Commit graph

23550 commits

Author SHA1 Message Date
Daniel Axtens
f643deac41 PPC assembly pack: fix copy-paste error in CTR mode
There are two copy-paste errors in handling CTR mode. When dealing
with a 2 or 3 block tail, the code branches to the CBC decryption exit
path, rather than to the CTR exit path.

This can lead to data corruption: in the Linux kernel we have a copy
of this file, and the bug leads to corruption of the IV, which leads
to data corruption when we call the encryption function again later to
encrypt subsequent blocks.

Originally reported to the Linux kernel by Ondrej Mosnáček <omosnacek@gmail.com>

CLA: trivial

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8510)
2019-03-18 18:13:24 +10:00
Shane Lontis
e2f5081116 coverity fixes for bntest.c
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8508)
2019-03-18 11:15:31 +10:00
Victor Stinner
253d762222 EVP_PBE_scrypt() handles salt=NULL as salt=""
Modify EVP_PBE_scrypt() to maintain OpenSSL 1.1.1 behavior: salt=NULL
is now handled as salt="" (and saltlen=0).

Commit 5a285addbf changed the behavior
of EVP_PBE_scrypt(salt=NULL). Previously, salt=NULL was accepted, but
the function now fails with KDF_R_MISSING_SALT.

CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8483)
2019-03-17 19:27:37 +10:00
Richard Levitte
f7f2a55aee test/params_api_test.c: fix size_t assumptions
size_t isn't always as large as a int64_t, so the compiler complains
about possible data loss.  In this case, we are in control, so a
simple cast will do.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8497)
2019-03-17 09:13:29 +01:00
Bernd Edlinger
16161a30f2 Update to xenial
[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8411)
2019-03-16 15:53:39 +01:00
Richard Levitte
52eb5b7ca4 Configurations/windows-makefile.tmpl: small fixes
Fixes #8467 #8478

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8468)
2019-03-15 12:35:39 +01:00
Matt Caswell
4acd79ff46 Guard some SM2 functions with OPENSSL_NO_SM2
Fixes the no-ec build

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8481)
2019-03-15 10:12:36 +00:00
Dr. Matthias St. Pierre
c37e635065 trace: update the documentation
This commit adds some missing symbols and other minor enhancements.
In particular, it establishes the term 'channel' as a synonym for
a BIO object attached to a trace category, and introduces the
concept of a 'simple' channel versus a 'callback' channel.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8463)
2019-03-15 08:48:43 +01:00
Dr. Matthias St. Pierre
fe50e11571 trace: ensure correct grouping
It is important that output to the trace channels occurs only inside
a trace group. This precondtion is satisfied whenever the standard
TRACE macros are used. It can be violated only by a bad programming
mistake, like copying the 'trc_out' pointer and using it outside
the trace group.

This commit enforces correct pairing of the OSSL_TRACE_CTRL_BEGIN and
OSSL_TRACE_CTRL_END callbacks, and checks that OSSL_TRACE_CTRL_WRITE
callbacks only occur within such groups.

While implementing it, it turned out that the group assertion failed

  apps/openssl.c:152: OpenSSL internal error: \
                      Assertion failed: trace_data->ingroup

because the set_trace_data() function invokes some callbacks which
generate trace output, but the correct channel type was set only
after the set_trace_data() call.

To fix the failed assertions, the correct channel type is now set
inside the set_trace_data() call, instead of doing it afterwards.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8463)
2019-03-15 08:48:43 +01:00
Dr. Matthias St. Pierre
13d06925e8 trace: don't leak the line prefix
The openssl app registers trace callbacks which automatically
set a line prefix in the OSSL_TRACE_CTRL_BEGIN callback.
This prefix needs to be cleared in the OSSL_TRACE_CTRL_END
callback, otherwise a memory leak is reported when openssl
is built with crypto-mdebug enabled.

This leak causes the tests to fail when tracing and memory
debugging are enabled.

The leak can be observed by any command that produces trace
output, e.g. by

  OPENSSL_TRACE=ANY util/shlib_wrap.sh  apps/openssl version
  ...
  [00:19:14]  4061 file=apps/bf_prefix.c, line=152, ...
  26 bytes leaked in 1 chunks

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8463)
2019-03-15 08:48:43 +01:00
Dr. Matthias St. Pierre
5afb177c3c trace: rename the trace channel types
Since the term 'channel' is already used as synonym for a BIO object attached
to a trace category, having a 't_channel' channel type and a 't_callback' channel
type somehow overburdens this term. For that reason the type enum constants are
renamed to 'SIMPE_CHANNEL' and 'CALLBACK_CHANNEL'.
(The conversion to capital letters was done to comply to the coding style.)

