erbsland-dev [Thu, 20 Jun 2024 18:44:00 +0000 (20:44 +0200)]
Extend `mask` of `ssl_method_st` to 64-bit
Fixes #23260: The bit count for `SSL_OP_*` flags has exceeded 32 bits, making it impossible to handle newer flags and protocol extensions with the existing 32-bit variables. This commit extends the `mask` field in the `ssl_method_st` structure to 64-bit, aligning them with the previously extended 64-bit `options` field.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24692)
Richard Levitte [Wed, 19 Jun 2024 06:06:45 +0000 (08:06 +0200)]
[DOCS] Correct history in doc/man3/OSSL_STORE_LOADER.pod
Bulk editing had history wrongly specify current functions as deprecated,
among other small errors.
Fixes #24678
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24680)
erbsland-dev [Wed, 19 Jun 2024 17:09:15 +0000 (19:09 +0200)]
Make x509_req_test ANSI Compatible
Update the `x509_req_test` to ensure ANSI compatibility. The integrated certificate string was too long, so the PEM certificate has been moved to `certs/x509-req-detect-invalid-version.pem`. The test have been updated to load this certificate from the file on disk.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24677)
erbsland-dev [Wed, 19 Jun 2024 12:02:53 +0000 (14:02 +0200)]
Add Test for Verification Failure on Incorrect X509 Version
Tests #5738: Introduce a new test to verify that a malformed X509 request with the version field set to version 6 fails either early when reading from data or later when `X509_REQ_verify` is called.
Adding a new test recipe `60-test_x509_req.t`
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24677)
erbsland-dev [Wed, 19 Jun 2024 12:02:06 +0000 (14:02 +0200)]
Add Version Check for CSR Verification
Fixes #5738: This change introduces a check for the version number of a CSR document before its signature is verified. If the version number is not 1 (encoded as zero), the verification function fails with an `X509_R_UNSUPPORTED_VERSION` error.
To minimize impact, this check is only applied when verifying a certificate signing request using the `-verify` argument, resulting in a `X509_REQ_verify` call. This ensures that malformed certificate requests are rejected by a certification authority, enhancing security and preventing potential issues.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24677)
Hubert Kario [Thu, 20 Jun 2024 15:48:35 +0000 (17:48 +0200)]
s_client: use the full buffer for reads
Use full allocated buffer for reads to not call into switch() over and
over; also increase the size of the buffer to 16 kiB (max for TLS
records). The server side already is using 16 kiB buffers.
Signed-off-by: Hubert Kario <hkario@redhat.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24688)
Tomas Mraz [Mon, 17 Jun 2024 14:48:26 +0000 (16:48 +0200)]
Fix regression of EVP_PKEY_CTX_add1_hkdf_info() with older providers
If there is no get_ctx_params() implemented in the key exchange
provider implementation the fallback will not work. Instead
check the gettable_ctx_params() to see if the fallback should be
performed.
Fixes #24611
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/24661)
Robert Schulze [Wed, 19 Jun 2024 08:40:16 +0000 (08:40 +0000)]
Incorporate more review feedback
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24673)
Robert Schulze [Tue, 18 Jun 2024 20:31:14 +0000 (20:31 +0000)]
Incorporate review feedback
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24673)
Robert Schulze [Tue, 18 Jun 2024 14:43:26 +0000 (14:43 +0000)]
Fix data race between SSL_SESSION_list_add and ssl_session_dup
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24673)
Tomas Mraz [Mon, 17 Jun 2024 10:19:45 +0000 (12:19 +0200)]
Add test for ASN1_item_verify()
This is a test for https://github.com/openssl/openssl/issues/24575
Original idea by Theo Buehler.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24576)
Tomas Mraz [Thu, 6 Jun 2024 13:36:00 +0000 (15:36 +0200)]
ASN1_item_verify_ctx(): Return -1 on fatal errors
Fixes #24575
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24576)
Todd Short [Tue, 18 Jun 2024 18:11:15 +0000 (14:11 -0400)]
Add comp.h to gitignore
Signed-off-by: Todd Short <todd.short@me.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24676)
Tomas Mraz [Mon, 17 Jun 2024 10:35:39 +0000 (12:35 +0200)]
Add CHANGES.md entry for the EC/DSA nonce generation fixes
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24660)
Neil Horman [Mon, 17 Jun 2024 18:12:46 +0000 (14:12 -0400)]
Some minor nit corrections in the thread code for rcu
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24630)
Fix handling of max_fragment_length extension for PSK
A psk session was assumed to be a resumption which failed a check
when parsing the max_fragment_length extension hello from the client.
