2 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "crypto/cryptlib.h"
11 #include <openssl/conf.h>
12 #include "internal/thread_once.h"
13 #include "internal/property.h"
14 #include "internal/core.h"
15 #include "internal/bio.h"
16 #include "internal/provider.h"
17 #include "crypto/decoder.h"
18 #include "crypto/context.h"
20 struct ossl_lib_ctx_st
{
21 CRYPTO_RWLOCK
*lock
, *rand_crngt_lock
;
22 OSSL_EX_DATA_GLOBAL global
;
24 void *property_string_data
;
25 void *evp_method_store
;
29 void *global_properties
;
32 CRYPTO_THREAD_LOCAL rcu_local_key
;
37 OSSL_METHOD_STORE
*decoder_store
;
39 OSSL_METHOD_STORE
*encoder_store
;
40 OSSL_METHOD_STORE
*store_loader_store
;
43 #if defined(OPENSSL_THREADS)
48 void *thread_event_handler
;
52 unsigned int ischild
:1;
55 int ossl_lib_ctx_write_lock(OSSL_LIB_CTX
*ctx
)
57 return CRYPTO_THREAD_write_lock(ossl_lib_ctx_get_concrete(ctx
)->lock
);
60 int ossl_lib_ctx_read_lock(OSSL_LIB_CTX
*ctx
)
62 return CRYPTO_THREAD_read_lock(ossl_lib_ctx_get_concrete(ctx
)->lock
);
65 int ossl_lib_ctx_unlock(OSSL_LIB_CTX
*ctx
)
67 return CRYPTO_THREAD_unlock(ossl_lib_ctx_get_concrete(ctx
)->lock
);
70 int ossl_lib_ctx_is_child(OSSL_LIB_CTX
*ctx
)
72 ctx
= ossl_lib_ctx_get_concrete(ctx
);
79 static void context_deinit_objs(OSSL_LIB_CTX
*ctx
);
81 static int context_init(OSSL_LIB_CTX
*ctx
)
85 if (!CRYPTO_THREAD_init_local(&ctx
->rcu_local_key
, NULL
))
88 ctx
->lock
= CRYPTO_THREAD_lock_new();
89 if (ctx
->lock
== NULL
)
92 ctx
->rand_crngt_lock
= CRYPTO_THREAD_lock_new();
93 if (ctx
->rand_crngt_lock
== NULL
)
96 /* Initialize ex_data. */
97 if (!ossl_do_ex_data_init(ctx
))
101 /* P2. We want evp_method_store to be cleaned up before the provider store */
102 ctx
->evp_method_store
= ossl_method_store_new(ctx
);
103 if (ctx
->evp_method_store
== NULL
)
107 /* P2. Must be freed before the provider store is freed */
108 ctx
->provider_conf
= ossl_prov_conf_ctx_new(ctx
);
109 if (ctx
->provider_conf
== NULL
)
114 ctx
->drbg
= ossl_rand_ctx_new(ctx
);
115 if (ctx
->drbg
== NULL
)
120 * P2. We want decoder_store/decoder_cache to be cleaned up before the
123 ctx
->decoder_store
= ossl_method_store_new(ctx
);
124 if (ctx
->decoder_store
== NULL
)
126 ctx
->decoder_cache
= ossl_decoder_cache_new(ctx
);
127 if (ctx
->decoder_cache
== NULL
)
130 /* P2. We want encoder_store to be cleaned up before the provider store */
131 ctx
->encoder_store
= ossl_method_store_new(ctx
);
132 if (ctx
->encoder_store
== NULL
)
135 /* P2. We want loader_store to be cleaned up before the provider store */
136 ctx
->store_loader_store
= ossl_method_store_new(ctx
);
137 if (ctx
->store_loader_store
== NULL
)
141 /* P1. Needs to be freed before the child provider data is freed */
