exchange: add FIPS error state handling

The functions that check for the provider being runnable are: newctx, dupctx, init, derive and set peer. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12801)
2025-03-19 19:50:42 +08:00 · 2020-09-07 13:26:20 +10:00 · 2020-09-07 13:26:20 +10:00 · ca94057fc3
commit ca94057fc3
parent 2b9e4e956b
4 changed files with 70 additions and 9 deletions
--- a/providers/implementations/exchange/dh_exch.c
+++ b/providers/implementations/exchange/dh_exch.c
@ -20,6 +20,7 @@
 #include <openssl/dh.h>
 #include <openssl/err.h>
 #include <openssl/params.h>
+#include "prov/providercommon.h"
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
 #include "crypto/dh.h"
@ -77,8 +78,12 @@ typedef struct {

 static void *dh_newctx(void *provctx)
 {
-    PROV_DH_CTX *pdhctx = OPENSSL_zalloc(sizeof(PROV_DH_CTX));
+    PROV_DH_CTX *pdhctx;

+    if (!ossl_prov_is_running())
+        return NULL;
+
+    pdhctx = OPENSSL_zalloc(sizeof(PROV_DH_CTX));
    if (pdhctx == NULL)
        return NULL;
    pdhctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
@ -90,7 +95,10 @@ static int dh_init(void *vpdhctx, void *vdh)
 {
    PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;

-    if (pdhctx == NULL || vdh == NULL || !DH_up_ref(vdh))
+    if (!ossl_prov_is_running()
+            || pdhctx == NULL
+            || vdh == NULL
+            || !DH_up_ref(vdh))
        return 0;
    DH_free(pdhctx->dh);
    pdhctx->dh = vdh;
@ -102,7 +110,10 @@ static int dh_set_peer(void *vpdhctx, void *vdh)
 {
    PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;

-    if (pdhctx == NULL || vdh == NULL || !DH_up_ref(vdh))
+    if (!ossl_prov_is_running()
+            || pdhctx == NULL
+            || vdh == NULL
+            || !DH_up_ref(vdh))
        return 0;
    DH_free(pdhctx->dhpeer);
    pdhctx->dhpeer = vdh;
@ -189,6 +200,9 @@ static int dh_derive(void *vpdhctx, unsigned char *secret,
 {
    PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;

+    if (!ossl_prov_is_running())
+        return 0;
+
    switch (pdhctx->kdf_type) {
        case PROV_DH_KDF_NONE:
            return dh_plain_derive(pdhctx, secret, psecretlen, outlen);
@ -219,6 +233,9 @@ static void *dh_dupctx(void *vpdhctx)
    PROV_DH_CTX *srcctx = (PROV_DH_CTX *)vpdhctx;
    PROV_DH_CTX *dstctx;

+    if (!ossl_prov_is_running())
+        return NULL;
+
    dstctx = OPENSSL_zalloc(sizeof(*srcctx));
    if (dstctx == NULL)
        return NULL;
--- a/providers/implementations/exchange/ecdh_exch.c
+++ b/providers/implementations/exchange/ecdh_exch.c
@ -22,6 +22,7 @@
 #include <openssl/params.h>
 #include <openssl/err.h>
 #include "prov/provider_ctx.h"
+#include "prov/providercommon.h"
 #include "prov/implementations.h"
 #include "crypto/ec.h" /* ecdh_KDF_X9_63() */

@ -79,8 +80,12 @@ typedef struct {
 static
 void *ecdh_newctx(void *provctx)
 {
-    PROV_ECDH_CTX *pectx = OPENSSL_zalloc(sizeof(*pectx));
+    PROV_ECDH_CTX *pectx;

+    if (!ossl_prov_is_running())
+        return NULL;
+
+    pectx = OPENSSL_zalloc(sizeof(*pectx));
    if (pectx == NULL)
        return NULL;

@ -96,7 +101,10 @@ int ecdh_init(void *vpecdhctx, void *vecdh)
 {
    PROV_ECDH_CTX *pecdhctx = (PROV_ECDH_CTX *)vpecdhctx;

-    if (pecdhctx == NULL || vecdh == NULL || !EC_KEY_up_ref(vecdh))
+    if (!ossl_prov_is_running()
+            || pecdhctx == NULL
+            || vecdh == NULL
+            || !EC_KEY_up_ref(vecdh))
        return 0;
    EC_KEY_free(pecdhctx->k);
    pecdhctx->k = vecdh;
@ -110,7 +118,10 @@ int ecdh_set_peer(void *vpecdhctx, void *vecdh)
 {
    PROV_ECDH_CTX *pecdhctx = (PROV_ECDH_CTX *)vpecdhctx;

-    if (pecdhctx == NULL || vecdh == NULL || !EC_KEY_up_ref(vecdh))
+    if (!ossl_prov_is_running()
+            || pecdhctx == NULL
+            || vecdh == NULL
+            || !EC_KEY_up_ref(vecdh))
        return 0;
    EC_KEY_free(pecdhctx->peerk);
    pecdhctx->peerk = vecdh;
@ -137,6 +148,9 @@ void *ecdh_dupctx(void *vpecdhctx)
    PROV_ECDH_CTX *srcctx = (PROV_ECDH_CTX *)vpecdhctx;
    PROV_ECDH_CTX *dstctx;

