Commit graph

2360 commits

Author SHA1 Message Date
Matt Caswell
1913df4233 Update pkeyutl documentation about the digest option
DSA can accept other digests other than SHA1. EC ignores the digest option
altogether.

Fixes #8425

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8432)

(cherry picked from commit 6a6d9ecd1d)
2019-03-19 11:42:03 +00:00
A. Schulze
d38ef8c89e Fix two spelling errors
CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8447)

(cherry picked from commit 3dcbb6c4a3)
2019-03-10 21:01:52 +01:00
Bernd Edlinger
f1006f188c Update documentation of RSA_padding_check_PKCS1_OAEP_mgf1
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/8365)

(cherry picked from commit f0e4a860d0)
2019-03-07 23:00:42 +01:00
Bernd Edlinger
50788b8b36 Update documentation regarding required output buffer memory size
of RSA_private_decrypt/RSA_public_encrypt.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/8365)

(cherry picked from commit b89fdeb2f7)
2019-03-07 22:54:31 +01:00
Matt Caswell
f7a6d1122b Update ChaCha20-Poly1305 documentation
Correctly describe the maximum IV length.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8406)

(cherry picked from commit 27d5631236)
2019-03-06 13:30:39 +00:00
Nicola Tuveri
4045f68837 Fix trivial typo in EVP_DigestVerifyInit doc
(cherry picked from commit b3883f77df)

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8319)
2019-02-26 17:54:08 +02:00
Matt Caswell
ab874dfd3e Clarify that SSL_shutdown() must not be called after a fatal error
Follow on from CVE-2019-1559

Reviewed-by: Richard Levitte <levitte@openssl.org>
2019-02-26 14:12:48 +00:00
Matt Caswell
72a7a7021f Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8347)
2019-02-26 14:05:09 +00:00
Paul Yang
d600f3d34c Fix a grammar nit in CRYPTO_get_ex_new_index.pod
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8303)

(cherry picked from commit 84712024da)
2019-02-22 14:29:01 +08:00
Hubert Kario
143ee7b673 SSL_CONF_cmd: fix doc for NoRenegotiation
The option is a flag for Options, not a standalone setting.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8292)

(cherry picked from commit 4ac5e43da6)
2019-02-21 09:26:20 +00:00
Ionut Mihalcea
70fa3aa108 Don't set SNI by default if hostname is not dNS name
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8175)

(cherry picked from commit 8e981051ce)
2019-02-19 17:35:52 +00:00
Vedran Miletić
5cd8faed79 Add missing dots in dgst man page
CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
GH: #8142
(cherry picked from commit e3ac365489)
2019-02-17 23:47:30 +01:00
Jan Macku
a9b9d2654b Fixed typo
CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
GH: #8121
(cherry picked from commit 7068026232)
2019-02-17 23:44:36 +01:00
Matt Caswell
37857e9b52 Don't signal SSL_CB_HANDSHAKE_START for TLSv1.3 post-handshake messages
The original 1.1.1 design was to use SSL_CB_HANDSHAKE_START and
SSL_CB_HANDSHAKE_DONE to signal start/end of a post-handshake message
exchange in TLSv1.3. Unfortunately experience has shown that this confuses
some applications who mistake it for a TLSv1.2 renegotiation. This means
that KeyUpdate messages are not handled properly.

This commit removes the use of SSL_CB_HANDSHAKE_START and
SSL_CB_HANDSHAKE_DONE to signal the start/end of a post-handshake
message exchange. Individual post-handshake messages are still signalled in
the normal way.

This is a potentially breaking change if there are any applications already
written that expect to see these TLSv1.3 events. However, without it,
KeyUpdate is not currently usable for many applications.

Fixes #8069

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8096)

(cherry picked from commit 4af5836b55)
2019-02-14 16:25:44 +00:00
Tomas Mraz
95f59d398c Allow the syntax of the .include directive to optionally have '='
If the old openssl versions not supporting the .include directive
load a config file with it, they will bail out with error.

This change allows using the .include = <filename> syntax which
is interpreted as variable assignment by the old openssl
config file parser.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8141)

(cherry picked from commit 9d5560331d)
2019-02-11 15:25:00 +01:00
Todd Short
25ca718150 Update d2i_PrivateKey documentation
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8168)

(cherry picked from commit 1980ce45d6)
2019-02-08 10:04:13 +00:00
Matt Caswell
e1cce612a6 Make OPENSSL_malloc_init() a no-op
Making this a no-op removes a potential infinite loop than can occur in
some situations.

Fixes #2865

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8167)

(cherry picked from commit ef45aa14c5)
2019-02-07 14:25:38 +00:00
Sam Roberts
3b09585bd6 Remove unnecessary trailing whitespace
Trim trailing whitespace. It doesn't match OpenSSL coding standards,
AFAICT, and it can cause problems with git tooling.

Trailing whitespace remains in test data and external source.

