Benny Baumann [Thu, 1 Oct 2020 23:06:12 +0000 (01:06 +0200)]
Avoid memory leak of parent on allocation failure for child structure
Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13055)
Benny Baumann [Thu, 1 Oct 2020 23:04:06 +0000 (01:04 +0200)]
Use size of target buffer for allocation
Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13055)
Replace [collapsed reference links][] for the CVEs by
[shortcut reference links], in order to to improve the
readability of the raw markdown text.
Consistently add parentheses around the CVE links at the
end of the CVE descriptions. (The NEWS file already had
the parentheses, in the CHANGES file they where missing.)
OBJ_OGRNIP denotes a specific legal status of the certificate owner.
OBJ_classSignTool* denotes a level of certification of the software
created the certificate.
http://www.garant.ru/products/ipo/prime/doc/70033464/ is the relevant
link (in Russian).
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8309)
Some of our apps turn off deprecation warnings solely for the sake of
ENGINE, and thereby shadowing other deprecations that we should take
better care of.
To solve this, all apps ENGINE functionality is move to one file,
where deprecation warning suppression is activate, and the same
suppression can then easily be removed in at least some of the apps.
Any remaining suppression that we still need to deal with should
happen as separate efforts.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13044)
Richard Levitte [Fri, 2 Oct 2020 12:21:51 +0000 (14:21 +0200)]
DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY()
There is some data that is very difficult to guess. For example, DSA
parameters and X9.42 DH parameters look exactly the same, a SEQUENCE
of 3 INTEGER. Therefore, callers may need the possibility to select
the exact keytype that they expect to get.
This will also allow use to translate d2i_TYPEPrivateKey(),
d2i_TYPEPublicKey() and d2i_TYPEParams() into OSSL_DECODER terms much
more smoothly.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13061)
drgler [Thu, 1 Oct 2020 19:20:33 +0000 (21:20 +0200)]
Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV
Since glibc 2.8, these defines like `NI_MAXHOST` are exposed only
if suitable feature test macros are defined, namely: _GNU_SOURCE,
_DEFAULT_SOURCE (since glibc 2.19), or _BSD_SOURCE or _SVID_SOURCE
(before glibc 2.19), see GETNAMEINFO(3).
CLA: trivial
Fixes #13049
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/13054)
Nicola Tuveri [Fri, 2 Oct 2020 00:58:10 +0000 (03:58 +0300)]
Fix segfault on missing provider_query_operation()
A provider without `provider_query_operation()` is admittedly quite
useless, yet technically the base provider functions are not mandatory
according to our documentation.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13058)
TLS AEAD ciphers: more bytes for key_block than needed
Fixes #12007
The key_block length was not written to trace, thus it was not obvious
that extra key_bytes were generated for TLS AEAD.
The problem was that EVP_CIPHER_iv_length was called even for AEAD ciphers
to figure out how many bytes from the key_block were needed for the IV.
The correct way was to take cipher mode (GCM, CCM, etc) into
consideration rather than simply callin the general function
EVP_CIPHER_iv_length.
The new function tls_iv_length_within_key_block takes this into
consideration.
Besides that, the order of addendums was counter-intuitive MAC length
was second, but it have to be first to correspond the order given in the RFC.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13035)
Richard Levitte [Wed, 30 Sep 2020 15:22:27 +0000 (17:22 +0200)]
EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use
We've had explicit checks for when to fall back to legacy code for
operations that use an EVP_PKEY. Unfortunately, the checks were
radically different in different spots, so we refactor that into a
macro that gets used everywhere.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13043)
Matt Caswell [Thu, 24 Sep 2020 09:56:03 +0000 (10:56 +0100)]
Fix some things the rename script didn't quite get right
The previous commit ran an automated rename throughout the codebase.
There are a small number of things it didn't quite get right so we fix
those in this commit.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12970)
rsa_mp_coeff_names should only have one entry in it for fips mode.
Reported by Tim Hudson
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13011)
Richard Levitte [Tue, 29 Sep 2020 08:31:56 +0000 (10:31 +0200)]
Configure: handle undefined shared_target.
Some very basic config targets don't defined the 'shared_target'
attribute at all. This wasn't handled well enough in Configure.
This also cleans away an explicit reference to the ossltest engine in
Configurations/unix-Makefile.tmpl, which isn't necessary since the
build.info attributes were added.
