Fix wp_corebio_get_bio

Author: Andras Fekete

include/wolfprovider/internal.h

@@ -21,6 +21,7 @@
 #include <openssl/core.h>
 #include <openssl/core_names.h>
 #include <openssl/types.h>
+#include <openssl/bio.h>
 
 #ifdef WOLFENGINE_USER_SETTINGS
     #include "user_settings.h"
@@ -129,6 +130,7 @@ typedef struct WOLFPROV_CTX {
    /** Mutex for use of random number generator. */
    wolfSSL_Mutex rng_mutex;
 #endif
+   BIO_METHOD *coreBioMethod;
 } WOLFPROV_CTX;
 
 
@@ -157,8 +159,8 @@ int wp_encrypt_key(WOLFPROV_CTX* provCtx, const char* cipherName,
     unsigned char* keyData, size_t* keyLen, word32 pkcs8Len,
     OSSL_PASSPHRASE_CALLBACK *pwCb, void *pwCbArg, byte** cipherInfo);
 
-int wp_read_der_bio(OSSL_CORE_BIO *coreBio, unsigned char** data, word32* len);
-BIO* wp_corebio_get_bio(OSSL_CORE_BIO *coreBio);
+int wp_read_der_bio(WOLFPROV_CTX* provCtx, OSSL_CORE_BIO *coreBio, unsigned char** data, word32* len);
+BIO* wp_corebio_get_bio(WOLFPROV_CTX* provCtx, OSSL_CORE_BIO *coreBio);
 
 byte wp_ct_byte_mask_eq(byte a, byte b);
 byte wp_ct_byte_mask_ne(byte a, byte b);

src/wp_dec_epki2pki.c

@@ -197,7 +197,7 @@ static int wp_epki2pki_decode(wp_Epki2Pki* ctx, OSSL_CORE_BIO* coreBio,
     (void)selection;
 
     /* Read the data from the BIO into buffer that is allocated on the fly. */
-    if (!wp_read_der_bio(coreBio, &data, &len)) {
+    if (!wp_read_der_bio(ctx->provCtx, coreBio, &data, &len)) {
         ok = 0;
     }
     /* No data - nothing to do. */

src/wp_dec_pem2der.c

@@ -391,7 +391,7 @@ static int wp_pem2der_decode(wp_Pem2Der* ctx, OSSL_CORE_BIO* coreBio,
     (void)selection;
 
     /* Read the data from the BIO into buffer that is allocated on the fly. */
-    if (!wp_read_der_bio(coreBio, &data, &len)) {
+    if (!wp_read_der_bio(ctx->provCtx, coreBio, &data, &len)) {
         ok = 0;
     }
     /* No data - nothing to do. */

src/wp_dh_kmgmt.c

@@ -2114,7 +2114,7 @@ static int wp_dh_decode(wp_DhEncDecCtx* ctx, OSSL_CORE_BIO *cBio,
     if (dh == NULL) {
         ok = 0;
     }
-    if (ok && (!wp_read_der_bio(cBio, &data, &len))) {
+    if (ok && (!wp_read_der_bio(ctx->provCtx, cBio, &data, &len))) {
         ok = 0;
     }
     if (ok && (ctx->format == WP_ENC_FORMAT_TYPE_SPECIFIC)) {
@@ -2421,7 +2421,7 @@ static int wp_dh_encode(wp_DhEncDecCtx* ctx, OSSL_CORE_BIO *cBio,
     int ok = 1;
 #if (LIBWOLFSSL_VERSION_HEX >= 0x05000000 && defined(WOLFSSL_DH_EXTRA))
     int rc;
-    BIO* out = wp_corebio_get_bio(cBio);
+    BIO* out = wp_corebio_get_bio(ctx->provCtx, cBio);
     unsigned char* keyData = NULL;
     size_t keyLen;
     unsigned char* derData = NULL;

