diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index 0461363e3..2ac252aab 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.166 2024/01/13 12:18:52 tb Exp $ +# $OpenBSD: Makefile,v 1.167 2024/01/27 17:14:33 tb Exp $ LIB= crypto LIBREBUILD=y @@ -387,8 +387,6 @@ SRCS+= m_sigver.c SRCS+= m_sm3.c SRCS+= m_streebog.c SRCS+= m_wp.c -SRCS+= p5_crpt.c -SRCS+= p5_crpt2.c SRCS+= p_legacy.c SRCS+= p_lib.c SRCS+= p_sign.c @@ -485,7 +483,6 @@ SRCS+= pvkfmt.c SRCS+= p12_add.c SRCS+= p12_asn.c SRCS+= p12_attr.c -SRCS+= p12_crpt.c SRCS+= p12_crt.c SRCS+= p12_decr.c SRCS+= p12_init.c diff --git a/lib/libcrypto/evp/evp_local.h b/lib/libcrypto/evp/evp_local.h index 42839f39b..f81a8d608 100644 --- a/lib/libcrypto/evp/evp_local.h +++ b/lib/libcrypto/evp/evp_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_local.h,v 1.13 2024/01/04 17:38:36 tb Exp $ */ +/* $OpenBSD: evp_local.h,v 1.14 2024/01/27 23:34:18 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -278,8 +278,6 @@ struct evp_pkey_ctx_st { int keygen_info_count; } /* EVP_PKEY_CTX */; -#define EVP_PKEY_FLAG_DYNAMIC 1 - struct evp_pkey_method_st { int pkey_id; int flags; diff --git a/lib/libcrypto/evp/evp_names.c b/lib/libcrypto/evp/evp_names.c index 046391fe3..cf57a4aa5 100644 --- a/lib/libcrypto/evp/evp_names.c +++ b/lib/libcrypto/evp/evp_names.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_names.c,v 1.7 2024/01/13 12:18:52 tb Exp $ */ +/* $OpenBSD: evp_names.c,v 1.8 2024/01/27 18:12:27 tb Exp $ */ /* * Copyright (c) 2023 Theo Buehler * @@ -1104,6 +1104,13 @@ static const struct cipher_name cipher_names[] = { */ static const struct digest_name digest_names[] = { +#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_SHA1) + { + .name = SN_dsaWithSHA1, + .digest = EVP_sha1, + .alias = SN_sha1, + }, +#endif #ifndef OPENSSL_NO_GOST { .name = LN_id_Gost28147_89_MAC, @@ -1303,6 +1310,7 @@ static const struct digest_name digest_names[] = { .digest = EVP_sha512_256, }, #endif /* OPENSSL_NO_SHA512 */ + #ifndef OPENSSL_NO_SM3 { .name = SN_sm3, @@ -1310,6 +1318,68 @@ static const struct digest_name digest_names[] = { }, #endif /* OPENSSL_NO_SM3 */ +#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_SHA1) + { + .name = LN_dsaWithSHA1, + .digest = EVP_sha1, + .alias = SN_sha1, + }, +#endif + +#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_SHA256) + { + .name = LN_dsa_with_SHA224, + .digest = EVP_sha224, + .alias = SN_sha224, + }, + { + .name = LN_dsa_with_SHA256, + .digest = EVP_sha256, + .alias = SN_sha256, + }, + { + .name = LN_dsa_with_SHA384, + .digest = EVP_sha384, + .alias = SN_sha384, + }, + { + .name = LN_dsa_with_SHA512, + .digest = EVP_sha512, + .alias = SN_sha512, + }, +#endif /* OPENSSL_NO_DSA && OPENSSL_NO_SHA256 */ + +#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_EC) + { + .name = SN_ecdsa_with_SHA1, + .digest = EVP_sha1, + .alias = SN_sha1, + }, +#endif + +#if !defined(OPENSSL_NO_SHA256) && !defined(OPENSSL_NO_EC) + { + .name = SN_ecdsa_with_SHA224, + .digest = EVP_sha224, + .alias = SN_sha224, + }, + { + .name = SN_ecdsa_with_SHA256, + .digest = EVP_sha256, + .alias = SN_sha256, + }, + { + .name = SN_ecdsa_with_SHA384, + .digest = EVP_sha384, + .alias = SN_sha384, + }, + { + .name = SN_ecdsa_with_SHA512, + .digest = EVP_sha512, + .alias = SN_sha512, + }, +#endif /* OPENSSL_NO_SHA256 && OPENSSL_NO_EC */ + #ifndef OPENSSL_NO_GOST { .name = SN_id_Gost28147_89_MAC, @@ -1317,6 +1387,78 @@ static const struct digest_name digest_names[] = { }, #endif /* OPENSSL_NO_GOST */ +#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_SHA256) + { + .name = SN_dsa_with_SHA224, + .digest = EVP_sha224, + .alias = SN_sha224, + }, + { + .name = SN_dsa_with_SHA256, + .digest = EVP_sha256, + .alias = SN_sha256, + }, +#endif /* OPENSSL_NO_DSA && OPENSSL_NO_SHA256 */ + +#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_SHA3) + { + .name = SN_dsa_with_SHA3_224, + .digest = EVP_sha3_224, + .alias = SN_sha3_224, + }, + { + .name = SN_dsa_with_SHA3_256, + .digest = EVP_sha3_256, + .alias = SN_sha3_256, + }, + { + .name = SN_dsa_with_SHA3_384, + .digest = EVP_sha3_384, + .alias = SN_sha3_384, + }, + { + .name = SN_dsa_with_SHA3_512, + .digest = EVP_sha3_512, + .alias = SN_sha3_512, + }, +#endif /* OPENSSL_NO_DSA && OPENSSL_NO_SHA3 */ + +#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_SHA256) + { + .name = SN_dsa_with_SHA384, + .digest = EVP_sha384, + .alias = SN_sha384, + }, + { + .name = SN_dsa_with_SHA512, + .digest = EVP_sha512, + .alias = SN_sha512, + }, +#endif /* OPENSSL_NO_DSA && OPENSSL_NO_SHA256 */ + +#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_SHA3) + { + .name = SN_ecdsa_with_SHA3_224, + .digest = EVP_sha3_224, + .alias = SN_sha3_224, + }, + { + .name = SN_ecdsa_with_SHA3_256, + .digest = EVP_sha3_256, + .alias = SN_sha3_256, + }, + { + .name = SN_ecdsa_with_SHA3_384, + .digest = EVP_sha3_384, + .alias = SN_sha3_384, + }, + { + .name = SN_ecdsa_with_SHA3_512, + .digest = EVP_sha3_512, + .alias = SN_sha3_512, + }, +#endif /* OPENSSL_NO_EC && OPENSSL_NO_SHA3 */ + #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_SHA3) { .name = SN_RSA_SHA3_224, diff --git a/lib/libcrypto/evp/evp_pbe.c b/lib/libcrypto/evp/evp_pbe.c index 8553478bc..d34fc7053 100644 --- a/lib/libcrypto/evp/evp_pbe.c +++ b/lib/libcrypto/evp/evp_pbe.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_pbe.c,v 1.34 2023/12/18 13:12:43 tb Exp $ */ +/* $OpenBSD: evp_pbe.c,v 1.40 2024/01/27 17:20:20 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -59,14 +59,16 @@ #include #include -#include - +#include #include #include +#include +#include #include #include #include "evp_local.h" +#include "hmac_local.h" /* Password based encryption (PBE) functions */ @@ -96,14 +98,12 @@ static const struct pbe_config pbe_outer[] = { .md_nid = NID_sha1, .keygen = PKCS5_PBE_keyivgen, }, -#ifndef OPENSSL_NO_HMAC { .pbe_nid = NID_id_pbkdf2, .cipher_nid = -1, .md_nid = -1, .keygen = PKCS5_v2_PBKDF2_keyivgen, }, -#endif { .pbe_nid = NID_pbe_WithSHA1And128BitRC4, .cipher_nid = NID_rc4, @@ -140,14 +140,12 @@ static const struct pbe_config pbe_outer[] = { .md_nid = NID_sha1, .keygen = PKCS12_PBE_keyivgen, }, -#ifndef OPENSSL_NO_HMAC { .pbe_nid = NID_pbes2, .cipher_nid = -1, .md_nid = -1, .keygen = PKCS5_v2_PBE_keyivgen, }, -#endif { .pbe_nid = NID_pbeWithMD2AndRC2_CBC, .cipher_nid = NID_rc2_64_cbc, @@ -216,6 +214,36 @@ static const struct pbe_config pbe_prf[] = { .cipher_nid = -1, .md_nid = NID_id_tc26_gost3411_2012_512, }, + { + .pbe_nid = NID_hmacWithSHA512_224, + .cipher_nid = -1, + .md_nid = NID_sha512_224, + }, + { + .pbe_nid = NID_hmacWithSHA512_256, + .cipher_nid = -1, + .md_nid = NID_sha512_256, + }, + { + .pbe_nid = NID_hmac_sha3_224, + .cipher_nid = -1, + .md_nid = NID_sha3_224, + }, + { + .pbe_nid = NID_hmac_sha3_256, + .cipher_nid = -1, + .md_nid = NID_sha3_256, + }, + { + .pbe_nid = NID_hmac_sha3_384, + .cipher_nid = -1, + .md_nid = NID_sha3_384, + }, + { + .pbe_nid = NID_hmac_sha3_512, + .cipher_nid = -1, + .md_nid = NID_sha3_512, + }, }; #define N_PBE_PRF (sizeof(pbe_prf) / sizeof(pbe_prf[0])) @@ -311,6 +339,391 @@ EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, return 1; } +int +PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, + ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de) +{ + EVP_MD_CTX ctx; + unsigned char md_tmp[EVP_MAX_MD_SIZE]; + unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; + int i; + PBEPARAM *pbe; + int saltlen, iter; + unsigned char *salt; + const unsigned char *pbuf; + int mdsize; + int ret = 0; + + /* Extract useful info from parameter */ + if (param == NULL || param->type != V_ASN1_SEQUENCE || + param->value.sequence == NULL) { + EVPerror(EVP_R_DECODE_ERROR); + return 