Todd Short [Fri, 1 Apr 2022 14:54:45 +0000 (10:54 -0400)]
Fix -no-tls1_2 in tests
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/18019)
Tomas Mraz [Wed, 30 Mar 2022 14:04:55 +0000 (16:04 +0200)]
Add test for openssl ecparam with fips and base providers
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17981)
Tomas Mraz [Mon, 28 Mar 2022 16:09:18 +0000 (18:09 +0200)]
ec_export: Other parameters are exportable with domain parameters
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17981)
Tomas Mraz [Wed, 6 Apr 2022 08:29:54 +0000 (10:29 +0200)]
Add test for resetting SM2 dist ID
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18052)
Tomas Mraz [Wed, 6 Apr 2022 08:03:22 +0000 (10:03 +0200)]
sm2: Allow setting 0 length SM2 dist ID param
Fixes #18022
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18052)
yuanjungong [Thu, 7 Apr 2022 04:35:59 +0000 (12:35 +0800)]
Crypto/evp: Fix null pointer dereference
Check the return value of EVP_KDF_fetch to avoid a potential
null pointer dereference.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18062)
Pauli [Thu, 31 Mar 2022 21:06:17 +0000 (08:06 +1100)]
kdf: avoid NULL dereference on malloc failure in sshkdf
Fixes #18009
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/18011)
Hugo Landau [Mon, 4 Apr 2022 12:45:44 +0000 (13:45 +0100)]
Document {SSL|SSL_CTX}_set_{purpose|trust}()
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18037)
Hugo Landau [Mon, 4 Apr 2022 12:44:31 +0000 (13:44 +0100)]
Document SSL_CTX_get_ssl_method
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18037)
Tomas Mraz [Tue, 5 Apr 2022 14:43:45 +0000 (16:43 +0200)]
test_fipsinstall: Fallback to config(FIPSKEY) for the FIPSKEY
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18048)
Hugo Landau [Mon, 4 Apr 2022 11:25:16 +0000 (12:25 +0100)]
Fix failure to check result of bn_rshift_fixed_top
Fixes #18010.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18034)
Hugo Landau [Mon, 4 Apr 2022 13:36:20 +0000 (14:36 +0100)]
Add SSL_(CTX_)?get0_(verify|chain)_cert_store functions
Currently we do not have any way to retrieve these values once set.
Fixes #18035.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18038)
Hugo Landau [Mon, 4 Apr 2022 08:23:18 +0000 (09:23 +0100)]
Remove unused libctx functions (runonce, onfree)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18031)
Daiki Ueno [Sun, 10 Oct 2021 07:14:06 +0000 (09:14 +0200)]
KTLS: Enable KTLS for receiving as well in TLS 1.3
This removes a guard condition that prevents KTLS being enabled for
receiving in TLS 1.3. Use the correct sequence number and BIO for
receive vs transmit offload.
Co-authored-by: John Baldwin <jhb@FreeBSD.org>
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17942)
Daiki Ueno [Sun, 10 Oct 2021 06:54:07 +0000 (08:54 +0200)]
KTLS: Handle TLS 1.3 in ssl3_get_record.
- Don't unpad records, check the outer record type, or extract the
inner record type from TLS 1.3 records handled by the kernel. KTLS
performs all of these steps and returns the inner record type in the
TLS header.
- When checking the length of a received TLS 1.3 record don't allow
for the extra byte for the nested record type when KTLS is used.
- Pass a pointer to the record type in the TLS header to the
SSL3_RT_INNER_CONTENT_TYPE message callback. For KTLS, the old
pointer pointed to the last byte of payload rather than the record
type. For the non-KTLS case, the TLS header has been updated with
the inner type before this callback is invoked.
Co-authored-by: John Baldwin <jhb@FreeBSD.org>
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17942)
John Baldwin [Tue, 8 Mar 2022 00:55:18 +0000 (16:55 -0800)]
KTLS: Add using_ktls helper variable in ssl3_get_record().
When KTLS receive is enabled, pending data may still be present due to
read ahead. This data must still be processed the same as records
received without KTLS. To ease readability (especially in
consideration of additional checks which will be added for TLS 1.3),
add a helper variable 'using_ktls' that is true when the KTLS receive
path is being used to receive a record.
Co-authored-by: Dmitry Podgorny <pasis.ua@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17942)
John Baldwin [Thu, 24 Feb 2022 18:12:07 +0000 (10:12 -0800)]
KTLS: Check for unprocessed receive records in ktls_configure_crypto.
