diff options
| -rw-r--r-- | crypto/ec/ec.c | 18 | ||||
| -rw-r--r-- | crypto/evp/evp_ctx.c | 29 | ||||
| -rw-r--r-- | crypto/evp/evp_extra_test.cc | 85 | ||||
| -rw-r--r-- | crypto/evp/internal.h | 4 | ||||
| -rw-r--r-- | crypto/evp/p_ec.c | 29 | ||||
| -rw-r--r-- | crypto/evp/p_rsa.c | 104 | ||||
| -rw-r--r-- | decrepit/CMakeLists.txt | 2 | ||||
| -rw-r--r-- | decrepit/evp/CMakeLists.txt | 9 | ||||
| -rw-r--r-- | decrepit/evp/evp_do_all.c | 77 | ||||
| -rw-r--r-- | include/openssl/bio.h | 5 | ||||
| -rw-r--r-- | include/openssl/crypto.h | 4 | ||||
| -rw-r--r-- | include/openssl/ec.h | 37 | ||||
| -rw-r--r-- | include/openssl/evp.h | 38 | ||||
| -rw-r--r-- | include/openssl/ssl.h | 34 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 8 | ||||
| -rw-r--r-- | ssl/t1_lib.c | 2 |
16 files changed, 453 insertions, 32 deletions
diff --git a/crypto/ec/ec.c b/crypto/ec/ec.c index 2f8d2b1f..ca3ce373 100644 --- a/crypto/ec/ec.c +++ b/crypto/ec/ec.c @@ -883,3 +883,21 @@ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, abort(); } } + +size_t EC_get_builtin_curves(EC_builtin_curve *out_curves, + size_t max_num_curves) { + unsigned num_built_in_curves; + for (num_built_in_curves = 0;; num_built_in_curves++) { + if (OPENSSL_built_in_curves[num_built_in_curves].nid == NID_undef) { + break; + } + } + + unsigned i; + for (i = 0; i < max_num_curves && i < num_built_in_curves; i++) { + out_curves[i].comment = OPENSSL_built_in_curves[i].data->comment; + out_curves[i].nid = OPENSSL_built_in_curves[i].nid; + } + + return num_built_in_curves; +} diff --git a/crypto/evp/evp_ctx.c b/crypto/evp/evp_ctx.c index 9e038cd2..69d556a2 100644 --- a/crypto/evp/evp_ctx.c +++ b/crypto/evp/evp_ctx.c @@ -342,6 +342,35 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen); } +int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx) { + if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) { + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + return 0; + } + ctx->operation = EVP_PKEY_OP_VERIFYRECOVER; + if (!ctx->pmeth->verify_recover_init) { + return 1; + } + if (!ctx->pmeth->verify_recover_init(ctx)) { + ctx->operation = EVP_PKEY_OP_UNDEFINED; + return 0; + } + return 1; +} + +int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *out_len, + const uint8_t *sig, size_t sig_len) { + if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) { + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + return 0; + } + if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) { + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); + return 0; + } + return ctx->pmeth->verify_recover(ctx, out, out_len, sig, sig_len); +} + int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); diff --git a/crypto/evp/evp_extra_test.cc b/crypto/evp/evp_extra_test.cc index 21e5da77..00858f78 100644 --- a/crypto/evp/evp_extra_test.cc +++ b/crypto/evp/evp_extra_test.cc @@ -15,6 +15,7 @@ #include <stdint.h> #include <stdio.h> #include <stdlib.h> +#include <string.h> #include <utility> #include <vector> @@ -658,6 +659,84 @@ static bool TestEVP_DigestVerifyInitFromAlgorithm(void) { return true; } +static bool TestVerifyRecover() { + ScopedEVP_PKEY pkey = LoadExampleRSAKey(); + if (!pkey) { + return false; + } + + ScopedRSA rsa(EVP_PKEY_get1_RSA(pkey.get())); + if (!rsa) { + return false; + } + + const uint8_t kDummyHash[32] = {0}; + uint8_t sig[2048/8]; + unsigned sig_len = sizeof(sig); + + if (!RSA_sign(NID_sha256, kDummyHash, sizeof(kDummyHash), sig, &sig_len, + rsa.get())) { + fprintf(stderr, "RSA_sign failed.