oweals/openssl.git
4 years agoAdd confdump to .gitignore
Matt Caswell [Tue, 12 Nov 2019 17:41:29 +0000 (17:41 +0000)]
Add confdump to .gitignore

We added a new executable to the test directory which didn't match the
existing gitignore rules, so we add it explicitly.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10430)

4 years agoDocument various new/changes EVP_PKEY_CTX_* functions
Matt Caswell [Wed, 6 Nov 2019 13:39:21 +0000 (13:39 +0000)]
Document various new/changes EVP_PKEY_CTX_* functions

We have converted a number of macros to functions and made them work
with providers. We've also added some *_ex() variants that needed
documenting.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

4 years agoDocument the public EVP_ASYM_CIPHER releated functions
Matt Caswell [Wed, 6 Nov 2019 11:03:12 +0000 (11:03 +0000)]
Document the public EVP_ASYM_CIPHER releated functions

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

4 years agoAdd documentation for the Asymmetric Cipher Operation
Matt Caswell [Tue, 29 Oct 2019 09:24:24 +0000 (09:24 +0000)]
Add documentation for the Asymmetric Cipher Operation

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

4 years agoMove RSA Asym cipher code to the default provider
Matt Caswell [Mon, 28 Oct 2019 13:40:39 +0000 (13:40 +0000)]
Move RSA Asym cipher code to the default provider

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

4 years agoIncrease OSSL_PARAM_BLD_MAX for multi-prime RSA
Matt Caswell [Mon, 28 Oct 2019 14:43:42 +0000 (14:43 +0000)]
Increase OSSL_PARAM_BLD_MAX for multi-prime RSA

The old value of 10 for OSSL_PARAM_BLD_MAX is insufficient for multi-prime
RSA. That code has this assert:

        if (!ossl_assert(/* n, e */ 2 + /* d */ 1 + /* numprimes */ 1
                         + numprimes + numexps + numcoeffs
                         <= OSSL_PARAM_BLD_MAX))
            goto err;

So we increase OSSL_PARAM_BLD_MAX which would be enough for 7 primes
(more than you would ever reasonably want).

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

4 years agoImplement provider support for Asym Ciphers
Matt Caswell [Tue, 1 Oct 2019 08:40:57 +0000 (09:40 +0100)]
Implement provider support for Asym Ciphers

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

4 years agoAllow strings in params to be of zero length
Matt Caswell [Thu, 17 Oct 2019 16:19:21 +0000 (17:19 +0100)]
Allow strings in params to be of zero length

Sometimes it is useful to be able to pass NULL/zero length strings

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

4 years agoAllow setting a NULL pointer in a params structure
Matt Caswell [Fri, 11 Oct 2019 16:42:19 +0000 (17:42 +0100)]
Allow setting a NULL pointer in a params structure

Sometimes it is valid to send a NULL pointer in params.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)

4 years agoCORE: Add a generic callback function type
Richard Levitte [Mon, 11 Nov 2019 17:38:57 +0000 (18:38 +0100)]
CORE: Add a generic callback function type

This offers a very generic way to define a callback as well as calling
it.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10412)

5 years agochacha_enc.c: fix for EBCDIC platforms
Joerg Schmidbauer [Tue, 12 Nov 2019 09:26:47 +0000 (10:26 +0100)]
chacha_enc.c: fix for EBCDIC platforms

Signed-off-by: Joerg Schmidbauer <jschmidb@de.ibm.com>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10417)

5 years agoExtend docs for EC_POINT conversion functions
Nicola Tuveri [Mon, 11 Nov 2019 22:52:00 +0000 (00:52 +0200)]
Extend docs for EC_POINT conversion functions

Add more explicit documentation about the relation between
EC_POINT_point2oct(), EC_POINT_point2hex(), EC_POINT_point2bn() and
their reverse.

In particular highlight that EC_POINT_point2oct() and
EC_POINT_oct2point() conform to, respectively, Sec. 2.3.3 and Sec. 2.3.4
of the SECG SEC 1 standard (which is the normative reference for the
already mentioned RFC 5480), highlighting with a note how this affect
the encoding/decoding of the point at infinity (which in contrast with
any other valid generic point of a curve is assigned an exceptional
fixed octet string encoding, i.e., 0x00).

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10329)

5 years agoAdd self-test for EC_POINT_hex2point
Nicola Tuveri [Fri, 1 Nov 2019 20:09:40 +0000 (22:09 +0200)]
Add self-test for EC_POINT_hex2point

Adds tests for each curve to ensure that encodings obtained through
EC_POINT_hex2point() can be fed to EC_POINT_point2hex() yielding a point
identical to the one from which the encoding is generated.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10329)

5 years agoFix EC_POINT_bn2point() for BN_zero()
Nicola Tuveri [Fri, 1 Nov 2019 20:38:21 +0000 (22:38 +0200)]
Fix EC_POINT_bn2point() for BN_zero()

EC_POINT_bn2point() rejected BIGNUMs with a zero value.

