From patchwork Mon Oct 18 16:41:16 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 1990 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director15.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net with LMTP id KJNYCrs+bmGeNQAAIUCqbw (envelope-from ) for ; Mon, 18 Oct 2021 23:42:51 -0400 Received: from proxy5.mail.iad3b.rsapps.net ([172.31.255.6]) by director15.mail.ord1d.rsapps.net with LMTP id eMocCrs+bmGjeQAAIcMcQg (envelope-from ) for ; Mon, 18 Oct 2021 23:42:51 -0400 Received: from smtp28.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy5.mail.iad3b.rsapps.net with LMTPS id iFe5Ars+bmEhUAAA13hMnw (envelope-from ) for ; Mon, 18 Oct 2021 23:42:51 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp28.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: a1cdaf02-308e-11ec-9f70-525400c8cd63-1-1 Received: from [216.105.38.7] ([216.105.38.7:41286] helo=lists.sourceforge.net) by smtp28.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id B3/BC-17329-ABE3E616; Mon, 18 Oct 2021 23:42:50 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.92.3) (envelope-from ) id 1mcg0T-0007yC-Ag; Tue, 19 Oct 2021 03:41:41 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) (envelope-from ) id 1mcg0S-0007y5-26 for openvpn-devel@lists.sourceforge.net; Tue, 19 Oct 2021 03:41:40 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=iXc4bN8RNnztUJLQHTOefDidoaGJn9A/Y5QTCS3Zy/U=; b=aRL4Pt6j0UbGmDCKMZMfOjraeM b9J2nYkXqa1wRurgBGzgDP5NTD5zlU+vBBxbEhqeGaHBsSVgSWYm3xK81yUjBhBlMX9HsgxLB4hal 8a2lAa8UuAUp9tFUE5v8bdT+xnjbX0V5VfYvLCuhGcpN2gzYE9Va/zAHS3tYMdbwEALQ=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=iXc4bN8RNnztUJLQHTOefDidoaGJn9A/Y5QTCS3Zy/U=; b=A dBXaiC2/XJv3tfwH5Kt02CwxKMlRNeYi0VnIDDWuZvZAdbN+QpaNZAUaCC2oWj5ZNO2EmIhctaSmC Y8+UEEZ2402NHtMk42xvnYqSHeRmVSxG/fyMRHIsc5gC9lGIOLoNx8ND1mzuEGqHW12vH4FJRl2kE 3zjCda+X7as0BRBY=; Received: from mail-qv1-f53.google.com ([209.85.219.53]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.3) id 1mcg0Q-0001le-Va for openvpn-devel@lists.sourceforge.net; Tue, 19 Oct 2021 03:41:40 +0000 Received: by mail-qv1-f53.google.com with SMTP id a16so11503552qvm.2 for ; Mon, 18 Oct 2021 20:41:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=iXc4bN8RNnztUJLQHTOefDidoaGJn9A/Y5QTCS3Zy/U=; b=AVoiArxt1kaa/M4HZIgXfxTCsqR15EVAsCPBfAMbCYpuq1DRrLH7OirxcgXqwoEepR dmU43XwU/neowyJDr+zl31bAiAwYgwLpc8Bm4HWEsnDSoHyQJllKQUKVbsR8/lDkMUgk s4O/H6fyfBhPhfDULNLhxnsxqPSrSZLDY+/JaukjjpnqtWqv/kwBD8gE50f98DUmruAM +FPOkaang2Y8SHEJ3roPnESGNEETEll5emtsCpfDI+zdt5KsuxdhcCpFcyD0b/p68y/A i9MyBcHfwj9w2NjIDk4Kk6DphBWSMkcFesykm5I99i8Dy2ir2eNxsESq39sbibFPjtN7 66bw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=iXc4bN8RNnztUJLQHTOefDidoaGJn9A/Y5QTCS3Zy/U=; b=QICXcnbWKaaiCTvBKS09qWbMMds8SInioTT74ZLL6OflXP/U7Czd/BsH3yMaUnt6CI 4AC/li8stOaOYDGUDzDYRT7h7pnvyqR7BJtvNTrJU+KSUjNl2nNEykN+e78bhPlxbKJG pdP9yjNXu4RyDGDRHImU+Q5KIJ7L9IZnDhu3NZRZG26tzl7imR03ArSEVr0Zq5Lb02n5 iq+6FWWBt3anwYqKtGwPjU4PVTAXZr3UzX+Imxv/nlJD9BaQjGJNzErWG2q0ojurANuN JjNYvUSNJhezw/JqpN9f9a5YeKlPPCTAboD9ABw1E1bZ4g67ZxY9rqU/dxKIfBJIHcvY X1sg== X-Gm-Message-State: AOAM531u0IHp9EgAme3A/Et8Kihlzk6YstYQJD9P9vs0rzdzFr/SycXL sitDjNNlFEd9L916GYKO5HrslDc/ONY= X-Google-Smtp-Source: ABdhPJxLZglT8tXte+d+ckwSS7CXi1Xs35kE43oIe/Jg3jEs+okw4kbm0oFPFYiifUvekQ1r7tOrFg== X-Received: by 2002:a05:6214:194b:: with SMTP id q11mr28805869qvk.38.1634614892877; Mon, 18 Oct 2021 20:41:32 -0700 (PDT) Received: from uranus.home.sansel.ca (bras-vprn-tnhlon4053w-lp130-02-70-51-223-227.dsl.bell.ca. [70.51.223.227]) by smtp.gmail.com with ESMTPSA id u28sm6713388qtc.48.2021.10.18.20.41.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Oct 2021 20:41:32 -0700 (PDT) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Mon, 18 Oct 2021 23:41:16 -0400 Message-Id: <20211019034118.28987-1-selva.nair@gmail.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Selva Nair Some legacy tokens do not have drivers compatible with Windows Cryptography Next generation API (CNG) and require the old CAPI interface. These also do not support anything but RSA_PKCS1 signatures wi [...] Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.219.53 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.219.53 listed in wl.mailspike.net] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1mcg0Q-0001le-Va Subject: [Openvpn-devel] [PATCH 1/3] Require Windows CNG keys for cryptoapicert X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Selva Nair Some legacy tokens do not have drivers compatible with Windows Cryptography Next generation API (CNG) and require the old CAPI interface. These also do not support anything but RSA_PKCS1 signatures with MD5+SHA1 digests, and can only handle TLS 1.1 and older. Continuing to support these add too much maintenance burden especially with newer version of OpenSSL and has very little benefit. - Remove support for non CNG interface which also removes support for such legacy tokens. Keys uploaded to Windows certificate stores are not affected. - Remove support for OpenSSL versions < 1.1.1 in Windows builds Note: TLS 1.0 and 1.1 is still supported. Only signing with legacy tokens that have drivers incompatible with CNG is affected. These can still be used with pkcs11-helper. Tested on Windows 10 with RSA and EC keys in store Signed-off-by: Selva Nair Acked-By: Arne Schwabe --- src/openvpn/cryptoapi.c | 332 ++++++---------------------------------- 1 file changed, 46 insertions(+), 286 deletions(-) diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c index ded8c914..29f40549 100644 --- a/src/openvpn/cryptoapi.c +++ b/src/openvpn/cryptoapi.c @@ -72,9 +72,6 @@ #define CERT_STORE_OPEN_EXISTING_FLAG 0x00004000 #endif -/* Size of an SSL signature: MD5+SHA1 */ -#define SSL_SIG_LENGTH 36 - /* try to funnel any Windows/CryptoAPI error messages to OpenSSL ERR_... */ #define ERR_LIB_CRYPTOAPI (ERR_LIB_USER + 69) /* 69 is just a number... */ #define CRYPTOAPIerr(f) err_put_ms_error(GetLastError(), (f), __FILE__, __LINE__) @@ -305,26 +302,6 @@ err_put_ms_error(DWORD ms_err, int func, const char *file, int line) } } -/* encrypt */ -static int -rsa_pub_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) -{ - /* I haven't been able to trigger this one, but I want to know if it happens... */ - assert(0); - - return 0; -} - -/* verify arbitrary data */ -static int -rsa_pub_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) -{ - /* I haven't been able to trigger this one, but I want to know if it happens... */ - assert(0); - - return 0; -} - /** * Sign the hash in 'from' using NCryptSignHash(). This requires an NCRYPT * key handle in cd->crypt_prov. On return the signature is in 'to'. Returns @@ -378,152 +355,9 @@ priv_enc_CNG(const CAPI_DATA *cd, const wchar_t *hash_algo, const unsigned char return len; } -/* sign arbitrary data */ -static int -rsa_priv_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) -{ - CAPI_DATA *cd = (CAPI_DATA *) RSA_meth_get0_app_data(RSA_get_method(rsa)); - HCRYPTHASH hash; - DWORD hash_size, len, i; - unsigned char *buf; - - if (cd == NULL) - { - RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - - if (padding != RSA_PKCS1_PADDING) - { - /* AFAICS, CryptSignHash() *always* uses PKCS1 padding. */ - RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE); - return 0; - } - - if (cd->key_spec == CERT_NCRYPT_KEY_SPEC) - { - return priv_enc_CNG(cd, NULL, from, flen, to, RSA_size(rsa), - cng_padding_type(padding), 0); - } - - /* Unfortunately, there is no "CryptSign()" function in CryptoAPI, that would - * be way to straightforward for M$, I guess... So we have to do it this - * tricky way instead, by creating a "Hash", and load the already-made hash - * from 'from' into it. */ - /* For now, we only support NID_md5_sha1 */ - if (flen != SSL_SIG_LENGTH) - { - RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, RSA_R_INVALID_MESSAGE_LENGTH); - return 0; - } - if (!CryptCreateHash(cd->crypt_prov, CALG_SSL3_SHAMD5, 0, 0, &hash)) - { - CRYPTOAPIerr(CRYPTOAPI_F_CRYPT_CREATE_HASH); - return 0; - } - len = sizeof(hash_size); - if (!CryptGetHashParam(hash, HP_HASHSIZE, (BYTE *) &hash_size, &len, 0)) - { - CRYPTOAPIerr(CRYPTOAPI_F_CRYPT_GET_HASH_PARAM); - CryptDestroyHash(hash); - return 0; - } - if ((int) hash_size != flen) - { - RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, RSA_R_INVALID_MESSAGE_LENGTH); - CryptDestroyHash(hash); - return 0; - } - if (!CryptSetHashParam(hash, HP_HASHVAL, (BYTE * ) from, 0)) - { - CRYPTOAPIerr(CRYPTOAPI_F_CRYPT_SET_HASH_PARAM); - CryptDestroyHash(hash); - return 0; - } - - len = RSA_size(rsa); - buf = malloc(len); - if (buf == NULL) - { - RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE); - CryptDestroyHash(hash); - return 0; - } - if (!CryptSignHash(hash, cd->key_spec, NULL, 0, buf, &len)) - { - CRYPTOAPIerr(CRYPTOAPI_F_CRYPT_SIGN_HASH); - CryptDestroyHash(hash); - free(buf); - return 0; - } - /* and now, we have to reverse the byte-order in the result from CryptSignHash()... */ - for (i = 0; i < len; i++) - { - to[i] = buf[len - i - 1]; - } - free(buf); - - CryptDestroyHash(hash); - return len; -} - -/** - * Sign the hash in |m| and return the signature in |sig|. - * Returns 1 on success, 0 on error. - * NCryptSignHash() is used to sign and it is instructed to add the - * the PKCS #1 DigestInfo header to |m| unless the hash algorithm is - * the MD5/SHA1 combination used in TLS 1.1 and earlier versions. - * OpenSSL exercises this callback only when padding is PKCS1 v1.5. - */ -static int -rsa_sign_CNG(int type, const unsigned char *m, unsigned int m_len, - unsigned char *sig, unsigned int *siglen, const RSA *rsa) -{ - CAPI_DATA *cd = (CAPI_DATA *) RSA_meth_get0_app_data(RSA_get_method(rsa)); - const wchar_t *alg = NULL; - int padding = RSA_PKCS1_PADDING; - - *siglen = 0; - if (cd == NULL) - { - RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - - alg = cng_hash_algo(type); - if (alg && wcscmp(alg, L"UNKNOWN") == 0) - { - RSAerr(RSA_F_RSA_SIGN, RSA_R_UNKNOWN_ALGORITHM_TYPE); - return 0; - } - - *siglen = priv_enc_CNG(cd, alg, m, (int)m_len, sig, RSA_size(rsa), - cng_padding_type(padding), 0); - - return (*siglen == 0) ? 