oweals/openssl.git
5 years agoSupport _onexit() in preference to atexit() on Windows
Matt Caswell [Fri, 16 Nov 2018 17:26:23 +0000 (17:26 +0000)]
Support _onexit() in preference to atexit() on Windows

This enables cleanup to happen on DLL unload instead of at process exit.

[extended tests]

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)

5 years agoIntroduce a no-pinshared option
Matt Caswell [Fri, 16 Nov 2018 14:05:14 +0000 (14:05 +0000)]
Introduce a no-pinshared option

This option prevents OpenSSL from pinning itself in memory.

Fixes #7598

[extended tests]

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)

5 years agoTest atexit handlers
Matt Caswell [Thu, 15 Nov 2018 17:41:06 +0000 (17:41 +0000)]
Test atexit handlers

Test that atexit handlers get called properly at process exit, unless we
have explicitly asked for them not to be.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)

5 years agoDon't link shlibloadtest against libcrypto
Matt Caswell [Thu, 15 Nov 2018 16:59:41 +0000 (16:59 +0000)]
Don't link shlibloadtest against libcrypto

The whole point of shlibloadtest is to test dynamically loading and
unloading the library. If we link shlibloadtest against libcrypto then that
might mask potential issues.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)

5 years agoImplement OPENSSL_INIT_NO_ATEXIT
Matt Caswell [Thu, 15 Nov 2018 16:27:34 +0000 (16:27 +0000)]
Implement OPENSSL_INIT_NO_ATEXIT

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)

5 years agoFix a RUN_ONCE bug
Matt Caswell [Tue, 20 Nov 2018 15:32:55 +0000 (15:32 +0000)]
Fix a RUN_ONCE bug

We have a number of instances where there are multiple "init" functions for
a single CRYPTO_ONCE variable, e.g. to load config automatically or to not
load config automatically. Unfortunately the RUN_ONCE mechanism was not
correctly giving the right return value where an alternative init function
was being used.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)

5 years agoFix shlibloadtest to properly execute the dso_ref test
Matt Caswell [Thu, 15 Nov 2018 14:50:52 +0000 (14:50 +0000)]
Fix shlibloadtest to properly execute the dso_ref test

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7647)

5 years agoEliminate unused buffers from ssl3_change_cipher_state
Dmitry Belyavskiy [Wed, 2 Jan 2019 12:47:07 +0000 (15:47 +0300)]
Eliminate unused buffers from ssl3_change_cipher_state

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7971)

5 years agoRemove unused variables from tls1_change_cipher_state
Dmitry Belyavskiy [Wed, 2 Jan 2019 10:28:07 +0000 (13:28 +0300)]
Remove unused variables from tls1_change_cipher_state

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7971)

5 years agomake update
Matt Caswell [Wed, 2 Jan 2019 16:43:21 +0000 (16:43 +0000)]
make update

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
(Merged from https://github.com/openssl/openssl/pull/7972)

5 years agoFix cert with rsa instead of rsaEncryption as public key algorithm
Bernd Edlinger [Thu, 27 Dec 2018 21:18:21 +0000 (22:18 +0100)]
Fix cert with rsa instead of rsaEncryption as public key algorithm

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/7962)

5 years agoFix a minor nit in the hkdflabel size
Bernd Edlinger [Sun, 16 Dec 2018 11:43:59 +0000 (12:43 +0100)]
Fix a minor nit in the hkdflabel size

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7913)

5 years agoFixed minor typo in the req.pod docs
Behrang [Thu, 20 Dec 2018 12:56:03 +0000 (23:56 +1100)]
Fixed minor typo in the req.pod docs

CLA: Trivial

Fixes #7928.

