]>
Commit | Line | Data |
---|---|---|
4c2883a9 | 1 | /* |
4333b89f | 2 | * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. |
4c2883a9 RL |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
2217d4c9 | 10 | #include <assert.h> |
4c2883a9 | 11 | #include <openssl/core.h> |
23c48d94 | 12 | #include <openssl/core_dispatch.h> |
25e60144 | 13 | #include <openssl/core_names.h> |
6bd4e3f2 | 14 | #include <openssl/provider.h> |
ac1055ef | 15 | #include <openssl/params.h> |
4c2883a9 | 16 | #include <openssl/opensslv.h> |
25f2138b | 17 | #include "crypto/cryptlib.h" |
04cb5ec0 | 18 | #include "crypto/evp.h" /* evp_method_store_flush */ |
03bede0c | 19 | #include "crypto/rand.h" |
c41f3ae0 | 20 | #include "internal/nelem.h" |
4c2883a9 RL |
21 | #include "internal/thread_once.h" |
22 | #include "internal/provider.h" | |
23 | #include "internal/refcount.h" | |
141cc94e | 24 | #include "internal/bio.h" |
f12a5690 | 25 | #include "internal/core.h" |
c41f3ae0 | 26 | #include "provider_local.h" |
f844f9eb | 27 | #ifndef FIPS_MODULE |
36fc5fc6 SL |
28 | # include <openssl/self_test.h> |
29 | #endif | |
c41f3ae0 RL |
30 | |
31 | static OSSL_PROVIDER *provider_new(const char *name, | |
352d482a MC |
32 | OSSL_provider_init_fn *init_function, |
33 | STACK_OF(INFOPAIR) *parameters); | |
4c2883a9 RL |
34 | |
35 | /*- | |
36 | * Provider Object structure | |
37 | * ========================= | |
38 | */ | |
39 | ||
c1fb5e07 | 40 | #ifndef FIPS_MODULE |
7b88c184 MC |
41 | typedef struct { |
42 | OSSL_PROVIDER *prov; | |
43 | int (*create_cb)(const OSSL_CORE_HANDLE *provider, void *cbdata); | |
b1956770 MC |
44 | int (*remove_cb)(const OSSL_CORE_HANDLE *provider, void *cbdata); |
45 | int (*global_props_cb)(const char *props, void *cbdata); | |
7b88c184 MC |
46 | void *cbdata; |
47 | } OSSL_PROVIDER_CHILD_CB; | |
48 | DEFINE_STACK_OF(OSSL_PROVIDER_CHILD_CB) | |
c1fb5e07 | 49 | #endif |
7b88c184 | 50 | |
4c2883a9 RL |
51 | struct provider_store_st; /* Forward declaration */ |
52 | ||
53 | struct ossl_provider_st { | |
54 | /* Flag bits */ | |
55 | unsigned int flag_initialized:1; | |
390f9bad | 56 | unsigned int flag_activated:1; |
c8567c39 | 57 | unsigned int flag_fallback:1; /* Can be used as fallback */ |
c1fb5e07 | 58 | #ifndef FIPS_MODULE |
abaa2dd2 | 59 | unsigned int flag_couldbechild:1; |
c1fb5e07 | 60 | #endif |
4c2883a9 | 61 | |
c2ec2bb7 RL |
62 | /* Getting and setting the flags require synchronization */ |
63 | CRYPTO_RWLOCK *flag_lock; | |
64 | ||
4c2883a9 RL |
65 | /* OpenSSL library side data */ |
66 | CRYPTO_REF_COUNT refcnt; | |
085bef9f | 67 | CRYPTO_RWLOCK *refcnt_lock; /* For the ref counter */ |
2d569501 | 68 | int activatecnt; |
4c2883a9 | 69 | char *name; |
ac1055ef | 70 | char *path; |
4c2883a9 RL |
71 | DSO *module; |
72 | OSSL_provider_init_fn *init_function; | |
ac1055ef | 73 | STACK_OF(INFOPAIR) *parameters; |
b4250010 | 74 | OSSL_LIB_CTX *libctx; /* The library context this instance is in */ |
e55008a9 | 75 | struct provider_store_st *store; /* The store this instance belongs to */ |
f844f9eb | 76 | #ifndef FIPS_MODULE |
6592ab81 RL |
77 | /* |
78 | * In the FIPS module inner provider, this isn't needed, since the | |
79 | * error upcalls are always direct calls to the outer provider. | |
80 | */ | |
6ebc2f56 | 81 | int error_lib; /* ERR library number, one for each provider */ |
6592ab81 | 82 | # ifndef OPENSSL_NO_ERR |
6ebc2f56 | 83 | ERR_STRING_DATA *error_strings; /* Copy of what the provider gives us */ |
6592ab81 | 84 | # endif |
6ebc2f56 | 85 | #endif |
4c2883a9 RL |
86 | |
87 | /* Provider side functions */ | |
363b1e5d DMSP |
88 | OSSL_FUNC_provider_teardown_fn *teardown; |
89 | OSSL_FUNC_provider_gettable_params_fn *gettable_params; | |
90 | OSSL_FUNC_provider_get_params_fn *get_params; | |
91 | OSSL_FUNC_provider_get_capabilities_fn *get_capabilities; | |
04cb5ec0 | 92 | OSSL_FUNC_provider_self_test_fn *self_test; |
363b1e5d | 93 | OSSL_FUNC_provider_query_operation_fn *query_operation; |
b0001d0c | 94 | OSSL_FUNC_provider_unquery_operation_fn *unquery_operation; |
a39eb840 | 95 | |
5a29b628 RL |
96 | /* |
97 | * Cache of bit to indicate of query_operation() has been called on | |
98 | * a specific operation or not. | |
99 | */ | |
100 | unsigned char *operation_bits; | |
101 | size_t operation_bits_sz; | |
c25a1524 | 102 | CRYPTO_RWLOCK *opbits_lock; |
5a29b628 | 103 | |
c1fb5e07 | 104 | #ifndef FIPS_MODULE |
f12a5690 | 105 | /* Whether this provider is the child of some other provider */ |
8c627075 | 106 | const OSSL_CORE_HANDLE *handle; |
f12a5690 | 107 | unsigned int ischild:1; |
c1fb5e07 | 108 | #endif |
f12a5690 | 109 | |
a39eb840 RL |
110 | /* Provider side data */ |
111 | void *provctx; | |
f12a5690 | 112 | const OSSL_DISPATCH *dispatch; |
4c2883a9 RL |
113 | }; |
114 | DEFINE_STACK_OF(OSSL_PROVIDER) | |
115 | ||
116 | static int ossl_provider_cmp(const OSSL_PROVIDER * const *a, | |
117 | const OSSL_PROVIDER * const *b) | |
118 | { | |
119 | return strcmp((*a)->name, (*b)->name); | |
120 | } | |
121 | ||
122 | /*- | |
123 | * Provider Object store | |
124 | * ===================== | |
125 | * | |
126 | * The Provider Object store is a library context object, and therefore needs | |
127 | * an index. | |
128 | */ | |
129 | ||
130 | struct provider_store_st { | |
8c627075 | 131 | OSSL_LIB_CTX *libctx; |
4c2883a9 | 132 | STACK_OF(OSSL_PROVIDER) *providers; |
7b88c184 | 133 | STACK_OF(OSSL_PROVIDER_CHILD_CB) *child_cbs; |
86522324 | 134 | CRYPTO_RWLOCK *default_path_lock; |
4c2883a9 | 135 | CRYPTO_RWLOCK *lock; |
6bd4e3f2 | 136 | char *default_path; |
1d74203c MC |
137 | struct provider_info_st *provinfo; |
138 | size_t numprovinfo; | |
139 | size_t provinfosz; | |
e55008a9 | 140 | unsigned int use_fallbacks:1; |
0090e508 | 141 | unsigned int freeing:1; |
4c2883a9 | 142 | }; |
4c2883a9 | 143 | |
c8567c39 | 144 | /* |
390f9bad RL |
145 | * provider_deactivate_free() is a wrapper around ossl_provider_deactivate() |
146 | * and ossl_provider_free(), called as needed. | |
c8567c39 RL |
147 | * Since this is only called when the provider store is being emptied, we |
148 | * don't need to care about any lock. | |
149 | */ | |
150 | static void provider_deactivate_free(OSSL_PROVIDER *prov) | |
151 | { | |
390f9bad RL |
152 | if (prov->flag_activated) |
153 | ossl_provider_deactivate(prov); | |
c8567c39 RL |
154 | ossl_provider_free(prov); |
155 | } | |
156 | ||
c1fb5e07 | 157 | #ifndef FIPS_MODULE |
7b88c184 MC |
158 | static void ossl_provider_child_cb_free(OSSL_PROVIDER_CHILD_CB *cb) |
159 | { | |
160 | OPENSSL_free(cb); | |
161 | } | |
c1fb5e07 | 162 | #endif |
7b88c184 | 163 | |
352d482a MC |
164 | static void infopair_free(INFOPAIR *pair) |
165 | { | |
166 | OPENSSL_free(pair->name); | |
167 | OPENSSL_free(pair->value); | |
168 | OPENSSL_free(pair); | |
169 | } | |
170 | ||
171 | static INFOPAIR *infopair_copy(const INFOPAIR *src) | |
172 | { | |
173 | INFOPAIR *dest = OPENSSL_zalloc(sizeof(*dest)); | |
174 | ||
175 | if (dest == NULL) | |
176 | return NULL; | |
177 | if (src->name != NULL) { | |
178 | dest->name = OPENSSL_strdup(src->name); | |
179 | if (dest->name == NULL) | |
180 | goto err; | |
181 | } | |
182 | if (src->value != NULL) { | |
183 | dest->value = OPENSSL_strdup(src->value); | |
184 | if (dest->value == NULL) | |
185 | goto err; | |
186 | } | |
187 | return dest; | |
188 | err: | |
189 | OPENSSL_free(dest->name); | |
190 | OPENSSL_free(dest); | |
191 | return NULL; | |
192 | } | |
193 | ||
194 | void ossl_provider_info_clear(struct provider_info_st *info) | |
195 | { | |
196 | OPENSSL_free(info->name); | |
197 | OPENSSL_free(info->path); | |
198 | sk_INFOPAIR_pop_free(info->parameters, infopair_free); | |
199 | } | |
200 | ||
4c2883a9 RL |
201 | static void provider_store_free(void *vstore) |
202 | { | |
203 | struct provider_store_st *store = vstore; | |
1d74203c | 204 | size_t i; |
4c2883a9 RL |
205 | |
206 | if (store == NULL) | |
207 | return; | |
0090e508 | 208 | store->freeing = 1; |
6bd4e3f2 | 209 | OPENSSL_free(store->default_path); |
c8567c39 | 210 | sk_OSSL_PROVIDER_pop_free(store->providers, provider_deactivate_free); |
c1fb5e07 | 211 | #ifndef FIPS_MODULE |
7b88c184 MC |
212 | sk_OSSL_PROVIDER_CHILD_CB_pop_free(store->child_cbs, |
213 | ossl_provider_child_cb_free); | |
c1fb5e07 | 214 | #endif |
86522324 | 215 | CRYPTO_THREAD_lock_free(store->default_path_lock); |
4c2883a9 | 216 | CRYPTO_THREAD_lock_free(store->lock); |
1d74203c | 217 | for (i = 0; i < store->numprovinfo; i++) |
352d482a | 218 | ossl_provider_info_clear(&store->provinfo[i]); |
1d74203c | 219 | OPENSSL_free(store->provinfo); |
4c2883a9 RL |
220 | OPENSSL_free(store); |
221 | } | |
222 | ||
b4250010 | 223 | static void *provider_store_new(OSSL_LIB_CTX *ctx) |
4c2883a9 RL |
224 | { |
225 | struct provider_store_st *store = OPENSSL_zalloc(sizeof(*store)); | |
226 | ||
227 | if (store == NULL | |
228 | || (store->providers = sk_OSSL_PROVIDER_new(ossl_provider_cmp)) == NULL | |
86522324 | 229 | || (store->default_path_lock = CRYPTO_THREAD_lock_new()) == NULL |
c1fb5e07 | 230 | #ifndef FIPS_MODULE |
7b88c184 | 231 | || (store->child_cbs = sk_OSSL_PROVIDER_CHILD_CB_new_null()) == NULL |
c1fb5e07 | 232 | #endif |
4c2883a9 RL |
233 | || (store->lock = CRYPTO_THREAD_lock_new()) == NULL) { |
234 | provider_store_free(store); | |
e55008a9 | 235 | return NULL; |
4c2883a9 | 236 | } |
8c627075 | 237 | store->libctx = ctx; |
e55008a9 | 238 | store->use_fallbacks = 1; |
c41f3ae0 | 239 | |
4c2883a9 RL |
240 | return store; |
241 | } | |
242 | ||
