New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove OpenSSL #17265
Remove OpenSSL #17265
Conversation
Concept ACK! |
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
I think we wanted to include some of the environmental entropy sources (statistics, pid, ...) that OpenSSL uses in our own RNG state first. See #10299. I'll PR something soon. |
Concept ACK. |
Concept ACK. I recently ran into openssl issues here #17123, this is awesome ! |
Concept and code review ACK, agree that we should ideally get #17270 in first. |
Concept ACK Very pleased to see OpenSSL go :) |
f56a128
to
1ee67af
Compare
Fixed doc nit above and squashed some commits together. This is waiting on #17270. |
big Concept ACK |
1ee67af
to
24ac38d
Compare
On the ::SLOW or ::SLEEP paths, we would feed our RNG output back into OpenSSL using RAND_add. This commit removes that functionality. RAND_add(): https://www.openssl.org/docs/manmaster/man3/RAND_add.html RAND_add() mixes the num bytes at buf into the internal state of the random generator. This function will not normally be needed, as mentioned above. The randomness argument is an estimate of how much randomness is contained in buf, in bytes, and should be a number between zero and num.
On the ::SLOW path we would use OpenSSL as an additional source of random bytes. This commit removes that functionality. Note that this was always only an additional source, and that we never checked the return value RAND_bytes(): https://www.openssl.org/docs/manmaster/man3/RAND_bytes.html RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf.
24ac38d
to
e5a0bec
Compare
it doesn't affect any of the bitcoin core binaries, so it's off topic here. Please take your question upstream. |
OpenSSL is no longer required after bitcoin/bitcoin#17265. libsodium has never been required to build bitcoind on macOS.
OpenSSL is no longer required after bitcoin/bitcoin#17265. libsodium has never been required to build bitcoind on macOS.
OpenSSL is no longer required after bitcoin/bitcoin#17265. libsodium has never been required to build bitcoind on macOS.
OpenSSL is no longer required after bitcoin/bitcoin#17265. libsodium has never been required to build bitcoind on macOS.
Summary: ``` On the ::SLOW or ::SLEEP paths, we would feed our RNG output back into OpenSSL using RAND_add. This commit removes that functionality. RAND_add(): https://www.openssl.org/docs/manmaster/man3/RAND_add.html RAND_add() mixes the num bytes at buf into the internal state of the random generator. This function will not normally be needed, as mentioned above. The randomness argument is an estimate of how much randomness is contained in buf, in bytes, and should be a number between zero and num. ``` Partial backport of core [[bitcoin/bitcoin#17265 | PR17265]]: bitcoin/bitcoin@5624ab0 Test Plan: ninja all check-all Reviewers: #bitcoin_abc, deadalnix Reviewed By: #bitcoin_abc, deadalnix Differential Revision: https://reviews.bitcoinabc.org/D6240
Summary: ``` On the ::SLOW path we would use OpenSSL as an additional source of random bytes. This commit removes that functionality. Note that this was always only an additional source, and that we never checked the return value RAND_bytes(): https://www.openssl.org/docs/manmaster/man3/RAND_bytes.html RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf. ``` Partial backport of core [[bitcoin/bitcoin#17265 | PR17265]]: bitcoin/bitcoin@4fcfcc2 Test Plan: ninja all check-all Reviewers: #bitcoin_abc, deadalnix Reviewed By: #bitcoin_abc, deadalnix Differential Revision: https://reviews.bitcoinabc.org/D6241
Summary: Partial backport of core [[bitcoin/bitcoin#17265 | PR17265]]: bitcoin/bitcoin@b49b6b0 Depends on D6240 and D6241. Test Plan: ninja all check-all Run the Gitian builds. Reviewers: #bitcoin_abc, deadalnix Reviewed By: #bitcoin_abc, deadalnix Differential Revision: https://reviews.bitcoinabc.org/D6242
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great 👌🏼
Summary: ``` On the ::SLOW or ::SLEEP paths, we would feed our RNG output back into OpenSSL using RAND_add. This commit removes that functionality. RAND_add(): https://www.openssl.org/docs/manmaster/man3/RAND_add.html RAND_add() mixes the num bytes at buf into the internal state of the random generator. This function will not normally be needed, as mentioned above. The randomness argument is an estimate of how much randomness is contained in buf, in bytes, and should be a number between zero and num. ``` Partial backport of core [[bitcoin/bitcoin#17265 | PR17265]]: bitcoin/bitcoin@5624ab0 Test Plan: ninja all check-all Reviewers: #bitcoin_abc, deadalnix Reviewed By: #bitcoin_abc, deadalnix Differential Revision: https://reviews.bitcoinabc.org/D6240
Remove OpenSSL Includes changes cherry-picked from the following upstream PRs: - bitcoin/bitcoin#7095 - bitcoin/bitcoin#17165 - Only the commit removing SSL lib detection (we have long since removed the rest). - bitcoin/bitcoin#17265 - We had already migrated away from OpenSSL for randomness. - bitcoin/bitcoin#17515 - Only the second commit.
