diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-07-21 16:30:02 +1000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2020-07-21 16:30:02 +1000 |
commit | 9f7bdcf37f9541f7a1e4dc62ebdf97e8d8ccd307 (patch) | |
tree | 5e68472ae3a8d05c6294c1169b513c0434329a57 /providers | |
parent | 823a113574451ea2e050bee7ce35861948ad55ca (diff) | |
download | openssl-9f7bdcf37f9541f7a1e4dc62ebdf97e8d8ccd307.tar.gz |
Add ERR_raise() errors to fips OSSL_provider_init and self tests.
As the ERR_raise() is setup at this point returng a range of negative values for errors is not required.
This will need to be revisited if the code ever moves to running from the DEP.
Added a -config option to the fips install so that it can test if a fips module is loadable from configuration.
(The -verify option only uses the generated config, whereas -config uses the normal way of including the generated data via another config file).
Added more failure tests for the raised errors.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12346)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/common/include/prov/providercommonerr.h | 7 | ||||
-rw-r--r-- | providers/common/provider_err.c | 13 | ||||
-rw-r--r-- | providers/fips/fipsprov.c | 10 | ||||
-rw-r--r-- | providers/fips/self_test.c | 34 |
4 files changed, 53 insertions, 11 deletions
diff --git a/providers/common/include/prov/providercommonerr.h b/providers/common/include/prov/providercommonerr.h index c21537fd4f..f5fd37d9cc 100644 --- a/providers/common/include/prov/providercommonerr.h +++ b/providers/common/include/prov/providercommonerr.h @@ -78,8 +78,10 @@ int ERR_load_PROV_strings(void); # define PROV_R_GENERATE_ERROR 191 # define PROV_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 165 # define PROV_R_INAVLID_UKM_LENGTH 146 +# define PROV_R_INDICATOR_INTEGRITY_FAILURE 210 # define PROV_R_INSUFFICIENT_DRBG_STRENGTH 181 # define PROV_R_INVALID_AAD 108 +# define PROV_R_INVALID_CONFIG_DATA 211 # define PROV_R_INVALID_CONSTANT_LENGTH 157 # define PROV_R_INVALID_CURVE 176 # define PROV_R_INVALID_CUSTOM_LENGTH 111 @@ -102,6 +104,7 @@ int ERR_load_PROV_strings(void); # define PROV_R_INVALID_SALT_LENGTH 112 # define PROV_R_INVALID_SEED_LENGTH 154 # define PROV_R_INVALID_SIGNATURE_SIZE 179 +# define PROV_R_INVALID_STATE 212 # define PROV_R_INVALID_TAG 110 # define PROV_R_INVALID_TAGLEN 118 # define PROV_R_INVALID_X931_DIGEST 170 @@ -109,6 +112,7 @@ int ERR_load_PROV_strings(void); # define PROV_R_KEY_SIZE_TOO_SMALL 171 # define PROV_R_MISSING_CEK_ALG 144 # define PROV_R_MISSING_CIPHER 155 +# define PROV_R_MISSING_CONFIG_DATA 213 # define PROV_R_MISSING_CONSTANT 156 # define PROV_R_MISSING_KEY 128 # define PROV_R_MISSING_MAC 150 @@ -121,6 +125,7 @@ int ERR_load_PROV_strings(void); # define PROV_R_MISSING_SESSION_ID 133 # define PROV_R_MISSING_TYPE 134 # define PROV_R_MISSING_XCGHASH 135 +# define PROV_R_MODULE_INTEGRITY_FAILURE 214 # define PROV_R_NOT_INSTANTIATED 193 # define PROV_R_NOT_SUPPORTED 136 # define PROV_R_NOT_XOF_OR_INVALID_LENGTH 113 @@ -136,6 +141,8 @@ int ERR_load_PROV_strings(void); # define PROV_R_REQUEST_TOO_LARGE_FOR_DRBG 196 # define PROV_R_REQUIRE_CTR_MODE_CIPHER 206 # define PROV_R_RESEED_ERROR 197 +# define PROV_R_SELF_TEST_KAT_FAILURE 215 +# define PROV_R_SELF_TEST_POST_FAILURE 216 # define PROV_R_TAG_NOTSET 119 # define PROV_R_TAG_NOT_NEEDED 120 # define PROV_R_UNABLE_TO_FIND_CIPHERS 207 diff --git a/providers/common/provider_err.c b/providers/common/provider_err.c index 7a0e0c595d..7a5c41bfda 100644 --- a/providers/common/provider_err.c +++ b/providers/common/provider_err.c @@ -63,9 +63,13 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "illegal or unsupported padding mode"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INAVLID_UKM_LENGTH), "inavlid ukm length"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INDICATOR_INTEGRITY_FAILURE), + "indicator integrity failure"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INSUFFICIENT_DRBG_STRENGTH), "insufficient drbg strength"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_AAD), "invalid aad"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_CONFIG_DATA), + "invalid config data"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_CONSTANT_LENGTH), "invalid constant length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_CURVE), "invalid curve"}, @@ -98,6 +102,7 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "invalid seed length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_SIGNATURE_SIZE), "invalid signature size"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_STATE), "invalid state"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_TAG), "invalid tag"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_TAGLEN), "invalid taglen"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_X931_DIGEST), @@ -107,6 +112,8 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "key size too small"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MISSING_CEK_ALG), "missing cek alg"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MISSING_CIPHER), "missing cipher"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MISSING_CONFIG_DATA), + "missing config data"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MISSING_CONSTANT), "missing constant"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MISSING_KEY), "missing key"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MISSING_MAC), "missing mac"}, @@ -121,6 +128,8 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "missing session id"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MISSING_TYPE), "missing type"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MISSING_XCGHASH), "missing xcghash"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MODULE_INTEGRITY_FAILURE), + "module integrity failure"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_NOT_INSTANTIATED), "not instantiated"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_NOT_SUPPORTED), "not supported"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_NOT_XOF_OR_INVALID_LENGTH), @@ -145,6 +154,10 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_REQUIRE_CTR_MODE_CIPHER), "require ctr mode cipher"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_RESEED_ERROR), "reseed error"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_SELF_TEST_KAT_FAILURE), + "self test kat failure"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_SELF_TEST_POST_FAILURE), + "self test post failure"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_TAG_NOTSET), "tag notset"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_TAG_NOT_NEEDED), "tag not needed"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_FIND_CIPHERS), diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index a998e392d7..c91ad1c6d7 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -31,6 +31,7 @@ #include "prov/implementations.h" #include "prov/provider_ctx.h" #include "prov/providercommon.h" +#include "prov/providercommonerr.h" #include "prov/provider_util.h" #include "self_test.h" @@ -700,8 +701,10 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, selftest_params.cb_arg = NULL; } - if (!c_get_params(handle, core_params)) + if (!c_get_params(handle, core_params)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; + } /* Create a context. */ if ((*provctx = PROV_CTX_new()) == NULL @@ -724,8 +727,10 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, fgbl->handle = handle; selftest_params.libctx = libctx; - if (!SELF_TEST_post(&selftest_params, 0)) + if (!SELF_TEST_post(&selftest_params, 0)) { + ERR_raise(ERR_LIB_PROV, PROV_R_SELF_TEST_POST_FAILURE); goto err; + } /* * TODO(3.0): Remove me. This is just a dummy call to demonstrate making @@ -735,7 +740,6 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, goto err; *out = fips_dispatch_table; - return 1; err: fips_teardown(*provctx); diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c index 58aa42eed8..8902510b44 100644 --- a/providers/fips/self_test.c +++ b/providers/fips/self_test.c @@ -12,7 +12,9 @@ #include <openssl/params.h> #include <openssl/crypto.h> #include <openssl/fipskey.h> +#include <openssl/err.h> #include "e_os.h" +#include "prov/providercommonerr.h" /* * We're cheating here. Normally we don't allow RUN_ONCE usage inside the FIPS * module because all such initialisation should be associated with an @@ -206,6 +208,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) if (!on_demand_test) return 1; } else if (loclstate != FIPS_STATE_SELFTEST) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_STATE); return 0; } @@ -218,11 +221,14 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) FIPS_state = FIPS_STATE_SELFTEST; } else if (FIPS_state != FIPS_STATE_SELFTEST) { CRYPTO_THREAD_unlock(self_test_lock); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_STATE); return 0; } if (st == NULL - || st->module_checksum_data == NULL) + || st->module_checksum_data == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CONFIG_DATA); goto end; + } ev = OSSL_SELF_TEST_new(st->cb, st->cb_arg); if (ev == NULL) @@ -230,16 +236,20 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) module_checksum = OPENSSL_hexstr2buf(st->module_checksum_data, &checksum_len); - if (module_checksum == NULL) + if (module_checksum == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA); goto end; + } bio_module = (*st->bio_new_file_cb)(st->module_filename, "rb"); /* Always check the integrity of the fips module */ if (bio_module == NULL || !verify_integrity(bio_module, st->bio_read_ex_cb, module_checksum, checksum_len, st->libctx, - ev, OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY)) + ev, OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY)) { + ERR_raise(ERR_LIB_PROV, PROV_R_MODULE_INTEGRITY_FAILURE); goto end; + } /* This will be NULL during installation - so the self test KATS will run */ if (st->indicator_data != NULL) { @@ -247,12 +257,16 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) * If the kats have already passed indicator is set - then check the * integrity of the indicator. */ - if (st->indicator_checksum_data == NULL) + if (st->indicator_checksum_data == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CONFIG_DATA); goto end; + } indicator_checksum = OPENSSL_hexstr2buf(st->indicator_checksum_data, &checksum_len); - if (indicator_checksum == NULL) + if (indicator_checksum == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CONFIG_DATA); goto end; + } bio_indicator = (*st->bio_new_buffer_cb)(st->indicator_data, @@ -261,16 +275,20 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test) || !verify_integrity(bio_indicator, st->bio_read_ex_cb, indicator_checksum, checksum_len, st->libctx, ev, - OSSL_SELF_TEST_TYPE_INSTALL_INTEGRITY)) + OSSL_SELF_TEST_TYPE_INSTALL_INTEGRITY)) { + ERR_raise(ERR_LIB_PROV, PROV_R_INDICATOR_INTEGRITY_FAILURE); goto end; - else + } else { kats_already_passed = 1; + } } /* Only runs the KAT's during installation OR on_demand() */ if (on_demand_test || kats_already_passed == 0) { - if (!SELF_TEST_kats(ev, st->libctx)) + if (!SELF_TEST_kats(ev, st->libctx)) { + ERR_raise(ERR_LIB_PROV, PROV_R_SELF_TEST_KAT_FAILURE); goto end; + } } ok = 1; end: |