Configure: disable new trace api by default
[openssl.git] / crypto / provider_core.c
1 /*
2  * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9
10 #include <openssl/core.h>
11 #include <openssl/core_numbers.h>
12 #include <openssl/opensslv.h>
13 #include "internal/cryptlib.h"
14 #include "internal/thread_once.h"
15 #include "internal/provider.h"
16 #include "internal/refcount.h"
17
18 /*-
19  * Provider Object structure
20  * =========================
21  */
22
23 struct provider_store_st;        /* Forward declaration */
24
25 struct ossl_provider_st {
26     /* Flag bits */
27     unsigned int flag_initialized:1;
28
29     /* OpenSSL library side data */
30     CRYPTO_REF_COUNT refcnt;
31 #ifndef HAVE_ATOMICS
32     CRYPTO_RWLOCK refcnt_lock;   /* For the ref counter */
33 #endif
34     char *name;
35     DSO *module;
36     OSSL_provider_init_fn *init_function;
37
38     /* Provider side functions */
39     OSSL_provider_teardown_fn *teardown;
40     OSSL_provider_get_param_types_fn *get_param_types;
41     OSSL_provider_get_params_fn *get_params;
42     OSSL_provider_query_operation_fn *query_operation;
43 };
44 DEFINE_STACK_OF(OSSL_PROVIDER)
45
46 static int ossl_provider_cmp(const OSSL_PROVIDER * const *a,
47                              const OSSL_PROVIDER * const *b)
48 {
49     return strcmp((*a)->name, (*b)->name);
50 }
51
52 /*-
53  * Provider Object store
54  * =====================
55  *
56  * The Provider Object store is a library context object, and therefore needs
57  * an index.
58  */
59
60 struct provider_store_st {
61     STACK_OF(OSSL_PROVIDER) *providers;
62     CRYPTO_RWLOCK *lock;
63 };
64 static int provider_store_index = -1;
65
66 static void provider_store_free(void *vstore)
67 {
68     struct provider_store_st *store = vstore;
69
70     if (store == NULL)
71         return;
72     sk_OSSL_PROVIDER_pop_free(store->providers, ossl_provider_free);
73     CRYPTO_THREAD_lock_free(store->lock);
74     OPENSSL_free(store);
75 }
76
77 static void *provider_store_new(void)
78 {
79     struct provider_store_st *store = OPENSSL_zalloc(sizeof(*store));
80
81     if (store == NULL
82         || (store->providers = sk_OSSL_PROVIDER_new(ossl_provider_cmp)) == NULL
83         || (store->lock = CRYPTO_THREAD_lock_new()) == NULL) {
84         provider_store_free(store);
85         store = NULL;
86     }
87     return store;
88 }
89
90 static const OPENSSL_CTX_METHOD provider_store_method = {
91     provider_store_new,
92     provider_store_free,
93 };
94
95 static CRYPTO_ONCE provider_store_init_flag = CRYPTO_ONCE_STATIC_INIT;
96 DEFINE_RUN_ONCE_STATIC(do_provider_store_init)
97 {
98     return OPENSSL_init_crypto(0, NULL)
99         && (provider_store_index =
100             openssl_ctx_new_index(&provider_store_method)) != -1;
101 }
102
103
104 static struct provider_store_st *get_provider_store(OPENSSL_CTX *libctx)
105 {
106     struct provider_store_st *store = NULL;
107
108     if (!RUN_ONCE(&provider_store_init_flag, do_provider_store_init))
109         return NULL;
110
111     store = openssl_ctx_get_data(libctx, provider_store_index);
112     if (store == NULL)
113         CRYPTOerr(CRYPTO_F_GET_PROVIDER_STORE, ERR_R_INTERNAL_ERROR);
114     return store;
115 }
116
117 /*-
118  * Provider Object methods
119  * =======================
120  */
121
122 int ossl_provider_upref(OSSL_PROVIDER *prov)
123 {
124     int ref = 0;
125
126 #ifndef HAVE_ATOMICS
127     CRYPTO_UP_REF(&prov->refcnt, &ref, prov->refcnt_lock);
128 #else
129     CRYPTO_UP_REF(&prov->refcnt, &ref, NULL);
130 #endif
131     return ref;