0 : 1; -} - -/* decrypt */ -static int -rsa_priv_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) -{ - /* I haven't been able to trigger this one, but I want to know if it happens... */ - assert(0); - - return 0; -} - -/* called at RSA_new */ -static int -init(RSA *rsa) -{ - - return 0; -} - /* called at RSA_free */ static int -finish(RSA *rsa) +rsa_finish(RSA *rsa) { const RSA_METHOD *rsa_meth = RSA_get_method(rsa); CAPI_DATA *cd = (CAPI_DATA *) RSA_meth_get0_app_data(rsa_meth); @@ -537,7 +371,7 @@ finish(RSA *rsa) return 1; } -#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(OPENSSL_NO_EC) +#if !defined(OPENSSL_NO_EC) static EC_KEY_METHOD *ec_method = NULL; @@ -657,12 +491,6 @@ ssl_ctx_set_eckey(SSL_CTX *ssl_ctx, CAPI_DATA *cd, EVP_PKEY *pkey) EC_KEY *ec = NULL; EVP_PKEY *privkey = NULL; - if (cd->key_spec != CERT_NCRYPT_KEY_SPEC) - { - msg(M_NONFATAL, "ERROR: cryptoapicert with only legacy private key handle available." - " EC certificate not supported."); - goto err; - } /* create a method struct with default callbacks filled in */ ec_method = EC_KEY_METHOD_new(EC_KEY_OpenSSL()); if (!ec_method) @@ -730,7 +558,7 @@ err: return 0; } -#endif /* OPENSSL_VERSION_NUMBER >= 1.1.0 */ +#endif /* !defined(OPENSSL_NO_EC) */ static const CERT_CONTEXT * find_certificate_in_store(const char *cert_prop, HCERTSTORE cert_store) @@ -832,8 +660,6 @@ out: return rv; } -#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) - static const CAPI_DATA * retrieve_capi_data(EVP_PKEY *pkey) { @@ -1003,125 +829,80 @@ pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, return (*siglen == 0) ? 0 : 1; } -#endif /* OPENSSL_VERSION >= 1.1.0 */ - static int ssl_ctx_set_rsakey(SSL_CTX *ssl_ctx, CAPI_DATA *cd, EVP_PKEY *pkey) { - RSA *rsa = NULL, *pub_rsa; + RSA *rsa = NULL; RSA_METHOD *my_rsa_method = NULL; - bool rsa_method_set = false; + EVP_PKEY *privkey = NULL; + int ret = 0; my_rsa_method = RSA_meth_new("Microsoft Cryptography API RSA Method", RSA_METHOD_FLAG_NO_CHECK); check_malloc_return(my_rsa_method); - RSA_meth_set_pub_enc(my_rsa_method, rsa_pub_enc); - RSA_meth_set_pub_dec(my_rsa_method, rsa_pub_dec); - RSA_meth_set_priv_enc(my_rsa_method, rsa_priv_enc); - RSA_meth_set_priv_dec(my_rsa_method, rsa_priv_dec); - RSA_meth_set_init(my_rsa_method, NULL); - RSA_meth_set_finish(my_rsa_method, finish); + RSA_meth_set_finish(my_rsa_method, rsa_finish); /* we use this callback to cleanup CAPI_DATA */ RSA_meth_set0_app_data(my_rsa_method, cd); - /* - * For CNG, set the RSA_sign method which gets priority over priv_enc(). - * This method is called with the raw hash without the digestinfo - * header and works better when using NCryptSignHash() with some tokens. - * However, if PSS padding is in use, openssl does not call this - * function but adds the padding and then calls rsa_priv_enc() - * with padding set to NONE which is not supported by CNG. - * So, when posisble (OpenSSL 1.1.0 and up), we hook on to the sign - * operation in EVP_PKEY_METHOD struct. - */ - if (cd->key_spec == CERT_NCRYPT_KEY_SPEC) + /* pmethod is global -- initialize only if NULL */ + if (!pmethod) { -#if (OPENSSL_VERSION_NUMBER < 0x10100000L) - RSA_meth_set_sign(my_rsa_method, rsa_sign_CNG); -#else - /* pmethod is global -- initialize only if NULL */ + pmethod = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0); if (!pmethod) { - pmethod = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0); - if (!pmethod) - { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_MALLOC_FAILURE); - goto err; - } - const EVP_PKEY_METHOD *default_pmethod = EVP_PKEY_meth_find(EVP_PKEY_RSA); - EVP_PKEY_meth_copy(pmethod, default_pmethod); - - /* We want to override only sign_init() and sign() */ - EVP_PKEY_meth_set_sign(pmethod, pkey_rsa_sign_init, pkey_rsa_sign); - EVP_PKEY_meth_add0(pmethod); + SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_MALLOC_FAILURE); + return 0; + } + const EVP_PKEY_METHOD *default_pmethod = EVP_PKEY_meth_find(EVP_PKEY_RSA); + EVP_PKEY_meth_copy(pmethod, default_pmethod); - /* Keep a copy of the default sign and sign_init methods */ + /* We want to override only sign_init() and sign() */ + EVP_PKEY_meth_set_sign(pmethod, pkey_rsa_sign_init, pkey_rsa_sign); + EVP_PKEY_meth_add0(pmethod); -#if (OPENSSL_VERSION_NUMBER < 0x1010009fL) /* > version 1.1.0i */ - /* The function signature is not const-correct in these versions */ - EVP_PKEY_meth_get_sign((EVP_PKEY_METHOD *)default_pmethod, &default_pkey_sign_init, - &default_pkey_sign); -#else - EVP_PKEY_meth_get_sign(default_pmethod, &default_pkey_sign_init, - &default_pkey_sign); + /* Keep a copy of the default sign and sign_init methods */ -#endif - } -#endif /* (OPENSSL_VERSION_NUMBER < 0x10100000L) */ + EVP_PKEY_meth_get_sign(default_pmethod, &default_pkey_sign_init, + &default_pkey_sign); } - rsa = RSA_new(); - if (rsa == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_MALLOC_FAILURE); - goto err; - } + rsa = EVP_PKEY_get1_RSA(pkey); - pub_rsa = EVP_PKEY_get0_RSA(pkey); - if (!pub_rsa) - { - goto err; - } - - /* Our private key is external, so we fill in only n and e from the public key */ - const BIGNUM *n = NULL; - const BIGNUM *e = NULL; - RSA_get0_key(pub_rsa, &n, &e, NULL); - BIGNUM *rsa_n = BN_dup(n); - BIGNUM *rsa_e = BN_dup(e); - if (!rsa_n || !rsa_e || !RSA_set0_key(rsa, rsa_n, rsa_e, NULL)) - { - BN_free(rsa_n); /* ok to free even if NULL */ - BN_free(rsa_e); - msg(M_NONFATAL, "ERROR: %s: out of memory", __func__); - goto err; - } RSA_set_flags(rsa, RSA_flags(rsa) | RSA_FLAG_EXT_PKEY); if (!RSA_set_method(rsa, my_rsa_method)) { - goto err; + goto cleanup; } - rsa_method_set = true; /* flag that method pointer will get freed with the key */ + my_rsa_method = NULL; /* we do not want to free it in cleanup */ cd->ref_count++; /* with method, cd gets assigned to the key as well */ - if (!SSL_CTX_use_RSAPrivateKey(ssl_ctx, rsa)) + privkey = EVP_PKEY_new(); + if (!EVP_PKEY_assign_RSA(privkey, rsa)) { - goto err; + goto cleanup; } - /* SSL_CTX_use_RSAPrivateKey() increased the reference count in 'rsa', so - * we decrease it here with RSA_free(), or it will never be cleaned up. */ - RSA_free(rsa); - return 1; + rsa = NULL; /* privkey has taken ownership */ -err: + if (!SSL_CTX_use_PrivateKey(ssl_ctx, privkey)) + { + goto cleanup; + } + ret = 1; + +cleanup: if (rsa) { RSA_free(rsa); } - if (my_rsa_method && !rsa_method_set) + if (my_rsa_method) { RSA_meth_free(my_rsa_method); } - return 0; + if (privkey) + { + EVP_PKEY_free(privkey); + } + + return ret; } int @@ -1174,9 +955,9 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) } /* set up stuff to use the private key */ - /* We prefer to get an NCRYPT key handle so that TLS1.2 can be supported */ + /* We support NCRYPT key handles only */ DWORD flags = CRYPT_ACQUIRE_COMPARE_KEY_FLAG - | CRYPT_ACQUIRE_PREFER_NCRYPT_KEY_FLAG; + | CRYPT_ACQUIRE_ONLY_NCRYPT_KEY_FLAG; if (!CryptAcquireCertificatePrivateKey(cd->cert_context, flags, NULL, &cd->crypt_prov, &cd->key_spec, &cd->free_crypt_prov)) { @@ -1189,27 +970,6 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) /* here we don't need to do CryptGetUserKey() or anything; all necessary key * info is in cd->cert_context, and then, in cd->crypt_prov. */ - /* if we do not have an NCRYPT key handle restrict TLS to v1.1 or lower */ - int max_version = SSL_CTX_get_max_proto_version(ssl_ctx); - if ((!max_version || max_version > TLS1_1_VERSION) - && cd->key_spec != CERT_NCRYPT_KEY_SPEC) - { - msg(M_WARN, "WARNING: cryptoapicert: private key is in a legacy store." - " Restricting TLS version to 1.1"); - if (SSL_CTX_get_min_proto_version(ssl_ctx) > TLS1_1_VERSION) - { - msg(M_NONFATAL, - "ERROR: cryptoapicert: min TLS version larger than 1.1." - " Try config option --tls-version-min 1.1"); - goto err; - } - if (!SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_1_VERSION)) - { - msg(M_NONFATAL, "ERROR: cryptoapicert: set max TLS version failed"); - goto err; - } - } - /* Public key in cert is NULL until we call SSL_CTX_use_certificate(), * so we do it here then... */ if (!SSL_CTX_use_certificate(ssl_ctx, cert)) @@ -1232,7 +992,7 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) goto err; } } -#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(OPENSSL_NO_EC) +#if !defined(OPENSSL_NO_EC) else if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) { if (!ssl_ctx_set_eckey(ssl_ctx, cd, pkey)) @@ -1240,7 +1000,7 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) goto err; } } -#endif /* OPENSSL_VERSION_NUMBER >= 1.1.0 */ +#endif /* !defined(OPENSSL_NO_EC) */ else { msg(M_WARN, "WARNING: cryptoapicert: certificate type not supported"); From patchwork Mon Oct 18 16:41:17 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 1989 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director11.mail.ord1d.rsapps.net ([172.27.255.51]) by backend30.mail.ord1d.rsapps.net with LMTP id 8PYEKLo+bmGeNQAAIUCqbw (envelope-from ) for ; Mon, 18 Oct 2021 23:42:50 -0400 Received: from proxy14.mail.iad3a.rsapps.net ([172.27.255.51]) by director11.mail.ord1d.rsapps.net with LMTP id GG/iJ7o+bmEgFQAAvGGmqA (envelope-from ) for ; Mon, 18 Oct 2021 23:42:50 -0400 Received: from smtp22.gate.iad3a ([172.27.255.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy14.mail.iad3a.rsapps.net with LMTPS id YMpQOb8+bmF2cAAA1+b4IQ (envelope-from ) for ; Mon, 18 Oct 2021 23:42:55 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp22.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: a1896e50-308e-11ec-8e99-5254005ae9fe-1-1 Received: from [216.105.38.7] ([216.105.38.7:57670] helo=lists.sourceforge.net) by smtp22.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 4F/FB-23233-ABE3E616; Mon, 18 Oct 2021 23:42:50 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1mcg0c-00052Y-8U; Tue, 19 Oct 2021 03:41:50 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mcg0a-00052L-Tl for openvpn-devel@lists.sourceforge.net; Tue, 19 Oct 2021 03:41:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=FlMu2MGzUxuUWtMRKrGP7yXADSwzU9Ur/I7zPKbl6E8=; b=dnhB9SIZdgW5XCMACmxlN6CmaG OLtp2k4fHAQB0cc3t4tG+KPn2FmkWePXfG1NNS498024h7sPjizdmzHD27kAT4vD/TCEtDKgApikq Cd168KVJ0vd5sHfcz9k73rZXzPRcdsO04/Rgqqc1JNFg+Wwtx6Fi2EzXnQkv1a0h59go=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=FlMu2MGzUxuUWtMRKrGP7yXADSwzU9Ur/I7zPKbl6E8=; b=GmqMmqf3nghwnY2AMkJXv7SNjb VLUN7FJNwIPmBMzmV4Tf0Q3S+cQbKuodkWN7SLNkg86Z/d2fOveoTkvYVokQOIIoJfW19/GnFJ2L+ A4Y0tbsRURSQbjLoDVdGOzRMtUDqcrjAomtIYEGxCw6KcZpTJbnM8uSHtHvPwZfz68y8=; Received: from mail-qt1-f182.google.com ([209.85.160.182]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.3) id 1mcg0W-005FkQ-Iv for openvpn-devel@lists.sourceforge.net; Tue, 19 Oct 2021 03:41:48 +0000 Received: by mail-qt1-f182.google.com with SMTP id n2so3812547qta.2 for ; Mon, 18 Oct 2021 20:41:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=FlMu2MGzUxuUWtMRKrGP7yXADSwzU9Ur/I7zPKbl6E8=; b=j3iOXYnR6cplyaXiS2NzDItKl27ghxa6kmF5EmMop2CeDWq2MuK3eGQLMaZDVJ2owP YcOTJFumtHUcFHekooVeRsiDT8X22HVU7ye4I2mDTF6P1mArFVFf3z9gDTVWA7NkNRii p3EXAkeSy4azu1HOzOcbOmpl+do8G7uxsPO8B9Idt1FuSftrp4XJ3GKaAPT43/tp7h9q ifXqs/avciyWQzXcL/I1auAqUP3BeEK5U1k697mlhrR3IGGEOM7+UA8Y7PI+ghqgdOz3 