openssl.git
14 months agoQUIC ACKM: Clarify probe types
Hugo Landau [Fri, 16 Dec 2022 10:11:10 +0000 (10:11 +0000)]
QUIC ACKM: Clarify probe types

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19925)

14 months agoSSL_conf_cmd: add support for IgnoreUnexpectedEOF
Steffen Nurpmeso [Thu, 19 Jan 2023 21:04:46 +0000 (22:04 +0100)]
SSL_conf_cmd: add support for IgnoreUnexpectedEOF

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20089)

14 months agoEnable AES optimisation on Apple Silicon M2-based systems
Tom Cosgrove [Wed, 25 Jan 2023 19:34:25 +0000 (19:34 +0000)]
Enable AES optimisation on Apple Silicon M2-based systems

Gives a performance enhancement of 16-38%, similar to the M1.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20141)

14 months agocoverity 1520506: error handling
Pauli [Wed, 25 Jan 2023 01:06:23 +0000 (12:06 +1100)]
coverity 1520506: error handling

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20132)

14 months agocoverity 1520505: error handling
Pauli [Wed, 25 Jan 2023 01:06:09 +0000 (12:06 +1100)]
coverity 1520505: error handling

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20132)

15 months agocompute_pqueue_growth(): Fix the return type
Tomas Mraz [Mon, 16 Jan 2023 11:26:20 +0000 (12:26 +0100)]
compute_pqueue_growth(): Fix the return type

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20012)

15 months agoImplement BIO_s_dgram_mem() reusing the BIO_s_dgram_pair() code
Tomas Mraz [Mon, 9 Jan 2023 17:39:50 +0000 (18:39 +0100)]
Implement BIO_s_dgram_mem() reusing the BIO_s_dgram_pair() code

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20012)

15 months agoRevert "Give BIO_s_mem() the ability to support datagrams"
Tomas Mraz [Mon, 9 Jan 2023 17:03:07 +0000 (18:03 +0100)]
Revert "Give BIO_s_mem() the ability to support datagrams"

This reverts commit 5a4ba72f00f9b336a4d65abff822699ceb9617c6.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20012)

15 months agoQUIC FIN Support: Documentation fixups
Hugo Landau [Thu, 26 Jan 2023 13:24:35 +0000 (13:24 +0000)]
QUIC FIN Support: Documentation fixups

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19897)

15 months agoQUIC FIN Support: Various fixes
Hugo Landau [Tue, 24 Jan 2023 10:34:00 +0000 (10:34 +0000)]
QUIC FIN Support: Various fixes

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19897)

15 months agoQUIC TSERVER: Fix probable nondeterminism in some OS network stacks
Hugo Landau [Thu, 5 Jan 2023 10:51:14 +0000 (10:51 +0000)]
QUIC TSERVER: Fix probable nondeterminism in some OS network stacks

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19897)

15 months agoQUIC: Add documentation for stream and connection shutdown functions
Hugo Landau [Thu, 5 Jan 2023 08:35:07 +0000 (08:35 +0000)]
QUIC: Add documentation for stream and connection shutdown functions

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19897)

15 months agoQUIC Test Server: Exercise end-of-stream condition on read and write
Hugo Landau [Tue, 13 Dec 2022 12:29:23 +0000 (12:29 +0000)]
QUIC Test Server: Exercise end-of-stream condition on read and write

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19897)

15 months agoQUIC Front End I/O API: Add support for signalling and detecting end-of-stream
Hugo Landau [Tue, 13 Dec 2022 12:28:54 +0000 (12:28 +0000)]
QUIC Front End I/O API: Add support for signalling and detecting end-of-stream

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19897)

15 months agoQUIC TXP: Fix handling of FIN stream chunks
Hugo Landau [Tue, 13 Dec 2022 12:27:43 +0000 (12:27 +0000)]
QUIC TXP: Fix handling of FIN stream chunks

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19897)

15 months agoQUIC: Refine SSL_shutdown and begin to implement SSL_shutdown_ex
Hugo Landau [Tue, 13 Dec 2022 12:27:05 +0000 (12:27 +0000)]
QUIC: Refine SSL_shutdown and begin to implement SSL_shutdown_ex

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19897)

15 months agoAdd notes about ignoring initialization failures on contexts
Tomas Mraz [Wed, 25 Jan 2023 09:15:05 +0000 (10:15 +0100)]
Add notes about ignoring initialization failures on contexts

Fixes #20130

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/20136)

15 months agoDocument that the RSA e value is mandatory when importing.
slontis [Wed, 25 Jan 2023 01:06:34 +0000 (11:06 +1000)]
Document that the RSA e value is mandatory when importing.

