From 7f5b186b0af5c12fd35c8ce6c0c6b45755c8bf45 Mon Sep 17 00:00:00 2001 From: G1gg1L3s Date: Wed, 14 Jun 2023 22:09:02 +0300 Subject: [PATCH 1/7] Bump BoringSSL and fix makefile This is not the latest BoringSSL version yet, because there are a couple of fixes. So, treat it as the first. Here we also fix our makefile because the BoringSSL team fixed bug with the strange behaviour of absolute path to symbols.txt [1]. [1]: https://boringssl.googlesource.com/boringssl/+/8c75ed046f799f1d8b805036b1dea9c5ec0a0fb5%5E%21/#F0 --- src/soter/boringssl/soter.mk | 4 +--- third_party/boringssl/src | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/src/soter/boringssl/soter.mk b/src/soter/boringssl/soter.mk index 617208e88..a55420e81 100644 --- a/src/soter/boringssl/soter.mk +++ b/src/soter/boringssl/soter.mk @@ -87,14 +87,12 @@ ifeq ($(RENAME_BORINGSSL_SYMBOLS),yes) $(GO) run util/read_symbols.go -out $(abspath $(BIN_PATH)/boringssl/symbols.txt) \ $(abspath $(BIN_PATH)/boringssl/stage-1/crypto/libcrypto.a) \ $(abspath $(BIN_PATH)/boringssl/stage-1/decrepit/libdecrepit.a) - @# Path to symbols must be a relative one (relative to the build directory) - @# because absolute paths confuse BoringSSL's make. @echo "building embedded BoringSSL again with renamed symbols..." @mkdir -p $(BIN_PATH)/boringssl/stage-2 @cd $(BIN_PATH)/boringssl/stage-2 && \ $(CMAKE) $(SOTER_ENGINE_CMAKE_FLAGS) \ -DBORINGSSL_PREFIX=$(SOTER_BORINGSSL_PREFIX) \ - -DBORINGSSL_PREFIX_SYMBOLS=../symbols.txt \ + -DBORINGSSL_PREFIX_SYMBOLS=$(abspath $(BIN_PATH)/boringssl/symbols.txt) \ $(abspath third_party/boringssl/src) ifeq ($(NINJA),) @$(MAKE) -C $(BIN_PATH)/boringssl/stage-2 crypto decrepit diff --git a/third_party/boringssl/src b/third_party/boringssl/src index 897a2ca3f..8c75ed046 160000 --- a/third_party/boringssl/src +++ b/third_party/boringssl/src @@ -1 +1 @@ -Subproject commit 897a2ca3f184b34278641138c726ef902ab1fab2 +Subproject commit 8c75ed046f799f1d8b805036b1dea9c5ec0a0fb5 From 97697a48dfe0ea8ac61116852bd071a3b5bce288 Mon Sep 17 00:00:00 2001 From: G1gg1L3s Date: Wed, 14 Jun 2023 22:20:59 +0300 Subject: [PATCH 2/7] Bump BoringSSL and fix opaque EVP As OpenSSL, BoringSSL made many types opaque, so it will require updating some of the code to not use fields. --- src/soter/boringssl/soter_sign_ecdsa.c | 2 +- third_party/boringssl/src | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/soter/boringssl/soter_sign_ecdsa.c b/src/soter/boringssl/soter_sign_ecdsa.c index ebc0ff6c0..adc38db47 100644 --- a/src/soter/boringssl/soter_sign_ecdsa.c +++ b/src/soter/boringssl/soter_sign_ecdsa.c @@ -135,7 +135,7 @@ soter_status_t soter_sign_final_ecdsa_none_pkcs8(soter_sign_ctx_t* ctx, if (!pkey) { return SOTER_INVALID_PARAMETER; } - if (EVP_PKEY_type(pkey->type) != EVP_PKEY_EC) { + if (EVP_PKEY_type(EVP_PKEY_id(pkey)) != EVP_PKEY_EC) { return SOTER_INVALID_PARAMETER; } /* TODO: need review */ diff --git a/third_party/boringssl/src b/third_party/boringssl/src index 8c75ed046..890c201d4 160000 --- a/third_party/boringssl/src +++ b/third_party/boringssl/src @@ -1 +1 @@ -Subproject commit 8c75ed046f799f1d8b805036b1dea9c5ec0a0fb5 +Subproject commit 890c201d4ac9c345c304d646365fe077cf2b60c1 From 0608f7f0a998978ec2ef69213080096a9b4f1fa0 