Commit Graph

24976 Commits

Author SHA1 Message Date
Richard Levitte
6a835fcfb1 Replumbing: pre-populate the EVP namemap with commonly known names
This adds ossl_namemap_empty(), to detect if a namemap is empty and
can thereby be pre-populated.

This also affects the way legacy NIDs are looked up in
evp_cipher_from_dispatch() and evp_md_from_dispatch().  Instead of
trying to find the NID directly, look up the legacy method structure
and grab the NID from there.  The reason is that NIDs can be aliases
for other NIDs, which looks like a clash even if wasn't really one.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8984)
2019-11-20 14:22:35 +01:00
Bernd Edlinger
9ce91035bc Fix sha512_block_data_order_avx2 backtrace info
We store a secondary frame pointer info for the debugger
in the red zone.

Fixes #8853

[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9624)
2019-11-20 14:06:23 +01:00
Patrick Steuer
f7382fbbd8 Allow specifying the tag after AAD in CCM mode (2)
In addition to 67c81ec3 which introduced this behavior in CCM mode
docs but only implemented it for AES-CCM.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10331)
2019-11-20 10:40:55 +01:00
Patrick Steuer
51356a066e Dont pass zero length input to asm modules for ciphers
The asm modules may assume an input length > 0.

Fixes: #9262

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10323)
2019-11-20 10:24:53 +01:00
Rich Salz
92de469fbd Document command parameters.
Add documentation for all commands that have parameters.
Fix a couple of minor doc and programming bugs, too.

Fixes #10313

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10371)
2019-11-20 09:49:52 +01:00
Matt Caswell
1838580037 Add test for non-default sized keys in variable key size ciphers
Various ciphers have the ability to support varaible length keys.
This adds some test cases for algorithms where we did not test a key
length other than the default size.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10449)
2019-11-19 13:33:54 +00:00
Matt Caswell
d23adad113 EVP_CIPHER_CTX_set_keylen should not succeed if a bad keylen is passed
EVP_CIPHER_CTX_set_keylen() was succeeding even though a bad key length
is passed to it. This is because the set_ctx_params() were all accepting
this parameter and blindly changing the keylen even though the cipher did
not accept a variable key length. Even removing this didn't entirely
resolve the issue because set_ctx_params() functions succeed even if
passed a parameter they do not recognise.

This should fix various issues found by OSSfuzz/Cryptofuzz.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10449)
2019-11-19 13:33:54 +00:00
Shane Lontis
dbca036435 fix s390 compile error due to missing comma.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10467)
2019-11-19 10:38:05 +10:00
Xiaokang Qian
3f8907e459 Fix the issue that aes-xxx-siv algorithms failed in OpenSSL speed test
Speed test, aes-siv related cases fail on both x86 and arm.
The return value of siv_init() causes this problem, remove
the iv check to fix it.
Verify it locally, the result is pass.

Fixes #10416

Change-Id: If1a18599f3d0f56f22a1ce4f8f114b8db0f68cca

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10419)
2019-11-19 09:31:04 +10:00
Pauli
bdbf2df2e6 Properties: make query cache reference count aware.
The property query cache was not reference count aware and this could cause
problems if the property store removes an algorithm while it is being returned
from an asynchronous query.  This change makes the cache reference count aware
and avoids disappearing algorithms.

A side effect of this change is that the reference counts are now owned by the
cache and store.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10408)
2019-11-18 18:51:26 +10:00
Shane Lontis
f75abcc0f0 Fix Use after free when copying cipher ctx
Fixes #10438
issue found by clusterfuzz/ossfuzz

The dest was getting a copy of the src structure which contained a pointer that should point to an offset inside itself - because of the copy it was pointing to the original structure.

The setup for a ctx is mainly done by the initkey method in the PROV_CIPHER_HW structure. Because of this it makes sense that the structure should also contain a copyctx method that is use to resolve any pointers that need to be setup.

A dup_ctx has been added to the cipher_enc tests in evp_test. It does a dup after setup and then frees the original ctx. This detects any floating pointers in the duplicated context that were pointing back to the freed ctx.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10443)
2019-11-18 13:13:05 +10:00
Richard Levitte
de0799b0fc PEM: constify PEM_write_ routines
There's no reason why the object to be written, or the key string
given by the caller should be non-const.

This makes the IMPLEMENT_PEM_..._const and  DECLARE_PEM_..._const
macros superfluous, so we keep them around but mark them deprecated.

In all places where IMPLEMENT_PEM_..._const and  DECLARE_PEM_..._const
are used, they are replaced with the corresponding macros without
'_const'.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10452)
2019-11-18 02:34:12 +01:00
Patrick Steuer
97a986f782 s390x assembly pack: fix bn_mul_comba4
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10454)
2019-11-17 13:52:02 +01:00
Anthony Hu
2555285fa5 Add missing EVP_PKEY_METHOD accessors for digestsign and digestverify
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10388)
2019-11-17 08:27:06 +01:00
raniervf
4bac25e111 commit a6efbe123af3d98b4d10d4fcdfe68dc5303212f8
Author: raniervf <ranier_gyn@hotmail.com>
Date:   Thu Nov 7 18:59:11 2019 -0300

Avoid calling strlen repeatedly in loops.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10380)
2019-11-16 08:29:26 +10:00
Rich Salz
d7cea0b8f5 Fix some broken doc links
Replace L<> link to header-file with a C<> reference.
Change some broken L<provider(3)> links to L<provider(7)>.
For consistency, rename four cipher pages to have a specific mode.
Fix up all references to any "generic" names to point to specific names.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10100)
2019-11-15 17:20:33 +01:00
Matt Caswell
9386303086 Make sure we free the CONF structure allocated by confdump
A travis build was failing because of a memory leak in confdump due to
us not freeing an allocated CONF structure.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10429)
2019-11-15 11:08:18 +00:00
Patrick Steuer
985412f8c1 travis.yml: add arch s390x target
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10446)
2019-11-15 11:15:43 +01:00
Patrick Steuer
e74b5dcf16 testutil/init.c rename to testutil/testutil_init.c
Avoid conflicts with some linkers.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10439)
2019-11-14 20:36:38 +01:00
Tomas Mraz
a90311fead A few fixes in the EVP_KDF-KB and EVP_KDF-KRB5KDF manpages
The context and label is info and salt respectively - fix
the example in KB manpage for that.

There are some typos and bug in EVP_KDF_derive call in the
KRB5KDF example.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10426)
2019-11-14 17:26:16 +01:00
Tomas Mraz
f3d0c92b42 Delete recently documented functions from missingcrypto
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10432)
2019-11-14 17:23:29 +01:00
Matt Caswell
c15faa8d5c Fix an uninitialised read in conf_def.c
PR 8882 added a new field to the CONF structure. Unfortunately this
structure was created using OPENSSL_malloc() and the new field was not
explicitly initialised in the "init" function. Therefore when we came to
read it for the first time we got an uninitialised read.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10428)
2019-11-14 10:42:45 +00:00
Matt Caswell
b3b045f6b0 Fix no-blake2
We modify the build.info file to exclude the legacy_blake2.c file in
the event that blake2 support has been disabled.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10425)
2019-11-14 10:04:37 +00:00
Matt Caswell
1aa516b943 Fix no-engine
Fix a misplaced "#endif" which was disabling a little too much code.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10423)
2019-11-14 09:59:01 +00:00
Richard Levitte
1640d48c5b CORE & PROV: make export of key data leaner through callback
Exporting data from a provider owned domainparams or key is quite an
ordeal, with having to figure out what parameter keys an
implementation supports, call the export function a first time to find
out how large each parameter buffer must be, allocate the necessary
space for it, and call the export function again.

So how about letting the export function build up the key data params
and call back with that?  This change implements exactly such a
mechanism.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10414)
2019-11-14 10:53:14 +01:00
Matt Caswell
726ad13c4e Fix no-cmac and no-camellia
Guard two tests that depend on CMAC and Camellia so that we don't fail
if those algorithms are not available.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10424)
2019-11-14 09:44:18 +00:00
Matt Caswell
d7e4aecd89 Add confdump to .gitignore
We added a new executable to the test directory which didn't match the
existing gitignore rules, so we add it explicitly.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10430)
2019-11-14 09:40:24 +00:00
Matt Caswell
d8fef6da57 Document various new/changes EVP_PKEY_CTX_* functions
We have converted a number of macros to functions and made them work
with providers. We've also added some *_ex() variants that needed
documenting.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)
2019-11-14 09:29:46 +00:00
Matt Caswell
c68f5050db Document the public EVP_ASYM_CIPHER releated functions
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)
2019-11-14 09:29:46 +00:00
Matt Caswell
11d876df50 Add documentation for the Asymmetric Cipher Operation
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)
2019-11-14 09:29:46 +00:00
Matt Caswell
89abd1b6f4 Move RSA Asym cipher code to the default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)
2019-11-14 09:29:46 +00:00
Matt Caswell
081d08fa58 Increase OSSL_PARAM_BLD_MAX for multi-prime RSA
The old value of 10 for OSSL_PARAM_BLD_MAX is insufficient for multi-prime
RSA. That code has this assert:

        if (!ossl_assert(/* n, e */ 2 + /* d */ 1 + /* numprimes */ 1
                         + numprimes + numexps + numcoeffs
                         <= OSSL_PARAM_BLD_MAX))
            goto err;

So we increase OSSL_PARAM_BLD_MAX which would be enough for 7 primes
(more than you would ever reasonably want).

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)
2019-11-14 09:29:46 +00:00
Matt Caswell
2c938e2ee8 Implement provider support for Asym Ciphers
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)
2019-11-14 09:29:46 +00:00
Matt Caswell
46ef075a99 Allow strings in params to be of zero length
Sometimes it is useful to be able to pass NULL/zero length strings

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)
2019-11-14 09:29:21 +00:00
Matt Caswell
b3f3ba7011 Allow setting a NULL pointer in a params structure
Sometimes it is valid to send a NULL pointer in params.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)
2019-11-14 09:29:21 +00:00
Richard Levitte
10e7216e50 CORE: Add a generic callback function type
This offers a very generic way to define a callback as well as calling
it.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10412)
2019-11-14 08:22:29 +01:00
Joerg Schmidbauer
c31950b964 chacha_enc.c: fix for EBCDIC platforms
Signed-off-by: Joerg Schmidbauer <jschmidb@de.ibm.com>

Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10417)
2019-11-13 17:59:48 +01:00
Nicola Tuveri
3cc26f2eba Extend docs for EC_POINT conversion functions
Add more explicit documentation about the relation between
EC_POINT_point2oct(), EC_POINT_point2hex(), EC_POINT_point2bn() and
their reverse.

In particular highlight that EC_POINT_point2oct() and
EC_POINT_oct2point() conform to, respectively, Sec. 2.3.3 and Sec. 2.3.4
of the SECG SEC 1 standard (which is the normative reference for the
already mentioned RFC 5480), highlighting with a note how this affect
the encoding/decoding of the point at infinity (which in contrast with
any other valid generic point of a curve is assigned an exceptional
fixed octet string encoding, i.e., 0x00).

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10329)
2019-11-13 18:02:51 +02:00
Nicola Tuveri
35ed029b5a Add self-test for EC_POINT_hex2point
Adds tests for each curve to ensure that encodings obtained through
EC_POINT_hex2point() can be fed to EC_POINT_point2hex() yielding a point
identical to the one from which the encoding is generated.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10329)
2019-11-13 18:02:51 +02:00
Nicola Tuveri
d47c108756 Fix EC_POINT_bn2point() for BN_zero()
EC_POINT_bn2point() rejected BIGNUMs with a zero value.

This behavior indirectly caused failures when converting a point
at infinity through EC_POINT_point2hex() and then back to a point with
EC_POINT_hex2point().

With this change such BIGNUMs are treated like any other and exported to
an octet buffer filled with zero.
It is then EC_POINT_oct2point() (either the default implementation or
the custom one in group->meth->oct2point) to determine if such encoding
maps to a valid point (generally the point at infinity is encoded as
0x00).

Fixes #10258

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10329)
2019-11-13 18:02:51 +02:00
Dr. Matthias St. Pierre
a7372f5922 libcrypto.num: remove some unused EVP_MAC symbols
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10421)
2019-11-13 16:44:17 +01:00
Nicola Tuveri
b2a7310af0 Add more tests for apps/req
https://github.com/openssl/openssl/issues/10224#issuecomment-546593113
highlighted that existing testing infrastructure is not covering common
usage patterns of the `req` app.

This commit explicitly adds request generations thorugh the CLI using
RSA, DSA and ECDSA (P-256) keys.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/pr-10312)
2019-11-13 16:58:37 +02:00
Jon Spillett
eb389a75c0 Add missing docs for some PKCS12 functions
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9752)
2019-11-12 18:14:31 +01:00
Dr. David von Oheimb
40fa9d9ef7 add OPENSSL_FUNC.pod documenting OPENSSL_MSTR, OPENSSL_FUNC, and friends
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/10236)
2019-11-12 16:12:38 +00:00
Dr. David von Oheimb
932748fe2e re-add definition of OPENSSL_MSTR deleted from opensslv.h in macros.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/10236)
2019-11-12 16:12:38 +00:00
Richard Levitte
ee669781d5 SSL: Document SSL_add_{file,dir,store}_cert_subjects_to_stack()
This also removes the incorrect documentation comments by those
functions, and fixes a bug in SSL_add_store_cert_subjects_to_stack(),
where the condition for recursive addition was 'depth == 0' when it
should be 'depth > 0'.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10402)
2019-11-12 13:38:36 +01:00
Richard Levitte
5aaba37618 Add a tester of OpenSSL config files and test the current .pragma
test/confdump.c reads an OpenSSL config file and prints out the
processed result.  This can be used to check that a config file is
processed correctly.

We add a test recipe and the necessary data to test the dollarid
pragma.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8882)
2019-11-12 13:33:12 +01:00
Richard Levitte
0255c1742a Add a .pragma directive for configuration files
Currently added pragma:

.pragma dollarid:on

This allows dollar signs to be a keyword character unless it's
followed by a opening brace or parenthesis.

Fixes #8207

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8882)
2019-11-12 13:33:12 +01:00
Richard Levitte
4d301427a9 Make sure KDF reason codes are conserved in their current state
Because KDF errors are deprecated and only conserved for backward
compatibilty, we must make sure that they remain untouched.  A simple
way to signal that is by modifying crypto/err/openssl.ec and replace
the main header file (include/openssl/kdf.h in this case) with 'NONE',
while retaining the error table file (crypto/kdf/kdf_err.c).

util/mkerr.pl is modified to silently ignore anything surrounding a
conserved lib when such a .ec line is found.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10368)
2019-11-12 13:30:35 +01:00
Richard Levitte
905b097fd5 Deprecate ERR_load_KDF_strings()
Not only deprecate, but also remove the reason strings and make
ERR_load_KDF_strings() do nothing.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10368)
2019-11-12 13:30:35 +01:00