The lab tried doing a RSA decryption primitive using just n (using p, q) and d.

This failed for 2 reasons:
(1) e is required when importing
(2) Internally e is used for blinding.

Note n and e can be calculated using:
n = pq
e = (1/d) mod (p-1)(q-1)

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20133)

15 months agoFix Coverity 1520485: logically dead code
Pauli [Tue, 24 Jan 2023 01:23:37 +0000 (12:23 +1100)]
Fix Coverity 1520485: logically dead code

The check is unnecessary as the condition is already checked
before the switch statement.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20121)

15 months agoRevert "CI: cross-compile: riscv: Add RV64 machine with Zb* and Zk*"
Christoph Müllner [Wed, 25 Jan 2023 16:48:41 +0000 (17:48 +0100)]
Revert "CI: cross-compile: riscv: Add RV64 machine with Zb* and Zk*"

This reverts commit e787c57c538d0922004e49a10be0d403af773272.

The current CI host system is Ubuntu 22.04, which ships with QEMU 6.2.
This QEMU release is too old for the required RISC-V extensions.
We would need at least QEMU 7.1 (Aug 2022) for this patch.

Let's revert the patch.

Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20139)

15 months agoClarify the change of enc -S behavior in 3.0
Viktor Dukhovni [Tue, 24 Jan 2023 13:40:57 +0000 (14:40 +0100)]
Clarify the change of enc -S behavior in 3.0

Fixes  #19730

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19732)

15 months agorename 90-test_traceapi.t to 90-test_trace_api.t for consistency
Dr. David von Oheimb [Wed, 21 Dec 2022 13:16:33 +0000 (14:16 +0100)]
rename 90-test_traceapi.t to 90-test_trace_api.t for consistency

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18704)

15 months agoOSSL_HTTP_REQ_CTX_nbio(): use OSSL_TRACE_STRING() for msg body where it makes sense
Dr. David von Oheimb [Fri, 1 Jul 2022 20:12:08 +0000 (22:12 +0200)]
OSSL_HTTP_REQ_CTX_nbio(): use OSSL_TRACE_STRING() for msg body where it makes sense

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18704)

15 months agoadd OSSL_TRACE_STRING(), OSSL_TRACE_STRING_MAX, and OSSL_trace_string()
Dr. David von Oheimb [Fri, 1 Jul 2022 20:09:18 +0000 (22:09 +0200)]
add OSSL_TRACE_STRING(), OSSL_TRACE_STRING_MAX, and OSSL_trace_string()

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18704)

15 months agoFix incomplete checks for EVP_CIPHER_asn1_to_param
Niels Dossche [Mon, 23 Jan 2023 16:16:34 +0000 (17:16 +0100)]
Fix incomplete checks for EVP_CIPHER_asn1_to_param

EVP_CIPHER_asn1_to_param() returns a value <= 0 in case of an error, and
a value greater than 0 in case of success. Two callsites only check for
< 0 instead of <= 0. The other callsites perform this check correctly.
Change the two callsites to <= 0. Additionally correctly handle a zero
return value from EVP_CIPHER_get_asn1_iv as success.

