Richard Levitte [Thu, 15 Aug 2019 10:39:20 +0000 (12:39 +0200)]
Use macros internally for algorithm names
The macros are defined in include/openssl/core_names.h and follow the
naming standard OSSL_{OPNAME}_NAME_{ALGONAME}, where {OPNAME} is the
name of the operation (such as MAC) and {ALGONAME} is the name of the
algorithm. Example: OSSL_MAC_NAME_HMAC
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9635)
Mykola Baibuz [Sun, 18 Aug 2019 08:17:03 +0000 (11:17 +0300)]
doc: fix link in BN_new.pod
Fixes #9622
CLA: trivial
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9627)
Richard Levitte [Sun, 18 Aug 2019 06:28:34 +0000 (08:28 +0200)]
Untangle / retangle opensslv.h, openssslconf.h and macros.h
When openssl/macros.h is included without openssl/opensslv.h, it can't
define OPENSSL_API_4 properly (with sufficient warnings enabled, the
compiler will complain about OPENSSL_VERSION_MAJOR not being defined).
The quick fix could have been to include openssl/opensslv.h in
openssl/macros.h, but that would create a nasty include loop, since
openssl/opensslv.h includes openssl/opensslconf.h, which includes
openssl/macros.h, in an order that leads back to macro check errors.
The objective is to make these headers more independent:
- openssl/opensslconf.h should really be completely independent, as it
only defines macros for configuration values. However, it needs to
include openssl/macros.h for backward compatibility reasons. We do
this at the very end, under inclusion guards.
- openssl/macros.h is changed to include openssl/opensslconf.h, so it
gets necessary configuration values to build some macros. This will
not cause an endless inclusion loop, since opensslconf.h's inclusion
of macros.h is under guard.
- openssl/opensslv.h is changed to include openssl/macros.h instead of
openssl/opensslconf.h.
Only one last piece needs to be done to make openssl/macros.h
independent from openssl/opensslv.h. We can realise that the
definition of OPENSSL_API_4 doesn't need to depend on the current
version number. There's nothing in our configuration that would have
OPENSSL_API_4 defined to 1, and if the user sets OPENSSL_API_COMPAT or
OPENSSL_API_LEVEL to a high enough value, we consider that a
deliberate and knowledgable action on their part.
Fixes #7874
Fixes #9601
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9626)
Shane Lontis [Sun, 18 Aug 2019 23:30:59 +0000 (09:30 +1000)]
cipher cleanups.
Add test to evp_test_extra for ciphers (that is similiar to the digest_fetch).
Move some of the aes and gcm methods that can be shared with other ciphers into ciphers_common.c
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9580)
Shane Lontis [Sun, 18 Aug 2019 23:18:33 +0000 (09:18 +1000)]
Add fips provider code for handling self test data
More PR's related to self test will be derived from this PR.
Note: the code removed in core_get_params() was causing a freeze since the
fips module was being loaded from a config file, which then called core_get_params()
which then tried to init the config fle again...
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9596)
Rich Salz [Sun, 18 Aug 2019 15:38:25 +0000 (11:38 -0400)]
Use WARNINGS heading not WARNING
Also update find-doc-nits to reject "=head1 WARNING"
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9602)
Rich Salz [Thu, 15 Aug 2019 18:26:08 +0000 (14:26 -0400)]
Use EXAMPLES not EXAMPLE for section title
And update find-doc-nits to complain if "=head1 EXAMPLE" is found.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9602)
Rich Salz [Thu, 15 Aug 2019 17:52:41 +0000 (13:52 -0400)]
Fix some pod-page ordering nits
The find-doc-nits script only looked for EXAMPLES, not EXAMPLE.
Fix the pattern and then fix the errors that resulted.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9602)
Patrick Steuer [Thu, 15 Aug 2019 21:13:53 +0000 (23:13 +0200)]
Fix --strict-warnings build
Appease -Wstring-plus-int.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9608)
Patrick Steuer [Mon, 5 Aug 2019 14:56:14 +0000 (16:56 +0200)]
Test for out-of-bounds write when requesting zero bytes from shake
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9433)
Patrick Steuer [Mon, 5 Aug 2019 14:53:16 +0000 (16:53 +0200)]
Directly return from final sha3/keccak_final if no bytes are requested
Requesting zero bytes from shake previously led to out-of-bounds write
on some platforms.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9433)
Rich Salz [Sat, 17 Aug 2019 16:49:50 +0000 (12:49 -0400)]
.travis.yml: Use travis_terminate on failure
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9620)
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9607)
Richard Levitte [Fri, 16 Aug 2019 07:04:29 +0000 (09:04 +0200)]
Rename ctx_{get,set}_params to {get,set}_ctx_params
Recently, we added dispatched functions to get parameter descriptions,
and those for operation context parameters ended up being called
something_gettable_ctx_params and something_settable_ctx_params.
