2 * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "crypto/cryptlib.h"
11 #include <openssl/conf.h>
12 #include "internal/thread_once.h"
13 #include "internal/property.h"
14 #include "internal/core.h"
15 #include "internal/bio.h"
16 #include "internal/provider.h"
17 #include "crypto/context.h"
19 struct ossl_lib_ctx_st
{
20 CRYPTO_RWLOCK
*lock
, *rand_crngt_lock
;
21 OSSL_EX_DATA_GLOBAL global
;
23 void *property_string_data
;
24 void *evp_method_store
;
28 void *global_properties
;
35 OSSL_METHOD_STORE
*decoder_store
;
36 OSSL_METHOD_STORE
*encoder_store
;
37 OSSL_METHOD_STORE
*store_loader_store
;
42 void *thread_event_handler
;
46 unsigned int ischild
:1;
49 int ossl_lib_ctx_write_lock(OSSL_LIB_CTX
*ctx
)
51 return CRYPTO_THREAD_write_lock(ossl_lib_ctx_get_concrete(ctx
)->lock
);
54 int ossl_lib_ctx_read_lock(OSSL_LIB_CTX
*ctx
)
56 return CRYPTO_THREAD_read_lock(ossl_lib_ctx_get_concrete(ctx
)->lock
);
59 int ossl_lib_ctx_unlock(OSSL_LIB_CTX
*ctx
)
61 return CRYPTO_THREAD_unlock(ossl_lib_ctx_get_concrete(ctx
)->lock
);
64 int ossl_lib_ctx_is_child(OSSL_LIB_CTX
*ctx
)
66 ctx
= ossl_lib_ctx_get_concrete(ctx
);
73 static void context_deinit_objs(OSSL_LIB_CTX
*ctx
);
75 static int context_init(OSSL_LIB_CTX
*ctx
)
79 ctx
->lock
= CRYPTO_THREAD_lock_new();
80 if (ctx
->lock
== NULL
)
83 ctx
->rand_crngt_lock
= CRYPTO_THREAD_lock_new();
84 if (ctx
->rand_crngt_lock
== NULL
)
87 /* Initialize ex_data. */
88 if (!ossl_do_ex_data_init(ctx
))
92 /* P2. We want evp_method_store to be cleaned up before the provider store */
93 ctx
->evp_method_store
= ossl_method_store_new(ctx
);
94 if (ctx
->evp_method_store
== NULL
)
98 /* P2. Must be freed before the provider store is freed */
99 ctx
->provider_conf
= ossl_prov_conf_ctx_new(ctx
);
100 if (ctx
->provider_conf
== NULL
)
105 ctx
->drbg
= ossl_rand_ctx_new(ctx
);
106 if (ctx
->drbg
== NULL
)
110 /* P2. We want decoder_store to be cleaned up before the provider store */
111 ctx
->decoder_store
= ossl_method_store_new(ctx
);
112 if (ctx
->decoder_store
== NULL
)
115 /* P2. We want encoder_store to be cleaned up before the provider store */
116 ctx
->encoder_store
= ossl_method_store_new(ctx
);
117 if (ctx
->encoder_store
== NULL
)
120 /* P2. We want loader_store to be cleaned up before the provider store */
121 ctx
->store_loader_store
= ossl_method_store_new(ctx
);
122 if (ctx
->store_loader_store
== NULL
)
126 /* P1. Needs to be freed before the child provider data is freed */
127 ctx
->provider_store
= ossl_provider_store_new(ctx
);
128 if (ctx
->provider_store
== NULL
)
131 /* Default priority. */
132 ctx
->property_string_data
= ossl_property_string_data_new(ctx
);
133 if (ctx
->property_string_data
== NULL
)
136 ctx
->namemap
= ossl_stored_namemap_new(ctx
);
137 if (ctx
->namemap
== NULL
)
140 ctx
->property_defns
= ossl_property_defns_new(ctx
);
141 if (ctx
->property_defns
== NULL
)
144 ctx
->global_properties
= ossl_ctx_global_properties_new(ctx
);
145 if (ctx
->global_properties
== NULL
)
149 ctx
->bio_core
= ossl_bio_core_globals_new(ctx
