logo

oasis

Own branch of Oasis Linux (upstream: <https://git.sr.ht/~mcf/oasis/>) git clone https://anongit.hacktivis.me/git/oasis.git

0002-Add-support-for-BearSSL-crypto.patch (24018B)


  1. From ca1cd33d7a07b3344d031d9119064c2b12de8e03 Mon Sep 17 00:00:00 2001
  2. From: Michael Forney <mforney@mforney.org>
  3. Date: Wed, 1 Dec 2021 12:42:00 -0800
  4. Subject: [PATCH] Add support for BearSSL crypto
  5. ---
  6. config.h.in | 3 +
  7. configure | 50 ++++-
  8. configure.ac | 43 ++++-
  9. daemon/unbound.c | 2 +
  10. util/configparser.c | 4 +-
  11. util/configparser.y | 4 +-
  12. util/random.c | 46 ++++-
  13. validator/val_secalgo.c | 382 ++++++++++++++++++++++++++++++++++++++-
  14. validator/val_sigcrypt.c | 2 +-
  15. 9 files changed, 514 insertions(+), 22 deletions(-)
  16. diff --git a/config.h.in b/config.h.in
  17. index e8a26735..6b0b1c50 100644
  18. --- a/config.h.in
  19. +++ b/config.h.in
  20. @@ -72,6 +72,9 @@
  21. /* If we have be64toh */
  22. #undef HAVE_BE64TOH
  23. +/* Use bearssl for crypto */
  24. +#undef HAVE_BEARSSL
  25. +
  26. /* Define to 1 if you have the `BIO_set_callback_ex' function. */
  27. #undef HAVE_BIO_SET_CALLBACK_EX
  28. diff --git a/configure b/configure
  29. index 0e964568..9c33d22f 100755
  30. --- a/configure
  31. +++ b/configure
  32. @@ -871,6 +871,7 @@ with_pythonmodule
  33. enable_swig_version_check
  34. with_nss
  35. with_nettle
  36. +with_bearssl
  37. with_ssl
  38. with_libbsd
  39. enable_sha1
  40. @@ -1649,6 +1650,7 @@ Optional Packages:
  41. disable script engine. (default=no)
  42. --with-nss=path use libnss instead of openssl, installed at path.
  43. --with-nettle=path use libnettle as crypto library, installed at path.
  44. + --with-bearssl=path use bearssl as crypto library, installed at path.
  45. --with-ssl=pathname enable SSL (will check /usr/local/ssl /usr/lib/ssl
  46. /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw
  47. /usr or specify like /usr/include/openssl11)
  48. @@ -17981,11 +17983,35 @@ done
  49. +fi
  50. +
  51. +
  52. +# bearssl
  53. +USE_BEARSSL="no"
  54. +
  55. +# Check whether --with-bearssl was given.
  56. +if test ${with_bearssl+y}
  57. +then :
  58. + withval=$with_bearssl;
  59. + USE_BEARSSL="yes"
  60. +
  61. +printf "%s\n" "#define HAVE_BEARSSL 1" >>confdefs.h
  62. +
  63. + if test "$withval" != "" -a "$withval" != "yes"; then
  64. + CPPFLAGS="$CPPFLAGS -I$withval/include"
  65. + LDFLAGS="$LDFLAGS -L$withval/lib"
  66. + fi
  67. + LIBS="$LIBS -lbearssl"
  68. + SSLLIB=""
  69. + PC_CRYPTO_DEPENDENCY=""
  70. +
  71. +
  72. +
  73. fi
  74. # openssl
  75. -if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
  76. +if test $USE_NSS = "no" -a $USE_NETTLE = "no" -a $USE_BEARSSL = "no"; then
  77. # Check whether --with-ssl was given.
  78. @@ -18790,7 +18816,7 @@ if test "${enable_gost+set}" = set; then :
  79. fi
  80. use_gost="no"
  81. -if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
  82. +if test $USE_NSS = "no" -a $USE_NETTLE = "no" -a $USE_BEARSSL = "no"; then
  83. case "$enable_gost" in
  84. no)
  85. ;;
  86. @@ -18943,7 +18969,7 @@ case "$enable_ecdsa" in
  87. no)
  88. ;;
  89. *)
  90. - if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
  91. + if test $USE_NSS = "no" -a $USE_NETTLE = "no" -a $USE_BEARSSL = "no"; then
  92. ac_fn_c_check_func "$LINENO" "ECDSA_sign" "ac_cv_func_ECDSA_sign"
  93. if test "x$ac_cv_func_ECDSA_sign" = xyes; then :
  94. @@ -19036,7 +19062,7 @@ use_dsa="no"
  95. case "$enable_dsa" in
  96. yes)
  97. # detect if DSA is supported, and turn it off if not.