KTLS implementations currently assume that the start of the in-kernel
socket buffer is aligned with the start of a TLS record for the
receive side. The socket option to enable KTLS specifies the TLS
sequence number of this initial record.
When read ahead is enabled, data can be pending in the SSL read buffer
after negotiating session keys. This pending data must be examined to
ensurs that the kernel's socket buffer does not contain a partial TLS
record as well as to determine the correct sequence number of the
first TLS record to be processed by the kernel.
In preparation for enabling receive kernel offload for TLS 1.3, move
the existing logic to handle read ahead from t1_enc.c into ktls.c and
invoke it from ktls_configure_crypto().
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17942)
Arran Cudbard-Bell [Mon, 28 Mar 2022 19:13:39 +0000 (13:13 -0600)]
Document the fact that setting a BIO create function means the BIO will no longer be marked as initialised
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/17983)
Todd C. Miller [Fri, 12 Mar 2021 20:44:54 +0000 (13:44 -0700)]
Add -static-libgcc to solaris-sparcv7-gcc shared_ldflag
This avoids a run-time dependency on libgcc_s.so which may not be
present on all systems. OpenSSL already uses -static-libgcc for
the solaris-x86-gcc and solaris64-x86_64-gcc configurations.
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14538)
Todd C. Miller [Thu, 31 Mar 2022 16:32:29 +0000 (10:32 -0600)]
Fix AIX build when no-shared is passed to Configure.
AIX shared libs are also .a files so the AIX platform staticname()
appends a '_a' to the name to avoid a collision. However, this
must not be done when no-shared is passed to Configure or the
binaries that link with -lcrypto and -lssl be unable to link as
those libraries won't exist without the '_a' suffix.
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18006)
Daniel Fiala [Tue, 29 Mar 2022 18:32:42 +0000 (20:32 +0200)]
Redefine macro X509_http_nbio to avoid using ocsp.h
The functions used from ocsp.h are actually just aliases
for functions from http.h. Use them directly to avoid
including ocsp.h.
Fixes openssl#17148
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17980)
Shi Pujin [Wed, 16 Feb 2022 02:53:56 +0000 (10:53 +0800)]
Add loongarch64 target
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17712)
Viktor Söderqvist [Fri, 1 Apr 2022 09:27:25 +0000 (11:27 +0200)]
Fix broken link to coding-style.html
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18015)
Tomas Mraz [Mon, 28 Mar 2022 17:13:22 +0000 (19:13 +0200)]
OSSL_PARAM_get_*_ptr: Drop errors from ptr/string mismatch
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17997)
Pauli [Wed, 16 Mar 2022 03:57:24 +0000 (14:57 +1100)]
Fix Coverity
1503096: out-of-bounds access
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/17898)
Pauli [Thu, 31 Mar 2022 22:33:17 +0000 (09:33 +1100)]
Fix Coverity
1498612 &
1503221: integer overflow
Both are the same issue and both as false positives. Annotate the line so
that this is ignored.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/18012)
Viktor Söderqvist [Wed, 28 Apr 2021 08:54:57 +0000 (10:54 +0200)]
CMS sign digest
CLI changes: New parameter -digest to CLI command openssl cms, to
provide pre-computed digest for use with -sign.
API changes: New function CMS_final_digest(), like CMS_final() but
uses a pre-computed digest instead of computing it from the data.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/15348)
Tomas Mraz [Fri, 25 Mar 2022 14:13:16 +0000 (15:13 +0100)]
req, x509: Allow printing modulus of RSA-PSS keys
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17990)
Hugo Landau [Mon, 14 Mar 2022 08:13:12 +0000 (08:13 +0000)]
Refactor OSSL_LIB_CTX to avoid using CRYPTO_EX_DATA
This refactors OSSL_LIB_CTX to avoid using CRYPTO_EX_DATA. The assorted
objects to be managed by OSSL_LIB_CTX are hardcoded and are initialized
eagerly rather than lazily, which avoids the need for locking on access
in most cases.
Fixes #17116.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17881)
Sebastian Pop [Mon, 28 Mar 2022 20:58:15 +0000 (20:58 +0000)]
disable 5x interleave on buffers shorter than 512 bytes: 3% speedup on Graviton2
d6e4287c9726691e800bff221be71edd894a3c6a introduced 5x interleaving as an
optimization for ThunderX2, and that leads to some performance degradation on
when encoding short buffers. We found this performance degradation by measuring
the performance of nginx on Ubuntu 20.04 that comes with OpenSSL 1.1.1f and
Ubuntu 22.04 with OpenSSL 3.0.1.
