willmafh [Wed, 4 Dec 2024 03:00:35 +0000 (11:00 +0800)]
Code & comments changes to make them in consistent
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26095)
willmafh [Tue, 3 Dec 2024 05:15:14 +0000 (13:15 +0800)]
one more empty line for code style consistency
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26095)
willmafh [Tue, 3 Dec 2024 05:13:39 +0000 (13:13 +0800)]
Change all one's complement to ones' complement for consistency
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26095)
willmafh [Tue, 3 Dec 2024 05:11:33 +0000 (13:11 +0800)]
BN_secure_new function indentation correction
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26095)
willmafh [Tue, 3 Dec 2024 05:08:55 +0000 (13:08 +0800)]
Delete redundant parentheses for code consistency
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26095)
willmafh [Tue, 3 Dec 2024 05:06:46 +0000 (13:06 +0800)]
Delete a redundant break
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26095)
Neil Horman [Sun, 1 Dec 2024 21:11:28 +0000 (16:11 -0500)]
Run interop tests on feature/quic-server branch
We currently run interop tests as a client only from the master branch.
While we are developing quic-server it would be beneficial to also get
interop test results from the quic-server branch run as both a client
and a server, until such time as the feature branch is merged. Add
building and running of a container in the test harness to our CI set
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26090)
jsondevers [Thu, 28 Nov 2024 16:49:23 +0000 (11:49 -0500)]
Add handling for additional input in jitter rng
Fixes #25917
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25966)
Commit fa338aa7cd added zeroization of public security parameters as
required by ISO 19790:2012/Cor.1:2015 7.9. However, that commit
overlooked ECX keys, which are used for EdDSA and X25519/X448.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25807)
providers: stop probing for getentropy(3) on recent FreeBSD
FreeBSD has supported both getrandom(2) and getentropy(3) since 12.0.
The last version which did *not* have these went EoL in September 2021.
Use getrandom(2) unconditionally and fallback to sysctl kern.arandom if
we do happen to have a FreeBSD that old.
This is generally a necessary step for FreeBSD's _FORTIFY_SOURCE
implementation, which needs to do some symbol renaming tricks with the
getentropy declaration that would otherwise add some platform-specific
hacks here to accommodate. getentropy(3) uses getrandom(2) internally
on FreeBSD, so we just cut out the middleman.
While we're here, it doesn't seem to make sense to ever prefer the
sysctl on FreeBSD or NetBSD. For both platforms, it's limited to 256
bytes in a single request while getrandom(2) will generally use the same
backend but service the entire request in one shot, even for larger
amounts of entropy, modulo the EINTR possibility that presents itself
with larger requests.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24903)
Michael Baentsch [Sat, 23 Nov 2024 05:44:40 +0000 (06:44 +0100)]
Document version-specific utility of EVP_PKEY_Q_keygen
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26040)
Minor nit fix to EVP_CipherFinal_ex() return code documentation.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25849)
slontis [Wed, 20 Nov 2024 01:39:35 +0000 (12:39 +1100)]
Fix EVP_PKEY_print_private() so that it works with non default providers.
At some point in time it was decided that the EC keymanagers ec_export()
function would only allow the selection to be both the public + private
parts. If just the private element is selected it returns an error.
Many openssl commandline apps use EVP_PKEY_print_private() which passes
EVP_PKEY_PRIVATE_KEY to the encoder. This selection propagates to
encoder_construct_pkey(). For external providers (such as the fips
provider this will call the keymanagers export() with the selection set
to just the private part.
So we either need to
1) change the selection in EVP_PKEY_print_private() or
2) modify the selection used in the export used in
encoder_construct_pkey
3) Change the ec_export to allow this.
I have chosen 2) but I am not sure if this is the correct thing to do
or whether it should conditionally do this when the output_type ==
'text'.
Issue was reported by Ilia Okomin (Oracle).
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26004)
die() in .tmpl file should not be silently ignored.
call to die() in perl templates is currently ignored.
any error printed by die() commad appears in template
output.
In order to make sure die() terminates processing we
must ensure we emite `undef` value. This is ensured
by adding a `BROKEN` callback to `fill_in()` Template
method. The callback must return undef to stop processing.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26064)
Bartel Artem [Mon, 25 Nov 2024 11:28:05 +0000 (14:28 +0300)]
apps/passwd.c: Convert a redundant check to assert
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26053)
Neil Horman [Wed, 27 Nov 2024 17:22:19 +0000 (12:22 -0500)]
Fix solaris build in CRYPTO_atomic_store api
Misnamed variable, just correct it to dst
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26075)
sftcd [Mon, 25 Nov 2024 16:01:39 +0000 (16:01 +0000)]
Use static array (length 256) for copy of OPENSSL_MALLOC_FAILURES
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26039)
Pauli [Wed, 27 Nov 2024 00:24:29 +0000 (11:24 +1100)]
ci: add daily runcheckers to exercise the -DOPENSSL_PEDANTIC_ZEROIZATION option
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26068)
Pauli [Wed, 27 Nov 2024 00:21:08 +0000 (11:21 +1100)]
fips: change integrity check zeroization to use the OPENSSL_PEDANTIC_ZEROIZATION define
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26068)
Pauli [Wed, 27 Nov 2024 00:19:32 +0000 (11:19 +1100)]
pbkdf2: change FIPS zeroization to use the OPENSSL_PEDANTIC_ZEROIZATION define
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26068)
Pauli [Wed, 27 Nov 2024 00:19:19 +0000 (11:19 +1100)]
hkdf: change FIPS zeroization to use the OPENSSL_PEDANTIC_ZEROIZATION define
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26068)
Pauli [Wed, 27 Nov 2024 00:19:00 +0000 (11:19 +1100)]
rsa: change FIPS zeroization to use the OPENSSL_PEDANTIC_ZEROIZATION define
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26068)
Pauli [Wed, 27 Nov 2024 00:18:51 +0000 (11:18 +1100)]
ffc: change FIPS zeroization to use the OPENSSL_PEDANTIC_ZEROIZATION define
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26068)
Pauli [Wed, 27 Nov 2024 00:18:38 +0000 (11:18 +1100)]
ec: change FIPS zeroization to use the OPENSSL_PEDANTIC_ZEROIZATION define
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26068)
willmafh [Wed, 27 Nov 2024 03:06:36 +0000 (11:06 +0800)]
A typo fix in a comment
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26069)
David Benjamin [Mon, 25 Nov 2024 16:01:17 +0000 (11:01 -0500)]
Document expected BIO operations for libssl
If your custom BIO does not implement BIO_CTRL_FLUSH, it won't work, but
this is not document anywhere.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26060)
Richard Levitte [Mon, 11 Nov 2024 10:44:56 +0000 (11:44 +0100)]
Upgrade action/{upload,download}-artifact to v4
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25920)
Niels Dossche [Wed, 20 Nov 2024 18:57:38 +0000 (19:57 +0100)]
Fix potential memory leak on failure of ecx_gen_init()
When ecx_gen_set_params() returns 0, it could have duplicated the memory
for the parameter OSSL_KDF_PARAM_PROPERTIES already in gctx->propq,
leading to a memory leak.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26015)
Niels Dossche [Wed, 20 Nov 2024 19:22:43 +0000 (20:22 +0100)]
Fix potential memory leak on failure of dsa_gen_init()
When dsa_gen_set_params() returns 0, it could have duplicated the memory for the parameter
OSSL_PKEY_PARAM_FFC_DIGEST already in gctx->mdname, leading to a memory leak.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/26016)
FIPS 140-2 IG D.9 has become FIPS 140-3 D.G (see "Mapping FIPS 140-2
IGs to FIPS 140-3" in the FIPS 140-3 IG).
The requirements w.r.t. RSA KATs have now been relaxed, meaning that
existing full-message RSA signature verification (which is performed
separately) is sufficient to meet KAT requirements for all RSA
usecases (KEM/Encrypt/Decrypt/Sign/Verify).
