]> git.ipfire.org Git - thirdparty/openssl.git/blame - crypto/provider_core.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
decoder_process: data_structure can be NULL
[thirdparty/openssl.git] / crypto / provider_core.c
CommitLineData
4c2883a9 1/*
4333b89f 2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4c2883a9
RL		 3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <openssl/core.h>
23c48d94 11#include <openssl/core_dispatch.h>
25e60144 12#include <openssl/core_names.h>
6bd4e3f2 13#include <openssl/provider.h>
ac1055ef 14#include <openssl/params.h>
4c2883a9 15#include <openssl/opensslv.h>
25f2138b 16#include "crypto/cryptlib.h"
04cb5ec0 17#include "crypto/evp.h" /* evp_method_store_flush */
03bede0c 18#include "crypto/rand.h"
c41f3ae0 19#include "internal/nelem.h"
4c2883a9
RL		 20#include "internal/thread_once.h"
21#include "internal/provider.h"
22#include "internal/refcount.h"
141cc94e 23#include "internal/bio.h"
c41f3ae0 24#include "provider_local.h"
f844f9eb 25#ifndef FIPS_MODULE
36fc5fc6
SL		 26# include <openssl/self_test.h>
27#endif
c41f3ae0
RL		 28
29static OSSL_PROVIDER *provider_new(const char *name,
30 OSSL_provider_init_fn *init_function);
4c2883a9
RL		 31
32/*-
33 * Provider Object structure
34 * =========================
35 */
36
ac1055ef
RL		 37typedef struct {
38 char *name;
39 char *value;
40} INFOPAIR;
41DEFINE_STACK_OF(INFOPAIR)
42
4c2883a9
RL		 43struct provider_store_st; /* Forward declaration */
44
45struct ossl_provider_st {
46 /* Flag bits */
47 unsigned int flag_initialized:1;
390f9bad 48 unsigned int flag_activated:1;
c8567c39
RL		 49 unsigned int flag_fallback:1; /* Can be used as fallback */
50 unsigned int flag_activated_as_fallback:1;
4c2883a9 51
c2ec2bb7
RL		 52 /* Getting and setting the flags require synchronization */
53 CRYPTO_RWLOCK *flag_lock;
54
4c2883a9
RL		 55 /* OpenSSL library side data */
56 CRYPTO_REF_COUNT refcnt;
085bef9f 57 CRYPTO_RWLOCK *refcnt_lock; /* For the ref counter */
390f9bad
RL		 58 CRYPTO_REF_COUNT activatecnt;
59 CRYPTO_RWLOCK *activatecnt_lock; /* For the activate counter */
4c2883a9 60 char *name;
ac1055ef 61 char *path;
4c2883a9
RL		 62 DSO *module;
63 OSSL_provider_init_fn *init_function;
ac1055ef 64 STACK_OF(INFOPAIR) *parameters;
b4250010 65 OSSL_LIB_CTX *libctx; /* The library context this instance is in */
e55008a9 66 struct provider_store_st *store; /* The store this instance belongs to */
f844f9eb 67#ifndef FIPS_MODULE
6592ab81
RL		 68 /*
69 * In the FIPS module inner provider, this isn't needed, since the
70 * error upcalls are always direct calls to the outer provider.
71 */
6ebc2f56 72 int error_lib; /* ERR library number, one for each provider */
6592ab81 73# ifndef OPENSSL_NO_ERR
6ebc2f56 74 ERR_STRING_DATA *error_strings; /* Copy of what the provider gives us */
6592ab81 75# endif
6ebc2f56 76#endif
4c2883a9
RL		 77
78 /* Provider side functions */
363b1e5d
DMSP		 79 OSSL_FUNC_provider_teardown_fn *teardown;
80 OSSL_FUNC_provider_gettable_params_fn *gettable_params;
81 OSSL_FUNC_provider_get_params_fn *get_params;
82 OSSL_FUNC_provider_get_capabilities_fn *get_capabilities;
04cb5ec0 83 OSSL_FUNC_provider_self_test_fn *self_test;
363b1e5d 84 OSSL_FUNC_provider_query_operation_fn *query_operation;
b0001d0c 85 OSSL_FUNC_provider_unquery_operation_fn *unquery_operation;
a39eb840 86
5a29b628
RL		 87 /*
88 * Cache of bit to indicate of query_operation() has been called on
89 * a specific operation or not.
90 */
91 unsigned char *operation_bits;
92 size_t operation_bits_sz;
c25a1524 93 CRYPTO_RWLOCK *opbits_lock;
5a29b628 94
a39eb840
RL		 95 /* Provider side data */
96 void *provctx;
4c2883a9
RL		 97};
98DEFINE_STACK_OF(OSSL_PROVIDER)
99
100static int ossl_provider_cmp(const OSSL_PROVIDER * const *a,
101 const OSSL_PROVIDER * const *b)
102{
103 return strcmp((*a)->name, (*b)->name);
104}
105
106/*-
107 * Provider Object store
108 * =====================
109 *
110 * The Provider Object store is a library context object, and therefore needs
111 * an index.
112 */
113
114struct provider_store_st {
115 STACK_OF(OSSL_PROVIDER) *providers;
116 CRYPTO_RWLOCK *lock;
6bd4e3f2 117 char *default_path;
e55008a9 118 unsigned int use_fallbacks:1;
4c2883a9 119};
4c2883a9 120
c8567c39 121/*
390f9bad
RL		 122 * provider_deactivate_free() is a wrapper around ossl_provider_deactivate()
123 * and ossl_provider_free(), called as needed.
c8567c39
RL		 124 * Since this is only called when the provider store is being emptied, we
125 * don't need to care about any lock.
