xref: /freebsd/crypto/openssl/crypto/ui/ui_util.c (revision f25b8c9fb4f58cf61adb47d7570abe7caa6d385d) 
1 /*
2  * Copyright 2002-2023 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <string.h>
11 #include <openssl/pem.h> /* PEM_def_callback() */
12 #include "internal/thread_once.h"
13 #include "ui_local.h"
14 
15 #ifndef BUFSIZ
16 #define BUFSIZ 256
17 #endif
18 
UI_UTIL_read_pw_string(char * buf,int length,const char * prompt,int verify)19 int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
20     int verify)
21 {
22     char buff[BUFSIZ];
23     int ret;
24 
25     ret = UI_UTIL_read_pw(buf, buff, (length > BUFSIZ) ? BUFSIZ : length,
26         prompt, verify);
27     OPENSSL_cleanse(buff, BUFSIZ);
28     return ret;
29 }
30 
UI_UTIL_read_pw(char * buf,char * buff,int size,const char * prompt,int verify)31 int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
32     int verify)
33 {
34     int ok = -2;
35     UI *ui;
36 
37     if (size < 1)
38         return -1;
39 
40     ui = UI_new();
41     if (ui != NULL) {
42         ok = UI_add_input_string(ui, prompt, 0, buf, 0, size - 1);
43         if (ok >= 0 && verify)
44             ok = UI_add_verify_string(ui, prompt, 0, buff, 0, size - 1, buf);
45         if (ok >= 0)
46             ok = UI_process(ui);
47         UI_free(ui);
48     }
49     return ok;
50 }
51 
52 /*
53  * Wrapper around pem_password_cb, a method to help older APIs use newer
54  * ones.
55  */
56 struct pem_password_cb_data {
57     pem_password_cb *cb;
58     int rwflag;
59 };
60 
ui_new_method_data(void * parent,void * ptr,CRYPTO_EX_DATA * ad,int idx,long argl,void * argp)61 static void ui_new_method_data(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
62     int idx, long argl, void *argp)
63 {
64     /*
65      * Do nothing, the data is allocated externally and assigned later with
66      * CRYPTO_set_ex_data()
67      */
68 }
69 
ui_dup_method_data(CRYPTO_EX_DATA * to,const CRYPTO_EX_DATA * from,void ** pptr,int idx,long argl,void * argp)70 static int ui_dup_method_data(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
71     void **pptr, int idx, long argl, void *argp)
72 {
73     if (*pptr != NULL) {
74         *pptr = OPENSSL_memdup(*pptr, sizeof(struct pem_password_cb_data));
75         if (*pptr != NULL)
76             return 1;
77     }
78     return 0;
79 }
80 
ui_free_method_data(void * parent,void * ptr,CRYPTO_EX_DATA * ad,int idx,long argl,void * argp)81 static void ui_free_method_data(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
82     int idx, long argl, void *argp)
83 {
84     OPENSSL_free(ptr);
85 }
86 
87 static CRYPTO_ONCE get_index_once = CRYPTO_ONCE_STATIC_INIT;
88 static int ui_method_data_index = -1;
DEFINE_RUN_ONCE_STATIC(ui_method_data_index_init)89 DEFINE_RUN_ONCE_STATIC(ui_method_data_index_init)
90 {
91     ui_method_data_index = CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI_METHOD,
92         0, NULL, ui_new_method_data,
93         ui_dup_method_data,
94         ui_free_method_data);
95     return 1;
96 }
97 
ui_open(UI * ui)98 static int ui_open(UI *ui)
99 {
100     return 1;
101 }
ui_read(UI * ui,UI_STRING * uis)102 static int ui_read(UI *ui, UI_STRING *uis)
103 {
104     switch (UI_get_string_type(uis)) {
105     case UIT_PROMPT: {
106         int len;
107         char result[PEM_BUFSIZE + 1]; /* reserve one byte at the end */
108         const struct pem_password_cb_data *data = UI_method_get_ex_data(UI_get_method(ui), ui_method_data_index);
109         int maxsize = UI_get_result_maxsize(uis);
110 
111         if (maxsize > PEM_BUFSIZE)
112             maxsize = PEM_BUFSIZE;
113         len = data->cb(result, maxsize, data->rwflag,
114             UI_get0_user_data(ui));
115         if (len > maxsize)
116             return -1;
117         if (len >= 0)
118             result[len] = '\0';
119         if (len < 0)
120             return len;
121         if (UI_set_result_ex(ui, uis, result, len) >= 0)
122             return 1;
123         return 0;
124     }
125     case UIT_VERIFY:
126     case UIT_NONE:
127     case UIT_BOOLEAN:
128     case UIT_INFO:
129     case UIT_ERROR:
130         break;
131     }
132     return 1;
133 }
ui_write(UI * ui,UI_STRING * uis)134 static int ui_write(UI *ui, UI_STRING *uis)
135 {
136     return 1;
137 }
ui_close(UI * ui)138 static int ui_close(UI *ui)
139 {
140     return 1;
141 }
142 
UI_UTIL_wrap_read_pem_callback(pem_password_cb * cb,int rwflag)143 UI_METHOD *UI_UTIL_wrap_read_pem_callback(pem_password_cb *cb, int rwflag)
144 {
145     struct pem_password_cb_data *data = NULL;
146     UI_METHOD *ui_method = NULL;
147 
148     if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL
149         || (ui_method = UI_create_method("PEM password callback wrapper")) == NULL
150         || UI_method_set_opener(ui_method, ui_open) < 0
151         || UI_method_set_reader(ui_method, ui_read) < 0
152         || UI_method_set_writer(ui_method, ui_write) < 0
153         || UI_method_set_closer(ui_method, ui_close) < 0
154         || !RUN_ONCE(&get_index_once, ui_method_data_index_init)
155         || !UI_method_set_ex_data(ui_method, ui_method_data_index, data)) {
156         UI_destroy_method(ui_method);
157         OPENSSL_free(data);
158         return NULL;
159     }
160     data->rwflag = rwflag;
161     data->cb = cb != NULL ? cb : PEM_def_callback;
162 
163     return ui_method;
164 }
165