0; + } + + mdsize = EVP_MD_size(md); + if (mdsize < 0) + return 0; + + pbuf = param->value.sequence->data; + if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { + EVPerror(EVP_R_DECODE_ERROR); + return 0; + } + + if (!pbe->iter) + iter = 1; + else if ((iter = ASN1_INTEGER_get(pbe->iter)) <= 0) { + EVPerror(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS); + PBEPARAM_free(pbe); + return 0; + } + salt = pbe->salt->data; + saltlen = pbe->salt->length; + + if (!pass) + passlen = 0; + else if (passlen == -1) + passlen = strlen(pass); + + EVP_MD_CTX_init(&ctx); + + if (!EVP_DigestInit_ex(&ctx, md, NULL)) + goto err; + if (!EVP_DigestUpdate(&ctx, pass, passlen)) + goto err; + if (!EVP_DigestUpdate(&ctx, salt, saltlen)) + goto err; + if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL)) + goto err; + for (i = 1; i < iter; i++) { + if (!EVP_DigestInit_ex(&ctx, md, NULL)) + goto err; + if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize)) + goto err; + if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL)) + goto err; + } + if ((size_t)EVP_CIPHER_key_length(cipher) > sizeof(md_tmp)) { + EVPerror(EVP_R_BAD_KEY_LENGTH); + goto err; + } + memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); + if ((size_t)EVP_CIPHER_iv_length(cipher) > 16) { + EVPerror(EVP_R_IV_TOO_LARGE); + goto err; + } + memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), + EVP_CIPHER_iv_length(cipher)); + if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de)) + goto err; + explicit_bzero(md_tmp, EVP_MAX_MD_SIZE); + explicit_bzero(key, EVP_MAX_KEY_LENGTH); + explicit_bzero(iv, EVP_MAX_IV_LENGTH); + + ret = 1; + + err: + EVP_MD_CTX_cleanup(&ctx); + PBEPARAM_free(pbe); + + return ret; +} + +/* + * PKCS#5 v2.0 password based encryption key derivation function PBKDF2. + */ + +int +PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, + int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out) +{ + unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; + int cplen, j, k, tkeylen, mdlen; + unsigned long i = 1; + HMAC_CTX hctx_tpl, hctx; + + mdlen = EVP_MD_size(digest); + if (mdlen < 0) + return 0; + + HMAC_CTX_init(&hctx_tpl); + p = out; + tkeylen = keylen; + if (!pass) + passlen = 0; + else if (passlen == -1) + passlen = strlen(pass); + if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) { + HMAC_CTX_cleanup(&hctx_tpl); + return 0; + } + while (tkeylen) { + if (tkeylen > mdlen) + cplen = mdlen; + else + cplen = tkeylen; + /* + * We are unlikely to ever use more than 256 blocks (5120 bits!) + * but just in case... + */ + itmp[0] = (unsigned char)((i >> 24) & 0xff); + itmp[1] = (unsigned char)((i >> 16) & 0xff); + itmp[2] = (unsigned char)((i >> 8) & 0xff); + itmp[3] = (unsigned char)(i & 0xff); + if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) { + HMAC_CTX_cleanup(&hctx_tpl); + return 0; + } + if (!HMAC_Update(&hctx, salt, saltlen) || + !HMAC_Update(&hctx, itmp, 4) || + !HMAC_Final(&hctx, digtmp, NULL)) { + HMAC_CTX_cleanup(&hctx_tpl); + HMAC_CTX_cleanup(&hctx); + return 0; + } + HMAC_CTX_cleanup(&hctx); + memcpy(p, digtmp, cplen); + for (j = 1; j < iter; j++) { + if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) { + HMAC_CTX_cleanup(&hctx_tpl); + return 0; + } + if (!HMAC_Update(&hctx, digtmp, mdlen) || + !HMAC_Final(&hctx, digtmp, NULL)) { + HMAC_CTX_cleanup(&hctx_tpl); + HMAC_CTX_cleanup(&hctx); + return 0; + } + HMAC_CTX_cleanup(&hctx); + for (k = 0; k < cplen; k++) + p[k] ^= digtmp[k]; + } + tkeylen -= cplen; + i++; + p += cplen; + } + HMAC_CTX_cleanup(&hctx_tpl); + return 1; +} + +int +PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt, + int saltlen, int iter, int keylen, unsigned char *out) +{ + return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, + EVP_sha1(), keylen, out); +} + +/* + * Now the key derivation function itself. This is a bit evil because + * it has to check the ASN1 parameters are valid: and there are quite a + * few of them... + */ + +int +PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, + ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de) +{ + const unsigned char *pbuf; + int plen; + PBE2PARAM *pbe2 = NULL; + const EVP_CIPHER *cipher; + int ret = 0; + + if (param == NULL || param->type != V_ASN1_SEQUENCE || + param->value.sequence == NULL) { + EVPerror(EVP_R_DECODE_ERROR); + goto err; + } + + pbuf = param->value.sequence->data; + plen = param->value.sequence->length; + if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { + EVPerror(EVP_R_DECODE_ERROR); + goto err; + } + + /* See if we recognise the key derivation function */ + + if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) { + EVPerror(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION); + goto err; + } + + /* Let's see if we recognise the encryption algorithm. */ + cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm); + if (!cipher) { + EVPerror(EVP_R_UNSUPPORTED_CIPHER); + goto err; + } + + /* Fixup cipher based on AlgorithmIdentifier */ + if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de)) + goto err; + if (EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { + EVPerror(EVP_R_CIPHER_PARAMETER_ERROR); + goto err; + } + + ret = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen, + pbe2->keyfunc->parameter, c, md, en_de); + + err: + PBE2PARAM_free(pbe2); + + return ret; +} + +int +PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, + ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de) +{ + unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; + const unsigned char *pbuf; + int saltlen, iter, plen; + unsigned int keylen = 0; + int prf_nid, hmac_md_nid; + PBKDF2PARAM *kdf = NULL; + const EVP_MD *prfmd; + int ret = 0; + + if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { + EVPerror(EVP_R_NO_CIPHER_SET); + return 0; + } + keylen = EVP_CIPHER_CTX_key_length(ctx); + if (keylen > sizeof key) { + EVPerror(EVP_R_BAD_KEY_LENGTH); + return 0; + } + + /* Decode parameter */ + + if (!param || (param->type != V_ASN1_SEQUENCE)) { + EVPerror(EVP_R_DECODE_ERROR); + return 0; + } + + pbuf = param->value.sequence->data; + plen = param->value.sequence->length; + + if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) { + EVPerror(EVP_R_DECODE_ERROR); + return 0; + } + + /* Now check the parameters of the kdf */ + + if (kdf->keylength && + (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){ + EVPerror(EVP_R_UNSUPPORTED_KEYLENGTH); + goto err; + } + + if (kdf->prf) + prf_nid = OBJ_obj2nid(kdf->prf->algorithm); + else + prf_nid = NID_hmacWithSHA1; + + if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, NULL)) { + EVPerror(EVP_R_UNSUPPORTED_PRF); + goto err; + } + + prfmd = EVP_get_digestbynid(hmac_md_nid); + if (prfmd == NULL) { + EVPerror(EVP_R_UNSUPPORTED_PRF); + goto err; + } + + if (kdf->salt->type != V_ASN1_OCTET_STRING) { + EVPerror(EVP_R_UNSUPPORTED_SALT_TYPE); + goto err; + } + + /* it seems that its all OK */ + salt = kdf->salt->value.octet_string->data; + saltlen = kdf->salt->value.octet_string->length; + if ((iter = ASN1_INTEGER_get(kdf->iter)) <= 0) { + EVPerror(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS); + goto err; + } + if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd, + keylen, key)) + goto err; + + ret = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); + + err: + explicit_bzero(key, keylen); + PBKDF2PARAM_free(kdf); + + return ret; +} + +void +PKCS12_PBE_add(void) +{ +} +LCRYPTO_ALIAS(PKCS12_PBE_add); + +int +PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, + ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de) +{ + PBEPARAM *pbe; + int saltlen, iter, ret; + unsigned char *salt; + const unsigned char *pbuf; + unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; + + /* Extract useful info from parameter */ + if (param == NULL || param->type != V_ASN1_SEQUENCE || + param->value.sequence == NULL) { + PKCS12error(PKCS12_R_DECODE_ERROR); + return 0; + } + + pbuf = param->value.sequence->data; + if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { + PKCS12error(PKCS12_R_DECODE_ERROR); + return 0; + } + + if (!pbe->iter) + iter = 1; + else if ((iter = ASN1_INTEGER_get(pbe->iter)) <= 0) { + PKCS12error(PKCS12_R_DECODE_ERROR); + PBEPARAM_free(pbe); + return 0; + } + salt = pbe->salt->data; + saltlen = pbe->salt->length; + if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_KEY_ID, + iter, EVP_CIPHER_key_length(cipher), key, md)) { + PKCS12error(PKCS12_R_KEY_GEN_ERROR); + PBEPARAM_free(pbe); + return 0; + } + if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_IV_ID, + iter, EVP_CIPHER_iv_length(cipher), iv, md)) { + PKCS12error(PKCS12_R_IV_GEN_ERROR); + PBEPARAM_free(pbe); + return 0; + } + PBEPARAM_free(pbe); + ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de); + explicit_bzero(key, EVP_MAX_KEY_LENGTH); + explicit_bzero(iv, EVP_MAX_IV_LENGTH); + return ret; +} +LCRYPTO_ALIAS(PKCS12_PBE_keyivgen); + +/* + * XXX - remove the functions below in the next major bump + */ + int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid, EVP_PBE_KEYGEN *keygen) @@ -331,3 +744,8 @@ void EVP_PBE_cleanup(void) { } + +void +PKCS5_PBE_add(void) +{ +} diff --git a/lib/libcrypto/evp/p5_crpt.c b/lib/libcrypto/evp/p5_crpt.c deleted file mode 100644 index d26439ad2..000000000 --- a/lib/libcrypto/evp/p5_crpt.c +++ /dev/null @@ -1,163 +0,0 @@ -/* $OpenBSD: p5_crpt.c,v 1.23 2023/07/07 19:37:54 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include -#include - -#include "evp_local.h" - -/* Doesn't do anything now: Builtin PBE algorithms in static table. - */ - -void -PKCS5_PBE_add(void) -{ -} - -int -PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de) -{ - EVP_MD_CTX ctx; - unsigned char md_tmp[EVP_MAX_MD_SIZE]; - unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; - int i; - PBEPARAM *pbe; - int saltlen, iter; - unsigned char *salt; - const unsigned char *pbuf; - int mdsize; - int rv = 0; - - /* Extract useful info from parameter */ - if (param == NULL || param->type != V_ASN1_SEQUENCE || - param->value.sequence == NULL) { - EVPerror(EVP_R_DECODE_ERROR); - return 0; - } - - mdsize = EVP_MD_size(md); - if (mdsize < 0) - return 0; - - pbuf = param->value.sequence->data; - if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { - EVPerror(EVP_R_DECODE_ERROR); - return 0; - } - - if (!pbe->iter) - iter = 1; - else if ((iter = ASN1_INTEGER_get(pbe->iter)) <= 0) { - EVPerror(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS); - PBEPARAM_free(pbe); - return 0; - } - salt = pbe->salt->data; - saltlen = pbe->salt->length; - - if (!pass) - passlen = 0; - else if (passlen == -1) - passlen = strlen(pass); - - EVP_MD_CTX_init(&ctx); - - if (!EVP_DigestInit_ex(&ctx, md, NULL)) - goto err; - if (!EVP_DigestUpdate(&ctx, pass, passlen)) - goto err; - if (!EVP_DigestUpdate(&ctx, salt, saltlen)) - goto err; - if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL)) - goto err; - for (i = 1; i < iter; i++) { - if (!EVP_DigestInit_ex(&ctx, md, NULL)) - goto err; - if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize)) - goto err; - if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL)) - goto err; - } - if ((size_t)EVP_CIPHER_key_length(cipher) > sizeof(md_tmp)) { - EVPerror(EVP_R_BAD_KEY_LENGTH); - goto err; - } - memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); - if ((size_t)EVP_CIPHER_iv_length(cipher) > 16) { - EVPerror(EVP_R_IV_TOO_LARGE); - goto err; - } - memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), - EVP_CIPHER_iv_length(cipher)); - if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de)) - goto err; - explicit_bzero(md_tmp, EVP_MAX_MD_SIZE); - explicit_bzero(key, EVP_MAX_KEY_LENGTH); - explicit_bzero(iv, EVP_MAX_IV_LENGTH); - rv = 1; -err: - EVP_MD_CTX_cleanup(&ctx); - PBEPARAM_free(pbe); - return rv; -} diff --git a/lib/libcrypto/evp/p5_crpt2.c b/lib/libcrypto/evp/p5_crpt2.c deleted file mode 100644 index 8e95613f6..000000000 --- a/lib/libcrypto/evp/p5_crpt2.c +++ /dev/null @@ -1,307 +0,0 @@ -/* $OpenBSD: p5_crpt2.c,v 1.28 2023/12/16 13:23:20 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include - -#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA) - -#include -#include -#include -#include - -#include "evp_local.h" -#include "hmac_local.h" - -/* This is an implementation of PKCS#5 v2.0 password based encryption key - * derivation function PBKDF2. - * SHA1 version verified against test vectors posted by Peter Gutmann - * to the PKCS-TNG mailing list. - */ - -int -PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, - int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out) -{ - unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; - int cplen, j, k, tkeylen, mdlen; - unsigned long i = 1; - HMAC_CTX hctx_tpl, hctx; - - mdlen = EVP_MD_size(digest); - if (mdlen < 0) - return 0; - - HMAC_CTX_init(&hctx_tpl); - p = out; - tkeylen = keylen; - if (!pass) - passlen = 0; - else if (passlen == -1) - passlen = strlen(pass); - if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) { - HMAC_CTX_cleanup(&hctx_tpl); - return 0; - } - while (tkeylen) { - if (tkeylen > mdlen) - cplen = mdlen; - else - cplen = tkeylen; - /* We are unlikely to ever use more than 256 blocks (5120 bits!) - * but just in case... - */ - itmp[0] = (unsigned char)((i >> 24) & 0xff); - itmp[1] = (unsigned char)((i >> 16) & 0xff); - itmp[2] = (unsigned char)((i >> 8) & 0xff); - itmp[3] = (unsigned char)(i & 0xff); - if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) { - HMAC_CTX_cleanup(&hctx_tpl); - return 0; - } - if (!HMAC_Update(&hctx, salt, saltlen) || - !HMAC_Update(&hctx, itmp, 4) || - !HMAC_Final(&hctx, digtmp, NULL)) { - HMAC_CTX_cleanup(&hctx_tpl); - HMAC_CTX_cleanup(&hctx); - return 0; - } - HMAC_CTX_cleanup(&hctx); - memcpy(p, digtmp, cplen); - for (j = 1; j < iter; j++) { - if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) { - HMAC_CTX_cleanup(&hctx_tpl); - return 0; - } - if (!HMAC_Update(&hctx, digtmp, mdlen) || - !HMAC_Final(&hctx, digtmp, NULL)) { - HMAC_CTX_cleanup(&hctx_tpl); - HMAC_CTX_cleanup(&hctx); - return 0; - } - HMAC_CTX_cleanup(&hctx); - for (k = 0; k < cplen; k++) - p[k] ^= digtmp[k]; - } - tkeylen -= cplen; - i++; - p += cplen; - } - HMAC_CTX_cleanup(&hctx_tpl); - return 1; -} - -int -PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt, - int saltlen, int iter, int keylen, unsigned char *out) -{ - return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, - EVP_sha1(), keylen, out); -} - -/* Now the key derivation function itself. This is a bit evil because - * it has to check the ASN1 parameters are valid: and there are quite a - * few of them... - */ - -int -PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de) -{ - const unsigned char *pbuf; - int plen; - PBE2PARAM *pbe2 = NULL; - const EVP_CIPHER *cipher; - - int rv = 0; - - if (param == NULL || param->type != V_ASN1_SEQUENCE || - param->value.sequence == NULL) { - EVPerror(EVP_R_DECODE_ERROR); - goto err; - } - - pbuf = param->value.sequence->data; - plen = param->value.sequence->length; - if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { - EVPerror(EVP_R_DECODE_ERROR); - goto err; - } - - /* See if we recognise the key derivation function */ - - if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) { - EVPerror(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION); - goto err; - } - - /* lets see if we recognise the encryption algorithm. - */ - - cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm); - - if (!cipher) { - EVPerror(EVP_R_UNSUPPORTED_CIPHER); - goto err; - } - - /* Fixup cipher based on AlgorithmIdentifier */ - if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de)) - goto err; - if (EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { - EVPerror(EVP_R_CIPHER_PARAMETER_ERROR); - goto err; - } - rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen, - pbe2->keyfunc->parameter, c, md, en_de); - -err: - PBE2PARAM_free(pbe2); - return rv; -} - -int -PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de) -{ - unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; - const unsigned char *pbuf; - int saltlen, iter, plen; - int rv = 0; - unsigned int keylen = 0; - int prf_nid, hmac_md_nid; - PBKDF2PARAM *kdf = NULL; - const EVP_MD *prfmd; - - if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { - EVPerror(EVP_R_NO_CIPHER_SET); - return 0; - } - keylen = EVP_CIPHER_CTX_key_length(ctx); - if (keylen > sizeof key) { - EVPerror(EVP_R_BAD_KEY_LENGTH); - return 0; - } - - /* Decode parameter */ - - if (!param || (param->type != V_ASN1_SEQUENCE)) { - EVPerror(EVP_R_DECODE_ERROR); - return 0; - } - - pbuf = param->value.sequence->data; - plen = param->value.sequence->length; - - if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) { - EVPerror(EVP_R_DECODE_ERROR); - return 0; - } - - /* Now check the parameters of the kdf */ - - if (kdf->keylength && - (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){ - EVPerror(EVP_R_UNSUPPORTED_KEYLENGTH); - goto err; - } - - if (kdf->prf) - prf_nid = OBJ_obj2nid(kdf->prf->algorithm); - else - prf_nid = NID_hmacWithSHA1; - - if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, NULL)) { - EVPerror(EVP_R_UNSUPPORTED_PRF); - goto err; - } - - prfmd = EVP_get_digestbynid(hmac_md_nid); - if (prfmd == NULL) { - EVPerror(EVP_R_UNSUPPORTED_PRF); - goto err; - } - - if (kdf->salt->type != V_ASN1_OCTET_STRING) { - EVPerror(EVP_R_UNSUPPORTED_SALT_TYPE); - goto err; - } - - /* it seems that its all OK */ - salt = kdf->salt->value.octet_string->data; - saltlen = kdf->salt->value.octet_string->length; - if ((iter = ASN1_INTEGER_get(kdf->iter)) <= 0) { - EVPerror(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS); - goto err; - } - if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd, - keylen, key)) - goto err; - rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); - -err: - explicit_bzero(key, keylen); - PBKDF2PARAM_free(kdf); - return rv; -} - -#endif diff --git a/lib/libcrypto/objects/obj_mac.num b/lib/libcrypto/objects/obj_mac.num index 15178e37d..9793130e3 100644 --- a/lib/libcrypto/objects/obj_mac.num +++ b/lib/libcrypto/objects/obj_mac.num @@ -1050,3 +1050,4 @@ RSA_SHA3_224 1049 RSA_SHA3_256 1050 RSA_SHA3_384 1051 RSA_SHA3_512 1052 +acmeIdentifier 1053 diff --git a/lib/libcrypto/objects/obj_xref.c b/lib/libcrypto/objects/obj_xref.c index 0fca228ed..321c2f50b 100644 --- a/lib/libcrypto/objects/obj_xref.c +++ b/lib/libcrypto/objects/obj_xref.c @@ -1,4 +1,4 @@ -/* $OpenBSD: obj_xref.c,v 1.13 2023/07/28 10:25:05 tb Exp $ */ +/* $OpenBSD: obj_xref.c,v 1.14 2024/01/27 16:08:43 tb Exp $ */ /* * Copyright (c) 2023 Theo Buehler @@ -265,6 +265,26 @@ static const struct { .hash_nid = NID_sha3_512, .pkey_nid = NID_rsaEncryption, }, + { + .sign_nid = NID_ecdsa_with_SHA3_224, + .hash_nid = NID_sha3_224, + .pkey_nid = NID_X9_62_id_ecPublicKey, + }, + { + .sign_nid = NID_ecdsa_with_SHA3_256, + .hash_nid = NID_sha3_256, + .pkey_nid = NID_X9_62_id_ecPublicKey, + }, + { + .sign_nid = NID_ecdsa_with_SHA3_384, + .hash_nid = NID_sha3_384, + .pkey_nid = NID_X9_62_id_ecPublicKey, + }, + { + .sign_nid = NID_ecdsa_with_SHA3_512, + .hash_nid = NID_sha3_512, + .pkey_nid = NID_X9_62_id_ecPublicKey, + }, }; #define N_NID_TRIPLES (sizeof(nid_triple) / sizeof(nid_triple[0])) diff --git a/lib/libcrypto/objects/objects.txt b/lib/libcrypto/objects/objects.txt index 5b71048cf..d91894307 100644 --- a/lib/libcrypto/objects/objects.txt +++ b/lib/libcrypto/objects/objects.txt @@ -490,6 +490,7 @@ id-pe 14 : proxyCertInfo : Proxy Certificate Information id-pe 24 : tlsfeature : TLS Feature id-pe 28 : sbgp-ipAddrBlockv2 id-pe 29 : sbgp-autonomousSysNumv2 +id-pe 31 : acmeIdentifier : ACME Identifier # PKIX policyQualifiers for Internet policy qualifiers id-qt 1 : id-qt-cps : Policy Qualifier CPS diff --git a/lib/libcrypto/pkcs12/p12_crpt.c b/lib/libcrypto/pkcs12/p12_crpt.c deleted file mode 100644 index e7d30101c..000000000 --- a/lib/libcrypto/pkcs12/p12_crpt.c +++ /dev/null @@ -1,123 +0,0 @@ -/* $OpenBSD: p12_crpt.c,v 1.17 2023/02/16 08:38:17 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include - -/* PKCS#12 PBE algorithms now in static table */ - -void -PKCS12_PBE_add(void) -{ -} -LCRYPTO_ALIAS(PKCS12_PBE_add); - -int -PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de) -{ - PBEPARAM *pbe; - int saltlen, iter, ret; - unsigned char *salt; - const unsigned char *pbuf; - unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; - - /* Extract useful info from parameter */ - if (param == NULL || param->type != V_ASN1_SEQUENCE || - param->value.sequence == NULL) { - PKCS12error(PKCS12_R_DECODE_ERROR); - return 0; - } - - pbuf = param->value.sequence->data; - if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { - PKCS12error(PKCS12_R_DECODE_ERROR); - return 0; - } - - if (!pbe->iter) - iter = 1; - else if ((iter = ASN1_INTEGER_get(pbe->iter)) <= 0) { - PKCS12error(PKCS12_R_DECODE_ERROR); - PBEPARAM_free(pbe); - return 0; - } - salt = pbe->salt->data; - saltlen = pbe->salt->length; - if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_KEY_ID, - iter, EVP_CIPHER_key_length(cipher), key, md)) { - PKCS12error(PKCS12_R_KEY_GEN_ERROR); - PBEPARAM_free(pbe); - return 0; - } - if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_IV_ID, - iter, EVP_CIPHER_iv_length(cipher), iv, md)) { - PKCS12error(PKCS12_R_IV_GEN_ERROR); - PBEPARAM_free(pbe); - return 0; - } - PBEPARAM_free(pbe); - ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de); - explicit_bzero(key, EVP_MAX_KEY_LENGTH); - explicit_bzero(iv, EVP_MAX_IV_LENGTH); - return ret; -} -LCRYPTO_ALIAS(PKCS12_PBE_keyivgen); diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h index f4b17bdf2..75d31fb2a 100644 --- a/lib/libssl/tls13_internal.h +++ b/lib/libssl/tls13_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_internal.h,v 1.101 2022/07/24 14:28:16 jsing Exp $ */ +/* $OpenBSD: tls13_internal.h,v 1.103 2024/01/27 14:31:01 jsing Exp $ */ /* * Copyright (c) 2018 Bob Beck * Copyright (c) 2018 Theo Buehler @@ -87,7 +87,8 @@ __BEGIN_HIDDEN_DECLS #define TLS13_INFO_ACCEPT_EXIT SSL_CB_ACCEPT_EXIT #define TLS13_INFO_CONNECT_EXIT SSL_CB_CONNECT_EXIT -typedef void (*tls13_alert_cb)(uint8_t _alert_desc, void *_cb_arg); +typedef void (*tls13_alert_cb)(uint8_t _alert_level, uint8_t _alert_desc, + void *_cb_arg); typedef ssize_t (*tls13_phh_recv_cb)(void *_cb_arg); typedef void (*tls13_phh_sent_cb)(void *_cb_arg); typedef void (*tls13_handshake_message_cb)(void *_cb_arg); @@ -291,6 +292,8 @@ struct tls13_ctx { int phh_count; time_t phh_last_seen; + tls13_alert_cb alert_sent_cb; + tls13_alert_cb alert_recv_cb; tls13_handshake_message_cb handshake_message_sent_cb; tls13_handshake_message_cb handshake_message_recv_cb; tls13_info_cb info_cb; @@ -309,8 +312,8 @@ void tls13_ctx_free(struct tls13_ctx *ctx); const EVP_AEAD *tls13_cipher_aead(const SSL_CIPHER *cipher); const EVP_MD *tls13_cipher_hash(const SSL_CIPHER *cipher); -void tls13_alert_received_cb(uint8_t alert_desc, void *arg); -void tls13_alert_sent_cb(uint8_t alert_desc, void *arg); +void tls13_alert_received_cb(uint8_t alert_level, uint8_t alert_desc, void *arg); +void