Richard Levitte [Sun, 10 Jan 2021 08:28:58 +0000 (09:28 +0100)]
Remove duplicate GENERATE declarations for .pod files
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13824)
Richard Levitte [Sun, 10 Jan 2021 08:26:22 +0000 (09:26 +0100)]
Configure: warn about duplicate GENERATE declarations in build.info files
This sort of duplication is permitted, as the end result will be a single
item anyway, but we might as well warn to avoid future confusion.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13824)
Richard Levitte [Sun, 10 Jan 2021 08:13:14 +0000 (09:13 +0100)]
Configure: clean away perl syntax faults
The faults aren't fatal (i.e. perl just shrugs), but are curious.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13824)
Richard Levitte [Sun, 10 Jan 2021 08:08:46 +0000 (09:08 +0100)]
Configure: Check all SOURCE declarations, to ensure consistency
If the given sources are GENERATEd, we check those generators as well.
This ensures that the declarations in the diverse build.info files are
consistent with existing files.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13824)
Dr. Matthias St. Pierre [Sat, 9 Jan 2021 16:29:47 +0000 (17:29 +0100)]
v3_ocsp.c: fix indentation of include directives
Fixes #13820
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13822)
John Baldwin [Thu, 7 Jan 2021 22:09:41 +0000 (14:09 -0800)]
Close /dev/crypto file descriptor after CRIOGET ioctl().
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13807)
Dr. David von Oheimb [Thu, 7 Jan 2021 09:16:12 +0000 (10:16 +0100)]
APPS: Print help also on -h and --h; print high-level help when no cmd given
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13799)
Dr. David von Oheimb [Thu, 7 Jan 2021 08:00:02 +0000 (09:00 +0100)]
APPS: Fix confusion between program and app/command name used in diagnostic/help output
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13799)
Dr. David von Oheimb [Tue, 22 Dec 2020 09:28:03 +0000 (10:28 +0100)]
apps/pkey.c: Forther improve user guidance, also on non-sensical option combinations
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13712)
Dr. David von Oheimb [Tue, 22 Dec 2020 07:37:03 +0000 (08:37 +0100)]
apps/pkey.c: Re-order help output and option documentation
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13712)
Dr. David von Oheimb [Tue, 15 Dec 2020 13:30:38 +0000 (14:30 +0100)]
apps/pkey.c: Make clear that -passout is not supported for DER output
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13712)
Dr. David von Oheimb [Thu, 10 Dec 2020 16:10:52 +0000 (17:10 +0100)]
apps.c: Fix crash in case uri arg of IS_HTTP or IS_HTTPS is NULL
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13712)
Sahana Prasad [Fri, 8 Jan 2021 15:26:21 +0000 (16:26 +0100)]
doc/man7/provider.pod: updates providers to use EVP_MD_free() and EVP_CIPHER_free()
instead of EVP_MD_meth_free() and EVP_CIPHER_meth_free() respectively which are used mostly by the engine (legacy) code.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13814)
anupamam13 [Mon, 2 Nov 2020 12:20:11 +0000 (17:50 +0530)]
Fix for negative return value from `SSL_CTX_sess_accept()`
Fixes #13183
From the original issue report, before this commit, on master and on
1.1.1, the issue can be detected with the following steps:
- Start with a default SSL_CTX, initiate a TLS 1.3 connection with SNI,
"Accept" count of default context gets incremented
- After servername lookup, "Accept" count of default context gets
decremented and that of SNI context is incremented
- Server sends a "Hello Retry Request"
- Client sends the second "Client Hello", now again "Accept" count of
default context is decremented. Hence giving a negative value.
This commit fixes it by adding a check on `s->hello_retry_request` in
addition to `SSL_IS_FIRST_HANDSHAKE(s)`, to ensure the counter is moved
only on the first ClientHello.
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13297)
Romain Geissler [Thu, 7 Jan 2021 16:54:58 +0000 (16:54 +0000)]
Fix simpledynamic test compilation when condigured without DSO support.