132 }
133
134 /* Finder, constructor and destructor */
135 OSSL_PROVIDER *ossl_provider_find(OPENSSL_CTX *libctx, const char *name)
136 {
137     struct provider_store_st *store = NULL;
138     OSSL_PROVIDER *prov = NULL;
139
140     if ((store = get_provider_store(libctx)) != NULL) {
141         OSSL_PROVIDER tmpl = { 0, };
142         int i;
143
144         tmpl.name = (char *)name;
145         CRYPTO_THREAD_write_lock(store->lock);
146         if ((i = sk_OSSL_PROVIDER_find(store->providers, &tmpl)) == -1
147             || (prov = sk_OSSL_PROVIDER_value(store->providers, i)) == NULL
148             || !ossl_provider_upref(prov))
149             prov = NULL;
150         CRYPTO_THREAD_unlock(store->lock);
151     }
152
153     return prov;
154 }
155
156 OSSL_PROVIDER *ossl_provider_new(OPENSSL_CTX *libctx, const char *name,
157                                  OSSL_provider_init_fn *init_function)
158 {
159     struct provider_store_st *store = NULL;
160     OSSL_PROVIDER *prov = NULL;
161
162     if ((store = get_provider_store(libctx)) == NULL)
163         return NULL;
164
165     if ((prov = ossl_provider_find(libctx, name)) != NULL) { /* refcount +1 */
166         ossl_provider_free(prov); /* refcount -1 */
167         CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_NEW,
168                   CRYPTO_R_PROVIDER_ALREADY_EXISTS);
169         ERR_add_error_data(2, "name=", name);
170         return NULL;
171     }
172
173     if ((prov = OPENSSL_zalloc(sizeof(*prov))) == NULL
174         || !ossl_provider_upref(prov) /* +1 One reference to be returned */
175         || (prov->name = OPENSSL_strdup(name)) == NULL) {
176         ossl_provider_free(prov);
177         CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_NEW, ERR_R_MALLOC_FAILURE);
178         return NULL;
179     }
180
181     prov->init_function = init_function;
182
183     CRYPTO_THREAD_write_lock(store->lock);
184     if (!ossl_provider_upref(prov)) { /* +1 One reference for the store */
185         ossl_provider_free(prov); /* -1 Reference that was to be returned */
186         prov = NULL;
187     } else if (sk_OSSL_PROVIDER_push(store->providers, prov) == 0) {
188         ossl_provider_free(prov); /* -1 Store reference */
189         ossl_provider_free(prov); /* -1 Reference that was to be returned */
190         prov = NULL;
191     }
192     CRYPTO_THREAD_unlock(store->lock);
193
194     if (prov == NULL)
195         CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_NEW, ERR_R_MALLOC_FAILURE);
196
197     /*
198      * At this point, the provider is only partially "loaded".  To be
199      * fully "loaded", ossl_provider_activate() must also be called.
200      */
201
202     return prov;
203 }
204
205 void ossl_provider_free(OSSL_PROVIDER *prov)
206 {
207     if (prov != NULL) {
208         int ref = 0;
209
210 #ifndef HAVE_ATOMICS
211         CRYPTO_DOWN_REF(&prov->refcnt, &ref, provider_lock);
212 #else
213         CRYPTO_DOWN_REF(&prov->refcnt, &ref, NULL);
214 #endif
215
216         /*
217          * When the refcount drops down to one, there is only one reference,
218          * the store.
219          * When that happens, the provider is inactivated.
220          */
221         if (ref == 1 && prov->flag_initialized) {
222             if (prov->teardown != NULL)
223                 prov->teardown();
224             prov->flag_initialized = 0;
225         }
226
227         /*
228          * When the refcount drops to zero, it has been taken out of
229          * the store.  All we have to do here is clean it out.
