Dr. David von Oheimb [Thu, 6 Jan 2022 21:05:22 +0000 (22:05 +0100)]
check-format.pl: Fix report on constant on LHS of comparison/assignment
Reviewed-by: Paul Dale <pauli@openssl.org>
(cherry picked from commit
15ae69fa7bc0f367edded19bc48e6d9a5ce8d547)
Dr. David von Oheimb [Thu, 6 Jan 2022 20:41:45 +0000 (21:41 +0100)]
check_format.pl: Add checks for blank lines within/after local decls
Reviewed-by: Paul Dale <pauli@openssl.org>
(cherry picked from commit
d8662f2f8716645164a9d4d8795a9c353fe315fb)
Dimitris Apostolou [Sun, 2 Jan 2022 23:00:27 +0000 (01:00 +0200)]
check_format.pl: Fix typos
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(cherry picked from commit
e304aa87b35fac5ea97c405dd3c21549faa45e78)
Dr. David von Oheimb [Fri, 12 Nov 2021 11:14:45 +0000 (12:14 +0100)]
check-format.pl: Fix report on constant on LHS of comparison or assignment
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(cherry picked from commit
2e6afe1079c6993868c5d8a813605d16980e8e10)
Dmitry Belyavskiy [Thu, 14 Jul 2022 19:41:48 +0000 (21:41 +0200)]
Fix verify_callback in the openssl s_client/s_server app
We need to check that error cert is available before printing its data
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18805)
(cherry picked from commit
fad0f80eff188ef938fed614245a56ed56110deb)
Richard Levitte [Thu, 14 Apr 2022 15:52:12 +0000 (17:52 +0200)]
"Reserve" the method store when constructing methods
Introducing the concept of reserving the store where a number of
provided operation methods are to be stored.
This avoids racing when constructing provided methods, which is
especially pertinent when multiple threads are trying to fetch the
same method, or even any implementation for the same given operation
type.
This introduces a |biglock| in OSSL_METHOD_STORE, which is separate
from the |lock| which is used for more internal and finer grained
locking.
Fixes #18152
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18153)
(cherry picked from commit
e1eafe8c87612a94552e9ad5df56c489cb6f0ff2)
Pauli [Tue, 19 Jul 2022 01:04:32 +0000 (11:04 +1000)]
Coverity
1507372: explicit null dereference
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18822)
(cherry picked from commit
d768f853bb05b5a49a2aeb5b5702776834e68d06)
Pauli [Tue, 19 Jul 2022 01:01:57 +0000 (11:01 +1000)]
Coverity
1503321 &
1503327: dereference after null check
The earlier fix being inadequate
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18822)
(cherry picked from commit
f913c3cd7e22eecbcc8f84b72c645081fa37fdf4)
Tom Cosgrove [Mon, 18 Jul 2022 09:24:47 +0000 (10:24 +0100)]
Fix aarch64 signed bit shift issue found by UBSAN
Fixes #18813
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Change-Id: Ic543885091ed3ef2ddcbe21de0a4ac0bca1e2494
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18816)
(cherry picked from commit
1efd8533e1ccc5c5e69795eb393a6b79b62e48e2)
Tomas Mraz [Thu, 14 Jul 2022 10:32:03 +0000 (12:32 +0200)]
ossl_ffc_params_copy: Copy the keylength too
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/18793)
Tomas Mraz [Wed, 13 Jul 2022 14:04:09 +0000 (16:04 +0200)]
Test that we generate a short private key for known DH prime
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/18793)
Tomas Mraz [Fri, 10 Jun 2022 07:46:45 +0000 (09:46 +0200)]
dh_to_text: Print the dh->length if set
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/18793)
Tomas Mraz [Wed, 13 Jul 2022 13:06:00 +0000 (15:06 +0200)]
For known safe primes use the minimum key length according to RFC 7919
Longer private key sizes unnecessarily raise the cycles needed to
compute the shared secret without any increase of the real security.
This fixes a regression from 1.1.1 where these shorter keys
were generated for the known safe primes.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/18793)
Dr. David von Oheimb [Thu, 14 Jul 2022 13:12:55 +0000 (15:12 +0200)]
apps/x509: Improve doc fix for -CAserial anc -CAcreateserial
This follows up on https://github.com/openssl/openssl/pull/18373
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18804)
(cherry picked from commit
7a16f179ab0bc2c474a754c0ad7e35b40534a38e)
Roberto Hueso Gomez [Fri, 15 Jul 2022 09:21:30 +0000 (11:21 +0200)]
Fix memleak in PKCS12_pbe_crypt_ex()
Makes sure that the variable 'out' is free on every error path.
Fixes #18689
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18808)
(cherry picked from commit
af801ec89205aaf6ebf8522d510d0b1fc29e3233)
Shi Pujin [Fri, 15 Jul 2022 07:14:07 +0000 (15:14 +0800)]
Add loongarch64 target
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18807)
Pauli [Thu, 14 Jul 2022 05:22:30 +0000 (15:22 +1000)]
Coverity
1506566: unchecked return value
There isn't much else that can be done here unfortunately.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18799)
(cherry picked from commit
358103b4a651ab3f392f088d86cd30469dccce2e)
Pauli [Thu, 14 Jul 2022 05:17:41 +0000 (15:17 +1000)]
evp: make all _is_a functions accept and handle a NULL argument
Makes life easier for callers.