Remove OpenSSL Includes changes cherry-picked from the following upstream PRs: - bitcoin/bitcoin#7095 - bitcoin/bitcoin#11024 - bitcoin/bitcoin#17165 - Only the commit removing SSL lib detection (we have long since removed the rest). - bitcoin/bitcoin#17265 - We had already migrated away from OpenSSL for randomness. - bitcoin/bitcoin#17515 - Only the second commit. Closes #145.
e5a0bec doc: add OpenSSL removal to release-notes.md (fanquake) 397dbae ci: remove OpenSSL installation (fanquake) a4eb839 doc: remove OpenSSL from build instructions and licensing info (fanquake) 648b2e3 depends: remove OpenSSL package (fanquake) 8983ee3 build: remove OpenSSL detection and libs (fanquake) b49b6b0 random: Remove remaining OpenSSL calls and locking infrastructure (fanquake) 4fcfcc2 random: stop retrieving random bytes from OpenSSL (fanquake) 5624ab0 random: stop feeding RNG output back into OpenSSL (fanquake) Pull request description: Now that bitcoin#17165 has been merged, removing our remaining OpenSSL usage is possible. That remaining usage was a call to [`RAND_bytes`](https://www.openssl.org/docs/manmaster/man3/RAND_bytes.html) during the ::SLOW path of [ProcRand](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L616). As well as feeding output from our RNG back into OpenSSL via [`RAND_add`](https://www.openssl.org/docs/manmaster/man3/RAND_add.html) during the ::SLOW and ::SLEEP paths. Optimistically tagged for `0.20.0`. Needs discussion, potentially in an upcoming weekly meeting? Closes bitcoin#12530. ACKs for top commit: MarcoFalke: ACK e5a0bec laanwj: ACK e5a0bec Tree-SHA512: 02fce08ec91d20e0da51e9314eec53dcf8699cded02f0a005417d627520c20b826332cb42bdae132af283d4903aa3088a9f613f3aea915d655a51532a4d4796c
…d build ea3c7e5 test: Remove libssl-dev packages from CI scripts (Wladimir J. van der Laan) 7ea5526 test: remove lsan suppression for libcrypto (Wladimir J. van der Laan) 2d70665 build: remove libcrypto as internal dependency in libbitcoinconsensus.pc (Wladimir J. van der Laan) 278751e doc: Remove ssl as a required dependency from build-unix (Wladimir J. van der Laan) Pull request description: Some doc and build cleanups following bitcoin#17265. I intentionally left the libssl-dev install in `gitian-win-signer.yml`, as it's necessary for the ossl signer. ACKs for top commit: MarcoFalke: ACK ea3c7e5 🗯 jamesob: ACK bitcoin@ea3c7e5 practicalswift: ACK ea3c7e5 - nice! fanquake: ACK ea3c7e5 - thanks. Tree-SHA512: 67ea35bdd6d6e512d69e6734713534c88cae033a2ed695677ea15c3e3d5ff570374e342775c88e60877fa43a19047853e7b2a433e2c9a4349a5c423726a7457e
5563331 Snap: remove openssl from nightly snapcraft build requirements (Fuzzbawls) 686bfad doc: Add OpenSSL removal to release notes (Fuzzbawls) f669248 ci: remove OpenSSL installation (Fuzzbawls) 9660aec doc: remove OpenSSL from build instructions and licensing info (Fuzzbawls) 9b2e35d depends: remove OpenSSL package (Fuzzbawls) 9a81d8e CMake: remove OpenSSL detection and libs (Fuzzbawls) 53576bc build: remove OpenSSL detection and libs (fanquake) 5f30c2b Stop using OpenSSL's sha hashing in bip38 code (Fuzzbawls) d531bf2 Use our own hmac_sha256 instead of OpenSSL's in scrypt.cpp (Fuzzbawls) b687f8e Use ctaes instead of OpenSSL's AES in bip38 code (Fuzzbawls) 86c978a Remove unused openssl includes (Fuzzbawls) ab830e5 remove unused EncodeBase64Secure (Fuzzbawls) 690c938 random: Remove remaining OpenSSL calls and locking infrastructure (fanquake) 602c0b2 random: stop retrieving random bytes from OpenSSL (fanquake) b1c8396 random: stop feeding RNG output back into OpenSSL (fanquake) Pull request description: The natural follow-up to #2278, #2286, and #2288. With these three PRs merged, there are only a few minor pieces of code that still rely on OpenSSL: - a call to `RAND_bytes` during the ::SLOW path of ProcRand - feeding output from our RNG back into OpenSSL via `RAND_add` during the ::SLOW and ::SLEEP paths. - an unused function in `utilstrencodings.cpp` (`DecodeBase64Secure()`, now removed) - some stale (un-needed/un-used) header includes - bip38 exclusive usages including the following: - using OpenSSL's AES for encryption, now switched to using ctaes - using OpenSSL to do HMAC_SHA256 hashing in `crypto/scrypt.cpp`, now switched to using our native HMAC_SHA256 header - an unused function in `hash.h` (`std::string Hash(std::string input)`), now removed - a SHA256 Hash function to compute a void pointer, switched to using template objects Upstream PRs backported: bitcoin#17265, bitcoin#17515, and bitcoin#18825 The changes to bip38 were tested by doing two-way encryption/decryption between `master` and this PR ACKs for top commit: random-zebra: ACK 5563331 furszy: k, ACK 5563331 and merging.. Tree-SHA512: bfa7445d7b153bb5ea04b7b52bbedaa07ad5acd1a56221425fa5fb7c20ecbf90f392c85273734ad2a277d4fffc43b10a7a660924a8a41c175ba2fc68e6cf820f
Now that #17165 has been merged, removing our remaining OpenSSL usage is possible.
That remaining usage was a call to
RAND_bytes
during the ::SLOW path of ProcRand. As well as feeding output from our RNG back into OpenSSL viaRAND_add
during the ::SLOW and ::SLEEP paths.Optimistically tagged for
0.20.0
. Needs discussion, potentially in an upcoming weekly meeting?Closes #12530.