1 /*
2  * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <openssl/core_names.h>
11 #include <openssl/bio.h>
12 #include <openssl/encoder.h>
13 #include <openssl/buffer.h>
14 #include <openssl/params.h>
15 #include <openssl/provider.h>
16 #include <openssl/trace.h>
17 #include "internal/bio.h"
18 #include "internal/provider.h"
19 #include "encoder_local.h"
20 
21 struct encoder_process_data_st {
22     OSSL_ENCODER_CTX *ctx;
23 
24     /* Current BIO */
25     BIO *bio;
26 
27     /* Index of the current encoder instance to be processed */
28     int current_encoder_inst_index;
29 
30     /* Processing data passed down through recursion */
31     int level;                   /* Recursion level */
32     OSSL_ENCODER_INSTANCE *next_encoder_inst;
33     int count_output_structure;
34 
35     /* Processing data passed up through recursion */
36     OSSL_ENCODER_INSTANCE *prev_encoder_inst;
37     unsigned char *running_output;
38     size_t running_output_length;
39     /* Data type = the name of the first succeeding encoder implementation */
40     const char *data_type;
41 };
42 
43 static int encoder_process(struct encoder_process_data_st *data);
44 
OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX * ctx,BIO * out)45 int OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out)
46 {
47     struct encoder_process_data_st data;
48 
49     memset(&data, 0, sizeof(data));
50     data.ctx = ctx;
51     data.bio = out;
52     data.current_encoder_inst_index = OSSL_ENCODER_CTX_get_num_encoders(ctx);
53 
54     if (data.current_encoder_inst_index == 0) {
55         ERR_raise_data(ERR_LIB_OSSL_ENCODER, OSSL_ENCODER_R_ENCODER_NOT_FOUND,
56                        "No encoders were found. For standard encoders you need "
57                        "at least one of the default or base providers "
58                        "available. Did you forget to load them?");
59         return 0;
60     }
61 
62     if (ctx->cleanup == NULL || ctx->construct == NULL) {
63         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_INIT_FAIL);
64         return 0;
65     }
66 
67     return encoder_process(&data) > 0;
68 }
69 
70 #ifndef OPENSSL_NO_STDIO
bio_from_file(FILE * fp)71 static BIO *bio_from_file(FILE *fp)
72 {
73     BIO *b;
74 
75     if ((b = BIO_new(BIO_s_file())) == NULL) {
76         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_BUF_LIB);
77         return NULL;
78     }
79     BIO_set_fp(b, fp, BIO_NOCLOSE);
80     return b;
81 }
82 
OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX * ctx,FILE * fp)83 int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp)
84 {
85     BIO *b = bio_from_file(fp);
86     int ret = 0;
87 
88     if (b != NULL)
89         ret = OSSL_ENCODER_to_bio(ctx, b);
90 
91     BIO_free(b);
92     return ret;
93 }
94 #endif
95 
OSSL_ENCODER_to_data(OSSL_ENCODER_CTX * ctx,unsigned char ** pdata,size_t * pdata_len)96 int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata,
97                          size_t *pdata_len)
98 {
99     BIO *out;
100     BUF_MEM *buf = NULL;
101     int ret = 0;
102 
103     if (pdata_len == NULL) {
104         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
105         return 0;
106     }
107 
108     out = BIO_new(BIO_s_mem());
109 
110     if (out != NULL
111         && OSSL_ENCODER_to_bio(ctx, out)
112         && BIO_get_mem_ptr(out, &buf) > 0) {
113         ret = 1; /* Hope for the best. A too small buffer will clear this */
114 
115         if (pdata != NULL && *pdata != NULL) {
116             if (*pdata_len < buf->length)
117                 /*
118                  * It's tempting to do |*pdata_len = (size_t)buf->length|
119                  * However, it's believed to be confusing more than helpful,
120                  * so we don't.
