Граф коммитов

153 Коммитов

Автор SHA1 Сообщение Дата
Maxwell Moyer-McKee 98749e496d
Add SHAKE and CSHAKE (#90)
* Refactor digests to use SymcryptHash* functions

* Additional refactor and add SHAKE

* Bump version

* Add CSHAKE

* Add MD testing and fix uncovered bugs

* Delay init and restrict parameters during update operation

* Cleanup

* Put digest squeeze behind ifdef

* Move new parameter names to separate file

* Don't dynamically alloc cshake state

* Rename function name string parameter

* PR comments

* Init in extract if update has not been called

* Track cshake state in provider
2024-10-15 12:18:39 -07:00
Maxwell Moyer-McKee 7a7215d3ad
Add SSKDF (SP800-56C) (#93)
* Boilerplate implementation

* sskdf implementation

* Update function call

* Add SymCrypt version constraint

* Cleanup

* Revert changes to p_scossl_sskdf_dupctx
2024-10-15 09:56:42 -07:00
Maxwell Moyer-McKee 1befa15c98
Add SRTP KDF (#91)
* Boilerplate code

* Context and parameters

* Reset and derive

* Parameters

* Add SRTP tests and fix errors

* Add SRTCP

* Additional key length tests

* Move new parameter names to a separate file

* Cleanup

* Check uIndexWidth is acceptable value

* Add default label value

* Make unset label a macro for readability
2024-10-08 10:01:29 -07:00
Alejandro H df8c9c671d
cmake: fixup CMakeLists to avoid installing libraries in incorrect path (#94)
usr/CACHE;PATH;Path to OpenSSL providers;lib/symcryptprovider.so
vs
usr/lib/symcryptprovider.so

Signed-off-by: Alejandro Hernandez Samaniego <alhe@linux.microsoft.com>
Co-authored-by: Alejandro Hernandez Samaniego <alhe@linux.microsoft.com>
2024-09-30 08:52:42 -07:00
Maxwell Moyer-McKee 07ccc8be92
Fix engine behavior (#89)
* Fix RSA unsupported fallback

* Turn default log level off
2024-09-04 13:24:11 -07:00
Kevin Jones f341f4c64d
Remove GCM nonce restriction comment (#88) 2024-09-04 12:55:05 -07:00
Maxwell Moyer-McKee 65f24e4834
Fix SSH KDF engine (#85)
* Fix build for engine 1.1.1 sshkdf

* Fix regression with e_scossl_get_symcrypt_hash_algorithm

* Fix outdated function name in SslPlay
2024-08-21 09:20:31 -07:00
Kevin Jones 61e9173150
Correct log messages to say hash where they said Hmac (#87)
* Correct log messages to say digest where they said Hmac

* Use 'hash' instead of 'digest'
2024-08-21 09:20:12 -07:00
Maxwell Moyer-McKee b9300d58ee
Behavior fixes for API compatability (#86)
* Explicitly set outl for zero inl

* Return null check to internal function

* Restore null checks for internal block ciphers and correct SAL annotations

* Support larger/smaller buffers for key exchange

* Return sufficient buffer size for ECDSA size

* Fix returns for ECDH size request and bump version
2024-08-21 09:19:51 -07:00
Maxwell McKee 81bfe457ed
Fixes for tpm2 (#84)
* Expose EC X and Y as parameters

* Make AES-CFB compatible with OpenSSL stream cipher calling pattern

* Cleanup

* PR comments, address in == out case

* Comment
2024-08-15 13:01:33 -07:00
Maxwell McKee ab6d48fbc9
Various provider bugfixes (#83)
* Keysinuse test fixes

* Move variable declaration outside of case statement
2024-07-25 21:16:45 -04:00
Maxwell McKee 7a67355c13
Initial KeysInUse integration (#74)
* KeysInUse logging thread

* KeysInUse behavior control

* Keysinuse logging

* Connect keysinuse to provider init

* ECDSA keysinuse

* RSA keysinuse

* Properly free and upref keysinuse info

* Bugfixe found in first testing

* Allow KB, MB, GB suffixes for file size

* Associate keysinuse info with key data instead of operation context.

