1/*
2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include <errno.h>
12#include "internal/cryptlib.h"
13#include <openssl/buffer.h>
14#include <openssl/evp.h>
15#include "internal/bio.h"
16
17static int b64_write(BIO *h, const char *buf, int num);
18static int b64_read(BIO *h, char *buf, int size);
19static int b64_puts(BIO *h, const char *str);
20static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
21static int b64_new(BIO *h);
22static int b64_free(BIO *data);
23static long b64_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp);
24#define B64_BLOCK_SIZE 1024
25#define B64_BLOCK_SIZE2 768
26#define B64_NONE 0
27#define B64_ENCODE 1
28#define B64_DECODE 2
29
30typedef struct b64_struct {
31 /*
32 * BIO *bio; moved to the BIO structure
33 */
34 int buf_len;
35 int buf_off;
36 int tmp_len; /* used to find the start when decoding */
37 int tmp_nl; /* If true, scan until '\n' */
38 int encode;
39 int start; /* have we started decoding yet? */
40 int cont; /* <= 0 when finished */
41 EVP_ENCODE_CTX *base64;
42 char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE) + 10];
43 char tmp[B64_BLOCK_SIZE];
44} BIO_B64_CTX;
45
46static const BIO_METHOD methods_b64 = {
47 BIO_TYPE_BASE64,
48 "base64 encoding",
49 /* TODO: Convert to new style write function */
50 bwrite_conv,
51 b64_write,
52 /* TODO: Convert to new style read function */
53 bread_conv,
54 b64_read,
55 b64_puts,
56 NULL, /* b64_gets, */
57 b64_ctrl,
58 b64_new,
59 b64_free,
60 b64_callback_ctrl,
61};
62
63
64const BIO_METHOD *BIO_f_base64(void)
65{
66 return &methods_b64;
67}
68
69static int b64_new(BIO *bi)
70{
71 BIO_B64_CTX *ctx;
72
73 if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {
74 EVPerr(EVP_F_B64_NEW, ERR_R_MALLOC_FAILURE);
75 return 0;
76 }
77
78 ctx->cont = 1;
79 ctx->start = 1;
80 ctx->base64 = EVP_ENCODE_CTX_new();
81 if (ctx->base64 == NULL) {
82 OPENSSL_free(ctx);
83 return 0;
84 }
85
86 BIO_set_data(bi, ctx);
87 BIO_set_init(bi, 1);
88
89 return 1;
90}
91
92static int b64_free(BIO *a)
93{
94 BIO_B64_CTX *ctx;
95 if (a == NULL)
96 return 0;
97
98 ctx = BIO_get_data(a);
99 if (ctx == NULL)
100 return 0;
101
102 EVP_ENCODE_CTX_free(ctx->base64);
103 OPENSSL_free(ctx);
104 BIO_set_data(a, NULL);
105 BIO_set_init(a, 0);
106
107 return 1;
108}
109
110static int b64_read(BIO *b, char *out, int outl)
111{
112 int ret = 0, i, ii, j, k, x, n, num, ret_code = 0;
113 BIO_B64_CTX *ctx;
114 unsigned char *p, *q;
115 BIO *next;
116
117 if (out == NULL)
118 return 0;
119 ctx = (BIO_B64_CTX *)BIO_get_data(b);
120
121 next = BIO_next(b);
122 if ((ctx == NULL) || (next == NULL))
123 return 0;
124
125 BIO_clear_retry_flags(b);
126
127 if (ctx->encode != B64_DECODE) {
128 ctx->encode = B64_DECODE;
129 ctx->buf_len = 0;
130 ctx->buf_off = 0;
131 ctx->tmp_len = 0;
132 EVP_DecodeInit(ctx->base64);
133 }
134
135 /* First check if there are bytes decoded/encoded */
136 if (ctx->buf_len > 0) {
137 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
138 i = ctx->buf_len - ctx->buf_off;
139 if (i > outl)
140 i = outl;
141 OPENSSL_assert(ctx->buf_off + i < (int)sizeof(ctx->buf));
142 memcpy(out, &(ctx->buf[ctx->buf_off]), i);
143 ret = i;
144 out += i;
145 outl -= i;
146 ctx->buf_off += i;
147 if (ctx->buf_len == ctx->buf_off) {
148 ctx->buf_len = 0;
149 ctx->buf_off = 0;
150 }
151 }
152
153 /*
154 * At this point, we have room of outl bytes and an empty buffer, so we
155 * should read in some more.
156 */
157
158 ret_code = 0;
159 while (outl > 0) {
160 if (ctx->cont <= 0)
161 break;
162
163 i = BIO_read(next, &(ctx->tmp[ctx->tmp_len]),
164 B64_BLOCK_SIZE - ctx->tmp_len);
165
166 if (i <= 0) {
167 ret_code = i;
168
169 /* Should we continue next time we are called? */
170 if (!BIO_should_retry(next)) {
171 ctx->cont = i;
172 /* If buffer empty break */
173 if (ctx->tmp_len == 0)
174 break;
175 /* Fall through and process what we have */
176 else
177 i = 0;
178 }
179 /* else we retry and add more data to buffer */
180 else
181 break;
182 }
183 i += ctx->tmp_len;
184 ctx->tmp_len = i;
185
186 /*
187 * We need to scan, a line at a time until we have a valid line if we
188 * are starting.
189 */
190 if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)) {
191 /* ctx->start=1; */
192 ctx->tmp_len = 0;
193 } else if (ctx->start) {
194 q = p = (unsigned char *)ctx->tmp;
195 num = 0;
196 for (j = 0; j < i; j++) {
197 if (*(q++) != '\n')
198 continue;
199
200 /*
201 * due to a previous very long line, we need to keep on
202 * scanning for a '\n' before we even start looking for
203 * base64 encoded stuff.
204 */
205 if (ctx->tmp_nl) {
206 p = q;
207 ctx->tmp_nl = 0;
208 continue;
209 }
210
211 k = EVP_DecodeUpdate(ctx->base64,
212 (unsigned char *)ctx->buf,
213 &num, p, q - p);
214 if ((k <= 0) && (num == 0) && (ctx->start))
215 EVP_DecodeInit(ctx->base64);
216 else {
217 if (p != (unsigned char *)
218 &(ctx->tmp[0])) {
219 i -= (p - (unsigned char *)
220 &(ctx->tmp[0]));
221 for (x = 0; x < i; x++)
222 ctx->tmp[x] = p[x];
223 }
224 EVP_DecodeInit(ctx->base64);
225 ctx->start = 0;
226 break;
227 }
228 p = q;
229 }
230
231 /* we fell off the end without starting */
232 if ((j == i) && (num == 0)) {
233 /*
234 * Is this is one long chunk?, if so, keep on reading until a
235 * new line.
236 */
237 if (p == (unsigned char *)&(ctx->tmp[0])) {
238 /* Check buffer full */
239 if (i == B64_BLOCK_SIZE) {
240 ctx->tmp_nl = 1;
241 ctx->tmp_len = 0;
242 }
243 } else if (p != q) { /* finished on a '\n' */
244 n = q - p;
245 for (ii = 0; ii < n; ii++)
246 ctx->tmp[ii] = p[ii];
247 ctx->tmp_len = n;
248 }
249 /* else finished on a '\n' */
250 continue;
251 } else {
252 ctx->tmp_len = 0;
253 }
254 } else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0)) {
255 /*
256 * If buffer isn't full and we can retry then restart to read in
257 * more data.
258 */
259 continue;
260 }
261
262 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
263 int z, jj;
264
265 jj = i & ~3; /* process per 4 */
266 z = EVP_DecodeBlock((unsigned char *)ctx->buf,
267 (unsigned char *)ctx->tmp, jj);
268 if (jj > 2) {
269 if (ctx->tmp[jj - 1] == '=') {
270 z--;
271 if (ctx->tmp[jj - 2] == '=')
272 z--;
273 }
274 }
275 /*
276 * z is now number of output bytes and jj is the number consumed
277 */
278 if (jj != i) {
279 memmove(ctx->tmp, &ctx->tmp[jj], i - jj);
280 ctx->tmp_len = i - jj;
281 }
282 ctx->buf_len = 0;
283 if (z > 0) {
284 ctx->buf_len = z;
285 }
286 i = z;
287 } else {
288 i = EVP_DecodeUpdate(ctx->base64,
289 (unsigned char *)ctx->buf, &ctx->buf_len,
290 (unsigned char *)ctx->tmp, i);
291 ctx->tmp_len = 0;
292 }
293 /*
294 * If eof or an error was signalled, then the condition
295 * 'ctx->cont <= 0' will prevent b64_read() from reading
296 * more data on subsequent calls. This assignment was
297 * deleted accidentally in commit 5562cfaca4f3.
