openssl.git
3 hours agoUpdate dependencies for krb5 external test master
Robbie Harwood [Sat, 29 May 2021 16:02:28 +0000 (12:02 -0400)]
Update dependencies for krb5 external test

Dejagnu/TCL are no longer needed.  Installing kdcproxy enables krb5's
proxying tests, which exercise the krb5 TLS integration.

Signed-off-by: Robbie Harwood <rharwood@redhat.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15850)

12 hours agocross-reference the DH and RSA SECLEVEL to level of security mappings
Hubert Kario [Mon, 21 Jun 2021 14:52:14 +0000 (16:52 +0200)]
cross-reference the DH and RSA SECLEVEL to level of security mappings

Since the DH check is used only in DHE-PSK ciphersuites, it's
easy to miss it when updating the RSA mapping. Add cross-references
so that they remain consistent.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15853)

19 hours agotest/recipes/81-test_cmp_cli.t: use app() rather than cmd()
Richard Levitte [Mon, 21 Jun 2021 13:18:19 +0000 (15:18 +0200)]
test/recipes/81-test_cmp_cli.t: use app() rather than cmd()

Fixes #15833

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15846)

19 hours agotest/recipes/80-test_cmp_http.t: use app() rather than cmd()
Richard Levitte [Mon, 21 Jun 2021 06:35:28 +0000 (08:35 +0200)]
test/recipes/80-test_cmp_http.t: use app() rather than cmd()

OpenSSL::Test::cmd() should be used with caution, as it is for special
cases only.
It's preferable to use OpenSSL::Test::app() or OpenSSL::Test::test().

Fixes #15833

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15846)

25 hours agoAPPS & TEST: Use ossl_[u]intmax_t rather than [u]intmax_t
Richard Levitte [Mon, 21 Jun 2021 07:25:16 +0000 (09:25 +0200)]
APPS & TEST: Use ossl_[u]intmax_t rather than [u]intmax_t

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15825)

25 hours agoAPPS: Make fallback opt_[u]intmax() implementations based on long
Richard Levitte [Fri, 18 Jun 2021 08:54:01 +0000 (10:54 +0200)]
APPS: Make fallback opt_[u]intmax() implementations based on long

Also ensure that opt_intmax() and opt_uintmax() does the right thing
if sizeof([u]intmax_t) is smaller than sizeof(ossl_[u]intmax_t).

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15825)

25 hours agoFix definition of ossl_intmax_t and ossl_uintmax_t
Richard Levitte [Fri, 18 Jun 2021 08:32:32 +0000 (10:32 +0200)]
Fix definition of ossl_intmax_t and ossl_uintmax_t

These definitions were located away from our definitions of other
sized int and uint types.  Also, the fallback typedef wasn't quite
correct, and this changes it to be aliases for int64_t and uint64_t,
since those are the largest integers we commonly handle.

We also make sure to define corresponding numbers: OSSL_INTMAX_MIN,
OSSL_INTMAX_MAX and OSSL_UINTMAX_MAX

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15825)

26 hours agoec: Only build ecp_nistp521-ppc64.s if enable-ec_nistp_64_gcc_128
Martin Schwenke [Fri, 18 Jun 2021 01:10:16 +0000 (11:10 +1000)]
ec: Only build ecp_nistp521-ppc64.s if enable-ec_nistp_64_gcc_128

Signed-off-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Amitay Isaacs <amitay@ozlabs.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15798)

26 hours agoec: Add alignment pseudo-op at beginning of function
Martin Schwenke [Thu, 17 Jun 2021 02:20:15 +0000 (12:20 +1000)]
ec: Add alignment pseudo-op at beginning of function

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15798)

26 hours agoec: Drop uses of .cfi_startproc/.cfi_endproc pseudo-ops
Martin Schwenke [Thu, 17 Jun 2021 02:15:35 +0000 (12:15 +1000)]
ec: Drop uses of .cfi_startproc/.cfi_endproc pseudo-ops

These work fine on Linux but break the build on AIX.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15798)

26 hours agobn: save/restore registers to/from stack
Martin Schwenke [Wed, 16 Jun 2021 06:54:26 +0000 (16:54 +1000)]
bn: save/restore registers to/from stack

mtvsrd/mfvsrd are ISA >= 2.07 only, so this won't work for older
CPUs.

It would be possible to use this scheme only in the ISA >= 3.0
implementation.  However, in the future it may be possible for newer
ISAs to allow CPU implementations without a vector unit, so don't
bother.  The performance improvement versus using the stack was small
anyway.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15798)

26 hours agobn: Switch $i to be unused r9
Martin Schwenke [Wed, 16 Jun 2021 06:37:15 +0000 (16:37 +1000)]
bn: Switch $i to be unused r9

No need to save/restore because it is volatile.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15798)

26 hours agobn: Drop unnecessary use of r9
Martin Schwenke [Wed, 16 Jun 2021 04:58:08 +0000 (14:58 +1000)]
bn: Drop unnecessary use of r9

This is done in other versions due to the possibility of an early
return.  However, there is no early return here.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15798)

26 hours agobn: Update .align pseudo-ops to match convention
Martin Schwenke [Wed, 16 Jun 2021 07:29:52 +0000 (17:29 +1000)]
bn: Update .align pseudo-ops to match convention

64-bit alignment at the beginning of functions, 32-bit alignment for
loop targets.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15798)

26 hours agobn: Drop use of .p2align pseudo-op
Martin Schwenke [Wed, 16 Jun 2021 06:39:11 +0000 (16:39 +1000)]
bn: Drop use of .p2align pseudo-op

This works on Linux but breaks the build on AIX.

Fixes #15748

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15798)

27 hours agoAdd table entries for fips 186-5 related to RSA auxiliary probable
Shane Lontis [Mon, 21 Jun 2021 03:41:28 +0000 (13:41 +1000)]
Add table entries for fips 186-5 related to RSA auxiliary probable
primes.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15845)

27 hours agoec: Fail build on big-endian with enable-ec_nistp_64_gcc_128
Martin Schwenke [Fri, 18 Jun 2021 06:35:16 +0000 (16:35 +1000)]
ec: Fail build on big-endian with enable-ec_nistp_64_gcc_128

I can't see way of making Configure fail but this at least makes the
build fail.

Fixes #15821

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15831)

28 hours agotestutil: preserve app_malloc()'s failure behaviour
Pauli [Sun, 20 Jun 2021 02:40:48 +0000 (12:40 +1000)]
testutil: preserve app_malloc()'s failure behaviour

app_malloc() terminates execution if the allocation fails.  The tests implement
their own app_malloc() in an attempt to reduce the amount of code pulled in.

This version also needs to terminate on failed allocation.  The alternative
would be adding failed allocation checks pervasively throughout the apps's
commands.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15836)

30 hours agoChange self test for AES_CGM to perform both an encrypt and decrypt.
Shane Lontis [Mon, 21 Jun 2021 04:01:36 +0000 (14:01 +1000)]
Change self test for AES_CGM to perform both an encrypt and decrypt.

This is a request from the lab that changes the AES_GCM test back to perform both a encrypt and
decrypt. (This makes no logical sense since this is not an inverse cipher).
I have left the AES_ECB decrypt test in (although it may not be needed)
since it is actually testing the inverse cipher case.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15844)

32 hours agoFix aes_core to use U64() macro..
Shane Lontis [Mon, 21 Jun 2021 01:12:43 +0000 (11:12 +1000)]
Fix aes_core to use U64() macro..

AIX reported warnings of the form:
1506-207 (W) Integer constant 0x8080808080808080u out of range.

This truncation causes all startup self tests related to AES to fail.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15842)

32 hours agoasn1: properly clean up on failed BIO creation
Pauli [Mon, 21 Jun 2021 00:33:10 +0000 (10:33 +1000)]
asn1: properly clean up on failed BIO creation

Fixes coverity 1486070 through 1486077 and 1486079

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15841)

32 hours agotest: put the new DHE auto test in the correct place
Pauli [Mon, 21 Jun 2021 00:06:50 +0000 (10:06 +1000)]
test: put the new DHE auto test in the correct place

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15840)

45 hours agoAdd a test for a custom rand provider
Matt Caswell [Wed, 16 Jun 2021 15:57:18 +0000 (16:57 +0100)]
Add a test for a custom rand provider

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15810)

45 hours agoEnsure we remove libctx DRBG state before removing the provider store
Matt Caswell [Thu, 17 Jun 2021 10:44:10 +0000 (11:44 +0100)]
Ensure we remove libctx DRBG state before removing the provider store

Otherwise a heap use-after-free can result.

