Commit Graph

14238 Commits

Author SHA1 Message Date
Olga Batyshkina
388a8e7314 Fix PKCS#12 creation error when certificate contains auxiliary data
Prefer friendly name passed by the caller and calculated local
key id to ones found in certificate auxiliary data when creating
PKCS#12.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21675)
2023-09-15 16:06:25 +02:00
Dmitry Belyavskiy
0a8807b4a8 Store: API for deletion
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21901)
2023-09-15 10:18:36 +02:00
Bernd Edlinger
00f2efccf5 Fix engine cleanup error handling
Error handling in engine_cleanup_add_first/last was
broken and caused memory leaks.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21971)
2023-09-15 08:11:53 +02:00
Richard Levitte
df9ecd2ef3 Have legacy blake2 EVP structure use base blake2 implementation
For some reason, the code here was made to got through the provider
specific init functions.  This is very very dangerous if the provider
specific functions were to change in any way (such as changes to the
implementation context structure).

Instead, use the init functions from the base blake2 implementations
directly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22079)
2023-09-14 09:07:29 +10:00
Matt Caswell
572f290c9c Fix a failure in bio_dgram_test on the NonStop platform
The size of the datagram header is significantly larger that we might
expect on NonStop (probably driven by sizeof(BIO_ADDR)). We adjust the
size of the default buffer to take into account the header size and the
mtu.

Fixes #22013

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22058)
2023-09-13 11:53:13 +01:00
Dimitri Papadopoulos
23def9d371 Fix typos found by codespell
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22063)
2023-09-13 08:13:08 +02:00
Bernd Edlinger
285eb1688f Fix a possible memleak in rsa_pub_encode
That seems to be only an issue for RSA-PSS with parameters.
Spotted by code review, so it looks like there is no test coverage for this.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22032)
2023-09-11 10:48:54 +02:00
Dimitri Papadopoulos
e22ebb893e Bad function definition
void f() should probably be void f(void)

Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
2023-09-11 10:15:30 +02:00
Dimitri Papadopoulos
bbaeadb068 "foo * bar" should be "foo *bar"
Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
2023-09-11 10:15:30 +02:00
Dimitri Papadopoulos
ad31628cfe Remove repeated words
Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
2023-09-11 10:15:30 +02:00
Matt Caswell
5d96106c43 Fix a build failure where recvmmsg is available but not sendmmsg
Some old glibc versions have recvmmsg but not sendmmsg. We require both to
use that functionality. Introduce a test to check we have a sufficiently
recent version of glibc.

Fixes #22021

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/22036)
2023-09-11 07:43:26 +01:00
Min Zhou
9a41a3c6a4 LoongArch64 assembly pack: add ChaCha20 modules
This assembly implementation for ChaCha20 includes three code paths:
scalar path, 128-bit LSX path and 256-bit LASX path. We prefer the
LASX path or LSX path if the hardware and system support these
extensions.

There are 32 vector registers avaialable in the LSX and LASX
extensions. So, we can load the 16 initial states and the 16
intermediate states of ChaCha into the 32 vector registers for
calculating in the implementation. The test results on the 3A5000
and 3A6000 show that this assembly implementation significantly
improves the performance of ChaCha20 on LoongArch based machines.
The detailed test results are as following.

Test with:
$ openssl speed -evp chacha20

3A5000
type               16 bytes     64 bytes    256 bytes    1024 bytes    8192 bytes   16384 bytes
C code           178484.53k   282789.93k   311793.70k    322234.99k    324405.93k    324659.88k
assembly code    223152.28k   407863.65k   989520.55k   2049192.96k   2127248.70k   2131749.55k
                   +25%         +44%         +217%        +536%         +556%         +557%

3A6000
type               16 bytes     64 bytes     256 bytes    1024 bytes    8192 bytes   16384 bytes
C code           214945.33k   310041.75k    340724.22k    349949.27k    352925.01k    353140.74k
assembly code    299151.34k   492766.34k   2070166.02k   4300909.91k   4473978.88k   4499084.63k
                   +39%         +59%         +508%         +1129%        +1168%        +1174%

Signed-off-by: Min Zhou <zhoumin@loongson.cn>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21998)
2023-09-11 08:49:09 +10:00
Bernd Edlinger
68e95f7840 Fix a possible memleak in SRP_VBASE_new
In the error handling case the memory in
vb->users_pwd was accidentally not released.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21981)
2023-09-08 09:20:23 +02:00
Richard Levitte
17dd9a2c62 OSSL_STORE: Fix error flag clearing and setting (provider path only)
When the provider's load function returned with an error, the libcrypto
error flag was only set if EOF hadn't been reached.  This is troublesome,
as an error can very well occur during the last load before EOF is reached!

