mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

asymciphers: add FIPS error state handling

Browse Source 
Check for provider being runnable in newctx, init, encrypt and decrypt.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12801)
This commit is contained in:
Pauli 2020-09-07 12:44:59 +10:00
parent 1c1daab94c
commit 87fe138d35
1 changed files with 18 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
providers/implementations/asymciphers/rsa_enc.c
View File

@ -28,6 +28,7 @@
#include "prov/providercommonerr.h"
#include "prov/provider_ctx.h"
#include "prov/implementations.h"
#include "prov/providercommon.h"
#include <stdlib.h>
@ -77,8 +78,11 @@ typedef struct {
static void *rsa_newctx(void *provctx)
{
PROV_RSA_CTX *prsactx = OPENSSL_zalloc(sizeof(PROV_RSA_CTX));
PROV_RSA_CTX *prsactx;
if (!ossl_prov_is_running())
return NULL;
prsactx = OPENSSL_zalloc(sizeof(PROV_RSA_CTX));
if (prsactx == NULL)
return NULL;
prsactx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
@ -90,7 +94,10 @@ static int rsa_init(void *vprsactx, void *vrsa)
{
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
if (prsactx == NULL || vrsa == NULL || !RSA_up_ref(vrsa))
if (!ossl_prov_is_running()
|| prsactx == NULL
|| vrsa == NULL
|| !RSA_up_ref(vrsa))
return 0;
RSA_free(prsactx->rsa);
prsactx->rsa = vrsa;
@ -113,6 +120,9 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen,
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
int ret;
if (!ossl_prov_is_running())
return 0;
if (out == NULL) {
size_t len = RSA_size(prsactx->rsa);
@ -171,6 +181,9 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen,
int ret;
size_t len = RSA_size(prsactx->rsa);
if (!ossl_prov_is_running())
return 0;
if (prsactx->pad_mode == RSA_PKCS1_WITH_TLS_PADDING) {
if (out == NULL) {
*outlen = SSL_MAX_MASTER_KEY_LENGTH;
@ -269,6 +282,9 @@ static void *rsa_dupctx(void *vprsactx)
PROV_RSA_CTX *srcctx = (PROV_RSA_CTX *)vprsactx;
PROV_RSA_CTX *dstctx;
if (!ossl_prov_is_running())
return NULL;
dstctx = OPENSSL_zalloc(sizeof(*srcctx));
if (dstctx == NULL)
return NULL;