encode.c revision 291721
1/* crypto/evp/encode.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59#include <stdio.h> 60#include "cryptlib.h" 61#include <openssl/evp.h> 62 63static unsigned char conv_ascii2bin(unsigned char a); 64#ifndef CHARSET_EBCDIC 65# define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f]) 66#else 67/* 68 * We assume that PEM encoded files are EBCDIC files (i.e., printable text 69 * files). Convert them here while decoding. When encoding, output is EBCDIC 70 * (text) format again. (No need for conversion in the conv_bin2ascii macro, 71 * as the underlying textstring data_bin2ascii[] is already EBCDIC) 72 */ 73# define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f]) 74#endif 75 76/*- 77 * 64 char lines 78 * pad input with 0 79 * left over chars are set to = 80 * 1 byte => xx== 81 * 2 bytes => xxx= 82 * 3 bytes => xxxx 83 */ 84#define BIN_PER_LINE (64/4*3) 85#define CHUNKS_PER_LINE (64/4) 86#define CHAR_PER_LINE (64+1) 87 88static const unsigned char data_bin2ascii[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ\ 89abcdefghijklmnopqrstuvwxyz0123456789+/"; 90 91/*- 92 * 0xF0 is a EOLN 93 * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing). 94 * 0xF2 is EOF 95 * 0xE0 is ignore at start of line. 96 * 0xFF is error 97 */ 98 99#define B64_EOLN 0xF0 100#define B64_CR 0xF1 101#define B64_EOF 0xF2 102#define B64_WS 0xE0 103#define B64_ERROR 0xFF 104#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3) 105#define B64_BASE64(a) !B64_NOT_BASE64(a) 106 107static const unsigned char data_ascii2bin[128] = { 108 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 109 0xFF, 0xE0, 0xF0, 0xFF, 0xFF, 0xF1, 0xFF, 0xFF, 110 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 111 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 112 0xE0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 113 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xF2, 0xFF, 0x3F, 114 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 115 0x3C, 0x3D, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF, 116 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 117 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 118 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 119 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 120 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 121 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 122 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 123 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 124}; 125 126#ifndef CHARSET_EBCDIC 127static unsigned char conv_ascii2bin(unsigned char a) 128{ 129 if (a & 0x80) 130 return B64_ERROR; 131 return data_ascii2bin[a]; 132} 133#else 134static unsigned char conv_ascii2bin(unsigned char a) 135{ 136 a = os_toascii[a]; 137 if (a & 0x80) 138 return B64_ERROR; 139 return data_ascii2bin[a]; 140} 141#endif 142 143void EVP_EncodeInit(EVP_ENCODE_CTX *ctx) 144{ 145 ctx->length = 48; 146 ctx->num = 0; 147 ctx->line_num = 0; 148} 149 150void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, 151 const unsigned char *in, int inl) 152{ 153 int i, j; 154 unsigned int total = 0; 155 156 *outl = 0; 157 if (inl <= 0) 158 return; 159 OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data)); 160 if ((ctx->num + inl) < ctx->length) { 161 memcpy(&(ctx->enc_data[ctx->num]), in, inl); 162 ctx->num += inl; 163 return; 164 } 165 if (ctx->num != 0) { 166 i = ctx->length - ctx->num; 167 memcpy(&(ctx->enc_data[ctx->num]), in, i); 168 in += i; 