Remove missing AES-GCM workarounds
Darren Tucker
dtucker at dtucker.net
Fri Jul 22 16:36:15 AEST 2022
Hi.
We have some compatibility poo that was added to support OpenSSL
versions that do not support AES GCM mode. Since that time, however, the
minimum OpenSSL version that we support has moved to 1.0.1 which *does*
have GCM, so this compat poo is now useless and this diff removes it.
I've test-built this against OpenSSL 1.0.1 and LibreSSL 2.1.8.
(The same situation also applies to AES CTR mode compatibility, but
that also interacts with the --without-openssl hooks so that'll be a
separate patch.
ok?
diff --git a/cipher.c b/cipher.c
index 5b3a86d6..623f6afc 100644
--- a/cipher.c
+++ b/cipher.c
@@ -94,12 +94,10 @@ static const struct sshcipher ciphers[] = {
{ "aes128-ctr", 16, 16, 0, 0, 0, EVP_aes_128_ctr },
{ "aes192-ctr", 16, 24, 0, 0, 0, EVP_aes_192_ctr },
{ "aes256-ctr", 16, 32, 0, 0, 0, EVP_aes_256_ctr },
-# ifdef OPENSSL_HAVE_EVPGCM
{ "aes128-gcm at openssh.com",
16, 16, 12, 16, 0, EVP_aes_128_gcm },
{ "aes256-gcm at openssh.com",
16, 32, 12, 16, 0, EVP_aes_256_gcm },
-# endif /* OPENSSL_HAVE_EVPGCM */
#else
{ "aes128-ctr", 16, 16, 0, 0, CFLAG_AESCTR, NULL },
{ "aes192-ctr", 16, 24, 0, 0, CFLAG_AESCTR, NULL },
diff --git a/configure.ac b/configure.ac
index 3e9fd700..f618300f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2892,7 +2892,6 @@ if test "x$openssl" = "xyes" ; then
BN_is_prime_ex \
DES_crypt \
DSA_generate_parameters_ex \
- EVP_CIPHER_CTX_ctrl \
EVP_DigestFinal_ex \
EVP_DigestInit_ex \
EVP_MD_CTX_cleanup \
@@ -3009,35 +3008,6 @@ if test "x$openssl" = "xyes" ; then
]
)
- # Check for OpenSSL with EVP_aes_*gcm
- AC_MSG_CHECKING([whether OpenSSL has AES GCM via EVP])
- AC_LINK_IFELSE(
- [AC_LANG_PROGRAM([[
- #include <stdlib.h>
- #include <string.h>
- #include <openssl/evp.h>
- ]], [[
- exit(EVP_aes_128_gcm() == NULL ||
- EVP_aes_256_gcm() == NULL ||
- EVP_CTRL_GCM_SET_IV_FIXED == 0 ||
- EVP_CTRL_GCM_IV_GEN == 0 ||
- EVP_CTRL_GCM_SET_TAG == 0 ||
- EVP_CTRL_GCM_GET_TAG == 0 ||
- EVP_CIPHER_CTX_ctrl(NULL, 0, 0, NULL) == 0);
- ]])],
- [
- AC_MSG_RESULT([yes])
- AC_DEFINE([OPENSSL_HAVE_EVPGCM], [1],
- [libcrypto has EVP AES GCM])
- ],
- [
- AC_MSG_RESULT([no])
- unsupported_algorithms="$unsupported_cipers \
- aes128-gcm at openssh.com \
- aes256-gcm at openssh.com"
- ]
- )
-
AC_MSG_CHECKING([if EVP_DigestUpdate returns an int])
AC_LINK_IFELSE(
[AC_LANG_PROGRAM([[
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index 8ca50b5a..a60df125 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -76,23 +76,6 @@ const EVP_CIPHER *evp_aes_128_ctr(void);
void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, size_t);
#endif
-/* Avoid some #ifdef. Code that uses these is unreachable without GCM */
-#if !defined(OPENSSL_HAVE_EVPGCM) && !defined(EVP_CTRL_GCM_SET_IV_FIXED)
-# define EVP_CTRL_GCM_SET_IV_FIXED -1
-# define EVP_CTRL_GCM_IV_GEN -1
-# define EVP_CTRL_GCM_SET_TAG -1
-# define EVP_CTRL_GCM_GET_TAG -1
-#endif
-
-/* Replace missing EVP_CIPHER_CTX_ctrl() with something that returns failure */
-#ifndef HAVE_EVP_CIPHER_CTX_CTRL
-# ifdef OPENSSL_HAVE_EVPGCM
-# error AES-GCM enabled without EVP_CIPHER_CTX_ctrl /* shouldn't happen */
-# else
-# define EVP_CIPHER_CTX_ctrl(a,b,c,d) (0)
-# endif
-#endif
-
/* LibreSSL/OpenSSL 1.1x API compat */
#ifndef HAVE_DSA_GET0_PQG
void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q,
--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list