[openssl] master update
Richard Levitte
levitte at openssl.org
Tue Jan 21 13:08:50 UTC 2020
The branch master has been updated
via 7b131de2bb2be8582c6dfc50bdd3cbc49e1a08be (commit)
via 0b9dd3842f9bbe7a7c290187056a96827d848f52 (commit)
from 967ef73013becef2aec3439f8c45204b24121018 (commit)
- Log -----------------------------------------------------------------
commit 7b131de2bb2be8582c6dfc50bdd3cbc49e1a08be
Author: Richard Levitte <levitte at openssl.org>
Date: Wed Jan 15 14:09:54 2020 +0100
PROV: Add support for error queue marks and implement in FIPS module
This propagates ERR_set_mark(), and ERR_clear_last_mark() and
ERR_pop_to_mark() for provider use.
Reviewed-by: Nicola Tuveri <nic.tuv at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/10803)
commit 0b9dd3842f9bbe7a7c290187056a96827d848f52
Author: Richard Levitte <levitte at openssl.org>
Date: Fri Jan 10 17:50:03 2020 +0100
EVP: clear error when falling back from failed EVP_KEYMGMT_fetch()
Since we're falling back to legacy, this isn't an error any more.
Among others the failed EVP_KEYMGMT_fetch() error shadows other errors
produced by the legacy code, which disrupts our test/evp_test runs.
We use the error stack mark to restore the error stack just right,
i.e. ERR_set_mark(), ERR_clear_last_mark() and ERR_pop_to_mark()
Reviewed-by: Nicola Tuveri <nic.tuv at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/10803)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/exchange.c | 28 +++++++++++++++++++++++----
crypto/evp/m_sigver.c | 27 ++++++++++++++++++++++----
crypto/evp/pmeth_fn.c | 34 ++++++++++++++++++++++++++++-----
crypto/evp/signature.c | 29 ++++++++++++++++++++++++----
crypto/provider_core.c | 23 ++++++++++++++++++++++
include/openssl/core_numbers.h | 43 ++++++++++++++++++++++++------------------
providers/fips/fipsprov.c | 27 ++++++++++++++++++++++++++
7 files changed, 176 insertions(+), 35 deletions(-)
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index 9bb241fe14..1f9e39be4c 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -175,6 +175,12 @@ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
evp_pkey_ctx_free_old_ops(ctx);
ctx->operation = EVP_PKEY_OP_DERIVE;
+ /*
+ * TODO when we stop falling back to legacy, this and the ERR_pop_to_mark()
+ * calls can be removed.
+ */
+ ERR_set_mark();
+
if (ctx->engine != NULL || ctx->keytype == NULL)
goto legacy;
@@ -185,6 +191,7 @@ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
if (provkey == NULL)
goto legacy;
if (!EVP_KEYMGMT_up_ref(tmp_keymgmt)) {
+ ERR_clear_last_mark();
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
goto err;
}
@@ -211,15 +218,21 @@ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
|| (EVP_KEYMGMT_provider(ctx->keymgmt)
!= EVP_KEYEXCH_provider(exchange))) {
/*
- * We don't have the full support we need with provided methods,
- * let's go see if legacy does. Also, we don't need to free
- * ctx->keymgmt here, as it's not necessarily tied to this
- * operation. It will be freed by EVP_PKEY_CTX_free().
+ * We don't need to free ctx->keymgmt here, as it's not necessarily
+ * tied to this operation. It will be freed by EVP_PKEY_CTX_free().
*/
EVP_KEYEXCH_free(exchange);
goto legacy;
}
+ /*
+ * TODO remove this when legacy is gone
+ * If we don't have the full support we need with provided methods,
+ * let's go see if legacy does.
+ */
+ ERR_pop_to_mark();
+
+ /* No more legacy from here down to legacy: */
ctx->op.kex.exchange = exchange;
ctx->op.kex.exchprovctx = exchange->newctx(ossl_provider_ctx(exchange->prov));
@@ -236,6 +249,13 @@ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
return 0;
legacy:
+ /*
+ * TODO remove this when legacy is gone
+ * If we don't have the full support we need with provided methods,
+ * let's go see if legacy does.
+ */
+ ERR_pop_to_mark();
+
if (ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
return -2;
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 20c0a1ad59..79099b1e35 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -54,6 +54,12 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
locpctx = ctx->pctx;
evp_pkey_ctx_free_old_ops(locpctx);
+ /*
+ * TODO when we stop falling back to legacy, this and the ERR_pop_to_mark()
+ * calls can be removed.
