crypto/evp/bio_enc.c

   1 /*
   2  * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <stdio.h>
  11 #include <errno.h>
  12 #include "internal/cryptlib.h"
  13 #include <openssl/buffer.h>
  14 #include <openssl/evp.h>
  15 #include "internal/bio.h"
  16
  17 static int enc_write(BIO *h, const char *buf, int num);
  18 static int enc_read(BIO *h, char *buf, int size);
  19 static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
  20 static int enc_new(BIO *h);
  21 static int enc_free(BIO *data);
  22 static long enc_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fps);
  23 #define ENC_BLOCK_SIZE  (1024*4)
  24 #define ENC_MIN_CHUNK   (256)
  25 #define BUF_OFFSET      (ENC_MIN_CHUNK + EVP_MAX_BLOCK_LENGTH)
  26
  27 typedef struct enc_struct {
  28     int buf_len;
  29     int buf_off;
  30     int cont;                   /* <= 0 when finished */
  31     int finished;
  32     int ok;                     /* bad decrypt */
  33     EVP_CIPHER_CTX *cipher;
  34     unsigned char *read_start, *read_end;
  35     /*
  36      * buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate can return
  37      * up to a block more data than is presented to it
  38      */
  39     unsigned char buf[BUF_OFFSET + ENC_BLOCK_SIZE];
  40 } BIO_ENC_CTX;
  41
  42 static const BIO_METHOD methods_enc = {
  43     BIO_TYPE_CIPHER,
  44     "cipher",
  45     /* TODO: Convert to new style write function */
  46     bwrite_conv,
  47     enc_write,
  48     /* TODO: Convert to new style read function */
  49     bread_conv,
  50     enc_read,
  51     NULL,                       /* enc_puts, */
  52     NULL,                       /* enc_gets, */
  53     enc_ctrl,
  54     enc_new,
  55     enc_free,
  56     enc_callback_ctrl,
  57 };
  58
  59 const BIO_METHOD *BIO_f_cipher(void)
  60 {
  61     return &methods_enc;
  62 }
  63
  64 static int enc_new(BIO *bi)
  65 {
  66     BIO_ENC_CTX *ctx;
  67
  68     if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) {
  69         EVPerr(EVP_F_ENC_NEW, ERR_R_MALLOC_FAILURE);
  70         return 0;
  71     }
  72
  73     ctx->cipher = EVP_CIPHER_CTX_new();
  74     if (ctx->cipher == NULL) {
  75         OPENSSL_free(ctx);
  76         return 0;
  77     }
  78     ctx->cont = 1;
  79     ctx->ok = 1;
  80     ctx->read_end = ctx->read_start = &(ctx->buf[BUF_OFFSET]);
  81     BIO_set_data(bi, ctx);
  82     BIO_set_init(bi, 1);
  83
  84     return 1;
  85 }
  86
  87 static int enc_free(BIO *a)
  88 {
  89     BIO_ENC_CTX *b;
  90
  91     if (a == NULL)
  92         return 0;
  93
  94     b = BIO_get_data(a);
  95     if (b == NULL)
  96         return 0;
  97
  98     EVP_CIPHER_CTX_free(b->cipher);
  99     OPENSSL_clear_free(b, sizeof(BIO_ENC_CTX));
 100     BIO_set_data(a, NULL);
 101     BIO_set_init(a, 0);
 102
 103     return 1;
 104 }
 105
 106 static int enc_read(BIO *b, char *out, int outl)
 107 {
 108     int ret = 0, i, blocksize;
 109     BIO_ENC_CTX *ctx;
 110     BIO *next;
 111
 112     if (out == NULL)
 113         return 0;
 114     ctx = BIO_get_data(b);
 115
 116     next = BIO_next(b);
 117     if ((ctx == NULL) || (next == NULL))
 118         return 0;
 119
 120     /* First check if there are bytes decoded/encoded */
 121     if (ctx->buf_len > 0) {
 122         i = ctx->buf_len - ctx->buf_off;
 123         if (i > outl)
 124             i = outl;
 125         memcpy(out, &(ctx->buf[ctx->buf_off]), i);
 126         ret = i;
 127         out += i;
 128         outl -= i;
 129         ctx->buf_off += i;
 130         if (ctx->buf_len == ctx->buf_off) {
 131             ctx->buf_len = 0;
 132             ctx->buf_off = 0;
 133         }
 134     }
 135
 136     blocksize = EVP_CIPHER_CTX_block_size(ctx->cipher);
 137     if (blocksize == 1)
 138         blocksize = 0;
 139
 140     /*
 141      * At this point, we have room of outl bytes and an empty buffer, so we
 142      * should read in some more.