121                  */
122                 ret = 0;
123             else
124                 *pdata_len -= buf->length;
125         } else {
126             /* The buffer with the right size is already allocated for us */
127             *pdata_len = (size_t)buf->length;
128         }
129 
130         if (ret) {
131             if (pdata != NULL) {
132                 if (*pdata != NULL) {
133                     memcpy(*pdata, buf->data, buf->length);
134                     *pdata += buf->length;
135                 } else {
136                     /* In this case, we steal the data from BIO_s_mem() */
137                     *pdata = (unsigned char *)buf->data;
138                     buf->data = NULL;
139                 }
140             }
141         }
142     }
143     BIO_free(out);
144     return ret;
145 }
146 
OSSL_ENCODER_CTX_set_selection(OSSL_ENCODER_CTX * ctx,int selection)147 int OSSL_ENCODER_CTX_set_selection(OSSL_ENCODER_CTX *ctx, int selection)
148 {
149     if (!ossl_assert(ctx != NULL)) {
150         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
151         return 0;
152     }
153 
154     if (!ossl_assert(selection != 0)) {
155         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_INVALID_ARGUMENT);
156         return 0;
157     }
158 
159     ctx->selection = selection;
160     return 1;
161 }
162 
OSSL_ENCODER_CTX_set_output_type(OSSL_ENCODER_CTX * ctx,const char * output_type)163 int OSSL_ENCODER_CTX_set_output_type(OSSL_ENCODER_CTX *ctx,
164                                      const char *output_type)
165 {
166     if (!ossl_assert(ctx != NULL) || !ossl_assert(output_type != NULL)) {
167         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
168         return 0;
169     }
170 
171     ctx->output_type = output_type;
172     return 1;
173 }
174 
OSSL_ENCODER_CTX_set_output_structure(OSSL_ENCODER_CTX * ctx,const char * output_structure)175 int OSSL_ENCODER_CTX_set_output_structure(OSSL_ENCODER_CTX *ctx,
176                                           const char *output_structure)
177 {
178     if (!ossl_assert(ctx != NULL) || !ossl_assert(output_structure != NULL)) {
179         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
180         return 0;
181     }
182 
183     ctx->output_structure = output_structure;
184     return 1;
185 }
186 
ossl_encoder_instance_new(OSSL_ENCODER * encoder,void * encoderctx)187 static OSSL_ENCODER_INSTANCE *ossl_encoder_instance_new(OSSL_ENCODER *encoder,
188                                                         void *encoderctx)
189 {
190     OSSL_ENCODER_INSTANCE *encoder_inst = NULL;
191     const OSSL_PROVIDER *prov;
192     OSSL_LIB_CTX *libctx;
193     const OSSL_PROPERTY_LIST *props;
194     const OSSL_PROPERTY_DEFINITION *prop;
195 
196     if (!ossl_assert(encoder != NULL)) {
197         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
198         return 0;
199     }
200 
201     if ((encoder_inst = OPENSSL_zalloc(sizeof(*encoder_inst))) == NULL)
202         return 0;
203 
204     if (!OSSL_ENCODER_up_ref(encoder)) {
205         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_INTERNAL_ERROR);
206         goto err;
207     }
208 
209     prov = OSSL_ENCODER_get0_provider(encoder);
210     libctx = ossl_provider_libctx(prov);
211     props = ossl_encoder_parsed_properties(encoder);
212     if (props == NULL) {
213         ERR_raise_data(ERR_LIB_OSSL_DECODER, ERR_R_INVALID_PROPERTY_DEFINITION,
214                        "there are no property definitions with encoder %s",
215                        OSSL_ENCODER_get0_name(encoder));
216         goto err;
217     }
218 
219     /* The "output" property is mandatory */
220     prop = ossl_property_find_property(props, libctx, "output");
221     encoder_inst->output_type = ossl_property_get_string_value(libctx, prop);
222     if (encoder_inst->output_type == NULL) {
223         ERR_raise_data(ERR_LIB_OSSL_DECODER, ERR_R_INVALID_PROPERTY_DEFINITION,
224                        "the mandatory 'output' property is missing "
225                        "for encoder %s (properties: %s)",
226                        OSSL_ENCODER_get0_name(encoder),
227                        OSSL_ENCODER_get0_properties(encoder));
228         goto err;
229     }
230 
231     /* The "structure" property is optional */
232     prop = ossl_property_find_property(props, libctx, "structure");
