Matt Caswell [Thu, 6 Jun 2019 11:35:37 +0000 (12:35 +0100)]
Enable find-doc-nits to find undocumented symbols since 1.1.1
A previous commit added the ability to find newly undocumented symbols.
We extend this capability to check anything that was newly added since
1.1.1 which is undocumented. A new option -o is added to find-doc-nits
to amend the behaviour of -v or -e to check symbols that were newly
added since the release of 1.1.1.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9094)
Matt Caswell [Thu, 6 Jun 2019 11:12:49 +0000 (12:12 +0100)]
Make find-doc-nits check for newly added undocumented symbols
We create lists of undocumented functions and macros as they are now so
that find-doc-nits can check for newly introduced functions/macros that
are undocumented.
This works in a similar way to the -u and -d options to find-doc-nits.
These count undocumented symbols and print a detailed list of undocumented
symbols repsectively. This commit adds the -v and -e options to restrict
the count/detailed list to newly added undocumented symbols only.
There is also a new -s option that does the same as -e except that it
produces no output if there are no newly undocumented symbols.
We also amend "make doc-nits" to add the -s option which should cause
travis to fail if a PR adds undocumented symbols.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9094)
Richard Levitte [Tue, 11 Jun 2019 16:11:25 +0000 (18:11 +0200)]
Configure: count basenames for all library sources
Make sure that each basename only appears once. This is due to the
static library archiver on Unix, that indexes archived object files by
base name only, thereby making base name clashes... interesting.
This is a safety net for OpenSSL developer!
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9133)
Matt Caswell [Wed, 29 May 2019 16:03:53 +0000 (17:03 +0100)]
Create BN_CTX_new_ex() and BN_CTX_secure_new_ex()
These variants of BN_CTX_new() and BN_CTX_secure_new() enable passing
an OPENSSL_CTX so that we can access this where needed throughout the
BIGNUM sub library.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9130)
Acheev Bhagat [Wed, 12 Jun 2019 00:28:04 +0000 (20:28 -0400)]
Remove redundant include
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9137)
Matt Caswell [Tue, 11 Jun 2019 12:27:45 +0000 (13:27 +0100)]
Move a fall through comment
When compiling with --strict-warnings using gcc 7.4.0 the compiler
complains that a case falls through, even though there is an explicit
comment stating this. Moving the comment outside of the conditional
compilation section resolves this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9131)
Bernd Edlinger [Mon, 10 Jun 2019 08:24:35 +0000 (10:24 +0200)]
Fix a URL to the NMBRTHRY list archive
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9123)
Shane Lontis [Tue, 11 Jun 2019 08:19:20 +0000 (18:19 +1000)]
Fix app opt compile failure due to missing <inttypes.h>
opt.c uses functions that are only available if inttypes.h exists.
It now checks a define which is unavailable if
inttypes.h is included. The include is done automagically inside e_os2.h.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8986)
Shane Lontis [Tue, 11 Jun 2019 08:17:52 +0000 (18:17 +1000)]
Fix Windows Compile failure due to missing <inttypes.h>
Including <inttypes.h> caused a windows build failure.
The test is now skipped if strtoimax & strtoumax are not supported.
It does this by checking for a define which is only available if
inttypes.h is not included. The include is done automagically inside e_os2.h.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8986)
Shane Lontis [Fri, 3 May 2019 03:04:58 +0000 (13:04 +1000)]
PBKDF2 updates to conform to SP800-132
The existing code used PKCS5 specifications.
SP800-132 adds the following additional constraints for:
- the range of the key length.
- the minimum iteration count (1000 recommended).
- salt length (at least 128 bits).
These additional constraints may cause errors (in scrypt, and
some PKCS5 related test vectors). To disable the new
constraints use the new ctrl string "pkcs5".
For backwards compatability, the checks are only enabled by
default for fips mode.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8868)
Shane Lontis [Fri, 7 Jun 2019 02:05:23 +0000 (12:05 +1000)]
Make EVP_MD_CTX_ctrl() work for legacy use cases (ssl3).
