diff --git a/distrib/sets/lists/comp/mi b/distrib/sets/lists/comp/mi index 4de5dcab4..091778b1d 100644 --- a/distrib/sets/lists/comp/mi +++ b/distrib/sets/lists/comp/mi @@ -1151,6 +1151,7 @@ ./usr/include/openssl/pkcs12.h ./usr/include/openssl/pkcs7.h ./usr/include/openssl/poly1305.h +./usr/include/openssl/posix_time.h ./usr/include/openssl/rand.h ./usr/include/openssl/rc2.h ./usr/include/openssl/rc4.h diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index 2ac252aab..0ddf74246 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.167 2024/01/27 17:14:33 tb Exp $ +# $OpenBSD: Makefile,v 1.168 2024/02/18 16:28:37 tb Exp $ LIB= crypto LIBREBUILD=y @@ -705,6 +705,7 @@ HDRS=\ ${LCRYPTO_SRC}/aes/aes.h \ ${LCRYPTO_SRC}/asn1/asn1.h \ ${LCRYPTO_SRC}/asn1/asn1t.h \ + ${LCRYPTO_SRC}/asn1/posix_time.h \ ${LCRYPTO_SRC}/bf/blowfish.h \ ${LCRYPTO_SRC}/bio/bio.h \ ${LCRYPTO_SRC}/bn/bn.h \ diff --git a/lib/libcrypto/Symbols.namespace b/lib/libcrypto/Symbols.namespace index 08f070e79..62d6b5a3a 100644 --- a/lib/libcrypto/Symbols.namespace +++ b/lib/libcrypto/Symbols.namespace @@ -2645,3 +2645,7 @@ _libre_i2d_DHparams _libre_DHparams_print_fp _libre_DHparams_print _libre_ERR_load_DH_strings +_libre_OPENSSL_gmtime +_libre_OPENSSL_timegm +_libre_OPENSSL_posix_to_tm +_libre_OPENSSL_tm_to_posix diff --git a/lib/libcrypto/asn1/a_time_posix.c b/lib/libcrypto/asn1/a_time_posix.c index 5d10d21d3..d4439b470 100644 --- a/lib/libcrypto/asn1/a_time_posix.c +++ b/lib/libcrypto/asn1/a_time_posix.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_time_posix.c,v 1.4 2023/11/13 12:46:07 beck Exp $ */ +/* $OpenBSD: a_time_posix.c,v 1.5 2024/02/18 16:28:38 tb Exp $ */ /* * Copyright (c) 2022, Google Inc. * Copyright (c) 2022, Bob Beck @@ -23,10 +23,14 @@ #include #include +#include #include #include #include +#include + +#include "crypto_internal.h" #define SECS_PER_HOUR (int64_t)(60 * 60) #define SECS_PER_DAY (int64_t)(24 * SECS_PER_HOUR) @@ -36,7 +40,7 @@ * to 9999? */ static int -is_valid_date(int year, int month, int day) +is_valid_date(int64_t year, int64_t month, int64_t day) { int days_in_month; if (day < 1 || month < 1 || year < 0 || year > 9999) @@ -80,13 +84,16 @@ is_valid_time(int hours, int minutes, int seconds) minutes <= 59 && seconds <= 59; } +/* 0000-01-01 00:00:00 UTC */ +#define MIN_POSIX_TIME INT64_C(-62167219200) +/* 9999-12-31 23:59:59 UTC */ +#define MAX_POSIX_TIME INT64_C(253402300799) + /* Is a int64 time representing a time within our expected range? */ static int -is_valid_epoch_time(int64_t time) +is_valid_posix_time(int64_t time) { - /* 0000-01-01 00:00:00 UTC to 9999-12-31 23:59:59 UTC */ - return (int64_t)-62167219200LL <= time && - time <= (int64_t)253402300799LL; + return MIN_POSIX_TIME <= time && time <= MAX_POSIX_TIME; } /* @@ -95,8 +102,8 @@ is_valid_epoch_time(int64_t time) * (Public Domain) */ static int -posix_time_from_utc(int year, int month, int day, int hours, int minutes, - int seconds, int64_t *out_time) +posix_time_from_utc(int64_t year, int64_t month, int64_t day, int64_t hours, + int64_t minutes, int64_t seconds, int64_t *out_time) { int64_t era, year_of_era, day_of_year, day_of_era, posix_days; @@ -132,7 +139,7 @@ utc_from_posix_time(int64_t time, int *out_year, int *out_month, int *out_day, int64_t days, leftover_seconds, era, day_of_era, year_of_era, day_of_year, month_of_year; - if (!is_valid_epoch_time(time)) + if (!is_valid_posix_time(time)) return 0; days = time / SECS_PER_DAY; @@ -167,40 +174,41 @@ utc_from_posix_time(int64_t time, int *out_year, int *out_month, int *out_day, return 1; } -static int -asn1_time_tm_to_posix(const struct tm *tm, int64_t *out) +int +OPENSSL_tm_to_posix(const struct tm *tm, int64_t *out) { - /* Ensure additions below do not overflow */ - if (tm->tm_year > 9999) - return 0; - if (tm->tm_mon > 12) - return 0; - - return posix_time_from_utc(tm->tm_year + 1900, tm->tm_mon + 1, - tm->tm_mday, tm->tm_hour, tm->tm_min, tm->tm_sec, out); + return posix_time_from_utc(tm->tm_year + (int64_t)1900, + tm->tm_mon + (int64_t)1, tm->tm_mday, tm->tm_hour, tm->tm_min, + tm->tm_sec, out); } +LCRYPTO_ALIAS(OPENSSL_tm_to_posix); -static int -asn1_time_posix_to_tm(int64_t time, struct tm *out_tm) +int +OPENSSL_posix_to_tm(int64_t time, struct tm *out_tm) { - memset(out_tm, 0, sizeof(struct tm)); - if (!utc_from_posix_time(time, &out_tm->tm_year, &out_tm->tm_mon, - &out_tm->tm_mday, &out_tm->tm_hour, &out_tm->tm_min, - &out_tm->tm_sec)) + struct tm tmp_tm = {0}; + + memset(out_tm, 0, sizeof(*out_tm)); + + if (!utc_from_posix_time(time, &tmp_tm.tm_year, &tmp_tm.tm_mon, + &tmp_tm.tm_mday, &tmp_tm.tm_hour, &tmp_tm.tm_min, &tmp_tm.tm_sec)) return 0; - out_tm->tm_year -= 1900; - out_tm->tm_mon -= 1; + tmp_tm.tm_year -= 1900; + tmp_tm.tm_mon -= 1; + + *out_tm = tmp_tm; return 