PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Add compatibility with OpenSSL 1.1.0 pre5 and previous versions

Browse Source 
Add some checks to know which OpenSSL version is used, to be sure
the code follows the syntax of the version used (including 1.1.0).
This commit is contained in:
vincent
2016-08-01 09:34:56 +00:00
parent 8c8e4a08c6
commit aedd25c3a2
5 changed files with 249 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
ncat/ncat_ssl.c
View File

@@ -315,7 +315,12 @@ static int cert_match_dnsname(X509 *cert, const char *hostname,
/* We must copy this address into a temporary variable because ASN1_item_d2i
increments it. We don't want it to corrupt ext->value->data. */
#if OPENSSL_VERSION_NUMBER < 0x10100000L
data = ext->value->data;
#else
ASN1_OCTET_STRING* asn1_str = X509_EXTENSION_get_data(ext);
data = asn1_str->data;
#endif
/* Here we rely on the fact that the internal representation (the "i" in
"i2d") for NID_subject_alt_name is STACK_OF(GENERAL_NAME). Converting it
to a stack of CONF_VALUE with a i2v method is not satisfactory, because a
@@ -323,13 +328,27 @@ static int cert_match_dnsname(X509 *cert, const char *hostname,
presence of null bytes. */
#if (OPENSSL_VERSION_NUMBER > 0x00907000L)
if (method->it != NULL) {
#if OPENSSL_VERSION_NUMBER < 0x10100000L
gen_names = (STACK_OF(GENERAL_NAME) *) ASN1_item_d2i(NULL,
(const unsigned char **) &data,
ext->value->length, ASN1_ITEM_ptr(method->it));
#else
ASN1_OCTET_STRING* asn1_str_a = X509_EXTENSION_get_data(ext);
gen_names = (STACK_OF(GENERAL_NAME) *) ASN1_item_d2i(NULL,
(const unsigned char **) &data,
asn1_str_a->length, ASN1_ITEM_ptr(method->it));
#endif
} else {
#if OPENSSL_VERSION_NUMBER < 0x10100000L
gen_names = (STACK_OF(GENERAL_NAME) *) method->d2i(NULL,
(const unsigned char **) &data,
ext->value->length);
#else
ASN1_OCTET_STRING* asn1_str_b = X509_EXTENSION_get_data(ext);
gen_names = (STACK_OF(GENERAL_NAME) *) method->d2i(NULL,
(const unsigned char **) &data,
asn1_str_b->length);
#endif
}
#else
gen_names = (STACK_OF(GENERAL_NAME) *) method->d2i(NULL,

4
ncat/test/test-wildcard.c
View File

@@ -253,7 +253,11 @@ static int set_dNSNames(X509 *cert, const struct lstr dNSNames[])
if (gen_name == NULL)
goto stack_err;
gen_name->type = GEN_DNS;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
gen_name->d.dNSName = M_ASN1_IA5STRING_new();
#else
gen_name->d.dNSName = ASN1_IA5STRING_new();
#endif
if (gen_name->d.dNSName == NULL)
goto name_err;
if (ASN1_STRING_set(gen_name->d.dNSName, name->s, name->len) == 0)

