root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

PROV: Add support for error queue marks and implement in FIPS module 

This propagates ERR_set_mark(), and ERR_clear_last_mark() and
ERR_pop_to_mark() for provider use.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/10803)
This commit is contained in:
Richard Levitte 2020-01-15 14:09:54 +01:00
parent 0b9dd3842f
commit 7b131de2bb
3 changed files with 75 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
crypto/provider_core.c
View File

@ -774,6 +774,9 @@ static OSSL_core_get_library_context_fn core_get_libctx;
static OSSL_core_new_error_fn core_new_error;
static OSSL_core_set_error_debug_fn core_set_error_debug;
static OSSL_core_vset_error_fn core_vset_error;
static OSSL_core_set_error_mark_fn core_set_error_mark;
static OSSL_core_clear_last_error_mark_fn core_clear_last_error_mark;
static OSSL_core_pop_error_to_mark_fn core_pop_error_to_mark;
#endif
static const OSSL_PARAM *core_gettable_params(const OSSL_PROVIDER *prov)
@ -857,6 +860,21 @@ static void core_vset_error(const OSSL_PROVIDER *prov,
ERR_vset_error(prov->error_lib, (int)reason, fmt, args);
}
}
static int core_set_error_mark(const OSSL_PROVIDER *prov)
{
return ERR_set_mark();
}
static int core_clear_last_error_mark(const OSSL_PROVIDER *prov)
{
return ERR_clear_last_mark();
}
static int core_pop_error_to_mark(const OSSL_PROVIDER *prov)
{
return ERR_pop_to_mark();
}
#endif
/*
@ -872,6 +890,11 @@ static const OSSL_DISPATCH core_dispatch_[] = {
{ OSSL_FUNC_CORE_NEW_ERROR, (void (*)(void))core_new_error },
{ OSSL_FUNC_CORE_SET_ERROR_DEBUG, (void (*)(void))core_set_error_debug },
{ OSSL_FUNC_CORE_VSET_ERROR, (void (*)(void))core_vset_error },
{ OSSL_FUNC_CORE_SET_ERROR_MARK, (void (*)(void))core_set_error_mark },
{ OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK,
(void (*)(void))core_clear_last_error_mark },
{ OSSL_FUNC_CORE_POP_ERROR_TO_MARK,
(void (*)(void))core_pop_error_to_mark },
{ OSSL_FUNC_BIO_NEW_FILE, (void (*)(void))BIO_new_file },
{ OSSL_FUNC_BIO_NEW_MEMBUF, (void (*)(void))BIO_new_mem_buf },
{ OSSL_FUNC_BIO_READ_EX, (void (*)(void))BIO_read_ex },

