: 869 /* Just ignore anything we don't understand */ 870 break; 871 } 872 } 873 874 OPENSSL_cpuid_setup(); 875 876 /* Create a context. */ 877 if ((*provctx = ossl_prov_ctx_new()) == NULL 878 || (libctx = OSSL_LIB_CTX_new()) == NULL) 879 goto err; 880 881 if ((fgbl = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_FIPS_PROV_INDEX)) == NULL) 882 goto err; 883 884 fgbl->handle = handle; 885 886 /* 887 * We need to register this thread to receive thread lifecycle callbacks. 888 * This wouldn't matter if the current thread is also the same thread that 889 * closes the FIPS provider down. But if that happens on a different thread 890 * then memory leaks could otherwise occur. 891 */ 892 if (!ossl_thread_register_fips(libctx)) 893 goto err; 894 895 /* 896 * Ensure our internal provider is loaded. We use this whenever the FIPS 897 * provider internally uses the EVP API. We proactively load this now 898 * rather than waiting for lazy loading to ensure it is always present when 899 * we need it. 900 */ 901 if (!ossl_provider_activate_fallbacks(libctx)) 902 goto err; 903 904 /* 905 * We did initial set up of selftest_params in a local copy, because we 906 * could not create fgbl until c_CRYPTO_zalloc was defined in the loop 907 * above. 908 */ 909 fgbl->selftest_params = selftest_params; 910 911 fgbl->selftest_params.libctx = libctx; 912 913 set_self_test_cb(fgbl); 914 915 if (!fips_get_params_from_core(fgbl)) { 916 /* Error already raised */ 917 goto err; 918 } 919 /* 920 * Disable the conditional error check if it's disabled in the fips config 921 * file. 922 */ 923 if (fgbl->selftest_params.conditional_error_check != NULL 924 && strcmp(fgbl->selftest_params.conditional_error_check, "0") == 0) 925 SELF_TEST_disable_conditional_error_state(); 926 927 /* Enable or disable FIPS provider options */ 928 #define OSSL_FIPS_PARAM(structname, paramname, unused) \ 929 if (fgbl->fips_##structname.option != NULL) { \ 930 if (strcmp(fgbl->fips_##structname.option, "1") == 0) \ 931 fgbl->fips_##structname.enabled = 1; \ 932 else if (strcmp(fgbl->fips_##structname.option, "0") == 0) \ 933 fgbl->fips_##structname.enabled = 0; \ 934 else \ 935 goto err; \ 936 } 937 #include "fips_indicator_params.inc" 938 #undef OSSL_FIPS_PARAM 939 940 ossl_prov_cache_exported_algorithms(fips_ciphers, exported_fips_ciphers); 941 942 if (!SELF_TEST_post(&fgbl->selftest_params, 0)) { 943 ERR_raise(ERR_LIB_PROV, PROV_R_SELF_TEST_POST_FAILURE); 944 goto err; 945 } 946 947 ossl_prov_ctx_set0_libctx(*provctx, libctx); 948 ossl_prov_ctx_set0_core_get_params(*provctx, c_get_params); 949 ossl_prov_ctx_set0_handle(*provctx, handle); 950 951 *out = fips_dispatch_table; 952 return 1; 953 err: 954 fips_teardown(*provctx); 955 OSSL_LIB_CTX_free(libctx); 956 *provctx = NULL; 957 return 0; 958 } 959 960 /* 961 * The internal init function used when the FIPS module uses EVP to call 962 * another algorithm also in the FIPS module. This is a recursive call that has 963 * been made from within the FIPS module itself. To make this work, we populate 964 * the provider context of this inner instance with the same library context 965 * that was used in the EVP call that initiated this recursive call. 966 */ 967 OSSL_provider_init_fn ossl_fips_intern_provider_init; 968 int ossl_fips_intern_provider_init(const OSSL_CORE_HANDLE *handle, 969 const OSSL_DISPATCH *in, 970 const OSSL_DISPATCH **out, 971 void **provctx) 972 { 973 OSSL_FUNC_core_get_libctx_fn *c_internal_get_libctx = NULL; 974 975 for (; in->function_id != 0; in++) { 976 switch (in->function_id) { 977 case OSSL_FUNC_CORE_GET_LIBCTX: 978 c_internal_get_libctx = OSSL_FUNC_core_get_libctx(in); 979 break; 980 default: 981 break; 982 } 983 } 984 985 if (c_internal_get_libctx == NULL) 986 return 0; 987 988 if ((*provctx = ossl_prov_ctx_new()) == NULL) 989 return 0; 990 991 /* 992 * Using the parent library context only works because we are a built-in 993 * internal provider. This is not something that most providers would be 994 * able to do. 995 */ 996 ossl_prov_ctx_set0_libctx(*provctx, 997 (OSSL_LIB_CTX *)c_internal_get_libctx(handle)); 998 ossl_prov_ctx_set0_handle(*provctx, handle); 999 1000 *out = intern_dispatch_table; 1001 return 1; 1002 } 1003 1004 void ERR_new(void) 1005 { 1006 c_new_error(NULL); 1007 } 1008 1009 void ERR_set_debug(const char *file, int line, const char *func) 1010 { 1011 c_set_error_debug(NULL, file, line, func); 1012 } 1013 1014 void ERR_set_error(int lib, int reason, const char *fmt, ...) 