HPE has a weird preference to prefix letters and zero-padding. Properly trim
them before processing.
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22891)
Do not allow mid-expression line breaks.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22814)
Some platform implementations are without `sharedlib_import()`, so we need
to check that it exists before using it.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/22789)
$(SRCDIR)/util/libcrypto.num and $(SRCDIR)/util/libssl.num were made their
own targets to have 'make ordinals' reproduce them (run mknum.pl) only if
needed.
Unfortunately, because the shared library linker scripts depend on these
.num files, we suddenly have mknum.pl run at random times when building.
Furthermore, this created a diamond dependency, which disturbs parallell
building because multiple mknum.pl on the same file could run at the same
time.
This reverts commit 0e55c3ab8d.
Fixes#21999
Partially fixes#22841
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22890)
Coverity recorded issues 1551739 and 1551737, a potential double free in the
tests. It occurs when the DUP operation fails in such a way val3_read is
returned as the same pointer as val2_read. Ideally it should never
happen, but resetting val3_read to 0 should satisfy coverity that there
is no issue here
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/22800)
Coverity issue 1551719 noted CRYPTO_secure_used referenced a shared
variable without taking the appropriate read lock. Add that.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/22802)
Add null check to cmac_size(). This avoids a seg-fault encountered
with cmac when EVP_MAC_CTX_get_mac_size() is called before init.
Extend mac testing in evp_test.c to check that the sizes returned by
EVP_MAC_CTX_get_mac_size() before and after init make sense (this also
ensures that we no longer seg-fault).
Fixes#22842
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22858)
When the CMS_ReceiptRequest cannot be created,
the rct_to and rct_from may be leaked.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22742)
And clean up partially created choice objects, which have
still the default type = -1 from ASIdentifierChoice_new().
Fixes#22700
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22745)
"d_i in RFC8017" -> "d_i" in RFC8017
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22868)
well know -> well known
CLA: trivial
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22778)
Signed-off-by: lan1120 <lanming@huawei.com>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22795)
The little-endian optimization is doing some type-punning in a way
violating the C standard aliasing rule by loading or storing through a
lvalue with type "unsigned int" but the memory location has effective
type "unsigned long" or "unsigned long long" (BN_ULONG). Convert these
accesses to use memcpy instead, as memcpy is defined as-is "accessing
through the lvalues with type char" and char is aliasing with all types.
GCC does a good job to optimize away the temporary copies introduced
with the change. Ideally copying to a temporary unsigned int array,
doing the calculation, and then copying back to `r_d` will make the code
look better, but unfortunately GCC would fail to optimize away this
temporary array then.
I've not touched the LE optimization in BN_nist_mod_224 because it's
guarded by BN_BITS2!=64, then BN_BITS2 must be 32 and BN_ULONG must be
unsigned int, thus there is no aliasing issue in BN_nist_mod_224.
Fixes#12247.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22816)
`tls_parse_ctos_key_share()` didn't properly handle the option.
Avoid the need to deal with the option in multiple places by properly
handling it in `tls_parse_ctos_psk_kex_modes()`.
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22844)
Added self-hosted runners for freebsd-x86_64 and ubuntu-aarch64.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Anton Arapov <anton@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22804)
There were no PKIX-TA(0) SPKI(1) Full(0) (i.e. "0 1 0") test cases in
"danetest.in".
There is now at least a success case, which will exercise freeing the public
key after it is sanity checked, since with PKIX-TA(0) there's nothing we can do
with just the raw public key, a full chain to a local trust anchor is in any
case required.
The failure (to match) code path is already well oiled, but failure to decode
while adding malfored TLSA records could still use some additional tests...
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22821)
We don't need the decoded X.509 Full(0) certificate for the EE usages 1 and 3,
because the leaf certificate is always part of the presented chain, so the
certificate is only validated as well-formed, and then discarded, but the
TLSA record is of course still used after the validation step.
Added DANE test cases for: 3 0 0, 3 1 0, 1 0 0, and 1 1 0
Reported by Claus Assmann.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22821)
Instead of trying to move the doomed sct back
to the src stack, which may fail as well, simply
free the sct object, as the src list will be
deleted anyway.
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22762)
In 160f48941d I made L_ENDIAN defined when the system is guessed to be
linux64-loongarch64. Unfortunately now I found it problematic:
1. This should be added into Configurations/10-main.conf, not here.
Having it here causes a different configuration when
linux64-loongarch64 is explicitly specified than guessed.
2. With LTO enabled, this causes many test failures on
linux64-loongarch64 due to #12247.
So I think we should remove it for now (master and 3.2 branch), and
reintroduce it to Configurations/10-main.conf when we finally sort
out #12247.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22812)
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22828)
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22828)
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22828)
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22828)
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22828)
Fixes#22811
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/22813)
(cherry picked from commit ba58e9f1e2)
This can be useful for fixing the CI if needed
without the necessity to run abidw locally.
Also rename the CI job to make its purpose clearer.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22689)
Add ability to measure performance of the two kmac algorithms, and
reduce code duplication in mac testing by introducing mac_setup() and
mac_teardown(). Also, start accepting "cmac" as an algorithm string
(similar to how "hmac" is accepted).
We can now compare the performance of KMAC128, KMAC256 (mac algs) to
KECCAK-KMAC128, KECCAK-KMAC256 (digest/xof algs).
Fixes#22619
Testing:
$ LD_LIBRARY_PATH=. ./apps/openssl speed kmac cmac hmac
$ LD_LIBRARY_PATH=. ./apps/openssl speed kmac256
$ LD_LIBRARY_PATH=. ./apps/openssl speed -evp KECCAK-KMAC256
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22764)
Amend the assembler so it uses only 32bit value.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22750)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22750)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22750)
The text "CLA: trivial" should go at the bottom of the commit message.
Also, update the force-push command to include the repository and
branch, which can avoid unexpected force-push results.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22775)
VSI C on OpenVMS for x86_64 has a bit more information than on other
hardware. This is no doubt because it's based on LLVM which leaves an
opening for cross compilation.
VSI C on Itanium:
$ CC/VERSION
VSI C V7.4-001 on OpenVMS IA64 V8.4-2L3
VSI C on x86_64:
$ CC/VERSION
VSI C x86-64 X7.4-843 (GEM 50XB9) on OpenVMS x86_64 V9.2-1
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22792)
prefer hmac(sha256) rather than hmac(md5). Also, drop the "skip_hmac"
label. If we are supposed to do hmac(hash_func) and hash_func cannot
be found, then error out immediately.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22793)
ctx->propq that strdup from input parameter propq in sm2sig_newctx,
is not released. It should be released in sm2sig_freectx and copied
to dstctx in sm2sig_dupctx. And dstctx->id and dstctx->propq should
be set NULL to avoid releasing id/propq of srcctx when err occurs.
Signed-off-by: Huiyue Xu <xuhuiyue@huawei.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22796)