1/*
2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
4 *
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
9 */
10
11#include <string.h>
12#include <stdio.h>
13#include <stdarg.h>
14#include <openssl/crypto.h>
15#include "internal/property.h"
16#include "crypto/ctype.h"
17#include <openssl/lhash.h>
18#include <openssl/rand.h>
19#include "internal/thread_once.h"
20#include "crypto/lhash.h"
21#include "crypto/sparse_array.h"
22#include "property_local.h"
23
24/*
25 * The number of elements in the query cache before we initiate a flush.
26 * If reducing this, also ensure the stochastic test in test/property_test.c
27 * isn't likely to fail.
28 */
29#define IMPL_CACHE_FLUSH_THRESHOLD 500
30
31typedef struct {
32 void *method;
33 int (*up_ref)(void *);
34 void (*free)(void *);
35} METHOD;
36
37typedef struct {
38 const OSSL_PROVIDER *provider;
39 OSSL_PROPERTY_LIST *properties;
40 METHOD method;
41} IMPLEMENTATION;
42
43DEFINE_STACK_OF(IMPLEMENTATION)
44
45typedef struct {
46 const char *query;
47 METHOD method;
48 char body[1];
49} QUERY;
50
51DEFINE_LHASH_OF(QUERY);
52
53typedef struct {
54 int nid;
55 STACK_OF(IMPLEMENTATION) *impls;
56 LHASH_OF(QUERY) *cache;
57} ALGORITHM;
58
59struct ossl_method_store_st {
60 OPENSSL_CTX *ctx;
61 size_t nelem;
62 SPARSE_ARRAY_OF(ALGORITHM) *algs;
63 OSSL_PROPERTY_LIST *global_properties;
64 int need_flush;
65 CRYPTO_RWLOCK *lock;
66};
67
68typedef struct {
69 LHASH_OF(QUERY) *cache;
70 size_t nelem;
71 uint32_t seed;
72} IMPL_CACHE_FLUSH;
73
74DEFINE_SPARSE_ARRAY_OF(ALGORITHM);
75
76static void ossl_method_cache_flush(OSSL_METHOD_STORE *store, int nid);
77static void ossl_method_cache_flush_all(OSSL_METHOD_STORE *c);
78
79static int ossl_method_up_ref(METHOD *method)
80{
81 return (*method->up_ref)(method->method);
82}
83
84static void ossl_method_free(METHOD *method)
85{
86 (*method->free)(method->method);
87}
88
89int ossl_property_read_lock(OSSL_METHOD_STORE *p)
90{
91 return p != NULL ? CRYPTO_THREAD_read_lock(p->lock) : 0;
92}
93
94int ossl_property_write_lock(OSSL_METHOD_STORE *p)
95{
96 return p != NULL ? CRYPTO_THREAD_write_lock(p->lock) : 0;
97}
98
99int ossl_property_unlock(OSSL_METHOD_STORE *p)
100{
101 return p != 0 ? CRYPTO_THREAD_unlock(p->lock) : 0;
102}
103
104static unsigned long query_hash(const QUERY *a)
105{
106 return OPENSSL_LH_strhash(a->query);
107}
108
109static int query_cmp(const QUERY *a, const QUERY *b)
110{
111 return strcmp(a->query, b->query);
112}
113
114static void impl_free(IMPLEMENTATION *impl)
115{
116 if (impl != NULL) {
117 ossl_method_free(&impl->method);
118 OPENSSL_free(impl);
119 }
120}
121
122static void impl_cache_free(QUERY *elem)
123{
124 if (elem != NULL) {
125 ossl_method_free(&elem->method);
126 OPENSSL_free(elem);
127 }
128}
129
130static void alg_cleanup(ossl_uintmax_t idx, ALGORITHM *a)
131{
132 if (a != NULL) {
133 sk_IMPLEMENTATION_pop_free(a->impls, &impl_free);
134 lh_QUERY_doall(a->cache, &impl_cache_free);
135 lh_QUERY_free(a->cache);
136 OPENSSL_free(a);
137 }
138}
139
140/*
141 * The OPENSSL_CTX param here allows access to underlying property data needed
142 * for computation
143 */
144OSSL_METHOD_STORE *ossl_method_store_new(OPENSSL_CTX *ctx)
145{
146 OSSL_METHOD_STORE *res;
147
148 res = OPENSSL_zalloc(sizeof(*res));
149 if (res != NULL) {
150 res->ctx = ctx;
151 if ((res->algs = ossl_sa_ALGORITHM_new()) == NULL) {
152 OPENSSL_free(res);
153 return NULL;
154 }
155 if ((res->lock = CRYPTO_THREAD_lock_new()) == NULL) {
156 ossl_sa_ALGORITHM_free(res->algs);
157 OPENSSL_free(res);
158 return NULL;
159 }
160 }
161 return res;
