Richard Levitte [Thu, 26 Sep 2019 05:45:33 +0000 (07:45 +0200)]
OSSL_PARAM functions: change to allow the data field to be NULL
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10025)
Richard Levitte [Thu, 26 Sep 2019 05:42:06 +0000 (07:42 +0200)]
OSSL_PARAM.pod: document the mechanism to figure out buffer sizes
When requesting parameters, it's acceptable to make a first pass with
the |data| field of some parameters being NULL. That can be used to
help the requestor to figure out dynamically what buffer size is
needed. For variable size parameters, there's no other way to find
out.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10025)
Dr. David von Oheimb [Sat, 10 Aug 2019 12:07:22 +0000 (14:07 +0200)]
Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL
Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712)
CMP and CRMF API is added to libcrypto, and the "cmp" app to the openssl CLI.
Adds extensive man pages and tests. Integration into build scripts.
Incremental pull request based on OpenSSL commit
8869ad4a39f of 2019-04-02
4th chunk: CMP context/parameters and utilities
in crypto/cmp/cmp_ctx.c, crypto/cmp/cmp_util.c, and related files
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9107)
Pauli [Tue, 10 Sep 2019 08:05:57 +0000 (18:05 +1000)]
Reformat param description lines
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10024)
Pauli [Thu, 26 Sep 2019 02:14:00 +0000 (12:14 +1000)]
Make OSSL_PARAM descriptions uniformly formatted.
=item B<MACRO> ("name") <type>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10024)
Richard Levitte [Mon, 19 Aug 2019 06:55:53 +0000 (08:55 +0200)]
When building of modules is disabled, build the legacy provider into libcrypto
This makes the legacy provider available regardless of building conditions.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9637)
Richard Levitte [Mon, 19 Aug 2019 06:54:00 +0000 (08:54 +0200)]
Configure, build.info: make it possible to use variables in indexes
That will make it possible to assign different goals for translation
units depending on need.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9637)
Rich Salz [Tue, 24 Sep 2019 15:32:01 +0000 (11:32 -0400)]
Ensure man1 POD files start with openssl-
Commit
b6b66573 (PR #9679) renamed most POD files. This change causes
find-doc-nits to flag misnamed files.
Also fix the two misnamed files that it found.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10000)
Fangming.Fang [Thu, 26 Sep 2019 02:14:54 +0000 (12:14 +1000)]
Missing else in cipher_hw_aes_ocb_generic_initkey
This came from commit
3837c202 "Add aes_ocb cipher to providers". It
causes the default non-hardware accelerated AES implementation to be
used even if HWAES_CAPABLE is set. Affects all platforms except X86 and
SPARC.
Patch by: Nick Gasson <Nick.Gasson@arm.com>
Change-Id: I26001a3a922ff23f6090fdcefefaecf68e92e2a6
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10012)
Pauli [Wed, 25 Sep 2019 10:43:03 +0000 (20:43 +1000)]
Use OSSL_PARAM types. Limits are explained in the description where appropriate.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10011)
Pauli [Wed, 25 Sep 2019 10:42:42 +0000 (20:42 +1000)]
Use OSSL_PARAM types. Limits are explained in the description where appropriate.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10011)
Pauli [Wed, 25 Sep 2019 10:30:09 +0000 (20:30 +1000)]
KDF section 3 clean up
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10011)
Pauli [Wed, 25 Sep 2019 10:27:36 +0000 (20:27 +1000)]
Use OSSL_PARAM types for MAC documentation
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10011)
Pauli [Wed, 25 Sep 2019 10:27:27 +0000 (20:27 +1000)]
Use OSSL_PARAM types for KDF documentation
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10011)
Patrick Steuer [Thu, 19 Sep 2019 13:31:27 +0000 (15:31 +0200)]
s390x assembly pack: accelerate X25519, X448,
Ed25519 and Ed448
using PCC and KDSA instructions.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10004)
Patrick Steuer [Tue, 24 Sep 2019 12:44:27 +0000 (14:44 +0200)]
s390x assembly pack: cleanse only sensitive fields
of instruction parameter blocks.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10004)
Patrick Steuer [Tue, 24 Sep 2019 21:20:00 +0000 (23:20 +0200)]
s390x assembly pack: fix OPENSSL_s390xcap z15 cpu mask
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10004)
Patrick Steuer [Tue, 24 Sep 2019 21:03:19 +0000 (23:03 +0200)]
s390x assembly pack: fix msa3 stfle bit detection
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10004)
Matt Caswell [Tue, 24 Sep 2019 14:17:15 +0000 (15:17 +0100)]
Make EVP_MD_CTX_[gettable|settable]_params() take an EVP_MD_CTX
EVP_MD_CTX_gettable_params() and EVP_MD_CTX_settable_params() were
confusingly named because they did not take an EVP_MD_CTX parameter.
