Commit Graph

26983 Commits

Author SHA1 Message Date
Dr. David von Oheimb
4245fd64c8 81-test_cmp_cli: Make test output files all different according to #11080
Also some minor improvements mostly of test cases regarding PKCS#10 CSR input

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12655)
2020-09-10 07:35:07 +02:00
Dr. David von Oheimb
57371e1674 81-test_cmp_cli.t: Stop unlinking test output files according to #11080
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12655)
2020-09-10 07:35:07 +02:00
Dr. David von Oheimb
c4adc5ba5b apps.c: Fix mem leaks on error in load_certs() and load_crls()
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12823)
2020-09-10 07:15:00 +02:00
Dr. David von Oheimb
a877d2629b apps/cmp.c: clear leftover errors on loading libengines.so etc.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12824)
2020-09-10 07:12:20 +02:00
Dr. David von Oheimb
87495d56a9 apps.c: Fix diagnostics and return value of load_key_certs_crls() on error
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12824)
2020-09-10 07:12:20 +02:00
Dr. David von Oheimb
aad086e2ae Replace all wrong usages of 'B<...>' (typically by 'I<...>') in OSSL_CMP_CTX_new.pod
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12741)
2020-09-10 07:07:55 +02:00
Dr. David von Oheimb
a0745e2be6 Clean up CMP chain building for CMP signer, TLS client, and newly enrolled certs
* Use strenghtened cert chain building, verifying chain using optional trust store
  while making sure that no certificate status (e.g., CRL) checks are done
* Use OSSL_CMP_certConf_cb() by default and move its doc to OSSL_CMP_CTX_new.pod
* Simplify certificate and cert store loading in apps/cmp.c

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12741)
2020-09-10 07:07:55 +02:00
Rich Salz
474853c39a Fix markdown nits in NOTES-Windows.txt
And add a comment that this file is in markdown, but has a .txt
extension on purpose.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12805)
2020-09-10 08:57:55 +10:00
Kurt Roeckx
10203a3472 Support writing RSA keys using the traditional format again
Fixes: #6855

Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #8743
2020-09-09 18:32:10 +02:00
Richard Levitte
8ae40cf57d ENCODER: Refactor provider implementations, and some cleanup
The encoder implementations were implemented by unnecessarily copying
code into numerous topical source files, making them hard to maintain.
This changes merges all those into two source files, one that encodes
into DER and PEM, the other to text.

Diverse small cleanups are included.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12803)
2020-09-09 16:35:22 +02:00
Jon Spillett
ce43db7a3f Fix up issue on AIX caused by broken compiler handling of macro expansion
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12812)
2020-09-09 19:08:59 +10:00
Pauli
b7a8fb52a9 s_time: check return values better
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/12808)
2020-09-09 18:01:05 +10:00
Pauli
e942111267 In a non-shared build, don't include the md5 object files in legacy provider
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11961)
2020-09-09 17:59:08 +10:00
Pauli
5c97eeb726 TLS fixes for CBC mode and no-deprecated
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11961)
2020-09-09 17:59:08 +10:00
Pauli
b924d1b6e1 TLS: remove legacy code path supporting special CBC mode
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11961)
2020-09-09 17:59:08 +10:00
Pauli
81661a14bc legacy: include MD5 code in legacy provider
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11961)
2020-09-09 17:59:08 +10:00
Pauli
b250fc7be7 Deprecate SHA and MD5 again.
This reverts commit a978dc3bff.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11961)
2020-09-09 17:58:54 +10:00
Dr. David von Oheimb
b434b2c08d Allow unauthenticated CMP server if missing -trusted, -srvcert, and -secret options
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12806)
2020-09-08 23:24:42 +02:00
Dr. David von Oheimb
15633d74dc Add 4 new OIDs for PKIX key purposes and 3 new CMP information types
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12807)
2020-09-08 23:22:29 +02:00
Richard Levitte
1251cddf8d TEST: modify test/endecode_test.c to not use legacy keys
Now that PEM_write_bio_PrivateKey_traditional() can handle
provider-native EVP_PKEYs, we don't need to use explicitly legacy
ones.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12738)
2020-09-08 16:45:12 +02:00
Richard Levitte
4ce1025a8a PEM: Make PEM_write_bio_PrivateKey_traditional() handle provider-native keys
PEM_write_bio_PrivateKey_traditional() didn't handle provider-native
keys very well.  Originally, it would simply use the corresponding
encoder, which is likely to output modern PEM (not "traditional").

PEM_write_bio_PrivateKey_traditional() is now changed to try and get a
legacy copy of the input EVP_PKEY, and use that copy for traditional
output, if it has such support.

