/src/openssl33/crypto/core_namemap.c

Source
/*
 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include "internal/namemap.h"
#include <openssl/lhash.h>
#include "crypto/lhash.h" /* ossl_lh_strcasehash */
#include "internal/tsan_assist.h"
#include "internal/sizes.h"
#include "crypto/context.h"

/*-
 * The namenum entry
 * =================
 */
typedef struct {
    char *name;
    int number;
} NAMENUM_ENTRY;

DEFINE_LHASH_OF_EX(NAMENUM_ENTRY);

/*-
 * The namemap itself
 * ==================
 */

struct ossl_namemap_st {
    /* Flags */
    unsigned int stored : 1; /* If 1, it's stored in a library context */

    CRYPTO_RWLOCK *lock;
    LHASH_OF(NAMENUM_ENTRY) *namenum; /* Name->number mapping */

    TSAN_QUALIFIER int max_number; /* Current max number */
};

/* LHASH callbacks */

static unsigned long namenum_hash(const NAMENUM_ENTRY *n)
{
    return ossl_lh_strcasehash(n->name);
}

static int namenum_cmp(const NAMENUM_ENTRY *a, const NAMENUM_ENTRY *b)
{
    return OPENSSL_strcasecmp(a->name, b->name);
}

static void namenum_free(NAMENUM_ENTRY *n)
{
    if (n != NULL)
        OPENSSL_free(n->name);
    OPENSSL_free(n);
}

/* OSSL_LIB_CTX_METHOD functions for a namemap stored in a library context */

void *ossl_stored_namemap_new(OSSL_LIB_CTX *libctx)
{
    OSSL_NAMEMAP *namemap = ossl_namemap_new();

    if (namemap != NULL)
        namemap->stored = 1;

    return namemap;
}

void ossl_stored_namemap_free(void *vnamemap)
{
    OSSL_NAMEMAP *namemap = vnamemap;

    if (namemap != NULL) {
        /* Pretend it isn't stored, or ossl_namemap_free() will do nothing */
        namemap->stored = 0;
        ossl_namemap_free(namemap);
    }
}

/*-
 * API functions
 * =============
 */

int ossl_namemap_empty(OSSL_NAMEMAP *namemap)
{
#ifdef TSAN_REQUIRES_LOCKING
    /* No TSAN support */
    int rv;

    if (namemap == NULL)
        return 1;

    if (!CRYPTO_THREAD_read_lock(namemap->lock))
        return -1;
    rv = namemap->max_number == 0;
    CRYPTO_THREAD_unlock(namemap->lock);
    return rv;
#else
    /* Have TSAN support */
    return namemap == NULL || tsan_load(&namemap->max_number) == 0;
#endif
}

typedef struct doall_names_data_st {
    int number;
    const char **names;
    int found;
} DOALL_NAMES_DATA;

static void do_name(const NAMENUM_ENTRY *namenum, DOALL_NAMES_DATA *data)
{
    if (namenum->number == data->number)
        data->names[data->found++] = namenum->name;
}

IMPLEMENT_LHASH_DOALL_ARG_CONST(NAMENUM_ENTRY, DOALL_NAMES_DATA);

/*
 * Call the callback for all names in the namemap with the given number.
 * A return value 1 means that the callback was called for all names. A
 * return value of 0 means that the callback was not called for any names.
 */
int ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number,
    void (*fn)(const char *name, void *data),
    void *data)
{
    DOALL_NAMES_DATA cbdata;
    size_t num_names;
    int i;

    cbdata.number = number;
    cbdata.found = 0;

    if (namemap == NULL)
        return 0;

    /*
     * We collect all the names first under a read lock. Subsequently we call
     * the user function, so that we're not holding the read lock when in user
     * code. This could lead to deadlocks.
     */
    if (!CRYPTO_THREAD_read_lock(namemap->lock))
        return 0;

    num_names = lh_NAMENUM_ENTRY_num_items(namemap->namenum);
    if (num_names == 0) {
        CRYPTO_THREAD_unlock(namemap->lock);
        return 0;
    }
    cbdata.names = OPENSSL_malloc(sizeof(*cbdata.names) * num_names);
    if (cbdata.names == NULL) {
        CRYPTO_THREAD_unlock(namemap->lock);
        return 0;
    }
    lh_NAMENUM_ENTRY_doall_DOALL_NAMES_DATA(namemap->namenum, do_name,
        &cbdata);
    CRYPTO_THREAD_unlock(namemap->lock);

    for (i = 0; i < cbdata.found; i++)
        fn(cbdata.names[i], data);

