Line data Source code
1 : /* crypto/evp/bio_enc.c */
2 : /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 : * All rights reserved.
4 : *
5 : * This package is an SSL implementation written
6 : * by Eric Young (eay@cryptsoft.com).
7 : * The implementation was written so as to conform with Netscapes SSL.
8 : *
9 : * This library is free for commercial and non-commercial use as long as
10 : * the following conditions are aheared to. The following conditions
11 : * apply to all code found in this distribution, be it the RC4, RSA,
12 : * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 : * included with this distribution is covered by the same copyright terms
14 : * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 : *
16 : * Copyright remains Eric Young's, and as such any Copyright notices in
17 : * the code are not to be removed.
18 : * If this package is used in a product, Eric Young should be given attribution
19 : * as the author of the parts of the library used.
20 : * This can be in the form of a textual message at program startup or
21 : * in documentation (online or textual) provided with the package.
22 : *
23 : * Redistribution and use in source and binary forms, with or without
24 : * modification, are permitted provided that the following conditions
25 : * are met:
26 : * 1. Redistributions of source code must retain the copyright
27 : * notice, this list of conditions and the following disclaimer.
28 : * 2. Redistributions in binary form must reproduce the above copyright
29 : * notice, this list of conditions and the following disclaimer in the
30 : * documentation and/or other materials provided with the distribution.
31 : * 3. All advertising materials mentioning features or use of this software
32 : * must display the following acknowledgement:
33 : * "This product includes cryptographic software written by
34 : * Eric Young (eay@cryptsoft.com)"
35 : * The word 'cryptographic' can be left out if the rouines from the library
36 : * being used are not cryptographic related :-).
37 : * 4. If you include any Windows specific code (or a derivative thereof) from
38 : * the apps directory (application code) you must include an acknowledgement:
39 : * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 : *
41 : * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 : * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 : * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 : * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 : * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 : * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 : * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 : * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 : * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 : * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 : * SUCH DAMAGE.
52 : *
53 : * The licence and distribution terms for any publically available version or
54 : * derivative of this code cannot be changed. i.e. this code cannot simply be
55 : * copied and put under another distribution licence
56 : * [including the GNU Public Licence.]
57 : */
58 :
59 : #include <stdio.h>
60 : #include <errno.h>
61 : #include "cryptlib.h"
62 : #include <openssl/buffer.h>
63 : #include <openssl/evp.h>
64 :
65 : static int enc_write(BIO *h, const char *buf, int num);
66 : static int enc_read(BIO *h, char *buf, int size);
67 : /*
68 : * static int enc_puts(BIO *h, const char *str);
69 : */
70 : /*
71 : * static int enc_gets(BIO *h, char *str, int size);
72 : */
73 : static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
74 : static int enc_new(BIO *h);
75 : static int enc_free(BIO *data);
76 : static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
77 : #define ENC_BLOCK_SIZE (1024*4)
78 : #define BUF_OFFSET (EVP_MAX_BLOCK_LENGTH*2)
79 :
80 : typedef struct enc_struct {
81 : int buf_len;
82 : int buf_off;
83 : int cont; /* <= 0 when finished */
84 : int finished;
85 : int ok; /* bad decrypt */
86 : EVP_CIPHER_CTX cipher;
87 : /*
88 : * buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate can return
89 : * up to a block more data than is presented to it
90 : */
91 : char buf[ENC_BLOCK_SIZE + BUF_OFFSET + 2];
92 : } BIO_ENC_CTX;
93 :
94 : static BIO_METHOD methods_enc = {
95 : BIO_TYPE_CIPHER, "cipher",
96 : enc_write,
97 : enc_read,
98 : NULL, /* enc_puts, */
99 : NULL, /* enc_gets, */
100 : enc_ctrl,
101 : enc_new,
102 : enc_free,
103 : enc_callback_ctrl,
104 : };
105 :
106 0 : BIO_METHOD *BIO_f_cipher(void)
107 : {
108 0 : return (&methods_enc);
109 : }
110 :
111 0 : static int enc_new(BIO *bi)
112 : {
113 : BIO_ENC_CTX *ctx;
114 :
115 0 : ctx = (BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX));
116 0 : if (ctx == NULL)
117 : return (0);
118 0 : EVP_CIPHER_CTX_init(&ctx->cipher);
119 :
120 0 : ctx->buf_len = 0;
121 0 : ctx->buf_off = 0;
122 0 : ctx->cont = 1;
123 0 : ctx->finished = 0;
124 0 : ctx->ok = 1;
125 :
126 0 : bi->init = 0;
127 0 : bi->ptr = (char *)ctx;
128 0 : bi->flags = 0;
129 0 : return (1);
130 : }
131 :
132 0 : static int enc_free(BIO *a)
133 : {
134 : BIO_ENC_CTX *b;
135 :
136 0 : if (a == NULL)
137 : return (0);
138 0 : b = (BIO_ENC_CTX *)a->ptr;
139 0 : EVP_CIPHER_CTX_cleanup(&(b->cipher));
140 0 : OPENSSL_cleanse(a->ptr, sizeof(BIO_ENC_CTX));
141 0 : OPENSSL_free(a->ptr);
142 0 : a->ptr = NULL;
143 0 : a->init = 0;
144 0 : a->flags = 0;
145 0 : return (1);
146 : }
147 :
148 0 : static int enc_read(BIO *b, char *out, int outl)
149 : {
150 : int ret = 0, i;
151 : BIO_ENC_CTX *ctx;
152 :
153 0 : if (out == NULL)
154 : return (0);
155 0 : ctx = (BIO_ENC_CTX *)b->ptr;
156 :
157 0 : if ((ctx == NULL) || (b->next_bio == NULL))
158 : return (0);
159 :
160 : /* First check if there are bytes decoded/encoded */
161 0 : if (ctx->buf_len > 0) {
162 0 : i = ctx->buf_len - ctx->buf_off;
163 0 : if (i > outl)
164 : i = outl;
165 0 : memcpy(out, &(ctx->buf[ctx->buf_off]), i);
166 : ret = i;
167 0 : out += i;
168 0 : outl -= i;
169 0 : ctx->buf_off += i;
170 0 : if (ctx->buf_len == ctx->buf_off) {
171 0 : ctx->buf_len = 0;
172 0 : ctx->buf_off = 0;
173 : }
174 : }
175 :
176 : /*
177 : * At this point, we have room of outl bytes and an empty buffer, so we
178 : * should read in some more.
