1 /* $OpenBSD: bio_enc.c,v 1.19 2015/09/10 15:56:25 jsing Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
63 #include <openssl/buffer.h>
64 #include <openssl/evp.h>
66 static int enc_write(BIO
*h
, const char *buf
, int num
);
67 static int enc_read(BIO
*h
, char *buf
, int size
);
68 /*static int enc_puts(BIO *h, const char *str); */
69 /*static int enc_gets(BIO *h, char *str, int size); */
70 static long enc_ctrl(BIO
*h
, int cmd
, long arg1
, void *arg2
);
71 static int enc_new(BIO
*h
);
72 static int enc_free(BIO
*data
);
73 static long enc_callback_ctrl(BIO
*h
, int cmd
, bio_info_cb
*fps
);
74 #define ENC_BLOCK_SIZE (1024*4)
75 #define BUF_OFFSET (EVP_MAX_BLOCK_LENGTH*2)
77 typedef struct enc_struct
{
80 int cont
; /* <= 0 when finished */
82 int ok
; /* bad decrypt */
83 EVP_CIPHER_CTX cipher
;
84 /* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate
85 * can return up to a block more data than is presented to it
87 char buf
[ENC_BLOCK_SIZE
+ BUF_OFFSET
+ 2];
90 static BIO_METHOD methods_enc
= {
91 .type
= BIO_TYPE_CIPHER
,
98 .callback_ctrl
= enc_callback_ctrl
104 return (&methods_enc
);
112 ctx
= malloc(sizeof(BIO_ENC_CTX
));
115 EVP_CIPHER_CTX_init(&ctx
->cipher
);
124 bi
->ptr
= (char *)ctx
;
136 b
= (BIO_ENC_CTX
*)a
->ptr
;
137 EVP_CIPHER_CTX_cleanup(&(b
->cipher
));
138 explicit_bzero(a
->ptr
, sizeof(BIO_ENC_CTX
));
147 enc_read(BIO
*b
, char *out
, int outl
)
154 ctx
= (BIO_ENC_CTX
*)b
->ptr
;
156 if ((ctx
== NULL
) || (b
->next_bio
== NULL
))
159 /* First check if there are bytes decoded/encoded */
160 if (ctx
->buf_len
> 0) {
161 i
= ctx
->buf_len
- ctx
->buf_off
;
164 memcpy(out
, &(ctx
->buf
[ctx
->buf_off
]), i
);
169 if (ctx
->buf_len
== ctx
->buf_off
) {
175 /* At this point, we have room of outl bytes and an empty
176 * buffer, so we should read in some more. */
182 /* read in at IV offset, read the EVP_Cipher
183 * documentation about why */
184 i
= BIO_read(b
->next_bio
, &(ctx
->buf
[BUF_OFFSET
]), ENC_BLOCK_SIZE
);
187 /* Should be continue next time we are called? */
188 if (!BIO_should_retry(b
->next_bio
)) {
190 i
= EVP_CipherFinal_ex(&(ctx
->cipher
),
191 (unsigned char *)ctx
->buf
,
196 ret
= (ret
== 0) ? i
: ret
;
200 EVP_CipherUpdate(&(ctx
->cipher
),
201 (unsigned char *)ctx
->buf
, &ctx
->buf_len
,
202 (unsigned char *)&(ctx
->buf
[BUF_OFFSET
]), i
);
204 /* Note: it is possible for EVP_CipherUpdate to
205 * decrypt zero bytes because this is or looks like
206 * the final block: if this happens we should retry
207 * and either read more data or decrypt the final
210 if (ctx
->buf_len
== 0)
214 if (ctx
->buf_len
<= outl
)
220 memcpy(out
, ctx
->buf
, i
);
227 BIO_clear_retry_flags(b
);
228 BIO_copy_next_retry(b
);
229 return ((ret
== 0) ? ctx
->cont
: ret
);
233 enc_write(BIO
*b
, const char *in
, int inl
)
238 ctx
= (BIO_ENC_CTX
*)b
->ptr
;
241 BIO_clear_retry_flags(b
);
242 n
= ctx
->buf_len
- ctx
->buf_off
;
244 i
= BIO_write(b