    OPENSSL_free(cbdata.names);
    return 1;
}

/* This function is not thread safe, the namemap must be locked */
static int namemap_name2num(const OSSL_NAMEMAP *namemap,
    const char *name)
{
    NAMENUM_ENTRY *namenum_entry, namenum_tmpl;

    namenum_tmpl.name = (char *)name;
    namenum_tmpl.number = 0;
    namenum_entry = lh_NAMENUM_ENTRY_retrieve(namemap->namenum, &namenum_tmpl);
    return namenum_entry != NULL ? namenum_entry->number : 0;
}

int ossl_namemap_name2num(const OSSL_NAMEMAP *namemap, const char *name)
{
    int number;

#ifndef FIPS_MODULE
    if (namemap == NULL)
        namemap = ossl_namemap_stored(NULL);
#endif

    if (namemap == NULL)
        return 0;

    if (!CRYPTO_THREAD_read_lock(namemap->lock))
        return 0;
    number = namemap_name2num(namemap, name);
    CRYPTO_THREAD_unlock(namemap->lock);

    return number;
}

int ossl_namemap_name2num_n(const OSSL_NAMEMAP *namemap,
    const char *name, size_t name_len)
{
    char *tmp;
    int ret;

    if (name == NULL || (tmp = OPENSSL_strndup(name, name_len)) == NULL)
        return 0;

    ret = ossl_namemap_name2num(namemap, tmp);
    OPENSSL_free(tmp);
    return ret;
}

struct num2name_data_st {
    size_t idx; /* Countdown */
    const char *name; /* Result */
};

static void do_num2name(const char *name, void *vdata)
{
    struct num2name_data_st *data = vdata;

    if (data->idx > 0)
        data->idx--;
    else if (data->name == NULL)
        data->name = name;
}

const char *ossl_namemap_num2name(const OSSL_NAMEMAP *namemap, int number,
    size_t idx)
{
    struct num2name_data_st data;

    data.idx = idx;
    data.name = NULL;
    if (!ossl_namemap_doall_names(namemap, number, do_num2name, &data))
        return NULL;
    return data.name;
}

/* This function is not thread safe, the namemap must be locked */
static int namemap_add_name(OSSL_NAMEMAP *namemap, int number,
    const char *name)
{
    NAMENUM_ENTRY *namenum = NULL;
    int tmp_number;

    /* If it already exists, we don't add it */
    if ((tmp_number = namemap_name2num(namemap, name)) != 0)
        return tmp_number;

    if ((namenum = OPENSSL_zalloc(sizeof(*namenum))) == NULL)
        return 0;

    if ((namenum->name = OPENSSL_strdup(name)) == NULL)
        goto err;

    /* The tsan_counter use here is safe since we're under lock */
    namenum->number = number != 0 ? number : 1 + tsan_counter(&namemap->max_number);
    (void)lh_NAMENUM_ENTRY_insert(namemap->namenum, namenum);

    if (lh_NAMENUM_ENTRY_error(namemap->namenum))
        goto err;
    return namenum->number;

err:
    namenum_free(namenum);
    return 0;
}

int ossl_namemap_add_name(OSSL_NAMEMAP *namemap, int number,
    const char *name)
{
    int tmp_number;

#ifndef FIPS_MODULE
    if (namemap == NULL)
        namemap = ossl_namemap_stored(NULL);
#endif

    if (name == NULL || *name == 0 || namemap == NULL)
        return 0;

    if (!CRYPTO_THREAD_write_lock(namemap->lock))
        return 0;
    tmp_number = namemap_add_name(namemap, number, name);
    CRYPTO_THREAD_unlock(namemap->lock);
    return tmp_number;
}

int ossl_namemap_add_names(OSSL_NAMEMAP *namemap, int number,
    const char *names, const char separator)
{
    char *tmp, *p, *q, *endp;

