Commit graph

1704 commits

Author SHA1 Message Date
Arne Schwabe
c04b66b18d Change SSL parameter SSL_session_reused const
This function only returns a status and does not modify the parameter.
Since similar function are already taking const parameters, also
change this function to have a const parameter.

Fixes #8934

CLA: trivial
Signed-off-by: Arne Schwabe <arne@rfc2549.org>

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8945)
2019-05-21 09:58:50 +10:00
Richard Levitte
538f38db50 Clear CRMF vs CMP confusion
In the development of the CRMF sub-system, there seems to have been
some confusion as to what configuration option should be used.
'no-crmf' was added, but the C macro guards were using OPENSSL_NO_CMP
rather than OPENSSL_NO_CRMF...

In fact, we want 'no-cmp', but since the CRMF code is part of CMP, we
need 'no-crmf' to depend on 'no-cmp'.  We do this by making 'crmf' a
silent "option" that get affected by 'cmp' by way of %disable_cascades.
This allows options to be "aliases" for a set of other ones, silent or
not.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8897)
2019-05-20 16:19:00 +02:00
Shane Lontis
8bbeaaa4fc Added X963KDF API
X963 KDF is used for CMS ec keyagree Recipient Info.
The X963 KDF that is used by CMS EC Key Agreement has been moved
into a EVP_KDF object. This KDF is almost identical to the the SSKDF
hash variant, so it has been implemented inside the SSKDF code with
its own method table.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8902)
2019-05-16 11:43:41 +10:00
Richard Levitte
2e49c05472 EVP_FETCH: deal with names without pre-defined NIDs
We didn't deal very well with names that didn't have pre-defined NIDs,
as the NID zero travelled through the full process and resulted in an
inaccessible method.  By consequence, we need to refactor the method
construction callbacks to rely more on algorithm names.

We must, however, still store the legacy NID with the method, for the
sake of other code that depend on it (for example, CMS).

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8878)
2019-05-12 13:43:38 -07:00
Richard Levitte
f2182a4e6f Create internal number<->name mapping API
This can be used as a general name to identity map.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8878)
2019-05-12 13:43:38 -07:00
Shane Lontis
7eeefcd841 Fixed 32bit issue for kdf_opts
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8901)
2019-05-09 15:27:24 +10:00
Richard Levitte
5c3f1e34b5 ossl_bsearch(): New generic internal binary search utility function
OBJ_bsearch_ and OBJ_bsearch_ex_ are generic functions that don't
really belong with the OBJ API, but should rather be generic utility
functions.  The ending underscore indicates that they are considered
internal, even though they are declared publicly.

Since crypto/stack/stack.c uses OBJ_bsearch_ex_, the stack API ends up
depending on the OBJ API, which is unnecessary, and carries along
other dependencies.

Therefor, a generic internal function is created, ossl_bsearch().
This removes the unecessary dependencies.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8899)
2019-05-08 16:17:16 +02:00
Pauli
a05bf83c79 Coverity CID 1444960: Error handling issues
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
2019-05-08 09:52:58 +10:00
Boris Pismenny
7c3a7561b5 ssl: Add SSL_sendfile
This commit adds the SSL_sendfile call, which allows KTLS sockets to
transmit file using zero-copy semantics.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8727)
2019-05-07 14:24:16 +01:00
Boris Pismenny
72fb59c721 Linux ktls sendfile
This commit introduces support for Linux KTLS sendfile.
Sendfile semantics require the use of a kernel TLS socket to construct the TLS
record headers, encrypt and authenticate the data.
KTLS sendfile improves performance by avoiding the copy of file data into user
space, which is required today.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8727)
2019-05-07 14:24:16 +01:00
Shane Lontis
ff8029c189 Added generated files for EVP_KDF changes
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8808)
2019-05-03 17:52:50 +02:00
Shane Lontis
d2ba812343 Added EVP_KDF (similiar to the EVP_MAC)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8808)
2019-05-03 17:52:50 +02:00
Matt Caswell
1aedc35fd6 Instead of global data store it in an OPENSSL_CTX
Various core and property related code files used global data. We should
store all of that in an OPENSSL_CTX instead.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-02 22:42:09 +01:00
Matt Caswell
b8fe36fee0 Add support for openssl_ctx_run_once and openssl_ctx_onfree
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8857)
2019-05-02 22:42:09 +01:00
Pauli
39147079fc Structure alignment macro.
Introduce a macro that allows all structure alignment tricks to be rolled up
into a single place.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8845)
2019-05-01 08:37:11 +10:00
Richard Levitte
a39eb84006 Replumbing: give the possibility for the provider to create a context
OSSL_provider_init() gets another output parameter, holding a pointer
to a provider side context.  It's entirely up to the provider to
define the context and what it's being used for.  This pointer is
passed back to other provider functions, typically the provider global
get_params and set_params functions, and also the diverse algorithm
context creators, and of course, the teardown function.

