Hugo Landau [Tue, 22 Nov 2022 13:25:41 +0000 (13:25 +0000)]
QUIC DEMUX: (Server support) Add support for default handler
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19734)
Niels Dossche [Tue, 17 Jan 2023 19:27:49 +0000 (20:27 +0100)]
Fix incorrect error return value in i2r_ADMISSION_SYNTAX()
The other implementations of i2r return 0 in case of an error, but
i2r_ADMISSION_SYNTAX() returns -1. That means the check on i2r does not
catch the error. Change it to return 0 like the others do.
Fixes: #20066
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20068)
Juergen Christ [Tue, 17 Jan 2023 18:16:43 +0000 (19:16 +0100)]
S390X: Fix Ed448ph
CPACF does not support pre-hashing. This was considered correctly for
Ed25519ph, but not for Ed448ph which lead to errors in the test_evp suite
(test vector 20 - pre-hashing without context string). Fix this by using the
non-accelerated version of Ed448 also if no context string is provided, but
pre-hashing is performed.
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20067)
Juergen Christ [Mon, 16 Jan 2023 10:37:15 +0000 (11:37 +0100)]
Fix potential NULL pointer dereference
In EC key generation, if allocation of struct ec_gen_ctx fails, values
provided by parameters are copied into the context at represented by a NULL
pointer. To fix this, prevent copy if allocation fails.
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20055)
north-16 [Fri, 13 Jan 2023 01:33:46 +0000 (17:33 -0800)]
Clarify documentation of X509_STORE_CTX_get_current_cert()
CLA: trivial
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20038)
zhangzhilei [Sat, 14 Jan 2023 06:23:48 +0000 (14:23 +0800)]
remove unused macro in cast_local.h and des_local.h
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20048)
Tomas Mraz [Fri, 13 Jan 2023 13:48:52 +0000 (14:48 +0100)]
pkey: Imply public check if -pubin is specified
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20044)
slontis [Wed, 21 Dec 2022 04:39:07 +0000 (14:39 +1000)]
PKCS12 - Add additional libctx and propq support.
Fixes #19718
Fixes #19716
Added PKCS12_SAFEBAG_get1_cert_ex(), PKCS12_SAFEBAG_get1_crl_ex() and
ASN1_item_unpack_ex().
parse_bag and parse_bags now use the libctx/propq stored in the P7_CTX.
PKCS12_free() needed to be manually constructed in order to free the propq.
pkcs12_api_test.c changed so that it actually tests the libctx, propq.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19942)
Juergen Christ [Mon, 2 Jan 2023 16:52:25 +0000 (17:52 +0100)]
s390x: Fix keccak xofs via CPACF
CPACF does not directly support xofs. Emulate this by using single block
operations on an empty input block.
Fixes: affc070aabc9 ("s390x: Optimize kmac")
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19983)
fangming.fang [Wed, 11 Jan 2023 03:49:28 +0000 (03:49 +0000)]
Fix big-endian issue in chacha20 SVE implementation on aarch64
Fixes: #19902
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20028)
dependabot[bot] [Mon, 16 Jan 2023 15:24:25 +0000 (15:24 +0000)]
Bump actions/setup-python from 4.4.0 to 4.5.0
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4.4.0...v4.5.0)
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-minor
...
CLA: trivial
Signed-off-by: dependabot[bot] <support@github.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20046)
Dmitry Belyavskiy [Tue, 10 Jan 2023 17:54:51 +0000 (18:54 +0100)]
Documenting lack of error codes stability
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20019)
Dr. David von Oheimb [Tue, 13 Dec 2022 16:47:23 +0000 (17:47 +0100)]
CMP app: fix file output of certs and cert lists on non-existing cert(s)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20035)
Bernd Edlinger [Tue, 8 Nov 2022 16:43:22 +0000 (17:43 +0100)]
Limit size of modulus for bn_mul_mont and BN_mod_exp_mont_consttime
Otherwise the alloca can cause an exception.