Also, the error flag was never reset, even though documentation specifies
that it should indicate an error in the last load (i.e. not the one before
that).

Fixes #21968

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21976)
2023-09-08 08:32:58 +02:00
Pauli
00a413e248 Check error return from cms_sd_asn1_ctrl() correctly.
Fixes #21986

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/21988)
2023-09-08 16:31:47 +10:00
Matt Caswell
da1c088f59 Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
2023-09-07 09:59:15 +01:00
Hugo Landau
425a780462 win32: Support condition variable broadcasting on XP
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21827)
2023-09-06 10:32:14 +01:00
Dr. David von Oheimb
e664ef78b9 CMP: generalize ossl_cmp_calc_protection() to handle Edwards curves correctly
Fixes #21564

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21884)
2023-09-05 13:25:41 +02:00
Bernd Edlinger
e2cf38d575 Fix internal memory leaks from OPENSSL_MALLOC_FAILURES
There is a rarely used feature that can be enabled
with `./config enable-crypto-mdebug` when additionally
the environment variable OPENSSL_MALLOC_FAILURES is used.
It turns out to be possible that CRYPTO_zalloc may
create a leak when the memory is allocated and then
the shouldfail happens, then the memory is lost.
Likewise when OPENSSL_realloc is used with size=0,
then the memory is to be free'd but here the shouldfail
check is too early, and the failure may prevent the
memory to be freed thus creating a bogus memory leak.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21944)
2023-09-05 11:52:15 +01:00
Tomas Mraz
2ce79d97e3 OSSL_PARAM_BLD_push_BN_pad(): Allow NULL BIGNUM
This was supported previously and regressed
with commit 17898ec601

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21945)
2023-09-05 12:50:39 +02:00
Hugo Landau
17a0e930d2 MUTEX: Assert on locking failure
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21919)
2023-09-05 11:45:44 +01:00
Kai Pastor
852438adc0 Use armv8 .quad instead of .dword
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21939)
2023-09-05 17:46:16 +10:00
slontis
3859a02725 Change PBES2 KDF default salt length to 16 bytes.
The PKCS5 (RFC 8018) standard uses a 64 bit salt length for PBE, and
recommends a minimum of 64 bits for PBES2. For FIPS compliance PBKDF2
requires a salt length of 128 bits.
This affects OpenSSL command line applications such as "genrsa" and "pkcs8"
and API's such as PEM_write_bio_PrivateKey() that are reliant on the
default salt length.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21858)
2023-09-04 14:15:34 +10:00
Tom Cosgrove
12d08fe3a5 Move ALIGN32 and ALIGN64 into common.h, and fix for clang-cl.exe
clang-cl.exe defines __clang__ and _MSC_VER but not __GNUC__, so a clang-
specific guard is needed to get the correct ALIGNxx versions.

Fixes #21914

Change-Id: Icdc047b182ad1ba61c7b1b06a1e951eda1a0c33d

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21921)
2023-09-04 08:44:21 +10:00
Bernd Edlinger
7b8e27bc2e Avoid clobbering non-volatile XMM registers
This affects some Poly1305 assembler functions
which are only used for certain CPU types.

Remove those functions for Windows targets,
as a simple interim solution.

Fixes #21522

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21808)
2023-09-02 10:23:57 +02:00
Hugo Landau
8d7f034622 Minor fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:36 +01:00
Hugo Landau
abeb41b42f Minor updates
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:36 +01:00
Hugo Landau
c20b78d599 BIO_s_dgram_pair: Correct implementation of BIO_CTRL_DGRAM_GET_LOCAL_ADDR_ENABLE
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:34 +01:00
Hugo Landau
1bd35edc66 BIO_s_datagram: Wire capability negotiation for BIO_s_datagram
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:34 +01:00
Hugo Landau
000ef7818b BIO: Add BIO_dgram_detect_peer_addr API
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:34 +01:00
Hugo Landau
f3295bd80c BIO_s_datagram: Support configuring non-blocking mode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:34 +01:00
Hugo Landau
533254eeb3 BIO_s_connect: Support configuration of non-blocking mode in datagram mode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:34 +01:00
Hugo Landau
7841dbabec BIO_s_connect: Add support for datagram mode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:33 +01:00
Hugo Landau
ed28cb8140 BIO_s_connect: Make internal functions static
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21715)
2023-09-01 10:45:33 +01:00
Matt Caswell
3961991593 Remove a redundant point mul from ossl_ec_key_public_check()
This code was added in error and is entirely redundant. It is also an
expensive operation (e.g. see #21833).

