1 | /* |
2 | * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. |
3 | * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. |
4 | * |
5 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
6 | * this file except in compliance with the License. You can obtain a copy |
7 | * in the file LICENSE in the source distribution or at |
8 | * https://www.openssl.org/source/license.html |
9 | */ |
10 | |
11 | #include <string.h> |
12 | #include <stdio.h> |
13 | #include <stdarg.h> |
14 | #include <openssl/crypto.h> |
15 | #include "internal/property.h" |
16 | #include "crypto/ctype.h" |
17 | #include <openssl/lhash.h> |
18 | #include <openssl/rand.h> |
19 | #include "internal/thread_once.h" |
20 | #include "crypto/lhash.h" |
21 | #include "crypto/sparse_array.h" |
22 | #include "property_local.h" |
23 | |
24 | /* |
25 | * The number of elements in the query cache before we initiate a flush. |
26 | * If reducing this, also ensure the stochastic test in test/property_test.c |
27 | * isn't likely to fail. |
28 | */ |
29 | #define IMPL_CACHE_FLUSH_THRESHOLD 500 |
30 | |
31 | typedef struct { |
32 | void *method; |
33 | int (*up_ref)(void *); |
34 | void (*free)(void *); |
35 | } METHOD; |
36 | |
37 | typedef struct { |
38 | const OSSL_PROVIDER *provider; |
39 | OSSL_PROPERTY_LIST *properties; |
40 | METHOD method; |
41 | } IMPLEMENTATION; |
42 | |
43 | DEFINE_STACK_OF(IMPLEMENTATION) |
44 | |
45 | typedef struct { |
46 | const char *query; |
47 | METHOD method; |
48 | char body[1]; |
49 | } QUERY; |
50 | |
51 | DEFINE_LHASH_OF(QUERY); |
52 | |
53 | typedef struct { |
54 | int nid; |
55 | STACK_OF(IMPLEMENTATION) *impls; |
56 | LHASH_OF(QUERY) *cache; |
57 | } ALGORITHM; |
58 | |
59 | struct ossl_method_store_st { |
60 | OPENSSL_CTX *ctx; |
61 | size_t nelem; |
62 | SPARSE_ARRAY_OF(ALGORITHM) *algs; |
63 | OSSL_PROPERTY_LIST *global_properties; |
64 | int need_flush; |
65 | CRYPTO_RWLOCK *lock; |
66 | }; |
67 | |
68 | typedef struct { |
69 | LHASH_OF(QUERY) *cache; |
70 | size_t nelem; |
71 | uint32_t seed; |
72 | } IMPL_CACHE_FLUSH; |
73 | |
74 | DEFINE_SPARSE_ARRAY_OF(ALGORITHM); |
75 | |
76 | static void ossl_method_cache_flush(OSSL_METHOD_STORE *store, int nid); |
77 | static void ossl_method_cache_flush_all(OSSL_METHOD_STORE *c); |
78 | |
79 | static int ossl_method_up_ref(METHOD *method) |
80 | { |
81 | return (*method->up_ref)(method->method); |
82 | } |
83 | |
84 | static void ossl_method_free(METHOD *method) |
85 | { |
86 | (*method->free)(method->method); |
87 | } |
88 | |
89 | int ossl_property_read_lock(OSSL_METHOD_STORE *p) |
90 | { |
91 | return p != NULL ? CRYPTO_THREAD_read_lock(p->lock) : 0; |
92 | } |
93 | |
94 | int ossl_property_write_lock(OSSL_METHOD_STORE *p) |
95 | { |
96 | return p != NULL ? CRYPTO_THREAD_write_lock(p->lock) : 0; |
97 | } |
98 | |
99 | int ossl_property_unlock(OSSL_METHOD_STORE *p) |
100 | { |
101 | return p != 0 ? CRYPTO_THREAD_unlock(p->lock) : 0; |
102 | } |
103 | |
104 | static unsigned long query_hash(const QUERY *a) |
105 | { |
106 | return OPENSSL_LH_strhash(a->query); |
107 | } |
108 | |
109 | static int query_cmp(const QUERY *a, const QUERY *b) |
110 | { |
111 | return strcmp(a->query, b->query); |
112 | } |
113 | |
114 | static void impl_free(IMPLEMENTATION *impl) |
115 | { |
116 | if (impl != NULL) { |
117 | ossl_method_free(&impl->method); |
118 | OPENSSL_free(impl); |
119 | } |
120 | } |
121 | |
122 | static void impl_cache_free(QUERY *elem) |
