GitList

Browse code

Require AEAD support in the crypto library

All supported crypto libraries have AEAD support and with our
ncp/de facto default cipher AES-256-GCM we do not want to support
the obscure corner case of a library with disabled AEAD.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>

Patch V2: Remove three instances of (harmless) #ifdef Steffan spotted
that can be removed now too.
Acked-by: Steffan Karger <steffan.karger@foxcrypto.com>
Message-Id: <20200720121704.20333-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20506.html

Signed-off-by: Gert Doering <gert@greenie.muc.de>

Arne Schwabe authored on 2020/07/20 21:17:04
Showing 7 changed files

config-msvc.h index 875da4a..8ef4897 100644
configure.ac index d742ae2..02cb056 100644
src/openvpn/crypto.c index bbf47ef..e92a0dc 100644
src/openvpn/crypto_mbedtls.c index bb75255..19a87eb 100644
src/openvpn/crypto_openssl.c index 161a189..c47c2f3 100644
src/openvpn/crypto_openssl.h index 4694ee0..e6f8f53 100644
src/openvpn/options.c index 04518bf..94308a8 100644

config-msvc.h

History View file @ 94edc7c

@@ -5,7 +5,6 @@
                      #define ENABLE_DEF_AUTH 1
                      #define ENABLE_PF 1
                      #define ENABLE_CRYPTO_OPENSSL 1
                     -#define HAVE_AEAD_CIPHER_MODES 1
                      #define ENABLE_DEBUG 1
                      #define ENABLE_EUREPHIA 1
                      #define ENABLE_FRAGMENT 1

configure.ac

History View file @ 94edc7c

@@ -907,11 +907,10 @@ if test "${with_crypto_library}" = "openssl"; then
                      		AC_DEFINE([HAVE_OPENSSL_ENGINE], [1], [OpenSSL engine support available])
                      	fi
                     -	have_crypto_aead_modes="yes"
                      	AC_CHECK_FUNC(
                      		[EVP_aes_256_gcm],
+                     		,
                     -		[have_crypto_aead_modes="no"]
                     +		[AC_MSG_ERROR([OpenSSL check for AES-256-GCM support failed])]
+                     	)
                      	# All supported OpenSSL version (>= 1.0.2)
@@ -1005,14 +1004,13 @@ elif test "${with_crypto_library}" = "mbedtls"; then
                      		[AC_MSG_ERROR([mbed TLS 2.y.z required])]
+                     	)
                     -	have_crypto_aead_modes="yes"
                      	AC_CHECK_FUNCS(
                      		[ \
                      			mbedtls_cipher_write_tag \
                      			mbedtls_cipher_check_tag \
                      		],
+                     		,
                     -		[have_crypto_aead_modes="no"; break]
                     +		[AC_MSG_ERROR([mbed TLS check for AEAD support failed])]
+                     	)
                      	have_export_keying_material="yes"
@@ -1227,7 +1225,6 @@ test "${enable_pf}" = "yes" && AC_DEFINE([ENABLE_PF], [1], [Enable internal pack
                      test "${enable_strict_options}" = "yes" && AC_DEFINE([ENABLE_STRICT_OPTIONS_CHECK], [1], [Enable strict options check between peers])
                      test "${enable_crypto_ofb_cfb}" = "yes" && AC_DEFINE([ENABLE_OFB_CFB_MODE], [1], [Enable OFB and CFB cipher modes])
                     -test "${have_crypto_aead_modes}" = "yes" && AC_DEFINE([HAVE_AEAD_CIPHER_MODES], [1], [Use crypto library])
                      if test "${have_export_keying_material}" = "yes"; then
                      	AC_DEFINE(
                      		[HAVE_EXPORT_KEYING_MATERIAL], [1],

