]>
git.ipfire.org Git - thirdparty/openssl.git/log
Dr. David von Oheimb [Fri, 26 Feb 2021 10:42:49 +0000 (11:42 +0100)]
apps/x509.c: Fix too eager call to X509_set_issuer_name() introduced recently
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14340)
Pauli [Fri, 26 Feb 2021 00:57:21 +0000 (10:57 +1000)]
rand: use params argument on instantiate call
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:57:05 +0000 (10:57 +1000)]
core: add params argument to DRBG instantiate call
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:56:46 +0000 (10:56 +1000)]
doc: update documenation with params argument on DRBG instantiate calls
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:56:17 +0000 (10:56 +1000)]
test: update tests to allow for params argument for the instantiate call on EVP_RAND_CTXs
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:55:40 +0000 (10:55 +1000)]
prov: update rand implementations to have a params argument for the instantiate call
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:55:02 +0000 (10:55 +1000)]
fips: update DRBG KATs for the extra instantiate argument
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:52:13 +0000 (10:52 +1000)]
evp: add params argument to EVP_RAND_instantiate()
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:09:49 +0000 (10:09 +1000)]
doc: document additional argument to KDF derive calls
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:09:27 +0000 (10:09 +1000)]
prov: add additional argument to KDF derive call in key exchange
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:09:07 +0000 (10:09 +1000)]
fips: add additional argument to KDF derive call in self test
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:08:45 +0000 (10:08 +1000)]
crypto: add additional argument to KDF derive calls
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:08:23 +0000 (10:08 +1000)]
apps: add addition argument to KDF derive call
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:07:23 +0000 (10:07 +1000)]
prov: add extra params argument to KDF implementations
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:06:52 +0000 (10:06 +1000)]
tls: adjust for extra argument to KDF derive call
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:06:31 +0000 (10:06 +1000)]
test: adjust tests to include extra argument to KDF derive call
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:06:11 +0000 (10:06 +1000)]
evp: add param argument to KDF derive call
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Fri, 26 Feb 2021 00:05:46 +0000 (10:05 +1000)]
core: add param argument to KDF derive call
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 04:30:57 +0000 (14:30 +1000)]
doc: update provider-mac documentation to account for the additional init() arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 04:27:29 +0000 (14:27 +1000)]
doc: update KMAC doc to not say that the `KEY\' parameter needs to be set before the init call
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 04:12:56 +0000 (14:12 +1000)]
apps: update speed to use the additional arguments to MAC_init
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 04:03:09 +0000 (14:03 +1000)]
doc: note the additional parameters to EVP_MAC_init()
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:54:55 +0000 (13:54 +1000)]
update poly1305 to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:54:35 +0000 (13:54 +1000)]
update BLAKE2 to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:54:13 +0000 (13:54 +1000)]
prov: update kmac to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:54:13 +0000 (13:54 +1000)]
prov: update hmac to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:54:13 +0000 (13:54 +1000)]
prov: update gmac to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:54:12 +0000 (13:54 +1000)]
prov: update cmac to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:52:25 +0000 (13:52 +1000)]
prov: use new MAC_init arguments in HMAC-DRBG
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:52:06 +0000 (13:52 +1000)]
prov: use new MAC_init arguments in signature legacy code
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:51:28 +0000 (13:51 +1000)]
prov: update provider util to be less agressive about changing things unnecessarily
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:51:03 +0000 (13:51 +1000)]
fips: update to use the extra MAC init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:50:45 +0000 (13:50 +1000)]
core: update to use the extra MAC init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:50:01 +0000 (13:50 +1000)]
test: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:49:37 +0000 (13:49 +1000)]
evp_test: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:49:10 +0000 (13:49 +1000)]
tls: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:48:48 +0000 (13:48 +1000)]
evp: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:48:27 +0000 (13:48 +1000)]
crmf: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:48:00 +0000 (13:48 +1000)]
apps: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:47:36 +0000 (13:47 +1000)]
apps: update mac to work with additional MAC_init arguments. This doesn't include the creation of new 'key' arguments.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 03:47:01 +0000 (13:47 +1000)]
apps: update fipsinstall to work with additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 00:27:22 +0000 (10:27 +1000)]
prov kdf: update to use the extra MAC init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Thu, 25 Feb 2021 00:22:01 +0000 (10:22 +1000)]
prov: update SipHash to new init function
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Pauli [Wed, 24 Feb 2021 23:52:26 +0000 (09:52 +1000)]
siphash: Add the C and D round parameters for SipHash.
