1 /*
2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <errno.h>
12 #include "internal/cryptlib.h"
13 #include <openssl/buffer.h>
14 #include <openssl/evp.h>
15 #include "internal/bio.h"
16
17 static int b64_write(BIO *h, const char *buf, int num);
18 static int b64_read(BIO *h, char *buf, int size);
19 static int b64_puts(BIO *h, const char *str);
20 static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
21 static int b64_new(BIO *h);
22 static int b64_free(BIO *data);
23 static long b64_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp);
24 #define B64_BLOCK_SIZE 1024
25 #define B64_BLOCK_SIZE2 768
26 #define B64_NONE 0
27 #define B64_ENCODE 1
28 #define B64_DECODE 2
29
30 typedef struct b64_struct {
31 /*
32 * BIO *bio; moved to the BIO structure
33 */
34 int buf_len;
35 int buf_off;
36 int tmp_len; /* used to find the start when decoding */
37 int tmp_nl; /* If true, scan until '\n' */
38 int encode;
39 int start; /* have we started decoding yet? */
40 int cont; /* <= 0 when finished */
41 EVP_ENCODE_CTX *base64;
42 unsigned char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE) + 10];
43 unsigned char tmp[B64_BLOCK_SIZE];
44 } BIO_B64_CTX;
45
46 static const BIO_METHOD methods_b64 = {
47 BIO_TYPE_BASE64,
48 "base64 encoding",
49 bwrite_conv,
50 b64_write,
51 bread_conv,
52 b64_read,
53 b64_puts,
54 NULL, /* b64_gets, */
55 b64_ctrl,
56 b64_new,
57 b64_free,
58 b64_callback_ctrl,
59 };
60
BIO_f_base64(void)61 const BIO_METHOD *BIO_f_base64(void)
62 {
63 return &methods_b64;
64 }
65
b64_new(BIO * bi)66 static int b64_new(BIO *bi)
67 {
68 BIO_B64_CTX *ctx;
69
70 if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL)
71 return 0;
72
73 ctx->cont = 1;
74 ctx->start = 1;
75 ctx->base64 = EVP_ENCODE_CTX_new();
76 if (ctx->base64 == NULL) {
77 OPENSSL_free(ctx);
78 return 0;
79 }
80
81 BIO_set_data(bi, ctx);
82 BIO_set_init(bi, 1);
83
84 return 1;
85 }
86
b64_free(BIO * a)87 static int b64_free(BIO *a)
88 {
89 BIO_B64_CTX *ctx;
90
91 if (a == NULL)
92 return 0;
93
94 ctx = BIO_get_data(a);
95 if (ctx == NULL)
96 return 0;
97
98 EVP_ENCODE_CTX_free(ctx->base64);
99 OPENSSL_free(ctx);
100 BIO_set_data(a, NULL);
101 BIO_set_init(a, 0);
102
103 return 1;
104 }
105
b64_read(BIO * b,char * out,int outl)106 static int b64_read(BIO *b, char *out, int outl)
107 {
108 int ret = 0, i, ii, j, k, x, n, num, ret_code = 0;
109 BIO_B64_CTX *ctx;
110 unsigned char *p, *q;
111 BIO *next;
112
113 if (out == NULL)
114 return 0;
115 ctx = (BIO_B64_CTX *)BIO_get_data(b);
116
117 next = BIO_next(b);
118 if (ctx == NULL || next == NULL)
119 return 0;
120
121 BIO_clear_retry_flags(b);
122
123 if (ctx->encode != B64_DECODE) {
124 ctx->encode = B64_DECODE;
125 ctx->buf_len = 0;
126 ctx->buf_off = 0;
127 ctx->tmp_len = 0;
128 EVP_DecodeInit(ctx->base64);
129 }
130
131 /* First check if there are bytes decoded/encoded */
132 if (ctx->buf_len > 0) {
133 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
134 i = ctx->buf_len - ctx->buf_off;
135 if (i > outl)
136 i = outl;
137 OPENSSL_assert(ctx->buf_off + i < (int)sizeof(ctx->buf));
138 memcpy(out, &(ctx->buf[ctx->buf_off]), i);
139 ret = i;
140 out += i;
141 outl -= i;
142 ctx->buf_off += i;
143 if (ctx->buf_len == ctx->buf_off) {
144 ctx->buf_len = 0;
145 ctx->buf_off = 0;
146 }
147 }
148
149 /*
150 * At this point, we have room of outl bytes and an empty buffer, so we
151 * should read in some more.