126 */
127static void provider_deactivate_free(OSSL_PROVIDER *prov)
128{
390f9bad
RL		 129 if (prov->flag_activated)
130 ossl_provider_deactivate(prov);
c8567c39
RL		 131 ossl_provider_free(prov);
132}
133
4c2883a9
RL		 134static void provider_store_free(void *vstore)
135{
136 struct provider_store_st *store = vstore;
137
138 if (store == NULL)
139 return;
6bd4e3f2 140 OPENSSL_free(store->default_path);
c8567c39 141 sk_OSSL_PROVIDER_pop_free(store->providers, provider_deactivate_free);
4c2883a9
RL		 142 CRYPTO_THREAD_lock_free(store->lock);
143 OPENSSL_free(store);
144}
145
b4250010 146static void *provider_store_new(OSSL_LIB_CTX *ctx)
4c2883a9
RL		 147{
148 struct provider_store_st *store = OPENSSL_zalloc(sizeof(*store));
c41f3ae0 149 const struct predefined_providers_st *p = NULL;
4c2883a9
RL		 150
151 if (store == NULL
152 || (store->providers = sk_OSSL_PROVIDER_new(ossl_provider_cmp)) == NULL
153 || (store->lock = CRYPTO_THREAD_lock_new()) == NULL) {
154 provider_store_free(store);
e55008a9 155 return NULL;
4c2883a9 156 }
e55008a9 157 store->use_fallbacks = 1;
c41f3ae0
RL		 158
159 for (p = predefined_providers; p->name != NULL; p++) {
160 OSSL_PROVIDER *prov = NULL;
161
162 /*
163 * We use the internal constructor directly here,
164 * otherwise we get a call loop
165 */
166 prov = provider_new(p->name, p->init);
167
168 if (prov == NULL
169 || sk_OSSL_PROVIDER_push(store->providers, prov) == 0) {
170 ossl_provider_free(prov);
171 provider_store_free(store);
9311d0c4 172 ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR);
c41f3ae0
RL		 173 return NULL;
174 }
e7706e63 175 prov->libctx = ctx;
c41f3ae0 176 prov->store = store;
f844f9eb 177#ifndef FIPS_MODULE
6ebc2f56 178 prov->error_lib = ERR_get_next_error_library();
6592ab81 179#endif
c41f3ae0
RL		 180 if(p->is_fallback)
181 ossl_provider_set_fallback(prov);
182 }
183
4c2883a9
RL		 184 return store;
185}
186
b4250010 187static const OSSL_LIB_CTX_METHOD provider_store_method = {
4c2883a9
RL		 188 provider_store_new,
189 provider_store_free,
190};
191
b4250010 192static struct provider_store_st *get_provider_store(OSSL_LIB_CTX *libctx)
4c2883a9
RL		 193{
194 struct provider_store_st *store = NULL;
195
b4250010
DMSP		 196 store = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_STORE_INDEX,
197 &provider_store_method);
4c2883a9 198 if (store == NULL)
9311d0c4 199 ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR);
4c2883a9
RL		 200 return store;
201}
202
b4250010 203int ossl_provider_disable_fallback_loading(OSSL_LIB_CTX *libctx)
ebe3f24b
P		 204{
205 struct provider_store_st *store;
206
207 if ((store = get_provider_store(libctx)) != NULL) {
cd3f8c1b
RS		 208 if (!CRYPTO_THREAD_write_lock(store->lock))
209 return 0;
ebe3f24b 210 store->use_fallbacks = 0;
d60a8e0a 211 CRYPTO_THREAD_unlock(store->lock);
ebe3f24b
P		 212 return 1;
213 }
214 return 0;
215}
216
b4250010 217OSSL_PROVIDER *ossl_provider_find(OSSL_LIB_CTX *libctx, const char *name,
29dc6e00 218 int noconfig)
4c2883a9
RL		 219{
220 struct provider_store_st *store = NULL;
221 OSSL_PROVIDER *prov = NULL;
222
223 if ((store = get_provider_store(libctx)) != NULL) {
224 OSSL_PROVIDER tmpl = { 0, };
225 int i;
226
f844f9eb 227#ifndef FIPS_MODULE
29dc6e00
MC		 228 /*
229 * Make sure any providers are loaded from config before we try to find
230 * them.
231 */
232 if (!noconfig)
233 OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
234#endif
235
4c2883a9 236 tmpl.name = (char *)name;
cd3f8c1b
RS		 237 if (!CRYPTO_THREAD_write_lock(store->lock))
238 return NULL;
4c2883a9
RL		 239 if ((i = sk_OSSL_PROVIDER_find(store->providers, &tmpl)) == -1
240 || (prov = sk_OSSL_PROVIDER_value(store->providers, i)) == NULL
7c95390e 241 || !ossl_provider_up_ref(prov))
4c2883a9
RL		 242 prov = NULL;
243 CRYPTO_THREAD_unlock(store->lock);
244 }
245
246 return prov;
247}
248
c41f3ae0
RL		 249/*-
250 * Provider Object methods
251 * =======================
252 */
253
254static OSSL_PROVIDER *provider_new(const char *name,
255 OSSL_provider_init_fn *init_function)
256{
257 OSSL_PROVIDER *prov = NULL;
258
259 if ((prov = OPENSSL_zalloc(sizeof(*prov))) == NULL
260#ifndef HAVE_ATOMICS
261 || (prov->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL
390f9bad 262 || (prov->activatecnt_lock = CRYPTO_THREAD_lock_new()) == NULL
c41f3ae0 263#endif
7c95390e 264 || !ossl_provider_up_ref(prov) /* +1 One reference to be returned */
c25a1524 265 || (prov->opbits_lock = CRYPTO_THREAD_lock_new()) == NULL
c2ec2bb7 266 || (prov->flag_lock = CRYPTO_THREAD_lock_new()) == NULL
c41f3ae0
RL		 267 || (prov->name = OPENSSL_strdup(name)) == NULL) {
268 ossl_provider_free(prov);
9311d0c4 269 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
c41f3ae0
RL		 270 return NULL;
271 }
272
273 prov->init_function = init_function;
274 return prov;
275}
276
7c95390e 277int ossl_provider_up_ref(OSSL_PROVIDER *prov)
c41f3ae0
RL		 278{
279 int ref = 0;
280
ad14e8e5
SL		 281 if (CRYPTO_UP_REF(&prov->refcnt, &ref, prov->refcnt_lock) <= 0)
282 return 0;
c41f3ae0
RL		 283 return ref;
284}
285
b4250010 286OSSL_PROVIDER *ossl_provider_new(OSSL_LIB_CTX *libctx, const char *name,
29dc6e00
MC		 287 OSSL_provider_init_fn *init_function,
288 int noconfig)
4c2883a9
RL		 289{
290 struct provider_store_st *store = NULL;
291 OSSL_PROVIDER *prov = NULL;
292
293 if ((store = get_provider_store(libctx)) == NULL)
294 return NULL;
295
29dc6e00
MC		 296 if ((prov = ossl_provider_find(libctx, name,
297 noconfig)) != NULL) { /* refcount +1 */
4c2883a9 298 ossl_provider_free(prov); /* refcount -1 */
105d01f1 299 ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_PROVIDER_ALREADY_EXISTS,
49c64346 300 "name=%s", name);
4c2883a9
RL		 301 return NULL;
302 }
303
c41f3ae0
RL		 304 /* provider_new() generates an error, so no need here */
305 if ((prov = provider_new(name, init_function)) == NULL)
4c2883a9 306 return NULL;
4c2883a9 307
cd3f8c1b
RS		 308 if (!CRYPTO_THREAD_write_lock(store->lock))
309 return NULL;
7c95390e 310 if (!ossl_provider_up_ref(prov)) { /* +1 One reference for the store */
4c2883a9
RL		 311 ossl_provider_free(prov); /* -1 Reference that was to be returned */
312 prov = NULL;
313 } else if (sk_OSSL_PROVIDER_push(store->providers, prov) == 0) {
314 ossl_provider_free(prov); /* -1 Store reference */
315 ossl_provider_free(prov); /* -1 Reference that was to be returned */
316 prov = NULL;
e55008a9 317 } else {
e7706e63 318 prov->libctx = libctx;
e55008a9 319 prov->store = store;
f844f9eb 320#ifndef FIPS_MODULE
6ebc2f56 321 prov->error_lib = ERR_get_next_error_library();
6592ab81 322#endif
4c2883a9
RL		 323 }
324 CRYPTO_THREAD_unlock(store->lock);
325
326 if (prov == NULL)
9311d0c4 327 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
4c2883a9
RL		 328
329 /*
330 * At this point, the provider is only partially "loaded". To be
331 * fully "loaded", ossl_provider_activate() must also be called.
