summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2021-02-19 17:03:43 +0000
committerPauli <ppzgs1@gmail.com>2021-02-25 08:37:22 +1000
commitd84f5515faf3fe00ed5eeca7e7b8b041be863e90 (patch)
treeb2e8245e0a152f16b5bb2c5260e47781a6261c9d
parent6be27456e1346121b1fed797e92353733b59e16e (diff)
Don't hold a lock when calling a callback in ossl_namemap_doall_names
We don't want to hold a read lock when calling a user supplied callback. That callback could do anything so the risk of a deadlock is high. Instead we collect all the names first inside the read lock, and then subsequently call the user callback outside the read lock. Fixes #14225 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14250)
Diffstat
-rw-r--r--apps/list.c306
-rw-r--r--crypto/core_namemap.c48
-rw-r--r--crypto/encode_decode/decoder_meth.c12
-rw-r--r--crypto/encode_decode/decoder_pkey.c8
-rw-r--r--crypto/encode_decode/encoder_meth.c12
-rw-r--r--crypto/evp/asymcipher.c10
-rw-r--r--crypto/evp/digest.c4
-rw-r--r--crypto/evp/evp_enc.c4
-rw-r--r--crypto/evp/evp_fetch.c8
-rw-r--r--crypto/evp/evp_lib.c20
-rw-r--r--crypto/evp/evp_local.h6
-rw-r--r--crypto/evp/evp_rand.c10
-rw-r--r--crypto/evp/exchange.c10
-rw-r--r--crypto/evp/kdf_lib.c10
-rw-r--r--crypto/evp/kem.c10
-rw-r--r--crypto/evp/keymgmt_meth.c10
-rw-r--r--crypto/evp/mac_lib.c10
-rw-r--r--crypto/evp/names.c6
-rw-r--r--crypto/evp/p_lib.c19
-rw-r--r--crypto/evp/signature.c10
-rw-r--r--crypto/store/store_meth.c12
-rw-r--r--doc/internal/man3/ossl_namemap_new.pod9
-rw-r--r--doc/man3/EVP_ASYM_CIPHER_free.pod9
-rw-r--r--doc/man3/EVP_DigestInit.pod11
-rw-r--r--doc/man3/EVP_EncryptInit.pod9
-rw-r--r--doc/man3/EVP_KDF.pod9
-rw-r--r--doc/man3/EVP_KEM_free.pod7
-rw-r--r--doc/man3/EVP_KEYEXCH_free.pod9
-rw-r--r--doc/man3/EVP_KEYMGMT.pod9
-rw-r--r--doc/man3/EVP_MAC.pod9
-rw-r--r--doc/man3/EVP_PKEY_is_a.pod9
-rw-r--r--doc/man3/EVP_RAND.pod9
-rw-r--r--doc/man3/EVP_SIGNATURE_free.pod9
-rw-r--r--doc/man3/OSSL_DECODER.pod9
-rw-r--r--doc/man3/OSSL_ENCODER.pod9
-rw-r--r--doc/man3/OSSL_STORE_LOADER.pod9
-rw-r--r--include/internal/namemap.h6
-rw-r--r--include/openssl/decoder.h6
-rw-r--r--include/openssl/encoder.h6
-rw-r--r--include/openssl/evp.h58
-rw-r--r--include/openssl/kdf.h6
-rw-r--r--include/openssl/store.h6
42 files changed, 445 insertions, 323 deletions
diff --git a/apps/list.c b/apps/list.c
index 72c4205e9a..e16e2bf7bc 100644
--- a/apps/list.c
+++ b/apps/list.c
@@ -91,22 +91,23 @@ static void list_ciphers(void)
continue;
names = sk_OPENSSL_CSTRING_new(name_cmp);
- EVP_CIPHER_names_do_all(c, collect_names, names);
- BIO_printf(bio_out, " ");
- print_names(bio_out, names);
- sk_OPENSSL_CSTRING_free(names);
-
- BIO_printf(bio_out, " @ %s\n",
- OSSL_PROVIDER_name(EVP_CIPHER_provider(c)));
-
- if (verbose) {
- print_param_types("retrievable algorithm parameters",
- EVP_CIPHER_gettable_params(c), 4);
- print_param_types("retrievable operation parameters",
- EVP_CIPHER_gettable_ctx_params(c), 4);
- print_param_types("settable operation parameters",
- EVP_CIPHER_settable_ctx_params(c), 4);
+ if (names != NULL && EVP_CIPHER_names_do_all(c, collect_names, names)) {
+ BIO_printf(bio_out, " ");