233     if (prop != NULL)
234         encoder_inst->output_structure
235             = ossl_property_get_string_value(libctx, prop);
236 
237     encoder_inst->encoder = encoder;
238     encoder_inst->encoderctx = encoderctx;
239     return encoder_inst;
240  err:
241     ossl_encoder_instance_free(encoder_inst);
242     return NULL;
243 }
244 
ossl_encoder_instance_free(OSSL_ENCODER_INSTANCE * encoder_inst)245 void ossl_encoder_instance_free(OSSL_ENCODER_INSTANCE *encoder_inst)
246 {
247     if (encoder_inst != NULL) {
248         if (encoder_inst->encoder != NULL)
249             encoder_inst->encoder->freectx(encoder_inst->encoderctx);
250         encoder_inst->encoderctx = NULL;
251         OSSL_ENCODER_free(encoder_inst->encoder);
252         encoder_inst->encoder = NULL;
253         OPENSSL_free(encoder_inst);
254     }
255 }
256 
ossl_encoder_ctx_add_encoder_inst(OSSL_ENCODER_CTX * ctx,OSSL_ENCODER_INSTANCE * ei)257 static int ossl_encoder_ctx_add_encoder_inst(OSSL_ENCODER_CTX *ctx,
258                                              OSSL_ENCODER_INSTANCE *ei)
259 {
260     int ok;
261 
262     if (ctx->encoder_insts == NULL
263         && (ctx->encoder_insts =
264             sk_OSSL_ENCODER_INSTANCE_new_null()) == NULL) {
265         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_CRYPTO_LIB);
266         return 0;
267     }
268 
269     ok = (sk_OSSL_ENCODER_INSTANCE_push(ctx->encoder_insts, ei) > 0);
270     if (ok) {
271         OSSL_TRACE_BEGIN(ENCODER) {
272             BIO_printf(trc_out,
273                        "(ctx %p) Added encoder instance %p (encoder %p):\n"
274                        "    %s with %s\n",
275                        (void *)ctx, (void *)ei, (void *)ei->encoder,
276                        OSSL_ENCODER_get0_name(ei->encoder),
277                        OSSL_ENCODER_get0_properties(ei->encoder));
278         } OSSL_TRACE_END(ENCODER);
279     }
280     return ok;
281 }
282 
OSSL_ENCODER_CTX_add_encoder(OSSL_ENCODER_CTX * ctx,OSSL_ENCODER * encoder)283 int OSSL_ENCODER_CTX_add_encoder(OSSL_ENCODER_CTX *ctx, OSSL_ENCODER *encoder)
284 {
285     OSSL_ENCODER_INSTANCE *encoder_inst = NULL;
286     const OSSL_PROVIDER *prov = NULL;
287     void *encoderctx = NULL;
288     void *provctx = NULL;
289 
290     if (!ossl_assert(ctx != NULL) || !ossl_assert(encoder != NULL)) {
291         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
292         return 0;
293     }
294 
295     prov = OSSL_ENCODER_get0_provider(encoder);
296     provctx = OSSL_PROVIDER_get0_provider_ctx(prov);
297 
298     if ((encoderctx = encoder->newctx(provctx)) == NULL
299         || (encoder_inst =
300             ossl_encoder_instance_new(encoder, encoderctx)) == NULL)
301         goto err;
302     /* Avoid double free of encoderctx on further errors */
303     encoderctx = NULL;
304 
305     if (!ossl_encoder_ctx_add_encoder_inst(ctx, encoder_inst))
306         goto err;
307 
308     return 1;
309  err:
310     ossl_encoder_instance_free(encoder_inst);
311     if (encoderctx != NULL)
312         encoder->freectx(encoderctx);
313     return 0;
314 }
315 
OSSL_ENCODER_CTX_add_extra(OSSL_ENCODER_CTX * ctx,OSSL_LIB_CTX * libctx,const char * propq)316 int OSSL_ENCODER_CTX_add_extra(OSSL_ENCODER_CTX *ctx,
317                                OSSL_LIB_CTX *libctx, const char *propq)
318 {
319     return 1;
320 }
321 
OSSL_ENCODER_CTX_get_num_encoders(OSSL_ENCODER_CTX * ctx)322 int OSSL_ENCODER_CTX_get_num_encoders(OSSL_ENCODER_CTX *ctx)
323 {
324     if (ctx == NULL || ctx->encoder_insts == NULL)
325         return 0;
326     return sk_OSSL_ENCODER_INSTANCE_num(ctx->encoder_insts);
327 }
328 
OSSL_ENCODER_CTX_set_construct(OSSL_ENCODER_CTX * ctx,OSSL_ENCODER_CONSTRUCT * construct)329 int OSSL_ENCODER_CTX_set_construct(OSSL_ENCODER_CTX *ctx,
330                                    OSSL_ENCODER_CONSTRUCT *construct)
331 {
332     if (!ossl_assert(ctx != NULL)) {
333         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
334         return 0;
335     }
336     ctx->construct = construct;
337     return 1;
338 }
339 
OSSL_ENCODER_CTX_set_construct_data(OSSL_ENCODER_CTX * ctx,void * construct_data)340 int OSSL_ENCODER_CTX_set_construct_data(OSSL_ENCODER_CTX *ctx,
341                                         void *construct_data)
342 {
343     if (!ossl_assert(ctx != NULL)) {