  98. - if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
  99. + if test $USE_NSS = "no" -a $USE_NETTLE = "no" -a $USE_BEARSSL = "no"; then
  100. ac_fn_c_check_func "$LINENO" "DSA_SIG_new" "ac_cv_func_DSA_SIG_new"
  101. if test "x$ac_cv_func_DSA_SIG_new" = xyes; then :
  102. @@ -19080,6 +19106,9 @@ else
  103. fi
  104. else
  105. + if test $USE_BEARSSL = "yes"; then
  106. + as_fn_error $? "BearSSL does not support DSA and you used --enable-dsa." "$LINENO" 5
  107. + fi
  108. cat >>confdefs.h <<_ACEOF
  109. #define USE_DSA 1
  110. @@ -19115,7 +19144,7 @@ case "$enable_ed25519" in
  111. no)
  112. ;;
  113. *)
  114. - if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
  115. + if test $USE_NSS = "no" -a $USE_NETTLE = "no" -a $USE_BEARSSL = "no"; then
  116. ac_fn_c_check_decl "$LINENO" "NID_ED25519" "ac_cv_have_decl_NID_ED25519" "$ac_includes_default
  117. #include <openssl/evp.h>
  118. @@ -19139,6 +19168,9 @@ else
  119. fi
  120. fi
  121. + if test $USE_BEARSSL = "yes"; then
  122. + as_fn_error $? "BearSSL does not support Ed25519 and you used --enable-ed25519." "$LINENO" 5
  123. + fi
  124. if test $USE_NETTLE = "yes"; then
  125. for ac_header in nettle/eddsa.h
  126. do :
  127. @@ -19174,7 +19206,7 @@ case "$enable_ed448" in
  128. no)
  129. ;;
  130. *)
  131. - if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
  132. + if test $USE_NSS = "no" -a $USE_NETTLE = "no" -a $USE_BEARSSL = "no"; then
  133. ac_fn_c_check_decl "$LINENO" "NID_ED448" "ac_cv_have_decl_NID_ED448" "$ac_includes_default
  134. #include <openssl/evp.h>
  135. @@ -19198,6 +19230,9 @@ else
  136. fi
  137. fi
  138. + if test $USE_BEARSSL = "yes"; then
  139. + as_fn_error $? "BearSSL does not support Ed448 and you used --enable-ed448." "$LINENO" 5
  140. + fi
  141. if test $use_ed448 = "yes"; then
  142. cat >>confdefs.h <<_ACEOF
  143. @@ -21744,6 +21779,9 @@ if test $ALLTARGET = "alltargets"; then
  144. if test $USE_NETTLE = "yes"; then
  145. as_fn_error $? "--with-nettle can only be used in combination with --with-libunbound-only." "$LINENO" 5
  146. fi
  147. + if test $USE_BEARSSL = "yes"; then
  148. + as_fn_error $? "--with-bearssl can only be used in combination with --with-libunbound-only." "$LINENO" 5
  149. + fi
  150. fi
  151. diff --git a/configure.ac b/configure.ac
  152. index 36fdb459..9e15aee4 100644
  153. --- a/configure.ac
  154. +++ b/configure.ac
  155. @@ -835,8 +835,25 @@ AC_ARG_WITH([nettle], AS_HELP_STRING([--with-nettle=path],[use libnettle as cryp
  156. ]
  157. )
  158. +# bearssl
  159. +USE_BEARSSL="no"
  160. +AC_ARG_WITH([bearssl], AS_HELP_STRING([--with-bearssl=path],[use bearssl as crypto library, installed at path.]),
  161. + [
  162. + USE_BEARSSL="yes"
  163. + AC_DEFINE(HAVE_BEARSSL, 1, [Use bearssl for crypto])
  164. + if test "$withval" != "" -a "$withval" != "yes"; then
  165. + CPPFLAGS="$CPPFLAGS -I$withval/include"
  166. + LDFLAGS="$LDFLAGS -L$withval/lib"
  167. + fi
  168. + LIBS="$LIBS -lbearssl"
  169. + SSLLIB=""
  170. + PC_CRYPTO_DEPENDENCY=""
  171. + AC_SUBST(PC_CRYPTO_DEPENDENCY)
  172. + ]
  173. +)
  174. +
  175. # openssl
  176. -if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
  177. +if test $USE_NSS = "no" -a $USE_NETTLE = "no" -a $USE_BEARSSL = "no"; then
  178. ACX_WITH_SSL
  179. ACX_LIB_SSL
  180. SSLLIB="-lssl"
  181. @@ -1084,7 +1101,7 @@ AC_MSG_RESULT($ac_cv_c_gost_works)
  182. AC_ARG_ENABLE(gost, AS_HELP_STRING([--disable-gost],[Disable GOST support]))
  183. use_gost="no"
