Commit graph

834 commits

Author SHA1 Message Date
Matt Caswell
13735cfef6 Integrate X448 and Ed448 into libcrypto
This adds all of the relevant EVP plumbing required to make
X448 and Ed448 work.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/5481)
2018-03-02 10:14:31 +00:00
Matt Caswell
0d66475908 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
2018-02-27 13:59:42 +00:00
Pavel Kopyl
abcf241114 X509V3_EXT_add_nconf_sk, X509v3_add_ext: fix errors handling
X509v3_add_ext: free 'sk' if the memory pointed to by it
was malloc-ed inside this function.
X509V3_EXT_add_nconf_sk: return an error if X509v3_add_ext() fails.
This prevents use of a freed memory in do_body:sk_X509_EXTENSION_num().

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4698)
2018-02-21 12:18:48 +00:00
Richard Levitte
3c7d0945b6 Update copyright years on all files merged since Jan 1st 2018
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5038)
2018-01-09 05:49:01 +01:00
Dmitry Belyavskiy
40cea0a457 NUMERICSTRING support
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5036)
2018-01-08 11:30:55 -05:00
Bernd Edlinger
ae880ae671 Fix error handling in X509_REQ_print_ex
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5025)
2018-01-06 15:22:34 +01:00
Rich Salz
7838b41333 Rewrite RT3513.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5011)
2018-01-04 13:55:15 -05:00
Rich Salz
cbe2964821 Consistent formatting for sizeof(foo)
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4872)
2017-12-07 19:11:49 -05:00
Richard Levitte
be63fc1223 Add padding spaces before printing signature algorithm for CRLs output
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4746)
2017-11-16 01:19:55 +01:00
Yutian Li
e6cccb5f05 Add padding spaces before printing algo.
CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Rich Salz <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1513)
2017-11-16 01:00:06 +01:00
Rich Salz
4ff71d6740 Revert "Add padding spaces before printing algo."
Some test files need to be updated.
This reverts commit 26a374a271.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4745)
2017-11-15 18:26:22 -05:00
Yutian Li
26a374a271 Add padding spaces before printing algo.
CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Rich Salz <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1513)
2017-11-15 17:11:50 -05:00
Pavel Kopyl
157997f0c0 Fix error handling in i2d* functions.
CLA: trivial

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4600)
2017-11-03 15:46:51 +01:00
KaoruToda
26a7d938c9 Remove parentheses of return.
Since return is inconsistent, I removed unnecessary parentheses and
unified them.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4541)
2017-10-18 16:05:06 +01:00
KaoruToda
208fb891e3 Since return is inconsistent, I removed unnecessary parentheses and
unified them.
- return (0); -> return 0;
- return (1); -> return 1;
- return (-1); -> return -1;

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4500)
2017-10-09 13:17:09 +01:00
Pauli
f32b0abe26 Remove unnecessary #include <openssl/lhash.h> directives.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4431)
2017-09-29 07:38:56 +10:00
Pauli
1f5e0f9280 Use safestack.h exclusively internally.
Remove all stack headers from some includes that don't use them.

Avoid a genearic untyped stack use.

Update stack POD file to include the OPENSSL_sk_ API functions in the notes
section.  They were mentioned in the name section but not defined anywhere.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4430)
2017-09-28 13:14:33 +10:00
David Benjamin
8545051c36 Guard against DoS in name constraints handling.
This guards against the name constraints check consuming large amounts
of CPU time when certificates in the presented chain contain an
excessive number of names (specifically subject email names or subject
alternative DNS names) and/or name constraints.

Name constraints checking compares the names presented in a certificate
against the name constraints included in a certificate higher up in the
chain using two nested for loops.

Move the name constraints check so that it happens after signature
verification so peers cannot exploit this using a chain with invalid
signatures. Also impose a hard limit on the number of name constraints
check loop iterations to further mitigate the issue.

