Commit graph

125 commits

Author SHA1 Message Date
Richard Levitte
8481434439 Link in passphrase-encoding(7) in relevant documentation
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6179)
2018-05-14 15:56:59 +02:00
Matt Caswell
9e064bc170 Provide documentation for the -psk_session option
The s_client/s_server docs were missing documentation for this option.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6215)
2018-05-11 13:47:13 +01:00
Matt Caswell
ecd4b8fe85 Fix some errors and missing info in the CMS docs
Fixes #5063

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6134)
2018-05-01 14:16:42 +01:00
Matt Caswell
bdb59d97a6 Fix documentation for the -showcerts s_client option
This option shows the certificates as sent by the server. It is not the
full verified chain.

Fixes #4933

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6067)
2018-04-25 10:50:54 +01:00
Kurt Roeckx
4b7c6385f7 Document supported digest functions
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6024)
2018-04-19 21:05:01 +02:00
Alois Mahdal
c190506cd8 Reflect special DEFAULT behavior in ciphers(1)
Actual behavior of DEFAULT is different than currently described.
Rather than actinf as cipher string, DEFAULT cannot be combined using
logical operators, etc.

Fixes #5420.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5428)
2018-04-19 15:34:49 +02:00
Richard Levitte
28428130db Update copyright year
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5990)
2018-04-17 15:18:40 +02:00
Richard Levitte
adaf3cfad2 openssl rehash: document -compat
Fixes #5902

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5937)
2018-04-12 15:34:58 +02:00
Matt Caswell
e65c959f1f Add a note and better error if using Ed25519/Ed448 in dgst
Fixes #5873

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5880)
2018-04-06 10:10:05 +01:00
Matt Caswell
77579510aa Update the genpkey documentation
Fixes #5739

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5800)
2018-04-05 15:44:43 +01:00
Matt Caswell
c4d3c19b4c Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5851)
2018-04-03 13:57:12 +01:00
Illya Gerasymchuk
d53df3d08f fix typo in x509 documentation
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5829)
2018-04-02 07:13:19 -04:00
Konstantin Shemyak
c4eec78d22 doc/man1/x509.pod: corrected "S/MIME signing" requirements
When the "certificate purpose" is checked and KeyUsage extension is present,
either 'digitalSignature' or 'nonRepudiation' is accepted.

Manual page corrected to reflect the above.

Signed-off-by: Konstantin Shemyak <konstantin@shemyak.com>

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5727)
2018-03-27 20:08:31 +02:00
Matt Caswell
ab0a3914a6 The default conv_form is uncompressed
Fixes #5711

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5712)
2018-03-21 19:58:54 +00:00
Matt Caswell
b0edda11cb Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5689)
2018-03-20 13:08:46 +00:00
Dr. Matthias St. Pierre
dd07e68b20 Fix miscellaneous typos in docs and source
- d2i_PKC8PrivateKey -> d2i_PKCS8PrivateKey
- bechmark -> benchmark
- ciperhsuite -> ciphersuite
- EncyptedPreMasterSecret -> EncryptedPreMasterSecret

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5570)
2018-03-17 18:24:03 +01:00
Matt Caswell
5af88441f4 Allow multiple entries without a Subject even if unique_subject == yes
It is quite likely for there to be multiple certificates with empty
subjects, which are still distinct because of subjectAltName. Therefore
we allow multiple certificates with an empty Subject even if
unique_subject is set to yes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5444)
2018-03-15 12:51:34 +00:00
Matt Caswell
9d2674cd23 Add documentation for TLSv1.3 ciphersuite configuration
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5392)
2018-03-14 10:15:50 +00:00
Viktor Dukhovni
3e3c7c3646 Implement multi-process OCSP responder.
With "-multi" the OCSP responder forks multiple child processes,
and respawns them as needed.  This can be used as a long-running
service, not just a demo program.  Therefore the index file is
automatically re-read when changed.  The responder also now optionally
times out client requests.

