/src/openssl-3.5.4/crypto/core_namemap.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include "internal/namemap.h" |
11 | | #include "internal/tsan_assist.h" |
12 | | #include "internal/hashtable.h" |
13 | | #include "internal/sizes.h" |
14 | | #include "crypto/context.h" |
15 | | |
16 | 1 | #define NAMEMAP_HT_BUCKETS 512 |
17 | | |
18 | | HT_START_KEY_DEFN(namenum_key) |
19 | | HT_DEF_KEY_FIELD_CHAR_ARRAY(name, 64) |
20 | | HT_END_KEY_DEFN(NAMENUM_KEY) |
21 | | |
22 | | /*- |
23 | | * The namemap itself |
24 | | * ================== |
25 | | */ |
26 | | |
27 | | typedef STACK_OF(OPENSSL_STRING) NAMES; |
28 | | |
29 | | DEFINE_STACK_OF(NAMES) |
30 | | |
31 | | struct ossl_namemap_st { |
32 | | /* Flags */ |
33 | | unsigned int stored:1; /* If 1, it's stored in a library context */ |
34 | | |
35 | | HT *namenum_ht; /* Name->number mapping */ |
36 | | |
37 | | CRYPTO_RWLOCK *lock; |
38 | | STACK_OF(NAMES) *numnames; |
39 | | |
40 | | TSAN_QUALIFIER int max_number; /* Current max number */ |
41 | | }; |
42 | | |
43 | | static void name_string_free(char *name) |
44 | 350 | { |
45 | 350 | OPENSSL_free(name); |
46 | 350 | } |
47 | | |
48 | | static void names_free(NAMES *n) |
49 | 173 | { |
50 | 173 | sk_OPENSSL_STRING_pop_free(n, name_string_free); |
51 | 173 | } |
52 | | |
53 | | /* OSSL_LIB_CTX_METHOD functions for a namemap stored in a library context */ |
54 | | |
55 | | void *ossl_stored_namemap_new(OSSL_LIB_CTX *libctx) |
56 | 1 | { |
57 | 1 | OSSL_NAMEMAP *namemap = ossl_namemap_new(libctx); |
58 | | |
59 | 1 | if (namemap != NULL) |
60 | 1 | namemap->stored = 1; |
61 | | |
62 | 1 | return namemap; |
63 | 1 | } |
64 | | |
65 | | void ossl_stored_namemap_free(void *vnamemap) |
66 | 1 | { |
67 | 1 | OSSL_NAMEMAP *namemap = vnamemap; |
68 | | |
69 | 1 | if (namemap != NULL) { |
70 | | /* Pretend it isn't stored, or ossl_namemap_free() will do nothing */ |
71 | 1 | namemap->stored = 0; |
72 | 1 | ossl_namemap_free(namemap); |
73 | 1 | } |
74 | 1 | } |
75 | | |
76 | | /*- |
77 | | * API functions |
78 | | * ============= |
79 | | */ |
80 | | |
81 | | int ossl_namemap_empty(OSSL_NAMEMAP *namemap) |
82 | 1.73k | { |
83 | | #ifdef TSAN_REQUIRES_LOCKING |
84 | | /* No TSAN support */ |
85 | | int rv; |
86 | | |
87 | | if (namemap == NULL) |
88 | | return 1; |
89 | | |
90 | | if (!CRYPTO_THREAD_read_lock(namemap->lock)) |
91 | | return -1; |
92 | | rv = namemap->max_number == 0; |
93 | | CRYPTO_THREAD_unlock(namemap->lock); |
94 | | return rv; |
95 | | #else |
96 | | /* Have TSAN support */ |
97 | 1.73k | return namemap == NULL || tsan_load(&namemap->max_number) == 0; |
98 | 1.73k | #endif |
99 | 1.73k | } |
100 | | |
101 | | /* |
102 | | * Call the callback for all names in the namemap with the given number. |
103 | | * A return value 1 means that the callback was called for all names. A |
104 | | * return value of 0 means that the callback was not called for any names. |
105 | | */ |
106 | | int ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number, |
107 | | void (*fn)(const char *name, void *data), |