169 inl -= i; 170 j = EVP_EncodeBlock(out, ctx->enc_data, ctx->length); 171 ctx->num = 0; 172 out += j; 173 *(out++) = '\n'; 174 *out = '\0'; 175 total = j + 1; 176 } 177 while (inl >= ctx->length) { 178 j = EVP_EncodeBlock(out, in, ctx->length); 179 in += ctx->length; 180 inl -= ctx->length; 181 out += j; 182 *(out++) = '\n'; 183 *out = '\0'; 184 total += j + 1; 185 } 186 if (inl != 0) 187 memcpy(&(ctx->enc_data[0]), in, inl); 188 ctx->num = inl; 189 *outl = total; 190} 191 192void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl) 193{ 194 unsigned int ret = 0; 195 196 if (ctx->num != 0) { 197 ret = EVP_EncodeBlock(out, ctx->enc_data, ctx->num); 198 out[ret++] = '\n'; 199 out[ret] = '\0'; 200 ctx->num = 0; 201 } 202 *outl = ret; 203} 204 205int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen) 206{ 207 int i, ret = 0; 208 unsigned long l; 209 210 for (i = dlen; i > 0; i -= 3) { 211 if (i >= 3) { 212 l = (((unsigned long)f[0]) << 16L) | 213 (((unsigned long)f[1]) << 8L) | f[2]; 214 *(t++) = conv_bin2ascii(l >> 18L); 215 *(t++) = conv_bin2ascii(l >> 12L); 216 *(t++) = conv_bin2ascii(l >> 6L); 217 *(t++) = conv_bin2ascii(l); 218 } else { 219 l = ((unsigned long)f[0]) << 16L; 220 if (i == 2) 221 l |= ((unsigned long)f[1] << 8L); 222 223 *(t++) = conv_bin2ascii(l >> 18L); 224 *(t++) = conv_bin2ascii(l >> 12L); 225 *(t++) = (i == 1) ? '=' : conv_bin2ascii(l >> 6L); 226 *(t++) = '='; 227 } 228 ret += 4; 229 f += 3; 230 } 231 232 *t = '\0'; 233 return (ret); 234} 235 236void EVP_DecodeInit(EVP_ENCODE_CTX *ctx) 237{ 238 /* Only ctx->num is used during decoding. */ 239 ctx->num = 0; 240 ctx->length = 0; 241 ctx->line_num = 0; 242 ctx->expect_nl = 0; 243} 244 245/*- 246 * -1 for error 247 * 0 for last line 248 * 1 for full line 249 * 250 * Note: even though EVP_DecodeUpdate attempts to detect and report end of 251 * content, the context doesn't currently remember it and will accept more data 252 * in the next call. Therefore, the caller is responsible for checking and 253 * rejecting a 0 return value in the middle of content. 254 * 255 * Note: even though EVP_DecodeUpdate has historically tried to detect end of 256 * content based on line length, this has never worked properly. Therefore, 257 * we now return 0 when one of the following is true: 258 * - Padding or B64_EOF was detected and the last block is complete. 259 * - Input has zero-length. 260 * -1 is returned if: 261 * - Invalid characters are detected. 262 * - There is extra trailing padding, or data after padding. 263 * - B64_EOF is detected after an incomplete base64 block. 264 */ 265int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, 266 const unsigned char *in, int inl) 267{ 268 int seof = 0, eof = 0, rv = -1, ret = 0, i, v, tmp, n, decoded_len; 269 unsigned char *d; 270 271 n = ctx->num; 272 d = ctx->enc_data; 273 274 if (n > 0 && d[n - 1] == '=') { 275 eof++; 276 if (n > 1 && d[n - 2] == '=') 277 eof++; 278 } 279 280 /* Legacy behaviour: an empty input chunk signals end of input. */ 281 if (inl == 0) { 282 rv = 0; 283 goto end; 284 } 285 286 for (i = 0; i < inl; i++) { 287 tmp = *(in++); 288 v = conv_ascii2bin(tmp); 289 if (v == B64_ERROR) { 290 rv = -1; 291 goto end; 292 } 293 294 if (tmp == '=') { 295 eof++; 296 } else if (eof > 0 && B64_BASE64(v)) { 297 /* More data after padding. */ 298 rv = -1; 299 goto end; 300 } 301 302 if (eof > 2) { 303 rv = -1; 304 goto end; 305 } 306 307 if (v == B64_EOF) { 308 seof = 1; 309 goto tail; 310 } 311 312 /* Only save valid base64 