Fixes Coverity
1503326
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18799)
(cherry picked from commit
ee8db8c5fb5b091f48d29914126d35a7e29cdcf2)
Pauli [Thu, 14 Jul 2022 05:09:36 +0000 (15:09 +1000)]
Coverity
1503321 &
1503327: dereference after null check
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18799)
(cherry picked from commit
f80910390cb882f346fe59c9803fc914b9c367c2)
Allan [Wed, 13 Jul 2022 08:55:22 +0000 (01:55 -0700)]
Added paragraph to free objects alloced by X509V3_add1_i2d()
Fixes #18665
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18786)
(cherry picked from commit
17004adacf74f9f7036b623dab31a6d12c32daf1)
Allan [Wed, 13 Jul 2022 08:55:06 +0000 (01:55 -0700)]
Updated X509v3_get_ext_by_NID.pod and X509_CRL_get0_by_serial.pod
Updated these to the current documentation style.
Moved X509v3_delete_ext() under BUGS
to NOTES and added information to call free.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18786)
(cherry picked from commit
1711f4824be2c6b41d26f221d2aa0e2236363995)
xkernel [Wed, 13 Jul 2022 03:07:31 +0000 (11:07 +0800)]
ocspapitest: use TEST_true to report the exact failure
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18774)
(cherry picked from commit
180c8d7ae56378992b90ace9626d6df6ab1d4de8)
xkernel [Mon, 11 Jul 2022 07:12:00 +0000 (15:12 +0800)]
ocspapitest: properly check the return of memory-allocating functions
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18774)
(cherry picked from commit
ea809510f69e5aebc2ab95aa7530e01060e8a960)
Juergen Christ [Wed, 13 Jul 2022 09:15:43 +0000 (11:15 +0200)]
Fix EC ASM flag passing
Flags for ASM implementations of EC curves were only passed to the FIPS
provider and not to the default or legacy provider. This left some potential
for optimization. Pass the correct flags also to these providers.
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18791)
(cherry picked from commit
12186377cb987c4527d286e91e735e8261a45669)
Dr. David von Oheimb [Mon, 11 Jul 2022 11:52:01 +0000 (13:52 +0200)]
http_client.c: 2nd fix for calculation of Content-Length in set1_content()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18779)
(cherry picked from commit
8c65e1f719ecf7ec7ed3094bbd763f88708d26eb)
Dr. David von Oheimb [Tue, 31 May 2022 08:03:10 +0000 (10:03 +0200)]
apps/x509: add warnings for options ignored when -CA is not specified
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18373)
(cherry picked from commit
c54a6a4b0ef664313fb07617d6a8c26a808719e0)
Dr. David von Oheimb [Tue, 31 May 2022 08:02:02 +0000 (10:02 +0200)]
openssl-x509.pod.in: fix description of certificate serial number storage
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18373)
(cherry picked from commit
aa73b7d352c383e415d4d7567b79ce074c6762cd)
Dr. David von Oheimb [Mon, 30 May 2022 14:53:05 +0000 (16:53 +0200)]
APPS/x509: With -CA but both -CAserial and -CAcreateserial not given, use random serial.
Also improve openssl-x509.pod.in and error handling of load_serial() in apps.c.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18373)
(cherry picked from commit
ec8a3409487c871b440fa52bff7c3ef33378494a)
Dr. David von Oheimb [Fri, 20 May 2022 04:23:54 +0000 (06:23 +0200)]
apps/x509: Fix -CAfile option being neglected with -new or -in
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18373)
(cherry picked from commit
10c7887330bb6ca136cd16fe081639f4462a072e)
Daniel Fiala [Mon, 11 Jul 2022 07:03:58 +0000 (09:03 +0200)]
Add an EVP demo for CMAC
Fixes openssl#14110
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18778)
(cherry picked from commit
cdf0a5c46032ba4c39d93a7bec52494b4808830f)
slontis [Tue, 12 Jul 2022 04:28:37 +0000 (14:28 +1000)]
Check for EVP_MD being NULL inside ssl.
Fix multiple places that could potentially segfault if memory
allocations fail. e.g. ssl_load_ciphers() could fail while calling
ssl_evp_md_fetch().
Found by #18355
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18784)
(cherry picked from commit
b740012f77aed97cb4b3cd8a4f1fb2f668542795)
Tomas Mraz [Mon, 11 Jul 2022 10:49:56 +0000 (12:49 +0200)]
speed: Always reset the outlen when calling EVP_PKEY_derive
Fixes #18768
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18777)
(cherry picked from commit
ab8d56d05b773e499c86be874fd3f11f5950213c)
Richard Levitte [Thu, 28 Apr 2022 06:15:53 +0000 (08:15 +0200)]
Pre-declare all core dispatch table functions, and fix the internal ones
When assigning pointers to functions in an OSSL_DISPATCH table, we try
to ensure that those functions are properly defined or declared with
an extra declaration using the corresponding function typedefs that
are defined by include/openssl/core_dispatch.h.
For the core dispatch table, found in crypto/provider_core.c, it seems
we forgot this habit, and thus didn't ensure well enough that the
function pointers that are assigned in the table can actually be used
for those dispatch table indexes.
