From patchwork Mon Jun 28 16:25:18 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498049 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=L7g2rPwK; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=l7gTLf1Q; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCgy1PRHz9sV8 for ; Tue, 29 Jun 2021 02:27:42 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=R/SxJR4wJatSpoDrlURQsNiVD/0kpoBbHM8Cbg7EfFI=; b=L7g2rPwKfUxsp9 1NrzNLCDvN+OIRxriF5CwUDLw34fnGFFcV4OmvrmhL5cHIR0iInSYmFXZhxMqngYGCFvdehL8lMv/ 68oyPA/eVfmWIHv+DY8KklBnCxaY8iBGBY9oQXUS+OE1zrJuhtO1gmfMJEIXEnp/HvU3uku1xAdU0 +aaBJPyu1ETYGrYdpT/cCa499MuL02jIumq24zk2DJ+hsjxsLaAni6aM1p7rxMep74sinmW0n0S5Y E3U7YXYpZ3SzRbn57filbDLXjxthoklF9whkrRbDLaTEqv4p+/qgR0+2S355vJLHRybdGkXQWni9K TXlaZLxoJP90g/7gxy+A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5F-008alF-EO; Mon, 28 Jun 2021 16:26:05 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu4v-008ad7-VF for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:25:50 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897540; x=1627489540; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=gGjPSR90vLDMih0QfRJVsBjhX2ulnCQW3Mh4nO9SUvw=; b=l7gTLf1QbfEKzQxYxdPUo1pcC9lL3Ic9tJ6fthwNMAwZMK90VM2rSNQpuzjNAwLW 4raARAEH/OgWWeliu1D1ESJ8D7dCdW0OLZG4KtmtDdmLkJCfpNyQIeKX7ZMjj5g9 R3k3UaR90s5ouKGtPMJej+4xZAs6tQ0D72Y0tv/RrSQ=; X-AuditID: c3528109-8b7e670000004490-59-60d9f8040678 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 14.2B.17552.408F9D06; Mon, 28 Jun 2021 19:25:40 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:39 +0300 From: Cedric Izoard To: Subject: [PATCH 01/21] Complete Documentation in crypto.h Date: Mon, 28 Jun 2021 18:25:18 +0200 Message-ID: <20210628162538.21067-2-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-1.983600-4.000000-10 X-TMASE-MatchedRID: n6UvH3YjMbnp3D7FGdYHwpXi1z8zt1TRoK7KnynDskqVd+IPOvaTuSmC jjsTccFFrdoLblq9S5ori+MnLkMeA2Z4r5lDXjKW2emAHMEmc+8KJM4okvH5XjGQt2RbsLmqIAJ i2l7q3lvVZ3VvMqnbxanZ1899AXNTyDVAWKR8vS3X3j/lf1V8LHyzRzLq38pIkY8eITaSJPhdHF JlVBEkK4ONuK+lvhc40pef7dx+3kUjMoowhl/zYTVR5KpaY+lVVC0UatNKNpmFmddrIUs34s79P lJmAmXDktRM4lKHn0t9mooLfGRbW89FLr5Xn6Qq585VzGMOFzA9wJeM2pSaRcK21zBg2KlfvG0V HndRxgKoGmXRF/2e+W/W5gLRi/p+mezAceliU/GkBptHHpBDq5htL9S3xgzu0vx5/tvXDn0o6ai ib8chn9yW1da5foFbEI/jl5SM+fF/SS9mST1C/+fzZPCfTkih9dEoIuZmzr1Q3NowlnQpfg== X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--1.983600-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 1AF23E1BC62FAF1718C25A6EE513FB61141893AF4A3CFC11212534A1A12A05302000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrPIsWRmVeSWpSXmKPExsVyYIUtty7Lj5sJBm/3mlusfZTmwOixeUl9 AGOUrk1SYklZcGZ6nr6dTUlOsUJxaklJZl66rZKvY6QSUCypsiCxuFi3uCAxV98uQTfj4IfF 7AUvtSq2XLzL2MD4VKmLkZNDQsBE4sH2lUxdjFwcQgJ7GSXamh8wQzgrGCXeXDrACFLFJmAg 8fXHfCYQW0RAQaLz6XZmEFtYwFJi2ZSzbF2MHBwsAqoSX1rCQExeAXuJGc3uEPPlJZ5Nn8cO YnMKOEj83PeZFcQWAio5NGsFC4jNKyAocXLmEzCbWUBTonX7b3YIW16ieetsZoh6dYmda5pZ IGZaSOzpWcEEYatL/G5cxQJysoTAPBaJH8cXsYLcIAF05ucZxjA3fLwwgxHCVpXY37eNCeb3 Bb+uQc2MkLjRM5NlAqP4LCQnzUJy0iwkJy1gZF7FKJhbkZmjl5xalqibUlygl5yfu4kRGGOH gxo5dzB+Xhp/iJGJg/EQowQHs5IIr1jVtQQh3pTEyqrUovz4otKc1OJDjMnAUJvILCWanA+M 8bySeENTc0tzIwMLC3NTQzMihA3MzUzMgZSxuYmSOG+a4NYEIYH0xJLU7NTUgtQimC1MHJwg V3BJiRSn5qWkFiWWlmTEg9JOfDEw8Ug1MEq2ijVfXjrxYEtryFrbHedjX1lZfDlRt8R2lY7t xXhje/moAhev0rVr3eRu7L7s9XjnF0vez/8W34hP+fncYs7RgKvRc2+dO2pbXret21EmObTv Xo1I3JIytqCajdElDtHGMttLNv5LWjAx633NGnfjc8InAs++bxH8cLF1xfPbXyre/mDM2qfE UpyRaKjFXFScCADIEd9zAgMAAA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092546_277196_8B8BB29B X-CRM114-Status: GOOD ( 12.63 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add missing documentation for crypto_ecdh and crypt_ec_key functions Signed-off-by: Cedric Izoard --- src/crypto/crypto.h | 106 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 106 insertions(+) Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add missing documentation for crypto_ecdh and crypt_ec_key functions Signed-off-by: Cedric Izoard --- src/crypto/crypto.h | 106 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 106 insertions(+) diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index 7d2ebd61c..9f1ff45a3 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -762,7 +762,18 @@ const struct crypto_bignum * crypto_ec_get_prime(struct crypto_ec *e); */ const struct crypto_bignum * crypto_ec_get_order(struct crypto_ec *e); +/** + * crypto_ec_get_a - Get 'a' coef of an EC group's curve + * @e: EC context from crypto_ec_init() + * Returns: 'a' coef (bignum) of the group + */ const struct crypto_bignum * crypto_ec_get_a(struct crypto_ec *e); + +/** + * crypto_ec_get_b - Get 'b' coef of an EC group's curve + * @e: EC context from crypto_ec_init() + * Returns: 'b' coef (bignum) of the group + */ const struct crypto_bignum * crypto_ec_get_b(struct crypto_ec *e); /** @@ -909,25 +920,120 @@ int crypto_ec_point_cmp(const struct crypto_ec *e, const struct crypto_ec_point *a, const struct crypto_ec_point *b); +/** + * struct crypto_ecdh - Elliptic Curve Diffie–Hellman context + * + * Internal data structure for ECDH. The contents is specific to the used + * crypto library. + */ struct crypto_ecdh; +/** + * crypto_ecdh_init - Initialize elliptic curve diffie–hellman context + * @group: Identifying number for the ECC group (IANA "Group Description" + * attribute registrty for RFC 2409) + * Returns: Pointer to ECDH context or %NULL on failure + */ struct crypto_ecdh * crypto_ecdh_init(int group); + +/** + * crypto_ecdh_get_pubkey - Retrieve Public from ECDH context + * @ecdh: ECDH context from crypto_ecdh_init() + * @inc_y: Whether public key should include y coordinate (explicit form) + * or not (compressed form) + * Returns: Binary data f the public key or %NULL on failure + */ struct wpabuf * crypto_ecdh_get_pubkey(struct crypto_ecdh *ecdh, int inc_y); + +/** + * crypto_ecdh_set_peerkey - Compute ECDH secret + * @ecdh: ECDH context from crypto_ecdh_init() + * @inc_y: Whether Peer's public key includes y coordinate (explicit form) + * or not (compressed form) + * @key: Binary data of the Peer's public key + * @len: Length of the @key buffer + * Returns: Binary data with the EDCH secret or %NULL on failure + */ struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y, const u8 *key, size_t len); + +/** + * crypto_ecdh_deinit - Free ECDH context + * @ecdh: ECDH context from crypto_ecdh_init() + */ void crypto_ecdh_deinit(struct crypto_ecdh *ecdh); + +/** + * crypto_ecdh_prime_len - Get length of the prime in octets + * @e: ECDH context from crypto_ecdh_init() + * Returns: Length of the prime defining the group + */ size_t crypto_ecdh_prime_len(struct crypto_ecdh *ecdh); +/** + * struct crypto_ec_key - Elliptic Curve Key pair + * + * Internal data structure for EC Key pair. The contents is specific to the used + * crypto library. + */ struct crypto_ec_key; +/** + * crypto_ec_key_parse_priv - Initialize EC Key pair from ECPrivateKey ASN.1 + * @der: DER encoding of ASN.1 ECPrivateKey + * @der_len: Length of @der buffer + * Returns: EC key or %NULL on failure + */ struct crypto_ec_key * crypto_ec_key_parse_priv(const u8 *der, size_t der_len); + +/** + * crypto_ec_key_parse_pub - Initialize EC Key pair from SubjectPublicKeyInfo ASN.1 + * @der: DER encoding of ASN.1 SubjectPublicKeyInfo + * @der_len: Length of @der buffer + * Returns: EC key or %NULL on failure + */ struct crypto_ec_key * crypto_ec_key_parse_pub(const u8 *der, size_t der_len); + +/** + * crypto_ec_key_deinit - Free EC Key + * @key: EC key from crypto_ec_key_parse_pub() or crypto_ec_key_parse_priv() + */ void crypto_ec_key_deinit(struct crypto_ec_key *key); + +/** + * crypto_ec_key_get_subject_public_key - Get SubjectPublicKeyInfo ASN.1 for a EC key + * @key: EC key from crypto_ec_key_parse_pub() or crypto_ec_key_parse_priv() + * Returns: Buffer with DER encoding of ASN.1 SubjectPublicKeyInfo or %NULL on failure + */ struct wpabuf * crypto_ec_key_get_subject_public_key(struct crypto_ec_key *key); + +/** + * crypto_ec_key_sign - Sign a buffer with an EC key + * @key: EC key from crypto_ec_key_parse_priv() + * @data: Data to sign + * @len: Length of @data buffer + * Returns: Buffer with DER encoding of ASN.1 Ecdsa-Sig-Value or %NULL on failure + */ struct wpabuf * crypto_ec_key_sign(struct crypto_ec_key *key, const u8 *data, size_t len); + +/** + * crypto_ec_key_verify_signature - Verify signature + * @key: EC key from crypto_ec_key_parse_pub() + * @data: Data to signed + * @len: Length of @data buffer + * @sig: DER encoding of ASN.1 Ecdsa-Sig-Value + * @sig_len: Length of @sig buffer + * Returns: 1 if signature is valid, 0 if signature is invalid and -1 on failure + */ int crypto_ec_key_verify_signature(struct crypto_ec_key *key, const u8 *data, size_t len, const u8 *sig, size_t sig_len); + +/** + * crypto_ec_key_group - Get IANA group identifier for an EC key + * @key: EC key from crypto_ec_key_parse_pub() or crypto_ec_key_parse_priv() + * Returns: IANA group identifier and -1 on failure + */ int crypto_ec_key_group(struct crypto_ec_key *key); #endif /* CRYPTO_H */ From patchwork Mon Jun 28 16:25:19 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498050 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=JqyW3coJ; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=DnuhSNzR; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCh84qyvz9sTD for ; Tue, 29 Jun 2021 02:27:52 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=peKGx4+MPOx3Ucmp5zLXo3TjVJRmr1HERmZfDArNXDs=; b=JqyW3coJyntqXm 2tfaPDBk01dmGmrA9XogqM9nNSaGNDV5nAw76Ib+ANF8uAhFZbwUKVosK8qUpLfOQix5Tz0K+qp/4 Iy1QybBcdHOQ664SpaORXDAhM9YddpJ48dMKOoRp8BodeFoDgnkMPW4mxCOysNnm14nzPvOkA1BnH WDsZHczjVVEowXh1AbEgh8jW11bvMmzTiSkCKmn1B75Ey0S9oBLJKwmDrqwJjCMMb3Xfk2Te0j4D9 5DO+bBsp0NHFBKb8xGEoWTrPrkvI+U+Mo6GmoeO8wosyHbv1AYikUrnSTrh7v+PalLEOV3AdRE/xn ueWDCgOJQcqoouNlE6cg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5N-008ank-UI; Mon, 28 Jun 2021 16:26:14 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu4x-008ae6-RW for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:25:51 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897541; x=1627489541; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=a+2Ns2+Ba2w/604nv+ONZchBcYujyY+OaYYq1gLwyIk=; b=DnuhSNzRRBiJR0utGnpFc7P+W483O3cUzhHhpR8IZj9w6QlApBGFaLHJk2eX8eEx TkoA0C60+jnfNMEmGc8oVYJphk6rhp8yo5qCBEWoQaxJCQRCkXWZdQ3JgAYW59QN KIk7TgiUYoeuA4O3gfyBI6NhXTykhuYbPO9+GQof/lI=; X-AuditID: c3528109-88be570000004490-5a-60d9f8052c8f Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 34.2B.17552.508F9D06; Mon, 28 Jun 2021 19:25:41 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:40 +0300 From: Cedric Izoard To: Subject: [PATCH 02/21] openssl: use EVP_PKEY as struct crypto_ec_key Date: Mon, 28 Jun 2021 18:25:19 +0200 Message-ID: <20210628162538.21067-3-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-4.939700-4.000000-10 X-TMASE-MatchedRID: Y0h0Vga6UK+Wg64ZxahvdAXGi/7cli9jT7iS5InK23qHTwODLsWBfOrO SEJRBEaX5ti+J9RHf3moYRd5zpZTBFPlr5afWtNUPwKTD1v8YV5MkOX0UoduuUekR3VSvOYVFOJ GGyZN+UFdgcmZsQ1ZOYPnIweqNZ8NvS5FZtolGKW84C/3iwAgxLnPOu2nfL2juJn2RoEmvLLv8k ZFnw+AJ9qyd5/fm7xhu7859yts8DPxzJTvU4WwfwzrPeIO/OIHMRK3l+9mx5699HLNkDlKBZ4CI KY/Hg3AGdQnQSTrKGPEQdG7H66TyN+E/XGDLHcMO4f1T2iSlXXN9i0+UGcap39UsIPKOL276eF6 qS9BM1vDdgC+zq11oIrSiDz0gEidhLglU2kugDxhJwgnvTZ38sw6G3kzyjUyJ13PCNPL3243Utg 4nT7uGbJCew5iE+7+aNdgoCgnb8jIWq6FUoB6/A== X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--4.939700-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 1B06E6E23480BEF6361A4CBD273AA579E2C6F8E251CFD16FE5B63C3967A76D842000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrOIsWRmVeSWpSXmKPExsVyYIUtty7rj5sJBpeeqVisfZTmwOixeUl9 AGOUrk1SYklZcGZ6nr6dTUlOsUJxaklJZl66rZKvY6QSUCypsiCxuFi3uCAxV98uQTejf9IF toIFKhVvT85ibGA8K9vFyMEhIWAise9eXhcjF4eQwF5GiXv3j7NAOCsYJf7fes/axcjJwSZg IPH1x3wmEFtEQEGi8+l2ZhBbWMBFYtaMLrAaFgFVif//JzGCDOUVsJfo2WILEpYQkJd4Nn0e O4jNKeAg8XPfZ7ByIaCSQ7NWsIDYvAKCEidnPgGzmQUkJA6+eMEMUaMusXNNMwvEHAuJPT0r mCBsdYm+VZ/A7pQQ+Mcsce/ccXaIZxQkPs8whtn78cIMRghbVWJSy1aoXhOJBb+uQc2MkPj9 ezvbBEaxWUjOmIXkjAWMTKsYBXMrMnP0klPLEnVTigv0kvNzNzECY+ZwUCPnDsbPS+MPMTJx MB5ilOBgVhLhFau6liDEm5JYWZValB9fVJqTWnyIMRkYPBOZpUST84Exm1cSb2hqbmluZGBh YW5qaEaEsIG5mYk5kDI2N1ES500T3JogJJCeWJKanZpakFoEs4WJgxPkCi4pkeLUvJTUosTS kox4UBqJLwYmEqkGRkm+r0nfZ3/5dProTiXlbequhdfNJ2691FpRW9ZU+/DrPY7d3i4PJ3Y0 Ly8RKmXXlpSZzMK/OSHo8D7u2zwHD8p98OeKEz6//VjM4p3+M0SSHvb8Ope+0TD12eEU442d FT6JD2a9W/vPy98lfvvjCXc1Hn5ilTnMPPub3q231tZ8/hzbmDUdHZVYijMSDbWYi4oTAd7j 3dzqAgAA X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092548_132025_EA8682F9 X-CRM114-Status: GOOD ( 11.54 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Remove definition of struct crypto_ec_key and directly cast struct crypto_ec_key * to EVP_PKEY * (and vice versa). Indeed EVP_PKEY already have poitner to EC_KEY and removing this intermediate structure allow smoother transition in removing direct openssl dependency in DPP. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Remove definition of struct crypto_ec_key and directly cast struct crypto_ec_key * to EVP_PKEY * (and vice versa). Indeed EVP_PKEY already have poitner to EC_KEY and removing this intermediate structure allow smoother transition in removing direct openssl dependency in DPP. Signed-off-by: Cedric Izoard --- src/crypto/crypto_openssl.c | 67 ++++++++++++++++--------------------- 1 file changed, 29 insertions(+), 38 deletions(-) diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index a4b1083bb..404339451 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -2186,63 +2186,51 @@ size_t crypto_ecdh_prime_len(struct crypto_ecdh *ecdh) } -struct crypto_ec_key { - EVP_PKEY *pkey; - EC_KEY *eckey; -}; - - struct crypto_ec_key * crypto_ec_key_parse_priv(const u8 *der, size_t der_len) { - struct crypto_ec_key *key; - - key = os_zalloc(sizeof(*key)); - if (!key) - return NULL; + EVP_PKEY *pkey = NULL; + EC_KEY *eckey; - key->eckey = d2i_ECPrivateKey(NULL, &der, der_len); - if (!key->eckey) { + eckey = d2i_ECPrivateKey(NULL, &der, der_len); + if (!eckey) { wpa_printf(MSG_INFO, "OpenSSL: d2i_ECPrivateKey() failed: %s", ERR_error_string(ERR_get_error(), NULL)); goto fail; } - EC_KEY_set_conv_form(key->eckey, POINT_CONVERSION_COMPRESSED); + EC_KEY_set_conv_form(eckey, POINT_CONVERSION_COMPRESSED); - key->pkey = EVP_PKEY_new(); - if (!key->pkey || EVP_PKEY_assign_EC_KEY(key->pkey, key->eckey) != 1) { - EC_KEY_free(key->eckey); - key->eckey = NULL; + pkey = EVP_PKEY_new(); + if (!pkey || EVP_PKEY_assign_EC_KEY(pkey, eckey) != 1) { + EC_KEY_free(eckey); goto fail; } - return key; + return (struct crypto_ec_key *)pkey; fail: - crypto_ec_key_deinit(key); + crypto_ec_key_deinit((struct crypto_ec_key *)pkey); return NULL; } struct crypto_ec_key * crypto_ec_key_parse_pub(const u8 *der, size_t der_len) { - struct crypto_ec_key *key; - - key = os_zalloc(sizeof(*key)); - if (!key) - return NULL; + EVP_PKEY *pkey; + EC_KEY *eckey; - key->pkey = d2i_PUBKEY(NULL, &der, der_len); - if (!key->pkey) { + pkey = d2i_PUBKEY(NULL, &der, der_len); + if (!pkey) { wpa_printf(MSG_INFO, "OpenSSL: d2i_PUBKEY() failed: %s", ERR_error_string(ERR_get_error(), NULL)); goto fail; } - key->eckey = EVP_PKEY_get0_EC_KEY(key->pkey); - if (!key->eckey) + // ensure this is an EC key + eckey = EVP_PKEY_get0_EC_KEY(pkey); + if (!eckey) goto fail; - return key; + return (struct crypto_ec_key *)pkey; fail: - crypto_ec_key_deinit(key); + crypto_ec_key_deinit((struct crypto_ec_key *)pkey); return NULL; } @@ -2250,8 +2238,7 @@ fail: void crypto_ec_key_deinit(struct crypto_ec_key *key) { if (key) { - EVP_PKEY_free(key->pkey); - os_free(key); + EVP_PKEY_free((EVP_PKEY *)key); } } @@ -2262,7 +2249,7 @@ struct wpabuf * crypto_ec_key_get_subject_public_key(struct crypto_ec_key *key) int der_len; struct wpabuf *buf; - der_len = i2d_PUBKEY(key->pkey, &der); + der_len = i2d_PUBKEY((EVP_PKEY *)key, &der); if (der_len <= 0) { wpa_printf(MSG_INFO, "OpenSSL: i2d_PUBKEY() failed: %s", ERR_error_string(ERR_get_error(), NULL)); @@ -2282,12 +2269,12 @@ struct wpabuf * crypto_ec_key_sign(struct crypto_ec_key *key, const u8 *data, struct wpabuf *sig_der; size_t sig_len; - sig_len = EVP_PKEY_size(key->pkey); + sig_len = EVP_PKEY_size((EVP_PKEY *)key); sig_der = wpabuf_alloc(sig_len); if (!sig_der) return NULL; - pkctx = EVP_PKEY_CTX_new(key->pkey, NULL); + pkctx = EVP_PKEY_CTX_new((EVP_PKEY *)key, NULL); if (!pkctx || EVP_PKEY_sign_init(pkctx) <= 0 || EVP_PKEY_sign(pkctx, wpabuf_put(sig_der, 0), &sig_len, @@ -2309,7 +2296,7 @@ int crypto_ec_key_verify_signature(struct crypto_ec_key *key, const u8 *data, EVP_PKEY_CTX *pkctx; int ret; - pkctx = EVP_PKEY_CTX_new(key->pkey, NULL); + pkctx = EVP_PKEY_CTX_new((EVP_PKEY *)key, NULL); if (!pkctx || EVP_PKEY_verify_init(pkctx) <= 0) { EVP_PKEY_CTX_free(pkctx); return -1; @@ -2327,10 +2314,14 @@ int crypto_ec_key_verify_signature(struct crypto_ec_key *key, const u8 *data, int crypto_ec_key_group(struct crypto_ec_key *key) { + EC_KEY *eckey; const EC_GROUP *group; int nid; - group = EC_KEY_get0_group(key->eckey); + eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)key); + if (!eckey) + return -1; + group = EC_KEY_get0_group(eckey); if (!group) return -1; nid = EC_GROUP_get_curve_name(group); From patchwork Mon Jun 28 16:25:20 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1499935 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=M92ye06T; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=XnkzQQPs; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GGVjr1jJPz9sSs for ; Fri, 2 Jul 2021 19:52:16 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=/LRiyMy8b2/BPEZusnG7hk35G/54M3rn4P7gtyGeqCk=; b=M92ye06TlEPUej n0XjVtlraIvp1j4iADn6e2nwqarS12rex89mBaxWZjRm77zBkw6Y3r4G9Rf6Z9uvXcXK0cr376Rtn t1KjCkvuThsZ/8HS+Vb6D6i3nrcCB9ShgaBoJjKD8Ijpd14WBmZseuKvb6mmFanh97I4CGti73pyL 2WStvPjJg4fXW85vvqH2RiQkyzqlu2o/pegjbb7CTY+pO9nf3QdsJPj8TS74OO1WzWqnZFka4fVa9 /Na5F1XKHiJCD+zxfE5wzS4ccnqHU5C3lHbEORcpeKI/Mv0EAWQyWGK2je99FBgkYaW4Fm4UilHQH DagvAAtKcmd4NHHIMS+g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lzFoi-002h4g-VP; Fri, 02 Jul 2021 09:50:37 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu51-008afI-1O for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:25:57 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897542; x=1627489542; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=V2d7qm3qoJXtDEi97yL9M3hFBxcYAixIcv084upDwfQ=; b=XnkzQQPsYfftmAmoKicafaS/BdfT/7tBTkYw8N5ZdlrEtx7BZa+w3SO8DxImAFpY mUYYhYhmrjHeW+oVb8Nt7DSwJavAoR5A/zNP4RNo8h/lE2ebEMUm7/IYXiZlb9zW Bn7+fRSOtNs5ri8yKQacEPmkHRScmXkAp/EV7pe+3N4=; X-AuditID: c3528109-8b7e670000004490-5b-60d9f806436d Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 54.2B.17552.608F9D06; Mon, 28 Jun 2021 19:25:42 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:41 +0300 From: Cedric Izoard To: Subject: [PATCH 03/21] dpp: replace EVP_PKEY by struct crypto_ec_key Date: Mon, 28 Jun 2021 18:25:20 +0200 Message-ID: <20210628162538.21067-4-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-9.808000-4.000000-10 X-TMASE-MatchedRID: dAGCltnQQV7Iarh/uoUlq/BvAgExIEumDCL3DFG3704agfsCivbmXpma pvqS+7VZi4d5nOgJxk18SEsJUOYoQYn7DYFw3ayGC/N7ukLndIAJ59kiBy815QaYevV4zG3ZQBz oPKhLasjgr0WZ6u+ypdCYdMxRJXqNgTr7UU5CeoPGL//8mlodA29uQn4izNaosp5O052MzLqIPp FRAqpgC+UEB44T15DJ8Ki0i1VcOJ8UkBn0ZZLu9A97mDMXdNW3X93p52Kh3tjVm/zFztl3S8FaQ SVKPpRRJXVHZXicA46LZQCmElUWAX7savaFQtEKfY+iJfFQBxcyhLY8urUHvpcvG15ORtQPnrYu ZVOh1VzHDDGEG2bcq8C8+89/jO1Gy7mv6nWHz+zHmyDJSEsI2xNxIBdPjFbggFqFyFKvwOnRtPV jdEM29Dvqt5CgaprdeXwbU4DmdDXUsV22aJ5sTnIyzDBHWyvrdbj4+aJ0M/BYC5LPd7BvbR1DWC Ry0bu337EGuHgN7aYHWYg588z2k8lvXjuDScZelVHM/F6YkvQEa8g1x8eqF1xApu1e+FWF1GHkJ fGfn3hSxB6D0xIdzwn8M96noPZWhIf8oP/tBGDM0ihsfYPMYd2Emh5Z2S/N3M41rVGynHeR7BD0 B8/rLBKBM8NEaed1q4tDHpM//bJ8m+cg4DIARHOzSsLVQWM9hnCFIAQefshM+b8yxBqvA8Nsx6m gbAHnkXXVOAfO17ebKItl61J/yZ+inTK0bC9eKrauXd3MZDUoQO4a2bUsjEMMprcbiest X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--9.808000-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: C673C481758DA8468DDC51646155FFACB22B2E9554008B467256573B5533D8142000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrJIsWRmVeSWpSXmKPExsVyYIUtty7bj5sJBm/uiFmsfZTmwOixeUl9 AGOUrk1SYklZcGZ6nr6dTUlOsUJxaklJZl66rZKvY6QSUCypsiCxuFi3uCAxV98uQTfj5OvL zAXdb5gqjuxZwdzA+Go1UxcjJ4eEgInE1tOT2LoYuTiEBPYyShz53sgOkhASWMEo0TXHFsRm EzCQ+PpjPliDiICCROfT7cwgtrCAi8TPxqeMIDaLgKrErj2T2UBsXgF7ieOP37BDLJCXeDZ9 HpjNKeAg8XPfZ1aI+fYSh2atYIGoF5Q4OfMJmM0sICFx8MULZogadYmda5pZIOZYSOzpWQF1 tLrE4ykTmECOlhC4xCbx7t0uIIcDyFGQ+DzDGGbvxwszGCFsVYkXF74wwjy84Nc1FojyCInd czknMIrNQnLFLCRXLGBkWsUomFuRmaOXnFqWqJtSXKCXnJ+7iREYN4eDGjl3MH5eGn+IkYmD 8RCjBAezkgivWNW1BCHelMTKqtSi/Pii0pzU4kOMycDgmcgsJZqcD4zbvJJ4Q1NzS3MjAwsL c1NDMyKEDczNTMyBlLG5iZI4b5rg1gQhgfTEktTs1NSC1CKYLUwcnCBXcEmJFKfmpaQWJZaW ZMSDUkl8MTCZSDUwpuVuuetb/uHjFZm3Vk56273NYiexhNR6tDMfWbDrjXTJ9Yj01Ijl13+6 dfYpS32ptMz79z/IXdBXxMLt0MOjb47sU+U7///Seta8poU67/m4OXo7lrPs/8cvueaw4Or/ KwU9Mip+vFiQZTVz/dui5zkrGq9npIcE+ZwrvXb+5Lqu7QeY50ttVWIpzkg01GIuKk4EAHSz +/XsAgAA X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092551_822228_097261E6 X-CRM114-Status: GOOD ( 17.75 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: In order to remove direct dependency to openssl in DPP replace EVP_PKEY by struct crypto_ec_key in all structures and function prototypes All direct call to EVP_PKEY_free are replaced by call to crypto_ec_key_deinit. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-Mailman-Approved-At: Fri, 02 Jul 2021 02:50:35 -0700 X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org In order to remove direct dependency to openssl in DPP replace EVP_PKEY by struct crypto_ec_key in all structures and function prototypes All direct call to EVP_PKEY_free are replaced by call to crypto_ec_key_deinit. Signed-off-by: Cedric Izoard --- src/common/dpp.c | 60 ++++++------- src/common/dpp.h | 26 +++--- src/common/dpp_auth.c | 12 +-- src/common/dpp_backup.c | 16 ++-- src/common/dpp_crypto.c | 179 +++++++++++++++++++------------------- src/common/dpp_i.h | 43 ++++----- src/common/dpp_pkex.c | 18 ++-- src/common/dpp_reconfig.c | 18 ++-- 8 files changed, 187 insertions(+), 185 deletions(-) diff --git a/src/common/dpp.c b/src/common/dpp.c index 3c8c7682d..14783ba74 100644 --- a/src/common/dpp.c +++ b/src/common/dpp.c @@ -180,7 +180,7 @@ void dpp_bootstrap_info_free(struct dpp_bootstrap_info *info) os_free(info->info); os_free(info->chan); os_free(info->pk); - EVP_PKEY_free(info->pubkey); + crypto_ec_key_deinit(info->pubkey); str_clear_free(info->configurator_params); os_free(info); } @@ -1268,9 +1268,9 @@ void dpp_auth_deinit(struct dpp_authentication *auth) dpp_configuration_free(auth->conf2_ap); dpp_configuration_free(auth->conf_sta); dpp_configuration_free(auth->conf2_sta); - EVP_PKEY_free(auth->own_protocol_key); - EVP_PKEY_free(auth->peer_protocol_key); - EVP_PKEY_free(auth->reconfig_old_protocol_key); + crypto_ec_key_deinit(auth->own_protocol_key); + crypto_ec_key_deinit(auth->peer_protocol_key); + crypto_ec_key_deinit(auth->reconfig_old_protocol_key); wpabuf_free(auth->req_msg); wpabuf_free(auth->resp_msg); wpabuf_free(auth->conf_req); @@ -1360,7 +1360,7 @@ dpp_build_conf_start(struct dpp_authentication *auth, } -int dpp_build_jwk(struct wpabuf *buf, const char *name, EVP_PKEY *key, +int dpp_build_jwk(struct wpabuf *buf, const char *name, struct crypto_ec_key *key, const char *kid, const struct dpp_curve_params *curve) { struct wpabuf *pub; @@ -2160,14 +2160,14 @@ static int dpp_parse_cred_legacy(struct dpp_config_obj *conf, } -EVP_PKEY * dpp_parse_jwk(struct json_token *jwk, - const struct dpp_curve_params **key_curve) +struct crypto_ec_key * dpp_parse_jwk(struct json_token *jwk, + const struct dpp_curve_params **key_curve) { struct json_token *token; const struct dpp_curve_params *curve; struct wpabuf *x = NULL, *y = NULL; EC_GROUP *group; - EVP_PKEY *pkey = NULL; + struct crypto_ec_key *pkey = NULL; token = json_get_member(jwk, "kty"); if (!token || token->type != JSON_STRING) { @@ -2325,7 +2325,7 @@ static int dpp_parse_connector(struct dpp_authentication *auth, { struct json_token *root, *groups, *netkey, *token; int ret = -1; - EVP_PKEY *key = NULL; + struct crypto_ec_key *key = NULL; const struct dpp_curve_params *curve; unsigned int rules = 0; @@ -2392,7 +2392,7 @@ skip_groups: goto fail; dpp_debug_print_key("DPP: Received netAccessKey", key); - if (EVP_PKEY_cmp(key, auth->own_protocol_key) != 1) { + if (EVP_PKEY_cmp((EVP_PKEY *)key, (EVP_PKEY *)auth->own_protocol_key) != 1) { wpa_printf(MSG_DEBUG, "DPP: netAccessKey in connector does not match own protocol key"); #ifdef CONFIG_TESTING_OPTIONS @@ -2409,18 +2409,18 @@ skip_groups: ret = 0; fail: - EVP_PKEY_free(key); + crypto_ec_key_deinit(key); json_free(root); return ret; } -static void dpp_copy_csign(struct dpp_config_obj *conf, EVP_PKEY *csign) +static void dpp_copy_csign(struct dpp_config_obj *conf, struct crypto_ec_key *csign) { unsigned char *der = NULL; int der_len; - der_len = i2d_PUBKEY(csign, &der); + der_len = i2d_PUBKEY((EVP_PKEY *)csign, &der); if (der_len <= 0) return; wpabuf_free(conf->c_sign_key); @@ -2429,12 +2429,12 @@ static void dpp_copy_csign(struct dpp_config_obj *conf, EVP_PKEY *csign) } -static void dpp_copy_ppkey(struct dpp_config_obj *conf, EVP_PKEY *ppkey) +static void dpp_copy_ppkey(struct dpp_config_obj *conf, struct crypto_ec_key *ppkey) { unsigned char *der = NULL; int der_len; - der_len = i2d_PUBKEY(ppkey, &der); + der_len = i2d_PUBKEY((EVP_PKEY *)ppkey, &der); if (der_len <= 0) return; wpabuf_free(conf->pp_key); @@ -2449,7 +2449,7 @@ static void dpp_copy_netaccesskey(struct dpp_authentication *auth, unsigned char *der = NULL; int der_len; EC_KEY *eckey; - EVP_PKEY *own_key; + struct crypto_ec_key *own_key; own_key = auth->own_protocol_key; #ifdef CONFIG_DPP2 @@ -2457,7 +2457,7 @@ static void dpp_copy_netaccesskey(struct dpp_authentication *auth, auth->reconfig_old_protocol_key) own_key = auth->reconfig_old_protocol_key; #endif /* CONFIG_DPP2 */ - eckey = EVP_PKEY_get1_EC_KEY(own_key); + eckey = EVP_PKEY_get1_EC_KEY((EVP_PKEY *)own_key); if (!eckey) return; @@ -2480,7 +2480,7 @@ static int dpp_parse_cred_dpp(struct dpp_authentication *auth, struct dpp_signed_connector_info info; struct json_token *token, *csign, *ppkey; int ret = -1; - EVP_PKEY *csign_pub = NULL, *pp_pub = NULL; + struct crypto_ec_key *csign_pub = NULL, *pp_pub = NULL; const struct dpp_curve_params *key_curve = NULL, *pp_curve = NULL; const char *signed_connector; @@ -2560,8 +2560,8 @@ static int dpp_parse_cred_dpp(struct dpp_authentication *auth, ret = 0; fail: - EVP_PKEY_free(csign_pub); - EVP_PKEY_free(pp_pub); + crypto_ec_key_deinit(csign_pub); + crypto_ec_key_deinit(pp_pub); os_free(info.payload); return ret; } @@ -3394,11 +3394,11 @@ void dpp_configurator_free(struct dpp_configurator *conf) { if (!conf) return; - EVP_PKEY_free(conf->csign); + crypto_ec_key_deinit(conf->csign); os_free(conf->kid); os_free(conf->connector); - EVP_PKEY_free(conf->connector_key); - EVP_PKEY_free(conf->pp_key); + crypto_ec_key_deinit(conf->connector_key); + crypto_ec_key_deinit(conf->pp_key); os_free(conf); } @@ -3413,7 +3413,7 @@ int dpp_configurator_get_key(const struct dpp_configurator *conf, char *buf, if (!conf->csign) return -1; - eckey = EVP_PKEY_get1_EC_KEY(conf->csign); + eckey = EVP_PKEY_get1_EC_KEY((EVP_PKEY *)conf->csign); if (!eckey) return -1; @@ -3670,7 +3670,7 @@ dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector, struct json_token *root = NULL, *netkey, *token; struct json_token *own_root = NULL; enum dpp_status_error ret = 255, res; - EVP_PKEY *own_key = NULL, *peer_key = NULL; + struct crypto_ec_key *own_key = NULL, *peer_key = NULL; struct wpabuf *own_key_pub = NULL; const struct dpp_curve_params *curve, *own_curve; struct dpp_signed_connector_info info; @@ -3776,9 +3776,9 @@ fail: os_memset(intro, 0, sizeof(*intro)); os_memset(Nx, 0, sizeof(Nx)); os_free(info.payload); - EVP_PKEY_free(own_key); + crypto_ec_key_deinit(own_key); wpabuf_free(own_key_pub); - EVP_PKEY_free(peer_key); + crypto_ec_key_deinit(peer_key); json_free(root); json_free(own_root); return ret; @@ -4129,7 +4129,7 @@ static int dpp_nfc_update_bi_key(struct dpp_bootstrap_info *own_bi, wpa_printf(MSG_DEBUG, "DPP: Update own bootstrapping key to match peer curve from NFC handover"); - EVP_PKEY_free(own_bi->pubkey); + crypto_ec_key_deinit(own_bi->pubkey); own_bi->pubkey = NULL; if (dpp_keygen(own_bi, peer_bi->curve->name, NULL, 0) < 0 || @@ -4282,7 +4282,7 @@ int dpp_configurator_from_backup(struct dpp_global *dpp, if (!key->csign || !key->pp_key) return -1; - eckey = EVP_PKEY_get0_EC_KEY(key->csign); + eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)key->csign); if (!eckey) return -1; group = EC_KEY_get0_group(eckey); @@ -4294,7 +4294,7 @@ int dpp_configurator_from_backup(struct dpp_global *dpp, wpa_printf(MSG_INFO, "DPP: Unsupported group in c-sign-key"); return -1; } - eckey_pp = EVP_PKEY_get0_EC_KEY(key->pp_key); + eckey_pp = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)key->pp_key); if (!eckey_pp) return -1; group_pp = EC_KEY_get0_group(eckey_pp); diff --git a/src/common/dpp.h b/src/common/dpp.h index 75de3cae9..40e950a96 100644 --- a/src/common/dpp.h +++ b/src/common/dpp.h @@ -16,8 +16,8 @@ #include "utils/list.h" #include "common/wpa_common.h" #include "crypto/sha256.h" +#include "crypto/crypto.h" -struct crypto_ecdh; struct hostapd_ip_addr; struct dpp_global; struct json_token; @@ -157,7 +157,7 @@ struct dpp_bootstrap_info { bool channels_listed; u8 version; int own; - EVP_PKEY *pubkey; + struct crypto_ec_key *pubkey; u8 pubkey_hash[SHA256_MAC_LEN]; u8 pubkey_hash_chirp[SHA256_MAC_LEN]; const struct dpp_curve_params *curve; @@ -180,12 +180,12 @@ struct dpp_pkex { u8 peer_mac[ETH_ALEN]; char *identifier; char *code; - EVP_PKEY *x; - EVP_PKEY *y; + struct crypto_ec_key *x; + struct crypto_ec_key *y; u8 Mx[DPP_MAX_SHARED_SECRET_LEN]; u8 Nx[DPP_MAX_SHARED_SECRET_LEN]; u8 z[DPP_MAX_HASH_LEN]; - EVP_PKEY *peer_bootstrap_key; + struct crypto_ec_key *peer_bootstrap_key; struct wpabuf *exchange_req; struct wpabuf *exchange_resp; unsigned int t; /* number of failures on code use */ @@ -234,8 +234,8 @@ struct dpp_configuration { struct dpp_asymmetric_key { struct dpp_asymmetric_key *next; - EVP_PKEY *csign; - EVP_PKEY *pp_key; + struct crypto_ec_key *csign; + struct crypto_ec_key *pp_key; char *config_template; char *connector_template; }; @@ -266,9 +266,9 @@ struct dpp_authentication { u8 i_capab; u8 r_capab; enum dpp_netrole e_netrole; - EVP_PKEY *own_protocol_key; - EVP_PKEY *peer_protocol_key; - EVP_PKEY *reconfig_old_protocol_key; + struct crypto_ec_key *own_protocol_key; + struct crypto_ec_key *peer_protocol_key; + struct crypto_ec_key *reconfig_old_protocol_key; struct wpabuf *req_msg; struct wpabuf *resp_msg; struct wpabuf *reconfig_req_msg; @@ -361,13 +361,13 @@ struct dpp_configurator { struct dl_list list; unsigned int id; int own; - EVP_PKEY *csign; + struct crypto_ec_key *csign; u8 kid_hash[SHA256_MAC_LEN]; char *kid; const struct dpp_curve_params *curve; char *connector; /* own Connector for reconfiguration */ - EVP_PKEY *connector_key; - EVP_PKEY *pp_key; + struct crypto_ec_key *connector_key; + struct crypto_ec_key *pp_key; }; struct dpp_introduction { diff --git a/src/common/dpp_auth.c b/src/common/dpp_auth.c index 0cabd647f..6c8ea8dc7 100644 --- a/src/common/dpp_auth.c +++ b/src/common/dpp_auth.c @@ -456,7 +456,7 @@ static int dpp_auth_build_resp_ok(struct dpp_authentication *auth) #endif /* CONFIG_TESTING_OPTIONS */ wpa_hexdump(MSG_DEBUG, "DPP: R-nonce", auth->r_nonce, nonce_len); - EVP_PKEY_free(auth->own_protocol_key); + crypto_ec_key_deinit(auth->own_protocol_key); #ifdef CONFIG_TESTING_OPTIONS if (dpp_protocol_key_override_len) { const struct dpp_curve_params *tmp_curve; @@ -671,7 +671,7 @@ dpp_auth_req_rx(struct dpp_global *dpp, void *msg_ctx, u8 dpp_allowed_roles, unsigned int freq, const u8 *hdr, const u8 *attr_start, size_t attr_len) { - EVP_PKEY *pi = NULL; + struct crypto_ec_key *pi = NULL; EVP_PKEY_CTX *ctx = NULL; size_t secret_len; const u8 *addr[2]; @@ -928,7 +928,7 @@ not_compatible: return auth; fail: bin_clear_free(unwrapped, unwrapped_len); - EVP_PKEY_free(pi); + crypto_ec_key_deinit(pi); EVP_PKEY_CTX_free(ctx); dpp_auth_deinit(auth); return NULL; @@ -1405,7 +1405,7 @@ struct wpabuf * dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr, const u8 *attr_start, size_t attr_len) { - EVP_PKEY *pr; + struct crypto_ec_key *pr; size_t secret_len; const u8 *addr[2]; size_t len[2]; @@ -1567,7 +1567,7 @@ dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr, dpp_auth_fail(auth, "Failed to derive ECDH shared secret"); goto fail; } - EVP_PKEY_free(auth->peer_protocol_key); + crypto_ec_key_deinit(auth->peer_protocol_key); auth->peer_protocol_key = pr; pr = NULL; @@ -1737,7 +1737,7 @@ dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr, fail: bin_clear_free(unwrapped, unwrapped_len); bin_clear_free(unwrapped2, unwrapped2_len); - EVP_PKEY_free(pr); + crypto_ec_key_deinit(pr); return NULL; } diff --git a/src/common/dpp_backup.c b/src/common/dpp_backup.c index 947a5e9ea..1e03e0fb9 100644 --- a/src/common/dpp_backup.c +++ b/src/common/dpp_backup.c @@ -39,8 +39,8 @@ void dpp_free_asymmetric_key(struct dpp_asymmetric_key *key) while (key) { struct dpp_asymmetric_key *next = key->next; - EVP_PKEY_free(key->csign); - EVP_PKEY_free(key->pp_key); + crypto_ec_key_deinit(key->csign); + crypto_ec_key_deinit(key->pp_key); str_clear_free(key->config_template); str_clear_free(key->connector_template); os_free(key); @@ -62,7 +62,7 @@ static struct wpabuf * dpp_build_conf_params(struct dpp_configurator *conf) if (!conf->pp_key) return NULL; - eckey = EVP_PKEY_get0_EC_KEY(conf->pp_key); + eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)conf->pp_key); if (!eckey) return NULL; @@ -182,7 +182,7 @@ static struct wpabuf * dpp_build_key_pkg(struct dpp_authentication *auth) unsigned char *der = NULL; int der_len; - eckey = EVP_PKEY_get0_EC_KEY(auth->conf->csign); + eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->conf->csign); if (!eckey) return NULL; @@ -982,8 +982,8 @@ dpp_parse_one_asymmetric_key(const u8 *buf, size_t len) ERR_error_string(ERR_get_error(), NULL)); goto fail; } - key->csign = EVP_PKEY_new(); - if (!key->csign || EVP_PKEY_assign_EC_KEY(key->csign, eckey) != 1) { + key->csign = (struct crypto_ec_key *)EVP_PKEY_new(); + if (!key->csign || EVP_PKEY_assign_EC_KEY((EVP_PKEY *)key->csign, eckey) != 1) { EC_KEY_free(eckey); goto fail; } @@ -1103,8 +1103,8 @@ dpp_parse_one_asymmetric_key(const u8 *buf, size_t len) ERR_error_string(ERR_get_error(), NULL)); goto fail; } - key->pp_key = EVP_PKEY_new(); - if (!key->pp_key || EVP_PKEY_assign_EC_KEY(key->pp_key, eckey) != 1) { + key->pp_key = (struct crypto_ec_key *)EVP_PKEY_new(); + if (!key->pp_key || EVP_PKEY_assign_EC_KEY((EVP_PKEY *)key->pp_key, eckey) != 1) { EC_KEY_free(eckey); goto fail; } diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index c75fc7871..bce1473d1 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -176,7 +176,7 @@ fail: } -void dpp_debug_print_key(const char *title, EVP_PKEY *key) +void dpp_debug_print_key(const char *title, struct crypto_ec_key *key) { EC_KEY *eckey; BIO *out; @@ -192,7 +192,7 @@ void dpp_debug_print_key(const char *title, EVP_PKEY *key) if (!out) return; - EVP_PKEY_print_private(out, key, 0, NULL); + EVP_PKEY_print_private(out, (EVP_PKEY *)key, 0, NULL); rlen = BIO_ctrl_pending(out); txt = os_malloc(rlen + 1); if (txt) { @@ -205,7 +205,7 @@ void dpp_debug_print_key(const char *title, EVP_PKEY *key) } BIO_free(out); - eckey = EVP_PKEY_get1_EC_KEY(key); + eckey = EVP_PKEY_get1_EC_KEY((EVP_PKEY *)key); if (!eckey) return; @@ -377,14 +377,14 @@ int dpp_bn2bin_pad(const BIGNUM *bn, u8 *pos, size_t len) } -struct wpabuf * dpp_get_pubkey_point(EVP_PKEY *pkey, int prefix) +struct wpabuf * dpp_get_pubkey_point(struct crypto_ec_key *key, int prefix) { int len, res; EC_KEY *eckey; struct wpabuf *buf; unsigned char *pos; - eckey = EVP_PKEY_get1_EC_KEY(pkey); + eckey = EVP_PKEY_get1_EC_KEY((EVP_PKEY *)key); if (!eckey) return NULL; EC_KEY_set_conv_form(eckey, POINT_CONVERSION_UNCOMPRESSED); @@ -424,9 +424,9 @@ struct wpabuf * dpp_get_pubkey_point(EVP_PKEY *pkey, int prefix) } -EVP_PKEY * dpp_set_pubkey_point_group(const EC_GROUP *group, - const u8 *buf_x, const u8 *buf_y, - size_t len) +struct crypto_ec_key * dpp_set_pubkey_point_group(const EC_GROUP *group, + const u8 *buf_x, const u8 *buf_y, + size_t len) { EC_KEY *eckey = NULL; BN_CTX *ctx; @@ -485,7 +485,7 @@ out: EC_KEY_free(eckey); EC_POINT_free(point); BN_CTX_free(ctx); - return pkey; + return (struct crypto_ec_key *)pkey; fail: EVP_PKEY_free(pkey); pkey = NULL; @@ -493,16 +493,17 @@ fail: } -EVP_PKEY * dpp_set_pubkey_point(EVP_PKEY *group_key, const u8 *buf, size_t len) +struct crypto_ec_key * dpp_set_pubkey_point(struct crypto_ec_key *group_key, + const u8 *buf, size_t len) { const EC_KEY *eckey; const EC_GROUP *group; - EVP_PKEY *pkey = NULL; + struct crypto_ec_key *pkey = NULL; if (len & 1) return NULL; - eckey = EVP_PKEY_get0_EC_KEY(group_key); + eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)group_key); if (!eckey) { wpa_printf(MSG_ERROR, "DPP: Could not get EC_KEY from group_key"); @@ -520,7 +521,7 @@ EVP_PKEY * dpp_set_pubkey_point(EVP_PKEY *group_key, const u8 *buf, size_t len) } -EVP_PKEY * dpp_gen_keypair(const struct dpp_curve_params *curve) +struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve) { EVP_PKEY_CTX *kctx = NULL; EC_KEY *ec_params = NULL; @@ -559,18 +560,18 @@ EVP_PKEY * dpp_gen_keypair(const struct dpp_curve_params *curve) } if (wpa_debug_show_keys) - dpp_debug_print_key("Own generated key", key); + dpp_debug_print_key("Own generated key", (struct crypto_ec_key *)key); fail: EC_KEY_free(ec_params); EVP_PKEY_free(params); EVP_PKEY_CTX_free(kctx); - return key; + return (struct crypto_ec_key *)key; } -EVP_PKEY * dpp_set_keypair(const struct dpp_curve_params **curve, - const u8 *privkey, size_t privkey_len) +struct crypto_ec_key * dpp_set_keypair(const struct dpp_curve_params **curve, + const u8 *privkey, size_t privkey_len) { EVP_PKEY *pkey; EC_KEY *eckey; @@ -610,7 +611,7 @@ EVP_PKEY * dpp_set_keypair(const struct dpp_curve_params **curve, EVP_PKEY_free(pkey); return NULL; } - return pkey; + return (struct crypto_ec_key *)pkey; } @@ -630,7 +631,7 @@ ASN1_SEQUENCE(DPP_BOOTSTRAPPING_KEY) = { IMPLEMENT_ASN1_FUNCTIONS(DPP_BOOTSTRAPPING_KEY); -static struct wpabuf * dpp_bootstrap_key_der(EVP_PKEY *key) +static struct wpabuf * dpp_bootstrap_key_der(struct crypto_ec_key *key) { unsigned char *der = NULL; int der_len; @@ -644,7 +645,7 @@ static struct wpabuf * dpp_bootstrap_key_der(EVP_PKEY *key) int nid; ctx = BN_CTX_new(); - eckey = EVP_PKEY_get0_EC_KEY(key); + eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)key); if (!ctx || !eckey) goto fail; @@ -883,7 +884,7 @@ int dpp_derive_bk_ke(struct dpp_authentication *auth) } -int dpp_ecdh(EVP_PKEY *own, EVP_PKEY *peer, u8 *secret, size_t *secret_len) +int dpp_ecdh(struct crypto_ec_key *own, struct crypto_ec_key *peer, u8 *secret, size_t *secret_len) { EVP_PKEY_CTX *ctx; int ret = -1; @@ -891,7 +892,7 @@ int dpp_ecdh(EVP_PKEY *own, EVP_PKEY *peer, u8 *secret, size_t *secret_len) ERR_clear_error(); *secret_len = 0; - ctx = EVP_PKEY_CTX_new(own, NULL); + ctx = EVP_PKEY_CTX_new((EVP_PKEY *)own, NULL); if (!ctx) { wpa_printf(MSG_ERROR, "DPP: EVP_PKEY_CTX_new failed: %s", ERR_error_string(ERR_get_error(), NULL)); @@ -904,7 +905,7 @@ int dpp_ecdh(EVP_PKEY *own, EVP_PKEY *peer, u8 *secret, size_t *secret_len) goto fail; } - if (EVP_PKEY_derive_set_peer(ctx, peer) != 1) { + if (EVP_PKEY_derive_set_peer(ctx, (EVP_PKEY *)peer) != 1) { wpa_printf(MSG_ERROR, "DPP: EVP_PKEY_derive_set_peet failed: %s", ERR_error_string(ERR_get_error(), NULL)); @@ -1103,7 +1104,7 @@ int dpp_get_subject_public_key(struct dpp_bootstrap_info *bi, wpa_hexdump(MSG_DEBUG, "DPP: URI subjectPublicKey", pk, ppklen); X509_PUBKEY_free(pub); - bi->pubkey = pkey; + bi->pubkey = (struct crypto_ec_key *)pkey; return 0; fail: X509_PUBKEY_free(pub); @@ -1192,7 +1193,7 @@ fail: } -static int dpp_check_pubkey_match(EVP_PKEY *pub, struct wpabuf *r_hash) +static int dpp_check_pubkey_match(struct crypto_ec_key *pub, struct wpabuf *r_hash) { struct wpabuf *uncomp; int res; @@ -1226,7 +1227,7 @@ static int dpp_check_pubkey_match(EVP_PKEY *pub, struct wpabuf *r_hash) enum dpp_status_error dpp_process_signed_connector(struct dpp_signed_connector_info *info, - EVP_PKEY *csign_pub, const char *connector) + struct crypto_ec_key *csign_pub, const char *connector) { enum dpp_status_error ret = 255; const char *pos, *end, *signed_start, *signed_end; @@ -1245,7 +1246,7 @@ dpp_process_signed_connector(struct dpp_signed_connector_info *info, const EC_GROUP *group; int nid; - eckey = EVP_PKEY_get0_EC_KEY(csign_pub); + eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)csign_pub); if (!eckey) goto fail; group = EC_KEY_get0_group(eckey); @@ -1352,7 +1353,7 @@ dpp_process_signed_connector(struct dpp_signed_connector_info *info, goto fail; ERR_clear_error(); - if (EVP_DigestVerifyInit(md_ctx, NULL, sign_md, NULL, csign_pub) != 1) { + if (EVP_DigestVerifyInit(md_ctx, NULL, sign_md, NULL, (EVP_PKEY *)csign_pub) != 1) { wpa_printf(MSG_DEBUG, "DPP: EVP_DigestVerifyInit failed: %s", ERR_error_string(ERR_get_error(), NULL)); goto fail; @@ -1392,12 +1393,12 @@ dpp_check_signed_connector(struct dpp_signed_connector_info *info, const u8 *peer_connector, size_t peer_connector_len) { const unsigned char *p; - EVP_PKEY *csign = NULL; + struct crypto_ec_key *csign = NULL; char *signed_connector = NULL; enum dpp_status_error res = DPP_STATUS_INVALID_CONNECTOR; p = csign_key; - csign = d2i_PUBKEY(NULL, &p, csign_key_len); + csign = (struct crypto_ec_key *)d2i_PUBKEY(NULL, &p, csign_key_len); if (!csign) { wpa_printf(MSG_ERROR, "DPP: Failed to parse local C-sign-key information"); @@ -1414,7 +1415,7 @@ dpp_check_signed_connector(struct dpp_signed_connector_info *info, res = dpp_process_signed_connector(info, csign, signed_connector); fail: os_free(signed_connector); - EVP_PKEY_free(csign); + crypto_ec_key_deinit(csign); return res; } @@ -1600,7 +1601,7 @@ int dpp_auth_derive_l_responder(struct dpp_authentication *auth) lx = BN_new(); if (!bnctx || !sum || !q || !lx) goto fail; - BI = EVP_PKEY_get0_EC_KEY(auth->peer_bi->pubkey); + BI = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->peer_bi->pubkey); if (!BI) goto fail; BI_point = EC_KEY_get0_public_key(BI); @@ -1608,8 +1609,8 @@ int dpp_auth_derive_l_responder(struct dpp_authentication *auth) if (!group) goto fail; - bR = EVP_PKEY_get0_EC_KEY(auth->own_bi->pubkey); - pR = EVP_PKEY_get0_EC_KEY(auth->own_protocol_key); + bR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->own_bi->pubkey); + pR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->own_protocol_key); if (!bR || !pR) goto fail; bR_bn = EC_KEY_get0_private_key(bR); @@ -1662,14 +1663,14 @@ int dpp_auth_derive_l_initiator(struct dpp_authentication *auth) lx = BN_new(); if (!bnctx || !lx) goto fail; - BR = EVP_PKEY_get0_EC_KEY(auth->peer_bi->pubkey); - PR = EVP_PKEY_get0_EC_KEY(auth->peer_protocol_key); + BR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->peer_bi->pubkey); + PR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->peer_protocol_key); if (!BR || !PR) goto fail; BR_point = EC_KEY_get0_public_key(BR); PR_point = EC_KEY_get0_public_key(PR); - bI = EVP_PKEY_get0_EC_KEY(auth->own_bi->pubkey); + bI = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->own_bi->pubkey); if (!bI) goto fail; group = EC_KEY_get0_group(bI); @@ -1731,7 +1732,7 @@ int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk, unsigned int hash_len) int dpp_derive_pmkid(const struct dpp_curve_params *curve, - EVP_PKEY *own_key, EVP_PKEY *peer_key, u8 *pmkid) + struct crypto_ec_key *own_key, struct crypto_ec_key *peer_key, u8 *pmkid) { struct wpabuf *nkx, *pkx; int ret = -1, res; @@ -1981,13 +1982,13 @@ static const u8 pkex_resp_y_bp_p512r1[64] = { }; -static EVP_PKEY * dpp_pkex_get_role_elem(const struct dpp_curve_params *curve, - int init) +static struct crypto_ec_key * dpp_pkex_get_role_elem(const struct dpp_curve_params *curve, + int init) { EC_GROUP *group; size_t len = curve->prime_len; const u8 *x, *y; - EVP_PKEY *res; + struct crypto_ec_key *res; switch (curve->ike_group) { case 19: @@ -2037,7 +2038,7 @@ EC_POINT * dpp_pkex_derive_Qi(const struct dpp_curve_params *curve, size_t len[3]; unsigned int num_elem = 0; EC_POINT *Qi = NULL; - EVP_PKEY *Pi = NULL; + struct crypto_ec_key *Pi = NULL; const EC_KEY *Pi_ec; const EC_POINT *Pi_point; BIGNUM *hash_bn = NULL; @@ -2070,7 +2071,7 @@ EC_POINT * dpp_pkex_derive_Qi(const struct dpp_curve_params *curve, if (!Pi) goto fail; dpp_debug_print_key("DPP: Pi", Pi); - Pi_ec = EVP_PKEY_get0_EC_KEY(Pi); + Pi_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)Pi); if (!Pi_ec) goto fail; Pi_point = EC_KEY_get0_public_key(Pi_ec); @@ -2096,7 +2097,7 @@ EC_POINT * dpp_pkex_derive_Qi(const struct dpp_curve_params *curve, } dpp_debug_print_point("DPP: Qi", group, Qi); out: - EVP_PKEY_free(Pi); + crypto_ec_key_deinit(Pi); BN_clear_free(hash_bn); if (ret_group && Qi) *ret_group = group2; @@ -2120,7 +2121,7 @@ EC_POINT * dpp_pkex_derive_Qr(const struct dpp_curve_params *curve, size_t len[3]; unsigned int num_elem = 0; EC_POINT *Qr = NULL; - EVP_PKEY *Pr = NULL; + struct crypto_ec_key *Pr = NULL; const EC_KEY *Pr_ec; const EC_POINT *Pr_point; BIGNUM *hash_bn = NULL; @@ -2153,7 +2154,7 @@ EC_POINT * dpp_pkex_derive_Qr(const struct dpp_curve_params *curve, if (!Pr) goto fail; dpp_debug_print_key("DPP: Pr", Pr); - Pr_ec = EVP_PKEY_get0_EC_KEY(Pr); + Pr_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)Pr); if (!Pr_ec) goto fail; Pr_point = EC_KEY_get0_public_key(Pr_ec); @@ -2179,7 +2180,7 @@ EC_POINT * dpp_pkex_derive_Qr(const struct dpp_curve_params *curve, } dpp_debug_print_point("DPP: Qr", group, Qr); out: - EVP_PKEY_free(Pr); + crypto_ec_key_deinit(Pr); BN_clear_free(hash_bn); if (ret_group && Qr) *ret_group = group2; @@ -2258,7 +2259,7 @@ int dpp_reconfig_derive_ke_responder(struct dpp_authentication *auth, struct json_token *peer_net_access_key) { BN_CTX *bnctx = NULL; - EVP_PKEY *own_key = NULL, *peer_key = NULL; + struct crypto_ec_key *own_key = NULL, *peer_key = NULL; BIGNUM *sum = NULL, *q = NULL, *mx = NULL; EC_POINT *m = NULL; const EC_KEY *cR, *pR; @@ -2303,8 +2304,8 @@ int dpp_reconfig_derive_ke_responder(struct dpp_authentication *auth, auth->e_nonce, auth->curve->nonce_len); /* M = { cR + pR } * CI */ - cR = EVP_PKEY_get0_EC_KEY(own_key); - pR = EVP_PKEY_get0_EC_KEY(auth->own_protocol_key); + cR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)own_key); + pR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->own_protocol_key); if (!pR) goto fail; group = EC_KEY_get0_group(pR); @@ -2319,7 +2320,7 @@ int dpp_reconfig_derive_ke_responder(struct dpp_authentication *auth, pR_bn = EC_KEY_get0_private_key(pR); if (!cR_bn || !pR_bn) goto fail; - CI = EVP_PKEY_get0_EC_KEY(peer_key); + CI = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)peer_key); CI_point = EC_KEY_get0_public_key(CI); if (EC_GROUP_get_order(group, q, bnctx) != 1 || BN_mod_add(sum, cR_bn, pR_bn, q, bnctx) != 1 || @@ -2355,7 +2356,7 @@ int dpp_reconfig_derive_ke_responder(struct dpp_authentication *auth, auth->ke, curve->hash_len); res = 0; - EVP_PKEY_free(auth->reconfig_old_protocol_key); + crypto_ec_key_deinit(auth->reconfig_old_protocol_key); auth->reconfig_old_protocol_key = own_key; own_key = NULL; fail: @@ -2365,8 +2366,8 @@ fail: BN_free(q); BN_clear_free(mx); BN_clear_free(sum); - EVP_PKEY_free(own_key); - EVP_PKEY_free(peer_key); + crypto_ec_key_deinit(own_key); + crypto_ec_key_deinit(peer_key); BN_CTX_free(bnctx); return res; } @@ -2377,7 +2378,7 @@ int dpp_reconfig_derive_ke_initiator(struct dpp_authentication *auth, struct json_token *net_access_key) { BN_CTX *bnctx = NULL; - EVP_PKEY *pr = NULL, *peer_key = NULL; + struct crypto_ec_key *pr = NULL, *peer_key = NULL; EC_POINT *sum = NULL, *m = NULL; BIGNUM *mx = NULL; const EC_KEY *cI, *CR, *PR; @@ -2397,7 +2398,7 @@ int dpp_reconfig_derive_ke_initiator(struct dpp_authentication *auth, goto fail; } dpp_debug_print_key("Peer (Responder) Protocol Key", pr); - EVP_PKEY_free(auth->peer_protocol_key); + crypto_ec_key_deinit(auth->peer_protocol_key); auth->peer_protocol_key = pr; pr = NULL; @@ -2413,15 +2414,15 @@ int dpp_reconfig_derive_ke_initiator(struct dpp_authentication *auth, } /* M = cI * { CR + PR } */ - cI = EVP_PKEY_get0_EC_KEY(auth->conf->connector_key); + cI = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->conf->connector_key); cI_bn = EC_KEY_get0_private_key(cI); group = EC_KEY_get0_group(cI); bnctx = BN_CTX_new(); sum = EC_POINT_new(group); m = EC_POINT_new(group); mx = BN_new(); - CR = EVP_PKEY_get0_EC_KEY(peer_key); - PR = EVP_PKEY_get0_EC_KEY(auth->peer_protocol_key); + CR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)peer_key); + PR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->peer_protocol_key); CR_point = EC_KEY_get0_public_key(CR); PR_point = EC_KEY_get0_public_key(PR); if (!bnctx || !sum || !m || !mx || @@ -2456,8 +2457,8 @@ int dpp_reconfig_derive_ke_initiator(struct dpp_authentication *auth, fail: forced_memzero(prk, sizeof(prk)); forced_memzero(Mx, sizeof(Mx)); - EVP_PKEY_free(pr); - EVP_PKEY_free(peer_key); + crypto_ec_key_deinit(pr); + crypto_ec_key_deinit(peer_key); EC_POINT_clear_free(sum); EC_POINT_clear_free(m); BN_clear_free(mx); @@ -2524,7 +2525,7 @@ dpp_build_conn_signature(struct dpp_configurator *conf, goto fail; ERR_clear_error(); - if (EVP_DigestSignInit(md_ctx, NULL, sign_md, NULL, conf->csign) != 1) { + if (EVP_DigestSignInit(md_ctx, NULL, sign_md, NULL, (EVP_PKEY *)conf->csign) != 1) { wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignInit failed: %s", ERR_error_string(ERR_get_error(), NULL)); goto fail; @@ -2618,7 +2619,7 @@ struct dpp_pfs * dpp_pfs_init(const u8 *net_access_key, size_t net_access_key_len) { struct wpabuf *pub = NULL; - EVP_PKEY *own_key; + struct crypto_ec_key *own_key; struct dpp_pfs *pfs; pfs = os_zalloc(sizeof(*pfs)); @@ -2631,7 +2632,7 @@ struct dpp_pfs * dpp_pfs_init(const u8 *net_access_key, wpa_printf(MSG_ERROR, "DPP: Failed to parse own netAccessKey"); goto fail; } - EVP_PKEY_free(own_key); + crypto_ec_key_deinit(own_key); pfs->ecdh = crypto_ecdh_init(pfs->curve->ike_group); if (!pfs->ecdh) @@ -2700,7 +2701,7 @@ struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name) struct wpabuf *buf = NULL; unsigned char *der; int der_len; - EVP_PKEY *key; + struct crypto_ec_key *key; const EVP_MD *sign_md; unsigned int hash_len = auth->curve->hash_len; EC_KEY *eckey; @@ -2716,7 +2717,7 @@ struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name) * a specific group to be used */ key = auth->own_protocol_key; - eckey = EVP_PKEY_get1_EC_KEY(key); + eckey = EVP_PKEY_get1_EC_KEY((EVP_PKEY *)key); if (!eckey) goto fail; der = NULL; @@ -2730,7 +2731,7 @@ struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name) goto fail; req = X509_REQ_new(); - if (!req || !X509_REQ_set_pubkey(req, key)) + if (!req || !X509_REQ_set_pubkey(req, (EVP_PKEY *)key)) goto fail; if (name) { @@ -2780,7 +2781,7 @@ struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name) goto fail; } - if (!X509_REQ_sign(req, key, sign_md)) + if (!X509_REQ_sign(req, (EVP_PKEY *)key, sign_md)) goto fail; der = NULL; @@ -3012,7 +3013,7 @@ struct dpp_reconfig_id * dpp_gen_reconfig_id(const u8 *csign_key, size_t pp_key_len) { const unsigned char *p; - EVP_PKEY *csign = NULL, *ppkey = NULL; + struct crypto_ec_key *csign = NULL, *ppkey = NULL; struct dpp_reconfig_id *id = NULL; BN_CTX *ctx = NULL; BIGNUM *bn = NULL, *q = NULL; @@ -3021,18 +3022,18 @@ struct dpp_reconfig_id * dpp_gen_reconfig_id(const u8 *csign_key, EC_POINT *e_id = NULL; p = csign_key; - csign = d2i_PUBKEY(NULL, &p, csign_key_len); + csign = (struct crypto_ec_key *)d2i_PUBKEY(NULL, &p, csign_key_len); if (!csign) goto fail; if (!pp_key) goto fail; p = pp_key; - ppkey = d2i_PUBKEY(NULL, &p, pp_key_len); + ppkey = (struct crypto_ec_key *)d2i_PUBKEY(NULL, &p, pp_key_len); if (!ppkey) goto fail; - eckey = EVP_PKEY_get0_EC_KEY(csign); + eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)csign); if (!eckey) goto fail; group = EC_KEY_get0_group(eckey); @@ -3063,16 +3064,16 @@ struct dpp_reconfig_id * dpp_gen_reconfig_id(const u8 *csign_key, ppkey = NULL; fail: EC_POINT_free(e_id); - EVP_PKEY_free(csign); - EVP_PKEY_free(ppkey); + crypto_ec_key_deinit(csign); + crypto_ec_key_deinit(ppkey); BN_clear_free(bn); BN_CTX_free(ctx); return id; } -static EVP_PKEY * dpp_pkey_from_point(const EC_GROUP *group, - const EC_POINT *point) +static struct crypto_ec_key * dpp_pkey_from_point(const EC_GROUP *group, + const EC_POINT *point) { EC_KEY *eckey; EVP_PKEY *pkey = NULL; @@ -3098,7 +3099,7 @@ static EVP_PKEY * dpp_pkey_from_point(const EC_GROUP *group, fail: EC_KEY_free(eckey); - return pkey; + return (struct crypto_ec_key *)pkey; } @@ -3111,7 +3112,7 @@ int dpp_update_reconfig_id(struct dpp_reconfig_id *id) const EC_KEY *pp; const EC_POINT *pp_point; - pp = EVP_PKEY_get0_EC_KEY(id->pp_key); + pp = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)id->pp_key); if (!pp) goto fail; pp_point = EC_KEY_get0_public_key(pp); @@ -3135,8 +3136,8 @@ int dpp_update_reconfig_id(struct dpp_reconfig_id *id) dpp_debug_print_point("DPP: Encrypted E-id to E'-id", id->group, e_prime_id); - EVP_PKEY_free(id->a_nonce); - EVP_PKEY_free(id->e_prime_id); + crypto_ec_key_deinit(id->a_nonce); + crypto_ec_key_deinit(id->e_prime_id); id->a_nonce = dpp_pkey_from_point(id->group, a_nonce); id->e_prime_id = dpp_pkey_from_point(id->group, e_prime_id); if (!id->a_nonce || !id->e_prime_id) @@ -3157,17 +3158,17 @@ void dpp_free_reconfig_id(struct dpp_reconfig_id *id) { if (id) { EC_POINT_clear_free(id->e_id); - EVP_PKEY_free(id->csign); - EVP_PKEY_free(id->a_nonce); - EVP_PKEY_free(id->e_prime_id); - EVP_PKEY_free(id->pp_key); + crypto_ec_key_deinit(id->csign); + crypto_ec_key_deinit(id->a_nonce); + crypto_ec_key_deinit(id->e_prime_id); + crypto_ec_key_deinit(id->pp_key); os_free(id); } } -EC_POINT * dpp_decrypt_e_id(EVP_PKEY *ppkey, EVP_PKEY *a_nonce, - EVP_PKEY *e_prime_id) +EC_POINT * dpp_decrypt_e_id(struct crypto_ec_key *ppkey, struct crypto_ec_key *a_nonce, + struct crypto_ec_key *e_prime_id) { const EC_KEY *pp_ec, *a_nonce_ec, *e_prime_id_ec; const BIGNUM *pp_bn; @@ -3180,9 +3181,9 @@ EC_POINT * dpp_decrypt_e_id(EVP_PKEY *ppkey, EVP_PKEY *a_nonce, return NULL; /* E-id = E'-id - s_C * A-NONCE */ - pp_ec = EVP_PKEY_get0_EC_KEY(ppkey); - a_nonce_ec = EVP_PKEY_get0_EC_KEY(a_nonce); - e_prime_id_ec = EVP_PKEY_get0_EC_KEY(e_prime_id); + pp_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)ppkey); + a_nonce_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)a_nonce); + e_prime_id_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)e_prime_id); if (!pp_ec || !a_nonce_ec || !e_prime_id_ec) return NULL; pp_bn = EC_KEY_get0_private_key(pp_ec); diff --git a/src/common/dpp_i.h b/src/common/dpp_i.h index af12467a5..6deb34737 100644 --- a/src/common/dpp_i.h +++ b/src/common/dpp_i.h @@ -37,10 +37,10 @@ struct wpabuf * dpp_build_conn_status(enum dpp_status_error result, struct json_token * dpp_parse_own_connector(const char *own_connector); int dpp_connector_match_groups(struct json_token *own_root, struct json_token *peer_root, bool reconfig); -int dpp_build_jwk(struct wpabuf *buf, const char *name, EVP_PKEY *key, +int dpp_build_jwk(struct wpabuf *buf, const char *name, struct crypto_ec_key *key, const char *kid, const struct dpp_curve_params *curve); -EVP_PKEY * dpp_parse_jwk(struct json_token *jwk, - const struct dpp_curve_params **key_curve); +struct crypto_ec_key * dpp_parse_jwk(struct json_token *jwk, + const struct dpp_curve_params **key_curve); int dpp_prepare_channel_list(struct dpp_authentication *auth, unsigned int neg_freq, struct hostapd_hw_modes *own_modes, u16 num_modes); @@ -65,7 +65,7 @@ struct dpp_signed_connector_info { enum dpp_status_error dpp_process_signed_connector(struct dpp_signed_connector_info *info, - EVP_PKEY *csign_pub, const char *connector); + struct crypto_ec_key *csign_pub, const char *connector); enum dpp_status_error dpp_check_signed_connector(struct dpp_signed_connector_info *info, const u8 *csign_key, size_t csign_key_len, @@ -76,21 +76,22 @@ const struct dpp_curve_params * dpp_get_curve_nid(int nid); const struct dpp_curve_params * dpp_get_curve_ike_group(u16 group); int dpp_bi_pubkey_hash(struct dpp_bootstrap_info *bi, const u8 *data, size_t data_len); -struct wpabuf * dpp_get_pubkey_point(EVP_PKEY *pkey, int prefix); -EVP_PKEY * dpp_set_pubkey_point_group(const EC_GROUP *group, - const u8 *buf_x, const u8 *buf_y, - size_t len); -EVP_PKEY * dpp_set_pubkey_point(EVP_PKEY *group_key, const u8 *buf, size_t len); +struct wpabuf * dpp_get_pubkey_point(struct crypto_ec_key *key, int prefix); +struct crypto_ec_key * dpp_set_pubkey_point_group(const EC_GROUP *group, + const u8 *buf_x, const u8 *buf_y, + size_t len); +struct crypto_ec_key * dpp_set_pubkey_point(struct crypto_ec_key *group_key, + const u8 *buf, size_t len); int dpp_bn2bin_pad(const BIGNUM *bn, u8 *pos, size_t len); int dpp_hkdf_expand(size_t hash_len, const u8 *secret, size_t secret_len, const char *label, u8 *out, size_t outlen); int dpp_hmac_vector(size_t hash_len, const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac); -int dpp_ecdh(EVP_PKEY *own, EVP_PKEY *peer, u8 *secret, size_t *secret_len); +int dpp_ecdh(struct crypto_ec_key *own, struct crypto_ec_key *peer, u8 *secret, size_t *secret_len); void dpp_debug_print_point(const char *title, const EC_GROUP *group, const EC_POINT *point); -void dpp_debug_print_key(const char *title, EVP_PKEY *key); +void dpp_debug_print_key(const char *title, struct crypto_ec_key *key); int dpp_pbkdf2(size_t hash_len, const u8 *password, size_t password_len, const u8 *salt, size_t salt_len, unsigned int iterations, u8 *buf, size_t buflen); @@ -99,9 +100,9 @@ int dpp_get_subject_public_key(struct dpp_bootstrap_info *bi, int dpp_bootstrap_key_hash(struct dpp_bootstrap_info *bi); int dpp_keygen(struct dpp_bootstrap_info *bi, const char *curve, const u8 *privkey, size_t privkey_len); -EVP_PKEY * dpp_set_keypair(const struct dpp_curve_params **curve, - const u8 *privkey, size_t privkey_len); -EVP_PKEY * dpp_gen_keypair(const struct dpp_curve_params *curve); +struct crypto_ec_key * dpp_set_keypair(const struct dpp_curve_params **curve, + const u8 *privkey, size_t privkey_len); +struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve); int dpp_derive_k1(const u8 *Mx, size_t Mx_len, u8 *k1, unsigned int hash_len); int dpp_derive_k2(const u8 *Nx, size_t Nx_len, u8 *k2, unsigned int hash_len); int dpp_derive_bk_ke(struct dpp_authentication *auth); @@ -111,7 +112,7 @@ int dpp_auth_derive_l_responder(struct dpp_authentication *auth); int dpp_auth_derive_l_initiator(struct dpp_authentication *auth); int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk, unsigned int hash_len); int dpp_derive_pmkid(const struct dpp_curve_params *curve, - EVP_PKEY *own_key, EVP_PKEY *peer_key, u8 *pmkid); + struct crypto_ec_key *own_key, struct crypto_ec_key *peer_key, u8 *pmkid); EC_POINT * dpp_pkex_derive_Qi(const struct dpp_curve_params *curve, const u8 *mac_init, const char *code, const char *identifier, BN_CTX *bnctx, @@ -133,8 +134,8 @@ int dpp_reconfig_derive_ke_responder(struct dpp_authentication *auth, int dpp_reconfig_derive_ke_initiator(struct dpp_authentication *auth, const u8 *r_proto, u16 r_proto_len, struct json_token *net_access_key); -EC_POINT * dpp_decrypt_e_id(EVP_PKEY *ppkey, EVP_PKEY *a_nonce, - EVP_PKEY *e_prime_id); +EC_POINT * dpp_decrypt_e_id(struct crypto_ec_key *ppkey, struct crypto_ec_key *a_nonce, + struct crypto_ec_key *e_prime_id); char * dpp_sign_connector(struct dpp_configurator *conf, const struct wpabuf *dppcon); int dpp_test_gen_invalid_key(struct wpabuf *msg, @@ -143,10 +144,10 @@ int dpp_test_gen_invalid_key(struct wpabuf *msg, struct dpp_reconfig_id { const EC_GROUP *group; EC_POINT *e_id; /* E-id */ - EVP_PKEY *csign; - EVP_PKEY *a_nonce; /* A-NONCE */ - EVP_PKEY *e_prime_id; /* E'-id */ - EVP_PKEY *pp_key; + struct crypto_ec_key *csign; + struct crypto_ec_key *a_nonce; /* A-NONCE */ + struct crypto_ec_key *e_prime_id; /* E'-id */ + struct crypto_ec_key *pp_key; }; /* dpp_tcp.c */ diff --git a/src/common/dpp_pkex.c b/src/common/dpp_pkex.c index 807ab7d0a..cde46ac39 100644 --- a/src/common/dpp_pkex.c +++ b/src/common/dpp_pkex.c @@ -86,7 +86,7 @@ static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex) goto fail; /* M = X + Qi */ - X_ec = EVP_PKEY_get0_EC_KEY(pkex->x); + X_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)pkex->x); if (!X_ec) goto fail; X_point = EC_KEY_get0_public_key(X_ec); @@ -477,9 +477,9 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, EC_KEY_set_group(X_ec, group) != 1 || EC_KEY_set_public_key(X_ec, X) != 1) goto fail; - pkex->x = EVP_PKEY_new(); + pkex->x = (struct crypto_ec_key *)EVP_PKEY_new(); if (!pkex->x || - EVP_PKEY_set1_EC_KEY(pkex->x, X_ec) != 1) + EVP_PKEY_set1_EC_KEY((EVP_PKEY *)pkex->x, X_ec) != 1) goto fail; /* Qr = H(MAC-Responder | | [identifier | ] code) * Pr */ @@ -507,7 +507,7 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, goto fail; /* N = Y + Qr */ - Y_ec = EVP_PKEY_get0_EC_KEY(pkex->y); + Y_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)pkex->y); if (!Y_ec) goto fail; Y_point = EC_KEY_get0_public_key(Y_ec); @@ -801,9 +801,9 @@ struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex, EC_KEY_set_group(Y_ec, group) != 1 || EC_KEY_set_public_key(Y_ec, Y) != 1) goto fail; - pkex->y = EVP_PKEY_new(); + pkex->y = (struct crypto_ec_key *)EVP_PKEY_new(); if (!pkex->y || - EVP_PKEY_set1_EC_KEY(pkex->y, Y_ec) != 1) + EVP_PKEY_set1_EC_KEY((EVP_PKEY *)pkex->y, Y_ec) != 1) goto fail; if (dpp_ecdh(pkex->own_bi->pubkey, pkex->y, Jx, &Jx_len) < 0) goto fail; @@ -1315,9 +1315,9 @@ void dpp_pkex_free(struct dpp_pkex *pkex) os_free(pkex->identifier); os_free(pkex->code); - EVP_PKEY_free(pkex->x); - EVP_PKEY_free(pkex->y); - EVP_PKEY_free(pkex->peer_bootstrap_key); + crypto_ec_key_deinit(pkex->x); + crypto_ec_key_deinit(pkex->y); + crypto_ec_key_deinit(pkex->peer_bootstrap_key); wpabuf_free(pkex->exchange_req); wpabuf_free(pkex->exchange_resp); os_free(pkex); diff --git a/src/common/dpp_reconfig.c b/src/common/dpp_reconfig.c index c4a027363..a6959c1bc 100644 --- a/src/common/dpp_reconfig.c +++ b/src/common/dpp_reconfig.c @@ -40,7 +40,7 @@ struct wpabuf * dpp_build_reconfig_announcement(const u8 *csign_key, struct dpp_reconfig_id *id) { struct wpabuf *msg = NULL; - EVP_PKEY *csign = NULL; + struct crypto_ec_key *csign = NULL; const unsigned char *p; struct wpabuf *uncomp; u8 hash[SHA256_MAC_LEN]; @@ -49,7 +49,7 @@ struct wpabuf * dpp_build_reconfig_announcement(const u8 *csign_key, int res; size_t attr_len; const struct dpp_curve_params *own_curve; - EVP_PKEY *own_key; + struct crypto_ec_key *own_key; struct wpabuf *a_nonce = NULL, *e_id = NULL; wpa_printf(MSG_DEBUG, "DPP: Build Reconfig Announcement frame"); @@ -62,7 +62,7 @@ struct wpabuf * dpp_build_reconfig_announcement(const u8 *csign_key, } p = csign_key; - csign = d2i_PUBKEY(NULL, &p, csign_key_len); + csign = (struct crypto_ec_key *)d2i_PUBKEY(NULL, &p, csign_key_len); if (!csign) { wpa_printf(MSG_ERROR, "DPP: Failed to parse local C-sign-key information"); @@ -70,7 +70,7 @@ struct wpabuf * dpp_build_reconfig_announcement(const u8 *csign_key, } uncomp = dpp_get_pubkey_point(csign, 1); - EVP_PKEY_free(csign); + crypto_ec_key_deinit(csign); if (!uncomp) goto fail; addr[0] = wpabuf_head(uncomp); @@ -126,7 +126,7 @@ struct wpabuf * dpp_build_reconfig_announcement(const u8 *csign_key, fail: wpabuf_free(a_nonce); wpabuf_free(e_id); - EVP_PKEY_free(own_key); + crypto_ec_key_deinit(own_key); return msg; } @@ -230,7 +230,7 @@ dpp_reconfig_init(struct dpp_global *dpp, void *msg_ctx, { struct dpp_authentication *auth; const struct dpp_curve_params *curve; - EVP_PKEY *a_nonce, *e_prime_id; + struct crypto_ec_key *a_nonce, *e_prime_id; EC_POINT *e_id; curve = dpp_get_curve_ike_group(group); @@ -260,13 +260,13 @@ dpp_reconfig_init(struct dpp_global *dpp, void *msg_ctx, e_prime_id = dpp_set_pubkey_point(conf->csign, e_id_attr, e_id_len); if (!e_prime_id) { wpa_printf(MSG_INFO, "DPP: Invalid E'-id"); - EVP_PKEY_free(a_nonce); + crypto_ec_key_deinit(a_nonce); return NULL; } dpp_debug_print_key("E'-id", e_prime_id); e_id = dpp_decrypt_e_id(conf->pp_key, a_nonce, e_prime_id); - EVP_PKEY_free(a_nonce); - EVP_PKEY_free(e_prime_id); + crypto_ec_key_deinit(a_nonce); + crypto_ec_key_deinit(e_prime_id); if (!e_id) { wpa_printf(MSG_INFO, "DPP: Could not decrypt E'-id"); return NULL; From patchwork Mon Jun 28 16:25:21 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498046 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Z0XUn8eh; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=nMAp9iTL; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCgV4BnCz9sV8 for ; Tue, 29 Jun 2021 02:27:18 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=wWRbMJDlWnKuG1xv2gRFefJJUGWjs2Q/7SuCHDtTX+0=; b=Z0XUn8ehRu0Dvm bdHO1p2a2a1PkZJ7OyPzyVxcUSI90xj+pMKiNjopw6AXDSJWGQfj5bt+1YtJisoiFB67a08Q8z0pP zZMdFmmlGw7wyHais+eIf+odLhrBEYqIgZjdq6sRkbCAp1bHIEgBouc5McSqWeSTtfzosTWmlMh9S 1o8Zf+74jpjUF7Wew13GP71hpQaEoMFhqK4Mgk6bUh8x+Pf7WOBk8CPXuY5fhHIq8INSZDRqsfMrB ge+rNCtZZ0OPlG7E8tBbB9JyWMHSVOO3KEfj0zXr1Ftx3VWPGm+i8fhtpN/xLaXApl+RFLrgF9KLI uVT4BAVN8WQgyMUtSWcw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5Y-008asD-12; Mon, 28 Jun 2021 16:26:24 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu54-008ad6-6s for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:25:56 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897543; x=1627489543; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=J+0CHroRpwlI2diZAiQq3mr/iNkBrh+VtQMxXr8KNdw=; b=nMAp9iTLIKL1Ugbl2Q9GwUJX9dzbh+/rRJ0Xq4WBU5At53c5lGr7n8f/CwjYgDpp SF8H5rLhQgUOnOYwIIjBoAov2v53WJ/eiXmqsyCRL3lb/F0vD6NyO5WcamwyfV0Y gzP8HqK5m9CjvX+VxMi+4EqNNYJmLj3r7+kUhuYsq+U=; X-AuditID: c3528109-88be570000004490-5c-60d9f8071b57 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 74.2B.17552.708F9D06; Mon, 28 Jun 2021 19:25:43 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:42 +0300 From: Cedric Izoard To: Subject: [PATCH 04/21] dpp: move dpp_gen_keypair to crypto Date: Mon, 28 Jun 2021 18:25:21 +0200 Message-ID: <20210628162538.21067-5-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-6.567800-4.000000-10 X-TMASE-MatchedRID: UXykSdYeHfzuxgR/rG7zeAXGi/7cli9jyzUUPOFFlPQXC9p0ThKQ4XIo zGa69omdrdoLblq9S5p0G37/+fm20A89wZhS+T9M2emAHMEmc++i8D/o42y/SppAWd+xNGm4CX4 fIBw+J7vOG+e9aAIpHiKXS1xmk8yJhgIFnOujvh/fSQNpZkETVOeuWVq1t4kQtXl9IxEPXOppA0 qWfVwWaL1kwk2zC0Cp2bbsWTG1OItUzR/yBHQjZiqwx8x+s5lFeF6MevMVZUCspD1hknFfTp4CI KY/Hg3AGdQnQSTrKGPEQdG7H66TyB5vYIBVaAnAJ/Mf2g0SfdLHqXiYvgIhD3NBX2/vyt5A/pwU 4ZajLep/MRfHB0QUmH7cGd19dSFd X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--6.567800-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: ACEAF158028A998943527984373C92B93C82E8A51D71314D76D43895766F3F7E2000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrJIsWRmVeSWpSXmKPExsVyYIUtty77j5sJBruOslqsfZTmwOixeUl9 AGOUrk1SYklZcGZ6nr6dTUlOsUJxaklJZl66rZKvY6QSUCypsiCxuFi3uCAxV98uQTfj3qMj 7AW/jSpeTH/K0sB4VbOLkZNDQsBEYvXX+YxdjFwcQgJ7GSUW7FrJBuGsYJTY8+Q/K0gVm4CB xNcf85lAbBEBBYnOp9uZQWxhASuJ1efPsYDYLAKqEisnP2AHsXkF7CUuvbnJCLFBXuLZ9Hlg cU4BB4mf+z6DzRQCqjk0awULRL2gxMmZT8BsZgEJiYMvXjBD1KhL7FzTzAIxx0JiT88KJghb XeLj4f/sIIdKCCxmllh3+ReQwwHkKEh8nmEMs/fjhRlQN6hKnJo1lQXm4wW/rkHZERLXlt9n msAoNgvJGbOQnLGAkWkVo2BuRWaOXnJqWaJuSnGBXnJ+7iZGYNwcDmrk3MH4eWn8IUYmDsZD jBIczEoivGJV1xKEeFMSK6tSi/Lji0pzUosPMSYDw2cis5Rocj4wbvNK4g1NzS3NjQwsLMxN Dc2IEDYwNzMxB1LG5iZK4rxpglsThATSE0tSs1NTC1KLYLYwcXCCXMElJVKcmpeSWpRYWpIR D0ol8cXAZCLVwBhr0mzL4rDeeN/lo/tnV92PP914kuet29fJW0r0S+8u9Iu+aFRSWpX49daC /4rRk4x8K5tSnl0LFIiJLUyQe/33jrxfX5T5sgP/5FJzGuS5N4bcbRO9cMKNq4B/x3cGw6hk LesOG/46DQ9bQya5No6kK2tf3jzJcztjV/eBCt13L9eVfA3jUmIpzkg01GIuKk4EANRHa6js AgAA X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092554_524045_1A5E4775 X-CRM114-Status: GOOD ( 14.42 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Move code in dpp_gen_keypair to function crypto_ec_key_gen in crypto.h Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 45 +++ src/crypto/crypto.h | 17 ++++++--- src/crypto/crypto_openssl.c | 72 +++++++++++++++++ [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Move code in dpp_gen_keypair to function crypto_ec_key_gen in crypto.h Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 45 +++-------------------- src/crypto/crypto.h | 17 ++++++--- src/crypto/crypto_openssl.c | 72 +++++++++++++++++++++++++++++++++++++ 3 files changed, 89 insertions(+), 45 deletions(-) diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index bce1473d1..5e4d213ac 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -523,50 +523,15 @@ struct crypto_ec_key * dpp_set_pubkey_point(struct crypto_ec_key *group_key, struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve) { - EVP_PKEY_CTX *kctx = NULL; - EC_KEY *ec_params = NULL; - EVP_PKEY *params = NULL, *key = NULL; - int nid; + struct crypto_ec_key *key; wpa_printf(MSG_DEBUG, "DPP: Generating a keypair"); - nid = OBJ_txt2nid(curve->name); - if (nid == NID_undef) { - wpa_printf(MSG_INFO, "DPP: Unsupported curve %s", curve->name); - return NULL; - } - - ec_params = EC_KEY_new_by_curve_name(nid); - if (!ec_params) { - wpa_printf(MSG_ERROR, - "DPP: Failed to generate EC_KEY parameters"); - goto fail; - } - EC_KEY_set_asn1_flag(ec_params, OPENSSL_EC_NAMED_CURVE); - params = EVP_PKEY_new(); - if (!params || EVP_PKEY_set1_EC_KEY(params, ec_params) != 1) { - wpa_printf(MSG_ERROR, - "DPP: Failed to generate EVP_PKEY parameters"); - goto fail; - } - - kctx = EVP_PKEY_CTX_new(params, NULL); - if (!kctx || - EVP_PKEY_keygen_init(kctx) != 1 || - EVP_PKEY_keygen(kctx, &key) != 1) { - wpa_printf(MSG_ERROR, "DPP: Failed to generate EC key"); - key = NULL; - goto fail; - } + key = crypto_ec_key_gen(curve->ike_group); + if (key && wpa_debug_show_keys) + dpp_debug_print_key("Own generated key", key); - if (wpa_debug_show_keys) - dpp_debug_print_key("Own generated key", (struct crypto_ec_key *)key); - -fail: - EC_KEY_free(ec_params); - EVP_PKEY_free(params); - EVP_PKEY_CTX_free(kctx); - return (struct crypto_ec_key *)key; + return key; } diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index 9f1ff45a3..382b34622 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -994,22 +994,29 @@ struct crypto_ec_key * crypto_ec_key_parse_priv(const u8 *der, size_t der_len); */ struct crypto_ec_key * crypto_ec_key_parse_pub(const u8 *der, size_t der_len); +/** + * crypto_ec_key_gen - Generate EC Key pair + * @group: Identifying number for the ECC group + * Returns: EC key or %NULL on failure + */ +struct crypto_ec_key * crypto_ec_key_gen(int group); + /** * crypto_ec_key_deinit - Free EC Key - * @key: EC key from crypto_ec_key_parse_pub() or crypto_ec_key_parse_priv() + * @key: EC key from crypto_ec_key_parse_pub/priv() or crypto_ec_key_gen() */ void crypto_ec_key_deinit(struct crypto_ec_key *key); /** * crypto_ec_key_get_subject_public_key - Get SubjectPublicKeyInfo ASN.1 for a EC key - * @key: EC key from crypto_ec_key_parse_pub() or crypto_ec_key_parse_priv() + * @key: EC key from crypto_ec_key_parse_pub/priv() or crypto_ec_key_gen() * Returns: Buffer with DER encoding of ASN.1 SubjectPublicKeyInfo or %NULL on failure */ struct wpabuf * crypto_ec_key_get_subject_public_key(struct crypto_ec_key *key); /** * crypto_ec_key_sign - Sign a buffer with an EC key - * @key: EC key from crypto_ec_key_parse_priv() + * @key: EC key from crypto_ec_key_parse_priv() or crypto_ec_key_gen() * @data: Data to sign * @len: Length of @data buffer * Returns: Buffer with DER encoding of ASN.1 Ecdsa-Sig-Value or %NULL on failure @@ -1019,7 +1026,7 @@ struct wpabuf * crypto_ec_key_sign(struct crypto_ec_key *key, const u8 *data, /** * crypto_ec_key_verify_signature - Verify signature - * @key: EC key from crypto_ec_key_parse_pub() + * @key: EC key from crypto_ec_key_parse_pub() or crypto_ec_key_gen() * @data: Data to signed * @len: Length of @data buffer * @sig: DER encoding of ASN.1 Ecdsa-Sig-Value @@ -1031,7 +1038,7 @@ int crypto_ec_key_verify_signature(struct crypto_ec_key *key, const u8 *data, /** * crypto_ec_key_group - Get IANA group identifier for an EC key - * @key: EC key from crypto_ec_key_parse_pub() or crypto_ec_key_parse_priv() + * @key: EC key from crypto_ec_key_parse_pub/priv() or crypto_ec_key_gen() * Returns: IANA group identifier and -1 on failure */ int crypto_ec_key_group(struct crypto_ec_key *key); diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 404339451..648c1cbf6 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -2235,6 +2235,78 @@ fail: } +static int crypto_ec_group_2_nid(int group) +{ + switch (group) { + case 19: + return NID_X9_62_prime256v1; + case 20: + return NID_secp384r1; + case 21: + return NID_secp521r1; + case 28: + return NID_brainpoolP256r1; + case 29: + return NID_brainpoolP384r1; + case 30: + return NID_brainpoolP512r1; + default: + return -1; + } +} + + +struct crypto_ec_key * crypto_ec_key_gen(int group) +{ + EVP_PKEY_CTX *kctx = NULL; + EC_KEY *ec_params = NULL, *eckey = NULL; + EVP_PKEY *params = NULL, *key = NULL; + int nid; + + nid = crypto_ec_group_2_nid(group); + if (nid < 0) { + wpa_printf(MSG_ERROR, "Unsupported group %d", group); + return NULL; + } + + ec_params = EC_KEY_new_by_curve_name(nid); + if (!ec_params) { + wpa_printf(MSG_ERROR, + "OpenSSL: Failed to generate EC_KEY parameters"); + goto fail; + } + EC_KEY_set_asn1_flag(ec_params, OPENSSL_EC_NAMED_CURVE); + params = EVP_PKEY_new(); + if (!params || EVP_PKEY_set1_EC_KEY(params, ec_params) != 1) { + wpa_printf(MSG_ERROR, + "OpenSSL: Failed to generate EVP_PKEY parameters"); + goto fail; + } + + kctx = EVP_PKEY_CTX_new(params, NULL); + if (!kctx || + EVP_PKEY_keygen_init(kctx) != 1 || + EVP_PKEY_keygen(kctx, &key) != 1) { + wpa_printf(MSG_ERROR, "OpenSSL: Failed to generate EC key"); + key = NULL; + goto fail; + } + + eckey = EVP_PKEY_get0_EC_KEY(key); + if (!eckey) { + key = NULL; + goto fail; + } + EC_KEY_set_conv_form(eckey, POINT_CONVERSION_COMPRESSED); + +fail: + EC_KEY_free(ec_params); + EVP_PKEY_free(params); + EVP_PKEY_CTX_free(kctx); + return (struct crypto_ec_key *)key; +} + + void crypto_ec_key_deinit(struct crypto_ec_key *key) { if (key) { From patchwork Mon Jun 28 16:25:22 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498047 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Sfx7x4E2; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=MkbGF8Bf; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCgm5fLzz9sTD for ; Tue, 29 Jun 2021 02:27:32 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=wsYtSIH7LvxOrogBjz/3JDUJVuXFx87+XpD3favNhvY=; b=Sfx7x4E2L1TVAA vfFvs//WbPXDz8dy29f79d7y/mJl8StlEHXQ31lFu8ULDSZxUhBAlyWD+jwqKBHSz42BwJKdpD4iv HnMpE2yu+BK7OaZuasqTxU0qaRTvOxuiqU4ygEkh5PINZIM/S2gGrQQn8YDQRmCk9zzclOEKwZ0bL gOzZOl5o98K8qjxUjiyrFeyVNRGSx0r0sXxQxXm2Oq5lbSZCgRMIJx330tSjbOqwMQu+7flp6MStS fqUsHC/ETaTzV0UPTQylNZJBlNpuZjYOT7JAm4vMPJHlqa+b0QaxevSuEsHsawGkYCdueJm3AWwAw g4Svh8Rr/eZfea7wJGcg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5h-008aub-EY; Mon, 28 Jun 2021 16:26:33 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu54-008ad7-4e for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:25:57 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897543; x=1627489543; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=pxm7AylaoVCApF1RzU+RoRR5ZLoN+oic2jnPxVXP7F8=; b=MkbGF8BfLTanRJBwEStOn55liIsOogHk3X+yEfibARSgCzskehQidwSd4/pfl7FM 17DXjzWKqHy8G8cn9hKVZbZaPU1SiWyHrCmQmTArAJl68BemjHsGdko0NNnDhPBq kzBlv33W40yX0aEg8Rf5guQMvMBHWb9G6/DalSCqXXE=; X-AuditID: c3528109-8b7e670000004490-5d-60d9f807a492 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 94.2B.17552.708F9D06; Mon, 28 Jun 2021 19:25:43 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:42 +0300 From: Cedric Izoard To: CC: Cedric Izoard Subject: [PATCH 05/21] dpp: factorize conversion to ASN.1 ECPrivateKey Date: Mon, 28 Jun 2021 18:25:22 +0200 Message-ID: <20210628162538.21067-6-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-10.923700-4.000000-10 X-TMASE-MatchedRID: +uyMK6E0aZbsNB4Br8jEBaoXHZz/dXlxTEFC0zV7bKQK5I+5JVbn7gSm xbURm6nxOINY3OUapTCOeg0p3aVV5yHhSBQfglfsA9lly13c/gHYuVu0X/rOkL54YCapH5tAPWK 4LjUFUKj5SmmMVQiasA7mOhsG9JpUKXGXWv7oGojfSQNpZkETVOdppbZRNp/I+32SXw3QiFxvGS JtubGn7Qd7GuznE/712XvsFHo+cIe4L3c1WFAPYmcFLmTtdgGFGwKs3RUcsbjZu9hmqv3lCiRgn Dm4o8k9vs75gcY5ey7wgcF0qRlZAtkPVp3JBnY+2emAHMEmc+/AmOfzKotTojGQt2RbsLmqGn9b P0jZ6LwIHarpPzq727JaBvZ53XBk/0dTUjHNqgmHgJ7XaDMQWuuLFZZYlisfHxPMjOKY7A8Lbig RnpKlKTpcQTtiHDgWlGscSb7NgxGShaPcvNaplSV0VWTNHaszr4hE1CM90tGu4r+DRBqXkw== X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--10.923700-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 8D69E9231222ACC12114628416023E3F617D1F0F740B53AA5EAD30B6595B33142000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrLIsWRmVeSWpSXmKPExsVyYIUtty77j5sJBku26lj8nT2ZyWLtozQH Jo9z7yczeWxeUh/AFKVrk5RYUhacmZ6nb2dTklOsUJxaUpKZl26r5OsYqQQUS6osSCwu1i0u SMzVt0vQzdh7aClbwUSPiqnbtjE3MO6x7mLk5JAQMJE4v38nUxcjF4eQwF5GiQ9b+6GcFYwS e578ZwWpYhMwkPj6Yz4TiC0ioCDR+XQ7M4jNLKArcWtKCyOILSzgJvGr9RxLFyMHB4uAqsTT Q/UgYV4Be4mu9nmsEMvkJZ5Nn8cOYnMKOEj83PcZLC4EVHNo1goWiHpBiZMzn7BAjJeQOPji BTNEjbrEzjXNLBBzLCT29KxggrA1JE53T2EEuVlCYB6LxIQJx5lBbpAAuvPzDGOYvR8vzGCE sNUkPm3axQrz/IJf11ggyiMk3t6zn8AoPgvJFbOQXLGAkWkVo2BuRWaOXnJqWaJuSnGBXnJ+ 7iZGYHwdDmrk3MH4eWn8IUYmDsZDjBIczEoivGJV1xKEeFMSK6tSi/Lji0pzUosPMSYDQ2ci s5Rocj4wvvNK4g1NzS3NjQwsLMxNDc2IEDYwNzMxB1LG5iZK4rxpglsThATSE0tSs1NTC1KL YLYwcXCCXMElJVKcmpeSWpRYWpIRD0ov8cXABCPVwFi2wPyWZuWnI2l7WFR0vXZ+Sbgmp/WL w5fX9t3+sBULgrst0yMul390Vipnz5TUSHty+2Vh5/QyruupW6r89nrcS52x4NqM/yIHcxJM pu3Y6mDA+olR3ihjWdKu6F8Ogax/IwJuPLy8zmwG/xXdbCOntY0fy20+O3xI+RTyImV1+fE7 E2TrnyuxFGckGmoxFxUnAgBNZIhoAAMAAA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092554_479680_5445D5C0 X-CRM114-Status: GOOD ( 19.83 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Cedric Izoard Add crypto_ec_key_get_ecprivate_key function in crypto.h and use it when possible in DPP code. This function convert a struct crypto_ec_key into a DER encoded ASN.1 ECPrivateKey. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Cedric Izoard Add crypto_ec_key_get_ecprivate_key function in crypto.h and use it when possible in DPP code. This function convert a struct crypto_ec_key into a DER encoded ASN.1 ECPrivateKey. Signed-off-by: Cedric Izoard --- src/common/dpp.c | 34 ++++++++++-------------------- src/common/dpp_backup.c | 42 ++++--------------------------------- src/common/dpp_crypto.c | 37 +++++++++++++------------------- src/crypto/crypto.h | 9 ++++++++ src/crypto/crypto_openssl.c | 29 +++++++++++++++++++++++++ 5 files changed, 67 insertions(+), 84 deletions(-) diff --git a/src/common/dpp.c b/src/common/dpp.c index 14783ba74..f85eb2d4d 100644 --- a/src/common/dpp.c +++ b/src/common/dpp.c @@ -2446,9 +2446,7 @@ static void dpp_copy_ppkey(struct dpp_config_obj *conf, struct crypto_ec_key *pp static void dpp_copy_netaccesskey(struct dpp_authentication *auth, struct dpp_config_obj *conf) { - unsigned char *der = NULL; - int der_len; - EC_KEY *eckey; + struct wpabuf *net_access_key; struct crypto_ec_key *own_key; own_key = auth->own_protocol_key; @@ -2457,19 +2455,13 @@ static void dpp_copy_netaccesskey(struct dpp_authentication *auth, auth->reconfig_old_protocol_key) own_key = auth->reconfig_old_protocol_key; #endif /* CONFIG_DPP2 */ - eckey = EVP_PKEY_get1_EC_KEY((EVP_PKEY *)own_key); - if (!eckey) - return; - der_len = i2d_ECPrivateKey(eckey, &der); - if (der_len <= 0) { - EC_KEY_free(eckey); + net_access_key = crypto_ec_key_get_ecprivate_key(own_key, true); + if (!net_access_key) return; - } + wpabuf_free(auth->net_access_key); - auth->net_access_key = wpabuf_alloc_copy(der, der_len); - OPENSSL_free(der); - EC_KEY_free(eckey); + auth->net_access_key = net_access_key; } @@ -3406,23 +3398,19 @@ void dpp_configurator_free(struct dpp_configurator *conf) int dpp_configurator_get_key(const struct dpp_configurator *conf, char *buf, size_t buflen) { - EC_KEY *eckey; - int key_len, ret = -1; - unsigned char *key = NULL; + struct wpabuf *key; + int ret = -1; if (!conf->csign) return -1; - eckey = EVP_PKEY_get1_EC_KEY((EVP_PKEY *)conf->csign); - if (!eckey) + key = crypto_ec_key_get_ecprivate_key(conf->csign, true); + if (!key) return -1; - key_len = i2d_ECPrivateKey(eckey, &key); - if (key_len > 0) - ret = wpa_snprintf_hex(buf, buflen, key, key_len); + ret = wpa_snprintf_hex(buf, buflen, wpabuf_head(key), wpabuf_len(key)); - EC_KEY_free(eckey); - OPENSSL_free(key); + wpabuf_clear_free(key); return ret; } diff --git a/src/common/dpp_backup.c b/src/common/dpp_backup.c index 1e03e0fb9..65fe12afc 100644 --- a/src/common/dpp_backup.c +++ b/src/common/dpp_backup.c @@ -19,21 +19,6 @@ #ifdef CONFIG_DPP2 -#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ - (defined(LIBRESSL_VERSION_NUMBER) && \ - LIBRESSL_VERSION_NUMBER < 0x20700000L) -/* Compatibility wrappers for older versions. */ - -static EC_KEY * EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) -{ - if (pkey->type != EVP_PKEY_EC) - return NULL; - return pkey->pkey.ec; -} - -#endif - - void dpp_free_asymmetric_key(struct dpp_asymmetric_key *key) { while (key) { @@ -56,23 +41,13 @@ static struct wpabuf * dpp_build_conf_params(struct dpp_configurator *conf) /* TODO: proper template values */ const char *conf_template = "{\"wi-fi_tech\":\"infra\",\"discovery\":{\"ssid\":\"test\"},\"cred\":{\"akm\":\"dpp\"}}"; const char *connector_template = NULL; - EC_KEY *eckey; - unsigned char *der = NULL; - int der_len; if (!conf->pp_key) return NULL; - eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)conf->pp_key); - if (!eckey) - return NULL; - EC_KEY_set_enc_flags(eckey, EC_PKEY_NO_PUBKEY); - der_len = i2d_ECPrivateKey(eckey, &der); - if (der_len > 0) - priv_key = wpabuf_alloc_copy(der, der_len); - OPENSSL_free(der); + priv_key = crypto_ec_key_get_ecprivate_key(conf->pp_key, false); if (!priv_key) - goto fail; + return NULL; len = 100 + os_strlen(conf_template); if (connector_template) @@ -178,20 +153,11 @@ static struct wpabuf * dpp_build_key_alg(const struct dpp_curve_params *curve) static struct wpabuf * dpp_build_key_pkg(struct dpp_authentication *auth) { struct wpabuf *key = NULL, *attr, *alg, *priv_key = NULL; - EC_KEY *eckey; - unsigned char *der = NULL; - int der_len; - eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->conf->csign); - if (!eckey) + priv_key = crypto_ec_key_get_ecprivate_key(auth->conf->csign, false); + if (!priv_key) return NULL; - EC_KEY_set_enc_flags(eckey, EC_PKEY_NO_PUBKEY); - der_len = i2d_ECPrivateKey(eckey, &der); - if (der_len > 0) - priv_key = wpabuf_alloc_copy(der, der_len); - OPENSSL_free(der); - alg = dpp_build_key_alg(auth->conf->curve); /* Attributes ::= SET OF Attribute { { OneAsymmetricKeyAttributes } } */ diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 5e4d213ac..222d15368 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -183,8 +183,7 @@ void dpp_debug_print_key(const char *title, struct crypto_ec_key *key) size_t rlen; char *txt; int res; - unsigned char *der = NULL; - int der_len; + struct wpabuf *der = NULL; const EC_GROUP *group; const EC_POINT *point; @@ -214,19 +213,18 @@ void dpp_debug_print_key(const char *title, struct crypto_ec_key *key) if (group && point) dpp_debug_print_point(title, group, point); - der_len = i2d_ECPrivateKey(eckey, &der); - if (der_len > 0) - wpa_hexdump_key(MSG_DEBUG, "DPP: ECPrivateKey", der, der_len); - OPENSSL_free(der); - if (der_len <= 0) { - der = NULL; - der_len = i2d_EC_PUBKEY(eckey, &der); - if (der_len > 0) - wpa_hexdump(MSG_DEBUG, "DPP: EC_PUBKEY", der, der_len); - OPENSSL_free(der); + der = crypto_ec_key_get_ecprivate_key(key, true); + if (der) { + wpa_hexdump_buf_key(MSG_DEBUG, "DPP: ECPrivateKey", der); + } else { + der = crypto_ec_key_get_subject_public_key(key); + if (der) { + wpa_hexdump_buf_key(MSG_DEBUG, "DPP: EC_PUBKEY", der); + } } EC_KEY_free(eckey); + wpabuf_clear_free(der); } @@ -2669,7 +2667,7 @@ struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name) struct crypto_ec_key *key; const EVP_MD *sign_md; unsigned int hash_len = auth->curve->hash_len; - EC_KEY *eckey; + struct wpabuf * priv_key; BIO *out = NULL; u8 cp[DPP_CP_LEN]; char *password; @@ -2682,18 +2680,11 @@ struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name) * a specific group to be used */ key = auth->own_protocol_key; - eckey = EVP_PKEY_get1_EC_KEY((EVP_PKEY *)key); - if (!eckey) - goto fail; - der = NULL; - der_len = i2d_ECPrivateKey(eckey, &der); - if (der_len <= 0) + priv_key = crypto_ec_key_get_ecprivate_key(key, true); + if (!priv_key) goto fail; wpabuf_free(auth->priv_key); - auth->priv_key = wpabuf_alloc_copy(der, der_len); - OPENSSL_free(der); - if (!auth->priv_key) - goto fail; + auth->priv_key = priv_key; req = X509_REQ_new(); if (!req || !X509_REQ_set_pubkey(req, (EVP_PKEY *)key)) diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index 382b34622..b4e3ae530 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -1014,6 +1014,15 @@ void crypto_ec_key_deinit(struct crypto_ec_key *key); */ struct wpabuf * crypto_ec_key_get_subject_public_key(struct crypto_ec_key *key); +/** + * crypto_ec_key_get_ecprivate_key - Get ECPrivateKey ASN.1 for a EC key + * @key: EC key from crypto_ec_key_parse_priv() or crypto_ec_key_gen() + * @include_pub: Whether to include public key in the ASN.1 sequence + * Returns: Buffer with DER encoding of ASN.1 ECPrivateKey or %NULL on failure + */ +struct wpabuf * crypto_ec_key_get_ecprivate_key(struct crypto_ec_key *key, + bool include_pub); + /** * crypto_ec_key_sign - Sign a buffer with an EC key * @key: EC key from crypto_ec_key_parse_priv() or crypto_ec_key_gen() diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 648c1cbf6..a10746f41 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -2334,6 +2334,35 @@ struct wpabuf * crypto_ec_key_get_subject_public_key(struct crypto_ec_key *key) } +struct wpabuf * crypto_ec_key_get_ecprivate_key(struct crypto_ec_key *key, + bool include_pub) +{ + EC_KEY *eckey = NULL; + unsigned char *der = NULL; + int der_len; + struct wpabuf *buf; + + eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)key); + if (!eckey) + return NULL; + + if (include_pub) + EC_KEY_clear_flags(eckey, EC_PKEY_NO_PUBKEY); + else + EC_KEY_set_enc_flags(eckey, EC_PKEY_NO_PUBKEY); + + EC_KEY_set_conv_form(eckey, POINT_CONVERSION_UNCOMPRESSED); + + der_len = i2d_ECPrivateKey(eckey, &der); + if (der_len <= 0) { + return NULL; + } + buf = wpabuf_alloc_copy(der, der_len); + OPENSSL_free(der); + return buf; +} + + struct wpabuf * crypto_ec_key_sign(struct crypto_ec_key *key, const u8 *data, size_t len) { From patchwork Mon Jun 28 16:25:23 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498048 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=abrxixej; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=GYceNQ+D; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCgw2Pfbz9sVm for ; Tue, 29 Jun 2021 02:27:40 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=sy5Ecqa3op5ejSL8u6f1TSun7Tw15P1GVMHztqLrV4w=; b=abrxixejo6QJ2v AhyQ6ICOelQb4BnJtcUCBCRCIev7tmVsG+Uy98nr6xhoULrZYUBGXlcLQbsABnAdkt1CmLmDdOVWp oo8G74NZWYtPpObUUgUS5ibdeZ3Ziw9Mx46zVQerPpvWOse1BGo2mSSYbIf9C9U6yB0IeH9OuOJlE fmdguFkL+RTCTpN+puVTF2WB+Z4nXpQhYobik6LfK8bthxwlFANiwJq1IocMAPiYZqtkipYZcbJ3Y hTKX8AtxKmG9w620++8hJFF8KM2mNFOiJL5hjDTXosK6gMzuTCLK8EM34Kt8yRgbXa+dZeOBHtWSL nJRFPH9cM3tsS3gPymRg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5w-008azm-HZ; Mon, 28 Jun 2021 16:26:48 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu54-008ae6-7o for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:25:57 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897544; x=1627489544; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=I10n/xlA9wQhsMiVt2Fpc3AirXhaSqSWSLh3dsFgP2U=; b=GYceNQ+DJqmB2tg2mYsRByPo0wDjK2YxLB72d9ab0W99JYiSDfKQGlJ8M5FMvL/t hWn++BDDpm2VJEV1MS0I8Xn0ngoEINd4Xx6jLLs1PnVvTKl2GZY0BuBsdahBM2Ed obJwc/VZKe2+UqffNtp/HW2yioaAZXWo4cZUV4ACbSs=; X-AuditID: c3528109-88be570000004490-5e-60d9f8081028 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id C4.2B.17552.808F9D06; Mon, 28 Jun 2021 19:25:44 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:43 +0300 From: Cedric Izoard To: CC: Cedric Izoard Subject: [PATCH 06/21] dpp: replace dpp_get_pubkey_point by crypto_ec_key_get_pubkey_point Date: Mon, 28 Jun 2021 18:25:23 +0200 Message-ID: <20210628162538.21067-7-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-2.213100-4.000000-10 X-TMASE-MatchedRID: poSTi58SzKtT5a+Wn1rTVCtPpXoicS5XL5yduZDCCtsagfsCivbmXsAS M1FbRaAiWJBPIRIrBsiksL2fcFONAgWfTEzQ7G2Dqoeab9Xgz88/pOSL72dTfwdkFovAReUoilv Ab18i4hNUwW7PgHVbu0HtWmMdQdMepoPHQXywp1dv+ggm5QAi4cZOdGp4I13mMbjv12PWhceY9g /Nz1T3KcbjakaCx8WcggUwOOvxPAyGAgWc66O+HxIRh9wkXSlFBGvINcfHqhdXy6SPHzrw7jWkY ENtLDMiJ+bWdZimLglW0uvYp1udEr2Px8mW2XSIy8sslW+MX/QlRO0keKqPA7cUPn6Cjg136lAF /EjwbcL0XZfvUmzWnNS1+cCqMAMdvfadVsSXb6d+NQIFduF53zKEtjy6tQe+AI4sP5ySAofUizk a+GYZvJNSkwOF2oAfU32ocjJ3j+JUaz8ayo4K5tMJkd+MUUHPs1iit/WPtjD8Js19y6otgFV2zf PCCri0uYsz6JKjGMDyOarmxuVJ+xSHrTqtvqVQhMGTNuQTHbMOPnuq/BcU75cFdomgH0lnFEUkn J/kEl7dB/CxWTRRuzBqYATSOgWjnK3lmsWzkGVl7b+LnsTt0+k64z2JjJyY0Ie3mGQ2vMZvJPLO xtS0L521ewVo4GK7kZpS2J2OVhqnA0fsQufNuyt871encpHZXCkStwzPypokBnZdbUCO7dP+R0M b1QdVNPmhoVMfCdo+H8FKF7ACmH7cGd19dSFd X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--2.213100-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: DFAA75F7DFC6EBABA68A01A1DF9B14A528E57A5038BDAB8015AF963A9169A8662000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrHIsWRmVeSWpSXmKPExsVyYIUtty7Hj5sJBn8eylj8nT2ZyWLtozQH Jo9z7yczeWxeUh/AFKVrk5RYUhacmZ6nb2dTklOsUJxaUpKZl26r5OsYqQQUS6osSCwu1i0u SMzVt0vQzThy/gFTwaFexoqLnQ9YGxgfF3UxcnJICJhIXJm3l7GLkYtDSGAvo8S0Bz0sEM4K Ronuxj2sIFVsAgYSX3/MZwKxRQQUJDqfbmcGsZkFdCVuTWlhBLGFBaIk+vd3g9WwCKhKrLi3 n62LkYODV8BeYkULE8QyeYln0+exg9icAg4SP/d9BhsvBFRyaNYKFhCbV0BQ4uTMJywQ4yUk Dr54wQxRoy6xc00zC8QcC4k9PSuYQMZLAMV7dgiAnCwhsIlN4lDHZUaIuILE5xnGMGs/XpjB CGGrSnz6d48F5vcFv65B2RESR6bcZ57AKD4LyRWzkFyxgJFpFaNgbkVmjl5yalmibkpxgV5y fu4mRmCEHQ5q5NzB+Hlp/CFGJg7GQ4wSHMxKIrxiVdcShHhTEiurUovy44tKc1KLDzEmA0Nn IrOUaHI+MMLzSuINTc0tzY0MLCzMTQ3NiBA2MDczMQdSxuYmSuK8aYJbE4QE0hNLUrNTUwtS i2C2MHFwglzBJSVSnJqXklqUWFqSEQ9KMPHFwBQj1cDIMMPIKPwxs4H7y/X+hyfLiO4K68kM XXz4yubl4TLyS+IsykOmR+meWmZaFrXz7SP/F7tcXfb/3hP4Kiw9UYFhvehqhttvpjF+FDPq OmorsGLWvK8XD7248YLVnK/uiUnYx1UyO16vsXwdrl7jKdrW5pfEdujD6ZBqc9mChVPSDcue GouEqUQosRRnJBpqMRcVJwIAjL8MAgEDAAA= X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092554_766290_22BBF134 X-CRM114-Status: GOOD ( 13.25 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Cedric Izoard Move code of dpp_get_pubkey_point to a crypto lib specific function crypto_ec_key_get_pubkey_point. Also complete crypto_ec_key_group with brainpool curves. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Cedric Izoard Move code of dpp_get_pubkey_point to a crypto lib specific function crypto_ec_key_get_pubkey_point. Also complete crypto_ec_key_group with brainpool curves. Signed-off-by: Cedric Izoard --- src/common/dpp.c | 4 +- src/common/dpp_auth.c | 4 +- src/common/dpp_crypto.c | 85 +++++++++---------------------------- src/common/dpp_i.h | 1 - src/common/dpp_pkex.c | 20 ++++----- src/common/dpp_reconfig.c | 8 ++-- src/crypto/crypto.h | 9 ++++ src/crypto/crypto_openssl.c | 57 ++++++++++++++++++++++++- tests/hwsim/test_dpp.py | 20 ++++----- 9 files changed, 112 insertions(+), 96 deletions(-) diff --git a/src/common/dpp.c b/src/common/dpp.c index f85eb2d4d..a2a686211 100644 --- a/src/common/dpp.c +++ b/src/common/dpp.c @@ -1367,7 +1367,7 @@ int dpp_build_jwk(struct wpabuf *buf, const char *name, struct crypto_ec_key *ke const u8 *pos; int ret = -1; - pub = dpp_get_pubkey_point(key, 0); + pub = crypto_ec_key_get_pubkey_point(key, 0); if (!pub) goto fail; @@ -3422,7 +3422,7 @@ static int dpp_configurator_gen_kid(struct dpp_configurator *conf) size_t len[1]; int res; - csign_pub = dpp_get_pubkey_point(conf->csign, 1); + csign_pub = crypto_ec_key_get_pubkey_point(conf->csign, 1); if (!csign_pub) { wpa_printf(MSG_INFO, "DPP: Failed to extract C-sign-key"); return -1; diff --git a/src/common/dpp_auth.c b/src/common/dpp_auth.c index 6c8ea8dc7..2f5f47459 100644 --- a/src/common/dpp_auth.c +++ b/src/common/dpp_auth.c @@ -475,7 +475,7 @@ static int dpp_auth_build_resp_ok(struct dpp_authentication *auth) if (!auth->own_protocol_key) goto fail; - pr = dpp_get_pubkey_point(auth->own_protocol_key, 0); + pr = crypto_ec_key_get_pubkey_point(auth->own_protocol_key, 0); if (!pr) goto fail; @@ -1235,7 +1235,7 @@ struct dpp_authentication * dpp_auth_init(struct dpp_global *dpp, void *msg_ctx, if (!auth->own_protocol_key) goto fail; - pi = dpp_get_pubkey_point(auth->own_protocol_key, 0); + pi = crypto_ec_key_get_pubkey_point(auth->own_protocol_key, 0); if (!pi) goto fail; diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 222d15368..5e7cd76ea 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -375,53 +375,6 @@ int dpp_bn2bin_pad(const BIGNUM *bn, u8 *pos, size_t len) } -struct wpabuf * dpp_get_pubkey_point(struct crypto_ec_key *key, int prefix) -{ - int len, res; - EC_KEY *eckey; - struct wpabuf *buf; - unsigned char *pos; - - eckey = EVP_PKEY_get1_EC_KEY((EVP_PKEY *)key); - if (!eckey) - return NULL; - EC_KEY_set_conv_form(eckey, POINT_CONVERSION_UNCOMPRESSED); - len = i2o_ECPublicKey(eckey, NULL); - if (len <= 0) { - wpa_printf(MSG_ERROR, - "DDP: Failed to determine public key encoding length"); - EC_KEY_free(eckey); - return NULL; - } - - buf = wpabuf_alloc(len); - if (!buf) { - EC_KEY_free(eckey); - return NULL; - } - - pos = wpabuf_put(buf, len); - res = i2o_ECPublicKey(eckey, &pos); - EC_KEY_free(eckey); - if (res != len) { - wpa_printf(MSG_ERROR, - "DDP: Failed to encode public key (res=%d/%d)", - res, len); - wpabuf_free(buf); - return NULL; - } - - if (!prefix) { - /* Remove 0x04 prefix to match DPP definition */ - pos = wpabuf_mhead(buf); - os_memmove(pos, pos + 1, len - 1); - buf->used--; - } - - return buf; -} - - struct crypto_ec_key * dpp_set_pubkey_point_group(const EC_GROUP *group, const u8 *buf_x, const u8 *buf_y, size_t len) @@ -1166,7 +1119,7 @@ static int dpp_check_pubkey_match(struct crypto_ec_key *pub, struct wpabuf *r_ha if (wpabuf_len(r_hash) != SHA256_MAC_LEN) return -1; - uncomp = dpp_get_pubkey_point(pub, 1); + uncomp = crypto_ec_key_get_pubkey_point(pub, 1); if (!uncomp) return -1; addr[0] = wpabuf_head(uncomp); @@ -1397,21 +1350,21 @@ int dpp_gen_r_auth(struct dpp_authentication *auth, u8 *r_auth) nonce_len = auth->curve->nonce_len; if (auth->initiator) { - pix = dpp_get_pubkey_point(auth->own_protocol_key, 0); - prx = dpp_get_pubkey_point(auth->peer_protocol_key, 0); + pix = crypto_ec_key_get_pubkey_point(auth->own_protocol_key, 0); + prx = crypto_ec_key_get_pubkey_point(auth->peer_protocol_key, 0); if (auth->own_bi) - bix = dpp_get_pubkey_point(auth->own_bi->pubkey, 0); + bix = crypto_ec_key_get_pubkey_point(auth->own_bi->pubkey, 0); else bix = NULL; - brx = dpp_get_pubkey_point(auth->peer_bi->pubkey, 0); + brx = crypto_ec_key_get_pubkey_point(auth->peer_bi->pubkey, 0); } else { - pix = dpp_get_pubkey_point(auth->peer_protocol_key, 0); - prx = dpp_get_pubkey_point(auth->own_protocol_key, 0); + pix = crypto_ec_key_get_pubkey_point(auth->peer_protocol_key, 0); + prx = crypto_ec_key_get_pubkey_point(auth->own_protocol_key, 0); if (auth->peer_bi) - bix = dpp_get_pubkey_point(auth->peer_bi->pubkey, 0); + bix = crypto_ec_key_get_pubkey_point(auth->peer_bi->pubkey, 0); else bix = NULL; - brx = dpp_get_pubkey_point(auth->own_bi->pubkey, 0); + brx = crypto_ec_key_get_pubkey_point(auth->own_bi->pubkey, 0); } if (!pix || !prx || !brx) goto fail; @@ -1476,25 +1429,25 @@ int dpp_gen_i_auth(struct dpp_authentication *auth, u8 *i_auth) nonce_len = auth->curve->nonce_len; if (auth->initiator) { - pix = dpp_get_pubkey_point(auth->own_protocol_key, 0); - prx = dpp_get_pubkey_point(auth->peer_protocol_key, 0); + pix = crypto_ec_key_get_pubkey_point(auth->own_protocol_key, 0); + prx = crypto_ec_key_get_pubkey_point(auth->peer_protocol_key, 0); if (auth->own_bi) - bix = dpp_get_pubkey_point(auth->own_bi->pubkey, 0); + bix = crypto_ec_key_get_pubkey_point(auth->own_bi->pubkey, 0); else bix = NULL; if (!auth->peer_bi) goto fail; - brx = dpp_get_pubkey_point(auth->peer_bi->pubkey, 0); + brx = crypto_ec_key_get_pubkey_point(auth->peer_bi->pubkey, 0); } else { - pix = dpp_get_pubkey_point(auth->peer_protocol_key, 0); - prx = dpp_get_pubkey_point(auth->own_protocol_key, 0); + pix = crypto_ec_key_get_pubkey_point(auth->peer_protocol_key, 0); + prx = crypto_ec_key_get_pubkey_point(auth->own_protocol_key, 0); if (auth->peer_bi) - bix = dpp_get_pubkey_point(auth->peer_bi->pubkey, 0); + bix = crypto_ec_key_get_pubkey_point(auth->peer_bi->pubkey, 0); else bix = NULL; if (!auth->own_bi) goto fail; - brx = dpp_get_pubkey_point(auth->own_bi->pubkey, 0); + brx = crypto_ec_key_get_pubkey_point(auth->own_bi->pubkey, 0); } if (!pix || !prx || !brx) goto fail; @@ -1704,8 +1657,8 @@ int dpp_derive_pmkid(const struct dpp_curve_params *curve, u8 hash[SHA256_MAC_LEN]; /* PMKID = Truncate-128(H(min(NK.x, PK.x) | max(NK.x, PK.x))) */ - nkx = dpp_get_pubkey_point(own_key, 0); - pkx = dpp_get_pubkey_point(peer_key, 0); + nkx = crypto_ec_key_get_pubkey_point(own_key, 0); + pkx = crypto_ec_key_get_pubkey_point(peer_key, 0); if (!nkx || !pkx) goto fail; addr[0] = wpabuf_head(nkx); diff --git a/src/common/dpp_i.h b/src/common/dpp_i.h index 6deb34737..6f9f489f2 100644 --- a/src/common/dpp_i.h +++ b/src/common/dpp_i.h @@ -76,7 +76,6 @@ const struct dpp_curve_params * dpp_get_curve_nid(int nid); const struct dpp_curve_params * dpp_get_curve_ike_group(u16 group); int dpp_bi_pubkey_hash(struct dpp_bootstrap_info *bi, const u8 *data, size_t data_len); -struct wpabuf * dpp_get_pubkey_point(struct crypto_ec_key *key, int prefix); struct crypto_ec_key * dpp_set_pubkey_point_group(const EC_GROUP *group, const u8 *buf_x, const u8 *buf_y, size_t len); diff --git a/src/common/dpp_pkex.c b/src/common/dpp_pkex.c index cde46ac39..24f7536a8 100644 --- a/src/common/dpp_pkex.c +++ b/src/common/dpp_pkex.c @@ -812,9 +812,9 @@ struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex, Jx, Jx_len); /* u = HMAC(J.x, MAC-Initiator | A.x | Y'.x | X.x) */ - A_pub = dpp_get_pubkey_point(pkex->own_bi->pubkey, 0); - Y_pub = dpp_get_pubkey_point(pkex->y, 0); - X_pub = dpp_get_pubkey_point(pkex->x, 0); + A_pub = crypto_ec_key_get_pubkey_point(pkex->own_bi->pubkey, 0); + Y_pub = crypto_ec_key_get_pubkey_point(pkex->y, 0); + X_pub = crypto_ec_key_get_pubkey_point(pkex->x, 0); if (!A_pub || !Y_pub || !X_pub) goto fail; addr[0] = pkex->own_mac; @@ -1078,9 +1078,9 @@ struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex, Jx, Jx_len); /* u' = HMAC(J'.x, MAC-Initiator | A'.x | Y.x | X'.x) */ - A_pub = dpp_get_pubkey_point(pkex->peer_bootstrap_key, 0); - Y_pub = dpp_get_pubkey_point(pkex->y, 0); - X_pub = dpp_get_pubkey_point(pkex->x, 0); + A_pub = crypto_ec_key_get_pubkey_point(pkex->peer_bootstrap_key, 0); + Y_pub = crypto_ec_key_get_pubkey_point(pkex->y, 0); + X_pub = crypto_ec_key_get_pubkey_point(pkex->x, 0); if (!A_pub || !Y_pub || !X_pub) goto fail; addr[0] = pkex->peer_mac; @@ -1115,7 +1115,7 @@ struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex, Lx, Lx_len); /* v = HMAC(L.x, MAC-Responder | B.x | X'.x | Y.x) */ - B_pub = dpp_get_pubkey_point(pkex->own_bi->pubkey, 0); + B_pub = crypto_ec_key_get_pubkey_point(pkex->own_bi->pubkey, 0); if (!B_pub) goto fail; addr[0] = pkex->own_mac; @@ -1240,9 +1240,9 @@ int dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex, const u8 *hdr, Lx, Lx_len); /* v' = HMAC(L.x, MAC-Responder | B'.x | X.x | Y'.x) */ - B_pub = dpp_get_pubkey_point(pkex->peer_bootstrap_key, 0); - X_pub = dpp_get_pubkey_point(pkex->x, 0); - Y_pub = dpp_get_pubkey_point(pkex->y, 0); + B_pub = crypto_ec_key_get_pubkey_point(pkex->peer_bootstrap_key, 0); + X_pub = crypto_ec_key_get_pubkey_point(pkex->x, 0); + Y_pub = crypto_ec_key_get_pubkey_point(pkex->y, 0); if (!B_pub || !X_pub || !Y_pub) goto fail; addr[0] = pkex->peer_mac; diff --git a/src/common/dpp_reconfig.c b/src/common/dpp_reconfig.c index a6959c1bc..03235d27e 100644 --- a/src/common/dpp_reconfig.c +++ b/src/common/dpp_reconfig.c @@ -69,7 +69,7 @@ struct wpabuf * dpp_build_reconfig_announcement(const u8 *csign_key, goto fail; } - uncomp = dpp_get_pubkey_point(csign, 1); + uncomp = crypto_ec_key_get_pubkey_point(csign, 1); crypto_ec_key_deinit(csign); if (!uncomp) goto fail; @@ -88,8 +88,8 @@ struct wpabuf * dpp_build_reconfig_announcement(const u8 *csign_key, goto fail; } - a_nonce = dpp_get_pubkey_point(id->a_nonce, 0); - e_id = dpp_get_pubkey_point(id->e_prime_id, 0); + a_nonce = crypto_ec_key_get_pubkey_point(id->a_nonce, 0); + e_id = crypto_ec_key_get_pubkey_point(id->e_prime_id, 0); if (!a_nonce || !e_id) goto fail; @@ -341,7 +341,7 @@ static int dpp_reconfig_build_resp(struct dpp_authentication *auth, wpabuf_put_le16(clear, wpabuf_len(conn_status)); wpabuf_put_buf(clear, conn_status); - pr = dpp_get_pubkey_point(auth->own_protocol_key, 0); + pr = crypto_ec_key_get_pubkey_point(auth->own_protocol_key, 0); if (!pr) goto fail; diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index b4e3ae530..e5d40fb09 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -1023,6 +1023,15 @@ struct wpabuf * crypto_ec_key_get_subject_public_key(struct crypto_ec_key *key); struct wpabuf * crypto_ec_key_get_ecprivate_key(struct crypto_ec_key *key, bool include_pub); +/** + * crypto_ec_key_get_pubkey_point - Get Public Key Point coordinates + * @key: EC key from crypto_ec_key_parse/set_pub() or crypto_ec_key_parse_priv() + * @prefix: Whether output buffer should include the octect to indicate coordinate + * form (as defined for SubjectPublicKeyInfo) + * Returns: Buffer with coordinates of Public key in uncompressed form or %NULL on failure + */ +struct wpabuf * crypto_ec_key_get_pubkey_point(struct crypto_ec_key *key, int prefix); + /** * crypto_ec_key_sign - Sign a buffer with an EC key * @key: EC key from crypto_ec_key_parse_priv() or crypto_ec_key_gen() diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index a10746f41..11aa4c744 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -2359,6 +2359,54 @@ struct wpabuf * crypto_ec_key_get_ecprivate_key(struct crypto_ec_key *key, } buf = wpabuf_alloc_copy(der, der_len); OPENSSL_free(der); + + return buf; +} + + +struct wpabuf * crypto_ec_key_get_pubkey_point(struct crypto_ec_key *key, int prefix) +{ + int len, res; + EC_KEY *eckey; + struct wpabuf *buf; + unsigned char *pos; + + eckey = EVP_PKEY_get1_EC_KEY((EVP_PKEY *)key); + if (!eckey) + return NULL; + EC_KEY_set_conv_form(eckey, POINT_CONVERSION_UNCOMPRESSED); + len = i2o_ECPublicKey(eckey, NULL); + if (len <= 0) { + wpa_printf(MSG_ERROR, + "OpenSSL: Failed to determine public key encoding length"); + EC_KEY_free(eckey); + return NULL; + } + + buf = wpabuf_alloc(len); + if (!buf) { + EC_KEY_free(eckey); + return NULL; + } + + pos = wpabuf_put(buf, len); + res = i2o_ECPublicKey(eckey, &pos); + EC_KEY_free(eckey); + if (res != len) { + wpa_printf(MSG_ERROR, + "OpenSSL: Failed to encode public key (res=%d/%d)", + res, len); + wpabuf_free(buf); + return NULL; + } + + if (!prefix) { + /* Remove 0x04 prefix if requested */ + pos = wpabuf_mhead(buf); + os_memmove(pos, pos + 1, len - 1); + buf->used--; + } + return buf; } @@ -2433,7 +2481,14 @@ int crypto_ec_key_group(struct crypto_ec_key *key) return 20; case NID_secp521r1: return 21; - } + case NID_brainpoolP256r1: + return 28; + case NID_brainpoolP384r1: + return 29; + case NID_brainpoolP512r1: + return 30; + } + wpa_printf(MSG_ERROR, "OpenSSL: Unsupported curve (nid=%d) in EC key", nid); return -1; } diff --git a/tests/hwsim/test_dpp.py b/tests/hwsim/test_dpp.py index 71df7fc64..50827b816 100644 --- a/tests/hwsim/test_dpp.py +++ b/tests/hwsim/test_dpp.py @@ -2482,7 +2482,7 @@ def test_dpp_pkex_commit_reveal_req_processing_failure(dev, apdev): dev[0].dpp_pkex_resp(2437, identifier="test", code="secret") with alloc_fail(dev[0], 1, - "dpp_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"): + "crypto_ec_key_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"): dev[1].dpp_pkex_init(identifier="test", code="secret") wait_fail_trigger(dev[0], "GET_ALLOC_FAIL") @@ -4138,7 +4138,7 @@ def test_dpp_pkex_alloc_fail(dev, apdev): id1 = None # Local error cases on the Initiator - tests = [(1, "dpp_get_pubkey_point"), + tests = [(1, "crypto_ec_key_get_pubkey_point"), (1, "dpp_alloc_msg;dpp_pkex_build_exchange_req"), (1, "dpp_alloc_msg;dpp_pkex_build_commit_reveal_req"), (1, "dpp_alloc_msg;dpp_auth_build_req"), @@ -4168,9 +4168,9 @@ def test_dpp_pkex_alloc_fail(dev, apdev): (3, "dpp_pkex_init"), (1, "dpp_pkex_derive_z"), (1, "=dpp_pkex_rx_commit_reveal_resp"), - (1, "dpp_get_pubkey_point;dpp_build_jwk"), - (2, "dpp_get_pubkey_point;dpp_build_jwk"), - (1, "dpp_get_pubkey_point;dpp_auth_init")] + (1, "crypto_ec_key_get_pubkey_point;dpp_build_jwk"), + (2, "crypto_ec_key_get_pubkey_point;dpp_build_jwk"), + (1, "crypto_ec_key_get_pubkey_point;dpp_auth_init")] for count, func in tests: dev[0].request("DPP_STOP_LISTEN") dev[1].request("DPP_STOP_LISTEN") @@ -4191,11 +4191,11 @@ def test_dpp_pkex_alloc_fail(dev, apdev): dev[0].wait_event(["GAS-QUERY-DONE"], timeout=3) # Local error cases on the Responder - tests = [(1, "dpp_get_pubkey_point"), + tests = [(1, "crypto_ec_key_get_pubkey_point"), (1, "dpp_alloc_msg;dpp_pkex_build_exchange_resp"), (1, "dpp_alloc_msg;dpp_pkex_build_commit_reveal_resp"), (1, "dpp_alloc_msg;dpp_auth_build_resp"), - (1, "dpp_get_pubkey_point;dpp_auth_build_resp_ok"), + (1, "crypto_ec_key_get_pubkey_point;dpp_auth_build_resp_ok"), (1, "dpp_alloc_auth"), (1, "=dpp_auth_req_rx"), (1, "=dpp_auth_conf_rx"), @@ -4206,7 +4206,7 @@ def test_dpp_pkex_alloc_fail(dev, apdev): (1, "json_parse;dpp_parse_connector"), (1, "dpp_parse_jwk;dpp_parse_connector"), (1, "dpp_parse_jwk;dpp_parse_cred_dpp"), - (1, "dpp_get_pubkey_point;dpp_check_pubkey_match"), + (1, "crypto_ec_key_get_pubkey_point;dpp_check_pubkey_match"), (1, "base64_gen_decode;dpp_process_signed_connector"), (1, "dpp_parse_jws_prot_hdr;dpp_process_signed_connector"), (2, "base64_gen_decode;dpp_process_signed_connector"), @@ -4219,7 +4219,7 @@ def test_dpp_pkex_alloc_fail(dev, apdev): (2, "=dpp_pkex_rx_exchange_req"), (3, "=dpp_pkex_rx_exchange_req"), (1, "=dpp_pkex_rx_commit_reveal_req"), - (1, "dpp_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"), + (1, "crypto_ec_key_get_pubkey_point;dpp_pkex_rx_commit_reveal_req"), (1, "dpp_bootstrap_key_hash")] for count, func in tests: dev[0].request("DPP_STOP_LISTEN") @@ -4650,7 +4650,7 @@ def test_dpp_invalid_configurator_key(dev, apdev): if "FAIL" not in dev[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256): raise Exception("Error not reported") - with alloc_fail(dev[0], 1, "dpp_get_pubkey_point;dpp_keygen_configurator"): + with alloc_fail(dev[0], 1, "crypto_ec_key_get_pubkey_point;dpp_keygen_configurator"): if "FAIL" not in dev[0].request("DPP_CONFIGURATOR_ADD key=" + dpp_key_p256): raise Exception("Error not reported") From patchwork Mon Jun 28 16:25:24 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498052 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=4GWSAxA4; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=TdSDZO64; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCjW0MW9z9sTD for ; Tue, 29 Jun 2021 02:29:03 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=hy8B2MY2aRbwOpOCtgKJbE3qr4vKC16H2suHqiD+h0U=; b=4GWSAxA4v+ehHk miov0iCJgJAawL+81oNI5dqiMh5XZhZmuR0csJtIjcv87UxHVvduUfY8kbXE6GkmJrm530LBRHVpf qku+S8NXCy93l7YFC5IRKjvviEZJfEJvsx2FS7YNOWt4+fyJRKOR4J5OZMor9wSi+SvK9xnwJG9ZO ir6TtibkWcopBjMtz32/iQzAtF8XSqMQ7dRsqHWDfHNBdM1TJKWnZbixH9aJwBY629uJESOxFOnZO aC85KQKOZ7zBkqpvm5qHH4luZeCOTjAUBV00HOaSOwv+S5bf+f2YGd8qMV8ld12OOzy2jhtVP/PUS anVlqX+ndlZTh1vhFnxg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu6I-008b8j-62; Mon, 28 Jun 2021 16:27:10 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu55-008agH-Gw for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:25:58 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897545; x=1627489545; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=jb6rucrK98LgVubH8cU4jVUOWBUOwEzWMpDAfsnld8E=; b=TdSDZO64/a3Kjo9rziTMmQXwOzfCzvedHX3gVtaGIIkYUIPjFOAHxwi/YctEFQ5P fHVmK88rRh9jqYHsyeD7FLqg+xWWtVzyGlBO2UPM7lltnvdbLL0uw3ykey3bxuRP EmjQpV3582arM062sBIrJPgoTo3oB/xUgIEzN48NE1o=; X-AuditID: c3528109-8b7e670000004490-5f-60d9f808eab9 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id F4.2B.17552.808F9D06; Mon, 28 Jun 2021 19:25:44 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:44 +0300 From: Cedric Izoard To: CC: Cedric Izoard Subject: [PATCH 07/21] dpp: move dpp_set_pubkey_point_group to crypto.h Date: Mon, 28 Jun 2021 18:25:24 +0200 Message-ID: <20210628162538.21067-8-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-6.350500-4.000000-10 X-TMASE-MatchedRID: pTCpH+jdL1TsNB4Br8jEBbzgL/eLACDEzPq66jKYDscagfsCivbmXsAS M1FbRaAiCW8hF2RcHkmTW+R0C23mx9cOEThaK0bGnFVnNmvv47tLXPA26IG0hN9RlPzeVuQQ7yZ 0uFmcApOVvBTFZs24fo2MogdbmQhJoqIp1AUZB5rN+qWlu2ZxaFOMvMY8acYWR6RHdVK85hXjxU vJ0tOymq/vOrLjLip+kyv8HN8I+nQ2m7fBXsj+zeZZg+teTfwra01mhnn7t6QELMPQNzyJS7/8g U3a4c+SJUCnmotb9Kgo+ridM9WpoMg1QFikfL0tlVHM/F6YkvSjXi/7W48JB/9Cu8pq3EDDngIg pj8eDcAZ1CdBJOsoY8RB0bsfrpPIHm9ggFVoCcBHtpaYXE1PGqWgQFI9p61QUb+G5uCTlIWBEtG VbcfnrHZYsyuf9XMZftwZ3X11IV0= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--6.350500-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 4E617528FEC06692B2F1C272C45F97139A412E3791222B733F36E6C4CD13983A2000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrLIsWRmVeSWpSXmKPExsVyYIUtty7Hj5sJBgdP21j8nT2ZyWLtozQH Jo9z7yczeWxeUh/AFKVrk5RYUhacmZ6nb2dTklOsUJxaUpKZl26r5OsYqQQUS6osSCwu1i0u SMzVt0vQzZjxcy9rwYGQimNrepgaGLtcuhg5OSQETCQ+3fzP1sXIxSEksJdR4u35GawQzgpG ibZds5lAqtgEDCS+/pgPZosIKEh0Pt3ODGIzC+hK3JrSwghiCwu4S2yf8xOshkVAVeLuun6w OK+AvcSv2RPYILbJSzybPo8dxOYUcJD4ue8zK4gtBFRzaNYKFoh6QYmTM5+wQMyXkDj44gUz RI26xM41zSwQcywk9vSsANrFAWSrSzy5XQFys4TAJ2aJQ33zWCHiChKfZxjDrP14YQYjRFhV 4vVxW5jfF/y6BjUxQuJuWxP7BEbxWUiOmIXkiAWMTKsYBXMrMnP0klPLEnVTigv0kvNzNzEC 4+twUCPnDsbPS+MPMTJxMB5ilOBgVhLhFau6liDEm5JYWZValB9fVJqTWnyIMRkYOhOZpUST 84HxnVcSb2hqbmluZGBhYW5qaEaEsIG5mYk5kDI2N1ES500T3JogJJCeWJKanZpakFoEs4WJ gxPkCi4pkeLUvJTUosTSkox4UHqJLwYmGKkGxtkSX+dV3fi0bcqSFN4ZDx6yqIQbl87S+toZ t7OPOfTuveUJx2Q8j+tyWjLYTL+R63+Oe/GhtW25h+znLX4ZVl41a8biP9FbtsxXZdY5d3LR 60mTN8lPO+7H4NP17lle7zuj+Z/CHYLuvw8SPvWVqen0um/BBQXvS2d4Ba15zc5neeWx5PmT yxKUWIozEg21mIuKEwGMP/C5AAMAAA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092555_857016_3C3538C1 X-CRM114-Status: GOOD ( 18.17 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Cedric Izoard Move code of dpp_set_pubkey_point_group into crypto.h API. This function initializes an EC Public key using coordinates of the EC point in binary format. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Cedric Izoard Move code of dpp_set_pubkey_point_group into crypto.h API. This function initializes an EC Public key using coordinates of the EC point in binary format. Signed-off-by: Cedric Izoard --- src/common/dpp.c | 15 ++---- src/common/dpp_crypto.c | 99 +++---------------------------------- src/common/dpp_i.h | 3 -- src/crypto/crypto.h | 19 +++++-- src/crypto/crypto_openssl.c | 79 +++++++++++++++++++++++++++++ 5 files changed, 106 insertions(+), 109 deletions(-) diff --git a/src/common/dpp.c b/src/common/dpp.c index a2a686211..8fa662bf4 100644 --- a/src/common/dpp.c +++ b/src/common/dpp.c @@ -2166,8 +2166,7 @@ struct crypto_ec_key * dpp_parse_jwk(struct json_token *jwk, struct json_token *token; const struct dpp_curve_params *curve; struct wpabuf *x = NULL, *y = NULL; - EC_GROUP *group; - struct crypto_ec_key *pkey = NULL; + struct crypto_ec_key *key = NULL; token = json_get_member(jwk, "kty"); if (!token || token->type != JSON_STRING) { @@ -2220,22 +2219,18 @@ struct crypto_ec_key * dpp_parse_jwk(struct json_token *jwk, goto fail; } - group = EC_GROUP_new_by_curve_name(OBJ_txt2nid(curve->name)); - if (!group) { - wpa_printf(MSG_DEBUG, "DPP: Could not prepare group for JWK"); + key = crypto_ec_key_set_pub(curve->ike_group, wpabuf_head(x), wpabuf_head(y), + wpabuf_len(x)); + if (!key) goto fail; - } - pkey = dpp_set_pubkey_point_group(group, wpabuf_head(x), wpabuf_head(y), - wpabuf_len(x)); - EC_GROUP_free(group); *key_curve = curve; fail: wpabuf_free(x); wpabuf_free(y); - return pkey; + return key; } diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 5e7cd76ea..e274ee95f 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -375,100 +375,21 @@ int dpp_bn2bin_pad(const BIGNUM *bn, u8 *pos, size_t len) } -struct crypto_ec_key * dpp_set_pubkey_point_group(const EC_GROUP *group, - const u8 *buf_x, const u8 *buf_y, - size_t len) -{ - EC_KEY *eckey = NULL; - BN_CTX *ctx; - EC_POINT *point = NULL; - BIGNUM *x = NULL, *y = NULL; - EVP_PKEY *pkey = NULL; - - ctx = BN_CTX_new(); - if (!ctx) { - wpa_printf(MSG_ERROR, "DPP: Out of memory"); - return NULL; - } - - point = EC_POINT_new(group); - x = BN_bin2bn(buf_x, len, NULL); - y = BN_bin2bn(buf_y, len, NULL); - if (!point || !x || !y) { - wpa_printf(MSG_ERROR, "DPP: Out of memory"); - goto fail; - } - - if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) { - wpa_printf(MSG_ERROR, - "DPP: OpenSSL: EC_POINT_set_affine_coordinates_GFp failed: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } - - if (!EC_POINT_is_on_curve(group, point, ctx) || - EC_POINT_is_at_infinity(group, point)) { - wpa_printf(MSG_ERROR, "DPP: Invalid point"); - goto fail; - } - dpp_debug_print_point("DPP: dpp_set_pubkey_point_group", group, point); - - eckey = EC_KEY_new(); - if (!eckey || - EC_KEY_set_group(eckey, group) != 1 || - EC_KEY_set_public_key(eckey, point) != 1) { - wpa_printf(MSG_ERROR, - "DPP: Failed to set EC_KEY: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } - EC_KEY_set_asn1_flag(eckey, OPENSSL_EC_NAMED_CURVE); - - pkey = EVP_PKEY_new(); - if (!pkey || EVP_PKEY_set1_EC_KEY(pkey, eckey) != 1) { - wpa_printf(MSG_ERROR, "DPP: Could not create EVP_PKEY"); - goto fail; - } - -out: - BN_free(x); - BN_free(y); - EC_KEY_free(eckey); - EC_POINT_free(point); - BN_CTX_free(ctx); - return (struct crypto_ec_key *)pkey; -fail: - EVP_PKEY_free(pkey); - pkey = NULL; - goto out; -} - - struct crypto_ec_key * dpp_set_pubkey_point(struct crypto_ec_key *group_key, const u8 *buf, size_t len) { - const EC_KEY *eckey; - const EC_GROUP *group; - struct crypto_ec_key *pkey = NULL; + int ike_group = crypto_ec_key_group(group_key); if (len & 1) return NULL; - eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)group_key); - if (!eckey) { - wpa_printf(MSG_ERROR, - "DPP: Could not get EC_KEY from group_key"); + if (ike_group == -1) { + wpa_printf(MSG_ERROR, "DPP: Could not get EC group"); return NULL; } - group = EC_KEY_get0_group(eckey); - if (group) - pkey = dpp_set_pubkey_point_group(group, buf, buf + len / 2, - len / 2); - else - wpa_printf(MSG_ERROR, "DPP: Could not get EC group"); - - return pkey; + return crypto_ec_key_set_pub(ike_group, buf, buf + len / 2, + len / 2); } @@ -1901,10 +1822,7 @@ static const u8 pkex_resp_y_bp_p512r1[64] = { static struct crypto_ec_key * dpp_pkex_get_role_elem(const struct dpp_curve_params *curve, int init) { - EC_GROUP *group; - size_t len = curve->prime_len; const u8 *x, *y; - struct crypto_ec_key *res; switch (curve->ike_group) { case 19: @@ -1935,12 +1853,7 @@ static struct crypto_ec_key * dpp_pkex_get_role_elem(const struct dpp_curve_para return NULL; } - group = EC_GROUP_new_by_curve_name(OBJ_txt2nid(curve->name)); - if (!group) - return NULL; - res = dpp_set_pubkey_point_group(group, x, y, len); - EC_GROUP_free(group); - return res; + return crypto_ec_key_set_pub(curve->ike_group, x, y, curve->prime_len); } diff --git a/src/common/dpp_i.h b/src/common/dpp_i.h index 6f9f489f2..06560a3d5 100644 --- a/src/common/dpp_i.h +++ b/src/common/dpp_i.h @@ -76,9 +76,6 @@ const struct dpp_curve_params * dpp_get_curve_nid(int nid); const struct dpp_curve_params * dpp_get_curve_ike_group(u16 group); int dpp_bi_pubkey_hash(struct dpp_bootstrap_info *bi, const u8 *data, size_t data_len); -struct crypto_ec_key * dpp_set_pubkey_point_group(const EC_GROUP *group, - const u8 *buf_x, const u8 *buf_y, - size_t len); struct crypto_ec_key * dpp_set_pubkey_point(struct crypto_ec_key *group_key, const u8 *buf, size_t len); int dpp_bn2bin_pad(const BIGNUM *bn, u8 *pos, size_t len); diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index e5d40fb09..3473b3519 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -994,6 +994,19 @@ struct crypto_ec_key * crypto_ec_key_parse_priv(const u8 *der, size_t der_len); */ struct crypto_ec_key * crypto_ec_key_parse_pub(const u8 *der, size_t der_len); +/** + * crypto_ec_key_set_pub - Initialize an EC Public Key from EC point coordinates + * @group: Identifying number for the ECC group + * @x: X coordinate of the Public key + * @y: Y coordinate of the Public key + * @len: Length of @x and @y buffer + * Returns: EC key or %NULL on failure + * + * This function initialize an EC Key from public key coordinates, in big endian + * byte order padded to the length of the prime defining the group. + */ +struct crypto_ec_key * crypto_ec_key_set_pub(int group, const u8 *x, const u8 *y, size_t len); + /** * crypto_ec_key_gen - Generate EC Key pair * @group: Identifying number for the ECC group @@ -1009,7 +1022,7 @@ void crypto_ec_key_deinit(struct crypto_ec_key *key); /** * crypto_ec_key_get_subject_public_key - Get SubjectPublicKeyInfo ASN.1 for a EC key - * @key: EC key from crypto_ec_key_parse_pub/priv() or crypto_ec_key_gen() + * @key: EC key from crypto_ec_key_parse/set_pub/priv() or crypto_ec_key_gen() * Returns: Buffer with DER encoding of ASN.1 SubjectPublicKeyInfo or %NULL on failure */ struct wpabuf * crypto_ec_key_get_subject_public_key(struct crypto_ec_key *key); @@ -1044,7 +1057,7 @@ struct wpabuf * crypto_ec_key_sign(struct crypto_ec_key *key, const u8 *data, /** * crypto_ec_key_verify_signature - Verify signature - * @key: EC key from crypto_ec_key_parse_pub() or crypto_ec_key_gen() + * @key: EC key from crypto_ec_key_parse/set_pub() or crypto_ec_key_gen() * @data: Data to signed * @len: Length of @data buffer * @sig: DER encoding of ASN.1 Ecdsa-Sig-Value @@ -1056,7 +1069,7 @@ int crypto_ec_key_verify_signature(struct crypto_ec_key *key, const u8 *data, /** * crypto_ec_key_group - Get IANA group identifier for an EC key - * @key: EC key from crypto_ec_key_parse_pub/priv() or crypto_ec_key_gen() + * @key: EC key from crypto_ec_key_parse/set_pub/priv() or crypto_ec_key_gen() * Returns: IANA group identifier and -1 on failure */ int crypto_ec_key_group(struct crypto_ec_key *key); diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 11aa4c744..c29a6e3a1 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -2256,6 +2256,85 @@ static int crypto_ec_group_2_nid(int group) } +struct crypto_ec_key * crypto_ec_key_set_pub(int group, const u8 *buf_x, const u8 *buf_y, size_t len) +{ + EC_KEY *eckey = NULL; + EVP_PKEY *pkey = NULL; + EC_GROUP *ec_group = NULL; + BN_CTX *ctx = NULL; + EC_POINT *point = NULL; + BIGNUM *x = NULL, *y = NULL; + int nid; + + if (!buf_x || !buf_y) + return NULL; + + nid = crypto_ec_group_2_nid(group); + if (nid < 0) { + wpa_printf(MSG_ERROR, "Unsupported group %d", group); + return NULL; + } + + ctx = BN_CTX_new(); + if (!ctx) + goto fail; + + ec_group = EC_GROUP_new_by_curve_name(nid); + if (!ec_group) + goto fail; + + x = BN_bin2bn(buf_x, len, NULL); + y = BN_bin2bn(buf_y, len, NULL); + point = EC_POINT_new(ec_group); + if (!x || !y || !point) + goto fail; + + if (!EC_POINT_set_affine_coordinates_GFp(ec_group, point, x, y, ctx)) { + wpa_printf(MSG_ERROR, + "OpenSSL: EC_POINT_set_affine_coordinates_GFp failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + if (!EC_POINT_is_on_curve(ec_group, point, ctx) || + EC_POINT_is_at_infinity(ec_group, point)) { + wpa_printf(MSG_ERROR, "OpenSSL: Invalid point"); + goto fail; + } + + eckey = EC_KEY_new(); + if (!eckey || + EC_KEY_set_group(eckey, ec_group) != 1 || + EC_KEY_set_public_key(eckey, point) != 1) { + wpa_printf(MSG_ERROR, + "OpenSSL: Failed to set EC_KEY: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + EC_KEY_set_asn1_flag(eckey, OPENSSL_EC_NAMED_CURVE); + + pkey = EVP_PKEY_new(); + if (!pkey || EVP_PKEY_assign_EC_KEY(pkey, eckey) != 1) { + wpa_printf(MSG_ERROR, "DPP: Could not create EVP_PKEY"); + goto fail; + } + +out: + EC_GROUP_free(ec_group); + BN_free(x); + BN_free(y); + EC_POINT_free(point); + BN_CTX_free(ctx); + return (struct crypto_ec_key *)pkey; + +fail: + EC_KEY_free(eckey); + EVP_PKEY_free(pkey); + pkey = NULL; + goto out; +} + + struct crypto_ec_key * crypto_ec_key_gen(int group) { EVP_PKEY_CTX *kctx = NULL; From patchwork Mon Jun 28 16:25:25 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498053 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=FVOLYWVa; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=HRDc4SC4; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCkF5fXTz9sTD for ; Tue, 29 Jun 2021 02:29:41 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=h9dFng4HBXBi0/9V2EzkH3cmFxZfKizhctH07uDVpes=; b=FVOLYWVaD03s4m f0mAnCIh0hjfY0Qs0GXxevuhDmbzi5DbACqQx5cpwKOWDYuXgO6RaRsQ4eviIYtj83jOQl3DL9fWO XXDIQN+BaV5swoMD94+J7UPqlA6FtC9xqni3Ewnxf2WJZtS/o/12cQPU6K4/eFtAjoJJ0i4w+xjxt is3QGQxoV+uyzClqBzJBqK8wcu0M2l+bphiF5kW41V1SsNxYpLdbhO7VI40dYTUFMagsgmHxa3BXZ 3eC7ixYqHUsErl9RB4BWUxbcDHTrnQ2BRebbPSwehh9nOMLqLWBETX1MHEM9F8zwCVQRhKiGKkRix yvp+H6tRCp1eSAf/UAvg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu79-008bSc-5d; Mon, 28 Jun 2021 16:28:03 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu59-008ahw-Pe for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:01 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897545; x=1627489545; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=H625GptR09BRaq6DIzEsYbK0tro6Z1T/X4qS2y5DaPA=; b=HRDc4SC4ZWvUQzEp6/h/JUfrJOHBumGfZid20inb2El1+z2/tF9MYKEgmT5Suvc/ fIXzG7l/FQYjppkIlZ4GEyWrl4bzlTyfjUR5SRXdwxk1IyZj5Lg+puc2HyQar43p AFAuIHfyJrxntocGs9C0DOAdcN0SXivBERpByqFa4BI=; X-AuditID: c3528109-88be570000004490-60-60d9f809a928 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 25.2B.17552.908F9D06; Mon, 28 Jun 2021 19:25:45 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:44 +0300 From: Cedric Izoard To: CC: Cedric Izoard Subject: [PATCH 08/21] dpp: use crypto_ec_key_get_subject_public_key when possible Date: Mon, 28 Jun 2021 18:25:25 +0200 Message-ID: <20210628162538.21067-9-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-5.408200-4.000000-10 X-TMASE-MatchedRID: eeVHkMty8lFT5a+Wn1rTVCtPpXoicS5Xt2cxlTCFgcb+7KZICEbEsmtS CvaCka20NTAtTtpHFPkwwL5B3OAT8QWfTEzQ7G2Dqoeab9Xgz88/pOSL72dTfwdkFovAReUoaUX s6FguVy1zB48D0VJ5PDfZdw1xY1Ip9R7dwXny/bfN+qWlu2ZxaNw4sFh+X3+BrBwh90nhNwnBDv vdsZTwzO3zSoJhBLBNlBaRlxPPazLUsV22aJ5sTgzrPeIO/OIHvMRNh9hLjFlTWft5+q2BfGzdJ o28x4en2sPk85bkjwXJfkpcq3Et/XTCIyQ22l+J34b00P59ZxnQxDD776KHL30cfU0HhpVQ0A45 IAXRxM09o9m14AslujAk5j8YyOTcgljF8fKL2gni8zVgXoAltsIJ+4gwXrEtwrbXMGDYqV+BMV0 kqc2hZP2T8H+l1RCmeT6bF0xj2HWAFcwYZLJ1Q3bh2YnztV5OVlxr1FJij9s= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--5.408200-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 888B09084FB4177B60BEEFC55438AACBE6C320E9C362517895CC1838C0FE34FD2000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrHIsWRmVeSWpSXmKPExsVyYIUtty7nj5sJBqdmaVn8nT2ZyWLtozQH Jo9z7yczeWxeUh/AFKVrk5RYUhacmZ6nb2dTklOsUJxaUpKZl26r5OsYqQQUS6osSCwu1i0u SMzVt0vQzVg78Q1zwTLDimXda5kaGN9qdDFyckgImEgs+rKEsYuRi0NIYC+jxLOZ+1kgnBWM Em27ZjOBVLEJGEh8/TEfzBYRUJDofLqdGcRmFtCVuDWlhRHEFhYIkmj9+5EVxGYRUJW42vyL HcTmFbCXuPP2PAvENnmJZ9PngcU5BRwkfu77DFYvBFRzaNYKFoh6QYmTM5+wQMyXkDj44gUz RI26xM41zVBzLCT29KxggrDVJb7vnM0GcrSEwCQWiY7zx4AcDiBHQeLzDGOYvR8vzGCECKtK 7HnBCfP8gl/XoEZGSJw6eolpAqP4LCRXzEJyxQJGplWMgrkVmTl6yallibopxQV6yfm5mxiB EXY4qJFzB+PnpfGHGJk4GA8xSnAwK4nwilVdSxDiTUmsrEotyo8vKs1JLT7EmAwMnonMUqLJ +cAIzyuJNzQ1tzQ3MrCwMDc1NCNC2MDczMQcSBmbmyiJ86YJbk0QEkhPLEnNTk0tSC2C2cLE wQlyBZeUSHFqXkpqUWJpSUY8KMHEFwNTjFQDo/HUc62fTnJFb7rNpVC1//Mhq6yi21/cakVv X3a17Xro6PP/1w6n56vTL7iefLE2voh1zePaafpGKf9jGXedm3CixPfwtlOTKgx4LQpl+Dy2 xL9eee1m7hSf7nXXZ7C83NXLO/+B9fwm1pocm6CKlXHTPqw2m19yRyTo5OIpb2dY2kw7eELg fJkSS3FGoqEWc1FxIgCIrZkBAQMAAA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092600_108375_6CA19FE4 X-CRM114-Status: GOOD ( 15.74 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Cedric Izoard Unless I miss something I don't see any difference between the locally defined ASN.1 sequence DPP_BOOTSTRAPPING_KEY and SubjectPublicKeyInfo so use the latter one instead. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Cedric Izoard Unless I miss something I don't see any difference between the locally defined ASN.1 sequence DPP_BOOTSTRAPPING_KEY and SubjectPublicKeyInfo so use the latter one instead. Signed-off-by: Cedric Izoard --- src/common/dpp.c | 22 +++++----- src/common/dpp_crypto.c | 88 +------------------------------------ src/crypto/crypto_openssl.c | 4 ++ tests/hwsim/test_dpp.py | 2 +- 4 files changed, 17 insertions(+), 99 deletions(-) diff --git a/src/common/dpp.c b/src/common/dpp.c index 8fa662bf4..2f0f9552d 100644 --- a/src/common/dpp.c +++ b/src/common/dpp.c @@ -2412,29 +2412,27 @@ fail: static void dpp_copy_csign(struct dpp_config_obj *conf, struct crypto_ec_key *csign) { - unsigned char *der = NULL; - int der_len; + struct wpabuf *c_sign_key; - der_len = i2d_PUBKEY((EVP_PKEY *)csign, &der); - if (der_len <= 0) + c_sign_key = crypto_ec_key_get_subject_public_key(csign); + if (!c_sign_key) return; + wpabuf_free(conf->c_sign_key); - conf->c_sign_key = wpabuf_alloc_copy(der, der_len); - OPENSSL_free(der); + conf->c_sign_key = c_sign_key; } static void dpp_copy_ppkey(struct dpp_config_obj *conf, struct crypto_ec_key *ppkey) { - unsigned char *der = NULL; - int der_len; + struct wpabuf *pp_key; - der_len = i2d_PUBKEY((EVP_PKEY *)ppkey, &der); - if (der_len <= 0) + pp_key = crypto_ec_key_get_subject_public_key(ppkey); + if (!pp_key) return; + wpabuf_free(conf->pp_key); - conf->pp_key = wpabuf_alloc_copy(der, der_len); - OPENSSL_free(der); + conf->pp_key = pp_key; } diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index e274ee95f..e4f0f817b 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -10,8 +10,6 @@ #include "utils/includes.h" #include #include -#include -#include #include #include "utils/common.h" @@ -452,94 +450,12 @@ struct crypto_ec_key * dpp_set_keypair(const struct dpp_curve_params **curve, } -typedef struct { - /* AlgorithmIdentifier ecPublicKey with optional parameters present - * as an OID identifying the curve */ - X509_ALGOR *alg; - /* Compressed format public key per ANSI X9.63 */ - ASN1_BIT_STRING *pub_key; -} DPP_BOOTSTRAPPING_KEY; - -ASN1_SEQUENCE(DPP_BOOTSTRAPPING_KEY) = { - ASN1_SIMPLE(DPP_BOOTSTRAPPING_KEY, alg, X509_ALGOR), - ASN1_SIMPLE(DPP_BOOTSTRAPPING_KEY, pub_key, ASN1_BIT_STRING) -} ASN1_SEQUENCE_END(DPP_BOOTSTRAPPING_KEY); - -IMPLEMENT_ASN1_FUNCTIONS(DPP_BOOTSTRAPPING_KEY); - - -static struct wpabuf * dpp_bootstrap_key_der(struct crypto_ec_key *key) -{ - unsigned char *der = NULL; - int der_len; - const EC_KEY *eckey; - struct wpabuf *ret = NULL; - size_t len; - const EC_GROUP *group; - const EC_POINT *point; - BN_CTX *ctx; - DPP_BOOTSTRAPPING_KEY *bootstrap = NULL; - int nid; - - ctx = BN_CTX_new(); - eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)key); - if (!ctx || !eckey) - goto fail; - - group = EC_KEY_get0_group(eckey); - point = EC_KEY_get0_public_key(eckey); - if (!group || !point) - goto fail; - dpp_debug_print_point("DPP: bootstrap public key", group, point); - nid = EC_GROUP_get_curve_name(group); - - bootstrap = DPP_BOOTSTRAPPING_KEY_new(); - if (!bootstrap || - X509_ALGOR_set0(bootstrap->alg, OBJ_nid2obj(EVP_PKEY_EC), - V_ASN1_OBJECT, (void *) OBJ_nid2obj(nid)) != 1) - goto fail; - - len = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, - NULL, 0, ctx); - if (len == 0) - goto fail; - - der = OPENSSL_malloc(len); - if (!der) - goto fail; - len = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, - der, len, ctx); - - OPENSSL_free(bootstrap->pub_key->data); - bootstrap->pub_key->data = der; - der = NULL; - bootstrap->pub_key->length = len; - /* No unused bits */ - bootstrap->pub_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); - bootstrap->pub_key->flags |= ASN1_STRING_FLAG_BITS_LEFT; - - der_len = i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, &der); - if (der_len <= 0) { - wpa_printf(MSG_ERROR, - "DDP: Failed to build DER encoded public key"); - goto fail; - } - - ret = wpabuf_alloc_copy(der, der_len); -fail: - DPP_BOOTSTRAPPING_KEY_free(bootstrap); - OPENSSL_free(der); - BN_CTX_free(ctx); - return ret; -} - - int dpp_bootstrap_key_hash(struct dpp_bootstrap_info *bi) { struct wpabuf *der; int res; - der = dpp_bootstrap_key_der(bi->pubkey); + der = crypto_ec_key_get_subject_public_key(bi->pubkey); if (!der) return -1; wpa_hexdump_buf(MSG_DEBUG, "DPP: Compressed public key (DER)", @@ -574,7 +490,7 @@ int dpp_keygen(struct dpp_bootstrap_info *bi, const char *curve, goto fail; bi->own = 1; - der = dpp_bootstrap_key_der(bi->pubkey); + der = crypto_ec_key_get_subject_public_key(bi->pubkey); if (!der) goto fail; wpa_hexdump_buf(MSG_DEBUG, "DPP: Compressed public key (DER)", diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index c29a6e3a1..275ec6252 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -2400,6 +2400,10 @@ struct wpabuf * crypto_ec_key_get_subject_public_key(struct crypto_ec_key *key) int der_len; struct wpabuf *buf; + // For now, all users expect COMPRESSED form + EC_KEY_set_conv_form(EVP_PKEY_get0_EC_KEY((EVP_PKEY *)key), + POINT_CONVERSION_COMPRESSED); + der_len = i2d_PUBKEY((EVP_PKEY *)key, &der); if (der_len <= 0) { wpa_printf(MSG_INFO, "OpenSSL: i2d_PUBKEY() failed: %s", diff --git a/tests/hwsim/test_dpp.py b/tests/hwsim/test_dpp.py index 50827b816..c3b8ca4ea 100644 --- a/tests/hwsim/test_dpp.py +++ b/tests/hwsim/test_dpp.py @@ -214,7 +214,7 @@ def test_dpp_qr_code_keygen_fail(dev, apdev): """DPP QR Code and keygen failure""" check_dpp_capab(dev[0]) - with alloc_fail(dev[0], 1, "dpp_bootstrap_key_der;dpp_keygen"): + with alloc_fail(dev[0], 1, "crypto_ec_key_get_subject_public_key;dpp_keygen"): if "FAIL" not in dev[0].request("DPP_BOOTSTRAP_GEN type=qrcode"): raise Exception("Failure not reported") From patchwork Mon Jun 28 16:25:26 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498055 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=wG6kw0Fy; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=d5tIqIBi; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDClT70N4z9sV8 for ; Tue, 29 Jun 2021 02:30:45 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=4otwuYOCMBUqGzKIZw9DJmwWU/HATT0+ZF+kbzFjwDQ=; b=wG6kw0Fy3y06Jh duFM9r6lb6kqTQY3gJHkwWWEIA7HO3s8xcq/rR09vcXIa3w6Y9Nr90iR9lLV4+xPYv2IWkm2ihPxR f/xE/ReDZ7tBXdflfk7VYfLcqEMLmgaTQiAiMVWvdpDX0wujHHgtAaQqIyjXAVkJmVMj3NfrAWabg 3/UIdBexFJeWDbEPo7EJDgF7vVhxQEZVvHLXhECK7I1m2hG16d8/Mos8nn/be0abkOXVwQG29nKJh E74+tBKrAl9v13NAK2CIsEZ5IPcGLG5voLb6pFzLuEMRZ54009zQeuEI0EjyvjiCSt37QgfLJVfZQ h++TuH9wqcO6ni9rUUvg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu7t-008bhD-Is; Mon, 28 Jun 2021 16:28:50 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5A-008aiE-9N for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:03 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897546; x=1627489546; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=/gVwQODbu8kpHrFjizzgGY2S9tefFjSM4TJn2XxsqBE=; b=d5tIqIBiK+5FitRavq/r8R6gMvMdDCIE3eCUrvKhPiDEFzCb6mGmiWm/PaQiH2X7 33k2sfIAsuWqxT3YqnKmUpnfBs+k0Yq8sW4Z7rtmYZUPmoF83jn33g2C8ePlkJyf qGNyrcTZQXTgwUhPW+ga9qBLEH/1PiF1fO/Tdsiq3Io=; X-AuditID: c3528109-88be570000004490-62-60d9f80adecd Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 55.2B.17552.A08F9D06; Mon, 28 Jun 2021 19:25:46 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:45 +0300 From: Cedric Izoard To: CC: Cedric Izoard Subject: [PATCH 09/21] dpp: use crypto_ec_key_parse_pub in dpp_get_subject_public_key Date: Mon, 28 Jun 2021 18:25:26 +0200 Message-ID: <20210628162538.21067-10-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-6.118500-4.000000-10 X-TMASE-MatchedRID: fASjJbTnm+FT5a+Wn1rTVCtPpXoicS5XTEFC0zV7bKQGmHr1eMxt2UAc 6DyoS2rIzQCB72FLaNrwqLSLVVw4ny779nFLSyv7D3uYMxd01bcxEreX72bHnkJW2GUKF6TpA7W tv6kOLsixivlStHoXfaZQmkUjwMlNSwBPfviqIed85pjA/x1xfqn/3nyhTdZwYaoR3LiB7TkGMS cpH7qOAM2yqQsaXQicwR6v7423gYtYkvDJ4YlxaRvgzEPRJaDEuHvo7bCp8irl90JVB3jyCvSb/ 7zVPeOIecVC/t98hgUm5XGCR9iOtWv96CuNLFEqB7TqRAYVohbrixWWWJYrHx8TzIzimOwPC24o EZ6SpSk6XEE7Yhw4FsFbzfSdN2IhrVZInQG7X40/b/G0uyydUILBzkVnvZuUuf1ZsctEm1ZDDKa 3G4nrLQ== X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--6.118500-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 78212CAB6932E19CABB5AC860EAC853F96FF849D706D4ED20183FA2C27A60A102000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrPIsWRmVeSWpSXmKPExsVyYIUtty7Xj5sJBt/OS1j8nT2ZyWLtozQH Jo9z7yczeWxeUh/AFKVrk5RYUhacmZ6nb2dTklOsUJxaUpKZl26r5OsYqQQUS6osSCwu1i0u SMzVt0vQzVjwqomx4JBBxZqXM9kaGM+odTFyckgImEi83neLvYuRi0NIYC+jxKJ7k9kgnBWM EhPfL2YEqWITMJD4+mM+E4gtIqAg0fl0OzOIzSygK3FrSgtYjbBAqMTlBfdZQGwWAVWJdy3v WUFsXgEHiVtnJ7BDbJOXeDZ9HpjNCRT/ue8zWI2QgL3EoVkrWCDqBSVOznzCAjFfQuLgixfM EDXqEjvXNLNAzLGQ2NOzggnCVpdo3DCNBeRoCYF7zBKnD08HOogDyFGQ+DzDGGbvxwszGCFs VYm1n1ewwny/4Nc1qJkREgu3dTFNYBSfheSMWUjOWMDItIpRMLciM0cvObUsUTeluEAvOT93 EyMwxg4HNXLuYPy8NP4QIxMH4yFGCQ5mJRFesaprCUK8KYmVValF+fFFpTmpxYcYk4HhM5FZ SjQ5HxjjeSXxhqbmluZGBhYW5qaGZkQIG5ibmZgDKWNzEyVx3jTBrQlCAumJJanZqakFqUUw W5g4OEGu4JISKU7NS0ktSiwtyYgHpZj4YmCSkWpgFHe1OdZ9e20p16Ofe/iTXddx8O3cpmbt 8Of4hxUBYpVdyclMj1zkN+0+0qqvFsS2fvF6abfAa/xMb4Re/vR69GnPB8kTTq6785a8zxCt MC7fudjkyWoxPYXw5rVi6Vtswyc1cvA6HFf1mH+V/YqF05LG6G/aPD8fxweeu+ux7HrLJLbm JEVZJZbijERDLeai4kQATybsFAIDAAA= X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092600_586833_D8672130 X-CRM114-Status: GOOD ( 14.37 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Cedric Izoard Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 121 +++ src/common/dpp_reconfig.c | 4 +- 2 files changed, 10 insertions(+), 1 [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Cedric Izoard Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 121 +++----------------------------------- src/common/dpp_reconfig.c | 4 +- 2 files changed, 10 insertions(+), 115 deletions(-) diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index e4f0f817b..61715afd4 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -99,21 +99,6 @@ const struct dpp_curve_params * dpp_get_curve_jwk_crv(const char *name) } -static const struct dpp_curve_params * -dpp_get_curve_oid(const ASN1_OBJECT *poid) -{ - ASN1_OBJECT *oid; - int i; - - for (i = 0; dpp_curves[i].name; i++) { - oid = OBJ_txt2obj(dpp_curves[i].name, 0); - if (oid && OBJ_cmp(poid, oid) == 0) - return &dpp_curves[i]; - } - return NULL; -} - - const struct dpp_curve_params * dpp_get_curve_nid(int nid) { int i, tmp; @@ -750,118 +735,32 @@ int dpp_bi_pubkey_hash(struct dpp_bootstrap_info *bi, int dpp_get_subject_public_key(struct dpp_bootstrap_info *bi, const u8 *data, size_t data_len) { - EVP_PKEY *pkey; - const unsigned char *p; - int res; - X509_PUBKEY *pub = NULL; - ASN1_OBJECT *ppkalg; - const unsigned char *pk; - int ppklen; - X509_ALGOR *pa; -#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ - (defined(LIBRESSL_VERSION_NUMBER) && \ - LIBRESSL_VERSION_NUMBER < 0x20800000L) - ASN1_OBJECT *pa_oid; -#else - const ASN1_OBJECT *pa_oid; -#endif - const void *pval; - int ptype; - const ASN1_OBJECT *poid; - char buf[100]; + struct crypto_ec_key *key = NULL; if (dpp_bi_pubkey_hash(bi, data, data_len) < 0) { wpa_printf(MSG_DEBUG, "DPP: Failed to hash public key"); return -1; } - /* DER encoded ASN.1 SubjectPublicKeyInfo - * - * SubjectPublicKeyInfo ::= SEQUENCE { - * algorithm AlgorithmIdentifier, - * subjectPublicKey BIT STRING } - * - * AlgorithmIdentifier ::= SEQUENCE { - * algorithm OBJECT IDENTIFIER, - * parameters ANY DEFINED BY algorithm OPTIONAL } - * - * subjectPublicKey = compressed format public key per ANSI X9.63 - * algorithm = ecPublicKey (1.2.840.10045.2.1) - * parameters = shall be present and shall be OBJECT IDENTIFIER; e.g., - * prime256v1 (1.2.840.10045.3.1.7) - */ - - p = data; - pkey = d2i_PUBKEY(NULL, &p, data_len); - - if (!pkey) { + key = crypto_ec_key_parse_pub(data, data_len); + if (!key) { wpa_printf(MSG_DEBUG, "DPP: Could not parse URI public-key SubjectPublicKeyInfo"); return -1; } - if (EVP_PKEY_type(EVP_PKEY_id(pkey)) != EVP_PKEY_EC) { - wpa_printf(MSG_DEBUG, - "DPP: SubjectPublicKeyInfo does not describe an EC key"); - EVP_PKEY_free(pkey); - return -1; - } - - res = X509_PUBKEY_set(&pub, pkey); - if (res != 1) { - wpa_printf(MSG_DEBUG, "DPP: Could not set pubkey"); - goto fail; - } - - res = X509_PUBKEY_get0_param(&ppkalg, &pk, &ppklen, &pa, pub); - if (res != 1) { - wpa_printf(MSG_DEBUG, - "DPP: Could not extract SubjectPublicKeyInfo parameters"); - goto fail; - } - res = OBJ_obj2txt(buf, sizeof(buf), ppkalg, 0); - if (res < 0 || (size_t) res >= sizeof(buf)) { - wpa_printf(MSG_DEBUG, - "DPP: Could not extract SubjectPublicKeyInfo algorithm"); - goto fail; - } - wpa_printf(MSG_DEBUG, "DPP: URI subjectPublicKey algorithm: %s", buf); - if (os_strcmp(buf, "id-ecPublicKey") != 0) { - wpa_printf(MSG_DEBUG, - "DPP: Unsupported SubjectPublicKeyInfo algorithm"); - goto fail; - } - - X509_ALGOR_get0(&pa_oid, &ptype, (void *) &pval, pa); - if (ptype != V_ASN1_OBJECT) { - wpa_printf(MSG_DEBUG, - "DPP: SubjectPublicKeyInfo parameters did not contain an OID"); - goto fail; - } - poid = pval; - res = OBJ_obj2txt(buf, sizeof(buf), poid, 0); - if (res < 0 || (size_t) res >= sizeof(buf)) { - wpa_printf(MSG_DEBUG, - "DPP: Could not extract SubjectPublicKeyInfo parameters OID"); - goto fail; - } - wpa_printf(MSG_DEBUG, "DPP: URI subjectPublicKey parameters: %s", buf); - bi->curve = dpp_get_curve_oid(poid); + bi->curve = dpp_get_curve_ike_group(crypto_ec_key_group(key)); if (!bi->curve) { wpa_printf(MSG_DEBUG, - "DPP: Unsupported SubjectPublicKeyInfo curve: %s", - buf); + "DPP: Unsupported SubjectPublicKeyInfo curve: group %d", + crypto_ec_key_group(key)); goto fail; } - wpa_hexdump(MSG_DEBUG, "DPP: URI subjectPublicKey", pk, ppklen); - - X509_PUBKEY_free(pub); - bi->pubkey = (struct crypto_ec_key *)pkey; + bi->pubkey= key; return 0; fail: - X509_PUBKEY_free(pub); - EVP_PKEY_free(pkey); + crypto_ec_key_deinit(key); return -1; } @@ -1145,13 +1044,11 @@ dpp_check_signed_connector(struct dpp_signed_connector_info *info, const u8 *csign_key, size_t csign_key_len, const u8 *peer_connector, size_t peer_connector_len) { - const unsigned char *p; struct crypto_ec_key *csign = NULL; char *signed_connector = NULL; enum dpp_status_error res = DPP_STATUS_INVALID_CONNECTOR; - p = csign_key; - csign = (struct crypto_ec_key *)d2i_PUBKEY(NULL, &p, csign_key_len); + csign = crypto_ec_key_parse_pub(csign_key, csign_key_len); if (!csign) { wpa_printf(MSG_ERROR, "DPP: Failed to parse local C-sign-key information"); diff --git a/src/common/dpp_reconfig.c b/src/common/dpp_reconfig.c index 03235d27e..b2db3e2ac 100644 --- a/src/common/dpp_reconfig.c +++ b/src/common/dpp_reconfig.c @@ -41,7 +41,6 @@ struct wpabuf * dpp_build_reconfig_announcement(const u8 *csign_key, { struct wpabuf *msg = NULL; struct crypto_ec_key *csign = NULL; - const unsigned char *p; struct wpabuf *uncomp; u8 hash[SHA256_MAC_LEN]; const u8 *addr[1]; @@ -61,8 +60,7 @@ struct wpabuf * dpp_build_reconfig_announcement(const u8 *csign_key, goto fail; } - p = csign_key; - csign = (struct crypto_ec_key *)d2i_PUBKEY(NULL, &p, csign_key_len); + csign = crypto_ec_key_parse_pub(csign_key, csign_key_len); if (!csign) { wpa_printf(MSG_ERROR, "DPP: Failed to parse local C-sign-key information"); From patchwork Mon Jun 28 16:25:27 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498051 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=yqA7Ldde; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=X/9aRdoP; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDChx2BJ3z9sV8 for ; Tue, 29 Jun 2021 02:28:33 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=9YALzPz2apwa40t7HaRkNd4gl11jLdsH9jkyXNLpykw=; b=yqA7Lddee/DhD8 hYXRkde6z0KJMJYZIi61iPBUrsqddNR59Q+8rAlYOANVm0uONDk/gwyCp2VTg5BG49506uY+fleaw NN6TExzwxFeflEiqdEG4AWMwex5zDlC+59k8/SsVRu6h4sa75B1p1aQxwWcQPeWQgc1z8q3DophuX l2DdpzTz1uhiC49nCSyB91zcm0eFAn3yVIRowgkA9BdLljaDllKR/Qe3F1grD3Yv6d5q29/y2b/Ue +pJBOzal95992UY2SRqejOHf8Pyv6lPrQBfnGdW90D2L1JfjUx/kDRbUfrhQrPB0AGnAkeGy/dSbD b7SkPGrtAE0spglTUg4w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu6k-008bIn-6R; Mon, 28 Jun 2021 16:27:38 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu59-008agH-DB for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:01 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897546; x=1627489546; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=JgT8qmDPd8POBvKuQdOIdJZYNbFlWAQ5VBlatVRIy+Q=; b=X/9aRdoPhQxwa2xBZAOyhNLCjH5Vc//MYiO79eq05jus+x7RJ+xnyNC+0fADaHXW P3gq2Yt0U9XX3oYHADzSZsxCxZ5UA7xkINokp6Qz1Y52bZBlPY4HVDbjBvWkQznD 23I4jlX3uf4Cn0yFztetKxZ62zl4XVqzIUVanaDbzbQ=; X-AuditID: c3528109-8b7e670000004490-63-60d9f80a198a Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 85.2B.17552.A08F9D06; Mon, 28 Jun 2021 19:25:46 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:46 +0300 From: Cedric Izoard To: Subject: [PATCH 10/21] dpp: use crypto_ec_key_parse_priv when possible Date: Mon, 28 Jun 2021 18:25:27 +0200 Message-ID: <20210628162538.21067-11-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-5.273300-4.000000-10 X-TMASE-MatchedRID: dPqivNr7poruxgR/rG7zeAXGi/7cli9jdRTwehxn/5Vh1WqXJbCH3HIo zGa69omdrdoLblq9S5pl7+q0nnl7b/NeiPBzLCvM4jRkIImnX0NTjLzGPGnGFo9VDgDo4aWRP/M iS9ShKx1CyY87S/LLM7RrDg9z/95doqIp1AUZB5rZ6YAcwSZz71/d6ediod7Y/m72980w3Ob7EK agGSXKHn0tCKdnhB589yM15V5aWpj6C0ePs7A07SAJgyd9wrc8KLHF1OQcAsAlI51AXAMtCbeha idQlBeRN3oq7+ChmIdnGFZd0xeNMg== X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--5.273300-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 510D15CB6D357326F5B261D6D9394189BA90449EB1860C4A1838C0AB324211282000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrBIsWRmVeSWpSXmKPExsVyYIUtty7Xj5sJBuseWVisfZTmwOixeUl9 AGOUrk1SYklZcGZ6nr6dTUlOsUJxaklJZl66rZKvY6QSUCypsiCxuFi3uCAxV98uQTdj9vzt bAXPFSoWnTzH0sD4XaqLkZNDQsBE4sqNfvYuRi4OIYG9jBKHv/UwQjgrGCUeb5/HBFLFJmAg 8fXHfDBbREBBovPpdmYQW1jATWLmmglgcRYBVYlPLdeA4hwcvAIOEt0/bSEWyEs8mz6PHcTm BAr/3PeZFcQWErCXODRrBQuIzSsgKHFy5hMwm1lAQuLgixfMEDXqEjvXNLNAzLGQ2NOzggnC VpeYdWQL2J0SAjeYJP6vf8IKslcC6LbPM4xh9n68MIMRwlaVaP93lhXm4QW/rkHNjJBY2zGb aQKj2CwkZ8xCcsYCRqZVjIK5FZk5esmpZYm6KcUFesn5uZsYgVFzOKiRcwfj56XxhxiZOBgP MUpwMCuJ8IpVXUsQ4k1JrKxKLcqPLyrNSS0+xJgMDJ6JzFKiyfnAqM0riTc0Nbc0NzKwsDA3 NTQjQtjA3MzEHEgZm5soifOmCW5NEBJITyxJzU5NLUgtgtnCxMEJcgWXlEhxal5KalFiaUlG PCiRxBcDU4lUA2MoR71u1DsZk+VZbzdNTtw9z3jz9vs9s/YJn7sx98LU5BOrIx8omxdKS0lX OXjd/XtoJ9eCpezenDKKdw7MYNl/nf3Km4xo+WqGtcHF5dnqvJ1V95fbPvMQ2mGqFNh/+LDj mcY/t6vy+1QNDQwu/XlXtMt41pnVRjFvfrb+kd1U8CK/PKItLFCJpTgj0VCLuag4EQA3It2B 6wIAAA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092559_696698_50237B11 X-CRM114-Status: GOOD ( 11.91 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Function crypto_ec_key_parse_priv already parse ASN.1 ECPrivateKey so use it when possible. Signed-off-by: Cedric Izoard --- src/common/dpp_backup.c | 27 ++++ src/common/dpp_crypto.c | 44 ++++++++++++++ 2 files chan [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Function crypto_ec_key_parse_priv already parse ASN.1 ECPrivateKey so use it when possible. Signed-off-by: Cedric Izoard --- src/common/dpp_backup.c | 27 ++++--------------------- src/common/dpp_crypto.c | 44 ++++++++++++++--------------------------- 2 files changed, 19 insertions(+), 52 deletions(-) diff --git a/src/common/dpp_backup.c b/src/common/dpp_backup.c index 65fe12afc..0d2dd8a78 100644 --- a/src/common/dpp_backup.c +++ b/src/common/dpp_backup.c @@ -7,8 +7,6 @@ */ #include "utils/includes.h" -#include -#include #include "utils/common.h" #include "crypto/aes.h" @@ -866,7 +864,6 @@ dpp_parse_one_asymmetric_key(const u8 *buf, size_t len) struct asn1_oid oid; char txt[80]; struct dpp_asymmetric_key *key; - EC_KEY *eckey; wpa_hexdump_key(MSG_MSGDUMP, "DPP: OneAsymmetricKey", buf, len); @@ -941,16 +938,8 @@ dpp_parse_one_asymmetric_key(const u8 *buf, size_t len) wpa_hexdump_key(MSG_MSGDUMP, "DPP: PrivateKey", hdr.payload, hdr.length); pos = hdr.payload + hdr.length; - eckey = d2i_ECPrivateKey(NULL, &hdr.payload, hdr.length); - if (!eckey) { - wpa_printf(MSG_INFO, - "DPP: OpenSSL: d2i_ECPrivateKey() failed: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } - key->csign = (struct crypto_ec_key *)EVP_PKEY_new(); - if (!key->csign || EVP_PKEY_assign_EC_KEY((EVP_PKEY *)key->csign, eckey) != 1) { - EC_KEY_free(eckey); + key->csign = crypto_ec_key_parse_priv(hdr.payload, hdr.length); + if (!key->csign) { goto fail; } if (wpa_debug_show_keys) @@ -1062,16 +1051,8 @@ dpp_parse_one_asymmetric_key(const u8 *buf, size_t len) wpa_hexdump_key(MSG_MSGDUMP, "DPP: privacyProtectionKey", hdr.payload, hdr.length); pos = hdr.payload + hdr.length; - eckey = d2i_ECPrivateKey(NULL, &hdr.payload, hdr.length); - if (!eckey) { - wpa_printf(MSG_INFO, - "DPP: OpenSSL: d2i_ECPrivateKey() failed: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } - key->pp_key = (struct crypto_ec_key *)EVP_PKEY_new(); - if (!key->pp_key || EVP_PKEY_assign_EC_KEY((EVP_PKEY *)key->pp_key, eckey) != 1) { - EC_KEY_free(eckey); + key->pp_key = crypto_ec_key_parse_priv(hdr.payload, hdr.length); + if (!key->pp_key) { goto fail; } if (wpa_debug_show_keys) diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 61715afd4..2e4a9a27a 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -393,45 +393,31 @@ struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve) struct crypto_ec_key * dpp_set_keypair(const struct dpp_curve_params **curve, const u8 *privkey, size_t privkey_len) { - EVP_PKEY *pkey; - EC_KEY *eckey; - const EC_GROUP *group; - int nid; + struct crypto_ec_key *key; + int group; - pkey = EVP_PKEY_new(); - if (!pkey) - return NULL; - eckey = d2i_ECPrivateKey(NULL, &privkey, privkey_len); - if (!eckey) { - wpa_printf(MSG_INFO, - "DPP: OpenSSL: d2i_ECPrivateKey() failed: %s", - ERR_error_string(ERR_get_error(), NULL)); - EVP_PKEY_free(pkey); + key = crypto_ec_key_parse_priv(privkey, privkey_len); + if (!key) { + wpa_printf(MSG_INFO, "DPP: Failed to parse private key"); return NULL; } - group = EC_KEY_get0_group(eckey); - if (!group) { - EC_KEY_free(eckey); - EVP_PKEY_free(pkey); + + group = crypto_ec_key_group(key); + if (group < 0) { + crypto_ec_key_deinit(key); return NULL; } - nid = EC_GROUP_get_curve_name(group); - *curve = dpp_get_curve_nid(nid); + + *curve = dpp_get_curve_ike_group(group); if (!*curve) { wpa_printf(MSG_INFO, - "DPP: Unsupported curve (nid=%d) in pre-assigned key", - nid); - EC_KEY_free(eckey); - EVP_PKEY_free(pkey); + "DPP: Unsupported curve (group=%d) in pre-assigned key", + group); + crypto_ec_key_deinit(key); return NULL; } - if (EVP_PKEY_assign_EC_KEY(pkey, eckey) != 1) { - EC_KEY_free(eckey); - EVP_PKEY_free(pkey); - return NULL; - } - return (struct crypto_ec_key *)pkey; + return key; } From patchwork Mon Jun 28 16:25:28 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498060 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=I0dQB6GX; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=FFQ4MB2N; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCns6yR1z9sVp for ; Tue, 29 Jun 2021 02:32:49 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=XhYQKWLv3RBVbmuOV3i1Nhq1JxJDGDOWD8LsJWkMrvg=; b=I0dQB6GXFGGiUI POjMF/eTW4A0xE2uqJhptDipWNZ/51zBKhJxyYS2l8jhenbE1Txb0Bf5GU6VBEL/ZMI63DtH1ABhv Ek121J1TSdTn0MT2C56u8x6mOeXeyUieaeey/RjS/4As8PWmZQXZthUbmxuJPK+DjLEjG++F0pLzw aQ3wBYgBuenTz34faOWvEh3CmY+dxD9+nsxcET2cZOtz4GbTymJdVbV6nty8Sz1eM7fPwPOh0o2ul /KswmYw4RwNIQ2W8/m9kzguOXX7Wu/e0F4sSdtPIelu4sRrj1m1YMDDkreawugFuibOAYC/8+WnfN kxb8+ADrf7CXAw2UqQXg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu9u-008cMi-Co; Mon, 28 Jun 2021 16:30:54 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5A-008aiT-IF for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:05 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897547; x=1627489547; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=ZuUyhl3fm0uxhNn/jBPdh/qgbbNGkFPJYio82XPYjIU=; b=FFQ4MB2Nfd/1JOekyXuMz7j3hURgwYj73xyvZJ5jadBmxFB67SlFSqVYMxnXZyAz /c/vrCvLMaA2nRHODU1x1KUjH6nJJsxqjjV9kld8A2k1BwHLdNNQpXjSouokwYZC ERLJy7U+yH0vvLmVbEH35q4LsV4vPX5y8szPTTM9M/U=; X-AuditID: c3528109-88be570000004490-64-60d9f80b32fc Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id B5.2B.17552.B08F9D06; Mon, 28 Jun 2021 19:25:47 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:46 +0300 From: Cedric Izoard To: Subject: [PATCH 11/21] dpp: Update pkex part to use crypto.h API Date: Mon, 28 Jun 2021 18:25:28 +0200 Message-ID: <20210628162538.21067-12-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-12.824800-4.000000-10 X-TMASE-MatchedRID: Us3rGoNkxxmeSiDxtQORDTCIlN/eSPB9f+4lU17XTFWynk7TnYzMumhy GRgeI0RKdUBtiL0oIqwkjRLxbCFN/ZMKhvRh/ZfePwKTD1v8YV5MkOX0UoduuVVkJxysad/IjjV iLDq9lCAZMQqDjEcqqjcte5jQFMhHuIonElFF+KEM6z3iDvziB36NJZ3HRhRTbCKZjxDq/RXiuX 4UcbdWgJq7+DtMdYiV++td0HK0HZuvxJaYc6X9S836paW7ZnFout5j4wbGaCaQc9WQFO7fU9kbO AB6uodZicrbqklGln6Pza4qc00d6h7GIvj+BE01AD5jSg1rFtAzTATDGmcD/pu6++Cllkj5y/5G 4eN9cZwglwt9l5S6DyyiWj+fjuL0Pm266LLX//pH+PTjR9EWkhNxIBdPjFbgSl0BJ5ltAEWPbM1 2A0P5Rs10IusBGovxfk1WNGhf1uqLWeA5R66QA2pUakD4RzE+FW7LlhOHf7fphZM6u9AupZ4CIK Y/Hg3AcmfM3DjaQLHEQdG7H66TyF82MXkEdQ77rgkUiM0VCsyTfWNgARnHwO/skJhZ7g/c62LY+ 1j8GmWFWmQI7uOV3g== X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--12.824800-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: DE953567E102A283437B57EB88388D1C00F4823DAF7C8C702EB12389167766642000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrAIsWRmVeSWpSXmKPExsVyYIUtty73j5sJBvPXq1msfZTmwOixeUl9 AGOUrk1SYklZcGZ6nr6dTUlOsUJxaklJZl66rZKvY6QSUCypsiCxuFi3uCAxV98uQTdjxal3 TAVNBxgrVrz4wNjAeGIWYxcjJ4eEgInEjo4vzF2MXBxCAnsZJZ6v+80G4axglHi8fR4TSBWb gIHE1x/zwWwRAQWJzqfbgTo4OIQFHCQ29QSBhFkEVCUuPLjMBmLzAoVnvH3EBLFAXuLZ9Hns IDYnUPznvs+sILaQgL3EoVkrWCDqBSVOznwCZjMLaEq0bv/NDmHLSzRvnc0MUa8usXNNMwvE TAuJPT0roOZrSHzbu48Nwm5hlZi1UgvkNAmgMz/PMIY54eOFGVD/qkl8vgdxAsjvC35dY4Eo j5C4fKlyAqP4LCQHzUJy0CwkBy1gZF7FKJhbkZmjl5xalqibUlygl5yfu4kRGGWHgxo5dzB+ Xhp/iJGJg/EQowQHs5IIr1jVtQQh3pTEyqrUovz4otKc1OJDjMnAUJvILCWanA+M8rySeENT c0tzIwMLC3NTQzMihA3MzUzMgZSxuYmSOG+a4NYEIYH0xJLU7NTUgtQimC1MHJwgV3BJiRSn 5qWkFiWWlmTEgxJPfDEw9Ug1ME7NCGQ4qTHbL+z87e1ZB0xfN4R8K094VpI39YF11C+z8u+G njHMp3oV1+RoOF98w8V6fvGpM5pGgbMDr12dyiKwaZbhR4MDdqnvLmx8PGGyWNe8zx0vDmy/ s9t6D9tr8w2fnq95plh/eZLoj8jcRaLXFN2LBApDtRy57a5KxszUv7TI+fjR5t1KLMUZiYZa zEXFiQBo1d3yAwMAAA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092601_094728_FAE9AFA7 X-CRM114-Status: GOOD ( 16.96 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Rewrite EC point/bignum computation done in PKEX protocol using EC point/bignum primitives already defined in crypto.h Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 137 +++++++++ src/common/dpp_i.h | 16 +-- src/common/dpp_pkex.c | 252 ++++++++++++++ [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Rewrite EC point/bignum computation done in PKEX protocol using EC point/bignum primitives already defined in crypto.h Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 137 +++++++++----------- src/common/dpp_i.h | 16 +-- src/common/dpp_pkex.c | 252 ++++++++++++++---------------------- src/crypto/crypto.h | 24 ++++ src/crypto/crypto_openssl.c | 49 +++++++ 5 files changed, 236 insertions(+), 242 deletions(-) diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 2e4a9a27a..c1dffdb6f 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -1656,22 +1656,20 @@ static struct crypto_ec_key * dpp_pkex_get_role_elem(const struct dpp_curve_para } -EC_POINT * dpp_pkex_derive_Qi(const struct dpp_curve_params *curve, - const u8 *mac_init, const char *code, - const char *identifier, BN_CTX *bnctx, - EC_GROUP **ret_group) +struct crypto_ec_point * dpp_pkex_derive_Qi(const struct dpp_curve_params *curve, + const u8 *mac_init, const char *code, + const char *identifier, + struct crypto_ec **ret_ec) { u8 hash[DPP_MAX_HASH_LEN]; const u8 *addr[3]; size_t len[3]; unsigned int num_elem = 0; - EC_POINT *Qi = NULL; - struct crypto_ec_key *Pi = NULL; - const EC_KEY *Pi_ec; - const EC_POINT *Pi_point; - BIGNUM *hash_bn = NULL; - const EC_GROUP *group = NULL; - EC_GROUP *group2 = NULL; + struct crypto_ec_point *Qi = NULL; + struct crypto_ec_key *Pi_key = NULL; + const struct crypto_ec_point *Pi = NULL; + struct crypto_bignum *hash_bn = NULL; + struct crypto_ec *ec = NULL; /* Qi = H(MAC-Initiator | [identifier |] code) * Pi */ @@ -1695,66 +1693,58 @@ EC_POINT * dpp_pkex_derive_Qi(const struct dpp_curve_params *curve, wpa_hexdump_key(MSG_DEBUG, "DPP: H(MAC-Initiator | [identifier |] code)", hash, curve->hash_len); - Pi = dpp_pkex_get_role_elem(curve, 1); - if (!Pi) + Pi_key = dpp_pkex_get_role_elem(curve, 1); + if (!Pi_key) goto fail; - dpp_debug_print_key("DPP: Pi", Pi); - Pi_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)Pi); - if (!Pi_ec) - goto fail; - Pi_point = EC_KEY_get0_public_key(Pi_ec); + dpp_debug_print_key("DPP: Pi", Pi_key); - group = EC_KEY_get0_group(Pi_ec); - if (!group) + ec = crypto_ec_init(curve->ike_group); + if (!ec) goto fail; - group2 = EC_GROUP_dup(group); - if (!group2) - goto fail; - Qi = EC_POINT_new(group2); - if (!Qi) { - EC_GROUP_free(group2); + + Pi = crypto_ec_key_get_public_key(Pi_key); + Qi = crypto_ec_point_init(ec); + hash_bn = crypto_bignum_init_set(hash, curve->hash_len); + if (!Pi || !Qi || !hash_bn) goto fail; - } - hash_bn = BN_bin2bn(hash, curve->hash_len, NULL); - if (!hash_bn || - EC_POINT_mul(group2, Qi, NULL, Pi_point, hash_bn, bnctx) != 1) + + if (crypto_ec_point_mul(ec, Pi, hash_bn, Qi)) goto fail; - if (EC_POINT_is_at_infinity(group, Qi)) { + + if (crypto_ec_point_is_at_infinity(ec, Qi)) { wpa_printf(MSG_INFO, "DPP: Qi is the point-at-infinity"); goto fail; } - dpp_debug_print_point("DPP: Qi", group, Qi); + crypto_ec_point_debug_print(ec, Qi, "DPP: Qi"); out: - crypto_ec_key_deinit(Pi); - BN_clear_free(hash_bn); - if (ret_group && Qi) - *ret_group = group2; + crypto_ec_key_deinit(Pi_key); + crypto_bignum_deinit(hash_bn, 1); + if (ret_ec && Qi) + *ret_ec = ec; else - EC_GROUP_free(group2); + crypto_ec_deinit(ec); return Qi; fail: - EC_POINT_free(Qi); + crypto_ec_point_deinit(Qi, 1); Qi = NULL; goto out; } -EC_POINT * dpp_pkex_derive_Qr(const struct dpp_curve_params *curve, - const u8 *mac_resp, const char *code, - const char *identifier, BN_CTX *bnctx, - EC_GROUP **ret_group) +struct crypto_ec_point * dpp_pkex_derive_Qr(const struct dpp_curve_params *curve, + const u8 *mac_resp, const char *code, + const char *identifier, + struct crypto_ec **ret_ec) { u8 hash[DPP_MAX_HASH_LEN]; const u8 *addr[3]; size_t len[3]; unsigned int num_elem = 0; - EC_POINT *Qr = NULL; - struct crypto_ec_key *Pr = NULL; - const EC_KEY *Pr_ec; - const EC_POINT *Pr_point; - BIGNUM *hash_bn = NULL; - const EC_GROUP *group = NULL; - EC_GROUP *group2 = NULL; + struct crypto_ec_point *Qr = NULL; + struct crypto_ec_key *Pr_key = NULL; + const struct crypto_ec_point *Pr = NULL; + struct crypto_bignum *hash_bn = NULL; + struct crypto_ec *ec = NULL; /* Qr = H(MAC-Responder | | [identifier | ] code) * Pr */ @@ -1778,45 +1768,40 @@ EC_POINT * dpp_pkex_derive_Qr(const struct dpp_curve_params *curve, wpa_hexdump_key(MSG_DEBUG, "DPP: H(MAC-Responder | [identifier |] code)", hash, curve->hash_len); - Pr = dpp_pkex_get_role_elem(curve, 0); - if (!Pr) - goto fail; - dpp_debug_print_key("DPP: Pr", Pr); - Pr_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)Pr); - if (!Pr_ec) + Pr_key = dpp_pkex_get_role_elem(curve, 0); + if (!Pr_key) goto fail; - Pr_point = EC_KEY_get0_public_key(Pr_ec); + dpp_debug_print_key("DPP: Pr", Pr_key); - group = EC_KEY_get0_group(Pr_ec); - if (!group) - goto fail; - group2 = EC_GROUP_dup(group); - if (!group2) + ec = crypto_ec_init(curve->ike_group); + if (!ec) goto fail; - Qr = EC_POINT_new(group2); - if (!Qr) { - EC_GROUP_free(group2); + + Pr = crypto_ec_key_get_public_key(Pr_key); + Qr = crypto_ec_point_init(ec); + hash_bn = crypto_bignum_init_set(hash, curve->hash_len); + if (!Pr || !Qr || !hash_bn) goto fail; - } - hash_bn = BN_bin2bn(hash, curve->hash_len, NULL); - if (!hash_bn || - EC_POINT_mul(group2, Qr, NULL, Pr_point, hash_bn, bnctx) != 1) + + if (crypto_ec_point_mul(ec, Pr, hash_bn, Qr)) goto fail; - if (EC_POINT_is_at_infinity(group, Qr)) { + + if (crypto_ec_point_is_at_infinity(ec, Qr)) { wpa_printf(MSG_INFO, "DPP: Qr is the point-at-infinity"); goto fail; } - dpp_debug_print_point("DPP: Qr", group, Qr); + crypto_ec_point_debug_print(ec, Qr, "DPP: Qr"); + out: - crypto_ec_key_deinit(Pr); - BN_clear_free(hash_bn); - if (ret_group && Qr) - *ret_group = group2; + crypto_ec_key_deinit(Pr_key); + crypto_bignum_deinit(hash_bn, 1); + if (ret_ec && Qr) + *ret_ec = ec; else - EC_GROUP_free(group2); + crypto_ec_deinit(ec); return Qr; fail: - EC_POINT_free(Qr); + crypto_ec_point_deinit(Qr, 1); Qr = NULL; goto out; } diff --git a/src/common/dpp_i.h b/src/common/dpp_i.h index 06560a3d5..4686fb02b 100644 --- a/src/common/dpp_i.h +++ b/src/common/dpp_i.h @@ -109,14 +109,14 @@ int dpp_auth_derive_l_initiator(struct dpp_authentication *auth); int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk, unsigned int hash_len); int dpp_derive_pmkid(const struct dpp_curve_params *curve, struct crypto_ec_key *own_key, struct crypto_ec_key *peer_key, u8 *pmkid); -EC_POINT * dpp_pkex_derive_Qi(const struct dpp_curve_params *curve, - const u8 *mac_init, const char *code, - const char *identifier, BN_CTX *bnctx, - EC_GROUP **ret_group); -EC_POINT * dpp_pkex_derive_Qr(const struct dpp_curve_params *curve, - const u8 *mac_resp, const char *code, - const char *identifier, BN_CTX *bnctx, - EC_GROUP **ret_group); +struct crypto_ec_point * dpp_pkex_derive_Qi(const struct dpp_curve_params *curve, + const u8 *mac_init, const char *code, + const char *identifier, + struct crypto_ec **ret_ec); +struct crypto_ec_point * dpp_pkex_derive_Qr(const struct dpp_curve_params *curve, + const u8 *mac_resp, const char *code, + const char *identifier, + struct crypto_ec **ret_ec); int dpp_pkex_derive_z(const u8 *mac_init, const u8 *mac_resp, const u8 *Mx, size_t Mx_len, const u8 *Nx, size_t Nx_len, diff --git a/src/common/dpp_pkex.c b/src/common/dpp_pkex.c index 24f7536a8..c6bfafaae 100644 --- a/src/common/dpp_pkex.c +++ b/src/common/dpp_pkex.c @@ -8,8 +8,6 @@ */ #include "utils/includes.h" -#include -#include #include "utils/common.h" #include "common/wpa_ctrl.h" @@ -27,30 +25,13 @@ u8 dpp_pkex_ephemeral_key_override[600]; size_t dpp_pkex_ephemeral_key_override_len = 0; #endif /* CONFIG_TESTING_OPTIONS */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ - (defined(LIBRESSL_VERSION_NUMBER) && \ - LIBRESSL_VERSION_NUMBER < 0x20700000L) -/* Compatibility wrappers for older versions. */ - -static EC_KEY * EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) -{ - if (pkey->type != EVP_PKEY_EC) - return NULL; - return pkey->pkey.ec; -} - -#endif - static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex) { - const EC_KEY *X_ec; - const EC_POINT *X_point; - BN_CTX *bnctx = NULL; - EC_GROUP *group = NULL; - EC_POINT *Qi = NULL, *M = NULL; - struct wpabuf *M_buf = NULL; - BIGNUM *Mx = NULL, *My = NULL; + struct crypto_ec *ec = NULL; + const struct crypto_ec_point *X = NULL; + struct crypto_ec_point *Qi = NULL, *M = NULL; + u8 *Mx, *My; struct wpabuf *msg = NULL; size_t attr_len; const struct dpp_curve_params *curve = pkex->own_bi->curve; @@ -58,11 +39,8 @@ static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex) wpa_printf(MSG_DEBUG, "DPP: Build PKEX Exchange Request"); /* Qi = H(MAC-Initiator | [identifier |] code) * Pi */ - bnctx = BN_CTX_new(); - if (!bnctx) - goto fail; Qi = dpp_pkex_derive_Qi(curve, pkex->own_mac, pkex->code, - pkex->identifier, bnctx, &group); + pkex->identifier, &ec); if (!Qi) goto fail; @@ -86,21 +64,15 @@ static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex) goto fail; /* M = X + Qi */ - X_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)pkex->x); - if (!X_ec) + X = crypto_ec_key_get_public_key(pkex->x); + M = crypto_ec_point_init(ec); + if (!X || !M) goto fail; - X_point = EC_KEY_get0_public_key(X_ec); - if (!X_point) - goto fail; - dpp_debug_print_point("DPP: X", group, X_point); - M = EC_POINT_new(group); - Mx = BN_new(); - My = BN_new(); - if (!M || !Mx || !My || - EC_POINT_add(group, M, X_point, Qi, bnctx) != 1 || - EC_POINT_get_affine_coordinates_GFp(group, M, Mx, My, bnctx) != 1) + crypto_ec_point_debug_print(ec, X, "DPP: X"); + + if (crypto_ec_point_add(ec, X, Qi, M)) goto fail; - dpp_debug_print_point("DPP: M", group, M); + crypto_ec_point_debug_print(ec, M, "DPP: M"); /* Initiator -> Responder: group, [identifier,] M */ attr_len = 4 + 2; @@ -154,21 +126,17 @@ skip_finite_cyclic_group: } #endif /* CONFIG_TESTING_OPTIONS */ - if (dpp_bn2bin_pad(Mx, wpabuf_put(msg, curve->prime_len), - curve->prime_len) < 0 || - dpp_bn2bin_pad(Mx, pkex->Mx, curve->prime_len) < 0 || - dpp_bn2bin_pad(My, wpabuf_put(msg, curve->prime_len), - curve->prime_len) < 0) + Mx = wpabuf_put(msg, curve->prime_len); + My = wpabuf_put(msg, curve->prime_len); + if (crypto_ec_point_to_bin(ec, M, Mx, My)) goto fail; + os_memcpy(pkex->Mx, Mx, curve->prime_len); + out: - wpabuf_free(M_buf); - EC_POINT_free(M); - EC_POINT_free(Qi); - BN_clear_free(Mx); - BN_clear_free(My); - BN_CTX_free(bnctx); - EC_GROUP_free(group); + crypto_ec_point_deinit(M, 1); + crypto_ec_point_deinit(Qi, 1); + crypto_ec_deinit(ec); return msg; fail: wpa_printf(MSG_INFO, "DPP: Failed to build PKEX Exchange Request"); @@ -227,7 +195,7 @@ fail: static struct wpabuf * dpp_pkex_build_exchange_resp(struct dpp_pkex *pkex, enum dpp_status_error status, - const BIGNUM *Nx, const BIGNUM *Ny) + const u8 *Nx, const u8 *Ny) { struct wpabuf *msg = NULL; size_t attr_len; @@ -291,12 +259,9 @@ skip_status: } #endif /* CONFIG_TESTING_OPTIONS */ - if (dpp_bn2bin_pad(Nx, wpabuf_put(msg, curve->prime_len), - curve->prime_len) < 0 || - dpp_bn2bin_pad(Nx, pkex->Nx, curve->prime_len) < 0 || - dpp_bn2bin_pad(Ny, wpabuf_put(msg, curve->prime_len), - curve->prime_len) < 0) - goto fail; + os_memcpy(wpabuf_put(msg, curve->prime_len), Nx, curve->prime_len); + os_memcpy(wpabuf_put(msg, curve->prime_len), Ny, curve->prime_len); + os_memcpy(pkex->Nx, Nx, curve->prime_len); skip_encrypted_key: if (status == DPP_STATUS_BAD_GROUP) { @@ -352,14 +317,10 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, const struct dpp_curve_params *curve = bi->curve; u16 ike_group; struct dpp_pkex *pkex = NULL; - EC_POINT *Qi = NULL, *Qr = NULL, *M = NULL, *X = NULL, *N = NULL; - BN_CTX *bnctx = NULL; - EC_GROUP *group = NULL; - BIGNUM *Mx = NULL, *My = NULL; - const EC_KEY *Y_ec; - EC_KEY *X_ec = NULL; - const EC_POINT *Y_point; - BIGNUM *Nx = NULL, *Ny = NULL; + struct crypto_ec_point *Qi = NULL, *Qr = NULL, *M = NULL, *X = NULL, *N = NULL; + struct crypto_ec *ec = NULL; + const struct crypto_ec_point *Y = NULL; + u8 *x_coord = NULL, *y_coord = NULL; u8 Kx[DPP_MAX_SHARED_SECRET_LEN]; size_t Kx_len; int res; @@ -424,34 +385,27 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, } /* Qi = H(MAC-Initiator | [identifier |] code) * Pi */ - bnctx = BN_CTX_new(); - if (!bnctx) - goto fail; - Qi = dpp_pkex_derive_Qi(curve, peer_mac, code, identifier, bnctx, - &group); + Qi = dpp_pkex_derive_Qi(curve, peer_mac, code, identifier, &ec); if (!Qi) goto fail; /* X' = M - Qi */ - X = EC_POINT_new(group); - M = EC_POINT_new(group); - Mx = BN_bin2bn(attr_key, attr_key_len / 2, NULL); - My = BN_bin2bn(attr_key + attr_key_len / 2, attr_key_len / 2, NULL); - if (!X || !M || !Mx || !My || - EC_POINT_set_affine_coordinates_GFp(group, M, Mx, My, bnctx) != 1 || - EC_POINT_is_at_infinity(group, M) || - !EC_POINT_is_on_curve(group, M, bnctx) || - EC_POINT_invert(group, Qi, bnctx) != 1 || - EC_POINT_add(group, X, M, Qi, bnctx) != 1 || - EC_POINT_is_at_infinity(group, X) || - !EC_POINT_is_on_curve(group, X, bnctx)) { + X = crypto_ec_point_init(ec); + M = crypto_ec_point_from_bin(ec, attr_key); + if (!X || !M || + crypto_ec_point_is_at_infinity(ec, M) || + !crypto_ec_point_is_on_curve(ec, M) || + crypto_ec_point_invert(ec, Qi) || + crypto_ec_point_add(ec, M, Qi, X) || + crypto_ec_point_is_at_infinity(ec, X) || + !crypto_ec_point_is_on_curve(ec, X)) { wpa_msg(msg_ctx, MSG_INFO, DPP_EVENT_FAIL "Invalid Encrypted Key value"); bi->pkex_t++; goto fail; } - dpp_debug_print_point("DPP: M", group, M); - dpp_debug_print_point("DPP: X'", group, X); + crypto_ec_point_debug_print(ec, M, "DPP: M"); + crypto_ec_point_debug_print(ec, X, "DPP: X'"); pkex = os_zalloc(sizeof(*pkex)); if (!pkex) @@ -472,18 +426,19 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, os_memcpy(pkex->Mx, attr_key, attr_key_len / 2); - X_ec = EC_KEY_new(); - if (!X_ec || - EC_KEY_set_group(X_ec, group) != 1 || - EC_KEY_set_public_key(X_ec, X) != 1) + x_coord = os_malloc(curve->prime_len); + y_coord = os_malloc(curve->prime_len); + if (!x_coord || !y_coord || + crypto_ec_point_to_bin(ec, X, x_coord, y_coord)) goto fail; - pkex->x = (struct crypto_ec_key *)EVP_PKEY_new(); - if (!pkex->x || - EVP_PKEY_set1_EC_KEY((EVP_PKEY *)pkex->x, X_ec) != 1) + + pkex->x = crypto_ec_key_set_pub(curve->ike_group, x_coord, + y_coord, crypto_ec_prime_len(ec)); + if (!pkex->x) goto fail; /* Qr = H(MAC-Responder | | [identifier | ] code) * Pr */ - Qr = dpp_pkex_derive_Qr(curve, own_mac, code, identifier, bnctx, NULL); + Qr = dpp_pkex_derive_Qr(curve, own_mac, code, identifier, NULL); if (!Qr) goto fail; @@ -507,24 +462,20 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, goto fail; /* N = Y + Qr */ - Y_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)pkex->y); - if (!Y_ec) + Y = crypto_ec_key_get_public_key(pkex->y); + if (!Y) goto fail; - Y_point = EC_KEY_get0_public_key(Y_ec); - if (!Y_point) - goto fail; - dpp_debug_print_point("DPP: Y", group, Y_point); - N = EC_POINT_new(group); - Nx = BN_new(); - Ny = BN_new(); - if (!N || !Nx || !Ny || - EC_POINT_add(group, N, Y_point, Qr, bnctx) != 1 || - EC_POINT_get_affine_coordinates_GFp(group, N, Nx, Ny, bnctx) != 1) + crypto_ec_point_debug_print(ec, Y, "DPP: Y"); + + N = crypto_ec_point_init(ec); + if (!N || + crypto_ec_point_add(ec, Y, Qr, N) || + crypto_ec_point_to_bin(ec, N, x_coord, y_coord)) goto fail; - dpp_debug_print_point("DPP: N", group, N); + crypto_ec_point_debug_print(ec, N, "DPP: N"); pkex->exchange_resp = dpp_pkex_build_exchange_resp(pkex, DPP_STATUS_OK, - Nx, Ny); + x_coord, y_coord); if (!pkex->exchange_resp) goto fail; @@ -548,18 +499,14 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(void *msg_ctx, pkex->exchange_done = 1; out: - BN_CTX_free(bnctx); - EC_POINT_free(Qi); - EC_POINT_free(Qr); - BN_free(Mx); - BN_free(My); - BN_free(Nx); - BN_free(Ny); - EC_POINT_free(M); - EC_POINT_free(N); - EC_POINT_free(X); - EC_KEY_free(X_ec); - EC_GROUP_free(group); + os_free(x_coord); + os_free(y_coord); + crypto_ec_point_deinit(Qi, 1); + crypto_ec_point_deinit(Qr, 1); + crypto_ec_point_deinit(M, 1); + crypto_ec_point_deinit(N, 1); + crypto_ec_point_deinit(X, 1); + crypto_ec_deinit(ec); return pkex; fail: wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Request processing failed"); @@ -688,13 +635,11 @@ struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex, { const u8 *attr_status, *attr_id, *attr_key, *attr_group; u16 attr_status_len, attr_id_len, attr_key_len, attr_group_len; - EC_GROUP *group = NULL; - BN_CTX *bnctx = NULL; + struct crypto_ec *ec = NULL; struct wpabuf *msg = NULL, *A_pub = NULL, *X_pub = NULL, *Y_pub = NULL; const struct dpp_curve_params *curve = pkex->own_bi->curve; - EC_POINT *Qr = NULL, *Y = NULL, *N = NULL; - BIGNUM *Nx = NULL, *Ny = NULL; - EC_KEY *Y_ec = NULL; + struct crypto_ec_point *Qr = NULL, *Y = NULL, *N = NULL; + u8 *x_coord = NULL, *y_coord = NULL; size_t Jx_len, Kx_len; u8 Jx[DPP_MAX_SHARED_SECRET_LEN], Kx[DPP_MAX_SHARED_SECRET_LEN]; const u8 *addr[4]; @@ -765,45 +710,38 @@ struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex, } /* Qr = H(MAC-Responder | [identifier |] code) * Pr */ - bnctx = BN_CTX_new(); - if (!bnctx) - goto fail; Qr = dpp_pkex_derive_Qr(curve, pkex->peer_mac, pkex->code, - pkex->identifier, bnctx, &group); + pkex->identifier, &ec); if (!Qr) goto fail; /* Y' = N - Qr */ - Y = EC_POINT_new(group); - N = EC_POINT_new(group); - Nx = BN_bin2bn(attr_key, attr_key_len / 2, NULL); - Ny = BN_bin2bn(attr_key + attr_key_len / 2, attr_key_len / 2, NULL); - if (!Y || !N || !Nx || !Ny || - EC_POINT_set_affine_coordinates_GFp(group, N, Nx, Ny, bnctx) != 1 || - EC_POINT_is_at_infinity(group, N) || - !EC_POINT_is_on_curve(group, N, bnctx) || - EC_POINT_invert(group, Qr, bnctx) != 1 || - EC_POINT_add(group, Y, N, Qr, bnctx) != 1 || - EC_POINT_is_at_infinity(group, Y) || - !EC_POINT_is_on_curve(group, Y, bnctx)) { + Y = crypto_ec_point_init(ec); + N = crypto_ec_point_from_bin(ec, attr_key); + if (!Y || !N || + crypto_ec_point_is_at_infinity(ec, N) || + !crypto_ec_point_is_on_curve(ec, N) || + crypto_ec_point_invert(ec, Qr) || + crypto_ec_point_add(ec, N, Qr, Y) || + crypto_ec_point_is_at_infinity(ec, Y) || + !crypto_ec_point_is_on_curve(ec, Y)) { dpp_pkex_fail(pkex, "Invalid Encrypted Key value"); pkex->t++; goto fail; } - dpp_debug_print_point("DPP: N", group, N); - dpp_debug_print_point("DPP: Y'", group, Y); + crypto_ec_point_debug_print(ec, N, "DPP: N"); + crypto_ec_point_debug_print(ec, Y, "DPP: Y'"); pkex->exchange_done = 1; /* ECDH: J = a * Y' */ - Y_ec = EC_KEY_new(); - if (!Y_ec || - EC_KEY_set_group(Y_ec, group) != 1 || - EC_KEY_set_public_key(Y_ec, Y) != 1) + x_coord = os_malloc(curve->prime_len); + y_coord = os_malloc(curve->prime_len); + if (!x_coord || !y_coord || crypto_ec_point_to_bin(ec, Y, x_coord, y_coord)) goto fail; - pkex->y = (struct crypto_ec_key *)EVP_PKEY_new(); - if (!pkex->y || - EVP_PKEY_set1_EC_KEY((EVP_PKEY *)pkex->y, Y_ec) != 1) + pkex->y = crypto_ec_key_set_pub(curve->ike_group, x_coord, y_coord, + curve->prime_len); + if (!pkex->y) goto fail; if (dpp_ecdh(pkex->own_bi->pubkey, pkex->y, Jx, &Jx_len) < 0) goto fail; @@ -855,14 +793,12 @@ out: wpabuf_free(A_pub); wpabuf_free(X_pub); wpabuf_free(Y_pub); - EC_POINT_free(Qr); - EC_POINT_free(Y); - EC_POINT_free(N); - BN_free(Nx); - BN_free(Ny); - EC_KEY_free(Y_ec); - BN_CTX_free(bnctx); - EC_GROUP_free(group); + os_free(x_coord); + os_free(y_coord); + crypto_ec_point_deinit(Qr, 1); + crypto_ec_point_deinit(Y, 1); + crypto_ec_point_deinit(N, 1); + crypto_ec_deinit(ec); return msg; fail: wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Response processing failed"); diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index 3473b3519..7c2bc82e2 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -920,6 +920,16 @@ int crypto_ec_point_cmp(const struct crypto_ec *e, const struct crypto_ec_point *a, const struct crypto_ec_point *b); +/** + * crypto_ec_point_debug_print - Dump EC point + * @e: EC context from crypto_ec_init() + * @p: EC point + * @title: Name of the EC point in the trace + */ +void crypto_ec_point_debug_print(const struct crypto_ec *e, + const struct crypto_ec_point *p, + const char *title); + /** * struct crypto_ecdh - Elliptic Curve Diffie–Hellman context * @@ -1045,6 +1055,20 @@ struct wpabuf * crypto_ec_key_get_ecprivate_key(struct crypto_ec_key *key, */ struct wpabuf * crypto_ec_key_get_pubkey_point(struct crypto_ec_key *key, int prefix); +/** + * crypto_ec_key_get_public_key - Get EC Public Key as an EC point + * @key: EC key from crypto_ec_key_parse/set_pub() or crypto_ec_key_parse_priv() + * Returns: Public key a an EC point and %NULL on failure + */ +const struct crypto_ec_point *crypto_ec_key_get_public_key(struct crypto_ec_key *key); + +/** + * crypto_ec_key_get_private_key - Get EC Private Key as a bignum + * @key: EC key from crypto_ec_key_parse/set_pub() or crypto_ec_key_parse_priv() + * Returns: private key as a bignum and %NULL on failure + */ +const struct crypto_bignum *crypto_ec_key_get_private_key(struct crypto_ec_key *key); + /** * crypto_ec_key_sign - Sign a buffer with an EC key * @key: EC key from crypto_ec_key_parse_priv() or crypto_ec_key_gen() diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 275ec6252..308bab908 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -1951,6 +1951,33 @@ int crypto_ec_point_cmp(const struct crypto_ec *e, } +void crypto_ec_point_debug_print(const struct crypto_ec *e, + const struct crypto_ec_point *p, + const char *title) +{ + BIGNUM *x, *y; + char *x_str = NULL, *y_str = NULL; + + x = BN_new(); + y = BN_new(); + if (!x || !y || + EC_POINT_get_affine_coordinates_GFp(e->group, (const EC_POINT *) p, x, y, e->bnctx) != 1) + goto fail; + + x_str = BN_bn2hex(x); + y_str = BN_bn2hex(y); + if (!x_str || !y_str) + goto fail; + + wpa_printf(MSG_DEBUG, "%s (%s,%s)", title, x_str, y_str); + +fail: + OPENSSL_free(x_str); + OPENSSL_free(y_str); + BN_free(x); + BN_free(y); +} + struct crypto_ecdh { struct crypto_ec *ec; EVP_PKEY *pkey; @@ -2494,6 +2521,28 @@ struct wpabuf * crypto_ec_key_get_pubkey_point(struct crypto_ec_key *key, int pr } +const struct crypto_ec_point *crypto_ec_key_get_public_key(struct crypto_ec_key *key) +{ + EC_KEY *eckey; + + eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)key); + if (!eckey) + return NULL; + return (const struct crypto_ec_point *)EC_KEY_get0_public_key(eckey); +} + + +const struct crypto_bignum *crypto_ec_key_get_private_key(struct crypto_ec_key *key) +{ + EC_KEY *eckey; + + eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)key); + if (!eckey) + return NULL; + return (const struct crypto_bignum *)EC_KEY_get0_private_key(eckey); +} + + struct wpabuf * crypto_ec_key_sign(struct crypto_ec_key *key, const u8 *data, size_t len) { From patchwork Mon Jun 28 16:25:29 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498054 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=y3d3EbBh; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=pCYVGdNQ; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCkn01f9z9sTD for ; Tue, 29 Jun 2021 02:30:09 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=qLFD5lh0FvaM5nHrOMk1aAVLd66cVWR8FRFgJqLLp4g=; b=y3d3EbBhV15371 v6/5MHXTvFOHOVwBrwukyYd50EQfl2lR4fKc22zT4MQjG0hTwsashzS3KudX7gT6HvQ77nJyI3ZNQ OPr1MTttTujFzX/owzN/AAS4PBEG6eWl743LC31A57oCiyQpy9q3b8c74s0a+rJ6jAZMBd6yiOOt3 qLWCjOtgUcgtKi3GNOPDdmbwrxvlFnMrXueNJCeCfA/MDMDYeOWkB2k7xtTEUYt9Wf8iUW3cTnzHu xZTfdDa/f9HkN/WzhmeNm6FVvjiM/4WvLSYJ6jvOVix3uGW5fD0exJmTyQTnNP8Dp21wZ+FATUFK7 G30xOqBunq/o22KEBnaw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu8K-008bq3-5s; Mon, 28 Jun 2021 16:29:16 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5C-008agH-4s for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:04 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897548; x=1627489548; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=TPPObDOY0VRXIpMB+lJ/pfgRm9k9HwBRDBIBdi9jDWs=; b=pCYVGdNQoPmvRMPBkOJXIvRICmKfRHQWZNYdACf48UCJ1D+9Rajt2OwZd59Iy1WN ndg+gS+P0TUsNu0W4VSEUtrHblhd+MrVCF91Pwk/l7tQDCOcRm1KQ5ZrOMY8Rag9 XkdGrhjQIvEZ2nX2eo1eHJFXvrCeRhYGAOGqEktddLE=; X-AuditID: c3528109-8b7e670000004490-65-60d9f80c1a45 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id D5.2B.17552.C08F9D06; Mon, 28 Jun 2021 19:25:48 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:47 +0300 From: Cedric Izoard To: Subject: [PATCH 12/21] dpp: Use ECDH from crypto.h Date: Mon, 28 Jun 2021 18:25:29 +0200 Message-ID: <20210628162538.21067-13-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-10.705700-4.000000-10 X-TMASE-MatchedRID: k3g26igkNzPH0aT8k9sWyqoXHZz/dXlxKQNhMboqZlpQJFvZj8C0JpgZ 2+o9ceX0VUbYtbjsr2okjRLxbCFN/ZMKhvRh/ZfePwKTD1v8YV5MkOX0UoduuTDxiH20tVPVPWK 4LjUFUKjdxmHbWS9eUinhPC3KgzpNqj01FlWBadq6iJsmkdGsWR+26QzoWaY2MZC3ZFuwuapCj0 BXP3zDf6TTRke2Ezlf/jLJsrsAMy9gNiAFxE3rivRUId35VCIeVoopVBvm9s3JYIv7y0tu9jn3z GQhjJHevnCllUJsUcsYpv89Vgz080f7xmy9HlSfOIQ9GP2P2u9/7iVTXtdMVbqln+jYe7Zh0nWJ gcw/IDPVZ3VvMqnbxQpmiMZUbAEHyDVAWKR8vS3X3j/lf1V8LHyzRzLq38pIvDGpIrQZI9FdHFJ lVBEkK4ONuK+lvhc40pef7dx+3kXZZl1B7BcYMKubsOtSWY2QX7bicKxRIU2No+PRbWqfRMprJP 8FBOIaM+vPDq7OnbC0sIbUIngLvIHWEllWFcV5Id/Hg0astqxR7LtPF0tWcA== X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--10.705700-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: B78FF85259166F794DADFF1EB5BCA6E207B5C6641CCF5F59F38B88D7EB0B2ECC2000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrIIsWRmVeSWpSXmKPExsVyYIUtty7Pj5sJBuu7uSzWPkpzYPTYvKQ+ gDFK1yYpsaQsODM9T9/OpiSnWKE4taQkMy/dVsnXMVIJKJZUWZBYXKxbXJCYq2+XoJvR2rSW qaDfruLzwkamBsa5Rl2MnBwSAiYSF+a2s3QxcnEICexllNhy7yqUs4JRYtaF5SwgVWwCBhJf f8xnArFFBBQkOp9uZwaxhQWMJNa0r2QFsVkEVCXmz73LBmLzCjhILPr6nAlig7zEs+nz2EFs TqD4z32fweqFBOwlDs1awQJRLyhxcuYTMJtZQFOidftvdghbXqJ562xmiHp1iZ1rmlkgZlpI 7OlZATVfQ+LLnNXsIEdLCDxkkWi7vBBoAQeQoyDxeYYxzA0fL8xghLDVJP5c+cAE8/2CX9eg ZkZI3JlzkG0Co/gsJCfNQnLSLCQnLWBkXsUomFuRmaOXnFqWqJtSXKCXnJ+7iREYZ4eDGjl3 MH5eGn+IkYmD8RCjBAezkgivWNW1BCHelMTKqtSi/Pii0pzU4kOMycBwm8gsJZqcD4zzvJJ4 Q1NzS3MjAwsLc1NDMyKEDczNTMyBlLG5iZI4b5rg1gQhgfTEktTs1NSC1CKYLUwcnCBXcEmJ FKfmpaQWJZaWZMSDUk98MTD5SDUwqmnnnwiIbr+a1J+yTiB3fkKJ06GD+Rbs8yW/ShsbMUmy 86QJP2hM3fZOMjLH7VKhudaEzysv3HkbKRO6zWL/zg7u9E+FBkH2exSXi31s7JZnUldLMnJ4 pj1nm9hH5pBNa9c3+dzNmv7ssveeab1ZGg5TJ0xmU9Gar3S7//vRValqQo3MzVpKLMUZiYZa zEXFiQAAamJ7BAMAAA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092602_470786_56DD4B8C X-CRM114-Status: GOOD ( 18.83 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Use crypto.h API to implement ECDH in DPP. Need to add a new init function in crypto.h to initialize an ECDH with a given EC key. Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 80 +++++++++ src/crypto/crypto.h | 33 ++++++++++----- src/crypto/crypto_openssl.c | [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Use crypto.h API to implement ECDH in DPP. Need to add a new init function in crypto.h to initialize an ECDH with a given EC key. Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 80 +++++++++---------------------------- src/crypto/crypto.h | 33 ++++++++++----- src/crypto/crypto_openssl.c | 28 +++++++++++++ 3 files changed, 68 insertions(+), 73 deletions(-) diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index c1dffdb6f..756ba6164 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -610,84 +610,40 @@ int dpp_derive_bk_ke(struct dpp_authentication *auth) int dpp_ecdh(struct crypto_ec_key *own, struct crypto_ec_key *peer, u8 *secret, size_t *secret_len) { - EVP_PKEY_CTX *ctx; + struct crypto_ecdh *ecdh; + struct wpabuf *secret_buf = NULL; + struct wpabuf *peer_pub = NULL; int ret = -1; - ERR_clear_error(); *secret_len = 0; - ctx = EVP_PKEY_CTX_new((EVP_PKEY *)own, NULL); - if (!ctx) { - wpa_printf(MSG_ERROR, "DPP: EVP_PKEY_CTX_new failed: %s", - ERR_error_string(ERR_get_error(), NULL)); + ecdh = crypto_ecdh_init2(crypto_ec_key_group(own), own); + if (!ecdh) { + wpa_printf(MSG_ERROR, "DPP: crypto_ecdh_init2 failed"); return -1; } - if (EVP_PKEY_derive_init(ctx) != 1) { - wpa_printf(MSG_ERROR, "DPP: EVP_PKEY_derive_init failed: %s", - ERR_error_string(ERR_get_error(), NULL)); + peer_pub = crypto_ec_key_get_pubkey_point(peer, 0); + if (!peer_pub) { + wpa_printf(MSG_ERROR, "DPP: crypto_ec_key_get_pubkey_point failed"); goto fail; } - if (EVP_PKEY_derive_set_peer(ctx, (EVP_PKEY *)peer) != 1) { - wpa_printf(MSG_ERROR, - "DPP: EVP_PKEY_derive_set_peet failed: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } - - if (EVP_PKEY_derive(ctx, NULL, secret_len) != 1) { - wpa_printf(MSG_ERROR, "DPP: EVP_PKEY_derive(NULL) failed: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } - - if (*secret_len > DPP_MAX_SHARED_SECRET_LEN) { - u8 buf[200]; - int level = *secret_len > 200 ? MSG_ERROR : MSG_DEBUG; - - /* It looks like OpenSSL can return unexpectedly large buffer - * need for shared secret from EVP_PKEY_derive(NULL) in some - * cases. For example, group 19 has shown cases where secret_len - * is set to 72 even though the actual length ends up being - * updated to 32 when EVP_PKEY_derive() is called with a buffer - * for the value. Work around this by trying to fetch the value - * and continue if it is within supported range even when the - * initial buffer need is claimed to be larger. */ - wpa_printf(level, - "DPP: Unexpected secret_len=%d from EVP_PKEY_derive()", - (int) *secret_len); - if (*secret_len > 200) - goto fail; - if (EVP_PKEY_derive(ctx, buf, secret_len) != 1) { - wpa_printf(MSG_ERROR, "DPP: EVP_PKEY_derive failed: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } - if (*secret_len > DPP_MAX_SHARED_SECRET_LEN) { - wpa_printf(MSG_ERROR, - "DPP: Unexpected secret_len=%d from EVP_PKEY_derive()", - (int) *secret_len); - goto fail; - } - wpa_hexdump_key(MSG_DEBUG, "DPP: Unexpected secret_len change", - buf, *secret_len); - os_memcpy(secret, buf, *secret_len); - forced_memzero(buf, sizeof(buf)); - goto done; - } - - if (EVP_PKEY_derive(ctx, secret, secret_len) != 1) { - wpa_printf(MSG_ERROR, "DPP: EVP_PKEY_derive failed: %s", - ERR_error_string(ERR_get_error(), NULL)); + secret_buf = crypto_ecdh_set_peerkey(ecdh, 1, wpabuf_head(peer_pub), + wpabuf_len(peer_pub)); + if (!secret_buf) { + wpa_printf(MSG_ERROR, "DPP: crypto_ecdh_set_peerkey failed"); goto fail; } -done: + *secret_len = wpabuf_len(secret_buf); + os_memcpy(secret, wpabuf_head(secret_buf), wpabuf_len(secret_buf)); ret = 0; fail: - EVP_PKEY_CTX_free(ctx); + wpabuf_clear_free(secret_buf); + wpabuf_clear_free(peer_pub); + crypto_ecdh_deinit(ecdh); return ret; } diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index 7c2bc82e2..c87cbcbe8 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -930,6 +930,14 @@ void crypto_ec_point_debug_print(const struct crypto_ec *e, const struct crypto_ec_point *p, const char *title); +/** + * struct crypto_ec_key - Elliptic Curve Key pair + * + * Internal data structure for EC Key pair. The contents is specific to the used + * crypto library. + */ +struct crypto_ec_key; + /** * struct crypto_ecdh - Elliptic Curve Diffie–Hellman context * @@ -942,13 +950,24 @@ struct crypto_ecdh; * crypto_ecdh_init - Initialize elliptic curve diffie–hellman context * @group: Identifying number for the ECC group (IANA "Group Description" * attribute registrty for RFC 2409) + * This function generates ephemeral key pair. * Returns: Pointer to ECDH context or %NULL on failure */ struct crypto_ecdh * crypto_ecdh_init(int group); +/** + * crypto_ecdh_init2 - Initialize elliptic curve diffie–hellman context with + * given EC key + * @group: Identifying number for the ECC group (IANA "Group Description" + * attribute registrty for RFC 2409) + * @own_key: Our own EC Key. + * Returns: Pointer to ECDH context or %NULL on failure + */ +struct crypto_ecdh * crypto_ecdh_init2(int group, struct crypto_ec_key *own_key); + /** * crypto_ecdh_get_pubkey - Retrieve Public from ECDH context - * @ecdh: ECDH context from crypto_ecdh_init() + * @ecdh: ECDH context from crypto_ecdh_init() or crypto_ecdh_init2() * @inc_y: Whether public key should include y coordinate (explicit form) * or not (compressed form) * Returns: Binary data f the public key or %NULL on failure @@ -957,7 +976,7 @@ struct wpabuf * crypto_ecdh_get_pubkey(struct crypto_ecdh *ecdh, int inc_y); /** * crypto_ecdh_set_peerkey - Compute ECDH secret - * @ecdh: ECDH context from crypto_ecdh_init() + * @ecdh: ECDH context from crypto_ecdh_init() or crypto_ecdh_init2() * @inc_y: Whether Peer's public key includes y coordinate (explicit form) * or not (compressed form) * @key: Binary data of the Peer's public key @@ -969,7 +988,7 @@ struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y, /** * crypto_ecdh_deinit - Free ECDH context - * @ecdh: ECDH context from crypto_ecdh_init() + * @ecdh: ECDH context from crypto_ecdh_init() or crypto_ecdh_init2() */ void crypto_ecdh_deinit(struct crypto_ecdh *ecdh); @@ -980,14 +999,6 @@ void crypto_ecdh_deinit(struct crypto_ecdh *ecdh); */ size_t crypto_ecdh_prime_len(struct crypto_ecdh *ecdh); -/** - * struct crypto_ec_key - Elliptic Curve Key pair - * - * Internal data structure for EC Key pair. The contents is specific to the used - * crypto library. - */ -struct crypto_ec_key; - /** * crypto_ec_key_parse_priv - Initialize EC Key pair from ECPrivateKey ASN.1 * @der: DER encoding of ASN.1 ECPrivateKey diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 308bab908..bca512f6c 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -2042,6 +2042,34 @@ fail: } +struct crypto_ecdh * crypto_ecdh_init2(int group, struct crypto_ec_key *own_key) +{ + struct crypto_ecdh *ecdh; + + ecdh = os_zalloc(sizeof(*ecdh)); + if (!ecdh) + goto fail; + + ecdh->ec = crypto_ec_init(group); + if (!ecdh->ec) + goto fail; + + ecdh->pkey = EVP_PKEY_new(); + if (!ecdh->pkey || + EVP_PKEY_assign_EC_KEY(ecdh->pkey, + EVP_PKEY_get1_EC_KEY((EVP_PKEY *)own_key)) != 1) { + goto fail; + } + +done: + return ecdh; +fail: + crypto_ecdh_deinit(ecdh); + ecdh = NULL; + goto done; +} + + struct wpabuf * crypto_ecdh_get_pubkey(struct crypto_ecdh *ecdh, int inc_y) { struct wpabuf *buf = NULL; From patchwork Mon Jun 28 16:25:30 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498058 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=kqhI0Qtt; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=eo/lrQgk; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCmz546Mz9sV8 for ; Tue, 29 Jun 2021 02:32:03 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ITPbfNbBKF197jBME+m9s+W21EdR34AbPow8eyNOc6U=; b=kqhI0Qtt+O3F2D wOAINh2iyEfNaFp4ncyzC/vS4R6n0mGCBLr0Tsmidgd8lhx9DJ/YX5h/9mbPUowTEHHIuahUFJFOy AqHYrbg60jpNc5EqCxlnbPNQVpybdFL/gW/tWDOcw7wVf5KLOoLAlhDSsgZlW3natHQ2ruG9PdRIS VaEQW0JML3Zv29FpPXVHlIiFS1ngRHxw2I0kXVKzQQDuifILncoJUPyDx3jD/0uSxAs6l+t6anjOD 4KpZcjOpdDfVlQxARdpkmK7z9LiMrMUAL5TMujjTwcvs0uFIEeHTwwceS4WZRHrYbQG63OYNSXjZg IpO6KK0uyUYUTJLFf/KA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu9D-008c7k-Q0; Mon, 28 Jun 2021 16:30:12 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5C-008ahw-A4 for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:04 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897548; x=1627489548; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=JYmTIXDXKR8KHIFBamScPFNcULHEHZZQ9jyPSreQbMY=; b=eo/lrQgkbFFk/vexxsaFKeV0GcB5B+MH1T9MBXIAQtXdu9c8rmMZAsp9FI7O2wTW l3DpVp9tIdqHWNyOCCZtrCgMNvm+9KUAGkiUtkdeq5EC+elF4GSI9pq4ozGuhCoP P7j09P+Zst6LF7Zx/YdQaSCBPkDXI69TZJbBE2i5OWg=; X-AuditID: c3528109-88be570000004490-67-60d9f80c624f Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id F5.2B.17552.C08F9D06; Mon, 28 Jun 2021 19:25:48 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:47 +0300 From: Cedric Izoard To: Subject: [PATCH 13/21] dpp: Use crypto.h for authentication computation Date: Mon, 28 Jun 2021 18:25:30 +0200 Message-ID: <20210628162538.21067-14-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-4.460900-4.000000-10 X-TMASE-MatchedRID: rowO3ML+RUVUb4RU7iFlQrzgL/eLACDEcDE+oNxhOFCsfZyCQDNK/Ih8 +j2OpGDPfGzuoVn0Vs6PQi9XuOWoOCnqwKmU0oYzoS0guoV6SZeo2aYwunfln0ekR3VSvOYVwWa hHScmYz3QRc3h7tg2IbDoSzndGOjE8w1NuNQpkz7N+qWlu2ZxaAd6R+JpfyZHUoXFjv/N8aJT07 ++IT9lqkep6a50dT+2dCl48p2Y94BPB4rXagQZ+1mU3gdLaqKbegIHHX2L4YwXC9p0ThKQ4RybO QehI2Fo/qV/+uXWBGWbKItl61J/yZ+inTK0bC9eKrauXd3MZDX371moSn0VOJqdPv7AwYycWU/L tktHz+kKtwAGrxh7lDGBQSfRNrVwnjNmZ2nPFh6YAtF24xnc0dAS1bPuLKwODVOBgdyM0rH+Me5 kxorDAVPX67mMOdzELL/BUlxSNYyeDOvCqhZT1zRzod4nAiGanqg/VrSZEiM= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--4.460900-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 412E3A0915092E9223F5D0DC4A91B4166471F1ADB7DC7045AB846640AE838CA82000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrOIsWRmVeSWpSXmKPExsVyYIUtty7Pj5sJBj8mmlqsfZTmwOixeUl9 AGOUrk1SYklZcGZ6nr6dTUlOsUJxaklJZl66rZKvY6QSUCypsiCxuFi3uCAxV98uQTfj2BO5 godGFRfmT2NtYNyg2cXIySEhYCJxZ/4l5i5GLg4hgb2MEv//HoRyVjBKzLqwnAWkik3AQOLr j/lMILaIgIJE59PtzCC2sIC7xPLn09hBbBYBVYktNy8zgti8Ag4Sx9/dZYXYIC/xbPo8sBpO oPjPfZ/B4kIC9hKHZq1ggagXlDg58wmYzSwgIXHwxQtmiBp1iZ1rmlkg5lhI7OlZAXQDB5Ct LvFyeSrInRICk1gklq85xAgRV5D4PMMYZu3HCzMYIWxViaXNC1hgHl7w6xqUHSFx781HlgmM YrOQXDELyRULGJlWMQrmVmTm6CWnliXqphQX6CXn525iBMbM4aBGzh2Mn5fGH2Jk4mA8xCjB wawkwitWdS1BiDclsbIqtSg/vqg0J7X4EGMyMHgmMkuJJucDYzavJN7Q1NzS3MjAwsLc1NCM CGEDczMTcyBlbG6iJM6bJrg1QUggPbEkNTs1tSC1CGYLEwcnyBVcUiLFqXkpqUWJpSUZ8aA0 El8MTCRSDYyqcvvSPUtvRT2pTelU9ZIufmi0bd7T9NMuKTdtVSwccm8Esl9Z9Dom/qLFrEc9 bcsNbRlU9N9u2XWhMc43Sfr9O6/VP1cLf2MXfKViFGD26e289Z/79B60T/lSdmLDiZ4bZ5N2 X++TvZ10r1vTrOxHpLX6vkOpmX/Y2Ji6j/zeGhqp96jA+r0SS3FGoqEWc1FxIgBq2FkU6gIA AA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092602_627757_2BA107EA X-CRM114-Status: GOOD ( 12.29 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Rewrite dpp_auth_derive_l_responder/initiator using EC point/bignum primitives defined in crypto.h API. Signed-off-by: Cedric Izoard --- src/common/dpp_auth.c | 2 - src/common/dpp_crypto.c | 137 ++++++++++++++++ 2 files changed, 53 insertions(+), 86 d [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Rewrite dpp_auth_derive_l_responder/initiator using EC point/bignum primitives defined in crypto.h API. Signed-off-by: Cedric Izoard --- src/common/dpp_auth.c | 2 - src/common/dpp_crypto.c | 137 ++++++++++++++++------------------------ 2 files changed, 53 insertions(+), 86 deletions(-) diff --git a/src/common/dpp_auth.c b/src/common/dpp_auth.c index 2f5f47459..f81f1eecb 100644 --- a/src/common/dpp_auth.c +++ b/src/common/dpp_auth.c @@ -672,7 +672,6 @@ dpp_auth_req_rx(struct dpp_global *dpp, void *msg_ctx, u8 dpp_allowed_roles, size_t attr_len) { struct crypto_ec_key *pi = NULL; - EVP_PKEY_CTX *ctx = NULL; size_t secret_len; const u8 *addr[2]; size_t len[2]; @@ -929,7 +928,6 @@ not_compatible: fail: bin_clear_free(unwrapped, unwrapped_len); crypto_ec_key_deinit(pi); - EVP_PKEY_CTX_free(ctx); dpp_auth_deinit(auth); return NULL; } diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 756ba6164..ef9aa14bc 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -1176,122 +1176,91 @@ fail: int dpp_auth_derive_l_responder(struct dpp_authentication *auth) { - const EC_GROUP *group; - EC_POINT *l = NULL; - const EC_KEY *BI, *bR, *pR; - const EC_POINT *BI_point; - BN_CTX *bnctx; - BIGNUM *lx, *sum, *q; - const BIGNUM *bR_bn, *pR_bn; + struct crypto_ec *ec = NULL; + struct crypto_ec_point *L = NULL; + const struct crypto_ec_point *BI = NULL; + const struct crypto_bignum *bR = NULL, *pR = NULL, *q = NULL; + struct crypto_bignum *sum = NULL, *lx = NULL; int ret = -1; /* L = ((bR + pR) modulo q) * BI */ - - bnctx = BN_CTX_new(); - sum = BN_new(); - q = BN_new(); - lx = BN_new(); - if (!bnctx || !sum || !q || !lx) - goto fail; - BI = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->peer_bi->pubkey); - if (!BI) - goto fail; - BI_point = EC_KEY_get0_public_key(BI); - group = EC_KEY_get0_group(BI); - if (!group) + ec = crypto_ec_init(crypto_ec_key_group(auth->peer_bi->pubkey)); + if (!ec) { + wpa_printf(MSG_ERROR, "DPP: crypto_ec_init failed\n"); goto fail; + } - bR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->own_bi->pubkey); - pR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->own_protocol_key); - if (!bR || !pR) - goto fail; - bR_bn = EC_KEY_get0_private_key(bR); - pR_bn = EC_KEY_get0_private_key(pR); - if (!bR_bn || !pR_bn) - goto fail; - if (EC_GROUP_get_order(group, q, bnctx) != 1 || - BN_mod_add(sum, bR_bn, pR_bn, q, bnctx) != 1) + q = crypto_ec_get_order(ec); + BI = crypto_ec_key_get_public_key(auth->peer_bi->pubkey); + bR = crypto_ec_key_get_private_key(auth->own_bi->pubkey); + pR = crypto_ec_key_get_private_key(auth->own_protocol_key); + sum = crypto_bignum_init(); + L = crypto_ec_point_init(ec); + lx = crypto_bignum_init(); + + if (!q || !BI || !bR || !pR || !sum || !L || !lx) goto fail; - l = EC_POINT_new(group); - if (!l || - EC_POINT_mul(group, l, NULL, BI_point, sum, bnctx) != 1 || - EC_POINT_get_affine_coordinates_GFp(group, l, lx, NULL, - bnctx) != 1) { - wpa_printf(MSG_ERROR, - "OpenSSL: failed: %s", - ERR_error_string(ERR_get_error(), NULL)); + + if (crypto_bignum_addmod(bR, pR, q, sum) || + crypto_ec_point_mul(ec, BI, sum, L)) goto fail; - } - if (dpp_bn2bin_pad(lx, auth->Lx, auth->secret_len) < 0) + if (crypto_ec_point_x(ec, L, lx) || + crypto_bignum_to_bin(lx, auth->Lx, sizeof(auth->Lx), auth->secret_len) < 0) goto fail; + wpa_hexdump_key(MSG_DEBUG, "DPP: L.x", auth->Lx, auth->secret_len); auth->Lx_len = auth->secret_len; ret = 0; fail: - EC_POINT_clear_free(l); - BN_clear_free(lx); - BN_clear_free(sum); - BN_free(q); - BN_CTX_free(bnctx); + crypto_bignum_deinit(lx, 1); + crypto_bignum_deinit(sum, 1); + crypto_ec_point_deinit(L, 1); + crypto_ec_deinit(ec); return ret; } int dpp_auth_derive_l_initiator(struct dpp_authentication *auth) { - const EC_GROUP *group; - EC_POINT *l = NULL, *sum = NULL; - const EC_KEY *bI, *BR, *PR; - const EC_POINT *BR_point, *PR_point; - BN_CTX *bnctx; - BIGNUM *lx; - const BIGNUM *bI_bn; + struct crypto_ec *ec = NULL; + struct crypto_ec_point *L = NULL, *sum = NULL; + const struct crypto_ec_point *BR = NULL, *PR = NULL; + const struct crypto_bignum *bI; + struct crypto_bignum *lx = NULL; int ret = -1; /* L = bI * (BR + PR) */ - - bnctx = BN_CTX_new(); - lx = BN_new(); - if (!bnctx || !lx) - goto fail; - BR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->peer_bi->pubkey); - PR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->peer_protocol_key); - if (!BR || !PR) + ec = crypto_ec_init(crypto_ec_key_group(auth->peer_bi->pubkey)); + if (!ec) goto fail; - BR_point = EC_KEY_get0_public_key(BR); - PR_point = EC_KEY_get0_public_key(PR); - bI = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->own_bi->pubkey); - if (!bI) - goto fail; - group = EC_KEY_get0_group(bI); - bI_bn = EC_KEY_get0_private_key(bI); - if (!group || !bI_bn) + BR = crypto_ec_key_get_public_key(auth->peer_bi->pubkey); + PR = crypto_ec_key_get_public_key(auth->peer_protocol_key); + bI = crypto_ec_key_get_private_key(auth->own_bi->pubkey); + sum = crypto_ec_point_init(ec); + L = crypto_ec_point_init(ec); + lx = crypto_bignum_init(); + + if (!BR || !PR || !bI || !sum || !L || !lx) goto fail; - sum = EC_POINT_new(group); - l = EC_POINT_new(group); - if (!sum || !l || - EC_POINT_add(group, sum, BR_point, PR_point, bnctx) != 1 || - EC_POINT_mul(group, l, NULL, sum, bI_bn, bnctx) != 1 || - EC_POINT_get_affine_coordinates_GFp(group, l, lx, NULL, - bnctx) != 1) { - wpa_printf(MSG_ERROR, - "OpenSSL: failed: %s", - ERR_error_string(ERR_get_error(), NULL)); + + if (crypto_ec_point_add(ec, BR, PR, sum) || + crypto_ec_point_mul(ec, sum, bI, L)) goto fail; - } - if (dpp_bn2bin_pad(lx, auth->Lx, auth->secret_len) < 0) + if (crypto_ec_point_x(ec, L, lx) || + crypto_bignum_to_bin(lx, auth->Lx, sizeof(auth->Lx), auth->secret_len) < 0) goto fail; + wpa_hexdump_key(MSG_DEBUG, "DPP: L.x", auth->Lx, auth->secret_len); auth->Lx_len = auth->secret_len; ret = 0; fail: - EC_POINT_clear_free(l); - EC_POINT_clear_free(sum); - BN_clear_free(lx); - BN_CTX_free(bnctx); + crypto_bignum_deinit(lx, 1); + crypto_ec_point_deinit(sum, 1); + crypto_ec_point_deinit(L, 1); + crypto_ec_deinit(ec); return ret; } From patchwork Mon Jun 28 16:25:31 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498061 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=XAvBxWiW; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=C1nGsuXa; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCq941w3z9sVp for ; Tue, 29 Jun 2021 02:33:57 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ChEAR1ew2xqsQpHfg9ncZ9K3cYjmHkMN02I4P7/7b5w=; b=XAvBxWiWWBkq+a Ou2s610zQt5gbi/AOxaXDS0ZuC1LD5zUxZ2Is4xUXQ0QLkss8mWjY37Kbkz2zgCwwtIti8ESPkImK uriq4UaNEJ6BOAX2j+gippUvriYBJzwpXQY3Nt9Qn0fYY+iofa6HPvgrqfQrIKypYfUFkwQQxtRLX fhl0QIemXmZK8YzqZNTm8O98/Z6OnMpe8DdYy7/p8gyVfHNPB9BJR2INGsNlYLgIc6FrGKOR4zaty dm/ZT1gk72w/+s9um3ToWgH8d0WINe4STLAIaEjq8F5qxQq6OBcX/j8+lJRD6PvISS5aW733vE43Y yF7vnSDFgdIhDi/V3R1Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxuB2-008cpt-KA; Mon, 28 Jun 2021 16:32:05 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5H-008alG-Gt for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:10 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897549; x=1627489549; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=uo27Y13KgC5yZV9JBstyNzif6t4sMfrVzaV/XaEJk+k=; b=C1nGsuXaSG4Wo06qu+4ecs69xcWk4frxum/vrcNGwUI5D73whHoks6pw7H7c1Hv1 DWFymsH0LKd0FPwpp/uH3ZUii1BGc9VC5chMKCw0sTpkEs3RoC7YG3IRHLEQq/mU QAaf1i8r6P9DOaL/gYn2dASONpxfFhZBZNEEywV+weU=; X-AuditID: c3528109-8b7e670000004490-69-60d9f80d8e22 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 36.2B.17552.D08F9D06; Mon, 28 Jun 2021 19:25:49 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:48 +0300 From: Cedric Izoard To: Subject: [PATCH 14/21] dpp: Update connector signing to use crypto.h Date: Mon, 28 Jun 2021 18:25:31 +0200 Message-ID: <20210628162538.21067-15-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-8.480400-4.000000-10 X-TMASE-MatchedRID: djTJXvzTDSe9TGmwrVcPSwrcxrzwsv5uTEFC0zV7bKTXLRpcXl5f6Aeu SGhEYtH1eQrcH5KVRJ3bD0X+5QL5NdfjMZoQKrxg8G8CATEgS6Y/pOSL72dTfwdkFovAReUog9x e4gtUJtptIv0A3hSOW6peFvl7iFd6tj6iWm5m5ksaPMGCcVm9DhA5wxKjT3bqw1abgzWsDaYyPG HCA/ugLQpLGykC1l3C1IK9WU5wBDZsNL4m3BkfhwKDWtq/hHcNEg7si725wwYKQo6lRC5cFR87r iQs1geE7uQj048Sa8y+HoeTMBhreO8QljqNvuG6DOs94g784gcxEreX72bHnou6fTXJM2TrjxgU EedJtNM6tcWDghNdsF2AwuFj2AoKjNCnuZyJlEgwiJTf3kjwff79kuWeDe6KPPeIpQtMl0nA9u7 fv3J9YYvDu0BEKrFOo++iWQl7ChdlVUx1Cd2cjHIyzDBHWyvr64sVlliWKx8fE8yM4pjsDwtuKB GekqUpOlxBO2IcOBaMmfGs4CMayCKQNDVf98x5XGlK6UeuSOyo6oa1Wu0eulXsxvwmJQ06 X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--8.480400-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 5A59B611343B21DB164F27A0256ACA55273D1A31BC0291651DCC9E743B6E18E92000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrOIsWRmVeSWpSXmKPExsVyYIUtty7vj5sJBouPSFisfZTmwOixeUl9 AGOUrk1SYklZcGZ6nr6dTUlOsUJxaklJZl66rZKvY6QSUCypsiCxuFi3uCAxV98uQTfjWOcx loJlFRWPls9kbWA8kdDFyMkhIWAi8Xv/TeYuRi4OIYG9jBJzbn1nA0kICaxglHjfIQxiswkY SHz9MZ8JxBYRUJDofLqdGcQWFnCRWLjiBpjNIqAq0TzrISOIzSvgIDHp4URWiAXyEs+mz2MH sTmB4j/3fWaFmG8vcWjWChaIekGJkzOfgNnMAhISB1+8YIaoUZfYuaaZBWKOhcSenhVAN3AA 2eoSb+d4gNwsIfCSReLKkg8sEHEFic8zjGHWfrwwgxHCVpW4eHMGO8y/C35dgxoZIfF45yP2 CYxis5BcMQvJFQsYmVYxCuZWZOboJaeWJeqmFBfoJefnbmIExszhoEbOHYyfl8YfYmTiYDzE KMHBrCTCK1Z1LUGINyWxsiq1KD++qDQntfgQYzIweCYyS4km5wNjNq8k3tDU3NLcyMDCwtzU 0IwIYQNzMxNzIGVsbqIkzpsmuDVBSCA9sSQ1OzW1ILUIZgsTByfIFVxSIsWpeSmpRYmlJRnx oDQSXwxMJFINjLwKMh97PkyLiNF6zFLX/v3Zc/F2GRkOI5OZ3/+dfCLE13FFnN9/x4/jvmrX vhZZpKT1n9Pg/ckyPdj6eAHL6z7HZ8f3n5GKiLnJtpOBt1Thm+9m6RvOJ56vCcp70pkexLBC MUNxzlKZuktCdi7isguupuX5XqjQOPnXIPj09KrCt5XZ+x67KbEUZyQaajEXFScCANm2/Bbq AgAA X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092608_032758_E2071516 X-CRM114-Status: GOOD ( 20.80 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add 2 new functions in crypto.h that "wraps" around already defined signing function with (r, s) interface instead of DER Ecdsa-Sig-Value. Using those functions implies to compute the hash to sign manually before. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add 2 new functions in crypto.h that "wraps" around already defined signing function with (r,s) interface instead of DER Ecdsa-Sig-Value. Using those functions implies to compute the hash to sign manually before. Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 195 +++++++++++------------------------- src/crypto/crypto.h | 27 +++++ src/crypto/crypto_openssl.c | 106 ++++++++++++++++++++ 3 files changed, 194 insertions(+), 134 deletions(-) diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index ef9aa14bc..1844ae7e7 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -29,24 +29,6 @@ LIBRESSL_VERSION_NUMBER < 0x20700000L) /* Compatibility wrappers for older versions. */ -static int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) -{ - sig->r = r; - sig->s = s; - return 1; -} - - -static void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, - const BIGNUM **ps) -{ - if (pr) - *pr = sig->r; - if (ps) - *ps = sig->s; -} - - static EC_KEY * EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_EC) @@ -710,7 +692,7 @@ fail: static struct wpabuf * dpp_parse_jws_prot_hdr(const struct dpp_curve_params *curve, const u8 *prot_hdr, u16 prot_hdr_len, - const EVP_MD **ret_md) + int *hash_func) { struct json_token *root, *token; struct wpabuf *kid = NULL; @@ -757,16 +739,15 @@ dpp_parse_jws_prot_hdr(const struct dpp_curve_params *curve, } if (os_strcmp(token->string, "ES256") == 0 || os_strcmp(token->string, "BS256") == 0) - *ret_md = EVP_sha256(); + *hash_func = CRYPTO_HASH_ALG_SHA256; else if (os_strcmp(token->string, "ES384") == 0 || os_strcmp(token->string, "BS384") == 0) - *ret_md = EVP_sha384(); + *hash_func = CRYPTO_HASH_ALG_SHA384; else if (os_strcmp(token->string, "ES512") == 0 || os_strcmp(token->string, "BS512") == 0) - *ret_md = EVP_sha512(); - else - *ret_md = NULL; - if (!*ret_md) { + *hash_func = CRYPTO_HASH_ALG_SHA512; + else { + *hash_func = -1; wpa_printf(MSG_DEBUG, "DPP: Unsupported JWS Protected Header alg=%s", token->string); @@ -827,27 +808,12 @@ dpp_process_signed_connector(struct dpp_signed_connector_info *info, const char *pos, *end, *signed_start, *signed_end; struct wpabuf *kid = NULL; unsigned char *prot_hdr = NULL, *signature = NULL; - size_t prot_hdr_len = 0, signature_len = 0; - const EVP_MD *sign_md = NULL; - unsigned char *der = NULL; - int der_len; - int res; - EVP_MD_CTX *md_ctx = NULL; - ECDSA_SIG *sig = NULL; - BIGNUM *r = NULL, *s = NULL; + size_t prot_hdr_len = 0, signature_len = 0, signed_len; + int res, hash_func = -1; const struct dpp_curve_params *curve; - const EC_KEY *eckey; - const EC_GROUP *group; - int nid; + u8 *hash = NULL; - eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)csign_pub); - if (!eckey) - goto fail; - group = EC_KEY_get0_group(eckey); - if (!group) - goto fail; - nid = EC_GROUP_get_curve_name(group); - curve = dpp_get_curve_nid(nid); + curve = dpp_get_curve_ike_group(crypto_ec_key_group(csign_pub)); if (!curve) goto fail; wpa_printf(MSG_DEBUG, "DPP: C-sign-key group: %s", curve->jwk_crv); @@ -870,7 +836,7 @@ dpp_process_signed_connector(struct dpp_signed_connector_info *info, wpa_hexdump_ascii(MSG_DEBUG, "DPP: signedConnector - JWS Protected Header", prot_hdr, prot_hdr_len); - kid = dpp_parse_jws_prot_hdr(curve, prot_hdr, prot_hdr_len, &sign_md); + kid = dpp_parse_jws_prot_hdr(curve, prot_hdr, prot_hdr_len, &hash_func); if (!kid) { ret = DPP_STATUS_INVALID_CONNECTOR; goto fail; @@ -926,57 +892,41 @@ dpp_process_signed_connector(struct dpp_signed_connector_info *info, goto fail; } - /* JWS Signature encodes the signature (r,s) as two octet strings. Need - * to convert that to DER encoded ECDSA_SIG for OpenSSL EVP routines. */ - r = BN_bin2bn(signature, signature_len / 2, NULL); - s = BN_bin2bn(signature + signature_len / 2, signature_len / 2, NULL); - sig = ECDSA_SIG_new(); - if (!r || !s || !sig || ECDSA_SIG_set0(sig, r, s) != 1) + hash = os_malloc(curve->hash_len); + if (!hash) goto fail; - r = NULL; - s = NULL; - der_len = i2d_ECDSA_SIG(sig, &der); - if (der_len <= 0) { - wpa_printf(MSG_DEBUG, "DPP: Could not DER encode signature"); - goto fail; - } - wpa_hexdump(MSG_DEBUG, "DPP: DER encoded signature", der, der_len); - md_ctx = EVP_MD_CTX_create(); - if (!md_ctx) + signed_len = signed_end - signed_start + 1; + if (hash_func == CRYPTO_HASH_ALG_SHA256) + res = sha256_vector(1, (const u8**)&signed_start, &signed_len, hash); + else if (hash_func == CRYPTO_HASH_ALG_SHA384) + res = sha384_vector(1, (const u8**)&signed_start, &signed_len, hash); + else if (hash_func == CRYPTO_HASH_ALG_SHA512) + res = sha512_vector(1, (const u8**)&signed_start, &signed_len, hash); + else goto fail; - ERR_clear_error(); - if (EVP_DigestVerifyInit(md_ctx, NULL, sign_md, NULL, (EVP_PKEY *)csign_pub) != 1) { - wpa_printf(MSG_DEBUG, "DPP: EVP_DigestVerifyInit failed: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } - if (EVP_DigestVerifyUpdate(md_ctx, signed_start, - signed_end - signed_start + 1) != 1) { - wpa_printf(MSG_DEBUG, "DPP: EVP_DigestVerifyUpdate failed: %s", - ERR_error_string(ERR_get_error(), NULL)); + if (res) goto fail; - } - res = EVP_DigestVerifyFinal(md_ctx, der, der_len); + + res = crypto_ec_key_verify_signature_r_s(csign_pub, hash, curve->hash_len, + signature, signature_len / 2, + signature + signature_len / 2, + signature_len / 2); if (res != 1) { wpa_printf(MSG_DEBUG, - "DPP: EVP_DigestVerifyFinal failed (res=%d): %s", - res, ERR_error_string(ERR_get_error(), NULL)); + "DPP: signedConnector signature check failed (res=%d)", + res); ret = DPP_STATUS_INVALID_CONNECTOR; goto fail; } ret = DPP_STATUS_OK; fail: - EVP_MD_CTX_destroy(md_ctx); + os_free(hash); os_free(prot_hdr); wpabuf_free(kid); os_free(signature); - ECDSA_SIG_free(sig); - BN_free(r); - BN_free(s); - OPENSSL_free(der); return ret; } @@ -2036,78 +1986,55 @@ dpp_build_conn_signature(struct dpp_configurator *conf, size_t *signed3_len) { const struct dpp_curve_params *curve; + struct wpabuf *sig = NULL; char *signed3 = NULL; - unsigned char *signature = NULL; - const unsigned char *p; - size_t signature_len; - EVP_MD_CTX *md_ctx = NULL; - ECDSA_SIG *sig = NULL; char *dot = "."; - const EVP_MD *sign_md; - const BIGNUM *r, *s; + const u8 *vector[3]; + size_t vector_len[3]; + u8 *hash = NULL; + int ret; + + vector[0] = (const u8 *)signed1; + vector[1] = (const u8 *)dot; + vector[2] = (const u8 *)signed2; + vector_len[0] = signed1_len; + vector_len[1] = 1; + vector_len[2] = signed2_len; curve = conf->curve; + hash = os_malloc(curve->hash_len); + if (!hash) + goto fail; if (curve->hash_len == SHA256_MAC_LEN) { - sign_md = EVP_sha256(); + ret = sha256_vector(3, vector, vector_len, hash); } else if (curve->hash_len == SHA384_MAC_LEN) { - sign_md = EVP_sha384(); + ret = sha384_vector(3, vector, vector_len, hash); } else if (curve->hash_len == SHA512_MAC_LEN) { - sign_md = EVP_sha512(); + ret = sha512_vector(3, vector, vector_len, hash); } else { wpa_printf(MSG_DEBUG, "DPP: Unknown signature algorithm"); goto fail; } - md_ctx = EVP_MD_CTX_create(); - if (!md_ctx) - goto fail; - - ERR_clear_error(); - if (EVP_DigestSignInit(md_ctx, NULL, sign_md, NULL, (EVP_PKEY *)conf->csign) != 1) { - wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignInit failed: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } - if (EVP_DigestSignUpdate(md_ctx, signed1, signed1_len) != 1 || - EVP_DigestSignUpdate(md_ctx, dot, 1) != 1 || - EVP_DigestSignUpdate(md_ctx, signed2, signed2_len) != 1) { - wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignUpdate failed: %s", - ERR_error_string(ERR_get_error(), NULL)); + if (ret) { + wpa_printf(MSG_DEBUG, "DPP: Hash computation failed"); goto fail; } - if (EVP_DigestSignFinal(md_ctx, NULL, &signature_len) != 1) { - wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignFinal failed: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } - signature = os_malloc(signature_len); - if (!signature) - goto fail; - if (EVP_DigestSignFinal(md_ctx, signature, &signature_len) != 1) { - wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignFinal failed: %s", - ERR_error_string(ERR_get_error(), NULL)); + wpa_hexdump(MSG_DEBUG, "HASH: ", hash, curve->hash_len); + + sig = crypto_ec_key_sign_r_s(conf->csign, hash, curve->hash_len); + if (!sig) { + wpa_printf(MSG_ERROR, "DPP: Signature computation failed"); goto fail; } - wpa_hexdump(MSG_DEBUG, "DPP: signedConnector ECDSA signature (DER)", - signature, signature_len); - /* Convert to raw coordinates r,s */ - p = signature; - sig = d2i_ECDSA_SIG(NULL, &p, signature_len); - if (!sig) - goto fail; - ECDSA_SIG_get0(sig, &r, &s); - if (dpp_bn2bin_pad(r, signature, curve->prime_len) < 0 || - dpp_bn2bin_pad(s, signature + curve->prime_len, - curve->prime_len) < 0) - goto fail; - signature_len = 2 * curve->prime_len; + wpa_hexdump(MSG_DEBUG, "DPP: signedConnector ECDSA signature (raw r,s)", - signature, signature_len); - signed3 = base64_url_encode(signature, signature_len, signed3_len); + wpabuf_head(sig), wpabuf_len(sig)); + signed3 = base64_url_encode(wpabuf_head(sig), wpabuf_len(sig), signed3_len); + fail: - EVP_MD_CTX_destroy(md_ctx); - ECDSA_SIG_free(sig); - os_free(signature); + os_free(hash); + wpabuf_free(sig); return signed3; } diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index c87cbcbe8..889d0ef0e 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -1090,6 +1090,18 @@ const struct crypto_bignum *crypto_ec_key_get_private_key(struct crypto_ec_key * struct wpabuf * crypto_ec_key_sign(struct crypto_ec_key *key, const u8 *data, size_t len); +/** + * crypto_ec_key_sign_r_s - Sign a buffer with an EC key + * @key: EC key from crypto_ec_key_parse_priv() or crypto_ec_key_gen() + * @data: Data to sign + * @len: Length of @data buffer + * Returns: Buffer with r and s value concatenated in a buffer. Each value + * is in big endian byte order padded to the length of the prime defined the + * group of the key. + */ +struct wpabuf * crypto_ec_key_sign_r_s(struct crypto_ec_key *key, const u8 *data, + size_t len); + /** * crypto_ec_key_verify_signature - Verify signature * @key: EC key from crypto_ec_key_parse/set_pub() or crypto_ec_key_gen() @@ -1102,6 +1114,21 @@ struct wpabuf * crypto_ec_key_sign(struct crypto_ec_key *key, const u8 *data, int crypto_ec_key_verify_signature(struct crypto_ec_key *key, const u8 *data, size_t len, const u8 *sig, size_t sig_len); +/** + * crypto_ec_key_verify_signature_r_s - Verify signature + * @key: EC key from crypto_ec_key_parse/set_pub() or crypto_ec_key_gen() + * @data: Data to signed + * @len: Length of @data buffer + * @r: Binary data, in big endian byte order, of the 'r' field of the ECDSA signature. + * @s: Binary data, in big endian byte order, of the 's' field of the ECDSA signature. + * @r_len: Length of @r buffer + * @s_len: Length of @s buffer + * Returns: 1 if signature is valid, 0 if signature is invalid and -1 on failure + */ +int crypto_ec_key_verify_signature_r_s(struct crypto_ec_key *key, const u8 *data, + size_t len, const u8 *r, size_t r_len, + const u8 *s, size_t s_len); + /** * crypto_ec_key_group - Get IANA group identifier for an EC key * @key: EC key from crypto_ec_key_parse/set_pub/priv() or crypto_ec_key_gen() diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index bca512f6c..12b025593 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -88,6 +88,24 @@ static EC_KEY * EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) return NULL; return pkey->pkey.ec; } + + +static int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) +{ + sig->r = r; + sig->s = s; + return 1; +} + + +static void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, + const BIGNUM **ps) +{ + if (pr) + *pr = sig->r; + if (ps) + *ps = sig->s; +} #endif /* CONFIG_ECC */ #endif /* OpenSSL version < 1.1.0 */ @@ -2599,6 +2617,61 @@ struct wpabuf * crypto_ec_key_sign(struct crypto_ec_key *key, const u8 *data, } +struct wpabuf * crypto_ec_key_sign_r_s(struct crypto_ec_key *key, const u8 *data, + size_t len) +{ + const EC_GROUP *group = NULL; + const EC_KEY *eckey = NULL; + BIGNUM *prime = NULL; + ECDSA_SIG *sig = NULL; + const BIGNUM *r, *s; + u8 *r_buf, *s_buf; + struct wpabuf *buf; + const unsigned char *p; + int prime_len; + + buf = crypto_ec_key_sign(key, data, len); + if (!buf) + return NULL; + + // Extract (r,s) from Ecdsa-Sig-Value + eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)key); + if (!eckey) + goto fail; + group = EC_KEY_get0_group(eckey); + prime = BN_new(); + if (!prime || !group || + !EC_GROUP_get_curve_GFp(group, prime, NULL, NULL, NULL)) + goto fail; + prime_len = BN_num_bytes(prime); + + p = wpabuf_head(buf); + sig = d2i_ECDSA_SIG(NULL, &p, wpabuf_len(buf)); + if (!sig) + goto fail; + ECDSA_SIG_get0(sig, &r, &s); + + // re-use wpabuf returned by crypto_ec_key_sign + buf->used = 0; + r_buf = wpabuf_put(buf, prime_len); + s_buf = wpabuf_put(buf, prime_len); + + if (!r_buf || !s_buf || + (crypto_bignum_to_bin((const struct crypto_bignum *)r, r_buf, prime_len, prime_len) < 0) || + (crypto_bignum_to_bin((const struct crypto_bignum *)s, s_buf, prime_len, prime_len) < 0)) + goto fail; + +out: + BN_free(prime); + ECDSA_SIG_free(sig); + return buf; +fail: + wpabuf_clear_free(buf); + buf = NULL; + goto out; +} + + int crypto_ec_key_verify_signature(struct crypto_ec_key *key, const u8 *data, size_t len, const u8 *sig, size_t sig_len) { @@ -2620,6 +2693,39 @@ int crypto_ec_key_verify_signature(struct crypto_ec_key *key, const u8 *data, return -1; } +int crypto_ec_key_verify_signature_r_s(struct crypto_ec_key *key, const u8 *data, + size_t len, const u8 *r, size_t r_len, + const u8 *s, size_t s_len) +{ + ECDSA_SIG *sig = NULL; + BIGNUM *r_bn = NULL, *s_bn = NULL; + unsigned char *der = NULL; + int der_len; + int ret = -1; + + r_bn = BN_bin2bn(r, r_len, NULL); + s_bn = BN_bin2bn(s, s_len, NULL); + sig = ECDSA_SIG_new(); + if (!r_bn || !s_bn || !sig || ECDSA_SIG_set0(sig, r_bn, s_bn) != 1) + goto fail; + r_bn = NULL; + s_bn = NULL; + + der_len = i2d_ECDSA_SIG(sig, &der); + if (der_len <= 0) { + wpa_printf(MSG_DEBUG, "DPP: Could not DER encode signature"); + goto fail; + } + + ret = crypto_ec_key_verify_signature(key, data, len, der, der_len); + +fail: + OPENSSL_free(der); + BN_free(r_bn); + BN_free(s_bn); + ECDSA_SIG_free(sig); + return ret; +} int crypto_ec_key_group(struct crypto_ec_key *key) { From patchwork Mon Jun 28 16:25:32 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498062 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=jaM+B11k; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=oV42AETm; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCqC045Gz9sVp for ; Tue, 29 Jun 2021 02:33:59 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=mO7s5gQKj5LeyPdp94sc95ZehSK35tHYYM7a9A1RiMc=; b=jaM+B11kjzXhXH jN/lKImQsUuFb+2sSzioHz6T4UCnwEAPiqUULitV4q22BJ8+NRYzZ0WLecKCzWTE0wefjNdvbJ4BS v5kdeaEArTrbq5WgbB+KSbEAj+W+RxC503zorTUq9vk47hoec+C4T3RqvulTPTWox8i+oPiej7q3/ a8cugJQLE9Fn+jIktOKCsZEQxCy8H9P50zA35bHd5Kk23CU6dmWvRuNcKZdYh4a3nfg+2laI7B71t hsOq8EkMANMGuLUPNbXVfituiYbOuKrgRnwLHIoqb8PhoJIzhesjLudSoSM0N7hY0RjpUacRnLm2c 3DA+qCwBoJzxWzAX3q/Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxuBz-008dDn-QW; Mon, 28 Jun 2021 16:33:04 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5J-008alI-PQ for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:12 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897550; x=1627489550; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=AYDVxQo0V/5Q8mIu3db1dPu+jDlZRb6E1/Q/sai/JoA=; b=oV42AETm9r3NJu6eND1qyr8i0RHdVZFnepcqEpZvwrx3hVPmdDPXW77DxF2EiXzP 4ksiAtkkFJWNNqrtsLQE5WD+mUBakSjRaghcF/6zxjO8EY61Pe+JQm54ScPhn9as F03oT2DzoHTiyTv+iJznpitvTcYOourJlMeCe4LCWOI=; X-AuditID: c3528109-88be570000004490-6b-60d9f80def75 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 86.2B.17552.D08F9D06; Mon, 28 Jun 2021 19:25:49 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:49 +0300 From: Cedric Izoard To: Subject: [PATCH 15/21] dpp: Use crypto API for reconfig part Date: Mon, 28 Jun 2021 18:25:32 +0200 Message-ID: <20210628162538.21067-16-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-11.473500-4.000000-10 X-TMASE-MatchedRID: /R5BH9FU6JyVf6JCu7Pe8X41AgV24Xnf6FAl3seMeZhy0a7ebWYjf8Xm NEq/HdfxfGzuoVn0Vs6PQi9XuOWoOB7GIvj+BE01AD5jSg1rFtAzTATDGmcD/pu6++Cllkj50iS XG6dWPluKVsPKjZRyJOL+1x170ECjU2cj/ktxlWB6UYddkosva1ANG6kl62W5txQ+foKODXcwbG WKLQaL6YHA6IBd3vQsE4rhhwFzftQ71J1WT4MfuADXfAzhbnshX93p52Kh3tio8aocg8ZmI3N++ aG9CMzdeWcsTbLjETERbKrXycDHEgw8Nmue9wz3WZTeB0tqopsXivwflisSrNWb/MXO2XdLgJIt VkvlgmryCYcrUQnR1VMzPAiVs2qK6uKjqn63RyfN+qWlu2ZxaCGFfv5D4lhC26nR8RrBX2nuC+Q KTXCT84PSNC3vu+RADeTvEXfPcJ2AHpj6bMSfhcGNvKPnBgOa5GNm5cTRaUcpItvvrTT/tz5QFs H1QNsO1Wd1bzKp28Wp2dfPfQFzUx0DJ68yTu9n194/5X9VfCyk0Z2kJL0ckpcFdomgH0lnFEUkn J/kEl7dB/CxWTRRu92KvEVWmYr183gc9KBksFmtU2DlbMm+OXapLV7Rl7hP+QujslS6iH8DPJRD llH4tw== X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--11.473500-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: E04638A24A8D165402C46713C8EDAEF430AE31B835B9731875D7C9DB8C5EF5D82000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrFIsWRmVeSWpSXmKPExsVyYIUtty7fj5sJBqvfMFqsfZTmwOixeUl9 AGOUrk1SYklZcGZ6nr6dTUlOsUJxaklJZl66rZKvY6QSUCypsiCxuFi3uCAxV98uQTfj3bm1 TAVvljFWNH1/wNzA+KmdsYuRk0NCwETi2PYZbF2MXBxCAnsZJU5OfwzlrGCUeDtzEitIFZuA gcTXH/OZQGwRAQWJzqfbmUFsYQEbiX2X14JNYhFQlbj7bAtYnFfAQWLOkYesEBvkJZ5Nn8cO YnMCxX/u+wwWFxKwlzg0awULRL2gxMmZT8BsZgEJiYMvXjBD1KhL7FzTzAIxx0JiT88KoBs4 gGwNieZNySB3SggcZ5Vo37GbFSKuIPF5hjHM2o8XZkA9qSbRP+sSK8zDC35dgxoZIdHxbQnr BEaxWUiumIXkigWMTKsYBXMrMnP0klPLEnVTigv0kvNzNzECI+dwUCPnDsbPS+MPMTJxMB5i lOBgVhLhFau6liDEm5JYWZValB9fVJqTWnyIMRkYPBOZpUST84GRm1cSb2hqbmluZGBhYW5q aEaEsIG5mYk5kDI2N1ES500T3JogJJCeWJKanZpakFoEs4WJgxPkCi4pkeLUvJTUosTSkox4 UDKJLwamE6kGxpLW13VL9txkVph4ZN1O8SMzeNRlXk0QeHRItTKSO/af3vnZN5Infynifj/v 0Pt7H57+zZw1I/VvoXtCqTG74l02PfP9ckFBU048CpdkyDx/YWrmBNW3OialuTFJX06dX7dr gm7BCUvxJs4lz1hS+lYFlfvrKjLGz9z3JfG9b6fLWcUy15aWH0osxRmJhlrMRcWJAFcOEtzt AgAA X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092610_303625_82067C06 X-CRM114-Status: GOOD ( 15.87 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Rewrite functions related to reconfig feature using EC point/bignum primitives defined in crypto.h API. Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 314 +++++++++++++ src/common/dpp_i.h | 9 +- src/common/dpp_reconfig.c | 6 +- src/crypto/c [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Rewrite functions related to reconfig feature using EC point/bignum primitives defined in crypto.h API. Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 314 +++++++++++++----------------------- src/common/dpp_i.h | 9 +- src/common/dpp_reconfig.c | 6 +- src/crypto/crypto.h | 26 ++- src/crypto/crypto_openssl.c | 37 +++++ 5 files changed, 181 insertions(+), 211 deletions(-) diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 1844ae7e7..5bd181b29 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -8,7 +8,6 @@ */ #include "utils/includes.h" -#include #include #include @@ -24,20 +23,6 @@ #include "dpp_i.h" -#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ - (defined(LIBRESSL_VERSION_NUMBER) && \ - LIBRESSL_VERSION_NUMBER < 0x20700000L) -/* Compatibility wrappers for older versions. */ - -static EC_KEY * EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) -{ - if (pkey->type != EVP_PKEY_EC) - return NULL; - return pkey->pkey.ec; -} - -#endif - static const struct dpp_curve_params dpp_curves[] = { /* The mandatory to support and the default NIST P-256 curve needs to * be the first entry on this list. */ @@ -1746,15 +1731,12 @@ int dpp_reconfig_derive_ke_responder(struct dpp_authentication *auth, size_t net_access_key_len, struct json_token *peer_net_access_key) { - BN_CTX *bnctx = NULL; struct crypto_ec_key *own_key = NULL, *peer_key = NULL; - BIGNUM *sum = NULL, *q = NULL, *mx = NULL; - EC_POINT *m = NULL; - const EC_KEY *cR, *pR; - const EC_GROUP *group; - const BIGNUM *cR_bn, *pR_bn; - const EC_POINT *CI_point; - const EC_KEY *CI; + struct crypto_bignum *sum = NULL; + const struct crypto_bignum *q, *cR, *pR; + struct crypto_ec *ec = NULL; + struct crypto_ec_point *M = NULL; + const struct crypto_ec_point *CI; u8 Mx[DPP_MAX_SHARED_SECRET_LEN]; u8 prk[DPP_MAX_HASH_LEN]; const struct dpp_curve_params *curve; @@ -1792,37 +1774,24 @@ int dpp_reconfig_derive_ke_responder(struct dpp_authentication *auth, auth->e_nonce, auth->curve->nonce_len); /* M = { cR + pR } * CI */ - cR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)own_key); - pR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->own_protocol_key); - if (!pR) - goto fail; - group = EC_KEY_get0_group(pR); - bnctx = BN_CTX_new(); - sum = BN_new(); - mx = BN_new(); - q = BN_new(); - m = EC_POINT_new(group); - if (!cR || !bnctx || !sum || !mx || !q || !m) - goto fail; - cR_bn = EC_KEY_get0_private_key(cR); - pR_bn = EC_KEY_get0_private_key(pR); - if (!cR_bn || !pR_bn) - goto fail; - CI = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)peer_key); - CI_point = EC_KEY_get0_public_key(CI); - if (EC_GROUP_get_order(group, q, bnctx) != 1 || - BN_mod_add(sum, cR_bn, pR_bn, q, bnctx) != 1 || - EC_POINT_mul(group, m, NULL, CI_point, sum, bnctx) != 1 || - EC_POINT_get_affine_coordinates_GFp(group, m, mx, NULL, - bnctx) != 1) { - wpa_printf(MSG_ERROR, - "OpenSSL: failed: %s", - ERR_error_string(ERR_get_error(), NULL)); + ec = crypto_ec_init(curve->ike_group); + if (!ec) goto fail; - } - if (dpp_bn2bin_pad(mx, Mx, curve->prime_len) < 0) + sum = crypto_bignum_init(); + q = crypto_ec_get_order(ec); + M = crypto_ec_point_init(ec); + cR = crypto_ec_key_get_private_key(own_key); + pR = crypto_ec_key_get_private_key(auth->own_protocol_key); + CI = crypto_ec_key_get_public_key(peer_key); + + if (!sum || !q || !M || !cR || !pR || !CI || + crypto_bignum_addmod(cR, pR, q, sum) || + crypto_ec_point_mul(ec, CI, sum, M) || + crypto_ec_point_to_bin(ec, M, Mx, NULL)) { + wpa_printf(MSG_ERROR, "DPP: Error during M computation"); goto fail; + } wpa_hexdump_key(MSG_DEBUG, "DPP: M.x", Mx, curve->prime_len); /* ke = HKDF(C-nonce | E-nonce, "dpp reconfig key", M.x) */ @@ -1850,13 +1819,11 @@ int dpp_reconfig_derive_ke_responder(struct dpp_authentication *auth, fail: forced_memzero(prk, sizeof(prk)); forced_memzero(Mx, sizeof(Mx)); - EC_POINT_clear_free(m); - BN_free(q); - BN_clear_free(mx); - BN_clear_free(sum); + crypto_ec_point_deinit(M, 1); + crypto_bignum_deinit(sum, 1); crypto_ec_key_deinit(own_key); crypto_ec_key_deinit(peer_key); - BN_CTX_free(bnctx); + crypto_ec_deinit(ec); return res; } @@ -1865,14 +1832,11 @@ int dpp_reconfig_derive_ke_initiator(struct dpp_authentication *auth, const u8 *r_proto, u16 r_proto_len, struct json_token *net_access_key) { - BN_CTX *bnctx = NULL; struct crypto_ec_key *pr = NULL, *peer_key = NULL; - EC_POINT *sum = NULL, *m = NULL; - BIGNUM *mx = NULL; - const EC_KEY *cI, *CR, *PR; - const EC_GROUP *group; - const EC_POINT *CR_point, *PR_point; - const BIGNUM *cI_bn; + const struct crypto_ec_point *CR, *PR; + const struct crypto_bignum *cI; + struct crypto_ec *ec = NULL; + struct crypto_ec_point *sum = NULL, *M = NULL; u8 Mx[DPP_MAX_SHARED_SECRET_LEN]; u8 prk[DPP_MAX_HASH_LEN]; int res = -1; @@ -1902,24 +1866,23 @@ int dpp_reconfig_derive_ke_initiator(struct dpp_authentication *auth, } /* M = cI * { CR + PR } */ - cI = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->conf->connector_key); - cI_bn = EC_KEY_get0_private_key(cI); - group = EC_KEY_get0_group(cI); - bnctx = BN_CTX_new(); - sum = EC_POINT_new(group); - m = EC_POINT_new(group); - mx = BN_new(); - CR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)peer_key); - PR = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)auth->peer_protocol_key); - CR_point = EC_KEY_get0_public_key(CR); - PR_point = EC_KEY_get0_public_key(PR); - if (!bnctx || !sum || !m || !mx || - EC_POINT_add(group, sum, CR_point, PR_point, bnctx) != 1 || - EC_POINT_mul(group, m, NULL, sum, cI_bn, bnctx) != 1 || - EC_POINT_get_affine_coordinates_GFp(group, m, mx, NULL, - bnctx) != 1 || - dpp_bn2bin_pad(mx, Mx, curve->prime_len) < 0) + ec = crypto_ec_init(curve->ike_group); + if (!ec) + goto fail; + + cI = crypto_ec_key_get_private_key(auth->conf->connector_key); + sum = crypto_ec_point_init(ec); + M = crypto_ec_point_init(ec); + CR = crypto_ec_key_get_public_key(peer_key); + PR = crypto_ec_key_get_public_key(auth->peer_protocol_key); + + if (!cI || !sum || !M || !CR || !PR || + crypto_ec_point_add(ec, CR, PR, sum) || + crypto_ec_point_mul(ec, sum, cI, M) || + crypto_ec_point_to_bin(ec, M, Mx, NULL)) { + wpa_printf(MSG_ERROR, "DPP: Error during M computation"); goto fail; + } wpa_hexdump_key(MSG_DEBUG, "DPP: M.x", Mx, curve->prime_len); @@ -1947,10 +1910,9 @@ fail: forced_memzero(Mx, sizeof(Mx)); crypto_ec_key_deinit(pr); crypto_ec_key_deinit(peer_key); - EC_POINT_clear_free(sum); - EC_POINT_clear_free(m); - BN_clear_free(mx); - BN_CTX_free(bnctx); + crypto_ec_point_deinit(sum, 1); + crypto_ec_point_deinit(M, 1); + crypto_ec_deinit(ec); return res; } @@ -2470,50 +2432,45 @@ struct dpp_reconfig_id * dpp_gen_reconfig_id(const u8 *csign_key, const u8 *pp_key, size_t pp_key_len) { - const unsigned char *p; struct crypto_ec_key *csign = NULL, *ppkey = NULL; struct dpp_reconfig_id *id = NULL; - BN_CTX *ctx = NULL; - BIGNUM *bn = NULL, *q = NULL; - const EC_KEY *eckey; - const EC_GROUP *group; - EC_POINT *e_id = NULL; + struct crypto_ec *ec = NULL; + const struct crypto_bignum *q; + struct crypto_bignum *bn = NULL; + struct crypto_ec_point *e_id = NULL; + const struct crypto_ec_point *generator = NULL; - p = csign_key; - csign = (struct crypto_ec_key *)d2i_PUBKEY(NULL, &p, csign_key_len); + csign = crypto_ec_key_parse_pub(csign_key, csign_key_len); if (!csign) goto fail; if (!pp_key) goto fail; - p = pp_key; - ppkey = (struct crypto_ec_key *)d2i_PUBKEY(NULL, &p, pp_key_len); + ppkey = crypto_ec_key_parse_pub(pp_key, pp_key_len); if (!ppkey) goto fail; - eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)csign); - if (!eckey) - goto fail; - group = EC_KEY_get0_group(eckey); - if (!group) + ec = crypto_ec_init(crypto_ec_key_group(csign)); + if (!ec) goto fail; - e_id = EC_POINT_new(group); - ctx = BN_CTX_new(); - bn = BN_new(); - q = BN_new(); - if (!e_id || !ctx || !bn || !q || - !EC_GROUP_get_order(group, q, ctx) || - !BN_rand_range(bn, q) || - !EC_POINT_mul(group, e_id, bn, NULL, NULL, ctx)) + e_id = crypto_ec_point_init(ec); + q = crypto_ec_get_order(ec); + bn = crypto_bignum_init(); + generator = crypto_ec_get_generator(ec); + if (!e_id || !bn || !q || !generator || + crypto_bignum_rand(bn, q) || + crypto_ec_point_mul(ec, generator, bn, e_id)) goto fail; - dpp_debug_print_point("DPP: Generated random point E-id", group, e_id); + crypto_ec_point_debug_print(ec, e_id, "DPP: Generated random point E-id"); id = os_zalloc(sizeof(*id)); if (!id) goto fail; - id->group = group; + + id->ec = ec; + ec = NULL; id->e_id = e_id; e_id = NULL; id->csign = csign; @@ -2521,93 +2478,56 @@ struct dpp_reconfig_id * dpp_gen_reconfig_id(const u8 *csign_key, id->pp_key = ppkey; ppkey = NULL; fail: - EC_POINT_free(e_id); + crypto_ec_point_deinit(e_id, 1); crypto_ec_key_deinit(csign); crypto_ec_key_deinit(ppkey); - BN_clear_free(bn); - BN_CTX_free(ctx); + crypto_bignum_deinit(bn, 1); + crypto_ec_deinit(ec); return id; } -static struct crypto_ec_key * dpp_pkey_from_point(const EC_GROUP *group, - const EC_POINT *point) -{ - EC_KEY *eckey; - EVP_PKEY *pkey = NULL; - - eckey = EC_KEY_new(); - if (!eckey || - EC_KEY_set_group(eckey, group) != 1 || - EC_KEY_set_public_key(eckey, point) != 1) { - wpa_printf(MSG_ERROR, - "DPP: Failed to set EC_KEY: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } - EC_KEY_set_asn1_flag(eckey, OPENSSL_EC_NAMED_CURVE); - - pkey = EVP_PKEY_new(); - if (!pkey || EVP_PKEY_set1_EC_KEY(pkey, eckey) != 1) { - wpa_printf(MSG_ERROR, "DPP: Could not create EVP_PKEY"); - EVP_PKEY_free(pkey); - pkey = NULL; - goto fail; - } - -fail: - EC_KEY_free(eckey); - return (struct crypto_ec_key *)pkey; -} - - int dpp_update_reconfig_id(struct dpp_reconfig_id *id) { - BN_CTX *ctx = NULL; - BIGNUM *bn = NULL, *q = NULL; - EC_POINT *e_prime_id = NULL, *a_nonce = NULL; + const struct crypto_bignum *q; + struct crypto_bignum *bn; + const struct crypto_ec_point *pp = NULL, *generator = NULL; + struct crypto_ec_point *e_prime_id = NULL, *a_nonce = NULL; int ret = -1; - const EC_KEY *pp; - const EC_POINT *pp_point; - pp = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)id->pp_key); - if (!pp) - goto fail; - pp_point = EC_KEY_get0_public_key(pp); - e_prime_id = EC_POINT_new(id->group); - a_nonce = EC_POINT_new(id->group); - ctx = BN_CTX_new(); - bn = BN_new(); - q = BN_new(); + pp = crypto_ec_key_get_public_key(id->pp_key); + e_prime_id = crypto_ec_point_init(id->ec); + a_nonce = crypto_ec_point_init(id->ec); + bn = crypto_bignum_init(); + q = crypto_ec_get_order(id->ec); + generator = crypto_ec_get_generator(id->ec); + /* Generate random 0 <= a-nonce < q * A-NONCE = a-nonce * G * E'-id = E-id + a-nonce * P_pk */ - if (!pp_point || !e_prime_id || !a_nonce || !ctx || !bn || !q || - !EC_GROUP_get_order(id->group, q, ctx) || - !BN_rand_range(bn, q) || /* bn = a-nonce */ - !EC_POINT_mul(id->group, a_nonce, bn, NULL, NULL, ctx) || - !EC_POINT_mul(id->group, e_prime_id, NULL, pp_point, bn, ctx) || - !EC_POINT_add(id->group, e_prime_id, id->e_id, e_prime_id, ctx)) + if (!pp || !e_prime_id || !a_nonce || !bn || !q || !generator || + crypto_bignum_rand(bn, q) || + crypto_ec_point_mul(id->ec, generator, bn, a_nonce) || + crypto_ec_point_mul(id->ec, pp, bn, e_prime_id) || + crypto_ec_point_add(id->ec, id->e_id, e_prime_id, e_prime_id)) goto fail; - dpp_debug_print_point("DPP: Generated A-NONCE", id->group, a_nonce); - dpp_debug_print_point("DPP: Encrypted E-id to E'-id", - id->group, e_prime_id); + crypto_ec_point_debug_print(id->ec, a_nonce, "DPP: Generated A-NONCE"); + crypto_ec_point_debug_print(id->ec, e_prime_id, "DPP: Encrypted E-id to E'-id"); crypto_ec_key_deinit(id->a_nonce); crypto_ec_key_deinit(id->e_prime_id); - id->a_nonce = dpp_pkey_from_point(id->group, a_nonce); - id->e_prime_id = dpp_pkey_from_point(id->group, e_prime_id); + id->a_nonce = crypto_ec_key_set_pub_point(id->ec, a_nonce); + id->e_prime_id = crypto_ec_key_set_pub_point(id->ec, e_prime_id); if (!id->a_nonce || !id->e_prime_id) goto fail; ret = 0; fail: - EC_POINT_free(e_prime_id); - EC_POINT_free(a_nonce); - BN_clear_free(bn); - BN_CTX_free(ctx); + crypto_ec_point_deinit(e_prime_id, 1); + crypto_ec_point_deinit(a_nonce, 1); + crypto_bignum_deinit(bn, 1); return ret; } @@ -2615,55 +2535,53 @@ fail: void dpp_free_reconfig_id(struct dpp_reconfig_id *id) { if (id) { - EC_POINT_clear_free(id->e_id); + crypto_ec_point_deinit(id->e_id, 1); crypto_ec_key_deinit(id->csign); crypto_ec_key_deinit(id->a_nonce); crypto_ec_key_deinit(id->e_prime_id); crypto_ec_key_deinit(id->pp_key); + crypto_ec_deinit(id->ec); os_free(id); } } -EC_POINT * dpp_decrypt_e_id(struct crypto_ec_key *ppkey, struct crypto_ec_key *a_nonce, - struct crypto_ec_key *e_prime_id) +struct crypto_ec_point * dpp_decrypt_e_id(struct crypto_ec_key *ppkey, + struct crypto_ec_key *a_nonce, + struct crypto_ec_key *e_prime_id) { - const EC_KEY *pp_ec, *a_nonce_ec, *e_prime_id_ec; - const BIGNUM *pp_bn; - const EC_GROUP *group; - EC_POINT *e_id = NULL; - const EC_POINT *a_nonce_point, *e_prime_id_point; - BN_CTX *ctx = NULL; + struct crypto_ec *ec = NULL; + const struct crypto_bignum *pp; + struct crypto_ec_point *e_id = NULL; + const struct crypto_ec_point *a_nonce_point, *e_prime_id_point; if (!ppkey) return NULL; /* E-id = E'-id - s_C * A-NONCE */ - pp_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)ppkey); - a_nonce_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)a_nonce); - e_prime_id_ec = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)e_prime_id); - if (!pp_ec || !a_nonce_ec || !e_prime_id_ec) + ec = crypto_ec_init(crypto_ec_key_group(ppkey)); + if (!ec) return NULL; - pp_bn = EC_KEY_get0_private_key(pp_ec); - group = EC_KEY_get0_group(pp_ec); - a_nonce_point = EC_KEY_get0_public_key(a_nonce_ec); - e_prime_id_point = EC_KEY_get0_public_key(e_prime_id_ec); - ctx = BN_CTX_new(); - if (!pp_bn || !group || !a_nonce_point || !e_prime_id_point || !ctx) + + pp = crypto_ec_key_get_private_key(ppkey); + a_nonce_point = crypto_ec_key_get_public_key(a_nonce); + e_prime_id_point = crypto_ec_key_get_public_key(e_prime_id); + if (!pp || !a_nonce_point || !e_prime_id_point) goto fail; - e_id = EC_POINT_new(group); + + e_id = crypto_ec_point_init(ec); if (!e_id || - !EC_POINT_mul(group, e_id, NULL, a_nonce_point, pp_bn, ctx) || - !EC_POINT_invert(group, e_id, ctx) || - !EC_POINT_add(group, e_id, e_prime_id_point, e_id, ctx)) { - EC_POINT_clear_free(e_id); + crypto_ec_point_mul(ec, a_nonce_point, pp, e_id) || + crypto_ec_point_invert(ec, e_id) || + crypto_ec_point_add(ec, e_id, e_prime_id_point, e_id)) { + crypto_ec_point_deinit(e_id, 1); goto fail; } - dpp_debug_print_point("DPP: Decrypted E-id", group, e_id); + crypto_ec_point_debug_print(ec, e_id, "DPP: Decrypted E-id"); fail: - BN_CTX_free(ctx); + crypto_ec_deinit(ec); return e_id; } diff --git a/src/common/dpp_i.h b/src/common/dpp_i.h index 4686fb02b..4765c6d31 100644 --- a/src/common/dpp_i.h +++ b/src/common/dpp_i.h @@ -130,16 +130,17 @@ int dpp_reconfig_derive_ke_responder(struct dpp_authentication *auth, int dpp_reconfig_derive_ke_initiator(struct dpp_authentication *auth, const u8 *r_proto, u16 r_proto_len, struct json_token *net_access_key); -EC_POINT * dpp_decrypt_e_id(struct crypto_ec_key *ppkey, struct crypto_ec_key *a_nonce, - struct crypto_ec_key *e_prime_id); +struct crypto_ec_point * dpp_decrypt_e_id(struct crypto_ec_key *ppkey, + struct crypto_ec_key *a_nonce, + struct crypto_ec_key *e_prime_id); char * dpp_sign_connector(struct dpp_configurator *conf, const struct wpabuf *dppcon); int dpp_test_gen_invalid_key(struct wpabuf *msg, const struct dpp_curve_params *curve); struct dpp_reconfig_id { - const EC_GROUP *group; - EC_POINT *e_id; /* E-id */ + struct crypto_ec *ec; + struct crypto_ec_point *e_id; /* E-id */ struct crypto_ec_key *csign; struct crypto_ec_key *a_nonce; /* A-NONCE */ struct crypto_ec_key *e_prime_id; /* E'-id */ diff --git a/src/common/dpp_reconfig.c b/src/common/dpp_reconfig.c index b2db3e2ac..7137bc5fd 100644 --- a/src/common/dpp_reconfig.c +++ b/src/common/dpp_reconfig.c @@ -7,8 +7,6 @@ */ #include "utils/includes.h" -#include -#include #include "utils/common.h" #include "utils/json.h" @@ -229,7 +227,7 @@ dpp_reconfig_init(struct dpp_global *dpp, void *msg_ctx, struct dpp_authentication *auth; const struct dpp_curve_params *curve; struct crypto_ec_key *a_nonce, *e_prime_id; - EC_POINT *e_id; + struct crypto_ec_point *e_id; curve = dpp_get_curve_ike_group(group); if (!curve) { @@ -273,7 +271,7 @@ dpp_reconfig_init(struct dpp_global *dpp, void *msg_ctx, * Enrollee has already been started and is waiting for updated * configuration instead of replying again before such configuration * becomes available */ - EC_POINT_clear_free(e_id); + crypto_ec_point_deinit(e_id, 1); auth = dpp_alloc_auth(dpp, msg_ctx); if (!auth) diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index 889d0ef0e..8756e10f6 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -713,6 +713,14 @@ int crypto_bignum_legendre(const struct crypto_bignum *a, */ struct crypto_ec; +/** + * struct crypto_ec_point - Elliptic curve point + * + * Internal data structure for EC implementation to represent a point. The + * contents is specific to the used crypto library. + */ +struct crypto_ec_point; + /** * crypto_ec_init - Initialize elliptic curve context * @group: Identifying number for the ECC group (IANA "Group Description" @@ -777,12 +785,11 @@ const struct crypto_bignum * crypto_ec_get_a(struct crypto_ec *e); const struct crypto_bignum * crypto_ec_get_b(struct crypto_ec *e); /** - * struct crypto_ec_point - Elliptic curve point - * - * Internal data structure for EC implementation to represent a point. The - * contents is specific to the used crypto library. + * crypto_ec_get_generator - Get generator point of the EC group's curve + * @e: EC context from crypto_ec_init() + * Returns: Pointer to Generator point */ -struct crypto_ec_point; +const struct crypto_ec_point * crypto_ec_get_generator(struct crypto_ec *e); /** * crypto_ec_point_init - Initialize data for an EC point @@ -1028,6 +1035,15 @@ struct crypto_ec_key * crypto_ec_key_parse_pub(const u8 *der, size_t der_len); */ struct crypto_ec_key * crypto_ec_key_set_pub(int group, const u8 *x, const u8 *y, size_t len); +/** + * crypto_ec_key_set_pub_point - Initialize an EC Public Key from EC point + * @e: EC context from crypto_ec_init() + * @pub: Public key point + * Returns: EC key or %NULL on failure + */ +struct crypto_ec_key * crypto_ec_key_set_pub_point(struct crypto_ec *e, + const struct crypto_ec_point *pub); + /** * crypto_ec_key_gen - Generate EC Key pair * @group: Identifying number for the ECC group diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 12b025593..edd2fc95c 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -1784,6 +1784,12 @@ const struct crypto_bignum * crypto_ec_get_b(struct crypto_ec *e) } +const struct crypto_ec_point * crypto_ec_get_generator(struct crypto_ec *e) +{ + return (const struct crypto_ec_point *) EC_GROUP_get0_generator(e->group); +} + + void crypto_ec_point_deinit(struct crypto_ec_point *p, int clear) { if (clear) @@ -2407,6 +2413,37 @@ fail: goto out; } +struct crypto_ec_key * crypto_ec_key_set_pub_point(struct crypto_ec *ec, const struct crypto_ec_point *pub) +{ + EC_KEY *eckey = NULL; + EVP_PKEY *pkey = NULL; + + eckey = EC_KEY_new(); + if (!eckey || + EC_KEY_set_group(eckey, ec->group) != 1 || + EC_KEY_set_public_key(eckey, (const EC_POINT *)pub) != 1) { + wpa_printf(MSG_ERROR, + "OpenSSL: Failed to set EC_KEY: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + EC_KEY_set_asn1_flag(eckey, OPENSSL_EC_NAMED_CURVE); + + pkey = EVP_PKEY_new(); + if (!pkey || EVP_PKEY_assign_EC_KEY(pkey, eckey) != 1) { + wpa_printf(MSG_ERROR, "DPP: Could not create EVP_PKEY"); + goto fail; + } + +out: + return (struct crypto_ec_key *)pkey; + +fail: + EVP_PKEY_free(pkey); + EC_KEY_free(eckey); + pkey = NULL; + goto out; +} struct crypto_ec_key * crypto_ec_key_gen(int group) { From patchwork Mon Jun 28 16:25:33 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498063 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=4SbQOvS5; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=ObeSJvsD; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCrQ2ghMz9sVp for ; Tue, 29 Jun 2021 02:35:02 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=slAHRevWsyhHGNuLTzaDBTg4SHysXUYaUWU50Bi1nqA=; b=4SbQOvS5Cauab1 iQ345gxoKUNFM3oNgLkxOMrcFUheW4SljCuRNFE4wGs0gafJQlkO0IClTMBQEEBEh2VJGolNqll4m cP+3hcjj0GqjgUt/y9slzahpavAzXLGAbGq4+hYH4SzXI/tDyihaUc6rIGYdfbTzLxVjODjYikQyI 6vDvPlkHn6w29dMkC/P9INlgpYNINRjjduuqtl9Q5A8fgej4VJ1Qs+vn+rX53U1gGe2VgNV1gjtj1 yIS+U+jXs4U9BwiKJkRO85XeSkrv/JUHiw/26+r9niHzgoXEhfxEb0HWk8KnPgwYfp8aqLJt9hh5L yatuKmBim0O+jNchvRMQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxuD2-008del-MH; Mon, 28 Jun 2021 16:34:09 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5K-008alG-Qt for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:14 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897550; x=1627489550; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=HZGwRnTmM4s01Ugzf7fX7bbDMHca1CgaxhpC47t6wDQ=; b=ObeSJvsDa8X74YXdF/FTNWyKoUCalP4NhCAYFx7O2BUp+nvU0XJtCFLWmIhXn3Ox SGNiAcfUhQVoghygq4XKYHv6uwcTZjVsNDlzwMLJHwvEayhEZEOzeuxyICL2lHo9 +2lSO7WqVH+eFzoJqV8iLUuCGVgX73kw8m51ejM00T0=; X-AuditID: c3528109-8b7e670000004490-6c-60d9f80ee6bb Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id B6.2B.17552.E08F9D06; Mon, 28 Jun 2021 19:25:50 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:49 +0300 From: Cedric Izoard To: Subject: [PATCH 16/21] dpp: Use crypto_ec_key_group to compare EC Key's group Date: Mon, 28 Jun 2021 18:25:33 +0200 Message-ID: <20210628162538.21067-17-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-7.769300-4.000000-10 X-TMASE-MatchedRID: OduZmbQPXWnIarh/uoUlq4S/TV9k6ppATEFC0zV7bKRAzPYUSDzxTPFS HkhrYdXTTFgh0u3ThFpw5T4Iaj538mJZXQNDzktS8G8CATEgS6YmGV3unjrSUft9kl8N0Ihc+2o iuQ7+Xlz4O4hCS6FTRFkuyy8gaRTjEfMbQdPm0FukvaQteDAtwv4159kh1JlcVWQnHKxp38izPx Baeeyhtqsxq33VpTVMciQ2qoJ17tkrccSN+BZoW2/6CCblACLhcG8rkIOAVOleGZa58oEXZPBUq 5JsuvxSqXMg65njiDsS80HWqVm3/OYlblXJFLruq5uw61JZjZCAMuqetGVetnyef22ep6XYymsk /wUE4horkLklhg1rSJZuhW8JOiMRiYUnCqT7pdlEpRW9x9NOM1/XWkgaja5XwL6SxPpr1/I= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--7.769300-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: DAE275961E9D22EFCEED7763968982C0DFE76AF54327A1CDC8483B6FECF478DF2000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrBIsWRmVeSWpSXmKPExsVyYIUtty7fj5sJBus65CzWPkpzYPTYvKQ+ gDFK1yYpsaQsODM9T9/OpiSnWKE4taQkMy/dVsnXMVIJKJZUWZBYXKxbXJCYq2+XoJvx4ukR poL3chUb1q5gbGA8INnFyMkhIWAisXzbHJYuRi4OIYG9jBKdbTeYIZwVjBJvZ05iBaliEzCQ +PpjPhOILSKgINH5dDsziC0s4Csx59EKdhCbRUBV4t+1SUCTODh4BRwkVt6XhVggL/Fs+jyw Ek6g8M99n8FGCgnYSxyatYIFxOYVEJQ4OfMJmM0sICFx8MULZogadYmda5pZIOZYSOzpWcEE YatLrJj1jg3kTgmB88wSBy59YgLZKwF02+cZxjB7P16YwQhhq0os+nOOEebhBb+uQc2MkNi8 /T3bBEaxWUjOmIXkjAWMTKsYBXMrMnP0klPLEnVTigv0kvNzNzECo+ZwUCPnDsbPS+MPMTJx MB5ilOBgVhLhFau6liDEm5JYWZValB9fVJqTWnyIMRkYPBOZpUST84FRm1cSb2hqbmluZGBh YW5qaEaEsIG5mYk5kDI2N1ES500T3JogJJCeWJKanZpakFoEs4WJgxPkCi4pkeLUvJTUosTS kox4UCKJLwamEqkGxkmPnZMT1q/2+uCSvv1Y3foLqckPLdYezdnELMc0T17otsfGPbL3uRWO /vPYtWjtiiMeL7avLOo+9StsDbOCiKUy58wyzTULfSadvxS0bntH8IQ3gTYyDzrLlB+XaZcp lKuqGx07HMI4dYHsf11zny6/qW2fZ905sctW6Qmj6LEVzXe6uGaouSmxFGckGmoxFxUnAgDA bIA/6wIAAA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092611_108964_3156C7C1 X-CRM114-Status: GOOD ( 13.43 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Remove last direct call to OpennSSL in ddp.c by using crypto_ec_key_group to compare group of C-sign and PP keys. Signed-off-by: Cedric Izoard --- src/common/dpp.c | 45 ++++++++ src/common/dpp_crypto.c | 15 src/common/dpp_i.h | 1 - 3 fil [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Remove last direct call to OpennSSL in ddp.c by using crypto_ec_key_group to compare group of C-sign and PP keys. Signed-off-by: Cedric Izoard --- src/common/dpp.c | 45 ++++++++--------------------------------- src/common/dpp_crypto.c | 15 -------------- src/common/dpp_i.h | 1 - 3 files changed, 8 insertions(+), 53 deletions(-) diff --git a/src/common/dpp.c b/src/common/dpp.c index 2f0f9552d..67ba20fb5 100644 --- a/src/common/dpp.c +++ b/src/common/dpp.c @@ -8,8 +8,6 @@ */ #include "utils/includes.h" -#include -#include #include "utils/common.h" #include "utils/base64.h" @@ -38,22 +36,6 @@ int dpp_version_override = 1; enum dpp_test_behavior dpp_test = DPP_TEST_DISABLED; #endif /* CONFIG_TESTING_OPTIONS */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ - (defined(LIBRESSL_VERSION_NUMBER) && \ - LIBRESSL_VERSION_NUMBER < 0x20700000L) -/* Compatibility wrappers for older versions. */ - -#ifdef CONFIG_DPP2 -static EC_KEY * EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) -{ - if (pkey->type != EVP_PKEY_EC) - return NULL; - return pkey->pkey.ec; -} -#endif /* CONFIG_DPP2 */ - -#endif - void dpp_auth_fail(struct dpp_authentication *auth, const char *txt) { @@ -4256,33 +4238,22 @@ int dpp_configurator_from_backup(struct dpp_global *dpp, struct dpp_asymmetric_key *key) { struct dpp_configurator *conf; - const EC_KEY *eckey, *eckey_pp; - const EC_GROUP *group, *group_pp; - int nid; - const struct dpp_curve_params *curve; + const struct dpp_curve_params *curve, *curve_pp; if (!key->csign || !key->pp_key) return -1; - eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)key->csign); - if (!eckey) - return -1; - group = EC_KEY_get0_group(eckey); - if (!group) - return -1; - nid = EC_GROUP_get_curve_name(group); - curve = dpp_get_curve_nid(nid); + + curve = dpp_get_curve_ike_group(crypto_ec_key_group(key->csign)); if (!curve) { wpa_printf(MSG_INFO, "DPP: Unsupported group in c-sign-key"); return -1; } - eckey_pp = EVP_PKEY_get0_EC_KEY((EVP_PKEY *)key->pp_key); - if (!eckey_pp) - return -1; - group_pp = EC_KEY_get0_group(eckey_pp); - if (!group_pp) + + curve_pp = dpp_get_curve_ike_group(crypto_ec_key_group(key->pp_key)); + if (!curve) { + wpa_printf(MSG_INFO, "DPP: Unsupported group in ppKey"); return -1; - if (EC_GROUP_get_curve_name(group) != - EC_GROUP_get_curve_name(group_pp)) { + } else if (curve != curve_pp) { wpa_printf(MSG_INFO, "DPP: Mismatch in c-sign-key and ppKey groups"); return -1; diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 5bd181b29..597b12ef2 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -66,21 +66,6 @@ const struct dpp_curve_params * dpp_get_curve_jwk_crv(const char *name) } -const struct dpp_curve_params * dpp_get_curve_nid(int nid) -{ - int i, tmp; - - if (!nid) - return NULL; - for (i = 0; dpp_curves[i].name; i++) { - tmp = OBJ_txt2nid(dpp_curves[i].name); - if (tmp == nid) - return &dpp_curves[i]; - } - return NULL; -} - - const struct dpp_curve_params * dpp_get_curve_ike_group(u16 group) { int i; diff --git a/src/common/dpp_i.h b/src/common/dpp_i.h index 4765c6d31..e1b3e16e6 100644 --- a/src/common/dpp_i.h +++ b/src/common/dpp_i.h @@ -72,7 +72,6 @@ dpp_check_signed_connector(struct dpp_signed_connector_info *info, const u8 *peer_connector, size_t peer_connector_len); const struct dpp_curve_params * dpp_get_curve_name(const char *name); const struct dpp_curve_params * dpp_get_curve_jwk_crv(const char *name); -const struct dpp_curve_params * dpp_get_curve_nid(int nid); const struct dpp_curve_params * dpp_get_curve_ike_group(u16 group); int dpp_bi_pubkey_hash(struct dpp_bootstrap_info *bi, const u8 *data, size_t data_len); From patchwork Mon Jun 28 16:25:34 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498065 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=pa3n80Y2; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=oJnXrTQn; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCt53Yv2z9sW6 for ; Tue, 29 Jun 2021 02:36:29 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=LItxugapSBZQJcc7jmKjP/SyQ/ta7BoD8Ef+0cqu8KQ=; b=pa3n80Y2UoOOLS XWnAMfFjYnfs+sOed77iwpyJpNxBTx/XOKjDflkTEfIJT0EEXUJeA7tEJOFcc5+/7cT7ETe+KQOIl 61nbXQCkAIonGGPKhgGqRz23rtUAUn1xWozqnOxqyy1sy07qr1v2Ft/myCNnfoz1h8exE+0bmBGNd AnfGY7f0WEVPx2sRTWEkTNrb9L2yseCC+75yaM7Va4ZlH6EuL3qz/cXAF8H+vc9SesFLs3OxuHoO7 jrdo8e3G2TZtJMCJSYkU9qMNDNTVR9/foYojEGQDtXVvUom4Y4XGC2dVrRoeXkJEx8xCmqP4VCcpw fuMIbWGoUcuRdiLA3bBg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxuEH-008eFP-C1; Mon, 28 Jun 2021 16:35:25 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5P-008ani-Bl for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:16 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897551; x=1627489551; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=VIeBPxqbVJhntxbdjE1Wl45cwVNZKAP5zud1EL7WYKA=; b=oJnXrTQnv6eLktpgLwCOSX/OLVOEHfNz/tpLCRVwF4pM1CFK8Jx8scQtD1DFyx/i 5n4OxM5ToyZMPYhO2IYchsU4jGCPDdw76epErfav2+hlgnkuAmtI5pSLF3iPeMVv HCbK1VZVZ3f2tI2F2slgzPoFxYc2RmXM1MhD6qQ1cdk=; X-AuditID: c3528109-88be570000004490-6d-60d9f80ed971 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id E6.2B.17552.E08F9D06; Mon, 28 Jun 2021 19:25:51 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:50 +0300 From: Cedric Izoard To: Subject: [PATCH 17/21] dpp: Add crypto_ec_key_cmp in crypto.h Date: Mon, 28 Jun 2021 18:25:34 +0200 Message-ID: <20210628162538.21067-18-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-7.282000-4.000000-10 X-TMASE-MatchedRID: Cf7uT33tFhbGECW+EE+DVvBvAgExIEumP6Tki+9nU39YwVHjLI3nekAc 6DyoS2rIZNUDHbPZ5K1kvxhmKnVIc4ALX2fTNBeIBcaL/tyWL2PNehe81b8uuLKeTtOdjMy6vY8 dalamEEGS1EziUoefS5wq4AawHgC6AeYwy+LSb9O+hCRkqj3j0+uLFZZYlisfHxPMjOKY7A+6vV BUUydJCsRB0bsfrpPIXzYxeQR1DvvxtMRbYWAqwqZ5hAjvqEHH3lj7dVsN00yBe6rnOhqai3bm/ EILEzzV X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--7.282000-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 86B211A069B245F00C0B8E606659FE17F96C91D88846C2EB57E54B2403E4E0762000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrGIsWRmVeSWpSXmKPExsVyYIUtty7/j5sJBvsnMFqsfZTmwOixeUl9 AGOUrk1SYklZcGZ6nr6dTUlOsUJxaklJZl66rZKvY6QSUCypsiCxuFi3uCAxV98uQTdj466p zAWr+SruTzvJ1sD4lbuLkZNDQsBEYtPNB8xdjFwcQgJ7GSXOLDvCCpIQEljBKPHvqguIzSZg IPH1x3wmEFtEQEGi8+l2ZhBbWMBWYsfMBnYQm0VAVeLb26dAcQ4OXgEHiUVdhhDz5SWeTZ8H VsIJFP657zPUeHuJQ7NWsIDYvAKCEidnPgGzmQUkJA6+eMEMUaMusXNNMwvEHAuJPT0rmEDG SwDFj98OBTlZQuAAk8TZdcug4goSn2cYw6z9eGEGI4StKtG5cj4zzLsLfl2DGhkh8Wp9L+ME RrFZSK6YheSKBYxMqxgFcysyc/SSU8sSdVOKC/SS83M3MQIj5nBQI+cOxs9L4w8xMnEwHmKU 4GBWEuEVq7qWIMSbklhZlVqUH19UmpNafIgxGRg6E5mlRJPzgRGbVxJvaGpuaW5kYGFhbmpo RoSwgbmZiTmQMjY3URLnTRPcmiAkkJ5YkpqdmlqQWgSzhYmDE+QKLimR4tS8lNSixNKSjHhQ EokvBqYRqQZGhSVrJAyesAW4Lln04+rbTbXbu98miYorhIjGfdsfGPko58ZMnQMZ7RVXio6X B86Vkjnz/6PIpYXdpfpRYlOcyv6sebk199y+/Rlzl99jrXao7Ww5cTbQadLRTRpet5PdZ4dJ b3kzlTH/VbrJOxmt0sOdVY+Dl7a1Cni1eRqHTgys5u/TT4lVYinOSDTUYi4qTgQALFYMCOkC AAA= X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092615_657428_DED167EF X-CRM114-Status: GOOD ( 10.54 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Cedric Izoard --- src/common/dpp.c | 2 +- src/crypto/crypto.h | 8 ++++++++ src/crypto/crypto_openssl.c | 7 +++++++ 3 files changed, 16 insertions(+), 1 dele [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Cedric Izoard --- src/common/dpp.c | 2 +- src/crypto/crypto.h | 8 ++++++++ src/crypto/crypto_openssl.c | 7 +++++++ 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/src/common/dpp.c b/src/common/dpp.c index 67ba20fb5..5e64fad34 100644 --- a/src/common/dpp.c +++ b/src/common/dpp.c @@ -2369,7 +2369,7 @@ skip_groups: goto fail; dpp_debug_print_key("DPP: Received netAccessKey", key); - if (EVP_PKEY_cmp((EVP_PKEY *)key, (EVP_PKEY *)auth->own_protocol_key) != 1) { + if (crypto_ec_key_cmp(key, auth->own_protocol_key)) { wpa_printf(MSG_DEBUG, "DPP: netAccessKey in connector does not match own protocol key"); #ifdef CONFIG_TESTING_OPTIONS diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index 8756e10f6..d76ca9cd4 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -1152,4 +1152,12 @@ int crypto_ec_key_verify_signature_r_s(struct crypto_ec_key *key, const u8 *data */ int crypto_ec_key_group(struct crypto_ec_key *key); +/** + * crypto_ec_key_cmp - Compare 2 EC Public keys + * @key1: Key 1 + * @key2: Key 2 + * Retruns: 0 if Public keys are identical, non-zero otherwise + */ +int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2); + #endif /* CRYPTO_H */ diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index edd2fc95c..282df1089 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -2795,4 +2795,11 @@ int crypto_ec_key_group(struct crypto_ec_key *key) return -1; } + +int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2) +{ + if (EVP_PKEY_cmp((EVP_PKEY *)key1, (EVP_PKEY *)key2) != 1) + return -1; + return 0; +} #endif /* CONFIG_ECC */ From patchwork Mon Jun 28 16:25:35 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498066 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=mvyjxkWr; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=GCXIaaVA; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCwX2CGkz9sVp for ; Tue, 29 Jun 2021 02:38:36 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=PRt9zWupzpVNzlOipgouXvfOmOFZjrgUx7+8IX4GPpo=; b=mvyjxkWrLAAGJn y66sPAbfmktrhFk4uQqg9WjNi8PhDYy0JjrFuxTDh3813zbgBQt52mYhs2SgQ6IYVvDojMMTKqYly uxx6Nwp4rYpDqEkXx/b3c6jg2Wk0jtyoYCJuclwHVNsrsBdHBsPNQfU5+WQ0MfqS806AjCMadazC/ upsLdLqvC77VV6cyomyzRU+hk+fMqMrsTn0klx9VK7+Lmw/O5zu7nIsInDmdg5vV8pmCZ3l4Tz+Y/ bDCmp1yRL2lTXiwmsy5xyrTz0nD8Gln3vLHVvKZpwQ0RcyLkuxrjG4UDvMvo1PeNuDmMyRL+0TtbJ xBUQyne7jTFsSjnLbyeA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxuFa-008eoX-Ip; Mon, 28 Jun 2021 16:36:47 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5Q-008aoG-NZ for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:18 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897551; x=1627489551; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=VE8Erd81IVdyjaAyvWjZTnBPqGIoRjy5jChd5keG78o=; b=GCXIaaVAu/suplNroaF/VeLSw07davH91ZVrQqSyygnXxubqNGi1GmW1CehnxdSz n2/Ra912/uCk7bPz47v4MUWqHn1Qrez67qyysCLzhNaG0gk98VWRuiV9xgJXcIqr NLXjZclFDcbZ4EZrDPEuxR4C8TYowaUlK9UCqfngbEA=; X-AuditID: c3528109-88be570000004490-6f-60d9f80f9247 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 07.2B.17552.F08F9D06; Mon, 28 Jun 2021 19:25:51 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:50 +0300 From: Cedric Izoard To: Subject: [PATCH 18/21] dpp: remove direct call to OpenSSL in dpp_test_gen_invalid_key Date: Mon, 28 Jun 2021 18:25:35 +0200 Message-ID: <20210628162538.21067-19-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-5.950400-4.000000-10 X-TMASE-MatchedRID: j0rLVxyV8yJHSegabJM0y3IWIm/KPydQyabG+H67lL5pUUxjTnX0eozO JGwlpxavoC6Slr+216B5Rlzh6RVpEiHhSBQfglfsA9lly13c/gGOVGny5q72hlE+yNPuNFlnuKa YUg9Wq9WmOqJusRAjwSSKFW7xCPglVFgulHaAHKmqh5pv1eDPz3vEgoSBmr8BKhti1S0LpMZtau XzQObGkGBLHGM2+522B3NEimY7TdQQosScSHql5PBvAgExIEumC//1TMV5chM8cwBuO6HB3wBJZ TC1Q8dtrTUmEDsFz+ru7pcmNXQ/H5V5QOheuUnNzfqlpbtmcWg34kcsI3l248ob7R4BzcJ5ngIg pj8eDcAZ1CdBJOsoY8RB0bsfrpPIHm9ggFVoCcDMSL91LL/QZWWMEmWjybOrPh8yZKJSqzsd0fL IYlG5BnvdH5vmnxwmftwZ3X11IV0= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--5.950400-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 6C68B6B4722ADE0F473A4363B8510AA9F78674E9B1CC2F7CAD675B607CE3C2FE2000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrGIsWRmVeSWpSXmKPExsVyYIUtty7/j5sJBi9W6VusfZTmwOixeUl9 AGOUrk1SYklZcGZ6nr6dTUlOsUJxaklJZl66rZKvY6QSUCypsiCxuFi3uCAxV98uQTdj98V3 7AUnFCsuH13K3MD4XqqLkZNDQsBEYu7Pz4xdjFwcQgJ7GSU2L9zOCJIQEljBKPHvqguIzSZg IPH1x3wmEFtEQEGi8+l2ZhBbWCBU4u2fftYuRg4OFgFViVUvlUHCvAIOElcWXGOCmC8v8Wz6 PHYQmxMo/nPfZ1aI8fYSh2atYIGoF5Q4OfMJmM0sICFx8MULZogadYmda5pZIOZYSOzpWQE1 U12iZfk8Vgj7E7PEs53SICdIAJ32eYYxzNqPF2YwQtiqEvN3PmWDeXfBr2tQIyMkJs2cxzKB UWwWkitmIbliASPTKkbB3IrMHL3k1LJE3ZTiAr3k/NxNjMCIORzUyLmD8fPS+EOMTByMhxgl OJiVRHjFqq4lCPGmJFZWpRblxxeV5qQWH2JMBobORGYp0eR8YMTmlcQbmppbmhsZWFiYmxqa ESFsYG5mYg6kjM1NlMR50wS3JggJpCeWpGanphakFsFsYeLgBLmCS0qkODUvJbUosbQkIx6U ROKLgWlEqoGx7Xbkbp+Dki7hz4q7KndmZ/qds80sffY30pWDz8nST3bfgXPC/3bWKsz072V+ UStzhs32ybPLbyuzi5VcViRymnFZ1jDKyC3/NMOs6vv6g83tq9ZN/5qWyaRYeclx9rpd6ZKe aZ9Dvs5f/zKvpnhPzYzNM8K3B0Qrx1zrPjcpzk/xke5m5j4lluKMREMt5qLiRADhiWX+6QIA AA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092617_055224_DC0E9E4D X-CRM114-Status: GOOD ( 17.40 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Instead of generating EC point with random coordinates, generate a valid EC point and then corrupt the coordinates after exporting them in binary format. Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 88 +++++++++++++ src/common/dpp_i.h | 1 - 2 files changed, 28 insertions(+), 61 dele [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Instead of generating EC point with random coordinates, generate a valid EC point and then corrupt the coordinates after exporting them in binary format. Signed-off-by: Cedric Izoard --- src/common/dpp_crypto.c | 88 +++++++++++++---------------------------- src/common/dpp_i.h | 1 - 2 files changed, 28 insertions(+), 61 deletions(-) diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 597b12ef2..e1510e72f 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -296,20 +296,6 @@ int dpp_pbkdf2(size_t hash_len, const u8 *password, size_t password_len, #endif /* CONFIG_DPP2 */ -int dpp_bn2bin_pad(const BIGNUM *bn, u8 *pos, size_t len) -{ - int num_bytes, offset; - - num_bytes = BN_num_bytes(bn); - if ((size_t) num_bytes > len) - return -1; - offset = len - num_bytes; - os_memset(pos, 0, offset); - BN_bn2bin(bn, pos + offset); - return 0; -} - - struct crypto_ec_key * dpp_set_pubkey_point(struct crypto_ec_key *group_key, const u8 *buf, size_t len) { @@ -2578,64 +2564,46 @@ fail: int dpp_test_gen_invalid_key(struct wpabuf *msg, const struct dpp_curve_params *curve) { - BN_CTX *ctx; - BIGNUM *x, *y; + struct crypto_ec *ec = NULL; + struct crypto_ec_key *key = NULL; + const struct crypto_ec_point *pub_key; + struct crypto_ec_point *p = NULL; + u8 *x, *y; int ret = -1; - EC_GROUP *group; - EC_POINT *point; - - group = EC_GROUP_new_by_curve_name(OBJ_txt2nid(curve->name)); - if (!group) - return -1; - ctx = BN_CTX_new(); - point = EC_POINT_new(group); - x = BN_new(); - y = BN_new(); - if (!ctx || !point || !x || !y) + ec = crypto_ec_init(curve->ike_group); + x = wpabuf_put(msg, curve->prime_len); + y = wpabuf_put(msg, curve->prime_len); + if (!ec || !x || !y) goto fail; - if (BN_rand(x, curve->prime_len * 8, 0, 0) != 1) +retry: + // Generate valid key pair + key = crypto_ec_key_gen(curve->ike_group); + if (!key) goto fail; - /* Generate a random y coordinate that results in a point that is not - * on the curve. */ - for (;;) { - if (BN_rand(y, curve->prime_len * 8, 0, 0) != 1) - goto fail; + // Retrieve Pub key coordinates + pub_key = crypto_ec_key_get_public_key(key); + if (!pub_key) + goto fail; - if (EC_POINT_set_affine_coordinates_GFp(group, point, x, y, - ctx) != 1) { -#if OPENSSL_VERSION_NUMBER >= 0x10100000L || defined(OPENSSL_IS_BORINGSSL) - /* Unlike older OpenSSL versions, OpenSSL 1.1.1 and BoringSSL - * return an error from EC_POINT_set_affine_coordinates_GFp() - * when the point is not on the curve. */ - break; -#else /* >=1.1.0 or OPENSSL_IS_BORINGSSL */ - goto fail; -#endif /* >= 1.1.0 or OPENSSL_IS_BORINGSSL */ - } + crypto_ec_point_to_bin(ec, pub_key, x, y); - if (!EC_POINT_is_on_curve(group, point, ctx)) - break; + // and corrupt them + y[curve->prime_len - 1] ^= 0x01; + p = crypto_ec_point_from_bin(ec, x); + if (p && crypto_ec_point_is_on_curve(ec, p)) { + crypto_ec_point_deinit(p, 0); + p = NULL; + goto retry; } - if (dpp_bn2bin_pad(x, wpabuf_put(msg, curve->prime_len), - curve->prime_len) < 0 || - dpp_bn2bin_pad(y, wpabuf_put(msg, curve->prime_len), - curve->prime_len) < 0) - goto fail; - ret = 0; fail: - if (ret < 0) - wpa_printf(MSG_INFO, "DPP: Failed to generate invalid key"); - BN_free(x); - BN_free(y); - EC_POINT_free(point); - BN_CTX_free(ctx); - EC_GROUP_free(group); - + crypto_ec_point_deinit(p, 0); + crypto_ec_key_deinit(key); + crypto_ec_deinit(ec); return ret; } diff --git a/src/common/dpp_i.h b/src/common/dpp_i.h index e1b3e16e6..26bcad0b9 100644 --- a/src/common/dpp_i.h +++ b/src/common/dpp_i.h @@ -77,7 +77,6 @@ int dpp_bi_pubkey_hash(struct dpp_bootstrap_info *bi, const u8 *data, size_t data_len); struct crypto_ec_key * dpp_set_pubkey_point(struct crypto_ec_key *group_key, const u8 *buf, size_t len); -int dpp_bn2bin_pad(const BIGNUM *bn, u8 *pos, size_t len); int dpp_hkdf_expand(size_t hash_len, const u8 *secret, size_t secret_len, const char *label, u8 *out, size_t outlen); int dpp_hmac_vector(size_t hash_len, const u8 *key, size_t key_len, From patchwork Mon Jun 28 16:25:36 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498067 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=uoXGrLhu; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=oeWJkWJQ; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCxk5Vggz9sVp for ; Tue, 29 Jun 2021 02:39:38 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=GW624Oset7TKM58wZTQ7lodjxV9zWXcLYphlu/iMKFo=; b=uoXGrLhuPb1npM ASijP+BVthltNEP5a90H2O5JYy5pEnR7j3+XlfEsA608kL0YPEHK6d1jxUEVMrX7pjIeV3h3duY+e fD1u1B+Itw57KjvuKa/tm1VtAHKA3UMVSQypfaGX1tXUyp0Gz6KIHnifFzmw/82ywsXZeOYigViJ+ i//9XKxyrFwHi83iiVXD+k8I2+9HYNJrS+7tN383Tv/mrVZmhVn6qrjMH7Y5QchCPgzXmvz+5+KbH 2l638dG3d/juLHS5s4Ff4JR+Xj/YAMQ0J2R6IOXzdMy5EBslvBpIeu+FLnP8j10MzteSVgOuCqfI4 NglTbx4vTzTnkH5EyhVA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxuGf-008f69-Bx; Mon, 28 Jun 2021 16:37:53 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5R-008ani-Gx for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:20 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897552; x=1627489552; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=5qbhqRn1+t5MzMiZG1SMHCPbCjoj7eOcT227QLr9nPQ=; b=oeWJkWJQdn03IEEsvdGY50a52tTMHUTyT207z1sSr4w//Wa3fsFdIsoIiPmhc46m +YZHEJMxJB2/R9YCHgHNCD0nPxnp30tiEYlYaeW0W2Cc8eIPdt2QLQeFzqQqkHgz Rl03OtN7I1nhymclDIiAIkZRhISvCq51vA2IToSLra8=; X-AuditID: c3528109-88be570000004490-73-60d9f810e1b5 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 37.2B.17552.018F9D06; Mon, 28 Jun 2021 19:25:52 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:51 +0300 From: Cedric Izoard To: Subject: [PATCH 19/21] dpp: Move debug print of EC key to crypto.h Date: Mon, 28 Jun 2021 18:25:36 +0200 Message-ID: <20210628162538.21067-20-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-6.536600-4.000000-10 X-TMASE-MatchedRID: L2mWlKw74J6UkDPUhpX2vgKDWtq/hHcNyzUUPOFFlPQXC9p0ThKQ4XIo zGa69omdrdoLblq9S5pYJoLVU8ZOMJAKEmAJRU/PvOAv94sAIMSi8D/o42y/SriZ9kaBJryyiLb 6uHxnL0+FFPZLrvOiBGuJhSndsAB9nZzvVk+DChu6iJsmkdGsWX6NJZ3HRhRTpzG+Ju2gKrcNP3 IxZm6dZ93GYdtZL15SHKC7AUGDHhVgn314cka7g+LzNWBegCW2wgn7iDBesS3CttcwYNipX/yjt izU0rhj4XSFGHn7D6PXe9/52e8Op47BLAsMTKvVD/hun63xPdU= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--6.536600-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: AC79A722B107003E1F08A77A9A534F61700842023A4C29001D5FB91E087C8CB02000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrKIsWRmVeSWpSXmKPExsVyYIUtt67Aj5sJBm/7FC3WPkpzYPTYvKQ+ gDFK1yYpsaQsODM9T9/OpiSnWKE4taQkMy/dVsnXMVIJKJZUWZBYXKxbXJCYq2+XoJtxb2VM wUb1in+/N7M1MN6R72Lk5JAQMJHYfPo0cxcjF4eQwF5GidvnL7BDOCsYJeZOWscKUsUmYCDx 9cd8JhBbREBBovPpdqAODg5hASeJ+W/SQEwWAVWJp994QSp4BRwkbmx7wwoxX17i2fR57CA2 J1D8577PYHEhAXuJQ7NWsEDUC0qcnPkEzGYWkJA4+OIFM0SNusTONc0sEHMsJPb0rGACWSUB FO/5oQRypYTAGyaJfcsaWSDiChKfZxjDrP14YQYjhK0q8e3qWmaYdxf8ugY1MkLi5JsHTBMY xWYhuWIWkisWMDKtYhTMrcjM0UtOLUvUTSku0EvOz93ECIyXw0GNnDsYPy+NP8TIxMF4iFGC g1lJhFes6lqCEG9KYmVValF+fFFpTmrxIcZkYOhMZJYSTc4HxmteSbyhqbmluZGBhYW5qaEZ EcIG5mYm5kDK2NxESZw3TXBrgpBAemJJanZqakFqEcwWJg5OkCu4pESKU/NSUosSS0sy4kEp JL4YmESkGhhtcqseMvC/MC5islVaLGW3d/+rhnlTjU4WS5WuOZ19ZNqEqVMyQ8NPLz8XbrTs 7dw3cW5dPEuXPbq4a8aX7mOej9hV1E/PTlvy373gy9cG0SvKafMMG2+uS/QQnWq0zs/gtUWQ Xs5muSs1h2z+TL25pnHOk75V1Q8iVOw2cjzoFvW/qX3z3k51JZbijERDLeai4kQA1u6WNugC AAA= X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092617_795460_18E572D9 X-CRM114-Status: GOOD ( 14.64 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Move the crypto lib specific print of a EC key in dpp_debug_print_key to crypto.h. Signed-off-by: Cedric Izoard --- src/common/dpp.h | 2 -- src/common/dpp_crypto.c | 67 + src/common/dpp_i.h | 2 -- src/crypto/crypto.h | [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Move the crypto lib specific print of a EC key in dpp_debug_print_key to crypto.h. Signed-off-by: Cedric Izoard --- src/common/dpp.h | 2 -- src/common/dpp_crypto.c | 67 +------------------------------------ src/common/dpp_i.h | 2 -- src/crypto/crypto.h | 9 +++++ src/crypto/crypto_openssl.c | 27 +++++++++++++++ 5 files changed, 37 insertions(+), 70 deletions(-) diff --git a/src/common/dpp.h b/src/common/dpp.h index 40e950a96..f353e5c3e 100644 --- a/src/common/dpp.h +++ b/src/common/dpp.h @@ -11,8 +11,6 @@ #define DPP_H #ifdef CONFIG_DPP -#include - #include "utils/list.h" #include "common/wpa_common.h" #include "crypto/sha256.h" diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index e1510e72f..4b387f6b0 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -78,75 +78,11 @@ const struct dpp_curve_params * dpp_get_curve_ike_group(u16 group) } -void dpp_debug_print_point(const char *title, const EC_GROUP *group, - const EC_POINT *point) -{ - BIGNUM *x, *y; - BN_CTX *ctx; - char *x_str = NULL, *y_str = NULL; - - if (!wpa_debug_show_keys) - return; - - ctx = BN_CTX_new(); - x = BN_new(); - y = BN_new(); - if (!ctx || !x || !y || - EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx) != 1) - goto fail; - - x_str = BN_bn2hex(x); - y_str = BN_bn2hex(y); - if (!x_str || !y_str) - goto fail; - - wpa_printf(MSG_DEBUG, "%s (%s,%s)", title, x_str, y_str); - -fail: - OPENSSL_free(x_str); - OPENSSL_free(y_str); - BN_free(x); - BN_free(y); - BN_CTX_free(ctx); -} - - void dpp_debug_print_key(const char *title, struct crypto_ec_key *key) { - EC_KEY *eckey; - BIO *out; - size_t rlen; - char *txt; - int res; struct wpabuf *der = NULL; - const EC_GROUP *group; - const EC_POINT *point; - - out = BIO_new(BIO_s_mem()); - if (!out) - return; - - EVP_PKEY_print_private(out, (EVP_PKEY *)key, 0, NULL); - rlen = BIO_ctrl_pending(out); - txt = os_malloc(rlen + 1); - if (txt) { - res = BIO_read(out, txt, rlen); - if (res > 0) { - txt[res] = '\0'; - wpa_printf(MSG_DEBUG, "%s: %s", title, txt); - } - os_free(txt); - } - BIO_free(out); - - eckey = EVP_PKEY_get1_EC_KEY((EVP_PKEY *)key); - if (!eckey) - return; - group = EC_KEY_get0_group(eckey); - point = EC_KEY_get0_public_key(eckey); - if (group && point) - dpp_debug_print_point(title, group, point); + crypto_ec_key_debug_print(key, title); der = crypto_ec_key_get_ecprivate_key(key, true); if (der) { @@ -158,7 +94,6 @@ void dpp_debug_print_key(const char *title, struct crypto_ec_key *key) } } - EC_KEY_free(eckey); wpabuf_clear_free(der); } diff --git a/src/common/dpp_i.h b/src/common/dpp_i.h index 26bcad0b9..1b71efc2e 100644 --- a/src/common/dpp_i.h +++ b/src/common/dpp_i.h @@ -83,8 +83,6 @@ int dpp_hmac_vector(size_t hash_len, const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac); int dpp_ecdh(struct crypto_ec_key *own, struct crypto_ec_key *peer, u8 *secret, size_t *secret_len); -void dpp_debug_print_point(const char *title, const EC_GROUP *group, - const EC_POINT *point); void dpp_debug_print_key(const char *title, struct crypto_ec_key *key); int dpp_pbkdf2(size_t hash_len, const u8 *password, size_t password_len, const u8 *salt, size_t salt_len, unsigned int iterations, diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index d76ca9cd4..78e7045ca 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -1160,4 +1160,13 @@ int crypto_ec_key_group(struct crypto_ec_key *key); */ int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2); +/** + * crypto_ec_key_debug_print - Dump EC Key + * @key: EC key from crypto_ec_key_parse/set_pub/priv() or crypto_ec_key_gen() + * @title: Name of the EC point in the trace + */ +void crypto_ec_key_debug_print(const struct crypto_ec_key *key, + const char *title); + + #endif /* CRYPTO_H */ diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 282df1089..26705ff50 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -2802,4 +2802,31 @@ int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2) return -1; return 0; } + + +void crypto_ec_key_debug_print(const struct crypto_ec_key *key, + const char *title) +{ + BIO *out; + size_t rlen; + char *txt; + + out = BIO_new(BIO_s_mem()); + if (!out) + return; + + EVP_PKEY_print_private(out, (EVP_PKEY *)key, 0, NULL); + rlen = BIO_ctrl_pending(out); + txt = os_malloc(rlen + 1); + if (txt) { + int res = BIO_read(out, txt, rlen); + if (res > 0) { + txt[res] = '\0'; + wpa_printf(MSG_DEBUG, "%s: %s", title, txt); + } + os_free(txt); + } + BIO_free(out); +} + #endif /* CONFIG_ECC */ From patchwork Mon Jun 28 16:25:37 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498068 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=VhPGIZnj; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=m3USto/q; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCz23f5Xz9sVp for ; Tue, 29 Jun 2021 02:40:46 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=xNxdXMMYydcpQOrz+1nRdzqjpJx/SYA1BB35DIrbULA=; b=VhPGIZnjcu5V6J 1Ep7C/sdT6q38UFai8tMT/9Fj3sfUlaueL8qV+fn5Nmuq92lNrbNN43dE+Kpl1sTHQDmPvc6fUk6+ 5dO887CJWxvaiCMiL/cAby+E+8WQOnTlaR4TQwVbyni+aiJldsoKjCzj/yYkjfA6pYXRvSFVS+Ipi 6GNMw7boU/lFVChmLoMj4jpcqMIyCwdLarIenCviCa/++3NT7Wo0LyxDTuF7mRR8/KPA0EU1uaodm W728ohh63xwA7goDsrS1GVaKkKnsHbpVlun2fUAuWRDHYlGgwy5XNgt8eRvMQM1obJ5RRTe458qsk heKw+0eLVlOosCJXRjsA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxuHg-008fKy-BU; Mon, 28 Jun 2021 16:38:57 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5T-008aoG-6s for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:22 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897553; x=1627489553; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=du7iGUmOc6dvUg2Drj5/IyyRiL63MIwd0W2tou2lwsw=; b=m3USto/qSY12CZ0o4PcqWc3KZFFht2uods8oUojR724wrCp16Is71tuY33DG01E6 gYt4+QP9SJUubt5o9rwIAr0aUWJVCvTalk09DJgujSV0NJVI02UUcTB7qBXQAZ3O HvXiRpQFXmenH9eGnovI32F2lJ/LNZTHvMQ/w5jA/zg=; X-AuditID: c3528109-8b7e670000004490-74-60d9f8117d0f Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id 57.2B.17552.118F9D06; Mon, 28 Jun 2021 19:25:53 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:52 +0300 From: Cedric Izoard To: Subject: [PATCH 20/21] dpp: csr rewrote to use crypto.h Date: Mon, 28 Jun 2021 18:25:37 +0200 Message-ID: <20210628162538.21067-21-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-7.786100-4.000000-10 X-TMASE-MatchedRID: zFnVjgrErIIoqyB0m2NnamkjdtAxQL/r/0+2AQVGoxAXC9p0ThKQ4XIo zGa69omdrdoLblq9S5qiItkK2SV/6fvlwQ3r+q9M+/HV1Dwcb5Oi8D/o42y/Sgrkj7klVufuQlf mKk5XlH3Zc8Wnn/HHg4CcexxuMQBao1eH5bzE5/8K3Ma88LL+bhmyTBaqiJvcgU38wRbnPPLOfD 79QUGzs+rYqHmU51yWpoW94lmfzZdIDMTpAaDD9AKDWtq/hHcNqJNAg+VJy+u+eGAmqR+bQD4ln /YuT/WB1tDXW801iPpDYyAHZ1XM5oRPgrxmtLhjjoyKzEmtrEcmGV3unjrSUYAjsy+r+wvn6leA ZsbiXPYrUsYHbypYQV7tyuExI1aubOQiEknMHoFC4WIP7GtYLET0lGtfbK/p2pSaXhW9wNgU8MG TMfzvjs+HUbd3Jt9bGd2UI8O3xovZZl1B7BcYMLrbxxduc6FPa01mhnn7t6QELMPQNzyJS4ApVH LoGNjOfS0Ip2eEHnz3IzXlXlpamPoLR4+zsDTtgUicvJ4MChkGcaTEGNswoS8TrW/vF8VIkDWI5 OYV7gvJ7COfRezvXvuemO6wPQuI X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--7.786100-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 2CAF37018E2DEA685D78354A51D49B50613E72BF4A9C8149132B421B45532EC22000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrOIsWRmVeSWpSXmKPExsVyYIUtt67gj5sJBsdvcFmsfZTmwOixeUl9 AGOUrk1SYklZcGZ6nr6dTUlOsUJxaklJZl66rZKvY6QSUCypsiCxuFi3uCAxV98uQTejeeMS 9oKHxRW9M1sYGxgXxXQxcnJICJhILDy6ibWLkYtDSGAvo8TWBXehnBWMElNOXWcCqWITMJD4 +mM+mC0ioCDR+XQ7M4gtLGAuceXuP6AGDg4WAVWJWzcNQcK8Ag4Sq16/YIRYIC/xbPo8dhCb Eyj+c99nVhBbSMBe4tCsFSwQ9YISJ2c+AbOZBSQkDr54wQxRoy6xc00zC8QcC4k9PSuYIGx1 iYuvPzOB3Ckh0MMq0fTkFNgNEkC3fZ5hDLP344UZjBBhVYkDXakw/y74dQ1qZITEjckn2Ccw is1CcsUsJFcsYGRaxSiYW5GZo5ecWpaom1JcoJecn7uJERgzh4MaOXcwfl4af4iRiYPxEKME B7OSCK9Y1bUEId6UxMqq1KL8+KLSnNTiQ4zJwNCZyCwlmpwPjNm8knhDU3NLcyMDCwtzU0Mz IoQNzM1MzIGUsbmJkjhvmuDWBCGB9MSS1OzU1ILUIpgtTBycIFdwSYkUp+alpBYllpZkxIPS SHwxMJFINTBq3jH3bF8epWcaP/Pd1v+FDL17bPr96sW91jxUcFCa6s3gWqIqKWUjXvTx/37N pZPmhtts/uSjt0rFcSXfz9fZjVneRc3N3QJBm4unxs7heH/pU3Pc+nPqs7bfTnC+czS2PdfO 9s+Ep1Nqp3zV5H85Y7/Qr3nfCp628ohrPmOafVzi9ZYQhnglluKMREMt5qLiRABzAH8f6gIA AA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092619_700552_735B9269 X-CRM114-Status: GOOD ( 23.83 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add basic CSR API in crypto.h. Signed-off-by: Cedric Izoard --- Probably not the best place to add this. --- src/common/dpp_crypto.c | 143 +++++++ src/crypto/crypto.h | 101 ++++++++++++++++++++ src/crypto/crypto_openssl.c | 180 ++++++++++++++++++++++++++++++++++++ 3 files changed, 31 [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add basic CSR API in crypto.h. Signed-off-by: Cedric Izoard --- Probably not the best place to add this. --- src/common/dpp_crypto.c | 143 +++++++--------------------- src/crypto/crypto.h | 101 ++++++++++++++++++++ src/crypto/crypto_openssl.c | 180 ++++++++++++++++++++++++++++++++++++ 3 files changed, 316 insertions(+), 108 deletions(-) -- 2.17.0 diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 4b387f6b0..5092e98e3 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -19,6 +19,7 @@ #include "crypto/random.h" #include "crypto/sha384.h" #include "crypto/sha512.h" +#include "tls/asn1.h" #include "dpp.h" #include "dpp_i.h" @@ -2030,19 +2031,15 @@ void dpp_pfs_free(struct dpp_pfs *pfs) struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name) { - X509_REQ *req = NULL; + struct crypto_csr *csr = NULL; struct wpabuf *buf = NULL; - unsigned char *der; - int der_len; struct crypto_ec_key *key; - const EVP_MD *sign_md; unsigned int hash_len = auth->curve->hash_len; struct wpabuf * priv_key; - BIO *out = NULL; u8 cp[DPP_CP_LEN]; - char *password; + char *password = NULL; size_t password_len; - int res; + int hash_sign_algo; /* TODO: use auth->csrattrs */ @@ -2056,22 +2053,13 @@ struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name) wpabuf_free(auth->priv_key); auth->priv_key = priv_key; - req = X509_REQ_new(); - if (!req || !X509_REQ_set_pubkey(req, (EVP_PKEY *)key)) + csr = crypto_csr_init(); + if (!csr || crypto_csr_set_ec_public_key(csr, key)) goto fail; - if (name) { - X509_NAME *n; - - n = X509_REQ_get_subject_name(req); - if (!n) - goto fail; - - if (X509_NAME_add_entry_by_txt( - n, "CN", MBSTRING_UTF8, - (const unsigned char *) name, -1, -1, 0) != 1) - goto fail; - } + if (name && crypto_csr_set_name(csr, CSR_NAME_CN, (const u8 *)name, + os_strlen(name))) + goto fail; /* cp = HKDF-Expand(bk, "CSR challengePassword", 64) */ if (dpp_hkdf_expand(hash_len, auth->bk, hash_len, @@ -2085,43 +2073,31 @@ struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name) if (!password) goto fail; - res = X509_REQ_add1_attr_by_NID(req, NID_pkcs9_challengePassword, - V_ASN1_UTF8STRING, - (const unsigned char *) password, - password_len); - bin_clear_free(password, password_len); - if (!res) + if (crypto_csr_set_attribute(csr, CSR_ATTR_CHALLENGE_PASSWORD, + ASN1_TAG_UTF8STRING, (const u8*) password, + password_len)) goto fail; - /* TODO */ - /* TODO: hash func selection based on csrAttrs */ if (hash_len == SHA256_MAC_LEN) { - sign_md = EVP_sha256(); + hash_sign_algo = CRYPTO_HASH_ALG_SHA256; } else if (hash_len == SHA384_MAC_LEN) { - sign_md = EVP_sha384(); + hash_sign_algo = CRYPTO_HASH_ALG_SHA384; } else if (hash_len == SHA512_MAC_LEN) { - sign_md = EVP_sha512(); + hash_sign_algo = CRYPTO_HASH_ALG_SHA512; } else { wpa_printf(MSG_DEBUG, "DPP: Unknown signature algorithm"); goto fail; } - if (!X509_REQ_sign(req, (EVP_PKEY *)key, sign_md)) + buf = crypto_csr_sign(csr, key, hash_sign_algo); + if (!buf) goto fail; - - der = NULL; - der_len = i2d_X509_REQ(req, &der); - if (der_len < 0) - goto fail; - buf = wpabuf_alloc_copy(der, der_len); - OPENSSL_free(der); - wpa_hexdump_buf(MSG_DEBUG, "DPP: CSR", buf); fail: - BIO_free_all(out); - X509_REQ_free(req); + bin_clear_free(password, password_len); + crypto_csr_deinit(csr); return buf; } @@ -2214,90 +2190,41 @@ fail: } -int dpp_validate_csr(struct dpp_authentication *auth, const struct wpabuf *csr) +int dpp_validate_csr(struct dpp_authentication *auth, const struct wpabuf *csrbuf) { - X509_REQ *req; - const unsigned char *pos; - EVP_PKEY *pkey; - int res, loc, ret = -1; - X509_ATTRIBUTE *attr; - ASN1_TYPE *type; - ASN1_STRING *str; - unsigned char *utf8 = NULL; + struct crypto_csr *csr = NULL; + const u8 *attr; + size_t attr_len; + int attr_type; unsigned char *cp = NULL; size_t cp_len; u8 exp_cp[DPP_CP_LEN]; unsigned int hash_len = auth->curve->hash_len; + int ret = -1; - pos = wpabuf_head(csr); - req = d2i_X509_REQ(NULL, &pos, wpabuf_len(csr)); - if (!req) { - wpa_printf(MSG_DEBUG, "DPP: Failed to parse CSR"); - return -1; - } - - pkey = X509_REQ_get_pubkey(req); - if (!pkey) { - wpa_printf(MSG_DEBUG, "DPP: Failed to get public key from CSR"); - goto fail; - } - - res = X509_REQ_verify(req, pkey); - EVP_PKEY_free(pkey); - if (res != 1) { - wpa_printf(MSG_DEBUG, - "DPP: CSR does not have a valid signature"); - goto fail; - } - - loc = X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword, -1); - if (loc < 0) { + csr = crypto_csr_verify(wpabuf_head(csrbuf), wpabuf_len(csrbuf)); + if (!csr) { wpa_printf(MSG_DEBUG, - "DPP: CSR does not include challengePassword"); + "DPP: CSR invalid or invalid signature"); goto fail; } - attr = X509_REQ_get_attr(req, loc); + attr = crypto_csr_get_attribute(csr, CSR_ATTR_CHALLENGE_PASSWORD, &attr_len, &attr_type); if (!attr) { - wpa_printf(MSG_DEBUG, - "DPP: Could not get challengePassword attribute"); - goto fail; - } - - type = X509_ATTRIBUTE_get0_type(attr, 0); - if (!type) { - wpa_printf(MSG_DEBUG, - "DPP: Could not get challengePassword attribute type"); + wpa_printf(MSG_DEBUG, "DPP: CSR does not include challengePassword"); goto fail; } - - res = ASN1_TYPE_get(type); /* This is supposed to be UTF8String, but allow other strings as well * since challengePassword is using ASCII (base64 encoded). */ - if (res != V_ASN1_UTF8STRING && res != V_ASN1_PRINTABLESTRING && - res != V_ASN1_IA5STRING) { + if (attr_type != ASN1_TAG_UTF8STRING && attr_type != ASN1_TAG_PRINTABLESTRING && + attr_type != ASN1_TAG_IA5STRING) { wpa_printf(MSG_DEBUG, "DPP: Unexpected challengePassword attribute type %d", - res); - goto fail; - } - - str = X509_ATTRIBUTE_get0_data(attr, 0, res, NULL); - if (!str) { - wpa_printf(MSG_DEBUG, - "DPP: Could not get ASN.1 string for challengePassword"); - goto fail; - } - - res = ASN1_STRING_to_UTF8(&utf8, str); - if (res < 0) { - wpa_printf(MSG_DEBUG, - "DPP: Could not get UTF8 version of challengePassword"); + attr_type); goto fail; } - cp = base64_decode((const char *) utf8, res, &cp_len); - OPENSSL_free(utf8); + cp = base64_decode((const char *)attr, attr_len, &cp_len); if (!cp) { wpa_printf(MSG_DEBUG, "DPP: Could not base64 decode challengePassword"); @@ -2328,7 +2255,7 @@ int dpp_validate_csr(struct dpp_authentication *auth, const struct wpabuf *csr) ret = 0; fail: os_free(cp); - X509_REQ_free(req); + crypto_csr_deinit(csr); return ret; } diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index 78e7045ca..b5c5f0c36 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -1169,4 +1169,105 @@ void crypto_ec_key_debug_print(const struct crypto_ec_key *key, const char *title); +/** + * struct crypto_csr - Certification Signing Request + * + * Internal data structure for CSR. The contents is specific to the used + * crypto library. + * For now it is assumed that only an EC public key can be used + */ +struct crypto_csr; + +/** + * enum crypto_csr_name - CSR name type + */ +enum crypto_csr_name { + CSR_NAME_CN, + CSR_NAME_SN, + CSR_NAME_C, + CSR_NAME_O, + CSR_NAME_OU, +}; + +/** + * enum crypto_csr_attr - CSR attribute + */ +enum crypto_csr_attr { + CSR_ATTR_CHALLENGE_PASSWORD, +}; + +/** + * crypto_csr_init - Initialize empty CSR + * Returns: Pointer to CSR data or %NULL on failure + */ +struct crypto_csr * crypto_csr_init(); + +/** + * crypto_csr_verify - Initialize CSR from CertificationRequest + * @req: DER encoding of ASN.1 CertificationRequest + * @len: Length of @req buffer + * + * Returns: Pointer to CSR data or %NULL on failure or if signature is invalid + */ +struct crypto_csr * crypto_csr_verify(const u8 *req, size_t len); + +/** + * crypto_csr_deinit - Free CSR structure + * @csr: CSR structure from @crypto_csr_init() or crypto_csr_verify() + */ +void crypto_csr_deinit(struct crypto_csr *csr); + +/** + * crypto_csr_set_ec_public_key - Set public Key in CSR + * @csr: CSR structure from @crypto_csr_init() + * @key: EC Public key to set as Public key in the CSR + * Returns: 0 on success, -1 on failure + */ +int crypto_csr_set_ec_public_key(struct crypto_csr *csr, struct crypto_ec_key *key); + +/** + * crypto_csr_set_name - Set name in CSR + * @csr: CSR structure from @crypto_csr_init() + * @type: Name to add in the EC Public key to set as Public key in the CSR + * @name: UTF8 string to write in the CSR + * @len: length of @name buffer + * Returns: 0 on success, -1 on failure + */ +int crypto_csr_set_name(struct crypto_csr *csr, enum crypto_csr_name type, + const u8 *name, size_t len); + +/** + * crypto_csr_set_attribute - Set attribute in CSR + * @csr: CSR structure from @crypto_csr_init() + * @attr: Atribute identifier + * @attr_type: ASN.1 type of @value buffer + * @value: Attribute value + * @len: length of @value buffer + * Returns: 0 on success, -1 on failure + */ +int crypto_csr_set_attribute(struct crypto_csr *csr, enum crypto_csr_attr attr, + int attr_type, const u8 *value, size_t len); + +/** + * crypto_csr_get_attribute - Get attribute from CSR + * @csr: CSR structure from @crypto_csr_verify() + * @attr: Updated with atribute identifier + * @len: Updated with length of returned buffer + * @type: ASN.1 type of the attribute buffer + * Returns: Type, length and Pointer on atrtibute value or %NULL on failure + */ +const u8 *crypto_csr_get_attribute(struct crypto_csr *csr, + enum crypto_csr_attr attr, + size_t *len, int *type); + +/** + * crypto_csr_sign - Sign CSR and return ASN.1 CertificationRequest + * @csr: CSR structure from @crypto_csr_init() + * @key: Private key to sign the CSR (for now ony EC key are supported) + * @algo: Hash algorithm to use for the signature + * Returns: DER encoding of ASN.1 CertificationRequest for the CSR or %NULL on failure + */ +struct wpabuf *crypto_csr_sign(struct crypto_csr *csr, struct crypto_ec_key *key, + enum crypto_hash_alg algo); + #endif /* CRYPTO_H */ diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 26705ff50..abcfeef38 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -108,6 +108,10 @@ static void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, } #endif /* CONFIG_ECC */ +static const unsigned char * ASN1_STRING_get0_data(const ASN1_STRING *x) +{ + return ASN1_STRING_data((ASN1_STRING *) x); +} #endif /* OpenSSL version < 1.1.0 */ static BIGNUM * get_group5_prime(void) @@ -2829,4 +2833,180 @@ void crypto_ec_key_debug_print(const struct crypto_ec_key *key, BIO_free(out); } + +struct crypto_csr * crypto_csr_init() +{ + return (struct crypto_csr *)X509_REQ_new(); +} + + +struct crypto_csr * crypto_csr_verify(const u8 *req, size_t len) +{ + X509_REQ *csr; + EVP_PKEY *pkey = NULL; + const u8 *der = req; + + csr = d2i_X509_REQ(NULL, &der, len); + if (!csr) + return NULL; + + pkey = X509_REQ_get_pubkey((X509_REQ *)csr); + if (!pkey) + goto fail; + + if (X509_REQ_verify((X509_REQ *)csr, pkey) != 1) + goto fail; + + return (struct crypto_csr *)csr; +fail: + X509_REQ_free(csr); + return NULL; +} + + +void crypto_csr_deinit(struct crypto_csr *csr) +{ + X509_REQ_free((X509_REQ *)csr); +} + + +int crypto_csr_set_ec_public_key(struct crypto_csr *csr, struct crypto_ec_key *key) +{ + if (!X509_REQ_set_pubkey((X509_REQ *)csr, (EVP_PKEY *)key)) + return -1; + + return 0; +} + + +int crypto_csr_set_name(struct crypto_csr *csr, enum crypto_csr_name type, + const u8 *name, size_t len) +{ + X509_NAME *n; + int nid; + + switch (type) { + case CSR_NAME_CN: + nid = NID_commonName; + break; + case CSR_NAME_SN: + nid = NID_surname; + break; + case CSR_NAME_C: + nid = NID_countryName; + break; + case CSR_NAME_O: + nid = NID_organizationName; + break; + case CSR_NAME_OU: + nid = NID_organizationalUnitName; + break; + default: + return -1; + } + + n = X509_REQ_get_subject_name((X509_REQ *)csr); + if (!n) + return -1; + + if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_UTF8, + name, len, -1, 0)) + return -1; + + return 0; +} + + +int crypto_csr_set_attribute(struct crypto_csr *csr, enum crypto_csr_attr attr, + int attr_type, const u8 *value, size_t len) +{ + int nid; + + switch(attr) { + case CSR_ATTR_CHALLENGE_PASSWORD: + nid = NID_pkcs9_challengePassword; + break; + default: + return -1; + } + + if (!X509_REQ_add1_attr_by_NID((X509_REQ *)csr, nid, attr_type, value, len)) + return -1; + + return 0; +} + + +const u8 *crypto_csr_get_attribute(struct crypto_csr *csr, + enum crypto_csr_attr attr, + size_t *len, int *type) +{ + X509_ATTRIBUTE *attrib; + ASN1_TYPE *attrib_type; + ASN1_STRING *data; + int loc; + int nid; + + switch(attr) { + case CSR_ATTR_CHALLENGE_PASSWORD: + nid = NID_pkcs9_challengePassword; + break; + default: + return NULL; + } + + loc = X509_REQ_get_attr_by_NID((X509_REQ *)csr, nid, -1); + if (loc < 0) { + return NULL; + } + + attrib = X509_REQ_get_attr((X509_REQ *)csr, loc); + if (!attrib) { + return NULL; + } + + + attrib_type = X509_ATTRIBUTE_get0_type(attrib, 0); + *type = ASN1_TYPE_get(attrib_type); + data = X509_ATTRIBUTE_get0_data(attrib, 0, *type, NULL); + *len = ASN1_STRING_length(data); + return ASN1_STRING_get0_data(data); +} + + +struct wpabuf * crypto_csr_sign(struct crypto_csr *csr, struct crypto_ec_key *key, + enum crypto_hash_alg algo) +{ + const EVP_MD *sign_md; + struct wpabuf *buf = NULL; + unsigned char *der = NULL; + int der_len; + + switch(algo) { + case CRYPTO_HASH_ALG_SHA256: + sign_md = EVP_sha256(); + break; + case CRYPTO_HASH_ALG_SHA384: + sign_md = EVP_sha384(); + break; + case CRYPTO_HASH_ALG_SHA512: + sign_md = EVP_sha512(); + break; + default: + return NULL; + } + + if (!X509_REQ_sign((X509_REQ *)csr, (EVP_PKEY *)key, sign_md)) + return NULL; + + der_len = i2d_X509_REQ((X509_REQ *)csr, &der); + if (der_len < 0) + return NULL; + + buf = wpabuf_alloc_copy(der, der_len); + OPENSSL_free(der); + + return buf; +} + #endif /* CONFIG_ECC */ From patchwork Mon Jun 28 16:25:38 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cedric Izoard X-Patchwork-Id: 1498069 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=0kmpy14q; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=ceva-dsp.com header.i=@ceva-dsp.com header.a=rsa-sha256 header.s=mail header.b=QGTKyY6M; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GDCzr2YDqz9sVt for ; Tue, 29 Jun 2021 02:41:28 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=lj20ucq8tp7DqQnUhYExGuLseCc9HfyUI7o80Qq3/Mw=; b=0kmpy14qff92iR tsEjPdhhTyHFQPz2+w+eFL/W5t1QMqJalRoCnpKJbOjMPvqChdCIebZs5KfFCsnkllrNovgpb8d/d bmuoAsbnMuymS1UFZbADT5dFKu28WpTGBhI3Ty1oMFMGubq2JTpBg02Jan5zu4o8qpFf7UhM1u9le guiVT0rzAbNZdgr7SmmlksCCAsG+4S7FdcgCIgVD4DvHfMDJah+2hh+ntOodjz5AAdBZb78uitz7p k4y/ERrd+plmLcMZiHwPey8ZggEWOb7/O05wshtWCOEQHHied7hiw+T/cH3iVVx8T5mFo/zIV669T 5GmveblsYWIDY7sQ9vqg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxuJ7-008fgB-5L; Mon, 28 Jun 2021 16:40:25 +0000 Received: from mxil.ceva-dsp.com ([195.82.129.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1lxu5U-008ani-VY for hostap@lists.infradead.org; Mon, 28 Jun 2021 16:26:22 +0000 DKIM-Signature: v=1; a=rsa-sha256; d=ceva-dsp.com; s=mail; c=relaxed/simple; q=dns/txt; i=@ceva-dsp.com; t=1624897554; x=1627489554; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=tEp2et6nRp+iLwwZx1DFV6fX1pe23VY9wVZecxIFryU=; b=QGTKyY6M2JuvE/ZJmKlY81euteibP1HflXDez/UEQezlvqXl6v4GwkHJ/JsZu83l urFVUdCWInGA9RJ3PcW7nQDoQxBa+edY/ZkBc4CF530FqvrQi7qAUVNMrdDvM71W BPL9gNAiQSHwFdb2bXMi9HbXFAgpaX5eE4FEtTF63SE=; X-AuditID: c3528109-88be570000004490-75-60d9f8110922 Received: from Mail-IL1.corp.local (Mail-IL1.corp.local [192.168.61.11]) by mxil.ceva-dsp.com (CEVA eMail Gateway) with SMTP id A7.2B.17552.118F9D06; Mon, 28 Jun 2021 19:25:53 +0300 (IDT) Received: from valium.corp.local (192.168.140.70) by Mail-IL1.corp.local (192.168.61.31) with Microsoft SMTP Server id 15.1.2176.14; Mon, 28 Jun 2021 19:25:52 +0300 From: Cedric Izoard To: CC: Cedric Izoard Subject: [PATCH 21/21] dpp: rename dpp_pkcs7_certs to pkcs7_get_certificates Date: Mon, 28 Jun 2021 18:25:38 +0200 Message-ID: <20210628162538.21067-22-cedric.izoard@ceva-dsp.com> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> References: <20210628162538.21067-1-cedric.izoard@ceva-dsp.com> MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-AS-Result: No-1.214500-4.000000-10 X-TMASE-MatchedRID: eeVHkMty8lFT5a+Wn1rTVCtPpXoicS5XwpoFhxXXuNAGmHr1eMxt2VZB B8y9Cahzcx+tUhJ0U4X/mEzSPRMDtVIFgun+1oxxA9lly13c/gF6i696PjRPiB1rVWTdGrE4j78 +1uscT5Jsu+V4aL1eHq23OopKfqlCTVAfo9STYMOqFx2c/3V5cZ0JB6wB6CqmPPeIpQtMl0lwmP /re/Fv5g6VgcGFzUuspYJ8iB5Lp0yG6SI5lBdyg1tTO+xodboGAp+UH372RZX+bvb3zTDc5k8fY 4SH/55s+wZaTsQ3DUG7thdnLNxB1OrBFOfgU/xdLIrMljt3aduH0N4NyO41W0DM9hRIPPFMmKZg eMwGlA7fWUk4wV1h7h8/YK2ruyIHLJutez2dKWfi8zVgXoAltsIJ+4gwXrEtwrbXMGDYqV9/FUQ jcNJIg2CowlC7CvlinrAFtKaICNOTvvb+G05yiE1JTW8/iliaijgH3NPWCZoHoBYVp3l0YrDfk6 C8uGTdsba1vp0r+/QHnqpqaPsEJHMlKjd7kJW0P2nrhpzTnX4SFeEaqul3aBrUU4vusNEjwL6Sx Ppr1/I= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--1.214500-4.000000 X-TMASE-Version: SMEX-12.5.0.1684-8.6.1018-26244.007 X-TM-SNTS-SMTP: 79566D1199D44B47FA1F0748BEAD443ADEDF628E0EB60BDB1B23245E83CF7A872000:9 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrHIsWRmVeSWpSXmKPExsVyYIUtt67gj5sJBo8W2Fj8nT2ZyWLtozQH Jo9z7yczeWxeUh/AFKVrk5RYUhacmZ6nb2dTklOsUJxaUpKZl26r5OsYqQQUS6osSCwu1i0u SMzVt0vQzTh8ZSJTwRvLigt3ehgbGD/odTFyckgImEisPL+epYuRi0NIYC+jRMesSVDOCkaJ KaeuM4FUsQkYSHz9MR/MFhFQkOh8up0ZxGYW0JW4NaWFEcQWFvCROH65nw3EZhFQldg38SJY nFfAQaJ74UsWiG3yEs+mz2MHsTmB4j/3fWYFsYUE7CUOzVrBAlEvKHFy5hMWiPkSEgdfvGCG qFGX2LmmGWqOhcSenhVMELa6xJanLxhBjpYQ+MEisW/GMSCHA8hRkPg8wxhm78cLM6DCqhJt x8xgnl/w6xrUyAiJyZM7WCcwis9CcsUsJFcsYGRaxSiYW5GZo5ecWpaom1JcoJecn7uJERhh h4MaOXcwfl4af4iRiYPxEKMEB7OSCK9Y1bUEId6UxMqq1KL8+KLSnNTiQ4zJwOCZyCwlmpwP jPC8knhDU3NLcyMDCwtzU0MzIoQNzM1MzIGUsbmJkjhvmuDWBCGB9MSS1OzU1ILUIpgtTByc IFdwSYkUp+alpBYllpZkxIMSTHwxMMVINTDanffOX3szkXlK/Q1e0T0bq9mbdzCICdRmnyzQ Kjm4m0901WFexb45uaki7PKFPW17hJ46ld+fJT/TcIPYOZVDG8zNvWO/r+M52VRv7vfjxxLb i5I7N85bFJUQ6WAjU/tjcaiIc33dXInwT6urNtfHzNmYsXufjZ/VgWOL0o4+Pllcu/tVxiol luKMREMt5qLiRADXNc/zAQMAAA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210628_092621_267050_DAA484E0 X-CRM114-Status: GOOD ( 22.30 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Cedric Izoard Move implementation of dpp_pkcs7_certs into openssl specific files and defined its prototype in tls/pkcs7.h Signed-off-by: Cedric Izoard --- src/common/dpp.c | 3 +- src/common/dpp.h | 1 - src/common/dpp_crypto.c | 90 src/crypto/crypto_openss [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Cedric Izoard Move implementation of dpp_pkcs7_certs into openssl specific files and defined its prototype in tls/pkcs7.h Signed-off-by: Cedric Izoard --- src/common/dpp.c | 3 +- src/common/dpp.h | 1 - src/common/dpp_crypto.c | 90 ------------------------------------- src/crypto/crypto_openssl.c | 89 ++++++++++++++++++++++++++++++++++++ src/tls/pkcs7.h | 13 ++++++ 5 files changed, 104 insertions(+), 92 deletions(-) create mode 100644 src/tls/pkcs7.h diff --git a/src/common/dpp.c b/src/common/dpp.c index 5e64fad34..79ad78d2a 100644 --- a/src/common/dpp.c +++ b/src/common/dpp.c @@ -21,6 +21,7 @@ #include "crypto/aes.h" #include "crypto/aes_siv.h" #include "drivers/driver.h" +#include "tls/pkcs7.h" #include "dpp.h" #include "dpp_i.h" @@ -2553,7 +2554,7 @@ static int dpp_parse_cred_dot1x(struct dpp_authentication *auth, return -1; } wpa_hexdump_buf(MSG_MSGDUMP, "DPP: Received certBag", conf->certbag); - conf->certs = dpp_pkcs7_certs(conf->certbag); + conf->certs = pkcs7_get_certificates(conf->certbag); if (!conf->certs) { dpp_auth_fail(auth, "No certificates in certBag"); return -1; diff --git a/src/common/dpp.h b/src/common/dpp.h index f353e5c3e..51568088d 100644 --- a/src/common/dpp.h +++ b/src/common/dpp.h @@ -631,7 +631,6 @@ void dpp_pfs_free(struct dpp_pfs *pfs); struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name); -struct wpabuf * dpp_pkcs7_certs(const struct wpabuf *pkcs7); int dpp_validate_csr(struct dpp_authentication *auth, const struct wpabuf *csr); struct dpp_bootstrap_info * dpp_add_qr_code(struct dpp_global *dpp, diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 5092e98e3..66b64d331 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -8,8 +8,6 @@ */ #include "utils/includes.h" -#include -#include #include "utils/common.h" #include "utils/base64.h" @@ -2102,94 +2100,6 @@ fail: } -struct wpabuf * dpp_pkcs7_certs(const struct wpabuf *pkcs7) -{ -#ifdef OPENSSL_IS_BORINGSSL - CBS pkcs7_cbs; -#else /* OPENSSL_IS_BORINGSSL */ - PKCS7 *p7 = NULL; - const unsigned char *p = wpabuf_head(pkcs7); -#endif /* OPENSSL_IS_BORINGSSL */ - STACK_OF(X509) *certs; - int i, num; - BIO *out = NULL; - size_t rlen; - struct wpabuf *pem = NULL; - int res; - -#ifdef OPENSSL_IS_BORINGSSL - certs = sk_X509_new_null(); - if (!certs) - goto fail; - CBS_init(&pkcs7_cbs, wpabuf_head(pkcs7), wpabuf_len(pkcs7)); - if (!PKCS7_get_certificates(certs, &pkcs7_cbs)) { - wpa_printf(MSG_INFO, "DPP: Could not parse PKCS#7 object: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } -#else /* OPENSSL_IS_BORINGSSL */ - p7 = d2i_PKCS7(NULL, &p, wpabuf_len(pkcs7)); - if (!p7) { - wpa_printf(MSG_INFO, "DPP: Could not parse PKCS#7 object: %s", - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } - - switch (OBJ_obj2nid(p7->type)) { - case NID_pkcs7_signed: - certs = p7->d.sign->cert; - break; - case NID_pkcs7_signedAndEnveloped: - certs = p7->d.signed_and_enveloped->cert; - break; - default: - certs = NULL; - break; - } -#endif /* OPENSSL_IS_BORINGSSL */ - - if (!certs || ((num = sk_X509_num(certs)) == 0)) { - wpa_printf(MSG_INFO, - "DPP: No certificates found in PKCS#7 object"); - goto fail; - } - - out = BIO_new(BIO_s_mem()); - if (!out) - goto fail; - - for (i = 0; i < num; i++) { - X509 *cert = sk_X509_value(certs, i); - - PEM_write_bio_X509(out, cert); - } - - rlen = BIO_ctrl_pending(out); - pem = wpabuf_alloc(rlen); - if (!pem) - goto fail; - res = BIO_read(out, wpabuf_put(pem, 0), rlen); - if (res <= 0) { - wpabuf_free(pem); - pem = NULL; - goto fail; - } - wpabuf_put(pem, res); - -fail: -#ifdef OPENSSL_IS_BORINGSSL - if (certs) - sk_X509_pop_free(certs, X509_free); -#else /* OPENSSL_IS_BORINGSSL */ - PKCS7_free(p7); -#endif /* OPENSSL_IS_BORINGSSL */ - if (out) - BIO_free_all(out); - - return pem; -} - - int dpp_validate_csr(struct dpp_authentication *auth, const struct wpabuf *csrbuf) { struct crypto_csr *csr = NULL; diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index abcfeef38..8ff28af22 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -22,6 +22,7 @@ #ifdef CONFIG_ECC #include #include +#include #endif /* CONFIG_ECC */ #include "common.h" @@ -3009,4 +3010,92 @@ struct wpabuf * crypto_csr_sign(struct crypto_csr *csr, struct crypto_ec_key *ke return buf; } + +struct wpabuf *pkcs7_get_certificates(const struct wpabuf *pkcs7) +{ +#ifdef OPENSSL_IS_BORINGSSL + CBS pkcs7_cbs; +#else /* OPENSSL_IS_BORINGSSL */ + PKCS7 *p7 = NULL; + const unsigned char *p = wpabuf_head(pkcs7); +#endif /* OPENSSL_IS_BORINGSSL */ + STACK_OF(X509) *certs; + int i, num; + BIO *out = NULL; + size_t rlen; + struct wpabuf *pem = NULL; + int res; + +#ifdef OPENSSL_IS_BORINGSSL + certs = sk_X509_new_null(); + if (!certs) + goto fail; + CBS_init(&pkcs7_cbs, wpabuf_head(pkcs7), wpabuf_len(pkcs7)); + if (!PKCS7_get_certificates(certs, &pkcs7_cbs)) { + wpa_printf(MSG_INFO, "OpenSSL: Could not parse PKCS#7 object: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } +#else /* OPENSSL_IS_BORINGSSL */ + p7 = d2i_PKCS7(NULL, &p, wpabuf_len(pkcs7)); + if (!p7) { + wpa_printf(MSG_INFO, "OpenSSL: Could not parse PKCS#7 object: %s", + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + switch (OBJ_obj2nid(p7->type)) { + case NID_pkcs7_signed: + certs = p7->d.sign->cert; + break; + case NID_pkcs7_signedAndEnveloped: + certs = p7->d.signed_and_enveloped->cert; + break; + default: + certs = NULL; + break; + } +#endif /* OPENSSL_IS_BORINGSSL */ + + if (!certs || ((num = sk_X509_num(certs)) == 0)) { + wpa_printf(MSG_INFO, + "OpenSSL: No certificates found in PKCS#7 object"); + goto fail; + } + + out = BIO_new(BIO_s_mem()); + if (!out) + goto fail; + + for (i = 0; i < num; i++) { + X509 *cert = sk_X509_value(certs, i); + + PEM_write_bio_X509(out, cert); + } + + rlen = BIO_ctrl_pending(out); + pem = wpabuf_alloc(rlen); + if (!pem) + goto fail; + res = BIO_read(out, wpabuf_put(pem, 0), rlen); + if (res <= 0) { + wpabuf_free(pem); + pem = NULL; + goto fail; + } + wpabuf_put(pem, res); + +fail: +#ifdef OPENSSL_IS_BORINGSSL + if (certs) + sk_X509_pop_free(certs, X509_free); +#else /* OPENSSL_IS_BORINGSSL */ + PKCS7_free(p7); +#endif /* OPENSSL_IS_BORINGSSL */ + if (out) + BIO_free_all(out); + + return pem; + +} #endif /* CONFIG_ECC */ diff --git a/src/tls/pkcs7.h b/src/tls/pkcs7.h new file mode 100644 index 000000000..370b2a2a9 --- /dev/null +++ b/src/tls/pkcs7.h @@ -0,0 +1,13 @@ +/* + * PKCS #7 (Cryptographic Message Syntax) + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#ifndef PKCS7_H +#define PKCS7_H + +struct wpabuf *pkcs7_get_certificates(const struct wpabuf *pkcs7); + +#endif /* PKCS7_H */