123
nping/Crypto.cc
View File

@@ -178,21 +178,39 @@ int Crypto::aes128_cbc_encrypt(u8 *inbuff, size_t inlen, u8 *dst_buff, u8 *key,
#ifdef HAVE_OPENSSL
if( o.doCrypto() ){
int flen=0, flen2=0;
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
EVP_CIPHER_CTX_set_padding(&ctx, 0);
int result=OP_SUCCESS;
if( EVP_EncryptInit(&ctx, EVP_aes_128_cbc(), key, iv)==0 ){
nping_print(DBG_4, "EVP_EncryptInit() failed");
result=OP_FAILURE;
}else if( EVP_EncryptUpdate(&ctx, dst_buff, &flen, inbuff, (int)inlen)==0 ){
nping_print(DBG_4, "EVP_EncryptUpdate() failed");
result=OP_FAILURE;
}else if( EVP_EncryptFinal(&ctx, dst_buff+flen, &flen2)==0 ){
nping_print(DBG_4, "EVP_EncryptFinal() failed");
result=OP_FAILURE;
}
EVP_CIPHER_CTX_cleanup(&ctx);
#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
EVP_CIPHER_CTX_set_padding(&ctx, 0);
int result=OP_SUCCESS;
if( EVP_EncryptInit(&ctx, EVP_aes_128_cbc(), key, iv)==0 ){
nping_print(DBG_4, "EVP_EncryptInit() failed");
result=OP_FAILURE;
}else if( EVP_EncryptUpdate(&ctx, dst_buff, &flen, inbuff, (int)inlen)==0 ){
nping_print(DBG_4, "EVP_EncryptUpdate() failed");
result=OP_FAILURE;
}else if( EVP_EncryptFinal(&ctx, dst_buff+flen, &flen2)==0 ){
nping_print(DBG_4, "EVP_EncryptFinal() failed");
result=OP_FAILURE;
}
EVP_CIPHER_CTX_cleanup(&ctx);
#else
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_reset(ctx);
EVP_CIPHER_CTX_set_padding(ctx, 0);
int result=OP_SUCCESS;
if( EVP_EncryptInit(ctx, EVP_aes_128_cbc(), key, iv)==0 ){
nping_print(DBG_4, "EVP_EncryptInit() failed");
result=OP_FAILURE;
}else if( EVP_EncryptUpdate(ctx, dst_buff, &flen, inbuff, (int)inlen)==0 ){
nping_print(DBG_4, "EVP_EncryptUpdate() failed");
result=OP_FAILURE;
}else if( EVP_EncryptFinal(ctx, dst_buff+flen, &flen2)==0 ){
nping_print(DBG_4, "EVP_EncryptFinal() failed");
result=OP_FAILURE;
}
EVP_CIPHER_CTX_cleanup(ctx);
#endif
return result;
}
#endif
@@ -213,19 +231,35 @@ int Crypto::aes128_cbc_decrypt(u8 *inbuff, size_t inlen, u8 *dst_buff, u8 *key,
#ifdef HAVE_OPENSSL
if( o.doCrypto() ){
int flen1=0, flen2=0;
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
EVP_CIPHER_CTX_set_padding(&ctx, 0);
int result=OP_SUCCESS;
if( EVP_DecryptInit(&ctx, EVP_aes_128_cbc(), key, iv)==0 ){
nping_print(DBG_4, "EVP_DecryptInit() failed");
result=OP_FAILURE;
}else if( EVP_DecryptUpdate(&ctx, dst_buff, &flen1, inbuff, (int)inlen)==0 ){
nping_print(DBG_4, "EVP_DecryptUpdate() failed");
result=OP_FAILURE;
}else if( EVP_DecryptFinal(&ctx, dst_buff+flen1, &flen2)==0 ){
nping_print(DBG_4, "OpenSSL bug: it says EVP_DecryptFinal() failed when it didn't (%s).",
ERR_error_string(ERR_peek_last_error(), NULL));
#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
EVP_CIPHER_CTX_set_padding(&ctx, 0);
int result=OP_SUCCESS;
if( EVP_DecryptInit(&ctx, EVP_aes_128_cbc(), key, iv)==0 ){
nping_print(DBG_4, "EVP_DecryptInit() failed");
result=OP_FAILURE;
}else if( EVP_DecryptUpdate(&ctx, dst_buff, &flen1, inbuff, (int)inlen)==0 ){
nping_print(DBG_4, "EVP_DecryptUpdate() failed");
result=OP_FAILURE;
}else if( EVP_DecryptFinal(&ctx, dst_buff+flen1, &flen2)==0 ){
nping_print(DBG_4, "OpenSSL bug: it says EVP_DecryptFinal() failed when it didn't (%s).",
ERR_error_string(ERR_peek_last_error(), NULL));
#else
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_reset(ctx);
EVP_CIPHER_CTX_set_padding(ctx, 0);
int result=OP_SUCCESS;
if( EVP_DecryptInit(ctx, EVP_aes_128_cbc(), key, iv)==0 ){
nping_print(DBG_4, "EVP_DecryptInit() failed");
result=OP_FAILURE;
}else if( EVP_DecryptUpdate(ctx, dst_buff, &flen1, inbuff, (int)inlen)==0 ){
nping_print(DBG_4, "EVP_DecryptUpdate() failed");
result=OP_FAILURE;
}else if( EVP_DecryptFinal(ctx, dst_buff+flen1, &flen2)==0 ){
nping_print(DBG_4, "OpenSSL bug: it says EVP_DecryptFinal() failed when it didn't (%s).",
ERR_error_string(ERR_peek_last_error(), NULL));
#endif
/* We do not return OP_FAILURE in this case because the
* EVP_DecryptFinal() function seems to be buggy and fails when it shouldn't.
* We are passing a buffer whose length is multiple of the AES block
@@ -252,7 +286,11 @@ int Crypto::aes128_cbc_decrypt(u8 *inbuff, size_t inlen, u8 *dst_buff, u8 *key,
//ERR_free_strings();
//ERR_pop_to_mark();
}
EVP_CIPHER_CTX_cleanup(&ctx);
#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_CIPHER_CTX_cleanup(&ctx);
#else
EVP_CIPHER_CTX_reset(ctx);
#endif
return result;
}
#endif
@@ -289,6 +327,7 @@ u8 *Crypto::deriveKey(const u8 *from, size_t fromlen, size_t *final_len){
static u8 hash[MAX(SHA256_HASH_LEN, EVP_MAX_MD_SIZE)];
static u8 next[MAX(SHA256_HASH_LEN, EVP_MAX_MD_SIZE)];
unsigned int lastlen;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_MD_CTX ctx;
EVP_MD_CTX_init(&ctx);
@@ -310,7 +349,33 @@ u8 *Crypto::deriveKey(const u8 *from, size_t fromlen, size_t *final_len){
}
if(final_len!=NULL)
*final_len=SHA256_HASH_LEN;
EVP_MD_CTX_cleanup(&ctx);
#else
EVP_MD_CTX *ctx = EVP_MD_CTX_new();
EVP_MD_CTX_init(ctx);
if( EVP_MD_size(EVP_sha256()) != SHA256_HASH_LEN )
nping_fatal(QT_2, "OpenSSL is broken. SHA256 len is %d\n", EVP_MD_size(EVP_sha256()) );
/* Compute the SHA256 hash of the supplied buffer */
EVP_DigestInit(ctx, EVP_sha256());
EVP_DigestUpdate(ctx, from, fromlen);
EVP_DigestFinal(ctx, hash, &lastlen);
/* Now compute the 1000th hash of that hash */
for(int i=0; i<TIMES_KEY_DERIVATION; i++){
EVP_MD_CTX_init(ctx);
EVP_DigestInit(ctx, EVP_sha256());
EVP_DigestUpdate(ctx, hash, SHA256_HASH_LEN);
EVP_DigestFinal(ctx, next, &lastlen);
memcpy(hash, next, SHA256_HASH_LEN);
}
if(final_len!=NULL)
*final_len=SHA256_HASH_LEN;
EVP_MD_CTX_free(ctx);
#endif
return hash;
}
#endif

