Richard Levitte [Mon, 1 Feb 2021 07:58:58 +0000 (08:58 +0100)]
Allow the sshkdf type to be passed as a single character
This partially reverts commit
270a5ce1d9ea579a2f1d45887971582b1ef2b6a1.
This also slightly modifies the way diverse parameters in are
specified in providers/fips/self_test_data.inc for better consistency.
Fixes #14027
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14035)
Tomas Mraz [Tue, 23 Feb 2021 15:52:49 +0000 (16:52 +0100)]
Cleanup of some of the EVP_PKEY_CTX_ctrl related TODOs
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
Tomas Mraz [Tue, 23 Feb 2021 15:52:21 +0000 (16:52 +0100)]
Fix missing EOL at the end of the rsa/build.info
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
Tomas Mraz [Tue, 23 Feb 2021 15:51:43 +0000 (16:51 +0100)]
Remove inclusion of unnecessary header files
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
Tomas Mraz [Tue, 23 Feb 2021 15:50:21 +0000 (16:50 +0100)]
Use strcasecmp when comparing kdf_type
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
Tomas Mraz [Mon, 22 Feb 2021 12:20:28 +0000 (13:20 +0100)]
speed: Drop deprecated <ALG>_options() calls
Also correction of some code format issues.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14228)
Tomas Mraz [Thu, 18 Feb 2021 09:48:18 +0000 (10:48 +0100)]
speed: Use EVP for ciphers, cmac, ghash, rsa, dsa, and ecdsa
Fixes #13909
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14228)
Tomas Mraz [Mon, 15 Feb 2021 18:45:01 +0000 (19:45 +0100)]
speed: Adapt digests and hmac to always use non-deprecated APIs
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14228)
Tomas Mraz [Mon, 15 Feb 2021 16:24:44 +0000 (17:24 +0100)]
speed: Drop code to handle platforms without SIGALRM
(except for Windows where a separate thread stops the looping)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14228)
Daniel Bevenius [Tue, 23 Feb 2021 12:30:13 +0000 (13:30 +0100)]
Fix typo in comment in DH_set0_pqg function
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14288)
Matt Caswell [Tue, 16 Feb 2021 10:10:26 +0000 (10:10 +0000)]
Test errors from a provider can still be accessed after unload
Providers can create errors that may refer to const strings within the
provider module itself. If the provider gets unloaded we need to be sure
that we can still access the errors in the error stack.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14213)
Matt Caswell [Mon, 15 Feb 2021 16:59:43 +0000 (16:59 +0000)]
Duplicate the file and func error strings
Errors raised from a provider that is subsequently unloaded from memory
may have references to strings representing the file and function that
are no longer present because the provider is no longer in memory. This
can cause crashes. To avoid this we duplicate the file and func strings.
Fixes #13623
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14213)
Pauli [Fri, 25 Sep 2020 00:19:19 +0000 (10:19 +1000)]
provider: add an unquery function to allow providers to clean up.
Without this, a provider has no way to know that an application
has finished with the array it returned earlier. A non-caching provider
requires this information.
Fixes #12974
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12974)
Pauli [Thu, 18 Feb 2021 01:55:04 +0000 (11:55 +1000)]
rand: note that locking needs to be explicitly enabled.
Fixes #13912
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14224)
Tomas Mraz [Mon, 22 Feb 2021 16:28:17 +0000 (17:28 +0100)]
Deprecated EVP_PKEY_CTX_get0_dh_kdf_ukm() and EVP_PKEY_CTX_get0_ecdh_kdf_ukm()
The functions are not needed and require returning octet ptr parameters
from providers that would like to support them which complicates provider
implementations.
Fixes #12985
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14279)
Richard Levitte [Thu, 28 Jan 2021 08:00:58 +0000 (09:00 +0100)]
X509: Refactor X509_PUBKEY processing to include provider side keys
When a SubjectPublicKeyInfo (SPKI) is decoded into an X509_PUBKEY
structure, the corresponding EVP_PKEY is automatically added as well.
This used to only support our built-in keytypes, and only in legacy
form.
This is now refactored by making The ASN1 implementation of the
X509_PUBKEY an EXTERN_ASN1, resulting in a more manual implementation
of the basic support routines. Specifically, the d2i routine will do
what was done in the callback before, and try to interpret the input
as an EVP_PKEY, first in legacy form, and then using OSSL_DECODER.
Fixes #13893
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14281)
Benjamin Kaduk [Wed, 27 May 2020 18:17:07 +0000 (11:17 -0700)]
Remove disabled TLS 1.3 ciphers from the SSL(_CTX)
In ssl_create_cipher_list() we make a pass through the ciphers to
remove those which are disabled in the current libctx. We are
careful to not include such disabled TLS 1.3 ciphers in the final
consolidated cipher list that we produce, but the disabled ciphers
are still kept in the separate stack of TLS 1.3 ciphers associated
with the SSL or SSL_CTX in question. This leads to confusing
results where a cipher is present in the tls13_cipherlist but absent
from the actual cipher list in use. Keep the books in order and
remove the disabled ciphers from the 1.3 cipherlist at the same time
we skip adding them to the active cipher list.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12037)
Richard Levitte [Tue, 23 Feb 2021 22:07:15 +0000 (23:07 +0100)]
make update
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14292)
Richard Levitte [Thu, 26 Nov 2020 20:21:02 +0000 (21:21 +0100)]
appveyor.yml: clarify conditions for building the plain configuration
The "plain" configuration is only meant to be built for an '[extended tests]'
commit, or on the master branch. This isn't at all clear from the
scripts, and furthermore, we "skip" the plain configuration by running
the OpenSSL configuration script... and then nothing more.
Instead, we use AppVeyor configuration issues to specify when and when
not to build the "plain" configuration, and leave it to the scripts to
do the right thing using only $env:EXTENDED_TESTS.
Fixes #7958
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13537)
Richard Levitte [Mon, 22 Feb 2021 05:52:41 +0000 (06:52 +0100)]
make update
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14269)
Richard Levitte [Mon, 22 Feb 2021 05:49:24 +0000 (06:49 +0100)]
Generate doc/build.info with 'make update' rather than on the fly
doc/build.info was essentially generated on the fly while running
Configure, something that takes a huge amount of time on slower file
systems (such as Windows).
Instead, we generate it with 'make update', saving the user from
having to wait for too long, at the small price for developers to have
to run 'make update' whenever they write a new manual file.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14269)
Pauli [Sat, 20 Feb 2021 02:48:33 +0000 (12:48 +1000)]
changes: note the deprecation of RAND_METHOD APIs
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
Pauli [Wed, 17 Feb 2021 23:16:26 +0000 (09:16 +1000)]
provider: add option to load a provider without disabling the fallbacks.
Add an argument to PROVIDER_try_load() that permits a provider to be
loaded without changing the fallback status. This is useful when an
additional provider needs to be loaded without perturbing any other setup.
E.g. adding mock providers as part of unit testing.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
Pauli [Wed, 17 Feb 2021 01:55:13 +0000 (11:55 +1000)]
test: update tests to use the fake random number generator
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
Pauli [Wed, 17 Feb 2021 01:54:48 +0000 (11:54 +1000)]
test: make the DRBG test work without RAND_METHOD support.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
Pauli [Wed, 17 Feb 2021 01:54:01 +0000 (11:54 +1000)]
test: add framework for generic fake random number generator
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
Pauli [Tue, 16 Feb 2021 03:32:07 +0000 (13:32 +1000)]
rand: add DRBG/seed setting functions
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
Pauli [Sun, 21 Feb 2021 23:45:37 +0000 (09:45 +1000)]
rand: allow lock/unlock functions to be absent
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
Pauli [Thu, 10 Dec 2020 02:05:11 +0000 (12:05 +1000)]
RAND_METHOD deprecation: code changes
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
Pauli [Thu, 10 Dec 2020 02:04:58 +0000 (12:04 +1000)]
RAND_METHOD deprecation: fuzzer
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
Pauli [Thu, 10 Dec 2020 02:04:45 +0000 (12:04 +1000)]
RAND_METHOD deprecation: tests
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
Pauli [Thu, 10 Dec 2020 02:04:27 +0000 (12:04 +1000)]
RAND_METHOD deprecation: documentation
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
Richard Levitte [Wed, 10 Feb 2021 18:00:05 +0000 (19:00 +0100)]
EVP: Adapt the EC_KEY specific EVP_PKEY_CTX setter / getter functions
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
Richard Levitte [Wed, 10 Feb 2021 17:58:01 +0000 (18:58 +0100)]
EVP: Make checks in evp_pkey_ctx_store_cached_data() more restricted
It would check the keytype and optype before determining if it even
supported the ctrl command number. This turned out to be disruptive,
so we make it check that it supports the request ctrl command number
first.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
Richard Levitte [Mon, 25 Jan 2021 14:38:32 +0000 (15:38 +0100)]
EVP: Adapt the RSA specific EVP_PKEY_CTX setter / getter functions
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
Richard Levitte [Mon, 25 Jan 2021 14:31:01 +0000 (15:31 +0100)]
EVP: Adapt the DH specific EVP_PKEY_CTX setter / getter functions
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
Richard Levitte [Wed, 20 Jan 2021 22:13:45 +0000 (23:13 +0100)]
EVP: Adapt the EVP_PKEY_CTX ctrl functions
legacy_ctrl_to_param() and legacy_ctrl_str_to_param() are now
replaced with calls to evp_pkey_ctx_ctrl_to_param() and
evp_pkey_ctx_ctrl_str_to_param().
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
Richard Levitte [Wed, 20 Jan 2021 22:10:48 +0000 (23:10 +0100)]
EVP: Adapt diverse OSSL_PARAM setters and getters
EVP_PKEY_get_group_name() now simply calls EVP_PKEY_get_utf8_string_param().
EVP_PKEY_CTX_set_group_name() now simply calls EVP_PKEY_CTX_set_params().
EVP_PKEY_get_bn_param(), EVP_PKEY_get_octet_string_param(),
EVP_PKEY_get_utf8_string_param() and EVP_PKEY_get_int_param() can now
handle legacy EVP_PKEYs by calling evp_pkey_get_params_to_ctrl().
EVP_PKEY_CTX_get_params() can now handle a legacy backed EVP_PKEY_CTX
by calling evp_pkey_ctx_get_params_to_ctrl().
Note: EVP_PKEY_CTX_set_params() doesn't call the translator yet.
Should it ever?
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
Richard Levitte [Wed, 10 Feb 2021 15:56:57 +0000 (16:56 +0100)]
EVP: Make evp_pkey_ctx_{set,get}_params_strict() legacy aware
In the interest of calling these functions on legacy EVP_PKEY
contexts, only check the settable / gettable params for provider side
keys, leaving to the translated EVP_PKEY_CTX_ctrl() call check the
ctrl commands on its own.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
Richard Levitte [Wed, 20 Jan 2021 22:04:53 +0000 (23:04 +0100)]
EVP: Implement data-driven translation between known ctrl and OSSL_PARAMs
The idea is to make it as transparent as possible to call things like
EVP_PKEY_CTX_ctrl() with a provider backed EVP_PKEY_CTX, or things
like EVP_PKEY_get_bn_param() with a legacy EVP_PKEY.
All these sorts of calls demand that we translate between ctrl
commands and OSSL_PARAM keys, and treat the arguments appropriately.
This implementation has it being as data driven as possible, thereby
centralizing everything into one table of translation data, which
supports both directions.
Fixes #13528
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
Richard Levitte [Mon, 8 Feb 2021 16:25:41 +0000 (17:25 +0100)]
EVP: make evp_pkey_is_assigned() usable in the FIPS module
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
Richard Levitte [Mon, 25 Jan 2021 14:24:46 +0000 (15:24 +0100)]
EVP: Make evp_pkey_ctx_state() available to all of EVP
This will help with transitioning diverse functions to be able to use the
ctrl<->OSSL_PARAM translators.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
Richard Levitte [Wed, 10 Feb 2021 15:55:19 +0000 (16:55 +0100)]
EVP: Implement EVP_PKEY_CTX_is_a()
This does what was previously done by looking at pctx->pmeth->pkey_id,
but handles both legacy and provider side contexts, and is supposed to
become a replacement for the old way.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)
Richard Levitte [Mon, 22 Feb 2021 06:37:06 +0000 (07:37 +0100)]
util/perl/OpenSSL/config.pm: Add VMS specific C compiler settings
That includes proper compiler version detection.
Partially fixes #14247
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14270)
Richard Levitte [Mon, 22 Feb 2021 06:29:03 +0000 (07:29 +0100)]
util/perl/OpenSSL/config.pm: Fix determine_compiler_settings()
There may be times when a compiler can't be detected, in which case
determine_compiler_settings() bailed out too early, before platform
specific fallbacks have a chance to set the record straight. That
bail out has been moved to be done after the platform specific
fallbacks.
Furthermore, the attempt to check for gcc or clang and get their
version number was done even if no compiler had been automatically
detected or pre-specified via $CC. It now only does this when there
is a compiler specified or detected. The platform specific fallbacks
check the versions separately.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14270)
Shane Lontis [Mon, 22 Feb 2021 03:03:21 +0000 (13:03 +1000)]
Add back in legacy paths for d2i_PrivateKey/d2i_AutoPrivateKey.
Fixes #14263
If the new decoder code fails, it now falls back to the old legacy code
and tries that also.
Tested manually using gost engine master.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14266)
Matt Caswell [Fri, 19 Feb 2021 15:57:01 +0000 (15:57 +0000)]
Fix no-tests on mingw
Using the no-tests option on mingw in an out-of-source build tree was
failing.
Fixes #14246
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14249)
Matt Caswell [Thu, 18 Feb 2021 11:44:52 +0000 (11:44 +0000)]
Note that the OSSL_CORE_MAKE_FUNC macro is reserved
The OSSL_CORE_MAKE_FUNC macro has been added since 1.1.1 and is
undocumented. However it is not intended for application use and so we
document it as "reserved".
Fixes #13192
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14232)
Matt Caswell [Wed, 17 Feb 2021 17:41:10 +0000 (17:41 +0000)]
Document the OSSL_PARAM_DEFN macro
This macro was added since 1.1.1 and was undocumented.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14232)
Matt Caswell [Wed, 17 Feb 2021 17:22:35 +0000 (17:22 +0000)]
Add documentation for the macro OPENSSL_VERSION_PREREQ
This macro was added since 1.1.1 but had no associated documentation.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14232)
Matt Caswell [Wed, 17 Feb 2021 17:06:41 +0000 (17:06 +0000)]
Document OPENSSL_LH_flush()
The function OPENSSL_LH_flush() was added since 1.1.1 and was
undocumented. We also add documentation for some other OPENSSL_LH_*()
functions at the same time.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14232)
Matt Caswell [Wed, 17 Feb 2021 16:37:40 +0000 (16:37 +0000)]
Suppress errors about undocumented asn1_d2i_read_bio
asn1_d2i_read_bio is exported by libcrypto but is only intended
for internal usage, and does not exist in our public headers.
Therefore we suppress errors about it being a newly added
undocumented symbol.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14232)
Petr Gotthard [Sun, 10 Jan 2021 20:26:32 +0000 (21:26 +0100)]
Fix -pkeyopt handling in apps/pkeyutl -rawin
The EVP_DigestSignInit and EVP_DigestVerifyInit actually have to
be initialized before EVP_PKEY_CTX_ctrl_str is invoked.
Otherwise, when the ctx not initialized, the ctrl command fails.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13828)
Dr. David von Oheimb [Thu, 21 Jan 2021 11:36:58 +0000 (12:36 +0100)]
Handle NULL result of ERR_reason_error_string() in some apps
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13920)
Shane Lontis [Wed, 17 Feb 2021 03:00:34 +0000 (13:00 +1000)]
Add EVP_PKEY_public_check_quick.
Adding the EVP_PKEY_param_check_quick() reminded me that there are also
partial checks for public keys as part of SP800-56A for FFC (DH named safe
prime groups) and ECC. The code was mainly already there and just needed
to be plumbed into the validate methods.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14206)
Shane Lontis [Fri, 19 Feb 2021 07:29:29 +0000 (17:29 +1000)]
Fix external symbols for pkcs7.
Partial fix for #12964
This adds ossl_ names for symbols related to pkcs7_*
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14241)
Shane Lontis [Thu, 18 Feb 2021 04:03:25 +0000 (14:03 +1000)]
Fix external symbols for cms.
Partial fix for #12964
This adds ossl_ names for symbols related to cms_* and ess_*
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14241)
jwalch [Fri, 19 Feb 2021 22:58:17 +0000 (17:58 -0500)]
-Wunused-function cleanup
core_dispatch.h seems to be the source of some compiler warnings with legacy applications in alpha12 now that it is implicitly exported via evp.h
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14260)
Richard Levitte [Fri, 19 Feb 2021 09:16:04 +0000 (10:16 +0100)]
DECODER: Add better tracing of the chain walking process
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14233)
Richard Levitte [Thu, 18 Feb 2021 12:18:53 +0000 (13:18 +0100)]
DECODER: Use the data structure from the last decoder to select the next
Any decoder can now also declare the name of the data structure for
the object it decoded in the OSSL_PARAM array they pass back to the
decoding process. The decoding process will use that as another
criterion to select the next decoder in the chain to consider.
Together with declaring the data type, this becomes a means to refine
how the decoded data is treated along the chain.
Fixes #13539
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14233)
John Baldwin [Fri, 29 Jan 2021 18:34:49 +0000 (10:34 -0800)]
Correct the return value of BIO_get_ktls_*().
BIO_get_ktls_send() and BIO_get_ktls_recv() are documented as
returning either 0 or 1. However, they were actually returning the
internal value of the associated BIO flag for the true case instead of
1.
Also trim redundant ternary operators.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14023)
Dr. David von Oheimb [Wed, 20 Jan 2021 19:41:15 +0000 (20:41 +0100)]
CMP: Fix total_timeout behavior; small doc and diagnostic improvements
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14019)
Dr. David von Oheimb [Sat, 23 Jan 2021 11:52:21 +0000 (12:52 +0100)]
81-test_cmp_cli_data: fixup on CSR test cases
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14019)
Chenglong Zhang [Wed, 10 Feb 2021 09:52:29 +0000 (17:52 +0800)]
Fix speed sm2 bug
Should create PKEY CTX with EVP_PKEY_SM2;
each job should have its own sm2_pkey;
loopargs[i].sigsize should be set after EVP_DigestSign().
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14144)
Zhang Jinde [Thu, 24 Sep 2020 06:48:28 +0000 (14:48 +0800)]
CRYPTO_gcm128_decrypt: fix mac or tag calculation
The incorrect code is in #ifdef branch that is normally
not compiled in.
Signed-off-by: Zhang Jinde <zjd5536@163.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12968)
Shane Lontis [Fri, 19 Feb 2021 09:43:16 +0000 (19:43 +1000)]
Fix merge problem in d2i_PrivateKey_ex
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14243)
Shane Lontis [Wed, 17 Feb 2021 03:13:51 +0000 (13:13 +1000)]
Fix DH ASN1 decode so that it detects named groups.
The dh->nid was not being set if the loaded p,g matched an inbuilt named
group for "DH".
NOTE: The "DHX" related path already worked since it calls DH_set0_pqg()
(which does the name group check).
This bug was detected when new tests were added for dh5114 groups, combined
with the no-cache tests i.e. loading+import+export set the nid,
but just loading did not.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14207)
Shane Lontis [Wed, 2 Dec 2020 07:52:24 +0000 (17:52 +1000)]
Fix d2i_AutoPrivateKey_ex so that is uses the new decoder (and produces
non legacy keys).
Fixes #13522
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13591)
Pauli [Wed, 17 Feb 2021 23:55:11 +0000 (09:55 +1000)]
doc: remove notes section in OSSL_ENCODER.pod
Fixes #14212
The note wasn't adding anything useful.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14220)
Georg Höllrigl [Fri, 12 Feb 2021 18:26:20 +0000 (19:26 +0100)]
rfc2606 compliant example domains for x509v3_config.pod
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14210)
georg-x [Fri, 12 Feb 2021 18:15:00 +0000 (19:15 +0100)]
Various improvements of doc/man5/x509v3_config.pod
include is the better word
Co-authored-by: kaduk <kaduk-github@mit.edu>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14210)
Matt Caswell [Sat, 13 Feb 2021 14:24:15 +0000 (14:24 +0000)]
Pass the object type and data structure from the pem2der decoder
The pem2der decoder can infer certain information about the endoded der
data based on the PEM headers. This information should be passed to the
next decoders in the chain to ensure we end up loading the correct type of
thing.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14191)
Matt Caswell [Thu, 11 Feb 2021 16:32:58 +0000 (16:32 +0000)]
Don't forget the type of thing we are loading
The apps helper function load_key_certs_crls() is a general purpose
function for loading different types of objects from a given URI. It
sets up an OSSL_STORE and calls OSSL_STORE_expect() so that the store
knows what type of thing to expect to load. Unfortunately this wasn't
working and was always setting "expect" to 0 - which means "anything".
Fixes #13709
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14191)
Richard Levitte [Sat, 13 Feb 2021 05:49:05 +0000 (06:49 +0100)]
Adjust the few places where the string length was confused
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14168)
Richard Levitte [Fri, 12 Feb 2021 19:30:40 +0000 (20:30 +0100)]
OSSL_PARAM: Correct the assumptions on the UTF8 string length
When the string "ABCDEFGH" is passed, what's considered its data, this?
{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H' }
or this?
{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', '\0' }
If it's passed as a pass phrase, should the terminating NUL byte be
considered part of the pass phrase, or not?
Our treatment of OSSL_PARAMs with the data type OSSL_PARAM_UTF8_STRING
set the length of the string to include the terminating NUL byte,
which is quite confusing. What should the recipient of such a string
believe?
Instead of perpetuating this confusion, we change the assumption to
set the OSSL_PARAM to the length of the string, not including the
terminating NUL byte, thereby giving it the same value as a strlen()
call would give.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14168)
Dr. David von Oheimb [Wed, 17 Feb 2021 11:29:39 +0000 (12:29 +0100)]
Rename internal X509_add_cert_new() to ossl_x509_add_cert_new()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14039)
Dr. David von Oheimb [Wed, 23 Dec 2020 15:06:05 +0000 (16:06 +0100)]
Add internal X509_add_certs_new(), which simplifies matters
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14039)
Matt Caswell [Thu, 18 Feb 2021 15:09:04 +0000 (15:09 +0000)]
Prepare for 3.0 alpha 13
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Matt Caswell [Thu, 18 Feb 2021 15:08:53 +0000 (15:08 +0000)]
Prepare for release of 3.0 alpha 12
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Matt Caswell [Thu, 18 Feb 2021 14:57:13 +0000 (14:57 +0000)]
Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)
Shane Lontis [Wed, 17 Feb 2021 10:01:34 +0000 (20:01 +1000)]
Fix external symbols related to provider related security checks for
keys and digests.
Partial fix for #12964
This adds ossl_ names for the following symbols:
digest_get_approved_nid, digest_get_approved_nid_with_sha1
digest_is_allowed, digest_md_to_nid, digest_rsa_sign_get_md_nid,
securitycheck_enabled,
dh_check_key, dsa_check_key, ec_check_key,
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14211)
Shane Lontis [Wed, 17 Feb 2021 09:56:35 +0000 (19:56 +1000)]
Fix external symbols in the provider digest implementations.
Partial fix for #12964
This adds ossl_ names for the following symbols:
blake2b512_init,blake2b_final,blake2b_init,blake2b_init_key,
blake2b_param_init,blake2b_param_set_digest_length,blake2b_param_set_key_length,
blake2b_param_set_personal,blake2b_param_set_salt,blake2b_update,
blake2s256_init,blake2s_final,blake2s_init,blake2s_init_key,
blake2s_param_init,blake2s_param_set_digest_length,blake2s_param_set_key_length,
blake2s_param_set_personal,blake2s_param_set_salt,blake2s_update,
digest_default_get_params,digest_default_gettable_params
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14211)
zekeevans-mf [Thu, 21 Jan 2021 19:24:51 +0000 (12:24 -0700)]
Add deep copy of propq field in mac_dupctx to avoid double free
mac_dupctx() should make a copy of the propq field. Currently it
does a shallow copy which can result in a double free and crash.
The double free occurs when using a provider property string.
For example, passing in "fips=no" to SSL_CTX_new_ex() causes the
propq field to get set to that value. When mac_dupctx() and
mac_freectx() is called (ie: in SSL_write()) it ends up freeing
the reference of the original object instead of a copy.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13926)
Sahana Prasad [Mon, 25 Jan 2021 13:44:29 +0000 (14:44 +0100)]
DH: Make DH_bits(), DH_size(), and DH_security_bits() check that there are key parameters
Fixes #13569
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13955)
Dr. David von Oheimb [Thu, 11 Feb 2021 20:07:14 +0000 (21:07 +0100)]
chain_build(): Call verify_cb_cert() if a preliminary error has become final
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14157)
Tomas Mraz [Wed, 10 Feb 2021 17:44:00 +0000 (18:44 +0100)]
dsa_check: Perform simple parameter check if seed is not available
Added primality check on p and q in the ossl_ffc_params_simple_validate().
Checking for p and q sizes in the default provider is made more
lenient.
Added two testcases for invalid parameters.
Fixes #13950
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14148)
Dmitry Belyavskiy [Fri, 22 Jan 2021 12:44:16 +0000 (13:44 +0100)]
DSA parameter check using pkeyparam
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14148)
Shane Lontis [Wed, 17 Feb 2021 07:54:29 +0000 (17:54 +1000)]
Fix external symbols in the provider cipher implementations.
Partial fix for #12964
This add ossl_ names for the following symbols.
chacha20_dinit, chacha20_einit, chacha20_initctx,
ccm_cipher, ccm_dinit, ccm_einit, ccm_generic_auth_decrypt, ccm_generic_auth_encrypt,
ccm_generic_gettag, ccm_generic_setaad, ccm_generic_setiv, ccm_get_ctx_params,
ccm_initctx, ccm_set_ctx_params, ccm_stream_final, ccm_stream_update
gcm_aad_update, gcm_cipher, gcm_cipher_final, gcm_cipher_update
gcm_dinit, gcm_einit, gcm_get_ctx_params, gcm_initctx, gcm_one_shot
gcm_set_ctx_params, gcm_setiv, gcm_stream_final, gcm_stream_update
tdes_dinit, tdes_dupctx, tdes_einit, tdes_freectx
tdes_get_ctx_params, tdes_gettable_ctx_params, tdes_newctx
PROV_CIPHER_HW_des_*,
padblock, unpadblock, tlsunpadblock, fillblock, trailingdata
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14209)
Dr. David von Oheimb [Mon, 15 Feb 2021 09:24:58 +0000 (10:24 +0100)]
x509_vfy: fix mem leaks in chain_build() on malloc error Coverify CID
1473068
Fixes: Variable "sk_untrusted" going out of scope leaks the storage it points to.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14187)
Dr. David von Oheimb [Sun, 14 Feb 2021 19:25:42 +0000 (20:25 +0100)]
apps/cmp.c: Improve initialization of ext_ctx structure w.r.t. CSR
Also improve doc how the -reqexts option affects the CSR given with the -csr option.
