sync with OpenBSD -current

lib/libcrypto/evp/digest.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: digest.c,v 1.38 2023/07/07 19:37:53 beck Exp $ */
+/* $OpenBSD: digest.c,v 1.39 2023/11/19 15:46:09 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -118,10 +118,6 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
 #include "evp_local.h"
 
 int
@@ -136,49 +132,6 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 {
 	EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
 
-#ifndef OPENSSL_NO_ENGINE
-	/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
-	 * so this context may already have an ENGINE! Try to avoid releasing
-	 * the previous handle, re-querying for an ENGINE, and having a
-	 * reinitialisation, when it may all be unnecessary. */
-	if (ctx->engine && ctx->digest && (!type ||
-	    (type && (type->type == ctx->digest->type))))
-		goto skip_to_init;
-	if (type) {
-		/* Ensure an ENGINE left lying around from last time is cleared
-		 * (the previous check attempted to avoid this if the same
-		 * ENGINE and EVP_MD could be used). */
-		ENGINE_finish(ctx->engine);
-		if (impl != NULL) {
-			if (!ENGINE_init(impl)) {
-				EVPerror(EVP_R_INITIALIZATION_ERROR);
-				return 0;
-			}
-		} else
-			/* Ask if an ENGINE is reserved for this job */
-			impl = ENGINE_get_digest_engine(type->type);
-		if (impl != NULL) {
-			/* There's an ENGINE for this job ... (apparently) */
-			const EVP_MD *d = ENGINE_get_digest(impl, type->type);
-			if (d == NULL) {
-				/* Same comment from evp_enc.c */
-				EVPerror(EVP_R_INITIALIZATION_ERROR);
-				ENGINE_finish(impl);
-				return 0;
-			}
-			/* We'll use the ENGINE's private digest definition */
-			type = d;
-			/* Store the ENGINE functional reference so we know
-			 * 'type' came from an ENGINE and we need to release
-			 * it when done. */
-			ctx->engine = impl;
-		} else
-			ctx->engine = NULL;
-	} else if (!ctx->digest) {
-		EVPerror(EVP_R_NO_DIGEST_SET);
-		return 0;
-	}
-#endif
 	if (ctx->digest != type) {
 		if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
 		    !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
@@ -197,9 +150,6 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 			}
 		}
 	}
-#ifndef OPENSSL_NO_ENGINE
-skip_to_init:
-#endif
 	if (ctx->pctx) {
 		int r;
 		r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
@@ -266,13 +216,6 @@ EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
 		EVPerror(EVP_R_INPUT_NOT_INITIALIZED);
 		return 0;
 	}
-#ifndef OPENSSL_NO_ENGINE
-	/* Make sure it's safe to copy a digest context using an ENGINE */
-	if (in->engine && !ENGINE_init(in->engine)) {
-		EVPerror(ERR_R_ENGINE_LIB);
-		return 0;
-	}
-#endif
 
 	if (out->digest == in->digest) {
 		tmp_buf = out->md_data;
@@ -397,9 +340,6 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
 	 */
 	if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
 		EVP_PKEY_CTX_free(ctx->pctx);
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE_finish(ctx->engine);
-#endif
 	memset(ctx, 0, sizeof(*ctx));
 
 	return 1;

lib/libcrypto/evp/e_aes.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: e_aes.c,v 1.54 2023/09/28 11:29:10 tb Exp $ */
+/* $OpenBSD: e_aes.c,v 1.55 2023/11/18 09:37:15 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -2460,7 +2460,11 @@ aes_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 	}
 
 	if (iv != NULL) {
-		memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+		int iv_len = EVP_CIPHER_CTX_iv_length(ctx);
+
+		if (iv_len < 0 || iv_len > sizeof(ctx->iv))
+			return 0;
+		memcpy(ctx->iv, iv, iv_len);
 		wctx->iv = ctx->iv;
 	}
 

lib/libcrypto/evp/e_rc2.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: e_rc2.c,v 1.22 2023/07/07 19:37:53 beck Exp $ */
+/* $OpenBSD: e_rc2.c,v 1.24 2023/11/18 10:46:58 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -338,17 +338,17 @@ rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
 	long num = 0;
 	int i = 0;
 	int key_bits;
-	unsigned int l;
+	int l;
 	unsigned char iv[EVP_MAX_IV_LENGTH];
 
