2 * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/core_names.h>
11 #include <openssl/bio.h>
12 #include <openssl/params.h>
13 #include <openssl/provider.h>
14 #include <openssl/evperr.h>
15 #include <openssl/ecerr.h>
16 #include <openssl/pkcs12err.h>
17 #include <openssl/x509err.h>
18 #include <openssl/trace.h>
19 #include "internal/bio.h"
20 #include "internal/provider.h"
21 #include "internal/namemap.h"
22 #include "crypto/decoder.h"
23 #include "encoder_local.h"
24 #include "internal/e_os.h"
26 struct decoder_process_data_st
{
27 OSSL_DECODER_CTX
*ctx
;
32 /* Index of the current decoder instance to be processed */
33 size_t current_decoder_inst_index
;
34 /* For tracing, count recursion level */
40 unsigned int flag_next_level_called
: 1;
41 unsigned int flag_construct_called
: 1;
42 unsigned int flag_input_structure_checked
: 1;
45 static int decoder_process(const OSSL_PARAM params
[], void *arg
);
47 int OSSL_DECODER_from_bio(OSSL_DECODER_CTX
*ctx
, BIO
*in
)
49 struct decoder_process_data_st data
;
52 unsigned long lasterr
;
55 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_PASSED_NULL_PARAMETER
);
59 if (OSSL_DECODER_CTX_get_num_decoders(ctx
) == 0) {
60 ERR_raise_data(ERR_LIB_OSSL_DECODER
, OSSL_DECODER_R_DECODER_NOT_FOUND
,
61 "No decoders were found. For standard decoders you need "
62 "at least one of the default or base providers "
63 "available. Did you forget to load them?");
67 lasterr
= ERR_peek_last_error();
69 if (BIO_tell(in
) < 0) {
70 new_bio
= BIO_new(BIO_f_readbuffer());
73 in
= BIO_push(new_bio
, in
);
75 memset(&data
, 0, sizeof(data
));
79 /* Enable passphrase caching */
80 (void)ossl_pw_enable_passphrase_caching(&ctx
->pwdata
);
82 ok
= decoder_process(NULL
, &data
);
84 if (!data
.flag_construct_called
) {
86 = ctx
->start_input_type
!= NULL
&& ctx
->input_structure
!= NULL
88 const char *input_type_label
89 = ctx
->start_input_type
!= NULL
? "Input type: " : "";
90 const char *input_structure_label
91 = ctx
->input_structure
!= NULL
? "Input structure: " : "";
93 = ctx
->start_input_type
!= NULL
&& ctx
->input_structure
!= NULL
95 const char *input_type
96 = ctx
->start_input_type
!= NULL
? ctx
->start_input_type
: "";
97 const char *input_structure
98 = ctx
->input_structure
!= NULL
? ctx
->input_structure
: "";
100 if (ERR_peek_last_error() == lasterr
|| ERR_peek_error() == 0)
101 /* Prevent spurious decoding error but add at least something */
102 ERR_raise_data(ERR_LIB_OSSL_DECODER
, ERR_R_UNSUPPORTED
,
103 "No supported data to decode. %s%s%s%s%s%s",
104 spaces
, input_type_label
, input_type
, comma
,
105 input_structure_label
, input_structure
);
109 /* Clear any internally cached passphrase */
110 (void)ossl_pw_clear_passphrase_cache(&ctx
->pwdata
);
112 if (new_bio
!= NULL
) {
119 #ifndef OPENSSL_NO_STDIO
120 static BIO
*bio_from_file(FILE *fp
)
124 if ((b
= BIO_new(BIO_s_file())) == NULL
) {
125 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_BIO_LIB
);
128 BIO_set_fp(b
, fp
, BIO_NOCLOSE
);
132 int OSSL_DECODER_from_fp(OSSL_DECODER_CTX
*ctx
, FILE *fp
)
134 BIO
*b
= bio_from_file(fp
);
138 ret
= OSSL_DECODER_from_bio(ctx
, b
);
145 int OSSL_DECODER_from_data(OSSL_DECODER_CTX
*ctx
, const unsigned char **pdata
,
151 if (pdata
== NULL
|| *pdata
== NULL
|| pdata_len
== NULL
) {
152 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_PASSED_NULL_PARAMETER
);
156 membio
= BIO_new_mem_buf(*pdata
, (int)*pdata_len
);
157 if (OSSL_DECODER_from_bio(ctx
, membio
)) {
158 *pdata_len
= (size_t)BIO_get_mem_data(membio
, pdata
);
166 int OSSL_DECODER_CTX_set_selection(OSSL_DECODER_CTX
*ctx
, int selection
)
168 if (!ossl_assert(ctx
!= NULL
)) {
169 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_PASSED_NULL_PARAMETER
);
174 * 0 is a valid selection, and means that the caller leaves
175 * it to code to discover what the selection is.
