2
0
mirror of https://github.com/openssl/openssl.git synced 2024-12-21 06:09:35 +08:00
Commit Graph

29483 Commits

Author SHA1 Message Date
Shane Lontis
1ee04b791b Fix buffer overflow when generating large RSA keys in FIPS mode.
A pairwise test runs only in FIPS mode.
An assumption about the size of the 'to' buffer passed to
RSA_private_decrypt() was incorrect. It needs to be up to RSA_size()
bytes long - so a fixed buffer of 256 bytes was not large enough.
An exiting malloc has increased in size to allocate buffer space for
both the encrypt and decrypt buffer.

The existing test used 2080 bits which was not quite large enough to
trigger the issue. A test using 3072 bits has been added.

Reported by Mark Powers from Acumen.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15447)
2021-05-26 17:57:37 +10:00
Tom Cosgrove
0221b080ce Fix -static builds on master
Pull in Todd Short's fix cfd7225fbb from 1.1.1, which moves the disabling
of pic, threads and statics to before they are checked.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15214)
2021-05-26 17:34:01 +10:00
Pauli
b93f6c2db9 err: rename err_load_xxx_strings_int functions
The new names are ossl_err_load_xxx_strings.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15446)
2021-05-26 13:01:47 +10:00
Petr Gotthard
9080ed2175 Fix building of test/pbetest.c
The test_pkcs5_pbe() function is required twice:
once `if !defined OPENSSL_NO_RC4 && !defined OPENSSL_NO_MD5`
and once `if !defined OPENSSL_NO_DES && !defined OPENSSL_NO_SHA1`

Hence there should be `||` between those. Currently the build fails
if the first condition is false, while the second is true.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15432)
2021-05-26 10:20:24 +10:00
Jon Spillett
b8c09a893c Add special case to skip RC4 reinit
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15276)
2021-05-26 07:27:25 +10:00
Jon Spillett
2710ddef6f Add an evp_libctx_test test run for legacy provider
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15276)
2021-05-26 07:27:25 +10:00
Benjamin Kaduk
1376708c1c Allow TLS13_AD_MISSING_EXTENSION for older versions
Add a pass-through switch case for TLS13_AD_MISSING_EXTENSION in
ssl3_alert_code() and tls1_alert_code(), so that the call to
SSLfatal() in final_psk() will always actually generate an alert,
even for non-TLS1.3 protocol versions.

Fixes 

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15412)
2021-05-25 14:13:22 -07:00
Dr. David von Oheimb
e6e618bf22 Remove tmp file smcont.signed_ that was used for debuggin PR
This file made it into the master branch by mistake.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15438)
2021-05-25 23:07:49 +02:00
Tomas Mraz
6fc4d876d4 write-man-symlinks: Write relative symlinks not absolute
Fixes 

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15437)
2021-05-25 17:14:09 +02:00
Dr. David von Oheimb
a7e4ca5b4e Add warning to key/param generating apps on potential delay due to missing entropy
This also introduces app_keygen() and app_paramgen() and cleans up err reporting.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12095)
2021-05-25 15:16:54 +02:00
Jan Lana
8d67621de1 fix Solaris OS detection in config.pm
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15439)
2021-05-25 11:54:49 +02:00
Tomas Mraz
817d408dd9 Do not try to install image directories with no images
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15433)
2021-05-25 11:53:36 +02:00
Tomas Mraz
349fd92429 FIPS checksums CI: use merge checkout to compute the new checksums
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15433)
2021-05-25 11:53:36 +02:00
Tomas Mraz
057fc59a89 Windows CI: properly drop test_fuzz* tests to speed up things
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15433)
2021-05-25 11:53:36 +02:00
Tomas Mraz
3113192705 Windows CI: Add make install step on the shared 64 bit build
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15433)
2021-05-25 11:53:36 +02:00
Pauli
4f7fc52979 regenerate FIPS checksums
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15365)
2021-05-25 19:36:27 +10:00
Pauli
969fdad750 checksum: include header files in the checksumming output
Fixes 

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15365)
2021-05-25 19:36:27 +10:00
Richard Levitte
f0fa37a4a7 Fix 'openssl req' to be able to use provided keytypes
'openssl req' was still using old APIs that could only deal with
EVP_PKEY_ASN1_METHOD based EVP_PKEYs.  Now modified to use more
generic functions that can handle all forms of EVP_PKEY, this app
should be ready for the future.