This change adds all the missing declarations, and compensates for
differences with functions that do the necessary casting, making those
explicit rather than implicit, thereby trying to assure that we know
what we're doing.
One function is not fixed in this change, because there's a controversy,
a clash between the signature of BIO_ctrl() and OSSL_FUNC_BIO_ctrl_fn.
They have different return types.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18198)
(cherry picked from commit
9574842e90e29015daa2b071e965cec9aa885c17)
xkernel [Mon, 11 Jul 2022 07:21:09 +0000 (15:21 +0800)]
add a check for the return of OBJ_new_nid()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18773)
(cherry picked from commit
a0ff8e413e94ba46720a4bf3a5032c50531c526c)
Varun Sharma [Sat, 9 Jul 2022 14:03:23 +0000 (07:03 -0700)]
ci: add GitHub token permissions for workflows
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18766)
(cherry picked from commit
c6e7f427c82dfa17416a39af7661c40162d57aaf)
Dr. David von Oheimb [Fri, 8 Jul 2022 09:14:16 +0000 (11:14 +0200)]
OSSL_trace_set_channel.pod and openssl.pod: fix missing/inconsistent category items
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18763)
Dr. David von Oheimb [Sat, 9 Jul 2022 09:09:08 +0000 (11:09 +0200)]
x509_vfy.c: Revert the core of #14094 regarding chain_build() error reporting
The problem of producing to-the-point diagnostics will be fixed in a follow-up PR.
Fixes #18691
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18758)
(cherry picked from commit
1f00dc4f8c0ef0101368de2adf22495e5e295114)
Dr. David von Oheimb [Fri, 8 Jul 2022 19:49:28 +0000 (21:49 +0200)]
test/certs/setup.sh: add missing comment on CA cert variant without basic constraints
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18758)
(cherry picked from commit
a148a9b4f49b0c456d45a39c0d63a52405aa5ea9)
slontis [Thu, 7 Jul 2022 05:03:08 +0000 (15:03 +1000)]
Fix memory leak in EVP_PKEY_get1_encoded_public_key.
Occurs if a failure happens after the malloc call in the second call to
EVP_PKEY_get_octet_string_param().
Detected by PR #18355
Some calling code assumes that nothing is allocated in the returned
pointer if there was a failure. Other calling code always trys freeing.
The third case is in ecdh_cms_encrypt() where it does not check the
return value. I am assuming this change is ok since the legacy path in
EVP_PKEY_get1_encoded_public_key() also does not return the pointer on
failure.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18739)
(cherry picked from commit
4e9a4997c540e64647d4e1708a1dbda51fb59a68)
Dr. David von Oheimb [Fri, 1 Jul 2022 15:46:36 +0000 (17:46 +0200)]
http_client.c: fix calculation of Content-Length in set1_content()
Work around an inconsistency in the implementations of BIO_CTRL_INFO.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18701)
(cherry picked from commit
243465fd556837402bff52b7bf3d59420b68a02e)
Dr. David von Oheimb [Fri, 1 Jul 2022 18:38:59 +0000 (20:38 +0200)]
apps/cmp.c: fix cleanup of CMP_CTX vs. APP_HTTP_TLS_INFO in its http_cb_arg field
Prevent crashes on error by making sure the info is freed after OSSL_CMP_CTX_free(),
which may call OSSL_HTTP_close() and thus indirectly reference the info.
Moreover, should not attempt to reference the cmp_ctx variable when NULL.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18702)
(cherry picked from commit
8c094747d78bb8627e9ca5241fed0550a3de2fdb)
Dr. David von Oheimb [Fri, 1 Jul 2022 18:25:55 +0000 (20:25 +0200)]
cmp_http.c: extend comment in keep_alive()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18702)
(cherry picked from commit
93d9d6097685dc29e654db15c091c550aef16d5b)
Allan [Thu, 7 Jul 2022 23:04:09 +0000 (16:04 -0700)]
Fix memory leak in X509V3_add1_i2d when flag is X509V3_ADD_DELETE
Fixes #18677
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18698)
(cherry picked from commit
4798e0680b112993815098ca21d7d68ff31ebc6e)
Viktor Szakats [Sun, 3 Jul 2022 22:30:06 +0000 (22:30 +0000)]
use #pragma comment(lib) with _MSC_VER only
Avoid this warning when compiled with llvm/gcc + mingw-w64 and
`USE_BCRYPTGENRANDOM` enabled:
```
../providers/implementations/rands/seeding/rand_win.c:31:11: warning: unknown pragma ignored [-Wunknown-pragmas]
^
1 warning generated.
```
CLA: trivial
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18709)
(cherry picked from commit
695cb63c744bab090144a86949b68324ee3094d6)
Mingjun.Yang [Mon, 4 Jul 2022 09:41:54 +0000 (17:41 +0800)]
feat: add hmac-sm3 test cases from GM/T 0042-2015 Appendix D.3
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18714)
(cherry picked from commit
0648ec1c35a54fb2b7ead34a215691fe9e38516d)
Juergen Christ [Thu, 7 Jul 2022 16:57:55 +0000 (18:57 +0200)]
Fix SHA, SHAKE, and KECCAK ASM flag passing
Flags for ASM implementations of SHA, SHAKE, and KECCAK were only passed to
the FIPS provider and not to the default or legacy provider. This left some
potential for optimization. Pass the correct flags also to these providers.
