xref: /freebsd/crypto/openssl/providers/implementations/storemgmt/file_store.c (revision aa7957345732816fb0ba8308798d2f79f45597f9)
1 /*
2  * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 /* This file has quite some overlap with engines/e_loader_attic.c */
11 
12 #include <string.h>
13 #include <sys/stat.h>
14 #include <ctype.h>  /* isdigit */
15 #include <assert.h>
16 
17 #include <openssl/core_dispatch.h>
18 #include <openssl/core_names.h>
19 #include <openssl/core_object.h>
20 #include <openssl/bio.h>
21 #include <openssl/err.h>
22 #include <openssl/params.h>
23 #include <openssl/decoder.h>
24 #include <openssl/proverr.h>
25 #include <openssl/store.h>       /* The OSSL_STORE_INFO type numbers */
26 #include "internal/cryptlib.h"
27 #include "internal/o_dir.h"
28 #include "crypto/decoder.h"
29 #include "crypto/ctype.h"        /* ossl_isdigit() */
30 #include "prov/implementations.h"
31 #include "prov/bio.h"
32 #include "file_store_local.h"
33 
34 DEFINE_STACK_OF(OSSL_STORE_INFO)
35 
36 #ifdef _WIN32
37 # define stat _stat
38 #endif
39 
40 #ifndef S_ISDIR
41 # define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
42 #endif
43 
44 static OSSL_FUNC_store_open_fn file_open;
45 static OSSL_FUNC_store_attach_fn file_attach;
46 static OSSL_FUNC_store_settable_ctx_params_fn file_settable_ctx_params;
47 static OSSL_FUNC_store_set_ctx_params_fn file_set_ctx_params;
48 static OSSL_FUNC_store_load_fn file_load;
49 static OSSL_FUNC_store_eof_fn file_eof;
50 static OSSL_FUNC_store_close_fn file_close;
51 
52 /*
53  * This implementation makes full use of OSSL_DECODER, and then some.
54  * It uses its own internal decoder implementation that reads DER and
55  * passes that on to the data callback; this decoder is created with
56  * internal OpenSSL functions, thereby bypassing the need for a surrounding
57  * provider.  This is ok, since this is a local decoder, not meant for
58  * public consumption.  It also uses the libcrypto internal decoder
59  * setup function ossl_decoder_ctx_setup_for_pkey(), to allow the
60  * last resort decoder to be added first (and thereby be executed last).
61  * Finally, it sets up its own construct and cleanup functions.
62  *
63  * Essentially, that makes this implementation a kind of glorified decoder.
64  */
65 
66 struct file_ctx_st {
67     void *provctx;
68     char *uri;                   /* The URI we currently try to load */
69     enum {
70         IS_FILE = 0,             /* Read file and pass results */
71         IS_DIR                   /* Pass directory entry names */
72     } type;
73 
74     union {
75         /* Used with |IS_FILE| */
76         struct {
77             BIO *file;
78 
79             OSSL_DECODER_CTX *decoderctx;
80             char *input_type;
81             char *propq;    /* The properties we got as a parameter */
82         } file;
83 
84         /* Used with |IS_DIR| */
85         struct {
86             OPENSSL_DIR_CTX *ctx;
87             int end_reached;
88 
89             /*
90              * When a search expression is given, these are filled in.
91              * |search_name| contains the file basename to look for.
92              * The string is exactly 8 characters long.
93              */
94             char search_name[9];
95 
96             /*
97              * The directory reading utility we have combines opening with
98              * reading the first name.  To make sure we can detect the end
99              * at the right time, we read early and cache the name.
