X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fevp%2Fbio_ok.c;h=7f99f325482ce5031df741b78a58f3ffd5fb7f9d;hp=b097a4d57b6b6100f4fa794d78503a88dbe59da0;hb=7eeceeaab24aea16027cdc1f9df92366094893b7;hpb=0f113f3ee4d629ef9a4a30911b22b224772085e5 diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c index b097a4d57b..7f99f32548 100644 --- a/crypto/evp/bio_ok.c +++ b/crypto/evp/bio_ok.c @@ -1,63 +1,14 @@ -/* crypto/evp/bio_ok.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ /*- - From: Arne Ansper + From: Arne Ansper Why BIO_f_reliable? @@ -87,9 +38,9 @@ of memory. BIO_f_reliable splits data stream into blocks. Each block is prefixed - with it's length and suffixed with it's digest. So you need only + with its length and suffixed with its digest. So you need only several Kbytes of memory to buffer single block before verifying - it's digest. + its digest. BIO_f_reliable goes further and adds several important capabilities: @@ -120,18 +71,19 @@ #include #include #include -#include "cryptlib.h" +#include "internal/cryptlib.h" #include -#include +#include "internal/bio.h" #include #include +#include "internal/evp_int.h" static int ok_write(BIO *h, const char *buf, int num); static int ok_read(BIO *h, char *buf, int size); static long ok_ctrl(BIO *h, int cmd, long arg1, void *arg2); static int ok_new(BIO *h); static int ok_free(BIO *data); -static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); +static long ok_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); static __owur int sig_out(BIO *b); static __owur int sig_in(BIO *b); @@ -149,15 +101,20 @@ typedef struct ok_struct { size_t buf_off_save; int cont; /* <= 0 when finished */ int finished; - EVP_MD_CTX md; + EVP_MD_CTX *md; int blockout; /* output block is ready */ int sigio; /* must process signature */ unsigned char buf[IOBS]; } BIO_OK_CTX; -static BIO_METHOD methods_ok = { - BIO_TYPE_CIPHER, "reliable", +static const BIO_METHOD methods_ok = { + BIO_TYPE_CIPHER, + "reliable", + /* TODO: Convert to new style write function */ + bwrite_conv, ok_write, + /* TODO: Convert to new style read function */ + bread_conv, ok_read, NULL, /* ok_puts, */ NULL, /* ok_gets, */ @@ -167,60 +124,64 @@ static BIO_METHOD methods_ok = { ok_callback_ctrl, }; -BIO_METHOD *BIO_f_reliable(void) +const BIO_METHOD *BIO_f_reliable(void) { - return (&methods_ok); + return &methods_ok; } static int ok_new(BIO *bi) { BIO_OK_CTX *ctx; - ctx = (BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX)); - if (ctx == NULL) - return (0); + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { + EVPerr(EVP_F_OK_NEW, ERR_R_MALLOC_FAILURE); + return 0; + } - ctx->buf_len = 0; - ctx->buf_off = 0; - ctx->buf_len_save = 0; - ctx->buf_off_save = 0; ctx->cont = 1; - ctx->finished = 0; - ctx->blockout = 0; ctx->sigio = 1; + ctx->md = EVP_MD_CTX_new(); + if (ctx->md == NULL) { + OPENSSL_free(ctx); + return 0; + } + BIO_set_init(bi, 0); + BIO_set_data(bi, ctx); - EVP_MD_CTX_init(&ctx->md); - - bi->init = 0; - bi->ptr = (char *)ctx; - bi->flags = 0; - return (1); + return 1; } static int ok_free(BIO *a) { + BIO_OK_CTX *ctx; + if (a == NULL) - return (0); - EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md); - OPENSSL_cleanse(a->ptr, sizeof(BIO_OK_CTX)); - OPENSSL_free(a->ptr); - a->ptr = NULL; - a->init = 0; - a->flags = 0; - return (1); + return 0; + + ctx = BIO_get_data(a); + + EVP_MD_CTX_free(ctx->md); + OPENSSL_clear_free(ctx, sizeof(BIO_OK_CTX)); + BIO_set_data(a, NULL); + BIO_set_init(a, 0); + + return 1; } static int ok_read(BIO *b, char *out, int outl) { int ret = 0, i, n; BIO_OK_CTX *ctx; + BIO *next; if (out == NULL) - return (0); - ctx = (BIO_OK_CTX *)b->ptr; + return 0; + + ctx = BIO_get_data(b); + next = BIO_next(b); - if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) - return (0); + if ((ctx == NULL) || (next == NULL) || (BIO_get_init(b) == 0)) + return 0; while (outl > 0) { @@ -259,7 +220,7 @@ static int ok_read(BIO *b, char *out, int outl) /* no clean bytes in buffer -- fill it */ n = IOBS - ctx->buf_len; - i = BIO_read(b->next_bio, &(ctx->buf[ctx->buf_len]), n); + i = BIO_read(next, &(ctx->buf[ctx->buf_len]), n); if (i <= 0) break; /* nothing