Fixes #21834

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21902)
2023-09-01 10:08:20 +01:00
Rohan McLure
50f8b936b0 powerpc: ecc: Fix stack allocation secp384r1 asm
Assembly acceleration secp384r1 opts to not use any callee-save VSRs, as
VSX enabled systems make extensive use of renaming, and so writebacks in
felem_{mul,square}() can be reordered for best cache effects.

Remove stack allocations. This in turn fixes unmatched push/pops in
felem_{mul,square}().

Signed-off-by: Rohan McLure <rohan.mclure@linux.ibm.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21749)
2023-09-01 10:06:54 +01:00
Rohan McLure
670e73d908 ecc: Remove extraneous parentheses in secp384r1
Substitutions in the felem_reduce() method feature unecessary
parentheses, remove them.

Signed-off-by: Rohan McLure <rohan.mclure@linux.ibm.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21749)
2023-09-01 10:06:54 +01:00
Ingo Franzki
ecb6cdf02a OPENSSL_init_crypto load config into initial global default library context
OPENSSL_init_crypto() with OPENSSL_INIT_LOAD_CONFIG must load the configuration
into the initial global default library context, not the currently set default
library context.

OPENSSL_init_crypto() with OPENSSL_INIT_LOAD_CONFIG may be called within other
OpenSSL API functions, e.g. from within EVP_PKEY_CTX_new_xxx() when initializing
a pkey context, to perform implicit initialization, if it has not been
initialized yet. This implicit initialization may happen at a time when an
application has already create its own library context and made it the default
library context. So loading the config into the current default library context
would load it into the applications library context.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21897)
2023-08-31 17:06:51 +02:00
Tomas Mraz
8a7f30ef67 ecp_sm2p256-armv8.pl: Copy the argument handling from ecp_nistz256-armv8.pl
Popping the $output argument is more robust and it also needs to be
placed in double quotes to handle spaces in paths.

Fixes #21874
Fixes #21876

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21877)
2023-08-31 09:40:51 +02:00
Dmitry Belyavskiy
9d2f7e1f61 OSSL_PROVIDER_load_ex
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21604)
2023-08-30 21:55:47 +02:00
Tomas Mraz
b56b034e9a Correct the fixed size handling for dgram_pair and dgram_mem
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21866)
2023-08-30 11:43:34 +01:00
Hugo Landau
ade3baa662 make update
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-30 08:28:22 +01:00
Hugo Landau
96fe5e5f96 QUIC APL: Implement backpressure on stream creation
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21815)
2023-08-30 08:28:22 +01:00
Min Zhou
84a0b1b169 Resolve assembler complains when including loongarch_arch.h
The assembler will complain when we include loongarch_arch.h in
an assembly file as following:

crypto/loongarch_arch.h: Assembler messages:
crypto/loongarch_arch.h:12: Fatal error: no match insn: extern	unsigned int OPENSSL_loongarch_hwcap_P

So, the sentence of `extern unsigned int OPENSSL_loongarch_hwcap_P`
should be guarded with "#ifndef __ASSEMBLER__".

Fixes #21838.

Signed-off-by: Min Zhou <zhoumin@loongson.cn>

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21839)
2023-08-28 09:59:34 +02:00
Hugo Landau
7a5f58b2cf QUIC APL: Fix stream backpressure conditions to use non-I/O errors
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21811)
2023-08-25 15:11:05 +02:00
Hugo Landau
9d6bd3d30f QUIC APL: Implement backpressure on stream creation
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21811)
2023-08-25 15:10:43 +02:00
olszomal
10536b7f5b Changed the default value of the "ess_cert_id_alg" option
This is used to calculate the TSA's public key certificate identifier.

The default algorithm is changed from sha1 to sha256.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21794)
2023-08-25 15:05:51 +02:00
Ingo Franzki
e2972982c6 Allow RSA-PSS also in EVP_PKEY_assign() and EVP_PKEY_can_sign()
Treat keys with EVP_PKEY_RSA_PSS the same as EVP_PKEY_RSA in EVP_PKEY_can_sign()
and detect_foreign_key() which is called by EVP_PKEY_assign().

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21819)
2023-08-24 18:07:08 +02:00
Ingo Franzki
cf712830b7 ctrl_params_translate: Allow get_rsa_payload_x() also for RSA-PSS
The get_rsa_payload_x() functions should also allow to get the payload
for RSA-PSS keys.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21818)
2023-08-24 16:11:38 +02:00
Ingo Franzki
e2c2cca4b2 ctrl_params_translate: Allow RSA controls also for RSA-PSS
Controls 'rsa_keygen_pubexp' and 'rsa_keygen_primes' should also be allowed
for RSA-PSS keys.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21818)
2023-08-24 16:11:38 +02:00