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8463)
2019-03-15 08:48:43 +01:00
Dr. Matthias St. Pierre
e474a286f5 trace: remove some magic numbers
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8463)
2019-03-15 08:48:43 +01:00
Dr. Matthias St. Pierre
355417eb46 VMS: only use the high precision on VMS v8.4 and up
Fixes #8487
Amends #7230

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8488)
2019-03-15 01:51:38 +01:00
Richard Levitte
503d4745a1 internal/refcount.h: allow non-atomic build
Configure with -DOPENSSL_DEV_NO_ATOMICS and you get refcount without
atomics.  This is intended for internal development only, to check the
refcounting is properly coded.  It should never become a configuration
option, hence the name of the macro.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8479)
2019-03-14 16:25:24 +01:00
Richard Levitte
085bef9f7c crypto/provider_core.c: correct definition and use of lock
Fixes #8476

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8477)
2019-03-14 16:22:36 +01:00
Matt Caswell
ee633ace73 Enable pkeyutl to use Ed448 and Ed25519
With the recent addition of the -rawin option it should be possible for
pkeyutl to sign and verify with Ed448 and Ed2559. The main remaining
stumbling block is that those algorirthms only support "oneshot" operation.
This commit enables pkeyutl to handle that.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/8431)
2019-03-14 12:42:16 +00:00
Dr. Matthias St. Pierre
6bc62a620e Configure: disable new trace api by default
Fixes #8472

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8474)
2019-03-14 10:32:58 +01:00
Richard Levitte
d33d76168f Don't fail when tracing is disabled
When tracing is disabled, don't generate errors, especially during
init.  Instead, just pretend the everything is fine.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8475)
2019-03-14 08:12:51 +01:00
Nicola Tuveri
81d61a62fa Fix memory leak in ectest
Fixes #8462

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8466)
2019-03-13 19:06:43 +02:00
Richard Levitte
d3620841cc test/params_test.c: use TEST_double_eq to check doubles
TEST_ulong_eq was used previously because TEST_double_eq didn't exist
at the time.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/8469)
2019-03-13 14:28:27 +01:00
Richard Levitte
932c3d0f67 test/params_test.c: make more global variables static
Again, compilers that don't like them being undeclared...

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/8469)
2019-03-13 14:05:41 +01:00
Richard Levitte
847275075f test/params_test.c: make construct_api_params() static
With enough warning flags, compilers complain when a non-static
function hasn't been properly declared...

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/8469)
2019-03-13 13:56:46 +01:00
David von Oheimb
62ca156505 prevent app_get_pass() from revealing cleartext password on syntax error
When the argument for '-pass' was badly formed, that argument got
displayed in full.  This turns out to not be such a good idea if the
user simply forgot to start the argument with 'pass:', or spellt the
prefix incorrectly.  We therefore change the display to say that a
colon is missing or only showing the incorrect prefix.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6218)
2019-03-13 13:38:51 +01:00
Richard Levitte
fff684168c test/params_test.c: Add run-time constructed OSSL_PARAM variant
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8396)
2019-03-13 11:32:17 +01:00
Richard Levitte
bc1e0be709 test/params_test.c: Add API test case, and mixed methods
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8396)
2019-03-13 11:32:17 +01:00
Richard Levitte
9ad41d246f test/params_test.c: Add "real world" parameter testing
test/params_test.c is a program that tries to mimic how a provider and
an application would or could handle OSSL_PARAM arrays.

For the moment, this program tests a very raw way of handling
OSSL_PARAM arrays.  It is, however, written in a way that will
hopefully make it possible to extend with other methods as APIs arise,
and to set up test cases where a "provider" handles the array one way
while the "application" handles it another way.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8396)
2019-03-13 11:32:17 +01:00
Matt Caswell
80889e41a7 Fix no-dso
Don't try to load external provider modules in tests if we don't have DSO
capability

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8459)
2019-03-13 10:03:54 +00:00
Matt Caswell
5810bbd8c7 Fix various no-* options
no-cmac, no-poly1305 and no-siphash all caused the new test_mac to fail.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8458)
2019-03-13 09:59:11 +00:00
Matt Caswell
81cd023f1d Fix memory leaks in pkread.c demo file
Also make various changes to bring the file into line with current coding
style.

Fixes #8456

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
(Merged from https://github.com/openssl/openssl/pull/8457)
2019-03-13 09:54:49 +00:00
杨洋
8267becb8b Support SM2 certificate verification
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8321)
2019-03-13 15:29:39 +08:00
Richard Levitte
9e11fe0d85 Replumbing: Add constructor of libcrypto internal method structures
This queries the provider for its available functionality (unless a
matching method structured is already cached, in which case that's
used instead), and creates method structure with the help of a passed
constructor.  The result is cached if the provider allows it (or if
caching is forced).

