]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/encode_decode/decoder_lib.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update copyright year
[thirdparty/openssl.git] / crypto / encode_decode / decoder_lib.c
1 /*
2 * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <openssl/core_names.h>
11 #include <openssl/bio.h>
12 #include <openssl/params.h>
13 #include <openssl/provider.h>
14 #include <openssl/evperr.h>
15 #include <openssl/ecerr.h>
16 #include <openssl/pkcs12err.h>
17 #include <openssl/x509err.h>
18 #include <openssl/trace.h>
19 #include "internal/bio.h"
20 #include "internal/provider.h"
21 #include "internal/namemap.h"
22 #include "crypto/decoder.h"
23 #include "encoder_local.h"
24 #include "internal/e_os.h"
25
26 struct decoder_process_data_st {
27 OSSL_DECODER_CTX *ctx;
28
29 /* Current BIO */
30 BIO *bio;
31
32 /* Index of the current decoder instance to be processed */
33 size_t current_decoder_inst_index;
34 /* For tracing, count recursion level */
35 size_t recursion;
36
37 /*-
38 * Flags
39 */
40 unsigned int flag_next_level_called : 1;
41 unsigned int flag_construct_called : 1;
42 unsigned int flag_input_structure_checked : 1;
43 };
44
45 static int decoder_process(const OSSL_PARAM params[], void *arg);
46
47 int OSSL_DECODER_from_bio(OSSL_DECODER_CTX *ctx, BIO *in)
48 {
49 struct decoder_process_data_st data;
50 int ok = 0;
51 BIO *new_bio = NULL;
52 unsigned long lasterr;
53
54 if (in == NULL) {
55 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
56 return 0;
57 }
58
59 if (OSSL_DECODER_CTX_get_num_decoders(ctx) == 0) {
60 ERR_raise_data(ERR_LIB_OSSL_DECODER, OSSL_DECODER_R_DECODER_NOT_FOUND,
61 "No decoders were found. For standard decoders you need "
62 "at least one of the default or base providers "
63 "available. Did you forget to load them?");
64 return 0;
65 }
66
67 lasterr = ERR_peek_last_error();
68
69 if (BIO_tell(in) < 0) {
70 new_bio = BIO_new(BIO_f_readbuffer());
71 if (new_bio == NULL)
72 return 0;
73 in = BIO_push(new_bio, in);
74 }
75 memset(&data, 0, sizeof(data));
76 data.ctx = ctx;
77 data.bio = in;
78
79 /* Enable passphrase caching */
80 (void)ossl_pw_enable_passphrase_caching(&ctx->pwdata);
81
82 ok = decoder_process(NULL, &data);
83
84 if (!data.flag_construct_called) {
85 const char *spaces
86 = ctx->start_input_type != NULL && ctx->input_structure != NULL
87 ? " " : "";
88 const char *input_type_label
89 = ctx->start_input_type != NULL ? "Input type: " : "";
90 const char *input_structure_label
91 = ctx->input_structure != NULL ? "Input structure: " : "";
92 const char *comma
93 = ctx->start_input_type != NULL && ctx->input_structure != NULL
94 ? ", " : "";
95 const char *input_type
96 = ctx->start_input_type != NULL ? ctx->start_input_type : "";
97 const char *input_structure
98 = ctx->input_structure != NULL ? ctx->input_structure : "";
99
100 if (ERR_peek_last_error() == lasterr || ERR_peek_error() == 0)
101 /* Prevent spurious decoding error but add at least something */
102 ERR_raise_data(ERR_LIB_OSSL_DECODER, ERR_R_UNSUPPORTED,
103 "No supported data to decode. %s%s%s%s%s%s",
104 spaces, input_type_label, input_type, comma,
105 input_structure_label, input_structure);
106 ok = 0;
107 }
108
109 /* Clear any internally cached passphrase */
110 (void)ossl_pw_clear_passphrase_cache(&ctx->pwdata);
111
112 if (new_bio != NULL) {
113 BIO_pop(new_bio);
114 BIO_free(new_bio);
115 }
116 return ok;
117 }
118
119 #ifndef OPENSSL_NO_STDIO
120 static BIO *bio_from_file(FILE *fp)
121 {
122 BIO *b;
123
124 if ((b = BIO_new(BIO_s_file())) == NULL) {
125 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_BIO_LIB);
126 return NULL;
127 }
128 BIO_set_fp(b, fp, BIO_NOCLOSE);
129 return b;
130 }
131
132 int OSSL_DECODER_from_fp(OSSL_DECODER_CTX *ctx, FILE *fp)
133 {
134 BIO *b = bio_from_file(fp);
135 int ret = 0;
136
137 if (b != NULL)
138 ret = OSSL_DECODER_from_bio(ctx, b);
139
140 BIO_free(b);
141 return ret;
142 }
143 #endif
144
145 int OSSL_DECODER_from_data(OSSL_DECODER_CTX *ctx, const unsigned char **pdata,
146 size_t *pdata_len)
147 {
148 BIO *membio;
149 int ret = 0;
150
151 if (pdata == NULL || *pdata == NULL || pdata_len == NULL) {
152 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
153 return 0;
154 }
155
156 membio = BIO_new_mem_buf(*pdata, (int)*pdata_len);
157 if (OSSL_DECODER_from_bio(ctx, membio)) {
158 *pdata_len = (size_t)BIO_get_mem_data(membio, pdata);
159 ret = 1;
160 }
161 BIO_free(membio);
162
163 return ret;
164 }
165
166 int OSSL_DECODER_CTX_set_selection(OSSL_DECODER_CTX *ctx, int selection)
167 {
168 if (!ossl_assert(ctx != NULL)) {
169 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
170 return 0;
171 }
172
173 /*
174 * 0 is a valid selection, and means that the caller leaves
175 * it to code to discover what the selection is.