This patch limits the 5x interleave to buffers larger than 512 bytes.
On Graviton2 we see the following performance with this patch:
$ openssl speed -evp aes-128-gcm -bytes 128
AES-128-GCM 64 bytes 79 bytes 80 bytes 128 bytes 256 bytes 511 bytes 512 bytes 1024 bytes
master
1062564.71k 775113.11k
1069959.33k
1411716.28k
1653114.86k
1585981.16k
1973683.03k
2203214.08k
master+patch
1062729.28k 771915.11k
1103883.42k
1458665.43k
1708701.20k
1647060.84k
1975571.80k
2204038.42k
diff 0% 0% 3% 3% 3% 4% 0% 0%
revert d6e428
1055290.03k 773448.92k
1117411.97k
1441478.57k
1695698.52k
1634598.04k
1981851.65k
2196680.36k
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17984)
Pauli [Fri, 25 Mar 2022 23:03:53 +0000 (10:03 +1100)]
doc: fix example in ssh KDF man page.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17972)
Ben Avison [Tue, 29 Mar 2022 13:33:13 +0000 (14:33 +0100)]
Remove further uses of __ARMEL__ in AArch64 assembly
The sweep of the source tree in #17373 missed the BSAES assembly due its
PR #14592 having been temporarily backed out at the time.
This constitutes a partial fix for #17958 - covers cases except when
configured with -DOPENSSL_AES_CONST_TIME.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17988)
Tomas Mraz [Tue, 22 Mar 2022 15:33:52 +0000 (16:33 +0100)]
Test processing of a duplicated HRR
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17936)
Tomas Mraz [Tue, 22 Mar 2022 11:34:07 +0000 (12:34 +0100)]
tls_process_server_hello: Disallow repeated HRR
Repeated HRR must be rejected.
Fixes #17934
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17936)
Pauli [Mon, 28 Mar 2022 01:14:22 +0000 (12:14 +1100)]
sparse array: reduces the block size
This becomes a performance improvement in the ossl_sa_doall_arg function which
has started appearing on profile output. The other ossl_sa_ functions don't
contribute significantly to profile output.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17973)
Pauli [Tue, 15 Mar 2022 03:35:30 +0000 (14:35 +1100)]
document the safe_div_round_up_TYPE functions
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17884)
Pauli [Tue, 15 Mar 2022 03:28:07 +0000 (14:28 +1100)]
Use safe math to computer sizes.
The sizes are rounded via the expression: (cmpl + 7) / 8 which overflows if
cmpl is near to the type's maximum. Instead we use the safe_math function to
computer this without any possibility of error.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17884)
Pauli [Tue, 15 Mar 2022 03:19:07 +0000 (14:19 +1100)]
Add a divide rounding up safe math function.
This function takes arguments a & b and computes a / b rounding any
remainder up.
It is safe with respect to overflow and negative inputs. It's only fast for
non-negative inputs.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17884)
Hugo Landau [Mon, 28 Mar 2022 11:10:06 +0000 (12:10 +0100)]
Fix typo in manpage SSL_CONF_cmd(3)
Fixes #17976.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17977)
Hugo Landau [Tue, 22 Mar 2022 10:59:36 +0000 (10:59 +0000)]
Remove statistics tracking from LHASH
Fixes #17928. Supercedes #17931.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17935)
Kevin K Biju [Wed, 23 Mar 2022 05:10:50 +0000 (10:40 +0530)]
Size of random output is now a long, also added option to select chunk size
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17949)
Pauli [Thu, 24 Mar 2022 03:31:19 +0000 (14:31 +1100)]
Fix Coverity
1503218: negative loop bound
OPENSSL_sk_num returns an integer which can theoretically be negative.
Assigning this to a size_t and using it as a loop bound isn't ideal.
Rather than adding checked for NULL or negative returns, changing the loop
index and end to int is simpler.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17954)
Todd Short [Wed, 23 Mar 2022 22:55:10 +0000 (18:55 -0400)]
ticket_lifetime_hint may exceed 1 week in TLSv1.3
For TLSv1.3, limit ticket lifetime hint to 1 week per RFC8446
Fixes #17948
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17952)
Juergen Christ [Wed, 23 Mar 2022 12:26:13 +0000 (13:26 +0100)]
s390x: Hide internal cpuid symbol and function
The symbol OPENSSL_s390xcap_P and the OPENSSL_cpuid_setup function are not
exported by the version script of OpenSSL. However, if someone uses the
static library without the version script, these symbols all of a sudden
become global symbols and their usage in assembler code does not correctly
reflect that for PIC. Since these symbols should never be used outside of
OpenSSL, hide them inside the binary.
