Merge branch 'main' into ocsp-tighten-url-parsing

Author: prasden

CMakeLists.txt

@@ -86,6 +86,7 @@ if(ENABLE_DIST_PKG)
   else()
     set(SET_LIB_SONAME 1)
     set(COHABITANT_HEADERS 1)
+    set(COHABITANT_BINARIES 1)
     if(ENABLE_DIST_PKG_OPENSSL_SHIM)
       set(INSTALL_OPENSSL_SHIM 1)
     else()
@@ -95,15 +96,18 @@ if(ENABLE_DIST_PKG)
 elseif(NOT ENABLE_PRE_SONAME_BUILD AND BUILD_SHARED_LIBS AND UNIX AND NOT APPLE)
   set(SET_LIB_SONAME 1)
   set(COHABITANT_HEADERS 0)
+  set(COHABITANT_BINARIES 0)
   set(INSTALL_OPENSSL_SHIM 1)
 else()
   set(SET_LIB_SONAME 0)
   set(COHABITANT_HEADERS 0)
+  set(COHABITANT_BINARIES 0)
   set(INSTALL_OPENSSL_SHIM 1)
 endif()
 
 message(STATUS "SET_LIB_SONAME: ${SET_LIB_SONAME}")
 message(STATUS "COHABITANT_HEADERS: ${COHABITANT_HEADERS}")
+message(STATUS "COHABITANT_BINARIES: ${COHABITANT_BINARIES}")
 message(STATUS "INSTALL_OPENSSL_SHIM: ${INSTALL_OPENSSL_SHIM}")
 
 if(SET_LIB_SONAME)
@@ -134,6 +138,13 @@ else()
   set(AWSLC_INSTALL_INCLUDEDIR "${CMAKE_INSTALL_INCLUDEDIR}")
 endif()
 
+# Set the install bin prefix based on whether cohabitation is desired
+if(COHABITANT_BINARIES)
+  set(AWSLC_BIN_PREFIX "aws-lc-")
+else()
+  set(AWSLC_BIN_PREFIX "")
+endif()
+
 function(target_add_awslc_include_paths)
   set(options EXCLUDE_PREFIX_HEADERS)
   set(oneValueArgs TARGET SCOPE)

crypto/ecdh_extra/ecdh_extra.c

@@ -27,18 +27,18 @@ int ECDH_compute_key(void *out, size_t out_len, const EC_POINT *pub_key,
                      const EC_KEY *priv_key,
                      void *(*kdf)(const void *in, size_t inlen, void *out,
                                   size_t *out_len)) {
-
+  int ret = -1;
   uint8_t buf[EC_MAX_BYTES];
   size_t buf_len = sizeof(buf);
 
   if (!ECDH_compute_shared_secret(buf, &buf_len, pub_key, priv_key)) {
-    return -1;
+    goto end;
   }
 
   if (kdf != NULL) {
     if (kdf(buf, buf_len, out, &out_len) == NULL) {
       OPENSSL_PUT_ERROR(ECDH, ECDH_R_KDF_FAILED);
-      return -1;
+      goto end;
     }
   } else {
     // no KDF, just copy as much as we can
@@ -50,8 +50,11 @@ int ECDH_compute_key(void *out, size_t out_len, const EC_POINT *pub_key,
 
   if (out_len > INT_MAX) {
     OPENSSL_PUT_ERROR(ECDH, ERR_R_OVERFLOW);
-    return -1;
+    goto end;
   }
 
-  return (int)out_len;
+  ret = (int)out_len;
+end:
+  OPENSSL_cleanse(buf, sizeof(buf));
+  return ret;
 }

crypto/fipsmodule/evp/p_ec.c

@@ -88,6 +88,7 @@ static int pkey_ec_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t siglen,
 
 static int pkey_ec_derive(EVP_PKEY_CTX *ctx, uint8_t *key,
                           size_t *keylen) {
+  int ret = 0;
   const EC_POINT *pubkey = NULL;
   EC_KEY *eckey;
   uint8_t buf[EC_MAX_BYTES];
@@ -115,7 +116,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, uint8_t *key,
   // Note: This is an internal function which will not update
   // the service indicator.
   if (!ECDH_compute_shared_secret(buf, &buflen, pubkey, eckey)) {
-      return 0;
+      goto end;
   }
 
   if (buflen < *keylen) {
@@ -127,7 +128,11 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, uint8_t *key,
   // referenced from the higher level function |EVP_PKEY_derive|. |EC_KEY| is
   // is the only possible key that can do derivations.
   ECDH_verify_service_indicator(eckey);
-  return 1;
+  ret = 1;
+
+end:
+  OPENSSL_cleanse(buf, sizeof(buf));
+  return ret;
 }
 
 static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) {

crypto/fipsmodule/pbkdf/pbkdf.c

@@ -7,6 +7,7 @@
 #include <string.h>
 
 #include <openssl/hmac.h>
+#include <openssl/mem.h>
 
 #include "../../internal.h"
 #include "../service_indicator/internal.h"
@@ -21,6 +22,7 @@ int PKCS5_PBKDF2_HMAC(const char *password, size_t password_len,
   uint32_t i = 1;
   HMAC_CTX hctx;
   HMAC_CTX_init(&hctx);
+  uint8_t digest_tmp[EVP_MAX_MD_SIZE];
 