7o+qh0Y9MN/BJHByXUn1+WKiFp0HTrJdr1TceiEtNHwwZKXxZH9I3fXHO5w1WawHPL1p PUAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=FlMu2MGzUxuUWtMRKrGP7yXADSwzU9Ur/I7zPKbl6E8=; b=H6avCT6i53iqGkyPhAACWUgk1Bwp47WJkQqC5TS/iQmWNS8TJUJLVUh/uy3aqx8A25 n2Om1S4IGKa6rzNuPTk8EH+i940zZHsRchbZx8bpdgDOeOS140ee35oAFltSH8dnjSvY 81lX/m9N8Y31gOhhCZOpmMiKEkEc4i9yj/EBRcu4tVt8rmTYQBVow9jV/lTSU4lynRrV SfdNaPzHISCvPeC2JkYSd3jNtFwKwjULB0OPZ7ti/HEpJgr5hOLaA1uM/peKEC2c85Px FYBWLirs6/qvoBgiWzBRjgkxmLR0tT3+HqftYrxXWv7XAiKmhTWtoEcp/LXT1jbc5BBf B55Q== X-Gm-Message-State: AOAM533vyodPg1H8cW7u/EZuinEafJdSSdawnRBE7kgrHD+J71qfJUqc KHKhLvgkzJ4NtA1OQ9y8QsXNFQvENGU= X-Google-Smtp-Source: ABdhPJxhmJjFQ5CvMNK+dmL2Y++IZKItiUGODl6Patde29rT30DDGyz/bJc/U4XmIDhobS/9VNykdg== X-Received: by 2002:ac8:7fcf:: with SMTP id b15mr33352843qtk.363.1634614898524; Mon, 18 Oct 2021 20:41:38 -0700 (PDT) Received: from uranus.home.sansel.ca (bras-vprn-tnhlon4053w-lp130-02-70-51-223-227.dsl.bell.ca. [70.51.223.227]) by smtp.gmail.com with ESMTPSA id u28sm6713388qtc.48.2021.10.18.20.41.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Oct 2021 20:41:38 -0700 (PDT) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Mon, 18 Oct 2021 23:41:17 -0400 Message-Id: <20211019034118.28987-2-selva.nair@gmail.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20211019034118.28987-1-selva.nair@gmail.com> References: <20211019034118.28987-1-selva.nair@gmail.com> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Selva Nair There is no advantage in injecting/redirecting errors into OpenSSL as we can, and we do, report these directly using our own logging functions. This code probably originated from CAPI engine where suc [...] Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.160.182 listed in list.dnswl.org] 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [209.85.160.182 listed in wl.mailspike.net] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-Headers-End: 1mcg0W-005FkQ-Iv Subject: [Openvpn-devel] [PATCH 2/3] Remove error injection into OpenSSL from cryptoapi.c X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Selva Nair There is no advantage in injecting/redirecting errors into OpenSSL as we can, and we do, report these directly using our own logging functions. This code probably originated from CAPI engine where such usage made sense. And, in cases when the error is within OpenSSL, guessing a reason (like out of memory) and inserting it into the OpenSSL error stack looks pointless. As a bonus, the code gets leaner and a lot less cruft. Some error messages are slightly edited and all near-fatal errors are logged with M_NONFATAL and "Error in cryptoapicert:" prefix. Also remove some defines for mingw that we do not need. Signed-off-by: Selva Nair Acked-By: Arne Schwabe --- src/openvpn/cryptoapi.c | 190 ++++++---------------------------------- 1 file changed, 26 insertions(+), 164 deletions(-) diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c index 29f40549..c97dbfbf 100644 --- a/src/openvpn/cryptoapi.c +++ b/src/openvpn/cryptoapi.c @@ -53,54 +53,6 @@ #include "openssl_compat.h" #include "win32.h" -/* MinGW w32api 3.17 is still incomplete when it comes to CryptoAPI while - * MinGW32-w64 defines all macros used. This is a hack around that problem. - */ -#ifndef CERT_SYSTEM_STORE_LOCATION_SHIFT -#define CERT_SYSTEM_STORE_LOCATION_SHIFT 16 -#endif -#ifndef CERT_SYSTEM_STORE_CURRENT_USER_ID -#define CERT_SYSTEM_STORE_CURRENT_USER_ID 1 -#endif -#ifndef CERT_SYSTEM_STORE_CURRENT_USER -#define CERT_SYSTEM_STORE_CURRENT_USER (CERT_SYSTEM_STORE_CURRENT_USER_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT) -#endif -#ifndef CERT_STORE_READONLY_FLAG -#define CERT_STORE_READONLY_FLAG 0x00008000 -#endif -#ifndef CERT_STORE_OPEN_EXISTING_FLAG -#define CERT_STORE_OPEN_EXISTING_FLAG 0x00004000 -#endif - -/* try to funnel any Windows/CryptoAPI error messages to OpenSSL ERR_... */ -#define ERR_LIB_CRYPTOAPI (ERR_LIB_USER + 69) /* 69 is just a number... */ -#define CRYPTOAPIerr(f) err_put_ms_error(GetLastError(), (f), __FILE__, __LINE__) -#define CRYPTOAPI_F_CERT_OPEN_SYSTEM_STORE 100 -#define CRYPTOAPI_F_CERT_FIND_CERTIFICATE_IN_STORE 101 -#define CRYPTOAPI_F_CRYPT_ACQUIRE_CERTIFICATE_PRIVATE_KEY 102 -#define CRYPTOAPI_F_CRYPT_CREATE_HASH 103 -#define CRYPTOAPI_F_CRYPT_GET_HASH_PARAM 104 -#define CRYPTOAPI_F_CRYPT_SET_HASH_PARAM 105 -#define CRYPTOAPI_F_CRYPT_SIGN_HASH 106 -#define CRYPTOAPI_F_LOAD_LIBRARY 107 -#define CRYPTOAPI_F_GET_PROC_ADDRESS 108 -#define CRYPTOAPI_F_NCRYPT_SIGN_HASH 109 - -static ERR_STRING_DATA CRYPTOAPI_str_functs[] = { - { ERR_PACK(ERR_LIB_CRYPTOAPI, 0, 0), "microsoft cryptoapi"}, - { ERR_PACK(0, CRYPTOAPI_F_CERT_OPEN_SYSTEM_STORE, 0), "CertOpenSystemStore" }, - { ERR_PACK(0, CRYPTOAPI_F_CERT_FIND_CERTIFICATE_IN_STORE, 0), "CertFindCertificateInStore" }, - { ERR_PACK(0, CRYPTOAPI_F_CRYPT_ACQUIRE_CERTIFICATE_PRIVATE_KEY, 0), "CryptAcquireCertificatePrivateKey" }, - { ERR_PACK(0, CRYPTOAPI_F_CRYPT_CREATE_HASH, 0), "CryptCreateHash" }, - { ERR_PACK(0, CRYPTOAPI_F_CRYPT_GET_HASH_PARAM, 0), "CryptGetHashParam" }, - { ERR_PACK(0, CRYPTOAPI_F_CRYPT_SET_HASH_PARAM, 0), "CryptSetHashParam" }, - { ERR_PACK(0, CRYPTOAPI_F_CRYPT_SIGN_HASH, 0), "CryptSignHash" }, - { ERR_PACK(0, CRYPTOAPI_F_LOAD_LIBRARY, 0), "LoadLibrary" }, - { ERR_PACK(0, CRYPTOAPI_F_GET_PROC_ADDRESS, 