Commit Graph

33362 Commits

Author SHA1 Message Date
Vladimír Kotal
f52aec3526 log actual NID causing the 'unknown message digest algorithm error'
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21214)
2023-06-18 16:58:54 +10:00
Vladimír Kotal
d808fa0151 return immediately if namemap is NULL
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21223)
2023-06-18 16:55:09 +10:00
Dimitri Papadopoulos
6ea4da6e4d Fix new typos found by codespell
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21210)
2023-06-18 16:53:09 +10:00
fisher.yu
6c0ecc2bce Fix function signatures in aes-gcm-armv8 comments.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21208)
2023-06-16 20:15:24 +10:00
Pauli
ff934cfdc8 fips: use tsan counter instead of tsan_add to increment
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/21199)
2023-06-16 20:10:23 +10:00
Hugo Landau
2525109f90 QUIC: Allow application to trigger TXKU
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:48 +10:00
Hugo Landau
692a3cab11 QUIC: Minor fixups
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:48 +10:00
Hugo Landau
29a541fe36 QUIC CHANNEL: Inform the ACKM when the handshake is confirmed
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:48 +10:00
Hugo Landau
693b23e3d0 QUIC: Test key update works correctly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:48 +10:00
Hugo Landau
37ba2bc722 QUIC CHANNEL: Optimise key update using ACKs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
16f3b542f8 QUIC: Add internal APIs for white-box testing of key update
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
48120ea5e3 QUIC CHANNEL: Enforce the RX packet forgery limit
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
c93f766860 QUIC RXDP: Strictly enforce ACK PNs with regard to TX key epochs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
54fb0072c6 QUIC CHANNEL: Ensure new packets aren't enforced with old keys
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
8a65e7a529 QUIC CHANNEL: Handle key updates correctly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
b98c38d40a QUIC TXP: Make TXP use time callback correctly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
e3e9794aa4 QUIC APL: Correct implementation of time callback override
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
754d2282cd QUIC RX: Support reporting the key epoch a packet was received with
This is needed to support key update validation on the receive side.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
8f9c9213a1 QUIC TXP: Allow callbacks on ACK transmission
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
007f9e99ea QUIC TXP: Allow next PN to be used to be queried
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Hugo Landau
256eee3f3f QUIC RX: Refactor key update callback to provide PN
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Hugo Landau
b65b0d4ebe QUIC TXP: Remove TX key update handling from TXP
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Hugo Landau
a3a51d6ec3 QUIC TXP: Refactor status output to use an extensible structure
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Hugo Landau
81b400cf90 QUIC ACKM: Allow largest acked PN to be queried
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Hugo Landau
dfd8176f25 QUIC WIRE: Utility function to determine if PN is in an ACK frame
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Hugo Landau
5633a323df QUIC Glossary: TXKU, RXKU, KU
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:27 +10:00
Richard Levitte
af99d55078 apps/ca.c: Handle EVP_PKEY_get_default_digest_name() returning 1 with "UNDEF"
EVP_PKEY_get_default_digest_name() may return 1 with the returned digest
name "UNDEF".  This case hasn't been documented, and the meaning has been
left undefined, until now.

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20460)
2023-06-15 14:03:57 +02:00
Hugo Landau
dfdbc113ee Partially revert #18070 (Add support for Windows CA certificate store)
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21190)
2023-06-15 18:01:59 +10:00
Richard Levitte
3691f1e556 OpenSSL::paramnames: Use less magic perl
Constructions like $$cursor{whatever} and %$cursor{whatever} were ambiguous
in some perl versions, and it's still better to use the arrow syntax for the
way we use them, i.e. they can both be replaced with $cursor->{whatever}.

Fixes #21152
Fixes #21172

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21178)
2023-06-15 15:27:04 +10:00
Dimitri Papadopoulos
eb4129e12c Fix typos found by codespell
Typos in doc/man* will be fixed in a different commit.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20910)
2023-06-15 10:11:46 +10:00
Pauli
71cf587ea2 fips: update DSA security check to fix legacy verify strengths
Refer SP 800-131Ar2 table 2:
    https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final

Fixes #21185

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21186)
2023-06-15 09:21:30 +10:00
Michael Baentsch
f3f3f86a14 updated (lib+)oqsprovider to latest releases
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21194)
2023-06-15 08:39:10 +10:00
Matt Caswell
ca711651c1 Only take note of the ack deadline if we can actually issue an ack
When determining the next tick deadline we cannot actually issue an
ack if the CC will not let us, or the enc_level is not yet provisioned.

This avoids a bug where we can end up in a busy loop because the next
event deadline is reported as "now" because we want to send an ack, but
we can't actually send anything yet.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21181)
2023-06-14 10:23:58 +01:00
Tomas Mraz
fbff5b5771 cmactest.c: Fix no-des and no-sm4 build failures
Also use OSSL_NELEM instead of hardcoding array size.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21183)
2023-06-14 18:02:14 +10:00
Pauli
8e9ca33452 fips: use memory ordering rather than locks
The FIPS provider accesses it's current state under lock.
This is overkill, little or no synchronisation is actually required in
practice (because it's essentially a read only setting).  Switch to using
TSAN operations in preference.