176 */
177 ctx->selection = selection;
178 return 1;
179 }
180
181 int OSSL_DECODER_CTX_set_input_type(OSSL_DECODER_CTX *ctx,
182 const char *input_type)
183 {
184 if (!ossl_assert(ctx != NULL)) {
185 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
186 return 0;
187 }
188
189 /*
190 * NULL is a valid starting input type, and means that the caller leaves
191 * it to code to discover what the starting input type is.
192 */
193 ctx->start_input_type = input_type;
194 return 1;
195 }
196
197 int OSSL_DECODER_CTX_set_input_structure(OSSL_DECODER_CTX *ctx,
198 const char *input_structure)
199 {
200 if (!ossl_assert(ctx != NULL)) {
201 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
202 return 0;
203 }
204
205 /*
206 * NULL is a valid starting input structure, and means that the caller
207 * leaves it to code to discover what the starting input structure is.
208 */
209 ctx->input_structure = input_structure;
210 return 1;
211 }
212
213 OSSL_DECODER_INSTANCE *ossl_decoder_instance_new(OSSL_DECODER *decoder,
214 void *decoderctx)
215 {
216 OSSL_DECODER_INSTANCE *decoder_inst = NULL;
217 const OSSL_PROVIDER *prov;
218 OSSL_LIB_CTX *libctx;
219 const OSSL_PROPERTY_LIST *props;
220 const OSSL_PROPERTY_DEFINITION *prop;
221
222 if (!ossl_assert(decoder != NULL)) {
223 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
224 return 0;
225 }
226
227 if ((decoder_inst = OPENSSL_zalloc(sizeof(*decoder_inst))) == NULL) {
228 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
229 return 0;
230 }
231 if (!OSSL_DECODER_up_ref(decoder)) {
232 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_INTERNAL_ERROR);
233 goto err;
234 }
235
236 prov = OSSL_DECODER_get0_provider(decoder);
237 libctx = ossl_provider_libctx(prov);
238 props = ossl_decoder_parsed_properties(decoder);
239 if (props == NULL) {
240 ERR_raise_data(ERR_LIB_OSSL_DECODER, ERR_R_INVALID_PROPERTY_DEFINITION,
241 "there are no property definitions with decoder %s",
242 OSSL_DECODER_get0_name(decoder));
243 goto err;
244 }
245
246 /* The "input" property is mandatory */
247 prop = ossl_property_find_property(props, libctx, "input");
248 decoder_inst->input_type = ossl_property_get_string_value(libctx, prop);
249 decoder_inst->input_type_id = 0;
250 if (decoder_inst->input_type == NULL) {
251 ERR_raise_data(ERR_LIB_OSSL_DECODER, ERR_R_INVALID_PROPERTY_DEFINITION,
252 "the mandatory 'input' property is missing "
253 "for decoder %s (properties: %s)",
254 OSSL_DECODER_get0_name(decoder),
255 OSSL_DECODER_get0_properties(decoder));
256 goto err;
257 }
258
259 /* The "structure" property is optional */
260 prop = ossl_property_find_property(props, libctx, "structure");
261 if (prop != NULL) {
262 decoder_inst->input_structure
263 = ossl_property_get_string_value(libctx, prop);
264 }
265
266 decoder_inst->decoder = decoder;
267 decoder_inst->decoderctx = decoderctx;
268 return decoder_inst;
269 err:
270 ossl_decoder_instance_free(decoder_inst);
271 return NULL;
272 }
273
274 void ossl_decoder_instance_free(OSSL_DECODER_INSTANCE *decoder_inst)
275 {
276 if (decoder_inst != NULL) {
277 if (decoder_inst->decoder != NULL)
278 decoder_inst->decoder->freectx(decoder_inst->decoderctx);
279 decoder_inst->decoderctx = NULL;
280 OSSL_DECODER_free(decoder_inst->decoder);
281 decoder_inst->decoder = NULL;
282 OPENSSL_free(decoder_inst);
283 }
284 }
285
