1 | /* |
2 | * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at |
7 | * https://www.openssl.org/source/license.html |
8 | */ |
9 | |
10 | #include <stdio.h> |
11 | #include <errno.h> |
12 | #include "internal/cryptlib.h" |
13 | #include <openssl/buffer.h> |
14 | #include <openssl/evp.h> |
15 | #include "internal/bio.h" |
16 | |
17 | static int b64_write(BIO *h, const char *buf, int num); |
18 | static int b64_read(BIO *h, char *buf, int size); |
19 | static int b64_puts(BIO *h, const char *str); |
20 | static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2); |
21 | static int b64_new(BIO *h); |
22 | static int b64_free(BIO *data); |
23 | static long b64_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); |
24 | #define B64_BLOCK_SIZE 1024 |
25 | #define B64_BLOCK_SIZE2 768 |
26 | #define B64_NONE 0 |
27 | #define B64_ENCODE 1 |
28 | #define B64_DECODE 2 |
29 | |
30 | typedef struct b64_struct { |
31 | /* |
32 | * BIO *bio; moved to the BIO structure |
33 | */ |
34 | int buf_len; |
35 | int buf_off; |
36 | int tmp_len; /* used to find the start when decoding */ |
37 | int tmp_nl; /* If true, scan until '\n' */ |
38 | int encode; |
39 | int start; /* have we started decoding yet? */ |
40 | int cont; /* <= 0 when finished */ |
41 | EVP_ENCODE_CTX *base64; |
42 | char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE) + 10]; |
43 | char tmp[B64_BLOCK_SIZE]; |
44 | } BIO_B64_CTX; |
45 | |
46 | static const BIO_METHOD methods_b64 = { |
47 | BIO_TYPE_BASE64, |
48 | "base64 encoding" , |
49 | /* TODO: Convert to new style write function */ |
50 | bwrite_conv, |
51 | b64_write, |
52 | /* TODO: Convert to new style read function */ |
53 | bread_conv, |
54 | b64_read, |
55 | b64_puts, |
56 | NULL, /* b64_gets, */ |
57 | b64_ctrl, |
58 | b64_new, |
59 | b64_free, |
60 | b64_callback_ctrl, |
61 | }; |
62 | |
63 | |
64 | const BIO_METHOD *BIO_f_base64(void) |
65 | { |
66 | return &methods_b64; |
67 | } |
68 | |
69 | static int b64_new(BIO *bi) |
70 | { |
71 | BIO_B64_CTX *ctx; |
72 | |
73 | if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { |
74 | EVPerr(EVP_F_B64_NEW, ERR_R_MALLOC_FAILURE); |
75 | return 0; |
76 | } |
77 | |
78 | ctx->cont = 1; |
79 | ctx->start = 1; |
80 | ctx->base64 = EVP_ENCODE_CTX_new(); |
81 | if (ctx->base64 == NULL) { |
82 | OPENSSL_free(ctx); |
83 | return 0; |
84 | } |
85 | |
86 | BIO_set_data(bi, ctx); |
87 | BIO_set_init(bi, 1); |
88 | |
89 | return 1; |
90 | } |
91 | |
92 | static int b64_free(BIO *a) |
93 | { |
94 | BIO_B64_CTX *ctx; |
95 | if (a == NULL) |
96 | return 0; |
97 | |
98 | ctx = BIO_get_data(a); |
99 | if (ctx == NULL) |
100 | return 0; |
101 | |
102 | EVP_ENCODE_CTX_free(ctx->base64); |
103 | OPENSSL_free(ctx); |
104 | BIO_set_data(a, NULL); |
105 | BIO_set_init(a, 0); |
106 | |
107 | return 1; |
108 | } |
109 | |
110 | static int b64_read(BIO *b, char *out, int outl) |
111 | { |
112 | int ret = 0, i, ii, j, k, x, n, num, ret_code = 0; |
113 | BIO_B64_CTX *ctx; |
114 | unsigned char *p, *q; |
115 | BIO *next; |
116 | |
117 | if (out == NULL) |
118 | return 0; |
