Merge branch 'maint-3.0' into maint-3.1

rhenium · rhenium · commit 09122c5a91b1 · 2024-05-02T15:57:49.000+09:00
* maint-3.0:
  pkcs7: raise PKCS7Error for PKCS7 without content in PKCS7.read_smime
  pkcs7: raise ArgumentError for PKCS7 with no content in PKCS7.new
  cipher: fix buffer overflow in Cipher#update
  ssl: allow failure on test_connect_certificate_verify_failed_exception_message
  .github/workflows/test.yml: synchronize with master
  Only CSR version 1 (encoded as 0) is allowed by PKIX standards
  test_asn1.rb: Remove the assertions of the time string format without second.
  test/openssl/test_asn1.rb: skip failing tests on LibreSSL 3.6.0
  Use EVP_Digest{Sign,Verify} when available
  Fix performance regression in do_write(s)
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -3,7 +3,13 @@ name: CI
 on: [push, pull_request]
 
 jobs:
+  ruby-versions:
+    uses: ruby/actions/.github/workflows/ruby_versions.yml@master
+    with:
+      engine: cruby-truffleruby
+      min_version: 2.6
   test:
+    needs: ruby-versions
     name: >-
       ${{ matrix.os }} ${{ matrix.ruby }}
     runs-on: ${{ matrix.os }}
@@ -12,17 +18,21 @@ jobs:
       matrix:
         # ubuntu-22.04 uses OpenSSL 3.0, ubuntu-20.04 uses OpenSSL 1.1.1
         os: [ ubuntu-22.04, ubuntu-20.04, macos-latest, windows-latest ]
-        ruby: [ head, "3.1", "3.0", "2.7", "2.6" ]
+        ruby: ${{ fromJson(needs.ruby-versions.outputs.versions) }}
         exclude:
           # uses non-standard MSYS2 OpenSSL 3 package
           - { os: windows-latest, ruby: head }
+          - { os: windows-latest, ruby: truffleruby }
+          - { os: windows-latest, ruby: truffleruby-head }
+          - { os: macos-latest,   ruby: truffleruby }
+          - { os: ubuntu-20.04,   ruby: truffleruby }
         include:
           - { os: windows-latest, ruby: ucrt }
           - { os: windows-latest, ruby: mswin }
 
     steps:
       - name: repo checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: load ruby
         uses: ruby/setup-ruby@v1
@@ -32,48 +42,73 @@ jobs:
       - name: depends
         run:  bundle install
 
+      # Enable the verbose option in mkmf.rb to print the compiling commands.
+      - name: enable mkmf verbose
+        run:  echo "MAKEFLAGS=V=1" >> $GITHUB_ENV
+        if: runner.os == 'Linux' || runner.os == 'macOS'
+
+      - name: set flags to check compiler warnings.
+        run:  echo "RUBY_OPENSSL_EXTCFLAGS=-Werror" >> $GITHUB_ENV
+        if: ${{ !matrix.skip-warnings }}
+
       - name: compile
-        run:  rake compile -- --enable-debug
+        run:  rake compile
 
       - name: test
-        run:  rake test TESTOPTS="-v --no-show-detail-immediately" OSSL_MDEBUG=1
+        run:  rake test TESTOPTS="-v --no-show-detail-immediately"
         timeout-minutes: 5
 