Fixes #15766

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15810)

2 days agoAdd tests for KTLS with Chacha20-Poly1035.
John Baldwin [Thu, 24 Dec 2020 00:15:01 +0000 (16:15 -0800)]
Add tests for KTLS with Chacha20-Poly1035.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15814)

2 days agoRefactor KTLS tests to better support TLS 1.3.
John Baldwin [Wed, 23 Dec 2020 23:28:34 +0000 (15:28 -0800)]
Refactor KTLS tests to better support TLS 1.3.

- Use SSL_set_ciphersuites for TLS 1.3 tests instead of using
  SSL_set_cipher_list.

- Don't bother passing a sequence number size to KTLS test functions.
  These functions always test TLS (and not DTLS) for which the
  sequence size is always the same.  In addition, even for DTLS the
  check in question (verifying that the sequence number fields in SSL
  do not change) should still pass when doing a before/after
  comparison of the field.

- Define a helper structure to hold the TLS version and cipher name
  for a single KTLS test.

- Define an array of such structures with valid KTLS ciphers and move
  #ifdef's for TLS versions and supported ciphers out of test
  functions and instead use them to define the valid members of this
  array.  This also permits using TLS 1.3 cipher suite names for
  TLS 1.3 tests.

- Use separate tests per cipher for test_ktls to give more
  fine-grained pass/fail results as is already done for
  test_ktls_sendfile.

- While here, rename test_ktls_sendfile to execute_test_ktls_sendfile
  and test_ktls_sendfile_anytls to test_ktls_sendfile.  This is more
  consistent with the naming used for test_ktls as well as other tests
  in this file.

- Close the file descriptors used for temporary sockets in ktls tests.

- Don't assume that KTLS is supported for all compile-time supported
  cipher suites at runtime.  If the kernel fails to offload a given
  cipher suite, skip the test rather than failing it.  FreeBSD kernels
  may not offload all of the cipher suites supported by its KTLS if a
  suitable driver or KTLS backend is not present.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15814)

2 days agosm3: fix function names after the big ossl_ prefix addition.
Pauli [Mon, 21 Jun 2021 02:14:14 +0000 (12:14 +1000)]
sm3: fix function names after the big ossl_ prefix addition.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15843)

2 days agotest: add sm3 low level test case to test suite.
杨明君 [Mon, 22 Feb 2021 06:50:11 +0000 (14:50 +0800)]
test: add sm3 low level test case to test suite.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14271)

2 days agoSTORE: Fix OSSL_STORE_open_ex() error reporting
Richard Levitte [Fri, 18 Jun 2021 05:09:25 +0000 (07:09 +0200)]
STORE: Fix OSSL_STORE_open_ex() error reporting

OSSL_STORE_open_ex() could result in reports like this:

    80722AA3927F0000:error:80000002:system library:file_open_ex:No such file or directory:engines/e_loader_attic.c:1016:calling stat(file:test/blahdibleh.der)
    80722AA3927F0000:error:41800069:lib(131)::path must be absolute:engines/e_loader_attic.c:1010:test/blahdibleh.der
    80722AA3927F0000:error:1600007B:STORE routines:OSSL_STORE_open_ex:no loaders found:crypto/store/store_lib.c:148:No store loaders were found. For standard store loaders you need at least one of the default or base providers available. Did you forget to load them?

The last one turns out to be a bit too generically reported.  It
should only be reported when no loader were loaded at all, not when
loader_ctx happens to be NULL (which may happen for other reasons).

We also move the helpful message to the OSSL_STORE_LOADER fetcher.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15820)

3 days agoTESTS: drop explicit quotes from empty command line arguments
Richard Levitte [Fri, 18 Jun 2021 06:16:13 +0000 (08:16 +0200)]
TESTS: drop explicit quotes from empty command line arguments

Depending on circumstances, something like this:

    ok(run(app(['openssl', 'whatever', '-config', '""', ...])))

might end up with a command like this:

    ./util/wrap.pl apps/openssl whatever -config '""'

Simply use an empty string (i.e. '' instead of '""') and let the
command line fixup functions do their job.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15822)

3 days agoevp_test: Support testing of stitched TLS ciphers
Tomas Mraz [Fri, 18 Jun 2021 13:02:23 +0000 (15:02 +0200)]
evp_test: Support testing of stitched TLS ciphers

Add a few testcases.

