2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/core_names.h>
11 #include <openssl/bio.h>
12 #include <openssl/params.h>
13 #include <openssl/provider.h>
14 #include "internal/passphrase.h"
15 #include "encoder_local.h"
18 struct decoder_process_data_st {
19 OSSL_DECODER_CTX *ctx;
24 /* Index of the current decoder instance to be processed */
25 size_t current_deser_inst_index;
28 static int decoder_process(const OSSL_PARAM params[], void *arg);
30 int OSSL_DECODER_from_bio(OSSL_DECODER_CTX *ctx, BIO *in)
32 struct decoder_process_data_st data;
35 memset(&data, 0, sizeof(data));
39 /* Enable passphrase caching */
40 (void)ossl_pw_enable_passphrase_caching(&ctx->pwdata);
42 ok = decoder_process(NULL, &data);
44 /* Clear any internally cached passphrase */
45 (void)ossl_pw_clear_passphrase_cache(&ctx->pwdata);
50 #ifndef OPENSSL_NO_STDIO
51 static BIO *bio_from_file(FILE *fp)
55 if ((b = BIO_new(BIO_s_file())) == NULL) {
56 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_BIO_LIB);
59 BIO_set_fp(b, fp, BIO_NOCLOSE);
63 int OSSL_DECODER_from_fp(OSSL_DECODER_CTX *ctx, FILE *fp)
65 BIO *b = bio_from_file(fp);
69 ret = OSSL_DECODER_from_bio(ctx, b);
76 int OSSL_DECODER_CTX_set_input_type(OSSL_DECODER_CTX *ctx,
77 const char *input_type)
79 if (!ossl_assert(ctx != NULL)) {
80 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
85 * NULL is a valid starting input type, and means that the caller leaves
86 * it to code to discover what the starting input type is.
88 ctx->start_input_type = input_type;
92 int OSSL_DECODER_CTX_add_decoder(OSSL_DECODER_CTX *ctx, OSSL_DECODER *decoder)
94 OSSL_DECODER_INSTANCE *decoder_inst = NULL;
95 const OSSL_PROVIDER *prov = NULL;
99 if (!ossl_assert(ctx != NULL) || !ossl_assert(decoder != NULL)) {
100 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
104 if (decoder->get_params == NULL) {
105 ERR_raise(ERR_LIB_OSSL_DECODER,
106 OSSL_DECODER_R_MISSING_GET_PARAMS);
110 if (ctx->decoder_insts == NULL
111 && (ctx->decoder_insts =
112 sk_OSSL_DECODER_INSTANCE_new_null()) == NULL) {
113 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
116 if ((decoder_inst = OPENSSL_zalloc(sizeof(*decoder_inst))) == NULL) {
117 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
120 if (!OSSL_DECODER_up_ref(decoder)) {
121 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_INTERNAL_ERROR);
124 decoder_inst->decoder = decoder;
126 prov = OSSL_DECODER_provider(decoder_inst->decoder);
127 provctx = OSSL_PROVIDER_get0_provider_ctx(prov);
129 /* Cache the input type for this encoder */
131 OSSL_PARAM_construct_utf8_ptr(OSSL_DECODER_PARAM_INPUT_TYPE,
132 (char **)&decoder_inst->input_type, 0);
133 params[1] = OSSL_PARAM_construct_end();
135 if (!decoder_inst->decoder->get_params(params)
136 || !OSSL_PARAM_modified(¶ms[0]))
139 if ((decoder_inst->deserctx = decoder_inst->decoder->newctx(provctx))
143 if (sk_OSSL_DECODER_INSTANCE_push(ctx->decoder_insts, decoder_inst) <= 0)
148 if (decoder_inst != NULL) {
149 if (decoder_inst->decoder != NULL)
150 decoder_inst->decoder->freectx(decoder_inst->deserctx);
151 OSSL_DECODER_free(decoder_inst->decoder);
152 OPENSSL_free(decoder_inst);
157 int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX *ctx,
158 OPENSSL_CTX *libctx, const char *propq)
161 * This function goes through existing decoder methods in
162 * |ctx->decoder_insts|, and tries to fetch new decoders that produce
163 * what the existing ones want as input, and push those newly fetched
164 * decoders on top of the same stack.
165 * Then it does the same again, but looping over the newly fetched
166 * decoders, until there are no more encoders to be fetched, or
167 * when we have done this 10 times.
