mirror of
https://github.com/openssl/openssl.git
synced 2024-12-09 05:51:54 +08:00
706457b7bd
Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source directory. Currently, they have different suffixes like '*_lcl.h', '*_local.h', or '*_int.h' This commit changes the different suffixes to '*_local.h' uniformly. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
406 lines
14 KiB
C
406 lines
14 KiB
C
/*
|
|
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
* in the file LICENSE in the source distribution or at
|
|
* https://www.openssl.org/source/license.html
|
|
*/
|
|
|
|
#include <stddef.h>
|
|
#include <openssl/ossl_typ.h>
|
|
#include <openssl/evp.h>
|
|
#include <openssl/core.h>
|
|
#include "internal/cryptlib.h"
|
|
#include "internal/thread_once.h"
|
|
#include "internal/property.h"
|
|
#include "internal/core.h"
|
|
#include "internal/provider.h"
|
|
#include "internal/namemap.h"
|
|
#include "crypto/evp.h" /* evp_local.h needs it */
|
|
#include "evp_local.h"
|
|
|
|
static void default_method_store_free(void *vstore)
|
|
{
|
|
ossl_method_store_free(vstore);
|
|
}
|
|
|
|
static void *default_method_store_new(OPENSSL_CTX *ctx)
|
|
{
|
|
return ossl_method_store_new(ctx);
|
|
}
|
|
|
|
|
|
static const OPENSSL_CTX_METHOD default_method_store_method = {
|
|
default_method_store_new,
|
|
default_method_store_free,
|
|
};
|
|
|
|
/* Data to be passed through ossl_method_construct() */
|
|
struct method_data_st {
|
|
OPENSSL_CTX *libctx;
|
|
OSSL_METHOD_CONSTRUCT_METHOD *mcm;
|
|
int operation_id; /* For get_method_from_store() */
|
|
int name_id; /* For get_method_from_store() */
|
|
const char *name; /* For get_method_from_store() */
|
|
const char *propquery; /* For get_method_from_store() */
|
|
void *(*method_from_dispatch)(int name_id, const OSSL_DISPATCH *,
|
|
OSSL_PROVIDER *, void *);
|
|
void *method_data;
|
|
int (*refcnt_up_method)(void *method);
|
|
void (*destruct_method)(void *method);
|
|
};
|
|
|
|
/*
|
|
* Generic routines to fetch / create EVP methods with ossl_method_construct()
|
|
*/
|
|
static void *alloc_tmp_method_store(OPENSSL_CTX *ctx)
|
|
{
|
|
return ossl_method_store_new(ctx);
|
|
}
|
|
|
|
static void dealloc_tmp_method_store(void *store)
|
|
{
|
|
if (store != NULL)
|
|
ossl_method_store_free(store);
|
|
}
|
|
|
|
static OSSL_METHOD_STORE *get_default_method_store(OPENSSL_CTX *libctx)
|
|
{
|
|
return openssl_ctx_get_data(libctx, OPENSSL_CTX_DEFAULT_METHOD_STORE_INDEX,
|
|
&default_method_store_method);
|
|
}
|
|
|
|
/*
|
|
* To identity the method in the method store, we mix the name identity
|
|
* with the operation identity, with the assumption that we don't have
|
|
* more than 2^24 names or more than 2^8 operation types.
|
|
*
|
|
* The resulting identity is a 32-bit integer, composed like this:
|
|
*
|
|
* +---------24 bits--------+-8 bits-+
|
|
* | name identity | op id |
|
|
* +------------------------+--------+
|
|
*/
|
|
static uint32_t method_id(unsigned int operation_id, int name_id)
|
|
{
|
|
if (!ossl_assert(name_id < (1 << 24) || operation_id < (1 << 8))
|
|
|| !ossl_assert(name_id > 0 && operation_id > 0))
|
|
return 0;
|
|
return ((name_id << 8) & 0xFFFFFF00) | (operation_id & 0x000000FF);
|
|
}
|
|
|
|
static void *get_method_from_store(OPENSSL_CTX *libctx, void *store,
|
|
void *data)
|
|
{
|
|
struct method_data_st *methdata = data;
|
|
void *method = NULL;
|
|
int name_id;
|
|
uint32_t meth_id;
|
|
|
|
/*
|
|
* get_method_from_store() is only called to try and get the method
|
|
* that evp_generic_fetch() is asking for, and the operation id as
|
|
* well as the name or name id are passed via methdata.