Relevant code from PR#18130 which was a suggested fix to the issue
was cherry-picked.
Fixes #18121
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24513)
Rajeev Ranjan [Wed, 15 May 2024 11:11:09 +0000 (13:11 +0200)]
CMP: add support for requesting cert template using genm/genp
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24409)
Jaime Hablutzel [Mon, 17 Jun 2024 16:40:08 +0000 (11:40 -0500)]
Fix typo in openssl-verification-options documentation.
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24662)
CMP app: fix combination of -certout and -chainout with equal filename argument
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24267)
Viktor Dukhovni [Mon, 27 May 2024 11:35:56 +0000 (21:35 +1000)]
MVP demo TLS server
- No concurrency, one client-at-a-time
- Blocking
- No client certs
- Fixed chain and key file names
- Minimal support for session resumption
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24505)
Remove configuration targets and related documentation for Guardian builds.
The intermediate configuration items to support Guardian builds are left
in place as a convenience for users who want to set up configurations
for Guardian on their own.
Fixes: #22175 Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24579)
Add support for targetingInformation X.509v3 extension
Support for the targetingInformation X.509v3 extension defined in ITU-T
Recommendation X.509 (2019), Section 17.1.2.2. This extension is used
in attribute certificates.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22206)
Tomas Mraz [Thu, 11 Apr 2024 09:34:57 +0000 (11:34 +0200)]
test/prov_config_test.c: Cleanup and fix potential leaks
Fixes #24106
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24107)
Fix memory leak on error in crypto/conf/conf_mod.c
Fixes #24111
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24119)
Watson Ladd [Tue, 21 Nov 2023 17:59:05 +0000 (12:59 -0500)]
Allow group methods to customize initialization for speed
This commit also adds an implementation for P256 that avoids some
expensive initialization of Montgomery arithmetic structures in favor
of precomputation. Since ECC groups are not always cached by higher
layers this brings significant savings to TLS handshakes.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22746)
Disable 70-test_quic_multistream.t when building with PUT threads.
The test recipe includes a TEST_skip when OpenSSL is built with _PUT_MODEL_
based on design assumptions for QUIC and incompatibility with PUT wrapper
methods.
Fixes: #24442 Fixes: #24431 Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24468)
Tomas Mraz [Mon, 3 Jun 2024 14:46:41 +0000 (16:46 +0200)]
Update CHANGES.md and NEWS.md for the upcoming release
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/24549)
CoolThi [Wed, 29 May 2024 10:24:56 +0000 (18:24 +0800)]
Remove the dead store in EVP_DecryptFinal_ex
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24526)
sanumesh [Tue, 28 May 2024 17:46:52 +0000 (12:46 -0500)]
enable AES-XTS optimization for AIX
Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24518)
Gerd Hoffmann [Wed, 22 May 2024 11:11:09 +0000 (13:11 +0200)]
uefi: move variables
Fixes "unused variable" warnings with OPENSSL_SYS_UEFI.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24459)
Gerd Hoffmann [Wed, 22 May 2024 08:18:52 +0000 (10:18 +0200)]
uefi: add typedef for uintptr_t
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24459)
CHANGES.md: add an entry about newly deprecated time-related functions
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24307)
Adjust the manpages at the same time so that only the new
functions are being presented.
