Matt Caswell [Thu, 16 Mar 2023 15:08:04 +0000 (15:08 +0000)]
Add a new advanced command mode to s_client
The s_client command mode just looks at the first letter on a line
and if it is one that maps to a "command" then that command is executed
and everything else on the line is ignored.
This means it is impossible to send anything over s_client that starts with
one of the "magic" letters unless you switch off command processing
entirely.
With the forthcoming quic support that will be added to s_client we expect
a significant new number of commands being added (for example to send fin
on a stream, or to list or swap between different streams, etc). This will
use up more "letters" and reduces the usability of s_client.
This PR adds a new "advanced" command processing mode. Commands are enclosed
in braces {}, and can appear anywhere in the text typed into s_client. A
brace can be escaped by sending a double {{. This gives much more
flexibility without reducing the usability of s_client. Commands can also
have "arguments" which also extends the scope of what they can be used for.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20566)
Michael Baentsch [Sat, 25 Mar 2023 12:06:46 +0000 (13:06 +0100)]
remove DSA512 from speed testing
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20603)
Tom Cosgrove [Mon, 27 Mar 2023 14:42:20 +0000 (15:42 +0100)]
SM4 check should be for __aarch64__, not __ARM_MAX_ARCH__ >= 8
(And then __arm__ and __arm tests are redundant)
Fixes #20604
Change-Id: I4308e75b7fbf3be7b46490c3ea4125e2d91b00b8
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20620)
Tom Cosgrove [Mon, 27 Mar 2023 21:05:13 +0000 (22:05 +0100)]
Ensure there's only one copy of OPENSSL_armcap_P in libcrypto.a
Change-Id: Ia94e528a2d55934435de6a2949784c52eb38d82f
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20621)
Michael Richardson [Sat, 19 Mar 2022 13:11:06 +0000 (09:11 -0400)]
doc: add HOWTO document about Documenting public Functions and Macros
Co-authored-by: Matthias St. Pierre <matthias.st.pierre@ncp-e.com>
Co-authored-by: Tomáš Mráz <tm@t8m.info>
Co-authored-by: Lin2Jing4 <35728132+Lin2Jing4@users.noreply.github.com>
Co-authored-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17926)
Pauli [Thu, 23 Mar 2023 22:24:23 +0000 (09:24 +1100)]
Declare FIPS option functions in their own header
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
Pauli [Sun, 19 Mar 2023 23:49:40 +0000 (10:49 +1100)]
test: test -drbg_allow_truncated_digests option
Verify that the option produces the correct output in the FIPS configuration
file and that the default is as expected.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
Pauli [Sun, 19 Mar 2023 22:46:08 +0000 (09:46 +1100)]
Let fipsinstall know about DRBG digiest limiting
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
Pauli [Fri, 17 Mar 2023 00:23:49 +0000 (11:23 +1100)]
changes: note the banning of truncated hashes with DRBGs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
Pauli [Thu, 16 Mar 2023 03:21:25 +0000 (14:21 +1100)]
doc: note the restriction on digests used by DRBGs in FIPS mode.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
Pauli [Thu, 16 Mar 2023 03:12:09 +0000 (14:12 +1100)]
DRBG: restrict the digests that can be used with HMAC and Hash DRBGs.
According to FIP 140-3 IG D.R: https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf
Outside of FIPS, there remains no restriction other than not allowing
XOF digests.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
Pauli [Fri, 17 Mar 2023 01:42:21 +0000 (12:42 +1100)]
fips: rework the option handling code
Add option for restricting digests available to DRBGs.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
Todd Short [Wed, 27 Jan 2021 19:23:33 +0000 (14:23 -0500)]
RFC7250 (RPK) support
Add support for the RFC7250 certificate-type extensions.
Alows the use of only private keys for connection (i.e. certs not needed).
