From pauli at openssl.org Fri Oct 1 01:04:09 2021 From: pauli at openssl.org (Dr. Paul Dale) Date: Fri, 01 Oct 2021 01:04:09 +0000 Subject: [openssl] master update Message-ID: <1633050249.402415.16831.nullmailer@dev.openssl.org> The branch master has been updated via a8cc0efe0d8fdd7bfa1d40b3c008d7d6ddf970db (commit) from f8dd5869bca047a23599ac925aace70efcf487ad (commit) - Log ----------------------------------------------------------------- commit a8cc0efe0d8fdd7bfa1d40b3c008d7d6ddf970db Author: Viktor Dukhovni Date: Wed Sep 29 18:03:13 2021 -0400 Fully initialise cipher/digest app handles This avoids a crash in e.g. `openssl chacha20` as reported by Steffen Nurpmeso on openssl-users. Resolves: #16713 Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/16714) ----------------------------------------------------------------------- Summary of changes: apps/openssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/openssl.c b/apps/openssl.c index 30e1e755e0..2693350ffc 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -395,6 +395,7 @@ static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]) if (argc <= 0 || argv[0] == NULL) return 0; + memset(&f, 0, sizeof(f)); f.name = argv[0]; fp = lh_FUNCTION_retrieve(prog, &f); if (fp == NULL) { From pauli at openssl.org Fri Oct 1 01:04:39 2021 From: pauli at openssl.org (Dr. Paul Dale) Date: Fri, 01 Oct 2021 01:04:39 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633050279.663232.18486.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via ff8f2d07823c9373d9d6303e37b7650563e87cde (commit) from 394263c4424c04408b11143c596c2f657e6a3e97 (commit) - Log ----------------------------------------------------------------- commit ff8f2d07823c9373d9d6303e37b7650563e87cde Author: Viktor Dukhovni Date: Wed Sep 29 18:03:13 2021 -0400 Fully initialise cipher/digest app handles This avoids a crash in e.g. `openssl chacha20` as reported by Steffen Nurpmeso on openssl-users. Resolves: #16713 Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/16714) (cherry picked from commit a8cc0efe0d8fdd7bfa1d40b3c008d7d6ddf970db) ----------------------------------------------------------------------- Summary of changes: apps/openssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/openssl.c b/apps/openssl.c index 30e1e755e0..2693350ffc 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -395,6 +395,7 @@ static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]) if (argc <= 0 || argv[0] == NULL) return 0; + memset(&f, 0, sizeof(f)); f.name = argv[0]; fp = lh_FUNCTION_retrieve(prog, &f); if (fp == NULL) { From tomas at openssl.org Fri Oct 1 07:34:18 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Fri, 01 Oct 2021 07:34:18 +0000 Subject: [openssl] master update Message-ID: <1633073658.439426.18077.nullmailer@dev.openssl.org> The branch master has been updated via ce2892940902124b4a807c27a7df458f5049189f (commit) from a8cc0efe0d8fdd7bfa1d40b3c008d7d6ddf970db (commit) - Log ----------------------------------------------------------------- commit ce2892940902124b4a807c27a7df458f5049189f Author: Amit Kulkarni <4337938+kulkarniamit at users.noreply.github.com> Date: Thu Sep 23 16:59:12 2021 -0700 doc: crypto(7) - fix typo CLA: trivial Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16695) ----------------------------------------------------------------------- Summary of changes: doc/man7/crypto.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man7/crypto.pod b/doc/man7/crypto.pod index 78fb8f8f37..16a07fc0ac 100644 --- a/doc/man7/crypto.pod +++ b/doc/man7/crypto.pod @@ -259,7 +259,7 @@ algorithm identifier to the appropriate fetching function. Also see the provider specific manual pages linked below for further details about using the algorithms available in each of the providers. -As well as the OpenSSL providers third parties can also implemment providers. +As well as the OpenSSL providers third parties can also implement providers. For information on writing a provider see L. =head2 Default provider From tomas at openssl.org Fri Oct 1 07:34:33 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Fri, 01 Oct 2021 07:34:33 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633073673.930450.18884.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 64d0cdc0742f3a3376d8dc6606311ee01bdb2bad (commit) from ff8f2d07823c9373d9d6303e37b7650563e87cde (commit) - Log ----------------------------------------------------------------- commit 64d0cdc0742f3a3376d8dc6606311ee01bdb2bad Author: Amit Kulkarni <4337938+kulkarniamit at users.noreply.github.com> Date: Thu Sep 23 16:59:12 2021 -0700 doc: crypto(7) - fix typo CLA: trivial Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16695) (cherry picked from commit ce2892940902124b4a807c27a7df458f5049189f) ----------------------------------------------------------------------- Summary of changes: doc/man7/crypto.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man7/crypto.pod b/doc/man7/crypto.pod index 78fb8f8f37..16a07fc0ac 100644 --- a/doc/man7/crypto.pod +++ b/doc/man7/crypto.pod @@ -259,7 +259,7 @@ algorithm identifier to the appropriate fetching function. Also see the provider specific manual pages linked below for further details about using the algorithms available in each of the providers. -As well as the OpenSSL providers third parties can also implemment providers. +As well as the OpenSSL providers third parties can also implement providers. For information on writing a provider see L. =head2 Default provider From tomas at openssl.org Fri Oct 1 07:36:03 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Fri, 01 Oct 2021 07:36:03 +0000 Subject: [openssl] master update Message-ID: <1633073763.898560.22004.nullmailer@dev.openssl.org> The branch master has been updated via 19e277dd19f2897f6a7b7eb236abe46655e575bf (commit) from ce2892940902124b4a807c27a7df458f5049189f (commit) - Log ----------------------------------------------------------------- commit 19e277dd19f2897f6a7b7eb236abe46655e575bf Author: Russ Butler Date: Sat Aug 28 13:57:09 2021 -0500 aarch64: support BTI and pointer authentication in assembly This change adds optional support for - Armv8.3-A Pointer Authentication (PAuth) and - Armv8.5-A Branch Target Identification (BTI) features to the perl scripts. Both features can be enabled with additional compiler flags. Unless any of these are enabled explicitly there is no code change at all. The extensions are briefly described below. Please read the appropriate chapters of the Arm Architecture Reference Manual for the complete specification. Scope ----- This change only affects generated assembly code. Armv8.3-A Pointer Authentication -------------------------------- Pointer Authentication extension supports the authentication of the contents of registers before they are used for indirect branching or load. PAuth provides a probabilistic method to detect corruption of register values. PAuth signing instructions generate a Pointer Authentication Code (PAC) based on the value of a register, a seed and a key. The generated PAC is inserted into the original value in the register. A PAuth authentication instruction recomputes the PAC, and if it matches the PAC in the register, restores its original value. In case of a mismatch, an architecturally unmapped address is generated instead. With PAuth, mitigation against ROP (Return-oriented Programming) attacks can be implemented. This is achieved by signing the contents of the link-register (LR) before it is pushed to stack. Once LR is popped, it is authenticated. This way a stack corruption which overwrites the LR on the stack is detectable. The PAuth extension adds several new instructions, some of which are not recognized by older hardware. To support a single codebase for both pre Armv8.3-A targets and newer ones, only NOP-space instructions are added by this patch. These instructions are treated as NOPs on hardware which does not support Armv8.3-A. Furthermore, this patch only considers cases where LR is saved to the stack and then restored before branching to its content. There are cases in the code where LR is pushed to stack but it is not used later. We do not address these cases as they are not affected by PAuth. There are two keys available to sign an instruction address: A and B. PACIASP and PACIBSP only differ in the used keys: A and B, respectively. The keys are typically managed by the operating system. To enable generating code for PAuth compile with -mbranch-protection=: - standard or pac-ret: add PACIASP and AUTIASP, also enables BTI (read below) - pac-ret+b-key: add PACIBSP and AUTIBSP Armv8.5-A Branch Target Identification -------------------------------------- Branch Target Identification features some new instructions which protect the execution of instructions on guarded pages which are not intended branch targets. If Armv8.5-A is supported by the hardware, execution of an instruction changes the value of PSTATE.BTYPE field. If an indirect branch lands on a guarded page the target instruction must be one of the BTI flavors, or in case of a direct call or jump it can be any other instruction. If the target instruction is not compatible with the value of PSTATE.BTYPE a Branch Target Exception is generated. In short, indirect jumps are compatible with BTI and while indirect calls are compatible with BTI and . Please refer to the specification for the details. Armv8.3-A PACIASP and PACIBSP are implicit branch target identification instructions which are equivalent with BTI c or BTI jc depending on system register configuration. BTI is used to mitigate JOP (Jump-oriented Programming) attacks by limiting the set of instructions which can be jumped to. BTI requires active linker support to mark the pages with BTI-enabled code as guarded. For ELF64 files BTI compatibility is recorded in the .note.gnu.property section. For a shared object or static binary it is required that all linked units support BTI. This means that even a single assembly file without the required note section turns-off BTI for the whole binary or shared object. The new BTI instructions are treated as NOPs on hardware which does not support Armv8.5-A or on pages which are not guarded. To insert this new and optional instruction compile with -mbranch-protection=standard (also enables PAuth) or +bti. When targeting a guarded page from a non-guarded page, weaker compatibility restrictions apply to maintain compatibility between legacy and new code. For detailed rules please refer to the Arm ARM. Compiler support ---------------- Compiler support requires understanding '-mbranch-protection=' and emitting the appropriate feature macros (__ARM_FEATURE_BTI_DEFAULT and __ARM_FEATURE_PAC_DEFAULT). The current state is the following: ------------------------------------------------------- | Compiler | -mbranch-protection | Feature macros | +----------+---------------------+--------------------+ | clang | 9.0.0 | 11.0.0 | +----------+---------------------+--------------------+ | gcc | 9 | expected in 10.1+ | ------------------------------------------------------- Available Platforms ------------------ Arm Fast Model and QEMU support both extensions. https://developer.arm.com/tools-and-software/simulation-models/fast-models https://www.qemu.org/ Implementation Notes -------------------- This change adds BTI landing pads even to assembly functions which are likely to be directly called only. In these cases, landing pads might be superfluous depending on what code the linker generates. Code size and performance impact for these cases would be negligible. Interaction with C code ----------------------- Pointer Authentication is a per-frame protection while Branch Target Identification can be turned on and off only for all code pages of a whole shared object or static binary. Because of these properties if C/C++ code is compiled without any of the above features but assembly files support any of them unconditionally there is no incompatibility between the two. Useful Links ------------ To fully understand the details of both PAuth and BTI it is advised to read the related chapters of the Arm Architecture Reference Manual (Arm ARM): https://developer.arm.com/documentation/ddi0487/latest/ Additional materials: "Providing protection for complex software" https://developer.arm.com/architectures/learn-the-architecture/providing-protection-for-complex-software Arm Compiler Reference Guide Version 6.14: -mbranch-protection https://developer.arm.com/documentation/101754/0614/armclang-Reference/armclang-Command-line-Options/-mbranch-protection?lang=en Arm C Language Extensions (ACLE) https://developer.arm.com/docs/101028/latest Addional Notes -------------- This patch is a copy of the work done by Tamas Petz in boringssl. It contains the changes from the following commits: aarch64: support BTI and pointer authentication in assembly Change-Id: I4335f92e2ccc8e209c7d68a0a79f1acdf3aeb791 URL: https://boringssl-review.googlesource.com/c/boringssl/+/42084 aarch64: Improve conditional compilation Change-Id: I14902a64e5f403c2b6a117bc9f5fb1a4f4611ebf URL: https://boringssl-review.googlesource.com/c/boringssl/+/43524 aarch64: Fix name of gnu property note section Change-Id: I6c432d1c852129e9c273f6469a8b60e3983671ec URL: https://boringssl-review.googlesource.com/c/boringssl/+/44024 Change-Id: I2d95ebc5e4aeb5610d3b226f9754ee80cf74a9af Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16674) ----------------------------------------------------------------------- Summary of changes: crypto/aes/asm/aesv8-armx.pl | 18 ++++++++-- crypto/aes/asm/vpaes-armv8.pl | 39 +++++++++++---------- crypto/aes/build.info | 1 + crypto/arm64cpuid.pl | 10 ++++++ crypto/arm_arch.h | 58 +++++++++++++++++++++++++++++++ crypto/bn/asm/armv8-mont.pl | 19 ++++++++--- crypto/chacha/asm/chacha-armv8.pl | 18 +++++----- crypto/ec/asm/ecp_nistz256-armv8.pl | 64 +++++++++++++++++++++-------------- crypto/modes/asm/aes-gcm-armv8_64.pl | 6 ++++ crypto/modes/asm/ghashv8-armx.pl | 11 ++++++ crypto/poly1305/asm/poly1305-armv8.pl | 17 ++++++++-- crypto/sha/asm/keccak1600-armv8.pl | 30 ++++++++-------- crypto/sha/asm/sha1-armv8.pl | 5 ++- crypto/sha/asm/sha512-armv8.pl | 11 ++++-- crypto/sha/build.info | 1 + 15 files changed, 228 insertions(+), 80 deletions(-) diff --git a/crypto/aes/asm/aesv8-armx.pl b/crypto/aes/asm/aesv8-armx.pl index 9532db70e2..3ae327b49a 100755 --- a/crypto/aes/asm/aesv8-armx.pl +++ b/crypto/aes/asm/aesv8-armx.pl @@ -120,6 +120,8 @@ ${prefix}_set_encrypt_key: .Lenc_key: ___ $code.=<<___ if ($flavour =~ /64/); + AARCH64_VALID_CALL_TARGET + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. stp x29,x30,[sp,#-16]! add x29,sp,#0 ___ @@ -295,7 +297,7 @@ $code.=<<___; ${prefix}_set_decrypt_key: ___ $code.=<<___ if ($flavour =~ /64/); - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 ___ @@ -339,7 +341,7 @@ $code.=<<___ if ($flavour !~ /64/); ___ $code.=<<___ if ($flavour =~ /64/); ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret ___ $code.=<<___; @@ -359,6 +361,11 @@ $code.=<<___; .type ${prefix}_${dir}crypt,%function .align 5 ${prefix}_${dir}crypt: +___ +$code.=<<___ if ($flavour =~ /64/); + AARCH64_VALID_CALL_TARGET +___ +$code.