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17946)
Tomas Mraz [Thu, 24 Mar 2022 15:18:33 +0000 (16:18 +0100)]
Fix formatting of NOTES-WINDOWS.md and doc-nits failure
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/17960)
Pauli [Wed, 16 Mar 2022 03:13:25 +0000 (14:13 +1100)]
Fix Coverity
1498612: integer overflow
The assert added cannot ever fail because (current & 0xFFFF) != 0 from the
while loop and the trailing zero bit count therefore cannot be as large as 32.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17892)
Gabor Kertesz [Tue, 22 Mar 2022 17:13:22 +0000 (18:13 +0100)]
Add build note for win-arm64
Windows on Arm is not officially supported by release, but with
x86 emulated Perl it can be built locally.
This method is added to Windows notes.
Locally all tests are passed on win-arm64.
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17940)
Daniel Fiala [Sun, 13 Mar 2022 05:56:13 +0000 (06:56 +0100)]
Add support for mac-less password-base PKCS12 files to PKCS12_parse API.
Fixes openssl#17720.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17882)
Tomas Mraz [Tue, 22 Mar 2022 15:43:47 +0000 (16:43 +0100)]
Disable the test_afalg on cross compile targets
The afalg engine does not work when run through qemu.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17945)
Hugo Landau [Thu, 17 Mar 2022 17:29:22 +0000 (17:29 +0000)]
Decoder resolution performance optimizations
This refactors decoder functionality to reduce calls to
OSSL_DECODER_is_a / EVP_KEYMGMT_is_a, which are substantial bottlenecks
in the performance of repeated decode operations (see #15199).
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17921)
Richard Levitte [Mon, 21 Mar 2022 15:23:09 +0000 (16:23 +0100)]
util/markdownlint.rb: Allow fenced code blocks
We use both indented and fenced styles in diverse markdown files.
We try to do this consistently in each file, though.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17933)
Pauli [Wed, 16 Mar 2022 02:48:27 +0000 (13:48 +1100)]
Fix Coverity
1201763 uninitialised pointer read
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17890)
Pauli [Wed, 16 Mar 2022 03:07:45 +0000 (14:07 +1100)]
Fix Coverity
1498613: resource leak
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17891)
Pauli [Wed, 16 Mar 2022 03:21:01 +0000 (14:21 +1100)]
Fix Coverity
1498611 &
1498608: uninitialised read
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17893)
Pauli [Wed, 16 Mar 2022 03:36:57 +0000 (14:36 +1100)]
Fix Coverity
1498610 &
1498609: uninitised value
Both are false positives, but better to be rid of them forever than ignoring
them and having repeats.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17895)
Ross Burton [Thu, 27 Jan 2022 11:56:56 +0000 (11:56 +0000)]
Configure: don't try to be clever when configuring afalgeng
If the afalgeng is enabled then Configure tries to be clever but fails,
by only actually building afalgeng if it isn't being cross-compiled and
if the current kernel is 4.1+.
This means that everyone cross compiling, or whose builder machines are
running older kernels (not uncommon for build farms), can't enable
afalgeng.
Instead remove the cleverness and simply enable/disable as requested.
Fixes #7687
CLA: trivial
Signed-off-by: Ross Burton <ross.burton@arm.com>
Change-Id: I023b6cb535d5b5811823d4814fa939de3f304886
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7688)
Daniel Fiala [Wed, 16 Mar 2022 19:30:38 +0000 (20:30 +0100)]
Make `openssl check -rsa ...` to work for both RSA and RSA-PSS.