In addition we add the functions EVP_MD_gettable_ctx_params() and
EVP_MD_settable_ctx_params() which do the same thing but are passed
an EVP_MD object instead.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9998)
Pauli [Sun, 22 Sep 2019 00:49:10 +0000 (10:49 +1000)]
Remove the engine parameter from the provider MAC documentations
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9971)
Pauli [Sun, 22 Sep 2019 00:48:40 +0000 (10:48 +1000)]
Remove the engine parameter from the individual MAC documentation
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9971)
Pauli [Sun, 22 Sep 2019 00:46:54 +0000 (10:46 +1000)]
Remove engine param from EVP_KDF and EVP_MAC documentation
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9971)
Pauli [Sun, 22 Sep 2019 00:45:07 +0000 (10:45 +1000)]
Remove engine param from the settable list
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9971)
Pauli [Sun, 22 Sep 2019 00:43:08 +0000 (10:43 +1000)]
Remove engine param macros from wrapper APIs
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9971)
Pauli [Sun, 22 Sep 2019 00:39:17 +0000 (10:39 +1000)]
Make the "engine" parameter to some provider algorithms (KDF/PRF) hidden.
This parameter will disappear once engines are wrapped by a provider so
it shouldn't ever be visible to the public.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9971)
Shane Lontis [Wed, 25 Sep 2019 00:46:39 +0000 (10:46 +1000)]
Add rc4 cipher to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9992)
Richard Levitte [Tue, 24 Sep 2019 11:23:38 +0000 (13:23 +0200)]
DOC: fix documentation of som EVP_MD_CTX functions
They were documented to take an EVP_MD pointer, when they really take
an EVP_MD_CTX pointer.
Fixes #9993
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9996)
Rich Salz [Mon, 23 Sep 2019 16:29:20 +0000 (12:29 -0400)]
Fix bugs in "info" commands flags
Remove -c/-e/-m aliases, OpenSSL commands don't do that.
Fix typo's in the documentation.
Fix -module flag to print the right thing.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9986)
jayaram [Mon, 23 Sep 2019 10:44:56 +0000 (16:14 +0530)]
fix for dsa key size feature request issue: pkey -text or -text_pub should show dsa key size
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/9983)
Dmitry Belyavskiy [Wed, 21 Aug 2019 15:28:48 +0000 (18:28 +0300)]
Support printing out some otherName variants
The supported variants are
- SmtpUTF8Name
- xmppAddr
- MS UPN
- SRVName
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9965)
Simo Sorce [Thu, 19 Sep 2019 17:51:34 +0000 (13:51 -0400)]
Add SSKDF test vectors from RFC 8636
RFC 8636 defines the Pkinit Agility KDF, which turns out to be just a
standard SSKDF with the Info built out of the ASN.1 option of SP 800 56A
(See 5.8.2.1.2 of NIST SP 800-56A Rev. 3)
RFC 8636 Also defines test vectors, so let's add them in addition to the
tests from "non-official" test vectors.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9957)
raja-ashok [Thu, 19 Sep 2019 11:12:42 +0000 (16:42 +0530)]
Update new TLS version options to s_time man page
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9947)
raja-ashok [Thu, 19 Sep 2019 10:37:21 +0000 (16:07 +0530)]
Add TLS version options to s_time
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9947)
Richard Levitte [Sat, 21 Sep 2019 18:57:51 +0000 (20:57 +0200)]
Rework cipher / digest fetching for legacy nids with multiple name support
With multiple names, it's no longer viable to just grab the "first" in
the set and use that to find the legacy NID. Instead, all names for
an algorithm must be checked, and if we encounter more than one NID
asssociated with those names, we consider it an error and make that
method unloadable.