Add APIs
Add unit tests
Add documentation
Add s_client/s_server support
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18185)
Tomas Mraz [Tue, 21 Mar 2023 15:15:47 +0000 (16:15 +0100)]
Fix documentation of X509_VERIFY_PARAM_add0_policy()
The function was incorrectly documented as enabling policy checking.
Fixes: CVE-2023-0466
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20561)
Matt Caswell [Thu, 23 Mar 2023 15:31:25 +0000 (15:31 +0000)]
Updated CHANGES.md and NEWS.md for CVE-2023-0465
Also updated the entries for CVE-2023-0464
Related-to: CVE-2023-0465
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20585)
Matt Caswell [Tue, 7 Mar 2023 17:07:57 +0000 (17:07 +0000)]
Add a Certificate Policies Test
Test that a valid certificate policy is accepted and that an invalid
certificate policy is rejected. Specifically we are checking that a
leaf certificate with an invalid policy is detected.
Related-to: CVE-2023-0465
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20585)
Matt Caswell [Tue, 7 Mar 2023 16:52:55 +0000 (16:52 +0000)]
Ensure that EXFLAG_INVALID_POLICY is checked even in leaf certs
Even though we check the leaf cert to confirm it is valid, we
later ignored the invalid flag and did not notice that the leaf
cert was bad.
Fixes: CVE-2023-0465
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20585)
Matt Caswell [Tue, 7 Mar 2023 15:22:40 +0000 (15:22 +0000)]
Generate some certificates with the certificatePolicies extension
Related-to: CVE-2023-0465
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20585)
afshinpir [Wed, 22 Mar 2023 23:25:45 +0000 (12:25 +1300)]
`EVP_PKEY_CTX_dup` segmentation fault fix
CLA: trivial
The the provider, context duplication method for signature, key
exchange, asymmetric cipher, and key encapsulation is optional. But if
they are missing, we will get a segmentation fault in `EVP_PKEY_CTX_dup`
because they are called without null pointer checking.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20581)
Jorge Ramirez-Ortiz [Mon, 20 Mar 2023 11:51:55 +0000 (12:51 +0100)]
test: evp_extra: EC, read affine coordinates
Add a test to read the EC X,Y coordinates.
Support legacy keys.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20535)
Jorge Ramirez-Ortiz [Wed, 8 Mar 2023 11:50:25 +0000 (12:50 +0100)]
translation: EC legacy keys, handle OSSL_PKEY_PARAM_EC_PUB_X,Y requests
Required by tpm2-tss to load legacy EC keys using the OpenSSL engine.
Fixes: https://github.com/tpm2-software/tpm2-tss/issues/2581
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20535)
Tomas Mraz [Tue, 21 Mar 2023 14:31:15 +0000 (15:31 +0100)]
Avoid duplication of OPENSSL_armcap_P on 32bit ARM
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20558)
Tomas Mraz [Tue, 21 Mar 2023 14:05:47 +0000 (15:05 +0100)]
Print the duplicate symbols found in test
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20558)
Dr. David von Oheimb [Fri, 16 Dec 2022 14:53:32 +0000 (15:53 +0100)]
apps/lib/http_server.c: improve diagnostics, e.g., on port number already in use
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19947)
Dr. David von Oheimb [Tue, 13 Dec 2022 16:44:27 +0000 (17:44 +0100)]
80-test_cmp_http.t: fix server port and confusion client vs. server config
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19947)
Dr. David von Oheimb [Fri, 3 Feb 2023 09:31:19 +0000 (10:31 +0100)]
CMP add: fix -reqin option, which requires adding OSSL_CMP_MSG_update_recipNonce()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20204)
Dr. David von Oheimb [Thu, 2 Feb 2023 18:24:56 +0000 (19:24 +0100)]
apps/cmp.c: make sure that last -reqin argument is actually used
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20204)
Dr. David von Oheimb [Thu, 2 Feb 2023 18:13:47 +0000 (19:13 +0100)]
CMP app: improve doc and help output on -{req,rsp}{in,out} options
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20204)
Michael Baentsch [Mon, 13 Mar 2023 13:27:01 +0000 (14:27 +0100)]
Update the EVP_PKEY_get_id documentation
The documentation didn't mention the development where EVP_PKEY_get_id()
returns a negative value for provider-only implementations, and the
migration guide didn't mention how to cope with that.
