Benjamin Kaduk [Fri, 19 Feb 2021 21:20:00 +0000 (13:20 -0800)]
test_ecpub: test that we can decode the DER we encoded
We should be able to round-trip through the encoded DER form of the
EC public key and get back something that compares as equal to the
original key.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14291)
Benjamin Kaduk [Fri, 19 Feb 2021 21:46:49 +0000 (13:46 -0800)]
test_ecpub: verify returned length after encoding
Save the length we got from querying how much space was needed, and
check that the actual encoding call returned the same length.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14291)
Benjamin Kaduk [Mon, 25 Jan 2021 20:19:16 +0000 (12:19 -0800)]
Add test for EC pubkey export/import
There seems to be an issue with i2d_provided() in i2d_evp.c that causes
us to fail to construct a valid chain of encoders for the "type-specific"
output when it's an EC pubkey. This test is designed to exercise that
codepath for a variety of curves.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14291)
Benjamin Kaduk [Wed, 24 Feb 2021 21:38:25 +0000 (13:38 -0800)]
Check ASN1_item_ndef_i2d() return value.
Return an error instead of trying to malloc a negative number.
The other usage in this file already had a similar check, and the caller
should have put an entry on the error stack already.
Note that we only check the initial calls to obtain the encoded length,
and assume that the follow-up call to actually encode to the allocated
storage will succeed if the first one did.
Fixes: #14177 Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14308)
Mark [Wed, 24 Feb 2021 13:14:08 +0000 (14:14 +0100)]
Fix filename escaping in c_rehash
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14301)
jwalch [Fri, 19 Feb 2021 18:02:27 +0000 (13:02 -0500)]
Fix an integer overflow in o_time.c
If input offset_sec is sufficiently large (> INT32_MAX * SECS_PER_DAY, which is possible for a long on 64-bit platforms), then the first assignment contains an overflow.
I think leaving offset_hms as an int is still safe.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14252)
Matt Caswell [Fri, 19 Feb 2021 17:03:43 +0000 (17:03 +0000)]
Don't hold a lock when calling a callback in ossl_namemap_doall_names
We don't want to hold a read lock when calling a user supplied callback.
That callback could do anything so the risk of a deadlock is high.
Instead we collect all the names first inside the read lock, and then
subsequently call the user callback outside the read lock.
Fixes #14225
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14250)
Richard Levitte [Tue, 23 Feb 2021 17:19:38 +0000 (18:19 +0100)]
Fix string termination and length setting in OSSL_PARAM_BLD_push_utf8_string()
OSSL_PARAM_BLD_push_utf8_string() was still setting the length in
bytes of the UTF8 string to include the terminating NUL byte, while
recent changes excludes that byte from the length. It's still made to
add a NUL byte at the end of the string no matter what.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14035)
Richard Levitte [Tue, 23 Feb 2021 07:10:02 +0000 (08:10 +0100)]
Fix OSSL_PARAM_allocate_from_text() for OSSL_PARAM_UTF8_STRING
OSSL_PARAM_allocate_from_text() was still setting the length in bytes
of the UTF8 string to include the terminating NUL byte, while recent
changes excludes that byte from the length.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14035)
Tomas Mraz [Tue, 23 Feb 2021 15:52:49 +0000 (16:52 +0100)]
Cleanup of some of the EVP_PKEY_CTX_ctrl related TODOs
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
Tomas Mraz [Tue, 23 Feb 2021 15:52:21 +0000 (16:52 +0100)]
Fix missing EOL at the end of the rsa/build.info
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
Tomas Mraz [Tue, 23 Feb 2021 15:51:43 +0000 (16:51 +0100)]
Remove inclusion of unnecessary header files
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
Tomas Mraz [Tue, 23 Feb 2021 15:50:21 +0000 (16:50 +0100)]
Use strcasecmp when comparing kdf_type
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
Tomas Mraz [Mon, 22 Feb 2021 12:20:28 +0000 (13:20 +0100)]
speed: Drop deprecated <ALG>_options() calls
Also correction of some code format issues.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14228)
Tomas Mraz [Thu, 18 Feb 2021 09:48:18 +0000 (10:48 +0100)]
speed: Use EVP for ciphers, cmac, ghash, rsa, dsa, and ecdsa
Fixes #13909
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14228)
Tomas Mraz [Mon, 15 Feb 2021 18:45:01 +0000 (19:45 +0100)]
speed: Adapt digests and hmac to always use non-deprecated APIs
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14228)
Tomas Mraz [Mon, 15 Feb 2021 16:24:44 +0000 (17:24 +0100)]
speed: Drop code to handle platforms without SIGALRM
(except for Windows where a separate thread stops the looping)
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14228)
Matt Caswell [Tue, 16 Feb 2021 10:10:26 +0000 (10:10 +0000)]
Test errors from a provider can still be accessed after unload
Providers can create errors that may refer to const strings within the
provider module itself. If the provider gets unloaded we need to be sure
that we can still access the errors in the error stack.
