1 /*
2 * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stddef.h>
11 #include <openssl/types.h>
12 #include <openssl/evp.h>
13 #include <openssl/core.h>
14 #include "internal/cryptlib.h"
15 #include "internal/thread_once.h"
16 #include "internal/property.h"
17 #include "internal/core.h"
18 #include "internal/provider.h"
19 #include "internal/namemap.h"
20 #include "crypto/decoder.h"
21 #include "crypto/evp.h" /* evp_local.h needs it */
22 #include "evp_local.h"
23
24 #define NAME_SEPARATOR ':'
25
26 /* Data to be passed through ossl_method_construct() */
27 struct evp_method_data_st {
28 OSSL_LIB_CTX *libctx;
29 int operation_id; /* For get_evp_method_from_store() */
30 int name_id; /* For get_evp_method_from_store() */
31 const char *names; /* For get_evp_method_from_store() */
32 const char *propquery; /* For get_evp_method_from_store() */
33
34 OSSL_METHOD_STORE *tmp_store; /* For get_tmp_evp_method_store() */
35
36 unsigned int flag_construct_error_occurred : 1;
37
38 void *(*method_from_algorithm)(int name_id, const OSSL_ALGORITHM *,
39 OSSL_PROVIDER *);
40 int (*refcnt_up_method)(void *method);
41 void (*destruct_method)(void *method);
42 };
43
44 /*
45 * Generic routines to fetch / create EVP methods with ossl_method_construct()
46 */
get_tmp_evp_method_store(void * data)47 static void *get_tmp_evp_method_store(void *data)
48 {
49 struct evp_method_data_st *methdata = data;
50
51 if (methdata->tmp_store == NULL) {
52 methdata->tmp_store = ossl_method_store_new(methdata->libctx);
53 OSSL_TRACE1(QUERY, "Allocating a new tmp_store %p\n", (void *)methdata->tmp_store);
54 } else {
55 OSSL_TRACE1(QUERY, "Using the existing tmp_store %p\n", (void *)methdata->tmp_store);
56 }
57 return methdata->tmp_store;
58 }
59
dealloc_tmp_evp_method_store(void * store)60 static void dealloc_tmp_evp_method_store(void *store)
61 {
62 OSSL_TRACE1(QUERY, "Deallocating the tmp_store %p\n", store);
63 if (store != NULL)
64 ossl_method_store_free(store);
65 }
66
get_evp_method_store(OSSL_LIB_CTX * libctx)67 static OSSL_METHOD_STORE *get_evp_method_store(OSSL_LIB_CTX *libctx)
68 {
69 return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_EVP_METHOD_STORE_INDEX);
70 }
71
reserve_evp_method_store(void * store,void * data)72 static int reserve_evp_method_store(void *store, void *data)
73 {
74 struct evp_method_data_st *methdata = data;
75
76 if (store == NULL
77 && (store = get_evp_method_store(methdata->libctx)) == NULL)
78 return 0;
79
80 return ossl_method_lock_store(store);
81 }
82
unreserve_evp_method_store(void * store,void * data)83 static int unreserve_evp_method_store(void *store, void *data)
84 {
85 struct evp_method_data_st *methdata = data;
86
87 if (store == NULL
88 && (store = get_evp_method_store(methdata->libctx)) == NULL)
89 return 0;
90
91 return ossl_method_unlock_store(store);
92 }
93
94 /*
95 * To identify the method in the EVP method store, we mix the name identity
96 * with the operation identity, under the assumption that we don't have more
97 * than 2^23 names or more than 2^8 operation types.
98 *
99 * The resulting identity is a 31-bit integer, composed like this:
100 *
101 * +---------23 bits--------+-8 bits-+
102 * | name identity | op id |
103 * +------------------------+--------+
104 *
105 * We limit this composite number to 31 bits, thus leaving the top uint32_t
106 * bit always zero, to avoid negative sign extension when downshifting after
107 * this number happens to be passed to an int (which happens as soon as it's
108 * passed to ossl_method_store_cache_set(), and it's in that form that it
109 * gets passed along to filter_on_operation_id(), defined further down.
