ciphers: add FIPS error state handling

The functions that check for the provider being runnable are: new, init, final and dupctx. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12801)
author: Pauli <paul.dale@oracle.com> 2020-09-08 04:56:34 +0200
committer: Pauli <paul.dale@oracle.com> 2020-09-12 08:46:51 +0200
commit: f99d3eedf7c3e1e2b10aad911f469f1fc783a395 (patch)
tree: 3fae1a4f153367e1296c2c61d782bd59acbf73dc /providers/implementations/ciphers/cipher_aria_ccm.c
parent: keymgmt: add FIPS error state handling (diff)
download: openssl-f99d3eedf7c3e1e2b10aad911f469f1fc783a395.tar.xz
openssl-f99d3eedf7c3e1e2b10aad911f469f1fc783a395.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/providers/implementations/ciphers/cipher_aria_ccm.c b/providers/implementations/ciphers/cipher_aria_ccm.c
index ffc8166d68..7f89b223f1 100644
--- a/providers/implementations/ciphers/cipher_aria_ccm.c
+++ b/providers/implementations/ciphers/cipher_aria_ccm.c
@@ -11,13 +11,18 @@
 
 #include "cipher_aria_ccm.h"
 #include "prov/implementations.h"
+#include "prov/providercommon.h"
 
 static OSSL_FUNC_cipher_freectx_fn aria_ccm_freectx;
 
 static void *aria_ccm_newctx(void *provctx, size_t keybits)
 {
-    PROV_ARIA_CCM_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
+    PROV_ARIA_CCM_CTX *ctx;
 
+    if (!ossl_prov_is_running())
+        return NULL;
+
+    ctx = OPENSSL_zalloc(sizeof(*ctx));
     if (ctx != NULL)
         ccm_initctx(&ctx->base, keybits, PROV_ARIA_HW_ccm(keybits));
     return ctx;
author	Pauli <paul.dale@oracle.com>	2020-09-08 04:56:34 +0200
committer	Pauli <paul.dale@oracle.com>	2020-09-12 08:46:51 +0200
commit	f99d3eedf7c3e1e2b10aad911f469f1fc783a395 (patch)
tree	3fae1a4f153367e1296c2c61d782bd59acbf73dc /providers/implementations/ciphers/cipher_aria_ccm.c
parent	keymgmt: add FIPS error state handling (diff)
download	openssl-f99d3eedf7c3e1e2b10aad911f469f1fc783a395.tar.xz openssl-f99d3eedf7c3e1e2b10aad911f469f1fc783a395.zip