108 | | void *data) |
109 | 126 | { |
110 | 126 | int i; |
111 | 126 | NAMES *names; |
112 | | |
113 | 126 | if (namemap == NULL || number <= 0) |
114 | 0 | return 0; |
115 | | |
116 | | /* |
117 | | * We duplicate the NAMES stack under a read lock. Subsequently we call |
118 | | * the user function, so that we're not holding the read lock when in user |
119 | | * code. This could lead to deadlocks. |
120 | | */ |
121 | 126 | if (!CRYPTO_THREAD_read_lock(namemap->lock)) |
122 | 0 | return 0; |
123 | | |
124 | 126 | names = sk_NAMES_value(namemap->numnames, number - 1); |
125 | 126 | if (names != NULL) |
126 | 126 | names = sk_OPENSSL_STRING_dup(names); |
127 | | |
128 | 126 | CRYPTO_THREAD_unlock(namemap->lock); |
129 | | |
130 | 126 | if (names == NULL) |
131 | 0 | return 0; |
132 | | |
133 | 365 | for (i = 0; i < sk_OPENSSL_STRING_num(names); i++) |
134 | 239 | fn(sk_OPENSSL_STRING_value(names, i), data); |
135 | | |
136 | 126 | sk_OPENSSL_STRING_free(names); |
137 | 126 | return i > 0; |
138 | 126 | } |
139 | | |
140 | | int ossl_namemap_name2num(const OSSL_NAMEMAP *namemap, const char *name) |
141 | 2.48k | { |
142 | 2.48k | int number = 0; |
143 | 2.48k | HT_VALUE *val; |
144 | 2.48k | NAMENUM_KEY key; |
145 | | |
146 | 2.48k | #ifndef FIPS_MODULE |
147 | 2.48k | if (namemap == NULL) |
148 | 0 | namemap = ossl_namemap_stored(NULL); |
149 | 2.48k | #endif |
150 | | |
151 | 2.48k | if (namemap == NULL) |
152 | 0 | return 0; |
153 | | |
154 | 2.48k | HT_INIT_KEY(&key); |
155 | 2.48k | HT_SET_KEY_STRING_CASE(&key, name, name); |
156 | | |
157 | 2.48k | val = ossl_ht_get(namemap->namenum_ht, TO_HT_KEY(&key)); |
158 | | |
159 | 2.48k | if (val != NULL) |
160 | | /* We store a (small) int directly instead of a pointer to it. */ |
161 | 2.03k | number = (int)(intptr_t)val->value; |
162 | | |
163 | 2.48k | return number; |
164 | 2.48k | } |
165 | | |
166 | | int ossl_namemap_name2num_n(const OSSL_NAMEMAP *namemap, |
167 | | const char *name, size_t name_len) |
168 | 126 | { |
169 | 126 | int number = 0; |
170 | 126 | HT_VALUE *val; |
171 | 126 | NAMENUM_KEY key; |
172 | | |
173 | 126 | #ifndef FIPS_MODULE |
174 | 126 | if (namemap == NULL) |
175 | 0 | namemap = ossl_namemap_stored(NULL); |
176 | 126 | #endif |
177 | | |
178 | 126 | if (namemap == NULL) |
179 | 0 | return 0; |
180 | | |
181 | 126 | HT_INIT_KEY(&key); |
182 | 126 | HT_SET_KEY_STRING_CASE_N(&key, name, name, name_len); |
183 | | |
184 | 126 | val = ossl_ht_get(namemap->namenum_ht, TO_HT_KEY(&key)); |
185 | | |
186 | 126 | if (val != NULL) |
187 | | /* We store a (small) int directly instead of a pointer to it. */ |
188 | 126 | number = (int)(intptr_t)val->value; |
189 | | |
190 | 126 | return number; |
191 | 126 | } |
192 | | |
193 | | const char *ossl_namemap_num2name(const OSSL_NAMEMAP *namemap, int number, |
194 | | size_t idx) |
195 | 0 | { |
196 | 0 | NAMES *names; |
197 | 0 | const char *ret = NULL; |
198 | |
|
199 | 0 | if (namemap == NULL || number <= 0) |
200 | 0 | return NULL; |
201 | | |
202 | 0 | if (!CRYPTO_THREAD_read_lock(namemap->lock)) |
