2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "e_os.h" /* strcasecmp */
11 #include "internal/namemap.h"
12 #include <openssl/lhash.h>
13 #include "crypto/lhash.h" /* openssl_lh_strcasehash */
14 #include "internal/tsan_assist.h"
25 DEFINE_LHASH_OF(NAMENUM_ENTRY
);
32 struct ossl_namemap_st
{
34 unsigned int stored
:1; /* If 1, it's stored in a library context */
37 LHASH_OF(NAMENUM_ENTRY
) *namenum
; /* Name->number mapping */
40 TSAN_QUALIFIER
int max_number
; /* Current max number TSAN version */
42 int max_number
; /* Current max number plain version */
48 static unsigned long namenum_hash(const NAMENUM_ENTRY
*n
)
50 return openssl_lh_strcasehash(n
->name
);
53 static int namenum_cmp(const NAMENUM_ENTRY
*a
, const NAMENUM_ENTRY
*b
)
55 return strcasecmp(a
->name
, b
->name
);
58 static void namenum_free(NAMENUM_ENTRY
*n
)
61 OPENSSL_free(n
->name
);
65 /* OSSL_LIB_CTX_METHOD functions for a namemap stored in a library context */
67 static void *stored_namemap_new(OSSL_LIB_CTX
*libctx
)
69 OSSL_NAMEMAP
*namemap
= ossl_namemap_new();
77 static void stored_namemap_free(void *vnamemap
)
79 OSSL_NAMEMAP
*namemap
= vnamemap
;
81 if (namemap
!= NULL
) {
82 /* Pretend it isn't stored, or ossl_namemap_free() will do nothing */
84 ossl_namemap_free(namemap
);
88 static const OSSL_LIB_CTX_METHOD stored_namemap_method
= {
98 int ossl_namemap_empty(OSSL_NAMEMAP
*namemap
)
101 /* Have TSAN support */
102 return namemap
== NULL
|| tsan_load(&namemap
->max_number
) == 0;
104 /* No TSAN support */
110 CRYPTO_THREAD_read_lock(namemap
->lock
);
111 rv
= namemap
->max_number
== 0;
112 CRYPTO_THREAD_unlock(namemap
->lock
);
117 typedef struct doall_names_data_st
{
123 static void do_name(const NAMENUM_ENTRY
*namenum
, DOALL_NAMES_DATA
*data
)
125 if (namenum
->number
== data
->number
)
126 data
->names
[data
->found
++] = namenum
->name
;
129 IMPLEMENT_LHASH_DOALL_ARG_CONST(NAMENUM_ENTRY
, DOALL_NAMES_DATA
);
132 * Call the callback for all names in the namemap with the given number.
133 * A return value 1 means that the callback was called for all names. A
134 * return value of 0 means that the callback was not called for any names.
136 int ossl_namemap_doall_names(const OSSL_NAMEMAP
*namemap
, int number
,
137 void (*fn
)(const char *name
, void *data
),
140 DOALL_NAMES_DATA cbdata
;
144 cbdata
.number
= number
;
148 * We collect all the names first under a read lock. Subsequently we call
149 * the user function, so that we're not holding the read lock when in user
150 * code. This could lead to deadlocks.
