/src/openssl31/crypto/store/store_meth.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <openssl/crypto.h> |
11 | | #include "crypto/store.h" |
12 | | #include "internal/core.h" |
13 | | #include "internal/namemap.h" |
14 | | #include "internal/property.h" |
15 | | #include "internal/provider.h" |
16 | | #include "store_local.h" |
17 | | #include "crypto/context.h" |
18 | | |
19 | | int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader) |
20 | 0 | { |
21 | 0 | int ref = 0; |
22 | |
|
23 | 0 | if (loader->prov != NULL) |
24 | 0 | CRYPTO_UP_REF(&loader->refcnt, &ref, loader->lock); |
25 | 0 | return 1; |
26 | 0 | } |
27 | | |
28 | | void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader) |
29 | 0 | { |
30 | 0 | if (loader != NULL && loader->prov != NULL) { |
31 | 0 | int i; |
32 | |
|
33 | 0 | CRYPTO_DOWN_REF(&loader->refcnt, &i, loader->lock); |
34 | 0 | if (i > 0) |
35 | 0 | return; |
36 | 0 | ossl_provider_free(loader->prov); |
37 | 0 | CRYPTO_THREAD_lock_free(loader->lock); |
38 | 0 | } |
39 | 0 | OPENSSL_free(loader); |
40 | 0 | } |
41 | | |
42 | | /* |
43 | | * OSSL_STORE_LOADER_new() expects the scheme as a constant string, |
44 | | * which we currently don't have, so we need an alternative allocator. |
45 | | */ |
46 | | static OSSL_STORE_LOADER *new_loader(OSSL_PROVIDER *prov) |
47 | 0 | { |
48 | 0 | OSSL_STORE_LOADER *loader; |
49 | |
|
50 | 0 | if ((loader = OPENSSL_zalloc(sizeof(*loader))) == NULL |
51 | 0 | || (loader->lock = CRYPTO_THREAD_lock_new()) == NULL) { |
52 | 0 | OPENSSL_free(loader); |
53 | 0 | return NULL; |
54 | 0 | } |
55 | 0 | loader->prov = prov; |
56 | 0 | ossl_provider_up_ref(prov); |
57 | 0 | loader->refcnt = 1; |
58 | |
|
59 | 0 | return loader; |
60 | 0 | } |
61 | | |
62 | | static int up_ref_loader(void *method) |
63 | 0 | { |
64 | 0 | return OSSL_STORE_LOADER_up_ref(method); |
65 | 0 | } |
66 | | |
67 | | static void free_loader(void *method) |
68 | 0 | { |
69 | 0 | OSSL_STORE_LOADER_free(method); |
70 | 0 | } |
71 | | |
72 | | /* Data to be passed through ossl_method_construct() */ |
73 | | struct loader_data_st { |
74 | | OSSL_LIB_CTX *libctx; |
75 | | int scheme_id; /* For get_loader_from_store() */ |
76 | | const char *scheme; /* For get_loader_from_store() */ |
77 | | const char *propquery; /* For get_loader_from_store() */ |
78 | | |
79 | | OSSL_METHOD_STORE *tmp_store; /* For get_tmp_loader_store() */ |
80 | | |
81 | | unsigned int flag_construct_error_occurred : 1; |
82 | | }; |
83 | | |
84 | | /* |
85 | | * Generic routines to fetch / create OSSL_STORE methods with |
86 | | * ossl_method_construct() |
87 | | */ |
88 | | |
89 | | /* Temporary loader method store, constructor and destructor */ |
90 | | static void *get_tmp_loader_store(void *data) |
91 | 0 | { |
92 | 0 | struct loader_data_st *methdata = data; |
93 | |
|
94 | 0 | if (methdata->tmp_store == NULL) |
95 | 0 | methdata->tmp_store = ossl_method_store_new(methdata->libctx); |
96 | 0 | return methdata->tmp_store; |
97 | 0 | } |
98 | | |
99 | | static void dealloc_tmp_loader_store(void *store) |
100 | 0 | { |
101 | 0 | if (store != NULL) |
102 | 0 | ossl_method_store_free(store); |
103 | 0 | } |
104 | | |
105 | | /* Get the permanent loader store */ |
106 | | static OSSL_METHOD_STORE *get_loader_store(OSSL_LIB_CTX *libctx) |
107 | 60 | { |
108 | 60 | return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_STORE_LOADER_STORE_INDEX); |
109 | 60 | } |
110 | | |
111 | | static int reserve_loader_store(void *store, void *data) |
112 | 0 | { |
113 | 0 | struct loader_data_st *methdata = data; |
114 | |
|
115 | 0 | if (store == NULL |