This behavior indirectly caused failures when converting a point
at infinity through EC_POINT_point2hex() and then back to a point with
EC_POINT_hex2point().

With this change such BIGNUMs are treated like any other and exported to
an octet buffer filled with zero.
It is then EC_POINT_oct2point() (either the default implementation or
the custom one in group->meth->oct2point) to determine if such encoding
maps to a valid point (generally the point at infinity is encoded as
0x00).

Fixes #10258

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10329)

5 years agolibcrypto.num: remove some unused EVP_MAC symbols
Dr. Matthias St. Pierre [Tue, 12 Nov 2019 11:48:15 +0000 (12:48 +0100)]
libcrypto.num: remove some unused EVP_MAC symbols

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10421)

5 years agoAdd more tests for apps/req
Nicola Tuveri [Thu, 31 Oct 2019 15:17:31 +0000 (17:17 +0200)]
Add more tests for apps/req

https://github.com/openssl/openssl/issues/10224#issuecomment-546593113
highlighted that existing testing infrastructure is not covering common
usage patterns of the `req` app.

This commit explicitly adds request generations thorugh the CLI using
RSA, DSA and ECDSA (P-256) keys.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/pr-10312)

5 years agoAdd missing docs for some PKCS12 functions
Jon Spillett [Mon, 2 Sep 2019 04:51:05 +0000 (14:51 +1000)]
Add missing docs for some PKCS12 functions

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9752)

5 years agoadd OPENSSL_FUNC.pod documenting OPENSSL_MSTR, OPENSSL_FUNC, and friends
Dr. David von Oheimb [Tue, 5 Nov 2019 10:43:52 +0000 (11:43 +0100)]
add OPENSSL_FUNC.pod documenting OPENSSL_MSTR, OPENSSL_FUNC, and friends

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/10236)

5 years agore-add definition of OPENSSL_MSTR deleted from opensslv.h in macros.h
Dr. David von Oheimb [Tue, 22 Oct 2019 11:38:16 +0000 (13:38 +0200)]
re-add definition of OPENSSL_MSTR deleted from opensslv.h in macros.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/10236)

5 years agoSSL: Document SSL_add_{file,dir,store}_cert_subjects_to_stack()
Richard Levitte [Sun, 10 Nov 2019 14:36:24 +0000 (15:36 +0100)]
SSL: Document SSL_add_{file,dir,store}_cert_subjects_to_stack()

This also removes the incorrect documentation comments by those
functions, and fixes a bug in SSL_add_store_cert_subjects_to_stack(),
where the condition for recursive addition was 'depth == 0' when it
should be 'depth > 0'.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10402)

5 years agoAdd a tester of OpenSSL config files and test the current .pragma
Richard Levitte [Mon, 19 Aug 2019 04:35:54 +0000 (06:35 +0200)]
Add a tester of OpenSSL config files and test the current .pragma

test/confdump.c reads an OpenSSL config file and prints out the
processed result.  This can be used to check that a config file is
processed correctly.

We add a test recipe and the necessary data to test the dollarid
pragma.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8882)

5 years agoAdd a .pragma directive for configuration files
Richard Levitte [Mon, 6 May 2019 08:50:35 +0000 (10:50 +0200)]
Add a .pragma directive for configuration files

Currently added pragma:

.pragma dollarid:on

This allows dollar signs to be a keyword character unless it's
followed by a opening brace or parenthesis.

Fixes #8207

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8882)

5 years agoMake sure KDF reason codes are conserved in their current state
Richard Levitte [Sun, 10 Nov 2019 12:07:46 +0000 (13:07 +0100)]
Make sure KDF reason codes are conserved in their current state

Because KDF errors are deprecated and only conserved for backward
compatibilty, we must make sure that they remain untouched.  A simple
way to signal that is by modifying crypto/err/openssl.ec and replace
the main header file (include/openssl/kdf.h in this case) with 'NONE',
while retaining the error table file (crypto/kdf/kdf_err.c).

util/mkerr.pl is modified to silently ignore anything surrounding a
conserved lib when such a .ec line is found.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10368)

5 years agoDeprecate ERR_load_KDF_strings()
Richard Levitte [Sun, 10 Nov 2019 12:06:48 +0000 (13:06 +0100)]
Deprecate ERR_load_KDF_strings()

Not only deprecate, but also remove the reason strings and make
ERR_load_KDF_strings() do nothing.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10368)

5 years agoutil/perl/OpenSSL/ParseC.pm: Fix 'extern "C" DEPRECATEDIN_x_y(...)'
Richard Levitte [Sun, 10 Nov 2019 12:03:15 +0000 (13:03 +0100)]
util/perl/OpenSSL/ParseC.pm: Fix 'extern "C" DEPRECATEDIN_x_y(...)'