This is still required currently by engines and digestsign/digestverify.
This PR contains merged in code from Richard Levitte's PR #9126.
[extended tests]
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9103)
Shigeki Ohtsu [Fri, 7 Jun 2019 02:49:48 +0000 (11:49 +0900)]
Fix doc to remove const arg in GEN_SESSION_CB
ae3947de095 changed the callback arg not to have a const parameter.
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9104)
Todd Short [Fri, 5 Apr 2019 14:03:29 +0000 (10:03 -0400)]
Change cipher default strings to a function
Making the default cipher strings a function gives the library more
control over the defaults. Potentially allowing a change in the
future as ciphers become deprecated or dangerous.
Also allows third party distributors to change the defaults for their
installations.
Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8686)
MouriNaruto [Sat, 11 May 2019 21:10:58 +0000 (05:10 +0800)]
Improve the Windows OneCore target support. (Add targets for building libraries for Windows Store apps.)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8917)
The DEVRANDOM_WAIT feature added a select() call to wait for the
`/dev/random` device to become readable before reading from the
`/dev/urandom` device. It was introduced in commit 38023b87f037
in order to mitigate the fact that the `/dev/urandom` device
does not block until the initial seeding of the kernel CSPRNG
has completed, contrary to the behaviour of the `getrandom()`
system call.
It turned out that this change had negative side effects on
performance which were not acceptable. After some discussion it
was decided to revert this feature and leave it up to the OS
resp. the platform maintainer to ensure a proper initialization
during early boot time.
Matt Caswell [Wed, 29 May 2019 15:03:57 +0000 (16:03 +0100)]
Add documentation for new functions taking an OPENSSL_CTX parameter
Various functions have been added that take an OPENSSL_CTX parameter as
a result of moving the RAND code into the FIPS module. We document all of
those functions.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9039)
Acheev Bhagat [Fri, 7 Jun 2019 00:05:49 +0000 (20:05 -0400)]
Replace BIO_printf with ASN1_STRING_print in GENERAL_NAME_print
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9101)
David Makepeace [Fri, 7 Jun 2019 00:45:51 +0000 (10:45 +1000)]
Fixed typo in code comment.
[skip ci]
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9102)
Fix typo in macro argument of SSL_set1_client_sigalgs_list()
Fixes #9092
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9093)
Shane Lontis [Wed, 5 Jun 2019 06:01:18 +0000 (16:01 +1000)]
rename the digest provider files to avoid any name clashes with other folders
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9083)
Shane Lontis [Tue, 4 Jun 2019 01:32:58 +0000 (11:32 +1000)]
Coverity fixes
covID 1445689 Resource leak (in error path)
covID 1445318 Resource leak (in test - minor)
covID 1443705 Unchecked return value (Needed if CRYPTO_atomic_add() was used)
covID 1443691 Resource leak (in app - minor)
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9071)
Richard Levitte [Tue, 4 Jun 2019 14:15:46 +0000 (16:15 +0200)]
EVP_DigestInit_ex(): drop previous context engine earlier
If a EVP_MD_CTX holds a reference to a previously given engine, and
the type of its digest isn't the same as the one given in the new
call, drop that engine reference, allowing providers or other engines
to provide the new algorithm on an equal basis.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9077)
Document deprecation of version-specific SSL/TLS methods
In commit 2b8fa1d56cd3 the version-specific SSL/TLS methods were
deprecated. This patch improves the documentation of that change
by stating the deprecation more prominently in the manual page
and explaining the reason for the deprecation.
Fixes #8989
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9001)
cnt greater than sizeof(strerror_pool) results in an unbounded
OPENSSL_strlcpy() in openssl_strerror_r(), eventually causing a crash.
When the first received error string was empty or contained only
spaces, cur would move in front of the start of the strerror_pool.
Also don't call openssl_strerror_r when the pool is full.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/8966)
Move digest code into the relevant providers (fips, default, legacy).
