-
-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement a provider side PKEY MAC bridge #12637
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good after a first pass. A few questions and CIs are relevant.
All feedback addressed. Also fixed some CI issues, and added some missing documentation. |
|
||
if (cipher != NULL) | ||
cipher_name = EVP_CIPHER_name(cipher); | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we error here if there is no cipher_name for both the cases (cipher != NULL or cipher == NULL)?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, since it's the cipher name that gets passed a few lines down
doc/man7/EVP_PKEY-HMAC.pod
Outdated
=head1 DESCRIPTION | ||
|
||
The B<HMAC>, B<SIPHASH>, B<POLY1305> and B<CMAC> keytypes are implemented in | ||
OpenSSL's default and FIPS providers. Performing MAC operations via an EVP_PKEY |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
HMAC and CMAC are the only ones in the fips provider.
doc/man7/EVP_PKEY-HMAC.pod
Outdated
|
||
=head2 CMAC parameters | ||
|
||
As well as all the parameters described above, the B<CMAC> keytype additionally |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe remove all
doc/man7/EVP_SIGNATURE-HMAC.pod
Outdated
The algorithms described here have legacy support for creating MACs using | ||
L<EVP_DigestSignInit(3)> and related functions. This is not the preferred way of | ||
creating MACs. Instead you should use the newer L<EVP_MAC_init(3)> functions. | ||
However this mechanism is provided for backwards compatibility with older |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove However?
@@ -277,6 +277,8 @@ extern const OSSL_DISPATCH ed25519_keymgmt_functions[]; | |||
extern const OSSL_DISPATCH ed448_keymgmt_functions[]; | |||
extern const OSSL_DISPATCH ec_keymgmt_functions[]; | |||
extern const OSSL_DISPATCH kdf_keymgmt_functions[]; | |||
extern const OSSL_DISPATCH mac_keymgmt_functions[]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think these names should indicate they are legacy.. by adding legacy as part of the name.
#include "prov/macsignature.h" | ||
|
||
# ifdef OPENSSL_SYS_WINDOWS | ||
# define strcasecmp _stricmp |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
At some point these will need to be cleaned up..
return gettable_params; | ||
} | ||
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
extra line
All feedback addressed or responded to. Please take another look. |
9a99802
to
1a47629
Compare
I rebased this to resolve a trivial conflict with master. I also pushed a new fixup commit to address a minor issue identified by travis. @paulidale - please can you reconfirm? |
24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The merge conflict looks easy but probably qualifies as non-trivial and thus requiring review too.
Some MAC implementations were available before the current EVP_MAC API. They were used via EVP_DigestSign*. There exists a bridge between the old API and the EVP_MAC API however this bridge itself uses a legacy EVP_PKEY_METHOD. This commit implements the key management for provider side bridge without having to useany legacy code.
…idge Some MAC implementations were available before the current EVP_MAC API. They were used via EVP_DigestSign*. There exists a bridge between the oldAPI and the EVP_MAC API however this bridge itself uses a legacy EVP_PKEY_METHOD. This commit implements the signature functions for the provider side bridge without having to use any legacy code.
evp_extra_test had a test that checks whether an EVP_PKEY_CTX can still be created for HMAC even though there are no providers loaded because it is a legacy algorithm. However after the earlier commits this is no longer the case. We swap the check to a different legacy algorithm (SM2). Hopefully before too long there will be no legacy algorithms left and the test can be deleted.
Some MAC implementations were available before the current EVP_MAC API. They were used via EVP_DigestSign*. There exists a bridge between the old API and the EVP_MAC API however this bridge itself uses a legacy EVP_PKEY_METHOD. This commit implements the key management for provider side bridge without having to useany legacy code. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
…idge Some MAC implementations were available before the current EVP_MAC API. They were used via EVP_DigestSign*. There exists a bridge between the oldAPI and the EVP_MAC API however this bridge itself uses a legacy EVP_PKEY_METHOD. This commit implements the signature functions for the provider side bridge without having to use any legacy code. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
evp_extra_test had a test that checks whether an EVP_PKEY_CTX can still be created for HMAC even though there are no providers loaded because it is a legacy algorithm. However after the earlier commits this is no longer the case. We swap the check to a different legacy algorithm (SM2). Hopefully before too long there will be no legacy algorithms left and the test can be deleted. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
Previously it was a macro. We now make it into a function that is params aware. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
Fixes some issues with EVP_MD_CTX_* functions when doing EVP_DigestSign* and EVP_DigestVerify* functions. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
Convert various mac key creation function calls to use the _with_libctx variants. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
The previous commits added support for HMAC into the provider MAC bridge. We now extend that for SIPHASH too. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
Some signature algorithms don't need a default digest, so don't fail if we don't have one. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
The previous commits added support for HMAC and SIPHASH into the provider MAC bridge. We now extend that for Poly1305 too. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
The previous commits added support for HMAC, SIPHASH and Poly1305 into the provider MAC bridge. We now extend that for CMAC too. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
Now that the all the legacy PKEY MAC bridge code has been moved to the providers we no longer need the old bridge and it can be removed. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
The test only setup the generation of a key. It did not complete that generation. We extend the test to complete the generation and to use the generated key. We also compare the result with a key generated in a different way. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
We reuse concepts such as PROV_CIPHER, and make use of some common code in provider_util.c Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from openssl#12637)
This PR replaces the legacy EVP_PKEY to MAC bridge with a provider side version. After this PR the only remaining EVP_PKEY_METHOD still in place will be SM2.