1 /* 2 * Copyright 2012-2017 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include <openssl/crypto.h> 12 #include "internal/cryptlib.h" 13 #include <openssl/conf.h> 14 #include <openssl/x509.h> 15 #include <openssl/x509v3.h> 16 17 /* Algorithm configuration module. */ 18 19 static int alg_module_init(CONF_IMODULE *md, const CONF *cnf) 20 { 21 int i; 22 const char *oid_section; 23 STACK_OF(CONF_VALUE) *sktmp; 24 CONF_VALUE *oval; 25 26 oid_section = CONF_imodule_get_value(md); 27 if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) { 28 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION); 29 return 0; 30 } 31 for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { 32 oval = sk_CONF_VALUE_value(sktmp, i); 33 if (strcmp(oval->name, "fips_mode") == 0) { 34 int m; 35 if (!X509V3_get_value_bool(oval, &m)) { 36 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE); 37 return 0; 38 } 39 if (m > 0) { 40 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED); 41 return 0; 42 } 43 } else { 44 EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION); 45 ERR_add_error_data(4, "name=", oval->name, 46 ", value=", oval->value); 47 } 48 49 } 50 return 1; 51 } 52 53 void EVP_add_alg_module(void) 54 { 55 CONF_module_add("alg_section", alg_module_init, 0); 56 } 57