=<<___; ldr $rounds,[$key,#240] vld1.32 {$rndkey0},[$key],#16 vld1.8 {$inout},[$inp] @@ -442,6 +449,7 @@ $code.=<<___; ${prefix}_ecb_encrypt: ___ $code.=<<___ if ($flavour =~ /64/); + AARCH64_VALID_CALL_TARGET subs $len,$len,#16 // Original input data size bigger than 16, jump to big size processing. b.ne .Lecb_big_size @@ -1236,6 +1244,8 @@ $code.=<<___; ${prefix}_cbc_encrypt: ___ $code.=<<___ if ($flavour =~ /64/); + AARCH64_VALID_CALL_TARGET + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. stp x29,x30,[sp,#-16]! add x29,sp,#0 ___ @@ -1764,6 +1774,8 @@ $code.=<<___; ${prefix}_ctr32_encrypt_blocks: ___ $code.=<<___ if ($flavour =~ /64/); + AARCH64_VALID_CALL_TARGET + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. stp x29,x30,[sp,#-16]! add x29,sp,#0 ___ @@ -2196,6 +2208,7 @@ $code.=<<___ if ($flavour =~ /64/); ${prefix}_xts_encrypt: ___ $code.=<<___ if ($flavour =~ /64/); + AARCH64_VALID_CALL_TARGET cmp $len,#16 // Original input data size bigger than 16, jump to big size processing. b.ne .Lxts_enc_big_size @@ -2870,6 +2883,7 @@ $code.=<<___ if ($flavour =~ /64/); .type ${prefix}_xts_decrypt,%function .align 5 ${prefix}_xts_decrypt: + AARCH64_VALID_CALL_TARGET ___ $code.=<<___ if ($flavour =~ /64/); cmp $len,#16 diff --git a/crypto/aes/asm/vpaes-armv8.pl b/crypto/aes/asm/vpaes-armv8.pl index dcd5065e68..49988e9c2b 100755 --- a/crypto/aes/asm/vpaes-armv8.pl +++ b/crypto/aes/asm/vpaes-armv8.pl @@ -53,6 +53,8 @@ open OUT,"| \"$^X\" $xlate $flavour \"$output\"" *STDOUT=*OUT; $code.=<<___; +#include "arm_arch.h" + .text .type _vpaes_consts,%object @@ -259,7 +261,7 @@ _vpaes_encrypt_core: .type vpaes_encrypt,%function .align 4 vpaes_encrypt: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -269,7 +271,7 @@ vpaes_encrypt: st1 {v0.16b}, [$out] ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size vpaes_encrypt,.-vpaes_encrypt @@ -492,7 +494,7 @@ _vpaes_decrypt_core: .type vpaes_decrypt,%function .align 4 vpaes_decrypt: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -502,7 +504,7 @@ vpaes_decrypt: st1 {v0.16b}, [$out] ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size vpaes_decrypt,.-vpaes_decrypt @@ -673,7 +675,7 @@ _vpaes_key_preheat: .type _vpaes_schedule_core,%function .align 4 _vpaes_schedule_core: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29, x30, [sp,#-16]! add x29,sp,#0 @@ -838,7 +840,7 @@ _vpaes_schedule_core: eor v6.16b, v6.16b, v6.16b // vpxor %xmm6, %xmm6, %xmm6 eor v7.16b, v7.16b, v7.16b // vpxor %xmm7, %xmm7, %xmm7 ldp x29, x30, [sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size _vpaes_schedule_core,.-_vpaes_schedule_core @@ -1051,7 +1053,7 @@ _vpaes_schedule_mangle: .type vpaes_set_encrypt_key,%function .align 4 vpaes_set_encrypt_key: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 stp d8,d9,[sp,#-16]! // ABI spec says so @@ -1067,7 +1069,7 @@ vpaes_set_encrypt_key: ldp d8,d9,[sp],#16 ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size vpaes_set_encrypt_key,.-vpaes_set_encrypt_key @@ -1075,7 +1077,7 @@ vpaes_set_encrypt_key: .type vpaes_set_decrypt_key,%function .align 4 vpaes_set_decrypt_key: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 stp d8,d9,[sp,#-16]! // ABI spec says so @@ -1095,7 +1097,7 @@ vpaes_set_decrypt_key: ldp d8,d9,[sp],#16 ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size vpaes_set_decrypt_key,.-vpaes_set_decrypt_key ___ @@ -1108,11 +1110,11 @@ $code.=<<___; .type vpaes_cbc_encrypt,%function .align 4 vpaes_cbc_encrypt: + AARCH64_SIGN_LINK_REGISTER cbz $len, .Lcbc_abort cmp w5, #0 // check direction b.eq vpaes_cbc_decrypt - .inst 0xd503233f // paciasp stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -1135,15 +1137,16 @@ vpaes_cbc_encrypt: st1 {v0.16b}, [$ivec] // write ivec ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp .Lcbc_abort: + AARCH64_VALIDATE_LINK_REGISTER ret .size vpaes_cbc_encrypt,.-vpaes_cbc_encrypt .type vpaes_cbc_decrypt,%function .align 4 vpaes_cbc_decrypt: - .inst 0xd503233f // paciasp + // Not adding AARCH64_SIGN_LINK_REGISTER here because vpaes_cbc_decrypt is jumped to + // only from vpaes_cbc_encrypt which has already signed the return address. stp x29,x30,[sp,#-16]! add x29,sp,#0 stp d8,d9,[sp,#-16]! // ABI spec says so @@ -1185,7 +1188,7 @@ vpaes_cbc_decrypt: ldp d10,d11,[sp],#16 ldp d8,d9,[sp],#16 ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size vpaes_cbc_decrypt,.-vpaes_cbc_decrypt ___ @@ -1195,7 +1198,7 @@ $code.=<<___; .type vpaes_ecb_encrypt,%function .align 4 vpaes_ecb_encrypt: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 stp d8,d9,[sp,#-16]! // ABI spec says so @@ -1229,7 +1232,7 @@ vpaes_ecb_encrypt: ldp d10,d11,[sp],#16 ldp d8,d9,[sp],#16 ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size vpaes_ecb_encrypt,.-vpaes_ecb_encrypt @@ -1237,7 +1240,7 @@ vpaes_ecb_encrypt: .type vpaes_ecb_decrypt,%function .align 4 vpaes_ecb_decrypt: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 stp d8,d9,[sp,#-16]! // ABI spec says so @@ -1271,7 +1274,7 @@ vpaes_ecb_decrypt: ldp d10,d11,[sp],#16 ldp d8,d9,[sp],#16 ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size vpaes_ecb_decrypt,.-vpaes_ecb_decrypt ___ diff --git a/crypto/aes/build.info b/crypto/aes/build.info index 0b9f499ee6..8a940fcedd 100644 --- a/crypto/aes/build.info +++ b/crypto/aes/build.info @@ -116,6 +116,7 @@ INCLUDE[aes-mips.o]=.. GENERATE[aesv8-armx.S]=asm/aesv8-armx.pl INCLUDE[aesv8-armx.o]=.. GENERATE[vpaes-armv8.S]=asm/vpaes-armv8.pl +INCLUDE[vpaes-armv8.o]=.. GENERATE[aes-armv4.S]=asm/aes-armv4.pl INCLUDE[aes-armv4.o]=.. diff --git a/crypto/arm64cpuid.pl b/crypto/arm64cpuid.pl index ac76dd449f..11f0e50279 100755 --- a/crypto/arm64cpuid.pl +++ b/crypto/arm64cpuid.pl @@ -31,6 +31,7 @@ $code.=<<___; .globl _armv7_neon_probe .type _armv7_neon_probe,%function _armv7_neon_probe: + AARCH64_VALID_CALL_TARGET orr v15.16b, v15.16b, v15.16b ret .size _armv7_neon_probe,.-_armv7_neon_probe @@ -38,6 +39,7 @@ _armv7_neon_probe: .globl _armv7_tick .type _armv7_tick,%function _armv7_tick: + AARCH64_VALID_CALL_TARGET #ifdef __APPLE__ mrs x0, CNTPCT_EL0 #else @@ -49,6 +51,7 @@ _armv7_tick: .globl _armv8_aes_probe .type _armv8_aes_probe,%function _armv8_aes_probe: + AARCH64_VALID_CALL_TARGET aese v0.16b, v0.16b ret .size _armv8_aes_probe,.-_armv8_aes_probe @@ -56,6 +59,7 @@ _armv8_aes_probe: .globl _armv8_sha1_probe .type _armv8_sha1_probe,%function _armv8_sha1_probe: + AARCH64_VALID_CALL_TARGET sha1h s0, s0 ret .size _armv8_sha1_probe,.-_armv8_sha1_probe @@ -63,6 +67,7 @@ _armv8_sha1_probe: .globl _armv8_sha256_probe .type _armv8_sha256_probe,%function _armv8_sha256_probe: + AARCH64_VALID_CALL_TARGET sha256su0 v0.4s, v0.4s ret .size _armv8_sha256_probe,.-_armv8_sha256_probe @@ -70,6 +75,7 @@ _armv8_sha256_probe: .globl _armv8_pmull_probe .type _armv8_pmull_probe,%function _armv8_pmull_probe: + AARCH64_VALID_CALL_TARGET pmull v0.1q, v0.1d, v0.1d ret .size _armv8_pmull_probe,.-_armv8_pmull_probe @@ -77,6 +83,7 @@ _armv8_pmull_probe: .globl _armv8_sha512_probe .type _armv8_sha512_probe,%function _armv8_sha512_probe: + AARCH64_VALID_CALL_TARGET .long 0xcec08000 // sha512su0 v0.2d,v0.2d ret .size _armv8_sha512_probe,.-_armv8_sha512_probe @@ -84,6 +91,7 @@ _armv8_sha512_probe: .globl _armv8_cpuid_probe .type _armv8_cpuid_probe,%function _armv8_cpuid_probe: + AARCH64_VALID_CALL_TARGET mrs x0, midr_el1 ret .size _armv8_cpuid_probe,.-_armv8_cpuid_probe @@ -92,6 +100,7 @@ _armv8_cpuid_probe: .type OPENSSL_cleanse,%function .align 5 OPENSSL_cleanse: + AARCH64_VALID_CALL_TARGET cbz x1,.Lret // len==0? cmp x1,#15 b.hi .Lot // len>15 @@ -123,6 +132,7 @@ OPENSSL_cleanse: .type CRYPTO_memcmp,%function .align 4 CRYPTO_memcmp: + AARCH64_VALID_CALL_TARGET eor w3,w3,w3 cbz x2,.Lno_data // len==0? cmp x2,#16 diff --git a/crypto/arm_arch.h b/crypto/arm_arch.h index d157f37d8e..aa380acce0 100644 --- a/crypto/arm_arch.h +++ b/crypto/arm_arch.h @@ -126,4 +126,62 @@ extern unsigned int OPENSSL_armv8_rsa_neonized; # define MIDR_IS_CPU_MODEL(midr, imp, partnum) \ (((midr) & MIDR_CPU_MODEL_MASK) == MIDR_CPU_MODEL(imp, partnum)) + +#if defined(__ASSEMBLER__) + + /* + * Support macros for + * - Armv8.3-A Pointer Authentication and + * - Armv8.5-A Branch Target Identification + * features which require emitting a .note.gnu.property section with the + * appropriate architecture-dependent feature bits set. + * Read more: "ELF for the Arm? 64-bit Architecture" + */ + +# if defined(__ARM_FEATURE_BTI_DEFAULT) && __ARM_FEATURE_BTI_DEFAULT == 1 +# define GNU_PROPERTY_AARCH64_BTI (1 << 0) /* Has Branch Target Identification */ +# define AARCH64_VALID_CALL_TARGET hint #34 /* BTI 'c' */ +# else +# define GNU_PROPERTY_AARCH64_BTI 0 /* No Branch Target Identification */ +# define AARCH64_VALID_CALL_TARGET +# endif + +# if defined(__ARM_FEATURE_PAC_DEFAULT) && \ + (__ARM_FEATURE_PAC_DEFAULT & 1) == 1 /* Signed with A-key */ +# define GNU_PROPERTY_AARCH64_POINTER_AUTH \ + (1 << 1) /* Has Pointer Authentication */ +# define AARCH64_SIGN_LINK_REGISTER hint #25 /* PACIASP */ +# define AARCH64_VALIDATE_LINK_REGISTER hint #29 /* AUTIASP */ +# elif defined(__ARM_FEATURE_PAC_DEFAULT) && \ + (__ARM_FEATURE_PAC_DEFAULT & 2) == 2 /* Signed with B-key */ +# define GNU_PROPERTY_AARCH64_POINTER_AUTH \ + (1 << 1) /* Has Pointer Authentication */ +# define AARCH64_SIGN_LINK_REGISTER hint #27 /* PACIBSP */ +# define AARCH64_VALIDATE_LINK_REGISTER hint #31 /* AUTIBSP */ +# else +# define GNU_PROPERTY_AARCH64_POINTER_AUTH 0 /* No Pointer Authentication */ +# if GNU_PROPERTY_AARCH64_BTI != 0 +# define AARCH64_SIGN_LINK_REGISTER AARCH64_VALID_CALL_TARGET +# else +# define AARCH64_SIGN_LINK_REGISTER +# endif +# define AARCH64_VALIDATE_LINK_REGISTER +# endif + +# if GNU_PROPERTY_AARCH64_POINTER_AUTH != 0 || GNU_PROPERTY_AARCH64_BTI != 0 + .pushsection .note.gnu.property, "a"; + .balign 8; + .long 4; + .long 0x10; + .long 0x5; + .asciz "GNU"; + .long 0xc0000000; /* GNU_PROPERTY_AARCH64_FEATURE_1_AND */ + .long 4; + .long (GNU_PROPERTY_AARCH64_POINTER_AUTH | GNU_PROPERTY_AARCH64_BTI); + .long 0; + .popsection; +# endif + +# endif /* defined __ASSEMBLER__ */ + #endif diff --git a/crypto/bn/asm/armv8-mont.pl b/crypto/bn/asm/armv8-mont.pl index 54d2e8245f..21ab12bdf0 100755 --- a/crypto/bn/asm/armv8-mont.pl +++ b/crypto/bn/asm/armv8-mont.pl @@ -67,8 +67,8 @@ $n0="x4"; # const BN_ULONG *n0, $num="x5"; # int num); $code.=<<___; +#include "arm_arch.h" #ifndef __KERNEL__ -# include "arm_arch.h" .extern OPENSSL_armv8_rsa_neonized .hidden OPENSSL_armv8_rsa_neonized #endif @@ -78,6 +78,7 @@ $code.=<<___; .type bn_mul_mont,%function .align 5 bn_mul_mont: + AARCH64_SIGN_LINK_REGISTER .Lbn_mul_mont: tst $num,#3 b.ne .Lmul_mont @@ -288,6 +289,7 @@ bn_mul_mont: mov x0,#1 ldp x23,x24,[x29,#48] ldr x29,[sp],#64 + AARCH64_VALIDATE_LINK_REGISTER ret .size bn_mul_mont,.-bn_mul_mont ___ @@ -309,6 +311,8 @@ $code.=<<___; .type bn_mul8x_mont_neon,%function .align 5 bn_mul8x_mont_neon: + // Not adding AARCH64_SIGN_LINK_REGISTER here because bn_mul8x_mont_neon is jumped to + // only from bn_mul_mont which has already signed the return address. stp x29,x30,[sp,#-80]! mov x16,sp stp d8,d9,[sp,#16] @@ -649,6 +653,7 @@ $code.=<<___; ldp d10,d11,[sp,#32] ldp d8,d9,[sp,#16] ldr x29,[sp],#80 + AARCH64_VALIDATE_LINK_REGISTER ret // bx lr .size bn_mul8x_mont_neon,.-bn_mul8x_mont_neon @@ -671,7 +676,8 @@ __bn_sqr8x_mont: cmp $ap,$bp b.ne __bn_mul4x_mont .Lsqr8x_mont: - .inst 0xd503233f // paciasp + // Not adding AARCH64_SIGN_LINK_REGISTER here because __bn_sqr8x_mont is jumped to + // only from bn_mul_mont which has already signed the return address. stp x29,x30,[sp,#-128]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -1425,7 +1431,8 @@ $code.=<<___; ldp x25,x26,[x29,#64] ldp x27,x28,[x29,#80] ldr x29,[sp],#128 - .inst 0xd50323bf // autiasp + // x30 is loaded earlier + AARCH64_VALIDATE_LINK_REGISTER ret .size __bn_sqr8x_mont,.-__bn_sqr8x_mont ___ @@ -1449,7 +1456,8 @@ $code.=<<___; .type __bn_mul4x_mont,%function .align 5 __bn_mul4x_mont: - .inst 0xd503233f // paciasp + // Not adding AARCH64_SIGN_LINK_REGISTER here because __bn_mul4x_mont is jumped to + // only from bn_mul_mont (or __bn_sqr8x_mont from bn_mul_mont) which has already signed the return address. stp x29,x30,[sp,#-128]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -1883,7 +1891,8 @@ __bn_mul4x_mont: ldp x25,x26,[x29,#64] ldp x27,x28,[x29,#80] ldr x29,[sp],#128 - .inst 0xd50323bf // autiasp + // x30 loaded earlier + AARCH64_VALIDATE_LINK_REGISTER ret .size __bn_mul4x_mont,.-__bn_mul4x_mont ___ diff --git a/crypto/chacha/asm/chacha-armv8.pl b/crypto/chacha/asm/chacha-armv8.pl index dcdc4a04e3..e1a8b81594 100755 --- a/crypto/chacha/asm/chacha-armv8.pl +++ b/crypto/chacha/asm/chacha-armv8.pl @@ -132,8 +132,8 @@ my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1)&3),($a2,$b2,$c2,$d2)); } $code.=<<___; +#include "arm_arch.h" #ifndef __KERNEL__ -# include "arm_arch.h" .extern OPENSSL_armcap_P .hidden OPENSSL_armcap_P #endif @@ -153,6 +153,7 @@ $code.=<<___; .type ChaCha20_ctr32,%function .align 5 ChaCha20_ctr32: + AARCH64_SIGN_LINK_REGISTER cbz $len,.Labort cmp $len,#192 b.lo .Lshort @@ -165,7 +166,6 @@ ChaCha20_ctr32: #endif .Lshort: - .inst 0xd503233f // paciasp stp x29,x30,[sp,#-96]! add x29,sp,#0 @@ -285,8 +285,8 @@ $code.=<<___; ldp x25,x26,[x29,#64] ldp x27,x28,[x29,#80] ldp x29,x30,[sp],#96 - .inst 0xd50323bf // autiasp .Labort: + AARCH64_VALIDATE_LINK_REGISTER ret .align 4 @@ -342,7 +342,7 @@ $code.=<<___; ldp x25,x26,[x29,#64] ldp x27,x28,[x29,#80] ldp x29,x30,[sp],#96 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ChaCha20_ctr32,.-ChaCha20_ctr32 ___ @@ -432,8 +432,8 @@ $code.=<<___; .type ChaCha20_neon,%function .align 5 ChaCha20_neon: + AARCH64_SIGN_LINK_REGISTER .LChaCha20_neon: - .inst 0xd503233f // paciasp stp x29,x30,[sp,#-96]! add x29,sp,#0 @@ -667,7 +667,7 @@ $code.=<<___; ldp x25,x26,[x29,#64] ldp x27,x28,[x29,#80] ldp x29,x30,[sp],#96 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .align 4 @@ -799,7 +799,7 @@ $code.=<<___; ldp x25,x26,[x29,#64] ldp x27,x28,[x29,#80] ldp x29,x30,[sp],#96 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ChaCha20_neon,.-ChaCha20_neon ___ @@ -844,7 +844,7 @@ $code.=<<___; .type ChaCha20_512_neon,%function .align 5 ChaCha20_512_neon: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-96]! add x29,sp,#0 @@ -1268,7 +1268,7 @@ $code.=<<___; ldp x25,x26,[x29,#64] ldp x27,x28,[x29,#80] ldp x29,x30,[sp],#96 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ChaCha20_512_neon,.-ChaCha20_512_neon ___ diff --git a/crypto/ec/asm/ecp_nistz256-armv8.pl b/crypto/ec/asm/ecp_nistz256-armv8.pl index 81ee3947d7..6c5d0e8b3c 100644 --- a/crypto/ec/asm/ecp_nistz256-armv8.pl +++ b/crypto/ec/asm/ecp_nistz256-armv8.pl @@ -122,7 +122,7 @@ $code.=<<___; .type ecp_nistz256_to_mont,%function .align 6 ecp_nistz256_to_mont: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-32]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -138,7 +138,7 @@ ecp_nistz256_to_mont: ldp x19,x20,[sp,#16] ldp x29,x30,[sp],#32 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_to_mont,.