Commit graph

2372 commits

Author SHA1 Message Date
Richard Levitte
3cb413da19 Add missing \n in some testutil output
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5229)
2018-01-31 23:49:21 +01:00
Richard Levitte
0ac9e9ff5d Make test/uitest depend on the private apps support library
This avoids having to enumerate specific modules in apps, or to have
to include them in libtestutil.a.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5222)
2018-01-31 23:45:12 +01:00
Andy Polyakov
79a0e87648 test/asn1_time_test.c: fix pre-C90 warning.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
2018-01-31 22:17:16 +01:00
Richard Levitte
98ade24200 Don't break testing when runnins as root
The rehash test broke the test if run by root.  Instead, just skip the
check that requires non-root to be worth it.

Fixes #4387

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5184)
2018-01-29 12:51:22 +01:00
Richard Levitte
0f5a775219 Get rid of a warning about unused results
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5181)
2018-01-28 16:22:40 +01:00
Benjamin Kaduk
cf8e9233f0 Catch some more old sigalg names in comments
Make the sigalg name in comments reflect one that actually exists
in the draft standard.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5174)
2018-01-26 09:23:57 -06:00
Benjamin Kaduk
3e524bf2d1 Add TLSProxy tests for signature_algorithms_cert
We don't need to send this extension in normal operation since
we are our own X.509 library, but add some test cases that force
the extension to be sent and exercise our code to process the extension.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5068)
2018-01-25 12:57:22 -06:00
Benjamin Kaduk
f55e99f7dd Add TLS 1.3 draft-23 PSS signature algorithms
We now have a split in the signature algorithms codepoint space for
whether the certificate's key is for rsaEncryption or a PSS-specific
key, which should let us get rid of some special-casing that we
previously needed to try to coax rsaEncryption keys into performing PSS.
(This will be done in a subsequent commit.)

Send the new PSS-with-PSS-specific key first in our list, so that
we prefer the new technology to the old one.

We need to update the expected certificate type in one test,
since the "RSA-PSS+SHA256" form now corresponds to a public key
of type rsaEncryption, so we should expect the server certificate
type to be just "RSA".  If we want to get a server certificate
type of "RSA-PSS", we need to use a new signature algorithm
that cannot be represented as signature+hash, so add a test for that
as well.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5068)
2018-01-25 12:05:54 -06:00
Matt Caswell
97ea1e7f42 Updates following review of SSL_stateless() code
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)
2018-01-24 18:02:37 +00:00
Matt Caswell
c7b8ff2502 Add some tests for the SSL_stateless() capability
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)
2018-01-24 18:02:36 +00:00
Richard Levitte
14262ca950 Small cleanup of some build.info files
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5153)
2018-01-24 15:54:01 +01:00
Pauli
4bed94f0c1 SHA512/224 and SHA512/256
Support added for these two digests, available only via the EVP interface.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5093)
2018-01-24 07:09:46 +10:00
Richard Levitte
bbc92cd129 test/ossl_shim/packeted_bio.h: don't include e_os.h
That inclusion turned out to be completely unnecessary

[extended tests]

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5136)
2018-01-22 21:06:50 +01:00
Richard Levitte
2b1aa19881 Reduce the use of e_os.h in test programs
This includes unnecessary use of the top as inclusion directory

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5132)
2018-01-22 16:21:40 +01:00
Richard Levitte
c5856878f7 Enable TLSProxy tests on Windows
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5094)
2018-01-20 09:22:20 +01:00
Richard Levitte
48e5119a6b Copyright update of more files that have changed this year
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/5110)
2018-01-19 13:34:03 +01:00
Richard Levitte
3c7d0945b6 Update copyright years on all files merged since Jan 1st 2018
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5038)
2018-01-09 05:49:01 +01:00
Bernd Edlinger
643d91fea4 Stop using unimplemented cipher classes.
Add comments to no longer usable ciphers.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5023)
2018-01-06 15:14:57 +01:00
Dr. Matthias St. Pierre
8212d50576 crypto/rand: restore the generic DRBG implementation
The DRGB concept described in NIST SP 800-90A provides for having different
algorithms to generate random output. In fact, the FIPS object module used to
implement three of them, CTR DRBG, HASH DRBG and HMAC DRBG.

When the FIPS code was ported to master in #4019, two of the three algorithms
were dropped, and together with those the entire code that made RAND_DRBG
generic was removed, since only one concrete implementation was left.

This commit restores the original generic implementation of the DRBG, making it
possible again to add additional implementations using different algorithms
(like RAND_DRBG_CHACHA20) in the future.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4998)
2018-01-04 11:47:31 +10:00
Benjamin Kaduk
767938fae9 Test that supported_groups is permitted in ServerHello
Add a regression test for the functionality enabled in the
previous commit.

[extended tests]

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4463)
2018-01-03 09:43:54 -06:00
Daniel Bevenius
436ad81f05 Fix minor 'the the' typos
Similar to commit 17b602802114d53017ff7894319498934a580b17(
"Remove extra `the` in SSL_SESSION_set1_id.pod"), this commit removes
typos where additional 'the' have been added.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4999)
2018-01-02 15:30:22 +00:00
Bernd Edlinger
8175af50cc Alternate fix for ../test/recipes/80-test_ssl_old.t with no-ec
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4981)
2017-12-27 16:37:22 +01:00
Dr. Matthias St. Pierre
08a65d9686 Implement automatic reseeding of DRBG after a specified time interval
Every DRBG now supports automatic reseeding not only after a given
number of generate requests, but also after a specified time interval.

Signed-off-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4402)
2017-12-17 23:12:10 +01:00
Dr. Matthias St. Pierre
a93ba405b0 Add master DRBG for reseeding
A third shared DRBG is added, the so called master DRBG. Its sole purpose
is to reseed the two other shared DRBGs, the public and the private DRBG.
The randomness for the master DRBG is either pulled from the os entropy
sources, or added by the application using the RAND_add() call.

The master DRBG reseeds itself automatically after a given number of generate
requests, but can also be reseeded using RAND_seed() or RAND_add().
A reseeding of the master DRBG is automatically propagated to the public
and private DRBG. This construction fixes the problem, that up to now
the randomness provided by RAND_add() was added only to the public and
not to the private DRBG.

Signed-off-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4402)
2017-12-17 23:12:10 +01:00
Bernd Edlinger
fce78bd4ed Fix invalid function type casts.
Rename bio_info_cb to BIO_info_cb.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4493)
2017-12-15 19:33:48 +01:00
Matt Caswell
0ababfec93 Fix some clang compilation errors
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
2017-12-14 15:06:38 +00:00
Matt Caswell
091ecfad6e Don't run the TLSv1.3 CCS tests if TLSv1.3 is not enabled
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
2017-12-14 15:06:38 +00:00
Matt Caswell
0ca3aea7d3 Add some TLSv1.3 CCS tests
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
2017-12-14 15:06:38 +00:00
Matt Caswell
426dfc9ff7 Send supported_versions in an HRR
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
2017-12-14 15:06:37 +00:00
Matt Caswell
597c51bc98 Merge HRR into ServerHello
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
2017-12-14 15:06:37 +00:00
Matt Caswell
2d729db2f0 Send TLSv1.2 as the record version when using TLSv1.3
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
2017-12-14 15:06:37 +00:00
Matt Caswell
a5816a5ab9 Implement session id TLSv1.3 middlebox compatibility mode
Clients will send a "fake" session id and servers must echo it back.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
2017-12-14 15:06:37 +00:00
Matt Caswell
88050dd196 Update ServerHello to new draft-22 format
The new ServerHello format is essentially now the same as the old TLSv1.2
one, but it must additionally include supported_versions. The version
field is fixed at TLSv1.2, and the version negotiation happens solely via
supported_versions.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
2017-12-14 15:06:37 +00:00
Sebastian Andrzej Siewior
cac19d19e7 rsa: Do not allow less than 512 bit RSA keys
As per documentation, the RSA keys should not be smaller than 64bit (the
documentation mentions something about a quirk in the prime generation
algorithm). I am adding check into the code which used to be 16 for some
reason.
My primary motivation is to get rid of the last sentence in the
documentation which suggest that typical keys have 1024 bits (instead
updating it to the now default 2048).
I *assume* that keys less than the 2048 bits (say 512) are used for
education purposes.
The 512 bits as the minimum have been suggested by Bernd Edlinger.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4547)
2017-12-11 12:53:07 +01:00
Matt Caswell
a8ea8018fa Fix no-chacha
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4891)
2017-12-11 09:41:59 +00:00
Matt Caswell
ef178b4eab Don't expect a POLY1305 ciphersuite when using no-poly1305
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4891)
2017-12-11 09:41:59 +00:00
Matt Caswell
3b69eb302e Replace tabs with spaces in 25-cipher.conf.in
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4891)
2017-12-11 09:41:59 +00:00
Matt Caswell
b7ab4eeed9 Fix no-tls1_1
In 20-cert-select.conf there is a TLSv1.1 specific test which we should
skip if TLSv1.1. is disabled.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4890)
2017-12-11 09:36:25 +00:00
Matt Caswell
f5fea6657d Fix ssl_test_new with no-tls1_2
The tests in 25-cipher.conf all use TLSv1.2 ciphersuites so we shouldn't
run it if we don't have TLSv1.2

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4889)
2017-12-10 11:05:59 +00:00
Benjamin Kaduk
5f21b44068 Fix test_tls13messages with no-ocsp
s_client -status is not available in this configuration.

While here, remove an outdated TODO(TLS1.3) comment.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4873)
2017-12-08 09:16:36 -06:00
Benjamin Kaduk
cb091295a9 Wrap more of ocspapitest.c in OPENSSL_NO_OCSP
make_dummy_resp() uses OCSP types, and get_cert_and_key() is unused
once make_dummy_resp() is compiled out, so neither can be included
in the build when OCSP is disabled and strict warnings are active.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4873)
2017-12-08 09:16:36 -06:00
Benjamin Kaduk
88e09fe79b Fix coverity nit in handshake_helper.c
There's no reason to wrap this call in TEST_true() if we're not
checking the return value of TEST_true() -- all of the surrounding
similar calls do not have the macro wrapping them.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4873)
2017-12-08 09:16:36 -06:00
Benjamin Kaduk
b6306d8049 Fix coverity-reported errors in ocspapitest
Avoid memory leaks in error paths, and correctly apply
parentheses to function calls in a long if-chain.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4873)
2017-12-08 09:16:36 -06:00
Benjamin Kaduk
8a8bc66562 Fix no-ec
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4874)
2017-12-08 08:29:17 -06:00
Richard Levitte
d68a0eaf45 Remove unicode characters from source
Some compilers react badly to non-ASCII characters

Fixes #4877

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4879)
2017-12-08 11:56:37 +01:00
JitendraLulla
a3d7fd2837 fix --strict-warnings
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4717)
2017-12-08 10:39:52 +00:00
JitendraLulla
49ea0f0983 extending afalg with aes-cbc-192/256, afalgtest.c also updated accordingly. comments from matt, Stephen considered
fix  indentation, remove printf from afalgtest.c

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4717)
2017-12-08 10:39:52 +00:00
Rich Salz
cbe2964821 Consistent formatting for sizeof(foo)
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4872)
2017-12-07 19:11:49 -05:00
Matt Caswell
e84282cbda Fix the buffer sizing in the fatalerrtest
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4867)
2017-12-07 14:35:30 +00:00
Matt Caswell
97652f0b3a Add a test for CVE-2017-3737
Test reading/writing to an SSL object after a fatal error has been
detected. This CVE only affected 1.0.2, but we should add it to other
branches for completeness.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2017-12-06 15:37:49 +00:00
Andy Polyakov
77d7599365 test/bntest.c: add rsaz_1024_mul_avx2 regression test.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-12-06 15:36:20 +00:00
Matt Caswell
8e02e73d80 Fix the Boring tests following the SSLfatal() changes
An error reason code has changed for one of the boring tests, so
ossl_config.json needed an update to take account of it.

[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4778)
2017-12-04 13:31:48 +00:00
Matt Caswell
f63a17d66d Convert the state machine code to use SSLfatal()
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4778)
2017-12-04 13:31:48 +00:00
Todd Short
e1c7871de8 Use ChaCha only if prioritized by clnt
IFF the client has ChaCha first, and server cipher priority is used,
and the new SSL_OP_PRIORITIZE_CHACHA_FOR_MOBILE option is used,
then reprioritize ChaCha above everything else. This way, A matching
ChaCha cipher will be selected if there is a match. If no ChaCha ciphers
match, then the other ciphers are used.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4436)
2017-11-30 07:13:08 +10:00
Andy Polyakov
3bded9cd35 rsa/rsa_gen.c: harmonize keygen's ability with RSA_security_bits.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4791)
2017-11-28 20:05:48 +01:00
Matt Caswell
83ccead4d0 Fix lshift tests
Commit 30bea14be6 converted bntest.c to the new TEST framework.
Unfortunately a missing "goto err" means that the lshift tests skip
the actual bit that tests them. Replacing the "goto err" reveals that
the conversion also broke the tests. This adds back the missing "goto err"
and fixes the tests.

Fixes #4808

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4809)
2017-11-28 10:41:23 +00:00
Pauli
b7af3f1433 Test support for time_t comparisons.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4797)
2017-11-28 08:56:45 +10:00
Pauli
92738d7d73 use size_t tests instead of int ones
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4797)
2017-11-28 08:56:45 +10:00
Kurt Roeckx
d807db26a4 Create a prototype for OPENSSL_rdtsc
Switch to make it return an uint32_t instead of the various different
types it returns now.

Fixes: #3125

Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #4757
2017-11-25 14:30:11 +01:00
Richard Levitte
f106f40694 Avoid unnecessary MSYS2 conversion of some arguments
Fixes #4740

The MSYS2 run-time convert arguments that look like paths when
executing a program unless that application is linked with the MSYS
run-time.  The exact conversion rules are listed here:

    http://www.mingw.org/wiki/Posix_path_conversion

With the built-in configurations (all having names starting with
"mingw"), the openssl application is not linked with the MSYS2
run-time, and therefore, it will receive possibly converted arguments
from the process that executes it.  This conversion is fine for normal
path arguments, but it happens that some arguments to the openssl
application get converted when they shouldn't.  In one case, it's
arguments like '-passin file:something', and in another, it's a file:
URI (what typically happens is that URIs without an authority
component get converted, 'cause the conversion mechanism doesn't
recognise them as URIs).

To avoid conversion where we don't want it, we simply assign
MSYS2_ARG_CONV_EXCL a pattern to avoid specific conversions.  As a
precaution, we only do this where we obviously need it.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4765)
2017-11-22 00:37:34 +01:00
Matt Caswell
281bf2332c If a server is not acknowledging SNI then don't reject early_data
SNI needs to be consistent before we accept early_data. However a
server may choose to not acknowledge SNI. In that case we have to
expect that a client may send it anyway. We change the consistency
checks so that not acknowledging is treated more a like a "wild card",
accepting any SNI as being consistent.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4738)
2017-11-21 17:46:22 +00:00
Matt Caswell
b510b740fb Ignore the session when setting SNI in s_client
As per this comment:

https://github.com/openssl/openssl/issues/4496#issuecomment-337767145

Since the server is entitled to reject our session our ClientHello
should include everything that we would want if a full handshake were
to happen. Therefore we shouldn't use the session as a source of
information for setting SNI.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4738)
2017-11-21 17:46:22 +00:00
Paul Yang
665d899fa6 Support multi-prime RSA (RFC 8017)
* Introduce RSA_generate_multi_prime_key to generate multi-prime
  RSA private key. As well as the following functions:
    RSA_get_multi_prime_extra_count
    RSA_get0_multi_prime_factors
    RSA_get0_multi_prime_crt_params
    RSA_set0_multi_prime_params
    RSA_get_version
* Support EVP operations for multi-prime RSA
* Support ASN.1 operations for multi-prime RSA
* Support multi-prime check in RSA_check_key_ex
* Support multi-prime RSA in apps/genrsa and apps/speed
* Support multi-prime RSA manipulation functions
* Test cases and documentation are added
* CHANGES is updated

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4241)
2017-11-21 14:38:42 +08:00
Paul Yang
b000470873 Support public key and param check in EVP interface
EVP_PKEY_public_check() and EVP_PKEY_param_check()

Doc and test cases are added

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4647)
2017-11-20 07:20:30 +01:00
Andy Polyakov
5d99881e6a Iron out /WX errors in VC-WIN32.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-11-17 21:22:26 +01:00
FdaSilvaYY
899e62d186 Fix AppVeyor/VC build failure
..\test\asn1_internal_test.c(96): warning C4113: 'int (__cdecl *)()'
differs in parameter lists from 'int (__cdecl *)(void)'

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4744)
2017-11-16 14:02:27 +01:00
Richard Levitte
8e4ec5b2e7 Modify expected output of a CRL to match the changed printout
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4746)
2017-11-16 01:19:55 +01:00
Richard Levitte
d1453d60a5 Modify expected output of a certificate to match the changed printout
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4746)
2017-11-16 01:19:31 +01:00
FdaSilvaYY
4483fbae10 Factorise duplicated code.
Extract and factorise duplicated string glue code.
Cache strlen result to avoid duplicate calls.
[extended tests]

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4719)
2017-11-13 07:52:35 -05:00
Andy Polyakov
3a63c0edab Resolve warnings in VC-WIN32 build, which allows to add /WX.
It's argued that /WX allows to keep better focus on new code, which
motivates its comeback...

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4721)
2017-11-13 10:58:57 +01:00
Benjamin Kaduk
27da13430b Add OCSP API test executable
Some of the OCSP APIs (such as the recently added OCSP_resp_get0_signer)
do not really merit inclusion in the ocsp(1) utility, but we should still
have unit tests for them.

For now, only test OCSP_resp_get0_signer(), but it should be easy to
add more tests in the future.

Provide an X509 cert and private key in the test's data directory
to use for signing responses, since constructing those on the fly
is more effort than is needed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4573)
2017-11-11 20:03:49 -06:00
Josh Soref
46f4e1bec5 Many spelling fixes/typo's corrected.
Around 138 distinct errors found and fixed; thanks!

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3459)
2017-11-11 19:03:10 -05:00
FdaSilvaYY
f479eab227 style : fix some if(...
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4457)
2017-11-07 17:09:24 +01:00
Jack Lloyd
a0c3e4fa90 SM3: Add SM3 hash function
SM3 is a secure hash function which is part of the Chinese
"Commercial Cryptography" suite of algorithms which use is
required for certain commercial applications in China.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4616)
2017-11-06 07:21:11 +08:00
FdaSilvaYY
cf72c75792 Implement Maximum Fragment Length TLS extension.
Based on patch from Tomasz Moń:
https://groups.google.com/forum/#!topic/mailing.openssl.dev/fQxXvCg1uQY

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/1008)
2017-11-05 17:46:48 +01:00
Andy Polyakov
420b88cec8 test/bntest.c: add bn_sqrx8x_internal regression test.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-11-02 11:00:48 +00:00
Dr. Matthias St. Pierre
e433ac3c4f testutil.h: Remove duplicate test macros
A block of six TEST_int_xy() macro definitions was duplicated.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4624)
2017-10-31 11:35:54 +01:00
Baptiste Jonglez
3ba70235be afalg: Fix kernel version check
The check should reject kernel versions < 4.1.0, not <= 4.1.0.

The issue was spotted on OpenSUSE 42.1 Leap, since its linux/version.h
header advertises 4.1.0.

CLA: trivial
Fixes: 7f458a48 ("ALG: Add AFALG engine")
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4617)
2017-10-31 11:19:47 +01:00
Ronald Tse
f19a5ff9ab SM4: Add SM4 block cipher to EVP
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4552)
2017-10-31 15:19:14 +10:00
Benjamin Kaduk
85155346b3 Fix memory leak in crltest error case
This would cut out some distracting noise in the test output
if we ended up hitting these error cases.

Reported by Coverity.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4602)
2017-10-30 10:38:01 -05:00
AlexDenisov
23fa978994 [packettest] Fix misplaced parentheses
Thanks to David Benjamin for suggesting the fix needed by this fix.
CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4607)
2017-10-30 11:36:29 -04:00
Dr. Matthias St. Pierre
c16de9d832 Fix reseeding issues of the public RAND_DRBG
Reseeding is handled very differently by the classic RAND_METHOD API
and the new RAND_DRBG api. These differences led to some problems when
the new RAND_DRBG was made the default OpenSSL RNG. In particular,
RAND_add() did not work as expected anymore. These issues are discussed
on the thread '[openssl-dev] Plea for a new public OpenSSL RNG API'
and in Pull Request #4328. This commit fixes the mentioned issues,
introducing the following changes:

- Replace the fixed size RAND_BYTES_BUFFER by a new RAND_POOL API which
  facilitates collecting entropy by the get_entropy() callback.
- Don't use RAND_poll()/RAND_add() for collecting entropy from the
  get_entropy() callback anymore. Instead, replace RAND_poll() by
  RAND_POOL_acquire_entropy().
- Add a new function rand_drbg_restart() which tries to get the DRBG
  in an instantiated state by all means, regardless of the current
  state (uninstantiated, error, ...) the DRBG is in. If the caller
  provides entropy or additional input, it will be used for reseeding.
- Restore the original documented behaviour of RAND_add() and RAND_poll()
  (namely to reseed the DRBG immediately) by a new implementation based
  on rand_drbg_restart().
- Add automatic error recovery from temporary failures of the entropy
  source to RAND_DRBG_generate() using the rand_drbg_restart() function.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4328)
2017-10-18 08:39:20 -05:00
Matt Caswell
a2b97bdf3d Don't do version neg on an HRR
Previously if a client received an HRR then we would do version negotiation
immediately - because we know we are going to get TLSv1.3. However this
causes a problem when we emit the 2nd ClientHello because we start changing
a whole load of stuff to ommit things that aren't relevant for < TLSv1.3.
The spec requires that the 2nd ClientHello is the same except for changes
required from the HRR. Therefore the simplest thing to do is to defer the
version negotiation until we receive the ServerHello.

Fixes #4292

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4527)
2017-10-16 15:52:18 +01:00
Paul Yang
0bd42fde95 Fix a bug in ALPN comparation code of a test case
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4497)
2017-10-16 10:08:53 +01:00
Paul Yang
c7558d5be1 Fix reading heap overflow in a test case
Caught by AddressSanitizer

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4497)
2017-10-16 10:08:53 +01:00
Matt Caswell
141e470947 Add a test for setting initial SNI in CH but not using it with early_data
Test for the bug where early_data is not accepted by the server when it
does not have an SNI callback set up, but the client sent a servername in
the initial ClientHello establishing the session.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4519)
2017-10-12 15:19:49 +01:00
Dr. Stephen Henson
dcb7e48209 Add RFC7919 tests.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12 02:40:30 +01:00
Dr. Stephen Henson
9b82c8b1c1 Don't assume shared key length matches expected length
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12 02:40:30 +01:00
Dr. Stephen Henson
e3662075c3 Add EVP_PKEY_METHOD redirection test
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4503)
2017-10-12 00:03:32 +01:00
Benjamin Kaduk
165cc51f4e Appease -Werror=maybe-uninitialized
test/bad_dtls_test.c: In function 'validate_client_hello':
test/bad_dtls_test.c:128:33: error: 'u' may be used uninitialized in this function [-Werror=maybe-uninitialized]
     if (!PACKET_get_1(&pkt, &u) || u != SSL3_RT_HANDSHAKE)
                                 ^
Apparently -O1 does not perform sufficient optimization to ascertain
that PACKET_get_1 will always initialize u if it returns true.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4518)
2017-10-11 08:27:07 -05:00
Todd Short
a84e5c9aa8 Session resume broken switching contexts
When an SSL's context is swtiched from a ticket-enabled context to
a ticket-disabled context in the servername callback, no session-id
is generated, so the session can't be resumed.

If a servername callback changes the SSL_OP_NO_TICKET option, check
to see if it's changed to disable, and whether a session ticket is
expected (i.e. the client indicated ticket support and the SSL had
tickets enabled at the time), and whether we already have a previous
session (i.e. s->hit is set).

In this case, clear the ticket-expected flag, remove any ticket data
and generate a session-id in the session.

If the SSL hit (resumed) and switched to a ticket-disabled context,
assume that the resumption was via session-id, and don't bother to
update the session.

Before this fix, the updated unit-tests in 06-sni-ticket.conf would
fail test #4 (server1 = SNI, server2 = no SNI).

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/1529)
2017-10-04 10:21:08 +10:00
Pauli
1b3e2bbf64 Add a reserve call to the stack data structure.
This allows the caller to guarantee that there is sufficient space for a
number of insertions without reallocation.

The expansion ratio when reallocating the array is reduced to 1.5 rather than 2.

Change bounds testing to use a single size rather than both INT_MAX and
SIZE_MAX.  This simplifies some of the tests.

Switch the stack pointers to data from char * to void *

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4386)
2017-09-28 06:53:40 +10:00
David Benjamin
7966101e20 Allow DH_set0_key with only private key.
The pub_key field for DH isn't actually used in DH_compute_key at all.
(Note the peer public key is passed in as as BIGNUM.) It's mostly there
so the caller may extract it from DH_generate_key. It doesn't
particularly need to be present if filling in a DH from external
parameters.

The check in DH_set0_key conflicts with adding OpenSSL 1.1.0 to Node.
Their public API is a thin wrapper over the old OpenSSL one:
https://nodejs.org/api/crypto.html#crypto_class_diffiehellman

They have separate setPrivateKey and setPublicKey methods, so the public
key may be set last or not at all. In 1.0.2, either worked fine since
operations on DH objects generally didn't use the public key.  (Like
with OpenSSL, Node's setPublicKey method is also largely a no-op, but so
it goes.) In 1.1.0, DH_set0_key prevents create a private-key-only DH
object.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4384)
2017-09-26 14:48:51 +02:00
David Benjamin
8545051c36 Guard against DoS in name constraints handling.
This guards against the name constraints check consuming large amounts
of CPU time when certificates in the presented chain contain an
excessive number of names (specifically subject email names or subject
alternative DNS names) and/or name constraints.

Name constraints checking compares the names presented in a certificate
against the name constraints included in a certificate higher up in the
chain using two nested for loops.

Move the name constraints check so that it happens after signature
verification so peers cannot exploit this using a chain with invalid
signatures. Also impose a hard limit on the number of name constraints
check loop iterations to further mitigate the issue.

Thanks to NCC for finding this issue. Fix written by Martin Kreichgauer.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4393)
2017-09-22 22:00:55 +02:00
Dr. Stephen Henson
800c4883d0 Add RSA-PSS certificate type TLS tests
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4368)
2017-09-20 12:50:23 +01:00
Dr. Stephen Henson
613816fcae Add RSA-PSS test certificates
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4368)
2017-09-20 12:50:23 +01:00
Paul Yang
0822e89add Support EVP_PKEY_meth_remove and pmeth internal cleanup
1. make app pkey methods cleanup internal
2. add EVP_PKEY_meth_remove

Fixes travis-ci failure in #4337

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4356)
2017-09-14 12:41:34 +08:00
Paul Yang
2aee35d37d Support key check in EVP interface
A new method is added to EVP_PKEY_METH as:

    int (*check) (EVP_PKEY_CTX *ctx);

and to EVP_PKEY_ASN1_METHOD as:

    int (*pkey_check) (EVP_PKEY_CTX *ctx);

This is used to check the validity of a specific key.

The order of calls is:
EVP_PKEY_check -> pmeth.check -> ameth.pkey_check.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4337)
2017-09-13 20:38:14 +02:00
David Benjamin
f1b97da1fd Introduce named constants for the ClientHello callback.
It is otherwise unclear what all the magic numbers mean.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4349)
2017-09-08 13:58:59 -05:00
David Benjamin
f90486f4de Fix test documentation.
The instructions don't work.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4349)
2017-09-08 13:58:59 -05:00
David Benjamin
a9c0d8beea Rename SSL_CTX_set_early_cb to SSL_CTX_set_client_hello_cb.
"Early callback" is a little ambiguous now that early data exists.
Perhaps "ClientHello callback"?

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4349)
2017-09-08 13:58:59 -05:00
Benjamin Kaduk
511fbc60d4 Fix test_client_hello with no-tls1_2_method
The extensions not sent when TLS 1.2 is not used caused the message
length to be 109, which is less than the 127 threshold needed
to activate the F5 workaround.  Add another 20 bytes of dummy ALPN
data do push it over the threshold.

Also, fix the definition of the (unused) local macro indicating
the threshold.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4346)
2017-09-07 13:21:56 -05:00
Alfred E. Heggestad
fa4b82cc7c add callback handler for setting DTLS timer interval
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4011)
2017-09-06 08:30:00 +02:00
Matt Caswell
1d2491e20e Don't use ciphersuites for inflating the ClientHello in clienthellotest
clienthellotest tries to fill out the size of the ClientHello by adding
extra ciphersuites in order to test the padding extension. This is
unreliable because they are very dependent on configuration options. If we
add too much data the test will fail! We were already also adding some dummy
ALPN protocols to pad out the size, and it turns out that this is sufficient
just in itself, so drop the extra ciphersuites.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4331)
2017-09-04 15:15:30 +01:00
Richard Levitte
45fd6a59fa Fix 90-test_store.t: using config() requires OpenSSL::Test::Utils
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4332)
2017-09-04 12:52:32 +02:00
Pauli
21c7942140 Fix an include location problem in the extrended tests.
[extended tests]

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4327)
2017-09-04 06:38:16 +10:00
Richard Levitte
79120f46a2 OSSL_STORE: Avoid testing with URIs on the mingw command line
Some URIs get "mistreated" (converted) by the MSYS run-time.
Unfortunately, avoiding this conversion doesn't help either.

    http://www.mingw.org/wiki/Posix_path_conversion

Fixes #4314

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4322)
2017-09-03 10:21:01 +02:00
Andy Polyakov
26810b5eaf test/run_tests.pl: don't use Module::Load::Conditional.
Ironically enough not all installations get Module::Load::Conditional
installed by default... [It's a bit half-hearted, because such
installations are likely to lack more stuffi that is needed, but
nevertheless, it proved to be helpful.]

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4323)
2017-09-02 20:20:51 +02:00
Benjamin Kaduk
c4604e9b97 Fix long SNI lengths in test/handshake_helper.c
If the server_name extension is long enough to require two bytes to
hold the length of either field, the test suite would not decode
the length properly.  Using the PACKET_ APIs would have avoided this,
but it was desired to avoid using private APIs in this part of the
test suite, to keep ourselves honest.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4318)
2017-09-01 12:44:58 -05:00
Benjamin Kaduk
de0dc006a5 Fixup include path in ossl_shim test after e_os.h work
The include search path was not picking up files in the root of
the tree.

[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4316)
2017-09-01 11:04:01 -05:00
Pauli
4cff10dcbf struct timeval include guards
Move struct timeval includes into e_os.h (where the Windows ones were).
Enaure that the include is guarded canonically.

Refer #4271

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4312)
2017-09-01 09:55:43 +10:00
Matt Caswell
57dee9bb68 Test for late client side detection of ALPN inconsistenties
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
2017-08-31 15:03:35 +01:00
Matt Caswell
fff202e5f7 Add some fixes for Travis failures
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
2017-08-31 15:03:35 +01:00
Matt Caswell
976e53232d Add PSK early_data tests
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
2017-08-31 15:03:35 +01:00
Matt Caswell
db919b1e25 Update the tests for SNI changes
If there is no SNI in the session then s_client no longer sends the SNI
extension. Update the tests to take account of that

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
2017-08-31 15:02:58 +01:00
Matt Caswell
02a3ed5a95 Add some PSK early_data tests
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)
2017-08-31 15:02:58 +01:00
Todd Short
e44d376180 Fix return value of ASN1_TIME_compare
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4264)
2017-08-30 11:24:02 -04:00
Jon Spillett
bc32673869 Implement Aria GCM/CCM Modes and TLS cipher suites
AEAD cipher mode implementation is based on that used for AES:

  https://tools.ietf.org/html/rfc5116

TLS GCM cipher suites as specified in:

  https://tools.ietf.org/html/rfc6209

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4287)
2017-08-30 12:33:53 +02:00
Pauli
07016a8a31 Move e_os.h to be the very first include.
cryptilib.h is the second.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)
2017-08-30 07:20:44 +10:00
Pauli
677963e5a4 e_os.h removal from other headers and source files.
Removed e_os.h from all bar three headers (apps/apps.h crypto/bio/bio_lcl.h and
ssl/ssl_locl.h).

Added e_os.h into the files that need it now.

Directly reference internal/nelem.h when required.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4188)
2017-08-30 07:20:43 +10:00
Dr. Matthias St. Pierre
aa048aef0b DRBG: clarify difference between entropy counts and buffer lengths
Unlike the NIST DRBG standard, entropy counts are in bits and
buffer lengths are in bytes. This has lead to some confusion and
errors in the past, see my comment on PR 3789.

To clarify the destinction between entropy counts and buffer lengths,
a 'len' suffix has been added to all member names of RAND_DRBG which
represent buffer lengths:

-   {min,max}_{entropy,adin,nonce,pers}
+   {min,max}_{entropy,adin,nonce,pers}len

This change makes naming also more consistent, as can be seen in the
diffs, for example:

-    else if (adinlen > drbg->max_adin) {
+    else if (adinlen > drbg->max_adinlen) {

Also replaced all 'ent's by 'entropy's, following a suggestion of Paul Dale.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4266)
2017-08-28 08:52:02 -04:00
Rich Salz
b2db9c18b2 MSC_VER <= 1200 isn't supported; remove dead code
VisualStudio 6 and earlier aren't supported.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4263)
2017-08-27 11:35:39 -04:00
Matt Caswell
bf208d9501 Fix no-tls and no-tls1_2
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4257)
2017-08-25 14:56:41 +01:00
Matt Caswell
ab78f89b2d Fix no-scrypt
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4252)
2017-08-25 14:54:28 +01:00
Kazuki Yamaguchi
0afca8113e Do not lookup zero-length session ID
A condition was removed by commit 1053a6e2281d; presumably it was an
unintended change. Restore the previous behavior so the get_session_cb
won't be called with zero-length session ID.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4236)
2017-08-25 14:36:07 +02:00
Matt Caswell
0139ce7c92 Fix no-chacha and no-poly1305
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4251)
2017-08-25 11:34:08 +01:00
Matt Caswell
a5e65f7c5e Don't run a CT specifc test if CT is disabled
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4245)
2017-08-25 10:37:22 +01:00
Pauli
da9b249fd9 Check range of test values using isascii before diving into the full
range of ctype functions.

Revert "Don't try to compare the ctype functions on values > 127"
This reverts commit 6ac589081b.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4225)
2017-08-25 07:56:35 +10:00
Pauli
678c462e21 Check for EOF in ASCII conversions.
The C standard defines EOF as:

    ... an integer constant expression, with type int and a negative value...

This means a conforming implemenetation could define this as a one of the
printable characters.  This won't be a problem for ASCII.

A specific test case has been added for EOF.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4240)
2017-08-25 06:42:17 +10:00
Matt Caswell
f7d1d2a479 Fix enable-sctp
Commit b99fe5f4 broke SCTP. This fixes it again.

Reviewed-by: Stephen Henson <steve@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4244)
2017-08-24 13:20:01 +01:00
Rich Salz
0e97f1e1a7 (Re)move some things from e_os.h
Remove GETPID_IS_MEANINGLESS and osslargused.

Move socket-related things to new file internal/sockets.h; this is now
only needed by four(!!!) files.  Compiles should be a bit faster.
Remove USE_SOCKETS ifdef's

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4209)
2017-08-22 14:15:40 -04:00
Richard Levitte
6ac589081b Don't try to compare the ctype functions on values > 127
Our internal replacement functions return 0 for those values.
However, depending on locale, the C RTL functions may return 1.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4219)
2017-08-22 16:10:04 +02:00
Richard Levitte
196f5c4b0d Don't try to test ctype functions for values < 0 or > 255
Values that aren't representable as unsigned give undefined results.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4219)
2017-08-22 16:10:04 +02:00
Rich Salz
176db6dc51 Use "" not <> for internal/ includes
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4217)
2017-08-22 09:54:20 -04:00
Richard Levitte
12bd06cd6b Fix the lack of isblank() with VMS C
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4216)
2017-08-22 15:44:34 +02:00
Rich Salz
ffb46830e2 Add random serial# support.
Add -rand_serial to CA command and "serial_rand" config option.

Up RAND_BITS to 159, and comment why: now confirms to CABForum
guidelines (Ballot 164) as well as IETF RFC 5280 (PKIX).

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4185)
2017-08-22 09:00:04 -04:00
Pauli
a1df06b363 This has been added to avoid the situation where some host ctype.h functions
return true for characters > 127.  I.e. they are allowing extended ASCII
characters through which then cause problems.  E.g. marking superscript '2' as
a number then causes the common (ch - '0') conversion to number to fail
miserably.  Likewise letters with diacritical marks can also cause problems.

If a non-ASCII character set is being used (currently only EBCDIC), it is
adjusted for.

The implementation uses a single table with a bit for each of the defined
classes.  These functions accept an int argument and fail for
values out of range or for characters outside of the ASCII set.  They will
work for both signed and unsigned character inputs.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4102)
2017-08-22 09:45:25 +10:00
Pauli
00dfbaad88 Fix ctype arguments.
Cast arguments to the various ctype functions to unsigned char to match their
documentation.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4203)
2017-08-22 07:35:08 +10:00
Johannes Bauer
b73b4d73de Add PKEY_CTX setter tests for TLS1-PRF
PKEY_CTX setters tests were previously present for HKDF and scrypt; this
patch also adds tests for the third currently supported KDF, TLS1-PRF.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4196)
2017-08-21 10:05:14 +01:00
Pauli
045fe7313a Remove double error messages
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4204)
2017-08-21 10:37:34 +10:00
Todd Short
10ed1b7239 Reorder extensions to put SigAlgs last
Force non-empty padding extension.
When enabled, force the padding extension to be at least 1 byte long.
WebSphere application server cannot handle having an empty
extension (e.g. EMS/EtM) as the last extension in a client hello.
This moves the SigAlgs extension last for TLSv1.2 to avoid this
issue.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3921)
2017-08-18 09:52:17 -04:00
Richard Levitte
fdf9450f42 test/asn1_time_test.c: Better check of signed time_t
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4182)
2017-08-18 09:52:01 +02:00
Pauli
9ef73a6fd9 Fix windows build after too aggressive e_os.h removal
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4187)
2017-08-18 10:37:32 +10:00
Pauli
b99fe5f492 Remove tests dependence on e_os.h
Apart from ssltest_old.c, the test suite relied on e_os.h for the
OSSL_NELEM macro and nothing else.

The ssltest_old.c also requires EXIT and some socket macros.

Create a new header to define the OSSL_NELEM macro and use that instead.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4186)
2017-08-18 09:50:25 +10:00
David von Oheimb
121738d1cb Fix OCSP_basic_verify() cert chain construction in case bs->certs is NULL
Now the certs arg is not any more neglected when building the signer cert chain.
Added case to test/recipes/80-test_ocsp.t proving fix for 3-level CA hierarchy.

See also http://rt.openssl.org/Ticket/Display.html?id=4620

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4124)
2017-08-16 14:32:38 -04:00
FdaSilvaYY
31a80694d4 [Win] Fix some test method signatures ...
to halves MSVC warnings.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4172)
2017-08-16 10:36:34 -04:00
Rich Salz
12997aa984 Revert "Add some casts for %j"
This reverts commit c4d2e483a3.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4160)
2017-08-15 09:42:38 -04:00
Paul Yang
b158049cbd Use new setup_tests in code of rsa_test
Although this piece of code will not be compiled at current stage, but
there seems a plan to re-open the 'no-rsa' option in the future so this
should be fixed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4161)
2017-08-15 09:24:59 -04:00
Richard Levitte
8d2214c0a4 File::Glob option ':bsd_glob' doesn't work everywhere, replace w/ a wrapper
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4069)
2017-08-15 11:31:18 +02:00
Richard Levitte
cb6afcd6ee Consolidate the locations where we have our internal perl modules
Instead of having perl modules under test/testlib, util and util/perl,
consolidate them all to be inside util/perl.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4069)
2017-08-15 11:30:47 +02:00
Rich Salz
c4d2e483a3 Add some casts for %j
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4160)
2017-08-14 19:59:54 -04:00
FdaSilvaYY
bdcacd93b1 Fix some typo and comments
[skip ci]

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4149)
2017-08-12 20:07:17 +02:00
Andy Polyakov
bbde4740eb Wire SHAKE to EVP.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4137)
2017-08-12 12:20:56 +02:00
Andy Polyakov
cd8d1456c9 Add EVP_DigestFinalXOF, interface to extendable-output functions, XOFs.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4137)
2017-08-12 12:20:06 +02:00
FdaSilvaYY
44e6995155 Fix some Typos and indents
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4108)
2017-08-11 10:16:33 -04:00
Jon Spillett
5ff5f745d1 [extended tests] Add steps to update an external test suite
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4139)
2017-08-11 11:16:44 +10:00
Dr. Stephen Henson
ed5c7ea250 no-ec2m fixes
Fix warning and don't use binary field certificate for ECDH CMS
key only test.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4134)
2017-08-10 16:48:47 +01:00
Dr. Stephen Henson
1aee92bf0f Add alternative CMS P-256 cert
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4134)
2017-08-10 16:48:18 +01:00
Dr. Stephen Henson
f50b5f37a3 Fix no-ec
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4134)
2017-08-10 16:45:18 +01:00
David von Oheimb
180c3fc775 Fix minor type warnings and risk of memory leak in testutil/driver.c
Discussion is in https://github.com/openssl/openssl/issues/4127

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4131)
2017-08-10 11:05:28 -04:00
Benjamin Kaduk
3cb6a4d6d6 Fix memory leak in session cache test
When we are using the internal cache we have to make a copy of the
session before removing it from the parent context's cache, since
we want our copy to still be resumable.  However, SSL_CTX_remove_session()
just detaches the session from the SSL_CTX; it does not free the session.
So, we must call SSL_SESSION_free() ourselves before overwriting the
variable that we dup'd from.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4126)
2017-08-09 13:50:02 -05:00
Matt Caswell
7a301f08bc Test server side session caching
In particular this covers the scenario mentioned in #4014

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4072)
2017-08-09 13:37:06 +10:00
Johannes Bauer
402f26e6ee Fix building without scrypt
Building without the scrypt KDF is now possible, the OPENSSL_NO_SCRYPT
define is honored in code. Previous this lead to undefined references.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4116)
2017-08-08 20:50:44 +01:00
Dr. Stephen Henson
5d09b003c0 Add test for ECDH CMS key only
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4115)
2017-08-08 18:55:56 +01:00
Johannes Bauer
6aa907a6bf Add PKEY_METHOD macro tests
Added the pkey_meth_kdf_test tests which test the PKEY_METHOD macros (at
the moment, of HKDF and scrypt).

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Stephen Henson <steve@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4026)
2017-08-08 15:44:49 +01:00
Johannes Bauer
cefa762ee5 Add interface to the scrypt KDF by means of PKEY_METHOD
Add an interface that allows accessing the scrypt KDF as a PKEY_METHOD.
This fixes #4021 (at least for the scrypt portion of the issue).

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Stephen Henson <steve@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4026)
2017-08-08 15:44:49 +01:00
Pauli
99801878c0 Change SETUP_TEST_FIXTURE so that the fixture structure is passed by
reference not by value.  This allows an error return from the setup function.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4083)
2017-08-07 08:57:05 +10:00
Todd Short
cf37aaa335 Consolidate to a single asn1_time_from_tm() function
Add missing ASN1_TIME functions

Do some cleanup of the ASN1_TIME code.
Add ASN1_TIME_normalize() to normalize ASN1_TIME structures.
Add ASN1_TIME_compare() to compare two ASN1_TIME structures.
Add ASN1_TIME_cmp_time_t() to compare an ASN1_TIME to time_t
(generic version of ASN1_UTCTIME_cmp_time_t()).

Replace '0' .. '9' compares with isdigit()

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2753)
2017-08-04 11:24:03 +10:00
Pauli
2326bba0e5 Test fixtures changed to pointers.
Change the fixture types to pointers to structures that are heap allocated in the tests that use SETUP_TEST_FIXTURE.  This will permit error returns from the setup function and allow for future running tests in parallel.

Also removed a call of `exit(2)` which allows the remaining tests to run if one fails to initialise.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4071)
2017-08-04 07:37:21 +10:00
Andy Polyakov
fbf9d108df recipes/80-test_ca.t: make it work with spaces in pathnames.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-08-03 21:28:26 +02:00
Rich Salz
75e2c87765 Switch from ossl_rand to DRBG rand
If RAND_add wraps around, XOR with existing. Add test to drbgtest that
does the wrap-around.

Re-order seeding and stop after first success.

Add RAND_poll_ex()

Use the DF and therefore lower RANDOMNESS_NEEDED.  Also, for child DRBG's,
mix in the address as the personalization bits.

Centralize the entropy callbacks, from drbg_lib to rand_lib.
(Conceptually, entropy is part of the enclosing application.)
Thanks to Dr. Matthias St Pierre for the suggestion.

Various code cleanups:
    -Make state an enum; inline RANDerr calls.
    -Add RAND_POLL_RETRIES (thanks Pauli for the idea)
    -Remove most RAND_seed calls from rest of library
    -Rename DRBG_CTX to RAND_DRBG, etc.
    -Move some code from drbg_lib to drbg_rand; drbg_lib is now only the
     implementation of NIST DRBG.
    -Remove blocklength

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4019)
2017-08-03 09:23:28 -04:00
Dr. Stephen Henson
b15d5ab617 Allow use of long name for KDFs
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4079)
2017-08-03 02:18:44 +01:00
Pauli
7e885b7bdf Simplify some of the sslapitest code.
Removing the use of SETUP_TEST_FIXTURE reduces complxity in those tests that
used it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4066)
2017-08-02 11:59:51 +10:00
Pauli
fa9ad41476 Remove EXECUTE_TEST_NO_TEARDOWN.
Simplify the only test that uses this macro so it doesn't need it anymore.
Clean up the formatting a little.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4034)
2017-08-02 08:29:28 +10:00
Paul Yang
a9dee23037 Add test case for ASN1_TIME_print
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4061)
2017-08-01 22:35:10 +02:00
Matt Caswell
c0537ebdf1 Add a test to check we get a new session even if s->hit is true in TLSv1.3
In TLSv1.3 we can resume, but still get a new session. This adds a test to
make sure that is happening.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4068)
2017-08-01 13:09:52 +01:00
David Benjamin
ee1ed1d380 Fix the names of older ciphers.
The names of these ciphers have an "SSL_" prefix, but the RFC names use
"TLS_":
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4

This dates back to these ciphers being originally defined in SSLv3. As
SSLv3 is on its way out anyway and this is a new set of APIs,
consistently use the TLS names.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4007)
2017-07-31 09:11:18 -04:00
Dr. Stephen Henson
48ed9c23b0 Add public key method enumeration function.
Add functions to enumerate public key methods. Add test to ensure table
is in the correct order.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4015)
2017-07-29 23:04:09 +01:00
Bernd Edlinger
8bf2d93057 Add some test coverage for OPENSSL_secure_clear_free
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4044)
2017-07-29 19:31:12 +02:00
Bernd Edlinger
0443b1171d Add some test coverage for PEM_read_bio_PrivateKey
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4047)
2017-07-29 14:55:30 +02:00
Paul Yang
190b9a03b7 Make SSL_set_tlsext_host_name no effect from server side
Documentation and test cases are also updated

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3783)
2017-07-28 11:51:59 -04:00
Richard Levitte
102c9e1296 Perl: Use File::Glob::bsd_glob rather than File::Glob::glob
File::Glob::glob is deprecated, it's use generates this kind of
message:

    File::Glob::glob() will disappear in perl 5.30. Use File::Glob::bsd_glob() instead. at ../master/Configure line 277.

So instead, use a construction that makes the caller glob() use
File::Glob::bsd_glob().

Note that we're still excluding VMS, as it's directory specs use '['
and ']', which have a different meaning with bsd_glob and would need
some extra quoting.  This might change, but later.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4040)
2017-07-28 14:45:17 +02:00
Pauli
735e350555 Formatting & declaration cleanse.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4032)
2017-07-28 09:26:40 +10:00
Pauli
e89f5fb370 OPENSSL_NO_ENGINE defined causes build failures
TEST_note as an undefined link symbol is the symptom.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4032)
2017-07-28 09:25:59 +10:00
Pauli
43405889f4 Fix the two new tests since approval.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3953)
2017-07-27 08:08:36 +10:00
Pauli
ad887416f1 Update the test framework so that the need for test_main is removed. Everything
that needed test_main now works using the same infrastructure as tests that used
register_tests.

This meant:
* renaming register_tests to setup_tests and giving it a success/failure return.
* renaming the init_test function to setup_test_framework.
* renaming the finish_test function to pulldown_test_framework.
* adding a user provided global_init function that runs before the test frame
    work is initialised.  It returns a failure indication that stops the stest.
* adding helper functions that permit tests to access their command line args.
* spliting the BIO initialisation and finalisation out from the test setup and
    teardown.
* hiding some of the now test internal functions.
* fix the comments in testutil.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3953)
2017-07-27 07:53:08 +10:00
Paul Yang
7b608d0828 Add test cases and docs for ASN1_STRING_TABLE_* functions
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3998)
2017-07-26 20:06:51 +02:00
Todd Short
a58eb06d52 Add support to free/allocate SSL buffers
OpenSSL already has the feature of SSL_MODE_RELEASE_BUFFERS that can
be set to release the read or write buffers when data has finished
reading or writing. OpenSSL will automatically re-allocate the buffers
as needed. This can be quite aggressive in terms of memory allocation.

This provides a manual mechanism. SSL_free_buffers() will free
the data buffers if there's no pending data. SSL_alloc_buffers()
will realloc them; but this function is not strictly necessary, as it's
still done automatically in the state machine.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2240)
2017-07-26 11:42:17 -04:00
Andy Polyakov
e4adad92b3 Wire SHA3 EVPs and add tests.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3943)
2017-07-25 21:40:30 +02:00
Richard Levitte
83e0d090b1 test/recipes/80-test_tsa.t: Don't trust 'OPENSSL_CONF'
There's a case when the environment variable OPENSSL_CONF is
useless...  when cross compiling for mingw and your wine environment
has an environment variable OPENSSL_CONF.  The latter will override
anything that's given when starting wine and there make the use of
that environment variable useless in our tests.

Therefore, we should not trust it, and use explicit '-config' options
instead.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3994)
2017-07-24 11:50:46 +02:00
Pauli
1a68e5b0d9 Improve struct tm population
Using Zeller's congruence to fill the day of week field,
Also populate the day of year field.

Add unit test to cover a number of cases.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3999)
2017-07-24 11:24:27 +10:00
Paul Yang
3d0f1cb9fd Add asn1_time_to_tm function and check days in month
Based on discussion in PR #3566. Reduce duplicated code in original
asn1_utctime_to_tm and asn1_generalizedtime_to_tm, and introduce a new
internal function asn1_time_to_tm. This function also checks if the days
in the input time string is valid or not for the corresponding month.

Test cases are also added.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3905)
2017-07-24 08:27:27 +10:00
Paul Yang
bbb4ceb86e Support converting cipher name to RFC name and vice versa
Fixes: issue #3747

make SSL_CIPHER_standard_name globally available and introduce a new
function OPENSSL_cipher_name.

A new option '-convert' is also added to 'openssl ciphers' app.

Documentation and test cases are added.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3859)
2017-07-21 07:20:14 +10:00
Benjamin Kaduk
4468b6ed59 Remove trailing whitespace from drbgtest.c
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3971)
2017-07-20 12:12:36 -05:00
Dr. Stephen Henson
d76f646ade Add keygen test data
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3920)
2017-07-19 14:02:20 +01:00
Dr. Stephen Henson
1f0fc03b8a Add keygen test to evp_test
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3920)
2017-07-19 14:02:20 +01:00
Rich Salz
12fb8c3d2d Add DRBG random method
Ported from the last FIPS release, with DUAL_EC and SHA1 and the
self-tests removed.  Since only AES-CTR is supported, other code
simplifications were done.  Removed the "entropy blocklen" concept.

Moved internal functions to new include/internal/rand.h.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3789)
2017-07-19 03:25:16 -04:00
Matt Caswell
e11b6aa4c9 Add a test for SSL_clear()
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3954)
2017-07-18 17:35:47 +01:00
Matt Caswell
6b84e6bf19 Add a test for early_data when an HRR occurs
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3933)
2017-07-18 16:51:58 +01:00
Pauli
20e237c025 Address Coverity issues.
This patch addresses the use of uninitialised data raised in Coverity
issues 1414881 and 1414882.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3929)
2017-07-17 06:59:45 +10:00
Richard Levitte
74df8c4ce3 testutil: stanza files are text files, open them as such
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3939)
2017-07-15 19:11:31 +02:00
Richard Levitte
4c0669dc6f test/recipes/90-test_store.t: Add a few cases with files starting with 'file:'
These cases are performed on Linux only.  They check that files with
names starting with 'file:' can be processed as well.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3907)
2017-07-15 18:53:07 +02:00
Richard Levitte
346bf1a238 test/recipes/90-test_store.t: Test absolute files
We haven't tested plain absolute paths without making them URIs...

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3907)
2017-07-15 18:53:07 +02:00
Richard Levitte
94437cebc4 test/recipes/90-test_store.t: Rename some functions
to_rel_file_uri really treated all files appropriately, absolute and
relative alike, and really just constructs a URI, so gets renamed to
to_file_uri

to_file_uri, on the other hand, forces the path into an absolute one,
so gets renamed to to_abs_file_uri

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3907)
2017-07-15 18:53:07 +02:00
Pauli
9ee27200c9 Remove trailing blanks.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3918)
2017-07-14 07:36:26 +10:00
Pauli
c2500f658b Test cleaning and modernisation
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3917)
2017-07-14 07:35:17 +10:00
Pauli
9e206ce5f8 Fix some issues raise by coverity in the tests.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3846)
2017-07-14 07:31:29 +10:00
Dr. Stephen Henson
d72a00416a Add sanity test for certificate table
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3858)
2017-07-13 12:38:42 +01:00
Dr. Stephen Henson
50a3a1f04b Add additional ECDSA/Ed25519 selection tests.
Add two tests with ECDSA+SHA256 preferred over Ed25519, the second also
excludes P-256 from the supported curves extension which will force the
use of Ed25519 in TLS 1.2, but not TLS 1.3: this would fail before the
certificate table updates.

Add TLS 1.3 test also with P-256 exclude from the groups extension: this
should have no effect as the groups extension is not used for signature
selection in TLS 1.3

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3858)
2017-07-13 12:38:42 +01:00
Matt Caswell
e3c0d76bc7 Do not allow non-dhe kex_modes by default
Allow that mode to be configured if desired.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3833)
2017-07-07 16:08:05 +01:00
Matt Caswell
5a6ff161cc Update the test/session.pem to have a tick_nonce value
Otherwise the ClientHello test fails

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3852)
2017-07-07 15:02:09 +01:00
Matt Caswell
a19ae67d8d Update tls13_hkdf_expand() to take the length of the data
In most scenarios the length of the input data is the hashsize, or 0 if
the data is NULL. However with the new ticket_nonce changes the length can
be different.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3852)
2017-07-07 15:02:09 +01:00
Matt Caswell
de2f409ef9 The correct key length for a TLSv1.3 SHA384 ciphersuite is 48
Our test was using 32. The latest ticket nonce changes now validate this
value and so sslapitest was failing.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3852)
2017-07-07 15:02:09 +01:00
Richard Levitte
4549ed12ec test/run_tests.pl: Make sure to exit with a code that's understood universally
TAP::Parser::Aggregator::has_errors may return any number, not just 0
and 1.  With Perl on VMS, any number from 2 and on is interpreted as a
VMS status, the 3 lower bits are the encoded severity (1 = SUCCESS,
for example), so depending on what has_errors returns, a test failure
might be interpreted as a success.  Therefore, it's better to make
sure the exit code is 0 or 1, nothing else (they are special on VMS,
and mean SUCCESS or FAILURE, to match Unix conventions).

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3880)
2017-07-07 11:31:03 +02:00
Richard Levitte
bfa3480f76 test/recipes/90-test_shlibload.t: Make sure to handle library renames
VMS renames our libraries to fit VMS conventions.  This must be accounted
for when we want to load them.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3880)
2017-07-07 11:31:03 +02:00
Pauli
efc21a513f Fix compiler warnings
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3839)
2017-07-05 13:40:23 +10:00
Pauli
ff281ee836 Remove the TEST_check macro.
This macro aborted the process which stopped any later tests from running.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3838)
2017-07-05 07:56:22 +10:00
Rich Salz
5ecff87d66 BN_pseudo_rand is really BN_rand
And BN_pseudo_rand_range is really BN_rand_range.
Document that we might deprecate those functions.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3743)
2017-07-03 19:26:56 -04:00
Richard Levitte
48feaceb53 Remove the possibility to disable the UI module entirely
Instead, make it possible to disable the console reader that's part of
the UI module.  This makes it possible to use the UI API and other UI
methods in environments where the console reader isn't useful.

To disable the console reader, configure with 'no-ui-console' /
'disable-ui-console'.

'no-ui' / 'disable-ui' is now an alias for  'no-ui-console' /
'disable-ui-console'.

Fixes #3806

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3820)
2017-07-03 07:51:04 +02:00
Rich Salz
624265c60e Cleanup some copyright stuff
Remove some incorrect copyright references.
Move copyright to standard place
Add OpenSSL copyright where missing.
Remove copyrighted file that we don't use any more
Remove Itanium assembler for RC4 and MD5 (assembler versions of old and
weak algorithms for an old chip)
Standardize apps/rehash copyright comment; approved by Timo
Put dual-copyright notice on mkcert

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3691)
2017-06-30 21:56:44 -04:00
Dr. Stephen Henson
1297ef9928 Fix build with no-threads no-ec
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3817)
2017-06-30 19:55:47 +01:00
Richard Levitte
2fad1dd26a STORE test recipe: Remove comment refering to OpenConnect
These tests were inspired by OpenConnect and incorporated
by permission of David Woodhouse under CLA

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:32 +02:00
Richard Levitte
d32e10d6fa Test that storeutl with a directory path works as expected
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:32 +02:00
Richard Levitte
6d737ea09b STORE tests: add PKCS#12 tests
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:31 +02:00
Richard Levitte
e1613d9f25 Add a test that checks the store utility
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:31 +02:00
Matt Caswell
a599574be1 Updates following review of SSL_export_key_material() changes
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3782)
2017-06-29 10:15:50 +01:00
Matt Caswell
2197d1dfbe Add an SSL_export_keying_material() test
There aren't any test vectors for this, so all we do is test that both
sides of the communication create the same result for different protocol
versions.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3782)
2017-06-29 10:15:50 +01:00
Richard Levitte
3668721d3a Add dependency on apps/progs.h for test/uitest.o
uitest.o depends on apps.h which depends on progs.h, which is
dynamically generated, so we need to explicitely add a dependency
between uitest.o and progs.h for the latter to be generated in time.

Fixed #3793

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3794)
2017-06-28 14:41:05 +02:00
Richard Levitte
a2755b1695 test/uitest.c's pem_password_cb returned 1 instead of the password length
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3791)
2017-06-28 14:24:28 +02:00
Rich Salz
f367ac2b26 Use randomness not entropy
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3773)
2017-06-27 12:14:49 -04:00
Paul Yang
9e1d5e8dff Fix return value checking for BIO_sock_init
BIO_sock_init returns '-1' on error, not '0', so it's needed to check
explicitly istead of using '!'.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3766)
2017-06-26 15:19:12 +02:00
Benjamin Kaduk
b996766aa8 Fix no-dsa build again
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3762)
2017-06-24 21:46:36 -05:00
Benjamin Kaduk
05594f4af3 Add tests for deprecated sigalgs with TLS 1.3 ClientHellos
Test for each of DSA, SHA1, and SHA224.

Use the symbolic names for SignatureScheme comparisons just added.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3326)
2017-06-24 19:25:43 -05:00
Benjamin Kaduk
818137766e Fix no-dsa build
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3326)
2017-06-24 19:25:43 -05:00
Matt Caswell
1e55873f25 Fix a memory leak in the new TAP filter BIO
[extended tests]

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3760)
2017-06-23 20:30:27 +01:00
Matt Caswell
e3908501ca Fix the constant time 64 test
We were adding more tests than we had data for due to use of
sizeof instead of OSSL_NELEM. I also changed the 8 bit tests
for consistency, although they were already working.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3755)
2017-06-23 17:22:38 +01:00
Pauli
019e47ce56 Remove uses of the TEST_check macro.
This macro aborts the test which prevents later tests from executing.  It also
bypasses the test framework output functionality.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3750)
2017-06-23 07:41:01 +10:00
Pauli
a69de3f201 TAP line filter BIO.
This is an implementation of a BIO filter that produce TAP compatible output
for the test framework.  The current test indentation level is honoured.

The test output functions have been modified to not attempt to indent
their output and to not include the leading '#' character.

The filter is applied to bio_err only.  bio_out is left unchanged, although
tests using bio_out have been modified to use bio_err instead.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3732)
2017-06-22 09:35:08 +10:00
Matt Caswell
72257204bd PSK related tweaks based on review feedback
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)
2017-06-21 14:45:36 +01:00
Matt Caswell
ca8c71ba35 Add some tests for the new TLSv1.3 PSK code
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)
2017-06-21 14:45:36 +01:00
Rich Salz
2556aec5d0 Add ecstress test
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3720)
2017-06-21 09:24:01 -04:00
Rich Salz
9018f3ce0f Add constant-time 64
Standardize comments.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3727)
2017-06-21 09:19:42 -04:00
Dr. Stephen Henson
29b0cab017 Update test config file
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3585)
2017-06-21 14:11:01 +01:00
Dr. Stephen Henson
fbe1af9dfe Add Ed25519 TLS 1.3 and 1.2 tests
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3585)
2017-06-21 14:11:01 +01:00
Dr. Stephen Henson
60bbed3ff6 Add Ed25519 EE certificates
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3585)
2017-06-21 14:11:01 +01:00
Dr. Stephen Henson
bc88fc7928 Ed25519 support for mkcert.sh
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3585)
2017-06-21 14:11:01 +01:00
Rich Salz
c80149d9f0 Merge Nokia copyright notice into standard
This is done with the kind permission of Nokia.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3722)
2017-06-21 08:59:18 -04:00
Pauli
bff951eeb1 Remove OSSLzu macros and use %zu in the test framework (via BIO_printf).
Convert the debug prints in dtls_mtu_test.c to use the framework.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3730)
2017-06-21 08:33:47 -04:00
Rich Salz
aa8f3d76fc Modify Sun copyright to follow OpenSSL style
Approved by Oracle.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3585)
2017-06-20 11:13:45 -04:00
Pauli
4f58c6b9fe Address style issues.
Refactor count -> c which makes the for loop more readable.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3710)
2017-06-19 22:37:16 -04:00
Pauli
a7b68c5b24 Address double error and OSSLzu comments.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3710)
2017-06-19 22:37:16 -04:00
Pauli
6e5e196748 Put error output back.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3710)
2017-06-19 22:37:16 -04:00
Pauli
8fe3127cda Update tests to avoid printf to stdout/stderr when running as test cases.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3710)
2017-06-19 22:37:16 -04:00
Pauli
9b579777c5 Fix preprocessor indentation.
Rework main() to be in the style of the other conditional tests.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3711)
2017-06-19 08:28:04 -04:00
Richard Levitte
7b4d323092 Fix va_list processing in test_note()
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3704)
2017-06-17 15:52:41 +02:00
Pauli
3791646202 Add output routines to allow consistent formatting of memory, strings
and bignums.  These have been refactored into their own file, along with
their error displays.  The formatting follows the output format used
on error, except that bignums of sixty four bits or less are displayed
in a more compact one line form.

Added a TEST_note function for producing output without file and line
information.

Update the three tests that call BN_print so they use the new test
infrastructure instead.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3655)
2017-06-16 16:15:31 -04:00
Bernd Edlinger
5511101ad8 Add a missing break in test/shlibloadtest.c
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3661)
2017-06-16 16:11:06 -04:00
Matt Caswell
3b0e88d3bd Add comments to test_ciphersuite_change()
Make it clear that we are pausing one of the connections and then
restarting it again.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3623)
2017-06-16 10:57:59 +01:00
Matt Caswell
0de6d66d36 Move ciphersuite selection before session resumption in TLSv1.3
This does things as per the recommendation in the TLSv1.3 spec. It also
means that the server will always choose its preferred ciphersuite.
Previously the server would only select ciphersuites compatible with the
session.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3623)
2017-06-16 10:57:59 +01:00
Matt Caswell
ca0413ae14 Add a test for a server changing the ciphersuite
Test that if a server selects a differenct ciphersuite with the same hash
in TLSv1.3 then this is accepted by the client.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3623)
2017-06-16 10:57:59 +01:00
Benjamin Kaduk
1316c9ffab Fix no-ec
Also remove nested OPENSSL_NO_EC conditional; it was properly indented,
but a no-op.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3693)
2017-06-15 17:02:45 -04:00
Richard Levitte
6a74806ed7 Build apps/progs.h dynamically
Because apps/progs.h isn't configuration agnostic, it's not at all
suited for 'make update' or being versioned, so change it to be
dynamically generated.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3688)
2017-06-15 19:49:21 +02:00
Richard Levitte
c537e74ba3 Move bn and evp test programs input data to their respective data dir
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3472)
2017-06-15 19:46:24 +02:00
Pauli
5aba2b6e88 Correct Oracle copyrights & clarify.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3684)
2017-06-15 15:50:50 +10:00
Benjamin Kaduk
8ea404fb3a Add sslapitest for SSL_early_get1_extensions_present()
Call it from the early callback used for testing these functions, and verify
the expected contents of the ClientHello

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2976)
2017-06-12 09:31:48 +01:00
Benjamin Kaduk
0e1e4045c4 TLS 1.3 client sigalgs test no longer needs TLS 1.2
Per the TODO comment, we now have proper certificate selection for
TLS 1.3 client certificates, so this test can move into its own
block.  (It cannot merge with the previous block, as it requires EC.)

Verified that the test passes when configured with enable-tls1_3
no-tls1 no-tls1_1 no-tls1_2.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3131)
2017-06-12 09:19:05 +01:00
Rich Salz
04e62715db Introduce ASN1_TIME_set_string_X509 API
Make funcs to deal with non-null-term'd string
in both asn1_generalizedtime_to_tm() and asn1_utctime_to_tm().

Fixes issue #3444.

This one is used to enforce strict format (RFC 5280) check and to
convert GeneralizedTime to UTCTime.

apps/ca has been changed to use the new API.

Test cases and documentation are updated/added

Signed-off-by: Paul Yang <paulyang.inf@gmail.com>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3566)
2017-06-11 16:36:07 -04:00
Benjamin Kaduk
62b0a0dea6 Fix memory leaks in CTLOG_new_from_base64
Move the call to ct_base64_decode(), which allocates, until after
the check for NULL output parameter.

Also place a cap on the number of padding characters used to decrement
the output length -- any more than two '='s is not permitted in a
well-formed base64 text.  Prior to this change, ct_base64_decode() would
return a length of -1 along with allocated storage for an input of
"====".

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3379)
2017-06-09 13:32:29 -04:00
Paul Yang
bd91e3c870 Fix a bundle of trailing spaces in several files
Signed-off-by: Paul Yang <paulyang.inf@gmail.com>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3622)
2017-06-09 12:04:10 -04:00
Todd Short
db0f35dda1 Fix #2400 Add NO_RENEGOTIATE option
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3432)
2017-06-06 22:39:41 +01:00
Todd Short
84344efa7a Handle the server refusing to reneg in a reneg_setup
During setup of a reneg test the server can refuse to start reneg.
If that happens we should let the client continue and then fail.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3432)
2017-06-06 22:39:41 +01:00
Paul Yang
1efd98f95d Fix coding style
Signed-off-by: Paul Yang <paulyang.inf@gmail.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3614)
2017-06-06 17:51:54 +01:00
Paul Yang
e514ff0f73 Set local variable to 0 to avoid build error
Signed-off-by: Paul Yang <paulyang.inf@gmail.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3614)
2017-06-06 17:50:06 +01:00
Paul Yang
6d2523e037 Add test cases for X509_check_private_key
To test X509_check_private_key and relatives.

Add a CSR and corresponding RSA private key to test
X509_REQ_check_private_key function.

Signed-off-by: Paul Yang <paulyang.inf@gmail.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3614)
2017-06-06 17:50:06 +01:00
Rich Salz
ae269dd8b7 Use common STANZA for bn and exp tests
Standardize file:line messages
Reduce buff size; move to end of STANZA
Add some Title entries (with blank line after)
Add Title to some BN test files.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3608)
2017-06-05 13:41:30 -04:00
Todd Short
1ee2125922 Fix ex_data and session_dup issues
Code was added in commit b3c31a65 that overwrote the last ex_data value
using CRYPTO_dup_ex_data() causing a memory leak, and potentially
confusing the ex_data dup() callback.

In ssl_session_dup(), fix error handling (properly reference and up-ref
shared data) and new-up the ex_data before calling CRYPTO_dup_ex_data();
all other structures that dup ex_data have the destination ex_data new'd
before the dup.

Fix up some of the ex_data documentation.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3323)
2017-06-02 12:11:38 -04:00
Dr. Stephen Henson
978b700bf9 no-ec fix
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3503)
2017-05-30 20:38:20 +01:00
Dr. Stephen Henson
4328dd4158 Add Ed25519 verify test.
Add Ed25519 certificate verify test using certificate from
draft-ietf-curdle-pkix-04 and custom generated root certificate.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3503)
2017-05-30 20:38:20 +01:00
Dr. Stephen Henson
1e8c4a9b7a Add RFC8032 tests and additional cases
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3503)
2017-05-30 20:38:20 +01:00
Thijs Wenker
3bbecb0e93 Fix certificate version number in test
The version number 3 means version 4, while 2 means version 3. Since this is the v3nametest, version 3 should be used.

CLA: Trivial

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3577)
2017-05-29 16:35:43 +02:00
Rainer Jung
418bb7b31b Fix use of "can_load()" in run_tests.pl.
CLA: Trivial

Fixes #3563.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3564)
2017-05-26 11:25:07 +02:00
Andy Polyakov
e3d378bcf1 test/evp_test.c: improve output in case of errors.
Recently introduced TEST_* macros print variables' symbolic names.
In order to make error output more readable rename some variables.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-05-26 11:01:50 +02:00
Matt Caswell
10a1ec4833 Fix BoringSSL alert related test failures
Commit bd990e2535 changed our handling of alerts. Some of the BoringSSl
tests were expecting specific errors to be created if bad alerts were sent.
Those errors have now changed as a result of that commit, so the BoringSSL
test config needs to be updated to match.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3549)
2017-05-25 15:38:22 +01:00
Rich Salz
dd5918775a Fix va_arg all in test_error_c90
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3506)
2017-05-23 11:33:24 -04:00
Rich Salz
c49e0b0415 Revise evp_test parser; make like bn_test
Re-order and comment on the functions

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3506)
2017-05-23 11:33:11 -04:00
Rich Salz
5a7bc0be97 Add titles to groups of EVP tests
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3529)
2017-05-23 11:21:25 -04:00
Rich Salz
281313e511 Fix line numbering for errors.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3528)
2017-05-23 11:07:51 -04:00
Pauli
7ac5b84ea7 Reformat the string output to be more in line with the decisions made in #3465
Don't highlight excess when comparing unequal length strings.

Clean up the NULL / empty string display.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3514)
2017-05-22 08:41:05 -04:00
Pauli
3216f9605c Bring the memory output inline with the suggestions in #3465.
Excess bytes, when one block is longer than the other, are not explicitly
highlighted.

The NULL / zero length block output has been cleaned up.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3515)
2017-05-22 08:30:57 -04:00
Alex Gaynor
2b10cb5c0e Fixed merge nonsense
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3149)
2017-05-22 08:03:22 -04:00
Alex Gaynor
b1a3030e37 Newlines!
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3149)
2017-05-22 08:03:22 -04:00
Alex Gaynor
c9cf4bc815 Update the test to assert that the SCT is from an X.509 extension
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3149)
2017-05-22 08:03:22 -04:00
Todd Short
fee423bb68 Fix the mem_sec "small arena"
Fix the small arena test to just check for the symptom of the infinite
loop (i.e. initialized set on failure), rather than the actual infinite
loop. This avoids some valgrind errors.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3512)
2017-05-22 11:06:35 +02:00
Andy Polyakov
a486561b69 test/secmemtest.c: clarify limitations for huge secure memory arena test.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-05-22 11:05:30 +02:00
Andy Polyakov
c80bbcbf99 test/run_tests.pl: don't mask test failures.
Switch to TAP::Harness inadvertently masked test failures.
Test::Harness::runtests was terminating with non-zero exit code in case
of failure[s], while TAP::Harness apparently holds caller responsible
for doing so.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-05-21 11:34:01 +02:00
Andy Polyakov
e2c1aa1ba3 test/test_test.c: fix wrong BN test [and rearrange tests a little bit].
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3502)
2017-05-20 21:05:46 -04:00
Todd Short
c8e89d58a5 Tweak sec_mem tests
Remove assertion when mmap() fails.
Only run the 1<<31 limit test on Linux

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3455)
2017-05-20 20:54:04 -04:00
Dr. Stephen Henson
2117a737f3 move comments to same line as fields
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3500)
2017-05-20 02:53:22 +01:00
Dr. Stephen Henson
f513a8a014 Add test data for EVP_DigestSign/EVP_DigestVerify tests.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3500)
2017-05-20 02:53:22 +01:00
Dr. Stephen Henson
7b22334f3a Add test support for "oneshot" versions EVP_DigestSign, EVP_DigestVerify.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3500)
2017-05-20 02:53:22 +01:00
Dr. Stephen Henson
75726fe87e Add tests in evp_test for EVP_Digest{Sign,Verify}{Init,Update,Final}
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3500)
2017-05-20 02:53:22 +01:00
Dr. Stephen Henson
a0a760ccf0 remove duplicate tests
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3451)
2017-05-19 21:02:24 +01:00
Dr. Stephen Henson
1bb6b50d4c Add tests
Import test data from sha1test.c, sha256t.c and sha512t.c which is
from RFC6234 section 8.5

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3451)
2017-05-19 21:02:24 +01:00
Dr. Stephen Henson
c3fc7d9ac5 Add support for multiple update calls in evp_test
Allow multiple "Input" lines to call the update function multiple times.
Add "Ncopy" keyword to copy the input buffer. So for example:

Input = "a"
Ncopy = 1024

Will create a buffer consisting of 1024 "a" characters.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3451)
2017-05-19 21:02:24 +01:00
Pauli
ffbaf06ade Reformat the output of BIGNUMS where test cases fail.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3465)
2017-05-19 13:24:50 +02:00
Todd Short
de34966b7c Fix compile error/warning in packettest.c
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3416)
2017-05-17 12:43:56 -04:00
Matt Caswell
964f278890 Add a test for a missing sig algs extension
Check that a missing sig algs extension succeeds if we are resuming.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3478)
2017-05-17 15:33:42 +01:00
Matt Caswell
56c2a6d783 Add tests for unsolicited extensions
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3418)
2017-05-17 15:23:49 +01:00
Matt Caswell
bd990e2535 Don't allow fragmented alerts
An alert message is 2 bytes long. In theory it is permissible in SSLv3 -
TLSv1.2 to fragment such alerts across multiple records (some of which
could be empty). In practice it make no sense to send an empty alert
record, or to fragment one. TLSv1.3 prohibts this altogether and other
libraries (BoringSSL, NSS) do not support this at all. Supporting it adds
significant complexity to the record layer, and its removal is unlikely
to cause inter-operability issues.

The DTLS code for this never worked anyway and it is not supported at a
protocol level for DTLS. Similarly fragmented DTLS handshake records only
work at a protocol level where at least the handshake message header
exists within the record. DTLS code existed for trying to handle fragmented
handshake records smaller than this size. This code didn't work either so
has also been removed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3476)
2017-05-17 10:40:04 +01:00
Rich Salz
e1cfd184da Use BIO not FILE for test file
Allow multiple file arguments.
Split bntests.txt into separate files.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3471)
2017-05-15 20:39:15 -04:00
Pauli
5584fd7f3d Randomise the ordering of the C unit tests.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3393)
2017-05-15 14:47:51 +02:00
Rich Salz
e0011aa831 Review feedback; use single main, #ifdef ADD_TEST
Suppose OPENSSL_USE_NODELETE (via Nick Reilly)

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3399)
2017-05-12 14:30:08 -04:00
Rich Salz
bdd07c78a0 Convert shlibloadtest to new framework
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3399)
2017-05-12 14:30:08 -04:00
Rich Salz
1d0f116e47 Add "Title" directive to evp_test
Reviewed-by: Stephen Henson <steve@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3454)
2017-05-12 14:20:01 -04:00
Rich Salz
33242d9d79 Use scalar, not length; fixes test_evp
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3452)
2017-05-11 20:42:32 -04:00
Rich Salz
07fbdfe94d Rename evptests.txt to evppkey.txt
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3443)
2017-05-11 16:55:35 -04:00
Rich Salz
6b7b34330b Split test/evptests.txt into separate files.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3443)
2017-05-11 16:55:35 -04:00
Todd Short
7031ddac94 Fix infinite loops in secure memory allocation.
Issue 1:

sh.bittable_size is a size_t but i is and int, which can result in
freelist == -1 if sh.bittable_size exceeds an int.

This seems to result in an OPENSSL_assert due to invalid allocation
size, so maybe that is "ok."

Worse, if sh.bittable_size is exactly 1<<31, then this becomes an
infinite loop (because 1<<31 is a negative int, so it can be shifted
right forever and sticks at -1).

Issue 2:

CRYPTO_secure_malloc_init() sets secure_mem_initialized=1 even when
sh_init() returns 0.

If sh_init() fails, we end up with secure_mem_initialized=1 but
sh.minsize=0. If you then call secure_malloc(), which then calls,
sh_malloc(), this then enters an infite loop since 0 << anything will
never be larger than size.

Issue 3:

That same sh_malloc loop will loop forever for a size greater
than size_t/2 because i will proceed (assuming sh.minsize=16):
i=16, 32, 64, ..., size_t/8, size_t/4, size_t/2, 0, 0, 0, 0, ....
This sequence will never be larger than "size".

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3449)
2017-05-11 22:35:21 +02:00
Richard Levitte
0b10da806a testutil: Fix non-standard subtest output
In some cases, testutil outputs subtests like this:

    1..6 # Subtest: progname

The standard set by Test::More (because there really is no actual
standard yet) gives this display:

    # Subtest: progname
    1..6

Until the standard is actually agreed upon, let's do it like
Test::More.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3446)
2017-05-11 20:42:01 +02:00
Richard Levitte
46fcbf77bc evp_test: use the test file name as the test title
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3445)
2017-05-11 20:40:23 +02:00
Richard Levitte
b73c5e054a testutil: add the possibility to set the current test title
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3445)
2017-05-11 20:40:23 +02:00
Bernd Edlinger
018fcbec38 Fix gcc-7 warnings.
- Mostly missing fall thru comments
- And uninitialized value used in sslapitest.c

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3440)
2017-05-11 19:39:38 +02:00
Rich Salz
7193f8723e Use compare_mem wrapper
Add file/line# to test error message.
Also remove expected/got fields since TEST structure prints them.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3324)
2017-05-11 11:28:29 -04:00
Rich Salz
412486070f Address some feedback
Report test detail error.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3324)
2017-05-11 11:28:29 -04:00
Rich Salz
6c5943c9f6 Convert of evp_test to framework
Also, allow multiple files on commandline (for future splitup of
evptests.txt)

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3324)
2017-05-11 11:28:29 -04:00
Richard Levitte
4f2a569535 Clarify that a test failed
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3423)
2017-05-11 10:26:46 +02:00
Pauli
bb616fabd4 Add a descriptive header to diff output from failed tests.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3433)
2017-05-11 10:24:38 +02:00
Matt Caswell
bb01ef3f4a Add a test for SNI in conjunction with custom extensions
Test that custom extensions still work even after a change in SSL_CTX due
to SNI. See #2180.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3425)
2017-05-10 16:49:00 +01:00
Richard Levitte
76e0d0b21c Prefer TAP::Harness over Test::Harness
TAP:Harness came along in perl 5.10.1, and since we claim to support
perl 5.10.0 in configuration and testing, we can only load it
conditionally.

The main reason to use TAP::Harness rather than Test::Harness is its
capability to merge stdout and stderr output from the test recipes,
which Test::Harness can't.  The merge gives much more comprehensible
output when testing verbosely.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3424)
2017-05-10 12:58:36 +02:00
Pauli
03d8e9cb43 Add test_test tests for bignums.
Add relative tests for bignums.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3405)
2017-05-09 21:30:29 +02:00
Pauli
dc352c1937 Add BN support to the test infrastructure.
This includes support for:

- comparisions between pairs of BIGNUMs
- comparisions between BIGNUMs and zero
- equality comparison between BIGNUMs and one
- equality comparisons between BIGNUMs and constants
- parity checks for BIGNUMs

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3405)
2017-05-09 21:30:29 +02:00
Matt Caswell
5e3766e2f1 Add test for no change following an HRR
Verify that we fail if we receive an HRR but no change will result in
ClientHello2.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3414)
2017-05-09 17:23:58 +01:00
Matt Caswell
c96ec6f804 More TLSv1.3 cookie tests
Test sending a cookie without a key_share

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3414)
2017-05-09 17:23:58 +01:00
Matt Caswell
ad448b21f8 Fix some copy&paste errors and update following review feedback
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3410)
2017-05-09 17:02:48 +01:00
Matt Caswell
db48a903b3 Add some badly formatted compression methods tests
Test that sending a non NULL compression method fails in TLSv1.3 as well
as other similar tests.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3410)
2017-05-09 17:02:48 +01:00
Benjamin Kaduk
fa3ed5b2c2 Add unit test for PEM_FLAG_ONLY_B64
Get some trivial test coverage that this flag does what it claims to.

[extended tests]

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1700)
2017-05-08 21:20:32 +02:00
Matt Caswell
de65f7b93a Add a test for supported_groups in the EE message
Check we send supported_groups in EE if there is a group we prefer instead
of the one sent in the key_share.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3395)
2017-05-08 11:09:02 +01:00
Richard Levitte
218712ffdd test/recipes/95-test_*.t : correct skip_all syntax
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3400)
2017-05-06 10:29:16 +02:00
Richard Levitte
b83ace3162 Rearrange test/recipes/95-test_*.t to use skip_all
The conditions to skip these recipes entirely don't show in a
non-verbose test harness output.  We prefer to know, so use skip_all,
as it is a little bit more verbose.

[extended tests]

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3398)
2017-05-05 23:10:41 +02:00
Pauli
2db85ac97a Conversion of the EC tests to use the framework.
Some refactoring done as well.

The prime_field_tests() function needs splitting and refactoring still.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3340)
2017-05-05 19:32:34 +02:00
Rich Salz
292247ea04 Fix tests of TEST tests, as it were
Fix warning/bug in rc5test
Remove useless/warning-only test from dsatest.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3387)
2017-05-04 12:08:48 -04:00
Pauli
516decaef3 Test framework output improvement.
Format the test failure output more nicely.

More vertical space is used to make things a little clearer.  Tests are expected
to pass so this doesn't impact the normal case.

Strings and memory comparisons highlight differences.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3357)
2017-05-04 17:20:54 +02:00
Richard Levitte
7104351cd9 test/exptest.c: stop marking progress with a period
Because we now have TAP output for every mod_exp round, there's no
more need to mark the round with outputting a period.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3380)
2017-05-04 17:15:29 +02:00
Matt Caswell
16afd71c1d Add a test for loading serverinfo data from memory
The previous commit fixed a bug which occurs when serverinfo is loaded
from memory (not from a file). This adds a test for loading serverinfo
from memory.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3382)
2017-05-04 16:02:08 +01:00
Matt Caswell
de6ac50ddc Fix an uninit read in igetest
Introduced by commit 0e534337b

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2284)
2017-05-04 15:43:25 +01:00
Matt Caswell
1f6359db72 Update tls13secretstest test vectors for TLSv1.3 draft-20
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3371)
2017-05-03 17:23:02 +01:00
Matt Caswell
c3a48c7b1d Add a test for CT in TLSv1.3
This also tests the SERVERINFO2 file format.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3298)
2017-05-03 14:37:42 +01:00
Matt Caswell
b878afae4b Add a SERVERINFOV2 format test file
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3298)
2017-05-03 14:37:42 +01:00
Marek Klein
f0ef20bf38 Added support for ESSCertIDv2
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/771)
2017-05-03 09:04:23 +02:00
Pauli
0e534337b2 Update igetest to use the test framework.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3210)
2017-05-03 09:00:34 +10:00
Rich Salz
1f9d203dac Convert danetest, ssl_test_ctx_test
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3256)
2017-05-02 08:32:26 -04:00
Todd Short
c649d10d3f TLS1.3 Padding
Add padding callback for application control
Standard block_size callback
Documentation and tests included
Configuration file/s_client/s_srver option

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3130)
2017-05-02 09:44:43 +01:00
Todd Short
20ee2bf138 Fix time offset calculation.
ASN1_GENERALIZEDTIME and ASN1_UTCTIME may be specified using offsets,
even though that's not supported within certificates.

To convert the offset time back to GMT, the offsets are supposed to be
subtracted, not added. e.g. 1759-0500 == 2359+0100 == 2259Z.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2654)
2017-05-02 10:38:54 +02:00
Rich Salz
ee6b68ce4c Fix a stack smash
It occurs when memory compares are made that are larger
than the on stack temporary buffers (either malloced or supplied).

Rework the test test so it doesn't use a macro with a branch.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3155)
2017-05-01 14:38:49 -04:00
Benjamin Kaduk
f44903a428 Address some -Wold-style-declaration warnings
gcc's -Wextra pulls in -Wold-style-declaration, which triggers when a
declaration has a storage-class specifier as a non-initial qualifier.
The ISO C formal grammar requires the storage-class to be the first
component of the declaration, if present.

Seeint as the register storage-class specifier does not really have any effect
anymore with modern compilers, remove it entirely while we're here, instead of
fixing up the order.

Interestingly, the gcc devteam warnings do not pull in -Wextra, though
the clang ones do.

[extended tests]

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3239)
2017-05-01 14:23:28 -04:00
Andy Polyakov
1ff86c5efa test/asn1_encode_test.c: test "next negative minimum" corner case.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-04-30 15:18:47 +02:00
Rich Salz
9a837f220a Ensure blank lines between tests.
Also add a comment describing the file format.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3337)
2017-04-28 10:09:39 -04:00
Pauli
f5a140f7e9 Refactor crltest.c to separate the test cases into individual functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3327)
2017-04-28 16:03:35 +02:00
Richard Levitte
0918b94c9c testutil: Remove test_puts_std{out,err}, they are superfluous
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3345)
2017-04-28 15:59:46 +02:00
Richard Levitte
68e49bf223 testutil: Add OpenSSL error stack printing wrapper TEST_openssl_errors
Also added a internal error printing callback to be used both with
ERR_print_errors_cb() and with CRYPTO_mem_leaks_cb

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3345)
2017-04-28 15:59:46 +02:00
Richard Levitte
603ddbdb75 testutil: Add commodity printing functions test_printf_std{out,err}
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3345)
2017-04-28 15:59:46 +02:00
Richard Levitte
c5657cb710 testutil: make subtest_level() internal
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3345)
2017-04-28 15:59:46 +02:00
Richard Levitte
579d0fabcd testutil: Move printing function declarations to "internal" header
These functions aren't meant to be used directly by the test programs,
reflect that by making the declarations a little harder to reach, but
still available enough if there's a need to override them.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3345)
2017-04-28 15:59:46 +02:00
Bernd Edlinger
8f3f9623a4 Fix a pedantic gcc-7 warning.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3328)
2017-04-28 15:04:08 +02:00
Matt Caswell
11ba87f2ff Ensure s_client sends an SNI extension by default
Enforcement of an SNI extension in the initial ClientHello is becoming
increasingly common (e.g. see GitHub issue #2580). This commit changes
s_client so that it adds SNI be default, unless explicitly told not to via
the new "-noservername" option.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2614)
2017-04-27 11:43:55 +01:00
Rich Salz
cf10df81e1 Fix ISO C function/object pointer issue
Showed up on GCC with strict warnings.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3325)
2017-04-26 16:43:54 -04:00
Rich Salz
710756a9b3 Convert sslapitest to test framework
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3252)
2017-04-26 13:42:57 -04:00
Rich Salz
30bea14be6 Convert bntest to TEST_ framework
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3265)
2017-04-26 12:48:24 -04:00
Rich Salz
8ed9a26616 Convert dtls_mtu_test, dtlsv1listentest
Also converted most of ssltestlib but left the packet_dump output
as-is (for now).

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3257)
2017-04-26 12:20:44 -04:00
Dr. Stephen Henson
aa24cd1bfb Fix no-ec
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3321)
2017-04-26 17:12:23 +01:00
Rich Salz
b6e3250671 Fix unit-tests when no-srp configured
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3274)
2017-04-26 11:21:29 -04:00
Rich Salz
58e754fcb8 Convert modular exponentiation tests to new framework
Updated due to test framework changes
Updates after code review
Missed some checks

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3269)
2017-04-26 11:02:09 -04:00
Matt Caswell
975922fd0c Add tests for version/ciphersuite sanity checks
The previous commits added sanity checks for where the max enabled protocol
version does not have any configured ciphersuites. We should check that we
fail in those circumstances.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3316)
2017-04-26 14:31:00 +01:00
Matt Caswell
38a7315060 Add a ciphersuite config sanity check for servers
Ensure that there are ciphersuites enabled for the maximum supported
version we will accept in a ClientHello.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3316)
2017-04-26 14:31:00 +01:00
Matt Caswell
aafec89c63 Add a ciphersuite config sanity check for clients
Ensure that there are ciphersuites enabled for the maximum supported
version we are claiming in the ClientHello.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3316)
2017-04-26 14:31:00 +01:00
Rich Salz
d91b7423af evp_test.c: Add PrivPubKeyPair tests
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3245)
2017-04-25 21:00:48 -04:00
Andy Polyakov
dd05be5d78 test: don't make it more complicated than necessary.
Original rationale behind using write in testutil was to accommodate
no-stdio builds. But is there evidence that no-stdio users would have
write or pre-defined meaning for file descriptors 1 and 2? Correct
answer is to provide way for no-stdio users who want to exercise
tests to plug in own BIO, not to make assumption that they have write.
And since we don't have to make such assumption, we can as well go
for simplest that works with standard library as specified by C
language standard.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-04-25 23:26:51 +02:00
Dr. Stephen Henson
451a0c3dc8 Add PSS certificate signature tests
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3301)
2017-04-25 22:12:35 +01:00
Dr. Stephen Henson
9bf45ba4ca Add certificates with PSS signatures
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3301)
2017-04-25 22:12:34 +01:00
Richard Levitte
7531b3a6cd Tapify libtestutil a bit better
This includes better signals of skips and subtests according to TAP 12,
and flushing stdout and stderr at the end of every test function to
make sure we get the output in good order.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3309)
2017-04-25 21:13:26 +02:00
Richard Levitte
4114f8f0b6 Add include path '..' for libtestutil
Since it uses some of the apps/ stuff and some of them include e_os.h...

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3307)
2017-04-25 18:59:50 +02:00
Dmitry Belyavskiy
b5c4209be9 Switch command-line utils to new nameopt API.
The CA names should be printed according to user's decision
print_name instead of set of BIO_printf
dump_cert_text instead of set of BIO_printf
Testing cyrillic output of X509_CRL_print_ex
Write and use X509_CRL_print_ex
Reduce usage of X509_NAME_online
Using X509_REQ_print_ex instead of X509_REQ_print
Fix nameopt processing.
Make dump_cert_text nameopt-friendly
Move nameopt getter/setter to apps/apps.c

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3262)
2017-04-25 12:37:17 -04:00
Richard Levitte
d88ab353d3 Correct some badly formated preprocessor lines
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3304)
2017-04-25 15:44:48 +02:00
Richard Levitte
208d721a00 TAPify testutil
With the perl test framework comes the output format TAP
(Test Anything Protocol, see http://testanything.org/) with
extra extension for subtests.  This change extends that same
output format to any test program using testutil.

In this implementation, each test program is seen as a full test that
can be used as a subtest.  The perl framework passes on the subtest
level to the test programs with the environment variable
HARNESS_OSSL_LEVEL.  Furthermore, and series of tests added with
ADD_ALL_TESTS is regarded as another subtest level.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3296)
2017-04-25 15:43:04 +02:00
Matt Caswell
561f6f1ed2 Address review feedback for the SCTP changes
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3286)
2017-04-25 11:13:39 +01:00
Matt Caswell
ce466c96f0 Fix issue in 18-dtls-renegotiate.conf.in
Don't skip all tests if SCTP is disabled!

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3286)
2017-04-25 11:13:39 +01:00
Matt Caswell
0f5df0f103 Add SCTP testing for 04-client_auth.conf
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3286)
2017-04-25 11:13:39 +01:00
Matt Caswell
cf15600923 Add SCTP testing for 11-dtls_resumption.conf
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3286)
2017-04-25 11:13:39 +01:00
Matt Caswell
00da4f4dd9 Add SCTP testing to 07-dtls-protocol-version.conf
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3286)
2017-04-25 11:13:39 +01:00
Matt Caswell
4ef8a6b22b Add SCTP testing to 18-dtls-renegotiate.conf
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3286)
2017-04-25 11:13:39 +01:00
Matt Caswell
978b945b94 Add SCTP testing to 16-dtls-certstatus.conf
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3286)
2017-04-25 11:13:39 +01:00
Matt Caswell
83964ca0da Add support to test_ssl_new for testing with DTLS over SCTP
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3286)
2017-04-25 11:13:39 +01:00
Richard Levitte
f044cd05a1 Avoid using BIO streams in bioprinttest.c
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3243)
2017-04-24 18:09:01 +02:00
Richard Levitte
a9c6d22105 Adapt all test programs
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3243)
2017-04-24 18:09:01 +02:00
Richard Levitte
b3e5db40ec VMS: Make sure to include MAIN from static libraries if needed
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3243)
2017-04-24 18:09:01 +02:00
Richard Levitte
4db40c94c3 Refactor the test framework testutil
It's now built as a static library, and greatly simplified for test
programs, which no longer need to include test_main_custom.h or
test_main.h and link with the corresponding object files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3243)
2017-04-24 18:09:01 +02:00
Jon Spillett
dd94c37a5c Converted the bio_enc tests to use new test framework.
This includes reworked reworked tests to do both encrypt and decrypt,
and a few more ciphers added.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3197)
2017-04-24 17:14:19 +02:00
Adam Langley
6e64c56066 Small primes are primes too.
Previously, BN_is_prime_fasttest_ex, when doing trial-division, would
check whether the candidate is a multiple of a number of small primes
and, if so, reject it. However, three is a multiple of three yet is
still a prime number.

This change accepts small primes as prime when doing trial-division.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3264)
2017-04-20 16:10:10 -04:00
Rich Salz
c0452248ea Ignore dups in X509_STORE_add_*
X509_STORE_add_cert and X509_STORE_add_crl are changed to return
success if the object to be added was already found in the store, rather
than returning an error.

Raise errors if empty or malformed files are read when loading certificates
and CRLs.

Remove NULL checks and allow a segv to occur.
Add error handing for all calls to X509_STORE_add_c{ert|tl}

Refactor these two routines into one.

Bring the unit test for duplicate certificates up to date using the test
framework.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2830)
2017-04-20 15:33:42 -04:00
Rich Salz
623d1056de Convert hmactest to new test framework
Updated after code review, and fix indenting

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3175)
2017-04-20 14:00:52 -04:00