+    if (!ossl_prov_is_running())
+        return NULL;
+
    dstctx = OPENSSL_zalloc(sizeof(*srcctx));
    if (dstctx == NULL)
        return NULL;
--- a/providers/implementations/exchange/ecx_exch.c
+++ b/providers/implementations/exchange/ecx_exch.c
@ -15,6 +15,7 @@
 #include "internal/cryptlib.h"
 #include "crypto/ecx.h"
 #include "prov/implementations.h"
+#include "prov/providercommon.h"
 #include "prov/providercommonerr.h"
 #ifdef S390X_EC_ASM
 # include "s390x_arch.h"
@ -42,8 +43,12 @@ typedef struct {

 static void *ecx_newctx(void *provctx, size_t keylen)
 {
-    PROV_ECX_CTX *ctx = OPENSSL_zalloc(sizeof(PROV_ECX_CTX));
+    PROV_ECX_CTX *ctx;

+    if (!ossl_prov_is_running())
+        return NULL;
+
+    ctx = OPENSSL_zalloc(sizeof(PROV_ECX_CTX));
    if (ctx == NULL) {
        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
        return NULL;
@ -69,6 +74,9 @@ static int ecx_init(void *vecxctx, void *vkey)
    PROV_ECX_CTX *ecxctx = (PROV_ECX_CTX *)vecxctx;
    ECX_KEY *key = vkey;

+    if (!ossl_prov_is_running())
+        return 0;
+
    if (ecxctx == NULL
            || key == NULL
            || key->keylen != ecxctx->keylen
@ -88,6 +96,9 @@ static int ecx_set_peer(void *vecxctx, void *vkey)
    PROV_ECX_CTX *ecxctx = (PROV_ECX_CTX *)vecxctx;
    ECX_KEY *key = vkey;

+    if (!ossl_prov_is_running())
+        return 0;
+
    if (ecxctx == NULL
            || key == NULL
            || key->keylen != ecxctx->keylen
@ -106,6 +117,9 @@ static int ecx_derive(void *vecxctx, unsigned char *secret, size_t *secretlen,
 {
    PROV_ECX_CTX *ecxctx = (PROV_ECX_CTX *)vecxctx;

+    if (!ossl_prov_is_running())
+        return 0;
+
    if (ecxctx->key == NULL
            || ecxctx->key->privkey == NULL
            || ecxctx->peerkey == NULL) {
@ -179,6 +193,9 @@ static void *ecx_dupctx(void *vecxctx)
    PROV_ECX_CTX *srcctx = (PROV_ECX_CTX *)vecxctx;
    PROV_ECX_CTX *dstctx;

+    if (!ossl_prov_is_running())
+        return NULL;
+
    dstctx = OPENSSL_zalloc(sizeof(*srcctx));
    if (dstctx == NULL) {
        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
--- a/providers/implementations/exchange/kdf_exch.c
+++ b/providers/implementations/exchange/kdf_exch.c
@ -15,6 +15,7 @@
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
 #include "prov/kdfexchange.h"
+#include "prov/providercommon.h"

 static OSSL_FUNC_keyexch_newctx_fn kdf_tls1_prf_newctx;
 static OSSL_FUNC_keyexch_newctx_fn kdf_hkdf_newctx;
@ -36,9 +37,13 @@ typedef struct {

 static void *kdf_newctx(const char *kdfname, void *provctx)
 {
-    PROV_KDF_CTX *kdfctx = OPENSSL_zalloc(sizeof(PROV_KDF_CTX));
+    PROV_KDF_CTX *kdfctx;
    EVP_KDF *kdf = NULL;

+    if (!ossl_prov_is_running())
+        return NULL;
+
+    kdfctx = OPENSSL_zalloc(sizeof(PROV_KDF_CTX));
    if (kdfctx == NULL)
        return NULL;

@ -73,7 +78,10 @@ static int kdf_init(void *vpkdfctx, void *vkdf)
 {
    PROV_KDF_CTX *pkdfctx = (PROV_KDF_CTX *)vpkdfctx;

-    if (pkdfctx == NULL || vkdf == NULL || !kdf_data_up_ref(vkdf))
+    if (!ossl_prov_is_running()
+            || pkdfctx == NULL
+            || vkdf == NULL
+            || !kdf_data_up_ref(vkdf))
        return 0;
    pkdfctx->kdfdata = vkdf;

@ -85,6 +93,8 @@ static int kdf_derive(void *vpkdfctx, unsigned char *secret, size_t *secretlen,
 {
    PROV_KDF_CTX *pkdfctx = (PROV_KDF_CTX *)vpkdfctx;

+    if (!ossl_prov_is_running())
+        return 0;
    return EVP_KDF_derive(pkdfctx->kdfctx, secret, *secretlen);
 }

@ -103,6 +113,9 @@ static void *kdf_dupctx(void *vpkdfctx)
    PROV_KDF_CTX *srcctx = (PROV_KDF_CTX *)vpkdfctx;
    PROV_KDF_CTX *dstctx;

+    if (!ossl_prov_is_running())
+        return NULL;
+
    dstctx = OPENSSL_zalloc(sizeof(*srcctx));
    if (dstctx == NULL)
        return NULL;