* Update RPM and CMake dependencies.
* Replace deprecated HMAC functions in sqlcipher.
* Update openssl error handling. We can't rely on function codes any
more (all are 0 in openssl3.0).
* Adjust to argument constness changes.
* Get rid of FIPS_mode_set(). FIPS mode can be enabled in openssl
configuration.
* Fix sk_X509_free visibility issue.
* Openssl3.0 does not allow X9.31 padding withraw messages (no digest).
Update doc and tests accordingly.
* Handle new openssl errors.
* Ignore deprecation warnings.
Change-Id: I7dee7d3aa6e8b364553405202acde8f848621d4a
############################# compiler flags ##################################
SET(CMAKE_C_FLAGS_PROFILING "-g -O0 -pg -Wp,-U_FORTIFY_SOURCE")
-SET(CMAKE_CXX_FLAGS_PROFILING "-g -std=c++17 -O0 -pg -Wp,-U_FORTIFY_SOURCE")
+SET(CMAKE_CXX_FLAGS_PROFILING "-g -std=c++17 -O0 -pg -Wp,-U_FORTIFY_SOURCE -Wno-deprecated-declarations")
SET(CMAKE_C_FLAGS_DEBUG "-g -O0 -ggdb -Wp,-U_FORTIFY_SOURCE")
-SET(CMAKE_CXX_FLAGS_DEBUG "-g -std=c++17 -O0 -ggdb -Wp,-U_FORTIFY_SOURCE -Wshadow")
+SET(CMAKE_CXX_FLAGS_DEBUG "-g -std=c++17 -O0 -ggdb -Wp,-U_FORTIFY_SOURCE -Wshadow -Wno-deprecated-declarations")
SET(CMAKE_C_FLAGS_RELEASE "-g -O2")
-SET(CMAKE_CXX_FLAGS_RELEASE "-g -std=c++17 -O2 -Wshadow")
+SET(CMAKE_CXX_FLAGS_RELEASE "-g -std=c++17 -O2 -Wshadow -Wno-deprecated-declarations")
SET(CMAKE_C_FLAGS_COVERAGE "-g -O0 -ggdb --coverage -Wp,-U_FORTIFY_SOURCE")
-SET(CMAKE_CXX_FLAGS_COVERAGE "-g -std=c++17 -O0 -ggdb --coverage -Wp,-U_FORTIFY_SOURCE")
+SET(CMAKE_CXX_FLAGS_COVERAGE "-g -std=c++17 -O0 -ggdb --coverage -Wp,-U_FORTIFY_SOURCE -Wno-deprecated-declarations")
# Force PIE
SET(CMAKE_POSITION_INDEPENDENT_CODE "True")
REQUIRED
dlog
glib-2.0
- openssl1.1
+ openssl3
libsmack
libsystemd
capi-base-common
PKG_CHECK_MODULES(CKM_INITIAL_VALUES_DEP
REQUIRED
- openssl1.1
+ openssl3
libxml-2.0
)
BuildRequires: cmake
BuildRequires: zip
BuildRequires: pkgconfig(dlog)
-BuildRequires: pkgconfig(openssl1.1)
+BuildRequires: pkgconfig(openssl3)
BuildRequires: libattr-devel
BuildRequires: pkgconfig(libsmack)
BuildRequires: pkgconfig(libsystemd)
Group: Security/Libraries
License: Apache-2.0
BuildRequires: cmake
-BuildRequires: pkgconfig(openssl1.1)
+BuildRequires: pkgconfig(openssl3)
BuildRequires: pkgconfig(libxml-2.0)
Requires(post): /sbin/ldconfig
Requires(postun): /sbin/ldconfig
* @param[in] private_key_alias The name of private key
* @param[in] password The password used in decrypting a private key value
* @param[in] message The message that is signed with a private key
- * @param[in] hash The hash algorithm used in creating signature. CKMC_HASH_NONE is invalid for DSA
- * & ECDSA
+ * @param[in] hash The hash algorithm used in creating signature. CKMC_HASH_NONE is invalid for DSA,
+ * ECDSA and RSA with X9.31 padding
* @param[in] padding The RSA padding algorithm used in creating signature. It is used only when the signature algorithm is RSA. If
* @a padding is CKMC_NONE_PADDING you must use CKMC_HASH_NONE
* and the message must be equal to key length
* @param[in] password The password used in decrypting a public key value
* @param[in] message The input on which the signature is created
* @param[in] signature The signature that is verified with public key
- * @param[in] hash The hash algorithm used in verifying signature. CKMC_HASH_NONE is invalid for DSA
- * & ECDSA
+ * @param[in] hash The hash algorithm used in verifying signature. CKMC_HASH_NONE is invalid for
+ * DSA, ECDSA & RSA with X9.31 padding
* @param[in] padding The RSA padding algorithm used in verifying signature. It is used only when
* the signature algorithm is RSA. If @a padding is CKMC_NONE_PADDING you must
* use CKMC_HASH_NONE and the message must be equal to key length
PKG_CHECK_MODULES(COMMON_DEP
REQUIRED
dlog
- openssl1.1
+ openssl3
libsmack
libsystemd
)
return ptr->size();
}
-typedef int(*I2D_CONV)(BIO *, EVP_PKEY *);
+typedef int(*I2D_CONV)(BIO *, const EVP_PKEY *);
-CKM::RawBuffer i2d(I2D_CONV fun, EVP_PKEY *pkey)
