Richard Levitte [Wed, 24 Jun 2020 09:55:16 +0000 (11:55 +0200)]
INSTALL.md: Restore $ as command prompt indicator
We have a notational convention in INSTALL.md, which says this among
others:
> Any line starting with a dollar sign is a command line.
>
> $ command
>
> The dollar sign indicates the shell prompt and is not to be entered as
> part of the command.
That notation exists to make it clear what is a command line and
what's output from that command line.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12257)
Attila Szakacs [Thu, 25 Jun 2020 11:40:33 +0000 (13:40 +0200)]
Configuration: do not overwrite BASE_unix ex_libs in AIX
BASE_unix sets ex_libs to `-lz` based the on zlib linking.
AIX platforms overwrote this instead of adding to it.
CLA: Trivial
Signed-off-by: Attila Szakacs <attila.szakacs@oneidentity.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12271)
Kurt Roeckx [Thu, 2 Jan 2020 22:25:27 +0000 (23:25 +0100)]
Reduce the security bits for MD5 and SHA1 based signatures in TLS
This has as effect that SHA1 and MD5+SHA1 are no longer supported at
security level 1, and that TLS < 1.2 is no longer supported at the
default security level of 1, and that you need to set the security
level to 0 to use TLS < 1.2.
Reviewed-by: Tim Hudson <tjh@openssl.org>
GH: #10787
Kurt Roeckx [Sun, 23 Feb 2020 10:06:32 +0000 (11:06 +0100)]
Fix syntax of cipher string
Reviewed-by: Tim Hudson <tjh@openssl.org>
GH: #10787
Richard Levitte [Tue, 9 Jun 2020 10:29:27 +0000 (12:29 +0200)]
TEST: Add TODO segments in test/recipes/15-test_genec.t
There currently do not support 'ec_param_enc:explicit' with provider
side key generation. Reflect that by encoding the expected failure
with a Test::More TODO section for those particular tests.
Because the tests in this recipe are data driven, we implement this
mechanism with two functions, one for stuff that's supported and one
for stuff that isn't.
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12080)
Nicola Tuveri [Sun, 7 Jun 2020 15:00:33 +0000 (18:00 +0300)]
Test genpkey app for EC keygen with various args
This commit adds a new recipe to test EC key generation with the
`genpkey` CLI app.
For each built-in curve, it tests key generation with text output, in
PEM and in DER format, using `explicit` and `named_curve` for parameters
encoding.
The list of built-in curves is static at the moment, as this allows to
differentiate between prime curves and binary curves to avoid failing
when ec2m is disabled.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12080)
pedro martelletto [Wed, 24 Jun 2020 15:48:00 +0000 (17:48 +0200)]
doc/man3: fix types taken by HMAC(), HMAC_Update()
HMAC() and HMAC_Update() take size_t for 'n' and 'len' respectively.
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12264)
Matt Caswell [Thu, 25 Jun 2020 14:00:39 +0000 (15:00 +0100)]
Prepare for 3.0 alpha 5
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Matt Caswell [Thu, 25 Jun 2020 13:58:16 +0000 (14:58 +0100)]
Prepare for release of 3.0 alpha 4
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Matt Caswell [Thu, 25 Jun 2020 13:13:12 +0000 (14:13 +0100)]
Update copyright year
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12273)
Dr. David von Oheimb [Mon, 22 Jun 2020 15:18:20 +0000 (17:18 +0200)]
apps/cmp.c: Add workaround for Coverity false positive; rename e -> engine
CID
1463570: (USE_AFTER_FREE)
CID
1463570: (USE_AFTER_FREE)
Passing freed pointer "e" as an argument to "release_engine".