This ensures that all methods that do have an internal NID associated
will get that NID in their structure, thereby ensuring that other
parts of libcrypto that haven't gone away from using NIDs for
comparison will continue to work as expected.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9969)
Richard Levitte [Mon, 23 Sep 2019 04:26:57 +0000 (06:26 +0200)]
include/openssl/macros.h: better OPENSSL_FUNC fallback
Make sure OPENSSL_FUNC gets defined to something, no matter what.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9976)
Shane Lontis [Mon, 23 Sep 2019 04:35:16 +0000 (14:35 +1000)]
Add des ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9954)
Pauli [Sat, 21 Sep 2019 00:29:17 +0000 (10:29 +1000)]
Note that the mac command is preferrable to the MAC command line options.
The dgst command allows MACs to be calculated, the mac command is the more
recent interface for doing the same and provides better access to a wider
range of MACs.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9962)
Dr. Matthias St. Pierre [Fri, 20 Sep 2019 22:01:04 +0000 (00:01 +0200)]
Configure: add missing dependency to fix parallel builds on Windows
The issue was encountered when testing parallel builds of OpenSSL on
Windows using `jom` instead of `nmake`. The builds persistently failed
with the following error message because the generated file "buildinf.h"
did not exist yet.
crypto\info.c(15): fatal error C1083:
cannot open include file: "buildinf.h": No such file or directory
Apparently this error does not occur on Linux because `make` parallelizes
the builds differently such that `crypto\cversion.c`, which has an
explicit dependency on `buildinf.h`, gets compiled first. Also, the
include dependency was added only recently in commit
096978f0990.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9960)
Kurt Roeckx [Fri, 20 Sep 2019 18:26:42 +0000 (20:26 +0200)]
Use the correct maximum indent
Found by OSS-Fuzz
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
GH: #9959
Richard Levitte [Mon, 16 Sep 2019 14:23:25 +0000 (16:23 +0200)]
include/openssl/macros.h: Rework OPENSSL_FUNC for div C standards
OPENSSL_FUNC was defined as an alias for __FUNCTION__ with new enough
GNU C, regardless of the language standard used. We change this
slightly, so this won't happen unless __STDC_VERSION is defined.
Fixes #9911
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9913)
Richard Levitte [Thu, 19 Sep 2019 13:04:53 +0000 (15:04 +0200)]
Remove name string from PROV_CIPHER and PROV_DIGEST
It was short lived, as it's not necessary any more.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9946)
Richard Levitte [Thu, 19 Sep 2019 09:51:22 +0000 (11:51 +0200)]
Refactor SSKDF to create the MAC contexts early
The SSKDF implementation fetched the digest(s) for the underlying MAC,
just to get their names and pass those down to the MAC, which in turn
would fetch those same digests again.
This change circumvents this by fetching the MAC and create the MAC
contexts for them directly when this PRF receives the relevant
parameters, thus only having to pass EVP_MAC_CTX pointers around.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9946)
Richard Levitte [Thu, 19 Sep 2019 09:47:46 +0000 (11:47 +0200)]
Refactor TLS-PRF's kdf_tls1_prf_mkmacctx() to a provider utility
ossl_prov_macctx_load_from_params() creates a EVP_MAC_CTX *, or sets
new common parameters for an existing one.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9946)
Shane Lontis [Wed, 10 Jul 2019 01:42:03 +0000 (11:42 +1000)]
Add aes_wrap cipher to providers
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9406)
Shane Lontis [Thu, 19 Sep 2019 07:26:04 +0000 (17:26 +1000)]
Fix missing bn_mul_mont symbol in solaris fips module
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9943)
Shane Lontis [Thu, 19 Sep 2019 08:40:07 +0000 (18:40 +1000)]
Move gcm decryption tag check higher up in the callstack
Code was updated for s390 that accidently removed the check inside the final method.
