Commit Graph

26886 Commits

Author SHA1 Message Date
Jon Spillett
23e77b0ba3 Update test data for DSA public key text
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12688)
2020-08-31 14:49:16 +10:00
Jon Spillett
e2e46dfa8c Add the correct enum value for DSA public key serialization
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12688)
2020-08-31 14:49:16 +10:00
Shane Lontis
458cb85d19 Fix ECX serializer import calls to use correct selection flags.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12698)
2020-08-30 16:17:17 +10:00
Shane Lontis
d9cdfda24f Fix RSA serializer import calls to use correct selection flags.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12698)
2020-08-30 16:17:17 +10:00
Shane Lontis
81fca0e7c1 Fix DSA serializer import calls to use correct selection flags.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12698)
2020-08-30 16:17:17 +10:00
Shane Lontis
3fab56631f Fix DH serializer import calls to use correct selection flags.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12698)
2020-08-30 16:17:17 +10:00
Dmitry Belyavskiy
835b290016 Fix PKCS#7 so that it still works with non fetchable cipher algorithms.
Fixes #12697

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12740)
2020-08-29 19:36:36 +03:00
Dmitry Belyavskiy
bd1bbbfe51 Fix PKCS#7 so that it still works with non fetchable digest algorithms.
Fixes #12684
Partially fixes #12697

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12740)
2020-08-29 19:36:27 +03:00
Matt Caswell
8e32ea633f Check whether we have MD5-SHA1 and whether we need it
If we don't have MD5-SHA1 then we must be use (D)TLSv1.2 or above. We
check that this is consistent with the way we've been configured. We also
ensure that we never attempt to negotiate <(D)TLSv1.2 if MD5-SHA1 is not
available.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12733)
2020-08-29 17:56:37 +10:00
Matt Caswell
7cd1420b3e Improve some error messages if a digest is not available
If a digest is not available we just get an "internal error" error
message - which isn't very helpful for diagnosing problems. Instead we
explicitly state that we couldn't find a suitable digest.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12733)
2020-08-29 17:56:20 +10:00
Matt Caswell
e3bf65da88 Include "legacy" in the name of the various MAC bridge functions
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:12 +10:00
Matt Caswell
52ae0f8fc2 Add some documentation about the EVP_PKEY MAC interface
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:11 +10:00
Matt Caswell
2ef9a7ac5e Improve code reuse in the provider MAC bridge
We reuse concepts such as PROV_CIPHER, and make use of some common code
in provider_util.c

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:11 +10:00
Matt Caswell
2106b04719 Document the EVP_PKEY_new_CMAC_key_with_libctx() function
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:11 +10:00
Matt Caswell
e5bc0ce2ae Extend test_CMAC_keygen in evp_extra_test
The test only setup the generation of a key. It did not complete that
generation. We extend the test to complete the generation and to use the
generated key. We also compare the result with a key generated in a
different way.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:11 +10:00
Matt Caswell
2cf765e5a2 Delete unused PKEY MAC files
Now that the all the legacy PKEY MAC bridge code has been moved to the
providers we no longer need the old bridge and it can be removed.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:11 +10:00
Matt Caswell
a540ef90f5 Extend the provider MAC bridge for CMAC
The previous commits added support for HMAC, SIPHASH and Poly1305 into
the provider MAC bridge. We now extend that for CMAC too.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:11 +10:00
Matt Caswell
4db71d0175 Extend the provider MAC bridge for Poly1305
The previous commits added support for HMAC and SIPHASH into the provider
MAC bridge. We now extend that for Poly1305 too.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:10 +10:00
Matt Caswell
8014b2a966 Don't require a default digest from signature algorithms
Some signature algorithms don't need a default digest, so don't fail if
we don't have one.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:10 +10:00
Matt Caswell
b27b31b628 Extend the provider MAC bridge for SIPHASH
The previous commits added support for HMAC into the provider MAC bridge.
We now extend that for SIPHASH too.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:10 +10:00
Matt Caswell
6f0bd6ca1c Ensure libssl creates libctx aware MAC keys
Convert various mac key creation function calls to use the _with_libctx
variants.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:10 +10:00
Matt Caswell
ada0670bf6 Fix some EVP_MD_CTX_* functions
Fixes some issues with EVP_MD_CTX_* functions when doing EVP_DigestSign*
and EVP_DigestVerify* functions.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:10 +10:00
Matt Caswell
5d51925a90 Convert EVP_PKEY_CTX_set_mac_key() into a function
Previously it was a macro. We now make it into a function that is params
aware.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:10 +10:00
Matt Caswell
1bf625040c Fix evp_extra_test to not assume that HMAC is legacy
evp_extra_test had a test that checks whether an EVP_PKEY_CTX can still
be created for HMAC even though there are no providers loaded because it
is a legacy algorithm. However after the earlier commits this is no longer
the case. We swap the check to a different legacy algorithm (SM2).
Hopefully before too long there will be no legacy algorithms left and the
test can be deleted.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:40:09 +10:00
Matt Caswell
b571e662cd Make the provider side EVP PKEY MAC bridge available in default and fips
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:39:37 +10:00
Matt Caswell
409910be16 Implement signature functions for EVP_PKEY MAC to EVP_MAC provider bridge
Some MAC implementations were available before the current EVP_MAC API. They
were used via EVP_DigestSign*. There exists a bridge between the oldAPI and
the EVP_MAC API however this bridge itself uses a legacy EVP_PKEY_METHOD.
This commit implements the signature functions for the provider side bridge
without having to use any legacy code.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:39:37 +10:00
Matt Caswell
e538294f8f Implement key management for the EVP_PKEY MAC to EVP_MAC provider bridge
Some MAC implementations were available before the current EVP_MAC API. They
were used via EVP_DigestSign*. There exists a bridge between the old API and
the EVP_MAC API however this bridge itself uses a legacy EVP_PKEY_METHOD.
This commit implements the key management for provider side bridge without
having to useany legacy code.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12637)
2020-08-29 17:39:37 +10:00
Richard Levitte
bddfea0271 TEST: Adapt some tests for a stricter PEM_write_bio_PrivateKey_traditional()
- test/endecode_test.c