|
|
*/
|
|
if ((name_id = methdata->name_id) == 0) {
|
|
OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
|
|
|
|
if (namemap == 0)
|
|
return NULL;
|
|
name_id = ossl_namemap_name2num(namemap, methdata->name);
|
|
}
|
|
|
|
if (name_id == 0
|
|
|| (meth_id = method_id(methdata->operation_id, name_id)) == 0)
|
|
return NULL;
|
|
|
|
if (store == NULL
|
|
&& (store = get_default_method_store(libctx)) == NULL)
|
|
return NULL;
|
|
|
|
(void)ossl_method_store_fetch(store, meth_id, methdata->propquery,
|
|
&method);
|
|
|
|
if (method != NULL
|
|
&& !methdata->refcnt_up_method(method)) {
|
|
method = NULL;
|
|
}
|
|
return method;
|
|
}
|
|
|
|
static int put_method_in_store(OPENSSL_CTX *libctx, void *store,
|
|
void *method, const OSSL_PROVIDER *prov,
|
|
int operation_id, const char *name,
|
|
const char *propdef, void *data)
|
|
{
|
|
struct method_data_st *methdata = data;
|
|
OSSL_NAMEMAP *namemap;
|
|
int name_id;
|
|
uint32_t meth_id;
|
|
|
|
/*
|
|
* put_method_in_store() is only called with a method that was
|
|
* successfully created by construct_method() below, which means
|
|
* the name should already be stored in the namemap, so just use it.
|
|
*/
|
|
if ((namemap = ossl_namemap_stored(libctx)) == NULL
|
|
|| (name_id = ossl_namemap_name2num(namemap, name)) == 0
|
|
|| (meth_id = method_id(operation_id, name_id)) == 0)
|
|
return 0;
|
|
|
|
if (store == NULL
|
|
&& (store = get_default_method_store(libctx)) == NULL)
|
|
return 0;
|
|
|
|
return ossl_method_store_add(store, prov, meth_id, propdef, method,
|
|
methdata->refcnt_up_method,
|
|
methdata->destruct_method);
|
|
}
|
|
|
|
/*
|
|
* The core fetching functionality passes the name of the implementation.
|
|
* This function is responsible to getting an identity number for it.
|
|
*/
|
|
static void *construct_method(const char *name, const OSSL_DISPATCH *fns,
|
|
OSSL_PROVIDER *prov, void *data)
|
|
{
|
|
/*
|
|
* This function is only called if get_method_from_store() returned
|
|
* NULL, so it's safe to say that of all the spots to create a new
|
|
* namemap entry, this is it. Should the name already exist there, we
|
|
* know that ossl_namemap_add() will return its corresponding number.
|
|
*
|
|
* TODO(3.0): If this function gets an array of names instead of just
|
|
* one, we need to check through all the names to see if at least one
|
|
* of them has an associated number, and use that. If several names
|
|
* have associated numbers that differ from each other, it's an error.
|
|
*/
|
|
struct method_data_st *methdata = data;
|
|
OPENSSL_CTX *libctx = ossl_provider_library_context(prov);
|
|
OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
|
|
int name_id = ossl_namemap_add(namemap, 0, name);
|
|
|
|
return methdata->method_from_dispatch(name_id, fns, prov,
|
|
methdata->method_data);
|
|
}
|
|
|
|
static void destruct_method(void *method, void *data)
|
|
{
|
|
struct method_data_st *methdata = data;
|
|
|
|
methdata->destruct_method(method);
|
|
}
|
|
|
|
static void *inner_generic_fetch(OPENSSL_CTX *libctx, int operation_id,
|
|
int name_id, const char *name,
|
|
const char *properties,
|
|
void *(*new_method)(int name_id,
|
|
const OSSL_DISPATCH *fns,
|
|
OSSL_PROVIDER *prov,
|
|
void *method_data),
|
|
void *method_data,
|
|
int (*up_ref_method)(void *),
|
|
void (*free_method)(void *))
|
|
{
|
|
OSSL_METHOD_STORE *store = get_default_method_store(libctx);
|
|
OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
|
|
uint32_t meth_id = 0;
|
|
void *method = NULL;
|
|
|
|
if (store == NULL || namemap == NULL)
|
|
return NULL;
|
|
|
|
/*
|
|
* If there's ever an operation_id == 0 passed, we have an internal
|
|
* programming error.