+ print_names(bio_out, names);
+
+ BIO_printf(bio_out, " @ %s\n",
+ OSSL_PROVIDER_name(EVP_CIPHER_provider(c)));
+
+ if (verbose) {
+ print_param_types("retrievable algorithm parameters",
+ EVP_CIPHER_gettable_params(c), 4);
+ print_param_types("retrievable operation parameters",
+ EVP_CIPHER_gettable_ctx_params(c), 4);
+ print_param_types("settable operation parameters",
+ EVP_CIPHER_settable_ctx_params(c), 4);
+ }
}
+ sk_OPENSSL_CSTRING_free(names);
}
sk_EVP_CIPHER_pop_free(ciphers, EVP_CIPHER_free);
}
@@ -168,21 +169,22 @@ static void list_digests(void)
continue;
names = sk_OPENSSL_CSTRING_new(name_cmp);
- EVP_MD_names_do_all(m, collect_names, names);
- BIO_printf(bio_out, " ");
- print_names(bio_out, names);
- sk_OPENSSL_CSTRING_free(names);
-
- BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MD_provider(m)));
-
- if (verbose) {
- print_param_types("retrievable algorithm parameters",
- EVP_MD_gettable_params(m), 4);
- print_param_types("retrievable operation parameters",
- EVP_MD_gettable_ctx_params(m), 4);
- print_param_types("settable operation parameters",
- EVP_MD_settable_ctx_params(m), 4);
+ if (names != NULL && EVP_MD_names_do_all(m, collect_names, names)) {
+ BIO_printf(bio_out, " ");
+ print_names(bio_out, names);
+
+ BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MD_provider(m)));
+
+ if (verbose) {
+ print_param_types("retrievable algorithm parameters",
+ EVP_MD_gettable_params(m), 4);
+ print_param_types("retrievable operation parameters",
+ EVP_MD_gettable_ctx_params(m), 4);
+ print_param_types("settable operation parameters",
+ EVP_MD_settable_ctx_params(m), 4);
+ }
}
+ sk_OPENSSL_CSTRING_free(names);
}
sk_EVP_MD_pop_free(digests, EVP_MD_free);
}
@@ -227,21 +229,22 @@ static void list_macs(void)
continue;
names = sk_OPENSSL_CSTRING_new(name_cmp);
- EVP_MAC_names_do_all(m, collect_names, names);
- BIO_printf(bio_out, " ");
- print_names(bio_out, names);
- sk_OPENSSL_CSTRING_free(names);
-
- BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MAC_provider(m)));
-
- if (verbose) {
- print_param_types("retrievable algorithm parameters",
- EVP_MAC_gettable_params(m), 4);
- print_param_types("retrievable operation parameters",
- EVP_MAC_gettable_ctx_params(m), 4);
- print_param_types("settable operation parameters",
- EVP_MAC_settable_ctx_params(m), 4);
+ if (names != NULL && EVP_MAC_names_do_all(m, collect_names, names)) {
+ BIO_printf(bio_out, " ");
+ print_names(bio_out, names);
+
+ BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MAC_provider(m)));
+
+ if (verbose) {
+ print_param_types("retrievable algorithm parameters",
+ EVP_MAC_gettable_params(m), 4);
+ print_param_types("retrievable operation parameters",
+ EVP_MAC_gettable_ctx_params(m), 4);
+ print_param_types("settable operation parameters",
+ EVP_MAC_settable_ctx_params(m), 4);
+ }
}
+ sk_OPENSSL_CSTRING_free(names);
}
sk_EVP_MAC_pop_free(macs, EVP_MAC_free);
}
@@ -289,21 +292,22 @@ static void list_kdfs(void)
continue;
names = sk_OPENSSL_CSTRING_new(name_cmp);
- EVP_KDF_names_do_all(k, collect_names, names);
- BIO_printf(bio_out, " ");
- print_names(bio_out, names);
- sk_OPENSSL_CSTRING_free(names);