344         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
345         return 0;
346     }
347     ctx->construct_data = construct_data;
348     return 1;
349 }
350 
OSSL_ENCODER_CTX_set_cleanup(OSSL_ENCODER_CTX * ctx,OSSL_ENCODER_CLEANUP * cleanup)351 int OSSL_ENCODER_CTX_set_cleanup(OSSL_ENCODER_CTX *ctx,
352                                  OSSL_ENCODER_CLEANUP *cleanup)
353 {
354     if (!ossl_assert(ctx != NULL)) {
355         ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_PASSED_NULL_PARAMETER);
356         return 0;
357     }
358     ctx->cleanup = cleanup;
359     return 1;
360 }
361 
362 OSSL_ENCODER *
OSSL_ENCODER_INSTANCE_get_encoder(OSSL_ENCODER_INSTANCE * encoder_inst)363 OSSL_ENCODER_INSTANCE_get_encoder(OSSL_ENCODER_INSTANCE *encoder_inst)
364 {
365     if (encoder_inst == NULL)
366         return NULL;
367     return encoder_inst->encoder;
368 }
369 
370 void *
OSSL_ENCODER_INSTANCE_get_encoder_ctx(OSSL_ENCODER_INSTANCE * encoder_inst)371 OSSL_ENCODER_INSTANCE_get_encoder_ctx(OSSL_ENCODER_INSTANCE *encoder_inst)
372 {
373     if (encoder_inst == NULL)
374         return NULL;
375     return encoder_inst->encoderctx;
376 }
377 
378 const char *
OSSL_ENCODER_INSTANCE_get_output_type(OSSL_ENCODER_INSTANCE * encoder_inst)379 OSSL_ENCODER_INSTANCE_get_output_type(OSSL_ENCODER_INSTANCE *encoder_inst)
380 {
381     if (encoder_inst == NULL)
382         return NULL;
383     return encoder_inst->output_type;
384 }
385 
386 const char *
OSSL_ENCODER_INSTANCE_get_output_structure(OSSL_ENCODER_INSTANCE * encoder_inst)387 OSSL_ENCODER_INSTANCE_get_output_structure(OSSL_ENCODER_INSTANCE *encoder_inst)
388 {
389     if (encoder_inst == NULL)
390         return NULL;
391     return encoder_inst->output_structure;
392 }
393 
encoder_process(struct encoder_process_data_st * data)394 static int encoder_process(struct encoder_process_data_st *data)
395 {
396     OSSL_ENCODER_INSTANCE *current_encoder_inst = NULL;
397     OSSL_ENCODER *current_encoder = NULL;
398     OSSL_ENCODER_CTX *current_encoder_ctx = NULL;
399     BIO *allocated_out = NULL;
400     const void *original_data = NULL;
401     OSSL_PARAM abstract[10];
402     const OSSL_PARAM *current_abstract = NULL;
403     int i;
404     int ok = -1;  /* -1 signifies that the lookup loop gave nothing */
405     int top = 0;
406 
407     if (data->next_encoder_inst == NULL) {
408         /* First iteration, where we prepare for what is to come */
409 
410         data->count_output_structure =
411             data->ctx->output_structure == NULL ? -1 : 0;
412         top = 1;
413     }
414 
415     for (i = data->current_encoder_inst_index; i-- > 0;) {
416         OSSL_ENCODER *next_encoder = NULL;
417         const char *current_output_type;
418         const char *current_output_structure;
419         struct encoder_process_data_st new_data;
420 
421         if (!top)
422             next_encoder =
423                 OSSL_ENCODER_INSTANCE_get_encoder(data->next_encoder_inst);
424 
425         current_encoder_inst =
426             sk_OSSL_ENCODER_INSTANCE_value(data->ctx->encoder_insts, i);
427         current_encoder =
428             OSSL_ENCODER_INSTANCE_get_encoder(current_encoder_inst);
429         current_encoder_ctx =
430             OSSL_ENCODER_INSTANCE_get_encoder_ctx(current_encoder_inst);
431         current_output_type =
432             OSSL_ENCODER_INSTANCE_get_output_type(current_encoder_inst);
433         current_output_structure =
434             OSSL_ENCODER_INSTANCE_get_output_structure(current_encoder_inst);
435         memset(&new_data, 0, sizeof(new_data));
436         new_data.ctx = data->ctx;
437         new_data.current_encoder_inst_index = i;
438         new_data.next_encoder_inst = current_encoder_inst;
439         new_data.count_output_structure = data->count_output_structure;
440         new_data.level = data->level + 1;
441 
442         OSSL_TRACE_BEGIN(ENCODER) {
443             BIO_printf(trc_out,
444                        "[%d] (ctx %p) Considering encoder instance %p (encoder %p)\n",
445                        data->level, (void *)data->ctx,
446                        (void *)current_encoder_inst, (void *)current_encoder);
447         } OSSL_TRACE_END(ENCODER);
448 
449         /*
450          * If this is the top call, we check if the output type of the current
451          * encoder matches the desired output type.