* Cleanup keysinuse file and update keysinuse error logging

* Properly support restricted PSS keys

* Fix printing all events on exit

* Enable keysinuse from environment

* Update example config

* Cleanup rebase

* Rebase cleanup and safer lock handling

* First round PR comments

* Put KeysInUseInfo in keyctx behind lock. Reset on new key material

* Second round PR comments

* Separate teardown function

* Initialize i

* PR comments

* PR comments and cleanup merge conflicts
2024-06-05 12:07:58 -07:00
Mitch Lindgren b27f691f26
Merge pull request #81 from microsoft/user/mitchl/alejandro_overlake_fix
Fix CMake file to avoid installing libraries incorrect path
2024-05-28 17:26:14 -07:00
Mitch Lindgren a374548dd6 Avoids incorrectly parsing cmake file resulting in installing the shared libraries in:
/usr/CACHE;PATH;Path to OpenSSL engines;lib/engines-1.1/symcryptengine.so

Signed-off-by: Alejandro Hernandez Samaniego <alhe@linux.microsoft.com>
2024-05-28 16:53:33 -07:00
Maxwell McKee 5cc0f7d743
Provider and Engine bugfixes (#80)
* Move initialization after copying functions

* Support OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT

* Initialize parameters in p_scossl_aes_copy_mac

* Fix remaining test failures due to RSA provider implementation

* Fix remaining test errors due to provider ECC

* Check HMAC md by name if type isn't available.

* Check paramters in provider KDF

* Use default GCM IV length until set in provider

* Only set DH gen group if a new group is passed by the caller

* Support variable length GCM IV in engine

* Re-remove XTS key set error tests for engine

* Remove fetched alloc functions

* Fix memory leaks

* PR comments
2024-05-16 16:19:46 -07:00
Maxwell Moyer-McKee bf78204684 Fix memory leaks 2024-05-15 21:51:04 +00:00
Maxwell McKee ef91a8827e
Bugfixes for TLS connections (#78)
* Return correct ctx in kmac_dupctx

* Correct error check in dh export

* Support RSA algorithm ID parameter

* Support OSSL_PKEY_PARAM_EC_ENCODING parameter

* Support algorithm ID in ECDSA

* Track DH group independant of key

* Add libcrypto as link target for provider

* DH fixes for SSL layer

* Support TLS mode for AES block ciphers and styling

* PR comments
2024-04-24 16:51:22 -07:00
Maxwell McKee 2ef3602ece
Update tests for OpenSSL 3 and fix bugs found in test (#77)
* Fix errors in SslPlay

* Add EVP test recipes

* Update permissions

* Update test cases

* Update test recipes

* Fix 1.1.1 engine errors in testing

* Move 3.0.2 test files

* Fix tests

* Fix errors found in test

* Split RSA tests

* Outstanding test fixes

* Rely on patched evp_test for 3.0 engine rather than expect errors

* Rename 3.0 test folder

* Update test readme

* Nit: spacing

* IV null check in correct function

* Update version and name to match expected

* Add named curve only test for Azure Linux

* PR comments
2024-04-17 11:47:49 -07:00
Maxwell McKee 5361693ec5
Provider KBKDF (SP800-108) (#76)
* Function stubs

* SP800-108 counter

* KMAC KBKDF

* Cleanup

* PR comments

* PR comments
2024-03-08 09:03:54 -08:00
Maxwell McKee c2cb7fdc5b
Properly support restricted PSS keys (#75)
* Properly support restricted PSS keys

* PR comments
2024-03-05 16:01:02 -08:00
Maxwell McKee 571dfb06bb
Fix 3.0 compatability issues (#73)
* Fix 3.0 compatability issues

* Check major version too

* PR comment
2024-02-07 14:43:42 -08:00
Maxwell McKee a7ffa3f046
Various provider bugfixes (#72)
* Fix TLS errors due to parameter types

* Fix rsa errors

* Add basic default config

* Fix typo
2024-01-25 16:15:35 -08:00
Maxwell McKee f6ee55f089
Provider DH (#71)
* Stub DH functions in provider

* Provider DH key mgmt

* DH provider

* Full DH support

* Fix warnings

* Require only private or public key for key import

* Cleanup

* Engine use common implementation for DH

* Engine fixes

* Better error checking in provider

* PR comments

* PR comments

* Copy correct group into dupctx
2023-12-14 14:21:47 -08:00
Maxwell McKee dd21ea8031
Provider X25519 (#70)
* x25519 key management

* x25519 exchange

* Fetch hidden 25519 curve from separate function

* Advertize TLS group capability

* Fix warning

* Address comments

* Address comments and fix discovered tls errors

* PR comments

* Fix size update
2023-12-14 11:15:28 -08:00
Maxwell McKee c16e31d4e6
Provider MAC (#66)
* HMAC stubs

* Common hmac implementation

* Typedef aligned context type for readablity

* Provider HMAC

* Refactor engine hmac

* KMAC stubs

* Provider KMAC

* CMAC

* Make mac implementations more generic

* Route cmac to common mac implementation

* Clean up kmac

* Validate engine build

* Additional refactoring and cleanup

* Address PR comments

* Address PR comments

* Address PR comments and ad SHA3 HMAC

* zalloc in mac duplication

* PR comments
2023-12-14 10:26:53 -08:00
Samuel Lee 0ecad51d38
Add support for AES-XTS and RSA-PSS with auto salt-len (#68) 2023-12-12 14:06:59 -08:00
Maxwell McKee 7abafd80a9
Provider KDF (#65)
* Stub KDF functions

