Commit Graph

3748 Commits

Author SHA1 Message Date
Hugo Landau
6cf23ce54d Ensure struct timeval is defined when including ssl.h
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/22323)
2023-10-11 11:10:05 +02:00
Dr. David von Oheimb
ac0677bd23 CMP: fix OSSL_CMP_MSG_http_perform() by adding option OSSL_CMP_OPT_USE_TLS
Fixes #21120

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21176)
2023-10-10 20:36:06 +02:00
Evgeny Karpov
636ee1d0b8 * Enable extra Arm64 optimization on Windows for GHASH, RAND and AES
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21673)
2023-10-10 15:37:41 +02:00
Matt Caswell
2b8d815344 When calling ossl_crypto_condvar_wait_timeout() we must use real time
Although many of the QUIC tests use fake time, the time we pass to the
ossl_crypto_condvar_wait_timeout() must be a real time.

Passing fake time was causing the QUIC tserver test to hang because
ossl_crypto_convar_wait_timeout() always timed out immediately and never
relinquished the CPU.

If using fake time we adjust the time to real time just before using it.

Fixes #22020

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22301)
2023-10-10 08:17:43 +01:00
Richard Levitte
1296c2ec78 Restore the meaning of EVP_PKEY_print_private()
With pre-3.0 OpenSSL, EVP_PKEY_print_private() calls the EVP_PKEY_ASN1_METHOD
function "priv_print", effectively asking the backend to print whatever it
regards as private key components.

In all backends that were built into libcrypto, this function printed what
was included in the private key structure, which usually includes the
public key components as well.

With OpenSSL 3.0, some of the corresponding key2text encoders got a
slightly different behavior, where the presence of the selector
OSSL_KEYMGMT_SELECT_PRIVATE_KEY without the presence of the selector
OSSL_KEYMGMT_SELECT_PUBLIC_KEY would only get what would intuitively be
regarded as private key components printed.  This isn't entirely consistent,
though, as the RSA key2text encoder will still print the public key
components regardless.

To compensate for the changed backend behavior, EVP_PKEY_print_private()
was made to ask the encoder to print the keypair rather than just the
private key, thereby moving the backend semantics to the application API.
Unfortunately, this causes confusion for providers where the key2text
encoder really should print the private key only.

This change restores the built-in 1.1.1 backend behavior in the encoders
that OpenSSL provides, and renders EVP_PKEY_print_private() more true to its
documented behavior, leaving it to the backend to decide what it regards as
"private key components".

Fixes #22233

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22237)
2023-10-04 08:10:55 +02:00
Tomas Mraz
6f66602eaa macros.h: There are just 3.1 deprecations, no 3.2 deprecations
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22247)
2023-10-04 07:52:41 +11:00
Tomas Mraz
6a92159d01 All lh_stats functions were deprecated in 3.1
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22247)
2023-10-04 07:52:41 +11:00
Matt Caswell
556009c596 Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
2023-09-28 14:23:29 +01:00
Matt Caswell
be203ea3d3 Fix a mem leak when the FIPS provider is used in a different thread
We were neglecting to register the main thread to receive thread stop
notifications. This is important if the thread that starts the FIPS
provider is not the same one that is used when OPENSSL_cleanup() is
called.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)
2023-09-27 17:23:04 +01:00
Pauli
4cde7585ce fips: use seed source requested
Fixes #21909

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)
2023-09-27 17:23:04 +01:00
Pauli
a9483b8aa0 rand: add extra error code
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)
2023-09-27 17:22:54 +01:00
Pauli
fffa78c2fd fips selftest: avoid relying on a real RNG for self tests
Rather than instantiate the private and primary DRBGs during the
selftest, instead use a test RNG.  This leaves the DRBG setup
pristine and permits later replacement of the seed source despite
the very early running power up self tests.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)
2023-09-27 17:22:54 +01:00
Matt Caswell
a18c9f8091 Implement a public BIO_ADDR_copy() function
We already have BIO_ADDR_dup() but in some contexts that is not sufficent.
We implement BIO_ADDR_copy() and make BIO_ADDR_dup() use it.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22164)
2023-09-25 07:46:45 +10:00
Simo Sorce
96e678087d Allow to pass a passprase callback at store open
Some PKCS11 modules require authentication early on to be able to
preload objects, which we want to do to avoid costly roundtrips when the
HSM is actually reached over a network (Cloud HSM).

