Commit Graph

30609 Commits

Author SHA1 Message Date
Richard Levitte
2fd3392c8f EVP: Add the internal function evp_generic_fetch_from_prov()
This function leverages the generic possibility to fetch EVP methods
from a specific provider.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16725)
2021-10-27 12:41:10 +02:00
Richard Levitte
cfce50f791 CORE: add a provider argument to ossl_method_construct()
This makes it possible to limit the search of methods to that
particular provider.  This uses already available possibilities in
ossl_algorithm_do_all().

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16725)
2021-10-27 12:41:10 +02:00
Jiasheng Jiang
8c590a219f test/ssl_old_test.c: Do NULL pointer check before its use
In openssl-3.0.0 and system provided, it is not reasonable to
check null pointer after use. The order was accidentally reversed.
Therefore, it is better to correct it.

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16915)
2021-10-27 11:11:34 +02:00
x2018
963eb12dbd free the Post-Handshake Auth digest when there is an error saving the digest
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16917)
2021-10-27 11:07:04 +02:00
Jiasheng Jiang
f541419c79 Remove unused variable 'sctx'
In the openssl-3.0.0 and system provided, the variable 'sctx' is unused in test_509_dup_cert.
Therefore, it might be better to remove the definition and operation of it.

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16916)
2021-10-27 11:05:35 +02:00
Matt Caswell
fd19fc4c27 Test that a key is usable after an EVP_PKEY_fromdata call
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16911)
2021-10-27 08:57:12 +10:00
Matt Caswell
6187d9eac2 Don't crash encoding a public key with no public key value
If asked to encode an EC_KEY public key, but no public key value is present
in the structure, we should fail rather than crash.

Fixes the crash seen here:
https://mta.openssl.org/pipermail/openssl-users/2021-October/014479.html

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16911)
2021-10-27 08:57:12 +10:00
x2018
9dddcd90a1 add checks for the return values of BN_new(), sk_RSA_PRIME_INFO_new_reserve(),
EVP_PKEY_CTX_new_from_pkey() and EVP_CIPHER_CTX_new().
Otherwise may result in memory errors.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16892)
2021-10-27 08:36:55 +10:00
Pauli
7220085f22 speed: range check the argument given to -multi
For machines where sizeof(size_t) == sizeof(int) there is a possible overflow
which could cause a crash.

For machines where sizeof(size_t) > sizeof(int), the existing checks adequately
detect the situation.

Fixes #16899

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16904)
2021-10-27 08:26:12 +10:00
Kinshuk Dua
089df6f135 Doc: replace NULL terminated with NUL
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16885)
2021-10-26 17:06:17 +02:00
PW Hu
1e4cef5fde doc: Fix some function signature errors
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16897)
2021-10-26 16:21:55 +02:00
Pauli
d4dfd983e3 test-rand: return failure on not enough data, allow parent
The test-rand RNG was returning success when it had some but insufficient data.
Now, it returns failure and doesn't advance the data pointer.

The test-rand RNG was failing when a parent was specified.  This case is now
ignored.

Fixes #16785

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16905)
2021-10-26 20:02:55 +10:00
Arne Schwabe
e2e3f84fa5 Note that SHA1 and MD5 x509 signatures are also forbidden at security level 1
The exclusion of SHA1 for X509 signatures is not obvious as the "intuative"
idea is that SHA1 should have 80 security bits. However the security bits
of SHA1 are explicitly set to 63 to avoid the it being strong enough for
security level 1. x509_set.c has the comment:

    /*
     * SHA1 and MD5 are known to be broken. Reduce security bits so that
     * they're no longer accepted at security level 1.
     * The real values don't really matter as long as they're lower than 80,
     * which is our security level 1.
     */

Signed-off-by: Arne Schwabe <arne@rfc2549.org>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16895)
2021-10-26 09:46:40 +02:00
Tomas Mraz
b387274d0f migration_guide: Mention ERR_GET_FUNC() and function code removal
Fixes #16817

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16879)
2021-10-25 15:29:51 +02:00
Tomas Mraz
767db672c4 cmp.c: Avoid dereference with negative index and use memcpy
This prevents a compile-time warning on newer gcc.