177 ctx
->selection
= selection
;
181 int OSSL_DECODER_CTX_set_input_type(OSSL_DECODER_CTX
*ctx
,
182 const char *input_type
)
184 if (!ossl_assert(ctx
!= NULL
)) {
185 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_PASSED_NULL_PARAMETER
);
190 * NULL is a valid starting input type, and means that the caller leaves
191 * it to code to discover what the starting input type is.
193 ctx
->start_input_type
= input_type
;
197 int OSSL_DECODER_CTX_set_input_structure(OSSL_DECODER_CTX
*ctx
,
198 const char *input_structure
)
200 if (!ossl_assert(ctx
!= NULL
)) {
201 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_PASSED_NULL_PARAMETER
);
206 * NULL is a valid starting input structure, and means that the caller
207 * leaves it to code to discover what the starting input structure is.
209 ctx
->input_structure
= input_structure
;
213 OSSL_DECODER_INSTANCE
*ossl_decoder_instance_new(OSSL_DECODER
*decoder
,
216 OSSL_DECODER_INSTANCE
*decoder_inst
= NULL
;
217 const OSSL_PROVIDER
*prov
;
218 OSSL_LIB_CTX
*libctx
;
219 const OSSL_PROPERTY_LIST
*props
;
220 const OSSL_PROPERTY_DEFINITION
*prop
;
222 if (!ossl_assert(decoder
!= NULL
)) {
223 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_PASSED_NULL_PARAMETER
);
227 if ((decoder_inst
= OPENSSL_zalloc(sizeof(*decoder_inst
))) == NULL
) {
228 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_MALLOC_FAILURE
);
231 if (!OSSL_DECODER_up_ref(decoder
)) {
232 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_INTERNAL_ERROR
);
236 prov
= OSSL_DECODER_get0_provider(decoder
);
237 libctx
= ossl_provider_libctx(prov
);
238 props
= ossl_decoder_parsed_properties(decoder
);
240 ERR_raise_data(ERR_LIB_OSSL_DECODER
, ERR_R_INVALID_PROPERTY_DEFINITION
,
241 "there are no property definitions with decoder %s",
242 OSSL_DECODER_get0_name(decoder
));
246 /* The "input" property is mandatory */
247 prop
= ossl_property_find_property(props
, libctx
, "input");
248 decoder_inst
->input_type
= ossl_property_get_string_value(libctx
, prop
);
249 decoder_inst
->input_type_id
= 0;
250 if (decoder_inst
->input_type
== NULL
) {
251 ERR_raise_data(ERR_LIB_OSSL_DECODER
, ERR_R_INVALID_PROPERTY_DEFINITION
,
252 "the mandatory 'input' property is missing "
253 "for decoder %s (properties: %s)",
254 OSSL_DECODER_get0_name(decoder
),
255 OSSL_DECODER_get0_properties(decoder
));
259 /* The "structure" property is optional */
260 prop
= ossl_property_find_property(props
, libctx
, "structure");
262 decoder_inst
->input_structure
263 = ossl_property_get_string_value(libctx
, prop
);
266 decoder_inst
->decoder
= decoder
;
267 decoder_inst
->decoderctx
= decoderctx
;
270 ossl_decoder_instance_free(decoder_inst
);
274 void ossl_decoder_instance_free(OSSL_DECODER_INSTANCE
*decoder_inst
)
276 if (decoder_inst
!= NULL
) {
277 if (decoder_inst
->decoder
!= NULL
)
278 decoder_inst
->decoder
->freectx(decoder_inst
->decoderctx
);
279 decoder_inst
->decoderctx
= NULL
;
280 OSSL_DECODER_free(decoder_inst
->decoder
);
281 decoder_inst
->decoder
= NULL
;
