2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/core_names.h>
11 #include <openssl/bio.h>
12 #include <openssl/encoder.h>
13 #include <openssl/buffer.h>
14 #include <openssl/params.h>
15 #include <openssl/provider.h>
16 #include <openssl/trace.h>
17 #include "internal/bio.h"
18 #include "internal/provider.h"
19 #include "encoder_local.h"
21 struct encoder_process_data_st {
22 OSSL_ENCODER_CTX *ctx;
27 /* Index of the current encoder instance to be processed */
28 int current_encoder_inst_index;
30 /* Processing data passed down through recursion */
31 int level; /* Recursion level */
32 OSSL_ENCODER_INSTANCE *next_encoder_inst;
33 int count_output_structure;
35 /* Processing data passed up through recursion */
36 OSSL_ENCODER_INSTANCE *prev_encoder_inst;
37 unsigned char *running_output;
38 size_t running_output_length;
39 /* Data type = the name of the first succeeding encoder implementation */
40 const char *data_type;
43 static int encoder_process(struct encoder_process_data_st *data);
45 int OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out)
47 struct encoder_process_data_st data;
49 memset(&data, 0, sizeof(data));
52 data.current_encoder_inst_index = OSSL_ENCODER_CTX_get_num_encoders(ctx);
54 if (data.current_encoder_inst_index == 0) {
55 ERR_raise_data(ERR_LIB_OSSL_ENCODER, OSSL_ENCODER_R_ENCODER_NOT_FOUND,
56 "No encoders were found. For standard encoders you need "
57 "at least one of the default or base providers "
58 "available. Did you forget to load them?");
62 return encoder_process(&data) > 0;
65 #ifndef OPENSSL_NO_STDIO
66 static BIO *bio_from_file(FILE *fp)
70 if ((b = BIO_new(BIO_s_file())) == NULL) {
71 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_BUF_LIB);
74 BIO_set_fp(b, fp, BIO_NOCLOSE);
78 int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp)
80 BIO *b = bio_from_file(fp);
84 ret = OSSL_ENCODER_to_bio(ctx, b);
91 int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata,
98 if (pdata_len == NULL) {
99 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
103 out = BIO_new(BIO_s_mem());
106 && OSSL_ENCODER_to_bio(ctx, out)
107 && BIO_get_mem_ptr(out, &buf) > 0) {
108 ret = 1; /* Hope for the best. A too small buffer will clear this */
110 if (pdata != NULL && *pdata != NULL) {
111 if (*pdata_len < buf->length)
113 * It's tempting to do |*pdata_len = (size_t)buf->length|
114 * However, it's believed to be confusing more than helpful,
119 *pdata_len -= buf->length;
121 /* The buffer with the right size is already allocated for us */
122 *pdata_len = (size_t)buf->length;
127 if (*pdata != NULL) {
128 memcpy(*pdata, buf->data, buf->length);
129 *pdata += buf->length;
131 /* In this case, we steal the data from BIO_s_mem() */
132 *pdata = (unsigned char *)buf->data;
142 int OSSL_ENCODER_CTX_set_selection(OSSL_ENCODER_CTX *ctx, int selection)
144 if (!ossl_assert(ctx != NULL)) {
145 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
149 if (!ossl_assert(selection != 0)) {
150 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_INVALID_ARGUMENT);
154 ctx->selection = selection;
158 int OSSL_ENCODER_CTX_set_output_type(OSSL_ENCODER_CTX *ctx,
159 const char *output_type)
161 if (!ossl_assert(ctx != NULL) || !ossl_assert(output_type != NULL)) {
162 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
166 ctx->output_type = output_type;
170 int OSSL_ENCODER_CTX_set_output_structure(OSSL_ENCODER_CTX *ctx,
171 const char *output_structure)
173 if (!ossl_assert(ctx != NULL) || !ossl_assert(output_structure != NULL)) {
174 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
178 ctx->output_structure = output_structure;
182 static OSSL_ENCODER_INSTANCE *ossl_encoder_instance_new(OSSL_ENCODER *encoder,
185 OSSL_ENCODER_INSTANCE *encoder_inst = NULL;
186 const OSSL_PROVIDER *prov;
187 OSSL_LIB_CTX *libctx;
188 const OSSL_PROPERTY_LIST *props;
