2 * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/core_names.h>
11 #include <openssl/bio.h>
12 #include <openssl/encoder.h>
13 #include <openssl/buffer.h>
14 #include <openssl/params.h>
15 #include <openssl/provider.h>
16 #include <openssl/trace.h>
17 #include "internal/bio.h"
18 #include "internal/provider.h"
19 #include "encoder_local.h"
21 struct encoder_process_data_st {
22 OSSL_ENCODER_CTX *ctx;
27 /* Index of the current encoder instance to be processed */
28 int current_encoder_inst_index;
30 /* Processing data passed down through recursion */
31 int level; /* Recursion level */
32 OSSL_ENCODER_INSTANCE *next_encoder_inst;
33 int count_output_structure;
35 /* Processing data passed up through recursion */
36 OSSL_ENCODER_INSTANCE *prev_encoder_inst;
37 unsigned char *running_output;
38 size_t running_output_length;
39 /* Data type = the name of the first succeeding encoder implementation */
40 const char *data_type;
43 static int encoder_process(struct encoder_process_data_st *data);
45 int OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out)
47 struct encoder_process_data_st data;
49 memset(&data, 0, sizeof(data));
52 data.current_encoder_inst_index = OSSL_ENCODER_CTX_get_num_encoders(ctx);
54 if (data.current_encoder_inst_index == 0) {
55 ERR_raise_data(ERR_LIB_OSSL_ENCODER, OSSL_ENCODER_R_ENCODER_NOT_FOUND,
56 "No encoders were found. For standard encoders you need "
57 "at least one of the default or base providers "
58 "available. Did you forget to load them?");
62 if (ctx->cleanup == NULL || ctx->construct == NULL) {
63 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_INIT_FAIL);
67 return encoder_process(&data) > 0;
70 #ifndef OPENSSL_NO_STDIO
71 static BIO *bio_from_file(FILE *fp)
75 if ((b = BIO_new(BIO_s_file())) == NULL) {
76 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_BUF_LIB);
79 BIO_set_fp(b, fp, BIO_NOCLOSE);
83 int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp)
85 BIO *b = bio_from_file(fp);
89 ret = OSSL_ENCODER_to_bio(ctx, b);
96 int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata,
103 if (pdata_len == NULL) {
104 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
108 out = BIO_new(BIO_s_mem());
111 && OSSL_ENCODER_to_bio(ctx, out)
112 && BIO_get_mem_ptr(out, &buf) > 0) {
113 ret = 1; /* Hope for the best. A too small buffer will clear this */
115 if (pdata != NULL && *pdata != NULL) {
116 if (*pdata_len < buf->length)
118 * It's tempting to do |*pdata_len = (size_t)buf->length|
119 * However, it's believed to be confusing more than helpful,
124 *pdata_len -= buf->length;
126 /* The buffer with the right size is already allocated for us */
127 *pdata_len = (size_t)buf->length;
132 if (*pdata != NULL) {
133 memcpy(*pdata, buf->data, buf->length);
134 *pdata += buf->length;
136 /* In this case, we steal the data from BIO_s_mem() */
137 *pdata = (unsigned char *)buf->data;
147 int OSSL_ENCODER_CTX_set_selection(OSSL_ENCODER_CTX *ctx, int selection)
149 if (!ossl_assert(ctx != NULL)) {
150 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
154 if (!ossl_assert(selection != 0)) {
155 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_INVALID_ARGUMENT);
159 ctx->selection = selection;
163 int OSSL_ENCODER_CTX_set_output_type(OSSL_ENCODER_CTX *ctx,
164 const char *output_type)
166 if (!ossl_assert(ctx != NULL) || !ossl_assert(output_type != NULL)) {
167 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
171 ctx->output_type = output_type;
175 int OSSL_ENCODER_CTX_set_output_structure(OSSL_ENCODER_CTX *ctx,
176 const char *output_structure)
178 if (!ossl_assert(ctx != NULL) || !ossl_assert(output_structure != NULL)) {
179 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
183 ctx->output_structure = output_structure;
187 static OSSL_ENCODER_INSTANCE *ossl_encoder_instance_new(OSSL_ENCODER *encoder,
190 OSSL_ENCODER_INSTANCE *encoder_inst = NULL;
191 const OSSL_PROVIDER *prov;
192 OSSL_LIB_CTX *libctx;
193 const OSSL_PROPERTY_LIST *props;
194 const OSSL_PROPERTY_DEFINITION *prop;
196 if (!ossl_assert(encoder != NULL)) {
197 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
201 if ((encoder_inst = OPENSSL_zalloc(sizeof(*encoder_inst))) == NULL)
204 if (!OSSL_ENCODER_up_ref(encoder)) {
205 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_INTERNAL_ERROR);
209 prov = OSSL_ENCODER_get0_provider(encoder);
210 libctx = ossl_provider_libctx(prov);
211 props = ossl_encoder_parsed_properties(encoder);
213 ERR_raise_data(ERR_LIB_OSSL_DECODER, ERR_R_INVALID_PROPERTY_DEFINITION,
214 "there are no property definitions with encoder %s",
215 OSSL_ENCODER_get0_name(encoder));
219 /* The "output" property is mandatory */
220 prop = ossl_property_find_property(props, libctx, "output");
221 encoder_inst->output_type = ossl_property_get_string_value(libctx, prop);
222 if (encoder_inst->output_type == NULL) {
223 ERR_raise_data(ERR_LIB_OSSL_DECODER, ERR_R_INVALID_PROPERTY_DEFINITION,
224 "the mandatory 'output' property is missing "
225 "for encoder %s (properties: %s)",
226 OSSL_ENCODER_get0_name(encoder),
227 OSSL_ENCODER_get0_properties(encoder));
231 /* The "structure" property is optional */
232 prop = ossl_property_find_property(props, libctx, "structure");
234 encoder_inst->output_structure
235 = ossl_property_get_string_value(libctx, prop);
237 encoder_inst->encoder = encoder;
238 encoder_inst->encoderctx = encoderctx;
241 ossl_encoder_instance_free(encoder_inst);
245 void ossl_encoder_instance_free(OSSL_ENCODER_INSTANCE *encoder_inst)
247 if (encoder_inst != NULL) {
248 if (encoder_inst->encoder != NULL)
249 encoder_inst->encoder->freectx(encoder_inst->encoderctx);
250 encoder_inst->encoderctx = NULL;
251 OSSL_ENCODER_free(encoder_inst->encoder);
252 encoder_inst->encoder = NULL;
253 OPENSSL_free(encoder_inst);
257 static int ossl_encoder_ctx_add_encoder_inst(OSSL_ENCODER_CTX *ctx,
258 OSSL_ENCODER_INSTANCE *ei)
262 if (ctx->encoder_insts == NULL
263 && (ctx->encoder_insts =
264 sk_OSSL_ENCODER_INSTANCE_new_null()) == NULL) {
265 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_CRYPTO_LIB);
269 ok = (sk_OSSL_ENCODER_INSTANCE_push(ctx->encoder_insts, ei) > 0);
271 OSSL_TRACE_BEGIN(ENCODER) {
273 "(ctx %p) Added encoder instance %p (encoder %p):\n"
275 (void *)ctx, (void *)ei, (void *)ei->encoder,
276 OSSL_ENCODER_get0_name(ei->encoder),
277 OSSL_ENCODER_get0_properties(ei->encoder));
278 } OSSL_TRACE_END(ENCODER);
283 int OSSL_ENCODER_CTX_add_encoder(OSSL_ENCODER_CTX *ctx, OSSL_ENCODER *encoder)
285 OSSL_ENCODER_INSTANCE *encoder_inst = NULL;
286 const OSSL_PROVIDER *prov = NULL;
287 void *encoderctx = NULL;
288 void *provctx = NULL;
290 if (!ossl_assert(ctx != NULL) || !ossl_assert(encoder != NULL)) {
291 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
295 prov = OSSL_ENCODER_get0_provider(encoder);
296 provctx = OSSL_PROVIDER_get0_provider_ctx(prov);
298 if ((encoderctx = encoder->newctx(provctx)) == NULL
300 ossl_encoder_instance_new(encoder, encoderctx)) == NULL)
302 /* Avoid double free of encoderctx on further errors */
305 if (!ossl_encoder_ctx_add_encoder_inst(ctx, encoder_inst))
310 ossl_encoder_instance_free(encoder_inst);
311 if (encoderctx != NULL)
312 encoder->freectx(encoderctx);
316 int OSSL_ENCODER_CTX_add_extra(OSSL_ENCODER_CTX *ctx,
317 OSSL_LIB_CTX *libctx, const char *propq)
322 int OSSL_ENCODER_CTX_get_num_encoders(OSSL_ENCODER_CTX *ctx)
324 if (ctx == NULL || ctx->encoder_insts == NULL)
326 return sk_OSSL_ENCODER_INSTANCE_num(ctx->encoder_insts);
329 int OSSL_ENCODER_CTX_set_construct(OSSL_ENCODER_CTX *ctx,
330 OSSL_ENCODER_CONSTRUCT *construct)
332 if (!ossl_assert(ctx != NULL)) {
333 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
336 ctx->construct = construct;
340 int OSSL_ENCODER_CTX_set_construct_data(OSSL_ENCODER_CTX *ctx,
341 void *construct_data)
343 if (!ossl_assert(ctx != NULL)) {
344 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
347 ctx->construct_data = construct_data;
351 int OSSL_ENCODER_CTX_set_cleanup(OSSL_ENCODER_CTX *ctx,
352 OSSL_ENCODER_CLEANUP *cleanup)
354 if (!ossl_assert(ctx != NULL)) {
355 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
358 ctx->cleanup = cleanup;
363 OSSL_ENCODER_INSTANCE_get_encoder(OSSL_ENCODER_INSTANCE *encoder_inst)
365 if (encoder_inst == NULL)
367 return encoder_inst->encoder;
371 OSSL_ENCODER_INSTANCE_get_encoder_ctx(OSSL_ENCODER_INSTANCE *encoder_inst)
373 if (encoder_inst == NULL)
375 return encoder_inst->encoderctx;
379 OSSL_ENCODER_INSTANCE_get_output_type(OSSL_ENCODER_INSTANCE *encoder_inst)
381 if (encoder_inst == NULL)
383 return encoder_inst->output_type;
387 OSSL_ENCODER_INSTANCE_get_output_structure(OSSL_ENCODER_INSTANCE *encoder_inst)
389 if (encoder_inst == NULL)
391 return encoder_inst->output_structure;
394 static int encoder_process(struct encoder_process_data_st *data)
396 OSSL_ENCODER_INSTANCE *current_encoder_inst = NULL;
397 OSSL_ENCODER *current_encoder = NULL;
398 OSSL_ENCODER_CTX *current_encoder_ctx = NULL;
399 BIO *allocated_out = NULL;
400 const void *original_data = NULL;
401 OSSL_PARAM abstract[10];
402 const OSSL_PARAM *current_abstract = NULL;
404 int ok = -1; /* -1 signifies that the lookup loop gave nothing */
407 if (data->next_encoder_inst == NULL) {
408 /* First iteration, where we prepare for what is to come */
410 data->count_output_structure =
411 data->ctx->output_structure == NULL ? -1 : 0;
415 for (i = data->current_encoder_inst_index; i-- > 0;) {
416 OSSL_ENCODER *next_encoder = NULL;
417 const char *current_output_type;
418 const char *current_output_structure;
419 struct encoder_process_data_st new_data;
423 OSSL_ENCODER_INSTANCE_get_encoder(data->next_encoder_inst);
425 current_encoder_inst =
426 sk_OSSL_ENCODER_INSTANCE_value(data->ctx->encoder_insts, i);
428 OSSL_ENCODER_INSTANCE_get_encoder(current_encoder_inst);
429 current_encoder_ctx =
430 OSSL_ENCODER_INSTANCE_get_encoder_ctx(current_encoder_inst);
431 current_output_type =
432 OSSL_ENCODER_INSTANCE_get_output_type(current_encoder_inst);
433 current_output_structure =
434 OSSL_ENCODER_INSTANCE_get_output_structure(current_encoder_inst);
435 memset(&new_data, 0, sizeof(new_data));
436 new_data.ctx = data->ctx;
437 new_data.current_encoder_inst_index = i;
438 new_data.next_encoder_inst = current_encoder_inst;
439 new_data.count_output_structure = data->count_output_structure;
440 new_data.level = data->level + 1;
442 OSSL_TRACE_BEGIN(ENCODER) {
444 "[%d] (ctx %p) Considering encoder instance %p (encoder %p)\n",
445 data->level, (void *)data->ctx,
446 (void *)current_encoder_inst, (void *)current_encoder);
447 } OSSL_TRACE_END(ENCODER);
450 * If this is the top call, we check if the output type of the current
451 * encoder matches the desired output type.
452 * If this isn't the top call, i.e. this is deeper in the recursion,
453 * we instead check if the output type of the current encoder matches
454 * the name of the next encoder (the one found by the parent call).
457 if (data->ctx->output_type != NULL
458 && OPENSSL_strcasecmp(current_output_type,
459 data->ctx->output_type) != 0) {
460 OSSL_TRACE_BEGIN(ENCODER) {
462 "[%d] Skipping because current encoder output type (%s) != desired output type (%s)\n",
464 current_output_type, data->ctx->output_type);
465 } OSSL_TRACE_END(ENCODER);
469 if (!OSSL_ENCODER_is_a(next_encoder, current_output_type)) {
470 OSSL_TRACE_BEGIN(ENCODER) {
472 "[%d] Skipping because current encoder output type (%s) != name of encoder %p\n",
474 current_output_type, (void *)next_encoder);
475 } OSSL_TRACE_END(ENCODER);
481 * If the caller and the current encoder specify an output structure,
482 * Check if they match. If they do, count the match, otherwise skip
483 * the current encoder.