This represents a gap in functionality from the low level APIs.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Richard Levitte [Tue, 23 Feb 2021 21:42:18 +0000 (22:42 +0100)]
crypto/asn1/i2d_evp.c: Fix i2d_provided() to return a proper length
Fixes #14258
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/14291)
Richard Levitte [Tue, 23 Feb 2021 21:41:04 +0000 (22:41 +0100)]
PROV: Implement an EC key -> blob encoder, to get the public key
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/14291)
Richard Levitte [Tue, 23 Feb 2021 21:39:39 +0000 (22:39 +0100)]
Modify i2d_PublicKey() so it can get an EC public key as a blob
This introduces the encoder output type "blob", to be used for
anything that outputs an unstructured blob of data.
Fixes #14258
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/14291)
Benjamin Kaduk [Fri, 19 Feb 2021 21:20:00 +0000 (13:20 -0800)]
test_ecpub: test that we can decode the DER we encoded
We should be able to round-trip through the encoded DER form of the
EC public key and get back something that compares as equal to the
original key.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14291)
Benjamin Kaduk [Fri, 19 Feb 2021 21:46:49 +0000 (13:46 -0800)]
test_ecpub: verify returned length after encoding
Save the length we got from querying how much space was needed, and
check that the actual encoding call returned the same length.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14291)
Benjamin Kaduk [Mon, 25 Jan 2021 20:19:16 +0000 (12:19 -0800)]
Add test for EC pubkey export/import
There seems to be an issue with i2d_provided() in i2d_evp.c that causes
us to fail to construct a valid chain of encoders for the "type-specific"
output when it's an EC pubkey. This test is designed to exercise that
codepath for a variety of curves.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14291)
Dr. David von Oheimb [Fri, 26 Feb 2021 07:24:07 +0000 (08:24 +0100)]
Code cleanup mostly in crypto/x509/v3_purp.c
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14328)
Benjamin Kaduk [Wed, 24 Feb 2021 21:38:25 +0000 (13:38 -0800)]
Check ASN1_item_ndef_i2d() return value.
Return an error instead of trying to malloc a negative number.
The other usage in this file already had a similar check, and the caller
should have put an entry on the error stack already.
Note that we only check the initial calls to obtain the encoded length,
and assume that the follow-up call to actually encode to the allocated
storage will succeed if the first one did.
Fixes: #14177
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14308)
Tomas Mraz [Thu, 25 Feb 2021 14:08:16 +0000 (15:08 +0100)]
evp_pkey_provided_test: Improve diagnostic output
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14316)
Tomas Mraz [Thu, 25 Feb 2021 13:43:21 +0000 (14:43 +0100)]
tests: Always print errors before test verdict
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14316)
Pauli [Tue, 23 Feb 2021 23:24:29 +0000 (09:24 +1000)]
fuzzer: add ctx gettable/settable to the fuzzer RNG
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 23:24:26 +0000 (09:24 +1000)]
test: add ctx gettable/settable to the generic fake random number generator
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 01:49:55 +0000 (11:49 +1000)]
core: support modified gettable/settable ctx calls for ciphers
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 01:49:20 +0000 (11:49 +1000)]
changes to match the updated context gettable/settable calls for ciphers
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 01:48:57 +0000 (11:48 +1000)]
evp: upport modified gettable/settable ctx calls for ciphers
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 01:48:35 +0000 (11:48 +1000)]
prov: upport modified gettable/settable ctx calls for ciphers
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 01:03:49 +0000 (11:03 +1000)]
evp: support modified gettable/settable ctx calls for MACs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 01:03:31 +0000 (11:03 +1000)]
doc: changes to match the updated context gettable/settable calls for MACs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 01:03:08 +0000 (11:03 +1000)]
core: core: support modified gettable/settable ctx calls for MACs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 01:02:49 +0000 (11:02 +1000)]
