- 26 3月, 2020 3 次提交
-
-
由 Richard Levitte 提交于
Upgrading EVP_PKEYs from containing legacy keys to containing provider side keys proved to be risky, with a number of unpleasant corner cases, and with functions like EVP_PKEY_get0_DSA() failing unexpectedly. We therefore change course, and instead of upgrading legacy internal keys to provider side internal keys, we downgrade provider side internal keys to legacy ones. To be able to do this, we add |import_from| and make it a callback function designed for evp_keymgmt_export(). This means that evp_pkey_upgrade_to_provider() is replaced with evp_pkey_downgrade(). EVP_PKEY_copy_parameters() is the most deeply affected function of this change. Fixes #11366 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11375)
-
由 Richard Levitte 提交于
This function intialises an EVP_PKEY to contain a provider side internal key. We take the opportunity to also document the older EVP_PKEY_set_type() and EVP_PKEY_set_type_str(). Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11375)
-
由 Richard Levitte 提交于
EVP_PKEY is rather complex, even before provider side keys entered the stage. You could have untyped / unassigned keys (pk->type == EVP_PKEY_NONE), keys that had been assigned a type but no data (pk->pkey.ptr == NULL), and fully assigned keys (pk->type != EVP_PKEY_NONE && pk->pkey.ptr != NULL). For provider side keys, the corresponding states weren't well defined, and the code didn't quite account for all the possibilities. We also guard most of the legacy fields in EVP_PKEY with FIPS_MODE, so they don't exist at all in the FIPS module. Most of all, code needs to adapt to the case where an EVP_PKEY's |keymgmt| is non-NULL, but its |keydata| is NULL. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11375)
-
- 25 3月, 2020 10 次提交
-
-
由 Richard Levitte 提交于
We can find no reason why everyone should have to call both EC_curve_nist2nid() and ec_curve_name2nid() to find the NID for a name, and it's too easy to forget EC_curve_nist2nid(), so we make life simpler. One could argue that FIPS only allows a limited set of names, but that now gets handled internally, and those who really want to be really sure to only get the NIST names can still do so with EC_curve_nist2nid() Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11391)
-
由 Dr. David von Oheimb 提交于
Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712). Adds the CMP and CRMF API to libcrypto and the "cmp" app to the CLI. Adds extensive documentation and tests. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11300)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11300)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11300)
-
由 Nikolay Morozov 提交于
Issuer Sign Tool (1.2.643.100.112) The name of the tool used to signs the subject (ASN1_SEQUENCE) This extention is required to obtain the status of a qualified certificate at Russian Federation. RFC-style description is available here: https://tools.ietf.org/html/draft-deremin-rfc4491-bis-04#section-5 Russian Federal Law 63 "Digital Sign" is available here: http://www.consultant.ru/document/cons_doc_LAW_112701/Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11216)
-
由 Matt Caswell 提交于
EVP_PKEY_new_mac_key() was failing if the specified MAC was not available in the default provider - even though that MAC is never actually needed to successfully complete the function. The resulting EVP_PKEY can then be used in some non-default libctx which *does* have the MAC loaded. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11360)
-
由 Richard Levitte 提交于
On Unix, a caught signal that exits the process does so with an exit code that is 'signal | 128'. This modifies util/wrap.pl to mimic that. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11379)
-
由 Richard Könning 提交于
CLA: trivial Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/11372)
-
由 Matt Caswell 提交于
We use AES-256-CBC to encrypt stateless session tickets. We should ensure that the implementation is fetched from the appropriate provider. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11356)
-
由 Matt Caswell 提交于
We use the SHA256 digest of the ticket as a "fake" session id. We should ensure that the SHA256 implementation is fetched from the appropriate provider. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11356)
-
- 23 3月, 2020 7 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11357)
-
由 Matt Caswell 提交于
When constructing an RSA ClientKeyExchange make sure we construct our EVP_PKEY_CTX using the correct libctx and properties Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11357)
-
由 Rich Salz 提交于
Merge the NOTES section into the relevant parts of the manpage. Add the $EXTRA parameter in consistent places (the end) to call commands. Document that multiple -extra-XXX might be needed. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11338)
-
由 Matt Caswell 提交于
Even though an application callS the new EVP_DigestSignInit_ex() function to pass an mdname by string rather than EVP_MD, we may still end up in legacy codepaths, and therefore we need to handle either mdname or EVP_MD, in both legacy and non-legacy codepaths. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11353)
-
由 Matt Caswell 提交于
EVP_DigestSignInit_ex and EVP_DigestVerifyInit_ex did not provide the capability to specify an explicit OPENSSL_CTX parameter. It is still possible by explicitly setting an EVP_PKEY_CTX - but in most cases it would be much simpler to just specify it in the Init call. We add the capability to do that. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11353)
-
由 Richard Levitte 提交于
The export-to-provider functions for DH, DSA and EC_KEY assumed that a public key is always present, and would fail if not. This blocks any attempt to export a key structure with only domain parameters. While fixing this, we also modify the selection declaration to evp_keymgmt_import() to be more adaptive, the diverse selection bits are now added when the corresponding data is added to the OSSL_PARAM array. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11374)
-
由 Dr. David von Oheimb 提交于
in particular X509_NAME*, X509_STORE{,_CTX}*, and ASN1_INTEGER *, also some result types of new functions, which does not break compatibility Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/10504)
-
- 22 3月, 2020 1 次提交
-
-
由 Bernd Edlinger 提交于
Basically we use EXFLAG_INVALID for all kinds of out of memory and all kinds of parse errors in x509v3_cache_extensions. [extended tests] Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10755)
-
- 21 3月, 2020 3 次提交
-
-
由 Richard Levitte 提交于
This was always a potential, we just haven't seen this need before now. Reviewed-by: NPaul Yang <kaishen.yy@antfin.com> (Merged from https://github.com/openssl/openssl/pull/11343)
-
由 Richard Levitte 提交于
Instead of fetching the EVP_KEYMGMT in the init for every different operation, do it when creating the EVP_PKEY_CTX. This allows certain control functions to be called between the creation of the EVP_PKEY_CTX and the call of the operation's init function. Use case: EVP_PKEY_CTX_set1_id(), which is allowed to be called very early with the legacy implementation, this should still be allowed with provider implementations. Reviewed-by: NPaul Yang <kaishen.yy@antfin.com> (Merged from https://github.com/openssl/openssl/pull/11343)
-
由 EasySec 提交于
There is NO PSK identity hint in TLSv1.3 so output a warning message when inconsistent PSK / TLS options are mixed. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11322)
-
- 20 3月, 2020 2 次提交
-
-
由 Shane Lontis 提交于
The self tests for the fips module are triggered on startup and they need to know the core's libctx in order to function correctly. As the provider can be autoloaded via configuration it then needs to propagate the callers libctx down to the provider via the config load. Note that OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, ..) is still called, but will only load the default configuration if the OPENSSL_CONF environment variable is set. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11240)
-
由 Matt Caswell 提交于
At various points in crypto/rsa we need to get random numbers. We should ensure that we use the correct libctx when doing so. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11355)
-
- 19 3月, 2020 3 次提交
-
-
由 Matt Caswell 提交于
We were doing an EVP_MAC_fetch without using the correct libctx. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11354)
-
由 Matt Caswell 提交于
EVP_MD_CTX_ctrl assumes that a digest has always been set. However in a non-legacy EVP_DigestSign* operation this is not the case because the digest is handled entirely by the underlying signature implementation. This fixes one of the travis failures on the master branch. [extended tests] Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11317)
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11346)
-
- 18 3月, 2020 8 次提交
-
-
由 David von Oheimb 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11092)
-
由 David von Oheimb 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11092)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11307)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11285)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11285)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11285)
-
由 Rich Salz 提交于
- Add travis_wait to the build command - And travis_retry to some apt-get commands. - Use `make _tests` instead of `make test` Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/11319)
-
由 Matt Caswell 提交于
This is largely based on the existing X25519 and X448 serializers - but a few adjustments were necessary so that we can identify what type of key we are using. Previously we used the keylen for this but X25519 and ED25519 have the same keylen. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11272)
-
- 17 3月, 2020 1 次提交
-
-
由 Ben Kaduk 提交于
We have no need for a new set of SSL_CTXs in test_ccs_change_cipher(), so just keep using the original ones. Also, fix a typo in a comment. [extended tests] Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11336)
-
- 16 3月, 2020 2 次提交
-
-
由 Xiaokang Qian 提交于
On 32 bit operating system,size_t is defined as unsigned int, this is the return type of strlen(), but it isn't aligned with the %ld, when compiling, warning will be reported. Change the type to %zu to avoid the warning. Change-Id: I2943d0dfba88ef42892f14230242008473d6263b Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11325)
-
由 John Baldwin 提交于
With KTLS, writes to an SSL connection store the application buffer pointer directly in the 'buf' member instead of allocating a separate buffer to hold the encrypted data. As a result, ssl3_release_write_buffer() has to avoid freeing these 'buf' pointers. Previously, ssl3_release_write_buffer() checked for KTLS being enabled on the write BIO to determine if a buffer should be freed. However, a buffer can outlive a BIO. For example, 'openssl s_time' creates new write BIOs when reusing sessions. Since the new BIO did not have KTLS enabled at the start of a connection, ssl3_release_write_buffer() would incorrectly try to free the 'buf' pointer from the previous KTLS connection. To fix, track the state of 'buf' explicitly in SSL3_BUFFER to determine if the 'buf' should be freed or simply cleared. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10489)
-