NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commit5fd6105

committed

Fix handling of SCRAM-SHA-256's channel binding with RSA-PSS certificates

OpenSSL 1.1.1 and newer versions have added support for RSA-PSScertificates, which requires the use of a specific routine in OpenSSL todetermine which hash function to use when compiling it when usingchannel binding in SCRAM-SHA-256. X509_get_signature_nid(), that is theoriginal routine the channel binding code has relied on, is not able todetermine which hash algorithm to use for such certificates. However,X509_get_signature_info(), new to OpenSSL 1.1.1, is able to do it. Thiscommit switches the channel binding logic to rely onX509_get_signature_info() over X509_get_signature_nid(), which would bethe choice when building with 1.1.1 or newer.The error could have been triggered on the client or the server, hencelibpq and the backend need to have their related code paths patched.Note that attempting to load an RSA-PSS certificate with OpenSSL 1.1.0or older leads to a failure due to an unsupported algorithm.The discovery of relying on X509_get_signature_info() comes from Jacob,the tests have been written by Heikki (with few tweaks from me), while Ihave bundled the whole together while adding the bits needed for MSVCand meson.This issue exists since channel binding exists, so backpatch all the waydown. Some tests are added in 15~, triggered if compiling with OpenSSL1.1.1 or newer, where the certificate and key files can easily begenerated for RSA-PSS.Reported-by: Gunnar "Nick" BluthAuthor: Jacob Champion, Heikki LinnakangasDiscussion:https://postgr.es/m/17760-b6c61e752ec07060@postgresql.orgBackpatch-through: 11

1 parenta9fa6d7 commit5fd6105Copy full SHA for 5fd6105

File tree

14 files changed

+145

-11

lines changed

configure.ac
configure
src
- backend/libpq
  - be-secure-openssl.c
- include
  - libpq
    - libpq-be.h
  - pg_config.h.in
- interfaces/libpq
  - fe-secure-openssl.c
  - libpq-int.h
- test/ssl
  - README
  - conf
    - server-rsapss.config
  - sslfiles.mk
  - ssl
    - server-rsapss.crt
    - server-rsapss.key
  - t
    - 002_scram.pl
- tools/msvc
  - Solution.pm

14 files changed

+145

-11

lines changed

`‎configure‎`

Lines changed: 12 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -13260,6 +13260,18 @@ if test "x$ac_cv_func_CRYPTO_lock" = xyes; then :`
`13260`	`13260`	`#define HAVE_CRYPTO_LOCK 1`
`13261`	`13261`	`_ACEOF`
`13262`	`13262`
	`13263`	`+fi`
	`13264`	`+done`
	`13265`	`+`
	`13266`	`+ # Function introduced in OpenSSL 1.1.1.`
	`13267`	`+ for ac_func in X509_get_signature_info`
	`13268`	`+do :`
	`13269`	`+ ac_fn_c_check_func "$LINENO" "X509_get_signature_info" "ac_cv_func_X509_get_signature_info"`
	`13270`	`+if test "x$ac_cv_func_X509_get_signature_info" = xyes; then :`
	`13271`	`+ cat >>confdefs.h <<_ACEOF`
	`13272`	`+#define HAVE_X509_GET_SIGNATURE_INFO 1`
	`13273`	`+_ACEOF`
	`13274`	`+`
`13263`	`13275`	`fi`
`13264`	`13276`	`done`
`13265`	`13277`

`‎configure.ac‎`

Lines changed: 2 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -1352,6 +1352,8 @@ if test "$with_ssl" = openssl ; then`
`1352`	`1352`	`# thread-safety. In 1.1.0, it's no longer required, and CRYPTO_lock()`
`1353`	`1353`	`# function was removed.`
`1354`	`1354`	`AC_CHECK_FUNCS([CRYPTO_lock])`
	`1355`	`+# Function introduced in OpenSSL 1.1.1.`
	`1356`	`+AC_CHECK_FUNCS([X509_get_signature_info])`
`1355`	`1357`	`AC_DEFINE([USE_OPENSSL],1,[Define to 1 to build with OpenSSL support. (--with-ssl=openssl)])`
`1356`	`1358`	`elif test "$with_ssl" != no ; then`
`1357`	`1359`	`AC_MSG_ERROR([--with-ssl must specify openssl])`