43
include/openssl/core_numbers.h
View File

@ -80,53 +80,60 @@ OSSL_CORE_MAKE_FUNC(void,core_set_error_debug,
OSSL_CORE_MAKE_FUNC(void,core_vset_error,
(const OSSL_PROVIDER *prov,
uint32_t reason, const char *fmt, va_list args))
# define OSSL_FUNC_CORE_SET_ERROR_MARK 8
OSSL_CORE_MAKE_FUNC(int, core_set_error_mark, (const OSSL_PROVIDER *prov))
# define OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK 9
OSSL_CORE_MAKE_FUNC(int, core_clear_last_error_mark,
(const OSSL_PROVIDER *prov))
# define OSSL_FUNC_CORE_POP_ERROR_TO_MARK 10
OSSL_CORE_MAKE_FUNC(int, core_pop_error_to_mark, (const OSSL_PROVIDER *prov))
/* Memory allocation, freeing, clearing. */
#define OSSL_FUNC_CRYPTO_MALLOC 10
#define OSSL_FUNC_CRYPTO_MALLOC 20
OSSL_CORE_MAKE_FUNC(void *,
CRYPTO_malloc, (size_t num, const char *file, int line))
#define OSSL_FUNC_CRYPTO_ZALLOC 11
#define OSSL_FUNC_CRYPTO_ZALLOC 21
OSSL_CORE_MAKE_FUNC(void *,
CRYPTO_zalloc, (size_t num, const char *file, int line))
#define OSSL_FUNC_CRYPTO_FREE 12
#define OSSL_FUNC_CRYPTO_FREE 22
OSSL_CORE_MAKE_FUNC(void,
CRYPTO_free, (void *ptr, const char *file, int line))
#define OSSL_FUNC_CRYPTO_CLEAR_FREE 13
#define OSSL_FUNC_CRYPTO_CLEAR_FREE 23
OSSL_CORE_MAKE_FUNC(void,
CRYPTO_clear_free, (void *ptr, size_t num, const char *file, int line))
#define OSSL_FUNC_CRYPTO_REALLOC 14
#define OSSL_FUNC_CRYPTO_REALLOC 24
OSSL_CORE_MAKE_FUNC(void *,
CRYPTO_realloc, (void *addr, size_t num, const char *file, int line))
#define OSSL_FUNC_CRYPTO_CLEAR_REALLOC 15
#define OSSL_FUNC_CRYPTO_CLEAR_REALLOC 25
OSSL_CORE_MAKE_FUNC(void *,
CRYPTO_clear_realloc, (void *addr, size_t old_num, size_t num,
const char *file, int line))
#define OSSL_FUNC_CRYPTO_SECURE_MALLOC 16
#define OSSL_FUNC_CRYPTO_SECURE_MALLOC 26
OSSL_CORE_MAKE_FUNC(void *,
CRYPTO_secure_malloc, (size_t num, const char *file, int line))
#define OSSL_FUNC_CRYPTO_SECURE_ZALLOC 17
#define OSSL_FUNC_CRYPTO_SECURE_ZALLOC 27
OSSL_CORE_MAKE_FUNC(void *,
CRYPTO_secure_zalloc, (size_t num, const char *file, int line))
#define OSSL_FUNC_CRYPTO_SECURE_FREE 18
#define OSSL_FUNC_CRYPTO_SECURE_FREE 28
OSSL_CORE_MAKE_FUNC(void,
CRYPTO_secure_free, (void *ptr, const char *file, int line))
#define OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE 19
#define OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE 29
OSSL_CORE_MAKE_FUNC(void,
CRYPTO_secure_clear_free, (void *ptr, size_t num, const char *file,
int line))
#define OSSL_FUNC_CRYPTO_SECURE_ALLOCATED 20
#define OSSL_FUNC_CRYPTO_SECURE_ALLOCATED 30
OSSL_CORE_MAKE_FUNC(int,
CRYPTO_secure_allocated, (const void *ptr))
#define OSSL_FUNC_OPENSSL_CLEANSE 21
#define OSSL_FUNC_OPENSSL_CLEANSE 31
OSSL_CORE_MAKE_FUNC(void,
OPENSSL_cleanse, (void *ptr, size_t len))
/* Bio functions provided by the core */
#define OSSL_FUNC_BIO_NEW_FILE 23
#define OSSL_FUNC_BIO_NEW_MEMBUF 24
#define OSSL_FUNC_BIO_READ_EX 25
#define OSSL_FUNC_BIO_FREE 26
#define OSSL_FUNC_BIO_VPRINTF 27
#define OSSL_FUNC_BIO_NEW_FILE 40
#define OSSL_FUNC_BIO_NEW_MEMBUF 41
#define OSSL_FUNC_BIO_READ_EX 42
#define OSSL_FUNC_BIO_FREE 43
#define OSSL_FUNC_BIO_VPRINTF 44
OSSL_CORE_MAKE_FUNC(BIO *, BIO_new_file, (const char *filename, const char *mode))
OSSL_CORE_MAKE_FUNC(BIO *, BIO_new_membuf, (const void *buf, int len))
@ -136,7 +143,7 @@ OSSL_CORE_MAKE_FUNC(int, BIO_free, (BIO *bio))
OSSL_CORE_MAKE_FUNC(int, BIO_vprintf, (BIO *bio, const char *format,
va_list args))
#define OSSL_FUNC_SELF_TEST_CB 28
#define OSSL_FUNC_SELF_TEST_CB 100
OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CTX *ctx, OSSL_CALLBACK **cb,
void **cbarg))

27
providers/fips/fipsprov.c
View File

@ -54,6 +54,9 @@ OSSL_core_thread_start_fn *c_thread_start;
static OSSL_core_new_error_fn *c_new_error;
static OSSL_core_set_error_debug_fn *c_set_error_debug;
static OSSL_core_vset_error_fn *c_vset_error;
static OSSL_core_set_error_mark_fn *c_set_error_mark;
static OSSL_core_clear_last_error_mark_fn *c_clear_last_error_mark;
static OSSL_core_pop_error_to_mark_fn *c_pop_error_to_mark;
static OSSL_CRYPTO_malloc_fn *c_CRYPTO_malloc;
static OSSL_CRYPTO_zalloc_fn *c_CRYPTO_zalloc;
static OSSL_CRYPTO_free_fn *c_CRYPTO_free;
@ -675,6 +678,15 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider,
case OSSL_FUNC_CORE_VSET_ERROR:
c_vset_error = OSSL_get_core_vset_error(in);
break;
case OSSL_FUNC_CORE_SET_ERROR_MARK:
c_set_error_mark = OSSL_get_core_set_error_mark(in);
break;
case OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK:
c_clear_last_error_mark = OSSL_get_core_clear_last_error_mark(in);
break;
case OSSL_FUNC_CORE_POP_ERROR_TO_MARK:
c_pop_error_to_mark = OSSL_get_core_pop_error_to_mark(in);
break;
case OSSL_FUNC_CRYPTO_MALLOC:
c_CRYPTO_malloc = OSSL_get_CRYPTO_malloc(in);
break;
@ -839,6 +851,21 @@ void ERR_vset_error(int lib, int reason, const char *fmt, va_list args)
c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
}
int ERR_set_mark(void)
{
return c_set_error_mark(NULL);
}
int ERR_clear_last_mark(void)
{
return c_clear_last_error_mark(NULL);
}
int ERR_pop_to_mark(void)
{
return c_pop_error_to_mark(NULL);
}
const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *ctx)
{
FIPS_GLOBAL *fgbl = openssl_ctx_get_data(ctx, OPENSSL_CTX_FIPS_PROV_INDEX,