Unfortunately at open time we can't interact with the user becaue the
callbacks are only passed at object load time. later on.

This patch corrects this issue by providing a more feature rich open
call for providers.

Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20131)
2023-09-19 12:24:07 +02:00
Dmitry Belyavskiy
0a8807b4a8 Store: API for deletion
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21901)
2023-09-15 10:18:36 +02:00
Matt Caswell
fc785a554c Remove use of _Static_assert
We had some use of the C11 _Static_assert feature which can cause some
problems on some platforms. Everywhere we were using it, it is not really
required so remove it.

Fixes #22017

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22091)
2023-09-15 09:20:05 +10:00
Matt Caswell
547ea58821 Fix the SSL_CIPHER_find() function when used with a QCSO
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22011)
2023-09-12 15:29:00 +02:00
Matt Caswell
1e4fc0b2e5 Add a test for using a PSK with QUIC
Check that we can set and use a PSK when establishing a QUIC connection.

Fixes openssl/project#83

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22011)
2023-09-12 15:29:00 +02:00
Dimitri Papadopoulos
e22ebb893e Bad function definition
void f() should probably be void f(void)

Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
2023-09-11 10:15:30 +02:00
Dimitri Papadopoulos
bbaeadb068 "foo * bar" should be "foo *bar"
Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
2023-09-11 10:15:30 +02:00
Dimitri Papadopoulos
ad31628cfe Remove repeated words
Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
2023-09-11 10:15:30 +02:00
Randall S. Becker
aff99225f9 Exclude include of poll.h from NonStop builds - not defined on platform.
socket.h has been modified so that poll.h is omitted for OPENSSL_SYS_NONSTOP
builds. The platform configuration is derived from UNIX so the include is
only omitted for NonStop but kept in the OPENSSL_SYS_UNIX include block.

Fixes: #22001

Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22006)
2023-09-08 17:21:38 +01:00
Matt Caswell
da1c088f59 Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
2023-09-07 09:59:15 +01:00
Richard Levitte
09a4b4b722 internal/numbers.h: Add fallback implementation for UINT32_C and UINT64_C
Other similar macros can be implemented later.  Right now, this are the most
likely to be actually useful

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21951)
2023-09-04 18:27:21 +02:00
Richard Levitte
3ae4686bf6 VMS: Add a fallback definition of socklen_t
It is not present in current VMS C headers...

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21951)
2023-09-04 18:27:21 +02:00
slontis
3859a02725 Change PBES2 KDF default salt length to 16 bytes.
The PKCS5 (RFC 8018) standard uses a 64 bit salt length for PBE, and
recommends a minimum of 64 bits for PBES2. For FIPS compliance PBKDF2
requires a salt length of 128 bits.
This affects OpenSSL command line applications such as "genrsa" and "pkcs8"
and API's such as PEM_write_bio_PrivateKey() that are reliant on the
default salt length.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21858)
2023-09-04 14:15:34 +10:00
Tom Cosgrove
12d08fe3a5 Move ALIGN32 and ALIGN64 into common.h, and fix for clang-cl.exe
clang-cl.exe defines __clang__ and _MSC_VER but not __GNUC__, so a clang-
specific guard is needed to get the correct ALIGNxx versions.