Fixes #15749

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15827)

3 days agoReplace non-ASCII character in source file
Tomas Mraz [Thu, 17 Jun 2021 13:48:35 +0000 (15:48 +0200)]
Replace non-ASCII character in source file

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15803)

4 days agotest: fix indentation
Pauli [Fri, 18 Jun 2021 09:56:29 +0000 (19:56 +1000)]
test: fix indentation

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)

4 days agorsa: fix indentation
Pauli [Fri, 18 Jun 2021 09:47:06 +0000 (19:47 +1000)]
rsa:  fix indentation

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)

4 days agoasn1: fix indentation
Pauli [Fri, 18 Jun 2021 09:46:50 +0000 (19:46 +1000)]
asn1: fix indentation

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)

4 days agossl: fix indentation
Pauli [Fri, 18 Jun 2021 09:46:36 +0000 (19:46 +1000)]
ssl: fix indentation

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)

4 days agossl: fix indentation
Pauli [Fri, 18 Jun 2021 09:46:27 +0000 (19:46 +1000)]
ssl: fix indentation

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)

4 days agopunycode: fix indentation
Pauli [Fri, 18 Jun 2021 09:46:16 +0000 (19:46 +1000)]
punycode: fix indentation

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)

4 days agocrypto: repalce tabs with spaces
Pauli [Fri, 18 Jun 2021 07:50:54 +0000 (17:50 +1000)]
crypto: repalce tabs with spaces

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)

4 days agotest: replace tabs with spaces in test recipes
Pauli [Fri, 18 Jun 2021 07:46:40 +0000 (17:46 +1000)]
test: replace tabs with spaces in test recipes

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)

4 days agossl: replace tabs with spaces
Pauli [Fri, 18 Jun 2021 07:44:57 +0000 (17:44 +1000)]
ssl: replace tabs with spaces

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)

4 days agoinclude: replace tabs with spaces in headers
Pauli [Fri, 18 Jun 2021 07:44:44 +0000 (17:44 +1000)]
include: replace tabs with spaces in headers

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)

4 days agotest: add test for auto DH security level meets the minimum
Pauli [Fri, 18 Jun 2021 03:17:42 +0000 (13:17 +1000)]
test: add test for auto DH security level meets the minimum

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15818)

4 days agossl: do not choose auto DH groups that are weaker than the security level
Pauli [Fri, 18 Jun 2021 02:54:24 +0000 (12:54 +1000)]
ssl: do not choose auto DH groups that are weaker than the security level

Fixes #15808

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15818)

4 days agoparams: fix range check when converting double to uint64_t.
Pauli [Fri, 18 Jun 2021 04:43:24 +0000 (14:43 +1000)]
params: fix range check when converting double to uint64_t.

Found in #15815

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15819)

4 days agoparams: avoid using intmax_t since it's not well supported
Pauli [Fri, 18 Jun 2021 01:05:20 +0000 (11:05 +1000)]
params: avoid using intmax_t since it's not well supported

Converting doubles to integers used to go via intmax_t which isn't properly
defined on some platforms.  The alternative is to go via int64_t.

Fixes #15815
Alternative to #15816

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15817)

4 days agoaix64-gcc target: Fix build breakage with enable-fips
Tomas Mraz [Thu, 17 Jun 2021 14:57:57 +0000 (16:57 +0200)]
aix64-gcc target: Fix build breakage with enable-fips

Fixes #15804

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15807)

4 days agohttp_client.c: fix HTTP_VERSION_STR_LEN and make it more efficient
Dr. David von Oheimb [Thu, 17 Jun 2021 11:29:06 +0000 (13:29 +0200)]
http_client.c: fix HTTP_VERSION_STR_LEN and make it more efficient

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15796)

4 days agohttp_client.c: make HTTP_LINE1_MINLEN more efficient
Dr. David von Oheimb [Thu, 17 Jun 2021 11:26:32 +0000 (13:26 +0200)]
http_client.c: make HTTP_LINE1_MINLEN more efficient

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15796)

