2
0

loader_file.c 44 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441
  1. /*
  2. * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include "e_os.h"
  10. #include <string.h>
  11. #include <sys/stat.h>
  12. #include <ctype.h>
  13. #include <assert.h>
  14. #include <openssl/bio.h>
  15. #include <openssl/dsa.h> /* For d2i_DSAPrivateKey */
  16. #include <openssl/err.h>
  17. #include <openssl/evp.h>
  18. #include <openssl/pem.h>
  19. #include <openssl/pkcs12.h> /* For the PKCS8 stuff o.O */
  20. #include <openssl/rsa.h> /* For d2i_RSAPrivateKey */
  21. #include <openssl/safestack.h>
  22. #include <openssl/store.h>
  23. #include <openssl/ui.h>
  24. #include <openssl/x509.h> /* For the PKCS8 stuff o.O */
  25. #include "crypto/asn1.h"
  26. #include "crypto/ctype.h"
  27. #include "internal/o_dir.h"
  28. #include "internal/cryptlib.h"
  29. #include "crypto/store.h"
  30. #include "store_local.h"
  31. #ifdef _WIN32
  32. # define stat _stat
  33. #endif
  34. #ifndef S_ISDIR
  35. # define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
  36. #endif
  37. /*-
  38. * Password prompting
  39. * ------------------
  40. */
  41. static char *file_get_pass(const UI_METHOD *ui_method, char *pass,
  42. size_t maxsize, const char *prompt_info, void *data)
  43. {
  44. UI *ui = UI_new();
  45. char *prompt = NULL;
  46. if (ui == NULL) {
  47. OSSL_STOREerr(OSSL_STORE_F_FILE_GET_PASS, ERR_R_MALLOC_FAILURE);
  48. return NULL;
  49. }
  50. if (ui_method != NULL)
  51. UI_set_method(ui, ui_method);
  52. UI_add_user_data(ui, data);
  53. if ((prompt = UI_construct_prompt(ui, "pass phrase",
  54. prompt_info)) == NULL) {
  55. OSSL_STOREerr(OSSL_STORE_F_FILE_GET_PASS, ERR_R_MALLOC_FAILURE);
  56. pass = NULL;
  57. } else if (!UI_add_input_string(ui, prompt, UI_INPUT_FLAG_DEFAULT_PWD,
  58. pass, 0, maxsize - 1)) {
  59. OSSL_STOREerr(OSSL_STORE_F_FILE_GET_PASS, ERR_R_UI_LIB);
  60. pass = NULL;
  61. } else {
  62. switch (UI_process(ui)) {
  63. case -2:
  64. OSSL_STOREerr(OSSL_STORE_F_FILE_GET_PASS,
  65. OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED);
  66. pass = NULL;
  67. break;
  68. case -1:
  69. OSSL_STOREerr(OSSL_STORE_F_FILE_GET_PASS, ERR_R_UI_LIB);
  70. pass = NULL;
  71. break;
  72. default:
  73. break;
  74. }
  75. }
  76. OPENSSL_free(prompt);
  77. UI_free(ui);
  78. return pass;
  79. }
  80. struct pem_pass_data {
  81. const UI_METHOD *ui_method;
  82. void *data;
  83. const char *prompt_info;
  84. };
  85. static int file_fill_pem_pass_data(struct pem_pass_data *pass_data,
  86. const char *prompt_info,
  87. const UI_METHOD *ui_method, void *ui_data)
  88. {
  89. if (pass_data == NULL)
  90. return 0;
  91. pass_data->ui_method = ui_method;
  92. pass_data->data = ui_data;
  93. pass_data->prompt_info = prompt_info;
  94. return 1;
  95. }
  96. /* This is used anywhere a pem_password_cb is needed */
  97. static int file_get_pem_pass(char *buf, int num, int w, void *data)
  98. {
  99. struct pem_pass_data *pass_data = data;
  100. char *pass = file_get_pass(pass_data->ui_method, buf, num,
  101. pass_data->prompt_info, pass_data->data);
  102. return pass == NULL ? 0 : strlen(pass);
  103. }
  104. /*-
  105. * The file scheme decoders
  106. * ------------------------
  107. *
  108. * Each possible data type has its own decoder, which either operates
  109. * through a given PEM name, or attempts to decode to see if the blob
  110. * it's given is decodable for its data type. The assumption is that
  111. * only the correct data type will match the content.
  112. */
  113. /*-
  114. * The try_decode function is called to check if the blob of data can
  115. * be used by this handler, and if it can, decodes it into a supported
  116. * OpenSSL type and returns a OSSL_STORE_INFO with the decoded data.
  117. * Input:
  118. * pem_name: If this blob comes from a PEM file, this holds
  119. * the PEM name. If it comes from another type of
  120. * file, this is NULL.
  121. * pem_header: If this blob comes from a PEM file, this holds
  122. * the PEM headers. If it comes from another type of
  123. * file, this is NULL.
  124. * blob: The blob of data to match with what this handler
  125. * can use.
  126. * len: The length of the blob.
  127. * handler_ctx: For a handler marked repeatable, this pointer can
  128. * be used to create a context for the handler. IT IS
  129. * THE HANDLER'S RESPONSIBILITY TO CREATE AND DESTROY
  130. * THIS CONTEXT APPROPRIATELY, i.e. create on first call
  131. * and destroy when about to return NULL.
  132. * matchcount: A pointer to an int to count matches for this data.
  133. * Usually becomes 0 (no match) or 1 (match!), but may
  134. * be higher in the (unlikely) event that the data matches
  135. * more than one possibility. The int will always be
  136. * zero when the function is called.
  137. * ui_method: Application UI method for getting a password, pin
  138. * or any other interactive data.
  139. * ui_data: Application data to be passed to ui_method when
  140. * it's called.
  141. * Output:
  142. * a OSSL_STORE_INFO
  143. */
  144. typedef OSSL_STORE_INFO *(*file_try_decode_fn)(const char *pem_name,
  145. const char *pem_header,
  146. const unsigned char *blob,
  147. size_t len, void **handler_ctx,
  148. int *matchcount,
  149. const UI_METHOD *ui_method,
  150. void *ui_data);
  151. /*
  152. * The eof function should return 1 if there's no more data to be found
  153. * with the handler_ctx, otherwise 0. This is only used when the handler is
  154. * marked repeatable.
  155. */
  156. typedef int (*file_eof_fn)(void *handler_ctx);
  157. /*
  158. * The destroy_ctx function is used to destroy the handler_ctx that was
  159. * initiated by a repeatable try_decode function. This is only used when
  160. * the handler is marked repeatable.