116 | 0 | && (store = get_loader_store(methdata->libctx)) == NULL) |
117 | 0 | return 0; |
118 | | |
119 | 0 | return ossl_method_lock_store(store); |
120 | 0 | } |
121 | | |
122 | | static int unreserve_loader_store(void *store, void *data) |
123 | 0 | { |
124 | 0 | struct loader_data_st *methdata = data; |
125 | |
|
126 | 0 | if (store == NULL |
127 | 0 | && (store = get_loader_store(methdata->libctx)) == NULL) |
128 | 0 | return 0; |
129 | | |
130 | 0 | return ossl_method_unlock_store(store); |
131 | 0 | } |
132 | | |
133 | | /* Get loader methods from a store, or put one in */ |
134 | | static void *get_loader_from_store(void *store, const OSSL_PROVIDER **prov, |
135 | | void *data) |
136 | 0 | { |
137 | 0 | struct loader_data_st *methdata = data; |
138 | 0 | void *method = NULL; |
139 | 0 | int id; |
140 | |
|
141 | 0 | if ((id = methdata->scheme_id) == 0) { |
142 | 0 | OSSL_NAMEMAP *namemap = ossl_namemap_stored(methdata->libctx); |
143 | |
|
144 | 0 | id = ossl_namemap_name2num(namemap, methdata->scheme); |
145 | 0 | } |
146 | |
|
147 | 0 | if (store == NULL |
148 | 0 | && (store = get_loader_store(methdata->libctx)) == NULL) |
149 | 0 | return NULL; |
150 | | |
151 | 0 | if (!ossl_method_store_fetch(store, id, methdata->propquery, prov, &method)) |
152 | 0 | return NULL; |
153 | 0 | return method; |
154 | 0 | } |
155 | | |
156 | | static int put_loader_in_store(void *store, void *method, |
157 | | const OSSL_PROVIDER *prov, |
158 | | const char *scheme, const char *propdef, |
159 | | void *data) |
160 | 0 | { |
161 | 0 | struct loader_data_st *methdata = data; |
162 | 0 | OSSL_NAMEMAP *namemap; |
163 | 0 | int id; |
164 | |
|
165 | 0 | if ((namemap = ossl_namemap_stored(methdata->libctx)) == NULL |
166 | 0 | || (id = ossl_namemap_name2num(namemap, scheme)) == 0) |
167 | 0 | return 0; |
168 | | |
169 | 0 | if (store == NULL && (store = get_loader_store(methdata->libctx)) == NULL) |
170 | 0 | return 0; |
171 | | |
172 | 0 | return ossl_method_store_add(store, prov, id, propdef, method, |
173 | 0 | up_ref_loader, free_loader); |
174 | 0 | } |
175 | | |
176 | | static void *loader_from_algorithm(int scheme_id, const OSSL_ALGORITHM *algodef, |
177 | | OSSL_PROVIDER *prov) |
178 | 0 | { |
179 | 0 | OSSL_STORE_LOADER *loader = NULL; |
180 | 0 | const OSSL_DISPATCH *fns = algodef->implementation; |
181 | |
|
182 | 0 | if ((loader = new_loader(prov)) == NULL) |
183 | 0 | return NULL; |
184 | 0 | loader->scheme_id = scheme_id; |
185 | 0 | loader->propdef = algodef->property_definition; |
186 | 0 | loader->description = algodef->algorithm_description; |
187 | |
|
188 | 0 | for (; fns->function_id != 0; fns++) { |
189 | 0 | switch (fns->function_id) { |
190 | 0 | case OSSL_FUNC_STORE_OPEN: |
191 | 0 | if (loader->p_open == NULL) |
192 | 0 | loader->p_open = OSSL_FUNC_store_open(fns); |
193 | 0 | break; |
194 | 0 | case OSSL_FUNC_STORE_ATTACH: |
195 | 0 | if (loader->p_attach == NULL) |
196 | 0 | loader->p_attach = OSSL_FUNC_store_attach(fns); |
197 | 0 | break; |
198 | 0 | case OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS: |
199 | 0 | if (loader->p_settable_ctx_params == NULL) |
200 | 0 | loader->p_settable_ctx_params = |
201 | 0 | OSSL_FUNC_store_settable_ctx_params(fns); |
202 | 0 | break; |
203 | 0 | case OSSL_FUNC_STORE_SET_CTX_PARAMS: |
204 | 0 | if (loader->p_set_ctx_params == NULL) |
205 | 0 | loader->p_set_ctx_params = OSSL_FUNC_store_set_ctx_params(fns); |
206 | 0 | break; |
207 | 0 | case OSSL_FUNC_STORE_LOAD: |
208 | 0 | if (loader->p_load == NULL) |
209 | 0 | loader->p_load = OSSL_FUNC_store_load(fns); |
210 | 0 | break; |
211 | 0 | case OSSL_FUNC_STORE_EOF: |
212 | 0 | if (loader->p_eof == NULL) |
213 | 0 | loader->p_eof = OSSL_FUNC_store_eof(fns); |
214 | 0 | break; |
215 | 0 | case OSSL_FUNC_STORE_CLOSE: |
216 | 0 | if (loader->p_close == NULL) |
217 | 0 | loader->p_close = OSSL_FUNC_store_close(fns); |
218 | 0 | break; |
219 | 0 | case OSSL_FUNC_STORE_EXPORT_OBJECT: |
220 | 0 | if (loader->p_export_object == NULL) |
221 | 0 | loader->p_export_object = OSSL_FUNC_store_export_object(fns); |
222 | 0 | break; |
223 | 0 | } |
224 | 0 | } |
225 | | |
226 | 0 | if ((loader->p_open == NULL && loader->p_attach == NULL) |
227 | 0 | || loader->p_load == NULL |
228 | 0 | || loader->p_eof == NULL |
229 | 0 | || loader->p_close == NULL) { |
230 | | /* Only set_ctx_params is optionaal */ |
231 | 0 | OSSL_STORE_LOADER_free(loader); |
232 | 0 | ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADER_INCOMPLETE); |
233 | 0 | return NULL; |
234 | 0 | } |
235 | 0 | return loader; |
236 | 0 | } |
237 | | |
238 | | /* |
239 | | * The core fetching functionality passes the scheme of the implementation. |
240 | | * This function is responsible to getting an identity number for them, |
241 | | * then call loader_from_algorithm() with that identity number. |
242 | | */ |
243 | | static void *construct_loader(const OSSL_ALGORITHM *algodef, |
244 | | OSSL_PROVIDER *prov, void *data) |
245 | 0 | { |
246 | | /* |
247 | | * This function is only called if get_loader_from_store() returned |
248 | | * NULL, so it's safe to say that of all the spots to create a new |
249 | | * namemap entry, this is it. Should the scheme already exist there, we |
250 | | * know that ossl_namemap_add() will return its corresponding number. |
251 | | */ |
252 | 0 | struct loader_data_st *methdata = data; |
253 | 0 | OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); |
254 | 0 | OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); |
255 | 0 | const char *scheme = algodef->algorithm_names; |
256 | 0 | int id = ossl_namemap_add_name(namemap, 0, scheme); |
257 | 0 | void *method = NULL; |
258 | |
|
259 | 0 | if (id != 0) |
260 | 0 | method = loader_from_algorithm(id, algodef, prov); |
261 | | |
262 | | /* |
263 | | * Flag to indicate that there was actual construction errors. This |
264 | | * helps inner_loader_fetch() determine what error it should |
265 | | * record on inaccessible algorithms. |
266 | | */ |
267 | 0 | if (method == NULL) |
268 | 0 | methdata->flag_construct_error_occurred = 1; |
269 | |
|
270 | 0 | return method; |
271 | 0 | } |
272 | | |
273 | | /* Intermediary function to avoid ugly casts, used below */ |
274 | | static void destruct_loader(void *method, void *data) |
275 | 0 | { |
276 | 0 | OSSL_STORE_LOADER_free(method); |
277 | 0 | } |
278 | | |
279 | | /* Fetching support. Can fetch by numeric identity or by scheme */ |
280 | | static OSSL_STORE_LOADER * |
281 | | inner_loader_fetch(struct loader_data_st *methdata, |
282 | | const char *scheme, const char *properties) |
283 | 0 | { |
284 | 0 | OSSL_METHOD_STORE *store = get_loader_store(methdata->libctx); |
285 | 0 | OSSL_NAMEMAP *namemap = ossl_namemap_stored(methdata->libctx); |
286 | 0 | const char *const propq = properties != NULL ? properties : ""; |
287 | 0 | void *method = NULL; |
288 | 0 | int unsupported, id; |
289 | |
|
290 | 0 | if (store == NULL || namemap == NULL) { |
291 | 0 | ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_INVALID_ARGUMENT); |
292 | 0 | return NULL; |
293 | 0 | } |
294 | | |
295 | | /* If we haven't received a name id yet, try to get one for the name */ |
296 | 0 | id = scheme != NULL ? ossl_namemap_name2num(namemap, scheme) : 0; |
297 | | |
298 | | /* |
299 | | * If we haven't found the name yet, chances are that the algorithm to |
300 | | * be fetched is unsupported. |
301 | | */ |
302 | 0 | unsupported = id == 0; |
303 | |
|
304 | 0 | if (id == 0 |
305 | 0 | || !ossl_method_store_cache_get(store, NULL, id, propq, &method)) { |
306 | 0 | OSSL_METHOD_CONSTRUCT_METHOD mcm = { |
307 | 0 | get_tmp_loader_store, |
308 | 0 | reserve_loader_store, |
309 | 0 | unreserve_loader_store, |
310 | 0 | get_loader_from_store, |
311 | 0 | put_loader_in_store, |
312 | 0 | construct_loader, |
313 | 0 | destruct_loader |
314 | 0 | }; |
315 | 0 | OSSL_PROVIDER *prov = NULL; |
316 | |
|
317 | 0 | methdata->scheme_id = id; |
318 | 0 | methdata->scheme = scheme; |
319 | 0 | methdata->propquery = propq; |
320 | 0 | methdata->flag_construct_error_occurred = 0; |
321 | 0 | if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_STORE, |
322 | 0 | &prov, 0 /* !force_cache */, |
323 | 0 | &mcm, methdata)) != NULL) { |
324 | | /* |
325 | | * If construction did create a method for us, we know that there |
326 | | * is a correct scheme_id, since those have already been calculated |
327 | | * in get_loader_from_store() and put_loader_in_store() above. |
328 | | */ |
329 | 0 | if (id == 0) |
330 | 0 | id = ossl_namemap_name2num(namemap, scheme); |
331 | 0 | ossl_method_store_cache_set(store, prov, id, propq, method, |
332 | 0 | up_ref_loader, free_loader); |
333 | 0 | } |
334 | | |
335 | | /* |
336 | | * If we never were in the constructor, the algorithm to be fetched |
337 | | * is unsupported. |
338 | | */ |
339 | 0 | unsupported = !methdata->flag_construct_error_occurred; |
340 | 0 | } |
341 | |
|
342 | 0 | if ((id != 0 || scheme != NULL) && method == NULL) { |
343 | 0 | int code = unsupported ? ERR_R_UNSUPPORTED : ERR_R_FETCH_FAILED; |
344 | 0 | const char *helpful_msg = |
345 | 0 | unsupported |
346 | 0 | ? ( "No store loader found. For standard store loaders you need " |
347 | 0 | "at least one of the default or base providers available. " |
348 | 0 | "Did you forget to load them? Info: " ) |
349 | 0 | : ""; |
350 | |
|
351 | 0 | if (scheme == NULL) |
352 | 0 | scheme = ossl_namemap_num2name(namemap, id, 0); |
353 | 0 | ERR_raise_data(ERR_LIB_OSSL_STORE, code, |
354 | 0 | "%s%s, Scheme (%s : %d), Properties (%s)", |
355 | 0 | helpful_msg, |
356 | 0 | ossl_lib_ctx_get_descriptor(methdata->libctx), |
357 | 0 | scheme == NULL ? "<null>" : scheme, id, |
358 | 0 | properties == NULL ? "<null>" : properties); |
359 | 0 | } |
360 | |
|
361 | 0 | return method; |
362 | 0 | } |
363 | | |
364 | | OSSL_STORE_LOADER *OSSL_STORE_LOADER_fetch(OSSL_LIB_CTX *libctx, |
365 | | const char *scheme, |
366 | | const char *properties) |
367 | 0 | { |
368 | 0 | struct loader_data_st methdata; |
369 | 0 | void *method; |
370 | |
|
371 | 0 | methdata.libctx = libctx; |
372 | 0 | methdata.tmp_store = NULL; |
373 | 0 | method = inner_loader_fetch(&methdata, scheme, properties); |
374 | 0 | dealloc_tmp_loader_store(methdata.tmp_store); |
375 | 0 | return method; |
376 | 0 | } |
377 | | |
378 | | int ossl_store_loader_store_cache_flush(OSSL_LIB_CTX *libctx) |
379 | 60 | { |
380 | 60 | OSSL_METHOD_STORE *store = get_loader_store(libctx); |
381 | | |
382 | 60 | if (store != NULL) |
383 | 60 | return ossl_method_store_cache_flush_all(store); |
384 | 0 | return 1; |
385 | 60 | } |
386 | | |
387 | | int ossl_store_loader_store_remove_all_provided(const OSSL_PROVIDER *prov) |
388 | 0 | { |
389 | 0 | OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); |
390 | 0 | OSSL_METHOD_STORE *store = get_loader_store(libctx); |
391 | |
|
392 | 0 | if (store != NULL) |
393 | 0 | return ossl_method_store_remove_all_provided(store, prov); |
394 | 0 | return 1; |
395 | 0 | } |
396 | | |
397 | | /* |
398 | | * Library of basic method functions |
399 | | */ |
400 | | |
401 | | const OSSL_PROVIDER *OSSL_STORE_LOADER_get0_provider(const OSSL_STORE_LOADER *loader) |
402 | 0 | { |
403 | 0 | if (!ossl_assert(loader != NULL)) { |
404 | 0 | ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_NULL_PARAMETER); |
405 | 0 | return 0; |
406 | 0 | } |
407 | | |
408 | 0 | return loader->prov; |
409 | 0 | } |
410 | | |
411 | | const char *OSSL_STORE_LOADER_get0_properties(const OSSL_STORE_LOADER *loader) |
412 | 0 | { |
413 | 0 | if (!ossl_assert(loader != NULL)) { |
414 | 0 | ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_NULL_PARAMETER); |
415 | 0 | return 0; |
416 | 0 | } |
417 | | |
418 | 0 | return loader->propdef; |
419 | 0 | } |
420 | | |
421 | | int ossl_store_loader_get_number(const OSSL_STORE_LOADER *loader) |
422 | 0 | { |
423 | 0 | if (!ossl_assert(loader != NULL)) { |
424 | 0 | ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_NULL_PARAMETER); |
425 | 0 | return 0; |
426 | 0 | } |
427 | | |
428 | 0 | return loader->scheme_id; |
429 | 0 | } |
430 | | |
431 | | const char *OSSL_STORE_LOADER_get0_description(const OSSL_STORE_LOADER *loader) |
432 | 0 | { |
433 | 0 | return loader->description; |
434 | 0 | } |
435 | | |
436 | | int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, const char *name) |
437 | 0 | { |
438 | 0 | if (loader->prov != NULL) { |
439 | 0 | OSSL_LIB_CTX *libctx = ossl_provider_libctx(loader->prov); |
440 | 0 | OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); |
441 | |
|
442 | 0 | return ossl_namemap_name2num(namemap, name) == loader->scheme_id; |
443 | 0 | } |
444 | 0 | return 0; |
445 | 0 | } |
446 | | |
447 | | struct do_one_data_st { |
448 | | void (*user_fn)(OSSL_STORE_LOADER *loader, void *arg); |
449 | | void *user_arg; |
450 | | }; |
451 | | |
452 | | static void do_one(ossl_unused int id, void *method, void *arg) |
453 | 0 | { |
454 | 0 | struct do_one_data_st *data = arg; |
455 | |
|
456 | 0 | data->user_fn(method, data->user_arg); |
457 | 0 | } |
458 | | |
459 | | void OSSL_STORE_LOADER_do_all_provided(OSSL_LIB_CTX *libctx, |
460 | | void (*user_fn)(OSSL_STORE_LOADER *loader, |
461 | | void *arg), |
462 | | void *user_arg) |
463 | 0 | { |
464 | 0 | struct loader_data_st methdata; |
465 | 0 | struct do_one_data_st data; |
466 | |
|
467 | 0 | methdata.libctx = libctx; |
468 | 0 | methdata.tmp_store = NULL; |
469 | 0 | (void)inner_loader_fetch(&methdata, NULL, NULL /* properties */); |
470 | |
|
471 | 0 | data.user_fn = user_fn; |
472 | 0 | data.user_arg = user_arg; |
473 | 0 | if (methdata.tmp_store != NULL) |
474 | 0 | ossl_method_store_do_all(methdata.tmp_store, &do_one, &data); |
475 | 0 | ossl_method_store_do_all(get_loader_store(libctx), &do_one, &data); |
476 | 0 | dealloc_tmp_loader_store(methdata.tmp_store); |
477 | 0 | } |
478 | | |
479 | | int OSSL_STORE_LOADER_names_do_all(const OSSL_STORE_LOADER *loader, |
480 | | void (*fn)(const char *name, void *data), |
481 | | void *data) |
482 | 0 | { |
483 | 0 | if (loader == NULL) |
484 | 0 | return 0; |
485 | | |
486 | 0 | if (loader->prov != NULL) { |
487 | 0 | OSSL_LIB_CTX *libctx = ossl_provider_libctx(loader->prov); |
488 | 0 | OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); |
489 | |
|
490 | 0 | return ossl_namemap_doall_names(namemap, loader->scheme_id, fn, data); |
491 | 0 | } |
492 | | |
493 | 0 | return 1; |
494 | 0 | } |