Shane Lontis [Thu, 13 May 2021 08:49:52 +0000 (18:49 +1000)]
Fix compiler error when using config option 'enable-acvp-tests'
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15264)
Richard Levitte [Fri, 14 May 2021 10:26:21 +0000 (12:26 +0200)]
Adapt 80-test_cmp_http.t and its data for random accept ports
Fixes #14694
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/15281)
Richard Levitte [Fri, 14 May 2021 10:25:11 +0000 (12:25 +0200)]
APPS: Make the cmp Mock server output the accept address and port
Fixes #14694
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/15281)
Pauli [Sun, 16 May 2021 00:23:54 +0000 (10:23 +1000)]
ci: remove the checksum CI script
This script introduces a security vulnerability where the OpenSSL github
repository can be modified which opens a window for an attacker.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reported-by: Nikita Stupin
Benjamin Kaduk [Wed, 17 Mar 2021 05:03:36 +0000 (22:03 -0700)]
Add extensive test coverage for SSL_get_negotiated_group()
This is nearly comprehensive, but we cannot exercise the functionality
for PSK-only TLS 1.3 resumption, since openssl talking to openssl will
always negotiate psk_dhe_ke.
Exercise both the TLS 1.3 and 1.2 cases, for initial handshakes
and resumptions, and for ECDHE and FFDHE.
Since RFC 7919 named groups (for FFDHE) are only supported for TLS 1.3,
the TLS 1.2 versions of those scenarios expect to get NID_undef since
the key exchange was not performed using a named group.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14750)
Benjamin Kaduk [Wed, 17 Mar 2021 03:13:47 +0000 (20:13 -0700)]
move group lists out of test_key_exchange() in preparation for reuse
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14750)
Benjamin Kaduk [Tue, 16 Mar 2021 23:10:04 +0000 (16:10 -0700)]
Extend SSL_get_negotiated_group() tests for TLS 1.2
We don't implement RFC 7919 named groups for TLS 1.2, so we can
only test the ECDHE case for non-TLS-1.3.
Interestingly, though the test_key_exchange() routine claimed to
be exercising ffdhe2048 with TLS 1.2, the configured ciphers were
incompatible with DHE key exchange, so we ended up just using RSA
key transport and not doing an ephemeral key exchange at all.
Reconfigure the tests to actually exercise ephemeral key exchange
for both the EC and FF cases (even though we don't use the named
group information for the finite-field case).
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14750)
Benjamin Kaduk [Tue, 16 Mar 2021 20:42:00 +0000 (13:42 -0700)]
Regenerate testsid.pem
Convert this file to the new format, that includes the kex_group
integer value. This is needed in order for the round-trip conversion
test to return the same value as the initial input.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14750)
Benjamin Kaduk [Tue, 16 Mar 2021 14:47:09 +0000 (07:47 -0700)]
Promote SSL_get_negotiated_group() for non-TLSv1.3
It can be useful to know what group was used for the handshake's
key exchange process even on non-TLS 1.3 connections. Allow this
API, new in OpenSSL 3.0.0, to be used on other TLS versions as well.
Since pre-TLS-1.3 key exchange occurs only on full handshakes, this
necessitates adding a field to the SSL_SESSION object to carry the
group information across resumptions. The key exchange group in the
SSL_SESSION can also be relevant in TLS 1.3 when the resumption handshake
uses the "psk_ke" key-exchange mode, so also track whether a fresh key
exchange was done for TLS 1.3.
Since the new field is optional in the ASN.1 sense, there is no need
to increment SSL_SESSION_ASN1_VERSION (which incurs strong incompatibility
churn).
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14750)
Richard Levitte [Fri, 14 May 2021 05:23:51 +0000 (07:23 +0200)]
ASN1: Fix i2d_provided() return value
i2d_provided() - which is the internal provider data function for
i2d_KeyParams(), i2d_PrivateKey(), i2d_PublicKey() - didn't treat the
returned length from OSSL_ENCODER_to_data() quite as well as it should
have. A simple added flag that records the state of |*pp| before
calling OSSL_ENCODER_to_data() fixes the problem.