286 int ossl_decoder_ctx_add_decoder_inst(OSSL_DECODER_CTX *ctx,
287 OSSL_DECODER_INSTANCE *di)
288 {
289 int ok;
290
291 if (ctx->decoder_insts == NULL
292 && (ctx->decoder_insts =
293 sk_OSSL_DECODER_INSTANCE_new_null()) == NULL) {
294 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
295 return 0;
296 }
297
298 ok = (sk_OSSL_DECODER_INSTANCE_push(ctx->decoder_insts, di) > 0);
299 if (ok) {
300 OSSL_TRACE_BEGIN(DECODER) {
301 BIO_printf(trc_out,
302 "(ctx %p) Added decoder instance %p for decoder %p\n"
303 " %s with %s\n",
304 (void *)ctx, (void *)di, (void *)di->decoder,
305 OSSL_DECODER_get0_name(di->decoder),
306 OSSL_DECODER_get0_properties(di->decoder));
307 } OSSL_TRACE_END(DECODER);
308 }
309 return ok;
310 }
311
312 int OSSL_DECODER_CTX_add_decoder(OSSL_DECODER_CTX *ctx, OSSL_DECODER *decoder)
313 {
314 OSSL_DECODER_INSTANCE *decoder_inst = NULL;
315 const OSSL_PROVIDER *prov = NULL;
316 void *decoderctx = NULL;
317 void *provctx = NULL;
318
319 if (!ossl_assert(ctx != NULL) || !ossl_assert(decoder != NULL)) {
320 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
321 return 0;
322 }
323
324 prov = OSSL_DECODER_get0_provider(decoder);
325 provctx = OSSL_PROVIDER_get0_provider_ctx(prov);
326
327 if ((decoderctx = decoder->newctx(provctx)) == NULL
328 || (decoder_inst =
329 ossl_decoder_instance_new(decoder, decoderctx)) == NULL)
330 goto err;
331 /* Avoid double free of decoderctx on further errors */
332 decoderctx = NULL;
333
334 if (!ossl_decoder_ctx_add_decoder_inst(ctx, decoder_inst))
335 goto err;
336
337 return 1;
338 err:
339 ossl_decoder_instance_free(decoder_inst);
340 if (decoderctx != NULL)
341 decoder->freectx(decoderctx);
342 return 0;
343 }
344
345 struct collect_extra_decoder_data_st {
346 OSSL_DECODER_CTX *ctx;
347 const char *output_type;
348 int output_type_id;
349
350 /*
351 * 0 to check that the decoder's input type is the same as the decoder name
352 * 1 to check that the decoder's input type differs from the decoder name
353 */
354 enum { IS_SAME = 0, IS_DIFFERENT = 1 } type_check;
355 size_t w_prev_start, w_prev_end; /* "previous" decoders */
356 size_t w_new_start, w_new_end; /* "new" decoders */
357 };
358
359 DEFINE_STACK_OF(OSSL_DECODER)
360
361 static void collect_all_decoders(OSSL_DECODER *decoder, void *arg)
362 {
363 STACK_OF(OSSL_DECODER) *skdecoders = arg;
364
365 if (OSSL_DECODER_up_ref(decoder))
366 sk_OSSL_DECODER_push(skdecoders, decoder);
367 }
368
369 static void collect_extra_decoder(OSSL_DECODER *decoder, void *arg)
370 {
371 struct collect_extra_decoder_data_st *data = arg;
372 size_t j;
373 const OSSL_PROVIDER *prov = OSSL_DECODER_get0_provider(decoder);
374 void *provctx = OSSL_PROVIDER_get0_provider_ctx(prov);
375
376 if (ossl_decoder_fast_is_a(decoder, data->output_type, &data->output_type_id)) {
377 void *decoderctx = NULL;
378 OSSL_DECODER_INSTANCE *di = NULL;
379
380 OSSL_TRACE_BEGIN(DECODER) {
381 BIO_printf(trc_out,
382 "(ctx %p) [%d] Checking out decoder %p:\n"
383 " %s with %s\n",
384 (void *)data->ctx, data->type_check, (void *)decoder,
385 OSSL_DECODER_get0_name(decoder),
386 OSSL_DECODER_get0_properties(decoder));
387 } OSSL_TRACE_END(DECODER);
388
389 /*
390 * Check that we don't already have this decoder in our stack,
391 * starting with the previous windows but also looking at what
392 * we have added in the current window.