  184. -if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
  185. +if test $USE_NSS = "no" -a $USE_NETTLE = "no" -a $USE_BEARSSL = "no"; then
  186. case "$enable_gost" in
  187. no)
  188. ;;
  189. @@ -1098,7 +1115,7 @@ case "$enable_gost" in
  190. fi
  191. ;;
  192. esac
  193. -fi dnl !USE_NSS && !USE_NETTLE
  194. +fi dnl !USE_NSS && !USE_NETTLE && !USE_BEARSSL
  195. AC_ARG_ENABLE(ecdsa, AS_HELP_STRING([--disable-ecdsa],[Disable ECDSA support]))
  196. use_ecdsa="no"
  197. @@ -1106,7 +1123,7 @@ case "$enable_ecdsa" in
  198. no)
  199. ;;
  200. *)
  201. - if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
  202. + if test $USE_NSS = "no" -a $USE_NETTLE = "no" -a $USE_BEARSSL = "no"; then
  203. AC_CHECK_FUNC(ECDSA_sign, [], [AC_MSG_ERROR([OpenSSL does not support ECDSA: please upgrade or rerun with --disable-ecdsa])])
  204. AC_CHECK_FUNC(SHA384_Init, [], [AC_MSG_ERROR([OpenSSL does not support SHA384: please upgrade or rerun with --disable-ecdsa])])
  205. AC_CHECK_DECLS([NID_X9_62_prime256v1, NID_secp384r1], [], [AC_MSG_ERROR([OpenSSL does not support the ECDSA curves: please upgrade or rerun with --disable-ecdsa])], [AC_INCLUDES_DEFAULT
  206. @@ -1137,7 +1154,7 @@ use_dsa="no"
  207. case "$enable_dsa" in
  208. yes)
  209. # detect if DSA is supported, and turn it off if not.
  210. - if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
  211. + if test $USE_NSS = "no" -a $USE_NETTLE = "no" -a $USE_BEARSSL = "no"; then
  212. AC_CHECK_FUNC(DSA_SIG_new, [
  213. AC_CHECK_TYPE(DSA_SIG*, [
  214. AC_DEFINE_UNQUOTED([USE_DSA], [1], [Define this to enable DSA support.])
  215. @@ -1163,6 +1180,9 @@ AC_INCLUDES_DEFAULT
  216. ], [if test "x$enable_dsa" = "xyes"; then AC_MSG_ERROR([OpenSSL does not support DSA and you used --enable-dsa.])
  217. fi ])
  218. else
  219. + if test $USE_BEARSSL = "yes"; then
  220. + AC_MSG_ERROR([BearSSL does not support DSA and you used --enable-dsa.])
  221. + fi
  222. AC_DEFINE_UNQUOTED([USE_DSA], [1], [Define this to enable DSA support.])
  223. fi
  224. ;;
  225. @@ -1183,7 +1203,7 @@ case "$enable_ed25519" in
  226. no)
  227. ;;
  228. *)
  229. - if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
  230. + if test $USE_NSS = "no" -a $USE_NETTLE = "no" -a $USE_BEARSSL = "no"; then
  231. AC_CHECK_DECLS([NID_ED25519], [
  232. use_ed25519="yes"
  233. ], [ if test "x$enable_ed25519" = "xyes"; then AC_MSG_ERROR([OpenSSL does not support ED25519 and you used --enable-ed25519.])
  234. @@ -1191,6 +1211,9 @@ case "$enable_ed25519" in
  235. #include <openssl/evp.h>
  236. ])
  237. fi
  238. + if test $USE_BEARSSL = "yes"; then
  239. + AC_MSG_ERROR([BearSSL does not support Ed25519 and you used --enable-ed25519.])
  240. + fi
  241. if test $USE_NETTLE = "yes"; then
  242. AC_CHECK_HEADERS([nettle/eddsa.h], use_ed25519="yes",, [AC_INCLUDES_DEFAULT])
  243. fi
  244. @@ -1206,7 +1229,7 @@ case "$enable_ed448" in
  245. no)
  246. ;;
  247. *)
  248. - if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
  249. + if test $USE_NSS = "no" -a $USE_NETTLE = "no" -a $USE_BEARSSL = "no"; then
  250. AC_CHECK_DECLS([NID_ED448], [
  251. use_ed448="yes"
  252. ], [ if test "x$enable_ed448" = "xyes"; then AC_MSG_ERROR([OpenSSL does not support ED448 and you used --enable-ed448.])
  253. @@ -1214,6 +1237,9 @@ case "$enable_ed448" in
  254. #include <openssl/evp.h>
  255. ])
  256. fi
  257. + if test $USE_BEARSSL = "yes"; then
  258. + AC_MSG_ERROR([BearSSL does not support Ed448 and you used --enable-ed448.])