142 ctx
->provider_store
= ossl_provider_store_new(ctx
);
143 if (ctx
->provider_store
== NULL
)
146 /* Default priority. */
147 ctx
->property_string_data
= ossl_property_string_data_new(ctx
);
148 if (ctx
->property_string_data
== NULL
)
151 ctx
->namemap
= ossl_stored_namemap_new(ctx
);
152 if (ctx
->namemap
== NULL
)
155 ctx
->property_defns
= ossl_property_defns_new(ctx
);
156 if (ctx
->property_defns
== NULL
)
159 ctx
->global_properties
= ossl_ctx_global_properties_new(ctx
);
160 if (ctx
->global_properties
== NULL
)
164 ctx
->bio_core
= ossl_bio_core_globals_new(ctx
);
165 if (ctx
->bio_core
== NULL
)
169 ctx
->drbg_nonce
= ossl_prov_drbg_nonce_ctx_new(ctx
);
170 if (ctx
->drbg_nonce
== NULL
)
174 ctx
->self_test_cb
= ossl_self_test_set_callback_new(ctx
);
175 if (ctx
->self_test_cb
== NULL
)
180 ctx
->thread_event_handler
= ossl_thread_event_ctx_new(ctx
);
181 if (ctx
->thread_event_handler
== NULL
)
184 ctx
->fips_prov
= ossl_fips_prov_ossl_ctx_new(ctx
);
185 if (ctx
->fips_prov
== NULL
)
189 #ifndef OPENSSL_NO_THREAD_POOL
190 ctx
->threads
= ossl_threads_ctx_new(ctx
);
191 if (ctx
->threads
== NULL
)
197 ctx
->child_provider
= ossl_child_prov_ctx_new(ctx
);
198 if (ctx
->child_provider
== NULL
)
202 /* Everything depends on properties, so we also pre-initialise that */
203 if (!ossl_property_parse_init(ctx
))
209 context_deinit_objs(ctx
);
212 ossl_crypto_cleanup_all_ex_data_int(ctx
);
214 CRYPTO_THREAD_lock_free(ctx
->rand_crngt_lock
);
215 CRYPTO_THREAD_lock_free(ctx
->lock
);
216 CRYPTO_THREAD_cleanup_local(&ctx
->rcu_local_key
);
217 memset(ctx
, '\0', sizeof(*ctx
));
221 static void context_deinit_objs(OSSL_LIB_CTX
*ctx
)
223 /* P2. We want evp_method_store to be cleaned up before the provider store */
224 if (ctx
->evp_method_store
!= NULL
) {
225 ossl_method_store_free(ctx
->evp_method_store
);
226 ctx
->evp_method_store
= NULL
;
230 if (ctx
->drbg
!= NULL
) {
231 ossl_rand_ctx_free(ctx
->drbg
);
237 if (ctx
->provider_conf
!= NULL
) {
238 ossl_prov_conf_ctx_free(ctx
->provider_conf
);
239 ctx
->provider_conf
= NULL
;
243 * P2. We want decoder_store/decoder_cache to be cleaned up before the
246 if (ctx
->decoder_store
!= NULL
) {
247 ossl_method_store_free(ctx
->decoder_store
);
248 ctx
->decoder_store
= NULL
;
250 if (ctx
->decoder_cache
!= NULL
) {
251 ossl_decoder_cache_free(ctx
->decoder_cache
);
252 ctx
->decoder_cache
= NULL
;
256 /* P2. We want encoder_store to be cleaned up before the provider store */
257 if (ctx
->encoder_store
!= NULL
) {
258 ossl_method_store_free(ctx
->encoder_store
);
259 ctx
->encoder_store
= NULL
;
262 /* P2. We want loader_store to be cleaned up before the provider store */
263 if (ctx
->store_loader_store
!= NULL
) {