 143      */
 144
 145     while (outl > 0) {
 146         if (ctx->cont <= 0)
 147             break;
 148
 149         if (ctx->read_start == ctx->read_end) { /* time to read more data */
 150             ctx->read_end = ctx->read_start = &(ctx->buf[BUF_OFFSET]);
 151             i = BIO_read(next, ctx->read_start, ENC_BLOCK_SIZE);
 152             if (i > 0)
 153                 ctx->read_end += i;
 154         } else {
 155             i = ctx->read_end - ctx->read_start;
 156         }
 157
 158         if (i <= 0) {
 159             /* Should be continue next time we are called? */
 160             if (!BIO_should_retry(next)) {
 161                 ctx->cont = i;
 162                 i = EVP_CipherFinal_ex(ctx->cipher,
 163                                        ctx->buf, &(ctx->buf_len));
 164                 ctx->ok = i;
 165                 ctx->buf_off = 0;
 166             } else {
 167                 ret = (ret == 0) ? i : ret;
 168                 break;
 169             }
 170         } else {
 171             if (outl > ENC_MIN_CHUNK) {
 172                 /*
 173                  * Depending on flags block cipher decrypt can write
 174                  * one extra block and then back off, i.e. output buffer
 175                  * has to accommodate extra block...
 176                  */
 177                 int j = outl - blocksize, buf_len;
 178
 179                 if (!EVP_CipherUpdate(ctx->cipher,
 180                                       (unsigned char *)out, &buf_len,
 181                                       ctx->read_start, i > j ? j : i)) {
 182                     BIO_clear_retry_flags(b);
 183                     return 0;
 184                 }
 185                 ret += buf_len;
 186                 out += buf_len;
 187                 outl -= buf_len;
 188
 189                 if ((i -= j) <= 0) {
 190                     ctx->read_start = ctx->read_end;
 191                     continue;
 192                 }
 193                 ctx->read_start += j;
 194             }
 195             if (i > ENC_MIN_CHUNK)
 196                 i = ENC_MIN_CHUNK;
 197             if (!EVP_CipherUpdate(ctx->cipher,
 198                                   ctx->buf, &ctx->buf_len,
 199                                   ctx->read_start, i)) {
 200                 BIO_clear_retry_flags(b);
 201                 ctx->ok = 0;
 202                 return 0;
 203             }
 204             ctx->read_start += i;
 205             ctx->cont = 1;
 206             /*
 207              * Note: it is possible for EVP_CipherUpdate to decrypt zero
 208              * bytes because this is or looks like the final block: if this
 209              * happens we should retry and either read more data or decrypt
 210              * the final block
 211              */
 212             if (ctx->buf_len == 0)
 213                 continue;
 214         }
 215
 216         if (ctx->buf_len <= outl)
 217             i = ctx->buf_len;
 218         else
 219             i = outl;
 220         if (i <= 0)
 221             break;
 222         memcpy(out, ctx->buf, i);
 223         ret += i;
 224         ctx->buf_off = i;
 225         outl -= i;
 226         out += i;
 227     }
 228
 229     BIO_clear_retry_flags(b);
 230     BIO_copy_next_retry(b);
 231     return ((ret == 0) ? ctx->cont : ret);
 232 }
 233
 234 static int enc_write(BIO *b, const char *in, int inl)
 235 {
 236     int ret = 0, n, i;
 237     BIO_ENC_CTX *ctx;
 238     BIO *next;
 239
 240     ctx = BIO_get_data(b);
 241     next = BIO_next(b);
 242     if ((ctx == NULL) || (next == NULL))
 243         return 0;
 244
 245     ret = inl;
 246
 247     BIO_clear_retry_flags(b);
 248     n = ctx->buf_len - ctx->buf_off;
 249     while (n > 0) {
 250         i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n);
 251         if (i <= 0) {
 252             BIO_copy_next_retry(b);
 253             return i;
 254         }
 255         ctx->buf_off += i;
 256         n -= i;
 257     }
 258     /* at this point all pending data has been written */
 259
 260     if ((in == NULL) || (inl <= 0))
 261         return 0;
 262
 263     ctx->buf_off = 0;
 264     while (inl > 0) {
 265         n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl;
 266         if (!EVP_CipherUpdate(ctx->cipher,
 267                               ctx->buf, &ctx->buf_len,
 268                               (const unsigned char *)in, n)) {
 269             BIO_clear_retry_flags(b);
 270             ctx->ok = 0;
 271             return 0;
 272         }
 273         inl -= n;
 274         in += n;
 275
 276         ctx->buf_off = 0;