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7973)

5 years agofixed grammar typo
Michael Richardson [Thu, 27 Dec 2018 18:25:07 +0000 (13:25 -0500)]
fixed grammar typo

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7959)

5 years agoMinor doc fixes for EVP_MAC.
David Makepeace [Wed, 28 Nov 2018 04:03:15 +0000 (14:03 +1000)]
Minor doc fixes for EVP_MAC.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7716)

5 years agoEVP_PKEY_size declared to take a const parameter
Shreya Bhandare [Thu, 13 Dec 2018 17:29:10 +0000 (22:59 +0530)]
EVP_PKEY_size declared to take a const parameter

CLA: trivial
Function EVP_PKEY_size has been modified to take a const parameter

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7892)

5 years agoDo not complain when /dev/crypto does not exist.
Jung-uk Kim [Thu, 13 Dec 2018 23:18:16 +0000 (18:18 -0500)]
Do not complain when /dev/crypto does not exist.

FreeBSD does not enable cryptodev(4) by default.  OpenBSD disabled support
for /dev/crypto by default from 4.9 and removed it from 5.7.  Now the engine
is properly enabled by default on BSD platforms (see #7885), it continuously
complains:

Could not open /dev/crypto: No such file or directory

Hide the nagging error message behind ENGINE_DEVCRYPTO_DEBUG.

CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7896)

5 years agoCoverity fix in some crypto/asn1 code
FdaSilvaYY [Sun, 30 Sep 2018 20:39:38 +0000 (22:39 +0200)]
Coverity fix in some crypto/asn1 code

Call to i2d method returns an int value.

Fix:
CID 1338183 (#1 of 1): Improper use of negative value (NEGATIVE_RETURNS)
CID 1371691 (#1 of 1): Improper use of negative value (NEGATIVE_RETURNS)
CID 1371692 (#1 of 1): Improper use of negative value (NEGATIVE_RETURNS)

[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7359)

5 years agoCoverity fix in apps/oscp
FdaSilvaYY [Sun, 7 Oct 2018 19:47:31 +0000 (21:47 +0200)]
Coverity fix in apps/oscp

CID 1440002 (#1 of 1): Use after free (USE_AFTER_FREE)
Not a deadly error, because error was just before app exit.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7359)

5 years agoutil/process_docs.pl: handle multiple source directories correctly
Richard Levitte [Sat, 15 Dec 2018 23:47:18 +0000 (00:47 +0100)]
util/process_docs.pl: handle multiple source directories correctly

The way this script handled multiple source directories wasn't quite
right, it ended up giving pod2html 'ARRAY(0xXXXXXXXXX)' as a source
directory.

This corrects the mistake.

Fixes #7742
Fixes #7939

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7911)

5 years agoAdmit unknown pkey types at security level 0
Ken Goldman [Fri, 14 Dec 2018 20:04:04 +0000 (15:04 -0500)]
Admit unknown pkey types at security level 0

The check_key_level() function currently fails when the public key
cannot be extracted from the certificate because its algorithm is not
supported.  However, the public key is not needed for the last
certificate in the chain.

This change moves the check for level 0 before the check for a
non-NULL public key.

For background, this is the TPM 1.2 endorsement key certificate.
I.e., this is a real application with millions of certificates issued.
The key is an RSA-2048 key.

The TCG (for a while) specified

     Public Key Algorithm: rsaesOaep

rather than the commonly used

     Public Key Algorithm: rsaEncryption

because the key is an encryption key rather than a signing key.
The X509 certificate parser fails to get the public key.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7906)

5 years agoFix function names in ct(7) documentation
Christian Heimes [Mon, 17 Dec 2018 21:56:17 +0000 (22:56 +0100)]
Fix function names in ct(7) documentation

The correct function name is SSL_CTX_enable_ct, not SSL_CTX_ct_enable.

