[PATCH v2 1/6] pem: remove index argument
by James Prestwood
This argument seems to always be hard coded to zero.
---
ell/pem.c | 41 ++++++++++++++++++-----------------------
ell/pem.h | 5 ++---
2 files changed, 20 insertions(+), 26 deletions(-)
diff --git a/ell/pem.c b/ell/pem.c
index 352d461..721a05b 100644
--- a/ell/pem.c
+++ b/ell/pem.c
@@ -124,7 +124,7 @@ static bool is_end_boundary(const uint8_t *buf, size_t buf_len,
return true;
}
-static uint8_t *pem_load_buffer(const uint8_t *buf, size_t buf_len, int index,
+static uint8_t *pem_load_buffer(const uint8_t *buf, size_t buf_len,
char **type_label, size_t *len,
const uint8_t **endp)
{
@@ -149,24 +149,19 @@ static uint8_t *pem_load_buffer(const uint8_t *buf, size_t buf_len, int index,
if (label)
base64_data = eol;
} else if (is_end_boundary(buf, eol - buf, label, label_len)) {
- if (index == 0) {
- data = l_base64_decode(
- (const char *) base64_data,
- buf - base64_data, len);
- if (!data)
- return NULL;
-
- *type_label = l_strndup((const char *) label,
- label_len);
+ data = l_base64_decode(
+ (const char *) base64_data,
+ buf - base64_data, len);
+ if (!data)
+ return NULL;
- if (endp)
- *endp = eol + 1;
+ *type_label = l_strndup((const char *) label,
+ label_len);
- return data;
- }
+ if (endp)
+ *endp = eol + 1;
- base64_data = NULL;
- index--;
+ return data;
}
if (eol == buf + buf_len)
@@ -189,10 +184,10 @@ static uint8_t *pem_load_buffer(const uint8_t *buf, size_t buf_len, int index,
}
LIB_EXPORT uint8_t *l_pem_load_buffer(const uint8_t *buf, size_t buf_len,
- int index, char **type_label,
+ char **type_label,
size_t *out_len)
{
- return pem_load_buffer(buf, buf_len, index, type_label, out_len, NULL);
+ return pem_load_buffer(buf, buf_len, type_label, out_len, NULL);
}
struct pem_file_info {
@@ -232,7 +227,7 @@ static void pem_file_close(struct pem_file_info *info)
close(info->fd);
}
-LIB_EXPORT uint8_t *l_pem_load_file(const char *filename, int index,
+LIB_EXPORT uint8_t *l_pem_load_file(const char *filename,
char **type_label, size_t *len)
{
struct pem_file_info file;
@@ -241,7 +236,7 @@ LIB_EXPORT uint8_t *l_pem_load_file(const char *filename, int index,
if (pem_file_open(&file, filename) < 0)
return NULL;
- result = pem_load_buffer(file.data, file.st.st_size, index,
+ result = pem_load_buffer(file.data, file.st.st_size,
type_label, len, NULL);
pem_file_close(&file);
return result;
@@ -300,7 +295,7 @@ LIB_EXPORT struct l_queue *l_pem_load_certificate_list_from_data(
char *label;
struct l_cert *cert;
- der = pem_load_buffer(ptr, end - ptr, 0, &label, &der_len, &ptr);
+ der = pem_load_buffer(ptr, end - ptr, &label, &der_len, &ptr);
if (!der || strcmp(label, "CERTIFICATE")) {
if (der)
@@ -470,7 +465,7 @@ LIB_EXPORT struct l_key *l_pem_load_private_key_from_data(const void *buf,
if (encrypted)
*encrypted = false;
- content = pem_load_buffer(buf, buf_len, 0, &label, &len, NULL);
+ content = pem_load_buffer(buf, buf_len, &label, &len, NULL);
if (!content)
return NULL;
@@ -505,7 +500,7 @@ LIB_EXPORT struct l_key *l_pem_load_private_key(const char *filename,
if (encrypted)
*encrypted = false;
- content = l_pem_load_file(filename, 0, &label, &len);
+ content = l_pem_load_file(filename, &label, &len);
if (!content)
return NULL;
diff --git a/ell/pem.h b/ell/pem.h
index 41583e2..da5e273 100644
--- a/ell/pem.h
+++ b/ell/pem.h
@@ -33,9 +33,8 @@ struct l_cert;
struct l_certchain;
uint8_t *l_pem_load_buffer(const uint8_t *buf, size_t buf_len,
- int index, char **type_label, size_t *out_len);
-uint8_t *l_pem_load_file(const char *filename, int index,
- char **type_label, size_t *len);
+ char **type_label, size_t *out_len);
+uint8_t *l_pem_load_file(const char *filename, char **type_label, size_t *len);
struct l_certchain *l_pem_load_certificate_chain(const char *filename);
struct l_certchain *l_pem_load_certificate_chain_from_data(const void *buf,
--
2.17.1
2 years, 9 months
[PATCH 0/5] Extended group format
by James Prestwood
Most of the details are explained in the patch notes, but the main
reasoning for this is to allow embedding PEMs inside an l_settings
file. We have found that some systems are provisioned with certificates
in /home/<user>/.cert/. System services are not really intended to have
access to /home (though this is not always the case), and for IWD
we do not want to allow that. For this reason it makes a lot of sense
to include the certs in the provisioning file. This also makes
provisioning much easier from both an admin and user perspective as you
just need to supply a single file rather than the network config plus
certificates/keys.