);
150 if (ctx
->bio_core
== NULL
)
154 ctx
->drbg_nonce
= ossl_prov_drbg_nonce_ctx_new(ctx
);
155 if (ctx
->drbg_nonce
== NULL
)
159 ctx
->self_test_cb
= ossl_self_test_set_callback_new(ctx
);
160 if (ctx
->self_test_cb
== NULL
)
165 ctx
->thread_event_handler
= ossl_thread_event_ctx_new(ctx
);
166 if (ctx
->thread_event_handler
== NULL
)
169 ctx
->fips_prov
= ossl_fips_prov_ossl_ctx_new(ctx
);
170 if (ctx
->fips_prov
== NULL
)
176 ctx
->child_provider
= ossl_child_prov_ctx_new(ctx
);
177 if (ctx
->child_provider
== NULL
)
181 /* Everything depends on properties, so we also pre-initialise that */
182 if (!ossl_property_parse_init(ctx
))
188 context_deinit_objs(ctx
);
191 ossl_crypto_cleanup_all_ex_data_int(ctx
);
193 CRYPTO_THREAD_lock_free(ctx
->rand_crngt_lock
);
194 CRYPTO_THREAD_lock_free(ctx
->lock
);
195 memset(ctx
, '\0', sizeof(*ctx
));
199 static void context_deinit_objs(OSSL_LIB_CTX
*ctx
)
201 /* P2. We want evp_method_store to be cleaned up before the provider store */
202 if (ctx
->evp_method_store
!= NULL
) {
203 ossl_method_store_free(ctx
->evp_method_store
);
204 ctx
->evp_method_store
= NULL
;
208 if (ctx
->drbg
!= NULL
) {
209 ossl_rand_ctx_free(ctx
->drbg
);
215 if (ctx
->provider_conf
!= NULL
) {
216 ossl_prov_conf_ctx_free(ctx
->provider_conf
);
217 ctx
->provider_conf
= NULL
;
220 /* P2. We want decoder_store to be cleaned up before the provider store */
221 if (ctx
->decoder_store
!= NULL
) {
222 ossl_method_store_free(ctx
->decoder_store
);
223 ctx
->decoder_store
= NULL
;
226 /* P2. We want encoder_store to be cleaned up before the provider store */
227 if (ctx
->encoder_store
!= NULL
) {
228 ossl_method_store_free(ctx
->encoder_store
);
229 ctx
->encoder_store
= NULL
;
232 /* P2. We want loader_store to be cleaned up before the provider store */
233 if (ctx
->store_loader_store
!= NULL
) {
234 ossl_method_store_free(ctx
->store_loader_store
);
235 ctx
->store_loader_store
= NULL
;
239 /* P1. Needs to be freed before the child provider data is freed */
240 if (ctx
->provider_store
!= NULL
) {
241 ossl_provider_store_free(ctx
->provider_store
);
242 ctx
->provider_store
= NULL
;
245 /* Default priority. */
246 if (ctx
->property_string_data
!= NULL
) {
247 ossl_property_string_data_free(ctx
->property_string_data
);
248 ctx
->property_string_data
= NULL
;
251 if (ctx
->namemap
!= NULL
) {
252 ossl_stored_namemap_free(ctx
->namemap
);
256 if (ctx
->property_defns
!= NULL
) {
257 ossl_property_defns_free(ctx
->property_defns
);
258 ctx
->property_defns
= NULL
;
261 if (ctx
->global_properties
!= NULL
) {
262 ossl_ctx_global_properties_free(ctx
->global_properties
);
263 ctx
->global_properties
= NULL
;
267 if (ctx
->bio_core
!= NULL
) {
268 ossl_bio_core_globals_free(ctx
->bio_core
);
269 ctx
->bio_core
= NULL
;
273 if (ctx
->drbg_nonce
!= NULL
) {
274 ossl_prov_drbg_nonce_ctx_free(ctx
->drbg_nonce
);
275 ctx
->drbg_nonce
= NULL
;
279 if (ctx
->self_test_cb
!= NULL
) {
280 ossl_self_test_set_callback_free(ctx
->self_test_cb
);
281 ctx
->self_test_cb