Fixes: #20116
CLA: trivial

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/201213)

15 months agoRemove the user_ssl field
Matt Caswell [Mon, 23 Jan 2023 14:04:26 +0000 (14:04 +0000)]
Remove the user_ssl field

The user_ssl field in an SSL_CONNECTION is no longer used - so remove it.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)

15 months agoAdd QUIC-TLS server support
Matt Caswell [Tue, 29 Nov 2022 11:26:08 +0000 (11:26 +0000)]
Add QUIC-TLS server support

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)

15 months agoRemove the old Dummy Handshake code
Matt Caswell [Wed, 23 Nov 2022 16:20:14 +0000 (16:20 +0000)]
Remove the old Dummy Handshake code

Now that we have a real TLS handshake we no longer need the dummy handshake
implementation and it can be removed.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)

15 months agoAdd support for the msg_callback
Matt Caswell [Fri, 18 Nov 2022 11:39:33 +0000 (11:39 +0000)]
Add support for the msg_callback

Having support for the msg_callback will improve debug capabilities.

For record headers we "manufacture" dummy ones so that as far as the
callback is concerned we are doing "normal" TLS.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)

15 months agoReplace use of the Dummy Handshake Layer with the real one
Matt Caswell [Fri, 18 Nov 2022 12:38:50 +0000 (12:38 +0000)]
Replace use of the Dummy Handshake Layer with the real one

We start using the QUIC TLS implementation rather than the dummy one.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)

15 months agoAdd an initial QUIC-TLS implementation
Matt Caswell [Fri, 18 Nov 2022 12:38:38 +0000 (12:38 +0000)]
Add an initial QUIC-TLS implementation

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)

15 months agoAdd the ability to add a custom extension on an SSL object
Matt Caswell [Mon, 14 Nov 2022 15:29:38 +0000 (15:29 +0000)]
Add the ability to add a custom extension on an SSL object

Previously we could only do this at the SSL_CTX level. We add the ability
to also do this on an SSL - but only for internal code.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)

15 months agoExtend the new_record_layer function
Matt Caswell [Mon, 14 Nov 2022 14:19:53 +0000 (14:19 +0000)]
Extend the new_record_layer function

Add the ability to pass the main secret and length, as well as the
digest used for the KDF.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)

15 months agoAdd support for setting a custom TLS Record Layer
Matt Caswell [Thu, 10 Nov 2022 16:05:16 +0000 (16:05 +0000)]
Add support for setting a custom TLS Record Layer

This is just an internal API for now. Something like this will be made
public API at some point - but it is likely to be based on the provider
interface rather that a direct setting of a METHOD like we do for now.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)

15 months agoRemove an unneeded OSSL_RECORD_METHOD function
Matt Caswell [Thu, 10 Nov 2022 15:45:46 +0000 (15:45 +0000)]
Remove an unneeded OSSL_RECORD_METHOD function

The reset() function was never called so it can be removed.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)

15 months agoMove recordmethod.h to be an "internal" header
Matt Caswell [Thu, 10 Nov 2022 14:25:21 +0000 (14:25 +0000)]
Move recordmethod.h to be an "internal" header

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)

15 months agoCreate the SSL object for QUIC-TLS
Matt Caswell [Tue, 8 Nov 2022 16:20:08 +0000 (16:20 +0000)]
Create the SSL object for QUIC-TLS

The "user" SSL object which represents the QUIC connection should have an
"inner" SSL object to represent the TLS connection.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)

15 months agoAPPS: generated certs bear X.509 V3, unless -x509v1 option of req app is given
Dr. David von Oheimb [Sat, 24 Sep 2022 21:59:12 +0000 (23:59 +0200)]
APPS: generated certs bear X.509 V3, unless -x509v1 option of req app is given

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19271)

15 months agoapps/req.c: properly report parse errors by duplicated(); simplify the function
Dr. David von Oheimb [Sat, 24 Sep 2022 21:03:32 +0000 (23:03 +0200)]
apps/req.c: properly report parse errors by duplicated(); simplify the function

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19271)

15 months agoX509{,_CRL,_REVOKED}_{set,sign}*(): fix 'modified' field and return values
Dr. David von Oheimb [Wed, 28 Sep 2022 18:50:46 +0000 (20:50 +0200)]
X509{,_CRL,_REVOKED}_{set,sign}*(): fix 'modified' field and return values

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19271)

15 months agotest: note that a default property query must be included for FIPS validity
Pauli [Sun, 22 Jan 2023 22:52:17 +0000 (09:52 +1100)]
test: note that a default property query must be included for FIPS validity

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20079)

15 months agochanges entry about non-approved FIPS algorithms
Pauli [Thu, 19 Jan 2023 23:26:45 +0000 (10:26 +1100)]
changes entry about non-approved FIPS algorithms

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20079)

15 months agoPut X25519 and X448 back as approved algorithms
Pauli [Thu, 19 Jan 2023 22:32:49 +0000 (09:32 +1100)]
Put X25519 and X448 back as approved algorithms

CMVP's answer when questioned about this being:

    X448 and X25519 uses Curve448 and Curve25519, respectfully, within an
    ECDH scheme.  Therefore, it is possible for a key agreement scheme
    that uses Curve448 and Curve25519 to be used in the approved mode
    and be viewed as an allowed algorithm if requirements of Scenario
    X2 of IG D.8 and IG A.2 are met (or Scenario 3 of D.F and IG C.A for
    FIPS 140-3).  The use of EdDSA in the approved mode is not permitted
    until FIPS 186-5 is published and part of CMVP guidance.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20079)

15 months agofips: document that the EdDSA algorithms are not-validated
Pauli [Thu, 19 Jan 2023 00:16:40 +0000 (11:16 +1100)]
fips: document that the EdDSA algorithms are not-validated

Ed25519 and Ed448 are included in the FIPS 140-3 provider for
compatibility purposes but are flagged as "fips=no" to prevent their accidental
use.  This therefore requires that applications always specify the "fips=yes"
property query to enforce FIPS correctness.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20079)

15 months agoOSSL_trace_set_channel(): add important statement that it takes BIO ownership
Dr. David von Oheimb [Thu, 22 Dec 2022 10:47:41 +0000 (11:47 +0100)]
OSSL_trace_set_channel(): add important statement that it takes BIO ownership

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19959)

15 months agoset_trace_data(): prevent double free on OPENSSL_strdup() failure
Dr. David von Oheimb [Thu, 22 Dec 2022 10:42:14 +0000 (11:42 +0100)]
set_trace_data(): prevent double free on OPENSSL_strdup() failure

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19959)

15 months agoTypos fixing
FdaSilvaYY [Sat, 20 Feb 2021 22:39:30 +0000 (23:39 +0100)]
Typos fixing

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20109)

15 months agoFix windows builds
FdaSilvaYY [Mon, 16 Jan 2023 22:49:01 +0000 (23:49 +0100)]
Fix windows builds

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20109)

15 months agoCI: cross-compile: riscv: Add RV64 machine with Zb* and Zk*
Christoph Müllner [Sat, 21 Jan 2023 14:55:27 +0000 (15:55 +0100)]
CI: cross-compile: riscv: Add RV64 machine with Zb* and Zk*

RISC-V already has a couple of routines to accelerate cryptographic
calculations using ISA extensions. Let's add a cross-compile target
that allows the CI to test this code.

The new defined machine is a rv64gc machine with
* all Bitmanip extensions (Zb*)
* all Scalar Crypto extensions (Zk*)

This selection matches the supported RISC-V extensions in OpenSSL.

Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20107)

15 months agoCI: cross-compile: Allow to set CPU capabilities
Christoph Müllner [Sat, 21 Jan 2023 14:49:17 +0000 (15:49 +0100)]
CI: cross-compile: Allow to set CPU capabilities

The cross-compile CI tests use cross-compilers for building
and QEMU for testing. This implies that testing of ISA extension
for HW accelerated cryptographic calculations is undefined
(it depends on arch-specific QEMU defaults and arch-specific
detection mechanisms in OpenSSL).

Let's add a mechanism to set two environment variables, that allow
to control the ISA extensions:
* QEMU_CPU: used by QEMU to specify CPU capabilities of the emulation
* OPENSSL_*: used by OpenSSL (on some architectures) to enable ISA
  extensions.

Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20107)

15 months agoFix corruption when searching for CRLs in hashed directories
Hugo Landau [Wed, 18 Jan 2023 15:43:56 +0000 (15:43 +0000)]
Fix corruption when searching for CRLs in hashed directories

The by_dir certificate/CRL lookup code uses an OPENSSL_STACK to track
how many sequentially numbered CRL files have been loaded for a given
X509_NAME hash which is being requested. This avoids loading already
loaded CRL files and repeated stat() calls.

This OPENSSL_STACK is searched using sk_find, however this mutates
the OPENSSL_STACK unless it is known to be sorted. This operation
therefore requires a write lock, which was not taken.

Fix this issue by sorting the OPENSSL_STACK whenever it is mutated. This
guarantees no mutation will occur during sk_find. This is chosen over
taking a write lock during sk_find as retrieving a CRL by X509_NAME is
assumed to be a hotter path than the case where a new CRL is installed.

Also optimise the code by avoiding creating the structure to track the
last CRL file sequence number in the circumstance where it would match
the initial value, namely where no CRL with the given hash is installed.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20076)

15 months agoAdd DTLS support to the large app data test
Matt Caswell [Fri, 20 Jan 2023 14:08:42 +0000 (14:08 +0000)]
Add DTLS support to the large app data test

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20085)

15 months agoEnsure our buffer allocation allows for the Explicit IV
Matt Caswell [Thu, 19 Jan 2023 11:59:44 +0000 (11:59 +0000)]
Ensure our buffer allocation allows for the Explicit IV

Some ciphers/protocol versions have an explicit IV. We need to make sure we
have sufficient room for it in the underlying buffer.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20085)

15 months agoAdd a test for large app data
Matt Caswell [Thu, 19 Jan 2023 10:52:45 +0000 (10:52 +0000)]
Add a test for large app data

Test that sending large app data records works correctly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20085)

15 months agoMD5.pod: Recommend SHA-2 or SHA-3 family hashes instead of legacy ones
Tomas Mraz [Fri, 20 Jan 2023 10:40:45 +0000 (11:40 +0100)]
MD5.pod: Recommend SHA-2 or SHA-3 family hashes instead of legacy ones

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20095)

15 months agoX509_V_ERR_INVALID_PURPOSE: fix misleading text; Fix omission in X509_VERIFY_PARAM_cl...
Dr. David von Oheimb [Mon, 16 Jan 2023 07:38:01 +0000 (08:38 +0100)]
X509_V_ERR_INVALID_PURPOSE: fix misleading text; Fix omission in X509_VERIFY_PARAM_clear_flags doc

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20052)

15 months agocmp_client.c: fix handling of total_timeout for RR and GENM transactions
Dr. David von Oheimb [Tue, 11 Oct 2022 14:21:20 +0000 (16:21 +0200)]
cmp_client.c: fix handling of total_timeout for RR and GENM transactions

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19391)

15 months agocmp_client_test.c: add tests for end_time being initialized for RR/GENM
Dr. David von Oheimb [Fri, 25 Nov 2022 09:43:12 +0000 (10:43 +0100)]
cmp_client_test.c: add tests for end_time being initialized for RR/GENM

To this end, tweak the internal handling of ctx->total_timeout.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19391)

15 months agoCMP docs: clarify behavior on message/total timeout values given
Dr. David von Oheimb [Fri, 25 Nov 2022 11:08:42 +0000 (12:08 +0100)]
CMP docs: clarify behavior on message/total timeout values given

Clarify behavior of OSSL_CMP_CTX_set_option() when given (negative)
values for OSSL_CMP_OPT_MSG_TIMEOUT or OSSL_CMP_OPT_TOTAL_TIMEOUT.
Fix doc of -msg_timeout and -total_timeout in openssl-cmp.pod.in

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19391)

15 months agoFixes wrong return type in BIO_do_connect man page.
Thib [Fri, 20 Jan 2023 13:07:15 +0000 (14:07 +0100)]
Fixes wrong return type in BIO_do_connect man page.

Current man page indicates the function returns an int while it returns
a long.

Fixes #20096.

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20097)

15 months agoFix incorrect check on RAND_bytes_ex() in generate_q_fips186_4()
Niels Dossche [Sat, 21 Jan 2023 12:34:34 +0000 (13:34 +0100)]
Fix incorrect check on RAND_bytes_ex() in generate_q_fips186_4()

RAND_bytes_ex() can also return 0 on failure. Other callers do check
this correctly. Change the check from <0 to <=0.

Fixes: #20100
CLA: trivial

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20106)

15 months agoAllow OSSL_SIGNATURE_PARAM_NONCE_TYPE to be retrieved
Ingo Franzki [Wed, 18 Jan 2023 10:24:16 +0000 (11:24 +0100)]
Allow OSSL_SIGNATURE_PARAM_NONCE_TYPE to be retrieved

Context parameter OSSL_SIGNATURE_PARAM_NONCE_TYPE can now also be
retrieved for ECDSA and DSA.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20070)

15 months agoAdding a separated build settings for BSD flavors
David Carlier [Sat, 19 Dec 2020 11:07:09 +0000 (11:07 +0000)]
Adding a separated build settings for BSD flavors
to avoid inheriting Linux's linker flags (ie -Wl,-z,defs)
now targetting OpenBSD.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13393)

15 months agobn2bin(): Don't accept len < 0
Richard Levitte [Fri, 13 Jan 2023 11:51:43 +0000 (12:51 +0100)]
bn2bin(): Don't accept len < 0

Test included

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20033)

15 months agoAdd a test for public variants of bn2bin()
Richard Levitte [Thu, 12 Jan 2023 10:10:01 +0000 (11:10 +0100)]
Add a test for public variants of bn2bin()

We test with binary input of length 1, length 0, and NULL input with length 0

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20033)

15 months agobin2bn(): When len==0, just return a zero BIGNUM
Richard Levitte [Thu, 12 Jan 2023 09:17:01 +0000 (10:17 +0100)]
bin2bn(): When len==0, just return a zero BIGNUM

This allows calls with s==NULL and len==0 to be safe.  It probably already
was, but address sanitizers could still complain.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20033)

15 months agoPadlock: fix byte swapping assembly for AES-192 and 256
ValdikSS [Wed, 18 Jan 2023 17:14:48 +0000 (20:14 +0300)]
Padlock: fix byte swapping assembly for AES-192 and 256

Byte swapping code incorrectly uses the number of AES rounds to swap expanded
AES key, while swapping only a single dword in a loop, resulting in swapped
key and partially swapped expanded keys, breaking AES encryption and
decryption on VIA Padlock hardware.

This commit correctly sets the number of swapping loops to be done.

Fixes #20073

CLA: trivial

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20077)

15 months agoAdd link to EBNF definition
Pauli [Wed, 18 Jan 2023 07:03:33 +0000 (18:03 +1100)]
Add link to EBNF definition

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20023)

15 months agoAdd negative test for unquoted property string
Pauli [Sun, 15 Jan 2023 23:04:11 +0000 (10:04 +1100)]
Add negative test for unquoted property string

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20023)

15 months agoCorrect property EBNF for unquoted strings
Pauli [Wed, 11 Jan 2023 00:39:02 +0000 (11:39 +1100)]
Correct property EBNF for unquoted strings

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20023)

15 months agoQUIC Test Server: Minor fixups
Hugo Landau [Wed, 18 Jan 2023 11:07:58 +0000 (11:07 +0000)]
QUIC Test Server: Minor fixups

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)

15 months agoQUIC DEMUX: Refactor list manipulation
Hugo Landau [Wed, 30 Nov 2022 08:50:58 +0000 (08:50 +0000)]
QUIC DEMUX: Refactor list manipulation

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)

15 months agoQUIC Test Server: Basic echo server test
Hugo Landau [Tue, 22 Nov 2022 17:49:36 +0000 (17:49 +0000)]
QUIC Test Server: Basic echo server test

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)

15 months agoQUIC Test Server Implementation
Hugo Landau [Tue, 22 Nov 2022 13:45:18 +0000 (13:45 +0000)]
QUIC Test Server Implementation

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)

15 months agoQUIC CHANNEL: Add basic server support for testing
Hugo Landau [Tue, 22 Nov 2022 13:41:23 +0000 (13:41 +0000)]
QUIC CHANNEL: Add basic server support for testing

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)

15 months agoQUIC CHANNEL: Transport params: Offer reason text and add server support
Hugo Landau [Tue, 22 Nov 2022 13:35:04 +0000 (13:35 +0000)]
QUIC CHANNEL: Transport params: Offer reason text and add server support

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)

15 months agoQUIC TXP: Fix generation of CONNECTION_CLOSE
Hugo Landau [Tue, 22 Nov 2022 13:31:42 +0000 (13:31 +0000)]
QUIC TXP: Fix generation of CONNECTION_CLOSE

CONNECTION_CLOSE frames can be generated on multiple ELs, so the TX
packetiser was generating it on multiple ELs simultaneously. This fixes
the CONNECTION_CLOSE generation logic so that the lowest non-dropped EL
is always used.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)

15 months agoQUIC Front-End I/O API: Fix WANT_READ signalling for SSL_read
Hugo Landau [Tue, 22 Nov 2022 13:29:45 +0000 (13:29 +0000)]
QUIC Front-End I/O API: Fix WANT_READ signalling for SSL_read

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)

15 months agoQUIC Front-End I/O API: Fix implementation of SSL_get_error
Hugo Landau [Tue, 22 Nov 2022 13:28:56 +0000 (13:28 +0000)]
QUIC Front-End I/O API: Fix implementation of SSL_get_error

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)

15 months agoQUIC QRX: (Server support) Add support for manual URXE injection
Hugo Landau [Tue, 22 Nov 2022 13:28:24 +0000 (13:28 +0000)]
QUIC QRX: (Server support) Add support for manual URXE injection

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)

15 months agoQUIC DHS: (Server support) Add server state machine for DHS
Hugo Landau [Tue, 22 Nov 2022 13:26:51 +0000 (13:26 +0000)]
QUIC DHS: (Server support) Add server state machine for DHS

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)

15 months agoQUIC DEMUX: (Server support) Add support for default handler
Hugo Landau [Tue, 22 Nov 2022 13:25:41 +0000 (13:25 +0000)]
QUIC DEMUX: (Server support) Add support for default handler

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)

15 months agoFix incorrect error return value in i2r_ADMISSION_SYNTAX()
Niels Dossche [Tue, 17 Jan 2023 19:27:49 +0000 (20:27 +0100)]
Fix incorrect error return value in i2r_ADMISSION_SYNTAX()

The other implementations of i2r return 0 in case of an error, but
i2r_ADMISSION_SYNTAX() returns -1. That means the check on i2r does not
catch the error. Change it to return 0 like the others do.

Fixes: #20066
CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20068)

15 months agoS390X: Fix Ed448ph
Juergen Christ [Tue, 17 Jan 2023 18:16:43 +0000 (19:16 +0100)]
S390X: Fix Ed448ph

CPACF does not support pre-hashing.  This was considered correctly for
Ed25519ph, but not for Ed448ph which lead to errors in the test_evp suite
(test vector 20 - pre-hashing without context string).  Fix this by using the
non-accelerated version of Ed448 also if no context string is provided, but
pre-hashing is performed.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20067)

15 months agoFix potential NULL pointer dereference
Juergen Christ [Mon, 16 Jan 2023 10:37:15 +0000 (11:37 +0100)]
Fix potential NULL pointer dereference

In EC key generation, if allocation of struct ec_gen_ctx fails, values
provided by parameters are copied into the context at represented by a NULL
pointer.  To fix this, prevent copy if allocation fails.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20055)

15 months agoClarify documentation of X509_STORE_CTX_get_current_cert()
north-16 [Fri, 13 Jan 2023 01:33:46 +0000 (17:33 -0800)]
Clarify documentation of X509_STORE_CTX_get_current_cert()

CLA: trivial

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20038)

15 months agoremove unused macro in cast_local.h and des_local.h
zhangzhilei [Sat, 14 Jan 2023 06:23:48 +0000 (14:23 +0800)]
remove unused macro in cast_local.h and des_local.h

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20048)

15 months agopkey: Imply public check if -pubin is specified
Tomas Mraz [Fri, 13 Jan 2023 13:48:52 +0000 (14:48 +0100)]
pkey: Imply public check if -pubin is specified

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20044)

15 months agoPKCS12 - Add additional libctx and propq support.
slontis [Wed, 21 Dec 2022 04:39:07 +0000 (14:39 +1000)]
PKCS12 - Add additional libctx and propq support.