162}
163
164void ossl_method_store_free(OSSL_METHOD_STORE *store)
165{
166 if (store != NULL) {
167 ossl_sa_ALGORITHM_doall(store->algs, &alg_cleanup);
168 ossl_sa_ALGORITHM_free(store->algs);
169 ossl_property_free(store->global_properties);
170 CRYPTO_THREAD_lock_free(store->lock);
171 OPENSSL_free(store);
172 }
173}
174
175static ALGORITHM *ossl_method_store_retrieve(OSSL_METHOD_STORE *store, int nid)
176{
177 return ossl_sa_ALGORITHM_get(store->algs, nid);
178}
179
180static int ossl_method_store_insert(OSSL_METHOD_STORE *store, ALGORITHM *alg)
181{
182 return ossl_sa_ALGORITHM_set(store->algs, alg->nid, alg);
183}
184
185int ossl_method_store_add(OSSL_METHOD_STORE *store, const OSSL_PROVIDER *prov,
186 int nid, const char *properties, void *method,
187 int (*method_up_ref)(void *),
188 void (*method_destruct)(void *))
189{
190 ALGORITHM *alg = NULL;
191 IMPLEMENTATION *impl;
192 int ret = 0;
193 int i;
194
195 if (nid <= 0 || method == NULL || store == NULL)
196 return 0;
197 if (properties == NULL)
198 properties = "";
199
200 /* Create new entry */
201 impl = OPENSSL_malloc(sizeof(*impl));
202 if (impl == NULL)
203 return 0;
204 impl->method.method = method;
205 impl->method.up_ref = method_up_ref;
206 impl->method.free = method_destruct;
207 if (!ossl_method_up_ref(&impl->method)) {
208 OPENSSL_free(impl);
209 return 0;
210 }
211 impl->provider = prov;
212
213 /*
214 * Insert into the hash table if required.
215 *
216 * A write lock is used unconditionally because we wend our way down to the
217 * property string code which isn't locking friendly.
218 */
219 ossl_property_write_lock(store);
220 ossl_method_cache_flush(store, nid);
221 if ((impl->properties = ossl_prop_defn_get(store->ctx, properties)) == NULL) {
222 impl->properties = ossl_parse_property(store->ctx, properties);
223 if (impl->properties == NULL)
224 goto err;
225 ossl_prop_defn_set(store->ctx, properties, impl->properties);
226 }
227
228 alg = ossl_method_store_retrieve(store, nid);
229 if (alg == NULL) {
230 if ((alg = OPENSSL_zalloc(sizeof(*alg))) == NULL
231 || (alg->impls = sk_IMPLEMENTATION_new_null()) == NULL
232 || (alg->cache = lh_QUERY_new(&query_hash, &query_cmp)) == NULL)
233 goto err;
234 alg->nid = nid;
235 if (!ossl_method_store_insert(store, alg))
236 goto err;
237 }
238
239 /* Push onto stack if there isn't one there already */
240 for (i = 0; i < sk_IMPLEMENTATION_num(alg->impls); i++) {
241 const IMPLEMENTATION *tmpimpl = sk_IMPLEMENTATION_value(alg->impls, i);
242
243 if (tmpimpl->provider == impl->provider
244 && tmpimpl->properties == impl->properties)
245 break;
246 }
247 if (i == sk_IMPLEMENTATION_num(alg->impls)
248 && sk_IMPLEMENTATION_push(alg->impls, impl))
249 ret = 1;
250 ossl_property_unlock(store);
251 if (ret == 0)
252 impl_free(impl);
253 return ret;
254
255err:
256 ossl_property_unlock(store);
257 alg_cleanup(0, alg);
258 impl_free(impl);
259 return 0;
260}
261
262int ossl_method_store_remove(OSSL_METHOD_STORE *store, int nid,
263 const void *method)
264{
265 ALGORITHM *alg = NULL;
266 int i;
267
268 if (nid <= 0 || method == NULL || store == NULL)
269 return 0;
270
271 ossl_property_write_lock(store);
272 ossl_method_cache_flush(store, nid);
273 alg = ossl_method_store_retrieve(store, nid);
274 if (alg == NULL) {
275 ossl_property_unlock(store);
276 return 0;
277 }
278
279 /*
280 * A sorting find then a delete could be faster but these stacks should be
281 * relatively small, so we avoid the overhead. Sorting could also surprise
282 * users when result orderings change (even though they are not guaranteed).