230          */
231         if (ref == 0) {
232             DSO_free(prov->module);
233             OPENSSL_free(prov->name);
234             OPENSSL_free(prov);
235         }
236     }
237 }
238
239 /*
240  * Provider activation.
241  *
242  * What "activation" means depends on the provider form; for built in
243  * providers (in the library or the application alike), the provider
244  * can already be considered to be loaded, all that's needed is to
245  * initialize it.  However, for dynamically loadable provider modules,
246  * we must first load that module.
247  *
248  * Built in modules are distinguished from dynamically loaded modules
249  * with an already assigned init function.
250  */
251 static const OSSL_DISPATCH *core_dispatch; /* Define further down */
252
253 int ossl_provider_activate(OSSL_PROVIDER *prov)
254 {
255     const OSSL_DISPATCH *provider_dispatch = NULL;
256
257     if (prov->flag_initialized)
258         return 1;
259
260     /*
261      * If the init function isn't set, it indicates that this provider is
262      * a loadable module.
263      */
264     if (prov->init_function == NULL) {
265         if (prov->module == NULL) {
266             char *platform_module_name = NULL;
267             char *module_path = NULL;
268             const char *load_dir = ossl_safe_getenv("OPENSSL_MODULES");
269
270             if ((prov->module = DSO_new()) == NULL) {
271                 /* DSO_new() generates an error already */
272                 return 0;
273             }
274
275             if (load_dir == NULL)
276                 load_dir = MODULESDIR;
277
278             DSO_ctrl(prov->module, DSO_CTRL_SET_FLAGS,
279                      DSO_FLAG_NAME_TRANSLATION_EXT_ONLY, NULL);
280             if ((platform_module_name =
281                  DSO_convert_filename(prov->module, prov->name)) == NULL
282                 || (module_path =
283                     DSO_merge(prov->module, platform_module_name,
284                               load_dir)) == NULL
285                 || DSO_load(prov->module, module_path, NULL,
286                             DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == NULL) {
287                 DSO_free(prov->module);
288                 prov->module = NULL;
289             }
290
291             OPENSSL_free(platform_module_name);
292             OPENSSL_free(module_path);
293         }
294
295         if (prov->module != NULL)
296             prov->init_function = (OSSL_provider_init_fn *)
297                 DSO_bind_func(prov->module, "OSSL_provider_init");
298     }
299
300     if (prov->init_function == NULL
301         || !prov->init_function(prov, core_dispatch, &provider_dispatch)) {
302         CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_ACTIVATE, ERR_R_INIT_FAIL);
303         ERR_add_error_data(2, "name=", prov->name);
304         DSO_free(prov->module);
305         prov->module = NULL;
306         return 0;
307     }
308
309     for (; provider_dispatch->function_id != 0; provider_dispatch++) {
310         switch (provider_dispatch->function_id) {
311         case OSSL_FUNC_PROVIDER_TEARDOWN:
312             prov->teardown =
313                 OSSL_get_provider_teardown(provider_dispatch);
314             break;
315         case OSSL_FUNC_PROVIDER_GET_PARAM_TYPES:
316             prov->get_param_types =
317                 OSSL_get_provider_get_param_types(provider_dispatch);
318             break;
319         case OSSL_FUNC_PROVIDER_GET_PARAMS:
320             prov->get_params =
321                 OSSL_get_provider_get_params(provider_dispatch);
322             break;
323         case OSSL_FUNC_PROVIDER_QUERY_OPERATION:
324             prov->query_operation =
325                 OSSL_get_provider_query_operation(provider_dispatch);
326             break;
327         }
328     }
329
330     /* With this flag set, this provider has become fully "loaded". */
331     prov->flag_initialized = 1;