src/openvpn/crypto.c

History View file @ 94edc7c

@@ -64,7 +64,6 @@ static void
                      openvpn_encrypt_aead(struct buffer *buf, struct buffer work,
                                           struct crypto_options *opt)
+                     {
                     -#ifdef HAVE_AEAD_CIPHER_MODES
                          struct gc_arena gc;
                          int outlen = 0;
                          const struct key_ctx *ctx = &opt->key_ctx_bi.encrypt;
@@ -152,9 +151,6 @@ err:
                          buf->len = 0;
                          gc_free(&gc);
                          return;
                     -#else /* HAVE_AEAD_CIPHER_MODES */
                     -    ASSERT(0);
                     -#endif /* ifdef HAVE_AEAD_CIPHER_MODES */
+                     }
                      static void
@@ -361,7 +357,6 @@ openvpn_decrypt_aead(struct buffer *buf, struct buffer work,
                                           struct crypto_options *opt, const struct frame *frame,
                                           const uint8_t *ad_start)
+                     {
                     -#ifdef HAVE_AEAD_CIPHER_MODES
                          static const char error_prefix[] = "AEAD Decrypt error";
                          struct packet_id_net pin = { 0 };
                          const struct key_ctx *ctx = &opt->key_ctx_bi.decrypt;
@@ -482,10 +477,6 @@ error_exit:
                          buf->len = 0;
                          gc_free(&gc);
                          return false;
                     -#else /* HAVE_AEAD_CIPHER_MODES */
                     -    ASSERT(0);
                     -    return false;
                     -#endif /* ifdef HAVE_AEAD_CIPHER_MODES */
+                     }
                      /*
@@ -1104,7 +1095,6 @@ test_crypto(struct crypto_options *co, struct frame *frame)
                          /* init work */
                          ASSERT(buf_init(&work, FRAME_HEADROOM(frame)));
                     -#ifdef HAVE_AEAD_CIPHER_MODES
                          /* init implicit IV */
+                         {
                              const cipher_kt_t *cipher =
@@ -1126,7 +1116,6 @@ test_crypto(struct crypto_options *co, struct frame *frame)
                                  co->key_ctx_bi.decrypt.implicit_iv_len = impl_iv_len;
+                             }
+                         }
                     -#endif /* ifdef HAVE_AEAD_CIPHER_MODES */
                          msg(M_INFO, "Entering " PACKAGE_NAME " crypto self-test mode.");
                          for (i = 1; i <= TUN_MTU_SIZE(frame); ++i)

src/openvpn/crypto_mbedtls.c

History View file @ 94edc7c

@@ -530,12 +530,10 @@ cipher_kt_block_size(const mbedtls_cipher_info_t *cipher_kt)
 int
 cipher_kt_tag_size(const mbedtls_cipher_info_t *cipher_kt)
 {
-#ifdef HAVE_AEAD_CIPHER_MODES
     if (cipher_kt && cipher_kt_mode_aead(cipher_kt))
     {
         return OPENVPN_AEAD_TAG_LENGTH;
     }
-#endif
     return 0;
 }
 
@@ -632,7 +630,6 @@ cipher_ctx_iv_length(const mbedtls_cipher_context_t *ctx)
 int
 cipher_ctx_get_tag(cipher_ctx_t *ctx, uint8_t *tag, int tag_len)
 {
-#ifdef HAVE_AEAD_CIPHER_MODES
     if (tag_len > SIZE_MAX)
     {
         return 0;
@@ -644,9 +641,6 @@ cipher_ctx_get_tag(cipher_ctx_t *ctx, uint8_t *tag, int tag_len)
     }
 
     return 1;
-#else  /* ifdef HAVE_AEAD_CIPHER_MODES */
-    ASSERT(0);
-#endif /* HAVE_AEAD_CIPHER_MODES */
 }
 
 int
@@ -688,7 +682,6 @@ cipher_ctx_reset(mbedtls_cipher_context_t *ctx, const uint8_t *iv_buf)
 int
 cipher_ctx_update_ad(cipher_ctx_t *ctx, const uint8_t *src, int src_len)
 {
-#ifdef HAVE_AEAD_CIPHER_MODES
     if (src_len > SIZE_MAX)
     {
         return 0;
@@ -700,9 +693,6 @@ cipher_ctx_update_ad(cipher_ctx_t *ctx, const uint8_t *src, int src_len)
     }
 
     return 1;
-#else  /* ifdef HAVE_AEAD_CIPHER_MODES */
-    ASSERT(0);
-#endif /* HAVE_AEAD_CIPHER_MODES */
 }
 
 int
@@ -741,7 +731,6 @@ int
 cipher_ctx_final_check_tag(mbedtls_cipher_context_t *ctx, uint8_t *dst,
                            int *dst_len, uint8_t *tag, size_t tag_len)
 {
-#ifdef HAVE_AEAD_CIPHER_MODES
     size_t olen = 0;
 
