evp_cnf.c 2.4 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273
  1. /*
  2. * Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <openssl/crypto.h>
  11. #include "internal/cryptlib.h"
  12. #include <openssl/conf.h>
  13. #include <openssl/x509.h>
  14. #include <openssl/x509v3.h>
  15. #include <openssl/trace.h>
  16. #include "crypto/evp.h"
  17. /* Algorithm configuration module. */
  18. static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
  19. {
  20. int i;
  21. const char *oid_section;
  22. STACK_OF(CONF_VALUE) *sktmp;
  23. CONF_VALUE *oval;
  24. OSSL_TRACE2(CONF, "Loading EVP module: name %s, value %s\n",
  25. CONF_imodule_get_name(md), CONF_imodule_get_value(md));
  26. oid_section = CONF_imodule_get_value(md);
  27. if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) {
  28. EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
  29. return 0;
  30. }
  31. for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
  32. oval = sk_CONF_VALUE_value(sktmp, i);
  33. if (strcmp(oval->name, "fips_mode") == 0) {
  34. int m;
  35. if (!X509V3_get_value_bool(oval, &m)) {
  36. EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
  37. return 0;
  38. }
  39. /*
  40. * fips_mode is deprecated and should not be used in new
  41. * configurations.
  42. */
  43. if (!EVP_default_properties_enable_fips(cnf->libctx, m > 0)) {
  44. EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
  45. return 0;
  46. }
  47. } else if (strcmp(oval->name, "default_properties") == 0) {
  48. if (!evp_set_default_properties_int(cnf->libctx, oval->value, 0)) {
  49. EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
  50. return 0;
  51. }
  52. } else {
  53. EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
  54. ERR_add_error_data(4, "name=", oval->name,
  55. ", value=", oval->value);
  56. return 0;
  57. }
  58. }
  59. return 1;
  60. }
  61. void EVP_add_alg_module(void)
  62. {
  63. OSSL_TRACE(CONF, "Adding config module 'alg_section'\n");
  64. CONF_module_add("alg_section", alg_module_init, 0);
  65. }