Richard Levitte [Wed, 22 Jul 2020 20:54:54 +0000 (22:54 +0200)]
STORE: Add the base functions to support provider based loaders
This includes fixing a bug that could only be discovered when no
loaders were registered.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12512)
Richard Levitte [Wed, 22 Jul 2020 20:54:42 +0000 (22:54 +0200)]
STORE for providers: define libcrypto <-> provider interface
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12512)
Richard Levitte [Sun, 26 Jul 2020 07:21:29 +0000 (09:21 +0200)]
STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx()
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12512)
Richard Levitte [Sun, 2 Aug 2020 10:14:19 +0000 (12:14 +0200)]
CORE: Generalise internal pass phrase prompter
The pass phrase prompter that's part of OSSL_ENCODER and OSSL_DECODER
is really a passphrase callback bridge between the diverse forms of
prompters that exist within OpenSSL: pem_password_cb, ui_method and
OSSL_PASSPHRASE_CALLBACK.
This can be generalised, to be re-used by other parts of OpenSSL, and
to thereby allow the users to specify whatever form of pass phrase
callback they need, while being able to pass that on to other APIs
that are called internally, in the form that those APIs demand.
Additionally, we throw in the possibility to cache pass phrases during
a "session" (we leave it to each API to define what a "session" is).
This is useful for any API that implements discovery and therefore may
need to get the same password more than once, such as OSSL_DECODER and
OSSL_STORE.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12512)
Richard Levitte [Wed, 22 Jul 2020 13:34:25 +0000 (15:34 +0200)]
CORE: Define provider-native abstract objects
This is placed as CORE because the core of libcrypto is the authority
for what is possible to do and what's required to make these abstract
objects work.
In essence, an abstract object is an OSSL_PARAM array with well
defined parameter keys and values:
- an object type, which is a number indicating what kind of
libcrypto structure the object in question can be used with. The
currently possible numbers are defined in <openssl/core_object.h>.
- an object data type, which is a string that indicates more closely
what the contents of the object are.
- the object data, an octet string. The exact encoding used depends
on the context in which it's used. For example, the decoder
sub-system accepts any encoding, as long as there is a decoder
implementation that takes that as input. If central code is to
handle the data directly, DER encoding is assumed. (*)
- an object reference, also an octet string. This octet string is
not the object contents, just a mere reference to a provider-native
object. (**)
- an object description, which is a human readable text string that
can be displayed if some software desires to do so.
The intent is that certain provider-native operations (called X
here) are able to return any sort of object that belong with other
operations, or an object that has no provider support otherwise.
(*) A future extension might be to be able to specify encoding.
(**) The possible mechanisms for dealing with object references are:
- An object loading function in the target operation. The exact
target operation is determined by the object type (for example,
OSSL_OBJECT_PKEY implies that the target operation is a KEYMGMT)
and the implementation to be fetched by its object data type (for
an OSSL_OBJECT_PKEY, that's the KEYMGMT keytype to be fetched).
This loading function is only useful for this if the implementations
that are involved (X and KEYMGMT, for example) are from the same
provider.
- An object exporter function in the operation X implementation.
