[thirdparty/openssl.git] / crypto / context.c

/*
 * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include "crypto/cryptlib.h"
#include <openssl/conf.h>
#include "internal/thread_once.h"
#include "internal/property.h"
#include "internal/core.h"
#include "internal/bio.h"
#include "internal/provider.h"
#include "crypto/context.h"

struct ossl_lib_ctx_st {
    CRYPTO_RWLOCK *lock, *rand_crngt_lock;
    OSSL_EX_DATA_GLOBAL global;

    void *property_string_data;
    void *evp_method_store;
    void *provider_store;
    void *namemap;
    void *property_defns;
    void *global_properties;
    void *drbg;
    void *drbg_nonce;
#ifndef FIPS_MODULE
    void *provider_conf;
    void *bio_core;
    void *child_provider;
    OSSL_METHOD_STORE *decoder_store;
    OSSL_METHOD_STORE *encoder_store;
    OSSL_METHOD_STORE *store_loader_store;
    void *self_test_cb;
#endif
    void *rand_crngt;
#ifdef FIPS_MODULE
    void *thread_event_handler;
    void *fips_prov;
#endif

    unsigned int ischild:1;
};

int ossl_lib_ctx_write_lock(OSSL_LIB_CTX *ctx)
{
    return CRYPTO_THREAD_write_lock(ossl_lib_ctx_get_concrete(ctx)->lock);
}

int ossl_lib_ctx_read_lock(OSSL_LIB_CTX *ctx)
{
    return CRYPTO_THREAD_read_lock(ossl_lib_ctx_get_concrete(ctx)->lock);
}

int ossl_lib_ctx_unlock(OSSL_LIB_CTX *ctx)
{
    return CRYPTO_THREAD_unlock(ossl_lib_ctx_get_concrete(ctx)->lock);
}

int ossl_lib_ctx_is_child(OSSL_LIB_CTX *ctx)
{
    ctx = ossl_lib_ctx_get_concrete(ctx);

    if (ctx == NULL)
        return 0;
    return ctx->ischild;
}

static void context_deinit_objs(OSSL_LIB_CTX *ctx);

static int context_init(OSSL_LIB_CTX *ctx)
{
    int exdata_done = 0;

    ctx->lock = CRYPTO_THREAD_lock_new();
    if (ctx->lock == NULL)
        return 0;

    ctx->rand_crngt_lock = CRYPTO_THREAD_lock_new();
    if (ctx->rand_crngt_lock == NULL)
        goto err;

    /* Initialize ex_data. */
    if (!ossl_do_ex_data_init(ctx))
        goto err;
    exdata_done = 1;

    /* P2. We want evp_method_store to be cleaned up before the provider store */
    ctx->evp_method_store = ossl_method_store_new(ctx);
    if (ctx->evp_method_store == NULL)
        goto err;

#ifndef FIPS_MODULE
    /* P2. Must be freed before the provider store is freed */
    ctx->provider_conf = ossl_prov_conf_ctx_new(ctx);
    if (ctx->provider_conf == NULL)
        goto err;
#endif

    /* P2. */
    ctx->drbg = ossl_rand_ctx_new(ctx);
    if (ctx->drbg == NULL)
        goto err;

#ifndef FIPS_MODULE
    /* P2. We want decoder_store to be cleaned up before the provider store */
    ctx->decoder_store = ossl_method_store_new(ctx);
    if (ctx->decoder_store == NULL)
        goto err;

    /* P2. We want encoder_store to be cleaned up before the provider store */
    ctx->encoder_store = ossl_method_store_new(ctx);
    if (ctx->encoder_store == NULL)
        goto err;

    /* P2. We want loader_store to be cleaned up before the provider store */
    ctx->store_loader_store = ossl_method_store_new(ctx);
    if (ctx->store_loader_store == NULL)
        goto err;
#endif

    /* P1. Needs to be freed before the child provider data is freed */
    ctx->provider_store = ossl_provider_store_new(ctx);
    if (ctx->provider_store == NULL)
        goto err;

    /* Default priority. */
    ctx->property_string_data = ossl_property_string_data_new(ctx);
    if (ctx->property_string_data == NULL)
        goto err;

    ctx->namemap = ossl_stored_namemap_new(ctx);
    if (ctx->namemap == NULL)
        goto err;

    ctx->property_defns = ossl_property_defns_new(ctx);
    if (ctx->property_defns == NULL)
        goto err;

    ctx->global_properties = ossl_ctx_global_properties_new(ctx);
    if (ctx->global_properties == NULL)
        goto err;

#ifndef FIPS_MODULE
    ctx->bio_core = ossl_bio_core_globals_new(ctx);
    if (ctx->bio_core == NULL)
        goto err;
#endif

    ctx->drbg_nonce = ossl_prov_drbg_nonce_ctx_new(ctx);
    if (ctx->drbg_nonce == NULL)
        goto err;

#ifndef FIPS_MODULE
    ctx->self_test_cb = ossl_self_test_set_callback_new(ctx);
    if (ctx->self_test_cb == NULL)
        goto err;
#endif

#ifdef FIPS_MODULE
    ctx->thread_event_handler = ossl_thread_event_ctx_new(ctx);
    if (ctx->thread_event_handler == NULL)
        goto err;

    ctx->fips_prov = ossl_fips_prov_ossl_ctx_new(ctx);
    if (ctx->fips_prov == NULL)
        goto err;
#endif