Fixes #21914

Change-Id: Icdc047b182ad1ba61c7b1b06a1e951eda1a0c33d

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21921)
2023-09-04 08:44:21 +10:00
Hugo Landau
5debf07010 QUIC APL: Implement SSL_want
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21915)
2023-09-01 14:44:47 +01:00
Hugo Landau
d5c3f4b2db Comment on internal flag
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01 14:02:54 +01:00
Hugo Landau
2619d10ace BIO: Allow third parties to use integers instead of pointers for poll descriptors
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01 14:02:50 +01:00
Hugo Landau
d492e34351 QUIC: Make TLS1_FLAGS_QUIC private
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01 14:02:50 +01:00
Hugo Landau
7d9e447ab8 QUIC API: Revise SSL_get_conn_close_info to use a flags field
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01 14:02:50 +01:00
Hugo Landau
d2e9e12b23 QUIC APL: Allow stream origin to be queried
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21905)
2023-09-01 14:02:50 +01:00
Hugo Landau
abeb41b42f Minor updates
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:36 +01:00
Hugo Landau
3760747ff4 Minor fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:36 +01:00
Hugo Landau
000ef7818b BIO: Add BIO_dgram_detect_peer_addr API
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:34 +01:00
Hugo Landau
617b459ddf QUIC CHANNEL: Introduce concept of (non-)addressed mode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:34 +01:00
Hugo Landau
be96180aa6 QUIC CHANNEL: Cleanup poll descriptor management
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:34 +01:00
Hugo Landau
0b8b75e242 QUIC REACTOR: Move can-poll flags into reactor
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:34 +01:00
Hugo Landau
7841dbabec BIO_s_connect: Add support for datagram mode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:33 +01:00
Hugo Landau
60421893a2 QUIC: Harden ring buffer against internal misuse
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21895)
2023-08-31 16:34:51 +01:00
Dmitry Belyavskiy
9d2f7e1f61 OSSL_PROVIDER_load_ex
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21604)
2023-08-30 21:55:47 +02:00
Matthias St. Pierre
4d5cfb229b Fix misspelled deprecation macro name in comment
Commit 77c30753cd replaced the convenience macros `DEPRECATEDIN_{major}_{minor}`
by `OSSL_DEPRECATEDIN_{major}_{minor}` but misspelled them in the comment.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21868)
2023-08-30 11:44:33 +01:00
Hugo Landau
ade3baa662 make update
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-30 08:28:22 +01:00
Hugo Landau
3bc38ba071 QUIC MULTISTREAM TEST: Test WAIT_PEER
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-30 08:28:22 +01:00
Hugo Landau
25a0c4b907 QUIC APL: Support waiting for peer-initiated shutdown
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-30 08:28:22 +01:00
Hugo Landau
96fe5e5f96 QUIC APL: Implement backpressure on stream creation
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-30 08:28:22 +01:00
Hugo Landau
7a5f58b2cf QUIC APL: Fix stream backpressure conditions to use non-I/O errors
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21811)
2023-08-25 15:11:05 +02:00
Hugo Landau
9d6bd3d30f QUIC APL: Implement backpressure on stream creation
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21811)
2023-08-25 15:10:43 +02:00
Tomas Mraz
eb1eaa9af4 Always use uint8_t for TLS record type
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21823)
2023-08-25 12:04:00 +01:00
Tomas Mraz
1cc8c53b0f Avoid issues with endianness when type is used in SSL_trace()
The TLS record type is a single byte value so we can
use uint8_t for it. This allows passing its address
directly to SSL_trace() instead of converting it to
a single byte type first.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21823)
2023-08-25 12:03:46 +01:00
Matt Caswell
0b31072e08 Don't keep creating CONNECTION_CLOSE frames
If we want to send a CONNECTION_CLOSE frame then one is enough unless we
are scheduled to send another one. Now that we can create more than one
datagram in one go this is now required.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21798)
2023-08-25 08:42:39 +02:00
Hugo Landau
ce7a9e23fb QUIC: Rename SSL_set_initial_peer_addr to SSL_set1_initial_peer_addr
Fixes #21701

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21814)
2023-08-24 11:47:57 +01:00
Tomas Mraz
64fd69911e ossl_quic_tx_packetiser_generate(): Always report if packets were sent
Even in case of later failure we need to flush
the previous packets.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21700)
2023-08-23 17:18:48 +02:00
Tomas Mraz
cb19528b93 QUIC: Add ERR_raise() calls for EVP call failures
This improves tracking where the failure was triggered.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21700)
2023-08-23 17:18:48 +02:00
vl-loz
4a469cba27 Add X509_STORE_CTX_set_get_crl and X509_STORE_CTX_set_current_reasons
This change is for feature request #21679.

Adds a couple of setters to aid with custom CRL validation.

