evp_cnf.c 2.4 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374
  1. /*
  2. * Copyright 2012-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <openssl/crypto.h>
  11. #include "internal/cryptlib.h"
  12. #include <openssl/conf.h>
  13. #include <openssl/x509.h>
  14. #include <openssl/x509v3.h>
  15. #include <openssl/trace.h>
  16. #include "crypto/evp.h"
  17. /* Algorithm configuration module. */
  18. static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
  19. {
  20. int i;
  21. const char *oid_section;
  22. STACK_OF(CONF_VALUE) *sktmp;
  23. CONF_VALUE *oval;
  24. OSSL_TRACE2(CONF, "Loading EVP module: name %s, value %s\n",
  25. CONF_imodule_get_name(md), CONF_imodule_get_value(md));
  26. oid_section = CONF_imodule_get_value(md);
  27. if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) {
  28. ERR_raise(ERR_LIB_EVP, EVP_R_ERROR_LOADING_SECTION);
  29. return 0;
  30. }
  31. for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
  32. oval = sk_CONF_VALUE_value(sktmp, i);
  33. if (strcmp(oval->name, "fips_mode") == 0) {
  34. int m;
  35. /* Detailed error already reported. */
  36. if (!X509V3_get_value_bool(oval, &m))
  37. return 0;
  38. /*
  39. * fips_mode is deprecated and should not be used in new
  40. * configurations.
  41. */
  42. if (!EVP_default_properties_enable_fips(NCONF_get0_libctx((CONF *)cnf),
  43. m > 0)) {
  44. ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
  45. return 0;
  46. }
  47. } else if (strcmp(oval->name, "default_properties") == 0) {
  48. if (!evp_set_default_properties_int(NCONF_get0_libctx((CONF *)cnf),
  49. oval->value, 0, 0)) {
  50. ERR_raise(ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
  51. return 0;
  52. }
  53. } else {
  54. ERR_raise_data(ERR_LIB_EVP, EVP_R_UNKNOWN_OPTION,
  55. "name=%s, value=%s", oval->name, oval->value);
  56. return 0;
  57. }
  58. }
  59. return 1;
  60. }
  61. void EVP_add_alg_module(void)
  62. {
  63. OSSL_TRACE(CONF, "Adding config module 'alg_section'\n");
  64. CONF_module_add("alg_section", alg_module_init, 0);
  65. }