jose icon indicating copy to clipboard operation
jose copied to clipboard

Published 20 hours ago verified publisher icon latchset

Add support for LibreSSL

Open aduskett opened this issue 5 years ago • 9 comments

LibreSSL is almost a drop in replacement for OpenSSL 1.0. However; there are a few issues that must be taken care of to make it work with jose:

  • LibreSSL sets the OPENSSL_VERSION_NUMBER macro to 0x2xxxxxxL, which is greater than 0x10100000L, this will cause checks for OPENSL_VERSION_NUMBER less than 0x10100000L to fail. However, LibreSSL also provides a LIBRESSL_VERSION_NUMBER macro which can be used to check if LibreSSL is installed.

  • Add two files: libressl_evp.h and libressl_evp.c to lib/openssl. The logic in these files are taken from openssl-1.0.2r and add the following APIs that LibreSSL is missing: EVP_aes_128_wrap EVP_aes_192_wrap EVP_aes_256_wrap No code has been modified from the original openssl-1.0.2r source.

  • In lib/meson.build, check if the tls.h header contains tls_config_set_ca_mem which is unique to LibreSSL.

  • If the test program compiles, then add openssl/libressl_evp.c to the libjose_sources array.

  • Use EVP_EncryptFinal_ex and EVP_DecryptFinal_ex instead of EVP_EncryptFinal and EVP_DecryptFinal. These changes avoid warnings from LibreSSL when linking about how EVP_EncryptFinal and EVP_DecryptFinal are misused often and to use the _ex variants instead.

Tested against OpenSSL 1.0.2r, 1.1.1a, and LibreSSL 2.8.3.

aduskett avatar Feb 28 '19 18:02 aduskett

Codecov Report

Merging #66 into master will decrease coverage by 0.16%. The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master      #66      +/-   ##
==========================================
- Coverage   77.75%   77.58%   -0.17%     
==========================================
  Files          60       60              
  Lines        5794     5648     -146     
==========================================
- Hits         4505     4382     -123     
+ Misses       1289     1266      -23
Impacted Files Coverage Δ
lib/openssl/compat.c 79.13% <ø> (ø) :arrow_up:
lib/openssl/lock.c 66.66% <ø> (ø) :arrow_up:
lib/openssl/aeskw.c 77.62% <100%> (-0.61%) :arrow_down:
lib/openssl/aesgcm.c 75.86% <100%> (-0.33%) :arrow_down:
lib/openssl/aescbch.c 72.01% <100%> (-0.46%) :arrow_down:
cmd/jws/fmt.c 75.43% <0%> (-1.99%) :arrow_down:
cmd/jwe/fmt.c 75.67% <0%> (-1.25%) :arrow_down:
lib/openssl/ecmr.c 77.04% <0%> (-1.08%) :arrow_down:
cmd/jwe/dec.c 54.11% <0%> (-1.06%) :arrow_down:
cmd/jwk/gen.c 70% <0%> (-0.97%) :arrow_down:
... and 31 more

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 028eab5...4d7dfab. Read the comment docs.

codecov-io avatar Feb 28 '19 18:02 codecov-io

Thanks for this contribution. As far as I can tell it looks good. The only exception is the embedding of third-party code, I don't like that as it will make the maintenance cost higher upstream and downstream (e.g. Fedora guidelines forbidding such embeddings...). What do you think about that @npmccallum?

dkopecek avatar Mar 01 '19 09:03 dkopecek

Strong -1

I don't like the copy of key wrapping APIs. Please get in touch with LibreSSL upstream development and have them provide the key wrapping APIs EVP_aes_128_wrap, EVP_aes_192_wrap, and EVP_aes_256_wrap first. The functions are available in OpenSSL since 1.0.2-final (Jan 2015).

tiran avatar Mar 01 '19 10:03 tiran

Hey! Thanks for the response! I did take a look down several avenues to see if I could find a history or a reason why these APIs aren't included in LibreSSL and was unable to find any. Generally, if an API isn't in LibreSSL, it's for a good reason, but in this instance, I wasn't able to find anything.

As such, I have indeed opened an issue with the LibreSSL team asking if they have a reason why the APIs aren't in there. https://github.com/libressl-portable/portable/issues/505

I also wasn't aware Fedora wouldn't allow such embeddings, so I appreciate the information and the mistake won't happen again. My main motivation for the patch is to be able to bring up a Tang server, which relies on Jose, with LibreSSL.

If it's worth anything, with the wrap APIs set to stubs, only two tests fail: jose-jwe-dec, and jose-jwe-enc. Although those seem fairly important!

Thanks again!

Adam

aduskett avatar Mar 01 '19 16:03 aduskett

LibreSSL forked off OpenSSL 1.0.1g. The key wrapping APIs were implemented during development phase for OpenSSL 1.0.2. It's not the first time LibreSSL was missing some features. For example LibreSSL wasn't compatible with Python 3.7 until some OpenSSL 1.0.2 APIs were added.

The upstream team is responsive and usually adds missing APIs in the next release.

tiran avatar Mar 01 '19 16:03 tiran

Yeah... I try to do my due diligence with finding out why APIs are missing, and usually, there's a blurb in their git commit history about APIs. They have indeed been adding 1.0.2 APIs, and the 2.9 series has a lot of them, but the AES wrappings are still missing, even on the 2.9 series.

aduskett avatar Mar 01 '19 16:03 aduskett

@aduskett looks like libressl added the API, do you plan to rebase this PR to account for it now ?

simo5 avatar Nov 13 '19 14:11 simo5

Hi! Yes I do! Thanks for the reminder!

aduskett avatar Nov 22 '19 21:11 aduskett

Hello @aduskett , thanks for the PR, what is the status of it?

Will you update the code to fix conflicts? Apart from that ... should not the files from OpenSSL be removed from the PR and change meson to include the correct LibreSSL version appropriately?

sarroutbi avatar Oct 06 '21 14:10 sarroutbi

It has been long since this PR has no activity. We will close it. Please, feel free to reopen it if you plan to resolve conflicts

sarroutbi avatar Jan 15 '24 10:01 sarroutbi