With this, a provider can be instantiated more than once, or be
re-loaded as the case may be, while maintaining instance state.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8848)
2019-04-30 15:34:23 +02:00
Richard Levitte
f79858ac4d Replumbing: make the oneshot proider cipher function like the others
The OP_cipher_final function takes a return output size and an output
buffer size argument.  The oneshot OP_cipher_cipher function should do
the same.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8849)
2019-04-30 15:30:30 +02:00
Matt Caswell
3119ab3c9e Fix error in BIO_get_ktls_send() and BIO_get_ktls_recv()
If we were using a different type of BIO than a socket BIO then
BIO_get_ktls_send() and BIO_get_ktls_recv() could return the wrong
result.

The above occurred even if KTLS was disabled at compile time - so we should
additionally ensure that those macros do nothing if KTLS is disabled.

Finally we make the logic in ssl3_get_record() a little more robust when
KTLS has been disabled.

[extended tests]

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8793)
2019-04-25 13:02:52 +01:00
Matt Caswell
8450d0c784 Fix KTLS compilation error
If the kernel headers are sufficiently recent to have KTLS transmit
support, but not recent enough to have KTLS receive support then a
compilation error would be the result.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8793)
2019-04-25 13:02:52 +01:00
Richard Levitte
0109e030db Add a way for the application to get OpenSSL configuration data
OpenSSL_version(OPENSSL_DIR) gives you a nicely formatted string for
display, but if all you really want is the directory itself, you were
forced to parsed the string.

This introduces a new function to get diverse configuration data from
the library, OPENSSL_info().  This works the same way as
OpenSSL_version(), but has its own series of types, currently
including:

OPENSSL_INFO_CONFIG_DIR         returns OPENSSLDIR
OPENSSL_INFO_ENGINES_DIR        returns ENGINESDIR
OPENSSL_INFO_MODULES_DIR        returns MODULESDIR
OPENSSL_INFO_DSO_EXTENSION      returns DSO_EXTENSION

OPENSSL_INFO_DIR_FILENAME_SEPARATOR     returns directory/filename separator
OPENSSL_INFO_LIST_SEPARATOR             returns list separator

For scripting purposes, this also adds the command 'openssl info'.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8709)
2019-04-23 15:51:39 +02:00
Richard Levitte
47ca833835 Add the possibility to display and use MODULESDIR
This adds the flag OPENSSL_MODULES_DIR for OpenSSL_version(), and the
flag '-m' for 'openssl version'.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8709)
2019-04-23 15:50:35 +02:00
Matt Caswell
6caf7f3aec Create provider errors and use them
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8700)
2019-04-19 09:31:54 +01:00
Matt Caswell
3b94944cf2 Add a maximum output length to update and final calls
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8700)
2019-04-19 09:31:54 +01:00
Matt Caswell
344cfa34e5 Add iv length and key length params to the cipher init calls
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8700)
2019-04-19 09:31:54 +01:00
Matt Caswell
718b133a53 Implement AES CBC ciphers in the default provider
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8700)
2019-04-19 09:31:54 +01:00
Matt Caswell
df05f2ce6d Make EVP_Encrypt*/EVP_Decrypt* and EVP_Cipher* provider aware
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8700)
2019-04-19 09:31:54 +01:00
Richard Levitte
0ad50b4dee Providers: for the digest_final operation, pass a output buffer size
This allows the provider digest_final operation to check that it
doesn't over-run the output buffer.