100              */
101             const char *last_entry;
102             int last_errno;
103         } dir;
104     } _;
105 
106     /* Expected object type.  May be unspecified */
107     int expected_type;
108 };
109 
free_file_ctx(struct file_ctx_st * ctx)110 static void free_file_ctx(struct file_ctx_st *ctx)
111 {
112     if (ctx == NULL)
113         return;
114 
115     OPENSSL_free(ctx->uri);
116     if (ctx->type != IS_DIR) {
117         OSSL_DECODER_CTX_free(ctx->_.file.decoderctx);
118         OPENSSL_free(ctx->_.file.propq);
119         OPENSSL_free(ctx->_.file.input_type);
120     }
121     OPENSSL_free(ctx);
122 }
123 
new_file_ctx(int type,const char * uri,void * provctx)124 static struct file_ctx_st *new_file_ctx(int type, const char *uri,
125                                         void *provctx)
126 {
127     struct file_ctx_st *ctx = NULL;
128 
129     if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) != NULL
130         && (uri == NULL || (ctx->uri = OPENSSL_strdup(uri)) != NULL)) {
131         ctx->type = type;
132         ctx->provctx = provctx;
133         return ctx;
134     }
135     free_file_ctx(ctx);
136     return NULL;
137 }
138 
139 static OSSL_DECODER_CONSTRUCT file_load_construct;
140 static OSSL_DECODER_CLEANUP file_load_cleanup;
141 
142 /*-
143  *  Opening / attaching streams and directories
144  *  -------------------------------------------
145  */
146 
147 /*
148  * Function to service both file_open() and file_attach()
149  *
150  *
151  */
file_open_stream(BIO * source,const char * uri,void * provctx)152 static struct file_ctx_st *file_open_stream(BIO *source, const char *uri,
153                                             void *provctx)
154 {
155     struct file_ctx_st *ctx;
156 
157     if ((ctx = new_file_ctx(IS_FILE, uri, provctx)) == NULL) {
158         ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
159         goto err;
160     }
161 
162     ctx->_.file.file = source;
163 
164     return ctx;
165  err:
166     free_file_ctx(ctx);
167     return NULL;
168 }
169 
file_open_dir(const char * path,const char * uri,void * provctx)170 static void *file_open_dir(const char *path, const char *uri, void *provctx)
171 {
172     struct file_ctx_st *ctx;
173 
174     if ((ctx = new_file_ctx(IS_DIR, uri, provctx)) == NULL) {
175         ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
176         return NULL;
177     }
178 
179     ctx->_.dir.last_entry = OPENSSL_DIR_read(&ctx->_.dir.ctx, path);
180     ctx->_.dir.last_errno = errno;
181     if (ctx->_.dir.last_entry == NULL) {
182         if (ctx->_.dir.last_errno != 0) {
183             ERR_raise_data(ERR_LIB_SYS, ctx->_.dir.last_errno,
184                            "Calling OPENSSL_DIR_read(\"%s\")", path);
185             goto err;
186         }
187         ctx->_.dir.end_reached = 1;
188     }
189     return ctx;
190  err:
191     file_close(ctx);
192     return NULL;
193 }
194 
file_open(void * provctx,const char * uri)195 static void *file_open(void *provctx, const char *uri)
196 {
197     struct file_ctx_st *ctx = NULL;
198     struct stat st;
199     struct {
200         const char *path;
201         unsigned int check_absolute:1;
202     } path_data[2];
203     size_t path_data_n = 0, i;
204     const char *path;
205     BIO *bio;
206 
207     ERR_set_mark();
208 
209     /*
210      * First step, just take the URI as is.
211      */
212     path_data[path_data_n].check_absolute = 0;
213     path_data[path_data_n++].path = uri;
214 
215     /*
216      * Second step, if the URI appears to start with the 'file' scheme,
217      * extract the path and make that the second path to check.
218      * There's a special case if the URI also contains an authority, then
219      * the full URI shouldn't be used as a path anywhere.