  259. + fi
  260. if test $use_ed448 = "yes"; then
  261. AC_DEFINE_UNQUOTED([USE_ED448], [1], [Define this to enable ED448 support.])
  262. fi
  263. @@ -1937,6 +1963,9 @@ if test $ALLTARGET = "alltargets"; then
  264. if test $USE_NETTLE = "yes"; then
  265. AC_MSG_ERROR([--with-nettle can only be used in combination with --with-libunbound-only.])
  266. fi
  267. + if test $USE_BEARSSL = "yes"; then
  268. + AC_MSG_ERROR([--with-bearssl can only be used in combination with --with-libunbound-only.])
  269. + fi
  270. fi
  271. AC_SUBST(ALLTARGET)
  272. diff --git a/daemon/unbound.c b/daemon/unbound.c
  273. index 457a0803..1a31bb3e 100644
  274. --- a/daemon/unbound.c
  275. +++ b/daemon/unbound.c
  276. @@ -121,6 +121,8 @@ print_build_options(void)
  277. NSS_GetVersion()
  278. #elif defined(HAVE_NETTLE)
  279. "nettle"
  280. +#elif defined(HAVE_BEARSSL)
  281. + "bearssl"
  282. #endif
  283. );
  284. printf("Linked modules:");
  285. diff --git a/util/configparser.c b/util/configparser.c
  286. index 2f155650..f2749753 100644
  287. --- a/util/configparser.c
  288. +++ b/util/configparser.c
  289. @@ -5649,7 +5649,7 @@ yyreduce:
  290. OUTYY(("P(server_fake_dsa:%s)\n", (yyvsp[0].str)));
  291. if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0)
  292. yyerror("expected yes or no.");
  293. -#if defined(HAVE_SSL) || defined(HAVE_NETTLE)
  294. +#if defined(HAVE_SSL) || defined(HAVE_NETTLE) || defined(HAVE_BEARSSL)
  295. else fake_dsa = (strcmp((yyvsp[0].str), "yes")==0);
  296. if(fake_dsa)
  297. log_warn("test option fake_dsa is enabled");
  298. @@ -5665,7 +5665,7 @@ yyreduce:
  299. OUTYY(("P(server_fake_sha1:%s)\n", (yyvsp[0].str)));
  300. if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0)
  301. yyerror("expected yes or no.");
  302. -#if defined(HAVE_SSL) || defined(HAVE_NETTLE)
  303. +#if defined(HAVE_SSL) || defined(HAVE_NETTLE) || defined(HAVE_BEARSSL)
  304. else fake_sha1 = (strcmp((yyvsp[0].str), "yes")==0);
  305. if(fake_sha1)
  306. log_warn("test option fake_sha1 is enabled");
  307. diff --git a/util/configparser.y b/util/configparser.y
  308. index 1daf853d..844c175e 100644
  309. --- a/util/configparser.y
  310. +++ b/util/configparser.y
  311. @@ -2028,7 +2028,7 @@ server_fake_dsa: VAR_FAKE_DSA STRING_ARG
  312. OUTYY(("P(server_fake_dsa:%s)\n", $2));
  313. if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
  314. yyerror("expected yes or no.");
  315. -#if defined(HAVE_SSL) || defined(HAVE_NETTLE)
  316. +#if defined(HAVE_SSL) || defined(HAVE_NETTLE) || defined(HAVE_BEARSSL)
  317. else fake_dsa = (strcmp($2, "yes")==0);
  318. if(fake_dsa)
  319. log_warn("test option fake_dsa is enabled");
  320. @@ -2041,7 +2041,7 @@ server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG
  321. OUTYY(("P(server_fake_sha1:%s)\n", $2));
  322. if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
  323. yyerror("expected yes or no.");
  324. -#if defined(HAVE_SSL) || defined(HAVE_NETTLE)
  325. +#if defined(HAVE_SSL) || defined(HAVE_NETTLE) || defined(HAVE_BEARSSL)
  326. else fake_sha1 = (strcmp($2, "yes")==0);
  327. if(fake_sha1)
  328. log_warn("test option fake_sha1 is enabled");
  329. diff --git a/util/random.c b/util/random.c
  330. index f7bb0a6f..6bce2f62 100644
  331. --- a/util/random.c
  332. +++ b/util/random.c
  333. @@ -183,10 +183,52 @@ long int ub_random(struct ub_randstate* s)
  334. }
  335. return x & MAX_VALUE;
  336. }
  337. -#endif /* HAVE_SSL or HAVE_LIBBSD or HAVE_NSS or HAVE_NETTLE */
  338. +#elif defined(HAVE_BEARSSL)