  161. */
  162. typedef void (*file_destroy_ctx_fn)(void **handler_ctx);
  163. typedef struct file_handler_st {
  164. const char *name;
  165. file_try_decode_fn try_decode;
  166. file_eof_fn eof;
  167. file_destroy_ctx_fn destroy_ctx;
  168. /* flags */
  169. int repeatable;
  170. } FILE_HANDLER;
  171. /*
  172. * PKCS#12 decoder. It operates by decoding all of the blob content,
  173. * extracting all the interesting data from it and storing them internally,
  174. * then serving them one piece at a time.
  175. */
  176. static OSSL_STORE_INFO *try_decode_PKCS12(const char *pem_name,
  177. const char *pem_header,
  178. const unsigned char *blob,
  179. size_t len, void **pctx,
  180. int *matchcount,
  181. const UI_METHOD *ui_method,
  182. void *ui_data)
  183. {
  184. OSSL_STORE_INFO *store_info = NULL;
  185. STACK_OF(OSSL_STORE_INFO) *ctx = *pctx;
  186. if (ctx == NULL) {
  187. /* Initial parsing */
  188. PKCS12 *p12;
  189. int ok = 0;
  190. if (pem_name != NULL)
  191. /* No match, there is no PEM PKCS12 tag */
  192. return NULL;
  193. if ((p12 = d2i_PKCS12(NULL, &blob, len)) != NULL) {
  194. char *pass = NULL;
  195. char tpass[PEM_BUFSIZE];
  196. EVP_PKEY *pkey = NULL;
  197. X509 *cert = NULL;
  198. STACK_OF(X509) *chain = NULL;
  199. *matchcount = 1;
  200. if (PKCS12_verify_mac(p12, "", 0)
  201. || PKCS12_verify_mac(p12, NULL, 0)) {
  202. pass = "";
  203. } else {
  204. if ((pass = file_get_pass(ui_method, tpass, PEM_BUFSIZE,
  205. "PKCS12 import password",
  206. ui_data)) == NULL) {
  207. OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PKCS12,
  208. OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR);
  209. goto p12_end;
  210. }
  211. if (!PKCS12_verify_mac(p12, pass, strlen(pass))) {
  212. OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PKCS12,
  213. OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC);
  214. goto p12_end;
  215. }
  216. }
  217. if (PKCS12_parse(p12, pass, &pkey, &cert, &chain)) {
  218. OSSL_STORE_INFO *osi_pkey = NULL;
  219. OSSL_STORE_INFO *osi_cert = NULL;
  220. OSSL_STORE_INFO *osi_ca = NULL;
  221. if ((ctx = sk_OSSL_STORE_INFO_new_null()) != NULL
  222. && (osi_pkey = OSSL_STORE_INFO_new_PKEY(pkey)) != NULL
  223. && sk_OSSL_STORE_INFO_push(ctx, osi_pkey) != 0
  224. && (osi_cert = OSSL_STORE_INFO_new_CERT(cert)) != NULL
  225. && sk_OSSL_STORE_INFO_push(ctx, osi_cert) != 0) {
  226. ok = 1;
  227. osi_pkey = NULL;
  228. osi_cert = NULL;
  229. while(sk_X509_num(chain) > 0) {
  230. X509 *ca = sk_X509_value(chain, 0);
  231. if ((osi_ca = OSSL_STORE_INFO_new_CERT(ca)) == NULL
  232. || sk_OSSL_STORE_INFO_push(ctx, osi_ca) == 0) {
  233. ok = 0;
  234. break;
  235. }
  236. osi_ca = NULL;
  237. (void)sk_X509_shift(chain);
  238. }
  239. }
  240. if (!ok) {
  241. OSSL_STORE_INFO_free(osi_ca);
  242. OSSL_STORE_INFO_free(osi_cert);
  243. OSSL_STORE_INFO_free(osi_pkey);
  244. sk_OSSL_STORE_INFO_pop_free(ctx, OSSL_STORE_INFO_free);
  245. EVP_PKEY_free(pkey);
  246. X509_free(cert);
  247. sk_X509_pop_free(chain, X509_free);
  248. ctx = NULL;
  249. }
  250. *pctx = ctx;
  251. }
  252. }
  253. p12_end:
  254. PKCS12_free(p12);
  255. if (!ok)
  256. return NULL;
  257. }
  258. if (ctx != NULL) {
  259. *matchcount = 1;
  260. store_info = sk_OSSL_STORE_INFO_shift(ctx);
  261. }
  262. return store_info;
  263. }
  264. static int eof_PKCS12(void *ctx_)
  265. {
  266. STACK_OF(OSSL_STORE_INFO) *ctx = ctx_;
  267. return ctx == NULL || sk_OSSL_STORE_INFO_num(ctx) == 0;
  268. }
  269. static void destroy_ctx_PKCS12(void **pctx)
  270. {
  271. STACK_OF(OSSL_STORE_INFO) *ctx = *pctx;
  272. sk_OSSL_STORE_INFO_pop_free(ctx, OSSL_STORE_INFO_free);
  273. *pctx = NULL;
  274. }
  275. static FILE_HANDLER PKCS12_handler = {
  276. "PKCS12",
  277. try_decode_PKCS12,
  278. eof_PKCS12,
  279. destroy_ctx_PKCS12,
  280. 1 /* repeatable */
  281. };
  282. /*
  283. * Encrypted PKCS#8 decoder. It operates by just decrypting the given blob
  284. * into a new blob, which is returned as an EMBEDDED STORE_INFO. The whole
  285. * decoding process will then start over with the new blob.