Fixes openssl/web#197
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13031)
Return immediately on matched cipher. Without this patch the code only breaks out of the inner for loop, meaning for a matched TLS13 cipher the code will still loop through 160ish SSL3 ciphers.
CLA: trivial
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13000)
The pkey created in one loop was being fed into the keygen of the next loop - since it was not set to NULL after the
free. This meant that the 2 EVP_MD_CTX objects that still had ref counts to this key were getting confused.
All other tests clear the key after freeing the key if they loop (some do this by declaring/initing the pkey inside the loop).
The offending code is a recent addition to the speed app.
This was found using the -async_jobs option.
Similar code was tried for an RSA key using 111 which resulted in the same issue.
Found while trying to test issue #128867 (It is not known if this will fix that issue yet).
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12975)
en EVP_PKEY_CTX_set_rsa_keygen_pubexp() BIGNUM management
Fixes #12635
As discussed in the issue, supporting the set0-like semantics long-term is not necessarily desirable, although necessary for short-term compatibility concerns. So I've deprecated the original method and added an equivalent that is explicitly labelled as set1.
I tried to audit existing usages of the (now-deprecated) API and update them to use set1 if that appeared to align with their expectations.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12917)
Update openssl list to support new provider objects.
Added Keymanager, signatures, kem, asymciphers and keyexchange.
Added -select option so that specific algorithms are easier to view when using -verbose
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12943)
Modified rand_cpu_x86.c to support builtin hardware randomizer on HPE NonStop.
CLA: Permission is granted by the author to the OpenSSL team to use these modifications.
Fixes #12903
Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12923)
Richard Levitte [Wed, 23 Sep 2020 15:59:39 +0000 (17:59 +0200)]
Configuration: Don't have shared libraries depend on themselves
The NonStop config attributes mean that there's no separate "simple"
and "full" shared library name, they are the same. Because we assumed
that they would always differ, we ended up with this dependency:
libcrypto.so: libcrypto.so
A simple fix was all that was needed to clear that.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12960)
Richard Levitte [Wed, 23 Sep 2020 10:54:56 +0000 (12:54 +0200)]
Configuration: Make it possible to have an argument file
Some compilers / linkers allow arguments to be given in a file instead
of on the command line. We make it possible to specify this by giving
the compiler / linker flag for it, using the config attribute
'shared_argfileflag'.
This currently only impacts the build of shared libraries, as those
are potentially made up of a massive amount of object files, which has
been reported to overwhelm the command line on some platforms.
Fixes #12797
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12960)
Richard Levitte [Fri, 25 Sep 2020 02:12:22 +0000 (12:12 +1000)]
Hide ECX_KEY again
ECX_KEY was not meant for public consumption, it was only to be
accessed indirectly via EVP routines. However, we still need internal
access for our decoders.
Test.pm: Some clarifications added to the documentation
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12893)
apps/ca.c: Rename confusing variable 'req' to 'template_cert' in certify_cert()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12893)
Prune low-level ASN.1 parse errors from error queue in decoder_process()
Fixes #12840
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12893)
load_key_certs_crls(): Restore output of fatal errors
Also improve credentials loading diagnostics for many apps.
Fixes #12840
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12893)
Richard Levitte [Mon, 21 Sep 2020 11:11:28 +0000 (13:11 +0200)]
Configuration: Streamline NonStop entries
Because there are many combinations and much repetition, we add a large
number of templates to cover all aspects, and make the actual config
entries inherit from the templates combined.
Fixes #12858
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12933)
Signed-off-by: Hu Keping <hukeping@huawei.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12841)
drbg: revert renamings of the generate and reseed counter
The original names were more intuitive: the generate_counter counts the
number of generate requests, and the reseed_counter counts the number
of reseedings (of the principal DRBG).
This is the anologue to commit 8380f453ec81 on the 1.1.1 stable branch.
The only difference is that the second renaming has already been reverted
on the master branch.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12941)
Daniel Bevenius [Mon, 21 Sep 2020 13:48:55 +0000 (15:48 +0200)]
DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new
This commit changes the man page for OSSL_DECODER_CTX_new by removing
the OPENSSL_CTX parameter which matches the declaration in decoder.h.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12935)
Paul Yang [Fri, 18 Sep 2020 02:27:42 +0000 (10:27 +0800)]
Add auto-gen SM2 der files into .gitignore
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536)