220      */
221     if (OPENSSL_strncasecmp(uri, "file:", 5) == 0) {
222         const char *p = &uri[5];
223 
224         if (strncmp(&uri[5], "//", 2) == 0) {
225             path_data_n--;           /* Invalidate using the full URI */
226             if (OPENSSL_strncasecmp(&uri[7], "localhost/", 10) == 0) {
227                 p = &uri[16];
228             } else if (uri[7] == '/') {
229                 p = &uri[7];
230             } else {
231                 ERR_clear_last_mark();
232                 ERR_raise(ERR_LIB_PROV, PROV_R_URI_AUTHORITY_UNSUPPORTED);
233                 return NULL;
234             }
235         }
236 
237         path_data[path_data_n].check_absolute = 1;
238 #ifdef _WIN32
239         /* Windows file: URIs with a drive letter start with a / */
240         if (p[0] == '/' && p[2] == ':' && p[3] == '/') {
241             char c = tolower(p[1]);
242 
243             if (c >= 'a' && c <= 'z') {
244                 p++;
245                 /* We know it's absolute, so no need to check */
246                 path_data[path_data_n].check_absolute = 0;
247             }
248         }
249 #endif
250         path_data[path_data_n++].path = p;
251     }
252 
253 
254     for (i = 0, path = NULL; path == NULL && i < path_data_n; i++) {
255         /*
256          * If the scheme "file" was an explicit part of the URI, the path must
257          * be absolute.  So says RFC 8089
258          */
259         if (path_data[i].check_absolute && path_data[i].path[0] != '/') {
260             ERR_clear_last_mark();
261             ERR_raise_data(ERR_LIB_PROV, PROV_R_PATH_MUST_BE_ABSOLUTE,
262                            "Given path=%s", path_data[i].path);
263             return NULL;
264         }
265 
266         if (stat(path_data[i].path, &st) < 0) {
267             ERR_raise_data(ERR_LIB_SYS, errno,
268                            "calling stat(%s)",
269                            path_data[i].path);
270         } else {
271             path = path_data[i].path;
272         }
273     }
274     if (path == NULL) {
275         ERR_clear_last_mark();
276         return NULL;
277     }
278 
279     /* Successfully found a working path, clear possible collected errors */
280     ERR_pop_to_mark();
281 
282     if (S_ISDIR(st.st_mode))
283         ctx = file_open_dir(path, uri, provctx);
284     else if ((bio = BIO_new_file(path, "rb")) == NULL
285              || (ctx = file_open_stream(bio, uri, provctx)) == NULL)
286         BIO_free_all(bio);
287 
288     return ctx;
289 }
290 
file_attach(void * provctx,OSSL_CORE_BIO * cin)291 void *file_attach(void *provctx, OSSL_CORE_BIO *cin)
292 {
293     struct file_ctx_st *ctx;
294     BIO *new_bio = ossl_bio_new_from_core_bio(provctx, cin);
295 
296     if (new_bio == NULL)
297         return NULL;
298 
299     ctx = file_open_stream(new_bio, NULL, provctx);
300     if (ctx == NULL)
301         BIO_free(new_bio);
302     return ctx;
303 }
304 
305 /*-
306  *  Setting parameters
307  *  ------------------
308  */
309 
file_settable_ctx_params(void * provctx)310 static const OSSL_PARAM *file_settable_ctx_params(void *provctx)
311 {
312     static const OSSL_PARAM known_settable_ctx_params[] = {
313         OSSL_PARAM_utf8_string(OSSL_STORE_PARAM_PROPERTIES, NULL, 0),
314         OSSL_PARAM_int(OSSL_STORE_PARAM_EXPECT, NULL),
315         OSSL_PARAM_octet_string(OSSL_STORE_PARAM_SUBJECT, NULL, 0),
316         OSSL_PARAM_utf8_string(OSSL_STORE_PARAM_INPUT_TYPE, NULL, 0),
317         OSSL_PARAM_END
318     };
319     return known_settable_ctx_params;
320 }
321 
file_set_ctx_params(void * loaderctx,const OSSL_PARAM params[])322 static int file_set_ctx_params(void *loaderctx, const OSSL_PARAM params[])
323 {
324     struct file_ctx_st *ctx = loaderctx;
325     const OSSL_PARAM *p;
326 
327     if (params == NULL)
328         return 1;
329 
330     if (ctx->type != IS_DIR) {
331         /* these parameters are ignored for directories */
332         p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_PROPERTIES);
333         if (p != NULL) {
334             OPENSSL_free(ctx->_.file.propq);
335             ctx->_.file.propq = NULL;
336             if (!OSSL_PARAM_get_utf8_string(p, &ctx->_.file.propq, 0))
337                 return 0;
338         }