0), "GetProcAddress" }, - { ERR_PACK(0, CRYPTOAPI_F_NCRYPT_SIGN_HASH, 0), "NCryptSignHash" }, - { 0, NULL } -}; - /* index for storing external data in EC_KEY: < 0 means uninitialized */ static int ec_data_idx = -1; @@ -215,93 +167,6 @@ CAPI_DATA_free(CAPI_DATA *cd) free(cd); } -static char * -ms_error_text(DWORD ms_err) -{ - LPVOID lpMsgBuf = NULL; - char *rv = NULL; - - FormatMessage( - FORMAT_MESSAGE_ALLOCATE_BUFFER - |FORMAT_MESSAGE_FROM_SYSTEM - |FORMAT_MESSAGE_IGNORE_INSERTS, - NULL, ms_err, - MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */ - (LPTSTR) &lpMsgBuf, 0, NULL); - if (lpMsgBuf) - { - char *p; - rv = string_alloc(lpMsgBuf, NULL); - LocalFree(lpMsgBuf); - /* trim to the left */ - if (rv) - { - for (p = rv + strlen(rv) - 1; p >= rv; p--) - { - if (isspace(*p)) - { - *p = '\0'; - } - else - { - break; - } - } - } - } - return rv; -} - -static void -err_put_ms_error(DWORD ms_err, int func, const char *file, int line) -{ - static int init = 0; -#define ERR_MAP_SZ 16 - static struct { - int err; - DWORD ms_err; /* I don't think we get more than 16 *different* errors */ - } err_map[ERR_MAP_SZ]; /* in here, before we give up the whole thing... */ - int i; - - if (ms_err == 0) - { - /* 0 is not an error */ - return; - } - if (!init) - { - ERR_load_strings(ERR_LIB_CRYPTOAPI, CRYPTOAPI_str_functs); - memset(&err_map, 0, sizeof(err_map)); - init++; - } - /* since MS error codes are 32 bit, and the ones in the ERR_... system is - * only 12, we must have a mapping table between them. */ - for (i = 0; i < ERR_MAP_SZ; i++) - { - if (err_map[i].ms_err == ms_err) - { - ERR_PUT_error(ERR_LIB_CRYPTOAPI, func, err_map[i].err, file, line); - break; - } - else if (err_map[i].ms_err == 0) - { - /* end of table, add new entry */ - ERR_STRING_DATA *esd = calloc(2, sizeof(*esd)); - if (esd == NULL) - { - break; - } - err_map[i].ms_err = ms_err; - err_map[i].err = esd->error = i + 100; - esd->string = ms_error_text(ms_err); - check_malloc_return(esd->string); - ERR_load_strings(ERR_LIB_CRYPTOAPI, esd); - ERR_PUT_error(ERR_LIB_CRYPTOAPI, func, err_map[i].err, file, line); - break; - } - } -} - /** * Sign the hash in 'from' using NCryptSignHash(). This requires an NCRYPT * key handle in cd->crypt_prov. On return the signature is in 'to'. Returns @@ -340,14 +205,14 @@ priv_enc_CNG(const CAPI_DATA *cd, const wchar_t *hash_algo, const unsigned char } else { - RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE); + msg(M_NONFATAL, "Error in cryptoapicert: Unknown padding type"); return 0; } if (status != ERROR_SUCCESS) { SetLastError(status); - CRYPTOAPIerr(CRYPTOAPI_F_NCRYPT_SIGN_HASH); + msg(M_NONFATAL|M_ERRNO, "Error in cryptoapicert: NCryptSignHash failed"); len = 0; } @@ -447,7 +312,7 @@ ecdsa_sign_sig(const unsigned char *dgst, int dgstlen, if (status != ERROR_SUCCESS) { SetLastError(status); - CRYPTOAPIerr(CRYPTOAPI_F_NCRYPT_SIGN_HASH); + msg(M_NONFATAL|M_ERRNO, "Error in cryptoapticert: NCryptSignHash failed"); } else { @@ -476,7 +341,7 @@ ecdsa_sign(int type, const unsigned char *dgst, int dgstlen, unsigned char *sig, if (len > ECDSA_size(ec)) { ECDSA_SIG_free(s); - msg(M_NONFATAL,"Error: DER encoded ECDSA signature is too long (%d bytes)", len); + msg(M_NONFATAL,"Error in cryptoapicert: DER encoded ECDSA signature is too long (%d bytes)", len); return 0; } *siglen = i2d_ECDSA_SIG(s, &sig); @@ -608,7 +473,7 @@ find_certificate_in_store(const char *cert_prop, HCERTSTORE cert_store) } if (!*++p) /* unexpected end of string */ { - msg(M_WARN, "WARNING: cryptoapicert: error parsing .", cert_prop); + msg(M_WARN|M_INFO, "WARNING: cryptoapicert: error parsing .", cert_prop); goto out; } if (*p >= '0' && *p <= '9') @@ -633,7 +498,7 @@ find_certificate_in_store(const char *cert_prop, HCERTSTORE cert_store) } else { - msg(M_WARN, "WARNING: cryptoapicert: unsupported certificate specification <%s>", cert_prop); + msg(M_NONFATAL, "Error in cryptoapicert: unsupported certificate specification <%s>", cert_prop); goto out; } @@ -651,7 +516,7 @@ find_certificate_in_store(const char *cert_prop, HCERTSTORE cert_store) { break; } - msg(M_WARN, "WARNING: cryptoapicert: ignoring certificate in store %s.", + msg(M_WARN|M_INFO, "WARNING: cryptoapicert: ignoring certificate in store %s.", validity < 0 ? "not yet valid" : "that has expired"); } @@ -731,7 +596,7 @@ pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, } else /* This should not happen */ { - msg(M_FATAL, "cryptopaicert: Unknown key and no default sign operation to fallback on"); + msg(M_FATAL, "Error in cryptoapicert: Unknown key and no default sign operation to fallback on"); return -1; } } @@ -752,20 +617,19 @@ pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, */ if (alg && wcscmp(alg, L"UNKNOWN") == 0) { - RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_UNKNOWN_ALGORITHM_TYPE); + msg(M_NONFATAL, "Error in cryptoapicert: Unknown hash algorithm <%d>", EVP_MD_type(md)); return -1; } } else { - msg(M_NONFATAL, "cryptoapicert: could not determine the signature digest algorithm"); - RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_UNKNOWN_ALGORITHM_TYPE); + msg(M_NONFATAL, "Error in cryptoapicert: could not determine the signature digest algorithm"); return -1; } if (tbslen != (size_t)hashlen) { - RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_INVALID_DIGEST_LENGTH); + msg(M_NONFATAL, "Error