/src/openssl34/crypto/core_namemap.c

Source (jump to first uncovered line)
/*
 * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include "internal/namemap.h"
#include "internal/tsan_assist.h"
#include "internal/hashtable.h"
#include "internal/sizes.h"
#include "crypto/context.h"

#define NAMEMAP_HT_BUCKETS 512

HT_START_KEY_DEFN(namenum_key)
HT_DEF_KEY_FIELD_CHAR_ARRAY(name, 64)
HT_END_KEY_DEFN(NAMENUM_KEY)

/*-
 * The namemap itself
 * ==================
 */

typedef STACK_OF(OPENSSL_STRING) NAMES;

DEFINE_STACK_OF(NAMES)

struct ossl_namemap_st {
    /* Flags */
    unsigned int stored:1; /* If 1, it's stored in a library context */

    HT *namenum_ht;        /* Name->number mapping */

    CRYPTO_RWLOCK *lock;
    STACK_OF(NAMES) *numnames;

    TSAN_QUALIFIER int max_number;     /* Current max number */
};

static void name_string_free(char *name)
{
    OPENSSL_free(name);
}

static void names_free(NAMES *n)
{
    sk_OPENSSL_STRING_pop_free(n, name_string_free);
}

/* OSSL_LIB_CTX_METHOD functions for a namemap stored in a library context */

void *ossl_stored_namemap_new(OSSL_LIB_CTX *libctx)
{
    OSSL_NAMEMAP *namemap = ossl_namemap_new(libctx);

    if (namemap != NULL)
        namemap->stored = 1;

    return namemap;
}

void ossl_stored_namemap_free(void *vnamemap)
{
    OSSL_NAMEMAP *namemap = vnamemap;

    if (namemap != NULL) {
        /* Pretend it isn't stored, or ossl_namemap_free() will do nothing */
        namemap->stored = 0;
        ossl_namemap_free(namemap);
    }
}

/*-
 * API functions
 * =============
 */

int ossl_namemap_empty(OSSL_NAMEMAP *namemap)
{
#ifdef TSAN_REQUIRES_LOCKING
    /* No TSAN support */
    int rv;

    if (namemap == NULL)
        return 1;

    if (!CRYPTO_THREAD_read_lock(namemap->lock))
        return -1;
    rv = namemap->max_number == 0;
    CRYPTO_THREAD_unlock(namemap->lock);
    return rv;
#else
    /* Have TSAN support */
    return namemap == NULL || tsan_load(&namemap->max_number) == 0;
#endif
}

/*
 * Call the callback for all names in the namemap with the given number.
 * A return value 1 means that the callback was called for all names. A
 * return value of 0 means that the callback was not called for any names.
 */
int ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number,
                             void (*fn)(const char *name, void *data),
                             void *data)
{
    int i;
    NAMES *names;

    if (namemap == NULL || number <= 0)
        return 0;

    /*
     * We duplicate the NAMES stack under a read lock. Subsequently we call
     * the user function, so that we're not holding the read lock when in user
     * code. This could lead to deadlocks.
     */
    if (!CRYPTO_THREAD_read_lock(namemap->lock))
        return 0;

    names = sk_NAMES_value(namemap->numnames, number - 1);
    if (names != NULL)
        names = sk_OPENSSL_STRING_dup(names);

    CRYPTO_THREAD_unlock(namemap->lock);

    if (names == NULL)
        return 0;

    for (i = 0; i < sk_OPENSSL_STRING_num(names); i++)
        fn(sk_OPENSSL_STRING_value(names, i), data);

    sk_OPENSSL_STRING_free(names);
    return i > 0;
}

int ossl_namemap_name2num(const OSSL_NAMEMAP *namemap, const char *name)
{
    int number = 0;
    HT_VALUE *val;
    NAMENUM_KEY key;

#ifndef FIPS_MODULE
    if (namemap == NULL)
        namemap = ossl_namemap_stored(NULL);
#endif

    if (namemap == NULL)
        return 0;

