2020-08-12 13:46:57 +08:00
|
|
|
/*
|
2021-06-17 20:24:59 +08:00
|
|
|
* Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
|
2020-08-12 13:46:57 +08:00
|
|
|
*
|
|
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
|
* https://www.openssl.org/source/license.html
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include "../testutil.h"
|
|
|
|
|
#include <openssl/provider.h>
|
2022-09-13 06:46:34 +08:00
|
|
|
#include <openssl/core_names.h>
|
2020-08-12 13:46:57 +08:00
|
|
|
#include <string.h>
|
|
|
|
|
|
2020-09-26 21:21:48 +08:00
|
|
|
int test_get_libctx(OSSL_LIB_CTX **libctx, OSSL_PROVIDER **default_null_prov,
|
|
|
|
|
const char *config_file,
|
|
|
|
|
OSSL_PROVIDER **provider, const char *module_name)
|
2020-08-12 13:46:57 +08:00
|
|
|
{
|
2021-03-15 12:26:09 +08:00
|
|
|
OSSL_LIB_CTX *new_libctx = NULL;
|
|
|
|
|
|
|
|
|
|
if (libctx != NULL) {
|
|
|
|
|
if ((new_libctx = *libctx = OSSL_LIB_CTX_new()) == NULL) {
|
|
|
|
|
opt_printf_stderr("Failed to create libctx\n");
|
|
|
|
|
goto err;
|
|
|
|
|
}
|
2020-09-26 21:21:48 +08:00
|
|
|
}
|
2020-08-12 13:46:57 +08:00
|
|
|
|
2020-09-26 21:21:48 +08:00
|
|
|
if (default_null_prov != NULL
|
|
|
|
|
&& (*default_null_prov = OSSL_PROVIDER_load(NULL, "null")) == NULL) {
|
|
|
|
|
opt_printf_stderr("Failed to load null provider into default libctx\n");
|
|
|
|
|
goto err;
|
2020-08-12 13:46:57 +08:00
|
|
|
}
|
2020-09-26 21:21:48 +08:00
|
|
|
|
|
|
|
|
if (config_file != NULL
|
2021-03-15 12:26:09 +08:00
|
|
|
&& !OSSL_LIB_CTX_load_config(new_libctx, config_file)) {
|
2020-09-26 21:21:48 +08:00
|
|
|
opt_printf_stderr("Error loading config from file %s\n", config_file);
|
|
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (module_name != NULL
|
2021-03-15 12:26:09 +08:00
|
|
|
&& (*provider = OSSL_PROVIDER_load(new_libctx, module_name)) == NULL) {
|
2020-09-26 21:21:48 +08:00
|
|
|
opt_printf_stderr("Failed to load provider %s\n", module_name);
|
|
|
|
|
goto err;
|
2020-08-12 13:46:57 +08:00
|
|
|
}
|
|
|
|
|
return 1;
|
|
|
|
|
|
|
|
|
|
err:
|
|
|
|
|
ERR_print_errors_fp(stderr);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2020-09-26 21:21:48 +08:00
|
|
|
|
|
|
|
|
int test_arg_libctx(OSSL_LIB_CTX **libctx, OSSL_PROVIDER **default_null_prov,
|
|
|
|
|
OSSL_PROVIDER **provider, int argn, const char *usage)
|
|
|
|
|
{
|
|
|
|
|
const char *module_name;
|
|
|
|
|
|
|
|
|
|
if (!TEST_ptr(module_name = test_get_argument(argn))) {
|
|
|
|
|
TEST_error("usage: <prog> %s", usage);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
if (strcmp(module_name, "none") == 0)
|
|
|
|
|
return 1;
|
|
|
|
|
return test_get_libctx(libctx, default_null_prov,
|
|
|
|
|
test_get_argument(argn + 1), provider, module_name);
|
|
|
|
|
}
|
2022-09-13 06:46:34 +08:00
|
|
|
|
|
|
|
|
typedef struct {
|
|
|
|
|
int major, minor, patch;
|
|
|
|
|
} FIPS_VERSION;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Query the FIPS provider to determine it's version number.
