From patchwork Mon Jan 24 15:51:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 2252 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director13.mail.ord1d.rsapps.net ([172.31.255.6]) by backend41.mail.ord1d.rsapps.net with LMTP id GEbfOvxl72EiCAAAqwncew (envelope-from ) for ; Mon, 24 Jan 2022 21:52:44 -0500 Received: from proxy5.mail.iad3b.rsapps.net ([172.31.255.6]) by director13.mail.ord1d.rsapps.net with LMTP id SB51Ff1l72E+bwAA91zNiA (envelope-from ) for ; Mon, 24 Jan 2022 21:52:45 -0500 Received: from smtp26.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy5.mail.iad3b.rsapps.net with LMTPS id cAYLEP1l72H1LgAA13hMnw (envelope-from ) for ; Mon, 24 Jan 2022 21:52:45 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp26.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: dec4e6ee-7d89-11ec-96d4-5254001088d3-1-1 Received: from [216.105.38.7] ([216.105.38.7:33786] helo=lists.sourceforge.net) by smtp26.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 07/F0-18258-CF56FE16; Mon, 24 Jan 2022 21:52:45 -0500 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1nCBvu-000647-8H; Tue, 25 Jan 2022 02:51:44 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nCBvt-000641-BC for openvpn-devel@lists.sourceforge.net; Tue, 25 Jan 2022 02:51:43 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=yQqKDUXJk7hRpr3/3ocPS8nnj47PDXiwbGj3JQ1fzSs=; b=gmNxS/h2Re/I2oM99lRVqFGC7K clV0DMwrgQRexDWuuzegQ6zZjO342/HmiOOvFlKiOLQe+qR8gEbX4n+os5AlNx1FiiLe2EkAi1ad2 sRA6dt4MXIunDxhXYeewiIKh6otMlu8igZ2G2y4KbPNRl7wF3Qfp6uPc8GllKMKAM4rs=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=yQqKDUXJk7hRpr3/3ocPS8nnj47PDXiwbGj3JQ1fzSs=; b=cY/9hVpOeO2/e4Wr4Sl3EpWd4B eWKBG4KTbGKXc54es+zV04yKaGql7MTp/O7HDgtMEknQom8+vJ4PEqx06RTwfiM5He1DbMAQGQ6TG hDatGCSfNWkuA8Mm8sryzIBL7c08ZShsNaJr7qvXRCOJmOhkUNpGQofU6XJ4HBgzXCV4=; Received: from mail-qt1-f177.google.com ([209.85.160.177]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.3) id 1nCBvq-00026J-SJ for openvpn-devel@lists.sourceforge.net; Tue, 25 Jan 2022 02:51:43 +0000 Received: by mail-qt1-f177.google.com with SMTP id b5so4623948qtq.11 for ; Mon, 24 Jan 2022 18:51:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=yQqKDUXJk7hRpr3/3ocPS8nnj47PDXiwbGj3JQ1fzSs=; b=DHW98B/nmXfj1RCJiCCkvWWQSPuRf/bgXAtkdosavccYhx6vMaxVhMSZ7Y9u3RMgBc /KUiPAhqGfdRXoUFWnE7jlUXcmLD+fyh9LG240VTRZAT5/deE/c+pwnfsyMJYN9BK/rS 3NfNsEimMy9B4LTZk0LYTryo2HdR6r2y5ulUzwgjOR/aV3/dus37clX9J+uyMBIrLo30 zaEact2YCVRsWuaJZKlDd7TROhJ8pIuj2zTspvW3GpFb0kq1hUD1eKVrUgEffFEf7QB5 Sc9iFPadJ7kdWOlHabRqj8RvX+8dUAt+cWYwYyKEe6/v3f6gGfNeaVKUkTyjqGrz2LcW 7c8g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=yQqKDUXJk7hRpr3/3ocPS8nnj47PDXiwbGj3JQ1fzSs=; b=548df1zzlLBIAb/kCQxRETfvOimgh5BYlCFCTdHwW7O0VK+XZn7kGj1Odn/sMxkcNe D1JF+BQYlsNJ/vP9vwod90En0/7kXuJqr2ia1TQmqRN+b/WyTdpi99eZdzFFUtUYZBze WTsQpUNna4fuoV4FyYp3VJCdDEWBh6GKHp6Cll5HjBNUitMgJT4qwtSEjiM2ziyTJeAI wDH046CMbdnaY2oLoupVgcsusu+V44K3lHJQ7ZoDTaqLcK3yoJ+VcUlmMoUAaT3dMMwP zNukb2B7oFCo1F30GNJmk53puj34Eppbee/mQQdPAYPvrLlmEJh0+q6h2LwdhvrG8Q+7 T9oQ== X-Gm-Message-State: AOAM532gnS9yrn9//fOfHpbwo7R1Fft8zfZ/P1RJxtmW7qB/WO8oT/Be o1tjH5seck8aYn3wlbY1vCkNegDC7E7OJw== X-Google-Smtp-Source: ABdhPJwSQumHSijBKpJ3szn+/cbKbtYTv4cThY5Zpo5m9pjJiWSRR4jqPJ0izorOnOVn+3RpCZU7Gg== X-Received: by 2002:ac8:4e90:: with SMTP id 16mr15217835qtp.527.1643079095380; Mon, 24 Jan 2022 18:51:35 -0800 (PST) Received: from uranus.home.sansel.ca (bras-vprn-tnhlon4053w-lp130-03-70-53-19-97.dsl.bell.ca. [70.53.19.97]) by smtp.gmail.com with ESMTPSA id g21sm8027663qtb.49.2022.01.24.18.51.