Dropping this KAT is very useful, because it is large/expensive on
module startup, but also because it enables in the future to block RSA
Encrypt/Decrypt operations with paddings other than OAEP, which are
legacy or deprecated by either current or draft algorithm transition
SP.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25988)
fips: zeroize temporary self-check out MD variable
At least this is done on module startup only.
To satisfy ISO/IEC 19790:2012/Cor.1:2015(E) Section 7.5 [05.10]
requirement.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25945)
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26009)
Kai Pastor [Sat, 23 Sep 2023 18:22:03 +0000 (20:22 +0200)]
Mark OPENSSL_armcap_P .hidden in arm asm
Fixes #25601
Fixes #22414
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22181)
Neil Horman [Tue, 19 Nov 2024 16:58:30 +0000 (11:58 -0500)]
Fix SSL_write_[ex|ex2] on blocking quic streams
When writing to a blocking quic stream, we sometimes get duplicate
transmitted data. This occurs when a call to quic_write_blocking has to
wait for space to become available in the ring buffer. When we do a
wait, the call sets *written to the value returned in args.total_written
as filled out by the calls to block_until_pred->quic_write_again.
However, the value there is based on the amount we requested, which is
only the remaining data that we didn't append in xso_sstream_write. So
if we call quic_write_blocking with a buffer of length X, and initially
append Y bytes, and write the remainig X-Y bytes via a block_until_pred
call, then *written will return with the value X-Y, even though we wrote
the full X bytes to the ring buffer.
Fix it by recording the initial amount appended into *written, and then
add the args.total_written value if we have to wait on more space
Fixes openssl/project#924
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26023)
Tomas Mraz [Tue, 19 Nov 2024 10:09:58 +0000 (11:09 +0100)]
sm2_sig_verify(): Do not call BN_CTX_end() without BN_CTX_start()
In case of memory allocation failure this
could happen.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25994)
Michael Baentsch [Sat, 16 Nov 2024 16:12:18 +0000 (17:12 +0100)]
add new keytype test for EVP_PKEY_Q_keygen
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25972)
spectre [Sun, 17 Nov 2024 18:15:48 +0000 (19:15 +0100)]
README.md: Fix typo. Change 'the are' to 'there are'
This pull request fixes a typo in the documentation.
The phrase "the are" has been corrected to "there are".
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25977)
wangcheng [Sat, 26 Oct 2024 09:10:38 +0000 (17:10 +0800)]
Add CTX copy function for EVP_MD to optimize the performance of EVP_MD_CTX_copy_ex.
1. Add OSSL_FUNC_digest_copyctx_fn function for EVP_MD, which is used to copy algctx from the old EVP_MD_CTX to the new one.
2. Add implementation of OSSL_FUNC_digest_copyctx_fn function for default providers.
3. Modify EVP_MD_CTX_copy_ex: When the fetched digest is the same in in and out contexts, use the copy function to copy the members in EVP_MD_CTX if the OSSL_FUNC_digest_copyctx_fn function exists. Otherwise, use the previous method to copy.
