Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sha512_256: add support for GnuTLS and OpenSSL #13070

Closed
wants to merge 1 commit into from
Closed

sha512_256: add support for GnuTLS and OpenSSL #13070

wants to merge 1 commit into from

Conversation

Karlson2k
Copy link
Contributor

@Karlson2k Karlson2k commented Mar 6, 2024
edited

This is a follow-up for PR #12897.

This PR adds support for SHA-512/256 digest calculation by TLS backends.
Currently only OpenSSL and GnuTLS (actually, nettle) support SHA-512/256.

This is an alternative implementation. The initial PR is #13053.

This version has more curl branding ;), simplified code (uses size_t for size instead of unsigned int as underling libs and avoids trying to process data in smaller chunks when size_t is larger than unsigned int), added error checking and reporting for the most used function Curl_sha512_256it(), renamed some symbols to avoid potential conflicts. With this PR code detects hashing problem reported by TLS backend and returns respective error.

Sorry, I couldn't resist improving the code even when my PR was already accepted.

@Karlson2k Karlson2k marked this pull request as draft March 6, 2024 23:51
This was referenced Mar 7, 2024
Closed
Closed
@Karlson2k Karlson2k marked this pull request as ready for review March 7, 2024 01:13
@Karlson2k
Copy link
Contributor Author

Check curl (windows msys2 mingw64_libssh) failure is just a docker failure.

@Karlson2k
Copy link
Contributor Author

Test 707 failure in AppVeyor / CMake, VS2010, Debug, x64, no SSL, Static seems to be unrelated.

@bagder bagder closed this in 05268cf Mar 7, 2024
@bagder
Copy link
Member

bagder commented Mar 7, 2024

Thanks!

@Karlson2k Karlson2k deleted the sha_512_256_backends_02 branch March 7, 2024 09:50
@dfandrich
Copy link
Contributor

Test 1615 and the other SHA-512/256 unit tests started dumping core on NetBSD after this was submitted: https://curl.se/dev/log.cgi?id=20240308034313-2594315#prob4

@Karlson2k
Copy link
Contributor Author

NetBSD 9.3 on ARM. Interesting.
@dfandrich Any chance to see stack trace or other details about test 1615?
Looks like some problems with OpenSSL, however it is not wrong features detection as linking is OK.

@dfandrich
Copy link
Contributor

dfandrich commented Mar 13, 2024 via email

@Karlson2k
Copy link
Contributor Author

@mkauf

NetBSD 9.3 on ARM. Interesting. @dfandrich Any chance to see stack trace or other details about test 1615? Looks like some problems with OpenSSL, however it is not wrong features detection as linking is OK.

@mkauf Could you please share this info?

@mkauf
Copy link
Contributor

mkauf commented Mar 14, 2024

@Karlson2k : The backtrace is:

Core was generated by `unit1615'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x78587c10 in memcmp () from /usr/lib/libc.so.12
#1  0x00016e78 in test (arg=0x7ffeac8c "-") at unit1615.c:126
#2  0x7db61474 in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)

@Karlson2k
Copy link
Contributor Author

Thanks, @mkauf

This is something weird. SIGSEGV in memcmp() where two parameters are are pointers to the arrays with fixed size and the third parameter is the size of the array.
I'd understand if this macro would be zero, but it's not. It is a fixed number.

Is it possible to make stack back trace with debug symbols and frame pointers?
Also backtraces for other failed tests would be helpful.

@Karlson2k
Copy link
Contributor Author

Here is the place where segmentation failure happens:

curl/tests/unit/unit1615.c

Lines 118 to 126 in fb3c251

unsigned char output_buf[SHA512_256_DIGEST_LENGTH];
unsigned char *computed_hash; /* Just to mute compiler warning */
/* Mute compiler warnings in 'verify_memory' macros below */
computed_hash = output_buf;
Curl_sha512_256it(output_buf, (const unsigned char *) test_str1,
(sizeof(test_str1) / sizeof(char)) - 1);
verify_memory(computed_hash, precomp_hash1, SHA512_256_DIGEST_LENGTH);

@mkauf
Copy link
Contributor

mkauf commented Mar 15, 2024

@Karlson2k I have discovered that NetBSD uses a patched version of OpenSSL which has a bug. I have reported it here: https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=58039

Links to NetBSD source:

The code in this pull request is fine, it's NetBSD's fault that curl crashes.

If you want to implement a workaround:

static CURLcode
Curl_sha512_256_finish(unsigned char *digest,
                       void *context)
{
  CURLcode ret;
  Curl_sha512_256_ctx *const ctx = (Curl_sha512_256_ctx *)context;

  /* Use a buffer size of EVP_MAX_MD_SIZE to work around a bug in NetBSD:
     https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=58039 */
  unsigned char tmp_digest[EVP_MAX_MD_SIZE];

  if(EVP_DigestFinal_ex(*ctx, tmp_digest, NULL)) {
    memcpy(digest, tmp_digest, SHA512_256_DIGEST_LENGTH);
    ret = CURLE_OK;
  }
  else {
    ret = CURLE_SSL_CIPHER;
  }

  EVP_MD_CTX_destroy(*ctx);
  *ctx = NULL;

  return ret;
}

@Karlson2k
Copy link
Contributor Author

Thanks for digging into it and finding the root cause, @mkauf!

I'll make a workaround based on your suggestion. Thanks for the suggested code changes!

@Karlson2k Karlson2k mentioned this pull request Mar 15, 2024
Closed
@Karlson2k
Copy link
Contributor Author

Karlson2k commented Mar 15, 2024
edited

I've created PR #13133 to workaround the bug.
The PR is based on the @mkauf suggestion.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bagder bagder bagder approved these changes

Assignees
No one assigned
Labels
cryptography
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@Karlson2k @bagder @dfandrich @mkauf