152 */
153
154 ret_code = 0;
155 while (outl > 0) {
156 if (ctx->cont <= 0)
157 break;
158
159 i = BIO_read(next, &(ctx->tmp[ctx->tmp_len]),
160 B64_BLOCK_SIZE - ctx->tmp_len);
161
162 if (i <= 0) {
163 ret_code = i;
164
165 /* Should we continue next time we are called? */
166 if (!BIO_should_retry(next)) {
167 ctx->cont = i;
168 /* If buffer empty break */
169 if (ctx->tmp_len == 0)
170 break;
171 /* Fall through and process what we have */
172 else
173 i = 0;
174 }
175 /* else we retry and add more data to buffer */
176 else
177 break;
178 }
179 i += ctx->tmp_len;
180 ctx->tmp_len = i;
181
182 /*
183 * We need to scan, a line at a time until we have a valid line if we
184 * are starting.
185 */
186 if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) != 0) {
187 ctx->tmp_len = 0;
188 } else if (ctx->start) {
189 q = p = ctx->tmp;
190 num = 0;
191 for (j = 0; j < i; j++) {
192 if (*(q++) != '\n')
193 continue;
194
195 /*
196 * due to a previous very long line, we need to keep on
197 * scanning for a '\n' before we even start looking for
198 * base64 encoded stuff.
199 */
200 if (ctx->tmp_nl) {
201 p = q;
202 ctx->tmp_nl = 0;
203 continue;
204 }
205
206 k = EVP_DecodeUpdate(ctx->base64, ctx->buf, &num, p, q - p);
207 if (k <= 0 && num == 0 && ctx->start) {
208 EVP_DecodeInit(ctx->base64);
209 } else {
210 if (p != ctx->tmp) {
211 i -= p - ctx->tmp;
212 for (x = 0; x < i; x++)
213 ctx->tmp[x] = p[x];
214 }
215 EVP_DecodeInit(ctx->base64);
216 ctx->start = 0;
217 break;
218 }
219 p = q;
220 }
221
222 /* we fell off the end without starting */
223 if (j == i && num == 0) {
224 /*
225 * Is this is one long chunk?, if so, keep on reading until a
226 * new line.
227 */
228 if (p == ctx->tmp) {
229 /* Check buffer full */
230 if (i == B64_BLOCK_SIZE) {
231 ctx->tmp_nl = 1;
232 ctx->tmp_len = 0;
233 }
234 } else if (p != q) { /* finished on a '\n' */
235 n = q - p;
236 for (ii = 0; ii < n; ii++)
237 ctx->tmp[ii] = p[ii];
238 ctx->tmp_len = n;
239 }
240 /* else finished on a '\n' */
241 continue;
242 } else {
243 ctx->tmp_len = 0;
244 }
245 } else if (i < B64_BLOCK_SIZE && ctx->cont > 0) {
246 /*
247 * If buffer isn't full and we can retry then restart to read in
248 * more data.
249 */
250 continue;
251 }
252
253 if ((BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) != 0) {
254 int z, jj;
255
256 jj = i & ~3; /* process per 4 */
257 z = EVP_DecodeBlock(ctx->buf, ctx->tmp, jj);
258 if (jj > 2) {
259 if (ctx->tmp[jj - 1] == '=') {
260 z--;
261 if (ctx->tmp[jj - 2] == '=')
262 z--;
263 }
264 }
265 /*
266 * z is now number of output bytes and jj is the number consumed
267 */
268 if (jj != i) {
269 memmove(ctx->tmp, &ctx->tmp[jj], i - jj);
270 ctx->tmp_len = i - jj;
271 }
272 ctx->buf_len = 0;
273 if (z > 0) {
274 ctx->buf_len = z;
275 }
276 i = z;
277 } else {
278 i = EVP_DecodeUpdate(ctx->base64, ctx->buf, &ctx->buf_len,
279 ctx->tmp, i);
280 ctx->tmp_len = 0;
281 }
282 /*
283 * If eof or an error was signalled, then the condition
284 * 'ctx->cont <= 0' will prevent b64_read() from reading
285 * more data on subsequent calls. This assignment was
286 * deleted accidentally in commit 5562cfaca4f3.