b4250010 | 243 | static const OSSL_LIB_CTX_METHOD provider_store_method = { |
8c627075 MC |
244 | /* Needs to be freed before the child provider data is freed */ |
245 | OSSL_LIB_CTX_METHOD_PRIORITY_1, | |
4c2883a9 RL |
246 | provider_store_new, |
247 | provider_store_free, | |
248 | }; | |
249 | ||
b4250010 | 250 | static struct provider_store_st *get_provider_store(OSSL_LIB_CTX *libctx) |
4c2883a9 RL |
251 | { |
252 | struct provider_store_st *store = NULL; | |
253 | ||
b4250010 DMSP |
254 | store = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_STORE_INDEX, |
255 | &provider_store_method); | |
4c2883a9 | 256 | if (store == NULL) |
9311d0c4 | 257 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR); |
4c2883a9 RL |
258 | return store; |
259 | } | |
260 | ||
b4250010 | 261 | int ossl_provider_disable_fallback_loading(OSSL_LIB_CTX *libctx) |
ebe3f24b P |
262 | { |
263 | struct provider_store_st *store; | |
264 | ||
265 | if ((store = get_provider_store(libctx)) != NULL) { | |
cd3f8c1b RS |
266 | if (!CRYPTO_THREAD_write_lock(store->lock)) |
267 | return 0; | |
ebe3f24b | 268 | store->use_fallbacks = 0; |
d60a8e0a | 269 | CRYPTO_THREAD_unlock(store->lock); |
ebe3f24b P |
270 | return 1; |
271 | } | |
272 | return 0; | |
273 | } | |
274 | ||
1d74203c MC |
275 | #define BUILTINS_BLOCK_SIZE 10 |
276 | ||
352d482a MC |
277 | int ossl_provider_info_add_to_store(OSSL_LIB_CTX *libctx, |
278 | const struct provider_info_st *entry) | |
1d74203c MC |
279 | { |
280 | struct provider_store_st *store = get_provider_store(libctx); | |
281 | int ret = 0; | |
282 | ||
352d482a | 283 | if (entry->name == NULL) { |
1d74203c MC |
284 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); |
285 | return 0; | |
286 | } | |
287 | ||
288 | if (store == NULL) { | |
289 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR); | |
290 | return 0; | |
291 | } | |
292 | ||
293 | if (!CRYPTO_THREAD_write_lock(store->lock)) | |
294 | return 0; | |
295 | if (store->provinfosz == 0) { | |
296 | store->provinfo = OPENSSL_zalloc(sizeof(*store->provinfo) | |
297 | * BUILTINS_BLOCK_SIZE); | |
298 | if (store->provinfo == NULL) { | |
299 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); | |
300 | goto err; | |
301 | } | |
302 | store->provinfosz = BUILTINS_BLOCK_SIZE; | |
303 | } else if (store->numprovinfo == store->provinfosz) { | |
304 | struct provider_info_st *tmpbuiltins; | |
305 | size_t newsz = store->provinfosz + BUILTINS_BLOCK_SIZE; | |
306 | ||
307 | tmpbuiltins = OPENSSL_realloc(store->provinfo, | |
308 | sizeof(*store->provinfo) * newsz); | |
309 | if (tmpbuiltins == NULL) { | |
310 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); | |
311 | goto err; | |
312 | } | |
313 | store->provinfo = tmpbuiltins; | |
314 | store->provinfosz = newsz; | |
315 | } | |
352d482a | 316 | store->provinfo[store->numprovinfo] = *entry; |
1d74203c MC |
317 | store->numprovinfo++; |
318 | ||
319 | ret = 1; | |
320 | err: | |
321 | CRYPTO_THREAD_unlock(store->lock); | |
322 | return ret; | |
323 | } | |
324 | ||
352d482a MC |
325 | int OSSL_PROVIDER_add_builtin(OSSL_LIB_CTX *libctx, const char *name, |
326 | OSSL_provider_init_fn *init_fn) | |
327 | { | |
328 | struct provider_info_st entry; | |
329 | ||
330 | if (name == NULL || init_fn == NULL) { | |
331 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); | |
332 | return 0; | |
333 | } | |
334 | memset(&entry, 0, sizeof(entry)); | |
335 | entry.name = OPENSSL_strdup(name); | |
336 | if (entry.name == NULL) { | |
337 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); | |
338 | return 0; | |
339 | } | |
340 | entry.init = init_fn; | |
341 | if (!ossl_provider_info_add_to_store(libctx, &entry)) { | |
342 | ossl_provider_info_clear(&entry); | |
343 | return 0; | |
344 | } | |
345 | return 1; | |
346 | } | |
347 | ||
b4250010 | 348 | OSSL_PROVIDER *ossl_provider_find(OSSL_LIB_CTX *libctx, const char *name, |
29dc6e00 | 349 | int noconfig) |
4c2883a9 RL |
350 | { |
351 | struct provider_store_st *store = NULL; | |
352 | OSSL_PROVIDER *prov = NULL; | |
353 | ||
354 | if ((store = get_provider_store(libctx)) != NULL) { | |
355 | OSSL_PROVIDER tmpl = { 0, }; | |
356 | int i; | |
357 | ||
f844f9eb | 358 | #ifndef FIPS_MODULE |
29dc6e00 MC |
359 | /* |
360 | * Make sure any providers are loaded from config before we try to find | |
361 | * them. | |
362 | */ | |
f12a5690 MC |
363 | if (!noconfig) { |
364 | if (ossl_lib_ctx_is_default(libctx)) | |
365 | OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL); | |
f12a5690 | 366 | } |
29dc6e00 MC |
367 | #endif |
368 | ||
4c2883a9 | 369 | tmpl.name = (char *)name; |
4ed1f0bc | 370 | if (!CRYPTO_THREAD_read_lock(store->lock)) |
cd3f8c1b | 371 | return NULL; |
4c2883a9 RL |
372 | if ((i = sk_OSSL_PROVIDER_find(store->providers, &tmpl)) == -1 |
373 | || (prov = sk_OSSL_PROVIDER_value(store->providers, i)) == NULL | |
7c95390e | 374 | || !ossl_provider_up_ref(prov)) |
4c2883a9 RL |
375 | prov = NULL; |
376 | CRYPTO_THREAD_unlock(store->lock); | |
377 | } | |
378 | ||
379 | return prov; | |
380 | } | |
381 | ||
c41f3ae0 RL |
382 | /*- |
383 | * Provider Object methods | |
384 | * ======================= | |
385 | */ | |
386 | ||
387 | static OSSL_PROVIDER *provider_new(const char *name, | |
352d482a MC |
388 | OSSL_provider_init_fn *init_function, |
389 | STACK_OF(INFOPAIR) *parameters) | |
c41f3ae0 RL |
390 | { |
391 | OSSL_PROVIDER *prov = NULL; | |
392 | ||
393 | if ((prov = OPENSSL_zalloc(sizeof(*prov))) == NULL | |
394 | #ifndef HAVE_ATOMICS | |
395 | || (prov->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL | |
396 | #endif | |
c25a1524 | 397 | || (prov->opbits_lock = CRYPTO_THREAD_lock_new()) == NULL |
c2ec2bb7 | 398 | || (prov->flag_lock = CRYPTO_THREAD_lock_new()) == NULL |
352d482a MC |
399 | || (prov->name = OPENSSL_strdup(name)) == NULL |
400 | || (prov->parameters = sk_INFOPAIR_deep_copy(parameters, | |
401 | infopair_copy, | |
402 | infopair_free)) == NULL) { | |
c41f3ae0 | 403 | ossl_provider_free(prov); |
9311d0c4 | 404 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); |
c41f3ae0 RL |
405 | return NULL; |
406 | } | |
407 | ||
634da876 | 408 | prov->refcnt = 1; /* 1 One reference to be returned */ |
c41f3ae0 | 409 | prov->init_function = init_function; |
c1fb5e07 | 410 | #ifndef FIPS_MODULE |
abaa2dd2 | 411 | prov->flag_couldbechild = 1; |
c1fb5e07 | 412 | #endif |
352d482a | 413 | |
c41f3ae0 RL |
414 | return prov; |
415 | } | |
416 | ||
7c95390e | 417 | int ossl_provider_up_ref(OSSL_PROVIDER *prov) |
c41f3ae0 RL |
418 | { |
419 | int ref = 0; | |
420 | ||
ad14e8e5 SL |
421 | if (CRYPTO_UP_REF(&prov->refcnt, &ref, prov->refcnt_lock) <= 0) |
422 | return 0; | |
8c627075 MC |
423 | |
424 | #ifndef FIPS_MODULE | |
425 | if (prov->ischild) { | |
426 | if (!ossl_provider_up_ref_parent(prov, 0)) { | |
427 | ossl_provider_free(prov); | |
428 | return 0; | |
429 | } | |
430 | } | |
431 | #endif | |
432 | ||
c41f3ae0 RL |
433 | return ref; |
434 | } | |
435 | ||
8c627075 MC |
436 | #ifndef FIPS_MODULE |
437 | static int provider_up_ref_intern(OSSL_PROVIDER *prov, int activate) | |
438 | { | |
439 | if (activate) | |
440 | return ossl_provider_activate(prov, 0, 1); | |
441 | ||
442 | return ossl_provider_up_ref(prov); | |
443 | } | |
444 | ||
445 | static int provider_free_intern(OSSL_PROVIDER *prov, int deactivate) | |
446 | { | |
447 | if (deactivate) | |
448 | return ossl_provider_deactivate(prov); | |
449 | ||
450 | ossl_provider_free(prov); | |
451 | return 1; | |
452 | } | |
453 | #endif | |
454 | ||
b4250010 | 455 | OSSL_PROVIDER *ossl_provider_new(OSSL_LIB_CTX *libctx, const char *name, |
29dc6e00 MC |
456 | OSSL_provider_init_fn *init_function, |
457 | int noconfig) | |
4c2883a9 RL |
458 | { |
459 | struct provider_store_st *store = NULL; | |
352d482a | 460 | struct provider_info_st template; |
4c2883a9 RL |
461 | OSSL_PROVIDER *prov = NULL; |
462 | ||
463 | if ((store = get_provider_store(libctx)) == NULL) | |
464 | return NULL; | |
465 | ||
29dc6e00 MC |
466 | if ((prov = ossl_provider_find(libctx, name, |
467 | noconfig)) != NULL) { /* refcount +1 */ | |
4c2883a9 | 468 | ossl_provider_free(prov); /* refcount -1 */ |
105d01f1 | 469 | ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_PROVIDER_ALREADY_EXISTS, |
49c64346 | 470 | "name=%s", name); |
4c2883a9 RL |
471 | return NULL; |
472 | } | |
473 | ||
352d482a | 474 | memset(&template, 0, sizeof(template)); |
8d4dec0d | 475 | if (init_function == NULL) { |
1d74203c MC |
476 | const struct provider_info_st *p; |
477 | size_t i; | |
8d4dec0d | 478 | |
1d74203c | 479 | /* Check if this is a predefined builtin provider */ |
8d4dec0d MC |
480 | for (p = ossl_predefined_providers; p->name != NULL; p++) { |
481 | if (strcmp(p->name, name) == 0) { | |
352d482a | 482 | template = *p; |
8d4dec0d MC |
483 | break; |
484 | } | |
485 | } | |
1d74203c MC |
486 | if (p->name == NULL) { |
487 | /* Check if this is a user added builtin provider */ | |
488 | if (!CRYPTO_THREAD_read_lock(store->lock)) | |
489 | return NULL; | |
490 | for (i = 0, p = store->provinfo; i < store->numprovinfo; p++, i++) { | |
491 | if (strcmp(p->name, name) == 0) { | |
352d482a | 492 | template = *p; |
1d74203c MC |
493 | break; |
494 | } | |
495 | } | |
496 | CRYPTO_THREAD_unlock(store->lock); | |
497 | } | |
498 | } else { | |
499 | template.init = init_function; | |
8d4dec0d MC |
500 | } |
501 | ||
c41f3ae0 | 502 | /* provider_new() generates an error, so no need here */ |
352d482a | 503 | if ((prov = provider_new(name, template.init, template.parameters)) == NULL) |
4c2883a9 | 504 | return NULL; |