179 : */
180 :
181 0 : while (outl > 0) {
182 0 : if (ctx->cont <= 0)
183 : break;
184 :
185 : /*
186 : * read in at IV offset, read the EVP_Cipher documentation about why
187 : */
188 0 : i = BIO_read(b->next_bio, &(ctx->buf[BUF_OFFSET]), ENC_BLOCK_SIZE);
189 :
190 0 : if (i <= 0) {
191 : /* Should be continue next time we are called? */
192 0 : if (!BIO_should_retry(b->next_bio)) {
193 0 : ctx->cont = i;
194 0 : i = EVP_CipherFinal_ex(&(ctx->cipher),
195 0 : (unsigned char *)ctx->buf,
196 : &(ctx->buf_len));
197 0 : ctx->ok = i;
198 0 : ctx->buf_off = 0;
199 : } else {
200 0 : ret = (ret == 0) ? i : ret;
201 0 : break;
202 : }
203 : } else {
204 0 : EVP_CipherUpdate(&(ctx->cipher),
205 0 : (unsigned char *)ctx->buf, &ctx->buf_len,
206 : (unsigned char *)&(ctx->buf[BUF_OFFSET]), i);
207 0 : ctx->cont = 1;
208 : /*
209 : * Note: it is possible for EVP_CipherUpdate to decrypt zero
210 : * bytes because this is or looks like the final block: if this
211 : * happens we should retry and either read more data or decrypt
212 : * the final block
213 : */
214 0 : if (ctx->buf_len == 0)
215 0 : continue;
216 : }
217 :
218 0 : if (ctx->buf_len <= outl)
219 : i = ctx->buf_len;
220 : else
221 : i = outl;
222 0 : if (i <= 0)
223 : break;
224 0 : memcpy(out, ctx->buf, i);
225 0 : ret += i;
226 0 : ctx->buf_off = i;
227 0 : outl -= i;
228 0 : out += i;
229 : }
230 :
231 0 : BIO_clear_retry_flags(b);
232 0 : BIO_copy_next_retry(b);
233 0 : return ((ret == 0) ? ctx->cont : ret);
234 : }
235 :
236 0 : static int enc_write(BIO *b, const char *in, int inl)
237 : {
238 : int ret = 0, n, i;
239 : BIO_ENC_CTX *ctx;
240 :
241 0 : ctx = (BIO_ENC_CTX *)b->ptr;
242 : ret = inl;
243 :
244 0 : BIO_clear_retry_flags(b);
245 0 : n = ctx->buf_len - ctx->buf_off;
246 0 : while (n > 0) {
247 0 : i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
248 0 : if (i <= 0) {
249 0 : BIO_copy_next_retry(b);
250 0 : return (i);
251 : }
252 0 : ctx->buf_off += i;
253 0 : n -= i;
254 : }
255 : /* at this point all pending data has been written */
256 :
257 0 : if ((in == NULL) || (inl <= 0))
258 : return (0);
259 :
260 0 : ctx->buf_off = 0;
261 0 : while (inl > 0) {
262 0 : n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl;
263 0 : EVP_CipherUpdate(&(ctx->cipher),
264 0 : (unsigned char *)ctx->buf, &ctx->buf_len,
265 : (unsigned char *)in, n);
266 0 : inl -= n;
267 0 : in += n;
268 :
269 0 : ctx->buf_off = 0;
270 0 : n = ctx->buf_len;
271 0 : while (n > 0) {
272 0 : i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
273 0 : if (i <= 0) {
274 0 : BIO_copy_next_retry(b);
275 0 : return (ret == inl) ? i : ret - inl;
276 : }
277 0 : n -= i;
278 0 : ctx->buf_off += i;
279 : }
280 0 : ctx->buf_len = 0;
281 0 : ctx->buf_off = 0;
282 : }
283 0 : BIO_copy_next_retry(b);
284 0 : return (ret);
285 : }
286 :
287 0 : static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
288 : {
289 : BIO *dbio;
290 : BIO_ENC_CTX *ctx, *dctx;
291 : long ret = 1;
292 : int i;
293 : EVP_CIPHER_CTX **c_ctx;
294 :
295 0 : ctx = (BIO_ENC_CTX *)b->ptr;
296 :
297 0 : switch (cmd) {
298 : case BIO_CTRL_RESET:
299 0 : ctx->ok = 1;
300 0 : ctx->finished = 0;
301 0 : EVP_CipherInit_ex(&(ctx->cipher), NULL, NULL, NULL, NULL,
302 : ctx->cipher.encrypt);
303 0 : ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
304 0 : break;