332 */
333
334 return prov;
335}
336
ac1055ef
RL		 337static void free_infopair(INFOPAIR *pair)
338{
339 OPENSSL_free(pair->name);
340 OPENSSL_free(pair->value);
341 OPENSSL_free(pair);
342}
343
4c2883a9
RL		 344void ossl_provider_free(OSSL_PROVIDER *prov)
345{
346 if (prov != NULL) {
347 int ref = 0;
348
085bef9f 349 CRYPTO_DOWN_REF(&prov->refcnt, &ref, prov->refcnt_lock);
4c2883a9
RL		 350
351 /*
390f9bad
RL		 352 * When the refcount drops to zero, we clean up the provider.
353 * Note that this also does teardown, which may seem late,
354 * considering that init happens on first activation. However,
355 * there may be other structures hanging on to the provider after
356 * the last deactivation and may therefore need full access to the
357 * provider's services. Therefore, we deinit late.
4c2883a9 358 */
390f9bad
RL		 359 if (ref == 0) {
360 if (prov->flag_initialized) {
f844f9eb 361#ifndef FIPS_MODULE
390f9bad 362 ossl_init_thread_deregister(prov);
6913f5fe 363#endif
390f9bad
RL		 364 if (prov->teardown != NULL)
365 prov->teardown(prov->provctx);
6ebc2f56 366#ifndef OPENSSL_NO_ERR
f844f9eb 367# ifndef FIPS_MODULE
390f9bad
RL		 368 if (prov->error_strings != NULL) {
369 ERR_unload_strings(prov->error_lib, prov->error_strings);
370 OPENSSL_free(prov->error_strings);
371 prov->error_strings = NULL;
372 }
6ebc2f56
RL		 373# endif
374#endif
390f9bad
RL		 375 OPENSSL_free(prov->operation_bits);
376 prov->operation_bits = NULL;
377 prov->operation_bits_sz = 0;
378 prov->flag_initialized = 0;
379 }
4c2883a9 380
f844f9eb 381#ifndef FIPS_MODULE
4c2883a9 382 DSO_free(prov->module);
3593266d 383#endif
4c2883a9 384 OPENSSL_free(prov->name);
ac1055ef
RL		 385 OPENSSL_free(prov->path);
386 sk_INFOPAIR_pop_free(prov->parameters, free_infopair);
c25a1524 387 CRYPTO_THREAD_lock_free(prov->opbits_lock);
c2ec2bb7 388 CRYPTO_THREAD_lock_free(prov->flag_lock);
085bef9f
RL		 389#ifndef HAVE_ATOMICS
390 CRYPTO_THREAD_lock_free(prov->refcnt_lock);
390f9bad 391 CRYPTO_THREAD_lock_free(prov->activatecnt_lock);
085bef9f 392#endif
4c2883a9
RL		 393 OPENSSL_free(prov);
394 }
395 }
396}
397
ac1055ef
RL		 398/* Setters */
399int ossl_provider_set_module_path(OSSL_PROVIDER *prov, const char *module_path)
400{
401 OPENSSL_free(prov->path);
402 if (module_path == NULL)
403 return 1;
404 if ((prov->path = OPENSSL_strdup(module_path)) != NULL)
405 return 1;
9311d0c4 406 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
ac1055ef
RL		 407 return 0;
408}
409
410int ossl_provider_add_parameter(OSSL_PROVIDER *prov,
411 const char *name, const char *value)
412{
413 INFOPAIR *pair = NULL;
414
415 if ((pair = OPENSSL_zalloc(sizeof(*pair))) != NULL
416 && (prov->parameters != NULL
417 || (prov->parameters = sk_INFOPAIR_new_null()) != NULL)
418 && (pair->name = OPENSSL_strdup(name)) != NULL
419 && (pair->value = OPENSSL_strdup(value)) != NULL
420 && sk_INFOPAIR_push(prov->parameters, pair) > 0)
421 return 1;
422
423 if (pair != NULL) {
424 OPENSSL_free(pair->name);
425 OPENSSL_free(pair->value);
426 OPENSSL_free(pair);
427 }
9311d0c4 428 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
ac1055ef
RL		 429 return 0;
430}
431
4c2883a9
RL		 432/*
433 * Provider activation.
434 *
435 * What "activation" means depends on the provider form; for built in
436 * providers (in the library or the application alike), the provider
437 * can already be considered to be loaded, all that's needed is to
438 * initialize it. However, for dynamically loadable provider modules,
439 * we must first load that module.
440 *
441 * Built in modules are distinguished from dynamically loaded modules
442 * with an already assigned init function.
443 */
444static const OSSL_DISPATCH *core_dispatch; /* Define further down */
445
b4250010
DMSP		 446int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx,
447 const char *path)
6bd4e3f2
P		 448{
449 struct provider_store_st *store;
450 char *p = NULL;
451
452 if (path != NULL) {
453 p = OPENSSL_strdup(path);
454 if (p == NULL) {
9311d0c4 455 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
6bd4e3f2
P		 456 return 0;
457 }
458 }
459 if ((store = get_provider_store(libctx)) != NULL
460 && CRYPTO_THREAD_write_lock(store->lock)) {
461 OPENSSL_free(store->default_path);
462 store->default_path = p;
463 CRYPTO_THREAD_unlock(store->lock);
464 return 1;
465 }
466 OPENSSL_free(p);
467 return 0;
468}
469
e55008a9
RL		 470/*
471 * Internal version that doesn't affect the store flags, and thereby avoid
472 * locking. Direct callers must remember to set the store flags when
e7706e63 473 * appropriate.
e55008a9 474 */
390f9bad 475static int provider_init(OSSL_PROVIDER *prov)
4c2883a9
RL		 476{
477 const OSSL_DISPATCH *provider_dispatch = NULL;
914db66d 478 void *tmp_provctx = NULL; /* safety measure */
6ebc2f56 479#ifndef OPENSSL_NO_ERR
f844f9eb 480# ifndef FIPS_MODULE
363b1e5d 481 OSSL_FUNC_provider_get_reason_strings_fn *p_get_reason_strings = NULL;
6592ab81 482# endif
6ebc2f56 483#endif
c2ec2bb7 484 int ok = 0;
4c2883a9 485
c2ec2bb7
RL		 486 /*
487 * The flag lock is used to lock init, not only because the flag is
488 * checked here and set at the end, but also because this function
489 * modifies a number of things in the provider structure that this
490 * function needs to perform under lock anyway.
491 */
cd3f8c1b
RS		 492 if (!CRYPTO_THREAD_write_lock(prov->flag_lock))
493 goto end;
c2ec2bb7
RL		 494 if (prov->flag_initialized) {
495 ok = 1;
496 goto end;
497 }
4c2883a9
RL		 498
499 /*
500 * If the init function isn't set, it indicates that this provider is
501 * a loadable module.
