encode.c 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461
  1. /* crypto/evp/encode.c */
  2. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  3. * All rights reserved.
  4. *
  5. * This package is an SSL implementation written
  6. * by Eric Young (eay@cryptsoft.com).
  7. * The implementation was written so as to conform with Netscapes SSL.
  8. *
  9. * This library is free for commercial and non-commercial use as long as
  10. * the following conditions are aheared to. The following conditions
  11. * apply to all code found in this distribution, be it the RC4, RSA,
  12. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  13. * included with this distribution is covered by the same copyright terms
  14. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15. *
  16. * Copyright remains Eric Young's, and as such any Copyright notices in
  17. * the code are not to be removed.
  18. * If this package is used in a product, Eric Young should be given attribution
  19. * as the author of the parts of the library used.
  20. * This can be in the form of a textual message at program startup or
  21. * in documentation (online or textual) provided with the package.
  22. *
  23. * Redistribution and use in source and binary forms, with or without
  24. * modification, are permitted provided that the following conditions
  25. * are met:
  26. * 1. Redistributions of source code must retain the copyright
  27. * notice, this list of conditions and the following disclaimer.
  28. * 2. Redistributions in binary form must reproduce the above copyright
  29. * notice, this list of conditions and the following disclaimer in the
  30. * documentation and/or other materials provided with the distribution.
  31. * 3. All advertising materials mentioning features or use of this software
  32. * must display the following acknowledgement:
  33. * "This product includes cryptographic software written by
  34. * Eric Young (eay@cryptsoft.com)"
  35. * The word 'cryptographic' can be left out if the rouines from the library
  36. * being used are not cryptographic related :-).
  37. * 4. If you include any Windows specific code (or a derivative thereof) from
  38. * the apps directory (application code) you must include an acknowledgement:
  39. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40. *
  41. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51. * SUCH DAMAGE.
  52. *
  53. * The licence and distribution terms for any publically available version or
  54. * derivative of this code cannot be changed. i.e. this code cannot simply be
  55. * copied and put under another distribution licence
  56. * [including the GNU Public Licence.]
  57. */
  58. #include <stdio.h>
  59. #include <limits.h>
  60. #include "cryptlib.h"
  61. #include <openssl/evp.h>
  62. static unsigned char conv_ascii2bin(unsigned char a);
  63. #ifndef CHARSET_EBCDIC
  64. # define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
  65. #else
  66. /*
  67. * We assume that PEM encoded files are EBCDIC files (i.e., printable text
  68. * files). Convert them here while decoding. When encoding, output is EBCDIC
  69. * (text) format again. (No need for conversion in the conv_bin2ascii macro,
  70. * as the underlying textstring data_bin2ascii[] is already EBCDIC)
  71. */
  72. # define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
  73. #endif
  74. /*-
  75. * 64 char lines
  76. * pad input with 0
  77. * left over chars are set to =
  78. * 1 byte => xx==
  79. * 2 bytes => xxx=
  80. * 3 bytes => xxxx
  81. */
  82. #define BIN_PER_LINE (64/4*3)
  83. #define CHUNKS_PER_LINE (64/4)
  84. #define CHAR_PER_LINE (64+1)
  85. static const unsigned char data_bin2ascii[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ\
  86. abcdefghijklmnopqrstuvwxyz0123456789+/";
  87. /*-
  88. * 0xF0 is a EOLN
  89. * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
  90. * 0xF2 is EOF
  91. * 0xE0 is ignore at start of line.
  92. * 0xFF is error
  93. */
  94. #define B64_EOLN 0xF0
  95. #define B64_CR 0xF1
  96. #define B64_EOF 0xF2
  97. #define B64_WS 0xE0
  98. #define B64_ERROR 0xFF
  99. #define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3)
  100. #define B64_BASE64(a) !B64_NOT_BASE64(a)
  101. static const unsigned char data_ascii2bin[128] = {
  102. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
  103. 0xFF, 0xE0, 0xF0, 0xFF, 0xFF, 0xF1, 0xFF, 0xFF,
  104. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
  105. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
  106. 0xE0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
  107. 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xF2, 0xFF, 0x3F,
  108. 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B,
  109. 0x3C, 0x3D, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF,
  110. 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
  111. 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
  112. 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
  113. 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
  114. 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
  115. 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
  116. 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
  117. 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
  118. };