282 OPENSSL_free(decoder_inst
);
286 int ossl_decoder_ctx_add_decoder_inst(OSSL_DECODER_CTX
*ctx
,
287 OSSL_DECODER_INSTANCE
*di
)
291 if (ctx
->decoder_insts
== NULL
292 && (ctx
->decoder_insts
=
293 sk_OSSL_DECODER_INSTANCE_new_null()) == NULL
) {
294 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_MALLOC_FAILURE
);
298 ok
= (sk_OSSL_DECODER_INSTANCE_push(ctx
->decoder_insts
, di
) > 0);
300 OSSL_TRACE_BEGIN(DECODER
) {
302 "(ctx %p) Added decoder instance %p for decoder %p\n"
304 (void *)ctx
, (void *)di
, (void *)di
->decoder
,
305 OSSL_DECODER_get0_name(di
->decoder
),
306 OSSL_DECODER_get0_properties(di
->decoder
));
307 } OSSL_TRACE_END(DECODER
);
312 int OSSL_DECODER_CTX_add_decoder(OSSL_DECODER_CTX
*ctx
, OSSL_DECODER
*decoder
)
314 OSSL_DECODER_INSTANCE
*decoder_inst
= NULL
;
315 const OSSL_PROVIDER
*prov
= NULL
;
316 void *decoderctx
= NULL
;
317 void *provctx
= NULL
;
319 if (!ossl_assert(ctx
!= NULL
) || !ossl_assert(decoder
!= NULL
)) {
320 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_PASSED_NULL_PARAMETER
);
324 prov
= OSSL_DECODER_get0_provider(decoder
);
325 provctx
= OSSL_PROVIDER_get0_provider_ctx(prov
);
327 if ((decoderctx
= decoder
->newctx(provctx
)) == NULL
329 ossl_decoder_instance_new(decoder
, decoderctx
)) == NULL
)
331 /* Avoid double free of decoderctx on further errors */
334 if (!ossl_decoder_ctx_add_decoder_inst(ctx
, decoder_inst
))
339 ossl_decoder_instance_free(decoder_inst
);
340 if (decoderctx
!= NULL
)
341 decoder
->freectx(decoderctx
);
345 struct collect_extra_decoder_data_st
{
346 OSSL_DECODER_CTX
*ctx
;
347 const char *output_type
;
351 * 0 to check that the decoder's input type is the same as the decoder name
352 * 1 to check that the decoder's input type differs from the decoder name
354 enum { IS_SAME
= 0, IS_DIFFERENT
= 1 } type_check
;
355 size_t w_prev_start
, w_prev_end
; /* "previous" decoders */
356 size_t w_new_start
, w_new_end
; /* "new" decoders */
359 DEFINE_STACK_OF(OSSL_DECODER
)
361 static void collect_all_decoders(OSSL_DECODER
*decoder
, void *arg
)
363 STACK_OF(OSSL_DECODER
) *skdecoders
= arg
;
365 if (OSSL_DECODER_up_ref(decoder
))
366 sk_OSSL_DECODER_push(skdecoders
, decoder
);
369 static void collect_extra_decoder(OSSL_DECODER
*decoder
, void *arg
)
371 struct collect_extra_decoder_data_st
*data
= arg
;
373 const OSSL_PROVIDER
*prov
= OSSL_DECODER_get0_provider(decoder
);
374 void *provctx
= OSSL_PROVIDER_get0_provider_ctx(prov
);
376 if (ossl_decoder_fast_is_a(decoder
, data
->output_type
, &data
->output_type_id
)) {
377 void *decoderctx
= NULL
;
378 OSSL_DECODER_INSTANCE
*di
= NULL
;
380 OSSL_TRACE_BEGIN(DECODER
) {
382 "(ctx %p) [%d] Checking out decoder %p:\n"
384 (void *)data
->ctx
, data
->type_check
, (void *)decoder
,
385 OSSL_DECODER_get0_name(decoder
),
386 OSSL_DECODER_get0_properties(decoder
));
387 } OSSL_TRACE_END(DECODER
);
390 * Check that we don't already have this decoder in our stack,
391 * starting with the previous windows but also looking at what
392 * we have added in the current window.