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14181)
Dr. David von Oheimb [Sun, 14 Feb 2021 19:12:38 +0000 (20:12 +0100)]
apps/ca.c: Make sure ext_ctx structure gets initialized
Fixes #14175
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14181)
Tomas Mraz [Thu, 11 Feb 2021 15:57:37 +0000 (16:57 +0100)]
Rename OSSL_ENCODER_CTX_new_by_EVP_PKEY and OSSL_DECODER_CTX_new_by_EVP_PKEY
Additional renames done in encoder and decoder implementation
to follow the style.
Fixes #13622
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14155)
Richard Levitte [Tue, 16 Feb 2021 00:19:58 +0000 (01:19 +0100)]
Fix backward incompatibility revolving around OSSL_HTTP_REQ_CTX_sendreq_d2i()
The OSSL_HTTP_REQ_CTX API has a few changes compared to the older
OCSP_REQ_CTX API which are not quite obvious at first sight.
The old OCSP_REQ_CTX_nbio_d2i() took three arguments, of which one is
an output argument, and return an int, while the newer
OSSL_HTTP_REQ_CTX_sendreq_d2i() returns the value directly and thereby
takes one less argument.
The mapping from the old to the new wasn't quite right, this corrects
it, along with a couple of X509 macros that needed the same kind of
fix.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/14196)
Nicola Tuveri [Fri, 22 Jan 2021 16:50:12 +0000 (18:50 +0200)]
[doc/man3][OSSL_ENCODER] Move NOTES to the bottom
For consistency with `OSSL_DECODER.pod`, and `man-pages(7)`, the `NOTES`
section is moved at the end of the file.
According to `man-pages(7)` the recommended section order is:
> NAME
> SYNOPSIS
> CONFIGURATION [Normally only in Section 4]
> DESCRIPTION
> OPTIONS [Normally only in Sections 1, 8]
> EXIT STATUS [Normally only in Sections 1, 8]
> RETURN VALUE [Normally only in Sections 2, 3]
> ERRORS [Typically only in Sections 2, 3]
> ENVIRONMENT
> FILES
> VERSIONS [Normally only in Sections 2, 3]
> CONFORMING TO
> NOTES
> BUGS
> EXAMPLE
> SEE ALSO
This commit does not attempt to fix the order in all pages but focuses
only on `OSSL_ENCODER` which has a "twin" man page in `OSSL_DECODER`,
making the inconsistent section order quite jarring.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13932)
Nicola Tuveri [Fri, 22 Jan 2021 16:45:07 +0000 (18:45 +0200)]
[doc/man3] Fix typo in DESCRIPTION of OSSL_ENCODER_properties
This commit fixes the DECSCRIPTION section of doc/man3/OSSL_ENCODER.pod,
where `OSSL_ENCODER_properties` was incorrectly referred to as
`OSSL_ENCODER_provider`.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13932)
Pauli [Fri, 12 Feb 2021 03:20:09 +0000 (13:20 +1000)]
doc: document the two new RAND functions
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14162)
Pauli [Fri, 12 Feb 2021 02:54:59 +0000 (12:54 +1000)]
rand: update DRBGs to use the get_entropy call for seeding
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14162)
Pauli [Fri, 12 Feb 2021 02:45:03 +0000 (12:45 +1000)]
core: add get_entropy and clear_entropy calls to RAND
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14162)
Pauli [Fri, 12 Feb 2021 02:44:43 +0000 (12:44 +1000)]
RNG test: add get_entropy hook for testing.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14162)
Pauli [Fri, 12 Feb 2021 02:44:21 +0000 (12:44 +1000)]
RNG seed: add get_entropy hook for seeding.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14162)