502 */
503 if (prov->init_function == NULL) {
f844f9eb 504#ifdef FIPS_MODULE
c2ec2bb7 505 goto end;
3593266d 506#else
4c2883a9 507 if (prov->module == NULL) {
ac1055ef
RL		 508 char *allocated_path = NULL;
509 const char *module_path = NULL;
510 char *merged_path = NULL;
6bd4e3f2
P		 511 const char *load_dir = NULL;
512 struct provider_store_st *store;
4c2883a9
RL		 513
514 if ((prov->module = DSO_new()) == NULL) {
515 /* DSO_new() generates an error already */
c2ec2bb7 516 goto end;
4c2883a9
RL		 517 }
518
6bd4e3f2
P		 519 if ((store = get_provider_store(prov->libctx)) == NULL
520 || !CRYPTO_THREAD_read_lock(store->lock))
c2ec2bb7 521 goto end;
6bd4e3f2 522 load_dir = store->default_path;
c2ec2bb7 523 CRYPTO_THREAD_unlock(store->lock);
6bd4e3f2
P		 524
525 if (load_dir == NULL) {
526 load_dir = ossl_safe_getenv("OPENSSL_MODULES");
527 if (load_dir == NULL)
528 load_dir = MODULESDIR;
529 }
4c2883a9
RL		 530
531 DSO_ctrl(prov->module, DSO_CTRL_SET_FLAGS,
532 DSO_FLAG_NAME_TRANSLATION_EXT_ONLY, NULL);
ac1055ef
RL		 533
534 module_path = prov->path;
535 if (module_path == NULL)
536 module_path = allocated_path =
537 DSO_convert_filename(prov->module, prov->name);
538 if (module_path != NULL)
539 merged_path = DSO_merge(prov->module, module_path, load_dir);
540
541 if (merged_path == NULL
542 || (DSO_load(prov->module, merged_path, NULL, 0)) == NULL) {
4c2883a9
RL		 543 DSO_free(prov->module);
544 prov->module = NULL;
545 }
546
ac1055ef
RL		 547 OPENSSL_free(merged_path);
548 OPENSSL_free(allocated_path);
4c2883a9
RL		 549 }
550
551 if (prov->module != NULL)
552 prov->init_function = (OSSL_provider_init_fn *)
553 DSO_bind_func(prov->module, "OSSL_provider_init");
3593266d 554#endif
4c2883a9
RL		 555 }
556
e7706e63 557 /* Call the initialise function for the provider. */
4c2883a9 558 if (prov->init_function == NULL
d40b42ab
MC		 559 || !prov->init_function((OSSL_CORE_HANDLE *)prov, core_dispatch,
560 &provider_dispatch, &tmp_provctx)) {
105d01f1 561 ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_INIT_FAIL,
49c64346 562 "name=%s", prov->name);
f844f9eb 563#ifndef FIPS_MODULE
4c2883a9
RL		 564 DSO_free(prov->module);
565 prov->module = NULL;
3593266d 566#endif
c2ec2bb7 567 goto end;
4c2883a9 568 }
914db66d 569 prov->provctx = tmp_provctx;
4c2883a9
RL		 570
571 for (; provider_dispatch->function_id != 0; provider_dispatch++) {
572 switch (provider_dispatch->function_id) {
573 case OSSL_FUNC_PROVIDER_TEARDOWN:
574 prov->teardown =
363b1e5d 575 OSSL_FUNC_provider_teardown(provider_dispatch);
4c2883a9 576 break;
dca97d00
RL		 577 case OSSL_FUNC_PROVIDER_GETTABLE_PARAMS:
578 prov->gettable_params =
363b1e5d 579 OSSL_FUNC_provider_gettable_params(provider_dispatch);
4c2883a9
RL		 580 break;
581 case OSSL_FUNC_PROVIDER_GET_PARAMS:
582 prov->get_params =
363b1e5d 583 OSSL_FUNC_provider_get_params(provider_dispatch);
4c2883a9 584 break;
04cb5ec0
SL		 585 case OSSL_FUNC_PROVIDER_SELF_TEST:
586 prov->self_test =
587 OSSL_FUNC_provider_self_test(provider_dispatch);
588 break;
82ec09ec
MC		 589 case OSSL_FUNC_PROVIDER_GET_CAPABILITIES:
590 prov->get_capabilities =
363b1e5d 591 OSSL_FUNC_provider_get_capabilities(provider_dispatch);
82ec09ec 592 break;
099bd339
RL		 593 case OSSL_FUNC_PROVIDER_QUERY_OPERATION:
594 prov->query_operation =
363b1e5d 595 OSSL_FUNC_provider_query_operation(provider_dispatch);
099bd339 596 break;
b0001d0c
P		 597 case OSSL_FUNC_PROVIDER_UNQUERY_OPERATION:
598 prov->unquery_operation =
599 OSSL_FUNC_provider_unquery_operation(provider_dispatch);
600 break;
6ebc2f56 601#ifndef OPENSSL_NO_ERR
f844f9eb 602# ifndef FIPS_MODULE
6ebc2f56
RL		 603 case OSSL_FUNC_PROVIDER_GET_REASON_STRINGS:
604 p_get_reason_strings =
363b1e5d 605 OSSL_FUNC_provider_get_reason_strings(provider_dispatch);
6ebc2f56 606 break;
6592ab81 607# endif
6ebc2f56
RL		 608#endif
609 }
610 }
611
612#ifndef OPENSSL_NO_ERR
f844f9eb 613# ifndef FIPS_MODULE
6ebc2f56
RL		 614 if (p_get_reason_strings != NULL) {
615 const OSSL_ITEM *reasonstrings = p_get_reason_strings(prov->provctx);
616 size_t cnt, cnt2;
617
618 /*
619 * ERR_load_strings() handles ERR_STRING_DATA rather than OSSL_ITEM,
620 * although they are essentially the same type.
621 * Furthermore, ERR_load_strings() patches the array's error number
622 * with the error library number, so we need to make a copy of that
623 * array either way.
624 */
fd03868b 625 cnt = 0;
6ebc2f56
RL		 626 while (reasonstrings[cnt].id != 0) {
627 if (ERR_GET_LIB(reasonstrings[cnt].id) != 0)
c2ec2bb7 628 goto end;
6ebc2f56
RL		 629 cnt++;
630 }
fd03868b 631 cnt++; /* One for the terminating item */
6ebc2f56
RL		 632
633 /* Allocate one extra item for the "library" name */
634 prov->error_strings =
635 OPENSSL_zalloc(sizeof(ERR_STRING_DATA) * (cnt + 1));
636 if (prov->error_strings == NULL)
c2ec2bb7 637 goto end;
6ebc2f56
RL		 638
639 /*
640 * Set the "library" name.
641 */
642 prov->error_strings[0].error = ERR_PACK(prov->error_lib, 0, 0);
643 prov->error_strings[0].string = prov->name;
644 /*
645 * Copy reasonstrings item 0..cnt-1 to prov->error_trings positions
646 * 1..cnt.
