VirtualBox

source: vbox/trunk/src/libs/openssl-3.4.1/crypto/context.c

Last change on this file was 109052, checked in by vboxsync, 3 weeks ago

openssl-3.4.1: Applied our changes, regenerated files, added missing files and functions. This time with a three way merge. ​bugref:10890
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 16.9 KB
Line 
1/*
2 * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include "crypto/cryptlib.h"
11#include <openssl/conf.h>
12#include "internal/thread_once.h"
13#include "internal/property.h"
14#include "internal/cryptlib.h"
15#include "internal/core.h"
16#include "internal/bio.h"
17#include "internal/provider.h"
18#include "crypto/decoder.h"
19#include "crypto/context.h"
20
21struct ossl_lib_ctx_st {
22 CRYPTO_RWLOCK *lock;
23 OSSL_EX_DATA_GLOBAL global;
24
25 void *property_string_data;
26 void *evp_method_store;
27 void *provider_store;
28 void *namemap;
29 void *property_defns;
30 void *global_properties;
31 void *drbg;
32 void *drbg_nonce;
33 CRYPTO_THREAD_LOCAL rcu_local_key;
34#ifndef FIPS_MODULE
35 void *provider_conf;
36 void *bio_core;
37 void *child_provider;
38 OSSL_METHOD_STORE *decoder_store;
39 void *decoder_cache;
40 OSSL_METHOD_STORE *encoder_store;
41 OSSL_METHOD_STORE *store_loader_store;
42 void *self_test_cb;
43 void *indicator_cb;
44#endif
45#if defined(OPENSSL_THREADS)
46 void *threads;
47#endif
48#ifdef FIPS_MODULE
49 void *thread_event_handler;
50 void *fips_prov;
51#endif
52 STACK_OF(SSL_COMP) *comp_methods;
53
54 int ischild;
55 int conf_diagnostics;
56};
57
58int ossl_lib_ctx_write_lock(OSSL_LIB_CTX *ctx)
59{
60 if ((ctx = ossl_lib_ctx_get_concrete(ctx)) == NULL)
61 return 0;
62 return CRYPTO_THREAD_write_lock(ctx->lock);
63}
64
65int ossl_lib_ctx_read_lock(OSSL_LIB_CTX *ctx)
66{
67 if ((ctx = ossl_lib_ctx_get_concrete(ctx)) == NULL)
68 return 0;
69 return CRYPTO_THREAD_read_lock(ctx->lock);
70}
71
72int ossl_lib_ctx_unlock(OSSL_LIB_CTX *ctx)
73{
74 if ((ctx = ossl_lib_ctx_get_concrete(ctx)) == NULL)
75 return 0;
76 return CRYPTO_THREAD_unlock(ctx->lock);
77}
78
79int ossl_lib_ctx_is_child(OSSL_LIB_CTX *ctx)
80{
81 ctx = ossl_lib_ctx_get_concrete(ctx);
82
83 if (ctx == NULL)
84 return 0;
85 return ctx->ischild;
86}
87
88static void context_deinit_objs(OSSL_LIB_CTX *ctx);
89
90static int context_init(OSSL_LIB_CTX *ctx)
91{
92 int exdata_done = 0;
93
94 if (!CRYPTO_THREAD_init_local(&ctx->rcu_local_key, NULL))
95 return 0;
96
97 ctx->lock = CRYPTO_THREAD_lock_new();
98 if (ctx->lock == NULL)
99 goto err;
100
101 /* Initialize ex_data. */
102 if (!ossl_do_ex_data_init(ctx))
103 goto err;
104 exdata_done = 1;
105
106 /* P2. We want evp_method_store to be cleaned up before the provider store */
107 ctx->evp_method_store = ossl_method_store_new(ctx);
108 if (ctx->evp_method_store == NULL)
109 goto err;
110
111#ifndef FIPS_MODULE
112 /* P2. Must be freed before the provider store is freed */
113 ctx->provider_conf = ossl_prov_conf_ctx_new(ctx);