The parser expected an 'extern "C"' followed by a single declaration
to always end with a semicolon.  Then came along something like this:

    extern "C" DEPRECATEDIN_3_0(int ERR_load_KDF_strings(void))

This change adjusts the detector of 'extern "C"' to also take in
accound a declaration that ends with a parenthesis.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10368)

5 years agoReinstate the KDF error macros
Richard Levitte [Sun, 10 Nov 2019 04:16:36 +0000 (05:16 +0100)]
Reinstate the KDF error macros

For minimum breakage with existing applications that might use them.

This reverts commit fe6ec26b204a056aee2a24b79df09a45b2308603 and
37ed62107112d95f7b7c9bf75602a6ac40883a89.

Fixes #10340

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10368)

5 years agoFix cut'n'paste typos in the provider-digest pod
Dmitry Belyavskiy [Sat, 9 Nov 2019 20:25:32 +0000 (23:25 +0300)]
Fix cut'n'paste typos in the provider-digest pod

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10398)

5 years agoFix misspelled resumption_label for CHARSET_EBCDIC
Ido Ben-Natan [Sat, 9 Nov 2019 13:04:39 +0000 (15:04 +0200)]
Fix misspelled resumption_label for CHARSET_EBCDIC

The resumption_label variable when CHARSET_EBCDIC was enabled, was misspelled.
Instead of evaluating to 'res binder' as expected, it evaluated to 'red binder'.

CLA: trivial

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10396)

5 years agoFix no-dsa
Matt Caswell [Thu, 7 Nov 2019 09:24:18 +0000 (09:24 +0000)]
Fix no-dsa

Make sure we don't try and load a DSA key in the tests if DSA has been
disabled.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10375)

5 years agoAdd rc4_hmac_md5 cipher to default provider
Shane Lontis [Thu, 10 Oct 2019 06:42:20 +0000 (16:42 +1000)]
Add rc4_hmac_md5 cipher to default provider

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10179)

5 years agoFix L<xxx(1)> links to be L<openssl-xxx(1)>
Rich Salz [Fri, 1 Nov 2019 20:26:05 +0000 (16:26 -0400)]
Fix L<xxx(1)> links to be L<openssl-xxx(1)>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10328)

5 years agoWorkaround for Windows-based GOST implementations
Dmitry Belyavskiy [Thu, 7 Nov 2019 14:58:15 +0000 (17:58 +0300)]
Workaround for Windows-based GOST implementations

Many Windows-based GOST TLS implementations are unable to extend the
list of supported SignatureAlgorithms because of lack of the necessary
callback in Windows. So for TLS 1.2 it makes sense to imply the support
of GOST algorithms in case when the GOST ciphersuites are present.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10377)

5 years agoRename providers/common/provlib.c to nid_to_name.c
Richard Levitte [Fri, 8 Nov 2019 09:29:24 +0000 (10:29 +0100)]
Rename providers/common/provlib.c to nid_to_name.c

It contains only one function, which should only get added to non-FIPS
providers.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10389)

5 years agoFinal cleanup after move to leaner EVP_PKEY methods
Richard Levitte [Thu, 31 Oct 2019 11:10:01 +0000 (12:10 +0100)]
Final cleanup after move to leaner EVP_PKEY methods

Now that KEYMGMT method pointers have moved away from the diverse
methods that are used with EVP_PKEY_CTX, we no longer need to pass
special argument to evp_generic_fetch() and evp_generic_do_all().

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10309)

5 years agoConfiguration: make Solaris builds with gcc recognise GNU ld
Richard Levitte [Thu, 21 Mar 2019 06:51:43 +0000 (07:51 +0100)]
Configuration: make Solaris builds with gcc recognise GNU ld

The solaris config targets assumed that GNU cc used Sun ld at all
times.  However, there are setups where GNU ld is used instead, so we
adapt the Solaris gcc config targets to use the mechanism introduced
with Configurations/shared_info.pl to try to detect what ld flavor is
being used and set the diverse ld flags accordingly.

Fixes #8547

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8548)

5 years agobss_dgram.c: fix unaligned access
Patrick Steuer [Sat, 2 Nov 2019 15:31:28 +0000 (16:31 +0100)]
bss_dgram.c: fix unaligned access

char (alignment 1) casted to union sctp_notification (alignment > 1).

Fixes: #9538

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10336)

5 years agoRSA generation: Use more bits of 1/sqrt(2)
Kurt Roeckx [Wed, 23 Oct 2019 20:10:54 +0000 (22:10 +0200)]
RSA generation: Use more bits of 1/sqrt(2)

The old version always sets the top 2 bits, so the most significate byte
of the primes was always >= 0xC0. We now use 256 bits to represent
1/sqrt(2) = 0x0.B504F333F9DE64845...