Thanks to NCC for finding this issue. Fix written by Martin Kreichgauer.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4393)
2017-09-22 22:00:55 +02:00
Pauli
53a73768a7 Avoid signed vs unsigned comparison error.
Introduced by #4372

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4374)
2017-09-15 09:05:43 +10:00
Pauli
6ffaf15d23 Remote unrequited casts
Also use strndup instead of a malloc/memcpy pair.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4372)
2017-09-15 07:52:32 +10:00
Pauli
582e2ed271 Revert "Reuse strndup(), simplify code"
This reverts commit 1caaea1338.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4357)
2017-09-14 10:26:54 +10:00
Rich Salz
180794c54e Fix error handling/cleanup
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4326)
2017-09-07 16:01:07 -04:00
Pauli
07016a8a31 Move e_os.h to be the very first include.
cryptilib.h is the second.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)
2017-08-30 07:20:44 +10:00
Pauli
cd420b0b1f Move the REF_PRINT support from e_os.h to internal/refcount.h.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)
2017-08-30 07:20:44 +10:00
Pauli
677963e5a4 e_os.h removal from other headers and source files.
Removed e_os.h from all bar three headers (apps/apps.h crypto/bio/bio_lcl.h and
ssl/ssl_locl.h).

Added e_os.h into the files that need it now.

Directly reference internal/nelem.h when required.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)
2017-08-30 07:20:43 +10:00
Richard Levitte
b379fe6cd0 NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard
This is a vestige from pre-1.1.0 OpenSSL

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4256)
2017-08-25 15:50:59 +02:00
Rich Salz
176db6dc51 Use "" not <> for internal/ includes
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4217)
2017-08-22 09:54:20 -04:00
Pauli
a1df06b363 This has been added to avoid the situation where some host ctype.h functions
return true for characters > 127.  I.e. they are allowing extended ASCII
characters through which then cause problems.  E.g. marking superscript '2' as
a number then causes the common (ch - '0') conversion to number to fail
miserably.  Likewise letters with diacritical marks can also cause problems.

If a non-ASCII character set is being used (currently only EBCDIC), it is
adjusted for.

The implementation uses a single table with a bit for each of the defined
classes.  These functions accept an int argument and fail for
values out of range or for characters outside of the ASCII set.  They will
work for both signed and unsigned character inputs.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4102)
2017-08-22 09:45:25 +10:00
Matt Caswell
888098304b More updates following review feedback
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3740)
2017-08-21 08:44:44 +01:00
Matt Caswell
24664a3bf5 Remove OPENSSL_assert() from crypto/x509
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3740)
2017-08-21 08:44:44 +01:00
Bernd Edlinger
db854bb14a Avoid surpising password dialog in X509 file lookup.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4111)
2017-08-07 18:02:53 +02:00
Pauli
a2371fa933 Trivial bounds checking.
Bounds checking strpy, strcat and sprintf.
These are the remaining easy ones to cover a recently removed commit.
Some are trivial, some have been modified and a couple left as they are because the reverted change didn't bounds check properly.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3871)
2017-07-07 15:45:55 +10:00
Rich Salz
0904e79a6e Undo commit d420ac2
[extended tests]

Original text:
    Use BUF_strlcpy() instead of strcpy().
    Use BUF_strlcat() instead of strcat().
    Use BIO_snprintf() instead of sprintf().
    In some cases, keep better track of buffer lengths.
    This is part of a large change submitted by Markus Friedl <markus@openbsd.org>

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3701)
2017-07-05 11:32:35 +10:00
Dr. Stephen Henson
d2916a5b29 Use EVP_PKEY_X25519, EVP_PKEY_ED25519 instead of NIDs where appropriate.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3585)
2017-06-21 14:11:01 +01:00
Dr. Stephen Henson
d3c094ca71 Recognise Ed25519 in X509_certificate_type
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3585)
2017-06-21 14:11:01 +01:00
Rich Salz
a020f54c25 Remove needless type casting.
CLA: trivial

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3627)
2017-06-10 15:25:56 -04:00
Rich Salz
52df25cf2e make error tables const and separate header file
Run perltidy on util/mkerr
Change some mkerr flags, write some doc comments
Make generated tables "const" when genearting lib-internal ones.
Add "state" file for mkerr
Renerate error tables and headers
Rationalize declaration of ERR_load_XXX_strings
Fix out-of-tree build
Add -static; sort flags/vars for options.
Also tweak code output
Moved engines/afalg to engines (from master)
Use -static flag
Standard engine #include's of errors
Don't linewrap err string tables unless necessary

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3392)
2017-06-07 15:12:03 -04:00
Dr. Stephen Henson
c3c8823c87 Use X509_get_signature_info() when checking security levels.
Make signature security level checking more flexible by using
X509_get_signaure_info(): some signature methods (e.g. PSS, ED25519)
do not indicate the signing digest (if any) in the signature OID.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3301)
2017-04-25 22:12:34 +01:00
Dr. Stephen Henson
786dd2c22c Add support for custom signature parameters
Many signature types define the digest and public key type by a single OID
such as ecdsa_with_sha256.

