From patchwork Thu Feb 3 08:36:54 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 2263 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director7.mail.ord1d.rsapps.net ([172.30.191.6]) by backend41.mail.ord1d.rsapps.net with LMTP id 0FScEfwu/GG5FwAAqwncew (envelope-from ) for ; Thu, 03 Feb 2022 14:37:32 -0500 Received: from proxy7.mail.ord1d.rsapps.net ([172.30.191.6]) by director7.mail.ord1d.rsapps.net with LMTP id yMYnJvwu/GG3CwAAovjBpQ (envelope-from ) for ; Thu, 03 Feb 2022 14:37:32 -0500 Received: from smtp23.gate.ord1c ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy7.mail.ord1d.rsapps.net with LMTPS id cMHQJfwu/GFNagAAMe1Fpw (envelope-from ) for ; Thu, 03 Feb 2022 14:37:32 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp23.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: ba4e3738-8528-11ec-91e7-b8ca3a678528-1-1 Received: from [216.105.38.7] ([216.105.38.7:57904] helo=lists.sourceforge.net) by smtp23.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 27/8C-01526-BFE2CF16; Thu, 03 Feb 2022 14:37:31 -0500 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1nFhuS-0004oY-Th; Thu, 03 Feb 2022 19:36:47 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nFhuR-0004oQ-JY for openvpn-devel@lists.sourceforge.net; Thu, 03 Feb 2022 19:36:46 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=p4XoY5z88zLMFp3SVHRmpJnwXltiSWvfBNMx/iwXKW8=; b=e8+PBo1dzdfAbr11O6YQ7zO/LE 4sJIL3FeaqjEQsEZUwGZAP+RPOlDWASKkoqza0CdJOg84CHZFmLf7ZV3f9Cut9JvUgh4c6BeNAr5H mDifHAEdt+s+K4wj3DKaMv8xe0LWauYSU/Y+c/tOopd2cOsQMWlsvABaGvQv8nn1bqHE=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=p4XoY5z88zLMFp3SVHRmpJnwXltiSWvfBNMx/iwXKW8=; b=a v+1f8hfWkYJNTU48RF5OHw+ITPTz25oVCEL76lapSX9a48iWPhseXXzU6RvdRRQh5vCN0uxdrkafU QFZMDNTvYsgKTTpyMgx8U39hx7VWpRqnvkmF+4q82xb1FnCFdDJ/7ghxWpLGTIKZmCWnEAgimnRMD 3xKdNG/PLaCIZz+U=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1nFhuO-0006t1-Dd for openvpn-devel@lists.sourceforge.net; Thu, 03 Feb 2022 19:36:46 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Thu, 3 Feb 2022 20:36:54 +0100 Message-Id: <20220203193655.28791-1-a@unstable.cc> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: With cipher validation performed in cipher_get(), a cipher is never returned in any case if some check fails. This prevents OpenVPN from operating on all ciphers provided by the SSL library, like printing them to the user. Content analysis details: (0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1nFhuO-0006t1-Dd Subject: [Openvpn-devel] [PATCH v2 1/2] crypto: move validation logic from cipher_get to cipher_valid X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Sommerseth , Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox With cipher validation performed in cipher_get(), a cipher is never returned in any case if some check fails. This prevents OpenVPN from operating on all ciphers provided by the SSL library, like printing them to the user. Move the validation logic to cipher_valid() so that checks are performed only when OpenVPN really want to know if a cipher is usable or not. Fixes: ce2954a0 ("Remove cipher_kt_t and change type to const char* in API") Cc: Arne Schwabe Cc: David Sommerseth Signed-off-by: Antonio Quartulli Acked-By: David Sommerseth --- Changes from v1: * properly release cipher in case of error in cipher_valid(); src/openvpn/crypto_openssl.c | 34 +++++++++++++++------------------- 1 file changed, 15 insertions(+), 19 deletions(-) diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index a725306c..6f3fbacd 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -565,16 +565,21 @@ rand_bytes(uint8_t *output, int len) static evp_cipher_type * cipher_get(const char *ciphername) { - evp_cipher_type *cipher = NULL; - ASSERT(ciphername); ciphername = translate_cipher_name_from_openvpn(ciphername); - cipher = EVP_CIPHER_fetch(NULL, ciphername, NULL); + return EVP_CIPHER_fetch(NULL, ciphername, NULL); +} - if (NULL == cipher) +bool +cipher_valid(const char *ciphername) +{ + bool ret = false; + evp_cipher_type *cipher = cipher_get(ciphername); + if (!cipher) { - return NULL; + crypto_msg(D_LOW, "Cipher algorithm '%s' not found", ciphername); + goto out; } #ifdef OPENSSL_FIPS @@ -585,7 +590,7 @@ cipher_get(const char *ciphername) { msg(D_LOW, "Cipher algorithm '%s' is known by OpenSSL library but " "currently disabled by running in FIPS