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12231)
Dr. David von Oheimb [Mon, 22 Jun 2020 14:33:13 +0000 (16:33 +0200)]
apps/cmp.c: Fix memory leaks in handle_opt_geninfo() found by Coverity
CID
1463578: Resource leaks (RESOURCE_LEAK)
CID
1463575: Resource leaks (RESOURCE_LEAK)
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12231)
Dr. Matthias St. Pierre [Sun, 21 Jun 2020 10:37:58 +0000 (12:37 +0200)]
evp_generic_fetch.pod: fix documentation error
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12222)
Dr. Matthias St. Pierre [Sat, 20 Jun 2020 23:19:16 +0000 (01:19 +0200)]
Make the naming scheme for dispatched functions more consistent
The new naming scheme consistently usese the `OSSL_FUNC_` prefix for all
functions which are dispatched between the core and providers.
This change includes in particular all up- and downcalls, i.e., the
dispatched functions passed from core to provider and vice versa.
- OSSL_core_ -> OSSL_FUNC_core_
- OSSL_provider_ -> OSSL_FUNC_core_
For operations and their function dispatch tables, the following convention
is used:
Type | Name (evp_generic_fetch(3)) |
---------------------|-----------------------------------|
operation | OSSL_OP_FOO |
function id | OSSL_FUNC_FOO_FUNCTION_NAME |
function "name" | OSSL_FUNC_foo_function_name |
function typedef | OSSL_FUNC_foo_function_name_fn |
function ptr getter | OSSL_FUNC_foo_function_name |
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12222)
Dr. Matthias St. Pierre [Sat, 20 Jun 2020 23:21:19 +0000 (01:21 +0200)]
Rename <openssl/core_numbers.h> -> <openssl/core_dispatch.h>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12222)
Pauli [Wed, 24 Jun 2020 10:21:15 +0000 (20:21 +1000)]
apps: avoid memory overrun.
NULL terminate the built in "help" argv array to avoid
reading beyond the end.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12258)
Matt Caswell [Thu, 18 Jun 2020 08:09:04 +0000 (09:09 +0100)]
Fix some man page typos
A few miscellaneous man page typos reported by Hal Murray on
openssl-users.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12185)
Pauli [Thu, 11 Jun 2020 01:07:13 +0000 (11:07 +1000)]
test: add test for generation of random data in chunks.
THe EVP_RAND wrapper works with the underlying RNG to produce the amount of
random data requested even if it is larger than the largest single generation
the source allows. This test verified that this works.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Fri, 5 Jun 2020 03:47:55 +0000 (13:47 +1000)]
test: update EVP tests to include DRBG testing
[extended tests]
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Fri, 5 Jun 2020 03:46:16 +0000 (13:46 +1000)]
NIST DRBG set data
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Wed, 3 Jun 2020 01:39:20 +0000 (11:39 +1000)]
include source root directory via -I for libnonfips.a
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Mon, 25 May 2020 04:45:49 +0000 (14:45 +1000)]
evp_rand: documentation
EVP_RAND, the RNGs and provider-rand.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Wed, 20 May 2020 04:15:04 +0000 (14:15 +1000)]
fips rand: DRBG KAT self test updates to provider model.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Mon, 25 May 2020 03:38:59 +0000 (13:38 +1000)]
update drbgtest to the provider model
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Fri, 8 May 2020 00:25:19 +0000 (10:25 +1000)]
CTR, HASH and HMAC DRBGs in provider
Move the three different DRBGs to the provider.
As part of the move, the DRBG specific data was pulled out of a common
structure and into their own structures. Only these smaller structures are
securely allocated. This saves quite a bit of secure memory:
+-------------------------------+
| DRBG | Bytes | Secure |
+--------------+-------+--------+
| HASH | 376 | 512 |
| HMAC | 168 | 256 |
| CTR | 176 | 256 |
| Common (new) | 320 | 0 |
| Common (old) | 592 | 1024 |
+--------------+-------+--------+
Bytes is the structure size on the X86/64.
Secure is the number of bytes of secure memory used (power of two allocator).