The EVP_DigestFinal_ex function doesn't take that same parameter, so
it will have to assume that the user provided a properly sized buffer,
but this leaves better room for future enhancements of the public API.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8747)
2019-04-15 10:46:09 +02:00
Matt Caswell
fd367b4ce3 Deprecate AES_ige_encrypt() and AES_bi_ige_encrypt()
These undocumented functions were never integrated into the EVP layer
and implement the AES Infinite Garble Extension (IGE) mode and AES
Bi-directional IGE mode. These modes were never formally standardised
and usage of these functions is believed to be very small. In particular
AES_bi_ige_encrypt() has a known bug. It accepts 2 AES keys, but only
one is ever used. The security implications are believed to be minimal,
but this issue was never fixed for backwards compatibility reasons.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8710)
2019-04-12 14:22:41 +01:00
Shane Lontis
8402cd5f75 added code to validate EC named curve parameters
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8555)
2019-04-11 12:05:38 +03:00
Pauli
6c7d80ab3b Reseeding without derivation function is not supported in FIPS mode.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8648)
2019-04-11 08:52:22 +10:00
Paul Yang
ccf453610f Make X509_set_sm2_id consistent with other setters
This commit makes the X509_set_sm2_id to 'set0' behaviour, which means
the memory management is passed to X509 and user doesn't need to free
the sm2_id parameter later. API name also changes to X509_set0_sm2_id.

Document and test case are also updated.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8626)
2019-04-09 20:44:42 +08:00
Richard Levitte
f55ed701a4 Params API: {utf8,octet}_ptr need to know the data size
When the purpose is to pass parameters to a setter function, that
setter function needs to know the size of the data passed.  This
remains true for the pointer data types as well.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8703)
2019-04-09 14:10:23 +02:00
Matt Caswell
dc46e3dde5 Use the right NID when putting a method in the store
When we attempt to fetch a method with a given NID we will ask the
providers for it if we don't already know about it. During that process
we may be told about other methods with a different NID. We need to
make sure we don't confuse the two.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8541)
2019-04-09 10:24:43 +01:00
Richard Levitte
195852fefc Params: add OSSL_PARAM_construct_end()
OSSL_PARAM_END is a macro that can only be used to initialize an
OSSL_PARAM array, not to assign an array element later on.  For
completion, we add an end constructor to facilitate that kind of
assignment.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8704)
2019-04-09 11:18:26 +02:00
Patrick Steuer
aa447d6fdb fix --strict-warnings build
C++ style comments are not allowed in ISO C90

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8693)
2019-04-07 13:30:26 +02:00
Richard Levitte
cb92964563 EVP_set_default_properties(): New function to set global properties
EVP_MD_fetch() can be given a property query string.  However, there
are cases when it won't, for example in implicit fetches.  Therefore,
we also need a way to set a global property query string to be used in
all subsequent fetches.  This also applies to all future algorithm
fetching functions.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8681)
2019-04-05 15:43:37 +02:00
Richard Levitte
bc362b9b72 Convert the ENGINE_CONF trace calls to use CONF instead
Additionally, merge ENGINE_CONF into CONF.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8680)
2019-04-05 12:50:55 +02:00
Richard Levitte
71849dff56 Rename the PROVIDER_CONF trace to CONF
Other configuration modules may have use for tracing, and having one
tracing category for each of them is a bit much.  Instead, we make one
category for them all.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8680)
2019-04-05 12:50:55 +02:00
Richard Levitte
0f5163bd1c Fix number clash: EVP_F_AESNI_XTS_INIT_KEY vs EVP_F_EVP_MD_BLOCK_SIZE
The three macros EVP_F_AESNI_XTS_INIT_KEY, EVP_F_AES_T4_XTS_INIT_KEY
and EVP_F_AES_XTS_INIT_KEY are affected.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8682)
2019-04-05 11:15:23 +02:00
Pauli
3538b0f7ad Move the AES-XTS mode duplicated key check into the init_key function rather
than the update call.  The means an earlier error return at the cost of some
duplicated code.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8625)
2019-04-05 10:55:40 +10:00
Dr. Matthias St. Pierre
ecbfaef2aa trace: add PROVIDER_CONF trace category
Fixes #8667