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #10246

5 years agoFix a -Warray-bounds gcc warning in OPENSSL_DIR_read
Bernd Edlinger [Sun, 3 Nov 2019 16:34:23 +0000 (17:34 +0100)]
Fix a -Warray-bounds gcc warning in OPENSSL_DIR_read

'__builtin_strncpy' offset [275, 4095] from the object at
'direntry' is out of the bounds of referenced subobject 'd_name'
with type 'char[256]' at offset 19

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10343)

5 years agoconf_def.c: Avoid calling strlen() in a loop
raniervf [Tue, 5 Nov 2019 01:32:43 +0000 (22:32 -0300)]
conf_def.c: Avoid calling strlen() in a loop

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10361)

5 years agoCleanup include/openssl/opensslv.h.in
Richard Levitte [Thu, 17 Oct 2019 16:40:47 +0000 (18:40 +0200)]
Cleanup include/openssl/opensslv.h.in

Now that we generate include/openssl/opensslv.h, there's no point
keeping some macross around, we can just set a simpler set to their
respective value and be done with it.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10218)

5 years agoAdd ssl_ctx_test to test suite.
Rich Salz [Sat, 2 Nov 2019 17:02:37 +0000 (13:02 -0400)]
Add ssl_ctx_test to test suite.

Also fix the test as min version > max version is allowed because
the API calls to set min and max versions are separate and there
can be legitimately a temporary situation when the condition is
true even with correctly working application.

The failure in this condition will be detected only during
a handshake attempt.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10337)

5 years agoAdd AES SIV ciphers to default provider
Shane Lontis [Fri, 8 Nov 2019 02:14:44 +0000 (12:14 +1000)]
Add AES SIV ciphers to default provider

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10120)

5 years agoRefactor PEM_read_bio_{PrivateKey,Parameters,DHparams}
Richard Levitte [Sat, 25 Feb 2017 22:38:46 +0000 (23:38 +0100)]
Refactor PEM_read_bio_{PrivateKey,Parameters,DHparams}

They now go through internal STORE routines to do their job.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2746)

5 years agoAdd "sections" to -help output
Rich Salz [Thu, 7 Nov 2019 20:08:30 +0000 (06:08 +1000)]
Add "sections" to -help output

Remove "Valid options" label, since all commands have sections (and
[almost] always the first one is "General options").
Have "list --options" ignore section headers
Reformat ts's additional help

Add output section

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9953)

5 years agoAdd a test for EVP_PKEY_keymake() and EVP_PKEY_make()
Richard Levitte [Thu, 17 Oct 2019 21:53:44 +0000 (23:53 +0200)]
Add a test for EVP_PKEY_keymake() and EVP_PKEY_make()

This test is a bit lame, but will either be completed as functionality
is added in the default provider, or the new functions may start
getting used in evp_test.c and this program will disappear.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10187)

5 years agoAdd EVP functionality to create domain params and keys by user data
Richard Levitte [Tue, 15 Oct 2019 12:50:35 +0000 (14:50 +0200)]
Add EVP functionality to create domain params and keys by user data

This is the EVP operation that corresponds to creating direct RSA, DH
and DSA keys and set their numbers, to then assign them to an EVP_PKEY,
but done entirely using an algorithm agnostic EVP interface.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10187)

5 years agoUpdate INSTALL to document the changed '--api' and 'no-deprecated'
Richard Levitte [Tue, 5 Nov 2019 16:48:33 +0000 (17:48 +0100)]
Update INSTALL to document the changed '--api' and 'no-deprecated'

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10364)

5 years agoinclude/openssl/asn1.h: Remove version dependent inclusion of <openssl/bn.h>
Richard Levitte [Tue, 5 Nov 2019 16:38:24 +0000 (17:38 +0100)]
include/openssl/asn1.h: Remove version dependent inclusion of <openssl/bn.h>

It's unclear if this dependency was because ASN1 functions that use
BIGNUM didn't exist before 1.1.0, or if it was a mistaken attempt at
deprecation.  Since there exist ASN1 functions using BIGNUM now, it
seems pointless to keep that check, and unnecessarily including
<openssl/bn.h> should be harmless either way.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10364)

5 years agoUpdate the check surround the BN_zero() implementation
Richard Levitte [Tue, 5 Nov 2019 16:37:17 +0000 (17:37 +0100)]
Update the check surround the BN_zero() implementation

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10364)

5 years agoUpdate some inclusions of <openssl/macros.h>
Richard Levitte [Tue, 5 Nov 2019 16:36:44 +0000 (17:36 +0100)]
Update some inclusions of <openssl/macros.h>

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10364)

5 years agoinclude/openssl/opensslconf.h.in: remove spurious HEADER_FILE_H definition
Richard Levitte [Tue, 5 Nov 2019 16:35:12 +0000 (17:35 +0100)]
include/openssl/opensslconf.h.in: remove spurious HEADER_FILE_H definition

This macro was never defined in existing releases, there's no reason
for us to create a macro that we immediately deprecate.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10364)

5 years agoUpdate source files for pre-3.0 deprecation
Richard Levitte [Tue, 5 Nov 2019 16:34:09 +0000 (17:34 +0100)]
Update source files for pre-3.0 deprecation

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10364)

5 years agoUpdate source files for deprecation at 3.0
Richard Levitte [Tue, 5 Nov 2019 16:28:50 +0000 (17:28 +0100)]
Update source files for deprecation at 3.0

Previous macros suggested that from 3.0, we're only allowed to
deprecate things at a major version.  However, there's no policy
stating this, but there is for removal, saying that to remove
something, it must have been deprecated for 5 years, and that removal
can only happen at a major version.