119 | ctx = (BIO_B64_CTX *)BIO_get_data(b); |
120 | |
121 | next = BIO_next(b); |
122 | if ((ctx == NULL) || (next == NULL)) |
123 | return 0; |
124 | |
125 | BIO_clear_retry_flags(b); |
126 | |
127 | if (ctx->encode != B64_DECODE) { |
128 | ctx->encode = B64_DECODE; |
129 | ctx->buf_len = 0; |
130 | ctx->buf_off = 0; |
131 | ctx->tmp_len = 0; |
132 | EVP_DecodeInit(ctx->base64); |
133 | } |
134 | |
135 | /* First check if there are bytes decoded/encoded */ |
136 | if (ctx->buf_len > 0) { |
137 | OPENSSL_assert(ctx->buf_len >= ctx->buf_off); |
138 | i = ctx->buf_len - ctx->buf_off; |
139 | if (i > outl) |
140 | i = outl; |
141 | OPENSSL_assert(ctx->buf_off + i < (int)sizeof(ctx->buf)); |
142 | memcpy(out, &(ctx->buf[ctx->buf_off]), i); |
143 | ret = i; |
144 | out += i; |
145 | outl -= i; |
146 | ctx->buf_off += i; |
147 | if (ctx->buf_len == ctx->buf_off) { |
148 | ctx->buf_len = 0; |
149 | ctx->buf_off = 0; |
150 | } |
151 | } |
152 | |
153 | /* |
154 | * At this point, we have room of outl bytes and an empty buffer, so we |
155 | * should read in some more. |
156 | */ |
157 | |
158 | ret_code = 0; |
159 | while (outl > 0) { |
160 | if (ctx->cont <= 0) |
161 | break; |
162 | |
163 | i = BIO_read(next, &(ctx->tmp[ctx->tmp_len]), |
164 | B64_BLOCK_SIZE - ctx->tmp_len); |
165 | |
166 | if (i <= 0) { |
167 | ret_code = i; |
168 | |
169 | /* Should we continue next time we are called? */ |
170 | if (!BIO_should_retry(next)) { |
171 | ctx->cont = i; |
172 | /* If buffer empty break */ |
173 | if (ctx->tmp_len == 0) |
174 | break; |
175 | /* Fall through and process what we have */ |
176 | else |
177 | i = 0; |
178 | } |
179 | /* else we retry and add more data to buffer */ |
180 | else |
181 | break; |
182 | } |
183 | i += ctx->tmp_len; |
184 | ctx->tmp_len = i; |
185 | |
186 | /* |
187 | * We need to scan, a line at a time until we have a valid line if we |
188 | * are starting. |
189 | */ |
190 | if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)) { |
191 | /* ctx->start=1; */ |
192 | ctx->tmp_len = 0; |
193 | } else if (ctx->start) { |
194 | q = p = (unsigned char *)ctx->tmp; |
195 | num = 0; |
196 | for (j = 0; j < i; j++) { |
197 | if (*(q++) != '\n') |
198 | continue; |
199 | |
200 | /* |
201 | * due to a previous very long line, we need to keep on |
202 | * scanning for a '\n' before we even start looking for |
203 | * base64 encoded stuff. |
204 | */ |
205 | if (ctx->tmp_nl) { |
206 | p = q; |
207 | ctx->tmp_nl = 0; |
208 | continue; |
209 | } |
210 | |
211 | k = EVP_DecodeUpdate(ctx->base64, |
212 | (unsigned char *)ctx->buf, |
213 | &num, p, q - p); |
214 | if ((k <= 0) && (num == 0) && (ctx->start)) |
215 | EVP_DecodeInit(ctx->base64); |
216 | else { |
217 | if (p != (unsigned char *) |
218 | &(ctx->tmp[0])) { |
219 | i -= (p - (unsigned char *) |
220 | &(ctx->tmp[0])); |
221 | for (x = 0; x < i; x++) |
222 | ctx->tmp[x] = p[x]; |
223 | } |
224 | EVP_DecodeInit(ctx->base64); |
225 | ctx->start = 0; |
226 | break; |
227 | } |
228 | p = q; |
229 | } |
230 | |
231 | /* we fell off the end without starting */ |