Issue reported by Jiayi Lin.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20005)
Bernd Edlinger [Sat, 7 Jan 2023 06:58:21 +0000 (07:58 +0100)]
Revert "Limit size of modulus for BN_mod_exp_mont_consttime()"
This reverts commit
4378e3cd2a4d73a97a2349efaa143059d8ed05e8.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20005)
Hugo Landau [Mon, 9 Jan 2023 15:48:25 +0000 (15:48 +0000)]
QUIC API: Rename want_net_read and want_net_write
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 9 Jan 2023 15:47:47 +0000 (15:47 +0000)]
QUIC CHANNEL: Handle network errors as connection-fatal events
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 9 Jan 2023 15:44:42 +0000 (15:44 +0000)]
QUIC QTX: Handle network errors explicitly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 9 Jan 2023 15:43:52 +0000 (15:43 +0000)]
QUIC DEMUX: Handle network errors explicitly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 9 Jan 2023 11:31:07 +0000 (11:31 +0000)]
QUIC: Document how blocking mode is automatically turned off
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 9 Jan 2023 11:20:08 +0000 (11:20 +0000)]
QUIC BIO Poll Descriptors: simplify custom interface
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 9 Jan 2023 11:18:06 +0000 (11:18 +0000)]
QUIC CSM: Tweak docs for tick functions, add DTLSv1 docs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 9 Jan 2023 11:17:42 +0000 (11:17 +0000)]
QUIC CSM: Minor style fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Fri, 6 Jan 2023 11:50:55 +0000 (11:50 +0000)]
QUIC Front End I/O API: Remove __owur from man pages
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Wed, 4 Jan 2023 07:24:08 +0000 (07:24 +0000)]
QUIC: Minor cleanup
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Fri, 16 Dec 2022 13:26:33 +0000 (13:26 +0000)]
QUIC TXP: Fix bug in send stream handling, cleanup
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 15 Dec 2022 11:29:38 +0000 (11:29 +0000)]
QUIC: Add TODO for CCM support
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 15 Dec 2022 07:07:49 +0000 (07:07 +0000)]
QUIC Front-End I/O API: Determine read completion correctly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 15 Dec 2022 07:07:35 +0000 (07:07 +0000)]
QUIC: Use ossl_assert
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 15 Dec 2022 07:07:12 +0000 (07:07 +0000)]
QUIC RXDP: Different error messages for stream conditions
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 15 Dec 2022 07:06:55 +0000 (07:06 +0000)]
QUIC: Minor comment and editorial fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 15 Dec 2022 07:05:21 +0000 (07:05 +0000)]
QUIC Front End I/O API: Minor doc fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 15 Dec 2022 06:42:43 +0000 (06:42 +0000)]
QUIC Front End I/O API: Don't allow EPW to be enabled during AON
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Tue, 13 Dec 2022 12:34:36 +0000 (12:34 +0000)]
QUIC: Back out version string change
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Wed, 30 Nov 2022 08:04:34 +0000 (08:04 +0000)]
QUIC: Documentation updates
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Wed, 30 Nov 2022 08:04:00 +0000 (08:04 +0000)]
QUIC Front End I/O API: Tweaks to handshake processing
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Wed, 30 Nov 2022 08:02:50 +0000 (08:02 +0000)]
QUIC Front End I/O API: Remove unnecessary code from SSL_get_tick_timeout
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Wed, 30 Nov 2022 08:01:58 +0000 (08:01 +0000)]
QUIC CHANNEL: Minor cleanups and bug fix
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Wed, 30 Nov 2022 08:01:39 +0000 (08:01 +0000)]
QUIC: Style fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Wed, 30 Nov 2022 08:00:19 +0000 (08:00 +0000)]
QUIC Front End I/O API: Wire up SSL_CTX ctrls and remove unneeded functions
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Wed, 30 Nov 2022 07:57:55 +0000 (07:57 +0000)]
QUIC CHANNEL: Revise inaccurate comments
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Wed, 30 Nov 2022 07:57:36 +0000 (07:57 +0000)]
QUIC: Revise and add some TODO lines
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Wed, 30 Nov 2022 07:55:48 +0000 (07:55 +0000)]
QUIC Front End I/O API: Correct implementation of SSL_tick, SSL_get_tick_timeout
