From: Richard Levitte Date: Fri, 10 Jul 2020 13:25:15 +0000 (+0200) Subject: PROV: Update the DER to RSA deserializer to handle encrypted PKCS#8 X-Git-Tag: openssl-3.0.0-alpha6~58 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=38b14f474722ac2ace20d3b63b933b9b9cd3bbe1;p=thirdparty%2Fopenssl.git PROV: Update the DER to RSA deserializer to handle encrypted PKCS#8 Reviewed-by: Matt Caswell Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/12410) --- diff --git a/providers/implementations/serializers/deserialize_common.c b/providers/implementations/serializers/deserialize_common.c index ba8aa6d6d64..449d57b0a33 100644 --- a/providers/implementations/serializers/deserialize_common.c +++ b/providers/implementations/serializers/deserialize_common.c @@ -8,10 +8,14 @@ */ #include +#include #include #include +#include +#include "internal/cryptlib.h" #include "crypto/asn1.h" -#include "prov/bio.h" +#include "prov/bio.h" /* ossl_prov_bio_printf() */ +#include "prov/providercommonerr.h" /* PROV_R_READ_KEY */ #include "serializer_local.h" int ossl_prov_read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin, @@ -40,3 +44,48 @@ int ossl_prov_read_pem(PROV_CTX *provctx, OSSL_CORE_BIO *cin, BIO_free(in); return ok; } + +int ossl_prov_der_from_p8(unsigned char **new_der, long *new_der_len, + unsigned char *input_der, long input_der_len, + struct pkcs8_encrypt_ctx_st *ctx) +{ + const unsigned char *derp; + X509_SIG *p8 = NULL; + int ok = 0; + + if (!ossl_assert(new_der != NULL && *new_der == NULL) + || !ossl_assert(new_der_len != NULL)) + return 0; + + if (ctx->cipher == NULL) + return 0; + + derp = input_der; + if ((p8 = d2i_X509_SIG(NULL, &derp, input_der_len)) != NULL) { + char pbuf[PEM_BUFSIZE]; + const void *pstr = ctx->cipher_pass; + size_t plen = ctx->cipher_pass_length; + + if (pstr == NULL) { + pstr = pbuf; + if (!ctx->cb(pbuf, sizeof(pbuf), &plen, NULL, ctx->cbarg)) { + ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY); + pstr = NULL; + } + } + + if (pstr != NULL) { + const X509_ALGOR *alg = NULL; + const ASN1_OCTET_STRING *oct = NULL; + int len = 0; + + X509_SIG_get0(p8, &alg, &oct); + if (PKCS12_pbe_crypt(alg, pstr, plen, oct->data, oct->length, + new_der, &len, 0) != NULL) + ok = 1; + *new_der_len = len; + } + } + X509_SIG_free(p8); + return ok; +} diff --git a/providers/implementations/serializers/deserialize_der2rsa.c b/providers/implementations/serializers/deserialize_der2rsa.c index 9b586324757..6854c7efcbd 100644 --- a/providers/implementations/serializers/deserialize_der2rsa.c +++ b/providers/implementations/serializers/deserialize_der2rsa.c @@ -26,6 +26,8 @@ static OSSL_FUNC_deserializer_newctx_fn der2rsa_newctx; static OSSL_FUNC_deserializer_freectx_fn der2rsa_freectx; static OSSL_FUNC_deserializer_gettable_params_fn der2rsa_gettable_params; static OSSL_FUNC_deserializer_get_params_fn der2rsa_get_params; +static OSSL_FUNC_deserializer_settable_ctx_params_fn der2rsa_settable_ctx_params; +static OSSL_FUNC_deserializer_set_ctx_params_fn der2rsa_set_ctx_params; static OSSL_FUNC_deserializer_deserialize_fn der2rsa_deserialize; static OSSL_FUNC_deserializer_export_object_fn der2rsa_export_object; @@ -35,9 +37,7 @@ static OSSL_FUNC_deserializer_export_object_fn der2rsa_export_object; struct der2rsa_ctx_st { PROV_CTX *provctx; -#if 0 struct pkcs8_encrypt_ctx_st sc; -#endif }; static void *der2rsa_newctx(void *provctx) @@ -46,6 +46,8 @@ static void *der2rsa_newctx(void *provctx) if (ctx != NULL) { ctx->provctx = provctx; + /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */ + ctx->sc.pbe_nid = -1; } return ctx; } @@ -54,6 +56,8 @@ static void der2rsa_freectx(void *vctx) { struct der2rsa_ctx_st *ctx = vctx; + EVP_CIPHER_free(ctx->sc.cipher); + OPENSSL_clear_free(ctx->sc.cipher_pass, ctx->sc.cipher_pass_length); OPENSSL_free(ctx); } @@ -78,6 +82,56 @@ static int der2rsa_get_params(OSSL_PARAM params[]) return 1; } + +static const OSSL_PARAM *der2rsa_settable_ctx_params(void) +{ + static const OSSL_PARAM