Fixes openssl#17167
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17920)
(cherry picked from commit
5d1f357a01f668f708c1abd7567175b4a0f18a38)
XiaokangQian [Mon, 14 Mar 2022 08:59:54 +0000 (08:59 +0000)]
Fix incorrect comments in aes-gcm-armv8-unroll8_64.pl
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17918)
Hugo Landau [Mon, 7 Mar 2022 15:12:07 +0000 (15:12 +0000)]
Add EVP RSA key encode/decode demo
Fixes #14116.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17826)
Pauli [Wed, 16 Mar 2022 03:45:44 +0000 (14:45 +1100)]
Fix coverity
1498607: uninitialised value
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17897)
Dr. David von Oheimb [Tue, 15 Mar 2022 17:40:32 +0000 (18:40 +0100)]
OSSL_CMP_CTX_new.pod: make references to private key consistent with OSSL_CMP_MSG_get0_header.pod
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/17887)
Dr. David von Oheimb [Tue, 15 Mar 2022 17:39:13 +0000 (18:39 +0100)]
OSSL_CMP_MSG_get0_header.pod: re-phrase two lenthy otherwise clauses as lists
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/17887)
Dr. David von Oheimb [Tue, 15 Mar 2022 12:26:23 +0000 (13:26 +0100)]
SSL_CTX_set_verify.pod: move a note further down where it fits better
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/17887)
David Carlier [Wed, 16 Mar 2022 23:21:58 +0000 (23:21 +0000)]
print SSL session, fix build warnings on OpenBSD.
time_t is a 64 bits type on this platform.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17917)
Tomas Mraz [Wed, 16 Mar 2022 11:14:16 +0000 (12:14 +0100)]
eng_dyn: Avoid spurious errors when checking for 1.1.x engine
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17901)
Hugo Landau [Wed, 16 Mar 2022 16:40:14 +0000 (16:40 +0000)]
Fix documentation for provider-signature
Fixes #17909.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17914)
Hugo Landau [Wed, 16 Mar 2022 16:32:08 +0000 (16:32 +0000)]
Fix declaration inconsistency (Camellia)
Fixes #17911.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17912)
Hugo Landau [Wed, 16 Mar 2022 17:00:32 +0000 (17:00 +0000)]
List missing operations in provider(7)
Fixes #17910.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17915)
Tobias Nießen [Wed, 16 Mar 2022 00:33:46 +0000 (01:33 +0100)]
Fix typos in CCM test vector titles
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17889)
tangyiqun [Wed, 9 Mar 2022 10:06:41 +0000 (18:06 +0800)]
check return value of functions that call BIO_new()
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17850)
Matt Caswell [Mon, 14 Mar 2022 16:39:43 +0000 (16:39 +0000)]
Update CHANGES/NEWS for new release
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Tomas Mraz [Mon, 28 Feb 2022 17:26:35 +0000 (18:26 +0100)]
Add a negative testcase for BN_mod_sqrt
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Tomas Mraz [Mon, 28 Feb 2022 17:26:30 +0000 (18:26 +0100)]
Add documentation of BN_mod_sqrt()
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Tomas Mraz [Mon, 28 Feb 2022 17:26:21 +0000 (18:26 +0100)]
Fix possible infinite loop in BN_mod_sqrt()
The calculation in some cases does not finish for non-prime p.
This fixes CVE-2022-0778.
Based on patch by David Benjamin <davidben@google.com>.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Hugo Landau [Fri, 11 Mar 2022 06:57:26 +0000 (06:57 +0000)]
Fix signed integer overflow in evp_enc
Fixes #17869.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17870)
Oliver Roberts [Sat, 12 Mar 2022 14:39:01 +0000 (14:39 +0000)]
Fixed typo in inner_evp_generic_fetch() error handling
Fixes #17876
CLA: trivial
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17877)
Hugo Landau [Thu, 10 Mar 2022 12:42:05 +0000 (12:42 +0000)]
Fix IV length caching in EVP encryption code
The IV length cache value was being invalidated excessively, causing IV
length caching to be ineffective.
Related to #17064.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17862)
Andrey Matyukov [Thu, 10 Mar 2022 21:27:33 +0000 (14:27 -0700)]
aes-gcm-avx512.pl: Fixed mingw64 build
Decoration prefix for some assembler labels in aes-gcm-avx512.pl was
fixed for mingw64 build.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17868)
Hugo Landau [Wed, 2 Mar 2022 07:38:15 +0000 (07:38 +0000)]
Add EVP demo for SIPHASH
Fixes #14121.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17793)
Hugo Landau [Fri, 11 Mar 2022 14:02:39 +0000 (14:02 +0000)]
Fix bug in scrypt KDF provider dup method
The scrypt KDF provider's dup method calls kdf_scrypt_new passing a
libctx, but a provider context is expected. Since the provider context
is passed as void *, this was not caught.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17873)
Tomas Mraz [Thu, 10 Mar 2022 17:41:30 +0000 (18:41 +0100)]
evp_test: Add testcases for DH KEX with X9.42 KDF
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17859)
Tomas Mraz [Thu, 10 Mar 2022 12:13:40 +0000 (13:13 +0100)]
Fix documentation of parameters for DH and ECDH KEX
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17859)
Tomas Mraz [Thu, 10 Mar 2022 12:11:21 +0000 (13:11 +0100)]
DH: Make padding always on when X9.42 KDF is used
Fixes #17834
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17859)
Hugo Landau [Fri, 4 Mar 2022 12:53:50 +0000 (12:53 +0000)]
Add manpages for SSL_get_certificate, SSL_get_private_key
This is as I understand these functions from reading the code.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17815)
Jiasheng Jiang [Mon, 7 Mar 2022 09:51:25 +0000 (17:51 +0800)]
crypto/pem/pem_lib.c: Add check for BIO_read
As the potential failure of the BIO_read(),
it should be better to add the check and return
error if fails.