    /* Low priority. */
#ifndef FIPS_MODULE
    ctx->child_provider = ossl_child_prov_ctx_new(ctx);
    if (ctx->child_provider == NULL)
        goto err;
#endif

    /* Everything depends on properties, so we also pre-initialise that */
    if (!ossl_property_parse_init(ctx))
        goto err;

    return 1;

 err:
    context_deinit_objs(ctx);

    if (exdata_done)
        ossl_crypto_cleanup_all_ex_data_int(ctx);

    CRYPTO_THREAD_lock_free(ctx->rand_crngt_lock);
    CRYPTO_THREAD_lock_free(ctx->lock);
    memset(ctx, '\0', sizeof(*ctx));
    return 0;
}

static void context_deinit_objs(OSSL_LIB_CTX *ctx)
{
    /* P2. We want evp_method_store to be cleaned up before the provider store */
    if (ctx->evp_method_store != NULL) {
        ossl_method_store_free(ctx->evp_method_store);
        ctx->evp_method_store = NULL;
    }

    /* P2. */
    if (ctx->drbg != NULL) {
        ossl_rand_ctx_free(ctx->drbg);
        ctx->drbg = NULL;
    }

#ifndef FIPS_MODULE
    /* P2. */
    if (ctx->provider_conf != NULL) {
        ossl_prov_conf_ctx_free(ctx->provider_conf);
        ctx->provider_conf = NULL;
    }

    /* P2. We want decoder_store to be cleaned up before the provider store */
    if (ctx->decoder_store != NULL) {
        ossl_method_store_free(ctx->decoder_store);
        ctx->decoder_store = NULL;
    }

    /* P2. We want encoder_store to be cleaned up before the provider store */
    if (ctx->encoder_store != NULL) {
        ossl_method_store_free(ctx->encoder_store);
        ctx->encoder_store = NULL;
    }

    /* P2. We want loader_store to be cleaned up before the provider store */
    if (ctx->store_loader_store != NULL) {
        ossl_method_store_free(ctx->store_loader_store);
        ctx->store_loader_store = NULL;
    }
#endif

    /* P1. Needs to be freed before the child provider data is freed */
    if (ctx->provider_store != NULL) {
        ossl_provider_store_free(ctx->provider_store);
        ctx->provider_store = NULL;
    }

    /* Default priority. */
    if (ctx->property_string_data != NULL) {
        ossl_property_string_data_free(ctx->property_string_data);
        ctx->property_string_data = NULL;
    }

    if (ctx->namemap != NULL) {
        ossl_stored_namemap_free(ctx->namemap);
        ctx->namemap = NULL;
    }

    if (ctx->property_defns != NULL) {
        ossl_property_defns_free(ctx->property_defns);
        ctx->property_defns = NULL;
    }

    if (ctx->global_properties != NULL) {
        ossl_ctx_global_properties_free(ctx->global_properties);
        ctx->global_properties = NULL;
    }

#ifndef FIPS_MODULE
    if (ctx->bio_core != NULL) {
        ossl_bio_core_globals_free(ctx->bio_core);
        ctx->bio_core = NULL;
    }
#endif

    if (ctx->drbg_nonce != NULL) {
        ossl_prov_drbg_nonce_ctx_free(ctx->drbg_nonce);
        ctx->drbg_nonce = NULL;
    }

#ifndef FIPS_MODULE
    if (ctx->self_test_cb != NULL) {
        ossl_self_test_set_callback_free(ctx->self_test_cb);
        ctx->self_test_cb = NULL;
    }
#endif

    if (ctx->rand_crngt != NULL) {
        ossl_rand_crng_ctx_free(ctx->rand_crngt);
        ctx->rand_crngt = NULL;
    }

#ifdef FIPS_MODULE
    if (ctx->thread_event_handler != NULL) {
        ossl_thread_event_ctx_free(ctx->thread_event_handler);
        ctx->thread_event_handler = NULL;
    }

    if (ctx->fips_prov != NULL) {
        ossl_fips_prov_ossl_ctx_free(ctx->fips_prov);
        ctx->fips_prov = NULL;
    }
#endif

    /* Low priority. */
#ifndef FIPS_MODULE
    if (ctx->child_provider != NULL) {
        ossl_child_prov_ctx_free(ctx->child_provider);
        ctx->child_provider = NULL;
    }
#endif
}

static int context_deinit(OSSL_LIB_CTX *ctx)
{
    if (ctx == NULL)
        return 1;

    ossl_ctx_thread_stop(ctx);

    context_deinit_objs(ctx);

    ossl_crypto_cleanup_all_ex_data_int(ctx);

    CRYPTO_THREAD_lock_free(ctx->rand_crngt_lock);
    CRYPTO_THREAD_lock_free(ctx->lock);
    ctx->rand_crngt_lock = NULL;
    ctx->lock = NULL;
    return 1;
}

#ifndef FIPS_MODULE
/* The default default context */
static OSSL_LIB_CTX default_context_int;

static CRYPTO_ONCE default_context_init = CRYPTO_ONCE_STATIC_INIT;
static CRYPTO_THREAD_LOCAL default_context_thread_local;