    /* Check that we have a namemap */
    if (!ossl_assert(namemap != NULL)) {
        ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    if ((tmp = OPENSSL_strdup(names)) == NULL)
        return 0;

    if (!CRYPTO_THREAD_write_lock(namemap->lock)) {
        OPENSSL_free(tmp);
        return 0;
    }
    /*
     * Check that no name is an empty string, and that all names have at
     * most one numeric identity together.
     */
    for (p = tmp; *p != '\0'; p = q) {
        int this_number;
        size_t l;

        if ((q = strchr(p, separator)) == NULL) {
            l = strlen(p); /* offset to \0 */
            q = p + l;
        } else {
            l = q - p; /* offset to the next separator */
            *q++ = '\0';
        }

        if (*p == '\0') {
            ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_BAD_ALGORITHM_NAME);
            number = 0;
            goto end;
        }

        this_number = namemap_name2num(namemap, p);

        if (number == 0) {
            number = this_number;
        } else if (this_number != 0 && this_number != number) {
            ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_CONFLICTING_NAMES,
                "\"%s\" has an existing different identity %d (from \"%s\")",
                p, this_number, names);
            number = 0;
            goto end;
        }
    }
    endp = p;

    /* Now that we have checked, register all names */
    for (p = tmp; p < endp; p = q) {
        int this_number;

        q = p + strlen(p) + 1;

        this_number = namemap_add_name(namemap, number, p);
        if (number == 0) {
            number = this_number;
        } else if (this_number != number) {
            ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR,
                "Got number %d when expecting %d",
                this_number, number);
            number = 0;
            goto end;
        }
    }

end:
    CRYPTO_THREAD_unlock(namemap->lock);
    OPENSSL_free(tmp);
    return number;
}

/*-
 * Pre-population
 * ==============
 */

#ifndef FIPS_MODULE
#include <openssl/evp.h>

/* Creates an initial namemap with names found in the legacy method db */
static void get_legacy_evp_names(int base_nid, int nid, const char *pem_name,
    void *arg)
{
    int num = 0;
    ASN1_OBJECT *obj;

    if (base_nid != NID_undef) {
        num = ossl_namemap_add_name(arg, num, OBJ_nid2sn(base_nid));
        num = ossl_namemap_add_name(arg, num, OBJ_nid2ln(base_nid));
    }

    if (nid != NID_undef) {
        num = ossl_namemap_add_name(arg, num, OBJ_nid2sn(nid));
        num = ossl_namemap_add_name(arg, num, OBJ_nid2ln(nid));
        if ((obj = OBJ_nid2obj(nid)) != NULL) {
            char txtoid[OSSL_MAX_NAME_SIZE];

            if (OBJ_obj2txt(txtoid, sizeof(txtoid), obj, 1) > 0)
                num = ossl_namemap_add_name(arg, num, txtoid);
        }
    }
    if (pem_name != NULL)
        num = ossl_namemap_add_name(arg, num, pem_name);
}

static void get_legacy_cipher_names(const OBJ_NAME *on, void *arg)
{
    const EVP_CIPHER *cipher = (void *)OBJ_NAME_get(on->name, on->type);

    if (cipher != NULL)
        get_legacy_evp_names(NID_undef, EVP_CIPHER_get_type(cipher), NULL, arg);
}

static void get_legacy_md_names(const OBJ_NAME *on, void *arg)
{
    const EVP_MD *md = (void *)OBJ_NAME_get(on->name, on->type);

    if (md != NULL)
        get_legacy_evp_names(0, EVP_MD_get_type(md), NULL, arg);
}

static void get_legacy_pkey_meth_names(const EVP_PKEY_ASN1_METHOD *ameth,
    void *arg)
{
    int nid = 0, base_nid = 0, flags = 0;
    const char *pem_name = NULL;

    EVP_PKEY_asn1_get0_info(&nid, &base_nid, &flags, NULL, &pem_name, ameth);
    if (nid != NID_undef) {
        if ((flags & ASN1_PKEY_ALIAS) == 0) {
            switch (nid) {
            case EVP_PKEY_DHX:
                /* We know that the name "DHX" is used too */
                get_legacy_evp_names(0, nid, "DHX", arg);
                /* FALLTHRU */
            default:
                get_legacy_evp_names(0, nid, pem_name, arg);
            }
        } else {
            /*
             * Treat aliases carefully, some of them are undesirable, or
             * should not be treated as such for providers.
             */

            switch (nid) {
            case EVP_PKEY_SM2:
                /*
                 * SM2 is a separate keytype with providers, not an alias for
                 * EC.
                 */
                get_legacy_evp_names(0, nid, pem_name, arg);
                break;
            default:
                /* Use the short name of the base nid as the common reference */
                get_legacy_evp_names(base_nid, nid, pem_name, arg);
            }
        }
    }
}
#endif