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Wed, 30 Nov 2022 07:54:39 +0000 (07:54 +0000)]
QUIC Front End I/O API: Change version string
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Matt Caswell [Mon, 21 Nov 2022 11:00:34 +0000 (11:00 +0000)]
Separate handling of RX and TX enc level
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Tue, 22 Nov 2022 17:56:18 +0000 (17:56 +0000)]
QUIC CHANNEL: Only pump the demuxer once per tick
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Tue, 22 Nov 2022 13:46:05 +0000 (13:46 +0000)]
QUIC CHANNEL: Only reprocess after an RX secret has been provisioned
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 21 Nov 2022 09:55:30 +0000 (09:55 +0000)]
QUIC TXP: Correct an issue with an uninitialized variable
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 21 Nov 2022 07:55:37 +0000 (07:55 +0000)]
QUIC Front-End I/O API: Ensure BIOs are reffed and freed correctly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Fri, 18 Nov 2022 17:25:25 +0000 (17:25 +0000)]
QUIC_CHANNEL: Handle deferred packet processing after yielding of secrets correctly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Fri, 18 Nov 2022 17:20:20 +0000 (17:20 +0000)]
QUIC DEMUX: Allow MTU to vary over time and autodetect MTU
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 16:03:00 +0000 (16:03 +0000)]
QUIC: Enable building with QUIC support disabled
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 15:47:17 +0000 (15:47 +0000)]
QUIC: make update
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 15:45:11 +0000 (15:45 +0000)]
QUIC: Temporarily disable front-end API tests
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 15:39:18 +0000 (15:39 +0000)]
QUIC: Remove RX depacketiser tests from QRL test suite
These create significant coupling between the QRL tests and the RXDP.
Moreover, the RXDP has no state of its own and is implemented as part of
the QUIC_CHANNEL, ergo it doesn't make that much sense to test it in
isolation.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 15:35:17 +0000 (15:35 +0000)]
QUIC Front-End I/O API: Wire up the SSL API functions
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 15:33:11 +0000 (15:33 +0000)]
QUIC Front-End I/O API
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 15:30:57 +0000 (15:30 +0000)]
internal/sockets.h: Add support for testing EINTR portably
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 15:30:22 +0000 (15:30 +0000)]
QUIC: Add miscellaneous QUIC constants
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 15:29:44 +0000 (15:29 +0000)]
QUIC Stream Mapper: CSM-related changes, stream limits handling
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 15:26:39 +0000 (15:26 +0000)]
QUIC: Complete the implementation of the RX depacketiser in terms of QUIC_CHANNEL
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 15:00:41 +0000 (15:00 +0000)]
QUIC_CHANNEL: Implementation
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 14:59:18 +0000 (14:59 +0000)]
QUIC: Add QUIC reactor
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 15:17:39 +0000 (15:17 +0000)]
Add BIO poll descriptors
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Tue, 1 Nov 2022 16:39:09 +0000 (16:39 +0000)]
QUIC ACKM: Add function to get PTO
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Tue, 1 Nov 2022 14:38:07 +0000 (14:38 +0000)]
QUIC RXDP: Remove non-actionable TODOs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 14 Nov 2022 18:13:35 +0000 (18:13 +0000)]
QUIC CSM: Documentation for new APIs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 14:20:39 +0000 (14:20 +0000)]
QUIC Transport Parameters: Add CID encoder/decoder, make ID optional
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 3 Nov 2022 06:45:50 +0000 (06:45 +0000)]
QUIC RX: Refactor unsafe DCID consistency checking
Previously, we enforced the requirement that the DCIDs be the same for
all packets in a datagram by keeping a pointer to the first RXE
generated from a datagram. This is unsafe and could lead to a UAF if the
first packet is malformed, meaning that no RXE ended up being generated
from it. Keep track of the DCID directly instead, as we should enforce
this correctly even if the first packet in a datagram is malformed (but
has an intelligible header with a DCID and length).
