sync with OpenBSD -current

lib/libcrypto/ec/ec_ameth.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_ameth.c,v 1.53 2024/04/14 15:41:09 tb Exp $ */
+/* $OpenBSD: ec_ameth.c,v 1.63 2024/04/17 14:01:33 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -912,77 +912,61 @@ static int
 ecdh_cms_encrypt(CMS_RecipientInfo *ri)
 {
 	EVP_PKEY_CTX *pctx;
-	EVP_PKEY *pkey;
 	EVP_CIPHER_CTX *ctx;
 	int keylen;
 	X509_ALGOR *talg, *wrap_alg = NULL;
 	const ASN1_OBJECT *aoid;
 	ASN1_BIT_STRING *pubkey;
-	ASN1_STRING *wrap_str;
+	ASN1_STRING *wrap_str = NULL;
 	ASN1_OCTET_STRING *ukm;
 	unsigned char *penc = NULL;
 	int penclen;
-	int ecdh_nid, kdf_type, kdf_nid, wrap_nid;
+	int ecdh_nid, kdf_nid, wrap_nid;
 	const EVP_MD *kdf_md;
-	int rv = 0;
+	int ret = 0;
 
-	pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
-	if (!pctx)
-		return 0;
-	/* Get ephemeral key */
-	pkey = EVP_PKEY_CTX_get0_pkey(pctx);
+	if ((pctx = CMS_RecipientInfo_get0_pkey_ctx(ri)) == NULL)
+		goto err;
 	if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &talg, &pubkey,
 	    NULL, NULL, NULL))
 		goto err;
+
 	X509_ALGOR_get0(&aoid, NULL, NULL, talg);
-
-	/* Is everything uninitialised? */
 	if (aoid == OBJ_nid2obj(NID_undef)) {
-		EC_KEY *eckey = pkey->pkey.ec;
-		unsigned char *p;
+		EVP_PKEY *pkey;
 
-		/* Set the key */
-		penclen = i2o_ECPublicKey(eckey, NULL);
-		if (penclen <= 0)
+		if ((pkey = EVP_PKEY_CTX_get0_pkey(pctx)) == NULL)
 			goto err;
-		penc = malloc(penclen);
-		if (penc == NULL)
-			goto err;
-		p = penc;
-		penclen = i2o_ECPublicKey(eckey, &p);
-		if (penclen <= 0)
+
+		penc = NULL;
+		if ((penclen = i2o_ECPublicKey(pkey->pkey.ec, &penc)) <= 0)
 			goto err;
+
 		ASN1_STRING_set0(pubkey, penc, penclen);
-		if (!asn1_abs_set_unused_bits(pubkey, 0))
-			goto err;
 		penc = NULL;
 
-		X509_ALGOR_set0(talg, OBJ_nid2obj(NID_X9_62_id_ecPublicKey),
-		    V_ASN1_UNDEF, NULL);
+		if (!asn1_abs_set_unused_bits(pubkey, 0))
+			goto err;
+
+		if (!X509_ALGOR_set0_by_nid(talg, NID_X9_62_id_ecPublicKey,
+		    V_ASN1_UNDEF, NULL))
+			goto err;
 	}
 
-	/* See if custom parameters set */
-	kdf_type = EVP_PKEY_CTX_get_ecdh_kdf_type(pctx);
-	if (kdf_type <= 0)
+	if (EVP_PKEY_CTX_get_ecdh_kdf_type(pctx) != EVP_PKEY_ECDH_KDF_NONE)
 		goto err;
-	if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md))
+	if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_63) <= 0)
 		goto err;
-	ecdh_nid = EVP_PKEY_CTX_get_ecdh_cofactor_mode(pctx);
-	if (ecdh_nid < 0)
+
+	if ((ecdh_nid = EVP_PKEY_CTX_get_ecdh_cofactor_mode(pctx)) < 0)
 		goto err;
-	else if (ecdh_nid == 0)
+	if (ecdh_nid == 0)
 		ecdh_nid = NID_dh_std_kdf;
 	else if (ecdh_nid == 1)
 		ecdh_nid = NID_dh_cofactor_kdf;
 
