From 8ee6f289d87851a5b898b24a64587f0e6bc225bc Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Fri, 19 Aug 2016 08:02:51 +1000 Subject: [PATCH] 4450. [port] Provide more nuanced HSM support which better matches the specific PKCS11 providers capabilities. [RT #42458] --- CHANGES | 3 + bin/confgen/keygen.c | 8 + bin/confgen/rndc-confgen.c | 24 ++ bin/confgen/rndc-confgen.docbook | 3 +- bin/dig/dig.c | 6 + bin/dig/dig.docbook | 3 +- bin/dig/dighost.c | 9 +- bin/dnssec/dnssec-keyfromlabel.c | 17 ++ bin/dnssec/dnssec-keygen.c | 25 +- bin/named/config.c | 6 + bin/nsupdate/nsupdate.c | 17 +- bin/nsupdate/nsupdate.docbook | 6 +- bin/pkcs11/pkcs11-tokens.8 | 7 +- bin/pkcs11/pkcs11-tokens.c | 11 +- bin/pkcs11/pkcs11-tokens.docbook | 10 + bin/pkcs11/pkcs11-tokens.html | 20 +- bin/rndc/rndc.c | 7 +- bin/tests/hash_test.c | 6 + bin/tests/hashes/t_hashes.c | 29 +- bin/tests/pkcs11/README | 5 +- bin/tests/system/tkey/keycreate.c | 11 + bin/tests/system/tkey/keydelete.c | 7 + bin/tools/isc-hmac-fixup.c | 12 +- configure | 2 + configure.in | 37 +++ lib/bind9/check.c | 4 + lib/dns/dnssec.c | 4 + lib/dns/dst_api.c | 38 ++- lib/dns/dst_internal.h | 24 ++ lib/dns/dst_parse.c | 25 ++ lib/dns/hmac_link.c | 6 + lib/dns/include/dns/tsig.h | 4 + lib/dns/openssldh_link.c | 5 + lib/dns/openssldsa_link.c | 5 + lib/dns/opensslrsa_link.c | 53 ++++ lib/dns/pkcs11dh_link.c | 5 + lib/dns/pkcs11dsa_link.c | 5 + lib/dns/pkcs11rsa_link.c | 19 ++ lib/dns/rcode.c | 29 +- lib/dns/tests/dh_test.c | 6 +- lib/dns/tkey.c | 18 ++ lib/dns/tsec.c | 4 + lib/dns/tsig.c | 36 ++- lib/isc/hmacmd5.c | 29 +- lib/isc/hmacsha.c | 445 ++++++++++++++++++++++++++++++ lib/isc/include/isc/hmacmd5.h | 6 + lib/isc/include/isc/md5.h | 6 + lib/isc/include/pk11/Makefile.in | 2 +- lib/isc/include/pk11/README.site | 68 +++++ lib/isc/include/pk11/pk11.h | 10 +- lib/isc/include/pk11/site.h | 98 +++++++ lib/isc/md5.c | 16 ++ lib/isc/pk11.c | 238 ++++++++++++---- lib/isc/tests/hash_test.c | 10 + lib/isc/win32/libisc.def.in | 3 + lib/isccc/cc.c | 32 ++- 56 files changed, 1443 insertions(+), 101 deletions(-) create mode 100644 lib/isc/include/pk11/README.site create mode 100644 lib/isc/include/pk11/site.h diff --git a/CHANGES b/CHANGES index 3bd5ee1e18..f79ea0357e 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +4450. [port] Provide more nuanced HSM support which better matches + the specific PKCS11 providers capabilities. [RT #42458] + 4449. [test] Fix catalog zones test on slower systems. [RT #42997] 4448. [bug] win32: ::1 was not being found when iterating diff --git a/bin/confgen/keygen.c b/bin/confgen/keygen.c index 2e24bef5c7..4de31a0772 100644 --- a/bin/confgen/keygen.c +++ b/bin/confgen/keygen.c @@ -25,6 +25,8 @@ #include #include +#include + #include #include @@ -40,8 +42,10 @@ const char * alg_totext(dns_secalg_t alg) { switch (alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_HMACMD5: return "hmac-md5"; +#endif case DST_ALG_HMACSHA1: return "hmac-sha1"; case DST_ALG_HMACSHA224: @@ -66,8 +70,10 @@ alg_fromtext(const char *name) { if (strncasecmp(p, "hmac-", 5) == 0) p = &name[5]; +#ifndef PK11_MD5_DISABLE if (strcasecmp(p, "md5") == 0) return DST_ALG_HMACMD5; +#endif if (strcasecmp(p, "sha1") == 0) return DST_ALG_HMACSHA1; if (strcasecmp(p, "sha224") == 0) @@ -122,7 +128,9 @@ generate_key(isc_mem_t *mctx, const char *randomfile, dns_secalg_t alg, dst_key_t *key = NULL; switch (alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_HMACMD5: +#endif case DST_ALG_HMACSHA1: case DST_ALG_HMACSHA224: case DST_ALG_HMACSHA256: diff --git a/bin/confgen/rndc-confgen.c b/bin/confgen/rndc-confgen.c index 27bc0c2079..0c23421202 100644 --- a/bin/confgen/rndc-confgen.c +++ b/bin/confgen/rndc-confgen.c @@ -39,6 +39,8 @@ #include #include +#include + #include #include @@ -65,6 +67,7 @@ usage(int status) ISC_PLATFORM_NORETURN_POST; static void usage(int status) { +#ifndef PK11_MD5_DISABLE fprintf(stderr, "\ Usage:\n\ %s [-a] [-b bits] [-c keyfile] [-k keyname] [-p port] [-r randomfile] \ @@ -80,6 +83,23 @@ Usage:\n\ -t chrootdir: write a keyfile in chrootdir as well (requires -a)\n\ -u user: set the keyfile owner to \"user\" (requires -a)\n", progname, keydef); +#else + fprintf(stderr, "\ +Usage:\n\ + %s [-a] [-b bits] [-c keyfile] [-k keyname] [-p port] [-r randomfile] \ +[-s addr] [-t chrootdir] [-u user]\n\ + -a: generate just the key clause and write it to keyfile (%s)\n\ + -A alg: algorithm (default hmac-sha256)\n\ + -b bits: from 1 through 512, default 256; total length of the secret\n\ + -c keyfile: specify an alternate key file (requires -a)\n\ + -k keyname: the name as it will be used in named.conf and rndc.conf\n\ + -p port: the port named will listen on and rndc will connect to\n\ + -r randomfile: source of random data (use \"keyboard\" for key timing)\n\ + -s addr: the address to which rndc should connect\n\ + -t chrootdir: write a keyfile in chrootdir as well (requires -a)\n\ + -u user: set the keyfile owner to \"user\" (requires -a)\n", + progname, keydef); +#endif exit (status); } @@ -115,7 +135,11 @@ main(int argc, char **argv) { progname = program; keyname = DEFAULT_KEYNAME; +#ifndef PK11_MD5_DISABLE alg = DST_ALG_HMACMD5; +#else + alg = DST_ALG_HMACSHA256; +#endif serveraddr = DEFAULT_SERVER; port = DEFAULT_PORT; diff --git a/bin/confgen/rndc-confgen.docbook b/bin/confgen/rndc-confgen.docbook index d58964880f..84eb337b08 100644 --- a/bin/confgen/rndc-confgen.docbook +++ b/bin/confgen/rndc-confgen.docbook @@ -128,7 +128,8 @@ Specifies the algorithm to use for the TSIG key. Available choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256, - hmac-sha384 and hmac-sha512. The default is hmac-md5. + hmac-sha384 and hmac-sha512. The default is hmac-md5 or + if MD5 was disabled hmac-sha256. diff --git a/bin/dig/dig.c b/bin/dig/dig.c index 998ad2108d..9570187413 100644 --- a/bin/dig/dig.c +++ b/bin/dig/dig.c @@ -21,6 +21,8 @@ #include #include +#include + #include #include #include @@ -1672,7 +1674,11 @@ dash_option(char *option, char *next, dig_lookup_t **lookup, ptr = ptr2; ptr2 = ptr3; } else { +#ifndef PK11_MD5_DISABLE hmacname = DNS_TSIG_HMACMD5_NAME; +#else + hmacname = DNS_TSIG_HMACSHA256_NAME; +#endif digestbits = 0; } strncpy(keynametext, ptr, sizeof(keynametext)); diff --git a/bin/dig/dig.docbook b/bin/dig/dig.docbook index cc056e76ed..28756c77b6 100644 --- a/bin/dig/dig.docbook +++ b/bin/dig/dig.docbook @@ -390,7 +390,8 @@ hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384, or hmac-sha512. If hmac - is not specified, the default is hmac-md5. + is not specified, the default is hmac-md5 + or if MD5 was disabled hmac-sha256. NOTE: You should use the option and diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 4930491264..b5b92992f2 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -82,6 +82,8 @@ #include #include +#include + #include #include @@ -1142,12 +1144,15 @@ parse_hmac(const char *hmac) { digestbits = 0; +#ifndef PK11_MD5_DISABLE if (strcasecmp(buf, "hmac-md5") == 0) { hmacname = DNS_TSIG_HMACMD5_NAME; } else if (strncasecmp(buf, "hmac-md5-", 9) == 0) { hmacname = DNS_TSIG_HMACMD5_NAME; digestbits = parse_bits(&buf[9], "digest-bits [0..128]", 128); - } else if (strcasecmp(buf, "hmac-sha1") == 0) { + } else +#endif + if (strcasecmp(buf, "hmac-sha1") == 0) { hmacname = DNS_TSIG_HMACSHA1_NAME; digestbits = 0; } else if (strncasecmp(buf, "hmac-sha1-", 10) == 0) { @@ -1260,9 +1265,11 @@ setup_file_key(void) { } switch (dst_key_alg(dstkey)) { +#ifndef PK11_MD5_DISABLE case DST_ALG_HMACMD5: hmacname = DNS_TSIG_HMACMD5_NAME; break; +#endif case DST_ALG_HMACSHA1: hmacname = DNS_TSIG_HMACSHA1_NAME; break; diff --git a/bin/dnssec/dnssec-keyfromlabel.c b/bin/dnssec/dnssec-keyfromlabel.c index 12cef1b587..c619b0c4b7 100644 --- a/bin/dnssec/dnssec-keyfromlabel.c +++ b/bin/dnssec/dnssec-keyfromlabel.c @@ -22,6 +22,8 @@ #include #include +#include + #include #include #include @@ -404,10 +406,20 @@ main(int argc, char **argv) { } if (strcasecmp(algname, "RSA") == 0) { +#ifndef PK11_MD5_DISABLE fprintf(stderr, "The use of RSA (RSAMD5) is not " "recommended.\nIf you still wish to " "use RSA (RSAMD5) please specify " "\"-a RSAMD5\"\n"); +#else + fprintf(stderr, + "The use of RSA (RSAMD5) was disabled\n"); + if (freeit != NULL) + free(freeit); + return (1); + } else if (strcasecmp(algname, "RSAMD5") == 0) { + fprintf(stderr, "The use of RSAMD5 was disabled\n"); +#endif if (freeit != NULL) free(freeit); return (1); @@ -504,6 +516,11 @@ main(int argc, char **argv) { alg = dst_key_alg(prevkey); flags = dst_key_flags(prevkey); +#ifdef PK11_MD5_DISABLE + if (alg == DST_ALG_RSAMD5) + fatal("Key %s uses disabled RSAMD5", predecessor); +#endif + dst_key_format(prevkey, keystr, sizeof(keystr)); dst_key_getprivateformat(prevkey, &major, &minor); if (major != DST_MAJOR_VERSION || minor < DST_MINOR_VERSION) diff --git a/bin/dnssec/dnssec-keygen.c b/bin/dnssec/dnssec-keygen.c index e27501f06c..524b26b146 100644 --- a/bin/dnssec/dnssec-keygen.c +++ b/bin/dnssec/dnssec-keygen.c @@ -37,6 +37,8 @@ #include #include +#include + #include #include #include @@ -546,15 +548,30 @@ main(int argc, char **argv) { } if (strcasecmp(algname, "RSA") == 0) { +#ifndef PK11_MD5_DISABLE fprintf(stderr, "The use of RSA (RSAMD5) is not " "recommended.\nIf you still wish to " "use RSA (RSAMD5) please specify " "\"-a RSAMD5\"\n"); INSIST(freeit == NULL); return (1); - } else if (strcasecmp(algname, "HMAC-MD5") == 0) + } else if (strcasecmp(algname, "HMAC-MD5") == 0) { alg = DST_ALG_HMACMD5; - else if (strcasecmp(algname, "HMAC-SHA1") == 0) +#else + fprintf(stderr, + "The use of RSA (RSAMD5) was disabled\n"); + INSIST(freeit == NULL); + return (1); + } else if (strcasecmp(algname, "RSAMD5") == 0) { + fprintf(stderr, "The use of RSAMD5 was disabled\n"); + INSIST(freeit == NULL); + return (1); + } else if (strcasecmp(algname, "HMAC-MD5") == 0) { + fprintf(stderr, + "The use of HMAC-MD5 was disabled\n"); + return (1); +#endif + } else if (strcasecmp(algname, "HMAC-SHA1") == 0) alg = DST_ALG_HMACSHA1; else if (strcasecmp(algname, "HMAC-SHA224") == 0) alg = DST_ALG_HMACSHA224; @@ -574,6 +591,10 @@ main(int argc, char **argv) { options |= DST_TYPE_KEY; } +#ifdef PK11_MD5_DISABLE + INSIST((alg != DNS_KEYALG_RSAMD5) && (alg != DST_ALG_HMACMD5)); +#endif + if (!dst_algorithm_supported(alg)) fatal("unsupported algorithm: %d", alg); diff --git a/bin/named/config.c b/bin/named/config.c index 638a2b3f9b..43ccda3dc2 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -22,6 +22,8 @@ #include #include +#include + #include #include @@ -939,9 +941,11 @@ struct keyalgorithms { unsigned int type; isc_uint16_t size; } algorithms[] = { +#ifndef PK11_MD5_DISABLE { "hmac-md5", hmacmd5, DST_ALG_HMACMD5, 128 }, { "hmac-md5.sig-alg.reg.int", hmacmd5, DST_ALG_HMACMD5, 0 }, { "hmac-md5.sig-alg.reg.int.", hmacmd5, DST_ALG_HMACMD5, 0 }, +#endif { "hmac-sha1", hmacsha1, DST_ALG_HMACSHA1, 160 }, { "hmac-sha224", hmacsha224, DST_ALG_HMACSHA224, 224 }, { "hmac-sha256", hmacsha256, DST_ALG_HMACSHA256, 256 }, @@ -988,7 +992,9 @@ ns_config_getkeyalgorithm2(const char *str, dns_name_t **name, if (name != NULL) { switch (algorithms[i].hmac) { +#ifndef PK11_MD5_DISABLE case hmacmd5: *name = dns_tsig_hmacmd5_name; break; +#endif case hmacsha1: *name = dns_tsig_hmacsha1_name; break; case hmacsha224: *name = dns_tsig_hmacsha224_name; break; case hmacsha256: *name = dns_tsig_hmacsha256_name; break; diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c index 894bddbee8..395985963e 100644 --- a/bin/nsupdate/nsupdate.c +++ b/bin/nsupdate/nsupdate.c @@ -40,6 +40,8 @@ #include #include +#include + #include #include @@ -451,6 +453,7 @@ parse_hmac(dns_name_t **hmac, const char *hmacstr, size_t len) { strncpy(buf, hmacstr, len); buf[len] = 0; +#ifndef PK11_MD5_DISABLE if (strcasecmp(buf, "hmac-md5") == 0) { *hmac = DNS_TSIG_HMACMD5_NAME; } else if (strncasecmp(buf, "hmac-md5-", 9) == 0) { @@ -459,7 +462,9 @@ parse_hmac(dns_name_t **hmac, const char *hmacstr, size_t len) { if (result != ISC_R_SUCCESS || digestbits > 128) fatal("digest-bits out of range [0..128]"); digestbits = (digestbits +7) & ~0x7U; - } else if (strcasecmp(buf, "hmac-sha1") == 0) { + } else +#endif + if (strcasecmp(buf, "hmac-sha1") == 0) { *hmac = DNS_TSIG_HMACSHA1_NAME; } else if (strncasecmp(buf, "hmac-sha1-", 10) == 0) { *hmac = DNS_TSIG_HMACSHA1_NAME; @@ -549,7 +554,11 @@ setup_keystr(void) { secretstr = n + 1; digestbits = parse_hmac(&hmacname, keystr, s - keystr); } else { +#ifndef PK11_MD5_DISABLE hmacname = DNS_TSIG_HMACMD5_NAME; +#else + hmacname = DNS_TSIG_HMACSHA256_NAME; +#endif name = keystr; n = s; } @@ -683,9 +692,11 @@ setup_keyfile(isc_mem_t *mctx, isc_log_t *lctx) { } switch (dst_key_alg(dstkey)) { +#ifndef PK11_MD5_DISABLE case DST_ALG_HMACMD5: hmacname = DNS_TSIG_HMACMD5_NAME; break; +#endif case DST_ALG_HMACSHA1: hmacname = DNS_TSIG_HMACSHA1_NAME; break; @@ -1541,7 +1552,11 @@ evaluate_key(char *cmdline) { digestbits = parse_hmac(&hmacname, namestr, n - namestr); namestr = n + 1; } else +#ifndef PK11_MD5_DISABLE hmacname = DNS_TSIG_HMACMD5_NAME; +#else + hmacname = DNS_TSIG_HMACSHA256_NAME; +#endif isc_buffer_init(&b, namestr, strlen(namestr)); isc_buffer_add(&b, strlen(namestr)); diff --git a/bin/nsupdate/nsupdate.docbook b/bin/nsupdate/nsupdate.docbook index 2facc4bb17..aef1babe13 100644 --- a/bin/nsupdate/nsupdate.docbook +++ b/bin/nsupdate/nsupdate.docbook @@ -324,7 +324,8 @@ hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384, or hmac-sha512. If hmac - is not specified, the default is hmac-md5. + is not specified, the default is hmac-md5 + or if MD5 was disabled hmac-sha256. NOTE: Use of the option is discouraged because the @@ -481,7 +482,8 @@ keyname secret pair. If hmac is specified, then it sets the signing algorithm in use; the default is - hmac-md5. The key + hmac-md5 or if MD5 was disabled + hmac-sha256. The key command overrides any key specified on the command line via or . diff --git a/bin/pkcs11/pkcs11-tokens.8 b/bin/pkcs11/pkcs11-tokens.8 index cf63a6d9db..fc966493be 100644 --- a/bin/pkcs11/pkcs11-tokens.8 +++ b/bin/pkcs11/pkcs11-tokens.8 @@ -39,7 +39,7 @@ pkcs11-tokens \- list PKCS#11 available tokens .SH "SYNOPSIS" .HP \w'\fBpkcs11\-tokens\fR\ 'u -\fBpkcs11\-tokens\fR [\fB\-m\ \fR\fB\fImodule\fR\fR] +\fBpkcs11\-tokens\fR [\fB\-m\ \fR\fB\fImodule\fR\fR] [\fB\-v\fR] .SH "DESCRIPTION" .PP \fBpkcs11\-tokens\fR @@ -50,6 +50,11 @@ lists the PKCS#11 available tokens with defaults from the slot/token scan perfor .RS 4 Specify the PKCS#11 provider module\&. This must be the full path to a shared library object implementing the PKCS#11 API for the device\&. .RE +.PP +\-e +.RS 4 +Make the PKCS#11 libisc initialization verbose\&. +.RE .SH "SEE ALSO" .PP \fBpkcs11-destroy\fR(8), diff --git a/bin/pkcs11/pkcs11-tokens.c b/bin/pkcs11/pkcs11-tokens.c index 239ca31b8a..3ae354a32f 100644 --- a/bin/pkcs11/pkcs11-tokens.c +++ b/bin/pkcs11/pkcs11-tokens.c @@ -38,11 +38,14 @@ main(int argc, char *argv[]) { isc_mem_t *mctx = NULL; pk11_context_t pctx; - while ((c = isc_commandline_parse(argc, argv, ":m:")) != -1) { + while ((c = isc_commandline_parse(argc, argv, ":m:v")) != -1) { switch (c) { case 'm': lib_name = isc_commandline_argument; break; + case 'v': + pk11_verbose_init = ISC_TRUE; + break; case ':': fprintf(stderr, "Option -%c requires an operand\n", isc_commandline_option); @@ -58,7 +61,7 @@ main(int argc, char *argv[]) { if (errflg) { fprintf(stderr, "Usage:\n"); - fprintf(stderr, "\tpkcs11-tokens [-m module]\n"); + fprintf(stderr, "\tpkcs11-tokens [-v] [-m module]\n"); exit(1); } @@ -73,7 +76,7 @@ main(int argc, char *argv[]) { if (lib_name != NULL) pk11_set_lib_name(lib_name); - result = pk11_get_session(&pctx, OP_ANY, ISC_FALSE, ISC_FALSE, + result = pk11_get_session(&pctx, OP_ANY, ISC_TRUE, ISC_FALSE, ISC_FALSE, NULL, 0); if (result == PK11_R_NORANDOMSERVICE || result == PK11_R_NODIGESTSERVICE || @@ -81,7 +84,7 @@ main(int argc, char *argv[]) { fprintf(stderr, "Warning: %s\n", isc_result_totext(result)); fprintf(stderr, "This HSM will not work with BIND 9 " "using native PKCS#11.\n\n"); - } else if (result != ISC_R_SUCCESS) { + } else if ((result != ISC_R_SUCCESS) && (result != ISC_R_NOTFOUND)) { fprintf(stderr, "Unrecoverable error initializing " "PKCS#11: %s\n", isc_result_totext(result)); exit(1); diff --git a/bin/pkcs11/pkcs11-tokens.docbook b/bin/pkcs11/pkcs11-tokens.docbook index 5fd2fe6eb9..7d13851fe7 100644 --- a/bin/pkcs11/pkcs11-tokens.docbook +++ b/bin/pkcs11/pkcs11-tokens.docbook @@ -40,6 +40,7 @@ pkcs11-tokens + @@ -65,6 +66,15 @@ + + + -v + + + Make the PKCS#11 libisc initialization verbose. + + + diff --git a/bin/pkcs11/pkcs11-tokens.html b/bin/pkcs11/pkcs11-tokens.html index 2ae88ff0c1..7985375441 100644 --- a/bin/pkcs11/pkcs11-tokens.html +++ b/bin/pkcs11/pkcs11-tokens.html @@ -1,9 +1,17 @@ @@ -19,7 +27,7 @@

Synopsis

-

pkcs11-tokens [-m module]

+

pkcs11-tokens [-m module] [-v]

DESCRIPTION

@@ -38,6 +46,10 @@ path to a shared library object implementing the PKCS#11 API for the device.

+
-e
+

+ Make the PKCS#11 libisc initialization verbose. +

diff --git a/bin/rndc/rndc.c b/bin/rndc/rndc.c index 1ab1ba08b1..d7e7496579 100644 --- a/bin/rndc/rndc.c +++ b/bin/rndc/rndc.c @@ -32,6 +32,8 @@ #include #include +#include + #include #include @@ -628,9 +630,12 @@ parse_config(isc_mem_t *mctx, isc_log_t *log, const char *keyname, secretstr = cfg_obj_asstring(secretobj); algorithmstr = cfg_obj_asstring(algorithmobj); +#ifndef PK11_MD5_DISABLE if (strcasecmp(algorithmstr, "hmac-md5") == 0) algorithm = ISCCC_ALG_HMACMD5; - else if (strcasecmp(algorithmstr, "hmac-sha1") == 0) + else +#endif + if (strcasecmp(algorithmstr, "hmac-sha1") == 0) algorithm = ISCCC_ALG_HMACSHA1; else if (strcasecmp(algorithmstr, "hmac-sha224") == 0) algorithm = ISCCC_ALG_HMACSHA224; diff --git a/bin/tests/hash_test.c b/bin/tests/hash_test.c index 96c9870382..e37247c80a 100644 --- a/bin/tests/hash_test.c +++ b/bin/tests/hash_test.c @@ -22,6 +22,8 @@ #include #include +#include + static void print_digest(const char *s, const char *hash, unsigned char *d, unsigned int words) @@ -41,8 +43,10 @@ int main(int argc, char **argv) { isc_sha1_t sha1; isc_sha224_t sha224; +#ifndef PK11_MD5_DISABLE isc_md5_t md5; isc_hmacmd5_t hmacmd5; +#endif isc_hmacsha1_t hmacsha1; isc_hmacsha224_t hmacsha224; isc_hmacsha256_t hmacsha256; @@ -84,6 +88,7 @@ main(int argc, char **argv) { isc_sha224_final(digest, &sha224); print_digest(s, "sha224", digest, ISC_SHA224_DIGESTLENGTH/4); +#ifndef PK11_MD5_DISABLE s = "abc"; isc_md5_init(&md5); memmove(buffer, s, strlen(s)); @@ -121,6 +126,7 @@ main(int argc, char **argv) { isc_hmacmd5_update(&hmacmd5, buffer, strlen(s)); isc_hmacmd5_sign(&hmacmd5, digest); print_digest(s, "hmacmd5", digest, 4); +#endif /* * The 3 HMAC-SHA1 examples from RFC4634. diff --git a/bin/tests/hashes/t_hashes.c b/bin/tests/hashes/t_hashes.c index 4463ea59c7..bcedb6d1df 100644 --- a/bin/tests/hashes/t_hashes.c +++ b/bin/tests/hashes/t_hashes.c @@ -24,6 +24,8 @@ #include #include +#include + #include @@ -47,7 +49,9 @@ typedef struct { union { unsigned char b[1024]; +#ifndef PK11_MD5_DISABLE unsigned char md5[16]; +#endif unsigned char sha1[ISC_SHA1_DIGESTLENGTH]; unsigned char sha224[ISC_SHA224_DIGESTLENGTH]; unsigned char sha256[ISC_SHA256_DIGESTLENGTH]; @@ -72,9 +76,11 @@ static OUT_ abc_sha1 = { static OUT_ abc_sha224 = { "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7", ISC_SHA224_DIGESTLENGTH}; +#ifndef PK11_MD5_DISABLE static OUT_ abc_md5 = { "900150983cd24fb0d6963f7d28e17f72", 16}; +#endif static IN_ abc_blah = { "\"abcdbc...\"", NULL, 0, STR_INIT("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq")}; @@ -84,6 +90,7 @@ static OUT_ abc_blah_sha1 = { static OUT_ abc_blah_sha224 = { "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525", ISC_SHA224_DIGESTLENGTH}; +#ifndef PK11_MD5_DISABLE static OUT_ abc_blah_md5 = { "8215ef0796a20bcaaae116d3876c664a", 16}; @@ -122,6 +129,7 @@ static IN_ rfc2104_3 = {"RFC 2104 #3", rfc2104_3_key, sizeof(rfc2104_3_key), static OUT_ rfc2104_3_hmac = { "56be34521d144c88dbb8c733f0e8b3f6", 16}; +#endif /* * four three HMAC-SHA tests cut-and-pasted from RFC 4634 starting on page 86 @@ -309,7 +317,9 @@ t_hash(const char *hname, HASH_INIT init, UPDATE update, FINAL final, union { unsigned char b[1024]; isc_sha1_t sha1; +#ifndef PK11_MD5_DISABLE isc_md5_t md5; +#endif } ctx; init(&ctx); @@ -340,17 +350,23 @@ t_sha224(IN_ *in, OUT_ *out) static void +#ifndef PK11_MD5_DISABLE t_hashes(IN_ *in, OUT_ *out_sha1, OUT_ *out_sha224, OUT_ *out_md5) +#else +t_hashes(IN_ *in, OUT_ *out_sha1, OUT_ *out_sha224) +#endif { t_hash("SHA1", (HASH_INIT)isc_sha1_init, (UPDATE)isc_sha1_update, (FINAL)isc_sha1_final, in, out_sha1); t_sha224(in, out_sha224); +#ifndef PK11_MD5_DISABLE t_hash("md5", (HASH_INIT)isc_md5_init, (UPDATE)isc_md5_update, (FINAL)isc_md5_final, in, out_md5); +#endif } - +#ifndef PK11_MD5_DISABLE /* * isc_hmacmd5_sign has a different calling sequence */ @@ -365,7 +381,7 @@ t_md5hmac(IN_ *in, OUT_ *out) isc_hmacmd5_sign(&ctx, dbuf.b); ck("HMAC-md5", in, out); } - +#endif static void @@ -374,7 +390,9 @@ t_hmac(const char *hname, HMAC_INIT init, UPDATE update, SIGN sign, { union { unsigned char b[1024]; +#ifndef PK11_MD5_DISABLE isc_hmacmd5_t hmacmd5; +#endif isc_hmacsha1_t hmacsha1; isc_hmacsha224_t hmacsha224; isc_hmacsha256_t hmacsha256; @@ -424,15 +442,22 @@ t1(void) /* * two ad hoc hash examples */ +#ifndef PK11_MD5_DISABLE t_hashes(&abc, &abc_sha1, &abc_sha224, &abc_md5); t_hashes(&abc_blah, &abc_blah_sha1, &abc_blah_sha224, &abc_blah_md5); +#else + t_hashes(&abc, &abc_sha1, &abc_sha224); + t_hashes(&abc_blah, &abc_blah_sha1, &abc_blah_sha224); +#endif +#ifndef PK11_MD5_DISABLE /* * three HMAC-md5 examples from RFC 2104 */ t_md5hmac(&rfc2104_1, &rfc2104_1_hmac); t_md5hmac(&rfc2104_2, &rfc2104_2_hmac); t_md5hmac(&rfc2104_3, &rfc2104_3_hmac); +#endif /* * four HMAC-SHA tests from RFC 4634 starting on page 86 diff --git a/bin/tests/pkcs11/README b/bin/tests/pkcs11/README index 4155b117f5..2b594d9a7d 100644 --- a/bin/tests/pkcs11/README +++ b/bin/tests/pkcs11/README @@ -9,6 +9,7 @@ whether the resulting digest is is correct. For instance: ...must return "9294727a3638bb1c13f48ef8158bfc9d". If any other value is returned, then the provider library is buggy, -and the compilation flag PKCS11CRYPTOWITHHMAC must *not* be defined. +and theflag PK11_MD5_HMAC_REPLACE must be defined in +lib/isc/include/pk11/site.h However, if the correct value is returned, then it is safe to turn -on PKCS11CRYPTOWITHHMAC. (It is off by default.) +off PK11_MD5_HMAC_REPLACE. (It is on by default.) diff --git a/bin/tests/system/tkey/keycreate.c b/bin/tests/system/tkey/keycreate.c index aaec811513..e582dbe171 100644 --- a/bin/tests/system/tkey/keycreate.c +++ b/bin/tests/system/tkey/keycreate.c @@ -26,6 +26,8 @@ #include #include +#include + #include #include #include @@ -60,6 +62,7 @@ static isc_buffer_t nonce; static dns_requestmgr_t *requestmgr; static const char *ownername_str = "."; +#ifndef PK11_MD5_DISABLE static void recvquery(isc_task_t *task, isc_event_t *event) { dns_requestevent_t *reqev = (dns_requestevent_t *)event; @@ -119,9 +122,11 @@ recvquery(isc_task_t *task, isc_event_t *event) { isc_app_shutdown(); return; } +#endif static void sendquery(isc_task_t *task, isc_event_t *event) { +#ifndef PK11_MD5_DISABLE struct in_addr inaddr; isc_sockaddr_t address; isc_region_t r; @@ -185,6 +190,12 @@ sendquery(isc_task_t *task, isc_event_t *event) { TIMEOUT, task, recvquery, query, &request); CHECK("dns_request_create", result); +#else + UNUSED(task); + + isc_event_free(&event); + CHECK("MD5 was disabled", ISC_R_NOTIMPLEMENTED); +#endif } int diff --git a/bin/tests/system/tkey/keydelete.c b/bin/tests/system/tkey/keydelete.c index b46750a2bb..cf1fae75da 100644 --- a/bin/tests/system/tkey/keydelete.c +++ b/bin/tests/system/tkey/keydelete.c @@ -26,6 +26,8 @@ #include #include +#include + #include #include #include @@ -220,12 +222,17 @@ main(int argc, char **argv) { type = DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_KEY; result = dst_key_fromnamedfile(keyname, NULL, type, mctx, &dstkey); CHECK("dst_key_fromnamedfile", result); +#ifndef PK11_MD5_DISABLE result = dns_tsigkey_createfromkey(dst_key_name(dstkey), DNS_TSIG_HMACMD5_NAME, dstkey, ISC_TRUE, NULL, 0, 0, mctx, ring, &tsigkey); dst_key_free(&dstkey); CHECK("dns_tsigkey_createfromkey", result); +#else + dst_key_free(&dstkey); + CHECK("MD5 was disabled", ISC_R_NOTIMPLEMENTED); +#endif (void)isc_app_run(); diff --git a/bin/tools/isc-hmac-fixup.c b/bin/tools/isc-hmac-fixup.c index 6485e268fc..408338cdd3 100644 --- a/bin/tools/isc-hmac-fixup.c +++ b/bin/tools/isc-hmac-fixup.c @@ -21,6 +21,8 @@ #include #include +#include + #define HMAC_LEN 64 int @@ -34,8 +36,13 @@ main(int argc, char **argv) { if (argc != 3) { fprintf(stderr, "Usage:\t%s algorithm secret\n", argv[0]); +#ifndef PK11_MD5_DISABLE fprintf(stderr, "\talgorithm: (MD5 | SHA1 | SHA224 | " "SHA256 | SHA384 | SHA512)\n"); +#else + fprintf(stderr, "\talgorithm: (SHA1 | SHA224 | " + "SHA256 | SHA384 | SHA512)\n"); +#endif return (1); } @@ -47,6 +54,7 @@ main(int argc, char **argv) { } isc_buffer_usedregion(&buf, &r); +#ifndef PK11_MD5_DISABLE if (!strcasecmp(argv[1], "md5") || !strcasecmp(argv[1], "hmac-md5")) { if (r.length > HMAC_LEN) { @@ -58,7 +66,9 @@ main(int argc, char **argv) { r.base = key; r.length = ISC_MD5_DIGESTLENGTH; } - } else if (!strcasecmp(argv[1], "sha1") || + } else +#endif + if (!strcasecmp(argv[1], "sha1") || !strcasecmp(argv[1], "hmac-sha1")) { if (r.length > ISC_SHA1_DIGESTLENGTH) { isc_sha1_t sha1ctx; diff --git a/configure b/configure index 05a64a9600..d6667223ec 100755 --- a/configure +++ b/configure @@ -16604,6 +16604,8 @@ case "$want_native_pkcs11" in yes) { $as_echo "$as_me:${as_lineno-$LINENO}: result: using native PKCS11 crypto" >&5 $as_echo "using native PKCS11 crypto" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: tweaks are in lib/isc/include/pk11/site.h" >&5 +$as_echo "tweaks are in lib/isc/include/pk11/site.h" >&6; } PKCS11LINKOBJS='${PKCS11LINKOBJS}' PKCS11LINKSRCS='${PKCS11LINKSRCS}' PKCS11_TEST=pkcs11 diff --git a/configure.in b/configure.in index c3696d0c7b..649c2d7df0 100644 --- a/configure.in +++ b/configure.in @@ -2082,6 +2082,7 @@ AC_SUBST(PKCS11_PROVIDER) PKCS11_ECDSA="" PKCS11_GOST="" +set_pk11_flavor="no" AC_MSG_CHECKING(for native PKCS11) case "$want_native_pkcs11" in @@ -2114,6 +2115,42 @@ case "$want_native_pkcs11" in AC_MSG_RESULT(disabled) ;; esac + AC_MSG_CHECKING(for PKCS11 flavor) + case "$PKCS11_PROVIDER" in + *nfast*) + AC_MSG_RESULT(Thales nCipher) + # default + pk11_flavor="PK11_THALES_FLAVOR" + set_pk11_flavor="yes" + ;; + *libsofthsm2*) + AC_MSG_RESULT(SoftHSMv2) + pk11_flavor="PK11_SOFTHSMV2_FLAVOR" + set_pk11_flavor="yes" + ;; + *libsofthsm*) + AC_MSG_RESULT(SoftHSM) + pk11_flavor="PK11_SOFTHSMV1_FLAVOR" + set_pk11_flavor="yes" + ;; + *cryptech*) + AC_MSG_RESULT(Cryptech) + pk11_flavor="PK11_CRYPTECH_FLAVOR" + set_pk11_flavor="yes" + ;; + *Keyper*) + AC_MSG_RESULT(AEP Keyper: not yet supported) + ;; + undefined) + AC_MSG_RESULT(undefined provider?) + ;; + *) + AC_MSG_RESULT(unknown provider: tweaks are in lib/isc/include/pk11/site.h) + ;; + esac + if test "$set_pk11_flavor" = "yes" ; then + CFLAGS="$CFLAGS -DPK11_FLAVOR=$pk11_flavor" + fi ;; no|'') AC_MSG_RESULT(disabled) diff --git a/lib/bind9/check.c b/lib/bind9/check.c index 533c6227dd..afc38364c6 100644 --- a/lib/bind9/check.c +++ b/lib/bind9/check.c @@ -31,6 +31,8 @@ #include #include +#include + #include #include #include @@ -2427,9 +2429,11 @@ bind9_check_key(const cfg_obj_t *key, isc_log_t *logctx) { isc_buffer_t buf; unsigned char secretbuf[1024]; static const algorithmtable algorithms[] = { +#ifndef PK11_MD5_DISABLE { "hmac-md5", 128 }, { "hmac-md5.sig-alg.reg.int", 0 }, { "hmac-md5.sig-alg.reg.int.", 0 }, +#endif { "hmac-sha1", 160 }, { "hmac-sha224", 224 }, { "hmac-sha256", 256 }, diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index b3a80d99d1..e619366b87 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -20,6 +20,8 @@ #include #include +#include + #include #include #include @@ -1471,7 +1473,9 @@ dns_dnssec_findmatchingkeys2(dns_name_t *origin, const char *directory, mctx, &dstkey); switch (alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_HMACMD5: +#endif case DST_ALG_HMACSHA1: case DST_ALG_HMACSHA224: case DST_ALG_HMACSHA256: diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index b790b98c4f..f071fef1d9 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -49,6 +49,8 @@ #include #include +#include + #define DST_KEY_INTERNAL #include @@ -189,7 +191,9 @@ dst_lib_init2(isc_mem_t *mctx, isc_entropy_t *ectx, dst_result_register(); memset(dst_t_func, 0, sizeof(dst_t_func)); +#ifndef PK11_MD5_DISABLE RETERR(dst__hmacmd5_init(&dst_t_func[DST_ALG_HMACMD5])); +#endif RETERR(dst__hmacsha1_init(&dst_t_func[DST_ALG_HMACSHA1])); RETERR(dst__hmacsha224_init(&dst_t_func[DST_ALG_HMACSHA224])); RETERR(dst__hmacsha256_init(&dst_t_func[DST_ALG_HMACSHA256])); @@ -197,8 +201,10 @@ dst_lib_init2(isc_mem_t *mctx, isc_entropy_t *ectx, RETERR(dst__hmacsha512_init(&dst_t_func[DST_ALG_HMACSHA512])); #ifdef OPENSSL RETERR(dst__openssl_init(engine)); +#ifndef PK11_MD5_DISABLE RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSAMD5], DST_ALG_RSAMD5)); +#endif RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1], DST_ALG_RSASHA1)); RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1], @@ -207,11 +213,13 @@ dst_lib_init2(isc_mem_t *mctx, isc_entropy_t *ectx, DST_ALG_RSASHA256)); RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA512], DST_ALG_RSASHA512)); -#ifdef HAVE_OPENSSL_DSA +#if defined(HAVE_OPENSSL_DSA) && !defined(PK11_DSA_DISABLE) RETERR(dst__openssldsa_init(&dst_t_func[DST_ALG_DSA])); RETERR(dst__openssldsa_init(&dst_t_func[DST_ALG_NSEC3DSA])); #endif +#ifndef PK11_DH_DISABLE RETERR(dst__openssldh_init(&dst_t_func[DST_ALG_DH])); +#endif #ifdef HAVE_OPENSSL_GOST RETERR(dst__opensslgost_init(&dst_t_func[DST_ALG_ECCGOST])); #endif @@ -221,14 +229,20 @@ dst_lib_init2(isc_mem_t *mctx, isc_entropy_t *ectx, #endif #elif PKCS11CRYPTO RETERR(dst__pkcs11_init(mctx, engine)); +#ifndef PK11_MD5_DISABLE RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSAMD5])); +#endif RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA1])); RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1])); RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA256])); RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA512])); +#ifndef PK11_DSA_DISABLE RETERR(dst__pkcs11dsa_init(&dst_t_func[DST_ALG_DSA])); RETERR(dst__pkcs11dsa_init(&dst_t_func[DST_ALG_NSEC3DSA])); +#endif +#ifndef PK11_DH_DISABLE RETERR(dst__pkcs11dh_init(&dst_t_func[DST_ALG_DH])); +#endif #ifdef HAVE_PKCS11_ECDSA RETERR(dst__pkcs11ecdsa_init(&dst_t_func[DST_ALG_ECDSA256])); RETERR(dst__pkcs11ecdsa_init(&dst_t_func[DST_ALG_ECDSA384])); @@ -1085,8 +1099,10 @@ comparekeys(const dst_key_t *key1, const dst_key_t *key2, if (key1->key_id != key2->key_id) { if (!match_revoked_key) return (ISC_FALSE); +#ifndef PK11_MD5_DISABLE if (key1->key_alg == DST_ALG_RSAMD5) return (ISC_FALSE); +#endif if ((key1->key_flags & DNS_KEYFLAG_REVOKE) == (key2->key_flags & DNS_KEYFLAG_REVOKE)) return (ISC_FALSE); @@ -1249,17 +1265,21 @@ dst_key_sigsize(const dst_key_t *key, unsigned int *n) { /* XXXVIX this switch statement is too sparse to gen a jump table. */ switch (key->key_alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: case DST_ALG_RSASHA256: case DST_ALG_RSASHA512: *n = (key->key_size + 7) / 8; break; +#ifndef PK11_DSA_DISABLE case DST_ALG_DSA: case DST_ALG_NSEC3DSA: *n = DNS_SIG_DSASIGSIZE; break; +#endif case DST_ALG_ECCGOST: *n = DNS_SIG_GOSTSIGSIZE; break; @@ -1269,9 +1289,11 @@ dst_key_sigsize(const dst_key_t *key, unsigned int *n) { case DST_ALG_ECDSA384: *n = DNS_SIG_ECDSA384SIZE; break; +#ifndef PK11_MD5_DISABLE case DST_ALG_HMACMD5: *n = 16; break; +#endif case DST_ALG_HMACSHA1: *n = ISC_SHA1_DIGESTLENGTH; break; @@ -1290,7 +1312,9 @@ dst_key_sigsize(const dst_key_t *key, unsigned int *n) { case DST_ALG_GSSAPI: *n = 128; /*%< XXX */ break; +#ifndef PK11_DH_DISABLE case DST_ALG_DH: +#endif default: return (DST_R_UNSUPPORTEDALG); } @@ -1303,11 +1327,15 @@ dst_key_secretsize(const dst_key_t *key, unsigned int *n) { REQUIRE(VALID_KEY(key)); REQUIRE(n != NULL); +#ifndef PK11_DH_DISABLE if (key->key_alg == DST_ALG_DH) *n = (key->key_size + 7) / 8; else +#endif return (DST_R_UNSUPPORTEDALG); +#ifndef PK11_DH_DISABLE return (ISC_R_SUCCESS); +#endif } /*% @@ -1586,19 +1614,27 @@ issymmetric(const dst_key_t *key) { /* XXXVIX this switch statement is too sparse to gen a jump table. */ switch (key->key_alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: case DST_ALG_RSASHA256: case DST_ALG_RSASHA512: +#ifndef PK11_DSA_DISABLE case DST_ALG_DSA: case DST_ALG_NSEC3DSA: +#endif +#ifndef PK11_DH_DISABLE case DST_ALG_DH: +#endif case DST_ALG_ECCGOST: case DST_ALG_ECDSA256: case DST_ALG_ECDSA384: return (ISC_FALSE); +#ifndef PK11_MD5_DISABLE case DST_ALG_HMACMD5: +#endif case DST_ALG_HMACSHA1: case DST_ALG_HMACSHA224: case DST_ALG_HMACSHA256: diff --git a/lib/dns/dst_internal.h b/lib/dns/dst_internal.h index 6d6211d0e8..4a42097efa 100644 --- a/lib/dns/dst_internal.h +++ b/lib/dns/dst_internal.h @@ -39,13 +39,19 @@ #include #include +#include + #include #include #ifdef OPENSSL +#ifndef PK11_DH_DISABLE #include +#endif +#ifndef PK11_DSA_DISABLE #include +#endif #include #include #include @@ -68,7 +74,9 @@ extern isc_mem_t *dst__memory_pool; typedef struct dst_func dst_func_t; +#ifndef PK11_MD5_DISABLE typedef struct dst_hmacmd5_key dst_hmacmd5_key_t; +#endif typedef struct dst_hmacsha1_key dst_hmacsha1_key_t; typedef struct dst_hmacsha224_key dst_hmacsha224_key_t; typedef struct dst_hmacsha256_key dst_hmacsha256_key_t; @@ -106,13 +114,19 @@ struct dst_key { #if !defined(USE_EVP) || !USE_EVP RSA *rsa; #endif +#ifndef PK11_DSA_DISABLE DSA *dsa; +#endif +#ifndef PK11_DH_DISABLE DH *dh; +#endif EVP_PKEY *pkey; #elif PKCS11CRYPTO pk11_object_t *pkey; #endif +#ifndef PK11_MD5_DISABLE dst_hmacmd5_key_t *hmacmd5; +#endif dst_hmacsha1_key_t *hmacsha1; dst_hmacsha224_key_t *hmacsha224; dst_hmacsha256_key_t *hmacsha256; @@ -145,11 +159,15 @@ struct dst_context { union { void *generic; dst_gssapi_signverifyctx_t *gssctx; +#ifndef PK11_MD5_DISABLE isc_md5_t *md5ctx; +#endif isc_sha1_t *sha1ctx; isc_sha256_t *sha256ctx; isc_sha512_t *sha512ctx; +#ifndef PK11_MD5_DISABLE isc_hmacmd5_t *hmacmd5ctx; +#endif isc_hmacsha1_t *hmacsha1ctx; isc_hmacsha224_t *hmacsha224ctx; isc_hmacsha256_t *hmacsha256ctx; @@ -215,7 +233,9 @@ struct dst_func { isc_result_t dst__openssl_init(const char *engine); #define dst__pkcs11_init pk11_initialize +#ifndef PK11_MD5_DISABLE isc_result_t dst__hmacmd5_init(struct dst_func **funcp); +#endif isc_result_t dst__hmacsha1_init(struct dst_func **funcp); isc_result_t dst__hmacsha224_init(struct dst_func **funcp); isc_result_t dst__hmacsha256_init(struct dst_func **funcp); @@ -224,10 +244,14 @@ isc_result_t dst__hmacsha512_init(struct dst_func **funcp); isc_result_t dst__opensslrsa_init(struct dst_func **funcp, unsigned char algorithm); isc_result_t dst__pkcs11rsa_init(struct dst_func **funcp); +#ifndef PK11_DSA_DISABLE isc_result_t dst__openssldsa_init(struct dst_func **funcp); isc_result_t dst__pkcs11dsa_init(struct dst_func **funcp); +#endif +#ifndef PK11_DH_DISABLE isc_result_t dst__openssldh_init(struct dst_func **funcp); isc_result_t dst__pkcs11dh_init(struct dst_func **funcp); +#endif isc_result_t dst__gssapi_init(struct dst_func **funcp); #ifdef HAVE_OPENSSL_ECDSA isc_result_t dst__opensslecdsa_init(struct dst_func **funcp); diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c index 1370f39984..c6ba79834a 100644 --- a/lib/dns/dst_parse.c +++ b/lib/dns/dst_parse.c @@ -38,6 +38,8 @@ #include #include +#include + #include #include @@ -88,16 +90,20 @@ static struct parse_map map[] = { {TAG_RSA_ENGINE, "Engine:" }, {TAG_RSA_LABEL, "Label:" }, +#ifndef PK11_DH_DISABLE {TAG_DH_PRIME, "Prime(p):"}, {TAG_DH_GENERATOR, "Generator(g):"}, {TAG_DH_PRIVATE, "Private_value(x):"}, {TAG_DH_PUBLIC, "Public_value(y):"}, +#endif +#ifndef PK11_DSA_DISABLE {TAG_DSA_PRIME, "Prime(p):"}, {TAG_DSA_SUBPRIME, "Subprime(q):"}, {TAG_DSA_BASE, "Base(g):"}, {TAG_DSA_PRIVATE, "Private_value(x):"}, {TAG_DSA_PUBLIC, "Public_value(y):"}, +#endif {TAG_GOST_PRIVASN1, "GostAsn1:"}, {TAG_GOST_PRIVRAW, "PrivateKey:"}, @@ -106,8 +112,10 @@ static struct parse_map map[] = { {TAG_ECDSA_ENGINE, "Engine:" }, {TAG_ECDSA_LABEL, "Label:" }, +#ifndef PK11_MD5_DISABLE {TAG_HMACMD5_KEY, "Key:"}, {TAG_HMACMD5_BITS, "Bits:"}, +#endif {TAG_HMACSHA1_KEY, "Key:"}, {TAG_HMACSHA1_BITS, "Bits:"}, @@ -215,6 +223,7 @@ check_rsa(const dst_private_t *priv, isc_boolean_t external) { return (ok ? 0 : -1 ); } +#ifndef PK11_DH_DISABLE static int check_dh(const dst_private_t *priv) { int i, j; @@ -229,7 +238,9 @@ check_dh(const dst_private_t *priv) { } return (0); } +#endif +#ifndef PK11_DSA_DISABLE static int check_dsa(const dst_private_t *priv, isc_boolean_t external) { int i, j; @@ -249,6 +260,7 @@ check_dsa(const dst_private_t *priv, isc_boolean_t external) { } return (0); } +#endif static int check_gost(const dst_private_t *priv, isc_boolean_t external) { @@ -296,6 +308,7 @@ check_ecdsa(const dst_private_t *priv, isc_boolean_t external) { return (ok ? 