Commit graph

23543 commits

Author SHA1 Message Date
Richard Levitte
27a3be20a5 Configure: Remove extra warning and sanitizer options from CXXFLAGS
We add the extra warning and sanitizer options to check our code,
which is entirely in C.  We support C++ compilers uniquely for the
sake of certain external test suites, and those projects can probably
sanitize their own code themselves.

[extended tests]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9013)

(cherry picked from commit 3b437400d9)
2019-05-27 15:20:55 +02:00
Richard Levitte
5a070488d8 doc/man3/X509_LOOKUP_meth_new.pod: clarify the requirements
The documentation of what a X509_LOOKUP implementation must do was
unclear and confusing.  Most of all, clarification was needed that it
must store away the found objects in the X509_STORE.

Fixes #8707

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8755)

(cherry picked from commit 19f43f02aa)
2019-05-27 10:52:01 +02:00
FdaSilvaYY
9f084451a3 OCSP: fix memory leak in OCSP_url_svcloc_new method.
Add a few coverage test case.

Fixes #8949

[extended tests]

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8959)

(cherry picked from commit 5b3accde60)
2019-05-27 08:12:35 +10:00
voev
22598dab56 Fix GOST OID
CLA: trivial

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/8979)
2019-05-24 12:36:06 +03:00
agnosticdev
dc9f2a69f3 issue-8973: Added const to parameters for values that were not altered
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8995)

(cherry picked from commit 5435a83076)
2019-05-24 09:58:57 +02:00
Sambit Kumar Dash
6b261345d5 Doc update: minor typo in CMS_verify.pod
CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8952)

(cherry picked from commit 55e09d17d4)
2019-05-24 12:32:41 +10:00
Bernd Edlinger
69fd7d17c0 Fix a crash in the speed command with wrap ciphers
e.g. openssl speed -evp id-aes256-wrap-pad
was crashing because the return code from EVP_CipherInit_ex
was ignored.
Not going to allow that cipher mode because wrap ciphers
produces more bytes output than the input length
and EVP_Update_loop is not really prepared for that.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8739)

(cherry picked from commit 5d238a1032)
2019-05-23 16:15:33 +02:00
Matt Caswell
9fc194321e Add the NIST CAVS test vectors for CCM
This imports all of the NIST CAVS test vectors for CCM (SP800-38C) and
coverts them for use within evp_test. This commit also adds a script to
convert the .rsp CAVS files into the evp_test format.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8981)

(cherry picked from commit ecb0f148a9)
2019-05-23 10:55:42 +01:00
Patrick Steuer
3e0b1a603b EVP_Digest*: enable SHA3 pre-hashing for DSA
Fixes #7323

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8970)

(cherry picked from commit 3f950d8765)
2019-05-22 17:07:16 +02:00
Patrick Steuer
bf3797fe3b EVP_Digest*: enable SHA3 pre-hashing for ECDSA
Fixes #8957

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8970)

(cherry picked from commit e8d0678da4)
2019-05-22 17:07:04 +02:00
Patrick Steuer
2341db5ca1 s390x assembly pack: allow specifying the tag after aad in aes-ccm
67c81ec311 forgot about s390x

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8971)

(cherry picked from commit 887e22dd8b)
2019-05-22 13:24:50 +02:00
Kurt Roeckx
408cb4c888 Change default RSA, DSA and DH size to 2048 bit
Fixes: #8737

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #8741
(cherry picked from commit 70b0b977f7)
2019-05-21 16:47:13 +02:00
Matt Caswell
3ae3c38825 Revert "EVP_*Update: ensure that input NULL with length 0 isn't passed"
This reverts commit dcb982d792.

This change is causing extended tests to fail.

[extended tests]

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8964)

(cherry picked from commit 2c23689402)
2019-05-21 14:44:48 +01:00
Arne Schwabe
2c5afadc86 Change SSL parameter SSL_session_reused const
This function only returns a status and does not modify the parameter.
Since similar function are already taking const parameters, also
change this function to have a const parameter.