That exporter function can be used to export the object data in
OSSL_PARAM form that can be imported by a target operation's
import function. This can be used when it's not possible to fetch
the target operation implementation from the same provider.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12512)
Shane Lontis [Tue, 11 Aug 2020 07:50:13 +0000 (17:50 +1000)]
Fix coverity CID #
1452770 - Dereference before NULL check in CRYPTO_siv128_init()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 07:31:11 +0000 (17:31 +1000)]
Fix coverity CID #
1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 07:18:31 +0000 (17:18 +1000)]
Fix coverity CID #
1452775 & #
1452772- Dereference before NULL check in evp_lib.c
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 07:09:18 +0000 (17:09 +1000)]
Fix coverity CID #
1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 07:01:07 +0000 (17:01 +1000)]
Fix coverity CID #
1455335 - Dereference after NULL check in fromdata_init()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 06:50:10 +0000 (16:50 +1000)]
Fix coverity CID #
1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 06:41:51 +0000 (16:41 +1000)]
Fix coverity CID #
1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 06:33:19 +0000 (16:33 +1000)]
Fix coverity CID #
1458645 - Dereference before NULL check in rsa_digest_verify_final()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 06:28:00 +0000 (16:28 +1000)]
Fix coverity CID #
1458647 - Use after free in clean_tbuf() which uses ctx->rsa
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 06:23:28 +0000 (16:23 +1000)]
Fix coverity CID #
1458648 - Wrong sizeof() arg in rsa_freectx()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 05:56:17 +0000 (15:56 +1000)]
Fix coverity CID #
1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 05:41:54 +0000 (15:41 +1000)]
Fix coverity CID #
1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 05:36:49 +0000 (15:36 +1000)]
Fix coverity CID #
1465790 - Dereference after NULL check in evp_test.c
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 05:24:52 +0000 (15:24 +1000)]
Fix coverity CID #
1465794 - Uninitialized pointer read in x942_encode_otherinfo()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 05:21:30 +0000 (15:21 +1000)]
Fix coverity CID #
1465795 - Incorrect free deallocator used in SSL_add1_host()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 05:17:17 +0000 (15:17 +1000)]
Fix coverity CID #
1465797 - Negative loop bound in collect_deserializer
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Shane Lontis [Tue, 11 Aug 2020 05:03:42 +0000 (15:03 +1000)]
Fix coverity CID #
1465594 - Null dereference in EVP_PKEY_get0()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)
Dr. David von Oheimb [Wed, 19 Aug 2020 10:23:52 +0000 (12:23 +0200)]
run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12682)
Shane Lontis [Thu, 20 Aug 2020 03:28:11 +0000 (13:28 +1000)]
Fix CMS so that it still works with non fetchable algorithms.
Fixes #12633
For CMS the Gost engine still requires calls to EVP_get_digestbyname() and EVP_get_cipherbyname() when
EVP_MD_fetch() and EVP_CIPHER_fetch() return NULL.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12689)
Robert Jędrzejczyk [Sat, 22 Aug 2020 05:05:56 +0000 (15:05 +1000)]
Windows get ENV value as UTF-8 encoded string instead of a raw string
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12657)
Shane Lontis [Sat, 22 Aug 2020 04:55:41 +0000 (14:55 +1000)]
Add Explicit EC parameter support to providers.
This was added for backward compatability.
Added EC_GROUP_new_from_params() that supports explicit curve parameters.
This fixes the 15-test_genec.t TODO.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12604)
Richard Levitte [Thu, 20 Aug 2020 07:33:01 +0000 (09:33 +0200)]
Clean away some declarations
dsa_algorithmidentifier_encoding(), ecdsa_algorithmidentifier_encoding(),
rsa_algorithmidentifier_encoding() have been replaced with DER writer
functions, so they aren't useful any more.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12693)
Richard Levitte [Sun, 16 Aug 2020 19:26:13 +0000 (21:26 +0200)]
Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12660)
Richard Levitte [Sun, 16 Aug 2020 19:25:08 +0000 (21:25 +0200)]
Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
Fixes #12455
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12660)
Richard Levitte [Sun, 16 Aug 2020 19:22:02 +0000 (21:22 +0200)]
Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE
These are the scripts that do the deed.
Fixes #12455
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12660)
Dr. David von Oheimb [Tue, 18 Aug 2020 22:48:57 +0000 (00:48 +0200)]
Add libctx/provider support to cmp_msg_test
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Tue, 18 Aug 2020 15:14:19 +0000 (17:14 +0200)]
Add libctx/provider support to cmp_protect_test
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Tue, 18 Aug 2020 15:04:54 +0000 (17:04 +0200)]
Add libctx/provider support to cmp_vfy_test
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 12 Aug 2020 20:20:23 +0000 (22:20 +0200)]
Add libctx/provider support to cmp_client_test
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Thu, 13 Aug 2020 15:44:54 +0000 (17:44 +0200)]
Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 12 Aug 2020 20:15:24 +0000 (22:15 +0200)]
cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 13 May 2020 14:03:26 +0000 (16:03 +0200)]
cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 13 May 2020 10:19:16 +0000 (12:19 +0200)]
cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 12 Aug 2020 17:16:03 +0000 (19:16 +0200)]
crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Shane Lontis [Thu, 14 May 2020 02:32:44 +0000 (12:32 +1000)]
Add libctx/provider support to cmp_server_test
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 13 May 2020 09:58:52 +0000 (11:58 +0200)]
Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 13 May 2020 07:28:24 +0000 (09:28 +0200)]
Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()
Also remove not really to-the-point error message if call fails in apps/cmp.c
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Tue, 18 Aug 2020 14:03:29 +0000 (16:03 +0200)]
cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 13 May 2020 12:04:18 +0000 (14:04 +0200)]
Update CMP header file references in internal CMP documentation
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Thu, 14 May 2020 19:09:49 +0000 (21:09 +0200)]
Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 12 Aug 2020 19:07:12 +0000 (21:07 +0200)]
x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Thu, 14 May 2020 09:27:43 +0000 (11:27 +0200)]
Re-word null->empty property; improve iteration.count example in property.pod
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 12 Aug 2020 05:46:57 +0000 (07:46 +0200)]
testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 12 Aug 2020 18:24:26 +0000 (20:24 +0200)]
testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Fri, 15 May 2020 16:46:59 +0000 (18:46 +0200)]
Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN}
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 12 Aug 2020 20:11:42 +0000 (22:11 +0200)]
Add prerequisite #include directives to include/crypto/x509.h
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Dr. David von Oheimb [Wed, 12 Aug 2020 20:07:51 +0000 (22:07 +0200)]
Make sure x509v3_cache_extensions() does not modify the error queue
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Shane Lontis [Wed, 19 Aug 2020 09:38:03 +0000 (19:38 +1000)]
Fix incorrect selection flags for ec serializer.
Fixes #12630
ec_import requires domain parameters to be part of the selection.
The public and private serialisers were not selecting the correct flags so the import was failing.
Added a test that uses the base provider so that a export/import happens for serialization.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12681)
Matt Caswell [Tue, 18 Aug 2020 16:25:51 +0000 (17:25 +0100)]
Test mte with stitched ciphersuites in TLSv1.0
The previous commit fixed a bug with mte, stitched ciphersuites and
TLSv1.0. We now add a test for that scenario.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12670)
Matt Caswell [Tue, 18 Aug 2020 11:28:45 +0000 (12:28 +0100)]
Fix stitched ciphersuites in TLS1.0
TLS1.0 does not have an explicit IV in the record, and therefore we should
not attempt to remove it.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12670)
Dr. David von Oheimb [Sun, 16 Aug 2020 13:25:27 +0000 (15:25 +0200)]
Make better use of new load_cert_pass() variant of load_cert() in apps/
allows loading password-protected PKCS#12 files in x509, ca, s_client, s_server
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12647)
Dr. David von Oheimb [Fri, 14 Aug 2020 19:58:34 +0000 (21:58 +0200)]
apps: make use of OSSL_STORE for generalized certs and CRLs loading
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12647)
Dr. David von Oheimb [Wed, 12 Aug 2020 15:37:50 +0000 (17:37 +0200)]
Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8}
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12639)
Richard Levitte [Tue, 18 Aug 2020 19:45:19 +0000 (21:45 +0200)]
TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex()
test/evp_test.c and test/sslapitest.c are affected. This allows them
to decode keys found in stanza files via provider decoder implementations
when a library context other than the default should be used.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12673)
Richard Levitte [Tue, 18 Aug 2020 19:38:56 +0000 (21:38 +0200)]
PEM: Add more library context aware PEM readers
PEM_read_bio_PUBKEY_ex() and PEM_read_bio_Parameters_ex() are added to
complete PEM_read_bio_PrivateKey_ex(). They are all refactored to be
wrappers around the same internal function.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12673)
Richard Levitte [Thu, 30 Jul 2020 08:09:43 +0000 (10:09 +0200)]
STORE: Distinguish public keys from private keys
While public keys and private keys use the same type (EVP_PKEY), just
with different contents, callers still need to distinguish between the
two to be able to know what functions to call with them (for example,
to be able to choose between EVP_PKEY_print_private() and
EVP_PKEY_print_public()).
The OSSL_STORE backend knows what it loaded, so it has the capacity to
inform.
Note that the same as usual still applies, that a private key EVP_PKEY
contains the public parts, but not necessarily the other way around.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12673)
Richard Levitte [Thu, 30 Jul 2020 08:14:27 +0000 (10:14 +0200)]
PROV: Fix DSA and DH private key serializers
If those private key serializer were given a key structure with just
the public key material, they crashed, because they tried to
de-reference NULL. This adds better checking.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12679)
Richard Levitte [Tue, 18 Aug 2020 18:39:45 +0000 (20:39 +0200)]
X509: Add d2i_PUBKEY_ex(), which take a libctx and propq
Just like d2i_PrivateKey() / d2i_PrivateKey_ex(), there's a need to
associate an EVP_PKEY extracted from a PUBKEY to a library context and
a property query string. Without it, a provider-native EVP_PKEY can
only fetch necessary internal algorithms from the default library
context, even though an application specific context should be used.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12671)
Pauli [Wed, 19 Aug 2020 03:57:00 +0000 (13:57 +1000)]
cmp: handle error return from OBJ_obj2txt()
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12678)
Pauli [Wed, 19 Aug 2020 03:40:22 +0000 (13:40 +1000)]
pkeyutil: check return value reading password
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12678)
Richard Levitte [Tue, 18 Aug 2020 21:13:29 +0000 (23:13 +0200)]
PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider
In the FIPS provider, calling EC_GROUP_cmp() with NULL for the BN_CTX
argument is forbidden. Since that's what ec_match() does, it simply
cannot work in the FIPS provider. Therefore, we allocate a BN_CTX
with the library context asssociated with one of the input keys
(doesn't matter which) and use that.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12677)
Richard Levitte [Tue, 18 Aug 2020 21:00:24 +0000 (23:00 +0200)]
RSA: Fix rsa_todata() to only add params for existing data
The RSA key could be a public key, and yet, rsa_todata() always tries
to add the private parts as well. The resulting parameters will look
a bit odd, such as a zero |d|, resulting in an invalid key.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12676)
Richard Levitte [Tue, 18 Aug 2020 19:17:58 +0000 (21:17 +0200)]
TEST: separate out NIST ECC tests from non-NIST
ECC keys with non-NIST group names aren't supported when running with
the FIPS provider.
Keys with such groups that are included in evp_test stanza files
aren't even possible to decode if provider side decoders are used,
since those depend on available EVP_KEYMGMT implementations and what
they support.
Those keys could only be decoded because the legacy decoders were
used.
To make these tests future proof, we separate out the stanzas having
keys with NIST approved group names into separate files, and adjust
the file lists in test/recipes/30-test_evp.t aaccordingly.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12672)
Richard Levitte [Fri, 7 Aug 2020 16:47:04 +0000 (18:47 +0200)]
EVP: Have evp_pkey_cmp_any() detect if export wasn't possible
There are some EC keys that can't be exported to provider keymgmt,
because the keymgmt implementation doesn't support certain forms of EC
keys. This could lead to a crash caused by dereferencing a NULL
pointer, so we need to cover that case by returning an error instead.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12610)
Dr. David von Oheimb [Fri, 14 Aug 2020 08:24:33 +0000 (10:24 +0200)]
PKCS12_parse(): Clean up code and correct documentation
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12641)
Dr. David von Oheimb [Wed, 12 Aug 2020 16:06:00 +0000 (18:06 +0200)]
PKCS12_parse(): Fix reversed order of certs parsed and output via *ca
Fixes #6698
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12641)
Dr. David von Oheimb [Fri, 14 Aug 2020 08:39:17 +0000 (10:39 +0200)]
OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12645)
Shane Lontis [Wed, 19 Aug 2020 03:27:31 +0000 (13:27 +1000)]
Fix no-cms build errors.
Fixes #12640
The X942-KDF is now indepedent of the CMS code (since it no longer uses CMS_SharedInfo_encode).
Any code related to EVP_PKEY_DH_KDF_X9_42 needs to not be wrapped by !defined(OPENSSL_NO_CMS).
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12642)
Pauli [Sat, 15 Aug 2020 00:35:59 +0000 (10:35 +1000)]
OCSP: Add return value checks.
The calls are unlikely to fail but better checking their return than not.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12648)
Pauli [Mon, 17 Aug 2020 05:40:00 +0000 (15:40 +1000)]
Apps: change provider_path option to provider-path.
The applications use '-' in options not '_'.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12662)
Shane Lontis [Tue, 11 Aug 2020 00:15:28 +0000 (10:15 +1000)]
Fix DSA/DH so that legacy keys can still be generated by the default provider
Fixes #12589
The 'type' parameter needed to be propagated to the ffc params during keygen,
so that the simple validation of params done during keygen can handle legacy keys for the default provider.