-
- BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KDF_provider(k)));
-
- if (verbose) {
- print_param_types("retrievable algorithm parameters",
- EVP_KDF_gettable_params(k), 4);
- print_param_types("retrievable operation parameters",
- EVP_KDF_gettable_ctx_params(k), 4);
- print_param_types("settable operation parameters",
- EVP_KDF_settable_ctx_params(k), 4);
+ if (names != NULL && EVP_KDF_names_do_all(k, collect_names, names)) {
+ BIO_printf(bio_out, " ");
+ print_names(bio_out, names);
+
+ BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KDF_provider(k)));
+
+ if (verbose) {
+ print_param_types("retrievable algorithm parameters",
+ EVP_KDF_gettable_params(k), 4);
+ print_param_types("retrievable operation parameters",
+ EVP_KDF_gettable_ctx_params(k), 4);
+ print_param_types("settable operation parameters",
+ EVP_KDF_settable_ctx_params(k), 4);
+ }
}
+ sk_OPENSSL_CSTRING_free(names);
}
sk_EVP_KDF_pop_free(kdfs, EVP_KDF_free);
}
@@ -478,19 +482,20 @@ static void list_encoders(void)
continue;
names = sk_OPENSSL_CSTRING_new(name_cmp);
- OSSL_ENCODER_names_do_all(k, collect_names, names);
- BIO_printf(bio_out, " ");
- print_names(bio_out, names);
- sk_OPENSSL_CSTRING_free(names);
+ if (names != NULL && OSSL_ENCODER_names_do_all(k, collect_names, names)) {
+ BIO_printf(bio_out, " ");
+ print_names(bio_out, names);
- BIO_printf(bio_out, " @ %s (%s)\n",
- OSSL_PROVIDER_name(OSSL_ENCODER_provider(k)),
- OSSL_ENCODER_properties(k));
+ BIO_printf(bio_out, " @ %s (%s)\n",
+ OSSL_PROVIDER_name(OSSL_ENCODER_provider(k)),
+ OSSL_ENCODER_properties(k));
- if (verbose) {
- print_param_types("settable operation parameters",
- OSSL_ENCODER_settable_ctx_params(k), 4);
+ if (verbose) {
+ print_param_types("settable operation parameters",
+ OSSL_ENCODER_settable_ctx_params(k), 4);
+ }
}
+ sk_OPENSSL_CSTRING_free(names);
}
sk_OSSL_ENCODER_pop_free(encoders, OSSL_ENCODER_free);
}
@@ -541,19 +546,20 @@ static void list_decoders(void)
continue;
names = sk_OPENSSL_CSTRING_new(name_cmp);
- OSSL_DECODER_names_do_all(k, collect_names, names);
- BIO_printf(bio_out, " ");
- print_names(bio_out, names);
- sk_OPENSSL_CSTRING_free(names);
+ if (names != NULL && OSSL_DECODER_names_do_all(k, collect_names, names)) {
+ BIO_printf(bio_out, " ");
+ print_names(bio_out, names);
- BIO_printf(bio_out, " @ %s (%s)\n",
- OSSL_PROVIDER_name(OSSL_DECODER_provider(k)),
- OSSL_DECODER_properties(k));
+ BIO_printf(bio_out, " @ %s (%s)\n",
+ OSSL_PROVIDER_name(OSSL_DECODER_provider(k)),
+ OSSL_DECODER_properties(k));
- if (verbose) {
- print_param_types("settable operation parameters",
- OSSL_DECODER_settable_ctx_params(k), 4);
+ if (verbose) {
+ print_param_types("settable operation parameters",
+ OSSL_DECODER_settable_ctx_params(k), 4);
+ }
}
+ sk_OPENSSL_CSTRING_free(names);
}
sk_OSSL_DECODER_pop_free(decoders, OSSL_DECODER_free);
}
@@ -594,22 +600,23 @@ static void list_keymanagers(void)
continue;
names = sk_OPENSSL_CSTRING_new(name_cmp);
- EVP_KEYMGMT_names_do_all(k, collect_names, names);
- BIO_printf(bio_out, " ");
- print_names(bio_out, names);
- sk_OPENSSL_CSTRING_free(names);
-
- BIO_printf(bio_out, " @ %s\n",