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Dr. Matthias St. Pierre [Tue, 19 May 2020 16:19:03 +0000 (18:19 +0200)]
rand: move drbg_{ctr,hash,hmac}.c without change to preserve history
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Tue, 12 May 2020 02:20:28 +0000 (12:20 +1000)]
share rand_pool between libcrypto and providers
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Mon, 11 May 2020 02:06:37 +0000 (12:06 +1000)]
rand: add seeding sources to providers.
Also separate out the TSC and RDRAND based sources into their own file in the
seeding subdirectory.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Dr. Matthias St. Pierre [Tue, 19 May 2020 16:18:48 +0000 (18:18 +0200)]
rand: move rand_{unix,vms,vxworks,win}.c without change to preserve history
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Sun, 10 May 2020 23:37:45 +0000 (09:37 +1000)]
params: add OSSL_PARAM helpers for time_t.
POSIX mandates that time_t is a signed integer but it doesn't specify the
lenght. Having wrappers lets uses ignore this.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Fri, 8 May 2020 00:25:36 +0000 (10:25 +1000)]
test: add a test RNG.
The test RNG can provide pre-canned entropy and nonces for testing other
algorithms.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Fri, 8 May 2020 00:25:03 +0000 (10:25 +1000)]
CRNGT: continuous DRBG tests for providers
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Fri, 8 May 2020 00:24:12 +0000 (10:24 +1000)]
provider: add RAND algorithm tables
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Tue, 12 May 2020 23:40:06 +0000 (09:40 +1000)]
app/list: add RNG list option
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Fri, 8 May 2020 00:22:45 +0000 (10:22 +1000)]
rand: set up EVP and DRBG infrastructure for RAND from providers.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Wed, 20 May 2020 22:45:29 +0000 (08:45 +1000)]
Move CRNG test to providers
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Mon, 25 May 2020 09:24:39 +0000 (19:24 +1000)]
core: add OSSL_INOUT_CALLBACK
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Pauli [Thu, 30 Apr 2020 04:46:12 +0000 (14:46 +1000)]
rand: core APIs for provider friendly random.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Dmitry Belyavskiy [Fri, 19 Jun 2020 14:06:18 +0000 (17:06 +0300)]
CMS print should support string conversion: docs
Documentation for -nameopt option
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12206)
Dmitry Belyavskiy [Fri, 19 Jun 2020 14:05:12 +0000 (17:05 +0300)]
CMS print should support string conversion
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12206)
Matt Caswell [Tue, 16 Jun 2020 16:19:40 +0000 (17:19 +0100)]
Add an SSL_dup test
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12180)
Matt Caswell [Tue, 16 Jun 2020 16:40:40 +0000 (17:40 +0100)]
Don't attempt to duplicate the BIO state in SSL_dup
SSL_dup attempted to duplicate the BIO state if the source SSL had BIOs
configured for it. This did not work.
Firstly the SSL_dup code was passing a BIO ** as the destination
argument for BIO_dup_state. However BIO_dup_state expects a BIO * for that
parameter. Any attempt to use this will either (1) fail silently, (2) crash
or fail in some other strange way.
Secondly many BIOs do not implement the BIO_CTRL_DUP ctrl required to make
this work.
Thirdly, if rbio == wbio in the original SSL object, then an attempt is made
to up-ref the BIO in the new SSL object - even though it hasn't been set
yet and is NULL. This results in a crash.
This appears to have been broken for a very long time with at least some of
the problems described above coming from SSLeay. The simplest approach is
to just remove this capability from the function.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12180)
Matt Caswell [Mon, 15 Jun 2020 11:11:46 +0000 (12:11 +0100)]
Update the SSL_dup documentation to match reality
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12180)
Matt Caswell [Fri, 12 Jun 2020 09:52:41 +0000 (10:52 +0100)]
Ensure that SSL_dup copies the min/max protocol version
With thanks to Rebekah Johnson for reporting this issue.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12180)
Pauli [Mon, 15 Jun 2020 00:07:50 +0000 (10:07 +1000)]
property: correctly set the has optional flag when merging property lists
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12123)
Pauli [Fri, 12 Jun 2020 00:34:46 +0000 (10:34 +1000)]
property: Move global default properties to the library context.