1; } +LCRYPTO_ALIAS(OPENSSL_posix_to_tm); int asn1_time_tm_to_time_t(const struct tm *tm, time_t *out) { int64_t posix_time; - if (!asn1_time_tm_to_posix(tm, &posix_time)) + if (!OPENSSL_tm_to_posix(tm, &posix_time)) return 0; #ifdef SMALL_TIME_T @@ -219,7 +227,7 @@ asn1_time_time_t_to_tm(const time_t *time, struct tm *out_tm) { int64_t posix_time = *time; - return asn1_time_posix_to_tm(posix_time, out_tm); + return OPENSSL_posix_to_tm(posix_time, out_tm); } int @@ -236,28 +244,29 @@ OPENSSL_gmtime(const time_t *time, struct tm *out_tm) { } LCRYPTO_ALIAS(OPENSSL_gmtime); +/* Public API in OpenSSL. BoringSSL uses int64_t instead of long. */ int -OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec) +OPENSSL_gmtime_adj(struct tm *tm, int offset_day, int64_t offset_sec) { int64_t posix_time; - /* Ensure additions below do not overflow */ - if (tm->tm_year > 9999) - return 0; - if (tm->tm_mon > 12) + if (!OPENSSL_tm_to_posix(tm, &posix_time)) return 0; - if (!posix_time_from_utc(tm->tm_year + 1900, tm->tm_mon + 1, - tm->tm_mday, tm->tm_hour, tm->tm_min, tm->tm_sec, &posix_time)) - return 0; + CTASSERT(INT_MAX <= INT64_MAX / SECS_PER_DAY); + CTASSERT(MAX_POSIX_TIME <= INT64_MAX - INT_MAX * SECS_PER_DAY); + CTASSERT(MIN_POSIX_TIME >= INT64_MIN - INT_MIN * SECS_PER_DAY); - if (!utc_from_posix_time(posix_time + off_day * SECS_PER_DAY + - offset_sec, &tm->tm_year, &tm->tm_mon, &tm->tm_mday, &tm->tm_hour, - &tm->tm_min, &tm->tm_sec)) - return 0; + posix_time += offset_day * SECS_PER_DAY; - tm->tm_year -= 1900; - tm->tm_mon -= 1; + if (posix_time > 0 && offset_sec > INT64_MAX - posix_time) + return 0; + if (posix_time < 0 && offset_sec < INT64_MIN - posix_time) + return 0; + posix_time += offset_sec; + + if (!OPENSSL_posix_to_tm(posix_time, tm)) + return 0; return 1; } @@ -268,20 +277,17 @@ OPENSSL_gmtime_diff(int *out_days, int *out_secs, const struct tm *from, { int64_t time_to, time_from, timediff, daydiff; - if (!posix_time_from_utc(to->tm_year + 1900, to->tm_mon + 1, - to->tm_mday, to->tm_hour, to->tm_min, to->tm_sec, &time_to)) + if (!OPENSSL_tm_to_posix(to, &time_to) || + !OPENSSL_tm_to_posix(from, &time_from)) return 0; - if (!posix_time_from_utc(from->tm_year + 1900, from->tm_mon + 1, - from->tm_mday, from->tm_hour, from->tm_min, - from->tm_sec, &time_from)) - return 0; + /* Times are in range, so these calculations cannot overflow. */ + CTASSERT(SECS_PER_DAY <= INT_MAX); + CTASSERT((MAX_POSIX_TIME - MIN_POSIX_TIME) / SECS_PER_DAY <= INT_MAX); timediff = time_to - time_from; daydiff = timediff / SECS_PER_DAY; timediff %= SECS_PER_DAY; - if (daydiff > INT_MAX || daydiff < INT_MIN) - return 0; *out_secs = timediff; *out_days = daydiff; diff --git a/lib/libcrypto/asn1/asn1.h b/lib/libcrypto/asn1/asn1.h index d876b25b0..cf288e506 100644 --- a/lib/libcrypto/asn1/asn1.h +++ b/lib/libcrypto/asn1/asn1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1.h,v 1.82 2023/12/16 12:25:02 tb Exp $ */ +/* $OpenBSD: asn1.h,v 1.83 2024/02/18 16:28:38 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -915,11 +915,6 @@ int SMIME_text(BIO *in, BIO *out); void ERR_load_ASN1_strings(void); -#if defined(LIBRESSL_INTERNAL) || defined(LIBRESSL_NEXT_API) -int OPENSSL_timegm(const struct tm *tm, time_t *out); -struct tm *OPENSSL_gmtime(const time_t *time, struct tm *out_tm); -#endif - /* Error codes for the ASN1 functions. */ /* Function codes. */ diff --git a/lib/libcrypto/asn1/asn1_local.h b/lib/libcrypto/asn1/asn1_local.h index 499e16027..a5478faa0 100644 --- a/lib/libcrypto/asn1/asn1_local.h +++ b/lib/libcrypto/asn1/asn1_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1_local.h,v 1.7 2024/01/06 20:47:01 tb Exp $ */ +/* $OpenBSD: asn1_local.h,v 1.8 2024/02/18 16:28:38 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -160,7 +160,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp); ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, long length); -int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec); +int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, int64_t offset_sec); int OPENSSL_gmtime_diff(int *pday, int *psec, const struct tm *from, const struct tm *to); int asn1_time_time_t_to_tm(const time_t *time, struct tm *out_tm); diff --git a/lib/libcrypto/asn1/p5_pbev2.c b/lib/libcrypto/asn1/p5_pbev2.c index 8b6d1929b..8ee752c02 100644 --- a/lib/libcrypto/asn1/p5_pbev2.c +++ b/lib/libcrypto/asn1/p5_pbev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p5_pbev2.c,v 1.30 2023/07/07 19:37:52 beck Exp $ */ +/* $OpenBSD: p5_pbev2.c,v 1.31 2024/02/18 15:44:10 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999-2004. */ @@ -218,7 +218,7 @@ PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, unsigned char *salt, arc4random_buf(iv, EVP_CIPHER_iv_length(cipher)); } - EVP_CIPHER_CTX_init(&ctx); + EVP_CIPHER_CTX_legacy_clear(&ctx); /* Dummy