2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "e_os.h" /* strcasecmp */
11 #include "internal/namemap.h"
12 #include <openssl/lhash.h>
13 #include "crypto/lhash.h" /* openssl_lh_strcasehash */
14 #include "internal/tsan_assist.h"
25 DEFINE_LHASH_OF(NAMENUM_ENTRY);
32 struct ossl_namemap_st {
34 unsigned int stored:1; /* If 1, it's stored in a library context */
37 LHASH_OF(NAMENUM_ENTRY) *namenum; /* Name->number mapping */
40 TSAN_QUALIFIER int max_number; /* Current max number TSAN version */
42 int max_number; /* Current max number plain version */
48 static unsigned long namenum_hash(const NAMENUM_ENTRY *n)
50 return openssl_lh_strcasehash(n->name);
53 static int namenum_cmp(const NAMENUM_ENTRY *a, const NAMENUM_ENTRY *b)
55 return strcasecmp(a->name, b->name);
58 static void namenum_free(NAMENUM_ENTRY *n)
61 OPENSSL_free(n->name);
65 /* OPENSSL_CTX_METHOD functions for a namemap stored in a library context */
67 static void *stored_namemap_new(OPENSSL_CTX *libctx)
69 OSSL_NAMEMAP *namemap = ossl_namemap_new();
77 static void stored_namemap_free(void *vnamemap)
79 OSSL_NAMEMAP *namemap = vnamemap;
81 if (namemap != NULL) {
82 /* Pretend it isn't stored, or ossl_namemap_free() will do nothing */
84 ossl_namemap_free(namemap);
88 static const OPENSSL_CTX_METHOD stored_namemap_method = {
98 int ossl_namemap_empty(OSSL_NAMEMAP *namemap)
101 /* Have TSAN support */
102 return namemap == NULL || tsan_load(&namemap->max_number) == 0;
104 /* No TSAN support */
110 CRYPTO_THREAD_read_lock(namemap->lock);
111 rv = namemap->max_number == 0;
112 CRYPTO_THREAD_unlock(namemap->lock);
117 typedef struct doall_names_data_st {
119 void (*fn)(const char *name, void *data);
123 static void do_name(const NAMENUM_ENTRY *namenum, DOALL_NAMES_DATA *data)
125 if (namenum->number == data->number)
126 data->fn(namenum->name, data->data);
129 IMPLEMENT_LHASH_DOALL_ARG_CONST(NAMENUM_ENTRY, DOALL_NAMES_DATA);
131 void ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number,
132 void (*fn)(const char *name, void *data),
135 DOALL_NAMES_DATA cbdata;
137 cbdata.number = number;
140 CRYPTO_THREAD_read_lock(namemap->lock);
141 lh_NAMENUM_ENTRY_doall_DOALL_NAMES_DATA(namemap->namenum, do_name,
143 CRYPTO_THREAD_unlock(namemap->lock);
146 static int namemap_name2num_n(const OSSL_NAMEMAP *namemap,
147 const char *name, size_t name_len)
149 NAMENUM_ENTRY *namenum_entry, namenum_tmpl;
151 if ((namenum_tmpl.name = OPENSSL_strndup(name, name_len)) == NULL)
153 namenum_tmpl.number = 0;
155 lh_NAMENUM_ENTRY_retrieve(namemap->namenum, &namenum_tmpl);
156 OPENSSL_free(namenum_tmpl.name);
157 return namenum_entry != NULL ? namenum_entry->number : 0;
160 int ossl_namemap_name2num_n(const OSSL_NAMEMAP *namemap,
161 const char *name, size_t name_len)
167 namemap = ossl_namemap_stored(NULL);
173 CRYPTO_THREAD_read_lock(namemap->lock);
174 number = namemap_name2num_n(namemap, name, name_len);
175 CRYPTO_THREAD_unlock(namemap->lock);
180 int ossl_namemap_name2num(const OSSL_NAMEMAP *namemap, const char *name)
185 return ossl_namemap_name2num_n(namemap, name, strlen(name));
188 struct num2name_data_st {
189 size_t idx; /* Countdown */
190 const char *name; /* Result */
193 static void do_num2name(const char *name, void *vdata)
195 struct num2name_data_st *data = vdata;
199 else if (data->name == NULL)
203 const char *ossl_namemap_num2name(const OSSL_NAMEMAP *namemap, int number,
206 struct num2name_data_st data;
210 ossl_namemap_doall_names(namemap, number, do_num2name, &data);
214 static int namemap_add_name_n(OSSL_NAMEMAP *namemap, int number,
215 const char *name, size_t name_len)
217 NAMENUM_ENTRY *namenum = NULL;
220 /* If it already exists, we don't add it */
221 if ((tmp_number = namemap_name2num_n(namemap, name, name_len)) != 0)
224 if ((namenum = OPENSSL_zalloc(sizeof(*namenum))) == NULL
225 || (namenum->name = OPENSSL_strndup(name, name_len)) == NULL)
229 number != 0 ? number : 1 + tsan_counter(&namemap->max_number);
230 (void)lh_NAMENUM_ENTRY_insert(namemap->namenum, namenum);
232 if (lh_NAMENUM_ENTRY_error(namemap->namenum))
234 return namenum->number;
237 namenum_free(namenum);
241 int ossl_namemap_add_name_n(OSSL_NAMEMAP *namemap, int number,
242 const char *name, size_t name_len)
248 namemap = ossl_namemap_stored(NULL);
251 if (name == NULL || name_len == 0 || namemap == NULL)
254 CRYPTO_THREAD_write_lock(namemap->lock);
255 tmp_number = namemap_add_name_n(namemap, number, name, name_len);
256 CRYPTO_THREAD_unlock(namemap->lock);
260 int ossl_namemap_add_name(OSSL_NAMEMAP *namemap, int number, const char *name)
265 return ossl_namemap_add_name_n(namemap, number, name, strlen(name));
268 int ossl_namemap_add_names(OSSL_NAMEMAP *namemap, int number,
269 const char *names, const char separator)
274 /* Check that we have a namemap */
275 if (!ossl_assert(namemap != NULL)) {
276 ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
280 CRYPTO_THREAD_write_lock(namemap->lock);
282 * Check that no name is an empty string, and that all names have at
283 * most one numeric identity together.