264 ossl_method_store_free(ctx
->store_loader_store
);
265 ctx
->store_loader_store
= NULL
;
269 /* P1. Needs to be freed before the child provider data is freed */
270 if (ctx
->provider_store
!= NULL
) {
271 ossl_provider_store_free(ctx
->provider_store
);
272 ctx
->provider_store
= NULL
;
275 /* Default priority. */
276 if (ctx
->property_string_data
!= NULL
) {
277 ossl_property_string_data_free(ctx
->property_string_data
);
278 ctx
->property_string_data
= NULL
;
281 if (ctx
->namemap
!= NULL
) {
282 ossl_stored_namemap_free(ctx
->namemap
);
286 if (ctx
->property_defns
!= NULL
) {
287 ossl_property_defns_free(ctx
->property_defns
);
288 ctx
->property_defns
= NULL
;
291 if (ctx
->global_properties
!= NULL
) {
292 ossl_ctx_global_properties_free(ctx
->global_properties
);
293 ctx
->global_properties
= NULL
;
297 if (ctx
->bio_core
!= NULL
) {
298 ossl_bio_core_globals_free(ctx
->bio_core
);
299 ctx
->bio_core
= NULL
;
303 if (ctx
->drbg_nonce
!= NULL
) {
304 ossl_prov_drbg_nonce_ctx_free(ctx
->drbg_nonce
);
305 ctx
->drbg_nonce
= NULL
;
309 if (ctx
->self_test_cb
!= NULL
) {
310 ossl_self_test_set_callback_free(ctx
->self_test_cb
);
311 ctx
->self_test_cb
= NULL
;
315 if (ctx
->rand_crngt
!= NULL
) {
316 ossl_rand_crng_ctx_free(ctx
->rand_crngt
);
317 ctx
->rand_crngt
= NULL
;
321 if (ctx
->thread_event_handler
!= NULL
) {
322 ossl_thread_event_ctx_free(ctx
->thread_event_handler
);
323 ctx
->thread_event_handler
= NULL
;
326 if (ctx
->fips_prov
!= NULL
) {
327 ossl_fips_prov_ossl_ctx_free(ctx
->fips_prov
);
328 ctx
->fips_prov
= NULL
;
332 #ifndef OPENSSL_NO_THREAD_POOL
333 if (ctx
->threads
!= NULL
) {
334 ossl_threads_ctx_free(ctx
->threads
);
341 if (ctx
->child_provider
!= NULL
) {
342 ossl_child_prov_ctx_free(ctx
->child_provider
);
343 ctx
->child_provider
= NULL
;
348 static int context_deinit(OSSL_LIB_CTX
*ctx
)
353 ossl_ctx_thread_stop(ctx
);
355 context_deinit_objs(ctx
);
357 ossl_crypto_cleanup_all_ex_data_int(ctx
);
359 CRYPTO_THREAD_lock_free(ctx
->rand_crngt_lock
);
360 CRYPTO_THREAD_lock_free(ctx
->lock
);
361 ctx
->rand_crngt_lock
= NULL
;
363 CRYPTO_THREAD_cleanup_local(&ctx
->rcu_local_key
);
368 /* The default default context */
369 static OSSL_LIB_CTX default_context_int
;
371 static CRYPTO_ONCE default_context_init
= CRYPTO_ONCE_STATIC_INIT
;
372 static CRYPTO_THREAD_LOCAL default_context_thread_local
;
373 static int default_context_inited
= 0;
375 DEFINE_RUN_ONCE_STATIC(default_context_do_init
)
377 if (!CRYPTO_THREAD_init_local(&default_context_thread_local
, NULL
))
380 if (!context_init(&default_context_int
))
383 default_context_inited
= 1;
387 CRYPTO_THREAD_cleanup_local(&default_context_thread_local
);
392 void ossl_lib_ctx_default_deinit(void)
