openssh · beldmit · Sep 27, 2023 · Sep 27, 2023 · Sep 27, 2023 · Oct 2, 2023
diff --git a/configure.ac b/configure.ac
@@ -2974,6 +2974,12 @@ if test "x$openssl" = "xyes" ; then
 		EVP_CIPHER_CTX_set_iv \
 	])
 
+	# Misc versions of LibreSSL/BoringSSL API differences
+	AC_CHECK_FUNCS([ \
+		EVP_PKEY_public_check \
+		EVP_PKEY_private_check \
+	])
+
 	if test "x$openssl_engine" = "xyes" ; then
 		AC_MSG_CHECKING([for OpenSSL ENGINE support])
 		AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[

diff --git a/digest-openssl.c b/digest-openssl.c
@@ -64,6 +64,22 @@ const struct ssh_digest digests[] = {
 	{ -1,			NULL,		0,	NULL },
 };
 
+const EVP_MD *
+ssh_digest_to_md(int digest_type)
+{
+	switch (digest_type) {
+	case SSH_DIGEST_SHA1:
+		return EVP_sha1();
+	case SSH_DIGEST_SHA256:
+		return EVP_sha256();
+	case SSH_DIGEST_SHA384:
+		return EVP_sha384();
+	case SSH_DIGEST_SHA512:
+		return EVP_sha512();
+	}
+	return NULL;
+}
+
 static const struct ssh_digest *
 ssh_digest_by_alg(int alg)
 {

diff --git a/digest.h b/digest.h
@@ -32,6 +32,12 @@
 struct sshbuf;
 struct ssh_digest_ctx;
 
+#ifdef WITH_OPENSSL
+#include <openssl/evp.h>
+/* Converts internal digest representation to the OpenSSL one */
+const EVP_MD *ssh_digest_to_md(int digest_type);
+#endif
+
 /* Looks up a digest algorithm by name */
 int ssh_digest_alg_by_name(const char *name);
 

diff --git a/packet.c b/packet.c
@@ -71,9 +71,6 @@
 #ifdef WITH_OPENSSL
 # include <openssl/bn.h>
 # include <openssl/evp.h>
-# ifdef OPENSSL_HAS_ECC
-#  include <openssl/ec.h>
-# endif
 #endif
 
 #ifdef WITH_ZLIB
@@ -2540,9 +2537,9 @@ sshpkt_getb_froms(struct ssh *ssh, struct sshbuf **valp)
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 int
-sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g)
+sshpkt_put_ec(struct ssh *ssh, EVP_PKEY *pkey)
 {
-	return sshbuf_put_ec(ssh->state->outgoing_packet, v, g);
+	return sshbuf_put_ecpkey(ssh->state->outgoing_packet, pkey);
 }
 #endif /* OPENSSL_HAS_ECC */
 
@@ -2605,13 +2602,11 @@ sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp)
 }
 
 #ifdef WITH_OPENSSL
-#ifdef OPENSSL_HAS_ECC
 int
-sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g)
+sshpkt_get_ec(struct ssh *ssh, u_char **pubkey, size_t *pubkey_len)
 {
-	return sshbuf_get_ec(ssh->state->incoming_packet, v, g);
+	return sshbuf_get_string(ssh->state->incoming_packet, pubkey, pubkey_len);
 }
-#endif /* OPENSSL_HAS_ECC */
 
 int
 sshpkt_get_bignum2(struct ssh *ssh, BIGNUM **valp)

diff --git a/packet.h b/packet.h
@@ -20,18 +20,9 @@
 
 #ifdef WITH_OPENSSL
 # include <openssl/bn.h>
-# ifdef OPENSSL_HAS_ECC
-#  include <openssl/ec.h>
-# else /* OPENSSL_HAS_ECC */
-#  define EC_KEY	void
-#  define EC_GROUP	void
-#  define EC_POINT	void
-# endif /* OPENSSL_HAS_ECC */
+# include <openssl/evp.h>
 #else /* WITH_OPENSSL */
 # define BIGNUM		void
-# define EC_KEY		void
-# define EC_GROUP	void
-# define EC_POINT	void
 #endif /* WITH_OPENSSL */
 