+CKM::RawBuffer i2d(I2D_CONV fun, const EVP_PKEY *pkey)
{
auto bio = uptr<BIO_free_all>(BIO_new(BIO_s_mem()));
/* known errors */
switch (err) {
- case ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_OSSL_PRIVATE_DECRYPT, RSA_R_DATA_GREATER_THAN_MOD_LEN):
- case ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_OSSL_PUBLIC_DECRYPT, RSA_R_DATA_GREATER_THAN_MOD_LEN):
- case ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_OSSL_PUBLIC_ENCRYPT, RSA_R_DATA_TOO_LARGE_FOR_MODULUS):
- case ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_OSSL_PUBLIC_DECRYPT, RSA_R_DATA_TOO_LARGE_FOR_MODULUS):
- case ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, RSA_R_DATA_TOO_LARGE_FOR_MODULUS):
- case ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_OSSL_PRIVATE_DECRYPT, RSA_R_DATA_TOO_LARGE_FOR_MODULUS):
- case ERR_PACK(ERR_LIB_RSA, RSA_F_PKEY_RSA_CTRL, RSA_R_KEY_SIZE_TOO_SMALL):
- case ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_OSSL_PRIVATE_DECRYPT, RSA_R_MISSING_PRIVATE_KEY):
- case ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, RSA_R_MISSING_PRIVATE_KEY):
- case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED):
- case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET):
- case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION):
- case ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ_BIO, PEM_R_NO_START_LINE):
- case ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA):
- case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH):
- case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH):
- case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH):
- case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS):
- case ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE):
- case ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_SIGN_SIG, EC_R_MISSING_PRIVATE_KEY):
- case ERR_PACK(ERR_LIB_DSA, DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE):
- case ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_SIGN, DSA_R_MISSING_PRIVATE_KEY):
- case ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG):
- case ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_OBJECT, ASN1_R_HEADER_TOO_LONG):
- case ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG):
- case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT):
- case ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT):
- case ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ):
- case ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ_BIO_PRIVATEKEY, PEM_R_BAD_PASSWORD_READ):
- case ERR_PACK(ERR_LIB_PEM, PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DATA_GREATER_THAN_MOD_LEN):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DATA_TOO_LARGE_FOR_MODULUS):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_KEY_SIZE_TOO_SMALL):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MISSING_PRIVATE_KEY):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_PADDING_MODE):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_X931_DIGEST):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DATA_TOO_LARGE):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OAEP_DECODING_ERROR):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_LENGTH):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_PADDING):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_BLOCK_TYPE_IS_NOT_01):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_BAD_FIXED_HEADER_DECRYPT):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NULL_BEFORE_BLOCK_MISSING):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_BAD_PAD_BYTE_COUNT):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PKCS_DECODING_ERROR):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_SLEN_CHECK_FAILED):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_FIRST_OCTET_INVALID):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_LAST_OCTET_INVALID):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_SLEN_RECOVERY_FAILED):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_HEADER):