mode.", ciphername); - return NULL; + goto out; } #endif if (EVP_CIPHER_key_length(cipher) > MAX_CIPHER_KEY_LENGTH) @@ -594,22 +599,13 @@ cipher_get(const char *ciphername) "which is larger than " PACKAGE_NAME "'s current maximum key size " "(%d bytes)", ciphername, EVP_CIPHER_key_length(cipher), MAX_CIPHER_KEY_LENGTH); - return NULL; + goto out; } - return cipher; -} - -bool cipher_valid(const char *ciphername) -{ - evp_cipher_type *cipher = cipher_get(ciphername); - bool valid = (cipher != NULL); - if (!valid) - { - crypto_msg(D_LOW, "Cipher algorithm '%s' not found", ciphername); - } + ret = true; +out: EVP_CIPHER_free(cipher); - return valid; + return ret; } bool cipher_var_key_size(const char *ciphername) From patchwork Thu Feb 3 08:36:55 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 2262 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director15.mail.ord1d.rsapps.net ([172.28.255.1]) by backend41.mail.ord1d.rsapps.net with LMTP id aGawNfsu/GF0FwAAqwncew (envelope-from ) for ; Thu, 03 Feb 2022 14:37:31 -0500 Received: from proxy9.mail.ord1c.rsapps.net ([172.28.255.1]) by director15.mail.ord1d.rsapps.net with LMTP id QMAjDvwu/GHRRwAAIcMcQg (envelope-from ) for ; Thu, 03 Feb 2022 14:37:32 -0500 Received: from smtp2.gate.ord1c ([172.28.255.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy9.mail.ord1c.rsapps.net with LMTPS id qFnXDfwu/GHHSAAAgxtkuw (envelope-from ) for ; Thu, 03 Feb 2022 14:37:32 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp2.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: ba56fb16-8528-11ec-a866-842b2b4e7063-1-1 Received: from [216.105.38.7] ([216.105.38.7:38306] helo=lists.sourceforge.net) by smtp2.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 7C/B9-11140-BFE2CF16; Thu, 03 Feb 2022 14:37:31 -0500 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1nFhuS-00068U-8e; Thu, 03 Feb 2022 19:36:47 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nFhuQ-00068O-Bs for openvpn-devel@lists.sourceforge.net; Thu, 03 Feb 2022 19:36:45 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=0pMU4jGQ1JDJsrPeUeJxgG8+Sw4mv1hzaXltWxrvrcw=; b=m9MwxbwTDkg4OJAvNaUIG9kEeY ezzr9TBRX5Pxw+t+cu/uBcnVVuhYD+7gEtQgogIf1yWlu3QazEIS8+ZSgB5acwpc9cNBMkOzb3X2I nG9Fb0GhajlYMLqZKwGUTDLvzDBCa2rrnsAbWnPrn+o5a/apPk+s7dYZOa0O0cX7Z8LA=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=0pMU4jGQ1JDJsrPeUeJxgG8+Sw4mv1hzaXltWxrvrcw=; b=Pw2u0xG7/GUTrg6Y1bffYyQnpk 2EASWg9bxAgJeTwz+eySn7l9zHU36Bb7VT8bMEbb/D7XQ9ocDu5TVwWLWw8doqLVqVr3Kz983oZ9k 6lo6J2ok/CygvHjDk1Wi7ut/wga/lFGC/DJOU4wmaQsK5HQPbQyN+xZ+pAsNrPZ+Z3eU=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1nFhuL-00FZ5x-ID for openvpn-devel@lists.sourceforge.net; Thu, 03 Feb 2022 19:36:44 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Thu, 3 Feb 2022 20:36:55 +0100 Message-Id: <20220203193655.28791-2-a@unstable.cc> In-Reply-To: <20220203193655.28791-1-a@unstable.cc> References: <20220203193655.28791-1-a@unstable.cc> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Our crypto API already provides a function performing a validity check on the specified ciphername. The OpenSSL counterpart also checks for the cipher being FIPS-enabled. This API is cipher_valid(). Extend it so that it can provide a reason whenever the cipher is not valid and use it in crypto.c. Content analysis details: (-0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1nFhuL-00FZ5x-ID Subject: [Openvpn-devel] [PATCH v2 2/2] crypto: move OpenSSL specific FIPS check to its backend X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: David Sommerseth , Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Our crypto API already provides a function performing a validity check on the specified ciphername. The OpenSSL counterpart also checks for the cipher being FIPS-enabled. This API is cipher_valid(). Extend it so that it can provide a reason whenever the cipher is not valid and use it in crypto.c. This way we move any OpenSSL specific bit to its own backend and directly use the new cipher_valid_reason() API in the generic code. This patch fixes compilations with mbedTLS when some OpenSSL is also installed. The issue was introduced with: 544330fe ("crypto: Fix OPENSSL_FIPS enabled builds") Cc: David Sommerseth Signed-off-by: Antonio Quartulli Acked-By: David Sommerseth --- Changes from v1: * rebased * don't return cipher, but true in