diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-05-13 11:58:52 +0200 |
---|---|---|
committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-08-21 09:04:11 +0200 |
commit | 97e00da90282dddfc572c84d8468d85ab1925fba (patch) | |
tree | 5ae138865d0e50f05db09df16285bb603fce87da | |
parent | Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_moc... (diff) | |
download | openssl-97e00da90282dddfc572c84d8468d85ab1925fba.tar.xz openssl-97e00da90282dddfc572c84d8468d85ab1925fba.zip |
Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
-rw-r--r-- | crypto/cmp/cmp_local.h | 4 | ||||
-rw-r--r-- | crypto/cmp/cmp_protect.c | 4 | ||||
-rw-r--r-- | crypto/crmf/crmf_pbm.c | 15 | ||||
-rw-r--r-- | doc/man3/OSSL_CRMF_pbmp_new.pod | 35 | ||||
-rw-r--r-- | include/openssl/crmf.h | 5 |
5 files changed, 37 insertions, 26 deletions
diff --git a/crypto/cmp/cmp_local.h b/crypto/cmp/cmp_local.h index 95c4781b6f..90d043c71c 100644 --- a/crypto/cmp/cmp_local.h +++ b/crypto/cmp/cmp_local.h @@ -75,9 +75,9 @@ struct ossl_cmp_ctx_st { ASN1_OCTET_STRING *referenceValue; /* optional user name for MSG_MAC_ALG */ ASN1_OCTET_STRING *secretValue; /* password/shared secret for MSG_MAC_ALG */ /* PBMParameters for MSG_MAC_ALG */ - size_t pbm_slen; /* currently fixed to 16 */ + size_t pbm_slen; /* salt length, currently fixed to 16 */ int pbm_owf; /* NID of one-way function (OWF), default: SHA256 */ - int pbm_itercnt; /* currently fixed to 500 */ + int pbm_itercnt; /* OWF iteration count, currently fixed to 500 */ int pbm_mac; /* NID of MAC algorithm, default: HMAC-SHA1 as per RFC 4210 */ /* CMP message header and extra certificates */ diff --git a/crypto/cmp/cmp_protect.c b/crypto/cmp/cmp_protect.c index 0f70c29953..7c3d5bf730 100644 --- a/crypto/cmp/cmp_protect.c +++ b/crypto/cmp/cmp_protect.c @@ -195,8 +195,8 @@ static X509_ALGOR *create_pbmac_algor(OSSL_CMP_CTX *ctx) return NULL; alg = X509_ALGOR_new(); - pbm = OSSL_CRMF_pbmp_new(ctx->pbm_slen, ctx->pbm_owf, ctx->pbm_itercnt, - ctx->pbm_mac); + pbm = OSSL_CRMF_pbmp_new(ctx->libctx, ctx->pbm_slen, + ctx->pbm_owf, ctx->pbm_itercnt, ctx->pbm_mac); pbm_str = ASN1_STRING_new(); if (alg == NULL || pbm == NULL || pbm_str == NULL) goto err; diff --git a/crypto/crmf/crmf_pbm.c b/crypto/crmf/crmf_pbm.c index f674eeeff7..77ef6e0a37 100644 --- a/crypto/crmf/crmf_pbm.c +++ b/crypto/crmf/crmf_pbm.c @@ -29,14 +29,15 @@ /*- * creates and initializes OSSL_CRMF_PBMPARAMETER (section 4.4) - * |slen| SHOULD be > 8 (16 is common) + * |slen| SHOULD be at least 8 (16 is common) * |owfnid| e.g., NID_sha256 - * |itercnt| MUST be > 100 (500 is common) + * |itercnt| MUST be >= 100 (e.g., 500) and <= OSSL_CRMF_PBM_MAX_ITERATION_COUNT * |macnid| e.g., NID_hmac_sha1 * returns pointer to OSSL_CRMF_PBMPARAMETER on success, NULL on error */ -OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid, - int itercnt, int macnid) +OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OPENSSL_CTX *libctx, size_t slen, + int owfnid, size_t itercnt, + int macnid) { OSSL_CRMF_PBMPARAMETER *pbm = NULL; unsigned char *salt = NULL; @@ -51,7 +52,7 @@ OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid, */ if ((salt = OPENSSL_malloc(slen)) == NULL) goto err; - if (RAND_bytes(salt, (int)slen) <= 0) { + if (RAND_bytes_ex(libctx, salt, (int)slen) <= 0) { CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_FAILURE_OBTAINING_RANDOM); goto err; } @@ -82,6 +83,10 @@ OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid, CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_ITERATIONCOUNT_BELOW_100); goto