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8340)
2019-03-12 20:25:46 +01:00
Richard Levitte
099bd33920 Replumbing: Add support for the provider query_operation function
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8340)
2019-03-12 20:25:46 +01:00
Richard Levitte
85e2417c0d Replumbing: Add an OSSL_PROVIDER iterator with callback
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8340)
2019-03-12 20:25:46 +01:00
Richard Levitte
e2146e120f Change OSSL_PARAM_UTF8_STRING_PTR to OSSL_PARAM_UTF8_PTR
In unrelated code

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8451)
2019-03-12 19:14:50 +01:00
Pauli
eabf91cd11 generated files
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8451)
2019-03-12 19:14:50 +01:00
Pauli
7ffbd7ca96 OSSL_PARAM helper functions.
Provide a number of functions to allow parameters to be set and
retrieved in a type safe manner.  Functions are provided for many
integral types plus double, BIGNUM, UTF8 strings and OCTET strings.

All of the integer functions will widen the parameter data as
required.  This permits a degree of malleability in the parameter
definition.  For example a type can be changed from a thirty two bit
integer to a sixty four bit one without changing application code.
Only four and eight byte integral sizes are supported here.

A pair of real functions are available for doubles.

A pair of functions is available for BIGNUMs.  These accept any sized
unsigned integer input and convert to/from a BIGNUM.

For each OCTET and UTF8 strings, four functions are defined.  This
provide get and set functionality for string and for pointers to
strings.  The latter avoiding copies but have other inherent risks.

Finally, some utility macros and functions are defined to allow
OSSL_PARAM definition arrays to be specified in a simple manner.
There are two macro and one function for most types.  The exception
being BIGNUM, for which there is one macro and one function.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8451)
2019-03-12 19:12:12 +01:00
Richard Levitte
8c4412ed8f Rename 'buffer' to 'data' in OSSL_PARAM
The OSSL_PARAM attribute names |buffer| and |buffer_size| may lead to
confusion, as they may make some think that the memory pointed at is
an intermediate memory are.  This is not generally the case, so we
rename |buffer| and |buffer_size| to |data| and |data_size|

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8451)
2019-03-12 18:56:42 +01:00
David von Oheimb
a61b7f2fa6 2nd chunk: CRMF code (crypto/crmf/, ) and its integration
in INSTALL, Configure, crypto/build.info, include/openssl/crmferr.h,
crypto/err/, include/openssl/err.h, and (to be updated:) util/libcrypto.num

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7646)
2019-03-12 12:26:06 +00:00
David von Oheimb
2a3b52eacd Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL
Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712)

CMP and CRMF API is added to libcrypto, and the "cmp" app to the openssl CLI.
Adds extensive man pages and tests.  Integration into build scripts.

Incremental pull request based on OpenSSL commit 1362190b1b of 2018-09-26

1st chunk: CRMF API (include/openssl/crmf.h) and its documentation (reviewed)

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7328)
2019-03-12 12:22:59 +00:00
Shane Lontis
eef721b0d0 added generated files
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6652)
2019-03-12 12:00:52 +00:00
Shane Lontis
8240d5fa65 FIPS 186-4 RSA Generation & Validation
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6652)
2019-03-12 12:00:52 +00:00
Patrick Steuer
d1229190bf s390x assembly pack: import chacha from cryptogams repo
featuring 6x"horizontal" code path which is up to 25%
faster than present 4x"vertical" for larger blocks.

Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8287)
2019-03-11 21:22:28 +01:00
Richard Levitte
c453283421 Add documentation
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8287)
2019-03-11 20:40:13 +01:00
Richard Levitte
021a655277 Add provider tests
Two tests are added, one that tests the internal API, the other tests
the public API.  Those two tests both test the same provider, which
acts both as a built-in provider and as a loadable provider module.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8287)
2019-03-11 20:40:13 +01:00
Richard Levitte
16c2f1bdb5 Add provider module infrastructure
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8287)
2019-03-11 20:40:13 +01:00
Richard Levitte
3374dc03ed Replumbing: New public API to load or add providers
Adding a provider means creating an internal provier object and adding
it to the store.  This allows the addition of built in providers, be it
in the OpenSSL libraries or in any application.

"Loading" a provider is defined broadly.  A built in provider is already
"loaded" in essence and only needs activating, while a provider in a
dynamically loadable module requires actually loading the module itself.
In this API, "loading" a provider does both.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8287)
2019-03-11 20:40:13 +01:00
Richard Levitte
4c2883a9bf Replumbing: Add the Provider Object, type OSSL_PROVIDER
The OSSL_PROVIDER is the core object involved in loading a provider
module, initialize a provider and do the initial communication of
provider wide and core wide dispatch tables.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8287)
2019-03-11 20:40:13 +01:00
Richard Levitte
3f4e8d6604 Replumbing: Add MODULESDIR macro and OPENSSL_MODULES environment variable
These will be used to point out general OpenSSL modules directory.
ENGINE modules are kept apart for backward compatibility.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8287)
2019-03-11 20:40:12 +01:00
Shane Lontis
98f29466dc fix truncation of integers on 32bit AIX
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8417)
2019-03-11 14:45:18 +01:00
Rich Salz
2a6a56073c Add regenerated header files
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8397)
2019-03-11 14:42:47 +01:00