tls13_alert_sent_cb(uint8_t alert_level, uint8_t alert_desc, void *arg); ssize_t tls13_phh_received_cb(void *cb_arg); void tls13_phh_done_cb(void *cb_arg); @@ -323,7 +326,6 @@ int tls13_use_legacy_client(struct tls13_ctx *ctx); int tls13_use_legacy_server(struct tls13_ctx *ctx); int tls13_legacy_accept(SSL *ssl); int tls13_legacy_connect(SSL *ssl); -int tls13_legacy_return_code(SSL *ssl, ssize_t ret); ssize_t tls13_legacy_wire_read_cb(void *buf, size_t n, void *arg); ssize_t tls13_legacy_wire_write_cb(const void *buf, size_t n, void *arg); ssize_t tls13_legacy_wire_flush_cb(void *arg); diff --git a/lib/libssl/tls13_legacy.c b/lib/libssl/tls13_legacy.c index e9aca070e..e5b451cb6 100644 --- a/lib/libssl/tls13_legacy.c +++ b/lib/libssl/tls13_legacy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_legacy.c,v 1.41 2023/11/28 13:19:04 tb Exp $ */ +/* $OpenBSD: tls13_legacy.c,v 1.43 2024/01/27 14:34:28 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -159,7 +159,7 @@ tls13_legacy_error(SSL *ssl) ctx->error.line); } -int +static int tls13_legacy_return_code(SSL *ssl, ssize_t ret) { if (ret > INT_MAX) { @@ -486,44 +486,45 @@ tls13_legacy_shutdown(SSL *ssl) * We need to return 0 at the point that we have completed sending a * close-notify. We return 1 when we have sent and received close-notify * alerts. All other cases, including EOF, return -1 and set internal - * state appropriately. + * state appropriately. Note that all of this insanity can also be + * externally controlled by manipulating the shutdown flags. */ if (ctx == NULL || ssl->quiet_shutdown) { ssl->shutdown = SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN; return 1; } - if (!ctx->close_notify_sent) { - /* Enqueue and send close notify. */ - if (!(ssl->shutdown & SSL_SENT_SHUTDOWN)) { - ssl->shutdown |= SSL_SENT_SHUTDOWN; - if ((ret = tls13_send_alert(ctx->rl, - TLS13_ALERT_CLOSE_NOTIFY)) < 0) - return tls13_legacy_return_code(ssl, ret); - } - ret = tls13_record_layer_send_pending(ctx->rl); + if ((ssl->shutdown & SSL_SENT_SHUTDOWN) == 0) { + ssl->shutdown |= SSL_SENT_SHUTDOWN; + ret = tls13_send_alert(ctx->rl, TLS13_ALERT_CLOSE_NOTIFY); if (ret == TLS13_IO_EOF) return -1; if (ret != TLS13_IO_SUCCESS) return tls13_legacy_return_code(ssl, ret); - } else if (!ctx->close_notify_recv) { + } + + ret = tls13_record_layer_send_pending(ctx->rl); + if (ret == TLS13_IO_EOF) + return -1; + if (ret != TLS13_IO_SUCCESS) + return tls13_legacy_return_code(ssl, ret); + + if ((ssl->shutdown & SSL_RECEIVED_SHUTDOWN) == 0) { /* * If there is no application data pending, attempt to read more * data in order to receive a close-notify. This should trigger * a record to be read from the wire, which may be application - * handshake or alert data. Only one attempt is made to match - * previous semantics. + * handshake or alert data. Only one attempt is made with no + * error handling, in order to match previous semantics. */ if (tls13_pending_application_data(ctx->rl) == 0) { - if ((ret = tls13_read_application_data(ctx->rl, buf, - sizeof(buf))) < 0) - return tls13_legacy_return_code(ssl, ret); + (void)tls13_read_application_data(ctx->rl, buf, sizeof(buf)); if (!ctx->close_notify_recv) return -1; } } - if (ctx->close_notify_recv) + if (ssl->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) return 1; return 0; diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c index 05f125adc..331a3ad1a 100644 --- a/lib/libssl/tls13_lib.c +++ b/lib/libssl/tls13_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_lib.c,v 1.76 2022/11/26 16:08:56 tb Exp $ */ +/* $OpenBSD: tls13_lib.c,v 1.77 2024/01/27 14:23:51 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * Copyright (c) 2019 Bob Beck @@ -110,11 +110,42 @@ tls13_cipher_hash(const SSL_CIPHER *cipher) return NULL; } +static void +tls13_legacy_alert_cb(int sent, uint8_t alert_level, uint8_t alert_desc, + void *arg) +{ + uint8_t alert[] = {alert_level, alert_desc}; + struct tls13_ctx *ctx = arg; + SSL *s = ctx->ssl; + CBS cbs; + + if (s->msg_callback == NULL) + return; + + CBS_init(&cbs, alert, sizeof(alert)); + ssl_msg_callback_cbs(s, sent, SSL3_RT_ALERT, &cbs); +} + +static void +tls13_legacy_alert_recv_cb(uint8_t alert_level, uint8_t alert_desc, void *arg) +{ + tls13_legacy_alert_cb(0, alert_level, alert_desc, arg); +} + +static void +tls13_legacy_alert_sent_cb(uint8_t alert_level, uint8_t alert_desc, void *arg) +{ + tls13_legacy_alert_cb(1, alert_level, alert_desc, arg); +} + void -tls13_alert_received_cb(uint8_t alert_desc, void *arg) +tls13_alert_received_cb(uint8_t alert_level, uint8_t alert_desc, void *arg) { struct tls13_ctx *ctx = arg; + if (ctx->alert_recv_cb != NULL) + ctx->alert_recv_cb(alert_level, alert_desc, arg); + if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY) { ctx->close_notify_recv = 1; ctx->ssl->shutdown |= SSL_RECEIVED_SHUTDOWN; @@ -140,10 +171,13 @@ tls13_alert_received_cb(uint8_t alert_desc, void *arg) } void -tls13_alert_sent_cb(uint8_t alert_desc, void *arg) +tls13_alert_sent_cb(uint8_t alert_level, uint8_t alert_desc, void *arg) { struct tls13_ctx *ctx = arg; + if (ctx->alert_sent_cb != NULL) + ctx->alert_sent_cb(alert_level, alert_desc, arg); + if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY) { ctx->close_notify_sent = 1; return; @@ -514,6 +548,8 @@ tls13_ctx_new(int mode, SSL *ssl) if ((ctx->rl = tls13_record_layer_new(&tls13_rl_callbacks, ctx)) == NULL) goto err; + ctx->alert_sent_cb = tls13_legacy_alert_sent_cb; + ctx->alert_recv_cb = tls13_legacy_alert_recv_cb; ctx->handshake_message_sent_cb = tls13_legacy_handshake_message_sent_cb; ctx->handshake_message_recv_cb = tls13_legacy_handshake_message_recv_cb; ctx->info_cb = tls13_legacy_info_cb; diff --git a/lib/libssl/tls13_record_layer.c b/lib/libssl/tls13_record_layer.c index 4ae4e298e..5432744cd 100644 --- a/lib/libssl/tls13_record_layer.c +++ b/lib/libssl/tls13_record_layer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_record_layer.c,v 1.72 2022/11/11 17:15:27 jsing Exp $ */ +/* $OpenBSD: tls13_record_layer.c,v 1.73 2024/01/27 14:23:51 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -327,7 +327,7 @@ tls13_record_layer_process_alert(struct tls13_record_layer *rl) return tls13_send_alert(rl, TLS13_ALERT_ILLEGAL_PARAMETER); } - rl->cb.alert_recv(alert_desc, rl->cb_arg); + rl->cb.alert_recv(alert_level, alert_desc, rl->cb_arg); return ret; } @@ -361,7 +361,7 @@ tls13_record_layer_send_alert(struct tls13_record_layer *rl) ret = TLS13_IO_ALERT; } - rl->cb.alert_sent(rl->alert_desc, rl->cb_arg); + rl->cb.alert_sent(rl->alert_level, rl->alert_desc, rl->cb_arg); return ret; } diff --git a/regress/lib/libssl/shutdown/shutdowntest.c b/regress/lib/libssl/shutdown/shutdowntest.c index 7dea3a850..749ccaa43 100644 --- a/regress/lib/libssl/shutdown/shutdowntest.c +++ b/regress/lib/libssl/shutdown/shutdowntest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: shutdowntest.c,v 1.1 2024/01/19 08:29:08 jsing Exp $ */ +/* $OpenBSD: shutdowntest.c,v 1.2 2024/01/27 14:35:13 jsing Exp $ */ /* * Copyright (c) 2020, 2021, 2024 Joel Sing * @@ -489,12 +489,10 @@ struct ssl_version ssl_versions[] = { .version = TLS1_2_VERSION, .name = SSL_TXT_TLSV1_2, }, -#if 0 { .version = TLS1_3_VERSION, .name = SSL_TXT_TLSV1_3, }, -#endif }; #define N_SSL_VERSIONS (sizeof(ssl_versions) / sizeof(*ssl_versions)) diff --git a/sys/arch/armv7/conf/Makefile.armv7 b/sys/arch/armv7/conf/Makefile.armv7 index 470107e14..426ec6f71 100644 --- a/sys/arch/armv7/conf/Makefile.armv7 +++ b/sys/arch/armv7/conf/Makefile.armv7 @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.armv7,v 1.54 2023/09/06 01:47:36 jsg Exp $ +# $OpenBSD: Makefile.armv7,v 1.55 2024/01/28 00:40:22 deraadt Exp $ # For instructions on building