647 */
648 for (cnt2 = 1; cnt2 <= cnt; cnt2++) {
649 prov->error_strings[cnt2].error = (int)reasonstrings[cnt2-1].id;
650 prov->error_strings[cnt2].string = reasonstrings[cnt2-1].ptr;
4c2883a9 651 }
6ebc2f56
RL		 652
653 ERR_load_strings(prov->error_lib, prov->error_strings);
4c2883a9 654 }
6592ab81 655# endif
6ebc2f56 656#endif
4c2883a9
RL		 657
658 /* With this flag set, this provider has become fully "loaded". */
659 prov->flag_initialized = 1;
c2ec2bb7
RL		 660 ok = 1;
661
662 end:
663 CRYPTO_THREAD_unlock(prov->flag_lock);
664 return ok;
4c2883a9
RL		 665}
666
390f9bad
RL		 667static int provider_deactivate(OSSL_PROVIDER *prov)
668{
669 int ref = 0;
670
671 if (!ossl_assert(prov != NULL))
672 return 0;
673
674 if (CRYPTO_DOWN_REF(&prov->activatecnt, &ref, prov->activatecnt_lock) <= 0)
675 return 0;
676
c2ec2bb7 677 if (ref < 1) {
cd3f8c1b
RS		 678 if (!CRYPTO_THREAD_write_lock(prov->flag_lock))
679 return 0;
390f9bad 680 prov->flag_activated = 0;
c2ec2bb7
RL		 681 CRYPTO_THREAD_unlock(prov->flag_lock);
682 }
390f9bad
RL		 683
684 /* We don't deinit here, that's done in ossl_provider_free() */
685 return 1;
686}
687
688static int provider_activate(OSSL_PROVIDER *prov)
689{
690 int ref = 0;
691
692 if (CRYPTO_UP_REF(&prov->activatecnt, &ref, prov->activatecnt_lock) <= 0)
693 return 0;
694
695 if (provider_init(prov)) {
cd3f8c1b
RS		 696 if (!CRYPTO_THREAD_write_lock(prov->flag_lock))
697 return 0;
390f9bad 698 prov->flag_activated = 1;
c2ec2bb7 699 CRYPTO_THREAD_unlock(prov->flag_lock);
390f9bad
RL		 700
701 return 1;
702 }
703
704 provider_deactivate(prov);
705 return 0;
706}
707
299f5ff3 708int ossl_provider_activate(OSSL_PROVIDER *prov, int retain_fallbacks)
e55008a9 709{
390f9bad
RL		 710 if (prov == NULL)
711 return 0;
e7706e63 712 if (provider_activate(prov)) {
299f5ff3 713 if (!retain_fallbacks) {
cd3f8c1b
RS		 714 if (!CRYPTO_THREAD_write_lock(prov->store->lock)) {
715 provider_deactivate(prov);
716 return 0;
717 }
299f5ff3
P		 718 prov->store->use_fallbacks = 0;
719 CRYPTO_THREAD_unlock(prov->store->lock);
720 }
e55008a9
RL		 721 return 1;
722 }
e55008a9
RL		 723 return 0;
724}
725
390f9bad
RL		 726int ossl_provider_deactivate(OSSL_PROVIDER *prov)
727{
728 if (prov == NULL)
729 return 0;
730 return provider_deactivate(prov);
731}
732
a39eb840
RL		 733void *ossl_provider_ctx(const OSSL_PROVIDER *prov)
734{
735 return prov->provctx;
736}
737
36f5ec55
RL		 738/*
739 * This function only does something once when store->use_fallbacks == 1,
740 * and then sets store->use_fallbacks = 0, so the second call and so on is
741 * effectively a no-op.
742 */
743static void provider_activate_fallbacks(struct provider_store_st *store)
744{
7dd2cb56
MC		 745 int use_fallbacks;
746 int num_provs;
747 int activated_fallback_count = 0;
748 int i;
749
cd3f8c1b
RS		 750 if (!CRYPTO_THREAD_read_lock(store->lock))
751 return;
7dd2cb56
MC		 752 use_fallbacks = store->use_fallbacks;
753 CRYPTO_THREAD_unlock(store->lock);
754 if (!use_fallbacks)
755 return;
756
cd3f8c1b
RS		 757 if (!CRYPTO_THREAD_write_lock(store->lock))
758 return;
7dd2cb56
MC		 759 /* Check again, just in case another thread changed it */
760 use_fallbacks = store->use_fallbacks;
761 if (!use_fallbacks) {
762 CRYPTO_THREAD_unlock(store->lock);
763 return;
764 }
36f5ec55 765
7dd2cb56
MC		 766 num_provs = sk_OSSL_PROVIDER_num(store->providers);
767 for (i = 0; i < num_provs; i++) {
768 OSSL_PROVIDER *prov = sk_OSSL_PROVIDER_value(store->providers, i);
36f5ec55 769
7dd2cb56
MC		 770 if (ossl_provider_up_ref(prov)) {
771 if (prov->flag_fallback) {
772 if (provider_activate(prov)) {
773 prov->flag_activated_as_fallback = 1;
774 activated_fallback_count++;
c8567c39 775 }
36f5ec55 776 }
7dd2cb56 777 ossl_provider_free(prov);
36f5ec55 778 }
36f5ec55 779 }
7dd2cb56
MC		 780
781 /*
782 * We assume that all fallbacks have been added to the store before
783 * any fallback is activated.
784 * TODO: We may have to reconsider this, IF we find ourselves adding
785 * fallbacks after any previous fallback has been activated.
786 */
787 if (activated_fallback_count > 0)
788 store->use_fallbacks = 0;
789
790 CRYPTO_THREAD_unlock(store->lock);
36f5ec55
RL		 791}
792
8f089576
P		 793int ossl_provider_doall_activated(OSSL_LIB_CTX *ctx,
794 int (*cb)(OSSL_PROVIDER *provider,
795 void *cbdata),
796 void *cbdata)
85e2417c 797{
7bbfbc82 798 int ret = 0, i, j;
85e2417c 799 struct provider_store_st *store = get_provider_store(ctx);
7bbfbc82 800 STACK_OF(OSSL_PROVIDER) *provs = NULL;
85e2417c 801
f844f9eb 802#ifndef FIPS_MODULE
5c5cdcd8
MC		 803 /*
804 * Make sure any providers are loaded from config before we try to use
805 * them.
806 */
807 OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
808#endif
809
7bbfbc82
P		 810 if (store == NULL)
811 return 1;
812 provider_activate_fallbacks(store);
e55008a9 813
7bbfbc82
P		 814 /*
815 * Under lock, grab a copy of the provider list and up_ref each
816 * provider so that they don't disappear underneath us.