  119. #ifndef CHARSET_EBCDIC
  120. static unsigned char conv_ascii2bin(unsigned char a)
  121. {
  122. if (a & 0x80)
  123. return B64_ERROR;
  124. return data_ascii2bin[a];
  125. }
  126. #else
  127. static unsigned char conv_ascii2bin(unsigned char a)
  128. {
  129. a = os_toascii[a];
  130. if (a & 0x80)
  131. return B64_ERROR;
  132. return data_ascii2bin[a];
  133. }
  134. #endif
  135. void EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
  136. {
  137. ctx->length = 48;
  138. ctx->num = 0;
  139. ctx->line_num = 0;
  140. }
  141. void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
  142. const unsigned char *in, int inl)
  143. {
  144. int i, j;
  145. size_t total = 0;
  146. *outl = 0;
  147. if (inl <= 0)
  148. return;
  149. OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
  150. if (ctx->length - ctx->num > inl) {
  151. memcpy(&(ctx->enc_data[ctx->num]), in, inl);
  152. ctx->num += inl;
  153. return;
  154. }
  155. if (ctx->num != 0) {
  156. i = ctx->length - ctx->num;
  157. memcpy(&(ctx->enc_data[ctx->num]), in, i);
  158. in += i;
  159. inl -= i;
  160. j = EVP_EncodeBlock(out, ctx->enc_data, ctx->length);
  161. ctx->num = 0;
  162. out += j;
  163. *(out++) = '\n';
  164. *out = '\0';
  165. total = j + 1;
  166. }
  167. while (inl >= ctx->length && total <= INT_MAX) {
  168. j = EVP_EncodeBlock(out, in, ctx->length);
  169. in += ctx->length;
  170. inl -= ctx->length;
  171. out += j;
  172. *(out++) = '\n';
  173. *out = '\0';
  174. total += j + 1;
  175. }
  176. if (total > INT_MAX) {
  177. /* Too much output data! */
  178. *outl = 0;
  179. return;
  180. }
  181. if (inl != 0)
  182. memcpy(&(ctx->enc_data[0]), in, inl);
  183. ctx->num = inl;
  184. *outl = total;
  185. }
  186. void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
  187. {
  188. unsigned int ret = 0;
  189. if (ctx->num != 0) {
  190. ret = EVP_EncodeBlock(out, ctx->enc_data, ctx->num);
  191. out[ret++] = '\n';
  192. out[ret] = '\0';
  193. ctx->num = 0;
  194. }
  195. *outl = ret;
  196. }
  197. int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
  198. {
  199. int i, ret = 0;
  200. unsigned long l;
  201. for (i = dlen; i > 0; i -= 3) {
  202. if (i >= 3) {
  203. l = (((unsigned long)f[0]) << 16L) |
  204. (((unsigned long)f[1]) << 8L) | f[2];
  205. *(t++) = conv_bin2ascii(l >> 18L);
  206. *(t++) = conv_bin2ascii(l >> 12L);
  207. *(t++) = conv_bin2ascii(l >> 6L);
  208. *(t++) = conv_bin2ascii(l);
  209. } else {
  210. l = ((unsigned long)f[0]) << 16L;
  211. if (i == 2)
  212. l |= ((unsigned long)f[1] << 8L);
  213. *(t++) = conv_bin2ascii(l >> 18L);
  214. *(t++) = conv_bin2ascii(l >> 12L);
  215. *(t++) = (i == 1) ? '=' : conv_bin2ascii(l >> 6L);
  216. *(t++) = '=';
  217. }
  218. ret += 4;
  219. f += 3;
  220. }
  221. *t = '\0';
  222. return (ret);
  223. }
  224. void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
  225. {
  226. /* Only ctx->num is used during decoding. */
  227. ctx->num = 0;
  228. ctx->length = 0;
  229. ctx->line_num = 0;
  230. ctx->expect_nl = 0;
  231. }
  232. /*-
  233. * -1 for error
  234. * 0 for last line
  235. * 1 for full line
  236. *
  237. * Note: even though EVP_DecodeUpdate attempts to detect and report end of
  238. * content, the context doesn't currently remember it and will accept more data
  239. * in the next call. Therefore, the caller is responsible for checking and
  240. * rejecting a 0 return value in the middle of content.
  241. *
  242. * Note: even though EVP_DecodeUpdate has historically tried to detect end of
  243. * content based on line length, this has never worked properly. Therefore,
  244. * we now return 0 when one of the following is true:
  245. * - Padding or B64_EOF was detected and the last block is complete.
  246. * - Input has zero-length.
  247. * -1 is returned if:
  248. * - Invalid characters are detected.
  249. * - There is extra trailing padding, or data after padding.
  250. * - B64_EOF is detected after an incomplete base64 block.
  251. */
  252. int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
  253. const unsigned char *in, int inl)
  254. {
  255. int seof = 0, eof = 0, rv = -1, ret = 0, i, v, tmp, n, decoded_len;
  256. unsigned char *d;
  257. n = ctx->num;
  258. d = ctx->enc_data;
  259. if (n > 0 && d[n - 1] == '=') {
  260. eof++;
  261. if (n > 1 && d[n - 2] == '=')
  262. eof++;
  263. }
  264. /* Legacy behaviour: an empty input chunk signals end of input. */
  265. if (inl == 0) {
  266. rv = 0;
  267. goto end;
  268. }
  269. for (i = 0; i < inl; i++) {
  270. tmp = *(in++);
  271. v = conv_ascii2bin(tmp);
  272. if (v == B64_ERROR) {
  273. rv = -1;
  274. goto end;
  275. }
  276. if (tmp == '=') {
  277. eof++;
  278. } else if (eof > 0 && B64_BASE64(v)) {
  279. /* More data after padding. */
  280. rv = -1;
  281. goto end;
  282. }
  283. if (eof > 2) {
  284. rv = -1;
  285. goto end;
  286. }
  287. if (v == B64_EOF) {
  288. seof = 1;
  289. goto tail;
  290. }
  291. /* Only save valid base64 characters. */
  292. if (B64_BASE64(v)) {
  293. if (n >= 64) {
  294. /*
  295. * We increment n once per loop, and empty the buffer as soon as
  296. * we reach 64 characters, so this can only happen if someone's
  297. * manually messed with the ctx. Refuse to write any more data.