Fixes #14655
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/15277)
Matt Caswell [Thu, 13 May 2021 14:52:19 +0000 (15:52 +0100)]
Load the default provider into the p_test provider later
Loading it earlier causes some of the later testing to pass when it should
fail and masked a bug.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15270)
Matt Caswell [Thu, 13 May 2021 14:35:42 +0000 (15:35 +0100)]
Init the child providers immediately on creation of the child libctx
We were deferring the initial creation of the child providers until the
first fetch. This is a carry over from an earlier iteration of the child
lib ctx development and is no longer necessary. In fact we need to init
the child providers immediately otherwise not all providers quite init
correctly.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15270)
Tomas Mraz [Thu, 13 May 2021 17:41:09 +0000 (19:41 +0200)]
Add make update-fips-checksums to release.sh script
Fixes #15223
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15271)
Pauli [Thu, 13 May 2021 03:29:37 +0000 (13:29 +1000)]
doc: document all functions in provider-base(7)
Fixes #13358
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15259)
Matt Caswell [Thu, 13 May 2021 14:13:22 +0000 (15:13 +0100)]
Fix a memleak on an error path in the pkcs12 test helpers
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15269)
Dr. David von Oheimb [Tue, 11 May 2021 13:45:22 +0000 (15:45 +0200)]
Add OSSL_ prefix to HTTP_DEFAULT_MAX_{LINE_LENGTH,RESP_LEN}
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Tue, 4 May 2021 14:58:59 +0000 (16:58 +0200)]
http_client.c: Rename internal fields and functions for consistency
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Tue, 4 May 2021 14:33:19 +0000 (16:33 +0200)]
HTTP client: Allow streaming of response data (with possibly indefinite length)
Also clean up max_resp_len and add OSSL_HTTP_REQ_CTX_get_resp_len().
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Tue, 4 May 2021 09:15:36 +0000 (11:15 +0200)]
HTTP client: Allow streaming of request data (for POST method)
Also clean up OSSL_HTTP_REQ_CTX_nbio() states and make it more efficient.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Mon, 3 May 2021 14:33:10 +0000 (16:33 +0200)]
HTTP client API: Generalize to arbitrary request and response contents
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Sat, 1 May 2021 20:04:17 +0000 (22:04 +0200)]
OSSL_HTTP_transfer(): Fix error reporting in case rctx->server is NULL
Also improve doc of OSSL_parse_url() and OSSL_HTTP_parse_url().
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Sat, 1 May 2021 17:47:38 +0000 (19:47 +0200)]
OSSL_HTTP_get(): Do not close connection if redirect to same server
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Tue, 27 Apr 2021 22:26:14 +0000 (00:26 +0200)]
HTTP: Implement persistent connections (keep-alive)
Both at API and at CLI level (for the CMP app only, so far)
there is a new parameter/option: keep_alive.
* 0 means HTTP connections are not kept open after
receiving a response, which is the default behavior for HTTP 1.0.
* 1 means that persistent connections are requested.
* 2 means that persistent connections are required, i.e.,
in case the server does not grant them an error occurs.
For the CMP app the default value is 1, which means preferring to keep
the connection open. For all other internal uses of the HTTP client
(fetching an OCSP response, a cert, or a CRL) it does not matter
because these operations just take one round trip.
If the client application requested or required a persistent connection
and this was granted by the server, it can keep the OSSL_HTTP_REQ_CTX *
as long as it wants to send further requests and OSSL_HTTP_is_alive()
returns nonzero,
else it should call OSSL_HTTP_REQ_CTX_free() or OSSL_HTTP_close().
In case the client application keeps the OSSL_HTTP_REQ_CTX *
but the connection then dies for any reason at the server side, it will
notice this obtaining an I/O error when trying to send the next request.
This requires extending the HTTP header parsing and
rearranging the high-level HTTP client API. In particular:
* Split the monolithic OSSL_HTTP_transfer() into OSSL_HTTP_open(),
OSSL_HTTP_set_request(), a lean OSSL_HTTP_transfer(), and OSSL_HTTP_close().