settables[] = { + OSSL_PARAM_utf8_string(OSSL_DESERIALIZER_PARAM_CIPHER, NULL, 0), + OSSL_PARAM_utf8_string(OSSL_DESERIALIZER_PARAM_PROPERTIES, NULL, 0), + OSSL_PARAM_octet_string(OSSL_DESERIALIZER_PARAM_PASS, NULL, 0), + OSSL_PARAM_END, + }; + + return settables; +} + +static int der2rsa_set_ctx_params(void *vctx, const OSSL_PARAM params[]) +{ + struct der2rsa_ctx_st *ctx = vctx; + OPENSSL_CTX *libctx = PROV_CTX_get0_library_context(ctx->provctx); + const OSSL_PARAM *p; + + if ((p = OSSL_PARAM_locate_const(params, OSSL_DESERIALIZER_PARAM_CIPHER)) + != NULL) { + const OSSL_PARAM *propsp = + OSSL_PARAM_locate_const(params, OSSL_DESERIALIZER_PARAM_PROPERTIES); + const char *props = NULL; + + if (p->data_type != OSSL_PARAM_UTF8_STRING) + return 0; + if (propsp != NULL && propsp->data_type != OSSL_PARAM_UTF8_STRING) + return 0; + props = (propsp != NULL ? propsp->data : NULL); + + EVP_CIPHER_free(ctx->sc.cipher); + ctx->sc.cipher = NULL; + ctx->sc.cipher_intent = p->data != NULL; + if (p->data != NULL + && ((ctx->sc.cipher = EVP_CIPHER_fetch(libctx, p->data, props)) + == NULL)) + return 0; + } + if ((p = OSSL_PARAM_locate_const(params, OSSL_DESERIALIZER_PARAM_PASS)) + != NULL) { + OPENSSL_clear_free(ctx->sc.cipher_pass, ctx->sc.cipher_pass_length); + ctx->sc.cipher_pass = NULL; + if (!OSSL_PARAM_get_octet_string(p, &ctx->sc.cipher_pass, 0, + &ctx->sc.cipher_pass_length)) + return 0; + } + return 1; +} + static int der2rsa_deserialize(void *vctx, OSSL_CORE_BIO *cin, OSSL_CALLBACK *data_cb, void *data_cbarg, OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) @@ -88,34 +142,28 @@ static int der2rsa_deserialize(void *vctx, OSSL_CORE_BIO *cin, unsigned char *der = NULL; const unsigned char *derp; long der_len = 0; + unsigned char *new_der = NULL; + long new_der_len; EVP_PKEY *pkey = NULL; int ok = 0; + ctx->sc.cb = pw_cb; + ctx->sc.cbarg = pw_cbarg; + if (!ossl_prov_read_der(ctx->provctx, cin, &der, &der_len)) return 0; - derp = der; -#if 0 /* PKCS#8 decryption coming soon */ - X509_SIG *p8 = NULL; - if ((p8 = d2i_X509_SIG(NULL, &derp, der_len)) != NULL) { - const X509_ALGOR *dalg = NULL; - const ASN1_OCTET_STRING *doct = NULL; - unsigned char *new_data = NULL; - int new_data_len; - - /* passphrase fetching code TBA */ - X509_SIG_get0(p8, &dalg, &doct); - if (!PKCS12_pbe_crypt(dalg, pass, strlen(pass), - doct->data, doct->length, - &new_data, &new_data_len, 0)) - goto nop8; + /* + * Opportunistic attempt to decrypt. If it doesn't work, we try to + * decode our input unencrypted. + */ + if (ctx->sc.cipher_intent + && ossl_prov_der_from_p8(&new_der, &new_der_len, der, der_len, + &ctx->sc)) { OPENSSL_free(der); - der = new_data; - der_len = new_data_len; + der = new_der; + der_len = new_der_len; } - X509_SIG_free(p8); - nop8: -#endif derp = der; if ((pkey = d2i_PrivateKey_ex(EVP_PKEY_RSA, NULL, &derp, der_len, @@ -171,6 +219,10 @@ const OSSL_DISPATCH der_to_rsa_deserializer_functions[] = { (void (*)(void))der2rsa_gettable_params }, { OSSL_FUNC_DESERIALIZER_GET_PARAMS, (void (*)(void))der2rsa_get_params }, + { OSSL_FUNC_DESERIALIZER_SETTABLE_CTX_PARAMS, + (void (*)(void))der2rsa_settable_ctx_params }, + { OSSL_FUNC_DESERIALIZER_SET_CTX_PARAMS, + (void (*)(void))der2rsa_set_ctx_params }, { OSSL_FUNC_DESERIALIZER_DESERIALIZE, (void (*)(void))der2rsa_deserialize }, { OSSL_FUNC_DESERIALIZER_EXPORT_OBJECT, diff --git a/providers/implementations/serializers/serializer_local.h b/providers/implementations/serializers/serializer_local.h index adabf6a6b32..a94418bb2a3 100644 --- a/providers/implementations/serializers/serializer_local.h +++ b/providers/implementations/serializers/serializer_local.h @@ -165,3 +165,8 @@ int ossl_prov_read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin, int ossl_prov_read_pem(PROV_CTX *provctx, OSSL_CORE_BIO *cin, char **pem_name, char **pem_header, unsigned char **data, long *len); + +int ossl_prov_der_from_p8(unsigned char **new_der, long *new_der_len, + unsigned char *input_der, long input_der_len, + struct pkcs8_encrypt_ctx_st *ctx); +