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18747)
(cherry picked from commit
a8b238f0e4c1198935e066ef19579ca694253286)
slontis [Thu, 7 Jul 2022 02:01:09 +0000 (12:01 +1000)]
Make evp_test skip mac tests if digest or ciphers are disabled.
Fixes test error in #18714
This only happens currently during minimal builds.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18737)
(cherry picked from commit
c8a016cac44d5402df3106f46c9725aa1b480e40)
Daniel Fiala [Thu, 7 Jul 2022 06:55:06 +0000 (08:55 +0200)]
Add an EVP demo for HMAC
Fixes openssl#14109
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18752)
(cherry picked from commit
e269d8af79de7b0dcc1b72687eed340cc3822a9e)
Jiasheng Jiang [Fri, 1 Jul 2022 08:23:58 +0000 (16:23 +0800)]
ssl/tls_srp.c: Add check for BN_dup
As the potential failure of the BN_dup,
it should be better to check the return value
in order to guarantee the success.
Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/18699)
(cherry picked from commit
12e488367d34657a5c0e1bc322e66c48463d2a0c)
Tomas Mraz [Thu, 7 Jul 2022 08:35:16 +0000 (10:35 +0200)]
NEWS.md: Drop an extra empty line causing mdlint failure
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18740)
Bernd Edlinger [Sun, 12 Jun 2022 07:37:26 +0000 (09:37 +0200)]
Fix reported performance degradation on aarch64
This restores the implementation prior to
commit
2621751 ("aes/asm/aesv8-armx.pl: avoid 32-bit lane assignment in CTR mode")
for 64bit targets only, since it is reportedly 2-17% slower,
and the silicon errata only affects 32bit targets.
Only for 32bit targets the new algorithm is used.
Fixes #18445
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18581)
(cherry picked from commit
65523758e546fcef0f930e5f8878ef51d174dbc8)
Richard Levitte [Wed, 6 Jul 2022 04:54:49 +0000 (06:54 +0200)]
Windows: use the basename of the product (.dll) for definition files
This resolves the faulty LIBRARY value that contained the directory
of the product (.dll) in the build tree. This applies to engines and
other modules alike.
Fixes #18726
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/18732)
(cherry picked from commit
5cc9ab5cf51137daf6d2d57718f56316dcb62744)
Allan [Wed, 6 Jul 2022 21:26:16 +0000 (14:26 -0700)]
Updated information for OSSL_SIGNATURE_PARAM_PSS_SALTLEN
Fixes #18066
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18736)
(cherry picked from commit
d104c6ff7499b0638c82557ce94e284b00f74627)
Alexander Scheel [Wed, 29 Jun 2022 14:19:58 +0000 (10:19 -0400)]
Fixes OSCP->OCSP typo in ocsp command line
The existing help text says:
> -badsig Corrupt last byte of loaded OSCP response signature (for test)
but this should be OCSP. This is the only occurrence within the project
of this typo.
CLA: trivial
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18684)
(cherry picked from commit
2837b19fcba4bf4ff2ecdc8435c650bf18c27552)
Dr. David von Oheimb [Tue, 28 Jun 2022 10:06:52 +0000 (12:06 +0200)]
http_client.c: fix comment and documentation of the memory BIOs used
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18674)
(cherry picked from commit
7d5019c15af8f88443a7edddd4b150a7dafeda5d)
Dr. David von Oheimb [Tue, 28 Jun 2022 09:51:32 +0000 (11:51 +0200)]
OSSL_HTTP_REQ_CTX_nbio(): fix copy&paste glitch calling BIO_should_retry(rctx-rbio)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18674)
(cherry picked from commit
059a4ad0999dd6dbd7340b5e4f7566812d51bb1e)
Dr. David von Oheimb [Tue, 28 Jun 2022 15:47:40 +0000 (17:47 +0200)]
OSSL_HTTP_open(): improve use of use_ssl and its documentation
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18674)
(cherry picked from commit
35750cb9af007702dad92d62da57200fdf9ddaf4)
Dr. David von Oheimb [Tue, 28 Jun 2022 09:30:50 +0000 (11:30 +0200)]
app_http_tls_cb(): fix crash on inconsistency w.r.t. use of TLS
This happens if use_ssl is not set but an SSL_CTX is provided.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18674)
(cherry picked from commit
96e13a1679872d879683346c1e09ca227f77efb0)
Dr. David von Oheimb [Fri, 24 Jun 2022 10:39:49 +0000 (12:39 +0200)]
openssl-cmds.pod.in: add missing entry for cmp
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18653)
(cherry picked from commit
33478aedafaff1f414cabd67fb30970c41996f5c)
EasySec [Mon, 11 Apr 2022 22:15:51 +0000 (00:15 +0200)]
Fix typos in SSL_CTX_use_certificate.pod file
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18087)
(cherry picked from commit
a97931955da72c39287a860155ffe071a3125f9f)
Gregor Jasny [Tue, 5 Jul 2022 10:57:06 +0000 (12:57 +0200)]
Add missing header for memcmp
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18719)
(cherry picked from commit
f9e578e720bb35228948564192adbe3bc503d5fb)
Richard Levitte [Tue, 5 Jul 2022 08:57:42 +0000 (10:57 +0200)]
Prepare for 3.0.6
Reviewed-by: Paul Dale <pauli@openssl.org>
Release: yes
Richard Levitte [Tue, 5 Jul 2022 08:57:04 +0000 (10:57 +0200)]
Prepare for release of 3.0.5
Reviewed-by: Paul Dale <pauli@openssl.org>
Release: yes
Richard Levitte [Tue, 5 Jul 2022 08:56:48 +0000 (10:56 +0200)]
make update
Reviewed-by: Paul Dale <pauli@openssl.org>
Release: yes
Richard Levitte [Tue, 5 Jul 2022 08:33:12 +0000 (10:33 +0200)]
Update copyright year
Reviewed-by: Paul Dale <pauli@openssl.org>
Release: yes
Richard Levitte [Tue, 5 Jul 2022 08:24:48 +0000 (10:24 +0200)]
Update CHANGES and NEWS for upcoming release 3.0.5
Reviewed-by: Paul Dale <pauli@openssl.org>
Release: yes
Alex Chernyakhovsky [Thu, 16 Jun 2022 02:02:37 +0000 (12:02 +1000)]
AES OCB test vectors
Add test vectors for AES OCB for x86 AES-NI multiple of 96 byte issue.