152 CRYPTO_THREAD_read_lock(namemap
->lock
);
153 num_names
= lh_NAMENUM_ENTRY_num_items(namemap
->namenum
);
155 if (num_names
== 0) {
156 CRYPTO_THREAD_unlock(namemap
->lock
);
159 cbdata
.names
= OPENSSL_malloc(sizeof(*cbdata
.names
) * num_names
);
160 if (cbdata
.names
== NULL
) {
161 CRYPTO_THREAD_unlock(namemap
->lock
);
164 lh_NAMENUM_ENTRY_doall_DOALL_NAMES_DATA(namemap
->namenum
, do_name
,
166 CRYPTO_THREAD_unlock(namemap
->lock
);
168 for (i
= 0; i
< cbdata
.found
; i
++)
169 fn(cbdata
.names
[i
], data
);
171 OPENSSL_free(cbdata
.names
);
175 static int namemap_name2num_n(const OSSL_NAMEMAP
*namemap
,
176 const char *name
, size_t name_len
)
178 NAMENUM_ENTRY
*namenum_entry
, namenum_tmpl
;
180 if ((namenum_tmpl
.name
= OPENSSL_strndup(name
, name_len
)) == NULL
)
182 namenum_tmpl
.number
= 0;
184 lh_NAMENUM_ENTRY_retrieve(namemap
->namenum
, &namenum_tmpl
);
185 OPENSSL_free(namenum_tmpl
.name
);
186 return namenum_entry
!= NULL
? namenum_entry
->number
: 0;
189 int ossl_namemap_name2num_n(const OSSL_NAMEMAP
*namemap
,
190 const char *name
, size_t name_len
)
196 namemap
= ossl_namemap_stored(NULL
);
202 CRYPTO_THREAD_read_lock(namemap
->lock
);
203 number
= namemap_name2num_n(namemap
, name
, name_len
);
204 CRYPTO_THREAD_unlock(namemap
->lock
);
209 int ossl_namemap_name2num(const OSSL_NAMEMAP
*namemap
, const char *name
)
214 return ossl_namemap_name2num_n(namemap
, name
, strlen(name
));
217 struct num2name_data_st
{
218 size_t idx
; /* Countdown */
219 const char *name
; /* Result */
222 static void do_num2name(const char *name
, void *vdata
)
224 struct num2name_data_st
*data
= vdata
;
228 else if (data
->name
== NULL
)
232 const char *ossl_namemap_num2name(const OSSL_NAMEMAP
*namemap
, int number
,
235 struct num2name_data_st data
;
239 if (!ossl_namemap_doall_names(namemap
, number
, do_num2name
, &data
))
244 static int namemap_add_name_n(OSSL_NAMEMAP
*namemap
, int number
,
245 const char *name
, size_t name_len
)
247 NAMENUM_ENTRY
*namenum
= NULL
;
250 /* If it already exists, we don't add it */
251 if ((tmp_number
= namemap_name2num_n(namemap
, name
, name_len
)) != 0)
254 if ((namenum
= OPENSSL_zalloc(sizeof(*namenum
))) == NULL
255 || (namenum
->name
= OPENSSL_strndup(name
, name_len
)) == NULL
)
259 number
!= 0 ? number
: 1 + tsan_counter(&namemap
->max_number
);
260 (void)lh_NAMENUM_ENTRY_insert(namemap
->namenum
, namenum
);
262 if (lh_NAMENUM_ENTRY_error(namemap
->namenum
))
264 return namenum
->number
;
267 namenum_free(namenum
);
271 int ossl_namemap_add_name_n(OSSL_NAMEMAP
*namemap
, int number
,
272 const char *name
, size_t name_len
)
278 namemap
= ossl_namemap_stored(NULL
);
281 if (name
== NULL
|| name_len
== 0 || namemap
== NULL
)
284 CRYPTO_THREAD_write_lock(namemap
->lock
);
285 tmp_number
= namemap_add_name_n(namemap
, number
, name
, name_len
);
286 CRYPTO_THREAD_unlock(namemap
->lock
);
290 int ossl_namemap_add_name(OSSL_NAMEMAP
*namemap
, int number
, const char *name
)
295 return ossl_namemap_add_name_n(namemap
, number
, name
, strlen(name
));
298 int ossl_namemap_add_names(OSSL_NAMEMAP
*namemap
, int number
,
299 const char *names
, const char separator
)
304 /* Check that we have a namemap */
305 if (!ossl_assert(namemap
!= NULL
)) {
306 ERR_raise(ERR_LIB_CRYPTO
, ERR_R_PASSED_NULL_PARAMETER
);
310 CRYPTO_THREAD_write_lock(namemap
->lock
);
312 * Check that no name is an empty string, and that all names have at
313 * most one numeric identity together.