Meanwhile, the semantic versioning rule is that deprecation should
trigger a MINOR version update, which is reflected in the macro names
as of this change.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10364)

5 years agoChange the logic and behaviour surrounding '--api' and 'no-deprecated'
Richard Levitte [Tue, 5 Nov 2019 16:00:33 +0000 (17:00 +0100)]
Change the logic and behaviour surrounding '--api' and 'no-deprecated'

At some point in time, there was a 'no-deprecated' configuration
option, which had the effect of hiding all declarations of deprecated
stuff, i.e. make the public API look like they were all removed.

At some point in time, there was a '--api' configuration option, which
had the effect of having the public API look like it did in the version
given as value, on a best effort basis.  In practice, this was used to
get different implementations of BN_zero(), depending on the desired
API compatibility level.

At some later point in time, '--api' was changed to mean the same as
'no-deprecated', but only for the deprecations up to and including the
desired API compatibility level.  BN_zero() has been set to the
pre-1.0.0 implementation ever since, unless 'no-deprecation' has been
given.

This change turns these options back to their original meaning, but
with the slight twist that when combined, i.e. both '--api' and
'no-deprecated' is given, the declarations that are marked deprecated
up to an including the desired API compatibility level are hidden,
simulating that they have been removed.

If no desired API compatibility level has been given, then
configuration sets the current OpenSSL version by default.

Furthermore, the macro OPENSSL_API_LEVEL is now used exclusively to
check what API compatibility level is desired.  For checking in code
if `no-deprecated` has been configured for the desired API
compatibility level, macros for each supported level is generated,
such as OPENSSL_NO_DEPRECATED_1_1_1, corresponding to the use of
DEPRECATEDIN_ macros, such as DEPRECATEDIN_1_1_1().

Just like before, to set an API compatibility level when building an
application, define OPENSSL_API_COMPAT with an appropriate value.  If
it's desirable to hide deprecated functions up to and including that
level, additionally define OPENSSL_NO_DEPRECATED (the value is
ignored).

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10364)

5 years agoStrip much out of ssl.pod
Rich Salz [Fri, 1 Nov 2019 16:29:34 +0000 (12:29 -0400)]
Strip much out of ssl.pod

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10208)

5 years agoAdd L<ssl(7)> to all SSL pages
Rich Salz [Fri, 1 Nov 2019 16:27:29 +0000 (12:27 -0400)]
Add L<ssl(7)> to all SSL pages

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10208)

5 years agoRemove outdated info from man7/ssl
Rich Salz [Thu, 17 Oct 2019 20:06:15 +0000 (16:06 -0400)]
Remove outdated info from man7/ssl

There were two paragraphs of useful information about SSL_dup, so
copy that to the right manpage.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10208)

5 years agoTest EVP_get_[digest|cipher]byname() use the namemap
Matt Caswell [Fri, 1 Nov 2019 16:09:21 +0000 (16:09 +0000)]
Test EVP_get_[digest|cipher]byname() use the namemap

Following on from the previous commit, we test that if an algorithm has
a provider supplied alias in the namemap then EVP_get_digestbyname() and
EVP_get_cipherbyname() can still find it.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10324)

5 years agoEnsure EVP_get_digestbyname() and EVP_get_cipherbyname() know all aliases
Matt Caswell [Fri, 1 Nov 2019 14:13:49 +0000 (14:13 +0000)]
Ensure EVP_get_digestbyname() and EVP_get_cipherbyname() know all aliases

Now that we have an EVP namemap containing all aliases that providers
know about for any given algorithm, it is possible that an application
attempts to look up a digest or a cipher via EVP_get_digestbyname() or
EVP_get_cipherbyname() with an algorithm name that is unknown to the
legacy method database. Therefore we extend those functions to
additionally check the aliases in the namemap when searching for a
method in the event that our initial lookup attempt fails.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10324)

5 years agotest/recipes/02-test_ordinals.t: Take '?' and '?+' into account
Richard Levitte [Mon, 4 Nov 2019 10:41:01 +0000 (11:41 +0100)]
test/recipes/02-test_ordinals.t: Take '?' and '?+' into account

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10348)

5 years agoutil/mknum.pl: output stats on unassigned symbols
Richard Levitte [Mon, 4 Nov 2019 09:36:54 +0000 (10:36 +0100)]
util/mknum.pl: output stats on unassigned symbols

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10348)

5 years agoutil/mknum.pl: Call OpenSSL::Ordinals::renumber() for real releases
Richard Levitte [Mon, 4 Nov 2019 09:34:10 +0000 (10:34 +0100)]
util/mknum.pl: Call OpenSSL::Ordinals::renumber() for real releases

When the source isn't in development any more (the version number
doesn't the tags 'dev' or 'alpha'), we renumber the unassigned symbols
to ensure that we have fixed numbers on all.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10348)