- OSSL_PROVIDER_name(EVP_KEYMGMT_provider(k)));
-
- if (verbose) {
- print_param_types("settable key generation parameters",
- EVP_KEYMGMT_gen_settable_params(k), 4);
- print_param_types("settable operation parameters",
- EVP_KEYMGMT_settable_params(k), 4);
- print_param_types("retrievable operation parameters",
- EVP_KEYMGMT_gettable_params(k), 4);
+ if (names != NULL && EVP_KEYMGMT_names_do_all(k, collect_names, names)) {
+ BIO_printf(bio_out, " ");
+ print_names(bio_out, names);
+
+ BIO_printf(bio_out, " @ %s\n",
+ OSSL_PROVIDER_name(EVP_KEYMGMT_provider(k)));
+
+ if (verbose) {
+ print_param_types("settable key generation parameters",
+ EVP_KEYMGMT_gen_settable_params(k), 4);
+ print_param_types("settable operation parameters",
+ EVP_KEYMGMT_settable_params(k), 4);
+ print_param_types("retrievable operation parameters",
+ EVP_KEYMGMT_gettable_params(k), 4);
+ }
}
+ sk_OPENSSL_CSTRING_free(names);
}
sk_EVP_KEYMGMT_pop_free(km_stack, EVP_KEYMGMT_free);
}
@@ -650,21 +657,22 @@ static void list_signatures(void)
continue;
names = sk_OPENSSL_CSTRING_new(name_cmp);
- EVP_SIGNATURE_names_do_all(k, collect_names, names);
- count++;
- BIO_printf(bio_out, " ");
- print_names(bio_out, names);
- sk_OPENSSL_CSTRING_free(names);
-
- BIO_printf(bio_out, " @ %s\n",
- OSSL_PROVIDER_name(EVP_SIGNATURE_provider(k)));
-
- if (verbose) {
- print_param_types("settable operation parameters",
- EVP_SIGNATURE_settable_ctx_params(k), 4);
- print_param_types("retrievable operation parameters",
- EVP_SIGNATURE_gettable_ctx_params(k), 4);
+ if (names != NULL && EVP_SIGNATURE_names_do_all(k, collect_names, names)) {
+ count++;
+ BIO_printf(bio_out, " ");
+ print_names(bio_out, names);
+
+ BIO_printf(bio_out, " @ %s\n",
+ OSSL_PROVIDER_name(EVP_SIGNATURE_provider(k)));
+
+ if (verbose) {
+ print_param_types("settable operation parameters",
+ EVP_SIGNATURE_settable_ctx_params(k), 4);
+ print_param_types("retrievable operation parameters",
+ EVP_SIGNATURE_gettable_ctx_params(k), 4);
+ }
}
+ sk_OPENSSL_CSTRING_free(names);
}
sk_EVP_SIGNATURE_pop_free(sig_stack, EVP_SIGNATURE_free);
if (count == 0)
@@ -707,20 +715,21 @@ static void list_kems(void)
continue;
names = sk_OPENSSL_CSTRING_new(name_cmp);
- EVP_KEM_names_do_all(k, collect_names, names);
- count++;
- BIO_printf(bio_out, " ");
- print_names(bio_out, names);
- sk_OPENSSL_CSTRING_free(names);
-
- BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KEM_provider(k)));
-
- if (verbose) {
- print_param_types("settable operation parameters",
- EVP_KEM_settable_ctx_params(k), 4);
- print_param_types("retrievable operation parameters",
- EVP_KEM_gettable_ctx_params(k), 4);
+ if (names != NULL && EVP_KEM_names_do_all(k, collect_names, names)) {
+ count++;
+ BIO_printf(bio_out, " ");
+ print_names(bio_out, names);
+
+ BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KEM_provider(k)));
+
+ if (verbose) {
+ print_param_types("settable operation parameters",
+ EVP_KEM_settable_ctx_params(k), 4);
+ print_param_types("retrievable operation parameters",
+ EVP_KEM_gettable_ctx_params(k), 4);
+ }
}
+ sk_OPENSSL_CSTRING_free(names);
}
sk_EVP_KEM_pop_free(kem_stack, EVP_KEM_free);