+ */
+ ERR_set_mark();
+
if (locpctx->keytype == NULL)
goto legacy;
@@ -80,6 +86,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
if (provkey == NULL)
goto legacy;
if (!EVP_KEYMGMT_up_ref(tmp_keymgmt)) {
+ ERR_clear_last_mark();
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
goto err;
}
@@ -108,15 +115,20 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|| (EVP_KEYMGMT_provider(locpctx->keymgmt)
!= EVP_SIGNATURE_provider(signature))) {
/*
- * We don't have the full support we need with provided methods,
- * let's go see if legacy does. Also, we don't need to free
- * ctx->keymgmt here, as it's not necessarily tied to this
- * operation. It will be freed by EVP_PKEY_CTX_free().
+ * We don't need to free ctx->keymgmt here, as it's not necessarily
+ * tied to this operation. It will be freed by EVP_PKEY_CTX_free().
*/
EVP_SIGNATURE_free(signature);
goto legacy;
}
+ /*
+ * TODO remove this when legacy is gone
+ * If we don't have the full support we need with provided methods,
+ * let's go see if legacy does.
+ */
+ ERR_pop_to_mark();
+
/* No more legacy from here down to legacy: */
locpctx->op.sig.signature = signature;
@@ -164,6 +176,13 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
return 0;
legacy:
+ /*
+ * TODO remove this when legacy is gone
+ * If we don't have the full support we need with provided methods,
+ * let's go see if legacy does.
+ */
+ ERR_pop_to_mark();
+
if (ctx->pctx->pmeth == NULL) {
EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
return 0;
diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c
index 19bc56c654..34cde67668 100644
--- a/crypto/evp/pmeth_fn.c
+++ b/crypto/evp/pmeth_fn.c
@@ -32,6 +32,12 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation)
evp_pkey_ctx_free_old_ops(ctx);
ctx->operation = operation;
+ /*
+ * TODO when we stop falling back to legacy, this and the ERR_pop_to_mark()
+ * calls can be removed.
+ */
+ ERR_set_mark();
+
if (ctx->keytype == NULL || ctx->engine != NULL)
goto legacy;
@@ -41,7 +47,11 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation)
&tmp_keymgmt, ctx->propquery, 0);
if (provkey == NULL)
goto legacy;
- EVP_KEYMGMT_up_ref(tmp_keymgmt);
+ if (!EVP_KEYMGMT_up_ref(tmp_keymgmt)) {
+ ERR_clear_last_mark();
+ ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
+ goto err;
+ }
EVP_KEYMGMT_free(ctx->keymgmt);
ctx->keymgmt = tmp_keymgmt;
@@ -67,15 +77,22 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation)
|| (EVP_KEYMGMT_provider(ctx->keymgmt)
!= EVP_ASYM_CIPHER_provider(cipher))) {
/*
- * We don't have the full support we need with provided methods,
- * let's go see if legacy does. Also, we don't need to free
- * ctx->keymgmt here, as it's not necessarily tied to this
- * operation. It will be freed by EVP_PKEY_CTX_free().
+ * We don't need to free ctx->keymgmt here, as it's not necessarily
+ * tied to this operation. It will be freed by EVP_PKEY_CTX_free().
*/
EVP_ASYM_CIPHER_free(cipher);
goto legacy;
}
+ /*
+ * TODO remove this when legacy is gone
+ * If we don't have the full support we need with provided methods,
+ * let's go see if legacy does.
+ */
+ ERR_pop_to_mark();
+
+ /* No more legacy from here down to legacy: */
+
ctx->op.ciph.cipher = cipher;
ctx->op.ciph.ciphprovctx = cipher->newctx(ossl_provider_ctx(cipher->prov));
if (ctx->op.ciph.ciphprovctx == NULL) {
@@ -114,6 +131,13 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation)
return 1;
legacy:
+ /*
+ * TODO remove this when legacy is gone
+ * If we don't have the full support we need with provided methods,
+ * let's go see if legacy does.