  286. */
  287. static OSSL_STORE_INFO *try_decode_PKCS8Encrypted(const char *pem_name,
  288. const char *pem_header,
  289. const unsigned char *blob,
  290. size_t len, void **pctx,
  291. int *matchcount,
  292. const UI_METHOD *ui_method,
  293. void *ui_data)
  294. {
  295. X509_SIG *p8 = NULL;
  296. char kbuf[PEM_BUFSIZE];
  297. char *pass = NULL;
  298. const X509_ALGOR *dalg = NULL;
  299. const ASN1_OCTET_STRING *doct = NULL;
  300. OSSL_STORE_INFO *store_info = NULL;
  301. BUF_MEM *mem = NULL;
  302. unsigned char *new_data = NULL;
  303. int new_data_len;
  304. if (pem_name != NULL) {
  305. if (strcmp(pem_name, PEM_STRING_PKCS8) != 0)
  306. return NULL;
  307. *matchcount = 1;
  308. }
  309. if ((p8 = d2i_X509_SIG(NULL, &blob, len)) == NULL)
  310. return NULL;
  311. *matchcount = 1;
  312. if ((mem = BUF_MEM_new()) == NULL) {
  313. OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED,
  314. ERR_R_MALLOC_FAILURE);
  315. goto nop8;
  316. }
  317. if ((pass = file_get_pass(ui_method, kbuf, PEM_BUFSIZE,
  318. "PKCS8 decrypt password", ui_data)) == NULL) {
  319. OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED,
  320. OSSL_STORE_R_BAD_PASSWORD_READ);
  321. goto nop8;
  322. }
  323. X509_SIG_get0(p8, &dalg, &doct);
  324. if (!PKCS12_pbe_crypt(dalg, pass, strlen(pass), doct->data, doct->length,
  325. &new_data, &new_data_len, 0))
  326. goto nop8;
  327. mem->data = (char *)new_data;
  328. mem->max = mem->length = (size_t)new_data_len;
  329. X509_SIG_free(p8);
  330. store_info = ossl_store_info_new_EMBEDDED(PEM_STRING_PKCS8INF, mem);
  331. if (store_info == NULL) {
  332. OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED,
  333. ERR_R_MALLOC_FAILURE);
  334. goto nop8;
  335. }
  336. return store_info;
  337. nop8:
  338. X509_SIG_free(p8);
  339. BUF_MEM_free(mem);
  340. return NULL;
  341. }
  342. static FILE_HANDLER PKCS8Encrypted_handler = {
  343. "PKCS8Encrypted",
  344. try_decode_PKCS8Encrypted
  345. };
  346. /*
  347. * Private key decoder. Decodes all sorts of private keys, both PKCS#8
  348. * encoded ones and old style PEM ones (with the key type is encoded into
  349. * the PEM name).
  350. */
  351. int pem_check_suffix(const char *pem_str, const char *suffix);
  352. static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,
  353. const char *pem_header,
  354. const unsigned char *blob,
  355. size_t len, void **pctx,
  356. int *matchcount,
  357. const UI_METHOD *ui_method,
  358. void *ui_data)
  359. {
  360. OSSL_STORE_INFO *store_info = NULL;
  361. EVP_PKEY *pkey = NULL;
  362. const EVP_PKEY_ASN1_METHOD *ameth = NULL;
  363. if (pem_name != NULL) {
  364. if (strcmp(pem_name, PEM_STRING_PKCS8INF) == 0) {
  365. PKCS8_PRIV_KEY_INFO *p8inf =
  366. d2i_PKCS8_PRIV_KEY_INFO(NULL, &blob, len);
  367. *matchcount = 1;
  368. if (p8inf != NULL)
  369. pkey = EVP_PKCS82PKEY(p8inf);
  370. PKCS8_PRIV_KEY_INFO_free(p8inf);
  371. } else {
  372. int slen;
  373. if ((slen = pem_check_suffix(pem_name, "PRIVATE KEY")) > 0
  374. && (ameth = EVP_PKEY_asn1_find_str(NULL, pem_name,
  375. slen)) != NULL) {
  376. *matchcount = 1;
  377. pkey = d2i_PrivateKey(ameth->pkey_id, NULL, &blob, len);
  378. }
  379. }
  380. } else {
  381. int i;
  382. for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
  383. EVP_PKEY *tmp_pkey = NULL;
  384. const unsigned char *tmp_blob = blob;
  385. ameth = EVP_PKEY_asn1_get0(i);
  386. if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
  387. continue;
  388. tmp_pkey = d2i_PrivateKey(ameth->pkey_id, NULL, &tmp_blob, len);
  389. if (tmp_pkey != NULL) {
  390. if (pkey != NULL)
  391. EVP_PKEY_free(tmp_pkey);
  392. else
  393. pkey = tmp_pkey;
  394. (*matchcount)++;
  395. }
  396. }
  397. if (*matchcount > 1) {
  398. EVP_PKEY_free(pkey);
  399. pkey = NULL;
  400. }
  401. }
  402. if (pkey == NULL)
  403. /* No match */
  404. return NULL;
  405. store_info = OSSL_STORE_INFO_new_PKEY(pkey);
  406. if (store_info == NULL)
  407. EVP_PKEY_free(pkey);
  408. return store_info;
  409. }
  410. static FILE_HANDLER PrivateKey_handler = {
  411. "PrivateKey",
  412. try_decode_PrivateKey
  413. };
  414. /*
  415. * Public key decoder. Only supports SubjectPublicKeyInfo formatted keys.
  416. */
  417. static OSSL_STORE_INFO *try_decode_PUBKEY(const char *pem_name,
  418. const char *pem_header,
  419. const unsigned char *blob,
  420. size_t len, void **pctx,
  421. int *matchcount,
  422. const UI_METHOD *ui_method,
  423. void *ui_data)
  424. {
  425. OSSL_STORE_INFO *store_info = NULL;
  426. EVP_PKEY *pkey = NULL;
  427. if (pem_name != NULL) {
  428. if (strcmp(pem_name, PEM_STRING_PUBLIC) != 0)
  429. /* No match */
  430. return NULL;
  431. *matchcount = 1;
  432. }
  433. if ((pkey = d2i_PUBKEY(NULL, &blob, len)) != NULL) {
  434. *matchcount = 1;
  435. store_info = OSSL_STORE_INFO_new_PKEY(pkey);
  436. }
  437. return store_info;
  438. }
  439. static FILE_HANDLER PUBKEY_handler = {
  440. "PUBKEY",
  441. try_decode_PUBKEY
  442. };
  443. /*
  444. * Key parameter decoder.