new */ @@ -290,22 +251,24 @@ static int ok_read(BIO *b, char *out, int outl) BIO_clear_retry_flags(b); BIO_copy_next_retry(b); - return (ret); + return ret; } static int ok_write(BIO *b, const char *in, int inl) { int ret = 0, n, i; BIO_OK_CTX *ctx; + BIO *next; if (inl <= 0) return inl; - ctx = (BIO_OK_CTX *)b->ptr; + ctx = BIO_get_data(b); + next = BIO_next(b); ret = inl; - if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) - return (0); + if ((ctx == NULL) || (next == NULL) || (BIO_get_init(b) == 0)) + return 0; if (ctx->sigio && !sig_out(b)) return 0; @@ -314,12 +277,12 @@ static int ok_write(BIO *b, const char *in, int inl) BIO_clear_retry_flags(b); n = ctx->buf_len - ctx->buf_off; while (ctx->blockout && n > 0) { - i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n); + i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n); if (i <= 0) { BIO_copy_next_retry(b); if (!BIO_should_retry(b)) ctx->cont = 0; - return (i); + return i; } ctx->buf_off += i; n -= i; @@ -333,13 +296,12 @@ static int ok_write(BIO *b, const char *in, int inl) } if ((in == NULL) || (inl <= 0)) - return (0); + return 0; n = (inl + ctx->buf_len > OK_BLOCK_SIZE + OK_BLOCK_BLOCK) ? (int)(OK_BLOCK_SIZE + OK_BLOCK_BLOCK - ctx->buf_len) : inl; - memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])), - (unsigned char *)in, n); + memcpy(&ctx->buf[ctx->buf_len], in, n); ctx->buf_len += n; inl -= n; in += n; @@ -354,7 +316,7 @@ static int ok_write(BIO *b, const char *in, int inl) BIO_clear_retry_flags(b); BIO_copy_next_retry(b); - return (ret); + return ret; } static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) @@ -364,8 +326,10 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) const EVP_MD **ppmd; long ret = 1; int i; + BIO *next; - ctx = b->ptr; + ctx = BIO_get_data(b); + next = BIO_next(b); switch (cmd) { case BIO_CTRL_RESET: @@ -377,19 +341,19 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) ctx->finished = 0; ctx->blockout = 0; ctx->sigio = 1; - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); + ret = BIO_ctrl(next, cmd, num, ptr); break; case BIO_CTRL_EOF: /* More to read */ if (ctx->cont <= 0) ret = 1; else - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); + ret = BIO_ctrl(next, cmd, num, ptr); break; case BIO_CTRL_PENDING: /* More to read in buffer */ case BIO_CTRL_WPENDING: /* More to read in buffer */ ret = ctx->blockout ? ctx->buf_len - ctx->buf_off : 0; if (ret <= 0) - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); + ret = BIO_ctrl(next, cmd, num, ptr); break; case BIO_CTRL_FLUSH: /* do a final write */ @@ -410,11 +374,11 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) ctx->cont = (int)ret; /* Finally flush the underlying BIO */ - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); + ret = BIO_ctrl(next, cmd, num, ptr); break; case BIO_C_DO_STATE_MACHINE: BIO_clear_retry_flags(b); - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); + ret = BIO_ctrl(next, cmd, num, ptr); BIO_copy_next_retry(b); break; case BIO_CTRL_INFO: @@ -422,36 +386,41 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) break; case BIO_C_SET_MD: md = ptr; - if (!EVP_DigestInit_ex(&ctx->md, md, NULL)) + if (!EVP_DigestInit_ex(ctx->md, md, NULL)) return 0; - b->init = 1; + BIO_set_init(b, 1); break; case BIO_C_GET_MD: - if (b->init) { + if (BIO_get_init(b)) { ppmd = ptr; - *ppmd = ctx->md.digest; + *ppmd = EVP_MD_CTX_md(ctx->md); } else ret = 0; break; default: - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); + ret = BIO_ctrl(next, cmd, num, ptr); break; } - return (ret); + return ret; } -static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) +static long ok_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) { long ret = 1; + BIO *next; + + next = BIO_next(b); + + if (next == NULL) + return 0; - if (b->next_bio == NULL) - return (0); switch (cmd) { default: - ret = BIO_callback_ctrl(b->next_bio, cmd, fp); + ret = BIO_callback_ctrl(next, cmd, fp); break; } - return (ret); + + return ret; } static void longswap(void *_ptr, size_t len) @@ -478,29 +447,36 @@ static int sig_out(BIO *b) { BIO_OK_CTX *ctx; EVP_MD_CTX *md; + const EVP_MD *digest; + int md_size; + void *md_data; - ctx = b->ptr; - md = &ctx->md; + ctx = BIO_get_data(b); + md = ctx->md; + digest = EVP_MD_CTX_md(md); + md_size = EVP_MD_size(digest); + md_data = EVP_MD_CTX_md_data(md); - if (ctx->buf_len + 2 * md->digest->md_size > OK_BLOCK_SIZE) + if (ctx->buf_len + 2 * md_size > OK_BLOCK_SIZE) return 1; - if (!EVP_DigestInit_ex(md, md->digest, NULL)) + if (!EVP_DigestInit_ex(md, digest, NULL)) goto berr; /* * FIXME: there's absolutely no guarantee this makes any sense at all, * particularly now EVP_MD_CTX has been restructured. */ - RAND_pseudo_bytes(md->md_data, md->digest->md_size); - memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size); - longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size); - ctx->buf_len += md->digest->md_size; + if (RAND_bytes(md_data, md_size) <= 0) + goto berr; + memcpy(&(ctx->buf[ctx->buf_len]), md_data, md_size); + longswap(&(ctx->buf[ctx->buf_len]), md_size); + ctx->buf_len += md_size; if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN))) goto berr; if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL)) goto berr; - ctx->buf_len += md->digest->md_size; + ctx->buf_len += md_size; ctx->blockout = 1; ctx->sigio = 0; return 1; @@ -515,25 +491,31 @@ static int sig_in(BIO *b) EVP_MD_CTX *md; unsigned char tmp[EVP_MAX_MD_SIZE]; int ret = 0; + const EVP_MD *digest; + int md_size; + void *md_data; - ctx = b->ptr; - md = &ctx->md; + ctx = BIO_get_data(b); + md = ctx->md; + digest = EVP_MD_CTX_md(md); + md_size = EVP_MD_size(digest); + md_data = EVP_MD_CTX_md_data(md); - if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md->digest->md_size) + if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md_size) return 1; - if (!EVP_DigestInit_ex(md, md->digest, NULL)) + if (!EVP_DigestInit_ex(md, digest, NULL)) goto berr; - memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size); - longswap(md->md_data, md->digest->md_size); - ctx->buf_off += md->digest->md_size; + memcpy(md_data, &(ctx->buf[ctx->buf_off]), md_size); + longswap(md_data, md_size); + ctx->buf_off += md_size; if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN))) goto berr; if (!EVP_DigestFinal_ex(md, tmp, NULL)) goto berr; - ret = memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0; - ctx->buf_off += md->digest->md_size; + ret = memcmp(&(ctx->buf[ctx->buf_off]), tmp, md_size) == 0; + ctx->buf_off += md_size; if (ret == 1) { ctx->sigio = 0; if (ctx->buf_len != ctx->buf_off) { @@ -556,9 +538,13 @@ static int block_out(BIO *b) BIO_OK_CTX *ctx; EVP_MD_CTX *md; unsigned long tl; + const EVP_MD *digest; + int md_size; - ctx = b->ptr; - md = &ctx->md; + ctx = BIO_get_data(b); + md = ctx->md; + digest = EVP_MD_CTX_md(md); + md_size = EVP_MD_size(digest); tl = ctx->buf_len - OK_BLOCK_BLOCK; ctx->buf[0] = (unsigned char)(tl >> 24); @@ -570,7 +556,7 @@ static int block_out(BIO *b) goto berr; if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL)) goto berr; - ctx->buf_len += md->digest->md_size; + ctx->buf_len += md_size; ctx->blockout = 1; return 1; berr: @@ -584,9 +570,11 @@ static int block_in(BIO *b) EVP_MD_CTX *md; unsigned long tl = 0; unsigned char tmp[EVP_MAX_MD_SIZE]; + int md_size; - ctx = b->ptr; - md = &ctx->md; + ctx = BIO_get_data(b); + md = ctx->md; + md_size = EVP_MD_size(EVP_MD_CTX_md(md)); assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */ tl = ctx->buf[0]; @@ -597,7 +585,7 @@ static int block_in(BIO *b) tl <<= 8; tl |= ctx->buf[3]; - if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md->digest->md_size) + if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md_size) return 1; if (!EVP_DigestUpdate(md, @@ -605,10 +593,9 @@ static int block_in(BIO *b) goto berr; if (!EVP_DigestFinal_ex(md, tmp, NULL)) goto berr; - if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == - 0) { + if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md_size) == 0) { /* there might be parts from next block lurking around ! */ - ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md->digest->md_size; + ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md_size; ctx->buf_len_save = ctx->buf_len; ctx->buf_off = OK_BLOCK_BLOCK; ctx->buf_len = tl + OK_BLOCK_BLOCK;