cipherinit to just setup the IV, and PRF */ if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0)) diff --git a/lib/libcrypto/asn1/posix_time.h b/lib/libcrypto/asn1/posix_time.h new file mode 100644 index 000000000..82b3f30bc --- /dev/null +++ b/lib/libcrypto/asn1/posix_time.h @@ -0,0 +1,54 @@ +/* $OpenBSD: posix_time.h,v 1.1 2024/02/18 16:28:38 tb Exp $ */ +/* + * Copyright (c) 2022, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef OPENSSL_HEADER_POSIX_TIME_H +#define OPENSSL_HEADER_POSIX_TIME_H + +#include +#include + +#if defined(__cplusplus) +extern "C" { +#endif + +/* + * OPENSSL_posix_to_tm converts a int64_t POSIX time value in |time|, which must + * be in the range of year 0000 to 9999, to a broken out time value in |tm|. It + * returns one on success and zero on error. + */ +int OPENSSL_posix_to_tm(int64_t time, struct tm *out_tm); + +/* + * OPENSSL_tm_to_posix converts a time value between the years 0 and 9999 in + * |tm| to a POSIX time value in |out|. One is returned on success, zero is + * returned on failure. It is a failure if |tm| contains out of range values. + */ +int OPENSSL_tm_to_posix(const struct tm *tm, int64_t *out); + +/* + * OPENSSL_timegm converts a time value between the years 0 and 9999 in |tm| to + * a time_t value in |out|. One is returned on success, zero is returned on + * failure. It is a failure if the converted time can not be represented in a + * time_t, or if the tm contains out of range values. + */ +int OPENSSL_timegm(const struct tm *tm, time_t *out); + +#if defined(__cplusplus) +} /* extern C */ +#endif + +#endif /* OPENSSL_HEADER_POSIX_TIME_H */ diff --git a/lib/libcrypto/crypto.h b/lib/libcrypto/crypto.h index 07a55ec1f..47e7eff37 100644 --- a/lib/libcrypto/crypto.h +++ b/lib/libcrypto/crypto.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.h,v 1.63 2023/07/28 10:19:20 tb Exp $ */ +/* $OpenBSD: crypto.h,v 1.64 2024/02/18 16:28:37 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * @@ -522,6 +522,14 @@ int CRYPTO_memcmp(const void *a, const void *b, size_t len); int OPENSSL_init_crypto(uint64_t opts, const void *settings); void OPENSSL_cleanup(void); +/* + * OpenSSL helpfully put OPENSSL_gmtime() here because all other time related + * functions are in asn1.h. + */ +#if defined(LIBRESSL_INTERNAL) || defined(LIBRESSL_NEXT_API) +struct tm *OPENSSL_gmtime(const time_t *time, struct tm *out_tm); +#endif + void ERR_load_CRYPTO_strings(void); /* Error codes for the CRYPTO functions. */ diff --git a/lib/libcrypto/evp/bio_enc.c b/lib/libcrypto/evp/bio_enc.c index d2132adb4..dd3840074 100644 --- a/lib/libcrypto/evp/bio_enc.c +++ b/lib/libcrypto/evp/bio_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bio_enc.c,v 1.29 2023/07/07 19:37:53 beck Exp $ */ +/* $OpenBSD: bio_enc.c,v 1.30 2024/02/18 15:44:10 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -115,7 +115,7 @@ enc_new(BIO *bi) ctx = malloc(sizeof(BIO_ENC_CTX)); if (ctx == NULL) return (0); - EVP_CIPHER_CTX_init(&ctx->cipher); + EVP_CIPHER_CTX_legacy_clear(&ctx->cipher); ctx->buf_len = 0; ctx->buf_off = 0; @@ -360,7 +360,7 @@ again: case BIO_CTRL_DUP: dbio = (BIO *)ptr; dctx = (BIO_ENC_CTX *)dbio->ptr; - EVP_CIPHER_CTX_init(&dctx->cipher); + EVP_CIPHER_CTX_legacy_clear(&dctx->cipher); ret = EVP_CIPHER_CTX_copy(&dctx->cipher, &ctx->cipher); if (ret) dbio->init = 1; diff --git a/lib/libcrypto/evp/evp.h b/lib/libcrypto/evp/evp.h index bbc9c3540..4acd9facb 100644 --- a/lib/libcrypto/evp/evp.h +++ b/lib/libcrypto/evp/evp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: evp.h,v 1.120 2023/10/18 17:26:06 tb Exp $ */ +/* $OpenBSD: evp.h,v 1.121 2024/02/18 15:47:48 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -472,7 +472,9 @@ int EVP_Cipher(EVP_CIPHER_CTX *c, unsigned char *out, const unsigned char *in, EVP_MD_CTX *EVP_MD_CTX_new(void); void EVP_MD_CTX_free(EVP_MD_CTX *ctx); +#ifndef LIBRESSL_INTERNAL void EVP_MD_CTX_init(EVP_MD_CTX *ctx); +#endif int EVP_MD_CTX_reset(EVP_MD_CTX *ctx); EVP_MD_CTX *EVP_MD_CTX_create(void); void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); @@ -584,7 +586,9 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl); int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n); +#ifndef LIBRESSL_INTERNAL void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); +#endif int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void); void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a); diff --git a/lib/libcrypto/evp/evp_cipher.c b/lib/libcrypto/evp/evp_cipher.c index abdc33eac..12fa6e1d2 100644 --- a/lib/libcrypto/evp/evp_cipher.c +++ b/lib/libcrypto/evp/evp_cipher.