339         p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_INPUT_TYPE);
340         if (p != NULL) {
341             OPENSSL_free(ctx->_.file.input_type);
342             ctx->_.file.input_type = NULL;
343             if (!OSSL_PARAM_get_utf8_string(p, &ctx->_.file.input_type, 0))
344                 return 0;
345         }
346     }
347     p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_EXPECT);
348     if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->expected_type))
349         return 0;
350     p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_SUBJECT);
351     if (p != NULL) {
352         const unsigned char *der = NULL;
353         size_t der_len = 0;
354         X509_NAME *x509_name;
355         unsigned long hash;
356         int ok;
357 
358         if (ctx->type != IS_DIR) {
359             ERR_raise(ERR_LIB_PROV,
360                       PROV_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES);
361             return 0;
362         }
363 
364         if (!OSSL_PARAM_get_octet_string_ptr(p, (const void **)&der, &der_len)
365             || (x509_name = d2i_X509_NAME(NULL, &der, der_len)) == NULL)
366             return 0;
367         hash = X509_NAME_hash_ex(x509_name,
368                                  ossl_prov_ctx_get0_libctx(ctx->provctx), NULL,
369                                  &ok);
370         BIO_snprintf(ctx->_.dir.search_name, sizeof(ctx->_.dir.search_name),
371                      "%08lx", hash);
372         X509_NAME_free(x509_name);
373         if (ok == 0)
374             return 0;
375     }
376     return 1;
377 }
378 
379 /*-
380  *  Loading an object from a stream
381  *  -------------------------------
382  */
383 
384 struct file_load_data_st {
385     OSSL_CALLBACK *object_cb;
386     void *object_cbarg;
387 };
388 
file_load_construct(OSSL_DECODER_INSTANCE * decoder_inst,const OSSL_PARAM * params,void * construct_data)389 static int file_load_construct(OSSL_DECODER_INSTANCE *decoder_inst,
390                                const OSSL_PARAM *params, void *construct_data)
391 {
392     struct file_load_data_st *data = construct_data;
393 
394     /*
395      * At some point, we may find it justifiable to recognise PKCS#12 and
396      * handle it specially here, making |file_load()| return pass its
397      * contents one piece at ta time, like |e_loader_attic.c| does.
398      *
399      * However, that currently means parsing them out, which converts the
400      * DER encoded PKCS#12 into a bunch of EVP_PKEYs and X509s, just to
401      * have to re-encode them into DER to create an object abstraction for
402      * each of them.
403      * It's much simpler (less churn) to pass on the object abstraction we
404      * get to the load_result callback and leave it to that one to do the
405      * work.  If that's libcrypto code, we know that it has much better
406      * possibilities to handle the EVP_PKEYs and X509s without the extra
407      * churn.
408      */
409 
410     return data->object_cb(params, data->object_cbarg);
411 }
412 
file_load_cleanup(void * construct_data)413 void file_load_cleanup(void *construct_data)
414 {
415     /* Nothing to do */
416 }
417 
file_setup_decoders(struct file_ctx_st * ctx)418 static int file_setup_decoders(struct file_ctx_st *ctx)
419 {
420     OSSL_LIB_CTX *libctx = ossl_prov_ctx_get0_libctx(ctx->provctx);
421     const OSSL_ALGORITHM *to_algo = NULL;
422     int ok = 0;
423 
424     /* Setup for this session, so only if not already done */
425     if (ctx->_.file.decoderctx == NULL) {
426         if ((ctx->_.file.decoderctx = OSSL_DECODER_CTX_new()) == NULL) {
427             ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
428             goto err;
429         }
430 
431         /* Make sure the input type is set */
432         if (!OSSL_DECODER_CTX_set_input_type(ctx->_.file.decoderctx,
433                                              ctx->_.file.input_type)) {
434             ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
435             goto err;
436         }
437 
438         /*
439          * Where applicable, set the outermost structure name.
440          * The goal is to avoid the STORE object types that are
441          * potentially password protected but aren't interesting
442          * for this load.