 277         n = ctx->buf_len;
 278         while (n > 0) {
 279             i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n);
 280             if (i <= 0) {
 281                 BIO_copy_next_retry(b);
 282                 return (ret == inl) ? i : ret - inl;
 283             }
 284             n -= i;
 285             ctx->buf_off += i;
 286         }
 287         ctx->buf_len = 0;
 288         ctx->buf_off = 0;
 289     }
 290     BIO_copy_next_retry(b);
 291     return ret;
 292 }
 293
 294 static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
 295 {
 296     BIO *dbio;
 297     BIO_ENC_CTX *ctx, *dctx;
 298     long ret = 1;
 299     int i;
 300     EVP_CIPHER_CTX **c_ctx;
 301     BIO *next;
 302
 303     ctx = BIO_get_data(b);
 304     next = BIO_next(b);
 305     if (ctx == NULL)
 306         return 0;
 307
 308     switch (cmd) {
 309     case BIO_CTRL_RESET:
 310         ctx->ok = 1;
 311         ctx->finished = 0;
 312         if (!EVP_CipherInit_ex(ctx->cipher, NULL, NULL, NULL, NULL,
 313                                EVP_CIPHER_CTX_encrypting(ctx->cipher)))
 314             return 0;
 315         ret = BIO_ctrl(next, cmd, num, ptr);
 316         break;
 317     case BIO_CTRL_EOF:         /* More to read */
 318         if (ctx->cont <= 0)
 319             ret = 1;
 320         else
 321             ret = BIO_ctrl(next, cmd, num, ptr);
 322         break;
 323     case BIO_CTRL_WPENDING:
 324         ret = ctx->buf_len - ctx->buf_off;
 325         if (ret <= 0)
 326             ret = BIO_ctrl(next, cmd, num, ptr);
 327         break;
 328     case BIO_CTRL_PENDING:     /* More to read in buffer */
 329         ret = ctx->buf_len - ctx->buf_off;
 330         if (ret <= 0)
 331             ret = BIO_ctrl(next, cmd, num, ptr);
 332         break;
 333     case BIO_CTRL_FLUSH:
 334         /* do a final write */
 335  again:
 336         while (ctx->buf_len != ctx->buf_off) {
 337             i = enc_write(b, NULL, 0);
 338             if (i < 0)
 339                 return i;
 340         }
 341
 342         if (!ctx->finished) {
 343             ctx->finished = 1;
 344             ctx->buf_off = 0;
 345             ret = EVP_CipherFinal_ex(ctx->cipher,
 346                                      (unsigned char *)ctx->buf,
 347                                      &(ctx->buf_len));
 348             ctx->ok = (int)ret;
 349             if (ret <= 0)
 350                 break;
 351
 352             /* push out the bytes */
 353             goto again;
 354         }
 355
 356         /* Finally flush the underlying BIO */
 357         ret = BIO_ctrl(next, cmd, num, ptr);
 358         break;
 359     case BIO_C_GET_CIPHER_STATUS:
 360         ret = (long)ctx->ok;
 361         break;
 362     case BIO_C_DO_STATE_MACHINE:
 363         BIO_clear_retry_flags(b);
 364         ret = BIO_ctrl(next, cmd, num, ptr);
 365         BIO_copy_next_retry(b);
 366         break;
 367     case BIO_C_GET_CIPHER_CTX:
 368         c_ctx = (EVP_CIPHER_CTX **)ptr;
 369         *c_ctx = ctx->cipher;
 370         BIO_set_init(b, 1);
 371         break;
 372     case BIO_CTRL_DUP:
 373         dbio = (BIO *)ptr;
 374         dctx = BIO_get_data(dbio);
 375         dctx->cipher = EVP_CIPHER_CTX_new();
 376         if (dctx->cipher == NULL)
 377             return 0;
 378         ret = EVP_CIPHER_CTX_copy(dctx->cipher, ctx->cipher);
 379         if (ret)
 380             BIO_set_init(dbio, 1);
 381         break;
 382     default:
 383         ret = BIO_ctrl(next, cmd, num, ptr);
 384         break;
 385     }
 386     return ret;
 387 }
 388
 389 static long enc_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp)
 390 {
 391     BIO *next = BIO_next(b);
 392
 393     if (next == NULL)
 394         return 0;
 395
 396     return BIO_callback_ctrl(next, cmd, fp);
 397 }
 398
 399 int BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
 400                    const unsigned char *i, int e)
 401 {
 402     BIO_ENC_CTX *ctx;
 403     long (*callback) (struct bio_st *, int, const char *, int, long, long);
 404
 405     ctx = BIO_get_data(b);
 406     if (ctx == NULL)
 407         return 0;
 408
 409     callback = BIO_get_callback(b);
 410
 411     if ((callback != NULL) &&
 412             (callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e,
 413                       0L) <= 0))
 414         return 0;
 415
 416     BIO_set_init(b, 1);
 417
 418     if (!EVP_CipherInit_ex(ctx->cipher, c, NULL, k, i, e))
 419         return 0;
 420
 421     if (callback != NULL)
 422         return callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 1L);
 423     return 1;
 424 }