394 if (!default_context_inited
)
396 context_deinit(&default_context_int
);
397 CRYPTO_THREAD_cleanup_local(&default_context_thread_local
);
398 default_context_inited
= 0;
401 static OSSL_LIB_CTX
*get_thread_default_context(void)
403 if (!RUN_ONCE(&default_context_init
, default_context_do_init
))
406 return CRYPTO_THREAD_get_local(&default_context_thread_local
);
409 static OSSL_LIB_CTX
*get_default_context(void)
411 OSSL_LIB_CTX
*current_defctx
= get_thread_default_context();
413 if (current_defctx
== NULL
)
414 current_defctx
= &default_context_int
;
415 return current_defctx
;
418 static int set_default_context(OSSL_LIB_CTX
*defctx
)
420 if (defctx
== &default_context_int
)
423 return CRYPTO_THREAD_set_local(&default_context_thread_local
, defctx
);
427 OSSL_LIB_CTX
*OSSL_LIB_CTX_new(void)
429 OSSL_LIB_CTX
*ctx
= OPENSSL_zalloc(sizeof(*ctx
));
431 if (ctx
!= NULL
&& !context_init(ctx
)) {
439 OSSL_LIB_CTX
*OSSL_LIB_CTX_new_from_dispatch(const OSSL_CORE_HANDLE
*handle
,
440 const OSSL_DISPATCH
*in
)
442 OSSL_LIB_CTX
*ctx
= OSSL_LIB_CTX_new();
447 if (!ossl_bio_init_core(ctx
, in
)) {
448 OSSL_LIB_CTX_free(ctx
);
455 OSSL_LIB_CTX
*OSSL_LIB_CTX_new_child(const OSSL_CORE_HANDLE
*handle
,
456 const OSSL_DISPATCH
*in
)
458 OSSL_LIB_CTX
*ctx
= OSSL_LIB_CTX_new_from_dispatch(handle
, in
);
463 if (!ossl_provider_init_as_child(ctx
, handle
, in
)) {
464 OSSL_LIB_CTX_free(ctx
);
472 int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX
*ctx
, const char *config_file
)
474 return CONF_modules_load_file_ex(ctx
, config_file
, NULL
, 0) > 0;
478 void OSSL_LIB_CTX_free(OSSL_LIB_CTX
*ctx
)
480 if (ossl_lib_ctx_is_default(ctx
))
485 ossl_provider_deinit_child(ctx
);
492 OSSL_LIB_CTX
*OSSL_LIB_CTX_get0_global_default(void)
494 if (!RUN_ONCE(&default_context_init
, default_context_do_init
))
497 return &default_context_int
;
500 OSSL_LIB_CTX
*OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX
*libctx
)
502 OSSL_LIB_CTX
*current_defctx
;
504 if ((current_defctx
= get_default_context()) != NULL
) {
506 set_default_context(libctx
);
507 return current_defctx
;
513 void ossl_release_default_drbg_ctx(void)
515 /* early release of the DRBG in global default libctx */
516 if (default_context_int
.drbg
!= NULL
) {
517 ossl_rand_ctx_free(default_context_int
.drbg
);
518 default_context_int
.drbg
= NULL
;
523 OSSL_LIB_CTX
*ossl_lib_ctx_get_concrete(OSSL_LIB_CTX
*ctx
)
527 return get_default_context();
532 int ossl_lib_ctx_is_default(OSSL_LIB_CTX
*ctx
)
535 if (ctx
== NULL
|| ctx
== get_default_context())
541 int ossl_lib_ctx_is_global_default(OSSL_LIB_CTX
*ctx
)
544 if (ossl_lib_ctx_get_concrete(ctx
) == &default_context_int
)
550 void *ossl_lib_ctx_get_data(OSSL_LIB_CTX
*ctx
, int index