The corresponding dispatched functions to actually perform parameter
transfers were previously called something_ctx_get_params and
something_ctx_set_params, which doesn't quite match, so we rename them
to something_get_ctx_params and something_set_ctx_params.
An argument in favor of this name change is English, where you'd
rather say something like "set the context parameters".
This only change the libcrypto <-> provider interface.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9612)
Rich Salz [Thu, 15 Aug 2019 16:09:08 +0000 (12:09 -0400)]
Ignore function code collisions
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9600)
Richard Levitte [Mon, 12 Aug 2019 11:14:51 +0000 (13:14 +0200)]
Adjust some provider reason codes
BLAKE2 MACs came with a set of new reason codes. Those talking about
lengths are consistently called PROV_R_INVALID_FOO_LENGTH, for any
name FOO. The cipher messages were briefer. In the interest of
having more humanly readable messages, we adjust the reasons used by
the ciphers (that's just IV length and key length).
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8877)
Richard Levitte [Tue, 4 Jun 2019 16:00:04 +0000 (18:00 +0200)]
Adapt diverse code to provider based MACs.
CRMF, SSKDF, TLS1_PRF and SIV are affected by this.
This also forces the need to check MAC names, which leads to storing
the names in the created methods, which affects all EVP APIs, not just
EVP_MAC. We will want that kind of information anyway (for example
for 'openssl list')... Consequently, EVP_MAC_name() is re-implemented.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8877)
Richard Levitte [Sun, 2 Jun 2019 06:46:35 +0000 (08:46 +0200)]
Move KMAC to providers
Instead of using evp_keccak_kmac128() and evp_keccak_kmac256(), we refer
to the hash implementation by name, and fetch it, which should get us the
implementation from providers/common/digests/sha3_prov.c.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8877)
Richard Levitte [Tue, 7 May 2019 10:39:58 +0000 (12:39 +0200)]
Prepare EVP_MAC infrastructure for moving all MACs to providers
Quite a few adaptations are needed, most prominently the added code
to allow provider based MACs.
As part of this, all the old information functions are gone, except
for EVP_MAC_name(). Some of them will reappear later, for example
EVP_MAC_do_all() in some form.
MACs by EVP_PKEY was particularly difficult to deal with, as they
need to allocate and deallocate EVP_MAC_CTXs "under the hood", and
thereby implicitly fetch the corresponding EVP_MAC. This means that
EVP_MACs can't be constant in a EVP_MAC_CTX, as their reference count
may need to be incremented and decremented as part of the allocation
or deallocation of the EVP_MAC_CTX. It may be that other provider
based EVP operation types may need to be handled in a similar manner.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8877)
Patrick Steuer [Fri, 12 Jul 2019 11:47:32 +0000 (13:47 +0200)]
OPENSSL_s390xcap.pod: list msa9 facility bit (155)
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9348)
Patrick Steuer [Thu, 11 Jul 2019 08:38:18 +0000 (10:38 +0200)]
s390x assembly pack: accelerate ECDSA
for NIST P-256, P-384 and P-521 using KDSA instruction.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9348)
Patrick Steuer [Thu, 11 Jul 2019 08:23:49 +0000 (10:23 +0200)]
Enable curve-spefific ECDSA implementations via EC_METHOD
which are already enabled for ECDH.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9348)
for NIST P-256, P-384 and P-521 using PCC instruction.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9348)
Patrick Steuer [Wed, 3 Jul 2019 16:02:11 +0000 (18:02 +0200)]
s390xcpuid.pl: fix comment
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9348)
Omid Najafi [Fri, 2 Aug 2019 21:40:19 +0000 (17:40 -0400)]
Fix syntax error for the armv4 assembler
The error was from the alignment syntax of the code.