The fips provider ignores this change and only allows fips186-4 approved sizes.
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12623)
Shane Lontis [Mon, 17 Aug 2020 02:34:17 +0000 (12:34 +1000)]
Fix broken windows builds.
A miscellaneous '\' was accidently added to set FIPSKEY=$(FIPSKEY) which was causing some
external CI build loops to not produce test results.
It looks like it was accidently copied from the unix variant which requires the '\'.
Thanks to Wolfgang Beck for tracking down the issue.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12661)
Matt Caswell [Wed, 5 Aug 2020 13:46:48 +0000 (14:46 +0100)]
Test that EVP_default_properties_is_fips_enabled() works early
We check that EVP_default_properties_is_fips_enabled() is working even
before other function calls have auto-loaded the config file.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12567)
Matt Caswell [Fri, 31 Jul 2020 16:29:21 +0000 (17:29 +0100)]
Load the default config file before working with default properties
A config file can change the global default properties. Therefore we
must ensure that the config file is loaded before reading or amending
them.
Fixes #12565
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12567)
Pauli [Thu, 13 Aug 2020 00:02:01 +0000 (10:02 +1000)]
provider: disable fall-backs if OSSL_PROVIDER_load() fails.
If an attempt is made to load a provider and it fails, the fall-back mechanism
should be disabled to prevent the user getting some weird happening. E.g. a
failure to load the FIPS provider should not allow the default to load as a
fall-back.
The OSSL_PROVIDER_try_load() call has been added, to allow a provider to be
loaded without disabling the fall-back mechanism if it fails.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12625)
Pauli [Tue, 11 Aug 2020 03:19:40 +0000 (13:19 +1000)]
PKCS#12 KDF: don't run tests with the FIPS provider.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12624)
Pauli [Tue, 11 Aug 2020 00:29:02 +0000 (10:29 +1000)]
Move PKCS#12 KDF to provider.
This KDF is defined in RFC7292 in appendix B. It is widely used in PKCS#12
and should be provided.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12624)
Patrick Steuer [Tue, 11 Aug 2020 11:51:04 +0000 (13:51 +0200)]
Appease -Werror=stringop-overflow=
gcc 10 seems to think of assigning to an (unsigned) char
array as a stringop and demands additional space for a
terminating '\0':
In function 'ssl3_generate_key_block',
inlined from 'ssl3_setup_key_block' at ssl/s3_enc.c:304:11:
ssl/s3_enc.c:51:20: error: writing 1 byte into a region of size 0
[-Werror=stringop-overflow=]
51 | buf[j] = c;
| ~~~~~~~^~~
ssl/s3_enc.c: In function 'ssl3_setup_key_block':
ssl/s3_enc.c:23:19: note: at offset 16 to object 'buf' with size 16
declared here
23 | unsigned char buf[16], smd[SHA_DIGEST_LENGTH];
| ^~~
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12632)
Dr. David von Oheimb [Thu, 4 Jun 2020 08:23:42 +0000 (10:23 +0200)]
Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12638)
Tomas Mraz [Thu, 6 Aug 2020 13:14:29 +0000 (15:14 +0200)]
sslapitest: Add test for premature call of SSL_export_keying_material
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12594)
Tomas Mraz [Thu, 6 Aug 2020 09:20:43 +0000 (11:20 +0200)]
Avoid segfault in SSL_export_keying_material if there is no session
Fixes #12588
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12594)
Benjamin Kaduk [Thu, 20 Sep 2018 02:14:04 +0000 (21:14 -0500)]
Mark SSL_CTX_set_ssl_version() as deprecated in 3.0
Also, document its unusual semantics of resetting the
cipher list (but preserving other configuration).
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/7274)
Dr. David von Oheimb [Sun, 26 Apr 2020 16:30:45 +0000 (18:30 +0200)]
Introduce X509_add_cert[s] simplifying various additions to cert lists
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12615)
Shane Lontis [Wed, 12 Aug 2020 01:59:43 +0000 (11:59 +1000)]
Add public API for gettables and settables for keymanagement, signatures and key exchange.
The openssl provider app will now display these params.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12396)
Shane Lontis [Mon, 10 Aug 2020 00:16:26 +0000 (10:16 +1000)]
Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider.