* Split the timeout functionality accordingly and improve default behavior.
* Extract part of OSSL_HTTP_REQ_CTX_new() to OSSL_HTTP_REQ_CTX_set_expected().
* Extend struct ossl_http_req_ctx_st accordingly.
Use the new feature for the CMP client, which requires extending
related transaction management of CMP client and test server.
Update the documentation and extend the tests accordingly.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Sat, 1 May 2021 17:26:53 +0000 (19:26 +0200)]
OSSL_HTTP_REQ_CTX_add1_headers(): Fix use with host == NULL (relative URLs)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Mon, 10 May 2021 12:36:20 +0000 (14:36 +0200)]
CMP test server: Extend error reporting on cert rejected for revocation
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Mon, 10 May 2021 07:37:36 +0000 (09:37 +0200)]
HTTP test server: Improve connection management and logging
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Mon, 10 May 2021 07:32:53 +0000 (09:32 +0200)]
cmp_server.c: Improve transaction management and logging
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Mon, 10 May 2021 12:38:36 +0000 (14:38 +0200)]
OSSL_CMP_SRV_process_request(): Log any error queue entries on response
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Dr. David von Oheimb [Wed, 12 May 2021 06:37:54 +0000 (08:37 +0200)]
HTTP client: Rename 'maxline' parameter to 'buf_size' for clarity
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)
Pauli [Wed, 12 May 2021 02:26:24 +0000 (12:26 +1000)]
mac: improve MAC documentation (Poly 1305 key reuse, nomenclature)
Fixes #12441
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15237)
Rich Salz [Tue, 11 May 2021 17:09:24 +0000 (13:09 -0400)]
Slightly reformat ssl.h.in
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15230)
Rich Salz [Tue, 11 May 2021 14:51:13 +0000 (10:51 -0400)]
Convert SSL_{CTX}_[gs]et_options to 64
Less tersely: converted SSL_get_options, SSL_set_options,
SSL_CTX_get_options and SSL_CTX_get_options to take and return uint64_t
since we were running out of 32 bits.
Fixes: 15145
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15230)
Juergen Christ [Wed, 12 May 2021 11:54:20 +0000 (13:54 +0200)]
Fix provider library build wrt. AES
Commit
c7978e506b2d1300accd9e696656f9cc94196e6d ("Fix missing $CPUIDDEF in
libdefault.a") revealed another problem in the build system on s390. The
build of the provider libraries includes the AES system without the proper
defines. This causes a build error on s390 now since the CPUIDDEF is present
but the prototypes for various AES functions implemented in assembler are
missing due to missing preprocessor defines. Fix this by adding the missing
defines to all provider libraries.
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15244)
Rich Salz [Wed, 12 May 2021 14:42:46 +0000 (10:42 -0400)]
Add --banner config option
Use it in the automated workflows.
Fixes: #15247
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15248)
bonniegong [Mon, 12 Apr 2021 02:43:13 +0000 (10:43 +0800)]
check i2d_ASN1_TYPE return value
add a length check to the return value of function i2d_ASN1_TYPE. Return an error instead of trying to malloc a negative number.
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14828)
Dr. David von Oheimb [Wed, 12 May 2021 16:19:07 +0000 (18:19 +0200)]
http_client.c: Fix inconsistency w.r.t. type of max_resp_len
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15251)
Tomas Mraz [Wed, 12 May 2021 17:15:27 +0000 (19:15 +0200)]
Replace some of the ERR_clear_error() calls with mark calls
Fixes #15219
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15253)
Xiaofei Bai [Tue, 11 May 2021 09:37:22 +0000 (09:37 +0000)]
crypto/arm_arch.h: add a variable declaration
Add this variable declaration to prevent
"-Werror,-Wmissing-variable-declarations" error from compiler.