This fixes this compilation error:
In file included from test/simpledynamic.c:13:
test/simpledynamic.h:39:35: error: unknown type name 'SD'
39 | int sd_load(const char *filename, SD *sd, int type);
| ^~
test/simpledynamic.h:40:12: error: unknown type name 'SD'
40 | int sd_sym(SD sd, const char *symname, SD_SYM *sym);
| ^~
test/simpledynamic.h:40:40: error: unknown type name 'SD_SYM'
40 | int sd_sym(SD sd, const char *symname, SD_SYM *sym);
| ^~~~~~
test/simpledynamic.h:41:14: error: unknown type name 'SD'
41 | int sd_close(SD lib);
| ^~
make[1]: *** [Makefile:24670: test/moduleloadtest-bin-simpledynamic.o] Error 1
make[1]: *** Waiting for unfinished jobs....
In file included from test/moduleloadtest.c:19:
test/simpledynamic.h:39:35: error: unknown type name 'SD'
39 | int sd_load(const char *filename, SD *sd, int type);
| ^~
test/simpledynamic.h:40:12: error: unknown type name 'SD'
40 | int sd_sym(SD sd, const char *symname, SD_SYM *sym);
| ^~
test/simpledynamic.h:40:40: error: unknown type name 'SD_SYM'
40 | int sd_sym(SD sd, const char *symname, SD_SYM *sym);
| ^~~~~~
test/simpledynamic.h:41:14: error: unknown type name 'SD'
41 | int sd_close(SD lib);
| ^~
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13802)
Thomas De Schampheleire [Mon, 21 Dec 2020 14:17:24 +0000 (15:17 +0100)]
replace 'unsigned const char' with 'const unsigned char'
The openssl code base has only a few occurrences of 'unsigned const char'
(15 occurrences), compared to the more common 'const unsigned char' (4420
occurrences).
While the former is not illegal C, mixing the 'const' keyword (a 'type
qualifier') in between 'unsigned' and 'char' (both 'type specifiers') is a
bit odd.
The background for writing this patch is not to be pedantic, but because
the 'opmock' program (used to mock headers for unit tests) does not accept
the 'unsigned const char' construct. While this definitely is a bug in
opmock or one of its dependencies, openssl is the only piece of software we
are using in combination with opmock that has this construct.
CLA: trivial
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/13722)
Nicola Tuveri [Tue, 10 Nov 2020 10:28:52 +0000 (12:28 +0200)]
[test][pkey_check] Add more invalid SM2 key tests
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
Nicola Tuveri [Mon, 9 Nov 2020 23:11:48 +0000 (01:11 +0200)]
Add SM2 private key range validation
According to the relevant standards, the valid range for SM2 private
keys is [1, n-1), where n is the order of the curve generator.
For this reason we cannot reuse the EC validation function as it is, and
we introduce a new internal function `sm2_key_private_check()`.
Partially fixes https://github.com/openssl/openssl/issues/8435
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
Nicola Tuveri [Mon, 9 Nov 2020 21:34:00 +0000 (23:34 +0200)]
[test][pkey_check] Add invalid SM2 key test
SM2 private keys have different validation requirements than EC keys:
this test checks one corner case highlighted in
https://github.com/openssl/openssl/issues/8435
As @bbbrumley mentioned in
https://github.com/openssl/openssl/issues/8435#issuecomment-
720504282
this only fixes the absence of a regression test for validation of this
kind of boundary issues for decoded SM2 keys.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
Nicola Tuveri [Mon, 9 Nov 2020 20:35:28 +0000 (22:35 +0200)]
[apps/pkey] Return error on failed `-[pub]check`
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
Nicola Tuveri [Mon, 9 Nov 2020 20:34:18 +0000 (22:34 +0200)]
[test] Add `pkey -check` validation tests
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
Michael Baentsch [Thu, 7 Jan 2021 08:09:32 +0000 (09:09 +0100)]
Adding TLS group name retrieval
Function SSL_group_to_name() added, together with documentation and tests.
This now permits displaying names of internal and external
provider-implemented groups.