characters. */ 313 if (B64_BASE64(v)) { 314 if (n >= 64) { 315 /* 316 * We increment n once per loop, and empty the buffer as soon as 317 * we reach 64 characters, so this can only happen if someone's 318 * manually messed with the ctx. Refuse to write any more data. 319 */ 320 rv = -1; 321 goto end; 322 } 323 OPENSSL_assert(n < (int)sizeof(ctx->enc_data)); 324 d[n++] = tmp; 325 } 326 327 if (n == 64) { 328 decoded_len = EVP_DecodeBlock(out, d, n); 329 n = 0; 330 if (decoded_len < 0 || eof > decoded_len) { 331 rv = -1; 332 goto end; 333 } 334 ret += decoded_len - eof; 335 out += decoded_len - eof; 336 } 337 } 338 339 /* 340 * Legacy behaviour: if the current line is a full base64-block (i.e., has 341 * 0 mod 4 base64 characters), it is processed immediately. We keep this 342 * behaviour as applications may not be calling EVP_DecodeFinal properly. 343 */ 344tail: 345 if (n > 0) { 346 if ((n & 3) == 0) { 347 decoded_len = EVP_DecodeBlock(out, d, n); 348 n = 0; 349 if (decoded_len < 0 || eof > decoded_len) { 350 rv = -1; 351 goto end; 352 } 353 ret += (decoded_len - eof); 354 } else if (seof) { 355 /* EOF in the middle of a base64 block. */ 356 rv = -1; 357 goto end; 358 } 359 } 360 361 rv = seof || (n == 0 && eof) ? 0 : 1; 362end: 363 /* Legacy behaviour. This should probably rather be zeroed on error. */ 364 *outl = ret; 365 ctx->num = n; 366 return (rv); 367} 368 369int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n) 370{ 371 int i, ret = 0, a, b, c, d; 372 unsigned long l; 373 374 /* trim white space from the start of the line. */ 375 while ((conv_ascii2bin(*f) == B64_WS) && (n > 0)) { 376 f++; 377 n--; 378 } 379 380 /* 381 * strip off stuff at the end of the line ascii2bin values B64_WS, 382 * B64_EOLN, B64_EOLN and B64_EOF 383 */ 384 while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n - 1])))) 385 n--; 386 387 if (n % 4 != 0) 388 return (-1); 389 390 for (i = 0; i < n; i += 4) { 391 a = conv_ascii2bin(*(f++)); 392 b = conv_ascii2bin(*(f++)); 393 c = conv_ascii2bin(*(f++)); 394 d = conv_ascii2bin(*(f++)); 395 if ((a & 0x80) || (b & 0x80) || (c & 0x80) || (d & 0x80)) 396 return (-1); 397 l = ((((unsigned long)a) << 18L) | 398 (((unsigned long)b) << 12L) | 399 (((unsigned long)c) << 6L) | (((unsigned long)d))); 400 *(t++) = (unsigned char)(l >> 16L) & 0xff; 401 *(t++) = (unsigned char)(l >> 8L) & 0xff; 402 *(t++) = (unsigned char)(l) & 0xff; 403 ret += 3; 404 } 405 return (ret); 406} 407 408int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl) 409{ 410 int i; 411 412 *outl = 0; 413 if (ctx->num != 0) { 414 i = EVP_DecodeBlock(out, ctx->enc_data, ctx->num); 415 if (i < 0) 416 return (-1); 417 ctx->num = 0; 418 *outl = i; 419 return (1); 420 } else 421 return (1); 422} 423 424#ifdef undef 425int EVP_DecodeValid(unsigned char *buf, int len) 426{ 427 int i, num = 0, bad = 0; 428 429 if (len == 0) 430 return (-1); 431 while (conv_ascii2bin(*buf) == B64_WS) { 432 buf++; 433 len--; 434 if (len == 0) 435 return (-1); 436 } 437 438 for (i = len; i >= 4; i -= 4) { 439 if ((conv_ascii2bin(buf[0]) >= 0x40) || 440 (conv_ascii2bin(buf[1]) >= 0x40) || 441 (conv_ascii2bin(buf[2]) >= 0x40) || 442 (conv_ascii2bin(buf[3]) >= 0x40)) 443 return (-1); 444 buf += 4; 445 num += 1 + (buf[2] != '=') + (buf[3] != '='); 446 } 447 if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN)) 448 return (num); 449 if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) && 450 (conv_ascii2bin(buf[0]) == B64_EOLN)) 451 return (num); 452 return (1); 453} 454#endif 455