4c2883a9 | 505 | |
8d4dec0d MC |
506 | prov->libctx = libctx; |
507 | prov->store = store; | |
508 | #ifndef FIPS_MODULE | |
509 | prov->error_lib = ERR_get_next_error_library(); | |
510 | #endif | |
511 | ||
cd3f8c1b RS |
512 | if (!CRYPTO_THREAD_write_lock(store->lock)) |
513 | return NULL; | |
7c95390e | 514 | if (!ossl_provider_up_ref(prov)) { /* +1 One reference for the store */ |
4c2883a9 RL |
515 | ossl_provider_free(prov); /* -1 Reference that was to be returned */ |
516 | prov = NULL; | |
517 | } else if (sk_OSSL_PROVIDER_push(store->providers, prov) == 0) { | |
518 | ossl_provider_free(prov); /* -1 Store reference */ | |
519 | ossl_provider_free(prov); /* -1 Reference that was to be returned */ | |
520 | prov = NULL; | |
521 | } | |
522 | CRYPTO_THREAD_unlock(store->lock); | |
523 | ||
524 | if (prov == NULL) | |
9311d0c4 | 525 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); |
4c2883a9 RL |
526 | |
527 | /* | |
528 | * At this point, the provider is only partially "loaded". To be | |
529 | * fully "loaded", ossl_provider_activate() must also be called. | |
530 | */ | |
531 | ||
532 | return prov; | |
533 | } | |
534 | ||
535 | void ossl_provider_free(OSSL_PROVIDER *prov) | |
536 | { | |
537 | if (prov != NULL) { | |
538 | int ref = 0; | |
539 | ||
085bef9f | 540 | CRYPTO_DOWN_REF(&prov->refcnt, &ref, prov->refcnt_lock); |
4c2883a9 RL |
541 | |
542 | /* | |
390f9bad RL |
543 | * When the refcount drops to zero, we clean up the provider. |
544 | * Note that this also does teardown, which may seem late, | |
545 | * considering that init happens on first activation. However, | |
546 | * there may be other structures hanging on to the provider after | |
547 | * the last deactivation and may therefore need full access to the | |
548 | * provider's services. Therefore, we deinit late. | |
4c2883a9 | 549 | */ |
390f9bad RL |
550 | if (ref == 0) { |
551 | if (prov->flag_initialized) { | |
f12a5690 | 552 | ossl_provider_teardown(prov); |
6ebc2f56 | 553 | #ifndef OPENSSL_NO_ERR |
f844f9eb | 554 | # ifndef FIPS_MODULE |
390f9bad RL |
555 | if (prov->error_strings != NULL) { |
556 | ERR_unload_strings(prov->error_lib, prov->error_strings); | |
557 | OPENSSL_free(prov->error_strings); | |
558 | prov->error_strings = NULL; | |
559 | } | |
6ebc2f56 RL |
560 | # endif |
561 | #endif | |
390f9bad RL |
562 | OPENSSL_free(prov->operation_bits); |
563 | prov->operation_bits = NULL; | |
564 | prov->operation_bits_sz = 0; | |
565 | prov->flag_initialized = 0; | |
566 | } | |
4c2883a9 | 567 | |
f844f9eb | 568 | #ifndef FIPS_MODULE |
ee067bc0 MC |
569 | /* |
570 | * We deregister thread handling whether or not the provider was | |
571 | * initialized. If init was attempted but was not successful then | |
572 | * the provider may still have registered a thread handler. | |
573 | */ | |
574 | ossl_init_thread_deregister(prov); | |
4c2883a9 | 575 | DSO_free(prov->module); |
3593266d | 576 | #endif |
4c2883a9 | 577 | OPENSSL_free(prov->name); |
ac1055ef | 578 | OPENSSL_free(prov->path); |
352d482a | 579 | sk_INFOPAIR_pop_free(prov->parameters, infopair_free); |
c25a1524 | 580 | CRYPTO_THREAD_lock_free(prov->opbits_lock); |
c2ec2bb7 | 581 | CRYPTO_THREAD_lock_free(prov->flag_lock); |
085bef9f RL |
582 | #ifndef HAVE_ATOMICS |
583 | CRYPTO_THREAD_lock_free(prov->refcnt_lock); | |
584 | #endif | |
4c2883a9 RL |
585 | OPENSSL_free(prov); |
586 | } | |
8c627075 MC |
587 | #ifndef FIPS_MODULE |
588 | else if (prov->ischild) { | |
589 | ossl_provider_free_parent(prov, 0); | |
590 | } | |
591 | #endif | |
4c2883a9 RL |
592 | } |
593 | } | |
594 | ||
ac1055ef RL |
595 | /* Setters */ |
596 | int ossl_provider_set_module_path(OSSL_PROVIDER *prov, const char *module_path) | |
597 | { | |
598 | OPENSSL_free(prov->path); | |
6cf811e8 | 599 | prov->path = NULL; |
ac1055ef RL |
600 | if (module_path == NULL) |
601 | return 1; | |
602 | if ((prov->path = OPENSSL_strdup(module_path)) != NULL) | |
603 | return 1; | |
9311d0c4 | 604 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); |
ac1055ef RL |
605 | return 0; |
606 | } | |
607 | ||
352d482a MC |
608 | static int infopair_add(STACK_OF(INFOPAIR) **infopairsk, const char *name, |
609 | const char *value) | |
ac1055ef RL |
610 | { |
611 | INFOPAIR *pair = NULL; | |
612 | ||
613 | if ((pair = OPENSSL_zalloc(sizeof(*pair))) != NULL | |
352d482a MC |
614 | && (*infopairsk != NULL |
615 | || (*infopairsk = sk_INFOPAIR_new_null()) != NULL) | |
ac1055ef RL |
616 | && (pair->name = OPENSSL_strdup(name)) != NULL |
617 | && (pair->value = OPENSSL_strdup(value)) != NULL | |
352d482a | 618 | && sk_INFOPAIR_push(*infopairsk, pair) > 0) |
ac1055ef RL |
619 | return 1; |
620 | ||
621 | if (pair != NULL) { | |
622 | OPENSSL_free(pair->name); | |
623 | OPENSSL_free(pair->value); | |
624 | OPENSSL_free(pair); | |
625 | } | |
9311d0c4 | 626 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); |
ac1055ef RL |
627 | return 0; |
628 | } | |
629 | ||
352d482a MC |
630 | int ossl_provider_add_parameter(OSSL_PROVIDER *prov, |
631 | const char *name, const char *value) | |
632 | { | |
633 | return infopair_add(&prov->parameters, name, value); | |
634 | } | |
635 | ||
636 | int ossl_provider_info_add_parameter(struct provider_info_st *provinfo, | |
637 | const char *name, | |
638 | const char *value) | |
639 | { | |
640 | return infopair_add(&provinfo->parameters, name, value); | |
641 | } | |
642 | ||
4c2883a9 RL |
643 | /* |
644 | * Provider activation. | |
645 | * | |
646 | * What "activation" means depends on the provider form; for built in | |
647 | * providers (in the library or the application alike), the provider | |
648 | * can already be considered to be loaded, all that's needed is to | |
649 | * initialize it. However, for dynamically loadable provider modules, | |
650 | * we must first load that module. | |
651 | * | |
652 | * Built in modules are distinguished from dynamically loaded modules | |
653 | * with an already assigned init function. | |
654 | */ | |
655 | static const OSSL_DISPATCH *core_dispatch; /* Define further down */ | |
656 | ||
b4250010 DMSP |
657 | int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx, |
658 | const char *path) | |
6bd4e3f2 P |
659 | { |
660 | struct provider_store_st *store; | |
661 | char *p = NULL; | |
662 | ||
663 | if (path != NULL) { | |
664 | p = OPENSSL_strdup(path); | |
665 | if (p == NULL) { | |
9311d0c4 | 666 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); |
6bd4e3f2 P |
667 | return 0; |
668 | } | |
669 | } | |
670 | if ((store = get_provider_store(libctx)) != NULL | |
86522324 | 671 | && CRYPTO_THREAD_write_lock(store->default_path_lock)) { |
6bd4e3f2 P |
672 | OPENSSL_free(store->default_path); |
673 | store->default_path = p; | |
86522324 | 674 | CRYPTO_THREAD_unlock(store->default_path_lock); |
6bd4e3f2 P |
675 | return 1; |
676 | } | |
677 | OPENSSL_free(p); | |
678 | return 0; | |
679 | } | |
680 | ||
e55008a9 RL |
681 | /* |
682 | * Internal version that doesn't affect the store flags, and thereby avoid | |
683 | * locking. Direct callers must remember to set the store flags when | |
e7706e63 | 684 | * appropriate. |
e55008a9 | 685 | */ |
2d569501 | 686 | static int provider_init(OSSL_PROVIDER *prov, int flag_lock) |
4c2883a9 RL |
687 | { |
688 | const OSSL_DISPATCH *provider_dispatch = NULL; | |
914db66d | 689 | void *tmp_provctx = NULL; /* safety measure */ |
6ebc2f56 | 690 | #ifndef OPENSSL_NO_ERR |
f844f9eb | 691 | # ifndef FIPS_MODULE |
363b1e5d | 692 | OSSL_FUNC_provider_get_reason_strings_fn *p_get_reason_strings = NULL; |
6592ab81 | 693 | # endif |
6ebc2f56 | 694 | #endif |
c2ec2bb7 | 695 | int ok = 0; |
4c2883a9 | 696 | |
c2ec2bb7 RL |
697 | /* |
698 | * The flag lock is used to lock init, not only because the flag is | |
699 | * checked here and set at the end, but also because this function | |
700 | * modifies a number of things in the provider structure that this | |
701 | * function needs to perform under lock anyway. | |
702 | */ | |
2d569501 | 703 | if (flag_lock && !CRYPTO_THREAD_write_lock(prov->flag_lock)) |
cd3f8c1b | 704 | goto end; |
c2ec2bb7 RL |
705 | if (prov->flag_initialized) { |
706 | ok = 1; | |
707 | goto end; | |
708 | } | |
4c2883a9 RL |
709 | |
710 | /* | |
711 | * If the init function isn't set, it indicates that this provider is | |
712 | * a loadable module. | |
713 | */ | |
714 | if (prov->init_function == NULL) { | |
f844f9eb | 715 | #ifdef FIPS_MODULE |
c2ec2bb7 | 716 | goto end; |
3593266d | 717 | #else |
4c2883a9 | 718 | if (prov->module == NULL) { |
ac1055ef RL |
719 | char *allocated_path = NULL; |
720 | const char *module_path = NULL; | |
721 | char *merged_path = NULL; | |
6bd4e3f2 | 722 | const char *load_dir = NULL; |
86522324 | 723 | char *allocated_load_dir = NULL; |
6bd4e3f2 | 724 | struct provider_store_st *store; |
4c2883a9 RL |
725 | |
726 | if ((prov->module = DSO_new()) == NULL) { | |
727 | /* DSO_new() generates an error already */ | |
c2ec2bb7 | 728 | goto end; |
4c2883a9 RL |
729 | } |
730 | ||
6bd4e3f2 | 731 | if ((store = get_provider_store(prov->libctx)) == NULL |
86522324 | 732 | || !CRYPTO_THREAD_read_lock(store->default_path_lock)) |
c2ec2bb7 | 733 | goto end; |
86522324 SP |
734 | |
735 | if (store->default_path != NULL) { | |
736 | allocated_load_dir = OPENSSL_strdup(store->default_path); | |
737 | CRYPTO_THREAD_unlock(store->default_path_lock); | |
738 | if (allocated_load_dir == NULL) { | |
739 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); | |
740 | goto end; | |
741 | } | |
742 | load_dir = allocated_load_dir; | |