Partial fix of #13767
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13785)
Billy Brumley [Tue, 5 Jan 2021 11:08:09 +0000 (13:08 +0200)]
[crypto/dh] side channel hardening for computing DH shared keys
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13783)
Matt Caswell [Thu, 10 Dec 2020 10:36:23 +0000 (10:36 +0000)]
Ensure DTLS free functions can handle NULL
Our free functions should be able to deal with the case where the object
being freed is NULL. This turns out to not be quite the case for DTLS
related objects.
Fixes #13649
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13655)
Otto Hollmann [Tue, 20 Oct 2020 10:47:55 +0000 (12:47 +0200)]
Remove extra space.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12100)
Otto Hollmann [Mon, 19 Oct 2020 14:25:26 +0000 (16:25 +0200)]
Fixed error and return code.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12100)
Otto Hollmann [Mon, 19 Oct 2020 08:05:57 +0000 (10:05 +0200)]
Add a CHANGES entry for ignore unknown ciphers in set_ciphersuites.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12100)
Otto Hollmann [Tue, 9 Jun 2020 13:50:12 +0000 (15:50 +0200)]
Fix set_ciphersuites ignore unknown ciphers.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12100)
Matt Caswell [Thu, 7 Jan 2021 13:48:32 +0000 (13:48 +0000)]
Prepare for 3.0 alpha 11
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Matt Caswell [Thu, 7 Jan 2021 13:48:10 +0000 (13:48 +0000)]
Prepare for release of 3.0 alpha 10
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Matt Caswell [Thu, 7 Jan 2021 13:38:50 +0000 (13:38 +0000)]
Update copyright year
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13800)
Matt Caswell [Mon, 4 Jan 2021 17:29:35 +0000 (17:29 +0000)]
Only perform special TLS handling if TLS has been configured
Skip over special TLS steps for stream ciphers if we haven't been
configured for TLS.
Fixes #12528
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13774)
David CARLIER [Mon, 4 Jan 2021 16:42:47 +0000 (16:42 +0000)]
Mac M1 setting change proposal.
Running tests takes very long with the current setting while it takes a
lot shorter time with this change.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13771)
John Baldwin [Sat, 21 Nov 2020 01:45:48 +0000 (17:45 -0800)]
Support session information on FreeBSD.
FreeBSD's /dev/crypto does not provide a CIOCGSESSINFO ioctl, but it
does provide other ioctls that can be used to provide similar
functionality.
First, FreeBSD's /dev/crypto defines a CIOCGESSION2 ioctl which accepts
a 'struct session2_op'. This structure extends 'struct session_op'
with a 'crid' member which can be used to either request an individual
driver by id, or a class of drivers via flags.
To determine if the available drivers for a given algorithm are
accelerated or not, use CIOCGESSION2 to first attempt to create an
accelerated (hardware) session. If that fails, fall back to
attempting a software session. In addition, when requesting a new
cipher session, use the current setting of the 'use_softdrivers' flag
to determine the value assigned to 'crid' when invoking CIOCGSESSION2.
Finally, use the returned 'crid' value from CIOCGSESSION2 to look up
the name of the associated driver via the CIOCFINDDEV ioctl.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13468)
John Baldwin [Sat, 21 Nov 2020 01:07:35 +0000 (17:07 -0800)]
Use CRIOGET to fetch a crypto descriptor when present.
FreeBSD's current /dev/crypto implementation requires that consumers
clone a separate file descriptor via the CRIOGET ioctl that can then
be used with other ioctls such as CIOCGSESSION.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13468)
bazmoz [Sun, 27 Dec 2020 16:35:14 +0000 (22:05 +0530)]
Updated SSL_CTX_new doc
Fixes #13703
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13741)
Etienne Millon [Mon, 4 Jan 2021 10:33:55 +0000 (11:33 +0100)]
28-seclevel.cnf.in: fix typo in algo name
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13768)
Etienne Millon [Mon, 4 Jan 2021 10:28:36 +0000 (11:28 +0100)]
EVP_SIGNATURE-
ED25519.pod: fix typo in algo name
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13768)
Nirbheek Chauhan [Wed, 8 Jul 2020 17:53:04 +0000 (23:23 +0530)]
win-onecore: Build with /APPCONTAINER for UWP compat
When targeting the win-onecore configuration, we must link with
/APPCONTAINER which is a requirement for submitting apps to the
Windows Store.