189 const OSSL_PROPERTY_DEFINITION *prop;
191 if (!ossl_assert(encoder != NULL)) {
192 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
196 if ((encoder_inst = OPENSSL_zalloc(sizeof(*encoder_inst))) == NULL) {
197 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE);
201 if (!OSSL_ENCODER_up_ref(encoder)) {
202 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_INTERNAL_ERROR);
206 prov = OSSL_ENCODER_get0_provider(encoder);
207 libctx = ossl_provider_libctx(prov);
208 props = ossl_encoder_parsed_properties(encoder);
210 ERR_raise_data(ERR_LIB_OSSL_DECODER, ERR_R_INVALID_PROPERTY_DEFINITION,
211 "there are no property definitions with encoder %s",
212 OSSL_ENCODER_get0_name(encoder));
216 /* The "output" property is mandatory */
217 prop = ossl_property_find_property(props, libctx, "output");
218 encoder_inst->output_type = ossl_property_get_string_value(libctx, prop);
219 if (encoder_inst->output_type == NULL) {
220 ERR_raise_data(ERR_LIB_OSSL_DECODER, ERR_R_INVALID_PROPERTY_DEFINITION,
221 "the mandatory 'output' property is missing "
222 "for encoder %s (properties: %s)",
223 OSSL_ENCODER_get0_name(encoder),
224 OSSL_ENCODER_get0_properties(encoder));
228 /* The "structure" property is optional */
229 prop = ossl_property_find_property(props, libctx, "structure");
231 encoder_inst->output_structure
232 = ossl_property_get_string_value(libctx, prop);
234 encoder_inst->encoder = encoder;
235 encoder_inst->encoderctx = encoderctx;
238 ossl_encoder_instance_free(encoder_inst);
242 void ossl_encoder_instance_free(OSSL_ENCODER_INSTANCE *encoder_inst)
244 if (encoder_inst != NULL) {
245 if (encoder_inst->encoder != NULL)
246 encoder_inst->encoder->freectx(encoder_inst->encoderctx);
247 encoder_inst->encoderctx = NULL;
248 OSSL_ENCODER_free(encoder_inst->encoder);
249 encoder_inst->encoder = NULL;
250 OPENSSL_free(encoder_inst);
254 static int ossl_encoder_ctx_add_encoder_inst(OSSL_ENCODER_CTX *ctx,
255 OSSL_ENCODER_INSTANCE *ei)
259 if (ctx->encoder_insts == NULL
260 && (ctx->encoder_insts =
261 sk_OSSL_ENCODER_INSTANCE_new_null()) == NULL) {
262 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE);
266 ok = (sk_OSSL_ENCODER_INSTANCE_push(ctx->encoder_insts, ei) > 0);
268 OSSL_TRACE_BEGIN(ENCODER) {
270 "(ctx %p) Added encoder instance %p (encoder %p):\n"
272 (void *)ctx, (void *)ei, (void *)ei->encoder,
273 OSSL_ENCODER_get0_name(ei->encoder),
274 OSSL_ENCODER_get0_properties(ei->encoder));
275 } OSSL_TRACE_END(ENCODER);
280 int OSSL_ENCODER_CTX_add_encoder(OSSL_ENCODER_CTX *ctx, OSSL_ENCODER *encoder)
282 OSSL_ENCODER_INSTANCE *encoder_inst = NULL;
283 const OSSL_PROVIDER *prov = NULL;
284 void *encoderctx = NULL;
285 void *provctx = NULL;
287 if (!ossl_assert(ctx != NULL) || !ossl_assert(encoder != NULL)) {
288 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
292 prov = OSSL_ENCODER_get0_provider(encoder);
293 provctx = OSSL_PROVIDER_get0_provider_ctx(prov);
295 if ((encoderctx = encoder->newctx(provctx)) == NULL
297 ossl_encoder_instance_new(encoder, encoderctx)) == NULL)
299 /* Avoid double free of encoderctx on further errors */
302 if (!ossl_encoder_ctx_add_encoder_inst(ctx, encoder_inst))
307 ossl_encoder_instance_free(encoder_inst);
308 if (encoderctx != NULL)
309 encoder->freectx(encoderctx);
313 int OSSL_ENCODER_CTX_add_extra(OSSL_ENCODER_CTX *ctx,
314 OSSL_LIB_CTX *libctx, const char *propq)
319 int OSSL_ENCODER_CTX_get_num_encoders(OSSL_ENCODER_CTX *ctx)
321 if (ctx == NULL || ctx->encoder_insts == NULL)
323 return sk_OSSL_ENCODER_INSTANCE_num(ctx->encoder_insts);
326 int OSSL_ENCODER_CTX_set_construct(OSSL_ENCODER_CTX *ctx,
327 OSSL_ENCODER_CONSTRUCT *construct)
329 if (!ossl_assert(ctx != NULL)) {
330 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
333 ctx->construct = construct;
337 int OSSL_ENCODER_CTX_set_construct_data(OSSL_ENCODER_CTX *ctx,
338 void *construct_data)
