[openssl] master update
Matt Caswell
matt at openssl.org
Thu Apr 23 09:55:57 UTC 2020
The branch master has been updated
via aa45c4a9d35a8082c7ba326c19b97200001c9d82 (commit)
via 1a7328c8825627f723be624ddbc7e5bfb40f8fd5 (commit)
via 4c627d86351996d63d607960a0569248b96e63a8 (commit)
via 3b924da0f0e88edf60c561703ea40f63e418c45d (commit)
from 916b1f83d094fe2e0f7dea1e24f4eac3287a4157 (commit)
- Log -----------------------------------------------------------------
commit aa45c4a9d35a8082c7ba326c19b97200001c9d82
Author: Richard Levitte <levitte at openssl.org>
Date: Mon Apr 20 21:35:03 2020 +0200
PROV: Ensure that EC keys have a default digest
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11576)
commit 1a7328c8825627f723be624ddbc7e5bfb40f8fd5
Author: Richard Levitte <levitte at openssl.org>
Date: Mon Apr 20 09:29:47 2020 +0200
PROV: Ensure that ED25519 & ED448 keys have a mandatory digest
This adds handling of the parameter "mandatory-digest" and responds
with an empty string, meaning that no digest may be used.
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11576)
commit 4c627d86351996d63d607960a0569248b96e63a8
Author: Richard Levitte <levitte at openssl.org>
Date: Mon Apr 20 09:29:16 2020 +0200
EVP: Fix EVP_Digest{Sign,Verify}Init() to handle no default digest
EVP_DigestSignInit() and EVP_DigestVerifyInit() would detect if there
is no default digest when using legacy (EVP_PKEY_ASN1_METHOD)
implementations. However, it doesn't do that when provider side keys
are used.
Furthermore, because EVP_PKEY_get_default_digest_name() was used in
the portion of the code that uses the provider implementation, the
EVP_PKEY_ASN1_METHOD would be used if the key has one attached. This
is now changed to use evp_keymgmt_util_get_deflt_digest_name()
instead.
Finally, we make sure to detect if the provider implementation
supports the digest name parameters (default or mandatory), and
returns with error if not. This is what the legacy portion of the
code does.
Fixes #11571
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11576)
commit 3b924da0f0e88edf60c561703ea40f63e418c45d
Author: Richard Levitte <levitte at openssl.org>
Date: Mon Apr 20 09:14:59 2020 +0200
EVP: add internal evp_keymgmt_util_get_deflt_digest_name() and use it
evp_keymgmt_util_get_deflt_digest_name() is a refactor of the provider
side key part of EVP_PKEY_get_default_digest_name(), that takes
EVP_KEYMGMT and provider keydata pointers instead of an EVP_PKEY
pointer.
We also ensure that it uses SN_undef as the default name if the
provider implementation gave us an empty string, since this is what
EVP_PKEY_get_default_digest_name() responds when getting the digest
name via a EVP_PKEY_ASN1_METHOD ctrl call that returns NID_undef.
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11576)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/keymgmt_lib.c | 48 +++++++++++++++++++++++++
crypto/evp/m_sigver.c | 14 +++++---
crypto/evp/p_lib.c | 26 +++-----------
doc/man3/EVP_PKEY_get_default_digest_nid.pod | 3 +-
doc/man7/EVP_PKEY-X25519.pod | 10 ++++++
include/crypto/evp.h | 4 ++-
providers/implementations/keymgmt/ec_kmgmt.c | 5 +++
providers/implementations/keymgmt/ecx_kmgmt.c | 50 ++++++++++++++++++++++++---
8 files changed, 127 insertions(+), 33 deletions(-)
diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c
index 6c66bfa72d..9cf8ccbddc 100644
--- a/crypto/evp/keymgmt_lib.c
+++ b/crypto/evp/keymgmt_lib.c
@@ -412,3 +412,51 @@ void *evp_keymgmt_util_gen(EVP_PKEY *target, EVP_KEYMGMT *keymgmt,
return keydata;
}
+
+/*
+ * Returns the same numbers as EVP_PKEY_get_default_digest_name()
+ * When the string from the EVP_KEYMGMT implementation is "", we use
+ * SN_undef, since that corresponds to what EVP_PKEY_get_default_nid()
+ * returns for no digest.
