Commit graph

24309 commits

Author SHA1 Message Date
Richard Levitte
e4c0ec6278 Documentation: Add provider(7), for general description of providers
This includes an enumeration of the providers supplied with OpenSSL,
and what implementations they offer.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9409)
2019-07-22 16:42:19 +02:00
Rich Salz
a80278b071 Include deprecated SYS_F_xxx codes
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9072)
2019-07-22 16:24:56 +02:00
Rich Salz
46160e6fb9 Deprecate SYSerr, add new FUNCerr macro
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9072)
2019-07-22 16:24:56 +02:00
Rich Salz
56c3a135b2 Add ERR_put_func_error, and use it.
Change SYSerr to have the function name; remove SYS_F_xxx defines
Add a test and documentation.
Use get_last_socket_err, which removes some ifdef's in OpenSSL code.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9072)
2019-07-22 16:24:56 +02:00
Bernd Edlinger
1372560f64 Allocate DRBG additional data pool from non-secure memory
The additional data allocates 12K per DRBG instance in the
secure memory, which is not necessary. Also nonces are not
considered secret.

[extended tests]

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9423)
2019-07-22 13:37:13 +02:00
Dr. Matthias St. Pierre
a8f1aabd4b x509: publish X509_PUBKEY_dup
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9353)
2019-07-22 07:34:30 +02:00
Dr. Matthias St. Pierre
9b977675ad x509: add missing X509 dup functions
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9353)
2019-07-22 07:33:06 +02:00
Dr. Matthias St. Pierre
227d426554 x509: sort X509 dup functions alphabetically
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9353)
2019-07-22 07:33:06 +02:00
Richard Levitte
fa9faf0104 Add an internal API to access the KEYMGMT provider functions
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9312)
2019-07-22 06:19:43 +02:00
Richard Levitte
4cae07fef3 Add evp_keymgmt_clear_pkey_cache() and use it
This function clears the cache of provider key references, and is used
in evp_keymgmt_export_to_provider() when the internal key is dirty, as
well as by EVP_PKEY_free_it().

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9312)
2019-07-22 06:19:42 +02:00
Richard Levitte
d0ea49a820 Adapt int_ctx_new() to use with providers
This affects all its callers: EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id().
They are now possible to called with "zero" values, i.e.:

    EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(NULL, NULL);

or

    EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(0, NULL);

This is suitable for provider use, as the key functionality is tied
with its keys, and the operation time is determined by the init
functions the EVP_PKEY_CTX is used with.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9312)
2019-07-22 06:18:58 +02:00
Richard Levitte
70a1f7b4d7 Add evp_keymgmt_export_to_provider(), for key transfer between providers
This function is used to transport private key materia from whatever
is already attached to the EVP_PKEY to the new provider, using key
data export and import functionality.

If a legacy lower level key has been assigned to the EVP_PKEY, we use
its data to create a provider side key, and thereby have a bridge
between old style public key types and the EVP_PKEY on providers.

If successful, this function returns a reference to the appropriate
provider side data for the key.

This can be used by any operation that wants to use this key.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9312)
2019-07-22 06:18:58 +02:00
Richard Levitte
a94a3e0d91 Add basic EVP_KEYMGMT API and libcrypto <-> provider interface
The idea with the key management "operation" is to support the
following set of functionality:

- Key domain parameter generation
- Key domain parameter import
- Key domain parameter export

- Key generation
- Key import
- Key export
- Key loading (HSM / hidden key support)

With that set of function, we can support handling domain parameters
on one provider, key handling on another, and key usage on a third,
with transparent export / import of applicable data.  Of course, if a
provider doesn't offer export / import functionality, then all
operations surrounding a key must be performed with the same
provider.

This method also avoids having to do anything special with legacy
assignment of libcrypto key structures, i.e. EVP_PKEY_assign_RSA().
They will simply be used as keys to be exported from whenever they are
used with provider based operations.

This change only adds the EVP_KEYMGMT API and the libcrypto <->
provider interface.  Further changes will integrate them into existing
libcrypto functionality.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9312)
2019-07-22 06:17:38 +02:00
Pauli
7312ef3fc4 Add param builder free function.
This means include deallocation information in the return from
the ossl_param_bld_to_param function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9404)
2019-07-19 01:14:07 +10:00
Richard Levitte
38f6f99cdf Cygwin: enable the use of Dl_info and dladdr()
These weren't available in Cygwin at the time our DSO code was
written, but things have changed since.