1015 { 1016 va_list args; 1017 1018 va_start(args, fmt); 1019 c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args); 1020 va_end(args); 1021 } 1022 1023 void ERR_vset_error(int lib, int reason, const char *fmt, va_list args) 1024 { 1025 c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args); 1026 } 1027 1028 int ERR_set_mark(void) 1029 { 1030 return c_set_error_mark(NULL); 1031 } 1032 1033 int ERR_clear_last_mark(void) 1034 { 1035 return c_clear_last_error_mark(NULL); 1036 } 1037 1038 int ERR_pop_to_mark(void) 1039 { 1040 return c_pop_error_to_mark(NULL); 1041 } 1042 1043 int ERR_count_to_mark(void) 1044 { 1045 return c_count_to_mark != NULL ? c_count_to_mark(NULL) : 0; 1046 } 1047 1048 /* 1049 * This must take a library context, since it's called from the depths 1050 * of crypto/initthread.c code, where it's (correctly) assumed that the 1051 * passed caller argument is an OSSL_LIB_CTX pointer (since the same routine 1052 * is also called from other parts of libcrypto, which all pass around a 1053 * OSSL_LIB_CTX pointer) 1054 */ 1055 const OSSL_CORE_HANDLE *FIPS_get_core_handle(OSSL_LIB_CTX *libctx) 1056 { 1057 FIPS_GLOBAL *fgbl = ossl_lib_ctx_get_data(libctx, 1058 OSSL_LIB_CTX_FIPS_PROV_INDEX); 1059 1060 if (fgbl == NULL) 1061 return NULL; 1062 1063 return fgbl->handle; 1064 } 1065 1066 void *CRYPTO_malloc(size_t num, const char *file, int line) 1067 { 1068 return c_CRYPTO_malloc(num, file, line); 1069 } 1070 1071 void *CRYPTO_zalloc(size_t num, const char *file, int line) 1072 { 1073 return c_CRYPTO_zalloc(num, file, line); 1074 } 1075 1076 void CRYPTO_free(void *ptr, const char *file, int line) 1077 { 1078 c_CRYPTO_free(ptr, file, line); 1079 } 1080 1081 void CRYPTO_clear_free(void *ptr, size_t num, const char *file, int line) 1082 { 1083 c_CRYPTO_clear_free(ptr, num, file, line); 1084 } 1085 1086 void *CRYPTO_realloc(void *addr, size_t num, const char *file, int line) 1087 { 1088 return c_CRYPTO_realloc(addr, num, file, line); 1089 } 1090 1091 void *CRYPTO_clear_realloc(void *addr, size_t old_num, size_t num, 1092 const char *file, int line) 1093 { 1094 return c_CRYPTO_clear_realloc(addr, old_num, num, file, line); 1095 } 1096 1097 void *CRYPTO_secure_malloc(size_t num, const char *file, int line) 1098 { 1099 return c_CRYPTO_secure_malloc(num, file, line); 1100 } 1101 1102 void *CRYPTO_secure_zalloc(size_t num, const char *file, int line) 1103 { 1104 return c_CRYPTO_secure_zalloc(num, file, line); 1105 } 1106 1107 void CRYPTO_secure_free(void *ptr, const char *file, int line) 1108 { 1109 c_CRYPTO_secure_free(ptr, file, line); 1110 } 1111 1112 void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *file, int line) 1113 { 1114 c_CRYPTO_secure_clear_free(ptr, num, file, line); 1115 } 1116 1117 int CRYPTO_secure_allocated(const void *ptr) 1118 { 1119 return c_CRYPTO_secure_allocated(ptr); 1120 } 1121 1122 void *CRYPTO_aligned_alloc(size_t num, size_t align, void **freeptr, 1123 const char *file, int line) 1124 { 1125 return NULL; 1126 } 1127 1128 int BIO_snprintf(char *buf, size_t n, const char *format, ...) 1129 { 1130 va_list args; 1131 int ret; 1132 1133 va_start(args, format); 1134 ret = c_BIO_vsnprintf(buf, n, format, args); 1135 va_end(args); 1136 return ret; 1137 } 1138 1139 #define OSSL_FIPS_PARAM(structname, paramname, unused) \ 1140 int ossl_fips_config_##structname(OSSL_LIB_CTX *libctx) \ 1141 { \ 1142 FIPS_GLOBAL *fgbl = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_FIPS_PROV_INDEX); \ 1143 \ 1144 return fgbl->fips_##structname.enabled; \ 1145 } 1146 #include "fips_indicator_params.inc" 1147 #undef OSSL_FIPS_PARAM 1148 1149 void OSSL_SELF_TEST_get_callback(OSSL_LIB_CTX *libctx, OSSL_CALLBACK **cb, 1150 void **cbarg) 1151 { 1152 assert(libctx != NULL); 1153 1154 if (c_stcbfn != NULL && c_get_libctx != NULL) { 1155 /* Get the parent libctx */ 1156 c_stcbfn(c_get_libctx(FIPS_get_core_handle(libctx)), cb, cbarg); 1157 } else { 1158 if (cb != NULL) 1159 *cb = NULL; 1160 if (cbarg != NULL) 1161 *cbarg = NULL; 1162 } 1163 } 1164 1165 void OSSL_INDICATOR_get_callback(OSSL_LIB_CTX *libctx, 1166 OSSL_INDICATOR_CALLBACK **cb) 1167 { 1168 assert(libctx != NULL); 1169 1170 if (c_indcbfn != NULL && c_get_libctx != NULL) { 1171 /* Get the parent libctx */ 1172 c_indcbfn(c_get_libctx(FIPS_get_core_handle(libctx)), cb); 1173 } else { 1174 if (cb != NULL) 1175 *cb = NULL; 1176 } 1177 } 1178
Indexes created Sat Feb 28 05:31:39 UTC 2026