     if (MBEDTLS_DECRYPT != ctx->operation)
@@ -773,9 +762,6 @@ cipher_ctx_final_check_tag(mbedtls_cipher_context_t *ctx, uint8_t *dst,
     }
 
     return 1;
-#else  /* ifdef HAVE_AEAD_CIPHER_MODES */
-    ASSERT(0);
-#endif /* HAVE_AEAD_CIPHER_MODES */
 }
 
 void

src/openvpn/crypto_openssl.c

History View file @ 94edc7c

@@ -301,9 +301,7 @@ show_available_ciphers(void)
 #ifdef ENABLE_OFB_CFB_MODE
                        || cipher_kt_mode_ofb_cfb(cipher)
 #endif
-#ifdef HAVE_AEAD_CIPHER_MODES
                        || cipher_kt_mode_aead(cipher)
-#endif
                        ))
         {
             cipher_list[num_ciphers++] = cipher;
@@ -710,11 +708,8 @@ bool
 cipher_kt_mode_cbc(const cipher_kt_t *cipher)
 {
     return cipher && cipher_kt_mode(cipher) == OPENVPN_MODE_CBC
-#ifdef EVP_CIPH_FLAG_AEAD_CIPHER
            /* Exclude AEAD cipher modes, they require a different API */
-           && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
-#endif
-    ;
+           && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER);
 }
 
 bool
@@ -722,17 +717,13 @@ cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher)
 {
     return cipher && (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB
                       || cipher_kt_mode(cipher) == OPENVPN_MODE_CFB)
-#ifdef EVP_CIPH_FLAG_AEAD_CIPHER
            /* Exclude AEAD cipher modes, they require a different API */
-           && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
-#endif
-    ;
+           && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER);
 }
 
 bool
 cipher_kt_mode_aead(const cipher_kt_t *cipher)
 {
-#ifdef HAVE_AEAD_CIPHER_MODES
     if (cipher)
     {
         switch (EVP_CIPHER_nid(cipher))
@@ -746,7 +737,6 @@ cipher_kt_mode_aead(const cipher_kt_t *cipher)
                 return true;
         }
     }
-#endif
 
     return false;
 }
@@ -806,11 +796,7 @@ cipher_ctx_iv_length(const EVP_CIPHER_CTX *ctx)
 int
 cipher_ctx_get_tag(EVP_CIPHER_CTX *ctx, uint8_t *tag_buf, int tag_size)
 {
-#ifdef HAVE_AEAD_CIPHER_MODES
     return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, tag_size, tag_buf);
-#else
-    ASSERT(0);
-#endif
 }
 
 int
@@ -841,16 +827,12 @@ cipher_ctx_reset(EVP_CIPHER_CTX *ctx, const uint8_t *iv_buf)
 int
 cipher_ctx_update_ad(EVP_CIPHER_CTX *ctx, const uint8_t *src, int src_len)
 {
-#ifdef HAVE_AEAD_CIPHER_MODES
     int len;
     if (!EVP_CipherUpdate(ctx, NULL, &len, src, src_len))
     {
         crypto_msg(M_FATAL, "%s: EVP_CipherUpdate() failed", __func__);
     }
     return 1;
-#else  /* ifdef HAVE_AEAD_CIPHER_MODES */
-    ASSERT(0);
-#endif
 }
 
 int
@@ -874,7 +856,6 @@ int
 cipher_ctx_final_check_tag(EVP_CIPHER_CTX *ctx, uint8_t *dst, int *dst_len,
                            uint8_t *tag, size_t tag_len)
 {
-#ifdef HAVE_AEAD_CIPHER_MODES
     ASSERT(tag_len < SIZE_MAX);
     if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, tag_len, tag))
     {
@@ -882,9 +863,6 @@ cipher_ctx_final_check_tag(EVP_CIPHER_CTX *ctx, uint8_t *dst, int *dst_len,
     }
 
     return cipher_ctx_final(ctx, dst, dst_len);
-#else  /* ifdef HAVE_AEAD_CIPHER_MODES */
-    ASSERT(0);
-#endif
 }
 