+ case ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_TRAILER):
+ case ERR_PACK(ERR_LIB_EVP, 0, EVP_R_COMMAND_NOT_SUPPORTED):
+ case ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NO_OPERATION_SET):
+ case ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_OPERATION):
+ case ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH):
+ case ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRONG_FINAL_BLOCK_LENGTH):
+ case ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DIFFERENT_PARAMETERS):
+ case ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BAD_DECRYPT):
+ case ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_DIGEST_TYPE):
+ case ERR_PACK(ERR_LIB_EC, 0, EC_R_MISSING_PRIVATE_KEY):
+ case ERR_PACK(ERR_LIB_DSA, 0, DSA_R_INVALID_DIGEST_TYPE):
+ case ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MISSING_PRIVATE_KEY):
+ case ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TOO_LONG):
+ case ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_HEADER_TOO_LONG):
+ case ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_TAG):
+ case ERR_PACK(ERR_LIB_ASN1, 0, ERR_R_NESTED_ASN1_ERROR):
+ case ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NOT_ENOUGH_DATA):
+ case ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_DECRYPT):
+ case ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_PASSWORD_READ):
+ case ERR_PACK(ERR_LIB_PEM, 0, PEM_R_NO_START_LINE):
+ case ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_X931_DIGEST):
+ case ERR_PACK(ERR_LIB_PROV, 0, ERR_R_NESTED_ASN1_ERROR):
+ case ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_PADDING_MODE):
+ case ERR_PACK(ERR_LIB_PROV, 0, PROV_R_DIGEST_NOT_ALLOWED):
+ case ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_DIGEST):
+ case ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_DIGEST_LENGTH):
+ case ERR_PACK(ERR_LIB_PROV, 0, PROV_R_KEY_SIZE_TOO_SMALL):
+ case ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_SIGNATURE_SIZE):
+ case ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ALGORITHM_MISMATCH):
+ case ERR_PACK(ERR_LIB_PROV, 0, PROV_R_OUTPUT_BUFFER_TOO_SMALL):
+ case ERR_PACK(ERR_LIB_PROV, 0, PROV_R_BAD_DECRYPT):
ret = CKM_API_ERROR_INPUT_PARAM;
break;
- case ERR_PACK(ERR_LIB_X509, X509_F_X509_VERIFY_CERT, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY):
- case ERR_PACK(ERR_LIB_X509, X509_F_X509_VERIFY_CERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED):
- case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE):
- case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED):
+ case ERR_PACK(ERR_LIB_X509, 0, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY):
+ case ERR_PACK(ERR_LIB_X509, 0, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED):
+ case ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE):
+ case ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED):
ret = CKM_API_ERROR_VERIFICATION_FAILED;
break;
}
- /* known rsa padding errors */
- if (ret == CKM_API_SUCCESS && ERR_GET_LIB(err) == ERR_LIB_RSA) {
- switch (ERR_GET_FUNC(err)) {
- case RSA_F_CHECK_PADDING_MD:
- case RSA_F_RSA_PADDING_CHECK_NONE:
- case RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP:
- case RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1:
- case RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1:
- case RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2:
- case RSA_F_RSA_PADDING_CHECK_SSLV23:
- case RSA_F_RSA_PADDING_CHECK_X931:
- case RSA_F_RSA_PADDING_ADD_NONE:
- case RSA_F_RSA_PADDING_ADD_PKCS1_OAEP:
- case RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1:
- case RSA_F_RSA_PADDING_ADD_PKCS1_PSS:
- case RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1:
- case RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1:
- case RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2:
- case RSA_F_RSA_PADDING_ADD_SSLV23:
- case RSA_F_RSA_PADDING_ADD_X931:
- ret = CKM_API_ERROR_INPUT_PARAM;
- break;
- }