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_cipher.c,v 1.17 2024/01/30 17:41:01 tb Exp $ */ +/* $OpenBSD: evp_cipher.c,v 1.19 2024/02/18 15:53:54 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -615,7 +615,13 @@ EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) { - memset(ctx, 0, sizeof(EVP_CIPHER_CTX)); + memset(ctx, 0, sizeof(*ctx)); +} + +void +EVP_CIPHER_CTX_legacy_clear(EVP_CIPHER_CTX *ctx) +{ + memset(ctx, 0, sizeof(*ctx)); } int diff --git a/lib/libcrypto/evp/evp_digest.c b/lib/libcrypto/evp/evp_digest.c index 9d8d94afb..3a349ad0e 100644 --- a/lib/libcrypto/evp/evp_digest.c +++ b/lib/libcrypto/evp/evp_digest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_digest.c,v 1.8 2024/01/30 17:41:01 tb Exp $ */ +/* $OpenBSD: evp_digest.c,v 1.10 2024/02/18 15:45:42 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -123,7 +123,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) { - EVP_MD_CTX_init(ctx); + EVP_MD_CTX_legacy_clear(ctx); return EVP_DigestInit_ex(ctx, type, NULL); } @@ -207,7 +207,7 @@ EVP_Digest(const void *data, size_t count, EVP_MD_CTX ctx; int ret; - EVP_MD_CTX_init(&ctx); + EVP_MD_CTX_legacy_clear(&ctx); EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT); ret = EVP_DigestInit_ex(&ctx, type, NULL) && EVP_DigestUpdate(&ctx, data, count) && @@ -252,6 +252,12 @@ EVP_MD_CTX_init(EVP_MD_CTX *ctx) memset(ctx, 0, sizeof(*ctx)); } +void +EVP_MD_CTX_legacy_clear(EVP_MD_CTX *ctx) +{ + memset(ctx, 0, sizeof(*ctx)); +} + int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) { @@ -288,7 +294,7 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) { - EVP_MD_CTX_init(out); + EVP_MD_CTX_legacy_clear(out); return EVP_MD_CTX_copy_ex(out, in); } diff --git a/lib/libcrypto/evp/evp_key.c b/lib/libcrypto/evp/evp_key.c index 1f3d75826..f51584b84 100644 --- a/lib/libcrypto/evp/evp_key.c +++ b/lib/libcrypto/evp/evp_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_key.c,v 1.33 2024/01/05 10:18:52 tb Exp $ */ +/* $OpenBSD: evp_key.c,v 1.34 2024/02/18 15:45:42 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -156,7 +156,7 @@ EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, if (data == NULL) return nkey; - EVP_MD_CTX_init(&c); + EVP_MD_CTX_legacy_clear(&c); for (;;) { if (!EVP_DigestInit_ex(&c, md, NULL)) goto err; diff --git a/lib/libcrypto/evp/evp_local.h b/lib/libcrypto/evp/evp_local.h index f81a8d608..65d23547b 100644 --- a/lib/libcrypto/evp/evp_local.h +++ b/lib/libcrypto/evp/evp_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_local.h,v 1.14 2024/01/27 23:34:18 tb Exp $ */ +/* $OpenBSD: evp_local.h,v 1.16 2024/02/18 15:43:21 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -377,6 +377,9 @@ int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str); int EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hex); int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md_name); +void EVP_CIPHER_CTX_legacy_clear(EVP_CIPHER_CTX *ctx); +void EVP_MD_CTX_legacy_clear(EVP_MD_CTX *ctx); + __END_HIDDEN_DECLS #endif /* !HEADER_EVP_LOCAL_H */ diff --git a/lib/libcrypto/evp/evp_pbe.c b/lib/libcrypto/evp/evp_pbe.c index bb0c227ae..eb8d5c415 100644 --- a/lib/libcrypto/evp/evp_pbe.c +++ b/lib/libcrypto/evp/evp_pbe.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_pbe.c,v 1.41 2024/02/01 17:11:58 tb Exp $ */ +/* $OpenBSD: evp_pbe.c,v 1.42 2024/02/18 15:45:42 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -266,7 +266,7 @@ PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, else if (passlen == -1) passlen = strlen(pass); - EVP_MD_CTX_init(&ctx); + EVP_MD_CTX_legacy_clear(&ctx); if (!EVP_DigestInit_ex(&ctx, md, NULL)) goto err; diff --git a/lib/libcrypto/evp/m_sigver.c b/lib/libcrypto/evp/m_sigver.c index 3ce7f7e2a..a72671ed9 100644 --- a/lib/libcrypto/evp/m_sigver.c +++ b/lib/libcrypto/evp/m_sigver.c @@ -1,4 +1,4 @@ -/* $OpenBSD: m_sigver.c,v 1.14 2023/11/29 21:35:57 tb Exp $ */ +/* $OpenBSD: m_sigver.c,v 1.15 2024/02/18 15:45:42 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -171,7 +171,7 @@ EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen) EVP_MD_CTX tmp_ctx; unsigned char md[EVP_MAX_MD_SIZE]; unsigned int mdlen = 0; - EVP_MD_CTX_init(&tmp_ctx); + EVP_MD_CTX_legacy_clear(&tmp_ctx); if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) return 0; if (sctx) @@ -228,7 +228,7 @@ EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen) vctx = 1; else vctx = 0; - EVP_MD_CTX_init(&tmp_ctx); + EVP_MD_CTX_legacy_clear(&tmp_ctx); if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) return -1; if (vctx) { diff --git a/lib/libcrypto/evp/p_legacy.c b/lib/libcrypto/evp/p_legacy.c index f73a6a9da..2036258dc 100644 --- a/lib/libcrypto/evp/p_legacy.c +++ b/lib/libcrypto/evp/p_legacy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p_legacy.c,v 1.2 2023/12/20 13:52:17 tb Exp $ */ +/* $OpenBSD: p_legacy.c,v 1.3 2024/02/18 15:44:10 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -99,7 +99,7 @@ EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, int i, size = 0, ret = 0; if (type) { - EVP_CIPHER_CTX_init(ctx); + EVP_CIPHER_CTX_legacy_clear(ctx); if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL)) return 0; } @@ -154,7 +154,7 @@ EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek, int i, iv_len; if (type) { - EVP_CIPHER_CTX_init(ctx); + EVP_CIPHER_CTX_legacy_clear(ctx); if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL)) return 0; } diff --git a/lib/libcrypto/evp/p_sign.c b/lib/libcrypto/evp/p_sign.c index f7c21178a..f6d6e12a3 100644 --- a/lib/libcrypto/evp/p_sign.c +++ b/lib/libcrypto/evp/p_sign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p_sign.c,v 1.19 2023/07/07 19:37:54 beck Exp $ */ +/* $OpenBSD: p_sign.c,v 1.20 2024/02/18 15:45:42 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -77,7 +77,7 @@ EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, int ret = 0; *siglen = 0; - EVP_MD_CTX_init(&tmp_ctx); + EVP_MD_CTX_legacy_clear(&tmp_ctx); if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) goto err; if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len)) diff --git a/lib/libcrypto/evp/p_verify.c b/lib/libcrypto/evp/p_verify.c index da7ab5425..ed9b3700f 100644 --- a/lib/libcrypto/evp/p_verify.c +++ b/lib/libcrypto/evp/p_verify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p_verify.c,v 1.18 2023/07/07 19:37:54 beck Exp $ */ +/* $OpenBSD: p_verify.c,v 1.19 2024/02/18 15:45:42 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -75,7 +75,7 @@ EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, EVP_PKEY_CTX *pkctx = NULL; int ret = 0; - EVP_MD_CTX_init(&tmp_ctx); + EVP_MD_CTX_legacy_clear(&tmp_ctx); if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) goto err; if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len)) diff --git a/lib/libcrypto/hidden/openssl/posix_time.h b/lib/libcrypto/hidden/openssl/posix_time.h new file mode 100644 index 000000000..306d43eae --- /dev/null +++ b/lib/libcrypto/hidden/openssl/posix_time.h @@ -0,0 +1,32 @@ +/* $OpenBSD: posix_time.h,v 1.1 2024/02/18 16:28:38 tb Exp $ */ +/* + * Copyright (c) 2024 Bob Beck + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef _LIBCRYPTO_POSIX_TIME_H +#define _LIBCRYPTO_POSIX_TIME_H + +#ifndef _MSC_VER +#include_next +#else +#include "../include/openssl/posix_time.h" +#endif +#include "crypto_namespace.h" + +LCRYPTO_USED(OPENSSL_posix_to_tm); +LCRYPTO_USED(OPENSSL_tm_to_posix); +LCRYPTO_USED(OPENSSL_timegm); + +#endif /* _LIBCRYPTO_POSIX_TIME_H */ diff --git a/lib/libcrypto/hmac/hmac.c b/lib/libcrypto/hmac/hmac.c index ea3a1b4a4..32d75154d 100644 --- a/lib/libcrypto/hmac/hmac.c +++ b/lib/libcrypto/hmac/hmac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hmac.c,v 1.31 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: hmac.c,v 1.32 2024/02/18 15:45:42 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -214,9 +214,9 @@ HMAC_CTX_reset(HMAC_CTX *ctx) void HMAC_CTX_init(HMAC_CTX *ctx) { - EVP_MD_CTX_init(&ctx->i_ctx); - EVP_MD_CTX_init(&ctx->o_ctx); - EVP_MD_CTX_init(&ctx->md_ctx); + EVP_MD_CTX_legacy_clear(&ctx->i_ctx); + EVP_MD_CTX_legacy_clear(&ctx->o_ctx); + EVP_MD_CTX_legacy_clear(&ctx->md_ctx); ctx->md = NULL; } diff --git a/lib/libcrypto/man/ASN1_TIME_set.3 b/lib/libcrypto/man/ASN1_TIME_set.3 index cf8dadbb3..b5ed51567 100644 --- a/lib/libcrypto/man/ASN1_TIME_set.3 +++ b/lib/libcrypto/man/ASN1_TIME_set.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ASN1_TIME_set.3,v 1.21 2023/11/16 14:20:49 tb Exp $ +.\" $OpenBSD: ASN1_TIME_set.3,v 1.22 2024/02/18 16:30:17 tb Exp $ .\" full merge up to: OpenSSL 3d0f1cb9 Jul 11 03:01:24 2017 +0800 .\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 .\" @@ -68,7 +68,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: November 16 2023 $ +.Dd $Mdocdate: February 18 2024 $ .Dt ASN1_TIME_SET 3 .Os .Sh NAME @@ -96,7 +96,9 @@ .Nm ASN1_TIME_compare , .Nm ASN1_TIME_to_generalizedtime , .Nm OPENSSL_gmtime , -.Nm OPENSSL_timegm +.Nm OPENSSL_timegm , +.Nm OPENSSL_posix_to_tm , +.Nm OPENSSL_tm_to_posix .Nd ASN.1 Time functions .Sh SYNOPSIS .In openssl/asn1.h @@ -219,16 +221,28 @@ .Fa "const ASN1_TIME *t" .Fa "ASN1_GENERALIZEDTIME **out" .Fc +.In openssl/crypto.h .Ft struct tm * .Fo OPENSSL_gmtime .Fa "const time_t *time" .Fa "struct tm *out_tm" .Fc +.In openssl/posix_time.h .Ft int .Fo OPENSSL_timegm .Fa "const struct tm *tm" .Fa "time_t *out_time" .Fc +.Ft int +.Fo OPENSSL_posix_to_tm +.Fa "int64_t time" +.Fa "struct tm *out_tm" +.Fc +.Ft int +.Fo OPENSSL_tm_to_posix +.Fa "struct tm *t_tm" +.Fa "int64_t *out" +.Fc .Sh DESCRIPTION An .Vt ASN1_TIME @@ -529,6 +543,21 @@ converts a time structure in UTC time in .Fa tm to a time_t value in .Fa out_time . +.Pp +.Fn OPENSSL_posix_to_tm +converts an +.Vt int64_t +POSIX time value in +.Fa time , +which must be in the range of year 0 to 9999, +to a broken out time value in +.Fa tm . +.Pp +.Fn OPENSSL_tm_to_posix +converts a time value between the years 0 and 9999 in +.Fa tm +to a POSIX time value in +.Fa out . .Sh RETURN VALUES .Fn ASN1_TIME_set , .Fn ASN1_UTCTIME_set , @@ -599,6 +628,12 @@ returns on success or NULL for failure. It can fail if the time is not representable in a struct tm, or falls outside the range allowed in RFC 5280 times. +.Pp +.Fn OPENSSL_posix_to_tm +and +.Fn OPENSSL_tm_to_posix +return 1 for success or 0 on failure. +It is a failure if the year is less than 0 or more than 9999. .Sh EXAMPLES Set a time object to one hour after the current time and print it out: @@ -690,9 +725,13 @@ first appeared in OpenSSL 1.1.1 and have been available since .Ox 7.2 . .Pp .Fn OPENSSL_gmtime +first appeared in OpenSSL 0.9.7. +.Fn OPENSSL_timegm , +.Fn OPENSSL_posix_to_tm , and -.Fn OPENSSL_timegm -first appeared in BoringSSL and have been available since +.Fn OPENSSL_tm_to_posix +first appeared in BoringSSL; +all these functions have been available since .Ox 7.5 . .Sh CAVEATS Some applications add offset times directly to a diff --git a/lib/libcrypto/pem/pem_lib.c b/lib/libcrypto/pem/pem_lib.c index d4e6599a7..30db092c3 100644 --- a/lib/libcrypto/pem/pem_lib.c +++ b/lib/libcrypto/pem/pem_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pem_lib.c,v 1.55 2023/11/29 21:35:57 tb Exp $ */ +/* $OpenBSD: pem_lib.c,v 1.56 2024/02/18 15:44:10 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -412,7 +412,7 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x, PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv); /* k=strlen(buf); */ - EVP_CIPHER_CTX_init(&ctx); + EVP_CIPHER_CTX_legacy_clear(&ctx); ret = 1; if (!EVP_EncryptInit_ex(&ctx, enc, NULL, key, iv) || !EVP_EncryptUpdate(&ctx, data, &j, data, i) || @@ -466,7 +466,7 @@ PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, return 0; j = (int)len; - EVP_CIPHER_CTX_init(&ctx); + EVP_CIPHER_CTX_legacy_clear(&ctx); o = EVP_DecryptInit_ex(&ctx, cipher->cipher, NULL, key, &(cipher->iv[0])); if (o) diff --git a/lib/libcrypto/pem/pvkfmt.c b/lib/libcrypto/pem/pvkfmt.c index 816d8b7dc..40c9feefe 100644 --- a/lib/libcrypto/pem/pvkfmt.c +++ b/lib/libcrypto/pem/pvkfmt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pvkfmt.c,v 1.27 2023/07/07 13:40:44 beck Exp $ */ +/* $OpenBSD: pvkfmt.c,v 1.28 2024/02/18 15:45:42 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ @@ -713,7 +713,7 @@ derive_pvk_key(unsigned char *key, const unsigned char *salt, EVP_MD_CTX mctx; int rv = 1; - EVP_MD_CTX_init(&mctx); + EVP_MD_CTX_legacy_clear(&mctx); if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL) || !EVP_DigestUpdate(&mctx, salt, saltlen) || !EVP_DigestUpdate(&mctx, pass, passlen) || diff --git a/lib/libcrypto/pkcs12/p12_decr.c b/lib/libcrypto/pkcs12/p12_decr.c index ea7f6a5ff..04818acd1 100644 --- a/lib/libcrypto/pkcs12/p12_decr.c +++ b/lib/libcrypto/pkcs12/p12_decr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p12_decr.c,v 1.24 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: p12_decr.c,v 1.25 2024/02/18 15:44:10 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -77,7 +77,7 @@ PKCS12_pbe_crypt(const X509_ALGOR *algor, const char *pass, int passlen, int outlen, i; EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); + EVP_CIPHER_CTX_legacy_clear(&ctx); /* Decrypt data */ if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen, algor->parameter, &ctx, en_de)) { diff --git a/lib/libcrypto/pkcs7/pk7_doit.c b/lib/libcrypto/pkcs7/pk7_doit.c index 607daea1a..aa7c1958e 100644 --- a/lib/libcrypto/pkcs7/pk7_doit.c +++ b/lib/libcrypto/pkcs7/pk7_doit.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pk7_doit.c,v 1.55 2024/01/25 13:44:08 tb Exp $ */ +/* $OpenBSD: pk7_doit.c,v 1.56 2024/02/18 15:45:42 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -711,7 +711,7 @@ PKCS7_dataFinal(PKCS7 *p7, BIO *bio) return 0; } - EVP_MD_CTX_init(&ctx_tmp); + EVP_MD_CTX_legacy_clear(&ctx_tmp); i = OBJ_obj2nid(p7->type); p7->state = PKCS7_S_HEADER; @@ -879,7 +879,7 @@ PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) if (md == NULL) return 0; - EVP_MD_CTX_init(&mctx); + EVP_MD_CTX_legacy_clear(&mctx); if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0) goto err; @@ -997,7 +997,7 @@ PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, X509 *x509) BIO *btmp; EVP_PKEY *pkey; - EVP_MD_CTX_init(&mdc_tmp); + EVP_MD_CTX_legacy_clear(&mdc_tmp); if (!PKCS7_type_is_signed(p7) && !PKCS7_type_is_signedAndEnveloped(p7)) { diff --git a/lib/libcrypto/rsa/rsa_oaep.c b/lib/libcrypto/rsa/rsa_oaep.c index 9266d2a86..38c9b478e 100644 --- a/lib/libcrypto/rsa/rsa_oaep.c +++ b/lib/libcrypto/rsa/rsa_oaep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_oaep.c,v 1.37 2023/07/08 