Fixes #9385

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9402)
2019-07-21 11:06:22 +02:00
Richard Levitte
5800ba7610 test/enginetest.c: Make sure no config file is loaded
If a config file gets loaded, the tests get disturbed.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9393)
2019-07-19 20:18:34 +02:00
Richard Levitte
3cb45a5585 doc: fix some links
Some links are aged and need an adjustment.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9407)
2019-07-19 20:16:30 +02:00
Richard Levitte
f6800e37b7 util/find-doc-nits: fixups
- Treat .pod.in files as well, and parse out the base name for those
  too.
- Correct the detection of the description part in the NAME section
  (the separating dash MUST be preceeded with a space)
- Allow slahes in names of the NAME section (convert them to dashes
  for file name comparison).  This allows manual pages for some of our
  header files, such as openssl/core.h.
- Properly detect repeated names in the NAME section.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9407)
2019-07-19 20:16:30 +02:00
Matt Caswell
76ca35e724 Fix no-dh
The recent move of the DH code into the default provider broke no-dh. This
adds back in various missing guards.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9399)
2019-07-19 17:33:35 +01:00
Richard Levitte
a1c5cefaf4 Correct some OSSL_PARAM documentation
The documentation wasn't quite in sync with the implementation.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9408)
2019-07-18 18:20:16 +10:00
Bernd Edlinger
04edd688b3 Add value_barriers in constant time select functions
The barriers prevent the compiler from narrowing down the
possible value range of the mask and ~mask in the select
statements, which avoids the recognition of the select
and turning it into a conditional load or branch.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/9217)
2019-07-18 15:55:19 +02:00
Shane Lontis
05f4eb2dc9 Fix S390X compile error due to missing defines
Add the missing S390X_aes_XXX_gcm_CAPABLE() macros into aes_platform.h.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9403)
2019-07-18 16:07:26 +10:00
Shane Lontis
7a9abccde7 Cleanup use of X509 STORE locks
Cosmetic changes to use the X509_STORE_lock/unlock functions.
Renamed some ctx variables to store.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9366)
2019-07-18 15:08:24 +10:00
Dr. Matthias St. Pierre
3b438ef95b Fix init_get_thread_local()
Previously, init_get_thread_local() pushed the thread event handler
list onto the global register before calling CRYPTO_THREAD_set_local(),
and when the latter failed, forgot to pop the list from the stack again.

Instead of cleaning the stack on error, this commit avoids the situation
entirely by postponing the push operation until all other operations
succeeded. This reordering also significantly reduces the scope of the
critical section.

Another simplification of the code is achieved by moving the push operation
onto the register (which is disabled in FIPS mode) into a separate function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9401)
2019-07-18 06:20:55 +02:00
Rich Salz
e7aa7c11c7 Deprecated {OPENSSL,CRYPTO}_debug_mem_{push,pop}
They were only used for recursive ASN1 parsing.
Even if the internal memory-debugging facility remains,
this simplification seems worthwhile.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9342)
2019-07-17 14:48:06 +02:00
Matt Caswell
7bc82358ae Fix the return value for SSL_get0_chain_certs()
This function was always returning 0. It should return 1 on success.

Fixes #9374

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/9395)
2019-07-17 12:31:57 +01:00
Pauli
3c93fbacf6 Parameter building utilities.
A fuller implementation of PARAMS_TEMPLATE as per #9266 but renamed.
This introduces a statis data type which can be used to constructor a
description of a parameter array.  It can then be converted into a OSSL_PARAM
array and the allocated storage freed by a single call to OPENSSL_free.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9305)
2019-07-17 16:59:09 +10:00
Pauli
4bd8b24045 remove end of line spaces
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
(Merged from https://github.com/openssl/openssl/pull/9397)
2019-07-16 20:35:42 +10:00
Pauli
dd6b270618 Remove tab characters from C source files.
Some have been creeping into the source code.

