openssl.git
5 months agoFix exit issue in travisci
Fangming.Fang [Mon, 2 Dec 2019 02:44:21 +0000 (02:44 +0000)]
Fix exit issue in travisci

Ungraceful 'exit' probably causes unexpeced error on background activity.
So replace 'exit' with recommended 'travis_terminate'. Also see
https://travis-ci.community/t/exit-0-cannot-exit-successfully-on-arm/5731/4

Change-Id: I382bd93a3e15ecdf305bab23fc4adefbf0348ffb

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10561)

5 months agoRemove spurious space from file.
Pauli [Tue, 3 Dec 2019 09:56:41 +0000 (19:56 +1000)]
Remove spurious space from file.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10562)

5 months agoDeprecate the AES_ige_*() functions
Matt Caswell [Fri, 29 Nov 2019 12:02:54 +0000 (12:02 +0000)]
Deprecate the AES_ige_*() functions

These functions were already partially deprecated. Now we do it fully.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10558)

5 months agoAdd the ability to supress deprecation warnings
Matt Caswell [Fri, 29 Nov 2019 12:01:18 +0000 (12:01 +0000)]
Add the ability to supress deprecation warnings

We add a new macro OPENSSL_SUPRESS_DEPRECATED which enables applications
to supress deprecation warnings where necessary.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10558)

5 months agoadd X509_cmp_timeframe() including its documentation
Dr. David von Oheimb [Fri, 22 Nov 2019 12:02:52 +0000 (13:02 +0100)]
add X509_cmp_timeframe() including its documentation

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10502)

5 months agoutil/mkerr.pl: don't stop reading conserved symbols from the state file
Richard Levitte [Sun, 1 Dec 2019 08:14:48 +0000 (09:14 +0100)]
util/mkerr.pl: don't stop reading conserved symbols from the state file

If we don't read them, they will not be conserved.

Fixes #10522

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10549)

5 months agoconfigdata.pm.in: Don't try to quotify undefined values
Richard Levitte [Sun, 1 Dec 2019 07:20:09 +0000 (08:20 +0100)]
configdata.pm.in: Don't try to quotify undefined values

Fixes #10503

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10548)

5 months agoUpdate NOTES.ANDROID for newer NDK versions + small fixes.
zero [Tue, 3 Dec 2019 09:50:52 +0000 (19:50 +1000)]
Update NOTES.ANDROID for newer NDK versions + small fixes.

Fixes #8941

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10478)

5 months agoSet argument only after successful dup on CMP APIs
raja-ashok [Tue, 3 Dec 2019 09:31:49 +0000 (19:31 +1000)]
Set argument only after successful dup on CMP APIs

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/10511)

5 months agoFix typos in fipsinstall test
Dr. Matthias St. Pierre [Sat, 23 Nov 2019 07:54:29 +0000 (08:54 +0100)]
Fix typos in fipsinstall test

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10506)

6 months agoutil/find-doc-nits: ignore macros ending in _fnsig
Richard Levitte [Wed, 27 Nov 2019 07:59:09 +0000 (08:59 +0100)]
util/find-doc-nits: ignore macros ending in _fnsig

These are helper macros alongside the IMPLEMENT_ and DECLARE_ macros.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoutil/find-doc-nits: limit the prototype check
Richard Levitte [Tue, 19 Nov 2019 09:50:14 +0000 (10:50 +0100)]
util/find-doc-nits: limit the prototype check

The prototype checks shouldn't be performed on SYNOPSIS lines that
aren't function prototypes.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoAdd NEWS and CHANGES entries about OSSL_SERIALIZER
Richard Levitte [Mon, 18 Nov 2019 01:31:33 +0000 (02:31 +0100)]
Add NEWS and CHANGES entries about OSSL_SERIALIZER

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoTEST: add tests of text and PEM printout of a provider made key
Richard Levitte [Mon, 18 Nov 2019 01:30:50 +0000 (02:30 +0100)]
TEST: add tests of text and PEM printout of a provider made key

This renames test/evp_fromdata_test.c to test/evp_pkey_provided_test.c,
to encourage additional testing of provider made keys.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoPROV SERIALIZER: add support for writing DSA keys and parameters
Richard Levitte [Mon, 18 Nov 2019 01:01:13 +0000 (02:01 +0100)]
PROV SERIALIZER: add support for writing DSA keys and parameters

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoPROV SERIALIZER: add support for writing DH keys and parameters
Richard Levitte [Mon, 18 Nov 2019 00:57:56 +0000 (01:57 +0100)]
PROV SERIALIZER: add support for writing DH keys and parameters

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoPROV SERIALIZER: add support for writing RSA keys
Richard Levitte [Mon, 18 Nov 2019 00:56:22 +0000 (01:56 +0100)]
PROV SERIALIZER: add support for writing RSA keys