12:26:45 beck Exp $ */ +/* $OpenBSD: rsa_oaep.c,v 1.38 2024/02/18 15:45:42 tb Exp $ */ /* * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. * @@ -331,7 +331,7 @@ PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed, int mdlen; int rv = -1; - EVP_MD_CTX_init(&c); + EVP_MD_CTX_legacy_clear(&c); mdlen = EVP_MD_size(dgst); if (mdlen < 0) goto err; diff --git a/lib/libcrypto/rsa/rsa_pss.c b/lib/libcrypto/rsa/rsa_pss.c index 0860409be..6670866ff 100644 --- a/lib/libcrypto/rsa/rsa_pss.c +++ b/lib/libcrypto/rsa/rsa_pss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_pss.c,v 1.17 2023/07/08 12:26:45 beck Exp $ */ +/* $OpenBSD: rsa_pss.c,v 1.18 2024/02/18 15:45:42 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ @@ -92,7 +92,7 @@ RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, EVP_MD_CTX ctx; unsigned char H_[EVP_MAX_MD_SIZE]; - EVP_MD_CTX_init(&ctx); + EVP_MD_CTX_legacy_clear(&ctx); if (mgf1Hash == NULL) mgf1Hash = Hash; @@ -200,7 +200,7 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, unsigned char *H, *salt = NULL, *p; EVP_MD_CTX ctx; - EVP_MD_CTX_init(&ctx); + EVP_MD_CTX_legacy_clear(&ctx); if (mgf1Hash == NULL) mgf1Hash = Hash; diff --git a/lib/libcrypto/x509/x509_cmp.c b/lib/libcrypto/x509/x509_cmp.c index 3ee4fd4a5..6098b6e7e 100644 --- a/lib/libcrypto/x509/x509_cmp.c +++ b/lib/libcrypto/x509/x509_cmp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_cmp.c,v 1.42 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: x509_cmp.c,v 1.43 2024/02/18 15:45:42 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -95,7 +95,7 @@ X509_issuer_and_serial_hash(X509 *a) unsigned char md[16]; char *f; - EVP_MD_CTX_init(&ctx); + EVP_MD_CTX_legacy_clear(&ctx); f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0); if (f == NULL) goto err; @@ -291,7 +291,7 @@ X509_NAME_hash_old(X509_NAME *x) /* Make sure X509_NAME structure contains valid cached encoding */ i2d_X509_NAME(x, NULL); - EVP_MD_CTX_init(&md_ctx); + EVP_MD_CTX_legacy_clear(&md_ctx); if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL) && EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length) && EVP_DigestFinal_ex(&md_ctx, md, NULL)) diff --git a/regress/lib/libcrypto/asn1/Makefile b/regress/lib/libcrypto/asn1/Makefile index 173a51f44..16a84c19b 100644 --- a/regress/lib/libcrypto/asn1/Makefile +++ b/regress/lib/libcrypto/asn1/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.26 2023/12/15 22:24:15 tb Exp $ +# $OpenBSD: Makefile,v 1.27 2024/02/18 16:32:29 tb Exp $ PROGS = \ asn1api \ @@ -24,5 +24,6 @@ CFLAGS+= -I${.CURDIR}/../../../../lib/libcrypto/bytestring LDADD_asn1basic = ${CRYPTO_INT} LDADD_asn1object = ${CRYPTO_INT} +LDADD_asn1time = ${CRYPTO_INT} .include diff --git a/regress/lib/libcrypto/asn1/asn1time.c b/regress/lib/libcrypto/asn1/asn1time.c index 10533d62e..3fe9f8df3 100644 --- a/regress/lib/libcrypto/asn1/asn1time.c +++ b/regress/lib/libcrypto/asn1/asn1time.c @@ -1,6 +1,7 @@ -/* $OpenBSD: asn1time.c,v 1.21 2023/10/05 07:59:41 tb Exp $ */ +/* $OpenBSD: asn1time.c,v 1.24 2024/02/18 17:13:29 tb Exp $ */ /* * Copyright (c) 2015 Joel Sing + * Copyright (c) 2024 Google Inc. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -16,11 +17,15 @@ */ #include +#include #include +#include #include #include +#include "asn1_local.h" + int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); struct asn1_time_test { @@ -567,6 +572,205 @@ asn1_time_compare_test(void) return failed; } +static int +asn1_time_overflow(void) +{ + struct tm overflow_year = {0}, overflow_month = {0}; + struct tm copy, max_time = {0}, min_time = {0}, zero = {0}; + int64_t valid_time_range = INT64_C(315569519999); + int64_t posix_u64; + time_t posix_time; + int days, secs; + int failed = 1; + + overflow_year.tm_year = INT_MAX - 1899; + overflow_year.tm_mday = 1; + + overflow_month.tm_mon = INT_MAX; + overflow_month.tm_mday = 1; + + if (OPENSSL_tm_to_posix(&overflow_year, &posix_u64)) { + fprintf(stderr, "FAIL: OPENSSL_tm_to_posix didn't fail on " + "overflow of years\n"); + goto err; + } + if (OPENSSL_tm_to_posix(&overflow_month, &posix_u64)) { + fprintf(stderr, "FAIL: OPENSSL_tm_to_posix didn't fail on " + "overflow of months\n"); + goto err; + } + if (OPENSSL_timegm(&overflow_year, &posix_time)) { + fprintf(stderr, "FAIL: OPENSSL_timegm didn't fail on " + "overflow of years\n"); + goto err; + } + if (OPENSSL_timegm(&overflow_month, &posix_time)) { + fprintf(stderr, "FAIL: OPENSSL_timegm didn't fail on " + "overflow of months\n"); + goto err; + } + if (OPENSSL_gmtime_adj(&overflow_year, 0, 0)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_adj didn't fail on " + "overflow of years\n"); + goto err; + } + if (OPENSSL_gmtime_adj(&overflow_month, 0, 0)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_adj didn't fail on " + "overflow of months\n"); + goto