Moving the check up before the final method is called is a better way of handling this.
The oneshot method also calls the final method but doesnt need to do this check.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9945)
Rich Salz [Thu, 29 Aug 2019 19:37:01 +0000 (15:37 -0400)]
Exit non-zero if find-doc-nits finds nits
Filter all output to a new &err() routine, which sets the global
exit status, $status.
Also, fix all subroutine definitions and references to be consistent:
no prototypes, no & before function calls.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/9733)
Rich Salz [Fri, 16 Aug 2019 22:05:08 +0000 (18:05 -0400)]
Avoid ?: construct in XXXerr calls
It either makes the flow of control simpler and more obvious, or it is
just a "cleanup" so that the editing scripts will find and fixup things.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9441)
Rich Salz [Mon, 12 Aug 2019 19:50:51 +0000 (15:50 -0400)]
Add merge-err-lines script
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9441)
Rich Salz [Tue, 30 Jul 2019 19:40:23 +0000 (15:40 -0400)]
Deprecate XXXerr() macros
Actually, for transition, they're not really deprecated. Remove the
"1 ||" from the ifdef line (in include/openssl/err.h) when ready to
do this in production/"for real"
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9441)
Rich Salz [Wed, 24 Jul 2019 15:40:07 +0000 (11:40 -0400)]
Add script convert XXerr to ERR_raise
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9441)
Richard Levitte [Sat, 14 Sep 2019 14:35:08 +0000 (16:35 +0200)]
Modify providers that keep track of underlying algorithms
With some provider implementations, there are underlying ciphers,
digests and macs. For some of them, the name was retrieved from the
method, but since the methods do not store those any more, we add
different mechanics.
For code that needs to pass on the name of a cipher or diges via
parameters, we simply locally store the name that was used when
fetching said cipher or digest. This will ensure that any underlying
code that needs to fetch that same cipher or digest does so with the
exact same name instead of any random name from the set of names
associated with the algorithm.
For code that needs to check what kind of algorithm was passed, we
provide EVP_{type}_is_a(), that returns true if the given method has
the given name as one of its names.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9897)
Richard Levitte [Sat, 14 Sep 2019 14:22:19 +0000 (16:22 +0200)]
In provider implemented methods, save the name number, not the name string
Multiple names per implementation is already supported in the namemap,
but hasn't been used yet. However, as soon as we have multiple names,
we will get an issue with what name should be saved in the method.
The solution is to not save the name itself, but rather the number
it's associated with. This number is supposed to be unique for each
set of names, and we assume that algorithm names are globally unique,
i.e. there can be no name overlap between different algorithm types.
Incidently, it was also found that the 'get' function used by
ossl_construct_method() doesn't need all the parameters it was given;
most of what it needs, it can now get through the data structure given
by the caller of ossl_construct_method(). As a consequence,
ossl_construct_method() itself doesn't need all the parameters it was
given either.
There are some added internal functions that are expected to disappear
as soon as legacy code is removed, such as evp_first_name() and
ossl_namemap_num2name().