203 | 0 | return NULL; |
204 | | |
205 | 0 | names = sk_NAMES_value(namemap->numnames, number - 1); |
206 | 0 | if (names != NULL) |
207 | 0 | ret = sk_OPENSSL_STRING_value(names, idx); |
208 | |
|
209 | 0 | CRYPTO_THREAD_unlock(namemap->lock); |
210 | |
|
211 | 0 | return ret; |
212 | 0 | } |
213 | | |
214 | | /* This function is not thread safe, the namemap must be locked */ |
215 | | static int numname_insert(OSSL_NAMEMAP *namemap, int number, |
216 | | const char *name) |
217 | 350 | { |
218 | 350 | NAMES *names; |
219 | 350 | char *tmpname; |
220 | | |
221 | 350 | if (number > 0) { |
222 | 177 | names = sk_NAMES_value(namemap->numnames, number - 1); |
223 | 177 | if (!ossl_assert(names != NULL)) { |
224 | | /* cannot happen */ |
225 | 0 | return 0; |
226 | 0 | } |
227 | 177 | } else { |
228 | | /* a completely new entry */ |
229 | 173 | names = sk_OPENSSL_STRING_new_null(); |
230 | 173 | if (names == NULL) |
231 | 0 | return 0; |
232 | 173 | } |
233 | | |
234 | 350 | if ((tmpname = OPENSSL_strdup(name)) == NULL) |
235 | 0 | goto err; |
236 | | |
237 | 350 | if (!sk_OPENSSL_STRING_push(names, tmpname)) |
238 | 0 | goto err; |
239 | 350 | tmpname = NULL; |
240 | | |
241 | 350 | if (number <= 0) { |
242 | 173 | if (!sk_NAMES_push(namemap->numnames, names)) |
243 | 0 | goto err; |
244 | 173 | number = sk_NAMES_num(namemap->numnames); |
245 | 173 | } |
246 | 350 | return number; |
247 | | |
248 | 0 | err: |
249 | 0 | if (number <= 0) |
250 | 0 | sk_OPENSSL_STRING_pop_free(names, name_string_free); |
251 | 0 | OPENSSL_free(tmpname); |
252 | 0 | return 0; |
253 | 350 | } |
254 | | |
255 | | /* This function is not thread safe, the namemap must be locked */ |
256 | | static int namemap_add_name(OSSL_NAMEMAP *namemap, int number, |
257 | | const char *name) |
258 | 881 | { |
259 | 881 | int ret; |
260 | 881 | HT_VALUE val = { 0 }; |
261 | 881 | NAMENUM_KEY key; |
262 | | |
263 | | /* If it already exists, we don't add it */ |
264 | 881 | if ((ret = ossl_namemap_name2num(namemap, name)) != 0) |
265 | 531 | return ret; |
266 | | |
267 | 350 | if ((number = numname_insert(namemap, number, name)) == 0) |
268 | 0 | return 0; |
269 | | |
270 | | /* Using tsan_store alone here is safe since we're under lock */ |
271 | 350 | tsan_store(&namemap->max_number, number); |
272 | | |
273 | 350 | HT_INIT_KEY(&key); |
274 | 350 | HT_SET_KEY_STRING_CASE(&key, name, name); |
275 | 350 | val.value = (void *)(intptr_t)number; |
276 | 350 | ret = ossl_ht_insert(namemap->namenum_ht, TO_HT_KEY(&key), &val, NULL); |
277 | 350 | if (!ossl_assert(ret != 0)) /* cannot happen as we are under write lock */ |
278 | 0 | return 0; |
279 | 350 | if (ret < 1) { |
280 | | /* unable to insert due to too many collisions */ |
281 | 0 | ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_NAMES); |
282 | 0 | return 0; |
283 | 0 | } |
284 | 350 | return number; |
285 | 350 | } |
286 | | |
287 | | int ossl_namemap_add_name(OSSL_NAMEMAP *namemap, int number, |
288 | | const char *name) |
289 | 642 | { |
290 | 642 | int tmp_number; |