This error currently only happens on clang.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15240)
Ben Avison [Wed, 10 Mar 2021 15:54:44 +0000 (15:54 +0000)]
ARM assembly pack: translate bit-sliced AES implementation to AArch64
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14592)
Pauli [Wed, 12 May 2021 05:19:54 +0000 (15:19 +1000)]
doc: remove references to undepreciated commands being deprecated.
The dsa, ec, ecparam, and rsa manual pages refer to themselves are being
deprecated which they aren't. Address this and add a note pointing to
the pkey command equivalents albeit without recommending it.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15239)
Tomas Mraz [Tue, 27 Apr 2021 16:12:15 +0000 (18:12 +0200)]
Fallback to legacy pem decoding if OSSL_DECODER fails
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15045)
Tomas Mraz [Tue, 27 Apr 2021 14:01:13 +0000 (16:01 +0200)]
Implement pem_read_key directly through OSSL_DECODER
Using OSSL_STORE is too heavy and breaks things.
There were also needed various fixes mainly for missing proper
handling of the SM2 keys in the OSSL_DECODER.
Fixes #14788
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15045)
Tomas Mraz [Fri, 7 May 2021 15:44:26 +0000 (17:44 +0200)]
Replace EVP_PKEY_supports_digest_nid
The EVP_PKEY_supports_digest_nid() is renamed to
EVP_PKEY_digestsign_supports_digest() and implemented
via EVP_DigestSignInit_ex().
Fixes #14343
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15198)
Tomas Mraz [Fri, 7 May 2021 14:56:34 +0000 (16:56 +0200)]
Drop ASN1_PKEY_CTRL_SUPPORTS_MD_NID
This is a legacy ASN1_PKEY_CTRL that was added after
1.1.1 and is not needed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15198)
Tomas Mraz [Thu, 13 May 2021 10:51:14 +0000 (12:51 +0200)]
update-fips-checksums: Make the dependency on source list work
Also clean the generated checksums with make clean
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15267)
Dmitry Belyavskiy [Fri, 7 May 2021 15:36:42 +0000 (17:36 +0200)]
clarification about the DES status
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15197)
Dmitry Belyavskiy [Fri, 7 May 2021 15:16:29 +0000 (17:16 +0200)]
Enumerating the legacy provider's cipher algorithms
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15197)
Tomas Mraz [Thu, 13 May 2021 10:05:36 +0000 (12:05 +0200)]
Ensure the pristine checksums are not recomputed
When switching between the pristine and PR checkouts we must
ensure the pristine checksums are not recomputed.
Also ignore errors (such as trying to remove a label that
is not set) when setting or removing labels.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15266)
Tomas Mraz [Thu, 13 May 2021 09:34:53 +0000 (11:34 +0200)]
The FIPS Checksums job must be run on pull_request_target
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15265)
Dr. David von Oheimb [Fri, 16 Apr 2021 15:52:22 +0000 (17:52 +0200)]
Makefile: Make sure providers/fipsmodule.cnf is re-built also for run_tests
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14901)
Dr. David von Oheimb [Fri, 16 Apr 2021 15:51:55 +0000 (17:51 +0200)]
Makefile: Simplify use of run_tests
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14901)
Tomas Mraz [Thu, 13 May 2021 08:50:14 +0000 (10:50 +0200)]
Remove the .new suffix inside the fips.checksum.new
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15263)
Tomas Mraz [Wed, 12 May 2021 14:14:01 +0000 (16:14 +0200)]
Allow diff-fips-checksums in in-tree build
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15229)
Tomas Mraz [Wed, 12 May 2021 07:04:59 +0000 (09:04 +0200)]
Remove the severity: fips change label if fips checksum unchanged
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15229)
Tomas Mraz [Tue, 11 May 2021 16:15:32 +0000 (18:15 +0200)]
Set the severity: fips change label if fips checksum changed
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15229)
Tomas Mraz [Tue, 11 May 2021 15:50:13 +0000 (17:50 +0200)]
fipsprov: Missing teardown on fips_get_params_from_core() error
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15229)
Tomas Mraz [Tue, 11 May 2021 15:06:57 +0000 (17:06 +0200)]
Add checksums github CI action
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15229)
Tomas Mraz [Tue, 11 May 2021 14:20:51 +0000 (16:20 +0200)]
Add diff-fips-checksums target to compare BLDDIR and SRCDIR checksums
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15229)
Tomas Mraz [Tue, 11 May 2021 14:07:35 +0000 (16:07 +0200)]
Compute the FIPS checksums in $(BLDDIR) and remove it from update target
Add also update-fips-checksums to update the checksums in the
$(SRCDIR) if the $(SRCDIR) and $(BLDDIR) is different.