-ecp_nistz256_to_mont @@ -147,7 +147,7 @@ ecp_nistz256_to_mont: .type ecp_nistz256_from_mont,%function .align 4 ecp_nistz256_from_mont: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-32]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -163,7 +163,7 @@ ecp_nistz256_from_mont: ldp x19,x20,[sp,#16] ldp x29,x30,[sp],#32 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_from_mont,.-ecp_nistz256_from_mont @@ -173,7 +173,7 @@ ecp_nistz256_from_mont: .type ecp_nistz256_mul_mont,%function .align 4 ecp_nistz256_mul_mont: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-32]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -188,7 +188,7 @@ ecp_nistz256_mul_mont: ldp x19,x20,[sp,#16] ldp x29,x30,[sp],#32 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_mul_mont,.-ecp_nistz256_mul_mont @@ -197,7 +197,7 @@ ecp_nistz256_mul_mont: .type ecp_nistz256_sqr_mont,%function .align 4 ecp_nistz256_sqr_mont: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-32]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -211,7 +211,7 @@ ecp_nistz256_sqr_mont: ldp x19,x20,[sp,#16] ldp x29,x30,[sp],#32 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_sqr_mont,.-ecp_nistz256_sqr_mont @@ -221,7 +221,7 @@ ecp_nistz256_sqr_mont: .type ecp_nistz256_add,%function .align 4 ecp_nistz256_add: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -235,7 +235,7 @@ ecp_nistz256_add: bl __ecp_nistz256_add ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_add,.-ecp_nistz256_add @@ -244,7 +244,7 @@ ecp_nistz256_add: .type ecp_nistz256_div_by_2,%function .align 4 ecp_nistz256_div_by_2: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -256,7 +256,7 @@ ecp_nistz256_div_by_2: bl __ecp_nistz256_div_by_2 ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_div_by_2,.-ecp_nistz256_div_by_2 @@ -265,7 +265,7 @@ ecp_nistz256_div_by_2: .type ecp_nistz256_mul_by_2,%function .align 4 ecp_nistz256_mul_by_2: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -281,7 +281,7 @@ ecp_nistz256_mul_by_2: bl __ecp_nistz256_add // ret = a+a // 2*a ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_mul_by_2,.-ecp_nistz256_mul_by_2 @@ -290,7 +290,7 @@ ecp_nistz256_mul_by_2: .type ecp_nistz256_mul_by_3,%function .align 4 ecp_nistz256_mul_by_3: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -317,7 +317,7 @@ ecp_nistz256_mul_by_3: bl __ecp_nistz256_add // ret += a // 2*a+a=3*a ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_mul_by_3,.-ecp_nistz256_mul_by_3 @@ -327,7 +327,7 @@ ecp_nistz256_mul_by_3: .type ecp_nistz256_sub,%function .align 4 ecp_nistz256_sub: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -339,7 +339,7 @@ ecp_nistz256_sub: bl __ecp_nistz256_sub_from ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_sub,.-ecp_nistz256_sub @@ -348,7 +348,7 @@ ecp_nistz256_sub: .type ecp_nistz256_neg,%function .align 4 ecp_nistz256_neg: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -363,7 +363,7 @@ ecp_nistz256_neg: bl __ecp_nistz256_sub_from ldp x29,x30,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_neg,.-ecp_nistz256_neg @@ -724,7 +724,7 @@ $code.=<<___; .type ecp_nistz256_point_double,%function .align 5 ecp_nistz256_point_double: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-96]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -859,7 +859,7 @@ ecp_nistz256_point_double: ldp x19,x20,[x29,#16] ldp x21,x22,[x29,#32] ldp x29,x30,[sp],#96 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_point_double,.-ecp_nistz256_point_double ___ @@ -882,7 +882,7 @@ $code.=<<___; .type ecp_nistz256_point_add,%function .align 5 ecp_nistz256_point_add: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-96]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -1117,7 +1117,7 @@ $code.=<<___; ldp x25,x26,[x29,#64] ldp x27,x28,[x29,#80] ldp x29,x30,[sp],#96 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_point_add,.-ecp_nistz256_point_add ___ @@ -1139,7 +1139,7 @@ $code.=<<___; .type ecp_nistz256_point_add_affine,%function .align 5 ecp_nistz256_point_add_affine: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-80]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -1328,7 +1328,7 @@ $code.=<<___; ldp x23,x24,[x29,#48] ldp x25,x26,[x29,#64] ldp x29,x30,[sp],#80 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size ecp_nistz256_point_add_affine,.-ecp_nistz256_point_add_affine ___ @@ -1346,6 +1346,8 @@ $code.=<<___; .type ecp_nistz256_ord_mul_mont,%function .align 4 ecp_nistz256_ord_mul_mont: + AARCH64_VALID_CALL_TARGET + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. stp x29,x30,[sp,#-64]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -1487,6 +1489,8 @@ $code.=<<___; .type ecp_nistz256_ord_sqr_mont,%function .align 4 ecp_nistz256_ord_sqr_mont: + AARCH64_VALID_CALL_TARGET + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. stp x29,x30,[sp,#-64]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -1641,6 +1645,8 @@ $code.=<<___; .type ecp_nistz256_scatter_w5,%function .align 4 ecp_nistz256_scatter_w5: + AARCH64_VALID_CALL_TARGET + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -1703,6 +1709,8 @@ ecp_nistz256_scatter_w5: .type ecp_nistz256_gather_w5,%function .align 4 ecp_nistz256_gather_w5: + AARCH64_VALID_CALL_TARGET + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -1780,6 +1788,8 @@ ecp_nistz256_gather_w5: .type ecp_nistz256_scatter_w7,%function .align 4 ecp_nistz256_scatter_w7: + AARCH64_VALID_CALL_TARGET + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -1824,6 +1834,8 @@ ecp_nistz256_scatter_w7: .type ecp_nistz256_gather_w7,%function .align 4 ecp_nistz256_gather_w7: + AARCH64_VALID_CALL_TARGET + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. stp x29,x30,[sp,#-16]! add x29,sp,#0 diff --git a/crypto/modes/asm/aes-gcm-armv8_64.pl b/crypto/modes/asm/aes-gcm-armv8_64.pl index 3b9d5b6511..ff5809ec22 100755 --- a/crypto/modes/asm/aes-gcm-armv8_64.pl +++ b/crypto/modes/asm/aes-gcm-armv8_64.pl @@ -256,6 +256,7 @@ $code.=<<___; .type aes_gcm_enc_128_kernel,%function .align 4 aes_gcm_enc_128_kernel: + AARCH64_VALID_CALL_TARGET cbz x1, .L128_enc_ret stp x19, x20, [sp, #-112]! mov x16, x4 @@ -1089,6 +1090,7 @@ $code.=<<___; .type aes_gcm_dec_128_kernel,%function .align 4 aes_gcm_dec_128_kernel: + AARCH64_VALID_CALL_TARGET cbz x1, .L128_dec_ret stp x19, x20, [sp, #-112]! mov x16, x4 @@ -1973,6 +1975,7 @@ $code.=<<___; .type aes_gcm_enc_192_kernel,%function .align 4 aes_gcm_enc_192_kernel: + AARCH64_VALID_CALL_TARGET cbz x1, .L192_enc_ret stp x19, x20, [sp, #-112]! mov x16, x4 @@ -2858,6 +2861,7 @@ $code.=<<___; .type aes_gcm_dec_192_kernel,%function .align 4 aes_gcm_dec_192_kernel: + AARCH64_VALID_CALL_TARGET cbz x1, .L192_dec_ret stp x19, x20, [sp, #-112]! mov x16, x4 @@ -3797,6 +3801,7 @@ $code.=<<___; .type aes_gcm_enc_256_kernel,%function .align 4 aes_gcm_enc_256_kernel: + AARCH64_VALID_CALL_TARGET cbz x1, .L256_enc_ret stp x19, x20, [sp, #-112]! mov x16, x4 @@ -4729,6 +4734,7 @@ $code.=<<___; .type aes_gcm_dec_256_kernel,%function .align 4 aes_gcm_dec_256_kernel: + AARCH64_VALID_CALL_TARGET cbz x1, .L256_dec_ret stp x19, x20, [sp, #-112]! mov x16, x4 diff --git a/crypto/modes/asm/ghashv8-armx.pl b/crypto/modes/asm/ghashv8-armx.pl index b1d35d25b5..57f893e77c 100644 --- a/crypto/modes/asm/ghashv8-armx.pl +++ b/crypto/modes/asm/ghashv8-armx.pl @@ -107,6 +107,11 @@ $code.=<<___; .type gcm_init_v8,%function .align 4 gcm_init_v8: +___ +$code.=<<___ if ($flavour =~ /64/); + AARCH64_VALID_CALL_TARGET +___ +$code.=<<___; vld1.64 {$t1},[x1] @ load input H vmov.i8 $xC2,#0xe1 vshl.i64 $xC2,$xC2,#57 @ 0xc2.0 @@ -214,6 +219,11 @@ $code.=<<___; .type gcm_gmult_v8,%function .align 4 gcm_gmult_v8: +___ +$code.=<<___ if ($flavour =~ /64/); + AARCH64_VALID_CALL_TARGET +___ +$code.=<<___; vld1.64 {$t1},[$Xi] @ load Xi vmov.i8 $xC2,#0xe1 vld1.64 {$H-$Hhl},[$Htbl] @ load twisted H, ... @@ -268,6 +278,7 @@ $code.=<<___; gcm_ghash_v8: ___ $code.=<<___ if ($flavour =~ /64/); + AARCH64_VALID_CALL_TARGET cmp $len,#64 b.hs .Lgcm_ghash_v8_4x ___ diff --git a/crypto/poly1305/asm/poly1305-armv8.pl b/crypto/poly1305/asm/poly1305-armv8.pl index 113a2151b6..20816c4283 100755 --- a/crypto/poly1305/asm/poly1305-armv8.pl +++ b/crypto/poly1305/asm/poly1305-armv8.pl @@ -72,6 +72,7 @@ $code.=<<___; .type poly1305_init,%function .align 5 poly1305_init: + AARCH64_VALID_CALL_TARGET cmp $inp,xzr stp xzr,xzr,[$ctx] // zero hash value stp xzr,xzr,[$ctx,#16] // [along with is_base2_26] @@ -119,6 +120,9 @@ poly1305_init: .align 5 poly1305_blocks: .Lpoly1305_blocks: + // The symbol .Lpoly1305_blocks is not a .globl symbol + // but a pointer to it is returned by poly1305_init + AARCH64_VALID_CALL_TARGET ands $len,$len,#-16 b.eq .Lno_data @@ -184,6 +188,9 @@ poly1305_blocks: .align 5 poly1305_emit: .Lpoly1305_emit: + // The symbol .poly1305_emit is not a .globl symbol + // but a pointer to it is returned by poly1305_init + AARCH64_VALID_CALL_TARGET ldp $h0,$h1,[$ctx] // load hash base 2^64 ldr $h2,[$ctx,#16] ldp $t0,$t1,[$nonce] // load nonce @@ -291,13 +298,16 @@ poly1305_splat: .align 5 poly1305_blocks_neon: .Lpoly1305_blocks_neon: + // The symbol .Lpoly1305_blocks_neon is not a .globl symbol + // but a pointer to it is returned by poly1305_init + AARCH64_VALID_CALL_TARGET ldr $is_base2_26,[$ctx,#24] cmp $len,#128 b.hs .Lblocks_neon cbz $is_base2_26,.Lpoly1305_blocks .Lblocks_neon: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-80]! add x29,sp,#0 @@ -867,7 +877,7 @@ poly1305_blocks_neon: .Lno_data_neon: ldr x29,[sp],#80 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size poly1305_blocks_neon,.-poly1305_blocks_neon @@ -875,6 +885,9 @@ poly1305_blocks_neon: .align 5 poly1305_emit_neon: .Lpoly1305_emit_neon: + // The symbol .Lpoly1305_emit_neon is not a .globl symbol + // but a pointer to it is returned by poly1305_init + AARCH64_VALID_CALL_TARGET ldr $is_base2_26,[$ctx,#24] cbz $is_base2_26,poly1305_emit diff --git a/crypto/sha/asm/keccak1600-armv8.pl b/crypto/sha/asm/keccak1600-armv8.pl index 65102e7c29..cf54b62c63 100755 --- a/crypto/sha/asm/keccak1600-armv8.pl +++ b/crypto/sha/asm/keccak1600-armv8.pl @@ -80,6 +80,8 @@ my @rhotates = ([ 0, 1, 62, 28, 27 ], [ 18, 2, 61, 56, 14 ]); $code.=<<___; +#include "arm_arch.h" + .text .align 8 // strategic alignment and padding that allows to use @@ -125,7 +127,7 @@ $code.=<<___; .align 5 KeccakF1600_int: adr $C[2],iotas - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp $C[2],x30,[sp,#16] // 32 bytes on top are mine b .Loop .align 4 @@ -297,14 +299,14 @@ $code.=<<___; bne .Loop ldr x30,[sp,#24] - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size KeccakF1600_int,.-KeccakF1600_int .type KeccakF1600,%function .align 5 KeccakF1600: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-128]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -354,7 +356,7 @@ KeccakF1600: ldp x25,x26,[x29,#64] ldp x27,x28,[x29,#80] ldp x29,x30,[sp],#128 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size KeccakF1600,.-KeccakF1600 @@ -362,7 +364,7 @@ KeccakF1600: .type SHA3_absorb,%function .align 5 SHA3_absorb: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-128]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -460,7 +462,7 @@ $code.=<<___; ldp x25,x26,[x29,#64] ldp x27,x28,[x29,#80] ldp x29,x30,[sp],#128 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size SHA3_absorb,.-SHA3_absorb ___ @@ -471,7 +473,7 @@ $code.=<<___; .type SHA3_squeeze,%function .align 5 SHA3_squeeze: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-48]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -534,7 +536,7 @@ SHA3_squeeze: ldp x19,x20,[sp,#16] ldp x21,x22,[sp,#32] ldp x29,x30,[sp],#48 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size SHA3_squeeze,.-SHA3_squeeze ___ @@ -653,7 +655,7 @@ KeccakF1600_ce: .type KeccakF1600_cext,%function .align 5 KeccakF1600_cext: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-80]! add x29,sp,#0 stp d8,d9,[sp,#16] // per ABI requirement @@ -686,7 +688,7 @@ $code.=<<___; ldp d12,d13,[sp,#48] ldp d14,d15,[sp,#64] ldr x29,[sp],#80 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size KeccakF1600_cext,.-KeccakF1600_cext ___ @@ -699,7 +701,7 @@ $code.=<<___; .type SHA3_absorb_cext,%function .align 5 SHA3_absorb_cext: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-80]! add x29,sp,#0 stp d8,d9,[sp,#16] // per ABI requirement @@ -771,7 +773,7 @@ $code.=<<___; ldp d12,d13,[sp,#48] ldp d14,d15,[sp,#64] ldp x29,x30,[sp],#80 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size SHA3_absorb_cext,.-SHA3_absorb_cext ___ @@ -783,7 +785,7 @@ $code.=<<___; .type SHA3_squeeze_cext,%function .align 5 SHA3_squeeze_cext: - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-16]! add x29,sp,#0 mov x9,$ctx @@ -839,7 +841,7 @@ SHA3_squeeze_cext: .Lsqueeze_done_ce: ldr x29,[sp],#16 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size SHA3_squeeze_cext,.-SHA3_squeeze_cext ___ diff --git a/crypto/sha/asm/sha1-armv8.pl b/crypto/sha/asm/sha1-armv8.pl index cdea8845af..5f23a20c1a 100644 --- a/crypto/sha/asm/sha1-armv8.pl +++ b/crypto/sha/asm/sha1-armv8.pl @@ -175,8 +175,8 @@ ___ } $code.=<<___; +#include "arm_arch.h" #ifndef __KERNEL__ -# include "arm_arch.h" .extern OPENSSL_armcap_P .hidden OPENSSL_armcap_P #endif @@ -187,11 +187,13 @@ $code.=<<___; .type sha1_block_data_order,%function .align 6 sha1_block_data_order: + AARCH64_VALID_CALL_TARGET adrp x16,OPENSSL_armcap_P ldr w16,[x16,#:lo12:OPENSSL_armcap_P] tst w16,#ARMV8_SHA1 b.ne .Lv8_entry + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. stp x29,x30,[sp,#-96]! add x29,sp,#0 stp x19,x20,[sp,#16] @@ -253,6 +255,7 @@ $code.=<<___; .align 6 sha1_block_armv8: .Lv8_entry: + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. stp x29,x30,[sp,#-16]! add x29,sp,#0 diff --git a/crypto/sha/asm/sha512-armv8.pl b/crypto/sha/asm/sha512-armv8.pl index 6bcff0b7d3..f900882fee 100644 --- a/crypto/sha/asm/sha512-armv8.pl +++ b/crypto/sha/asm/sha512-armv8.pl @@ -190,8 +190,8 @@ ___ } $code.=<<___; +#include "arm_arch.h" #ifndef __KERNEL__ -# include "arm_arch.h" .extern OPENSSL_armcap_P .hidden OPENSSL_armcap_P #endif @@ -202,6 +202,7 @@ $code.=<<___; .type $func,%function .align 6 $func: + AARCH64_VALID_CALL_TARGET #ifndef __KERNEL__ adrp x16,OPENSSL_armcap_P ldr w16,[x16,#:lo12:OPENSSL_armcap_P] @@ -218,7 +219,7 @@ $code.=<<___ if ($SZ==8); ___ $code.=<<___; #endif - .inst 0xd503233f // paciasp + AARCH64_SIGN_LINK_REGISTER stp x29,x30,[sp,#-128]! add x29,sp,#0 @@ -280,7 +281,7 @@ $code.=<<___; ldp x25,x26,[x29,#64] ldp x27,x28,[x29,#80] ldp x29,x30,[sp],#128 - .inst 0xd50323bf // autiasp + AARCH64_VALIDATE_LINK_REGISTER ret .size $func,.-$func @@ -370,6 +371,7 @@ $code.=<<___; .align 6 sha256_block_armv8: .Lv8_entry: + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later. stp x29,x30,[sp,#-16]! add x29,sp,#0 @@ -632,7 +634,9 @@ $code.=<<___; .type sha256_block_neon,%function .align 4 sha256_block_neon: + AARCH64_VALID_CALL_TARGET .Lneon_entry: + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later stp x29, x30, [sp, #-16]! mov x29, sp sub sp,sp,#16*4 @@ -743,6 +747,7 @@ $code.