Fixes #20497
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20501)
Peter Kaestle [Thu, 16 Feb 2023 14:02:46 +0000 (15:02 +0100)]
tls1_set_groups_list: freeing *pext before overwriting
calling SSL_CTX_set1_groups_list() twice on one SSL_CTX* caused a memory
leak visible in valgrind:
4 bytes in 1 blocks are definitely lost in loss record 1 of 1
at 0x4841888: malloc (vg_replace_malloc.c:381)
by 0x4B1EE96: CRYPTO_memdup (in libcrypto.so.3)
by 0x48993A0: tls1_set_groups_list (in libssl.so.3)
by 0x487AA7E: ssl3_ctx_ctrl (in libssl.so.3)
by 0x1091EA: main (mem_leak.c:10)
LEAK SUMMARY:
definitely lost: 4 bytes in 1 blocks
Freeing *pext to fix it.
CLA: trivial
Signed-off-by: Peter Kaestle <peter.kaestle@nokia.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20317)
(cherry picked from commit
fcf3a9f7c6a10acb2d92f03aec5e45df7dd712d5)
Tomas Mraz [Tue, 21 Mar 2023 10:36:56 +0000 (11:36 +0100)]
OBJ_nid2obj(): Return UNDEF object instead of NULL for NID_undef
Fixes a regression from 3.0 from the obj creation refactoring.
Fixes #20555
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20556)
Pauli [Wed, 22 Mar 2023 01:13:07 +0000 (12:13 +1100)]
Disable the policy tree exponential growth test conditionally
If there is no EC specified, the test won't pass.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20572)
Aleksey Sanin [Mon, 20 Mar 2023 15:26:50 +0000 (11:26 -0400)]
Added tests and updated help
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19898)
Aleksey Sanin [Tue, 13 Dec 2022 14:27:05 +0000 (09:27 -0500)]
Add an option to specify number of bits in the subprime (q) when generating DSA keys
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19898)
Georgi Valkov [Tue, 21 Mar 2023 10:49:23 +0000 (12:49 +0200)]
VC++ 2010 x86 compilers do not have InterlockedOr64
The changes from the following commit should also apply to
Visual Studio 2010
https://github.com/openssl/openssl/commit/
2d46a44ff24173d2cf5ea2196360cb79470d49c7#r104867505
Fixes build errors: undefined symbol InterlockedOr64
on Windows 2003, Visual Studio 2010 for x86 target.
CLA: trivial
Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20557)
Evan Miller [Sat, 18 Mar 2023 15:03:22 +0000 (11:03 -0400)]
Do not build P10-specific AES-GCM assembler on macOS
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20543)
Pauli [Wed, 15 Mar 2023 07:43:11 +0000 (18:43 +1100)]
changes: note about policy tree size limits and circumvention
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20571)
Pauli [Wed, 8 Mar 2023 03:39:25 +0000 (14:39 +1100)]
test: add test cases for the policy resource overuse
These trees have pathological properties with respect to building. The small
tree stays within the imposed limit, the large tree doesn't.
The large tree would consume over 150Gb of RAM to process.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20571)
Pauli [Wed, 8 Mar 2023 04:28:20 +0000 (15:28 +1100)]
x509: excessive resource use verifying policy constraints
A security vulnerability has been identified in all supported versions
of OpenSSL related to the verification of X.509 certificate chains
that include policy constraints. Attackers may be able to exploit this
vulnerability by creating a malicious certificate chain that triggers
exponential use of computational resources, leading to a denial-of-service
(DoS) attack on affected systems.
