From a87d2f4041c6282a10ba0052241175d2b3dbb0ea Mon Sep 17 00:00:00 2001 From: Leonardo Francisco Date: Sun, 5 Apr 2026 16:14:34 -0400 Subject: [PATCH] validity: Fix compiler warnings in TLS code - Migrate from deprecated HMAC_* API to EVP_MAC (OpenSSL 3.x): tls_hmac_sign(), validity_tls_prf(), handle_priv_block() - Remove unused ec_privkey_from_coords() function - Remove unused x_le/y_le variables in handle_priv_block() - Fix const discard in OSSL_PARAM_utf8_string() call - Restore crt_hardcoded[] with G_GNUC_UNUSED (needed in Iter 6) --- libfprint/drivers/validity/validity_tls.c | 130 ++++++++++------------ 1 file changed, 61 insertions(+), 69 deletions(-) diff --git a/libfprint/drivers/validity/validity_tls.c b/libfprint/drivers/validity/validity_tls.c index 845e03a5..bdabe1e7 100644 --- a/libfprint/drivers/validity/validity_tls.c +++ b/libfprint/drivers/validity/validity_tls.c @@ -28,7 +28,6 @@ #include #include -#include #include #include #include @@ -68,8 +67,10 @@ static const guint8 fw_pubkey_y[32] = { 0x6e, 0x0d, 0xc5, 0xbe, 0xb6, 0xf8, 0x38, 0xa8 }; -/* Hardcoded CA certificate */ -static const guint8 crt_hardcoded[] = { +/* Hardcoded CA certificate — used during device pairing (init_flash) and + * TLS flash persistence (make_tls_flash, block ID 5). Not needed for the + * normal TLS handshake; kept here for Iteration 6. */ +static const guint8 crt_hardcoded[] G_GNUC_UNUSED = { 0x17, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xfc, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -106,6 +107,8 @@ static const guint8 crt_hardcoded[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; + + /* ================================================================ * TLS PRF (P_SHA256) — Standard TLS 1.2 PRF with HMAC-SHA256 * ================================================================ */ @@ -122,28 +125,45 @@ validity_tls_prf (const guint8 *secret, guint8 a[32]; /* A(i) */ guint8 p_hash[32]; /* P_hash iteration output */ gsize pos = 0; - unsigned int hmac_len; + size_t hmac_len; + + EVP_MAC *mac = EVP_MAC_fetch (NULL, "HMAC", NULL); + OSSL_PARAM prf_params[] = { + OSSL_PARAM_construct_utf8_string ("digest", (char *) "SHA256", 0), + OSSL_PARAM_construct_end (), + }; /* A(1) = HMAC(secret, seed) */ - HMAC (EVP_sha256 (), secret, secret_len, seed, seed_len, a, &hmac_len); + EVP_MAC_CTX *ctx = EVP_MAC_CTX_new (mac); + EVP_MAC_init (ctx, secret, secret_len, prf_params); + EVP_MAC_update (ctx, seed, seed_len); + EVP_MAC_final (ctx, a, &hmac_len, sizeof (a)); + EVP_MAC_CTX_free (ctx); for (guint i = 0; i < n; i++) { /* P_hash = HMAC(secret, A(i) || seed) */ - g_autofree guint8 *concat = g_malloc (32 + seed_len); - memcpy (concat, a, 32); - memcpy (concat + 32, seed, seed_len); - HMAC (EVP_sha256 (), secret, secret_len, concat, 32 + seed_len, - p_hash, &hmac_len); + ctx = EVP_MAC_CTX_new (mac); + EVP_MAC_init (ctx, secret, secret_len, prf_params); + EVP_MAC_update (ctx, a, 32); + EVP_MAC_update (ctx, seed, seed_len); + EVP_MAC_final (ctx, p_hash, &hmac_len, sizeof (p_hash)); + EVP_MAC_CTX_free (ctx); gsize to_copy = MIN (32, output_len - pos); memcpy (output + pos, p_hash, to_copy); pos += to_copy; /* A(i+1) = HMAC(secret, A(i)) */ - HMAC (EVP_sha256 (), secret, secret_len, a, 32, a, &hmac_len); + ctx = EVP_MAC_CTX_new (mac); + EVP_MAC_init (ctx, secret, secret_len, prf_params); + EVP_MAC_update (ctx, a, 32); + EVP_MAC_final (ctx, a, &hmac_len, sizeof (a)); + EVP_MAC_CTX_free (ctx); } + EVP_MAC_free (mac); + OPENSSL_cleanse (a, sizeof (a)); OPENSSL_cleanse (p_hash, sizeof (p_hash)); } @@ -294,7 +314,7 @@ tls_hmac_sign (const guint8 *key, guint8 content_type, guint8 *mac_out) { guint8 hdr[5]; - unsigned int mac_len; + size_t mac_len; hdr[0] = content_type; hdr[1] = TLS_VERSION_MAJOR; @@ -302,13 +322,19 @@ tls_hmac_sign (const guint8 *key, guint8 content_type, hdr[3] = (guint8) ((data_len >> 8) & 0xff); hdr[4] = (guint8) (data_len & 0xff); - /* HMAC(key, hdr || data) */ - HMAC_CTX *ctx = HMAC_CTX_new (); - HMAC_Init_ex (ctx, key, TLS_AES_KEY_SIZE, EVP_sha256 (), NULL); - HMAC_Update (ctx, hdr, sizeof (hdr)); - HMAC_Update (ctx, data, data_len); - HMAC_Final (ctx, mac_out, &mac_len); - HMAC_CTX_free (ctx); + /* HMAC(key, hdr || data) using EVP_MAC API (OpenSSL 3.0+) */ + EVP_MAC *mac = EVP_MAC_fetch (NULL, "HMAC", NULL); + EVP_MAC_CTX *ctx = EVP_MAC_CTX_new (mac); + OSSL_PARAM hmac_params[] = { + OSSL_PARAM_construct_utf8_string ("digest", (char *) "SHA256", 0), + OSSL_PARAM_construct_end (), + }; + EVP_MAC_init (ctx, key, TLS_AES_KEY_SIZE, hmac_params); + EVP_MAC_update (ctx, hdr, sizeof (hdr)); + EVP_MAC_update (ctx, data, data_len); + EVP_MAC_final (ctx, mac_out, &mac_len, TLS_HMAC_SIZE); + EVP_MAC_CTX_free (ctx); + EVP_MAC_free (mac); } static gboolean @@ -604,49 +630,6 @@ ec_pubkey_from_coords (const guint8 *x_le, const guint8 *y_le) return pkey; } -/* Helper: create EC private key from raw d,x,y coordinates (little-endian) */ -static EVP_PKEY * -ec_privkey_from_coords (const guint8 *d_le, const guint8 *x_le, - const guint8 *y_le) -{ - guint8 d_be[TLS_EC_COORD_SIZE]; - guint8 x_be[TLS_EC_COORD_SIZE]; - guint8 y_be[TLS_EC_COORD_SIZE]; - - for (gsize i = 0; i < TLS_EC_COORD_SIZE; i++) - { - d_be[i] = d_le[TLS_EC_COORD_SIZE - 1 - i]; - x_be[i] = x_le[TLS_EC_COORD_SIZE - 1 - i]; - y_be[i] = y_le[TLS_EC_COORD_SIZE - 1 - i]; - } - - /* Build uncompressed point: 0x04 || x || y */ - guint8 pubpoint[1 + 2 * TLS_EC_COORD_SIZE]; - pubpoint[0] = 0x04; - memcpy (pubpoint + 1, x_be, TLS_EC_COORD_SIZE); - memcpy (pubpoint + 1 + TLS_EC_COORD_SIZE, y_be, TLS_EC_COORD_SIZE); - - EVP_PKEY *pkey = NULL; - OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new (); - OSSL_PARAM_BLD_push_utf8_string (bld, OSSL_PKEY_PARAM_GROUP_NAME, - "prime256v1", 0); - OSSL_PARAM_BLD_push_octet_string (bld, OSSL_PKEY_PARAM_PUB_KEY, - pubpoint, sizeof (pubpoint)); - OSSL_PARAM_BLD_push_BN (bld, OSSL_PKEY_PARAM_PRIV_KEY, - BN_bin2bn (d_be, TLS_EC_COORD_SIZE, NULL)); - OSSL_PARAM *params = OSSL_PARAM_BLD_to_param (bld); - - EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name (NULL, "EC", NULL); - EVP_PKEY_fromdata_init (ctx); - EVP_PKEY_fromdata (ctx, &pkey, EVP_PKEY_KEYPAIR, params); - - EVP_PKEY_CTX_free (ctx); - OSSL_PARAM_free (params); - OSSL_PARAM_BLD_free (bld); - - return pkey; -} - /* Handle private key block (ID 4) — decrypt with PSK */ static gboolean handle_priv_block (ValidityTlsState *tls, @@ -683,10 +666,21 @@ handle_priv_block (ValidityTlsState *tls, /* Verify HMAC with psk_validation_key */ guint8 computed_mac[TLS_HMAC_SIZE]; - unsigned int mac_len; - HMAC (EVP_sha256 (), - tls->psk_validation_key, TLS_AES_KEY_SIZE, - ct, ct_len, computed_mac, &mac_len); + size_t hmac_out_len; + { + EVP_MAC *hmac_mac = EVP_MAC_fetch (NULL, "HMAC", NULL); + EVP_MAC_CTX *hmac_ctx = EVP_MAC_CTX_new (hmac_mac); + OSSL_PARAM hmac_params[] = { + OSSL_PARAM_construct_utf8_string ("digest", (char *) "SHA256", 0), + OSSL_PARAM_construct_end (), + }; + EVP_MAC_init (hmac_ctx, tls->psk_validation_key, TLS_AES_KEY_SIZE, + hmac_params); + EVP_MAC_update (hmac_ctx, ct, ct_len); + EVP_MAC_final (hmac_ctx, computed_mac, &hmac_out_len, TLS_HMAC_SIZE); + EVP_MAC_CTX_free (hmac_ctx); + EVP_MAC_free (hmac_mac); + } if (CRYPTO_memcmp (computed_mac, stored_mac, TLS_HMAC_SIZE) != 0) { @@ -742,8 +736,6 @@ handle_priv_block (ValidityTlsState *tls, return FALSE; } - const guint8 *x_le = decrypted; - const guint8 *y_le = decrypted + TLS_EC_COORD_SIZE; const guint8 *d_le = decrypted + 2 * TLS_EC_COORD_SIZE; /* Use derive_private_key approach (ignoring x,y which may be zeros) */ @@ -1245,7 +1237,7 @@ validity_tls_build_client_finish (ValidityTlsState *tls, gsize *out_len) EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name (NULL, "EC", NULL); EVP_PKEY_keygen_init (pctx); OSSL_PARAM gen_params[] = { - OSSL_PARAM_utf8_string (OSSL_PKEY_PARAM_GROUP_NAME, "prime256v1", 0), + OSSL_PARAM_utf8_string (OSSL_PKEY_PARAM_GROUP_NAME, (char *) "prime256v1", 0), OSSL_PARAM_END, }; EVP_PKEY_CTX_set_params (pctx, gen_params);