openssl.git
5 weeks agoFix CID-1464802
Shane Lontis [Tue, 23 Jun 2020 02:30:40 +0000 (12:30 +1000)]
Fix CID-1464802

Improper use of negative value (It just needs to pass zero instead of -1).

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12237)

5 weeks agoForce ssl/tls protocol flags to use stream sockets
Benny Baumann [Wed, 24 Jun 2020 19:54:05 +0000 (21:54 +0200)]
Force ssl/tls protocol flags to use stream sockets

Prior to this patch doing something like
  openssl s_client -dtls1 -tls1 ...
could cause s_client to speak TLS on a UDP socket
which does not normally make much sense.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12266)

5 weeks agorand: include the CPU source in a build.
Pauli [Wed, 24 Jun 2020 21:55:47 +0000 (07:55 +1000)]
rand: include the CPU source in a build.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/12267)

5 weeks agorand: fix CPU and timer sources.
Pauli [Wed, 24 Jun 2020 21:46:36 +0000 (07:46 +1000)]
rand: fix CPU and timer sources.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/12267)

5 weeks agoAdd --fips-key configuration parameter to fipsinstall application.
Rich Salz [Mon, 29 Jun 2020 02:20:41 +0000 (12:20 +1000)]
Add --fips-key configuration parameter to fipsinstall application.

Change default FIPS HMAC KEY from all-zero's
Use default FIPSKEY if not given on command line.
Make all -macopt in fipsinstall optional
Make all tests, except fipsinstall, use the default -macopt and
-mac_name flags.
Define and use FIPSDIR variable on VMS/MMS.
Also use SRCDIR/BLDDIR in SRCTOP/BLDTOP.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12235)

5 weeks agoINSTALL.md and NOTES.VALGRIND: Further cleanup of references and code/symbol quotatio...
Dr. David von Oheimb [Tue, 23 Jun 2020 06:38:24 +0000 (08:38 +0200)]
INSTALL.md and NOTES.VALGRIND: Further cleanup of references and code/symbol quotation layout

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12232)

5 weeks agoMove test-related info from INSTALL.md to new test/README.md, updating references
Dr. David von Oheimb [Mon, 22 Jun 2020 17:47:50 +0000 (19:47 +0200)]
Move test-related info from INSTALL.md to new test/README.md, updating references

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12232)

5 weeks agoapps/openssl: clean-up of unused fallback code
Richard Levitte [Wed, 24 Jun 2020 11:16:30 +0000 (13:16 +0200)]
apps/openssl: clean-up of unused fallback code

Remove code in help_main() that duplicates the case when 'openssl' is
called with no arguments, which is now handled in main().

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12295)

5 weeks agoConfigurations: drop toolchain from configuration targets
Richard Levitte [Wed, 4 Mar 2020 14:02:29 +0000 (15:02 +0100)]
Configurations: drop toolchain from configuration targets

Some configuration targets pretend to be for a specific compiler, but
are more widely usable, and should reflect that.

[work in progress]

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoDOC: Mention Configure consistently
Richard Levitte [Tue, 3 Mar 2020 16:20:07 +0000 (17:20 +0100)]
DOC: Mention Configure consistently

'config' is now a mere wrapper for backward compatibility.
All documentation is changed accordingly.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoConfigure: pick up options from older 'config'
Richard Levitte [Tue, 3 Mar 2020 14:04:42 +0000 (15:04 +0100)]
Configure: pick up options from older 'config'

These options were coded in util/perl/OpenSSL/config.pm, but that got
removed when the OpenSSL::config::main() function was removed.  We're
not putting them back, but in 'Configure'.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoutil/perl/OpenSSL/config.pm: refactor guess_system()
Richard Levitte [Tue, 3 Mar 2020 13:33:19 +0000 (14:33 +0100)]
util/perl/OpenSSL/config.pm: refactor guess_system()

There's no reason to have two different tables, when we can simply
detect if the tuple elements are code or scalar.  Furthermore, order
is important in some cases, and that order is harder not to say
impossible when maintaining two tables.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoutil/perl/OpenSSL/config.pm: remove expand() and use eval
Richard Levitte [Tue, 3 Mar 2020 13:31:35 +0000 (14:31 +0100)]
util/perl/OpenSSL/config.pm: remove expand() and use eval

The strings we expand contain other variable references than just
${MACHINE}.  Instead of having to remember what to expand, we simply
evaluate the string as a, well, string.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoconfig: Turn into a simple wrapper
Richard Levitte [Mon, 2 Mar 2020 23:08:41 +0000 (00:08 +0100)]
config: Turn into a simple wrapper

Now that Configure called config.pm's functions directly, the 'config'
script doesn't have much else to do than to pass arguments.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoutil/perl/OpenSSL/config.pm: refactor map_guess()
Richard Levitte [Mon, 2 Mar 2020 23:01:35 +0000 (00:01 +0100)]
util/perl/OpenSSL/config.pm: refactor map_guess()

map_guess() is now table driven, just like get_system().
Additionally, it now takes a config hash table and returns one of its
own.  This way, 'Configure' can pass whatever it has already found to
OpenSSL::config::get_platform(), and easily merge the returned hash
table into its %config.

This also gets rid of variables that we no longer need.  That includes
$PERL and all the $__CNF_ environment variables.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoutil/perl/OpenSSL/config.pm, Configure: move check of target with compiler
Richard Levitte [Mon, 2 Mar 2020 23:06:52 +0000 (00:06 +0100)]
util/perl/OpenSSL/config.pm, Configure: move check of target with compiler

Previously, ./config would check if "$target-$CC", then "$target"
exists and choose the one that does.  This is now moved to Configure.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoutil/perl/OpenSSL/config.pm: Rework determining compiler information
Richard Levitte [Mon, 2 Mar 2020 22:14:09 +0000 (23:14 +0100)]
util/perl/OpenSSL/config.pm: Rework determining compiler information

determine_compiler_settings() has been refactored to:

- find a compiler if none has been given by the user
- allow platform specific overrides, but only when the user didn't
  already specify a desired compiler
- figure out the compiler vendor and version, making sure that the
  version number is deterministic
- gather platform specific compiler information

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoRemove OpenSSL::config::main(), it's not necessary
Richard Levitte [Mon, 2 Mar 2020 22:01:25 +0000 (23:01 +0100)]
Remove OpenSSL::config::main(), it's not necessary

This also remove all option parsing.  We leave that to Configure.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoutil/perl/OpenSSL/config.pm: Prefer POSIX::uname() over piping the command
Richard Levitte [Mon, 2 Mar 2020 17:42:30 +0000 (18:42 +0100)]
util/perl/OpenSSL/config.pm: Prefer POSIX::uname() over piping the command

POSIX::uname() has the advantage to work on non-POSIX systems as well,
such as the Windows command prompt and VMS.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoutil/perl/OpenSSL/config.pm: Don't detect removed directories in
Richard Levitte [Mon, 2 Mar 2020 17:38:07 +0000 (18:38 +0100)]
util/perl/OpenSSL/config.pm: Don't detect removed directories in

This is much better handled in Configure.

[There's another PR moving this to Configure, so this commit should
eventually disappear because rebase]

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoInitial rewrite of config as a Perl module
Rich Salz [Tue, 4 Feb 2020 02:41:20 +0000 (21:41 -0500)]
Initial rewrite of config as a Perl module

- Use $^X; to find perl.
- Big re-ordering: Put all variables at the top, move most inline code into
  functions. The heart of the script now basically just calls
  functions to do its work.
- Unify warning text, add -w option
- Don't use needless (subshells)
- Ensure Windows gets a VC-xxx option
- Make config a perl module
- Top-level "config" command-line is a dummy that just calls the module.
  Added module stuff so that it can be called from Configure.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11230)

5 weeks agoAdd a test to make sure ASYNC aware code gets the right default libctx
Matt Caswell [Fri, 26 Jun 2020 10:02:29 +0000 (11:02 +0100)]
Add a test to make sure ASYNC aware code gets the right default libctx

Even if a fibre changes the default libctx - or the main application code
changes it, the "current" default libctx should remain consistent.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12228)

5 weeks agoMake the ASYNC code default libctx aware
Matt Caswell [Fri, 26 Jun 2020 10:00:25 +0000 (11:00 +0100)]
Make the ASYNC code default libctx aware

Since the default libctx is now stored in a thread local variable
swapping in and out of fibres in the ASYNC code could mean that the
"current" default libctx can get confused. Therefore we ensure that
everytime we call async_fibre_swapcontext() we always restore the default
libctx to whatever it was the last time the fibre ran. Similarly when
async_fibre_swapcontext() returns we need to restore the current thread's
default libctx.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12228)

5 weeks agoCORE: Add an internal function to distinguish the global default context
Richard Levitte [Tue, 23 Jun 2020 08:09:20 +0000 (10:09 +0200)]
CORE: Add an internal function to distinguish the global default context

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12228)

5 weeks agoTEST: Add test to exercise OPENSSL_CTX_set0_default()
Richard Levitte [Mon, 22 Jun 2020 13:49:55 +0000 (15:49 +0200)]
TEST: Add test to exercise OPENSSL_CTX_set0_default()

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12228)

5 weeks agoUpdate NEWS and CHANGES
Richard Levitte [Mon, 22 Jun 2020 11:15:22 +0000 (13:15 +0200)]
Update NEWS and CHANGES

NEWS and CHANGES hasn't mentioned OPENSSL_CTX before, so adding entries now.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12228)

5 weeks agoCORE: Add OPENSSL_CTX_set0_default(), to set a default library context
Richard Levitte [Mon, 22 Jun 2020 11:12:53 +0000 (13:12 +0200)]
CORE: Add OPENSSL_CTX_set0_default(), to set a default library context

Applications may want to set their own default library context,
possibly per-thread.  OPENSSL_CTX_set0_default() does that.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12228)

5 weeks agoINSTALL.md: Restore $ as command prompt indicator
Richard Levitte [Wed, 24 Jun 2020 09:55:16 +0000 (11:55 +0200)]
INSTALL.md: Restore $ as command prompt indicator

We have a notational convention in INSTALL.md, which says this among
others:

> Any line starting with a dollar sign is a command line.
>
>     $ command
>
> The dollar sign indicates the shell prompt and is not to be entered as
> part of the command.

That notation exists to make it clear what is a command line and
what's output from that command line.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12257)

5 weeks agoConfiguration: do not overwrite BASE_unix ex_libs in AIX
Attila Szakacs [Thu, 25 Jun 2020 11:40:33 +0000 (13:40 +0200)]
Configuration: do not overwrite BASE_unix ex_libs in AIX

BASE_unix sets ex_libs to `-lz` based the on zlib linking.
AIX platforms overwrote this instead of adding to it.

CLA: Trivial

Signed-off-by: Attila Szakacs <attila.szakacs@oneidentity.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12271)

5 weeks agoReduce the security bits for MD5 and SHA1 based signatures in TLS
Kurt Roeckx [Thu, 2 Jan 2020 22:25:27 +0000 (23:25 +0100)]
Reduce the security bits for MD5 and SHA1 based signatures in TLS

This has as effect that SHA1 and MD5+SHA1 are no longer supported at
security level 1, and that TLS < 1.2 is no longer supported at the
default security level of 1, and that you need to set the security
level to 0 to use TLS < 1.2.

Reviewed-by: Tim Hudson <tjh@openssl.org>
GH: #10787

5 weeks agoFix syntax of cipher string
Kurt Roeckx [Sun, 23 Feb 2020 10:06:32 +0000 (11:06 +0100)]
Fix syntax of cipher string

Reviewed-by: Tim Hudson <tjh@openssl.org>
GH: #10787

5 weeks agoTEST: Add TODO segments in test/recipes/15-test_genec.t
Richard Levitte [Tue, 9 Jun 2020 10:29:27 +0000 (12:29 +0200)]
TEST: Add TODO segments in test/recipes/15-test_genec.t

There currently do not support 'ec_param_enc:explicit' with provider
side key generation.  Reflect that by encoding the expected failure
with a Test::More TODO section for those particular tests.

Because the tests in this recipe are data driven, we implement this
mechanism with two functions, one for stuff that's supported and one
for stuff that isn't.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12080)

5 weeks agoTest genpkey app for EC keygen with various args
Nicola Tuveri [Sun, 7 Jun 2020 15:00:33 +0000 (18:00 +0300)]
Test genpkey app for EC keygen with various args

This commit adds a new recipe to test EC key generation with the
`genpkey` CLI app.

For each built-in curve, it tests key generation with text output, in
PEM and in DER format, using `explicit` and `named_curve` for parameters
encoding.

The list of built-in curves is static at the moment, as this allows to
differentiate between prime curves and binary curves to avoid failing
when ec2m is disabled.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12080)

5 weeks agodoc/man3: fix types taken by HMAC(), HMAC_Update()
pedro martelletto [Wed, 24 Jun 2020 15:48:00 +0000 (17:48 +0200)]
doc/man3: fix types taken by HMAC(), HMAC_Update()

HMAC() and HMAC_Update() take size_t for 'n' and 'len' respectively.

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12264)

5 weeks agoPrepare for 3.0 alpha 5
Matt Caswell [Thu, 25 Jun 2020 14:00:39 +0000 (15:00 +0100)]
Prepare for 3.0 alpha 5

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
5 weeks agoPrepare for release of 3.0 alpha 4 openssl-3.0.0-alpha4
Matt Caswell [Thu, 25 Jun 2020 13:58:16 +0000 (14:58 +0100)]
Prepare for release of 3.0 alpha 4

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
5 weeks agoUpdate copyright year
Matt Caswell [Thu, 25 Jun 2020 13:13:12 +0000 (14:13 +0100)]
Update copyright year

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12273)

6 weeks agoapps/cmp.c: Add workaround for Coverity false positive; rename e -> engine
Dr. David von Oheimb [Mon, 22 Jun 2020 15:18:20 +0000 (17:18 +0200)]
apps/cmp.c: Add workaround for Coverity false positive; rename e -> engine

CID 1463570:    (USE_AFTER_FREE)
CID 1463570:    (USE_AFTER_FREE)
Passing freed pointer "e" as an argument to "release_engine".

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12231)

6 weeks agoapps/cmp.c: Fix memory leaks in handle_opt_geninfo() found by Coverity
Dr. David von Oheimb [Mon, 22 Jun 2020 14:33:13 +0000 (16:33 +0200)]
apps/cmp.c: Fix memory leaks in handle_opt_geninfo() found by Coverity

CID 1463578:  Resource leaks  (RESOURCE_LEAK)
CID 1463575:  Resource leaks  (RESOURCE_LEAK)

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12231)

6 weeks agoevp_generic_fetch.pod: fix documentation error
Dr. Matthias St. Pierre [Sun, 21 Jun 2020 10:37:58 +0000 (12:37 +0200)]
evp_generic_fetch.pod: fix documentation error

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12222)

6 weeks agoMake the naming scheme for dispatched functions more consistent
Dr. Matthias St. Pierre [Sat, 20 Jun 2020 23:19:16 +0000 (01:19 +0200)]
Make the naming scheme for dispatched functions more consistent

The new naming scheme consistently usese the `OSSL_FUNC_` prefix for all
functions which are dispatched between the core and providers.

This change includes in particular all up- and downcalls, i.e., the
dispatched functions passed from core to provider and vice versa.

- OSSL_core_  -> OSSL_FUNC_core_
- OSSL_provider_ -> OSSL_FUNC_core_

For operations and their function dispatch tables, the following convention
is used:

  Type                 | Name (evp_generic_fetch(3))       |
  ---------------------|-----------------------------------|
  operation            | OSSL_OP_FOO                       |
  function id          | OSSL_FUNC_FOO_FUNCTION_NAME       |
  function "name"      | OSSL_FUNC_foo_function_name       |
  function typedef     | OSSL_FUNC_foo_function_name_fn    |
  function ptr getter  | OSSL_FUNC_foo_function_name       |

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12222)

6 weeks agoRename <openssl/core_numbers.h> -> <openssl/core_dispatch.h>
Dr. Matthias St. Pierre [Sat, 20 Jun 2020 23:21:19 +0000 (01:21 +0200)]
Rename <openssl/core_numbers.h> -> <openssl/core_dispatch.h>

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12222)

6 weeks agoapps: avoid memory overrun.
Pauli [Wed, 24 Jun 2020 10:21:15 +0000 (20:21 +1000)]
apps: avoid memory overrun.

NULL terminate the built in "help" argv array to avoid
reading beyond the end.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12258)

6 weeks agoFix some man page typos
Matt Caswell [Thu, 18 Jun 2020 08:09:04 +0000 (09:09 +0100)]
Fix some man page typos

A few miscellaneous man page typos reported by Hal Murray on
openssl-users.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12185)

6 weeks agotest: add test for generation of random data in chunks.
Pauli [Thu, 11 Jun 2020 01:07:13 +0000 (11:07 +1000)]
test: add test for generation of random data in chunks.

THe EVP_RAND wrapper works with the underlying RNG to produce the amount of
random data requested even if it is larger than the largest single generation
the source allows.  This test verified that this works.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agotest: update EVP tests to include DRBG testing
Pauli [Fri, 5 Jun 2020 03:47:55 +0000 (13:47 +1000)]
test: update EVP tests to include DRBG testing

[extended tests]

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agoNIST DRBG set data
Pauli [Fri, 5 Jun 2020 03:46:16 +0000 (13:46 +1000)]
NIST DRBG set data

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agoinclude source root directory via -I for libnonfips.a
Pauli [Wed, 3 Jun 2020 01:39:20 +0000 (11:39 +1000)]
include source root directory via -I for libnonfips.a

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agoevp_rand: documentation
Pauli [Mon, 25 May 2020 04:45:49 +0000 (14:45 +1000)]
evp_rand: documentation

EVP_RAND, the RNGs and provider-rand.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agofips rand: DRBG KAT self test updates to provider model.
Pauli [Wed, 20 May 2020 04:15:04 +0000 (14:15 +1000)]
fips rand: DRBG KAT self test updates to provider model.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agoupdate drbgtest to the provider model
Pauli [Mon, 25 May 2020 03:38:59 +0000 (13:38 +1000)]
update drbgtest to the provider model

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agoCTR, HASH and HMAC DRBGs in provider
Pauli [Fri, 8 May 2020 00:25:19 +0000 (10:25 +1000)]
CTR, HASH and HMAC DRBGs in provider

Move the three different DRBGs to the provider.

As part of the move, the DRBG specific data was pulled out of a common
structure and into their own structures.  Only these smaller structures are
securely allocated.  This saves quite a bit of secure memory:

    +-------------------------------+
    | DRBG         | Bytes | Secure |
    +--------------+-------+--------+
    | HASH         |  376  |   512  |
    | HMAC         |  168  |   256  |
    | CTR          |  176  |   256  |
    | Common (new) |  320  |     0  |
    | Common (old) |  592  |  1024  |
    +--------------+-------+--------+

Bytes is the structure size on the X86/64.
Secure is the number of bytes of secure memory used (power of two allocator).

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agorand: move drbg_{ctr,hash,hmac}.c without change to preserve history
Dr. Matthias St. Pierre [Tue, 19 May 2020 16:19:03 +0000 (18:19 +0200)]
rand: move drbg_{ctr,hash,hmac}.c without change to preserve history

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agoshare rand_pool between libcrypto and providers
Pauli [Tue, 12 May 2020 02:20:28 +0000 (12:20 +1000)]
share rand_pool between libcrypto and providers

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agorand: add seeding sources to providers.
Pauli [Mon, 11 May 2020 02:06:37 +0000 (12:06 +1000)]
rand: add seeding sources to providers.

Also separate out the TSC and RDRAND based sources into their own file in the
seeding subdirectory.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agorand: move rand_{unix,vms,vxworks,win}.c without change to preserve history
Dr. Matthias St. Pierre [Tue, 19 May 2020 16:18:48 +0000 (18:18 +0200)]
rand: move rand_{unix,vms,vxworks,win}.c without change to preserve history

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agoparams: add OSSL_PARAM helpers for time_t.
Pauli [Sun, 10 May 2020 23:37:45 +0000 (09:37 +1000)]
params: add OSSL_PARAM helpers for time_t.

POSIX mandates that time_t is a signed integer but it doesn't specify the
lenght.  Having wrappers lets uses ignore this.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agotest: add a test RNG.
Pauli [Fri, 8 May 2020 00:25:36 +0000 (10:25 +1000)]
test: add a test RNG.

The test RNG can provide pre-canned entropy and nonces for testing other
algorithms.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agoCRNGT: continuous DRBG tests for providers
Pauli [Fri, 8 May 2020 00:25:03 +0000 (10:25 +1000)]
CRNGT: continuous DRBG tests for providers

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agoprovider: add RAND algorithm tables
Pauli [Fri, 8 May 2020 00:24:12 +0000 (10:24 +1000)]
provider: add RAND algorithm tables

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agoapp/list: add RNG list option
Pauli [Tue, 12 May 2020 23:40:06 +0000 (09:40 +1000)]
app/list: add RNG list option

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agorand: set up EVP and DRBG infrastructure for RAND from providers.
Pauli [Fri, 8 May 2020 00:22:45 +0000 (10:22 +1000)]
rand: set up EVP and DRBG infrastructure for RAND from providers.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agoMove CRNG test to providers
Pauli [Wed, 20 May 2020 22:45:29 +0000 (08:45 +1000)]
Move CRNG test to providers

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agocore: add OSSL_INOUT_CALLBACK
Pauli [Mon, 25 May 2020 09:24:39 +0000 (19:24 +1000)]
core: add OSSL_INOUT_CALLBACK

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agorand: core APIs for provider friendly random.
Pauli [Thu, 30 Apr 2020 04:46:12 +0000 (14:46 +1000)]
rand: core APIs for provider friendly random.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

6 weeks agoCMS print should support string conversion: docs
Dmitry Belyavskiy [Fri, 19 Jun 2020 14:06:18 +0000 (17:06 +0300)]
CMS print should support string conversion: docs

Documentation for -nameopt option

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12206)

6 weeks agoCMS print should support string conversion
Dmitry Belyavskiy [Fri, 19 Jun 2020 14:05:12 +0000 (17:05 +0300)]
CMS print should support string conversion

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12206)

6 weeks agoAdd an SSL_dup test
Matt Caswell [Tue, 16 Jun 2020 16:19:40 +0000 (17:19 +0100)]
Add an SSL_dup test

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12180)

6 weeks agoDon't attempt to duplicate the BIO state in SSL_dup
Matt Caswell [Tue, 16 Jun 2020 16:40:40 +0000 (17:40 +0100)]
Don't attempt to duplicate the BIO state in SSL_dup

SSL_dup attempted to duplicate the BIO state if the source SSL had BIOs
configured for it. This did not work.

Firstly the SSL_dup code was passing a BIO ** as the destination
argument for BIO_dup_state. However BIO_dup_state expects a BIO * for that
parameter. Any attempt to use this will either (1) fail silently, (2) crash
or fail in some other strange way.

Secondly many BIOs do not implement the BIO_CTRL_DUP ctrl required to make
this work.

Thirdly, if rbio == wbio in the original SSL object, then an attempt is made
to up-ref the BIO in the new SSL object - even though it hasn't been set
yet and is NULL. This results in a crash.

This appears to have been broken for a very long time with at least some of
the problems described above coming from SSLeay. The simplest approach is
to just remove this capability from the function.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12180)

6 weeks agoUpdate the SSL_dup documentation to match reality
Matt Caswell [Mon, 15 Jun 2020 11:11:46 +0000 (12:11 +0100)]
Update the SSL_dup documentation to match reality

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12180)

6 weeks agoEnsure that SSL_dup copies the min/max protocol version
Matt Caswell [Fri, 12 Jun 2020 09:52:41 +0000 (10:52 +0100)]
Ensure that SSL_dup copies the min/max protocol version

With thanks to Rebekah Johnson for reporting this issue.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12180)

6 weeks agoproperty: correctly set the has optional flag when merging property lists
Pauli [Mon, 15 Jun 2020 00:07:50 +0000 (10:07 +1000)]
property: correctly set the has optional flag when merging property lists

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12123)

6 weeks agoproperty: Move global default properties to the library context.
Pauli [Fri, 12 Jun 2020 00:34:46 +0000 (10:34 +1000)]
property: Move global default properties to the library context.

Fixes a problem where global properties don't work with a NULL query.
Specifying an algorithm with a NULL query ignores the default properties.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12123)

6 weeks agoDOC: Fix link to test/README.external in INSTALL.md
Jean-Christophe Fillion-Robin [Thu, 18 Jun 2020 21:33:16 +0000 (17:33 -0400)]
DOC: Fix link to test/README.external in INSTALL.md

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12198)

6 weeks agoFix potential double free in rsa_keygen pairwise test.
Shane Lontis [Wed, 17 Jun 2020 07:26:47 +0000 (17:26 +1000)]
Fix potential double free in rsa_keygen pairwise test.

It should never hit this branch of code, so there is no feasible test.
Found due to a similar issue in PR #12176.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12177)

6 weeks agoTEST: Pass -no-CAstore in 80-test_ocsp.t
Sebastian Andrzej Siewior [Tue, 16 Jun 2020 21:50:26 +0000 (23:50 +0200)]
TEST: Pass -no-CAstore in 80-test_ocsp.t

Without passing -no-CAstore the default CAstore will be used and the
testsuite will fail the system has certificates installed.

Fixes: #11645

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12171)

6 weeks agoAPPS: Properly pass -no-CAstore
Sebastian Andrzej Siewior [Tue, 16 Jun 2020 21:47:48 +0000 (23:47 +0200)]
APPS: Properly pass -no-CAstore

Since its introduction the option no-CAstore maps to OPT_NOCAPATH and so
behaves like -no-CApath.

Map no-CAstore to OPT_NOCASTORE.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12171)

6 weeks agoAPPS: Fix invoking openssl without a command
Sebastian Andrzej Siewior [Sat, 6 Jun 2020 10:55:59 +0000 (12:55 +0200)]
APPS: Fix invoking openssl without a command

Invoking help with "empty" argc leads to a segfault.
Invoke do_cmd() with help as argument which invokes help_main() with
proper argv.

Fixes #12069

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12070)

6 weeks agoserialization: break the provider locating code to avoid deadlock.
Pauli [Wed, 17 Jun 2020 02:16:10 +0000 (12:16 +1000)]
serialization: break the provider locating code to avoid deadlock.

Find all the suitable implementation names and later decide which is best.
This avoids a lock order inversion.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12173)

6 weeks agoDOCS: Add documentation for EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md_name()
Richard Levitte [Thu, 18 Jun 2020 10:28:36 +0000 (12:28 +0200)]
DOCS: Add documentation for EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md_name()

At the same, align documentation markup to be closer to man-pages(7)
recommendations.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12188)

6 weeks agoFix wrong return value check of mmap function
Tristan Bauer [Thu, 18 Jun 2020 09:45:24 +0000 (11:45 +0200)]
Fix wrong return value check of mmap function

The mmap function never returns NULL. If an error occurs, the function returns MAP_FAILED.

CLA: trivial

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12187)

6 weeks agoMissing documentation missing, let's note that down
Richard Levitte [Thu, 18 Jun 2020 10:37:26 +0000 (12:37 +0200)]
Missing documentation missing, let's note that down

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12125)

6 weeks agoutil/find-doc-nits: Modernise printem()
Richard Levitte [Wed, 17 Jun 2020 20:04:53 +0000 (22:04 +0200)]
util/find-doc-nits: Modernise printem()

It wasn't up to date with the new variables used to track information
on what's documented, what's in the .num files and what's in the
"missing" files.

Fixes #12117

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12125)

6 weeks agoutil/find-doc-nits: Do not read "missing" files when -u is given
Richard Levitte [Fri, 12 Jun 2020 08:38:34 +0000 (10:38 +0200)]
util/find-doc-nits: Do not read "missing" files when -u is given

Fixes #12117

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12125)

6 weeks agotest/run_tests.pl: Document new VFO and VFP modes in INSTALL.md
Dr. David von Oheimb [Sun, 21 Jun 2020 13:44:26 +0000 (15:44 +0200)]
test/run_tests.pl: Document new VFO and VFP modes in INSTALL.md

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)

6 weeks agotest/run_tests.pl: Improve indentation parsing workaround for VFO and VFP mode
Dr. David von Oheimb [Sat, 20 Jun 2020 15:20:20 +0000 (17:20 +0200)]
test/run_tests.pl: Improve indentation parsing workaround for VFO and VFP mode

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)

6 weeks agotest/run_tests.pl: Improve newline output for VFO and VFP mode
Dr. David von Oheimb [Sat, 20 Jun 2020 15:07:52 +0000 (17:07 +0200)]
test/run_tests.pl: Improve newline output for VFO and VFP mode

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)

6 weeks agoSpeed-up for tests in 81-test_cmp_cli_data/test_connection.csv
Dr. David von Oheimb [Sat, 20 Jun 2020 15:22:41 +0000 (17:22 +0200)]
Speed-up for tests in 81-test_cmp_cli_data/test_connection.csv

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)

6 weeks agoDisable tests in cmp_vfy_test.c that make no sense if FUZZING_BUILD_MODE_UNSAFE_FOR_P...
Dr. David von Oheimb [Thu, 18 Jun 2020 05:30:09 +0000 (07:30 +0200)]
Disable tests in cmp_vfy_test.c that make no sense if FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)

6 weeks ago81-test_cmp_cli.t: Disable CLI-based tests in case fuzzing is enabled
Dr. David von Oheimb [Thu, 18 Jun 2020 05:42:22 +0000 (07:42 +0200)]
81-test_cmp_cli.t: Disable CLI-based tests in case fuzzing is enabled

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)

6 weeks ago81-test_cmp_cli.t: Do connections to 127.0.0.1 (e.g., Mock server) without proxy
Dr. David von Oheimb [Thu, 18 Jun 2020 04:33:43 +0000 (06:33 +0200)]
81-test_cmp_cli.t: Do connections to 127.0.0.1 (e.g., Mock server) without proxy

Fixes #12156

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)

6 weeks agoFix CMP -days option range checking and test failing with enable-ubsan
Dr. David von Oheimb [Wed, 17 Jun 2020 06:12:19 +0000 (08:12 +0200)]
Fix CMP -days option range checking and test failing with enable-ubsan

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)

6 weeks agoAdd documentation of OSSL_CRMF_CERTID_dup()
Dr. David von Oheimb [Fri, 19 Jun 2020 18:39:33 +0000 (20:39 +0200)]
Add documentation of OSSL_CRMF_CERTID_dup()

Fixes #12190

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12208)

6 weeks agoPrint CPUINFO also for s390 processors
Patrick Steuer [Sat, 20 Jun 2020 15:59:02 +0000 (17:59 +0200)]
Print CPUINFO also for s390 processors

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12216)

6 weeks ago[doc/man3] finish EC_GROUP_get_field_type documentation
Billy Brumley [Sat, 20 Jun 2020 07:11:11 +0000 (10:11 +0300)]
[doc/man3] finish EC_GROUP_get_field_type documentation

https://github.com/openssl/openssl/pull/11928 documented
`EC_GROUP_get_field_type` behavior in the `man` page but did not add the
name to the function list.

Fixes #12189.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12214)

6 weeks agoFlag RSA secret BNs as consttime on keygen and checks
Nicola Tuveri [Tue, 16 Jun 2020 17:12:13 +0000 (20:12 +0300)]
Flag RSA secret BNs as consttime on keygen and checks

<https://github.com/openssl/openssl/pull/11765> switched the default
code path for keygen.

External testing through TriggerFlow highlighted that in several places
we failed (once more!) to set the `BN_FLG_CONSTTIME` flag on critical
secret values (either long term or temporary values).

This commit tries to make sure that the secret BN values inside the
`rsa struct` are always flagged on creation, and that temporary values
derived from these secrets are flagged when allocated from a BN_CTX.

Acknowledgments
---------------

Thanks to @Voker57, @bbbrumley, @sohhas, @cpereida for the
[OpenSSL Triggerflow CI] ([paper]) through which this defect was detected and
tested, and for providing early feedback to fix the issue!

[OpenSSL Triggerflow CI]: https://gitlab.com/nisec/openssl-triggerflow-ci
[paper]: https://eprint.iacr.org/2019/366

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12167)

6 weeks agoFix one typo in a comment.
FdaSilvaYY [Fri, 19 Jun 2020 21:33:24 +0000 (23:33 +0200)]
Fix one typo in a comment.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12209)

6 weeks agoFix `no-ts` builds.
FdaSilvaYY [Fri, 19 Jun 2020 21:22:09 +0000 (23:22 +0200)]
Fix `no-ts` builds.
`ess_lib.c` is called from `cms` and `ts` modules.

Fixes #12155

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12209)

6 weeks agonamemap: change ossl_namemap_empty() to do what the documentation says.
Pauli [Thu, 18 Jun 2020 01:01:08 +0000 (11:01 +1000)]
namemap: change ossl_namemap_empty() to do what the documentation says.

The function is documented as returning 1 when passed a NULL argument.
Instead it core dumps.  Added a unit test for this.

Additionally, a performance improvement is incorporated.  The namemap
max_number field is only ever compared against zero and incremented.
The zero comparison grabs a lock specifically for this check.  This change
uses TSAN operations instead if they are available.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12181)

6 weeks agoAllow oversized buffers for provider cipher IV fetch
Benjamin Kaduk [Mon, 1 Jun 2020 19:31:55 +0000 (12:31 -0700)]
Allow oversized buffers for provider cipher IV fetch

When we're fetching an IV, there's no need to enforce that the
provided buffer is exactly the same size as the IV we want to
write into it.  This might happen, for example, when
EVP_CIPHER_CTX_iv_noconst() passes sizeof(ctx->iv) (that is,
EVP_MAX_IV_LENGTH) for an AES-GCM cipher that uses a shorter IV.
AES-OCB and CCM were also affected.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12039)