Fixes CVE-2023-0464
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20571)
Hugo Landau [Mon, 20 Mar 2023 16:27:08 +0000 (16:27 +0000)]
QUIC: Add history section to SSL_inject_net_dgram()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20451)
Hugo Landau [Wed, 8 Mar 2023 10:29:44 +0000 (10:29 +0000)]
QUIC DEMUX: Ensure time field is always initialised
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20451)
Hugo Landau [Tue, 7 Mar 2023 19:07:50 +0000 (19:07 +0000)]
QUIC: Add tests for datagram injection API
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20451)
Hugo Landau [Mon, 6 Mar 2023 17:58:32 +0000 (17:58 +0000)]
QUIC: Add support for datagram injection
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20451)
Tomas Mraz [Thu, 16 Mar 2023 17:25:37 +0000 (18:25 +0100)]
Add simple interoperability test with Cloudflare quiche
This is an external test which requires recursive checkout
of the cloudflare-quiche submodule.
We simply run a client against the example quiche-server
serving HTTP/0.9 requests.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20527)
VeronikaNguyen [Fri, 10 Mar 2023 22:13:46 +0000 (23:13 +0100)]
Added `CERTIFICATE_VERIFY_MAX_LENGTH` constant
- Set `CERTIFICATE_VERIFY_MAX_LENGTH` to 65539
(2 bytes for the algorithm identifier + 2 bytes of signature length
+ 65535 bytes of signature)
- Changed `SSL3_RT_MAX_PLAIN_LENGTH` to `CERTIFICATE_VERIFY_MAX_LENGTH`
in `statem_srvr.c` and `statem_clnt.c`
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20486)
Milan Broz [Fri, 17 Mar 2023 08:02:21 +0000 (09:02 +0100)]
Add Argon2 KDF demo.
Signed-off-by: Milan Broz <gmazyland@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20531)
FdaSilvaYY [Fri, 10 Mar 2023 14:16:01 +0000 (15:16 +0100)]
cmp: fix --strict-warnings windows builds
remove unneeded const qualifier to keep method declaration
and definition in sync.
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/20436)
FdaSilvaYY [Fri, 10 Mar 2023 14:21:05 +0000 (15:21 +0100)]
nit: tidy-up code, and fix a typo.
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/20436)
Richard Levitte [Mon, 20 Mar 2023 07:09:40 +0000 (08:09 +0100)]
providers/implementations/kdfs/argon2.c: Don't use UINT64_C
With less than C99 compilers, this macro isn't guaranteed to exist, and
the value passed to it is 32 bits, so explicitly ending it with 'UL' is
correct in all cases. We simply leave it to the compiler to extend it
appropriately for uint64_t.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20547)
Čestmír Kalina [Fri, 17 Mar 2023 16:32:26 +0000 (17:32 +0100)]
thread: remove remnants of ossl_crypto_mem_barrier
Commit
ac21c1780a63a8d9a3a6217eb52fe0d188fa7655 VMS knows POSIX threads too!
removed ossl_crypto_mem_barrier for POSIX systems.
Remove it for Win32 and other architectures as well.
Resolves issue #19506 Unable to build under bcc32c environment (Embarcadero
clang compiler).