  339. -#if (defined(HAVE_NSS) || defined(HAVE_NETTLE)) && !defined(HAVE_LIBBSD)
  340. +#include <bearssl.h>
  341. +
  342. +struct ub_randstate {
  343. + br_hmac_drbg_context ctx;
  344. + int seeded;
  345. +};
  346. +
  347. +struct ub_randstate* ub_initstate(struct ub_randstate* ATTR_UNUSED(from))
  348. +{
  349. + struct ub_randstate* s = (struct ub_randstate*)calloc(1, sizeof(*s));
  350. + unsigned char buf[32];
  351. + if(!s) {
  352. + log_err("malloc failure in random init");
  353. + return NULL;
  354. + }
  355. + if(getentropy(buf, sizeof(buf)) == 0) {
  356. + /* got entropy */
  357. + br_hmac_drbg_init(&s->ctx, &br_sha256_vtable, buf, sizeof(buf));
  358. + s->seeded = 1;
  359. + } else {
  360. + log_err("bearssl random(hmac-drbg) cannot initialize, "
  361. + "getentropy failed: %s", strerror(errno));
  362. + free(s);
  363. + return NULL;
  364. + }
  365. +
  366. + return s;
  367. +}
  368. +
  369. +long int ub_random(struct ub_randstate* s)
  370. +{
  371. + unsigned long x = 0;
  372. + if (!s || !s->seeded) {
  373. + log_err("couldn't generate randomness, hmac-drbg generator not yet seeded");
  374. + } else {
  375. + br_hmac_drbg_generate(&s->ctx, (unsigned char *)&x, sizeof(x));
  376. + }
  377. + return x & MAX_VALUE;
  378. +}
  379. +
  380. +#endif /* HAVE_SSL or HAVE_LIBBSD or HAVE_NSS or HAVE_NETTLE or HAVE_BEARSSL */
  381. +
  382. +#if (defined(HAVE_NSS) || defined(HAVE_NETTLE) || defined(HAVE_BEARSSL)) && !defined(HAVE_LIBBSD)
  383. long int
  384. ub_random_max(struct ub_randstate* state, long int x)
  385. {
  386. diff --git a/validator/val_secalgo.c b/validator/val_secalgo.c
  387. index 7abf66f0..aa20b57b 100644
  388. --- a/validator/val_secalgo.c
  389. +++ b/validator/val_secalgo.c
  390. @@ -50,7 +50,7 @@
  391. #include "sldns/keyraw.h"
  392. #include "sldns/sbuffer.h"
  393. -#if !defined(HAVE_SSL) && !defined(HAVE_NSS) && !defined(HAVE_NETTLE)
  394. +#if !defined(HAVE_SSL) && !defined(HAVE_NSS) && !defined(HAVE_NETTLE) && !defined(HAVE_BEARSSL)
  395. #error "Need crypto library to do digital signature cryptography"
  396. #endif
  397. @@ -2067,4 +2067,382 @@ verify_canonrrset(sldns_buffer* buf, int algo, unsigned char* sigblock,
  398. }
  399. }
  400. -#endif /* HAVE_SSL or HAVE_NSS or HAVE_NETTLE */
  401. +#elif defined(HAVE_BEARSSL)
  402. +
  403. +#include <bearssl.h>
  404. +
  405. +/* return size of digest if supported, or 0 otherwise */
  406. +size_t
  407. +nsec3_hash_algo_size_supported(int id)
  408. +{
  409. + switch(id) {
  410. + case NSEC3_HASH_SHA1:
  411. + return br_sha1_SIZE;
  412. + default:
  413. + return 0;
  414. + }
  415. +}
  416. +
  417. +/* perform nsec3 hash. return false on failure */
  418. +int
  419. +secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len,
  420. + unsigned char* res)
  421. +{
  422. + br_hash_compat_context ctx;
  423. +
  424. + switch(algo) {
  425. + case NSEC3_HASH_SHA1:
  426. + br_sha1_init(&ctx.sha1);
  427. + br_sha1_update(&ctx.sha1, buf, len);
  428. + br_sha1_out(&ctx.sha1, res);
  429. + return 1;
  430. + default:
  431. + return 0;
  432. + }
  433. +}
  434. +
  435. +void
  436. +secalgo_hash_sha256(unsigned char* buf, size_t len, unsigned char* res)
  437. +{
  438. + br_sha256_context ctx;
  439. +
  440. + br_sha256_init(&ctx);
  441. + br_sha256_update(&ctx, buf, len);
  442. + br_sha256_out(&ctx, res);
  443. +}
  444. +
  445. +/** hash structure for keeping track of running hashes */
  446. +struct secalgo_hash {
  447. + br_hash_compat_context ctx;
  448. +};
  449. +