James Prestwood (5):
pem: add _from_data variants to pem APIs
unit/test-pem: add tests for new _from_data APIs
pem: expose is_{start,end}_boundary
settings: introduce extended groups concept
unit/test-settings: add pem extended type tests
ell/ell.sym | 5 +
ell/pem.c | 152 ++++++++++++++++++++--------
ell/pem.h | 7 ++
ell/settings.c | 231 +++++++++++++++++++++++++++++++++++++++++-
ell/settings.h | 5 +
pem-private.h | 33 ++++++
unit/settings.test | 28 ++++++
unit/test-pem.c | 163 ++++++++++++++++++++++++++++++
unit/test-settings.c | 234 ++++++++++++++++++++++++++++++++++++++++++-
9 files changed, 806 insertions(+), 52 deletions(-)
create mode 100644 pem-private.h
--
2.17.1
2 years, 9 months
[PATCH] tls: raise min DH prime modulus length to 1536 bit
by Jonas Witschel
The minimum prime length required by the Linux kernel for DH
calculations is 1536 bit. If a smaller prime is used,
keyctl_dh_compute() will fail with EINVAL, cf. dh_check_params_length()
and dh_set_params() in crypto/dh.c of the kernel sources.
On encountering a smaller prime, ELL currently fails in
tls_send_dhe_client_key_xchg() with the not very instructive error
message "l_key_compute_dh_public failed". Since any prime smaller than
1536 bit is guaranteed to fail at this step, raise the already existing
minimum length check so that the handshake fails with the message
"Server DH prime modulus invalid" instead. This does not have any
compatibility implications since smaller primes never worked in the
first place, but gives a clearer indication of what went wrong.
---
ell/tls-suites.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/ell/tls-suites.c b/ell/tls-suites.c
index 9e020bd..ecaa2ec 100644
--- a/ell/tls-suites.c
+++ b/ell/tls-suites.c
@@ -880,13 +880,13 @@ static void tls_handle_dhe_server_key_xchg(struct l_tls *tls,
* We have no way to confirm that it's actually prime or that it's a
* "safe prime" or that it forms a group without small sub-groups.
* There's also no way to whitelist all valid values. But we do a
- * basic sanity check and require it to be 1024-bit or longer
- * (see weakdh.org), might need to move to 2048 bits actually.
+ * basic sanity check and require it to be 1536-bit or longer, the
+ * minimum length required by the Linux kernel for keyctl_dh_compute().
* The generator must also be at least within the min & max interval
* for the private/public values.
*/
- if (params->prime_len > TLS_DHE_MAX_SIZE || params->prime_len < 128 ||
+ if (params->prime_len > TLS_DHE_MAX_SIZE || params->prime_len < 192 ||
!(prime_buf[params->prime_len - 1] & 1)) {
TLS_DISCONNECT(TLS_ALERT_HANDSHAKE_FAIL, 0,
"Server DH prime modulus invalid");
--
2.23.0
2 years, 9 months
[PATCH 0/2] Correct l_uintset_isempty() logic
by Ossama Othman
The loop iteration over the 'bits' array in l_uintset_isempty()
exceeded the maximum offset for the given l_uintset, resulting in
out-of-bounds bits being considered for emptiness. Add a test that
demonstrates the problem, and correct the maximum offset when
iterating over the l_uintset 'bits' field.
Ossama Othman (2):
unit: Add l_uintset_isempty() test
uintset: Do not exceed max offset in empty check
ell/uintset.c | 5 ++++-
unit/test-uintset.c | 17 +++++++++++++++++
2 files changed, 21 insertions(+), 1 deletion(-)
--
2.20.1
2 years, 9 months
[PATCH] uintset: add l_uintset_isempty
by James Prestwood
---
ell/ell.sym | 1 +
ell/uintset.c | 21 +++++++++++++++++++++
ell/uintset.h | 1 +
3 files changed, 23 insertions(+)
diff --git a/ell/ell.sym b/ell/ell.sym
index d54a874..05f2d75 100644
--- a/ell/ell.sym
+++ b/ell/ell.sym
@@ -461,6 +461,7 @@ global:
l_uintset_find_min;
l_uintset_foreach;
l_uintset_intersect;
+ l_uintset_isempty;
/* uuid */
l_uuid_v3;
l_uuid_v5;
diff --git a/ell/uintset.c b/ell/uintset.c
index 60a9822..50119a0 100644
--- a/ell/uintset.c
+++ b/ell/uintset.c
@@ -506,3 +506,24 @@ LIB_EXPORT struct l_uintset *l_uintset_intersect(const struct l_uintset *set_a,
return intersection;
}
+
+/**
+ * l_uintset_isempty
+ * @set: The set of numbers
+ *
+ * Returns true if the uintset has no entries, or if set is NULL.
+ */
+LIB_EXPORT bool l_uintset_isempty(const struct l_uintset *set)
+{
+ uint16_t i;
+
+ if (unlikely(!set))
+ return true;
+
+ for (i = 0; i < set->size; i++) {
+ if (set->bits[i])
+ return false;
+ }
+
+ return true;
+}
diff --git a/ell/uintset.h b/ell/uintset.h
index c05a21b..8215def 100644
--- a/ell/uintset.h
+++ b/ell/uintset.h
@@ -57,6 +57,7 @@ void l_uintset_foreach(struct l_uintset *set,
struct l_uintset *l_uintset_intersect(const struct l_uintset *set_a,
const struct l_uintset *set_b);
+bool l_uintset_isempty(const struct l_uintset *set);
#ifdef __cplusplus
}
--
2.17.1
2 years, 9 months