743 | } else { | |
744 | CRYPTO_THREAD_unlock(store->default_path_lock); | |
745 | } | |
6bd4e3f2 P |
746 | |
747 | if (load_dir == NULL) { | |
748 | load_dir = ossl_safe_getenv("OPENSSL_MODULES"); | |
749 | if (load_dir == NULL) | |
750 | load_dir = MODULESDIR; | |
751 | } | |
4c2883a9 RL |
752 | |
753 | DSO_ctrl(prov->module, DSO_CTRL_SET_FLAGS, | |
754 | DSO_FLAG_NAME_TRANSLATION_EXT_ONLY, NULL); | |
ac1055ef RL |
755 | |
756 | module_path = prov->path; | |
757 | if (module_path == NULL) | |
758 | module_path = allocated_path = | |
759 | DSO_convert_filename(prov->module, prov->name); | |
760 | if (module_path != NULL) | |
761 | merged_path = DSO_merge(prov->module, module_path, load_dir); | |
762 | ||
763 | if (merged_path == NULL | |
764 | || (DSO_load(prov->module, merged_path, NULL, 0)) == NULL) { | |
4c2883a9 RL |
765 | DSO_free(prov->module); |
766 | prov->module = NULL; | |
767 | } | |
768 | ||
ac1055ef RL |
769 | OPENSSL_free(merged_path); |
770 | OPENSSL_free(allocated_path); | |
86522324 | 771 | OPENSSL_free(allocated_load_dir); |
4c2883a9 RL |
772 | } |
773 | ||
774 | if (prov->module != NULL) | |
775 | prov->init_function = (OSSL_provider_init_fn *) | |
776 | DSO_bind_func(prov->module, "OSSL_provider_init"); | |
3593266d | 777 | #endif |
4c2883a9 RL |
778 | } |
779 | ||
e7706e63 | 780 | /* Call the initialise function for the provider. */ |
4c2883a9 | 781 | if (prov->init_function == NULL |
d40b42ab MC |
782 | || !prov->init_function((OSSL_CORE_HANDLE *)prov, core_dispatch, |
783 | &provider_dispatch, &tmp_provctx)) { | |
105d01f1 | 784 | ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_INIT_FAIL, |
49c64346 | 785 | "name=%s", prov->name); |
c2ec2bb7 | 786 | goto end; |
4c2883a9 | 787 | } |
914db66d | 788 | prov->provctx = tmp_provctx; |
f12a5690 | 789 | prov->dispatch = provider_dispatch; |
c1fb5e07 | 790 | #ifndef FIPS_MODULE |
abaa2dd2 | 791 | prov->flag_couldbechild = 0; |
c1fb5e07 | 792 | #endif |
4c2883a9 RL |
793 | |
794 | for (; provider_dispatch->function_id != 0; provider_dispatch++) { | |
795 | switch (provider_dispatch->function_id) { | |
796 | case OSSL_FUNC_PROVIDER_TEARDOWN: | |
797 | prov->teardown = | |
363b1e5d | 798 | OSSL_FUNC_provider_teardown(provider_dispatch); |
4c2883a9 | 799 | break; |
dca97d00 RL |
800 | case OSSL_FUNC_PROVIDER_GETTABLE_PARAMS: |
801 | prov->gettable_params = | |
363b1e5d | 802 | OSSL_FUNC_provider_gettable_params(provider_dispatch); |
4c2883a9 RL |
803 | break; |
804 | case OSSL_FUNC_PROVIDER_GET_PARAMS: | |
805 | prov->get_params = | |
363b1e5d | 806 | OSSL_FUNC_provider_get_params(provider_dispatch); |
4c2883a9 | 807 | break; |
04cb5ec0 SL |
808 | case OSSL_FUNC_PROVIDER_SELF_TEST: |
809 | prov->self_test = | |
810 | OSSL_FUNC_provider_self_test(provider_dispatch); | |
811 | break; | |
82ec09ec MC |
812 | case OSSL_FUNC_PROVIDER_GET_CAPABILITIES: |
813 | prov->get_capabilities = | |
363b1e5d | 814 | OSSL_FUNC_provider_get_capabilities(provider_dispatch); |
82ec09ec | 815 | break; |
099bd339 RL |
816 | case OSSL_FUNC_PROVIDER_QUERY_OPERATION: |
817 | prov->query_operation = | |
363b1e5d | 818 | OSSL_FUNC_provider_query_operation(provider_dispatch); |
099bd339 | 819 | break; |
b0001d0c P |
820 | case OSSL_FUNC_PROVIDER_UNQUERY_OPERATION: |
821 | prov->unquery_operation = | |
822 | OSSL_FUNC_provider_unquery_operation(provider_dispatch); | |
823 | break; | |
6ebc2f56 | 824 | #ifndef OPENSSL_NO_ERR |
f844f9eb | 825 | # ifndef FIPS_MODULE |
6ebc2f56 RL |
826 | case OSSL_FUNC_PROVIDER_GET_REASON_STRINGS: |
827 | p_get_reason_strings = | |
363b1e5d | 828 | OSSL_FUNC_provider_get_reason_strings(provider_dispatch); |
6ebc2f56 | 829 | break; |
6592ab81 | 830 | # endif |
6ebc2f56 RL |
831 | #endif |
832 | } | |
833 | } | |
834 | ||
835 | #ifndef OPENSSL_NO_ERR | |
f844f9eb | 836 | # ifndef FIPS_MODULE |
6ebc2f56 RL |
837 | if (p_get_reason_strings != NULL) { |
838 | const OSSL_ITEM *reasonstrings = p_get_reason_strings(prov->provctx); | |
839 | size_t cnt, cnt2; | |
840 | ||
841 | /* | |
842 | * ERR_load_strings() handles ERR_STRING_DATA rather than OSSL_ITEM, | |
843 | * although they are essentially the same type. | |
844 | * Furthermore, ERR_load_strings() patches the array's error number | |
845 | * with the error library number, so we need to make a copy of that | |
846 | * array either way. | |
847 | */ | |
fd03868b | 848 | cnt = 0; |
6ebc2f56 RL |
849 | while (reasonstrings[cnt].id != 0) { |
850 | if (ERR_GET_LIB(reasonstrings[cnt].id) != 0) | |
c2ec2bb7 | 851 | goto end; |
6ebc2f56 RL |
852 | cnt++; |
853 | } | |
fd03868b | 854 | cnt++; /* One for the terminating item */ |
6ebc2f56 RL |
855 | |
856 | /* Allocate one extra item for the "library" name */ | |
857 | prov->error_strings = | |
858 | OPENSSL_zalloc(sizeof(ERR_STRING_DATA) * (cnt + 1)); | |
859 | if (prov->error_strings == NULL) | |
c2ec2bb7 | 860 | goto end; |
6ebc2f56 RL |
861 | |
862 | /* | |
863 | * Set the "library" name. | |
864 | */ | |
865 | prov->error_strings[0].error = ERR_PACK(prov->error_lib, 0, 0); | |
866 | prov->error_strings[0].string = prov->name; | |
867 | /* | |
868 | * Copy reasonstrings item 0..cnt-1 to prov->error_trings positions | |
869 | * 1..cnt. | |
870 | */ | |
871 | for (cnt2 = 1; cnt2 <= cnt; cnt2++) { | |
872 | prov->error_strings[cnt2].error = (int)reasonstrings[cnt2-1].id; | |
873 | prov->error_strings[cnt2].string = reasonstrings[cnt2-1].ptr; | |
4c2883a9 | 874 | } |
6ebc2f56 RL |
875 | |
876 | ERR_load_strings(prov->error_lib, prov->error_strings); | |
4c2883a9 | 877 | } |
6592ab81 | 878 | # endif |
6ebc2f56 | 879 | #endif |
4c2883a9 RL |
880 | |
881 | /* With this flag set, this provider has become fully "loaded". */ | |
882 | prov->flag_initialized = 1; | |
c2ec2bb7 RL |
883 | ok = 1; |
884 | ||
885 | end: | |
2d569501 MC |
886 | if (flag_lock) |
887 | CRYPTO_THREAD_unlock(prov->flag_lock); | |
c2ec2bb7 | 888 | return ok; |
4c2883a9 RL |
889 | } |
890 | ||
0090e508 P |
891 | /* |
892 | * Deactivate a provider. | |
893 | * Return -1 on failure and the activation count on success | |
894 | */ | |
390f9bad RL |
895 | static int provider_deactivate(OSSL_PROVIDER *prov) |
896 | { | |
0090e508 | 897 | int count; |
7b88c184 | 898 | struct provider_store_st *store; |
0090e508 | 899 | |
390f9bad | 900 | if (!ossl_assert(prov != NULL)) |
0090e508 | 901 | return -1; |
390f9bad | 902 | |
7b88c184 MC |
903 | store = get_provider_store(prov->libctx); |
904 | if (store == NULL) | |
c1fb5e07 | 905 | return -1; |
7b88c184 MC |
906 | |
907 | if (!CRYPTO_THREAD_read_lock(store->lock)) | |
0090e508 | 908 | return -1; |
c1fb5e07 MC |
909 | if (!CRYPTO_THREAD_write_lock(prov->flag_lock)) { |
910 | CRYPTO_THREAD_unlock(store->lock); | |
911 | return -1; | |
912 | } | |
390f9bad | 913 | |
8c627075 MC |
914 | #ifndef FIPS_MODULE |
915 | if (prov->activatecnt == 2 && prov->ischild) { | |
916 | /* | |
917 | * We have had a direct activation in this child libctx so we need to | |
918 | * now down the ref count in the parent provider. | |
919 | */ | |
920 | ossl_provider_free_parent(prov, 1); | |
921 | } | |
922 | #endif | |
923 | ||
7b88c184 | 924 | if ((count = --prov->activatecnt) < 1) { |
390f9bad | 925 | prov->flag_activated = 0; |
c1fb5e07 MC |
926 | #ifndef FIPS_MODULE |
927 | { | |
928 | int i, max = sk_OSSL_PROVIDER_CHILD_CB_num(store->child_cbs); | |
929 | OSSL_PROVIDER_CHILD_CB *child_cb; | |
930 | ||
931 | for (i = 0; i < max; i++) { | |
932 | child_cb = sk_OSSL_PROVIDER_CHILD_CB_value(store->child_cbs, i); | |
933 | child_cb->remove_cb((OSSL_CORE_HANDLE *)prov, child_cb->cbdata); | |
934 | } | |
7b88c184 | 935 | } |
c1fb5e07 | 936 | #endif |
7b88c184 | 937 | } |
2d569501 MC |
938 | |
939 | CRYPTO_THREAD_unlock(prov->flag_lock); | |
7b88c184 | 940 | CRYPTO_THREAD_unlock(store->lock); |
390f9bad RL |
941 | |
942 | /* We don't deinit here, that's done in ossl_provider_free() */ | |
0090e508 | 943 | return count; |
390f9bad RL |
944 | } |
945 | ||
0090e508 P |
946 | /* |
947 | * Activate a provider. | |
948 | * Return -1 on failure and the activation count on success | |
949 | */ | |
8c627075 | 950 | static int provider_activate(OSSL_PROVIDER *prov, int lock, int upcalls) |
390f9bad | 951 | { |
7b88c184 | 952 | int count = -1; |
0090e508 | 953 | |
7b88c184 | 954 | if (provider_init(prov, lock)) { |
8c627075 | 955 | int ret = 1; |
7b88c184 MC |
956 | struct provider_store_st *store; |
957 | ||
958 | store = get_provider_store(prov->libctx); | |
959 | if (store == NULL) | |
c1fb5e07 | 960 | return -1; |
390f9bad | 961 | |
7b88c184 | 962 | if (lock && !CRYPTO_THREAD_read_lock(store->lock)) |
c1fb5e07 | 963 | return -1; |
7b88c184 | 964 | |
c1fb5e07 MC |
965 | if (lock && !CRYPTO_THREAD_write_lock(prov->flag_lock)) { |
966 | CRYPTO_THREAD_unlock(store->lock); | |
967 | return -1; | |
968 | } | |
8c627075 MC |
969 | |
970 | #ifndef FIPS_MODULE | |
971 | if (prov->ischild && upcalls) | |
972 | ret = ossl_provider_up_ref_parent(prov, 1); | |
973 | #endif | |
974 | ||
7b88c184 MC |
975 | if (ret) { |
976 | count = ++prov->activatecnt; | |
977 | prov->flag_activated = 1; | |
978 | ||
c1fb5e07 | 979 | #ifndef FIPS_MODULE |
8c627075 | 980 | if (prov->activatecnt == 1) { |
c1fb5e07 MC |
981 | OSSL_PROVIDER_CHILD_CB *child_cb; |
982 | int i, max; | |
983 | ||
984 | max = sk_OSSL_PROVIDER_CHILD_CB_num(store->child_cbs); | |
8c627075 MC |
985 | for (i = 0; i < max; i++) { |
986 | /* | |
987 | * This is newly activated (activatecnt == 1), so we need to | |
988 | * create child providers as necessary. | |
989 | */ | |