394 for (j
= data
->w_prev_start
; j
< data
->w_new_end
; j
++) {
395 OSSL_DECODER_INSTANCE
*check_inst
=
396 sk_OSSL_DECODER_INSTANCE_value(data
->ctx
->decoder_insts
, j
);
398 if (decoder
->base
.algodef
== check_inst
->decoder
->base
.algodef
) {
399 /* We found it, so don't do anything more */
400 OSSL_TRACE_BEGIN(DECODER
) {
402 " REJECTED: already exists in the chain\n");
403 } OSSL_TRACE_END(DECODER
);
408 if ((decoderctx
= decoder
->newctx(provctx
)) == NULL
)
411 if ((di
= ossl_decoder_instance_new(decoder
, decoderctx
)) == NULL
) {
412 decoder
->freectx(decoderctx
);
416 switch (data
->type_check
) {
418 /* If it differs, this is not a decoder to add for now. */
419 if (!ossl_decoder_fast_is_a(decoder
,
420 OSSL_DECODER_INSTANCE_get_input_type(di
),
421 &di
->input_type_id
)) {
422 ossl_decoder_instance_free(di
);
423 OSSL_TRACE_BEGIN(DECODER
) {
425 " REJECTED: input type doesn't match output type\n");
426 } OSSL_TRACE_END(DECODER
);
431 /* If it's the same, this is not a decoder to add for now. */
432 if (ossl_decoder_fast_is_a(decoder
,
433 OSSL_DECODER_INSTANCE_get_input_type(di
),
434 &di
->input_type_id
)) {
435 ossl_decoder_instance_free(di
);
436 OSSL_TRACE_BEGIN(DECODER
) {
438 " REJECTED: input type matches output type\n");
439 } OSSL_TRACE_END(DECODER
);
446 * Apart from keeping w_new_end up to date, We don't care about
447 * errors here. If it doesn't collect, then it doesn't...
449 if (!ossl_decoder_ctx_add_decoder_inst(data
->ctx
, di
)) {
450 ossl_decoder_instance_free(di
);
458 int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX
*ctx
,
459 OSSL_LIB_CTX
*libctx
, const char *propq
)
462 * This function goes through existing decoder methods in
463 * |ctx->decoder_insts|, and tries to fetch new decoders that produce
464 * what the existing ones want as input, and push those newly fetched
465 * decoders on top of the same stack.
466 * Then it does the same again, but looping over the newly fetched
467 * decoders, until there are no more decoders to be fetched, or
468 * when we have done this 10 times.
470 * we do this with sliding windows on the stack by keeping track of indexes
474 * | DER to RSA | <--- w_prev_start
480 * | PEM to DER | <--- w_prev_end, w_new_start
484 struct collect_extra_decoder_data_st data
;
485 size_t depth
= 0; /* Counts the number of iterations */
486 size_t count
; /* Calculates how many were added in each iteration */
488 STACK_OF(OSSL_DECODER
) *skdecoders
;
490 if (!ossl_assert(ctx
!= NULL
)) {
491 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_PASSED_NULL_PARAMETER
);
496 * If there is no stack of OSSL_DECODER_INSTANCE, we have nothing
497 * more to add. That's fine.
499 if (ctx
->decoder_insts
== NULL
)
502 OSSL_TRACE_BEGIN(DECODER
) {
503 BIO_printf(trc_out
, "(ctx %p) Looking for extra decoders\n",
505 } OSSL_TRACE_END(DECODER
);
508 skdecoders
= sk_OSSL_DECODER_new_null();
509 if (skdecoders
== NULL
) {
510 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_MALLOC_FAILURE
);
513 OSSL_DECODER_do_all_provided(libctx
, collect_all_decoders
, skdecoders
);
514 numdecoders
= sk_OSSL_DECODER_num(skdecoders
);
516 memset(&data
, 0, sizeof(data
));
518 data
.w_prev_start
= 0;
519 data
.w_prev_end
= sk_OSSL_DECODER_INSTANCE_num(ctx
->decoder_insts
);
523 data
.w_new_start
= data
.w_new_end
= data
.w_prev_end
;
527 * 0. All decoders that have the same name as their input type.
528 * This allows for decoders that unwrap some data in a specific
529 * encoding, and pass the result on with the same encoding.
530 * 1. All decoders that a different name than their input type.