DEFINE_RUN_ONCE_STATIC(default_context_do_init)
{
    return CRYPTO_THREAD_init_local(&default_context_thread_local, NULL)
        && context_init(&default_context_int);
}

void ossl_lib_ctx_default_deinit(void)
{
    context_deinit(&default_context_int);
    CRYPTO_THREAD_cleanup_local(&default_context_thread_local);
}

static OSSL_LIB_CTX *get_thread_default_context(void)
{
    if (!RUN_ONCE(&default_context_init, default_context_do_init))
        return NULL;

    return CRYPTO_THREAD_get_local(&default_context_thread_local);
}

static OSSL_LIB_CTX *get_default_context(void)
{
    OSSL_LIB_CTX *current_defctx = get_thread_default_context();

    if (current_defctx == NULL)
        current_defctx = &default_context_int;
    return current_defctx;
}

static int set_default_context(OSSL_LIB_CTX *defctx)
{
    if (defctx == &default_context_int)
        defctx = NULL;

    return CRYPTO_THREAD_set_local(&default_context_thread_local, defctx);
}
#endif

OSSL_LIB_CTX *OSSL_LIB_CTX_new(void)
{
    OSSL_LIB_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));

    if (ctx != NULL && !context_init(ctx)) {
        OPENSSL_free(ctx);
        ctx = NULL;
    }
    return ctx;
}

#ifndef FIPS_MODULE
OSSL_LIB_CTX *OSSL_LIB_CTX_new_from_dispatch(const OSSL_CORE_HANDLE *handle,
                                             const OSSL_DISPATCH *in)
{
    OSSL_LIB_CTX *ctx = OSSL_LIB_CTX_new();

    if (ctx == NULL)
        return NULL;

    if (!ossl_bio_init_core(ctx, in)) {
        OSSL_LIB_CTX_free(ctx);
        return NULL;
    }

    return ctx;
}

OSSL_LIB_CTX *OSSL_LIB_CTX_new_child(const OSSL_CORE_HANDLE *handle,
                                     const OSSL_DISPATCH *in)
{
    OSSL_LIB_CTX *ctx = OSSL_LIB_CTX_new_from_dispatch(handle, in);

    if (ctx == NULL)
        return NULL;

    if (!ossl_provider_init_as_child(ctx, handle, in)) {
        OSSL_LIB_CTX_free(ctx);
        return NULL;
    }
    ctx->ischild = 1;

    return ctx;
}

int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX *ctx, const char *config_file)
{
    return CONF_modules_load_file_ex(ctx, config_file, NULL, 0) > 0;
}
#endif

void OSSL_LIB_CTX_free(OSSL_LIB_CTX *ctx)
{
    if (ossl_lib_ctx_is_default(ctx))
        return;

#ifndef FIPS_MODULE
    if (ctx->ischild)
        ossl_provider_deinit_child(ctx);
#endif
    context_deinit(ctx);
    OPENSSL_free(ctx);
}

#ifndef FIPS_MODULE
OSSL_LIB_CTX *OSSL_LIB_CTX_get0_global_default(void)
{
    if (!RUN_ONCE(&default_context_init, default_context_do_init))
        return NULL;

    return &default_context_int;
}

OSSL_LIB_CTX *OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX *libctx)
{
    OSSL_LIB_CTX *current_defctx;

    if ((current_defctx = get_default_context()) != NULL) {
        if (libctx != NULL)
            set_default_context(libctx);
        return current_defctx;
    }

    return NULL;
}
#endif

OSSL_LIB_CTX *ossl_lib_ctx_get_concrete(OSSL_LIB_CTX *ctx)
{
#ifndef FIPS_MODULE
    if (ctx == NULL)
        return get_default_context();
#endif
    return ctx;
}

int ossl_lib_ctx_is_default(OSSL_LIB_CTX *ctx)
{
#ifndef FIPS_MODULE
    if (ctx == NULL || ctx == get_default_context())
        return 1;
#endif
    return 0;
}

int ossl_lib_ctx_is_global_default(OSSL_LIB_CTX *ctx)
{
#ifndef FIPS_MODULE
    if (ossl_lib_ctx_get_concrete(ctx) == &default_context_int)
        return 1;
#endif
    return 0;
}

void *ossl_lib_ctx_get_data(OSSL_LIB_CTX *ctx, int index)
{
    void *p;

    ctx = ossl_lib_ctx_get_concrete(ctx);
    if (ctx == NULL)
        return NULL;

    switch (index) {
    case OSSL_LIB_CTX_PROPERTY_STRING_INDEX:
        return ctx->property_string_data;
    case OSSL_LIB_CTX_EVP_METHOD_STORE_INDEX:
        return ctx->evp_method_store;
    case OSSL_LIB_CTX_PROVIDER_STORE_INDEX:
        return ctx->provider_store;
    case OSSL_LIB_CTX_NAMEMAP_INDEX:
        return ctx->namemap;
    case OSSL_LIB_CTX_PROPERTY_DEFN_INDEX:
        return ctx->property_defns;
    case OSSL_LIB_CTX_GLOBAL_PROPERTIES:
        return ctx->global_properties;
    case OSSL_LIB_CTX_DRBG_INDEX:
        return ctx->drbg;
    case OSSL_LIB_CTX_DRBG_NONCE_INDEX:
        return ctx->drbg_nonce;
#ifndef FIPS_MODULE
    case OSSL_LIB_CTX_PROVIDER_CONF_INDEX:
        return ctx->provider_conf;
    case OSSL_LIB_CTX_BIO_CORE_INDEX:
        return ctx->bio_core;
    case OSSL_LIB_CTX_CHILD_PROVIDER_INDEX:
        return ctx->child_provider;
    case OSSL_LIB_CTX_DECODER_STORE_INDEX:
        return ctx->decoder_store;
    case OSSL_LIB_CTX_ENCODER_STORE_INDEX:
        return ctx->encoder_store;
    case OSSL_LIB_CTX_STORE_LOADER_STORE_INDEX:
        return ctx->store_loader_store;
    case OSSL_LIB_CTX_SELF_TEST_CB_INDEX:
        return ctx->self_test_cb;
#endif