|
|
*/
|
|
if (!ossl_assert(operation_id > 0))
|
|
return NULL;
|
|
|
|
/*
|
|
* If we have been passed neither a name_id or a name, we have an
|
|
* internal programming error.
|
|
*/
|
|
if (!ossl_assert(name_id != 0 || name != NULL))
|
|
return NULL;
|
|
|
|
/* If we haven't received a name id yet, try to get one for the name */
|
|
if (name_id == 0)
|
|
name_id = ossl_namemap_name2num(namemap, name);
|
|
|
|
/*
|
|
* If we have a name id, calculate a method id with method_id().
|
|
*
|
|
* method_id returns 0 if we have too many operations (more than
|
|
* about 2^8) or too many names (more than about 2^24). In that
|
|
* case, we can't create any new method.
|
|
*/
|
|
if (name_id != 0 && (meth_id = method_id(operation_id, name_id)) == 0)
|
|
return NULL;
|
|
|
|
if (meth_id == 0
|
|
|| !ossl_method_store_cache_get(store, meth_id, properties, &method)) {
|
|
OSSL_METHOD_CONSTRUCT_METHOD mcm = {
|
|
alloc_tmp_method_store,
|
|
dealloc_tmp_method_store,
|
|
get_method_from_store,
|
|
put_method_in_store,
|
|
construct_method,
|
|
destruct_method
|
|
};
|
|
struct method_data_st mcmdata;
|
|
|
|
mcmdata.mcm = &mcm;
|
|
mcmdata.libctx = libctx;
|
|
mcmdata.operation_id = operation_id;
|
|
mcmdata.name_id = name_id;
|
|
mcmdata.name = name;
|
|
mcmdata.propquery = properties;
|
|
mcmdata.method_from_dispatch = new_method;
|
|
mcmdata.destruct_method = free_method;
|
|
mcmdata.refcnt_up_method = up_ref_method;
|
|
mcmdata.destruct_method = free_method;
|
|
mcmdata.method_data = method_data;
|
|
if ((method = ossl_method_construct(libctx, operation_id,
|
|
0 /* !force_cache */,
|
|
&mcm, &mcmdata)) != NULL) {
|
|
/*
|
|
* If construction did create a method for us, we know that
|
|
* there is a correct name_id and methodid, since those have
|
|
* already been calculated in get_method_from_store() and
|
|
* put_method_in_store() above.
|
|
*/
|
|
if (name_id == 0)
|
|
name_id = ossl_namemap_name2num(namemap, name);
|
|
meth_id = method_id(operation_id, name_id);
|
|
ossl_method_store_cache_set(store, meth_id, properties, method);
|
|
}
|
|
} else {
|
|
up_ref_method(method);
|
|
}
|
|
|
|
return method;
|
|
}
|
|
|
|
void *evp_generic_fetch(OPENSSL_CTX *libctx, int operation_id,
|
|
const char *name, const char *properties,
|
|
void *(*new_method)(int name_id,
|
|
const OSSL_DISPATCH *fns,
|
|
OSSL_PROVIDER *prov,
|
|
void *method_data),
|
|
void *method_data,
|
|
int (*up_ref_method)(void *),
|
|
void (*free_method)(void *))
|
|
{
|
|
return inner_generic_fetch(libctx,
|
|
operation_id, 0, name, properties,
|
|
new_method, method_data,
|
|
up_ref_method, free_method);
|
|
}
|
|
|
|
/*
|
|
* evp_generic_fetch_by_number() is special, and only returns methods for
|
|
* already known names, i.e. it refuses to work if no name_id can be found
|
|
* (it's considered an internal programming error).