`‎src/backend/libpq/be-secure-openssl.c‎`

Lines changed: 7 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -1320,7 +1320,7 @@ be_tls_get_peer_serial(Port port, char ptr, size_t len)`
`1320`	`1320`	`ptr[0]='\0';`
`1321`	`1321`	`}`
`1322`	`1322`
`1323`		`-#ifdefHAVE_X509_GET_SIGNATURE_NID`
	`1323`	`+#if defined(HAVE_X509_GET_SIGNATURE_NID)\|\| defined(HAVE_X509_GET_SIGNATURE_INFO)`
`1324`	`1324`	`char*`
`1325`	`1325`	`be_tls_get_certificate_hash(Portport,size_tlen)`
`1326`	`1326`	`{`
`@@ -1338,10 +1338,15 @@ be_tls_get_certificate_hash(Port port, size_t len)`
`1338`	`1338`
`1339`	`1339`	`/*`
`1340`	`1340`	`* Get the signature algorithm of the certificate to determine the hash`
`1341`		`- * algorithm to use for the result.`
	`1341`	`+ * algorithm to use for the result. Prefer X509_get_signature_info(),`
	`1342`	`+ * introduced in OpenSSL 1.1.1, which can handle RSA-PSS signatures.`
`1342`	`1343`	`*/`
	`1344`	`+#ifHAVE_X509_GET_SIGNATURE_INFO`
	`1345`	`+if (!X509_get_signature_info(server_cert,&algo_nid,NULL,NULL,NULL))`
	`1346`	`+#else`
`1343`	`1347`	`if (!OBJ_find_sigid_algs(X509_get_signature_nid(server_cert),`
`1344`	`1348`	`&algo_nid,NULL))`
	`1349`	`+#endif`
`1345`	`1350`	`elog(ERROR,"could not determine server certificate signature algorithm");`
`1346`	`1351`
`1347`	`1352`	`/*`

`‎src/include/libpq/libpq-be.h‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -300,7 +300,7 @@ extern void be_tls_get_peer_serial(Port port, char ptr, size_t len);`
`300`	`300`	`* This is not supported with old versions of OpenSSL that don't have`
`301`	`301`	`* the X509_get_signature_nid() function.`
`302`	`302`	`*/`
`303`		`-#if defined(USE_OPENSSL)&& defined(HAVE_X509_GET_SIGNATURE_NID)`
	`303`	`+#if defined(USE_OPENSSL)&&(defined(HAVE_X509_GET_SIGNATURE_NID)\|\| defined(HAVE_X509_GET_SIGNATURE_INFO))`
`304`	`304`	`#defineHAVE_BE_TLS_GET_CERTIFICATE_HASH`
`305`	`305`	`externcharbe_tls_get_certificate_hash(Portport,size_t*len);`
`306`	`306`	`#endif`

`‎src/include/pg_config.h.in‎`

Lines changed: 3 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -718,6 +718,9 @@`
`718`	`718`	/* Define to 1 if you have the `writev' function. */
`719`	`719`	`#undef HAVE_WRITEV`
`720`	`720`
	`721`	+/* Define to 1 if you have the `X509_get_signature_info' function. */
	`722`	`+#undef HAVE_X509_GET_SIGNATURE_INFO`
	`723`	`+`
`721`	`724`	/* Define to 1 if you have the `X509_get_signature_nid' function. */
`722`	`725`	`#undef HAVE_X509_GET_SIGNATURE_NID`
`723`	`726`