src/wp_ecc_kmgmt.c

@@ -2048,7 +2048,7 @@ static int wp_ecc_decode(wp_EccEncDecCtx* ctx, OSSL_CORE_BIO *cBio,
     if (ecc == NULL) {
         ok = 0;
     }
-    if (ok && (!wp_read_der_bio(cBio, &data, &len))) {
+    if (ok && (!wp_read_der_bio(ctx->provCtx, cBio, &data, &len))) {
         ok = 0;
     }
     if (ok && (ctx->format == WP_ENC_FORMAT_TYPE_SPECIFIC)) {
@@ -2393,7 +2393,7 @@ static int wp_ecc_encode(wp_EccEncDecCtx* ctx, OSSL_CORE_BIO *cBio,
 {
     int ok = 1;
     int rc;
-    BIO* out = wp_corebio_get_bio(cBio);
+    BIO* out = wp_corebio_get_bio(ctx->provCtx, cBio);
     unsigned char* keyData = NULL;
     size_t keyLen;
     unsigned char* derData = NULL;

src/wp_ecx_kmgmt.c

@@ -1940,7 +1940,7 @@ static int wp_ecx_decode(wp_EcxEncDecCtx* ctx, OSSL_CORE_BIO* cBio,
     }
 
     if (ok) {
-        ok = wp_read_der_bio(cBio, &data, &len);
+        ok = wp_read_der_bio(ctx->provCtx, cBio, &data, &len);
     }
     if (ok) {
         rc = ctx->decode(data, &idx, (void*)&ecx->key, len);
@@ -1992,7 +1992,7 @@ static int wp_ecx_encode(wp_EcxEncDecCtx* ctx, OSSL_CORE_BIO *cBio,
 {
     int ok = 1;
     int rc;
-    BIO* out = wp_corebio_get_bio(cBio);
+    BIO* out = wp_corebio_get_bio(ctx->provCtx, cBio);
     unsigned char* keyData = NULL;
     size_t keyLen = 0;
     unsigned char derData[160];

src/wp_file_store.c

@@ -115,6 +115,9 @@ static wp_FileCtx* wp_file_open(WOLFPROV_CTX* provCtx, const char* uri)
             ok = 0;
         }
         if (ok) {
+            if (ctx->bio != NULL) {
+                BIO_free(ctx->bio);
+            }
             /* Create a BIO to access file. */
             ctx->bio = BIO_new_file(uri, "rb");
             if (ctx->bio == NULL) {
@@ -145,8 +148,11 @@ static wp_FileCtx* wp_file_attach(WOLFPROV_CTX* provCtx, OSSL_CORE_BIO* cBio)
 
     ctx = wp_filectx_new(provCtx);
     if (ctx != NULL) {
+        if (ctx->bio != NULL) {
+            BIO_free(ctx->bio);
+        }
         /* Get the internal BIO. */
-        ctx->bio = wp_corebio_get_bio(cBio);
+        ctx->bio = wp_corebio_get_bio(provCtx, cBio);
     }
 
     return ctx;

src/wp_internal.c

@@ -687,29 +687,6 @@ int wp_encrypt_key(WOLFPROV_CTX* provCtx, const char* cipherName,
 #endif
 }
 
-/* TODO: Structure could change! */
-/*
- * Copy of Core BIO structure as it isn't public and need to get the BIO out.
- */
-
-#if OPENSSL_VERSION_PREREQ(3,2)
-struct ossl_core_bio_st {
-    /* Reference count. */
-    int ref_cnt;
-    /* Underlying BIO. */
-    BIO *bio;
-};
-#else
-struct ossl_core_bio_st {
-    /* Reference count. */
-    int ref_cnt;
-    /* Read/write reference count lock. */
-    CRYPTO_RWLOCK *ref_lock;
-    /* Underlying BIO. */
-    BIO *bio;
-};
-#endif
-
 /**
  * Read data out of the core BIO.
  *
@@ -719,22 +696,29 @@ struct ossl_core_bio_st {
  * @return  1 on success.
  * @return  0 on failure.
  */
-int wp_read_der_bio(OSSL_CORE_BIO *coreBio, unsigned char** data, word32* len)
+int wp_read_der_bio(WOLFPROV_CTX *provctx, OSSL_CORE_BIO *coreBio, unsigned char** data, word32* len)
 {
     int ok = 1;
-    long readLen;
+    long readLen = 1;
     unsigned char buf[128]; /* Read 128 bytes at a time. */
     unsigned char* p;
 
