Commit Graph

1420 Commits

Author SHA1 Message Date
Shane Lontis
e3f3ee448f Add des ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9954)
2019-09-23 14:35:16 +10:00
Shane Lontis
ca392b2943 Add aes_wrap cipher to providers
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9406)
2019-09-20 12:33:02 +10:00
Rich Salz
51ba9ebd09 Avoid ?: construct in XXXerr calls
It either makes the flow of control simpler and more obvious, or it is
just a "cleanup" so that the editing scripts will find and fixup things.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9441)
2019-09-19 09:27:38 -04:00
Richard Levitte
7cfa1717b8 Modify providers that keep track of underlying algorithms
With some provider implementations, there are underlying ciphers,
digests and macs.  For some of them, the name was retrieved from the
method, but since the methods do not store those any more, we add
different mechanics.

For code that needs to pass on the name of a cipher or diges via
parameters, we simply locally store the name that was used when
fetching said cipher or digest.  This will ensure that any underlying
code that needs to fetch that same cipher or digest does so with the
exact same name instead of any random name from the set of names
associated with the algorithm.

For code that needs to check what kind of algorithm was passed, we
provide EVP_{type}_is_a(), that returns true if the given method has
the given name as one of its names.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9897)
2019-09-19 14:58:17 +02:00
Richard Levitte
f7c16d48a9 In provider implemented methods, save the name number, not the name string
Multiple names per implementation is already supported in the namemap,
but hasn't been used yet.  However, as soon as we have multiple names,
we will get an issue with what name should be saved in the method.

The solution is to not save the name itself, but rather the number
it's associated with.  This number is supposed to be unique for each
set of names, and we assume that algorithm names are globally unique,
i.e. there can be no name overlap between different algorithm types.

Incidently, it was also found that the 'get' function used by
ossl_construct_method() doesn't need all the parameters it was given;
most of what it needs, it can now get through the data structure given
by the caller of ossl_construct_method().  As a consequence,
ossl_construct_method() itself doesn't need all the parameters it was
given either.

There are some added internal functions that are expected to disappear
as soon as legacy code is removed, such as evp_first_name() and
ossl_namemap_num2name().

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9897)
2019-09-19 14:58:17 +02:00
Shane Lontis
3837c202b5 Add aes_ocb cipher to providers
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9320)
2019-09-19 20:10:25 +10:00
Shane Lontis
105dde2528 Add sm4 ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9935)
2019-09-19 15:38:51 +10:00
Shane Lontis
70adc64632 Add SEED ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9932)
2019-09-18 22:13:59 +10:00
Shane Lontis
18b0042731 Add cast5 ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9929)
2019-09-18 18:55:11 +10:00
Shane Lontis
f22431f2cd Add IDEA ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9917)
2019-09-18 15:57:08 +10:00
Shane Lontis
55c7dc7927 Add blowfish ciphers to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9887)
2019-09-15 20:06:28 +10:00
Shane Lontis
3a9f26f330 Add aes_xts cipher to providers
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9327)
2019-09-14 09:27:49 +10:00
Shane Lontis
88d870824f Fix S390X bad size_t that causes memory trash in legacy ciphers
This caused a SEGV inside tls13_enc() when using chacha_poly.
The tls code assigns the iv_length to a size_t (even though it is an int).
This is actually really bad since it could be -1, which will then trash the iv buffer.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9890)
2019-09-14 09:11:28 +10:00
Richard Levitte
0cd1b144f9 util/mkerr.pl: make it not depend on the function code
The output C code was made to use ERR_func_error_string() to see if a
string table was already loaded or not.  Since this function returns
NULL always, this check became useless.

Change it to use ERR_reason_error_string() instead, as there's no
reason to believe we will get rid of reason strings, ever.

To top it off, we rebuild all affected C sources.

Fixes #9756

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9756)
2019-09-12 17:59:52 +02:00
Matt Caswell
7eeceeaab2 Avoid passing NULL to memcpy
It is undefined behaviour to send NULL as either the src, or dest params
in memcpy.

In pkey_kdf.c we had a check to ensure that the src address is non-NULL.
However in some situations it is possible that the dest address could also
be NULL. Specifically in the case where the datalen is 0 and we are using
a newly allocated BUF_MEM.