114 if (ctx->provider_conf == NULL)
115 goto err;
116#endif
117
118 /* P2. */
119 ctx->drbg = ossl_rand_ctx_new(ctx);
120 if (ctx->drbg == NULL)
121 goto err;
122
123#ifndef FIPS_MODULE
124 /*
125 * P2. We want decoder_store/decoder_cache to be cleaned up before the
126 * provider store
127 */
128 ctx->decoder_store = ossl_method_store_new(ctx);
129 if (ctx->decoder_store == NULL)
130 goto err;
131 ctx->decoder_cache = ossl_decoder_cache_new(ctx);
132 if (ctx->decoder_cache == NULL)
133 goto err;
134
135 /* P2. We want encoder_store to be cleaned up before the provider store */
136 ctx->encoder_store = ossl_method_store_new(ctx);
137 if (ctx->encoder_store == NULL)
138 goto err;
139
140 /* P2. We want loader_store to be cleaned up before the provider store */
141 ctx->store_loader_store = ossl_method_store_new(ctx);
142 if (ctx->store_loader_store == NULL)
143 goto err;
144#endif
145
146 /* P1. Needs to be freed before the child provider data is freed */
147 ctx->provider_store = ossl_provider_store_new(ctx);
148 if (ctx->provider_store == NULL)
149 goto err;
150
151 /* Default priority. */
152 ctx->property_string_data = ossl_property_string_data_new(ctx);
153 if (ctx->property_string_data == NULL)
154 goto err;
155
156 ctx->namemap = ossl_stored_namemap_new(ctx);
157 if (ctx->namemap == NULL)
158 goto err;
159
160 ctx->property_defns = ossl_property_defns_new(ctx);
161 if (ctx->property_defns == NULL)
162 goto err;
163
164 ctx->global_properties = ossl_ctx_global_properties_new(ctx);
165 if (ctx->global_properties == NULL)
166 goto err;
167
168#ifndef FIPS_MODULE
169 ctx->bio_core = ossl_bio_core_globals_new(ctx);
170 if (ctx->bio_core == NULL)
171 goto err;
172#endif
173
174 ctx->drbg_nonce = ossl_prov_drbg_nonce_ctx_new(ctx);
175 if (ctx->drbg_nonce == NULL)
176 goto err;
177
178#ifndef FIPS_MODULE
179 ctx->self_test_cb = ossl_self_test_set_callback_new(ctx);
180 if (ctx->self_test_cb == NULL)
181 goto err;
182 ctx->indicator_cb = ossl_indicator_set_callback_new(ctx);
183 if (ctx->indicator_cb == NULL)
184 goto err;
185#endif
186
187#ifdef FIPS_MODULE
188 ctx->thread_event_handler = ossl_thread_event_ctx_new(ctx);
189 if (ctx->thread_event_handler == NULL)
190 goto err;
191
192 ctx->fips_prov = ossl_fips_prov_ossl_ctx_new(ctx);
193 if (ctx->fips_prov == NULL)
194 goto err;
195#endif
196
197#ifndef OPENSSL_NO_THREAD_POOL
198 ctx->threads = ossl_threads_ctx_new(ctx);
199 if (ctx->threads == NULL)
200 goto err;
201#endif
202
203 /* Low priority. */
204#ifndef FIPS_MODULE
205 ctx->child_provider = ossl_child_prov_ctx_new(ctx);
206 if (ctx->child_provider == NULL)
207 goto err;
208#endif
209
210 /* Everything depends on properties, so we also pre-initialise that */
211 if (!ossl_property_parse_init(ctx))
212 goto err;
213
214#ifndef FIPS_MODULE
215 ctx->comp_methods = ossl_load_builtin_compressions();
216#endif
217
218 return 1;
219
220 err:
221 context_deinit_objs(ctx);
222