  450. +/** create secalgo hash with hash type */
  451. +static struct secalgo_hash* secalgo_hash_create(const br_hash_class *vtable)
  452. +{
  453. + struct secalgo_hash* h;
  454. + h = calloc(1, sizeof(*h));
  455. + if(!h)
  456. + return NULL;
  457. + vtable->init(&h->ctx.vtable);
  458. + return h;
  459. +}
  460. +
  461. +struct secalgo_hash* secalgo_hash_create_sha384(void)
  462. +{
  463. + return secalgo_hash_create(&br_sha384_vtable);
  464. +}
  465. +
  466. +struct secalgo_hash* secalgo_hash_create_sha512(void)
  467. +{
  468. + return secalgo_hash_create(&br_sha512_vtable);
  469. +}
  470. +
  471. +int secalgo_hash_update(struct secalgo_hash* hash, uint8_t* data, size_t len)
  472. +{
  473. + hash->ctx.vtable->update(&hash->ctx.vtable, data, len);
  474. + return 1;
  475. +}
  476. +
  477. +int secalgo_hash_final(struct secalgo_hash* hash, uint8_t* result,
  478. + size_t maxlen, size_t* resultlen)
  479. +{
  480. + size_t len;
  481. +
  482. + hash->ctx.vtable->out(&hash->ctx.vtable, result);
  483. + len = hash->ctx.vtable->desc >> BR_HASHDESC_OUT_OFF & BR_HASHDESC_OUT_MASK;
  484. + if(len > maxlen) {
  485. + *resultlen = 0;
  486. + log_err("secalgo_hash_final: hash buffer too small");
  487. + return 0;
  488. + }
  489. + hash->ctx.vtable->out(&hash->ctx.vtable, result);
  490. + *resultlen = len;
  491. + return 1;
  492. +}
  493. +
  494. +void secalgo_hash_delete(struct secalgo_hash* hash)
  495. +{
  496. + if(!hash) return;
  497. + free(hash);
  498. +}
  499. +
  500. +size_t
  501. +ds_digest_size_supported(int algo)
  502. +{
  503. + switch(algo) {
  504. + case LDNS_SHA1:
  505. +#ifdef USE_SHA1
  506. + return br_sha1_SIZE;
  507. +#else
  508. + if(fake_sha1) return 20;
  509. + return 0;
  510. +#endif
  511. +#ifdef USE_SHA2
  512. + case LDNS_SHA256:
  513. + return br_sha256_SIZE;
  514. +#endif
  515. +#ifdef USE_ECDSA
  516. + case LDNS_SHA384:
  517. + return br_sha384_SIZE;
  518. +#endif
  519. + }
  520. + return 0;
  521. +}
  522. +
  523. +int
  524. +secalgo_ds_digest(int algo, unsigned char* buf, size_t len,
  525. + unsigned char* res)
  526. +{
  527. + br_hash_compat_context ctx;
  528. +
  529. + switch(algo) {
  530. +#ifdef USE_SHA1
  531. + case LDNS_SHA1:
  532. + br_sha1_init(&ctx.sha1);
  533. + br_sha1_update(&ctx.sha1, buf, len);
  534. + br_sha1_out(&ctx.sha1, res);
  535. + return 1;
  536. +#endif
  537. +#ifdef USE_SHA2
  538. + case LDNS_SHA256:
  539. + br_sha256_init(&ctx.sha256);
  540. + br_sha256_update(&ctx.sha256, buf, len);
  541. + br_sha256_out(&ctx.sha256, res);
  542. + return 1;
  543. +#endif
  544. +#ifdef USE_ECDSA
  545. + case LDNS_SHA384:
  546. + br_sha384_init(&ctx.sha384);
  547. + br_sha384_update(&ctx.sha384, buf, len);
  548. + br_sha384_out(&ctx.sha384, res);
  549. + return 1;
  550. +#endif
  551. + default:
  552. + verbose(VERB_QUERY, "unknown DS digest algorithm %d", algo);
  553. + break;
  554. + }
  555. + return 0;
  556. +}
  557. +
  558. +int
  559. +dnskey_algo_id_is_supported(int id)
  560. +{
  561. + switch(id) {
  562. + case LDNS_DSA:
  563. + case LDNS_DSA_NSEC3:
  564. + if(fake_dsa || fake_sha1) return 1;
  565. + return 0;
  566. + case LDNS_RSASHA1:
  567. + case LDNS_RSASHA1_NSEC3:
  568. +#ifdef USE_SHA1
  569. + return 1;
  570. +#else
  571. + if(fake_sha1) return 1;
  572. + return 0;
  573. +#endif
  574. +#ifdef USE_SHA2
  575. + case LDNS_RSASHA256:
  576. + case LDNS_RSASHA512:
  577. +#endif
  578. +#ifdef USE_ECDSA
  579. + case LDNS_ECDSAP256SHA256:
  580. + case LDNS_ECDSAP384SHA384:
  581. +#endif
