From f463f5620583a927653772ae7cee95736a963a55 Mon Sep 17 00:00:00 2001 From: Martin Vahlensieck Date: Tue, 28 May 2024 10:02:54 +0200 Subject: [PATCH 1/4] Pass through nil as digest when signing certificates In order to sign certificates with Ed25519 keys, NULL must be passed as md to X509_sign. This NULL is then passed (via ASN1_item_sign_ex) as type to EVP_DigestSignInit. The documentation[1] of EVP_DigestSignInit states that type must be NULL for various key types, including Ed25519. [1]: https://www.openssl.org/docs/manmaster/man3/EVP_DigestSignInit.html --- ext/openssl/ossl_x509cert.c | 6 +++++- test/openssl/fixtures/pkey/ed25519.pem | 3 +++ test/openssl/test_x509cert.rb | 20 ++++++++++++++++++++ 3 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 test/openssl/fixtures/pkey/ed25519.pem diff --git a/ext/openssl/ossl_x509cert.c b/ext/openssl/ossl_x509cert.c index aa6b9bb7c..9bee734fb 100644 --- a/ext/openssl/ossl_x509cert.c +++ b/ext/openssl/ossl_x509cert.c @@ -539,7 +539,11 @@ ossl_x509_sign(VALUE self, VALUE key, VALUE digest) const EVP_MD *md; pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */ - md = ossl_evp_get_digestbyname(digest); + if (NIL_P(digest)) { + md = NULL; /* needed for some key types, e.g. Ed25519 */ + } else { + md = ossl_evp_get_digestbyname(digest); + } GetX509(self, x509); if (!X509_sign(x509, pkey, md)) { ossl_raise(eX509CertError, NULL); diff --git a/test/openssl/fixtures/pkey/ed25519.pem b/test/openssl/fixtures/pkey/ed25519.pem new file mode 100644 index 000000000..fd24a8482 --- /dev/null +++ b/test/openssl/fixtures/pkey/ed25519.pem @@ -0,0 +1,3 @@ +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEIFfR9+7eHflbSCNLLWz50cKZG9J/dzNTyYCggFG1MKG9 +-----END PRIVATE KEY----- diff --git a/test/openssl/test_x509cert.rb b/test/openssl/test_x509cert.rb index 64805504d..925557597 100644 --- a/test/openssl/test_x509cert.rb +++ b/test/openssl/test_x509cert.rb @@ -222,6 +222,26 @@ def test_sign_and_verify_dsa_md5 } end + def test_sign_and_verify_ed25519 + # See test_ed25519 in test_pkey.rb + + # Ed25519 is not FIPS-approved. + omit_on_fips + + begin + ed25519 = Fixtures.pkey("ed25519") + rescue OpenSSL::PKey::PKeyError => e + # OpenSSL < 1.1.1 + # + pend "Ed25519 is not implemented" unless openssl?(1, 1, 1) + + raise e + end + + cert = issue_cert(@ca, ed25519, 1, [], nil, nil, digest: nil) + assert_equal(true, cert.verify(ed25519)) + end + def test_dsa_with_sha2 cert = issue_cert(@ca, @dsa256, 1, [], nil, nil, digest: "sha256") assert_equal("dsa_with_SHA256", cert.signature_algorithm) From b5f94811dc93448a954392c5962be4e7ecc4d8d9 Mon Sep 17 00:00:00 2001 From: Martin Vahlensieck Date: Mon, 10 Jun 2024 08:40:12 +0200 Subject: [PATCH 2/4] Use four spaces for indention --- ext/openssl/ossl_x509cert.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ext/openssl/ossl_x509cert.c b/ext/openssl/ossl_x509cert.c index 9bee734fb..4b390dfdc 100644 --- a/ext/openssl/ossl_x509cert.c +++ b/ext/openssl/ossl_x509cert.c @@ -540,9 +540,9 @@ ossl_x509_sign(VALUE self, VALUE key, VALUE digest) pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */ if (NIL_P(digest)) { - md = NULL; /* needed for some key types, e.g. Ed25519 */ + md = NULL; /* needed for some key types, e.g. Ed25519 */ } else { - md = ossl_evp_get_digestbyname(digest); + md = ossl_evp_get_digestbyname(digest); } GetX509(self, x509); if (!X509_sign(x509, pkey, md)) { From d4a6473801de86b363006f0d48b7b580b28af7a4 Mon Sep 17 00:00:00 2001 From: Martin Vahlensieck Date: Mon, 10 Jun 2024 08:51:16 +0200 Subject: [PATCH 3/4] Generate ed25519 key instead of using fixture Suggested by @rhenium. --- test/openssl/fixtures/pkey/ed25519.pem | 3 --- test/openssl/test_x509cert.rb | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) delete mode 100644 test/openssl/fixtures/pkey/ed25519.pem diff --git a/test/openssl/fixtures/pkey/ed25519.pem b/test/openssl/fixtures/pkey/ed25519.pem deleted file mode 100644 index fd24a8482..000000000 --- a/test/openssl/fixtures/pkey/ed25519.pem +++ /dev/null @@ -1,3 +0,0 @@ ------BEGIN PRIVATE KEY----- -MC4CAQAwBQYDK2VwBCIEIFfR9+7eHflbSCNLLWz50cKZG9J/dzNTyYCggFG1MKG9 ------END PRIVATE KEY----- diff --git a/test/openssl/test_x509cert.rb b/test/openssl/test_x509cert.rb index 925557597..867b2daa7 100644 --- a/test/openssl/test_x509cert.rb +++ b/test/openssl/test_x509cert.rb @@ -229,7 +229,7 @@ def test_sign_and_verify_ed25519 omit_on_fips begin - ed25519 = Fixtures.pkey("ed25519") + ed25519 = OpenSSL::PKey::generate_key("ED25519") rescue OpenSSL::PKey::PKeyError => e # OpenSSL < 1.1.1 # From db41077943e1e3584d626e790d76b1b15c53a538 Mon Sep 17 00:00:00 2001 From: Martin Vahlensieck Date: Tue, 11 Jun 2024 15:39:17 +0200 Subject: [PATCH 4/4] Skip Ed25519 certificate test for LibreSSL < 3.8.1 issue_cert ends up calling ASN1_item_sign_ctx in libcrypto, which was changed to work with Ed25519 in LibreSSL version 3.8.1. --- test/openssl/test_x509cert.rb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/test/openssl/test_x509cert.rb b/test/openssl/test_x509cert.rb index 867b2daa7..3e88f0544 100644 --- a/test/openssl/test_x509cert.rb +++ b/test/openssl/test_x509cert.rb @@ -238,6 +238,9 @@ def test_sign_and_verify_ed25519 raise e end + # See ASN1_item_sign_ctx in ChangeLog for 3.8.1: https://github.com/libressl/portable/blob/master/ChangeLog + pend 'ASN1 signing with Ed25519 not yet working' unless openssl? or libressl?(3, 8, 1) + cert = issue_cert(@ca, ed25519, 1, [], nil, nil, digest: nil) assert_equal(true, cert.verify(ed25519)) end