315 for (p
= names
; *p
!= '\0'; p
= (q
== NULL
? p
+ l
: q
+ 1)) {
318 if ((q
= strchr(p
, separator
)) == NULL
)
319 l
= strlen(p
); /* offset to \0 */
321 l
= q
- p
; /* offset to the next separator */
323 this_number
= namemap_name2num_n(namemap
, p
, l
);
325 if (*p
== '\0' || *p
== separator
) {
326 ERR_raise(ERR_LIB_CRYPTO
, CRYPTO_R_BAD_ALGORITHM_NAME
);
330 number
= this_number
;
331 } else if (this_number
!= 0 && this_number
!= number
) {
332 ERR_raise_data(ERR_LIB_CRYPTO
, CRYPTO_R_CONFLICTING_NAMES
,
333 "\"%.*s\" has an existing different identity %d (from \"%s\")",
334 l
, p
, this_number
, names
);
339 /* Now that we have checked, register all names */
340 for (p
= names
; *p
!= '\0'; p
= (q
== NULL
? p
+ l
: q
+ 1)) {
343 if ((q
= strchr(p
, separator
)) == NULL
)
344 l
= strlen(p
); /* offset to \0 */
346 l
= q
- p
; /* offset to the next separator */
348 this_number
= namemap_add_name_n(namemap
, number
, p
, l
);
350 number
= this_number
;
351 } else if (this_number
!= number
) {
352 ERR_raise_data(ERR_LIB_CRYPTO
, ERR_R_INTERNAL_ERROR
,
353 "Got number %d when expecting %d",
354 this_number
, number
);
359 CRYPTO_THREAD_unlock(namemap
->lock
);
363 CRYPTO_THREAD_unlock(namemap
->lock
);
373 #include <openssl/evp.h>
375 /* Creates an initial namemap with names found in the legacy method db */
376 static void get_legacy_evp_names(const char *main_name
, const char *alias
,
379 int main_id
= ossl_namemap_add_name(arg
, 0, main_name
);
382 * We could check that the returned value is the same as main_id,
383 * but since this is a void function, there's no sane way to report
384 * the error. The best we can do is trust ourselve to keep the legacy
385 * method database conflict free.
387 * This registers any alias with the same number as the main name.
388 * Should it be that the current |on| *has* the main name, this is
392 (void)ossl_namemap_add_name(arg
, main_id
, alias
);
396 static void get_legacy_cipher_names(const OBJ_NAME
*on
, void *arg
)
398 const EVP_CIPHER
*cipher
= (void *)OBJ_NAME_get(on
->name
, on
->type
);
400 get_legacy_evp_names(EVP_CIPHER_name(cipher
), on
->name
, arg
);
403 static void get_legacy_md_names(const OBJ_NAME
*on
, void *arg
)
405 const EVP_MD
*md
= (void *)OBJ_NAME_get(on
->name
, on
->type
);
406 /* We don't want the pkey_type names, so we need some extra care */
409 snid
= OBJ_sn2nid(on
->name
);
410 lnid
= OBJ_ln2nid(on
->name
);
411 if (snid
!= EVP_MD_pkey_type(md
) && lnid
!= EVP_MD_pkey_type(md
))
412 get_legacy_evp_names(EVP_MD_name(md
), on
->name
, arg
);
414 get_legacy_evp_names(EVP_MD_name(md
), NULL
, arg
);
419 * Constructors / destructors
420 * ==========================
423 OSSL_NAMEMAP
*ossl_namemap_stored(OSSL_LIB_CTX
*libctx
)
425 OSSL_NAMEMAP
*namemap
=
426 ossl_lib_ctx_get_data(libctx
, OSSL_LIB_CTX_NAMEMAP_INDEX
,
427 &stored_namemap_method
);
430 if (namemap
!= NULL
&& ossl_namemap_empty(namemap
)) {
431 /* Before pilfering, we make sure the legacy database is populated */
432 OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
433 | OPENSSL_INIT_ADD_ALL_DIGESTS
, NULL
);
435 OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH
,
436 get_legacy_cipher_names
, namemap
);
437 OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH
,
438 get_legacy_md_names
, namemap
);
445 OSSL_NAMEMAP
*ossl_namemap_new(void)
447 OSSL_NAMEMAP
*namemap
;
449 if ((namemap
= OPENSSL_zalloc(sizeof(*namemap
))) != NULL
450 && (namemap
->lock
= CRYPTO_THREAD_lock_new()) != NULL
451 && (namemap
->namenum
=
452 lh_NAMENUM_ENTRY_new(namenum_hash
, namenum_cmp
)) != NULL
)
455 ossl_namemap_free(namemap
);
459 void ossl_namemap_free(OSSL_NAMEMAP
*namemap
)
461 if (namemap
== NULL
|| namemap
->stored
)
464 lh_NAMENUM_ENTRY_doall(namemap
->namenum
, namenum_free
);
465 lh_NAMENUM_ENTRY_free(namemap
->namenum
);
467 CRYPTO_THREAD_lock_free(namemap
->lock
);
468 OPENSSL_free(namemap
);