332
333     return 1;
334 }
335
336 int ossl_provider_forall_loaded(OPENSSL_CTX *ctx,
337                                 int (*cb)(OSSL_PROVIDER *provider,
338                                           void *cbdata),
339                                 void *cbdata)
340 {
341     int ret = 1;
342     int i;
343     struct provider_store_st *store = get_provider_store(ctx);
344
345     if (store != NULL) {
346         CRYPTO_THREAD_read_lock(store->lock);
347         for (i = 0; i < sk_OSSL_PROVIDER_num(store->providers); i++) {
348             OSSL_PROVIDER *prov = sk_OSSL_PROVIDER_value(store->providers, i);
349
350             if (prov->flag_initialized
351                 && !(ret = cb(prov, cbdata)))
352                 break;
353         }
354         CRYPTO_THREAD_unlock(store->lock);
355     }
356
357     return ret;
358 }
359
360 /* Getters of Provider Object data */
361 const char *ossl_provider_name(OSSL_PROVIDER *prov)
362 {
363     return prov->name;
364 }
365
366 const DSO *ossl_provider_dso(OSSL_PROVIDER *prov)
367 {
368     return prov->module;
369 }
370
371 const char *ossl_provider_module_name(OSSL_PROVIDER *prov)
372 {
373     return DSO_get_filename(prov->module);
374 }
375
376 const char *ossl_provider_module_path(OSSL_PROVIDER *prov)
377 {
378     /* FIXME: Ensure it's a full path */
379     return DSO_get_filename(prov->module);
380 }
381
382 /* Wrappers around calls to the provider */
383 void ossl_provider_teardown(const OSSL_PROVIDER *prov)
384 {
385     if (prov->teardown != NULL)
386         prov->teardown();
387 }
388
389 const OSSL_ITEM *ossl_provider_get_param_types(const OSSL_PROVIDER *prov)
390 {
391     return prov->get_param_types == NULL ? NULL : prov->get_param_types(prov);
392 }
393
394 int ossl_provider_get_params(const OSSL_PROVIDER *prov,
395                              const OSSL_PARAM params[])
396 {
397     return prov->get_params == NULL ? 0 : prov->get_params(prov, params);
398 }
399
400
401 const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov,
402                                                     int operation_id,
403                                                     int *no_cache)
404 {
405     return prov->query_operation(prov, operation_id, no_cache);
406 }
407
408 /*-
409  * Core functions for the provider
410  * ===============================
411  *
412  * This is the set of functions that the core makes available to the provider
413  */
414
415 /*
416  * This returns a list of Provider Object parameters with their types, for
417  * discovery.  We do not expect that many providers will use this, but one
418  * never knows.
419  */
420 static const OSSL_ITEM param_types[] = {
421     { OSSL_PARAM_UTF8_PTR, "openssl-version" },
422     { OSSL_PARAM_UTF8_PTR, "provider-name" },
423     { 0, NULL }
424 };
425
426 static const OSSL_ITEM *core_get_param_types(const OSSL_PROVIDER *prov)
427 {
428     return param_types;
429 }
430
431 static int core_get_params(const OSSL_PROVIDER *prov, const OSSL_PARAM params[])
432 {
433     int i;
434
435     for (i = 0; params[i].key != NULL; i++) {
436         if (strcmp(params[i].key, "openssl-version") == 0) {
437             *(void **)params[i].data = OPENSSL_VERSION_STR;
438             if (params[i].return_size)
439                 *params[i].return_size = sizeof(OPENSSL_VERSION_STR);
440         } else if (strcmp(params[i].key, "provider-name") == 0) {
441             *(void **)params[i].data = prov->name;
442             if (params[i].return_size)
443                 *params[i].return_size = strlen(prov->name) + 1;
444         }
445     }
446
447     return 1;
448 }
449
450 static const OSSL_DISPATCH core_dispatch_[] = {
451     { OSSL_FUNC_CORE_GET_PARAM_TYPES, (void (*)(void))core_get_param_types },
452     { OSSL_FUNC_CORE_GET_PARAMS, (void (*)(void))core_get_params },
453     { 0, NULL }
454 };
455 static const OSSL_DISPATCH *core_dispatch = core_dispatch_;