110 */
111 #define METHOD_ID_OPERATION_MASK 0x000000FF
112 #define METHOD_ID_OPERATION_MAX ((1 << 8) - 1)
113 #define METHOD_ID_NAME_MASK 0x7FFFFF00
114 #define METHOD_ID_NAME_OFFSET 8
115 #define METHOD_ID_NAME_MAX ((1 << 23) - 1)
evp_method_id(int name_id,unsigned int operation_id)116 static uint32_t evp_method_id(int name_id, unsigned int operation_id)
117 {
118 if (!ossl_assert(name_id > 0 && name_id <= METHOD_ID_NAME_MAX)
119 || !ossl_assert(operation_id > 0
120 && operation_id <= METHOD_ID_OPERATION_MAX))
121 return 0;
122 return (((name_id << METHOD_ID_NAME_OFFSET) & METHOD_ID_NAME_MASK)
123 | (operation_id & METHOD_ID_OPERATION_MASK));
124 }
125
get_evp_method_from_store(void * store,const OSSL_PROVIDER ** prov,void * data)126 static void *get_evp_method_from_store(void *store, const OSSL_PROVIDER **prov,
127 void *data)
128 {
129 struct evp_method_data_st *methdata = data;
130 void *method = NULL;
131 int name_id;
132 uint32_t meth_id;
133
134 /*
135 * get_evp_method_from_store() is only called to try and get the method
136 * that evp_generic_fetch() is asking for, and the operation id as well
137 * as the name or name id are passed via methdata.
138 */
139 if ((name_id = methdata->name_id) == 0 && methdata->names != NULL) {
140 OSSL_NAMEMAP *namemap = ossl_namemap_stored(methdata->libctx);
141 const char *names = methdata->names;
142 const char *q = strchr(names, NAME_SEPARATOR);
143 size_t l = (q == NULL ? strlen(names) : (size_t)(q - names));
144
145 if (namemap == 0)
146 return NULL;
147 name_id = ossl_namemap_name2num_n(namemap, names, l);
148 }
149
150 if (name_id == 0
151 || (meth_id = evp_method_id(name_id, methdata->operation_id)) == 0)
152 return NULL;
153
154 if (store == NULL
155 && (store = get_evp_method_store(methdata->libctx)) == NULL)
156 return NULL;
157
158 if (!ossl_method_store_fetch(store, meth_id, methdata->propquery, prov,
159 &method))
160 return NULL;
161 return method;
162 }
163
put_evp_method_in_store(void * store,void * method,const OSSL_PROVIDER * prov,const char * names,const char * propdef,void * data)164 static int put_evp_method_in_store(void *store, void *method,
165 const OSSL_PROVIDER *prov,
166 const char *names, const char *propdef,
167 void *data)
168 {
169 struct evp_method_data_st *methdata = data;
170 OSSL_NAMEMAP *namemap;
171 int name_id;
172 uint32_t meth_id;
173 size_t l = 0;
174
175 /*
176 * put_evp_method_in_store() is only called with an EVP method that was
177 * successfully created by construct_method() below, which means that
178 * all the names should already be stored in the namemap with the same
179 * numeric identity, so just use the first to get that identity.
180 */
181 if (names != NULL) {
182 const char *q = strchr(names, NAME_SEPARATOR);
183
184 l = (q == NULL ? strlen(names) : (size_t)(q - names));
185 }
186
187 if ((namemap = ossl_namemap_stored(methdata->libctx)) == NULL
188 || (name_id = ossl_namemap_name2num_n(namemap, names, l)) == 0
189 || (meth_id = evp_method_id(name_id, methdata->operation_id)) == 0)
190 return 0;
191
192 OSSL_TRACE1(QUERY, "put_evp_method_in_store: original store: %p\n", store);
193 if (store == NULL
194 && (store = get_evp_method_store(methdata->libctx)) == NULL)
195 return 0;
196
197 OSSL_TRACE5(QUERY,
198 "put_evp_method_in_store: "
199 "store: %p, names: %s, operation_id %d, method_id: %d, properties: %s\n",
200 store, names, methdata->operation_id, meth_id, propdef ? propdef : "<null>");
201 return ossl_method_store_add(store, prov, meth_id, propdef, method,
202 methdata->refcnt_up_method,
203 methdata->destruct_method);
204 }
205
206 /*
207 * The core fetching functionality passes the name of the implementation.