=<<___; .align 6 sha512_block_armv8: .Lv8_entry: + // Armv8.3-A PAuth: even though x30 is pushed to stack it is not popped later stp x29,x30,[sp,#-16]! add x29,sp,#0 diff --git a/crypto/sha/build.info b/crypto/sha/build.info index 5d988e7ab5..7a5255ac97 100644 --- a/crypto/sha/build.info +++ b/crypto/sha/build.info @@ -145,6 +145,7 @@ INCLUDE[sha256-armv8.o]=.. GENERATE[sha512-armv8.S]=asm/sha512-armv8.pl INCLUDE[sha512-armv8.o]=.. GENERATE[keccak1600-armv8.S]=asm/keccak1600-armv8.pl +INCLUDE[keccak1600-armv8.o]=.. GENERATE[sha1-s390x.S]=asm/sha1-s390x.pl INCLUDE[sha1-s390x.o]=.. From bernd.edlinger at hotmail.de Fri Oct 1 18:41:25 2021 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Fri, 01 Oct 2021 18:41:25 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1633113685.734666.1203.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 1be120ac5bf613a7277250b6e73f3c60adad4517 (commit) from c23abef43ef482e129f440d40c98eb6d3a094e2b (commit) - Log ----------------------------------------------------------------- commit 1be120ac5bf613a7277250b6e73f3c60adad4517 Author: Bernd Edlinger Date: Thu Sep 30 17:18:44 2021 +0200 Fix a NPD bug in engines/e_dasync.c The dasync_aes_128_cbc_hmac_sha1 cipher depends on EVP_aes_128_cbc_hmac_sha1() returning a NON-NULL value. We should simply not advertise this cipher otherwise. Fixes: #7950 Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/16722) ----------------------------------------------------------------------- Summary of changes: engines/e_dasync.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/engines/e_dasync.c b/engines/e_dasync.c index 5cdacb66a0..07793037df 100644 --- a/engines/e_dasync.c +++ b/engines/e_dasync.c @@ -182,8 +182,8 @@ static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); static int dasync_cipher_nids[] = { - NID_aes_128_cbc, NID_aes_128_cbc_hmac_sha1, + NID_aes_128_cbc, 0 }; @@ -264,6 +264,7 @@ static int bind_dasync(ENGINE *e) 16 /* block size */, 16 /* key len */); if (_hidden_aes_128_cbc_hmac_sha1 == NULL + || EVP_aes_128_cbc_hmac_sha1() == NULL || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc_hmac_sha1,16) || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc_hmac_sha1, EVP_CIPH_CBC_MODE @@ -371,6 +372,10 @@ static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, int ok = 1; if (cipher == NULL) { /* We are returning a list of supported nids */ + if (dasync_aes_128_cbc_hmac_sha1() == NULL) { + *nids = dasync_cipher_nids + 1; + return 1; + } *nids = dasync_cipher_nids; return (sizeof(dasync_cipher_nids) - 1) / sizeof(dasync_cipher_nids[0]); From tomas at openssl.org Mon Oct 4 08:59:30 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Mon, 04 Oct 2021 08:59:30 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633337970.953060.19360.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via aaf7185a85ead411208d0decb17e4f444dddff13 (commit) from 0569756be7cda9d40a9e68bfb34980dcafccaae1 (commit) - Log ----------------------------------------------------------------- commit aaf7185a85ead411208d0decb17e4f444dddff13 Author: Dr. David von Oheimb Date: Thu Sep 30 11:12:49 2021 +0200 BIO_f_ssl.pod: Make clear where an SSL BIOs are expected as an argument Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16688) (cherry picked from commit 34901b0c39ed8fe7ddb81de4ad9fc0a7b2c45a0d) ----------------------------------------------------------------------- Summary of changes: doc/man3/BIO_f_ssl.pod | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/doc/man3/BIO_f_ssl.pod b/doc/man3/BIO_f_ssl.pod index 36ddf705d2..c6dc53c105 100644 --- a/doc/man3/BIO_f_ssl.pod +++ b/doc/man3/BIO_f_ssl.pod @@ -54,26 +54,26 @@ The SSL BIO is then reset to the initial accept or connect state. If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free(). -BIO_set_ssl() sets the internal SSL pointer of BIO B to B using +BIO_set_ssl() sets the internal SSL pointer of SSL BIO B to B using the close flag B. -BIO_get_ssl() retrieves the SSL pointer of BIO B, it can then be +BIO_get_ssl() retrieves the SSL pointer of SSL BIO B, it can then be manipulated using the standard SSL library functions. BIO_set_ssl_mode() sets the SSL BIO mode to B. If B is 1 client mode is set. If B is 0 server mode is set. -BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count +BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count of SSL BIO B to B. When set after every B bytes of I/O (read and write) the SSL session is automatically renegotiated. B must be at least 512 bytes. -BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to -B. When the renegotiate timeout elapses the session is -automatically renegotiated. +BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout of SSL BIO B +to B. +When the renegotiate timeout elapses the session is automatically renegotiated. BIO_get_num_renegotiates() returns the total number of session -renegotiations due to I/O or timeout. +renegotiations due to I/O or timeout of SSL BIO B. BIO_new_ssl() allocates an SSL BIO using SSL_CTX B and using client mode if B is non zero. @@ -82,8 +82,7 @@ BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using B) followed by a connect BIO. BIO_new_buffer_ssl_connect() creates a new BIO chain consisting -of a buffering BIO, an SSL BIO (using B) and a connect -BIO. +of a buffering BIO, an SSL BIO (using B), and a connect BIO. BIO_ssl_copy_session_id() copies an SSL session id between BIO chains B and B. It does this by locating the @@ -96,7 +95,7 @@ chain and calling SSL_shutdown() on its internal SSL pointer. BIO_do_handshake() attempts to complete an SSL handshake on the --supplied BIO and establish the SSL connection. +supplied BIO and establish the SSL connection. For non-SSL BIOs the connection is done typically at TCP level. If domain name resolution yields multiple IP addresses all of them are tried after connect() failures. From tomas at openssl.org Mon Oct 4 08:56:15 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Mon, 04 Oct 2021 08:56:15 +0000 Subject: [openssl] master update Message-ID: <1633337775.183502.9926.nullmailer@dev.openssl.org> The branch master has been updated via 34901b0c39ed8fe7ddb81de4ad9fc0a7b2c45a0d (commit) via 2342d9b650ed3dafd65b7edadbe805e04a4966ba (commit) via dce910af3bb135bd6d7c5a4cc512043b3ad4acc1 (commit) from 19e277dd19f2897f6a7b7eb236abe46655e575bf (commit) - Log ----------------------------------------------------------------- commit 34901b0c39ed8fe7ddb81de4ad9fc0a7b2c45a0d Author: Dr. David von Oheimb Date: Thu Sep 30 11:12:49 2021 +0200 BIO_f_ssl.pod: Make clear where an SSL BIOs are expected as an argument Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16688) commit 2342d9b650ed3dafd65b7edadbe805e04a4966ba Author: Dr. David von Oheimb Date: Wed Sep 29 10:46:23 2021 +0200 apps/lib/s_socket.c: Fix mem leak on host name in init_client() Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16688) commit dce910af3bb135bd6d7c5a4cc512043b3ad4acc1 Author: Dr. David von Oheimb Date: Mon Sep 27 14:22:40 2021 +0200 Fix ssl_free() and thus BIO_free() to respect BIO_NOCLOSE Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16688) ----------------------------------------------------------------------- Summary of changes: apps/lib/s_socket.c | 5 ++++- doc/man3/BIO_f_ssl.pod | 19 +++++++++---------- ssl/bio_ssl.c | 7 +++---- 3 files changed, 16 insertions(+), 15 deletions(-) diff --git a/apps/lib/s_socket.c b/apps/lib/s_socket.c index 1dd30ac724..4e262e681d 100644 --- a/apps/lib/s_socket.c +++ b/apps/lib/s_socket.c @@ -82,6 +82,7 @@ int init_client(int *sock, const char *host, const char *port, BIO_ADDRINFO *bindaddr = NULL; const BIO_ADDRINFO *ai = NULL; const BIO_ADDRINFO *bi = NULL; + char *hostname = NULL; int found = 0; int ret; @@ -172,7 +173,9 @@ int init_client(int *sock, const char *host, const char *port, break; } - BIO_printf(bio_out, "Connecting to %s\n", BIO_ADDR_hostname_string(BIO_ADDRINFO_address(ai), 1)); + hostname = BIO_ADDR_hostname_string(BIO_ADDRINFO_address(ai), 1); + BIO_printf(bio_out, "Connecting to %s\n", hostname); + OPENSSL_free(hostname); if (*sock == INVALID_SOCKET) { if (bindaddr != NULL && !found) { diff --git a/doc/man3/BIO_f_ssl.pod b/doc/man3/BIO_f_ssl.pod index 36ddf705d2..c6dc53c105 100644 --- a/doc/man3/BIO_f_ssl.pod +++ b/doc/man3/BIO_f_ssl.pod @@ -54,26 +54,26 @@ The SSL BIO is then reset to the initial accept or connect state. If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free(). -BIO_set_ssl() sets the internal SSL pointer of BIO B to B using +BIO_set_ssl() sets the internal SSL pointer of SSL BIO B to B using the close flag B. -BIO_get_ssl() retrieves the SSL pointer of BIO B, it can then be +BIO_get_ssl() retrieves the SSL pointer of SSL BIO B, it can then be manipulated using the standard SSL library functions. BIO_set_ssl_mode() sets the SSL BIO mode to B. If B is 1 client mode is set. If B is 0 server mode is set. -BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count +BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count of SSL BIO B to B. When set after every B bytes of I/O (read and write) the SSL session is automatically renegotiated. B must be at least 512 bytes. -BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to -B. When the renegotiate timeout elapses the session is -automatically renegotiated. +BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout of SSL BIO B +to B. +When the renegotiate timeout elapses the session is automatically renegotiated. BIO_get_num_renegotiates() returns the total number of session -renegotiations due to I/O or timeout. +renegotiations due to I/O or timeout of SSL BIO B. BIO_new_ssl() allocates an SSL BIO using SSL_CTX B and using client mode if B is non zero. @@ -82,8 +82,7 @@ BIO_new_ssl_connect() creates a new BIO chain consisting of an SSL BIO (using B) followed by a connect BIO. BIO_new_buffer_ssl_connect() creates a new BIO chain consisting -of a buffering BIO, an SSL BIO (using B) and a connect -BIO. +of a buffering BIO, an SSL BIO (using B), and a connect BIO. BIO_ssl_copy_session_id() copies an SSL session id between BIO chains B and B. It does this by locating the @@ -96,7 +95,7 @@ chain and calling SSL_shutdown() on its internal SSL pointer. BIO_do_handshake() attempts to complete an SSL handshake on the --supplied BIO and establish the SSL connection. +supplied BIO and establish the SSL connection. For non-SSL BIOs the connection is done typically at TCP level. If domain name resolution yields multiple IP addresses all of them are tried after connect() failures. diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c index 43747785f0..401178f0c2 100644 --- a/ssl/bio_ssl.c +++ b/ssl/bio_ssl.c @@ -76,13 +76,12 @@ static int ssl_free(BIO *a) if (a == NULL) return 0; bs = BIO_get_data(a); - if (bs->ssl != NULL) - SSL_shutdown(bs->ssl); if (BIO_get_shutdown(a)) { + if (bs->ssl != NULL) + SSL_shutdown(bs->ssl); if (BIO_get_init(a)) SSL_free(bs->ssl); - /* Clear all flags */ - BIO_clear_flags(a, ~0); + BIO_clear_flags(a, ~0); /* Clear all flags */ BIO_set_init(a, 0); } OPENSSL_free(bs); From tomas at openssl.org Mon Oct 4 08:59:11 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Mon, 04 Oct 2021 08:59:11 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633337951.715168.14354.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 0569756be7cda9d40a9e68bfb34980dcafccaae1 (commit) from 64d0cdc0742f3a3376d8dc6606311ee01bdb2bad (commit) - Log ----------------------------------------------------------------- commit 0569756be7cda9d40a9e68bfb34980dcafccaae1 Author: Dr. David von Oheimb Date: Mon Sep 27 14:22:40 2021 +0200 Fix ssl_free() and thus BIO_free() to respect BIO_NOCLOSE Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16688) (cherry picked from commit dce910af3bb135bd6d7c5a4cc512043b3ad4acc1) ----------------------------------------------------------------------- Summary of changes: ssl/bio_ssl.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c index 43747785f0..401178f0c2 100644 --- a/ssl/bio_ssl.c +++ b/ssl/bio_ssl.c @@ -76,13 +76,12 @@ static int ssl_free(BIO *a) if (a == NULL) return 0; bs = BIO_get_data(a); - if (bs->ssl != NULL) - SSL_shutdown(bs->ssl); if (BIO_get_shutdown(a)) { + if (bs->ssl != NULL) + SSL_shutdown(bs->ssl); if (BIO_get_init(a)) SSL_free(bs->ssl); - /* Clear all flags */ - BIO_clear_flags(a, ~0); + BIO_clear_flags(a, ~0); /* Clear all flags */ BIO_set_init(a, 0); } OPENSSL_free(bs); From tomas at openssl.org Mon Oct 4 09:27:36 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Mon, 04 Oct 2021 09:27:36 +0000 Subject: [openssl] master update Message-ID: <1633339656.433653.10167.nullmailer@dev.openssl.org> The branch master has been updated via 657d1927c68bdc3fb0250d16df2a8439e8e043f1 (commit) from 34901b0c39ed8fe7ddb81de4ad9fc0a7b2c45a0d (commit) - Log ----------------------------------------------------------------- commit 657d1927c68bdc3fb0250d16df2a8439e8e043f1 Author: Mark Fedorov Date: Wed Sep 29 20:49:59 2021 +0300 RISC-V support for the SHA256 Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16710) ----------------------------------------------------------------------- Summary of changes: crypto/sha/sha256.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 52 insertions(+), 7 deletions(-) diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c index 5845c38937..89beaf1479 100644 --- a/crypto/sha/sha256.c +++ b/crypto/sha/sha256.c @@ -129,18 +129,63 @@ static const SHA_LONG K256[64] = { 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL }; +# ifndef PEDANTIC +# if defined(__GNUC__) && __GNUC__>=2 && \ + !