 	if (type != NULL) {
 		l = EVP_CIPHER_CTX_iv_length(c);
-		if (l > sizeof(iv)) {
+		if (l < 0 || l > sizeof(iv)) {
 			EVPerror(EVP_R_IV_TOO_LARGE);
 			return -1;
 		}
 		i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);
-		if (i != (int)l)
+		if (i != l)
 			return (-1);
 		key_bits = rc2_magic_to_meth((int)num);
 		if (!key_bits)
@@ -373,6 +373,8 @@ rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
 	if (type != NULL) {
 		num = rc2_meth_to_magic(c);
 		j = EVP_CIPHER_CTX_iv_length(c);
+		if (j < 0 || j > sizeof(c->oiv))
+			return 0;
 		i = ASN1_TYPE_set_int_octetstring(type, num, c->oiv, j);
 	}
 	return (i);
@@ -381,9 +383,15 @@ rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
 static int
 rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 {
+	int iv_len;
+
 	switch (type) {
 	case EVP_CTRL_INIT:
-		data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
+		data(c)->key_bits = 0;
+		/* XXX - upper bound? */
+		if ((iv_len = EVP_CIPHER_CTX_key_length(c)) < 0)
+			return -1;
+		data(c)->key_bits = iv_len * 8;
 		return 1;
 
 	case EVP_CTRL_GET_RC2_KEY_BITS:

lib/libcrypto/evp/evp_enc.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_enc.c,v 1.53 2023/09/10 16:53:56 tb Exp $ */
+/* $OpenBSD: evp_enc.c,v 1.55 2023/11/19 15:46:09 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -68,10 +68,6 @@
 #include <openssl/err.h>
 #include <openssl/evp.h>
 
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
 #include "evp_local.h"
 
 int
@@ -94,15 +90,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
 			enc = 1;
 		ctx->encrypt = enc;
 	}
-#ifndef OPENSSL_NO_ENGINE
-	/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
-	 * so this context may already have an ENGINE! Try to avoid releasing
-	 * the previous handle, re-querying for an ENGINE, and having a
-	 * reinitialisation, when it may all be unnecessary. */
-	if (ctx->engine && ctx->cipher &&
-	    (!cipher || (cipher && (cipher->nid == ctx->cipher->nid))))
-		goto skip_to_init;
-#endif
 	if (cipher) {
 		/* Ensure a context left lying around from last time is cleared
 		 * (the previous check attempted to avoid this if the same
@@ -114,32 +101,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
 			ctx->encrypt = enc;
 			ctx->flags = flags;
 		}
-#ifndef OPENSSL_NO_ENGINE
-		if (impl) {
-			if (!ENGINE_init(impl)) {
-				EVPerror(EVP_R_INITIALIZATION_ERROR);
-				return 0;
-			}
-		} else
-			/* Ask if an ENGINE is reserved for this job */
-			impl = ENGINE_get_cipher_engine(cipher->nid);
-		if (impl) {
-			/* There's an ENGINE for this job ... (apparently) */
-			const EVP_CIPHER *c =
-			    ENGINE_get_cipher(impl, cipher->nid);
-			if (!c) {
-				EVPerror(EVP_R_INITIALIZATION_ERROR);
-				return 0;
-			}
-			/* We'll use the ENGINE's private cipher definition */
-			cipher = c;
-			/* Store the ENGINE functional reference so we know
-			 * 'cipher' came from an ENGINE and we need to release
-			 * it when done. */
-			ctx->engine = impl;
-		} else
-			ctx->engine = NULL;
-#endif
 
 		ctx->cipher = cipher;
 		if (ctx->cipher->ctx_size) {
@@ -163,9 +124,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
 		EVPerror(EVP_R_NO_CIPHER_SET);
 		return 0;
 	}
-#ifndef OPENSSL_NO_ENGINE
-skip_to_init:
-#endif
 	/* we assume block size is a power of 2 in *cryptUpdate */
 	if (ctx->cipher->block_size != 1 &&
 	    ctx->cipher->block_size != 8 &&
@@ -181,6 +139,8 @@ skip_to_init:
 	}
 
 	if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
+		int iv_len;
+
 		switch (EVP_CIPHER_CTX_mode(ctx)) {
 
 		case EVP_CIPH_STREAM_CIPHER:
@@ -194,25 +154,26 @@ skip_to_init:
 			/* fall-through */
 