393 */
394 for (j = data->w_prev_start; j < data->w_new_end; j++) {
395 OSSL_DECODER_INSTANCE *check_inst =
396 sk_OSSL_DECODER_INSTANCE_value(data->ctx->decoder_insts, j);
397
398 if (decoder->base.algodef == check_inst->decoder->base.algodef) {
399 /* We found it, so don't do anything more */
400 OSSL_TRACE_BEGIN(DECODER) {
401 BIO_printf(trc_out,
402 " REJECTED: already exists in the chain\n");
403 } OSSL_TRACE_END(DECODER);
404 return;
405 }
406 }
407
408 if ((decoderctx = decoder->newctx(provctx)) == NULL)
409 return;
410
411 if ((di = ossl_decoder_instance_new(decoder, decoderctx)) == NULL) {
412 decoder->freectx(decoderctx);
413 return;
414 }
415
416 switch (data->type_check) {
417 case IS_SAME:
418 /* If it differs, this is not a decoder to add for now. */
419 if (!ossl_decoder_fast_is_a(decoder,
420 OSSL_DECODER_INSTANCE_get_input_type(di),
421 &di->input_type_id)) {
422 ossl_decoder_instance_free(di);
423 OSSL_TRACE_BEGIN(DECODER) {
424 BIO_printf(trc_out,
425 " REJECTED: input type doesn't match output type\n");
426 } OSSL_TRACE_END(DECODER);
427 return;
428 }
429 break;
430 case IS_DIFFERENT:
431 /* If it's the same, this is not a decoder to add for now. */
432 if (ossl_decoder_fast_is_a(decoder,
433 OSSL_DECODER_INSTANCE_get_input_type(di),
434 &di->input_type_id)) {
435 ossl_decoder_instance_free(di);
436 OSSL_TRACE_BEGIN(DECODER) {
437 BIO_printf(trc_out,
438 " REJECTED: input type matches output type\n");
439 } OSSL_TRACE_END(DECODER);
440 return;
441 }
442 break;
443 }
444
445 /*
446 * Apart from keeping w_new_end up to date, We don't care about
447 * errors here. If it doesn't collect, then it doesn't...
448 */
449 if (!ossl_decoder_ctx_add_decoder_inst(data->ctx, di)) {
450 ossl_decoder_instance_free(di);
451 return;
452 }
453
454 data->w_new_end++;
455 }
456 }
457
458 int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX *ctx,
459 OSSL_LIB_CTX *libctx, const char *propq)
460 {
461 /*
462 * This function goes through existing decoder methods in
463 * |ctx->decoder_insts|, and tries to fetch new decoders that produce
464 * what the existing ones want as input, and push those newly fetched
465 * decoders on top of the same stack.
466 * Then it does the same again, but looping over the newly fetched
467 * decoders, until there are no more decoders to be fetched, or
468 * when we have done this 10 times.
469 *
470 * we do this with sliding windows on the stack by keeping track of indexes
471 * and of the end.
472 *
473 * +----------------+
474 * | DER to RSA | <--- w_prev_start
475 * +----------------+
476 * | DER to DSA |
477 * +----------------+
478 * | DER to DH |
479 * +----------------+
480 * | PEM to DER | <--- w_prev_end, w_new_start
481 * +----------------+
482 * <--- w_new_end
483 */
484 struct collect_extra_decoder_data_st data;
485 size_t depth = 0; /* Counts the number of iterations */
486 size_t count; /* Calculates how many were added in each iteration */
487 size_t numdecoders;
488 STACK_OF(OSSL_DECODER) *skdecoders;
489
490 if (!ossl_assert(ctx != NULL)) {
491 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
492 return 0;
493 }
494
495 /*
496 * If there is no stack of OSSL_DECODER_INSTANCE, we have nothing
497 * more to add. That's fine.
498 */
499 if (ctx->decoder_insts == NULL)
500 return 1;
501
502 OSSL_TRACE_BEGIN(DECODER) {
503 BIO_printf(trc_out, "(ctx %p) Looking for extra decoders\n",
504 (void *)ctx);
505 } OSSL_TRACE_END(DECODER);
506
507
508 skdecoders = sk_OSSL_DECODER_new_null();
509 if (skdecoders == NULL) {
510 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
511 return 0;
512 }
513 OSSL_DECODER_do_all_provided(libctx, collect_all_decoders, skdecoders);
514 numdecoders = sk_OSSL_DECODER_num(skdecoders);
515
516 memset(&data, 0, sizeof(data));
517 data.ctx = ctx;
518 data.w_prev_start = 0;
519 data.w_prev_end = sk_OSSL_DECODER_INSTANCE_num(ctx->decoder_insts);
520 do {
521 size_t i, j;
522
523 data.w_new_start = data.w_new_end = data.w_prev_end;
524
525 /*
526 * Two iterations:
527 * 0. All decoders that have the same name as their input type.