4. Add documentation for OSSL_FUNC_digest_copyctx function in doc/man7/provider-digest.pod.
5. Add testcase.
Fixes #25703
Signed-off-by: wangcheng <bangwangnj@163.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25726)
Dmitry Misharov [Wed, 13 Nov 2024 14:35:43 +0000 (15:35 +0100)]
remove ternary from runs-on, security repo is hosted on github.com
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25939)
Andrew Dinh [Thu, 7 Nov 2024 20:47:32 +0000 (12:47 -0800)]
Change "a SSL" to "an SSL"
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25868)
Neil Horman [Fri, 8 Nov 2024 14:49:46 +0000 (09:49 -0500)]
Add test for SSL_stream_reset
Add a test to the quic_multistream test suite to reset a stream after
all data has been received by a given stream, ensuring that we don't
crash in the reset operation
Fixes #25410
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25910)
Neil Horman [Fri, 8 Nov 2024 01:01:48 +0000 (20:01 -0500)]
Fix SSL_stream_reset for stream objects which have FIN bit set
When calling SSL_stream_reset on a QUIC stream object that has received
all data that is expected to be sent (i.e. when the sender has sent a
STREAM frame with the FIN bit set), we encounter the following segfault:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7f0bd28 in ossl_quic_sstream_get_final_size (qss=0x0, final_size=0x0) at ssl/quic/quic_sstream.c:273
273 if (!qss->have_final_size)
(gdb) bt
0) 0x00007ffff7f0bd28 in ossl_quic_sstream_get_final_size (qss=0x0, final_size=0x0) at ssl/quic/quic_sstream.c:273
1) 0x00007ffff7ef65bf in quic_validate_for_write (xso=0x5555555efcb0, err=0x7fffffffd5e0) at ssl/quic/quic_impl.c:2513
2) 0x00007ffff7ef8ae3 in ossl_quic_stream_reset (ssl=0x5555555efcb0, args=0x0, args_len=0) at ssl/quic/quic_impl.c:3657
3) 0x00007ffff7ebdaa6 in SSL_stream_reset (s=0x5555555efcb0, args=0x0, args_len=0) at ssl/ssl_lib.c:7635
4) 0x0000555555557527 in build_request_set (
req_list=0x55555555ebd0 "neil1.txt neil2.txt neil3.txt neil4.txt neil5.txt neil6.txt neil7.txt neil8.txt neil9.txt neil10.txt neil11.txt neil12.txt neil13.txt neil14.txt neil15.txt neil16.txt neil17.txt neil18.txt neil19.txt "..., ssl=0x5555555b6f80)
at demos/guide/quic-hq-interop.c:545
5) 0x00005555555587b2 in main (argc=4, argv=0x7fffffffe568) at demos/guide/quic-hq-interop.c:941
This occurs because:
1) When the stream FIN bit is set, the quic stack frees the underlying
stream structures immediately within the QUIC stack
and
2) when SSL_stream_reset is called, the call stack indicates we call
quic_validate_for_write, which attempts to access the
xso->stream->sstream QUIC_SSTREAM object, which was already freed in
(1)
The fix I think is pretty straightforward. On receipt of a STREAM frame
with a FIN bit set, the QUIC stack sets the QUIC_STREAM object state to
QUIC_SSTREAM_STATE_DATA_RECVD, which means we can use that state to
simply assert that the stream is valid for write, which allows it to be
reset properly.
Fixes #25410
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25910)
Tomas Mraz [Tue, 22 Oct 2024 12:25:24 +0000 (14:25 +0200)]
Adjustments for the on schedule workflows
Run them all after 02:00 UTC.
Add possibility to run them on workflow_dispatch.
Add branch 3.4 to the coveralls.yml.
Remove the branches from os-zoo.yml as it is
possible to run on them manually from workflow_dispatch.
Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25765)
Holger Dengler [Mon, 11 Nov 2024 10:29:12 +0000 (11:29 +0100)]
Fix memleaks in cmd_RecordPadding()
Free the internal copy of parameter `value` on each early
exit.
Fixes #25906
Signed-off-by: Holger Dengler <dengler@linux.ibm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25926)
Tomas Mraz [Mon, 11 Nov 2024 13:33:57 +0000 (14:33 +0100)]
txp_generate_stream_frames(): Set stream id in header early enough
Otherwise we will calculate an incorrect header
size for higher stream ids and won't fit the
frame into the packet.