Fixes #8934

CLA: trivial
Signed-off-by: Arne Schwabe <arne@rfc2549.org>

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8945)

(cherry picked from commit c04b66b18d)
2019-05-21 09:59:40 +10:00
Valentin Robert
fa00e0daf1 Fix typo in NOTES.PERL
CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8905)

(cherry picked from commit 3e4e43e609)
2019-05-16 11:47:53 +10:00
Rashmica Gupta
4f4d37dace crypto/ppccap.c: Fix which hwcap value used to check for HWCAP_ARCH_3_00
CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8889)

(cherry picked from commit 99592c73e7)
2019-05-09 14:20:44 +10:00
Tobias Nießen
b48e3be947 Allow specifying the tag after AAD in CCM mode
This change allows to pass the authentication tag after specifying
the AAD in CCM mode. This is already true for the other two supported
AEAD modes (GCM and OCB) and it seems appropriate to match the
behavior.

GCM and OCB also support to set the tag at any point before the call
to `EVP_*Final`, but this won't work for CCM due to a restriction
imposed by section 2.6 of RFC3610: The tag must be set before
actually decrypting data.

This commit also adds a test case for setting the tag after supplying
plaintext length and AAD.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7243)

(cherry picked from commit 67c81ec311)
2019-05-08 11:02:42 +01:00
Matt Caswell
8f50627402 Reject obviously invalid DSA parameters during signing
Fixes #8875

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8876)

(cherry picked from commit 9acbe07d23)
2019-05-07 16:54:31 +01:00
Dr. Matthias St. Pierre
335a587bd2 man: fix a typo and a grammar nit in EVP_PKEY_meth_new(3)
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8893)

(cherry picked from commit 260a16f336)
2019-05-07 13:12:27 +02:00
Dr. Matthias St. Pierre
66790d7625 openssl cms: add error message if operation option is missing
If the `openssl cms` command is called without specifying an
operation option, it replies with the following laconic error message:

    cms: Use -help for summary.

This commit adds a helpful error message:

    No operation option (-encrypt|-decrypt|-sign|-verify|...) specified.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8861)

(cherry picked from commit 42151b8edb)
2019-05-02 23:06:43 +02:00
Dr. Matthias St. Pierre
49142bcb18 Test: use keywords instead of magic numbers for 'rsa_pss_saltlen'
Since commit 137096a7ea it is possible to specify keywords instead
of negative magic numbers for the salt length. This commit replaces
the remaining occurrences of `rsa_pss_saltlen:-3` in the test recipes
by `rsa_pss_saltlen:max`.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8860)

(cherry picked from commit 31fc48ddc3)
2019-05-02 23:02:47 +02:00
Wojciech Kaluza
68b8769e4e Allow setting RCFLAGS as Configure option or environment variable
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8803)

(cherry picked from commit 0c4e984de2)
2019-05-02 11:17:05 +02:00
Wojciech Kaluza
1e8ae82e2c Add RCFLAGS variable in Windows build file, and use it
- Allow user-defined RCFLAGS
- Pass RCFLAGS to RC

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8803)

(cherry picked from commit a583172dac)
2019-05-02 11:17:00 +02:00
Richard Levitte
7216e9a20a Configure: process shared-info.pl later
The reason is that the shared-info attributes may depend on %disabled,
so we need to process all enablings/disablings first.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8846)

(cherry picked from commit 8f0dd6d9ee)
2019-04-30 11:56:20 +02:00
Pauli
57aac8b59d Revert "Statistically test BN_rand_range()."
The testutil support for doubles isn't present in 1.1.1.