  445. */
  446. static OSSL_STORE_INFO *try_decode_params(const char *pem_name,
  447. const char *pem_header,
  448. const unsigned char *blob,
  449. size_t len, void **pctx,
  450. int *matchcount,
  451. const UI_METHOD *ui_method,
  452. void *ui_data)
  453. {
  454. OSSL_STORE_INFO *store_info = NULL;
  455. int slen = 0;
  456. EVP_PKEY *pkey = NULL;
  457. const EVP_PKEY_ASN1_METHOD *ameth = NULL;
  458. int ok = 0;
  459. if (pem_name != NULL) {
  460. if ((slen = pem_check_suffix(pem_name, "PARAMETERS")) == 0)
  461. return NULL;
  462. *matchcount = 1;
  463. }
  464. if (slen > 0) {
  465. if ((pkey = EVP_PKEY_new()) == NULL) {
  466. OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PARAMS, ERR_R_EVP_LIB);
  467. return NULL;
  468. }
  469. if (EVP_PKEY_set_type_str(pkey, pem_name, slen)
  470. && (ameth = EVP_PKEY_get0_asn1(pkey)) != NULL
  471. && ameth->param_decode != NULL
  472. && ameth->param_decode(pkey, &blob, len))
  473. ok = 1;
  474. } else {
  475. int i;
  476. EVP_PKEY *tmp_pkey = NULL;
  477. for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
  478. const unsigned char *tmp_blob = blob;
  479. if (tmp_pkey == NULL && (tmp_pkey = EVP_PKEY_new()) == NULL) {
  480. OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PARAMS, ERR_R_EVP_LIB);
  481. break;
  482. }
  483. ameth = EVP_PKEY_asn1_get0(i);
  484. if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
  485. continue;
  486. if (EVP_PKEY_set_type(tmp_pkey, ameth->pkey_id)
  487. && (ameth = EVP_PKEY_get0_asn1(tmp_pkey)) != NULL
  488. && ameth->param_decode != NULL
  489. && ameth->param_decode(tmp_pkey, &tmp_blob, len)) {
  490. if (pkey != NULL)
  491. EVP_PKEY_free(tmp_pkey);
  492. else
  493. pkey = tmp_pkey;
  494. tmp_pkey = NULL;
  495. (*matchcount)++;
  496. }
  497. }
  498. EVP_PKEY_free(tmp_pkey);
  499. if (*matchcount == 1) {
  500. ok = 1;
  501. }
  502. }
  503. if (ok)
  504. store_info = OSSL_STORE_INFO_new_PARAMS(pkey);
  505. if (store_info == NULL)
  506. EVP_PKEY_free(pkey);
  507. return store_info;
  508. }
  509. static FILE_HANDLER params_handler = {
  510. "params",
  511. try_decode_params
  512. };
  513. /*
  514. * X.509 certificate decoder.
  515. */
  516. static OSSL_STORE_INFO *try_decode_X509Certificate(const char *pem_name,
  517. const char *pem_header,
  518. const unsigned char *blob,
  519. size_t len, void **pctx,
  520. int *matchcount,
  521. const UI_METHOD *ui_method,
  522. void *ui_data)
  523. {
  524. OSSL_STORE_INFO *store_info = NULL;
  525. X509 *cert = NULL;
  526. /*
  527. * In most cases, we can try to interpret the serialized data as a trusted
  528. * cert (X509 + X509_AUX) and fall back to reading it as a normal cert
  529. * (just X509), but if the PEM name specifically declares it as a trusted
  530. * cert, then no fallback should be engaged. |ignore_trusted| tells if
  531. * the fallback can be used (1) or not (0).
  532. */
  533. int ignore_trusted = 1;
  534. if (pem_name != NULL) {
  535. if (strcmp(pem_name, PEM_STRING_X509_TRUSTED) == 0)
  536. ignore_trusted = 0;
  537. else if (strcmp(pem_name, PEM_STRING_X509_OLD) != 0
  538. && strcmp(pem_name, PEM_STRING_X509) != 0)
  539. /* No match */
  540. return NULL;
  541. *matchcount = 1;
  542. }
  543. if ((cert = d2i_X509_AUX(NULL, &blob, len)) != NULL
  544. || (ignore_trusted && (cert = d2i_X509(NULL, &blob, len)) != NULL)) {
  545. *matchcount = 1;
  546. store_info = OSSL_STORE_INFO_new_CERT(cert);
  547. }
  548. if (store_info == NULL)
  549. X509_free(cert);
  550. return store_info;
  551. }
  552. static FILE_HANDLER X509Certificate_handler = {
  553. "X509Certificate",
  554. try_decode_X509Certificate
  555. };
  556. /*
  557. * X.509 CRL decoder.
  558. */
  559. static OSSL_STORE_INFO *try_decode_X509CRL(const char *pem_name,
  560. const char *pem_header,
  561. const unsigned char *blob,
  562. size_t len, void **pctx,
  563. int *matchcount,
  564. const UI_METHOD *ui_method,
  565. void *ui_data)
  566. {
  567. OSSL_STORE_INFO *store_info = NULL;
  568. X509_CRL *crl = NULL;
  569. if (pem_name != NULL) {
  570. if (strcmp(pem_name, PEM_STRING_X509_CRL) != 0)
  571. /* No match */
  572. return NULL;
  573. *matchcount = 1;
  574. }
  575. if ((crl = d2i_X509_CRL(NULL, &blob, len)) != NULL) {
  576. *matchcount = 1;
  577. store_info = OSSL_STORE_INFO_new_CRL(crl);
  578. }
  579. if (store_info == NULL)
  580. X509_CRL_free(crl);
  581. return store_info;
  582. }
  583. static FILE_HANDLER X509CRL_handler = {
  584. "X509CRL",
  585. try_decode_X509CRL
  586. };
  587. /*
  588. * To finish it all off, we collect all the handlers.
  589. */
  590. static const FILE_HANDLER *file_handlers[] = {
  591. &PKCS12_handler,
  592. &PKCS8Encrypted_handler,
  593. &X509Certificate_handler,
  594. &X509CRL_handler,
  595. &params_handler,
  596. &PUBKEY_handler,
  597. &PrivateKey_handler,
  598. };
  599. /*-
  600. * The loader itself
  601. * -----------------
  602. */
  603. struct ossl_store_loader_ctx_st {
  604. enum {
  605. is_raw = 0,
  606. is_pem,
  607. is_dir
  608. } type;
  609. int errcnt;
  610. #define FILE_FLAG_SECMEM (1<<0)
  611. unsigned int flags;
  612. union {
  613. struct { /* Used with is_raw and is_pem */
  614. BIO *file;
  615. /*
  616. * The following are used when the handler is marked as
  617. * repeatable
  618. */
  619. const FILE_HANDLER *last_handler;
  620. void *last_handler_ctx;
  621. } file;
  622. struct { /* Used with is_dir */
  623. OPENSSL_DIR_CTX *ctx;
  624. int end_reached;
  625. char *uri;
  626. /*
  627. * When a search expression is given, these are filled in.
  628. * |search_name| contains the file basename to look for.
  629. * The string is exactly 8 characters long.
  630. */
  631. char search_name[9];
  632. /*
  633. * The directory reading utility we have combines opening with
  634. * reading the first name. To make sure we can detect the end
  635. * at the right time, we read early and cache the name.