452          * If this isn't the top call, i.e. this is deeper in the recursion,
453          * we instead check if the output type of the current encoder matches
454          * the name of the next encoder (the one found by the parent call).
455          */
456         if (top) {
457             if (data->ctx->output_type != NULL
458                 && OPENSSL_strcasecmp(current_output_type,
459                                       data->ctx->output_type) != 0) {
460                 OSSL_TRACE_BEGIN(ENCODER) {
461                     BIO_printf(trc_out,
462                                "[%d]    Skipping because current encoder output type (%s) != desired output type (%s)\n",
463                                data->level,
464                                current_output_type, data->ctx->output_type);
465                 } OSSL_TRACE_END(ENCODER);
466                 continue;
467             }
468         } else {
469             if (!OSSL_ENCODER_is_a(next_encoder, current_output_type)) {
470                 OSSL_TRACE_BEGIN(ENCODER) {
471                     BIO_printf(trc_out,
472                                "[%d]    Skipping because current encoder output type (%s) != name of encoder %p\n",
473                                data->level,
474                                current_output_type, (void *)next_encoder);
475                 } OSSL_TRACE_END(ENCODER);
476                 continue;
477             }
478         }
479 
480         /*
481          * If the caller and the current encoder specify an output structure,
482          * Check if they match.  If they do, count the match, otherwise skip
483          * the current encoder.
484          */
485         if (data->ctx->output_structure != NULL
486             && current_output_structure != NULL) {
487             if (OPENSSL_strcasecmp(data->ctx->output_structure,
488                                    current_output_structure) != 0) {
489                 OSSL_TRACE_BEGIN(ENCODER) {
490                     BIO_printf(trc_out,
491                                "[%d]    Skipping because current encoder output structure (%s) != ctx output structure (%s)\n",
492                                data->level,
493                                current_output_structure,
494                                data->ctx->output_structure);
495                 } OSSL_TRACE_END(ENCODER);
496                 continue;
497             }
498 
499             data->count_output_structure++;
500         }
501 
502         /*
503          * Recurse to process the encoder implementations before the current
504          * one.
505          */
506         ok = encoder_process(&new_data);
507 
508         data->prev_encoder_inst = new_data.prev_encoder_inst;
509         data->running_output = new_data.running_output;
510         data->running_output_length = new_data.running_output_length;
511 
512         /*
513          * ok == -1     means that the recursion call above gave no further
514          *              encoders, and that the one we're currently at should
515          *              be tried.
516          * ok == 0      means that something failed in the recursion call
517          *              above, making the result unsuitable for a chain.
518          *              In this case, we simply continue to try finding a
519          *              suitable encoder at this recursion level.
520          * ok == 1      means that the recursion call was successful, and we
521          *              try to use the result at this recursion level.
522          */
523         if (ok != 0)
524             break;
525 
526         OSSL_TRACE_BEGIN(ENCODER) {
527             BIO_printf(trc_out,
528                        "[%d]    Skipping because recursion level %d failed\n",
529                        data->level, new_data.level);
530         } OSSL_TRACE_END(ENCODER);
531     }
532 
533     /*
534      * If |i < 0|, we didn't find any useful encoder in this recursion, so
535      * we do the rest of the process only if |i >= 0|.