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21737)
2023-08-17 21:34:12 +02:00
slontis
39ed7636e0 Fix decoders so that they use the passed in propq.
Fixes #21198

decoder objects were setting propq as NULL.
Added a set_ctx/settable_ctx to all decoders that should supply
a property query parameter to internal functions.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21219)
2023-08-16 18:02:51 +02:00
Pauli
cdd916313a quic: process stateless resets
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21649)
2023-08-16 12:07:17 +02:00
Matt Caswell
644ef0bb69 Add a test for receiving a post-handshake CertificateRequest
This should result in a QUIC PROTOCOL_VIOLATION

We also add tests for a post-handshake KeyUpdate, and a NewSessionTicket
with an invalid max_early_data value.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15 14:41:31 +01:00
Matt Caswell
614c08c239 Add the ability to send NewSessionTicket messages when we want them
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15 14:41:31 +01:00
Matt Caswell
04c7fb53e0 NewSessionTickets with an early_data extension must have a valid max value
The max_early_data value must be 0xffffffff if the extension is present in
a NewSessionTicket message in QUIC. Otherwise it is a PROTOCOL_VIOLATION.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15 14:41:31 +01:00
Matt Caswell
b644a9323f Unexpected QUIC post-handshake CertificateRequests are a PROTOCOL_VIOLATION
An OpenSSL QUIC client does not send the post_handshake_auth extension.
Therefore if a server sends a post-handsahke CertificateRequest then this
would be treated as a TLS protocol violation with an "unexpected message"
alert code. However RFC 9001 specifically requires us to treat this as
QUIC PROTOCOL_VIOLATION. So we have to translate the "unexpected message"
alert code in this one instance.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
2023-08-15 14:41:31 +01:00
Richard Levitte
98d81174d3 Remove include/internal/decoder.h, as it's superfluous
The routines declared in there are entirely libcrypto internal, so
include/crypto/decoder.h is better suited for them.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/21733)
2023-08-15 15:23:16 +02:00
Hugo Landau
40c8c756c8 QUIC APL/CHANNEL: Wire up connection closure reason
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:45 +01:00
Hugo Landau
ed75eb32f3 QUIC TEST: Test NEW_CONN_ID frames
Fixes https://github.com/openssl/project/issues/86

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:45 +01:00
Hugo Landau
de56eebd6a QUIC TEST: Test malformed crypto stream data, excess buffering
Fixes https://github.com/openssl/project/issues/85

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:45 +01:00
Hugo Landau
17340e8785 QUIC TEST: Ensure PING causes ACK generation
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
2023-08-10 18:19:44 +01:00
MscVZoltan
420a0874db Don't use C++ reserved word template for function arguments
CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21692)
2023-08-10 13:26:51 +02:00
Tomas Mraz
44cb36d04a Resolve some of the TODO(QUIC) items
For some of the items we add FUTURE/SERVER/TESTING/MULTIPATH
designation to indicate these do not need to be resolved
in QUIC MVP release.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21539)
2023-08-08 15:58:59 +02:00
Hugo Landau
7a2bb2101b QUIC TLS: Rethink error handling
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08 14:33:42 +01:00
Hugo Landau
398922463f QUIC: Move string conversion functions into a source file
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08 14:33:42 +01:00
Hugo Landau
741170bef3 QUIC CHANNEL: Improve error reporting
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08 14:33:42 +01:00
Hugo Landau
1051b4a0b9 QUIC FC: Rename stream count mode to reflect actual function
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08 14:33:42 +01:00
Hugo Landau
2a6f1f2f6e QUIC QRX: Don't process 1-RTT packets until handshake is complete
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08 14:33:42 +01:00
Hugo Landau
3eb0f9a702 QUIC CHANNEL, TXP: Discard INITIAL EL correctly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08 14:33:42 +01:00
Hugo Landau
80bcc4f1ae QUIC TLS: Report TLS errors properly as QUIC protocol errors
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08 14:33:42 +01:00
Hugo Landau
3ad5711e48 QUIC CHANNEL: Send correct alert code if no TPARAMs received
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08 14:33:42 +01:00
Hugo Landau
371c29582a QUIC CFQ: Unreliable transmission for PATH_RESPONSE
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08 14:33:42 +01:00
Hugo Landau
7eb330ff7a QUIC: Echo PATH_CHALLENGE frames as PATH_RESPONSE frames
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08 14:33:42 +01:00
Pauli
029ddd1ead quic: using #defined constant rather than a magic number
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429)
2023-08-04 11:55:45 +10:00
Pauli
50e76846bf quic conformance: 10.2.1 rate limiting
Implement the two requirements about limiting closing transmission size to
no more than thrice the received size.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429)
2023-08-04 11:55:45 +10:00
Pauli
afe4a7978d quic conformance: section 10.2.2 requirements
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21429)
2023-08-04 11:55:34 +10:00
Matt Caswell
829eec9f86 Add the ability for tserver to use a pre-existing SSL_CTX
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21591)
2023-08-02 20:27:07 +01:00
Hugo Landau
b864110a82 QUIC QSM: Infrastructure for tracking shutdown flush eligible streams
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21484)
2023-07-31 14:03:25 +01:00
Hugo Landau
3415677eec QUIC APL: Add internal call to allow changing send buffer size
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21484)
2023-07-31 14:03:25 +01:00
Hugo Landau
03b3859501 QUIC CHANNEL: Allow ticking to be inhibited for testing purposes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21484)
2023-07-31 14:03:25 +01:00
Xi Ruoyao
c612289b77 vpaes: LoongArch: Use getauxval(AT_HWCAP) for LSX detection
Running LSX instructions requires both the hardware support and the
kernel support.  The `cpucfg` instruction only tests the hardware
support, causing a SIGILL if the hardware supports LSX but the kernel
does not.