if (count == 0)
@@ -764,21 +773,23 @@ static void list_asymciphers(void)
continue;
names = sk_OPENSSL_CSTRING_new(name_cmp);
- EVP_ASYM_CIPHER_names_do_all(k, collect_names, names);
- count++;
- BIO_printf(bio_out, " ");
- print_names(bio_out, names);
- sk_OPENSSL_CSTRING_free(names);
-
- BIO_printf(bio_out, " @ %s\n",
- OSSL_PROVIDER_name(EVP_ASYM_CIPHER_provider(k)));
-
- if (verbose) {
- print_param_types("settable operation parameters",
- EVP_ASYM_CIPHER_settable_ctx_params(k), 4);
- print_param_types("retrievable operation parameters",
- EVP_ASYM_CIPHER_gettable_ctx_params(k), 4);
+ if (names != NULL
+ && EVP_ASYM_CIPHER_names_do_all(k, collect_names, names)) {
+ count++;
+ BIO_printf(bio_out, " ");
+ print_names(bio_out, names);
+
+ BIO_printf(bio_out, " @ %s\n",
+ OSSL_PROVIDER_name(EVP_ASYM_CIPHER_provider(k)));
+
+ if (verbose) {
+ print_param_types("settable operation parameters",
+ EVP_ASYM_CIPHER_settable_ctx_params(k), 4);
+ print_param_types("retrievable operation parameters",
+ EVP_ASYM_CIPHER_gettable_ctx_params(k), 4);
+ }
}
+ sk_OPENSSL_CSTRING_free(names);
}
sk_EVP_ASYM_CIPHER_pop_free(asymciph_stack, EVP_ASYM_CIPHER_free);
if (count == 0)
@@ -821,21 +832,22 @@ static void list_keyexchanges(void)
continue;
names = sk_OPENSSL_CSTRING_new(name_cmp);
- EVP_KEYEXCH_names_do_all(k, collect_names, names);
- count++;
- BIO_printf(bio_out, " ");
- print_names(bio_out, names);
- sk_OPENSSL_CSTRING_free(names);
-
- BIO_printf(bio_out, " @ %s\n",
- OSSL_PROVIDER_name(EVP_KEYEXCH_provider(k)));
-
- if (verbose) {
- print_param_types("settable operation parameters",
- EVP_KEYEXCH_settable_ctx_params(k), 4);
- print_param_types("retrievable operation parameters",
- EVP_KEYEXCH_gettable_ctx_params(k), 4);
+ if (names != NULL && EVP_KEYEXCH_names_do_all(k, collect_names, names)) {
+ count++;
+ BIO_printf(bio_out, " ");
+ print_names(bio_out, names);
+
+ BIO_printf(bio_out, " @ %s\n",
+ OSSL_PROVIDER_name(EVP_KEYEXCH_provider(k)));
+
+ if (verbose) {
+ print_param_types("settable operation parameters",
+ EVP_KEYEXCH_settable_ctx_params(k), 4);
+ print_param_types("retrievable operation parameters",
+ EVP_KEYEXCH_gettable_ctx_params(k), 4);
+ }
}
+ sk_OPENSSL_CSTRING_free(names);
}
sk_EVP_KEYEXCH_pop_free(kex_stack, EVP_KEYEXCH_free);
if (count == 0)
diff --git a/crypto/core_namemap.c b/crypto/core_namemap.c
index 0cde909fc4..a81c2dec96 100644
--- a/crypto/core_namemap.c
+++ b/crypto/core_namemap.c
@@ -116,31 +116,60 @@ int ossl_namemap_empty(OSSL_NAMEMAP *namemap)
typedef struct doall_names_data_st {
int number;
- void (*fn)(const char *name, void *data);
- void *data;
+ const char **names;
+ int found;
} DOALL_NAMES_DATA;
static void do_name(const NAMENUM_ENTRY *namenum, DOALL_NAMES_DATA *data)
{
if (namenum->number == data->number)
- data->fn(namenum->name, data->data);
+ data->names[data->found++] = namenum->name;
}
IMPLEMENT_LHASH_DOALL_ARG_CONST(NAMENUM_ENTRY, DOALL_NAMES_DATA);
-void ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number,
- void (*fn)(const char *name, void *data),
- void *data)
+/*
+ * Call the callback for all names in the namemap with the given number.