    case OSSL_LIB_CTX_RAND_CRNGT_INDEX: {

        /*
         * rand_crngt must be lazily initialized because it calls into
         * libctx, so must not be called from context_init, else a deadlock
         * will occur.
         *
         * We use a separate lock because code called by the instantiation
         * of rand_crngt is liable to try and take the libctx lock.
         */
        if (CRYPTO_THREAD_read_lock(ctx->rand_crngt_lock) != 1)
            return NULL;

        if (ctx->rand_crngt == NULL) {
            CRYPTO_THREAD_unlock(ctx->rand_crngt_lock);

            if (CRYPTO_THREAD_write_lock(ctx->rand_crngt_lock) != 1)
                return NULL;

            if (ctx->rand_crngt == NULL)
                ctx->rand_crngt = ossl_rand_crng_ctx_new(ctx);
        }

        p = ctx->rand_crngt;

        CRYPTO_THREAD_unlock(ctx->rand_crngt_lock);

        return p;
    }

#ifdef FIPS_MODULE
    case OSSL_LIB_CTX_THREAD_EVENT_HANDLER_INDEX:
        return ctx->thread_event_handler;

    case OSSL_LIB_CTX_FIPS_PROV_INDEX:
        return ctx->fips_prov;
#endif

    default:
        return NULL;
    }
}

OSSL_EX_DATA_GLOBAL *ossl_lib_ctx_get_ex_data_global(OSSL_LIB_CTX *ctx)
{
    ctx = ossl_lib_ctx_get_concrete(ctx);
    if (ctx == NULL)
        return NULL;
    return &ctx->global;
}