   test-openssls:
     name: >-
-      ${{ matrix.openssl }}
+      ${{ matrix.openssl }} ${{ matrix.name-extra || '' }}
     runs-on: ${{ matrix.os }}
     strategy:
       fail-fast: false
       matrix:
         os: [ ubuntu-latest ]
         ruby: [ "3.0" ]
         openssl:
+          # https://www.openssl.org/source/
           - openssl-1.0.2u # EOL
           - openssl-1.1.0l # EOL
-          - openssl-1.1.1s
-          - openssl-3.0.7
+          - openssl-1.1.1w # EOL
+          - openssl-3.0.13
+          - openssl-3.1.5
+          - openssl-3.2.1
+          - openssl-3.3.0
+          # http://www.libressl.org/releases.html
           - libressl-3.1.5 # EOL
           - libressl-3.2.7 # EOL
           - libressl-3.3.6 # EOL
           - libressl-3.4.3 # EOL
-          - libressl-3.5.3
-          - libressl-3.6.1
-          - libressl-3.7.0 # Development release
+          - libressl-3.5.3 # EOL
+          - libressl-3.6.3 # EOL
+          - libressl-3.7.3 # EOL
+          - libressl-3.8.4
+          - libressl-3.9.1
     steps:
       - name: repo checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: prepare openssl
         run: |
+          # Enable Bash debugging option temporarily for debugging use.
+          set -x
           mkdir -p tmp/build-openssl && cd tmp/build-openssl
           case ${{ matrix.openssl }} in
           openssl-*)
-            curl -OL https://ftp.openssl.org/source/${{ matrix.openssl }}.tar.gz
-            tar xf ${{ matrix.openssl }}.tar.gz && cd ${{ matrix.openssl }}
+            if [ -z "${{ matrix.git }}" ]; then
+              curl -OL https://ftp.openssl.org/source/${{ matrix.openssl }}.tar.gz
+              tar xf ${{ matrix.openssl }}.tar.gz && cd ${{ matrix.openssl }}
+            else
+              git clone -b ${{ matrix.branch }} --depth 1 ${{ matrix.git }} ${{ matrix.openssl }}
+              cd ${{ matrix.openssl }}
+              # Log the commit hash.
+              echo "Git commit: $(git rev-parse HEAD)"
+            fi
             # shared is required for 1.0.x.
             ./Configure --prefix=$HOME/.openssl/${{ matrix.openssl }} --libdir=lib \
-                shared linux-x86_64
+                shared linux-x86_64 ${{ matrix.append-configure }}
             make depend
             ;;
           libressl-*)
@@ -96,9 +131,17 @@ jobs:
       - name: depends
         run:  bundle install
 
+      - name: enable mkmf verbose
+        run:  echo "MAKEFLAGS=V=1" >> $GITHUB_ENV
+        if: runner.os == 'Linux' || runner.os == 'macOS'
+
+      - name: set flags to check compiler warnings.
+        run:  echo "RUBY_OPENSSL_EXTCFLAGS=-Werror" >> $GITHUB_ENV
+        if: ${{ !matrix.skip-warnings }}
+
       - name: compile
-        run:  rake compile -- --enable-debug --with-openssl-dir=$HOME/.openssl/${{ matrix.openssl }}
+        run:  rake compile -- --with-openssl-dir=$HOME/.openssl/${{ matrix.openssl }}
 
       - name: test
-        run:  rake test TESTOPTS="-v --no-show-detail-immediately" OSSL_MDEBUG=1
+        run:  rake test TESTOPTS="-v --no-show-detail-immediately"
         timeout-minutes: 5
diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c
@@ -386,11 +386,23 @@ ossl_cipher_update(int argc, VALUE *argv, VALUE self)
     in = (unsigned char *)RSTRING_PTR(data);
     in_len = RSTRING_LEN(data);
     GetCipher(self, ctx);
-    out_len = in_len+EVP_CIPHER_CTX_block_size(ctx);
-    if (out_len <= 0) {
+
+    /*
+     * As of OpenSSL 3.2, there is no reliable way to determine the required
+     * output buffer size for arbitrary cipher modes.
+     * https://github.com/openssl/openssl/issues/22628
+     *
+     * in_len+block_size is usually sufficient, but AES key wrap with padding
+     * ciphers require in_len+15 even though they have a block size of 8 bytes.
+     *
+     * Using EVP_MAX_BLOCK_LENGTH (32) as a safe upper bound for ciphers
+     * currently implemented in OpenSSL, but this can change in the future.
+     */
+    if (in_len > LONG_MAX - EVP_MAX_BLOCK_LENGTH) {
 	ossl_raise(rb_eRangeError,
 		   "data too big to make output buffer: %ld bytes", in_len);
     }
+    out_len = in_len + EVP_MAX_BLOCK_LENGTH;
 