/*-
 * Constructors / destructors
 * ==========================
 */

OSSL_NAMEMAP *ossl_namemap_stored(OSSL_LIB_CTX *libctx)
{
#ifndef FIPS_MODULE
    int nms;
#endif
    OSSL_NAMEMAP *namemap = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_NAMEMAP_INDEX);

    if (namemap == NULL)
        return NULL;

#ifndef FIPS_MODULE
    nms = ossl_namemap_empty(namemap);
    if (nms < 0) {
        /*
         * Could not get lock to make the count, so maybe internal objects
         * weren't added. This seems safest.
         */
        return NULL;
    }
    if (nms == 1) {
        int i, end;

        /* Before pilfering, we make sure the legacy database is populated */
        OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
                | OPENSSL_INIT_ADD_ALL_DIGESTS,
            NULL);

        OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH,
            get_legacy_cipher_names, namemap);
        OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH,
            get_legacy_md_names, namemap);

        /* We also pilfer data from the legacy EVP_PKEY_ASN1_METHODs */
        for (i = 0, end = EVP_PKEY_asn1_get_count(); i < end; i++)
            get_legacy_pkey_meth_names(EVP_PKEY_asn1_get0(i), namemap);
    }
#endif

    return namemap;
}

OSSL_NAMEMAP *ossl_namemap_new(void)
{
    OSSL_NAMEMAP *namemap;

    if ((namemap = OPENSSL_zalloc(sizeof(*namemap))) != NULL
        && (namemap->lock = CRYPTO_THREAD_lock_new()) != NULL
        && (namemap->namenum = lh_NAMENUM_ENTRY_new(namenum_hash, namenum_cmp)) != NULL)
        return namemap;

    ossl_namemap_free(namemap);
    return NULL;
}

void ossl_namemap_free(OSSL_NAMEMAP *namemap)
{
    if (namemap == NULL || namemap->stored)
        return;

    lh_NAMENUM_ENTRY_doall(namemap->namenum, namenum_free);
    lh_NAMENUM_ENTRY_free(namemap->namenum);