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9897)
Shane Lontis [Thu, 19 Sep 2019 11:21:39 +0000 (21:21 +1000)]
Fix Solaris compile errors in provider ciphers
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9941)
Jon Spillett [Thu, 19 Sep 2019 11:14:21 +0000 (21:14 +1000)]
Add option grouping capability to apps
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9920)
Shane Lontis [Thu, 19 Sep 2019 10:10:25 +0000 (20:10 +1000)]
Add aes_ocb cipher to providers
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9320)
Shane Lontis [Thu, 19 Sep 2019 05:38:51 +0000 (15:38 +1000)]
Add sm4 ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9935)
Brian Chen [Tue, 7 May 2019 08:05:44 +0000 (04:05 -0400)]
Update fuzzing README for recent clang versions
Recent clang versions ship with libfuzzer, so there's no need to build
libfuzzer yourself. They also have a dedicated -fsanitize=fuzzer-no-link
flag and no longer support the sanitize flags described in the fuzzing
README. Update it to reflect all this.
Fixes #8768.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
GH: #8891
Patrick Steuer [Wed, 18 Sep 2019 13:46:39 +0000 (15:46 +0200)]
Fix strict-warnings build
..which was broken for s390 due to
1c3ace68.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/9937)
Patrick Steuer [Wed, 18 Sep 2019 18:43:02 +0000 (20:43 +0200)]
Fix aes ofb, cfb and cfb8 for s390x
..which was broken since
e1178600.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/9939)
Shane Lontis [Wed, 18 Sep 2019 12:13:59 +0000 (22:13 +1000)]
Add SEED ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9932)
Richard Levitte [Wed, 18 Sep 2019 09:49:55 +0000 (11:49 +0200)]
Refactor TLS1-PRF to create the MAC contexts early
The TLS1-PRF implementation fetched the digest(s) for the underlying
MAC, just to get their names and pass those down to the MAC, which in
turn would fetch those same digests again.
This change circumvents this by fetching the MAC (or MACs in the
MD5-SHA1 special case) and create the MAC contexts for them directly
when this PRF receives the relevant parameters, thus only having to
pass EVP_MAC_CTX pointers around.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9930)
Shane Lontis [Wed, 18 Sep 2019 08:55:11 +0000 (18:55 +1000)]
Add cast5 ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9929)
Pauli [Mon, 16 Sep 2019 22:46:49 +0000 (08:46 +1000)]
Change PARAMETER NAMES links to PARAMETERS
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9905)
Pauli [Mon, 16 Sep 2019 22:45:38 +0000 (08:45 +1000)]
Use PARAMETERS instead of PARAMETER NAMES for the heading for consistency.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9905)
Pauli [Mon, 16 Sep 2019 22:44:15 +0000 (08:44 +1000)]
Fix links to functions.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9905)
Pauli [Sun, 15 Sep 2019 23:07:32 +0000 (09:07 +1000)]
Cleanup KDF section 1 documentation.
Remove reference to EVP_KDF_ctrl_str and replace it with EVP_KDF_CTX_set_params.
Add missing links, and specify two extra KDFs.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9905)
Pauli [Sun, 15 Sep 2019 22:59:10 +0000 (08:59 +1000)]
Clean up KDF documentation in section 7.
The EVP_KDF_ctrl function doesn't exist anymore and have been replaced by
EVP_KDF_CTX_set_params.
The EVP_KDF_new_id function doesn't exist either and EVP_KDF_new should be
used instead.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9905)
Alistair Francis [Thu, 29 Aug 2019 20:56:21 +0000 (13:56 -0700)]
Add support for io_pgetevents_time64 syscall
32-bit architectures that are y2038 safe don't include syscalls that use
32-bit time_t. Instead these architectures have suffixed syscalls that
always use a 64-bit time_t. In the case of the io_getevents syscall the
syscall has been replaced with the io_pgetevents_time64 syscall instead.
This patch changes the io_getevents() function to use the correct
syscall based on the avaliable syscalls and the time_t size. We will
only use the new 64-bit time_t syscall if the architecture is using a
64-bit time_t. This is to avoid having to deal with 32/64-bit
conversions and relying on a 64-bit timespec struct on 32-bit time_t
platforms. As of Linux 5.3 there are no 32-bit time_t architectures
without __NR_io_getevents. In the future if a 32-bit time_t architecture
wants to use the 64-bit syscalls we can handle the conversion.
