Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo

slontis · slontis · commit e5b2cd5899b2 · 2020-08-04T12:18:51.000+10:00
Added der_writer functions for writing octet string primitives. Generate OID's for key wrapping algorithms used by X942 KDF. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from openssl#12554)
diff --git a/.gitignore b/.gitignore
@@ -34,10 +34,12 @@ providers/common/der/der_digests_gen.c
 providers/common/der/der_dsa_gen.c
 providers/common/der/der_ec_gen.c
 providers/common/der/der_rsa_gen.c
+providers/common/der/der_wrap_gen.c
 providers/common/include/prov/der_dsa.h
 providers/common/include/prov/der_ec.h
 providers/common/include/prov/der_rsa.h
 providers/common/include/prov/der_digests.h
+providers/common/include/prov/der_wrap.h
 
 # error code files
 /crypto/err/openssl.txt.old
diff --git a/crypto/der_writer.c b/crypto/der_writer.c
@@ -66,6 +66,29 @@ int DER_w_boolean(WPACKET *pkt, int tag, int b)
         && int_end_context(pkt, tag);
 }
 
+int DER_w_octet_string(WPACKET *pkt, int tag,
+                       const unsigned char *data, size_t data_n)
+{
+    return int_start_context(pkt, tag)
+        && WPACKET_start_sub_packet(pkt)
+        && WPACKET_memcpy(pkt, data, data_n)
+        && WPACKET_close(pkt)
+        && WPACKET_put_bytes_u8(pkt, DER_P_OCTET_STRING)
+        && int_end_context(pkt, tag);
+}
+
+int DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value)
+{
+    unsigned char tmp[4] = { 0, 0, 0, 0 };
+    unsigned char *pbuf = tmp + (sizeof(tmp) - 1);
+
+    while (value > 0) {
+        *pbuf-- = (value & 0xFF);
+        value >>= 8;
+    }
+    return DER_w_octet_string(pkt, tag, tmp, sizeof(tmp));
+}
+
 static int int_der_w_integer(WPACKET *pkt, int tag,
                              int (*put_bytes)(WPACKET *pkt, const void *v,
                                               unsigned int *top_byte),
diff --git a/doc/internal/man3/DER_w_bn.pod b/doc/internal/man3/DER_w_bn.pod
@@ -2,7 +2,8 @@
 
 =head1 NAME
 
-DER_w_boolean, DER_w_ulong, DER_w_bn, DER_w_null
+DER_w_boolean, DER_w_ulong, DER_w_bn, DER_w_null,
+DER_w_octet_string, DER_w_octet_string_uint32
 - internal DER writers for DER primitives
 
 =head1 SYNOPSIS
@@ -13,6 +14,9 @@ DER_w_boolean, DER_w_ulong, DER_w_bn, DER_w_null
  int DER_w_ulong(WPACKET *pkt, int tag, unsigned long v);
  int DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v);
  int DER_w_null(WPACKET *pkt, int tag);
+ int DER_w_octet_string(WPACKET *pkt, int tag,
+                        const unsigned char *data, size_t data_n);
+ int DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value);
 
 =head1 DESCRIPTION
 
@@ -33,6 +37,12 @@ added.
 
 DER_w_null() writes the primitive NULL.
 
+DER_w_octet_string() writes the primitive OCTET STRING using the bytes from
+I<data> with a length of I<data_n>.
+
+DER_w_octet_string_uint32() writes the primitive OCTET STRING using a 32 bit
+value in I<value>.
+
 =head1 RETURN VALUES
 
 All the functions return 1 on success and 0 on failure.  Failure may
diff --git a/include/internal/der.h b/include/internal/der.h
@@ -76,6 +76,9 @@ int DER_w_boolean(WPACKET *pkt, int tag, int b);
 int DER_w_ulong(WPACKET *pkt, int tag, unsigned long v);
 int DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v);
 int DER_w_null(WPACKET *pkt, int tag);
+int DER_w_octet_string(WPACKET *pkt, int tag,
+                       const unsigned char *data, size_t data_n);
+int DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value);
 
 /*
  * All constructors for constructed elements have a begin and a end function
diff --git a/providers/common/der/build.info b/providers/common/der/build.info
@@ -50,6 +50,17 @@ DEPEND[${DER_EC_GEN/.c/.o}]=$DER_EC_H
 GENERATE[$DER_EC_H]=der_ec.h.in
 DEPEND[$DER_EC_H]=oids_to_c.pm
 