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20538)
zhangzhilei [Sun, 12 Mar 2023 06:53:01 +0000 (14:53 +0800)]
enable hardware acceleration for sm4-ccm
benchmark data test on KunPeng920
before:
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes
SM4-CCM 20401.16k 33739.97k 40476.08k 42326.70k 43373.91k 43220.99k
after:
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes
SM4-CCM 8050.11k 13011.29k 15407.10k 16147.80k 16378.54k 16449.76k
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20499)
Pauli [Sun, 19 Mar 2023 22:02:34 +0000 (09:02 +1100)]
Avoid freeing context on error
Freeing the allocated KDF context seems wrong when derive errors.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/20528)
Pauli [Fri, 17 Mar 2023 01:11:16 +0000 (12:11 +1100)]
Coverity
1522032: use after free
Fix use after free error.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/20528)
JAVAID Mohammad-Habib [Tue, 28 Feb 2023 20:07:59 +0000 (21:07 +0100)]
cmp_msg.c: free memory of certStatus before goto err
CLA: trivial
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20406)
Everton Constantino [Thu, 16 Mar 2023 13:27:12 +0000 (10:27 -0300)]
Update documentation to reflect new Windows on Arm configurations
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20525)
Matt Caswell [Thu, 16 Mar 2023 15:42:28 +0000 (15:42 +0000)]
Fix some Windows issues in the quic_reactor
An incorrect macro name was being used for Windows detection which meant
we were going down a codepath not intended for Windows and thus failing.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20514)
Matt Caswell [Mon, 13 Mar 2023 17:36:24 +0000 (17:36 +0000)]
Add a simple QUIC test for blocking mode
We create "real" sockets for blocking mode so that we can block on them.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20514)
Matt Caswell [Mon, 13 Mar 2023 17:58:19 +0000 (17:58 +0000)]
Make sure the QRX and QTX are associated with a libctx
If a libctx has been associated with the channel, it must be passed down
to the QRX and QTX.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20514)
Matt Caswell [Mon, 13 Mar 2023 14:49:24 +0000 (14:49 +0000)]
Fix seg fault when calling SSL_shutdown() for a QUIC connection
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20514)
Matt Caswell [Mon, 13 Mar 2023 14:42:50 +0000 (14:42 +0000)]
Fix SSL_has_pending() for QUIC connections
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20514)
Matt Caswell [Fri, 10 Mar 2023 15:02:26 +0000 (15:02 +0000)]
Provide better errors for some QUIC failures
For example if would be helpful if we got more useful information if the
caller forgot to set the peer address.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20514)
Matt Caswell [Fri, 10 Mar 2023 14:46:52 +0000 (14:46 +0000)]
Defer unknown QUIC ctrls to the SSL object for TLS
If the QUIC oject receives a ctrl it does not recognise, the chances are
it is intended for the underlying SSL object - so we forward unknown ctrls
there.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20514)
Mike Gilbert [Sun, 12 Feb 2023 22:56:58 +0000 (17:56 -0500)]
Fix Configure test for -mips in CFLAGS
We want to add -mips2 or -mips3 only if the user hasn't already
specified a mips version in CFLAGS. The existing test was a
double-negative.
CLA: trivial
Fixes: https://github.com/openssl/openssl/issues/20214
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20273)
Pauli [Wed, 8 Mar 2023 23:17:53 +0000 (10:17 +1100)]
doc: note the default iteration count for PBKDF2 in the enc command
Fixes #20466
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20471)
Pauli [Wed, 8 Mar 2023 23:15:54 +0000 (10:15 +1100)]
Include the default iteration count in the help for the enc command
The only way to discover this otherwise is looking at the code.
Fixes #20466
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20471)
Tomas Mraz [Fri, 17 Mar 2023 13:58:14 +0000 (14:58 +0100)]
Add sanity test for OSSL_sleep()
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/20533)
Tomas Mraz [Fri, 17 Mar 2023 11:16:33 +0000 (12:16 +0100)]
sleep.c: Limit the sleep time instead of sleeping for days or even years
As the sleep() call is interruptible, it is not even a good idea to call
it in a loop if the caller uses some ridiculously large value as an
infinity just waiting for an interrupt.
Fixes #20524
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/20533)
Richard Levitte [Fri, 17 Mar 2023 15:56:11 +0000 (16:56 +0100)]
providers/implementations/kdfs/argon2.c: Include openssl/e_os2.h instead of stdint.h
<stdint.h> may not exist with pre-C99 compilers. <openssl/e_os2.h> deals
with that, so include it instead.