208 * This function is responsible to getting an identity number for it.
209 */
construct_evp_method(const OSSL_ALGORITHM * algodef,OSSL_PROVIDER * prov,void * data)210 static void *construct_evp_method(const OSSL_ALGORITHM *algodef,
211 OSSL_PROVIDER *prov, void *data)
212 {
213 /*
214 * This function is only called if get_evp_method_from_store() returned
215 * NULL, so it's safe to say that of all the spots to create a new
216 * namemap entry, this is it. Should the name already exist there, we
217 * know that ossl_namemap_add_name() will return its corresponding
218 * number.
219 */
220 struct evp_method_data_st *methdata = data;
221 OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov);
222 OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
223 const char *names = algodef->algorithm_names;
224 int name_id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR);
225 void *method;
226
227 if (name_id == 0)
228 return NULL;
229
230 method = methdata->method_from_algorithm(name_id, algodef, prov);
231
232 /*
233 * Flag to indicate that there was actual construction errors. This
234 * helps inner_evp_generic_fetch() determine what error it should
235 * record on inaccessible algorithms.
236 */
237 if (method == NULL)
238 methdata->flag_construct_error_occurred = 1;
239
240 return method;
241 }
242
destruct_evp_method(void * method,void * data)243 static void destruct_evp_method(void *method, void *data)
244 {
245 struct evp_method_data_st *methdata = data;
246
247 methdata->destruct_method(method);
248 }
249
250 static void *
inner_evp_generic_fetch(struct evp_method_data_st * methdata,OSSL_PROVIDER * prov,int operation_id,const char * name,ossl_unused const char * properties,void * (* new_method)(int name_id,const OSSL_ALGORITHM * algodef,OSSL_PROVIDER * prov),int (* up_ref_method)(void *),void (* free_method)(void *))251 inner_evp_generic_fetch(struct evp_method_data_st *methdata,
252 OSSL_PROVIDER *prov, int operation_id,
253 const char *name, ossl_unused const char *properties,
254 void *(*new_method)(int name_id,
255 const OSSL_ALGORITHM *algodef,
256 OSSL_PROVIDER *prov),
257 int (*up_ref_method)(void *),
258 void (*free_method)(void *))
259 {
260 OSSL_METHOD_STORE *store = get_evp_method_store(methdata->libctx);
261 OSSL_NAMEMAP *namemap = ossl_namemap_stored(methdata->libctx);
262 #ifdef FIPS_MODULE
263 /*
264 * The FIPS provider has its own internal library context where only it
265 * is loaded. Consequently, property queries aren't relevant because
266 * there is only one fetchable algorithm and it is assumed that the
267 * FIPS-ness is handled by the using algorithm.
268 */
269 const char *const propq = "";
270 #else
271 const char *const propq = properties != NULL ? properties : "";
272 #endif /* FIPS_MODULE */
273 uint32_t meth_id = 0;
274 void *method = NULL;
275 int unsupported, name_id;
276
277 if (store == NULL || namemap == NULL) {
278 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_INVALID_ARGUMENT);
279 return NULL;
280 }
281
282 /*
283 * If there's ever an operation_id == 0 passed, we have an internal
284 * programming error.
285 */
286 if (!ossl_assert(operation_id > 0)) {
287 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
288 return NULL;
289 }
290
291 /* If we haven't received a name id yet, try to get one for the name */
292 name_id = name != NULL ? ossl_namemap_name2num(namemap, name) : 0;
293
294 /*
295 * If we have a name id, calculate a method id with evp_method_id().
296 *
297 * evp_method_id returns 0 if we have too many operations (more than
298 * about 2^8) or too many names (more than about 2^24). In that case,
299 * we can't create any new method.
