1 /*
2 * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <string.h>
11 #include "internal/thread_once.h"
12 #include "ui_locl.h"
13
14 #ifndef BUFSIZ
15 #define BUFSIZ 256
16 #endif
17
UI_UTIL_read_pw_string(char * buf,int length,const char * prompt,int verify)18 int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
19 int verify)
20 {
21 char buff[BUFSIZ];
22 int ret;
23
24 ret =
25 UI_UTIL_read_pw(buf, buff, (length > BUFSIZ) ? BUFSIZ : length,
26 prompt, verify);
27 OPENSSL_cleanse(buff, BUFSIZ);
28 return ret;
29 }
30
UI_UTIL_read_pw(char * buf,char * buff,int size,const char * prompt,int verify)31 int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
32 int verify)
33 {
34 int ok = 0;
35 UI *ui;
36
37 if (size < 1)
38 return -1;
39
40 ui = UI_new();
41 if (ui != NULL) {
42 ok = UI_add_input_string(ui, prompt, 0, buf, 0, size - 1);
43 if (ok >= 0 && verify)
44 ok = UI_add_verify_string(ui, prompt, 0, buff, 0, size - 1, buf);
45 if (ok >= 0)
46 ok = UI_process(ui);
47 UI_free(ui);
48 }
49 if (ok > 0)
50 ok = 0;
51 return ok;
52 }
53
54 /*
55 * Wrapper around pem_password_cb, a method to help older APIs use newer
56 * ones.
57 */
58 struct pem_password_cb_data {
59 pem_password_cb *cb;
60 int rwflag;
61 };
62
ui_new_method_data(void * parent,void * ptr,CRYPTO_EX_DATA * ad,int idx,long argl,void * argp)63 static void ui_new_method_data(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
64 int idx, long argl, void *argp)
65 {
66 /*
67 * Do nothing, the data is allocated externally and assigned later with
68 * CRYPTO_set_ex_data()
69 */
70 }
71
ui_dup_method_data(CRYPTO_EX_DATA * to,const CRYPTO_EX_DATA * from,void * from_d,int idx,long argl,void * argp)72 static int ui_dup_method_data(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
73 void *from_d, int idx, long argl, void *argp)
74 {
75 void **pptr = (void **)from_d;
76 if (*pptr != NULL)
77 *pptr = OPENSSL_memdup(*pptr, sizeof(struct pem_password_cb_data));
78 return 1;
79 }
80
ui_free_method_data(void * parent,void * ptr,CRYPTO_EX_DATA * ad,int idx,long argl,void * argp)81 static void ui_free_method_data(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
82 int idx, long argl, void *argp)
83 {
84 OPENSSL_free(ptr);
85 }
86
87 static CRYPTO_ONCE get_index_once = CRYPTO_ONCE_STATIC_INIT;
88 static int ui_method_data_index = -1;
DEFINE_RUN_ONCE_STATIC(ui_method_data_index_init)89 DEFINE_RUN_ONCE_STATIC(ui_method_data_index_init)
90 {
91 ui_method_data_index = CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI_METHOD,
92 0, NULL, ui_new_method_data,
93 ui_dup_method_data,
94 ui_free_method_data);
95 return 1;
96 }
97
ui_open(UI * ui)98 static int ui_open(UI *ui)
99 {
100 return 1;
101 }
ui_read(UI * ui,UI_STRING * uis)102 static int ui_read(UI *ui, UI_STRING *uis)
103 {
104 switch (UI_get_string_type(uis)) {
105 case UIT_PROMPT:
106 {
107 char result[PEM_BUFSIZE + 1];
108 const struct pem_password_cb_data *data =
109 UI_method_get_ex_data(UI_get_method(ui), ui_method_data_index);
110 int maxsize = UI_get_result_maxsize(uis);
111 int len = data->cb(result,
112 maxsize > PEM_BUFSIZE ? PEM_BUFSIZE : maxsize,
113 data->rwflag, UI_get0_user_data(ui));
114
115 if (len >= 0)
116 result[len] = '\0';
117 if (len <= 0)
118 return len;
119 if (UI_set_result_ex(ui, uis, result, len) >= 0)
120 return 1;
121 return 0;
122 }
123 case UIT_VERIFY:
124 case UIT_NONE:
125 case UIT_BOOLEAN:
126 case UIT_INFO:
127 case UIT_ERROR:
128 break;
129 }
130 return 1;
131 }
ui_write(UI * ui,UI_STRING * uis)132 static int ui_write(UI *ui, UI_STRING *uis)
133 {
134 return 1;
135 }
ui_close(UI * ui)136 static int ui_close(UI *ui)
137 {
138 return 1;
139 }
140
UI_UTIL_wrap_read_pem_callback(pem_password_cb * cb,int rwflag)141 UI_METHOD *UI_UTIL_wrap_read_pem_callback(pem_password_cb *cb, int rwflag)
142 {
143 struct pem_password_cb_data *data = NULL;
144 UI_METHOD *ui_method = NULL;
145
146 if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL
147 || (ui_method = UI_create_method("PEM password callback wrapper")) == NULL
148 || UI_method_set_opener(ui_method, ui_open) < 0
149 || UI_method_set_reader(ui_method, ui_read) < 0
150 || UI_method_set_writer(ui_method, ui_write) < 0
151 || UI_method_set_closer(ui_method, ui_close) < 0
152 || !RUN_ONCE(&get_index_once, ui_method_data_index_init)
153 || UI_method_set_ex_data(ui_method, ui_method_data_index, data) < 0) {
154 UI_destroy_method(ui_method);
155 OPENSSL_free(data);
156 return NULL;
157 }
158 data->rwflag = rwflag;
159 data->cb = cb;
160
161 return ui_method;
162 }
163