[openssl] master update
Richard Levitte
levitte at openssl.org
Sat Feb 27 15:15:27 UTC 2021
The branch master has been updated
via 1d73e2adae9c80d359d6d85c9f65d97a86add542 (commit)
via c8182743a7764ba8c9e61665722cae06fa8edb62 (commit)
via 8ab9c4ddc41830a9bd1be36a8e37ee2abc57e886 (commit)
via 3d364726606424f760211b5015920410ea9c8f0d (commit)
via ad7cb0bf5cb9b014d34327cb35ecdd609a3d4dd4 (commit)
via c0ff1932e446621f43cd607371b7d265370d4bc6 (commit)
from 4ef70dbcf495adfa28efa815c5415dfb9903b92d (commit)
- Log -----------------------------------------------------------------
commit 1d73e2adae9c80d359d6d85c9f65d97a86add542
Author: Richard Levitte <levitte at openssl.org>
Date: Tue Feb 23 22:42:18 2021 +0100
crypto/asn1/i2d_evp.c: Fix i2d_provided() to return a proper length
Fixes #14258
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/14291)
commit c8182743a7764ba8c9e61665722cae06fa8edb62
Author: Richard Levitte <levitte at openssl.org>
Date: Tue Feb 23 22:41:04 2021 +0100
PROV: Implement an EC key -> blob encoder, to get the public key
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/14291)
commit 8ab9c4ddc41830a9bd1be36a8e37ee2abc57e886
Author: Richard Levitte <levitte at openssl.org>
Date: Tue Feb 23 22:39:39 2021 +0100
Modify i2d_PublicKey() so it can get an EC public key as a blob
This introduces the encoder output type "blob", to be used for
anything that outputs an unstructured blob of data.
Fixes #14258
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/14291)
commit 3d364726606424f760211b5015920410ea9c8f0d
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date: Fri Feb 19 13:20:00 2021 -0800
test_ecpub: test that we can decode the DER we encoded
We should be able to round-trip through the encoded DER form of the
EC public key and get back something that compares as equal to the
original key.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14291)
commit ad7cb0bf5cb9b014d34327cb35ecdd609a3d4dd4
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date: Fri Feb 19 13:46:49 2021 -0800
test_ecpub: verify returned length after encoding
Save the length we got from querying how much space was needed, and
check that the actual encoding call returned the same length.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14291)
commit c0ff1932e446621f43cd607371b7d265370d4bc6
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date: Mon Jan 25 12:19:16 2021 -0800
Add test for EC pubkey export/import
There seems to be an issue with i2d_provided() in i2d_evp.c that causes
us to fail to construct a valid chain of encoders for the "type-specific"
output when it's an EC pubkey. This test is designed to exercise that
codepath for a variety of curves.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14291)
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/i2d_evp.c | 54 ++++--
providers/encoders.inc | 5 +-
providers/implementations/encode_decode/build.info | 6 +
.../encode_decode/encode_key2blob.c | 202 +++++++++++++++++++++
.../implementations/include/prov/implementations.h | 2 +
test/evp_extra_test.c | 71 ++++++++
6 files changed, 324 insertions(+), 16 deletions(-)
create mode 100644 providers/implementations/encode_decode/encode_key2blob.c
diff --git a/crypto/asn1/i2d_evp.c b/crypto/asn1/i2d_evp.c
index 6e4f7080c7..2a101a6fa3 100644
--- a/crypto/asn1/i2d_evp.c
+++ b/crypto/asn1/i2d_evp.c
@@ -25,29 +25,42 @@
#include "crypto/asn1.h"
#include "crypto/evp.h"
+struct type_and_structure_st {
+ const char *output_type;
+ const char *output_structure;
+};
+
static int i2d_provided(const EVP_PKEY *a, int selection,
- const char *output_structures[],
+ const struct type_and_structure_st *output_info,
unsigned char **pp)
{
OSSL_ENCODER_CTX *ctx = NULL;
int ret;
for (ret = -1;
- ret == -1 && *output_structures != NULL;
- output_structures++) {
+ ret == -1 && output_info->output_type != NULL;
+ output_info++) {
/*
* The i2d_ calls don't take a boundary length for *pp. However,
- * OSSL_ENCODER_CTX_get_num_encoders() needs one, so we make one
- * up.
+ * OSSL_ENCODER_to_data() needs one, so we make one up. Because
+ * OSSL_ENCODER_to_data() decrements this number by the amount of
+ * bytes written, we need to calculate the length written further
+ * down, when pp != NULL.
