summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/hidden
diff options
context:
space:
mode:
authorbeck <>2022-11-11 11:25:18 +0000
committerbeck <>2022-11-11 11:25:18 +0000
commit83e73dadd90af52585df1bcce4e5b84da25fe19e (patch)
treeed6caa2922a04c9566669564e9dda8a563bf522a /src/lib/libcrypto/hidden
parent522ea7abc19e814a672474a8f25f67f470ceb772 (diff)
downloadopenbsd-83e73dadd90af52585df1bcce4e5b84da25fe19e.tar.gz
openbsd-83e73dadd90af52585df1bcce4e5b84da25fe19e.tar.bz2
openbsd-83e73dadd90af52585df1bcce4e5b84da25fe19e.zip
Add support for symbol hiding disabled by default.
Fully explained in libcrypto/README. TL;DR make sure libcrypto and libssl's function calls internally and to each other are via symbol names that won't get overridden by linking other libraries. Mostly work by guenther@, which will currently be gated behind a build setting NAMESPACE=yes. once we convert all the symbols to this method we will do a major bump and pick up the changes. ok tb@ jsing@
Diffstat (limited to 'src/lib/libcrypto/hidden')
-rw-r--r--src/lib/libcrypto/hidden/README40
-rw-r--r--src/lib/libcrypto/hidden/crypto_namespace.h44
-rw-r--r--src/lib/libcrypto/hidden/openssl/hmac.h36
3 files changed, 120 insertions, 0 deletions
diff --git a/src/lib/libcrypto/hidden/README b/src/lib/libcrypto/hidden/README
new file mode 100644
index 0000000000..c41830cf55
--- /dev/null
+++ b/src/lib/libcrypto/hidden/README
@@ -0,0 +1,40 @@
1The goals:
21) calls from inside libcrypto to other libcrypto functions should
3 be via identifiers that are of hidden visibility and -- to avoid
4 confusion or conflicts -- are in the reserved namespace. By
5 doing this these calls are protected from being overridden by
6 applications and on many platforms can avoid creation or use of
7 GOT or PLT entries. I've chosen a prefix of "_lcry_" for this.
8 Note that these symbols aren't in the dynamic symbol table of the
9 libcrypto.so shared library...but they are visible in the static
10 library.
11
122) calls from libssl to symbols in libcrypto should be via identifiers
13 which won't be accidentally overridden by the application, libc,
14 other random crypto libraries that are pulled in, etc. I've
15 chosen a prefix of "_libre_" for this.
16
17These will not be declared directly; instead, the gcc "asm labels"
18extension will be used rename the function. In order to actually
19set up the desired asm labels, we use these in the internal .h
20files:
21
22 LCRYPTO_USED(x) Symbols used both internally and externally
23 In builds of libcrypto, this makes gcc convert use of x to
24 use _libre_x instead. In other builds that use these headers,
25 it makes gcc convert use of x to use _libre_x instead. Use
26 LCRYPTO_ALIAS(x) to create the external aliases.
27 ex: LCRYPTO_USED(SSL_get_verify_mode)
28
29 LCRYPTO_UNUSED(x) Symbols that are not used internally or by libssl
30 No renaming is done. In builds of libcrypto, the symbol
31 is marked as deprecated to detect unintentional use of such
32 a synbol, so that it can be marked as used going forward.
33 ex: LCRYPTO_UNUSED(SSL_CIPHER_get_name)
34
35Finally, to create the expected aliases, we use these in the .c files
36where the definitions are:
37 LCRYPTO_ALIAS(x)
38 This defines both x and _libre_x as strong aliases for _lcry_x.
39 Match uses of this with uses of LCRYPTO_USED()
40 ex: LCRYPTO_ALIAS(SSL_get_verify_mode)
diff --git a/src/lib/libcrypto/hidden/crypto_namespace.h b/src/lib/libcrypto/hidden/crypto_namespace.h
new file mode 100644
index 0000000000..6ceef26e2d
--- /dev/null
+++ b/src/lib/libcrypto/hidden/crypto_namespace.h
@@ -0,0 +1,44 @@
1/* $OpenBSD: crypto_namespace.h,v 1.1 2022/11/11 11:25:18 beck Exp $ */
2/*
3 * Copyright (c) 2016 Philip Guenther <guenther@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#ifndef _LIBCRYPTO_CRYPTO_NAMESPACE_H_
19#define _LIBCRYPTO_CRYPTO_NAMESPACE_H_
20
21/*
22 * If marked as 'used', then internal calls use the name with prefix "_lcry_"
23 * and we alias that to the normal name *and* the name with prefix "_libre_";
24 * external calls use the latter name.
25 */
26
27#ifdef LIBRESSL_NAMESPACE
28# define LCRYPTO_UNUSED(x) typeof(x) x __attribute__((deprecated))
29#ifdef LIBRESSL_CRYPTO_NAMESPACE
30# define LCRYPTO_USED(x) __attribute__((visibility("hidden"))) \
31 typeof(x) x asm("_lcry_"#x)
32# define LCRYPTO_ALIAS1(pre,x) asm(".global "#pre#x"; "#pre#x" = _lcry_"#x)
33# define LCRYPTO_ALIAS(x) LCRYPTO_ALIAS1(,x); LCRYPTO_ALIAS1(_libre_,x);
34#else
35# define LCRYPTO_USED(x) typeof(x) x asm("_libre_"#x)
36#endif
37#else
38# define LCRYPTO_UNUSED(x)
39# define LCRYPTO_USED(x)
40# define LCRYPTO_ALIAS1(pre,x)
41# define LCRYPTO_ALIAS(x)
42#endif
43
44#endif /* _LIBCRYPTO_CRYPTO_NAMESPACE_H_ */
diff --git a/src/lib/libcrypto/hidden/openssl/hmac.h b/src/lib/libcrypto/hidden/openssl/hmac.h
new file mode 100644
index 0000000000..d8370945d0
--- /dev/null
+++ b/src/lib/libcrypto/hidden/openssl/hmac.h
@@ -0,0 +1,36 @@
1/* $OpenBSD: hmac.h,v 1.1 2022/11/11 11:25:18 beck Exp $ */
2/*
3 * Copyright (c) 2016 Philip Guenther <guenther@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#ifndef _LIBCRYPTO_HMAC_H_
19#define _LIBCRYPTO_HMAC_H_
20
21#include_next <openssl/hmac.h>
22#include "crypto_namespace.h"
23
24LCRYPTO_USED(HMAC_CTX_new);
25LCRYPTO_USED(HMAC_CTX_free);
26LCRYPTO_UNUSED(HMAC_CTX_reset);
27LCRYPTO_UNUSED(HMAC_Init);
28LCRYPTO_USED(HMAC_Init_ex);
29LCRYPTO_USED(HMAC_Update);
30LCRYPTO_USED(HMAC_Final);
31LCRYPTO_USED(HMAC);
32LCRYPTO_USED(HMAC_CTX_copy);
33LCRYPTO_USED(HMAC_CTX_set_flags);
34LCRYPTO_USED(HMAC_CTX_get_md);
35
36#endif /* _LIBCRYPTO_HMAC_H_ */