232 | if ((j == i) && (num == 0)) { |
233 | /* |
234 | * Is this is one long chunk?, if so, keep on reading until a |
235 | * new line. |
236 | */ |
237 | if (p == (unsigned char *)&(ctx->tmp[0])) { |
238 | /* Check buffer full */ |
239 | if (i == B64_BLOCK_SIZE) { |
240 | ctx->tmp_nl = 1; |
241 | ctx->tmp_len = 0; |
242 | } |
243 | } else if (p != q) { /* finished on a '\n' */ |
244 | n = q - p; |
245 | for (ii = 0; ii < n; ii++) |
246 | ctx->tmp[ii] = p[ii]; |
247 | ctx->tmp_len = n; |
248 | } |
249 | /* else finished on a '\n' */ |
250 | continue; |
251 | } else { |
252 | ctx->tmp_len = 0; |
253 | } |
254 | } else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0)) { |
255 | /* |
256 | * If buffer isn't full and we can retry then restart to read in |
257 | * more data. |
258 | */ |
259 | continue; |
260 | } |
261 | |
262 | if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { |
263 | int z, jj; |
264 | |
265 | jj = i & ~3; /* process per 4 */ |
266 | z = EVP_DecodeBlock((unsigned char *)ctx->buf, |
267 | (unsigned char *)ctx->tmp, jj); |
268 | if (jj > 2) { |
269 | if (ctx->tmp[jj - 1] == '=') { |
270 | z--; |
271 | if (ctx->tmp[jj - 2] == '=') |
272 | z--; |
273 | } |
274 | } |
275 | /* |
276 | * z is now number of output bytes and jj is the number consumed |
277 | */ |
278 | if (jj != i) { |
279 | memmove(ctx->tmp, &ctx->tmp[jj], i - jj); |
280 | ctx->tmp_len = i - jj; |
281 | } |
282 | ctx->buf_len = 0; |
283 | if (z > 0) { |
284 | ctx->buf_len = z; |
285 | } |
286 | i = z; |
287 | } else { |
288 | i = EVP_DecodeUpdate(ctx->base64, |
289 | (unsigned char *)ctx->buf, &ctx->buf_len, |
290 | (unsigned char *)ctx->tmp, i); |
291 | ctx->tmp_len = 0; |
292 | } |
293 | /* |
294 | * If eof or an error was signalled, then the condition |
295 | * 'ctx->cont <= 0' will prevent b64_read() from reading |
296 | * more data on subsequent calls. This assignment was |
297 | * deleted accidentally in commit 5562cfaca4f3. |
298 | */ |
299 | ctx->cont = i; |
300 | |
301 | ctx->buf_off = 0; |
302 | if (i < 0) { |
303 | ret_code = 0; |
304 | ctx->buf_len = 0; |
305 | break; |
306 | } |
307 | |
308 | if (ctx->buf_len <= outl) |
309 | i = ctx->buf_len; |
310 | else |
311 | i = outl; |
312 | |
313 | memcpy(out, ctx->buf, i); |
314 | ret += i; |
315 | ctx->buf_off = i; |
316 | if (ctx->buf_off == ctx->buf_len) { |
317 | ctx->buf_len = 0; |
318 | ctx->buf_off = 0; |
319 | } |
320 | outl -= i; |
321 | out += i; |
322 | } |
323 | /* BIO_clear_retry_flags(b); */ |
324 | BIO_copy_next_retry(b); |
325 | return ((ret == 0) ? ret_code : ret); |
326 | } |
327 | |
328 | static int b64_write(BIO *b, const char *in, int inl) |
329 | { |
330 | int ret = 0; |
331 | int n; |
332 | int i; |
333 | BIO_B64_CTX *ctx; |
334 | BIO *next; |
335 | |
336 | ctx = (BIO_B64_CTX *)BIO_get_data(b); |
337 | next = BIO_next(b); |
338 | if ((ctx == NULL) || (next == NULL)) |
339 | return 0; |
340 | |
341 | BIO_clear_retry_flags(b); |
342 | |
343 | if (ctx->encode != B64_ENCODE) { |
344 | ctx->encode = B64_ENCODE; |
345 | ctx->buf_len = 0; |
346 | ctx->buf_off = 0; |
347 | ctx->tmp_len = 0; |