287 */
288 ctx->cont = i;
289
290 ctx->buf_off = 0;
291 if (i < 0) {
292 ret_code = 0;
293 ctx->buf_len = 0;
294 break;
295 }
296
297 if (ctx->buf_len <= outl)
298 i = ctx->buf_len;
299 else
300 i = outl;
301
302 memcpy(out, ctx->buf, i);
303 ret += i;
304 ctx->buf_off = i;
305 if (ctx->buf_off == ctx->buf_len) {
306 ctx->buf_len = 0;
307 ctx->buf_off = 0;
308 }
309 outl -= i;
310 out += i;
311 }
312 /* BIO_clear_retry_flags(b); */
313 BIO_copy_next_retry(b);
314 return ret == 0 ? ret_code : ret;
315 }
316
b64_write(BIO * b,const char * in,int inl)317 static int b64_write(BIO *b, const char *in, int inl)
318 {
319 int ret = 0;
320 int n;
321 int i;
322 BIO_B64_CTX *ctx;
323 BIO *next;
324
325 ctx = (BIO_B64_CTX *)BIO_get_data(b);
326 next = BIO_next(b);
327 if (ctx == NULL || next == NULL)
328 return 0;
329
330 BIO_clear_retry_flags(b);
331
332 if (ctx->encode != B64_ENCODE) {
333 ctx->encode = B64_ENCODE;
334 ctx->buf_len = 0;
335 ctx->buf_off = 0;
336 ctx->tmp_len = 0;
337 EVP_EncodeInit(ctx->base64);
338 }
339
340 OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf));
341 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
342 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
343 n = ctx->buf_len - ctx->buf_off;
344 while (n > 0) {
345 i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n);
346 if (i <= 0) {
347 BIO_copy_next_retry(b);
348 return i;
349 }
350 OPENSSL_assert(i <= n);
351 ctx->buf_off += i;
352 OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
353 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
354 n -= i;
355 }
356 /* at this point all pending data has been written */
357 ctx->buf_off = 0;
358 ctx->buf_len = 0;
359
360 if (in == NULL || inl <= 0)
361 return 0;
362
363 while (inl > 0) {
364 n = inl > B64_BLOCK_SIZE ? B64_BLOCK_SIZE : inl;
365
366 if ((BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) != 0) {
367 if (ctx->tmp_len > 0) {
368 OPENSSL_assert(ctx->tmp_len <= 3);
369 n = 3 - ctx->tmp_len;
370 /*
371 * There's a theoretical possibility for this
372 */
373 if (n > inl)
374 n = inl;
375 memcpy(&(ctx->tmp[ctx->tmp_len]), in, n);
376 ctx->tmp_len += n;
377 ret += n;
378 if (ctx->tmp_len < 3)
379 break;
380 ctx->buf_len =
381 EVP_EncodeBlock(ctx->buf, ctx->tmp, ctx->tmp_len);
382 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
383 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
384 /*
385 * Since we're now done using the temporary buffer, the
386 * length should be 0'd
387 */
388 ctx->tmp_len = 0;
389 } else {
390 if (n < 3) {
391 memcpy(ctx->tmp, in, n);
392 ctx->tmp_len = n;
393 ret += n;
394 break;
395 }
396 n -= n % 3;
397 ctx->buf_len =
398 EVP_EncodeBlock(ctx->buf, (unsigned char *)in, n);
399 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
400 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
401 ret += n;
402 }
403 } else {
404 if (!EVP_EncodeUpdate(ctx->base64, ctx->buf, &ctx->buf_len,
405 (unsigned char *)in, n))
406 return ret == 0 ? -1 : ret;
407 OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
408 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
409 ret += n;
410 }
411 inl -= n;
