From 437b7aac4231ead6a94ceec52527723a4251d08f Mon Sep 17 00:00:00 2001 From: jsing <> Date: Mon, 28 Aug 2017 17:41:59 +0000 Subject: Remove RSA_padding_add_SSLv23()/RSA_padding_check_SSLv23() and related code. We removed SSLv2/SSLv3 a long time ago... Discussed with doug@ --- src/lib/libcrypto/Makefile | 4 +- src/lib/libcrypto/Symbols.list | 2 - src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 | 6 +- .../libcrypto/man/RSA_padding_add_PKCS1_type_1.3 | 25 +--- src/lib/libcrypto/man/RSA_public_encrypt.3 | 7 +- src/lib/libcrypto/rsa/rsa.h | 9 +- src/lib/libcrypto/rsa/rsa_eay.c | 9 +- src/lib/libcrypto/rsa/rsa_pmeth.c | 4 +- src/lib/libcrypto/rsa/rsa_ssl.c | 147 --------------------- 9 files changed, 11 insertions(+), 202 deletions(-) delete mode 100644 src/lib/libcrypto/rsa/rsa_ssl.c (limited to 'src/lib') diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile index 7ad76c881a..5432bab176 100644 --- a/src/lib/libcrypto/Makefile +++ b/src/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.22 2017/08/20 17:53:12 espie Exp $ +# $OpenBSD: Makefile,v 1.23 2017/08/28 17:41:59 jsing Exp $ LIB= crypto LIBREBUILD=y @@ -225,7 +225,7 @@ SRCS+= rmd_dgst.c rmd_one.c # rsa/ SRCS+= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c -SRCS+= rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c +SRCS+= rsa_pk1.c rsa_none.c rsa_oaep.c rsa_chk.c SRCS+= rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c SRCS+= rsa_pmeth.c rsa_crpt.c diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list index 94442cc5e3..53aa96939a 100644 --- a/src/lib/libcrypto/Symbols.list +++ b/src/lib/libcrypto/Symbols.list @@ -2193,13 +2193,11 @@ RSA_padding_add_PKCS1_PSS RSA_padding_add_PKCS1_PSS_mgf1 RSA_padding_add_PKCS1_type_1 RSA_padding_add_PKCS1_type_2 -RSA_padding_add_SSLv23 RSA_padding_add_X931 RSA_padding_add_none RSA_padding_check_PKCS1_OAEP RSA_padding_check_PKCS1_type_1 RSA_padding_check_PKCS1_type_2 -RSA_padding_check_SSLv23 RSA_padding_check_X931 RSA_padding_check_none RSA_print diff --git a/src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 b/src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 index 2ceae6ee20..b65ea0d5d3 100644 --- a/src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 +++ b/src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_PKEY_CTX_ctrl.3,v 1.7 2017/08/20 18:51:58 schwarze Exp $ +.\" $OpenBSD: EVP_PKEY_CTX_ctrl.3,v 1.8 2017/08/28 17:41:59 jsing Exp $ .\" OpenSSL EVP_PKEY_CTX_ctrl.pod 1722496f Jun 8 15:18:38 2017 -0400 .\" OpenSSL EVP_PKEY_CTX_ctrl.pod e03af178 Dec 11 17:05:57 2014 -0500 .\" @@ -50,7 +50,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 20 2017 $ +.Dd $Mdocdate: August 28 2017 $ .Dt EVP_PKEY_CTX_CTRL 3 .Os .Sh NAME @@ -191,8 +191,6 @@ The parameter can take the value .Dv RSA_PKCS1_PADDING for PKCS#1 padding, -.Dv RSA_SSLV23_PADDING -for SSLv23 padding, .Dv RSA_NO_PADDING for no padding, .Dv RSA_PKCS1_OAEP_PADDING diff --git a/src/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 b/src/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 index 29a0eae1b4..2d67440355 100644 --- a/src/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 +++ b/src/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: RSA_padding_add_PKCS1_type_1.3,v 1.5 2017/08/20 20:45:18 schwarze Exp $ +.\" $OpenBSD: RSA_padding_add_PKCS1_type_1.3,v 1.6 2017/08/28 17:41:59 jsing Exp $ .\" OpenSSL 1e3f62a3 Jul 17 16:47:13 2017 +0200 .\" .