More details:
https://stackoverflow.com/questions/57316823/arm-assembly-syntax-in-vst-vld-commands?noredirect=1#comment101133590_57316823
CLA: trivial
Fixes: #9518 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9518)
Richard Levitte [Wed, 14 Aug 2019 18:17:39 +0000 (20:17 +0200)]
Rename provider and core get_param_types functions
It was argued that names like SOMETHING_set_param_types were confusing,
and a rename has been proposed to SOMETHING_settable_params, and by
consequence, SOMETHING_get_param_types is renamed
SOMETHING_gettable_params.
This changes implements this change for the dispatched provider and
core functions.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9591)
Richard Levitte [Mon, 12 Aug 2019 13:01:00 +0000 (15:01 +0200)]
Modify 'openssl list' to give more verbose descriptions
With the diverse {get,set}table_params functions, it's possible to
give a more verbose description of the diverse algorithm
implementations. Most notably, we add a description of the parameters
that each implementation is willing to share.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9576)
Fix a few places where calling ossl_isdigit does the wrong thing on
EBCDIC based systems.
Replaced with ascii_isdigit.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9556)
Paul Yang [Wed, 14 Aug 2019 02:28:07 +0000 (10:28 +0800)]
Add description in X509_STORE manipulation
Add memory management description in X509_STORE_add_cert, otherwise
users will not be aware that they are leaking memory...
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9484)
Tomas Mraz [Mon, 12 Aug 2019 14:43:59 +0000 (16:43 +0200)]
BIO_lookup_ex: Do not retry on EAI_MEMORY
We should not retry on EAI_MEMORY as that error is most probably
fatal and not depending on AI_ADDRCONFIG hint.
Also report the error from the first call if the second call fails
as that one would be most probably the more interesting one.
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9535)
Tomas Mraz [Mon, 5 Aug 2019 17:11:07 +0000 (19:11 +0200)]
BIO_lookup_ex: Always retry the lookup on failure with AI_NUMERICHOST set
Do not try to discern the error return value on
getaddrinfo() failure but when retrying set the AI_NUMERICHOST
to avoid DNS lookups.
Fixes: #9053 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9535)
Rich Salz [Mon, 12 Aug 2019 03:23:17 +0000 (13:23 +1000)]
Fix doc example code to follow coding style
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9577)
Richard Levitte [Wed, 3 Jul 2019 16:42:21 +0000 (18:42 +0200)]
Add OSSL_PARAM_construct_from_text() and OSSL_PARAM_allocate_from_text()
These are utility functions that can be used to replace calls to
ctrl_str type functions with get_params / set_params types of calls.
They work by translating text values to something more suitable for
OSSL_PARAM, and by interpretting parameter keys in a compatible
fashion.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9303)
Richard Levitte [Wed, 3 Jul 2019 16:40:17 +0000 (18:40 +0200)]
Add OPENSSL_hexstr2buf_ex() and OPENSSL_buf2hexstr_ex()
They do the same thing as OPENSSL_hexstr2buf() and OPENSSL_buf2hexstr(),
except they take a result buffer from the caller.
We take the opportunity to break out the documentation of the hex to /
from buffer conversion routines from the OPENSSL_malloc() file to its
own file. These routines aren't memory allocation routines per se.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9303)
Vladimir Kotal [Mon, 22 Jul 2019 15:08:16 +0000 (17:08 +0200)]
enable DECLARE_DEPRECATED macro for Oracle Developer Studio compiler
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9434)
A local 'make clean' did some sweeping removals of files execpt for
the .git directory. This is a little too sweeping, as other dotted
files might be cleaned away if they happen to match the pattern that's
searched for.
An example is a symlink .dir-locals.el that would keep disappearing if
you build in the source tree and do a make clean...
So we change this to leave all dotted files alone. Our builds do not
produce such files anyway, so this is a harmless (or rather, less
harmful) change.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9573)
Denis Ovsienko [Fri, 9 Aug 2019 21:14:04 +0000 (22:14 +0100)]
Remove some duplicate words from the documentation
Fixup INSTALL and a couple man pages to get rid of "the the" and "in the
in the".
CLA: trivial
Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9563)
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9450)
Matt Caswell [Tue, 23 Jul 2019 16:10:05 +0000 (17:10 +0100)]
Extend tests of SSL_check_chain()
Actually supply a chain and then test:
1) A successful check of both the ee and chain certs
2) A failure to check the ee cert
3) A failure to check a chain cert
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9442)
Matt Caswell [Tue, 23 Jul 2019 14:14:29 +0000 (15:14 +0100)]
Fix SSL_check_chain()
The function SSL_check_chain() can be used by applications to check that
a cert and chain is compatible with the negotiated parameters. This could
be useful (for example) from the certificate callback. Unfortunately this
function was applying TLSv1.2 sig algs rules and did not work correctly if
TLSv1.3 was negotiated.