    HT_INIT_KEY(&key);
    HT_SET_KEY_STRING_CASE(&key, name, name);

    val = ossl_ht_get(namemap->namenum_ht, TO_HT_KEY(&key));

    if (val != NULL)
        /* We store a (small) int directly instead of a pointer to it. */
        number = (int)(intptr_t)val->value;

    return number;
}

/* TODO: Optimize to avoid strndup() */
int ossl_namemap_name2num_n(const OSSL_NAMEMAP *namemap,
                            const char *name, size_t name_len)
{
    char *tmp;
    int ret;

    if (name == NULL || (tmp = OPENSSL_strndup(name, name_len)) == NULL)
        return 0;

    ret = ossl_namemap_name2num(namemap, tmp);
    OPENSSL_free(tmp);
    return ret;
}

const char *ossl_namemap_num2name(const OSSL_NAMEMAP *namemap, int number,
                                  size_t idx)
{
    NAMES *names;
    const char *ret = NULL;

    if (namemap == NULL || number <= 0)
        return NULL;

    if (!CRYPTO_THREAD_read_lock(namemap->lock))
        return NULL;

    names = sk_NAMES_value(namemap->numnames, number - 1);
    if (names != NULL)
        ret = sk_OPENSSL_STRING_value(names, idx);

    CRYPTO_THREAD_unlock(namemap->lock);

    return ret;
}

/* This function is not thread safe, the namemap must be locked */
static int numname_insert(OSSL_NAMEMAP *namemap, int number,
                          const char *name)
{
    NAMES *names;
    char *tmpname;

    if (number > 0) {
        names = sk_NAMES_value(namemap->numnames, number - 1);
        if (!ossl_assert(names != NULL)) {
            /* cannot happen */
            return 0;
        }
    } else {
        /* a completely new entry */
        names = sk_OPENSSL_STRING_new_null();
        if (names == NULL)
            return 0;
    }

    if ((tmpname = OPENSSL_strdup(name)) == NULL)
        goto err;

    if (!sk_OPENSSL_STRING_push(names, tmpname))
        goto err;
    tmpname = NULL;

    if (number <= 0) {
        if (!sk_NAMES_push(namemap->numnames, names))
            goto err;
        number = sk_NAMES_num(namemap->numnames);
    }
    return number;

 err:
    if (number <= 0)
        sk_OPENSSL_STRING_pop_free(names, name_string_free);
    OPENSSL_free(tmpname);
    return 0;
}

/* This function is not thread safe, the namemap must be locked */
static int namemap_add_name(OSSL_NAMEMAP *namemap, int number,
                            const char *name)
{
    int ret;
    HT_VALUE val = { 0 };
    NAMENUM_KEY key;

    /* If it already exists, we don't add it */
    if ((ret = ossl_namemap_name2num(namemap, name)) != 0)
        return ret;

    if ((number = numname_insert(namemap, number, name)) == 0)
        return 0;

    /* Using tsan_store alone here is safe since we're under lock */
    tsan_store(&namemap->max_number, number);

    HT_INIT_KEY(&key);
    HT_SET_KEY_STRING_CASE(&key, name, name);
    val.value = (void *)(intptr_t)number;
    ret = ossl_ht_insert(namemap->namenum_ht, TO_HT_KEY(&key), &val, NULL);
    if (!ossl_assert(ret != 0)) /* cannot happen as we are under write lock */
        return 0;
    if (ret < 1) {
        /* unable to insert due to too many collisions */
        ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_NAMES);
        return 0;
    }
    return number;
}

int ossl_namemap_add_name(OSSL_NAMEMAP *namemap, int number,
                          const char *name)
{
    int tmp_number;

#ifndef FIPS_MODULE
    if (namemap == NULL)
        namemap = ossl_namemap_stored(NULL);
#endif

    if (name == NULL || *name == 0 || namemap == NULL)
        return 0;

    if (!CRYPTO_THREAD_write_lock(namemap->lock))
        return 0;
    tmp_number = namemap_add_name(namemap, number, name);
    CRYPTO_THREAD_unlock(namemap->lock);
    return tmp_number;
}

int ossl_namemap_add_names(OSSL_NAMEMAP *namemap, int number,
                           const char *names, const char separator)
{
    char *tmp, *p, *q, *endp;

    /* Check that we have a namemap */
    if (!ossl_assert(namemap != NULL)) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    if ((tmp = OPENSSL_strdup(names)) == NULL)
        return 0;

    if (!CRYPTO_THREAD_write_lock(namemap->lock)) {
        OPENSSL_free(tmp);
        return 0;
    }
    /*
     * Check that no name is an empty string, and that all names have at
     * most one numeric identity together.
     */
    for (p = tmp; *p != '\0'; p = q) {
        int this_number;
        size_t l;

        if ((q = strchr(p, separator)) == NULL) {
            l = strlen(p);       /* offset to \0 */
            q = p + l;
        } else {
            l = q - p;           /* offset to the next separator */
            *q++ = '\0';
        }

        if (*p == '\0') {
            ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_BAD_ALGORITHM_NAME);
            number = 0;
            goto end;
        }

        this_number = ossl_namemap_name2num(namemap, p);

        if (number == 0) {
            number = this_number;
        } else if (this_number != 0 && this_number != number) {
            ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_CONFLICTING_NAMES,
                           "\"%s\" has an existing different identity %d (from \"%s\")",
                           p, this_number, names);
            number = 0;
            goto end;
        }
    }
    endp = p;