This also adds the missing accessor RSA_get0_pss_params(), so those
parameters can be included in the PKCS#8 data structure without
needing to know the inside of the RSA structure.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoPROV SERIALIZER: add common functionality to serialize keys
Richard Levitte [Mon, 18 Nov 2019 00:54:11 +0000 (01:54 +0100)]
PROV SERIALIZER: add common functionality to serialize keys

To support generic output of public keys wrapped in a X509_PUBKEY,
additional PEM and i2d/d2i routines are added for that type.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoPROV BIO: add a BIO_vprintf() upcall, and a provider BIO library
Richard Levitte [Mon, 18 Nov 2019 00:50:18 +0000 (01:50 +0100)]
PROV BIO: add a BIO_vprintf() upcall, and a provider BIO library

The BIO_vprintf() will allow the provider to print any text, given a
BIO supplied by libcrypto.

Additionally, we add a provider library with functions to collect all
the currently supplied BIO upcalls, as well as wrappers around those
upcalls.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoSERIALIZER: add hooks in EVP_PKEY_print_ routines
Richard Levitte [Mon, 18 Nov 2019 00:47:32 +0000 (01:47 +0100)]
SERIALIZER: add hooks in EVP_PKEY_print_ routines

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoSERIALIZER: add hooks in PEM_write_bio_ and PEM_write_fp_ routines
Richard Levitte [Mon, 18 Nov 2019 00:44:23 +0000 (01:44 +0100)]
SERIALIZER: add hooks in PEM_write_bio_ and PEM_write_fp_ routines

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoSERIALIZER: add support for serializing EVP_PKEYs
Richard Levitte [Mon, 18 Nov 2019 00:34:26 +0000 (01:34 +0100)]
SERIALIZER: add support for serializing EVP_PKEYs

The following public functions is added:

- OSSL_SERIALIZER_CTX_new_by_EVP_PKEY()
- OSSL_SERIALIZER_CTX_set_cipher()
- OSSL_SERIALIZER_CTX_set_passphrase()
- OSSL_SERIALIZER_CTX_set_passphrase_cb()
- OSSL_SERIALIZER_CTX_set_passphrase_ui()

OSSL_SERIALIZER_CTX_new_by_EVP_PKEY() selects a suitable serializer
for the given EVP_PKEY, and sets up the OSSL_SERIALIZER_CTX to
function together with OSSL_SERIALIZER_to_bio() and
OSSL_SERIALIZER_to_fp().

OSSL_SERIALIZER_CTX_set_cipher() indicates what cipher should be used
to produce an encrypted serialization of the EVP_PKEY.  This is passed
directly to the provider using OSSL_SERIALIZER_CTX_set_params().

OSSL_SERIALIZER_CTX_set_passphrase() can be used to set a pass phrase
to be used for the encryption.  This is passed directly to the
provider using OSSL_SERIALIZER_CTX_set_params().

OSSL_SERIALIZER_CTX_set_passphrase_cb() and
OSSL_SERIALIZER_CTX_set_passphrase_ui() sets up a callback to be used
to prompt for a passphrase.  This is stored in the context, and is
called via an internal intermediary at the time of serialization.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoCORE: expose the property parsers and checker to the rest of the libraries
Richard Levitte [Tue, 19 Nov 2019 13:17:04 +0000 (14:17 +0100)]
CORE: expose the property parsers and checker to the rest of the libraries

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoSERIALIZER: add functions for serialization to file
Richard Levitte [Mon, 18 Nov 2019 00:32:22 +0000 (01:32 +0100)]
SERIALIZER: add functions for serialization to file

These functions are added:

- OSSL_SERIALIZER_to_bio()
- OSSL_SERIALIZER_to_fp() (unless 'no-stdio')

OSSL_SERIALIZER_to_bio() and OSSL_SERIALIZER_to_fp() work as wrapper
functions, and call an internal "do_output" function with the given
serializer context and a BIO to output the serialized result to.

The internal "do_output" function must have intimate knowledge of the
object being output.  This will defined independently with context
creators for specific OpenSSL types.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoSERIALIZER: New API for serialization of objects through providers
Richard Levitte [Mon, 18 Nov 2019 00:29:06 +0000 (01:29 +0100)]
SERIALIZER: New API for serialization of objects through providers

Serialization is needed to be able to take a provider object (such as
the provider side key data) and output it in PEM form, DER form, text
form (for display), and possibly other future forms (XML? JSON? JWK?)

The idea is that a serializer should be able to handle objects it has
intimate knowledge of, as well as object data in OSSL_PARAM form.  The
latter will allow libcrypto to serialize some object with a different
provider than the one holding the data, if exporting of that data is
allowed and there is a serializer that can handle it.