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12728)
2020-08-28 20:48:27 +02:00
Richard Levitte
87d91d223b Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8
PEM_write_bio_PrivateKey_traditional() uses i2d_PrivateKey() to do the
actual encoding to DER.  However, i2d_PrivateKey() is a generic
function that will do what it can to produce output according to what
the associated EVP_PKEY_ASN1_METHOD offers.  If that method offers a
function 'old_priv_encode', which is expected to produce the
"traditional" encoded form, then i2d_PrivateKey() uses that.  If not,
i2d_PrivateKey() will go on and used more modern methods, which are
all expected to produce PKCS#8.

To ensure that PEM_write_bio_PrivateKey_traditional() never produces
more modern encoded forms, an extra check that 'old_priv_encode' is
non-NULL is added.  If it is NULL, an error is returned.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12728)
2020-08-28 20:48:27 +02:00
T.Yanagisawa
b6ef3c7089 Correct description of BN_mask_bits
CLA: trivial

Correct right shift to left shift.
Pseudo code `a&=~((~0)>>n)` means "get higher n-bits of a", but actually crypto lib gives lower n-bits.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12727)
2020-08-28 19:25:08 +10:00
Pauli
33855c0af6 conf: add diagnostic option
Add an option to configuration files "config_diagnostics" that when set to a
non-zero value, overrides the error ignoring flags.  The outcome is that
diagnostic option is produced when e.g. sections are missing.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12663)
2020-08-28 19:21:29 +10:00
Pauli
3d94185718 provider_conf: report missing section on error
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12663)
2020-08-28 19:21:28 +10:00
Jung-uk Kim
cd84d8832d Ignore vendor name in Clang version number.
For example, FreeBSD prepends "FreeBSD" to version string, e.g.,

FreeBSD clang version 11.0.0 (git@github.com:llvm/llvm-project.git llvmorg-11.0.0-rc2-0-g414f32a9e86)
Target: x86_64-unknown-freebsd13.0
Thread model: posix
InstalledDir: /usr/bin

This prevented us from properly detecting AVX support, etc.

CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/12725)
2020-08-27 20:27:26 -07:00
Pauli
4516bf7422 rand: instantiate the DRBGs upon first use.
Fixes #12714

[skip ci]

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12717)
2020-08-28 10:19:56 +10:00
Pauli
edd53e9135 rand: add a note about a potentially misleading code analyzer warning.
When seeding from a parent DRBG, the pointer to the child is used as
additional data.  This triggers static code analysers.  Rearrange and
expand the comments to make this more obvious.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12724)
2020-08-28 08:43:07 +10:00
Dr. David von Oheimb
1d6c86709c apps/pkcs12.c: Add -untrusted option
Also improve EE cert selection, user guidance, and documentation.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12643)
2020-08-27 20:08:44 +02:00
Dr. David von Oheimb
77a9bb83d7 X509_add_certs(): Add to doc some warning notes on memory management
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12643)
2020-08-27 20:08:44 +02:00
Rich Salz
0495a3ec4a Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify()
This adds a flag, OCSP_PARTIAL_CHAIN, to the OCSP_basic_verify()
function.  This is equivlent to X509_V_FLAG_PARTIAL_CHAIN, in that
if any certificate in the OCSP response is in the trust store, then
trust it.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12666)
2020-08-27 20:03:39 +02:00
Marc
fcc3a5204c apps: -msg flag enhancement 2/2
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12310)
2020-08-27 13:11:12 +03:00
Marc
50c911b0c5 apps: -msg flag enhancement 1/2
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12310)
2020-08-27 13:10:39 +03:00
Pauli
625679b6d7 EVP: NULL pctx pointer after free.
Not doing so can result in a double free.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12718)
2020-08-27 13:43:46 +10:00
Dmitry Belyavskiy
a149f75024 Replace hierogliphs with stub to pass tests
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9654)
2020-08-26 14:04:21 +03:00
Dmitry Belyavskiy
26930bd3c2 Documentation for internal PUNYCODE-related functions
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9654)
2020-08-26 14:04:21 +03:00
Dmitry Belyavskiy
8a302080c3 EAI test script and data
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9654)
2020-08-26 14:04:17 +03:00
Dmitry Belyavskiy
a0188e284e RFC 8398: documentation
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9654)
2020-08-26 14:04:17 +03:00
Dmitry Belyavskiy
0bf093be31 Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9654)
2020-08-26 14:04:17 +03:00
Dmitry Belyavskiy
90c9319d47 RFC 8398: EAI comparison
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9654)
2020-08-26 14:04:17 +03:00
Dmitry Belyavskiy
69d9245996 RFC 8398: Name constraints validation
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9654)
2020-08-26 14:04:17 +03:00
Dmitry Belyavskiy
4650f2b590 Punycode decoding implementation
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9654)
2020-08-26 14:04:11 +03:00
Richard Levitte
eb800ef553 crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()
Fixes #12695

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12696)
2020-08-26 07:11:17 +02:00