    /* Now that we have checked, register all names */
    for (p = tmp; p < endp; p = q) {
        int this_number;

        q = p + strlen(p) + 1;

        this_number = namemap_add_name(namemap, number, p);
        if (number == 0) {
            number = this_number;
        } else if (this_number != number) {
            ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR,
                           "Got number %d when expecting %d",
                           this_number, number);
            number = 0;
            goto end;
        }
    }

 end:
    CRYPTO_THREAD_unlock(namemap->lock);
    OPENSSL_free(tmp);
    return number;
}

/*-
 * Pre-population
 * ==============
 */

#ifndef FIPS_MODULE
#include <openssl/evp.h>

/* Creates an initial namemap with names found in the legacy method db */
static void get_legacy_evp_names(int base_nid, int nid, const char *pem_name,
                                 void *arg)
{
    int num = 0;
    ASN1_OBJECT *obj;

    if (base_nid != NID_undef) {
        num = ossl_namemap_add_name(arg, num, OBJ_nid2sn(base_nid));
        num = ossl_namemap_add_name(arg, num, OBJ_nid2ln(base_nid));
    }

    if (nid != NID_undef) {
        num = ossl_namemap_add_name(arg, num, OBJ_nid2sn(nid));
        num = ossl_namemap_add_name(arg, num, OBJ_nid2ln(nid));
        if ((obj = OBJ_nid2obj(nid)) != NULL) {
            char txtoid[OSSL_MAX_NAME_SIZE];

            if (OBJ_obj2txt(txtoid, sizeof(txtoid), obj, 1) > 0)
                num = ossl_namemap_add_name(arg, num, txtoid);
        }
    }
    if (pem_name != NULL)
        num = ossl_namemap_add_name(arg, num, pem_name);
}

static void get_legacy_cipher_names(const OBJ_NAME *on, void *arg)
{
    const EVP_CIPHER *cipher = (void *)OBJ_NAME_get(on->name, on->type);

    if (cipher != NULL)
        get_legacy_evp_names(NID_undef, EVP_CIPHER_get_type(cipher), NULL, arg);
}

static void get_legacy_md_names(const OBJ_NAME *on, void *arg)
{
    const EVP_MD *md = (void *)OBJ_NAME_get(on->name, on->type);

    if (md != NULL)
        get_legacy_evp_names(0, EVP_MD_get_type(md), NULL, arg);
}

static void get_legacy_pkey_meth_names(const EVP_PKEY_ASN1_METHOD *ameth,
                                       void *arg)
{
    int nid = 0, base_nid = 0, flags = 0;
    const char *pem_name = NULL;

    EVP_PKEY_asn1_get0_info(&nid, &base_nid, &flags, NULL, &pem_name, ameth);
    if (nid != NID_undef) {
        if ((flags & ASN1_PKEY_ALIAS) == 0) {
            switch (nid) {
            case EVP_PKEY_DHX:
                /* We know that the name "DHX" is used too */
                get_legacy_evp_names(0, nid, "DHX", arg);
                /* FALLTHRU */
            default:
                get_legacy_evp_names(0, nid, pem_name, arg);
            }
        } else {
            /*
             * Treat aliases carefully, some of them are undesirable, or
             * should not be treated as such for providers.
             */

            switch (nid) {
            case EVP_PKEY_SM2:
                /*
                 * SM2 is a separate keytype with providers, not an alias for
                 * EC.
                 */
                get_legacy_evp_names(0, nid, pem_name, arg);
                break;
            default:
                /* Use the short name of the base nid as the common reference */
                get_legacy_evp_names(base_nid, nid, pem_name, arg);
            }
        }
    }
}
#endif

/*-
 * Constructors / destructors
 * ==========================
 */

OSSL_NAMEMAP *ossl_namemap_stored(OSSL_LIB_CTX *libctx)
{
#ifndef FIPS_MODULE
    int nms;
#endif
    OSSL_NAMEMAP *namemap =
        ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_NAMEMAP_INDEX);

    if (namemap == NULL)
        return NULL;

