Commit Graph

3761 Commits

Author SHA1 Message Date
Pauli
c38048e793 sslapitest: fix problem in cleanup on failure path
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14589)
2021-03-20 10:18:33 +10:00
Pauli
f1619160c8 test: coverity 1469426 - dereference after null check
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14589)
2021-03-20 10:18:32 +10:00
Pauli
8f586f5bc1 test: coverity 1455749 - dereference after null check
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14589)
2021-03-20 10:18:32 +10:00
Pauli
337ace06b9 test: coverity 1455747 - dereference after null check
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14589)
2021-03-20 10:18:32 +10:00
Pauli
9b0f76e12f test: fix coverity 1470559: resource leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14596)
2021-03-20 10:08:00 +10:00
Pauli
015b221a5f test: fix coverity 1455330, 1455332, 1455334, 1455342, 1455344 : resource leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14596)
2021-03-20 10:08:00 +10:00
Pauli
65bf029d49 test: fix coverity 1414449 & 1414471: resource leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14596)
2021-03-20 10:07:59 +10:00
Pauli
c0cd48fcb9 test: fix coverity 1414445: resource leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14596)
2021-03-20 10:07:59 +10:00
Pauli
316c8dafd4 test: fix coverity 1454040: resource leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14596)
2021-03-20 10:07:59 +10:00
Pauli
743840d56f test: fix coverity 1451562: resource leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14596)
2021-03-20 10:07:59 +10:00
Pauli
b573d0ceea test: fix coverity 1451553: resource leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14596)
2021-03-20 10:07:59 +10:00
Richard Levitte
55d9ccca8e TEST: Clarify and adjust test/recipes/30-test_evp.t
There are a few test cases at the end of test/recipes/30-test_evp.t,
which are designed to check that loading DSA keys when DSA is disabled,
or SM2 keys when SM2 is disables fail in an understandable way.  These
needed a small adjustment.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14314)
2021-03-19 16:46:39 +01:00
Richard Levitte
ff1c10d920 TEST: Modify test/endecode_test.c to give the decoder callback the structure
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14314)
2021-03-19 16:46:39 +01:00
Pauli
39f6bf33e5 test: fix Coverity 1454818: use after free
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14597)
2021-03-19 19:51:37 +10:00
Kevin Cadieux
628d2d3a7f Fixing stack buffer overflow error caused by incorrectly sized array.
CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14582)
2021-03-18 10:56:28 +01:00
Shane Lontis
c8830891e6 Add ossl_provider symbols
Partial fix for #12964

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14473)
2021-03-18 17:52:38 +10:00
Shane Lontis
8a6e912520 Add ossl_ symbols for sm3 and sm4
Partial fix for #12964

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14473)
2021-03-18 17:52:37 +10:00
Shane Lontis
054d43ff97 Add ossl_ ecx symbols
Partial fix for #12964

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14473)
2021-03-18 17:52:37 +10:00
Shane Lontis
9500c8234d Fix misc external ossl_ symbols.
Partial fix for #12964

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14473)
2021-03-18 17:52:37 +10:00
Dr. David von Oheimb
63b64f19c1 TS and CMS CAdES-BES: Refactor check_signing_certs() funcs into common ESS func
Also constify related CMS/PKCS7 functions and improve error codes thrown.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14503)
2021-03-18 07:03:53 +01:00
Dr. David von Oheimb
6b937ae3a7 TS ESS: Invert the search logic of ts_check_signing_certs() to correctly cover cert ID list
Fixes #14190

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14503)
2021-03-18 07:03:52 +01:00
Beat Bolli
d07d805799 Add tests for the limited Unicode code point range
Signed-off-by: Beat Bolli <dev@drbeat.li>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14185)
2021-03-18 14:12:48 +10:00
Tomas Mraz
9a48544058 Make EVP_PKEY_missing_parameters work properly on provided RSA keys
This requires changing semantics of the keymgmt_has()
function a little in the sense that it now returns 1
if the selection has no meaning for the key type. It
was already doing so for ECX keys for example.

The keymgmt_validate function semantics is changed
similarly to allow passing validation on the same
selection that the key returns 1 for.

Fixes #14509

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14511)
2021-03-17 14:57:47 +01:00
Jon Spillett
062490dbd0 Add testing for non-default library context into evp_extra_test
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14478)
2021-03-17 17:51:16 +10:00
Matt Caswell
5db682733d Fix a TODO(3.0) in the siphash code
All 3 files that included crypto/siphash.h also included siphash_local.h,
and no other files included siphash_local.h independently. They probably
should be just one header file.

Fixes #14360

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14558)
2021-03-17 10:16:21 +10:00
Tomas Mraz
a289d3a427 property_test: use property values that are not used elsewhere
In test_property_query_value_create() we depend on the property
values to not be created by other test cases. Use such
values.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14573)
2021-03-16 13:31:08 +01:00
Pauli
1e08f3ba9e property: default queries create the property values.
Without this, it is necessary to query an algorithm before setting the default
property query.  With this, the value will be created and the default will
work.

Fixes #14516

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14542)
2021-03-16 09:19:20 +10:00
Matt Caswell
2cf8bb46fc Ensure that ECX keys pass EVP_PKEY_param_check()
RSA keys have no parameters and pass EVP_PKEY_param_check(). Previously,
ECX keys had no parammeters and failed EVP_PKEY_param_check(). We should
be consistent. It makes more sense to always pass, and therefore this
commit implements that behaviour.

Fixes #14482

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14485)
2021-03-15 15:51:26 +00:00
Shane Lontis
3a37ddde91 Fix DSA EVP_PKEY_param_check() when defaults are used for param generation.
Fixes #14480

An internal flag that is set during param gen was not being tested, so
the wrong type was used to select the dsa domain param validation method.

In the default provider - if no gen_type is set then by default the fips186_4 gentype
will be selected when pbits >=2048 otherwise it selects fips186_2.
The fips provider ignores the gen_type and always uses fips186_4.

Before this change dsa used fips186_2 by default in the default
provider.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14508)
2021-03-15 09:01:51 +10:00
Shane Lontis
0fc39c9030 Remove TODO in rsa_ameth.c
Fixes #14390

The only caller of this function tests EVP_KEYMGMT_is_a() beforehand
which will fail if the RSA key types do not match. So the test is not
necessary. The assert has been removed when it does the test.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14524)
2021-03-14 15:37:18 +10:00
Shane Lontis
8bfb8f3458 Remove TODO in test/acvp_test.c related to setting AES-GCM iv.
Fixes #14330

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14525)
2021-03-14 15:35:43 +10:00
Rich Salz
cd3f8c1b11 Always check CRYPTO_LOCK_{read,write}_lock
Some functions that lock things are void, so we just return early.

Also make ossl_namemap_empty return 0 on error.  Updated the docs, and added
some code to ossl_namemap_stored() to handle the failure, and updated the
tests to allow for failure.

Fixes: #14230

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14238)
2021-03-14 15:33:34 +10:00
Dr. David von Oheimb
c89fd035d5 TS ESS: Let TS_RESP_verify_signature() make use of untrusted certs also from token response
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14504)
2021-03-13 11:16:13 +01:00
Tomas Mraz
0413b7bb9c acvp_test: Do not expect exact number of self tests
There might be more because internal instances of the DRBG
might be initialized for the first time and thus
self-tested as well.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14497)
2021-03-12 15:13:37 +01:00
Pauli
af6171b35a test: support params arguments to init functions
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
2021-03-12 08:27:11 +10:00
Pauli
10ffdda420 test: add params argument to key manager's gen_init call
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
2021-03-12 08:27:11 +10:00
Richard Levitte
92e9359b24 TEST: Stop the cleanup in test/recipes/20-test_mac.t
Let the files remain to make test forensics easy

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14484)
2021-03-11 17:22:00 +01:00
Matt Caswell
8020d79b40 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14512)
2021-03-11 13:27:36 +00:00
Pauli
903a655847 test: convert store test to use relative paths
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14419)
2021-03-11 09:25:57 +10:00
Pauli
141cc94e44 Add a real type for OSSL_CORE_BIO which is distinct from and not castable to BIO
Providers (particularly the FIPS provider) needs access to BIOs from libcrypto.
Libcrypto is allowed to change the internal format of the BIO structure and it
is still expected to work with providers that were already built.  This means
that the libcrypto BIO must be distinct from and not castable to the provider
side OSSL_CORE_BIO.

