CVS commit: [netbsd-10] src

Martin Husemann Mon, 25 Mar 2024 07:15:09 -0700

Module Name:    src
Committed By:   martin
Date:           Mon Mar 25 14:14:56 UTC 2024


Modified Files:
        src/crypto/external/bsd/openssl/dist/crypto/evp [netbsd-10]:
            legacy_sha.c
        src/crypto/external/bsd/openssl/dist/include/crypto [netbsd-10]: sha.h
        src/crypto/external/bsd/openssl/dist/providers/implementations/digests 
[netbsd-10]:
            sha2_prov.c
        src/crypto/external/bsd/openssl/lib/libcrypto [netbsd-10]:
            libc-sha2xx.c
        src/distrib/sets/lists/debug [netbsd-10]: mi
        src/distrib/sets/lists/tests [netbsd-10]: mi
        src/tests/crypto/libcrypto [netbsd-10]: Makefile
Added Files:
        src/tests/crypto/libcrypto [netbsd-10]: t_sha512trunc.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #637):

        
crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c: 
revision 1.2
        tests/crypto/libcrypto/t_sha512trunc.c: revision 1.1
        tests/crypto/libcrypto/t_sha512trunc.c: revision 1.2
        tests/crypto/libcrypto/Makefile: revision 1.16
        distrib/sets/lists/tests/mi: revision 1.1311
        crypto/external/bsd/openssl/dist/crypto/evp/legacy_sha.c: revision 1.2
        distrib/sets/lists/debug/mi: revision 1.430
        crypto/external/bsd/openssl/dist/include/crypto/sha.h: revision 1.2
        crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c: revision 1.4

libcrypto: Add some trivial tests for truncated SHA-512 variants.
These should use more of the test vectors from
https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing#Testing
but this will do for now to detect the buffer overrun rake we left
lying around for ourselves.
PR lib/58039

libcrypto: Fix buffer overrun in truncated SHA-512 functions.
Further fallout from the libc/openssl sha2 symbol collision.
PR lib/58039


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
    src/crypto/external/bsd/openssl/dist/crypto/evp/legacy_sha.c
cvs rdiff -u -r1.1.1.1.10.1 -r1.1.1.1.10.2 \
    src/crypto/external/bsd/openssl/dist/include/crypto/sha.h
cvs rdiff -u -r1.1.1.1.2.2 -r1.1.1.1.2.3 \
    
src/crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c
cvs rdiff -u -r1.2.6.1 -r1.2.6.2 \
    src/crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c
cvs rdiff -u -r1.394.2.5 -r1.394.2.6 src/distrib/sets/lists/debug/mi
cvs rdiff -u -r1.1238.2.5 -r1.1238.2.6 src/distrib/sets/lists/tests/mi
cvs rdiff -u -r1.14.10.1 -r1.14.10.2 src/tests/crypto/libcrypto/Makefile
cvs rdiff -u -r0 -r1.2.2.2 src/tests/crypto/libcrypto/t_sha512trunc.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssl/dist/crypto/evp/legacy_sha.c
diff -u src/crypto/external/bsd/openssl/dist/crypto/evp/legacy_sha.c:1.1.1.1.2.3 src/crypto/external/bsd/openssl/dist/crypto/evp/legacy_sha.c:1.1.1.1.2.4
--- src/crypto/external/bsd/openssl/dist/crypto/evp/legacy_sha.c:1.1.1.1.2.3	Thu Nov  2 19:32:10 2023
+++ src/crypto/external/bsd/openssl/dist/crypto/evp/legacy_sha.c	Mon Mar 25 14:14:55 2024
@@ -49,9 +49,9 @@ static int nm##_init(EVP_MD_CTX *ctx)   
 #define sha512_256_Init    sha512_256_init
 
 #define sha512_224_Update  SHA512_Update
-#define sha512_224_Final   SHA512_Final
+#define sha512_224_Final   sha512_224_final /* XXX NetBSD libc sha2 */
 #define sha512_256_Update  SHA512_Update
-#define sha512_256_Final   SHA512_Final
+#define sha512_256_Final   sha512_256_final /* XXX NetBSD libc sha2 */
 
 IMPLEMENT_LEGACY_EVP_MD_METH(sha1, SHA1)
 IMPLEMENT_LEGACY_EVP_MD_METH(sha224, SHA224)