0 : -1 ); } +#ifndef PK11_MD5_DISABLE static int check_hmac_md5(const dst_private_t *priv, isc_boolean_t old) { int i, j; @@ -322,6 +335,7 @@ check_hmac_md5(const dst_private_t *priv, isc_boolean_t old) { } return (0); } +#endif static int check_hmac_sha(const dst_private_t *priv, unsigned int ntags, @@ -344,26 +358,37 @@ static int check_data(const dst_private_t *priv, const unsigned int alg, isc_boolean_t old, isc_boolean_t external) { +#ifdef PK11_MD5_DISABLE + UNUSED(old); +#endif /* XXXVIX this switch statement is too sparse to gen a jump table. */ switch (alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: case DST_ALG_RSASHA256: case DST_ALG_RSASHA512: return (check_rsa(priv, external)); +#ifndef PK11_DH_DISABLE case DST_ALG_DH: return (check_dh(priv)); +#endif +#ifndef PK11_DSA_DISABLE case DST_ALG_DSA: case DST_ALG_NSEC3DSA: return (check_dsa(priv, external)); +#endif case DST_ALG_ECCGOST: return (check_gost(priv, external)); case DST_ALG_ECDSA256: case DST_ALG_ECDSA384: return (check_ecdsa(priv, external)); +#ifndef PK11_MD5_DISABLE case DST_ALG_HMACMD5: return (check_hmac_md5(priv, old)); +#endif case DST_ALG_HMACSHA1: return (check_hmac_sha(priv, HMACSHA1_NTAGS, alg)); case DST_ALG_HMACSHA224: diff --git a/lib/dns/hmac_link.c b/lib/dns/hmac_link.c index 9e7c65fec5..7c28df3863 100644 --- a/lib/dns/hmac_link.c +++ b/lib/dns/hmac_link.c @@ -37,16 +37,20 @@ #include #include +#include + #include #include "dst_internal.h" #include "dst_parse.h" +#ifndef PK11_MD5_DISABLE static isc_result_t hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data); struct dst_hmacmd5_key { unsigned char key[ISC_MD5_BLOCK_LENGTH]; }; +#endif static isc_result_t getkeybits(dst_key_t *key, struct dst_private_element *element) { @@ -59,6 +63,7 @@ getkeybits(dst_key_t *key, struct dst_private_element *element) { return (ISC_R_SUCCESS); } +#ifndef PK11_MD5_DISABLE static isc_result_t hmacmd5_createctx(dst_key_t *key, dst_context_t *dctx) { isc_hmacmd5_t *hmacmd5ctx; @@ -337,6 +342,7 @@ dst__hmacmd5_init(dst_func_t **funcp) { *funcp = &hmacmd5_functions; return (ISC_R_SUCCESS); } +#endif static isc_result_t hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data); diff --git a/lib/dns/include/dns/tsig.h b/lib/dns/include/dns/tsig.h index 6790c22762..bd08712d95 100644 --- a/lib/dns/include/dns/tsig.h +++ b/lib/dns/include/dns/tsig.h @@ -19,6 +19,8 @@ #include #include +#include + #include #include @@ -27,8 +29,10 @@ /* * Algorithms. */ +#ifndef PK11_MD5_DISABLE LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacmd5_name; #define DNS_TSIG_HMACMD5_NAME dns_tsig_hmacmd5_name +#endif LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_gssapi_name; #define DNS_TSIG_GSSAPI_NAME dns_tsig_gssapi_name LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_gssapims_name; diff --git a/lib/dns/openssldh_link.c b/lib/dns/openssldh_link.c index fc3c9733c7..4237ad028b 100644 --- a/lib/dns/openssldh_link.c +++ b/lib/dns/openssldh_link.c @@ -29,6 +29,10 @@ #include +#include + +#ifndef PK11_DH_DISABLE + #include #include @@ -689,6 +693,7 @@ dst__openssldh_init(dst_func_t **funcp) { if (bn1536 != NULL) BN_free(bn1536); return (ISC_R_NOMEMORY); } +#endif /* !PK11_DH_DISABLE */ #else /* OPENSSL */ diff --git a/lib/dns/openssldsa_link.c b/lib/dns/openssldsa_link.c index 415e6c207d..184c1630e1 100644 --- a/lib/dns/openssldsa_link.c +++ b/lib/dns/openssldsa_link.c @@ -27,6 +27,10 @@ #include +#include + +#ifndef PK11_DSA_DISABLE + #include #include @@ -677,6 +681,7 @@ dst__openssldsa_init(dst_func_t **funcp) { *funcp = &openssldsa_functions; return (ISC_R_SUCCESS); } +#endif /* !PK11_DSA_DISABLE */ #else /* OPENSSL */ diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c index 4a81440529..b5ad9133d2 100644 --- a/lib/dns/opensslrsa_link.c +++ b/lib/dns/opensslrsa_link.c @@ -31,6 +31,8 @@ #include #include +#include + #include #include "dst_internal.h" @@ -122,11 +124,18 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) { #endif UNUSED(key); +#ifndef PK11_MD5_DISABLE REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || dctx->key->key_alg == DST_ALG_RSASHA1 || dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || dctx->key->key_alg == DST_ALG_RSASHA256 || dctx->key->key_alg == DST_ALG_RSASHA512); +#else + REQUIRE(dctx->key->key_alg == DST_ALG_RSASHA1 || + dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || + dctx->key->key_alg == DST_ALG_RSASHA256 || + dctx->key->key_alg == DST_ALG_RSASHA512); +#endif #if USE_EVP evp_md_ctx = EVP_MD_CTX_create(); @@ -134,9 +143,11 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) { return (ISC_R_NOMEMORY); switch (dctx->key->key_alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: type = EVP_md5(); /* MD5 + RSA */ break; +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: type = EVP_sha1(); /* SHA1 + RSA */ @@ -164,6 +175,7 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->ctxdata.evp_md_ctx = evp_md_ctx; #else switch (dctx->key->key_alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: { isc_md5_t *md5ctx; @@ -175,6 +187,7 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->ctxdata.md5ctx = md5ctx; } break; +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: { @@ -225,11 +238,18 @@ opensslrsa_destroyctx(dst_context_t *dctx) { EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; #endif +#ifndef PK11_MD5_DISABLE REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || dctx->key->key_alg == DST_ALG_RSASHA1 || dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || dctx->key->key_alg == DST_ALG_RSASHA256 || dctx->key->key_alg == DST_ALG_RSASHA512); +#else + REQUIRE(dctx->key->key_alg == DST_ALG_RSASHA1 || + dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || + dctx->key->key_alg == DST_ALG_RSASHA256 || + dctx->key->key_alg == DST_ALG_RSASHA512); +#endif #if USE_EVP if (evp_md_ctx != NULL) { @@ -238,6 +258,7 @@ opensslrsa_destroyctx(dst_context_t *dctx) { } #else switch (dctx->key->key_alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: { isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; @@ -250,6 +271,7 @@ opensslrsa_destroyctx(dst_context_t *dctx) { } } break; +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: { @@ -299,11 +321,18 @@ opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) { EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; #endif +#ifndef PK11_MD5_DISABLE REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || dctx->key->key_alg == DST_ALG_RSASHA1 || dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || dctx->key->key_alg == DST_ALG_RSASHA256 || dctx->key->key_alg == DST_ALG_RSASHA512); +#else + REQUIRE(dctx->key->key_alg == DST_ALG_RSASHA1 || + dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || + dctx->key->key_alg == DST_ALG_RSASHA256 || + dctx->key->key_alg == DST_ALG_RSASHA512); +#endif #if USE_EVP if (!EVP_DigestUpdate(evp_md_ctx, data->base, data->length)) { @@ -313,6 +342,7 @@ opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) { } #else switch (dctx->key->key_alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: { isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; @@ -320,6 +350,7 @@ opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) { isc_md5_update(md5ctx, data->base, data->length); } break; +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: { @@ -385,11 +416,18 @@ opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { #endif #endif +#ifndef PK11_MD5_DISABLE REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || dctx->key->key_alg == DST_ALG_RSASHA1 || dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || dctx->key->key_alg == DST_ALG_RSASHA256 || dctx->key->key_alg == DST_ALG_RSASHA512); +#else + REQUIRE(dctx->key->key_alg == DST_ALG_RSASHA1 || + dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || + dctx->key->key_alg == DST_ALG_RSASHA256 || + dctx->key->key_alg == DST_ALG_RSASHA512); +#endif isc_buffer_availableregion(sig, &r); @@ -407,6 +445,7 @@ opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { return (ISC_R_NOSPACE); switch (dctx->key->key_alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: { isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; @@ -416,6 +455,7 @@ opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { digestlen = ISC_MD5_DIGESTLENGTH; } break; +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: { @@ -460,7 +500,9 @@ opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { #if OPENSSL_VERSION_NUMBER < 0x00908000L switch (dctx->key->key_alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: INSIST(type != 0); @@ -524,11 +566,18 @@ opensslrsa_verify2(dst_context_t *dctx, int maxbits, const isc_region_t *sig) { #endif #endif +#ifndef PK11_MD5_DISABLE REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || dctx->key->key_alg == DST_ALG_RSASHA1 || dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || dctx->key->key_alg == DST_ALG_RSASHA256 || dctx->key->key_alg == DST_ALG_RSASHA512); +#else + REQUIRE(dctx->key->key_alg == DST_ALG_RSASHA1 || + dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || + dctx->key->key_alg == DST_ALG_RSASHA256 || + dctx->key->key_alg == DST_ALG_RSASHA512); +#endif #if USE_EVP rsa = EVP_PKEY_get1_RSA(pkey); @@ -555,6 +604,7 @@ opensslrsa_verify2(dst_context_t *dctx, int maxbits, const isc_region_t *sig) { return (DST_R_VERIFYFAILURE); switch (dctx->key->key_alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: { isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; @@ -564,6 +614,7 @@ opensslrsa_verify2(dst_context_t *dctx, int maxbits, const isc_region_t *sig) { digestlen = ISC_MD5_DIGESTLENGTH; } break; +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: { @@ -611,7 +662,9 @@ opensslrsa_verify2(dst_context_t *dctx, int maxbits, const isc_region_t *sig) { #if OPENSSL_VERSION_NUMBER < 0x00908000L switch (dctx->key->key_alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: INSIST(type != 0); diff --git a/lib/dns/pkcs11dh_link.c b/lib/dns/pkcs11dh_link.c index 6a2f902837..b9d895f3a6 100644 --- a/lib/dns/pkcs11dh_link.c +++ b/lib/dns/pkcs11dh_link.c @@ -10,6 +10,10 @@ #include +#include + +#ifndef PK11_DH_DISABLE + #include #include @@ -1119,6 +1123,7 @@ dst__pkcs11dh_init(dst_func_t **funcp) { *funcp = &pkcs11dh_functions; return (ISC_R_SUCCESS); } +#endif /* !PK11_DH_DISABLE */ #else /* PKCS11CRYPTO */ diff --git a/lib/dns/pkcs11dsa_link.c b/lib/dns/pkcs11dsa_link.c index f01cc6dc71..0737328f8b 100644 --- a/lib/dns/pkcs11dsa_link.c +++ b/lib/dns/pkcs11dsa_link.c @@ -10,6 +10,10 @@ #include +#include + +#ifndef PK11_DSA_DISABLE + #include #include @@ -1098,6 +1102,7 @@ dst__pkcs11dsa_init(dst_func_t **funcp) { *funcp = &pkcs11dsa_functions; return (ISC_R_SUCCESS); } +#endif /* !PK11_DSA_DISABLE */ #else /* PKCS11CRYPTO */ diff --git a/lib/dns/pkcs11rsa_link.c b/lib/dns/pkcs11rsa_link.c index bb6e5b5f3a..9fca8e309f 100644 --- a/lib/dns/pkcs11rsa_link.c +++ b/lib/dns/pkcs11rsa_link.c @@ -28,6 +28,7 @@ #include "dst_pkcs11.h" #include +#include /* * Limit the size of public exponents. @@ -76,11 +77,18 @@ pkcs11rsa_createctx_sign(dst_key_t *key, dst_context_t *dctx) { isc_result_t ret; unsigned int i; +#ifndef PK11_MD5_DISABLE REQUIRE(key->key_alg == DST_ALG_RSAMD5 || key->key_alg == DST_ALG_RSASHA1 || key->key_alg == DST_ALG_NSEC3RSASHA1 || key->key_alg == DST_ALG_RSASHA256 || key->key_alg == DST_ALG_RSASHA512); +#else + REQUIRE(key->key_alg == DST_ALG_RSASHA1 || + key->key_alg == DST_ALG_NSEC3RSASHA1 || + key->key_alg == DST_ALG_RSASHA256 || + key->key_alg == DST_ALG_RSASHA512); +#endif rsa = key->keydata.pkey; @@ -200,9 +208,11 @@ pkcs11rsa_createctx_sign(dst_key_t *key, dst_context_t *dctx) { token_key: switch (dctx->key->key_alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: mech.mechanism = CKM_MD5_RSA_PKCS; break; +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: mech.mechanism = CKM_SHA1_RSA_PKCS; @@ -276,11 +286,18 @@ pkcs11rsa_createctx_verify(dst_key_t *key, unsigned int maxbits, isc_result_t ret; unsigned int i; +#ifndef PK11_MD5_DISABLE REQUIRE(key->key_alg == DST_ALG_RSAMD5 || key->key_alg == DST_ALG_RSASHA1 || key->key_alg == DST_ALG_NSEC3RSASHA1 || key->key_alg == DST_ALG_RSASHA256 || key->key_alg == DST_ALG_RSASHA512); +#else + REQUIRE(key->key_alg == DST_ALG_RSASHA1 || + key->key_alg == DST_ALG_NSEC3RSASHA1 || + key->key_alg == DST_ALG_RSASHA256 || + key->key_alg == DST_ALG_RSASHA512); +#endif rsa = key->keydata.pkey; @@ -332,9 +349,11 @@ pkcs11rsa_createctx_verify(dst_key_t *key, unsigned int maxbits, ISC_R_FAILURE); switch (dctx->key->key_alg) { +#ifndef PK11_MD5_DISABLE case DST_ALG_RSAMD5: mech.mechanism = CKM_MD5_RSA_PKCS; break; +#endif case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: mech.mechanism = CKM_SHA1_RSA_PKCS; diff --git a/lib/dns/rcode.c b/lib/dns/rcode.c index f3ca1cb150..534f16a3c2 100644 --- a/lib/dns/rcode.c +++ b/lib/dns/rcode.c @@ -22,6 +22,8 @@ #include #include +#include + #include #include #include @@ -97,12 +99,31 @@ /* RFC2535 section 7, RFC3110 */ -#define SECALGNAMES \ +#ifndef PK11_MD5_DISABLE +#define MD5_SECALGNAMES \ { DNS_KEYALG_RSAMD5, "RSAMD5", 0 }, \ - { DNS_KEYALG_RSAMD5, "RSA", 0 }, \ - { DNS_KEYALG_DH, "DH", 0 }, \ + { DNS_KEYALG_RSAMD5, "RSA", 0 }, +#else +#define MD5_SECALGNAMES +#endif +#ifndef PK11_DH_DISABLE +#define DH_SECALGNAMES \ + { DNS_KEYALG_DH, "DH", 0 }, +#else +#define DH_SECALGNAMES +#endif +#ifndef PK11_DSA_DISABLE +#define DSA_SECALGNAMES \ { DNS_KEYALG_DSA, "DSA", 0 }, \ - { DNS_KEYALG_NSEC3DSA, "NSEC3DSA", 0 }, \ + { DNS_KEYALG_NSEC3DSA, "NSEC3DSA", 0 }, +#else +#define DSA_SECALGNAMES +#endif + +#define SECALGNAMES \ + MD5_SECALGNAMES \ + DH_SECALGNAMES \ + DSA_SECALGNAMES \ { DNS_KEYALG_ECC, "ECC", 0 }, \ { DNS_KEYALG_RSASHA1, "RSASHA1", 0 }, \ { DNS_KEYALG_NSEC3RSASHA1, "NSEC3RSASHA1", 0 }, \ diff --git a/lib/dns/tests/dh_test.c b/lib/dns/tests/dh_test.c index da39036721..036d27a761 100644 --- a/lib/dns/tests/dh_test.c +++ b/lib/dns/tests/dh_test.c @@ -19,6 +19,8 @@ #include #include +#include + #include #include @@ -26,7 +28,7 @@ #include "dnstest.h" -#ifdef OPENSSL +#if defined(OPENSSL) && !defined(PK11_DH_DISABLE) ATF_TC(isc_dh_computesecret); ATF_TC_HEAD(isc_dh_computesecret, tc) { @@ -80,7 +82,7 @@ ATF_TC_BODY(untested, tc) { * Main */ ATF_TP_ADD_TCS(tp) { -#ifdef OPENSSL +#if defined(OPENSSL) && !defined(PK11_DH_DISABLE) ATF_TP_ADD_TC(tp, isc_dh_computesecret); #else ATF_TP_ADD_TC(tp, untested); diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index 9e1c6a191e..91292dfec2 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -17,6 +17,8 @@ #include #include +#include + #include #include #include @@ -231,6 +233,7 @@ static isc_result_t compute_secret(isc_buffer_t *shared, isc_region_t *queryrandomness, isc_region_t *serverrandomness, isc_buffer_t *secret) { +#ifndef PK11_MD5_DISABLE isc_md5_t md5ctx; isc_region_t r, r2; unsigned char digests[32]; @@ -275,7 +278,14 @@ compute_secret(isc_buffer_t *shared, isc_region_t *queryrandomness, isc_buffer_add(secret, sizeof(digests)); } return (ISC_R_SUCCESS); +#else + UNUSED(shared); + UNUSED(queryrandomness); + UNUSED(serverrandomness); + UNUSED(secret); + return (ISC_R_NOTIMPLEMENTED); +#endif } static isc_result_t @@ -304,12 +314,18 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, return (DNS_R_REFUSED); } +#ifndef PK11_MD5_DISABLE if (!dns_name_equal(&tkeyin->algorithm, DNS_TSIG_HMACMD5_NAME)) { tkey_log("process_dhtkey: algorithms other than " "hmac-md5 are not supported"); tkeyout->error = dns_tsigerror_badalg; return (ISC_R_SUCCESS); } +#else + tkey_log("process_dhtkey: MD5 was disabled"); + tkeyout->error = dns_tsigerror_badalg; + return (ISC_R_SUCCESS); +#endif /* * Look for a DH KEY record that will work with ours. @@ -336,6 +352,7 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, dns_rdata_reset(&keyrdata); continue; } +#ifndef PK11_DH_DISABLE if (dst_key_alg(pubkey) == DNS_KEYALG_DH) { if (dst_key_paramcompare(pubkey, tctx->dhkey)) { @@ -345,6 +362,7 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, } else found_incompatible = ISC_TRUE; } +#endif dst_key_free(&pubkey); dns_rdata_reset(&keyrdata); } diff --git a/lib/dns/tsec.c b/lib/dns/tsec.c index c241f098d5..832b7f9f7f 100644 --- a/lib/dns/tsec.c +++ b/lib/dns/tsec.c @@ -12,6 +12,8 @@ #include +#include + #include #include #include @@ -57,9 +59,11 @@ dns_tsec_create(isc_mem_t *mctx, dns_tsectype_t type, dst_key_t *key, switch (type) { case dns_tsectype_tsig: switch (dst_key_alg(key)) { +#ifndef PK11_MD5_DISABLE case DST_ALG_HMACMD5: algname = dns_tsig_hmacmd5_name; break; +#endif case DST_ALG_HMACSHA1: algname = dns_tsig_hmacsha1_name; break; diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c index 7e9b87979c..54f7fe65c5 100644 --- a/lib/dns/tsig.c +++ b/lib/dns/tsig.c @@ -22,6 +22,8 @@ #include #include +#include + #include #include #include @@ -44,6 +46,7 @@ #endif #define is_response(msg) (msg->flags & DNS_MESSAGEFLAG_QR) +#ifndef PK11_MD5_DISABLE #define algname_is_allocated(algname) \ ((algname) != dns_tsig_hmacmd5_name && \ (algname) != dns_tsig_hmacsha1_name && \ @@ -53,9 +56,20 @@ (algname) != dns_tsig_hmacsha512_name && \ (algname) != dns_tsig_gssapi_name && \ (algname) != dns_tsig_gssapims_name) +#else +#define algname_is_allocated(algname) \ + ((algname) != dns_tsig_hmacsha1_name && \ + (algname) != dns_tsig_hmacsha224_name && \ + (algname) != dns_tsig_hmacsha256_name && \ + (algname) != dns_tsig_hmacsha384_name && \ + (algname) != dns_tsig_hmacsha512_name && \ + (algname) != dns_tsig_gssapi_name && \ + (algname) != dns_tsig_gssapims_name) +#endif #define BADTIMELEN 6 +#ifndef PK11_MD5_DISABLE static unsigned char hmacmd5_ndata[] = "\010hmac-md5\007sig-alg\003reg\003int"; static unsigned char hmacmd5_offsets[] = { 0, 9, 17, 21, 25 }; @@ -69,6 +83,7 @@ static dns_name_t hmacmd5 = { }; dns_name_t *dns_tsig_hmacmd5_name = &hmacmd5; +#endif static unsigned char gsstsig_ndata[] = "\010gss-tsig"; static unsigned char gsstsig_offsets[] = { 0, 9 }; @@ -307,13 +322,16 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, goto cleanup_key; (void)dns_name_downcase(&tkey->name, &tkey->name, NULL); +#ifndef PK11_MD5_DISABLE if (dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME)) { tkey->algorithm = DNS_TSIG_HMACMD5_NAME; if (dstkey != NULL && dst_key_alg(dstkey) != DST_ALG_HMACMD5) { ret = DNS_R_BADALG; goto cleanup_name; } - } else if (dns_name_equal(algorithm, DNS_TSIG_HMACSHA1_NAME)) { + } else +#endif + if (dns_name_equal(algorithm, DNS_TSIG_HMACSHA1_NAME)) { tkey->algorithm = DNS_TSIG_HMACSHA1_NAME; if (dstkey != NULL && dst_key_alg(dstkey) != DST_ALG_HMACSHA1) { ret = DNS_R_BADALG; @@ -531,9 +549,12 @@ destroyring(dns_tsig_keyring_t *ring) { static unsigned int dst_alg_fromname(dns_name_t *algorithm) { +#ifndef PK11_MD5_DISABLE if (dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME)) { return (DST_ALG_HMACMD5); - } else if (dns_name_equal(algorithm, DNS_TSIG_HMACSHA1_NAME)) { + } else +#endif + if (dns_name_equal(algorithm, DNS_TSIG_HMACSHA1_NAME)) { return (DST_ALG_HMACSHA1); } else if (dns_name_equal(algorithm, DNS_TSIG_HMACSHA224_NAME)) { return (DST_ALG_HMACSHA224); @@ -716,6 +737,7 @@ dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm, if (length > 0) REQUIRE(secret != NULL); +#ifndef PK11_MD5_DISABLE if (dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME)) { if (secret != NULL) { isc_buffer_t b; @@ -730,7 +752,9 @@ dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm, if (result != ISC_R_SUCCESS) return (result); } - } else if (dns_name_equal(algorithm, DNS_TSIG_HMACSHA1_NAME)) { + } else +#endif + if (dns_name_equal(algorithm, DNS_TSIG_HMACSHA1_NAME)) { if (secret != NULL) { isc_buffer_t b; @@ -1301,7 +1325,11 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, ret = dst_key_sigsize(key, &siglen); if (ret != ISC_R_SUCCESS) return (ret); - if (alg == DST_ALG_HMACMD5 || alg == DST_ALG_HMACSHA1 || + if ( +#ifndef PK11_MD5_DISABLE + alg == DST_ALG_HMACMD5 || +#endif + alg == DST_ALG_HMACSHA1 || alg == DST_ALG_HMACSHA224 || alg == DST_ALG_HMACSHA256 || alg == DST_ALG_HMACSHA384 || alg == DST_ALG_HMACSHA512) { isc_uint16_t digestbits = dst_key_getbits(key); diff --git a/lib/isc/hmacmd5.c b/lib/isc/hmacmd5.c index c46aeb672e..621aa3bec0 100644 --- a/lib/isc/hmacmd5.c +++ b/lib/isc/hmacmd5.c @@ -15,6 +15,10 @@ #include "config.h" +#include + +#ifndef PK11_MD5_DISABLE + #include #include #include @@ -24,7 +28,7 @@ #include #include -#if PKCS11CRYPTO || PKCS11CRYPTOWITHHMAC +#if PKCS11CRYPTO #include #include #endif @@ -69,7 +73,9 @@ isc_hmacmd5_sign(isc_hmacmd5_t *ctx, unsigned char *digest) { HMAC_CTX_cleanup(ctx); } -#elif PKCS11CRYPTOWITHHMAC +#elif PKCS11CRYPTO + +#ifndef PK11_MD5_HMAC_REPLACE static CK_BBOOL truevalue = TRUE; static CK_BBOOL falsevalue = FALSE; @@ -142,8 +148,8 @@ isc_hmacmd5_sign(isc_hmacmd5_t *ctx, unsigned char *digest) { ctx->object = CK_INVALID_HANDLE; pk11_return_session(ctx); } - -#elif PKCS11CRYPTO +#else +/* Replace missing CKM_MD5_HMAC PKCS#11 mechanism */ #define PADLEN 64 #define IPAD 0x36 @@ -229,6 +235,7 @@ isc_hmacmd5_sign(isc_hmacmd5_t *ctx, unsigned char *digest) { (CK_ULONG_PTR) &len)); pk11_return_session(ctx); } +#endif #else @@ -319,3 +326,17 @@ isc_hmacmd5_verify2(isc_hmacmd5_t *ctx, unsigned char *digest, size_t len) { isc_hmacmd5_sign(ctx, newdigest); return (isc_safe_memequal(digest, newdigest, len)); } + +#else /* !PK11_MD5_DISABLE */ +#ifdef WIN32 +/* Make the Visual Studio linker happy */ +#include + +void isc_hmacmd5_init() { INSIST(0); } +void isc_hmacmd5_invalidate() { INSIST(0); } +void isc_hmacmd5_sign() { INSIST(0); } +void isc_hmacmd5_update() { INSIST(0); } +void isc_hmacmd5_verify() { INSIST(0); } +void isc_hmacmd5_verify2() { INSIST(0); } +#endif +#endif /* PK11_MD5_DISABLE */ diff --git a/lib/isc/hmacsha.c b/lib/isc/hmacsha.c index f9bf96532f..ef1b8f0847 100644 --- a/lib/isc/hmacsha.c +++ b/lib/isc/hmacsha.c @@ -254,9 +254,25 @@ isc_hmacsha512_sign(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) { #elif PKCS11CRYPTO +#if defined(PK11_SHA_1_HMAC_REPLACE) || \ + defined(PK11_SHA224_HMAC_REPLACE) || \ + defined(PK11_SHA256_HMAC_REPLACE) || \ + defined(PK11_SHA384_HMAC_REPLACE) || \ + defined(PK11_SHA512_HMAC_REPLACE) +#define IPAD 0x36 +#define OPAD 0x5C +#endif + +#if !defined(PK11_SHA_1_HMAC_REPLACE) && \ + !defined(PK11_SHA224_HMAC_REPLACE) && \ + !defined(PK11_SHA256_HMAC_REPLACE) && \ + !defined(PK11_SHA384_HMAC_REPLACE) && \ + !defined(PK11_SHA512_HMAC_REPLACE) static CK_BBOOL truevalue = TRUE; static CK_BBOOL falsevalue = FALSE; +#endif +#ifndef PK11_SHA_1_HMAC_REPLACE void isc_hmacsha1_init(isc_hmacsha1_t *ctx, const unsigned char *key, unsigned int len) @@ -329,7 +345,93 @@ isc_hmacsha1_sign(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) { memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } +#else +void +isc_hmacsha1_init(isc_hmacsha1_t *ctx, const unsigned char *key, + unsigned int len) +{ + CK_RV rv; + CK_MECHANISM mech = { CKM_SHA_1, NULL, 0 }; + unsigned char ipad[ISC_SHA1_BLOCK_LENGTH]; + unsigned int i; + + RUNTIME_CHECK(pk11_get_session(ctx, OP_DIGEST, ISC_TRUE, ISC_FALSE, + ISC_FALSE, NULL, 0) == ISC_R_SUCCESS); + RUNTIME_CHECK((ctx->key = pk11_mem_get(ISC_SHA1_BLOCK_LENGTH)) + != NULL); + if (len > ISC_SHA1_BLOCK_LENGTH) { + CK_BYTE_PTR kPart; + CK_ULONG kl; + + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + DE_CONST(key, kPart); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, kPart, (CK_ULONG) len)); + kl = ISC_SHA1_DIGESTLENGTH; + PK11_FATALCHECK(pkcs_C_DigestFinal, + (ctx->session, (CK_BYTE_PTR) ctx->key, &kl)); + } else + memmove(ctx->key, key, len); + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + memset(ipad, IPAD, ISC_SHA1_BLOCK_LENGTH); + for (i = 0; i < ISC_SHA1_BLOCK_LENGTH; i++) + ipad[i] ^= ctx->key[i]; + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, ipad, + (CK_ULONG) ISC_SHA1_BLOCK_LENGTH)); +} + +void +isc_hmacsha1_invalidate(isc_hmacsha1_t *ctx) { + if (ctx->key != NULL) + pk11_mem_put(ctx->key, ISC_SHA1_BLOCK_LENGTH); + ctx->key = NULL; + isc_sha1_invalidate(ctx); +} + +void +isc_hmacsha1_update(isc_hmacsha1_t *ctx, const unsigned char *buf, + unsigned int len) +{ + CK_RV rv; + CK_BYTE_PTR pPart; + + DE_CONST(buf, pPart); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, pPart, (CK_ULONG) len)); +} + +void +isc_hmacsha1_sign(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) { + CK_RV rv; + CK_BYTE newdigest[ISC_SHA1_DIGESTLENGTH]; + CK_ULONG psl = ISC_SHA1_DIGESTLENGTH; + CK_MECHANISM mech = { CKM_SHA_1, NULL, 0 }; + CK_BYTE opad[ISC_SHA1_BLOCK_LENGTH]; + unsigned int