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) +# if __riscv_zknh +# define Sigma0(x) ({ MD32_REG_T ret; \ + asm ("sha256sum0 %0, %1" \ + : "=r"(ret) \ + : "r"(x)); ret; }) +# define Sigma1(x) ({ MD32_REG_T ret; \ + asm ("sha256sum1 %0, %1" \ + : "=r"(ret) \ + : "r"(x)); ret; }) +# define sigma0(x) ({ MD32_REG_T ret; \ + asm ("sha256sig0 %0, %1" \ + : "=r"(ret) \ + : "r"(x)); ret; }) +# define sigma1(x) ({ MD32_REG_T ret; \ + asm ("sha256sig1 %0, %1" \ + : "=r"(ret) \ + : "r"(x)); ret; }) +# endif +# if __riscv_zbt || __riscv_zpn +# define Ch(x,y,z) ({ MD32_REG_T ret; \ + asm (".insn r4 0x33, 1, 0x3, %0, %2, %1, %3"\ + : "=r"(ret) \ + : "r"(x), "r"(y), "r"(z)); ret; }) +# define Maj(x,y,z) ({ MD32_REG_T ret; \ + asm (".insn r4 0x33, 1, 0x3, %0, %2, %1, %3"\ + : "=r"(ret) \ + : "r"(x^z), "r"(y), "r"(x)); ret; }) +# endif +# endif +# endif + /* * FIPS specification refers to right rotations, while our ROTATE macro * is left one. This is why you might notice that rotation coefficients * differ from those observed in FIPS document by 32-N... */ -# define Sigma0(x) (ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10)) -# define Sigma1(x) (ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7)) -# define sigma0(x) (ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3)) -# define sigma1(x) (ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10)) - -# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) -# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) +# ifndef Sigma0 +# define Sigma0(x) (ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10)) +# endif +# ifndef Sigma1 +# define Sigma1(x) (ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7)) +# endif +# ifndef sigma0 +# define sigma0(x) (ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3)) +# endif +# ifndef sigma1 +# define sigma1(x) (ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10)) +# endif +# ifndef Ch +# define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) +# endif +# ifndef Maj +# define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) +# endif # ifdef OPENSSL_SMALL_FOOTPRINT From tomas at openssl.org Tue Oct 5 10:47:58 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Tue, 05 Oct 2021 10:47:58 +0000 Subject: [openssl] master update Message-ID: <1633430878.644126.14377.nullmailer@dev.openssl.org> The branch master has been updated via a596d38a8cddca4af3416b2664e120028d96e6a9 (commit) from 657d1927c68bdc3fb0250d16df2a8439e8e043f1 (commit) - Log ----------------------------------------------------------------- commit a596d38a8cddca4af3416b2664e120028d96e6a9 Author: Tianjia Zhang Date: Sun Oct 3 11:07:24 2021 +0800 obj: Add SM4 GCM/CCM OID Add the following OID: SM4-GCM: 1.2.156.10197.1.104.8 SM4-CCM: 1.2.156.10197.1.104.9 Signed-off-by: Tianjia Zhang Reviewed-by: Paul Dale Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16731) ----------------------------------------------------------------------- Summary of changes: crypto/objects/obj_dat.h | 20 +++++++++++++++----- crypto/objects/obj_mac.num | 2 ++ crypto/objects/objects.txt | 2 ++ fuzz/oids.txt | 2 ++ include/openssl/obj_mac.h | 10 ++++++++++ 5 files changed, 31 insertions(+), 5 deletions(-) diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 5d638fb05d..ed9debf890 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -10,7 +10,7 @@ */ /* Serialized OID's */ -static const unsigned char so[8076] = { +static const unsigned char so[8092] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -1115,9 +1115,11 @@ static const unsigned char so[8076] = { 0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x0D, /* [ 8045] OBJ_rpkiNotify */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x2F, /* [ 8053] OBJ_id_ct_geofeedCSVwithCRLF */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x30, /* [ 8064] OBJ_id_ct_signedChecklist */ + 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x08, /* [ 8075] OBJ_sm4_gcm */ + 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x09, /* [ 8083] OBJ_sm4_ccm */ }; -#define NUM_NID 1248 +#define NUM_NID 1250 static const ASN1_OBJECT nid_objs[NUM_NID] = { {"UNDEF", "undefined", NID_undef}, {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, @@ -2367,9 +2369,11 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { {"rpkiNotify", "RPKI Notify", NID_rpkiNotify, 8, &so[8045]}, {"id-ct-geofeedCSVwithCRLF", "id-ct-geofeedCSVwithCRLF", NID_id_ct_geofeedCSVwithCRLF, 11, &so[8053]}, {"id-ct-signedChecklist", "id-ct-signedChecklist", NID_id_ct_signedChecklist, 11, &so[8064]}, + {"SM4-GCM", "sm4-gcm", NID_sm4_gcm, 8, &so[8075]}, + {"SM4-CCM", "sm4-ccm", NID_sm4_ccm, 8, &so[8083]}, }; -#define NUM_SN 1239 +#define NUM_SN 1241 static const unsigned int sn_objs[NUM_SN] = { 364, /* "AD_DVCS" */ 419, /* "AES-128-CBC" */ @@ -2648,11 +2652,13 @@ static const unsigned int sn_objs[NUM_SN] = { 1204, /* "SM2-SM3" */ 1143, /* "SM3" */ 1134, /* "SM4-CBC" */ + 1249, /* "SM4-CCM" */ 1137, /* "SM4-CFB" */ 1136, /* "SM4-CFB1" */ 1138, /* "SM4-CFB8" */ 1139, /* "SM4-CTR" */ 1133, /* "SM4-ECB" */ + 1248, /* "SM4-GCM" */ 1135, /* "SM4-OFB" */ 188, /* "SMIME" */ 167, /* "SMIME-CAPS" */ @@ -3612,7 +3618,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1093, /* "x509ExtAdmission" */ }; -#define NUM_LN 1239 +#define NUM_LN 1241 static const unsigned int ln_objs[NUM_LN] = { 363, /* "AD Time Stamping" */ 405, /* "ANSI X9.62" */ @@ -4797,11 +4803,13 @@ static const unsigned int ln_objs[NUM_LN] = { 1143, /* "sm3" */ 1144, /* "sm3WithRSAEncryption" */ 1134, /* "sm4-cbc" */ + 1249, /* "sm4-ccm" */ 1137, /* "sm4-cfb" */ 1136, /* "sm4-cfb1" */ 1138, /* "sm4-cfb8" */ 1139, /* "sm4-ctr" */ 1133, /* "sm4-ecb" */ + 1248, /* "sm4-gcm" */ 1135, /* "sm4-ofb" */ 1203, /* "sshkdf" */ 1205, /* "sskdf" */ @@ -4855,7 +4863,7 @@ static const unsigned int ln_objs[NUM_LN] = { 125, /* "zlib compression" */ }; -#define NUM_OBJ 1110 +#define NUM_OBJ 1112 static const unsigned int obj_objs[NUM_OBJ] = { 0, /* OBJ_undef 0 */ 181, /* OBJ_iso 1 */ @@ -5332,6 +5340,8 @@ static const unsigned int obj_objs[NUM_OBJ] = { 1136, /* OBJ_sm4_cfb1 1 2 156 10197 1 104 5 */ 1138, /* OBJ_sm4_cfb8 1 2 156 10197 1 104 6 */ 1139, /* OBJ_sm4_ctr 1 2 156 10197 1 104 7 */ + 1248, /* OBJ_sm4_gcm 1 2 156 10197 1 104 8 */ + 1249, /* OBJ_sm4_ccm 1 2 156 10197 1 104 9 */ 1172, /* OBJ_sm2 1 2 156 10197 1 301 */ 1143, /* OBJ_sm3 1 2 156 10197 1 401 */ 1204, /* OBJ_SM2_with_SM3 1 2 156 10197 1 501 */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index c626558ad5..f20dbba312 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1245,3 +1245,5 @@ signedObject 1244 rpkiNotify 1245 id_ct_geofeedCSVwithCRLF 1246 id_ct_signedChecklist 1247 +sm4_gcm 1248 +sm4_ccm 1249 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 51dba7dcf3..b71a8eae2c 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -1565,6 +1565,8 @@ sm-scheme 104 4 : SM4-CFB : sm4-cfb sm-scheme 104 5 : SM4-CFB1 : sm4-cfb1 sm-scheme 104 6 : SM4-CFB8 : sm4-cfb8 sm-scheme 104 7 : SM4-CTR : sm4-ctr +sm-scheme 104 8 : SM4-GCM : sm4-gcm +sm-scheme 104 9 : SM4-CCM : sm4-ccm # There is no OID that just denotes "HMAC" oddly enough... diff --git a/fuzz/oids.txt b/fuzz/oids.txt index f0dbc30fc3..0fb14839f9 100644 --- a/fuzz/oids.txt +++ b/fuzz/oids.txt @@ -1111,3 +1111,5 @@ OBJ_signedObject="\x2B\x06\x01\x05\x05\x07\x30\x0B" OBJ_rpkiNotify="\x2B\x06\x01\x05\x05\x07\x30\x0D" OBJ_id_ct_geofeedCSVwithCRLF="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x2F" OBJ_id_ct_signedChecklist="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x30" +OBJ_sm4_gcm="\x2A\x81\x1C\xCF\x55\x01\x68\x08" +OBJ_sm4_ccm="\x2A\x81\x1C\xCF\x55\x01\x68\x09" diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index 0e86027667..c70bf172ba 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -4952,6 +4952,16 @@ #define NID_sm4_ctr 1139 #define OBJ_sm4_ctr OBJ_sm_scheme,104L,7L +#define SN_sm4_gcm "SM4-GCM" +#define LN_sm4_gcm "sm4-gcm" +#define NID_sm4_gcm 1248 +#define OBJ_sm4_gcm OBJ_sm_scheme,104L,8L + +#define SN_sm4_ccm "SM4-CCM" +#define LN_sm4_ccm "sm4-ccm" +#define NID_sm4_ccm 1249 +#define OBJ_sm4_ccm OBJ_sm_scheme,104L,9L + #define SN_hmac "HMAC" #define LN_hmac "hmac" #define NID_hmac 855 From viktor at openssl.org Tue Oct 5 14:24:28 2021 From: viktor at openssl.org (Viktor Dukhovni) Date: Tue, 05 Oct 2021 14:24:28 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633443868.192366.28022.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 7b4fccc8a53b6befc9dc1aa4204a87cf5050747c (commit) via adc0910993d8eb2581442823c1f1bf2196aaecfa (commit) from aaf7185a85ead411208d0decb17e4f444dddff13 (commit) - Log ----------------------------------------------------------------- commit 7b4fccc8a53b6befc9dc1aa4204a87cf5050747c Author: Viktor Dukhovni Date: Mon Aug 30 15:09:43 2021 -0400 Test for DANE cross cert fix Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz commit adc0910993d8eb2581442823c1f1bf2196aaecfa Author: Viktor Dukhovni Date: Mon Aug 30 14:17:16 2021 -0400 Prioritise DANE TLSA issuer certs over peer certs When building the certificate chain, prioritise any Cert(0) Full(0) certificates from TLSA records over certificates received from the peer. This is important when the server sends a cross cert, but TLSA records include the underlying root CA cert. We want to construct a chain with the issuer from the TLSA record, which can then match the TLSA records (while the associated cross cert may not). Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz ----------------------------------------------------------------------- Summary of changes: crypto/x509/x509_vfy.c | 20 +++++--- test/certs/cross-key.pem | 28 ++++++++++ test/certs/cross-root.pem | 18 +++++++ test/certs/root-cross-cert.pem | 18 +++++++ test/certs/setup.sh | 3 ++ test/dane-cross.in | 113 +++++++++++++++++++++++++++++++++++++++++ test/danetest.c | 2 +- test/recipes/80-test_dane.t | 6 ++- 8 files changed, 198 insertions(+), 10 deletions(-) create mode 100644 test/certs/cross-key.pem create mode 100644 test/certs/cross-root.pem create mode 100644 test/certs/root-cross-cert.pem create mode 100644 test/dane-cross.in diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 18c6172c98..0e5b18f67e 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -3023,22 +3023,26 @@ static int build_chain(X509_STORE_CTX *ctx) may_trusted = 1; } - /* - * Shallow-copy the stack of untrusted certificates (with TLS, this is - * typically the content of the peer's certificate message) so can make - * multiple passes over it, while free to remove elements as we go. - */ - if ((sk_untrusted = sk_X509_dup(ctx->untrusted)) == NULL) + /* Initialize empty untrusted stack. */ + if ((sk_untrusted = sk_X509_new_null()) == NULL) goto memerr; /* - * If we got any "DANE-TA(2) Cert(0) Full(0)" trust anchors from DNS, add - * them to our working copy of the untrusted certificate stack. + * If we got any "Cert(0) Full(0)" trust anchors from DNS, *prepend* them + * to our working copy of the untrusted certificate stack. */ if (DANETLS_ENABLED(dane) && dane->certs != NULL && !X509_add_certs(sk_untrusted, dane->certs, X509_ADD_FLAG_DEFAULT)) goto memerr; + /* + * Shallow-copy the stack of untrusted certificates (with TLS, this is + * typically the content of the peer's certificate message) so we can make + * multiple passes over it, while free to remove elements as we go. + */ + if (!X509_add_certs(sk_untrusted, ctx->untrusted, X509_ADD_FLAG_DEFAULT)) + goto memerr; + /* * Still absurdly large, but arithmetically safe, a lower hard upper bound * might be reasonable. diff --git a/test/certs/cross-key.pem b/test/certs/cross-key.pem new file mode 100644 index 0000000000..93cd467ac7 --- /dev/null +++ b/test/certs/cross-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCSkfwkYXTJFL4I +ICRQFXji6eX9I1NI97GBu2Yk8ejwctMttcJTlBLYpYRFQnZgsLwVEhA25KKlSNPz +PPrEVipT5Ll5J6uhWEBGLHETh8Qx4sI508B2zUP+2tnDapYtk5MNSVdQZXVt6wJu +sXY8vd58nHPLo4zr61MTwrj3Ld0lU18YHtxnGSMMYPPTxecE0mjYU038ELxZMdlT ++VSC0KOBJddj64+kXRdiDtQGVWE58MtX5/18LgSY3J/hvNhmcWuY611pgXcmwDPr +Sn1fDeRqG87Qs8KniS1dtWHDCVW/5KZOQeLcK6VTaEdnwdPYQ7BiJp4+3ypKmErd +T9TYBs8XAgMBAAECggEABIxdeGpm8DjGRgSQLjLg88CNPWG89sBrQk0SbvQ1HJfq +dJXRDxgMFtBsFTfX6kla3xfyHpQ/dY4qJZvmQNBXIQ/oiqumw9Ah153qlGJJmXdG +PEQDEz7+2lExawwmjgk6Uvs58LMHmCNUibUdzHgsdZcwudq8R6FWZ8lvIIo6GOJg +1gOoPbeAQtNAx8LPr+eDvpXoWJrCKJKuZCSRLV2CDmEH/+KH123cD4Lg+MsPNBJd +DsOitnVczlqnKDf5gSUXy3cwQlKFtOBa/0pN9wZvZDEWa30RmJmXI2bLo/h6GxGB +JXK57mTJG3UboWFIgNBU9IudPOdzDfJE1ul/Jon/AQKBgQC7/mmZg31a/8zlPLji +oWoEEutyNu0O28BCbBrw9t1SqtPFLm53AzIzB4RFVjn9i5dnxljh618KQiY4FbKM +mz1Yuzf7zCV7n8c1NakGwmW9Ezl8ZoLE44Nu7Pccukorl6uEY7kZa2vGa7krmIcI +6kFbvVbl4scbXlDL88hGHezhoQKBgQDHl3O8kOvOhIwfVH6qIjIO+0oR57Tqtwaw +A3oq6Ppdp65GK9G4f+/5L0z/Ay69MyauBLRA6+9LlW6SmAACSK69juvPMK6gd5uS +yWQ8imh6l304BAryjOHiNXHtpnmiaPAGNgFZKPsPbWlOo4ZexTEBq23i4JM1TUph +xpCmGY1ltwKBgEuYyPo0iAo55zkfq/Fmm2079nYdZEKfV7beJg9UFjgR/crDGyS8 +okkm8qe3PuaYZbATcNaYgcVsSFYxU3V7T7YIw0B8HW6TF9Zr16aiMatQucMurdNi +8g1/OPfSadURzqUUPPDd458M3o+LbHHHUbUEdJdJFGwLB06cn6KikglBAoGAMz8M +xV7EXOsleynbt9090yDsPLqsdhN2UR0jcf8NwZw7H+NCXsfimq1tbJCpoISQqt+k +VIL/lv2QPW1vmyaET0FyBGmwfJ0ZQdAZv32eI9Pfn9FR6kMIAGfOj8FNu8iL0Fxv +bjAafjSOdFWCO7UPxyj39ufIhEgLEB3GqA8pgfMCgYEAn/1Ov1Lu4MWq+72LygqG +78rxk6rIGGET64grG1CSjkylQ9mo14jG6O1lM4fwTjlbGQrKGtzQtL785dW+t5uH +zC2lDRDp8of+ErC31e+N4YDMdUHWeRBgHDYgsx4EgI0jNb02/UlziL1eARBpnfz6 +tw1erVdMmlA3LRBR5Mj+xso= +-----END PRIVATE KEY----- diff --git a/test/certs/cross-root.pem b/test/certs/cross-root.pem new file mode 100644 index 0000000000..dca5b10b91 --- /dev/null +++ b/test/certs/cross-root.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+jCCAeKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApDcm9z +cyBSb290MCAXDTIxMDgzMDE4MzMyNloYDzIxMjEwODMxMTgzMzI2WjAVMRMwEQYD +VQQDDApDcm9zcyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +kpH8JGF0yRS+CCAkUBV44unl/SNTSPexgbtmJPHo8HLTLbXCU5QS2KWERUJ2YLC8 +FRIQNuSipUjT8zz6xFYqU+S5eSeroVhARixxE4fEMeLCOdPAds1D/trZw2qWLZOT +DUlXUGV1besCbrF2PL3efJxzy6OM6+tTE8K49y3dJVNfGB7cZxkjDGDz08XnBNJo +2FNN/BC8WTHZU/lUgtCjgSXXY+uPpF0XYg7UBlVhOfDLV+f9fC4EmNyf4bzYZnFr +mOtdaYF3JsAz60p9Xw3kahvO0LPCp4ktXbVhwwlVv+SmTkHi3CulU2hHZ8HT2EOw +YiaePt8qSphK3U/U2AbPFwIDAQABo1MwUTAdBgNVHQ4EFgQUL16/ihJvr2w9I5k6 +3jjZ13SPW20wHwYDVR0jBBgwFoAUL16/ihJvr2w9I5k63jjZ13SPW20wDwYDVR0T +AQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUiqf8oQaPX3aW6I+dcRhsq5g +bpYF0X5jePk6UqWu86YcmpoRtGLH7e5aHGJYqrVrkOoo0q4eTL3Pm1/sB3omPRMb +ey/i7Z70wwd5yI8iz/WBmQDahYxq5wSDsUSdZDL0kSyoU2jCwXUPtuC6F1kMZBFI +uUeaFcF8oKVGuOHvZgj/FMBpT7tyjdPpDG4uo6AT04AKGhf5xO5UY2N+uqmEsXHK +HsKAEMrVhdeU5mbrfifvSkMYcYgJOX1KFP+t4U+ogqCHy1/Nfhq+WG1XN5GwhtuO +ze25NqI6ZvA2og4AoeIzvJ/+Nfl5PNtClm0IjbGvR77oOBMs71lO4GjUYj9eiw== +-----END CERTIFICATE----- diff --git a/test/certs/root-cross-cert.pem b/test/certs/root-cross-cert.pem new file mode 100644 index 0000000000..1339c32873 --- /dev/null +++ b/test/certs/root-cross-cert.