From 5c273ab359065871b5b4da78b006b7539a329bb6 Mon Sep 17 00:00:00 2001 From: tb Date: Fri, 26 Nov 2021 16:41:42 +0000 Subject: [PATCH] Stop reaching into EVP_PKEY in the rest of libssl. ok inoguchi jsing --- lib/libssl/ssl_both.c | 4 ++-- lib/libssl/ssl_cert.c | 6 ++---- lib/libssl/ssl_clnt.c | 30 ++++++++++++++++++------------ lib/libssl/ssl_sigalgs.c | 10 +++++----- lib/libssl/ssl_srvr.c | 32 ++++++++++++++++++++++---------- lib/libssl/t1_lib.c | 11 ++++++----- 6 files changed, 55 insertions(+), 38 deletions(-) diff --git a/lib/libssl/ssl_both.c b/lib/libssl/ssl_both.c index 6e38463e27d..62652f8406f 100644 --- a/lib/libssl/ssl_both.c +++ b/lib/libssl/ssl_both.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_both.c,v 1.38 2021/10/23 13:36:03 jsing Exp $ */ +/* $OpenBSD: ssl_both.c,v 1.39 2021/11/26 16:41:42 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -534,7 +534,7 @@ ssl_cert_type(X509 *x, EVP_PKEY *pkey) if (pk == NULL) goto err; - i = pk->type; + i = EVP_PKEY_id(pk); if (i == EVP_PKEY_RSA) { ret = SSL_PKEY_RSA; } else if (i == EVP_PKEY_EC) { diff --git a/lib/libssl/ssl_cert.c b/lib/libssl/ssl_cert.c index 4c39925c604..e7de31949f7 100644 --- a/lib/libssl/ssl_cert.c +++ b/lib/libssl/ssl_cert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_cert.c,v 1.86 2021/10/23 20:42:50 beck Exp $ */ +/* $OpenBSD: ssl_cert.c,v 1.87 2021/11/26 16:41:42 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -229,9 +229,7 @@ ssl_cert_dup(CERT *cert) if (cert->pkeys[i].privatekey != NULL) { ret->pkeys[i].privatekey = cert->pkeys[i].privatekey; - CRYPTO_add(&ret->pkeys[i].privatekey->references, 1, - CRYPTO_LOCK_EVP_PKEY); - + EVP_PKEY_up_ref(ret->pkeys[i].privatekey); switch (i) { /* * If there was anything special to do for diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c index 02bd3d5dfe1..6fe15dcf1dc 100644 --- a/lib/libssl/ssl_clnt.c +++ b/lib/libssl/ssl_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_clnt.c,v 1.118 2021/11/19 18:53:10 tb Exp $ */ +/* $OpenBSD: ssl_clnt.c,v 1.119 2021/11/26 16:41:42 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1925,6 +1925,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb) unsigned char *enc_pms = NULL; uint16_t max_legacy_version; EVP_PKEY *pkey = NULL; + RSA *rsa; int ret = -1; int enc_len; CBB epms; @@ -1934,8 +1935,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb) */ pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA].x509); - if (pkey == NULL || pkey->type != EVP_PKEY_RSA || - pkey->pkey.rsa == NULL) { + if (pkey == NULL || (rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) { SSLerror(s, ERR_R_INTERNAL_ERROR); goto err; } @@ -1953,12 +1953,12 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb) pms[1] = max_legacy_version & 0xff; arc4random_buf(&pms[2], sizeof(pms) - 2); - if ((enc_pms = malloc(RSA_size(pkey->pkey.rsa))) == NULL) { + if ((enc_pms = malloc(RSA_size(rsa))) == NULL) { SSLerror(s, ERR_R_MALLOC_FAILURE); goto err; } - enc_len = RSA_public_encrypt(sizeof(pms), pms, enc_pms, pkey->pkey.rsa, + enc_len = RSA_public_encrypt(sizeof(pms), pms, enc_pms, rsa, RSA_PKCS1_PADDING); if (enc_len <= 0) { SSLerror(s, SSL_R_BAD_RSA_ENCRYPT); @@ -2385,6 +2385,7 @@ static int ssl3_send_client_verify_rsa(SSL *s, EVP_PKEY *pkey, CBB *cert_verify) { CBB cbb_signature; + RSA *rsa; unsigned char data[EVP_MAX_MD_SIZE]; unsigned char *signature = NULL; unsigned int signature_len; @@ -2395,8 +2396,10 @@ ssl3_send_client_verify_rsa(SSL *s, EVP_PKEY *pkey, CBB *cert_verify) goto err; if ((signature = calloc(1, EVP_PKEY_size(pkey))) == NULL) goto err; - if (RSA_sign(NID_md5_sha1, data, data_len, signature, - &signature_len, pkey->pkey.rsa) <= 0 ) { + if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) + goto err; + if (RSA_sign(NID_md5_sha1, data, data_len, signature, &signature_len, + rsa) <= 0 ) { SSLerror(s, ERR_R_RSA_LIB); goto err; } @@ -2418,6 +2421,7 @@ static int ssl3_send_client_verify_ec(SSL *s, EVP_PKEY *pkey, CBB *cert_verify) { CBB cbb_signature; + EC_KEY *eckey; unsigned char data[EVP_MAX_MD_SIZE]; unsigned char *signature = NULL; unsigned int signature_len; @@ -2427,8 +2431,10 @@ ssl3_send_client_verify_ec(SSL *s, EVP_PKEY *pkey, CBB *cert_verify) goto err; if ((signature = calloc(1, EVP_PKEY_size(pkey))) == NULL) goto err; + if ((eckey = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) + goto err; if (!ECDSA_sign(0, &data[MD5_DIGEST_LENGTH], SHA_DIGEST_LENGTH, - signature, &signature_len, pkey->pkey.ec)) { + signature, &signature_len, eckey)) { SSLerror(s, ERR_R_ECDSA_LIB); goto err; } @@ -2543,15 +2549,15 @@ ssl3_send_client_verify(SSL *s) if (!ssl3_send_client_verify_sigalgs(s, pkey, sigalg, &cert_verify)) goto err; - } else if (pkey->type == EVP_PKEY_RSA) { + } else if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { if (!ssl3_send_client_verify_rsa(s, pkey, &cert_verify)) goto err; - } else if (pkey->type == EVP_PKEY_EC) { + } else if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) { if (!ssl3_send_client_verify_ec(s, pkey, &cert_verify)) goto err; #ifndef OPENSSL_NO_GOST - } else if (pkey->type == NID_id_GostR3410_94 || - pkey->type == NID_id_GostR3410_2001) { + } else if (EVP_PKEY_id(pkey) == NID_id_GostR3410_94 || + EVP_PKEY_id(pkey) == NID_id_GostR3410_2001) { if (!ssl3_send_client_verify_gost(s, pkey, &cert_verify)) goto err; #endif diff --git a/lib/libssl/ssl_sigalgs.c b/lib/libssl/ssl_sigalgs.c index 765f39d4a94..95c624af9cd 100644 --- a/lib/libssl/ssl_sigalgs.c +++ b/lib/libssl/ssl_sigalgs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_sigalgs.c,v 1.37 2021/06/29 19:36:14 jsing Exp $ */ +/* $OpenBSD: ssl_sigalgs.c,v 1.38 2021/11/26 16:41:42 tb Exp $ */ /* * Copyright (c) 2018-2020 Bob Beck * Copyright (c) 2021 Joel Sing @@ -246,7 +246,7 @@ static const struct ssl_sigalg * ssl_sigalg_for_legacy(SSL *s, EVP_PKEY *pkey) { /* Default signature algorithms used for TLSv1.2 and earlier. */ - switch (pkey->type) { + switch (EVP_PKEY_id(pkey)) { case EVP_PKEY_RSA: if (S3I(s)->hs.negotiated_tls_version < TLS1_2_VERSION) return ssl_sigalg_lookup(SIGALG_RSA_PKCS1_MD5_SHA1); @@ -267,12 +267,12 @@ ssl_sigalg_pkey_ok(SSL *s, const struct ssl_sigalg *sigalg, EVP_PKEY *pkey) { if (sigalg == NULL || pkey == NULL) return 0; - if (sigalg->key_type != pkey->type) + if (sigalg->key_type != EVP_PKEY_id(pkey)) return 0; /* RSA PSS must have a sufficiently large RSA key. */ if ((sigalg->flags & SIGALG_FLAG_RSA_PSS)) { - if (pkey->type != EVP_PKEY_RSA || + if (EVP_PKEY_id(pkey) != EVP_PKEY_RSA || EVP_PKEY_size(pkey) < (2 * EVP_MD_size(sigalg->md()) + 2)) return 0; } @@ -286,7 +286,7 @@ ssl_sigalg_pkey_ok(SSL *s, const struct ssl_sigalg *sigalg, EVP_PKEY *pkey) return 0; /* Ensure that curve matches for EC keys. */ - if (pkey->type == EVP_PKEY_EC) { + if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) { if (sigalg->curve_nid == 0) return 0; if (EC_GROUP_get_curve_name(EC_KEY_get0_group( diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c