i; + + REQUIRE(len <= ISC_SHA1_DIGESTLENGTH); + + PK11_FATALCHECK(pkcs_C_DigestFinal, (ctx->session, newdigest, &psl)); + memset(opad, OPAD, ISC_SHA1_BLOCK_LENGTH); + for (i = 0; i < ISC_SHA1_BLOCK_LENGTH; i++) + opad[i] ^= ctx->key[i]; + pk11_mem_put(ctx->key, ISC_SHA1_BLOCK_LENGTH); + ctx->key = NULL; + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, opad, + (CK_ULONG) ISC_SHA1_BLOCK_LENGTH)); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, (CK_BYTE_PTR) newdigest, psl)); + PK11_FATALCHECK(pkcs_C_DigestFinal, (ctx->session, newdigest, &psl)); + pk11_return_session(ctx); + memmove(digest, newdigest, len); + memset(newdigest, 0, sizeof(newdigest)); +} +#endif +#ifndef PK11_SHA224_HMAC_REPLACE void isc_hmacsha224_init(isc_hmacsha224_t *ctx, const unsigned char *key, unsigned int len) @@ -402,7 +504,93 @@ isc_hmacsha224_sign(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) { memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } +#else +void +isc_hmacsha224_init(isc_hmacsha224_t *ctx, const unsigned char *key, + unsigned int len) +{ + CK_RV rv; + CK_MECHANISM mech = { CKM_SHA224, NULL, 0 }; + unsigned char ipad[ISC_SHA224_BLOCK_LENGTH]; + unsigned int i; + + RUNTIME_CHECK(pk11_get_session(ctx, OP_DIGEST, ISC_TRUE, ISC_FALSE, + ISC_FALSE, NULL, 0) == ISC_R_SUCCESS); + RUNTIME_CHECK((ctx->key = pk11_mem_get(ISC_SHA224_BLOCK_LENGTH)) + != NULL); + if (len > ISC_SHA224_BLOCK_LENGTH) { + CK_BYTE_PTR kPart; + CK_ULONG kl; + + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + DE_CONST(key, kPart); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, kPart, (CK_ULONG) len)); + kl = ISC_SHA224_DIGESTLENGTH; + PK11_FATALCHECK(pkcs_C_DigestFinal, + (ctx->session, (CK_BYTE_PTR) ctx->key, &kl)); + } else + memmove(ctx->key, key, len); + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + memset(ipad, IPAD, ISC_SHA224_BLOCK_LENGTH); + for (i = 0; i < ISC_SHA224_BLOCK_LENGTH; i++) + ipad[i] ^= ctx->key[i]; + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, ipad, + (CK_ULONG) ISC_SHA224_BLOCK_LENGTH)); +} + +void +isc_hmacsha224_invalidate(isc_hmacsha224_t *ctx) { + if (ctx->key != NULL) + pk11_mem_put(ctx->key, ISC_SHA224_BLOCK_LENGTH); + ctx->key = NULL; + isc_sha224_invalidate(ctx); +} +void +isc_hmacsha224_update(isc_hmacsha224_t *ctx, const unsigned char *buf, + unsigned int len) +{ + CK_RV rv; + CK_BYTE_PTR pPart; + + DE_CONST(buf, pPart); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, pPart, (CK_ULONG) len)); +} + +void +isc_hmacsha224_sign(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) { + CK_RV rv; + CK_BYTE newdigest[ISC_SHA224_DIGESTLENGTH]; + CK_ULONG psl = ISC_SHA224_DIGESTLENGTH; + CK_MECHANISM mech = { CKM_SHA224, NULL, 0 }; + CK_BYTE opad[ISC_SHA224_BLOCK_LENGTH]; + unsigned int i; + + REQUIRE(len <= ISC_SHA224_DIGESTLENGTH); + + PK11_FATALCHECK(pkcs_C_DigestFinal, (ctx->session, newdigest, &psl)); + memset(opad, OPAD, ISC_SHA224_BLOCK_LENGTH); + for (i = 0; i < ISC_SHA224_BLOCK_LENGTH; i++) + opad[i] ^= ctx->key[i]; + pk11_mem_put(ctx->key, ISC_SHA224_BLOCK_LENGTH); + ctx->key = NULL; + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, opad, + (CK_ULONG) ISC_SHA224_BLOCK_LENGTH)); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, (CK_BYTE_PTR) newdigest, psl)); + PK11_FATALCHECK(pkcs_C_DigestFinal, (ctx->session, newdigest, &psl)); + pk11_return_session(ctx); + memmove(digest, newdigest, len); + memset(newdigest, 0, sizeof(newdigest)); +} +#endif + +#ifndef PK11_SHA256_HMAC_REPLACE void isc_hmacsha256_init(isc_hmacsha256_t *ctx, const unsigned char *key, unsigned int len) @@ -475,7 +663,93 @@ isc_hmacsha256_sign(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) { memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } +#else +void +isc_hmacsha256_init(isc_hmacsha256_t *ctx, const unsigned char *key, + unsigned int len) +{ + CK_RV rv; + CK_MECHANISM mech = { CKM_SHA256, NULL, 0 }; + unsigned char ipad[ISC_SHA256_BLOCK_LENGTH]; + unsigned int i; + + RUNTIME_CHECK(pk11_get_session(ctx, OP_DIGEST, ISC_TRUE, ISC_FALSE, + ISC_FALSE, NULL, 0) == ISC_R_SUCCESS); + RUNTIME_CHECK((ctx->key = pk11_mem_get(ISC_SHA256_BLOCK_LENGTH)) + != NULL); + if (len > ISC_SHA256_BLOCK_LENGTH) { + CK_BYTE_PTR kPart; + CK_ULONG kl; + + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + DE_CONST(key, kPart); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, kPart, (CK_ULONG) len)); + kl = ISC_SHA256_DIGESTLENGTH; + PK11_FATALCHECK(pkcs_C_DigestFinal, + (ctx->session, (CK_BYTE_PTR) ctx->key, &kl)); + } else + memmove(ctx->key, key, len); + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + memset(ipad, IPAD, ISC_SHA256_BLOCK_LENGTH); + for (i = 0; i < ISC_SHA256_BLOCK_LENGTH; i++) + ipad[i] ^= ctx->key[i]; + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, ipad, + (CK_ULONG) ISC_SHA256_BLOCK_LENGTH)); +} +void +isc_hmacsha256_invalidate(isc_hmacsha256_t *ctx) { + if (ctx->key != NULL) + pk11_mem_put(ctx->key, ISC_SHA256_BLOCK_LENGTH); + ctx->key = NULL; + isc_sha256_invalidate(ctx); +} + +void +isc_hmacsha256_update(isc_hmacsha256_t *ctx, const unsigned char *buf, + unsigned int len) +{ + CK_RV rv; + CK_BYTE_PTR pPart; + + DE_CONST(buf, pPart); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, pPart, (CK_ULONG) len)); +} + +void +isc_hmacsha256_sign(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) { + CK_RV rv; + CK_BYTE newdigest[ISC_SHA256_DIGESTLENGTH]; + CK_ULONG psl = ISC_SHA256_DIGESTLENGTH; + CK_MECHANISM mech = { CKM_SHA256, NULL, 0 }; + CK_BYTE opad[ISC_SHA256_BLOCK_LENGTH]; + unsigned int i; + + REQUIRE(len <= ISC_SHA256_DIGESTLENGTH); + + PK11_FATALCHECK(pkcs_C_DigestFinal, (ctx->session, newdigest, &psl)); + memset(opad, OPAD, ISC_SHA256_BLOCK_LENGTH); + for (i = 0; i < ISC_SHA256_BLOCK_LENGTH; i++) + opad[i] ^= ctx->key[i]; + pk11_mem_put(ctx->key, ISC_SHA256_BLOCK_LENGTH); + ctx->key = NULL; + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, opad, + (CK_ULONG) ISC_SHA256_BLOCK_LENGTH)); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, (CK_BYTE_PTR) newdigest, psl)); + PK11_FATALCHECK(pkcs_C_DigestFinal, (ctx->session, newdigest, &psl)); + pk11_return_session(ctx); + memmove(digest, newdigest, len); + memset(newdigest, 0, sizeof(newdigest)); +} +#endif + +#ifndef PK11_SHA384_HMAC_REPLACE void isc_hmacsha384_init(isc_hmacsha384_t *ctx, const unsigned char *key, unsigned int len) @@ -548,7 +822,93 @@ isc_hmacsha384_sign(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) { memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } +#else +void +isc_hmacsha384_init(isc_hmacsha384_t *ctx, const unsigned char *key, + unsigned int len) +{ + CK_RV rv; + CK_MECHANISM mech = { CKM_SHA384, NULL, 0 }; + unsigned char ipad[ISC_SHA384_BLOCK_LENGTH]; + unsigned int i; + + RUNTIME_CHECK(pk11_get_session(ctx, OP_DIGEST, ISC_TRUE, ISC_FALSE, + ISC_FALSE, NULL, 0) == ISC_R_SUCCESS); + RUNTIME_CHECK((ctx->key = pk11_mem_get(ISC_SHA384_BLOCK_LENGTH)) + != NULL); + if (len > ISC_SHA384_BLOCK_LENGTH) { + CK_BYTE_PTR kPart; + CK_ULONG kl; + + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + DE_CONST(key, kPart); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, kPart, (CK_ULONG) len)); + kl = ISC_SHA384_DIGESTLENGTH; + PK11_FATALCHECK(pkcs_C_DigestFinal, + (ctx->session, (CK_BYTE_PTR) ctx->key, &kl)); + } else + memmove(ctx->key, key, len); + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + memset(ipad, IPAD, ISC_SHA384_BLOCK_LENGTH); + for (i = 0; i < ISC_SHA384_BLOCK_LENGTH; i++) + ipad[i] ^= ctx->key[i]; + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, ipad, + (CK_ULONG) ISC_SHA384_BLOCK_LENGTH)); +} + +void +isc_hmacsha384_invalidate(isc_hmacsha384_t *ctx) { + if (ctx->key != NULL) + pk11_mem_put(ctx->key, ISC_SHA384_BLOCK_LENGTH); + ctx->key = NULL; + isc_sha384_invalidate(ctx); +} + +void +isc_hmacsha384_update(isc_hmacsha384_t *ctx, const unsigned char *buf, + unsigned int len) +{ + CK_RV rv; + CK_BYTE_PTR pPart; + + DE_CONST(buf, pPart); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, pPart, (CK_ULONG) len)); +} + +void +isc_hmacsha384_sign(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) { + CK_RV rv; + CK_BYTE newdigest[ISC_SHA384_DIGESTLENGTH]; + CK_ULONG psl = ISC_SHA384_DIGESTLENGTH; + CK_MECHANISM mech = { CKM_SHA384, NULL, 0 }; + CK_BYTE opad[ISC_SHA384_BLOCK_LENGTH]; + unsigned int i; + + REQUIRE(len <= ISC_SHA384_DIGESTLENGTH); + + PK11_FATALCHECK(pkcs_C_DigestFinal, (ctx->session, newdigest, &psl)); + memset(opad, OPAD, ISC_SHA384_BLOCK_LENGTH); + for (i = 0; i < ISC_SHA384_BLOCK_LENGTH; i++) + opad[i] ^= ctx->key[i]; + pk11_mem_put(ctx->key, ISC_SHA384_BLOCK_LENGTH); + ctx->key = NULL; + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, opad, + (CK_ULONG) ISC_SHA384_BLOCK_LENGTH)); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, (CK_BYTE_PTR) newdigest, psl)); + PK11_FATALCHECK(pkcs_C_DigestFinal, (ctx->session, newdigest, &psl)); + pk11_return_session(ctx); + memmove(digest, newdigest, len); + memset(newdigest, 0, sizeof(newdigest)); +} +#endif +#ifndef PK11_SHA512_HMAC_REPLACE void isc_hmacsha512_init(isc_hmacsha512_t *ctx, const unsigned char *key, unsigned int len) @@ -621,6 +981,91 @@ isc_hmacsha512_sign(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) { memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } +#else +void +isc_hmacsha512_init(isc_hmacsha512_t *ctx, const unsigned char *key, + unsigned int len) +{ + CK_RV rv; + CK_MECHANISM mech = { CKM_SHA512, NULL, 0 }; + unsigned char ipad[ISC_SHA512_BLOCK_LENGTH]; + unsigned int i; + + RUNTIME_CHECK(pk11_get_session(ctx, OP_DIGEST, ISC_TRUE, ISC_FALSE, + ISC_FALSE, NULL, 0) == ISC_R_SUCCESS); + RUNTIME_CHECK((ctx->key = pk11_mem_get(ISC_SHA512_BLOCK_LENGTH)) + != NULL); + if (len > ISC_SHA512_BLOCK_LENGTH) { + CK_BYTE_PTR kPart; + CK_ULONG kl; + + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + DE_CONST(key, kPart); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, kPart, (CK_ULONG) len)); + kl = ISC_SHA512_DIGESTLENGTH; + PK11_FATALCHECK(pkcs_C_DigestFinal, + (ctx->session, (CK_BYTE_PTR) ctx->key, &kl)); + } else + memmove(ctx->key, key, len); + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + memset(ipad, IPAD, ISC_SHA512_BLOCK_LENGTH); + for (i = 0; i < ISC_SHA512_BLOCK_LENGTH; i++) + ipad[i] ^= ctx->key[i]; + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, ipad, + (CK_ULONG) ISC_SHA512_BLOCK_LENGTH)); +} + +void +isc_hmacsha512_invalidate(isc_hmacsha512_t *ctx) { + if (ctx->key != NULL) + pk11_mem_put(ctx->key, ISC_SHA512_BLOCK_LENGTH); + ctx->key = NULL; + isc_sha512_invalidate(ctx); +} + +void +isc_hmacsha512_update(isc_hmacsha512_t *ctx, const unsigned char *buf, + unsigned int len) +{ + CK_RV rv; + CK_BYTE_PTR pPart; + + DE_CONST(buf, pPart); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, pPart, (CK_ULONG) len)); +} + +void +isc_hmacsha512_sign(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) { + CK_RV rv; + CK_BYTE newdigest[ISC_SHA512_DIGESTLENGTH]; + CK_ULONG psl = ISC_SHA512_DIGESTLENGTH; + CK_MECHANISM mech = { CKM_SHA512, NULL, 0 }; + CK_BYTE opad[ISC_SHA512_BLOCK_LENGTH]; + unsigned int i; + + REQUIRE(len <= ISC_SHA512_DIGESTLENGTH); + + PK11_FATALCHECK(pkcs_C_DigestFinal, (ctx->session, newdigest, &psl)); + memset(opad, OPAD, ISC_SHA512_BLOCK_LENGTH); + for (i = 0; i < ISC_SHA512_BLOCK_LENGTH; i++) + opad[i] ^= ctx->key[i]; + pk11_mem_put(ctx->key, ISC_SHA512_BLOCK_LENGTH); + ctx->key = NULL; + PK11_FATALCHECK(pkcs_C_DigestInit, (ctx->session, &mech)); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, opad, + (CK_ULONG) ISC_SHA512_BLOCK_LENGTH)); + PK11_FATALCHECK(pkcs_C_DigestUpdate, + (ctx->session, (CK_BYTE_PTR) newdigest, psl)); + PK11_FATALCHECK(pkcs_C_DigestFinal, (ctx->session, newdigest, &psl)); + pk11_return_session(ctx); + memmove(digest, newdigest, len); + memset(newdigest, 0, sizeof(newdigest)); +} +#endif #else diff --git a/lib/isc/include/isc/hmacmd5.h b/lib/isc/include/isc/hmacmd5.h index 3909b78784..9d18b47534 100644 --- a/lib/isc/include/isc/hmacmd5.h +++ b/lib/isc/include/isc/hmacmd5.h @@ -16,6 +16,10 @@ #ifndef ISC_HMACMD5_H #define ISC_HMACMD5_H 1 +#include + +#ifndef PK11_MD5_DISABLE + #include #include #include @@ -65,4 +69,6 @@ isc_hmacmd5_verify2(isc_hmacmd5_t *ctx, unsigned char *digest, size_t len); ISC_LANG_ENDDECLS +#endif /* !PK11_MD5_DISABLE */ + #endif /* ISC_HMACMD5_H */ diff --git a/lib/isc/include/isc/md5.h