+ */
+ ERR_pop_to_mark();
+
if (ctx->pmeth == NULL || ctx->pmeth->encrypt == NULL) {
EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
return -2;
diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index 0adf59be2a..7c6828b3b3 100644
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -333,6 +333,12 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation)
evp_pkey_ctx_free_old_ops(ctx);
ctx->operation = operation;
+ /*
+ * TODO when we stop falling back to legacy, this and the ERR_pop_to_mark()
+ * calls can be removed.
+ */
+ ERR_set_mark();
+
if (ctx->keytype == NULL)
goto legacy;
@@ -343,6 +349,7 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation)
if (provkey == NULL)
goto legacy;
if (!EVP_KEYMGMT_up_ref(tmp_keymgmt)) {
+ ERR_clear_last_mark();
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
goto err;
}
@@ -370,15 +377,22 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation)
|| (EVP_KEYMGMT_provider(ctx->keymgmt)
!= EVP_SIGNATURE_provider(signature))) {
/*
- * We don't have the full support we need with provided methods,
- * let's go see if legacy does. Also, we don't need to free
- * ctx->keymgmt here, as it's not necessarily tied to this
- * operation. It will be freed by EVP_PKEY_CTX_free().
+ * We don't need to free ctx->keymgmt here, as it's not necessarily
+ * tied to this operation. It will be freed by EVP_PKEY_CTX_free().
*/
EVP_SIGNATURE_free(signature);
goto legacy;
}
+ /*
+ * TODO remove this when legacy is gone
+ * If we don't have the full support we need with provided methods,
+ * let's go see if legacy does.
+ */
+ ERR_pop_to_mark();
+
+ /* No more legacy from here down to legacy: */
+
ctx->op.sig.signature = signature;
ctx->op.sig.sigprovctx = signature->newctx(ossl_provider_ctx(signature->prov));
if (ctx->op.sig.sigprovctx == NULL) {
@@ -425,6 +439,13 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation)
return 1;
legacy:
+ /*
+ * TODO remove this when legacy is gone
+ * If we don't have the full support we need with provided methods,
+ * let's go see if legacy does.
+ */
+ ERR_pop_to_mark();
+
if (ctx->pmeth == NULL
|| (operation == EVP_PKEY_OP_SIGN && ctx->pmeth->sign == NULL)
|| (operation == EVP_PKEY_OP_VERIFY && ctx->pmeth->verify == NULL)
diff --git a/crypto/provider_core.c b/crypto/provider_core.c
index 2f2d69a0c3..cac325407f 100644
--- a/crypto/provider_core.c
+++ b/crypto/provider_core.c
@@ -774,6 +774,9 @@ static OSSL_core_get_library_context_fn core_get_libctx;
static OSSL_core_new_error_fn core_new_error;
static OSSL_core_set_error_debug_fn core_set_error_debug;
static OSSL_core_vset_error_fn core_vset_error;
+static OSSL_core_set_error_mark_fn core_set_error_mark;
+static OSSL_core_clear_last_error_mark_fn core_clear_last_error_mark;
+static OSSL_core_pop_error_to_mark_fn core_pop_error_to_mark;
#endif
static const OSSL_PARAM *core_gettable_params(const OSSL_PROVIDER *prov)
@@ -857,6 +860,21 @@ static void core_vset_error(const OSSL_PROVIDER *prov,
ERR_vset_error(prov->error_lib, (int)reason, fmt, args);
}
}
+
+static int core_set_error_mark(const OSSL_PROVIDER *prov)
+{
+ return ERR_set_mark();
+}
+
+static int core_clear_last_error_mark(const OSSL_PROVIDER *prov)
+{