300 * For all intents and purposes, this is an internal error.
301 */
302 if (name_id != 0 && (meth_id = evp_method_id(name_id, operation_id)) == 0) {
303 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
304 return NULL;
305 }
306
307 /*
308 * If we haven't found the name yet, chances are that the algorithm to
309 * be fetched is unsupported.
310 */
311 unsupported = name_id == 0;
312
313 if (meth_id == 0
314 || !ossl_method_store_cache_get(store, prov, meth_id, propq, &method)) {
315 OSSL_METHOD_CONSTRUCT_METHOD mcm = {
316 get_tmp_evp_method_store,
317 reserve_evp_method_store,
318 unreserve_evp_method_store,
319 get_evp_method_from_store,
320 put_evp_method_in_store,
321 construct_evp_method,
322 destruct_evp_method
323 };
324
325 methdata->operation_id = operation_id;
326 methdata->name_id = name_id;
327 methdata->names = name;
328 methdata->propquery = propq;
329 methdata->method_from_algorithm = new_method;
330 methdata->refcnt_up_method = up_ref_method;
331 methdata->destruct_method = free_method;
332 methdata->flag_construct_error_occurred = 0;
333 if ((method = ossl_method_construct(methdata->libctx, operation_id,
334 &prov, 0 /* !force_cache */,
335 &mcm, methdata))
336 != NULL) {
337 /*
338 * If construction did create a method for us, we know that
339 * there is a correct name_id and meth_id, since those have
340 * already been calculated in get_evp_method_from_store() and
341 * put_evp_method_in_store() above.
342 * Note that there is a corner case here, in which, if a user
343 * passes a name of the form name1:name2:..., then the construction
344 * will create a method against all names, but the lookup will fail
345 * as ossl_namemap_name2num treats the name string as a single name
346 * rather than introducing new features where in the EVP_<obj>_fetch
347 * parses the string and queries for each, return an error.
348 */
349 if (name_id == 0)
350 name_id = ossl_namemap_name2num(namemap, name);
351 if (name_id == 0) {
352 ERR_raise_data(ERR_LIB_EVP, ERR_R_FETCH_FAILED,
353 "Algorithm %s cannot be found", name);
354 free_method(method);
355 method = NULL;
356 } else {
357 meth_id = evp_method_id(name_id, operation_id);
358 if (meth_id != 0)
359 ossl_method_store_cache_set(store, prov, meth_id, propq,
360 method, up_ref_method, free_method);
361 }
362 }
363
364 /*
365 * If we never were in the constructor, the algorithm to be fetched
366 * is unsupported.
367 */
368 unsupported = !methdata->flag_construct_error_occurred;
369 }
370
371 if ((name_id != 0 || name != NULL) && method == NULL) {
372 int code = unsupported ? ERR_R_UNSUPPORTED : ERR_R_FETCH_FAILED;
373
374 if (name == NULL)
375 name = ossl_namemap_num2name(namemap, name_id, 0);
376 ERR_raise_data(ERR_LIB_EVP, code,
377 "%s, Algorithm (%s : %d), Properties (%s)",
378 ossl_lib_ctx_get_descriptor(methdata->libctx),
379 name == NULL ? "<null>" : name, name_id,
380 properties == NULL ? "<null>" : properties);
381 } else {
382 OSSL_TRACE4(QUERY, "%s, Algorithm (%s : %d), Properties (%s)\n",
383 ossl_lib_ctx_get_descriptor(methdata->libctx),
384 name == NULL ? "<null>" : name, name_id,
385 properties == NULL ? "<null>" : properties);
386 }
387
388 return method;
389 }
390
evp_generic_fetch(OSSL_LIB_CTX * libctx,int operation_id,const char * name,const char * properties,void * (* new_method)(int name_id,const OSSL_ALGORITHM * algodef,OSSL_PROVIDER * prov),int (* up_ref_method)(void *),void (* free_method)(void *))391 void *evp_generic_fetch(OSSL_LIB_CTX *libctx, int operation_id,
392 const char *name, const char *properties,
393 void *(*new_method)(int name_id,
394 const OSSL_ALGORITHM *algodef,
395 OSSL_PROVIDER *prov),
396 int (*up_ref_method)(void *),
397 void (*free_method)(void *))
398 {
399 struct evp_method_data_st methdata;
400 void *method;
401
402 methdata.libctx = libctx;
403 methdata.tmp_store = NULL;
404 method = inner_evp_generic_fetch(&methdata, NULL, operation_id,
405 name, properties,
406 new_method, up_ref_method, free_method);
407 dealloc_tmp_evp_method_store(methdata.tmp_store);
408 return method;
409 }
410
411 /*
412 * evp_generic_fetch_from_prov() is special, and only returns methods from
413 * the given provider.