169 * we do this with sliding windows on the stack by keeping track of indexes
173 * | DER to RSA | <--- w_prev_start
179 * | PEM to DER | <--- w_prev_end, w_new_start
183 size_t w_prev_start, w_prev_end; /* "previous" decoders */
184 size_t w_new_start, w_new_end; /* "new" decoders */
185 size_t count = 0; /* Calculates how many were added in each iteration */
186 size_t depth = 0; /* Counts the number of iterations */
188 if (!ossl_assert(ctx != NULL)) {
189 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
194 * If there is no stack of OSSL_DECODER_INSTANCE, we have nothing
195 * more to add. That's fine.
197 if (ctx->decoder_insts == NULL)
201 w_prev_end = sk_OSSL_DECODER_INSTANCE_num(ctx->decoder_insts);
205 w_new_start = w_new_end = w_prev_end;
207 for (i = w_prev_start; i < w_prev_end; i++) {
208 OSSL_DECODER_INSTANCE *decoder_inst =
209 sk_OSSL_DECODER_INSTANCE_value(ctx->decoder_insts, i);
210 const char *name = decoder_inst->input_type;
211 OSSL_DECODER *decoder = NULL;
214 * If the caller has specified what the initial input should be,
215 * and the decoder implementation we're looking at has that
216 * input type, there's no point adding on more implementations
217 * on top of this one, so we don't.
219 if (ctx->start_input_type != NULL
220 && strcasecmp(ctx->start_input_type,
221 decoder_inst->input_type) != 0)
225 decoder = OSSL_DECODER_fetch(libctx, name, propq);
228 if (decoder != NULL) {
232 * Check that we don't already have this decoder in our
233 * stack We only need to check among the newly added ones.
235 for (j = w_new_start; j < w_new_end; j++) {
236 OSSL_DECODER_INSTANCE *check_inst =
237 sk_OSSL_DECODER_INSTANCE_value(ctx->decoder_insts, j);
239 if (decoder == check_inst->decoder) {
240 /* We found it, so drop the new fetch */
241 OSSL_DECODER_free(decoder);
252 * Apart from keeping w_new_end up to date, We don't care about
253 * errors here. If it doesn't collect, then it doesn't...
255 if (OSSL_DECODER_CTX_add_decoder(ctx, decoder)) /* ref++ */
257 OSSL_DECODER_free(decoder); /* ref-- */
259 /* How many were added in this iteration */
260 count = w_new_end - w_new_start;
262 /* Slide the "previous decoder" windows */
263 w_prev_start = w_new_start;
264 w_prev_end = w_new_end;
267 } while (count != 0 && depth <= 10);
272 int OSSL_DECODER_CTX_num_decoders(OSSL_DECODER_CTX *ctx)
274 if (ctx == NULL || ctx->decoder_insts == NULL)
276 return sk_OSSL_DECODER_INSTANCE_num(ctx->decoder_insts);
279 int OSSL_DECODER_CTX_set_construct(OSSL_DECODER_CTX *ctx,
280 OSSL_DECODER_CONSTRUCT *construct)
282 if (!ossl_assert(ctx != NULL)) {
283 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
286 ctx->construct = construct;
290 int OSSL_DECODER_CTX_set_construct_data(OSSL_DECODER_CTX *ctx,
291 void *construct_data)
293 if (!ossl_assert(ctx != NULL)) {
294 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
297 ctx->construct_data = construct_data;
301 int OSSL_DECODER_CTX_set_cleanup(OSSL_DECODER_CTX *ctx,
302 OSSL_DECODER_CLEANUP *cleanup)
304 if (!ossl_assert(ctx != NULL)) {
305 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
308 ctx->cleanup = cleanup;
312 OSSL_DECODER_CONSTRUCT *
313 OSSL_DECODER_CTX_get_construct(OSSL_DECODER_CTX *ctx)
317 return ctx->construct;
320 void *OSSL_DECODER_CTX_get_construct_data(OSSL_DECODER_CTX *ctx)
324 return ctx->construct_data;
327 OSSL_DECODER_CLEANUP *
328 OSSL_DECODER_CTX_get_cleanup(OSSL_DECODER_CTX *ctx)
335 int OSSL_DECODER_export(OSSL_DECODER_INSTANCE *decoder_inst,
336 void *reference, size_t reference_sz,
337 OSSL_CALLBACK *export_cb, void *export_cbarg)
339 if (!(ossl_assert(decoder_inst != NULL)
340 && ossl_assert(reference != NULL)