532 for (data
.type_check
= IS_SAME
;
533 data
.type_check
<= IS_DIFFERENT
;
535 for (i
= data
.w_prev_start
; i
< data
.w_prev_end
; i
++) {
536 OSSL_DECODER_INSTANCE
*decoder_inst
=
537 sk_OSSL_DECODER_INSTANCE_value(ctx
->decoder_insts
, i
);
540 = OSSL_DECODER_INSTANCE_get_input_type(decoder_inst
);
542 data
.output_type_id
= 0;
544 for (j
= 0; j
< numdecoders
; j
++)
545 collect_extra_decoder(sk_OSSL_DECODER_value(skdecoders
, j
),
549 /* How many were added in this iteration */
550 count
= data
.w_new_end
- data
.w_new_start
;
552 /* Slide the "previous decoder" windows */
553 data
.w_prev_start
= data
.w_new_start
;
554 data
.w_prev_end
= data
.w_new_end
;
557 } while (count
!= 0 && depth
<= 10);
559 sk_OSSL_DECODER_pop_free(skdecoders
, OSSL_DECODER_free
);
563 int OSSL_DECODER_CTX_get_num_decoders(OSSL_DECODER_CTX
*ctx
)
565 if (ctx
== NULL
|| ctx
->decoder_insts
== NULL
)
567 return sk_OSSL_DECODER_INSTANCE_num(ctx
->decoder_insts
);
570 int OSSL_DECODER_CTX_set_construct(OSSL_DECODER_CTX
*ctx
,
571 OSSL_DECODER_CONSTRUCT
*construct
)
573 if (!ossl_assert(ctx
!= NULL
)) {
574 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_PASSED_NULL_PARAMETER
);
577 ctx
->construct
= construct
;
581 int OSSL_DECODER_CTX_set_construct_data(OSSL_DECODER_CTX
*ctx
,
582 void *construct_data
)
584 if (!ossl_assert(ctx
!= NULL
)) {
585 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_PASSED_NULL_PARAMETER
);
588 ctx
->construct_data
= construct_data
;
592 int OSSL_DECODER_CTX_set_cleanup(OSSL_DECODER_CTX
*ctx
,
593 OSSL_DECODER_CLEANUP
*cleanup
)
595 if (!ossl_assert(ctx
!= NULL
)) {
596 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_PASSED_NULL_PARAMETER
);
599 ctx
->cleanup
= cleanup
;
603 OSSL_DECODER_CONSTRUCT
*
604 OSSL_DECODER_CTX_get_construct(OSSL_DECODER_CTX
*ctx
)
608 return ctx
->construct
;
611 void *OSSL_DECODER_CTX_get_construct_data(OSSL_DECODER_CTX
*ctx
)
615 return ctx
->construct_data
;
618 OSSL_DECODER_CLEANUP
*
619 OSSL_DECODER_CTX_get_cleanup(OSSL_DECODER_CTX
*ctx
)
626 int OSSL_DECODER_export(OSSL_DECODER_INSTANCE
*decoder_inst
,
627 void *reference
, size_t reference_sz
,
628 OSSL_CALLBACK
*export_cb
, void *export_cbarg
)
630 OSSL_DECODER
*decoder
= NULL
;
631 void *decoderctx
= NULL
;
633 if (!(ossl_assert(decoder_inst
!= NULL
)
634 && ossl_assert(reference
!= NULL
)
635 && ossl_assert(export_cb
!= NULL
)
636 && ossl_assert(export_cbarg
!= NULL
))) {
637 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_PASSED_NULL_PARAMETER
);
641 decoder
= OSSL_DECODER_INSTANCE_get_decoder(decoder_inst
);
642 decoderctx
= OSSL_DECODER_INSTANCE_get_decoder_ctx(decoder_inst
);
643 return decoder
->export_object(decoderctx
, reference
, reference_sz
,
644 export_cb
, export_cbarg
);
648 OSSL_DECODER_INSTANCE_get_decoder(OSSL_DECODER_INSTANCE
*decoder_inst
)
650 if (decoder_inst
== NULL
)
652 return decoder_inst
->decoder
;
656 OSSL_DECODER_INSTANCE_get_decoder_ctx(OSSL_DECODER_INSTANCE
*decoder_inst
)
658 if (decoder_inst
== NULL
)
660 return decoder_inst
->decoderctx
;
664 OSSL_DECODER_INSTANCE_get_input_type(OSSL_DECODER_INSTANCE
*decoder_inst
)
666 if (decoder_inst
== NULL
)
668 return decoder_inst
->input_type
;
672 OSSL_DECODER_INSTANCE_get_input_structure(OSSL_DECODER_INSTANCE
*decoder_inst
,
675 if (decoder_inst
== NULL
)
677 *was_set
= decoder_inst
->flag_input_structure_was_set
;
678 return decoder_inst
->input_structure
;
681 static int decoder_process(const OSSL_PARAM params
[], void *arg
)
683 struct decoder_process_data_st
*data
= arg
;
684 OSSL_DECODER_CTX
*ctx
= data
->ctx
;
685 OSSL_DECODER_INSTANCE
*decoder_inst
= NULL
;
686 OSSL_DECODER
*decoder
= NULL
;
687 OSSL_CORE_BIO
*cbio
= NULL
;
688 BIO
*bio
= data
->bio
;
693 struct decoder_process_data_st new_data
;
694 const char *data_type
= NULL
;
695 const char *data_structure
= NULL
;
698 * This is an indicator up the call stack that something was indeed
699 * decoded, leading to a recursive call of this function.