Signed-off-by: Christian Heimes <christian@python.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7916)

5 years agoSome code-cleanup/simplification in apps
Rich Salz [Tue, 11 Dec 2018 17:31:55 +0000 (12:31 -0500)]
Some code-cleanup/simplification in apps

Remove some casts on password callback by adding a wrapper function.
Remove level of indent by doing an early-return on failure.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7873)

5 years agoX509_check_issued: check that signature algo matches signing key algo
Richard Levitte [Tue, 18 Dec 2018 08:14:51 +0000 (09:14 +0100)]
X509_check_issued: check that signature algo matches signing key algo

This implements 3.5.18 "Consistent Public Key and Signature Algorithms"
from RFC 4158 "Internet X.509 Public Key Infrastructure: Certification
Path Building"

Ref: https://tools.ietf.org/html/rfc4158#section-3.5.18

Fixes #7899

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7919)

5 years agoFix s_client hang on non-compliant NNTP server test
Quantomicus [Mon, 17 Dec 2018 16:26:29 +0000 (17:26 +0100)]
Fix s_client hang on non-compliant NNTP server test

Fixes #7722

CLA: trivial

Signed-off-by: Mateja Milosevic <quantumgleam@gmail.com>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7915)

5 years agoman: harmonize the various formulations in the HISTORY sections
Dr. Matthias St. Pierre [Sun, 9 Dec 2018 00:02:36 +0000 (01:02 +0100)]
man: harmonize the various formulations in the HISTORY sections

While stereotyped repetitions are frowned upon in literature, they
serve a useful purpose in manual pages, because it is easier for
the user to find certain information if it is always presented in
the same way. For that reason, this commit harmonizes the varying
formulations in the HISTORY section about which functions, flags,
etc. were added in which OpenSSL version.

It also attempts to make the pod files more grep friendly by
avoiding to insert line breaks between the symbol names and the
corresponding version number in which they were introduced
(wherever possible). Some punctuation and typographical errors
were fixed on the way.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7854)

5 years agoConvert tls1_prf_P_hash to use the EVP_MAC interface
Kurt Roeckx [Fri, 2 Nov 2018 14:51:19 +0000 (15:51 +0100)]
Convert tls1_prf_P_hash to use the EVP_MAC interface

Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #7554

5 years agoDeprecate TLS_MAX_VERSION, DTLS_MAX_VERSION and DTLS_MIN_VERSION
Kurt Roeckx [Tue, 18 Sep 2018 20:17:14 +0000 (22:17 +0200)]
Deprecate TLS_MAX_VERSION, DTLS_MAX_VERSION and DTLS_MIN_VERSION

Fixes: #7183

Reviewed-by: Matt Caswell <matt@openssl.org>
GH: #7260

5 years agoUse (D)TLS_MAX_VERSION_INTERNAL internally
Kurt Roeckx [Sun, 9 Dec 2018 19:53:05 +0000 (20:53 +0100)]
Use (D)TLS_MAX_VERSION_INTERNAL internally

Use 0 if we don't want to set a minimum or maximum version

Reviewed-by: Matt Caswell <matt@openssl.org>
GH: #7260

5 years agoERR: preserve system error number in a few more places
Richard Levitte [Fri, 14 Dec 2018 18:33:55 +0000 (19:33 +0100)]
ERR: preserve system error number in a few more places

It turns out that intialization may change the error number, so we
need to preserve the system error number in functions where
initialization is called for.
These are ERR_get_state() and err_shelve_state()

Fixes #7897

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7902)

5 years agoFixes #7879: AES-SIV to use EVP_MAC APIs
Todd Short [Thu, 13 Dec 2018 16:09:15 +0000 (11:09 -0500)]
Fixes #7879: AES-SIV to use EVP_MAC APIs

Convert CMAC APIs to EVP_MAC APIs

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7891)

5 years agoAdd missing OPENSSL_clear_free before using ec->key
Mansour Ahmadi [Tue, 11 Dec 2018 21:18:21 +0000 (16:18 -0500)]
Add missing OPENSSL_clear_free before using ec->key

Fixes #7657

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7877)

5 years agoadd missing check for BN_mod_inverse
Mansour Ahmadi [Tue, 11 Dec 2018 20:48:08 +0000 (15:48 -0500)]
add missing check for BN_mod_inverse