Without this, the Windows App Certificate Kit will reject the app:
https://docs.microsoft.com/en-us/cpp/build/reference/appcontainer-windows-store-app
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12400)
Nirbheek Chauhan [Wed, 8 Jul 2020 17:40:34 +0000 (23:10 +0530)]
crypto/win: Don't use disallowed APIs on UWP
CreateFiber and ConvertThreadToFiber are not allowed in Windows Store
(Universal Windows Platform) apps since they have been replaced by
their Ex variants which have a new dwFlags parameter.
This flag allows the fiber to do floating-point arithmetic in the
fiber on x86, which would silently cause corruption otherwise since
the floating-point state is not switched by default.
Switch to these "new" APIs which were added in Vista.
See: https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createfiberex#parameters
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12400)
Dr. David von Oheimb [Fri, 1 Jan 2021 19:43:46 +0000 (20:43 +0100)]
Update copyright years of auto-generated headers (make update)
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/13764)
Matt Caswell [Wed, 23 Dec 2020 11:35:54 +0000 (11:35 +0000)]
Add a test for the new CRYPTO_atomic_* functions
Also tests the older CRYPTO_atomic_add() which was without a test
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13733)
Matt Caswell [Wed, 23 Dec 2020 11:15:03 +0000 (11:15 +0000)]
Add documentation for CRYPTO_atomic_or and CRYPTO_atomic_load
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13733)
Matt Caswell [Tue, 22 Dec 2020 17:44:07 +0000 (17:44 +0000)]
Optimise OPENSSL_init_crypto
If everything has already been initialised we can check this with a
single test at the beginning of OPENSSL_init_crypto() and therefore
reduce the amount of time spent in this function. Since this is called
via very many codepaths this should have significant performance benefits.
Partially fixes #13725 and #13578
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13733)
Matt Caswell [Tue, 22 Dec 2020 17:43:07 +0000 (17:43 +0000)]
Add some more CRYPTO_atomic functions
We add an implementation for CRYPTO_atomic_or() and CRYPTO_atomic_load()
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13733)
Matt Caswell [Wed, 23 Dec 2020 16:30:36 +0000 (16:30 +0000)]
Don't call EVP_CIPHER_CTX_block_size() to find the block size
The EVP lib was calling EVP_CIPHER_CTX_block_size(), which in turn calls
EVP_CIPHER_block_size() in order to find the block_size in every
EVP_EncryptUpdate() call. This adds a surprising amount of overhead when
using speed to test aes-128-cbc. Since we're in the EVP lib itself, we can
just directly access this value.
To test performance I ran the command:
openssl speed -evp aes-128-cbc -bytes 16 -seconds 30
For the before and after, I ran this twice and discarded the first result
to "warm up" my machine.
Before:
aes-128-cbc 716949.71k
After:
aes-128-cbc 742807.11k
This represents a performance improvement of about 4%
Partially fixes #13407
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13734)
Matt Caswell [Tue, 22 Dec 2020 15:16:51 +0000 (15:16 +0000)]
Optimise OPENSSL_init_crypto to not need a lock when loading config
Most of the time we don't have any explicit settings when loading a
config file. Therefore we optimise things so that we don't need to use
a lock in that instance.
Partially addresses performance issues in #13725
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13731)
Matt Caswell [Tue, 22 Dec 2020 11:36:30 +0000 (11:36 +0000)]
Cache Digest constants
EVP_CIPHER already caches certain constants so that we don't have to
query the provider every time. We do the same thing with EVP_MD constants.
Without this we can get performance issues, e.g. running "speed" with
small blocks of data to digest can spend a long time in EVP_MD_size(),
which should be quick.