Some types (RSA-PSS for example) use a single OID to indicate the signature
scheme and additional parameters are encoded in the AlgorithmIdentifier.

Add an X509_SIG_INFO structure to contain details about the signature type:
specifically the digest algorithm, public key algorithm, security bits and
various flags. This supports both existing algorithms and more complex
types.

Add accessors for the structure and a special case that retrieves signature
information from a certificate.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3301)
2017-04-25 22:12:34 +01:00
Dmitry Belyavskiy
b5c4209be9 Switch command-line utils to new nameopt API.
The CA names should be printed according to user's decision
print_name instead of set of BIO_printf
dump_cert_text instead of set of BIO_printf
Testing cyrillic output of X509_CRL_print_ex
Write and use X509_CRL_print_ex
Reduce usage of X509_NAME_online
Using X509_REQ_print_ex instead of X509_REQ_print
Fix nameopt processing.
Make dump_cert_text nameopt-friendly
Move nameopt getter/setter to apps/apps.c

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3262)
2017-04-25 12:37:17 -04:00
Rich Salz
c0452248ea Ignore dups in X509_STORE_add_*
X509_STORE_add_cert and X509_STORE_add_crl are changed to return
success if the object to be added was already found in the store, rather
than returning an error.

Raise errors if empty or malformed files are read when loading certificates
and CRLs.

Remove NULL checks and allow a segv to occur.
Add error handing for all calls to X509_STORE_add_c{ert|tl}

Refactor these two routines into one.

Bring the unit test for duplicate certificates up to date using the test
framework.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2830)
2017-04-20 15:33:42 -04:00
Todd Short
3bb0f989b5 OCSP Updates: error codes and multiple certificates
RT3877: Add X509 OCSP error codes and messages
Add additional OCSP error codes for X509 verify usage

RT3867: Support Multiple CA certs in ocsp app
Add the ability to read multiple CA certs from a single file in the
ocsp app.

Update some missing X509 errors in documentation.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/941)
2017-04-12 14:41:10 -04:00
David Benjamin
b6ef12c4ba Remove duplicate X509_OBJECT free function.
These two functions do the same thing.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3001)
2017-03-21 10:17:19 +00:00
Emilia Kasper
80770da39e X509 time: tighten validation per RFC 5280
- Reject fractional seconds
- Reject offsets
- Check that the date/time digits are in valid range.
- Add documentation for X509_cmp_time

GH issue 2620

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-02-24 17:37:08 +01:00
Bernd Edlinger
01b76c2c5d Add -Wundef to --strict-warnings options.
Avoid a -Wundef warning in refcount.h
Avoid a -Wundef warning in o_str.c
Avoid a -Wundef warning in testutil.h
Include internal/cryptlib.h before openssl/stack.h
to avoid use of undefined symbol OPENSSL_API_COMPAT.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2712)
2017-02-24 09:21:59 +01:00
Bernd Edlinger
83b4049ab7 Combined patch against master branch for the following issues:
Fixed a memory leak in ASN1_digest and ASN1_item_digest.
Reworked error handling in asn1_item_embed_new.
Fixed error handling in int_ctx_new and EVP_PKEY_CTX_dup.
Fixed a memory leak in CRYPTO_free_ex_data.
Reworked error handing in x509_name_ex_d2i, x509_name_encode and x509_name_canon.
Check for null pointer in tls_process_cert_verify.

Fixes #2103 #2104 #2105 #2109 #2111 #2115

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2342)
2017-02-03 20:39:52 +01:00
Richard Levitte
6195848b2e X509_CRL_digest() - ensure precomputed sha1 hash before returning it
X509_CRL_digest() didn't check if the precomputed sha1 hash was actually
present.  This also makes sure there's an appropriate flag to check.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2314)
2017-01-28 20:07:04 +01:00
FdaSilvaYY
d2a5699998 Few nit's
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1618)
2017-01-25 09:06:34 +00:00
Kurt Roeckx
c4a6015091 Add missing braces.
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #2234
2017-01-16 04:50:12 +01:00
Kurt Roeckx
c2ce477f1f Fix undefined behaviour when printing the X509 and CRL version
Found by oss-fuzz

Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2231
2017-01-15 22:21:08 +01:00