Also fix the related warning message.

Fixes #16814

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16821)
2021-10-25 15:01:42 +02:00
Tomas Mraz
7e35458b51 X509_PUBKEY_dup: Do not just up-ref the EVP_PKEY
We try EVP_PKEY_dup() and if it fails we re-decode it using the
legacy method as provided keys should be duplicable.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16648)
2021-10-25 14:32:43 +02:00
Tomas Mraz
e0c5184a56 X509_dup: Avoid duplicating the embedded EVP_PKEY
The EVP_PKEY will be recreated from scratch which is OK.

Fixes #16606

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16648)
2021-10-25 14:32:43 +02:00
Tomas Mraz
bf585c9c07 tests: Add test for X509_dup with ENGINE based key
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16648)
2021-10-25 14:32:43 +02:00
Matt Caswell
ef2fb64f9d Fix no-cmac
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16894)
2021-10-25 11:08:29 +01:00
Tomas Mraz
f99b34957f OCSP_sendreq_bio: Avoid doublefree of mem BIO
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/16886)
2021-10-25 11:43:10 +02:00
PW Hu
7b2bde500d doc: Fix some function signature errors
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16874)
2021-10-25 10:49:04 +02:00
Dr. David von Oheimb
a26c089ba3 OSSL_HTTP_transfer.pod: clarify that resulting BIO must be freed
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16888)
2021-10-23 12:55:03 +02:00
Dr. David von Oheimb
4258845e4e OSSL_HTTP_REQ_CTX.pod: clarify that resulting BIO must not be freed
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16888)
2021-10-23 12:55:03 +02:00
Michael Baentsch
4f71624964 Permit no/empty digest in core_obj_add_sigid
Also add digest parameter documentation for add_sigid and
permit NULL as digest name in the provider upcall.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16770)
2021-10-22 16:26:46 +02:00
Kinshuk Dua
25ead551aa Doc: be explicit about NUL in max_identity_len
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16877)
2021-10-22 16:24:08 +02:00
Matt Caswell
8b09a9c76d Fix the s_server psk_server_cb for use in DTLS
Commit 0007ff257c added a protocol version check to psk_server_cb but
failed to take account of DTLS causing DTLS based psk connections to
fail.

Fixes #16707

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/16838)
2021-10-22 10:59:49 +01:00
yuanjungong
f11c01a666 Clean up on failed BIO creation
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16316)
2021-10-22 11:56:29 +02:00
PW Hu
5001287c0d Fix documentation errors, mainly caused by return values of BIO_ctrl
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16767)
2021-10-22 11:54:11 +02:00
PW Hu
f1d077f110 Fix some documentation errors related to return values
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16794)
2021-10-22 11:39:04 +02:00
Tomas Mraz
cde5a12d5e doc: EVP_PKEY_get_utf8/octet_string_param() clarify NULL buffer behavior
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/16843)
2021-10-22 11:35:46 +02:00
Tomas Mraz
3d63315366 doc: Document the type of label EVP_PKEY_CTX_set0_rsa_oaep_label properly
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/16869)
2021-10-22 11:32:52 +02:00
Matt Caswell
7cce994d3e Update pyca-cryptography sub-module
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
2021-10-22 08:43:27 +01:00
Matt Caswell
1b327433e5 Fix acvp_test sig_gen
Ensure we set the size of the signature buffer before we call
EVP_DigestSign()

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
2021-10-22 08:43:27 +01:00
Matt Caswell
cff7d58eb4 Fix test_CMAC_keygen
Make sure we correctly pass through the size of the buffer to
EVP_DigestSignFinal

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
2021-10-22 08:43:27 +01:00
Matt Caswell
61adb6cf95 Fix a bug in signature self tests in the FIPS module
When calling EVP_PKEY_sign(), the size of the signature buffer must
be passed in *siglen.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
2021-10-22 08:43:27 +01:00
Matt Caswell
dc3f057ce1 Add an additional note to EVP_DigestSign() documentation
Clarify what happens if it fails. Make it clear that you can pass a NULL
"sig" buffer to get the "siglen".