5 years agoutil/mkdef.pl: writer_VMS(): handle symbols with no assigned number
Richard Levitte [Mon, 4 Nov 2019 09:33:10 +0000 (10:33 +0100)]
util/mkdef.pl: writer_VMS(): handle symbols with no assigned number

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10348)

5 years agoOpenSSL::Ordinals: when validating, collect statistics on unassigned syms
Richard Levitte [Mon, 4 Nov 2019 09:31:04 +0000 (10:31 +0100)]
OpenSSL::Ordinals: when validating, collect statistics on unassigned syms

If a script wants to display how many symbols have assigned numbers
and how many don't, this gives them those numbers.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10348)

5 years agoOpenSSL::Ordinals: add a renumber() function, to assign unassigned symbols
Richard Levitte [Mon, 4 Nov 2019 09:29:53 +0000 (10:29 +0100)]
OpenSSL::Ordinals: add a renumber() function, to assign unassigned symbols

This should be used when it's time to assign constant numbers to the
unassigned symbols.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10348)

5 years agoOpenSSL::Ordinals: Handle symbols with unassigned ordinal numbers
Richard Levitte [Mon, 4 Nov 2019 09:28:00 +0000 (10:28 +0100)]
OpenSSL::Ordinals: Handle symbols with unassigned ordinal numbers

We preserve the number or '?' or '?+', but assign numbers internally
on the latter, to ensure we keep the order of the input.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10348)

5 years agoutil/*.num: deassign ordinal numbers from new symbols
Richard Levitte [Mon, 4 Nov 2019 08:02:28 +0000 (09:02 +0100)]
util/*.num: deassign ordinal numbers from new symbols

Symbols that have appeared since 1.1.1 was released are considered
unassigned in the development branch.   This is marked by having a
question mark as its ordinal number.

This introduces two new markers to be used instead of ordinal numbers:

    ?   signifying it gets the previous symbol's number plus one
    ?+  signifying it gets the same number as the previous symbol

'?+' should remain rare, but is useful to create aliases when needed
(for example when two different symbols clash because they only differ
in character case, see include/openssl/symhacks.h)

The intention is that a development branch won't have set numbers for
new symbols, and that the final numbers will only get allocated when
making beta or final releases.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10348)

5 years agoMinimal adaptation of tests back to how it was before
Richard Levitte [Wed, 30 Oct 2019 16:06:48 +0000 (17:06 +0100)]
Minimal adaptation of tests back to how it was before

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10303)

5 years agoEVP: Make the SIGNATURE implementation leaner
Richard Levitte [Wed, 30 Oct 2019 15:59:34 +0000 (16:59 +0100)]
EVP: Make the SIGNATURE implementation leaner

Because the algorithm to use is decided already when creating an
EVP_PKEY_CTX regardless of how it was created, it turns out that it's
unnecessary to provide the SIGNATURE method explicitly, and rather
always have it be fetched implicitly.

This means fewer changes for applications that want to use new
signature algorithms / implementations.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10303)

5 years agoEVP: Make the KEYEXCH implementation leaner
Richard Levitte [Wed, 30 Oct 2019 17:03:07 +0000 (18:03 +0100)]
EVP: Make the KEYEXCH implementation leaner

Because the algorithm to use is decided already when creating an
EVP_PKEY_CTX regardless of how it was created, it turns out that it's
unnecessary to provide the KEYEXCH method explicitly, and rather
always have it be fetched implicitly.

This means fewer changes for applications that want to use new key
exchange algorithms / implementations.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10305)

5 years agos390x assembly pack: process x25519 and x448 non-canonical values
Patrick Steuer [Sat, 2 Nov 2019 23:32:04 +0000 (00:32 +0100)]
s390x assembly pack: process x25519 and x448 non-canonical values

...in constant time.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10339)

5 years agoAdd self-generated test vector for x448 non-canonical values
Patrick Steuer [Sat, 2 Nov 2019 23:01:20 +0000 (00:01 +0100)]
Add self-generated test vector for x448 non-canonical values

x25519 has such a test vector obtained from wycheproof but wycheproof
does not have a corresponding x448 test vector.
So add a self-generated test vector for that case.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10339)

5 years agos390x assembly pack: fix x448 handling of non-canonical values
Patrick Steuer [Sat, 2 Nov 2019 22:50:26 +0000 (23:50 +0100)]
s390x assembly pack: fix x448 handling of non-canonical values

The s390x x448 implementation does not correctly reduce non-canonical
values i.e., u-coordinates >= p = 2^448 - 2^224 - 1.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10339)

5 years agos390x assembly pack: perlasm module update
Patrick Steuer [Sun, 3 Nov 2019 21:44:28 +0000 (22:44 +0100)]
s390x assembly pack: perlasm module update

- add instructions: clfi, stck, stckf, kdsa
- clfi and clgfi belong to extended-immediate (not long-displacement)
- some cleanup

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10346)

5 years agoDon't assume the type we read was the type we expected
Matt Caswell [Wed, 30 Oct 2019 13:23:18 +0000 (13:23 +0000)]
Don't assume the type we read was the type we expected

i2v_GENERAL_NAME and GENERAL_NAME_print were assuming that the type of
of a GENERAL_NAME (OTHERNAME) that we read in was the type we expected
it to be. If its something else then this can cause unexpected
behaviour. In the added fuzz test case an OOB read was occurring.