Fixes a problem where global properties don't work with a NULL query.
Specifying an algorithm with a NULL query ignores the default properties.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12123)
Jean-Christophe Fillion-Robin [Thu, 18 Jun 2020 21:33:16 +0000 (17:33 -0400)]
DOC: Fix link to test/README.external in INSTALL.md
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12198)
Shane Lontis [Wed, 17 Jun 2020 07:26:47 +0000 (17:26 +1000)]
Fix potential double free in rsa_keygen pairwise test.
It should never hit this branch of code, so there is no feasible test.
Found due to a similar issue in PR #12176.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12177)
Sebastian Andrzej Siewior [Tue, 16 Jun 2020 21:50:26 +0000 (23:50 +0200)]
TEST: Pass -no-CAstore in 80-test_ocsp.t
Without passing -no-CAstore the default CAstore will be used and the
testsuite will fail the system has certificates installed.
Fixes: #11645
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12171)
Sebastian Andrzej Siewior [Tue, 16 Jun 2020 21:47:48 +0000 (23:47 +0200)]
APPS: Properly pass -no-CAstore
Since its introduction the option no-CAstore maps to OPT_NOCAPATH and so
behaves like -no-CApath.
Map no-CAstore to OPT_NOCASTORE.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12171)
Sebastian Andrzej Siewior [Sat, 6 Jun 2020 10:55:59 +0000 (12:55 +0200)]
APPS: Fix invoking openssl without a command
Invoking help with "empty" argc leads to a segfault.
Invoke do_cmd() with help as argument which invokes help_main() with
proper argv.
Fixes #12069
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12070)
Pauli [Wed, 17 Jun 2020 02:16:10 +0000 (12:16 +1000)]
serialization: break the provider locating code to avoid deadlock.
Find all the suitable implementation names and later decide which is best.
This avoids a lock order inversion.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12173)
Richard Levitte [Thu, 18 Jun 2020 10:28:36 +0000 (12:28 +0200)]
DOCS: Add documentation for EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md_name()
At the same, align documentation markup to be closer to man-pages(7)
recommendations.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12188)
Tristan Bauer [Thu, 18 Jun 2020 09:45:24 +0000 (11:45 +0200)]
Fix wrong return value check of mmap function
The mmap function never returns NULL. If an error occurs, the function returns MAP_FAILED.
CLA: trivial
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12187)
Richard Levitte [Thu, 18 Jun 2020 10:37:26 +0000 (12:37 +0200)]
Missing documentation missing, let's note that down
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12125)
Richard Levitte [Wed, 17 Jun 2020 20:04:53 +0000 (22:04 +0200)]
util/find-doc-nits: Modernise printem()
It wasn't up to date with the new variables used to track information
on what's documented, what's in the .num files and what's in the
"missing" files.