291 | | |
292 | 642 | #ifndef FIPS_MODULE |
293 | 642 | if (namemap == NULL) |
294 | 0 | namemap = ossl_namemap_stored(NULL); |
295 | 642 | #endif |
296 | | |
297 | 642 | if (name == NULL || *name == 0 || namemap == NULL) |
298 | 0 | return 0; |
299 | | |
300 | 642 | if (!CRYPTO_THREAD_write_lock(namemap->lock)) |
301 | 0 | return 0; |
302 | 642 | tmp_number = namemap_add_name(namemap, number, name); |
303 | 642 | CRYPTO_THREAD_unlock(namemap->lock); |
304 | 642 | return tmp_number; |
305 | 642 | } |
306 | | |
307 | | int ossl_namemap_add_names(OSSL_NAMEMAP *namemap, int number, |
308 | | const char *names, const char separator) |
309 | 126 | { |
310 | 126 | char *tmp, *p, *q, *endp; |
311 | | |
312 | | /* Check that we have a namemap */ |
313 | 126 | if (!ossl_assert(namemap != NULL)) { |
314 | 0 | ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); |
315 | 0 | return 0; |
316 | 0 | } |
317 | | |
318 | 126 | if ((tmp = OPENSSL_strdup(names)) == NULL) |
319 | 0 | return 0; |
320 | | |
321 | 126 | if (!CRYPTO_THREAD_write_lock(namemap->lock)) { |
322 | 0 | OPENSSL_free(tmp); |
323 | 0 | return 0; |
324 | 0 | } |
325 | | /* |
326 | | * Check that no name is an empty string, and that all names have at |
327 | | * most one numeric identity together. |
328 | | */ |
329 | 365 | for (p = tmp; *p != '\0'; p = q) { |
330 | 239 | int this_number; |
331 | 239 | size_t l; |
332 | | |
333 | 239 | if ((q = strchr(p, separator)) == NULL) { |
334 | 126 | l = strlen(p); /* offset to \0 */ |
335 | 126 | q = p + l; |
336 | 126 | } else { |
337 | 113 | l = q - p; /* offset to the next separator */ |
338 | 113 | *q++ = '\0'; |
339 | 113 | } |
340 | | |
341 | 239 | if (*p == '\0') { |
342 | 0 | ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_BAD_ALGORITHM_NAME); |
343 | 0 | number = 0; |
344 | 0 | goto end; |
345 | 0 | } |
346 | | |
347 | 239 | this_number = ossl_namemap_name2num(namemap, p); |
348 | | |
349 | 239 | if (number == 0) { |
350 | 144 | number = this_number; |
351 | 144 | } else if (this_number != 0 && this_number != number) { |
352 | 0 | ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_CONFLICTING_NAMES, |
353 | 0 | "\"%s\" has an existing different identity %d (from \"%s\")", |
354 | 0 | p, this_number, names); |
355 | 0 | number = 0; |
356 | 0 | goto end; |
357 | 0 | } |
358 | 239 | } |
359 | 126 | endp = p; |
360 | | |
361 | | /* Now that we have checked, register all names */ |
362 | 365 | for (p = tmp; p < endp; p = q) { |
363 | 239 | int this_number; |
364 | | |
365 | 239 | q = p + strlen(p) + 1; |
366 | | |
367 | 239 | this_number = namemap_add_name(namemap, number, p); |
368 | 239 | if (number == 0) { |
369 | 56 | number = this_number; |
370 | 183 | } else if (this_number != number) { |
371 | 0 | ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR, |
372 | 0 | "Got number %d when expecting %d", |
373 | 0 | this_number, number); |
374 | 0 | number = 0; |
375 | 0 | goto end; |
376 | 0 | } |
377 | 239 | } |
378 | | |
379 | 126 | end: |
380 | 126 | CRYPTO_THREAD_unlock(namemap->lock); |