  582. +#if defined(USE_SHA1) || defined(USE_SHA2)
  583. + return 1;
  584. +#endif
  585. +
  586. + default:
  587. + return 0;
  588. + }
  589. +}
  590. +
  591. +#if defined(USE_SHA1) || defined(USE_SHA2)
  592. +static char *
  593. +_verify_bearssl_rsa(sldns_buffer* buf, const unsigned char* hash,
  594. + size_t hashlen, const unsigned char* oid, const unsigned char* sig,
  595. + size_t siglen, unsigned char* key, size_t keylen)
  596. +{
  597. + br_rsa_public_key pubkey;
  598. + unsigned char sighash[64];
  599. +
  600. + /* RSA pubkey parsing as per RFC 3110 sec. 2 */
  601. + if(keylen <= 1) {
  602. + return "null RSA key";
  603. + }
  604. + if (key[0] != 0) {
  605. + /* 1-byte length */
  606. + pubkey.e = key + 1;
  607. + pubkey.elen = key[0];
  608. + } else {
  609. + /* 1-byte NUL + 2-bytes exponent length */
  610. + if (keylen < 3) {
  611. + return "incorrect RSA key length";
  612. + }
  613. + pubkey.e = key + 3;
  614. + pubkey.elen = (unsigned)key[1] << 8 | (unsigned)key[2];
  615. + if (pubkey.elen == 0)
  616. + return "null RSA exponent length";
  617. + }
  618. + /* Check that we are not over-running input length */
  619. + if (keylen < (pubkey.e - key) + pubkey.elen + 1) {
  620. + return "RSA key content shorter than expected";
  621. + }
  622. + pubkey.n = pubkey.e + pubkey.elen;
  623. + pubkey.nlen = keylen - (pubkey.n - key);
  624. +
  625. + if (br_rsa_pkcs1_vrfy_get_default()(sig, siglen, oid, hashlen, &pubkey,
  626. + sighash) != 1 || memcmp(hash, sighash, hashlen) != 0) {
  627. + return "RSA signature verification failed";
  628. + } else {
  629. + return NULL;
  630. + }
  631. +}
  632. +#endif
  633. +
  634. +#ifdef USE_ECDSA
  635. +static char *
  636. +_verify_bearssl_ecdsa(sldns_buffer* buf, int algo, const unsigned char* hash,
  637. + size_t hashlen, const unsigned char* sig, size_t siglen,
  638. + unsigned char* key, size_t keylen)
  639. +{
  640. + br_ec_public_key pubkey;
  641. + unsigned char q[97];
  642. +
  643. + /* uncompressed point format */
  644. + q[0] = 4;
  645. + switch(algo) {
  646. + case LDNS_ECDSAP256SHA256:
  647. + pubkey.curve = BR_EC_secp256r1;
  648. + if (keylen != 64) {
  649. + return "incorrect ECDSA P-256 key length";
  650. + }
  651. + memcpy(q + 1, key, 64);
  652. + break;
  653. + case LDNS_ECDSAP384SHA384:
  654. + pubkey.curve = BR_EC_secp384r1;
  655. + if (keylen != 96) {
  656. + return "incorrect ECDSA P-384 key length";
  657. + }
  658. + memcpy(q + 1, key, 96);
  659. + break;
  660. + default:
  661. + return "unsupported ECDSA algorithm";
  662. + }
  663. + pubkey.q = q;
  664. + pubkey.qlen = 1 + keylen;
  665. +
  666. + if (br_ecdsa_vrfy_raw_get_default()(br_ec_get_default(), hash, hashlen,
  667. + &pubkey, sig, siglen) != 1) {
  668. + return "ECDSA signature verification failed";
  669. + } else {
  670. + return NULL;
  671. + }
  672. +}
  673. +#endif
  674. +
  675. +/**
  676. + * Check a canonical sig+rrset and signature against a dnskey
  677. + * @param buf: buffer with data to verify, the first rrsig part and the
  678. + * canonicalized rrset.
  679. + * @param algo: DNSKEY algorithm.
  680. + * @param sigblock: signature rdata field from RRSIG
  681. + * @param sigblock_len: length of sigblock data.
  682. + * @param key: public key data from DNSKEY RR.
  683. + * @param keylen: length of keydata.
  684. + * @param reason: bogus reason in more detail.
  685. + * @return secure if verification succeeded, bogus on crypto failure,
  686. + * unchecked on format errors and alloc failures.
