Don't hold a lock when calling a callback in ossl_namemap_doall_names

[thirdparty/openssl.git] / crypto / evp / evp_rand.c

diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c
index 2e4edfff34674239b19503d811161e72bf6c2ffd..b27f4e11a0bda9cefd2d7fcad62136f179b2dd27 100644 (file)
--- a/crypto/evp/evp_rand.c
+++ b/crypto/evp/evp_rand.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -93,7 +93,7 @@ int EVP_RAND_enable_locking(EVP_RAND_CTX *rand)
 {
     if (rand->meth->enable_locking != NULL)
         return rand->meth->enable_locking(rand->data);
-    EVPerr(0, EVP_R_LOCKING_NOT_SUPPORTED);
+    ERR_raise(ERR_LIB_EVP, EVP_R_LOCKING_NOT_SUPPORTED);
     return 0;
 }
 
@@ -117,13 +117,13 @@ static void *evp_rand_from_dispatch(int name_id,
                                     OSSL_PROVIDER *prov)
 {
     EVP_RAND *rand = NULL;
-    int fnrandcnt = 0, fnctxcnt = 0, fnlockcnt = 0;
+    int fnrandcnt = 0, fnctxcnt = 0, fnlockcnt = 0, fnenablelockcnt = 0;
 #ifdef FIPS_MODULE
     int fnzeroizecnt = 0;
 #endif
 
     if ((rand = evp_rand_new()) == NULL) {
-        EVPerr(0, ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
     rand->name_id = name_id;
@@ -174,7 +174,7 @@ static void *evp_rand_from_dispatch(int name_id,
             if (rand->enable_locking != NULL)
                 break;
             rand->enable_locking = OSSL_FUNC_rand_enable_locking(fns);
-            fnlockcnt++;
+            fnenablelockcnt++;
             break;
         case OSSL_FUNC_RAND_LOCK:
             if (rand->lock != NULL)
@@ -243,7 +243,8 @@ static void *evp_rand_from_dispatch(int name_id,
      */
     if (fnrandcnt != 3
             || fnctxcnt != 3
-            || (fnlockcnt != 0 && fnlockcnt != 3)
+            || (fnenablelockcnt != 0 && fnenablelockcnt != 1)
+            || (fnlockcnt != 0 && fnlockcnt != 2)
 #ifdef FIPS_MODULE
             || fnzeroizecnt != 1
 #endif
@@ -263,7 +264,7 @@ static void *evp_rand_from_dispatch(int name_id,
     return rand;
 }
 
-EVP_RAND *EVP_RAND_fetch(OPENSSL_CTX *libctx, const char *algorithm,
+EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
                          const char *properties)
 {
     return evp_generic_fetch(libctx, OSSL_OP_RAND, algorithm, properties,
@@ -322,25 +323,19 @@ EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent)
     const OSSL_DISPATCH *parent_dispatch = NULL;
 
     if (rand == NULL) {
-        EVPerr(0, EVP_R_INVALID_NULL_ALGORITHM);
+        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
         return NULL;
     }
 
     ctx = OPENSSL_zalloc(sizeof(*ctx));
     if (ctx == NULL || (ctx->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) {
         OPENSSL_free(ctx);
-        EVPerr(0, ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
     if (parent != NULL) {
-        if (!EVP_RAND_enable_locking(parent)) {
-            EVPerr(0, EVP_R_UNABLE_TO_ENABLE_PARENT_LOCKING);
-            CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
-            OPENSSL_free(ctx);
-            return NULL;
-        }
         if (!evp_rand_ctx_up_ref(parent)) {
-            EVPerr(0, ERR_R_INTERNAL_ERROR);
+            ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
             CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
             OPENSSL_free(ctx);
             return NULL;
@@ -351,7 +346,7 @@ EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent)
     if ((ctx->data = rand->newctx(ossl_provider_ctx(rand->prov), parent_ctx,
                                   parent_dispatch)) == NULL
             || !EVP_RAND_up_ref(rand)) {
-        EVPerr(0, ERR_R_MALLOC_FAILURE);
+        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
         rand->freectx(ctx->data);
         CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
         OPENSSL_free(ctx);
@@ -433,7 +428,7 @@ const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand)
 
 const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand)
 {
-    if (rand->gettable_params == NULL)
+    if (rand->gettable_ctx_params == NULL)
         return NULL;
     return rand->gettable_ctx_params(
                ossl_provider_ctx(EVP_RAND_provider(rand)));
@@ -441,13 +436,13 @@ const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand)
 
 const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand)
 {
-    if (rand->gettable_params == NULL)
+    if (rand->settable_ctx_params == NULL)
         return NULL;
     return rand->settable_ctx_params(
                ossl_provider_ctx(EVP_RAND_provider(rand)));
 }
 
-void EVP_RAND_do_all_provided(OPENSSL_CTX *libctx,
+void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx,
                               void (*fn)(EVP_RAND *rand, void *arg),
                               void *arg)
 {
@@ -456,12 +451,14 @@ void EVP_RAND_do_all_provided(OPENSSL_CTX *libctx,
                        evp_rand_from_dispatch, evp_rand_free);
 }
 
-void EVP_RAND_names_do_all(const EVP_RAND *rand,
-                           void (*fn)(const char *name, void *data),
-                           void *data)
+int EVP_RAND_names_do_all(const EVP_RAND *rand,
+                          void (*fn)(const char *name, void *data),
+                          void *data)
 {
     if (rand->prov != NULL)
-        evp_names_do_all(rand->prov, rand->name_id, fn, data);
+        return evp_names_do_all(rand->prov, rand->name_id, fn, data);
+
+    return 1;
 }
 
 static int evp_rand_instantiate_locked
@@ -511,18 +508,18 @@ static int evp_rand_generate_locked(EVP_RAND_CTX *ctx, unsigned char *out,
     size_t chunk, max_request = 0;
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
-    params[0] = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MAX_REQUEST,
+    params[0] = OSSL_PARAM_construct_size_t(OSSL_RAND_PARAM_MAX_REQUEST,
                                             &max_request);
     if (!evp_rand_get_ctx_params_locked(ctx, params)
             || max_request == 0) {
-        EVPerr(0, EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE);
+        ERR_raise(ERR_LIB_EVP, EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE);
         return 0;
     }
     for (; outlen > 0; outlen -= chunk, out += chunk) {
         chunk = outlen > max_request ? max_request : outlen;
         if (!ctx->meth->generate(ctx->data, out, chunk, strength,
                                  prediction_resistance, addin, addin_len)) {
-            EVPerr(0, EVP_R_GENERATE_ERROR);
+            ERR_raise(ERR_LIB_EVP, EVP_R_GENERATE_ERROR);
             return 0;
         }
         /*