)
554 ctx
= ossl_lib_ctx_get_concrete(ctx
);
559 case OSSL_LIB_CTX_PROPERTY_STRING_INDEX
:
560 return ctx
->property_string_data
;
561 case OSSL_LIB_CTX_EVP_METHOD_STORE_INDEX
:
562 return ctx
->evp_method_store
;
563 case OSSL_LIB_CTX_PROVIDER_STORE_INDEX
:
564 return ctx
->provider_store
;
565 case OSSL_LIB_CTX_NAMEMAP_INDEX
:
567 case OSSL_LIB_CTX_PROPERTY_DEFN_INDEX
:
568 return ctx
->property_defns
;
569 case OSSL_LIB_CTX_GLOBAL_PROPERTIES
:
570 return ctx
->global_properties
;
571 case OSSL_LIB_CTX_DRBG_INDEX
:
573 case OSSL_LIB_CTX_DRBG_NONCE_INDEX
:
574 return ctx
->drbg_nonce
;
576 case OSSL_LIB_CTX_PROVIDER_CONF_INDEX
:
577 return ctx
->provider_conf
;
578 case OSSL_LIB_CTX_BIO_CORE_INDEX
:
579 return ctx
->bio_core
;
580 case OSSL_LIB_CTX_CHILD_PROVIDER_INDEX
:
581 return ctx
->child_provider
;
582 case OSSL_LIB_CTX_DECODER_STORE_INDEX
:
583 return ctx
->decoder_store
;
584 case OSSL_LIB_CTX_DECODER_CACHE_INDEX
:
585 return ctx
->decoder_cache
;
586 case OSSL_LIB_CTX_ENCODER_STORE_INDEX
:
587 return ctx
->encoder_store
;
588 case OSSL_LIB_CTX_STORE_LOADER_STORE_INDEX
:
589 return ctx
->store_loader_store
;
590 case OSSL_LIB_CTX_SELF_TEST_CB_INDEX
:
591 return ctx
->self_test_cb
;
593 #ifndef OPENSSL_NO_THREAD_POOL
594 case OSSL_LIB_CTX_THREAD_INDEX
:
598 case OSSL_LIB_CTX_RAND_CRNGT_INDEX
: {
601 * rand_crngt must be lazily initialized because it calls into
602 * libctx, so must not be called from context_init, else a deadlock
605 * We use a separate lock because code called by the instantiation
606 * of rand_crngt is liable to try and take the libctx lock.
608 if (CRYPTO_THREAD_read_lock(ctx
->rand_crngt_lock
) != 1)
611 if (ctx
->rand_crngt
== NULL
) {
612 CRYPTO_THREAD_unlock(ctx
->rand_crngt_lock
);
614 if (CRYPTO_THREAD_write_lock(ctx
->rand_crngt_lock
) != 1)
617 if (ctx
->rand_crngt
== NULL
)
618 ctx
->rand_crngt
= ossl_rand_crng_ctx_new(ctx
);
623 CRYPTO_THREAD_unlock(ctx
->rand_crngt_lock
);
629 case OSSL_LIB_CTX_THREAD_EVENT_HANDLER_INDEX
:
630 return ctx
->thread_event_handler
;
632 case OSSL_LIB_CTX_FIPS_PROV_INDEX
:
633 return ctx
->fips_prov
;
641 OSSL_EX_DATA_GLOBAL
*ossl_lib_ctx_get_ex_data_global(OSSL_LIB_CTX
*ctx
)
643 ctx
= ossl_lib_ctx_get_concrete(ctx
);
649 const char *ossl_lib_ctx_get_descriptor(OSSL_LIB_CTX
*libctx
)
652 return "FIPS internal library context";
654 if (ossl_lib_ctx_is_global_default(libctx
))
655 return "Global default library context";
656 if (ossl_lib_ctx_is_default(libctx
))
657 return "Thread-local default library context";
658 return "Non-default library context";
662 CRYPTO_THREAD_LOCAL
*ossl_lib_ctx_get_rcukey(OSSL_LIB_CTX
*libctx
)
664 libctx
= ossl_lib_ctx_get_concrete(libctx
);
667 return &libctx
->rcu_local_key
;