This issue was recently added by commit 4baee2d.

Credit to OSSFuzz for finding this issue.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10300)

5 years agoDon't leak memory in the event of a failure in i2v_GENERAL_NAMES
Matt Caswell [Wed, 30 Oct 2019 13:20:33 +0000 (13:20 +0000)]
Don't leak memory in the event of a failure in i2v_GENERAL_NAMES

i2v_GENERAL_NAMES call i2v_GENERAL_NAME repeatedly as required. Each
time i2v_GENERAL_NAME gets called it allocates adds data to the passed in
stack and then returns a pointer to the stack, or NULL on failure. If
the passed in stack is itself NULL then it allocates one.

i2v_GENERAL_NAMES was not correctly handling the case where a NULL gets
returned from i2v_GENERAL_NAME. If a stack had already been allocated then
it just leaked it.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10300)

5 years agoFix no-sm2 issue
Paul Yang [Mon, 4 Nov 2019 03:49:35 +0000 (11:49 +0800)]
Fix no-sm2 issue

Some code is not covered by the macros.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10319)

5 years agoDocument added SSL functions related to X509_LOOKUP_store
Richard Levitte [Mon, 2 Sep 2019 05:59:17 +0000 (07:59 +0200)]
Document added SSL functions related to X509_LOOKUP_store

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8442)

5 years agoX509_LOOKUP_store: Add CHANGES note
Richard Levitte [Fri, 8 Mar 2019 22:43:19 +0000 (23:43 +0100)]
X509_LOOKUP_store: Add CHANGES note

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8442)

5 years agoDocument X509_LOOKUP_store
Richard Levitte [Fri, 8 Mar 2019 22:41:27 +0000 (23:41 +0100)]
Document X509_LOOKUP_store

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8442)

5 years agoAdapt two test programs that were using now deprecated functions
Richard Levitte [Fri, 8 Mar 2019 00:09:44 +0000 (01:09 +0100)]
Adapt two test programs that were using now deprecated functions

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8442)

5 years agoAdd a basic test of -CAstore
Richard Levitte [Thu, 7 Mar 2019 14:28:05 +0000 (15:28 +0100)]
Add a basic test of -CAstore

This code is mainly copied from test_ssl_old

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8442)

5 years agoOSSL_STORE: add tracing
Richard Levitte [Thu, 7 Mar 2019 14:27:15 +0000 (15:27 +0100)]
OSSL_STORE: add tracing

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8442)

5 years agoAdd -CAstore and similar to all openssl commands that have -CApath
Richard Levitte [Thu, 7 Mar 2019 14:26:34 +0000 (15:26 +0100)]
Add -CAstore and similar to all openssl commands that have -CApath

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8442)

5 years agoX509_LOOKUP_store: new X509_LOOKUP_METHOD that works by OSSL_STORE URI
Richard Levitte [Wed, 6 Mar 2019 22:34:19 +0000 (23:34 +0100)]
X509_LOOKUP_store: new X509_LOOKUP_METHOD that works by OSSL_STORE URI

This is a wrapper around OSSL_STORE.

This also adds necessary support functions:

- X509_STORE_load_file
- X509_STORE_load_path
- X509_STORE_load_store
- SSL_add_store_cert_subjects_to_stack
- SSL_CTX_set_default_verify_store
- SSL_CTX_load_verify_file
- SSL_CTX_load_verify_dir
- SSL_CTX_load_verify_store

and deprecates X509_STORE_load_locations and SSL_CTX_load_verify_locations,
as they aren't extensible.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8442)

5 years agoOSSL_STORE: constify the criterion parameter a bit more
Richard Levitte [Wed, 6 Mar 2019 22:32:07 +0000 (23:32 +0100)]
OSSL_STORE: constify the criterion parameter a bit more

For some reason, OSSL_STORE_SEARCH_get0_name() and OSSL_STORE_find()
accepted a non-const OSSL_STORE_SEARCH criterion, which isn't at all
necessary.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8442)

5 years agoChange EVP_PKEY_CTX_new_provided() to take a library context too.
Richard Levitte [Fri, 1 Nov 2019 15:56:31 +0000 (16:56 +0100)]
Change EVP_PKEY_CTX_new_provided() to take a library context too.

With provided algorithms, the library context is ever present, so of
course it should be specified alongside the algorithm name and
property query string.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10308)

5 years agoMake EVP_PKEY_CTX initialization more precise
Richard Levitte [Thu, 31 Oct 2019 10:43:31 +0000 (11:43 +0100)]
Make EVP_PKEY_CTX initialization more precise

There is a vagueness around how the provider data (algorithm name and
property query string) is initialized in the presence of an engine.
This change modifies this slightly so that the algorithm name for use
with providers is never set if the initilization was given an engine.