223 if (exdata_done)
224 ossl_crypto_cleanup_all_ex_data_int(ctx);
225
226 CRYPTO_THREAD_lock_free(ctx->lock);
227 CRYPTO_THREAD_cleanup_local(&ctx->rcu_local_key);
228 memset(ctx, '\0', sizeof(*ctx));
229 return 0;
230}
231
232static void context_deinit_objs(OSSL_LIB_CTX *ctx)
233{
234 /* P2. We want evp_method_store to be cleaned up before the provider store */
235 if (ctx->evp_method_store != NULL) {
236 ossl_method_store_free(ctx->evp_method_store);
237 ctx->evp_method_store = NULL;
238 }
239
240 /* P2. */
241 if (ctx->drbg != NULL) {
242 ossl_rand_ctx_free(ctx->drbg);
243 ctx->drbg = NULL;
244 }
245
246#ifndef FIPS_MODULE
247 /* P2. */
248 if (ctx->provider_conf != NULL) {
249 ossl_prov_conf_ctx_free(ctx->provider_conf);
250 ctx->provider_conf = NULL;
251 }
252
253 /*
254 * P2. We want decoder_store/decoder_cache to be cleaned up before the
255 * provider store
256 */
257 if (ctx->decoder_store != NULL) {
258 ossl_method_store_free(ctx->decoder_store);
259 ctx->decoder_store = NULL;
260 }
261 if (ctx->decoder_cache != NULL) {
262 ossl_decoder_cache_free(ctx->decoder_cache);
263 ctx->decoder_cache = NULL;
264 }
265
266
267 /* P2. We want encoder_store to be cleaned up before the provider store */
268 if (ctx->encoder_store != NULL) {
269 ossl_method_store_free(ctx->encoder_store);
270 ctx->encoder_store = NULL;
271 }
272
273 /* P2. We want loader_store to be cleaned up before the provider store */
274 if (ctx->store_loader_store != NULL) {
275 ossl_method_store_free(ctx->store_loader_store);
276 ctx->store_loader_store = NULL;
277 }
278#endif
279
280 /* P1. Needs to be freed before the child provider data is freed */
281 if (ctx->provider_store != NULL) {
282 ossl_provider_store_free(ctx->provider_store);
283 ctx->provider_store = NULL;
284 }
285
286 /* Default priority. */
287 if (ctx->property_string_data != NULL) {
288 ossl_property_string_data_free(ctx->property_string_data);
289 ctx->property_string_data = NULL;
290 }
291
292 if (ctx->namemap != NULL) {
293 ossl_stored_namemap_free(ctx->namemap);
294 ctx->namemap = NULL;
295 }
296
297 if (ctx->property_defns != NULL) {
298 ossl_property_defns_free(ctx->property_defns);
299 ctx->property_defns = NULL;
300 }
301
302 if (ctx->global_properties != NULL) {
303 ossl_ctx_global_properties_free(ctx->global_properties);
304 ctx->global_properties = NULL;
305 }
306
307#ifndef FIPS_MODULE
308 if (ctx->bio_core != NULL) {
309 ossl_bio_core_globals_free(ctx->bio_core);
310 ctx->bio_core = NULL;
311 }
312#endif
313
314 if (ctx->drbg_nonce != NULL) {
315 ossl_prov_drbg_nonce_ctx_free(ctx->drbg_nonce);
316 ctx->drbg_nonce = NULL;
317 }
318
319#ifndef FIPS_MODULE
320 if (ctx->indicator_cb != NULL) {
321 ossl_indicator_set_callback_free(ctx->indicator_cb);
322 ctx->indicator_cb = NULL;
323 }
324
325 if (ctx->self_test_cb != NULL) {
326 ossl_self_test_set_callback_free(ctx->self_test_cb);
327 ctx->self_test_cb = NULL;
328 }
329#endif
330
331#ifdef FIPS_MODULE