+ return ERR_clear_last_mark();
+}
+
+static int core_pop_error_to_mark(const OSSL_PROVIDER *prov)
+{
+ return ERR_pop_to_mark();
+}
#endif
/*
@@ -872,6 +890,11 @@ static const OSSL_DISPATCH core_dispatch_[] = {
{ OSSL_FUNC_CORE_NEW_ERROR, (void (*)(void))core_new_error },
{ OSSL_FUNC_CORE_SET_ERROR_DEBUG, (void (*)(void))core_set_error_debug },
{ OSSL_FUNC_CORE_VSET_ERROR, (void (*)(void))core_vset_error },
+ { OSSL_FUNC_CORE_SET_ERROR_MARK, (void (*)(void))core_set_error_mark },
+ { OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK,
+ (void (*)(void))core_clear_last_error_mark },
+ { OSSL_FUNC_CORE_POP_ERROR_TO_MARK,
+ (void (*)(void))core_pop_error_to_mark },
{ OSSL_FUNC_BIO_NEW_FILE, (void (*)(void))BIO_new_file },
{ OSSL_FUNC_BIO_NEW_MEMBUF, (void (*)(void))BIO_new_mem_buf },
{ OSSL_FUNC_BIO_READ_EX, (void (*)(void))BIO_read_ex },
diff --git a/include/openssl/core_numbers.h b/include/openssl/core_numbers.h
index 5019ef5fa8..3aa35a0ade 100644
--- a/include/openssl/core_numbers.h
+++ b/include/openssl/core_numbers.h
@@ -80,53 +80,60 @@ OSSL_CORE_MAKE_FUNC(void,core_set_error_debug,
OSSL_CORE_MAKE_FUNC(void,core_vset_error,
(const OSSL_PROVIDER *prov,
uint32_t reason, const char *fmt, va_list args))
+# define OSSL_FUNC_CORE_SET_ERROR_MARK 8
+OSSL_CORE_MAKE_FUNC(int, core_set_error_mark, (const OSSL_PROVIDER *prov))
+# define OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK 9
+OSSL_CORE_MAKE_FUNC(int, core_clear_last_error_mark,
+ (const OSSL_PROVIDER *prov))
+# define OSSL_FUNC_CORE_POP_ERROR_TO_MARK 10
+OSSL_CORE_MAKE_FUNC(int, core_pop_error_to_mark, (const OSSL_PROVIDER *prov))
/* Memory allocation, freeing, clearing. */
-#define OSSL_FUNC_CRYPTO_MALLOC 10
+#define OSSL_FUNC_CRYPTO_MALLOC 20
OSSL_CORE_MAKE_FUNC(void *,
CRYPTO_malloc, (size_t num, const char *file, int line))
-#define OSSL_FUNC_CRYPTO_ZALLOC 11
+#define OSSL_FUNC_CRYPTO_ZALLOC 21
OSSL_CORE_MAKE_FUNC(void *,
CRYPTO_zalloc, (size_t num, const char *file, int line))
-#define OSSL_FUNC_CRYPTO_FREE 12
+#define OSSL_FUNC_CRYPTO_FREE 22
OSSL_CORE_MAKE_FUNC(void,
CRYPTO_free, (void *ptr, const char *file, int line))
-#define OSSL_FUNC_CRYPTO_CLEAR_FREE 13
+#define OSSL_FUNC_CRYPTO_CLEAR_FREE 23
OSSL_CORE_MAKE_FUNC(void,
CRYPTO_clear_free, (void *ptr, size_t num, const char *file, int line))
-#define OSSL_FUNC_CRYPTO_REALLOC 14
+#define OSSL_FUNC_CRYPTO_REALLOC 24
OSSL_CORE_MAKE_FUNC(void *,
CRYPTO_realloc, (void *addr, size_t num, const char *file, int line))
-#define OSSL_FUNC_CRYPTO_CLEAR_REALLOC 15
+#define OSSL_FUNC_CRYPTO_CLEAR_REALLOC 25
OSSL_CORE_MAKE_FUNC(void *,
CRYPTO_clear_realloc, (void *addr, size_t old_num, size_t num,
const char *file, int line))
-#define OSSL_FUNC_CRYPTO_SECURE_MALLOC 16
+#define OSSL_FUNC_CRYPTO_SECURE_MALLOC 26
OSSL_CORE_MAKE_FUNC(void *,
CRYPTO_secure_malloc, (size_t num, const char *file, int line))
-#define OSSL_FUNC_CRYPTO_SECURE_ZALLOC 17
+#define OSSL_FUNC_CRYPTO_SECURE_ZALLOC 27
OSSL_CORE_MAKE_FUNC(void *,
CRYPTO_secure_zalloc, (size_t num, const char *file, int line))
-#define OSSL_FUNC_CRYPTO_SECURE_FREE 18
+#define OSSL_FUNC_CRYPTO_SECURE_FREE 28
OSSL_CORE_MAKE_FUNC(void,
CRYPTO_secure_free, (void *ptr, const char *file, int line))