Similarly, include "internal/numbers.h" rather than <limits.h>, to deal
with things that may be lacking in the latter.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20537)
Tomas Mraz [Wed, 15 Mar 2023 16:46:29 +0000 (17:46 +0100)]
rsaz-*k-avx512.pl: fix wrong name of avx512 flag variable
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20519)
(cherry picked from commit
d4765408c705f704f7cf33bd32bfb713061954a7)
Tomas Mraz [Wed, 15 Mar 2023 15:49:24 +0000 (16:49 +0100)]
aes-gcm-avx512.pl: Fix the clang version detection on Apple Oses
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20519)
(cherry picked from commit
110dac578358014c29b86cf18d9a4bfe5561e3bc)
Čestmír Kalina [Mon, 27 Sep 2021 20:45:38 +0000 (22:45 +0200)]
providers: add Argon2 KDF
https://datatracker.ietf.org/doc/rfc9106/
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12256)
Čestmír Kalina [Fri, 2 Dec 2022 11:44:09 +0000 (06:44 -0500)]
e_os2: add ossl_static_assert_type_eq
Add a gcc-only static assertion that a variable is of a specified type.
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12256)
Čestmír Kalina [Fri, 2 Dec 2022 11:46:15 +0000 (06:46 -0500)]
proverr: add PROV_R_{INVALID_MEMORY_SIZE,INVALID_THREAD_POOL_SIZE}
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12256)
Čestmír Kalina [Wed, 20 Jul 2022 17:07:46 +0000 (13:07 -0400)]
evp_test: add thread support
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12256)
Čestmír Kalina [Mon, 27 Sep 2021 20:49:48 +0000 (22:49 +0200)]
providers: add XOF support to blake2b
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12256)
Čestmír Kalina [Tue, 29 Nov 2022 19:20:09 +0000 (14:20 -0500)]
evp_test: add digest xoflen support
Signed-off-by: Čestmír Kalina <ckalina@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12256)
Pauli [Wed, 15 Mar 2023 08:19:35 +0000 (19:19 +1100)]
Fix copyright disclaimer.
The mention of the GPL shouldn't have been there.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20517)
Christoph Müllner [Wed, 18 Jan 2023 11:11:53 +0000 (12:11 +0100)]
riscv: GCM: Implement GHASH()
RISC-V currently only offers a GMULT() callback for accelerated
processing. Let's implement the missing piece to have GHASH()
available as well. Like GMULT(), we provide a variant for
systems with the Zbkb extension (including brev8).
The integration follows the existing pattern for GMULT()
in RISC-V. We keep the C implementation as we need to decide
if we can call an optimized routine at run-time.
The C implementation is the fall-back in case we don't have
any extensions available that can be used to accelerate
the calculation.
Tested with all combinations of possible extensions
on QEMU (limiting the available instructions accordingly).
No regressions observed.
Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20078)
Christoph Müllner [Wed, 18 Jan 2023 10:57:33 +0000 (11:57 +0100)]
riscv: GCM: Simplify GCM calculation
The existing GCM calculation provides some potential
for further optimizations. Let's use the demo code
from the RISC-V cryptography extension groups
(https://github.com/riscv/riscv-crypto), which represents
the extension architect's intended use of the clmul instruction.
The GCM calculation depends on bit and byte reversal.
Therefore, we use the corresponding instructions to do that
(if available at run-time).
The resulting computation becomes quite compact and passes
all tests.
Note, that a side-effect of this change is a reduced register
usage in .gmult(), which opens the door for an efficient .ghash()
implementation.
Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20078)
Christoph Müllner [Wed, 1 Feb 2023 00:08:23 +0000 (01:08 +0100)]
riscv: GCM: Use riscv.pm
A recent commit introduced a Perl module for common code.
This patch changes the GCM code to use this module, removes duplicated code,
and moves the instruction encoding functions into the module.
Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20078)
Christoph Müllner [Tue, 31 Jan 2023 23:20:43 +0000 (00:20 +0100)]
riscv.pm: Add improved error messages to read_reg code
On systems where Devel::StackTrace is available, we can use this module
to create more usable error messages. Further, don't print error
messages in case of official register aliases, but simply accept them.
Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20078)
Christoph Müllner [Tue, 31 Jan 2023 23:02:33 +0000 (00:02 +0100)]
riscv: aes: Move reusable Perl code into Perl module
Move helper functions and instruction encoding functions
into a riscv.pm Perl module to avoid pointless code duplication.
Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20078)
Christoph Müllner [Tue, 17 Jan 2023 18:31:58 +0000 (19:31 +0100)]
riscv: Clean up extension test macros
In RISC-V we have multiple extensions, that can be
used to accelerate processing.
The known extensions are defined in riscv_arch.def.
From that file test functions of the following
form are generated: RISCV_HAS_$ext().
In recent commits new ways to define the availability
of these test macros have been defined. E.g.:
#define RV32I_ZKND_ZKNE_CAPABLE \
(RISCV_HAS_ZKND() && RISCV_HAS_ZKNE())
[...]
#define RV64I_ZKND_ZKNE_CAPABLE \
(RISCV_HAS_ZKND() && RISCV_HAS_ZKNE())
This leaves us with two different APIs to test capabilities.
Further, creating the same macros for RV32 and RV64 results
in duplicated code (see example above).
This inconsistent situation makes it hard to integrate
further code. So let's clean this up with the following steps:
* Replace RV32I_* and RV64I_* macros by RICSV_HAS_* macros
* Move all test macros into riscv_arch.h
* Use "AND" and "OR" to combine tests with more than one extension
* Rename include files for accelerated processing (remove extension
postfix).
We end up with compile time tests for RV32/RV64 and run-time tests
for available extensions. Adding new routines (e.g. for vector crypto
instructions) should be straightforward.
Testing showed no regressions.
Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20078)
Andy Bernard [Mon, 13 Mar 2023 15:56:37 +0000 (15:56 +0000)]
Fix documented function return types
The documented return type of the (incorrectly named; see below) OSSL_FUNC_decoder_export_object function signature is wrong; the correct type is int, due to the following line in core_dispatch.h:
OSSL_CORE_MAKE_FUNC(int, decoder_export_object,
Fixes #19543
Per the Github conversation with levitte and t8m for pull request #19964, the following issues are not addressed by this patch:
The macro OSSL_CORE_MAKE_FUNC in core_dispatch.h generates a function, and a corresponding function signature typedef with name ending in "_fn". The typedefed signature is unrelated to the signature of the function.
However, provider-decoder.pod describes typedefed signatures generated by the macro, but uses the names of the functions (lacking "_fn") instead of the typedefed signatures, which is a mismatch.
Also, the documented claim about OSSL_FUNC_decoder_export_object, etc that "None of these are actual functions" is contradicted by the fact that the code actually calls those functions, and calls them specifically by those names. E.g. in decoder_meth.c:
decoder->export_object = OSSL_FUNC_decoder_export_object(fns);
The functions are generated by OSSL_CORE_MAKE_FUNC.
The paragraph "None of these are actual functions"... should be replaced by something more like "These function signatures, generated by the OSSL_CORE_MAKE_FUNC macro, are for functions that are offered via function pointers in OSSL_DISPATCH arrays."
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19964)
zhangzhilei [Sun, 12 Mar 2023 07:11:20 +0000 (15:11 +0800)]
enable VPSM4_EX_CAPABLE for sm4_gcm
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes
before:
SM4-GCM 71134.38k 81512.39k 83432.11k 83808.60k 85183.15k 86199.57k
after:
SM4-GCM 30656.22k 108801.82k 196005.97k 198715.73k 199349.59k 199387.82k
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20498)
Pauli [Tue, 14 Mar 2023 01:04:11 +0000 (12:04 +1100)]
Coverity
1521490: resource leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20504)
Pauli [Tue, 14 Mar 2023 00:33:51 +0000 (11:33 +1100)]
demo: Fix makefile target
The makefile target was incorrect and wouldn't build the rsa_encrypt demo.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20503)
klaus triendl [Thu, 2 Mar 2023 10:51:40 +0000 (11:51 +0100)]
Added a short description of VC-WIN*-HYBRIDCRT to Windows notes
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20081)
klaus triendl [Thu, 19 Jan 2023 12:14:48 +0000 (14:14 +0200)]
Added 'hybrid CRT' targets for the Windows platform
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20081)
slontis [Wed, 25 Jan 2023 01:25:33 +0000 (11:25 +1000)]
Fix PKCS12_newpass() to work with PBES2.
