[openssl] master update

beldmit at gmail.com beldmit at gmail.com
Thu Jun 11 14:29:13 UTC 2020


The branch master has been updated
       via  0f6c3ebbf85b93ca78f6b5e5cead8f406fe70123 (commit)
       via  1154ffbfb38418ea68af9661e19daa0d6d984adb (commit)
       via  42b2797e8abced593084e5cd02d8c6e5ee5ed5c5 (commit)
      from  d9c2fd51e2e278bc3f7793a104ff7b4879f6d63a (commit)


- Log -----------------------------------------------------------------
commit 0f6c3ebbf85b93ca78f6b5e5cead8f406fe70123
Author: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
Date:   Sat Jun 6 18:22:04 2020 +0200

    doc: Add a hint to man3/EVP_$hash that it is legacy
    
    Some hash algorithms are only provided by the legacy provider. This
    information is not mentioned in EVP_md4(3) for md4 and one might wonder
    why it is no longer working.
    
    Add a note to the EVP_ man page for md2, md4, mdc2, ripemd160 and
    whirlpool that it is only available with the legacy provider.
    
    Fixes #11650
    
    Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
    (Merged from https://github.com/openssl/openssl/pull/12074)

commit 1154ffbfb38418ea68af9661e19daa0d6d984adb
Author: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
Date:   Sat Jun 6 17:21:15 2020 +0200

    APPS: Use a second EVP_MD_CTX for EdDSA verify
    
    Verify for the two EdDSA algorithms fails in "speed eddsa".
    It appears that the same ctx can not be used for the sign and verify
    process.
    
    Create a second EVP_MD_CTX for the verify purpose.
    
    Fixes #11650
    
    Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
    (Merged from https://github.com/openssl/openssl/pull/12074)

commit 42b2797e8abced593084e5cd02d8c6e5ee5ed5c5
Author: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
Date:   Sat Jun 6 14:35:57 2020 +0200

    APPS: Exclude legacy algorighms from speed
    
    Legacy crypto algorithms are not provided by the default "provider"
    leading to a warning.
    Remove legacy algorithms from the set that is tested by default. The
    algorihms can be tested manually if selected manually and using the
    legacy provider.
    
    Fixes #11650
    
    Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
    (Merged from https://github.com/openssl/openssl/pull/12074)

-----------------------------------------------------------------------

Summary of changes:
 apps/speed.c               | 31 +++++++++++++++++++++++++++----
 doc/man3/EVP_md2.pod       |  3 ++-
 doc/man3/EVP_md4.pod       |  4 +++-
 doc/man3/EVP_mdc2.pod      |  4 +++-
 doc/man3/EVP_ripemd160.pod |  2 ++
 doc/man3/EVP_whirlpool.pod |  4 +++-
 6 files changed, 40 insertions(+), 8 deletions(-)

diff --git a/apps/speed.c b/apps/speed.c
index f481b6b8fd..4bd42d4e42 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -575,6 +575,7 @@ typedef struct loopargs_st {
     EC_KEY *ecdsa[ECDSA_NUM];
     EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
     EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
+    EVP_MD_CTX *eddsa_ctx2[EdDSA_NUM];
 # ifndef OPENSSL_NO_SM2
     EVP_MD_CTX *sm2_ctx[SM2_NUM];
     EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
@@ -1242,7 +1243,7 @@ static int EdDSA_verify_loop(void *args)
 {
     loopargs_t *tempargs = *(loopargs_t **) args;
     unsigned char *buf = tempargs->buf;
-    EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
+    EVP_MD_CTX **edctx = tempargs->eddsa_ctx2;
     unsigned char *eddsasig = tempargs->buf2;
     size_t eddsasigsize = tempargs->sigsize;
     int ret, count;
@@ -1995,6 +1996,15 @@ int speed_main(int argc, char **argv)
     if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
         memset(doit, 1, sizeof(doit));
         doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0;
+#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+	doit[D_MDC2] = 0;
+#endif
+#if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+	doit[D_MD4] = 0;
+#endif
+#if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+	doit[D_RMD160] = 0;
+#endif
 #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
         memset(rsa_doit, 1, sizeof(rsa_doit));
 #endif
@@ -3380,6 +3390,11 @@ int speed_main(int argc, char **argv)
                 st = 0;
                 break;
             }
+            loopargs[i].eddsa_ctx2[testnum] = EVP_MD_CTX_new();
+            if (loopargs[i].eddsa_ctx2[testnum] == NULL) {
+                st = 0;
+                break;
+            }
 