We add a check of datalen to avoid the undefined behaviour.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9868)
2019-09-12 10:30:48 +01:00
Matt Caswell
6b3d042352 Pass the correct ctx to provider KDF functions
Make sure we pass the provider side ctx and not the libcrypto side ctx.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9865)
2019-09-12 10:24:54 +01:00
Shane Lontis
dc64dc2edd Add EVP_CIPHER_CTX_tag_length()
There is no deprecated CTRL support for this new field.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9698)
2019-09-11 17:52:30 +10:00
Pauli
64115f05ac Usages of KDFs converted to use the name macros
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9814)
2019-09-11 10:22:49 +10:00
Pauli
6ce4ff1915 Coverity 1453628: Null pointer dereferences (REVERSE_INULL)
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9805)
2019-09-11 08:27:26 +10:00
Matt Caswell
864b89ce49 Move EVP_PKEY algorithm implementations into a union
An EVP_PKEY can be used for multiple different algorithm operations.
Only one can be used at a time, so we move those into a union.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9753)
2019-09-09 14:00:00 +01:00
Matt Caswell
9c45222ddc Revise EVP_PKEY param handling
We add new functions for getting parameters and discovering the gettable
and settable parameters. We also make EVP_PKEY_CTX_get_signature_md() a
function and implement it in terms of the new functions.

This enables applications to discover the set of parameters that are
supported for a given algorithm implementation.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9753)
2019-09-09 14:00:00 +01:00
Matt Caswell
390acbebfa Add support for verify/verify_recover functions to EVP_SIGNATURE
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9753)
2019-09-09 14:00:00 +01:00
Matt Caswell
4889dadcb8 Implement DSA in the default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9753)
2019-09-09 14:00:00 +01:00
Matt Caswell
dfcb5d29b5 Add the ability to perform signatures in a provider
This makes EVP_PKEY_sign and EVP_PKEY_sign_init provider aware. It
also introduces the new type EVP_SIGNATURE to represent signature
algorithms. This also automatically makes the EVP_Sign* APIs provider
aware because they use EVP_Digest* (which is already provider aware)
and EVP_PKEY_sign(_init) under the covers.

At this stage there are no signature algorithms in any providers. That
will come in the following commits.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9753)
2019-09-09 13:52:26 +01:00
Pauli
f575bd2af7 Clear collected_seed after freeing it
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9662)
2019-09-06 19:27:57 +10:00
Richard Levitte
53598b2298 Deal with BUF_MEM_grow ambiguity
BUF_MEM_grow() returns the passed length, but also zero on error.  If
the passed length was zero, an extra check to see if a returned zero
was an error or not is needed.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9662)
2019-09-06 19:27:57 +10:00
Richard Levitte
ea643c959f crypto/evp/pkey_kdf.c: further special treatment of "seed" and "info"
pkey_kdf_ctrl_str() has to do the same kind of special treatment as
pkey_kdf_ctrl() does.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9662)
2019-09-06 19:27:57 +10:00
Richard Levitte
a941920514 crypto/evp/pkey_kdf.c: Redo parameter processing
Undo the caching scheme, pass through most controls as parameters, except
for SEED and INFO, where we keep supporting adding data through additional
ctrl calls by collecting the data, and only passing it to the EVP_KDF
before calling its derive function.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9662)
2019-09-06 19:27:57 +10:00
Richard Levitte
6d1c31540f crypto/evp/kdf_meth.c: Add the reset function to the method
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9662)
2019-09-06 19:27:57 +10:00
Pauli
fb9e6dd6f8 KDF/PRF updates to libcrypto
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9662)
2019-09-06 19:27:57 +10:00
Pauli
7707526b8d Fix users of KDFs to use params not ctls
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9662)
2019-09-06 19:27:57 +10:00
Pauli
b50ca330cb Remove old KDF initialisation
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9662)
2019-09-06 19:27:57 +10:00
Dmitry Belyavskiy
464ac47f81 Reverting check to correct
Fixes #9773.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9776)
2019-09-05 15:50:58 +03:00
Dmitry Belyavskiy
0220fc9921 Disallow change EVP_CIPHER properties once set
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9764)
2019-09-05 12:47:06 +03:00
Dmitry Belyavskiy
8bbc7f2211 Disallow change EVP_MD properties once set
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9764)
2019-09-05 12:46:59 +03:00
Shane Lontis
1c3ace6898 Change provider params from int to size_t
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9699)
2019-09-05 11:23:57 +10:00
Pauli
7f588d20cd OSSL_PARAM_construct_utf8_string computes the string length.
If the passed string length is zero, the function computes the string length
from the passed string.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9760)
2019-09-04 19:41:22 +10:00
Richard Levitte
550f974a09 New function EVP_CIPHER_free()
This function re-implements EVP_CIPHER_meth_free(), but has a name that
isn't encumbered by legacy EVP_CIPHER construction functionality.

We also refactor most of EVP_CIPHER_meth_new() into an internal
evp_cipher_new() that's used when creating fetched methods.