123 | { |
124 | if (elem != NULL) { |
125 | ossl_method_free(&elem->method); |
126 | OPENSSL_free(elem); |
127 | } |
128 | } |
129 | |
130 | static void alg_cleanup(ossl_uintmax_t idx, ALGORITHM *a) |
131 | { |
132 | if (a != NULL) { |
133 | sk_IMPLEMENTATION_pop_free(a->impls, &impl_free); |
134 | lh_QUERY_doall(a->cache, &impl_cache_free); |
135 | lh_QUERY_free(a->cache); |
136 | OPENSSL_free(a); |
137 | } |
138 | } |
139 | |
140 | /* |
141 | * The OPENSSL_CTX param here allows access to underlying property data needed |
142 | * for computation |
143 | */ |
144 | OSSL_METHOD_STORE *ossl_method_store_new(OPENSSL_CTX *ctx) |
145 | { |
146 | OSSL_METHOD_STORE *res; |
147 | |
148 | res = OPENSSL_zalloc(sizeof(*res)); |
149 | if (res != NULL) { |
150 | res->ctx = ctx; |
151 | if ((res->algs = ossl_sa_ALGORITHM_new()) == NULL) { |
152 | OPENSSL_free(res); |
153 | return NULL; |
154 | } |
155 | if ((res->lock = CRYPTO_THREAD_lock_new()) == NULL) { |
156 | ossl_sa_ALGORITHM_free(res->algs); |
157 | OPENSSL_free(res); |
158 | return NULL; |
159 | } |
160 | } |
161 | return res; |
162 | } |
163 | |
164 | void ossl_method_store_free(OSSL_METHOD_STORE *store) |
165 | { |
166 | if (store != NULL) { |
167 | ossl_sa_ALGORITHM_doall(store->algs, &alg_cleanup); |
168 | ossl_sa_ALGORITHM_free(store->algs); |
169 | ossl_property_free(store->global_properties); |
170 | CRYPTO_THREAD_lock_free(store->lock); |
171 | OPENSSL_free(store); |
172 | } |
173 | } |
174 | |
175 | static ALGORITHM *ossl_method_store_retrieve(OSSL_METHOD_STORE *store, int nid) |
176 | { |
177 | return ossl_sa_ALGORITHM_get(store->algs, nid); |
178 | } |
179 | |
180 | static int ossl_method_store_insert(OSSL_METHOD_STORE *store, ALGORITHM *alg) |
181 | { |
182 | return ossl_sa_ALGORITHM_set(store->algs, alg->nid, alg); |
183 | } |
184 | |
185 | int ossl_method_store_add(OSSL_METHOD_STORE *store, const OSSL_PROVIDER *prov, |
186 | int nid, const char *properties, void *method, |
187 | int (*method_up_ref)(void *), |
188 | void (*method_destruct)(void *)) |
189 | { |
190 | ALGORITHM *alg = NULL; |
191 | IMPLEMENTATION *impl; |
192 | int ret = 0; |
193 | int i; |
194 | |
195 | if (nid <= 0 || method == NULL || store == NULL) |
196 | return 0; |
197 | if (properties == NULL) |
198 | properties = "" ; |
199 | |
200 | /* Create new entry */ |
201 | impl = OPENSSL_malloc(sizeof(*impl)); |
202 | if (impl == NULL) |
203 | return 0; |
204 | impl->method.method = method; |
205 | impl->method.up_ref = method_up_ref; |
206 | impl->method.free = method_destruct; |
207 | if (!ossl_method_up_ref(&impl->method)) { |
208 | OPENSSL_free(impl); |
209 | return 0; |
210 | } |
211 | impl->provider = prov; |
212 | |
213 | /* |
214 | * Insert into the hash table if required. |
215 | * |
216 | * A write lock is used unconditionally because we wend our way down to the |
217 | * property string code which isn't locking friendly. |
218 | */ |
219 | ossl_property_write_lock(store); |
220 | ossl_method_cache_flush(store, nid); |
221 | if ((impl->properties = ossl_prop_defn_get(store->ctx, properties)) == NULL) { |
222 | impl->properties = ossl_parse_property(store->ctx, properties); |
223 | if (impl->properties == NULL) |
224 | goto err; |
225 | ossl_prop_defn_set(store->ctx, properties, impl->properties); |
226 | } |
227 | |
228 | alg = ossl_method_store_retrieve(store, nid); |
229 | if (alg == NULL) { |
230 | if ((alg = OPENSSL_zalloc(sizeof(*alg))) == NULL |
231 | || (alg->impls = sk_IMPLEMENTATION_new_null()) == NULL |
232 | || (alg->cache = lh_QUERY_new(&query_hash, &query_cmp)) == NULL) |
233 | goto err; |
234 | alg->nid = nid; |
235 | if (!ossl_method_store_insert(store, alg)) |
236 | goto err; |
237 | } |
238 | |
239 | /* Push onto stack if there isn't one there already */ |
240 | for (i = 0; i < sk_IMPLEMENTATION_num(alg->impls); i++) { |
241 | const IMPLEMENTATION *tmpimpl = sk_IMPLEMENTATION_value(alg->impls, i); |
242 | |
243 | if (tmpimpl->provider == impl->provider |
244 | && tmpimpl->properties == impl->properties) |
245 | break; |
246 | } |
247 | if (i == sk_IMPLEMENTATION_num(alg->impls) |
248 | && sk_IMPLEMENTATION_push(alg->impls, impl)) |
249 | ret = 1; |
250 | ossl_property_unlock(store); |
251 | if (ret == 0) |
252 | impl_free(impl); |
253 | return ret; |
254 | |
255 | err: |
256 | ossl_property_unlock(store); |
257 | alg_cleanup(0, alg); |
258 | impl_free(impl); |
259 | return 0; |
260 | } |
261 | |
262 | int ossl_method_store_remove(OSSL_METHOD_STORE *store, int nid, |
263 | const void *method) |
264 | { |
265 | ALGORITHM *alg = NULL; |
266 | int i; |
267 | |
268 | if (nid <= 0 || method == NULL || store == NULL) |
269 | return 0; |
270 | |
271 | ossl_property_write_lock(store); |
272 | ossl_method_cache_flush(store, nid); |
273 | alg = ossl_method_store_retrieve(store, nid); |
274 | if (alg == NULL) { |
275 | ossl_property_unlock(store); |
276 | return 0; |
277 | } |
278 | |
279 | /* |
280 | * A sorting find then a delete could be faster but these stacks should be |
281 | * relatively small, so we avoid the overhead. Sorting could also surprise |
282 | * users when result orderings change (even though they are not guaranteed). |
283 | */ |
284 | for (i = 0; i < sk_IMPLEMENTATION_num(alg->impls); i++) { |
285 | IMPLEMENTATION *impl = sk_IMPLEMENTATION_value(alg->impls, i); |
286 | |
287 | if (impl->method.method == method) { |
288 | impl_free(impl); |
289 | sk_IMPLEMENTATION_delete(alg->impls, i); |
290 | ossl_property_unlock(store); |
291 | return 1; |
292 | } |
293 | } |
294 | ossl_property_unlock(store); |
295 | return 0; |
296 | } |
297 | |
298 | int ossl_method_store_fetch(OSSL_METHOD_STORE *store, int nid, |
299 | const char *prop_query, void **method) |
300 | { |
301 | ALGORITHM *alg; |
302 | IMPLEMENTATION *impl; |
303 | OSSL_PROPERTY_LIST *pq = NULL, *p2; |
304 | METHOD *best_method = NULL; |
305 | int ret = 0; |
306 | int j, best = -1, score, optional; |
307 | |
308 | #ifndef FIPS_MODE |
309 | OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL); |
310 | #endif |
311 | |
312 | if (nid <= 0 || method == NULL || store == NULL) |
313 | return 0; |
314 | |
315 | /* |
316 | * This only needs to be a read lock, because queries never create property |
317 | * names or value and thus don't modify any of the property string layer. |
318 | */ |
319 | ossl_property_read_lock(store); |
320 | alg = ossl_method_store_retrieve(store, nid); |
321 | if (alg == NULL) { |
322 | ossl_property_unlock(store); |
323 | return 0; |
324 | } |
325 | |
326 | if (prop_query == NULL) { |
327 | if ((impl = sk_IMPLEMENTATION_value(alg->impls, 0)) != NULL) { |
328 | best_method = &impl->method; |
329 | ret = 1; |
330 | } |
331 | goto fin; |
332 | } |
333 | pq = ossl_parse_query(store->ctx, prop_query); |
334 | if (pq == NULL) |
335 | goto fin; |
336 | if (store->global_properties != NULL) { |
337 | p2 = ossl_property_merge(pq, store->global_properties); |