381 | 126 | OPENSSL_free(tmp); |
382 | 126 | return number; |
383 | 126 | } |
384 | | |
385 | | /*- |
386 | | * Pre-population |
387 | | * ============== |
388 | | */ |
389 | | |
390 | | #ifndef FIPS_MODULE |
391 | | #include <openssl/evp.h> |
392 | | |
393 | | /* Creates an initial namemap with names found in the legacy method db */ |
394 | | static void get_legacy_evp_names(int base_nid, int nid, const char *pem_name, |
395 | | void *arg) |
396 | 249 | { |
397 | 249 | int num = 0; |
398 | 249 | ASN1_OBJECT *obj; |
399 | | |
400 | 249 | if (base_nid != NID_undef) { |
401 | 4 | num = ossl_namemap_add_name(arg, num, OBJ_nid2sn(base_nid)); |
402 | 4 | num = ossl_namemap_add_name(arg, num, OBJ_nid2ln(base_nid)); |
403 | 4 | } |
404 | | |
405 | 249 | if (nid != NID_undef) { |
406 | 208 | num = ossl_namemap_add_name(arg, num, OBJ_nid2sn(nid)); |
407 | 208 | num = ossl_namemap_add_name(arg, num, OBJ_nid2ln(nid)); |
408 | 208 | if ((obj = OBJ_nid2obj(nid)) != NULL) { |
409 | 208 | char txtoid[OSSL_MAX_NAME_SIZE]; |
410 | | |
411 | 208 | if (OBJ_obj2txt(txtoid, sizeof(txtoid), obj, 1) > 0) |
412 | 207 | num = ossl_namemap_add_name(arg, num, txtoid); |
413 | 208 | } |
414 | 208 | } |
415 | 249 | if (pem_name != NULL) |
416 | 11 | num = ossl_namemap_add_name(arg, num, pem_name); |
417 | 249 | } |
418 | | |
419 | | static void get_legacy_cipher_names(const OBJ_NAME *on, void *arg) |
420 | 174 | { |
421 | 174 | const EVP_CIPHER *cipher = (void *)OBJ_NAME_get(on->name, on->type); |
422 | | |
423 | 174 | if (cipher != NULL) |
424 | 174 | get_legacy_evp_names(NID_undef, EVP_CIPHER_get_type(cipher), NULL, arg); |
425 | 174 | } |
426 | | |
427 | | static void get_legacy_md_names(const OBJ_NAME *on, void *arg) |
428 | 59 | { |
429 | 59 | const EVP_MD *md = (void *)OBJ_NAME_get(on->name, on->type); |
430 | | |
431 | 59 | if (md != NULL) |
432 | 59 | get_legacy_evp_names(0, EVP_MD_get_type(md), NULL, arg); |
433 | 59 | } |
434 | | |
435 | | static void get_legacy_pkey_meth_names(const EVP_PKEY_ASN1_METHOD *ameth, |
436 | | void *arg) |
437 | 15 | { |
438 | 15 | int nid = 0, base_nid = 0, flags = 0; |
439 | 15 | const char *pem_name = NULL; |
440 | | |
441 | 15 | EVP_PKEY_asn1_get0_info(&nid, &base_nid, &flags, NULL, &pem_name, ameth); |
442 | 15 | if (nid != NID_undef) { |
443 | 15 | if ((flags & ASN1_PKEY_ALIAS) == 0) { |
444 | 10 | switch (nid) { |
445 | 1 | case EVP_PKEY_DHX: |
446 | | /* We know that the name "DHX" is used too */ |
447 | 1 | get_legacy_evp_names(0, nid, "DHX", arg); |
448 | | /* FALLTHRU */ |
449 | 10 | default: |
450 | 10 | get_legacy_evp_names(0, nid, pem_name, arg); |
451 | 10 | } |
452 | 10 | } else { |
453 | | /* |
454 | | * Treat aliases carefully, some of them are undesirable, or |
455 | | * should not be treated as such for providers. |
456 | | */ |
457 | | |
458 | 5 | switch (nid) { |
459 | 1 | case EVP_PKEY_SM2: |
460 | | /* |
461 | | * SM2 is a separate keytype with providers, not an alias for |
462 | | * EC. |
463 | | */ |
464 | 1 | get_legacy_evp_names(0, nid, pem_name, arg); |
465 | 1 | break; |