+#----- KEY WRAP
+$DER_WRAP_H=../include/prov/der_wrap.h
+$DER_WRAP_GEN=der_wrap_gen.c
+
+GENERATE[$DER_WRAP_GEN]=der_wrap_gen.c.in
+DEPEND[$DER_WRAP_GEN]=oids_to_c.pm
+
+DEPEND[${DER_WRAP_GEN/.c/.o}]=$DER_WRAP_H
+GENERATE[$DER_WRAP_H]=der_wrap.h.in
+DEPEND[$DER_WRAP_H]=oids_to_c.pm
+
 #----- Conclusion
 
 # TODO(3.0) $COMMON should go to libcommon.a, but this currently leads
@@ -59,6 +70,8 @@ $COMMON=\
         $DER_RSA_COMMON \
         $DER_DSA_GEN $DER_DSA_AUX \
         $DER_EC_GEN $DER_EC_AUX \
-        $DER_DIGESTS_GEN
+        $DER_DIGESTS_GEN \
+        $DER_WRAP_GEN
+
 SOURCE[../../libfips.a]=$COMMON $DER_RSA_FIPSABLE
 SOURCE[../../libnonfips.a]=$COMMON $DER_RSA_FIPSABLE
diff --git a/providers/common/der/der_wrap.h.in b/providers/common/der/der_wrap.h.in
@@ -0,0 +1,17 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "internal/der.h"
+
+/* Well known OIDs precompiled */
+{-
+    $OUT = oids_to_c::process_leaves('providers/common/der/wrap.asn1',
+                                     { dir => $config{sourcedir},
+                                       filter => \&oids_to_c::filter_to_H });
+-}
diff --git a/providers/common/der/der_wrap_gen.c.in b/providers/common/der/der_wrap_gen.c.in
@@ -0,0 +1,17 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "prov/der_wrap.h"
+
+/* Well known OIDs precompiled */
+{-
+    $OUT = oids_to_c::process_leaves('providers/common/der/wrap.asn1',
+                                     { dir => $config{sourcedir},
+                                       filter => \&oids_to_c::filter_to_C });
+-}
diff --git a/providers/common/der/wrap.asn1 b/providers/common/der/wrap.asn1
@@ -0,0 +1,19 @@
+-- -------------------------------------------------------------------
+-- Taken from RFC 3370, Section 4.3.1 Triple-DES Key Wrap
+-- (https://tools.ietf.org/html/rfc3370)
+
+id-alg-CMS3DESwrap OBJECT IDENTIFIER ::= {
+    iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 6
+}
+
+-- -------------------------------------------------------------------
+-- Taken from RFC 3394, Section 3. Object Identifiers
+-- (https://tools.ietf.org/html/rfc3565)
+
+aes  OBJECT IDENTIFIER  ::=  {
+    joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1
+}
+
+id-aes128-wrap OBJECT IDENTIFIER ::= { aes 5 }
+id-aes192-wrap OBJECT IDENTIFIER ::= { aes 25 }
+id-aes256-wrap OBJECT IDENTIFIER ::= { aes 45 }
diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c
@@ -521,8 +521,6 @@ int ecdh_derive(void *vpecdhctx, unsigned char *secret,
     return 0;
 }
 
-
-
 const OSSL_DISPATCH ecdh_keyexch_functions[] = {
     { OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))ecdh_newctx },
     { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))ecdh_init },
diff --git a/providers/implementations/kdfs/build.info b/providers/implementations/kdfs/build.info
@@ -30,3 +30,4 @@ SOURCE[$SSKDF_GOAL]=sskdf.c
 SOURCE[$SCRYPT_GOAL]=scrypt.c
 SOURCE[$SSHKDF_GOAL]=sshkdf.c
 SOURCE[$X942KDF_GOAL]=x942kdf.c
+DEPEND[x942kdf.o]=../../common/include/prov/der_wrap.h
diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c
diff --git a/test/recipes/30-test_evp_data/evpkdf.txt b/test/recipes/30-test_evp_data/evpkdf.txt

Original file line number	Diff line number	Diff line change
`@@ -521,8 +521,6 @@ int ecdh_derive(void vpecdhctx, unsigned char secret,`
`521`	`521`	`return 0;`
`522`	`522`	`}`
`523`	`523`
`524`		`-`
`525`		`-`
`526`	`524`	`const OSSL_DISPATCH ecdh_keyexch_functions[] = {`
`527`	`525`	`{ OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))ecdh_newctx },`
`528`	`526`	`{ OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))ecdh_init },`