`‎src/interfaces/libpq/fe-secure-openssl.c‎`

Lines changed: 7 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -380,7 +380,7 @@ pgtls_write(PGconn conn, const void ptr, size_t len)`
`380`	`380`	`returnn;`
`381`	`381`	`}`
`382`	`382`
`383`		`-#ifdefHAVE_X509_GET_SIGNATURE_NID`
	`383`	`+#if defined(HAVE_X509_GET_SIGNATURE_NID)\|\| defined(HAVE_X509_GET_SIGNATURE_INFO)`
`384`	`384`	`char*`
`385`	`385`	`pgtls_get_peer_certificate_hash(PGconnconn,size_tlen)`
`386`	`386`	`{`
`@@ -400,10 +400,15 @@ pgtls_get_peer_certificate_hash(PGconn conn, size_t len)`
`400`	`400`
`401`	`401`	`/*`
`402`	`402`	`* Get the signature algorithm of the certificate to determine the hash`
`403`		`- * algorithm to use for the result.`
	`403`	`+ * algorithm to use for the result. Prefer X509_get_signature_info(),`
	`404`	`+ * introduced in OpenSSL 1.1.1, which can handle RSA-PSS signatures.`
`404`	`405`	`*/`
	`406`	`+#ifHAVE_X509_GET_SIGNATURE_INFO`
	`407`	`+if (!X509_get_signature_info(peer_cert,&algo_nid,NULL,NULL,NULL))`
	`408`	`+#else`
`405`	`409`	`if (!OBJ_find_sigid_algs(X509_get_signature_nid(peer_cert),`
`406`	`410`	`&algo_nid,NULL))`
	`411`	`+#endif`
`407`	`412`	`{`
`408`	`413`	`appendPQExpBufferStr(&conn->errorMessage,`
`409`	`414`	`libpq_gettext("could not determine server certificate signature algorithm\n"));`

`‎src/interfaces/libpq/libpq-int.h‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -804,7 +804,7 @@ extern ssize_t pgtls_write(PGconn conn, const void ptr, size_t len);`
`804`	`804`	`* This is not supported with old versions of OpenSSL that don't have`
`805`	`805`	`* the X509_get_signature_nid() function.`
`806`	`806`	`*/`
`807`		`-#if defined(USE_OPENSSL)&& defined(HAVE_X509_GET_SIGNATURE_NID)`
	`807`	`+#if defined(USE_OPENSSL)&&(defined(HAVE_X509_GET_SIGNATURE_NID)\|\| defined(HAVE_X509_GET_SIGNATURE_INFO))`
`808`	`808`	`#defineHAVE_PGTLS_GET_PEER_CERTIFICATE_HASH`
`809`	`809`	`externcharpgtls_get_peer_certificate_hash(PGconnconn,size_t*len);`
`810`	`810`	`#endif`

`‎src/test/ssl/README‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -92,6 +92,7 @@ ssl/ subdirectory. The Makefile also contains a rule, "make sslfiles", to`
`92`	`92`	`recreate them if you need to make changes. "make sslfiles-clean" is required`
`93`	`93`	`in order to recreate the full set of keypairs and certificates. To rebuild`
`94`	`94`	`separate files, touch (or remove) the files in question and run "make sslfiles".`
	`95`	`+This step requires at least OpenSSL 1.1.1.`
`95`	`96`
`96`	`97`	`TODO`
`97`	`98`	`====`

`‎src/test/ssl/conf/server-rsapss.config‎`

Lines changed: 14 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,14 @@`
	`1`	`+# An OpenSSL format CSR config file for creating a server certificate.`
	`2`	`+#`
	`3`	`+# This is identical to server-cn-only certificate, but we specify`
	`4`	`+# RSA-PSS as the algorithm on the command line.`
	`5`	`+`
	`6`	`+[ req ]`
	`7`	`+distinguished_name = req_distinguished_name`
	`8`	`+prompt = no`
	`9`	`+`
	`10`	`+[ req_distinguished_name ]`
	`11`	`+CN = common-name.pg-ssltest.test`
	`12`	`+OU = PostgreSQL test suite`
	`13`	`+`
	`14`	`+# No Subject Alternative Names`

