Commit Graph

32827 Commits

Author SHA1 Message Date
Hugo Landau
652fbb62a3 Revise build.info
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:17 +01:00
Hugo Landau
5129e59494 QUIC: Ensure locking when injecting datagrams
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:17 +01:00
Hugo Landau
54b86b7fa3 QUIC test fix
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:16 +01:00
Hugo Landau
9cf091a3c5 QUIC Thread Assisted mode: miscellaneous fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:16 +01:00
Hugo Landau
6c091ca968 Refactor build.info
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:16 +01:00
Hugo Landau
20f457436d QUIC Thread Assisted Mode: Refactor locking to be infallible
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:16 +01:00
Hugo Landau
c4208a6a98 QUIC Thread Assisted Mode: Fix typos and use of CRYPTO_RWLOCK type
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:10 +01:00
Hugo Landau
1dd04a0fe2 QUIC Thread Assisted Mode: Support Windows XP
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:09 +01:00
Hugo Landau
99ed85bba9 Avoid races in tserver test code
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:09 +01:00
Hugo Landau
dbe7b51a8e Minor fixes to thread assisted mode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:09 +01:00
Hugo Landau
27c49c06f1 QUIC Thread Assisted Mode: Add design document
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:09 +01:00
Hugo Landau
3b1ab5a3a0 Enhance quic_tserver test to fully test thread assisted mode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:09 +01:00
Hugo Landau
4648eac533 QUIC CHANNEL: Fix idle timeout handling
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:09 +01:00
Hugo Landau
b212d554e7 QUIC CHANNEL: Allow time source to be overridden
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:09 +01:00
Hugo Landau
134b79c056 QUIC TXP: Allow caller to determine if an ACK-eliciting packet was sent
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:08 +01:00
Hugo Landau
bbc646e91a Add basic test for thread assisted mode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:08 +01:00
Hugo Landau
ffce2946c7 Switch to using ossl_crypto_mutex from CRYPTO_RWLOCK
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:08 +01:00
Hugo Landau
ccd3103771 Add channel-only tick mode and use it for thread assisted mode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:08 +01:00
Hugo Landau
f2f7c4f15a Front End for QUIC Thread Assisted Mode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:08 +01:00
Hugo Landau
9f7acf071c QUIC Thread Assist Core
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:08 +01:00
Hugo Landau
4a530180e5 Fix handshake locking
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:08 +01:00
Hugo Landau
e053505f0c Add mutex to tserver
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:08 +01:00
Hugo Landau
a8489257e6 Add locking to QUIC front-end
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:07 +01:00
Hugo Landau
4847599b54 Move channel mutex out of QUIC_CHANNEL for init/teardown flexibility
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:07 +01:00
Hugo Landau
d7b1faddab Annotate functions needing locking
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:07 +01:00
Hugo Landau
fb2245c44b QUIC Channel: Add a mutex
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:07 +01:00
Hugo Landau
c019e1efe9 QUIC Reactor: Allow a mutex to be released during waits
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:07 +01:00
Hugo Landau
2b2b26788e threading: Add ossl_crypto_condvar_wait_timeout
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20348)
2023-03-30 11:14:07 +01:00
Matt Caswell
b21306b930 Add some documentation for the new advanced s_client command mode
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20566)
2023-03-30 08:53:39 +01:00
Matt Caswell
d07b763bb9 Add a new advanced command mode to s_client
The s_client command mode just looks at the first letter on a line
and if it is one that maps to a "command" then that command is executed
and everything else on the line is ignored.

This means it is impossible to send anything over s_client that starts with
one of the "magic" letters unless you switch off command processing
entirely.

With the forthcoming quic support that will be added to s_client we expect
a significant new number of commands being added (for example to send fin
on a stream, or to list or swap between different streams, etc). This will
use up more "letters" and reduces the usability of s_client.

This PR adds a new "advanced" command processing mode. Commands are enclosed
in braces {}, and can appear anywhere in the text typed into s_client. A
brace can be escaped by sending a double {{. This gives much more
flexibility without reducing the usability of s_client. Commands can also
have "arguments" which also extends the scope of what they can be used for.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20566)
2023-03-30 08:53:39 +01:00
Michael Baentsch
7c966ab6b3 remove DSA512 from speed testing
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20603)
2023-03-30 12:26:50 +11:00
Tom Cosgrove
09cb8718fd SM4 check should be for __aarch64__, not __ARM_MAX_ARCH__ >= 8
(And then __arm__ and __arm tests are redundant)

Fixes #20604

Change-Id: I4308e75b7fbf3be7b46490c3ea4125e2d91b00b8

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20620)
2023-03-29 17:21:14 +02:00
Tom Cosgrove
7b508cd1e1 Ensure there's only one copy of OPENSSL_armcap_P in libcrypto.a
Change-Id: Ia94e528a2d55934435de6a2949784c52eb38d82f

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20621)
2023-03-29 12:21:31 +02:00
Michael Richardson
c3637cafd3 doc: add HOWTO document about Documenting public Functions and Macros
Co-authored-by: Matthias St. Pierre <matthias.st.pierre@ncp-e.com>
Co-authored-by: Tomáš Mráz <tm@t8m.info>
Co-authored-by: Lin2Jing4 <35728132+Lin2Jing4@users.noreply.github.com>
Co-authored-by: Richard Levitte <levitte@openssl.org>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17926)
2023-03-29 12:18:07 +02:00
Pauli
30ab774770 Declare FIPS option functions in their own header
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
2023-03-29 09:25:58 +11:00
Pauli
78bcbc1ea4 test: test -drbg_allow_truncated_digests option
Verify that the option produces the correct output in the FIPS configuration
file and that the default is as expected.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
2023-03-29 09:25:58 +11:00
Pauli
b345dbed28 Let fipsinstall know about DRBG digiest limiting
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
2023-03-29 09:25:58 +11:00
Pauli
808b30f6b6 changes: note the banning of truncated hashes with DRBGs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
2023-03-29 09:25:57 +11:00
Pauli
e14fc22c90 doc: note the restriction on digests used by DRBGs in FIPS mode.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
2023-03-29 09:25:19 +11:00
Pauli
f553c0f0dd DRBG: restrict the digests that can be used with HMAC and Hash DRBGs.
According to FIP 140-3 IG D.R: https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf

Outside of FIPS, there remains no restriction other than not allowing
XOF digests.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
2023-03-29 09:25:19 +11:00
Pauli
83ccf81b1d fips: rework the option handling code
Add option for restricting digests available to DRBGs.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
2023-03-29 09:25:19 +11:00
Todd Short
3c95ef22df RFC7250 (RPK) support
Add support for the RFC7250 certificate-type extensions.
Alows the use of only private keys for connection (i.e. certs not needed).

Add APIs
Add unit tests
Add documentation
Add s_client/s_server support

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18185)
2023-03-28 13:49:54 -04:00
Tomas Mraz
5ab3f71a33 Fix documentation of X509_VERIFY_PARAM_add0_policy()
The function was incorrectly documented as enabling policy checking.

Fixes: CVE-2023-0466

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20561)
2023-03-28 13:43:04 +02:00
Matt Caswell
986f9a674d Updated CHANGES.md and NEWS.md for CVE-2023-0465
Also updated the entries for CVE-2023-0464

Related-to: CVE-2023-0465

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20585)
2023-03-28 13:31:38 +02:00
Matt Caswell
591feddc61 Add a Certificate Policies Test
Test that a valid certificate policy is accepted and that an invalid
certificate policy is rejected. Specifically we are checking that a
leaf certificate with an invalid policy is detected.

Related-to: CVE-2023-0465

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20585)
2023-03-28 13:31:38 +02:00
Matt Caswell
e4142ec43b Ensure that EXFLAG_INVALID_POLICY is checked even in leaf certs
Even though we check the leaf cert to confirm it is valid, we
later ignored the invalid flag and did not notice that the leaf
cert was bad.

Fixes: CVE-2023-0465

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20585)
2023-03-28 13:31:38 +02:00
Matt Caswell
a4e7264286 Generate some certificates with the certificatePolicies extension
Related-to: CVE-2023-0465

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20585)
2023-03-28 13:31:17 +02:00
afshinpir
864c70e43e EVP_PKEY_CTX_dup segmentation fault fix
CLA: trivial
The the provider, context duplication method for signature, key
exchange, asymmetric cipher, and key encapsulation is optional. But if
they are missing, we will get a segmentation fault in `EVP_PKEY_CTX_dup`
because they are called without null pointer checking.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20581)
2023-03-27 12:53:25 +02:00
Jorge Ramirez-Ortiz
1ffb6e19ee test: evp_extra: EC, read affine coordinates
Add a test to read the EC X,Y coordinates.
Support legacy keys.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20535)
2023-03-27 12:06:21 +02:00
Jorge Ramirez-Ortiz
9adbce7493 translation: EC legacy keys, handle OSSL_PKEY_PARAM_EC_PUB_X,Y requests
Required by tpm2-tss to load legacy EC keys using the OpenSSL engine.

Fixes: https://github.com/tpm2-software/tpm2-tss/issues/2581
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20535)
2023-03-27 12:06:21 +02:00