4 days agohttp_client.c: make prefix checking more readable and more efficient
Dr. David von Oheimb [Thu, 17 Jun 2021 10:55:14 +0000 (12:55 +0200)]
http_client.c: make prefix checking more readable and more efficient

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15796)

4 days agohttp_client.c: fix error reporting (a char was missing; improve style)
Dr. David von Oheimb [Thu, 17 Jun 2021 07:31:50 +0000 (09:31 +0200)]
http_client.c: fix error reporting (a char was missing; improve style)

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15796)

4 days agohttp_client.c: fix OSSL_HTTP_proxy_connect() for HTTPS proxy use
Dr. David von Oheimb [Thu, 17 Jun 2021 05:55:42 +0000 (07:55 +0200)]
http_client.c: fix OSSL_HTTP_proxy_connect() for HTTPS proxy use

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15796)

5 days agoMake util/wrap.pl work better on VMS
Richard Levitte [Wed, 16 Jun 2021 08:32:43 +0000 (10:32 +0200)]
Make util/wrap.pl work better on VMS

Perl's system() on VMS needs to have the command line properly fixed
up, even with arguments passed in list form.  We arrange that by
having util/wrap.pl use the same command line fixups as OpenSSL::Test.

As a consequence, util/wrap.pl needs to be generated, to easily pick
up data from configdata.pm.  This also removes yet another file
copying hack from the build file templates.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15791)

5 days agoOpenSSL::Test: Move the command line quotifier
Richard Levitte [Wed, 16 Jun 2021 08:18:20 +0000 (10:18 +0200)]
OpenSSL::Test: Move the command line quotifier

The command line quotifier is more useful as a common utility, so it
gets moved to OpenSSL::Util, as the following two functions:

fixup_cmd_elements(), which is the generic command line reformatter
fixup_cmd(), which is like fixup_cmd_elements(), but treats the first
element specially where necessary (such as on VMS).

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15791)

5 days agoAdd demo for HKDF
Marek [Sat, 22 May 2021 08:48:38 +0000 (10:48 +0200)]
Add demo for HKDF

Fixes #14120

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15784)

5 days agoPrepare for 3.0 beta 2
Matt Caswell [Thu, 17 Jun 2021 13:03:53 +0000 (14:03 +0100)]
Prepare for 3.0 beta 2

Reviewed-by: Richard Levitte <levitte@openssl.org>
5 days agoPrepare for release of 3.0 beta 1 openssl-3.0.0-beta1
Matt Caswell [Thu, 17 Jun 2021 13:03:42 +0000 (14:03 +0100)]
Prepare for release of 3.0 beta 1

Reviewed-by: Richard Levitte <levitte@openssl.org>
5 days agomake update
Matt Caswell [Thu, 17 Jun 2021 13:03:41 +0000 (14:03 +0100)]
make update

Reviewed-by: Richard Levitte <levitte@openssl.org>
5 days agoUpdate copyright year
Matt Caswell [Thu, 17 Jun 2021 12:24:59 +0000 (13:24 +0100)]
Update copyright year

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15801)

6 days agotest/recipes/80-test_cmp_http.t: Kill the mock server brutally
Richard Levitte [Thu, 17 Jun 2021 08:47:26 +0000 (10:47 +0200)]
test/recipes/80-test_cmp_http.t: Kill the mock server brutally

To kill a subprocess with the KILL signal is pretty brutal.  However,
it doesn't seem to be killed completely on some platforms, which makes
this test recipe hang indefinitely when (implicitly) closing the file
handle for this server ($server_fh).  A brutal KILL resolves this
problem.

Fixes #15781

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15797)

6 days agogost: remove the internal GOST test.
Pauli [Thu, 17 Jun 2021 03:31:01 +0000 (13:31 +1000)]
gost: remove the internal GOST test.

The external GOST test is sufficient according @beldmit.  This avoids having
to manually update and build the GOST engine when something changes.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15795)

6 days agoFix exit code for VMS in util/wrap.pl and test/run_tests.pl
Richard Levitte [Wed, 16 Jun 2021 04:48:12 +0000 (06:48 +0200)]
Fix exit code for VMS in util/wrap.pl and test/run_tests.pl

The exit code for VMS is a bit tricky, and while perl translates the
VMS status code from a typical C program to posix terms, it doesn't
automatically translate its exit code into the typical C program VMS
status code.  Perl scripts are recommended to do so explicitly.

