1 /* 2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include <errno.h> 12 #include "internal/cryptlib.h" 13 #include <openssl/buffer.h> 14 #include <openssl/evp.h> 15 #include "internal/bio.h" 16 17 static int b64_write(BIO *h, const char *buf, int num); 18 static int b64_read(BIO *h, char *buf, int size); 19 static int b64_puts(BIO *h, const char *str); 20 static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2); 21 static int b64_new(BIO *h); 22 static int b64_free(BIO *data); 23 static long b64_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); 24 #define B64_BLOCK_SIZE 1024 25 #define B64_BLOCK_SIZE2 768 26 #define B64_NONE 0 27 #define B64_ENCODE 1 28 #define B64_DECODE 2 29 30 typedef struct b64_struct { 31 /* 32 * BIO *bio; moved to the BIO structure 33 */ 34 int buf_len; 35 int buf_off; 36 int tmp_len; /* used to find the start when decoding */ 37 int tmp_nl; /* If true, scan until '\n' */ 38 int encode; 39 int start; /* have we started decoding yet? */ 40 int cont; /* <= 0 when finished */ 41 EVP_ENCODE_CTX *base64; 42 char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE) + 10]; 43 char tmp[B64_BLOCK_SIZE]; 44 } BIO_B64_CTX; 45 46 static const BIO_METHOD methods_b64 = { 47 BIO_TYPE_BASE64, 48 "base64 encoding", 49 /* TODO: Convert to new style write function */ 50 bwrite_conv, 51 b64_write, 52 /* TODO: Convert to new style read function */ 53 bread_conv, 54 b64_read, 55 b64_puts, 56 NULL, /* b64_gets, */ 57 b64_ctrl, 58 b64_new, 59 b64_free, 60 b64_callback_ctrl, 61 }; 62 63 64 const BIO_METHOD *BIO_f_base64(void) 65 { 66 return &methods_b64; 67 } 68 69 static int b64_new(BIO *bi) 70 { 71 BIO_B64_CTX *ctx; 72 73 if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { 74 EVPerr(EVP_F_B64_NEW, ERR_R_MALLOC_FAILURE); 75 return 0; 76 } 77 78 ctx->cont = 1; 79 ctx->start = 1; 80 ctx->base64 = EVP_ENCODE_CTX_new(); 81 if (ctx->base64 == NULL) { 82 OPENSSL_free(ctx); 83 return 0; 84 } 85 86 BIO_set_data(bi, ctx); 87 BIO_set_init(bi, 1); 88 89 return 1; 90 } 91 92 static int b64_free(BIO *a) 93 { 94 BIO_B64_CTX *ctx; 95 if (a == NULL) 96 return 0; 97 98 ctx = BIO_get_data(a); 99 if (ctx == NULL) 100 return 0; 101 102 EVP_ENCODE_CTX_free(ctx->base64); 103 OPENSSL_free(ctx); 104 BIO_set_data(a, NULL); 105 BIO_set_init(a, 0); 106 107 return 1; 108 } 109 110 static int b64_read(BIO *b, char *out, int outl) 111 { 112 int ret = 0, i, ii, j, k, x, n, num, ret_code = 0; 113 BIO_B64_CTX *ctx; 114 unsigned char *p, *q; 115 BIO *next; 116 117 if (out == NULL) 118 return 0; 119 ctx = (BIO_B64_CTX *)BIO_get_data(b); 120 121 next = BIO_next(b); 122 if ((ctx == NULL) || (next == NULL)) 123 return 0; 124 125 BIO_clear_retry_flags(b); 126 127 if (ctx->encode != B64_DECODE) { 128 ctx->encode = B64_DECODE; 129 ctx->buf_len = 0; 130 ctx->buf_off = 0; 131 ctx->tmp_len = 0; 132 EVP_DecodeInit(ctx->base64); 133 } 134 135 /* First check if there are bytes decoded/encoded */ 136 if (ctx->buf_len > 0) { 137 OPENSSL_assert(ctx->buf_len >= ctx->buf_off); 138 i = ctx->buf_len - ctx->buf_off; 139 if (i > outl) 140 i = outl; 141 OPENSSL_assert(ctx->buf_off + i < (int)sizeof(ctx->buf)); 142 memcpy(out, &(ctx->buf[ctx->buf_off]), i); 143 ret = i; 144 out += i; 145 outl -= i; 146 ctx->buf_off += i; 147 if (ctx->buf_len == ctx->buf_off) { 148 ctx->buf_len = 0; 149 ctx->buf_off = 0; 150 } 151 } 152 153 /* 154 * At this point, we have room of outl bytes and an empty buffer, so we 155 * should read in some more. 156 */ 157 158 ret_code = 0; 159 while (outl > 0) { 160 if (ctx->cont <= 0) 161 break; 162 163 i = BIO_read(next, &(ctx->tmp[ctx->tmp_len]), 164 B64_BLOCK_SIZE - ctx->tmp_len); 165 166 if (i <= 0) { 167 ret_code = i; 168 169 /* Should we continue next time we are called? */ 170 if (!BIO_should_retry(next)) { 171 ctx->cont = i; 172 /* If buffer empty break */ 173 if (ctx->tmp_len == 0) 174 break; 175 /* Fall through and process what we have */ 176 else 177 i = 0; 178 } 179 /* else we retry and add more data to buffer */ 180 else 181 break; 182 } 183 i += ctx->tmp_len; 184 ctx->tmp_len = i; 185 186 /* 187 * We need to scan, a line at a time until we have a valid line if we 188 * are starting. 189 */ 190 if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)) { 191 /* ctx->start=1; */ 192 ctx->tmp_len = 0; 193 } else if (ctx->start) { 194 q = p = (unsigned char *)ctx->tmp; 195 num = 0; 196 for (j = 0; j < i; j++) { 197 if (*(q++) != '\n') 198 continue; 199 200 /* 201 * due to a previous very long line, we need to keep on 202 * scanning for a '\n' before we even start looking for 203 * base64 encoded stuff. 204 */ 205 if (ctx->tmp_nl) { 206 p = q; 207 ctx->tmp_nl = 0; 208 continue; 209 } 210 211 k = EVP_DecodeUpdate(ctx->base64, 212 (unsigned char *)ctx->buf, 213 &num, p, q - p); 214 if ((k <= 0) && (num == 0) && (ctx->start)) 215 EVP_DecodeInit(ctx->base64); 216 else { 217 if (p != (unsigned char *) 218 &(ctx->tmp[0])) { 219 i -= (p - (unsigned char *) 220 &(ctx->tmp[0])); 221 for (x = 0; x < i; x++) 222 ctx->tmp[x] = p[x]; 223 } 224 EVP_DecodeInit(ctx->base64); 225 ctx->start = 0; 226 break; 227 } 228 p = q; 229 } 230 231 /* we fell off the end without starting */ 232 if ((j == i) && (num == 0)) { 233 /* 234 * Is this is one long chunk?, if so, keep on reading until a 235 * new line. 236 */ 237 if (p == (unsigned char *)&(ctx->tmp[0])) { 238 /* Check buffer full */ 239 if (i == B64_BLOCK_SIZE) { 240 ctx->tmp_nl = 1; 241 ctx->tmp_len = 0; 242 } 243 } else if (p != q) { /* finished on a '\n' */ 244 n = q - p; 245 for (ii = 0; ii < n; ii++) 246 ctx->tmp[ii] = p[ii]; 247 ctx->tmp_len = n; 248 } 249 /* else finished on a '\n' */ 250 continue; 251 } else { 252 ctx->tmp_len = 0; 253 } 254 } else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0)) { 255 /* 256 * If buffer isn't full and we can retry then restart to read in 257 * more data. 258 */ 259 continue; 260 } 261 262 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { 263 int z, jj; 264 265 jj = i & ~3; /* process per 4 */ 266 z = EVP_DecodeBlock((unsigned char *)ctx->buf, 267 (unsigned char *)ctx->tmp, jj); 268 if (jj > 2) { 269 if (ctx->tmp[jj - 1] == '=') { 270 z--; 271 if (ctx->tmp[jj - 2] == '=') 272 z--; 273 } 274 } 275 /* 276 * z is now number of output bytes and jj is the number consumed 277 */ 278 if (jj != i) { 279 memmove(ctx->tmp, &ctx->tmp[jj], i - jj); 280 ctx->tmp_len = i - jj; 281 } 282 ctx->buf_len = 0; 283 if (z > 0) { 284 ctx->buf_len = z; 285 } 286 i = z; 287 } else { 288 i = EVP_DecodeUpdate(ctx->base64, 289 (unsigned char *)ctx->buf, &ctx->buf_len, 290 (unsigned char *)ctx->tmp, i); 291 ctx->tmp_len = 0; 292 } 293 /* 294 * If eof or an error was signalled, then the condition 295 * 'ctx->cont <= 0' will prevent b64_read() from reading 296 * more data on subsequent calls. This assignment was 297 * deleted accidentally in commit 5562cfaca4f3. 