prov: support modified gettable/settable ctx calls for MACs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 00:47:18 +0000 (10:47 +1000)]
prov: support modified gettable/settable ctx calls for KDFs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 00:46:58 +0000 (10:46 +1000)]
core: support modified gettable/settable ctx calls for KDFs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 00:46:08 +0000 (10:46 +1000)]
evp: support modified gettable/settable ctx calls for KDFs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Tue, 23 Feb 2021 00:45:39 +0000 (10:45 +1000)]
doc: changes to match the updated context gettable/settable calls
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Mon, 22 Feb 2021 23:52:15 +0000 (09:52 +1000)]
evp: support modified gettable/settable ctx calls for RNGs
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Mon, 22 Feb 2021 23:51:48 +0000 (09:51 +1000)]
core: update RNG gettable/settable ctx param calls
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Mon, 22 Feb 2021 23:51:10 +0000 (09:51 +1000)]
prov: update RNGs to support modified gettable/settable CTX params
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Mon, 22 Feb 2021 23:50:17 +0000 (09:50 +1000)]
doc: note changes to rand gettable/settable provider call
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Mon, 22 Feb 2021 02:07:15 +0000 (12:07 +1000)]
doc: note changes to digest gettable/settable provider calls
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Mon, 22 Feb 2021 02:06:48 +0000 (12:06 +1000)]
modify EVP to support digest gettable/settable calls
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Mon, 22 Feb 2021 02:06:30 +0000 (12:06 +1000)]
core: update digest gettable/settable ctx params calls
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Pauli [Mon, 22 Feb 2021 02:06:04 +0000 (12:06 +1000)]
prov: update digests to support modified ctx params
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14240)
Richard Levitte [Wed, 24 Feb 2021 23:06:46 +0000 (00:06 +0100)]
Makefile: Only update doc/build.info when there's an actual change
Fixes #14307
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14309)
Shane Lontis [Thu, 18 Feb 2021 10:27:26 +0000 (20:27 +1000)]
Fix external symbols related to ec & sm2 keys
Partial fix for #12964
This adds ossl_ names for the following symbols:
ec_*, ecx_*, ecdh_*, ecdsa_*, sm2_*
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14231)
Shane Lontis [Thu, 18 Feb 2021 06:30:37 +0000 (16:30 +1000)]
Fix external symbols related to dsa keys
Partial fix for #12964
This adds ossl_ names for the following symbols:
dsa_check_pairwise, dsa_check_params, dsa_check_priv_key, dsa_check_pub_key, dsa_check_pub_key_partial,
dsa_do_sign_int, dsa_ffc_params_fromdata,
dsa_generate_ffc_parameters, dsa_generate_public_key,
dsa_get0_params, dsa_key_fromdata, dsa_new_with_ctx, dsa_pkey_method, dsa_sign_int
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14231)
Shane Lontis [Thu, 18 Feb 2021 05:56:53 +0000 (15:56 +1000)]
Fix external symbols related to dh keys
Partial fix for #12964
This adds ossl_ names for the following symbols:
dh_new_by_nid_ex, dh_new_ex, dh_generate_ffc_parameters, dh_generate_public_key,
dh_get_named_group_uid_from_size, dh_gen_type_id2name, dh_gen_type_name2id,
dh_cache_named_group, dh_get0_params, dh_get0_nid,
dh_params_fromdata, dh_key_fromdata, dh_params_todata, dh_key_todata,
dh_check_pub_key_partial, dh_check_priv_key, dh_check_pairwise,
dh_get_method, dh_buf2key, dh_key2buf, dh_KDF_X9_42_asn1,
dh_pkey_method, dhx_pkey_method
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14231)
Shane Lontis [Fri, 19 Feb 2021 09:15:41 +0000 (19:15 +1000)]
Fix external symbols for bn
Partial fix for #12964
This adds ossl_ names for symbols related to bn_*
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14296)
Mark [Wed, 24 Feb 2021 13:14:08 +0000 (14:14 +0100)]
Fix filename escaping in c_rehash
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14301)
Tomas Mraz [Wed, 24 Feb 2021 16:45:55 +0000 (17:45 +0100)]
evp_extra_test: Do not manipulate providers in default context
Otherwise the with OPENSSL_TEST_RAND_ORDER following tests will
be broken. There is also no real need to do that.