443          */
444         switch (ctx->expected_type) {
445         case OSSL_STORE_INFO_CERT:
446             if (!OSSL_DECODER_CTX_set_input_structure(ctx->_.file.decoderctx,
447                                                       "Certificate")) {
448                 ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
449                 goto err;
450             }
451             break;
452         case OSSL_STORE_INFO_CRL:
453             if (!OSSL_DECODER_CTX_set_input_structure(ctx->_.file.decoderctx,
454                                                       "CertificateList")) {
455                 ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
456                 goto err;
457             }
458             break;
459         default:
460             break;
461         }
462 
463         for (to_algo = ossl_any_to_obj_algorithm;
464              to_algo->algorithm_names != NULL;
465              to_algo++) {
466             OSSL_DECODER *to_obj = NULL;
467             OSSL_DECODER_INSTANCE *to_obj_inst = NULL;
468 
469             /*
470              * Create the internal last resort decoder implementation
471              * together with a "decoder instance".
472              * The decoder doesn't need any identification or to be
473              * attached to any provider, since it's only used locally.
474              */
475             to_obj = ossl_decoder_from_algorithm(0, to_algo, NULL);
476             if (to_obj != NULL)
477                 to_obj_inst = ossl_decoder_instance_new(to_obj, ctx->provctx);
478             OSSL_DECODER_free(to_obj);
479             if (to_obj_inst == NULL)
480                 goto err;
481 
482             if (!ossl_decoder_ctx_add_decoder_inst(ctx->_.file.decoderctx,
483                                                    to_obj_inst)) {
484                 ossl_decoder_instance_free(to_obj_inst);
485                 ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
486                 goto err;
487             }
488         }
489         /* Add on the usual extra decoders */
490         if (!OSSL_DECODER_CTX_add_extra(ctx->_.file.decoderctx,
491                                         libctx, ctx->_.file.propq)) {
492             ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
493             goto err;
494         }
495 
496         /*
497          * Then install our constructor hooks, which just passes decoded
498          * data to the load callback
499          */
500         if (!OSSL_DECODER_CTX_set_construct(ctx->_.file.decoderctx,
501                                             file_load_construct)
502             || !OSSL_DECODER_CTX_set_cleanup(ctx->_.file.decoderctx,
503                                              file_load_cleanup)) {
504             ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
505             goto err;
506         }
507     }
508 
509     ok = 1;
510  err:
511     return ok;
512 }
513 
file_load_file(struct file_ctx_st * ctx,OSSL_CALLBACK * object_cb,void * object_cbarg,OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)514 static int file_load_file(struct file_ctx_st *ctx,
515                           OSSL_CALLBACK *object_cb, void *object_cbarg,
516                           OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
517 {
518     struct file_load_data_st data;
519     int ret, err;
520 
521     /* Setup the decoders (one time shot per session */
522 
523     if (!file_setup_decoders(ctx))
524         return 0;
525 
526     /* Setup for this object */
527 
528     data.object_cb = object_cb;
529     data.object_cbarg = object_cbarg;
530     OSSL_DECODER_CTX_set_construct_data(ctx->_.file.decoderctx, &data);
531     OSSL_DECODER_CTX_set_passphrase_cb(ctx->_.file.decoderctx, pw_cb, pw_cbarg);
532 
533     /* Launch */
534 
535     ERR_set_mark();
536     ret = OSSL_DECODER_from_bio(ctx->_.file.decoderctx, ctx->_.file.file);
537     if (BIO_eof(ctx->_.file.file)
538         && ((err = ERR_peek_last_error()) != 0)
539         && ERR_GET_LIB(err) == ERR_LIB_OSSL_DECODER
540         && ERR_GET_REASON(err) == ERR_R_UNSUPPORTED)
541         ERR_pop_to_mark();
542     else
543         ERR_clear_last_mark();
544     return ret;
545 }
546 
547 /*-
548  *  Loading a name object from a directory
549  *  --------------------------------------
550  */
551 
file_name_to_uri(struct file_ctx_st * ctx,const char * name)552 static char *file_name_to_uri(struct file_ctx_st *ctx, const char *name)
553 {
554     char *data = NULL;
555 
556     assert(name != NULL);
557     {
558         const char *pathsep = ossl_ends_with_dirsep(ctx->uri) ? "" : "/";
559         long calculated_length = strlen(ctx->uri) + strlen(pathsep)
560             + strlen(name) + 1 /* \0 */;
561 
562         data = OPENSSL_zalloc(calculated_length);
563         if (data == NULL) {
564             ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
565             return NULL;
566         }
567 
568         OPENSSL_strlcat(data, ctx->uri, calculated_length);
569         OPENSSL_strlcat(data, pathsep, calculated_length);
570         OPENSSL_strlcat(data, name, calculated_length);
571     }
572     return data;
573 }
574 
file_name_check(struct file_ctx_st * ctx,const char * name)575 static int file_name_check(struct file_ctx_st *ctx, const char *name)
576 {
577     const char *p = NULL;
578     size_t len = strlen(ctx->_.dir.search_name);
579 
580     /* If there are no search criteria, all names are accepted */
581     if (ctx->_.dir.search_name[0] == '\0')
582         return 1;
583 
584     /* If the expected type isn't supported, no name is accepted */
585     if (ctx->expected_type != 0
586         && ctx->expected_type != OSSL_STORE_INFO_CERT
587         && ctx->expected_type != OSSL_STORE_INFO_CRL)
588         return 0;
589 
590     /*
591      * First, check the basename
592      */
593     if (OPENSSL_strncasecmp(name, ctx->_.dir.search_name, len) != 0
594         || name[len] != '.')
595         return 0;
596     p = &name[len + 1];
597 
598     /*
599      * Then, if the expected type is a CRL, check that the extension starts
600      * with 'r'
601      */
602     if (*p == 'r') {
603         p++;
604         if (ctx->expected_type != 0
605             && ctx->expected_type != OSSL_STORE_INFO_CRL)
606             return 0;
607     } else if (ctx->expected_type == OSSL_STORE_INFO_CRL) {
608         return 0;
609     }
610 
611     /*
612      * Last, check that the rest of the extension is a decimal number, at
613      * least one digit long.
614      */
615     if (!isdigit((unsigned char)*p))
616         return 0;
617     while (isdigit((unsigned char)*p))
618         p++;
619 
620 #ifdef __VMS
621     /*
622      * One extra step here, check for a possible generation number.
623      */
624     if (*p == ';')
625         for (p++; *p != '\0'; p++)
626             if (!ossl_isdigit((unsigned char)*p))
627                 break;
628 #endif
629 
630     /*
631      * If we've reached the end of the string at this point, we've successfully
632      * found a fitting file name.
633      */
634     return *p == '\0';
635 }
636 
file_load_dir_entry(struct file_ctx_st * ctx,OSSL_CALLBACK * object_cb,void * object_cbarg,OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)637 static int file_load_dir_entry(struct file_ctx_st *ctx,
638                                OSSL_CALLBACK *object_cb, void *object_cbarg,
639                                OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
640 {
641     /* Prepare as much as possible in advance */
642     static const int object_type = OSSL_OBJECT_NAME;
643     OSSL_PARAM object[] = {
644         OSSL_PARAM_int(OSSL_OBJECT_PARAM_TYPE, (int *)&object_type),
645         OSSL_PARAM_utf8_string(OSSL_OBJECT_PARAM_DATA, NULL, 0),
646         OSSL_PARAM_END
647     };
648     char *newname = NULL;
649     int ok;
650 
651     /* Loop until we get an error or until we have a suitable name */
652     do {
653         if (ctx->_.dir.last_entry == NULL) {
654             if (!ctx->_.dir.end_reached) {
655                 assert(ctx->_.dir.last_errno != 0);
656                 ERR_raise(ERR_LIB_SYS, ctx->_.dir.last_errno);
657             }
658             /* file_eof() will tell if EOF was reached */
659             return 0;
660         }
661 
662         /* flag acceptable names */
663         if (ctx->_.dir.last_entry[0] != '.'
664             && file_name_check(ctx, ctx->_.dir.last_entry)) {
665 
666             /* If we can't allocate the new name, we fail */
667             if ((newname =
668                  file_name_to_uri(ctx, ctx->_.dir.last_entry)) == NULL)
669                 return 0;
670         }
671 
672         /*
673          * On the first call (with a NULL context), OPENSSL_DIR_read()
674          * cares about the second argument.  On the following calls, it
675          * only cares that it isn't NULL.  Therefore, we can safely give
676          * it our URI here.
