Updated to support OpenSSL 3 (#295)

* Updated to support OpenSSL 3

* Addressed reviewer's comments

* Refactored group.cpp
* Added Github actions for OpenSSL 3
* Added OpenSSL vcpkg.json for MLS library and interop binary

* clang-tidy conformance and updated tests for FIPS mode

* Fixed broken GitHub actions

* Updated built-baseline to allow Windows to find OpenSSL 3.0.7

* Addressed reviewer's comments

* Removed unused OpenSSL 3 vcpkg.json for interop

* Added missing pkg-config to OpenSSL 3 CI build

.github/workflows/build_openssl3.yml

@@ -0,0 +1,68 @@
+name: Build and Test (OpenSSL 3)
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+  schedule:
+    - cron: '30 3 * * 1'
+
+env:
+  CTEST_OUTPUT_ON_FAILURE: 1
+
+jobs:
+  build:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [windows-latest, ubuntu-latest, macos-latest]
+        include:
+            - os: windows-latest
+              vcpkg-cmake-file: "$env:VCPKG_INSTALLATION_ROOT\\scripts\\buildsystems\\vcpkg.cmake"
+              ossl3-vcpkg-dir: "alternatives\\openssl_3"
+              ctest-target: RUN_TESTS
+            - os: ubuntu-latest
+              vcpkg-cmake-file: "$VCPKG_INSTALLATION_ROOT/scripts/buildsystems/vcpkg.cmake"
+              ossl3-vcpkg-dir: "alternatives/openssl_3"
+              ctest-target: test
+            - os: macos-latest
+              vcpkg-cmake-file: "$VCPKG_INSTALLATION_ROOT/scripts/buildsystems/vcpkg.cmake"
+              ossl3-vcpkg-dir: "alternatives/openssl_3"
+              ctest-target: test
+
+    env:
+      CMAKE_BUILD_DIR: ${{ github.workspace }}/build
+      CMAKE_TEST_DIR: ${{ github.workspace }}/build/test
+
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: dependencies (macos)
+      if: ${{ matrix.os == 'macos-latest' }}
+      run: |
+        brew install llvm pkg-config
+        ln -s "/usr/local/opt/llvm/bin/clang-format" "/usr/local/bin/clang-format"
+        ln -s "/usr/local/opt/llvm/bin/clang-tidy" "/usr/local/bin/clang-tidy"
+
+    - name: Restore cache
+      uses: actions/cache@v2
+      with:
+        path: |
+            ${{ env.CMAKE_BUILD_DIR }}/vcpkg_installed
+        key: ${{ runner.os }}-${{ hashFiles( '**/vcpkg.json' ) }}
+
+    - name: Configure to use clang-tidy and sanitizers
+      run: |
+        cmake -B "${{ env.CMAKE_BUILD_DIR }}" -DTESTING=ON -DCLANG_TIDY=ON -DSANITIZERS=ON -DVCPKG_MANIFEST_DIR="${{ matrix.ossl3-vcpkg-dir }}" -DCMAKE_TOOLCHAIN_FILE="${{ matrix.vcpkg-cmake-file}}" .
+
+    - name: Build
+      run: |
+        cmake --build "${{ env.CMAKE_BUILD_DIR }}"
+
+    - name: Unit tests
+      run: |
+         cmake --build "${{ env.CMAKE_BUILD_DIR }}" --target "${{ matrix.ctest-target}}"

CMakeLists.txt

@@ -70,14 +70,27 @@ endif()
 ### Dependencies
 ###
 
+# External libraries
+find_package(OpenSSL REQUIRED)
+if ( OPENSSL_FOUND )
+    if (${OPENSSL_VERSION} VERSION_GREATER_EQUAL 3)
+        add_compile_definitions(WITH_OPENSSL3)
+    elseif(${OPENSSL_VERSION} VERSION_LESS 1.1.1)
+        message(FATAL_ERROR "OpenSSL 1.1.1 or greater is required")
+    endif()
+    message(STATUS "OpenSSL Found: ${OPENSSL_VERSION}")
+    message(STATUS "OpenSSL Include: ${OPENSSL_INCLUDE_DIR}")
+    message(STATUS "OpenSSL Libraries: ${OPENSSL_LIBRARIES}")
+else()
+    message(FATAL_ERROR "No OpenSSL library found")
+endif()
+
 # Internal libraries
 add_subdirectory(lib)
 
 # Third-Party libraries in tree
 add_subdirectory(third_party)
 
-# External libraries
-find_package(OpenSSL 1.1 REQUIRED)
 