285 for (p = names; *p != '\0'; p = (q == NULL ? p + l : q + 1)) {
288 if ((q = strchr(p, separator)) == NULL)
289 l = strlen(p); /* offset to \0 */
291 l = q - p; /* offset to the next separator */
293 this_number = namemap_name2num_n(namemap, p, l);
295 if (*p == '\0' || *p == separator) {
296 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_BAD_ALGORITHM_NAME);
300 number = this_number;
301 } else if (this_number != 0 && this_number != number) {
302 ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_CONFLICTING_NAMES,
303 "\"%.*s\" has an existing different identity %d (from \"%s\")",
304 l, p, this_number, names);
309 /* Now that we have checked, register all names */
310 for (p = names; *p != '\0'; p = (q == NULL ? p + l : q + 1)) {
313 if ((q = strchr(p, separator)) == NULL)
314 l = strlen(p); /* offset to \0 */
316 l = q - p; /* offset to the next separator */
318 this_number = namemap_add_name_n(namemap, number, p, l);
320 number = this_number;
321 } else if (this_number != number) {
322 ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR,
323 "Got number %d when expecting %d",
324 this_number, number);
329 CRYPTO_THREAD_unlock(namemap->lock);
333 CRYPTO_THREAD_unlock(namemap->lock);
343 #include <openssl/evp.h>
345 /* Creates an initial namemap with names found in the legacy method db */
346 static void get_legacy_evp_names(const char *main_name, const char *alias,
349 int main_id = ossl_namemap_add_name(arg, 0, main_name);
352 * We could check that the returned value is the same as main_id,
353 * but since this is a void function, there's no sane way to report
354 * the error. The best we can do is trust ourselve to keep the legacy
355 * method database conflict free.
357 * This registers any alias with the same number as the main name.
358 * Should it be that the current |on| *has* the main name, this is
362 (void)ossl_namemap_add_name(arg, main_id, alias);
366 static void get_legacy_cipher_names(const OBJ_NAME *on, void *arg)
368 const EVP_CIPHER *cipher = (void *)OBJ_NAME_get(on->name, on->type);
370 get_legacy_evp_names(EVP_CIPHER_name(cipher), on->name, arg);
373 static void get_legacy_md_names(const OBJ_NAME *on, void *arg)
375 const EVP_MD *md = (void *)OBJ_NAME_get(on->name, on->type);
376 /* We don't want the pkey_type names, so we need some extra care */
379 snid = OBJ_sn2nid(on->name);
380 lnid = OBJ_ln2nid(on->name);
381 if (snid != EVP_MD_pkey_type(md) && lnid != EVP_MD_pkey_type(md))
382 get_legacy_evp_names(EVP_MD_name(md), on->name, arg);
384 get_legacy_evp_names(EVP_MD_name(md), NULL, arg);
389 * Constructors / destructors
390 * ==========================
393 OSSL_NAMEMAP *ossl_namemap_stored(OPENSSL_CTX *libctx)
395 OSSL_NAMEMAP *namemap =
396 openssl_ctx_get_data(libctx, OPENSSL_CTX_NAMEMAP_INDEX,
397 &stored_namemap_method);
400 if (namemap != NULL && ossl_namemap_empty(namemap)) {
401 /* Before pilfering, we make sure the legacy database is populated */
402 OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
403 | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
405 OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH,
406 get_legacy_cipher_names, namemap);
407 OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH,
408 get_legacy_md_names, namemap);
415 OSSL_NAMEMAP *ossl_namemap_new(void)
417 OSSL_NAMEMAP *namemap;
419 if ((namemap = OPENSSL_zalloc(sizeof(*namemap))) != NULL
420 && (namemap->lock = CRYPTO_THREAD_lock_new()) != NULL
421 && (namemap->namenum =
422 lh_NAMENUM_ENTRY_new(namenum_hash, namenum_cmp)) != NULL)
425 ossl_namemap_free(namemap);
429 void ossl_namemap_free(OSSL_NAMEMAP *namemap)
431 if (namemap == NULL || namemap->stored)
434 lh_NAMENUM_ENTRY_doall(namemap->namenum, namenum_free);
435 lh_NAMENUM_ENTRY_free(namemap->namenum);
437 CRYPTO_THREAD_lock_free(namemap->lock);
438 OPENSSL_free(namemap);