#ifndef FIPS_MODULE
    nms = ossl_namemap_empty(namemap);
    if (nms < 0) {
        /*
         * Could not get lock to make the count, so maybe internal objects
         * weren't added. This seems safest.
         */
        return NULL;
    }
    if (nms == 1) {
        int i, end;

        /* Before pilfering, we make sure the legacy database is populated */
        OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
                            | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);

        OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH,
                        get_legacy_cipher_names, namemap);
        OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH,
                        get_legacy_md_names, namemap);

        /* We also pilfer data from the legacy EVP_PKEY_ASN1_METHODs */
        for (i = 0, end = EVP_PKEY_asn1_get_count(); i < end; i++)
            get_legacy_pkey_meth_names(EVP_PKEY_asn1_get0(i), namemap);
    }
#endif

    return namemap;
}

OSSL_NAMEMAP *ossl_namemap_new(OSSL_LIB_CTX *libctx)
{
    OSSL_NAMEMAP *namemap;
    HT_CONFIG htconf = { NULL, NULL, NULL, NAMEMAP_HT_BUCKETS, 1, 1 };

    htconf.ctx = libctx;

    if ((namemap = OPENSSL_zalloc(sizeof(*namemap))) == NULL)
        goto err;

    if ((namemap->lock = CRYPTO_THREAD_lock_new()) == NULL)
        goto err;

    if ((namemap->namenum_ht = ossl_ht_new(&htconf)) == NULL)
        goto err;

    if ((namemap->numnames = sk_NAMES_new_null()) == NULL)
        goto err;

    return namemap;

 err:
    ossl_namemap_free(namemap);
    return NULL;
}

void ossl_namemap_free(OSSL_NAMEMAP *namemap)
{
    if (namemap == NULL || namemap->stored)
        return;

    sk_NAMES_pop_free(namemap->numnames, names_free);

    ossl_ht_free(namemap->namenum_ht);