Fixes #7650

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7876)

5 years agofix inconsistent flen check in rsa_pk1 and rsa_oaep
Mansour Ahmadi [Tue, 11 Dec 2018 22:26:50 +0000 (17:26 -0500)]
fix inconsistent flen check in rsa_pk1 and rsa_oaep

Fixes #7117

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7880)

5 years agoIgnore duplicated undocumented things
Rich Salz [Wed, 17 Oct 2018 14:25:00 +0000 (10:25 -0400)]
Ignore duplicated undocumented things

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
(Merged from https://github.com/openssl/openssl/pull/7423)

5 years agoVMS build: better treatment of .S -> .obj compilation
Richard Levitte [Wed, 12 Dec 2018 20:22:29 +0000 (21:22 +0100)]
VMS build: better treatment of .S -> .obj compilation

It turned out that .S files aren't to be treated as lightly as I
thought.  They need to go through a preprocessing step, which .s files
don't need to.

Corrects #7703

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7889)

5 years agodoc/man3: remove copy&paste leftover
Dr. Matthias St. Pierre [Wed, 12 Dec 2018 06:38:07 +0000 (07:38 +0100)]
doc/man3: remove copy&paste leftover

Fixes #7883

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7884)

5 years agoUse the correct function name
Jakub Jelen [Wed, 12 Dec 2018 10:22:00 +0000 (11:22 +0100)]
Use the correct function name

CLA: trivial

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7887)

5 years agoFix error in processing $target{enable}
Richard Levitte [Wed, 12 Dec 2018 08:27:48 +0000 (09:27 +0100)]
Fix error in processing $target{enable}

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7885)

5 years agoFixed typo (vi leftover).
Tobias Stoeckmann [Tue, 11 Dec 2018 19:34:21 +0000 (20:34 +0100)]
Fixed typo (vi leftover).

There was a trailing :w at a line, which didn't make sense in context
of the sentence/styling. Removed it, because I think it's a leftover
vi command.

CLA: trivial
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7875)

5 years agoAdd RFC5297 AES-SIV support
Todd Short [Fri, 19 May 2017 14:27:28 +0000 (10:27 -0400)]
Add RFC5297 AES-SIV support

Based originally on github.com/dfoxfranke/libaes_siv

This creates an SIV128 mode that uses EVP interfaces for the CBC, CTR
and CMAC code to reduce complexity at the cost of perfomance. The
expected use is for short inputs, not TLS-sized records.

Add multiple AAD input capacity in the EVP tests.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3540)

5 years agoAdd an Ed448 malleability test
Matt Caswell [Mon, 3 Dec 2018 16:36:50 +0000 (16:36 +0000)]
Add an Ed448 malleability test

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/7748)

5 years agoDisallow Ed448 signature malleability
Matt Caswell [Mon, 3 Dec 2018 17:01:07 +0000 (17:01 +0000)]
Disallow Ed448 signature malleability

Check that s is less than the order before attempting to verify the
signature as per RFC8032 5.2.7

Fixes #7706

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/7748)

5 years agotypo ANS1 -> ASN1
nxtstep [Mon, 10 Dec 2018 09:39:24 +0000 (10:39 +0100)]
typo ANS1 -> ASN1

CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7857)

5 years agoutil/mkdef.pl: Remove a ';' that snuck in
Richard Levitte [Tue, 11 Dec 2018 09:31:40 +0000 (10:31 +0100)]
util/mkdef.pl: Remove a ';' that snuck in

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7868)

5 years agoConfiguration: $config{shlib_version_number} -> $config{shlib_version}
Richard Levitte [Mon, 10 Dec 2018 18:48:37 +0000 (19:48 +0100)]
Configuration: $config{shlib_version_number} -> $config{shlib_version}

This was forgotten in a few places

Fixes #7862

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7865)

5 years agoapps/tsget.in: use the full version in the user agent string
Richard Levitte [Mon, 10 Dec 2018 19:09:17 +0000 (20:09 +0100)]
apps/tsget.in: use the full version in the user agent string

