summaryrefslogtreecommitdiff
path: root/crypto/evp/pmeth_gn.c
diff options
context:
space:
mode:
authorShane Lontis <shane.lontis@oracle.com>2020-01-12 11:32:12 +1000
committerShane Lontis <shane.lontis@oracle.com>2020-01-12 11:32:12 +1000
commite683582bf37de45a9512aea7ff33b9a3ebdf07f4 (patch)
tree3a8c7e4f3ae908816ef57c15e56b619daa1430ac /crypto/evp/pmeth_gn.c
parente0e68f9e34585084038fba768fb2eecb5dd1ddf3 (diff)
downloadopenssl-new-e683582bf37de45a9512aea7ff33b9a3ebdf07f4.tar.gz
Add dsa signature alg to fips provider
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10615)
Diffstat (limited to 'crypto/evp/pmeth_gn.c')
-rw-r--r--crypto/evp/pmeth_gn.c174
1 files changed, 91 insertions, 83 deletions
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
index 100931cda7..14c5fd4b99 100644
--- a/crypto/evp/pmeth_gn.c
+++ b/crypto/evp/pmeth_gn.c
@@ -17,89 +17,7 @@
#include "crypto/evp.h"
#include "evp_local.h"
-static int fromdata_init(EVP_PKEY_CTX *ctx, int operation)
-{
- if (ctx == NULL || ctx->keytype == NULL)
- goto not_supported;
-
- evp_pkey_ctx_free_old_ops(ctx);
- ctx->operation = operation;
- if (ctx->keymgmt == NULL)
- ctx->keymgmt = EVP_KEYMGMT_fetch(NULL, ctx->keytype, ctx->propquery);
- if (ctx->keymgmt == NULL)
- goto not_supported;
-
- return 1;
-
- not_supported:
- ctx->operation = EVP_PKEY_OP_UNDEFINED;
- ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
- return -2;
-}
-
-int EVP_PKEY_param_fromdata_init(EVP_PKEY_CTX *ctx)
-{
- return fromdata_init(ctx, EVP_PKEY_OP_PARAMFROMDATA);
-}
-
-int EVP_PKEY_key_fromdata_init(EVP_PKEY_CTX *ctx)
-{
- return fromdata_init(ctx, EVP_PKEY_OP_KEYFROMDATA);
-}
-
-int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, OSSL_PARAM params[])
-{
- void *provdata = NULL;
-
- if (ctx == NULL || (ctx->operation & EVP_PKEY_OP_TYPE_FROMDATA) == 0) {
- ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
- return -2;
- }
-
- if (ppkey == NULL)
- return -1;
-
- if (*ppkey == NULL)
- *ppkey = EVP_PKEY_new();
-
- if (*ppkey == NULL) {
- ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
- return -1;
- }
-
- provdata =
- evp_keymgmt_fromdata(*ppkey, ctx->keymgmt, params,
- ctx->operation == EVP_PKEY_OP_PARAMFROMDATA);
-
- if (provdata == NULL)
- return 0;
- /* provdata is cached in *ppkey, so we need not bother with it further */
- return 1;
-}
-
-/*
- * TODO(3.0) Re-evaluate the names, it's possible that we find these to be
- * better:
- *
- * EVP_PKEY_param_settable()
- * EVP_PKEY_param_gettable()
- */
-const OSSL_PARAM *EVP_PKEY_param_fromdata_settable(EVP_PKEY_CTX *ctx)
-{
- /* We call fromdata_init to get ctx->keymgmt populated */
- if (fromdata_init(ctx, EVP_PKEY_OP_UNDEFINED))
- return evp_keymgmt_importdomparam_types(ctx->keymgmt);
- return NULL;
-}
-
-const OSSL_PARAM *EVP_PKEY_key_fromdata_settable(EVP_PKEY_CTX *ctx)
-{
- /* We call fromdata_init to get ctx->keymgmt populated */
- if (fromdata_init(ctx, EVP_PKEY_OP_UNDEFINED))
- return evp_keymgmt_importdomparam_types(ctx->keymgmt);
- return NULL;
-}
-
+#ifndef FIPS_MODE
int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
{
int ret;
@@ -321,3 +239,93 @@ int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx)
return pkey->ameth->pkey_param_check(pkey);
}
+
+#endif /* FIPS_MODE */
+
+/*- All methods below can also be used in FIPS_MODE */
+
+static int fromdata_init(EVP_PKEY_CTX *ctx, int operation)
+{
+ if (ctx == NULL || ctx->keytype == NULL)
+ goto not_supported;
+
+ evp_pkey_ctx_free_old_ops(ctx);
+ ctx->operation = operation;
+ if (ctx->keymgmt == NULL)
+ ctx->keymgmt = EVP_KEYMGMT_fetch(ctx->libctx, ctx->keytype,
+ ctx->propquery);
+ if (ctx->keymgmt == NULL)
+ goto not_supported;
+
+ return 1;
+
+ not_supported:
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+}
+
+int EVP_PKEY_param_fromdata_init(EVP_PKEY_CTX *ctx)
+{
+ return fromdata_init(ctx, EVP_PKEY_OP_PARAMFROMDATA);
+}
+
+int EVP_PKEY_key_fromdata_init(EVP_PKEY_CTX *ctx)
+{
+ return fromdata_init(ctx, EVP_PKEY_OP_KEYFROMDATA);
+}
+
+int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, OSSL_PARAM params[])
+{
+ void *provdata = NULL;
+
+ if (ctx == NULL || (ctx->operation & EVP_PKEY_OP_TYPE_FROMDATA) == 0) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+
+ if (ppkey == NULL)
+ return -1;
+
+ if (*ppkey == NULL)
+ *ppkey = EVP_PKEY_new();
+
+ if (*ppkey == NULL) {
+ ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+
+ provdata =
+ evp_keymgmt_fromdata(*ppkey, ctx->keymgmt, params,
+ ctx->operation == EVP_PKEY_OP_PARAMFROMDATA);
+
+ if (provdata == NULL)
+ return 0;
+ /* provdata is cached in *ppkey, so we need not bother with it further */
+ return 1;
+}
+
+/*
+ * TODO(3.0) Re-evaluate the names, it's possible that we find these to be
+ * better:
+ *
+ * EVP_PKEY_param_settable()
+ * EVP_PKEY_param_gettable()
+ */
+const OSSL_PARAM *EVP_PKEY_param_fromdata_settable(EVP_PKEY_CTX *ctx)
+{
+ /* We call fromdata_init to get ctx->keymgmt populated */
+ if (fromdata_init(ctx, EVP_PKEY_OP_UNDEFINED))
+ return evp_keymgmt_importdomparam_types(ctx->keymgmt);
+ return NULL;
+}
+
+const OSSL_PARAM *EVP_PKEY_key_fromdata_settable(EVP_PKEY_CTX *ctx)
+{
+ /* We call fromdata_init to get ctx->keymgmt populated */
+ if (fromdata_init(ctx, EVP_PKEY_OP_UNDEFINED))
+ return evp_keymgmt_importdomparam_types(ctx->keymgmt);
+ return NULL;
+}
+
+