Rich Salz [Fri, 20 Mar 2020 01:53:11 +0000 (21:53 -0400)]
Revise x509v3_config.pod
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11369)
Rich Salz [Thu, 19 Mar 2020 14:19:41 +0000 (10:19 -0400)]
Revise fips_config.pod
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11369)
Norm Green [Tue, 12 May 2020 00:22:47 +0000 (17:22 -0700)]
Add missing pragma weak declaration to lhash.h
The missing symbol caused a linker failure on solaris x86_64.
Fixes #11796
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11798)
Richard Levitte [Fri, 15 May 2020 13:56:05 +0000 (15:56 +0200)]
CORE: query for operations only once per provider (unless no_store is true)
When a desired algorithm wasn't available, we didn't register anywhere
that an attempt had been made, with the result that next time the same
attempt was made, the whole process would be done again.
To avoid this churn, we register a bit for each operation that has
been queried in the libcrypto provider object, and test it before
trying the same query and method construction loop again.
If course, if the provider has told us not to cache, we don't register
this bit.
Fixes #11814
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11842)
Maxim Zakharov [Fri, 8 May 2020 04:58:10 +0000 (14:58 +1000)]
TTY_get() in crypto/ui/ui_openssl.c open_console() can also return errno 1 (EPERM, Linux)
Signed-off-by: Maxim Zakharov <5158255+Maxime2@users.noreply.github.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11767)
Matt Caswell [Thu, 14 May 2020 14:45:38 +0000 (15:45 +0100)]
Delete the sslprovider test
This was added before the changes to the sslap/ssl_new/ssl_old tests which
run those tests with a non-default library context. It no longer adds
anything that those tests don't already do, so it can be deleted.
This also fixes a number of run-checker build failures which were failing
in this test if TLSv1.2 was disabled.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11832)
Nikolay Morozov [Thu, 14 May 2020 19:32:59 +0000 (22:32 +0300)]
Fix small documentation issues
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11835)
Billy Brumley [Wed, 13 May 2020 04:33:59 +0000 (07:33 +0300)]
deprecate EC_POINTs_mul function
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11807)
Matt Caswell [Thu, 7 May 2020 11:11:44 +0000 (12:11 +0100)]
Update documentation following changes of various types
The previous commit changed the types of various objects passed between
the core and providers. Therefore the documentation needs to be updated
to reflect that.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11758)
Matt Caswell [Wed, 6 May 2020 11:29:57 +0000 (12:29 +0100)]
Maintain strict type discipline between the core and providers
A provider could be linked against a different version of libcrypto than
the version of libcrypto that loaded the provider. Different versions of
libcrypto could define opaque types differently. It must never occur that
a type created in one libcrypto is used directly by the other libcrypto.
This will cause crashes.
We can "cheat" for "built-in" providers that are part of libcrypto itself,
because we know that the two libcrypto versions are the same - but not for
other providers.
To ensure this does not occur we use different types names for the handful
of opaque types that are passed between the core and providers.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11758)
raja-ashok [Sun, 10 May 2020 17:17:00 +0000 (22:47 +0530)]
Test TLSv1.3 out-of-band PSK with all 5 ciphersuites
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11785)
raja-ashok [Fri, 8 May 2020 13:47:21 +0000 (19:17 +0530)]
Fix crash in early data send with out-of-band PSK using AES CCM
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11785)
Rich Salz [Wed, 13 May 2020 15:16:50 +0000 (11:16 -0400)]
Fix all MD036 (emphasis used instead of heading)
The main fixes were errors in itemized lists "*)" instead of "*"
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11770)
Rich Salz [Fri, 8 May 2020 14:34:22 +0000 (10:34 -0400)]
Add "md-nits" make target
Also fix a nit in recent CHANGES.md update.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11770)
David von Oheimb [Mon, 28 Aug 2017 17:14:47 +0000 (19:14 +0200)]
Add 'methods' parameter to setup_engine() in apps.c for individual method defaults
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/4277)
Clean up macro definitions of openssl_fdset() in apps.h and sockets.h
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/4277)
Use OSSL_STORE for load_{,pub}key() and load_cert() in apps/lib/apps.c
This also adds the more flexible and general load_key_cert_crl()
as well as helper functions get_passwd(), cleanse(), and clear_free()
to be used also in apps/cmp.c etc.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11755)
Nit-fix: remove whitespace in doc/man3/EVP_PKEY_fromdata.pod causing warning
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11755)
Guard use of struct tms with #ifdef __TMS like done earlier in apps/lib/apps.c
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11755)
Nicolas Vigier [Thu, 5 Mar 2020 19:39:05 +0000 (20:39 +0100)]
If SOURCE_DATE_EPOCH is defined, use it for copyright year
Using the date from SOURCE_DATE_EPOCH instead of the current date makes
it possible to reproduce a build that was built on a different year:
https://reproducible-builds.org/specs/source-date-epoch/
This is fixing an issue we had while building Tor Browser:
https://trac.torproject.org/projects/tor/ticket/33535
CLA: trivial
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11296)
Matt Caswell [Fri, 8 May 2020 10:12:10 +0000 (11:12 +0100)]
Correct alignment calculation in ssl3_setup_write
The alignment calculation in ssl3_setup_write incorrectly results in an
alignment allowance of
(-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1) bytes. This equals 3
in almost all cases. The maximum alignment actually used in do_ssl3_write
is (SSL3_ALIGN_PAYLOAD - 1). This equals 7 bytes in almost all cases. So
there is a potential to overrun the buffer by up to 4 bytes.
Fortunately, the encryption overhead allowed for is 80 bytes which
consists of 16 bytes for the cipher block size and 64 bytes for the MAC
output. However the biggest MAC that we ever produce is HMAC-384 which is
48 bytes - so we have a headroom of 16 bytes (i.e. more than the 4 bytes
of potential overrun).
Thanks to Nagesh Hegde for reporting this.
Fixes #11766
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11768)
Orgad Shaneh [Mon, 24 Feb 2020 07:02:31 +0000 (09:02 +0200)]
Configure: Avoid SIXTY_FOUR_BIT for linux-mips64
This is a 32-bit ABI build (as opposed to linux64-mips64).
Setting SIXTY_FOUR_BIT breaks hardware optimizations, at least on
octeon processors.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11725)
Richard Levitte [Fri, 24 Apr 2020 09:03:28 +0000 (11:03 +0200)]
dev/release.sh: Add --reviewer to set reviewers
Doing this is kind of contrary to how we normally do things, as this
constitutes a kind of pre-approval. However, without this, the normal
review process will modify the reviewed commits, and render the
annotated release tag invalid, which forces the person doing the
release to re-tag manually.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11630)
Thomas Dwyer III [Wed, 13 May 2020 17:32:47 +0000 (10:32 -0700)]
Pass "-z defs" to the linker via "-Wl,-z,defs" rather than with gcc's -z
flag (which is not supported by older compilers).
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11815)
Richard Levitte [Thu, 14 May 2020 15:15:05 +0000 (17:15 +0200)]
test/evp_extra_test.c: Add OPENSSL_NO_CMAC around CMAC test
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11833)
Richard Levitte [Tue, 12 May 2020 08:27:46 +0000 (10:27 +0200)]
PROV: make some DER AID arrays non-static, to avoid clang complaints
The problem encountered is that some arrays were deemed unnecessary by
clang, for example:
providers/common/der/der_rsa.c:424:28: error: variable 'der_aid_sha224Identifier' is not needed and will not be emitted [-Werror,-Wunneeded-internal-declaration]
static const unsigned char der_aid_sha224Identifier[] = {
^
However, these arrays are used in sizeof() expressions in other parts
of the code that's actually used, making that warning-turned-error a
practical problem. We solve this by making the array non-static,
which guarantees that the arrays will be emitted, even though
unnecessarily. Fortunately, they are very small.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
Richard Levitte [Wed, 6 May 2020 19:44:58 +0000 (21:44 +0200)]
EVP: For SIGNATURE operations, pass the propquery early
Instead of passing it with signature->digest_verify_init() and
signature->digest_sign_init(), we pass it with signature->newctx().
This allows the digests that are indicated by RSA PSS parameters
to have a useful propquery.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
Richard Levitte [Thu, 7 May 2020 06:51:09 +0000 (08:51 +0200)]
PROV: Refactor the RSA SIGNATURE implementation for better param control
We want to catch errors in passed parameters early, which requires
kowledge of the ongoing operation. Fortunately, that's possible by
re-using the EVP_PKEY_OP macros in specific init functions.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
Richard Levitte [Sat, 2 May 2020 11:33:24 +0000 (13:33 +0200)]
DER writer: Add the possibility to abandon empty SEQUENCEs
In some cases, a SEQUENCE that contains only optional fields may end
up empty. In some cases, this may be represented by dropping the
SEQUENCE entirely from the encoded DER.
To do this, we detect the case where WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH
is used, and adapt accordingly.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
Richard Levitte [Sat, 2 May 2020 10:46:55 +0000 (12:46 +0200)]
RSA: Add a less loaded PSS-parameter structure
RSA_PSS_PARAMS carries with it a lot of baggage in form of X509_ALGOR
and ASN1_INTEGER, which we would rather avoid in our providers.
Therefore, we create a parallell structure - RSA_PSS_PARAMS_30 - that
contains the same information, but uses numeric identities (*) and C
integers (**). This makes it simpler to handle.
Note that neither this structure nor its contents are passed between
libcrypto and the providers. Instead, the numeric identities are
translated to and from names, which are then passed over that
boundary.
For future considerations, we might consider dropping RSA_PSS_PARAMS
entirely. For now, it's still reserved for EVP_PKEY_ASN1_METHOD code,
which RSA_PSS_PARAMS_30 is (almost entirely) reserved for use in our
providers.
(*) We use NIDs in this case, because we already have them and because
only algorithms that libcrypto knows about are permitted in PSS
restrictions. We could use any number series we want, as long as we
know for sure what they represent.
(**) That's for saltlen and for trailerfield, which are never expect
to surpass the set of numbers that fit in a regular 'int'.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
Richard Levitte [Sat, 2 May 2020 10:41:39 +0000 (12:41 +0200)]
RSA: Add rsa_schemes.c, to store scheme data and translator functions
The scheme currently added is OAEP-PSSDigestAlgorithms codified.
The translator functions translate an EVP_MD into a NID, and a NID
into a name, to support the creation and parsing of OSSL_PARAM items.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
Richard Levitte [Sat, 2 May 2020 09:22:23 +0000 (11:22 +0200)]
RSA: Add RSA key types
The support of restricted RSA key types (OAEP and PSS) was lacking, or
dependent on the presence of restriction parameters. For example,
this means that even though an RSA-PSS key may have been generated, it
may appear as a plain unrestricted RSA key if parameters weren't
present (which is the case when default restriction parameters are
used)
To make it clearer what an RSA key is intended for, and avoid
depending in an EVP_PKEY, we introduce RSA key types. This is done by
reserving a section of the RSA flags (4 bits, which allows a total of
16 different types).
This isn't terribly important for EVP_PKEY_ASN1_METHOD code, as that
has access to the wrapping EVP_PKEY. This is very important for
provider code, which has no access to the wrapping EVP_PKEY.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
Rename OSSL_CMP_CTX_set1_clCert() to OSSL_CMP_CTX_set1_cert()
Also update documentation and example code in openssl-cmp.pod.in
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11470)
Add -reqin_new_tid option to apps/cmp.c and OSSL_CMP_MSG_update_transactionID()
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11470)
Improve CMP documentation regarding use of untrusted certs
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11470)
Chunk 11 of CMP contribution to OpenSSL: CMP command-line interface
Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL
Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712).
Adds the CMP and CRMF API to libcrypto and the "cmp" app to the CLI.
Adds extensive documentation and tests.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11470)
Preliminary fix of memory leak in try_decode_PKCS12() - full fix is in #11733
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11470)
Improve description of algorithm NIDs in doc/man3/OSSL_CMP_CTX_new.pod
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11470)
Reflect constifications of 62dcd2aa in doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/11470)
Richard Levitte [Tue, 12 May 2020 06:46:23 +0000 (08:46 +0200)]
PROV: Add a proper provider context structure for OpenSSL providers
The provider context structure is made to include the following information:
- The core provider handle (first argument to the provider init
function). This handle is meant to be used in all upcalls that need
it.
- A library context, used for any libcrypto calls that need it, done in
the provider itself.
Regarding the library context, that's generally only needed if the
provider makes any libcrypto calls, i.e. is linked with libcrypto. That
happens to be the case for all OpenSSL providers, but is applicable for
other providers that use libcrypto internally as well.
The normal thing to do for a provider init function is to create its own
library context. For a provider that's meant to become a dynamically
loadable module, this is what MUST be done.
However, we do not do that in the default provider; it uses the library
context associated with the core provider handle instead. This is
permissible, although generally discouraged, as long as the provider in
question is guaranteed to be built-in, into libcrypto or into the
application that uses it.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11803)
I used echo `echo "<paste>" ` | sed "s/ //g"
to get everything in one line, put that again
into the clipboard and
then start sage, type N=0x<paste><CR>
>> P seems to be a prime, and is indeed a factor of N.
sage: is_pseudoprime(Q)
False
sage: gcd(N,Q)
1
sage: ecm(Q)
Found composite factor of 3 digits: 675
Composite cofactor ... has 1231 digits.
Q has a small factor. The large cofactor
is way too large to be factorized (today).
>> surprise, this is a sage artefact.
>> is_prime is supposed to tell if Qcorrect
>> is a provable prime, but these numbers are
>> too large for a proof.
sage: help(Qcorrect)
class Rational
...