332 if (ctx->thread_event_handler != NULL) {
333 ossl_thread_event_ctx_free(ctx->thread_event_handler);
334 ctx->thread_event_handler = NULL;
335 }
336
337 if (ctx->fips_prov != NULL) {
338 ossl_fips_prov_ossl_ctx_free(ctx->fips_prov);
339 ctx->fips_prov = NULL;
340 }
341#endif
342
343#ifndef OPENSSL_NO_THREAD_POOL
344 if (ctx->threads != NULL) {
345 ossl_threads_ctx_free(ctx->threads);
346 ctx->threads = NULL;
347 }
348#endif
349
350 /* Low priority. */
351#ifndef FIPS_MODULE
352 if (ctx->child_provider != NULL) {
353 ossl_child_prov_ctx_free(ctx->child_provider);
354 ctx->child_provider = NULL;
355 }
356#endif
357
358#ifndef FIPS_MODULE
359 if (ctx->comp_methods != NULL) {
360 ossl_free_compression_methods_int(ctx->comp_methods);
361 ctx->comp_methods = NULL;
362 }
363#endif
364
365}
366
367static int context_deinit(OSSL_LIB_CTX *ctx)
368{
369 if (ctx == NULL)
370 return 1;
371
372 ossl_ctx_thread_stop(ctx);
373
374 context_deinit_objs(ctx);
375
376 ossl_crypto_cleanup_all_ex_data_int(ctx);
377
378 CRYPTO_THREAD_lock_free(ctx->lock);
379 ctx->lock = NULL;
380 CRYPTO_THREAD_cleanup_local(&ctx->rcu_local_key);
381 return 1;
382}
383
384#ifndef FIPS_MODULE
385/* The default default context */
386static OSSL_LIB_CTX default_context_int;
387
388static CRYPTO_ONCE default_context_init = CRYPTO_ONCE_STATIC_INIT;
389static CRYPTO_THREAD_LOCAL default_context_thread_local;
390static int default_context_inited = 0;
391
392DEFINE_RUN_ONCE_STATIC(default_context_do_init)
393{
394 if (!CRYPTO_THREAD_init_local(&default_context_thread_local, NULL))
395 goto err;
396
397 if (!context_init(&default_context_int))
398 goto deinit_thread;
399
400 default_context_inited = 1;
401 return 1;
402
403deinit_thread:
404 CRYPTO_THREAD_cleanup_local(&default_context_thread_local);
405err:
406 return 0;
407}
408
409void ossl_lib_ctx_default_deinit(void)
410{
411 if (!default_context_inited)
412 return;
413 context_deinit(&default_context_int);
414 CRYPTO_THREAD_cleanup_local(&default_context_thread_local);
415 default_context_inited = 0;
416}
417
418static OSSL_LIB_CTX *get_thread_default_context(void)
419{
420 if (!RUN_ONCE(&default_context_init, default_context_do_init))
421 return NULL;
422
423 return CRYPTO_THREAD_get_local(&default_context_thread_local);
424}
425
426static OSSL_LIB_CTX *get_default_context(void)
427{
428 OSSL_LIB_CTX *current_defctx = get_thread_default_context();
429
430 if (current_defctx == NULL && default_context_inited)
431 current_defctx = &default_context_int;
432 return current_defctx;
433}
434
435static int set_default_context(OSSL_LIB_CTX *defctx)
436{
437 if (defctx == &default_context_int)
438 defctx = NULL;
439
440 return CRYPTO_THREAD_set_local(&default_context_thread_local, defctx);
441}
442#endif
443
444OSSL_LIB_CTX *OSSL_LIB_CTX_new(void)
445{
446 OSSL_LIB_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
447
448 if (ctx != NULL && !context_init(ctx)) {
449 OPENSSL_free(ctx);