Fixes 

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15400)
2021-05-25 11:21:06 +02:00
Pauli
eb1b66f00c mac: add a getter for the MAC block size.
Fixes 

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15427)
2021-05-25 17:23:50 +10:00
Pauli
36b6db08fe test: add evp_tests for the MAC size and block size
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15427)
2021-05-25 17:23:50 +10:00
Pauli
edc9ce8ef4 doc: document the MAC block size getter
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15427)
2021-05-25 17:23:50 +10:00
Shane Lontis
2abffec0f0 Add fipsinstall option to run self test KATS on module load
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15149)
2021-05-25 14:57:48 +10:00
Rich Salz
a861711bcd Remove engine_table_select_int
Add missing file/line args and call it engine_table_select

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15419)
2021-05-25 10:26:59 +10:00
Richard Levitte
3c9f992aa0 DOCS: Don't mention internal functions in public documentation
This time noticed in OSSL_trace_set_channel.pod, and it turned out to
be easy to mention the public functions affected instead.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15422)
2021-05-25 10:24:57 +10:00
Juergen Christ
7217decc7c Fix warning in gf_serialize
Compiling under -Werror fails in gf_serialize:

crypto/ec/curve448/f_generic.c:21:27: error: argument 1 of type 'uint8_t[56]' {aka 'unsigned char[56]'} with mismatched bound [-Werror=array-parameter=]
   21 | void gf_serialize(uint8_t serial[SER_BYTES], const gf x, int with_hibit)
      |                   ~~~~~~~~^~~~~~~~~~~~~~~~~
In file included from crypto/ec/curve448/f_generic.c:12:
crypto/ec/curve448/field.h:65:28: note: previously declared as 'uint8_t *' {aka 'unsigned char *'}
void gf_serialize(uint8_t *serial, const gf x, int with_highbit);
                  ~~~~~~~~~^~~~~~
Changed parameter to pointer to fix this warning.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15376)
2021-05-24 14:39:01 +02:00
Richard Levitte
733094ec6b TEST: Avoid using just 'example.com' - test_cmp_http
We have reports that some are using example.com in their /etc/hosts
for testing purposes, so we can't necessarily assume that those will
fail.

We fix it by using "random" hosts in that domain.

Fixes 

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15398)
2021-05-24 14:38:40 +02:00
Florian Mickler
e16d9afe41 openssl srp: make index.txt parsing error more verbose
If index.txt exists but has some problems (like for example
consisting of a single \n character or number of fields wrong in one of the lines)
then openssl will just exit. This fixes it by printing an error when
load_index returns null.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15360)
2021-05-24 14:37:00 +02:00
Florian Mickler
2c6e33d863 openssl ocsp: make index.txt parsing error more verbose
If index.txt exists but has some problems (like for example consisting of a single \n character in it,
or some field-number error in one of the lines) openssl will just exit without any error message.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15360)
2021-05-24 14:37:00 +02:00
Florian Mickler
ca29cc1453 openssl ca: make index.txt parsing error more verbose
If index.txt exists but has some problems (like for example a single \n character in it) openssl will just exit without any error message.

Bug at least expirienced twice: https://superuser.com/questions/1327848/openssl-ca-fails-after-password-without-error-message

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15360)
2021-05-24 14:36:59 +02:00
Matt Caswell
669967fdd8 Don't try the same decoder multiple times
The function collect_decoder decides whether a given decoder should be
tried or not. It loops through all the names for matching keymgmts to
see if any are a match or not. If there is a match then the decoder gets
added. However, each keymgmt may have multiple aliases and a decoder was
being added for each one. For example DHX has 4 alias names, and therefore
4 instances of the DHX decoder were added and being tried.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15404)
2021-05-24 09:39:27 +01:00
Tomas Mraz
69d8cf70ef Windows CI: use nasm on 32bit and 64bit shared builds
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15349)
2021-05-24 09:47:05 +02:00
Tomas Mraz
d7c18395bf Add some basic Windows builds to the Windows CI workflow
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15349)
2021-05-24 09:47:05 +02:00
Jon Spillett
094287551a Add a test for PKCS5_PBE_keyivgen()
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14326)
2021-05-24 15:23:37 +10:00
Jon Spillett
8bb6fdfc99 Added PKCS5_PBE_keyivgen_ex() to allow PBKDF1 algorithms to be fetched for a specific library context
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14326)
2021-05-24 15:21:25 +10:00
Jon Spillett
0f183675b8 Add PBKDF1 to the legacy provider
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14326)
2021-05-24 15:21:25 +10:00
Matt Caswell
d136db212e Remove some perl 5.14 use from rsaz-avx512.pl
The non-destructive substitution syntax (s///r), was introduced in perl
5.14. We need to support 5.10 and above.

Fixes 

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15379)
2021-05-24 11:23:58 +10:00
Shane Lontis
7c14d0c1c0 Rename the field 'provctx and data' to 'algctx' inside some objects containing
pointers to provider size algorithm contexts.

Fixes 

The gettable_ctx_params methods were confusingly passing a 'provctx' and
a provider context which are completely different objects.
Some objects such as EVP_KDF used 'data' while others such as EVP_MD used 'provctx'.