340 if (!ossl_assert(ctx != NULL)) {
341 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
344 ctx->construct_data = construct_data;
348 int OSSL_ENCODER_CTX_set_cleanup(OSSL_ENCODER_CTX *ctx,
349 OSSL_ENCODER_CLEANUP *cleanup)
351 if (!ossl_assert(ctx != NULL)) {
352 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
355 ctx->cleanup = cleanup;
360 OSSL_ENCODER_INSTANCE_get_encoder(OSSL_ENCODER_INSTANCE *encoder_inst)
362 if (encoder_inst == NULL)
364 return encoder_inst->encoder;
368 OSSL_ENCODER_INSTANCE_get_encoder_ctx(OSSL_ENCODER_INSTANCE *encoder_inst)
370 if (encoder_inst == NULL)
372 return encoder_inst->encoderctx;
376 OSSL_ENCODER_INSTANCE_get_output_type(OSSL_ENCODER_INSTANCE *encoder_inst)
378 if (encoder_inst == NULL)
380 return encoder_inst->output_type;
384 OSSL_ENCODER_INSTANCE_get_output_structure(OSSL_ENCODER_INSTANCE *encoder_inst)
386 if (encoder_inst == NULL)
388 return encoder_inst->output_structure;
391 static int encoder_process(struct encoder_process_data_st *data)
393 OSSL_ENCODER_INSTANCE *current_encoder_inst = NULL;
394 OSSL_ENCODER *current_encoder = NULL;
395 OSSL_ENCODER_CTX *current_encoder_ctx = NULL;
396 BIO *allocated_out = NULL;
397 const void *original_data = NULL;
398 OSSL_PARAM abstract[10];
399 const OSSL_PARAM *current_abstract = NULL;
401 int ok = -1; /* -1 signifies that the lookup loop gave nothing */
404 if (data->next_encoder_inst == NULL) {
405 /* First iteration, where we prepare for what is to come */
407 data->count_output_structure =
408 data->ctx->output_structure == NULL ? -1 : 0;
412 for (i = data->current_encoder_inst_index; i-- > 0;) {
413 OSSL_ENCODER *next_encoder = NULL;
414 const char *current_output_type;
415 const char *current_output_structure;
416 struct encoder_process_data_st new_data;
420 OSSL_ENCODER_INSTANCE_get_encoder(data->next_encoder_inst);
422 current_encoder_inst =
423 sk_OSSL_ENCODER_INSTANCE_value(data->ctx->encoder_insts, i);
425 OSSL_ENCODER_INSTANCE_get_encoder(current_encoder_inst);
426 current_encoder_ctx =
427 OSSL_ENCODER_INSTANCE_get_encoder_ctx(current_encoder_inst);
428 current_output_type =
429 OSSL_ENCODER_INSTANCE_get_output_type(current_encoder_inst);
430 current_output_structure =
431 OSSL_ENCODER_INSTANCE_get_output_structure(current_encoder_inst);
432 memset(&new_data, 0, sizeof(new_data));
433 new_data.ctx = data->ctx;
434 new_data.current_encoder_inst_index = i;
435 new_data.next_encoder_inst = current_encoder_inst;
436 new_data.count_output_structure = data->count_output_structure;
437 new_data.level = data->level + 1;
439 OSSL_TRACE_BEGIN(ENCODER) {
441 "[%d] (ctx %p) Considering encoder instance %p (encoder %p)\n",
442 data->level, (void *)data->ctx,
443 (void *)current_encoder_inst, (void *)current_encoder);
444 } OSSL_TRACE_END(ENCODER);
447 * If this is the top call, we check if the output type of the current
448 * encoder matches the desired output type.
449 * If this isn't the top call, i.e. this is deeper in the recursion,
450 * we instead check if the output type of the current encoder matches
451 * the name of the next encoder (the one found by the parent call).
454 if (data->ctx->output_type != NULL
455 && OPENSSL_strcasecmp(current_output_type,
456 data->ctx->output_type) != 0) {
457 OSSL_TRACE_BEGIN(ENCODER) {
459 "[%d] Skipping because current encoder output type (%s) != desired output type (%s)\n",
461 current_output_type, data->ctx->output_type);
462 } OSSL_TRACE_END(ENCODER);
466 if (!OSSL_ENCODER_is_a(next_encoder, current_output_type)) {
467 OSSL_TRACE_BEGIN(ENCODER) {
469 "[%d] Skipping because current encoder output type (%s) != name of encoder %p\n",
471 current_output_type, (void *)next_encoder);
472 } OSSL_TRACE_END(ENCODER);
478 * If the caller and the current encoder specify an output structure,
479 * Check if they match. If they do, count the match, otherwise skip
480 * the current encoder.
