Bug#1007172: r-cran-pki incompatible with OpenSSL 3

Sat, 12 Mar 2022 10:39:15 -0800 

Package: r-cran-pki
Version: 0.1-9-1
Severity: serious
Tags: patch experimental
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu jammy ubuntu-patch

Hi Andreas,

r-cran-pki is incompatible with OpenSSL 3, which is currently in
experimental.  This shows up as an autopkgtest failure:

[...]
>  -- Ciphers
info("Ciphers")
> skey <- PKI.random(256)
> for (cipher in c("aes256ecb", "aes256ofb", "bfcbc", "bfecb", "bfofb", 
> "bfcfb"))
+     assert(cipher, all(PKI.decrypt(PKI.encrypt(charToRaw("foo!"), skey, 
cipher), skey, cipher)[1:4] == charToRaw("foo!")))
   .  aes256ecb 
   .  aes256ofb 
   .  bfcbc 
Error in PKI.encrypt(charToRaw("foo!"), skey, cipher) : 
  error:0308010C:digital envelope routines::unsupported
Calls: assert -> stopifnot -> PKI.decrypt -> PKI.encrypt
Execution halted
autopkgtest [09:48:31]: test run-unit-test: -----------------------]
[...]

  
(https://autopkgtest.ubuntu.com/results/autopkgtest-jammy/jammy/amd64/r/r-cran-pki/20220223_094913_a5969@/log.gz)

The issue is that r-cran-pki exposes use of various older, insecure
algorithms which are no longer available in the default crypto provider in
openssl, so additional steps are required in the code in order to enable use
of these algorithms.

I've prepared the attached patch which fixes the issue, and have uploaded it
to Ubuntu, since we are shipping OpenSSL 3 for the upcoming release.  Please
consider including it in Debian as well (and forwarding upstream).

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                   https://www.debian.org/
slanga...@ubuntu.com                                     vor...@debian.org

diff -Nru r-cran-pki-0.1-9/debian/patches/openssl3-compat.patch 
r-cran-pki-0.1-9/debian/patches/openssl3-compat.patch
--- r-cran-pki-0.1-9/debian/patches/openssl3-compat.patch       1969-12-31 
16:00:00.000000000 -0800
+++ r-cran-pki-0.1-9/debian/patches/openssl3-compat.patch       2022-03-12 
00:09:19.000000000 -0800
@@ -0,0 +1,85 @@
+Description: Fix compatibility with OpenSSL 3
+ Some algorithms exposed by PKI are now 'legacy' in OpenSSL and require
+ explicit enablement.
+Author: Steve Langasek <steve.langa...@ubuntu.com>
+Last-Update: 2022-03-12
+Forwarded: no
+
+Index: r-cran-pki-0.1-9/src/pki.h
+===================================================================
+--- r-cran-pki-0.1-9.orig/src/pki.h
++++ r-cran-pki-0.1-9/src/pki.h
+@@ -20,6 +20,10 @@
+ #include <openssl/x509_vfy.h>
+ #include <openssl/x509v3.h>
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++#include <openssl/provider.h>
++#endif
++
+ #if __APPLE__
+ #if defined MAC_OS_X_VERSION_10_7 && MAC_OS_X_VERSION_MIN_REQUIRED >= 1070
+ /* use accelerated crypto on OS X instead of OpenSSL crypto */
+Index: r-cran-pki-0.1-9/src/pki-x509.c
+===================================================================
+--- r-cran-pki-0.1-9.orig/src/pki-x509.c
++++ r-cran-pki-0.1-9/src/pki-x509.c
+@@ -225,6 +225,28 @@
+ static EVP_CIPHER_CTX *get_cipher(SEXP sKey, SEXP sCipher, int enc, int 
*transient, SEXP sIV) {
+     EVP_CIPHER_CTX *ctx;
+     PKI_init();
++
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++    static OSSL_PROVIDER *legacy_provider = NULL;
++    static OSSL_PROVIDER *default_provider = NULL;
++    static OSSL_LIB_CTX *ossl_ctx = NULL;
++
++    if (!ossl_ctx)
++      ossl_ctx = OSSL_LIB_CTX_new();
++    if (!ossl_ctx)
++      Rf_error("OSSL_LIB_CTX_new failed\n");
++
++    if (!legacy_provider)
++      legacy_provider = OSSL_PROVIDER_load(ossl_ctx, "legacy");
++    if (!legacy_provider)
++      Rf_error("OSSL_PROVIDER_load(legacy) failed\n");
++
++    if (!default_provider)
++      default_provider = OSSL_PROVIDER_load(ossl_ctx, "default");
++    if (!default_provider)
++      Rf_error("OSSL_PROVIDER_load(default) failed\n");
++#endif
++
+     if (inherits(sKey, "symmeric.cipher")) {
+       if (transient) transient[0] = 0;
+       return (EVP_CIPHER_CTX*) R_ExternalPtrAddr(sCipher);
+@@ -265,13 +287,29 @@
+       else if (!strcmp(cipher, "aes256ofb"))
+           type = EVP_aes_256_ofb();
+       else if (!strcmp(cipher, "blowfish") || !strcmp(cipher, "bfcbc"))
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++          type = EVP_CIPHER_fetch(ossl_ctx, "BF-CBC", NULL);
++#else
+           type = EVP_bf_cbc();
++#endif
+       else if (!strcmp(cipher, "bfecb"))
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++          type = EVP_CIPHER_fetch(ossl_ctx, "BF-ECB", NULL);
++#else
+           type = EVP_bf_ecb();
++#endif
+       else if (!strcmp(cipher, "bfofb"))
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++          type = EVP_CIPHER_fetch(ossl_ctx, "BF-OFB", NULL);
++#else
+           type = EVP_bf_ofb();
++#endif
+       else if (!strcmp(cipher, "bfcfb"))
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++          type = EVP_CIPHER_fetch(ossl_ctx, "BF-CFB", NULL);
++#else
+           type = EVP_bf_cfb();
++#endif
+       else Rf_error("unknown cipher `%s'", CHAR(STRING_ELT(sCipher, 0)));
+ 
+       if (TYPEOF(sIV) == STRSXP) {
diff -Nru r-cran-pki-0.1-9/debian/patches/series 
r-cran-pki-0.1-9/debian/patches/series
--- r-cran-pki-0.1-9/debian/patches/series      1969-12-31 16:00:00.000000000 
-0800
+++ r-cran-pki-0.1-9/debian/patches/series      2022-03-12 00:09:19.000000000 
-0800
@@ -0,0 +1 @@
+openssl3-compat.patch

Reply via email to