+ */
+int evp_keymgmt_util_get_deflt_digest_name(EVP_KEYMGMT *keymgmt,
+ void *keydata,
+ char *mdname, size_t mdname_sz)
+{
+ OSSL_PARAM params[3];
+ char mddefault[100] = "";
+ char mdmandatory[100] = "";
+ char *result = NULL;
+ int rv = -2;
+
+ params[0] =
+ OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_DEFAULT_DIGEST,
+ mddefault, sizeof(mddefault));
+ params[0].return_size = sizeof(mddefault) + 1;
+ params[1] =
+ OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_MANDATORY_DIGEST,
+ mdmandatory,
+ sizeof(mdmandatory));
+ params[1].return_size = sizeof(mdmandatory) + 1;
+ params[2] = OSSL_PARAM_construct_end();
+
+ if (!evp_keymgmt_get_params(keymgmt, keydata, params))
+ return 0;
+
+ if (params[1].return_size != sizeof(mdmandatory) + 1) {
+ if (params[1].return_size == 1) /* Only a NUL byte */
+ result = SN_undef;
+ else
+ result = mdmandatory;
+ rv = 2;
+ } else if (params[0].return_size != sizeof(mddefault) + 1) {
+ if (params[0].return_size == 1) /* Only a NUL byte */
+ result = SN_undef;
+ else
+ result = mddefault;
+ rv = 1;
+ }
+ if (rv > 0)
+ OPENSSL_strlcpy(mdname, result, mdname_sz);
+ return rv;
+}
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 8dd4207d17..148d29fd90 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -152,10 +152,16 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
if (mdname == NULL)
mdname = canon_mdname(EVP_MD_name(type));
} else {
- if (mdname == NULL
- && EVP_PKEY_get_default_digest_name(locpctx->pkey, locmdname,
- sizeof(locmdname)))
- mdname = canon_mdname(locmdname);
+ if (mdname == NULL) {
+ if (evp_keymgmt_util_get_deflt_digest_name(tmp_keymgmt, provkey,
+ locmdname,
+ sizeof(locmdname)) > 0) {
+ mdname = canon_mdname(locmdname);
+ } else {
+ EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
+ return 0;
+ }
+ }
if (mdname != NULL) {
/*
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index fa166958f0..2d41dafccb 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1007,28 +1007,10 @@ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey,
char *mdname, size_t mdname_sz)
{
- if (pkey->ameth == NULL) {
- OSSL_PARAM params[3];
- char mddefault[100] = "";
- char mdmandatory[100] = "";
-
- params[0] =
- OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_DEFAULT_DIGEST,
- mddefault, sizeof(mddefault));
- params[1] =
- OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_MANDATORY_DIGEST,
- mdmandatory,
- sizeof(mdmandatory));
- params[2] = OSSL_PARAM_construct_end();
- if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params))
- return 0;
- if (mdmandatory[0] != '\0') {
- OPENSSL_strlcpy(mdname, mdmandatory, mdname_sz);
- return 2;
- }
- OPENSSL_strlcpy(mdname, mddefault, mdname_sz);
- return 1;
- }
+ if (pkey->ameth == NULL)
+ return evp_keymgmt_util_get_deflt_digest_name(pkey->keymgmt,
+ pkey->keydata,
+ mdname, mdname_sz);
{
int nid = NID_undef;
diff --git a/doc/man3/EVP_PKEY_get_default_digest_nid.pod b/doc/man3/EVP_PKEY_get_default_digest_nid.pod
index 4a4ca4cad4..f23552d747 100644
--- a/doc/man3/EVP_PKEY_get_default_digest_nid.pod
+++ b/doc/man3/EVP_PKEY_get_default_digest_nid.pod
@@ -18,7 +18,8 @@ EVP_PKEY_get_default_digest_nid, EVP_PKEY_get_default_digest_name
EVP_PKEY_get_default_digest_name() fills in the default message digest
name for the public key signature operations associated with key
I<pkey> into I<mdname>, up to at most I<mdname_sz> bytes including the
-ending NUL byte.
+ending NUL byte. The name could be C<"UNDEF">, signifying that no digest
+should be used.
EVP_PKEY_get_default_digest_nid() sets I<pnid> to the default message
digest NID for the public key signature operations associated with key
diff --git a/doc/man7/EVP_PKEY-X25519.pod b/doc/man7/EVP_PKEY-X25519.pod
index 1afa52d041..dd3e68f109 100644
--- a/doc/man7/EVP_PKEY-X25519.pod
+++ b/doc/man7/EVP_PKEY-X25519.pod
@@ -28,6 +28,16 @@ The private key value.
=back
+=head2 ED25519 and ED448 parameters
+
+=over 4
+
+=item "mandatory-digest" (B<OSSL_PKEY_PARAM_MANDATORY_DIGEST>) <utf8 string>
+
+The empty string, signifying that no digest may be specified.
