EVP: Downgrade keys rather than upgrade by levitte · Pull Request #11375 · openssl/openssl

levitte · 2020-03-21T05:29:40Z

Upgrading EVP_PKEYs from containing legacy keys to containing provider
side keys proved to be risky, with a number of unpleasant corner
cases, and with functions like EVP_PKEY_get0_DSA() failing
unexpectedly.

We therefore change course, and instead of upgrading legacy internal
keys to provider side internal keys, we downgrade provider side
internal keys to legacy ones. To be able to do this, we add
|import_from| and make it a callback function designed for
evp_keymgmt_export().

This means that evp_pkey_upgrade_to_provider() is replaced with
evp_pkey_downgrade().

This also clarifies the interaction between certain key fields in EVP_PKEY.

levitte · 2020-03-21T05:31:08Z

Missing: import_from implementations in the diverse EVP_PKEY_ASN1_METHODs

slontis · 2020-03-22T08:39:08Z

Needs a rebase..
For some reason test_fromdata_ec failed on some appveyor machines

crypto/evp/p_lib.c

doc/man3/EVP_PKEY_set_type.pod

levitte · 2020-03-23T05:23:19Z

Rebased

slontis · 2020-03-23T05:26:17Z

Is this still WIP?

levitte · 2020-03-23T05:27:36Z

Nope, as of now

levitte · 2020-03-23T05:28:27Z

But caveat, I haven't tested it with the ec generation pr yet

crypto/dh/dh_ameth.c

crypto/dh/dh_backend.c

crypto/dsa/dsa_ameth.c

crypto/ec/ec_ameth.c

crypto/evp/keymgmt_lib.c

crypto/evp/p_lib.c

crypto/ffc/ffc_backend.c

crypto/rsa/rsa_backend.c

levitte · 2020-03-23T12:28:10Z

doc-nits failure seems relevant.

Fixed, I think

mattcaswell

Looks pretty good to me.

crypto/ec/ec_backend.c

doc/man3/EVP_PKEY_set_type.pod

crypto/evp/keymgmt_lib.c

levitte · 2020-03-24T07:46:42Z

I'm paying dearly for not having proper error reporting all over the place. We really need to get a grip on that. I'll start in this PR, please do the same, @openssl

mattcaswell

Approved assuming the nit is fixed

crypto/evp/keymgmt_lib.c

levitte · 2020-03-25T12:18:01Z

Darn, there were a couple of very small fixups I hadn't pushed. Please take a look and either let your confirmation stand, or re-confirm (which will reset the grace time clock)

mattcaswell · 2020-03-25T12:22:03Z

My approval stands.

EVP_PKEY is rather complex, even before provider side keys entered the stage. You could have untyped / unassigned keys (pk->type == EVP_PKEY_NONE), keys that had been assigned a type but no data (pk->pkey.ptr == NULL), and fully assigned keys (pk->type != EVP_PKEY_NONE && pk->pkey.ptr != NULL). For provider side keys, the corresponding states weren't well defined, and the code didn't quite account for all the possibilities. We also guard most of the legacy fields in EVP_PKEY with FIPS_MODE, so they don't exist at all in the FIPS module. Most of all, code needs to adapt to the case where an EVP_PKEY's |keymgmt| is non-NULL, but its |keydata| is NULL. Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11375)

This function intialises an EVP_PKEY to contain a provider side internal key. We take the opportunity to also document the older EVP_PKEY_set_type() and EVP_PKEY_set_type_str(). Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11375)

Upgrading EVP_PKEYs from containing legacy keys to containing provider side keys proved to be risky, with a number of unpleasant corner cases, and with functions like EVP_PKEY_get0_DSA() failing unexpectedly. We therefore change course, and instead of upgrading legacy internal keys to provider side internal keys, we downgrade provider side internal keys to legacy ones. To be able to do this, we add |import_from| and make it a callback function designed for evp_keymgmt_export(). This means that evp_pkey_upgrade_to_provider() is replaced with evp_pkey_downgrade(). EVP_PKEY_copy_parameters() is the most deeply affected function of this change. Fixes openssl#11366 Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11375)

Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11375)

Downgrading EVP_PKEYs from containing provider side internal keys to containing legacy keys demands support in the EVP_PKEY_ASN1_METHOD. This became a bit elaborate because the code would be almost exactly the same as the import functions int EVP_KEYMGMT. Therefore, we end up moving most of the code to common backend support files that can be used both by legacy backend code and by our providers. Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11375)

Provider KEYMGMT functions can handle domain parameters as well as "other" parameters (the cofactor mode flag in ECC keys is one of those). The public EVP functions EVP_PKEY_copy_parameters(), EVP_PKEY_missing_parameters(), EVP_PKEY_cmp_parameters() and EVP_PKEY_cmp() tried to handle all parameters, but looking back at EVP_PKEY_ASN1_METHOD code (especially crypto/ec/ec_ameth.c), it turns out that they only need to concern themselves with domain parameters. Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11375)

levitte · 2020-03-25T16:04:28Z

Merged!

@slontis, I think we both have a merge fest to look forward to 😉

levitte force-pushed the downgrade-key branch from d1337b6 to aa6d5e5 Compare March 21, 2020 05:30

This was referenced Mar 21, 2020

[WIP] EVP: Fix EVP_PKEY_copy_parameters() for a newly allocated |to| #11368

Closed

EVP_PKEY_copy_parameters() broken #11366

Closed

slontis reviewed Mar 22, 2020

View reviewed changes

crypto/evp/p_lib.c Outdated Show resolved Hide resolved

slontis reviewed Mar 22, 2020

View reviewed changes

crypto/evp/p_lib.c Outdated Show resolved Hide resolved

slontis reviewed Mar 22, 2020

View reviewed changes

doc/man3/EVP_PKEY_set_type.pod Outdated Show resolved Hide resolved

slontis reviewed Mar 22, 2020

View reviewed changes

doc/man3/EVP_PKEY_set_type.pod Outdated Show resolved Hide resolved

slontis reviewed Mar 22, 2020

View reviewed changes

doc/man3/EVP_PKEY_set_type.pod Outdated Show resolved Hide resolved

levitte force-pushed the downgrade-key branch from a4b122f to 3febb74 Compare March 23, 2020 05:23

levitte changed the title ~~[WIP, pending on #11374] EVP: Downgrade keys rather than upgrade~~ [pending on #11374] EVP: Downgrade keys rather than upgrade Mar 23, 2020

slontis added the branch: master Applies to master branch label Mar 23, 2020

slontis requested a review from mattcaswell March 23, 2020 05:39