Fixes #7861

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7866)

5 years agoVMS: fix library compatibility settings in util/mkdef.pl
Richard Levitte [Mon, 10 Dec 2018 10:37:19 +0000 (11:37 +0100)]
VMS: fix library compatibility settings in util/mkdef.pl

The regexp to parse the incoming version number was flawed, and since
we allow ourselves to add missing APIs in PATCH releases, the
compatibility settings still need to include the PATCH part of the
version number.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7858)

5 years agoeng_devcrypto: add command to dump driver info
Eneas U de Queiroz [Wed, 7 Nov 2018 00:54:07 +0000 (22:54 -0200)]
eng_devcrypto: add command to dump driver info

This is useful to determine the kernel driver running each algorithm.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7585)

5 years agoeng_devcrypto: add configuration options
Eneas U de Queiroz [Sat, 3 Nov 2018 18:41:10 +0000 (15:41 -0300)]
eng_devcrypto: add configuration options

USE_SOFTDRIVERS: whether to use software (not accelerated) drivers
CIPHERS: list of ciphers to enable
DIGESTS: list of digests to enable

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7585)

5 years agoeng_devcrypto: save ioctl if EVP_MD_..FLAG_ONESHOT
Eneas U de Queiroz [Mon, 5 Nov 2018 17:54:17 +0000 (15:54 -0200)]
eng_devcrypto: save ioctl if EVP_MD_..FLAG_ONESHOT

Since each ioctl causes a context switch, slowing things down, if
EVP_MD_CTX_FLAG_ONESHOT is set, then:
 - call the ioctl in digest_update, saving the result; and
 - just copy the result in digest_final, instead of using another ioctl.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7585)

5 years agoeng_devcrypto: make sure digest can do copy
Eneas U de Queiroz [Sat, 8 Dec 2018 20:01:04 +0000 (18:01 -0200)]
eng_devcrypto: make sure digest can do copy

Digest must be able to do partial-state copy to be used.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7585)

5 years agoeng_devcrypto: fix ctr mode
Eneas U de Queiroz [Wed, 28 Nov 2018 13:26:27 +0000 (11:26 -0200)]
eng_devcrypto: fix ctr mode

Make CTR mode behave like a stream cipher.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7585)

5 years agoeng_devcrypto: add cipher CTX copy function
Eneas U de Queiroz [Tue, 13 Nov 2018 11:23:22 +0000 (09:23 -0200)]
eng_devcrypto: add cipher CTX copy function

The engine needs a custom cipher context copy function to open a new
/dev/crypto session.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7585)

5 years agoeng_devcrypto: close session on cleanup, not final
Eneas U de Queiroz [Mon, 5 Nov 2018 17:59:44 +0000 (15:59 -0200)]
eng_devcrypto: close session on cleanup, not final

Close the session in digest_cleanup instead of digest_final.  A failure
in closing the session does not mean a previous successful digest final
has failed as well.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7585)

5 years agoeng_devcrypto: fix copy of unitilialized digest
Eneas U de Queiroz [Wed, 14 Nov 2018 15:58:06 +0000 (13:58 -0200)]
eng_devcrypto: fix copy of unitilialized digest

If the source ctx has not been initialized, don't initialize the copy
either.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7585)

5 years agoeng_devcrypto: expand digest failure cases
Eneas U de Queiroz [Wed, 14 Nov 2018 13:22:14 +0000 (11:22 -0200)]
eng_devcrypto: expand digest failure cases

Return failure when the digest_ctx is null in digest_update and
digest_final, and when md is null in digest_final.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7585)

5 years agoeng_devcrypto: don't leak methods tables
Eneas U de Queiroz [Mon, 5 Nov 2018 19:59:42 +0000 (17:59 -0200)]
eng_devcrypto: don't leak methods tables

Call functions to prepare methods after confirming that /dev/crytpo was
sucessfully open and that the destroy function has been set.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7585)