298 */ 299 ctx->cont = i; 300 301 ctx->buf_off = 0; 302 if (i < 0) { 303 ret_code = 0; 304 ctx->buf_len = 0; 305 break; 306 } 307 308 if (ctx->buf_len <= outl) 309 i = ctx->buf_len; 310 else 311 i = outl; 312 313 memcpy(out, ctx->buf, i); 314 ret += i; 315 ctx->buf_off = i; 316 if (ctx->buf_off == ctx->buf_len) { 317 ctx->buf_len = 0; 318 ctx->buf_off = 0; 319 } 320 outl -= i; 321 out += i; 322 } 323 /* BIO_clear_retry_flags(b); */ 324 BIO_copy_next_retry(b); 325 return ((ret == 0) ? ret_code : ret); 326 } 327 328 static int b64_write(BIO *b, const char *in, int inl) 329 { 330 int ret = 0; 331 int n; 332 int i; 333 BIO_B64_CTX *ctx; 334 BIO *next; 335 336 ctx = (BIO_B64_CTX *)BIO_get_data(b); 337 next = BIO_next(b); 338 if ((ctx == NULL) || (next == NULL)) 339 return 0; 340 341 BIO_clear_retry_flags(b); 342 343 if (ctx->encode != B64_ENCODE) { 344 ctx->encode = B64_ENCODE; 345 ctx->buf_len = 0; 346 ctx->buf_off = 0; 347 ctx->tmp_len = 0; 348 EVP_EncodeInit(ctx->base64); 349 } 350 351 OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf)); 352 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); 353 OPENSSL_assert(ctx->buf_len >= ctx->buf_off); 354 n = ctx->buf_len - ctx->buf_off; 355 while (n > 0) { 356 i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n); 357 if (i <= 0) { 358 BIO_copy_next_retry(b); 359 return i; 360 } 361 OPENSSL_assert(i <= n); 362 ctx->buf_off += i; 363 OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf)); 364 OPENSSL_assert(ctx->buf_len >= ctx->buf_off); 365 n -= i; 366 } 367 /* at this point all pending data has been written */ 368 ctx->buf_off = 0; 369 ctx->buf_len = 0; 370 371 if ((in == NULL) || (inl <= 0)) 372 return 0; 373 374 while (inl > 0) { 375 n = (inl > B64_BLOCK_SIZE) ? B64_BLOCK_SIZE : inl; 376 377 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { 378 if (ctx->tmp_len > 0) { 379 OPENSSL_assert(ctx->tmp_len <= 3); 380 n = 3 - ctx->tmp_len; 381 /* 382 * There's a theoretical possibility for this 383 */ 384 if (n > inl) 385 n = inl; 386 memcpy(&(ctx->tmp[ctx->tmp_len]), in, n); 387 ctx->tmp_len += n; 388 ret += n; 389 if (ctx->tmp_len < 3) 390 break; 391 ctx->buf_len = 392 EVP_EncodeBlock((unsigned char *)ctx->buf, 393 (unsigned char *)ctx->tmp, ctx->tmp_len); 394 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); 395 OPENSSL_assert(ctx->buf_len >= ctx->buf_off); 396 /* 397 * Since we're now done using the temporary buffer, the 398 * length should be 0'd 399 */ 400 ctx->tmp_len = 0; 401 } else { 402 if (n < 3) { 403 memcpy(ctx->tmp, in, n); 404 ctx->tmp_len = n; 405 ret += n; 406 break; 407 } 408 n -= n % 3; 409 ctx->buf_len = 410 EVP_EncodeBlock((unsigned char *)ctx->buf, 411 (const unsigned char *)in, n); 412 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); 413 OPENSSL_assert(ctx->buf_len >= ctx->buf_off); 414 ret += n; 415 } 416 } else { 417 if (!EVP_EncodeUpdate(ctx->base64, 418 (unsigned char *)ctx->buf, &ctx->buf_len, 419 (unsigned char *)in, n)) 420 return ((ret == 