openssl/crypto/evp/evp_cnf.c

/*
 * Copyright 2012-2017 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include <openssl/crypto.h>
#include "internal/cryptlib.h"
#include <openssl/conf.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>

/* Algorithm configuration module. */

static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
{
    int i;
    const char *oid_section;
    STACK_OF(CONF_VALUE) *sktmp;
    CONF_VALUE *oval;

    oid_section = CONF_imodule_get_value(md);
    if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) {
        EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
        return 0;
    }
    for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
        oval = sk_CONF_VALUE_value(sktmp, i);
        if (strcmp(oval->name, "fips_mode") == 0) {
            int m;
            if (!X509V3_get_value_bool(oval, &m)) {
                EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
                return 0;
            }
            if (m > 0) {
                EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED);
                return 0;
            }
        } else {
            EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
            ERR_add_error_data(4, "name=", oval->name,
                               ", value=", oval->value);
        }

    }
    return 1;
}

void EVP_add_alg_module(void)
{
    CONF_module_add("alg_section", alg_module_init, 0);
}
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`/*`
This has been added to avoid the situation where some host ctype.h functions return true for characters > 127. I.e. they are allowing extended ASCII characters through which then cause problems. E.g. marking superscript '2' as a number then causes the common (ch - '0') conversion to number to fail miserably. Likewise letters with diacritical marks can also cause problems. If a non-ASCII character set is being used (currently only EBCDIC), it is adjusted for. The implementation uses a single table with a bit for each of the defined classes. These functions accept an int argument and fail for values out of range or for characters outside of the ASCII set. They will work for both signed and unsigned character inputs. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4102) 2017-08-21 05:19:17 +08:00			`* Copyright 2012-2017 The OpenSSL Project Authors. All Rights Reserved.`
add missing evp_cnf.c file 2012-07-04 21:15:10 +08:00			`*`
Following the license change, modify the boilerplates in crypto/evp/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7794) 2018-12-06 20:40:06 +08:00			`* Licensed under the Apache License 2.0 (the "License"). You may not use`
Copyright consolidation 04/10 Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 02:24:46 +08:00			`* this file except in compliance with the License. You can obtain a copy`
			`* in the file LICENSE in the source distribution or at`
			`* https://www.openssl.org/source/license.html`
add missing evp_cnf.c file 2012-07-04 21:15:10 +08:00			`*/`

			`#include <stdio.h>`
			`#include <openssl/crypto.h>`
Identify and move common internal libcrypto header files There are header files in crypto/ that are used by a number of crypto/ submodules. Move those to crypto/include/internal and adapt the affected source code and Makefiles. The header files that got moved are: crypto/cryptolib.h crypto/md32_common.h Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-05-14 22:56:48 +08:00			`#include "internal/cryptlib.h"`
add missing evp_cnf.c file 2012-07-04 21:15:10 +08:00			`#include <openssl/conf.h>`
			`#include <openssl/x509.h>`
			`#include <openssl/x509v3.h>`

			`/* Algorithm configuration module. */`

			`static int alg_module_init(CONF_IMODULE md, const CONF cnf)`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`{`
			`int i;`
			`const char *oid_section;`
			`STACK_OF(CONF_VALUE) *sktmp;`
			`CONF_VALUE *oval;`
Use p==NULL not !p (in if statements, mainly) Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-05-07 01:43:59 +08:00
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`oid_section = CONF_imodule_get_value(md);`
Use p==NULL not !p (in if statements, mainly) Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-05-07 01:43:59 +08:00			`if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) {`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);`
			`return 0;`
			`}`
			`for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {`
			`oval = sk_CONF_VALUE_value(sktmp, i);`
Use "==0" instead of "!strcmp" etc For the various string-compare routines (strcmp, strcasecmp, str.*cmp) use "strcmp()==0" instead of "!strcmp()" Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-05-07 02:56:14 +08:00			`if (strcmp(oval->name, "fips_mode") == 0) {`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`int m;`
			`if (!X509V3_get_value_bool(oval, &m)) {`
			`EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);`
			`return 0;`
			`}`
			`if (m > 0) {`
			`EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED);`
			`return 0;`
			`}`
			`} else {`
			`EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);`
			`ERR_add_error_data(4, "name=", oval->name,`
			`", value=", oval->value);`
			`}`

			`}`
			`return 1;`
			`}`
add missing evp_cnf.c file 2012-07-04 21:15:10 +08:00
			`void EVP_add_alg_module(void)`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`{`
			`CONF_module_add("alg_section", alg_module_init, 0);`
			`}`