5 years agoINSTALL: add note about devcrypto engine
Eneas U de Queiroz [Thu, 8 Nov 2018 13:16:20 +0000 (11:16 -0200)]
INSTALL: add note about devcrypto engine

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7585)

5 years agoDocument the num_tickets s_server option
Matt Caswell [Tue, 4 Dec 2018 12:31:17 +0000 (12:31 +0000)]
Document the num_tickets s_server option

Fixes #7727

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7756)

5 years agoPreserve errno on dlopen
Matt Caswell [Wed, 21 Nov 2018 11:57:04 +0000 (11:57 +0000)]
Preserve errno on dlopen

For the same reasons as in the previous commit we must preserve errno
across dlopen calls. Some implementations (e.g. solaris) do not preserve
errno even on a successful dlopen call.

Fixes #6953

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7680)

5 years agoMake sure build_SYS_str_reasons() preserves errno
Matt Caswell [Wed, 21 Nov 2018 11:44:42 +0000 (11:44 +0000)]
Make sure build_SYS_str_reasons() preserves errno

This function can end up being called during ERR_get_error() if we are
initialising. ERR_get_error() must preserve errno since it gets called via
SSL_get_error(). If that function returns SSL_ERROR_SYSCALL then you are
supposed to inspect errno.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7680)

5 years agomake update
Richard Levitte [Sun, 9 Dec 2018 13:20:30 +0000 (14:20 +0100)]
make update

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7852)

5 years agoPrevent calling decryption in an encryption context and vice versa
Richard Levitte [Sun, 9 Dec 2018 13:18:50 +0000 (14:18 +0100)]
Prevent calling decryption in an encryption context and vice versa

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7852)

5 years agoCleaner disposal of ephemeral engine ids and names
Viktor Dukhovni [Sun, 9 Dec 2018 23:37:56 +0000 (18:37 -0500)]
Cleaner disposal of ephemeral engine ids and names

Engine names and ids are typically static strings.  If an application
actually dynamically allocated these, the application owns the
storage, and should dispose of it via the original handle, rather
than the "const char *" returned by the engine.

In any case, this resolves the test code issue without resort to
"unconst" macros/casts.

Reviewed-by: Richard Levitte <levitte@openssl.org>
5 years agoEliminate NOP cast
Viktor Dukhovni [Sun, 9 Dec 2018 23:37:26 +0000 (18:37 -0500)]
Eliminate NOP cast

Reviewed-by: Richard Levitte <levitte@openssl.org>
5 years agochange into hex string constants to avoid overflow warnings
Christos Zoulas [Mon, 1 Oct 2018 23:09:16 +0000 (19:09 -0400)]
change into hex string constants to avoid overflow warnings

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
5 years agoAdd a format attribute to the format functions and fix the broken format
Christos Zoulas [Sun, 30 Sep 2018 21:16:07 +0000 (17:16 -0400)]
Add a format attribute to the format functions and fix the broken format
strings.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
5 years agoFix const issues
Christos Zoulas [Sun, 30 Sep 2018 20:59:46 +0000 (16:59 -0400)]
Fix const issues

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
5 years agoAvoid const castaway warning
Christos Zoulas [Sun, 30 Sep 2018 20:57:56 +0000 (16:57 -0400)]
Avoid const castaway warning

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
5 years agoUse a const variable
Christos Zoulas [Sun, 30 Sep 2018 20:57:14 +0000 (16:57 -0400)]
Use a const variable

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
5 years agoUse the proper fonst cast
Christos Zoulas [Sun, 30 Sep 2018 20:56:49 +0000 (16:56 -0400)]
Use the proper fonst cast

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
5 years agodon't pass const string where a modifyable string is expected
Christos Zoulas [Sun, 30 Sep 2018 20:56:14 +0000 (16:56 -0400)]
don't pass const string where a modifyable string is expected