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 24 Jan 2022 18:51:34 -0800 (PST) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Mon, 24 Jan 2022 21:51:27 -0500 Message-Id: <20220125025128.2117-2-selva.nair@gmail.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220125025128.2117-1-selva.nair@gmail.com> References: <20220125025128.2117-1-selva.nair@gmail.com> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Selva Nair (nbits - 1)/8 should have been rounded up. Fix and move it to an inlined function for reuse in pkcs11_openssl.c (used in the next commit). Note: The error is not triggered in normal use as OpenSSL always seems to use saltlen="digest" for signing. Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.160.177 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [209.85.160.177 listed in wl.mailspike.net] -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-Headers-End: 1nCBvq-00026J-SJ Subject: [Openvpn-devel] [PATCH 2/3] Fix max saltlen calculation in cryptoapi.c X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Selva Nair (nbits - 1)/8 should have been rounded up. Fix and move it to an inlined function for reuse in pkcs11_openssl.c (used in the next commit). Note: The error is not triggered in normal use as OpenSSL always seems to use saltlen="digest" for signing. Signed-off-by: Selva Nair Acked-By: Arne Schwabe --- src/openvpn/cryptoapi.c | 2 +- src/openvpn/xkey_common.h | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c index 8e0ceba7..56cab962 100644 --- a/src/openvpn/cryptoapi.c +++ b/src/openvpn/cryptoapi.c @@ -843,7 +843,7 @@ xkey_cng_rsa_sign(CAPI_DATA *cd, unsigned char *sig, size_t *siglen, const unsig int saltlen = tbslen; /* digest size by default */ if (!strcmp(sigalg.saltlen, "max")) { - saltlen = (EVP_PKEY_bits(cd->pubkey) - 1)/8 - tbslen - 2; + saltlen = xkey_max_saltlen(EVP_PKEY_bits(cd->pubkey), tbslen); if (saltlen < 0) { msg(M_NONFATAL, "Error in cryptoapicert: invalid salt length (%d)", saltlen); diff --git a/src/openvpn/xkey_common.h b/src/openvpn/xkey_common.h index 75ca5011..1e51e672 100644 --- a/src/openvpn/xkey_common.h +++ b/src/openvpn/xkey_common.h @@ -153,6 +153,20 @@ xkey_load_generic_key(OSSL_LIB_CTX *libctx, void *handle, EVP_PKEY *pubkey, extern OSSL_LIB_CTX *tls_libctx; /* Global */ +/** + * Maximum salt length for PSS signature. + * + * @param modBits Number of bits in RSA modulus + * @param hLen Length of digest to be signed + * @returns the maximum allowed salt length. Caller must check it's not < 0. + */ +static inline int +xkey_max_saltlen(int modBits, int hLen) +{ + int emLen = (modBits - 1 + 7)/8; /* ceil((modBits - 1)/8) */ + + return emLen - hLen - 2; +} #endif /* HAVE_XKEY_PROVIDER */ #endif /* XKEY_COMMON_H_ */