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
(Merged from https://github.com/openssl/openssl/pull/9397)
2019-07-16 20:24:10 +10:00
Kurt Roeckx
e3a0d36729 Auto add a label depending on the type of issue they report.
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #9319
2019-07-16 20:33:01 +02:00
Richard Levitte
da02018143 Provider config module: allow providers to already be loaded
This allows 'default' to be configured in the config file, if needed.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9371)
2019-07-16 16:48:42 +02:00
Todd Short
fe9edc9d39 Fix SSL_CTX_set_session_id_context() docs
Also, use define rather than sizeof

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9377)
2019-07-16 13:57:38 +01:00
Patrick Steuer
c17d60ea29 s390x assembly pack: fix restoring of SIGILL action
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9381)
2019-07-16 14:40:28 +02:00
Viktor Dukhovni
5fe499cb75 Actually silently ignore GET / OCSP requests
Reviewed-by: Matt Caswell <matt@openssl.org>
2019-07-16 06:11:15 -04:00
Matt Caswell
12df11bdf1 Document the new EVP_KEYEXCH type and related functions
Previous commits added the EVP_KEYEXCH type for representing key exchange
algorithms. They also added various functions for fetching and using them,
so we document all of those functions.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9266)
2019-07-16 10:16:32 +01:00
Matt Caswell
35aca9eccb Add the ability to set PKCS#3 DH padding in providers
This also adds the ability to set arbitrary parameters on key exchange
algorithms. The ability to pad the output is one such parameter for DH.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9266)
2019-07-16 10:16:32 +01:00
Matt Caswell
94b40fb77c Enable PKCS#3 DH in the providers
The default provider now has support for PKCS#3 Diffie-Hellman so we
switch libcrypto to using providers for that algorithm.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9266)
2019-07-16 10:16:32 +01:00
Matt Caswell
89e291742f Implement PKCS#3 DH Key Exchange in the default provider
We add the capability for the default provider to perform PKCS#3
Diffie-Hellman key exchange. At this point the implementation is not used
because libcrypto still uses legacy handling for Diffie-Hellman.

Note X9.42 DH is not touched by this commit.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9266)
2019-07-16 10:16:32 +01:00
Matt Caswell
ff64702b3d Make the EVP Key Exchange code provider aware
We introduce a new EVP_KEYEXCH type to represent key exchange algorithms
and refactor the existing code to use it where available.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9266)
2019-07-16 10:16:32 +01:00
Rich Salz
cbfa5b0398 Regenerate mkerr files
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9058)
2019-07-16 05:26:28 +02:00
Rich Salz
aac96e2797 Remove function name from errors
Deprecate all xxx_F_ defines.
Removed some places that tested for a specific function.
Use empty field for the function names in output.
Update documentation.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9058)
2019-07-16 05:26:28 +02:00
Pauli
3d9b33b5e4 Remove DRBG from SSL structure.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9390)
2019-07-16 13:21:56 +10:00
Shane Lontis
459b15d451 Add Common shared code needed to move aes ciphers to providers
Custom aes ciphers will be placed into multiple new files
(instead of the monolithic setup used in the e_aes.c legacy code)
so it makes sense to have a header for the platform specific
code that needs to be shared between files.
modes_lcl.h has also moved to modes_int.h to allow sharing with the
provider source.
Code that will be common to AEAD ciphers has also been added. These
will be used by seperate PR's for GCM, CCM & OCB.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9301)
2019-07-16 09:46:14 +10:00
Pauli
0d03acea7a remove end of line whitespace
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9111)
2019-07-12 06:27:19 +10:00
Matt Caswell
b880583475 Convert asn1_dsa.c to use the WPACKET API instead
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9111)
2019-07-12 06:26:46 +10:00
Matt Caswell
15cb0f0958 Give WPACKET the ability to have a NULL buffer underneath it
This means the WPACKET API can be used for calculating the number of
bytes that would have been written if a non-NULL buffer had been used.
This enables us to calculate the number of length bytes required when
encoding ASN.1

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9111)
2019-07-12 06:26:46 +10:00
Matt Caswell
8ae173bb57 Convert asn1_dsa.c to use the PACKET API instead
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9111)
2019-07-12 06:26:46 +10:00
Matt Caswell
0d345f0e10 Make the PACKET/WPACKET code available to both libcrypto and libssl
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9111)
2019-07-12 06:26:46 +10:00
David Makepeace
54846b7c6e Add simple ASN.1 utils for DSA signature DER.
Adds simple utility functions to allow both the default and fips providers to
encode and decode DSA-Sig-Value and ECDSA-Sig-Value (DSA_SIG and ECDSA_SIG
structures) to/from ASN.1 DER without requiring those providers to have a
dependency on the asn1 module.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9111)
2019-07-12 06:26:46 +10:00
Pauli
35e264c032 Coverity #1451596: check dirlen for being negative
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9362)
2019-07-12 05:41:48 +10:00