Partialy fixes #13578
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13730)
Matt Caswell [Tue, 22 Dec 2020 11:54:16 +0000 (11:54 +0000)]
Move the caching of cipher constants into evp_cipher_from_dispatch
Previously we cached the cipher constants in EVP_CIPHER_fetch(). However,
this means we do the caching every time we call that function, even if
the core has previusly fetched the cipher and cached it already. This
means we can end up re-caching the constants even though they are already
present. This also means we could be updating these constants from
multiple threads at the same time.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13730)
Dmitry Belyavskiy [Tue, 22 Dec 2020 08:40:46 +0000 (09:40 +0100)]
Fix doc-nits for list command
Bug was introduced in #13669
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13728)
Dmitry Belyavskiy [Mon, 21 Dec 2020 13:23:17 +0000 (14:23 +0100)]
Fetch provided algorithm once per benchmark
Partially fixes #13578
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13721)
Ingo Schwarze [Thu, 4 Jun 2020 22:30:00 +0000 (00:30 +0200)]
Fix NULL pointer access caused by X509_ATTRIBUTE_create()
When X509_ATTRIBUTE_create() receives an invalid NID (e.g., -1), return
failure rather than silently constructing a broken X509_ATTRIBUTE object
that might cause NULL pointer accesses later on. This matters because
X509_ATTRIBUTE_create() is used by API functions like PKCS7_add_attribute(3)
and the NID comes straight from the user.
This bug was found while working on LibreSSL documentation.
Reviewed-by: Theo Buehler <tb@openbsd.org>
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12052)
jwalch [Tue, 15 Dec 2020 20:00:11 +0000 (15:00 -0500)]
Restore v2i_AUTHORITY_INFO_ACCESS() behavior
Fixes #13636
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13683)
Richard Levitte [Thu, 17 Dec 2020 20:37:15 +0000 (21:37 +0100)]
Drop OPENSSL_NO_RSA everywhere
The configuration option 'no-rsa' was dropped with OpenSSL 1.1.0, so
this is simply a cleanup of the remains.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13700)
Richard Levitte [Fri, 18 Dec 2020 14:39:50 +0000 (15:39 +0100)]
GitHub CI: Separate no-deprecated job from minimal job
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13706)
Richard Levitte [Fri, 18 Dec 2020 12:17:33 +0000 (13:17 +0100)]
Fix 'no-deprecated'
Some of the handling of no-deprecated stuff wasn't quite complete, or
even plain wrong.
This restores i2d_PublicKey() to be able to handle EVP_PKEYs with
legacy internal keys.
This also refactors the DSA key tests in test/evp_extra_test.c to use
EVP functionality entirely.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13706)
Petr Gotthard [Thu, 17 Dec 2020 19:13:00 +0000 (20:13 +0100)]
Fix OSSL_PARAM creation in OSSL_STORE_open_ex
The params[0].data is set to a non-NULL value, but params[0].data_size
is always zero. This confuses get_string_internal, which creates 1 byte
string with uninitialized content.
When OSSL_PARAM_construct_utf8_string is used, the data_size is set
correctly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13699)
Richard Levitte [Fri, 18 Dec 2020 07:59:02 +0000 (08:59 +0100)]
TEST: Fix test/endecode_test.c for 'no-legacy'
This adds an additional check that the legacy provider is available
when wanting to add tests for protected PVK, since that depends on the
availability of RC4.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13705)
Richard Levitte [Thu, 17 Dec 2020 21:01:46 +0000 (22:01 +0100)]
make update
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/13701)
Richard Levitte [Thu, 17 Dec 2020 20:55:07 +0000 (21:55 +0100)]
GitHub CI: Add 'check-update' and 'check-docs'
'check-update' runs a 'make update' to check that it wasn't forgotten.