+ * A return value 1 means that the callback was called for all names. A
+ * return value of 0 means that the callback was not called for any names.
+ */
+int ossl_namemap_doall_names(const OSSL_NAMEMAP *namemap, int number,
+ void (*fn)(const char *name, void *data),
+ void *data)
{
DOALL_NAMES_DATA cbdata;
+ size_t num_names;
+ int i;
cbdata.number = number;
- cbdata.fn = fn;
- cbdata.data = data;
+ cbdata.found = 0;
+
+ /*
+ * We collect all the names first under a read lock. Subsequently we call
+ * the user function, so that we're not holding the read lock when in user
+ * code. This could lead to deadlocks.
+ */
CRYPTO_THREAD_read_lock(namemap->lock);
+ num_names = lh_NAMENUM_ENTRY_num_items(namemap->namenum);
+
+ if (num_names == 0) {
+ CRYPTO_THREAD_unlock(namemap->lock);
+ return 0;
+ }
+ cbdata.names = OPENSSL_malloc(sizeof(*cbdata.names) * num_names);
+ if (cbdata.names == NULL) {
+ CRYPTO_THREAD_unlock(namemap->lock);
+ return 0;
+ }
lh_NAMENUM_ENTRY_doall_DOALL_NAMES_DATA(namemap->namenum, do_name,
&cbdata);
CRYPTO_THREAD_unlock(namemap->lock);
+
+ for (i = 0; i < cbdata.found; i++)
+ fn(cbdata.names[i], data);
+
+ OPENSSL_free(cbdata.names);
+ return 1;
}
static int namemap_name2num_n(const OSSL_NAMEMAP *namemap,
@@ -207,7 +236,8 @@ const char *ossl_namemap_num2name(const OSSL_NAMEMAP *namemap, int number,
data.idx = idx;
data.name = NULL;
- ossl_namemap_doall_names(namemap, number, do_num2name, &data);
+ if (!ossl_namemap_doall_names(namemap, number, do_num2name, &data))
+ return NULL;
return data.name;
}
diff --git a/crypto/encode_decode/decoder_meth.c b/crypto/encode_decode/decoder_meth.c
index 2f2f401b8c..6baf5836e8 100644
--- a/crypto/encode_decode/decoder_meth.c
+++ b/crypto/encode_decode/decoder_meth.c
@@ -473,19 +473,21 @@ void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx,
&data);
}
-void OSSL_DECODER_names_do_all(const OSSL_DECODER *decoder,
- void (*fn)(const char *name, void *data),
- void *data)
+int OSSL_DECODER_names_do_all(const OSSL_DECODER *decoder,
+ void (*fn)(const char *name, void *data),
+ void *data)
{
if (decoder == NULL)
- return;
+ return 0;
if (decoder->base.prov != NULL) {
OSSL_LIB_CTX *libctx = ossl_provider_libctx(decoder->base.prov);
OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
- ossl_namemap_doall_names(namemap, decoder->base.id, fn, data);
+ return ossl_namemap_doall_names(namemap, decoder->base.id, fn, data);
}
+
+ return 1;
}
const OSSL_PARAM *
diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c
index ca9c507582..0fff6823bd 100644
--- a/crypto/encode_decode/decoder_pkey.c
+++ b/crypto/encode_decode/decoder_pkey.c
@@ -302,8 +302,12 @@ int ossl_decoder_ctx_setup_for_pkey(OSSL_DECODER_CTX *ctx,
* If the key type is given by the caller, we only use the matching
* KEYMGMTs, otherwise we use them all.