   // We have to avoid the underlying SHA services updating the indicator
   // state, so we lock the state here.
@@ -43,7 +45,6 @@ int PKCS5_PBKDF2_HMAC(const char *password, size_t password_len,
     i_buf[3] = (uint8_t)(i & 0xff);
 
     // Compute U_1.
-    uint8_t digest_tmp[EVP_MAX_MD_SIZE];
     if (!HMAC_Init_ex(&hctx, NULL, 0, NULL, NULL) ||
         !HMAC_Update(&hctx, salt, salt_len) ||
         !HMAC_Update(&hctx, i_buf, 4) ||
@@ -87,6 +88,7 @@ int PKCS5_PBKDF2_HMAC(const char *password, size_t password_len,
   ret = 1;
 
 err:
+  OPENSSL_cleanse(digest_tmp, sizeof(digest_tmp));
   FIPS_service_indicator_unlock_state();
   HMAC_CTX_cleanup(&hctx);
   if (ret) {

crypto/hpke/hpke.c

@@ -13,6 +13,7 @@
 #include <openssl/err.h>
 #include <openssl/evp_errors.h>
 #include <openssl/hkdf.h>
+#include <openssl/mem.h>
 #include <openssl/rand.h>
 #include <openssl/sha.h>
 
@@ -126,11 +127,13 @@ static int dhkem_extract_and_expand(uint16_t kem_id, const EVP_MD *hkdf_md,
   uint8_t suite_id[5] = {'K', 'E', 'M', kem_id >> 8, kem_id & 0xff};
   uint8_t prk[EVP_MAX_MD_SIZE];
   size_t prk_len;
-  return hpke_labeled_extract(hkdf_md, prk, &prk_len, NULL, 0, suite_id,
+  int ret = hpke_labeled_extract(hkdf_md, prk, &prk_len, NULL, 0, suite_id,
                               sizeof(suite_id), "eae_prk", dh, dh_len) &&
          hpke_labeled_expand(hkdf_md, out_key, out_len, prk, prk_len, suite_id,
                              sizeof(suite_id), "shared_secret", kem_context,
                              kem_context_len);
+  OPENSSL_cleanse(prk, sizeof(prk));
+  return ret;
 }
 
 static int x25519_init_key(EVP_HPKE_KEY *key, const uint8_t *priv_key,

crypto/pem/pem_lib.c

@@ -722,11 +722,13 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
   *header = headerB->data;
   *data = (unsigned char *)dataB->data;
   *len = bl;
+  OPENSSL_cleanse(buf, sizeof(buf));
   OPENSSL_free(nameB);
   OPENSSL_free(headerB);
   OPENSSL_free(dataB);
   return 1;
 err:
+  OPENSSL_cleanse(buf, sizeof(buf));
   BUF_MEM_free(nameB);
   BUF_MEM_free(headerB);
   BUF_MEM_free(dataB);

tool-openssl/CMakeLists.txt

@@ -58,6 +58,10 @@ endif()
 
 target_add_awslc_include_paths(TARGET openssl SCOPE PRIVATE)
 
+if(COHABITANT_BINARIES)
+  set_target_properties(openssl PROPERTIES OUTPUT_NAME "${AWSLC_BIN_PREFIX}openssl")
+endif()
+
 install(TARGETS openssl
         RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
         BUNDLE DESTINATION ${CMAKE_INSTALL_BINDIR}
@@ -76,10 +80,16 @@ file(INSTALL
     c_rehash
 )
 
+set(C_REHASH_INSTALL_NAME "c_rehash")
+
+if(COHABITANT_BINARIES)
+  set(C_REHASH_INSTALL_NAME "${AWSLC_BIN_PREFIX}c_rehash")
+endif()
+
 install(
-    PROGRAMS ${CMAKE_CURRENT_SOURCE_DIR}/c_rehash.sh
-    RENAME c_rehash
-    DESTINATION ${CMAKE_INSTALL_BINDIR}
+  PROGRAMS ${CMAKE_CURRENT_SOURCE_DIR}/c_rehash.sh
+  RENAME ${C_REHASH_INSTALL_NAME}
+  DESTINATION ${CMAKE_INSTALL_BINDIR}
 )
 
 if(MSVC AND CMAKE_BUILD_TYPE_LOWER MATCHES "relwithdebinfo" AND FIPS)
@@ -165,3 +175,13 @@ if(BUILD_TESTING)
     add_dependencies(tool_openssl_test openssl)
     set_test_location(tool_openssl_test)
 endif()
+
+# Create binary symlinks for OpenSSL compatibility
+if(INSTALL_OPENSSL_SHIM AND COHABITANT_BINARIES)
+  install(CODE "
+    execute_process(COMMAND \${CMAKE_COMMAND} -E create_symlink
+      \"${AWSLC_BIN_PREFIX}openssl\" \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_BINDIR}/openssl\")
+    execute_process(COMMAND \${CMAKE_COMMAND} -E create_symlink
+      \"${AWSLC_BIN_PREFIX}c_rehash\" \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_BINDIR}/c_rehash\")
+  ")
+endif()

tool/CMakeLists.txt

@@ -41,6 +41,10 @@ else()
   endif()
 endif()
 
+if(COHABITANT_BINARIES)
+  set_target_properties(bssl PROPERTIES OUTPUT_NAME "${AWSLC_BIN_PREFIX}bssl")
+endif()
+
 install(TARGETS bssl
         RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
         BUNDLE DESTINATION ${CMAKE_INSTALL_BINDIR}