providers/implementations/encode_decode/decode_pem2der.c

   1 /*
   2  * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 /*
  11  * RSA low level APIs are deprecated for public use, but still ok for
  12  * internal use.
  13  */
  14 #include "internal/deprecated.h"
  15
  16 #include <string.h>
  17
  18 #include <openssl/core_dispatch.h>
  19 #include <openssl/core_names.h>
  20 #include <openssl/crypto.h>
  21 #include <openssl/err.h>
  22 #include <openssl/params.h>
  23 #include <openssl/pem.h>
  24 #include "prov/bio.h"
  25 #include "prov/implementations.h"
  26 #include "prov/providercommonerr.h"
  27 #include "endecoder_local.h"
  28
  29 static int read_pem(PROV_CTX *provctx, OSSL_CORE_BIO *cin,
  30                     char **pem_name, char **pem_header,
  31                     unsigned char **data, long *len)
  32 {
  33     BIO *in = bio_new_from_core_bio(provctx, cin);
  34     int ok = (PEM_read_bio(in, pem_name, pem_header, data, len) > 0);
  35
  36     BIO_free(in);
  37     return ok;
  38 }
  39
  40 static OSSL_FUNC_decoder_newctx_fn pem2der_newctx;
  41 static OSSL_FUNC_decoder_freectx_fn pem2der_freectx;
  42 static OSSL_FUNC_decoder_gettable_params_fn pem2der_gettable_params;
  43 static OSSL_FUNC_decoder_get_params_fn pem2der_get_params;
  44 static OSSL_FUNC_decoder_decode_fn pem2der_decode;
  45
  46 /*
  47  * Context used for PEM to DER decoding.
  48  */
  49 struct pem2der_ctx_st {
  50     PROV_CTX *provctx;
  51 };
  52
  53 static void *pem2der_newctx(void *provctx)
  54 {
  55     struct pem2der_ctx_st *ctx = OPENSSL_zalloc(sizeof(*ctx));
  56
  57     if (ctx != NULL)
  58         ctx->provctx = provctx;
  59     return ctx;
  60 }
  61
  62 static void pem2der_freectx(void *vctx)
  63 {
  64     struct pem2der_ctx_st *ctx = vctx;
  65
  66     OPENSSL_free(ctx);
  67 }
  68
  69 static const OSSL_PARAM *pem2der_gettable_params(void *provctx)
  70 {
  71     static const OSSL_PARAM gettables[] = {
  72         { OSSL_DECODER_PARAM_INPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
  73         OSSL_PARAM_END,
  74     };
  75
  76     return gettables;
  77 }
  78
  79 static int pem2der_get_params(OSSL_PARAM params[])
  80 {
  81     OSSL_PARAM *p;
  82
  83     p = OSSL_PARAM_locate(params, OSSL_DECODER_PARAM_INPUT_TYPE);
  84     if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "PEM"))
  85         return 0;
  86
  87     return 1;
  88 }
  89
  90 /* pem_password_cb compatible function */
  91 struct pem2der_pass_data_st {
  92     OSSL_PASSPHRASE_CALLBACK *cb;
  93     void *cbarg;
  94 };
  95
  96 static int pem2der_pass_helper(char *buf, int num, int w, void *data)
  97 {
  98     struct pem2der_pass_data_st *pass_data = data;
  99     size_t plen;
 100
 101     if (pass_data == NULL
 102         || pass_data->cb == NULL
 103         || !pass_data->cb(buf, num, &plen, NULL, pass_data->cbarg))
 104         return -1;
 105     return (int)plen;
 106 }
 107
 108 static int pem2der_decode(void *vctx, OSSL_CORE_BIO *cin,
 109                           OSSL_CALLBACK *data_cb, void *data_cbarg,
 110                           OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
 111 {
 112     struct pem2der_ctx_st *ctx = vctx;
 113     char *pem_name = NULL, *pem_header = NULL;
 114     unsigned char *der = NULL;
 115     long der_len = 0;
 116     int ok = 0;
 117
 118     if (read_pem(ctx->provctx, cin, &pem_name, &pem_header,
 119                  &der, &der_len) <= 0)
 120         return 0;
 121
 122     /*
 123      * 10 is the number of characters in "Proc-Type:", which
 124      * PEM_get_EVP_CIPHER_INFO() requires to be present.
 125      * If the PEM header has less characters than that, it's
 126      * not worth spending cycles on it.
 127      */
 128     if (strlen(pem_header) > 10) {
 129         EVP_CIPHER_INFO cipher;
 130         struct pem2der_pass_data_st pass_data;
 131
 132         pass_data.cb = pw_cb;
 133         pass_data.cbarg = pw_cbarg;
 134         if (!PEM_get_EVP_CIPHER_INFO(pem_header, &cipher)
 135             || !PEM_do_header(&cipher, der, &der_len,
 136                               pem2der_pass_helper, &pass_data))
 137             goto end;
 138     }
 139
 140     {
 141         OSSL_PARAM params[3];
 142
 143         params[0] =
 144             OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
 145                                              pem_name, 0);
 146         params[1] =
 147             OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA,
 148                                               der, der_len);
 149         params[2] = OSSL_PARAM_construct_end();
 150
 151         ok = data_cb(params, data_cbarg);
 152     }
 153
 154  end:
 155     OPENSSL_free(pem_name);
 156     OPENSSL_free(pem_header);
 157     OPENSSL_free(der);
 158     return ok;
 159 }
 160
 161 const OSSL_DISPATCH pem_to_der_decoder_functions[] = {
 162     { OSSL_FUNC_DECODER_NEWCTX, (void (*)(void))pem2der_newctx },
 163     { OSSL_FUNC_DECODER_FREECTX, (void (*)(void))pem2der_freectx },
 164     { OSSL_FUNC_DECODER_GETTABLE_PARAMS,
 165       (void (*)(void))pem2der_gettable_params },
 166     { OSSL_FUNC_DECODER_GET_PARAMS,
 167       (void (*)(void))pem2der_get_params },
 168     { OSSL_FUNC_DECODER_DECODE, (void (*)(void))pem2der_decode },
 169     { 0, NULL }
 170 };