err; } + if (itercnt > OSSL_CRMF_PBM_MAX_ITERATION_COUNT) { + CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_BAD_PBM_ITERATIONCOUNT); + goto err; + } if (!ASN1_INTEGER_set(pbm->iterationCount, itercnt)) { CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_CRMFERROR); diff --git a/doc/man3/OSSL_CRMF_pbmp_new.pod b/doc/man3/OSSL_CRMF_pbmp_new.pod index 8e07032cd1..5667753944 100644 --- a/doc/man3/OSSL_CRMF_pbmp_new.pod +++ b/doc/man3/OSSL_CRMF_pbmp_new.pod @@ -8,15 +8,16 @@ OSSL_CRMF_pbmp_new =head1 SYNOPSIS - #include <openssl/crmf.h> + #include <openssl/crmf.h> - int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp, - const unsigned char *msg, size_t msglen, - const unsigned char *sec, size_t seclen, - unsigned char **mac, size_t *maclen); + int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp, + const unsigned char *msg, size_t msglen, + const unsigned char *sec, size_t seclen, + unsigned char **mac, size_t *maclen); - OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t saltlen, int owfnid, - int itercnt, int macnid); + OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OPENSSL_CTX *libctx, size_t saltlen, + int owfnid, size_t itercnt, + int macnid); =head1 DESCRIPTION @@ -26,13 +27,12 @@ lengths B<msglen> and B<seclen>. On success writes the address of the newly allocated MAC via the B<mac> reference parameter and writes the length via the B<maclen> reference parameter unless it its NULL. -The iteration count must be at least 100, as stipulated by RFC 4211, and is -limited to at most 100000 to avoid DoS through manipulated or otherwise -malformed input. - -OSSL_CRMF_pbmp_new() initializes and returns a new PBMParameter -structure with a new random salt of given length B<saltlen>, OWF (one-way -function) NID B<owfnid>, iteration count B<itercnt>, and MAC NID B<macnid>. +OSSL_CRMF_pbmp_new() initializes and returns a new B<PBMParameter> structure +with a new random salt of given length B<saltlen>, +OWF (one-way function) NID B<owfnid>, OWF iteration count B<itercnt>, +and MAC NID B<macnid>. +The library context I<libctx> parameter may be used to select the provider +for the random number generation (DRBG) and may be NULL for the default. =head1 NOTES @@ -40,7 +40,12 @@ The algorithms for the OWF (one-way function) and for the MAC (message authentication code) may be any with a NID defined in B<openssl/objects.h>. As specified by RFC 4210, these should include NID_hmac_sha1. -RFC 4210 recommends that the salt SHOULD be at least 8 bytes (64 bits) long. +RFC 4210 recommends that the salt SHOULD be at least 8 bytes (64 bits) long, +where 16 bytes is common. + +The iteration count must be at least 100, as stipulated by RFC 4211, and is +limited to at most 100000 to avoid DoS through manipulated or otherwise +malformed input. =head1 RETURN VALUES diff --git a/include/openssl/crmf.h b/include/openssl/crmf.h index bf0e32d499..8107d26d5c 100644 --- a/include/openssl/crmf.h +++ b/include/openssl/crmf.h @@ -67,8 +67,9 @@ DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS) typedef struct ossl_crmf_optionalvalidity_st OSSL_CRMF_OPTIONALVALIDITY; /* crmf_pbm.c */ -OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid, - int itercnt, int macnid); +OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OPENSSL_CTX *libctx, size_t slen, + int owfnid, size_t itercnt, + int macnid); int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp, const unsigned char *msg, size_t msglen, const unsigned char *sec, size_t seclen, |