    CRYPTO_THREAD_lock_free(namemap->lock);
    OPENSSL_free(namemap);
}

Coverage Report

Created: 2025-12-31 06:58

Line	Count	Source
1		/*
2		* Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include "internal/namemap.h"
11		#include <openssl/lhash.h>
12		#include "crypto/lhash.h" /* ossl_lh_strcasehash */
13		#include "internal/tsan_assist.h"
14		#include "internal/sizes.h"
15		#include "crypto/context.h"
16
17		/*-
18		* The namenum entry
19		* =================
20		*/
21		typedef struct {
22		char *name;
23		int number;
24		} NAMENUM_ENTRY;
25
26		DEFINE_LHASH_OF_EX(NAMENUM_ENTRY);
27
28		/*-
29		* The namemap itself
30		* ==================
31		*/
32
33		struct ossl_namemap_st {
34		/* Flags */
35		unsigned int stored : 1; /* If 1, it's stored in a library context */
36
37		CRYPTO_RWLOCK *lock;
38		LHASH_OF(NAMENUM_ENTRY) namenum; / Name->number mapping */
39
40		TSAN_QUALIFIER int max_number; /* Current max number */
41		};
42
43		/* LHASH callbacks */
44
45		static unsigned long namenum_hash(const NAMENUM_ENTRY *n)
46	245M	{
47	245M	return ossl_lh_strcasehash(n->name);
48	245M	}
49
50		static int namenum_cmp(const NAMENUM_ENTRY a, const NAMENUM_ENTRY b)
51	204M	{
52	204M	return OPENSSL_strcasecmp(a->name, b->name);
53	204M	}
54
55		static void namenum_free(NAMENUM_ENTRY *n)
56	7.32k	{
57	7.32k	if (n != NULL)
58	7.32k	OPENSSL_free(n->name);
59	7.32k	OPENSSL_free(n);
60	7.32k	}
61
62		/* OSSL_LIB_CTX_METHOD functions for a namemap stored in a library context */
63
64		void ossl_stored_namemap_new(OSSL_LIB_CTX libctx)
65	378	{
66	378	OSSL_NAMEMAP *namemap = ossl_namemap_new();
67
68	378	if (namemap != NULL)
69	378	namemap->stored = 1;
70
71	378	return namemap;
72	378	}
73
74		void ossl_stored_namemap_free(void *vnamemap)
75	196	{
76	196	OSSL_NAMEMAP *namemap = vnamemap;
77
78	196	if (namemap != NULL) {
79		/* Pretend it isn't stored, or ossl_namemap_free() will do nothing */
80	196	namemap->stored = 0;
81	196	ossl_namemap_free(namemap);
82	196	}
83	196	}
84
85		/*-
86		* API functions
87		* =============
88		*/
89
90		int ossl_namemap_empty(OSSL_NAMEMAP *namemap)
91	282M	{
92		#ifdef TSAN_REQUIRES_LOCKING
93		/* No TSAN support */
94		int rv;
95
96		if (namemap == NULL)
97		return 1;
98
99		if (!CRYPTO_THREAD_read_lock(namemap->lock))
100		return -1;
101		rv = namemap->max_number == 0;
102		CRYPTO_THREAD_unlock(namemap->lock);
103		return rv;
104		#else
105		/* Have TSAN support */
106	282M	return namemap == NULL \|\| tsan_load(&namemap->max_number) == 0;
107	282M	#endif
108	282M	}
109
110		typedef struct doall_names_data_st {
111		int number;
112		const char **names;
113		int found;
114		} DOALL_NAMES_DATA;
115
116		static void do_name(const NAMENUM_ENTRY namenum, DOALL_NAMES_DATA data)
117	605M	{
118	605M	if (namenum->number == data->number)
119	6.85M	data->names[data->found++] = namenum->name;
120	605M	}
121
122		IMPLEMENT_LHASH_DOALL_ARG_CONST(NAMENUM_ENTRY, DOALL_NAMES_DATA);
123
124		/*
125		* Call the callback for all names in the namemap with the given number.
126		* A return value 1 means that the callback was called for all names. A
127		* return value of 0 means that the callback was not called for any names.
128		*/
129		int ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number,
130		void (fn)(const char name, void *data),
131		void *data)
132	1.73M	{
133	1.73M	DOALL_NAMES_DATA cbdata;
134	1.73M	size_t num_names;
135	1.73M	int i;
136
137	1.73M	cbdata.number = number;
138	1.73M	cbdata.found = 0;
139
140	1.73M	if (namemap == NULL)
141	0	return 0;
142
143		/*
144		* We collect all the names first under a read lock. Subsequently we call
145		* the user function, so that we're not holding the read lock when in user
146		* code. This could lead to deadlocks.
147		*/
148	1.73M	if (!CRYPTO_THREAD_read_lock(namemap->lock))
149	0	return 0;
150
151	1.73M	num_names = lh_NAMENUM_ENTRY_num_items(namemap->namenum);
152	1.73M	if (num_names == 0) {
153	0	CRYPTO_THREAD_unlock(namemap->lock);
154	0	return 0;
155	0	}
156	1.73M	cbdata.names = OPENSSL_malloc(sizeof(cbdata.names) num_names);
157	1.73M	if (cbdata.names == NULL) {
158	0	CRYPTO_THREAD_unlock(namemap->lock);
159	0	return 0;
160	0	}
161	1.73M	lh_NAMENUM_ENTRY_doall_DOALL_NAMES_DATA(namemap->namenum, do_name,
162	1.73M	&cbdata);
163	1.73M	CRYPTO_THREAD_unlock(namemap->lock);
164
165	8.59M	for (i = 0; i < cbdata.found; i++)
166	6.85M	fn(cbdata.names[i], data);
167
168	1.73M	OPENSSL_free(cbdata.names);
169	1.73M	return 1;
170	1.73M	}
171
172		/* This function is not thread safe, the namemap must be locked */
173		static int namemap_name2num(const OSSL_NAMEMAP *namemap,
174		const char *name)
175	7.67M	{
176	7.67M	NAMENUM_ENTRY *namenum_entry, namenum_tmpl;
177
178	7.67M	namenum_tmpl.name = (char *)name;
179	7.67M	namenum_tmpl.number = 0;
180	7.67M	namenum_entry = lh_NAMENUM_ENTRY_retrieve(namemap->namenum, &namenum_tmpl);
181	7.67M	return namenum_entry != NULL ? namenum_entry->number : 0;
182	7.67M	}
183
184		int ossl_namemap_name2num(const OSSL_NAMEMAP namemap, const char name)
185	7.65M	{
186	7.65M	int number;
187
188	7.65M	#ifndef FIPS_MODULE
189	7.65M	if (namemap == NULL)
190	0	namemap = ossl_namemap_stored(NULL);
191	7.65M	#endif
192
193	7.65M	if (namemap == NULL)
194	0	return 0;
195
196	7.65M	if (!CRYPTO_THREAD_read_lock(namemap->lock))
197	0	return 0;
198	7.65M	number = namemap_name2num(namemap, name);
199	7.65M	CRYPTO_THREAD_unlock(namemap->lock);
200
201	7.65M	return number;
202	7.65M	}
203
204		int ossl_namemap_name2num_n(const OSSL_NAMEMAP *namemap,
205		const char *name, size_t name_len)
206	683k	{
207	683k	char *tmp;
208	683k	int ret;
209
210	683k	if (name == NULL \|\| (tmp = OPENSSL_strndup(name, name_len)) == NULL)
211	0	return 0;
212
213	683k	ret = ossl_namemap_name2num(namemap, tmp);
214	683k	OPENSSL_free(tmp);
215	683k	return ret;
216	683k	}
217
218		struct num2name_data_st {
219		size_t idx; /* Countdown */
220		const char name; / Result */
221		};
222
223		static void do_num2name(const char name, void vdata)
224	0	{
225	0	struct num2name_data_st *data = vdata;
226
227	0	if (data->idx > 0)
228	0	data->idx--;
229	0	else if (data->name == NULL)
230	0	data->name = name;
231	0	}
232
233		const char ossl_namemap_num2name(const OSSL_NAMEMAP namemap, int number,
234		size_t idx)
235	0	{
236	0	struct num2name_data_st data;
237
238	0	data.idx = idx;
239	0	data.name = NULL;
240	0	if (!ossl_namemap_doall_names(namemap, number, do_num2name, &data))
241	0	return NULL;
242	0	return data.name;
243	0	}
244
245		/* This function is not thread safe, the namemap must be locked */
246		static int namemap_add_name(OSSL_NAMEMAP *namemap, int number,
247		const char *name)
248	12.9k	{
249	12.9k	NAMENUM_ENTRY *namenum = NULL;
250	12.9k	int tmp_number;
251
252		/* If it already exists, we don't add it */
253	12.9k	if ((tmp_number = namemap_name2num(namemap, name)) != 0)
254	8.06k	return tmp_number;
255
256	4.89k	if ((namenum = OPENSSL_zalloc(sizeof(*namenum))) == NULL)
257	0	return 0;
258
259	4.89k	if ((namenum->name = OPENSSL_strdup(name)) == NULL)
260	0	goto err;
261
262		/* The tsan_counter use here is safe since we're under lock */
263	4.89k	namenum->number = number != 0 ? number : 1 + tsan_counter(&namemap->max_number);
264	4.89k	(void)lh_NAMENUM_ENTRY_insert(namemap->namenum, namenum);
265
266	4.89k	if (lh_NAMENUM_ENTRY_error(namemap->namenum))
267	0	goto err;
268	4.89k	return namenum->number;
269
270	0	err:
271	0	namenum_free(namenum);
272	0	return 0;
273	4.89k	}
274
275		int ossl_namemap_add_name(OSSL_NAMEMAP *namemap, int number,
276		const char *name)
277	59.8k	{