The fips-checksums and generate_fips_sources targets are always
produced (regardless of enable-fips) as nothing else depends on them
and they are developer targets.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15229)
Pauli [Wed, 12 May 2021 04:22:52 +0000 (14:22 +1000)]
x509: fix a dangling pointer
If object was pointer was passed and an error occured the object was freed & the
pointer returned. Fix this to NULL out the caller's pointer before returning.
Fixes #15115
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15238)
Pauli [Wed, 12 May 2021 04:10:49 +0000 (14:10 +1000)]
e_loader_attic: fix a use after free issue
Fixes #15116
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15238)
Pauli [Thu, 13 May 2021 00:34:42 +0000 (10:34 +1000)]
test: fix thread test config file problem
Force the thread test to use the configuration file via a command line arg.
Use the test library support for libctx creation.
Fixes #15243
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15256)
Dr. David von Oheimb [Tue, 11 May 2021 13:55:13 +0000 (15:55 +0200)]
EVP_PKEY-X25519.pod: Correct EVP_PKEY_Q_keygen function name in example
fixup for #14695: Add convenience functions and macros for asymmetric key generation
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15226)
Xiaofei Bai [Tue, 11 May 2021 05:42:51 +0000 (05:42 +0000)]
Add $AESDEF in libdefault.a to fix aes regression
We recently noticed AES algorithms(like aes-xxx-ctr, aes-xxx-gcm,.etc)
have significant performance regression on x86_64 platform, and it is
because of the missing AES_ASM macro. This PR is to fix it by applying
$AESDEF to libdefault.a.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15225)
Rich Salz [Tue, 11 May 2021 17:54:42 +0000 (13:54 -0400)]
Fix cut/paste (?) error.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15232)
Shane Lontis [Mon, 10 May 2021 00:27:42 +0000 (10:27 +1000)]
Export/import flags for FFC params changed to seperate fields.
An extra field got added to the ffc flags related to FIPS-186-2 key validation, but this field was
not handled by the export/import since the flags were done as string combinations.
To keep this consistent with other object flags they are now passed as seperate OSSL_PARAM fields.
Fixes 'no-cached-fetch' build which uses export/import.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15210)
Benjamin Kaduk [Sat, 8 May 2021 15:49:36 +0000 (08:49 -0700)]
apps: improve hygeine for SET_EXPECT macro
Wrap all parameters in parentheses in the expansion, make explicit the
use of the 'expect' input, wrap the whole expression in parentheses, and
remove duplicate semicolon.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15203)
Benjamin Kaduk [Tue, 30 Mar 2021 06:05:22 +0000 (23:05 -0700)]
Update expected results for tls13kexmodes tests
One of the scenarios constructed in these tests was erroneously
producing successful handshakes until the previous commits, but should
have been failing. Update our expected behavior to match the
specification requirements, and adjust the commentary slightly for
a test case relevant for the other preceding commit.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14749)
Benjamin Kaduk [Tue, 30 Mar 2021 04:27:49 +0000 (21:27 -0700)]
Don't send key_share for PSK-only key exchange
TLS 1.3 allows for the "psk_ke" and "psk_dhe_ke" key-exchange modes.
Only the latter mode introduces a new ephemeral (Diffie-Hellman)
key exchange, with the PSK being the only key material used in the
former case.