701 data
->flag_next_level_called
= 1;
703 memset(&new_data
, 0, sizeof(new_data
));
704 new_data
.ctx
= data
->ctx
;
705 new_data
.recursion
= data
->recursion
+ 1;
707 #define LEVEL_STR ">>>>>>>>>>>>>>>>"
708 #define LEVEL (new_data.recursion < sizeof(LEVEL_STR) \
709 ? &LEVEL_STR[sizeof(LEVEL_STR) - new_data.recursion - 1] \
712 if (params
== NULL
) {
713 /* First iteration, where we prepare for what is to come */
715 OSSL_TRACE_BEGIN(DECODER
) {
717 "(ctx %p) starting to walk the decoder chain\n",
718 (void *)new_data
.ctx
);
719 } OSSL_TRACE_END(DECODER
);
721 data
->current_decoder_inst_index
=
722 OSSL_DECODER_CTX_get_num_decoders(ctx
);
727 const char *trace_data_structure
;
730 sk_OSSL_DECODER_INSTANCE_value(ctx
->decoder_insts
,
731 data
->current_decoder_inst_index
);
732 decoder
= OSSL_DECODER_INSTANCE_get_decoder(decoder_inst
);
734 data
->flag_construct_called
= 0;
735 if (ctx
->construct
!= NULL
) {
738 OSSL_TRACE_BEGIN(DECODER
) {
740 "(ctx %p) %s Running constructor\n",
741 (void *)new_data
.ctx
, LEVEL
);
742 } OSSL_TRACE_END(DECODER
);
744 rv
= ctx
->construct(decoder_inst
, params
, ctx
->construct_data
);
746 OSSL_TRACE_BEGIN(DECODER
) {
748 "(ctx %p) %s Running constructor => %d\n",
749 (void *)new_data
.ctx
, LEVEL
, rv
);
750 } OSSL_TRACE_END(DECODER
);
752 data
->flag_construct_called
= 1;
758 /* The constructor didn't return success */
761 * so we try to use the object we got and feed it to any next
762 * decoder that will take it. Object references are not
764 * If this data isn't present, decoding has failed.
767 p
= OSSL_PARAM_locate_const(params
, OSSL_OBJECT_PARAM_DATA
);
768 if (p
== NULL
|| p
->data_type
!= OSSL_PARAM_OCTET_STRING
)
770 new_data
.bio
= BIO_new_mem_buf(p
->data
, (int)p
->data_size
);
771 if (new_data
.bio
== NULL
)
775 /* Get the data type if there is one */
776 p
= OSSL_PARAM_locate_const(params
, OSSL_OBJECT_PARAM_DATA_TYPE
);
777 if (p
!= NULL
&& !OSSL_PARAM_get_utf8_string_ptr(p
, &data_type
))
780 /* Get the data structure if there is one */
781 p
= OSSL_PARAM_locate_const(params
, OSSL_OBJECT_PARAM_DATA_STRUCTURE
);
782 if (p
!= NULL
&& !OSSL_PARAM_get_utf8_string_ptr(p
, &data_structure
))
786 * If the data structure is "type-specific" and the data type is
787 * given, we drop the data structure. The reasoning is that the
788 * data type is already enough to find the applicable next decoder,
789 * so an additional "type-specific" data structure is extraneous.