             if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid, NULL))
                     == NULL
@@ -3397,6 +3412,13 @@ int speed_main(int argc, char **argv)
                 EVP_PKEY_free(ed_pkey);
                 break;
             }
+           if (!EVP_DigestVerifyInit(loopargs[i].eddsa_ctx2[testnum], NULL,
+                                     NULL, NULL, ed_pkey)) {
+                st = 0;
+                EVP_PKEY_free(ed_pkey);
+                break;
+            }
+
             EVP_PKEY_free(ed_pkey);
         }
         if (st == 0) {
@@ -3434,10 +3456,9 @@ int speed_main(int argc, char **argv)
                 eddsa_results[testnum][0] = (double)count / d;
                 rsa_count = count;
             }
-
             /* Perform EdDSA verification test */
             for (i = 0; i < loopargs_len; i++) {
-                st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
+                st = EVP_DigestVerify(loopargs[i].eddsa_ctx2[testnum],
                                       loopargs[i].buf2, loopargs[i].sigsize,
                                       loopargs[i].buf, 20);
                 if (st != 1)
@@ -4012,8 +4033,10 @@ int speed_main(int argc, char **argv)
             EC_KEY_free(loopargs[i].ecdsa[k]);
         for (k = 0; k < EC_NUM; k++)
             EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
-        for (k = 0; k < EdDSA_NUM; k++)
+        for (k = 0; k < EdDSA_NUM; k++) {
             EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
+            EVP_MD_CTX_free(loopargs[i].eddsa_ctx2[k]);
+	}
 # ifndef OPENSSL_NO_SM2
         for (k = 0; k < SM2_NUM; k++) {
             EVP_PKEY_CTX *pctx = NULL;
diff --git a/doc/man3/EVP_md2.pod b/doc/man3/EVP_md2.pod
index a28467f5c1..15e37a0040 100644
--- a/doc/man3/EVP_md2.pod
+++ b/doc/man3/EVP_md2.pod
@@ -14,7 +14,7 @@ EVP_md2
 =head1 DESCRIPTION
 
 MD2 is a cryptographic hash function standardized in RFC 1319 and designed by
-Ronald Rivest.
+Ronald Rivest. This implementation is only available with the legacy provider.
 
 =over 4
 
@@ -38,6 +38,7 @@ IETF RFC 1319.
 =head1 SEE ALSO
 
 L<evp(7)>,
+L<provider(7)>,
 L<EVP_DigestInit(3)>
 
 =head1 COPYRIGHT
diff --git a/doc/man3/EVP_md4.pod b/doc/man3/EVP_md4.pod
index 8b3874e531..21c94e91c0 100644
--- a/doc/man3/EVP_md4.pod
+++ b/doc/man3/EVP_md4.pod
@@ -14,7 +14,8 @@ EVP_md4
 =head1 DESCRIPTION
 
 MD4 is a cryptographic hash function standardized in RFC 1320 and designed by
-Ronald Rivest, first published in 1990.
+Ronald Rivest, first published in 1990. This implementation is only available
+with the legacy provider.
 
 =over 4
 
@@ -38,6 +39,7 @@ IETF RFC 1320.
 =head1 SEE ALSO
 
 L<evp(7)>,
+L<provider(7)>,
 L<EVP_DigestInit(3)>
 
 =head1 COPYRIGHT
diff --git a/doc/man3/EVP_mdc2.pod b/doc/man3/EVP_mdc2.pod
index 0c9a5fa4d4..ecbba26505 100644
--- a/doc/man3/EVP_mdc2.pod
+++ b/doc/man3/EVP_mdc2.pod
@@ -14,7 +14,8 @@ EVP_mdc2
 =head1 DESCRIPTION
 
 MDC-2 (Modification Detection Code 2 or Meyer-Schilling) is a cryptographic
-hash function based on a block cipher.
+hash function based on a block cipher. This implementation is only available
+with the legacy provider.
 
 =over 4
 
@@ -38,6 +39,7 @@ ISO/IEC 10118-2:2000 Hash-Function 2, with DES as the underlying block cipher.
 =head1 SEE ALSO
 
 L<evp(7)>,
+L<provider(7)>,
 L<EVP_DigestInit(3)>
 
 =head1 COPYRIGHT
diff --git a/doc/man3/EVP_ripemd160.pod b/doc/man3/EVP_ripemd160.pod
index 4e9ebf7337..165b84db07 100644
--- a/doc/man3/EVP_ripemd160.pod
+++ b/doc/man3/EVP_ripemd160.pod
@@ -15,6 +15,7 @@ EVP_ripemd160
 
 RIPEMD-160 is a cryptographic hash function first published in 1996 belonging
 to the RIPEMD family (RACE Integrity Primitives Evaluation Message Digest).
+This implementation is only available with the legacy provider.
 
 =over 4
 
@@ -37,6 +38,7 @@ ISO/IEC 10118-3:2016 Dedicated Hash-Function 1 (RIPEMD-160).
 =head1 SEE ALSO
 
 L<evp(7)>,
+L<provider(7)>,
 L<EVP_DigestInit(3)>
 
 =head1 COPYRIGHT
diff --git a/doc/man3/EVP_whirlpool.pod b/doc/man3/EVP_whirlpool.pod
index c7e5d45d61..d3a4a1fc24 100644
--- a/doc/man3/EVP_whirlpool.pod
+++ b/doc/man3/EVP_whirlpool.pod
@@ -14,7 +14,8 @@ EVP_whirlpool
 =head1 DESCRIPTION
 
 WHIRLPOOL is a cryptographic hash function standardized in ISO/IEC 10118-3:2004
-designed by Vincent Rijmen and Paulo S. L. M. Barreto.
+designed by Vincent Rijmen and Paulo S. L. M. Barreto. This implementation is
+only available with the legacy provider.
 
 =over 4
 
@@ -39,6 +40,7 @@ ISO/IEC 10118-3:2004.
 =head1 SEE ALSO
 
 L<evp(7)>,
+L<provider(7)>,
 L<EVP_DigestInit(3)>
 
 =head1 COPYRIGHT


More information about the openssl-commits mailing list