Mon Sep 17 00:00:00 2001 From: G1gg1L3s Date: Wed, 14 Jun 2023 23:20:18 +0300 Subject: [PATCH 3/7] Bump BoringSSL again and fix RSA The same issue - RSA type became opaque, so we need to use accessors similar to what Openssl had. --- src/soter/boringssl/soter_rsa_key.c | 24 ++++++++++++------------ third_party/boringssl/src | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/src/soter/boringssl/soter_rsa_key.c b/src/soter/boringssl/soter_rsa_key.c index b6c090ef4..ed6f24281 100644 --- a/src/soter/boringssl/soter_rsa_key.c +++ b/src/soter/boringssl/soter_rsa_key.c @@ -159,16 +159,16 @@ soter_status_t soter_engine_specific_to_rsa_pub_key(const soter_engine_specific_ } pub_exp = (uint32_t*)((unsigned char*)(key + 1) + rsa_mod_size); - if (BN_is_word(rsa->e, RSA_F4)) { + if (BN_is_word(RSA_get0_e(rsa), RSA_F4)) { *pub_exp = htobe32(RSA_F4); - } else if (BN_is_word(rsa->e, RSA_3)) { + } else if (BN_is_word(RSA_get0_e(rsa), RSA_3)) { *pub_exp = htobe32(RSA_3); } else { res = SOTER_INVALID_PARAMETER; goto err; } - res = bignum_to_bytes(rsa->n, (unsigned char*)(key + 1), rsa_mod_size); + res = bignum_to_bytes(RSA_get0_n(rsa), (unsigned char*)(key + 1), rsa_mod_size); if (SOTER_SUCCESS != res) { goto err; } @@ -225,9 +225,9 @@ soter_status_t soter_engine_specific_to_rsa_priv_key(const soter_engine_specific } pub_exp = (uint32_t*)(curr_bn + ((rsa_mod_size * 4) + (rsa_mod_size / 2))); - if (BN_is_word(rsa->e, RSA_F4)) { + if (BN_is_word(RSA_get0_e(rsa), RSA_F4)) { *pub_exp = htobe32(RSA_F4); - } else if (BN_is_word(rsa->e, RSA_3)) { + } else if (BN_is_word(RSA_get0_e(rsa), RSA_3)) { *pub_exp = htobe32(RSA_3); } else { res = SOTER_INVALID_PARAMETER; @@ -235,49 +235,49 @@ soter_status_t soter_engine_specific_to_rsa_priv_key(const soter_engine_specific } /* Private exponent */ - res = bignum_to_bytes(rsa->d, curr_bn, rsa_mod_size); + res = bignum_to_bytes(RSA_get0_d(rsa), curr_bn, rsa_mod_size); if (SOTER_SUCCESS != res) { goto err; } curr_bn += rsa_mod_size; /* p */ - res = bignum_to_bytes(rsa->p, curr_bn, rsa_mod_size / 2); + res = bignum_to_bytes(RSA_get0_p(rsa), curr_bn, rsa_mod_size / 2); if (SOTER_SUCCESS != res) { goto err; } curr_bn += rsa_mod_size / 2; /* q */ - res = bignum_to_bytes(rsa->q, curr_bn, rsa_mod_size / 2); + res = bignum_to_bytes(RSA_get0_q(rsa), curr_bn, rsa_mod_size / 2); if (SOTER_SUCCESS != res) { goto err; } curr_bn += rsa_mod_size / 2; /* dp */ - res = bignum_to_bytes(rsa->dmp1, curr_bn, rsa_mod_size / 2); + res = bignum_to_bytes(RSA_get0_dmp1(rsa), curr_bn, rsa_mod_size / 2); if (SOTER_SUCCESS != res) { goto err; } curr_bn += rsa_mod_size / 2; /* dq */ - res = bignum_to_bytes(rsa->dmq1, curr_bn, rsa_mod_size / 2); + res = bignum_to_bytes(RSA_get0_dmq1(rsa), curr_bn, rsa_mod_size / 2); if (SOTER_SUCCESS != res) { goto err; } curr_bn += rsa_mod_size / 2; /* qp */ - res = bignum_to_bytes(rsa->iqmp, curr_bn, rsa_mod_size / 2); + res = bignum_to_bytes(RSA_get0_iqmp(rsa), curr_bn, rsa_mod_size / 2); if (SOTER_SUCCESS != res) { goto err; } curr_bn += rsa_mod_size / 2; /* modulus */ - res = bignum_to_bytes(rsa->n, curr_bn, rsa_mod_size); + res = bignum_to_bytes(RSA_get0_n(rsa), curr_bn, rsa_mod_size); if (SOTER_SUCCESS != res) { goto err; } diff --git a/third_party/boringssl/src