278	59.8k	int tmp_number;
279
280	59.8k	#ifndef FIPS_MODULE
281	59.8k	if (namemap == NULL)
282	0	namemap = ossl_namemap_stored(NULL);
283	59.8k	#endif
284
285	59.8k	if (name == NULL \|\| *name == 0 \|\| namemap == NULL)
286	0	return 0;
287
288	59.8k	if (!CRYPTO_THREAD_write_lock(namemap->lock))
289	0	return 0;
290	59.8k	tmp_number = namemap_add_name(namemap, number, name);
291	59.8k	CRYPTO_THREAD_unlock(namemap->lock);
292	59.8k	return tmp_number;
293	59.8k	}
294
295		int ossl_namemap_add_names(OSSL_NAMEMAP *namemap, int number,
296		const char *names, const char separator)
297	23.3k	{
298	23.3k	char tmp, p, q, endp;
299
300		/* Check that we have a namemap */
301	23.3k	if (!ossl_assert(namemap != NULL)) {
302	0	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
303	0	return 0;
304	0	}
305
306	23.3k	if ((tmp = OPENSSL_strdup(names)) == NULL)
307	0	return 0;
308
309	23.3k	if (!CRYPTO_THREAD_write_lock(namemap->lock)) {
310	0	OPENSSL_free(tmp);
311	0	return 0;
312	0	}
313		/*
314		* Check that no name is an empty string, and that all names have at
315		* most one numeric identity together.
316		*/
317	67.5k	for (p = tmp; *p != '\0'; p = q) {
318	44.2k	int this_number;
319	44.2k	size_t l;
320
321	44.2k	if ((q = strchr(p, separator)) == NULL) {
322	23.3k	l = strlen(p); /* offset to \0 */
323	23.3k	q = p + l;
324	23.3k	} else {
325	20.8k	l = q - p; /* offset to the next separator */
326	20.8k	*q++ = '\0';
327	20.8k	}
328
329	44.2k	if (*p == '\0') {
330	0	ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_BAD_ALGORITHM_NAME);
331	0	number = 0;
332	0	goto end;
333	0	}
334
335	44.2k	this_number = namemap_name2num(namemap, p);
336
337	44.2k	if (number == 0) {
338	32.8k	number = this_number;
339	32.8k	} else if (this_number != 0 && this_number != number) {
340	0	ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_CONFLICTING_NAMES,
341	0	"\"%s\" has an existing different identity %d (from \"%s\")",
342	0	p, this_number, names);
343	0	number = 0;
344	0	goto end;
345	0	}
346	44.2k	}
347	23.3k	endp = p;
348
349		/* Now that we have checked, register all names */
350	67.5k	for (p = tmp; p < endp; p = q) {
351	44.2k	int this_number;
352
353	44.2k	q = p + strlen(p) + 1;
354
355	44.2k	this_number = namemap_add_name(namemap, number, p);
356	44.2k	if (number == 0) {
357	8.68k	number = this_number;
358	35.5k	} else if (this_number != number) {
359	0	ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR,
360	0	"Got number %d when expecting %d",
361	0	this_number, number);
362	0	number = 0;
363	0	goto end;
364	0	}
365	44.2k	}
366
367	23.3k	end:
368	23.3k	CRYPTO_THREAD_unlock(namemap->lock);
369	23.3k	OPENSSL_free(tmp);
370	23.3k	return number;
371	23.3k	}
372
373		/*-
374		* Pre-population
375		* ==============
376		*/
377
378		#ifndef FIPS_MODULE
379		#include <openssl/evp.h>
380
381		/* Creates an initial namemap with names found in the legacy method db */
382		static void get_legacy_evp_names(int base_nid, int nid, const char *pem_name,
383		void *arg)
384	25.5k	{
385	25.5k	int num = 0;
386	25.5k	ASN1_OBJECT *obj;
387
388	25.5k	if (base_nid != NID_undef) {
389	416	num = ossl_namemap_add_name(arg, num, OBJ_nid2sn(base_nid));
390	416	num = ossl_namemap_add_name(arg, num, OBJ_nid2ln(base_nid));
391	416	}
392
393	25.5k	if (nid != NID_undef) {
394	20.7k	num = ossl_namemap_add_name(arg, num, OBJ_nid2sn(nid));
395	20.7k	num = ossl_namemap_add_name(arg, num, OBJ_nid2ln(nid));
396	20.7k	if ((obj = OBJ_nid2obj(nid)) != NULL) {
397	20.7k	char txtoid[OSSL_MAX_NAME_SIZE];
398
399	20.7k	if (OBJ_obj2txt(txtoid, sizeof(txtoid), obj, 1) > 0)
400	20.6k	num = ossl_namemap_add_name(arg, num, txtoid);
401	20.7k	}
402	20.7k	}
403	25.5k	if (pem_name != NULL)
404	1.08k	num = ossl_namemap_add_name(arg, num, pem_name);
405	25.5k	}
406