338 | if (p2 == NULL) |
339 | goto fin; |
340 | ossl_property_free(pq); |
341 | pq = p2; |
342 | } |
343 | optional = ossl_property_has_optional(pq); |
344 | for (j = 0; j < sk_IMPLEMENTATION_num(alg->impls); j++) { |
345 | impl = sk_IMPLEMENTATION_value(alg->impls, j); |
346 | score = ossl_property_match_count(pq, impl->properties); |
347 | if (score > best) { |
348 | best_method = &impl->method; |
349 | best = score; |
350 | ret = 1; |
351 | if (!optional) |
352 | goto fin; |
353 | } |
354 | } |
355 | fin: |
356 | if (ret && ossl_method_up_ref(best_method)) |
357 | *method = best_method->method; |
358 | else |
359 | ret = 0; |
360 | ossl_property_unlock(store); |
361 | ossl_property_free(pq); |
362 | return ret; |
363 | } |
364 | |
365 | int ossl_method_store_set_global_properties(OSSL_METHOD_STORE *store, |
366 | const char *prop_query) { |
367 | int ret = 0; |
368 | |
369 | if (store == NULL) |
370 | return 1; |
371 | |
372 | ossl_property_write_lock(store); |
373 | ossl_method_cache_flush_all(store); |
374 | if (prop_query == NULL) { |
375 | ossl_property_free(store->global_properties); |
376 | store->global_properties = NULL; |
377 | ossl_property_unlock(store); |
378 | return 1; |
379 | } |
380 | store->global_properties = ossl_parse_query(store->ctx, prop_query); |
381 | ret = store->global_properties != NULL; |
382 | ossl_property_unlock(store); |
383 | return ret; |
384 | } |
385 | |
386 | static void impl_cache_flush_alg(ossl_uintmax_t idx, ALGORITHM *alg) |
387 | { |
388 | lh_QUERY_doall(alg->cache, &impl_cache_free); |
389 | lh_QUERY_flush(alg->cache); |
390 | } |
391 | |
392 | static void ossl_method_cache_flush(OSSL_METHOD_STORE *store, int nid) |
393 | { |
394 | ALGORITHM *alg = ossl_method_store_retrieve(store, nid); |
395 | |
396 | if (alg != NULL) { |
397 | store->nelem -= lh_QUERY_num_items(alg->cache); |
398 | impl_cache_flush_alg(0, alg); |
399 | } |
400 | } |
401 | |
402 | static void ossl_method_cache_flush_all(OSSL_METHOD_STORE *store) |
403 | { |
404 | ossl_sa_ALGORITHM_doall(store->algs, &impl_cache_flush_alg); |
405 | store->nelem = 0; |
406 | } |
407 | |
408 | IMPLEMENT_LHASH_DOALL_ARG(QUERY, IMPL_CACHE_FLUSH); |
409 | |
410 | /* |
411 | * Flush an element from the query cache (perhaps). |
412 | * |
413 | * In order to avoid taking a write lock or using atomic operations |
414 | * to keep accurate least recently used (LRU) or least frequently used |
415 | * (LFU) information, the procedure used here is to stochastically |
416 | * flush approximately half the cache. |
417 | * |
418 | * This procedure isn't ideal, LRU or LFU would be better. However, |
419 | * in normal operation, reaching a full cache would be unexpected. |
420 | * It means that no steady state of algorithm queries has been reached. |
421 | * That is, it is most likely an attack of some form. A suboptimal clearance |
422 | * strategy that doesn't degrade performance of the normal case is |
423 | * preferable to a more refined approach that imposes a performance |
424 | * impact. |
425 | */ |
426 | static void impl_cache_flush_cache(QUERY *c, IMPL_CACHE_FLUSH *state) |
427 | { |
428 | uint32_t n; |
429 | |
430 | /* |
431 | * Implement the 32 bit xorshift as suggested by George Marsaglia in: |
432 | * https://doi.org/10.18637/jss.v008.i14 |
433 | * |
434 | * This is a very fast PRNG so there is no need to extract bits one at a |
435 | * time and use the entire value each time. |
436 | */ |