817 */
cd3f8c1b
RS		 818 if (!CRYPTO_THREAD_read_lock(store->lock))
819 return 0;
7bbfbc82
P		 820 provs = sk_OSSL_PROVIDER_dup(store->providers);
821 if (provs == NULL) {
85e2417c 822 CRYPTO_THREAD_unlock(store->lock);
7bbfbc82 823 return 0;
85e2417c 824 }
7bbfbc82
P		 825 j = sk_OSSL_PROVIDER_num(provs);
826 for (i = 0; i < j; i++)
827 if (!ossl_provider_up_ref(sk_OSSL_PROVIDER_value(provs, i)))
828 goto err_unlock;
829 CRYPTO_THREAD_unlock(store->lock);
85e2417c 830
7bbfbc82
P		 831 /*
832 * Now, we sweep through all providers not under lock
833 */
834 for (j = 0; j < i; j++) {
835 OSSL_PROVIDER *prov = sk_OSSL_PROVIDER_value(provs, j);
836
837 if (prov->flag_activated && !cb(prov, cbdata))
838 goto finish;
839 }
840
841 ret = 1;
842 goto finish;
843
844 err_unlock:
845 CRYPTO_THREAD_unlock(store->lock);
846 finish:
847 /* The pop_free call doesn't do what we want on an error condition */
848 for (j = 0; j < i; j++)
849 ossl_provider_free(sk_OSSL_PROVIDER_value(provs, j));
850 sk_OSSL_PROVIDER_free(provs);
85e2417c
RL		 851 return ret;
852}
853
36f5ec55
RL		 854int ossl_provider_available(OSSL_PROVIDER *prov)
855{
856 if (prov != NULL) {
36f5ec55 857 provider_activate_fallbacks(prov->store);
36f5ec55 858
390f9bad 859 return prov->flag_activated;
36f5ec55
RL		 860 }
861 return 0;
862}
863
e55008a9
RL		 864/* Setters of Provider Object data */
865int ossl_provider_set_fallback(OSSL_PROVIDER *prov)
866{
867 if (prov == NULL)
868 return 0;
869
870 prov->flag_fallback = 1;
871 return 1;
872}
873
4c2883a9 874/* Getters of Provider Object data */
24626a47 875const char *ossl_provider_name(const OSSL_PROVIDER *prov)
4c2883a9
RL		 876{
877 return prov->name;
878}
879
24626a47 880const DSO *ossl_provider_dso(const OSSL_PROVIDER *prov)
4c2883a9
RL		 881{
882 return prov->module;
883}
884
24626a47 885const char *ossl_provider_module_name(const OSSL_PROVIDER *prov)
4c2883a9 886{
f844f9eb 887#ifdef FIPS_MODULE
3593266d
MC		 888 return NULL;
889#else
4c2883a9 890 return DSO_get_filename(prov->module);
3593266d 891#endif
4c2883a9
RL		 892}
893
24626a47 894const char *ossl_provider_module_path(const OSSL_PROVIDER *prov)
4c2883a9 895{
f844f9eb 896#ifdef FIPS_MODULE
3593266d
MC		 897 return NULL;
898#else
4c2883a9
RL		 899 /* FIXME: Ensure it's a full path */
900 return DSO_get_filename(prov->module);
3593266d 901#endif
4c2883a9
RL		 902}
903
d01d3752
MC		 904void *ossl_provider_prov_ctx(const OSSL_PROVIDER *prov)
905{
906 if (prov != NULL)
907 return prov->provctx;
908
909 return NULL;
910}
911
a829b735 912OSSL_LIB_CTX *ossl_provider_libctx(const OSSL_PROVIDER *prov)
e74bd290 913{
185ce3d9
P		 914 /* TODO(3.0) just: return prov->libctx; */
915 return prov != NULL ? prov->libctx : NULL;
e74bd290
RL		 916}
917
4c2883a9
RL		 918/* Wrappers around calls to the provider */
919void ossl_provider_teardown(const OSSL_PROVIDER *prov)
920{
921 if (prov->teardown != NULL)
a39eb840 922 prov->teardown(prov->provctx);
4c2883a9
RL		 923}
924
dca97d00 925const OSSL_PARAM *ossl_provider_gettable_params(const OSSL_PROVIDER *prov)
4c2883a9 926{
dca97d00
RL		 927 return prov->gettable_params == NULL
928 ? NULL : prov->gettable_params(prov->provctx);
4c2883a9
RL		 929}
930
4e7991b4 931int ossl_provider_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[])
4c2883a9 932{
a39eb840
RL		 933 return prov->get_params == NULL
934 ? 0 : prov->get_params(prov->provctx, params);
4c2883a9
RL		 935}
936
04cb5ec0
SL		 937int ossl_provider_self_test(const OSSL_PROVIDER *prov)
938{
939 int ret;
940
941 if (prov->self_test == NULL)
942 return 1;
943 ret = prov->self_test(prov->provctx);
944 if (ret == 0)
a829b735 945 evp_method_store_flush(ossl_provider_libctx(prov));
04cb5ec0
SL		 946 return ret;
947}
948
82ec09ec
MC		 949int ossl_provider_get_capabilities(const OSSL_PROVIDER *prov,
950 const char *capability,
951 OSSL_CALLBACK *cb,
952 void *arg)
953{
954 return prov->get_capabilities == NULL
08a1c9f2 955 ? 1 : prov->get_capabilities(prov->provctx, capability, cb, arg);
82ec09ec
MC		 956}
957
099bd339
RL		 958const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov,
959 int operation_id,
960 int *no_cache)
961{
7dce37e2
P		 962 const OSSL_ALGORITHM *res;
963
964 if (prov->query_operation == NULL)
965 return NULL;
966 res = prov->query_operation(prov->provctx, operation_id, no_cache);
967#if defined(OPENSSL_NO_CACHED_FETCH)
968 /* Forcing the non-caching of queries */
969 if (no_cache != NULL)
970 *no_cache = 1;
971#endif
972 return res;
099bd339
RL		 973}
974
b0001d0c
P		 975void ossl_provider_unquery_operation(const OSSL_PROVIDER *prov,
976 int operation_id,
977 const OSSL_ALGORITHM *algs)
978{
979 if (prov->unquery_operation != NULL)
980 prov->unquery_operation(prov->provctx, operation_id, algs);
981}
982
5a29b628
RL		 983int ossl_provider_set_operation_bit(OSSL_PROVIDER *provider, size_t bitnum)
984{
985 size_t byte = bitnum / 8;
986 unsigned char bit = (1 << (bitnum % 8)) & 0xFF;
987
cd3f8c1b
RS		 988 if (!CRYPTO_THREAD_write_lock(provider->opbits_lock))
989 return 0;
5a29b628 990 if (provider->operation_bits_sz <= byte) {
2b748d72
TS		 991 unsigned char *tmp = OPENSSL_realloc(provider->operation_bits,
992 byte + 1);
993
994 if (tmp == NULL) {
c25a1524 995 CRYPTO_THREAD_unlock(provider->opbits_lock);
5a29b628
RL		 996 ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
997 return 0;
998 }
2b748d72 999 provider->operation_bits = tmp;
5a29b628
RL		 1000 memset(provider->operation_bits + provider->operation_bits_sz,
1001 '\0', byte + 1 - provider->operation_bits_sz);
2b748d72 1002 provider->operation_bits_sz = byte + 1;
5a29b628
RL		 1003 }
1004 provider->operation_bits[byte] |= bit;
c25a1524 1005 CRYPTO_THREAD_unlock(provider->opbits_lock);
5a29b628
RL		 1006 return 1;
1007}
1008
1009int ossl_provider_test_operation_bit(OSSL_PROVIDER *provider, size_t bitnum,
1010 int *result)
1011{
1012 size_t byte = bitnum / 8;
1013 unsigned char bit = (1 << (bitnum % 8)) & 0xFF;
1014
1015 if (!ossl_assert(result != NULL)) {
1016 ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
1017 return 0;
1018 }
1019
1020 *result = 0;
cd3f8c1b
RS		 1021 if (!CRYPTO_THREAD_read_lock(provider->opbits_lock))
1022 return 0;
5a29b628
RL		 1023 if (provider->operation_bits_sz > byte)
1024 *result = ((provider->operation_bits[byte] & bit) != 0);
c25a1524 1025 CRYPTO_THREAD_unlock(provider->opbits_lock);
5a29b628
RL		 1026 return 1;
1027}
1028
4c2883a9
RL		 1029/*-
1030 * Core functions for the provider
1031 * ===============================
1032 *
1033 * This is the set of functions that the core makes available to the provider
1034 */
1035
1036/*
1037 * This returns a list of Provider Object parameters with their types, for
1038 * discovery. We do not expect that many providers will use this, but one
1039 * never knows.