const char *ossl_lib_ctx_get_descriptor(OSSL_LIB_CTX *libctx)
{
#ifdef FIPS_MODULE
    return "FIPS internal library context";
#else
    if (ossl_lib_ctx_is_global_default(libctx))
        return "Global default library context";
    if (ossl_lib_ctx_is_default(libctx))
        return "Thread-local default library context";
    return "Non-default library context";
#endif
}
Commit	Line	Data
d64b6299	1	/*
fecb3aae	2	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
d64b6299 RL	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
25f2138b	10	#include "crypto/cryptlib.h"
22e27978	11	#include <openssl/conf.h>
d64b6299	12	#include "internal/thread_once.h"
505f4660	13	#include "internal/property.h"
4b1f34f1	14	#include "internal/core.h"
b0ee1de9	15	#include "internal/bio.h"
f12a5690	16	#include "internal/provider.h"
927d0566	17	#include "crypto/context.h"
d64b6299	18
b4250010	19	struct ossl_lib_ctx_st {
927d0566	20	CRYPTO_RWLOCK lock, rand_crngt_lock;
1aedc35f MC	21	OSSL_EX_DATA_GLOBAL global;
1aedc35f MC	22
927d0566 HL	23	void *property_string_data;
	24	void *evp_method_store;
	25	void *provider_store;
	26	void *namemap;
	27	void *property_defns;
	28	void *global_properties;
	29	void *drbg;
	30	void *drbg_nonce;
	31	#ifndef FIPS_MODULE
	32	void *provider_conf;
	33	void *bio_core;
	34	void *child_provider;
	35	OSSL_METHOD_STORE *decoder_store;
	36	OSSL_METHOD_STORE *encoder_store;
	37	OSSL_METHOD_STORE *store_loader_store;
	38	void *self_test_cb;
	39	#endif
	40	void *rand_crngt;
	41	#ifdef FIPS_MODULE
	42	void *thread_event_handler;
	43	void *fips_prov;
	44	#endif
770de346	45
f12a5690	46	unsigned int ischild:1;
d64b6299 RL	47	};
d64b6299 RL	48
4b1f34f1 P	49	int ossl_lib_ctx_write_lock(OSSL_LIB_CTX *ctx)
	50	{
	51	return CRYPTO_THREAD_write_lock(ossl_lib_ctx_get_concrete(ctx)->lock);
	52	}
	53
	54	int ossl_lib_ctx_read_lock(OSSL_LIB_CTX *ctx)
	55	{
	56	return CRYPTO_THREAD_read_lock(ossl_lib_ctx_get_concrete(ctx)->lock);
	57	}
	58
	59	int ossl_lib_ctx_unlock(OSSL_LIB_CTX *ctx)
	60	{
	61	return CRYPTO_THREAD_unlock(ossl_lib_ctx_get_concrete(ctx)->lock);
	62	}
	63
f12a5690 MC	64	int ossl_lib_ctx_is_child(OSSL_LIB_CTX *ctx)
	65	{
	66	ctx = ossl_lib_ctx_get_concrete(ctx);
	67
	68	if (ctx == NULL)
	69	return 0;
	70	return ctx->ischild;
	71	}
	72
927d0566 HL	73	static void context_deinit_objs(OSSL_LIB_CTX *ctx);
927d0566 HL	74
b4250010	75	static int context_init(OSSL_LIB_CTX *ctx)
d64b6299	76	{
505f4660	77	int exdata_done = 0;
1aedc35f MC	78
	79	ctx->lock = CRYPTO_THREAD_lock_new();
	80	if (ctx->lock == NULL)
	81	return 0;
	82
927d0566 HL	83	ctx->rand_crngt_lock = CRYPTO_THREAD_lock_new();
	84	if (ctx->rand_crngt_lock == NULL)
	85	goto err;
1aedc35f	86
927d0566	87	/* Initialize ex_data. */
e4bec869	88	if (!ossl_do_ex_data_init(ctx))
1aedc35f	89	goto err;
505f4660	90	exdata_done = 1;
1aedc35f	91
927d0566 HL	92	/* P2. We want evp_method_store to be cleaned up before the provider store */
	93	ctx->evp_method_store = ossl_method_store_new(ctx);
	94	if (ctx->evp_method_store == NULL)
	95	goto err;
	96
	97	#ifndef FIPS_MODULE
	98	/* P2. Must be freed before the provider store is freed */
	99	ctx->provider_conf = ossl_prov_conf_ctx_new(ctx);
	100	if (ctx->provider_conf == NULL)
	101	goto err;
	102	#endif
	103
	104	/* P2. */
	105	ctx->drbg = ossl_rand_ctx_new(ctx);
	106	if (ctx->drbg == NULL)
1aedc35f	107	goto err;
1aedc35f	108
927d0566 HL	109	#ifndef FIPS_MODULE
	110	/* P2. We want decoder_store to be cleaned up before the provider store */
	111	ctx->decoder_store = ossl_method_store_new(ctx);
	112	if (ctx->decoder_store == NULL)
	113	goto err;
	114
	115	/* P2. We want encoder_store to be cleaned up before the provider store */
	116	ctx->encoder_store = ossl_method_store_new(ctx);
	117	if (ctx->encoder_store == NULL)
	118	goto err;
	119
	120	/* P2. We want loader_store to be cleaned up before the provider store */
	121	ctx->store_loader_store = ossl_method_store_new(ctx);
	122	if (ctx->store_loader_store == NULL)
	123	goto err;
	124	#endif
	125
	126	/* P1. Needs to be freed before the child provider data is freed */
	127	ctx->provider_store = ossl_provider_store_new(ctx);
	128	if (ctx->provider_store == NULL)
	129	goto err;
	130
	131	/* Default priority. */
	132	ctx->property_string_data = ossl_property_string_data_new(ctx);
	133	if (ctx->property_string_data == NULL)
	134	goto err;
	135
	136	ctx->namemap = ossl_stored_namemap_new(ctx);
	137	if (ctx->namemap == NULL)
	138	goto err;
	139