298 */
299 ctx->cont = i;
300
301 ctx->buf_off = 0;
302 if (i < 0) {
303 ret_code = 0;
304 ctx->buf_len = 0;
305 break;
306 }
307
308 if (ctx->buf_len <= outl)
309 i = ctx->buf_len;
310 else
311 i = outl;
312
313 memcpy(out, ctx->buf, i);
314 ret += i;
315 ctx->buf_off = i;
316 if (ctx->buf_off == ctx->buf_len) {
317 ctx->buf_len = 0;
318 ctx->buf_off = 0;
319 }
320 outl -= i;
321 out += i;
322 }
323 /* BIO_clear_retry_flags(b); */
324 BIO_copy_next_retry(b);
325 return ((ret == 0) ? ret_code : ret);
326}
327
328static int b64_write(BIO *b, const char *in, int inl)
329{
330 int ret = 0;
331 int n;
332 int i;
333 BIO_B64_CTX *ctx;
334 BIO *next;
335
336 ctx = (BIO_B64_CTX *)BIO_get_data(b);
337 next = BIO_next(b);
338 if ((ctx == NULL) || (next == NULL))
339 return 0;
340
341 BIO_clear_retry_flags(b);
342
343 if (ctx->encode != B64_ENCODE) {
344 ctx->encode = B64_ENCODE;
345 ctx->buf_len = 0;
346 ctx->buf_off = 0;
347 ctx->tmp_len = 0;
348 EVP_EncodeInit(ctx->base64);
349 }
350
351 OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf));
352 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
353 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
354 n = ctx->buf_len - ctx->buf_off;
355 while (n > 0) {
356 i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n);
357 if (i <= 0) {
358 BIO_copy_next_retry(b);
359 return i;
360 }
361 OPENSSL_assert(i <= n);
362 ctx->buf_off += i;
363 OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
364 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
365 n -= i;
366 }
367 /* at this point all pending data has been written */
368 ctx->buf_off = 0;
369 ctx->buf_len = 0;
370
371 if ((in == NULL) || (inl <= 0))
372 return 0;
373
374 while (inl > 0) {
375 n = (inl > B64_BLOCK_SIZE) ? B64_BLOCK_SIZE : inl;
376
377 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
378 if (ctx->tmp_len > 0) {
379 OPENSSL_assert(ctx->tmp_len <= 3);
380 n = 3 - ctx->tmp_len;
381 /*
382 * There's a theoretical possibility for this
383 */
384 if (n > inl)
385 n = inl;
386 memcpy(&(ctx->tmp[ctx->tmp_len]), in, n);
387 ctx->tmp_len += n;
388 ret += n;
389 if (ctx->tmp_len < 3)
390 break;
391 ctx->buf_len =
392 EVP_EncodeBlock((unsigned char *)ctx->buf,
393 (unsigned char *)ctx->tmp, ctx->tmp_len);
394 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
395 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
396 /*
397 * Since we're now done using the temporary buffer, the
398 * length should be 0'd
399 */
400 ctx->tmp_len = 0;
401 } else {
402 if (n < 3) {
403 memcpy(ctx->tmp, in, n);
404 ctx->tmp_len = n;
405 ret += n;
406 break;
407 }
408 n -= n % 3;
409 ctx->buf_len =
410 EVP_EncodeBlock((unsigned char *)ctx->buf,
411 (const unsigned char *)in, n);
412 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
413 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
414 ret += n;
415 }
416 } else {
417 if (!EVP_EncodeUpdate(ctx->base64,
418 (unsigned char *)ctx->buf, &ctx->buf_len,
419 (unsigned char *)in, n))
420 return ((ret == 0) ? -1 : ret);
421 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
422 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
423 ret += n;