791 * Furthermore, if the OSSL_DECODER caller asked for a type specific
792 * structure under another name, such as "DH", we get a mismatch
793 * if the data structure we just received is "type-specific".
794 * There's only so much you can do without infusing this code with
795 * too special knowledge.
797 trace_data_structure
= data_structure
;
798 if (data_type
!= NULL
&& data_structure
!= NULL
799 && OPENSSL_strcasecmp(data_structure
, "type-specific") == 0)
800 data_structure
= NULL
;
802 OSSL_TRACE_BEGIN(DECODER
) {
804 "(ctx %p) %s incoming from previous decoder (%p):\n"
805 " data type: %s, data structure: %s%s\n",
806 (void *)new_data
.ctx
, LEVEL
, (void *)decoder
,
807 data_type
, trace_data_structure
,
808 (trace_data_structure
== data_structure
809 ? "" : " (dropped)"));
810 } OSSL_TRACE_END(DECODER
);
814 * If we have no more decoders to look through at this point,
817 if (data
->current_decoder_inst_index
== 0)
820 if ((loc
= BIO_tell(bio
)) < 0) {
821 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_BIO_LIB
);
825 if ((cbio
= ossl_core_bio_new_from_bio(bio
)) == NULL
) {
826 ERR_raise(ERR_LIB_OSSL_DECODER
, ERR_R_MALLOC_FAILURE
);
830 for (i
= data
->current_decoder_inst_index
; i
-- > 0;) {
831 OSSL_DECODER_INSTANCE
*new_decoder_inst
=
832 sk_OSSL_DECODER_INSTANCE_value(ctx
->decoder_insts
, i
);
833 OSSL_DECODER
*new_decoder
=
834 OSSL_DECODER_INSTANCE_get_decoder(new_decoder_inst
);
835 void *new_decoderctx
=
836 OSSL_DECODER_INSTANCE_get_decoder_ctx(new_decoder_inst
);
837 const char *new_input_type
=
838 OSSL_DECODER_INSTANCE_get_input_type(new_decoder_inst
);
839 int n_i_s_was_set
= 0; /* We don't care here */
840 const char *new_input_structure
=
841 OSSL_DECODER_INSTANCE_get_input_structure(new_decoder_inst
,
844 OSSL_TRACE_BEGIN(DECODER
) {
846 "(ctx %p) %s [%u] Considering decoder instance %p (decoder %p):\n"
848 (void *)new_data
.ctx
, LEVEL
, (unsigned int)i
,
849 (void *)new_decoder_inst
, (void *)new_decoder
,
850 OSSL_DECODER_get0_name(new_decoder
),
851 OSSL_DECODER_get0_properties(new_decoder
));
852 } OSSL_TRACE_END(DECODER
);
855 * If |decoder| is NULL, it means we've just started, and the caller
856 * may have specified what it expects the initial input to be. If
857 * that's the case, we do this extra check.
859 if (decoder
== NULL
&& ctx
->start_input_type
!= NULL
860 && OPENSSL_strcasecmp(ctx
->start_input_type
, new_input_type
) != 0) {
861 OSSL_TRACE_BEGIN(DECODER
) {
863 "(ctx %p) %s [%u] the start input type '%s' doesn't match the input type of the considered decoder, skipping...\n",
864 (void *)new_data
.ctx
, LEVEL
, (unsigned int)i
,
865 ctx
->start_input_type
);
866 } OSSL_TRACE_END(DECODER
);
871 * If we have a previous decoder, we check that the input type
872 * of the next to be used matches the type of this previous one.
873 * |new_input_type| holds the value of the "input-type" parameter
874 * for the decoder we're currently considering.
876 if (decoder
!= NULL
&& !ossl_decoder_fast_is_a(decoder
, new_input_type
,
877 &new_decoder_inst
->input_type_id
)) {
878 OSSL_TRACE_BEGIN(DECODER
) {
880 "(ctx %p) %s [%u] the input type doesn't match the name of the previous decoder (%p), skipping...\n",
881 (void *)new_data
.ctx
, LEVEL
, (unsigned int)i
,
883 } OSSL_TRACE_END(DECODER
);
888 * If the previous decoder gave us a data type, we check to see
889 * if that matches the decoder we're currently considering.