Use `getauxval(AT_HWCAP)` as the ["Software Development and Build
Convention for LoongArch Architectures"][1] manual suggests.

The LOONGARCH_HWCAP_LSX and LOONGARCH_HWCAP_LASX bits are copied from
the manual too.  In Glibc 2.38 they'll be provided by <sys/auxv.h> as
well, but they are unavailable in earlier Glibc versions so we cannot
rely on it.

The getauxval syscall and Glibc wrapper are available since day one
(Linux-5.19 and Glibc-2.36) for LoongArch.

Fixes #21508.

[1]:https://github.com/loongson/la-softdev-convention/blob/master/la-softdev-convention.adoc#kernel-constraints

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21509)
2023-07-28 12:39:41 +10:00
John Kohl
bdcaa47ddb Include <openssl/err.h> in include/refcount.h
Fixes #21555

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21561)
2023-07-27 10:05:53 -04:00
Hugo Landau
c206f2aa62 QUIC TXP: Refactor TXP-related deadline handling into TXP
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21458)
2023-07-21 08:43:52 +02:00
Hugo Landau
faebafda9f QUIC TXP: Major refactor to handle padding correctly
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21458)
2023-07-21 08:43:52 +02:00
Hugo Landau
41d39984e9 QUIC QTX: Add ciphertext size calculation function
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21458)
2023-07-21 08:43:52 +02:00
Matt Caswell
9e0094e2aa Fix DH_check() excessive time with over sized modulus
The DH_check() function checks numerous aspects of the key or parameters
that have been supplied. Some of those checks use the supplied modulus
value even if it is excessively large.

There is already a maximum DH modulus size (10,000 bits) over which
OpenSSL will not generate or derive keys. DH_check() will however still
perform various tests for validity on such a large modulus. We introduce a
new maximum (32,768) over which DH_check() will just fail.

An application that calls DH_check() and supplies a key or parameters
obtained from an untrusted source could be vulnerable to a Denial of
Service attack.

The function DH_check() is itself called by a number of other OpenSSL
functions. An application calling any of those other functions may
similarly be affected. The other functions affected by this are
DH_check_ex() and EVP_PKEY_param_check().

CVE-2023-3446

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21451)
2023-07-19 11:20:04 +02:00
Hugo Landau
d56b564b25 QUIC TXP: Do not generate full-size packets when sending CC-excess probes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21349)
2023-07-19 13:03:11 +10:00
Hugo Landau
fd6c1476a0 QUIC ACKM: Clean up max_ack_delay tracking and separate TX and RX values
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21349)
2023-07-19 13:03:11 +10:00
Hugo Landau
79a80f8b58 QUIC STATM: Move max_ack_delay tracking out of STATM
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21349)
2023-07-19 13:03:11 +10:00
Pauli
157c40e4d0 remove duplicate defines, add comment
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21441)
2023-07-19 13:02:07 +10:00
Tomas Mraz
2b8126d8a8 Raise SSL_R_QUIC_PROTOCOL_ERROR on any QUIC protocol error
QUIC error code, frame type and reason is in error data