305 : case BIO_CTRL_EOF: /* More to read */
306 0 : if (ctx->cont <= 0)
307 : ret = 1;
308 : else
309 0 : ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
310 : break;
311 : case BIO_CTRL_WPENDING:
312 0 : ret = ctx->buf_len - ctx->buf_off;
313 0 : if (ret <= 0)
314 0 : ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
315 : break;
316 : case BIO_CTRL_PENDING: /* More to read in buffer */
317 0 : ret = ctx->buf_len - ctx->buf_off;
318 0 : if (ret <= 0)
319 0 : ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
320 : break;
321 : case BIO_CTRL_FLUSH:
322 : /* do a final write */
323 : again:
324 0 : while (ctx->buf_len != ctx->buf_off) {
325 0 : i = enc_write(b, NULL, 0);
326 0 : if (i < 0)
327 0 : return i;
328 : }
329 :
330 0 : if (!ctx->finished) {
331 0 : ctx->finished = 1;
332 0 : ctx->buf_off = 0;
333 0 : ret = EVP_CipherFinal_ex(&(ctx->cipher),
334 0 : (unsigned char *)ctx->buf,
335 : &(ctx->buf_len));
336 0 : ctx->ok = (int)ret;
337 0 : if (ret <= 0)
338 : break;
339 :
340 : /* push out the bytes */
341 : goto again;
342 : }
343 :
344 : /* Finally flush the underlying BIO */
345 0 : ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
346 0 : break;
347 : case BIO_C_GET_CIPHER_STATUS:
348 0 : ret = (long)ctx->ok;
349 0 : break;
350 : case BIO_C_DO_STATE_MACHINE:
351 0 : BIO_clear_retry_flags(b);
352 0 : ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
353 0 : BIO_copy_next_retry(b);
354 0 : break;
355 : case BIO_C_GET_CIPHER_CTX:
356 : c_ctx = (EVP_CIPHER_CTX **)ptr;
357 0 : (*c_ctx) = &(ctx->cipher);
358 0 : b->init = 1;
359 0 : break;
360 : case BIO_CTRL_DUP:
361 : dbio = (BIO *)ptr;
362 0 : dctx = (BIO_ENC_CTX *)dbio->ptr;
363 0 : EVP_CIPHER_CTX_init(&dctx->cipher);
364 0 : ret = EVP_CIPHER_CTX_copy(&dctx->cipher, &ctx->cipher);
365 0 : if (ret)
366 0 : dbio->init = 1;
367 : break;
368 : default:
369 0 : ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
370 0 : break;
371 : }
372 0 : return (ret);
373 : }
374 :
375 0 : static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
376 : {
377 : long ret = 1;
378 :
379 0 : if (b->next_bio == NULL)
380 : return (0);
381 : switch (cmd) {
382 : default:
383 0 : ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
384 : break;
385 : }
386 0 : return (ret);
387 : }
388 :
389 : /*-
390 : void BIO_set_cipher_ctx(b,c)
391 : BIO *b;
392 : EVP_CIPHER_ctx *c;
393 : {
394 : if (b == NULL) return;
395 :
396 : if ((b->callback != NULL) &&
397 : (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
398 : return;
399 :
400 : b->init=1;
401 : ctx=(BIO_ENC_CTX *)b->ptr;
402 : memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
403 :
404 : if (b->callback != NULL)
405 : b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
406 : }
407 : */
408 :
409 0 : void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
410 : const unsigned char *i, int e)
411 : {
412 : BIO_ENC_CTX *ctx;
413 :
414 0 : if (b == NULL)
415 : return;
416 :
417 0 : if ((b->callback != NULL) &&
418 0 : (b->callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 0L) <=
419 : 0))
420 : return;
421 :
422 0 : b->init = 1;
423 0 : ctx = (BIO_ENC_CTX *)b->ptr;
424 0 : EVP_CipherInit_ex(&(ctx->cipher), c, NULL, k, i, e);
425 :
426 0 : if (b->callback != NULL)
427 0 : b->callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 1L);
428 : }
|