677          */
678         ctx->_.dir.last_entry = OPENSSL_DIR_read(&ctx->_.dir.ctx, ctx->uri);
679         ctx->_.dir.last_errno = errno;
680         if (ctx->_.dir.last_entry == NULL && ctx->_.dir.last_errno == 0)
681             ctx->_.dir.end_reached = 1;
682     } while (newname == NULL);
683 
684     object[1].data = newname;
685     object[1].data_size = strlen(newname);
686     ok = object_cb(object, object_cbarg);
687     OPENSSL_free(newname);
688     return ok;
689 }
690 
691 /*-
692  *  Loading, local dispatcher
693  *  -------------------------
694  */
695 
file_load(void * loaderctx,OSSL_CALLBACK * object_cb,void * object_cbarg,OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)696 static int file_load(void *loaderctx,
697                      OSSL_CALLBACK *object_cb, void *object_cbarg,
698                      OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
699 {
700     struct file_ctx_st *ctx = loaderctx;
701 
702     switch (ctx->type) {
703     case IS_FILE:
704         return file_load_file(ctx, object_cb, object_cbarg, pw_cb, pw_cbarg);
705     case IS_DIR:
706         return
707             file_load_dir_entry(ctx, object_cb, object_cbarg, pw_cb, pw_cbarg);
708     default:
709         break;
710     }
711 
712     /* ctx->type has an unexpected value */
713     assert(0);
714     return 0;
715 }
716 
717 /*-
718  *  Eof detection and closing
719  *  -------------------------
720  */
721 
file_eof(void * loaderctx)722 static int file_eof(void *loaderctx)
723 {
724     struct file_ctx_st *ctx = loaderctx;
725 
726     switch (ctx->type) {
727     case IS_DIR:
728         return ctx->_.dir.end_reached;
729     case IS_FILE:
730         /*
731          * BIO_pending() checks any filter BIO.
732          * BIO_eof() checks the source BIO.
733          */
734         return !BIO_pending(ctx->_.file.file)
735             && BIO_eof(ctx->_.file.file);
736     }
737 
738     /* ctx->type has an unexpected value */
739     assert(0);
740     return 1;
741 }
742 
file_close_dir(struct file_ctx_st * ctx)743 static int file_close_dir(struct file_ctx_st *ctx)
744 {
745     if (ctx->_.dir.ctx != NULL)
746         OPENSSL_DIR_end(&ctx->_.dir.ctx);
747     free_file_ctx(ctx);
748     return 1;
749 }
750 
file_close_stream(struct file_ctx_st * ctx)751 static int file_close_stream(struct file_ctx_st *ctx)
752 {
753     /*
754      * This frees either the provider BIO filter (for file_attach()) OR
755      * the allocated file BIO (for file_open()).
756      */
757     BIO_free(ctx->_.file.file);
758     ctx->_.file.file = NULL;
759 
760     free_file_ctx(ctx);
761     return 1;
762 }
763 
file_close(void * loaderctx)764 static int file_close(void *loaderctx)
765 {
766     struct file_ctx_st *ctx = loaderctx;
767 
768     switch (ctx->type) {
769     case IS_DIR:
770         return file_close_dir(ctx);
771     case IS_FILE:
772         return file_close_stream(ctx);
773     }
774 
775     /* ctx->type has an unexpected value */
776     assert(0);
777     return 1;
778 }
779 
780 const OSSL_DISPATCH ossl_file_store_functions[] = {
781     { OSSL_FUNC_STORE_OPEN, (void (*)(void))file_open },
782     { OSSL_FUNC_STORE_ATTACH, (void (*)(void))file_attach },
783     { OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS,
784       (void (*)(void))file_settable_ctx_params },
785     { OSSL_FUNC_STORE_SET_CTX_PARAMS, (void (*)(void))file_set_ctx_params },
786     { OSSL_FUNC_STORE_LOAD, (void (*)(void))file_load },
787     { OSSL_FUNC_STORE_EOF, (void (*)(void))file_eof },
788     { OSSL_FUNC_STORE_CLOSE, (void (*)(void))file_close },
789     { 0, NULL },
790 };
791