in cryptoapicert: data size does not match hash"); return -1; } @@ -783,14 +647,14 @@ pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, if (!EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, &mgf1md) || EVP_MD_type(mgf1md) != EVP_MD_type(md)) { - msg(M_NONFATAL, "cryptoapicert: Unknown MGF1 digest type or does" + msg(M_NONFATAL, "Error in cryptoapicert: Unknown MGF1 digest type or does" " not match the signature digest type."); - RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_UNSUPPORTED_MASK_PARAMETER); + return -1; } if (!EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, &saltlen)) { - msg(M_WARN, "cryptoapicert: unable to get the salt length from context." + msg(M_WARN|M_INFO, "cryptoapicert: unable to get the salt length from context." " Using the default value."); saltlen = -1; } @@ -816,7 +680,7 @@ pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, if (saltlen < 0) { - RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + msg(M_NONFATAL, "Error in cryptoapicert: invalid salt length (%d). Digest too large for keysize?", saltlen); return -1; } msg(D_LOW, "cryptoapicert: PSS padding using saltlen = %d", saltlen); @@ -849,7 +713,7 @@ ssl_ctx_set_rsakey(SSL_CTX *ssl_ctx, CAPI_DATA *cd, EVP_PKEY *pkey) pmethod = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0); if (!pmethod) { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_MALLOC_FAILURE); + msg(M_NONFATAL, "Error in cryptoapicert: failed to create EVP_PKEY_METHOD"); return 0; } const EVP_PKEY_METHOD *default_pmethod = EVP_PKEY_meth_find(EVP_PKEY_RSA); @@ -914,7 +778,7 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) if (cd == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_MALLOC_FAILURE); + msg(M_NONFATAL, "Error in cryptoapicert: out of memory"); goto err; } /* search CURRENT_USER first, then LOCAL_MACHINE */ @@ -922,7 +786,7 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) |CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG, L"MY"); if (cs == NULL) { - CRYPTOAPIerr(CRYPTOAPI_F_CERT_OPEN_SYSTEM_STORE); + msg(M_NONFATAL|M_ERRNO, "Error in cryptoapicert: failed to open user certficate store"); goto err; } cd->cert_context = find_certificate_in_store(cert_prop, cs); @@ -933,14 +797,14 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) |CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG, L"MY"); if (cs == NULL) { - CRYPTOAPIerr(CRYPTOAPI_F_CERT_OPEN_SYSTEM_STORE); + msg(M_NONFATAL|M_ERRNO, "Error in cryptoapicert: failed to open machine certficate store"); goto err; } cd->cert_context = find_certificate_in_store(cert_prop, cs); CertCloseStore(cs, 0); if (cd->cert_context == NULL) { - CRYPTOAPIerr(CRYPTOAPI_F_CERT_FIND_CERTIFICATE_IN_STORE); + msg(M_NONFATAL, "Error in cryptoapicert: certificate matching <%s> not found", cert_prop); goto err; } } @@ -950,7 +814,7 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) cd->cert_context->cbCertEncoded); if (cert == NULL) { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_ASN1_LIB); + msg(M_NONFATAL, "Error in cryptoapicert: X509 certificate decode failed"); goto err; } @@ -961,14 +825,11 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) if (!CryptAcquireCertificatePrivateKey(cd->cert_context, flags, NULL, &cd->crypt_prov, &cd->key_spec, &cd->free_crypt_prov)) { - /* if we don't have a smart card reader here, and we try to access a - * smart card certificate, we get: - * "Error 1223: The operation was canceled by the user." */ - CRYPTOAPIerr(CRYPTOAPI_F_CRYPT_ACQUIRE_CERTIFICATE_PRIVATE_KEY); + /* private key may be in a token not available, or incompatible with CNG */ + msg(M_NONFATAL|M_ERRNO, "Error in cryptoapicert: failed to acquire key. Key not present or " + "is in a legacy token not supported by Windows CNG API"); goto err; } - /* here we don't need to do CryptGetUserKey() or anything; all necessary key - * info is in cd->cert_context, and then, in cd->crypt_prov. */ /* Public key in cert is NULL until we call SSL_CTX_use_certificate(), * so we do it here then... */ @@ -1003,7 +864,8 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) #endif /* !defined(OPENSSL_NO_EC) */ else { - msg(M_WARN, "WARNING: cryptoapicert: certificate type not supported"); + msg(M_WARN|M_INFO, "WARNING: cryptoapicert: key type <%d> not supported", + EVP_PKEY_id(pkey)); goto err; } CAPI_DATA_free(cd); /* this will do a ref_count-- */ From patchwork Mon Oct 18 16:41:18 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 1988 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director15.mail.ord1d.rsapps.net ([172.27.255.59]) by backend30.mail.ord1d.rsapps.net with LMTP id oMQxGbk+bmFvNQAAIUCqbw (envelope-from ) for ; Mon, 18 Oct 2021 23:42:49 -0400 Received: from proxy17.mail.iad3a.rsapps.net ([172.27.255.59]) by director15.mail.ord1d.rsapps.net with LMTP id qBTfGLk+bmGjeQAAIcMcQg (envelope-from ) for ; Mon, 18 Oct 2021 23:42:49 -0400 Received: from smtp39.gate.iad3a ([172.27.255.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy17.mail.iad3a.rsapps.net with LMTPS id mvB8OLg+bmHHAgAAR4KW9A (envelope-from ) for ; Mon, 18 Oct 2021 23:42:48 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp39.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: a0db6418-308e-11ec-b433-525400eea4e4-1-1 Received: from [216.105.38.7] ([216.105.38.7:36284] helo=lists.sourceforge.net) by smtp39.