From: Richard Levitte Date: Thu, 30 Sep 2021 07:32:57 +0000 (+0200) Subject: CORE: add a provider argument to ossl_method_construct() X-Git-Tag: openssl-3.2.0-alpha1~3416 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=cfce50f791511c8fee7dec90c57f02d9410d039f;p=thirdparty%2Fopenssl.git CORE: add a provider argument to ossl_method_construct() This makes it possible to limit the search of methods to that particular provider. This uses already available possibilities in ossl_algorithm_do_all(). Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/16725) --- diff --git a/crypto/core_algorithm.c b/crypto/core_algorithm.c index 1a2e798c2c2..5ff33eff7c7 100644 --- a/crypto/core_algorithm.c +++ b/crypto/core_algorithm.c @@ -105,10 +105,23 @@ void ossl_algorithm_do_all(OSSL_LIB_CTX *libctx, int operation_id, cbdata.post = post; cbdata.data = data; - if (provider == NULL) + if (provider == NULL) { ossl_provider_doall_activated(libctx, algorithm_do_this, &cbdata); - else + } else { + OSSL_LIB_CTX *libctx2 = ossl_provider_libctx(provider); + + /* + * If a provider is given, its library context MUST match the library + * context we're passed. If this turns out not to be true, there is + * a programming error in the functions up the call stack. + */ + if (!ossl_assert(ossl_lib_ctx_get_concrete(libctx) + == ossl_lib_ctx_get_concrete(libctx2))) + return; + + cbdata.libctx = libctx2; algorithm_do_this(provider, &cbdata); + } } char *ossl_algorithm_get1_first_name(const OSSL_ALGORITHM *algo) diff --git a/crypto/core_fetch.c b/crypto/core_fetch.c index d315599ce67..26eeaba3b7a 100644 --- a/crypto/core_fetch.c +++ b/crypto/core_fetch.c @@ -105,7 +105,7 @@ static void ossl_method_construct_this(OSSL_PROVIDER *provider, } void *ossl_method_construct(OSSL_LIB_CTX *libctx, int operation_id, - int force_store, + OSSL_PROVIDER *provider, int force_store, OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data) { void *method = NULL; @@ -117,7 +117,7 @@ void *ossl_method_construct(OSSL_LIB_CTX *libctx, int operation_id, cbdata.force_store = force_store; cbdata.mcm = mcm; cbdata.mcm_data = mcm_data; - ossl_algorithm_do_all(libctx, operation_id, NULL, + ossl_algorithm_do_all(libctx, operation_id, provider, ossl_method_construct_precondition, ossl_method_construct_this, ossl_method_construct_postcondition, diff --git a/crypto/encode_decode/decoder_meth.c b/crypto/encode_decode/decoder_meth.c index 8f0786c941d..82515a14a33 100644 --- a/crypto/encode_decode/decoder_meth.c +++ b/crypto/encode_decode/decoder_meth.c @@ -380,7 +380,7 @@ inner_ossl_decoder_fetch(struct decoder_data_st *methdata, int id, methdata->propquery = properties; methdata->flag_construct_error_occurred = 0; if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_DECODER, - 0 /* !force_cache */, + NULL, 0 /* !force_cache */, &mcm, methdata)) != NULL) { /* * If construction did create a method for us, we know that diff --git a/crypto/encode_decode/encoder_meth.c b/crypto/encode_decode/encoder_meth.c index 9f7ecc82cbd..6526f5e3581 100644 --- a/crypto/encode_decode/encoder_meth.c +++ b/crypto/encode_decode/encoder_meth.c @@ -390,7 +390,7 @@ inner_ossl_encoder_fetch(struct encoder_data_st *methdata, int id, methdata->propquery = properties; methdata->flag_construct_error_occurred = 0; if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_ENCODER, - 0 /* !force_cache */, + NULL, 0 /* !force_cache */, &mcm, methdata)) != NULL) { /* * If construction did create a method for us, we know that diff --git a/crypto/evp/evp_fetch.c b/crypto/evp/evp_fetch.c index 5303cf8859e..a0fa6590ae3 100644 --- a/crypto/evp/evp_fetch.c +++ b/crypto/evp/evp_fetch.c @@ -234,7 +234,8 @@ static void destruct_evp_method(void *method, void *data) } static void * -inner_evp_generic_fetch(struct evp_method_data_st *methdata, int operation_id, +inner_evp_generic_fetch(struct evp_method_data_st *methdata, + OSSL_PROVIDER *prov, int operation_id, int name_id, const char *name, const char *properties, void *(*new_method)(int name_id, @@ -315,7 +316,7 @@ inner_evp_generic_fetch(struct evp_method_data_st *methdata, int operation_id, methdata->destruct_method = free_method; methdata->flag_construct_error_occurred = 0; if ((method = ossl_method_construct(methdata->libctx, operation_id, - 0 /* !force_cache */, + prov, 0 /* !force_cache */, &mcm, methdata)) != NULL) { /* * If construction did create a method for us, we know that @@ -366,8 +367,8 @@ void *evp_generic_fetch(OSSL_LIB_CTX *libctx, int operation_id, methdata.libctx = libctx; methdata.tmp_store = NULL; - method = inner_evp_generic_fetch(&methdata, - operation_id, 0, name, properties, + method = inner_evp_generic_fetch(&methdata, NULL, operation_id, + 0, name, properties, new_method, up_ref_method, free_method); dealloc_tmp_evp_method_store(methdata.tmp_store); return method; @@ -393,8 +394,8 @@ void *evp_generic_fetch_by_number(OSSL_LIB_CTX *libctx, int operation_id, methdata.libctx = libctx; methdata.tmp_store = NULL; - method = inner_evp_generic_fetch(&methdata, - operation_id, name_id, NULL, properties, + method = inner_evp_generic_fetch(&methdata, NULL, operation_id, + name_id, NULL, properties, new_method, up_ref_method, free_method); dealloc_tmp_evp_method_store(methdata.tmp_store); return method; @@ -588,7 +589,7 @@ void evp_generic_do_all(OSSL_LIB_CTX *libctx, int operation_id, methdata.libctx = libctx; methdata.tmp_store = NULL; - (void)inner_evp_generic_fetch(&methdata, operation_id, 0, NULL, NULL, + (void)inner_evp_generic_fetch(&methdata, NULL, operation_id, 0, NULL, NULL, new_method, up_ref_method, free_method); data.operation_id = operation_id; diff --git a/crypto/store/store_meth.c b/crypto/store/store_meth.c index 61230a6c241..d6b0389af99 100644 --- a/crypto/store/store_meth.c +++ b/crypto/store/store_meth.c @@ -322,7 +322,7 @@ inner_loader_fetch(struct loader_data_st *methdata, int id, methdata->propquery = properties; methdata->flag_construct_error_occurred = 0; if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_STORE, - 0 /* !force_cache */, + NULL, 0 /* !force_cache */, &mcm, methdata)) != NULL) { /* * If construction did create a method for us, we know that there diff --git a/doc/internal/man3/ossl_method_construct.pod b/doc/internal/man3/ossl_method_construct.pod index 46a17ba7b6d..f30e5609dce 100644 --- a/doc/internal/man3/ossl_method_construct.pod +++ b/doc/internal/man3/ossl_method_construct.pod @@ -27,7 +27,7 @@ OSSL_METHOD_CONSTRUCT_METHOD, ossl_method_construct typedef struct ossl_method_construct_method OSSL_METHOD_CONSTRUCT_METHOD; void *ossl_method_construct(OSSL_LIB_CTX *ctx, int operation_id, - int force_cache, + OSSL_PROVIDER *prov, int force_cache, OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data); @@ -57,6 +57,9 @@ providers for a dispatch table given an I, and then calling the appropriate functions given by the subsystem specific method creator through I and the data in I (which is passed by ossl_method_construct()). +If I is not NULL, only that provider is considered, which is +useful in the case a method must be found in that particular +provider. This function assumes that the subsystem method creator implements reference counting and acts accordingly (i.e. it will call the diff --git a/include/internal/core.h b/include/internal/core.h index 035b7268942..277f2bdac56 100644 --- a/include/internal/core.h +++ b/include/internal/core.h @@ -43,7 +43,7 @@ typedef struct ossl_method_construct_method_st { } OSSL_METHOD_CONSTRUCT_METHOD; void *ossl_method_construct(OSSL_LIB_CTX *ctx, int operation_id, - int force_cache, + OSSL_PROVIDER *prov, int force_cache, OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data); void ossl_algorithm_do_all(OSSL_LIB_CTX *libctx, int operation_id,