	140	ctx->property_defns = ossl_property_defns_new(ctx);
	141	if (ctx->property_defns == NULL)
	142	goto err;
	143
	144	ctx->global_properties = ossl_ctx_global_properties_new(ctx);
	145	if (ctx->global_properties == NULL)
	146	goto err;
	147
	148	#ifndef FIPS_MODULE
	149	ctx->bio_core = ossl_bio_core_globals_new(ctx);
	150	if (ctx->bio_core == NULL)
	151	goto err;
	152	#endif
	153
	154	ctx->drbg_nonce = ossl_prov_drbg_nonce_ctx_new(ctx);
	155	if (ctx->drbg_nonce == NULL)
	156	goto err;
	157
	158	#ifndef FIPS_MODULE
	159	ctx->self_test_cb = ossl_self_test_set_callback_new(ctx);
	160	if (ctx->self_test_cb == NULL)
	161	goto err;
	162	#endif
	163
	164	#ifdef FIPS_MODULE
	165	ctx->thread_event_handler = ossl_thread_event_ctx_new(ctx);
	166	if (ctx->thread_event_handler == NULL)
	167	goto err;
	168
	169	ctx->fips_prov = ossl_fips_prov_ossl_ctx_new(ctx);
	170	if (ctx->fips_prov == NULL)
	171	goto err;
	172	#endif
173
174	/* Low priority. */
175	#ifndef FIPS_MODULE
176	ctx->child_provider = ossl_child_prov_ctx_new(ctx);
177	if (ctx->child_provider == NULL)
178	goto err;
179	#endif
180
505f4660 MC	181	/* Everything depends on properties, so we also pre-initialise that */
	182	if (!ossl_property_parse_init(ctx))
	183	goto err;
	184
1aedc35f	185	return 1;
927d0566	186
1aedc35f	187	err:
927d0566 HL	188	context_deinit_objs(ctx);
927d0566 HL	189
505f4660	190	if (exdata_done)
e4bec869	191	ossl_crypto_cleanup_all_ex_data_int(ctx);
927d0566 HL	192
927d0566 HL	193	CRYPTO_THREAD_lock_free(ctx->rand_crngt_lock);
1aedc35f	194	CRYPTO_THREAD_lock_free(ctx->lock);
7ca3bf79	195	memset(ctx, '\0', sizeof(*ctx));
1aedc35f	196	return 0;
d64b6299 RL	197	}
d64b6299 RL	198
927d0566 HL	199	static void context_deinit_objs(OSSL_LIB_CTX *ctx)
	200	{
	201	/* P2. We want evp_method_store to be cleaned up before the provider store */
	202	if (ctx->evp_method_store != NULL) {
	203	ossl_method_store_free(ctx->evp_method_store);
	204	ctx->evp_method_store = NULL;
	205	}
	206
	207	/* P2. */
	208	if (ctx->drbg != NULL) {
	209	ossl_rand_ctx_free(ctx->drbg);
	210	ctx->drbg = NULL;
	211	}
	212
	213	#ifndef FIPS_MODULE
	214	/* P2. */
	215	if (ctx->provider_conf != NULL) {
	216	ossl_prov_conf_ctx_free(ctx->provider_conf);
	217	ctx->provider_conf = NULL;
	218	}
	219
	220	/* P2. We want decoder_store to be cleaned up before the provider store */
	221	if (ctx->decoder_store != NULL) {
	222	ossl_method_store_free(ctx->decoder_store);
	223	ctx->decoder_store = NULL;
	224	}
	225
	226	/* P2. We want encoder_store to be cleaned up before the provider store */
	227	if (ctx->encoder_store != NULL) {
	228	ossl_method_store_free(ctx->encoder_store);
	229	ctx->encoder_store = NULL;
	230	}
	231
	232	/* P2. We want loader_store to be cleaned up before the provider store */
	233	if (ctx->store_loader_store != NULL) {
	234	ossl_method_store_free(ctx->store_loader_store);
	235	ctx->store_loader_store = NULL;
	236	}
	237	#endif
	238
	239	/* P1. Needs to be freed before the child provider data is freed */
	240	if (ctx->provider_store != NULL) {
	241	ossl_provider_store_free(ctx->provider_store);
	242	ctx->provider_store = NULL;
	243	}
	244
	245	/* Default priority. */
	246	if (ctx->property_string_data != NULL) {
	247	ossl_property_string_data_free(ctx->property_string_data);
	248	ctx->property_string_data = NULL;
	249	}
	250
	251	if (ctx->namemap != NULL) {
	252	ossl_stored_namemap_free(ctx->namemap);
	253	ctx->namemap = NULL;
	254	}
	255
	256	if (ctx->property_defns != NULL) {
	257	ossl_property_defns_free(ctx->property_defns);
	258	ctx->property_defns = NULL;
	259	}
	260
	261	if (ctx->global_properties != NULL) {
	262	ossl_ctx_global_properties_free(ctx->global_properties);
263	ctx->global_properties = NULL;
264	}
265
266	#ifndef FIPS_MODULE
267	if (ctx->bio_core != NULL) {
268	ossl_bio_core_globals_free(ctx->bio_core);
269	ctx->bio_core = NULL;
270	}
271	#endif
272
273	if (ctx->drbg_nonce != NULL) {
274	ossl_prov_drbg_nonce_ctx_free(ctx->drbg_nonce);
275	ctx->drbg_nonce = NULL;
276	}
277
278	#ifndef FIPS_MODULE
279	if (ctx->self_test_cb != NULL) {
280	ossl_self_test_set_callback_free(ctx->self_test_cb);
281	ctx->self_test_cb = NULL;
282	}
283	#endif
284
285	if (ctx->rand_crngt != NULL) {
286	ossl_rand_crng_ctx_free(ctx->rand_crngt);
287	ctx->rand_crngt = NULL;
288	}
289
290	#ifdef FIPS_MODULE
291	if (ctx->thread_event_handler != NULL) {
292	ossl_thread_event_ctx_free(ctx->thread_event_handler);
293	ctx->thread_event_handler = NULL;
294	}
295