536      */
537     if (i < 0) {
538         ok = -1;
539 
540         OSSL_TRACE_BEGIN(ENCODER) {
541             BIO_printf(trc_out,
542                        "[%d] (ctx %p) No suitable encoder found\n",
543                        data->level, (void *)data->ctx);
544         } OSSL_TRACE_END(ENCODER);
545     } else {
546         /* Preparations */
547 
548         switch (ok) {
549         case 0:
550             break;
551         case -1:
552             /*
553              * We have reached the beginning of the encoder instance sequence,
554              * so we prepare the object to be encoded.
555              */
556 
557             /*
558              * |data->count_output_structure| is one of these values:
559              *
560              * -1       There is no desired output structure
561              *  0       There is a desired output structure, and it wasn't
562              *          matched by any of the encoder instances that were
563              *          considered
564              * >0       There is a desired output structure, and at least one
565              *          of the encoder instances matched it
566              */
567             if (data->count_output_structure == 0)
568                 return 0;
569 
570             original_data =
571                 data->ctx->construct(current_encoder_inst,
572                                      data->ctx->construct_data);
573 
574             /* Also set the data type, using the encoder implementation name */
575             data->data_type = OSSL_ENCODER_get0_name(current_encoder);
576 
577             /* Assume that the constructor recorded an error */
578             if (original_data != NULL)
579                 ok = 1;
580             else
581                 ok = 0;
582             break;
583         case 1:
584             if (!ossl_assert(data->running_output != NULL)) {
585                 ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_INTERNAL_ERROR);
586                 ok = 0;
587                 break;
588             }
589 
590             {
591                 /*
592                  * Create an object abstraction from the latest output, which
593                  * was stolen from the previous round.
594                  */
595 
596                 OSSL_PARAM *abstract_p = abstract;
597                 const char *prev_output_structure =
598                     OSSL_ENCODER_INSTANCE_get_output_structure(data->prev_encoder_inst);
599 
600                 *abstract_p++ =
601                     OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
602                                                      (char *)data->data_type, 0);
603                 if (prev_output_structure != NULL)
604                     *abstract_p++ =
605                         OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_STRUCTURE,
606                                                          (char *)prev_output_structure,
607                                                          0);
608                 *abstract_p++ =
609                     OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA,
610                                                       data->running_output,
611                                                       data->running_output_length);
612                 *abstract_p = OSSL_PARAM_construct_end();
613                 current_abstract = abstract;
614             }
615             break;
616         }
617 
618         /* Calling the encoder implementation */
619 
620         if (ok) {
621             OSSL_CORE_BIO *cbio = NULL;
622             BIO *current_out = NULL;
623 
624             /*
625              * If we're at the last encoder instance to use, we're setting up
626              * final output.  Otherwise, set up an intermediary memory output.
627              */
628             if (top)
629                 current_out = data->bio;
630             else if ((current_out = allocated_out = BIO_new(BIO_s_mem()))
631                      == NULL)
632                 ok = 0;     /* Assume BIO_new() recorded an error */
633 
634             if (ok)
635                 ok = (cbio = ossl_core_bio_new_from_bio(current_out)) != NULL;
636             if (ok) {
637                 ok = current_encoder->encode(current_encoder_ctx, cbio,
638                                              original_data, current_abstract,
639                                              data->ctx->selection,
640                                              ossl_pw_passphrase_callback_enc,
641                                              &data->ctx->pwdata);
642                 OSSL_TRACE_BEGIN(ENCODER) {
643                     BIO_printf(trc_out,
644                                "[%d] (ctx %p) Running encoder instance %p => %d\n",
645                                data->level, (void *)data->ctx,
646                                (void *)current_encoder_inst, ok);
647                 } OSSL_TRACE_END(ENCODER);
648             }
649 
650             ossl_core_bio_free(cbio);
651             data->prev_encoder_inst = current_encoder_inst;
652         }
653     }
654 
655     /* Cleanup and collecting the result */
656 
657     OPENSSL_free(data->running_output);
658     data->running_output = NULL;
659 
660     /*
661      * Steal the output from the BIO_s_mem, if we did allocate one.
662      * That'll be the data for an object abstraction in the next round.
663      */
664     if (allocated_out != NULL) {
665         BUF_MEM *buf;
666 
667         BIO_get_mem_ptr(allocated_out, &buf);
668         data->running_output = (unsigned char *)buf->data;
669         data->running_output_length = buf->length;
670         memset(buf, 0, sizeof(*buf));
671     }
672 
673     BIO_free(allocated_out);
674     if (original_data != NULL)
675         data->ctx->cleanup(data->ctx->construct_data);
676     return ok;
677 }
678