 ###
 ### Library Config

alternatives/openssl_3/vcpkg.json

@@ -0,0 +1,19 @@
+{
+  "name": "mlspp",
+  "version-string": "0.1",
+  "description": "Cisco MLS C++ library (OpenSSL 3)",
+  "dependencies": [
+    {
+      "name": "openssl",
+      "version>=": "3.0.7"
+    },
+    "doctest"
+  ],
+  "builtin-baseline": "5908d702d61cea1429b223a0b7a10ab86bad4c78",
+  "overrides": [
+    {
+      "name": "openssl",
+      "version": "3.0.7"
+    }
+  ]
+}

lib/bytes/test/bytes.cpp

@@ -1,5 +1,6 @@
 #include <bytes/bytes.h>
 #include <doctest/doctest.h>
+#include <memory>
 #include <sstream>
 
 using namespace bytes_ns;

lib/hpke/src/certificate.cpp

@@ -198,8 +198,8 @@ struct Certificate::ParsedCertificate
     , sub_alt_names(parse_san(x509.get()))
     , is_ca(X509_check_ca(x509.get()) != 0)
     , hash(compute_digest(x509.get()))
-    , not_before(asn1_time_to_chrono(X509_get_notBefore(x509.get())))
-    , not_after(asn1_time_to_chrono(X509_get_notAfter(x509.get())))
+    , not_before(asn1_time_to_chrono(X509_get0_notBefore(x509.get())))
+    , not_after(asn1_time_to_chrono(X509_get0_notAfter(x509.get())))
   {
   }
 

lib/hpke/src/digest.cpp

@@ -2,6 +2,9 @@
 
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
+#if defined(WITH_OPENSSL3)
+#include <openssl/core_names.h>
+#endif
 
 #include "openssl_common.h"
 
@@ -25,6 +28,26 @@ openssl_digest_type(Digest::ID digest)
   }
 }
 
+#if defined(WITH_OPENSSL3)
+static std::string
+openssl_digest_name(Digest::ID digest)
+{
+  switch (digest) {
+    case Digest::ID::SHA256:
+      return OSSL_DIGEST_NAME_SHA2_256;
+
+    case Digest::ID::SHA384:
+      return OSSL_DIGEST_NAME_SHA2_384;
+
+    case Digest::ID::SHA512:
+      return OSSL_DIGEST_NAME_SHA2_512;
+
+    default:
+      throw std::runtime_error("Unsupported digest algorithm");
+  }
+}
+#endif
+
 template<>
 const Digest&
 Digest::get<Digest::ID::SHA256>()
@@ -91,20 +114,40 @@ Digest::hmac(const bytes& key, const bytes& data) const
 bytes
 Digest::hmac_for_hkdf_extract(const bytes& key, const bytes& data) const
 {
+#if defined(WITH_OPENSSL3)
+  auto digest_name = openssl_digest_name(id);
+  std::array<OSSL_PARAM, 2> params = {
+    OSSL_PARAM_construct_utf8_string(
+      OSSL_ALG_PARAM_DIGEST, digest_name.data(), 0),
+    OSSL_PARAM_construct_end()
+  };
+  const auto mac =
+    make_typed_unique(EVP_MAC_fetch(nullptr, OSSL_MAC_NAME_HMAC, nullptr));
+  const auto ctx = make_typed_unique(EVP_MAC_CTX_new(mac.get()));
+#else
   const auto* type = openssl_digest_type(id);
   auto ctx = make_typed_unique(HMAC_CTX_new());
+#endif
+  if (ctx == nullptr) {
+    throw openssl_error();
+  }
 
   // Some FIPS-enabled libraries are overly conservative in their interpretation
   // of NIST SP 800-131A, which requires HMAC keys to be at least 112 bits long.
   // That document does not impose that requirement on HKDF, so we disable FIPS
   // enforcement for purposes of HKDF.
   //
   // https://doi.org/10.6028/NIST.SP.800-131Ar2
-  static const auto fips_min_hmac_key_len = 14;
   auto key_size = static_cast<int>(key.size());
+  // OpenSSL 3 does not support the flag EVP_MD_CTX_FLAG_NON_FIPS_ALLOW anymore.
+  // However, OpenSSL 3 in FIPS mode doesn't seem to check the HMAC key size
+  // constraint.
+#if !defined(WITH_OPENSSL3)
+  static const auto fips_min_hmac_key_len = 14;
   if (FIPS_mode() != 0 && key_size < fips_min_hmac_key_len) {
     HMAC_CTX_set_flags(ctx.get(), EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
   }
+#endif
 
   // Guard against sending nullptr to HMAC_Init_ex
   const auto* key_data = key.data();
@@ -113,19 +156,30 @@ Digest::hmac_for_hkdf_extract(const bytes& key, const bytes& data) const
     key_data = &non_null_zero_length_key;
   }
 
+  auto md = bytes(hash_size);
+#if defined(WITH_OPENSSL3)
+  if (1 != EVP_MAC_init(ctx.get(), key_data, key_size, params.data())) {
+    throw openssl_error();
+  }
+  if (1 != EVP_MAC_update(ctx.get(), data.data(), data.size())) {
+    throw openssl_error();
+  }
+  size_t size = 0;
+  if (1 != EVP_MAC_final(ctx.get(), md.data(), &size, hash_size)) {
+    throw openssl_error();
+  }
+#else
   if (1 != HMAC_Init_ex(ctx.get(), key_data, key_size, type, nullptr)) {
     throw openssl_error();
   }
-
   if (1 != HMAC_Update(ctx.get(), data.data(), data.size())) {
     throw openssl_error();
   }
-
-  auto md = bytes(hash_size);
   unsigned int size = 0;
   if (1 != HMAC_Final(ctx.get(), md.data(), &size)) {
     throw openssl_error();
   }
+#endif
 
   return md;
 }