index 13644c16253..6b0d85b15bb 100644 --- a/lib/libssl/ssl_srvr.c +++ b/lib/libssl/ssl_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_srvr.c,v 1.124 2021/11/19 18:53:10 tb Exp $ */ +/* $OpenBSD: ssl_srvr.c,v 1.125 2021/11/26 16:41:42 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1727,13 +1727,11 @@ ssl3_get_client_kex_rsa(SSL *s, CBS *cbs) fakekey[1] = S3I(s)->hs.peer_legacy_version & 0xff; pkey = s->cert->pkeys[SSL_PKEY_RSA].privatekey; - if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) || - (pkey->pkey.rsa == NULL)) { + if (pkey == NULL || (rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) { al = SSL_AD_HANDSHAKE_FAILURE; SSLerror(s, SSL_R_MISSING_RSA_CERTIFICATE); goto fatal_err; } - rsa = pkey->pkey.rsa; pms_len = RSA_size(rsa); if (pms_len < SSL_MAX_MASTER_KEY_LENGTH) @@ -2226,10 +2224,17 @@ ssl3_get_cert_verify(SSL *s) SSLerror(s, SSL_R_BAD_SIGNATURE); goto fatal_err; } - } else if (pkey->type == EVP_PKEY_RSA) { + } else if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { + RSA *rsa; + + if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) { + al = SSL_AD_INTERNAL_ERROR; + SSLerror(s, ERR_R_EVP_LIB); + goto fatal_err; + } verify = RSA_verify(NID_md5_sha1, S3I(s)->hs.tls12.cert_verify, MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, CBS_data(&signature), - CBS_len(&signature), pkey->pkey.rsa); + CBS_len(&signature), rsa); if (verify < 0) { al = SSL_AD_DECRYPT_ERROR; SSLerror(s, SSL_R_BAD_RSA_DECRYPT); @@ -2240,19 +2245,26 @@ ssl3_get_cert_verify(SSL *s) SSLerror(s, SSL_R_BAD_RSA_SIGNATURE); goto fatal_err; } - } else if (pkey->type == EVP_PKEY_EC) { + } else if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) { + EC_KEY *eckey; + + if ((eckey = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) { + al = SSL_AD_INTERNAL_ERROR; + SSLerror(s, ERR_R_EVP_LIB); + goto fatal_err; + } verify = ECDSA_verify(0, &(S3I(s)->hs.tls12.cert_verify[MD5_DIGEST_LENGTH]), SHA_DIGEST_LENGTH, CBS_data(&signature), - CBS_len(&signature), pkey->pkey.ec); + CBS_len(&signature), eckey); if (verify <= 0) { al = SSL_AD_DECRYPT_ERROR; SSLerror(s, SSL_R_BAD_ECDSA_SIGNATURE); goto fatal_err; } #ifndef OPENSSL_NO_GOST - } else if (pkey->type == NID_id_GostR3410_94 || - pkey->type == NID_id_GostR3410_2001) { + } else if (EVP_PKEY_id(pkey) == NID_id_GostR3410_94 || + EVP_PKEY_id(pkey) == NID_id_GostR3410_2001) { unsigned char sigbuf[128]; unsigned int siglen = sizeof(sigbuf); EVP_PKEY_CTX *pctx; diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c index 092331aae11..78532054a09 100644 --- a/lib/libssl/t1_lib.c +++ b/lib/libssl/t1_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_lib.c,v 1.183 2021/10/25 10:01:46 jsing Exp $ */ +/* $OpenBSD: t1_lib.c,v 1.184 2021/11/26 16:41:42 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -572,16 +572,17 @@ tls1_check_ec_server_key(SSL *s) CERT_PKEY *cpk = s->cert->pkeys + SSL_PKEY_ECC; uint16_t curve_id; uint8_t comp_id; + EC_KEY *eckey; EVP_PKEY *pkey; int rv; if (cpk->x509 == NULL || cpk->privatekey == NULL) return (0); - if ((pkey = X509_get_pubkey(cpk->x509)) == NULL) + if ((pkey = X509_get0_pubkey(cpk->x509)) == NULL) return (0); - rv = tls1_set_ec_id(&curve_id, &comp_id, pkey->pkey.ec); - EVP_PKEY_free(pkey); - if (rv != 1) + if ((eckey = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) + return (0); + if ((rv = tls1_set_ec_id(&curve_id, &comp_id, eckey)) != 1) return (0); return tls1_check_ec_key(s, &curve_id, &comp_id); -- 2.20.1