    CRYPTO_THREAD_lock_free(namemap->lock);
    OPENSSL_free(namemap);
}

Coverage Report

Created: 2025-08-28 07:07

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include "internal/namemap.h"
11		#include "internal/tsan_assist.h"
12		#include "internal/hashtable.h"
13		#include "internal/sizes.h"
14		#include "crypto/context.h"
15
16	236	#define NAMEMAP_HT_BUCKETS 512
17
18		HT_START_KEY_DEFN(namenum_key)
19		HT_DEF_KEY_FIELD_CHAR_ARRAY(name, 64)
20		HT_END_KEY_DEFN(NAMENUM_KEY)
21
22		/*-
23		* The namemap itself
24		* ==================
25		*/
26
27		typedef STACK_OF(OPENSSL_STRING) NAMES;
28
29		DEFINE_STACK_OF(NAMES)
30
31		struct ossl_namemap_st {
32		/* Flags */
33		unsigned int stored:1; /* If 1, it's stored in a library context */
34
35		HT namenum_ht; / Name->number mapping */
36
37		CRYPTO_RWLOCK *lock;
38		STACK_OF(NAMES) *numnames;
39
40		TSAN_QUALIFIER int max_number; /* Current max number */
41		};
42
43		static void name_string_free(char *name)
44	24.5k	{
45	24.5k	OPENSSL_free(name);
46	24.5k	}
47
48		static void names_free(NAMES *n)
49	10.8k	{
50	10.8k	sk_OPENSSL_STRING_pop_free(n, name_string_free);
51	10.8k	}
52
53		/* OSSL_LIB_CTX_METHOD functions for a namemap stored in a library context */
54
55		void ossl_stored_namemap_new(OSSL_LIB_CTX libctx)
56	343	{
57	343	OSSL_NAMEMAP *namemap = ossl_namemap_new(libctx);
58
59	343	if (namemap != NULL)
60	343	namemap->stored = 1;
61
62	343	return namemap;
63	343	}
64
65		void ossl_stored_namemap_free(void *vnamemap)
66	223	{
67	223	OSSL_NAMEMAP *namemap = vnamemap;
68
69	223	if (namemap != NULL) {
70		/* Pretend it isn't stored, or ossl_namemap_free() will do nothing */
71	223	namemap->stored = 0;
72	223	ossl_namemap_free(namemap);
73	223	}
74	223	}
75
76		/*-
77		* API functions
78		* =============
79		*/
80
81		int ossl_namemap_empty(OSSL_NAMEMAP *namemap)
82	266M	{
83		#ifdef TSAN_REQUIRES_LOCKING
84		/* No TSAN support */
85		int rv;
86
87		if (namemap == NULL)
88		return 1;
89
90		if (!CRYPTO_THREAD_read_lock(namemap->lock))
91		return -1;
92		rv = namemap->max_number == 0;
93		CRYPTO_THREAD_unlock(namemap->lock);
94		return rv;
95		#else
96		/* Have TSAN support */
97	266M	return namemap == NULL \|\| tsan_load(&namemap->max_number) == 0;
98	266M	#endif
99	266M	}
100
101		/*
102		* Call the callback for all names in the namemap with the given number.
103		* A return value 1 means that the callback was called for all names. A
104		* return value of 0 means that the callback was not called for any names.
105		*/
106		int ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number,
107		void (fn)(const char name, void *data),
108		void *data)
109	542k	{
110	542k	int i;
111	542k	NAMES *names;
112
113	542k	if (namemap == NULL \|\| number <= 0)
114	0	return 0;
115
116		/*
117		* We duplicate the NAMES stack under a read lock. Subsequently we call
118		* the user function, so that we're not holding the read lock when in user
119		* code. This could lead to deadlocks.
120		*/
121	542k	if (!CRYPTO_THREAD_read_lock(namemap->lock))
122	0	return 0;
123
124	542k	names = sk_NAMES_value(namemap->numnames, number - 1);
125	542k	if (names != NULL)
126	542k	names = sk_OPENSSL_STRING_dup(names);
127
128	542k	CRYPTO_THREAD_unlock(namemap->lock);
129
130	542k	if (names == NULL)
131	0	return 0;
132
133	2.32M	for (i = 0; i < sk_OPENSSL_STRING_num(names); i++)
134	1.78M	fn(sk_OPENSSL_STRING_value(names, i), data);
135
136	542k	sk_OPENSSL_STRING_free(names);
137	542k	return i > 0;
138	542k	}
139
140		int ossl_namemap_name2num(const OSSL_NAMEMAP namemap, const char name)
141	22.3M	{
142	22.3M	int number = 0;
143	22.3M	HT_VALUE *val;
144	22.3M	NAMENUM_KEY key;
145
146	22.3M	#ifndef FIPS_MODULE
147	22.3M	if (namemap == NULL)
148	0	namemap = ossl_namemap_stored(NULL);
149	22.3M	#endif
150
151	22.3M	if (namemap == NULL)