We will provide serializers for the types of objects we know about,
which should be useful together with any other provider that provides
implementations of the same type of object.

Serializers are selected by method name and a couple of additional
properties:

- format        used to tell what format the output should be in.
                Possibilities could include "format=text",
                "format=pem", "format=der", "format=pem-pkcs1"
                (traditional), "format=der-pkcs1" (traditional)
- type          used to tell exactly what type of data should be
                output, for example "type=public" (the public part of
                a key), "type=private" (the private part of a key),
                "type=domainparams" (domain parameters).

This also adds a passphrase callback function type,
OSSL_PASSPHRASE_CALLBACK, which is a bit like OSSL_CALLBACK, but it
takes a few extra arguments to place the result in.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoCORE: pass the full algorithm definition to the method constructor
Richard Levitte [Tue, 19 Nov 2019 08:55:56 +0000 (09:55 +0100)]
CORE: pass the full algorithm definition to the method constructor

So far, the API level method constructors that are called by
ossl_method_construct_this() were passed the algorithm name string and
the dispatch table and had no access to anything else.

This change gives them access to the full OSSL_ALGORITHM item, thereby
giving them access to the property definition.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoCORE: ossl_namemap_add_names(): new function to add multiple names
Richard Levitte [Fri, 8 Nov 2019 23:18:05 +0000 (00:18 +0100)]
CORE: ossl_namemap_add_names(): new function to add multiple names

This was originally the private add_names_to_namemap() in
crypto/evp/evp_fetch.c, but made more generally useful.

To make for more consistent function naming, ossl_namemap_add() and
ossl_namemap_add_n() are renamed to ossl_namemap_add_name() and
ossl_namemap_add_name_n().

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10394)

6 months agoDisable mem leak checking for the self test lock
Matt Caswell [Thu, 19 Sep 2019 10:52:45 +0000 (11:52 +0100)]
Disable mem leak checking for the self test lock

The fips self test lock is deallocated in platform specific ways that may
occur after we do mem leak checking. If we don't know how to free it for
a particular platform then we just leak it deliberately. So we
temporarily disable the mem leak checking while we allocate the lock.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9939)

6 months agoMake sure we only run the self tests once
Matt Caswell [Wed, 18 Sep 2019 16:27:10 +0000 (17:27 +0100)]
Make sure we only run the self tests once

Fixes #9909

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9939)

6 months agoCheck the return from OPENSSL_buf2hexstr()
Matt Caswell [Tue, 26 Nov 2019 17:15:20 +0000 (17:15 +0000)]
Check the return from OPENSSL_buf2hexstr()

The function OPENSSL_buf2hexstr() can return NULL if it fails to allocate
memory so the callers should check its return value.

Fixes #10525

Reported-by: Ziyang Li (@Liby99)
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10526)

6 months agoCheck that OPENSSL_zalloc was successful when creating EVP types
Matt Caswell [Tue, 26 Nov 2019 17:14:08 +0000 (17:14 +0000)]
Check that OPENSSL_zalloc was successful when creating EVP types

We were missing a NULL check in a few very similar places following an
OPENSSL_zalloc() call.

Reported-by: Ziyang Li (@Liby99)
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10526)

6 months agoAdd a test for NULL chunks in encrypt/decrypt
Matt Caswell [Fri, 31 May 2019 13:32:55 +0000 (14:32 +0100)]
Add a test for NULL chunks in encrypt/decrypt

Issue #8675 describes a problem where calling EVP_DecryptUpdate() with an
empty chunk causes the result to be different compared to if you do not
use an empty chunk. This adds a test for that case.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10530)

6 months agoMake sure we handle input NULL with length 0
Matt Caswell [Wed, 27 Nov 2019 16:06:34 +0000 (16:06 +0000)]
Make sure we handle input NULL with length 0

If we call EVP_EncryptUpdate/EVP_DecryptUpdate with length 0 we should
be able to handle it. Most importantly we shouldn't get different
results if we do this compared to if we don't!

An exception is made for CCM mode which has special handling for this in
the low level cipher function.

Fixes #8675

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10530)

6 months agoConfigure: make it possible to have generated generators
Richard Levitte [Wed, 20 Nov 2019 13:58:20 +0000 (14:58 +0100)]
Configure: make it possible to have generated generators

This makes it possible to chain GENERATOR statements, which allows
constructs like this:

    GENERATE[something.html]=something.pod
    GENERATE[something.pod]=something.pod.in

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6236)

6 months agoAdapt *.tmpl to generate docs at build time
Richard Levitte [Wed, 31 Aug 2016 20:57:25 +0000 (22:57 +0200)]
Adapt *.tmpl to generate docs at build time

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6236)