414 * This is meant to be used when one method needs to fetch an associated
415 * method.
416 */
evp_generic_fetch_from_prov(OSSL_PROVIDER * prov,int operation_id,const char * name,const char * properties,void * (* new_method)(int name_id,const OSSL_ALGORITHM * algodef,OSSL_PROVIDER * prov),int (* up_ref_method)(void *),void (* free_method)(void *))417 void *evp_generic_fetch_from_prov(OSSL_PROVIDER *prov, int operation_id,
418 const char *name, const char *properties,
419 void *(*new_method)(int name_id,
420 const OSSL_ALGORITHM *algodef,
421 OSSL_PROVIDER *prov),
422 int (*up_ref_method)(void *),
423 void (*free_method)(void *))
424 {
425 struct evp_method_data_st methdata;
426 void *method;
427
428 methdata.libctx = ossl_provider_libctx(prov);
429 methdata.tmp_store = NULL;
430 method = inner_evp_generic_fetch(&methdata, prov, operation_id,
431 name, properties,
432 new_method, up_ref_method, free_method);
433 dealloc_tmp_evp_method_store(methdata.tmp_store);
434 return method;
435 }
436
evp_method_store_cache_flush(OSSL_LIB_CTX * libctx)437 int evp_method_store_cache_flush(OSSL_LIB_CTX *libctx)
438 {
439 OSSL_METHOD_STORE *store = get_evp_method_store(libctx);
440
441 if (store != NULL)
442 return ossl_method_store_cache_flush_all(store);
443 return 1;
444 }
445
evp_method_store_remove_all_provided(const OSSL_PROVIDER * prov)446 int evp_method_store_remove_all_provided(const OSSL_PROVIDER *prov)
447 {
448 OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov);
449 OSSL_METHOD_STORE *store = get_evp_method_store(libctx);
450
451 if (store != NULL)
452 return ossl_method_store_remove_all_provided(store, prov);
453 return 1;
454 }
455
evp_set_parsed_default_properties(OSSL_LIB_CTX * libctx,OSSL_PROPERTY_LIST * def_prop,int loadconfig,int mirrored)456 static int evp_set_parsed_default_properties(OSSL_LIB_CTX *libctx,
457 OSSL_PROPERTY_LIST *def_prop,
458 int loadconfig,
459 int mirrored)
460 {
461 OSSL_METHOD_STORE *store = get_evp_method_store(libctx);
462 OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, loadconfig);
463
464 if (plp != NULL && store != NULL) {
465 int ret;
466 #ifndef FIPS_MODULE
467 char *propstr = NULL;
468 size_t strsz;
469
470 if (mirrored) {
471 if (ossl_global_properties_no_mirrored(libctx))
472 return 0;
473 } else {
474 /*
475 * These properties have been explicitly set on this libctx, so
476 * don't allow any mirroring from a parent libctx.