Unfortunately, this requirement was broken in both directions.  This fixes
things by forcing the two to be different and any casts break loudly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14419)
2021-03-11 09:25:57 +10:00
Shane Lontis
7a45d51ce3 Use BIO_f_readbuffer() in the decoder to support stdin.
Fixes #13185
Fixes #13352

Removed the existing code in file_store that was trying to figure out the
input type.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14407)
2021-03-11 07:57:36 +10:00
Dmitry Belyavskiy
896dcda18b Non-const accessor to legacy keys
Fixes #14466.

Reverting the changes of the EVP_PKEY_get0 function.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14468)
2021-03-09 16:25:46 +01:00
Dr. David von Oheimb
b6a06b13a4 http_test.c: Fix minor Coverity issue CID 1473608
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14460)
2021-03-09 11:02:41 +01:00
Shane Lontis
3e6a0d5738 Reword repeated words.
A trivial PR to remove some commonly repeated words. It looks like this is
not the first PR to do this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14420)
2021-03-09 16:25:45 +10:00
Armin Fuerst
31e2e6e0b1 fake_rand_finish should be called if "OPENSSL_NO_SM2" is NOT defined
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14471)
2021-03-08 21:14:50 +01:00
Matt Caswell
9afc6c5431 Fix the check for suitable groups and TLSv1.3
If we have TLSv1.3 enabled then we must have at least one TLSv1.3 capable
group available. This check was not always working

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/14430)
2021-03-08 15:32:04 +00:00
Matt Caswell
7bc0fdd3fd Make the EVP_PKEY_get0* functions have a const return type
OTC have decided that the EVP_PKEY_get0* functions should have a const
return type. This is a breaking change to emphasise that these values
should be considered as immutable.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14319)
2021-03-08 15:13:09 +00:00
Matt Caswell
8e53d94d99 Ensure the various legacy key EVP_PKEY getters/setters are deprecated
Most of these were already deprecated but a few have been missed. This
commit corrects that.

Fixes #14303
Fixes #14317

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14319)
2021-03-08 15:11:31 +00:00
Matt Caswell
e8afd78af6 Add a multi thread test for downgrading keys
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14319)
2021-03-08 15:02:07 +00:00
Tomas Mraz
ec69d5c9a8 gost_engine test: further cleanups and fixes
Allow absolute paths for $SRCTOP and $BLDTOP.

Do not build the gost_engine in tree.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14416)
2021-03-05 14:27:46 +01:00
Tomas Mraz
b414c8118d gost_engine test: Run also perl and tcl tests
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14416)
2021-03-05 14:27:46 +01:00
Tomas Mraz
996d2693e2 CI: add job with external tests
Update gost-engine submodule.
Update pyca-cryptography submodule.

Fix condition for skipping krb5 test.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14416)
2021-03-05 14:27:46 +01:00
Richard Levitte
2f17e978a0 test/threadstest.c: Add a test to load providers concurrently
If we don't synchronize properly in the core provider code, and build
with a thread sanitizer, this should cause a crash.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14354)
2021-03-04 16:09:02 +01:00
Tomas Mraz
2c8a740a9f test/x509: Test for issuer being overwritten when printing.
The regression from commit 05458fd was fixed, but there is
no test for that regression. This adds it simply by having
a certificate that we compare for -text output having
a different subject and issuer.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14353)
2021-03-04 12:15:37 +01:00
Richard Levitte
33ac7b324b Add a new test recipe to verify the generated test fipsmodule.cnf
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14320)
2021-03-03 14:47:43 +01:00
Richard Levitte
e25b4db754 TEST: Remove the build of fipsmodule.cnf from test recipes
The exception is the test recipe that tests 'openssl fipsinstall'.
However, that one uses a different output file name, so it's safe.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14320)
2021-03-03 14:47:43 +01:00
Tomas Mraz
fb67126ea8 EVP_PKEY_CTX_get/settable_params: pass provider operation context
This allows making the signature operations return different
settable params when the context is initialized with
EVP_DigestSign/VerifyInit.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14338)
2021-03-03 11:25:39 +01:00
Shane Lontis
4e4ae84056 Fix NULL access in ssl_build_cert_chain() when ctx is NULL.
Fixes #14294

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14295)
2021-03-03 16:16:19 +10:00
Tomas Mraz
5e2f580d4a test_ssl_new: X448, X25519, and EdDSA are supported with fips
Removed the related TODOs.

Also adjusted the DH parameters used for the DH test to be acceptable
for FIPS as that now allows only known safe prime parameters.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
2021-03-03 10:00:21 +10:00
Tomas Mraz
21b7dfa8ad evp_extra_test2: Remove TODO 3.0
The TODO marks optional cleanup that can be done any time in future.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
2021-03-03 10:00:21 +10:00
Tomas Mraz
b3c155b83c evp_extra_test: Remove TODO comment as setting the curve is mandatory
Even with the SM2 algorithm the curve is needed for the paramgen.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
2021-03-03 10:00:21 +10:00
Matt Caswell
d36a5dd05e Fix a copy&paste error in evp_extra_test
test_EC_priv_pub fails to test the case where both a private and public
key have been supplied.

Fixes #14349

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14351)
2021-03-02 14:58:40 +00:00
Fangming.Fang
d7d8e2c894 Fix compiling error on arm
Fixes #14313

Change-Id: I0dc9dd475a1ed1331738355fbbec0c51fbcb37f1

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14346)
2021-03-02 21:25:00 +10:00
Pauli
e1f946630f test: use the new set public and private together call
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14341)
2021-03-02 13:23:17 +10:00
Pauli
740582cfaf test: add utility function to set the fake random callback on both the public and private instances
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14341)
2021-03-02 13:23:17 +10:00
Pauli
fccdb61aee test: update ECDSA and SM2 internal tests in line with the fake_random change
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14341)
2021-03-02 13:23:17 +10:00
Pauli
5a11de50a4 test: update test_random to create real contexts instead of sharing one
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14341)
2021-03-02 13:23:17 +10:00
Rich Salz
b0aae91324 Remove RSA SSLv23 padding mode
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14248)
2021-03-01 10:56:12 +01:00
Dr. David von Oheimb
7932982b88 OSSL_HTTP_parse_url(): Handle any userinfo, query, and fragment components
Now handle [http[s]://][userinfo@]host[:port][/path][?query][#frag]
by optionally providing any userinfo, query, and frag components.

All usages of this function, which are client-only,
silently ignore userinfo and frag components,
while the query component is taken as part of the path.
Update and extend the unit tests and all affected documentation.
Document and deprecat OCSP_parse_url().

Fixes an issue that came up when discussing FR #14001.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14009)
2021-03-01 10:30:43 +01:00
Pauli
7198bd1a8f test: update tests to allow for params argument for the instantiate call on EVP_RAND_CTXs
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
2021-02-28 17:25:49 +10:00
Pauli
b98d550d80 prov: update rand implementations to have a params argument for the instantiate call
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
2021-02-28 17:25:49 +10:00
Pauli
05cdec396b test: adjust tests to include extra argument to KDF derive call
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
2021-02-28 17:25:49 +10:00
Pauli
77e4ae58ea test: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
2021-02-28 17:25:49 +10:00
Pauli
41df96efc1 evp_test: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
2021-02-28 17:25:49 +10:00
Benjamin Kaduk
3d36472660 test_ecpub: test that we can decode the DER we encoded
We should be able to round-trip through the encoded DER form of the
EC public key and get back something that compares as equal to the
original key.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14291)
2021-02-27 16:14:09 +01:00
Benjamin Kaduk
ad7cb0bf5c test_ecpub: verify returned length after encoding
Save the length we got from querying how much space was needed, and
check that the actual encoding call returned the same length.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14291)
2021-02-27 16:14:09 +01:00
Benjamin Kaduk
c0ff1932e4 Add test for EC pubkey export/import
There seems to be an issue with i2d_provided() in i2d_evp.c that causes
us to fail to construct a valid chain of encoders for the "type-specific"
output when it's an EC pubkey.  This test is designed to exercise that
codepath for a variety of curves.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14291)
2021-02-27 16:14:09 +01:00
Tomas Mraz
d2ccfb9caa evp_pkey_provided_test: Improve diagnostic output
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14316)
2021-02-26 18:43:34 +01:00
Tomas Mraz
4519ea90eb tests: Always print errors before test verdict
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14316)
2021-02-26 18:43:34 +01:00
Pauli
2e36321aec test: add ctx gettable/settable to the generic fake random number generator
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
2021-02-26 18:08:41 +10:00
Shane Lontis
32ab57cbb4 Fix external symbols related to ec & sm2 keys
Partial fix for #12964