990 | child_cb = sk_OSSL_PROVIDER_CHILD_CB_value(store->child_cbs, | |
991 | i); | |
992 | ret &= child_cb->create_cb((OSSL_CORE_HANDLE *)prov, | |
993 | child_cb->cbdata); | |
994 | } | |
7b88c184 | 995 | } |
c1fb5e07 | 996 | #endif |
7b88c184 | 997 | } |
8c627075 | 998 | |
7b88c184 MC |
999 | if (lock) { |
1000 | CRYPTO_THREAD_unlock(prov->flag_lock); | |
1001 | CRYPTO_THREAD_unlock(store->lock); | |
1002 | } | |
8c627075 MC |
1003 | if (!ret) |
1004 | return -1; | |
390f9bad RL |
1005 | } |
1006 | ||
7b88c184 | 1007 | return count; |
0090e508 P |
1008 | } |
1009 | ||
1010 | static int provider_flush_store_cache(const OSSL_PROVIDER *prov) | |
1011 | { | |
1012 | struct provider_store_st *store; | |
1013 | int freeing; | |
1014 | ||
1015 | if ((store = get_provider_store(prov->libctx)) == NULL) | |
1016 | return 0; | |
1017 | ||
1018 | if (!CRYPTO_THREAD_read_lock(store->lock)) | |
1019 | return 0; | |
1020 | freeing = store->freeing; | |
1021 | CRYPTO_THREAD_unlock(store->lock); | |
1022 | ||
1023 | if (!freeing) | |
1024 | return evp_method_store_flush(prov->libctx); | |
1025 | return 1; | |
390f9bad RL |
1026 | } |
1027 | ||
8c627075 MC |
1028 | int ossl_provider_activate(OSSL_PROVIDER *prov, int retain_fallbacks, |
1029 | int upcalls) | |
e55008a9 | 1030 | { |
0090e508 P |
1031 | int count; |
1032 | ||
390f9bad RL |
1033 | if (prov == NULL) |
1034 | return 0; | |
8c627075 | 1035 | if ((count = provider_activate(prov, 1, upcalls)) > 0) { |
299f5ff3 | 1036 | if (!retain_fallbacks) { |
cd3f8c1b RS |
1037 | if (!CRYPTO_THREAD_write_lock(prov->store->lock)) { |
1038 | provider_deactivate(prov); | |
1039 | return 0; | |
1040 | } | |
299f5ff3 P |
1041 | prov->store->use_fallbacks = 0; |
1042 | CRYPTO_THREAD_unlock(prov->store->lock); | |
1043 | } | |
0090e508 | 1044 | return count == 1 ? provider_flush_store_cache(prov) : 1; |
e55008a9 | 1045 | } |
e55008a9 RL |
1046 | return 0; |
1047 | } | |
1048 | ||
390f9bad RL |
1049 | int ossl_provider_deactivate(OSSL_PROVIDER *prov) |
1050 | { | |
0090e508 P |
1051 | int count; |
1052 | ||
1053 | if (prov == NULL || (count = provider_deactivate(prov)) < 0) | |
390f9bad | 1054 | return 0; |
0090e508 | 1055 | return count == 0 ? provider_flush_store_cache(prov) : 1; |
390f9bad RL |
1056 | } |
1057 | ||
a39eb840 RL |
1058 | void *ossl_provider_ctx(const OSSL_PROVIDER *prov) |
1059 | { | |
1060 | return prov->provctx; | |
1061 | } | |
1062 | ||
36f5ec55 RL |
1063 | /* |
1064 | * This function only does something once when store->use_fallbacks == 1, | |
1065 | * and then sets store->use_fallbacks = 0, so the second call and so on is | |
1066 | * effectively a no-op. | |
1067 | */ | |
8d4dec0d | 1068 | static int provider_activate_fallbacks(struct provider_store_st *store) |
36f5ec55 | 1069 | { |
7dd2cb56 | 1070 | int use_fallbacks; |
7dd2cb56 | 1071 | int activated_fallback_count = 0; |
8d4dec0d | 1072 | int ret = 0; |
1d74203c | 1073 | const struct provider_info_st *p; |
7dd2cb56 | 1074 | |
cd3f8c1b | 1075 | if (!CRYPTO_THREAD_read_lock(store->lock)) |
8d4dec0d | 1076 | return 0; |
7dd2cb56 MC |
1077 | use_fallbacks = store->use_fallbacks; |
1078 | CRYPTO_THREAD_unlock(store->lock); | |
1079 | if (!use_fallbacks) | |
8d4dec0d | 1080 | return 1; |
7dd2cb56 | 1081 | |
cd3f8c1b | 1082 | if (!CRYPTO_THREAD_write_lock(store->lock)) |
8d4dec0d | 1083 | return 0; |
7dd2cb56 MC |
1084 | /* Check again, just in case another thread changed it */ |
1085 | use_fallbacks = store->use_fallbacks; | |
1086 | if (!use_fallbacks) { | |
1087 | CRYPTO_THREAD_unlock(store->lock); | |
8d4dec0d | 1088 | return 1; |
7dd2cb56 | 1089 | } |
36f5ec55 | 1090 | |
8d4dec0d MC |
1091 | for (p = ossl_predefined_providers; p->name != NULL; p++) { |
1092 | OSSL_PROVIDER *prov = NULL; | |
36f5ec55 | 1093 | |
8d4dec0d MC |
1094 | if (!p->is_fallback) |
1095 | continue; | |
1096 | /* | |
1097 | * We use the internal constructor directly here, | |
1098 | * otherwise we get a call loop | |
1099 | */ | |
352d482a | 1100 | prov = provider_new(p->name, p->init, NULL); |
8d4dec0d MC |
1101 | if (prov == NULL) |
1102 | goto err; | |
1103 | prov->libctx = store->libctx; | |
1104 | prov->store = store; | |
1105 | #ifndef FIPS_MODULE | |
1106 | prov->error_lib = ERR_get_next_error_library(); | |
1107 | #endif | |
1108 | ||
1109 | /* | |
1110 | * We are calling provider_activate while holding the store lock. This | |
1111 | * means the init function will be called while holding a lock. Normally | |
1112 | * we try to avoid calling a user callback while holding a lock. | |
1113 | * However, fallbacks are never third party providers so we accept this. | |
1114 | */ | |
1115 | if (provider_activate(prov, 0, 0) < 0 | |
1116 | || sk_OSSL_PROVIDER_push(store->providers, prov) == 0) { | |
7dd2cb56 | 1117 | ossl_provider_free(prov); |
8d4dec0d | 1118 | goto err; |
36f5ec55 | 1119 | } |
8d4dec0d | 1120 | activated_fallback_count++; |
36f5ec55 | 1121 | } |
7dd2cb56 | 1122 | |
8d4dec0d | 1123 | if (activated_fallback_count > 0) { |
7dd2cb56 | 1124 | store->use_fallbacks = 0; |
8d4dec0d MC |
1125 | ret = 1; |
1126 | } | |
1127 | err: | |
7dd2cb56 | 1128 | CRYPTO_THREAD_unlock(store->lock); |
8d4dec0d | 1129 | return ret; |
36f5ec55 RL |
1130 | } |
1131 | ||
8f089576 P |
1132 | int ossl_provider_doall_activated(OSSL_LIB_CTX *ctx, |
1133 | int (*cb)(OSSL_PROVIDER *provider, | |
1134 | void *cbdata), | |
1135 | void *cbdata) | |
85e2417c | 1136 | { |
2d569501 | 1137 | int ret = 0, curr, max; |
85e2417c | 1138 | struct provider_store_st *store = get_provider_store(ctx); |
7bbfbc82 | 1139 | STACK_OF(OSSL_PROVIDER) *provs = NULL; |
85e2417c | 1140 | |
f844f9eb | 1141 | #ifndef FIPS_MODULE |
5c5cdcd8 MC |
1142 | /* |
1143 | * Make sure any providers are loaded from config before we try to use | |
1144 | * them. | |
1145 | */ | |
d07af736 MC |
1146 | if (ossl_lib_ctx_is_default(ctx)) |
1147 | OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL); | |
5c5cdcd8 MC |
1148 | #endif |
1149 | ||
7bbfbc82 P |
1150 | if (store == NULL) |
1151 | return 1; | |
8d4dec0d MC |
1152 | if (!provider_activate_fallbacks(store)) |
1153 | return 0; | |
e55008a9 | 1154 | |
7bbfbc82 P |
1155 | /* |
1156 | * Under lock, grab a copy of the provider list and up_ref each | |
1157 | * provider so that they don't disappear underneath us. | |
1158 | */ | |
cd3f8c1b RS |
1159 | if (!CRYPTO_THREAD_read_lock(store->lock)) |
1160 | return 0; | |
7bbfbc82 P |
1161 | provs = sk_OSSL_PROVIDER_dup(store->providers); |
1162 | if (provs == NULL) { | |
85e2417c | 1163 | CRYPTO_THREAD_unlock(store->lock); |
7bbfbc82 | 1164 | return 0; |
85e2417c | 1165 | } |
2d569501 MC |
1166 | max = sk_OSSL_PROVIDER_num(provs); |
1167 | /* | |
1168 | * We work backwards through the stack so that we can safely delete items | |
1169 | * as we go. | |
1170 | */ | |
1171 | for (curr = max - 1; curr >= 0; curr--) { | |
1172 | OSSL_PROVIDER *prov = sk_OSSL_PROVIDER_value(provs, curr); | |
1173 | ||
1174 | if (!CRYPTO_THREAD_write_lock(prov->flag_lock)) | |
7bbfbc82 | 1175 | goto err_unlock; |
2d569501 MC |
1176 | if (prov->flag_activated) { |
1177 | if (!ossl_provider_up_ref(prov)){ | |
1178 | CRYPTO_THREAD_unlock(prov->flag_lock); | |
1179 | goto err_unlock; | |
1180 | } | |
1181 | /* | |
1182 | * It's already activated, but we up the activated count to ensure | |
1183 | * it remains activated until after we've called the user callback. | |
1184 | */ | |
8c627075 | 1185 | if (provider_activate(prov, 0, 1) < 0) { |
2d569501 MC |
1186 | ossl_provider_free(prov); |
1187 | CRYPTO_THREAD_unlock(prov->flag_lock); | |
1188 | goto err_unlock; | |
1189 | } | |
1190 | } else { | |
1191 | sk_OSSL_PROVIDER_delete(provs, curr); | |
1192 | max--; | |
1193 | } | |
1194 | CRYPTO_THREAD_unlock(prov->flag_lock); | |
1195 | } | |
7bbfbc82 | 1196 | CRYPTO_THREAD_unlock(store->lock); |
85e2417c | 1197 | |
7bbfbc82 P |
1198 | /* |
1199 | * Now, we sweep through all providers not under lock | |
1200 | */ | |
2d569501 MC |
1201 | for (curr = 0; curr < max; curr++) { |
1202 | OSSL_PROVIDER *prov = sk_OSSL_PROVIDER_value(provs, curr); | |
7bbfbc82 | 1203 | |
2d569501 | 1204 | if (!cb(prov, cbdata)) |
7bbfbc82 P |
1205 | goto finish; |
1206 | } | |
2d569501 | 1207 | curr = -1; |
7bbfbc82 P |
1208 | |
1209 | ret = 1; | |
1210 | goto finish; | |
1211 | ||
1212 | err_unlock: | |
1213 | CRYPTO_THREAD_unlock(store->lock); | |
1214 | finish: | |
2d569501 MC |
1215 | /* |
1216 | * The pop_free call doesn't do what we want on an error condition. We | |
1217 | * either start from the first item in the stack, or part way through if | |
1218 | * we only processed some of the items. | |
1219 | */ | |
1220 | for (curr++; curr < max; curr++) { | |
1221 | OSSL_PROVIDER *prov = sk_OSSL_PROVIDER_value(provs, curr); | |
1222 | ||
1223 | provider_deactivate(prov); | |
1224 | ossl_provider_free(prov); | |
1225 | } | |
7bbfbc82 | 1226 | sk_OSSL_PROVIDER_free(provs); |
85e2417c RL |
1227 | return ret; |
1228 | } | |
1229 | ||
8d4dec0d | 1230 | int OSSL_PROVIDER_available(OSSL_LIB_CTX *libctx, const char *name) |
36f5ec55 | 1231 | { |
8d4dec0d MC |
1232 | OSSL_PROVIDER *prov = NULL; |
1233 | int available = 0; | |
1234 | struct provider_store_st *store = get_provider_store(libctx); | |
2d569501 | 1235 | |
8d4dec0d MC |
1236 | if (store == NULL || !provider_activate_fallbacks(store)) |
1237 | return 0; | |
36f5ec55 | 1238 | |
8d4dec0d MC |
1239 | prov = ossl_provider_find(libctx, name, 0); |
1240 | if (prov != NULL) { | |
2d569501 MC |
1241 | if (!CRYPTO_THREAD_read_lock(prov->flag_lock)) |
1242 | return 0; | |