-	if (kdf_type == EVP_PKEY_ECDH_KDF_NONE) {
-		kdf_type = EVP_PKEY_ECDH_KDF_X9_63;
-		if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, kdf_type) <= 0)
-			goto err;
-	} else {
-		/* Unknown KDF */
+	if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md))
 		goto err;
-	}
 	if (kdf_md == NULL) {
 		/* Fixme later for better MD */
 		kdf_md = EVP_sha1();
@@ -1002,53 +986,60 @@ ecdh_cms_encrypt(CMS_RecipientInfo *ri)
 	wrap_nid = EVP_CIPHER_CTX_type(ctx);
 	keylen = EVP_CIPHER_CTX_key_length(ctx);
 
-	/* Package wrap algorithm in an AlgorithmIdentifier */
+	/*
+	 * Package wrap algorithm in an AlgorithmIdentifier.
+	 *
+	 * Incompatibility of X509_ALGOR_set0() with EVP_CIPHER_param_to_asn1()
+	 * makes this really gross.
+	 */
 
-	wrap_alg = X509_ALGOR_new();
-	if (wrap_alg == NULL)
+	if ((wrap_alg = X509_ALGOR_new()) == NULL)
 		goto err;
-	wrap_alg->algorithm = OBJ_nid2obj(wrap_nid);
-	wrap_alg->parameter = ASN1_TYPE_new();
-	if (wrap_alg->parameter == NULL)
+	if ((wrap_alg->algorithm = OBJ_nid2obj(wrap_nid)) == NULL)
+		goto err;
+	if ((wrap_alg->parameter = ASN1_TYPE_new()) == NULL)
 		goto err;
 	if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0)
 		goto err;
-	if (ASN1_TYPE_get(wrap_alg->parameter) == NID_undef) {
+	if (ASN1_TYPE_get(wrap_alg->parameter) == V_ASN1_UNDEF) {
 		ASN1_TYPE_free(wrap_alg->parameter);
 		wrap_alg->parameter = NULL;
 	}
 
+	if ((penclen = CMS_SharedInfo_encode(&penc, wrap_alg, ukm, keylen)) <= 0)
+		goto err;
+
 	if (EVP_PKEY_CTX_set_ecdh_kdf_outlen(pctx, keylen) <= 0)
 		goto err;
-
-	penclen = CMS_SharedInfo_encode(&penc, wrap_alg, ukm, keylen);
-	if (penclen <= 0)
-		goto err;
-
 	if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, penc, penclen) <= 0)
 		goto err;
 	penc = NULL;
 
 	/*
-	 * Now need to wrap encoding of wrap AlgorithmIdentifier into parameter
-	 * of another AlgorithmIdentifier.
+	 * Wrap encoded wrap AlgorithmIdentifier into parameter of another
+	 * AlgorithmIdentifier.
 	 */
-	penclen = i2d_X509_ALGOR(wrap_alg, &penc);
-	if (penclen <= 0)
+
+	if ((penclen = i2d_X509_ALGOR(wrap_alg, &penc)) <= 0)
 		goto err;
-	wrap_str = ASN1_STRING_new();
-	if (wrap_str == NULL)
+
+	if ((wrap_str = ASN1_STRING_new()) == NULL)
 		goto err;
 	ASN1_STRING_set0(wrap_str, penc, penclen);
 	penc = NULL;
-	X509_ALGOR_set0(talg, OBJ_nid2obj(kdf_nid), V_ASN1_SEQUENCE, wrap_str);
 
-	rv = 1;
+	if (!X509_ALGOR_set0_by_nid(talg, kdf_nid, V_ASN1_SEQUENCE, wrap_str))
+		goto err;
+	wrap_str = NULL;
+
+	ret = 1;
 
  err:
 	free(penc);
+	ASN1_STRING_free(wrap_str);
 	X509_ALGOR_free(wrap_alg);
-	return rv;
+
+	return ret;
 }
 
 #endif

lib/libcrypto/ec/ec_asn1.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_asn1.c,v 1.52 2024/04/15 15:46:29 tb Exp $ */
+/* $OpenBSD: ec_asn1.c,v 1.53 2024/04/17 23:24:18 tb Exp $ */
 /*
  * Written by Nils Larsch for the OpenSSL project.
  */
@@ -74,7 +74,6 @@ EC_GROUP_get_basis_type(const EC_GROUP *group)
 }
 LCRYPTO_ALIAS(EC_GROUP_get_basis_type);
 