kernels consult the config(8) and options(4) # manual pages. @@ -51,7 +51,7 @@ HOSTED_CPPFLAGS=${CPPFLAGS:S/^-nostdinc$//} HOSTED_CFLAGS= ${CFLAGS} HOSTED_C= ${HOSTCC} ${HOSTED_CFLAGS} ${HOSTED_CPPFLAGS} -c $< -NORMAL_C_NOP= ${CC} ${CFLAGS} ${CPPFLAGS} -c $< +NORMAL_C_NOP= ${CC} ${CFLAGS} ${CPPFLAGS} -fno-stack-protector -c $< NORMAL_C= ${CC} ${CFLAGS} ${CPPFLAGS} ${PROF} -c $< NORMAL_S= ${CC} ${AFLAGS} ${CPPFLAGS} ${PROF} -c $< diff --git a/sys/arch/i386/conf/Makefile.i386 b/sys/arch/i386/conf/Makefile.i386 index f2c1079de..e7647347a 100644 --- a/sys/arch/i386/conf/Makefile.i386 +++ b/sys/arch/i386/conf/Makefile.i386 @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.i386,v 1.144 2023/09/06 01:47:37 jsg Exp $ +# $OpenBSD: Makefile.i386,v 1.145 2024/01/28 00:40:22 deraadt Exp $ # For instructions on building kernels consult the config(8) and options(4) # manual pages. @@ -66,7 +66,7 @@ HOSTED_CPPFLAGS=${CPPFLAGS:S/^-nostdinc$//} HOSTED_CFLAGS= ${CFLAGS} HOSTED_C= ${HOSTCC} ${HOSTED_CFLAGS} ${HOSTED_CPPFLAGS} -c $< -NORMAL_C_NOP= ${CC} ${CFLAGS} ${CPPFLAGS} -c $< +NORMAL_C_NOP= ${CC} ${CFLAGS} ${CPPFLAGS} -fno-stack-protector -c $< NORMAL_C= ${CC} ${CFLAGS} ${CPPFLAGS} ${PROF} -c $< NORMAL_S= ${CC} ${AFLAGS} ${CPPFLAGS} ${PROF} -c $< diff --git a/sys/dev/fdt/sxirtc.c b/sys/dev/fdt/sxirtc.c index a53008796..c86967dbd 100644 --- a/sys/dev/fdt/sxirtc.c +++ b/sys/dev/fdt/sxirtc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sxirtc.c,v 1.8 2022/10/17 19:09:46 kettenis Exp $ */ +/* $OpenBSD: sxirtc.c,v 1.9 2024/01/27 11:22:16 kettenis Exp $ */ /* * Copyright (c) 2008 Mark Kettenis * Copyright (c) 2013 Artturi Alm @@ -58,6 +58,7 @@ struct sxirtc_softc { uint32_t base_year; uint32_t year_mask; uint32_t leap_shift; + int linear_day; }; int sxirtc_match(struct device *, void *, void *); @@ -85,7 +86,9 @@ sxirtc_match(struct device *parent, void *match, void *aux) OF_is_compatible(faa->fa_node, "allwinner,sun7i-a20-rtc") || OF_is_compatible(faa->fa_node, "allwinner,sun6i-a31-rtc") || OF_is_compatible(faa->fa_node, "allwinner,sun8i-h3-rtc") || - OF_is_compatible(faa->fa_node, "allwinner,sun50i-h5-rtc")); + OF_is_compatible(faa->fa_node, "allwinner,sun50i-h5-rtc") || + OF_is_compatible(faa->fa_node, "allwinner,sun50i-h616-rtc") || + OF_is_compatible(faa->fa_node, "allwinner,sun50i-r329-rtc")); } void @@ -109,7 +112,9 @@ sxirtc_attach(struct device *parent, struct device *self, void *aux) if (OF_is_compatible(faa->fa_node, "allwinner,sun6i-a31-rtc") || OF_is_compatible(faa->fa_node, "allwinner,sun8i-h3-rtc") || - OF_is_compatible(faa->fa_node, "allwinner,sun50i-h5-rtc")) { + OF_is_compatible(faa->fa_node, "allwinner,sun50i-h5-rtc") || + OF_is_compatible(faa->fa_node, "allwinner,sun50i-h616-rtc") || + OF_is_compatible(faa->fa_node, "allwinner,sun50i-r329-rtc")) { sc->sc_yymmdd = SXIRTC_YYMMDD_A31; sc->sc_hhmmss = SXIRTC_HHMMSS_A31; } else { @@ -127,6 +132,17 @@ sxirtc_attach(struct device *parent, struct device *self, void *aux) sc->leap_shift = 22; } + /* + * Newer SoCs store the number of days since a fixed epoch + * instead of YYMMDD. Take this to be the number of days + * since the Unix epoch since that is what Linux does. + */ + if (OF_is_compatible(faa->fa_node, "allwinner,sun50i-h616-rtc") || + OF_is_compatible(faa->fa_node, "allwinner,sun50i-r329-rtc")) { + sc->base_year = 1970; + sc->linear_day = 1; + } + if (OF_is_compatible(faa->fa_node, "allwinner,sun8i-h3-rtc") || OF_is_compatible(faa->fa_node, "allwinner,sun50i-h5-rtc")) { /* Switch to external oscillator. */ @@ -199,17 +215,21 @@ sxirtc_gettime(todr_chip_handle_t handle, struct timeval *tv) struct clock_ymdhms dt; uint32_t reg; + reg = SXIREAD4(sc, sc->sc_yymmdd); + if (sc->linear_day) { + clock_secs_to_ymdhms(reg * SECDAY, &dt); + } else { + dt.dt_day = reg & 0x1f; + dt.dt_mon = reg >> 8 & 0x0f; + dt.dt_year = (reg >> 16 & sc->year_mask) + sc->base_year; + } + reg = SXIREAD4(sc, sc->sc_hhmmss); dt.dt_sec = reg & 0x3f; dt.dt_min = reg >> 8 & 0x3f; dt.dt_hour = reg >> 16 & 0x1f; dt.dt_wday = reg >> 29 & 0x07; - reg = SXIREAD4(sc, sc->sc_yymmdd); - dt.dt_day = reg & 0x1f; - dt.dt_mon = reg >> 8 & 0x0f; - dt.dt_year = (reg >> 16 & sc->year_mask) + sc->base_year; - if (dt.dt_sec > 59 || dt.dt_min > 59 || dt.dt_hour > 23 || dt.dt_wday > 6 || dt.dt_day > 31 || dt.dt_day == 0 || @@ -247,10 +267,14 @@ sxirtc_settime(todr_chip_handle_t handle, struct timeval *tv) dt.dt_sec | (dt.dt_min << 8) | (dt.dt_hour << 16) | (dt.dt_wday << 29)); - SXICMS4(sc, sc->sc_yymmdd, 0x00400000 | (sc->year_mask << 16) | - 0x0f00 | 0x1f, dt.dt_day | (dt.dt_mon << 8) | - ((dt.dt_year - sc->base_year) << 16) | - (LEAPYEAR(dt.dt_year) << sc->leap_shift)); + if (sc->linear_day) { + SXICMS4(sc, sc->sc_yymmdd, 0xffff, tv->tv_sec / SECDAY); + } else { + SXICMS4(sc, sc->sc_yymmdd, 0x00400000 | (sc->year_mask << 16) | + 0x0f00 | 0x1f, dt.dt_day | (dt.dt_mon << 8) | + ((dt.dt_year - sc->base_year) << 16) | + (LEAPYEAR(dt.dt_year) << sc->leap_shift)); + } return 0; } diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 875012821..75aa39d2a 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_input.c,v 1.398 2024/01/11 13:49:49 bluhm Exp $ */ +/* $OpenBSD: tcp_input.c,v 1.399 2024/01/27 21:13:46 bluhm Exp $ */ /* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */ /* @@ -201,8 +201,8 @@ int syn_cache_add(struct sockaddr *, struct sockaddr *, struct tcphdr *, struct socket *syn_cache_get(struct sockaddr *, struct sockaddr *, struct tcphdr *, unsigned int, unsigned int, struct socket *, struct mbuf *, uint64_t); -struct syn_cache *syn_cache_lookup(struct sockaddr *, struct sockaddr *, - struct syn_cache_head **, u_int); +struct syn_cache *syn_cache_lookup(const struct sockaddr *, + const struct sockaddr *, struct syn_cache_head **, u_int); /* * Insert segment ti into reassembly queue of tcp with @@ -3109,9 +3109,9 @@ struct mutex syn_cache_mtx = MUTEX_INITIALIZER(IPL_SOFTNET); #ifndef INET6 #define SYN_HASHALL(hash, src, dst, rand) \ do { \ - hash = SYN_HASH(&satosin(src)->sin_addr, \ - satosin(src)->sin_port, \ - satosin(dst)->sin_port, (rand)); \ + hash = SYN_HASH(&satosin_const(src)->sin_addr, \ + satosin_const(src)->sin_port, \ + satosin_const(dst)->sin_port, (rand)); \ } while (/*CONSTCOND*/ 0) #else #define SYN_HASH6(sa, sp, dp, rand) \ @@ -3125,14 +3125,14 @@ do { \ do { \ switch ((src)->sa_family) { \ case AF_INET: \ - hash = SYN_HASH(&satosin(src)->sin_addr, \ - satosin(src)->sin_port, \ - satosin(dst)->sin_port, (rand)); \ + hash = SYN_HASH(&satosin_const(src)->sin_addr, \ + satosin_const(src)->sin_port, \ + satosin_const(dst)->sin_port, (rand)); \ break; \ case AF_INET6: \ - hash = SYN_HASH6(&satosin6(src)->sin6_addr, \ - satosin6(src)->sin6_port, \ - satosin6(dst)->sin6_port, (rand)); \ + hash = SYN_HASH6(&satosin6_const(src)->sin6_addr, \ + satosin6_const(src)->sin6_port, \ + satosin6_const(dst)->sin6_port, (rand)); \ break; \ default: \ hash = 0; \ @@ -3423,7 +3423,7 @@ syn_cache_cleanup(struct tcpcb *tp) * Find an entry in the syn cache. */ struct syn_cache * -syn_cache_lookup(struct sockaddr *src, struct sockaddr *dst, +syn_cache_lookup(const struct sockaddr *src, const struct sockaddr *dst, struct syn_cache_head **headp, u_int rtableid) { struct syn_cache_set *sets[2]; @@ -3709,8 +3709,8 @@ syn_cache_reset(struct sockaddr *src, struct sockaddr *dst, struct tcphdr *th, } void -syn_cache_unreach(struct sockaddr *src, struct sockaddr *dst, struct tcphdr *th, - u_int rtableid) +syn_cache_unreach(const struct sockaddr *src, const struct sockaddr *dst, + struct tcphdr *th, u_int rtableid) { struct syn_cache *sc; struct syn_cache_head *scp; diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index 6d65aa849..8b5982a01 