Co-authored-by: Alejandro SedeƱo <asedeno@google.com>
Co-authored-by: David Benjamin <davidben@google.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(cherry picked from commit
2f19ab18a29cf9c82cdd68bc8c7e5be5061b19be)
Alex Chernyakhovsky [Thu, 16 Jun 2022 02:00:22 +0000 (12:00 +1000)]
Fix AES OCB encrypt/decrypt for x86 AES-NI
aesni_ocb_encrypt and aesni_ocb_decrypt operate by having a fast-path
that performs operations on 6 16-byte blocks concurrently (the
"grandloop") and then proceeds to handle the "short" tail (which can
be anywhere from 0 to 5 blocks) that remain.
As part of initialization, the assembly initializes $len to the true
length, less 96 bytes and converts it to a pointer so that the $inp
can be compared to it. Each iteration of "grandloop" checks to see if
there's a full 96-byte chunk to process, and if so, continues. Once
this has been exhausted, it falls through to "short", which handles
the remaining zero to five blocks.
Unfortunately, the jump at the end of "grandloop" had a fencepost
error, doing a `jb` ("jump below") rather than `jbe` (jump below or
equal). This should be `jbe`, as $inp is pointing to the *end* of the
chunk currently being handled. If $inp == $len, that means that
there's a whole 96-byte chunk waiting to be handled. If $inp > $len,
then there's 5 or fewer 16-byte blocks left to be handled, and the
fall-through is intended.
The net effect of `jb` instead of `jbe` is that the last 16-byte block
of the last 96-byte chunk was completely omitted. The contents of
`out` in this position were never written to. Additionally, since
those bytes were never processed, the authentication tag generated is
also incorrect.
The same fencepost error, and identical logic, exists in both
aesni_ocb_encrypt and aesni_ocb_decrypt.
This addresses CVE-2022-2097.
Co-authored-by: Alejandro SedeƱo <asedeno@google.com>
Co-authored-by: David Benjamin <davidben@google.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(cherry picked from commit
6ebf6d51596f51d23ccbc17930778d104a57d99c)
slontis [Fri, 1 Jul 2022 03:47:11 +0000 (13:47 +1000)]
Fix bn_gcd code to check return value when calling BN_one()
BN_one() uses the expand function which calls malloc which may fail.
All other places that reference BN_one() check the return value.
The issue is triggered by a memory allocation failure.
Detected by PR #18355
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18697)
(cherry picked from commit
7fe7cc57af3db1e497877f0329ba17609b2efc8b)
xkernel [Mon, 20 Jun 2022 09:46:39 +0000 (17:46 +0800)]
v3_sxnet: add a check for the return of i2s_ASN1_INTEGER()
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/18608)
(cherry picked from commit
9ef1f848a646565d4dd86e56542cf921d4921ad9)
Tomas Mraz [Tue, 28 Jun 2022 15:37:39 +0000 (17:37 +0200)]
Avoid crashing if CONF_modules_unload() is called after OPENSSL_cleanup()
Although this is basically an incorrect API call it was not crashing
before and it might happen inadvertently if CONF_modules_unload()
is called from a destructor for example.
Fixes #18669
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18673)
(cherry picked from commit
d840f07bcdfc3910de5aa327a245866a67f94799)
Clemens Lang [Wed, 15 Jun 2022 10:50:07 +0000 (12:50 +0200)]
APPS: dsaparam, gendsa: Support setting properties
The -provider and -propquery options did not work on dsaparam and
gendsa. Fix this and add tests that check that operations that are not
supported by the FIPS provider work when run with
| -provider default -propquery '?fips!=yes'
See also https://bugzilla.redhat.com/show_bug.cgi?id=
2094956, where this
was initially reported.