8d4dec0d | 1243 | available = prov->flag_activated; |
2d569501 | 1244 | CRYPTO_THREAD_unlock(prov->flag_lock); |
8d4dec0d | 1245 | ossl_provider_free(prov); |
36f5ec55 | 1246 | } |
8d4dec0d | 1247 | return available; |
36f5ec55 RL |
1248 | } |
1249 | ||
e55008a9 RL |
1250 | /* Setters of Provider Object data */ |
1251 | int ossl_provider_set_fallback(OSSL_PROVIDER *prov) | |
1252 | { | |
1253 | if (prov == NULL) | |
1254 | return 0; | |
1255 | ||
1256 | prov->flag_fallback = 1; | |
1257 | return 1; | |
1258 | } | |
1259 | ||
4c2883a9 | 1260 | /* Getters of Provider Object data */ |
24626a47 | 1261 | const char *ossl_provider_name(const OSSL_PROVIDER *prov) |
4c2883a9 RL |
1262 | { |
1263 | return prov->name; | |
1264 | } | |
1265 | ||
24626a47 | 1266 | const DSO *ossl_provider_dso(const OSSL_PROVIDER *prov) |
4c2883a9 RL |
1267 | { |
1268 | return prov->module; | |
1269 | } | |
1270 | ||
24626a47 | 1271 | const char *ossl_provider_module_name(const OSSL_PROVIDER *prov) |
4c2883a9 | 1272 | { |
f844f9eb | 1273 | #ifdef FIPS_MODULE |
3593266d MC |
1274 | return NULL; |
1275 | #else | |
4c2883a9 | 1276 | return DSO_get_filename(prov->module); |
3593266d | 1277 | #endif |
4c2883a9 RL |
1278 | } |
1279 | ||
24626a47 | 1280 | const char *ossl_provider_module_path(const OSSL_PROVIDER *prov) |
4c2883a9 | 1281 | { |
f844f9eb | 1282 | #ifdef FIPS_MODULE |
3593266d MC |
1283 | return NULL; |
1284 | #else | |
4c2883a9 RL |
1285 | /* FIXME: Ensure it's a full path */ |
1286 | return DSO_get_filename(prov->module); | |
3593266d | 1287 | #endif |
4c2883a9 RL |
1288 | } |
1289 | ||
d01d3752 MC |
1290 | void *ossl_provider_prov_ctx(const OSSL_PROVIDER *prov) |
1291 | { | |
1292 | if (prov != NULL) | |
1293 | return prov->provctx; | |
1294 | ||
1295 | return NULL; | |
1296 | } | |
1297 | ||
f12a5690 MC |
1298 | const OSSL_DISPATCH *ossl_provider_get0_dispatch(const OSSL_PROVIDER *prov) |
1299 | { | |
1300 | if (prov != NULL) | |
1301 | return prov->dispatch; | |
1302 | ||
1303 | return NULL; | |
1304 | } | |
1305 | ||
a829b735 | 1306 | OSSL_LIB_CTX *ossl_provider_libctx(const OSSL_PROVIDER *prov) |
e74bd290 | 1307 | { |
185ce3d9 | 1308 | return prov != NULL ? prov->libctx : NULL; |
e74bd290 RL |
1309 | } |
1310 | ||
4c2883a9 RL |
1311 | /* Wrappers around calls to the provider */ |
1312 | void ossl_provider_teardown(const OSSL_PROVIDER *prov) | |
1313 | { | |
c1fb5e07 MC |
1314 | if (prov->teardown != NULL |
1315 | #ifndef FIPS_MODULE | |
1316 | && !prov->ischild | |
1317 | #endif | |
1318 | ) | |
a39eb840 | 1319 | prov->teardown(prov->provctx); |
4c2883a9 RL |
1320 | } |
1321 | ||
dca97d00 | 1322 | const OSSL_PARAM *ossl_provider_gettable_params(const OSSL_PROVIDER *prov) |
4c2883a9 | 1323 | { |
dca97d00 RL |
1324 | return prov->gettable_params == NULL |
1325 | ? NULL : prov->gettable_params(prov->provctx); | |
4c2883a9 RL |
1326 | } |
1327 | ||
4e7991b4 | 1328 | int ossl_provider_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]) |
4c2883a9 | 1329 | { |
a39eb840 RL |
1330 | return prov->get_params == NULL |
1331 | ? 0 : prov->get_params(prov->provctx, params); | |
4c2883a9 RL |
1332 | } |
1333 | ||
04cb5ec0 SL |
1334 | int ossl_provider_self_test(const OSSL_PROVIDER *prov) |
1335 | { | |
1336 | int ret; | |
1337 | ||
1338 | if (prov->self_test == NULL) | |
1339 | return 1; | |
1340 | ret = prov->self_test(prov->provctx); | |
1341 | if (ret == 0) | |
0090e508 | 1342 | (void)provider_flush_store_cache(prov); |
04cb5ec0 SL |
1343 | return ret; |
1344 | } | |
1345 | ||
82ec09ec MC |
1346 | int ossl_provider_get_capabilities(const OSSL_PROVIDER *prov, |
1347 | const char *capability, | |
1348 | OSSL_CALLBACK *cb, | |
1349 | void *arg) | |
1350 | { | |
1351 | return prov->get_capabilities == NULL | |
08a1c9f2 | 1352 | ? 1 : prov->get_capabilities(prov->provctx, capability, cb, arg); |
82ec09ec MC |
1353 | } |
1354 | ||
099bd339 RL |
1355 | const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov, |
1356 | int operation_id, | |
1357 | int *no_cache) | |
1358 | { | |
7dce37e2 P |
1359 | const OSSL_ALGORITHM *res; |
1360 | ||
1361 | if (prov->query_operation == NULL) | |
1362 | return NULL; | |
1363 | res = prov->query_operation(prov->provctx, operation_id, no_cache); | |
1364 | #if defined(OPENSSL_NO_CACHED_FETCH) | |
1365 | /* Forcing the non-caching of queries */ | |
1366 | if (no_cache != NULL) | |
1367 | *no_cache = 1; | |
1368 | #endif | |
1369 | return res; | |
099bd339 RL |
1370 | } |
1371 | ||
b0001d0c P |
1372 | void ossl_provider_unquery_operation(const OSSL_PROVIDER *prov, |
1373 | int operation_id, | |
1374 | const OSSL_ALGORITHM *algs) | |
1375 | { | |
1376 | if (prov->unquery_operation != NULL) | |
1377 | prov->unquery_operation(prov->provctx, operation_id, algs); | |
1378 | } | |
1379 | ||
0090e508 P |
1380 | int ossl_provider_clear_all_operation_bits(OSSL_LIB_CTX *libctx) |
1381 | { | |
1382 | struct provider_store_st *store; | |
1383 | OSSL_PROVIDER *provider; | |
1384 | int i, num, res = 1; | |
1385 | ||
1386 | if ((store = get_provider_store(libctx)) != NULL) { | |
1387 | if (!CRYPTO_THREAD_read_lock(store->lock)) | |
1388 | return 0; | |
1389 | num = sk_OSSL_PROVIDER_num(store->providers); | |
1390 | for (i = 0; i < num; i++) { | |
1391 | provider = sk_OSSL_PROVIDER_value(store->providers, i); | |
1392 | if (!CRYPTO_THREAD_write_lock(provider->opbits_lock)) { | |
1393 | res = 0; | |
1394 | continue; | |
1395 | } | |
1396 | if (provider->operation_bits != NULL) | |
1397 | memset(provider->operation_bits, 0, | |
1398 | provider->operation_bits_sz); | |
1399 | CRYPTO_THREAD_unlock(provider->opbits_lock); | |
1400 | } | |
1401 | CRYPTO_THREAD_unlock(store->lock); | |
1402 | return res; | |
1403 | } | |
1404 | return 0; | |
1405 | } | |
1406 | ||
5a29b628 RL |
1407 | int ossl_provider_set_operation_bit(OSSL_PROVIDER *provider, size_t bitnum) |
1408 | { | |
1409 | size_t byte = bitnum / 8; | |
1410 | unsigned char bit = (1 << (bitnum % 8)) & 0xFF; | |
1411 | ||
cd3f8c1b RS |
1412 | if (!CRYPTO_THREAD_write_lock(provider->opbits_lock)) |
1413 | return 0; | |
5a29b628 | 1414 | if (provider->operation_bits_sz <= byte) { |
2b748d72 TS |
1415 | unsigned char *tmp = OPENSSL_realloc(provider->operation_bits, |
1416 | byte + 1); | |
1417 | ||
1418 | if (tmp == NULL) { | |
c25a1524 | 1419 | CRYPTO_THREAD_unlock(provider->opbits_lock); |
5a29b628 RL |
1420 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE); |
1421 | return 0; | |
1422 | } | |
2b748d72 | 1423 | provider->operation_bits = tmp; |
5a29b628 RL |
1424 | memset(provider->operation_bits + provider->operation_bits_sz, |
1425 | '\0', byte + 1 - provider->operation_bits_sz); | |
2b748d72 | 1426 | provider->operation_bits_sz = byte + 1; |
5a29b628 RL |
1427 | } |
1428 | provider->operation_bits[byte] |= bit; | |
c25a1524 | 1429 | CRYPTO_THREAD_unlock(provider->opbits_lock); |
5a29b628 RL |
1430 | return 1; |
1431 | } | |
1432 | ||
1433 | int ossl_provider_test_operation_bit(OSSL_PROVIDER *provider, size_t bitnum, | |
1434 | int *result) | |
1435 | { | |
1436 | size_t byte = bitnum / 8; | |
1437 | unsigned char bit = (1 << (bitnum % 8)) & 0xFF; | |
1438 | ||
1439 | if (!ossl_assert(result != NULL)) { | |
1440 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); | |
1441 | return 0; | |
1442 | } | |
1443 | ||
1444 | *result = 0; | |
cd3f8c1b RS |
1445 | if (!CRYPTO_THREAD_read_lock(provider->opbits_lock)) |
1446 | return 0; | |
5a29b628 RL |
1447 | if (provider->operation_bits_sz > byte) |
1448 | *result = ((provider->operation_bits[byte] & bit) != 0); | |
c25a1524 | 1449 | CRYPTO_THREAD_unlock(provider->opbits_lock); |
5a29b628 RL |
1450 | return 1; |
1451 | } | |
1452 | ||
c1fb5e07 | 1453 | #ifndef FIPS_MODULE |
8c627075 MC |
1454 | const OSSL_CORE_HANDLE *ossl_provider_get_parent(OSSL_PROVIDER *prov) |
1455 | { | |
1456 | return prov->handle; | |
1457 | } | |
1458 | ||
abaa2dd2 | 1459 | int ossl_provider_is_child(const OSSL_PROVIDER *prov) |
f12a5690 | 1460 | { |
abaa2dd2 MC |
1461 | return prov->ischild; |
1462 | } | |
8c627075 | 1463 | |
abaa2dd2 MC |
1464 | int ossl_provider_set_child(OSSL_PROVIDER *prov, const OSSL_CORE_HANDLE *handle) |
1465 | { | |
8c627075 | 1466 | prov->handle = handle; |
f12a5690 | 1467 | prov->ischild = 1; |
8c627075 | 1468 | |
abaa2dd2 MC |
1469 | return 1; |
1470 | } | |
1471 | ||
1472 | int ossl_provider_convert_to_child(OSSL_PROVIDER *prov, | |
1473 | const OSSL_CORE_HANDLE *handle, | |
1474 | OSSL_provider_init_fn *init_function) | |
1475 | { | |
1476 | int flush = 0; | |
1477 | ||
1478 | if (!CRYPTO_THREAD_write_lock(prov->store->lock)) | |
8c627075 | 1479 | return 0; |
abaa2dd2 MC |
1480 | if (!CRYPTO_THREAD_write_lock(prov->flag_lock)) { |
1481 | CRYPTO_THREAD_unlock(prov->store->lock); | |
1482 | return 0; | |
1483 | } | |
1484 | /* | |
1485 | * The provider could be in one of three states: (1) Already a child, | |
1486 | * (2) Not a child (but eligible to be one), or (3) Not a child (not | |
1487 | * eligible to be one). | |
1488 | */ | |
1489 | if (prov->flag_couldbechild) { | |
1490 | ossl_provider_set_child(prov, handle); | |
1491 | prov->init_function = init_function; | |
1492 | } | |
1493 | if (prov->ischild && provider_activate(prov, 0, 0)) { | |
1494 | flush = 1; | |
1495 | prov->store->use_fallbacks = 0; | |
1496 | } | |
8c627075 | 1497 | |
abaa2dd2 MC |
1498 | CRYPTO_THREAD_unlock(prov->flag_lock); |
1499 | CRYPTO_THREAD_unlock(prov->store->lock); | |
1500 | ||
1501 | if (flush) | |
1502 | provider_flush_store_cache(prov); | |
1503 | ||
1504 | /* | |
1505 | * We report success whether or not the provider was eligible for conversion | |