1040 */
26175013 1041static const OSSL_PARAM param_types[] = {
b8086652
SL		 1042 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_CORE_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0),
1043 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_CORE_PROV_NAME, OSSL_PARAM_UTF8_PTR,
1044 NULL, 0),
1045#ifndef FIPS_MODULE
1046 OSSL_PARAM_DEFN(OSSL_PROV_PARAM_CORE_MODULE_FILENAME, OSSL_PARAM_UTF8_PTR,
1047 NULL, 0),
1048#endif
26175013 1049 OSSL_PARAM_END
4c2883a9
RL		 1050};
1051
49c64346
RL		 1052/*
1053 * Forward declare all the functions that are provided aa dispatch.
1054 * This ensures that the compiler will complain if they aren't defined
1055 * with the correct signature.
1056 */
363b1e5d
DMSP		 1057static OSSL_FUNC_core_gettable_params_fn core_gettable_params;
1058static OSSL_FUNC_core_get_params_fn core_get_params;
1059static OSSL_FUNC_core_thread_start_fn core_thread_start;
a829b735 1060static OSSL_FUNC_core_get_libctx_fn core_get_libctx;
f844f9eb 1061#ifndef FIPS_MODULE
363b1e5d
DMSP		 1062static OSSL_FUNC_core_new_error_fn core_new_error;
1063static OSSL_FUNC_core_set_error_debug_fn core_set_error_debug;
1064static OSSL_FUNC_core_vset_error_fn core_vset_error;
1065static OSSL_FUNC_core_set_error_mark_fn core_set_error_mark;
1066static OSSL_FUNC_core_clear_last_error_mark_fn core_clear_last_error_mark;
1067static OSSL_FUNC_core_pop_error_to_mark_fn core_pop_error_to_mark;
49c64346
RL		 1068#endif
1069
d40b42ab 1070static const OSSL_PARAM *core_gettable_params(const OSSL_CORE_HANDLE *handle)
4c2883a9
RL		 1071{
1072 return param_types;
1073}
1074
d40b42ab 1075static int core_get_params(const OSSL_CORE_HANDLE *handle, OSSL_PARAM params[])
4c2883a9
RL		 1076{
1077 int i;
4e7991b4 1078 OSSL_PARAM *p;
d40b42ab
MC		 1079 /*
1080 * We created this object originally and we know it is actually an
1081 * OSSL_PROVIDER *, so the cast is safe
1082 */
1083 OSSL_PROVIDER *prov = (OSSL_PROVIDER *)handle;
4c2883a9 1084
b8086652 1085 if ((p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_CORE_VERSION)) != NULL)
ac1055ef 1086 OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR);
b8086652 1087 if ((p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_CORE_PROV_NAME)) != NULL)
ac1055ef
RL		 1088 OSSL_PARAM_set_utf8_ptr(p, prov->name);
1089
f844f9eb 1090#ifndef FIPS_MODULE
b8086652
SL		 1091 if ((p = OSSL_PARAM_locate(params,
1092 OSSL_PROV_PARAM_CORE_MODULE_FILENAME)) != NULL)
25e60144
SL		 1093 OSSL_PARAM_set_utf8_ptr(p, ossl_provider_module_path(prov));
1094#endif
1095
ac1055ef
RL		 1096 if (prov->parameters == NULL)
1097 return 1;
1098
1099 for (i = 0; i < sk_INFOPAIR_num(prov->parameters); i++) {
1100 INFOPAIR *pair = sk_INFOPAIR_value(prov->parameters, i);
1101
1102 if ((p = OSSL_PARAM_locate(params, pair->name)) != NULL)
1103 OSSL_PARAM_set_utf8_ptr(p, pair->value);
4c2883a9 1104 }
4c2883a9
RL		 1105 return 1;
1106}
1107
d40b42ab 1108static OPENSSL_CORE_CTX *core_get_libctx(const OSSL_CORE_HANDLE *handle)
e7706e63 1109{
d40b42ab
MC		 1110 /*
1111 * We created this object originally and we know it is actually an
1112 * OSSL_PROVIDER *, so the cast is safe
1113 */
1114 OSSL_PROVIDER *prov = (OSSL_PROVIDER *)handle;
1115
a829b735 1116 return (OPENSSL_CORE_CTX *)ossl_provider_libctx(prov);
e7706e63
RL		 1117}
1118
d40b42ab 1119static int core_thread_start(const OSSL_CORE_HANDLE *handle,
da747958
MC		 1120 OSSL_thread_stop_handler_fn handfn)
1121{
d40b42ab
MC		 1122 /*
1123 * We created this object originally and we know it is actually an
1124 * OSSL_PROVIDER *, so the cast is safe
1125 */
1126 OSSL_PROVIDER *prov = (OSSL_PROVIDER *)handle;
1127
6913f5fe 1128 return ossl_init_thread_start(prov, prov->provctx, handfn);
da747958
MC		 1129}
1130
6592ab81
RL		 1131/*
1132 * The FIPS module inner provider doesn't implement these. They aren't
1133 * needed there, since the FIPS module upcalls are always the outer provider
1134 * ones.
1135 */
f844f9eb 1136#ifndef FIPS_MODULE
49c64346 1137/*
d40b42ab 1138 * TODO(3.0) These error functions should use |handle| to select the proper
49c64346
RL		 1139 * library context to report in the correct error stack, at least if error
1140 * stacks become tied to the library context.
1141 * We cannot currently do that since there's no support for it in the
1142 * ERR subsystem.