116
nse_openssl.cc
View File

@@ -281,12 +281,17 @@ static int l_digest(lua_State *L) /** digest(string algorithm, string messag
const unsigned char *msg = (unsigned char *) luaL_checklstring( L, 2, &msg_len );
unsigned char digest[EVP_MAX_MD_SIZE];
const EVP_MD * evp_md;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_MD_CTX mdctx;
#else
EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
#endif
evp_md = EVP_get_digestbyname( algorithm );
if (!evp_md) return luaL_error( L, "Unknown digest algorithm: %s", algorithm );
#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_MD_CTX_init(&mdctx);
if (!(
EVP_DigestInit_ex( &mdctx, evp_md, NULL ) &&
@@ -298,6 +303,22 @@ static int l_digest(lua_State *L) /** digest(string algorithm, string messag
ERR_func_error_string(e), ERR_reason_error_string(e));
}
EVP_MD_CTX_cleanup( &mdctx );
#else
EVP_MD_CTX_reset(mdctx);
if (!(
EVP_DigestInit_ex( mdctx, evp_md, NULL ) &&
EVP_DigestUpdate( mdctx, msg, msg_len ) &&
EVP_DigestFinal_ex( mdctx, digest, &digest_len ))) {
/* EVP_MD_CTX_cleanup deprecated in OpenSSL 1.1 _ EVP_MD_CTX_reset()
should be called instead to reinitialise an already created structure. */
EVP_MD_CTX_reset( mdctx );
unsigned long e = ERR_get_error();
return luaL_error( L, "OpenSSL error %d in %s: function %s: %s", e, ERR_lib_error_string(e),
ERR_func_error_string(e), ERR_reason_error_string(e));
}
/* EVP_MD_CTX_cleanup deprecated in OpenSSL 1.1 */
EVP_MD_CTX_reset( mdctx );
#endif
lua_pushlstring( L, (char *) digest, digest_len );
return 1;
@@ -373,6 +394,7 @@ static int l_encrypt(lua_State *L) /** encrypt( string algorithm, string key, st
if (iv[0] == '\0')
iv = NULL;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_CIPHER_CTX cipher_ctx;
EVP_CIPHER_CTX_init( &cipher_ctx );
@@ -410,6 +432,51 @@ static int l_encrypt(lua_State *L) /** encrypt( string algorithm, string key, st
lua_pushlstring( L, (char *) out, out_len + final_len );
EVP_CIPHER_CTX_cleanup( &cipher_ctx );
#else
EVP_CIPHER_CTX *cipher_ctx = EVP_CIPHER_CTX_new();
/* EVP_CIPHER_CTX_init remains as an alias for EVP_CIPHER_CTX_reset()
in OpenSSL 1.1.0. As this symbol was missing in the static library,
I replaced it with EVP_CIPHER_CTX_reset */
EVP_CIPHER_CTX_reset( cipher_ctx );
/* First create the cipher context, then set the key length and padding, and
check the iv length. Below we set the key and iv. */
if (!(
EVP_EncryptInit_ex( cipher_ctx, evp_cipher, NULL, NULL, NULL ) &&
EVP_CIPHER_CTX_set_key_length( cipher_ctx, key_len ) &&
EVP_CIPHER_CTX_set_padding( cipher_ctx, padding ))) {
unsigned long e = ERR_get_error();
return luaL_error( L, "OpenSSL error %d in %s: function %s: %s", e, ERR_lib_error_string(e),
ERR_func_error_string(e), ERR_reason_error_string(e));
}
if (iv != NULL && (int) iv_len != EVP_CIPHER_CTX_iv_length( cipher_ctx )) {
return luaL_error( L, "Length of iv is %d; should be %d",
(int) iv_len, EVP_CIPHER_CTX_iv_length( cipher_ctx ));
}
int out_len, final_len;
unsigned char * out = (unsigned char *) malloc( data_len + EVP_MAX_BLOCK_LENGTH );
if (!out) return luaL_error( L, "Couldn't allocate memory.");
if (!(
EVP_EncryptInit_ex( cipher_ctx, NULL, NULL, key, iv ) &&