|
|
|
|
|
* Returns 1 if the version is retrieved correctly, 0 if the FIPS provider isn't
|
|
|
|
|
* loaded and -1 on error.
|
|
|
|
|
*/
|
|
|
|
|
static int fips_provider_version(OSSL_LIB_CTX *libctx, FIPS_VERSION *vers)
|
|
|
|
|
{
|
|
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
|
OSSL_PROVIDER *fips_prov;
|
|
|
|
|
char *vs;
|
|
|
|
|
|
|
|
|
|
if (!OSSL_PROVIDER_available(libctx, "fips"))
|
|
|
|
|
return 0;
|
|
|
|
|
*params = OSSL_PARAM_construct_utf8_ptr(OSSL_PROV_PARAM_VERSION, &vs, 0);
|
|
|
|
|
if ((fips_prov = OSSL_PROVIDER_load(libctx, "fips")) == NULL)
|
|
|
|
|
return -1;
|
|
|
|
|
if (!OSSL_PROVIDER_get_params(fips_prov, params)
|
|
|
|
|
|| sscanf(vs, "%d.%d.%d", &vers->major, &vers->minor, &vers->patch) != 3)
|
|
|
|
|
goto err;
|
|
|
|
|
if (!OSSL_PROVIDER_unload(fips_prov))
|
|
|
|
|
return -1; /* WTF do we do here??? */
|
|
|
|
|
return 1;
|
|
|
|
|
err:
|
|
|
|
|
OSSL_PROVIDER_unload(fips_prov);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int fips_provider_version_eq(OSSL_LIB_CTX *libctx, int major, int minor, int patch)
|
|
|
|
|
{
|
|
|
|
|
FIPS_VERSION prov;
|
|
|
|
|
int res;
|
|
|
|
|
|
|
|
|
|
if ((res = fips_provider_version(libctx, &prov)) <= 0)
|
|
|
|
|
return res == 0;
|
|
|
|
|
return major == prov.major && minor == prov.minor && patch == prov.patch;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int fips_provider_version_ne(OSSL_LIB_CTX *libctx, int major, int minor, int patch)
|
|
|
|
|
{
|
|
|
|
|
FIPS_VERSION prov;
|
|
|
|
|
int res;
|
|
|
|
|
|
|
|
|
|
if ((res = fips_provider_version(libctx, &prov)) <= 0)
|
|
|
|
|
return res == 0;
|
|
|
|
|
return major != prov.major || minor != prov.minor || patch != prov.patch;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int fips_provider_version_le(OSSL_LIB_CTX *libctx, int major, int minor, int patch)
|
|
|
|
|
{
|
|
|
|
|
FIPS_VERSION prov;
|
|
|
|
|
int res;
|
|
|
|
|
|
|
|
|
|
if ((res = fips_provider_version(libctx, &prov)) <= 0)
|
|
|
|
|
return res == 0;
|
|
|
|
|
return prov.major < major
|
|
|
|
|
|| (prov.major == major
|
|
|
|
|
&& (prov.minor < minor
|
|
|
|
|
|| (prov.minor == minor && prov.patch <= patch)));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int fips_provider_version_gt(OSSL_LIB_CTX *libctx, int major, int minor, int patch)
|
|
|
|
|
{
|
|
|
|
|
FIPS_VERSION prov;
|
|
|
|
|
int res;
|
|
|
|
|
|
|
|
|
|
if ((res = fips_provider_version(libctx, &prov)) <= 0)
|
|
|
|
|
return res == 0;
|
|
|
|
|
return prov.major > major
|
|
|
|
|
|| (prov.major == major
|
|
|
|
|
&& (prov.minor > minor
|
|
|
|
|
|| (prov.minor == minor && prov.patch > patch)));
|
|
|
|
|
}
|