*/
size_t len = INT_MAX;
- ctx = OSSL_ENCODER_CTX_new_for_pkey(a, selection, "DER",
- *output_structures, NULL);
+ ctx = OSSL_ENCODER_CTX_new_for_pkey(a, selection,
+ output_info->output_type,
+ output_info->output_structure,
+ NULL);
if (ctx == NULL)
return -1;
- if (OSSL_ENCODER_to_data(ctx, pp, &len))
- ret = (int)len;
+ if (OSSL_ENCODER_to_data(ctx, pp, &len)) {
+ if (pp == NULL)
+ ret = (int)len;
+ else
+ ret = INT_MAX - (int)len;
+ }
OSSL_ENCODER_CTX_free(ctx);
ctx = NULL;
}
@@ -60,9 +73,12 @@ static int i2d_provided(const EVP_PKEY *a, int selection,
int i2d_KeyParams(const EVP_PKEY *a, unsigned char **pp)
{
if (evp_pkey_is_provided(a)) {
- const char *output_structures[] = { "type-specific", NULL };
+ static const struct type_and_structure_st output_info[] = {
+ { "DER", "type-specific" },
+ { NULL, }
+ };
- return i2d_provided(a, EVP_PKEY_KEY_PARAMETERS, output_structures, pp);
+ return i2d_provided(a, EVP_PKEY_KEY_PARAMETERS, output_info, pp);
}
if (a->ameth != NULL && a->ameth->param_encode != NULL)
return a->ameth->param_encode(a, pp);
@@ -78,9 +94,13 @@ int i2d_KeyParams_bio(BIO *bp, const EVP_PKEY *pkey)
int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp)
{
if (evp_pkey_is_provided(a)) {
- const char *output_structures[] = { "type-specific", "pkcs8", NULL };
+ static const struct type_and_structure_st output_info[] = {
+ { "DER", "type-specific" },
+ { "DER", "pkcs8" },
+ { NULL, }
+ };
- return i2d_provided(a, EVP_PKEY_KEYPAIR, output_structures, pp);
+ return i2d_provided(a, EVP_PKEY_KEYPAIR, output_info, pp);
}
if (a->ameth != NULL && a->ameth->old_priv_encode != NULL) {
return a->ameth->old_priv_encode(a, pp);
@@ -102,9 +122,13 @@ int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp)
int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp)
{
if (evp_pkey_is_provided(a)) {
- const char *output_structures[] = { "type-specific", NULL };
+ static const struct type_and_structure_st output_info[] = {
+ { "DER", "type-specific" },
+ { "blob", NULL }, /* for EC */
+ { NULL, }
+ };
- return i2d_provided(a, EVP_PKEY_PUBLIC_KEY, output_structures, pp);
+ return i2d_provided(a, EVP_PKEY_PUBLIC_KEY, output_info, pp);
}
switch (EVP_PKEY_id(a)) {
case EVP_PKEY_RSA:
diff --git a/providers/encoders.inc b/providers/encoders.inc
index e7d11c731b..71f4f13848 100644
--- a/providers/encoders.inc
+++ b/providers/encoders.inc
@@ -104,12 +104,15 @@ ENCODER_w_structure("DSA", dsa, yes, der, type_specific),
ENCODER_w_structure("DSA", dsa, yes, pem, type_specific),
#endif
#ifndef OPENSSL_NO_EC
-/* EC only supports keypair and parameters output. */
+/* EC only supports keypair and parameters DER and PEM output. */
ENCODER_w_structure("EC", ec, yes, der, type_specific_no_pub),
ENCODER_w_structure("EC", ec, yes, pem, type_specific_no_pub),
+/* EC supports blob output for the public key */
+ENCODER("EC", ec, yes, blob),
# ifndef OPENSSL_NO_SM2
ENCODER_w_structure("SM2", sm2, yes, der, type_specific_no_pub),
ENCODER_w_structure("SM2", sm2, yes, pem, type_specific_no_pub),
+ENCODER("SM2", sm2, yes, blob),
# endif
#endif
diff --git a/providers/implementations/encode_decode/build.info b/providers/implementations/encode_decode/build.info
index 55b7d0ad6e..5b8d9f6ef2 100644
--- a/providers/implementations/encode_decode/build.info
+++ b/providers/implementations/encode_decode/build.info
@@ -15,4 +15,10 @@ SOURCE[$ENCODER_GOAL]=endecoder_common.c
SOURCE[$DECODER_GOAL]=decode_der2key.c decode_pem2der.c decode_ms2key.c
SOURCE[$ENCODER_GOAL]=encode_key2any.c encode_key2text.c encode_key2ms.c
+# encode_key2blob.c is only being included when EC is enabled, because we
+# currently only define a "blob" output type for EC public keys. This may
+# change in the future.
