Daniel Frink [Thu, 29 May 2025 00:23:39 +0000 (19:23 -0500)]
Add generated cipher implementation files to gitignore
A commit was merged recently which change ciphercommon.c and
cipher_chacha20_poly1305.c to be generated files. The corresponding
.c files were not added to the gitignore, so this commit adds them
to avoid them being erroneously tracked in the future.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27715)
Cleanup - this constant and functions are no longer in use
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27716)
Norbert Pocs [Wed, 28 May 2025 20:12:06 +0000 (22:12 +0200)]
sslapitest: Add failing test for quic double free
The double free happened on the EVP_MD object, when we used external
quic implementation. This test makes the yield secret callback fail, to
make the kdfdigest free path happen.
Signed-off-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27713)
Norbert Pocs [Wed, 28 May 2025 14:28:54 +0000 (16:28 +0200)]
quic_tls.c: Precede double free on EVP_MD variable
When external quic implementation is used, the variable is not used and
double free happens whe the yield_secret_cb fails.
Resolves: #27504
Signed-off-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27713)
Richard Levitte [Thu, 9 Nov 2023 09:42:25 +0000 (10:42 +0100)]
[design] Functions for explicitly fetched signature algorithms
This design goes into more details what was outlined in the design for
[fetching composite (PKEY) algorithms and using them].
It also changes what functionality will be used for this. The design for
signature was originally to add modified initializers for DigestSign and
DigestVerify, but recent OTC discussions redirected us to have a closer look
at EVP_PKEY_sign() and EVP_PKEY_verify().
[fetching composite (PKEY) algorithms and using them]:
./fetching-composite-algorithms.md
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22672)
JiashengJiang [Sat, 17 May 2025 00:20:47 +0000 (20:20 -0400)]
test/evp_test.c: Free fetched_digest on error to avoid memory leak
Call EVP_MD_free() to release fetched_digest if OPENSSL_zalloc() fails, preventing a memory leak.
Fixes: 2208ba56eb ("evp_test: Add the missing check after calling OPENSSL_malloc") Signed-off-by: JiashengJiang <jiasheng@purdue.edu> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27648)
AntonMoryakov [Fri, 16 May 2025 14:19:21 +0000 (17:19 +0300)]
apps: lib: Prevent potential NULL dereference in init_client()
apps: lib: Simplify ba_ret handling in init_client()
Simplify logic around ba_ret assignment:
- Fail early if ba_ret == NULL
- Assign directly otherwise, without checking *ba_ret
This avoids extra nesting and matches OpenSSL's conventions.
CLA: trivial Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com> Co-authored-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26783)
Viktor Dukhovni [Wed, 21 May 2025 15:33:03 +0000 (01:33 +1000)]
Note finished state in cipher BIO EOF
When the cipher BIO encounters a non-retriable EOF (or error), mark the
state as "finished", else a subsequent BIO_flush() or attempted read may
attempt to finalise the crypto state again, and fail, leading, for
example, to users seeing erroneous apparent decryption failure.
This is not a new problem, the fix should be backported to all supported
releases. It was made more apparent by recent changes to the base64
BIO, which returns a non-retriable EOF when padding is seen at the end
of the base64 data, even if the underlying next BIO is "retriable".
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27680)
the theory I have for the cause of this failure is:
1. qtest_create_quic_connection_ex is called for the client
2. The client is in blocking mode, so we fall into the conditional on line 512
3. We create the server thread on line 519, which is non-blocking
4. The scheduler in the failing case, lets the server run ahead of the client
5. Server thread enters qtest_create_quic_connection_ex and iterates steps
6-9 in the do_while loop starting on line 530
6. Server calls qtest_add_time
7. Server calls ossl_quic_tserver_tick
8. Server calls ossl_quic_tserver_is_term_any, received NULL return
9. Server calls qtest_wait_for_timeout
10. Eventually qtest_wait_for_timeout returns zero, adn the server jumps to
the error label, returning zero to globservret, and the thread exits
11. Client thread regains the cpu, and attempts to call SSL_connect, which
fails, as the server is no longer listening
12. We fall into the error case on line 556, and SSL_get_error returns
SSL_ERROR_SSL, which causes clienterr to get set to 1
13. We exit the do{} while loop on line 581, and do the TEST_true check on
line 593. The server having exited wait_for_thread returns true, but
globserverret is still zero from step 10 above, and so the test fails
I can't prove this is the case, as the test only appears to fail in CI,
and we can't dump verbose logging there, lest we affect the timing of
the tests, so this is just a theory, but it seems to fit the
observations we have.