- }
-
/* fatal errors */
int reason = ERR_GET_REASON(err);
if (ret == CKM_API_SUCCESS && reason <= GENERIC_REASON_MAX && (err & ERR_R_FATAL) > 0) {
#include <ckm/ckm-type.h>
#include <openssl/evp.h>
#include <openssl/err.h>
+#include <openssl/proverr.h>
#include <sw-backend/obj.h>
#include <symbol-visibility.h>
errorHandle(__FILE__, __LINE__, __func__, openssl_ret); \
}
-} // namespace CKM
\ No newline at end of file
+} // namespace CKM
namespace CKM {
+inline void X509_stack_free_wrapper(STACK_OF(X509)* stack)
+{
+ sk_X509_free(stack);
+}
+
inline auto create_x509_stack()
{
- return uptr<sk_X509_free>(sk_X509_new_null());
+ return uptr<X509_stack_free_wrapper>(sk_X509_new_null());
}
} // namespace CKM
namespace {
typedef Uptr<EVP_PKEY_CTX_free, EVP_PKEY_CTX> EvpPkeyCtxUPtr;
-typedef int(*I2D_CONV)(BIO *, EVP_PKEY *);
+typedef int(*I2D_CONV)(BIO *, const EVP_PKEY *);
-RawBuffer i2d(I2D_CONV fun, EVP_PKEY *pkey)
+RawBuffer i2d(I2D_CONV fun, const EVP_PKEY *pkey)
{
auto bio = uptr<BIO_free_all>(BIO_new(BIO_s_mem()));
aad);
}
-EC_KEY* getEcKey(EVP_PKEY* evpKey)
+const EC_KEY* getEcKey(const EVP_PKEY* evpKey)
{
int subType = EVP_PKEY_type(EVP_PKEY_id(evpKey));
if (subType != EVP_PKEY_EC)
ThrowErr(Exc::Crypto::InputParam, "Invalid key type: ", subType);
- EC_KEY *ecKey = EVP_PKEY_get0_EC_KEY(evpKey);
+ const EC_KEY *ecKey = EVP_PKEY_get0_EC_KEY(evpKey);
if (!ecKey)
ThrowErr(Exc::Crypto::InternalError, "Can't get EC key");
{
validateParams<IsEcdh>(alg);
- EC_KEY *ecKey = getEcKey(pkey.get());
+ const EC_KEY *ecKey = getEcKey(pkey.get());
// get private key curve name
int prvCurve = getCurve(ecKey);
#include <dpl/log/log.h>
#include <ckm/ckm-error.h>
#include <ckm/ckm-type.h>
-#include <openssl/crypto.h>
namespace {
const uid_t SYSTEM_SVC_MAX_UID = (5000 - 1);
/* newMode should be extracted from global property like buxton in product */
int newMode = 0;
- if ((newMode == 1) == m_ccMode)
- return;
-
- if (FIPS_mode_set(newMode) == 0) {
- LogError("Error to FIPS_mode_set with param " << newMode);
- return;
- }
-
m_ccMode = (newMode == 1);
}
auto ctx = ctxptr.get();
- int ec = ::EVP_CIPHER_CTX_set_padding(ctx, 1);
+ int ec = ::EVP_CipherInit(ctx, algo, key.data(), iv.data(), 0 /* decrypt flag */);
if (ec != 1) {
- LogError("Failed to evp ctx set padding. ec: " << ec);
+ LogError("Failed to evp cipher init. ec: " << ec);
return RawBuffer();
}
- ec = ::EVP_CipherInit(ctx, algo, key.data(), iv.data(), 0 /* decrypt flag */);
+ ec = ::EVP_CIPHER_CTX_set_padding(ctx, 1);
if (ec != 1) {
- LogError("Failed to evp cipher init. ec: " << ec);
+ LogError("Failed to evp ctx set padding. ec: " << ec);
return RawBuffer();
}
const char* (*get_provider_name)(void *ctx);
int (*add_random)(void *ctx, void *buffer, int length);
int (*random)(void *ctx, void *buffer, int length);
- int (*hmac)(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out);
+ int (*hmac)(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out, int out_sz);
int (*kdf)(void *ctx, int algorithm, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key);
int (*cipher)(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out);
const char* (*get_cipher)(void *ctx);
p[3] = (u8)(v>>24);
}
-static int sqlcipher_page_hmac(codec_ctx *ctx, cipher_ctx *c_ctx, Pgno pgno, unsigned char *in, int in_sz, unsigned char *out) {
+static int sqlcipher_page_hmac(codec_ctx *ctx, cipher_ctx *c_ctx, Pgno pgno, unsigned char *in, int in_sz, unsigned char *out, int out_sz) {
unsigned char pgno_raw[sizeof(pgno)];
/* we may convert page number to consistent representation before calculating MAC for
compatibility across big-endian and little-endian platforms.
ctx->provider_ctx, ctx->hmac_algorithm, c_ctx->hmac_key,
ctx->key_sz, in,
in_sz, (unsigned char*) &pgno_raw,
- sizeof(pgno), out);
+ sizeof(pgno), out, out_sz);
}
/*
}
if((ctx->flags & CIPHER_FLAG_HMAC) && (mode == CIPHER_DECRYPT) && !ctx->skip_read_hmac) {
- if(sqlcipher_page_hmac(ctx, c_ctx, pgno, in, size + ctx->iv_sz, hmac_out) != SQLITE_OK) {