This reverts commit 4a71766793 from #8818.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8829)
2019-04-26 07:43:53 +10:00
Pauli
4a71766793 Statistically test BN_rand_range().
Add a Chi^2 goodness of fit test to empirically provide a degree of confidence
in the uniformity of the output of the random range generation function.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8818)

(cherry picked from commit bb5b3e6dd0)
2019-04-25 23:03:51 +10:00
Guido Vranken
fc4c034ee8 Enforce a strict output length check in CRYPTO_ccm128_tag
Return error if the output tag buffer size doesn't match
the tag size exactly. This prevents the caller from
using that portion of the tag buffer that remains
uninitialized after an otherwise succesfull call to
CRYPTO_ccm128_tag.

Bug found by OSS-Fuzz.

Fix suggested by Kurt Roeckx.

Signed-off-by: Guido Vranken <guidovranken@gmail.com>

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8810)

(cherry picked from commit 514c9da48b)
2019-04-25 11:00:39 +01:00
Jakub Jelen
282360e6be doc: Get rid of unrelated reference to DSA_new()
CLA: trivial

Signed-off-by: Jakub Jelen <jjelen@redhat.com>

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8786)

(cherry picked from commit 87930507ff)
2019-04-24 16:36:44 +02:00
Richard Levitte
aacae7a915 Configure: make disabling stuff easier and safer
Disabling one thing may mean having to disable other things as well.
We already have a process to auto-disable things through cascading,
but that was under-used.

Making the cascading mechanism available through a function to be
called to disable stuff makes it more automatic, and helps us when we
forget how different disabling options affect others.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8812)

(cherry picked from commit 71ef78d71f)
2019-04-23 12:46:43 +02:00
Richard Levitte
007213795a Configure: recognise -static even if given through variables
Fixes #8787

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8812)

(cherry picked from commit 4650d10ff6)
2019-04-23 12:44:38 +02:00
Richard Levitte
b8fdfd93f8 Configure: merge all of %user and %useradd into %config earlier
This came about with the realisation that upper case CFLAGS, LDFLAGS
and so on aren't treated much after that, and this makes figuring out
user added flags significantly easier, just look in %config.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8812)

(cherry picked from commit c1a09254e4)
2019-04-23 12:44:38 +02:00
dyrock
1711a62686 Check if num is 0 before trying to malloc memory. Otherwise for client hellos without extensions SSL_client_hello_get1_extensions_present will return MALLOC_FAILURE.
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8756)

(cherry picked from commit 6fda11ae5a)
2019-04-19 09:55:47 +01:00
Matt Caswell
af0bab3227 Add some more test vectors for ChaCha20
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8780)

(cherry picked from commit a595b10d34)
2019-04-19 09:42:31 +01:00
Matt Caswell
d0a2b73b9c Clarify the documentation on the use of ChaCha20
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8780)

(cherry picked from commit 6f3aae256d)
2019-04-19 09:42:31 +01:00
Richard Levitte
18111b130a asn1parse: avoid double free
|str| was used for multiple conflicting purposes.  When using
'-strictpem', it's used to uniquely hold a reference to the loaded
payload.  However, when using '-strparse', |str| was re-used to hold
the position from where to start parsing.

So when '-strparse' and '-strictpem' are were together, |str| ended up
pointing into data pointed at by |at|, and was yet being freed, with
the result that the payload it held a reference to became a memory
leak, and there was a double free conflict when both |str| and |at|
were being freed.

The situation is resolved by always having |buf| hold the pointer to
the file data, and always and only use |str| to hold the position to
start parsing from.  Now, we only need to free |buf| properly and not
|str|.