296	if (ctx->fips_prov != NULL) {
297	ossl_fips_prov_ossl_ctx_free(ctx->fips_prov);
298	ctx->fips_prov = NULL;
299	}
300	#endif
301
302	/* Low priority. */
303	#ifndef FIPS_MODULE
304	if (ctx->child_provider != NULL) {
305	ossl_child_prov_ctx_free(ctx->child_provider);
306	ctx->child_provider = NULL;
307	}
308	#endif
309	}
310
b4250010	311	static int context_deinit(OSSL_LIB_CTX *ctx)
d64b6299	312	{
1aedc35f MC	313	if (ctx == NULL)
1aedc35f MC	314	return 1;
b8fe36fe	315
da747958 MC	316	ossl_ctx_thread_stop(ctx);
da747958 MC	317
927d0566 HL	318	context_deinit_objs(ctx);
927d0566 HL	319
e4bec869	320	ossl_crypto_cleanup_all_ex_data_int(ctx);
770de346	321
927d0566	322	CRYPTO_THREAD_lock_free(ctx->rand_crngt_lock);
d64b6299	323	CRYPTO_THREAD_lock_free(ctx->lock);
927d0566	324	ctx->rand_crngt_lock = NULL;
1aedc35f	325	ctx->lock = NULL;
d64b6299 RL	326	return 1;
	327	}
	328
f844f9eb	329	#ifndef FIPS_MODULE
5a975275	330	/* The default default context */
b4250010	331	static OSSL_LIB_CTX default_context_int;
5a975275 RL	332
	333	static CRYPTO_ONCE default_context_init = CRYPTO_ONCE_STATIC_INIT;
	334	static CRYPTO_THREAD_LOCAL default_context_thread_local;
	335
	336	DEFINE_RUN_ONCE_STATIC(default_context_do_init)
	337	{
	338	return CRYPTO_THREAD_init_local(&default_context_thread_local, NULL)
	339	&& context_init(&default_context_int);
	340	}
	341
b4250010	342	void ossl_lib_ctx_default_deinit(void)
d64b6299	343	{
5a975275	344	context_deinit(&default_context_int);
8e012cdc	345	CRYPTO_THREAD_cleanup_local(&default_context_thread_local);
d64b6299	346	}
1aedc35f	347
b4250010	348	static OSSL_LIB_CTX *get_thread_default_context(void)
d64b6299	349	{
5a975275 RL	350	if (!RUN_ONCE(&default_context_init, default_context_do_init))
5a975275 RL	351	return NULL;
1aedc35f	352
5a975275 RL	353	return CRYPTO_THREAD_get_local(&default_context_thread_local);
	354	}
	355
b4250010	356	static OSSL_LIB_CTX *get_default_context(void)
5a975275	357	{
b4250010	358	OSSL_LIB_CTX *current_defctx = get_thread_default_context();
5a975275 RL	359
	360	if (current_defctx == NULL)
	361	current_defctx = &default_context_int;
	362	return current_defctx;
	363	}
	364
b4250010	365	static int set_default_context(OSSL_LIB_CTX *defctx)
5a975275 RL	366	{
	367	if (defctx == &default_context_int)
	368	defctx = NULL;
	369
	370	return CRYPTO_THREAD_set_local(&default_context_thread_local, defctx);
d64b6299	371	}
1aedc35f	372	#endif
d64b6299	373
b4250010	374	OSSL_LIB_CTX *OSSL_LIB_CTX_new(void)
d64b6299	375	{
b4250010	376	OSSL_LIB_CTX ctx = OPENSSL_zalloc(sizeof(ctx));
d64b6299 RL	377
d64b6299 RL	378	if (ctx != NULL && !context_init(ctx)) {
7ca3bf79	379	OPENSSL_free(ctx);
d64b6299 RL	380	ctx = NULL;
	381	}
	382	return ctx;
	383	}
	384
f844f9eb	385	#ifndef FIPS_MODULE
f12a5690 MC	386	OSSL_LIB_CTX OSSL_LIB_CTX_new_from_dispatch(const OSSL_CORE_HANDLE handle,
f12a5690 MC	387	const OSSL_DISPATCH *in)
b0ee1de9 MC	388	{
	389	OSSL_LIB_CTX *ctx = OSSL_LIB_CTX_new();
	390
	391	if (ctx == NULL)
	392	return NULL;
	393
	394	if (!ossl_bio_init_core(ctx, in)) {
	395	OSSL_LIB_CTX_free(ctx);
	396	return NULL;
	397	}
	398
	399	return ctx;
	400	}
	401
f12a5690 MC	402	OSSL_LIB_CTX OSSL_LIB_CTX_new_child(const OSSL_CORE_HANDLE handle,
	403	const OSSL_DISPATCH *in)
	404	{
	405	OSSL_LIB_CTX *ctx = OSSL_LIB_CTX_new_from_dispatch(handle, in);
	406
	407	if (ctx == NULL)
	408	return NULL;
	409
	410	if (!ossl_provider_init_as_child(ctx, handle, in)) {
	411	OSSL_LIB_CTX_free(ctx);
	412	return NULL;
	413	}
	414	ctx->ischild = 1;
	415
	416	return ctx;
	417	}
	418
b4250010	419	int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX ctx, const char config_file)
22e27978	420	{
d8652be0	421	return CONF_modules_load_file_ex(ctx, config_file, NULL, 0) > 0;
22e27978 SL	422	}
	423	#endif
	424
b4250010	425	void OSSL_LIB_CTX_free(OSSL_LIB_CTX *ctx)
d64b6299	426	{
b4250010	427	if (ossl_lib_ctx_is_default(ctx))
5a975275 RL	428	return;
5a975275 RL	429
cad22202 MC	430	#ifndef FIPS_MODULE
	431	if (ctx->ischild)
	432	ossl_provider_deinit_child(ctx);
	433	#endif
5a975275	434	context_deinit(ctx);
d64b6299 RL	435	OPENSSL_free(ctx);
	436	}
	437
978e323a MC	438	#ifndef FIPS_MODULE
	439	OSSL_LIB_CTX *OSSL_LIB_CTX_get0_global_default(void)
	440	{
	441	if (!RUN_ONCE(&default_context_init, default_context_do_init))
	442	return NULL;
	443
	444	return &default_context_int;
	445	}
	446
b4250010	447	OSSL_LIB_CTX OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX libctx)
5a975275	448	{
b4250010	449	OSSL_LIB_CTX *current_defctx;