6 months agoAdd doc/build.info to build the documentation
Richard Levitte [Wed, 31 Aug 2016 20:56:02 +0000 (22:56 +0200)]
Add doc/build.info to build the documentation

This build.info is entirely generated when configuring

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6236)

6 months agoAdd the possibility to generate documentation at build time
Richard Levitte [Wed, 31 Aug 2016 20:54:39 +0000 (22:54 +0200)]
Add the possibility to generate documentation at build time

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6236)

6 months agoconfigdata.pm.in, util/dofile.pl: load 'platform' unconditionally
Richard Levitte [Mon, 25 Nov 2019 11:53:19 +0000 (12:53 +0100)]
configdata.pm.in, util/dofile.pl: load 'platform' unconditionally

The 'platform' module handles defaults fine, there's no need to add
extra conditions on it being loaded.

Fixes #10513

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10514)

6 months agoapps/ocsp.c: sock_timeout -> socket_timeout
Richard Levitte [Mon, 25 Nov 2019 12:27:33 +0000 (13:27 +0100)]
apps/ocsp.c: sock_timeout -> socket_timeout

It appears that 'sock_timeout' is defined at least with DJGPP, so we
rename our symbol and hope the new name isn't taken.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10515)

6 months agoFix L<EVP_MD_CTX_set_pkey_ctx> links
moehuster [Tue, 12 Nov 2019 11:28:51 +0000 (19:28 +0800)]
Fix L<EVP_MD_CTX_set_pkey_ctx> links

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10420)

(cherry picked from commit ca7c982821cd6d7546f92623da61a6f43ee32d0a)

6 months agochacha/asm/chacha-armv8.pl: preserve FP registers d8 and d9 correctly
Ard Biesheuvel [Thu, 21 Nov 2019 17:13:41 +0000 (18:13 +0100)]
chacha/asm/chacha-armv8.pl: preserve FP registers d8 and d9 correctly

Depending on the size of the input, we may take different paths through
the accelerated arm64 ChaCha20 routines, each of which use a different
subset of the FP registers, some of which need to be preserved and
restored, as required by the AArch64 calling convention (AAPCS64)

In some cases, (e.g., when the input size is 640 bytes), we call the 512
byte NEON path followed directly by the scalar path, and in this case,
we preserve and restore d8 and d9, only to clobber them again
immediately before handing over to the scalar path which does not touch
the FP registers at all, and hence does not restore them either.

Fix this by moving the restoration of d8 and d9 to a later stage in the
512 byte routine, either before calling the scalar path, or when exiting
the function.

Fixes #10470
CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10497)

6 months agoUse option/parameter consistently.
Rich Salz [Thu, 21 Nov 2019 23:14:12 +0000 (18:14 -0500)]
Use option/parameter consistently.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10135)

6 months agoDocument more env var stuff, fix some typo's
Rich Salz [Wed, 9 Oct 2019 19:45:12 +0000 (15:45 -0400)]
Document more env var stuff, fix some typo's

Add openssl-env.pod
Also fix up many other environment page formatting nits.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10135)

6 months agotest/cipher_overhead_test.c: build unconditionally
Richard Levitte [Mon, 25 Nov 2019 15:30:51 +0000 (16:30 +0100)]
test/cipher_overhead_test.c: build unconditionally

Build it against static libraries always, since that's the only way it
can work as intended.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10516)

6 months agoutil/find-doc-nits: Better parsing of links
Richard Levitte [Sat, 23 Nov 2019 20:41:35 +0000 (21:41 +0100)]
util/find-doc-nits: Better parsing of links

When checking links, we need to peal away stuff that aren't part of
the link proper first.  That makes it easier to check the link
itself.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10507)

6 months agodoc/man7/proxy-certificates.pod: New guide for proxy certificates
Richard Levitte [Sat, 23 Nov 2019 09:36:16 +0000 (10:36 +0100)]
doc/man7/proxy-certificates.pod: New guide for proxy certificates

This replaces doc/HOWTO/proxy_certificates.txt

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10507)

6 months agoProperty: fix memory leak.
Pauli [Sun, 24 Nov 2019 08:15:15 +0000 (18:15 +1000)]
Property: fix memory leak.

Coverity 1456008.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10509)

6 months agoCache constants for fetched EVP_cipher
Shane Lontis [Mon, 18 Nov 2019 00:32:36 +0000 (10:32 +1000)]
Cache constants for fetched EVP_cipher

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/10461)

6 months agoSupport ciphersuites using a SHA2 384 digest in FreeBSD KTLS.
John Baldwin [Thu, 31 Oct 2019 23:51:08 +0000 (16:51 -0700)]
Support ciphersuites using a SHA2 384 digest in FreeBSD KTLS.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #10372

6 months agoProperty: fix intermittent test failure.
Pauli [Fri, 22 Nov 2019 22:04:38 +0000 (08:04 +1000)]
Property: fix intermittent test failure.