The headers are temporarily moved to be internal, and will be moved
into providers after all external references are resolved. The deprecated
digest code can not be removed until EVP_PKEY (signing) is supported by
providers. EVP_MD data can also not yet be cleaned up for the same reasons.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8763)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9044)
Matt Caswell [Thu, 30 May 2019 13:40:57 +0000 (14:40 +0100)]
Ensure we get all the right defines for AES assembler in FIPS module
There are various C macro definitions that are passed via the compiler
to enable AES assembler optimisation. We need to make sure that these
defines are also passed during compilation of the FIPS module.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9038)
Matt Caswell [Wed, 17 Apr 2019 10:09:05 +0000 (11:09 +0100)]
Defer sending a KeyUpdate until after pending writes are complete
If we receive a KeyUpdate message (update requested) from the peer while
we are in the middle of a write, we should defer sending the responding
KeyUpdate message until after the current write is complete. We do this
by waiting to send the KeyUpdate until the next time we write and there is
no pending write data.
This does imply a subtle change in behaviour. Firstly the responding
KeyUpdate message won't be sent straight away as it is now. Secondly if
the peer sends multiple KeyUpdates without us doing any writing then we
will only send one response, as opposed to previously where we sent a
response for each KeyUpdate received.
Fixes #8677
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/8773)
Shane Lontis [Mon, 3 Jun 2019 05:19:48 +0000 (15:19 +1000)]
Add the content type attribute to additional CMS signerinfo.
Fixes #8923
Found using the openssl cms -resign option.
This uses an alternate path to do the signing which was not adding the required signed attribute
content type. The content type attribute should always exist since it is required is there are
any signed attributes.
As the signing time attribute is always added in code, the content type attribute is also required.
The CMS_si_check_attributes() method adds validity checks for signed and unsigned attributes
e.g. The message digest attribute is a signed attribute that must exist if any signed attributes
exist, it cannot be an unsigned attribute and there must only be one instance containing a single
value.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8944)
Richard Levitte [Sat, 1 Jun 2019 05:07:48 +0000 (07:07 +0200)]
Windows: Add missing quotes in build file
All invokations of $(PERL) need to be quoted, in case it contains
spaces. That was forgotten in one spot.
Fixes #9060
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9062)
Retropotenza [Fri, 31 May 2019 10:43:24 +0000 (12:43 +0200)]
Fix CHECK_BSD_STYLE_MACROS for OpenBSD and cryptodev-linux
CLA: trivial
Fixes #8911
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/8866)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8866)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9052)
agnosticdev [Wed, 29 May 2019 15:27:26 +0000 (10:27 -0500)]
issue-8998: Ensure that the alert is generated and reaches the remote
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9041)
Pauli [Thu, 30 May 2019 00:57:53 +0000 (10:57 +1000)]
Add man 7 page about properties.
Add a page about properties in the man7 section of the public documentation.
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9011)
Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9021)
Pauli [Tue, 28 May 2019 23:54:29 +0000 (09:54 +1000)]
Test of uniformity of BN_rand_range output.
Rework the test so that it fails far less often.
A number of independent tests are executed and 5% are expected to fail.
The number of such failures follows a binomial distribution which permits
a statistical test a 0.01% expected failure rate.
There is a command line option to enable the stochastic range checking.
It is off by default.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8830)
Shane Lontis [Tue, 28 May 2019 23:50:19 +0000 (09:50 +1000)]
fix timeout in 30-test_evp_pkey_dparam
enabling the 'enable-crypto-mdebug' option and running parameter generation
causes timeouts.
Loading pregenerated params is more suited for these tests.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9022)
Richard Levitte [Mon, 27 May 2019 12:40:25 +0000 (14:40 +0200)]
Configure: Remove extra warning and sanitizer options from CXXFLAGS
We add the extra warning and sanitizer options to check our code,
which is entirely in C. We support C++ compilers uniquely for the
sake of certain external test suites, and those projects can probably
sanitize their own code themselves.