477 */
478 ossl_global_properties_stop_mirroring(libctx);
479 }
480
481 strsz = ossl_property_list_to_string(libctx, def_prop, NULL, 0);
482 if (strsz > 0)
483 propstr = OPENSSL_malloc(strsz);
484 if (propstr == NULL) {
485 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
486 return 0;
487 }
488 if (ossl_property_list_to_string(libctx, def_prop, propstr,
489 strsz)
490 == 0) {
491 OPENSSL_free(propstr);
492 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
493 return 0;
494 }
495 ossl_provider_default_props_update(libctx, propstr);
496 OPENSSL_free(propstr);
497 #endif
498 ossl_property_free(*plp);
499 *plp = def_prop;
500
501 ret = ossl_method_store_cache_flush_all(store);
502 #ifndef FIPS_MODULE
503 ossl_decoder_cache_flush(libctx);
504 #endif
505 return ret;
506 }
507 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
508 return 0;
509 }
510
evp_set_default_properties_int(OSSL_LIB_CTX * libctx,const char * propq,int loadconfig,int mirrored)511 int evp_set_default_properties_int(OSSL_LIB_CTX *libctx, const char *propq,
512 int loadconfig, int mirrored)
513 {
514 OSSL_PROPERTY_LIST *pl = NULL;
515
516 if (propq != NULL && (pl = ossl_parse_query(libctx, propq, 1)) == NULL) {
517 ERR_raise(ERR_LIB_EVP, EVP_R_DEFAULT_QUERY_PARSE_ERROR);
518 return 0;
519 }
520 if (!evp_set_parsed_default_properties(libctx, pl, loadconfig, mirrored)) {
521 ossl_property_free(pl);
522 return 0;
523 }
524 return 1;
525 }
526
EVP_set_default_properties(OSSL_LIB_CTX * libctx,const char * propq)527 int EVP_set_default_properties(OSSL_LIB_CTX *libctx, const char *propq)
528 {
529 return evp_set_default_properties_int(libctx, propq, 1, 0);
530 }
531
evp_default_properties_merge(OSSL_LIB_CTX * libctx,const char * propq,int loadconfig)532 static int evp_default_properties_merge(OSSL_LIB_CTX *libctx, const char *propq,
533 int loadconfig)
534 {
535 OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, loadconfig);
536 OSSL_PROPERTY_LIST *pl1, *pl2;
537
538 if (propq == NULL)
539 return 1;
540 if (plp == NULL || *plp == NULL)
541 return evp_set_default_properties_int(libctx, propq, 0, 0);
542 if ((pl1 = ossl_parse_query(libctx, propq, 1)) == NULL) {
543 ERR_raise(ERR_LIB_EVP, EVP_R_DEFAULT_QUERY_PARSE_ERROR);
544 return 0;
545 }
546 pl2 = ossl_property_merge(pl1, *plp);
547 ossl_property_free(pl1);
548 if (pl2 == NULL) {
549 ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB);
550 return 0;
551 }
552 if (!evp_set_parsed_default_properties(libctx, pl2, 0, 0)) {
553 ossl_property_free(pl2);
554 return 0;
555 }
556 return 1;
557 }
558
evp_default_property_is_enabled(OSSL_LIB_CTX * libctx,const char * prop_name)559 static int evp_default_property_is_enabled(OSSL_LIB_CTX *libctx,
560 const char *prop_name)
561 {
562 OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, 1);
563
564 return plp != NULL && ossl_property_is_enabled(libctx, prop_name, *plp);
565 }
566
EVP_default_properties_is_fips_enabled(OSSL_LIB_CTX * libctx)567 int EVP_default_properties_is_fips_enabled(OSSL_LIB_CTX *libctx)
568 {
569 return evp_default_property_is_enabled(libctx, "fips");
570 }
571
evp_default_properties_enable_fips_int(OSSL_LIB_CTX * libctx,int enable,int loadconfig)572 int evp_default_properties_enable_fips_int(OSSL_LIB_CTX *libctx, int enable,
573 int loadconfig)
574 {
575 const char *query = (enable != 0) ? "fips=yes" : "-fips";
576
577 return evp_default_properties_merge(libctx, query, loadconfig);
578 }
579
EVP_default_properties_enable_fips(OSSL_LIB_CTX * libctx,int enable)580 int EVP_default_properties_enable_fips(OSSL_LIB_CTX *libctx, int enable)
581 {
582 return evp_default_properties_enable_fips_int(libctx, enable, 1);