485 if (data->ctx->output_structure != NULL
486 && current_output_structure != NULL) {
487 if (OPENSSL_strcasecmp(data->ctx->output_structure,
488 current_output_structure) != 0) {
489 OSSL_TRACE_BEGIN(ENCODER) {
491 "[%d] Skipping because current encoder output structure (%s) != ctx output structure (%s)\n",
493 current_output_structure,
494 data->ctx->output_structure);
495 } OSSL_TRACE_END(ENCODER);
499 data->count_output_structure++;
503 * Recurse to process the encoder implementations before the current
506 ok = encoder_process(&new_data);
508 data->prev_encoder_inst = new_data.prev_encoder_inst;
509 data->running_output = new_data.running_output;
510 data->running_output_length = new_data.running_output_length;
513 * ok == -1 means that the recursion call above gave no further
514 * encoders, and that the one we're currently at should
516 * ok == 0 means that something failed in the recursion call
517 * above, making the result unsuitable for a chain.
518 * In this case, we simply continue to try finding a
519 * suitable encoder at this recursion level.
520 * ok == 1 means that the recursion call was successful, and we
521 * try to use the result at this recursion level.
526 OSSL_TRACE_BEGIN(ENCODER) {
528 "[%d] Skipping because recursion level %d failed\n",
529 data->level, new_data.level);
530 } OSSL_TRACE_END(ENCODER);
534 * If |i < 0|, we didn't find any useful encoder in this recursion, so
535 * we do the rest of the process only if |i >= 0|.
540 OSSL_TRACE_BEGIN(ENCODER) {
542 "[%d] (ctx %p) No suitable encoder found\n",
543 data->level, (void *)data->ctx);
544 } OSSL_TRACE_END(ENCODER);
553 * We have reached the beginning of the encoder instance sequence,
554 * so we prepare the object to be encoded.
558 * |data->count_output_structure| is one of these values:
560 * -1 There is no desired output structure
561 * 0 There is a desired output structure, and it wasn't
562 * matched by any of the encoder instances that were
564 * >0 There is a desired output structure, and at least one
565 * of the encoder instances matched it
567 if (data->count_output_structure == 0)
571 data->ctx->construct(current_encoder_inst,
572 data->ctx->construct_data);
574 /* Also set the data type, using the encoder implementation name */
575 data->data_type = OSSL_ENCODER_get0_name(current_encoder);
577 /* Assume that the constructor recorded an error */
578 if (original_data != NULL)
584 if (!ossl_assert(data->running_output != NULL)) {
585 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_INTERNAL_ERROR);
592 * Create an object abstraction from the latest output, which
593 * was stolen from the previous round.
596 OSSL_PARAM *abstract_p = abstract;
597 const char *prev_output_structure =
598 OSSL_ENCODER_INSTANCE_get_output_structure(data->prev_encoder_inst);
601 OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
602 (char *)data->data_type, 0);
603 if (prev_output_structure != NULL)
605 OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_STRUCTURE,
606 (char *)prev_output_structure,
609 OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA,
610 data->running_output,
611 data->running_output_length);
612 *abstract_p = OSSL_PARAM_construct_end();
613 current_abstract = abstract;
618 /* Calling the encoder implementation */
621 OSSL_CORE_BIO *cbio = NULL;
622 BIO *current_out = NULL;
625 * If we're at the last encoder instance to use, we're setting up
626 * final output. Otherwise, set up an intermediary memory output.
629 current_out = data->bio;
630 else if ((current_out = allocated_out = BIO_new(BIO_s_mem()))
632 ok = 0; /* Assume BIO_new() recorded an error */
635 ok = (cbio = ossl_core_bio_new_from_bio(current_out)) != NULL;
637 ok = current_encoder->encode(current_encoder_ctx, cbio,
638 original_data, current_abstract,
639 data->ctx->selection,
640 ossl_pw_passphrase_callback_enc,
642 OSSL_TRACE_BEGIN(ENCODER) {
644 "[%d] (ctx %p) Running encoder instance %p => %d\n",
645 data->level, (void *)data->ctx,
646 (void *)current_encoder_inst, ok);
647 } OSSL_TRACE_END(ENCODER);
650 ossl_core_bio_free(cbio);
651 data->prev_encoder_inst = current_encoder_inst;
655 /* Cleanup and collecting the result */
657 OPENSSL_free(data->running_output);
658 data->running_output = NULL;
661 * Steal the output from the BIO_s_mem, if we did allocate one.
662 * That'll be the data for an object abstraction in the next round.
664 if (allocated_out != NULL) {
667 BIO_get_mem_ptr(allocated_out, &buf);
668 data->running_output = (unsigned char *)buf->data;
669 data->running_output_length = buf->length;
670 memset(buf, 0, sizeof(*buf));
673 BIO_free(allocated_out);
674 if (original_data != NULL)
675 data->ctx->cleanup(data->ctx->construct_data);
projects / openssl.git / blob