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
5 years agoadd missing "void" in prototype.
Christos Zoulas [Sun, 30 Sep 2018 20:55:05 +0000 (16:55 -0400)]
add missing "void" in prototype.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
5 years agoadd missing const in cast
Christos Zoulas [Sun, 30 Sep 2018 20:54:25 +0000 (16:54 -0400)]
add missing const in cast

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
5 years agoadd missing const
Christos Zoulas [Sun, 30 Sep 2018 20:53:22 +0000 (16:53 -0400)]
add missing const

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
5 years agouse the proper types to eliminate casts
Christos Zoulas [Sun, 30 Sep 2018 20:52:44 +0000 (16:52 -0400)]
use the proper types to eliminate casts

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
5 years agoerr/err.c: improve err_clear_last_constant_time's portability.
Andy Polyakov [Fri, 7 Dec 2018 21:19:57 +0000 (22:19 +0100)]
err/err.c: improve err_clear_last_constant_time's portability.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7850)

5 years agoUpdate kmac.c
terry zhao [Fri, 7 Dec 2018 03:13:49 +0000 (11:13 +0800)]
Update kmac.c

fix nmake compiler error

```
crypto\kmac\kmac.c : warning treated as error - no object file generated
crypto\kmac\kmac.c : warning C4819: The file contains a character that cannot be represented in the current code page (936). Save the file in Unicode format to prevent data loss
```

CLA: trivial

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7846)

5 years agoConfigure: fix the version string in the configure output
Dr. Matthias St. Pierre [Thu, 6 Dec 2018 23:32:43 +0000 (00:32 +0100)]
Configure: fix the version string in the configure output

Since `$config{version}` and `$config{version_num}` were removed
in commit 3a63dbef15b6, the configure output displays an empty
version number string in parentheses instead of the version number.

This pull request fixes that by adding new config variables
`version` and `full_version`, analogous to `OPENSSL_VERSION_STR`
and `OPENSSL_FULL_VERSION_STR`.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7841)

5 years agoRemove all NOEXIST symbols from ordinals files
Richard Levitte [Fri, 7 Dec 2018 11:17:33 +0000 (12:17 +0100)]
Remove all NOEXIST symbols from ordinals files

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7740)

5 years agomake update
Richard Levitte [Fri, 7 Dec 2018 11:16:21 +0000 (12:16 +0100)]
make update

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7740)

5 years agoutil/perl/OpenSSL/Ordinals.pm: introduce a base version
Richard Levitte [Sun, 2 Dec 2018 12:53:47 +0000 (13:53 +0100)]
util/perl/OpenSSL/Ordinals.pm: introduce a base version

The idea is that a base version is the minimum version that must be
assigned to all symbols.  The practical result is that, for any new
major release, the version number for all symbols will automatically
be bumped to the new release's version number, if necessary.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7740)

5 years agoutil/perl/OpenSSL/Ordinals.pm: use OpenSSL::Util::cmp_versions
Richard Levitte [Sun, 2 Dec 2018 12:50:56 +0000 (13:50 +0100)]
util/perl/OpenSSL/Ordinals.pm: use OpenSSL::Util::cmp_versions

OpenSSL::Util::cmp_versions() is introduced to be used everywhere
where versions are compared.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7740)

5 years agoutil/perl/OpenSSL/Ordinals.pm: shift to dotted versions internally
Richard Levitte [Sun, 2 Dec 2018 12:46:35 +0000 (13:46 +0100)]
util/perl/OpenSSL/Ordinals.pm: shift to dotted versions internally

Any version from an ordinals file will have '_' changed to '.' on
input, and changed back on output.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7740)

5 years agoapps: print Kernel TLS in s_client and s_server
Boris Pismenny [Wed, 14 Nov 2018 21:53:57 +0000 (23:53 +0200)]
apps: print Kernel TLS in s_client and s_server

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agoCHANGES: Add Linux Kernel TLS data-path
Boris Pismenny [Wed, 14 Nov 2018 19:13:05 +0000 (21:13 +0200)]
CHANGES: Add Linux Kernel TLS data-path