 		case EVP_CIPH_CBC_MODE:
-
-			if ((size_t)EVP_CIPHER_CTX_iv_length(ctx) >
-			    sizeof(ctx->iv)) {
+			iv_len = EVP_CIPHER_CTX_iv_length(ctx);
+			if (iv_len < 0 || iv_len > sizeof(ctx->oiv)) {
 				EVPerror(EVP_R_IV_TOO_LARGE);
 				return 0;
 			}
-			if (iv)
-				memcpy(ctx->oiv, iv,
-				    EVP_CIPHER_CTX_iv_length(ctx));
-			memcpy(ctx->iv, ctx->oiv,
-			    EVP_CIPHER_CTX_iv_length(ctx));
+			if (iv != NULL)
+				memcpy(ctx->oiv, iv, iv_len);
+			memcpy(ctx->iv, ctx->oiv, iv_len);
 			break;
 
 		case EVP_CIPH_CTR_MODE:
 			ctx->num = 0;
+			iv_len = EVP_CIPHER_CTX_iv_length(ctx);
+			if (iv_len < 0 || iv_len > sizeof(ctx->iv)) {
+				EVPerror(EVP_R_IV_TOO_LARGE);
+				return 0;
+			}
 			/* Don't reuse IV for CTR mode */
-			if (iv)
-				memcpy(ctx->iv, iv,
-				    EVP_CIPHER_CTX_iv_length(ctx));
+			if (iv != NULL)
+				memcpy(ctx->iv, iv, iv_len);
 			break;
 
 		default:
@@ -611,10 +572,6 @@ EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
 	/* XXX - store size of cipher_data so we can always freezero(). */
 	free(c->cipher_data);
 
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE_finish(c->engine);
-#endif
-
 	explicit_bzero(c, sizeof(EVP_CIPHER_CTX));
 
 	return 1;
@@ -685,13 +642,6 @@ EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
 		EVPerror(EVP_R_INPUT_NOT_INITIALIZED);
 		return 0;
 	}
-#ifndef OPENSSL_NO_ENGINE
-	/* Make sure it's safe to copy a cipher context using an ENGINE */
-	if (in->engine && !ENGINE_init(in->engine)) {
-		EVPerror(ERR_R_ENGINE_LIB);
-		return 0;
-	}
-#endif
 
 	EVP_CIPHER_CTX_cleanup(out);
 	memcpy(out, in, sizeof *out);

lib/libcrypto/evp/evp_lib.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_lib.c,v 1.28 2023/09/28 11:29:10 tb Exp $ */
+/* $OpenBSD: evp_lib.c,v 1.29 2023/11/18 09:37:15 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -98,16 +98,16 @@ int
 EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
 {
 	int i = 0;
-	unsigned int l;
+	int l;
 
 	if (type != NULL) {
 		l = EVP_CIPHER_CTX_iv_length(c);
-		if (l > sizeof(c->iv)) {
+		if (l < 0 || l > sizeof(c->iv)) {
 			EVPerror(EVP_R_IV_TOO_LARGE);
 			return 0;
 		}
 		i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
-		if (i != (int)l)
+		if (i != l)
 			return (-1);
 		else if (i > 0)
 			memcpy(c->iv, c->oiv, l);
@@ -119,11 +119,11 @@ int
 EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
 {
 	int i = 0;
-	unsigned int j;
+	int j;
 
 	if (type != NULL) {
 		j = EVP_CIPHER_CTX_iv_length(c);
-		if (j > sizeof(c->iv)) {
+		if (j < 0 || j > sizeof(c->iv)) {
 			EVPerror(EVP_R_IV_TOO_LARGE);
 			return 0;
 		}

lib/libcrypto/evp/p_lib.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: p_lib.c,v 1.37 2023/09/10 17:32:17 tb Exp $ */
+/* $OpenBSD: p_lib.c,v 1.38 2023/11/19 15:46:10 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -77,10 +77,6 @@
 #include <openssl/rsa.h>
 #endif
 
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
 #include "asn1_local.h"
 #include "evp_local.h"
 
@@ -245,19 +241,11 @@ pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, int len)
 		 */
 		if ((type == pkey->save_type) && pkey->ameth)
 			return 1;
-#ifndef OPENSSL_NO_ENGINE
-		ENGINE_finish(pkey->engine);
-		pkey->engine = NULL;
-#endif
 	}
 	if (str)
 		ameth = EVP_PKEY_asn1_find_str(eptr, str, len);
 	else
 		ameth = EVP_PKEY_asn1_find(eptr, type);
-#ifndef OPENSSL_NO_ENGINE
-	if (pkey == NULL && eptr != NULL)
-		ENGINE_finish(e);
-#endif
 	if (!ameth) {
 		EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
 		return 0;
@@ -583,9 +571,6 @@ EVP_PKEY_type(int type)
 		ret = ameth->pkey_id;
 	else
 		ret = NID_undef;
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE_finish(e);
-#endif
 	return ret;
 }
 