This makes it easier for other functions to simply check ctx->algorithm
to see if the context is meant to be used for strictly legacy stuff or
not.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10308)

5 years agoFix --strict-warnings build
Patrick Steuer [Sat, 2 Nov 2019 13:50:28 +0000 (14:50 +0100)]
Fix --strict-warnings build

The %zd format corresponds to ssize_t which is used for
function to either return a valid size or a negative value
to indicate an error. Since size_t is in [-1,SSIZE_MAX] it
is not a portable way to represent a pointer diff. For
the %td format which corresponds to ptrdiff_t is C11,
we chose to cast to long instead as it is already done
in other places.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10335)

5 years agos390x assembly pack: enable clang build
Patrick Steuer [Fri, 1 Nov 2019 22:29:04 +0000 (23:29 +0100)]
s390x assembly pack: enable clang build

clang imposes some restrictions on the assembler code that
gcc does not.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10330)

5 years agodoc/man3/OSSL_PARAM.pod: Clarify return_size with integer types
Richard Levitte [Fri, 1 Nov 2019 21:58:27 +0000 (22:58 +0100)]
doc/man3/OSSL_PARAM.pod: Clarify return_size with integer types

Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/10326)

5 years agotest/params_api_test.c: Correct the checks of OSSL_PARAM_set_BN()
Richard Levitte [Fri, 1 Nov 2019 21:18:38 +0000 (22:18 +0100)]
test/params_api_test.c: Correct the checks of OSSL_PARAM_set_BN()

Now, the returned size check matches the check made for all other
integer types.

Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/10326)

5 years agoFix OSSL_PARAM_set_BN() to fill the given buffer correctly.
Richard Levitte [Fri, 1 Nov 2019 19:44:14 +0000 (20:44 +0100)]
Fix OSSL_PARAM_set_BN() to fill the given buffer correctly.

OSSL_PARAM_set_BN() filled the buffer from the left with as many bytes
as that the BIGNUM takes, regardless of buffer size or native
endianness.  This was due to BN_bn2nativepad() being given the size of
the BIGNUM rather than the size of the buffer (which meant it never
had to pad anything).

The fix is to given BN_bn2nativepad() the size of the buffer instead.
This aligns well with the corresponding _set_ functions for native
integer types work.

Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/10326)

5 years agotest/build.info: add missing inclusion for ssl_ctx_test
Richard Levitte [Sat, 2 Nov 2019 10:18:31 +0000 (11:18 +0100)]
test/build.info: add missing inclusion for ssl_ctx_test

Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/10334)

5 years agoVMS: Added new method to gather entropy on VMS, based on SYS$GET_ENTROPY.
Richard Levitte [Tue, 14 May 2019 00:15:14 +0000 (17:15 -0700)]
VMS: Added new method to gather entropy on VMS, based on SYS$GET_ENTROPY.

This system services is based on FreeBSD 12's getentropy(), and is
therefore treated the same way as getentropy() with regards to amount
of entropy bits per data bit.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8926)

5 years agoAdd test cases for min/max protocol API
Christian Heimes [Sun, 21 Jan 2018 12:19:05 +0000 (13:19 +0100)]
Add test cases for min/max protocol API

Signed-off-by: Christian Heimes <christian@python.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6553)

5 years agoConfigure: Make --strict-warnings meaningful with MSVC cl
Richard Levitte [Tue, 29 Oct 2019 12:37:54 +0000 (13:37 +0100)]
Configure: Make --strict-warnings meaningful with MSVC cl

We also add this to our x86_64 builds on appveyor

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10287)

5 years agoBIO_s_connect: add an error state and use it
Richard Levitte [Tue, 13 Nov 2018 14:17:21 +0000 (15:17 +0100)]
BIO_s_connect: add an error state and use it

If no connection could be made, addr_iter will eventually end up being
NULL, and if the user didn't check the returned error value, the
BIO_CONN_S_CONNECT code will be performed again and will crash.

So instead, we add a state BIO_CONN_S_CONNECT_ERROR that we enter into
when we run out of addresses to try.  That state will just simply say
"error" back, until the user does something better with the BIO, such
as free it or reset it.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7630)

5 years agoDRBG: add check for XOF so these can be disallowed by the DRBGs
Pauli [Fri, 1 Nov 2019 11:07:08 +0000 (21:07 +1000)]
DRBG: add check for XOF so these can be disallowed by the DRBGs

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10321)

5 years agoDRBG: weaken the restriction on allowed digests.
Pauli [Fri, 1 Nov 2019 02:47:06 +0000 (12:47 +1000)]
DRBG: weaken the restriction on allowed digests.

The artificial restriction of digests for the HMAC and HASH DRBGs is lifted.
Any fetchable digest is acceptable except XOF ones (such as SHAKE).

In FIPS mode, the fetch remains internal to the provider so only a FIPS
validated digest will be located.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10321)