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + size_t out_len; + ScopedEVP_PKEY_CTX ctx(EVP_PKEY_CTX_new(pkey.get(), nullptr)); + if (!EVP_PKEY_verify_recover_init(ctx.get()) || + !EVP_PKEY_CTX_set_rsa_padding(ctx.get(), RSA_PKCS1_PADDING) || + !EVP_PKEY_CTX_set_signature_md(ctx.get(), EVP_sha256()) || + !EVP_PKEY_verify_recover(ctx.get(), nullptr, &out_len, sig, sig_len)) { + fprintf(stderr, "verify_recover failed will nullptr buffer.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + std::vector<uint8_t> recovered; + recovered.resize(out_len); + + if (!EVP_PKEY_verify_recover(ctx.get(), recovered.data(), &out_len, sig, + sig_len)) { + fprintf(stderr, "verify_recover failed.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + if (out_len != sizeof(kDummyHash)) { + fprintf(stderr, "verify_recover length is %u, expected %u.\n", + static_cast<unsigned>(out_len), + static_cast<unsigned>(sizeof(kDummyHash))); + return false; + } + + if (memcmp(recovered.data(), kDummyHash, sizeof(kDummyHash)) != 0) { + fprintf(stderr, "verify_recover got wrong value.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + out_len = recovered.size(); + if (!EVP_PKEY_CTX_set_signature_md(ctx.get(), nullptr) || + !EVP_PKEY_verify_recover(ctx.get(), recovered.data(), &out_len, sig, + sig_len)) { + fprintf(stderr, "verify_recover failed with NULL MD.\n"); + ERR_print_errors_fp(stderr); + return false; + } + + /* The size of a SHA-256 hash plus PKCS#1 v1.5 ASN.1 stuff happens to be 51 + * bytes. */ + static const size_t kExpectedASN1Size = 51; + if (out_len != kExpectedASN1Size) { + fprintf(stderr, "verify_recover length without MD is %u, expected %u.\n", + static_cast<unsigned>(out_len), + static_cast<unsigned>(kExpectedASN1Size)); + return false; + } + + return true; +} + static bool TestBadPSSParameters(void) { CBS in, tbs_cert, signature; ScopedEVP_PKEY pkey; @@ -835,6 +914,12 @@ int main(void) { return 1; } + if (!TestVerifyRecover()) { + fprintf(stderr, "EVP_PKEY_verify_recover failed\n"); + ERR_print_errors_fp(stderr); + return 1; + } + if (!TestBadPSSParameters()) { fprintf(stderr, "TestBadPSSParameters failed\n"); ERR_print_errors_fp(stderr); diff --git a/crypto/evp/internal.h b/crypto/evp/internal.h index aa52d535..06788b8a 100644 --- a/crypto/evp/internal.h +++ b/crypto/evp/internal.h @@ -249,6 +249,10 @@ struct evp_pkey_method_st { int (*verify)(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t siglen, const uint8_t *tbs, size_t tbslen); + int (*verify_recover_init)(EVP_PKEY_CTX *ctx); + int (*verify_recover)(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *out_len, + const uint8_t *sig, size_t sig_len); + int (*encrypt_init)(EVP_PKEY_CTX *ctx); int (*encrypt)(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen); diff --git a/crypto/evp/p_ec.c b/crypto/evp/p_ec.c index 77f213db..f4c6f322 100644 --- a/crypto/evp/p_ec.c +++ b/crypto/evp/p_ec.c @@ -273,11 +273,26 @@ static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { } const EVP_PKEY_METHOD ec_pkey_meth = { - EVP_PKEY_EC, 0 /* flags */, pkey_ec_init, - pkey_ec_copy, pkey_ec_cleanup, 0 /* paramgen_init */, - pkey_ec_paramgen, 0 /* keygen_init */, pkey_ec_keygen, - 0 /* sign_init */, pkey_ec_sign, 0 /* verify_init */, - pkey_ec_verify, 0 /* encrypt_init */, 0 /* encrypt */, - 0 /* decrypt_init */, 0 /* decrypt */, 0 /* derive_init */, - pkey_ec_derive, pkey_ec_ctrl, + EVP_PKEY_EC, + 0 /* flags */, + pkey_ec_init, + pkey_ec_copy, + pkey_ec_cleanup, + 0 /* paramgen_init */, + pkey_ec_paramgen, + 0 /* keygen_init */, + pkey_ec_keygen, + 0 /* sign_init */, + pkey_ec_sign, + 0 /* verify_init */, + pkey_ec_verify, + 0 /* verify_recover_init */, + 0 /* verify_recover */, + 0 /* encrypt_init */, + 0 /* encrypt */, + 0 /* decrypt_init */, + 0 /* decrypt */, + 0 /* derive_init */, + pkey_ec_derive, + pkey_ec_ctrl, }; diff --git a/crypto/evp/p_rsa.c b/crypto/evp/p_rsa.c index 895d3513..5f6db768 100644 --- a/crypto/evp/p_rsa.c +++ b/crypto/evp/p_rsa.c @@ -256,6 +256,81 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, return 1; } +static int pkey_rsa_verify_recover(EVP_PKEY_CTX *ctx, uint8_t *out, + size_t *out_len, const uint8_t *sig, + size_t sig_len) { + RSA_PKEY_CTX *rctx = ctx->data; + RSA *rsa = ctx->pkey->pkey.rsa; + const size_t key_len = EVP_PKEY_size(ctx->pkey); + + if (out == NULL) { + *out_len = key_len; + return 1; + } + + if (*out_len < key_len) { + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); + return 0; + } + + if (!setup_tbuf(rctx, ctx)) { + return 0; + } + + if (rctx->md == NULL) { + const size_t ret = RSA_public_decrypt(sig_len, sig, rctx->tbuf, + ctx->pkey->pkey.rsa, rctx->pad_mode); + if (ret < 0) { + return 0; + } + *out_len = ret; + memcpy(out, rctx->tbuf, *out_len); + return 1; + } + + if (rctx->pad_mode != RSA_PKCS1_PADDING) { + return 0; + } + + uint8_t *asn1_prefix; + size_t asn1_prefix_len; + int asn1_prefix_allocated; + if (!RSA_add_pkcs1_prefix(&asn1_prefix, &asn1_prefix_len, + &asn1_prefix_allocated, EVP_MD_type(rctx->md), NULL, + 0)) { + return 0; + } + + size_t rslen; + int ok = 1; + if (!RSA_verify_raw(rsa, &rslen, rctx->tbuf, key_len, sig, sig_len, + RSA_PKCS1_PADDING) || + rslen < asn1_prefix_len || + CRYPTO_memcmp(rctx->tbuf, asn1_prefix, asn1_prefix_len) != 0) { + ok = 0; + } + + if (asn1_prefix_allocated) { + OPENSSL_free(asn1_prefix); + } + + if (!ok) { + return 0; + } + + const size_t result_len = rslen - asn1_prefix_len; + if (result_len != EVP_MD_size(rctx->md)) { + return 0; + } + + if (out != NULL) { + memcpy(out, rctx->tbuf + asn1_prefix_len, result_len); + } + *out_len = result_len; + + return 1; +} + static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) { RSA_PKEY_CTX *rctx = ctx->data; @@ -503,13 +578,28 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { } const EVP_PKEY_METHOD rsa_pkey_meth = { - EVP_PKEY_RSA, 0 /* flags */, pkey_rsa_init, - pkey_rsa_copy, pkey_rsa_cleanup, 0 /* paramgen_init */, - 0 /* paramgen */, 0 /* keygen_init */, pkey_rsa_keygen, - 0 /* sign_init */, pkey_rsa_sign, 0 /* verify_init */, - pkey_rsa_verify, 0 /* encrypt_init */, pkey_rsa_encrypt, - 0 /* decrypt_init */, pkey_rsa_decrypt, 0 /* derive_init */, - 0 /* derive */, pkey_rsa_ctrl, + EVP_PKEY_RSA, + 0 /* flags */, + pkey_rsa_init, + pkey_rsa_copy, + pkey_rsa_cleanup, + 0 /* paramgen_init */, + 0 /* paramgen */, + 0 /* keygen_init */, + pkey_rsa_keygen, + 0 /* sign_init */, + pkey_rsa_sign, + 0 /* verify_init */, + pkey_rsa_verify, + 0 /* verify_recover_init */, + pkey_rsa_verify_recover, + 0 /* encrypt_init */, + pkey_rsa_encrypt, + 0 /* decrypt_init */, + pkey_rsa_decrypt, + 0 /* derive_init */, + 0 /* derive */, + pkey_rsa_ctrl, }; int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int padding) { diff --git a/decrepit/CMakeLists.txt b/decrepit/CMakeLists.txt