crypto/engine/eng_table.c

   1 /*
   2  * Copyright 2001-2023 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include "internal/cryptlib.h"
  11 #include <openssl/evp.h>
  12 #include <openssl/lhash.h>
  13 #include <openssl/trace.h>
  14 #include "eng_local.h"
  15
  16 /* The type of the items in the table */
  17 struct st_engine_pile {
  18     /* The 'nid' of this algorithm/mode */
  19     int nid;
  20     /* ENGINEs that implement this algorithm/mode. */
  21     STACK_OF(ENGINE) *sk;
  22     /* The default ENGINE to perform this algorithm/mode. */
  23     ENGINE *funct;
  24     /*
  25      * Zero if 'sk' is newer than the cached 'funct', non-zero otherwise
  26      */
  27     int uptodate;
  28 };
  29
  30 /* The type exposed in eng_local.h */
  31 struct st_engine_table {
  32     LHASH_OF(ENGINE_PILE) piles;
  33 };                              /* ENGINE_TABLE */
  34
  35 typedef struct st_engine_pile_doall {
  36     engine_table_doall_cb *cb;
  37     void *arg;
  38 } ENGINE_PILE_DOALL;
  39
  40 /* Global flags (ENGINE_TABLE_FLAG_***). */
  41 static unsigned int table_flags = 0;
  42
  43 /* API function manipulating 'table_flags' */
  44 unsigned int ENGINE_get_table_flags(void)
  45 {
  46     return table_flags;
  47 }
  48
  49 void ENGINE_set_table_flags(unsigned int flags)
  50 {
  51     table_flags = flags;
  52 }
  53
  54 /* Internal functions for the "piles" hash table */
  55 static unsigned long engine_pile_hash(const ENGINE_PILE *c)
  56 {
  57     return c->nid;
  58 }
  59
  60 static int engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b)
  61 {
  62     return a->nid - b->nid;
  63 }
  64
  65 static int int_table_check(ENGINE_TABLE **t, int create)
  66 {
  67     LHASH_OF(ENGINE_PILE) *lh;
  68
  69     if (*t)
  70         return 1;
  71     if (!create)
  72         return 0;
  73     if ((lh = lh_ENGINE_PILE_new(engine_pile_hash, engine_pile_cmp)) == NULL)
  74         return 0;
  75     *t = (ENGINE_TABLE *)lh;
  76     return 1;
  77 }
  78
  79 /*
  80  * Privately exposed (via eng_local.h) functions for adding and/or removing
  81  * ENGINEs from the implementation table
  82  */
  83 int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
  84                           ENGINE *e, const int *nids, int num_nids,
  85                           int setdefault)
  86 {
  87     int ret = 0, added = 0;
  88     ENGINE_PILE tmplate, *fnd;
  89
  90     if (!CRYPTO_THREAD_write_lock(global_engine_lock))
  91         return 0;
  92     if (!(*table))
  93         added = 1;
  94     if (!int_table_check(table, 1))
  95         goto end;
  96     if (added)
  97         /* The cleanup callback needs to be added */
  98         engine_cleanup_add_first(cleanup);
  99     while (num_nids--) {
 100         tmplate.nid = *nids;
 101         fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
 102         if (!fnd) {
 103             fnd = OPENSSL_malloc(sizeof(*fnd));
 104             if (fnd == NULL)
 105                 goto end;
 106             fnd->uptodate = 1;
 107             fnd->nid = *nids;
 108             fnd->sk = sk_ENGINE_new_null();
 109             if (!fnd->sk) {
 110                 OPENSSL_free(fnd);
 111                 goto end;
 112             }
 113             fnd->funct = NULL;
 114             (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
 115             if (lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate) != fnd) {
 116                 sk_ENGINE_free(fnd->sk);
 117                 OPENSSL_free(fnd);
 118                 goto end;
 119             }
 120         }
 121         /* A registration shouldn't add duplicate entries */
 122         (void)sk_ENGINE_delete_ptr(fnd->sk, e);
 123         /*
 124          * if 'setdefault', this ENGINE goes to the head of the list
 125          */
 126         if (!sk_ENGINE_push(fnd->sk, e))
 127             goto end;
 128         /* "touch" this ENGINE_PILE */
 129         fnd->uptodate = 0;
 130         if (setdefault) {
 131             if (!engine_unlocked_init(e)) {
 132                 ERR_raise(ERR_LIB_ENGINE, ENGINE_R_INIT_FAILED);
 133                 goto end;
 134             }
 135             if (fnd->funct)
 136                 engine_unlocked_finish(fnd->funct, 0);
 137             fnd->funct = e;
 138             fnd->uptodate = 1;
 139         }
 140         nids++;
 141     }
 142     ret = 1;
 143  end:
 144     CRYPTO_THREAD_unlock(global_engine_lock);
 145     return ret;
 146 }
 147
 148 static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e)
 149 {
 150     int n;
 151     /* Iterate the 'c->sk' stack removing any occurrence of 'e' */
 152     while ((n = sk_ENGINE_find(pile->sk, e)) >= 0) {
 153         (void)sk_ENGINE_delete(pile->sk, n);
 154         pile->uptodate = 0;
 155     }
 156     if (pile->funct == e) {
 157         engine_unlocked_finish(e, 0);
 158         pile->funct = NULL;
 159     }
 160 }
 161
 162 IMPLEMENT_LHASH_DOALL_ARG(ENGINE_PILE, ENGINE);
 163
 164 void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
 165 {
 166     if (!CRYPTO_THREAD_write_lock(global_engine_lock))
 167         /* Can't return a value. :( */
 168         return;
 169     if (int_table_check(table, 0))
 170         lh_ENGINE_PILE_doall_ENGINE(&(*table)->piles, int_unregister_cb, e);
 171     CRYPTO_THREAD_unlock(global_engine_lock);
 172 }
 173
 174 static void int_cleanup_cb_doall(ENGINE_PILE *p)
 175 {
 176     if (p == NULL)
 177         return;
 178     sk_ENGINE_free(p->sk);
 179     if (p->funct)
 180         engine_unlocked_finish(p->funct, 0);
 181     OPENSSL_free(p);
 182 }
 183
 184 void engine_table_cleanup(ENGINE_TABLE **table)
 185 {
 186     if (!CRYPTO_THREAD_write_lock(global_engine_lock))
 187         return;
 188     if (*table) {
 189         lh_ENGINE_PILE_doall(&(*table)->piles, int_cleanup_cb_doall);
 190         lh_ENGINE_PILE_free(&(*table)->piles);
 191         *table = NULL;
 192     }
 193     CRYPTO_THREAD_unlock(global_engine_lock);
 194 }
 195
 196 /* return a functional reference for a given 'nid' */
 197 ENGINE *ossl_engine_table_select(ENGINE_TABLE **table, int nid,
 198                                  const char *f, int l)
 199 {
 200     ENGINE *ret = NULL;
 201     ENGINE_PILE tmplate, *fnd = NULL;
 202     int initres, loop = 0;
 203
 204 #ifndef OPENSSL_NO_AUTOLOAD_CONFIG
 205     /* Load the config before trying to check if engines are available */
 206     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
 207 #endif
 208
 209     if (!(*table)) {
 210         OSSL_TRACE3(ENGINE_TABLE,
 211                    "%s:%d, nid=%d, nothing registered!\n",
 212                    f, l, nid);
 213         return NULL;
 214     }
 215     ERR_set_mark();
 216     if (!CRYPTO_THREAD_write_lock(global_engine_lock))
 217         goto end;
 218     /*
 219      * Check again inside the lock otherwise we could race against cleanup
 220      * operations. But don't worry about a debug printout
 221      */
 222     if (!int_table_check(table, 0))
 223         goto end;
 224     tmplate.nid = nid;
 225     fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
 226     if (!fnd)
 227         goto end;
 228     if (fnd->funct && engine_unlocked_init(fnd->funct)) {
 229         OSSL_TRACE4(ENGINE_TABLE,
 230                    "%s:%d, nid=%d, using ENGINE '%s' cached\n",
 231                    f, l, nid, fnd->funct->id);
 232         ret = fnd->funct;
 233         goto end;
 234     }
 235     if (fnd->uptodate) {
 236         ret = fnd->funct;
 237         goto end;
 238     }
 239  trynext:
 240     ret = sk_ENGINE_value(fnd->sk, loop++);
 241     if (!ret) {
 242         OSSL_TRACE3(ENGINE_TABLE,
 243                     "%s:%d, nid=%d, "
 244                     "no registered implementations would initialise\n",
 245                     f, l, nid);
 246         goto end;
 247     }
 248     /* Try to initialise the ENGINE? */
 249     if ((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT))
 250         initres = engine_unlocked_init(ret);
 251     else
 252         initres = 0;
 253     if (initres) {
 254         /* Update 'funct' */
 255         if ((fnd->funct != ret) && engine_unlocked_init(ret)) {
 256             /* If there was a previous default we release it. */
 257             if (fnd->funct)
 258                 engine_unlocked_finish(fnd->funct, 0);
 259             fnd->funct = ret;
 260             OSSL_TRACE4(ENGINE_TABLE,
 261                         "%s:%d, nid=%d, setting default to '%s'\n",
 262                         f, l, nid, ret->id);
 263         }
 264         OSSL_TRACE4(ENGINE_TABLE,
 265                     "%s:%d, nid=%d, using newly initialised '%s'\n",
 266                     f, l, nid, ret->id);
 267         goto end;
 268     }
 269     goto trynext;
 270  end:
 271     /*
 272      * If it failed, it is unlikely to succeed again until some future
 273      * registrations have taken place. In all cases, we cache.
 274      */
 275     if (fnd)
 276         fnd->uptodate = 1;
 277     if (ret)
 278         OSSL_TRACE4(ENGINE_TABLE,
 279                    "%s:%d, nid=%d, caching ENGINE '%s'\n",
 280                    f, l, nid, ret->id);
 281     else
 282         OSSL_TRACE3(ENGINE_TABLE,
 283                     "%s:%d, nid=%d, caching 'no matching ENGINE'\n",
 284                     f, l, nid);
 285     CRYPTO_THREAD_unlock(global_engine_lock);
 286     /*
 287      * Whatever happened, any failed init()s are not failures in this
 288      * context, so clear our error state.
 289      */
 290     ERR_pop_to_mark();
 291     return ret;
 292 }
 293
 294 /* Table enumeration */
 295
 296 static void int_dall(const ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall)
 297 {
 298     dall->cb(pile->nid, pile->sk, pile->funct, dall->arg);
 299 }
 300
 301 IMPLEMENT_LHASH_DOALL_ARG_CONST(ENGINE_PILE, ENGINE_PILE_DOALL);
 302
 303 void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
 304                         void *arg)
 305 {
 306     ENGINE_PILE_DOALL dall;
 307     dall.cb = cb;
 308     dall.arg = arg;
 309     if (table)
 310         lh_ENGINE_PILE_doall_ENGINE_PILE_DOALL(&table->piles, int_dall, &dall);
 311 }