Reviewed-by: Matt Caswell <matt@openssl.org>
2018-03-07 11:03:43 -05:00
Alex Gaynor
ce3dcdc9fe Fix a typo in the s_client man page
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5525)
2018-03-06 13:20:18 -05:00
Alex Gaynor
24c346086d Fixed a typo in a man page
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5508)
2018-03-04 18:57:24 -05:00
Matt Caswell
a2eecb5d26 Update some documentation for X448/Ed448
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/5481)
2018-03-02 10:14:31 +00:00
Matt Caswell
0d66475908 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
2018-02-27 13:59:42 +00:00
Richard Levitte
6ab6deccd9 STORE: Add documentation on search criteria
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2688)
2018-02-23 07:40:42 +01:00
Richard Levitte
ce9586b98c STORE: Add documentation on expecting specific infos
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2688)
2018-02-23 07:40:42 +01:00
EasySec
405988f2cc Add support for PBKDF2 for enc command
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2083)
2018-02-21 12:36:21 +00:00
John Hughes
ebc0168384 Add BIO_bind function to bind local address for a socket.
Add -bind option to s_client application to allow specification of
local address for connection.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5272)
2018-02-19 22:58:37 +01:00
Dr. Matthias St. Pierre
856f231bd2 pkeyparam.pod: correct the command description
The description was probably copy&pasted from pkey.pod and forgotten.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5390)
2018-02-16 13:12:52 +01:00
Matt Caswell
6738bf1417 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
2018-02-13 13:59:25 +00:00
Todd Short
9d75dce3e1 Add TLSv1.3 post-handshake authentication (PHA)
Add SSL_verify_client_post_handshake() for servers to initiate PHA

Add SSL_force_post_handshake_auth() for clients that don't have certificates
initially configured, but use a certificate callback.

Update SSL_CTX_set_verify()/SSL_set_verify() mode:

* Add SSL_VERIFY_POST_HANDSHAKE to postpone client authentication until after
the initial handshake.

* Update SSL_VERIFY_CLIENT_ONCE now only sends out one CertRequest regardless
of when the certificate authentication takes place; either initial handshake,
re-negotiation, or post-handshake authentication.

Add 'RequestPostHandshake' and 'RequirePostHandshake' SSL_CONF options that
add the SSL_VERIFY_POST_HANDSHAKE to the 'Request' and 'Require' options

Add support to s_client:
* Enabled automatically when cert is configured
* Can be forced enabled via -force_pha

Add support to s_server:
* Use 'c' to invoke PHA in s_server
* Remove some dead code

Update documentation

Update unit tests:
* Illegal use of PHA extension
* TLSv1.3 certificate tests

DTLS and TLS behave ever-so-slightly differently. So, when DTLS1.3 is
implemented, it's PHA support state machine may need to be different.
Add a TODO and a #error

Update handshake context to deal with PHA.

The handshake context for TLSv1.3 post-handshake auth is up through the
ClientFinish message, plus the CertificateRequest message. Subsequent
Certificate, CertificateVerify, and Finish messages are based on this
handshake context (not the Certificate message per se, but it's included
after the hash). KeyUpdate, NewSessionTicket, and prior Certificate
Request messages are not included in post-handshake authentication.

After the ClientFinished message is processed, save off the digest state
for future post-handshake authentication. When post-handshake auth occurs,
copy over the saved handshake context into the "main" handshake digest.
This effectively discards the any KeyUpdate or NewSessionTicket messages
and any prior post-handshake authentication.

This, of course, assumes that the ID-22 did not mean to include any
previous post-handshake authentication into the new handshake transcript.
This is implied by section 4.4.1 that lists messages only up to the
first ClientFinished.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4964)
2018-02-01 17:07:56 +00:00
David Cooper
89623f8429 Make editorial changes suggested by Rich Salz and add the -rsigopt option to the man page for the ocsp command.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4190)
2018-01-24 18:30:31 +00:00
Benjamin Kaduk
272cc20b32 enc(1): document that AEAD is not and will not be supported
Note the reasons, including streaming output issues and key/iv/nonce
management issues.

Recommend the use of cms(1) instead.

Fixes #471.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/5048)
2018-01-19 10:24:01 -06:00
Richard Levitte
3c7d0945b6 Update copyright years on all files merged since Jan 1st 2018
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5038)
2018-01-09 05:49:01 +01:00
Patrick Steuer
c81c38cb27 Document OPENSSL_ENGINES environment variable
In man1/engine.pod and man3/ENGINE_add.pod

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4956)
2018-01-08 13:42:32 -05:00
Rich Salz
9422d45de2 Add fingerprint text, remove MD5
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4906)
2018-01-06 22:26:54 -05:00
Richard Levitte
bfa470a4f6 Add 'openssl req' option to specify extension values on command line
The idea is to be able to add extension value lines directly on the
command line instead of through the config file, for example:

    openssl req -new -extension 'subjectAltName = DNS:dom.ain, DNS:oth.er' \
                     -extension 'certificatePolicies = 1.2.3.4'