\" This file was written by Ulf Moeller . @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 20 2017 $ +.Dd $Mdocdate: August 28 2017 $ .Dt RSA_PADDING_ADD_PKCS1_TYPE_1 3 .Os .Sh NAME @@ -58,8 +58,6 @@ .Nm RSA_padding_check_PKCS1_type_2 , .Nm RSA_padding_add_PKCS1_OAEP , .Nm RSA_padding_check_PKCS1_OAEP , -.Nm RSA_padding_add_SSLv23 , -.Nm RSA_padding_check_SSLv23 , .Nm RSA_padding_add_none , .Nm RSA_padding_check_none .Nd asymmetric encryption padding @@ -115,21 +113,6 @@ .Fa "int pl" .Fc .Ft int -.Fo RSA_padding_add_SSLv23 -.Fa "unsigned char *to" -.Fa "int tlen" -.Fa "unsigned char *f" -.Fa "int fl" -.Fc -.Ft int -.Fo RSA_padding_check_SSLv23 -.Fa "unsigned char *to" -.Fa "int tlen" -.Fa "unsigned char *f" -.Fa "int fl" -.Fa "int rsa_len" -.Fc -.Ft int .Fo RSA_padding_add_none .Fa "unsigned char *to" .Fa "int tlen" @@ -181,8 +164,6 @@ used for signatures PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2) .It PKCS1_OAEP PKCS #1 v2.0 EME-OAEP -.It SSLv23 -PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification .It none simply copy the data .El @@ -235,8 +216,6 @@ Error codes can be obtained by calling .Fn RSA_padding_check_PKCS1_type_1 , .Fn RSA_padding_add_PKCS1_type_2 , .Fn RSA_padding_check_PKCS1_type_2 , -.Fn RSA_padding_add_SSLv23 , -.Fn RSA_padding_check_SSLv23 , .Fn RSA_padding_add_none , and .Fn RSA_padding_check_none diff --git a/src/lib/libcrypto/man/RSA_public_encrypt.3 b/src/lib/libcrypto/man/RSA_public_encrypt.3 index c830d5d767..be90fb12d8 100644 --- a/src/lib/libcrypto/man/RSA_public_encrypt.3 +++ b/src/lib/libcrypto/man/RSA_public_encrypt.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: RSA_public_encrypt.3,v 1.7 2017/08/20 20:53:04 schwarze Exp $ +.\" $OpenBSD: RSA_public_encrypt.3,v 1.8 2017/08/28 17:41:59 jsing Exp $ .\" OpenSSL RSA_public_encrypt.pod 1e3f62a3 Jul 17 16:47:13 2017 +0200 .\" .\" This file was written by Ulf Moeller . @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 20 2017 $ +.Dd $Mdocdate: August 28 2017 $ .Dt RSA_PUBLIC_ENCRYPT 3 .Os .Sh NAME @@ -98,9 +98,6 @@ This currently is the most widely used mode. EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty encoding parameter. This mode is recommended for all new applications. -.It Dv RSA_SSLV23_PADDING -PKCS #1 v1.5 padding with an SSL-specific modification that denotes that -the server is SSL3 capable. .It Dv RSA_NO_PADDING Raw RSA encryption. This mode should only be used to implement cryptographically sound diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h index febeb297d0..777f2fed9e 100644 --- a/src/lib/libcrypto/rsa/rsa.h +++ b/src/lib/libcrypto/rsa/rsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa.h,v 1.29 2016/09/04 17:25:27 jsing Exp $ */ +/* $OpenBSD: rsa.h,v 1.30 2017/08/28 17:41:59 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -242,7 +242,6 @@ struct rsa_st { #define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8) #define RSA_PKCS1_PADDING 1 -#define RSA_SSLV23_PADDING 2 #define RSA_NO_PADDING 3 #define RSA_PKCS1_OAEP_PADDING 4 #define RSA_X931_PADDING 5 @@ -367,10 +366,6 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, const unsigned char *f, int fl, int rsa_len, const unsigned char *p, int pl); -int RSA_padding_add_SSLv23(unsigned char *to, int tlen, - const unsigned char *f, int fl); -int RSA_padding_check_SSLv23(unsigned char *to, int tlen, - const unsigned char *f, int fl, int rsa_len); int RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *f, int fl); int RSA_padding_check_none(unsigned char *to, int tlen, @@ -464,13 +459,11 @@ void ERR_load_RSA_strings(void); #define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 -#define RSA_F_RSA_PADDING_ADD_SSLV23 110 #define RSA_F_RSA_PADDING_ADD_X931 127 #define RSA_F_RSA_PADDING_CHECK_NONE 111 #define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 -#define RSA_F_RSA_PADDING_CHECK_SSLV23 114 #define RSA_F_RSA_PADDING_CHECK_X931 128 #define RSA_F_RSA_PRINT 115 #define RSA_F_RSA_PRINT_FP 116 diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index 6c3da0d656..8e8c6d520d 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_eay.c,v 1.49 2017/05/02 03:59:45 deraadt Exp $ */ +/* $OpenBSD: rsa_eay.c,v 1.50 2017/08/28 17:41:59 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -200,9 +200,6 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, i = RSA_padding_add_PKCS1_OAEP(buf, num, from, flen, NULL, 0); break; #endif - case RSA_SSLV23_PADDING: - i = RSA_padding_add_SSLv23(buf, num, from, flen); - break; case RSA_NO_PADDING: i = RSA_padding_add_none(buf, num, from, flen); break; @@ -383,7 +380,6 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, case RSA_NO_PADDING: i = RSA_padding_add_none(buf, num, from, flen); break; - case RSA_SSLV23_PADDING: default: RSAerror(RSA_R_UNKNOWN_PADDING_TYPE); goto err; @@ -573,9 +569,6 @@ RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to, r = RSA_padding_check_PKCS1_OAEP(to, num, buf, j, num, NULL, 0); break; #endif - case RSA_SSLV23_PADDING: - r = RSA_padding_check_SSLv23(to, num, buf, j, num); - break; case RSA_NO_PADDING: r = RSA_padding_check_none(to, num, buf, j, num); break; diff --git a/src/lib/libcrypto/rsa/rsa_pmeth.c b/src/lib/libcrypto/rsa/rsa_pmeth.c index 2ef1f3c64a..b4a4e730c0 100644 --- a/src/lib/libcrypto/rsa/rsa_pmeth.c +++ b/src/lib/libcrypto/rsa/rsa_pmeth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_pmeth.c,v 1.19 2017/01/29 17:49:23 beck Exp $ */ +/* $OpenBSD: rsa_pmeth.c,v 1.20 2017/08/28 17:41:59 jsing Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -466,8 +466,6 @@ pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) int pm; if (!strcmp(value, "pkcs1")) pm = RSA_PKCS1_PADDING; - else if (!strcmp(value, "sslv23")) - pm = RSA_SSLV23_PADDING; else if (!strcmp(value, "none")) pm = RSA_NO_PADDING; else if (!strcmp(value, "oeap")) diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c deleted file mode 100644 index 60fc8ec94f..0000000000 --- a/src/lib/libcrypto/rsa/rsa_ssl.c +++ /dev/null @@ -1,147 +0,0 @@ -/* $OpenBSD: rsa_ssl.c,v 1.15 2017/01/29 17:49:23 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include -#include - -int -RSA_padding_add_SSLv23(unsigned char *to, int tlen, const unsigned char *from, - int flen) -{ - int i, j; - unsigned char *p; - - if (flen > tlen - 11) { - RSAerror(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return 0; - } - - p = (unsigned char *)to; - - *(p++) = 0; - *(p++) = 2; /* Public Key BT (Block Type) */ - - /* pad out with non-zero random data */ - j = tlen - 3 - 8 - flen; - - arc4random_buf(p, j); - for (i = 0; i < j; i++) { - while (*p == '\0') - arc4random_buf(p, 1); - p++; - } - - memset(p, 3, 8); - p += 8; - *(p++) = '\0'; - - memcpy(p, from, flen); - return 1; -} - -int -RSA_padding_check_SSLv23(unsigned char *to, int tlen, const unsigned char *from, - int flen, int num) -{ - int i, j, k; - const unsigned char *p; - - p = from; - if (flen < 10) { - RSAerror(RSA_R_DATA_TOO_SMALL); - return -1; - } - if (num != flen + 1 || *(p++) != 02) { - RSAerror(RSA_R_BLOCK_TYPE_IS_NOT_02); - return -1; - } - - /* scan over padding data */ - j = flen - 1; /* one for type */ - for (i = 0; i < j; i++) - if (*(p++) == 0) - break; - - if (i == j || i < 8) { - RSAerror(RSA_R_NULL_BEFORE_BLOCK_MISSING); - return -1; - } - for (k = -9; k < -1; k++) { - if (p[k] != 0x03) - break; - } - if (k == -1) { - RSAerror(RSA_R_SSLV3_ROLLBACK_ATTACK); - return -1; - } - - i++; /* Skip over the '\0' */ - j -= i; - if (j > tlen) { - RSAerror(RSA_R_DATA_TOO_LARGE); - return -1; - } - memcpy(to, p, j); - - return j; -} -- cgit v1.2.3-55-g6feb