528 * This allows for decoders that unwrap some data in a specific
529 * encoding, and pass the result on with the same encoding.
530 * 1. All decoders that a different name than their input type.
531 */
532 for (data.type_check = IS_SAME;
533 data.type_check <= IS_DIFFERENT;
534 data.type_check++) {
535 for (i = data.w_prev_start; i < data.w_prev_end; i++) {
536 OSSL_DECODER_INSTANCE *decoder_inst =
537 sk_OSSL_DECODER_INSTANCE_value(ctx->decoder_insts, i);
538
539 data.output_type
540 = OSSL_DECODER_INSTANCE_get_input_type(decoder_inst);
541
542 data.output_type_id = 0;
543
544 for (j = 0; j < numdecoders; j++)
545 collect_extra_decoder(sk_OSSL_DECODER_value(skdecoders, j),
546 &data);
547 }
548 }
549 /* How many were added in this iteration */
550 count = data.w_new_end - data.w_new_start;
551
552 /* Slide the "previous decoder" windows */
553 data.w_prev_start = data.w_new_start;
554 data.w_prev_end = data.w_new_end;
555
556 depth++;
557 } while (count != 0 && depth <= 10);
558
559 sk_OSSL_DECODER_pop_free(skdecoders, OSSL_DECODER_free);
560 return 1;
561 }
562
563 int OSSL_DECODER_CTX_get_num_decoders(OSSL_DECODER_CTX *ctx)
564 {
565 if (ctx == NULL || ctx->decoder_insts == NULL)
566 return 0;
567 return sk_OSSL_DECODER_INSTANCE_num(ctx->decoder_insts);
568 }
569
570 int OSSL_DECODER_CTX_set_construct(OSSL_DECODER_CTX *ctx,
571 OSSL_DECODER_CONSTRUCT *construct)
572 {
573 if (!ossl_assert(ctx != NULL)) {
574 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
575 return 0;
576 }
577 ctx->construct = construct;
578 return 1;
579 }
580
581 int OSSL_DECODER_CTX_set_construct_data(OSSL_DECODER_CTX *ctx,
582 void *construct_data)
583 {
584 if (!ossl_assert(ctx != NULL)) {
585 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
586 return 0;
587 }
588 ctx->construct_data = construct_data;
589 return 1;
590 }
591
592 int OSSL_DECODER_CTX_set_cleanup(OSSL_DECODER_CTX *ctx,
593 OSSL_DECODER_CLEANUP *cleanup)
594 {
595 if (!ossl_assert(ctx != NULL)) {
596 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
597 return 0;
598 }
599 ctx->cleanup = cleanup;
600 return 1;
601 }
602
603 OSSL_DECODER_CONSTRUCT *
604 OSSL_DECODER_CTX_get_construct(OSSL_DECODER_CTX *ctx)
605 {
606 if (ctx == NULL)
607 return NULL;
608 return ctx->construct;
609 }
610
611 void *OSSL_DECODER_CTX_get_construct_data(OSSL_DECODER_CTX *ctx)
612 {
613 if (ctx == NULL)
614 return NULL;
615 return ctx->construct_data;
616 }
617
618 OSSL_DECODER_CLEANUP *
619 OSSL_DECODER_CTX_get_cleanup(OSSL_DECODER_CTX *ctx)
620 {
621 if (ctx == NULL)
622 return NULL;
623 return ctx->cleanup;
624 }
625
626 int OSSL_DECODER_export(OSSL_DECODER_INSTANCE *decoder_inst,
627 void *reference, size_t reference_sz,
628 OSSL_CALLBACK *export_cb, void *export_cbarg)
629 {
630 OSSL_DECODER *decoder = NULL;
631 void *decoderctx = NULL;
632
633 if (!(ossl_assert(decoder_inst != NULL)
634 && ossl_assert(reference != NULL)
635 && ossl_assert(export_cb != NULL)
636 && ossl_assert(export_cbarg != NULL))) {
637 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER);
638 return 0;
639 }
640
641 decoder = OSSL_DECODER_INSTANCE_get_decoder(decoder_inst);
642 decoderctx = OSSL_DECODER_INSTANCE_get_decoder_ctx(decoder_inst);
643 return decoder->export_object(decoderctx, reference, reference_sz,
644 export_cb, export_cbarg);
645 }
646
647 OSSL_DECODER *
648 OSSL_DECODER_INSTANCE_get_decoder(OSSL_DECODER_INSTANCE *decoder_inst)
649 {
650 if (decoder_inst == NULL)
651 return NULL;
652 return decoder_inst->decoder;
653 }
654
655 void *
656 OSSL_DECODER_INSTANCE_get_decoder_ctx(OSSL_DECODER_INSTANCE *decoder_inst)
657 {
658 if (decoder_inst == NULL)
659 return NULL;
660 return decoder_inst->decoderctx;
661 }
662
663 const char *
664 OSSL_DECODER_INSTANCE_get_input_type(OSSL_DECODER_INSTANCE *decoder_inst)
665 {
666 if (decoder_inst == NULL)