Signed-off-by: Clemens Lang <cllang@redhat.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18576)
(cherry picked from commit
30b2c3592e8511b60d44f93eb657a1ecb3662c08)
Pauli [Fri, 17 Jun 2022 01:02:52 +0000 (11:02 +1000)]
Coverity: fix
1506297: negative returns
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18587)
(cherry picked from commit
3ee2611677e7e9f90e270f3ee4f343c9d3d86835)
Pauli [Fri, 17 Jun 2022 01:02:36 +0000 (11:02 +1000)]
Coverity: fix
1506298: negative returns
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18587)
(cherry picked from commit
be54ad88a67d2fba3b4fd51bef0fe7db0c01b99a)
slontis [Wed, 29 Jun 2022 00:10:16 +0000 (10:10 +1000)]
Documentation update for EVP_set_default_properties
Explicitly state that it is not thread safe.
Fixes #18613
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18678)
(cherry picked from commit
5c535e4692a5a4f2ec7691de4efc6290193a0882)
Pauli [Wed, 29 Jun 2022 01:23:27 +0000 (11:23 +1000)]
fix Coverity
1506709: error handling
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18679)
(cherry picked from commit
f80cdee7c1eee93d13c7dcbeda32dfca3e1e4059)
Daniel Fiala [Tue, 28 Jun 2022 08:00:29 +0000 (10:00 +0200)]
Remove redundant check for `saltlen > UINT32_MAX`
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18671)
(cherry picked from commit
05e51bc79bac45e194dd6f0bf73c99ed5ca06272)
slontis [Mon, 27 Jun 2022 23:49:17 +0000 (09:49 +1000)]
Fix memory leak in cmp_calc_protection()
Triggered by a memory allocation failure.
Detected by PR #18355
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18670)
Tee KOBAYASHI [Sun, 26 Jun 2022 08:40:29 +0000 (17:40 +0900)]
Avoid using union wrt. SystemTimeToFileTime
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18660)
(cherry picked from commit
8eca6864e080c9b8197fec81cd6f327be43bb14c)
Tee KOBAYASHI [Sun, 26 Jun 2022 08:30:02 +0000 (17:30 +0900)]
Avoid using union wrt. optlen parameter for getsockopt
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18660)
(cherry picked from commit
8e949b35d396005d63f3a2c944c36a1c94e41019)
slontis [Thu, 23 Jun 2022 03:10:55 +0000 (13:10 +1000)]
kdf objects missing a return if malloc fails.
I have searched through all references of ERR_R_MALLOC_FAILURE for any
other instances..
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18638)
(cherry picked from commit
7260709e9ef155c8b3fccaa32e8ba496a3059905)
olszomal [Fri, 17 Jun 2022 13:01:11 +0000 (15:01 +0200)]
SSL_get_current_cipher() and SSL_get_pending_cipher() return 'const SSL_CIPHER *'
Fix the documentation.
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18599)
(cherry picked from commit
d842b6eff0940b6ce337536cb718a8d561290f50)
Tomas Mraz [Thu, 7 Apr 2022 14:48:41 +0000 (16:48 +0200)]
Add test for try_key_ref() fallback handling
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17554)
(cherry picked from commit
dca637f50cf71372c46a9cf6022ad4eb9970ab7f)
Tomas Mraz [Thu, 7 Apr 2022 14:48:06 +0000 (16:48 +0200)]
Add missing documentation of OSSL_FUNC_store_export_object()
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17554)
(cherry picked from commit
13941d438458068d4150c5899f6bbc0add393cc4)
Tomas Mraz [Wed, 6 Apr 2022 14:20:47 +0000 (16:20 +0200)]
Correct doubled OSSL_OSSL when documenting OSSL_FUNC_.._fn
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17554)
(cherry picked from commit
13b47155ba425ffd0683e1bff30f746c96a19049)
Tomas Mraz [Thu, 20 Jan 2022 18:49:40 +0000 (19:49 +0100)]
store_result: Add fallback for fetching the keymgmt from the provider of the store
Fixes #17531
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17554)
(cherry picked from commit
4cfcc7e1213d39c78852a614894ebcd2e2be095c)
Peiwei Hu [Thu, 23 Jun 2022 15:59:50 +0000 (23:59 +0800)]
crypto/provider_core.c: Avoid calling unlock two times
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18641)
(cherry picked from commit
61f510600e2c7cdee6e61f8b7075fb0e939eb179)
Daniel Fiala [Mon, 27 Jun 2022 11:36:48 +0000 (13:36 +0200)]
Allocate EVP_PBE_CTL with OPENSSL_zalloc.
Fixes openssl#18598.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18666)
(cherry picked from commit
3211266aa23253ce8af2b98c4fd94a12a4afa7e4)
Matt Caswell [Fri, 10 Jun 2022 14:58:58 +0000 (15:58 +0100)]
Fix range_should_be_prefix() to actually return the correct result
range_should_be_prefix() was misidentifying whether an IP address range
should in fact be represented as a prefix. This was due to a bug introduced
in commit
42d7d7dd which made this incorrect change:
- OPENSSL_assert(memcmp(min, max, length) <= 0);
+ if (memcmp(min, max, length) <= 0)
+ return -1;
This error leads to incorrect DER being encoded/accepted.