index 0773f9a6..a7677d0a 100644 --- a/decrepit/CMakeLists.txt +++ b/decrepit/CMakeLists.txt @@ -2,6 +2,7 @@ add_subdirectory(bio) add_subdirectory(blowfish) add_subdirectory(cast) add_subdirectory(des) +add_subdirectory(evp) add_subdirectory(rsa) add_subdirectory(xts) @@ -12,6 +13,7 @@ add_library( $<TARGET_OBJECTS:blowfish> $<TARGET_OBJECTS:cast> $<TARGET_OBJECTS:des_decrepit> + $<TARGET_OBJECTS:evp_decrepit> $<TARGET_OBJECTS:rsa_decrepit> $<TARGET_OBJECTS:xts> ) diff --git a/decrepit/evp/CMakeLists.txt b/decrepit/evp/CMakeLists.txt new file mode 100644 index 00000000..ee3bf33b --- /dev/null +++ b/decrepit/evp/CMakeLists.txt @@ -0,0 +1,9 @@ +include_directories(../../include) + +add_library( + evp_decrepit + + OBJECT + + evp_do_all.c +) diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c new file mode 100644 index 00000000..621c0b11 --- /dev/null +++ b/decrepit/evp/evp_do_all.c @@ -0,0 +1,77 @@ +/* Copyright (c) 2016, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include <openssl/evp.h> + + +void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher, + const char *name, + const char *unused, void *arg), + void *arg) { + callback(EVP_aes_128_cbc(), "AES-128-CBC", NULL, arg); + callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg); + callback(EVP_aes_128_ecb(), "AES-128-ECB", NULL, arg); + callback(EVP_aes_128_ofb(), "AES-128-OFB", NULL, arg); + callback(EVP_aes_256_cbc(), "AES-256-CBC", NULL, arg); + callback(EVP_aes_256_ctr(), "AES-256-CTR", NULL, arg); + callback(EVP_aes_256_ecb(), "AES-256-ECB", NULL, arg); + callback(EVP_aes_256_ofb(), "AES-256-OFB", NULL, arg); + callback(EVP_aes_256_xts(), "AES-256-XTS", NULL, arg); + callback(EVP_des_cbc(), "DES-CBC", NULL, arg); + callback(EVP_des_ecb(), "DES-ECB", NULL, arg); + callback(EVP_des_ede(), "DES-EDE", NULL, arg); + callback(EVP_des_ede_cbc(), "DES-EDE-CBC", NULL, arg); + callback(EVP_des_ede3_cbc(), "DES-EDE3-CBC", NULL, arg); + callback(EVP_rc2_cbc(), "RC2-CBC", NULL, arg); + callback(EVP_rc4(), "RC4", NULL, arg); + + /* OpenSSL returns everything twice, the second time in lower case. */ + callback(EVP_aes_128_cbc(), "aes-128-cbc", NULL, arg); + callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg); + callback(EVP_aes_128_ecb(), "aes-128-ecb", NULL, arg); + callback(EVP_aes_128_ofb(), "aes-128-ofb", NULL, arg); + callback(EVP_aes_256_cbc(), "aes-256-cbc", NULL, arg); + callback(EVP_aes_256_ctr(), "aes-256-ctr", NULL, arg); + callback(EVP_aes_256_ecb(), "aes-256-ecb", NULL, arg); + callback(EVP_aes_256_ofb(), "aes-256-ofb", NULL, arg); + callback(EVP_aes_256_xts(), "aes-256-xts", NULL, arg); + callback(EVP_des_cbc(), "des-cbc", NULL, arg); + callback(EVP_des_ecb(), "des-ecb", NULL, arg); + callback(EVP_des_ede(), "des-ede", NULL, arg); + callback(EVP_des_ede_cbc(), "des-ede-cbc", NULL, arg); + callback(EVP_des_ede3_cbc(), "des-ede3-cbc", NULL, arg); + callback(EVP_rc2_cbc(), "rc2-cbc", NULL, arg); + callback(EVP_rc4(), "rc4", NULL, arg); +} + +void EVP_MD_do_all_sorted(void (*callback)(const EVP_MD *cipher, + const char *name, const char *unused, + void *arg), + void *arg) { + callback(EVP_md4(), "MD4", NULL, arg); + callback(EVP_md5(), "MD5", NULL, arg); + callback(EVP_sha1(), "SHA1", NULL, arg); + callback(EVP_sha224(), "SHA224", NULL, arg); + callback(EVP_sha256(), "SHA256", NULL, arg); + callback(EVP_sha384(), "SHA384", NULL, arg); + callback(EVP_sha512(), "SHA512", NULL, arg); + + callback(EVP_md4(), "md4", NULL, arg); + callback(EVP_md5(), "md5", NULL, arg); + callback(EVP_sha1(), "sha1", NULL, arg); + callback(EVP_sha224(), "sha224", NULL, arg); + callback(EVP_sha256(), "sha256", NULL, arg); + callback(EVP_sha384(), "sha384", NULL, arg); + callback(EVP_sha512(), "sha512", NULL, arg); +} diff --git a/include/openssl/bio.h b/include/openssl/bio.h index 3447f5bf..6ca35751 100644 --- a/include/openssl/bio.h +++ b/include/openssl/bio.h @@ -711,6 +711,11 @@ OPENSSL_EXPORT int BIO_zero_copy_get_write_buf_done(BIO* bio, #define BIO_CTRL_GET_CALLBACK 15 /* opt - set callback function */ #define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */ +/* These are never used, but exist to allow code to compile more easily. */ +#define BIO_CTRL_DUP 100 +#define BIO_CTRL_PUSH 101 +#define BIO_CTRL_POP 102 + /* Android compatibility section. * diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index 193c8c35..29d58921 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -42,7 +42,9 @@ OPENSSL_EXPORT void CRYPTO_library_init(void); /* Deprecated functions. */ -#define OPENSSL_VERSION_TEXT "BoringSSL" +/* OPENSSL_VERSION_TEXT contains a string the identifies the version of + * “OpenSSL”. node.js requires a version number in this text. */ +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2 (compatible; BoringSSL)" #define SSLEAY_VERSION 0 diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 26f40b7c..82f84ea5 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -81,14 +81,24 @@ extern "C" { typedef struct ec_group_st EC_GROUP; typedef struct ec_point_st EC_POINT; -/** Enum for the point conversion form as defined in X9.62 (ECDSA) - * for the encoding of a elliptic curve point (x,y) */ +/* point_conversion_form_t enumerates forms, as defined in X9.62 (ECDSA), for + * the encoding of a elliptic curve point (x,y) */ typedef enum { - /** the point is encoded as z||x, where the octet z specifies - * which solution of the quadratic equation y is */ - POINT_CONVERSION_COMPRESSED = 2, - /** the point is encoded as z||x||y, where z is the octet 0x04 */ - POINT_CONVERSION_UNCOMPRESSED = 4 + /* POINT_CONVERSION_COMPRESSED indicates that the point is encoded as z||x, + * where the octet z specifies which solution of the quadratic equation y + * is. */ + POINT_CONVERSION_COMPRESSED = 2, + + /* POINT_CONVERSION_COMPRESSED indicates that the point is encoded as + * z||x||y, where z is the octet 0x04. */ + POINT_CONVERSION_UNCOMPRESSED = 4, + + /* POINT_CONVERSION_HYBRID indicates that the point is encoded as z||x||y, + * where z specifies which solution of the quadratic equation y is. This is + * not supported by the code and has never been observed in use. + * + * TODO(agl): remove once node.js no longer references this. */ + POINT_CONVERSION_HYBRID = 6, } point_conversion_form_t; @@ -306,6 +316,19 @@ OPENSSL_EXPORT int EC_METHOD_get_field_type(const EC_METHOD *meth); OPENSSL_EXPORT void EC_GROUP_set_point_conversion_form( EC_GROUP *group, point_conversion_form_t form); +/* EC_builtin_curve describes a supported elliptic curve. */ +typedef struct { + int nid; + const char *comment; +} EC_builtin_curve; + +/* EC_get_builtin_curves writes at most |max_num_curves| elements to + * |out_curves| and returns the total number that it would have written, had + * |max_num_curves| been large enough. + * + * The |EC_builtin_curve| items describe the supported elliptic curves. */ +OPENSSL_EXPORT size_t