     if (NIL_P(str)) {
         str = rb_str_new(0, out_len);
@@ -401,7 +413,7 @@ ossl_cipher_update(int argc, VALUE *argv, VALUE self)
 
     if (!ossl_cipher_update_long(ctx, (unsigned char *)RSTRING_PTR(str), &out_len, in, in_len))
 	ossl_raise(eCipherError, NULL);
-    assert(out_len < RSTRING_LEN(str));
+    assert(out_len <= RSTRING_LEN(str));
     rb_str_set_len(str, out_len);
 
     return str;
diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c
@@ -165,7 +165,11 @@ ossl_pkcs7_s_read_smime(VALUE klass, VALUE arg)
     out = NULL;
     pkcs7 = SMIME_read_PKCS7(in, &out);
     BIO_free(in);
-    if(!pkcs7) ossl_raise(ePKCS7Error, NULL);
+    if (!pkcs7)
+        ossl_raise(ePKCS7Error, "Could not parse the PKCS7");
+    if (!pkcs7->d.ptr)
+        ossl_raise(ePKCS7Error, "No content in PKCS7");
+
     data = out ? ossl_membio2str(out) : Qnil;
     SetPKCS7(ret, pkcs7);
     ossl_pkcs7_set_data(ret, data);
@@ -346,6 +350,8 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self)
     BIO_free(in);
     if (!p7)
         ossl_raise(rb_eArgError, "Could not parse the PKCS7");
+    if (!p7->d.ptr)
+        ossl_raise(rb_eArgError, "No content in PKCS7");
 
     RTYPEDDATA_DATA(self) = p7;
     PKCS7_free(p7_orig);
diff --git a/lib/openssl/buffering.rb b/lib/openssl/buffering.rb
@@ -348,13 +348,18 @@ def do_write(s)
     @wbuffer << s
     @wbuffer.force_encoding(Encoding::BINARY)
     @sync ||= false
-    if @sync or @wbuffer.size > BLOCK_SIZE
-      until @wbuffer.empty?
-        begin
-          nwrote = syswrite(@wbuffer)
-        rescue Errno::EAGAIN
-          retry
+    buffer_size = @wbuffer.size
+    if @sync or buffer_size > BLOCK_SIZE
+      nwrote = 0
+      begin
+        while nwrote < buffer_size do
+          begin
+            nwrote += syswrite(@wbuffer[nwrote, buffer_size - nwrote])
+          rescue Errno::EAGAIN
+            retry
+          end
         end
+      ensure
         @wbuffer[0, nwrote] = ""
       end
     end
diff --git a/test/openssl/test_asn1.rb b/test/openssl/test_asn1.rb
@@ -406,10 +406,6 @@ def test_utctime
     rescue OpenSSL::ASN1::ASN1Error
       pend "No negative time_t support?"
     end
-    # Seconds is omitted. LibreSSL 3.6.0 requires it
-    return if libressl?
-    decode_test B(%w{ 17 0B }) + "1609082343Z".b,
-      OpenSSL::ASN1::UTCTime.new(Time.utc(2016, 9, 8, 23, 43, 0))
     # not implemented
     # decode_test B(%w{ 17 11 }) + "500908234339+0930".b,
     #   OpenSSL::ASN1::UTCTime.new(Time.new(1950, 9, 8, 23, 43, 39, "+09:30"))
@@ -428,10 +424,6 @@ def test_generalizedtime
       OpenSSL::ASN1::GeneralizedTime.new(Time.utc(2016, 12, 8, 19, 34, 29))
     encode_decode_test B(%w{ 18 0F }) + "99990908234339Z".b,
       OpenSSL::ASN1::GeneralizedTime.new(Time.utc(9999, 9, 8, 23, 43, 39))
-    # LibreSSL 3.6.0 requires the seconds element
-    return if libressl?
-    decode_test B(%w{ 18 0D }) + "201612081934Z".b,
-      OpenSSL::ASN1::GeneralizedTime.new(Time.utc(2016, 12, 8, 19, 34, 0))
     # not implemented
     # decode_test B(%w{ 18 13 }) + "20161208193439+0930".b,
     #   OpenSSL::ASN1::GeneralizedTime.new(Time.new(2016, 12, 8, 19, 34, 39, "+09:30"))
diff --git a/test/openssl/test_cipher.rb b/test/openssl/test_cipher.rb
@@ -331,6 +331,22 @@ def test_aes_gcm_key_iv_order_issue
     assert_equal tag1, tag2
   end
 