283 */
284 for (i = 0; i < sk_IMPLEMENTATION_num(alg->impls); i++) {
285 IMPLEMENTATION *impl = sk_IMPLEMENTATION_value(alg->impls, i);
286
287 if (impl->method.method == method) {
288 impl_free(impl);
289 sk_IMPLEMENTATION_delete(alg->impls, i);
290 ossl_property_unlock(store);
291 return 1;
292 }
293 }
294 ossl_property_unlock(store);
295 return 0;
296}
297
298int ossl_method_store_fetch(OSSL_METHOD_STORE *store, int nid,
299 const char *prop_query, void **method)
300{
301 ALGORITHM *alg;
302 IMPLEMENTATION *impl;
303 OSSL_PROPERTY_LIST *pq = NULL, *p2;
304 METHOD *best_method = NULL;
305 int ret = 0;
306 int j, best = -1, score, optional;
307
308#ifndef FIPS_MODE
309 OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
310#endif
311
312 if (nid <= 0 || method == NULL || store == NULL)
313 return 0;
314
315 /*
316 * This only needs to be a read lock, because queries never create property
317 * names or value and thus don't modify any of the property string layer.
318 */
319 ossl_property_read_lock(store);
320 alg = ossl_method_store_retrieve(store, nid);
321 if (alg == NULL) {
322 ossl_property_unlock(store);
323 return 0;
324 }
325
326 if (prop_query == NULL) {
327 if ((impl = sk_IMPLEMENTATION_value(alg->impls, 0)) != NULL) {
328 best_method = &impl->method;
329 ret = 1;
330 }
331 goto fin;
332 }
333 pq = ossl_parse_query(store->ctx, prop_query);
334 if (pq == NULL)
335 goto fin;
336 if (store->global_properties != NULL) {
337 p2 = ossl_property_merge(pq, store->global_properties);
338 if (p2 == NULL)
339 goto fin;
340 ossl_property_free(pq);
341 pq = p2;
342 }
343 optional = ossl_property_has_optional(pq);
344 for (j = 0; j < sk_IMPLEMENTATION_num(alg->impls); j++) {
345 impl = sk_IMPLEMENTATION_value(alg->impls, j);
346 score = ossl_property_match_count(pq, impl->properties);
347 if (score > best) {
348 best_method = &impl->method;
349 best = score;
350 ret = 1;
351 if (!optional)
352 goto fin;
353 }
354 }
355fin:
356 if (ret && ossl_method_up_ref(best_method))
357 *method = best_method->method;
358 else
359 ret = 0;
360 ossl_property_unlock(store);
361 ossl_property_free(pq);
362 return ret;
363}
364
365int ossl_method_store_set_global_properties(OSSL_METHOD_STORE *store,
366 const char *prop_query) {
367 int ret = 0;
368
369 if (store == NULL)
370 return 1;
371
372 ossl_property_write_lock(store);
373 ossl_method_cache_flush_all(store);
374 if (prop_query == NULL) {
375 ossl_property_free(store->global_properties);
376 store->global_properties = NULL;
377 ossl_property_unlock(store);
378 return 1;
379 }
380 store->global_properties = ossl_parse_query(store->ctx, prop_query);
381 ret = store->global_properties != NULL;
382 ossl_property_unlock(store);
383 return ret;
384}
385
386static void impl_cache_flush_alg(ossl_uintmax_t idx, ALGORITHM *alg)
387{
388 lh_QUERY_doall(alg->cache, &impl_cache_free);
389 lh_QUERY_flush(alg->cache);
390}
391
392static void ossl_method_cache_flush(OSSL_METHOD_STORE *store, int nid)
393{
394 ALGORITHM *alg = ossl_method_store_retrieve(store, nid);
395
396 if (alg != NULL) {
397 store->nelem -= lh_QUERY_num_items(alg->cache);
398 impl_cache_flush_alg(0, alg);
399 }
400}
401
402static void ossl_method_cache_flush_all(OSSL_METHOD_STORE *store)
403{
404 ossl_sa_ALGORITHM_doall(store->algs, &impl_cache_flush_alg);
405 store->nelem = 0;
406}
407
408IMPLEMENT_LHASH_DOALL_ARG(QUERY, IMPL_CACHE_FLUSH);
409
410/*
411 * Flush an element from the query cache (perhaps).
412 *
413 * In order to avoid taking a write lock or using atomic operations
414 * to keep accurate least recently used (LRU) or least frequently used
415 * (LFU) information, the procedure used here is to stochastically
416 * flush approximately half the cache.
417 *
418 * This procedure isn't ideal, LRU or LFU would be better. However,
419 * in normal operation, reaching a full cache would be unexpected.