err; + } + if (OPENSSL_gmtime_diff(&days, &secs, &overflow_year, &overflow_year)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_diff didn't fail on " + "overflow of years\n"); + goto err; + } + if (OPENSSL_gmtime_diff(&days, &secs, &overflow_month, &overflow_month)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_diff didn't fail on " + "overflow of months\n"); + goto err; + } + + /* Input time is in range but adding one second puts it out of range. */ + max_time.tm_year = 9999 - 1900; + max_time.tm_mon = 12 - 1; + max_time.tm_mday = 31; + max_time.tm_hour = 23; + max_time.tm_min = 59; + max_time.tm_sec = 59; + + copy = max_time; + if (!OPENSSL_gmtime_adj(©, 0, 0)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_adj by 0 sec didn't " + "succeed for maximum time\n"); + goto err; + } + if (memcmp(©, &max_time, sizeof(max_time)) != 0) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_adj by 0 sec didn't " + "leave copy of max_time unmodified\n"); + goto err; + } + if (OPENSSL_gmtime_adj(©, 0, 1)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_adj by 1 sec didn't " + "fail for maximum time\n"); + goto err; + } + if (memcmp(&zero, ©, sizeof(copy)) != 0) { + fprintf(stderr, "FAIL: failing OPENSSL_gmtime_adj didn't " + "zero out max_time\n"); + goto err; + } + + min_time.tm_year = 0 - 1900; + min_time.tm_mon = 1 - 1; + min_time.tm_mday = 1; + min_time.tm_hour = 0; + min_time.tm_min = 0; + min_time.tm_sec = 0; + + copy = min_time; + if (!OPENSSL_gmtime_adj(©, 0, 0)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_adj by 0 sec didn't " + "succeed for minimum time\n"); + goto err; + } + if (memcmp(©, &min_time, sizeof(min_time)) != 0) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_adj by 0 sec didn't " + "leave copy of min_time unmodified\n"); + goto err; + } + if (OPENSSL_gmtime_adj(©, 0, -1)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_adj by 1 sec didn't " + "fail for minimum time\n"); + goto err; + } + if (memcmp(&zero, ©, sizeof(copy)) != 0) { + fprintf(stderr, "FAIL: failing OPENSSL_gmtime_adj didn't " + "zero out max_time\n"); + goto err; + } + + copy = min_time; + /* Test that we can offset by the valid minimum and maximum times. */ + if (!OPENSSL_gmtime_adj(©, 0, valid_time_range)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_adj by maximum range " + "failed\n"); + goto err; + } + if (memcmp(©, &max_time, sizeof(max_time)) != 0) { + fprintf(stderr, "FAIL: maximally adjusted copy didn't match " + "max_time\n"); + hexdump((unsigned char *)&max_time, sizeof(max_time)); + hexdump((unsigned char *)©, sizeof(copy)); + goto err; + } + if (!OPENSSL_gmtime_adj(©, 0, -valid_time_range)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_adj by maximum range " + "failed\n"); + goto err; + } + if (memcmp(©, &min_time, sizeof(min_time)) != 0) { + fprintf(stderr, "FAIL: maximally adjusted copy didn't match " + "min_time\n"); + goto err; + } + + /* + * The second offset may even exceed the valid_time_range if it is + * cancelled out by offset_day. + */ + if (!OPENSSL_gmtime_adj(©, -1, valid_time_range + 24 * 3600)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_adj by maximum range " + "failed\n"); + goto err; + } + if (memcmp(©, &max_time, sizeof(max_time)) != 0) { + fprintf(stderr, "FAIL: excess maximally adjusted copy didn't " + "match max_time\n"); + goto err; + } + if (!OPENSSL_gmtime_adj(©, 1, -valid_time_range - 24 * 3600)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_adj by maximum range " + "failed\n"); + goto err; + } + if (memcmp(©, &min_time, sizeof(min_time)) != 0) { + fprintf(stderr, "FAIL: excess maximally adjusted copy didn't " + "match min_time\n"); + goto err; + } + + copy = max_time; + if (OPENSSL_gmtime_adj(©, INT_MAX, INT64_MAX)) { + fprintf(stderr, "FAIL: maximal adjustments in OPENSSL_gmtime_adj" + "didn't fail\n"); + goto err; + } + copy = min_time; + if (OPENSSL_gmtime_adj(©, INT_MIN, INT64_MIN)) { + fprintf(stderr, "FAIL: minimal adjustments in OPENSSL_gmtime_adj" + "didn't fail\n"); + goto err; + } + + /* Test we can diff between maximum time and minimum time. */ + if (!OPENSSL_gmtime_diff(&days, &secs, &max_time, &min_time)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_diff between maximum and " + "minimum time failed\n"); + goto err; + } + if (!OPENSSL_gmtime_diff(&days, &secs, &min_time, &max_time)) { + fprintf(stderr, "FAIL: OPENSSL_gmtime_diff between minimum and " + "maximum time failed\n"); + goto err; + } + + + failed = 0; + + err: + return failed; +} + int main(int argc, char **argv) { @@ -614,5 +818,8 @@ main(int argc, char **argv) /* Check for a leak in ASN1_TIME_normalize(). */ failed |= ASN1_TIME_normalize(NULL) != 0; + fprintf(stderr, "Time overflow tests...\n"); + failed |= asn1_time_overflow(); + return (failed); }