+
+=back
+
=head1 CONFORMING TO
=over 4
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 3f9cc9c683..7179d2adec 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -655,7 +655,9 @@ int evp_keymgmt_util_match(EVP_PKEY *pk1, EVP_PKEY *pk2, int selection);
int evp_keymgmt_util_copy(EVP_PKEY *to, EVP_PKEY *from, int selection);
void *evp_keymgmt_util_gen(EVP_PKEY *target, EVP_KEYMGMT *keymgmt,
void *genctx, OSSL_CALLBACK *cb, void *cbarg);
-
+int evp_keymgmt_util_get_deflt_digest_name(EVP_KEYMGMT *keymgmt,
+ void *keydata,
+ char *mdname, size_t mdname_sz);
/*
* KEYMGMT provider interface functions
diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c
index 467004c783..9466b4fd0b 100644
--- a/providers/implementations/keymgmt/ec_kmgmt.c
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
@@ -49,6 +49,7 @@ static OSSL_OP_keymgmt_export_fn ec_export;
static OSSL_OP_keymgmt_export_types_fn ec_export_types;
static OSSL_OP_keymgmt_query_operation_name_fn ec_query_operation_name;
+#define EC_DEFAULT_MD "SHA256"
#define EC_POSSIBLE_SELECTIONS \
(OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS)
@@ -491,6 +492,10 @@ int ec_get_params(void *key, OSSL_PARAM params[])
return 0;
}
+ if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL
+ && !OSSL_PARAM_set_utf8_string(p, EC_DEFAULT_MD))
+ return 0;
+
p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_USE_COFACTOR_ECDH);
if (p != NULL) {
int ecdh_cofactor_mode = 0;
diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c
index c9105f777d..2ba8f53e5a 100644
--- a/providers/implementations/keymgmt/ecx_kmgmt.c
+++ b/providers/implementations/keymgmt/ecx_kmgmt.c
@@ -42,7 +42,10 @@ static OSSL_OP_keymgmt_get_params_fn x25519_get_params;
static OSSL_OP_keymgmt_get_params_fn x448_get_params;
static OSSL_OP_keymgmt_get_params_fn ed25519_get_params;
static OSSL_OP_keymgmt_get_params_fn ed448_get_params;
-static OSSL_OP_keymgmt_gettable_params_fn ecx_gettable_params;
+static OSSL_OP_keymgmt_gettable_params_fn x25519_gettable_params;
+static OSSL_OP_keymgmt_gettable_params_fn x448_gettable_params;
+static OSSL_OP_keymgmt_gettable_params_fn ed25519_gettable_params;
+static OSSL_OP_keymgmt_gettable_params_fn ed448_gettable_params;
static OSSL_OP_keymgmt_has_fn ecx_has;
static OSSL_OP_keymgmt_import_fn ecx_import;
static OSSL_OP_keymgmt_import_types_fn ecx_imexport_types;
@@ -207,6 +210,17 @@ static int ecx_get_params(void *key, OSSL_PARAM params[], int bits, int secbits,
return key_to_params(ecx, NULL, params);
}
+static int ed_get_params(void *key, OSSL_PARAM params[])
+{
+ OSSL_PARAM *p;
+
+ if ((p = OSSL_PARAM_locate(params,
+ OSSL_PKEY_PARAM_MANDATORY_DIGEST)) != NULL
+ && !OSSL_PARAM_set_utf8_string(p, ""))
+ return 0;
+ return 1;
+}
+
static int x25519_get_params(void *key, OSSL_PARAM params[])
{
return ecx_get_params(key, params, X25519_BITS, X25519_SECURITY_BITS,
@@ -222,16 +236,27 @@ static int x448_get_params(void *key, OSSL_PARAM params[])
static int ed25519_get_params(void *key, OSSL_PARAM params[])
{
return ecx_get_params(key, params, ED25519_BITS, ED25519_SECURITY_BITS,
- ED25519_KEYLEN);
+ ED25519_KEYLEN)
+ && ed_get_params(key, params);
}
static int ed448_get_params(void *key, OSSL_PARAM params[])
{
return ecx_get_params(key, params, ED448_BITS, ED448_SECURITY_BITS,
- ED448_KEYLEN);
+ ED448_KEYLEN)
+ && ed_get_params(key, params);
}
static const OSSL_PARAM ecx_params[] = {
+ OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
+ OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
+ OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
+ OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_MANDATORY_DIGEST, NULL, 0),
+ ECX_KEY_TYPES(),
+ OSSL_PARAM_END
+};
+
+static const OSSL_PARAM ed_params[] = {
OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
@@ -239,11 +264,26 @@ static const OSSL_PARAM ecx_params[] = {
OSSL_PARAM_END
};
-static const OSSL_PARAM *ecx_gettable_params(void)
+static const OSSL_PARAM *x25519_gettable_params(void)
+{
+ return ecx_params;
+}
+
+static const OSSL_PARAM *x448_gettable_params(void)
{
return ecx_params;
}
+static const OSSL_PARAM *ed25519_gettable_params(void)
+{
+ return ed_params;
+}
+
+static const OSSL_PARAM *ed448_gettable_params(void)
+{
+ return ed_params;
+}
+
static void *ecx_gen_init(void *provctx, int selection, ECX_KEY_TYPE type)
{
OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
@@ -383,7 +423,7 @@ static void ecx_gen_cleanup(void *genctx)
{ OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))alg##_new_key }, \
{ OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))ecx_key_free }, \
{ OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))alg##_get_params }, \
- { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))ecx_gettable_params }, \
+ { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))alg##_gettable_params }, \
{ OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))ecx_has }, \
{ OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))ecx_import }, \
{ OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))ecx_imexport_types }, \
More information about the openssl-commits
mailing list