Add a legacy provider and put MD2 in it

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8541)

Configure

@@ -374,6 +374,7 @@ my @disablables = (
     "fuzz-afl",
     "gost",
     "idea",
+    "legacy",
     "makedepend",
     "md2",
     "md4",
@@ -513,7 +514,7 @@ my @disable_cascades = (
     # or modules.
     "pic"               => [ "shared", "module" ],
 
-    "module"            => [ "fips" ],
+    "module"            => [ "fips", "legacy" ],
 
     "engine"            => [ grep /eng$/, @disablables ],
     "hw"                => [ "padlockeng" ],
@@ -532,6 +533,7 @@ my @disable_cascades = (
     sub { !$disabled{"msan"} } => [ "asm" ],
 
     sub { $disabled{cmac}; } => [ "siv" ],
+    "legacy"                 => [ "md2" ],
     );
 
 # Avoid protocol support holes.  Also disable all versions below N, if version
@@ -1226,7 +1228,7 @@ foreach my $what (sort keys %disabled) {
 
     if (!grep { $what eq $_ } ( 'buildtest-c++', 'fips', 'threads', 'shared',
                                 'module', 'pic', 'dynamic-engine', 'makedepend',
-                                'zlib-dynamic', 'zlib', 'sse2' )) {
+                                'zlib-dynamic', 'zlib', 'sse2', 'legacy' )) {
         (my $WHAT = uc $what) =~ s|-|_|g;
         my $skipdir = $what;
 

INSTALL

@@ -409,6 +409,10 @@
                    available if the GOST algorithms are also available through
                    loading an externally supplied engine.
 
+  no-legacy
+                   Don't build the legacy provider. Disabling this also disables
+                   the legacy algorithms: MD2 (already disabled by default).
+
   no-makedepend
                    Don't generate dependencies.
 

crypto/evp/digest.c

@@ -145,6 +145,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
     if (type->prov == NULL) {
         switch(type->type) {
         case NID_sha256:
+        case NID_md2:
             break;
         default:
             goto legacy;

crypto/property/property_parse.c

@@ -523,6 +523,7 @@ int ossl_property_parse_init(void)
 {
     static const char *const predefined_names[] = {
         "default",      /* Being provided by the default built-in provider */
+        "legacy",       /* Provided by the legacy provider */
         "provider",     /* Name of provider (default, fips) */
         "version",      /* Version number of this provider */
         "fips",         /* FIPS supporting provider */

providers/build.info

@@ -10,3 +10,14 @@ IF[{- !$disabled{fips} -}]
   INCLUDE[fips]=.. ../include ../crypto/include
   DEFINE[fips]=FIPS_MODE
 ENDIF
+
+IF[{- !$disabled{legacy} -}]
+  SUBDIRS=legacy
+  MODULES=legacy
+  IF[{- defined $target{shared_defflag} -}]
+    SOURCE[legacy]=legacy.ld
+    GENERATE[legacy.ld]=../util/providers.num
+  ENDIF
+  INCLUDE[legacy]=.. ../include ../crypto/include
+  DEPEND[legacy]=../libcrypto
+ENDIF

providers/legacy/build.info

@@ -0,0 +1,4 @@
+SUBDIRS=digests
+
+SOURCE[../legacy]=\
+        legacyprov.c

providers/legacy/digests/build.info

@@ -0,0 +1,4 @@
+IF[{- !$disabled{md2} -}]
+  SOURCE[../../legacy]=\
+          md2.c
+ENDIF

providers/legacy/digests/md2.c

@@ -0,0 +1,63 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/md2.h>
+#include <openssl/crypto.h>
+#include <openssl/core_numbers.h>
+
+static int md2_final(void *ctx, unsigned char *md, size_t *size)
+{
+    if (MD2_Final(md, ctx)) {
+        *size = MD2_DIGEST_LENGTH;
+        return 1;
+    }
+
+    return 0;
+}
+
+static void *md2_newctx(void)
+{
+    MD2_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
+
+    return ctx;
+}
+
+static void md2_freectx(void *vctx)
+{
+    MD2_CTX *ctx = (MD2_CTX *)vctx;
+
+    OPENSSL_clear_free(ctx,  sizeof(*ctx));
+}
+
+static void *md2_dupctx(void *ctx)
+{
+    MD2_CTX *in = (MD2_CTX *)ctx;
+    MD2_CTX *ret = OPENSSL_malloc(sizeof(*ret));
+
+    *ret = *in;
+
+    return ret;
+}
+
+static size_t md2_size(void)
+{
+    return MD2_DIGEST_LENGTH;
+}
+
+extern const OSSL_DISPATCH md2_functions[];
+const OSSL_DISPATCH md2_functions[] = {
+    { OSSL_FUNC_DIGEST_NEWCTX, (void (*)(void))md2_newctx },
+    { OSSL_FUNC_DIGEST_INIT, (void (*)(void))MD2_Init },
+    { OSSL_FUNC_DIGEST_UPDDATE, (void (*)(void))MD2_Update },
+    { OSSL_FUNC_DIGEST_FINAL, (void (*)(void))md2_final },
+    { OSSL_FUNC_DIGEST_FREECTX, (void (*)(void))md2_freectx },
+    { OSSL_FUNC_DIGEST_DUPCTX, (void (*)(void))md2_dupctx },
+    { OSSL_FUNC_DIGEST_SIZE, (void (*)(void))md2_size },
+    { 0, NULL }
+};