This adds ossl_ names for the following symbols:

ec_*, ecx_*, ecdh_*, ecdsa_*, sm2_*

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14231)
2021-02-26 10:53:01 +10:00
Shane Lontis
19dbb742cd Fix external symbols related to dh keys
Partial fix for #12964

This adds ossl_ names for the following symbols:

dh_new_by_nid_ex, dh_new_ex, dh_generate_ffc_parameters, dh_generate_public_key,
dh_get_named_group_uid_from_size, dh_gen_type_id2name, dh_gen_type_name2id,
dh_cache_named_group, dh_get0_params, dh_get0_nid,
dh_params_fromdata, dh_key_fromdata, dh_params_todata, dh_key_todata,
dh_check_pub_key_partial, dh_check_priv_key, dh_check_pairwise,
dh_get_method, dh_buf2key, dh_key2buf, dh_KDF_X9_42_asn1,
dh_pkey_method, dhx_pkey_method

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14231)
2021-02-26 10:50:30 +10:00
Shane Lontis
94553e85b6 Fix external symbols for bn
Partial fix for #12964

This adds ossl_ names for symbols related to bn_*

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14296)
2021-02-26 10:32:22 +10:00
Tomas Mraz
1cba86234a evp_extra_test: Do not manipulate providers in default context
Otherwise the with OPENSSL_TEST_RAND_ORDER following tests will
be broken. There is also no real need to do that.

Fixes #14070

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14305)
2021-02-25 17:55:58 +01:00
Tomas Mraz
8cdc3425af fake_random: Do not overwrite the callback on instatiation
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14299)
2021-02-25 14:01:54 +01:00
Tomas Mraz
0c84139c98 Ensure that the fake rand is initialized
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14299)
2021-02-25 14:01:54 +01:00
Matt Caswell
5eb73cfb37 Add a test for a names_do_all function
Make sure that if we change the namemap part way through calling a
names_do_all function it still works.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14250)
2021-02-25 08:37:22 +10:00
Richard Levitte
a8eb71ad57 Allow the sshkdf type to be passed as a single character
This partially reverts commit 270a5ce1d9.

This also slightly modifies the way diverse parameters in are
specified in providers/fips/self_test_data.inc for better consistency.

Fixes #14027

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14035)
2021-02-24 19:50:10 +01:00
Matt Caswell
81c15ed00b Test errors from a provider can still be accessed after unload
Providers can create errors that may refer to const strings within the
provider module itself. If the provider gets unloaded we need to be sure
that we can still access the errors in the error stack.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14213)
2021-02-24 12:13:38 +00:00
Pauli
b0001d0cf2 provider: add an unquery function to allow providers to clean up.
Without this, a provider  has no way to know that an application
has finished with the array it returned earlier.  A non-caching provider
requires this information.

Fixes #12974

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12974)
2021-02-24 21:24:36 +10:00
Pauli
299f5ff3b5 provider: add option to load a provider without disabling the fallbacks.
Add an argument to PROVIDER_try_load() that permits a provider to be
loaded without changing the fallback status.  This is useful when an
additional provider needs to be loaded without perturbing any other setup.
E.g. adding mock providers as part of unit testing.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
2021-02-23 23:24:41 +10:00
Pauli
332a245c04 test: update tests to use the fake random number generator
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
2021-02-23 23:24:41 +10:00
Pauli
d994ce1205 test: make the DRBG test work without RAND_METHOD support.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
2021-02-23 23:24:41 +10:00
Pauli
b3ab537b3a test: add framework for generic fake random number generator
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
2021-02-23 23:24:41 +10:00
Pauli
0a89ae97d9 RAND_METHOD deprecation: tests
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13652)
2021-02-23 23:24:13 +10:00
Petr Gotthard
6ceaf67257 Fix -pkeyopt handling in apps/pkeyutl -rawin
The EVP_DigestSignInit and EVP_DigestVerifyInit actually have to
be initialized before EVP_PKEY_CTX_ctrl_str is invoked.
Otherwise, when the ctx not initialized, the ctrl command fails.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13828)
2021-02-22 12:30:49 +01:00
Dr. David von Oheimb
7f90026b3f Handle NULL result of ERR_reason_error_string() in some apps
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13920)
2021-02-22 08:49:52 +01:00
Dr. David von Oheimb
a3361c3755 81-test_cmp_cli_data: fixup on CSR test cases
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14019)
2021-02-19 16:58:22 +01:00
Shane Lontis
eabb301416 Fix DH ASN1 decode so that it detects named groups.
The dh->nid was not being set if the loaded p,g matched an inbuilt named
group for "DH".

NOTE: The "DHX" related path already worked since it calls DH_set0_pqg()
(which does the name group check).

This bug was detected when new tests were added for dh5114 groups, combined
with the no-cache tests i.e. loading+import+export set the nid,
but just loading did not.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14207)
2021-02-19 19:25:24 +10:00
Shane Lontis
576892d78f Fix d2i_AutoPrivateKey_ex so that is uses the new decoder (and produces
non legacy keys).

Fixes #13522

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13591)
2021-02-19 19:19:28 +10:00
Matt Caswell
3a2171f6aa Don't forget the type of thing we are loading
The apps helper function load_key_certs_crls() is a general purpose
function for loading different types of objects from a given URI. It
sets up an OSSL_STORE and calls OSSL_STORE_expect() so that the store
knows what type of thing to expect to load. Unfortunately this wasn't
working and was always setting "expect" to 0 - which means "anything".

Fixes #13709

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14191)
2021-02-18 16:05:22 +00:00
Richard Levitte
3262300a2c Adjust the few places where the string length was confused
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14168)
2021-02-18 16:58:17 +01:00
Richard Levitte
247a1786e2 OSSL_PARAM: Correct the assumptions on the UTF8 string length
When the string "ABCDEFGH" is passed, what's considered its data, this?

    { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H' }

or this?

    { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', '\0' }

If it's passed as a pass phrase, should the terminating NUL byte be
considered part of the pass phrase, or not?

Our treatment of OSSL_PARAMs with the data type OSSL_PARAM_UTF8_STRING
set the length of the string to include the terminating NUL byte,
which is quite confusing.  What should the recipient of such a string
believe?

Instead of perpetuating this confusion, we change the assumption to
set the OSSL_PARAM to the length of the string, not including the
terminating NUL byte, thereby giving it the same value as a strlen()
call would give.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14168)
2021-02-18 16:58:17 +01:00
Dr. David von Oheimb
daf1300b80 Add internal X509_add_certs_new(), which simplifies matters
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14039)
2021-02-18 16:50:12 +01:00
Matt Caswell
a28d06f3e9 Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)
2021-02-18 15:05:17 +00:00
Tomas Mraz
ba37b82045 dsa_check: Perform simple parameter check if seed is not available
Added primality check on p and q in the ossl_ffc_params_simple_validate().
Checking for p and q sizes in the default provider is made more
lenient.
Added two testcases for invalid parameters.

Fixes #13950

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14148)
2021-02-18 11:02:26 +01:00
Dmitry Belyavskiy
ebcaf110b2 DSA parameter check using pkeyparam
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14148)
2021-02-18 11:02:25 +01:00
Tomas Mraz
fe75766c9c Rename OSSL_ENCODER_CTX_new_by_EVP_PKEY and OSSL_DECODER_CTX_new_by_EVP_PKEY
Additional renames done in encoder and decoder implementation
to follow the style.