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8672)
2019-04-04 18:35:22 +02:00
Richard Levitte
e321ba28e8 Correct EVP_F_EVP_MD_BLOCK_SIZE number
The number that was used was already taken

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8656)
2019-04-04 01:08:52 +02:00
Matt Caswell
7556b9df59 Support EVP_MD_block_size() with providers
Fixes #8565

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8604)
2019-04-03 15:50:13 +01:00
Richard Levitte
abbc2c4083 Replumbing: add a configuration module for providers
This configuration module supports a configuration structure pretty
much like the engine configuration module, i.e. something like this:

    openssl_conf = openssl_init

    [openssl_init]
    providers = provider_section

    [provider_section]
    # Configure the provider named "foo"
    foo = foo_section
    # Configure the provider named "bar"
    bar = bar_section

    [foo_section]
    # Override name given in the provider section
    identity = myfoo
    # The exact path of the module.  This is platform specific
    module_path = /opt/openssl/modules/foo.so
    # Whether it should be automatically activated.  Value is unimportant
    activate = whatever

    # Anything else goes as well, and becomes parameters that the
    # provider can get
    what = 1
    # sub-sections will be followed as well
    ever = ever_section

    [ever_section]
    cookie = monster

All the configurations in a provider section and its sub-sections
become parameters for the provider to get, i.e. the "foo" provider
will be able to get values for the following keys (with associated
values shown):

    identity            => myfoo
    module_path         => /opt/openssl/modules/foo.so
    activate            => whatever
    what                => 1
    ever.cookie         => monster

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8549)
2019-04-03 11:42:48 +02:00
Richard Levitte
ac1055ef13 Replumbing: add functionality to set provider parameters
Provider parameters are parameters set by the core that the provider
can retrieve.  The primary use it to support making OpenSSL
configuration data available to the provider.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8549)
2019-04-03 11:42:48 +02:00
Pauli
5516c19b03 AES-XTS block limit.
Limit the number of AES blocks in a data unit to 2^20 or less.
This corresponds to the mandates in IEEE Std 1619-2018 and NIST SP 800-38E.

Note: that this is a change from IEEE Std 1619-2007 which only recommended
this limit.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8627)
2019-04-03 16:03:46 +10:00
Boris Pismenny
c35e921ffa ssl: Linux TLS Rx Offload
This patch adds support for the Linux TLS Rx socket option.
It completes the previous patch for TLS Tx offload.
If the socket option is successful, then the receive data-path of the TCP
socket is implemented by the kernel.
We choose to set this option at the earliest - just after CCS is complete.

Change-Id: I59741e04d89dddca7fb138e88fffcc1259b30132
Signed-off-by: Boris Pismenny <borisp@mellanox.com>

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7848)
2019-04-01 11:54:48 +01:00
Boris Pismenny
e401ef801e bio: Linux TLS Rx Offload
Add support for Linux TLS Rx offload in the BIO layer.

Change-Id: I79924b25dd290a873d69f6c8d429e1f5bb2c3365
Signed-off-by: Boris Pismenny <borisp@mellanox.com>

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7848)
2019-04-01 11:54:48 +01:00
Boris Pismenny
f851a68932 Linux ktls Rx infrastructure
Introduce the infrastructure for supproting receive side Linux Kernel TLS
data-path.

Change-Id: I71864d8f9d74a701cc8b0ad5536005f3c1716c1c
Signed-off-by: Boris Pismenny <borisp@mellanox.com>

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7848)
2019-04-01 11:54:48 +01:00
Richard Levitte
31b6ed76df Rework DSO API conditions and configuration option
'no-dso' is meaningless, as it doesn't get any macro defined.
Therefore, we remove all checks of OPENSSL_NO_DSO.  However, there may
be some odd platforms with no DSO scheme.  For those, we generate the
internal macro DSO_NONE aand use it.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/#8622)
2019-04-01 06:14:50 +02:00