+IF[{- !$disabled{ec} -}]
+ SOURCE[$ENCODER_GOAL]=encode_key2blob.c
+ENDIF
DEPEND[encode_key2any.o]=../../common/include/prov/der_rsa.h
diff --git a/providers/implementations/encode_decode/encode_key2blob.c b/providers/implementations/encode_decode/encode_key2blob.c
new file mode 100644
index 0000000000..2e5e581391
--- /dev/null
+++ b/providers/implementations/encode_decode/encode_key2blob.c
@@ -0,0 +1,202 @@
+/*
+ * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * Low level APIs are deprecated for public use, but still ok for internal use.
+ */
+#include "internal/deprecated.h"
+
+#include <openssl/core.h>
+#include <openssl/core_dispatch.h>
+#include <openssl/core_names.h>
+#include <openssl/params.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/ec.h>
+#include "internal/passphrase.h"
+#include "internal/nelem.h"
+#include "prov/implementations.h"
+#include "prov/bio.h"
+#include "prov/provider_ctx.h"
+#include "endecoder_local.h"
+
+static int write_blob(void *provctx, OSSL_CORE_BIO *cout,
+ void *data, int len)
+{
+ BIO *out = bio_new_from_core_bio(provctx, cout);
+ int ret = BIO_write(out, data, len);
+
+ BIO_free(out);
+ return ret;
+}
+
+static OSSL_FUNC_encoder_newctx_fn key2blob_newctx;
+static OSSL_FUNC_encoder_freectx_fn key2blob_freectx;
+static OSSL_FUNC_encoder_gettable_params_fn key2blob_gettable_params;
+static OSSL_FUNC_encoder_get_params_fn key2blob_get_params;
+
+static void *key2blob_newctx(void *provctx)
+{
+ return provctx;
+}
+
+static void key2blob_freectx(void *vctx)
+{
+}
+
+static const OSSL_PARAM *key2blob_gettable_params(ossl_unused void *provctx)
+{
+ static const OSSL_PARAM gettables[] = {
+ { OSSL_ENCODER_PARAM_OUTPUT_TYPE, OSSL_PARAM_UTF8_PTR, NULL, 0, 0 },
+ OSSL_PARAM_END,
+ };
+
+ return gettables;
+}
+
+static int key2blob_get_params(OSSL_PARAM params[])
+{
+ OSSL_PARAM *p;
+
+ p = OSSL_PARAM_locate(params, OSSL_ENCODER_PARAM_OUTPUT_TYPE);
+ if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "blob"))
+ return 0;
+
+ return 1;
+}
+
+static int key2blob_check_selection(int selection, int selection_mask)
+{
+ /*
+ * The selections are kinda sorta "levels", i.e. each selection given
+ * here is assumed to include those following.
+ */
+ int checks[] = {
+ OSSL_KEYMGMT_SELECT_PRIVATE_KEY,
+ OSSL_KEYMGMT_SELECT_PUBLIC_KEY,
+ OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
+ };
+ size_t i;
+
+ /* The decoder implementations made here support guessing */
+ if (selection == 0)
+ return 1;
+
+ for (i = 0; i < OSSL_NELEM(checks); i++) {
+ int check1 = (selection & checks[i]) != 0;
+ int check2 = (selection_mask & checks[i]) != 0;
+
+ /*
+ * If the caller asked for the currently checked bit(s), return
+ * whether the decoder description says it's supported.
+ */
+ if (check1)
+ return check2;
+ }
+
+ /* This should be dead code, but just to be safe... */
+ return 0;
+}
+
+static int key2blob_encode(void *vctx, const void *key, int selection,
+ OSSL_CORE_BIO *cout)
+{
+ int pubkey_len = 0, ok = 0;
+ unsigned char *pubkey = NULL;
+
+ pubkey_len = i2o_ECPublicKey(key, &pubkey);
+ if (pubkey_len > 0 && pubkey != NULL)
+ ok = write_blob(vctx, cout, pubkey, pubkey_len);
+ OPENSSL_free(pubkey);
+ return ok;
+}
+
+/*
+ * MAKE_BLOB_ENCODER() Makes an OSSL_DISPATCH table for a particular key->blob
+ * encoder
+ *
+ * impl: The keytype to encode
+ * type: The C structure type holding the key data
+ * selection_name: The acceptable selections. This translates into
+ * the macro EVP_PKEY_##selection_name.