152	0	return 0;
153
154	22.3M	HT_INIT_KEY(&key);
155	22.3M	HT_SET_KEY_STRING_CASE(&key, name, name);
156
157	22.3M	val = ossl_ht_get(namemap->namenum_ht, TO_HT_KEY(&key));
158
159	22.3M	if (val != NULL)
160		/* We store a (small) int directly instead of a pointer to it. */
161	20.8M	number = (int)(intptr_t)val->value;
162
163	22.3M	return number;
164	22.3M	}
165
166		/* TODO: Optimize to avoid strndup() */
167		int ossl_namemap_name2num_n(const OSSL_NAMEMAP *namemap,
168		const char *name, size_t name_len)
169	848k	{
170	848k	char *tmp;
171	848k	int ret;
172
173	848k	if (name == NULL \|\| (tmp = OPENSSL_strndup(name, name_len)) == NULL)
174	0	return 0;
175
176	848k	ret = ossl_namemap_name2num(namemap, tmp);
177	848k	OPENSSL_free(tmp);
178	848k	return ret;
179	848k	}
180
181		const char ossl_namemap_num2name(const OSSL_NAMEMAP namemap, int number,
182		size_t idx)
183	0	{
184	0	NAMES *names;
185	0	const char *ret = NULL;
186
187	0	if (namemap == NULL \|\| number <= 0)
188	0	return NULL;
189
190	0	if (!CRYPTO_THREAD_read_lock(namemap->lock))
191	0	return NULL;
192
193	0	names = sk_NAMES_value(namemap->numnames, number - 1);
194	0	if (names != NULL)
195	0	ret = sk_OPENSSL_STRING_value(names, idx);
196
197	0	CRYPTO_THREAD_unlock(namemap->lock);
198
199	0	return ret;
200	0	}
201
202		/* This function is not thread safe, the namemap must be locked */
203		static int numname_insert(OSSL_NAMEMAP *namemap, int number,
204		const char *name)
205	28.1k	{
206	28.1k	NAMES *names;
207	28.1k	char *tmpname;
208
209	28.1k	if (number > 0) {
210	15.6k	names = sk_NAMES_value(namemap->numnames, number - 1);
211	15.6k	if (!ossl_assert(names != NULL)) {
212		/* cannot happen */
213	0	return 0;
214	0	}
215	15.6k	} else {
216		/* a completely new entry */
217	12.4k	names = sk_OPENSSL_STRING_new_null();
218	12.4k	if (names == NULL)
219	0	return 0;
220	12.4k	}
221
222	28.1k	if ((tmpname = OPENSSL_strdup(name)) == NULL)
223	0	goto err;
224
225	28.1k	if (!sk_OPENSSL_STRING_push(names, tmpname))
226	0	goto err;
227	28.1k	tmpname = NULL;
228
229	28.1k	if (number <= 0) {
230	12.4k	if (!sk_NAMES_push(namemap->numnames, names))
231	0	goto err;
232	12.4k	number = sk_NAMES_num(namemap->numnames);
233	12.4k	}
234	28.1k	return number;
235
236	0	err:
237	0	if (number <= 0)
238	0	sk_OPENSSL_STRING_pop_free(names, name_string_free);
239	0	OPENSSL_free(tmpname);
240	0	return 0;
241	28.1k	}
242
243		/* This function is not thread safe, the namemap must be locked */
244		static int namemap_add_name(OSSL_NAMEMAP *namemap, int number,
245		const char *name)
246	41.0k	{
247	41.0k	int ret;
248	41.0k	HT_VALUE val = { 0 };
249	41.0k	NAMENUM_KEY key;
250
251		/* If it already exists, we don't add it */
252	41.0k	if ((ret = ossl_namemap_name2num(namemap, name)) != 0)
253	23.5k	return ret;
254
255	17.4k	if ((number = numname_insert(namemap, number, name)) == 0)
256	0	return 0;
257
258		/* Using tsan_store alone here is safe since we're under lock */
259	17.4k	tsan_store(&namemap->max_number, number);
260
261	17.4k	HT_INIT_KEY(&key);
262	17.4k	HT_SET_KEY_STRING_CASE(&key, name, name);
263	17.4k	val.value = (void *)(intptr_t)number;
264	17.4k	ret = ossl_ht_insert(namemap->namenum_ht, TO_HT_KEY(&key), &val, NULL);
265	17.4k	if (!ossl_assert(ret != 0)) /* cannot happen as we are under write lock */
266	0	return 0;
267	17.4k	if (ret < 1) {
268		/* unable to insert due to too many collisions */
269	0	ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_NAMES);
270	0	return 0;
271	0	}
272	17.4k	return number;
273	17.4k	}
274
275		int ossl_namemap_add_name(OSSL_NAMEMAP *namemap, int number,
276		const char *name)
277	52.6k	{
278	52.6k	int tmp_number;
279
280	52.6k	#ifndef FIPS_MODULE
281	52.6k	if (namemap == NULL)
282	0	namemap = ossl_namemap_stored(NULL);
283	52.6k	#endif
284
285	52.6k	if (name == NULL \|\| *name == 0 \|\| namemap == NULL)