  636. */
  637. const char *last_entry;
  638. int last_errno;
  639. } dir;
  640. } _;
  641. /* Expected object type. May be unspecified */
  642. int expected_type;
  643. };
  644. static void OSSL_STORE_LOADER_CTX_free(OSSL_STORE_LOADER_CTX *ctx)
  645. {
  646. if (ctx->type == is_dir) {
  647. OPENSSL_free(ctx->_.dir.uri);
  648. } else {
  649. if (ctx->_.file.last_handler != NULL) {
  650. ctx->_.file.last_handler->destroy_ctx(&ctx->_.file.last_handler_ctx);
  651. ctx->_.file.last_handler_ctx = NULL;
  652. ctx->_.file.last_handler = NULL;
  653. }
  654. }
  655. OPENSSL_free(ctx);
  656. }
  657. static OSSL_STORE_LOADER_CTX *file_open(const OSSL_STORE_LOADER *loader,
  658. const char *uri,
  659. const UI_METHOD *ui_method,
  660. void *ui_data)
  661. {
  662. OSSL_STORE_LOADER_CTX *ctx = NULL;
  663. struct stat st;
  664. struct {
  665. const char *path;
  666. unsigned int check_absolute:1;
  667. } path_data[2];
  668. size_t path_data_n = 0, i;
  669. const char *path;
  670. /*
  671. * First step, just take the URI as is.
  672. */
  673. path_data[path_data_n].check_absolute = 0;
  674. path_data[path_data_n++].path = uri;
  675. /*
  676. * Second step, if the URI appears to start with the 'file' scheme,
  677. * extract the path and make that the second path to check.
  678. * There's a special case if the URI also contains an authority, then
  679. * the full URI shouldn't be used as a path anywhere.
  680. */
  681. if (strncasecmp(uri, "file:", 5) == 0) {
  682. const char *p = &uri[5];
  683. if (strncmp(&uri[5], "//", 2) == 0) {
  684. path_data_n--; /* Invalidate using the full URI */
  685. if (strncasecmp(&uri[7], "localhost/", 10) == 0) {
  686. p = &uri[16];
  687. } else if (uri[7] == '/') {
  688. p = &uri[7];
  689. } else {
  690. OSSL_STOREerr(OSSL_STORE_F_FILE_OPEN,
  691. OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED);
  692. return NULL;
  693. }
  694. }
  695. path_data[path_data_n].check_absolute = 1;
  696. #ifdef _WIN32
  697. /* Windows file: URIs with a drive letter start with a / */
  698. if (p[0] == '/' && p[2] == ':' && p[3] == '/') {
  699. char c = ossl_tolower(p[1]);
  700. if (c >= 'a' && c <= 'z') {
  701. p++;
  702. /* We know it's absolute, so no need to check */
  703. path_data[path_data_n].check_absolute = 0;
  704. }
  705. }
  706. #endif
  707. path_data[path_data_n++].path = p;
  708. }
  709. for (i = 0, path = NULL; path == NULL && i < path_data_n; i++) {
  710. /*
  711. * If the scheme "file" was an explicit part of the URI, the path must
  712. * be absolute. So says RFC 8089
  713. */
  714. if (path_data[i].check_absolute && path_data[i].path[0] != '/') {
  715. OSSL_STOREerr(OSSL_STORE_F_FILE_OPEN,
  716. OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE);
  717. ERR_add_error_data(1, path_data[i].path);
  718. return NULL;
  719. }
  720. if (stat(path_data[i].path, &st) < 0) {
  721. ERR_raise_data(ERR_LIB_SYS, errno,
  722. "calling stat(%s)",
  723. path_data[i].path);
  724. } else {
  725. path = path_data[i].path;
  726. }
  727. }
  728. if (path == NULL) {
  729. return NULL;
  730. }
  731. /* Successfully found a working path, clear possible collected errors */
  732. ERR_clear_error();
  733. ctx = OPENSSL_zalloc(sizeof(*ctx));
  734. if (ctx == NULL) {
  735. OSSL_STOREerr(OSSL_STORE_F_FILE_OPEN, ERR_R_MALLOC_FAILURE);
  736. return NULL;
  737. }
  738. if (S_ISDIR(st.st_mode)) {
  739. /*
  740. * Try to copy everything, even if we know that some of them must be
  741. * NULL for the moment. This prevents errors in the future, when more
  742. * components may be used.
  743. */
  744. ctx->_.dir.uri = OPENSSL_strdup(uri);
  745. ctx->type = is_dir;
  746. if (ctx->_.dir.uri == NULL)
  747. goto err;
  748. ctx->_.dir.last_entry = OPENSSL_DIR_read(&ctx->_.dir.ctx, path);
  749. ctx->_.dir.last_errno = errno;
  750. if (ctx->_.dir.last_entry == NULL) {
  751. if (ctx->_.dir.last_errno != 0) {
  752. char errbuf[256];
  753. OSSL_STOREerr(OSSL_STORE_F_FILE_OPEN, ERR_R_SYS_LIB);
  754. errno = ctx->_.dir.last_errno;
  755. if (openssl_strerror_r(errno, errbuf, sizeof(errbuf)))
  756. ERR_add_error_data(1, errbuf);
  757. goto err;
  758. }
  759. ctx->_.dir.end_reached = 1;
  760. }
  761. } else {
  762. BIO *buff = NULL;
  763. char peekbuf[4096] = { 0, };
  764. if ((buff = BIO_new(BIO_f_buffer())) == NULL
  765. || (ctx->_.file.file = BIO_new_file(path, "rb")) == NULL) {
  766. BIO_free_all(buff);
  767. goto err;
  768. }
  769. ctx->_.file.file = BIO_push(buff, ctx->_.file.file);
  770. if (BIO_buffer_peek(ctx->_.file.file, peekbuf, sizeof(peekbuf) - 1) > 0) {
  771. peekbuf[sizeof(peekbuf) - 1] = '\0';
  772. if (strstr(peekbuf, "-----BEGIN ") != NULL)
  773. ctx->type = is_pem;
  774. }
  775. }
  776. return ctx;
  777. err:
  778. OSSL_STORE_LOADER_CTX_free(ctx);
  779. return NULL;
  780. }
  781. static int file_ctrl(OSSL_STORE_LOADER_CTX *ctx, int cmd, va_list args)
  782. {
  783. int ret = 1;
  784. switch (cmd) {
  785. case OSSL_STORE_C_USE_SECMEM:
  786. {
  787. int on = *(va_arg(args, int *));
  788. switch (on) {
  789. case 0:
  790. ctx->flags &= ~FILE_FLAG_SECMEM;
  791. break;
  792. case 1:
  793. ctx->flags |= FILE_FLAG_SECMEM;
  794. break;
  795. default:
  796. OSSL_STOREerr(OSSL_STORE_F_FILE_CTRL,
  797. ERR_R_PASSED_INVALID_ARGUMENT);
  798. ret = 0;
  799. break;
  800. }
  801. }
  802. break;
  803. default:
  804. break;
  805. }
  806. return ret;
  807. }
  808. static int file_expect(OSSL_STORE_LOADER_CTX *ctx, int expected)
  809. {
  810. ctx->expected_type = expected;
  811. return 1;
  812. }
  813. static int file_find(OSSL_STORE_LOADER_CTX *ctx, OSSL_STORE_SEARCH *search)
  814. {
  815. /*
  816. * If ctx == NULL, the library is looking to know if this loader supports
  817. * the given search type.