Fixes: #23648 Signed-off-by: Alexander Kanavin <alex@linutronix.de> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24307)
ssl_sess.c: deprecate SSL_CTX_flush_sessions in favour of _ex() replacement
The original function is using long for time and is therefore
not Y2038-safe.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24307)
include/openssl/macros.h: define deprecation macros for 3.4
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24307)
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24307)
Amir Mohammadi [Wed, 22 May 2024 16:18:51 +0000 (19:48 +0330)]
Fix potential memory leak in test_bad_dtls
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24464)
sanumesh [Mon, 27 May 2024 10:00:00 +0000 (05:00 -0500)]
threads_pthread.c: change inline to ossl_inline
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24502)
Matt Caswell [Fri, 26 Apr 2024 10:05:52 +0000 (11:05 +0100)]
Move the ability to load the dasync engine into ssltestlib.c
The sslapitest has a helper function to load the dasync engine which is
useful for testing pipelining. We would like to have the same facility
from sslbuffertest, so we move the function to the common location
ssltestlib.c
Follow on from CVE-2024-4741
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24395)
Matt Caswell [Tue, 23 Apr 2024 15:34:46 +0000 (16:34 +0100)]
Only free the read buffers if we're not using them
If we're part way through processing a record, or the application has
not released all the records then we should not free our buffer because
they are still needed.
CVE-2024-4741
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24395)
Function EVP_Digest_loop() must use EVP_DigestInit_ex2(), EVP_DigestUpdate(),
and EVP_DigestFinalXOF() in case of shake instead of just EVP_Digest() to get
around this.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24462)
Max Ammann [Tue, 7 May 2024 22:06:39 +0000 (23:06 +0100)]
EVP_CIPHER_CTX_get_key_length(): Add null check of ctx->cipher
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22964)
Max Ammann [Tue, 3 Oct 2023 11:22:02 +0000 (12:22 +0100)]
Add provider fuzzer
Test recipe 99-test_fuzz_provider.t added.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22964)
Added an explicit yield (OP_SLEEP) to QUIC testing for cooperative threading.
Fixes: #24442 Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24443)
test: remove the just added, but now unrealistic, shake128 OAEP tests
These were added as a POC in #24387. However, such combinations are no
longer unusable since #24105 got merged.
This should unbreak all build failures on mainline.
Partially reverts: 1bfc8d17f3 (rsa-oaep: block SHAKE usage in FIPS
mode, 2024-05-13)
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@surgut.co.uk> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24463)
PiotrBzdrega [Tue, 21 May 2024 05:13:31 +0000 (07:13 +0200)]
signal.h included two times
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24445)
NIST SP 800-56 rev2 only allows using approved hash algorithms in
OAEP. Unlike FIPS 186-5 it doesn't have text allowing to use XOF SHAKE
functions. Maybe future revisions of SP 800-56 will adopt similar text
to FIPS 186-5 and allow XOF as MD and MGF (not MGF1).
RFC documents do not specify if SHAKE is allowed or blocked for usage
(i.e. there is no equivalent of RFC 8692 or RFC 8702 for OAEP). Status
quo allows their usage.
Add test cases for SHAKE in RSA-OAEP as allowed in default provider,
and blocked in fips.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24387)
rsa-pss: add tests checking for SHAKE usage in RSA-PSS
FIPS 186-5, RFC 8692, RFC 8702 all agree and specify that Shake shall
be used directly as MGF (not as a hash in MGF1). Add tests that try to
specify shake hash as MGF1 to ensure that fails.
Separately the above standards specify how to use SHAKE as a message
digest with either fixed or minimum output lengths. However, currently
shake is not part of allowed hashes.
Note that rsa_setup_md()/rsa_setup_mgf1_md() call
ossl_digest_rsa_sign_get_md_nid() ->
ossl_digest_get_approved_nid_with_sha1() ->
ossl_digest_get_approved_nid() which only contain sha1/sha2/sha3
digests without XOF.
The digest test case will need to be replace if/when shake with
minimum output lengths is added to ossl_digest_get_approved_nid().
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24387)
The .rodata section with precomputed constant `ecp_nistz256_precomputed` needs to be
terminated by .text, because the ecp_nistz256_precomputed' happens to be the
first section in the file. The lack of .text makes code to arrive into the same
.rodata section where ecp_nistz256_precomputed is found. The exception is raised
as soon as CPU attempts to execute the code from read only section.