Attempting to fix this, by creating a thread interlock with a condition
variable that blocks the server from ticking the quic reactor until such
time as the client is about to call SSL_connect to prevent the race
condition
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27704)
Norbert Pocs [Mon, 26 May 2025 08:08:06 +0000 (10:08 +0200)]
Document EVP_CIPHER failure for missing provider function
When writing a new CIPHER implementation the OSSL_FUNC_cipher_get_params
must be present, otherwise the fetch fails. This behaviour is seen in
function evp_cipher_cache_constants@crypto/evp/evp_lib.c.
Resolves: #25801
Signed-off-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27696)
JiashengJiang [Fri, 16 May 2025 22:34:03 +0000 (18:34 -0400)]
apps/cmp.c: Free bio on error to avoid memory leak
Call BIO_free() to release bio if ASN1_i2d_bio_of() fails, preventing a memory leak.
Fixes: 6a3579e190 ("CMP: add support for requesting cert template using genm/genp") Signed-off-by: JiashengJiang <jiasheng@purdue.edu> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27647)
Tomas Mraz [Fri, 16 May 2025 09:08:37 +0000 (11:08 +0200)]
OSSL_CMP_MSG_http_perform(): Remove extraneous %s from debug log print
Also add missing ":" to another log print.
Fixes #27634
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/27635)
Norbert Pocs [Thu, 22 May 2025 12:39:21 +0000 (14:39 +0200)]
quic-interop-ci: Fix docker install
Signed-off-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27687)
Richard Levitte [Wed, 21 May 2025 06:22:50 +0000 (08:22 +0200)]
Add more instructions in HACKING.md
It's been long since it was updated or refined, and it was a bit too
vague in certain areas.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/27674)
widneve [Tue, 20 May 2025 14:23:09 +0000 (16:23 +0200)]
Fix memory leaks after failure of PKCS7_add_signed_attribute()
If PKCS7_add_signed_attribute fails,
seq never escapes out of the callee and will
therefore result in a memory leak.
This is similar to ed3d277127.
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27670)
Ondrej Moris [Thu, 17 Apr 2025 02:17:41 +0000 (04:17 +0200)]
Update pkcs11-provider submodule
Signed-off-by: Ondrej Moris <omoris@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27602)
Ondrej Moris [Wed, 16 Apr 2025 16:03:35 +0000 (18:03 +0200)]
test: reduce the scope of pkcs11-provider external test
To ease maintenance and improve reliability of pkcs11-provider
external test we only want it to run with kryoptic token.
Signed-off-by: Ondrej Moris <omoris@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27602)
Ondrej Moris [Tue, 4 Mar 2025 05:36:56 +0000 (06:36 +0100)]
test: skip tlsfuzzer tests pkcs11-provider test
Tlsfuzzer tests in pkcs11-provider external test currently uses hard-coded
lists of TLS 1.3 signature algorithms expected from openssl. However, openssl
neither promises a fixed default set of the signature algorithms nor promises
a fixed default ordering ofthese algorithms and hence test might fail
eventually even though there is nothing wrong anywhere.
Signed-off-by: Ondrej Moris <omoris@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27602)
Ondrej Moris [Sat, 17 May 2025 23:03:09 +0000 (01:03 +0200)]
ci: run all non-external tests on fedora:latest
Before pkcs11-provider external test runs, we run all
non-external tests since we want to make sure they work
fine on fedora:latest container.