The reduction in the cache flush threshold in #10408 caused the stochastic test
to fail with noticeable probability.  Revert that part of the change.

Also add a comment to help avoid this in future.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10505)

6 months agoRemove RANDFILE settings from configuration files
Dr. Matthias St. Pierre [Wed, 13 Nov 2019 15:02:09 +0000 (16:02 +0100)]
Remove RANDFILE settings from configuration files

OpenSSL 1.1.1 introduced a new CSPRNG with an improved seeding
mechanism, which makes it dispensable to define a RANDFILE for
saving and restoring randomness. This commit removes the RANDFILE
declarations from our own configuration files and adds documentation
that this option is not needed anymore and retained mainly for
compatibility reasons.

Fixes #10433

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10436)

6 months agoRemove deadlock that was caused by calling pthread_rwlock_wrlock() on same thread...
Matus Kysel [Fri, 22 Nov 2019 09:44:02 +0000 (10:44 +0100)]
Remove deadlock that was caused by calling pthread_rwlock_wrlock() on same thread twice. This can be reproduce only with musl.

CLA: trivial

Signed-off-by: Matus Kysel <mkysel@tachyum.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10501)

6 months agoProcess GOST ClientKeyExchange message in SSL_trace
Daniil Zotkin [Tue, 24 Sep 2019 09:47:26 +0000 (12:47 +0300)]
Process GOST ClientKeyExchange message in SSL_trace

Use ssl_print_hex to print message in case of GOST key exchange algorithm.

CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/9995)

6 months agoUI_UTIL_wrap_read_pem_callback(): when |cb| is NULL, use PEM_def_callback
Richard Levitte [Thu, 14 Nov 2019 11:09:42 +0000 (12:09 +0100)]
UI_UTIL_wrap_read_pem_callback(): when |cb| is NULL, use PEM_def_callback

Fixes #10444

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10447)

6 months agoThread: Avoid a NULL dereference after failed initialisation.
Pauli [Thu, 21 Nov 2019 03:15:21 +0000 (13:15 +1000)]
Thread: Avoid a NULL dereference after failed initialisation.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10493)

6 months agomain: avoid a NULL dereference on initialisation.
Pauli [Thu, 21 Nov 2019 03:50:03 +0000 (13:50 +1000)]
main: avoid a NULL dereference on initialisation.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10495)

6 months agoPROV: Avoid NULL dereference in SHA3 dup call.
Pauli [Wed, 20 Nov 2019 22:41:42 +0000 (08:41 +1000)]
PROV: Avoid NULL dereference in SHA3 dup call.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10487)

6 months agoPROV: check for memory allocation failure in digest _dupctx.
Pauli [Wed, 20 Nov 2019 20:47:57 +0000 (06:47 +1000)]
PROV: check for memory allocation failure in digest _dupctx.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10487)

6 months agokdfs: make free calls check for NULL.
Pauli [Thu, 21 Nov 2019 04:19:50 +0000 (14:19 +1000)]
kdfs: make free calls check for NULL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10496)

6 months agoFix a race condition in SNI handling
Benjamin Kaduk [Wed, 13 Nov 2019 17:42:19 +0000 (09:42 -0800)]
Fix a race condition in SNI handling

As was done for ciphers, supported groups, and EC point formats in
https://github.com/openssl/openssl/pull/9162, only write the negotiated
SNI hostname value to the session object when not resuming, even for
TLS 1.3 resumptions.  Otherwise, when using a stateful session cache
(as is done by default when 0-RTT data is enabled), we can have multiple
SSLs active using the same in-memory session object, which leads to
double-frees and similar race conditions in the SNI handler prior
to this commit.

Fortunately, since draft-ietf-tls-tls13-22, there is no requirement
that the SNI hostname be preserved across TLS 1.3 resumption, and thus
not a need to continually update the session object with the "current"
value (to be used when producing session tickets, so that the subsequent
resumption can be checked against the current value).  So we can just
relax the logic and only write to the session object for initial handshakes.
This still leaves us in a somewhat inconsistent state, since if the SNI value
does change across handshakes, the session object will continue to record
the initial handshake's value, even if that bears no relation to the
current handshake.  The current SSL_get_servername() implementation
prefers the value from the session if s->hit, but a more complete fix
for that and related issues is underway in
https://github.com/openssl/openssl/pull/10018; there is no need to wait
for the complete fix for SNI name handling in order to close the
race condition and avoid runtime crashes.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10441)

6 months agoCore: allow NULL argument to stored_namemap_free().
Pauli [Wed, 20 Nov 2019 20:55:50 +0000 (06:55 +1000)]
Core: allow NULL argument to stored_namemap_free().