Therefore, we make util/wrap.pl and test/run_tests.pl simulate the
typical C program VMS status code for all non-zero exit codes, except
we give them all the error severity (according to the VMS C library
reference manual, exit codes 2 and above are treated as success...).

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15787)

6 days agoFix small typo in test/recipes/05-test_pbe.t
Richard Levitte [Wed, 16 Jun 2021 04:52:27 +0000 (06:52 +0200)]
Fix small typo in test/recipes/05-test_pbe.t

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15786)

6 days agoAdd self test for ECDSA using curve with a binary field
Shane Lontis [Thu, 17 Jun 2021 02:44:27 +0000 (12:44 +1000)]
Add self test for ECDSA using curve with a binary field

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15794)

6 days agoAlways wait for both threads to finish
Rich Salz [Thu, 10 Jun 2021 20:06:10 +0000 (16:06 -0400)]
Always wait for both threads to finish

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15708)

6 days agoDSO: Fix the VMS DSO name converter to actually do something
Richard Levitte [Tue, 15 Jun 2021 12:59:17 +0000 (14:59 +0200)]
DSO: Fix the VMS DSO name converter to actually do something

This function has never before actually done its work.  This wasn't
discovered before, because its output wasn't important before the FIPS
provider self test started using its value.

This function is now made to insert the VMS DSO extension (".EXE") at
the end of the filename, being careful to make sure what can be a
typical VMS generation number (separated from the file name with a
';') remains at the end.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15765)

6 days agoTEST: Change 'catdir' to 'catfile' when dealing with files, in run_tests.pl
Richard Levitte [Tue, 15 Jun 2021 14:11:51 +0000 (16:11 +0200)]
TEST: Change 'catdir' to 'catfile' when dealing with files, in run_tests.pl

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15767)

6 days agoBuild file templates: Fix in2script dependencies
Richard Levitte [Wed, 16 Jun 2021 08:49:31 +0000 (10:49 +0200)]
Build file templates: Fix in2script dependencies

The in2script functions generates the build file rules for generating
scripts from .in files.  A dependency on configdata.pm is needed,
since it's being used for this.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15792)

6 days agoConfiguration: Fix incorrect $unified_info{attributes} references
Richard Levitte [Wed, 16 Jun 2021 04:09:41 +0000 (06:09 +0200)]
Configuration: Fix incorrect $unified_info{attributes} references

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15758)

6 days agoprov: tag SM2 encoders and decoders as non-FIPS
Pauli [Tue, 15 Jun 2021 22:44:28 +0000 (08:44 +1000)]
prov: tag SM2 encoders and decoders as non-FIPS

They're impossible to use in a FIPS environment, so they shouldn't be flagged
as compatible.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15782)

6 days agoVMS build: drop a spurious debug print
Richard Levitte [Tue, 15 Jun 2021 09:46:00 +0000 (11:46 +0200)]
VMS build: drop a spurious debug print

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15758)

6 days agoHTTP client: fix use of OSSL_HTTP_adapt_proxy(), which is needed also in cmp.c
Dr. David von Oheimb [Sat, 12 Jun 2021 15:43:15 +0000 (17:43 +0200)]
HTTP client: fix use of OSSL_HTTP_adapt_proxy(), which is needed also in cmp.c

For this reason, export this function, which allows removing http_local.h

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15764)

6 days agoX509_digest_sig(): Improve default hash for EdDSA and allow to return the chosen...
Dr. David von Oheimb [Tue, 15 Jun 2021 11:00:38 +0000 (13:00 +0200)]
X509_digest_sig(): Improve default hash for EdDSA and allow to return the chosen default

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15762)

6 days agoCORE: Do a bit of cleanup of core fetching
Richard Levitte [Tue, 15 Jun 2021 08:18:19 +0000 (10:18 +0200)]
CORE: Do a bit of cleanup of core fetching

Some data, like the library context, were passed both through higher
level callback structures and through arguments to those same higher
level callbacks.  This is a bit unnecessary, so we rearrange the
callback arguments to simply pass that callback structure and rely on
the higher level fetching functionality to pick out what data they
need from that structure.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15750)

7 days agoFix DH private key check.
Shane Lontis [Tue, 15 Jun 2021 09:56:36 +0000 (19:56 +1000)]
Fix DH private key check.