1506 | * to a child. If its not elgibile then it has already been loaded as a non | |
1507 | * child provider and we should keep it like that. | |
1508 | */ | |
8c627075 | 1509 | return 1; |
f12a5690 MC |
1510 | } |
1511 | ||
447588b6 MC |
1512 | int ossl_provider_default_props_update(OSSL_LIB_CTX *libctx, const char *props) |
1513 | { | |
1514 | #ifndef FIPS_MODULE | |
1515 | struct provider_store_st *store = NULL; | |
1516 | int i, max; | |
1517 | OSSL_PROVIDER_CHILD_CB *child_cb; | |
1518 | ||
1519 | if ((store = get_provider_store(libctx)) == NULL) | |
1520 | return 0; | |
1521 | ||
1522 | if (!CRYPTO_THREAD_read_lock(store->lock)) | |
1523 | return 0; | |
1524 | ||
1525 | max = sk_OSSL_PROVIDER_CHILD_CB_num(store->child_cbs); | |
1526 | for (i = 0; i < max; i++) { | |
1527 | child_cb = sk_OSSL_PROVIDER_CHILD_CB_value(store->child_cbs, i); | |
1528 | child_cb->global_props_cb(props, child_cb->cbdata); | |
1529 | } | |
1530 | ||
1531 | CRYPTO_THREAD_unlock(store->lock); | |
1532 | #endif | |
1533 | return 1; | |
1534 | } | |
1535 | ||
7b88c184 MC |
1536 | static int ossl_provider_register_child_cb(const OSSL_CORE_HANDLE *handle, |
1537 | int (*create_cb)( | |
1538 | const OSSL_CORE_HANDLE *provider, | |
1539 | void *cbdata), | |
b1956770 | 1540 | int (*remove_cb)( |
7b88c184 MC |
1541 | const OSSL_CORE_HANDLE *provider, |
1542 | void *cbdata), | |
b1956770 | 1543 | int (*global_props_cb)( |
447588b6 MC |
1544 | const char *props, |
1545 | void *cbdata), | |
7b88c184 MC |
1546 | void *cbdata) |
1547 | { | |
1548 | /* | |
1549 | * This is really an OSSL_PROVIDER that we created and cast to | |
1550 | * OSSL_CORE_HANDLE originally. Therefore it is safe to cast it back. | |
1551 | */ | |
1552 | OSSL_PROVIDER *thisprov = (OSSL_PROVIDER *)handle; | |
1553 | OSSL_PROVIDER *prov; | |
1554 | OSSL_LIB_CTX *libctx = thisprov->libctx; | |
1555 | struct provider_store_st *store = NULL; | |
1556 | int ret = 0, i, max; | |
1557 | OSSL_PROVIDER_CHILD_CB *child_cb; | |
447588b6 | 1558 | char *propsstr = NULL; |
7b88c184 MC |
1559 | |
1560 | if ((store = get_provider_store(libctx)) == NULL) | |
1561 | return 0; | |
1562 | ||
1563 | child_cb = OPENSSL_malloc(sizeof(*child_cb)); | |
1564 | if (child_cb == NULL) | |
1565 | return 0; | |
1566 | child_cb->prov = thisprov; | |
1567 | child_cb->create_cb = create_cb; | |
1568 | child_cb->remove_cb = remove_cb; | |
447588b6 | 1569 | child_cb->global_props_cb = global_props_cb; |
7b88c184 MC |
1570 | child_cb->cbdata = cbdata; |
1571 | ||
1572 | if (!CRYPTO_THREAD_write_lock(store->lock)) { | |
1573 | OPENSSL_free(child_cb); | |
1574 | return 0; | |
1575 | } | |
447588b6 MC |
1576 | propsstr = evp_get_global_properties_str(libctx, 0); |
1577 | ||
1578 | if (propsstr != NULL) { | |
1579 | global_props_cb(propsstr, cbdata); | |
1580 | OPENSSL_free(propsstr); | |
1581 | } | |
7b88c184 MC |
1582 | max = sk_OSSL_PROVIDER_num(store->providers); |
1583 | for (i = 0; i < max; i++) { | |
1584 | prov = sk_OSSL_PROVIDER_value(store->providers, i); | |
abaa2dd2 MC |
1585 | /* |
1586 | * We require register_child_cb to be called during a provider init | |
1587 | * function. The currently initing provider will never be activated yet | |
1588 | * and we we should not attempt to aquire the flag_lock for it. | |
1589 | */ | |
1590 | if (prov == thisprov) | |
1591 | continue; | |
7b88c184 MC |
1592 | if (!CRYPTO_THREAD_read_lock(prov->flag_lock)) |
1593 | break; | |
1594 | /* | |
1595 | * We hold the lock while calling the user callback. This means that the | |
1596 | * user callback must be short and simple and not do anything likely to | |
1597 | * cause a deadlock. | |
1598 | */ | |
1599 | if (prov->flag_activated | |
1600 | && !create_cb((OSSL_CORE_HANDLE *)prov, cbdata)) | |
1601 | break; | |
1602 | CRYPTO_THREAD_unlock(prov->flag_lock); | |
1603 | } | |
1604 | if (i == max) { | |
1605 | /* Success */ | |
1606 | ret = sk_OSSL_PROVIDER_CHILD_CB_push(store->child_cbs, child_cb); | |
1607 | } | |
1608 | if (i != max || ret <= 0) { | |
1609 | /* Failed during creation. Remove everything we just added */ | |
1610 | for (; i >= 0; i--) { | |
1611 | prov = sk_OSSL_PROVIDER_value(store->providers, i); | |
1612 | remove_cb((OSSL_CORE_HANDLE *)prov, cbdata); | |
1613 | } | |
1614 | OPENSSL_free(child_cb); | |
1615 | ret = 0; | |
1616 | } | |
1617 | CRYPTO_THREAD_unlock(store->lock); | |
1618 | ||
1619 | return ret; | |
1620 | } | |
1621 | ||
1622 | static void ossl_provider_deregister_child_cb(const OSSL_CORE_HANDLE *handle) | |
1623 | { | |
1624 | /* | |
1625 | * This is really an OSSL_PROVIDER that we created and cast to | |
1626 | * OSSL_CORE_HANDLE originally. Therefore it is safe to cast it back. | |
1627 | */ | |
1628 | OSSL_PROVIDER *thisprov = (OSSL_PROVIDER *)handle; | |
1629 | OSSL_LIB_CTX *libctx = thisprov->libctx; | |
1630 | struct provider_store_st *store = NULL; | |
1631 | int i, max; | |
1632 | OSSL_PROVIDER_CHILD_CB *child_cb; | |
1633 | ||
1634 | if ((store = get_provider_store(libctx)) == NULL) | |
1635 | return; | |
1636 | ||
1637 | if (!CRYPTO_THREAD_write_lock(store->lock)) | |
1638 | return; | |
1639 | max = sk_OSSL_PROVIDER_CHILD_CB_num(store->child_cbs); | |
1640 | for (i = 0; i < max; i++) { | |
1641 | child_cb = sk_OSSL_PROVIDER_CHILD_CB_value(store->child_cbs, i); | |
1642 | if (child_cb->prov == thisprov) { | |
1643 | /* Found an entry */ | |
1644 | sk_OSSL_PROVIDER_CHILD_CB_delete(store->child_cbs, i); | |
1645 | OPENSSL_free(child_cb); | |
1646 | break; | |
1647 | } | |
1648 | } | |
1649 | CRYPTO_THREAD_unlock(store->lock); | |
1650 | } | |
1651 | #endif | |
1652 | ||
4c2883a9 RL |
1653 | /*- |
1654 | * Core functions for the provider | |
1655 | * =============================== | |
1656 | * | |
1657 | * This is the set of functions that the core makes available to the provider | |
1658 | */ | |
1659 | ||
1660 | /* | |
1661 | * This returns a list of Provider Object parameters with their types, for | |
1662 | * discovery. We do not expect that many providers will use this, but one | |
1663 | * never knows. | |
1664 | */ | |
26175013 | 1665 | static const OSSL_PARAM param_types[] = { |
b8086652 SL |
1666 | OSSL_PARAM_DEFN(OSSL_PROV_PARAM_CORE_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0), |
1667 | OSSL_PARAM_DEFN(OSSL_PROV_PARAM_CORE_PROV_NAME, OSSL_PARAM_UTF8_PTR, | |
1668 | NULL, 0), | |
1669 | #ifndef FIPS_MODULE | |
1670 | OSSL_PARAM_DEFN(OSSL_PROV_PARAM_CORE_MODULE_FILENAME, OSSL_PARAM_UTF8_PTR, | |
1671 | NULL, 0), | |
1672 | #endif | |
26175013 | 1673 | OSSL_PARAM_END |
4c2883a9 RL |
1674 | }; |
1675 | ||
49c64346 RL |
1676 | /* |
1677 | * Forward declare all the functions that are provided aa dispatch. | |
1678 | * This ensures that the compiler will complain if they aren't defined | |
1679 | * with the correct signature. | |
1680 | */ | |
363b1e5d DMSP |
1681 | static OSSL_FUNC_core_gettable_params_fn core_gettable_params; |
1682 | static OSSL_FUNC_core_get_params_fn core_get_params; | |
1683 | static OSSL_FUNC_core_thread_start_fn core_thread_start; | |
a829b735 | 1684 | static OSSL_FUNC_core_get_libctx_fn core_get_libctx; |
f844f9eb | 1685 | #ifndef FIPS_MODULE |
363b1e5d DMSP |
1686 | static OSSL_FUNC_core_new_error_fn core_new_error; |
1687 | static OSSL_FUNC_core_set_error_debug_fn core_set_error_debug; | |
1688 | static OSSL_FUNC_core_vset_error_fn core_vset_error; | |
1689 | static OSSL_FUNC_core_set_error_mark_fn core_set_error_mark; | |
1690 | static OSSL_FUNC_core_clear_last_error_mark_fn core_clear_last_error_mark; | |
1691 | static OSSL_FUNC_core_pop_error_to_mark_fn core_pop_error_to_mark; | |
97abae6a MC |
1692 | static OSSL_FUNC_core_obj_add_sigid_fn core_obj_add_sigid; |
1693 | static OSSL_FUNC_core_obj_create_fn core_obj_create; | |
49c64346 RL |
1694 | #endif |
1695 | ||
d40b42ab | 1696 | static const OSSL_PARAM *core_gettable_params(const OSSL_CORE_HANDLE *handle) |
4c2883a9 RL |
1697 | { |
1698 | return param_types; | |
1699 | } | |
1700 | ||
d40b42ab | 1701 | static int core_get_params(const OSSL_CORE_HANDLE *handle, OSSL_PARAM params[]) |
4c2883a9 RL |
1702 | { |
1703 | int i; | |
4e7991b4 | 1704 | OSSL_PARAM *p; |
d40b42ab MC |
1705 | /* |
1706 | * We created this object originally and we know it is actually an | |
1707 | * OSSL_PROVIDER *, so the cast is safe | |
1708 | */ | |
1709 | OSSL_PROVIDER *prov = (OSSL_PROVIDER *)handle; | |
4c2883a9 | 1710 | |
b8086652 | 1711 | if ((p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_CORE_VERSION)) != NULL) |
ac1055ef | 1712 | OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR); |
b8086652 | 1713 | if ((p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_CORE_PROV_NAME)) != NULL) |
ac1055ef RL |
1714 | OSSL_PARAM_set_utf8_ptr(p, prov->name); |
1715 | ||
f844f9eb | 1716 | #ifndef FIPS_MODULE |
b8086652 SL |
1717 | if ((p = OSSL_PARAM_locate(params, |
1718 | OSSL_PROV_PARAM_CORE_MODULE_FILENAME)) != NULL) | |
25e60144 SL |
1719 | OSSL_PARAM_set_utf8_ptr(p, ossl_provider_module_path(prov)); |
1720 | #endif | |
1721 | ||
ac1055ef RL |
1722 | if (prov->parameters == NULL) |
1723 | return 1; | |
1724 | ||
1725 | for (i = 0; i < sk_INFOPAIR_num(prov->parameters); i++) { | |
1726 | INFOPAIR *pair = sk_INFOPAIR_value(prov->parameters, i); | |
1727 | ||
1728 | if ((p = OSSL_PARAM_locate(params, pair->name)) != NULL) | |
1729 | OSSL_PARAM_set_utf8_ptr(p, pair->value); | |
4c2883a9 | 1730 | } |
4c2883a9 RL |
1731 | return 1; |
1732 | } | |
1733 | ||
d40b42ab | 1734 | static OPENSSL_CORE_CTX *core_get_libctx(const OSSL_CORE_HANDLE *handle) |