`‎src/test/ssl/ssl/server-rsapss.crt‎`

Lines changed: 21 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,21 @@`
	`1`	`+-----BEGIN CERTIFICATE-----`
	`2`	`+MIIDezCCAi4CFCrZutHsw0Vl3OCgOmvtL0I/XAZyMEIGCSqGSIb3DQEBCjA1oA8w`
	`3`	`+DQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQCiBAIC`
	`4`	`+AN4wRjEkMCIGA1UEAwwbY29tbW9uLW5hbWUucGctc3NsdGVzdC50ZXN0MR4wHAYD`
	`5`	`+VQQLDBVQb3N0Z3JlU1FMIHRlc3Qgc3VpdGUwHhcNMjMwMjEzMDEyMjA2WhcNMjMw`
	`6`	`+MzE1MDEyMjA2WjBGMSQwIgYDVQQDDBtjb21tb24tbmFtZS5wZy1zc2x0ZXN0LnRl`
	`7`	`+c3QxHjAcBgNVBAsMFVBvc3RncmVTUUwgdGVzdCBzdWl0ZTCCASAwCwYJKoZIhvcN`
	`8`	`+AQEKA4IBDwAwggEKAoIBAQC6YtrZZukJ4n31gKpcIOl65D9roe2jzcIBX1AZq1fR`
	`9`	`+I6qmt7aR0iFCKEy9D2fs6lM+NVQSurg7b0gKL+XoOadySAxALIrUwcCQM7rZvUR0`
	`10`	`+aKo3Qm0U00ir4x0i73/sTpY25zBSFoqGldmlqiIIWxpe8hqZEc6Sc78Bs2FaAa9A`
	`11`	`+5sTLaX5nG6jyreJweLcmv+TYFVqxNq7Y7tC67zWXr6r49JBkSHSibzBr/uFxOGsP`
	`12`	`+B9hwGo4/foACjeDNAT0vjwMLnV19Sd2zf9daBo+sd9bCj2C5CpOyXxFtO7cMh0tP`
	`13`	`+U3ZqcYPViFxcPObmhnJgqlBbgZD/WLxm1aFgUYjqMQ47AgMBAAEwQgYJKoZIhvcN`
	`14`	`+AQEKMDWgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQME`
	`15`	`+AgEFAKIEAgIA3gOCAQEAQpYu7fz9iz8CplCOp4SJ1eO9UjbtdxzvuaVR751TfYrX`
	`16`	`+OO19jq7YyWgqJDwROnDJBFEy9B+HaXTfscEHpGIHAIpx7S7az/gLnO90HshXcK+/`
	`17`	`+CbjW9axRB9TrD2zOrISl9NSuEZ5tbd5/Ml2yzY85CCjYPuNy+euH5XgcXcwF3Q49`
	`18`	`+G5eDJnaCCYzwdEOZY8ris9o9go8aL6zNAfhUKToRUfeoBCStOLZSgb6d/IKRB9eg`
	`19`	`+M0FImsMI3j5zHCiH0HhMwCRFRuZqTp1EMBHANIJncTZSGWQyKQ71zO/l/3YzwNfm`
	`20`	`+c2gyeh0DJWFkEZD3spWs8K6UEoTESP6Ivj47LmnWjg==`
	`21`	`+-----END CERTIFICATE-----`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit5fd6105

File tree

14 files changed

14 files changed

`‎configure‎`

`‎configure.ac‎`

`‎src/backend/libpq/be-secure-openssl.c‎`

`‎src/include/libpq/libpq-be.h‎`

`‎src/include/pg_config.h.in‎`

`‎src/interfaces/libpq/fe-secure-openssl.c‎`

`‎src/interfaces/libpq/libpq-int.h‎`

`‎src/test/ssl/README‎`

`‎src/test/ssl/conf/server-rsapss.config‎`

`‎src/test/ssl/ssl/server-rsapss.crt‎`

0 commit comments