EVP_EncryptUpdate( cipher_ctx, out, &out_len, data, data_len ) &&
EVP_EncryptFinal_ex( cipher_ctx, out + out_len, &final_len ) )) {
/* EVP_CIPHER_CTX_cleanup is now deprecated in OpenSSL 1.1 _ replaced by
EVP_CIPHER_CTX_reset (same args & return value) */
EVP_CIPHER_CTX_reset( cipher_ctx );
free( out );
unsigned long e = ERR_get_error();
return luaL_error( L, "OpenSSL error %d in %s: function %s: %s", e, ERR_lib_error_string(e),
ERR_func_error_string(e), ERR_reason_error_string(e));
}
lua_pushlstring( L, (char *) out, out_len + final_len );
/* EVP_CIPHER_CTX_cleanup deprecated in OpenSSL 1.1 */
EVP_CIPHER_CTX_reset( cipher_ctx );
#endif
free( out );
return 1;
@@ -429,6 +496,7 @@ static int l_decrypt(lua_State *L) /** decrypt( string algorithm, string key, st
if (iv[0] == '\0')
iv = NULL;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_CIPHER_CTX cipher_ctx;
EVP_CIPHER_CTX_init( &cipher_ctx );
@@ -464,6 +532,48 @@ static int l_decrypt(lua_State *L) /** decrypt( string algorithm, string key, st
lua_pushlstring( L, (char *) out, out_len + final_len );
EVP_CIPHER_CTX_cleanup( &cipher_ctx );
#else
EVP_CIPHER_CTX *cipher_ctx = EVP_CIPHER_CTX_new();
/* EVP_CIPHER_CTX_init remains as an alias for EVP_CIPHER_CTX_reset()
in OpenSSL 1.1.0. As this symbol was missing in the static library,
I replaced it with EVP_CIPHER_CTX_reset */
EVP_CIPHER_CTX_reset( cipher_ctx );
if (!(
EVP_DecryptInit_ex( cipher_ctx, evp_cipher, NULL, NULL, NULL ) &&
EVP_CIPHER_CTX_set_key_length( cipher_ctx, key_len ) &&
EVP_CIPHER_CTX_set_padding( cipher_ctx, padding ))) {
unsigned long e = ERR_get_error();
return luaL_error( L, "OpenSSL error %d in %s: function %s: %s", e, ERR_lib_error_string(e),
ERR_func_error_string(e), ERR_reason_error_string(e));
}
if (iv != NULL && (int) iv_len != EVP_CIPHER_CTX_iv_length( cipher_ctx )) {
return luaL_error( L, "Length of iv is %d; should be %d",
(int) iv_len, EVP_CIPHER_CTX_iv_length( cipher_ctx ));
}
int out_len, final_len;
unsigned char * out = (unsigned char *) malloc( data_len );
if (!out) return luaL_error( L, "Couldn't allocate memory.");
if (!(
EVP_DecryptInit_ex( cipher_ctx, NULL, NULL, key, iv ) &&
EVP_DecryptUpdate( cipher_ctx, out, &out_len, data, data_len ) &&
EVP_DecryptFinal_ex( cipher_ctx, out + out_len, &final_len ) )) {
/* EVP_CIPHER_CTX_cleanup deprecated in OpenSSL 1.1 */
EVP_CIPHER_CTX_reset( cipher_ctx );
free( out );
unsigned long e = ERR_get_error();
return luaL_error( L, "OpenSSL error %d in %s: function %s: %s", e, ERR_lib_error_string(e),
ERR_func_error_string(e), ERR_reason_error_string(e));
}
lua_pushlstring( L, (char *) out, out_len + final_len );
/* EVP_CIPHER_CTX_cleanup deprecated in OpenSSL 1.1 */
EVP_CIPHER_CTX_reset( cipher_ctx );
#endif
free( out );
return 1;
@@ -574,7 +684,13 @@ static const struct luaL_Reg openssllib[] = {
LUALIB_API int luaopen_openssl(lua_State *L) {
OpenSSL_add_all_algorithms();
#if OPENSSL_VERSION_NUMBER < 0x10100000L
ERR_load_crypto_strings();
#else
/* This is now deprecated in OpenSSL 1.1.0 _ No explicit initialisation
or de-initialisation is necessary */
// ERR_load_crypto_strings();
#endif
luaL_newlib(L, openssllib);

