From d030892312a2e7076511205e7fe1a5eae98e5102 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 5 Apr 2019 10:47:05 +0100 Subject: [PATCH] Add a legacy provider and put MD2 in it Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8541) --- Configure | 6 +- INSTALL | 4 ++ crypto/evp/digest.c | 1 + crypto/property/property_parse.c | 1 + providers/build.info | 11 +++ providers/legacy/build.info | 4 ++ providers/legacy/digests/build.info | 4 ++ providers/legacy/digests/md2.c | 63 +++++++++++++++++ providers/legacy/legacyprov.c | 101 ++++++++++++++++++++++++++++ test/md2test.c | 14 ++++ test/recipes/05-test_md2.t | 5 ++ 11 files changed, 212 insertions(+), 2 deletions(-) create mode 100644 providers/legacy/build.info create mode 100644 providers/legacy/digests/build.info create mode 100644 providers/legacy/digests/md2.c create mode 100644 providers/legacy/legacyprov.c diff --git a/Configure b/Configure index 6702bc6e6c..3b7ca360b6 100755 --- a/Configure +++ b/Configure @@ -374,6 +374,7 @@ my @disablables = ( "fuzz-afl", "gost", "idea", + "legacy", "makedepend", "md2", "md4", @@ -513,7 +514,7 @@ my @disable_cascades = ( # or modules. "pic" => [ "shared", "module" ], - "module" => [ "fips" ], + "module" => [ "fips", "legacy" ], "engine" => [ grep /eng$/, @disablables ], "hw" => [ "padlockeng" ], @@ -532,6 +533,7 @@ my @disable_cascades = ( sub { !$disabled{"msan"} } => [ "asm" ], sub { $disabled{cmac}; } => [ "siv" ], + "legacy" => [ "md2" ], ); # Avoid protocol support holes. Also disable all versions below N, if version @@ -1226,7 +1228,7 @@ foreach my $what (sort keys %disabled) { if (!grep { $what eq $_ } ( 'buildtest-c++', 'fips', 'threads', 'shared', 'module', 'pic', 'dynamic-engine', 'makedepend', - 'zlib-dynamic', 'zlib', 'sse2' )) { + 'zlib-dynamic', 'zlib', 'sse2', 'legacy' )) { (my $WHAT = uc $what) =~ s|-|_|g; my $skipdir = $what; diff --git a/INSTALL b/INSTALL index c496e79e23..50722a10ea 100644 --- a/INSTALL +++ b/INSTALL @@ -409,6 +409,10 @@ available if the GOST algorithms are also available through loading an externally supplied engine. + no-legacy + Don't build the legacy provider. Disabling this also disables + the legacy algorithms: MD2 (already disabled by default). + no-makedepend Don't generate dependencies. diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 1af8d82658..527c5d66b0 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -145,6 +145,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) if (type->prov == NULL) { switch(type->type) { case NID_sha256: + case NID_md2: break; default: goto legacy; diff --git a/crypto/property/property_parse.c b/crypto/property/property_parse.c index 074da51c6b..faaaee8fb2 100644 --- a/crypto/property/property_parse.c +++ b/crypto/property/property_parse.c @@ -523,6 +523,7 @@ int ossl_property_parse_init(void) { static const char *const predefined_names[] = { "default", /* Being provided by the default built-in provider */ + "legacy", /* Provided by the legacy provider */ "provider", /* Name of provider (default, fips) */ "version", /* Version number of this provider */ "fips", /* FIPS supporting provider */ diff --git a/providers/build.info b/providers/build.info index b2b53849cb..1628e1feb4 100644 --- a/providers/build.info +++ b/providers/build.info @@ -10,3 +10,14 @@ IF[{- !$disabled{fips} -}] INCLUDE[fips]=.. ../include ../crypto/include DEFINE[fips]=FIPS_MODE ENDIF + +IF[{- !$disabled{legacy} -}] + SUBDIRS=legacy + MODULES=legacy + IF[{- defined $target{shared_defflag} -}] + SOURCE[legacy]=legacy.ld + GENERATE[legacy.ld]=../util/providers.num + ENDIF + INCLUDE[legacy]=.. ../include ../crypto/include + DEPEND[legacy]=../libcrypto +ENDIF diff --git a/providers/legacy/build.info b/providers/legacy/build.info new file mode 100644 index 0000000000..df7e9ac750 --- /dev/null +++ b/providers/legacy/build.info @@ -0,0 +1,4 @@ +SUBDIRS=digests + +SOURCE[../legacy]=\ + legacyprov.c diff --git a/providers/legacy/digests/build.info b/providers/legacy/digests/build.info new file mode 100644 index 0000000000..c4e1278ac2 --- /dev/null +++ b/providers/legacy/digests/build.info @@ -0,0 +1,4 @@ +IF[{- !