Index: src/crypto/external/bsd/openssl/dist/include/crypto/sha.h
diff -u src/crypto/external/bsd/openssl/dist/include/crypto/sha.h:1.1.1.1.10.1 src/crypto/external/bsd/openssl/dist/include/crypto/sha.h:1.1.1.1.10.2
--- src/crypto/external/bsd/openssl/dist/include/crypto/sha.h:1.1.1.1.10.1	Fri Aug 11 13:41:10 2023
+++ src/crypto/external/bsd/openssl/dist/include/crypto/sha.h	Mon Mar 25 14:14:56 2024
@@ -16,6 +16,8 @@
 
 int sha512_224_init(SHA512_CTX *);
 int sha512_256_init(SHA512_CTX *);
+int sha512_224_final(unsigned char *, SHA512_CTX *); /* XXX NetBSD libc sha2 */
+int sha512_256_final(unsigned char *, SHA512_CTX *); /* XXX NetBSD libc sha2 */
 int ossl_sha1_ctrl(SHA_CTX *ctx, int cmd, int mslen, void *ms);
 unsigned char *ossl_sha1(const unsigned char *d, size_t n, unsigned char *md);
 

Index: src/crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c
diff -u src/crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c:1.1.1.1.2.2 src/crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c:1.1.1.1.2.3
--- src/crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c:1.1.1.1.2.2	Fri Aug 11 13:41:18 2023
+++ src/crypto/external/bsd/openssl/dist/providers/implementations/digests/sha2_prov.c	Mon Mar 25 14:14:54 2024
@@ -86,10 +86,12 @@ IMPLEMENT_digest_functions(sha512, SHA51
 /* ossl_sha512_224_functions */
 IMPLEMENT_digest_functions(sha512_224, SHA512_CTX,
                            SHA512_CBLOCK, SHA224_DIGEST_LENGTH, SHA2_FLAGS,
-                           sha512_224_init, SHA512_Update, SHA512_Final)
+                           sha512_224_init, SHA512_Update,
+                           /* XXX NetBSD libc sha2 */sha512_224_final)
 
 /* ossl_sha512_256_functions */
 IMPLEMENT_digest_functions(sha512_256, SHA512_CTX,
                            SHA512_CBLOCK, SHA256_DIGEST_LENGTH, SHA2_FLAGS,
-                           sha512_256_init, SHA512_Update, SHA512_Final)
+                           sha512_256_init, SHA512_Update,
+                           /* XXX NetBSD libc sha2 */sha512_256_final)
 

Index: src/crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c
diff -u src/crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c:1.2.6.1 src/crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c:1.2.6.2
--- src/crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c:1.2.6.1	Fri Aug 11 13:41:55 2023
+++ src/crypto/external/bsd/openssl/lib/libcrypto/libc-sha2xx.c	Mon Mar 25 14:14:56 2024
@@ -47,6 +47,20 @@ sha512_224_init(SHA512_CTX *context)
 }
 
 extern int
+sha512_224_final(unsigned char *md, SHA512_CTX *context);
+int
+sha512_224_final(unsigned char *md, SHA512_CTX *context)
+{
+	unsigned char tmp[64];
+
+	SHA512_Final(tmp, context);
+	memcpy(md, tmp, 28);
+	explicit_memset(tmp, 0, sizeof(tmp));
+	return 1;
+
+}
+
+extern int
 sha512_256_init(SHA512_CTX *context);
 int
 sha512_256_init(SHA512_CTX *context)
@@ -61,3 +75,16 @@ sha512_256_init(SHA512_CTX *context)
 
 	return 1;
 }
+
+extern int
+sha512_256_final(unsigned char *md, SHA512_CTX *context);
+int
+sha512_256_final(unsigned char *md, SHA512_CTX *context)
+{
+	unsigned char tmp[64];
+
+	SHA512_Final(tmp, context);
+	memcpy(md, tmp, 32);
+	explicit_memset(tmp, 0, sizeof(tmp));
+	return 1;
+}

Index: src/distrib/sets/lists/debug/mi
diff -u src/distrib/sets/lists/debug/mi:1.394.2.5 src/distrib/sets/lists/debug/mi:1.394.2.6
--- src/distrib/sets/lists/debug/mi:1.394.2.5	Sun Feb 25 15:47:59 2024
+++ src/distrib/sets/lists/debug/mi	Mon Mar 25 14:14:55 2024
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.394.2.5 2024/02/25 15:47:59 martin Exp $
+# $NetBSD: mi,v 1.394.2.6 2024/03/25 14:14:55 martin Exp $
 ./etc/mtree/set.debug                           comp-sys-root
 ./usr/lib					comp-sys-usr		compatdir
 ./usr/lib/i18n/libBIG5_g.a			comp-c-debuglib		debuglib,compatfile
@@ -1654,6 +1654,7 @@
 ./usr/libdata/debug/usr/tests/crypto/libcrypto/h_srptest.debug		tests-crypto-debug	debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/crypto/libcrypto/h_threadstest.debug	tests-crypto-debug	debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/crypto/libcrypto/h_x509v3test.debug	tests-crypto-debug	debug,atf,compattestfile,openssl=10
+./usr/libdata/debug/usr/tests/crypto/libcrypto/t_sha512trunc.debug	tests-crypto-debug	debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/crypto/opencrypto/h_aescbc.debug		tests-crypto-debug	debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/crypto/opencrypto/h_aesctr1.debug		tests-crypto-debug	debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/crypto/opencrypto/h_aesctr2.debug		tests-crypto-debug	debug,atf,compattestfile