Fixes #25417
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25928)
APPS/load_key_certs_crls(): refactor to clean up the code a little and add clarifying comments
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@devever.net>
(Merged from https://github.com/openssl/openssl/pull/22528)
openssl-pkeyutl.pod.in: improve description of -rawin and -digest options
Fixes #25827
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25831)
openssl-pkeyutl.pod.in: add that -sign is default op, update claim on hash needed for -sign/-verify, etc.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25831)
Matt Caswell [Wed, 6 Nov 2024 09:59:46 +0000 (09:59 +0000)]
Add a test for setting TLSv1.2 ciphersuites on a QUIC object
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25886)
Matt Caswell [Wed, 6 Nov 2024 09:53:11 +0000 (09:53 +0000)]
Don't complain with "no cipher match" for QUIC objects
Calling the functions SSL_CTX_set_cipher_list() or SSL_set_cipher_list() will
return the error "no cipher match" if no TLSv1.2 (or below) ciphers are enabled
after calling them. However this is normal behaviour for QUIC objects which do
not support TLSv1.2 ciphers. Therefore we should suppress that error in this
case.
Fixes #25878
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25886)
Matt Caswell [Tue, 5 Nov 2024 10:00:56 +0000 (10:00 +0000)]
Add a test for the new_session_cb from a QUIC object
Setting a new_session_cb should work for a QUIC object just as it does
with a normal TLS object.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25874)
Matt Caswell [Tue, 5 Nov 2024 09:12:35 +0000 (09:12 +0000)]
Make sure we use the correct SSL object when making a callback
When processing a callback within libssl that applies to TLS the original
SSL object may have been created for TLS directly, or for QUIC. When making
the callback we must make sure that we use the correct SSL object. In the
case of QUIC we must not use the internal only SSL object.
Fixes #25788
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25874)
Matt Caswell [Mon, 4 Nov 2024 15:16:18 +0000 (15:16 +0000)]
Keep hold of a reference to the user SSL in QUIC
In some cases a QUIC SSL_CONNECTION object needs to get hold of a reference
to the original SSL object as created by the user. We should keep a
reference to it.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25874)
Since some of the ctrl operations may return 0 as valid value
(e.g. ecdh_cofactor value 0 is valid setting), before colling
POST_PARAMS_TO_CTRL, we need to check return value for 0 as well
otherwise the evp_pkey_ctx_setget_params_to_ctrl function fails
without a chance to fix the return value
param->ctrl translation: Set ecdh_cofactor default action_type GET
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22587)
oleg.hoefling [Mon, 28 Oct 2024 08:23:59 +0000 (09:23 +0100)]
Adjust naming authority formatting when printing out admission extension
Indent namingAuthority section with two spaces to match the parent
node.
Signed-off-by: oleg.hoefling <oleg.hoefling@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25814)
Niels Dossche [Tue, 5 Nov 2024 15:11:56 +0000 (16:11 +0100)]
Fix memory leak on failure in copy_issuer()
When sk_GENERAL_NAME_reserve() fails, ialt is not freed.
Add the freeing operation in the common error path.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25876)
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25854)
Tomas Mraz [Fri, 1 Nov 2024 08:47:42 +0000 (09:47 +0100)]
interop-tests.yml: Update to Fedora 40 and fix provisioning breakage
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25847)
ArtSin [Mon, 4 Nov 2024 08:56:52 +0000 (12:56 +0400)]
Fix uses of `EVP_PKEY_Q_keygen` with `size_t` variadic argument
Fix cases where `int` argument was passed instead of `size_t`.
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25857)
Matt Caswell [Mon, 4 Nov 2024 09:00:32 +0000 (09:00 +0000)]
Fix the default_md example in the ca docs
We should not have an example showing the default_md as md5.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25856)
Todd Short [Thu, 31 Oct 2024 18:33:45 +0000 (14:33 -0400)]
Use correct alerts for some cert comp errors
Fixes #25471
Signed-off-by: Todd Short <todd.short@me.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25845)
APPS/pkeyutl: strengthen error message on too long sign/verify input
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22910)
APPS/pkeyutl: -digest implies -rawin and can only be used with -sign and -verify
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22910)
APPS/pkeyutl: improve -rawin usability (implied by Ed25519 and Ed448) and doc
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22910)
projects / thirdparty / openssl.git / log