412 in += n;
413
414 ctx->buf_off = 0;
415 n = ctx->buf_len;
416 while (n > 0) {
417 i = BIO_write(next, &(ctx->buf[ctx->buf_off]), n);
418 if (i <= 0) {
419 BIO_copy_next_retry(b);
420 return ret == 0 ? i : ret;
421 }
422 OPENSSL_assert(i <= n);
423 n -= i;
424 ctx->buf_off += i;
425 OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
426 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
427 }
428 ctx->buf_len = 0;
429 ctx->buf_off = 0;
430 }
431 return ret;
432 }
433
b64_ctrl(BIO * b,int cmd,long num,void * ptr)434 static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
435 {
436 BIO_B64_CTX *ctx;
437 long ret = 1;
438 int i;
439 BIO *next;
440
441 ctx = (BIO_B64_CTX *)BIO_get_data(b);
442 next = BIO_next(b);
443 if (ctx == NULL || next == NULL)
444 return 0;
445
446 switch (cmd) {
447 case BIO_CTRL_RESET:
448 ctx->cont = 1;
449 ctx->start = 1;
450 ctx->encode = B64_NONE;
451 ret = BIO_ctrl(next, cmd, num, ptr);
452 break;
453 case BIO_CTRL_EOF: /* More to read */
454 if (ctx->cont <= 0)
455 ret = 1;
456 else
457 ret = BIO_ctrl(next, cmd, num, ptr);
458 break;
459 case BIO_CTRL_WPENDING: /* More to write in buffer */
460 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
461 ret = ctx->buf_len - ctx->buf_off;
462 if (ret == 0 && ctx->encode != B64_NONE
463 && EVP_ENCODE_CTX_num(ctx->base64) != 0)
464 ret = 1;
465 else if (ret <= 0)
466 ret = BIO_ctrl(next, cmd, num, ptr);
467 break;
468 case BIO_CTRL_PENDING: /* More to read in buffer */
469 OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
470 ret = ctx->buf_len - ctx->buf_off;
471 if (ret <= 0)
472 ret = BIO_ctrl(next, cmd, num, ptr);
473 break;
474 case BIO_CTRL_FLUSH:
475 /* do a final write */
476 again:
477 while (ctx->buf_len != ctx->buf_off) {
478 i = b64_write(b, NULL, 0);
479 if (i < 0)
480 return i;
481 }
482 if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
483 if (ctx->tmp_len != 0) {
484 ctx->buf_len = EVP_EncodeBlock(ctx->buf,
485 ctx->tmp, ctx->tmp_len);
486 ctx->buf_off = 0;
487 ctx->tmp_len = 0;
488 goto again;
489 }
490 } else if (ctx->encode != B64_NONE
491 && EVP_ENCODE_CTX_num(ctx->base64) != 0) {
492 ctx->buf_off = 0;
493 EVP_EncodeFinal(ctx->base64, ctx->buf, &(ctx->buf_len));
494 /* push out the bytes */
495 goto again;
496 }
497 /* Finally flush the underlying BIO */
498 ret = BIO_ctrl(next, cmd, num, ptr);
499 BIO_copy_next_retry(b);
500 break;
501
502 case BIO_C_DO_STATE_MACHINE:
503 BIO_clear_retry_flags(b);
504 ret = BIO_ctrl(next, cmd, num, ptr);
505 BIO_copy_next_retry(b);
506 break;
507
508 case BIO_CTRL_DUP:
509 break;
510 case BIO_CTRL_INFO:
511 case BIO_CTRL_GET:
512 case BIO_CTRL_SET:
513 default:
514 ret = BIO_ctrl(next, cmd, num, ptr);
515 break;
516 }
517 return ret;
518 }
519
b64_callback_ctrl(BIO * b,int cmd,BIO_info_cb * fp)520 static long b64_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp)
521 {
522 BIO *next = BIO_next(b);
523
524 if (next == NULL)
525 return 0;
526
527 return BIO_callback_ctrl(next, cmd, fp);
528 }
529
b64_puts(BIO * b,const char * str)530 static int b64_puts(BIO *b, const char *str)
531 {
532 return b64_write(b, str, strlen(str));
533 }
534