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10488)

6 months agoDocumentation updates due to naming tweaks
Matt Caswell [Fri, 4 Oct 2019 11:46:33 +0000 (12:46 +0100)]
Documentation updates due to naming tweaks

Also documents our new canonical naming.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10092)

6 months agoTweak some algorithm naming inconsistencies
Matt Caswell [Fri, 4 Oct 2019 10:50:49 +0000 (11:50 +0100)]
Tweak some algorithm naming inconsistencies

Make some algorithms names better match our "canonical" style.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10092)

6 months agoEVP p_lib: Add NULL check to EVP_PKEY_missing_parameters.
Pauli [Wed, 20 Nov 2019 03:14:39 +0000 (13:14 +1000)]
EVP p_lib: Add NULL check to EVP_PKEY_missing_parameters.

Check for NULL and return error if so.
This can possibly be called from apps/ca.c with a NULL argument.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/10474)

6 months agoEngine: Add NULL check.
Pauli [Wed, 20 Nov 2019 03:07:04 +0000 (13:07 +1000)]
Engine: Add NULL check.

Add NULL check for return from pkey_asn1_meths.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10473)

6 months agoECDSA: don't clear free memory after verify.
Pauli [Wed, 20 Nov 2019 03:20:01 +0000 (13:20 +1000)]
ECDSA: don't clear free memory after verify.

Verifications are public, there is no need to clear the used storage before
freeing it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10475)

6 months agoReplumbing: pre-populate the EVP namemap with commonly known names
Richard Levitte [Thu, 23 May 2019 01:27:37 +0000 (03:27 +0200)]
Replumbing: pre-populate the EVP namemap with commonly known names

This adds ossl_namemap_empty(), to detect if a namemap is empty and
can thereby be pre-populated.

This also affects the way legacy NIDs are looked up in
evp_cipher_from_dispatch() and evp_md_from_dispatch().  Instead of
trying to find the NID directly, look up the legacy method structure
and grab the NID from there.  The reason is that NIDs can be aliases
for other NIDs, which looks like a clash even if wasn't really one.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8984)

6 months agoFix sha512_block_data_order_avx2 backtrace info
Bernd Edlinger [Sat, 17 Aug 2019 23:54:41 +0000 (01:54 +0200)]
Fix sha512_block_data_order_avx2 backtrace info

We store a secondary frame pointer info for the debugger
in the red zone.

Fixes #8853

[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9624)

6 months agoAllow specifying the tag after AAD in CCM mode (2)
Patrick Steuer [Fri, 1 Nov 2019 23:02:47 +0000 (00:02 +0100)]
Allow specifying the tag after AAD in CCM mode (2)

In addition to 67c81ec3 which introduced this behavior in CCM mode
docs but only implemented it for AES-CCM.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10331)

6 months agoDont pass zero length input to asm modules for ciphers
Patrick Steuer [Fri, 1 Nov 2019 13:58:36 +0000 (14:58 +0100)]
Dont pass zero length input to asm modules for ciphers

The asm modules may assume an input length > 0.

Fixes: #9262

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10323)

6 months agoDocument command parameters.
Rich Salz [Fri, 20 Sep 2019 01:33:17 +0000 (21:33 -0400)]
Document command parameters.

Add documentation for all commands that have parameters.
Fix a couple of minor doc and programming bugs, too.

Fixes #10313

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10371)

6 months agoAdd test for non-default sized keys in variable key size ciphers
Matt Caswell [Fri, 15 Nov 2019 14:15:09 +0000 (14:15 +0000)]
Add test for non-default sized keys in variable key size ciphers

Various ciphers have the ability to support varaible length keys.
This adds some test cases for algorithms where we did not test a key
length other than the default size.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10449)

6 months agoEVP_CIPHER_CTX_set_keylen should not succeed if a bad keylen is passed
Matt Caswell [Thu, 14 Nov 2019 16:05:19 +0000 (16:05 +0000)]
EVP_CIPHER_CTX_set_keylen should not succeed if a bad keylen is passed

EVP_CIPHER_CTX_set_keylen() was succeeding even though a bad key length
is passed to it. This is because the set_ctx_params() were all accepting
this parameter and blindly changing the keylen even though the cipher did
not accept a variable key length. Even removing this didn't entirely
resolve the issue because set_ctx_params() functions succeed even if
passed a parameter they do not recognise.

This should fix various issues found by OSSfuzz/Cryptofuzz.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10449)

6 months agofix s390 compile error due to missing comma.
Shane Lontis [Mon, 18 Nov 2019 22:38:19 +0000 (08:38 +1000)]
fix s390 compile error due to missing comma.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10467)

6 months agoFix the issue that aes-xxx-siv algorithms failed in OpenSSL speed test
Xiaokang Qian [Tue, 12 Nov 2019 08:48:27 +0000 (08:48 +0000)]
Fix the issue that aes-xxx-siv algorithms failed in OpenSSL speed test

Speed test, aes-siv related cases fail on both x86 and arm.
The return value of siv_init() causes this problem, remove
the iv check to fix it.
Verify it locally, the result is pass.