Fixes #19092
The code looks like it was written to work with PBES1.
As it had no tests, this would of then broken when PBES2
was introduced at a later point.
Also added libctx and propq support.
This affects the shroudedkeybag object.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20134)
slontis [Fri, 3 Feb 2023 22:25:03 +0000 (08:25 +1000)]
Add Tests for RSA signatures using X931 padding.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20211)
Dmitry Belyavskiy [Thu, 16 Feb 2023 10:23:09 +0000 (11:23 +0100)]
Avoid erroneous diagnostics in speed measuring
Fixes #20291
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20306)
Simo Sorce [Thu, 9 Mar 2023 16:45:02 +0000 (11:45 -0500)]
Add a flag so finalised contexts are not reused
The EVP layer should not rely on the underlying low level code to
handle catching incorrect reuse of contexts.
Add a flag to mark a context as finalised as needed and then catch and
immediately error on Update/Final operations if called improperly.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/20375)
Simo Sorce [Mon, 6 Mar 2023 23:38:00 +0000 (18:38 -0500)]
Add test for context duplication failure
This checks that the first operation successfully completes even if
context duplication fails. But follwing operations get errors as
if the context was finlised.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/20375)
Simo Sorce [Fri, 24 Feb 2023 00:51:27 +0000 (19:51 -0500)]
Do not fail if ctx dup does not succeed
If the ctx was *really* needed we'll probably fail later with an error
anyway, so no point in failing immediately.
Document that this behavior is dependent on the provider used to
implement the signature/verification.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/20375)
Matt Caswell [Wed, 1 Mar 2023 17:03:48 +0000 (17:03 +0000)]
Improve the performance of d2i_AutoPrivateKey and friends
Probe first to see if we have a PKCS8 file to improve decoder performance.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/20416)
Tobias Nießen [Mon, 6 Mar 2023 22:51:17 +0000 (22:51 +0000)]
Document remaining obsolete SSL_OP_NETSCAPE_*_BUG
SSL_OP_NETSCAPE_CA_DN_BUG became obsolete in
3c33c6f6b1086435 and
support for SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG was removed by
7a4dadc3a6a487db. The definitions are still listed under "OBSOLETE
OPTIONS retained for compatibility" in ssl.h.in, so this commit adds
them to the list of obsolete options in doc/man3.
Refs: https://github.com/nodejs/node/pull/46954
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20443)
ndossche [Tue, 7 Mar 2023 12:27:15 +0000 (13:27 +0100)]
Add missing assignment to EVP_get_digestbynid()
The assignment of the result of EVP_get_digestbynid() did not happen
which made the fallback not actually perform the fallback.
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20447)
Dr. David von Oheimb [Mon, 27 Feb 2023 18:22:33 +0000 (19:22 +0100)]
doc/man3/X509_STORE_CTX_get_error.pod: make order consistent, add some missing entries
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20450)
afshinpir [Wed, 8 Mar 2023 03:42:00 +0000 (16:42 +1300)]
Segmentation fault in parent rng cleanup
CLA: trivial
When `cleanup_entropy()` is called to cleanup parent by calling
provided `OSSL_FUNC_rand_clear_seed_fn` method, incorrect random
context is passed to the method. So accessing that context creates
a segmentation fault. Parent context should be passed rather than
DRBG's own context.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20454)