667 return NULL;
668 return decoder_inst->input_type;
669 }
670
671 const char *
672 OSSL_DECODER_INSTANCE_get_input_structure(OSSL_DECODER_INSTANCE *decoder_inst,
673 int *was_set)
674 {
675 if (decoder_inst == NULL)
676 return NULL;
677 *was_set = decoder_inst->flag_input_structure_was_set;
678 return decoder_inst->input_structure;
679 }
680
681 static int decoder_process(const OSSL_PARAM params[], void *arg)
682 {
683 struct decoder_process_data_st *data = arg;
684 OSSL_DECODER_CTX *ctx = data->ctx;
685 OSSL_DECODER_INSTANCE *decoder_inst = NULL;
686 OSSL_DECODER *decoder = NULL;
687 OSSL_CORE_BIO *cbio = NULL;
688 BIO *bio = data->bio;
689 long loc;
690 size_t i;
691 int ok = 0;
692 /* For recursions */
693 struct decoder_process_data_st new_data;
694 const char *data_type = NULL;
695 const char *data_structure = NULL;
696
697 /*
698 * This is an indicator up the call stack that something was indeed
699 * decoded, leading to a recursive call of this function.
700 */
701 data->flag_next_level_called = 1;
702
703 memset(&new_data, 0, sizeof(new_data));
704 new_data.ctx = data->ctx;
705 new_data.recursion = data->recursion + 1;
706
707 #define LEVEL_STR ">>>>>>>>>>>>>>>>"
708 #define LEVEL (new_data.recursion < sizeof(LEVEL_STR) \
709 ? &LEVEL_STR[sizeof(LEVEL_STR) - new_data.recursion - 1] \
710 : LEVEL_STR "...")
711
712 if (params == NULL) {
713 /* First iteration, where we prepare for what is to come */
714
715 OSSL_TRACE_BEGIN(DECODER) {
716 BIO_printf(trc_out,
717 "(ctx %p) starting to walk the decoder chain\n",
718 (void *)new_data.ctx);
719 } OSSL_TRACE_END(DECODER);
720
721 data->current_decoder_inst_index =
722 OSSL_DECODER_CTX_get_num_decoders(ctx);
723
724 bio = data->bio;
725 } else {
726 const OSSL_PARAM *p;
727 const char *trace_data_structure;
728
729 decoder_inst =
730 sk_OSSL_DECODER_INSTANCE_value(ctx->decoder_insts,
731 data->current_decoder_inst_index);
732 decoder = OSSL_DECODER_INSTANCE_get_decoder(decoder_inst);
733
734 data->flag_construct_called = 0;
735 if (ctx->construct != NULL) {
736 int rv;
737
738 OSSL_TRACE_BEGIN(DECODER) {
739 BIO_printf(trc_out,
740 "(ctx %p) %s Running constructor\n",
741 (void *)new_data.ctx, LEVEL);
742 } OSSL_TRACE_END(DECODER);
743
744 rv = ctx->construct(decoder_inst, params, ctx->construct_data);
745
746 OSSL_TRACE_BEGIN(DECODER) {
747 BIO_printf(trc_out,
748 "(ctx %p) %s Running constructor => %d\n",
749 (void *)new_data.ctx, LEVEL, rv);
750 } OSSL_TRACE_END(DECODER);
751
752 data->flag_construct_called = 1;
753 ok = (rv > 0);
754 if (ok)
755 goto end;
756 }
757
758 /* The constructor didn't return success */
759
760 /*
761 * so we try to use the object we got and feed it to any next
762 * decoder that will take it. Object references are not
763 * allowed for this.
764 * If this data isn't present, decoding has failed.
765 */
766
767 p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_DATA);
768 if (p == NULL || p->data_type != OSSL_PARAM_OCTET_STRING)
769 goto end;
770 new_data.bio = BIO_new_mem_buf(p->data, (int)p->data_size);
771 if (new_data.bio == NULL)
772 goto end;
773 bio = new_data.bio;
774
775 /* Get the data type if there is one */
776 p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_DATA_TYPE);
777 if (p != NULL && !OSSL_PARAM_get_utf8_string_ptr(p, &data_type))
778 goto end;
779
780 /* Get the data structure if there is one */
781 p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_DATA_STRUCTURE);
782 if (p != NULL && !OSSL_PARAM_get_utf8_string_ptr(p, &data_structure))
783 goto end;
784
785 /*
786 * If the data structure is "type-specific" and the data type is
787 * given, we drop the data structure. The reasoning is that the
788 * data type is already enough to find the applicable next decoder,
789 * so an additional "type-specific" data structure is extraneous.