Reported by Theo Buehler (@botovq)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18524)
(cherry picked from commit
30532e59f475e0066c030693e4d614311a9e0cae)
Jiasheng Jiang [Fri, 24 Jun 2022 07:35:05 +0000 (15:35 +0800)]
fuzz/asn1.c: Add check for ASN1_item_i2d
As the potential failure of the ASN1_item_i2d,
it should be better to check the return value.
Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18647)
(cherry picked from commit
1cb35ce06a968dc82e7cd9502ecce8e89eca9580)
slontis [Fri, 24 Jun 2022 04:01:07 +0000 (14:01 +1000)]
Fix memory leak in ossl_rsa_fromdata.
Occurs if a malloc failure happens inside collect_numbers()
Reported via #18365
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18646)
(cherry picked from commit
28adea95975c3ea53fc590efda35dee13efd4767)
Matt Caswell [Fri, 24 Jun 2022 10:02:22 +0000 (11:02 +0100)]
Add a test for an all 0 RSA key
Testing a key with all values set to 0.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18651)
(cherry picked from commit
995eccb611431a4857cac3283e2442c01109d428)
Matt Caswell [Fri, 24 Jun 2022 10:01:22 +0000 (11:01 +0100)]
The rsa_validate_keypair_multiprime() function return is not boolean
A -ve return value from this function indicates an error which we should
treat as a failure to validate.
Fixes #18538
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18651)
(cherry picked from commit
518f1ee81d5a6910365ef404888d0e119a87fd81)
Daniel Fiala [Wed, 22 Jun 2022 18:49:51 +0000 (20:49 +0200)]
Improve checks for invalid saltlen in DER writer.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18615)
(cherry picked from commit
08f876d0dea184b071a5aded4c55317e5a63c80e)
Daniel Fiala [Mon, 20 Jun 2022 16:40:30 +0000 (18:40 +0200)]
der_writer: Use uint32_t instead of long.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18615)
(cherry picked from commit
59196250cb45ecd128d2f8bbc47de612167606d3)
Daniel Fiala [Sun, 19 Jun 2022 21:40:46 +0000 (23:40 +0200)]
Add checks for saltlen and trailerfield to rsa key writer.
Fixes openssl#18168.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18615)
(cherry picked from commit
48320997b49b07b5abadec89c7fbe5d5f3d41da4)
Bernd Edlinger [Wed, 22 Jun 2022 15:05:55 +0000 (17:05 +0200)]
Fix a memory leak in EC_GROUP_new_from_ecparameters
This can be reproduced with my error injection patch.
The test vector has been validated on the 1.1.1 branch
but the issue is of course identical in all branches.
$ ERROR_INJECT=
1656112173 ../util/shlib_wrap.sh ./x509-test ./corpora/x509/
fe543a8d7e09109a9a08114323eefec802ad79e2
#0 0x7fb61945eeba in __sanitizer_print_stack_trace ../../../../gcc-trunk/libsanitizer/asan/asan_stack.cpp:87
#1 0x402f84 in my_malloc fuzz/test-corpus.c:114
#2 0x7fb619092430 in CRYPTO_zalloc crypto/mem.c:230
#3 0x7fb618ef7561 in bn_expand_internal crypto/bn/bn_lib.c:280
#4 0x7fb618ef7561 in bn_expand2 crypto/bn/bn_lib.c:304
#5 0x7fb618ef819d in BN_bin2bn crypto/bn/bn_lib.c:454
#6 0x7fb618e7aa13 in asn1_string_to_bn crypto/asn1/a_int.c:503
#7 0x7fb618e7aa13 in ASN1_INTEGER_to_BN crypto/asn1/a_int.c:559
#8 0x7fb618fd8e79 in EC_GROUP_new_from_ecparameters crypto/ec/ec_asn1.c:814
#9 0x7fb618fd98e8 in EC_GROUP_new_from_ecpkparameters crypto/ec/ec_asn1.c:935
#10 0x7fb618fd9aec in d2i_ECPKParameters crypto/ec/ec_asn1.c:966
#11 0x7fb618fdace9 in d2i_ECParameters crypto/ec/ec_asn1.c:1184
#12 0x7fb618fd1fc7 in eckey_type2param crypto/ec/ec_ameth.c:119
#13 0x7fb618fd57b4 in eckey_pub_decode crypto/ec/ec_ameth.c:165
#14 0x7fb6191a9c62 in x509_pubkey_decode crypto/x509/x_pubkey.c:124
#15 0x7fb6191a9e42 in pubkey_cb crypto/x509/x_pubkey.c:46
#16 0x7fb618eac032 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:432
#17 0x7fb618eacaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643
#18 0x7fb618ead288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518
#19 0x7fb618eab9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382
#20 0x7fb618eacaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643
#21 0x7fb618ead288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518
#22 0x7fb618eab9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382
#23 0x7fb618eadd1f in ASN1_item_ex_d2i crypto/asn1/tasn_dec.c:124
#24 0x7fb618eade35 in ASN1_item_d2i crypto/asn1/tasn_dec.c:114
#25 0x40310c in FuzzerTestOneInput fuzz/x509.c:33
#26 0x402afb in testfile fuzz/test-corpus.c:182
#27 0x402656 in main fuzz/test-corpus.c:226
#28 0x7fb618551f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
#29 0x402756 (/home/ed/OPC/openssl/fuzz/x509-test+0x402756)
=================================================================
==12221==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 24 byte(s) in 1 object(s) allocated from:
#0 0x7fb61945309f in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7fb619092430 in CRYPTO_zalloc crypto/mem.c:230
#2 0x7fb618ef5f11 in BN_new crypto/bn/bn_lib.c:246
#3 0x7fb618ef82f4 in BN_bin2bn crypto/bn/bn_lib.c:440
#4 0x7fb618fd8933 in EC_GROUP_new_from_ecparameters crypto/ec/ec_asn1.c:618
#5 0x7fb618fd98e8 in EC_GROUP_new_from_ecpkparameters crypto/ec/ec_asn1.c:935
#6 0x7fb618fd9aec in d2i_ECPKParameters crypto/ec/ec_asn1.c:966
#7 0x7fb618fdace9 in d2i_ECParameters crypto/ec/ec_asn1.c:1184
#8 0x7fb618fd1fc7 in eckey_type2param crypto/ec/ec_ameth.c:119
#9 0x7fb618fd57b4 in eckey_pub_decode crypto/ec/ec_ameth.c:165
#10 0x7fb6191a9c62 in x509_pubkey_decode crypto/x509/x_pubkey.c:124
#11 0x7fb6191a9e42 in pubkey_cb crypto/x509/x_pubkey.c:46
#12 0x7fb618eac032 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:432
#13 0x7fb618eacaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643
#14 0x7fb618ead288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518
#15 0x7fb618eab9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382
#16 0x7fb618eacaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643
#17 0x7fb618ead288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518
#18 0x7fb618eab9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382
#19 0x7fb618eadd1f in ASN1_item_ex_d2i crypto/asn1/tasn_dec.c:124
#20 0x7fb618eade35 in ASN1_item_d2i crypto/asn1/tasn_dec.c:114
#21 0x40310c in FuzzerTestOneInput fuzz/x509.c:33
#22 0x402afb in testfile fuzz/test-corpus.c:182
#23 0x402656 in main fuzz/test-corpus.c:226
#24 0x7fb618551f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
Indirect leak of 56 byte(s) in 1 object(s) allocated from:
#0 0x7fb61945309f in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7fb619092430 in CRYPTO_zalloc crypto/mem.c:230
#2 0x7fb618ef7561 in bn_expand_internal crypto/bn/bn_lib.c:280
#3 0x7fb618ef7561 in bn_expand2 crypto/bn/bn_lib.c:304
#4 0x7fb618ef819d in BN_bin2bn crypto/bn/bn_lib.c:454
#5 0x7fb618fd8933 in EC_GROUP_new_from_ecparameters crypto/ec/ec_asn1.c:618
#6 0x7fb618fd98e8 in EC_GROUP_new_from_ecpkparameters crypto/ec/ec_asn1.c:935
#7 0x7fb618fd9aec in d2i_ECPKParameters crypto/ec/ec_asn1.c:966
#8 0x7fb618fdace9 in d2i_ECParameters crypto/ec/ec_asn1.c:1184
#9 0x7fb618fd1fc7 in eckey_type2param crypto/ec/ec_ameth.c:119
#10 0x7fb618fd57b4 in eckey_pub_decode crypto/ec/ec_ameth.c:165
#11 0x7fb6191a9c62 in x509_pubkey_decode crypto/x509/x_pubkey.c:124
#12 0x7fb6191a9e42 in pubkey_cb crypto/x509/x_pubkey.c:46
#13 0x7fb618eac032 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:432
#14 0x7fb618eacaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643
#15 0x7fb618ead288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518
#16 0x7fb618eab9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382
#17 0x7fb618eacaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643
#18 0x7fb618ead288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518
#19 0x7fb618eab9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382
#20 0x7fb618eadd1f in ASN1_item_ex_d2i crypto/asn1/tasn_dec.c:124
#21 0x7fb618eade35 in ASN1_item_d2i crypto/asn1/tasn_dec.c:114
#22 0x40310c in FuzzerTestOneInput fuzz/x509.c:33
#23 0x402afb in testfile fuzz/test-corpus.c:182
#24 0x402656 in main fuzz/test-corpus.c:226
#25 0x7fb618551f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
SUMMARY: AddressSanitizer: 80 byte(s) leaked in 2 allocation(s).
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/18633)
(cherry picked from commit
be50862e72d96e599f1111bbb69f41b5af651c97)
Allan [Mon, 20 Jun 2022 08:22:50 +0000 (01:22 -0700)]
Added documentation for PEM_X509_INFO_read() and PEM_X509_INFO_read_bio()
Fixes #18342
Fixes <propq> to I<propq>
Updated copyright year
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18623)
(cherry picked from commit
9454423bf1eac4c75e70ff4fd67456e4cfb05a92)
Tomas Mraz [Wed, 22 Jun 2022 13:08:58 +0000 (15:08 +0200)]
Update fips source checksums to drop the unwanted headers
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18630)
Tomas Mraz [Wed, 22 Jun 2022 13:08:18 +0000 (15:08 +0200)]
Avoid including decoder/encoder/store headers into fips module
Fixes #18618
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18630)