407		static void get_legacy_cipher_names(const OBJ_NAME on, void arg)
408	18.0k	{
409	18.0k	const EVP_CIPHER cipher = (void )OBJ_NAME_get(on->name, on->type);
410
411	18.0k	if (cipher != NULL)
412	18.0k	get_legacy_evp_names(NID_undef, EVP_CIPHER_get_type(cipher), NULL, arg);
413	18.0k	}
414
415		static void get_legacy_md_names(const OBJ_NAME on, void arg)
416	5.84k	{
417	5.84k	const EVP_MD md = (void )OBJ_NAME_get(on->name, on->type);
418
419	5.84k	if (md != NULL)
420	5.84k	get_legacy_evp_names(0, EVP_MD_get_type(md), NULL, arg);
421	5.84k	}
422
423		static void get_legacy_pkey_meth_names(const EVP_PKEY_ASN1_METHOD *ameth,
424		void *arg)
425	1.50k	{
426	1.50k	int nid = 0, base_nid = 0, flags = 0;
427	1.50k	const char *pem_name = NULL;
428
429	1.50k	EVP_PKEY_asn1_get0_info(&nid, &base_nid, &flags, NULL, &pem_name, ameth);
430	1.50k	if (nid != NID_undef) {
431	1.50k	if ((flags & ASN1_PKEY_ALIAS) == 0) {
432	990	switch (nid) {
433	99	case EVP_PKEY_DHX:
434		/* We know that the name "DHX" is used too */
435	99	get_legacy_evp_names(0, nid, "DHX", arg);
436		/* FALLTHRU */
437	990	default:
438	990	get_legacy_evp_names(0, nid, pem_name, arg);
439	990	}
440	990	} else {
441		/*
442		* Treat aliases carefully, some of them are undesirable, or
443		* should not be treated as such for providers.
444		*/
445
446	515	switch (nid) {
447	99	case EVP_PKEY_SM2:
448		/*
449		* SM2 is a separate keytype with providers, not an alias for
450		* EC.
451		*/
452	99	get_legacy_evp_names(0, nid, pem_name, arg);
453	99	break;
454	416	default:
455		/* Use the short name of the base nid as the common reference */
456	416	get_legacy_evp_names(base_nid, nid, pem_name, arg);
457	515	}
458	515	}
459	1.50k	}
460	1.50k	}
461		#endif
462
463		/*-
464		* Constructors / destructors
465		* ==========================
466		*/
467
468		OSSL_NAMEMAP ossl_namemap_stored(OSSL_LIB_CTX libctx)
469	264M	{
470	264M	#ifndef FIPS_MODULE
471	264M	int nms;
472	264M	#endif
473	264M	OSSL_NAMEMAP *namemap = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_NAMEMAP_INDEX);
474
475	264M	if (namemap == NULL)
476	0	return NULL;
477
478	264M	#ifndef FIPS_MODULE
479	264M	nms = ossl_namemap_empty(namemap);
480	264M	if (nms < 0) {
481		/*
482		* Could not get lock to make the count, so maybe internal objects
483		* weren't added. This seems safest.
484		*/
485	0	return NULL;
486	0	}
487	264M	if (nms == 1) {
488	57	int i, end;
489
490		/* Before pilfering, we make sure the legacy database is populated */
491	57	OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
492	57	\| OPENSSL_INIT_ADD_ALL_DIGESTS,
493	57	NULL);
494
495	57	OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH,
496	57	get_legacy_cipher_names, namemap);
497	57	OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH,
498	57	get_legacy_md_names, namemap);
499
500		/* We also pilfer data from the legacy EVP_PKEY_ASN1_METHODs */
501	932	for (i = 0, end = EVP_PKEY_asn1_get_count(); i < end; i++)
502	875	get_legacy_pkey_meth_names(EVP_PKEY_asn1_get0(i), namemap);
503	57	}
504	264M	#endif
505
506	264M	return namemap;
507	264M	}
508
509		OSSL_NAMEMAP *ossl_namemap_new(void)
510	73	{
511	73	OSSL_NAMEMAP *namemap;
512
513	73	if ((namemap = OPENSSL_zalloc(sizeof(*namemap))) != NULL
514	73	&& (namemap->lock = CRYPTO_THREAD_lock_new()) != NULL
515	73	&& (namemap->namenum = lh_NAMENUM_ENTRY_new(namenum_hash, namenum_cmp)) != NULL)
516	73	return namemap;
517
518	0	ossl_namemap_free(namemap);
519	0	return NULL;
520	73	}
521
522		void ossl_namemap_free(OSSL_NAMEMAP *namemap)
523	203	{
524	203	if (namemap == NULL \|\| namemap->stored)
525	0	return;
526
527	203	lh_NAMENUM_ENTRY_doall(namemap->namenum, namenum_free);
528	203	lh_NAMENUM_ENTRY_free(namemap->namenum);
529
530	203	CRYPTO_THREAD_lock_free(namemap->lock);
531	203	OPENSSL_free(namemap);
532	203	}