= NULL
;
285 if (ctx
->rand_crngt
!= NULL
) {
286 ossl_rand_crng_ctx_free(ctx
->rand_crngt
);
287 ctx
->rand_crngt
= NULL
;
291 if (ctx
->thread_event_handler
!= NULL
) {
292 ossl_thread_event_ctx_free(ctx
->thread_event_handler
);
293 ctx
->thread_event_handler
= NULL
;
296 if (ctx
->fips_prov
!= NULL
) {
297 ossl_fips_prov_ossl_ctx_free(ctx
->fips_prov
);
298 ctx
->fips_prov
= NULL
;
304 if (ctx
->child_provider
!= NULL
) {
305 ossl_child_prov_ctx_free(ctx
->child_provider
);
306 ctx
->child_provider
= NULL
;
311 static int context_deinit(OSSL_LIB_CTX
*ctx
)
316 ossl_ctx_thread_stop(ctx
);
318 context_deinit_objs(ctx
);
320 ossl_crypto_cleanup_all_ex_data_int(ctx
);
322 CRYPTO_THREAD_lock_free(ctx
->rand_crngt_lock
);
323 CRYPTO_THREAD_lock_free(ctx
->lock
);
324 ctx
->rand_crngt_lock
= NULL
;
330 /* The default default context */
331 static OSSL_LIB_CTX default_context_int
;
333 static CRYPTO_ONCE default_context_init
= CRYPTO_ONCE_STATIC_INIT
;
334 static CRYPTO_THREAD_LOCAL default_context_thread_local
;
336 DEFINE_RUN_ONCE_STATIC(default_context_do_init
)
338 return CRYPTO_THREAD_init_local(&default_context_thread_local
, NULL
)
339 && context_init(&default_context_int
);
342 void ossl_lib_ctx_default_deinit(void)
344 context_deinit(&default_context_int
);
345 CRYPTO_THREAD_cleanup_local(&default_context_thread_local
);
348 static OSSL_LIB_CTX
*get_thread_default_context(void)
350 if (!RUN_ONCE(&default_context_init
, default_context_do_init
))
353 return CRYPTO_THREAD_get_local(&default_context_thread_local
);
356 static OSSL_LIB_CTX
*get_default_context(void)
358 OSSL_LIB_CTX
*current_defctx
= get_thread_default_context();
360 if (current_defctx
== NULL
)
361 current_defctx
= &default_context_int
;
362 return current_defctx
;
365 static int set_default_context(OSSL_LIB_CTX
*defctx
)
367 if (defctx
== &default_context_int
)
370 return CRYPTO_THREAD_set_local(&default_context_thread_local
, defctx
);
374 OSSL_LIB_CTX
*OSSL_LIB_CTX_new(void)
376 OSSL_LIB_CTX
*ctx
= OPENSSL_zalloc(sizeof(*ctx
));
378 if (ctx
!= NULL
&& !context_init(ctx
)) {
386 OSSL_LIB_CTX
*OSSL_LIB_CTX_new_from_dispatch(const OSSL_CORE_HANDLE
*handle
,
387 const OSSL_DISPATCH
*in
)
389 OSSL_LIB_CTX
*ctx
= OSSL_LIB_CTX_new();
394 if (!ossl_bio_init_core(ctx
, in
)) {
395 OSSL_LIB_CTX_free(ctx
);
402 OSSL_LIB_CTX
*OSSL_LIB_CTX_new_child(const OSSL_CORE_HANDLE
*handle
,
403 const OSSL_DISPATCH
*in
)
405 OSSL_LIB_CTX
*ctx
= OSSL_LIB_CTX_new_from_dispatch(handle
, in
);
410 if (!ossl_provider_init_as_child(ctx
, handle
, in
)) {
411 OSSL_LIB_CTX_free(ctx
);
419 int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX
*ctx
, const char *config_file
)
421 return CONF_modules_load_file_ex(ctx
, config_file
, NULL
, 0) > 0;
425 void OSSL_LIB_CTX_free(OSSL_LIB_CTX
*ctx
)
427 if (ossl_lib_ctx_is_default(ctx
))
432 ossl_provider_deinit_child(ctx
);
439 OSSL_LIB_CTX
*OSSL_LIB_CTX_get0_global_default(void)
441 if (!RUN_ONCE(&default_context_init
, default_context_do_init
))
444 return &default_context_int
;
447 OSSL_LIB_CTX
*OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX
*libctx
)
449 OSSL_LIB_CTX
*current_defctx
;
451 if ((current_defctx
= get_default_context()) != NULL
) {
453 set_default_context(libctx
);
454 return current_defctx
;
461 OSSL_LIB_CTX
*ossl_lib_ctx_get_concrete(OSSL_LIB_CTX
*ctx
)
465 return get_default_context();
470 int ossl_lib_ctx_is_default(OSSL_LIB_CTX
*ctx
)
473 if (ctx
== NULL
|| ctx
== get_default_context())
479 int ossl_lib_ctx_is_global_default(OSSL_LIB_CTX
*ctx
)
482 if (ossl_lib_ctx_get_concrete(ctx
) == &default_context_int
)
488 void *ossl_lib_ctx_get_data(OSSL_LIB_CTX
*ctx
, int index
)
492 ctx
= ossl_lib_ctx_get_concrete(ctx
);
497 case OSSL_LIB_CTX_PROPERTY_STRING_INDEX
:
498 return ctx
->property_string_data
;
499 case OSSL_LIB_CTX_EVP_METHOD_STORE_INDEX
:
500 return ctx
->evp_method_store
;
501 case OSSL_LIB_CTX_PROVIDER_STORE_INDEX
:
502 return ctx
->provider_store
;
503 case OSSL_LIB_CTX_NAMEMAP_INDEX
:
505 case OSSL_LIB_CTX_PROPERTY_DEFN_INDEX
:
506 return ctx
->property_defns
;
507 case OSSL_LIB_CTX_GLOBAL_PROPERTIES
:
508 return ctx
->global_properties
;
509 case OSSL_LIB_CTX_DRBG_INDEX
:
511 case OSSL_LIB_CTX_DRBG_NONCE_INDEX
:
512 return ctx
->drbg_nonce
;
514 case OSSL_LIB_CTX_PROVIDER_CONF_INDEX
:
515 return ctx
->provider_conf
;
516 case OSSL_LIB_CTX_BIO_CORE_INDEX
:
517 return ctx
->bio_core
;
518 case OSSL_LIB_CTX_CHILD_PROVIDER_INDEX
:
519 return ctx
->child_provider
;
520 case OSSL_LIB_CTX_DECODER_STORE_INDEX
:
521 return ctx
->decoder_store
;
522 case OSSL_LIB_CTX_ENCODER_STORE_INDEX
:
523 return ctx
->encoder_store
;
524 case OSSL_LIB_CTX_STORE_LOADER_STORE_INDEX
:
525 return ctx
->store_loader_store
;
526 case OSSL_LIB_CTX_SELF_TEST_CB_INDEX
:
527 return ctx
->self_test_cb
;
530 case OSSL_LIB_CTX_RAND_CRNGT_INDEX
: {
533 * rand_crngt must be lazily initialized because it calls into
534 * libctx, so must not be called from context_init, else a deadlock
537 * We use a separate lock because code called by the instantiation
538 * of rand_crngt is liable to try and take the libctx lock.
540 if (CRYPTO_THREAD_read_lock(ctx
->rand_crngt_lock
) != 1)
543 if (ctx
->rand_crngt
== NULL
) {
544 CRYPTO_THREAD_unlock(ctx
->rand_crngt_lock
);
546 if (CRYPTO_THREAD_write_lock(ctx
->rand_crngt_lock
) != 1)
549 if (ctx
->rand_crngt
== NULL
)
550 ctx
->rand_crngt
= ossl_rand_crng_ctx_new(ctx
);
555 CRYPTO_THREAD_unlock(ctx
->rand_crngt_lock
);
561 case OSSL_LIB_CTX_THREAD_EVENT_HANDLER_INDEX
:
562 return ctx
->thread_event_handler
;
564 case OSSL_LIB_CTX_FIPS_PROV_INDEX
:
565 return ctx
->fips_prov
;
573 OSSL_EX_DATA_GLOBAL
*ossl_lib_ctx_get_ex_data_global(OSSL_LIB_CTX
*ctx
)
575 ctx
= ossl_lib_ctx_get_concrete(ctx
);
581 const char *ossl_lib_ctx_get_descriptor(OSSL_LIB_CTX
*libctx
)
584 return "FIPS internal library context";
586 if (ossl_lib_ctx_is_global_default(libctx
))
587 return "Global default library context";
588 if (ossl_lib_ctx_is_default(libctx
))
589 return "Thread-local default library context";
590 return "Non-default library context";