A recent addition removed setting the dh private key length when
a safe prime group is used. The private key validation check was relying on this
being set for safe primes. Setting the upper bound no longer checks the
length if the value is zero.

This caused a failure in the daily build of acvp_tests.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15760)

7 days agoAdd a test for fetching various non-evp objects
Matt Caswell [Mon, 14 Jun 2021 11:56:01 +0000 (12:56 +0100)]
Add a test for fetching various non-evp objects

We fetch an Encoder, Decoder and Loader.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15741)

7 days agoClean up the encoder/decoder/loader stores before providers
Matt Caswell [Mon, 14 Jun 2021 11:08:38 +0000 (12:08 +0100)]
Clean up the encoder/decoder/loader stores before providers

We already had the evp method store being cleaned up before the provider
store was. This prevents issues where the method clean up functions cause
providers to clean up, which then needs access to the provider store. We
extend the same thinking to the encoder/decoder/loader stores.

Fixes #15727

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15741)

7 days agoapps: remove AEAD/mode checks that are now redundant
Pauli [Tue, 15 Jun 2021 04:07:51 +0000 (14:07 +1000)]
apps: remove AEAD/mode checks that are now redundant

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15747)

7 days agoapps: use get_cipher_any() instead of get_cipher() for commands that support these...
Pauli [Tue, 15 Jun 2021 04:07:25 +0000 (14:07 +1000)]
apps: use get_cipher_any() instead of get_cipher() for commands that support these ciphers/modes

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15747)

7 days agoapps: limit get_cipher() to not return AEAD or XTS ciphers
Pauli [Tue, 15 Jun 2021 04:06:17 +0000 (14:06 +1000)]
apps: limit get_cipher() to not return AEAD or XTS ciphers

Add a get_cipher_any() function to access these in addition to more normal ciphers

Fixes #7720

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15747)

7 days agodoc: document the various get_cipher functions in the commands lib.
Pauli [Tue, 15 Jun 2021 04:05:05 +0000 (14:05 +1000)]
doc: document the various get_cipher functions in the commands lib.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15747)

7 days agotest: add test cases for SHAxxx helper functions
Pauli [Tue, 15 Jun 2021 09:57:36 +0000 (19:57 +1000)]
test: add test cases for SHAxxx helper functions

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15752)

7 days agoInclude a local static buffer for the SHA helper functions
Pauli [Tue, 15 Jun 2021 08:48:35 +0000 (18:48 +1000)]
Include a local static buffer for the SHA helper functions

This functionality existed in 1.1.1 but was lost.

Fixes #15718

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15752)

7 days agoCorrect processing of AES-SHA stitched ciphers
Dmitry Belyavskiy [Mon, 14 Jun 2021 12:30:48 +0000 (14:30 +0200)]
Correct processing of AES-SHA stitched ciphers

Fixes: #15706

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15740)

7 days agoAdd missing migration_guide API mappings.
Shane Lontis [Mon, 14 Jun 2021 06:36:39 +0000 (16:36 +1000)]
Add missing migration_guide API mappings.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15732)

7 days agoAdd documentation for the newly added OBJ up calls
Matt Caswell [Wed, 9 Jun 2021 15:10:03 +0000 (16:10 +0100)]
Add documentation for the newly added OBJ up calls

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15681)

7 days agoAdd a test for the newly added OBJ upcalls
Matt Caswell [Wed, 9 Jun 2021 14:50:37 +0000 (15:50 +0100)]
Add a test for the newly added OBJ upcalls

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15681)

7 days agoAdd various OBJ functions as callbacks
Matt Caswell [Wed, 9 Jun 2021 13:05:26 +0000 (14:05 +0100)]
Add various OBJ functions as callbacks

This enables providers to register new OIDs in the same libcrypto instance
as is used by the application.

Fixes #15624

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15681)

7 days agodoc: finish the provider child up call documentation
Pauli [Mon, 14 Jun 2021 08:07:49 +0000 (18:07 +1000)]
doc: finish the provider child up call documentation

The bulk of the documentation was there but it wasn't quite complete.