Fixes #21179

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21187)
2023-06-14 16:44:53 +10:00
Matt Caswell
edd5b9d708 Fix minor issues in the demo/man pages for TLS client/blocking
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21133)
2023-06-14 13:08:37 +10:00
Matt Caswell
2df71d6185 Split the blocking TLS client guide page into two
We split the page into two: one covering basic TLS introductory material
that applies to both clients and servers, and one with the specific
material on writing a blocking TLS client.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21133)
2023-06-14 13:08:37 +10:00
Matt Caswell
a2b6865be5 Allow man7 pages to not have a DESCRIPTION section
For tutorial type pages it doesn't make any sense to have a DESCRIPTION
section.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21133)
2023-06-14 13:08:37 +10:00
Matt Caswell
f7b04ae8b4 Add a tutorial on writing a simple blocking TLS client
Provide guidance on the steps needed to write a very simple blocking TLS
client.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21133)
2023-06-14 13:08:37 +10:00
Matt Caswell
a5a0c6a372 Add a very simple blocking TLS client demo
This blocking client is intended to be used to explain how to implement
a simple client in the documentation.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21133)
2023-06-14 13:08:37 +10:00
Yi Li
4032cd9a14 configure: introduce no-ecx to remove ECX related feature
This can effectively reduce the binary size for platforms
that don't need ECX feature(~100KB).

Signed-off-by: Yi Li <yi1.li@intel.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20781)
2023-06-14 13:06:22 +10:00
Mike Kasick
cc343d047c rand_lib: RAND_poll: Reseed in non-"no-deprecated" builds.
In a non-"no-deprecated" libcrypto build with a default configuration,
RAND_get_rand_method() == RAND_OpenSSL() and so needs to fall through to
the RAND_seed call (used in "no-deprecated" builds) to perform a reseed.

CLA: trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21167)
2023-06-14 09:03:14 +10:00
Jiasheng Jiang
050dddb061 crypto/sm2/sm2_sign.c: Add BN_CTX_end
To match the BN_CTX_start, it should be better to add
BN_CTX_end in the end of the function.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19266)
2023-06-13 13:37:33 +02:00
Wim Decroix
ec59752835 X509_NAME_cmp fix for empty name
CLA: trivial

Fixes #21156

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21155)
2023-06-12 15:25:43 +02:00
fisher.yu
e8dc77f85f Update CMAC test cases.
1. Update cmac test cases, fullfilling test data by short string
       instead of using long string directly.
    2. Modify the wording of comments in cmac.c

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21177)
2023-06-12 08:36:08 +02:00
Matthias St. Pierre
ce451fb861 INSTALL: document shared library pinning for static builds
The libcrypto library uses shared library pinning to prevent its
cleanup handlers from crashing at program termination because of a
premature unloading of the shared library.

However, shared library pinning is enabled also for static builds,
which may lead to surpising behaviour if libcrypto is linked
statically to a shared third-party library, because in this case
the third-party library gets pinned.

This surprising behaviour is caused by the fact that the `no-shared`
configure option does not imply `no-pinshared`. Since this quirk
can't be changed without potentially breaking existing code, we just
document it here and provide a workaround.

Fixes #20977

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20985)
2023-06-12 08:33:00 +02:00
Theo Buehler
959c150a1d Fix incorrect ERR_raise() calls
A few ERR_raise() calls in v3_purp.c use the wrong library. For example,
in OpenSSL 3.1.1 we get

00000000:error:0580009E:x509 certificate routines:ossl_x509v3_cache_extensions:reason(158):crypto/x509/v3_purp.c:635:

instead of

00000000:error:1100009E:X509 V3 routines:ossl_x509v3_cache_extensions:invalid certificate:crypto/x509/v3_purp.c:635:

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21168)
2023-06-12 08:26:20 +02:00
Michael Baentsch
e3b01eb6b2 add cygwin CI
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21006)
2023-06-12 08:18:46 +02:00
Michael Baentsch
9b9c42db3b Fix build on cygwin
Fixes #19531

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21006)
2023-06-12 08:18:03 +02:00
James Knight
78634e8ac2 Introduce [HAVE_/NO_]MADVISE defines
Toolchains that target a non-MMU architecture may not have the `madvise`
function available, even if the `sys/mman.h` header provides a define
for `MADV_DONTDUMP` (e.g. when targeting ARMv7-M with uClibc). The
following tweaks the implementation to use `HAVE_MADVISE`/`NO_MADVISE`
defines to help indicate when to attempt to use `madvise`. This change
operates in the same manner as the original implementation (i.e. relies
on `MADV_DONTDUMP` to indicate if `madvise` can be used); however, this
change now allows a builder to override the internal detection by
explicitly providing the `HAVE_MADVISE` define at compile time. This
should give flexibility for environments which do not have `madvise`
when there is no easy logic to set `NO_MADVISE`.

Signed-off-by: James Knight <james.d.knight@live.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20851)
2023-06-12 07:56:03 +02:00