+ if(sqlcipher_page_hmac(ctx, c_ctx, pgno, in, size + ctx->iv_sz, hmac_out, ctx->hmac_sz) != SQLITE_OK) {
CODEC_TRACE("codec_cipher: hmac operation on decrypt failed for pgno=%d\n", pgno);
goto error;
}
};
if((ctx->flags & CIPHER_FLAG_HMAC) && (mode == CIPHER_ENCRYPT)) {
- if(sqlcipher_page_hmac(ctx, c_ctx, pgno, out_start, size + ctx->iv_sz, hmac_out) != SQLITE_OK) {
+ if(sqlcipher_page_hmac(ctx, c_ctx, pgno, out_start, size + ctx->iv_sz, hmac_out, ctx->hmac_sz) != SQLITE_OK) {
CODEC_TRACE("codec_cipher: hmac operation on encrypt failed for pgno=%d\n", pgno);
goto error;
};
result = sqlite3_mprintf("error reading %d bytes from file page %d at offset %d\n", read_sz, page, offset);
sqlite3VdbeAddOp4(v, OP_String8, 0, 1, 0, result, P4_DYNAMIC);
sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1);
- } else if(sqlcipher_page_hmac(ctx, ctx->read_ctx, page, ctx->buffer, payload_sz, hmac_out) != SQLITE_OK) {
+ } else if(sqlcipher_page_hmac(ctx, ctx->read_ctx, page, ctx->buffer, payload_sz, hmac_out, ctx->hmac_sz) != SQLITE_OK) {
result = sqlite3_mprintf("HMAC operation failed for page %d", page);
sqlite3VdbeAddOp4(v, OP_String8, 0, 1, 0, result, P4_DYNAMIC);
sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1);
#include <openssl/objects.h>
#include <openssl/hmac.h>
#include <openssl/err.h>
+#include <openssl/core_names.h>
static unsigned int openssl_init_count = 0;
return (rc == 1) ? SQLITE_OK : SQLITE_ERROR;
}
-static int sqlcipher_openssl_hmac(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) {
- unsigned int outlen;
+static int sqlcipher_openssl_hmac(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out, int out_sz) {
+ size_t outlen;
int rc = SQLITE_OK;
- HMAC_CTX* hctx = NULL;
+ EVP_MAC_CTX* hctx = NULL;
+ EVP_MAC* mac = NULL;
+ OSSL_PARAM params[2];
+ char* digest_name = NULL;
if(in == NULL) goto error;
- hctx = HMAC_CTX_new();
+ mac = EVP_MAC_fetch(NULL, "HMAC", NULL);
+ if (mac == NULL) goto error;
+
+ hctx = EVP_MAC_CTX_new(mac);
if(hctx == NULL) goto error;
switch(algorithm) {
case SQLCIPHER_HMAC_SHA1:
- if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha1(), NULL)) goto error;
+ digest_name = "SHA1";
break;
case SQLCIPHER_HMAC_SHA256:
- if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha256(), NULL)) goto error;
+ digest_name = "SHA2-256";
break;
case SQLCIPHER_HMAC_SHA512:
- if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha512(), NULL)) goto error;
+ digest_name = "SHA2-512";
break;
default:
goto error;
}
+ params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, digest_name, sizeof(digest_name));
+ params[1] = OSSL_PARAM_construct_end();
+
+ if(!EVP_MAC_init(hctx, hmac_key, key_sz, params)) goto error;
- if(!HMAC_Update(hctx, in, in_sz)) goto error;
+ if(!EVP_MAC_update(hctx, in, in_sz)) goto error;
if(in2 != NULL) {
- if(!HMAC_Update(hctx, in2, in2_sz)) goto error;
+ if(!EVP_MAC_update(hctx, in2, in2_sz)) goto error;
}
- if(!HMAC_Final(hctx, out, &outlen)) goto error;
+ if(!EVP_MAC_final(hctx, out, &outlen, out_sz)) goto error;
goto cleanup;
error:
rc = SQLITE_ERROR;
cleanup:
- if(hctx) HMAC_CTX_free(hctx);
+ if(hctx) EVP_MAC_CTX_free(hctx);
+ EVP_MAC_free(mac);
return rc;
}
signVerify(AlgoType::RSA_GEN, 4096, HashAlgorithm::NONE, RSAPaddingAlgorithm::PKCS1);
signVerify(AlgoType::RSA_GEN, 2048, HashAlgorithm::NONE, RSAPaddingAlgorithm::PKCS1);
signVerify(AlgoType::RSA_GEN, 1024, HashAlgorithm::NONE, RSAPaddingAlgorithm::PKCS1);
- signVerify(AlgoType::RSA_GEN, 1024, HashAlgorithm::NONE, RSAPaddingAlgorithm::X931);
}
NEGATIVE_TEST_CASE(sign)
// no hash forbidden
invalidSign(shortMsg, AlgoType::DSA_SV, HashAlgorithm::NONE);
invalidSign(shortMsg, AlgoType::ECDSA_SV, HashAlgorithm::NONE);
+ invalidSign(paddingMsg, AlgoType::RSA_SV, HashAlgorithm::NONE, RSAPaddingAlgorithm::X931);
// non-none hash + no padding forbidden
invalidSign(equalMsg, AlgoType::RSA_SV, HashAlgorithm::SHA256, RSAPaddingAlgorithm::NONE);
projects / platform / core / security / key-manager.git / commitdiff