286	0	return 0;
287
288	52.6k	if (!CRYPTO_THREAD_write_lock(namemap->lock))
289	0	return 0;
290	52.6k	tmp_number = namemap_add_name(namemap, number, name);
291	52.6k	CRYPTO_THREAD_unlock(namemap->lock);
292	52.6k	return tmp_number;
293	52.6k	}
294
295		int ossl_namemap_add_names(OSSL_NAMEMAP *namemap, int number,
296		const char *names, const char separator)
297	19.0k	{
298	19.0k	char tmp, p, q, endp;
299
300		/* Check that we have a namemap */
301	19.0k	if (!ossl_assert(namemap != NULL)) {
302	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
303	0	return 0;
304	0	}
305
306	19.0k	if ((tmp = OPENSSL_strdup(names)) == NULL)
307	0	return 0;
308
309	19.0k	if (!CRYPTO_THREAD_write_lock(namemap->lock)) {
310	0	OPENSSL_free(tmp);
311	0	return 0;
312	0	}
313		/*
314		* Check that no name is an empty string, and that all names have at
315		* most one numeric identity together.
316		*/
317	54.4k	for (p = tmp; *p != '\0'; p = q) {
318	35.4k	int this_number;
319	35.4k	size_t l;
320
321	35.4k	if ((q = strchr(p, separator)) == NULL) {
322	19.0k	l = strlen(p); /* offset to \0 */
323	19.0k	q = p + l;
324	19.0k	} else {
325	16.4k	l = q - p; /* offset to the next separator */
326	16.4k	*q++ = '\0';
327	16.4k	}
328
329	35.4k	if (*p == '\0') {
330	0	ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_BAD_ALGORITHM_NAME);
331	0	number = 0;
332	0	goto end;
333	0	}
334
335	35.4k	this_number = ossl_namemap_name2num(namemap, p);
336
337	35.4k	if (number == 0) {
338	26.2k	number = this_number;
339	26.2k	} else if (this_number != 0 && this_number != number) {
340	0	ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_CONFLICTING_NAMES,
341	0	"\"%s\" has an existing different identity %d (from \"%s\")",
342	0	p, this_number, names);
343	0	number = 0;
344	0	goto end;
345	0	}
346	35.4k	}
347	19.0k	endp = p;
348
349		/* Now that we have checked, register all names */
350	54.4k	for (p = tmp; p < endp; p = q) {
351	35.4k	int this_number;
352
353	35.4k	q = p + strlen(p) + 1;
354
355	35.4k	this_number = namemap_add_name(namemap, number, p);
356	35.4k	if (number == 0) {
357	6.86k	number = this_number;
358	28.6k	} else if (this_number != number) {
359	0	ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR,
360	0	"Got number %d when expecting %d",
361	0	this_number, number);
362	0	number = 0;
363	0	goto end;
364	0	}
365	35.4k	}
366
367	19.0k	end:
368	19.0k	CRYPTO_THREAD_unlock(namemap->lock);
369	19.0k	OPENSSL_free(tmp);
370	19.0k	return number;
371	19.0k	}
372
373		/*-
374		* Pre-population
375		* ==============
376		*/
377
378		#ifndef FIPS_MODULE
379		#include <openssl/evp.h>
380
381		/* Creates an initial namemap with names found in the legacy method db */
382		static void get_legacy_evp_names(int base_nid, int nid, const char *pem_name,
383		void *arg)
384	22.7k	{
385	22.7k	int num = 0;
386	22.7k	ASN1_OBJECT *obj;
387
388	22.7k	if (base_nid != NID_undef) {
389	382	num = ossl_namemap_add_name(arg, num, OBJ_nid2sn(base_nid));
390	382	num = ossl_namemap_add_name(arg, num, OBJ_nid2ln(base_nid));
391	382	}
392
393	22.7k	if (nid != NID_undef) {
394	18.4k	num = ossl_namemap_add_name(arg, num, OBJ_nid2sn(nid));
395	18.4k	num = ossl_namemap_add_name(arg, num, OBJ_nid2ln(nid));
396	18.4k	if ((obj = OBJ_nid2obj(nid)) != NULL) {
397	18.4k	char txtoid[OSSL_MAX_NAME_SIZE];
398
399	18.4k	if (OBJ_obj2txt(txtoid, sizeof(txtoid), obj, 1) > 0)
400	18.4k	num = ossl_namemap_add_name(arg, num, txtoid);
401	18.4k	}
402	18.4k	}
403	22.7k	if (pem_name != NULL)
404	968	num = ossl_namemap_add_name(arg, num, pem_name);
405	22.7k	}
406
407		static void get_legacy_cipher_names(const OBJ_NAME on, void arg)
408	16.0k	{
409	16.0k	const EVP_CIPHER cipher = (void )OBJ_NAME_get(on->name, on->type);
410
411	16.0k	if (cipher != NULL)
412	16.0k	get_legacy_evp_names(NID_undef, EVP_CIPHER_get_type(cipher), NULL, arg);