Signed-off-by: Ondrej Moris <omoris@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27602)
Ondrej Moris [Wed, 16 Apr 2025 16:03:24 +0000 (18:03 +0200)]
ci: run pkcs11-provider external test on Fedora
We want to be able to run pkcs11-provider external test with
kryoptic token that is currently only available on Fedora.
Therefore we have to separate the test from the external test
for oqs provider.
Signed-off-by: Ondrej Moris <omoris@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27602)
Ondrej Moris [Mon, 7 Apr 2025 14:31:38 +0000 (16:31 +0200)]
ci: re-enable pkcs11-provider external test
Signed-off-by: Ondrej Moris <omoris@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27602)
Dmitriy Denisov [Tue, 13 May 2025 08:56:33 +0000 (11:56 +0300)]
The condition that is never checked has been removed.
If criterion == OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT, the criterion !=0 condition will be triggered.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27607)
Signed-off-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27636)
JiashengJiang [Fri, 16 May 2025 13:37:48 +0000 (09:37 -0400)]
demos/bio/sconnect.c: Free ssl_bio on error to avoid memory leak
Call BIO_free() to release ssl_bio if an error occurs before BIO_push(), preventing a memory leak.
Fixes: 396e720965 ("Fix certificate validation for IPv6 literals in sconnect demo") Signed-off-by: JiashengJiang <jiasheng@purdue.edu> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27639)
JiashengJiang [Mon, 5 May 2025 17:46:53 +0000 (13:46 -0400)]
crypto/x509/v3_lib.c: Free tmpext if X509V3_EXT_add() fails to avoid memory leak
Add OPENSSL_free to free tmpext if X509V3_EXT_add() fails to avoid memory leak.
Fixes: 878dc8dd95 ("Join the x509 and x509v3 directories") Signed-off-by: JiashengJiang <jiasheng@purdue.edu> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27566)
ztp6893 [Mon, 10 Mar 2025 04:00:48 +0000 (00:00 -0400)]
Workaround for issue with assembler on OS X 10.4
Local labels cannot be used in some circumstances as they might
be pointing to wrong locations.
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/27017)
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27354)
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27354)
JiashengJiang [Mon, 5 May 2025 18:07:54 +0000 (14:07 -0400)]
ssl/t1_lib.c: Free gix if sk_TLS_GROUP_IX_push() fails to avoid memory leak
Add OPENSSL_free() to free gix if sk_TLS_GROUP_IX_push() fails to avoid memory leak
Fixes: 4b1c73d2dd ("ML-KEM hybrids for TLS") Signed-off-by: JiashengJiang <jiasheng@purdue.edu> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27568)
Ilie Halip [Wed, 14 May 2025 14:40:21 +0000 (17:40 +0300)]
Fix trace output for provider algorithm names
Use the index variable to print out the provider algorithm details.
CLA: trivial
Signed-off-by: Ilie Halip <ilie.halip@nxp.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27624)
Neil Horman [Tue, 13 May 2025 14:48:05 +0000 (10:48 -0400)]
Add NULL check in ossl_quic_get_peer_token
If a peer address hasn't been set on a quic channel yet, we will not
yield a token from our hashtable of available tokens. Fail the
get_peer_token lookup in that event
Fixes #27608
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27610)
Jeremy Doupe [Thu, 10 Apr 2025 15:19:31 +0000 (10:19 -0500)]
APPS/x509: add -multi option for outputting all certs found in input
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27340)
Simo Sorce [Mon, 12 May 2025 18:40:29 +0000 (14:40 -0400)]
Return SLH-DSA public key when requested
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27605)
Simo Sorce [Mon, 12 May 2025 18:39:58 +0000 (14:39 -0400)]
Return ML-DSA public key when requested
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27605)
projects / thirdparty / openssl.git / log