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agosslapitest: add test ktls
Boris Pismenny [Tue, 13 Feb 2018 18:22:09 +0000 (20:22 +0200)]
sslapitest: add test ktls

Add a unit-test for ktls.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agossl: Linux TLS Tx Offload
Boris Pismenny [Thu, 1 Jun 2017 06:25:47 +0000 (09:25 +0300)]
ssl: Linux TLS Tx Offload

This patch adds support for the Linux TLS Tx socket option.
If the socket option is successful, then the data-path of the TCP socket
is implemented by the kernel.
We choose to set this option at the earliest - just after CCS is complete.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agoevp/e_aes: Expose IV
Boris Pismenny [Thu, 1 Jun 2017 05:54:55 +0000 (08:54 +0300)]
evp/e_aes: Expose IV

This commit exposes the cipher's IV to applications.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agobio: Linux TLS Offload
Boris Pismenny [Thu, 1 Jun 2017 05:46:33 +0000 (08:46 +0300)]
bio: Linux TLS Offload

Add support for Linux TLS offload in the BIO layer
and specifically in bss_sock.c.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agoConfigure Kernel TLS datapath
Boris Pismenny [Thu, 1 Feb 2018 12:10:22 +0000 (14:10 +0200)]
Configure Kernel TLS datapath

Allow users to disable ktls using the "no-ktls" option.
Also, disable ktls when cross-compiling, non-linux, or too-old-kernel.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agoLinux ktls infrastructure
Boris Pismenny [Wed, 31 Jan 2018 14:43:35 +0000 (16:43 +0200)]
Linux ktls infrastructure

Introduce a compatability layer that exposes the required structures
and constants for supporting ktls.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agoMake EVP_PKEY_asn1_add0() stricter about its input
Richard Levitte [Fri, 7 Dec 2018 08:26:04 +0000 (09:26 +0100)]
Make EVP_PKEY_asn1_add0() stricter about its input

It turns out that the strictness that was implemented in
EVP_PKEY_asn1_new() (see Github openssl/openssl#6880) was badly placed
for some usages, and that it's better to do this check only when the
method is getting registered.

Fixes #7758

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7847)

5 years agoOnly include opensslconf.h once
Matt Caswell [Thu, 6 Dec 2018 15:44:45 +0000 (15:44 +0000)]
Only include opensslconf.h once

Fixes a pyca cryptography test failure.

[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7839)

5 years agoRemove the cast from the definition of OPENSSL_VERSION_NUMBER
Matt Caswell [Thu, 6 Dec 2018 14:42:17 +0000 (14:42 +0000)]
Remove the cast from the definition of OPENSSL_VERSION_NUMBER

If a cast is included in the definition it cannot be used in preprocessor
expressions, e.g. "#if OPENSSL_VERSION_NUMBER > 0x10000000L"

[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7839)

5 years agoDoc: fix reference to deprecated methods.
FdaSilvaYY [Wed, 17 Oct 2018 20:30:32 +0000 (22:30 +0200)]
Doc: fix reference to deprecated methods.

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7705)

5 years agocurve25519.c: improve formula alignment
Dr. Matthias St. Pierre [Tue, 4 Dec 2018 22:59:24 +0000 (23:59 +0100)]
curve25519.c: improve formula alignment

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7750)

5 years agocurve25519.c: reformat code to follow coding guidelines
Dr. Matthias St. Pierre [Mon, 3 Dec 2018 21:01:18 +0000 (22:01 +0100)]
curve25519.c: reformat code to follow coding guidelines

Fixes #7698

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7750)

5 years agoRemaining boilerplate change in doc/man3/OpenSSL_version.pod
Richard Levitte [Thu, 6 Dec 2018 14:44:29 +0000 (15:44 +0100)]
Remaining boilerplate change in doc/man3/OpenSSL_version.pod

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7838)