From 0caac28c1fa2d62dbf7c5a6c65346f6d3399d22c Mon Sep 17 00:00:00 2001

From: Petr Gotthard <petr.gotthard@centrum.cz>

Date: Sun, 15 Aug 2021 16:26:06 +0200

Subject: [PATCH 15/17] openssl: Convert deprecated ECDH_compute_key to

 EVP_PKEY_derive

The EC_KEY functions are replaced by corresponding EVP_PKEY functions.

The tpm2_get_EC_public_key function is replaced by convert_pubkey_ECC

from lib/tpm2_convert.c.

Signed-off-by: Petr Gotthard <petr.gotthard@centrum.cz>

---

 lib/tpm2_kdfe.c | 186 +++++++++++++++++++++++-------------------------

 1 file changed, 89 insertions(+), 97 deletions(-)

diff --git a/lib/tpm2_kdfe.c b/lib/tpm2_kdfe.c

index 84718b9f..91027e32 100644

--- a/lib/tpm2_kdfe.c

+++ b/lib/tpm2_kdfe.c

@@ -5,12 +5,16 @@

 #include <string.h>

 #include <openssl/bn.h>

+#if OPENSSL_VERSION_NUMBER < 0x30000000L

 #include <openssl/ecdh.h>

-

+#else

+#include <openssl/core_names.h>

+#endif

 #include <tss2/tss2_tpm2_types.h>

 #include <tss2/tss2_mu.h>

 #include "log.h"

+#include "tpm2_convert.h"

 #include "tpm2_openssl.h"

 #include "tpm2_alg_util.h"

 #include "tpm2_util.h"

@@ -65,72 +69,18 @@ TSS2_RC tpm2_kdfe(

     return rval;

 }

-static EC_POINT * tpm2_get_EC_public_key(TPM2B_PUBLIC *public) {

-    EC_POINT *q = NULL;

-    BIGNUM *bn_qx, *bn_qy;

-    EC_KEY *key;

-    const EC_GROUP *group;

-    bool rval;

-    TPMS_ECC_PARMS *tpm_ecc   = &public->publicArea.parameters.eccDetail;

-    TPMS_ECC_POINT *tpm_point = &public->publicArea.unique.ecc;

-

-    int nid = tpm2_ossl_curve_to_nid(tpm_ecc->curveID);

-    if (nid < 0) {

-        return NULL;

-    }

-

-    key = EC_KEY_new_by_curve_name(nid);

-    if (!key) {

-        LOG_ERR("Failed to create EC key from nid");

-        return NULL;

-    }

-

-    bn_qx = BN_bin2bn(tpm_point->x.buffer, tpm_point->x.size, NULL);

-    bn_qy = BN_bin2bn(tpm_point->y.buffer, tpm_point->y.size, NULL);

-    if ((bn_qx == NULL) || (bn_qy == NULL)) {

-        LOG_ERR("Could not convert EC public key to BN");

-        goto out;

-    }

-    group = EC_KEY_get0_group(key);

-    if (!group) {

-        LOG_ERR("EC key missing group");

-        goto out;

-    }

-    q = EC_POINT_new(group);

-    if (q == NULL) {

-        LOG_ERR("Could not allocate EC_POINT");

-        goto out;

-    }

-

-    rval = EC_POINT_set_affine_coordinates_tss(group, q, bn_qx, bn_qy, NULL);

-    if (rval == false) {

-        LOG_ERR("Could not set affine_coordinates");

-        EC_POINT_free(q);

-        q = NULL;

-    }

-

-out:

-    if (bn_qx) {

-        BN_free(bn_qx);

-    }

-    if (bn_qy) {

-        BN_free(bn_qy);

-    }

-    if (key) {

-        EC_KEY_free(key);

-    }

-

-    return q;

-}

-

-

-static bool get_public_key_from_ec_key(EC_KEY *key, TPMS_ECC_POINT *point) {

-    BIGNUM *x = BN_new();

-    BIGNUM *y = BN_new();

-    const EC_POINT *pubkey = EC_KEY_get0_public_key(key);

+static bool get_public_key_from_ec_key(EVP_PKEY *pkey, TPMS_ECC_POINT *point) {

+    BIGNUM *x = NULL;

+    BIGNUM *y = NULL;

     unsigned int nbx, nby;

     bool result = false;

+#if OPENSSL_VERSION_NUMBER < 0x30000000L

+    EC_KEY *key = EVP_PKEY_get0_EC_KEY(pkey);

+    const EC_POINT *pubkey = EC_KEY_get0_public_key(key);

+

+    x = BN_new();

+    y = BN_new();

     if ((x == NULL) || (y == NULL) || (pubkey == NULL)) {

         LOG_ERR("Failed to allocate memory to store EC public key.");

         goto out;

@@ -138,6 +88,18 @@ static bool get_public_key_from_ec_key(EC_KEY *key, TPMS_ECC_POINT *point) {

     EC_POINT_get_affine_coordinates_tss(EC_KEY_get0_group(key),

             pubkey, x, y, NULL);

+#else

+    int rc = EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_EC_PUB_X, &x);

+    if (!rc) {

+        LOG_ERR("Failed to get EC public key X.");

+        goto out;

+    }

+    rc = EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_EC_PUB_Y, &y);

+    if (!rc) {

+        LOG_ERR("Failed to get EC public key Y.");

+        goto out;