providers/legacy/legacyprov.c

@@ -0,0 +1,101 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <string.h>
+#include <stdio.h>
+#include <openssl/core.h>
+#include <openssl/core_numbers.h>
+#include <openssl/core_names.h>
+#include <openssl/params.h>
+
+/* Functions provided by the core */
+static OSSL_core_get_param_types_fn *c_get_param_types = NULL;
+static OSSL_core_get_params_fn *c_get_params = NULL;
+
+/* Parameters we provide to the core */
+static const OSSL_ITEM legacy_param_types[] = {
+    { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_NAME },
+    { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_VERSION },
+    { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_BUILDINFO },
+    { 0, NULL }
+};
+
+static const OSSL_ITEM *legacy_get_param_types(const OSSL_PROVIDER *prov)
+{
+    return legacy_param_types;
+}
+
+static int legacy_get_params(const OSSL_PROVIDER *prov,
+                            const OSSL_PARAM params[])
+{
+    const OSSL_PARAM *p;
+
+    p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME);
+    if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "OpenSSL Legacy Provider"))
+        return 0;
+    p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION);
+    if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_VERSION_STR))
+        return 0;
+    p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_BUILDINFO);
+    if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, OPENSSL_FULL_VERSION_STR))
+        return 0;
+
+    return 1;
+}
+
+extern const OSSL_DISPATCH md2_functions[];
+
+static const OSSL_ALGORITHM legacy_digests[] = {
+#ifndef OPENSSL_NO_MD2
+    { "MD2", "legacy=yes", md2_functions },
+#endif
+    { NULL, NULL, NULL }
+};
+
+static const OSSL_ALGORITHM *legacy_query(OSSL_PROVIDER *prov,
+                                          int operation_id,
+                                          int *no_cache)
+{
+    *no_cache = 0;
+    switch (operation_id) {
+    case OSSL_OP_DIGEST:
+        return legacy_digests;
+    }
+    return NULL;
+}
+
+/* Functions we provide to the core */
+static const OSSL_DISPATCH legacy_dispatch_table[] = {
+    { OSSL_FUNC_PROVIDER_GET_PARAM_TYPES, (void (*)(void))legacy_get_param_types },
+    { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))legacy_get_params },
+    { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))legacy_query },
+    { 0, NULL }
+};
+
+int OSSL_provider_init(const OSSL_PROVIDER *provider,
+                       const OSSL_DISPATCH *in,
+                       const OSSL_DISPATCH **out)
+{
+    for (; in->function_id != 0; in++) {
+        switch (in->function_id) {
+        case OSSL_FUNC_CORE_GET_PARAM_TYPES:
+            c_get_param_types = OSSL_get_core_get_param_types(in);
+            break;
+        case OSSL_FUNC_CORE_GET_PARAMS:
+            c_get_params = OSSL_get_core_get_params(in);
+            break;
+        /* Just ignore anything we don't understand */
+        default:
+            break;
+        }
+    }
+
+    *out = legacy_dispatch_table;
+    return 1;
+}

test/md2test.c

@@ -9,9 +9,12 @@
 
 #include <string.h>
 
+#include <openssl/provider.h>
 #include "internal/nelem.h"
 #include "testutil.h"
 
+static OSSL_PROVIDER *prov = NULL;
+
 #ifndef OPENSSL_NO_MD2
 # include <openssl/evp.h>
 # include <openssl/md2.h>
@@ -58,6 +61,17 @@ static int test_md2(int n)
 }
 #endif
 
+int global_init(void)
+{
+    prov = OSSL_PROVIDER_load(NULL, "legacy");
+
+    return prov != NULL;
+}
+void cleanup_tests(void)
+{
+    OSSL_PROVIDER_unload(prov);
+}
+
 int setup_tests(void)
 {
 #ifndef OPENSSL_NO_MD2

test/recipes/05-test_md2.t

@@ -8,5 +8,10 @@
 
 
 use OpenSSL::Test::Simple;
+use OpenSSL::Test qw/:DEFAULT bldtop_dir/;
+
+setup("test_md2");
+
+$ENV{OPENSSL_MODULES} = bldtop_dir("providers");
 
 simple_test("test_md2", "md2test", "md2");