Fixes #13622

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14155)
2021-02-17 15:26:12 +01:00
Pauli
79d68c4fb4 test: DRBG test with long seed.
Fixes: #14101

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14162)
2021-02-17 13:10:49 +10:00
Richard Levitte
55e9d8cfff TEST: Add missing initialization
Compiler complained.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14204)
2021-02-16 20:02:24 +01:00
Matt Caswell
c1ddd392cf Fix rsa_test to properly test RSA_SSLV23_PADDING
We test all three cases:
- An SSLv2 only client talking to a TLS capable server
- A TLS capable client talking to an SSLv2 only server
- A TLS capable client talking to a TLS capable server (should fail due
to detecting a rollback attack)

Reviewed-by: Paul Dale <pauli@openssl.org>
2021-02-16 11:36:19 +00:00
Matt Caswell
4357b6174a Refactor rsa_test
Reduce code copying by factoring out common code into a separate function.

Reviewed-by: Paul Dale <pauli@openssl.org>
2021-02-16 11:36:18 +00:00
Matt Caswell
0217e53e33 Fix the dhparam_check test
genpkey can sometimes create files that fail "openssl dhparam -check". See
issue #14145. We had some instances of such invalid files in the
dhparam_check test. Now that "openssl dhparam -check" has been fixed to
work the same way as it did in 1.1.1 these tests were failing. We move the
invalid files inot the "invalid" directory. A future PR will have to fix
genpkey to not generate invalid files.

We also remove a "SKIP" block that was skipping tests in a no deprecated
build unnecessarily. Nothing being tested is deprecated.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14146)
2021-02-15 14:17:36 +10:00
Tomas Mraz
9ff5bd612a ssl_test: Add testcases for disallowing non-TLS1.3 curves with TLS1.3
Also correctly mark max protocol version for some curves.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14154)
2021-02-12 19:05:17 +01:00
Matt Caswell
76cb077f81 Deprecate the libssl level SRP APIs
The low level SRP implementation has been deprecated with no replacement.
Therefore the libssl level APIs need to be similarly deprecated.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14132)
2021-02-12 08:47:32 +00:00
Matt Caswell
6d2a1eff55 Deprecate the low level SRP APIs
The OTC decided that all low level APIs should be deprecated. This extends
to SRP, even though at the current time there is no "EVP" interface to it.
This could be added in a future release.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14132)
2021-02-12 08:47:32 +00:00
Pauli
2b248f4e3f test: add import and export key management hooks for the TLS provider.
Without these hooks, if the TLS provider isn't matched in the fetch cache, a test
failure will occur in the TLS API tests.  Without allowing import and export, an
existing key can not move to a new key manager even if it is really the same.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14126)
2021-02-12 12:28:55 +10:00
Pauli
ca2c778c26 test: filter provider honours the no_cache setting.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14126)
2021-02-12 12:28:55 +10:00
Pauli
b5873b3176 test: fix no-cache problem with the quality comparison for KDFs.
In a caching world, it's fine to compare the pointers directly.  In a
non-caching world, the names and providers need to be compared.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14126)
2021-02-12 12:28:55 +10:00
Pauli
1baad060f9 test: add an option to output timing information from tests.
Fixes #14141

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14149)
2021-02-12 08:32:04 +10:00
Dr. David von Oheimb
c926a5ecb7 X509_STORE_CTX_cleanup(): Use internally so no need to call explicitly
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14088)
2021-02-11 21:34:27 +01:00
Pauli
835f3526a2 test: turn off parallel tests in verbose mode.
The existing code prints a warning saying that verbose mode is ignored with
parallel jobs.  This seems backward, more useful is disabling parallel jobs
when verbose is enabled.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14137)
2021-02-11 08:16:29 +10:00
Shane Lontis
8a686bdb3a Change the ASN1 variant of x942kdf so that it can test acvp data.
This 'special' way of specifying the data should only be used for testing
purposes. It should not be used in production environments.
ACVP passes a blob of DER encoded data for some of the fields rather
than passing them as separate fields that need to be DER encoded.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14077)
2021-02-10 10:28:32 +10:00
Tomas Mraz
4d2a6159db Deprecate BN_pseudo_rand() and BN_pseudo_rand_range()
The functions are obsolete aliases for BN_rand() and BN_rand_range()
since 1.1.0.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14080)
2021-02-09 13:41:11 +01:00
Petr Gotthard
604b86d8d3 Enhanced integer parsing in OSSL_PARAM_allocate_from_text
Fixes #14041 and additional bugs discovered by the newly created
tests.

This patch:
 - Introduces support for 0x prefixed integers
 - Fixes parsing of negative integers (negative numbers were
   shifted by -2)
 - Fixes ability to parse maximal unsigned numbers ("too small
   buffer" error used to be reported incorrectly)
 - Fixes a memory leak when OSSL_PARAM_allocate_from_text fails
   leaving a temporary BN allocated

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14093)
2021-02-09 11:15:55 +01:00
Randall S. Becker
3f71add9e5 Enable fipsload test on NonStop x86.
CLA: Trivial

Fixes: #14005

Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14006)
2021-02-08 16:44:36 +01:00
Shane Lontis
2db985b7b1 Simplify the EVP_PKEY_XXX_fromdata_XX methods.
The existing names such as EVP_PKEY_param_fromdata_settable were a bit
confusing since the 'param' referred to key params not OSSL_PARAM. To simplify
the interface a 'selection' parameter will be passed instead. The
changes are:

(1) EVP_PKEY_fromdata_init() replaces both EVP_PKEY_key_fromdata_init() and EVP_PKEY_param_fromdata_init().
(2) EVP_PKEY_fromdata() has an additional selection parameter.
(3) EVP_PKEY_fromdata_settable() replaces EVP_PKEY_key_fromdata_settable() and EVP_PKEY_param_fromdata_settable().
    EVP_PKEY_fromdata_settable() also uses a selection parameter.

Fixes #12989

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14076)
2021-02-08 16:33:43 +10:00
Dr. David von Oheimb
11ddbf8459 Add X509_STORE_CTX_verify(), which takes the first untrusted cert as default target
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14021)
2021-02-06 18:53:51 +01:00
Matt Caswell
5682e77dff Fix the cipher_overhead_test
Now that libssl no longer has any OPENSSL_NO_ALG guards the internal
cipher_overhead_test wasn't quite handling disabled ciphers correctly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
2021-02-05 15:22:43 +00:00
Matt Caswell
a763ca1177 Stop disabling TLSv1.3 if ec and dh are disabled
Even if EC and DH are disabled then we may still be able to use TLSv1.3
if we have groups that have been plugged in by an external provider.

Fixes #13767

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
2021-02-05 15:22:40 +00:00
Richard Levitte
388eb0d970 TEST: Add an algorithm ID tester for libcrypto vs provider
Providers produce algorithm IDs of their own, and we need to compare
them against the same thing produced by libcrypto's ASN.1 code and
with legacy keys.

This tester can compare algorithm IDs for signatures and for keys,
given certificates that hold such data.

To verify key algorithm IDs, only one certificate is necessary, and
its public key is used.

To verify certificate algorithm IDs, we need to launch the signature
operation that would verify a certificate against the public key of
its signing CA, so that test needs two files.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14049)
2021-02-05 15:44:39 +01:00
Tomas Mraz
bbde856619 RSA: properly generate algorithm identifier for RSA-PSS signatures
Fixes #13969

- properly handle the mandatory RSA-PSS key parameters
- improve parameter checking when setting the parameters
- compute the algorithm id at the time it is requested so it
  reflects the actual parameters set
- when generating keys do not override previously set parameters
  with defaults
- tests added to the test_req recipe that should cover the PSS signature
  handling

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13988)
2021-02-05 14:04:59 +01:00
Petr Gotthard
7dc67708c8 apps/openssl: add -propquery command line option
Fixes #13656. Right now all openssl commands use a NULL propq. This
patch adds a possibility to specify a custom propq.

The implementation follows the example of set_nameopt/get_nameopt.

Various tools had to be modified to call app_get0_propq after it has
been populated. Otherwise the -propquery has no effect.