>> oops, it is of course not a rational number.
sage: Qcorrect = Integer(N/P)
class Integer
...
>> okay now it is an integer.
sage: is_prime(Qcorrect)
>> takes way too long: press CTRL-C
sage: is_pseudoprime(Qcorrect)
True
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11783)
Tomas Mraz [Mon, 11 May 2020 15:15:40 +0000 (17:15 +0200)]
Replace misleading error message when loading PEM
The error message "short header" when the end line
of PEM data cannot be identified is misleading.
Replace it with already existing "bad end line" error.
Fixes #8815
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11793)
Richard Levitte [Mon, 11 May 2020 09:10:41 +0000 (11:10 +0200)]
CORE: Attach the provider context to the provider late
There are concerns that if |prov->provctx| is populated early,
sensitive information may leak from the provider. Therefore, we use a
temporary variable, and only assign it to |prov->provctx| when the
provider init function has returned successfully.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11777)
Richard Levitte [Sat, 9 May 2020 08:11:14 +0000 (10:11 +0200)]
Fix some misunderstandings in our providers' main modules
This started with adding forward declarations of all provider side
interface functions, and fixing all compiler errors.
Furthermore, diminish the faulty assumption that the provider context
is and always will be just a library context. That means adding a
teardown function in all providers that aren't necessarily built into
libcrypto.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11777)
Richard Levitte [Mon, 11 May 2020 07:14:11 +0000 (09:14 +0200)]
Fix d2i_PrivateKey_ex() to work as documented
d2i_PrivateKey(), and thereby d2i_PrivateKey_ex(), is documented to
return keys of the type given as first argument |type|, unconditionally.
Most specifically, the manual says this:
> An error occurs if the decoded key does not match type.
However, when faced of a PKCS#8 wrapped key, |type| was ignored, which
may lead to unexpected results.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11787)
Beat Bolli [Thu, 7 May 2020 12:19:22 +0000 (14:19 +0200)]
doc: fix two invalid <B> tags
Signed-off-by: Beat Bolli <dev@drbeat.li> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11759)
Extract HTTP server code from apps/ocsp.c to apps/lib/http_server.c
Also adds apps/include/http_server.h.
This is used so far by apps/ocsp.c and is going to be used for apps/cmp.c
and will be helpful also for any future app acting as HTTP server.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11736)
Fix bio_wait() in crypto/bio/bio_lib.c in case OPENSSL_NO_SOCK
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11736)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11736)
Fix bug in OSSL_CMP_SRV_process_request() on transaction renewal
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11736)
As described in https://github.com/openssl/openssl/issues/9187, the
loading of PEM certificates sometimes fails if a line of base64
content has the length of a multiple of 254.
The problem is in get_header_and_data(). When such a line with a
length of 254 (or a multiple) has been read, the next read will
only read a newline. Due to this get_header_and_data() expects to be
in the header not in the data area. This commit fixes that by checking
if lines have been read completely or only partially. In case of a
previous partial read, a newline will be ignored.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11741)
Rich Salz [Thu, 7 May 2020 11:44:01 +0000 (13:44 +0200)]
Fix issues reported by markdownlint
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11739)
Rich Salz [Thu, 7 May 2020 11:42:14 +0000 (13:42 +0200)]
travis: enable markdownlint checks
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11739)
Richard Levitte [Wed, 6 May 2020 18:48:25 +0000 (20:48 +0200)]
EVP: when setting the operation to EVP_PKEY_OP_UNDEFINED, clean up!
There were a few instances where we set the EVP_PKEY_CTX operation to
EVP_PKEY_OP_UNDEFINED, but forgot to clean up first. After the
operation is made undefined, there's no way to know what should be
cleaned away, so that must be done first, in all spots.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11750)
Shane Lontis [Thu, 7 May 2020 06:08:18 +0000 (16:08 +1000)]
Remove legacy FIPS_mode functions
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11680)
Shane Lontis [Thu, 7 May 2020 05:31:05 +0000 (15:31 +1000)]
Remove gen_get_params & gen_gettable_params from keygen operation
EVP_PKEY_CTX_gettable_params() was missing code for the keygen operation.
After adding it it was noticed that it is probably not required for this type, so instead
the gen_get_params and gen_gettable_params have been remnoved from the provider interface.
gen_get_params was only implemented for ec to get the curve name. This seems redundant
since normally you would set parameters into the keygen_init() and then generate a key.
Normally you would expect to extract data from the key - not the object that we just set up
to do the keygen.
Added a simple settable and gettable test into a test that does keygen.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11683)