 void

src/openvpn/crypto_openssl.h

History View file @ 94edc7c

@@ -61,13 +61,9 @@ typedef HMAC_CTX hmac_ctx_t;
                      /** Cipher is in CFB mode */
                      #define OPENVPN_MODE_CFB        EVP_CIPH_CFB_MODE
                     -#ifdef HAVE_AEAD_CIPHER_MODES
+                    -
                      /** Cipher is in GCM mode */
                      #define OPENVPN_MODE_GCM        EVP_CIPH_GCM_MODE
                     -#endif /* HAVE_AEAD_CIPHER_MODES */
+                    -
                      /** Cipher should encrypt */
                      #define OPENVPN_OP_ENCRYPT      1

src/openvpn/options.c

History View file @ 94edc7c

@@ -104,9 +104,7 @@ const char title_string[] =
                          " [MH/RECVDA]"
                      #endif
                      #endif
                     -#ifdef HAVE_AEAD_CIPHER_MODES
                          " [AEAD]"
                     -#endif
                          " built on " __DATE__
+                     ;
@@ -871,11 +869,7 @@ init_options(struct options *o, const bool init_gc)
                          o->scheduled_exit_interval = 5;
                      #endif
                          o->ciphername = "BF-CBC";
                     -#ifdef HAVE_AEAD_CIPHER_MODES /* IV_NCP=2 requires GCM support */
                          o->ncp_enabled = true;
                     -#else
                     -    o->ncp_enabled = false;
                     -#endif
                          o->ncp_ciphers = "AES-256-GCM:AES-128-GCM";
                          o->authname = "SHA1";
                          o->prng_hash = "SHA1";

...	...	@@ -530,12 +530,10 @@ cipher_kt_block_size(const mbedtls_cipher_info_t *cipher_kt)
530	530	int
531	531	cipher_kt_tag_size(const mbedtls_cipher_info_t *cipher_kt)
532	532	{
533		-#ifdef HAVE_AEAD_CIPHER_MODES
534	533	if (cipher_kt && cipher_kt_mode_aead(cipher_kt))
535	534	{
536	535	return OPENVPN_AEAD_TAG_LENGTH;
537	536	}
538		-#endif
539	537	return 0;
540	538	}
541	539
...	...	@@ -632,7 +630,6 @@ cipher_ctx_iv_length(const mbedtls_cipher_context_t *ctx)
632	632	int
633	633	cipher_ctx_get_tag(cipher_ctx_t ctx, uint8_t tag, int tag_len)
634	634	{
635		-#ifdef HAVE_AEAD_CIPHER_MODES
636	635	if (tag_len > SIZE_MAX)
637	636	{
638	637	return 0;
...	...	@@ -644,9 +641,6 @@ cipher_ctx_get_tag(cipher_ctx_t ctx, uint8_t tag, int tag_len)
644	644	}
645	645
646	646	return 1;
647		-#else /* ifdef HAVE_AEAD_CIPHER_MODES */
648		- ASSERT(0);
649		-#endif /* HAVE_AEAD_CIPHER_MODES */
650	647	}
651	648
652	649	int
...	...	@@ -688,7 +682,6 @@ cipher_ctx_reset(mbedtls_cipher_context_t ctx, const uint8_t iv_buf)
688	688	int
689	689	cipher_ctx_update_ad(cipher_ctx_t ctx, const uint8_t src, int src_len)
690	690	{
691		-#ifdef HAVE_AEAD_CIPHER_MODES
692	691	if (src_len > SIZE_MAX)
693	692	{
694	693	return 0;
...	...	@@ -700,9 +693,6 @@ cipher_ctx_update_ad(cipher_ctx_t ctx, const uint8_t src, int src_len)
700	700	}
701	701
702	702	return 1;
703		-#else /* ifdef HAVE_AEAD_CIPHER_MODES */
704		- ASSERT(0);
705		-#endif /* HAVE_AEAD_CIPHER_MODES */
706	703	}
707	704
708	705	int
...	...	@@ -741,7 +731,6 @@ int
741	741	cipher_ctx_final_check_tag(mbedtls_cipher_context_t ctx, uint8_t dst,
742	742	int dst_len, uint8_t tag, size_t tag_len)
743	743	{
744		-#ifdef HAVE_AEAD_CIPHER_MODES
745	744	size_t olen = 0;
746	745
747	746	if (MBEDTLS_DECRYPT != ctx->operation)
...	...	@@ -773,9 +762,6 @@ cipher_ctx_final_check_tag(mbedtls_cipher_context_t ctx, uint8_t dst,
773	773	}
774	774
775	775	return 1;
776		-#else /* ifdef HAVE_AEAD_CIPHER_MODES */
777		- ASSERT(0);
778		-#endif /* HAVE_AEAD_CIPHER_MODES */
779	776	}
780	777
781	778	void