e7706e63 | 1735 | { |
d40b42ab MC |
1736 | /* |
1737 | * We created this object originally and we know it is actually an | |
1738 | * OSSL_PROVIDER *, so the cast is safe | |
1739 | */ | |
1740 | OSSL_PROVIDER *prov = (OSSL_PROVIDER *)handle; | |
1741 | ||
a23deef2 TM |
1742 | /* |
1743 | * Using ossl_provider_libctx would be wrong as that returns | |
1744 | * NULL for |prov| == NULL and NULL libctx has a special meaning | |
1745 | * that does not apply here. Here |prov| == NULL can happen only in | |
1746 | * case of a coding error. | |
1747 | */ | |
2217d4c9 | 1748 | assert(prov != NULL); |
a23deef2 | 1749 | return (OPENSSL_CORE_CTX *)prov->libctx; |
e7706e63 RL |
1750 | } |
1751 | ||
d40b42ab | 1752 | static int core_thread_start(const OSSL_CORE_HANDLE *handle, |
c9732f09 MC |
1753 | OSSL_thread_stop_handler_fn handfn, |
1754 | void *arg) | |
da747958 | 1755 | { |
d40b42ab MC |
1756 | /* |
1757 | * We created this object originally and we know it is actually an | |
1758 | * OSSL_PROVIDER *, so the cast is safe | |
1759 | */ | |
1760 | OSSL_PROVIDER *prov = (OSSL_PROVIDER *)handle; | |
1761 | ||
c9732f09 | 1762 | return ossl_init_thread_start(prov, arg, handfn); |
da747958 MC |
1763 | } |
1764 | ||
6592ab81 RL |
1765 | /* |
1766 | * The FIPS module inner provider doesn't implement these. They aren't | |
1767 | * needed there, since the FIPS module upcalls are always the outer provider | |
1768 | * ones. | |
1769 | */ | |
f844f9eb | 1770 | #ifndef FIPS_MODULE |
49c64346 | 1771 | /* |
a23deef2 TM |
1772 | * These error functions should use |handle| to select the proper |
1773 | * library context to report in the correct error stack if error | |
49c64346 RL |
1774 | * stacks become tied to the library context. |
1775 | * We cannot currently do that since there's no support for it in the | |
1776 | * ERR subsystem. | |
1777 | */ | |
d40b42ab | 1778 | static void core_new_error(const OSSL_CORE_HANDLE *handle) |
49c64346 RL |
1779 | { |
1780 | ERR_new(); | |
1781 | } | |
1782 | ||
d40b42ab | 1783 | static void core_set_error_debug(const OSSL_CORE_HANDLE *handle, |
49c64346 RL |
1784 | const char *file, int line, const char *func) |
1785 | { | |
1786 | ERR_set_debug(file, line, func); | |
1787 | } | |
1788 | ||
d40b42ab | 1789 | static void core_vset_error(const OSSL_CORE_HANDLE *handle, |
49c64346 | 1790 | uint32_t reason, const char *fmt, va_list args) |
6ebc2f56 | 1791 | { |
d40b42ab MC |
1792 | /* |
1793 | * We created this object originally and we know it is actually an | |
1794 | * OSSL_PROVIDER *, so the cast is safe | |
1795 | */ | |
1796 | OSSL_PROVIDER *prov = (OSSL_PROVIDER *)handle; | |
1797 | ||
6ebc2f56 RL |
1798 | /* |
1799 | * If the uppermost 8 bits are non-zero, it's an OpenSSL library | |
1800 | * error and will be treated as such. Otherwise, it's a new style | |
1801 | * provider error and will be treated as such. | |
1802 | */ | |
1803 | if (ERR_GET_LIB(reason) != 0) { | |
49c64346 | 1804 | ERR_vset_error(ERR_GET_LIB(reason), ERR_GET_REASON(reason), fmt, args); |
6ebc2f56 | 1805 | } else { |
49c64346 | 1806 | ERR_vset_error(prov->error_lib, (int)reason, fmt, args); |
6ebc2f56 RL |
1807 | } |
1808 | } | |
7b131de2 | 1809 | |
d40b42ab | 1810 | static int core_set_error_mark(const OSSL_CORE_HANDLE *handle) |
7b131de2 RL |
1811 | { |
1812 | return ERR_set_mark(); | |
1813 | } | |
1814 | ||
d40b42ab | 1815 | static int core_clear_last_error_mark(const OSSL_CORE_HANDLE *handle) |
7b131de2 RL |
1816 | { |
1817 | return ERR_clear_last_mark(); | |
1818 | } | |
1819 | ||
d40b42ab | 1820 | static int core_pop_error_to_mark(const OSSL_CORE_HANDLE *handle) |
7b131de2 RL |
1821 | { |
1822 | return ERR_pop_to_mark(); | |
1823 | } | |
97abae6a MC |
1824 | |
1825 | static int core_obj_add_sigid(const OSSL_CORE_HANDLE *prov, | |
1826 | const char *sign_name, const char *digest_name, | |
1827 | const char *pkey_name) | |
1828 | { | |
1829 | int sign_nid = OBJ_txt2nid(sign_name); | |
1830 | int digest_nid = OBJ_txt2nid(digest_name); | |
1831 | int pkey_nid = OBJ_txt2nid(pkey_name); | |
1832 | ||
1833 | if (sign_nid == NID_undef) | |
1834 | return 0; | |
1835 | ||
1836 | /* | |
1837 | * Check if it already exists. This is a success if so (even if we don't | |
1838 | * have nids for the digest/pkey) | |
1839 | */ | |
1840 | if (OBJ_find_sigid_algs(sign_nid, NULL, NULL)) | |
1841 | return 1; | |
1842 | ||
1843 | if (digest_nid == NID_undef | |
1844 | || pkey_nid == NID_undef) | |
1845 | return 0; | |
1846 | ||
1847 | return OBJ_add_sigid(sign_nid, digest_nid, pkey_nid); | |
1848 | } | |
1849 | ||
1850 | static int core_obj_create(const OSSL_CORE_HANDLE *prov, const char *oid, | |
1851 | const char *sn, const char *ln) | |
1852 | { | |
1853 | /* Check if it already exists and create it if not */ | |
1854 | return OBJ_txt2nid(oid) != NID_undef | |
1855 | || OBJ_create(oid, sn, ln) != NID_undef; | |
1856 | } | |
f844f9eb | 1857 | #endif /* FIPS_MODULE */ |
6ebc2f56 | 1858 | |
b60cba3c | 1859 | /* |
03bede0c | 1860 | * Functions provided by the core. |
b60cba3c | 1861 | */ |
4c2883a9 | 1862 | static const OSSL_DISPATCH core_dispatch_[] = { |
dca97d00 | 1863 | { OSSL_FUNC_CORE_GETTABLE_PARAMS, (void (*)(void))core_gettable_params }, |
4c2883a9 | 1864 | { OSSL_FUNC_CORE_GET_PARAMS, (void (*)(void))core_get_params }, |
a829b735 | 1865 | { OSSL_FUNC_CORE_GET_LIBCTX, (void (*)(void))core_get_libctx }, |
da747958 | 1866 | { OSSL_FUNC_CORE_THREAD_START, (void (*)(void))core_thread_start }, |
f844f9eb | 1867 | #ifndef FIPS_MODULE |
49c64346 RL |
1868 | { OSSL_FUNC_CORE_NEW_ERROR, (void (*)(void))core_new_error }, |
1869 | { OSSL_FUNC_CORE_SET_ERROR_DEBUG, (void (*)(void))core_set_error_debug }, | |
1870 | { OSSL_FUNC_CORE_VSET_ERROR, (void (*)(void))core_vset_error }, | |
7b131de2 RL |
1871 | { OSSL_FUNC_CORE_SET_ERROR_MARK, (void (*)(void))core_set_error_mark }, |
1872 | { OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK, | |
1873 | (void (*)(void))core_clear_last_error_mark }, | |
d16d0b71 | 1874 | { OSSL_FUNC_CORE_POP_ERROR_TO_MARK, (void (*)(void))core_pop_error_to_mark }, |
141cc94e P |
1875 | { OSSL_FUNC_BIO_NEW_FILE, (void (*)(void))ossl_core_bio_new_file }, |
1876 | { OSSL_FUNC_BIO_NEW_MEMBUF, (void (*)(void))ossl_core_bio_new_mem_buf }, | |
1877 | { OSSL_FUNC_BIO_READ_EX, (void (*)(void))ossl_core_bio_read_ex }, | |
1878 | { OSSL_FUNC_BIO_WRITE_EX, (void (*)(void))ossl_core_bio_write_ex }, | |
1879 | { OSSL_FUNC_BIO_GETS, (void (*)(void))ossl_core_bio_gets }, | |
1880 | { OSSL_FUNC_BIO_PUTS, (void (*)(void))ossl_core_bio_puts }, | |
1881 | { OSSL_FUNC_BIO_CTRL, (void (*)(void))ossl_core_bio_ctrl }, | |
1882 | { OSSL_FUNC_BIO_UP_REF, (void (*)(void))ossl_core_bio_up_ref }, | |
1883 | { OSSL_FUNC_BIO_FREE, (void (*)(void))ossl_core_bio_free }, | |
1884 | { OSSL_FUNC_BIO_VPRINTF, (void (*)(void))ossl_core_bio_vprintf }, | |
d16d0b71 | 1885 | { OSSL_FUNC_BIO_VSNPRINTF, (void (*)(void))BIO_vsnprintf }, |
36fc5fc6 | 1886 | { OSSL_FUNC_SELF_TEST_CB, (void (*)(void))OSSL_SELF_TEST_get_callback }, |
03bede0c P |
1887 | { OSSL_FUNC_GET_ENTROPY, (void (*)(void))ossl_rand_get_entropy }, |
1888 | { OSSL_FUNC_CLEANUP_ENTROPY, (void (*)(void))ossl_rand_cleanup_entropy }, | |
1889 | { OSSL_FUNC_GET_NONCE, (void (*)(void))ossl_rand_get_nonce }, | |
1890 | { OSSL_FUNC_CLEANUP_NONCE, (void (*)(void))ossl_rand_cleanup_nonce }, | |
6592ab81 | 1891 | #endif |
b60cba3c RS |
1892 | { OSSL_FUNC_CRYPTO_MALLOC, (void (*)(void))CRYPTO_malloc }, |
1893 | { OSSL_FUNC_CRYPTO_ZALLOC, (void (*)(void))CRYPTO_zalloc }, | |
b60cba3c RS |
1894 | { OSSL_FUNC_CRYPTO_FREE, (void (*)(void))CRYPTO_free }, |
1895 | { OSSL_FUNC_CRYPTO_CLEAR_FREE, (void (*)(void))CRYPTO_clear_free }, | |
1896 | { OSSL_FUNC_CRYPTO_REALLOC, (void (*)(void))CRYPTO_realloc }, | |
1897 | { OSSL_FUNC_CRYPTO_CLEAR_REALLOC, (void (*)(void))CRYPTO_clear_realloc }, | |
1898 | { OSSL_FUNC_CRYPTO_SECURE_MALLOC, (void (*)(void))CRYPTO_secure_malloc }, | |
1899 | { OSSL_FUNC_CRYPTO_SECURE_ZALLOC, (void (*)(void))CRYPTO_secure_zalloc }, | |
1900 | { OSSL_FUNC_CRYPTO_SECURE_FREE, (void (*)(void))CRYPTO_secure_free }, | |
1901 | { OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE, | |
1902 | (void (*)(void))CRYPTO_secure_clear_free }, | |
1903 | { OSSL_FUNC_CRYPTO_SECURE_ALLOCATED, | |
1904 | (void (*)(void))CRYPTO_secure_allocated }, | |
1905 | { OSSL_FUNC_OPENSSL_CLEANSE, (void (*)(void))OPENSSL_cleanse }, | |
f12a5690 | 1906 | #ifndef FIPS_MODULE |
7b88c184 MC |
1907 | { OSSL_FUNC_PROVIDER_REGISTER_CHILD_CB, |
1908 | (void (*)(void))ossl_provider_register_child_cb }, | |
1909 | { OSSL_FUNC_PROVIDER_DEREGISTER_CHILD_CB, | |
1910 | (void (*)(void))ossl_provider_deregister_child_cb }, | |
1911 | { OSSL_FUNC_PROVIDER_NAME, | |
c4e91674 | 1912 | (void (*)(void))OSSL_PROVIDER_get0_name }, |
7b88c184 | 1913 | { OSSL_FUNC_PROVIDER_GET0_PROVIDER_CTX, |
f12a5690 | 1914 | (void (*)(void))OSSL_PROVIDER_get0_provider_ctx }, |
7b88c184 | 1915 | { OSSL_FUNC_PROVIDER_GET0_DISPATCH, |
f12a5690 | 1916 | (void (*)(void))OSSL_PROVIDER_get0_dispatch }, |
8c627075 MC |
1917 | { OSSL_FUNC_PROVIDER_UP_REF, |
1918 | (void (*)(void))provider_up_ref_intern }, | |
1919 | { OSSL_FUNC_PROVIDER_FREE, | |
1920 | (void (*)(void))provider_free_intern }, | |
97abae6a MC |
1921 | { OSSL_FUNC_CORE_OBJ_ADD_SIGID, (void (*)(void))core_obj_add_sigid }, |
1922 | { OSSL_FUNC_CORE_OBJ_CREATE, (void (*)(void))core_obj_create }, | |
f12a5690 | 1923 | #endif |
4c2883a9 RL |
1924 | { 0, NULL } |
1925 | }; | |
1926 | static const OSSL_DISPATCH *core_dispatch = core_dispatch_; |