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC9zCCAd+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApDcm9z +cyBSb290MCAXDTIxMDgzMDE4MzYzOFoYDzIxMjEwODMxMTgzNjM4WjASMRAwDgYD +VQQDDAdSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eYA +9Qa8oEY4eQ8/HnEZE20C3yubdmv8rLAh7daRCEI7pWM17FJboKJKxdYAlAOXWj25 +ZyjSfeMhXKTtxjyNjoTRnVTDPdl0opZ2Z3H5xhpQd7P9eO5b4OOMiSPCmiLsPtQ3 +ngfNwCtVERc6NEIcaQ06GLDtFZRexv2eh8Yc55QaksBfBcFzQ+UD3gmRySTO2I6L +fi7gMUjRhipqVSZ66As2Tpex4KTJ2lxpSwOACFaDox+yKrjBTP7FsU3UwAGq7b7O +Jb3uaa32B81uK6GJVPVo65gJ7clgZsszYkoDsGjWDqtfwTVVfv1G7rrr3Laio+2F +f3fftWgiQ35mJCOvxQIDAQABo1MwUTAdBgNVHQ4EFgQUjvUlrx6ba4Q9fICayVOc +TXL3o1IwHwYDVR0jBBgwFoAUL16/ihJvr2w9I5k63jjZ13SPW20wDwYDVR0TAQH/ +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHi+qdZF/jJrR/F3L60JVLOOUhTpi +LxFFBksZPVaiVf+6R8pSMy0WtDEkzGT430ji6V4i8O/70HXIG9n9pCye8sLsOl6D +exXj/MkwwSd3J0Y58zd8ZwMrK9m/jyFrk9TlWokfIFL/eC8VFsu7qmSSRLIjMuxc +YPPisgR5+WPcus7Jf8auqcYw8eW0GPc1ugJobwucs5e/TinksMfwQrzEydmOPoWI +Pfur7MjPr5IQXROtQv+CihMigPIHvi73YzSe5zdPCw8JcuZ5vBi2pwquvzvGLtMM +Btln/SwonyQMks5WV4dOk6NOB73mCMywCir4ybp9ElJMaUGEF9nLO+h8Fg== +-----END CERTIFICATE----- diff --git a/test/certs/setup.sh b/test/certs/setup.sh index c4a6f28fc9..f1d5d5187c 100755 --- a/test/certs/setup.sh +++ b/test/certs/setup.sh @@ -7,6 +7,9 @@ ./mkcert.sh genroot "Root CA" root-key2 root-cert2 ./mkcert.sh genroot "Root Cert 2" root-key root-name2 DAYS=-1 ./mkcert.sh genroot "Root CA" root-key root-expired +# cross root and root cross cert +./mkcert.sh genroot "Cross Root" cross-key cross-root +./mkcert.sh genca "Root CA" root-key root-cross-cert cross-key cross-root # trust variants: +serverAuth -serverAuth +clientAuth -clientAuth, openssl x509 -in root-cert.pem -trustout \ -addtrust serverAuth -out root+serverAuth.pem diff --git a/test/dane-cross.in b/test/dane-cross.in new file mode 100644 index 0000000000..81252a110e --- /dev/null +++ b/test/dane-cross.in @@ -0,0 +1,113 @@ +# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html +# +# Blank and comment lines ignored. +# +# The first line in each block takes the form: +# +# +# +# It is followed by lines of the form: +# +# +# +# and finally, by certificates. + +# 1 +# Ensure TLSA with direct root works when peer chain provides a +# cross-cert. +1 4 0 0 2 +2 0 0 308202f1308201d9a003020102020101300d06092a864886f70d01010b050030123110300e06035504030c07526f6f742043413020170d3136303131353038313934395a180f32313136303131363038313934395a30123110300e06035504030c07526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e1e600f506bca04638790f3f1e7119136d02df2b9b766bfcacb021edd69108423ba56335ec525ba0a24ac5d6009403975a3db96728d27de3215ca4edc63c8d8e84d19d54c33dd974a296766771f9c61a5077b3fd78ee5be0e38c8923c29a22ec3ed4379e07cdc02b5511173a34421c690d3a18b0ed15945ec6fd9e87c61ce7941a92c05f05c17343e503de0991c924ced88e8b7e2ee03148d1862a6a55267ae80b364e97b1e0a4c9da5c694b0380085683a31fb22ab8c14cfec5b14dd4c001aaedbece25bdee69adf607cd6e2ba18954f568eb9809edc96066cb33624a03b068d60eab5fc135557efd46eebaebdcb6a2a3ed857f77dfb56822437e662423afc50203010001a350304e301d0603551d0e041604148ef525af1e9b6b843d7c809ac9539c4d72f7a352301f0603551d230418301680148ef525af1e9b6b843d7c809ac9539c4d72f7a352300c0603551d13040530030101ff300d06092a864886f70d01010b05000382010100c91449c76ed660ea203d76693df00cb7ca6d6a9affba02d618b9706f32b24a8c8ba68576fd8340bd300607dd2216aeb1fee8e3acae35fc44b4a77bf7f3f41fbb1a36e2071981cfe860b57652a47eb860b1ebca763962d872d06c011b5858e1203e11c56fd695c5c3902b2647b62bc35f4c0b197fa7a99a075fd21899cd2c6e944144ccf146c0a16f30f9adef6467936b8248c0e8327b8d88761a2b4e33aa085370ddf7ea64ddb084905520472f6a37f93e0327aa1f541c6f92d4f8c4e6970f1b9b2ce630e05981d7a0b4ee07b2170130ed39e0a481dd649f04f0ce6c4859d2f9bf970eb74c68bcf3220cb65926714da0d112a979023de86e907aa1f2285de9f0 +subject=CN = server.example +issuer=CN = CA +notBefore=Jan 15 08:19:49 2016 GMT +notAfter=Jan 16 08:19:49 2116 GMT +-----BEGIN CERTIFICATE----- +MIIDIDCCAgigAwIBAgIBAjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJDQTAg +Fw0xNjAxMTUwODE5NDlaGA8yMTE2MDExNjA4MTk0OVowGTEXMBUGA1UEAwwOc2Vy +dmVyLmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo/4lY +YYWu3tssD9Vz++K3qBt6dWAr1H08c3a1rt6TL38kkG3JHPSKOM2fooAWVsu0LLuT +5Rcf/w3GQ/4xNPgo2HXpo7uIgu+jcuJTYgVFTeAxl++qnRDSWA2eBp4yuxsIVl1l +Dz9mjsI2oBH/wFk1/Ukc3RxCMwZ4rgQ4I+XndWfTlK1aqUAfrFkQ9QzBZK1KxMY1 +U7OWaoIbFYvRmavknm+UqtKW5Vf7jJFkijwkFsbSGb6CYBM7YrDtPh2zyvlr3zG5 +ep5LR2inKcc/SuIiJ7TvkGPX79ByST5brbkb1Ctvhmjd1XMSuEPJ3EEPoqNGT4tn +iIQPYf55NB9KiR+3AgMBAAGjfTB7MB0GA1UdDgQWBBTnm+IqrYpsOst2UeWOB5gi +l+FzojAfBgNVHSMEGDAWgBS0ETPx1+Je91OeICIQT4YGvx/JXjAJBgNVHRMEAjAA +MBMGA1UdJQQMMAoGCCsGAQUFBwMBMBkGA1UdEQQSMBCCDnNlcnZlci5leGFtcGxl +MA0GCSqGSIb3DQEBCwUAA4IBAQBBtDxPYULl5b7VFC7/U0NgV8vTJk4zpPnUMMQ4 +QF2AWDFAek8oLKrz18KQ8M/DEhDxgkaoeXEMLT6BJUEVNYuFEYHEDGarl0nMDRXL +xOgAExfz3Tf/pjsLaha5aWH7NyCSKWC+lYkIOJ/Kb/m/6QsDJoXsEC8AhrPfqJhz +UzsCoxIlaDWqawH4+S8bdeX0tvs2VtJk/WOJHxMqXra6kgI4fAgyvr2kIZHinQ3y +cgX40uAC38bwpE95kJ7FhSfQlE1Rt7sOspUj098Dd0RNDn2uKyOTxEqIELHfw4AX +O3XAzt8qDyho8nEd/xiQ6qgsQnvXa+hSRJw42g3/czVskxRx +-----END CERTIFICATE----- +subject=CN = CA +issuer=CN = Root CA +notBefore=Jan 15 08:19:49 2016 GMT +notAfter=Jan 16 08:19:49 2116 GMT +-----BEGIN CERTIFICATE----- +MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD +DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd +j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz +n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W +l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l +YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc +ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9 +CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G +A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ +KoZIhvcNAQELBQADggEBADnZ9uXGAdwfNC3xuERIlBwgLROeBRGgcfHWdXZB/tWk +IM9ox88wYKWynanPbra4n0zhepooKt+naeY2HLR8UgwT6sTi0Yfld9mjytA8/DP6 +AcqtIDDf60vNI00sgxjgZqofVayA9KShzIPzjBec4zI1sg5YzoSNyH28VXFstEpi +8CVtmRYQHhc2gDI9MGge4sHRYwaIFkegzpwcEUnp6tTVe9ZvHawgsXF/rCGfH4M6 +uNO0D+9Md1bdW7382yOtWbkyibsugqnfBYCUH6hAhDlfYzpba2Smb0roc6Crq7HR +5HpEYY6qEir9wFMkD5MZsWrNRGRuzd5am82J+aaHz/4= +-----END CERTIFICATE----- +subject=CN = Root CA +issuer=CN = Cross Root +notBefore=Aug 30 18:36:38 2021 GMT +notAfter=Aug 31 18:36:38 2121 GMT +-----BEGIN CERTIFICATE----- +MIIC9zCCAd+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApDcm9z +cyBSb290MCAXDTIxMDgzMDE4MzYzOFoYDzIxMjEwODMxMTgzNjM4WjASMRAwDgYD +VQQDDAdSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eYA +9Qa8oEY4eQ8/HnEZE20C3yubdmv8rLAh7daRCEI7pWM17FJboKJKxdYAlAOXWj25 +ZyjSfeMhXKTtxjyNjoTRnVTDPdl0opZ2Z3H5xhpQd7P9eO5b4OOMiSPCmiLsPtQ3 +ngfNwCtVERc6NEIcaQ06GLDtFZRexv2eh8Yc55QaksBfBcFzQ+UD3gmRySTO2I6L +fi7gMUjRhipqVSZ66As2Tpex4KTJ2lxpSwOACFaDox+yKrjBTP7FsU3UwAGq7b7O +Jb3uaa32B81uK6GJVPVo65gJ7clgZsszYkoDsGjWDqtfwTVVfv1G7rrr3Laio+2F +f3fftWgiQ35mJCOvxQIDAQABo1MwUTAdBgNVHQ4EFgQUjvUlrx6ba4Q9fICayVOc +TXL3o1IwHwYDVR0jBBgwFoAUL16/ihJvr2w9I5k63jjZ13SPW20wDwYDVR0TAQH/ +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHi+qdZF/jJrR/F3L60JVLOOUhTpi +LxFFBksZPVaiVf+6R8pSMy0WtDEkzGT430ji6V4i8O/70HXIG9n9pCye8sLsOl6D +exXj/MkwwSd3J0Y58zd8ZwMrK9m/jyFrk9TlWokfIFL/eC8VFsu7qmSSRLIjMuxc +YPPisgR5+WPcus7Jf8auqcYw8eW0GPc1ugJobwucs5e/TinksMfwQrzEydmOPoWI +Pfur7MjPr5IQXROtQv+CihMigPIHvi73YzSe5zdPCw8JcuZ5vBi2pwquvzvGLtMM +Btln/SwonyQMks5WV4dOk6NOB73mCMywCir4ybp9ElJMaUGEF9nLO+h8Fg== +-----END CERTIFICATE----- +subject=CN = Cross Root +issuer=CN = Cross Root +notBefore=Aug 30 18:33:26 2021 GMT +notAfter=Aug 31 18:33:26 2121 GMT +-----BEGIN CERTIFICATE----- +MIIC+jCCAeKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApDcm9z +cyBSb290MCAXDTIxMDgzMDE4MzMyNloYDzIxMjEwODMxMTgzMzI2WjAVMRMwEQYD +VQQDDApDcm9zcyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +kpH8JGF0yRS+CCAkUBV44unl/SNTSPexgbtmJPHo8HLTLbXCU5QS2KWERUJ2YLC8 +FRIQNuSipUjT8zz6xFYqU+S5eSeroVhARixxE4fEMeLCOdPAds1D/trZw2qWLZOT +DUlXUGV1besCbrF2PL3efJxzy6OM6+tTE8K49y3dJVNfGB7cZxkjDGDz08XnBNJo +2FNN/BC8WTHZU/lUgtCjgSXXY+uPpF0XYg7UBlVhOfDLV+f9fC4EmNyf4bzYZnFr +mOtdaYF3JsAz60p9Xw3kahvO0LPCp4ktXbVhwwlVv+SmTkHi3CulU2hHZ8HT2EOw +YiaePt8qSphK3U/U2AbPFwIDAQABo1MwUTAdBgNVHQ4EFgQUL16/ihJvr2w9I5k6 +3jjZ13SPW20wHwYDVR0jBBgwFoAUL16/ihJvr2w9I5k63jjZ13SPW20wDwYDVR0T +AQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUiqf8oQaPX3aW6I+dcRhsq5g +bpYF0X5jePk6UqWu86YcmpoRtGLH7e5aHGJYqrVrkOoo0q4eTL3Pm1/sB3omPRMb +ey/i7Z70wwd5yI8iz/WBmQDahYxq5wSDsUSdZDL0kSyoU2jCwXUPtuC6F1kMZBFI +uUeaFcF8oKVGuOHvZgj/FMBpT7tyjdPpDG4uo6AT04AKGhf5xO5UY2N+uqmEsXHK +HsKAEMrVhdeU5mbrfifvSkMYcYgJOX1KFP+t4U+ogqCHy1/Nfhq+WG1XN5GwhtuO +ze25NqI6ZvA2og4AoeIzvJ/+Nfl5PNtClm0IjbGvR77oOBMs71lO4GjUYj9eiw== +-----END CERTIFICATE----- diff --git a/test/danetest.c b/test/danetest.c index 6217e5470d..8af31aa34e 100644 --- a/test/danetest.c +++ b/test/danetest.c @@ -149,7 +149,7 @@ err: static char *read_to_eol(BIO *f) { - static char buf[1024]; + static char buf[4096]; int n; if (!BIO_gets(f, buf, sizeof(buf))) diff --git a/test/recipes/80-test_dane.t b/test/recipes/80-test_dane.t index 7c415aa9e2..6f8df8e990 100644 --- a/test/recipes/80-test_dane.t +++ b/test/recipes/80-test_dane.t @@ -17,8 +17,12 @@ setup("test_dane"); plan skip_all => "test_dane uses ec which is not supported by this OpenSSL build" if disabled("ec"); -plan tests => 1; # The number of tests being performed +plan tests => 2; # The number of tests being performed ok(run(test(["danetest", "example.com", srctop_file("test", "danetest.pem"), srctop_file("test", "danetest.in")])), "dane tests"); + +ok(run(test(["danetest", "server.example", + srctop_file("test", "certs", "cross-root.pem"), + srctop_file("test", "dane-cross.in")])), "dane cross CA test"); From beldmit at gmail.com Wed Oct 6 12:26:49 2021 From: beldmit at gmail.com (beldmit at gmail.com) Date: Wed, 06 Oct 2021 12:26:49 +0000 Subject: [openssl] master update Message-ID: <1633523209.971616.1471.nullmailer@dev.openssl.org> The branch master has been updated via 59cd0bc1364b5ea817af7f6d36df89c93610cdb5 (commit) from a596d38a8cddca4af3416b2664e120028d96e6a9 (commit) - Log ----------------------------------------------------------------- commit 59cd0bc1364b5ea817af7f6d36df89c93610cdb5 Author: Dmitry Belyavskiy Date: Sun Oct 3 20:20:23 2021 +0200 Fix for the dasync engine Fixes: #16724 Fixes: #16735 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/16734) ----------------------------------------------------------------------- Summary of changes: engines/e_dasync.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/engines/e_dasync.c b/engines/e_dasync.c index e2e587d839..b775d59a2c 100644 --- a/engines/e_dasync.c +++ b/engines/e_dasync.c @@ -211,7 +211,8 @@ static int bind_dasync(ENGINE *e) /* Setup RSA */ ; if ((dasync_rsa_orig = EVP_PKEY_meth_find(EVP_PKEY_RSA)) == NULL - || (dasync_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0)) == NULL) + || (dasync_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, + EVP_PKEY_FLAG_AUTOARGLEN)) == NULL) return 0; EVP_PKEY_meth_set_init(dasync_rsa, dasync_rsa_init); EVP_PKEY_meth_set_cleanup(dasync_rsa, dasync_rsa_cleanup); @@ -312,7 +313,10 @@ static int bind_dasync(ENGINE *e) static void destroy_pkey(void) { - EVP_PKEY_meth_free(dasync_rsa); + /* + * We don't actually need to free the dasync_rsa method since this is + * automatically freed for us by libcrypto. + */ dasync_rsa_orig = NULL; dasync_rsa = NULL; } @@ -829,7 +833,7 @@ static int dasync_rsa_paramgen_init(EVP_PKEY_CTX *ctx) if (pparamgen_init == NULL) EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, &pparamgen_init, NULL); - return pparamgen_init(ctx); + return pparamgen_init != NULL ? pparamgen_init(ctx) : 1; } static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) @@ -838,7 +842,7 @@ static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) if (pparamgen == NULL) EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, NULL, &pparamgen); - return pparamgen(ctx, pkey); + return pparamgen != NULL ? pparamgen(ctx, pkey) : 1; } static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx) @@ -847,7 +851,7 @@ static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx) if (pkeygen_init == NULL) EVP_PKEY_meth_get_keygen(dasync_rsa_orig, &pkeygen_init, NULL); - return pkeygen_init(ctx); + return pkeygen_init != NULL ? pkeygen_init(ctx) : 1; } static int dasync_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) @@ -865,7 +869,7 @@ static int dasync_rsa_encrypt_init(EVP_PKEY_CTX *ctx) if (pencrypt_init == NULL) EVP_PKEY_meth_get_encrypt(dasync_rsa_orig, &pencrypt_init, NULL); - return pencrypt_init(ctx); + return pencrypt_init != NULL ? pencrypt_init(ctx) : 1; } static int dasync_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, @@ -887,7 +891,7 @@ static int dasync_rsa_decrypt_init(EVP_PKEY_CTX *ctx) if (pdecrypt_init == NULL) EVP_PKEY_meth_get_decrypt(dasync_rsa_orig, &pdecrypt_init, NULL); - return pdecrypt_init(ctx); + return pdecrypt_init != NULL ? pdecrypt_init(ctx) : 1; } static int dasync_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, From beldmit at gmail.com Wed Oct 6 12:27:32 2021 From: beldmit at gmail.com (beldmit at gmail.com) Date: Wed, 06 Oct 2021 12:27:32 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633523252.457628.2905.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via d62c5d6be13cca99fa94e780e55a1c63445ad9cd (commit) from 7b4fccc8a53b6befc9dc1aa4204a87cf5050747c (commit) - Log ----------------------------------------------------------------- commit d62c5d6be13cca99fa94e780e55a1c63445ad9cd Author: Dmitry Belyavskiy Date: Sun Oct 3 20:20:23 2021 +0200 Fix for the dasync engine Fixes: #16724 Fixes: #16735 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/16734) (cherry picked from commit 59cd0bc1364b5ea817af7f6d36df89c93610cdb5) ----------------------------------------------------------------------- Summary of changes: engines/e_dasync.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/engines/e_dasync.c b/engines/e_dasync.c index e2e587d839..b775d59a2c 100644 --- a/engines/e_dasync.c +++ b/engines/e_dasync.c @@ -211,7 +211,8 @@ static int bind_dasync(ENGINE *e) /* Setup RSA */ ; if ((dasync_rsa_orig = EVP_PKEY_meth_find(EVP_PKEY_RSA)) == NULL - || (dasync_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0)) == NULL) + || (dasync_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, + EVP_PKEY_FLAG_AUTOARGLEN)) == NULL) return 0; EVP_PKEY_meth_set_init(dasync_rsa, dasync_rsa_init); EVP_PKEY_meth_set_cleanup(dasync_rsa, dasync_rsa_cleanup); @@ -312,7 +313,10 @@ static int bind_dasync(ENGINE *e) static void destroy_pkey(void) { - EVP_PKEY_meth_free(dasync_rsa); + /* + * We don't actually need to free the dasync_rsa method since this is + * automatically freed for us by libcrypto. + */ dasync_rsa_orig = NULL; dasync_rsa = NULL; } @@ -829,7 +833,7 @@ static int dasync_rsa_paramgen_init(EVP_PKEY_CTX *ctx) if (pparamgen_init == NULL) EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, &pparamgen_init, NULL); - return pparamgen_init(ctx); + return pparamgen_init != NULL ? pparamgen_init(ctx) : 1; } static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) @@ -838,7 +842,7 @@ static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) if (pparamgen == NULL) EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, NULL, &pparamgen); - return pparamgen(ctx, pkey); + return pparamgen != NULL ? pparamgen(ctx, pkey) : 1; } static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx) @@ -847,7 +851,7 @@ static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx) if (pkeygen_init == NULL) EVP_PKEY_meth_get_keygen(dasync_rsa_orig, &pkeygen_init, NULL); - return pkeygen_init(ctx); + return pkeygen_init != NULL ? pkeygen_init(ctx) : 1; } static int dasync_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) @@ -865,7 +869,7 @@ static int dasync_rsa_encrypt_init(EVP_PKEY_CTX *ctx) if (pencrypt_init == NULL) EVP_PKEY_meth_get_encrypt(dasync_rsa_orig, &pencrypt_init, NULL); - return pencrypt_init(ctx); + return pencrypt_init != NULL ? pencrypt_init(ctx) : 1; } static int dasync_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, @@ -887,7 +891,7 @@ static int dasync_rsa_decrypt_init(EVP_PKEY_CTX *ctx) if (pdecrypt_init == NULL) EVP_PKEY_meth_get_decrypt(dasync_rsa_orig, &pdecrypt_init, NULL); - return pdecrypt_init(ctx); + return pdecrypt_init != NULL ? pdecrypt_init(ctx) : 1; } static int dasync_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, From bernd.edlinger at hotmail.de Wed Oct 6 13:10:32 2021 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Wed, 06 Oct 2021 13:10:32 +0000 Subject: [openssl] master update Message-ID: <1633525832.386983.30495.nullmailer@dev.openssl.org> The branch master has been updated via 6f6a5e0c7c41b6b3639e51f435cd98bb3ae061bc (commit) from 59cd0bc1364b5ea817af7f6d36df89c93610cdb5 (commit) - Log ----------------------------------------------------------------- commit 6f6a5e0c7c41b6b3639e51f435cd98bb3ae061bc Author: Bernd Edlinger Date: Mon Oct 4 19:45:19 2021 +0200 Fix a memory leak in the afalg engine Fixes: #16743 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16744) ----------------------------------------------------------------------- Summary of changes: engines/e_afalg.c | 7 ++----- test/afalgtest.c | 42 +++++++++++++++++++----------------------- 