790 *
791 * Furthermore, if the OSSL_DECODER caller asked for a type specific
792 * structure under another name, such as "DH", we get a mismatch
793 * if the data structure we just received is "type-specific".
794 * There's only so much you can do without infusing this code with
795 * too special knowledge.
796 */
797 trace_data_structure = data_structure;
798 if (data_type != NULL && data_structure != NULL
799 && OPENSSL_strcasecmp(data_structure, "type-specific") == 0)
800 data_structure = NULL;
801
802 OSSL_TRACE_BEGIN(DECODER) {
803 BIO_printf(trc_out,
804 "(ctx %p) %s incoming from previous decoder (%p):\n"
805 " data type: %s, data structure: %s%s\n",
806 (void *)new_data.ctx, LEVEL, (void *)decoder,
807 data_type, trace_data_structure,
808 (trace_data_structure == data_structure
809 ? "" : " (dropped)"));
810 } OSSL_TRACE_END(DECODER);
811 }
812
813 /*
814 * If we have no more decoders to look through at this point,
815 * we failed
816 */
817 if (data->current_decoder_inst_index == 0)
818 goto end;
819
820 if ((loc = BIO_tell(bio)) < 0) {
821 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_BIO_LIB);
822 goto end;
823 }
824
825 if ((cbio = ossl_core_bio_new_from_bio(bio)) == NULL) {
826 ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE);
827 goto end;
828 }
829
830 for (i = data->current_decoder_inst_index; i-- > 0;) {
831 OSSL_DECODER_INSTANCE *new_decoder_inst =
832 sk_OSSL_DECODER_INSTANCE_value(ctx->decoder_insts, i);
833 OSSL_DECODER *new_decoder =
834 OSSL_DECODER_INSTANCE_get_decoder(new_decoder_inst);
835 void *new_decoderctx =
836 OSSL_DECODER_INSTANCE_get_decoder_ctx(new_decoder_inst);
837 const char *new_input_type =
838 OSSL_DECODER_INSTANCE_get_input_type(new_decoder_inst);
839 int n_i_s_was_set = 0; /* We don't care here */
840 const char *new_input_structure =
841 OSSL_DECODER_INSTANCE_get_input_structure(new_decoder_inst,
842 &n_i_s_was_set);
843
844 OSSL_TRACE_BEGIN(DECODER) {
845 BIO_printf(trc_out,
846 "(ctx %p) %s [%u] Considering decoder instance %p (decoder %p):\n"
847 " %s with %s\n",
848 (void *)new_data.ctx, LEVEL, (unsigned int)i,
849 (void *)new_decoder_inst, (void *)new_decoder,
850 OSSL_DECODER_get0_name(new_decoder),
851 OSSL_DECODER_get0_properties(new_decoder));
852 } OSSL_TRACE_END(DECODER);
853
854 /*
855 * If |decoder| is NULL, it means we've just started, and the caller
856 * may have specified what it expects the initial input to be. If
857 * that's the case, we do this extra check.
858 */
859 if (decoder == NULL && ctx->start_input_type != NULL
860 && OPENSSL_strcasecmp(ctx->start_input_type, new_input_type) != 0) {
861 OSSL_TRACE_BEGIN(DECODER) {
862 BIO_printf(trc_out,
863 "(ctx %p) %s [%u] the start input type '%s' doesn't match the input type of the considered decoder, skipping...\n",
864 (void *)new_data.ctx, LEVEL, (unsigned int)i,
865 ctx->start_input_type);
866 } OSSL_TRACE_END(DECODER);
867 continue;
868 }
869
870 /*
871 * If we have a previous decoder, we check that the input type
872 * of the next to be used matches the type of this previous one.
873 * |new_input_type| holds the value of the "input-type" parameter
874 * for the decoder we're currently considering.
875 */
876 if (decoder != NULL && !ossl_decoder_fast_is_a(decoder, new_input_type,
877 &new_decoder_inst->input_type_id)) {
878 OSSL_TRACE_BEGIN(DECODER) {
879 BIO_printf(trc_out,
880 "(ctx %p) %s [%u] the input type doesn't match the name of the previous decoder (%p), skipping...\n",
881 (void *)new_data.ctx, LEVEL, (unsigned int)i,
882 (void *)decoder);
883 } OSSL_TRACE_END(DECODER);
884 continue;
885 }
886
887 /*
888 * If the previous decoder gave us a data type, we check to see
889 * if that matches the decoder we're currently considering.