1143 */
d40b42ab 1144static void core_new_error(const OSSL_CORE_HANDLE *handle)
49c64346
RL		 1145{
1146 ERR_new();
1147}
1148
d40b42ab 1149static void core_set_error_debug(const OSSL_CORE_HANDLE *handle,
49c64346
RL		 1150 const char *file, int line, const char *func)
1151{
1152 ERR_set_debug(file, line, func);
1153}
1154
d40b42ab 1155static void core_vset_error(const OSSL_CORE_HANDLE *handle,
49c64346 1156 uint32_t reason, const char *fmt, va_list args)
6ebc2f56 1157{
d40b42ab
MC		 1158 /*
1159 * We created this object originally and we know it is actually an
1160 * OSSL_PROVIDER *, so the cast is safe
1161 */
1162 OSSL_PROVIDER *prov = (OSSL_PROVIDER *)handle;
1163
6ebc2f56
RL		 1164 /*
1165 * If the uppermost 8 bits are non-zero, it's an OpenSSL library
1166 * error and will be treated as such. Otherwise, it's a new style
1167 * provider error and will be treated as such.
1168 */
1169 if (ERR_GET_LIB(reason) != 0) {
49c64346 1170 ERR_vset_error(ERR_GET_LIB(reason), ERR_GET_REASON(reason), fmt, args);
6ebc2f56 1171 } else {
49c64346 1172 ERR_vset_error(prov->error_lib, (int)reason, fmt, args);
6ebc2f56
RL		 1173 }
1174}
7b131de2 1175
d40b42ab 1176static int core_set_error_mark(const OSSL_CORE_HANDLE *handle)
7b131de2
RL		 1177{
1178 return ERR_set_mark();
1179}
1180
d40b42ab 1181static int core_clear_last_error_mark(const OSSL_CORE_HANDLE *handle)
7b131de2
RL		 1182{
1183 return ERR_clear_last_mark();
1184}
1185
d40b42ab 1186static int core_pop_error_to_mark(const OSSL_CORE_HANDLE *handle)
7b131de2
RL		 1187{
1188 return ERR_pop_to_mark();
1189}
f844f9eb 1190#endif /* FIPS_MODULE */
6ebc2f56 1191
b60cba3c 1192/*
03bede0c 1193 * Functions provided by the core.
b60cba3c 1194 */
4c2883a9 1195static const OSSL_DISPATCH core_dispatch_[] = {
dca97d00 1196 { OSSL_FUNC_CORE_GETTABLE_PARAMS, (void (*)(void))core_gettable_params },
4c2883a9 1197 { OSSL_FUNC_CORE_GET_PARAMS, (void (*)(void))core_get_params },
a829b735 1198 { OSSL_FUNC_CORE_GET_LIBCTX, (void (*)(void))core_get_libctx },
da747958 1199 { OSSL_FUNC_CORE_THREAD_START, (void (*)(void))core_thread_start },
f844f9eb 1200#ifndef FIPS_MODULE
49c64346
RL		 1201 { OSSL_FUNC_CORE_NEW_ERROR, (void (*)(void))core_new_error },
1202 { OSSL_FUNC_CORE_SET_ERROR_DEBUG, (void (*)(void))core_set_error_debug },
1203 { OSSL_FUNC_CORE_VSET_ERROR, (void (*)(void))core_vset_error },
7b131de2
RL		 1204 { OSSL_FUNC_CORE_SET_ERROR_MARK, (void (*)(void))core_set_error_mark },
1205 { OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK,
1206 (void (*)(void))core_clear_last_error_mark },
d16d0b71 1207 { OSSL_FUNC_CORE_POP_ERROR_TO_MARK, (void (*)(void))core_pop_error_to_mark },
141cc94e
P		 1208 { OSSL_FUNC_BIO_NEW_FILE, (void (*)(void))ossl_core_bio_new_file },
1209 { OSSL_FUNC_BIO_NEW_MEMBUF, (void (*)(void))ossl_core_bio_new_mem_buf },
1210 { OSSL_FUNC_BIO_READ_EX, (void (*)(void))ossl_core_bio_read_ex },
1211 { OSSL_FUNC_BIO_WRITE_EX, (void (*)(void))ossl_core_bio_write_ex },
1212 { OSSL_FUNC_BIO_GETS, (void (*)(void))ossl_core_bio_gets },
1213 { OSSL_FUNC_BIO_PUTS, (void (*)(void))ossl_core_bio_puts },
1214 { OSSL_FUNC_BIO_CTRL, (void (*)(void))ossl_core_bio_ctrl },
1215 { OSSL_FUNC_BIO_UP_REF, (void (*)(void))ossl_core_bio_up_ref },
1216 { OSSL_FUNC_BIO_FREE, (void (*)(void))ossl_core_bio_free },
1217 { OSSL_FUNC_BIO_VPRINTF, (void (*)(void))ossl_core_bio_vprintf },
d16d0b71 1218 { OSSL_FUNC_BIO_VSNPRINTF, (void (*)(void))BIO_vsnprintf },
36fc5fc6 1219 { OSSL_FUNC_SELF_TEST_CB, (void (*)(void))OSSL_SELF_TEST_get_callback },
03bede0c
P		 1220 { OSSL_FUNC_GET_ENTROPY, (void (*)(void))ossl_rand_get_entropy },
1221 { OSSL_FUNC_CLEANUP_ENTROPY, (void (*)(void))ossl_rand_cleanup_entropy },
1222 { OSSL_FUNC_GET_NONCE, (void (*)(void))ossl_rand_get_nonce },
1223 { OSSL_FUNC_CLEANUP_NONCE, (void (*)(void))ossl_rand_cleanup_nonce },
6592ab81 1224#endif
b60cba3c
RS		 1225 { OSSL_FUNC_CRYPTO_MALLOC, (void (*)(void))CRYPTO_malloc },
1226 { OSSL_FUNC_CRYPTO_ZALLOC, (void (*)(void))CRYPTO_zalloc },
b60cba3c
RS		 1227 { OSSL_FUNC_CRYPTO_FREE, (void (*)(void))CRYPTO_free },
1228 { OSSL_FUNC_CRYPTO_CLEAR_FREE, (void (*)(void))CRYPTO_clear_free },
1229 { OSSL_FUNC_CRYPTO_REALLOC, (void (*)(void))CRYPTO_realloc },
1230 { OSSL_FUNC_CRYPTO_CLEAR_REALLOC, (void (*)(void))CRYPTO_clear_realloc },
1231 { OSSL_FUNC_CRYPTO_SECURE_MALLOC, (void (*)(void))CRYPTO_secure_malloc },
1232 { OSSL_FUNC_CRYPTO_SECURE_ZALLOC, (void (*)(void))CRYPTO_secure_zalloc },
1233 { OSSL_FUNC_CRYPTO_SECURE_FREE, (void (*)(void))CRYPTO_secure_free },
1234 { OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE,
1235 (void (*)(void))CRYPTO_secure_clear_free },
1236 { OSSL_FUNC_CRYPTO_SECURE_ALLOCATED,
1237 (void (*)(void))CRYPTO_secure_allocated },
1238 { OSSL_FUNC_OPENSSL_CLEANSE, (void (*)(void))OPENSSL_cleanse },
b60cba3c 1239
4c2883a9
RL		 1240 { 0, NULL }
1241};
1242static const OSSL_DISPATCH *core_dispatch = core_dispatch_;
A mirror of the official openssl repository