17
nse_ssl_cert.cc
View File

@@ -133,6 +133,7 @@
#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/x509.h>
#include <openssl/evp.h>
extern "C"
{
@@ -384,7 +385,7 @@ static void asn1_time_to_obj(lua_State *L, const ASN1_TIME *s)
/* This is a helper function for x509_validity_to_table. It builds a table with
the two members "notBefore" and "notAfter", whose values are what is returned
from asn1_time_to_obj. */
static void x509_validity_to_table(lua_State *L, const X509 *cert)
static void x509_validity_to_table(lua_State *L, X509 *cert)
{
lua_newtable(L);
@@ -527,7 +528,11 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
lua_setfield(L, -2, "subject");
}
#if OPENSSL_VERSION_NUMBER < 0x10100000L
const char *sig_algo = OBJ_nid2ln(OBJ_obj2nid(cert->sig_alg->algorithm));
#else
const char *sig_algo = OBJ_nid2ln(X509_get_signature_nid(cert));
#endif
lua_pushstring(L, sig_algo);
lua_setfield(L, -2, "sig_algorithm");
@@ -545,7 +550,11 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
pubkey = X509_get_pubkey(cert);
lua_newtable(L);
#if OPENSSL_VERSION_NUMBER < 0x10100000L
pkey_type = EVP_PKEY_type(pubkey->type);
#else
pkey_type = EVP_PKEY_base_id(pubkey);
#endif
#ifdef EVP_PKEY_EC
if (pkey_type == EVP_PKEY_EC) {
lua_push_ecdhparams(L, pubkey);
@@ -558,7 +567,13 @@ static int parse_ssl_cert(lua_State *L, X509 *cert)
bignum_data_t * data = (bignum_data_t *) lua_newuserdata( L, sizeof(bignum_data_t));
luaL_getmetatable( L, "BIGNUM" );
lua_setmetatable( L, -2 );
#if OPENSSL_VERSION_NUMBER < 0x10100000L
data->bn = rsa->e;
#else
BIGNUM *n, *e, *d;
RSA_get0_key(rsa, &n, &e, &d);
data->bn = e;
#endif
lua_setfield(L, -2, "exponent");
}
lua_pushstring(L, pkey_type_to_string(pkey_type));