@@ -626,10 +611,6 @@ EVP_PKEY_free_it(EVP_PKEY *x)
 		x->ameth->pkey_free(x);
 		x->pkey.ptr = NULL;
 	}
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE_finish(x->engine);
-	x->engine = NULL;
-#endif
 }
 
 static int

lib/libcrypto/evp/p_seal.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: p_seal.c,v 1.16 2023/07/07 19:37:54 beck Exp $ */
+/* $OpenBSD: p_seal.c,v 1.17 2023/11/18 09:37:15 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -74,7 +74,7 @@ EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
     int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
 {
 	unsigned char key[EVP_MAX_KEY_LENGTH];
-	int i;
+	int i, iv_len;
 
 	if (type) {
 		EVP_CIPHER_CTX_init(ctx);
@@ -85,8 +85,11 @@ EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
 		return 1;
 	if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
 		return 0;
-	if (EVP_CIPHER_CTX_iv_length(ctx))
-		arc4random_buf(iv, EVP_CIPHER_CTX_iv_length(ctx));
+	/* XXX - upper bound? */
+	if ((iv_len = EVP_CIPHER_CTX_iv_length(ctx)) < 0)
+		return 0;
+	if (iv_len > 0)
+		arc4random_buf(iv, iv_len);
 
 	if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
 		return 0;

lib/libcrypto/evp/pmeth_lib.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: pmeth_lib.c,v 1.33 2023/07/07 19:37:54 beck Exp $ */
+/* $OpenBSD: pmeth_lib.c,v 1.34 2023/11/19 15:43:52 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -68,10 +68,6 @@
 #include <openssl/objects.h>
 #include <openssl/x509v3.h>
 
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
 #include "asn1_local.h"
 #include "evp_local.h"
 
@@ -161,26 +157,8 @@ evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *engine, int id)
 			return NULL;
 		id = pkey->ameth->pkey_id;
 	}
-#ifndef OPENSSL_NO_ENGINE
-	if (pkey != NULL && pkey->engine != NULL)
-		engine = pkey->engine;
-	/* Try to find an ENGINE which implements this method. */
-	if (engine != NULL) {
-		if (!ENGINE_init(engine)) {
-			EVPerror(ERR_R_ENGINE_LIB);
-			return NULL;
-		}
-	} else
-		engine = ENGINE_get_pkey_meth_engine(id);
 
-	/* Look up method handler in ENGINE or use internal tables. */
-	if (engine != NULL)
-		pmeth = ENGINE_get_pkey_meth(engine, id);
-	else
-#endif
-		pmeth = EVP_PKEY_meth_find(id);
-
-	if (pmeth == NULL) {
+	if ((pmeth = EVP_PKEY_meth_find(id)) == NULL) {
 		EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
 		goto err;
 	}
@@ -205,9 +183,6 @@ evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *engine, int id)
 
  err:
 	EVP_PKEY_CTX_free(pkey_ctx);
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE_finish(engine);
-#endif
 
 	return NULL;
 }
@@ -275,22 +250,12 @@ EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
 
 	if (pctx->pmeth == NULL || pctx->pmeth->copy == NULL)
 		goto err;
-#ifndef OPENSSL_NO_ENGINE
-	/* Make sure it's safe to copy a pkey context using an ENGINE */
-	if (pctx->engine != NULL && !ENGINE_init(pctx->engine)) {
-		EVPerror(ERR_R_ENGINE_LIB);
-		goto err;
-	}
-#endif
 	if ((rctx = calloc(1, sizeof(*rctx))) == NULL) {
 		EVPerror(ERR_R_MALLOC_FAILURE);
 		goto err;
 	}
 
 	rctx->pmeth = pctx->pmeth;
-#ifndef OPENSSL_NO_ENGINE
-	rctx->engine = pctx->engine;
-#endif
 
 	if ((rctx->pkey = pctx->pkey) != NULL)
 		EVP_PKEY_up_ref(rctx->pkey);
@@ -333,9 +298,6 @@ EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
 		ctx->pmeth->cleanup(ctx);
 	EVP_PKEY_free(ctx->pkey);
 	EVP_PKEY_free(ctx->peerkey);
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE_finish(ctx->engine);
-#endif
 	free(ctx);
 }