891 if (data_type
!= NULL
&& !OSSL_DECODER_is_a(new_decoder
, data_type
)) {
892 OSSL_TRACE_BEGIN(DECODER
) {
894 "(ctx %p) %s [%u] the previous decoder's data type doesn't match the name of the considered decoder, skipping...\n",
895 (void *)new_data
.ctx
, LEVEL
, (unsigned int)i
);
896 } OSSL_TRACE_END(DECODER
);
901 * If the previous decoder gave us a data structure name, we check
902 * to see that it matches the input data structure of the decoder
903 * we're currently considering.
905 if (data_structure
!= NULL
906 && (new_input_structure
== NULL
907 || OPENSSL_strcasecmp(data_structure
,
908 new_input_structure
) != 0)) {
909 OSSL_TRACE_BEGIN(DECODER
) {
911 "(ctx %p) %s [%u] the previous decoder's data structure doesn't match the input structure of the considered decoder, skipping...\n",
912 (void *)new_data
.ctx
, LEVEL
, (unsigned int)i
);
913 } OSSL_TRACE_END(DECODER
);
918 * If the decoder we're currently considering specifies a structure,
919 * and this check hasn't already been done earlier in this chain of
920 * decoder_process() calls, check that it matches the user provided
921 * input structure, if one is given.
923 if (!data
->flag_input_structure_checked
924 && ctx
->input_structure
!= NULL
925 && new_input_structure
!= NULL
) {
926 data
->flag_input_structure_checked
= 1;
927 if (OPENSSL_strcasecmp(new_input_structure
,
928 ctx
->input_structure
) != 0) {
929 OSSL_TRACE_BEGIN(DECODER
) {
931 "(ctx %p) %s [%u] the previous decoder's data structure doesn't match the input structure given by the user, skipping...\n",
932 (void *)new_data
.ctx
, LEVEL
, (unsigned int)i
);
933 } OSSL_TRACE_END(DECODER
);
939 * Checking the return value of BIO_reset() or BIO_seek() is unsafe.
940 * Furthermore, BIO_reset() is unsafe to use if the source BIO happens
941 * to be a BIO_s_mem(), because the earlier BIO_tell() gives us zero
942 * no matter where we are in the underlying buffer we're reading from.
944 * So, we simply do a BIO_seek(), and use BIO_tell() that we're back
945 * at the same position. This is a best effort attempt, but BIO_seek()
946 * and BIO_tell() should come as a pair...
948 (void)BIO_seek(bio
, loc
);
949 if (BIO_tell(bio
) != loc
)
953 OSSL_TRACE_BEGIN(DECODER
) {
955 "(ctx %p) %s [%u] Running decoder instance %p\n",
956 (void *)new_data
.ctx
, LEVEL
, (unsigned int)i
,
957 (void *)new_decoder_inst
);
958 } OSSL_TRACE_END(DECODER
);
961 * We only care about errors reported from decoder implementations
962 * if it returns false (i.e. there was a fatal error).
966 new_data
.current_decoder_inst_index
= i
;
967 new_data
.flag_input_structure_checked
968 = data
->flag_input_structure_checked
;
969 ok
= new_decoder
->decode(new_decoderctx
, cbio
,
970 new_data
.ctx
->selection
,
971 decoder_process
, &new_data
,
972 ossl_pw_passphrase_callback_dec
,
973 &new_data
.ctx
->pwdata
);
975 OSSL_TRACE_BEGIN(DECODER
) {
977 "(ctx %p) %s [%u] Running decoder instance %p => %d"
978 " (recursed further: %s, construct called: %s)\n",
979 (void *)new_data
.ctx
, LEVEL
, (unsigned int)i
,
980 (void *)new_decoder_inst
, ok
,
981 new_data
.flag_next_level_called
? "yes" : "no",
982 new_data
.flag_construct_called
? "yes" : "no");
983 } OSSL_TRACE_END(DECODER
);
985 data
->flag_construct_called
= new_data
.flag_construct_called
;
987 /* Break on error or if we tried to construct an object already */
988 if (!ok
|| data
->flag_construct_called
) {
989 ERR_clear_last_mark();
995 * Break if the decoder implementation that we called recursed, since
996 * that indicates that it successfully decoded something.
998 if (new_data
.flag_next_level_called
)
1003 ossl_core_bio_free(cbio
);
1004 BIO_free(new_data
.bio
);