For libcrypto this 'ctx' is an opaque ptr returned when a providers algorithm
implementation creates an internal context using a new_ctx() method.
Hence the new name 'algctx'.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15275)
2021-05-24 10:12:18 +10:00
Pauli
c45df3302d fips: default to running self tests when starting the fips provider
Also add a C++ constructor as per note 7 of IG 9.10 if no DEP is available and
C++ is being used.

Fixes 

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15324)
2021-05-24 09:43:11 +10:00
Pauli
bca0ffe8b3 doc: update core_thread_start() documentation
It is now passed an arugment to pass to the callback

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15278)
2021-05-24 09:39:15 +10:00
Matt Caswell
c9732f0953 Fix a memleak in the FIPS provider
If the DRBG is used within the scope of the FIPS OSSL_provider_init
function then it attempts to register a thread callback via c_thread_start.
However the implementation of c_thread_start assumed that the provider's
provctx was already present. However because OSSL_provider_init is still
running it was actually NULL. This means the thread callback fail to work
correctly and a memory leak resulted.

Instead of having c_thread_start use the provctx as the callback argument
we change the definition of c_thread_start to have an explicit callback
argument to use.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15278)
2021-05-24 09:39:15 +10:00
Pauli
b3135f56a6 test: fix typo in comment in threadstest.c
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15278)
2021-05-24 09:39:15 +10:00
Pauli
ec91f1ae19 core: condition out more in FIPS builds
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15278)
2021-05-24 09:39:15 +10:00
Pauli
235776b2c7 test: add test case to reliably reproduce RAND leak during POST
The FIPS provider leaks a RAND if the POST is run at initialisation time.
This test case reliably reproduces this event.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15278)
2021-05-24 09:39:15 +10:00
Dr. David von Oheimb
b6f0f050fd 80-test_cmp_http: Invert and correct the logic of success vs. failure exit
This makes the logic more intuitive and corrects the interpretation for NonStop.
Fixes 

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15402)
2021-05-22 14:31:36 +02:00
Dr. David von Oheimb
5771017d06 apps/cms.c: Correct -sign output and -verify input with -binary
Also add related warnings on irrelevant use of -nodetach and -content options.

Fixes 

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15358)
2021-05-22 14:28:51 +02:00
Richard Levitte
d0ccefdb77 Disable loader_attic by default on VMS
The reason is that it currently doesn't build properly, due to the of
pvkfmt.c, causing multiply defined symbols since libcrypto exports
them as well.  At the same time, it can't do without that source file,
or it won't have access to certain internal symbols from there.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15320)
2021-05-22 14:12:51 +02:00
Richard Levitte
4b2981f13e Make it possible to disable the loader_attic engine
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15320)
2021-05-22 14:12:51 +02:00
Richard Levitte
b4810b70ff VMS: Fix run of generic generator programs in descrip.mms.tmpl
For a generic program, always go through the MCR utility.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15397)
2021-05-22 13:48:31 +02:00
Richard Levitte
1b77f00a9b Configurations/descrip.mms.tmpl: rework the inclusion hacks
Because VMS C has some trouble with recursive inclusion of header
files, we have had to help it out for object files where there is such
an inclusion structure.

Previously, we did so with temporary logical names that were the same
as the first directory in an inclusion, so for example, to enable this
inclusion (found in ssl/ssl_local.h), we created the logical name
"record" when building any of the object files in the ssl/
subdirectories:

    #include "record/record.h"

However, there is another way with the VMS C compiler, to selectively
specify extra include directories in Unix form directly to the
compiler.  The logic is that from the directory where the source file
to compile is located, the specified inclusion directory merged with
the inclusion string should be able to access to specified header
file.

So for example, when a file in ssl/record/ is compiled, the following
inclusion is found:

    #include "../ssl_local.h"

So far so good, VMS C handles it properly.  However, the recursive
inclusion of "record/record.h" fails.  However, if the compiler is
helped out a little bit, with the following extra qualifier, then it
works:

    /INCLUDE="../"

The reason is that the compiler merges "../" and "record/record.h"
into "../record/record.h", which is the correct path to that header
file from the directory of the source file being compiled.

All that remained was to figure out all places where this trouble may
occur, and specify extra Unix formatted inclusion directories to
specify on per object file basis.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15369)
2021-05-22 13:46:29 +02:00
Robbie Harwood
84faea44e6 Fix upgrading docs for RSA_private_encrypt/RSA_public_decrypt
Despite the name, these functions manipulate signatures, which means
that their replacements are the EVP_PKEY_sign/EVP_PKEY_verify family.

Signed-off-by: Robbie Harwood <rharwood@redhat.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/15359)
2021-05-22 12:18:14 +02:00