  818. */
  819. if (OSSL_STORE_SEARCH_get_type(search) == OSSL_STORE_SEARCH_BY_NAME) {
  820. unsigned long hash = 0;
  821. if (ctx == NULL)
  822. return 1;
  823. if (ctx->type != is_dir) {
  824. OSSL_STOREerr(OSSL_STORE_F_FILE_FIND,
  825. OSSL_STORE_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES);
  826. return 0;
  827. }
  828. hash = X509_NAME_hash(OSSL_STORE_SEARCH_get0_name(search));
  829. BIO_snprintf(ctx->_.dir.search_name, sizeof(ctx->_.dir.search_name),
  830. "%08lx", hash);
  831. return 1;
  832. }
  833. if (ctx != NULL)
  834. OSSL_STOREerr(OSSL_STORE_F_FILE_FIND,
  835. OSSL_STORE_R_UNSUPPORTED_SEARCH_TYPE);
  836. return 0;
  837. }
  838. /* Internal function to decode an already opened PEM file */
  839. OSSL_STORE_LOADER_CTX *ossl_store_file_attach_pem_bio_int(BIO *bp)
  840. {
  841. OSSL_STORE_LOADER_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
  842. if (ctx == NULL) {
  843. OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT,
  844. ERR_R_MALLOC_FAILURE);
  845. return NULL;
  846. }
  847. ctx->_.file.file = bp;
  848. ctx->type = is_pem;
  849. return ctx;
  850. }
  851. static OSSL_STORE_INFO *file_load_try_decode(OSSL_STORE_LOADER_CTX *ctx,
  852. const char *pem_name,
  853. const char *pem_header,
  854. unsigned char *data, size_t len,
  855. const UI_METHOD *ui_method,
  856. void *ui_data, int *matchcount)
  857. {
  858. OSSL_STORE_INFO *result = NULL;
  859. BUF_MEM *new_mem = NULL;
  860. char *new_pem_name = NULL;
  861. int t = 0;
  862. again:
  863. {
  864. size_t i = 0;
  865. void *handler_ctx = NULL;
  866. const FILE_HANDLER **matching_handlers =
  867. OPENSSL_zalloc(sizeof(*matching_handlers)
  868. * OSSL_NELEM(file_handlers));
  869. if (matching_handlers == NULL) {
  870. OSSL_STOREerr(OSSL_STORE_F_FILE_LOAD_TRY_DECODE,
  871. ERR_R_MALLOC_FAILURE);
  872. goto err;
  873. }
  874. *matchcount = 0;
  875. for (i = 0; i < OSSL_NELEM(file_handlers); i++) {
  876. const FILE_HANDLER *handler = file_handlers[i];
  877. int try_matchcount = 0;
  878. void *tmp_handler_ctx = NULL;
  879. OSSL_STORE_INFO *tmp_result =
  880. handler->try_decode(pem_name, pem_header, data, len,
  881. &tmp_handler_ctx, &try_matchcount,
  882. ui_method, ui_data);
  883. if (try_matchcount > 0) {
  884. matching_handlers[*matchcount] = handler;
  885. if (handler_ctx)
  886. handler->destroy_ctx(&handler_ctx);
  887. handler_ctx = tmp_handler_ctx;
  888. if ((*matchcount += try_matchcount) > 1) {
  889. /* more than one match => ambiguous, kill any result */
  890. OSSL_STORE_INFO_free(result);
  891. OSSL_STORE_INFO_free(tmp_result);
  892. if (handler->destroy_ctx != NULL)
  893. handler->destroy_ctx(&handler_ctx);
  894. handler_ctx = NULL;
  895. tmp_result = NULL;
  896. result = NULL;
  897. }
  898. if (result == NULL)
  899. result = tmp_result;
  900. }
  901. }
  902. if (*matchcount == 1 && matching_handlers[0]->repeatable) {
  903. ctx->_.file.last_handler = matching_handlers[0];
  904. ctx->_.file.last_handler_ctx = handler_ctx;
  905. }
  906. OPENSSL_free(matching_handlers);
  907. }
  908. err:
  909. OPENSSL_free(new_pem_name);
  910. BUF_MEM_free(new_mem);
  911. if (result != NULL
  912. && (t = OSSL_STORE_INFO_get_type(result)) == OSSL_STORE_INFO_EMBEDDED) {
  913. pem_name = new_pem_name =
  914. ossl_store_info_get0_EMBEDDED_pem_name(result);
  915. new_mem = ossl_store_info_get0_EMBEDDED_buffer(result);
  916. data = (unsigned char *)new_mem->data;
  917. len = new_mem->length;
  918. OPENSSL_free(result);
  919. result = NULL;
  920. goto again;
  921. }
  922. if (result != NULL)
  923. ERR_clear_error();
  924. return result;
  925. }
  926. static OSSL_STORE_INFO *file_load_try_repeat(OSSL_STORE_LOADER_CTX *ctx,
  927. const UI_METHOD *ui_method,
  928. void *ui_data)
  929. {
  930. OSSL_STORE_INFO *result = NULL;
  931. int try_matchcount = 0;
  932. if (ctx->_.file.last_handler != NULL) {
  933. result =
  934. ctx->_.file.last_handler->try_decode(NULL, NULL, NULL, 0,
  935. &ctx->_.file.last_handler_ctx,
  936. &try_matchcount,
  937. ui_method, ui_data);
  938. if (result == NULL) {
  939. ctx->_.file.last_handler->destroy_ctx(&ctx->_.file.last_handler_ctx);
  940. ctx->_.file.last_handler_ctx = NULL;
  941. ctx->_.file.last_handler = NULL;
  942. }
  943. }
  944. return result;
  945. }
  946. static void pem_free_flag(void *pem_data, int secure, size_t num)
  947. {
  948. if (secure)
  949. OPENSSL_secure_clear_free(pem_data, num);
  950. else
  951. OPENSSL_free(pem_data);
  952. }
  953. static int file_read_pem(BIO *bp, char **pem_name, char **pem_header,
  954. unsigned char **data, long *len,
  955. const UI_METHOD *ui_method,
  956. void *ui_data, int secure)
  957. {
  958. int i = secure
  959. ? PEM_read_bio_ex(bp, pem_name, pem_header, data, len,
  960. PEM_FLAG_SECURE | PEM_FLAG_EAY_COMPATIBLE)
  961. : PEM_read_bio(bp, pem_name, pem_header, data, len);
  962. if (i <= 0)
  963. return 0;
  964. /*
  965. * 10 is the number of characters in "Proc-Type:", which
  966. * PEM_get_EVP_CIPHER_INFO() requires to be present.