EC_get_builtin_curves(EC_builtin_curve *out_curves, + size_t max_num_curves); /* Old code expects to get EC_KEY from ec.h. */ #include <openssl/ec_key.h> diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 948353a7..adf586e8 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -511,6 +511,34 @@ OPENSSL_EXPORT int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *out_len, const uint8_t *in, size_t in_len); +/* EVP_PKEY_verify_recover_init initialises an |EVP_PKEY_CTX| for a public-key + * decryption operation. It should be called before |EVP_PKEY_verify_recover|. + * + * Public-key decryption is a very obscure operation that is only implemented + * by RSA keys. It is effectively a signature verification operation that + * returns the signed message directly. It is almost certainly not what you + * want. + * + * It returns one on success or zero on error. */ +OPENSSL_EXPORT int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx); + +/* EVP_PKEY_verify_recover decrypts |sig_len| bytes from |sig|. If |out| is + * NULL, the maximum size of the plaintext is written to |out_len|. Otherwise, + * |*out_len| must contain the number of bytes of space available at |out|. If + * sufficient, the ciphertext will be written to |out| and |*out_len| updated + * with the true length. + * + * WARNING: Setting |out| to NULL only gives the maximum size of the + * plaintext. The actual plaintext may be smaller. + * + * See the warning about this operation in |EVP_PKEY_verify_recover_init|. It + * is probably not what you want. + * + * It returns one on success or zero on error. */ +OPENSSL_EXPORT int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, uint8_t *out, + size_t *out_len, const uint8_t *sig, + size_t siglen); + /* EVP_PKEY_derive_init initialises an |EVP_PKEY_CTX| for a key derivation * operation. It should be called before |EVP_PKEY_derive_set_peer| and * |EVP_PKEY_derive|. @@ -659,6 +687,16 @@ OPENSSL_EXPORT void OpenSSL_add_all_digests(void); /* EVP_cleanup does nothing. */ OPENSSL_EXPORT void EVP_cleanup(void); +OPENSSL_EXPORT void EVP_CIPHER_do_all_sorted( + void (*callback)(const EVP_CIPHER *cipher, const char *name, + const char *unused, void *arg), + void *arg); + +OPENSSL_EXPORT void EVP_MD_do_all_sorted(void (*callback)(const EVP_MD *cipher, + const char *name, + const char *unused, + void *arg), + void *arg); /* Private functions */ diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 73fdbfeb..f6ed6f4f 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -2704,15 +2704,17 @@ OPENSSL_EXPORT void SSL_set_max_cert_list(SSL *ssl, size_t max_cert_list); /* SSL_CTX_set_max_send_fragment sets the maximum length, in bytes, of records * sent by |ctx|. Beyond this length, handshake messages and application data - * will be split into multiple records. */ -OPENSSL_EXPORT void SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, - size_t max_send_fragment); + * will be split into multiple records. It returns one on success or zero on + * error. */ +OPENSSL_EXPORT int SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, + size_t max_send_fragment); -/* SSL_set_max_send_fragment sets the maximum length, in bytes, of records - * sent by |ssl|. Beyond this length, handshake messages and application data - * will be split into multiple records. */ -OPENSSL_EXPORT void SSL_set_max_send_fragment(SSL *ssl, - size_t max_send_fragment); +/* SSL_set_max_send_fragment sets the maximum