5a975275	450
92b20fb8 MC	451	if ((current_defctx = get_default_context()) != NULL) {
	452	if (libctx != NULL)
	453	set_default_context(libctx);
5a975275	454	return current_defctx;
92b20fb8	455	}
5a975275 RL	456
	457	return NULL;
	458	}
978e323a	459	#endif
5a975275	460
b4250010	461	OSSL_LIB_CTX ossl_lib_ctx_get_concrete(OSSL_LIB_CTX ctx)
d4c051ce	462	{
f844f9eb	463	#ifndef FIPS_MODULE
5a975275 RL	464	if (ctx == NULL)
5a975275 RL	465	return get_default_context();
d4c051ce MC	466	#endif
	467	return ctx;
	468	}
	469
b4250010	470	int ossl_lib_ctx_is_default(OSSL_LIB_CTX *ctx)
6b1e5fa4	471	{
f844f9eb	472	#ifndef FIPS_MODULE
5a975275	473	if (ctx == NULL \|\| ctx == get_default_context())
6b1e5fa4	474	return 1;
cfbd76c1 RL	475	#endif
	476	return 0;
	477	}
	478
b4250010	479	int ossl_lib_ctx_is_global_default(OSSL_LIB_CTX *ctx)
cfbd76c1 RL	480	{
cfbd76c1 RL	481	#ifndef FIPS_MODULE
b4250010	482	if (ossl_lib_ctx_get_concrete(ctx) == &default_context_int)
cfbd76c1	483	return 1;
6b1e5fa4 MC	484	#endif
	485	return 0;
	486	}
	487
927d0566	488	void ossl_lib_ctx_get_data(OSSL_LIB_CTX ctx, int index)
d64b6299	489	{
927d0566	490	void *p;
1aedc35f	491
b4250010	492	ctx = ossl_lib_ctx_get_concrete(ctx);
1aedc35f	493	if (ctx == NULL)
927d0566	494	return NULL;
1aedc35f	495
927d0566 HL	496	switch (index) {
	497	case OSSL_LIB_CTX_PROPERTY_STRING_INDEX:
	498	return ctx->property_string_data;
	499	case OSSL_LIB_CTX_EVP_METHOD_STORE_INDEX:
	500	return ctx->evp_method_store;
	501	case OSSL_LIB_CTX_PROVIDER_STORE_INDEX:
	502	return ctx->provider_store;
	503	case OSSL_LIB_CTX_NAMEMAP_INDEX:
	504	return ctx->namemap;
	505	case OSSL_LIB_CTX_PROPERTY_DEFN_INDEX:
	506	return ctx->property_defns;
	507	case OSSL_LIB_CTX_GLOBAL_PROPERTIES:
	508	return ctx->global_properties;
	509	case OSSL_LIB_CTX_DRBG_INDEX:
	510	return ctx->drbg;
	511	case OSSL_LIB_CTX_DRBG_NONCE_INDEX:
	512	return ctx->drbg_nonce;
	513	#ifndef FIPS_MODULE
	514	case OSSL_LIB_CTX_PROVIDER_CONF_INDEX:
	515	return ctx->provider_conf;
	516	case OSSL_LIB_CTX_BIO_CORE_INDEX:
	517	return ctx->bio_core;
	518	case OSSL_LIB_CTX_CHILD_PROVIDER_INDEX:
	519	return ctx->child_provider;
	520	case OSSL_LIB_CTX_DECODER_STORE_INDEX:
	521	return ctx->decoder_store;
	522	case OSSL_LIB_CTX_ENCODER_STORE_INDEX:
	523	return ctx->encoder_store;
	524	case OSSL_LIB_CTX_STORE_LOADER_STORE_INDEX:
	525	return ctx->store_loader_store;
	526	case OSSL_LIB_CTX_SELF_TEST_CB_INDEX:
	527	return ctx->self_test_cb;
	528	#endif
d64b6299	529
927d0566 HL	530	case OSSL_LIB_CTX_RAND_CRNGT_INDEX: {
	531
	532	/*
	533	* rand_crngt must be lazily initialized because it calls into
	534	* libctx, so must not be called from context_init, else a deadlock
	535	* will occur.
	536	*
	537	* We use a separate lock because code called by the instantiation
	538	* of rand_crngt is liable to try and take the libctx lock.
	539	*/
	540	if (CRYPTO_THREAD_read_lock(ctx->rand_crngt_lock) != 1)
	541	return NULL;
d64b6299	542
927d0566 HL	543	if (ctx->rand_crngt == NULL) {
927d0566 HL	544	CRYPTO_THREAD_unlock(ctx->rand_crngt_lock);
d64b6299	545
927d0566 HL	546	if (CRYPTO_THREAD_write_lock(ctx->rand_crngt_lock) != 1)
927d0566 HL	547	return NULL;
770de346	548
927d0566 HL	549	if (ctx->rand_crngt == NULL)
927d0566 HL	550	ctx->rand_crngt = ossl_rand_crng_ctx_new(ctx);
cd3f8c1b	551	}
d64b6299	552
927d0566	553	p = ctx->rand_crngt;
770de346	554
927d0566	555	CRYPTO_THREAD_unlock(ctx->rand_crngt_lock);
770de346	556
927d0566	557	return p;
1aedc35f MC	558	}
1aedc35f MC	559
927d0566 HL	560	#ifdef FIPS_MODULE
	561	case OSSL_LIB_CTX_THREAD_EVENT_HANDLER_INDEX:
	562	return ctx->thread_event_handler;
d64b6299	563
927d0566 HL	564	case OSSL_LIB_CTX_FIPS_PROV_INDEX:
	565	return ctx->fips_prov;
	566	#endif
	567
	568	default:
	569	return NULL;
	570	}
d64b6299 RL	571	}
d64b6299 RL	572
b4250010	573	OSSL_EX_DATA_GLOBAL ossl_lib_ctx_get_ex_data_global(OSSL_LIB_CTX ctx)
1aedc35f	574	{
b4250010	575	ctx = ossl_lib_ctx_get_concrete(ctx);
1aedc35f MC	576	if (ctx == NULL)
	577	return NULL;
	578	return &ctx->global;
	579	}
	580
d6d42cda RL	581	const char ossl_lib_ctx_get_descriptor(OSSL_LIB_CTX libctx)
	582	{
	583	#ifdef FIPS_MODULE
	584	return "FIPS internal library context";
	585	#else
	586	if (ossl_lib_ctx_is_global_default(libctx))
	587	return "Global default library context";
	588	if (ossl_lib_ctx_is_default(libctx))
	589	return "Thread-local default library context";
	590	return "Non-default library context";
	591	#endif
	592	}