mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-15 06:01:37 +08:00
Code Issues Packages Projects Releases Wiki Activity
28,367 Commits 34 Branches 385 Tags 513 MiB
77b03f0e8f
Commit Graph

28367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tomas Mraz
77b03f0e8f Improve error reporting in key exchange provider implementations 
Added some error reporting in dh_exch.c and unified error reporting
with it in other key exchange methods.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Tomas Mraz
f5c629a00a Remove unused MAX_TLS_MAC_SIZE define 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Tomas Mraz
fffb67343e Remove todos in providers/implementations/include/prov 
Those TODOs are not relevant anymore as the headers
are now in providers.

Also make the header guard defines better reflect the
header placement.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Tomas Mraz
8d05a65256 Resolve TODOs in signature implementations. 
The DER writing errors can be ignored safely.

Document that the EVP_MAX_MD_SIZE is a hardcoded limit
for digest sizes.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Tomas Mraz
f378755d62 statem_lib.c: Remove TODOs that are unnecessary 
If the EVP_MD_CTX_ctrl is deprecated the code will
generate deprecation warnings. So there is no point in marking
all EVP_MD_CTX_ctrl() calls with TODOs.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Tomas Mraz
5e2f580d4a test_ssl_new: X448, X25519, and EdDSA are supported with fips 
Removed the related TODOs.

Also adjusted the DH parameters used for the DH test to be acceptable
for FIPS as that now allows only known safe prime parameters.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Tomas Mraz
21b7dfa8ad evp_extra_test2: Remove TODO 3.0 
The TODO marks optional cleanup that can be done any time in future.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Tomas Mraz
b3c155b83c evp_extra_test: Remove TODO comment as setting the curve is mandatory 
Even with the SM2 algorithm the curve is needed for the paramgen.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Matt Caswell
d36a5dd05e Fix a copy&paste error in evp_extra_test 
test_EC_priv_pub fails to test the case where both a private and public
key have been supplied.

Fixes #14349

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14351)
 2021-03-02 14:58:40 +00:00
Fangming.Fang
d7d8e2c894 Fix compiling error on arm 
Fixes #14313

Change-Id: I0dc9dd475a1ed1331738355fbbec0c51fbcb37f1

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14346)
 2021-03-02 21:25:00 +10:00
Dr. David von Oheimb
025c0f5289 openssl-cmp.pod.in: replace the term 'verify' by the more correct 'validate' 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14018)
 2021-03-02 11:05:34 +01:00
Dr. David von Oheimb
dd5fa5f5af CMP: On NULL-DN subject or issuer input omit field in cert template 
Also improve diagnostics on inconsistent cert request input in apps/cmp.c,
add trace output for transactionIDs on new sessions,
and update the documentation in openssl-cmp.pod.in.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14018)
 2021-03-02 11:05:34 +01:00
Pauli
e1f946630f test: use the new set public and private together call 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14341)
 2021-03-02 13:23:17 +10:00
Pauli
740582cfaf test: add utility function to set the fake random callback on both the public and private instances 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14341)
 2021-03-02 13:23:17 +10:00
Pauli
fccdb61aee test: update ECDSA and SM2 internal tests in line with the fake_random change 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14341)
 2021-03-02 13:23:17 +10:00
Pauli
5a11de50a4 test: update test_random to create real contexts instead of sharing one 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14341)
 2021-03-02 13:23:17 +10:00
Richard Levitte
0647162f6a make update 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14352)
 2021-03-01 13:39:43 +01:00
UndefBehavior
bed963d58d Fix build of /dev/crypto engine with no-dynamic-engine option 
CLA: trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14329)
 2021-03-01 12:02:42 +01:00
Rich Salz
b0aae91324 Remove RSA SSLv23 padding mode 
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14248)
 2021-03-01 10:56:12 +01:00
Dr. David von Oheimb
d546e8e267 Generalize schmeme parsing of OSSL_HTTP_parse_url() to OSSL_parse_url() 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14009)
 2021-03-01 10:30:43 +01:00
Dr. David von Oheimb
7932982b88 OSSL_HTTP_parse_url(): Handle any userinfo, query, and fragment components 
Now handle [http[s]://][userinfo@]host[:port][/path][?query][#frag]
by optionally providing any userinfo, query, and frag components.

All usages of this function, which are client-only,
silently ignore userinfo and frag components,
while the query component is taken as part of the path.
Update and extend the unit tests and all affected documentation.
Document and deprecat OCSP_parse_url().

Fixes an issue that came up when discussing FR #14001.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14009)
 2021-03-01 10:30:43 +01:00
Dr. David von Oheimb
e60e974414 apps/x509.c: Fix mem leaks in processing of -next_serial in print loop 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14340)
 2021-02-28 11:46:34 +01:00
Dr. David von Oheimb
46a11faf3b apps/x509.c: Improve print_name() and coding style of large print loop in x509_main() 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14340)
 2021-02-28 11:46:34 +01:00
Dr. David von Oheimb
859e5f1621 apps/x509.c: Improve indentation of the large print loop in x509_main() 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14340)
 2021-02-28 11:46:34 +01:00
Dr. David von Oheimb
ed0a5ac920 apps/x509.c: Fix too eager call to X509_set_issuer_name() introduced recently 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14340)
 2021-02-28 11:46:34 +01:00
Pauli
d5a936c5b1 rand: use params argument on instantiate call 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
dbf299f73d core: add params argument to DRBG instantiate call 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
f8a5822cff doc: update documenation with params argument on DRBG instantiate calls 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
7198bd1a8f test: update tests to allow for params argument for the instantiate call on EVP_RAND_CTXs 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
b98d550d80 prov: update rand implementations to have a params argument for the instantiate call 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
8d5b197b28 fips: update DRBG KATs for the extra instantiate argument 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
671ff5c74e evp: add params argument to EVP_RAND_instantiate() 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
6980e36a2a doc: document additional argument to KDF derive calls 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
f5081be376 prov: add additional argument to KDF derive call in key exchange 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
6bcd32a43f fips: add additional argument to KDF derive call in self test 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
36fae6e85a crypto: add additional argument to KDF derive calls 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
bb0ab821f3 apps: add addition argument to KDF derive call 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
3469b38816 prov: add extra params argument to KDF implementations 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
5cceedb583 tls: adjust for extra argument to KDF derive call 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
05cdec396b test: adjust tests to include extra argument to KDF derive call 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
7c75f2daf8 evp: add param argument to KDF derive call 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
a9603292fb core: add param argument to KDF derive call 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
dc567dc746 doc: update provider-mac documentation to account for the additional init() arguments 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
9258f7efa7 doc: update KMAC doc to not say that the `KEY\' parameter needs to be set before the init call 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
7f7640c455 apps: update speed to use the additional arguments to MAC_init 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
afa44486c5 doc: note the additional parameters to EVP_MAC_init() 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
1dfe97530f update poly1305 to have additional init arguments 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
80ba2526fa update BLAKE2 to have additional init arguments 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
ac238428ce prov: update kmac to have additional init arguments 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
c23f96f3f6 prov: update hmac to have additional init arguments 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00