  967. * If the PEM header has less characters than that, it's
  968. * not worth spending cycles on it.
  969. */
  970. if (strlen(*pem_header) > 10) {
  971. EVP_CIPHER_INFO cipher;
  972. struct pem_pass_data pass_data;
  973. if (!PEM_get_EVP_CIPHER_INFO(*pem_header, &cipher)
  974. || !file_fill_pem_pass_data(&pass_data, "PEM", ui_method, ui_data)
  975. || !PEM_do_header(&cipher, *data, len, file_get_pem_pass,
  976. &pass_data)) {
  977. return 0;
  978. }
  979. }
  980. return 1;
  981. }
  982. static int file_read_asn1(BIO *bp, unsigned char **data, long *len)
  983. {
  984. BUF_MEM *mem = NULL;
  985. if (asn1_d2i_read_bio(bp, &mem) < 0)
  986. return 0;
  987. *data = (unsigned char *)mem->data;
  988. *len = (long)mem->length;
  989. OPENSSL_free(mem);
  990. return 1;
  991. }
  992. static int ends_with_dirsep(const char *uri)
  993. {
  994. if (*uri != '\0')
  995. uri += strlen(uri) - 1;
  996. #if defined __VMS
  997. if (*uri == ']' || *uri == '>' || *uri == ':')
  998. return 1;
  999. #elif defined _WIN32
  1000. if (*uri == '\\')
  1001. return 1;
  1002. #endif
  1003. return *uri == '/';
  1004. }
  1005. static int file_name_to_uri(OSSL_STORE_LOADER_CTX *ctx, const char *name,
  1006. char **data)
  1007. {
  1008. assert(name != NULL);
  1009. assert(data != NULL);
  1010. {
  1011. const char *pathsep = ends_with_dirsep(ctx->_.dir.uri) ? "" : "/";
  1012. long calculated_length = strlen(ctx->_.dir.uri) + strlen(pathsep)
  1013. + strlen(name) + 1 /* \0 */;
  1014. *data = OPENSSL_zalloc(calculated_length);
  1015. if (*data == NULL) {
  1016. OSSL_STOREerr(OSSL_STORE_F_FILE_NAME_TO_URI, ERR_R_MALLOC_FAILURE);
  1017. return 0;
  1018. }
  1019. OPENSSL_strlcat(*data, ctx->_.dir.uri, calculated_length);
  1020. OPENSSL_strlcat(*data, pathsep, calculated_length);
  1021. OPENSSL_strlcat(*data, name, calculated_length);
  1022. }
  1023. return 1;
  1024. }
  1025. static int file_name_check(OSSL_STORE_LOADER_CTX *ctx, const char *name)
  1026. {
  1027. const char *p = NULL;
  1028. /* If there are no search criteria, all names are accepted */
  1029. if (ctx->_.dir.search_name[0] == '\0')
  1030. return 1;
  1031. /* If the expected type isn't supported, no name is accepted */
  1032. if (ctx->expected_type != 0
  1033. && ctx->expected_type != OSSL_STORE_INFO_CERT
  1034. && ctx->expected_type != OSSL_STORE_INFO_CRL)
  1035. return 0;
  1036. /*
  1037. * First, check the basename
  1038. */
  1039. if (strncasecmp(name, ctx->_.dir.search_name,
  1040. sizeof(ctx->_.dir.search_name) - 1) != 0
  1041. || name[sizeof(ctx->_.dir.search_name) - 1] != '.')
  1042. return 0;
  1043. p = &name[sizeof(ctx->_.dir.search_name)];
  1044. /*
  1045. * Then, if the expected type is a CRL, check that the extension starts
  1046. * with 'r'
  1047. */
  1048. if (*p == 'r') {
  1049. p++;
  1050. if (ctx->expected_type != 0
  1051. && ctx->expected_type != OSSL_STORE_INFO_CRL)
  1052. return 0;
  1053. } else if (ctx->expected_type == OSSL_STORE_INFO_CRL) {
  1054. return 0;
  1055. }
  1056. /*
  1057. * Last, check that the rest of the extension is a decimal number, at
  1058. * least one digit long.
  1059. */
  1060. if (!ossl_isdigit(*p))
  1061. return 0;
  1062. while (ossl_isdigit(*p))
  1063. p++;
  1064. # ifdef __VMS
  1065. /*
  1066. * One extra step here, check for a possible generation number.
  1067. */
  1068. if (*p == ';')
  1069. for (p++; *p != '\0'; p++)
  1070. if (!ossl_isdigit(*p))
  1071. break;
  1072. # endif
  1073. /*
  1074. * If we've reached the end of the string at this point, we've successfully
  1075. * found a fitting file name.
  1076. */
  1077. return *p == '\0';
  1078. }
  1079. static int file_eof(OSSL_STORE_LOADER_CTX *ctx);
  1080. static int file_error(OSSL_STORE_LOADER_CTX *ctx);
  1081. static OSSL_STORE_INFO *file_load(OSSL_STORE_LOADER_CTX *ctx,
  1082. const UI_METHOD *ui_method, void *ui_data)
  1083. {
  1084. OSSL_STORE_INFO *result = NULL;
  1085. ctx->errcnt = 0;
  1086. ERR_clear_error();
  1087. if (ctx->type == is_dir) {
  1088. do {
  1089. char *newname = NULL;
  1090. if (ctx->_.dir.last_entry == NULL) {
  1091. if (!ctx->_.dir.end_reached) {
  1092. char errbuf[256];
  1093. assert(ctx->_.dir.last_errno != 0);
  1094. OSSL_STOREerr(OSSL_STORE_F_FILE_LOAD, ERR_R_SYS_LIB);
  1095. errno = ctx->_.dir.last_errno;
  1096. ctx->errcnt++;
  1097. if (openssl_strerror_r(errno, errbuf, sizeof(errbuf)))
  1098. ERR_add_error_data(1, errbuf);
  1099. }
  1100. return NULL;
  1101. }
  1102. if (ctx->_.dir.last_entry[0] != '.'