Fixes #21337

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21476)
2023-07-18 20:37:52 +02:00
Dimitri Papadopoulos
a024ab984e Fix typos found by codespell
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21467)
2023-07-18 18:54:45 +10:00
Dr. David von Oheimb
01b0485131 CMP: add support for genm with rootCaCert and genp with rootCaKeyUpdate
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21129)
2023-07-17 08:48:36 +10:00
Dr. David von Oheimb
ec5a9cd11b rename OSSL_CMP_get{,1}_caCerts and improve OSSL_CMP_exec_certreq.pod
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21129)
2023-07-17 08:48:26 +10:00
Hugo Landau
9ff3a99ea6 QUIC: Fix multistream test on macOS
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:18:05 +10:00
Hugo Landau
1d547f8fc4 Minor updates 2
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:18:05 +10:00
Hugo Landau
96b7df60b3 Minor updates
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:18:05 +10:00
Hugo Landau
bac3f4da55 make update
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:18:05 +10:00
Hugo Landau
5ed3a435d5 QUIC QSM: Get rid of recv_fin_retired in favour of recv_state
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:18:05 +10:00
Hugo Landau
b3695154b5 QUIC QSM: Update API documentation
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:17:58 +10:00
Hugo Landau
abfe3d5128 QUIC APL: Validate send stream state
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:17:57 +10:00
Hugo Landau
54bd1f24d4 QUIC CONFORMANCE: Validate preferred_addr transport parameter
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:17:57 +10:00
Hugo Landau
5b9452e037 QUIC WIRE: Allow encoding/decoding of reserved header bits
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:17:57 +10:00
Hugo Landau
dfe5e7fa98 QUIC CONFORMANCE: RFC 9000 s. 12.3: PN duplicate suppression
Make sure PN duplicate suppression is side-channel safe by doing
the duplicate test after AEAD verification.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:17:57 +10:00
Hugo Landau
85bbef270c QUIC ACKM: Clarify the role of is_inflight
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:17:57 +10:00
Hugo Landau
6c1d0e2865 QUIC CONFORMANCE: Enforce minimal frame type encoding
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:17:57 +10:00
Hugo Landau
0911cb4a07 QUIC CONFORMANCE: Packet handling fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:17:57 +10:00
Hugo Landau
2cc0e2dddf QUIC CONFORMANCE: Validate RESET_STREAM final sizes correctly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:17:57 +10:00
Hugo Landau
418e122cd4 QUIC QSM: Model final sizes and handle STOP_SENDING correctly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:17:57 +10:00
Hugo Landau
2f018d14f0 QUIC QSM/STREAM: Refactor to use RFC stream states
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:17:57 +10:00
Matt Caswell
32d3c3abf3 Optimise PKEY decoders
The most expensive part of using a PKEY decoder is the
OSSL_DECODER_CTX_new_for_pkey() call. This builds up all of the decoder
chains, which is a complex and time consuming operation. However, if no
new providers have been loaded/unloaded since the last time it was called
we can expect the same results for the same parameters. Note that this
operation takes place *before* we event parse the data for decoding so it
is not dependent on the parsed data at all.

We introduce a cache for OSSL_DECODER_CTX objects. If we have been called
with the same parameters then we just duplicate an existing
OSSL_DECODER_CTX. This should be significantly faster than creating a new
one every time.

Partially addressed the issue in #15199

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21426)
2023-07-17 08:12:06 +10:00
Tomas Mraz
b6bf1cbf1d quicapitest: Fix SSL_trace() test on big endian platforms
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21411)
2023-07-14 11:51:48 +02:00
Liu-ErMeng
ed6dfd1e36 use '__builtin_expect' to improve EVP_EncryptUpdate performance for gcc/clang.
Signed-off-by: Liu-ErMeng <liuermeng2@huawei.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21425)
2023-07-13 22:54:14 +10:00
Rajeev Ranjan
1d32ec20fe CMP: support specifying certificate to be revoked via issuer and serial number
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21116)
2023-07-10 08:03:38 +02:00
Tomas Mraz
9c3ea4e1d7 QUIC err handling: Save and restore error state
We save the error state from the thread that encountered
a permanent error condition caused by system or internal
error to the QUIC_CHANNEL.

