From aec8de1a5f0b3f6e6279266b45836d6c9f6878df Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 8 Apr 2020 15:41:05 +0200 Subject: [PATCH] CMS KARI: Temporarly downgrade newly generated EVP_PKEYs to legacy The EVP_PKEY_ASN1_METHOD code used by CMS_RecipientInfo_kari_decrypt() and cms_RecipientInfo_kari_encrypt() is quite complex and needs more careful thought to work with provider side keys. Unfortunately, we need to get key generation in place, among others for ECC keys, so we add a temporary hack, similar to what's already done in TLS code, that downgrades a provider side EVP_PKEY to become EVP_PKEY_ASN1_METHOD / EVP_PKEY_METHOD based. Reviewed-by: Matt Caswell Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/11501) --- crypto/cms/cms_err.c | 2 +- crypto/cms/cms_kari.c | 47 ++++++++++++++++++++++++++++++++++++++++ crypto/err/openssl.txt | 1 + include/openssl/cmserr.h | 1 + 4 files changed, 50 insertions(+), 1 deletion(-) diff --git a/crypto/cms/cms_err.c b/crypto/cms/cms_err.c index 98500d7cba..526d77357e 100644 --- a/crypto/cms/cms_err.c +++ b/crypto/cms/cms_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c index 3299e9b5f5..a44aca6535 100644 --- a/crypto/cms/cms_kari.c +++ b/crypto/cms/cms_kari.c @@ -248,6 +248,27 @@ int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms, size_t enckeylen; size_t ceklen; CMS_EncryptedContentInfo *ec; + + { + /* + * TODO(3.0) Remove this when we have functionality to deserialize + * parameters in EVP_PKEY form from an X509_ALGOR. + * This is needed to be able to replace the EC_KEY specific decoding + * that happens in ecdh_cms_set_peerkey() (crypto/ec/ec_ameth.c) + * + * THIS IS TEMPORARY + */ + EVP_PKEY_CTX *pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); + EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx); + + EVP_PKEY_get0(pkey); + if (EVP_PKEY_id(pkey) == EVP_PKEY_NONE) { + CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_DECRYPT, + CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); + goto err; + } + } + enckeylen = rek->encryptedKey->length; enckey = rek->encryptedKey->data; /* Setup all parameters to derive KEK */ @@ -446,6 +467,32 @@ int cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms, STACK_OF(CMS_RecipientEncryptedKey) *reks; int i; + { + /* + * TODO(3.0) Remove this when we have figured out all the details + * need to set up encryption right. With legacy keys, a *lot* is + * happening in the CMS specific EVP_PKEY_ASN1_METHOD functions, + * such as automatically setting a default KDF type, KDF digest, + * all that kind of stuff. + * With EVP_SIGNATURE, setting a default digest is done by getting + * the default MD for the key, and then inject that back into the + * signature implementation... we could do something similar with + * CMS, possibly using CMS specific OSSL_PARAM keys, just like we + * have for certain AlgorithmIdentifier retrievals. + * + * THIS IS TEMPORARY + */ + EVP_PKEY_CTX *pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); + EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx); + + EVP_PKEY_get0(pkey); + if (EVP_PKEY_id(pkey) == EVP_PKEY_NONE) { + CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT, + CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); + return 0; + } + } + if (ri->type != CMS_RECIPINFO_AGREE) { CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT, CMS_R_NOT_KEY_AGREEMENT); return 0; diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 80b92f8476..cf6b9cd893 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -291,6 +291,7 @@ CMS_F_CMS_RECEIPTREQUEST_CREATE0:159:CMS_ReceiptRequest_create0 CMS_F_CMS_RECEIPT_VERIFY:160:cms_Receipt_verify CMS_F_CMS_RECIPIENTINFO_DECRYPT:134:CMS_RecipientInfo_decrypt CMS_F_CMS_RECIPIENTINFO_ENCRYPT:169:CMS_RecipientInfo_encrypt +CMS_F_CMS_RECIPIENTINFO_KARI_DECRYPT:188: CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT:178:cms_RecipientInfo_kari_encrypt CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG:175:CMS_RecipientInfo_kari_get0_alg CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID:173:\ diff --git a/include/openssl/cmserr.h b/include/openssl/cmserr.h index 494ae6191a..d4d8134171 100644 --- a/include/openssl/cmserr.h +++ b/include/openssl/cmserr.h @@ -87,6 +87,7 @@ int ERR_load_CMS_strings(void); # define CMS_F_CMS_RECEIPT_VERIFY 0 # define CMS_F_CMS_RECIPIENTINFO_DECRYPT 0 # define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 0 +# define CMS_F_CMS_RECIPIENTINFO_KARI_DECRYPT 0 # define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 0 # define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 0 # define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 0 -- 2.25.1