+ *
+ * The selection is understood as a "level" rather than an exact set of
+ * requests from the caller. The encoder has to decide what contents fit
+ * the encoded format. For example, the EC public key blob will only contain
+ * the encoded public key itself, no matter if the selection bits include
+ * OSSL_KEYMGMT_SELECT_PARAMETERS or not. However, if the selection includes
+ * OSSL_KEYMGMT_SELECT_PRIVATE_KEY, the same encoder will simply refuse to
+ * cooperate, because it cannot output the private key.
+ *
+ * EVP_PKEY_##selection_name are convenience macros that combine "typical"
+ * OSSL_KEYMGMT_SELECT_ macros for a certain type of EVP_PKEY content.
+ */
+#define MAKE_BLOB_ENCODER(impl, type, selection_name) \
+ static OSSL_FUNC_encoder_import_object_fn \
+ impl##2blob_import_object; \
+ static OSSL_FUNC_encoder_free_object_fn impl##2blob_free_object; \
+ static OSSL_FUNC_encoder_does_selection_fn \
+ impl##2blob_does_selection; \
+ static OSSL_FUNC_encoder_encode_fn impl##2blob_encode; \
+ \
+ static void *impl##2blob_import_object(void *ctx, int selection, \
+ const OSSL_PARAM params[]) \
+ { \
+ return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \
+ ctx, selection, params); \
+ } \
+ static void impl##2blob_free_object(void *key) \
+ { \
+ ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \
+ } \
+ static int impl##2blob_does_selection(void *ctx, int selection) \
+ { \
+ return key2blob_check_selection(selection, \
+ EVP_PKEY_##selection_name); \
+ } \
+ static int impl##2blob_encode(void *vctx, OSSL_CORE_BIO *cout, \
+ const void *key, \
+ const OSSL_PARAM key_abstract[], \
+ int selection, \
+ OSSL_PASSPHRASE_CALLBACK *cb, \
+ void *cbarg) \
+ { \
+ /* We don't deal with abstract objects */ \
+ if (key_abstract != NULL) { \
+ ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \
+ return 0; \
+ } \
+ return key2blob_encode(vctx, key, selection, cout); \
+ } \
+ const OSSL_DISPATCH ossl_##impl##_to_blob_encoder_functions[] = { \
+ { OSSL_FUNC_ENCODER_NEWCTX, \
+ (void (*)(void))key2blob_newctx }, \
+ { OSSL_FUNC_ENCODER_FREECTX, \
+ (void (*)(void))key2blob_freectx }, \
+ { OSSL_FUNC_ENCODER_GETTABLE_PARAMS, \
+ (void (*)(void))key2blob_gettable_params }, \
+ { OSSL_FUNC_ENCODER_GET_PARAMS, \
+ (void (*)(void))key2blob_get_params }, \
+ { OSSL_FUNC_ENCODER_DOES_SELECTION, \
+ (void (*)(void))impl##2blob_does_selection }, \
+ { OSSL_FUNC_ENCODER_IMPORT_OBJECT, \
+ (void (*)(void))impl##2blob_import_object }, \
+ { OSSL_FUNC_ENCODER_FREE_OBJECT, \
+ (void (*)(void))impl##2blob_free_object }, \
+ { OSSL_FUNC_ENCODER_ENCODE, \
+ (void (*)(void))impl##2blob_encode }, \
+ { 0, NULL } \
+ }
+
+#ifndef OPENSSL_NO_EC
+MAKE_BLOB_ENCODER(ec, ec, PUBLIC_KEY);
+# ifndef OPENSSL_NO_SM2
+MAKE_BLOB_ENCODER(sm2, ec, PUBLIC_KEY);
+# endif
+#endif
diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h
index 8321dd92b4..20d6b84021 100644
--- a/providers/implementations/include/prov/implementations.h
+++ b/providers/implementations/include/prov/implementations.h
@@ -380,6 +380,7 @@ extern const OSSL_DISPATCH ossl_dsa_to_text_encoder_functions[];
extern const OSSL_DISPATCH ossl_ec_to_EC_der_encoder_functions[];
extern const OSSL_DISPATCH ossl_ec_to_EC_pem_encoder_functions[];