*/
- if (keytype == NULL || EVP_KEYMGMT_is_a(keymgmt, keytype))
- EVP_KEYMGMT_names_do_all(keymgmt, collect_name, names);
+ if (keytype == NULL || EVP_KEYMGMT_is_a(keymgmt, keytype)) {
+ if (!EVP_KEYMGMT_names_do_all(keymgmt, collect_name, names)) {
+ ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
EVP_KEYMGMT_free(keymgmt);
}
diff --git a/crypto/encode_decode/encoder_meth.c b/crypto/encode_decode/encoder_meth.c
index f1a6e89b83..191ca8640f 100644
--- a/crypto/encode_decode/encoder_meth.c
+++ b/crypto/encode_decode/encoder_meth.c
@@ -490,19 +490,21 @@ void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx,
encoder_do_one, NULL, &data);
}
-void OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder,
- void (*fn)(const char *name, void *data),
- void *data)
+int OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder,
+ void (*fn)(const char *name, void *data),
+ void *data)
{
if (encoder == NULL)
- return;
+ return 0;
if (encoder->base.prov != NULL) {
OSSL_LIB_CTX *libctx = ossl_provider_libctx(encoder->base.prov);
OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
- ossl_namemap_doall_names(namemap, encoder->base.id, fn, data);
+ return ossl_namemap_doall_names(namemap, encoder->base.id, fn, data);
}
+
+ return 1;
}
const OSSL_PARAM *
diff --git a/crypto/evp/asymcipher.c b/crypto/evp/asymcipher.c
index 6ff49a0526..f096c19345 100644
--- a/crypto/evp/asymcipher.c
+++ b/crypto/evp/asymcipher.c
@@ -434,12 +434,14 @@ void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx,
}
-void EVP_ASYM_CIPHER_names_do_all(const EVP_ASYM_CIPHER *cipher,
- void (*fn)(const char *name, void *data),
- void *data)
+int EVP_ASYM_CIPHER_names_do_all(const EVP_ASYM_CIPHER *cipher,
+ void (*fn)(const char *name, void *data),
+ void *data)
{
if (cipher->prov != NULL)
- evp_names_do_all(cipher->prov, cipher->name_id, fn, data);
+ return evp_names_do_all(cipher->prov, cipher->name_id, fn, data);
+
+ return 1;
}
const OSSL_PARAM *EVP_ASYM_CIPHER_gettable_ctx_params(const EVP_ASYM_CIPHER *cip)
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 7346169be6..e322654241 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -881,8 +881,8 @@ static void *evp_md_from_dispatch(int name_id,
#ifndef FIPS_MODULE
/* TODO(3.x) get rid of the need for legacy NIDs */
md->type = NID_undef;
- evp_names_do_all(prov, name_id, set_legacy_nid, &md->type);
- if (md->type == -1) {
+ if (!evp_names_do_all(prov, name_id, set_legacy_nid, &md->type)
+ || md->type == -1) {
ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
EVP_MD_free(md);
return NULL;
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index b6aa36c5c2..ebb876a8dc 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -1395,8 +1395,8 @@ static void *evp_cipher_from_dispatch(const int name_id,
#ifndef FIPS_MODULE
/* TODO(3.x) get rid of the need for legacy NIDs */
cipher->nid = NID_undef;
- evp_names_do_all(prov, name_id, set_legacy_nid, &cipher->nid);
- if (cipher->nid == -1) {
+ if (!evp_names_do_all(prov, name_id, set_legacy_nid, &cipher->nid)
+ || cipher->nid == -1) {
ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
EVP_CIPHER_free(cipher);
return NULL;
diff --git a/crypto/evp/evp_fetch.c b/crypto/evp/evp_fetch.c
index 2f0d0e15b0..589c15fb1e 100644
--- a/crypto/evp/evp_fetch.c
+++ b/crypto/evp/evp_fetch.c
@@ -530,12 +530,12 @@ int evp_is_a(OSSL_PROVIDER *prov, int number,
return ossl_namemap_name2num(namemap, name) == number;
}
-void evp_names_do_all(OSSL_PROVIDER *prov, int number,
- void (*fn)(const char *name, void *data),
- void *data)
+int evp_names_do_all(OSSL_PROVIDER *prov, int number,
+