2 files changed, 21 insertions(+), 28 deletions(-) diff --git a/engines/e_afalg.c b/engines/e_afalg.c index d8d3ef610c..2c08cbb28d 100644 --- a/engines/e_afalg.c +++ b/engines/e_afalg.c @@ -683,11 +683,8 @@ static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx) } actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); - if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) { - ALG_WARN("%s afalg ctx passed\n", - ctx == NULL ? "NULL" : "Uninitialised"); - return 0; - } + if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) + return 1; close(actx->sfd); close(actx->bfd); diff --git a/test/afalgtest.c b/test/afalgtest.c index f0bdb26271..02947c1ed3 100644 --- a/test/afalgtest.c +++ b/test/afalgtest.c @@ -24,26 +24,7 @@ #ifndef OPENSSL_NO_ENGINE static ENGINE *e; -#endif - -#ifndef OPENSSL_NO_AFALGENG -# include -# define K_MAJ 4 -# define K_MIN1 1 -# define K_MIN2 0 -# if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2) -/* - * If we get here then it looks like there is a mismatch between the linux - * headers and the actual kernel version, so we have tried to compile with - * afalg support, but then skipped it in e_afalg.c. As far as this test is - * concerned we behave as if we had been configured without support - */ -# define OPENSSL_NO_AFALGENG -# endif -#endif - -#ifndef OPENSSL_NO_AFALGENG static int test_afalg_aes_cbc(int keysize_idx) { EVP_CIPHER_CTX *ctx; @@ -127,9 +108,25 @@ static int test_afalg_aes_cbc(int keysize_idx) EVP_CIPHER_CTX_free(ctx); return ret; } -#endif -#ifndef OPENSSL_NO_ENGINE +static int test_pr16743(void) +{ + int ret = 0; + const EVP_CIPHER * cipher; + EVP_CIPHER_CTX *ctx; + + if (!TEST_true(ENGINE_init(e))) + return 0; + cipher = ENGINE_get_cipher(e, NID_aes_128_cbc); + ctx = EVP_CIPHER_CTX_new(); + if (cipher != NULL && ctx != NULL) + ret = EVP_EncryptInit_ex(ctx, cipher, e, NULL, NULL); + TEST_true(ret); + EVP_CIPHER_CTX_free(ctx); + ENGINE_finish(e); + return ret; +} + int global_init(void) { ENGINE_load_builtin_engines(); @@ -147,9 +144,8 @@ int setup_tests(void) /* Probably a platform env issue, not a test failure. */ TEST_info("Can't load AFALG engine"); } else { -# ifndef OPENSSL_NO_AFALGENG ADD_ALL_TESTS(test_afalg_aes_cbc, 3); -# endif + ADD_TEST(test_pr16743); } #endif From bernd.edlinger at hotmail.de Wed Oct 6 13:11:12 2021 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Wed, 06 Oct 2021 13:11:12 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633525872.577118.31900.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via d5f6b038fe75f12603a67d0a67492aca4be9ccec (commit) from d62c5d6be13cca99fa94e780e55a1c63445ad9cd (commit) - Log ----------------------------------------------------------------- commit d5f6b038fe75f12603a67d0a67492aca4be9ccec Author: Bernd Edlinger Date: Mon Oct 4 19:45:19 2021 +0200 Fix a memory leak in the afalg engine Fixes: #16743 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16744) (cherry picked from commit 6f6a5e0c7c41b6b3639e51f435cd98bb3ae061bc) ----------------------------------------------------------------------- Summary of changes: engines/e_afalg.c | 7 ++----- test/afalgtest.c | 42 +++++++++++++++++++----------------------- 2 files changed, 21 insertions(+), 28 deletions(-) diff --git a/engines/e_afalg.c b/engines/e_afalg.c index d8d3ef610c..2c08cbb28d 100644 --- a/engines/e_afalg.c +++ b/engines/e_afalg.c @@ -683,11 +683,8 @@ static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx) } actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); - if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) { - ALG_WARN("%s afalg ctx passed\n", - ctx == NULL ? "NULL" : "Uninitialised"); - return 0; - } + if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) + return 1; close(actx->sfd); close(actx->bfd); diff --git a/test/afalgtest.c b/test/afalgtest.c index f0bdb26271..02947c1ed3 100644 --- a/test/afalgtest.c +++ b/test/afalgtest.c @@ -24,26 +24,7 @@ #ifndef OPENSSL_NO_ENGINE static ENGINE *e; -#endif - -#ifndef OPENSSL_NO_AFALGENG -# include -# define K_MAJ 4 -# define K_MIN1 1 -# define K_MIN2 0 -# if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2) -/* - * If we get here then it looks like there is a mismatch between the linux - * headers and the actual kernel version, so we have tried to compile with - * afalg support, but then skipped it in e_afalg.c. As far as this test is - * concerned we behave as if we had been configured without support - */ -# define OPENSSL_NO_AFALGENG -# endif -#endif - -#ifndef OPENSSL_NO_AFALGENG static int test_afalg_aes_cbc(int keysize_idx) { EVP_CIPHER_CTX *ctx; @@ -127,9 +108,25 @@ static int test_afalg_aes_cbc(int keysize_idx) EVP_CIPHER_CTX_free(ctx); return ret; } -#endif -#ifndef OPENSSL_NO_ENGINE +static int test_pr16743(void) +{ + int ret = 0; + const EVP_CIPHER * cipher; + EVP_CIPHER_CTX *ctx; + + if (!TEST_true(ENGINE_init(e))) + return 0; + cipher = ENGINE_get_cipher(e, NID_aes_128_cbc); + ctx = EVP_CIPHER_CTX_new(); + if (cipher != NULL && ctx != NULL) + ret = EVP_EncryptInit_ex(ctx, cipher, e, NULL, NULL); + TEST_true(ret); + EVP_CIPHER_CTX_free(ctx); + ENGINE_finish(e); + return ret; +} + int global_init(void) { ENGINE_load_builtin_engines(); @@ -147,9 +144,8 @@ int setup_tests(void) /* Probably a platform env issue, not a test failure. */ TEST_info("Can't load AFALG engine"); } else { -# ifndef OPENSSL_NO_AFALGENG ADD_ALL_TESTS(test_afalg_aes_cbc, 3); -# endif + ADD_TEST(test_pr16743); } #endif From bernd.edlinger at hotmail.de Wed Oct 6 13:11:30 2021 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Wed, 06 Oct 2021 13:11:30 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1633525890.723839.669.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 2fd9c433712a08474af071cef538ffcd94dc4b57 (commit) from 1be120ac5bf613a7277250b6e73f3c60adad4517 (commit) - Log ----------------------------------------------------------------- commit 2fd9c433712a08474af071cef538ffcd94dc4b57 Author: Bernd Edlinger Date: Mon Oct 4 19:45:19 2021 +0200 Fix a memory leak in the afalg engine Fixes: #16743 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16744) (cherry picked from commit 6f6a5e0c7c41b6b3639e51f435cd98bb3ae061bc) ----------------------------------------------------------------------- Summary of changes: engines/e_afalg.c | 7 ++----- test/afalgtest.c | 42 +++++++++++++++++++----------------------- 2 files changed, 21 insertions(+), 28 deletions(-) diff --git a/engines/e_afalg.c b/engines/e_afalg.c index 4b17228461..ccf838a9ea 100644 --- a/engines/e_afalg.c +++ b/engines/e_afalg.c @@ -624,11 +624,8 @@ static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx) } actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); - if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) { - ALG_WARN("%s afalg ctx passed\n", - ctx == NULL ? "NULL" : "Uninitialised"); - return 0; - } + if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) + return 1; close(actx->sfd); close(actx->bfd); diff --git a/test/afalgtest.c b/test/afalgtest.c index adb2977f30..0bd5653dba 100644 --- a/test/afalgtest.c +++ b/test/afalgtest.c @@ -21,26 +21,7 @@ #ifndef OPENSSL_NO_ENGINE static ENGINE *e; -#endif - -#ifndef OPENSSL_NO_AFALGENG -# include -# define K_MAJ 4 -# define K_MIN1 1 -# define K_MIN2 0 -# if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2) -/* - * If we get here then it looks like there is a mismatch between the linux - * headers and the actual kernel version, so we have tried to compile with - * afalg support, but then skipped it in e_afalg.c. As far as this test is - * concerned we behave as if we had been configured without support - */ -# define OPENSSL_NO_AFALGENG -# endif -#endif - -#ifndef OPENSSL_NO_AFALGENG static int test_afalg_aes_cbc(int keysize_idx) { EVP_CIPHER_CTX *ctx; @@ -112,9 +93,25 @@ static int test_afalg_aes_cbc(int keysize_idx) EVP_CIPHER_CTX_free(ctx); return ret; } -#endif -#ifndef OPENSSL_NO_ENGINE +static int test_pr16743(void) +{ + int ret = 0; + const EVP_CIPHER * cipher; + EVP_CIPHER_CTX *ctx; + + if (!TEST_true(ENGINE_init(e))) + return 0; + cipher = ENGINE_get_cipher(e, NID_aes_128_cbc); + ctx = EVP_CIPHER_CTX_new(); + if (cipher != NULL && ctx != NULL) + ret = EVP_EncryptInit_ex(ctx, cipher, e, NULL, NULL); + TEST_true(ret); + EVP_CIPHER_CTX_free(ctx); + ENGINE_finish(e); + return ret; +} + int global_init(void) { ENGINE_load_builtin_engines(); @@ -132,9 +129,8 @@ int setup_tests(void) /* Probably a platform env issue, not a test failure. */ TEST_info("Can't load AFALG engine"); } else { -# ifndef OPENSSL_NO_AFALGENG ADD_ALL_TESTS(test_afalg_aes_cbc, 3); -# endif + ADD_TEST(test_pr16743); } #endif From bernd.edlinger at hotmail.de Wed Oct 6 13:21:14 2021 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Wed, 06 Oct 2021 13:21:14 +0000 Subject: [openssl] master update Message-ID: <1633526474.534923.7804.nullmailer@dev.openssl.org> The branch master has been updated via 64da15c40d15aac58e211fd25d00e9ae84d0379b (commit) via 39ed07454d8df794a36e2b6788043842a22b0909 (commit) from 6f6a5e0c7c41b6b3639e51f435cd98bb3ae061bc (commit) - Log ----------------------------------------------------------------- commit 64da15c40d15aac58e211fd25d00e9ae84d0379b Author: Bernd Edlinger Date: Sun May 24 16:14:02 2020 +0200 Replace the AES-128-CBC-HMAC-SHA1 cipher in e_ossltest.c This replaces the AES-128-CBC-HMAC-SHA1 cipher with a non-encrypting version for use the test suite. [extended tests] Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16693) commit 39ed07454d8df794a36e2b6788043842a22b0909 Author: Bernd Edlinger Date: Sun May 24 11:11:27 2020 +0200 Remove OPENSSL_ia32cap overrides in various test scripts The removed override was: OPENSSL_ia32cap=~0x200000200000000 which disables AESNI codepaths and PCLMULQDQ (useful for ghash). It is unclear why this was done, but it probably just hides bugs. [extended tests] Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16693) ----------------------------------------------------------------------- Summary of changes: engines/e_ossltest.c | 216 +++++++++++++++++++++++++++++++--- ssl/record/ssl3_record.c | 23 +--- ssl/record/tls_pad.c | 2 - ssl/tls_depr.c | 10 +- test/recipes/70-test_comp.t | 2 - test/recipes/70-test_key_share.t | 2 - test/recipes/70-test_renegotiation.t | 1 - test/recipes/70-test_sslcbcpadding.t | 1 - test/recipes/70-test_sslcertstatus.t | 1 - test/recipes/70-test_sslextension.t | 1 - test/recipes/70-test_sslmessages.t | 2 - test/recipes/70-test_sslrecords.t | 1 - test/recipes/70-test_sslsessiontick.t | 2 - test/recipes/70-test_sslsigalgs.t | 1 - test/recipes/70-test_sslsignature.t | 1 - test/recipes/70-test_sslskewith0p.t | 1 - test/recipes/70-test_sslversions.t | 2 - test/recipes/70-test_sslvertol.t | 1 - test/recipes/70-test_tls13alerts.t | 2 - test/recipes/70-test_tls13cookie.t | 2 - test/recipes/70-test_tls13downgrade.t | 2 - test/recipes/70-test_tls13hrr.t | 2 - test/recipes/70-test_tls13kexmodes.t | 3 - test/recipes/70-test_tls13messages.t | 2 - test/recipes/70-test_tls13psk.t | 2 - test/recipes/70-test_tlsextms.t | 2 - 26 files changed, 210 insertions(+), 77 deletions(-) diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c index 8479414f01..0506faa628 100644 --- a/engines/e_ossltest.c +++ b/engines/e_ossltest.c @@ -38,6 +38,7 @@ #include #include #include +#include #include "e_ossltest_err.c" @@ -247,21 +248,39 @@ static int ossltest_ciphers(ENGINE *, const EVP_CIPHER **, const int **, int); static int ossltest_cipher_nids[] = { - NID_aes_128_cbc, NID_aes_128_gcm, 0 + NID_aes_128_cbc, NID_aes_128_gcm, + NID_aes_128_cbc_hmac_sha1, 0 }; /* AES128 */ -int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); -int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); +static int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc); +static int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl); +static int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc); +static int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl); static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); +static int ossltest_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, + int enc); +static int ossltest_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + size_t inl); +static int ossltest_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, + int arg, void *ptr); + +typedef struct { + size_t payload_length; /* AAD length in decrypt case */ + unsigned int tls_ver; +} EVP_AES_HMAC_SHA1; static EVP_CIPHER *_hidden_aes_128_cbc = NULL; static const EVP_CIPHER *ossltest_aes_128_cbc(void) @@ -285,6 +304,7 @@ static const EVP_CIPHER *ossltest_aes_128_cbc(void) } return _hidden_aes_128_cbc; } + static EVP_CIPHER *_hidden_aes_128_gcm = NULL; #define AES_GCM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \ @@ -315,11 +335,45 @@ static const EVP_CIPHER *ossltest_aes_128_gcm(void) return _hidden_aes_128_gcm; } +static EVP_CIPHER *_hidden_aes_128_cbc_hmac_sha1 = NULL; + +static const EVP_CIPHER *ossltest_aes_128_cbc_hmac_sha1(void) +{ + if (_hidden_aes_128_cbc_hmac_sha1 == NULL + && ((_hidden_aes_128_cbc_hmac_sha1 + = EVP_CIPHER_meth_new(NID_aes_128_cbc_hmac_sha1, + 16 /* block size */, + 16 /* key len */)) == NULL + || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc_hmac_sha1,16) + || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc_hmac_sha1, + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | + EVP_CIPH_FLAG_AEAD_CIPHER) + || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1, + ossltest_aes128_cbc_hmac_sha1_init_key) + || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1, + ossltest_aes128_cbc_hmac_sha1_cipher) + || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc_hmac_sha1, + ossltest_aes128_cbc_hmac_sha1_ctrl) + || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_aes_128_cbc_hmac_sha1, + EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv) + || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_aes_128_cbc_hmac_sha1, + EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv) + || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc_hmac_sha1, + sizeof(EVP_AES_HMAC_SHA1)))) { + EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); + _hidden_aes_128_cbc_hmac_sha1 = NULL; + } + return _hidden_aes_128_cbc_hmac_sha1; +} + static void destroy_ciphers(void) { EVP_CIPHER_meth_free(_hidden_aes_128_cbc); EVP_CIPHER_meth_free(_hidden_aes_128_gcm); + EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); _hidden_aes_128_cbc = NULL; + _hidden_aes_128_gcm = NULL; + _hidden_aes_128_cbc_hmac_sha1 = NULL; } /* Key loading */ @@ -490,6 +544,9 @@ static int ossltest_ciphers(ENGINE *e, const EVP_CIPHER **cipher, case NID_aes_128_gcm: *cipher = ossltest_aes_128_gcm(); break; + case NID_aes_128_cbc_hmac_sha1: + *cipher = ossltest_aes_128_cbc_hmac_sha1(); + break; default: ok = 0; *cipher = NULL; @@ -634,14 +691,15 @@ static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md) * AES128 Implementation */ -int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) +static int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc) { return EVP_CIPHER_meth_get_init(EVP_aes_128_cbc()) (ctx, key, iv, enc); } -int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) +static