482 if (data->ctx->output_structure != NULL
483 && current_output_structure != NULL) {
484 if (OPENSSL_strcasecmp(data->ctx->output_structure,
485 current_output_structure) != 0) {
486 OSSL_TRACE_BEGIN(ENCODER) {
488 "[%d] Skipping because current encoder output structure (%s) != ctx output structure (%s)\n",
490 current_output_structure,
491 data->ctx->output_structure);
492 } OSSL_TRACE_END(ENCODER);
496 data->count_output_structure++;
500 * Recurse to process the encoder implementations before the current
503 ok = encoder_process(&new_data);
505 data->prev_encoder_inst = new_data.prev_encoder_inst;
506 data->running_output = new_data.running_output;
507 data->running_output_length = new_data.running_output_length;
510 * ok == -1 means that the recursion call above gave no further
511 * encoders, and that the one we're currently at should
513 * ok == 0 means that something failed in the recursion call
514 * above, making the result unsuitable for a chain.
515 * In this case, we simply continue to try finding a
516 * suitable encoder at this recursion level.
517 * ok == 1 means that the recursion call was successful, and we
518 * try to use the result at this recursion level.
523 OSSL_TRACE_BEGIN(ENCODER) {
525 "[%d] Skipping because recursion level %d failed\n",
526 data->level, new_data.level);
527 } OSSL_TRACE_END(ENCODER);
531 * If |i < 0|, we didn't find any useful encoder in this recursion, so
532 * we do the rest of the process only if |i >= 0|.
537 OSSL_TRACE_BEGIN(ENCODER) {
539 "[%d] (ctx %p) No suitable encoder found\n",
540 data->level, (void *)data->ctx);
541 } OSSL_TRACE_END(ENCODER);
550 * We have reached the beginning of the encoder instance sequence,
551 * so we prepare the object to be encoded.
555 * |data->count_output_structure| is one of these values:
557 * -1 There is no desired output structure
558 * 0 There is a desired output structure, and it wasn't
559 * matched by any of the encoder instances that were
561 * >0 There is a desired output structure, and at least one
562 * of the encoder instances matched it
564 if (data->count_output_structure == 0)
568 data->ctx->construct(current_encoder_inst,
569 data->ctx->construct_data);
571 /* Also set the data type, using the encoder implementation name */
572 data->data_type = OSSL_ENCODER_get0_name(current_encoder);
574 /* Assume that the constructor recorded an error */
575 if (original_data != NULL)
581 if (!ossl_assert(data->running_output != NULL)) {
582 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_INTERNAL_ERROR);
589 * Create an object abstraction from the latest output, which
590 * was stolen from the previous round.
593 OSSL_PARAM *abstract_p = abstract;
594 const char *prev_output_structure =
595 OSSL_ENCODER_INSTANCE_get_output_structure(data->prev_encoder_inst);
598 OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
599 (char *)data->data_type, 0);
600 if (prev_output_structure != NULL)
602 OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_STRUCTURE,
603 (char *)prev_output_structure,
606 OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA,
607 data->running_output,
608 data->running_output_length);
609 *abstract_p = OSSL_PARAM_construct_end();
610 current_abstract = abstract;
615 /* Calling the encoder implementation */
618 OSSL_CORE_BIO *cbio = NULL;
619 BIO *current_out = NULL;
622 * If we're at the last encoder instance to use, we're setting up
623 * final output. Otherwise, set up an intermediary memory output.
626 current_out = data->bio;
627 else if ((current_out = allocated_out = BIO_new(BIO_s_mem()))
629 ok = 0; /* Assume BIO_new() recorded an error */
632 ok = (cbio = ossl_core_bio_new_from_bio(current_out)) != NULL;
634 ok = current_encoder->encode(current_encoder_ctx, cbio,
635 original_data, current_abstract,
636 data->ctx->selection,
637 ossl_pw_passphrase_callback_enc,
639 OSSL_TRACE_BEGIN(ENCODER) {
641 "[%d] (ctx %p) Running encoder instance %p => %d\n",
642 data->level, (void *)data->ctx,
643 (void *)current_encoder_inst, ok);
644 } OSSL_TRACE_END(ENCODER);
647 ossl_core_bio_free(cbio);
648 data->prev_encoder_inst = current_encoder_inst;
652 /* Cleanup and collecting the result */
654 OPENSSL_free(data->running_output);
655 data->running_output = NULL;
658 * Steal the output from the BIO_s_mem, if we did allocate one.
659 * That'll be the data for an object abstraction in the next round.
661 if (allocated_out != NULL) {
664 BIO_get_mem_ptr(allocated_out, &buf);
665 data->running_output = (unsigned char *)buf->data;
666 data->running_output_length = buf->length;
667 memset(buf, 0, sizeof(*buf));
670 BIO_free(allocated_out);
671 if (original_data != NULL)
672 data->ctx->cleanup(data->ctx->construct_data);