890 */
891 if (data_type != NULL && !OSSL_DECODER_is_a(new_decoder, data_type)) {
892 OSSL_TRACE_BEGIN(DECODER) {
893 BIO_printf(trc_out,
894 "(ctx %p) %s [%u] the previous decoder's data type doesn't match the name of the considered decoder, skipping...\n",
895 (void *)new_data.ctx, LEVEL, (unsigned int)i);
896 } OSSL_TRACE_END(DECODER);
897 continue;
898 }
899
900 /*
901 * If the previous decoder gave us a data structure name, we check
902 * to see that it matches the input data structure of the decoder
903 * we're currently considering.
904 */
905 if (data_structure != NULL
906 && (new_input_structure == NULL
907 || OPENSSL_strcasecmp(data_structure,
908 new_input_structure) != 0)) {
909 OSSL_TRACE_BEGIN(DECODER) {
910 BIO_printf(trc_out,
911 "(ctx %p) %s [%u] the previous decoder's data structure doesn't match the input structure of the considered decoder, skipping...\n",
912 (void *)new_data.ctx, LEVEL, (unsigned int)i);
913 } OSSL_TRACE_END(DECODER);
914 continue;
915 }
916
917 /*
918 * If the decoder we're currently considering specifies a structure,
919 * and this check hasn't already been done earlier in this chain of
920 * decoder_process() calls, check that it matches the user provided
921 * input structure, if one is given.
922 */
923 if (!data->flag_input_structure_checked
924 && ctx->input_structure != NULL
925 && new_input_structure != NULL) {
926 data->flag_input_structure_checked = 1;
927 if (OPENSSL_strcasecmp(new_input_structure,
928 ctx->input_structure) != 0) {
929 OSSL_TRACE_BEGIN(DECODER) {
930 BIO_printf(trc_out,
931 "(ctx %p) %s [%u] the previous decoder's data structure doesn't match the input structure given by the user, skipping...\n",
932 (void *)new_data.ctx, LEVEL, (unsigned int)i);
933 } OSSL_TRACE_END(DECODER);
934 continue;
935 }
936 }
937
938 /*
939 * Checking the return value of BIO_reset() or BIO_seek() is unsafe.
940 * Furthermore, BIO_reset() is unsafe to use if the source BIO happens
941 * to be a BIO_s_mem(), because the earlier BIO_tell() gives us zero
942 * no matter where we are in the underlying buffer we're reading from.
943 *
944 * So, we simply do a BIO_seek(), and use BIO_tell() that we're back
945 * at the same position. This is a best effort attempt, but BIO_seek()
946 * and BIO_tell() should come as a pair...
947 */
948 (void)BIO_seek(bio, loc);
949 if (BIO_tell(bio) != loc)
950 goto end;
951
952 /* Recurse */
953 OSSL_TRACE_BEGIN(DECODER) {
954 BIO_printf(trc_out,
955 "(ctx %p) %s [%u] Running decoder instance %p\n",
956 (void *)new_data.ctx, LEVEL, (unsigned int)i,
957 (void *)new_decoder_inst);
958 } OSSL_TRACE_END(DECODER);
959
960 /*
961 * We only care about errors reported from decoder implementations
962 * if it returns false (i.e. there was a fatal error).
963 */
964 ERR_set_mark();
965
966 new_data.current_decoder_inst_index = i;
967 new_data.flag_input_structure_checked
968 = data->flag_input_structure_checked;
969 ok = new_decoder->decode(new_decoderctx, cbio,
970 new_data.ctx->selection,
971 decoder_process, &new_data,
972 ossl_pw_passphrase_callback_dec,
973 &new_data.ctx->pwdata);
974
975 OSSL_TRACE_BEGIN(DECODER) {
976 BIO_printf(trc_out,
977 "(ctx %p) %s [%u] Running decoder instance %p => %d"
978 " (recursed further: %s, construct called: %s)\n",
979 (void *)new_data.ctx, LEVEL, (unsigned int)i,
980 (void *)new_decoder_inst, ok,
981 new_data.flag_next_level_called ? "yes" : "no",
982 new_data.flag_construct_called ? "yes" : "no");
983 } OSSL_TRACE_END(DECODER);
984
985 data->flag_construct_called = new_data.flag_construct_called;
986
987 /* Break on error or if we tried to construct an object already */
988 if (!ok || data->flag_construct_called) {
989 ERR_clear_last_mark();
990 break;
991 }
992 ERR_pop_to_mark();
993
994 /*
995 * Break if the decoder implementation that we called recursed, since
996 * that indicates that it successfully decoded something.
997 */
998 if (new_data.flag_next_level_called)
999 break;
1000 }
1001
1002 end:
1003 ossl_core_bio_free(cbio);
1004 BIO_free(new_data.bio);
1005 return ok;
1006 }
A mirror of the official openssl repository