Internally, evp_pkey_copy_downgraded() is added, to be used when
evp_pkey_downgrade() is too intrusive for what it's needed for.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12738)
2020-09-08 16:45:11 +02:00
Jakub Zelenka
924663c36d Add CMS AuthEnvelopedData with AES-GCM support
Add the AuthEnvelopedData as defined in RFC 5083 with AES-GCM
parameter as defined in RFC 5084.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/8024)
2020-09-08 15:43:11 +02:00
Dr. David von Oheimb
d96486dc80 apps/cmp.c: Allow default HTTP path (aka CMP alias) given with -server option
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12786)
2020-09-08 15:36:24 +02:00
Dr. David von Oheimb
6e477a60e4 apps/cmp.c: Use enhanced OSSL_HTTP_parse_url(), removing parse_addr() and atoint()
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12786)
2020-09-08 15:36:24 +02:00
Dr. David von Oheimb
d7fcee3b3b OSSL_HTTP_parse_url(): add optional port number return parameter and strengthen documentation
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12786)
2020-09-08 15:36:24 +02:00
Richard Levitte
8d6481f532 EVP: Move the functions and controls for setting and getting distid
Those functions were located in the EC files, but is really broader
than that, even thought currently only used for SM2.  They should
therefore be in a more central location, which was also indicated by
diverse TODOs.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12789)
2020-09-08 12:07:40 +02:00
Richard Levitte
b968945204 EVP: Expand the use of EVP_PKEY_CTX_md()
Setting a hash function was reserved for signature operations.
However, it turns out that SM2 uses a hash function for encryption and
decryption as well.
Therefore, EVP_PKEY_CTX_md() must be called with an expanded operation
type combination that includes EVP_PKEY_OP_TYPE_CRYPT when used in a
generic way.

For SM2, test/recipes/30-test_evp_data/evppkey_sm2.txt is expanded to
test decryption both with an implicit and an explicit digest.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12789)
2020-09-08 12:07:36 +02:00
Richard Levitte
86df26b394 EVP: Add support for delayed EVP_PKEY operation parameters
They get called "delayed parameters" because they may make it to the
implementation at a later time than when they're given.

This currently only covers the distinguished ID, as that's the only
EVP_PKEY operation parameter so far that has been possible to give
before the operation has been initialized.

This includes a re-implementation of EVP_PKEY_CTX_set1_id(),
EVP_PKEY_CTX_get1_id(), and EVP_PKEY_CTX_get1_id_len().

Also, the more rigorous controls of keytype and optype are restored.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12789)
2020-09-08 12:06:35 +02:00
Dmitry Belyavskiy
ea0add4a82 New GOST PKCS12 standard support
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12780)
2020-09-08 09:14:05 +03:00
Richard Levitte
08497fc64f Fix test/evp_extra_test.c
Because EVP_PKEY_CTX_new_from_name() could return a non-NULL context
with no value in it, the lack of legacy implementation when OpenSSL
was configured with 'no-ec' went through undetected.  This adds the
necessary guards to skip a test of SM2 in that case.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/12785)
2020-09-08 06:26:19 +02:00
Richard Levitte
20d56d6d62 EVP: Don't shadow EVP_PKEY_CTX_new* error records
There are places that add an ERR_R_MALLOC_FAILURE record when any of
EVP_PKEY_CTX_new*() return NULL, which is 1) inaccurate, and 2)
shadows the more accurate error record generated when trying to create
the EVP_PKEY_CTX.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/12785)
2020-09-08 06:26:19 +02:00
Richard Levitte
509144964b EVP: Preserve the EVP_PKEY id in a few more spots
As long as there are internal legacy keys for EVP_PKEY, we need to preserve
the EVP_PKEY numeric identity when generating a key, and when creating the
EVP_PKEY_CTX.

For added consistency, the EVP_PKEY_CTX contructor tries a little
harder to find a EVP_PKEY_METHOD.  Otherwise, we may run into
situations where the EVP_PKEY_CTX ends up having no associated methods
at all.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/12785)
2020-09-08 06:25:27 +02:00
Jon Spillett
884baafba4 Use return code for 'which command' checks
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12775)
2020-09-08 09:03:09 +10:00
luxinyou
4348995b0d Fix memory leaks in conf_def.c
Fixes #12471
CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12533)
2020-09-07 18:06:45 +10:00
Richard Levitte
385deae79f Building: Build Unix static libraries one object file at a time
We're hitting problems that the 'ar' command line becomes too long for
some 'make' versions, or the shell it uses.

We therefore change the way we create a static library by doing so one
object file at a time.  This is slower, but has better guarantees to
work properly on limited systems.