Fixes #12117
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12125)
Richard Levitte [Fri, 12 Jun 2020 08:38:34 +0000 (10:38 +0200)]
util/find-doc-nits: Do not read "missing" files when -u is given
Fixes #12117
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12125)
Dr. David von Oheimb [Sun, 21 Jun 2020 13:44:26 +0000 (15:44 +0200)]
test/run_tests.pl: Document new VFO and VFP modes in INSTALL.md
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)
Dr. David von Oheimb [Sat, 20 Jun 2020 15:20:20 +0000 (17:20 +0200)]
test/run_tests.pl: Improve indentation parsing workaround for VFO and VFP mode
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)
Dr. David von Oheimb [Sat, 20 Jun 2020 15:07:52 +0000 (17:07 +0200)]
test/run_tests.pl: Improve newline output for VFO and VFP mode
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)
Dr. David von Oheimb [Sat, 20 Jun 2020 15:22:41 +0000 (17:22 +0200)]
Speed-up for tests in 81-test_cmp_cli_data/test_connection.csv
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)
Dr. David von Oheimb [Thu, 18 Jun 2020 05:30:09 +0000 (07:30 +0200)]
Disable tests in cmp_vfy_test.c that make no sense if FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)
Dr. David von Oheimb [Thu, 18 Jun 2020 05:42:22 +0000 (07:42 +0200)]
81-test_cmp_cli.t: Disable CLI-based tests in case fuzzing is enabled
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)
Dr. David von Oheimb [Thu, 18 Jun 2020 04:33:43 +0000 (06:33 +0200)]
81-test_cmp_cli.t: Do connections to 127.0.0.1 (e.g., Mock server) without proxy
Fixes #12156
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)
Dr. David von Oheimb [Wed, 17 Jun 2020 06:12:19 +0000 (08:12 +0200)]
Fix CMP -days option range checking and test failing with enable-ubsan
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12175)
Dr. David von Oheimb [Fri, 19 Jun 2020 18:39:33 +0000 (20:39 +0200)]
Add documentation of OSSL_CRMF_CERTID_dup()
Fixes #12190
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12208)
Patrick Steuer [Sat, 20 Jun 2020 15:59:02 +0000 (17:59 +0200)]
Print CPUINFO also for s390 processors
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12216)
Billy Brumley [Sat, 20 Jun 2020 07:11:11 +0000 (10:11 +0300)]
[doc/man3] finish EC_GROUP_get_field_type documentation
https://github.com/openssl/openssl/pull/11928 documented
`EC_GROUP_get_field_type` behavior in the `man` page but did not add the
name to the function list.
Fixes #12189.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12214)
Nicola Tuveri [Tue, 16 Jun 2020 17:12:13 +0000 (20:12 +0300)]
Flag RSA secret BNs as consttime on keygen and checks
<https://github.com/openssl/openssl/pull/11765> switched the default
code path for keygen.
External testing through TriggerFlow highlighted that in several places
we failed (once more!) to set the `BN_FLG_CONSTTIME` flag on critical
secret values (either long term or temporary values).
This commit tries to make sure that the secret BN values inside the
`rsa struct` are always flagged on creation, and that temporary values
derived from these secrets are flagged when allocated from a BN_CTX.
Acknowledgments
---------------
Thanks to @Voker57, @bbbrumley, @sohhas, @cpereida for the
[OpenSSL Triggerflow CI] ([paper]) through which this defect was detected and
tested, and for providing early feedback to fix the issue!
[OpenSSL Triggerflow CI]: https://gitlab.com/nisec/openssl-triggerflow-ci
[paper]: https://eprint.iacr.org/2019/366
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12167)
FdaSilvaYY [Fri, 19 Jun 2020 21:33:24 +0000 (23:33 +0200)]
Fix one typo in a comment.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12209)
FdaSilvaYY [Fri, 19 Jun 2020 21:22:09 +0000 (23:22 +0200)]
Fix `no-ts` builds.
`ess_lib.c` is called from `cms` and `ts` modules.
Fixes #12155
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12209)
Pauli [Thu, 18 Jun 2020 01:01:08 +0000 (11:01 +1000)]
namemap: change ossl_namemap_empty() to do what the documentation says.
The function is documented as returning 1 when passed a NULL argument.
Instead it core dumps. Added a unit test for this.
Additionally, a performance improvement is incorporated. The namemap
max_number field is only ever compared against zero and incremented.
The zero comparison grabs a lock specifically for this check. This change
uses TSAN operations instead if they are available.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12181)
Benjamin Kaduk [Mon, 1 Jun 2020 19:31:55 +0000 (12:31 -0700)]
Allow oversized buffers for provider cipher IV fetch
When we're fetching an IV, there's no need to enforce that the
provided buffer is exactly the same size as the IV we want to
write into it. This might happen, for example, when
EVP_CIPHER_CTX_iv_noconst() passes sizeof(ctx->iv) (that is,
EVP_MAX_IV_LENGTH) for an AES-GCM cipher that uses a shorter IV.