348 | EVP_EncodeInit(ctx->base64); |
349 | } |
350 | |
351 | OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf)); |
352 | OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); |
353 | OPENSSL_assert(ctx->buf_len >= ctx->buf_off); |
354 | n = ctx->buf_len - ctx->buf_off; |
355 | while (n > 0) { |
356 | i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n); |
357 | if (i <= 0) { |
358 | BIO_copy_next_retry(b); |
359 | return i; |
360 | } |
361 | OPENSSL_assert(i <= n); |
362 | ctx->buf_off += i; |
363 | OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf)); |
364 | OPENSSL_assert(ctx->buf_len >= ctx->buf_off); |
365 | n -= i; |
366 | } |
367 | /* at this point all pending data has been written */ |
368 | ctx->buf_off = 0; |
369 | ctx->buf_len = 0; |
370 | |
371 | if ((in == NULL) || (inl <= 0)) |
372 | return 0; |
373 | |
374 | while (inl > 0) { |
375 | n = (inl > B64_BLOCK_SIZE) ? B64_BLOCK_SIZE : inl; |
376 | |
377 | if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { |
378 | if (ctx->tmp_len > 0) { |
379 | OPENSSL_assert(ctx->tmp_len <= 3); |
380 | n = 3 - ctx->tmp_len; |
381 | /* |
382 | * There's a theoretical possibility for this |
383 | */ |
384 | if (n > inl) |
385 | n = inl; |
386 | memcpy(&(ctx->tmp[ctx->tmp_len]), in, n); |
387 | ctx->tmp_len += n; |
388 | ret += n; |
389 | if (ctx->tmp_len < 3) |
390 | break; |
391 | ctx->buf_len = |
392 | EVP_EncodeBlock((unsigned char *)ctx->buf, |
393 | (unsigned char *)ctx->tmp, ctx->tmp_len); |
394 | OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); |
395 | OPENSSL_assert(ctx->buf_len >= ctx->buf_off); |
396 | /* |
397 | * Since we're now done using the temporary buffer, the |
398 | * length should be 0'd |
399 | */ |
400 | ctx->tmp_len = 0; |
401 | } else { |
402 | if (n < 3) { |
403 | memcpy(ctx->tmp, in, n); |
404 | ctx->tmp_len = n; |
405 | ret += n; |
406 | break; |
407 | } |
408 | n -= n % 3; |
409 | ctx->buf_len = |
410 | EVP_EncodeBlock((unsigned char *)ctx->buf, |
411 | (const unsigned char *)in, n); |
412 | OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); |
413 | OPENSSL_assert(ctx->buf_len >= ctx->buf_off); |
414 | ret += n; |
415 | } |
416 | } else { |
417 | if (!EVP_EncodeUpdate(ctx->base64, |
418 | (unsigned char *)ctx->buf, &ctx->buf_len, |
419 | (unsigned char *)in, n)) |
420 | return ((ret == 0) ? -1 : ret); |
421 | OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); |
422 | OPENSSL_assert(ctx->buf_len >= ctx->buf_off); |
423 | ret += n; |
424 | } |
425 | inl -= n; |
426 | in += n; |
427 | |
428 | ctx->buf_off = 0; |
429 | n = ctx->buf_len; |
430 | while (n > 0) { |
431 | i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n); |
432 | if (i <= 0) { |
433 | BIO_copy_next_retry(b); |
434 | return ((ret == 0) ? i : ret); |
435 | } |
436 | OPENSSL_assert(i <= n); |
437 | n -= i; |
438 | ctx->buf_off += i; |
439 | OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf)); |
440 | OPENSSL_assert(ctx->buf_len >= ctx->buf_off); |
441 | } |
442 | ctx->buf_len = 0; |
443 | ctx->buf_off = 0; |
444 | } |
445 | return ret; |