Fixes #12116

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12706)
2020-09-07 09:23:49 +02:00
Richard Levitte
6353507e9d DOC: Fix check of EVP_PKEY_fromdata{,_init} in examples
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12389)
2020-09-06 20:53:57 +02:00
Richard Levitte
d9ea62c2c2 DOC: Modify one example in EVP_PKEY_fromdata(3)
The example to create an EC key from user data didn't show what one
could expect and application to do, especially with regard to how it's
done with raw EC functions.  We therefore refactor it to make proper
use of a BIGNUM where expected, and also use OSSL_PARAM_BLD(3) for
easier handling of the OSSL_PARAM array.

Fixes #12388

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12389)
2020-09-06 20:53:57 +02:00
jwalch
bef7638610 Cleanup deprecation of ENGINE_setup_bsd_cryptodev
CLA: trivial

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12793)
2020-09-06 08:14:45 +02:00
John Baldwin
7f0f88240e Slightly abstract ktls_start() to reduce OS-specific #ifdefs.
Instead of passing the length in from the caller, compute the length
to pass to setsockopt() inside of ktls_start().  This isolates the
OS-specific behavior to ktls.h and removes it from the socket BIO
implementations.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/12782)
2020-09-05 20:11:50 -07:00
John Baldwin
74eee1bdaa Remove unused dummy functions from ktls.h.
The KTLS functions are always used under #ifndef OPENSSL_NO_KTLS, so
the dummy functions were never used.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/12782)
2020-09-05 20:11:50 -07:00
John Baldwin
4b09e19216 Fix the socket BIO control methods to use ktls_crypto_info_t.
This is mostly a cosmetic cleanup I missed when adding the
ktls_crypto_info_t type.  However, while fixing this I noticed that
the changes to extract the size from crypto_info from the wrapper
structure for Linux KTLS had not been propagated from bss_sock.c to
bss_conn.c, so I've fixed that to use the correct length.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/12782)
2020-09-05 20:11:50 -07:00
Dr. David von Oheimb
076bf8c2c9 X509_STORE_CTX_print_verify_cb(): add AKID and SKID output for (non-)trusted certs
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12787)
2020-09-05 20:11:43 +02:00
Dr. David von Oheimb
0b86eefd43 OSSL_CMP_CTX: rename field and its getter/setter from 'untrusted_certs' to 'untrusted
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12788)
2020-09-05 19:33:33 +02:00
Dr. David von Oheimb
15076c26d7 Strengthen chain building for CMP
* Add -own_trusted option to CMP app
* Add OSSL_CMP_CTX_build_cert_chain()
* Add optional trust store arg to ossl_cmp_build_cert_chain()
* Extend the tests in cmp_protect_test.c and the documentation accordingly

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12791)
2020-09-05 18:11:12 +02:00
Dr. David von Oheimb
39082af2fa Add OSSL_CMP_CTX_get1_newChain() and related CLI option -chainout
Also simplify certificate saving in apps/cmp.c

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12790)
2020-09-05 18:10:03 +02:00
Dr. Matthias St. Pierre
09e76c5dd3 test/drbgtest: improve the reseed after fork test
Issue #12377 demonstrated that it is not sufficient to verify that
after a fork a reseeding is triggered in the child. This commit
enhances the test by collecting the output of the public and private
drbg for the parent and all children and checking for duplicates.
In case of duplicates, it prints an error message and displays a
sorted output.

The analysis of #12377 (see [1]) showed that due to an error in the
resetting of the AES-CTR (issue #12405, fixed by #12413), it could
happen that only the first n bytes (n=1,...15) of the children's
random output were identical.

This test is optimized to detect this issue by only comparing the first
byte of the sampled data (i.e., the first 'column' of the output).
The number of samples is chosen high enough to keep the chance of false
positives low. The test is executed sixteen times, each time advancing
the internal counter by requesting a single extra byte of random data.

Another, more general test splits the entire sampled random data into
two-byte chunks and counts their collisions. If a certain threshold
is exceeded, it reports an error.

[1] https://github.com/openssl/openssl/issues/12377#issuecomment-656207334

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12407)
2020-09-05 11:07:55 +02:00
Shane Lontis
59ed733989 Fix coverity CID #1454815 - NULL ptr dereference in initthread.c
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12708)
2020-09-05 15:41:31 +10:00
Shane Lontis
5340c8ea2a Fix coverity CID #1452769 & #1452771 - Arg passed to function that cannot be negative in cms_ess.c
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12708)
2020-09-05 15:41:31 +10:00
Shane Lontis
776cf98b49 Fix coverity CID #1457935 - Check return value in ffc_params.c for BIO_indent/BIO_puts calls.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12708)
2020-09-05 15:41:31 +10:00
Shane Lontis
d135774e7d Fix coverity CID #1465967 & #1465968 - fix NULL dereference in dh_ameth.c
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12708)
2020-09-05 15:41:31 +10:00