->next_bio
, &(ctx
->buf
[ctx
->buf_off
]), n
);
246 BIO_copy_next_retry(b
);
252 /* at this point all pending data has been written */
254 if ((in
== NULL
) || (inl
<= 0))
259 n
= (inl
> ENC_BLOCK_SIZE
) ? ENC_BLOCK_SIZE
: inl
;
260 EVP_CipherUpdate(&(ctx
->cipher
),
261 (unsigned char *)ctx
->buf
, &ctx
->buf_len
,
262 (unsigned char *)in
, n
);
269 i
= BIO_write(b
->next_bio
, &(ctx
->buf
[ctx
->buf_off
]), n
);
271 BIO_copy_next_retry(b
);
272 return (ret
== inl
) ? i
: ret
- inl
;
280 BIO_copy_next_retry(b
);
285 enc_ctrl(BIO
*b
, int cmd
, long num
, void *ptr
)
288 BIO_ENC_CTX
*ctx
, *dctx
;
291 EVP_CIPHER_CTX
**c_ctx
;
293 ctx
= (BIO_ENC_CTX
*)b
->ptr
;
299 EVP_CipherInit_ex(&(ctx
->cipher
), NULL
, NULL
, NULL
, NULL
,
300 ctx
->cipher
.encrypt
);
301 ret
= BIO_ctrl(b
->next_bio
, cmd
, num
, ptr
);
303 case BIO_CTRL_EOF
: /* More to read */
307 ret
= BIO_ctrl(b
->next_bio
, cmd
, num
, ptr
);
309 case BIO_CTRL_WPENDING
:
310 ret
= ctx
->buf_len
- ctx
->buf_off
;
312 ret
= BIO_ctrl(b
->next_bio
, cmd
, num
, ptr
);
314 case BIO_CTRL_PENDING
: /* More to read in buffer */
315 ret
= ctx
->buf_len
- ctx
->buf_off
;
317 ret
= BIO_ctrl(b
->next_bio
, cmd
, num
, ptr
);
320 /* do a final write */
322 while (ctx
->buf_len
!= ctx
->buf_off
) {
323 i
= enc_write(b
, NULL
, 0);
328 if (!ctx
->finished
) {
331 ret
= EVP_CipherFinal_ex(&(ctx
->cipher
),
332 (unsigned char *)ctx
->buf
,
338 /* push out the bytes */
342 /* Finally flush the underlying BIO */
343 ret
= BIO_ctrl(b
->next_bio
, cmd
, num
, ptr
);
345 case BIO_C_GET_CIPHER_STATUS
:
348 case BIO_C_DO_STATE_MACHINE
:
349 BIO_clear_retry_flags(b
);
350 ret
= BIO_ctrl(b
->next_bio
, cmd
, num
, ptr
);
351 BIO_copy_next_retry(b
);
353 case BIO_C_GET_CIPHER_CTX
:
354 c_ctx
= (EVP_CIPHER_CTX
**)ptr
;
355 (*c_ctx
) = &(ctx
->cipher
);
360 dctx
= (BIO_ENC_CTX
*)dbio
->ptr
;
361 EVP_CIPHER_CTX_init(&dctx
->cipher
);
362 ret
= EVP_CIPHER_CTX_copy(&dctx
->cipher
, &ctx
->cipher
);
367 ret
= BIO_ctrl(b
->next_bio
, cmd
, num
, ptr
);
374 enc_callback_ctrl(BIO
*b
, int cmd
, bio_info_cb
*fp
)
378 if (b
->next_bio
== NULL
)
382 ret
= BIO_callback_ctrl(b
->next_bio
, cmd
, fp
);
389 void BIO_set_cipher_ctx(b,c)
393 if (b == NULL) return;
395 if ((b->callback != NULL) &&
396 (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
400 ctx=(BIO_ENC_CTX *)b->ptr;
401 memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
403 if (b->callback != NULL)
404 b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
409 BIO_set_cipher(BIO
*b
, const EVP_CIPHER
*c
, const unsigned char *k
,
410 const unsigned char *i
, int e
)
417 if ((b
->callback
!= NULL
) &&
418 (b
->callback(b
, BIO_CB_CTRL
, (const char *)c
, BIO_CTRL_SET
, e
, 0L) <= 0))
422 ctx
= (BIO_ENC_CTX
*)b
->ptr
;
423 EVP_CipherInit_ex(&(ctx
->cipher
), c
, NULL
, k
, i
, e
);
425 if (b
->callback
!= NULL
)
426 b
->callback(b
, BIO_CB_CTRL
, (const char *)c
, BIO_CTRL_SET
, e
, 1L);