New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support OpenSSL 1.1 #52
Comments
dengert/engine_pkcs11@222ca6a Contain changes for engine and libp11 to get it to work with OpenSSL-1.1. These are not complete, Many of these OpenSSL changes are in hidding structures in favor of access functions. ECDSA_METHOD and ECDH_METHOD are combined into EC_KEY_METHOD, and some functions used to set the method For testing I have been using openssl req and req.c needed some changes to get it to use an engine. The EC_KEY_METHOD for ECDSA now has 3 functions rather then 2. Some libp11 routines are being renamed: ERR_remove_state is now deprecated, and to get these changes, compiled, It is replaced by ERR_remove_thread_state. BIGNUM is now hidden, and there is no way to set r and s directly into a ECDSA_SIG, so a new trick RSA_generate_key has changed and needs a BN_GENCB and the exponent is a BN now too. Crypto_get_new_dynlockid has changed. So to get these change to compile, priv->lockid is not used. RSA_FLAG_SIGN_VER is not longed needed in OpenSSL 1.1. The original p11_ec.c was originally written to use the internal EC header files and structures. This is being dropped in favor of a OpenSSL-1.0.2 version for ECDSA only and the OpenSSL-1.1 that can support both ECDSA and ECDH. I have been able to use a command like: The openssl.conf needed some changes from previous versions. |
My roadmap is:
@dengert: I have pushed c219965 to gracefully handle 0 returned as an invalid dynamic lock ID. |
@dengert The dynamic locking callbacks from fns are already passed to the OpenSSL library used by engine_pkcs11. See the IMPLEMENT_DYNAMIC_BIND_FN macro in engine.h for details. A similar interface could be implemented to pass the callbacks further down to libp11. This may be useful in case engine_pkcs11 and libp11 use separate instances of OpenSSL. |
OK. Buit it would appear that engine_pkcs11 and libp11 must use the same instance of OpenSSL, |
"The same instance" also means "the same version". The other way around is not necessarily true. Example: Imagine an executable with statically linked OpenSSL using a dynamic engine. Both the executable and the engine may use the same version of OpenSSL. It should be possible to pass objects created on the shared heap from one OpenSSL to the other (at least some of the objects depending on the internal references to other objects). On the other hand, the application and the engine use different instances of OpenSSL. Both libraries will keep any static data (for example the registered locking callbacks) in separate locations. Also, it is possible that even different (but close) versions of OpenSSL will retain the same internal data representation for some objects. |
Douglas E. Engert DEEngert@gmail.com |
Rather than spending efforts on elaborate checking of version/instance compatibility, I'd prefer to see |
@dengert: I beg to differ. I, however, fail to see the possible practical outcome of discussing this topic any further. |
@dengert I closely observe https://github.com/dengert/libp11/commits/prep-openssl-1.1 and I like your changes. I hope to be able to merge them next week. |
Should decied on the API for PKCS11_ecdh_derive or make it an internal routine for now? |
I think the proper interface is to register (with One of my long-term goals is to deprecate, and subsequently remove any algorithm-specific functions (for example What do you think? |
Douglas E. Engert DEEngert@gmail.com |
Indeed. I guess the idea was to make PKCS#11 usable without any additional cryptographic library. This is essential to achieve higher levels of the FIPS 140-2 certification, but not really useful for libp11, which is already linked against OpenSSL.
If it doesn't work, it is something to be fixed in OpenSSL, and not libp11.
Correct. We need to translate OpenSSL key types into PKCS#11 key type specific operations. At the most basic level we use the PKCS11_KEY_ops structure to keep a list of PKCS#11 methods for each OpenSSL key type. I expect PKCS11_KEY_ops to be extended in the future versions of libp11.
This is exactly why libp11 is useful. 😃
Replacing RSA with EC does not sound like a problem specific to PKCS#11. This is something to be implemented in OpenSSL. I haven't studied the RFC yet, but I don't expect it to require any advanced primitives. |
I have converted PKCS11_ecdh_derive to an internal function, and I think |
The general idea looks good. The details can be cleaned up later. For example: CRYPTO_w_lock(PRIVSLOT(slot)->lockid); should be removed for several reasons:
It would be nice to get the same result without temporarily storing the newly created key on the device... Unfortunately, PKCS#11 does not seem to expose any interface to do it. @dengert When do you expect to have your code ready for merging? |
A test case should be added before merging it into libp11. Alternatively, you may wait we may wait until I merge engine_pkcs11 into libp11 (in about 3 weeks), and build the test cases with the OpenSSL commandline tools. @dengert What do you prefer? |
The code for engine and libp11 is ready now and works with OpenSSL-1.1-pre2 Much of the patch is converting the code to use functions to access now hidden structures. This has been done is a way to make it compatable from versions 0.9.8 to 1.1-pre2. I would like to get the patch applied as it is now, as it is getting very difficult to rebase and eventially developers wil need to face the issues of converting to 1.1. Getting the code in place will allow a developer to still use previous versions of OpenSSL and to test against 1.1. This needs to be more then a one person effort. I have changed a lot of code that only others can test. OpenSSL-1.1 will hides many previously exposed structures, such as BIGNUM, X509 and EVP_MD_CTX. Past versions of OpenSSL provided macros and functions to access member of the structures, but most code still used pointers to structure members or allocated a structure on the stack such as BIGNUM or EVP_MD_CTX on the stack. Also note the patch removes the code to compile using the BUILD_WITH_ECS_LOCL_H Additional changes in OpenSSL github master for 1.1-pre3 have also hidden EVP_PKEY! |
@dengert It's a good plan. I'm waiting for your pull requests. You likely have some code to test key derivation. Please consider submitting it examples/ or tests/ (depending on its potential educational value). I can take care of the further integration. |
Okay. I merged it.
I guess at this point of time it mostly affects me. "Developers" will generally only touch the code after it's stabilized. I really need a testing application... |
if (newkey != CK_INVALID_HANDLE && session != CK_INVALID_HANDLE);
rv = CRYPTOKI_call(ctx, C_DestroyObject(session, newkey)); @dengert Have you performed any tests on this code? |
Yes. Note that the object is a session object, and may be in memory depending the PKCS#11 module and the token. It is created as part of the C_DeriveKey from this template. 60 CK_ATTRIBUTE newkey_template[] = { Here is a GDB stack trace showing the OpenSC pkcs11 as it is about to clear and free the object. The line in question is at #4 #0 __pkcs15_release_object (obj=0x6ef620) at ../../../src/src/pkcs11/framework-pkcs15.c:435 The test is run using OpenSSL-1.1-pre2. |
My question was about ";" and the end of "if" line. |
Douglas E. Engert DEEngert@gmail.com |
libp11 successfully builds on the current OpenSSL 1.10-dev. The existing tests are also successful. I'm closing this issue. Please open a new issue for each identified bug. Please include (as a pull request creating a file in the |
The OpenSSL 1.1 API removes direct application access to most internal data structures in favour of getters and setters. This improves binary compatibility, but requires significant changes in the applications.
The text was updated successfully, but these errors were encountered: