|
|
debe55 |
From 30e2e4cbb11a4fbdb7102133b19bfc990a2ba939 Mon Sep 17 00:00:00 2001
|
|
|
debe55 |
From: Jeremy Barton <jbarton@microsoft.com>
|
|
|
debe55 |
Date: Fri, 16 Apr 2021 09:38:47 -0700
|
|
|
debe55 |
Subject: [PATCH 08/11] Work around OpenSSL 3.0 ciphers not restoring original
|
|
|
debe55 |
IV on reset.
|
|
|
debe55 |
|
|
|
debe55 |
---
|
|
|
debe55 |
.../opensslshim.h | 2 ++
|
|
|
debe55 |
.../osslcompat_30.h | 1 +
|
|
|
debe55 |
.../pal_evp_cipher.c | 20 ++++++++++++++++++-
|
|
|
debe55 |
3 files changed, 22 insertions(+), 1 deletion(-)
|
|
|
debe55 |
|
|
|
debe55 |
diff --git a/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.h b/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.h
|
|
|
debe55 |
index 957860cae4..c5052c1ba5 100644
|
|
|
debe55 |
--- a/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.h
|
|
|
debe55 |
+++ b/src/Native/Unix/System.Security.Cryptography.Native/opensslshim.h
|
|
|
debe55 |
@@ -271,6 +271,7 @@ void SSL_get0_alpn_selected(const SSL* ssl, const unsigned char** protocol, unsi
|
|
|
debe55 |
LEGACY_FUNCTION(EVP_CIPHER_CTX_cleanup) \
|
|
|
debe55 |
REQUIRED_FUNCTION(EVP_CIPHER_CTX_ctrl) \
|
|
|
debe55 |
FALLBACK_FUNCTION(EVP_CIPHER_CTX_free) \
|
|
|
debe55 |
+ LIGHTUP_FUNCTION(EVP_CIPHER_CTX_get_original_iv) \
|
|
|
debe55 |
LEGACY_FUNCTION(EVP_CIPHER_CTX_init) \
|
|
|
debe55 |
FALLBACK_FUNCTION(EVP_CIPHER_CTX_new) \
|
|
|
debe55 |
FALLBACK_FUNCTION(EVP_CIPHER_CTX_reset) \
|
|
|
debe55 |
@@ -676,6 +677,7 @@ FOR_ALL_OPENSSL_FUNCTIONS
|
|
|
debe55 |
#define EVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_cleanup_ptr
|
|
|
debe55 |
#define EVP_CIPHER_CTX_ctrl EVP_CIPHER_CTX_ctrl_ptr
|
|
|
debe55 |
#define EVP_CIPHER_CTX_free EVP_CIPHER_CTX_free_ptr
|
|
|
debe55 |
+#define EVP_CIPHER_CTX_get_original_iv EVP_CIPHER_CTX_get_original_iv_ptr
|
|
|
debe55 |
#define EVP_CIPHER_CTX_init EVP_CIPHER_CTX_init_ptr
|
|
|
debe55 |
#define EVP_CIPHER_CTX_new EVP_CIPHER_CTX_new_ptr
|
|
|
debe55 |
#define EVP_CIPHER_CTX_reset EVP_CIPHER_CTX_reset_ptr
|
|
|
debe55 |
diff --git a/src/Native/Unix/System.Security.Cryptography.Native/osslcompat_30.h b/src/Native/Unix/System.Security.Cryptography.Native/osslcompat_30.h
|
|
|
debe55 |
index b87b4e7250..bb529df51e 100644
|
|
|
debe55 |
--- a/src/Native/Unix/System.Security.Cryptography.Native/osslcompat_30.h
|
|
|
debe55 |
+++ b/src/Native/Unix/System.Security.Cryptography.Native/osslcompat_30.h
|
|
|
debe55 |
@@ -18,6 +18,7 @@ typedef struct ossl_lib_ctx_st OSSL_LIB_CTX;
|
|
|
debe55 |
void ERR_new(void);
|
|
|
debe55 |
void ERR_set_debug(const char *file, int line, const char *func);
|
|
|
debe55 |
void ERR_set_error(int lib, int reason, const char *fmt, ...);
|
|
|
debe55 |
+int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len);
|
|
|
debe55 |
int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX* ctx, int bits);
|
|
|
debe55 |
int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX* ctx, const EVP_MD* md);
|
|
|
debe55 |
int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX* ctx, int pad_mode);
|
|
|
debe55 |
diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.c b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.c
|
|
|
debe55 |
index af2483fa0c..4d21294fa1 100644
|
|
|
debe55 |
--- a/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.c
|
|
|
debe55 |
+++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.c
|
|
|
debe55 |
@@ -127,8 +127,26 @@ int32_t CryptoNative_EvpCipherReset(EVP_CIPHER_CTX* ctx)
|
|
|
debe55 |
//
|
|
|
debe55 |
// But since we have a different object returned for CreateEncryptor
|
|
|
debe55 |
// and CreateDecryptor we don't need to worry about that.
|
|
|
debe55 |
+ uint8_t* iv = NULL;
|
|
|
debe55 |
|
|
|
debe55 |
- return EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, KEEP_CURRENT_DIRECTION);
|
|
|
debe55 |
+#ifdef NEED_OPENSSL_3_0
|
|
|
debe55 |
+ // OpenSSL 3.0 alpha 13 does not properly reset the IV. Work around that by
|
|
|
debe55 |
+ // asking for the original IV, and giving it back.
|
|
|
debe55 |
+ uint8_t tmpIV[EVP_MAX_IV_LENGTH];
|
|
|
debe55 |
+
|
|
|
debe55 |
+ // If we're direct against 3.0, or we're portable and found 3.0
|
|
|
debe55 |
+ if (API_EXISTS(EVP_CIPHER_CTX_get_original_iv))
|
|
|
debe55 |
+ {
|
|
|
debe55 |
+ if (EVP_CIPHER_CTX_get_original_iv(ctx, tmpIV, sizeof(tmpIV)) != 1)
|
|
|
debe55 |
+ {
|
|
|
debe55 |
+ return 0;
|
|
|
debe55 |
+ }
|
|
|
debe55 |
+
|
|
|
debe55 |
+ iv = tmpIV;
|
|
|
debe55 |
+ }
|
|
|
debe55 |
+#endif
|
|
|
debe55 |
+
|
|
|
debe55 |
+ return EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, KEEP_CURRENT_DIRECTION);
|
|
|
debe55 |
}
|
|
|
debe55 |
|
|
|
debe55 |
int32_t CryptoNative_EvpCipherCtxSetPadding(EVP_CIPHER_CTX* x, int32_t padding)
|
|
|
debe55 |
--
|
|
|
debe55 |
2.31.1
|
|
|
debe55 |
|