'check-docs' runs 'make doc-nits'. We have that as a separate job to
make it more prominent.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/13701)
Pauli [Wed, 21 Oct 2020 22:18:38 +0000 (08:18 +1000)]
dsa: add additional deprecated functions to CHANGES entry.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13638)
Pauli [Tue, 20 Oct 2020 03:32:57 +0000 (13:32 +1000)]
dsa: provider and library deprecation changes
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13638)
Pauli [Tue, 20 Oct 2020 03:32:26 +0000 (13:32 +1000)]
dsa: apps deprecation changes
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13638)
Pauli [Tue, 20 Oct 2020 03:32:08 +0000 (13:32 +1000)]
dsa: fuzzer deprecation changes
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13638)
Pauli [Tue, 20 Oct 2020 03:31:43 +0000 (13:31 +1000)]
dsa: documentation deprecation changes
Fixes #13121
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13638)
Dr. David von Oheimb [Thu, 12 Nov 2020 20:27:37 +0000 (21:27 +0100)]
apps/cmp.c: Correct -keyform option range w.r.t engine
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13690)
Dr. David von Oheimb [Wed, 16 Dec 2020 12:35:27 +0000 (13:35 +0100)]
apps/cmp.c: Fix bug on -path option introduced in commit
3c9d6266ed85
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13690)
Richard Levitte [Wed, 16 Dec 2020 16:01:06 +0000 (17:01 +0100)]
EVP: Fix memory leak in EVP_PKEY_CTX_dup()
In most error cases, EVP_PKEY_CTX_dup() would only free the EVP_PKEY_CTX
without freeing the duplicated contents.
Fixes #13503
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13661)
Richard Levitte [Wed, 16 Dec 2020 14:15:06 +0000 (15:15 +0100)]
CORE: Separate OSSL_PROVIDER activation from OSSL_PROVIDER reference
This introduces a separate activation counter, and the function
ossl_provider_deactivate() for provider deactivation.
Something to be noted is that if the reference count goes down to
zero, we don't care if the activation count is non-zero (i.e. someone
forgot to call ossl_provider_deactivate()). Since there are no more
references to the provider, it doesn't matter.
The important thing is that deactivation doesn't remove the provider
as long as there are references to it, for example because there are
live methods associated with that provider, but still makes the
provider unavailable to create new methods from.
Fixes #13503
Fixes #12157
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13661)
Richard Levitte [Fri, 11 Dec 2020 10:01:09 +0000 (11:01 +0100)]
DECODER: Adjust the library context of keys in our decoders
Because decoders are coupled with keymgmts from the same provider,
ours need to produce provider side keys the same way. Since our
keymgmts create key data with the provider library context, so must
our decoders.
We solve with functions to adjust the library context of decoded keys,
and use them.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13661)
Richard Levitte [Thu, 10 Dec 2020 13:00:05 +0000 (14:00 +0100)]
MSBLOB & PVK: Make it possible to write EVP_PKEYs with provided internal key
So far, the MSBLOB and PVK writers could only handle EVP_PKEYs with
legacy internal keys.
Specially to be able to compile the loader_attic engine, we use the C
macro OPENSSL_NO_PROVIDER_CODE to avoid building the provider specific
things when we don't need them. The alternative is to suck half of
crypto/evp/ into loader_attic, and that's just not feasible.
Fixes #13503
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13661)
Richard Levitte [Thu, 10 Dec 2020 17:33:16 +0000 (18:33 +0100)]
DECODER EVP_PKEY: Don't store all the EVP_KEYMGMTs
OSSL_DECODER_CTX_new_by_EVP_PKEY() would keep copies of all the
EVP_KEYMGMTs it finds.
This turns out to be fragile in certain circumstances, so we switch to
fetch the appropriate EVP_KEYMGMT when it's time to construct an
EVP_PKEY from the decoded data instead. This has the added benefit
that we now actually use the property query string that was given by
the caller for these fetches.
Fixes #13503
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13661)
Tomas Mraz [Wed, 16 Dec 2020 08:39:31 +0000 (09:39 +0100)]
Github CI: run also on repository pushes
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13686)
Richard Levitte [Wed, 2 Dec 2020 17:30:55 +0000 (18:30 +0100)]
Add necessary checks of OPENSSL_NO_DH, OPENSSL_NO_DSA and OPENSSL_NO_EC
When OpenSSL is configured with 'no-dh', 'no-dsa' and 'no-ec'
combined, some static functions have no use, which the compiler may
complain about. We therefore add extra guards to silence it.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13589)
Richard Levitte [Wed, 2 Dec 2020 17:27:03 +0000 (18:27 +0100)]
Drop unnecessary checks of OPENSSL_NO_DH, OPENSSL_NO_DSA and OPENSSL_NO_EC
The apps, the CMS library and the X.509 library are primarly affected.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13589)
Richard Levitte [Tue, 1 Dec 2020 18:21:04 +0000 (19:21 +0100)]
EVP_PKEY & EC_KEY: Make EC EVP_PKEY_CTX parameter ctrls / setters more available
EVP_PKEY_CTX_set_ec_ functions were only available when EC was enabled
('no-ec' not configured). However, that makes it impossible to use
these functions with an engine or a provider that happens to implement
EC_KEY. This change solves that problem by shuffling these functions
to more appropriate places.