466 | 4 | default: |
467 | | /* Use the short name of the base nid as the common reference */ |
468 | 4 | get_legacy_evp_names(base_nid, nid, pem_name, arg); |
469 | 5 | } |
470 | 5 | } |
471 | 15 | } |
472 | 15 | } |
473 | | #endif |
474 | | |
475 | | /*- |
476 | | * Constructors / destructors |
477 | | * ========================== |
478 | | */ |
479 | | |
480 | | OSSL_NAMEMAP *ossl_namemap_stored(OSSL_LIB_CTX *libctx) |
481 | 1.73k | { |
482 | 1.73k | #ifndef FIPS_MODULE |
483 | 1.73k | int nms; |
484 | 1.73k | #endif |
485 | 1.73k | OSSL_NAMEMAP *namemap = |
486 | 1.73k | ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_NAMEMAP_INDEX); |
487 | | |
488 | 1.73k | if (namemap == NULL) |
489 | 0 | return NULL; |
490 | | |
491 | 1.73k | #ifndef FIPS_MODULE |
492 | 1.73k | nms = ossl_namemap_empty(namemap); |
493 | 1.73k | if (nms < 0) { |
494 | | /* |
495 | | * Could not get lock to make the count, so maybe internal objects |
496 | | * weren't added. This seems safest. |
497 | | */ |
498 | 0 | return NULL; |
499 | 0 | } |
500 | 1.73k | if (nms == 1) { |
501 | 1 | int i, end; |
502 | | |
503 | | /* Before pilfering, we make sure the legacy database is populated */ |
504 | 1 | OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |
505 | 1 | | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); |
506 | | |
507 | 1 | OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, |
508 | 1 | get_legacy_cipher_names, namemap); |
509 | 1 | OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, |
510 | 1 | get_legacy_md_names, namemap); |
511 | | |
512 | | /* We also pilfer data from the legacy EVP_PKEY_ASN1_METHODs */ |
513 | 16 | for (i = 0, end = EVP_PKEY_asn1_get_count(); i < end; i++) |
514 | 15 | get_legacy_pkey_meth_names(EVP_PKEY_asn1_get0(i), namemap); |
515 | 1 | } |
516 | 1.73k | #endif |
517 | | |
518 | 1.73k | return namemap; |
519 | 1.73k | } |
520 | | |
521 | | OSSL_NAMEMAP *ossl_namemap_new(OSSL_LIB_CTX *libctx) |
522 | 1 | { |
523 | 1 | OSSL_NAMEMAP *namemap; |
524 | 1 | HT_CONFIG htconf = { NULL, NULL, NULL, NAMEMAP_HT_BUCKETS, 1, 1 }; |
525 | | |
526 | 1 | htconf.ctx = libctx; |
527 | | |
528 | 1 | if ((namemap = OPENSSL_zalloc(sizeof(*namemap))) == NULL) |
529 | 0 | goto err; |
530 | | |
531 | 1 | if ((namemap->lock = CRYPTO_THREAD_lock_new()) == NULL) |
532 | 0 | goto err; |
533 | | |
534 | 1 | if ((namemap->namenum_ht = ossl_ht_new(&htconf)) == NULL) |
535 | 0 | goto err; |
536 | | |
537 | 1 | if ((namemap->numnames = sk_NAMES_new_null()) == NULL) |
538 | 0 | goto err; |
539 | | |
540 | 1 | return namemap; |
541 | | |
542 | 0 | err: |
543 | 0 | ossl_namemap_free(namemap); |
544 | 0 | return NULL; |
545 | 1 | } |
546 | | |
547 | | void ossl_namemap_free(OSSL_NAMEMAP *namemap) |
548 | 1 | { |
549 | 1 | if (namemap == NULL || namemap->stored) |
550 | 0 | return; |
551 | | |
552 | 1 | sk_NAMES_pop_free(namemap->numnames, names_free); |
553 | | |
554 | 1 | ossl_ht_free(namemap->namenum_ht); |
555 | | |
556 | 1 | CRYPTO_THREAD_lock_free(namemap->lock); |
557 | 1 | OPENSSL_free(namemap); |
558 | 1 | } |