Fixes #24184
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24192)
Richard Levitte [Wed, 17 Apr 2024 11:56:26 +0000 (13:56 +0200)]
Add installation documentation and notes on ANSI C and POSIX
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24173)
Richard Levitte [Wed, 17 Apr 2024 11:52:20 +0000 (13:52 +0200)]
When defining ossl_ssize_t = ssize_t, remember to include sys/types.h
ssize_t isn't a C language type in any C language level, but is a POSIX type
defined in <sys/types.h>, so make sure to include that before use.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24173)
Richard Levitte [Wed, 17 Apr 2024 11:45:32 +0000 (13:45 +0200)]
For Unix, refactor OSSL_sleep() to use nanosleep() instead of usleep()
usleep() is obsolete since POSIX.1-2001 and removed in POSIX.1-2008,
in favor of nanosleep(), which has been present since POSIX.1-2001.
The exceptions for DJGPP and TANDEM are preserved. Also, just in case
nanosleep() turns out to be unavailable on any Unix machinery that we
are unaware of, we allow a revert to using usleep() by defining
OPENSSL_USE_USLEEP.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24173)
Richard Levitte [Wed, 17 Apr 2024 11:35:51 +0000 (13:35 +0200)]
Work on ANSI C compatibility: modifying the github workflow
The github workflow that attempts to check that OpenSSL ANSI C compatible
defined '_DEFAULT_SOURCE', which effectively turns gcc and clang into a C99
compiler... perhaps not with regard to pure language features, but it enables
a few too many types and functions that aren't defined in ANSI C library, or
in some cases, in any C language level library.
Instead of '_DEFAULT_SOURCE', this modification defines '_XOPEN_SOURCE=1' and
'_POSIX_SOURCE=200809L', to enable the use of 'timezone', 'ssize_t' and 'strdup()'.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24173)
Hongren Zheng [Thu, 16 May 2024 08:41:25 +0000 (16:41 +0800)]
fips provider: explicitly setup cpuid when initializing
Fixes: #23979
Previously fips module relied on OPENSSL_cpuid_setup
being used as constructor by the linker to correctly
setup the capability vector, either via .section .init
(for x86_64) or via __attribute__((constructor)).
This would make ld.so call OPENSSL_cpuid_setup before
the init function for fips module. However, this early
constructing behavior has several disadvantages:
1. Not all platform/toolchain supports such behavior
2. Initialisation sequence is not well defined, and
some function might not be initialized when cpuid_setup
is called
3. Implicit path is hard to maintain and debug
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24419)
Tomas Mraz [Wed, 8 May 2024 13:23:45 +0000 (15:23 +0200)]
Check DSA parameters for excessive sizes before validating
This avoids overly long computation of various validation
checks.
Fixes CVE-2024-4603
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/24346)
Tomas Mraz [Wed, 8 May 2024 12:58:49 +0000 (14:58 +0200)]
Sync up CHANGES.md with 3.3 branch
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/24346)
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24332)
Optimizated calculation of shared power of 2 in bn_gcd
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24332)
Matt Caswell [Mon, 13 May 2024 09:45:24 +0000 (10:45 +0100)]
Suppress a spurious error from the sysdefault test
Running the sysdefault test results in spurious error output - even
though the test has actually passed
Fixes #24383
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24384)
Liu-Ermeng [Mon, 8 Jan 2024 04:01:29 +0000 (20:01 -0800)]
fix sm2 encryption implementation bug.
According to the "GB/T 32918.4-2016"
section 6.1 encryption, step A5:
If result of the "KDF" is all zeros, we should go back to
the begin(step A1).
section 7.1 decryption, step B4:
If result of the "KDF" is all zeros, we should raise error and exit.
Signed-off-by: Liu-Ermeng <liuermeng2@huawei.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23210)
fix: extension critical definition to default false
Signed-off-by: Jonathan M. Wilbur <jonathan@wilbur.space> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21230)
projects / thirdparty / openssl.git / log