Partially fixes #13550
squash! EVP_PKEY & EC_KEY: Make EC EVP_PKEY_CTX parameter ctrls / setters more available
By consequence, there are a number of places where we can remove the
check of OPENSSL_NO_EC. This requires some re-arrangements of
internal tables to translate between numeric identities and names.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13589)
Richard Levitte [Tue, 1 Dec 2020 18:11:59 +0000 (19:11 +0100)]
EVP_PKEY & DH: Make DH EVP_PKEY_CTX parameter ctrls / setters more available
EVP_PKEY_CTX_set_dh_ functions were only available when DH was enabled
('no-dsa' not configured). However, that makes it impossible to use
these functions with an engine or a provider that happens to implement
DH. This change solves that problem by shuffling these functions to
more appropriate places.
By consequence, there are a number of places where we can remove the
check of OPENSSL_NO_DH. This requires some re-arrangements of
internal tables to translate between numeric identities and names.
Partially fixes #13550
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13589)
Richard Levitte [Tue, 1 Dec 2020 18:09:39 +0000 (19:09 +0100)]
EVP_PKEY & DSA: move dsa_ctrl.c to be included only on libcrypto
These functions aren't used by the FIPS module, so there's no reason
to include it there.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13589)
Richard Levitte [Wed, 9 Dec 2020 10:54:56 +0000 (11:54 +0100)]
PROV: Add MSBLOB and PVK encoders
This allows 15-test_rsa.t to succeed, and provides the same OSSL_ENCODER
support for these formats as for all other formats supported in OpenSSL.
Fixes #13379
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13645)
Richard Levitte [Wed, 9 Dec 2020 10:30:10 +0000 (11:30 +0100)]
TEST: Fix test/recipes/15-test_rsa.t
Perl strings should be compared with 'eq', not '=='.
This only generates a perl warning, so wasn't immediately noticed.
Also, remove the check of disabled 'dsa'. That never made reak sense.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13645)
Richard Levitte [Wed, 9 Dec 2020 10:28:35 +0000 (11:28 +0100)]
APPS: Correct the output structure for public keys in 'openssl rsa'
'openssl rsa' would output a PKCS#1 structure when asked for a
SubjectPublicKeyInfo and vice versa.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13645)
Rich Salz [Sat, 28 Nov 2020 21:12:58 +0000 (16:12 -0500)]
Check non-option arguments
Make sure all commands check to see if there are any "extra" arguments
after the options, and print an error if so.
Made all error messages consistent (which is to say, minimal).
Fixes: #13527
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13563)
Pauli [Sat, 12 Dec 2020 11:38:17 +0000 (21:38 +1000)]
test: document the random test ordering env variable
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13672)
Pauli [Sat, 12 Dec 2020 11:25:40 +0000 (21:25 +1000)]
test: print OPENSSL_TEST_RAND_ORDER=x when a randomised test fails.
The previous message "random seed x" is a lot less descriptive.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13672)
Rich Salz [Fri, 11 Dec 2020 19:18:46 +0000 (14:18 -0500)]
Document OCSP_REQ_CTX_i2d.
Based on comments from David von Oheimb.