This fixes build failures on 32-bit RISC-V.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9819)
Shane Lontis [Wed, 18 Sep 2019 05:57:08 +0000 (15:57 +1000)]
Add IDEA ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9917)
Shane Lontis [Wed, 18 Sep 2019 05:26:19 +0000 (15:26 +1000)]
Fix Compiler error/warning for windows icl build
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9907)
Shane Lontis [Wed, 18 Sep 2019 05:20:30 +0000 (15:20 +1000)]
Fix Coverity CID:
1453685 'unreachable code' in aes_xts code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/9902)
Richard Levitte [Thu, 12 Sep 2019 11:27:52 +0000 (13:27 +0200)]
crypto/bn/build.info: Correct use of SSE2 definition
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9879)
Jon Spillett [Mon, 2 Sep 2019 00:06:29 +0000 (10:06 +1000)]
apps/pkcs12: print multiple PKCS#12 safeBag attribute values if present
Currently the pkcs12 app will only ever print the first value of a multi-value
attribute. This is OK for some attributes (e.g. friendlyName, localKeyId) but
may miss values for other attributes.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9751)
Shane Lontis [Tue, 17 Sep 2019 03:34:47 +0000 (13:34 +1000)]
Fix Solaris aes_hw_t4 compile issue
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9910)
Bernd Edlinger [Fri, 13 Sep 2019 08:45:29 +0000 (10:45 +0200)]
Fix building statically without any dso support
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9895)
Richard Levitte [Thu, 12 Sep 2019 22:06:46 +0000 (00:06 +0200)]
Unify all assembler file generators
They now generally conform to the following argument sequence:
script.pl "$(PERLASM_SCHEME)" [ C preprocessor arguments ... ] \
$(PROCESSOR) <output file>
However, in the spirit of being able to use these scripts manually,
they also allow for no argument, or for only the flavour, or for only
the output file. This is done by only using the last argument as
output file if it's a file (it has an extension), and only using the
first argument as flavour if it isn't a file (it doesn't have an
extension).
While we're at it, we make all $xlate calls the same, i.e. the $output
argument is always quoted, and we always die on error when trying to
start $xlate.
There's a perl lesson in this, regarding operator priority...
This will always succeed, even when it fails:
open FOO, "something" || die "ERR: $!";
The reason is that '||' has higher priority than list operators (a
function is essentially a list operator and gobbles up everything
following it that isn't lower priority), and since a non-empty string
is always true, so that ends up being exactly the same as:
open FOO, "something";
This, however, will fail if "something" can't be opened:
open FOO, "something" or die "ERR: $!";
The reason is that 'or' has lower priority that list operators,
i.e. it's performed after the 'open' call.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9884)
Richard Levitte [Thu, 12 Sep 2019 22:05:26 +0000 (00:05 +0200)]
build.info: For all assembler generators, remove all arguments
Since the arguments are now generated in the build file templates,
they should be removed from the build.info files.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9884)
Richard Levitte [Thu, 12 Sep 2019 21:58:07 +0000 (23:58 +0200)]
Build files: Unify standard arguments for assembler generating scrips
- Make the last argument always be the output file.
- Make the first argument always be the flavour, even if there is no
flavour (i.e. it might become the empty string).
- Make the next to last argument to be $(PROCESSOR) if that one has a
value.
- Remaining arguments are C prepropressor arguments.
Perl scripts that should handle this may use the following code:
$output = pop;
$flavour = shift;
if ($ARGV[$#ARGV] eq '386') {
# Do 386 specific things
} else {
# Do whatever else, with the knowledge the @ARGV contains
# C preprocessor arguments
}
Some scripts don't care about anything than $output, and that's ok.
Some scripts do care, but handle it a little differently, and that's
ok too (notably, the x86 scripts call asm_init() with the first and
the last argument after having popped $output).
As long as they handle the argument order right, they are going to
be fine.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9884)
ManishPatidar1 [Mon, 9 Sep 2019 13:32:56 +0000 (19:02 +0530)]
clearing the ecx private key memory
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9830)
Pauli [Mon, 16 Sep 2019 03:22:56 +0000 (13:22 +1000)]
Avoid mentioning ctrl_str in the MAC documentation.