RSA keys in the 'base' provider are different from a fips provider RSA key (since they have different object structures).
To use a fips provider key in the base serializer the key needs to be exported.
The fix was suggested by @levitte.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12162)
Shane Lontis [Tue, 16 Jun 2020 03:04:57 +0000 (13:04 +1000)]
Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
Fixes #11863
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12162)
Pauli [Fri, 7 Aug 2020 03:20:18 +0000 (13:20 +1000)]
provider: add the unused paramater tag to the gettable and settable functions
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12603)
Benjamin Kaduk [Tue, 21 Jul 2020 23:23:19 +0000 (16:23 -0700)]
Expose S390x HW ciphers' IV state to provider layer
The S390x hardware-accelerated cipher implementations keep their IV
state in an internal structure tied to the underlying implementation.
However, the provider itself needs to be able to expose the IV state
to libcrypto when processing the "iv-state" parameter. In the absence
of a S390x hardware-specific get_ctx_params() implementation, be sure
to copy the IV state from the hw-specific structure back to the
generic PROV_CIPHER_CTX object after each cipher operation in order to
synchronize the internal and fetchable state.
[extended tests]
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12233)
Benjamin Kaduk [Thu, 9 Jul 2020 21:29:33 +0000 (14:29 -0700)]
Avoid deprecated API in evp_test.c
Use EVP_CIPHER_CTX_get_iv_state() in cipher_test_enc() rather than
the deprecated EVP_CIPHER_CTX_iv().
[extended tests]
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12233)
Benjamin Kaduk [Thu, 2 Jul 2020 23:27:03 +0000 (16:27 -0700)]
Avoid deprecated function in evp_lib.c
Use EVP_CIPHER_CTX_get_iv() to implement EVP_CIPHER_set_asn1_iv(),
rather than the deprecated EVP_CIPHER_CTX_original_iv().
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12233)
Benjamin Kaduk [Thu, 2 Jul 2020 21:12:33 +0000 (14:12 -0700)]
Use local IV storage in EVP BLOCK_* macros
Inline the pre-
13273237a65d46186b6bea0b51aec90670d4598a versions
of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
EVP_CIPHER_CTX_iv_noconst() in evp.h.
These macros are internal-only, used to implement legacy libcrypto
EVP ciphers, with no real provider involvement. Accordingly, just use the
EVP_CIPHER_CTX storage directly and don't try to reach into a provider-side
context.
This does necessitate including evp_local.h in several more files.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12233)
Benjamin Kaduk [Thu, 2 Jul 2020 21:12:33 +0000 (14:12 -0700)]
Use local IV storage in e_rc2.c
Inline the pre-
13273237a65d46186b6bea0b51aec90670d4598a versions
of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
EVP_CIPHER_CTX_iv_noconst() in e_rc2.c.
For the legacy implementations, there's no need to use an
in-provider storage for the IV, when the crypto operations
themselves will be performed outside of the provider.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12233)
Benjamin Kaduk [Thu, 2 Jul 2020 21:12:33 +0000 (14:12 -0700)]
Use local IV storage in e_xcbc_d.c
Inline the pre-
13273237a65d46186b6bea0b51aec90670d4598a versions
of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
EVP_CIPHER_CTX_iv_noconst() in e_xcbc_d.c.
For the legacy implementations, there's no need to use an
in-provider storage for the IV, when the crypto operations
themselves will be performed outside of the provider.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12233)
Benjamin Kaduk [Thu, 2 Jul 2020 21:12:33 +0000 (14:12 -0700)]
Use local IV storage in e_sm4.c
Inline the pre-
13273237a65d46186b6bea0b51aec90670d4598a versions
of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
EVP_CIPHER_CTX_iv_noconst() in e_sm4.c.
For the legacy implementations, there's no need to use an
in-provider storage for the IV, when the crypto operations
themselves will be performed outside of the provider.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12233)
Benjamin Kaduk [Thu, 2 Jul 2020 21:12:33 +0000 (14:12 -0700)]
Use local IV storage in e_des3.c
Inline the pre-
13273237a65d46186b6bea0b51aec90670d4598a versions
of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
EVP_CIPHER_CTX_iv_noconst() in e_des3.c.
For the legacy implementations, there's no need to use an
in-provider storage for the IV, when the crypto operations
themselves will be performed outside of the provider.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12233)