openbsd/src/lib/libcrypto/hmac, branch libressl-v3.7.0

Make internal header file names consistent

2022-11-26T16:08:57+00:00

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include was fixed manually. discussed with jsing, no objection bcook

Unindent and check some pointers explicitly against NULL

2022-11-19T04:36:52+00:00

Remove HMAC PRIVATE KEY support

2022-11-19T04:32:49+00:00

This is an undocumented feature of openssl genpkey for testing purposes. Emilia removed support for this 'bogus private key format' from OpenSSL in 2017 in commit c26f655fdd18ac19016c1c0496105f5256a1e84d. ok jsing

Check os for NULL before dereferencing it

2022-11-18T20:03:36+00:00

Avoids a segfault when both priv == NULL and os == NULL. ok miod

Include bytestring.h directly rather than pulling it in via asn1_locl.h

2022-11-18T15:10:51+00:00

Wire up HMAC to raw private key methods

2022-11-18T15:01:04+00:00

Obviously, the brilliant API design kitchen decided that an interface carrying public and private key in its name (so that every sane person thinks of asymmetric cryptography), is also perfectly suitable for MACs. Wire up HMAC since Ruby's OpenSSL gem uses these bindings if the build system detects that EVP_PKEY_new_raw_public_key() is available in evp.h. While there, also add the missing pub_cmp() ameth, which obviously treats two things as equal by returning 1. Reported by jeremy and anton, fixes regress/lib/libssl/openssl-ruby tests ok jsing

Change the pkey.ptr from char * to void *

2022-11-18T14:45:10+00:00

Now that EVP_PKEY is opaque, there is no reason to keep the ptr member of the pkey union as a weird char pointer, a void pointer will do. This avoids a few stupid casts and simplifies an upcoming diff. ok jsing

Add support for symbol hiding disabled by default.

2022-11-11T11:25:18+00:00

Fully explained in libcrypto/README. TL;DR make sure libcrypto and libssl's function calls internally and to each other are via symbol names that won't get overridden by linking other libraries. Mostly work by guenther@, which will currently be gated behind a build setting NAMESPACE=yes. once we convert all the symbols to this method we will do a major bump and pick up the changes. ok tb@ jsing@

Fix HMAC() with NULL key

2022-05-05T18:29:34+00:00

If a NULL key is passed to HMAC_Init_ex(), it tries to reuse the previous key. This makes no sense inside HMAC() since the HMAC_CTX has no key set yet. This is hit by HKDF() with NULL salt() via the EVP API and results in a few Wycheproof test failures. If key is NULL, use a zero length dummy key. This was not hit from wycheproof.go since we pass a []byte with a single NUL from Go. Matches OpenSSL if key is NULL and key_len is 0. If key_len != 0, OpenSSL will still fail by passing a NULL key which makes no sense, so set key_len to 0 instead. ok beck jsing

Avoid segfaults in EVP_PKEY_CTX_free()

2022-03-30T07:17:48+00:00

It is possible to call pmeth->cleanup() with an EVP_PKEY_CTX whose data is NULL. If pmeth->init() in int_ctx_new() fails, EVP_PKEY_CTX_free() is called with such a context. This in turn calls pmeth->cleanup(), and thus these cleanup functions must be careful not to use NULL data. Most of them are, but one of GOST's functions and HMAC's aren't. Reported for HMAC by Masaru Masada https://github.com/libressl-portable/openbsd/issues/129 ok bcook jsing