The tests then verify the -propquery affects the tool behaviour by
requesting a non-existing property.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13707)
2021-02-05 10:24:04 +10:00
Dmitry Belyavskiy
a7246ea645 DH/DHX parameter check using pkeyparam
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13930)
2021-02-04 09:33:16 +01:00
Dr. David von Oheimb
d53b437f99 Allow NULL arg to OPENSSL_sk_{dup,deep_copy} returning empty stack
This simplifies many usages

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14040)
2021-02-04 07:28:11 +01:00
Dr. David von Oheimb
b91a13f429 run_tests.pl: Improve diagnostics on the use of HARNESS_JOBS
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13551)
2021-02-04 07:25:14 +01:00
Dr. David von Oheimb
c87bcdbde4 test/recipes: split 81_test_cmp_cli.t, add test using -engine loader_attic
The HTTP-based tests are now in 80_test_cmp_http.t, to start a little earlier.
This should decrease total test run time due to better parallelization.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13551)
2021-02-04 07:25:14 +01:00
Matt Caswell
a0134d293e Add a multi-thread test for shared EVP_PKEYs
EVP_PKEYs may be shared across mutliple threads. For example this is
common for users of libssl who provide a single EVP_PKEY private key for
an SSL_CTX, which is then shared between multiple threads for each SSL
object.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13987)
2021-02-02 12:21:21 +00:00
Matt Caswell
b8a1272d57 Test that EC keys without a public key in them work as expected
We create EC keys via both the "fromdata" and legacy key routes to make
sure that they can be used without a public key.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13922)
2021-02-01 08:59:35 +00:00
Tomas Mraz
a2a5506b93 rsa_kmgmt: Return OSSL_PKEY_PARAM_DEFAULT_DIGEST for unrestricted PSS keys
Add a testcase to the test_req covering the issue.

Fixes #13957

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13967)
2021-01-29 10:47:02 +01:00
Daniel Bevenius
e947a0642d EVP: fix keygen for EVP_PKEY_RSA_PSS
This commit attempts to fix the an issue when generating a key of type
EVP_PKEY_RSA_PSS. Currently, EVP_PKEY_CTX_set_rsa_keygen_bits will
return -1 if the key id is not of type EVP_PKEY_RSA. This commit adds
EVP_PKEY_RSA_PSS to also be accepted.

The macro EVP_PKEY_CTX_set_rsa_pss_keygen_md si converted into a
function and it is now called in legacy_ctrl_to_param.

Fixes #12384

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13099)
2021-01-28 16:25:16 +01:00
Juergen Christ
270a5ce1d9 Fix parameter types in sshkdf
Handling of parameter OSSL_KDF_PARAM_SSHKDF_TYPE mixed integer and string
parameters.  This caused endianness problems on big-endian machines.  As a
result, it is not possible to pass FIPS tests since the parameter was stored
with an integer value but read via a cast to char pointer.  While this works
on little endian machines, big endian s390 read the most significant bits
instead of the least significant (as done by, e.g., x86).  Change the
parameter to char array and fix the usages.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/13781)
2021-01-28 16:05:50 +01:00
Dr. David von Oheimb
199df4a93f check_sig_alg_match(): weaken sig nid comparison to allow RSA{,PSS} key verify RSA-PSS
This is an upstream fix for #13931

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13968)
2021-01-28 15:05:04 +01:00
Richard Levitte
4333b89f50 Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13999)
2021-01-28 13:54:57 +01:00
Matt Caswell
b1eae34bbe Fix running mingw dhparam test under wine
The dhparam test was failing to properly handle line endings when
running a mingw configured build under wine.

Fixes #13557

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13923)
2021-01-27 15:00:35 +00:00
Dr. David von Oheimb
0c3eb2793b TLS client: allow cert verify callback return -1 for SSL_ERROR_WANT_RETRY_VERIFY
The client-side cert verification callback function may not only return
as usual for success or 0 for failure, but also -1,
typically on failure verifying the server certificate.
This makes the handshake suspend and return control to the calling application
with SSL_ERROR_WANT_RETRY_VERIFY.
The app can for instance fetch further certificates or cert status information
needed for the verification.
Calling SSL_connect() again resumes the connection attempt
by retrying the server certificate verification step.
This process may even be repeated if need be.

The core implementation of the feature is in ssl/statem/statem_clnt.c,
splitting tls_process_server_certificate() into a preparation step
that just copies the certificates received from the server to s->session->peer_chain
(rather than having them in a local variable at first) and returns to the state machine,
and a post-processing step in tls_post_process_server_certificate() that can be repeated:
Try verifying the current contents of s->session->peer_chain basically as before,
but give the verification callback function the chance to pause connecting and
make the TLS state machine later call tls_post_process_server_certificate() again.
Otherwise processing continues as usual.

The documentation of the new feature is added to SSL_CTX_set_cert_verify_callback.pod
and SSL_want.pod.

This adds two tests:
* A generic test in test/helpers/handshake.c
  on the usability of the new server cert verification retry feature.
  It is triggered via test/ssl-tests/03-custom_verify.cnf.in (while the bulky auto-
  generated changes to test/ssl-tests/03-custom_verify.cnf can be basically ignored).
* A test in test/sslapitest.c that demonstrates the effectiveness of the approach
  for augmenting the cert chain provided by the server in between SSL_connect() calls.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13906)
2021-01-26 17:09:13 +01:00
Tomas Mraz
7b0f64b121 Check that the ecparam and pkeyparam do not mangle the parameters
Just comparison of the original parameter file with the -out output.

Some test files have non-canonical encoding, so they are moved
to a different directory.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13139)
2021-01-26 15:26:49 +01:00
Tomas Mraz
59b64259b8 ssl_old_test.c: Replace use of deprecated EC functions
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13139)
2021-01-26 15:26:49 +01:00
Tomas Mraz
0c8e98e615 Avoid using OSSL_PKEY_PARAM_GROUP_NAME when the key might be legacy
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13139)
2021-01-26 15:26:49 +01:00
Tomas Mraz
f377e58fde Disable the test-ec completely when building with no-ec
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13139)
2021-01-26 15:26:49 +01:00
Shane Lontis
5b5eea4b60 Deprecate EC_KEY + Update ec apps to use EVP_PKEY
Co-author: Richard Levitte <levitte@openssl.org>
Co-author: Tomas Mraz <tmraz@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13139)
2021-01-26 15:22:14 +01:00
Matt Caswell
8a9394c1ed Fix no-dh and no-dsa
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13915)
2021-01-22 09:47:59 +00:00
Tomas Mraz
616581aaac dh_cms_set_shared_info: Use explicit fetch to be able to provide libctx
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13869)
2021-01-21 18:08:02 +01:00
Tomas Mraz
24d5be7a2a Make the smdh.pem test certificate usable with fips provider
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13869)
2021-01-21 18:08:02 +01:00
Tomas Mraz
f23e4a17a2 Fixes related to broken DH support in CMS
- DH support should work with both DH and DHX keys
- UKM parameter is optional so it can have length 0

Fixes #13810

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13869)
2021-01-21 18:08:02 +01:00
Dr. David von Oheimb
3d46c81a7d CMP: Allow PKCS#10 input also for ir, cr, kur, and rr messages
Also update documentation regarding sources of certs and keys,
improve type of OSSL_CMP_exec_RR_ses(),
add tests for CSR-based cert revocation