-    do {
-        readLen = BIO_read(coreBio->bio, buf, sizeof(buf));
+    BIO *bio = wp_corebio_get_bio(provctx, coreBio);
+    if (bio == NULL) {
+        ok = 0;
+    }
+
+    while (ok && (readLen > 0)) {
+        readLen = BIO_read(bio, buf, sizeof(buf));
         if (readLen < -1) {
+            WOLFPROV_MSG(WP_LOG_PROVIDER, "BIO_read error (%d) in %s:%d", readLen, __FILE__, __LINE__);
             ok = 0;
         }
         if (ok && (readLen > 0)) {
             /* Reallocate for new data. */
             p = OPENSSL_realloc(*data, *len + readLen);
             if (p == NULL) {
+                WOLFPROV_MSG(WP_LOG_PROVIDER, "OPENSSL_realloc error (%d) in %s:%d", readLen, __FILE__, __LINE__);
                 ok = 0;
             }
         }
@@ -745,22 +729,42 @@ int wp_read_der_bio(OSSL_CORE_BIO *coreBio, unsigned char** data, word32* len)
             *len += readLen;
         }
     }
-    while (ok && (readLen > 0));
 
+    BIO_free(bio);
     WOLFPROV_LEAVE(WP_LOG_PROVIDER, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok);
     return ok;
 }
 
+static OSSL_FUNC_BIO_up_ref_fn *c_bio_up_ref = NULL;
+static int wolfssl_prov_bio_up_ref(OSSL_CORE_BIO *bio)
+{
+    if (c_bio_up_ref == NULL)
+        return 0;
+    return c_bio_up_ref(bio);
+}
+
 /**
- * Get the underlying BIO from the core BIO.
+ * Get the underlying BIO object from the core BIO.
  *
  * @param [in]  coreBio  Core BIO.
  * @return  NULL on failure.
  * @return  Underlying BIO on success.
  */
-BIO* wp_corebio_get_bio(OSSL_CORE_BIO *coreBio)
+BIO* wp_corebio_get_bio(WOLFPROV_CTX* provCtx, OSSL_CORE_BIO *coreBio)
 {
-    return coreBio->bio;
+    BIO *outBio;
+
+    if ((provCtx == NULL) || (provCtx->coreBioMethod == NULL))
+        return NULL;
+
+    if ((outBio = BIO_new(provCtx->coreBioMethod)) == NULL)
+        return NULL;
+    if (!wolfssl_prov_bio_up_ref(coreBio)) {
+        BIO_free(outBio);
+        return NULL;
+    }
+    BIO_set_data(outBio, coreBio);
+    return outBio;
 }
 
 

src/wp_rsa_kmgmt.c

@@ -1936,7 +1936,7 @@ static int wp_rsa_decode(wp_RsaEncDecCtx* ctx, OSSL_CORE_BIO* cBio,
         ok = 0;
     }
     if (ok) {
-        ok = wp_read_der_bio(cBio, &data, &len);
+        ok = wp_read_der_bio(ctx->provCtx, cBio, &data, &len);
     }
     if (ok && (ctx->format == WP_ENC_FORMAT_SPKI)) {
         if (!wp_rsa_decode_spki(rsa, data, len)) {
@@ -2333,7 +2333,7 @@ static int wp_rsa_encode(wp_RsaEncDecCtx* ctx, OSSL_CORE_BIO* cBio,
 {
     int ok = 1;
     int rc;
-    BIO* out = wp_corebio_get_bio(cBio);
+    BIO *out = wp_corebio_get_bio(ctx->provCtx, cBio);
     unsigned char* keyData = NULL;
     size_t keyLen;
     unsigned char* derData = NULL;
@@ -2468,6 +2468,7 @@ static int wp_rsa_encode(wp_RsaEncDecCtx* ctx, OSSL_CORE_BIO* cBio,
         OPENSSL_free(derData);
         OPENSSL_free(pemData);
     }
+    BIO_free(out);
     WOLFPROV_LEAVE(WP_LOG_PK, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok);
     return ok;
 }