b/lib/isc/include/isc/md5.h index 9874bb7d83..0af4e2751f 100644 --- a/lib/isc/include/isc/md5.h +++ b/lib/isc/include/isc/md5.h @@ -34,6 +34,10 @@ #ifndef ISC_MD5_H #define ISC_MD5_H 1 +#include + +#ifndef PK11_MD5_DISABLE + #include #include #include @@ -76,4 +80,6 @@ isc_md5_final(isc_md5_t *ctx, unsigned char *digest); ISC_LANG_ENDDECLS +#endif /* !PK11_MD5_DISABLE */ + #endif /* ISC_MD5_H */ diff --git a/lib/isc/include/pk11/Makefile.in b/lib/isc/include/pk11/Makefile.in index 62883e4810..a514e6ee99 100644 --- a/lib/isc/include/pk11/Makefile.in +++ b/lib/isc/include/pk11/Makefile.in @@ -15,7 +15,7 @@ VERSION=@BIND9_VERSION@ # machine generated. The latter are handled specially in the # install target below. # -HEADERS = constants.h internal.h pk11.h result.h +HEADERS = constants.h internal.h pk11.h result.h site.h SUBDIRS = TARGETS = diff --git a/lib/isc/include/pk11/README.site b/lib/isc/include/pk11/README.site new file mode 100644 index 0000000000..7794fb5a87 --- /dev/null +++ b/lib/isc/include/pk11/README.site @@ -0,0 +1,68 @@ +How to use site.h for the PKCS#11 provider of your HSM +------------------------------------------------------ + +First run pkcs11-tokens (in bin/pkcs11). It is available +when bind9 was configured with the --with-pcks11 flag. +It prints addresses of selected tokens per algorithm: + - random number generation + - RSA (sign/verify) + - DSA (sign/verify) + - DH (secret derivation) + - digest (hash) + - EC (ECDSA, sign/verify) + - GOST (Russian hash and sign/verify) + - AES (encrypt/decrypt) +and a summary of found tokens. + +Current some well known HSMs are predefined site.h +by HSM "flavors": + - Thales nCipher (the default) + - OpenDNSSEC SoftHSMv2 +and with an experimental status: + - OpenDNSSEC SoftHSMv1 with SHA224 support added + - Cryptech with SHA224 support added + +When bind9 was configured with native PKCS#11 support, +pkcs11-tokens (and any bind9 tools using libisc) raises +an error if a mandatory algorithm is not supported, +(usually 0x70 aka CKR_MECHANISM_INVALID, 0x0 means +a required flag was not available) so if there is a +selected token with the 0x0 address: + - rand or RSA: nothing can be done, i.e., + bind9 native PKCS#11 is not supported with this HSM. + - DSA or DH: run pkcs11-tokens with the -v (verbose) flag. + If the parameter generation mechanism is not supported + you can make the token selection to ignore the error. + Note DSA and DH are not critical, i.e., you can use bind9 + without DSA or DH in production. + - digest: run pkcs11-tokens with the -v (verbose) flag. + If the problem is with HMAC mechanisms, use the replace + flags in site.h. If the problem is with MD5, use the + corresponding disable flag in site.h. If the problem + is with SHA224 ask to have this hash algorithm implemented + in the PKCS#11 provider. For any other problem there is + nothing to do (for ever: some hash functions return void + so any internal error is fatal, i.e., crashes), bind9 + native PKCS#11 is not supported with this HSM. + - EC: doesn't matter but you should configure bind9 without + ECDSA support, i.e., add --without-ecdsa to configure arguments. + - GOST: doesn't matter but you should really configure bind9 + without GOST support, i.e., add --without-ecdsa to configure + arguments (really because GOST includes a hash algorithm). + - AES: you must reconfigure bind9 without AES support, + i.e., add --without-aes to configure arguments. + +Note you can disable some standard algorithms (DSA, DH and +MD5) and some algorithms are optional (ECDSA, GOST, AES). +If you don't want an optional algorithm you should simply +configure bind9 with it. +Note the proper way to disable DSA is to simply add it +in a "disable-algorithms" clause in the named config file. +Disable removes the support code so can have some +unwanted side effects, for instance to disable DH +deeply breaks TKEY support. +The only algorithm you might want to disable is MD5 +(even HMAC-MD5 is safe). +A final note: disable flags in site.h work for OpenSSL +code too but this feature is not officially supported yet +(i.e., please don't rely on it). diff --git a/lib/isc/include/pk11/pk11.h b/lib/isc/include/pk11/pk11.h index 9c519390ba..2164d174f2 100644 --- a/lib/isc/include/pk11/pk11.h +++ b/lib/isc/include/pk11/pk11.h @@ -20,6 +20,7 @@ ((pk11_error_fatalcheck)(__FILE__, __LINE__, #func, rv), 0))) #include +#include ISC_LANG_BEGINDECLS @@ -45,7 +46,9 @@ struct pk11_context { CK_SESSION_HANDLE session; CK_BBOOL ontoken; CK_OBJECT_HANDLE object; -#ifndef PKCS11CRYPTOWITHHMAC +#if defined(PK11_MD5_HMAC_REPLACE) || defined(PK11_SHA_1_HMAC_REPLACE) || \ + defined(PK11_SHA224_HMAC_REPLACE) || defined(PK11_SHA256_HMAC_REPLACE) || \ + defined(PK11_SHA384_HMAC_REPLACE) || defined(PK11_SHA512_HMAC_REPLACE) unsigned char *key; #endif }; @@ -65,6 +68,11 @@ typedef enum { OP_MAX = 9 } pk11_optype_t; +/*% + * Global flag to make choose_slots() verbose + */ +LIBISC_EXTERNAL_DATA extern isc_boolean_t pk11_verbose_init; + /*% * Function prototypes */ diff --git a/lib/isc/include/pk11/site.h b/lib/isc/include/pk11/site.h new file mode 100644 index 0000000000..36226c84b8 --- /dev/null +++ b/lib/isc/include/pk11/site.h @@ -0,0 +1,98 @@ +/* + * Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* The documentation about this file is in README.site */ + +#ifndef PK11_SITE_H +#define PK11_SITE_H 1 + +/*! \file pk11/site.h */ + +/*\brief Put here specific PKCS#11 tweaks + * + *\li PK11__SKIP: + * don't consider the lack of this mechanism as a fatal error + * + *\li PK11__REPLACE: + * same than skip and implement it using lower level steps + * + *\li PK11__DISABLE: + * same than skip but support of the whole algorithm is disabled + */ + +/* current implemented flags are: +PK11_DH_PKCS_PARAMETER_GEN_SKIP +PK11_DSA_PARAMETER_GEN_SKIP +PK11_MD5_HMAC_REPLACE +PK11_SHA_1_HMAC_REPLACE +PK11_SHA224_HMAC_REPLACE +PK11_SHA256_HMAC_REPLACE +PK11_SHA384_HMAC_REPLACE +PK11_SHA512_HMAC_REPLACE +PK11_MD5_DISABLE +PK11_DSA_DISABLE +PK11_DH_DISABLE +*/ + +/* + * Predefined flavors + */ +/* Thales nCipher */ +#define PK11_THALES_FLAVOR 0 +/* SoftHSMv1 with SHA224 */ +#define PK11_SOFTHSMV1_FLAVOR 1 +/* SoftHSMv2 */ +#define PK11_SOFTHSMV2_FLAVOR 2 +/* Cryptech with SHA224 */ +#define PK11_CRYPTECH_FLAVOR 3 + +/* Default is for Thales nCipher */ +#ifndef PK11_FLAVOR +#define PK11_FLAVOR PK11_THALES_FLAVOR +#endif + +#if PK11_FLAVOR == PK11_THALES_FLAVOR +#define PK11_DH_PKCS_PARAMETER_GEN_SKIP +/* doesn't work but supported #define PK11_DSA_PARAMETER_GEN_SKIP */ +#define PK11_MD5_HMAC_REPLACE +#endif + +#if PK11_FLAVOR == PK11_SOFTHSMV1_FLAVOR +#define PK11_DH_DISABLE +#define PK11_DSA_DISABLE +#define PK11_MD5_HMAC_REPLACE +#define PK11_SHA_1_HMAC_REPLACE +#define PK11_SHA224_HMAC_REPLACE +#define PK11_SHA256_HMAC_REPLACE +#define PK11_SHA384_HMAC_REPLACE +#define PK11_SHA512_HMAC_REPLACE +#endif + +#if PK11_FLAVOR == PK11_SOFTHSMV2_FLAVOR +#endif + +#if PK11_FLAVOR == PK11_CRYPTECH_FLAVOR +#define PK11_DH_DISABLE +#define PK11_DSA_DISABLE +#define PK11_MD5_DISABLE +#define PK11_SHA_1_HMAC_REPLACE +#define PK11_SHA224_HMAC_REPLACE +#define PK11_SHA256_HMAC_REPLACE +#define PK11_SHA384_HMAC_REPLACE +#define PK11_SHA512_HMAC_REPLACE +#endif + +#endif /* PK11_SITE_H */ diff --git a/lib/isc/md5.c b/lib/isc/md5.c index 8e68410483..0a7926358e 100644 --- a/lib/isc/md5.c +++ b/lib/isc/md5.c @@ -27,6 +27,10 @@ #include "config.h" +#include + +#ifndef PK11_MD5_DISABLE + #include #include #include @@ -319,3 +323,15 @@ isc_md5_final(isc_md5_t *ctx, unsigned char *digest) { memset(ctx, 0, sizeof(isc_md5_t)); /* In case it's sensitive */ } #endif + +#else /* !PK11_MD5_DISABLE */ +#ifdef WIN32 +/* Make the Visual Studio linker happy */ +#include + +void isc_md5_final() { INSIST(0); } +void isc_md5_init() { INSIST(0); } +void isc_md5_invalidate() { INSIST(0); } +void isc_md5_update() { INSIST(0); } +#endif +#endif /* PK11_MD5_DISABLE */ diff --git a/lib/isc/pk11.c b/lib/isc/pk11.c index ae5a1be647..f8e89ab357 100644 --- a/lib/isc/pk11.c +++ b/lib/isc/pk11.c @@ -26,6 +26,7 @@ #include #include #include +#include #include #include @@ -39,6 +40,8 @@ #define PK11_NO_LOGERR 1 #endif +LIBISC_EXTERNAL_DATA isc_boolean_t pk11_verbose_init = ISC_FALSE; + static isc_once_t once = ISC_ONCE_INIT; static isc_mem_t *pk11_mctx = NULL; static isc_int32_t allocsize = 0; @@ -555,6 +558,15 @@ token_login(pk11_session_t *sp) { return (ret); } +#define PK11_TRACE(fmt) \ + if (pk11_verbose_init) fprintf(stderr, fmt) +#define PK11_TRACE1(fmt, arg) \ + if (pk11_verbose_init) fprintf(stderr, fmt, arg) +#define PK11_TRACE2(fmt, arg1, arg2) \ + if (pk11_verbose_init) fprintf(stderr, fmt, arg1, arg2) +#define PK11_TRACEM(mech) \ + if (pk11_verbose_init) fprintf(stderr, #mech ": 0x%lx\n", rv) + static void scan_slots(void) { CK_MECHANISM_INFO mechInfo; @@ -565,9 +577,11 @@ scan_slots(void) { CK_ULONG slotCount; pk11_token_t *token; unsigned int i; + isc_boolean_t bad; slotCount = 0; PK11_FATALCHECK(pkcs_C_GetSlotList, (CK_FALSE, NULL_PTR, &slotCount)); + PK11_TRACE1("slotCount=%lu\n", slotCount); /* it's not an error if we didn't find any providers */ if (slotCount == 0) return; @@ -577,6 +591,7 @@ scan_slots(void) { for (i = 0; i < slotCount; i++) { slot = slotList[i]; + PK11_TRACE2("slot#%u=0x%lx\n", i, slot); rv = pkcs_C_GetTokenInfo(slot, &tokenInfo); if (rv != CKR_OK) @@ -592,167 +607,266 @@ scan_slots(void) { memmove(token->model, tokenInfo.model, 16); memmove(token->serial, tokenInfo.serialNumber, 16); ISC_LIST_APPEND(tokens, token, link); - if ((tokenInfo.flags & CKF_RNG) == 0) + if ((tokenInfo.flags & CKF_RNG) == 0) { + PK11_TRACE("no CKF_RNG\n"); goto try_rsa; + } token->operations |= 1 << OP_RAND; if (rand_token == NULL) rand_token = token; try_rsa: + bad = ISC_FALSE; rv = pkcs_C_GetMechanismInfo(slot, CKM_RSA_PKCS_KEY_PAIR_GEN, &mechInfo); if ((rv != CKR_OK) || - ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) - goto try_dsa; + ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_RSA_PKCS_KEY_PAIR_GEN); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_MD5_RSA_PKCS, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || - ((mechInfo.flags & CKF_VERIFY) == 0)) - goto try_dsa; + ((mechInfo.flags & CKF_VERIFY) == 0)) { +#ifndef PK11_MD5_DISABLE + bad = ISC_TRUE; +#endif + PK11_TRACEM(CKM_MD5_RSA_PKCS); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA1_RSA_PKCS, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || - ((mechInfo.flags & CKF_VERIFY) == 0)) - goto try_dsa; + ((mechInfo.flags & CKF_VERIFY) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_SHA1_RSA_PKCS); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA256_RSA_PKCS, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || - ((mechInfo.flags & CKF_VERIFY) == 0)) - goto try_dsa; + ((mechInfo.flags & CKF_VERIFY) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_SHA256_RSA_PKCS); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA512_RSA_PKCS, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || - ((mechInfo.flags & CKF_VERIFY) == 0)) + ((mechInfo.flags & CKF_VERIFY) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_SHA512_RSA_PKCS); + } + if (bad) goto try_dsa; token->operations |= 1 << OP_RSA; if (best_rsa_token == NULL) best_rsa_token = token; try_dsa: + bad = ISC_FALSE; rv = pkcs_C_GetMechanismInfo(slot, CKM_DSA_PARAMETER_GEN, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_GENERATE) == 0)) - goto try_dh; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_GENERATE) == 0)) { +#ifndef PK11_DSA_PARAMETER_GEN_SKIP + bad = ISC_TRUE; +#endif + PK11_TRACEM(CKM_DSA_PARAMETER_GEN); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_DSA_KEY_PAIR_GEN, &mechInfo); if ((rv != CKR_OK) || - ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) - goto try_dh; + ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_DSA_PARAMETER_GEN); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_DSA_SHA1, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || - ((mechInfo.flags & CKF_VERIFY) == 0)) + ((mechInfo.flags & CKF_VERIFY) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_DSA_SHA1); + } + if (bad) goto try_dh; +#ifndef PK11_DSA_DISABLE token->operations |= 1 << OP_DSA; if (best_dsa_token == NULL) best_dsa_token = token; +#endif try_dh: -#ifdef notdef + bad = ISC_FALSE; rv = pkcs_C_GetMechanismInfo(slot, CKM_DH_PKCS_PARAMETER_GEN, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_GENERATE) == 