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13841)
2021-01-21 17:53:26 +01:00
Rich Salz
a3d267f184 Deprecate EVP_KEY_new_CMAC_key and EVP_PKEY_new_CMAC_key_ex
EVP_KEY_new_CMAC_key_ex was in the pre-release 3.0 only, so is safe
to remove.
Restore 1.1.1 version of EVP_PKEY_new_CMAC_key documentation.
Also make testing of EVP_PKEY_new_CMAC_key properly #ifdef'd.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13829)
2021-01-21 12:08:46 +01:00
Dr. David von Oheimb
05458fdb73 apps/x509.c: Make -x509toreq respect -clrext, -sigopt, and -extfile options
Also prevent copying SKID and AKID extension, which make no sense in CSRs
and extend the use -ext to select with extensions are copied.
Further simplifiy the overall structure of the code.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13711)
2021-01-20 15:59:22 +01:00
Dr. David von Oheimb
1d1d23128f 80-test_ssl_old.t: Minor corrections: update name of test dir etc.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13711)
2021-01-20 15:59:22 +01:00
Dr. David von Oheimb
49b36afb0b 25-test_x509.t: Make test case w.r.t. self-issued cert run also without EC enabled
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13711)
2021-01-20 15:59:22 +01:00
Dr. David von Oheimb
abc4439c92 25-test_x509.t: Minor update: factor out path for test input files
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13711)
2021-01-20 15:59:22 +01:00
Dr. David von Oheimb
8cadc51706 25-test_x509.t: Minor update: do not anymore unlink test output files
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13711)
2021-01-20 15:59:22 +01:00
Dr. David von Oheimb
9495cfbc22 make various test CA certs RFC 5280 compliant w.r.t. X509 extensions
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13719)
2021-01-20 15:53:47 +01:00
Jon Spillett
ac6ea3a7c5 test-gendsa: Add test cases with FIPS provider
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13894)
2021-01-20 13:10:49 +01:00
Shane Lontis
84af8027c5 CMS: Fix NULL access if d2i_CMS_bio() is not passed a CMS_ContentInfo**.
Fixes #13624

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13668)
2021-01-18 15:01:26 +01:00
Tomas Mraz
0d83b7b903 Rename EVP_CIPHER_CTX_get_iv and EVP_CIPHER_CTX_get_iv_state for clarity
To clarify the purpose of these two calls rename them to
EVP_CIPHER_CTX_get_original_iv and EVP_CIPHER_CTX_get_updated_iv.

Also rename the OSSL_CIPHER_PARAM_IV_STATE to OSSL_CIPHER_PARAM_UPDATED_IV
to better align with the function name.

Fixes #13411

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13870)
2021-01-18 14:27:44 +01:00
Jon Spillett
2c04b34140 Allow EVP_PKEY private key objects to be created without a public component
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13855)
2021-01-15 17:24:41 +01:00
Richard Levitte
39f3427dc1 Fix incomplete deprecation guard in test/sslapitest.c
OPENSSL_NO_DEPRECATED_3_0 should be used rather than OPENSSL_NO_DEPRECATED,
as the latter doesn't take the configuration option '--api=' in account.

Fixes #13865

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13866)
2021-01-15 11:19:25 +01:00
Pauli
975aae76db Remove unused DRBG tests.
The DRBG known answer tests are performed by evp_test and the old vectors
are not used.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13867)
2021-01-15 19:31:21 +10:00
Matt Caswell
b457c8f514 Extend the threads test to add simple fetch from multi threads
Issue #13682 suggests that doing a simple fetch from multi-threads may
result in issues so we add a test for that.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13660)
2021-01-14 17:30:46 +00:00
Matt Caswell
ae95a40e8d Add a test for performing work in multiple concurrent threads
We test both the default provider and the fips provider

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13660)
2021-01-14 17:30:46 +00:00
Tomas Mraz
8bc5b0a570 chacha20: Properly reinitialize the cipher context with NULL key
Same for chacha20-poly1305.

The test_cipher_reinit and test_cipher_reinit_partialupdate is modified
to test this case of cipher context reinitialization.

Fixes #13064

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13850)
2021-01-13 18:04:28 +01:00
Dr. David von Oheimb
b65c5ec8f5 apps/req.c: Add -copy_extensions option for use with -x509; default: none
Fixes #13708

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13658)
2021-01-13 11:53:15 +01:00
Dr. David von Oheimb
41e597a01d Add X509V3_set_issuer_pkey, needed for AKID of self-issued not self-signed cert
Also clean up some related auxiliary functions and documentation

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13658)
2021-01-13 11:53:15 +01:00
Dr. David von Oheimb
f0a057dd53 Add tests for (non-)default SKID and AKID inclusion by apps/{req,x509,ca}.c
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13658)
2021-01-13 11:53:15 +01:00
Dr. David von Oheimb
f2a0458731 X509_cmp(): Fix comparison in case x509v3_cache_extensions() failed to due to invalid cert
This is the upstream fix for #13698 reported for v1.1.1

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13755)
2021-01-13 11:19:17 +01:00
Dr. David von Oheimb
4dd009180a x509_vfy.c: Fix a regression in find_issuer()
...in case the candidate issuer cert is identical to the target cert.

This is the v3.0.0 variant of #13749 fixing #13739 for v1.1.1.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13762)
2021-01-13 09:09:36 +01:00
Dr. David von Oheimb
0b7368dda0 TEST: move cert, key, and CSR loading aux functions to new testutil/load.c
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13762)
2021-01-13 09:09:36 +01:00
Richard Levitte
5a2d0ef36f Clean away extraneous library specific FETCH_FAILED reason codes
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13467)
2021-01-12 19:02:11 +01:00
Dr. David von Oheimb
678cae0295 APPS: Print help also on -h and --h; print high-level help when no cmd given
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13799)
2021-01-11 19:39:49 +01:00
Romain Geissler
732e24bb14 Fix simpledynamic test compilation when condigured without DSO support.
This fixes this compilation error:
In file included from test/simpledynamic.c:13:
test/simpledynamic.h:39:35: error: unknown type name 'SD'
   39 | int sd_load(const char *filename, SD *sd, int type);
      |                                   ^~
test/simpledynamic.h:40:12: error: unknown type name 'SD'
   40 | int sd_sym(SD sd, const char *symname, SD_SYM *sym);
      |            ^~
test/simpledynamic.h:40:40: error: unknown type name 'SD_SYM'
   40 | int sd_sym(SD sd, const char *symname, SD_SYM *sym);
      |                                        ^~~~~~
test/simpledynamic.h:41:14: error: unknown type name 'SD'
   41 | int sd_close(SD lib);
      |              ^~
make[1]: *** [Makefile:24670: test/moduleloadtest-bin-simpledynamic.o] Error 1
make[1]: *** Waiting for unfinished jobs....
In file included from test/moduleloadtest.c:19:
test/simpledynamic.h:39:35: error: unknown type name 'SD'
   39 | int sd_load(const char *filename, SD *sd, int type);
      |                                   ^~
test/simpledynamic.h:40:12: error: unknown type name 'SD'
   40 | int sd_sym(SD sd, const char *symname, SD_SYM *sym);
      |            ^~
test/simpledynamic.h:40:40: error: unknown type name 'SD_SYM'
   40 | int sd_sym(SD sd, const char *symname, SD_SYM *sym);
      |                                        ^~~~~~
test/simpledynamic.h:41:14: error: unknown type name 'SD'
   41 | int sd_close(SD lib);
      |              ^~

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13802)
2021-01-09 00:38:48 +02:00
Nicola Tuveri
1330093b9c [test][pkey_check] Add more invalid SM2 key tests
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
2021-01-08 23:59:02 +02:00
Nicola Tuveri
4554988e58 [test][pkey_check] Add invalid SM2 key test
SM2 private keys have different validation requirements than EC keys:
this test checks one corner case highlighted in
https://github.com/openssl/openssl/issues/8435

As @bbbrumley mentioned in
https://github.com/openssl/openssl/issues/8435#issuecomment-720504282
this only fixes the absence of a regression test for validation of this
kind of boundary issues for decoded SM2 keys.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
2021-01-08 23:59:02 +02:00
Nicola Tuveri
c5bc5ec849 [test] Add pkey -check validation tests
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13359)
2021-01-08 23:50:42 +02:00
Michael Baentsch
becbacd705 Adding TLS group name retrieval
Function SSL_group_to_name() added, together with documentation and tests.
This now permits displaying names of internal and external
provider-implemented groups.

Partial fix of #13767

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13785)
2021-01-08 17:04:46 +00:00
Matt Caswell
bd0c71298a Update copyright year
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13800)
2021-01-07 13:38:50 +00:00
Etienne Millon
b043c41c00 28-seclevel.cnf.in: fix typo in algo name
CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13768)
2021-01-05 16:44:09 +01:00
Matt Caswell
ea08f8b294 Add a test for the new CRYPTO_atomic_* functions
Also tests the older CRYPTO_atomic_add() which was without a test

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13733)
2020-12-31 13:14:38 +01:00
Richard Levitte
3a1ee3c199 Drop OPENSSL_NO_RSA everywhere
The configuration option 'no-rsa' was dropped with OpenSSL 1.1.0, so
this is simply a cleanup of the remains.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13700)
2020-12-20 12:19:42 +01:00
Richard Levitte
6ed4022cd1 Fix 'no-deprecated'
Some of the handling of no-deprecated stuff wasn't quite complete, or
even plain wrong.

This restores i2d_PublicKey() to be able to handle EVP_PKEYs with
legacy internal keys.

This also refactors the DSA key tests in test/evp_extra_test.c to use
EVP functionality entirely.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13706)
2020-12-19 17:02:12 +01:00
Richard Levitte
5faec149c6 TEST: Fix test/endecode_test.c for 'no-legacy'
This adds an additional check that the legacy provider is available
when wanting to add tests for protected PVK, since that depends on the
availability of RC4.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13705)
2020-12-19 10:59:12 +01:00
Richard Levitte
390f9bad69 CORE: Separate OSSL_PROVIDER activation from OSSL_PROVIDER reference
This introduces a separate activation counter, and the function
ossl_provider_deactivate() for provider deactivation.

Something to be noted is that if the reference count goes down to
zero, we don't care if the activation count is non-zero (i.e. someone
forgot to call ossl_provider_deactivate()).  Since there are no more
references to the provider, it doesn't matter.
The important thing is that deactivation doesn't remove the provider
as long as there are references to it, for example because there are
live methods associated with that provider, but still makes the
provider unavailable to create new methods from.

Fixes #13503
Fixes #12157

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13661)
2020-12-17 12:02:08 +01:00
Richard Levitte
a2e145f8db Add necessary checks of OPENSSL_NO_DH, OPENSSL_NO_DSA and OPENSSL_NO_EC
When OpenSSL is configured with 'no-dh', 'no-dsa' and 'no-ec'
combined, some static functions have no use, which the compiler may
complain about.  We therefore add extra guards to silence it.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13589)
2020-12-16 11:56:38 +01:00
Richard Levitte
2984445d3a TEST: Fix test/recipes/15-test_rsa.t
Perl strings should be compared with 'eq', not '=='.
This only generates a perl warning, so wasn't immediately noticed.

Also, remove the check of disabled 'dsa'.  That never made reak sense.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13645)
2020-12-15 14:27:23 +01:00
Pauli
c678f68a19 test: document the random test ordering env variable
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13672)
2020-12-15 20:03:07 +10:00
Pauli
a21a1c23c9 test: print OPENSSL_TEST_RAND_ORDER=x when a randomised test fails.
The previous message "random seed x" is a lot less descriptive.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13672)
2020-12-15 20:03:07 +10:00
Dmitry Belyavskiy
249d559545 Skip tests depending on deprecated list -*-commands options
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13669)
2020-12-15 04:39:58 +01:00
Shane Lontis
3dafbd4468 Change AES-CTS modes CS2 and CS3 to also be inside the fips module.
The initial thought was that only CS1 mode (the NIST variant) was allowed.
The lab has asked if these other modes should be included.
The algorithm form indicates that these are able to be validated.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13639)
2020-12-14 13:46:49 +10:00
Shane Lontis
ac7750bb5e Fix Segfault in EVP_PKEY_CTX_dup when the ctx has an undefined operation.
Fixes #12438

Note: This worked in 1.1.1 so just returning an error is not valid.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13505)
2020-12-14 11:30:40 +10:00
Richard Levitte
2e1bc08100 Remove unnecessary guards around MSBLOB and PVK readers and writers
The OPENSSL_NO_RC4 guard remain around protected PVK tests in
test/endecoder_test.c.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13648)
2020-12-13 10:27:31 +01:00
Pauli
a79148237e params: add integer conversion test cases.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13663)
2020-12-12 21:43:07 +10:00
Matt Caswell
730bee5253 Skip cms tests using RC2 if no legacy provider
Fixes #12510

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13595)
2020-12-11 10:56:34 +00:00
Matt Caswell
abec331fd3 Don't run a legacy specific PKCS12 test if no legacy provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13595)
2020-12-11 10:56:34 +00:00
Matt Caswell
8891a12b5b Don't use the legacy provider in test_store if its not available
If we don't have the legacy provider then we avoid having to use it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13595)
2020-12-11 10:56:34 +00:00
Matt Caswell
d5e8d26008 Don't load the legacy provider in test_evp_libctx unnecessarily
We don't need the legacy provider, so don't load it. This avoids
problems in a no-legacy build

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13595)
2020-12-11 10:56:22 +00:00
Matt Caswell
f2130201f1 Don't load the legacy provider if not available in test_enc_more
If the legacy provider isn't available then we shouldn't attempt to
load or use it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13595)
2020-12-11 10:56:22 +00:00
Matt Caswell
81959b26a3 Skip testing ciphers in the legacy provider if no legacy
test_enc should not test ciphers that are not available due to a lack
of the legacy provider

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13595)
2020-12-11 10:56:22 +00:00
Matt Caswell
39e3daeead Don't load the legacy provider in endecoder_legacy_test
In spite of the name the endecoder_legacy_test does not need the
legacy provider. Therefore we avoid loading it so that no-legacy
builds still run the test successfully.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13595)
2020-12-11 10:56:22 +00:00
Matt Caswell
49da54b9fa Don't use legacy provider if not available in test_ssl_old
If we've been configured with no-legacy then we should not attempt to
load the legacy provider.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13595)
2020-12-11 10:56:22 +00:00
Matt Caswell
5ae54dbac1 Fix sslapitest.c if built with no-legacy
We skip a test that uses the no-legacy option. Unfortuantely there is
no OPENSSL_NO_LEGACY to test, so we just check whether we were successful
in loading the legacy provider - and if not we skip the test.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13595)
2020-12-11 10:56:22 +00:00
Matt Caswell
3a43b30ebb Skip evp_test cases where we need the legacy prov and its not available
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13595)
2020-12-11 10:56:22 +00:00
Shane Lontis
f0591559f6 Add validate method to ECX keymanager
Fixes #11619

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13459)
2020-12-11 10:53:19 +10:00
Dr. David von Oheimb
1a683b80dc apps/{ca,req,x509}.c: Improve diag and doc mostly on X.509 extensions, fix multiple instances
This includes a general correction in the code (now using the X509V3_CTX_REPLACE flag)
and adding a prominent clarification in the documentation:

    If multiple entries are processed for the same extension name,
    later entries override earlier ones with the same name.

This is due to an RFC 5280 requirement - the intro of its section 4.2 says:

    A certificate MUST NOT include more than one instance of a particular extension.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13614)
2020-12-10 15:19:55 +01:00
Dr. David von Oheimb
bca7ad6efd Use adapted test_get_libctx() for simpler test setup and better error reporting
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13001)
2020-12-10 11:01:26 +01:00
Matt Caswell
6582661f7b Test that we can negotiate TLSv1.3 if we have an SNI callback
If an SNI callback has been set then we may have no certificuates suitable
for TLSv1.3 use configured for the current SSL_CTX. This should not prevent
us from negotiating TLSv1.3, since we may change the SSL_CTX by the time we
need a suitable certificate.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13304)
2020-12-09 14:46:17 +00:00
Tomas Mraz
7eea331eab v3nametest: Make the gennames structure static
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13635)
2020-12-09 13:41:30 +01:00
Daniel Bevenius
c60b572319 STORE: clear err after ossl_store_get0_loader_int
This commit clears the error that might have been set when
ossl_store_get0_loader_int has been called as it will try to retrieve
a loader for the scheme on an empty store, which will cause the error
OSSL_STORE_R_UNREGISTERED_SCHEME to be set.

The motivation for this after returning from
ossl_store_get0_loader_int, OSSL_STORE_attach will continue and try to
fetch a OSSL_STORE_LOADER from the provider.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12901)
2020-12-08 18:23:29 +01:00
Matt Caswell
8778f0eb8e Fix a compilation failure with no-tls_1_2
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13596)
2020-12-08 15:53:18 +00:00
Matt Caswell
b1fdbc688c Fix a test failure with no-tls1_3
If we're using TLSv1.2 then the test_sigalgs_available test needs to be
careful which ciphersuite is selected in order for the test to behave
correctly.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13596)
2020-12-08 15:53:18 +00:00
Matt Caswell
22b88fc9c0 Add a test for encoding/decoding using an invalid ASN.1 Template
If you have a CHOICE type that it must use explicit tagging - otherwise
the template is invalid. We add tests for this.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
2020-12-08 10:17:03 +00:00
Matt Caswell
97ab3c4b53 Add a test for GENERAL_NAME_cmp
Based on a boringssl test contributed by David Benjamin

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
2020-12-08 10:17:03 +00:00
Shane Lontis
abdd3fa04f Change OPENSSL_hexstr2buf_ex() & OPENSSL_buf2hexstr_ex() to pass the separator
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13294)
2020-12-07 17:14:58 +10:00
Dr. David von Oheimb
d7cdb8b606 test/certs/setup.sh: Fix two glitches
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13606)
2020-12-04 16:24:28 +01:00
Dr. David von Oheimb
0191854154 evp_pkey_dparams_test.c: Fix build error on OPENSSL_NO_{DH,DSA,EC}
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13110)
2020-12-04 16:20:53 +01:00
Dr. David von Oheimb
821d6f8c67 endecode_test.c: Fix build errors on OPENSSL_NO_{DH,DSA,EC,EC2M}
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13110)
2020-12-04 16:20:53 +01:00
Matt Caswell
300e8c4bf1 Fix no-dsa
Skip tests that require DSA to be available. While we're doing this
we also remove an OPENSSL_NO_DSA guard in the dhparam app that is no
longer necessary (even though DSA may not be present in our own providers
it could be available via a third party provider).

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13599)
2020-12-04 07:49:24 +01:00
Shane Lontis
283320281b Fix ecdsa digest setting code to match dsa.
Fixes #13422

ecdsa_set_ctx_params() was not setting the digest correctly. The side
effect noted was that the check for sha1 when signing was not being
done in fips mode.

Also fixed the dupctx() so that propq is deep copied.
The usage of the variable 'flag_allow_md' was also copied from the dsa code.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13520)
2020-12-04 08:33:27 +10:00
Dr. David von Oheimb
3bed88a397 x509_vfy.c: Restore rejection of expired trusted (root) certificate
The certificate path validation procedure specified in RFC 5280 does not
include checking the validity period of the trusted (root) certificate.
Still it is common good practice to perform this check.
Also OpenSSL did this until commit 0e7b1383e, which accidentally killed it.

The current commit restores the previous behavior.
It also removes the cause of that bug, namely counter-intuitive design
of the internal function check_issued(), which was complicated by checks
that actually belong to some other internal function, namely find_issuer().

Moreover, this commit adds a regression check and proper documentation of
the root cert validity period check feature, which had been missing so far.

Fixes #13427

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13590)
2020-12-03 14:06:49 +01:00
Richard Levitte
0a3b330cf0 Add test to demonstrate the app's new engine key loading
This adds a bit of functionality in ossltest, so it can now be used to
load PEM files.  It takes the file name as key ID, but just to make
sure faults aren't ignored, it requires all file names to be prefixed
with 'ot:'.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/13570)
2020-12-02 20:19:41 +01:00
Matt Caswell
4be35545ae Fix no-dtls
Ensure we correctly detect if DTLS has been disabled in the client auth
test_ssl_new tests.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13587)
2020-12-02 17:04:54 +00:00
Daiki Ueno
c39f43534d openssl dgst: add option to specify output length for XOF
This adds the -xoflen option to control the output length of the XOF
algorithms, such as SHAKE128 and SHAKE256.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13245)
2020-12-02 16:46:46 +01:00
Richard Levitte
b03da688a2 Adapt everything else to the updated OSSL_ENCODER_CTX_new_by_EVP_PKEY()
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13545)
2020-12-02 13:37:20 +01:00
Shane Lontis
89cccbea51 Add EVP_KDF-X942 to the fips module
The X942 KDF had been modified so that it supports all optional fields - not
just the fields used by CMS.

As there are 2 types of KDF for X942 - this has been made a bit clearer
by adding an X942KDF-ASN1 alias. X942KDF-CONCAT has also been added as an
alias of X963KDF.

This work was instigated as a result of the ACVP tests optionally being
able to use keybits for the supp_pubinfo field.
Setting the parameter OSSL_KDF_PARAM_X942_USE_KEYBITS to 0 allows this
to be disabled.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13418)
2020-12-02 12:15:05 +10:00
Pauli
f7f10de305 Print random seed on test failure.
Tests randomisation wasn't reliably printing the seed used on failure in the CIs.

Fixes: #13572

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13573)
2020-12-02 10:46:28 +10:00
Kelvin Lee
9feb2fce65 Fix simpledynamic.c - a typo and missed a header
CLA: trivial

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13584)
2020-12-02 00:25:01 +11:00
Richard Levitte
527eb8d294 TEST: Add a simple module loader, and test the FIPS module with it
This very simple module loader is only linked with the standard C
library, so cannot and should not provide any other symbol to the
module it tries to load.  It can thereby be used to verify that the
module it tries to load doesn't have any surprising dependencies when
it's supposed to be self contained.

A test recipe is added to verify the FIPS module with this loader.

Fixes #11020

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13507)
2020-12-01 11:06:03 +01:00
Richard Levitte
9800b1a0da TEST: Break out the local dynamic loading code from shlibloadtest.c
The result is "simpledynamic.c", or "sd" for short.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13507)
2020-12-01 11:06:03 +01:00
Dr. David von Oheimb
1234aa7e41 endecode_test.c: Add warning that 512-bit DH key size is for testing only
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13568)
2020-12-01 07:49:38 +01:00
Dr. David von Oheimb
20f8bc7255 test cleanup: move helper .c and .h files to test/helpers/
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13568)
2020-12-01 07:49:38 +01:00
Dr. David von Oheimb
93a9ffa6c2 remove obsolete test/drbg_cavs_data.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13568)
2020-12-01 07:49:37 +01:00
Dr. David von Oheimb
2de4c87889 remove obsolete test/drbg_extra_test.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13568)
2020-12-01 07:49:37 +01:00
Matt Caswell
cbb85bda0c Fix builds that specify both no-dh and no-ec
Various sections of code assumed that at least one of dh or ec would be
available. We also now also need to handle cases where a provider has
a key exchange algorithm and TLS-GROUP that we don't know about.

Fixes #13536

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13549)
2020-11-30 10:50:13 +00:00
Matt Caswell
a07dc8167b Fix instances of pointer addition with the NULL pointer
Addition using the NULL pointer (even when adding 0) is undefined
behaviour. Recent versions of ubsan are now complaining about this, so
we fix various instances.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13513)
2020-11-30 10:37:14 +00:00
Dr. David von Oheimb
5658470ce7 endecode_test.c: Significant speedup in generating DH and DHX keys
Fixes #13495

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13552)
2020-11-29 11:32:54 +01:00
Richard Levitte
d27a8e922b TEST: Fix path length in test/ossl_store_test.c
The URI length was set to 80 chars, but the URI being built up may
need more space, all depending on the paths used to get to the files
that are to be loaded.  If the result needs more than 80 chars, the
test will fail.

Fixed by using PATH_MAX.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13546)
2020-11-28 21:19:18 +01:00
Dr. David von Oheimb
ee46dfbf2c X509_dup: fix copying of libctx and propq using new ASN1_OP_DUP_POST cb operation
Fixes #12680

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12687)
2020-11-27 16:53:32 +01:00
Matt Caswell
25e49af92a Deprecate more DH functions
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13138)
2020-11-27 11:04:54 +00:00
Matt Caswell
d4c2f498a3 Don't test a deprecated function in a no-deprecated build
EVP_PKEY_set1_DH is deprecated so there is no need to test it in a
no-deprecated build.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13138)
2020-11-27 11:04:54 +00:00
Matt Caswell
4d8e8a2d37 Deprecate the DHparams and DHxparams PEM routines
The functions return a DH object and therefore need to be deprecated.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13138)
2020-11-27 11:04:54 +00:00
Richard Levitte
abcca5078f TEST: Adapt test/errtest for the 'no-err' configuration
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13510)
2020-11-27 12:02:56 +01:00