  298. */
  299. rv = -1;
  300. goto end;
  301. }
  302. OPENSSL_assert(n < (int)sizeof(ctx->enc_data));
  303. d[n++] = tmp;
  304. }
  305. if (n == 64) {
  306. decoded_len = EVP_DecodeBlock(out, d, n);
  307. n = 0;
  308. if (decoded_len < 0 || eof > decoded_len) {
  309. rv = -1;
  310. goto end;
  311. }
  312. ret += decoded_len - eof;
  313. out += decoded_len - eof;
  314. }
  315. }
  316. /*
  317. * Legacy behaviour: if the current line is a full base64-block (i.e., has
  318. * 0 mod 4 base64 characters), it is processed immediately. We keep this
  319. * behaviour as applications may not be calling EVP_DecodeFinal properly.
  320. */
  321. tail:
  322. if (n > 0) {
  323. if ((n & 3) == 0) {
  324. decoded_len = EVP_DecodeBlock(out, d, n);
  325. n = 0;
  326. if (decoded_len < 0 || eof > decoded_len) {
  327. rv = -1;
  328. goto end;
  329. }
  330. ret += (decoded_len - eof);
  331. } else if (seof) {
  332. /* EOF in the middle of a base64 block. */
  333. rv = -1;
  334. goto end;
  335. }
  336. }
  337. rv = seof || (n == 0 && eof) ? 0 : 1;
  338. end:
  339. /* Legacy behaviour. This should probably rather be zeroed on error. */
  340. *outl = ret;
  341. ctx->num = n;
  342. return (rv);
  343. }
  344. int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
  345. {
  346. int i, ret = 0, a, b, c, d;
  347. unsigned long l;
  348. /* trim white space from the start of the line. */
  349. while ((conv_ascii2bin(*f) == B64_WS) && (n > 0)) {
  350. f++;
  351. n--;
  352. }
  353. /*
  354. * strip off stuff at the end of the line ascii2bin values B64_WS,
  355. * B64_EOLN, B64_EOLN and B64_EOF
  356. */
  357. while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n - 1]))))
  358. n--;
  359. if (n % 4 != 0)
  360. return (-1);
  361. for (i = 0; i < n; i += 4) {
  362. a = conv_ascii2bin(*(f++));
  363. b = conv_ascii2bin(*(f++));
  364. c = conv_ascii2bin(*(f++));
  365. d = conv_ascii2bin(*(f++));
  366. if ((a & 0x80) || (b & 0x80) || (c & 0x80) || (d & 0x80))
  367. return (-1);
  368. l = ((((unsigned long)a) << 18L) |
  369. (((unsigned long)b) << 12L) |
  370. (((unsigned long)c) << 6L) | (((unsigned long)d)));
  371. *(t++) = (unsigned char)(l >> 16L) & 0xff;
  372. *(t++) = (unsigned char)(l >> 8L) & 0xff;
  373. *(t++) = (unsigned char)(l) & 0xff;
  374. ret += 3;
  375. }
  376. return (ret);
  377. }
  378. int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
  379. {
  380. int i;
  381. *outl = 0;
  382. if (ctx->num != 0) {
  383. i = EVP_DecodeBlock(out, ctx->enc_data, ctx->num);
  384. if (i < 0)
  385. return (-1);
  386. ctx->num = 0;
  387. *outl = i;
  388. return (1);
  389. } else
  390. return (1);
  391. }
  392. #ifdef undef
  393. int EVP_DecodeValid(unsigned char *buf, int len)
  394. {
  395. int i, num = 0, bad = 0;
  396. if (len == 0)
  397. return (-1);
  398. while (conv_ascii2bin(*buf) == B64_WS) {
  399. buf++;
  400. len--;
  401. if (len == 0)
  402. return (-1);
  403. }
  404. for (i = len; i >= 4; i -= 4) {
  405. if ((conv_ascii2bin(buf[0]) >= 0x40) ||
  406. (conv_ascii2bin(buf[1]) >= 0x40) ||
  407. (conv_ascii2bin(buf[2]) >= 0x40) ||
  408. (conv_ascii2bin(buf[3]) >= 0x40))
  409. return (-1);
  410. buf += 4;
  411. num += 1 + (buf[2] != '=') + (buf[3] != '=');
  412. }
  413. if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
  414. return (num);
  415. if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
  416. (conv_ascii2bin(buf[0]) == B64_EOLN))
  417. return (num);
  418. return (1);
  419. }
  420. #endif