Backport-of: https://github.com/openssl/openssl/pull/8092

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8134)
2019-02-05 16:29:17 +01:00
Sam Roberts
00f2bafec1 Make some simple getters take const SSL/SSL_CTX
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8145)

(cherry picked from commit 3499327bad)
2019-02-05 13:58:24 +00:00
Michael Tuexen
243ff51cc6 Fix end-point shared secret for DTLS/SCTP
When computing the end-point shared secret, don't take the
terminating NULL character into account.
Please note that this fix breaks interoperability with older
versions of OpenSSL, which are not fixed.

Fixes #7956

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7957)

(cherry picked from commit 09d62b336d)
2019-02-01 12:03:43 +00:00
Matt Caswell
fea9f34a2e Complain if -twopass is used incorrectly
The option -twopass to the pkcs12 app is ignored if -passin, -passout
or -password is used. We should complain if an attempt is made to use
it in combination with those options.

Fixes #8107

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8114)

(cherry picked from commit 40b64553f5)
2019-01-30 15:44:12 +00:00
Michael Richardson
2d190d646c clarify which functions are the CMS functions which must have CMS_PARTIAL set
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7960)

(cherry picked from commit 61e033308b)
2019-01-27 12:25:53 +00:00
Tomas Mraz
b62ef4e137 Remove stray -modulus option from the ec manual page.
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8082)

(cherry picked from commit d7bcbfd082)
2019-01-27 11:57:59 +00:00
Viktor Dukhovni
25eb9299ce More configurable crypto and ssl library initialization
1.  In addition to overriding the default application name,
    one can now also override the configuration file name
    and flags passed to CONF_modules_load_file().

2.  By default we still keep going when configuration file
    processing fails.  But, applications that want to be
    strict about initialization errors can now make explicit
    flag choices via non-null OPENSSL_INIT_SETTINGS that omit
    the CONF_MFLAGS_IGNORE_RETURN_CODES flag (which had so far
    been both undocumented and unused).

3.  In OPENSSL_init_ssl() do not request OPENSSL_INIT_LOAD_CONFIG
    if the options already include OPENSSL_INIT_NO_LOAD_CONFIG.

4.  Don't set up atexit() handlers when called with opts equal to
    OPENSSL_INIT_BASE_ONLY (this flag should only be used alone).

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7969)
2019-01-07 13:53:52 -05:00
Dr. Matthias St. Pierre
053aedf153 doc/man1/x509.pod: fix typo
This looks like a copy&paste error from req.pod to x509.pod.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7995)

(cherry picked from commit 67ee899cb5)
2019-01-07 06:38:52 +01:00
Matt Caswell
c2b3db2454 Implement OPENSSL_INIT_NO_ATEXIT
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7983)
2019-01-04 20:23:16 +00:00
Behrang
30e35ee1d5 Fixed minor typo in the req.pod docs
CLA: Trivial

Fixes #7928.

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7973)

(cherry picked from commit 005247af76)
2018-12-29 11:19:34 +08:00
Michael Richardson
d0afc7bffa fixed grammar typo
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7959)

(cherry picked from commit fff1470cda)
2018-12-27 23:07:19 +01:00
Shreya Bhandare
92791b972c EVP_PKEY_size declared to take a const parameter
CLA: trivial
Function EVP_PKEY_size has been modified to take a const parameter

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7892)

(cherry picked from commit 47ec2367eb)
2018-12-23 00:27:23 +01:00
Christian Heimes
bb157fd142 Fix function names in ct(7) documentation
The correct function name is SSL_CTX_enable_ct, not SSL_CTX_ct_enable.

Signed-off-by: Christian Heimes <christian@python.org>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7916)

(cherry picked from commit 6f8b858d05)
2018-12-19 19:01:45 +01:00
Dr. Matthias St. Pierre
df75c2bfcd man: harmonize the various formulations in the HISTORY sections
While stereotyped repetitions are frowned upon in literature, they
serve a useful purpose in manual pages, because it is easier for
the user to find certain information if it is always presented in
the same way. For that reason, this commit harmonizes the varying
formulations in the HISTORY section about which functions, flags,
etc. were added in which OpenSSL version.

It also attempts to make the pod files more grep friendly by
avoiding to insert line breaks between the symbol names and the
corresponding version number in which they were introduced
(wherever possible). Some punctuation and typographical errors
were fixed on the way.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7854)
2018-12-15 22:45:39 +01:00
Dr. Matthias St. Pierre
ca34e08df9 doc/man3: remove copy&paste leftover
Fixes #7883

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7884)

(cherry picked from commit 00eb879f74)
2018-12-12 20:02:50 +01:00
Jakub Jelen
6b5025d9e9 Use the correct function name
CLA: trivial

Signed-off-by: Jakub Jelen <jjelen@redhat.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7887)

(cherry picked from commit 829800b073)
2018-12-12 12:29:51 +01:00
Tobias Stoeckmann
03c8a0987a Fixed typo (vi leftover).
There was a trailing :w at a line, which didn't make sense in context
of the sentence/styling. Removed it, because I think it's a leftover
vi command.