Fixes #10416

Change-Id: If1a18599f3d0f56f22a1ce4f8f114b8db0f68cca

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10419)

6 months agoProperties: make query cache reference count aware.
Pauli [Mon, 11 Nov 2019 01:17:32 +0000 (11:17 +1000)]
Properties: make query cache reference count aware.

The property query cache was not reference count aware and this could cause
problems if the property store removes an algorithm while it is being returned
from an asynchronous query.  This change makes the cache reference count aware
and avoids disappearing algorithms.

A side effect of this change is that the reference counts are now owned by the
cache and store.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10408)

6 months agoFix Use after free when copying cipher ctx
Shane Lontis [Mon, 18 Nov 2019 03:13:05 +0000 (13:13 +1000)]
Fix Use after free when copying cipher ctx

Fixes #10438
issue found by clusterfuzz/ossfuzz

The dest was getting a copy of the src structure which contained a pointer that should point to an offset inside itself - because of the copy it was pointing to the original structure.

The setup for a ctx is mainly done by the initkey method in the PROV_CIPHER_HW structure. Because of this it makes sense that the structure should also contain a copyctx method that is use to resolve any pointers that need to be setup.

A dup_ctx has been added to the cipher_enc tests in evp_test. It does a dup after setup and then frees the original ctx. This detects any floating pointers in the duplicated context that were pointing back to the freed ctx.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10443)

6 months agoPEM: constify PEM_write_ routines
Richard Levitte [Fri, 15 Nov 2019 07:54:17 +0000 (08:54 +0100)]
PEM: constify PEM_write_ routines

There's no reason why the object to be written, or the key string
given by the caller should be non-const.

This makes the IMPLEMENT_PEM_..._const and  DECLARE_PEM_..._const
macros superfluous, so we keep them around but mark them deprecated.

In all places where IMPLEMENT_PEM_..._const and  DECLARE_PEM_..._const
are used, they are replaced with the corresponding macros without
'_const'.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10452)

6 months agos390x assembly pack: fix bn_mul_comba4
Patrick Steuer [Fri, 15 Nov 2019 09:52:03 +0000 (10:52 +0100)]
s390x assembly pack: fix bn_mul_comba4

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10454)

6 months agoAdd missing EVP_PKEY_METHOD accessors for digestsign and digestverify
Anthony Hu [Fri, 8 Nov 2019 02:47:53 +0000 (21:47 -0500)]
Add missing EVP_PKEY_METHOD accessors for digestsign and digestverify

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10388)

6 months agocommit a6efbe123af3d98b4d10d4fcdfe68dc5303212f8
raniervf [Fri, 15 Nov 2019 22:28:00 +0000 (08:28 +1000)]
commit a6efbe123af3d98b4d10d4fcdfe68dc5303212f8
Author: raniervf <ranier_gyn@hotmail.com>
Date:   Thu Nov 7 18:59:11 2019 -0300

Avoid calling strlen repeatedly in loops.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10380)

6 months agoFix some broken doc links
Rich Salz [Thu, 22 Aug 2019 05:21:25 +0000 (10:51 +0530)]
Fix some broken doc links

Replace L<> link to header-file with a C<> reference.
Change some broken L<provider(3)> links to L<provider(7)>.
For consistency, rename four cipher pages to have a specific mode.
Fix up all references to any "generic" names to point to specific names.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10100)

6 months agoMake sure we free the CONF structure allocated by confdump
Matt Caswell [Tue, 12 Nov 2019 17:37:11 +0000 (17:37 +0000)]
Make sure we free the CONF structure allocated by confdump

A travis build was failing because of a memory leak in confdump due to
us not freeing an allocated CONF structure.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10429)

6 months agotravis.yml: add arch s390x target
Patrick Steuer [Thu, 14 Nov 2019 09:34:02 +0000 (10:34 +0100)]
travis.yml: add arch s390x target

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10446)

6 months agotestutil/init.c rename to testutil/testutil_init.c
Patrick Steuer [Wed, 13 Nov 2019 17:39:51 +0000 (18:39 +0100)]
testutil/init.c rename to testutil/testutil_init.c

Avoid conflicts with some linkers.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10439)

6 months agoA few fixes in the EVP_KDF-KB and EVP_KDF-KRB5KDF manpages
Tomas Mraz [Tue, 12 Nov 2019 15:59:23 +0000 (16:59 +0100)]
A few fixes in the EVP_KDF-KB and EVP_KDF-KRB5KDF manpages

The context and label is info and salt respectively - fix
the example in KB manpage for that.