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14213)
Matt Caswell [Mon, 15 Feb 2021 16:59:43 +0000 (16:59 +0000)]
Duplicate the file and func error strings
Errors raised from a provider that is subsequently unloaded from memory
may have references to strings representing the file and function that
are no longer present because the provider is no longer in memory. This
can cause crashes. To avoid this we duplicate the file and func strings.
Fixes #13623
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14213)
Pauli [Fri, 25 Sep 2020 00:19:19 +0000 (10:19 +1000)]
provider: add an unquery function to allow providers to clean up.
Without this, a provider has no way to know that an application
has finished with the array it returned earlier. A non-caching provider
requires this information.
Fixes #12974
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12974)
Tomas Mraz [Mon, 22 Feb 2021 16:28:17 +0000 (17:28 +0100)]
Deprecated EVP_PKEY_CTX_get0_dh_kdf_ukm() and EVP_PKEY_CTX_get0_ecdh_kdf_ukm()
The functions are not needed and require returning octet ptr parameters
from providers that would like to support them which complicates provider
implementations.
Fixes #12985
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14279)
Richard Levitte [Thu, 28 Jan 2021 08:00:58 +0000 (09:00 +0100)]
X509: Refactor X509_PUBKEY processing to include provider side keys
When a SubjectPublicKeyInfo (SPKI) is decoded into an X509_PUBKEY
structure, the corresponding EVP_PKEY is automatically added as well.
This used to only support our built-in keytypes, and only in legacy
form.
This is now refactored by making The ASN1 implementation of the
X509_PUBKEY an EXTERN_ASN1, resulting in a more manual implementation
of the basic support routines. Specifically, the d2i routine will do
what was done in the callback before, and try to interpret the input
as an EVP_PKEY, first in legacy form, and then using OSSL_DECODER.
Fixes #13893
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14281)
Benjamin Kaduk [Wed, 27 May 2020 18:17:07 +0000 (11:17 -0700)]
Remove disabled TLS 1.3 ciphers from the SSL(_CTX)
In ssl_create_cipher_list() we make a pass through the ciphers to
remove those which are disabled in the current libctx. We are
careful to not include such disabled TLS 1.3 ciphers in the final
consolidated cipher list that we produce, but the disabled ciphers
are still kept in the separate stack of TLS 1.3 ciphers associated
with the SSL or SSL_CTX in question. This leads to confusing
results where a cipher is present in the tls13_cipherlist but absent
from the actual cipher list in use. Keep the books in order and
remove the disabled ciphers from the 1.3 cipherlist at the same time
we skip adding them to the active cipher list.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12037)
Richard Levitte [Thu, 26 Nov 2020 20:21:02 +0000 (21:21 +0100)]
appveyor.yml: clarify conditions for building the plain configuration
The "plain" configuration is only meant to be built for an '[extended tests]'
commit, or on the master branch. This isn't at all clear from the
scripts, and furthermore, we "skip" the plain configuration by running
the OpenSSL configuration script... and then nothing more.
Instead, we use AppVeyor configuration issues to specify when and when
not to build the "plain" configuration, and leave it to the scripts to
do the right thing using only $env:EXTENDED_TESTS.
Fixes #7958
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13537)
Richard Levitte [Mon, 22 Feb 2021 05:49:24 +0000 (06:49 +0100)]
Generate doc/build.info with 'make update' rather than on the fly
doc/build.info was essentially generated on the fly while running
Configure, something that takes a huge amount of time on slower file
systems (such as Windows).
Instead, we generate it with 'make update', saving the user from
having to wait for too long, at the small price for developers to have
to run 'make update' whenever they write a new manual file.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14269)