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Wed, 2 Nov 2022 08:12:19 +0000 (08:12 +0000)]
Remove duplicate declaration
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 14:19:42 +0000 (14:19 +0000)]
internal/sockets.h: Ensure errno.h included when necessary
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 14:19:08 +0000 (14:19 +0000)]
QUIC Dummy Handshake Layer: Allow transport parameters to be set later
Server mode not implemented yet.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 17:39:45 +0000 (17:39 +0000)]
QUIC TXP: Don't send STREAM frames until handshake is complete
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 16:03:25 +0000 (16:03 +0000)]
QUIC TXP: Make discard_enc_level match documentation
The documentation in the header file of the TXP stated that it is the
caller's responsibility to also notify the QTX of a discarded EL.
However, the implementation did not reflect this. Update the
implementation to reflect the intended design.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 16:03:03 +0000 (16:03 +0000)]
QUIC TXP: Add a function to query if the TXP wants to generate a packet
For use by QUIC CSM.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 15:58:48 +0000 (15:58 +0000)]
QUIC Record Layer: Allow INITIAL EL to be rekeyed
Ordinarily we should not allow ELs to be rekeyed as it makes no sense to
do so. However the INITIAL EL can need to be rekeyed if a connection
retry occurs. Modify the QRL to allow this.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 15:54:14 +0000 (15:54 +0000)]
QUIC: Add transport parameter and other constants
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 15:48:18 +0000 (15:48 +0000)]
QUIC Wire Format Encoding: Fix handling of zero-length parameters
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 15:45:54 +0000 (15:45 +0000)]
QUIC RSTREAM: Allow pointer to be NULL when calling free
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 15:44:08 +0000 (15:44 +0000)]
QUIC TX: Do not have QTX handle refcount of BIOs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 15:22:45 +0000 (15:22 +0000)]
QUIC RXFC: Don't emit a MAX_STREAM_DATA frame if we have a final size
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 15:15:26 +0000 (15:15 +0000)]
QUIC Wire Encoding: Support Retry Integrity Tag Calculation
This adds support for calculating and verifying retry integrity tags. In
order to support this, an 'unused' field is added to the QUIC packet
header structure so we can ensure that the serialization of the header
is bit-for-bit identical to what was decoded.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 14:47:29 +0000 (14:47 +0000)]
QUIC RX: Do not handle auto-discard of Initial EL inside the QRX
While the QUIC RFCs state that the Initial EL should be auto-discarded
when successfully processing a packet at a higher EL, doing this inside
the QRX was not a good idea as this should be handled by the CSM.
We remove this functionality and adapt tests accordingly.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Thu, 17 Nov 2022 14:22:36 +0000 (14:22 +0000)]
QUIC RX: Fix QRX packet handling refactor w.r.t. list refactor
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 14:39:13 +0000 (14:39 +0000)]
QUIC RX: Support refcounted packets and eliminate wrapper
Previously, the QRX filled in a OSSL_QRX_PKT structure provided by the
caller. This necessitated the caller managing reference counting itself
using a OSSL_QRX_PKT_WRAP structure. The need for this structure has
been eliminated by adding refcounting support to the QRX itself. The QRX
now outputs a pointer to an OSSL_QRX_PKT instead of filling in a
structure provided by the caller. The OSSL_QRX_PKT_WRAP structure has
been eliminated.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 13:57:40 +0000 (13:57 +0000)]
QUIC: Dummy Handshake Layer for Prototyping
This disables -Wtype-limits /
-Wtautological-constant-out-of-range-compare. Since it generates
warnings for valid and reasonable code, IMO this actually encourages
people to write worse code.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 13:54:48 +0000 (13:54 +0000)]
QUIC DEMUX: Allow BIO to be changed
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 13:51:09 +0000 (13:51 +0000)]
QUIC Congestion Control: API to determine deadline at which more credit will be available
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
Hugo Landau [Mon, 31 Oct 2022 13:32:34 +0000 (13:32 +0000)]
QUIC ACKM: Add support for psuedo-loss
This is required to support retries during connection establishment.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
James Muir [Sun, 16 Oct 2022 02:23:39 +0000 (22:23 -0400)]
Support all five EdDSA instances from RFC 8032
Fixes #6277
Description:
Make each of the five EdDSA instances defined in RFC 8032 --
Ed25519,
Ed25519ctx, Ed25519ph, Ed448, Ed448ph -- available via the EVP APIs.