* HKDF implementation

* Provider SSH KDF

* Fix engine publiuc header property

* Provider TLS1-PRF

* Cleanup

* OpenSSL 1.1.1 engine build compatability

* Use common hash fetching for RSA

* Address PR comments

* Correct MAC related error logging

* PR comments

* PR comments

* Minor cleanup
2023-11-29 16:04:38 -08:00
ironyman 8ee9ee42c9
Support building for ARM (#69)
* Support building for ARM

* Fix the branch for cross compilation for arm build

---------

Authored-by: Changyu Li <Changyu.Li@microsoft.com>
2023-11-27 13:39:03 -08:00
Maxwell McKee d01ed05103
Provider ECDH and ECDSA (#64)
* ECC key context management

* Stub keymgmt functions

* ECC keygen

* ECC import/export with named params

* Provider ECDSA

* ECDH stubs

* ECDH

* Refactor engine ECC

* Changes from RSA topic branch

* Cleanup for PR

* Cleanup

* Cleanup rebase

* Use SymCrypt curve for contexts

* Address PR comments

* Include paramter header in ecc_keymgmt header

* Check selection when duplicating EC keys

* Address PR comments

* Call SymCryptEckeyExtendKeyUsage in every EC sign/verify
2023-11-20 15:57:19 -08:00
Samuel Lee 7d069356f4
Fix public exponent in RSA key export (#67) 2023-10-13 15:04:23 -07:00
Maxwell McKee cc9d92869e
Provider RSA signature and encryption (#63)
* RSA keygen

* Remove dependency on BN

* Kery match and import export stubs

* Key import/export

* Use BN for RSA parameters

* Add libctx to provider base context

* Common RSA signature implementation

* RSA PKCS1 signatures

* Move all RSA code under one folder

* PSS sign/verify

* Full RSA support, needs cleanup

* Refactor engine asym ciphers to common implementation

* Refactor engine sign/verify to common implementation

* Refactor engine PSS to common implementation

* Refactor switch statement in pkcs1 sign/verify

* First pass cleanup

* First pass cleanup on provider code

* Fix 1_1_1 engine build

* Clean up nits

* Cleanup and refactor key export to common code

* Minor fix to engine build

* Correct RSA keymgmt function names

* Add static modifiers to keymgmt functions

* Fix parameter types for keymgmt query operations

* Address comments. Don't use aligned alloc for provider structs

* Address PR comments

* Fix RSA pss cases

* Update parameter styling

* Handle RSA sign/verify with no digest

* Remove support for RSA sign/verify without digest

* Cleanup and address comments
2023-08-04 15:47:11 -07:00
Samuel Lee 4038d139cd
Ensure that SymCrypt structures have sufficient alignment (#62)
* Ensure that SymCrypt structures have sufficient alignment

+ Previously SCOSSL would rely on allocations made by libcrypto being at
  least 16-byte aligned for 64-bit platforms. This was normally true, but
  in some environments where the allocator is modified, only 8-byte
  alignment was being provided.

* Address comments

+ Make macro variable names unambiguous and scoped
+ Fix provider AES without zero-ing allocation for the ctx
+ Fix typo

* Add compile-time assert to ensure aligned allocations make sense
2023-05-19 13:48:05 -07:00
Maxwell McKee 1e43d97679
Provider Ciphers and Rand (#60)
* Add ctr-drbg implementation

* Add AES-CBC implementation

* Add ECB

* Rename engine files to avoid conflicts with common files

* Add gcm support in provider

* Add AES CCM cipher

* Cleanup code

* Refactor cipher files, add XTS (disabled)

* Cleanup

* Remove unnecessary headers

* Clean up common code annotations

* Cleanup and mark unused parameters

* Further tidying

* Make provider base code more consistent with rest of code base

* Clean up includes

* Address first round of comments

* Address comments

* Address comments, add cfb

* Address comments

* Fix clang compilation error
2023-05-16 14:35:23 -07:00
Maxwell McKee d64329698f
Fetch alloc functions from in dispatch table (#61) 2023-03-27 17:54:28 -07:00
Petr Menšík f3332a5956
Cmake improvements (#58)
* Autodetect system-installed symcrypt library

Use pkg-config to find SymCrypt library in the system unless root
directory build were given as a variable. Make it fatal error unless any
of those were provided.