-#define OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE 19
+#define OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE 29
OSSL_CORE_MAKE_FUNC(void,
CRYPTO_secure_clear_free, (void *ptr, size_t num, const char *file,
int line))
-#define OSSL_FUNC_CRYPTO_SECURE_ALLOCATED 20
+#define OSSL_FUNC_CRYPTO_SECURE_ALLOCATED 30
OSSL_CORE_MAKE_FUNC(int,
CRYPTO_secure_allocated, (const void *ptr))
-#define OSSL_FUNC_OPENSSL_CLEANSE 21
+#define OSSL_FUNC_OPENSSL_CLEANSE 31
OSSL_CORE_MAKE_FUNC(void,
OPENSSL_cleanse, (void *ptr, size_t len))
/* Bio functions provided by the core */
-#define OSSL_FUNC_BIO_NEW_FILE 23
-#define OSSL_FUNC_BIO_NEW_MEMBUF 24
-#define OSSL_FUNC_BIO_READ_EX 25
-#define OSSL_FUNC_BIO_FREE 26
-#define OSSL_FUNC_BIO_VPRINTF 27
+#define OSSL_FUNC_BIO_NEW_FILE 40
+#define OSSL_FUNC_BIO_NEW_MEMBUF 41
+#define OSSL_FUNC_BIO_READ_EX 42
+#define OSSL_FUNC_BIO_FREE 43
+#define OSSL_FUNC_BIO_VPRINTF 44
OSSL_CORE_MAKE_FUNC(BIO *, BIO_new_file, (const char *filename, const char *mode))
OSSL_CORE_MAKE_FUNC(BIO *, BIO_new_membuf, (const void *buf, int len))
@@ -136,7 +143,7 @@ OSSL_CORE_MAKE_FUNC(int, BIO_free, (BIO *bio))
OSSL_CORE_MAKE_FUNC(int, BIO_vprintf, (BIO *bio, const char *format,
va_list args))
-#define OSSL_FUNC_SELF_TEST_CB 28
+#define OSSL_FUNC_SELF_TEST_CB 100
OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CTX *ctx, OSSL_CALLBACK **cb,
void **cbarg))
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index cf4181dd2a..eeb1b1e1cf 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -54,6 +54,9 @@ OSSL_core_thread_start_fn *c_thread_start;
static OSSL_core_new_error_fn *c_new_error;
static OSSL_core_set_error_debug_fn *c_set_error_debug;
static OSSL_core_vset_error_fn *c_vset_error;
+static OSSL_core_set_error_mark_fn *c_set_error_mark;
+static OSSL_core_clear_last_error_mark_fn *c_clear_last_error_mark;
+static OSSL_core_pop_error_to_mark_fn *c_pop_error_to_mark;
static OSSL_CRYPTO_malloc_fn *c_CRYPTO_malloc;
static OSSL_CRYPTO_zalloc_fn *c_CRYPTO_zalloc;
static OSSL_CRYPTO_free_fn *c_CRYPTO_free;
@@ -675,6 +678,15 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider,
case OSSL_FUNC_CORE_VSET_ERROR:
c_vset_error = OSSL_get_core_vset_error(in);
break;
+ case OSSL_FUNC_CORE_SET_ERROR_MARK:
+ c_set_error_mark = OSSL_get_core_set_error_mark(in);
+ break;
+ case OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK:
+ c_clear_last_error_mark = OSSL_get_core_clear_last_error_mark(in);
+ break;
+ case OSSL_FUNC_CORE_POP_ERROR_TO_MARK:
+ c_pop_error_to_mark = OSSL_get_core_pop_error_to_mark(in);
+ break;
case OSSL_FUNC_CRYPTO_MALLOC:
c_CRYPTO_malloc = OSSL_get_CRYPTO_malloc(in);
break;
@@ -839,6 +851,21 @@ void ERR_vset_error(int lib, int reason, const char *fmt, va_list args)
c_vset_error(NULL, ERR_PACK(lib, 0, reason), fmt, args);
}
+int ERR_set_mark(void)
+{
+ return c_set_error_mark(NULL);
+}
+
+int ERR_clear_last_mark(void)
+{
+ return c_clear_last_error_mark(NULL);
+}
+
+int ERR_pop_to_mark(void)
+{
+ return c_pop_error_to_mark(NULL);
+}
+
const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *ctx)
{
FIPS_GLOBAL *fgbl = openssl_ctx_get_data(ctx, OPENSSL_CTX_FIPS_PROV_INDEX,
More information about the openssl-commits
mailing list