AES-OCB and CCM were also affected.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12039)
Benjamin Kaduk [Mon, 1 Jun 2020 21:33:54 +0000 (14:33 -0700)]
Set cipher IV as octet string and pointer from providers
OSSL_CIPHER_PARAM_IV can be accessed both as an octet string and as
an octet pointer (for routines like EVP_CIPHER_CTX_iv() that are
in a nebulous undocumented-and-might-go-away-eventually state),
the latter for when there is need to modify the actual value in
the provider.
Make sure that we consistently try to set it as both the string and pointer
forms (not just octet string) and only fail if neither version succeeds. The
generic cipher get_ctx_params routine was already doing so, but the
AES-variant-, GCM-, and CCM-specific ones were not.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12039)
Richard Levitte [Fri, 19 Jun 2020 08:08:33 +0000 (10:08 +0200)]
Build: Remove faulty DES assembler spec
crypto/des/build.info had a faulty spec that ghash-ia64 should be
compiled for DES. Removed.
Fixes #12197
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12203)
Pauli [Fri, 19 Jun 2020 07:17:37 +0000 (17:17 +1000)]
doc: Document OSSL_PARAM_modified and OSSL_PARAM_set_all_unmodified.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12200)
Matt Caswell [Wed, 17 Jun 2020 10:37:39 +0000 (11:37 +0100)]
Return the cookie_len value from generate_cookie_callback
The generate_cookie_callback was failing to pass back the generated
cookie length to the caller. This results in DTLS connection failures
from s_server.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12179)
Matt Caswell [Wed, 17 Jun 2020 10:34:49 +0000 (11:34 +0100)]
Fix the DTLS1_COOKIE_LENGTH value
The DTLS1_COOKIE_LENGTH value was incorrect in the header files. We
couldn't change it before due to ABI concerns. However 3.0 is not ABI
compatible so we can now fix it.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12179)
Matt Caswell [Tue, 16 Jun 2020 15:15:52 +0000 (16:15 +0100)]
Add evp_extra_test2 to .gitignore
This is a test executable which should not be added to the repository
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12159)
Matt Caswell [Mon, 15 Jun 2020 16:48:39 +0000 (17:48 +0100)]
Add a test for d2i_AutoPrivateKey_ex with a non-default libctx
Really this test should go in evp_extra_test. However that doesn't
currently support a non-default libctx (with the "null" provider in the
default libctx). So (for now) we create evp_extra_test2.c
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12159)
Matt Caswell [Mon, 15 Jun 2020 13:29:37 +0000 (14:29 +0100)]
Ensure creating an EC public key uses the libctx
Creating an EC public key from the private key uses random numbers
internally, which require use of the proper libtx. Therefore we make
sure the libctx is used during this operation.
Fixes #12150
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12159)
Matt Caswell [Mon, 15 Jun 2020 13:21:00 +0000 (14:21 +0100)]
Add more complete support for libctx/propq in the EC code
Renames some "new_ex" functions to "new_with_libctx" and ensures that we
pass around the libctx AND the propq everywhere.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12159)
Matt Caswell [Tue, 16 Jun 2020 14:30:46 +0000 (15:30 +0100)]
Create defines for TLS Group Ids
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Thu, 11 Jun 2020 15:47:50 +0000 (16:47 +0100)]
Don't send supported groups if no-ec and we're doing DTLS
The supported_groups extension only supported EC groups in DTLS.