It's a compliance requirement of RFC 8446 that the server MUST NOT
send a KeyShareEntry when using the "psk_ke" mode, but prior to
this commit we would send a key-share based solely on whether the
client sent one. This bug goes unnoticed in our internal test suite
since openssl communicating with openssl can never negotiate the
PSK-only key-exchange mode. However, we should still be compliant
with the spec, so check whether the DHE mode was offered and don't
send a key-share if it wasn't.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14749)
Benjamin Kaduk [Tue, 30 Mar 2021 06:08:10 +0000 (23:08 -0700)]
make update
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14749)
Benjamin Kaduk [Tue, 30 Mar 2021 06:03:49 +0000 (23:03 -0700)]
Improve RFC 8446 PSK key exchange mode compliance
It's a MUST-level requirement that if the client sends a pre_shared_key
extension not accompanied by a psk_key_exchange_modes extension, the
server must abort the handshake. Prior to this commit the server
would continue on.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14749)
Dr. David von Oheimb [Tue, 4 May 2021 22:09:43 +0000 (00:09 +0200)]
HTTP client: Minimal changes that include the improved API
This is a minimal version of pull request #15053 including all the
proposed improvements to the HTTP client API and its documentation
but only those code adaptations strictly needed for it.
The proposed new features include
* support for persistent connections (keep-alive),
* generalization to arbitrary request and response types, and
* support for streaming BIOs for request and response data.
The related API changes include:
* Split the monolithic OSSL_HTTP_transfer() into OSSL_HTTP_open(),
OSSL_HTTP_set_request(), a lean OSSL_HTTP_transfer(), and OSSL_HTTP_close().
* Split the timeout functionality accordingly and improve default behavior.
* Extract part of OSSL_HTTP_REQ_CTX_new() to OSSL_HTTP_REQ_CTX_set_expected().
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15147)
Dr. David von Oheimb [Fri, 7 May 2021 15:16:48 +0000 (17:16 +0200)]
Add ASN1_item_i2d_mem_bio(); document and improve also ASN1_item_d2i_bio()
ASN1_item_d2i_bio(): Do not report errors in queue on BIO input being NULL
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15147)
Tomas Mraz [Wed, 5 May 2021 17:01:44 +0000 (19:01 +0200)]
A few cleanups of the provider build.infos
Remove a TODO that is no longer relevant and
drop some more non-fips sources from the fips checksums.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15191)
Tomas Mraz [Mon, 10 May 2021 14:51:39 +0000 (16:51 +0200)]
Allow arbitrary digests with ECDSA and DSA
Unless the FIPS security check is enabled we allow arbitrary digests
with ECDSA and DSA.
Fixes #14696
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15220)
Pauli [Mon, 10 May 2021 05:55:13 +0000 (15:55 +1000)]
apps: make list -help not continue with listing
All the commands return after printing their help. List doesn't.
This brings them in line.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15211)
Pauli [Mon, 10 May 2021 02:12:38 +0000 (12:12 +1000)]
apps: change list command to only list fetchable algorithms.
The -propquery option will work with this change. By default the output will
be the same.
Also address some inconsistencies in the code with respects to error checking.
Fixes #15196
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15211)
Pauli [Mon, 10 May 2021 03:05:08 +0000 (13:05 +1000)]
encoder: add a _name() function for encoders and decoders
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15211)
Pauli [Mon, 10 May 2021 02:57:33 +0000 (12:57 +1000)]
doc: document the encoder and decoder name functions
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15211)
Pauli [Wed, 12 May 2021 08:20:55 +0000 (18:20 +1000)]
Checksum update
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Matt Caswell [Tue, 11 May 2021 07:45:10 +0000 (17:45 +1000)]
property: add test case for setting default user properties before fetching
Shamelessly culled from #15218.
Co-authored-by: Dr Paul Dale <pauli@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15222)
Pauli [Mon, 10 May 2021 23:48:22 +0000 (09:48 +1000)]
property: create property names more eagerly.
User defined property names were not created before the first fetch. The
rationale for this was to only maintain the user names defined by providers.
This was intended to prevent malicious memory use attacks.