+extern const OSSL_DISPATCH ossl_ec_to_blob_encoder_functions[];
extern const OSSL_DISPATCH ossl_ec_to_PKCS8_der_encoder_functions[];
extern const OSSL_DISPATCH ossl_ec_to_PKCS8_pem_encoder_functions[];
extern const OSSL_DISPATCH ossl_ec_to_SubjectPublicKeyInfo_der_encoder_functions[];
@@ -393,6 +394,7 @@ extern const OSSL_DISPATCH ossl_ec_to_text_encoder_functions[];
#ifndef OPENSSL_NO_SM2
extern const OSSL_DISPATCH ossl_sm2_to_SM2_der_encoder_functions[];
extern const OSSL_DISPATCH ossl_sm2_to_SM2_pem_encoder_functions[];
+extern const OSSL_DISPATCH ossl_sm2_to_blob_encoder_functions[];
extern const OSSL_DISPATCH ossl_sm2_to_PKCS8_der_encoder_functions[];
extern const OSSL_DISPATCH ossl_sm2_to_PKCS8_pem_encoder_functions[];
extern const OSSL_DISPATCH ossl_sm2_to_SubjectPublicKeyInfo_der_encoder_functions[];
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index 845752fae4..2195f21a9d 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -2415,6 +2415,74 @@ err:
return ret;
}
+#ifndef OPENSSL_NO_EC
+static int ecpub_nids[] = { NID_brainpoolP256r1, NID_X9_62_prime256v1,
+ NID_secp384r1, NID_secp521r1, NID_sect233k1, NID_sect233r1, NID_sect283r1,
+ NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1,
+ NID_brainpoolP384r1, NID_brainpoolP512r1};
+
+static int test_ecpub(int idx)
+{
+ int ret = 0, len, savelen;
+ int nid;
+ unsigned char buf[1024];
+ unsigned char *p;
+ EVP_PKEY *pkey = NULL;
+ EVP_PKEY_CTX *ctx = NULL;
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+ const unsigned char *q;
+ EVP_PKEY *pkey2 = NULL;
+ EC_KEY *ec = NULL;
+# endif
+
+ nid = ecpub_nids[idx];
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
+ if (!TEST_ptr(ctx)
+ || !TEST_true(EVP_PKEY_keygen_init(ctx))
+ || !TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid))
+ || !TEST_true(EVP_PKEY_keygen(ctx, &pkey)))
+ goto done;
+ len = i2d_PublicKey(pkey, NULL);
+ savelen = len;
+ if (!TEST_int_ge(len, 1)
+ || !TEST_int_lt(len, 1024))
+ goto done;
+ p = buf;
+ len = i2d_PublicKey(pkey, &p);
+ if (!TEST_int_ge(len, 1)
+ || !TEST_int_eq(len, savelen))
+ goto done;
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+ /* Now try to decode the just-created DER. */
+ q = buf;
+ if (!TEST_ptr((pkey2 = EVP_PKEY_new()))
+ || !TEST_ptr((ec = EC_KEY_new_by_curve_name(nid)))
+ || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey2, ec)))
+ goto done;
+ /* EC_KEY ownership transferred */
+ ec = NULL;
+ if (!TEST_ptr(d2i_PublicKey(EVP_PKEY_EC, &pkey2, &q, savelen)))
+ goto done;
+ /* The keys should match. */
+ if (!TEST_int_eq(EVP_PKEY_cmp(pkey, pkey2), 1))
+ goto done;
+# endif
+
+ ret = 1;
+
+ done:
+ EVP_PKEY_CTX_free(ctx);
+ EVP_PKEY_free(pkey);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+ EVP_PKEY_free(pkey2);
+ EC_KEY_free(ec);
+# endif
+ return ret;
+}
+#endif
+
static int test_EVP_rsa_pss_with_keygen_bits(void)
{
int ret;
@@ -2556,6 +2624,9 @@ int setup_tests(void)
ADD_TEST(test_rand_agglomeration);
ADD_ALL_TESTS(test_evp_iv, 10);
ADD_TEST(test_EVP_rsa_pss_with_keygen_bits);
+#ifndef OPENSSL_NO_EC
+ ADD_ALL_TESTS(test_ecpub, OSSL_NELEM(ecpub_nids));
+#endif
ADD_TEST(test_names_do_all);
More information about the openssl-commits
mailing list