Then we restore it whenever we are returning to a user
call when protocol is shutdown.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21087)
2023-07-07 15:13:29 +02:00
Tomas Mraz
5c3474ea56 QUIC err handling: Properly report network errors
We return SSL_ERROR_SYSCALL when network error is encountered.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21087)
2023-07-07 15:13:29 +02:00
atishkov
926601dc0f Remove unused internal functions
CLA: trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21329)
2023-07-07 13:01:50 +10:00
Hugo Landau
6e5550a104 Minor updates
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
2023-07-05 09:03:04 +10:00
Hugo Landau
3f7b67fb21 Remove unused server code
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
2023-07-05 09:03:04 +10:00
Hugo Landau
d6e7ebba33 Minor fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
2023-07-05 09:03:04 +10:00
Hugo Landau
9280d26a3a QUIC: Implement SSL_has_pending
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
2023-07-05 09:02:26 +10:00
Hugo Landau
f0d9757caf QUIC: Control SSL option setting
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
2023-07-05 09:02:26 +10:00
Hugo Landau
43788fb3ac QUIC SSL Behaviours: Allow detection of an SSL connection used for QUIC handshake
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)
2023-07-05 09:02:26 +10:00
Pauli
97beb77f31 fix memory allocation and reference counting issues
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/21341)
2023-07-05 08:34:00 +10:00
Tomas Mraz
292c9df266 Cleanse data in send and receive ring buffers on release
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21311)
2023-07-03 09:15:13 +10:00
Tomas Mraz
6ba2edb714 Cleanse also the send stream data with SSL_OP_CLEANSE_PLAINTEXT
QUIC differs from TLS in this regard because it buffers the
data to be sent. TLS just encrypts the data to send in place.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21311)
2023-07-03 09:15:13 +10:00
Pauli
6be83ac172 evp: update to structure based atomics
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21260)
2023-07-01 21:18:25 +10:00
Pauli
99b7beafd2 ecx: update to structure based atomics
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21260)
2023-07-01 21:18:25 +10:00
Pauli
99fd5b2b10 refcnt: convert references counts to a structure
The structure includes the count and optionally a lock.
The count has the appropriate qualifiers.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21260)
2023-07-01 21:18:08 +10:00
Tomas Mraz
ed5c0dfdf4 hpke.h, thread.h: Add extern "C" for C++ inclusion
Fixes #21305

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21307)
2023-06-30 08:56:17 +10:00
Jonathan M. Wilbur
bac2f6db06 feat: add missing pki / pmi object identifiers
Signed-off-by: Jonathan M. Wilbur <jonathan@wilbur.space>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21232)
2023-06-29 09:29:56 +10:00
Matt Caswell
37f27b91de Add a test quicserver utility
This QUIC server utility is intended for test purposes only and is expected
to be replaced in a future version of OpenSSL by s_server. At that point
it will be removed.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21204)
2023-06-28 09:53:22 +10:00
Fergus Dall
81bafac5cb Add support for SHA256/192
This is defined in NIST SP 800-208 as the truncation to 192 bits of
SHA256. Unlike other truncated hashes in the SHA2 suite, this variant
doesn't have a different initial state, it is just a pure truncation
of the output.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21180)
2023-06-28 08:00:43 +10:00
Tomas Mraz
a02571a024 Support SSL_OP_CLEANSE_PLAINTEXT on QUIC streams
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21182)
2023-06-23 14:31:45 +02:00
Hugo Landau
2525109f90 QUIC: Allow application to trigger TXKU
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:48 +10:00
Hugo Landau
37ba2bc722 QUIC CHANNEL: Optimise key update using ACKs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
16f3b542f8 QUIC: Add internal APIs for white-box testing of key update
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
e3e9794aa4 QUIC APL: Correct implementation of time callback override
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
754d2282cd QUIC RX: Support reporting the key epoch a packet was received with
This is needed to support key update validation on the receive side.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
8f9c9213a1 QUIC TXP: Allow callbacks on ACK transmission
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
007f9e99ea QUIC TXP: Allow next PN to be used to be queried
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
256eee3f3f QUIC RX: Refactor key update callback to provide PN
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Hugo Landau
b65b0d4ebe QUIC TXP: Remove TX key update handling from TXP
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Hugo Landau
a3a51d6ec3 QUIC TXP: Refactor status output to use an extensible structure
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00