The desired EdDSA instance is specified via an OSSL_PARAM.
All instances, except for
Ed25519, allow context strings as input.
Context strings are passed via an OSSL_PARAM. For Ed25519ctx, the
context string must be nonempty.
Ed25519, Ed25519ctx, Ed448 are PureEdDSA instances, which means that
the full message (not a digest) must be passed to sign and verify
operations.
Ed25519ph, Ed448ph are HashEdDSA instances, which means that the input
message is hashed before sign and verify.
Testing:
All 21 test vectors from RFC 8032 have been added to evppkey_ecx.txt
(thanks to Shane Lontis for showing how to do that). Those 21 test
vectors are exercised by evp_test.c and cover all five instances.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19705)
Pauli [Mon, 9 Jan 2023 00:25:55 +0000 (11:25 +1100)]
fips: make EdDSA unapproved for FIPS
Likewise for the related ECX key exchanges.
NIST is mandating this until FIPS 186-5 is finalised.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20020)
slontis [Wed, 11 Jan 2023 04:32:07 +0000 (14:32 +1000)]
Make RSA_generate_multi_prime_key() not segfault if e is NULL.
This is not a big problem for higher level keygen, as these set e
beforehand to a default value. But the logic at the lower level is
incorrect since it was doing a NULL check in one place but then
segfaulting during a later BN_copy().
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20025)
zhangzhilei [Tue, 10 Jan 2023 08:32:08 +0000 (16:32 +0800)]
remove unused macro in rc2_local.h and rc5_local.h
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20015)
slontis [Tue, 20 Dec 2022 03:44:18 +0000 (13:44 +1000)]
SSKDF with KMAC should return SIZE_MAX when EVP_KDF_CTX_get_kdf_size()
is used.
Fixes #19934
The existing code was looking for the digest size, and then returned
zero.
The example code in EVP_KDF-SS.pod has been corrected to not use a
digest.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19935)
Nobuhiro IMAI [Tue, 10 Jan 2023 09:44:44 +0000 (18:44 +0900)]
fix manpage of `d2i_X509(3)`
* capitalize `X509_NAME`
* add missing suffixes to `i2d_TYPE`
CLA: trivial
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20016)
Tomas Mraz [Tue, 10 Jan 2023 17:00:59 +0000 (18:00 +0100)]
Do not check definition of a macro and use it in a single condition
The condition evaluation in #if conditions does not tolerate this
if the macro is not defined.
Fixes #19628
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20018)
Richard Levitte [Tue, 10 Jan 2023 07:27:44 +0000 (08:27 +0100)]
OSSL_PARAM_BLD and BIGNUM; ensure at least one byte is allocated
A zero BIGNUM contains zero bytes, while OSSL_PARAMs with an INTEGER (or
UNSIGNED INTEGER) data type are expected to have at least one data byte
allocated, containing a zero. This wasn't handled correctly.
Fixes #20011
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20013)
Richard Levitte [Tue, 10 Jan 2023 11:22:39 +0000 (12:22 +0100)]
In OSSL_PARAM_set_BN(), make sure that the data_size field is at least 1
This way, we guarantee that a zero is represented with one byte of data
that's set to zero.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20013)
Richard Levitte [Tue, 10 Jan 2023 06:50:24 +0000 (07:50 +0100)]
test/param_build_test.c: test zero BIGNUM
We also add tests where the zero bignum is the only parameter, to test what
that does with the allocated blocks that the OSSL_PARAM_BLD functionality
handles.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20013)
H. Vetinari [Mon, 9 Jan 2023 04:53:48 +0000 (15:53 +1100)]
Add empty migration guide for 3.1
Fixes #19953
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20008)