424 }
425 inl -= n;
426 in += n;
427
428 ctx->buf_off = 0;
429 n = ctx->buf_len;
430 while (n > 0) {
431 i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n);
432 if (i <= 0) {
433 BIO_copy_next_retry(b);
434 return ((ret == 0) ? i : ret);
435 }
436 OPENSSL_assert(i <= n);
437 n -= i;
438 ctx->buf_off += i;
439 OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
440 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
441 }
442 ctx->buf_len = 0;
443 ctx->buf_off = 0;
444 }
445 return ret;
446}
447
448static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
449{
450 BIO_B64_CTX *ctx;
451 long ret = 1;
452 int i;
453 BIO *next;
454
455 ctx = (BIO_B64_CTX *)BIO_get_data(b);
456 next = BIO_next(b);
457 if ((ctx == NULL) || (next == NULL))
458 return 0;
459
460 switch (cmd) {
461 case BIO_CTRL_RESET:
462 ctx->cont = 1;
463 ctx->start = 1;
464 ctx->encode = B64_NONE;
465 ret = BIO_ctrl(next, cmd, num, ptr);
466 break;
467 case BIO_CTRL_EOF: /* More to read */
468 if (ctx->cont <= 0)
469 ret = 1;
470 else
471 ret = BIO_ctrl(next, cmd, num, ptr);
472 break;
473 case BIO_CTRL_WPENDING: /* More to write in buffer */
474 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
475 ret = ctx->buf_len - ctx->buf_off;
476 if ((ret == 0) && (ctx->encode != B64_NONE)
477 && (EVP_ENCODE_CTX_num(ctx->base64) != 0))
478 ret = 1;
479 else if (ret <= 0)
480 ret = BIO_ctrl(next, cmd, num, ptr);
481 break;
482 case BIO_CTRL_PENDING: /* More to read in buffer */
483 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
484 ret = ctx->buf_len - ctx->buf_off;
485 if (ret <= 0)
486 ret = BIO_ctrl(next, cmd, num, ptr);
487 break;
488 case BIO_CTRL_FLUSH:
489 /* do a final write */
490 again:
491 while (ctx->buf_len != ctx->buf_off) {
492 i = b64_write(b, NULL, 0);
493 if (i < 0)
494 return i;
495 }
496 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
497 if (ctx->tmp_len != 0) {
498 ctx->buf_len = EVP_EncodeBlock((unsigned char *)ctx->buf,
499 (unsigned char *)ctx->tmp,
500 ctx->tmp_len);
501 ctx->buf_off = 0;
502 ctx->tmp_len = 0;
503 goto again;
504 }
505 } else if (ctx->encode != B64_NONE
506 && EVP_ENCODE_CTX_num(ctx->base64) != 0) {
507 ctx->buf_off = 0;
508 EVP_EncodeFinal(ctx->base64,
509 (unsigned char *)ctx->buf, &(ctx->buf_len));
510 /* push out the bytes */
511 goto again;
512 }
513 /* Finally flush the underlying BIO */
514 ret = BIO_ctrl(next, cmd, num, ptr);
515 break;
516
517 case BIO_C_DO_STATE_MACHINE:
518 BIO_clear_retry_flags(b);
519 ret = BIO_ctrl(next, cmd, num, ptr);
520 BIO_copy_next_retry(b);
521 break;
522
523 case BIO_CTRL_DUP:
524 break;
525 case BIO_CTRL_INFO:
526 case BIO_CTRL_GET:
527 case BIO_CTRL_SET:
528 default:
529 ret = BIO_ctrl(next, cmd, num, ptr);
530 break;
531 }
532 return ret;
533}
534
535static long b64_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp)
536{
537 long ret = 1;
538 BIO *next = BIO_next(b);
539
540 if (next == NULL)
541 return 0;
542 switch (cmd) {
543 default:
544 ret = BIO_callback_ctrl(next, cmd, fp);
545 break;
546 }
547 return ret;
548}
549
550static int b64_puts(BIO *b, const char *str)
551{
552 return b64_write(b, str, strlen(str));
553}
554