0) ? -1 : ret); 421 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); 422 OPENSSL_assert(ctx->buf_len >= ctx->buf_off); 423 ret += n; 424 } 425 inl -= n; 426 in += n; 427 428 ctx->buf_off = 0; 429 n = ctx->buf_len; 430 while (n > 0) { 431 i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n); 432 if (i <= 0) { 433 BIO_copy_next_retry(b); 434 return ((ret == 0) ? i : ret); 435 } 436 OPENSSL_assert(i <= n); 437 n -= i; 438 ctx->buf_off += i; 439 OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf)); 440 OPENSSL_assert(ctx->buf_len >= ctx->buf_off); 441 } 442 ctx->buf_len = 0; 443 ctx->buf_off = 0; 444 } 445 return ret; 446 } 447 448 static long b64_ctrl(BIO *b, int cmd, long num, void *ptr) 449 { 450 BIO_B64_CTX *ctx; 451 long ret = 1; 452 int i; 453 BIO *next; 454 455 ctx = (BIO_B64_CTX *)BIO_get_data(b); 456 next = BIO_next(b); 457 if ((ctx == NULL) || (next == NULL)) 458 return 0; 459 460 switch (cmd) { 461 case BIO_CTRL_RESET: 462 ctx->cont = 1; 463 ctx->start = 1; 464 ctx->encode = B64_NONE; 465 ret = BIO_ctrl(next, cmd, num, ptr); 466 break; 467 case BIO_CTRL_EOF: /* More to read */ 468 if (ctx->cont <= 0) 469 ret = 1; 470 else 471 ret = BIO_ctrl(next, cmd, num, ptr); 472 break; 473 case BIO_CTRL_WPENDING: /* More to write in buffer */ 474 OPENSSL_assert(ctx->buf_len >= ctx->buf_off); 475 ret = ctx->buf_len - ctx->buf_off; 476 if ((ret == 0) && (ctx->encode != B64_NONE) 477 && (EVP_ENCODE_CTX_num(ctx->base64) != 0)) 478 ret = 1; 479 else if (ret <= 0) 480 ret = BIO_ctrl(next, cmd, num, ptr); 481 break; 482 case BIO_CTRL_PENDING: /* More to read in buffer */ 483 OPENSSL_assert(ctx->buf_len >= ctx->buf_off); 484 ret = ctx->buf_len - ctx->buf_off; 485 if (ret <= 0) 486 ret = BIO_ctrl(next, cmd, num, ptr); 487 break; 488 case BIO_CTRL_FLUSH: 489 /* do a final write */ 490 again: 491 while (ctx->buf_len != ctx->buf_off) { 492 i = b64_write(b, NULL, 0); 493 if (i < 0) 494 return i; 495 } 496 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { 497 if (ctx->tmp_len != 0) { 498 ctx->buf_len = EVP_EncodeBlock((unsigned char *)ctx->buf, 499 (unsigned char *)ctx->tmp, 500 ctx->tmp_len); 501 ctx->buf_off = 0; 502 ctx->tmp_len = 0; 503 goto again; 504 } 505 } else if (ctx->encode != B64_NONE 506 && EVP_ENCODE_CTX_num(ctx->base64) != 0) { 507 ctx->buf_off = 0; 508 EVP_EncodeFinal(ctx->base64, 509 (unsigned char *)ctx->buf, &(ctx->buf_len)); 510 /* push out the bytes */ 511 goto again; 512 } 513 /* Finally flush the underlying BIO */ 514 ret = BIO_ctrl(next, cmd, num, ptr); 515 break; 516 517 case BIO_C_DO_STATE_MACHINE: 518 BIO_clear_retry_flags(b); 519 ret = BIO_ctrl(next, cmd, num, ptr); 520 BIO_copy_next_retry(b); 521 break; 522 523 case BIO_CTRL_DUP: 524 break; 525 case BIO_CTRL_INFO: 526 case BIO_CTRL_GET: 527 case BIO_CTRL_SET: 528 default: 529 ret = BIO_ctrl(next, cmd, num, ptr); 530 break; 531 } 532 return ret; 533 } 534 535 static long b64_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) 536 { 537 long ret = 1; 538 BIO *next = BIO_next(b); 539 540 if (next == NULL) 541 return 0; 542 switch (cmd) { 543 default: 544 ret = BIO_callback_ctrl(next, cmd, fp); 545 break; 546 } 547 return ret; 548 } 549 550 static int b64_puts(BIO *b, const char *str) 551 { 552 return b64_write(b, str, strlen(str)); 553 } 554