  1103. && file_name_check(ctx, ctx->_.dir.last_entry)
  1104. && !file_name_to_uri(ctx, ctx->_.dir.last_entry, &newname))
  1105. return NULL;
  1106. /*
  1107. * On the first call (with a NULL context), OPENSSL_DIR_read()
  1108. * cares about the second argument. On the following calls, it
  1109. * only cares that it isn't NULL. Therefore, we can safely give
  1110. * it our URI here.
  1111. */
  1112. ctx->_.dir.last_entry = OPENSSL_DIR_read(&ctx->_.dir.ctx,
  1113. ctx->_.dir.uri);
  1114. ctx->_.dir.last_errno = errno;
  1115. if (ctx->_.dir.last_entry == NULL && ctx->_.dir.last_errno == 0)
  1116. ctx->_.dir.end_reached = 1;
  1117. if (newname != NULL
  1118. && (result = OSSL_STORE_INFO_new_NAME(newname)) == NULL) {
  1119. OPENSSL_free(newname);
  1120. OSSL_STOREerr(OSSL_STORE_F_FILE_LOAD, ERR_R_OSSL_STORE_LIB);
  1121. return NULL;
  1122. }
  1123. } while (result == NULL && !file_eof(ctx));
  1124. } else {
  1125. int matchcount = -1;
  1126. again:
  1127. result = file_load_try_repeat(ctx, ui_method, ui_data);
  1128. if (result != NULL)
  1129. return result;
  1130. if (file_eof(ctx))
  1131. return NULL;
  1132. do {
  1133. char *pem_name = NULL; /* PEM record name */
  1134. char *pem_header = NULL; /* PEM record header */
  1135. unsigned char *data = NULL; /* DER encoded data */
  1136. long len = 0; /* DER encoded data length */
  1137. matchcount = -1;
  1138. if (ctx->type == is_pem) {
  1139. if (!file_read_pem(ctx->_.file.file, &pem_name, &pem_header,
  1140. &data, &len, ui_method, ui_data,
  1141. (ctx->flags & FILE_FLAG_SECMEM) != 0)) {
  1142. ctx->errcnt++;
  1143. goto endloop;
  1144. }
  1145. } else {
  1146. if (!file_read_asn1(ctx->_.file.file, &data, &len)) {
  1147. ctx->errcnt++;
  1148. goto endloop;
  1149. }
  1150. }
  1151. result = file_load_try_decode(ctx, pem_name, pem_header, data, len,
  1152. ui_method, ui_data, &matchcount);
  1153. if (result != NULL)
  1154. goto endloop;
  1155. /*
  1156. * If a PEM name matches more than one handler, the handlers are
  1157. * badly coded.
  1158. */
  1159. if (!ossl_assert(pem_name == NULL || matchcount <= 1)) {
  1160. ctx->errcnt++;
  1161. goto endloop;
  1162. }
  1163. if (matchcount > 1) {
  1164. OSSL_STOREerr(OSSL_STORE_F_FILE_LOAD,
  1165. OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE);
  1166. } else if (matchcount == 1) {
  1167. /*
  1168. * If there are other errors on the stack, they already show
  1169. * what the problem is.
  1170. */
  1171. if (ERR_peek_error() == 0) {
  1172. OSSL_STOREerr(OSSL_STORE_F_FILE_LOAD,
  1173. OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE);
  1174. if (pem_name != NULL)
  1175. ERR_add_error_data(3, "PEM type is '", pem_name, "'");
  1176. }
  1177. }
  1178. if (matchcount > 0)
  1179. ctx->errcnt++;
  1180. endloop:
  1181. pem_free_flag(pem_name, (ctx->flags & FILE_FLAG_SECMEM) != 0, 0);
  1182. pem_free_flag(pem_header, (ctx->flags & FILE_FLAG_SECMEM) != 0, 0);
  1183. pem_free_flag(data, (ctx->flags & FILE_FLAG_SECMEM) != 0, len);
  1184. } while (matchcount == 0 && !file_eof(ctx) && !file_error(ctx));
  1185. /* We bail out on ambiguity */
  1186. if (matchcount > 1)
  1187. return NULL;
  1188. if (result != NULL
  1189. && ctx->expected_type != 0
  1190. && ctx->expected_type != OSSL_STORE_INFO_get_type(result)) {
  1191. OSSL_STORE_INFO_free(result);
  1192. goto again;
  1193. }
  1194. }
  1195. return result;
  1196. }
  1197. static int file_error(OSSL_STORE_LOADER_CTX *ctx)
  1198. {
  1199. return ctx->errcnt > 0;
  1200. }
  1201. static int file_eof(OSSL_STORE_LOADER_CTX *ctx)
  1202. {
  1203. if (ctx->type == is_dir)
  1204. return ctx->_.dir.end_reached;
  1205. if (ctx->_.file.last_handler != NULL
  1206. && !ctx->_.file.last_handler->eof(ctx->_.file.last_handler_ctx))
  1207. return 0;
  1208. return BIO_eof(ctx->_.file.file);
  1209. }
  1210. static int file_close(OSSL_STORE_LOADER_CTX *ctx)
  1211. {
  1212. if (ctx->type == is_dir) {
  1213. OPENSSL_DIR_end(&ctx->_.dir.ctx);
  1214. } else {
  1215. BIO_free_all(ctx->_.file.file);
  1216. }
  1217. OSSL_STORE_LOADER_CTX_free(ctx);
  1218. return 1;
  1219. }
  1220. int ossl_store_file_detach_pem_bio_int(OSSL_STORE_LOADER_CTX *ctx)
  1221. {
  1222. OSSL_STORE_LOADER_CTX_free(ctx);
  1223. return 1;
  1224. }
  1225. static OSSL_STORE_LOADER file_loader =
  1226. {
  1227. "file",
  1228. NULL,
  1229. file_open,
  1230. file_ctrl,
  1231. file_expect,
  1232. file_find,
  1233. file_load,
  1234. file_eof,
  1235. file_error,
  1236. file_close
  1237. };
  1238. static void store_file_loader_deinit(void)
  1239. {
  1240. ossl_store_unregister_loader_int(file_loader.scheme);
  1241. }
  1242. int ossl_store_file_loader_init(void)
  1243. {
  1244. int ret = ossl_store_register_loader_int(&file_loader);
  1245. OPENSSL_atexit(store_file_loader_deinit);
  1246. return ret;
  1247. }