-/* some structures needed for the asn1 encoding */
 typedef struct x9_62_pentanomial_st {
 	long k1;
 	long k2;
@@ -134,7 +133,6 @@ typedef struct ecpk_parameters_st {
 	} value;
 } ECPKPARAMETERS;
 
-/* SEC1 ECPrivateKey */
 typedef struct ec_privatekey_st {
 	long version;
 	ASN1_OCTET_STRING *privateKey;
@@ -142,7 +140,6 @@ typedef struct ec_privatekey_st {
 	ASN1_BIT_STRING *publicKey;
 } EC_PRIVATEKEY;
 
-/* the OpenSSL ASN.1 definitions */
 static const ASN1_TEMPLATE X9_62_PENTANOMIAL_seq_tt[] = {
 	{
 		.flags = 0,
@@ -418,9 +415,6 @@ const ASN1_ITEM ECPARAMETERS_it = {
 	.sname = "ECPARAMETERS",
 };
 
-static ECPARAMETERS *ECPARAMETERS_new(void);
-static void ECPARAMETERS_free(ECPARAMETERS *a);
-
 static ECPARAMETERS *
 ECPARAMETERS_new(void)
 {
@@ -467,11 +461,6 @@ const ASN1_ITEM ECPKPARAMETERS_it = {
 	.sname = "ECPKPARAMETERS",
 };
 
-static ECPKPARAMETERS *ECPKPARAMETERS_new(void);
-static void ECPKPARAMETERS_free(ECPKPARAMETERS *a);
-static ECPKPARAMETERS *d2i_ECPKPARAMETERS(ECPKPARAMETERS **a, const unsigned char **in, long len);
-static int i2d_ECPKPARAMETERS(const ECPKPARAMETERS *a, unsigned char **out);
-
 static ECPKPARAMETERS *
 d2i_ECPKPARAMETERS(ECPKPARAMETERS **a, const unsigned char **in, long len)
 {
@@ -538,11 +527,6 @@ static const ASN1_ITEM EC_PRIVATEKEY_it = {
 	.sname = "EC_PRIVATEKEY",
 };
 
-static EC_PRIVATEKEY *EC_PRIVATEKEY_new(void);
-static void EC_PRIVATEKEY_free(EC_PRIVATEKEY *a);
-static EC_PRIVATEKEY *d2i_EC_PRIVATEKEY(EC_PRIVATEKEY **a, const unsigned char **in, long len);
-static int i2d_EC_PRIVATEKEY(const EC_PRIVATEKEY *a, unsigned char **out);
-
 static EC_PRIVATEKEY *
 d2i_EC_PRIVATEKEY(EC_PRIVATEKEY **a, const unsigned char **in, long len)
 {
@@ -568,28 +552,6 @@ EC_PRIVATEKEY_free(EC_PRIVATEKEY *a)
 	ASN1_item_free((ASN1_VALUE *)a, &EC_PRIVATEKEY_it);
 }
 
-/* some declarations of internal function */
-
-/* ec_asn1_group2fieldid() sets the values in a X9_62_FIELDID object */
-static int ec_asn1_group2fieldid(const EC_GROUP *, X9_62_FIELDID *);
-/* ec_asn1_group2curve() sets the values in a X9_62_CURVE object */
-static int ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *);
-/* ec_asn1_parameters2group() creates a EC_GROUP object from a
- * ECPARAMETERS object */
-static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *);
-/* ec_asn1_group2parameters() creates a ECPARAMETERS object from a
- * EC_GROUP object */
-static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *, ECPARAMETERS *);
-/* ec_asn1_pkparameters2group() creates a EC_GROUP object from a
- * ECPKPARAMETERS object */
-static EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *);
-/* ec_asn1_group2pkparameters() creates a ECPKPARAMETERS object from a
- * EC_GROUP object */
-static ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *,
-    ECPKPARAMETERS *);
-
-/* the function definitions */
-
 static int
 ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field)
 {
@@ -1046,8 +1008,6 @@ ec_asn1_pkparameters2group(const ECPKPARAMETERS *params)
 	return ret;
 }
 
-/* EC_GROUP <-> DER encoding of ECPKPARAMETERS */
-
 EC_GROUP *
 d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
 {
@@ -1093,8 +1053,6 @@ i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out)
 }
 LCRYPTO_ALIAS(i2d_ECPKParameters);
 
-/* some EC_KEY functions */
-
 EC_KEY *
 d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
 {