[extended tests]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9013)
Shane Lontis [Mon, 27 May 2019 11:52:37 +0000 (21:52 +1000)]
Add d2i_KeyParams/i2d_KeyParams API's.
Convert EVP_PKEY Parameters to/from binary.
This wraps the low level i2d/d2i calls for DH,DSA and EC key parameters
in a similar way to Public and Private Keys.
The API's can be used by applications (including openssl apps) that only
want to use EVP_PKEY without needing to access low level key API's.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8903)
David Makepeace [Sun, 26 May 2019 23:29:43 +0000 (09:29 +1000)]
Changed ssl layer to use EVP_KDF API for TLS1_PRF and HKDF.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9010)
Richard Levitte [Mon, 15 Apr 2019 15:30:11 +0000 (17:30 +0200)]
doc/man3/X509_LOOKUP_meth_new.pod: clarify the requirements
The documentation of what a X509_LOOKUP implementation must do was
unclear and confusing. Most of all, clarification was needed that it
must store away the found objects in the X509_STORE.
Fixes #8707
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8755)
David Makepeace [Sun, 26 May 2019 22:21:50 +0000 (08:21 +1000)]
Added Conforming To section to EVP_KDF_TLS1_PRF documentation.
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9008)
Simo Sorce [Fri, 24 May 2019 21:35:04 +0000 (17:35 -0400)]
Fix input checks wrt legacy code
In all legacy code ctx->cipher is dereferenced without checks, so it
makes no sense to jump there is ctx->cipher is NULL as it will just lead
to a crash. Catch it separately and return an error.
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9002)
Laszlo Ersek [Thu, 9 May 2019 19:29:48 +0000 (21:29 +0200)]
crypto/evp/evp_key.c: #define BUFSIZ if <stdio.h> doesn't #define it
CLA: trivial
Fixes #8904
Commit 48feaceb53fa ("Remove the possibility to disable the UI module
entirely", 2017-07-03) made the BUFSIZ references in "evp_key.c"
unconditional, by deleting the preprocessing directive "#ifndef
OPENSSL_NO_UI". This breaks the build when compiling OpenSSL for edk2
(OPENSSL_SYS_UEFI), because edk2's <stdio.h> doesn't #define BUFSIZ.
Provide a fallback definition, like we do in "crypto/ui/ui_util.c" (from
commit 984d6c605216, "Fix no-stdio build", 2015-09-29).
Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8922)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8999)
Daniël van Eeden [Fri, 24 May 2019 10:52:33 +0000 (12:52 +0200)]
Update format string for ciphers to account for newer ciphers
* Cipher name: from 23 to 30 (example: ECDHE-ECDSA-AES128-GCM-SHA256)
* Fixed length for TLS version (examples: TLSv1, TLSv1.3)
* Au length from 4 to 5 (example: ECDSA)
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8999)
Fix a crash in the speed command with wrap ciphers
e.g. openssl speed -evp id-aes256-wrap-pad
was crashing because the return code from EVP_CipherInit_ex
was ignored.
Not going to allow that cipher mode because wrap ciphers
produces more bytes output than the input length
and EVP_Update_loop is not really prepared for that.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8739)
Matt Caswell [Tue, 21 May 2019 15:25:24 +0000 (16:25 +0100)]
Add more commentary about recursive Provider intialisation in the FIPS module
In addition this commit ensures that the "provctx" value is defaulted to the current
library context when we are recurively initialising the FIPS provider when already inside
the FIPS module.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8728)
Matt Caswell [Wed, 22 May 2019 18:36:25 +0000 (19:36 +0100)]
Add the NIST CAVS test vectors for CCM
This imports all of the NIST CAVS test vectors for CCM (SP800-38C) and
coverts them for use within evp_test. This commit also adds a script to
convert the .rsp CAVS files into the evp_test format.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8981)
Patrick Steuer [Tue, 21 May 2019 16:50:39 +0000 (18:50 +0200)]
EVP_Digest*: enable SHA3 pre-hashing for DSA
Fixes #7323
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8970)
projects / openssl / log