|
|
* This is meant to be used when one method needs to fetch an associated
|
|
* other method.
|
|
*/
|
|
void *evp_generic_fetch_by_number(OPENSSL_CTX *libctx, int operation_id,
|
|
int name_id, const char *properties,
|
|
void *(*new_method)(int name_id,
|
|
const OSSL_DISPATCH *fns,
|
|
OSSL_PROVIDER *prov,
|
|
void *method_data),
|
|
void *method_data,
|
|
int (*up_ref_method)(void *),
|
|
void (*free_method)(void *))
|
|
{
|
|
return inner_generic_fetch(libctx,
|
|
operation_id, name_id, NULL, properties,
|
|
new_method, method_data,
|
|
up_ref_method, free_method);
|
|
}
|
|
|
|
int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq)
|
|
{
|
|
OSSL_METHOD_STORE *store = get_default_method_store(libctx);
|
|
|
|
if (store != NULL)
|
|
return ossl_method_store_set_global_properties(store, propq);
|
|
EVPerr(EVP_F_EVP_SET_DEFAULT_PROPERTIES, ERR_R_INTERNAL_ERROR);
|
|
return 0;
|
|
}
|
|
|
|
struct do_all_data_st {
|
|
void (*user_fn)(void *method, void *arg);
|
|
void *user_arg;
|
|
void *(*new_method)(const int name_id, const OSSL_DISPATCH *fns,
|
|
OSSL_PROVIDER *prov, void *method_data);
|
|
void (*free_method)(void *);
|
|
};
|
|
|
|
static void do_one(OSSL_PROVIDER *provider, const OSSL_ALGORITHM *algo,
|
|
int no_store, void *vdata)
|
|
{
|
|
struct do_all_data_st *data = vdata;
|
|
OPENSSL_CTX *libctx = ossl_provider_library_context(provider);
|
|
OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
|
|
int name_id = ossl_namemap_add(namemap, 0, algo->algorithm_name);
|
|
void *method = NULL;
|
|
|
|
if (name_id != 0)
|
|
method = data->new_method(name_id, algo->implementation, provider,
|
|
NULL);
|
|
|
|
if (method != NULL) {
|
|
data->user_fn(method, data->user_arg);
|
|
data->free_method(method);
|
|
}
|
|
}
|
|
|
|
void evp_generic_do_all(OPENSSL_CTX *libctx, int operation_id,
|
|
void (*user_fn)(void *method, void *arg),
|
|
void *user_arg,
|
|
void *(*new_method)(int name_id,
|
|
const OSSL_DISPATCH *fns,
|
|
OSSL_PROVIDER *prov,
|
|
void *method_data),
|
|
void *method_data,
|
|
void (*free_method)(void *))
|
|
{
|
|
struct do_all_data_st data;
|
|
|
|
data.new_method = new_method;
|
|
data.free_method = free_method;
|
|
data.user_fn = user_fn;
|
|
data.user_arg = user_arg;
|
|
ossl_algorithm_do_all(libctx, operation_id, method_data, do_one, &data);
|
|
}
|
|
|
|
const char *evp_first_name(OSSL_PROVIDER *prov, int name_id)
|
|
{
|
|
OPENSSL_CTX *libctx = ossl_provider_library_context(prov);
|
|
OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
|
|
|
|
return ossl_namemap_num2name(namemap, name_id, 0);
|
|
}
|
|
|
|
int evp_is_a(OSSL_PROVIDER *prov, int number, const char *name)
|
|
{
|
|
OPENSSL_CTX *libctx = ossl_provider_library_context(prov);
|
|
OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
|
|
|
|
return ossl_namemap_name2num(namemap, name) == number;
|
|
}
|
|
|
|
void evp_doall_names(OSSL_PROVIDER *prov, int number,
|
|
void (*fn)(const char *name, void *data),
|
|
void *data)
|
|
{
|
|
OPENSSL_CTX *libctx = ossl_provider_library_context(prov);
|
|
OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
|
|
|
|
ossl_namemap_doall_names(namemap, number, fn, data);
|
|
}
|