* Make openssl engines path configurable

Do not assume engines-1.1 is always the correct path. Allow simple
override with custom value. Useful for tests with OpenSSL 3.
2023-03-27 17:36:51 -07:00
Maxwell McKee 9425a3cbff
SymCrypt provider base (#57)
* Minimally viable provider

* Algorithm table stubs

* Stub out dispatch tables

* Prototype digests with macros

* Create common code

* Refactor common source files into library

* Stub remaining funciton tables

* SymCrypt init in provider init

* Add sha3 digests

* Macro definitions for common functions

* Clean up digest implementation based on default provider model

* Add SAL annotations to digests

* SAL annotate provider base

* Finish stubbing and cleanup

* Rename

* Add errors to provider

* Prefix scossl engine-specific names with e_

* Cleanup scossl_helpers

* Cleanup naming

* Additional cleanup

* Fix name change in digests

* Return scossl_failure for failure case

* Address PR comments

* Remove unnecessary checks
2023-03-02 10:51:34 -08:00
Samuel Lee 0d5c05dc9d
Update README for HMAC failure with unsupported digest (#56) 2022-12-29 12:21:54 -08:00
Samuel Lee bbc2ea7984
Revert "Intercept stitched AES-CBC + HMAC ciphers and disable them (#50)" (#55)
This reverts commit 948a1ddf65.
2022-12-28 18:06:09 -08:00
Samuel Lee 20931a2272
Explicitly remove stitched EVP ciphers from OpenSSL internal list (#54)
+ On SCOSSL bind, load all EVP ciphers and then remove the stitched
  ciphers that we do not support in SCOSSL. This is a workaround for
  callers using EVP_get_cipherbyname.
2022-12-13 10:52:05 -08:00
Samuel Lee 437db74a52
Fix RSA-PSS maximum salt length calculation (#53)
+ Previously was wrong when RSA keys had a modulus size in bits which is
  1 modulo 8. In this case using SCOSSL to sign/verify signatures with
  RSA_PSS_SALTLEN_MAX would fail with invalid argument error in SymCrypt
  + Problem is with calculating length of EM as per RFC 3447 section 8.1.1 (step 1) - "Note that the octet length of EM will be one less than k if modBits - 1 is divisible by 8 and equal to k otherwise."
+ Amend SslPlay testcases to test this corner case
2022-10-27 15:20:31 -07:00
Çağdaş Çalık 4d63edf42f
Add SSH-KDF support to Engine (#52)
+ Add SSH-KDF support to Engine. SSH-KDF implementation is disabled by default and can be enabled by adding -DSCOSSL_SSHKDF=1 argument to CMake. OpenSSL source code is required in the build process.
2022-09-22 15:53:10 -07:00
Çağdaş Çalık afb362219b
Add HMAC support to Engine (#51)
* Initial implementation

* Add test case for recomputing tag with the same key
Revert to OpenSSL hmac_ctrl_str implementation

* Add comments to the scossl_hmac_ctrl function
2022-09-15 11:44:25 -07:00
Samuel Lee 948a1ddf65
Intercept stitched AES-CBC + HMAC ciphers and disable them (#50)
+ This means libssl will have to call AES-CBC and HMAC separately, which
  is easier for us to route to SymCrypt
2022-08-30 23:07:34 +01:00
Mitch Lindgren a44b1ea9ee
Merge pull request #49 from microsoft/mitchl-dbg-flag
Do not set -DDBG=1 when build type is RelWithDebInfo
2022-08-02 11:58:19 -07:00
Mitch Lindgren b0da23a6cb Do not set -DDBG=1 when build type is RelWithDebInfo 2022-08-01 15:00:02 -07:00
Samuel Lee 6e95a781ff
Use new SymCrypt flags to specify asymmetric key purposes (#48)
+ Avoid crash on invalid RSA-PSS input
+ Avoid double free if Engine is destroyed multiple times
+ Tweak AES-GCM to only Finalize when passed in pointer of NULL
2022-06-06 13:46:44 +01:00
Samuel Lee b1e5905b76
Avoid redundant EC_KEY tests on key generation (#45)
+ Use EC_KEY_set_public_key with an EC_POINT created by SCOSSL, rather
  than using EC_KEY_set_public_key_affine_coordinates, which also
  performs validation that SymCrypt has already taken care of
2022-05-20 16:28:08 +01:00
Samuel Lee 055d83b469
Ensure method flags are compatible with FIPS mode OpenSSL (#46)
+ Copy flags from base methods for RSA and EVP methods
+ Specify the normally unused FIPS flags for ciphers and digests
2022-05-03 18:57:57 +01:00
Samuel Lee 2962228927
Add selftest flags for RSA, ECC and DH (#44) 2022-03-29 17:52:09 +01:00
Samuel Lee 2c8958b922
Set AES-GCM operationInProgress to 0 when IV is explicitly set (#43)
+ This is required for EVP_CIPHER_CTX reuse with different IVs, should
  fix bug observed in OpenSSH
2022-02-17 12:13:06 +00:00