We refactor tls_choose_sigalg to split it up and create a new function
find_sig_alg which can (optionally) take a certificate and key as
parameters and find an appropriate sig alg if one exists. If the cert and
key are not supplied then we try to find a cert and key from the ones we
have available that matches the shared sig algs.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9442)
Matt Caswell [Thu, 8 Aug 2019 08:13:51 +0000 (09:13 +0100)]
Ensure RSA PSS correctly returns the right default digest
A default digest of SHA256 was being returned for RSA PSS even if the
PSS parameters indicated a different digest must be used. We change this
so that the correct default digest is returned and additionally mark this
as mandatory for PSS.
This bug had an impact on sig alg selection in libssl. Due to this issue
an incorrect sig alg might be selected in the event that a server is
configured with an RSA-PSS cert with parameter restrictions.
Fixes #9545
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9553)
Shane Lontis [Fri, 9 Aug 2019 11:38:42 +0000 (21:38 +1000)]
Add missing SIZE_MAX define for windows
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9559)
Add a parameter to probable_prime if we look for a safe prime
Currently probable_prime makes sure that p-1 does not have
any prime factors from 3..17863, which is useful for safe primes,
but not necessarily for the general case.
Issue was initially reported here:
MIRONOV, I. Factoring RSA Moduli II.
https://windowsontheory.org/2012/05/17/factoring-rsa-moduli-part-ii/
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9309)
Vladimir Kotal [Fri, 19 Jul 2019 14:01:13 +0000 (16:01 +0200)]
mention what happens if OPENSSL_NO_RC2 is defined
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9415)
Restrict usage of bio_dgram_sctp_data only to DGRAM SCTP methods
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9216)
Vladimir Kotal [Tue, 11 Jun 2019 14:21:00 +0000 (16:21 +0200)]
make ecp_nistz256_point_add_vis3() local
fixes #8936
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9132)
Martin Ukrop [Mon, 5 Aug 2019 12:14:54 +0000 (14:14 +0200)]
Fix reversed meaning of error codes
The meaning of the X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY and X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT error codes were still reversed in the X509_STORE_CTX_get_error function documentation.
This used to be the problem also in the verify application documentation, but was fixed on 2010-02-23 in 7d3d178.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9529)
Matt Caswell [Fri, 28 Jun 2019 11:07:55 +0000 (12:07 +0100)]
Clarify the INSTALL instructions
Ensure users understand that they need to have appropriate permissions
to write to the install location.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9268)
Matt Caswell [Wed, 7 Aug 2019 08:38:05 +0000 (09:38 +0100)]
Fix no-ec
Fix some unguarded references to EC code inside the FIPS provider.
Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9543)
Shane Lontis [Thu, 8 Aug 2019 04:23:52 +0000 (14:23 +1000)]
Fix document nit in EVP_MAC.pod
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9551)
Matt Caswell [Tue, 6 Aug 2019 12:39:00 +0000 (13:39 +0100)]
Fix BN error reporting
Commit ed57f7f935 implemented the macro ERR_raise and updated err.h to use
it. A typo in err.h means that errors in the BN library are mistakenly
attributed to the RSA library.
This was found due to the following error appearing in a travis log:
00:07:CB:13:05:7F:00:00:error:0400006C:rsa routines::data greater than mod
len:crypto/bn/bn_gcd.c:613:
00:07:CB:13:05:7F:00:00:error:04000003:rsa routines::BN
lib:crypto/rsa/rsa_gen.c:393:
/home/travis/build/openssl/openssl/util/shlib_wrap.sh
/home/travis/build/openssl/openssl/apps/openssl genrsa -out rsamptest.pem
-primes 5 8192 => 1
not ok 12 - genrsa 8192p5
The line in question (crypto/bn/bn_gcd.c:613) actually looks like this:
The test was checking for that error being raised, but was instead seeing
a different error and thus failing.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/9539)
Matt Caswell [Mon, 5 Aug 2019 12:38:25 +0000 (13:38 +0100)]
Run evp_test in FIPS mode
We run the cipher and digest evp_test test files in FIPS mode. Some
ciphers/digests aren't available in FIPS mode so we mark those as
only being available in the default provider.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9531)