From patchwork Fri Oct 29 00:11:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 2051 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director14.mail.ord1d.rsapps.net ([172.27.255.58]) by backend30.mail.ord1d.rsapps.net with LMTP id QI8tJgHte2FSfgAAIUCqbw (envelope-from ) for ; Fri, 29 Oct 2021 08:45:53 -0400 Received: from proxy13.mail.iad3a.rsapps.net ([172.27.255.58]) by director14.mail.ord1d.rsapps.net with LMTP id KKcAJgHte2HXRQAAeJ7fFg (envelope-from ) for ; Fri, 29 Oct 2021 08:45:53 -0400 Received: from smtp25.gate.iad3a ([172.27.255.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy13.mail.iad3a.rsapps.net with LMTPS id aOm2HwHte2H7MwAAwhxzoA (envelope-from ) for ; Fri, 29 Oct 2021 08:45:53 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp25.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 26921a64-38b6-11ec-b1cb-52540086a678-1-1 Received: from [216.105.38.7] ([216.105.38.7:32812] helo=lists.sourceforge.net) by smtp25.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 17/E2-06975-00DEB716; Fri, 29 Oct 2021 08:45:53 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1mgRFo-000314-6G; Fri, 29 Oct 2021 12:45:02 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1mgRFm-00030l-4M for openvpn-devel@lists.sourceforge.net; Fri, 29 Oct 2021 12:45:00 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Pz2FQWVqPAO4CcJ8hXMJqYTPl90AXfywfdmT8h/1wHk=; b=dAH/sGOKfvG4uZjp5bLjuP72FU 829OLtXcfbSsfjGUntuU92jbSmeajWpFZrYNAjIDeUPXsef8TXuqyG7BF2N715AifaJ7yzt7GPsR+ YqaLO0lRO5mfg1AzVcDfbCRpmuX6QMv0aUQY9rbuwTgBwJon6ZJmhHp5WJIq9merF098=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Pz2FQWVqPAO4CcJ8hXMJqYTPl90AXfywfdmT8h/1wHk=; b=AGKy7SHeVgkxGCnekEaXp2DzlJ BoGrghsqBxaoVZ78Rcc9PsUZCzL+pPToUu0mkqkrgKHI+iH48zrK3teBkQs4iMBfIB1BR71Fx7Wmj W0fj/exyIrevsTz29mrWcSMocDt3+ed+59lCiFD7IGflPQEmFt9H/9dtXWfMoo5a0tko=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) id 1mgRFf-005bxz-5u for openvpn-devel@lists.sourceforge.net; Fri, 29 Oct 2021 12:45:00 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94.2 (FreeBSD)) (envelope-from ) id 1mgPmu-000Ajq-L7 for openvpn-devel@lists.sourceforge.net; Fri, 29 Oct 2021 13:11:08 +0200 Received: (nullmailer pid 2003148 invoked by uid 10006); Fri, 29 Oct 2021 11:11:09 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Fri, 29 Oct 2021 13:11:08 +0200 Message-Id: <20211029111109.2003101-1-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211019183127.614175-1-arne@rfc2549.org> References: <20211019183127.614175-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Even though DES is super outdated and also NTLM is super outdated, eliminating the warnings for OpenSSL 3.0 is still a step in the right direction and using the correct APIs. We cheat a bit by using 3 [...] Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1mgRFf-005bxz-5u Subject: [Openvpn-devel] [PATCH v4] [OSSL 3.0] Implement DES ECB encrypt via EVP_CIPHER api X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Even though DES is super outdated and also NTLM is super outdated, eliminating the warnings for OpenSSL 3.0 is still a step in the right direction and using the correct APIs. We cheat a bit by using 3DES instead of DES to avoid needing legacy provider for DES encryption for now. Patch v4: add unit test, use 3DES to avoid legacy provider for now Signed-off-by: Arne Schwabe Acked-by: Max Fillinger --- src/openvpn/crypto_openssl.c | 40 ++++++++++++++++++++++++-- tests/unit_tests/openvpn/test_crypto.c | 27 ++++++++++++++++- 2 files changed, 63 insertions(+), 4 deletions(-) diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index 6b18551ea..999805e88 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -867,10 +867,44 @@ cipher_des_encrypt_ecb(const unsigned char key[DES_KEY_LENGTH], unsigned char src[DES_KEY_LENGTH], unsigned char dst[DES_KEY_LENGTH]) { - DES_key_schedule sched; + /* We are using 3DES here with three times the same key to cheat + * and emulate DES as 3DES is better supported than DES */ + EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); + if (!ctx) + { + crypto_msg(M_FATAL, "%s: EVP_CIPHER_CTX_new() failed", __func__); + } + + unsigned char key3[DES_KEY_LENGTH*3]; + for (int i = 0;i < 3;i++) + { + memcpy(key3 + (i * DES_KEY_LENGTH), key, DES_KEY_LENGTH); + } - DES_set_key_unchecked((DES_cblock *)key, &sched); - DES_ecb_encrypt((DES_cblock *)src, (DES_cblock *)dst, &sched, DES_ENCRYPT); + if (!EVP_EncryptInit_ex(ctx, EVP_des_ede3_ecb(), NULL, key3, 0)) + { + crypto_msg(M_FATAL, "%s: EVP_EncryptInit_ex() failed", __func__); + } + + int len; + + /* The EVP_EncryptFinal method will write to the dst+len pointer even + * though there is nothing to encrypt anymore, provide space for that to + * not overflow the stack */ + unsigned char dst2[DES_KEY_LENGTH * 2]; + if(!EVP_EncryptUpdate(ctx, dst2, &len, src, DES_KEY_LENGTH)) + { + crypto_msg(M_FATAL, "%s: EVP_EncryptUpdate() failed", __func__); + } + + if (!EVP_EncryptFinal(ctx, dst2 + len, &len)) + { + crypto_msg(M_FATAL, "%s: EVP_EncryptFinal() failed", __func__); + } + + memcpy(dst, dst2, DES_KEY_LENGTH); + + EVP_CIPHER_CTX_free(ctx); } /* diff --git a/tests/unit_tests/openvpn/test_crypto.c b/tests/unit_tests/openvpn/test_crypto.c index 66f53a020..6d8d40896 100644 --- a/tests/unit_tests/openvpn/test_crypto.c +++ b/tests/unit_tests/openvpn/test_crypto.c @@ -212,6 +212,30 @@ crypto_test_hmac(void **state) hmac_ctx_free(hmac); } +void +test_des_encrypt(void **state) +{ + /* We have a small des encrypt method that is only for NTLMv1. This unit + * test ensures that it is not accidentally broken */ + + const unsigned char des_key[DES_KEY_LENGTH] = {0x42, 0x23}; + + const char *src = "MoinWelt"; + + /* cipher_des_encrypt_ecb wants a non const */ + unsigned char *src2 = (unsigned char *) strdup(src); + + unsigned char dst[DES_KEY_LENGTH]; + cipher_des_encrypt_ecb(des_key, src2, dst); + + const unsigned char dst_good[DES_KEY_LENGTH] = {0xd3, 0x8f, 0x61, 0xf7, 0xbe, 0x27, 0xb6, 0xa2}; + + assert_memory_equal(dst, dst_good, DES_KEY_LENGTH); + + free(src2); +} + + int main(void) { @@ -219,7 +243,8 @@ main(void) cmocka_unit_test(crypto_pem_encode_decode_loopback), cmocka_unit_test(crypto_translate_cipher_names), cmocka_unit_test(crypto_test_tls_prf), - cmocka_unit_test(crypto_test_hmac) + cmocka_unit_test(crypto_test_hmac), + cmocka_unit_test(test_des_encrypt) }; #if defined(ENABLE_CRYPTO_OPENSSL)