Change to mentioning params instead.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9908)
Pauli [Mon, 16 Sep 2019 01:15:25 +0000 (11:15 +1000)]
Use "PARAMETERS" in the documentation headings.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9906)
Shane Lontis [Sun, 15 Sep 2019 10:06:28 +0000 (20:06 +1000)]
Add blowfish ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9887)
Shane Lontis [Sun, 15 Sep 2019 09:55:10 +0000 (19:55 +1000)]
Add fips module integrity check
Add environment variable for setting CONF .include path
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9769)
Shane Lontis [Sun, 15 Sep 2019 09:33:04 +0000 (19:33 +1000)]
Fix compile error detected by Solaris build
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9901)
Shane Lontis [Sun, 15 Sep 2019 09:29:02 +0000 (19:29 +1000)]
Fix aesni_xts compile error
Block copy bug..
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9900)
Jan-Frederik Rieckers [Fri, 13 Sep 2019 17:34:14 +0000 (19:34 +0200)]
Fix small typo in doc for X509_STORE_CTX_new
CLA: trivial
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9894)
Pauli [Sat, 14 Sep 2019 23:44:14 +0000 (09:44 +1000)]
Fix examples in the section 7 KDF man pages.
All of the examples called EVP_KDF_set_params() when they should have been
calling EVP_KDF_CTX_set_params().
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9898)
Andreas Kretschmer [Thu, 5 Sep 2019 11:21:03 +0000 (13:21 +0200)]
fix CRMF symmetric key handling
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9774)
Pauli [Fri, 13 Sep 2019 09:37:40 +0000 (19:37 +1000)]
Use param types instead of native types in the param descriptions
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9891)
Pauli [Fri, 13 Sep 2019 09:35:37 +0000 (19:35 +1000)]
Use param types for parameter descriptions. Mention a size_t limit to those where it makes sense.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9891)
Pauli [Fri, 13 Sep 2019 09:32:28 +0000 (19:32 +1000)]
Add wording to limit the 'size' parameter to no more than can be specified using a size_t variable
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9891)
Shane Lontis [Fri, 13 Sep 2019 23:27:49 +0000 (09:27 +1000)]
Add aes_xts cipher to providers
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9327)
Shane Lontis [Fri, 13 Sep 2019 23:11:28 +0000 (09:11 +1000)]
Fix S390X bad size_t that causes memory trash in legacy ciphers
This caused a SEGV inside tls13_enc() when using chacha_poly.
The tls code assigns the iv_length to a size_t (even though it is an int).
This is actually really bad since it could be -1, which will then trash the iv buffer.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9890)
Rich Salz [Thu, 12 Sep 2019 17:06:04 +0000 (13:06 -0400)]
ERR: Change get_error_values() to use an enum
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9870)
Bernd Edlinger [Mon, 9 Sep 2019 17:12:25 +0000 (19:12 +0200)]
Fix potential memory leaks with BN_to_ASN1_INTEGER
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9833)
Pauli [Thu, 12 Sep 2019 08:12:47 +0000 (18:12 +1000)]
Define the MAC parameter types without using C type names to avoid confusion.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9875)
Richard Levitte [Thu, 1 Aug 2019 10:03:57 +0000 (12:03 +0200)]
Document the deprecation of ERR_STATE and ERR_get_state()
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9462)
Richard Levitte [Fri, 26 Jul 2019 16:11:55 +0000 (18:11 +0200)]
Deprecate ERR_get_state()
Internally, we still need this function, so we make it internal and
then add a new ERR_get_state() that simply calls the internal variant,
unless it's "removed" by configuration.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9462)
Richard Levitte [Thu, 25 Jul 2019 19:57:48 +0000 (21:57 +0200)]
Deprecate the public definition of ERR_STATE
The intention is to make it opaque later on.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9462)