413	16.0k	}
414
415		static void get_legacy_md_names(const OBJ_NAME on, void arg)
416	5.19k	{
417	5.19k	const EVP_MD md = (void )OBJ_NAME_get(on->name, on->type);
418
419	5.19k	if (md != NULL)
420	5.19k	get_legacy_evp_names(0, EVP_MD_get_type(md), NULL, arg);
421	5.19k	}
422
423		static void get_legacy_pkey_meth_names(const EVP_PKEY_ASN1_METHOD *ameth,
424		void *arg)
425	1.35k	{
426	1.35k	int nid = 0, base_nid = 0, flags = 0;
427	1.35k	const char *pem_name = NULL;
428
429	1.35k	EVP_PKEY_asn1_get0_info(&nid, &base_nid, &flags, NULL, &pem_name, ameth);
430	1.35k	if (nid != NID_undef) {
431	1.35k	if ((flags & ASN1_PKEY_ALIAS) == 0) {
432	880	switch (nid) {
433	88	case EVP_PKEY_DHX:
434		/* We know that the name "DHX" is used too */
435	88	get_legacy_evp_names(0, nid, "DHX", arg);
436		/* FALLTHRU */
437	880	default:
438	880	get_legacy_evp_names(0, nid, pem_name, arg);
439	880	}
440	880	} else {
441		/*
442		* Treat aliases carefully, some of them are undesirable, or
443		* should not be treated as such for providers.
444		*/
445
446	470	switch (nid) {
447	88	case EVP_PKEY_SM2:
448		/*
449		* SM2 is a separate keytype with providers, not an alias for
450		* EC.
451		*/
452	88	get_legacy_evp_names(0, nid, pem_name, arg);
453	88	break;
454	382	default:
455		/* Use the short name of the base nid as the common reference */
456	382	get_legacy_evp_names(base_nid, nid, pem_name, arg);
457	470	}
458	470	}
459	1.35k	}
460	1.35k	}
461		#endif
462
463		/*-
464		* Constructors / destructors
465		* ==========================
466		*/
467
468		OSSL_NAMEMAP ossl_namemap_stored(OSSL_LIB_CTX libctx)
469	257M	{
470	257M	#ifndef FIPS_MODULE
471	257M	int nms;
472	257M	#endif
473	257M	OSSL_NAMEMAP *namemap =
474	257M	ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_NAMEMAP_INDEX);
475
476	257M	if (namemap == NULL)
477	0	return NULL;
478
479	257M	#ifndef FIPS_MODULE
480	257M	nms = ossl_namemap_empty(namemap);
481	257M	if (nms < 0) {
482		/*
483		* Could not get lock to make the count, so maybe internal objects
484		* weren't added. This seems safest.
485		*/
486	0	return NULL;
487	0	}
488	257M	if (nms == 1) {
489	67	int i, end;
490
491		/* Before pilfering, we make sure the legacy database is populated */
492	67	OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
493	67	\| OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
494
495	67	OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH,
496	67	get_legacy_cipher_names, namemap);
497	67	OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH,
498	67	get_legacy_md_names, namemap);
499
500		/* We also pilfer data from the legacy EVP_PKEY_ASN1_METHODs */
501	1.10k	for (i = 0, end = EVP_PKEY_asn1_get_count(); i < end; i++)
502	1.03k	get_legacy_pkey_meth_names(EVP_PKEY_asn1_get0(i), namemap);
503	67	}
504	257M	#endif
505
506	257M	return namemap;
507	257M	}
508
509		OSSL_NAMEMAP ossl_namemap_new(OSSL_LIB_CTX libctx)
510	236	{
511	236	OSSL_NAMEMAP *namemap;
512	236	HT_CONFIG htconf = { NULL, NULL, NULL, NAMEMAP_HT_BUCKETS, 1, 1 };
513
514	236	htconf.ctx = libctx;
515
516	236	if ((namemap = OPENSSL_zalloc(sizeof(*namemap))) == NULL)
517	0	goto err;
518
519	236	if ((namemap->lock = CRYPTO_THREAD_lock_new()) == NULL)
520	0	goto err;
521
522	236	if ((namemap->namenum_ht = ossl_ht_new(&htconf)) == NULL)
523	0	goto err;
524
525	236	if ((namemap->numnames = sk_NAMES_new_null()) == NULL)
526	0	goto err;
527
528	236	return namemap;
529
530	0	err:
531	0	ossl_namemap_free(namemap);
532	0	return NULL;
533	236	}
534
535		void ossl_namemap_free(OSSL_NAMEMAP *namemap)
536	230	{
537	230	if (namemap == NULL \|\| namemap->stored)
538	0	return;
539
540	230	sk_NAMES_pop_free(namemap->numnames, names_free);
541
542	230	ossl_ht_free(namemap->namenum_ht);
543
544	230	CRYPTO_THREAD_lock_free(namemap->lock);
545	230	OPENSSL_free(namemap);
546	230	}