CLA: trivial
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7875)

(cherry picked from commit 143b631639)
2018-12-12 10:37:29 +01:00
Matt Caswell
23abea6307 Document the num_tickets s_server option
Fixes #7727

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7756)

(cherry picked from commit 7ffb7fbe8c)
2018-12-10 11:13:44 +00:00
FdaSilvaYY
deab38a463 Doc: fix reference to deprecated methods.
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7705)

(cherry picked from commit 56bc3ea0a4)
2018-12-07 09:02:16 +01:00
Matt Caswell
db860ea3dc Fix some SSL_export_keying_material() issues
Fix some issues in tls13_hkdf_expand() which impact the above function
for TLSv1.3. In particular test that we can use the maximum label length
in TLSv1.3.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7755)

(cherry picked from commit 0fb2815b87)
2018-12-05 10:59:08 +00:00
Richard Levitte
2561eeb6b9 Docs fixup: some man3 pages had unindented code in SYNOPSIS
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7744)

(cherry picked from commit 7b4a3515a4)
2018-12-03 11:48:48 +01:00
Andy Polyakov
db1b63f45c rsa/rsa_pk1.c: remove memcpy calls from RSA_padding_check_PKCS1_type_2.
And make RSAErr call unconditional.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit e875b0cf2f)
2018-11-30 12:51:58 +00:00
Matt Caswell
7c6d372aff Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7669)
2018-11-20 13:27:36 +00:00
Viktor Dukhovni
45f247258a Added missing signature algorithm reflection functions
SSL_get_signature_nid()      -- local signature algorithm
    SSL_get_signature_type_nid() -- local signature algorithm key type
    SSL_get_peer_tmp_key()       -- Peer key-exchange public key
    SSL_get_tmp_key              -- local key exchange public key

Aliased pre-existing SSL_get_server_tmp_key(), which was formerly
just for clients, to SSL_get_peer_tmp_key().  Changed internal
calls to use the new name.

Reviewed-by: Matt Caswell <matt@openssl.org>
2018-11-12 16:53:32 -05:00
Matt Caswell
44197e961a Merge the CA list documentation for clarity
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7503)

(cherry picked from commit 6e68dae85a)
2018-11-12 14:38:47 +00:00
Matt Caswell
b4970e8bf5 Separate ca_names handling for client and server
SSL(_CTX)?_set_client_CA_list() was a server side only function in 1.1.0.
If it was called on the client side then it was ignored. In 1.1.1 it now
makes sense to have a CA list defined for both client and server (the
client now sends it the the TLSv1.3 certificate_authorities extension).
Unfortunately some applications were using the same SSL_CTX for both
clients and servers and this resulted in some client ClientHellos being
excessively large due to the number of certificate authorities being sent.

This commit seperates out the CA list updated by
SSL(_CTX)?_set_client_CA_list() and the more generic
SSL(_CTX)?_set0_CA_list(). This means that SSL(_CTX)?_set_client_CA_list()
still has no effect on the client side. If both CA lists are set then
SSL(_CTX)?_set_client_CA_list() takes priority.

Fixes #7411

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7503)

(cherry picked from commit 9873297900)
2018-11-12 14:38:47 +00:00
Paul Yang
0178459aa1 Fix a doc-nit in EVP_PKEY_CTX_ctrl.pod
[skip-ci]

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7546)

(cherry picked from commit e5a8712d03)
2018-11-09 12:54:18 +08:00
Matt Caswell
efd67e01a5 Give a better error if an attempt is made to set a zero length groups list
Previously we indicated this as a malloc failure which isn't very
helpful.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/7479)

(cherry picked from commit 680bd131b6)
2018-11-08 11:31:22 +00:00
Richard Levitte
b33e7698b8 apps: Stop pretending to care about Netscape keys
The documentation says some commands care, but the code says differently.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7440)

(cherry picked from commit d91d443f0d)
2018-11-02 10:59:17 +01:00
Antoine Salon
8710396980 EVP module documentation pass
Replace ECDH_KDF_X9_62() with internal ecdh_KDF_X9_63()

Signed-off-by: Antoine Salon <asalon@vmware.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/7345)

(cherry picked from commit ffd89124bd)
2018-10-17 13:31:59 +03:00
Paul Yang
a53561e822 Fix compiling warnings in example code
The example code in EVP_DigestInit.pod generates warnings if users try
to compile it.

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7362)

(cherry picked from commit 19ac1bf2de)
2018-10-11 11:22:14 +08:00
Benjamin Kaduk
a7ee1ef61b apps: allow empty attribute values with -subj
Historically (i.e., OpenSSL 1.0.x), the openssl applications would
allow for empty subject attributes to be passed via the -subj argument,
e.g., `opensl req -subj '/CN=joe/O=/OU=local' ...`.  Commit
db4c08f019 applied a badly needed rewrite
to the parse_name() helper function that parses these strings, but
in the process dropped a check that would skip attributes with no
associated value.  As a result, such strings are now treated as
hard errors and the operation fails.

Restore the check to skip empty attribute values and restore
the historical behavior.

Document the behavior for empty subject attribute values in the
corresponding applications' manual pages.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7349)

(cherry picked from commit 3d362f1903)
2018-10-08 16:41:33 -05:00
Ԝеѕ
521738e990 Cleanup typos and grammar in DES_random_key.pod
CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7356)

(cherry picked from commit 4fef4981f8)
2018-10-08 09:10:26 +02:00