+  def test_aes_keywrap_pad
+    # RFC 5649 Section 6; The second example
+    kek = ["5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8"].pack("H*")
+    key = ["466f7250617369"].pack("H*")
+    wrap = ["afbeb0f07dfbf5419200f2ccb50bb24f"].pack("H*")
+
+    begin
+      cipher = OpenSSL::Cipher.new("id-aes192-wrap-pad").encrypt
+    rescue OpenSSL::Cipher::CipherError, RuntimeError
+      omit "id-aes192-wrap-pad is not supported: #$!"
+    end
+    cipher.key = kek
+    ct = cipher.update(key) << cipher.final
+    assert_equal wrap, ct
+  end
+
   def test_non_aead_cipher_set_auth_data
     assert_raise(OpenSSL::Cipher::CipherError) {
       cipher = OpenSSL::Cipher.new("aes-128-cfb").encrypt
diff --git a/test/openssl/test_pkcs7.rb b/test/openssl/test_pkcs7.rb
@@ -155,6 +155,21 @@ def test_enveloped
     assert_equal(data, p7.decrypt(@rsa1024))
   end
 
+  def test_empty_signed_data_ruby_bug_19974
+    data = "-----BEGIN PKCS7-----\nMAsGCSqGSIb3DQEHAg==\n-----END PKCS7-----\n"
+    assert_raise(ArgumentError) { OpenSSL::PKCS7.new(data) }
+
+    data = <<END
+MIME-Version: 1.0
+Content-Disposition: attachment; filename="smime.p7m"
+Content-Type: application/x-pkcs7-mime; smime-type=signed-data; name="smime.p7m"
+Content-Transfer-Encoding: base64
+
+#{data}
+END
+    assert_raise(OpenSSL::PKCS7::PKCS7Error) { OpenSSL::PKCS7.read_smime(data) }
+  end
+
   def test_graceful_parsing_failure #[ruby-core:43250]
     contents = File.read(__FILE__)
     assert_raise(ArgumentError) { OpenSSL::PKCS7.new(contents) }
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
@@ -1043,6 +1043,9 @@ def test_verify_hostname_failure_error_code
   end
 
   def test_connect_certificate_verify_failed_exception_message
+    # Won't fix on the 3.0 branch
+    return if openssl?(3, 1, 0)
+
     start_server(ignore_listener_error: true) { |port|
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.set_params
diff --git a/test/openssl/test_x509req.rb b/test/openssl/test_x509req.rb
@@ -39,11 +39,6 @@ def test_version
     assert_equal(0, req.version)
     req = OpenSSL::X509::Request.new(req.to_der)
     assert_equal(0, req.version)
-
-    req = issue_csr(1, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))
-    assert_equal(1, req.version)
-    req = OpenSSL::X509::Request.new(req.to_der)
-    assert_equal(1, req.version)
   end
 
   def test_subject
@@ -106,7 +101,7 @@ def test_sign_and_verify_rsa_sha1
     assert_equal(false, req.verify(@rsa2048))
     assert_equal(false, request_error_returns_false { req.verify(@dsa256) })
     assert_equal(false, request_error_returns_false { req.verify(@dsa512) })
-    req.version = 1
+    req.subject = OpenSSL::X509::Name.parse("/C=JP/CN=FooBarFooBar")
     assert_equal(false, req.verify(@rsa1024))
   rescue OpenSSL::X509::RequestError # RHEL 9 disables SHA1
   end