+    }

+#endif

     nbx = BN_num_bytes(x);

     nby = BN_num_bytes(y);

     if ((nbx > sizeof(point->x.buffer))||

@@ -153,29 +115,41 @@ static bool get_public_key_from_ec_key(EC_KEY *key, TPMS_ECC_POINT *point) {

     result = true;

 out:

-    if (x) {

-        BN_free(x);

-    }

-    if (y) {

-        BN_free(y);

-    }

+    BN_free(x);

+    BN_free(y);

     return result;

 }

-static int get_ECDH_shared_secret(EC_KEY *key,

-        const EC_POINT *p_pub, TPM2B_ECC_PARAMETER *secret) {

+static int get_ECDH_shared_secret(EVP_PKEY *pkey,

+        EVP_PKEY *p_pub, TPM2B_ECC_PARAMETER *secret) {

-    int shared_secret_length;

+    EVP_PKEY_CTX *ctx;

+    int result = -1;

-    shared_secret_length = EC_GROUP_get_degree(EC_KEY_get0_group(key));

-    shared_secret_length = (shared_secret_length + 7) / 8;

-    if ((size_t) shared_secret_length > sizeof(secret->buffer)) {

+    ctx = EVP_PKEY_CTX_new(pkey, NULL);

+    if (!ctx)

         return -1;

-    }

-    secret->size = ECDH_compute_key(secret->buffer,

-            shared_secret_length, p_pub, key, NULL);

-    return secret->size;

+

+    int rc = EVP_PKEY_derive_init(ctx);

+    if (rc <= 0)

+        goto out;

+

+    rc = EVP_PKEY_derive_set_peer(ctx, p_pub);

+    if (rc <= 0)

+        goto out;

+

+    size_t shared_secret_length = sizeof(secret->buffer);

+    rc = EVP_PKEY_derive(ctx, secret->buffer, &shared_secret_length);

+    if (rc <= 0)

+        goto out;

+

+    secret->size = shared_secret_length;

+    result = secret->size;

+

+out:

+    EVP_PKEY_CTX_free(ctx);

+    return result;

 }

@@ -190,25 +164,42 @@ bool ecdh_derive_seed_and_encrypted_seed(

     TPMI_ALG_HASH parent_name_alg = parent_pub->publicArea.nameAlg;

     UINT16 parent_hash_size = tpm2_alg_util_get_hash_size(parent_name_alg);

     bool result = false;

-    EC_KEY *key = NULL;

-    EC_POINT *qsv = NULL;

+    EVP_PKEY_CTX *ctx;

+    EVP_PKEY *pkey = NULL;

+    EVP_PKEY *qsv = NULL;

     TPMS_ECC_POINT qeu;

     bool qeu_is_valid;

     TPM2B_ECC_PARAMETER ecc_secret;

     // generate an ephemeral key

     int nid = tpm2_ossl_curve_to_nid(tpm_ecc->curveID);

-    if (nid >= 0) {

-        key = EC_KEY_new_by_curve_name(nid);

-    }

-    if (key == NULL) {

-        LOG_ERR("Failed to create EC key from curveID");

+

+    ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);

+    if (!ctx) {

+        LOG_ERR("Failed to create key creation context");

         return false;

     }

-    EC_KEY_generate_key(key);

+

+    int rc = EVP_PKEY_keygen_init(ctx);

+    if (rc <= 0) {

+        LOG_ERR("Failed to initialize key creation");

+        goto out;

+    }

+

+    rc = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid);

+    if (rc <= 0) {

+        LOG_ERR("Failed to set EC curve NID %i", nid);

+        goto out;

+    }

+

+    rc = EVP_PKEY_keygen(ctx, &pkey);

+    if (rc <= 0) {

+        LOG_ERR("Failed to generate the ephemeral EC key");

+        goto out;

+    }

     // get public key for the ephemeral key

-    qeu_is_valid = get_public_key_from_ec_key(key, &qeu);

+    qeu_is_valid = get_public_key_from_ec_key(pkey, &qeu);

     if (qeu_is_valid == false) {

         LOG_ERR("Could not get the ECC public key");

         goto out;

@@ -226,13 +217,17 @@ bool ecdh_derive_seed_and_encrypted_seed(

     out_sym_seed->size = offset;

     /* get parents public key */

-    qsv = tpm2_get_EC_public_key(parent_pub);

+    qsv = convert_pubkey_ECC(&parent_pub->publicArea);

     if (qsv == NULL) {

         LOG_ERR("Could not get parent's public key");

         goto out;

     }

-    get_ECDH_shared_secret(key, qsv, &ecc_secret);

+    rc = get_ECDH_shared_secret(pkey, qsv, &ecc_secret);

+    if (rc <= 0) {

+        LOG_ERR("Could not derive shared secret");

+        goto out;

+    }

     /* derive seed using KDFe */

     TPM2B_ECC_PARAMETER *party_u_info = &qeu.x;

@@ -244,11 +239,8 @@ bool ecdh_derive_seed_and_encrypted_seed(

     result = true;

 out:

-    if (qsv) {

-        EC_POINT_free(qsv);

-    }

-    if (key) {

-        EC_KEY_free(key);

-    }

+    EVP_PKEY_free(qsv);

+    EVP_PKEY_free(pkey);

+    EVP_PKEY_CTX_free(ctx);

     return result;

 }

-- 

2.31.1