b/third_party/boringssl/src index 890c201d4..d4553e053 160000 --- a/third_party/boringssl/src +++ b/third_party/boringssl/src @@ -1 +1 @@ -Subproject commit 890c201d4ac9c345c304d646365fe077cf2b60c1 +Subproject commit d4553e0538509b673137900db28413706a2be792 From 4aa8aecccd051750f1d20a9758f55da2c829a31b Mon Sep 17 00:00:00 2001 From: G1gg1L3s Date: Wed, 14 Jun 2023 23:28:25 +0300 Subject: [PATCH 4/7] Bump BoringSSL once more This is (hoperfully) the last bump. This time without issues but we will see what CI says. --- third_party/boringssl/src | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/third_party/boringssl/src b/third_party/boringssl/src index d4553e053..e1b868577 160000 --- a/third_party/boringssl/src +++ b/third_party/boringssl/src @@ -1 +1 @@ -Subproject commit d4553e0538509b673137900db28413706a2be792 +Subproject commit e1b8685770d0e82e5a4a3c5d24ad1602e05f2e83 From cd1946849b26c799572fc6e0d5dbb2eff35bf537 Mon Sep 17 00:00:00 2001 From: G1gg1L3s Date: Wed, 14 Jun 2023 23:37:41 +0300 Subject: [PATCH 5/7] Make bignum_to_bytes accept const bignum* It will prevent some of the warnings. This function doesn't mutate bignum anyway. --- src/soter/boringssl/soter_rsa_key.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/soter/boringssl/soter_rsa_key.c b/src/soter/boringssl/soter_rsa_key.c index ed6f24281..c105b4726 100644 --- a/src/soter/boringssl/soter_rsa_key.c +++ b/src/soter/boringssl/soter_rsa_key.c @@ -101,7 +101,7 @@ static bool is_mod_size_supported(unsigned mod_size) } } -static soter_status_t bignum_to_bytes(BIGNUM* bn, uint8_t* to, size_t to_length) +static soter_status_t bignum_to_bytes(const BIGNUM* bn, uint8_t* to, size_t to_length) { size_t bn_size = (size_t)BN_num_bytes(bn); size_t bytes_copied; From 7e832a8fa804e9159a31936e989cba21f88c6157 Mon Sep 17 00:00:00 2001 From: G1gg1L3s Date: Thu, 15 Jun 2023 19:18:28 +0300 Subject: [PATCH 6/7] Update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c14d3c3c3..924323b2e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ _Code:_ - Uncompressed EC public keys are now supported ([#959](https://github.com/cossacklabs/themis/pull/959), [#954](https://github.com/cossacklabs/themis/pull/954)) - Themis will generate uncompressed EC public keys when `THEMIS_GEN_EC_KEY_PAIR_UNCOMPRESSED=1` environment variable is set ([#959](https://github.com/cossacklabs/themis/pull/959)) - Increased PBKDF2 iteration count to maintain security of Secure Cell passphrase mode ([#976](https://github.com/cossacklabs/themis/pull/976)). + - Bumped embedded BoringSSL to the latest version ([#1004](https://github.com/cossacklabs/themis/pull/1004)). - **Soter** (low-level security core used by Themis) From cd9435cf2389dd630809788907e049c9785cf2c1 Mon Sep 17 00:00:00 2001 From: G1gg1L3s Date: Tue, 20 Jun 2023 19:35:08 +0300 Subject: [PATCH 7/7] boringssl: Bump once again --- third_party/boringssl/src | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/third_party/boringssl/src b/third_party/boringssl/src index e1b868577..50ee09552 160000 --- a/third_party/boringssl/src +++ b/third_party/boringssl/src @@ -1 +1 @@ -Subproject commit e1b8685770d0e82e5a4a3c5d24ad1602e05f2e83 +Subproject commit 50ee09552cde1c2019bef24520848d041920cfd4