420 * It means that no steady state of algorithm queries has been reached.
421 * That is, it is most likely an attack of some form. A suboptimal clearance
422 * strategy that doesn't degrade performance of the normal case is
423 * preferable to a more refined approach that imposes a performance
424 * impact.
425 */
426static void impl_cache_flush_cache(QUERY *c, IMPL_CACHE_FLUSH *state)
427{
428 uint32_t n;
429
430 /*
431 * Implement the 32 bit xorshift as suggested by George Marsaglia in:
432 * https://doi.org/10.18637/jss.v008.i14
433 *
434 * This is a very fast PRNG so there is no need to extract bits one at a
435 * time and use the entire value each time.
436 */
437 n = state->seed;
438 n ^= n << 13;
439 n ^= n >> 17;
440 n ^= n << 5;
441 state->seed = n;
442
443 if ((n & 1) != 0)
444 impl_cache_free(lh_QUERY_delete(state->cache, c));
445 else
446 state->nelem++;
447}
448
449static void impl_cache_flush_one_alg(ossl_uintmax_t idx, ALGORITHM *alg,
450 void *v)
451{
452 IMPL_CACHE_FLUSH *state = (IMPL_CACHE_FLUSH *)v;
453
454 state->cache = alg->cache;
455 lh_QUERY_doall_IMPL_CACHE_FLUSH(state->cache, &impl_cache_flush_cache,
456 state);
457}
458
459static void ossl_method_cache_flush_some(OSSL_METHOD_STORE *store)
460{
461 IMPL_CACHE_FLUSH state;
462
463 state.nelem = 0;
464 if ((state.seed = OPENSSL_rdtsc()) == 0)
465 state.seed = 1;
466 store->need_flush = 0;
467 ossl_sa_ALGORITHM_doall_arg(store->algs, &impl_cache_flush_one_alg, &state);
468 store->nelem = state.nelem;
469}
470
471int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, int nid,
472 const char *prop_query, void **method)
473{
474 ALGORITHM *alg;
475 QUERY elem, *r;
476 int res = 0;
477
478 if (nid <= 0 || store == NULL)
479 return 0;
480
481 ossl_property_read_lock(store);
482 alg = ossl_method_store_retrieve(store, nid);
483 if (alg == NULL)
484 goto err;
485
486 elem.query = prop_query != NULL ? prop_query : "";
487 r = lh_QUERY_retrieve(alg->cache, &elem);
488 if (r == NULL)
489 goto err;
490 if (ossl_method_up_ref(&r->method)) {
491 *method = r->method.method;
492 res = 1;
493 }
494err:
495 ossl_property_unlock(store);
496 return res;
497}
498
499int ossl_method_store_cache_set(OSSL_METHOD_STORE *store, int nid,
500 const char *prop_query, void *method,
501 int (*method_up_ref)(void *),
502 void (*method_destruct)(void *))
503{
504 QUERY elem, *old, *p = NULL;
505 ALGORITHM *alg;
506 size_t len;
507 int res = 1;
508
509 if (nid <= 0 || store == NULL)
510 return 0;
511 if (prop_query == NULL)
512 return 1;
513
514 ossl_property_write_lock(store);
515 if (store->need_flush)
516 ossl_method_cache_flush_some(store);
517 alg = ossl_method_store_retrieve(store, nid);
518 if (alg == NULL)
519 goto err;
520
521 if (method == NULL) {
522 elem.query = prop_query;
523 if ((old = lh_QUERY_delete(alg->cache, &elem)) != NULL) {
524 impl_cache_free(old);
525 store->nelem--;
526 }
527 goto end;
528 }
529 p = OPENSSL_malloc(sizeof(*p) + (len = strlen(prop_query)));
530 if (p != NULL) {
531 p->query = p->body;
532 p->method.method = method;
533 p->method.up_ref = method_up_ref;
534 p->method.free = method_destruct;
535 if (!ossl_method_up_ref(&p->method))
536 goto err;
537 memcpy((char *)p->query, prop_query, len + 1);
538 if ((old = lh_QUERY_insert(alg->cache, p)) != NULL) {
539 impl_cache_free(old);
540 goto end;
541 }
542 if (!lh_QUERY_error(alg->cache)) {
543 if (++store->nelem >= IMPL_CACHE_FLUSH_THRESHOLD)
544 store->need_flush = 1;
545 goto end;
546 }
547 ossl_method_free(&p->method);
548 }
549err:
550 res = 0;
551 OPENSSL_free(p);
552end:
553 ossl_property_unlock(store);
554 return res;
555}
556