Index: src/distrib/sets/lists/tests/mi
diff -u src/distrib/sets/lists/tests/mi:1.1238.2.5 src/distrib/sets/lists/tests/mi:1.1238.2.6
--- src/distrib/sets/lists/tests/mi:1.1238.2.5	Tue Nov 28 13:17:11 2023
+++ src/distrib/sets/lists/tests/mi	Mon Mar 25 14:14:55 2024
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.1238.2.5 2023/11/28 13:17:11 martin Exp $
+# $NetBSD: mi,v 1.1238.2.6 2024/03/25 14:14:55 martin Exp $
 #
 # Note: don't delete entries from here - mark them as "obsolete" instead.
 #
@@ -1465,6 +1465,7 @@
 ./usr/tests/crypto/libcrypto/t_hashes			tests-crypto-tests	compattestfile,atf
 ./usr/tests/crypto/libcrypto/t_libcrypto		tests-crypto-tests	compattestfile,atf
 ./usr/tests/crypto/libcrypto/t_pubkey			tests-crypto-tests	compattestfile,atf
+./usr/tests/crypto/libcrypto/t_sha512trunc		tests-crypto-tests	compattestfile,atf
 ./usr/tests/crypto/opencrypto				tests-crypto-tests	compattestfile,atf
 ./usr/tests/crypto/opencrypto/Atffile			tests-crypto-tests	compattestfile,atf
 ./usr/tests/crypto/opencrypto/Kyuafile			tests-crypto-tests	compattestfile,atf,kyua

Index: src/tests/crypto/libcrypto/Makefile
diff -u src/tests/crypto/libcrypto/Makefile:1.14.10.1 src/tests/crypto/libcrypto/Makefile:1.14.10.2
--- src/tests/crypto/libcrypto/Makefile:1.14.10.1	Fri Aug 11 13:43:42 2023
+++ src/tests/crypto/libcrypto/Makefile	Mon Mar 25 14:14:55 2024
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.14.10.1 2023/08/11 13:43:42 martin Exp $
+# $NetBSD: Makefile,v 1.14.10.2 2024/03/25 14:14:55 martin Exp $
 
 .include <bsd.own.mk>
 
@@ -18,6 +18,10 @@ SUBDIR += lhash sha x509v3
 
 TESTSDIR=	${TESTSBASE}/crypto/libcrypto
 
+TESTS_C+=		t_sha512trunc
+DPADD.t_sha512trunc+=	${LIBCRYPTO}
+LDADD.t_sha512trunc+=	-lcrypto
+
 .if ${HAVE_OPENSSL} == 10
 TESTS_SH=	t_certs
 .endif

Added files:

Index: src/tests/crypto/libcrypto/t_sha512trunc.c
diff -u /dev/null src/tests/crypto/libcrypto/t_sha512trunc.c:1.2.2.2
--- /dev/null	Mon Mar 25 14:14:56 2024
+++ src/tests/crypto/libcrypto/t_sha512trunc.c	Mon Mar 25 14:14:55 2024
@@ -0,0 +1,170 @@
+/*	$NetBSD: t_sha512trunc.c,v 1.2.2.2 2024/03/25 14:14:55 martin Exp $	*/
+
+/*-
+ * Copyright (c) 2024 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: t_sha512trunc.c,v 1.2.2.2 2024/03/25 14:14:55 martin Exp $");
+
+#include <stddef.h>
+
+#include <atf-c.h>
+
+#include <openssl/evp.h>
+
+#include "h_macros.h"
+
+struct testcase {
+	const unsigned char in[128];
+	size_t inlen;
+	const unsigned char out[32];
+};
+
+static void
+check(const struct testcase *C, size_t n, size_t digestlen, const EVP_MD *md)
+{
+	enum { C0 = 0xc0, C1 = 0xc1 };
+	unsigned char *buf, *digest, *p0, *p1;
+	size_t i;
+
+	ATF_REQUIRE_MSG(digestlen <= INT_MAX, "digestlen=%zu", digestlen);
+	ATF_REQUIRE_EQ_MSG((int)digestlen, EVP_MD_size(md),
+	    "expected %d, got %d", (int)digestlen, EVP_MD_size(md));
+
+	ATF_REQUIRE_MSG(digestlen < SIZE_MAX - 2048,
+	    "digestlen=%zu", digestlen);
+	REQUIRE_LIBC(buf = malloc(digestlen + 2048), NULL);
+	p0 = buf;
+	digest = buf + 1;
+	p1 = buf + 1 + digestlen;
+
+	for (i = 0; i < n; i++) {
+		EVP_MD_CTX *ctx;
+		unsigned digestlen1;
+
+		*p0 = C0;
+		*p1 = C1;
+
+#define	REQUIRE(x)	ATF_REQUIRE_MSG((x), "i=%zu", i)
+		REQUIRE(ctx = EVP_MD_CTX_new());
+		REQUIRE(EVP_DigestInit_ex(ctx, md, NULL));
+		REQUIRE(EVP_DigestUpdate(ctx, C->in, C->inlen));
+		REQUIRE(EVP_DigestFinal_ex(ctx, digest, &digestlen1));
+#undef	REQUIRE
+		ATF_CHECK_MSG(digestlen == digestlen1,
+		    "i=%zu: expected %zu got %u", i, digestlen, digestlen1);
+		EVP_MD_CTX_free(ctx);
+
+		ATF_CHECK_MSG(memcmp(digest, C->out, digestlen) == 0,
+		    "i=%zu", i);
+
+		ATF_CHECK_EQ_MSG(*p0, C0, "expected 0x%x got 0x%hhx", C0, *p0);
+		ATF_CHECK_EQ_MSG(*p1, C1, "expected 0x%x got 0x%hhx", C1, *p1);
+	}
+}
+
+/*
+ * Test vectors from:
+ *
+ * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing#Testing
+ */
+
+ATF_TC(sha512_224);
+ATF_TC_HEAD(sha512_224, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Test SHA512-224");
+}
+ATF_TC_BODY(sha512_224, tc)
+{
+	static const struct testcase C[] = {
+		[0] = {
+			.inlen = 0,
+			.out = {
+				0x6e,0xd0,0xdd,0x02, 0x80,0x6f,0xa8,0x9e,
+				0x25,0xde,0x06,0x0c, 0x19,0xd3,0xac,0x86,
+				0xca,0xbb,0x87,0xd6, 0xa0,0xdd,0xd0,0x5c,
+				0x33,0x3b,0x84,0xf4,
+			},
+		},
+		[1] = {
+			.inlen = 1,
+			.in = {
+				0xcf,
+			},
+			.out = {
+				0x41,0x99,0x23,0x9e, 0x87,0xd4,0x7b,0x6f,
+				0xed,0xa0,0x16,0x80, 0x2b,0xf3,0x67,0xfb,
+				0x6e,0x8b,0x56,0x55, 0xef,0xf6,0x22,0x5c,
+				0xb2,0x66,0x8f,0x4a,
+			},
+		},
+	};
+
+	check(C, __arraycount(C), 28, EVP_sha512_224());
+}
+
+ATF_TC(sha512_256);
+ATF_TC_HEAD(sha512_256, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Test SHA512-256");
+}
+ATF_TC_BODY(sha512_256, tc)
+{
+	static const struct testcase C[] = {
+		[0] = {
+			.inlen = 0,
+			.out = {
+				0xc6,0x72,0xb8,0xd1, 0xef,0x56,0xed,0x28,
+				0xab,0x87,0xc3,0x62, 0x2c,0x51,0x14,0x06,
+				0x9b,0xdd,0x3a,0xd7, 0xb8,0xf9,0x73,0x74,
+				0x98,0xd0,0xc0,0x1e, 0xce,0xf0,0x96,0x7a,
+			},
+		},
+		[1] = {
+			.inlen = 1,
+			.in = {
+				0xfa,
+			},
+			.out = {
+				0xc4,0xef,0x36,0x92, 0x3c,0x64,0xe5,0x1e,
+				0x87,0x57,0x20,0xe5, 0x50,0x29,0x8a,0x5a,
+				0xb8,0xa3,0xf2,0xf8, 0x75,0xb1,0xe1,0xa4,
+				0xc9,0xb9,0x5b,0xab, 0xf7,0x34,0x4f,0xef,
+			},
+		},
+	};
+
+	check(C, __arraycount(C), 32, EVP_sha512_256());
+}
+
+ATF_TP_ADD_TCS(tp)
+{
+
+	ATF_TP_ADD_TC(tp, sha512_224);
+	ATF_TP_ADD_TC(tp, sha512_256);
+
+	return atf_no_error();
+}

CVS commit: [netbsd-10] src

Reply via email to