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_subr.c,v 1.195 2024/01/11 13:49:49 bluhm Exp $ */ +/* $OpenBSD: tcp_subr.c,v 1.196 2024/01/27 21:13:46 bluhm Exp $ */ /* $NetBSD: tcp_subr.c,v 1.22 1996/02/13 23:44:00 christos Exp $ */ /* @@ -698,8 +698,8 @@ tcp6_ctlinput(int cmd, struct sockaddr *sa, u_int rdomain, void *d) } else if (inet6ctlerrmap[cmd] == EHOSTUNREACH || inet6ctlerrmap[cmd] == ENETUNREACH || inet6ctlerrmap[cmd] == EHOSTDOWN) - syn_cache_unreach((struct sockaddr *)sa6_src, - sa, &th, rdomain); + syn_cache_unreach(sin6tosa_const(sa6_src), sa, &th, + rdomain); in_pcbunref(inp); } else { in6_pcbnotify(&tcbtable, sa6, 0, diff --git a/sys/netinet/tcp_timer.c b/sys/netinet/tcp_timer.c index a2f9724f4..79863eb41 100644 --- a/sys/netinet/tcp_timer.c +++ b/sys/netinet/tcp_timer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_timer.c,v 1.74 2024/01/11 13:49:49 bluhm Exp $ */ +/* $OpenBSD: tcp_timer.c,v 1.75 2024/01/27 21:35:13 bluhm Exp $ */ /* $NetBSD: tcp_timer.c,v 1.14 1996/02/13 23:44:09 christos Exp $ */ /* @@ -198,30 +198,35 @@ void tcp_timer_rexmt(void *arg) { struct tcpcb *otp = NULL, *tp = arg; + struct inpcb *inp; uint32_t rto; short ostate; NET_LOCK(); + inp = tp->t_inpcb; + /* Ignore canceled timeouts or timeouts that have been rescheduled. */ if (!ISSET((tp)->t_flags, TF_TMR_REXMT) || timeout_pending(&tp->t_timer[TCPT_REXMT])) goto out; CLR((tp)->t_flags, TF_TMR_REXMT); - if ((tp->t_flags & TF_PMTUD_PEND) && tp->t_inpcb && + if ((tp->t_flags & TF_PMTUD_PEND) && inp && SEQ_GEQ(tp->t_pmtud_th_seq, tp->snd_una) && SEQ_LT(tp->t_pmtud_th_seq, (int)(tp->snd_una + tp->t_maxseg))) { struct sockaddr_in sin; struct icmp icmp; + /* TF_PMTUD_PEND is set in tcp_ctlinput() which is IPv4 only */ + KASSERT(!ISSET(inp->inp_flags, INP_IPV6)); tp->t_flags &= ~TF_PMTUD_PEND; /* XXX create fake icmp message with relevant entries */ icmp.icmp_nextmtu = tp->t_pmtud_nextmtu; icmp.icmp_ip.ip_len = tp->t_pmtud_ip_len; icmp.icmp_ip.ip_hl = tp->t_pmtud_ip_hl; - icmp.icmp_ip.ip_dst = tp->t_inpcb->inp_faddr; - icmp_mtudisc(&icmp, tp->t_inpcb->inp_rtableid); + icmp.icmp_ip.ip_dst = inp->inp_faddr; + icmp_mtudisc(&icmp, inp->inp_rtableid); /* * Notify all connections to the same peer about @@ -230,9 +235,9 @@ tcp_timer_rexmt(void *arg) bzero(&sin, sizeof(sin)); sin.sin_len = sizeof(sin); sin.sin_family = AF_INET; - sin.sin_addr = tp->t_inpcb->inp_faddr; - in_pcbnotifyall(&tcbtable, sintosa(&sin), - tp->t_inpcb->inp_rtableid, EMSGSIZE, tcp_mtudisc); + sin.sin_addr = inp->inp_faddr; + in_pcbnotifyall(&tcbtable, sintosa(&sin), inp->inp_rtableid, + EMSGSIZE, tcp_mtudisc); goto out; } @@ -244,7 +249,7 @@ tcp_timer_rexmt(void *arg) tp->t_softerror : ETIMEDOUT); goto out; } - if (tp->t_inpcb->inp_socket->so_options & SO_DEBUG) { + if (inp->inp_socket->so_options & SO_DEBUG) { otp = tp; ostate = tp->t_state; } @@ -265,10 +270,9 @@ tcp_timer_rexmt(void *arg) * lots more sophisticated searching to find the right * value here... */ - if (ip_mtudisc && tp->t_inpcb && + if (ip_mtudisc && inp && TCPS_HAVEESTABLISHED(tp->t_state) && tp->t_rxtshift > TCP_MAXRXTSHIFT / 6) { - struct inpcb *inp = tp->t_inpcb; struct rtentry *rt = NULL; /* No data to send means path mtu is not a problem */ @@ -319,7 +323,7 @@ tcp_timer_rexmt(void *arg) * retransmit times until then. */ if (tp->t_rxtshift > TCP_MAXRXTSHIFT / 4) { - in_losing(tp->t_inpcb); + in_losing(inp); tp->t_rttvar += (tp->t_srtt >> TCP_RTT_SHIFT); tp->t_srtt = 0; } diff --git a/sys/netinet/tcp_var.h b/sys/netinet/tcp_var.h index 6f4950679..0c5263f27 100644 --- a/sys/netinet/tcp_var.h +++ b/sys/netinet/tcp_var.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_var.h,v 1.174 2024/01/11 13:49:49 bluhm Exp $ */ +/* $OpenBSD: tcp_var.h,v 1.175 2024/01/27 21:13:46 bluhm Exp $ */ /* $NetBSD: tcp_var.h,v 1.17 1996/02/13 23:44:24 christos Exp $ */ /* @@ -799,7 +799,7 @@ int tcp_signature(struct tdb *, int, struct mbuf *, struct tcphdr *, #endif /* TCP_SIGNATURE */ void tcp_set_iss_tsm(struct tcpcb *); -void syn_cache_unreach(struct sockaddr *, struct sockaddr *, +void syn_cache_unreach(const struct sockaddr *, const struct sockaddr *, struct tcphdr *, u_int); void syn_cache_init(void); void syn_cache_cleanup(struct tcpcb *); diff --git a/sys/netinet6/in6.h b/sys/netinet6/in6.h index 936ef6c94..98384bfd3 100644 --- a/sys/netinet6/in6.h +++ b/sys/netinet6/in6.h @@ -1,4 +1,4 @@ -/* $OpenBSD: in6.h,v 1.111 2023/11/28 13:23:20 bluhm Exp $ */ +/* $OpenBSD: in6.h,v 1.112 2024/01/27 21:13:46 bluhm Exp $ */ /* $KAME: in6.h,v 1.83 2001/03/29 02:55:07 jinmei Exp $ */ /* @@ -459,6 +459,12 @@ sin6tosa(struct sockaddr_in6 *sin6) return ((struct sockaddr *)(sin6)); } +static inline const struct sockaddr * +sin6tosa_const(const struct sockaddr_in6 *sin6) +{ + return ((const struct sockaddr *)(sin6)); +} + static inline struct in6_ifaddr * ifatoia6(struct ifaddr *ifa) { diff --git a/usr.sbin/fw_update/patterns.c b/usr.sbin/fw_update/patterns.c index ec61f61ee..34154c7ce 100644 --- a/usr.sbin/fw_update/patterns.c +++ b/usr.sbin/fw_update/patterns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: patterns.c,v 1.10 2023/07/22 03:46:09 jsg Exp $ */ +/* $OpenBSD: patterns.c,v 1.11 2024/01/27 15:15:01 phessler Exp $ */ /* * Copyright (c) 1995, 1996 Christopher G. Demetriou. All rights reserved. @@ -114,6 +114,7 @@ main(void) printf("%s\n", "otus"); printf("%s\n", "pgt"); printf("%s\n", "qcpas"); + printf("%s\n", "qwx"); printf("%s\n", "radeondrm"); print_devices("radeondrm", radeon_devices, nitems(radeon_devices)); printf("%s\n", "rsu"); diff --git a/usr.sbin/snmpd/Makefile b/usr.sbin/snmpd/Makefile index dfb727169..9eb74e5dd 100644 --- a/usr.sbin/snmpd/Makefile +++ b/usr.sbin/snmpd/Makefile @@ -1,8 +1,8 @@ -# $OpenBSD: Makefile,v 1.25 2023/11/12 16:07:34 martijn Exp $ +# $OpenBSD: Makefile,v 1.26 2024/01/27 09:53:59 martijn Exp $ PROG= snmpd MAN= snmpd.8 snmpd.conf.5 -SRCS= parse.y log.c snmpe.c application.c application_blocklist.c \ +SRCS= mib.y parse.y log.c snmpe.c application.c application_blocklist.c \ application_internal.c application_agentx.c ax.c \ trap.c smi.c snmpd.c \ proc.c usm.c traphandler.c util.c @@ -16,4 +16,8 @@ CFLAGS+= -Wshadow -Wpointer-arith -Wcast-qual CFLAGS+= -Wsign-compare YFLAGS= +mib.c: mib.y + ${YACC.y} -pmib -o ${.TARGET} ${.IMPSRC} + + .include diff --git a/usr.sbin/snmpd/mib.h b/usr.sbin/snmpd/mib.h index 06774a908..fc2a42882 100644 --- a/usr.sbin/snmpd/mib.h +++ b/usr.sbin/snmpd/mib.h @@ -1,4 +1,4 @@ -/* $OpenBSD: mib.h,v 1.43 2023/12/21 13:54:05 martijn Exp $ */ +/* $OpenBSD: mib.h,v 1.44 2024/01/27 09:53:59 martijn Exp $ */ /* * Copyright (c) 2007, 2008 Reyk Floeter @@ -19,6 +19,22 @@ #ifndef SNMPD_MIB_H #define SNMPD_MIB_H +#include + +struct ber_oid; +enum mib_oidfmt { + MIB_OIDNUMERIC, + MIB_OIDSYMBOLIC +}; + +void mib_parsefile(const char *); +void mib_parsedir(const char *); +void mib_resolve(void); +void mib_clear(void); +char *mib_oid2string(struct ber_oid *, char *, size_t, + enum mib_oidfmt); +const char *mib_string2oid(const char *, struct ber_oid *); + #define MIBDECL(...) { { MIB_##__VA_ARGS__ }, \ (sizeof((uint32_t []) { MIB_##__VA_ARGS__ }) / sizeof(uint32_t))}, #__VA_ARGS__ #define MIBEND { { 0 } }, NULL diff --git a/usr.sbin/snmpd/mib.y b/usr.sbin/snmpd/mib.y new file mode 100644 index 000000000..5e18dbecc --- /dev/null +++ b/usr.sbin/snmpd/mib.y @@ -0,0 +1,2260 @@ +/* $OpenBSD: mib.y,v 1.1 2024/01/27 09:53:59 martijn Exp $ */ + +/* + * Copyright (c) 2023 Martijn van Duren + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +%{ + +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "log.h" +#include "mib.h" + +/* RFC2578 section 3.1 */ +#define DESCRIPTOR_MAX 64 + +/* Values from real life testing, could be adjusted */ +#define ITEM_MAX DESCRIPTOR_MAX +#define MODULENAME_MAX 64 +#define SYMBOLS_MAX 256 +#define IMPORTS_MAX 16 +#define TEXT_MAX 16384 + +#ifndef nitems +#define nitems(_a) (sizeof((_a)) / sizeof((_a)[0])) +#endif + +struct objidcomponent { + enum { + OCT_DESCRIPTOR, + OCT_NUMBER, + OCT_NAMEANDNUMBER + } type; + uint32_t number; + char name[DESCRIPTOR_MAX + 1]; +}; + +struct oid_unresolved { + /* Unusual to have long lists of unresolved components */ + struct objidcomponent bo_id[16]; + size_t bo_n; +}; + +struct oid_resolved { + uint32_t *bo_id; + size_t bo_n; +}; + +enum status { + CURRENT, + DEPRECATED, + OBSOLETE +}; + +enum access { + NOTACCESSIBLE, + ACCESSIBLEFORNOTIFY, + READONLY, + READWRITE, + READCREATE +}; + +struct objectidentity { + enum status status; + char *description; + char *reference; +}; + +struct objecttype { + void *syntax; + char *units; + enum access maxaccess; + enum status status; + char *description; + char *reference; + void *index; + void *defval; +}; + +struct notificationtype { + void *objects; + enum status status; + char *description; + char *reference; +}; + +struct textualconvention { + char *displayhint; + enum status status; + char *description; + char *reference; + void *syntax; +}; + +struct item { + char name[DESCRIPTOR_MAX + 1]; + enum item_type { + IT_OID, + IT_MACRO, + IT_MODULE_IDENTITY, + IT_OBJECT_IDENTITY, + IT_APPLICATIONSYNTAX, + IT_OBJECT_TYPE, + IT_NOTIFICATION_TYPE, + IT_TEXTUAL_CONVENTION, + IT_OBJECT_GROUP, + IT_NOTIFICATION_GROUP, + IT_MODULE_COMPLIANCE, + IT_AGENT_CAPABITIES + } type; + int resolved; + struct module *module; + + union { + struct oid_unresolved *oid_unresolved; + struct oid_resolved oid; + }; + + union { + struct objectidentity objectidentity; + struct objecttype objecttype; + struct notificationtype notificationtype; + struct textualconvention textualconvention; + }; + + /* Global case insensitive */ + RB_ENTRY(item) entrygci; + /* Module case insensitive */ + RB_ENTRY(item) entryci; + /* Module case sensitive */ + RB_ENTRY(item) entrycs; + /* Global oid */ + RB_ENTRY(item) entry; +}; + +struct import_symbol { + char name[DESCRIPTOR_MAX + 1]; + struct item *item; +}; + +struct import { + char name[MODULENAME_MAX + 1]; + struct module *module; + struct import_symbol symbols[SYMBOLS_MAX]; + size_t nsymbols; +}; + +static struct module { + char name[MODULENAME_MAX + 1]; + int8_t resolved; + + time_t lastupdated; + + struct import *imports; + + RB_HEAD(itemscs, item) itemscs; + RB_HEAD(itemsci, item) itemsci; + + RB_ENTRY(module) entryci; + RB_ENTRY(module) entrycs; +} *module; + +int yylex(void); +static void yyerror(const char *, ...) + __attribute__((__format__ (printf, 1, 2))); +void mib_defaults(void); +void mib_modulefree(struct module *); +int mib_imports_add(char *, char **); +int mib_oid_append(struct oid_unresolved *, + const struct objidcomponent *); +int mib_macro(const char *); +int mib_oid_concat(struct oid_unresolved *, + const struct oid_unresolved *); +struct item *mib_item(const char *, enum item_type); +int mib_item_oid(struct item *, + const struct oid_unresolved *); +int mib_macro(const char *); +int mib_applicationsyntax(const char *); +struct item *mib_oid(const char *, const struct oid_unresolved *); +int mib_moduleidentity(const char *, time_t, const char *, + const char *, const char *, const struct oid_unresolved *); +int mib_objectidentity(const char *, enum status, const char *, + const char *, const struct oid_unresolved *); +int mib_objecttype(const char *, void *, const char *, + enum access, enum status, const char *, const char *, + void *, void *, const struct oid_unresolved *); +int mib_notificationtype(const char *, void *, enum status, + const char *, const char *, const struct oid_unresolved *); +int mib_textualconvetion(const char *, const char *, enum status, + const char *, const char *, void *); +int mib_objectgroup(const char *, void *, enum status, + const char *, const char *, const struct oid_unresolved *); +int mib_notificationgroup(const char *, void *, enum status, + const char *, const char *, const struct oid_unresolved *); +int mib_modulecompliance(const char *, enum status, const char *, + const char *, void *, const struct oid_unresolved *); +struct item *mib_item_find(struct item *, const char *); +struct item *mib_item_parent(struct ber_oid *); +int mib_resolve_oid(struct oid_resolved *, + struct oid_unresolved *, struct item *); +int mib_resolve_item(struct item *); +int mib_resolve_module(struct module *); +int module_cmp_cs(struct module *, struct module *); +int module_cmp_ci(struct module *, struct module *); +int item_cmp_cs(struct item *, struct item *); +int item_cmp_ci(struct item *, struct item *); +int item_cmp_oid(struct item *, struct item *); + +RB_HEAD(modulesci, module) modulesci = RB_INITIALIZER(&modulesci); +RB_HEAD(modulescs, module) modulescs = RB_INITIALIZER(&modulescs); +RB_HEAD(items, item) items = RB_INITIALIZER(&items); +RB_HEAD(itemsgci, item) itemsci = RB_INITIALIZER(&itemsci); +/* + * Use case sensitive matching internally (for resolving IMPORTS) and + * case sensitive matching, followed by case insensitive matching + * for end-user resolving (e.g. mib_string2oid()). + * It shouldn't happen there's case-based overlap in module/item names, + * but allow all to be resolved in case there is. + */ +RB_PROTOTYPE_STATIC(modulesci, module, entryci, module_cmp_ci); +RB_PROTOTYPE_STATIC(modulescs, module, entrycs, module_cmp_cs); +/* + * mib_string2oid() should match case insensitive on: + * :: + * + */ +RB_PROTOTYPE_STATIC(itemsgci, item, entrygci, item_cmp_ci); +RB_PROTOTYPE_STATIC(itemsci, item, entryci, item_cmp_ci); +RB_PROTOTYPE_STATIC(itemscs, item, entrycs, item_cmp_cs); +RB_PROTOTYPE_STATIC(items, item, entry, item_cmp_oid); + +struct file { + FILE *stream; + const char *name; + size_t lineno; + enum { + FILE_UNDEFINED, + FILE_ASN1, + FILE_SMI2 + } state; +} file; + +typedef union { + char string[TEXT_MAX]; + unsigned long long number; + long long signednumber; + char symbollist[SYMBOLS_MAX][DESCRIPTOR_MAX + 1]; + struct objidcomponent objidcomponent; + struct oid_unresolved oid; + time_t time; + enum status status; + enum access access; +} YYSTYPE; + +%} + +%token ERROR +%token HSTRING BSTRING + +/* RFC2578 section 3.7 */ +%token ABSENT ACCESS AGENTCAPABILITIES ANY APPLICATION AUGMENTS BEGIN +%token BIT BITS BOOLEAN BY CHOICE COMPONENT COMPONENTS CONTACTINFO +%token CREATIONREQUIRES Counter32 Counter64 DEFAULT DEFINED +%token DEFINITIONS DEFVAL DESCRIPTION DISPLAYHINT END ENUMERATED +%token ENTERPRISE EXPLICIT EXPORTS EXTERNAL FALSE FROM GROUP Gauge32 +%token IDENTIFIER IMPLICIT IMPLIED IMPORTS INCLUDES INDEX INTEGER +%token Integer32 IpAddress LASTUPDATED MANDATORYGROUPS MAX MAXACCESS +%token MIN MINACCESS MINUSINFINITY MODULE MODULECOMPLIANCE MODULEIDENTITY +%token NOTIFICATIONGROUP NOTIFICATIONTYPE NOTIFICATIONS ASNNULL +%token OBJECT OBJECTGROUP OBJECTIDENTITY OBJECTTYPE OBJECTS OCTET OF +%token OPTIONAL ORGANIZATION Opaque PLUSINFINITY PRESENT PRIVATE +%token PRODUCTRELEASE REAL REFERENCE REVISION SEQUENCE SET SIZE STATUS +%token STRING SUPPORTS SYNTAX TAGS TEXTUALCONVENTION TRAPTYPE TRUE +%token TimeTicks UNITS UNIVERSAL Unsigned32 VARIABLES VARIATION WITH +%token WRITESYNTAX + +/* SMIv2 */ +%token SNMPv2SMI SNMPv2CONF SNMPv2TC + +/* X.208 */ +%token PRODUCTION RANGESEPARATOR + +%token typereference identifier TEXT HSTRING BSTRING +%token NUMBER +%token SIGNEDNUMBER +%type moduleidentifier smiv2moduleidentifier +%type symbolsfrom +%type symbollist +%type descriptor symbol +%type objidcomponentfirst objidcomponent +%type objidcomponentlist objectidentifiervalue +%type displaypart referpart unitspart +%type