cipher_valid_reason() src/openvpn/crypto.c | 11 +++-------- src/openvpn/crypto_backend.h | 21 ++++++++++++++++++++- src/openvpn/crypto_mbedtls.c | 13 +++++++++---- src/openvpn/crypto_openssl.c | 6 +++++- 4 files changed, 37 insertions(+), 14 deletions(-) diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index 7fc7f8e7..461cfb8c 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -34,7 +34,6 @@ #include "error.h" #include "integer.h" #include "platform.h" -#include "openssl_compat.h" #include "memdbg.h" @@ -1698,16 +1697,12 @@ print_cipher(const char *ciphername) { printf(", TLS client/server mode only"); } -#ifdef OPENSSL_FIPS - evp_cipher_type *cipher = EVP_CIPHER_fetch(NULL, ciphername, NULL); - if (FIPS_mode() && cipher - && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_FIPS)) + const char *reason; + if (!cipher_valid_reason(ciphername, &reason)) { - printf(", disabled by FIPS mode"); + printf(", %s", reason); } - EVP_CIPHER_free(cipher); -#endif printf(")\n"); } diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h index 7beaf9c3..abf1b876 100644 --- a/src/openvpn/crypto_backend.h +++ b/src/openvpn/crypto_backend.h @@ -187,6 +187,21 @@ void cipher_des_encrypt_ecb(const unsigned char key[DES_KEY_LENGTH], */ #define MAX_CIPHER_KEY_LENGTH 64 +/** + * Returns if the cipher is valid, based on the given cipher name and provides a + * reason if invalid. + * + * @param ciphername Name of the cipher to check for validity (e.g. + * \c AES-128-CBC). Will be translated to the library name + * from the openvpn config name if needed. + * @param reason Pointer where a static string indicating the reason + * for rejecting the cipher should be stored. It is set to + * NULL if the cipher is valid. + * + * @return if the cipher is valid + */ +bool cipher_valid_reason(const char *ciphername, const char **reason); + /** * Returns if the cipher is valid, based on the given cipher name. * @@ -196,7 +211,11 @@ void cipher_des_encrypt_ecb(const unsigned char key[DES_KEY_LENGTH], * * @return if the cipher is valid */ -bool cipher_valid(const char *ciphername); +static inline bool cipher_valid(const char *ciphername) +{ + const char *reason; + return cipher_valid_reason(ciphername, &reason); +} /** * Checks if the cipher is defined and is not the null (none) cipher diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index 01bfa020..a771777e 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -403,14 +403,17 @@ cipher_get(const char* ciphername) } bool -cipher_valid(const char *ciphername) +cipher_valid_reason(const char *ciphername, const char **reason) { + ASSERT(reason); + const mbedtls_cipher_info_t *cipher = cipher_get(ciphername); if (NULL == cipher) { msg(D_LOW, "Cipher algorithm '%s' not found", ciphername); - return NULL; + *reason = "disabled because unknown"; + return false; } if (cipher->key_bitlen/8 > MAX_CIPHER_KEY_LENGTH) @@ -418,10 +421,12 @@ cipher_valid(const char *ciphername) msg(D_LOW, "Cipher algorithm '%s' uses a default key size (%d bytes) " "which is larger than " PACKAGE_NAME "'s current maximum key size " "(%d bytes)", ciphername, cipher->key_bitlen/8, MAX_CIPHER_KEY_LENGTH); - return NULL; + *reason = "disabled due to key size too large"; + return false; } - return cipher != NULL; + *reason = NULL; + return true; } const char * diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index 6f3fbacd..8bc41792 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -572,13 +572,14 @@ cipher_get(const char *ciphername) } bool -cipher_valid(const char *ciphername) +cipher_valid_reason(const char *ciphername, const char **reason) { bool ret = false; evp_cipher_type *cipher = cipher_get(ciphername); if (!cipher) { crypto_msg(D_LOW, "Cipher algorithm '%s' not found", ciphername); + *reason = "disabled because unknown"; goto out; } @@ -590,6 +591,7 @@ cipher_valid(const char *ciphername) { msg(D_LOW, "Cipher algorithm '%s' is known by OpenSSL library but " "currently disabled by running in FIPS mode.", ciphername); + *reason = "disabled by FIPS mode"; goto out; } #endif @@ -599,10 +601,12 @@ cipher_valid(const char *ciphername) "which is larger than " PACKAGE_NAME "'s current maximum key size " "(%d bytes)", ciphername, EVP_CIPHER_key_length(cipher), MAX_CIPHER_KEY_LENGTH); + *reason = "disabled due to key size too large"; goto out; } ret = true; + *reason = NULL; out: EVP_CIPHER_free(cipher); return ret;