Fixes #19718
Fixes #19716

Added PKCS12_SAFEBAG_get1_cert_ex(), PKCS12_SAFEBAG_get1_crl_ex() and
ASN1_item_unpack_ex().

parse_bag and parse_bags now use the libctx/propq stored in the P7_CTX.
PKCS12_free() needed to be manually constructed in order to free the propq.

pkcs12_api_test.c changed so that it actually tests the libctx, propq.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19942)

15 months agos390x: Fix keccak xofs via CPACF
Juergen Christ [Mon, 2 Jan 2023 16:52:25 +0000 (17:52 +0100)]
s390x: Fix keccak xofs via CPACF

CPACF does not directly support xofs.  Emulate this by using single block
operations on an empty input block.

Fixes: affc070aabc9 ("s390x: Optimize kmac")
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19983)

15 months agoFix big-endian issue in chacha20 SVE implementation on aarch64
fangming.fang [Wed, 11 Jan 2023 03:49:28 +0000 (03:49 +0000)]
Fix big-endian issue in chacha20 SVE implementation on aarch64

Fixes: #19902
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20028)

15 months agoBump actions/setup-python from 4.4.0 to 4.5.0
dependabot[bot] [Mon, 16 Jan 2023 15:24:25 +0000 (15:24 +0000)]
Bump actions/setup-python from 4.4.0 to 4.5.0

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4.4.0...v4.5.0)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

CLA: trivial
Signed-off-by: dependabot[bot] <support@github.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20046)

15 months agoDocumenting lack of error codes stability
Dmitry Belyavskiy [Tue, 10 Jan 2023 17:54:51 +0000 (18:54 +0100)]
Documenting lack of error codes stability

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20019)

15 months agoCMP app: fix file output of certs and cert lists on non-existing cert(s)
Dr. David von Oheimb [Tue, 13 Dec 2022 16:47:23 +0000 (17:47 +0100)]
CMP app: fix file output of certs and cert lists on non-existing cert(s)

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20035)

15 months agoLimit size of modulus for bn_mul_mont and BN_mod_exp_mont_consttime
Bernd Edlinger [Tue, 8 Nov 2022 16:43:22 +0000 (17:43 +0100)]
Limit size of modulus for bn_mul_mont and BN_mod_exp_mont_consttime

Otherwise the alloca can cause an exception.

Issue reported by Jiayi Lin.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20005)

15 months agoRevert "Limit size of modulus for BN_mod_exp_mont_consttime()"
Bernd Edlinger [Sat, 7 Jan 2023 06:58:21 +0000 (07:58 +0100)]
Revert "Limit size of modulus for BN_mod_exp_mont_consttime()"

This reverts commit 4378e3cd2a4d73a97a2349efaa143059d8ed05e8.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20005)

15 months agoQUIC API: Rename want_net_read and want_net_write
Hugo Landau [Mon, 9 Jan 2023 15:48:25 +0000 (15:48 +0000)]
QUIC API: Rename want_net_read and want_net_write

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)

15 months agoQUIC CHANNEL: Handle network errors as connection-fatal events
Hugo Landau [Mon, 9 Jan 2023 15:47:47 +0000 (15:47 +0000)]
QUIC CHANNEL: Handle network errors as connection-fatal events

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)

15 months agoQUIC QTX: Handle network errors explicitly
Hugo Landau [Mon, 9 Jan 2023 15:44:42 +0000 (15:44 +0000)]
QUIC QTX: Handle network errors explicitly

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)

15 months agoQUIC DEMUX: Handle network errors explicitly
Hugo Landau [Mon, 9 Jan 2023 15:43:52 +0000 (15:43 +0000)]
QUIC DEMUX: Handle network errors explicitly

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)