0)) - goto try_digest; -#endif + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_GENERATE) == 0)) { + PK11_TRACEM(CKM_DH_PKCS_PARAMETER_GEN); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_DH_PKCS_KEY_PAIR_GEN, &mechInfo); if ((rv != CKR_OK) || - ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) - goto try_digest; + ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) { +#ifndef PK11_DH_PKCS_PARAMETER_GEN_SKIP + bad = ISC_TRUE; +#endif + PK11_TRACEM(CKM_DH_PKCS_KEY_PAIR_GEN); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_DH_PKCS_DERIVE, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DERIVE) == 0)) + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DERIVE) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_DH_PKCS_DERIVE); + } + if (bad) goto try_digest; +#ifndef PK11_DH_DISABLE token->operations |= 1 << OP_DH; if (best_dh_token == NULL) best_dh_token = token; +#endif try_digest: + bad = ISC_FALSE; rv = pkcs_C_GetMechanismInfo(slot, CKM_MD5, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) - continue; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) { +#ifndef PK11_MD5_DISABLE + bad = ISC_TRUE; +#endif + PK11_TRACEM(CKM_MD5); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA_1, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) - continue; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_SHA_1); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA224, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) - continue; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_SHA224); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA256, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) - continue; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_SHA256); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA384, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) - continue; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_SHA384); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA512, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) - continue; -#ifdef PKCS11CRYPTOWITHHMAC + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_SHA512); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_MD5_HMAC, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) - continue; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) { +#if !defined(PK11_MD5_DISABLE) && !defined(PK11_MD5_HMAC_REPLACE) + bad = ISC_TRUE; #endif + PK11_TRACEM(CKM_MD5_HMAC); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA_1_HMAC, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) - continue; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) { +#ifndef PK11_SHA_1_HMAC_REPLACE + bad = ISC_TRUE; +#endif + PK11_TRACEM(CKM_SHA_1_HMAC); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA224_HMAC, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) - continue; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) { +#ifndef PK11_SHA224_HMAC_REPLACE + bad = ISC_TRUE; +#endif + PK11_TRACEM(CKM_SHA224_HMAC); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA256_HMAC, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) - continue; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) { +#ifndef PK11_SHA256_HMAC_REPLACE + bad = ISC_TRUE; +#endif + PK11_TRACEM(CKM_SHA256_HMAC); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA384_HMAC, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) - continue; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) { +#ifndef PK11_SHA384_HMAC_REPLACE + bad = ISC_TRUE; +#endif + PK11_TRACEM(CKM_SHA384_HMAC); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_SHA512_HMAC, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) - continue; - token->operations |= 1 << OP_DIGEST; - if (digest_token == NULL) - digest_token = token; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0)) { +#ifndef PK11_SHA512_HMAC_REPLACE + bad = ISC_TRUE; +#endif + PK11_TRACEM(CKM_SHA512_HMAC); + } + if (!bad) { + token->operations |= 1 << OP_DIGEST; + if (digest_token == NULL) + digest_token = token; + } /* ECDSA requires digest */ rv = pkcs_C_GetMechanismInfo(slot, CKM_EC_KEY_PAIR_GEN, &mechInfo); if ((rv != CKR_OK) || - ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) - goto try_gost; + ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_EC_KEY_PAIR_GEN); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_ECDSA, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || - ((mechInfo.flags & CKF_VERIFY) == 0)) + ((mechInfo.flags & CKF_VERIFY) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_ECDSA); + } + if (bad) goto try_gost; token->operations |= 1 << OP_EC; if (best_ec_token == NULL) best_ec_token = token; try_gost: + bad = ISC_FALSE; /* does GOST require digest too? */ rv = pkcs_C_GetMechanismInfo(slot, CKM_GOSTR3411, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) - goto try_aes; + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_DIGEST) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_GOSTR3411); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_GOSTR3410_KEY_PAIR_GEN, &mechInfo); if ((rv != CKR_OK) || - ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) - goto try_aes; + ((mechInfo.flags & CKF_GENERATE_KEY_PAIR) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_GOSTR3410_KEY_PAIR_GEN); + } rv = pkcs_C_GetMechanismInfo(slot, CKM_GOSTR3410_WITH_GOSTR3411, &mechInfo); if ((rv != CKR_OK) || ((mechInfo.flags & CKF_SIGN) == 0) || - ((mechInfo.flags & CKF_VERIFY) == 0)) + ((mechInfo.flags & CKF_VERIFY) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_GOSTR3410_WITH_GOSTR3411); + } + if (bad) goto try_aes; token->operations |= 1 << OP_GOST; if (best_gost_token == NULL) best_gost_token = token; try_aes: + bad = ISC_FALSE; rv = pkcs_C_GetMechanismInfo(slot, CKM_AES_ECB, &mechInfo); - if ((rv != CKR_OK) || ((mechInfo.flags & CKF_ENCRYPT) == 0)) + if ((rv != CKR_OK) || ((mechInfo.flags & CKF_ENCRYPT) == 0)) { + bad = ISC_TRUE; + PK11_TRACEM(CKM_AES_ECB); + } + if (bad) continue; token->operations |= 1 << OP_AES; if (aes_token == NULL) @@ -1229,6 +1343,12 @@ pk11_dump_tokens(void) first = ISC_FALSE; printf("EC"); } + if (token->operations & (1 << OP_AES)) { + if (!first) + printf(","); + first = ISC_FALSE; + printf("AES"); + } printf(")\n"); } } diff --git a/lib/isc/tests/hash_test.c b/lib/isc/tests/hash_test.c index 697ef4b5eb..0c287e83fa 100644 --- a/lib/isc/tests/hash_test.c +++ b/lib/isc/tests/hash_test.c @@ -26,6 +26,8 @@ #include #include +#include + /* * Test data from RFC6234 */ @@ -768,6 +770,7 @@ ATF_TC_BODY(isc_sha512, tc) { } } +#ifndef PK11_MD5_DISABLE ATF_TC(isc_md5); ATF_TC_HEAD(isc_md5, tc) { atf_tc_set_md_var(tc, "descr", "md5 example from RFC1321"); @@ -840,6 +843,7 @@ ATF_TC_BODY(isc_md5, tc) { testcase++; } } +#endif /* HMAC-SHA1 test */ ATF_TC(isc_hmacsha1); @@ -1636,6 +1640,7 @@ ATF_TC_BODY(isc_hmacsha512, tc) { } +#ifndef PK11_MD5_DISABLE /* HMAC-MD5 Test */ ATF_TC(isc_hmacmd5); ATF_TC_HEAD(isc_hmacmd5, tc) { @@ -1777,6 +1782,7 @@ ATF_TC_BODY(isc_hmacmd5, tc) { test_key++; } } +#endif /* CRC64 Test */ ATF_TC(isc_crc64); @@ -1968,13 +1974,17 @@ ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, isc_hash_function); ATF_TP_ADD_TC(tp, isc_hash_function_reverse); ATF_TP_ADD_TC(tp, isc_hash_initializer); +#ifndef PK11_MD5_DISABLE ATF_TP_ADD_TC(tp, isc_hmacmd5); +#endif ATF_TP_ADD_TC(tp, isc_hmacsha1); ATF_TP_ADD_TC(tp, isc_hmacsha224); ATF_TP_ADD_TC(tp, isc_hmacsha256); ATF_TP_ADD_TC(tp, isc_hmacsha384); ATF_TP_ADD_TC(tp, isc_hmacsha512); +#ifndef PK11_MD5_DISABLE ATF_TP_ADD_TC(tp, isc_md5); +#endif ATF_TP_ADD_TC(tp, isc_sha1); ATF_TP_ADD_TC(tp, isc_sha224); ATF_TP_ADD_TC(tp, isc_sha256); diff --git a/lib/isc/win32/libisc.def.in b/lib/isc/win32/libisc.def.in index 3188166a44..115ce106be 100644 --- a/lib/isc/win32/libisc.def.in +++ b/lib/isc/win32/libisc.def.in @@ -811,4 +811,7 @@ isc_commandline_progname DATA isc_commandline_reset DATA isc_hashctx DATA isc_mem_debugging DATA +@IF PKCS11 +pk11_verbose_init DATA +@END PKCS11 @END NOLONGER diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c index d3ecc4c639..c2dd57ff14 100644 --- a/lib/isccc/cc.c +++ b/lib/isccc/cc.c @@ -35,6 +35,8 @@ #include #include +#include + #include #include #include @@ -49,6 +51,7 @@ typedef isccc_sexpr_t *sexpr_ptr; +#ifndef PK11_MD5_DISABLE static unsigned char auth_hmd5[] = { 0x05, 0x5f, 0x61, 0x75, 0x74, 0x68, /*%< len + _auth */ ISCCC_CCMSGTYPE_TABLE, /*%< message type */ @@ -67,6 +70,7 @@ static unsigned char auth_hmd5[] = { #define HMD5_OFFSET 21 /*%< 21 = 6 + 1 + 4 + 5 + 1 + 4 */ #define HMD5_LENGTH 22 +#endif static unsigned char auth_hsha[] = { 0x05, 0x5f, 0x61, 0x75, 0x74, 0x68, /*%< len + _auth */ @@ -244,7 +248,9 @@ sign(unsigned char *data, unsigned int length, unsigned char *hmac, isc_uint32_t algorithm, isccc_region_t *secret) { union { +#ifndef PK11_MD5_DISABLE isc_hmacmd5_t hmd5; +#endif isc_hmacsha1_t hsha; isc_hmacsha224_t h224; isc_hmacsha256_t h256; @@ -259,6 +265,7 @@ sign(unsigned char *data, unsigned int length, unsigned char *hmac, source.rstart = digest; switch (algorithm) { +#ifndef PK11_MD5_DISABLE case ISCCC_ALG_HMACMD5: isc_hmacmd5_init(&ctx.hmd5, secret->rstart, REGION_SIZE(*secret)); @@ -266,6 +273,7 @@ sign(unsigned char *data, unsigned int length, unsigned char *hmac, isc_hmacmd5_sign(&ctx.hmd5, digest); source.rend = digest + ISC_MD5_DIGESTLENGTH; break; +#endif case ISCCC_ALG_HMACSHA1: isc_hmacsha1_init(&ctx.hsha, secret->rstart, @@ -322,9 +330,11 @@ sign(unsigned char *data, unsigned int length, unsigned char *hmac, result = isccc_base64_encode(&source, 64, "", &target); if (result != ISC_R_SUCCESS) return (result); +#ifndef PK11_MD5_DISABLE if (algorithm == ISCCC_ALG_HMACMD5) PUT_MEM(digestb64, HMD5_LENGTH, hmac); else +#endif PUT_MEM(digestb64, HSHA_LENGTH, hmac); return (ISC_R_SUCCESS); } @@ -336,10 +346,16 @@ isccc_cc_towire(isccc_sexpr_t *alist, isc_buffer_t **buffer, unsigned int hmac_base, signed_base; isc_result_t result; +#ifndef PK11_MD5_DISABLE result = isc_buffer_reserve(buffer, 4 + ((algorithm == ISCCC_ALG_HMACMD5) ? sizeof(auth_hmd5) : sizeof(auth_hsha))); +#else + if (algorithm == ISCCC_ALG_HMACMD5) + return (ISC_R_NOTIMPLEMENTED); + result = isc_buffer_reserve(buffer, 4 + sizeof(auth_hsha)); +#endif if (result != ISC_R_SUCCESS) return (ISC_R_NOSPACE); @@ -354,11 +370,14 @@ isccc_cc_towire(isccc_sexpr_t *alist, isc_buffer_t **buffer, * We'll replace the zeros with the real signature once * we know what it is. */ +#ifndef PK11_MD5_DISABLE if (algorithm == ISCCC_ALG_HMACMD5) { hmac_base = (*buffer)->used + HMD5_OFFSET; isc_buffer_putmem(*buffer, auth_hmd5, sizeof(auth_hmd5)); - } else { + } else +#endif + { unsigned char *hmac_alg; hmac_base = (*buffer)->used + HSHA_OFFSET; @@ -395,7 +414,9 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, isc_uint32_t algorithm, isccc_region_t *secret) { union { +#ifndef PK11_MD5_DISABLE isc_hmacmd5_t hmd5; +#endif isc_hmacsha1_t hsha; isc_hmacsha224_t h224; isc_hmacsha256_t h256; @@ -415,9 +436,11 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, _auth = isccc_alist_lookup(alist, "_auth"); if (!isccc_alist_alistp(_auth)) return (ISC_R_FAILURE); +#ifndef PK11_MD5_DISABLE if (algorithm == ISCCC_ALG_HMACMD5) hmac = isccc_alist_lookup(_auth, "hmd5"); else +#endif hmac = isccc_alist_lookup(_auth, "hsha"); if (!isccc_sexpr_binaryp(hmac)) return (ISC_R_FAILURE); @@ -427,6 +450,7 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, source.rstart = digest; target.rstart = digestb64; switch (algorithm) { +#ifndef PK11_MD5_DISABLE case ISCCC_ALG_HMACMD5: isc_hmacmd5_init(&ctx.hmd5, secret->rstart, REGION_SIZE(*secret)); @@ -434,6 +458,7 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, isc_hmacmd5_sign(&ctx.hmd5, digest); source.rend = digest + ISC_MD5_DIGESTLENGTH; break; +#endif case ISCCC_ALG_HMACSHA1: isc_hmacsha1_init(&ctx.hsha, secret->rstart, @@ -493,6 +518,7 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, /* * Verify. */ +#ifndef PK11_MD5_DISABLE if (algorithm == ISCCC_ALG_HMACMD5) { isccc_region_t *region; unsigned char *value; @@ -503,7 +529,9 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, value = region->rstart; if (!isc_safe_memequal(value, digestb64, HMD5_LENGTH)) return (ISCCC_R_BADAUTH); - } else { + } else +#endif + { isccc_region_t *region; unsigned char *value; isc_uint32_t valalg; -- GitLab