583 }
584
evp_get_global_properties_str(OSSL_LIB_CTX * libctx,int loadconfig)585 char *evp_get_global_properties_str(OSSL_LIB_CTX *libctx, int loadconfig)
586 {
587 OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, loadconfig);
588 char *propstr = NULL;
589 size_t sz;
590
591 if (plp == NULL)
592 return OPENSSL_strdup("");
593
594 sz = ossl_property_list_to_string(libctx, *plp, NULL, 0);
595 if (sz == 0) {
596 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
597 return NULL;
598 }
599
600 propstr = OPENSSL_malloc(sz);
601 if (propstr == NULL)
602 return NULL;
603 if (ossl_property_list_to_string(libctx, *plp, propstr, sz) == 0) {
604 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
605 OPENSSL_free(propstr);
606 return NULL;
607 }
608 return propstr;
609 }
610
EVP_get1_default_properties(OSSL_LIB_CTX * libctx)611 char *EVP_get1_default_properties(OSSL_LIB_CTX *libctx)
612 {
613 return evp_get_global_properties_str(libctx, ossl_lib_ctx_is_global_default(libctx));
614 }
615
616 struct filter_data_st {
617 int operation_id;
618 void (*user_fn)(void *method, void *arg);
619 void *user_arg;
620 };
621
filter_on_operation_id(int id,void * method,void * arg)622 static void filter_on_operation_id(int id, void *method, void *arg)
623 {
624 struct filter_data_st *data = arg;
625
626 if ((id & METHOD_ID_OPERATION_MASK) == data->operation_id)
627 data->user_fn(method, data->user_arg);
628 }
629
evp_generic_do_all(OSSL_LIB_CTX * libctx,int operation_id,void (* user_fn)(void * method,void * arg),void * user_arg,void * (* new_method)(int name_id,const OSSL_ALGORITHM * algodef,OSSL_PROVIDER * prov),int (* up_ref_method)(void *),void (* free_method)(void *))630 void evp_generic_do_all(OSSL_LIB_CTX *libctx, int operation_id,
631 void (*user_fn)(void *method, void *arg),
632 void *user_arg,
633 void *(*new_method)(int name_id,
634 const OSSL_ALGORITHM *algodef,
635 OSSL_PROVIDER *prov),
636 int (*up_ref_method)(void *),
637 void (*free_method)(void *))
638 {
639 struct evp_method_data_st methdata;
640 struct filter_data_st data;
641
642 methdata.libctx = libctx;
643 methdata.tmp_store = NULL;
644 (void)inner_evp_generic_fetch(&methdata, NULL, operation_id, NULL, NULL,
645 new_method, up_ref_method, free_method);
646
647 data.operation_id = operation_id;
648 data.user_fn = user_fn;
649 data.user_arg = user_arg;
650 if (methdata.tmp_store != NULL)
651 ossl_method_store_do_all(methdata.tmp_store, &filter_on_operation_id,
652 &data);
653 ossl_method_store_do_all(get_evp_method_store(libctx),
654 &filter_on_operation_id, &data);
655 dealloc_tmp_evp_method_store(methdata.tmp_store);
656 }
657
evp_is_a(OSSL_PROVIDER * prov,int number,const char * legacy_name,const char * name)658 int evp_is_a(OSSL_PROVIDER *prov, int number,
659 const char *legacy_name, const char *name)
660 {
661 /*
662 * For a |prov| that is NULL, the library context will be NULL
663 */
664 OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov);
665 OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
666
667 if (prov == NULL)
668 number = ossl_namemap_name2num(namemap, legacy_name);
669 return ossl_namemap_name2num(namemap, name) == number;
670 }
671
evp_names_do_all(OSSL_PROVIDER * prov,int number,void (* fn)(const char * name,void * data),void * data)672 int evp_names_do_all(OSSL_PROVIDER *prov, int number,
673 void (*fn)(const char *name, void *data),
674 void *data)
675 {
676 OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov);
677 OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
678
679 return ossl_namemap_doall_names(namemap, number, fn, data);
680 }
681