Fixes #8752

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8753)

(cherry picked from commit 4f29f3a29b)
2019-04-18 19:21:52 +02:00
Tomas Mraz
2456ae5763 Add test for the BIO_s_mem rdwr->rdonly->rdwr use-case
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8649)

(cherry picked from commit 06add280d9)
2019-04-16 10:55:36 +01:00
Tomas Mraz
693f98aae8 Add documentation for the BIO_s_mem pecularities
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8649)

(cherry picked from commit 3d42833d38)
2019-04-16 10:55:36 +01:00
Tomas Mraz
4912bf7428 Add testing of RDONLY memory BIOs
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8649)

(cherry picked from commit d34bce03ac)
2019-04-16 10:55:36 +01:00
Bernd Edlinger
27a11cd602 Add test for the BIO_get_mem_ptr() regression
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8649)

(cherry picked from commit c9dc22bc3d)
2019-04-16 10:55:36 +01:00
Tomas Mraz
43bb4dec99 Fix for BIO_get_mem_ptr and related regressions
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8649)

(cherry picked from commit b238fb7970)
2019-04-16 10:55:36 +01:00
Joshua Lock
1ced49fbb7 Further harmonisation of manual page HISTORY sections
A couple of minor tweaks to match the style introduced in #7854:
- BIO_connect: remove line break to make more grep friendly
- SSL_CTX_new: harmoise the format of the HISTORY section

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>

(cherry picked from commit 938e82f622)

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8736)
2019-04-15 12:26:50 +02:00
Joshua Lock
18bad53564 Update various man pages to place HISTORY section after SEE ALSO
SEE ALSO before HISTORY is the more common pattern in OpenSSL manual
pages and seems to be the prevalent order based on sampling my system
manual pages.

Fixes #8631

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>

(cherry picked from commit b5c4bbbe54)

 Conflicts:
	doc/man3/RAND_DRBG_generate.pod
	doc/man3/RAND_DRBG_reseed.pod

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8736)
2019-04-15 12:26:49 +02:00
Joshua Lock
3b01f353b8 Add a check for history section location to find-doc-nits
Check that the HISTORY section is located after the SEE ALSO section,
this is a much more frequent order in OpenSSL manual pages (and UNIX
manual pages in general).

Also check that SEE ALSO comes after EXAMPLES, so that the tool can
ensure the correct manual section sequence.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>

(cherry picked from commit 573ac8f222)

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8736)
2019-04-15 12:26:49 +02:00
Joshua Lock
32a775df9b Make check_example_location() in find-doc-nits generic
Change to check_section_location(), a generic function to ensure that
section SECTION appears before section BEFORE in the man pages.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>

(cherry picked from commit 95f92d5775)

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8736)
2019-04-15 12:26:49 +02:00
Paul Yang
a345fa370e Add section order check in util/find-doc-nits
This patch checks if the EXAMPLES section in a pod file is placed
before the RETURN VALUES section.

Reviewed-by: Richard Levitte <levitte@openssl.org>

(cherry picked from commit cc838ee2d6)

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8736)
2019-04-15 12:26:49 +02:00
Paul Yang
d090fc0019 Place return values after examples in doc
Reviewed-by: Richard Levitte <levitte@openssl.org>

(cherry picked from commit 4564e77ae9)

 Conflicts:
	doc/internal/man3/openssl_ctx_get_data.pod (non-existant)
	doc/man3/OPENSSL_s390xcap.pod (non-existant)

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8736)
2019-04-15 12:26:49 +02:00
Bernd Edlinger
e861d659c0 Don't use coordinate blinding when scalar is group order
This happens in ec_key_simple_check_key and EC_GROUP_check.
Since the the group order is not a secret scalar, it is
unnecessary to use coordinate blinding.

Fixes: #8731

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8734)

(cherry picked from commit 3051bf2afa)
2019-04-14 11:27:00 +02:00
Shane Lontis
dbd233b803 Fixed linux_x86_icc compiler errors in EC code related to __uint128_t/__int128_t
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8697)

(cherry picked from commit 3a86f1db28)
2019-04-11 08:42:10 +10:00
Bernd Edlinger
d8ceb24607 Avoid creating invalid rsa pss params
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8621)

(cherry picked from commit 491360e7ab)
2019-04-10 20:24:57 +02:00
Jakub Wilk
24686b2654 Fix typos
CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8714)

(cherry picked from commit ee215c7eea)
2019-04-10 13:24:14 +02:00