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
2021-10-22 08:43:27 +01:00
Matt Caswell
15ff7d7c25 Test short buffers
Test that calling EVP_DigestSign(), EVP_DigestSignFinal(),
EVP_PKEY_sign(), EVP_PKEY_get_raw_private_key(), or
EVP_PKEY_get_raw_public_key() with a short output buffer results in a
failure.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
2021-10-22 08:43:27 +01:00
Matt Caswell
7be8ba5462 Fix SSKDF to not claim a buffer size that is too small for the MAC
We also check that our buffer is sufficiently sized for the MAC output

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
2021-10-22 08:43:27 +01:00
Matt Caswell
b97f4dd73b Enforce a size check in EVP_MAC_final()
Make sure that the outsize for the buffer is large enough for the
output from the MAC.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
2021-10-22 08:43:26 +01:00
Matt Caswell
43da9a14f0 Prevent an overflow if an application supplies a buffer that is too small
If an application bug means that a buffer smaller than is necessary is
passed to various functions then OpenSSL does not spot that the buffer
is too small and fills it anyway. This PR prevents that.

Since it requires an application bug to hit this problem, no CVE is
allocated.

Thanks to David Benjamin for reporting this issue.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
2021-10-22 08:43:26 +01:00
Dr. David von Oheimb
251e941283 APPS/req.c: Make -reqexts option an alias of -extensions option
This simplifies code, doc, and use.
Fixes issue ignoring one or the other.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16865)
2021-10-22 07:29:07 +02:00
Tomas Mraz
d92c696d82 Add missing define to enable AES-NI usage on x86 platform
Fixes #16858

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16866)
2021-10-21 18:23:46 +02:00
PW Hu
10343fa527 Fix function signature error
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/16852)
2021-10-20 20:28:53 +02:00
Matt Caswell
0299094c52 Add tests for ENGINE problems
Add some tests which would have caught the issues fixed in the previous
3 commits related to engine handling.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16846)
2021-10-19 16:20:00 +01:00
Matt Caswell
86c15ba874 Update provider_util.c to correctly handle ENGINE references
provider_util.c failed to free ENGINE references when clearing a cipher
or a digest. Additionally ciphers and digests were not copied correctly,
which would lead to double-frees if it were not for the previously
mentioned leaks.

Fixes #16845

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16846)
2021-10-19 16:20:00 +01:00
Matt Caswell
f7d6868d0d Ensure pkey_set_type handles ENGINE references correctly
pkey_set_type should not consume the ENGINE references that may be
passed to it.

Fixes #16757

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16846)
2021-10-19 16:20:00 +01:00
Matt Caswell
a0cbc2d222 Make sure EVP_CIPHER_CTX_copy works with the dasync engine
Ciphers in the daysnc engine were failing to copy their context properly
in the event of EVP_CIPHER_CTX_copy() because they did not define the
flag EVP_CIPH_CUSTOM_FLAG

Fixes #16844

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16846)
2021-10-19 16:19:51 +01:00
jwalch
a98b26588b Avoid NULL+X UB in bss_mem.c
Fixes #16816

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16818)
2021-10-19 12:16:11 +02:00
Matt Caswell
5fdc95e443 Fix the signature newctx documentation
The documentation omitted the propq parameter

Fixes #16755

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16836)
2021-10-18 09:41:41 +02:00
Richard Levitte
fb0f65fff8 Fix lock leak in evp_keymgmt_util_export_to_provider()
Fixes #16847

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16849)
2021-10-16 10:22:42 +02:00