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13620)
Rich Salz [Sat, 5 Dec 2020 15:42:18 +0000 (10:42 -0500)]
Deprecate OCSP_REQ_CTX_set1_req
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13620)
Dmitry Belyavskiy [Sat, 12 Dec 2020 05:23:20 +0000 (06:23 +0100)]
Skip tests depending on deprecated list -*-commands options
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13669)
Dmitry Belyavskiy [Fri, 11 Dec 2020 05:15:04 +0000 (06:15 +0100)]
Documenting the options deprecating in CHANGES.md
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13669)
Dmitry Belyavskiy [Fri, 11 Dec 2020 05:13:41 +0000 (06:13 +0100)]
Documenting the options deprecating
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13669)
Dmitry Belyavskiy [Fri, 11 Dec 2020 02:15:09 +0000 (03:15 +0100)]
Skip unavailable digests and ciphers in -*-commands
Fixes #13594
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13669)
Dmitry Belyavskiy [Fri, 11 Dec 2020 00:31:30 +0000 (01:31 +0100)]
Deprecate -cipher-commands and -digest-commands options
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13669)
Dmitry Belyavskiy [Fri, 11 Dec 2020 00:23:02 +0000 (01:23 +0100)]
OPENSSL_NO_GOST has nothing to do with low-level algos
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13669)
Sebastian Andrzej Siewior [Sun, 5 Jul 2020 18:52:39 +0000 (20:52 +0200)]
Configurations: PowerPC is big endian
Define B_ENDIAN on PowerPC because it is a big endian architecture. With
this change the BN* related tests pass.
Fixes: #12199
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12371)
Shane Lontis [Wed, 9 Dec 2020 02:32:47 +0000 (12:32 +1000)]
Change AES-CTS modes CS2 and CS3 to also be inside the fips module.
The initial thought was that only CS1 mode (the NIST variant) was allowed.
The lab has asked if these other modes should be included.
The algorithm form indicates that these are able to be validated.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13639)
Shane Lontis [Wed, 25 Nov 2020 05:21:52 +0000 (15:21 +1000)]
Fix Segfault in EVP_PKEY_CTX_dup when the ctx has an undefined operation.
Fixes #12438
Note: This worked in 1.1.1 so just returning an error is not valid.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13505)
Matt Caswell [Wed, 9 Dec 2020 16:26:29 +0000 (16:26 +0000)]
Fix no-threads
Make OPENSSL_fork_prepare() et al always available even in a no-threads
build. These functions are no-ops anyway so this shouldn't make any
difference.
This fixes an issue where the symbol_presence test fails in a no-threads
build. This is because these functions have not been marked in
libcrypto.num as being dependent on thread support. Enclosing the
declarations of the functions in the header with an appropriate guard
does not help because we never define OPENSSL_NO_THREADS (we define the
opposite OPENSSL_THREADS). This confuses the scripts which only consider
OPENSSL_NO_* guards. The simplest solution is to just make them always
available.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13647)
Ankita Shetty [Wed, 9 Dec 2020 20:56:51 +0000 (21:56 +0100)]
openssl.pod: Fix openSSL options doc
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/13651)
Richard Levitte [Wed, 9 Dec 2020 16:50:20 +0000 (17:50 +0100)]
Remove unnecessary guards around MSBLOB and PVK readers and writers
The OPENSSL_NO_RC4 guard remain around protected PVK tests in
test/endecoder_test.c.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13648)
Richard Levitte [Wed, 9 Dec 2020 16:30:01 +0000 (17:30 +0100)]
PEM: Unlock MSBLOB and PVK functions from 'no-dsa' and 'no-rc4'
All these functions are usable with RSA keys, there's no reason why
they should be unaccessible when DSA or RC4 are disabled.
When DSA is disabled, it's not possible to use these functions for
DSA EVP_PKEYs. That's fine, and supported.
When RC4 is disabled, it's not possible to use these functions to
write encrypted PVK output. That doesn't even depend on the
definition of OPENSSL_NO_RC4, but if the RC4 algorithm is accessible
via EVP, something that isn't known when building libcrypto.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13648)
Richard Levitte [Fri, 11 Dec 2020 15:25:13 +0000 (16:25 +0100)]
Building: Fix the library file names for MSVC builds to include multilib
In OpenSSL 1.1.1, VC-WIN64I and VC-WIN64A have a 'multilib' attribute
set, which affect the names of the produced libcrypto and libssl DLLs.
This restores that for OpenSSL 3.0.
Fixes #13659
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13670)