Also, in order to decrease the same code, using
'out_free' will be better.
Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17754)
Hugo Landau [Mon, 7 Mar 2022 13:29:49 +0000 (13:29 +0000)]
Add EVP demo for RSA key generation
Fixes #14111.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17824)
Tomas Mraz [Mon, 7 Mar 2022 14:46:58 +0000 (15:46 +0100)]
Replace handling of negative verification result with SSL_set_retry_verify()
Provide a different mechanism to indicate that the application wants
to retry the verification. The negative result of the callback function
now indicates an error again.
Instead the SSL_set_retry_verify() can be called from the callback
to indicate that the handshake should be suspended.
Fixes #17568
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17825)
Danny Tsen [Wed, 23 Feb 2022 19:18:35 +0000 (13:18 -0600)]
Fixed conditional statement testing 64 and 256 bytes
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17760)
Hugo Landau [Thu, 10 Mar 2022 09:38:09 +0000 (09:38 +0000)]
EVP_MD performance fix (refcount cache contention)
Partial fix for #17064. Avoid excessive writes to the cache line
containing the refcount for an EVP_MD object to avoid extreme
cache contention when using a single EVP_MD at high frequency on
multiple threads. This changes performance in 3.0 from being double
that of 1.1 to only slightly higher than that of 1.1.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17857)
Richard Levitte [Thu, 10 Mar 2022 12:29:25 +0000 (13:29 +0100)]
Make ossltest engine use in test/recipes/20-test_dgst.t platform agnostic
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17861)
Dr. David von Oheimb [Thu, 17 Feb 2022 18:40:29 +0000 (19:40 +0100)]
OSSL_CMP_CTX_setup_CRM(): Fix handling of defaults from CSR and refcert
Also update and complete related documentation.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/17726)
Todd Short [Wed, 9 Mar 2022 22:05:45 +0000 (17:05 -0500)]
DOC: TLS compression is disabled by default
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/17854)
Dr. Matthias St. Pierre [Wed, 9 Mar 2022 22:58:02 +0000 (23:58 +0100)]
README: add missing link to OpenSSL 3.0 manual pages
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17855)
Todd Short [Wed, 8 Sep 2021 20:23:04 +0000 (16:23 -0400)]
Add TFO support to socket BIO and s_client/s_server
Supports Linux, MacOS and FreeBSD
Disabled by default, enabled via `enabled-tfo`
Some tests
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8692)
Tomas Mraz [Wed, 9 Mar 2022 08:48:42 +0000 (09:48 +0100)]
Drop ariacbc demo binary
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17848)
EasySec [Wed, 9 Mar 2022 00:00:19 +0000 (01:00 +0100)]
Allow to *just* print key and IV of unstreamable modes when no input files
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17843)
xkernel [Tue, 8 Mar 2022 11:48:54 +0000 (19:48 +0800)]
check the return of OPENSSL_sk_new_null
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/17836)
Todd Short [Tue, 8 Mar 2022 14:36:43 +0000 (09:36 -0500)]
Set protocol in init_client()
If TCP is being used, protocol = 0 is passed to init_client(), then
protocol == IPPROTO_TCP fails when attempting to set BIO_SOCK_NODELAY.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17838)
Dmitry Belyavskiy [Mon, 7 Mar 2022 16:05:57 +0000 (17:05 +0100)]
Avoid potential memory leak
Resolves #17827
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17828)
xkernel [Mon, 7 Mar 2022 07:43:16 +0000 (15:43 +0800)]
check the return value of BIO_new_file()
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17820)