446 | } |
447 | |
448 | static long b64_ctrl(BIO *b, int cmd, long num, void *ptr) |
449 | { |
450 | BIO_B64_CTX *ctx; |
451 | long ret = 1; |
452 | int i; |
453 | BIO *next; |
454 | |
455 | ctx = (BIO_B64_CTX *)BIO_get_data(b); |
456 | next = BIO_next(b); |
457 | if ((ctx == NULL) || (next == NULL)) |
458 | return 0; |
459 | |
460 | switch (cmd) { |
461 | case BIO_CTRL_RESET: |
462 | ctx->cont = 1; |
463 | ctx->start = 1; |
464 | ctx->encode = B64_NONE; |
465 | ret = BIO_ctrl(next, cmd, num, ptr); |
466 | break; |
467 | case BIO_CTRL_EOF: /* More to read */ |
468 | if (ctx->cont <= 0) |
469 | ret = 1; |
470 | else |
471 | ret = BIO_ctrl(next, cmd, num, ptr); |
472 | break; |
473 | case BIO_CTRL_WPENDING: /* More to write in buffer */ |
474 | OPENSSL_assert(ctx->buf_len >= ctx->buf_off); |
475 | ret = ctx->buf_len - ctx->buf_off; |
476 | if ((ret == 0) && (ctx->encode != B64_NONE) |
477 | && (EVP_ENCODE_CTX_num(ctx->base64) != 0)) |
478 | ret = 1; |
479 | else if (ret <= 0) |
480 | ret = BIO_ctrl(next, cmd, num, ptr); |
481 | break; |
482 | case BIO_CTRL_PENDING: /* More to read in buffer */ |
483 | OPENSSL_assert(ctx->buf_len >= ctx->buf_off); |
484 | ret = ctx->buf_len - ctx->buf_off; |
485 | if (ret <= 0) |
486 | ret = BIO_ctrl(next, cmd, num, ptr); |
487 | break; |
488 | case BIO_CTRL_FLUSH: |
489 | /* do a final write */ |
490 | again: |
491 | while (ctx->buf_len != ctx->buf_off) { |
492 | i = b64_write(b, NULL, 0); |
493 | if (i < 0) |
494 | return i; |
495 | } |
496 | if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { |
497 | if (ctx->tmp_len != 0) { |
498 | ctx->buf_len = EVP_EncodeBlock((unsigned char *)ctx->buf, |
499 | (unsigned char *)ctx->tmp, |
500 | ctx->tmp_len); |
501 | ctx->buf_off = 0; |
502 | ctx->tmp_len = 0; |
503 | goto again; |
504 | } |
505 | } else if (ctx->encode != B64_NONE |
506 | && EVP_ENCODE_CTX_num(ctx->base64) != 0) { |
507 | ctx->buf_off = 0; |
508 | EVP_EncodeFinal(ctx->base64, |
509 | (unsigned char *)ctx->buf, &(ctx->buf_len)); |
510 | /* push out the bytes */ |
511 | goto again; |
512 | } |
513 | /* Finally flush the underlying BIO */ |
514 | ret = BIO_ctrl(next, cmd, num, ptr); |
515 | break; |
516 | |
517 | case BIO_C_DO_STATE_MACHINE: |
518 | BIO_clear_retry_flags(b); |
519 | ret = BIO_ctrl(next, cmd, num, ptr); |
520 | BIO_copy_next_retry(b); |
521 | break; |
522 | |
523 | case BIO_CTRL_DUP: |
524 | break; |
525 | case BIO_CTRL_INFO: |
526 | case BIO_CTRL_GET: |
527 | case BIO_CTRL_SET: |
528 | default: |
529 | ret = BIO_ctrl(next, cmd, num, ptr); |
530 | break; |
531 | } |
532 | return ret; |
533 | } |
534 | |
535 | static long b64_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) |
536 | { |
537 | long ret = 1; |
538 | BIO *next = BIO_next(b); |
539 | |
540 | if (next == NULL) |
541 | return 0; |
542 | switch (cmd) { |
543 | default: |
544 | ret = BIO_callback_ctrl(next, cmd, fp); |
545 | break; |
546 | } |
547 | return ret; |
548 | } |
549 | |
550 | static int b64_puts(BIO *b, const char *str) |
551 | { |
552 | return b64_write(b, str, strlen(str)); |
553 | } |
554 | |