Therefore we shouldn't send it in a no-ec build.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Fri, 22 May 2020 13:11:43 +0000 (14:11 +0100)]
Provider a better error message if we fail to copy parameters
If EVP_PKEY_copy_parameters() failed in libssl we did not provide a very
helpful error message. We provide a better one.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Fri, 22 May 2020 13:09:13 +0000 (14:09 +0100)]
Make sure we save the copy function when registering a new Keymgmt
If a provider had a "copy" function in the its keymgmt definition we
were ignoring it.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Thu, 21 May 2020 16:59:47 +0000 (17:59 +0100)]
Write a test provider to test the TLS-GROUPS capability
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Thu, 21 May 2020 15:36:32 +0000 (16:36 +0100)]
Update the various SSL group getting and setting functions
A number of these functions returned a NID or an array of NIDs for the
groups. Now that groups can come from the providers we do not necessarily
know the NID. Therefore we need to handle this in a clean way.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Thu, 21 May 2020 15:16:41 +0000 (16:16 +0100)]
Add some missing OSSL_PKEY_PARAM_GROUP_NAME documentation
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Thu, 21 May 2020 14:57:35 +0000 (15:57 +0100)]
Add documentation about Capabilities
Document the OSSL_PROVIDER_get_capabilities() function as well as the
provider side support for capabilities.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Wed, 20 May 2020 13:47:39 +0000 (14:47 +0100)]
Make EVP_PKEY_CTX_[get|set]_group_name work for ECX too
The previous commits made EVP_PKEY_CTX_[get|set]_group_name work for
EC and DH keys. We now extend this to ECX. Even though that keys with
these key types only have one group we still allow it to be explicitly
set so that we have only one codepath for all keys. Setting the group
name for these types of keys is optional, but if you do so it must have
the correct name.
Additionally we enable parameter generation for these keys. Parameters
aren't actually needed for this key type, but for the same reasons as
above (to ensure a single codepath for users of these algorithms) we
enable it anyway.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Wed, 20 May 2020 13:46:22 +0000 (14:46 +0100)]
Make EVP_PKEY_CTX_[get|set]_group_name work for DH too
The previous commit added the EVP_PKEY_CTX_[get|set]_group_name
functions to work with EC groups. We now extend that to also work for
DH.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Tue, 19 May 2020 14:24:25 +0000 (15:24 +0100)]
Make EVP_PKEY_CTX_[get|set]_ec_paramgen_curve_name more generic
We rename these function to EVP_PKEY_CTX_get_group_name and
EVP_PKEY_CTX_set_group_name so that they can be used for other algorithms
other than EC.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Mon, 18 May 2020 22:37:18 +0000 (23:37 +0100)]
Modify libssl to discover supported groups based on available providers
Now that we have added the TLS-GROUP capability to the default provider
we can use that to discover the supported group list based on the loaded
providers.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Mon, 18 May 2020 14:13:09 +0000 (15:13 +0100)]
Add the OSSL_PROVIDER_get_capabilities() API function
Provide a function to applications to query the capabilities that a
provider can perform.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Matt Caswell [Mon, 18 May 2020 13:11:06 +0000 (14:11 +0100)]
Add the concept of "Capabilities" to the default and fips providers
With capabilities we can query a provider about what it can do.
Initially we support a "TLS-GROUP" capability.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Benny Baumann [Tue, 16 Jun 2020 21:43:24 +0000 (23:43 +0200)]
Add missing section on asymmetric ciphers
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12170)
haykam821 [Mon, 15 Jun 2020 20:17:15 +0000 (16:17 -0400)]
Remove whitespace from 'white space'
CLA: trivial
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12161)
Matthias Kraft [Mon, 25 May 2020 08:10:24 +0000 (10:10 +0200)]
Configure DEPs for FIPS provider on AIX.
The binder of the AIX linker needs to be told which functions to call on
loading and initializing a shared object. Therefore another configuration
variable shared_fipsflag is introduced, which is appended to shared_defflag
when the providers/fips module gets configured.
It was suggested to refactor the line in the build file template to become
more generic and less magic. There is, however, currently no suggestion how
to actually achive this, so we leave a TODO comment.
The possible shared_fipsflag must only be appended to the shared_def iff
this code is acting on behalf of the fips provider module build.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11950)
Sebastian Andrzej Siewior [Tue, 16 Jun 2020 22:20:40 +0000 (00:20 +0200)]
DOC: Spelling fixes
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12172)