$disabled{md2} -}] + SOURCE[../../legacy]=\ + md2.c +ENDIF diff --git a/providers/legacy/digests/md2.c b/providers/legacy/digests/md2.c new file mode 100644 index 0000000000..c941dd7d33 --- /dev/null +++ b/providers/legacy/digests/md2.c @@ -0,0 +1,63 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include + +static int md2_final(void *ctx, unsigned char *md, size_t *size) +{ + if (MD2_Final(md, ctx)) { + *size = MD2_DIGEST_LENGTH; + return 1; + } + + return 0; +} + +static void *md2_newctx(void) +{ + MD2_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); + + return ctx; +} + +static void md2_freectx(void *vctx) +{ + MD2_CTX *ctx = (MD2_CTX *)vctx; + + OPENSSL_clear_free(ctx, sizeof(*ctx)); +} + +static void *md2_dupctx(void *ctx) +{ + MD2_CTX *in = (MD2_CTX *)ctx; + MD2_CTX *ret = OPENSSL_malloc(sizeof(*ret)); + + *ret = *in; + + return ret; +} + +static size_t md2_size(void) +{ + return MD2_DIGEST_LENGTH; +} + +extern const OSSL_DISPATCH md2_functions[]; +const OSSL_DISPATCH md2_functions[] = { + { OSSL_FUNC_DIGEST_NEWCTX, (void (*)(void))md2_newctx }, + { OSSL_FUNC_DIGEST_INIT, (void (*)(void))MD2_Init }, + { OSSL_FUNC_DIGEST_UPDDATE, (void (*)(void))MD2_Update }, + { OSSL_FUNC_DIGEST_FINAL, (void (*)(void))md2_final }, + { OSSL_FUNC_DIGEST_FREECTX, (void (*)(void))md2_freectx }, + { OSSL_FUNC_DIGEST_DUPCTX, (void (*)(void))md2_dupctx }, + { OSSL_FUNC_DIGEST_SIZE, (void (*)(void))md2_size }, + { 0, NULL } +}; diff --git a/providers/legacy/legacyprov.c b/providers/legacy/legacyprov.c new file mode 100644 index 0000000000..48e89338d4 --- /dev/null +++ b/providers/legacy/legacyprov.c @@ -0,0 +1,101 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include + +/* Functions provided by the core */ +static OSSL_core_get_param_types_fn *c_get_param_types = NULL; +static OSSL_core_get_params_fn *c_get_params = NULL; + +/* Parameters we provide to the core */ +static const OSSL_ITEM legacy_param_types[] = { + { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_NAME }, + { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_VERSION }, + { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_BUILDINFO }, + { 0, NULL } +}; + +static const OSSL_ITEM *legacy_get_param_types(const OSSL_PROVIDER *prov) +{ + return legacy_param_types; +} + +static int legacy_get_params(const OSSL_PROVIDER *prov, + const OSSL_PARAM params[]) +{ + const OSSL_PARAM *p; + + p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME); + if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL Legacy Provider")) + return 0; + p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION); + if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR)) + return 0; + p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO); + if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR)) + return 0; + + return 1; +} + +extern const OSSL_DISPATCH md2_functions[]; + +static const OSSL_ALGORITHM legacy_digests[] = { +#ifndef OPENSSL_NO_MD2 + { "MD2", "legacy=yes", md2_functions }, +#endif + { NULL, NULL, NULL } +}; + +static const OSSL_ALGORITHM *legacy_query(OSSL_PROVIDER *prov, + int operation_id, + int *no_cache) +{ + *no_cache = 0; + switch (operation_id) { + case OSSL_OP_DIGEST: + return legacy_digests; + } + return NULL; +} + +/* Functions we provide to the core */ +static const OSSL_DISPATCH legacy_dispatch_table[] = { + { OSSL_FUNC_PROVIDER_GET_PARAM_TYPES, (void (*)(void))legacy_get_param_types }, + { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))legacy_get_params }, + { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))legacy_query }, + { 0, NULL } +}; + +int OSSL_provider_init(const OSSL_PROVIDER *provider, + const OSSL_DISPATCH *in, + const OSSL_DISPATCH **out) +{ + for (; in->function_id != 0; in++) { + switch (in->function_id) { + case OSSL_FUNC_CORE_GET_PARAM_TYPES: + c_get_param_types = OSSL_get_core_get_param_types(in); + break; + case OSSL_FUNC_CORE_GET_PARAMS: + c_get_params = OSSL_get_core_get_params(in); + break; + /* Just ignore anything we don't understand */ + default: + break; + } + } + + *out = legacy_dispatch_table; + return 1; +} diff --git a/test/md2test.c b/test/md2test.c index 3491e13e10..47f55b75e3 100644 --- a/test/md2test.c +++ b/test/md2test.c @@ -9,9 +9,12 @@ #include +#include #include "internal/nelem.h" #include "testutil.h" +static OSSL_PROVIDER *prov = NULL; + #ifndef OPENSSL_NO_MD2 # include # include @@ -58,6 +61,17 @@ static int test_md2(int n) } #endif +int global_init(void) +{ + prov = OSSL_PROVIDER_load(NULL, "legacy"); + + return prov != NULL; +} +void cleanup_tests(void) +{ + OSSL_PROVIDER_unload(prov); +} + int setup_tests(void) { #ifndef OPENSSL_NO_MD2 diff --git a/test/recipes/05-test_md2.t b/test/recipes/05-test_md2.t index 8ac4f38bd1..e60e7912f3 100644 --- a/test/recipes/05-test_md2.t +++ b/test/recipes/05-test_md2.t @@ -8,5 +8,10 @@ use OpenSSL::Test::Simple; +use OpenSSL::Test qw/:DEFAULT bldtop_dir/; + +setup("test_md2"); + +$ENV{OPENSSL_MODULES} = bldtop_dir("providers"); simple_test("test_md2", "md2test", "md2"); -- 2.25.1