Not being able to specify a default query before the first fetch is wrong. This
changes the behaviour of the property query parsing to always create property
names.
Fixes #15218
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15222)
Pauli [Mon, 3 May 2021 22:59:01 +0000 (08:59 +1000)]
Run-checker converted to GitHub Actions
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15129)
Pauli [Fri, 7 May 2021 03:26:44 +0000 (13:26 +1000)]
coveralls: fix comment to indicate daily not weekly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15129)
Job Snijders [Sun, 9 May 2021 20:24:29 +0000 (20:24 +0000)]
Add OID for RPKI id-ct-signedChecklist
References: draft-ietf-sidrops-rpki-rsc - Resource Public Key Infrastructure
(RPKI) object profile for Signed Checklist (RSC)
OID listed under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)'
https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1
CLA: Trivial
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15207)
EasySec [Wed, 5 May 2021 15:59:29 +0000 (17:59 +0200)]
find-doc-nits fix courtesy Rich Salz
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11481)
EasySec [Tue, 7 Apr 2020 14:59:47 +0000 (16:59 +0200)]
use LHASH_OF(TYPE) macro to make the example consistent with the declaration in ssl.h
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11481)
Pauli [Wed, 12 May 2021 01:14:02 +0000 (11:14 +1000)]
Checksum update
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Pauli [Mon, 10 May 2021 04:13:30 +0000 (14:13 +1000)]
evp: fix return code check.
The return from evp_do_md_getparams() is 0 for failure and -1 for not being
a provided algorithm. The code in evp_md_cache_constants() failed to check
the return code properly. In this case it was harmless but better to fix it.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/15208)
Pauli [Mon, 10 May 2021 00:24:13 +0000 (10:24 +1000)]
coverity: fix
1484542 dereference after null check
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/15208)
Pauli [Mon, 10 May 2021 00:18:07 +0000 (10:18 +1000)]
coverity: fix
1484540 resource leak
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/15208)
Pauli [Mon, 10 May 2021 00:17:38 +0000 (10:17 +1000)]
coverity: fix
1484539 resource leak
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/15208)
Dr. David von Oheimb [Mon, 10 May 2021 14:27:13 +0000 (16:27 +0200)]
80-test_cmp_http.t: Improve fuzzing exclusion pattern - fixup!
This now correctly fixes #14966.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15217)
Xiaofei Bai [Mon, 10 May 2021 09:12:22 +0000 (09:12 +0000)]
Fix missing $CPUIDDEF in libdefault.a
This fixes a build error caused by missing $CPUIDDEF when
compiling libdefault.a, and some functions(like armv8_aes_gcm_encrypt)
become undefined.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15215)
Matt Caswell [Fri, 7 May 2021 10:18:57 +0000 (11:18 +0100)]
Update FIPS checksums
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14991)
Matt Caswell [Fri, 7 May 2021 10:03:59 +0000 (11:03 +0100)]
Exclude child provider code from the FIPS module
We don't need the child provider code in the FIPS module so we exclude
it.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14991)
Matt Caswell [Wed, 5 May 2021 13:43:19 +0000 (14:43 +0100)]
Update documentation following addition of OSSL_LIB_CTX_new_child()
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14991)
Matt Caswell [Tue, 4 May 2021 16:38:10 +0000 (17:38 +0100)]
Add additional testing of child libctx/providers
Add a case where a provider explicitly loads a provider into a child
libctx where it does not already exist.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14991)
Matt Caswell [Tue, 4 May 2021 15:23:31 +0000 (16:23 +0100)]
Don't convert pre-existing providers into children
If a provider explicitly loads another provider into a child libctx where
it wasn't previously loaded then we don't start treating it like a child
if the parent libctx subsequently loads the same provider.
Fixes #14925
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14991)
Matt Caswell [Thu, 29 Apr 2021 15:37:42 +0000 (16:37 +0100)]
Add support for child provider to up_ref/free their parent
If the ref counts on a child provider change, then this needs to be
reflected in the parent so we add callbacks to do this.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14991)