There are some typos and bug in EVP_KDF_derive call in the
KRB5KDF example.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10426)

6 months agoDelete recently documented functions from missingcrypto
Tomas Mraz [Wed, 13 Nov 2019 10:10:51 +0000 (11:10 +0100)]
Delete recently documented functions from missingcrypto

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10432)

6 months agoFix an uninitialised read in conf_def.c
Matt Caswell [Tue, 12 Nov 2019 17:16:14 +0000 (17:16 +0000)]
Fix an uninitialised read in conf_def.c

PR 8882 added a new field to the CONF structure. Unfortunately this
structure was created using OPENSSL_malloc() and the new field was not
explicitly initialised in the "init" function. Therefore when we came to
read it for the first time we got an uninitialised read.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10428)

6 months agoFix no-blake2
Matt Caswell [Tue, 12 Nov 2019 16:02:24 +0000 (16:02 +0000)]
Fix no-blake2

We modify the build.info file to exclude the legacy_blake2.c file in
the event that blake2 support has been disabled.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10425)

6 months agoFix no-engine
Matt Caswell [Tue, 12 Nov 2019 15:26:15 +0000 (15:26 +0000)]
Fix no-engine

Fix a misplaced "#endif" which was disabling a little too much code.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10423)

6 months agoCORE & PROV: make export of key data leaner through callback
Richard Levitte [Fri, 8 Nov 2019 14:24:42 +0000 (15:24 +0100)]
CORE & PROV: make export of key data leaner through callback

Exporting data from a provider owned domainparams or key is quite an
ordeal, with having to figure out what parameter keys an
implementation supports, call the export function a first time to find
out how large each parameter buffer must be, allocate the necessary
space for it, and call the export function again.

So how about letting the export function build up the key data params
and call back with that?  This change implements exactly such a
mechanism.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10414)

6 months agoFix no-cmac and no-camellia
Matt Caswell [Tue, 12 Nov 2019 15:51:00 +0000 (15:51 +0000)]
Fix no-cmac and no-camellia

Guard two tests that depend on CMAC and Camellia so that we don't fail
if those algorithms are not available.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10424)

6 months agoAdd confdump to .gitignore
Matt Caswell [Tue, 12 Nov 2019 17:41:29 +0000 (17:41 +0000)]
Add confdump to .gitignore

We added a new executable to the test directory which didn't match the
existing gitignore rules, so we add it explicitly.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10430)

6 months agoDocument various new/changes EVP_PKEY_CTX_* functions
Matt Caswell [Wed, 6 Nov 2019 13:39:21 +0000 (13:39 +0000)]
Document various new/changes EVP_PKEY_CTX_* functions

We have converted a number of macros to functions and made them work
with providers. We've also added some *_ex() variants that needed
documenting.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

6 months agoDocument the public EVP_ASYM_CIPHER releated functions
Matt Caswell [Wed, 6 Nov 2019 11:03:12 +0000 (11:03 +0000)]
Document the public EVP_ASYM_CIPHER releated functions

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

6 months agoAdd documentation for the Asymmetric Cipher Operation
Matt Caswell [Tue, 29 Oct 2019 09:24:24 +0000 (09:24 +0000)]
Add documentation for the Asymmetric Cipher Operation

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

6 months agoMove RSA Asym cipher code to the default provider
Matt Caswell [Mon, 28 Oct 2019 13:40:39 +0000 (13:40 +0000)]
Move RSA Asym cipher code to the default provider

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

6 months agoIncrease OSSL_PARAM_BLD_MAX for multi-prime RSA
Matt Caswell [Mon, 28 Oct 2019 14:43:42 +0000 (14:43 +0000)]
Increase OSSL_PARAM_BLD_MAX for multi-prime RSA

The old value of 10 for OSSL_PARAM_BLD_MAX is insufficient for multi-prime
RSA. That code has this assert:

        if (!ossl_assert(/* n, e */ 2 + /* d */ 1 + /* numprimes */ 1
                         + numprimes + numexps + numcoeffs
                         <= OSSL_PARAM_BLD_MAX))
            goto err;

So we increase OSSL_PARAM_BLD_MAX which would be enough for 7 primes
(more than you would ever reasonably want).

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

6 months agoImplement provider support for Asym Ciphers
Matt Caswell [Tue, 1 Oct 2019 08:40:57 +0000 (09:40 +0100)]
Implement provider support for Asym Ciphers

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

6 months agoAllow strings in params to be of zero length
Matt Caswell [Thu, 17 Oct 2019 16:19:21 +0000 (17:19 +0100)]
Allow strings in params to be of zero length

Sometimes it is useful to be able to pass NULL/zero length strings

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)