 #include <signal.h>
@@ -192,7 +183,9 @@ int	sshpkt_put_u64(struct ssh *ssh, u_int64_t val);
 int	sshpkt_put_string(struct ssh *ssh, const void *v, size_t len);
 int	sshpkt_put_cstring(struct ssh *ssh, const void *v);
 int	sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v);
-int	sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g);
+#ifdef WITH_OPENSSL
+int	sshpkt_put_ec(struct ssh *ssh, EVP_PKEY *pkey);
+#endif
 int	sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v);
 
 int	sshpkt_get(struct ssh *ssh, void *valp, size_t len);
@@ -204,21 +197,14 @@ int	sshpkt_get_string_direct(struct ssh *ssh, const u_char **valp, size_t *lenp)
 int	sshpkt_peek_string_direct(struct ssh *ssh, const u_char **valp, size_t *lenp);
 int	sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp);
 int	sshpkt_getb_froms(struct ssh *ssh, struct sshbuf **valp);
-int	sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g);
+int	sshpkt_get_ec(struct ssh *ssh, u_char **pub, size_t *publen);
 int	sshpkt_get_bignum2(struct ssh *ssh, BIGNUM **valp);
 int	sshpkt_get_end(struct ssh *ssh);
 void	sshpkt_fmt_connection_id(struct ssh *ssh, char *s, size_t l);
 const u_char	*sshpkt_ptr(struct ssh *, size_t *lenp);
 
 #if !defined(WITH_OPENSSL)
 # undef BIGNUM
-# undef EC_KEY
-# undef EC_GROUP
-# undef EC_POINT
-#elif !defined(OPENSSL_HAS_ECC)
-# undef EC_KEY
-# undef EC_GROUP
-# undef EC_POINT
 #endif
 
 #endif				/* PACKET_H */
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c b/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
@@ -19,9 +19,15 @@
 
 #include <openssl/bn.h>
 #include <openssl/objects.h>
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+#include <openssl/evp.h>
+#include <openssl/param_build.h>
+#include <openssl/core_names.h>
+#else
 #ifdef OPENSSL_HAS_NISTP256
 # include <openssl/ec.h>
 #endif
+#endif
 
 #include "../test_helper/test_helper.h"
 #include "ssherr.h"
@@ -51,6 +57,7 @@ sshbuf_getput_crypto_tests(void)
 	size_t s;
 	BIGNUM *bn_x, *bn_y;
 	int ec256_nid = NID_X9_62_prime256v1;
+	const char *ec256_sn = "prime256v1";
 	char *ec256_x = "0C828004839D0106AA59575216191357"
 		        "34B451459DADB586677EF9DF55784999";
 	char *ec256_y = "4D196B50F0B4E94B3C73E3A9D4CD9DF2"
@@ -66,7 +73,17 @@ sshbuf_getput_crypto_tests(void)
 		0xc8, 0xf9, 0xa3, 0x5e, 0x42, 0xbd, 0xd0, 0x47,
 		0x55, 0x0f, 0x69, 0xd8, 0x0e, 0xc2, 0x3c, 0xd4
 	};
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+	EVP_PKEY *eck = NULL;
+	EVP_PKEY_CTX *ctx = NULL;
+	OSSL_PARAM_BLD *param_bld = NULL;
+	OSSL_PARAM *params = NULL;
+	EC_GROUP *g = NULL;
+	u_char *pubkey = NULL;
+	size_t pubkey_len;
+#else
 	EC_KEY *eck;
+#endif
 	EC_POINT *ecp;
 #endif
 	int r;
@@ -223,29 +240,74 @@ sshbuf_getput_crypto_tests(void)
 	TEST_DONE();
 