  687. + */
  688. +enum sec_status
  689. +verify_canonrrset(sldns_buffer* buf, int algo, unsigned char* sig,
  690. + unsigned int siglen, unsigned char* key, unsigned int keylen,
  691. + char** reason)
  692. +{
  693. + br_hash_compat_context ctx;
  694. + const unsigned char *oid;
  695. + unsigned char hash[64];
  696. + size_t hashlen;
  697. +
  698. + if (siglen == 0 || keylen == 0) {
  699. + *reason = "null signature";
  700. + return sec_status_bogus;
  701. + }
  702. +
  703. +#ifndef USE_DSA
  704. + if((algo == LDNS_DSA || algo == LDNS_DSA_NSEC3) && (fake_dsa || fake_sha1))
  705. + return sec_status_secure;
  706. +#endif
  707. +#ifndef USE_SHA1
  708. + if(fake_sha1 && (algo == LDNS_DSA || algo == LDNS_DSA_NSEC3 || algo == LDNS_RSASHA1 || algo == LDNS_RSASHA1_NSEC3))
  709. + return sec_status_secure;
  710. +#endif
  711. +
  712. + switch(algo) {
  713. +#ifdef USE_SHA1
  714. + case LDNS_RSASHA1:
  715. + case LDNS_RSASHA1_NSEC3:
  716. + ctx.vtable = &br_sha1_vtable;
  717. + oid = BR_HASH_OID_SHA1;
  718. + break;
  719. +#endif
  720. +#ifdef USE_SHA2
  721. + case LDNS_RSASHA256:
  722. + ctx.vtable = &br_sha256_vtable;
  723. + oid = BR_HASH_OID_SHA256;
  724. + break;
  725. + case LDNS_RSASHA512:
  726. + ctx.vtable = &br_sha512_vtable;
  727. + oid = BR_HASH_OID_SHA512;
  728. + break;
  729. +#endif
  730. +#ifdef USE_ECDSA
  731. + case LDNS_ECDSAP256SHA256:
  732. + ctx.vtable = &br_sha256_vtable;
  733. + break;
  734. + case LDNS_ECDSAP384SHA384:
  735. + ctx.vtable = &br_sha384_vtable;
  736. + break;
  737. +#endif
  738. + default:
  739. + *reason = "unable to verify signature, unknown algorithm";
  740. + return sec_status_bogus;
  741. + }
  742. +
  743. + ctx.vtable->init(&ctx.vtable);
  744. + ctx.vtable->update(&ctx.vtable, sldns_buffer_begin(buf), sldns_buffer_limit(buf));
  745. + ctx.vtable->out(&ctx.vtable, hash);
  746. + hashlen = ctx.vtable->desc >> BR_HASHDESC_OUT_OFF & BR_HASHDESC_OUT_MASK;
  747. +
  748. + switch(algo) {
  749. +#if defined(USE_SHA1) || defined(USE_SHA2)
  750. +#ifdef USE_SHA1
  751. + case LDNS_RSASHA1:
  752. + case LDNS_RSASHA1_NSEC3:
  753. +#endif
  754. +#ifdef USE_SHA2
  755. + case LDNS_RSASHA256:
  756. + case LDNS_RSASHA512:
  757. +#endif
  758. + *reason = _verify_bearssl_rsa(buf, hash, hashlen, oid, sig,
  759. + siglen, key, keylen);
  760. + break;
  761. +#endif
  762. +#ifdef USE_ECDSA
  763. + case LDNS_ECDSAP256SHA256:
  764. + case LDNS_ECDSAP384SHA384:
  765. + *reason = _verify_bearssl_ecdsa(buf, algo, hash, hashlen,
  766. + sig, siglen, key, keylen);
  767. + break;
  768. +#endif
  769. + default:
  770. + *reason = "unable to verify signature, unknown algorithm";
  771. + }
  772. + if (*reason != NULL) {
  773. + return sec_status_bogus;
  774. + } else {
  775. + return sec_status_secure;
  776. + }
  777. +}
  778. +
  779. +#endif /* HAVE_SSL or HAVE_NSS or HAVE_NETTLE or HAVE_BEARSSL */
  780. diff --git a/validator/val_sigcrypt.c b/validator/val_sigcrypt.c
  781. index b15fba3f..2ffe73b8 100644
  782. --- a/validator/val_sigcrypt.c
  783. +++ b/validator/val_sigcrypt.c
  784. @@ -58,7 +58,7 @@
  785. #include "sldns/wire2str.h"
  786. #include <ctype.h>
  787. -#if !defined(HAVE_SSL) && !defined(HAVE_NSS) && !defined(HAVE_NETTLE)
  788. +#if !defined(HAVE_SSL) && !defined(HAVE_NSS) && !defined(HAVE_NETTLE) && !defined(HAVE_BEARSSL)
  789. #error "Need crypto library to do digital signature cryptography"
  790. #endif
  791. --
  792. 2.34.1