341 && ossl_assert(export_cb != NULL)
342 && ossl_assert(export_cbarg != NULL))) {
343 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
347 return decoder_inst->decoder->export_object(decoder_inst->deserctx,
348 reference, reference_sz,
349 export_cb, export_cbarg);
352 OSSL_DECODER *OSSL_DECODER_INSTANCE_decoder(OSSL_DECODER_INSTANCE *decoder_inst)
354 if (decoder_inst == NULL)
356 return decoder_inst->decoder;
359 void *OSSL_DECODER_INSTANCE_decoder_ctx(OSSL_DECODER_INSTANCE *decoder_inst)
361 if (decoder_inst == NULL)
363 return decoder_inst->deserctx;
366 static int decoder_process(const OSSL_PARAM params[], void *arg)
368 struct decoder_process_data_st *data = arg;
369 OSSL_DECODER_CTX *ctx = data->ctx;
370 OSSL_DECODER_INSTANCE *decoder_inst = NULL;
371 OSSL_DECODER *decoder = NULL;
372 BIO *bio = data->bio;
377 struct decoder_process_data_st new_data;
379 memset(&new_data, 0, sizeof(new_data));
380 new_data.ctx = data->ctx;
382 if (params == NULL) {
383 /* First iteration, where we prepare for what is to come */
385 data->current_deser_inst_index =
386 OSSL_DECODER_CTX_num_decoders(ctx);
393 sk_OSSL_DECODER_INSTANCE_value(ctx->decoder_insts,
394 data->current_deser_inst_index);
395 decoder = OSSL_DECODER_INSTANCE_decoder(decoder_inst);
397 if (ctx->construct != NULL
398 && ctx->construct(decoder_inst, params, ctx->construct_data)) {
403 /* The constructor didn't return success */
406 * so we try to use the object we got and feed it to any next
407 * decoder that will take it. Object references are not
409 * If this data isn't present, decoding has failed.
412 p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_DATA);
413 if (p == NULL || p->data_type != OSSL_PARAM_OCTET_STRING)
415 new_data.bio = BIO_new_mem_buf(p->data, (int)p->data_size);
416 if (new_data.bio == NULL)
422 * If we have no more decoders to look through at this point,
425 if (data->current_deser_inst_index == 0)
428 if ((loc = BIO_tell(bio)) < 0) {
429 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_BIO_LIB);
433 for (i = data->current_deser_inst_index; i-- > 0;) {
434 OSSL_DECODER_INSTANCE *new_deser_inst =
435 sk_OSSL_DECODER_INSTANCE_value(ctx->decoder_insts, i);
436 OSSL_DECODER *new_deser =
437 OSSL_DECODER_INSTANCE_decoder(new_deser_inst);
440 * If |decoder| is NULL, it means we've just started, and the caller
441 * may have specified what it expects the initial input to be. If
442 * that's the case, we do this extra check.
444 if (decoder == NULL && ctx->start_input_type != NULL
445 && strcasecmp(ctx->start_input_type,
446 new_deser_inst->input_type) != 0)
450 * If we have a previous decoder, we check that the input type
451 * of the next to be used matches the type of this previous one.
452 * decoder_inst->input_type is a cache of the parameter "input-type"
453 * value for that decoder.
456 && !OSSL_DECODER_is_a(decoder, new_deser_inst->input_type))
460 * Checking the return value of BIO_reset() or BIO_seek() is unsafe.
461 * Furthermore, BIO_reset() is unsafe to use if the source BIO happens
462 * to be a BIO_s_mem(), because the earlier BIO_tell() gives us zero
463 * no matter where we are in the underlying buffer we're reading from.
465 * So, we simply do a BIO_seek(), and use BIO_tell() that we're back
466 * at the same position. This is a best effort attempt, but BIO_seek()
467 * and BIO_tell() should come as a pair...
469 (void)BIO_seek(bio, loc);
470 if (BIO_tell(bio) != loc)
474 new_data.current_deser_inst_index = i;
475 ok = new_deser->decode(new_deser_inst->deserctx, (OSSL_CORE_BIO *)bio,
476 decoder_process, &new_data,
477 ossl_pw_passphrase_callback_dec,
478 &new_data.ctx->pwdata);
484 BIO_free(new_data.bio);