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 8F/CF-08932-8BE3E616; Mon, 18 Oct 2021 23:42:49 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1mcg0g-000493-5i; Tue, 19 Oct 2021 03:41:54 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mcg0f-00048w-9b for openvpn-devel@lists.sourceforge.net; Tue, 19 Oct 2021 03:41:53 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=5ptVJqHnrABIU8jGhvoD+aTvnEhkxdS3DHfIYBevqI8=; b=BR8PHhLsT6KReP7hjoNKtdu9Kv P1CwWgOorpHio4W4FplIr7EmJ1gVHaYsXC36tWxRjWc68jAAPrHbXfBxZMxio3fOxEF6Go6HQ82h1 bu1UDXdipWH+XTnUBjcRUO5tWqQnzW0iCjKZBJqEk+yQQW+YdTmUT8Xt1M+xohih7QNg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=5ptVJqHnrABIU8jGhvoD+aTvnEhkxdS3DHfIYBevqI8=; b=gDBmNnlsIBc90YyajCIKWlKFVB Ym8Yz1+ki35MTmKqV/pwQmTSps4IXya8P0fIBW7HK1yv4Hg4iwZkaQLTEb3c6lT/xgs6ecUXFe7KP 8g/Gyr6TcLzNYp6ifHwwe0CeCKrPEl6U7j1A8zT1L4iEE8ppDOXVv6e6+RUBmSvzlKBo=; Received: from mail-qk1-f171.google.com ([209.85.222.171]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.3) id 1mcg0b-0001m1-2X for openvpn-devel@lists.sourceforge.net; Tue, 19 Oct 2021 03:41:53 +0000 Received: by mail-qk1-f171.google.com with SMTP id h20so12869671qko.13 for ; Mon, 18 Oct 2021 20:41:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=5ptVJqHnrABIU8jGhvoD+aTvnEhkxdS3DHfIYBevqI8=; b=l/TJJ6ZtD7h3CDwp9tLYxI0CAsXIZ5fqjSYl6bazIqlHDRPhT5e3hOyTMrhF2RYojs Hn7JsJ6PdyBTRkNeIN10utFUL3UQhBbhz9mogpt/3ahS33CkH5cTzBRnT9d37Z3IU9Oy 9SqFCtNkTkAC6Ss7h552ayNUoJYNvoFd7WQext/JB4+4GtKX51S200K5K9XBXKc+s1OI 5VqOQh68Y+40CgQKo0XDeYwUWzkBsXHPOVH8/7dJfPsOFShyT0R2R7SkgMjth/YRRH4r stK8+Bh9dt/1j0QTzvviTG3hF86ikjtBehml/uulQc2q9ANKyir+hG7nxPSn1xXdg7bo y1ZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=5ptVJqHnrABIU8jGhvoD+aTvnEhkxdS3DHfIYBevqI8=; b=7Otd0M4G5Ll0d6+goPLVmD2wDepnMoNITeuEPevZ0YiFkh2T6nY/3PsqEBGjbgkNXc NnEixZH8eGVrRx149+sdKUtBmLwqXAcSnoagjq1bDM7/FUHihtnd/uGUP4oPnZ+KS0Bo VSo7iovh1amtUBdbynyP29bTBc0k5/IxPdwvvZWz4L79hlblqJxlr9q9GpfP2QJalb4B YwhAtJ1gvogcaes3fNmSwQ3p9nwGUscdv6Rn26guGpk6GFCVvGtEHPAuIluAwBu46olU H5Zj2rseIeCJhISRKKoFbdHdSQ704d01a6SN0rZf0Levbu24GgMhRYtgKxxG+KybEUal 1yEQ== X-Gm-Message-State: AOAM532y1JHAoK+WoZD8xvGnlWI+TBMQAZDW8UDiCMG8HzGZdU2Mv79d uvaRj0ki03KDfCZPovznIRPRxeSlyYU= X-Google-Smtp-Source: ABdhPJzppubjO1Yedz0KmqyRk6n/OGT/LKfJlJN7aGqkWElEnHaTVsikE2D3QmazVfuusTGKh5CDjg== X-Received: by 2002:a05:620a:1269:: with SMTP id b9mr25306656qkl.273.1634614903180; Mon, 18 Oct 2021 20:41:43 -0700 (PDT) Received: from uranus.home.sansel.ca (bras-vprn-tnhlon4053w-lp130-02-70-51-223-227.dsl.bell.ca. [70.51.223.227]) by smtp.gmail.com with ESMTPSA id u28sm6713388qtc.48.2021.10.18.20.41.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Oct 2021 20:41:42 -0700 (PDT) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Mon, 18 Oct 2021 23:41:18 -0400 Message-Id: <20211019034118.28987-3-selva.nair@gmail.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20211019034118.28987-1-selva.nair@gmail.com> References: <20211019034118.28987-1-selva.nair@gmail.com> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Selva Nair Do not support the use of OPENSSL_NO_EC on Windows. We build Windows releases with EC key support enabled in OpenSSL and there is no reason to disable it in OpenVPN. Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.222.171 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.222.171 listed in wl.mailspike.net] X-Headers-End: 1mcg0b-0001m1-2X Subject: [Openvpn-devel] [PATCH 3/3] Require EC key support in Windows builds X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Selva Nair Do not support the use of OPENSSL_NO_EC on Windows. We build Windows releases with EC key support enabled in OpenSSL and there is no reason to disable it in OpenVPN. TODO: If there are no platforms of interest where EC support cannot be enabled in OpenSSL, we should make !defined(OPENSSL_NO_EC) a general requirement. Signed-off-by: Selva Nair Acked-by: Gert Doering --- src/openvpn/crypto_openssl.c | 4 ++++ src/openvpn/cryptoapi.c | 6 ------ 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index 419265a5..60fbec12 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -55,6 +55,10 @@ #include #endif +#if defined(_WIN32) && defined(OPENSSL_NO_EC) +#error Windows build with OPENSSL_NO_EC: disabling EC key is not supported. +#endif + /* * Check for key size creepage. */ diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c index c97dbfbf..7fe3c57c 100644 --- a/src/openvpn/cryptoapi.c +++ b/src/openvpn/cryptoapi.c @@ -236,8 +236,6 @@ rsa_finish(RSA *rsa) return 1; } -#if !defined(OPENSSL_NO_EC) - static EC_KEY_METHOD *ec_method = NULL; /** EC_KEY_METHOD callback: called when the key is freed */ @@ -423,8 +421,6 @@ err: return 0; } -#endif /* !defined(OPENSSL_NO_EC) */ - static const CERT_CONTEXT * find_certificate_in_store(const char *cert_prop, HCERTSTORE cert_store) { @@ -853,7 +849,6 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) goto err; } } -#if !defined(OPENSSL_NO_EC) else if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) { if (!ssl_ctx_set_eckey(ssl_ctx, cd, pkey)) @@ -861,7 +856,6 @@ SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop) goto err; } } -#endif /* !defined(OPENSSL_NO_EC) */ else { msg(M_WARN|M_INFO, "WARNING: cryptoapicert: key type <%d> not supported",