length, in bytes, of records sent + * by |ssl|. Beyond this length, handshake messages and application data will + * be split into multiple records. It returns one on success or zero on + * error. */ +OPENSSL_EXPORT int SSL_set_max_send_fragment(SSL *ssl, + size_t max_send_fragment); /* ssl_early_callback_ctx is passed to certain callbacks that are called very * early on during the server handshake. At this point, much of the SSL* hasn't @@ -3732,6 +3734,11 @@ struct ssl_ctx_st { * means that we'll accept Channel IDs from clients. For a client, means that * we'll advertise support. */ unsigned tlsext_channel_id_enabled:1; + + /* extra_certs is a dummy value included for compatibility. + * TODO(agl): remove once node.js no longer references this. */ + STACK_OF(X509)* extra_certs; + int freelist_max_len; }; struct ssl_st { @@ -3914,6 +3921,9 @@ struct ssl_st { * means that we'll accept Channel IDs from clients. For a client, means that * we'll advertise support. */ unsigned tlsext_channel_id_enabled:1; + + /* TODO(agl): remove once node.js not longer references this. */ + int tlsext_status_type; }; typedef struct ssl3_record_st { @@ -4179,6 +4189,14 @@ OPENSSL_EXPORT int SSL_set_session_ticket_ext_cb(SSL *s, void *cb, void *arg); OPENSSL_EXPORT int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method); +/* Nodejs compatibility section (hidden). + * + * These defines exist for node.js, with the hope that we can eliminate the + * need for them over time. */ +#define SSLerr(function, reason) \ + ERR_put_error(ERR_LIB_SSL, 0, reason, __FILE__, __LINE__) + + /* Preprocessor compatibility section (hidden). * * Historically, a number of APIs were implemented in OpenSSL as macros and diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 5946fc2b..fe3c1738 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1180,7 +1180,7 @@ void SSL_set_max_cert_list(SSL *ssl, size_t max_cert_list) { ssl->max_cert_list = (uint32_t)max_cert_list; } -void SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, size_t max_send_fragment) { +int SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, size_t max_send_fragment) { if (max_send_fragment < 512) { max_send_fragment = 512; } @@ -1188,9 +1188,11 @@ void SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, size_t max_send_fragment) { max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; } ctx->max_send_fragment = (uint16_t)max_send_fragment; + + return 1; } -void SSL_set_max_send_fragment(SSL *ssl, size_t max_send_fragment) { +int SSL_set_max_send_fragment(SSL *ssl, size_t max_send_fragment) { if (max_send_fragment < 512) { max_send_fragment = 512; } @@ -1198,6 +1200,8 @@ void SSL_set_max_send_fragment(SSL *ssl, size_t max_send_fragment) { max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; } ssl->max_send_fragment = (uint16_t)max_send_fragment; + + return 1; } int SSL_set_mtu(SSL *ssl, unsigned mtu) { diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 68c380a9..346746af 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1144,6 +1144,7 @@ static int ext_sigalgs_add_serverhello(SSL *ssl, CBB *out) { static void ext_ocsp_init(SSL *ssl) { ssl->s3->tmp.certificate_status_expected = 0; + ssl->tlsext_status_type = -1; } static int ext_ocsp_add_clienthello(SSL *ssl, CBB *out) { @@ -1161,6 +1162,7 @@ static int ext_ocsp_add_clienthello(SSL *ssl, CBB *out) { return 0; } + ssl->tlsext_status_type = TLSEXT_STATUSTYPE_ocsp; return 1; } |