EVP_CIPHER_meth_new() and EVP_CIPHER_meth_free() are rewritten in terms of
evp_cipher_new() and EVP_CIPHER_free().  This means that at any time, we can
deprecate all the EVP_CIPHER_meth_ functions with no harmful consequence.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9758)
2019-09-04 10:38:13 +02:00
Richard Levitte
3fd7026276 New function EVP_MD_free()
This function re-implements EVP_MD_meth_free(), but has a name that
isn't encumbered by legacy EVP_MD construction functionality.

We also refactor most of EVP_MD_meth_new() into an internal
evp_md_new() that's used when creating fetched methods.

EVP_MD_meth_new() and EVP_MD_meth_free() are rewritten in terms of
evp_md_new() and EVP_MD_free().  This means that at any time, we can
deprecate all the EVP_MD_meth_ functions with no harmful consequence.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9758)
2019-09-04 10:38:13 +02:00
Richard Levitte
3ca9d210c9 Refactor how KEYMGMT methods get associated with other methods
KEYMGMT methods were attached to other methods after those were fully
created and registered, thereby creating a potential data race, if two
threads tried to create the exact same method at the same time.

Instead of this, we change the method creating function to take an
extra data parameter, passed all the way from the public fetching
function.  In the case of EVP_KEYEXCH, we pass all the necessary data
that evp_keyexch_from_dispatch() needs to be able to fetch the
appropriate KEYMGMT method on the fly.

Fixes #9592

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9678)
2019-09-03 10:36:49 +02:00
Bernd Edlinger
24fd8541d4 Remove extern declarations of OPENSSL_ia32cap_P
Use the header file internal/cryptlib.h instead.
Remove checks for OPENSSL_NO_ASM and I386_ONLY
in cryptlib.c, to match the checks in other
places where OPENSSL_ia32cap_P is used and
assumed to be initialized.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/9688)
2019-09-01 15:41:58 +02:00
Matt Caswell
9a7846dfe5 Use ENGINE_get_id() instead of ENGINE_get_name()
ENGINE_get_name() actually returns more of a long description of the
engine, whilst ENGINE_get_id() returns a shorter id.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9720)
2019-08-29 15:21:13 +01:00
Matt Caswell
3be06e0d10 Fix no-engine
Make sure references to ENGINE functions are appropriately guarded.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9720)
2019-08-29 15:21:13 +01:00
Matt Caswell
ed71e917e9 Fix data races in EVP_CIPHER_fetch and EVP_MD_fetch
Don't modify the cipher/md we just fetched - it could be shared by multiple
threads.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9590)
2019-08-29 10:50:47 +01:00
Pauli
6d745d740d Include mac_meth and mac_lib in the FIPS provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9694)
2019-08-26 18:00:47 +10:00
Shane Lontis
4a42e26404 Cleanup ciphers and Add 3des ciphers.
Moved the relevant ciphers into default and restructed headers to allow the move.
This removed most of the cases of #ifdef NO_XXX (which are now specified in build.info)

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9482)
2019-08-26 17:05:08 +10:00
Richard Levitte
703170d4b9 Get rid of the diversity of names for MAC parameters
The EVP_PKEY MAC implementations had a diversity of controls that were
really the same thing.  We did reproduce that for the provider based
MACs, but are changing our minds on this.  Instead of that, we now use
one parameter name for passing the name of the underlying ciphers or
digests to a MAC implementation, "cipher" and "digest", and one
parameter name for passing the output size of the MAC, "size".

Then we leave it to the EVP_PKEY->EVP_MAC bridge to translate "md"
to "digest", and "digestsize" to "size".

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9667)
2019-08-24 13:01:15 +02:00
Richard Levitte
9f57e2184d Remove MAC cruft
A few declarations and static functions / arrays that are no longer
used were left behind when MACs moved to be implemented by providers.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9667)
2019-08-24 13:01:15 +02:00
Shane Lontis
e1178600cc Add basic aria and camellia ciphers modes to default provider
The aes code has been refactored into generic and algorithn specific parts,
so that most of the code can be shared.
The cipher related files have been broken up into smaller parts.
Add chunked variant of mode ciphers - aria uses this (many other ciphers will use this new code instead of the
generic code used by aes).

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9451)
2019-08-22 11:42:54 +10:00
Richard Levitte
c1d56231ef Modify ossl_method_store_add() to accept an OSSL_PROVIDER and check for it
If ossl_method_store_add() gets called with a method that already exists
(i.e. the store has one with matching provider, nid and properties), that
method should not be stored.  We do this check inside ossl_method_store_add()
because it has all the locking required to do so safely.

Fixes #9561

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9650)
2019-08-22 01:50:30 +02:00