437 | n = state->seed; |
438 | n ^= n << 13; |
439 | n ^= n >> 17; |
440 | n ^= n << 5; |
441 | state->seed = n; |
442 | |
443 | if ((n & 1) != 0) |
444 | impl_cache_free(lh_QUERY_delete(state->cache, c)); |
445 | else |
446 | state->nelem++; |
447 | } |
448 | |
449 | static void impl_cache_flush_one_alg(ossl_uintmax_t idx, ALGORITHM *alg, |
450 | void *v) |
451 | { |
452 | IMPL_CACHE_FLUSH *state = (IMPL_CACHE_FLUSH *)v; |
453 | |
454 | state->cache = alg->cache; |
455 | lh_QUERY_doall_IMPL_CACHE_FLUSH(state->cache, &impl_cache_flush_cache, |
456 | state); |
457 | } |
458 | |
459 | static void ossl_method_cache_flush_some(OSSL_METHOD_STORE *store) |
460 | { |
461 | IMPL_CACHE_FLUSH state; |
462 | |
463 | state.nelem = 0; |
464 | if ((state.seed = OPENSSL_rdtsc()) == 0) |
465 | state.seed = 1; |
466 | store->need_flush = 0; |
467 | ossl_sa_ALGORITHM_doall_arg(store->algs, &impl_cache_flush_one_alg, &state); |
468 | store->nelem = state.nelem; |
469 | } |
470 | |
471 | int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, int nid, |
472 | const char *prop_query, void **method) |
473 | { |
474 | ALGORITHM *alg; |
475 | QUERY elem, *r; |
476 | int res = 0; |
477 | |
478 | if (nid <= 0 || store == NULL) |
479 | return 0; |
480 | |
481 | ossl_property_read_lock(store); |
482 | alg = ossl_method_store_retrieve(store, nid); |
483 | if (alg == NULL) |
484 | goto err; |
485 | |
486 | elem.query = prop_query != NULL ? prop_query : "" ; |
487 | r = lh_QUERY_retrieve(alg->cache, &elem); |
488 | if (r == NULL) |
489 | goto err; |
490 | if (ossl_method_up_ref(&r->method)) { |
491 | *method = r->method.method; |
492 | res = 1; |
493 | } |
494 | err: |
495 | ossl_property_unlock(store); |
496 | return res; |
497 | } |
498 | |
499 | int ossl_method_store_cache_set(OSSL_METHOD_STORE *store, int nid, |
500 | const char *prop_query, void *method, |
501 | int (*method_up_ref)(void *), |
502 | void (*method_destruct)(void *)) |
503 | { |
504 | QUERY elem, *old, *p = NULL; |
505 | ALGORITHM *alg; |
506 | size_t len; |
507 | int res = 1; |
508 | |
509 | if (nid <= 0 || store == NULL) |
510 | return 0; |
511 | if (prop_query == NULL) |
512 | return 1; |
513 | |
514 | ossl_property_write_lock(store); |
515 | if (store->need_flush) |
516 | ossl_method_cache_flush_some(store); |
517 | alg = ossl_method_store_retrieve(store, nid); |
518 | if (alg == NULL) |
519 | goto err; |
520 | |
521 | if (method == NULL) { |
522 | elem.query = prop_query; |
523 | if ((old = lh_QUERY_delete(alg->cache, &elem)) != NULL) { |
524 | impl_cache_free(old); |
525 | store->nelem--; |
526 | } |
527 | goto end; |
528 | } |
529 | p = OPENSSL_malloc(sizeof(*p) + (len = strlen(prop_query))); |
530 | if (p != NULL) { |
531 | p->query = p->body; |
532 | p->method.method = method; |
533 | p->method.up_ref = method_up_ref; |
534 | p->method.free = method_destruct; |
535 | if (!ossl_method_up_ref(&p->method)) |
536 | goto err; |
537 | memcpy((char *)p->query, prop_query, len + 1); |
538 | if ((old = lh_QUERY_insert(alg->cache, p)) != NULL) { |
539 | impl_cache_free(old); |
540 | goto end; |
541 | } |
542 | if (!lh_QUERY_error(alg->cache)) { |
543 | if (++store->nelem >= IMPL_CACHE_FLUSH_THRESHOLD) |
544 | store->need_flush = 1; |
545 | goto end; |
546 | } |
547 | ossl_method_free(&p->method); |
548 | } |
549 | err: |
550 | res = 0; |
551 | OPENSSL_free(p); |
552 | end: |
553 | ossl_property_unlock(store); |
554 | return res; |
555 | } |
556 | |