Fixes #14070
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14305)
Tomas Mraz [Wed, 24 Feb 2021 15:44:41 +0000 (16:44 +0100)]
fake_random: Do not overwrite the callback on instatiation
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14299)
Tomas Mraz [Wed, 24 Feb 2021 11:32:40 +0000 (12:32 +0100)]
Ensure that the fake rand is initialized
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14299)
jwalch [Fri, 19 Feb 2021 18:02:27 +0000 (13:02 -0500)]
Fix an integer overflow in o_time.c
If input offset_sec is sufficiently large (> INT32_MAX * SECS_PER_DAY, which is possible for a long on 64-bit platforms), then the first assignment contains an overflow.
I think leaving offset_hms as an int is still safe.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14252)
Matt Caswell [Fri, 19 Feb 2021 17:47:21 +0000 (17:47 +0000)]
Add a test for a names_do_all function
Make sure that if we change the namemap part way through calling a
names_do_all function it still works.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14250)
Matt Caswell [Fri, 19 Feb 2021 17:03:43 +0000 (17:03 +0000)]
Don't hold a lock when calling a callback in ossl_namemap_doall_names
We don't want to hold a read lock when calling a user supplied callback.
That callback could do anything so the risk of a deadlock is high.
Instead we collect all the names first inside the read lock, and then
subsequently call the user callback outside the read lock.
Fixes #14225
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14250)
Richard Levitte [Tue, 23 Feb 2021 17:19:38 +0000 (18:19 +0100)]
Fix string termination and length setting in OSSL_PARAM_BLD_push_utf8_string()
OSSL_PARAM_BLD_push_utf8_string() was still setting the length in
bytes of the UTF8 string to include the terminating NUL byte, while
recent changes excludes that byte from the length. It's still made to
add a NUL byte at the end of the string no matter what.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14035)
Richard Levitte [Tue, 23 Feb 2021 07:10:02 +0000 (08:10 +0100)]
Fix OSSL_PARAM_allocate_from_text() for OSSL_PARAM_UTF8_STRING
OSSL_PARAM_allocate_from_text() was still setting the length in bytes
of the UTF8 string to include the terminating NUL byte, while recent
changes excludes that byte from the length.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14035)
Richard Levitte [Mon, 1 Feb 2021 07:58:58 +0000 (08:58 +0100)]
Allow the sshkdf type to be passed as a single character
This partially reverts commit
270a5ce1d9ea579a2f1d45887971582b1ef2b6a1 .
This also slightly modifies the way diverse parameters in are
specified in providers/fips/self_test_data.inc for better consistency.
Fixes #14027
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14035)
Tomas Mraz [Tue, 23 Feb 2021 15:52:49 +0000 (16:52 +0100)]
Cleanup of some of the EVP_PKEY_CTX_ctrl related TODOs
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
Tomas Mraz [Tue, 23 Feb 2021 15:52:21 +0000 (16:52 +0100)]
Fix missing EOL at the end of the rsa/build.info
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
Tomas Mraz [Tue, 23 Feb 2021 15:51:43 +0000 (16:51 +0100)]
Remove inclusion of unnecessary header files
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
Tomas Mraz [Tue, 23 Feb 2021 15:50:21 +0000 (16:50 +0100)]
Use strcasecmp when comparing kdf_type
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
Tomas Mraz [Mon, 22 Feb 2021 12:20:28 +0000 (13:20 +0100)]
speed: Drop deprecated <ALG>_options() calls
Also correction of some code format issues.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14228)
Tomas Mraz [Thu, 18 Feb 2021 09:48:18 +0000 (10:48 +0100)]
speed: Use EVP for ciphers, cmac, ghash, rsa, dsa, and ecdsa
Fixes #13909
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14228)
Tomas Mraz [Mon, 15 Feb 2021 18:45:01 +0000 (19:45 +0100)]
speed: Adapt digests and hmac to always use non-deprecated APIs
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14228)
Tomas Mraz [Mon, 15 Feb 2021 16:24:44 +0000 (17:24 +0100)]
speed: Drop code to handle platforms without SIGALRM
(except for Windows where a separate thread stops the looping)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14228)
Daniel Bevenius [Tue, 23 Feb 2021 12:30:13 +0000 (13:30 +0100)]
Fix typo in comment in DH_set0_pqg function
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14288)