 #if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
-	TEST_START("sshbuf_put_ec");
+	TEST_START("sshbuf_put_ecpkey");
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+	param_bld = OSSL_PARAM_BLD_new();
+	ASSERT_PTR_NE(param_bld, NULL);
+	ASSERT_INT_EQ(OSSL_PARAM_BLD_push_utf8_string(param_bld,
+	    OSSL_PKEY_PARAM_GROUP_NAME, ec256_sn, strlen(ec256_sn)), 1);
+#else
 	eck = EC_KEY_new_by_curve_name(ec256_nid);
 	ASSERT_PTR_NE(eck, NULL);
 	ecp = EC_POINT_new(EC_KEY_get0_group(eck));
 	ASSERT_PTR_NE(ecp, NULL);
+#endif
 	MKBN(ec256_x, bn_x);
 	MKBN(ec256_y, bn_y);
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+	g = EC_GROUP_new_by_curve_name(ec256_nid);
+	ecp = EC_POINT_new(g);
+	ASSERT_PTR_NE(g, NULL);
+	ASSERT_INT_EQ(EC_POINT_set_affine_coordinates(
+	    g, ecp, bn_x, bn_y, NULL), 1);
+	pubkey_len = EC_POINT_point2oct(g, ecp,
+	    POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL);
+	ASSERT_INT_NE(pubkey_len, 0);
+	pubkey = malloc(pubkey_len);
+	ASSERT_PTR_NE(pubkey, NULL);
+	ASSERT_INT_NE(EC_POINT_point2oct(g, ecp, POINT_CONVERSION_UNCOMPRESSED,
+	    pubkey, pubkey_len, NULL), 0);
+	EC_GROUP_free(g);
+#else
 	ASSERT_INT_EQ(EC_POINT_set_affine_coordinates_GFp(
 	    EC_KEY_get0_group(eck), ecp, bn_x, bn_y, NULL), 1);
 	ASSERT_INT_EQ(EC_KEY_set_public_key(eck, ecp), 1);
+#endif
 	BN_free(bn_x);
 	BN_free(bn_y);
 	EC_POINT_free(ecp);
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+	ASSERT_INT_EQ(OSSL_PARAM_BLD_push_octet_string(param_bld,
+	    OSSL_PKEY_PARAM_PUB_KEY, pubkey, pubkey_len), 1);
+	params = OSSL_PARAM_BLD_to_param(param_bld);
+	ASSERT_PTR_NE(params, NULL);
+	OSSL_PARAM_BLD_free(param_bld);
+	ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
+	ASSERT_PTR_NE(ctx, NULL);
+	ASSERT_INT_EQ(EVP_PKEY_fromdata_init(ctx), 1);
+	ASSERT_INT_EQ(EVP_PKEY_fromdata(ctx, &eck, EVP_PKEY_PUBLIC_KEY,
+	    params), 1);
+	free(pubkey);
+#endif
 	p1 = sshbuf_new();
 	ASSERT_PTR_NE(p1, NULL);
-	ASSERT_INT_EQ(sshbuf_put_eckey(p1, eck), 0);
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+	ASSERT_INT_EQ(sshbuf_put_ecpkey(p1, eck), 0);
+#else
+	ASSERT_INT_EQ(sshbuf_put_ec(p1, EC_KEY_get0_public_key(eck),
+				EC_KEY_get0_group(eck)), 0);
+#endif
 	ASSERT_INT_EQ(sshbuf_get_string_direct(p1, &d, &s), 0);
 	ASSERT_SIZE_T_EQ(s, sizeof(expec256));
 	ASSERT_MEM_EQ(d, expec256, sizeof(expec256));
 	sshbuf_free(p1);
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+	EVP_PKEY_free(eck);
+#else
 	EC_KEY_free(eck);
+#endif
 	TEST_DONE();
-
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
 	TEST_START("sshbuf_get_ec");
 	eck = EC_KEY_new_by_curve_name(ec256_nid);
 	ASSERT_PTR_NE(eck, NULL);
@@ -275,6 +337,7 @@ sshbuf_getput_crypto_tests(void)
 	BN_free(bn2);
 	TEST_DONE();
 #endif
+#endif
 }
 
 #endif /* WITH_OPENSSL */
diff --git a/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c b/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
@@ -35,9 +35,6 @@ attempt_parse_blob(u_char *blob, size_t len)
 	struct sshbuf *p1;
 #ifdef WITH_OPENSSL
 	BIGNUM *bn;
-#if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
-	EC_KEY *eck;
-#endif /* defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) */
 #endif /* WITH_OPENSSL */
 	u_char *s;
 	size_t l;
@@ -61,12 +58,6 @@ attempt_parse_blob(u_char *blob, size_t len)
 	bn = NULL;
 	sshbuf_get_bignum2(p1, &bn);
 	BN_clear_free(bn);
-#if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
-	eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
-	ASSERT_PTR_NE(eck, NULL);
-	sshbuf_get_eckey(p1, eck);
-	EC_KEY_free(eck);
-#endif /* defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) */
 #endif /* WITH_OPENSSL */
 	sshbuf_free(p1);
 }