...	...	@@ -301,9 +301,7 @@ show_available_ciphers(void)
301	301	#ifdef ENABLE_OFB_CFB_MODE
302	302	\|\| cipher_kt_mode_ofb_cfb(cipher)
303	303	#endif
304		-#ifdef HAVE_AEAD_CIPHER_MODES
305	304	\|\| cipher_kt_mode_aead(cipher)
306		-#endif
307	305	))
308	306	{
309	307	cipher_list[num_ciphers++] = cipher;
...	...	@@ -710,11 +708,8 @@ bool
710	710	cipher_kt_mode_cbc(const cipher_kt_t *cipher)
711	711	{
712	712	return cipher && cipher_kt_mode(cipher) == OPENVPN_MODE_CBC
713		-#ifdef EVP_CIPH_FLAG_AEAD_CIPHER
714	713	/* Exclude AEAD cipher modes, they require a different API */
715		- && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
716		-#endif
717		- ;
	714	+ && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER);
718	715	}
719	716
720	717	bool
...	...	@@ -722,17 +717,13 @@ cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher)
722	722	{
723	723	return cipher && (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB
724	724	\|\| cipher_kt_mode(cipher) == OPENVPN_MODE_CFB)
725		-#ifdef EVP_CIPH_FLAG_AEAD_CIPHER
726	725	/* Exclude AEAD cipher modes, they require a different API */
727		- && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
728		-#endif
729		- ;
	726	+ && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER);
730	727	}
731	728
732	729	bool
733	730	cipher_kt_mode_aead(const cipher_kt_t *cipher)
734	731	{
735		-#ifdef HAVE_AEAD_CIPHER_MODES
736	732	if (cipher)
737	733	{
738	734	switch (EVP_CIPHER_nid(cipher))
...	...	@@ -746,7 +737,6 @@ cipher_kt_mode_aead(const cipher_kt_t *cipher)
746	746	return true;
747	747	}
748	748	}
749		-#endif
750	749
751	750	return false;
752	751	}
...	...	@@ -806,11 +796,7 @@ cipher_ctx_iv_length(const EVP_CIPHER_CTX *ctx)
806	806	int
807	807	cipher_ctx_get_tag(EVP_CIPHER_CTX ctx, uint8_t tag_buf, int tag_size)
808	808	{
809		-#ifdef HAVE_AEAD_CIPHER_MODES
810	809	return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, tag_size, tag_buf);
811		-#else
812		- ASSERT(0);
813		-#endif
814	810	}
815	811
816	812	int
...	...	@@ -841,16 +827,12 @@ cipher_ctx_reset(EVP_CIPHER_CTX ctx, const uint8_t iv_buf)
841	841	int
842	842	cipher_ctx_update_ad(EVP_CIPHER_CTX ctx, const uint8_t src, int src_len)
843	843	{
844		-#ifdef HAVE_AEAD_CIPHER_MODES
845	844	int len;
846	845	if (!EVP_CipherUpdate(ctx, NULL, &len, src, src_len))
847	846	{
848	847	crypto_msg(M_FATAL, "%s: EVP_CipherUpdate() failed", __func__);
849	848	}
850	849	return 1;
851		-#else /* ifdef HAVE_AEAD_CIPHER_MODES */
852		- ASSERT(0);
853		-#endif
854	850	}
855	851
856	852	int
...	...	@@ -874,7 +856,6 @@ int
874	874	cipher_ctx_final_check_tag(EVP_CIPHER_CTX ctx, uint8_t dst, int *dst_len,
875	875	uint8_t *tag, size_t tag_len)
876	876	{
877		-#ifdef HAVE_AEAD_CIPHER_MODES
878	877	ASSERT(tag_len < SIZE_MAX);
879	878	if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, tag_len, tag))
880	879	{
...	...	@@ -882,9 +863,6 @@ cipher_ctx_final_check_tag(EVP_CIPHER_CTX ctx, uint8_t dst, int *dst_len,
882	882	}
883	883
884	884	return cipher_ctx_final(ctx, dst, dst_len);
885		-#else /* ifdef HAVE_AEAD_CIPHER_MODES */
886		- ASSERT(0);
887		-#endif
888	885	}
889	886
890	887	void