-
Notifications
You must be signed in to change notification settings - Fork 143
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Update API usage to OpenSSL 3 (#989) These changes are supposed to make Themis more compatible with OpenSSL 3 by dropping usage of deprecated functions and using new slternatives instead. There are also places where non-deprecated functions were used, but they turned out to be incompatible with EVP_PKEY* created using newer API. Such places are affected as well, using `#if` macro to conditionally compile code based on target OpenSSL version. Update CMakeLists.txt, add flags * to control building for OpenSSL 3 using WITH_EXPERIMENTAL_OPENSSL_3_SUPPORT * to disable NIST STS tests Create copy of `soter_ec_key.c` that contains newer implementation and uses OpenSSL 3 APIs for key serialization/deserialization routines. Difference from OpenSSL 1.1 includes: * Get rid of `EC_KEY*` * Get rid of `EC_GROUP*`, use string curve identifier instead, extracted from `EVP_PKEY*` using `EVP_PKEY_get_utf8_string_param()` * Get rid of `EC_POINT*`, use `EVP_PKEY_get_octet_string_param()` to extract curve public key from `EVP_PKEY*` directly. Deserialize public EC key directly from provided buffer using `EVP_PKEY_fromdata()`, this same function yields recreated `EVP_PKEY*` in case of success Also, in a different file: * Replace `EVP_MD_CTX_md()` with `EVP_MD_CTX_get0_md()` Update CHANGELOG.md * Update API usage to OpenSSL 3 (RSA) (#993) * Move common RSA util functinos to separate file * Create copy of soter_rsa_key.c for OpenSSL 3 Just a copy for now, OpenSSL 3 specific changes will follow * Rewrite RSA keys serialization * Get rid of `RSA*` struct usage and its depracated methods, extract bigints directly from `EVP_PKEY*` using EVP_PKEY_get_bn_param() * Extract following params for public key: - OSSL_PKEY_PARAM_RSA_N - OSSL_PKEY_PARAM_RSA_E * And a couple of additional ones for private key: - OSSL_PKEY_PARAM_RSA_FACTOR1 (also known as P) - OSSL_PKEY_PARAM_RSA_FACTOR2 (also known as Q) - OSSL_PKEY_PARAM_RSA_EXPONENT1 - OSSL_PKEY_PARAM_RSA_EXPONENT2 - OSSL_PKEY_PARAM_RSA_COEFFICIENT1 * Implement RSA key deserialization, few related fixes Implement public and private key deserialization using new EVP_PKEY_fromdata() function. Get rid of RSA*. Few other places were affected as well because things are quite bound to each other, EVP_PKEY_size() on newer key won't work correctly. * Fix build, minor updates * Fix build * Fix build * Fix build * Fix build * Updates after review * Use EVP_PKEY_private_check() to check private key * Make rsa_mod_size round value to nearest whole byte * Remove few functions completely unused in OpenSSL 3 implementation of RSA routines * Simplify bigint serialization, remove redundant functions Just serialize BIGINTs directly with BN_bn2binpad() instead of using functions that 1) check size 2) serialize number 3) add zeroes padding because BN_bn2binpad() could do all that and return -1 in case destination buffer is too small * Make RSA key serialization functions reuse bigint Use the fact that EVP_PKEY_get_bn_param() could write into existing BIGINT instead of allocating a new one, reuse that single BIGINT for multiple values * Zeroize partially serialized RSA private key on fail * Updates after review * Updates after review * Enable building on Ubuntu 22.04, remove experimental flag * Remove unneeded CI job * Enable build with warnings as errors * Minor updates after review * Fix build * Add few more checks, move common function to separate file * Update CHANGELOG.md * Don't use EVP_PKEY_get_bn_param() for private keys This function uses temporary buffer inside, asks EVP_PKEY_get_params() to put bigint into it, makes BIGINT, doesn't clean the buffer afterwards. Decided to instead call EVP_PKEY_get_params() manually, and free the buffer after usage. Also have to reverse byte order in this case because of the fact that EVP_PKEY_get_params() puts bigints in native-endian. * Attempt to fix implementation on macOS Explicitly zeroize buffers for bigints in case EVP_PKEY_get_params() doesn't add padding * Attempt to fix implementation on macOS Revert back to using BIGNUM* during key serialization, but create it with custom get_bn_param() function. * Fix build Replace EVP_PKEY_get_bn_param -> get_bn_param in one more place, remove memcpy_big_endian() * Updates after review * up version of macos runner and sdk --------- Co-authored-by: Lagovas <[email protected]>
- Loading branch information
1 parent
068a178
commit 542fd9a
Showing
22 changed files
with
1,531 additions
and
268 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
/* | ||
* Copyright (c) 2023 Cossack Labs Limited | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
#ifndef THEMIS_SOTER_BIGNUM_UTILS_H | ||
#define THEMIS_SOTER_BIGNUM_UTILS_H | ||
|
||
#include <openssl/bn.h> | ||
#include <openssl/opensslv.h> | ||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L | ||
#include <openssl/params.h> | ||
#endif | ||
|
||
#if OPENSSL_VERSION_NUMBER < 0x10100000L | ||
/* Simple implementation for OpenSSL <1.1.0 where this function is missing */ | ||
static int BN_bn2binpad(const BIGNUM* a, unsigned char* to, int tolen) | ||
{ | ||
int bn_size = BN_num_bytes(a); | ||
int bytes_copied; | ||
|
||
if (a == NULL || to == NULL) { | ||
return -1; | ||
} | ||
|
||
if (tolen < bn_size) { | ||
return -1; | ||
} | ||
|
||
bytes_copied = BN_bn2bin(a, to + (tolen - bn_size)); | ||
|
||
if (bytes_copied != bn_size) { | ||
return -1; | ||
} | ||
|
||
memset(to, 0, (size_t)(tolen - bn_size)); | ||
|
||
return tolen; | ||
} | ||
#endif | ||
|
||
#if OPENSSL_VERSION_NUMBER >= 0x30000000L | ||
static int get_bn_param( | ||
const EVP_PKEY* pkey, const char* name, unsigned char* buf, size_t buf_size, BIGNUM** bn) | ||
{ | ||
OSSL_PARAM params[2]; | ||
|
||
params[0] = OSSL_PARAM_construct_BN(name, buf, buf_size); | ||
params[1] = OSSL_PARAM_construct_end(); | ||
|
||
if (!EVP_PKEY_get_params(pkey, params)) { | ||
return 0; | ||
} | ||
|
||
return OSSL_PARAM_get_BN(¶ms[0], bn); | ||
} | ||
#endif | ||
|
||
#endif /* THEMIS_SOTER_BIGNUM_UTILS_H */ |
Oops, something went wrong.