450 ctx = NULL;
451 }
452 return ctx;
453}
454
455#ifndef FIPS_MODULE
456OSSL_LIB_CTX *OSSL_LIB_CTX_new_from_dispatch(const OSSL_CORE_HANDLE *handle,
457 const OSSL_DISPATCH *in)
458{
459 OSSL_LIB_CTX *ctx = OSSL_LIB_CTX_new();
460
461 if (ctx == NULL)
462 return NULL;
463
464 if (!ossl_bio_init_core(ctx, in)) {
465 OSSL_LIB_CTX_free(ctx);
466 return NULL;
467 }
468
469 return ctx;
470}
471
472OSSL_LIB_CTX *OSSL_LIB_CTX_new_child(const OSSL_CORE_HANDLE *handle,
473 const OSSL_DISPATCH *in)
474{
475 OSSL_LIB_CTX *ctx = OSSL_LIB_CTX_new_from_dispatch(handle, in);
476
477 if (ctx == NULL)
478 return NULL;
479
480 if (!ossl_provider_init_as_child(ctx, handle, in)) {
481 OSSL_LIB_CTX_free(ctx);
482 return NULL;
483 }
484 ctx->ischild = 1;
485
486 return ctx;
487}
488
489int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX *ctx, const char *config_file)
490{
491 return CONF_modules_load_file_ex(ctx, config_file, NULL, 0) > 0;
492}
493#endif
494
495void OSSL_LIB_CTX_free(OSSL_LIB_CTX *ctx)
496{
497 if (ctx == NULL || ossl_lib_ctx_is_default(ctx))
498 return;
499
500#ifndef FIPS_MODULE
501 if (ctx->ischild)
502 ossl_provider_deinit_child(ctx);
503#endif
504 context_deinit(ctx);
505 OPENSSL_free(ctx);
506}
507
508#ifndef FIPS_MODULE
509OSSL_LIB_CTX *OSSL_LIB_CTX_get0_global_default(void)
510{
511 if (!RUN_ONCE(&default_context_init, default_context_do_init))
512 return NULL;
513
514 return &default_context_int;
515}
516
517OSSL_LIB_CTX *OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX *libctx)
518{
519 OSSL_LIB_CTX *current_defctx;
520
521 if ((current_defctx = get_default_context()) != NULL) {
522 if (libctx != NULL)
523 set_default_context(libctx);
524 return current_defctx;
525 }
526
527 return NULL;
528}
529
530void ossl_release_default_drbg_ctx(void)
531{
532 /* early release of the DRBG in global default libctx */
533 if (default_context_int.drbg != NULL) {
534 ossl_rand_ctx_free(default_context_int.drbg);
535 default_context_int.drbg = NULL;
536 }
537}
538#endif
539
540OSSL_LIB_CTX *ossl_lib_ctx_get_concrete(OSSL_LIB_CTX *ctx)
541{
542#ifndef FIPS_MODULE
543 if (ctx == NULL)
544 return get_default_context();
545#endif
546 return ctx;
547}
548
549int ossl_lib_ctx_is_default(OSSL_LIB_CTX *ctx)
550{
551#ifndef FIPS_MODULE
552 if (ctx == NULL || ctx == get_default_context())
553 return 1;
554#endif
555 return 0;
556}
557
558int ossl_lib_ctx_is_global_default(OSSL_LIB_CTX *ctx)
559{
560#ifndef FIPS_MODULE
561 if (ossl_lib_ctx_get_concrete(ctx) == &default_context_int)
562 return 1;
563#endif
564 return 0;
565}
566
567void *ossl_lib_ctx_get_data(OSSL_LIB_CTX *ctx, int index)
568{
569 ctx = ossl_lib_ctx_get_concrete(ctx);
570 if (ctx == NULL)
571 return NULL;
572
573 switch (index) {
574 case OSSL_LIB_CTX_PROPERTY_STRING_INDEX:
575 return ctx->property_string_data;
576 case OSSL_LIB_CTX_EVP_METHOD_STORE_INDEX:
577 return ctx->evp_method_store;
578 case OSSL_LIB_CTX_PROVIDER_STORE_INDEX:
579 return ctx->provider_store;
580 case OSSL_LIB_CTX_NAMEMAP_INDEX:
581 return ctx->namemap;
582 case OSSL_LIB_CTX_PROPERTY_DEFN_INDEX:
583 return ctx->property_defns;
584 case OSSL_LIB_CTX_GLOBAL_PROPERTIES:
585 return ctx->global_properties;
586 case OSSL_LIB_CTX_DRBG_INDEX:
587 return ctx->drbg;
588 case OSSL_LIB_CTX_DRBG_NONCE_INDEX:
589 return ctx->drbg_nonce;
590#ifndef FIPS_MODULE
591 case OSSL_LIB_CTX_PROVIDER_CONF_INDEX:
592 return ctx->provider_conf;
593 case OSSL_LIB_CTX_BIO_CORE_INDEX:
594 return ctx->bio_core;
595 case OSSL_LIB_CTX_CHILD_PROVIDER_INDEX:
596 return ctx->child_provider;
597 case OSSL_LIB_CTX_DECODER_STORE_INDEX:
598 return ctx->decoder_store;
599 case OSSL_LIB_CTX_DECODER_CACHE_INDEX:
600 return ctx->decoder_cache;
601 case OSSL_LIB_CTX_ENCODER_STORE_INDEX:
602 return ctx->encoder_store;
603 case OSSL_LIB_CTX_STORE_LOADER_STORE_INDEX:
604 return ctx->store_loader_store;
605 case OSSL_LIB_CTX_SELF_TEST_CB_INDEX:
606 return ctx->self_test_cb;
607 case OSSL_LIB_CTX_INDICATOR_CB_INDEX:
608 return ctx->indicator_cb;
609#endif
610#ifndef OPENSSL_NO_THREAD_POOL
611 case OSSL_LIB_CTX_THREAD_INDEX:
612 return ctx->threads;
613#endif
614
615#ifdef FIPS_MODULE
616 case OSSL_LIB_CTX_THREAD_EVENT_HANDLER_INDEX:
617 return ctx->thread_event_handler;
618
619 case OSSL_LIB_CTX_FIPS_PROV_INDEX:
620 return ctx->fips_prov;
621#endif
622
623 case OSSL_LIB_CTX_COMP_METHODS:
624 return (void *)&ctx->comp_methods;
625
626 default:
627 return NULL;
628 }
629}
630
631void *OSSL_LIB_CTX_get_data(OSSL_LIB_CTX *ctx, int index)
632{
633 return ossl_lib_ctx_get_data(ctx, index);
634}
635
636OSSL_EX_DATA_GLOBAL *ossl_lib_ctx_get_ex_data_global(OSSL_LIB_CTX *ctx)
637{
638 ctx = ossl_lib_ctx_get_concrete(ctx);
639 if (ctx == NULL)
640 return NULL;
641 return &ctx->global;
642}
643
644const char *ossl_lib_ctx_get_descriptor(OSSL_LIB_CTX *libctx)
645{
646#ifdef FIPS_MODULE
647 return "FIPS internal library context";
648#else
649 if (ossl_lib_ctx_is_global_default(libctx))
650 return "Global default library context";
651 if (ossl_lib_ctx_is_default(libctx))
652 return "Thread-local default library context";
653 return "Non-default library context";
654#endif
655}
656
657CRYPTO_THREAD_LOCAL *ossl_lib_ctx_get_rcukey(OSSL_LIB_CTX *libctx)
658{
659 libctx = ossl_lib_ctx_get_concrete(libctx);
660 if (libctx == NULL)
661 return NULL;
662 return &libctx->rcu_local_key;
663}
664
665int OSSL_LIB_CTX_get_conf_diagnostics(OSSL_LIB_CTX *libctx)
666{
667 libctx = ossl_lib_ctx_get_concrete(libctx);
668 if (libctx == NULL)
669 return 0;
670 return libctx->conf_diagnostics;
671}
672
673void OSSL_LIB_CTX_set_conf_diagnostics(OSSL_LIB_CTX *libctx, int value)
674{
675 libctx = ossl_lib_ctx_get_concrete(libctx);
676 if (libctx == NULL)
677 return;
678 libctx->conf_diagnostics = value;
679}
Note: See TracBrowser for help on using the repository browser.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette