mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-06 13:26:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
28,484 Commits 34 Branches 385 Tags 420 MiB
8bf611bc7f
Commit Graph

525 Commits

Author SHA1 Message Date
Pauli
8bf611bc7f update set_ctx_param store management calls to return 1 for a NULL params 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:30 +10:00
Pauli
20b8dc6fb1 update set_ctx_param DRBG calls to return 1 for a NULL params 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:30 +10:00
Pauli
5a6b62bb42 update set_ctx_param MAC calls to return 1 for a NULL params 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:30 +10:00
Pauli
c983a0e521 prov: add extra params argument to KDF implementations 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:21 +10:00
Pauli
12ddfa6b34 support params argument to AES cipher init calls 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:21 +10:00
Pauli
83da94ffa8 prov: support params argument to common cipher init calls 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:21 +10:00
Pauli
deee967272 prov: support param argument to DES cipher init calls 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:21 +10:00
Pauli
8b81a89d06 prov: support param argument to null cipher init calls 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:21 +10:00
Pauli
f336f98dbf prov: support params argument to CHACHA20 ciphers 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:21 +10:00
Pauli
8f42380a21 prov: support params argument to RCx ciphers 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:21 +10:00
Pauli
556b8937d0 prov: support params arguments to signature init calls 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:21 +10:00
Pauli
5506cd0bbd prov: update digests to support modified ctx params 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:21 +10:00
Pauli
d7ec1dda2e prov: support param argument to digest init calls 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:11 +10:00
Pauli
5a084c5f0b prov: update KEM to support params on init() 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:11 +10:00
Pauli
2b2f4f9b1b prov: update exchange algorithms to support params on the init call 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:11 +10:00
Pauli
cbdeb04c90 prov: asym ciphers take an extra init() params argument 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:11 +10:00
Pauli
f9562909b7 provider: add params argument to key manager's gen_init call 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
 2021-03-12 08:27:11 +10:00
Richard Levitte
c9d01f4186 PROV: use EVP_CIPHER_CTX_set_params() rather than EVP_CIPHER_CTX_ctrl() 
This is in gmac_final(), where the cipher is known to be fetched.
It's more suitable to use OSSL_PARAMs than _ctrl functions, as the
latter are expected to become obsolete.

Fixes #14359

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14484)
 2021-03-11 17:21:59 +01:00
Matt Caswell
8020d79b40 Update copyright year 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14512)
 2021-03-11 13:27:36 +00:00
Pauli
141cc94e44 Add a real type for OSSL_CORE_BIO which is distinct from and not castable to BIO 
Providers (particularly the FIPS provider) needs access to BIOs from libcrypto.
Libcrypto is allowed to change the internal format of the BIO structure and it
is still expected to work with providers that were already built.  This means
that the libcrypto BIO must be distinct from and not castable to the provider
side OSSL_CORE_BIO.

Unfortunately, this requirement was broken in both directions.  This fixes
things by forcing the two to be different and any casts break loudly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14419)
 2021-03-11 09:25:57 +10:00
Shane Lontis
7a45d51ce3 Use BIO_f_readbuffer() in the decoder to support stdin. 
Fixes #13185
Fixes #13352

Removed the existing code in file_store that was trying to figure out the
input type.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14407)
 2021-03-11 07:57:36 +10:00
Dr. David von Oheimb
39a61e69b8 OSSL_STORE: restore diagnostics on decrypt error; provide password hints 
Fixes #13493

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13525)
 2021-03-04 08:54:09 +01:00
Pauli
87994aa847 rand: remove FIPS mode conditional code. 
The FIPS provider no longer has seeding sources inside the boundary, the
related conditional code can therefore be removed.

Fixes #14358

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14382)
 2021-03-03 21:22:06 +10:00
Tomas Mraz
fb67126ea8 EVP_PKEY_CTX_get/settable_params: pass provider operation context 
This allows making the signature operations return different
settable params when the context is initialized with
EVP_DigestSign/VerifyInit.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14338)
 2021-03-03 11:25:39 +01:00
Tomas Mraz
81f9af3460 Remove todos in decode_der2key.c and decode_ms2key.c 
Those TODOs do not really apply to 3.0 as the legacy internal
keys will stay.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Tomas Mraz
77b03f0e8f Improve error reporting in key exchange provider implementations 
Added some error reporting in dh_exch.c and unified error reporting
with it in other key exchange methods.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Tomas Mraz
f5c629a00a Remove unused MAX_TLS_MAC_SIZE define 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Tomas Mraz
fffb67343e Remove todos in providers/implementations/include/prov 
Those TODOs are not relevant anymore as the headers
are now in providers.

Also make the header guard defines better reflect the
header placement.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Tomas Mraz
8d05a65256 Resolve TODOs in signature implementations. 
The DER writing errors can be ignored safely.

Document that the EVP_MAX_MD_SIZE is a hardcoded limit
for digest sizes.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
 2021-03-03 10:00:21 +10:00
Rich Salz
b0aae91324 Remove RSA SSLv23 padding mode 
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14248)
 2021-03-01 10:56:12 +01:00
Pauli
b98d550d80 prov: update rand implementations to have a params argument for the instantiate call 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
f5081be376 prov: add additional argument to KDF derive call in key exchange 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
3469b38816 prov: add extra params argument to KDF implementations 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
1dfe97530f update poly1305 to have additional init arguments 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
80ba2526fa update BLAKE2 to have additional init arguments 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
ac238428ce prov: update kmac to have additional init arguments 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
c23f96f3f6 prov: update hmac to have additional init arguments 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
0a56b3c2e5 prov: update gmac to have additional init arguments 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
005b190297 prov: update cmac to have additional init arguments 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
cf5784aa03 prov: use new MAC_init arguments in HMAC-DRBG 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
91593b3784 prov: use new MAC_init arguments in signature legacy code 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:49 +10:00
Pauli
2524ec1ac2 prov kdf: update to use the extra MAC init arguments 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:48 +10:00
Pauli
8f5d64b102 prov: update SipHash to new init function 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:48 +10:00
Pauli
ae7d90a159 siphash: Add the C and D round parameters for SipHash. 
This represents a gap in functionality from the low level APIs.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
 2021-02-28 17:25:48 +10:00
Richard Levitte
c8182743a7 PROV: Implement an EC key -> blob encoder, to get the public key 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/14291)
 2021-02-27 16:14:09 +01:00
Pauli
644c5dd366 prov: upport modified gettable/settable ctx calls for ciphers 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
 2021-02-26 18:08:41 +10:00
Pauli
eee323c339 prov: support modified gettable/settable ctx calls for MACs 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
 2021-02-26 18:08:41 +10:00
Pauli
1e8e5c6092 prov: support modified gettable/settable ctx calls for KDFs 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
 2021-02-26 18:08:41 +10:00
Pauli
a3f091fddd prov: update RNGs to support modified gettable/settable CTX params 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
 2021-02-26 18:08:41 +10:00
Pauli
e772f25ca8 prov: update digests to support modified ctx params 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
 2021-02-26 18:08:41 +10:00