Fixes #15678

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15734)

7 days agoTEST: Skip test/recipes/01-test_symbol_presence.t on MacOS
Richard Levitte [Tue, 15 Jun 2021 16:50:55 +0000 (18:50 +0200)]
TEST: Skip test/recipes/01-test_symbol_presence.t on MacOS

It renames symbols, so we can a false negative

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15776)

7 days agoTEST: Display the correct shared library name
Richard Levitte [Tue, 15 Jun 2021 16:15:52 +0000 (18:15 +0200)]
TEST: Display the correct shared library name

In test/recipes/01-test_symbol_presence.t

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15776)

7 days agonew: update NEWS.md so it is correct.
Pauli [Mon, 14 Jun 2021 22:32:48 +0000 (08:32 +1000)]
new: update NEWS.md so it is correct.

- Removing the deprecation note for public key commands.
- Fixing the note about ECX and SHAKE in the FIPS provider.
- Noting which KDFs are included.
- Noting which MACs are included.

Fixes #15743

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15746)

7 days agonew: update NEWS.md so it is correct.
Pauli [Mon, 14 Jun 2021 22:30:23 +0000 (08:30 +1000)]
new: update NEWS.md so it is correct.

- Removing the deprecation note for public key commands.
- Fixing the note about ECX and SHAKE in the FIPS provider.
- Noting which KDFs are included.
- Noting which MACs are included.

Fixes #15743

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15746)

7 days agoDisabling Encrypt-then-MAC extension in s_client/s_server
Dmitry Belyavskiy [Mon, 14 Jun 2021 09:40:31 +0000 (11:40 +0200)]
Disabling Encrypt-then-MAC extension in s_client/s_server

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15735)

7 days agoTEST: Make test/recipes/01-test_symbol_presence.t more platform agnostic
Richard Levitte [Tue, 15 Jun 2021 15:43:02 +0000 (17:43 +0200)]
TEST: Make test/recipes/01-test_symbol_presence.t more platform agnostic

Assuming ".so" as shared library ending is faulty on MacOS, where the
normal shared library extension is ".dylib".

We use the platform module to get the same extension as the build process.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15771)

7 days agoRefactor OSSL_STORE_LOADER_do_all_provided() to behave like OSSL_STORE_LOADER_fetch()
Richard Levitte [Thu, 10 Jun 2021 05:31:13 +0000 (07:31 +0200)]
Refactor OSSL_STORE_LOADER_do_all_provided() to behave like OSSL_STORE_LOADER_fetch()

This is refactored to use inner_loader_fetch() without any given name,
which is just there to ensure all decoder implementations are made
into methods, and then use ossl_method_store_do_all() to list them
all.

This also adds the internal ossl_store_loader_do_all_prefetched(),
which can be used if pre-fetching needs to be done separately from
listing all the decoder implementations, or if listing may happen
multiple times.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)

7 days agotest/evp_extra_test.c: Peek at the error instead of getting it.
Richard Levitte [Wed, 9 Jun 2021 09:00:00 +0000 (11:00 +0200)]
test/evp_extra_test.c: Peek at the error instead of getting it.

If there is an error report, we want to get it printed too.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)

7 days agoDECODER & ENCODER: Add better tracing
Richard Levitte [Wed, 9 Jun 2021 08:58:33 +0000 (10:58 +0200)]
DECODER & ENCODER: Add better tracing

Now that we have functions to get the name and properties of the
diverse implementations, we can as well display them for clarity.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)

7 days agoAdapt all public EVP_XXX_do_all_provided() for the changed evp_generic_do_all()
Richard Levitte [Wed, 9 Jun 2021 05:52:09 +0000 (07:52 +0200)]
Adapt all public EVP_XXX_do_all_provided() for the changed evp_generic_do_all()

Fixes #15538
Fixes #14837

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)

7 days agoRefactor evp_generic_do_all() to behave like evp_generic_fetch()
Richard Levitte [Wed, 9 Jun 2021 05:50:08 +0000 (07:50 +0200)]
Refactor evp_generic_do_all() to behave like evp_generic_fetch()

This is refactored to use inner_evp_generic_fetch() without any given
name, which is just there to ensure all decoder implementations are
made into methods, and then use ossl_method_store_do_all() to list
them all.

This also adds the internal evp_generic_do_all_prefetched(), which
can be used if pre-fetching needs to be done separately from listing
all the decoder implementations, or if listing may happen multiple
times.

Fixes #15538
Fixes #14837

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15604)