Fixes #3311

Thank you Jacob Hoffman-Andrews for the inspiration

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4986)
2017-12-28 16:07:58 +01:00
Sebastian Andrzej Siewior
cac19d19e7 rsa: Do not allow less than 512 bit RSA keys
As per documentation, the RSA keys should not be smaller than 64bit (the
documentation mentions something about a quirk in the prime generation
algorithm). I am adding check into the code which used to be 16 for some
reason.
My primary motivation is to get rid of the last sentence in the
documentation which suggest that typical keys have 1024 bits (instead
updating it to the now default 2048).
I *assume* that keys less than the 2048 bits (say 512) are used for
education purposes.
The 512 bits as the minimum have been suggested by Bernd Edlinger.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4547)
2017-12-11 12:53:07 +01:00
Paul Yang
05de3a5be9 Leave a message in doc to indicate 0 is not acceptable
[to be squashed]

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4767)
2017-12-08 12:48:18 +01:00
Rich Salz
40866074c2 Add link for more SECLEVEL info
Thanks to Michel Sales for the suggestion.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4849)
2017-12-05 10:53:45 -05:00
Patrick Steuer
64daf14d9c apps/speed.c: add -seconds and -bytes options
Add speed tool options to run cipher, digest and rand benchmarks for a
single buffer size specified by -bytes over a time interval specified
by -seconds.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4834)
2017-12-04 14:54:40 +01:00
Todd Short
e1c7871de8 Use ChaCha only if prioritized by clnt
IFF the client has ChaCha first, and server cipher priority is used,
and the new SSL_OP_PRIORITIZE_CHACHA_FOR_MOBILE option is used,
then reprioritize ChaCha above everything else. This way, A matching
ChaCha cipher will be selected if there is a match. If no ChaCha ciphers
match, then the other ciphers are used.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4436)
2017-11-30 07:13:08 +10:00
Paul Yang
665d899fa6 Support multi-prime RSA (RFC 8017)
* Introduce RSA_generate_multi_prime_key to generate multi-prime
  RSA private key. As well as the following functions:
    RSA_get_multi_prime_extra_count
    RSA_get0_multi_prime_factors
    RSA_get0_multi_prime_crt_params
    RSA_set0_multi_prime_params
    RSA_get_version
* Support EVP operations for multi-prime RSA
* Support ASN.1 operations for multi-prime RSA
* Support multi-prime check in RSA_check_key_ex
* Support multi-prime RSA in apps/genrsa and apps/speed
* Support multi-prime RSA manipulation functions
* Test cases and documentation are added
* CHANGES is updated

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4241)
2017-11-21 14:38:42 +08:00
Paul Yang
b000470873 Support public key and param check in EVP interface
EVP_PKEY_public_check() and EVP_PKEY_param_check()

Doc and test cases are added

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4647)
2017-11-20 07:20:30 +01:00
Piotr Czajka
47c07020b7 Typo fix
CLA: trivial

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4705)
2017-11-11 20:34:45 -05:00
Rich Salz
89a99cd589 Warn if -days without -x509
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4692)
2017-11-07 07:30:31 -05:00
Rich Salz
3f2181e6fa Additional name for all commands
Add openssl-foo as a name for the openssl "foo" command.
Addresses an issue found by a usability study to be published.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4553)
2017-10-18 15:33:56 -04:00
Paul Yang
8176431d59 Make '-name' option of the 's_client' more generic
And also make '-xmpphost' an alias of the '-name' option.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4524)
2017-10-16 15:32:24 -04:00
Patrick Steuer
65e6b9a423 apps/speed.c: add 'rand' algo to enable DRBG performance measurements.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4481)
2017-10-10 09:24:52 -04:00
Richard Levitte
f0b843c1f4 doc/man1/openssl.pod: Add missing commands and links
Fixes #4471 and more

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4472)
2017-10-06 10:44:35 +02:00
Paul Yang
2aee35d37d Support key check in EVP interface
A new method is added to EVP_PKEY_METH as:

    int (*check) (EVP_PKEY_CTX *ctx);

and to EVP_PKEY_ASN1_METHOD as:

    int (*pkey_check) (EVP_PKEY_CTX *ctx);

This is used to check the validity of a specific key.

The order of calls is:
EVP_PKEY_check -> pmeth.check -> ameth.pkey_check.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4337)
2017-09-13 20:38:14 +02:00