int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) { unsigned char *tmpbuf; int ret; @@ -667,15 +725,15 @@ int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return ret; } -int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) +static int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc) { return EVP_CIPHER_meth_get_init(EVP_aes_128_gcm()) (ctx, key, iv, enc); } - -int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) +static int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) { unsigned char *tmpbuf = OPENSSL_malloc(inl); @@ -720,6 +778,128 @@ static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, return 1; } +#define NO_PAYLOAD_LENGTH ((size_t)-1) +# define data(ctx) ((EVP_AES_HMAC_SHA1 *)EVP_CIPHER_CTX_get_cipher_data(ctx)) + +static int ossltest_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *inkey, + const unsigned char *iv, + int enc) +{ + EVP_AES_HMAC_SHA1 *key = data(ctx); + key->payload_length = NO_PAYLOAD_LENGTH; + return 1; +} + +static int ossltest_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + size_t len) +{ + EVP_AES_HMAC_SHA1 *key = data(ctx); + unsigned int l; + size_t plen = key->payload_length; + + key->payload_length = NO_PAYLOAD_LENGTH; + + if (len % AES_BLOCK_SIZE) + return 0; + + if (EVP_CIPHER_CTX_is_encrypting(ctx)) { + if (plen == NO_PAYLOAD_LENGTH) + plen = len; + else if (len != + ((plen + SHA_DIGEST_LENGTH + + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)) + return 0; + + memmove(out, in, plen); + + if (plen != len) { /* "TLS" mode of operation */ + /* calculate HMAC and append it to payload */ + fill_known_data(out + plen, SHA_DIGEST_LENGTH); + + /* pad the payload|hmac */ + plen += SHA_DIGEST_LENGTH; + for (l = len - plen - 1; plen < len; plen++) + out[plen] = l; + } + } else { + /* decrypt HMAC|padding at once */ + memmove(out, in, len); + + if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */ + unsigned int maxpad, pad; + + if (key->tls_ver >= TLS1_1_VERSION) { + if (len < (AES_BLOCK_SIZE + SHA_DIGEST_LENGTH + 1)) + return 0; + + /* omit explicit iv */ + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; + len -= AES_BLOCK_SIZE; + } else if (len < (SHA_DIGEST_LENGTH + 1)) + return 0; + + /* figure out payload length */ + pad = out[len - 1]; + maxpad = len - (SHA_DIGEST_LENGTH + 1); + if (pad > maxpad) + return 0; + for (plen = len - pad - 1; plen < len; plen++) + if (out[plen] != pad) + return 0; + } + } + + return 1; +} + +static int ossltest_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, + int arg, void *ptr) +{ + EVP_AES_HMAC_SHA1 *key = data(ctx); + + switch (type) { + case EVP_CTRL_AEAD_SET_MAC_KEY: + return 1; + + case EVP_CTRL_AEAD_TLS1_AAD: + { + unsigned char *p = ptr; + unsigned int len; + + if (arg != EVP_AEAD_TLS1_AAD_LEN) + return -1; + + len = p[arg - 2] << 8 | p[arg - 1]; + key->tls_ver = p[arg - 4] << 8 | p[arg - 3]; + + if (EVP_CIPHER_CTX_is_encrypting(ctx)) { + key->payload_length = len; + if (key->tls_ver >= TLS1_1_VERSION) { + if (len < AES_BLOCK_SIZE) + return 0; + len -= AES_BLOCK_SIZE; + p[arg - 2] = len >> 8; + p[arg - 1] = len; + } + + return (int)(((len + SHA_DIGEST_LENGTH + + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) + - len); + } else { + key->payload_length = arg; + + return SHA_DIGEST_LENGTH; + } + } + default: + return -1; + } +} + static int ossltest_rand_bytes(unsigned char *buf, int num) { unsigned char val = 1; diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index b6ac61e0e8..c713f231ca 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -1218,23 +1218,17 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending, } if (!sending) { - /* Adjust the record to remove the explicit IV/MAC/Tag */ - if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_GCM_MODE) { - for (ctr = 0; ctr < n_recs; ctr++) { + for (ctr = 0; ctr < n_recs; ctr++) { + /* Adjust the record to remove the explicit IV/MAC/Tag */ + if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_GCM_MODE) { recs[ctr].data += EVP_GCM_TLS_EXPLICIT_IV_LEN; recs[ctr].input += EVP_GCM_TLS_EXPLICIT_IV_LEN; recs[ctr].length -= EVP_GCM_TLS_EXPLICIT_IV_LEN; - } - } else if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_CCM_MODE) { - for (ctr = 0; ctr < n_recs; ctr++) { + } else if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_CCM_MODE) { recs[ctr].data += EVP_CCM_TLS_EXPLICIT_IV_LEN; recs[ctr].input += EVP_CCM_TLS_EXPLICIT_IV_LEN; recs[ctr].length -= EVP_CCM_TLS_EXPLICIT_IV_LEN; - } - } - - for (ctr = 0; ctr < n_recs; ctr++) { - if (bs != 1 && SSL_USE_EXPLICIT_IV(s)) { + } else if (bs != 1 && SSL_USE_EXPLICIT_IV(s)) { if (recs[ctr].length < bs) return 0; recs[ctr].data += bs; @@ -1254,17 +1248,12 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending, (macs != NULL) ? &macs[ctr].alloced : NULL, bs, - macsize, + pad ? (size_t)pad : macsize, (EVP_CIPHER_get_flags(enc) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0, s->ctx->libctx)) return 0; } - if (pad) { - for (ctr = 0; ctr < n_recs; ctr++) { - recs[ctr].length -= pad; - } - } } } } diff --git a/ssl/record/tls_pad.c b/ssl/record/tls_pad.c index 46614e143b..528c605554 100644 --- a/ssl/record/tls_pad.c +++ b/ssl/record/tls_pad.c @@ -138,8 +138,6 @@ int tls1_cbc_remove_padding_and_mac(size_t *reclen, if (aead) { /* padding is already verified and we don't need to check the MAC */ *reclen -= padding_length + 1 + mac_size; - *mac = NULL; - *alloced = 0; return 1; } diff --git a/ssl/tls_depr.c b/ssl/tls_depr.c index 0b21ff7669..1761ba1d8e 100644 --- a/ssl/tls_depr.c +++ b/ssl/tls_depr.c @@ -27,6 +27,7 @@ void tls_engine_finish(ENGINE *e) const EVP_CIPHER *tls_get_cipher_from_engine(int nid) { + const EVP_CIPHER *ret = NULL; #ifndef OPENSSL_NO_ENGINE ENGINE *eng; @@ -36,15 +37,16 @@ const EVP_CIPHER *tls_get_cipher_from_engine(int nid) */ eng = ENGINE_get_cipher_engine(nid); if (eng != NULL) { + ret = ENGINE_get_cipher(eng, nid); ENGINE_finish(eng); - return EVP_get_cipherbynid(nid); } #endif - return NULL; + return ret; } const EVP_MD *tls_get_digest_from_engine(int nid) { + const EVP_MD *ret = NULL; #ifndef OPENSSL_NO_ENGINE ENGINE *eng; @@ -54,11 +56,11 @@ const EVP_MD *tls_get_digest_from_engine(int nid) */ eng = ENGINE_get_digest_engine(nid); if (eng != NULL) { + ret = ENGINE_get_digest(eng, nid); ENGINE_finish(eng); - return EVP_get_digestbynid(nid); } #endif - return NULL; + return ret; } #ifndef OPENSSL_NO_ENGINE diff --git a/test/recipes/70-test_comp.t b/test/recipes/70-test_comp.t index eeee29ac5c..11c70705f7 100644 --- a/test/recipes/70-test_comp.t +++ b/test/recipes/70-test_comp.t @@ -27,8 +27,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLSv1.3 or TLSv1.2 enabled" if disabled("tls1_3") && disabled("tls1_2"); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - use constant { MULTIPLE_COMPRESSIONS => 0, NON_NULL_COMPRESSION => 1 diff --git a/test/recipes/70-test_key_share.t b/test/recipes/70-test_key_share.t index ec722c7fcd..7fb8cba73a 100644 --- a/test/recipes/70-test_key_share.t +++ b/test/recipes/70-test_key_share.t @@ -63,8 +63,6 @@ plan skip_all => "$test_name needs TLS1.3 enabled" plan skip_all => "$test_name needs EC or DH enabled" if disabled("ec") && disabled("dh"); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - my $proxy = TLSProxy::Proxy->new( undef, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_renegotiation.t b/test/recipes/70-test_renegotiation.t index b7bc9c025a..37fbfd5854 100644 --- a/test/recipes/70-test_renegotiation.t +++ b/test/recipes/70-test_renegotiation.t @@ -28,7 +28,6 @@ plan skip_all => "$test_name needs TLS <= 1.2 enabled" plan tests => 5; -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; my $proxy = TLSProxy::Proxy->new( undef, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_sslcbcpadding.t b/test/recipes/70-test_sslcbcpadding.t index 7a1b3ba995..c24f315c60 100644 --- a/test/recipes/70-test_sslcbcpadding.t +++ b/test/recipes/70-test_sslcbcpadding.t @@ -28,7 +28,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLSv1.2 enabled" if disabled("tls1_2"); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; my $proxy = TLSProxy::Proxy->new( \&add_maximal_padding_filter, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_sslcertstatus.t b/test/recipes/70-test_sslcertstatus.t index 41c112ae6d..44b3839b95 100644 --- a/test/recipes/70-test_sslcertstatus.t +++ b/test/recipes/70-test_sslcertstatus.t @@ -30,7 +30,6 @@ plan skip_all => "$test_name needs TLS enabled" if alldisabled(available_protocols("tls")) || (!disabled("tls1_3") && disabled("tls1_2")); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; my $proxy = TLSProxy::Proxy->new( \&certstatus_filter, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_sslextension.t b/test/recipes/70-test_sslextension.t index c1893b8f06..37fba871e9 100644 --- a/test/recipes/70-test_sslextension.t +++ b/test/recipes/70-test_sslextension.t @@ -41,7 +41,6 @@ use constant { my $testtype; my $fatal_alert = 0; # set by filter on fatal alert -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; my $proxy = TLSProxy::Proxy->new( \&inject_duplicate_extension_clienthello, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_sslmessages.t b/test/recipes/70-test_sslmessages.t index abb0f5aff9..0afb700679 100644 --- a/test/recipes/70-test_sslmessages.t +++ b/test/recipes/70-test_sslmessages.t @@ -29,8 +29,6 @@ plan skip_all => "$test_name needs TLS enabled" if alldisabled(available_protocols("tls")) || (!disabled("tls1_3") && disabled("tls1_2")); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - my $proxy = TLSProxy::Proxy->new( undef, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_sslrecords.t b/test/recipes/70-test_sslrecords.t index 318c9235b0..30d9136bbc 100644 --- a/test/recipes/70-test_sslrecords.t +++ b/test/recipes/70-test_sslrecords.t @@ -28,7 +28,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLSv1.2 enabled" if disabled("tls1_2"); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; my $proxy = TLSProxy::Proxy->new( \&add_empty_recs_filter, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_sslsessiontick.t b/test/recipes/70-test_sslsessiontick.t index ad14577470..10ebe8cf33 100644 --- a/test/recipes/70-test_sslsessiontick.t +++ b/test/recipes/70-test_sslsessiontick.t @@ -27,8 +27,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs SSLv3, TLSv1, TLSv1.1 or TLSv1.2 enabled" if alldisabled(("ssl3", "tls1", "tls1_1", "tls1_2")); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - sub checkmessages($$$$$$); sub clearclient(); sub clearall(); diff --git a/test/recipes/70-test_sslsigalgs.t b/test/recipes/70-test_sslsigalgs.t index 48b9e43c3b..998dcc3794 100644 --- a/test/recipes/70-test_sslsigalgs.t +++ b/test/recipes/70-test_sslsigalgs.t @@ -26,7 +26,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLS1.2 or TLS1.3 enabled" if disabled("tls1_2") && disabled("tls1_3"); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; my $proxy = TLSProxy::Proxy->new( undef, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_sslsignature.t b/test/recipes/70-test_sslsignature.t index a9a77d5b8f..d27685bbec 100644 --- a/test/recipes/70-test_sslsignature.t +++ b/test/recipes/70-test_sslsignature.t @@ -26,7 +26,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLS enabled" if alldisabled(available_protocols("tls")); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; my $proxy = TLSProxy::Proxy->new( undef, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_sslskewith0p.t b/test/recipes/70-test_sslskewith0p.t index 9d2442fa12..c53925dcdd 100644 --- a/test/recipes/70-test_sslskewith0p.t +++ b/test/recipes/70-test_sslskewith0p.t @@ -29,7 +29,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLS enabled" if alldisabled(available_protocols("tls")); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; my $proxy = TLSProxy::Proxy->new( \&ske_0_p_filter, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_sslversions.t b/test/recipes/70-test_sslversions.t index 2123860d9c..66b5606db5 100644 --- a/test/recipes/70-test_sslversions.t +++ b/test/recipes/70-test_sslversions.t @@ -42,8 +42,6 @@ plan skip_all => "$test_name needs TLS1.3, TLS1.2 and TLS1.1 enabled" || disabled("tls1_2") || disabled("tls1_1"); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - my $proxy = TLSProxy::Proxy->new( undef, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_sslvertol.t b/test/recipes/70-test_sslvertol.t index d41085c9ec..073df9ad84 100644 --- a/test/recipes/70-test_sslvertol.t +++ b/test/recipes/70-test_sslvertol.t @@ -26,7 +26,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLS enabled" if alldisabled(available_protocols("tls")); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; my $proxy = TLSProxy::Proxy->new( \&vers_tolerance_filter, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_tls13alerts.t b/test/recipes/70-test_tls13alerts.t index 44d026c202..e71fd23edb 100644 --- a/test/recipes/70-test_tls13alerts.t +++ b/test/recipes/70-test_tls13alerts.t @@ -26,8 +26,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLS1.3 enabled" if disabled("tls1_3") || (disabled("ec") && disabled("dh")); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - my $proxy = TLSProxy::Proxy->new( undef, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_tls13cookie.t b/test/recipes/70-test_tls13cookie.t index a4b2a6222b..cc0cfd3aff 100644 --- a/test/recipes/70-test_tls13cookie.t +++ b/test/recipes/70-test_tls13cookie.t @@ -26,8 +26,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLS1.3 enabled" if disabled("tls1_3") || (disabled("ec") && disabled("dh")); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - use constant { COOKIE_ONLY => 0, COOKIE_AND_KEY_SHARE => 1 diff --git a/test/recipes/70-test_tls13downgrade.t b/test/recipes/70-test_tls13downgrade.t index 9e10a9c9c4..999a79e62a 100644 --- a/test/recipes/70-test_tls13downgrade.t +++ b/test/recipes/70-test_tls13downgrade.t @@ -28,8 +28,6 @@ plan skip_all => "$test_name needs TLS1.3 and TLS1.2 enabled" || (disabled("ec") && disabled("dh")) || disabled("tls1_2"); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - my $proxy = TLSProxy::Proxy->new( undef, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_tls13hrr.t b/test/recipes/70-test_tls13hrr.t index 845d40aed9..da38ae5bd4 100644 --- a/test/recipes/70-test_tls13hrr.t +++ b/test/recipes/70-test_tls13hrr.t @@ -26,8 +26,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLS1.3 enabled" if disabled("tls1_3") || (disabled("ec") && disabled("dh")); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - my $proxy = TLSProxy::Proxy->new( undef, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_tls13kexmodes.t b/test/recipes/70-test_tls13kexmodes.t index 6385885057..0d0681a838 100644 --- a/test/recipes/70-test_tls13kexmodes.t +++ b/test/recipes/70-test_tls13kexmodes.t @@ -31,9 +31,6 @@ plan skip_all => "$test_name needs TLSv1.3 enabled" plan skip_all => "$test_name needs EC enabled" if disabled("ec"); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - - @handmessages = ( [TLSProxy::Message::MT_CLIENT_HELLO, checkhandshake::ALL_HANDSHAKES], diff --git a/test/recipes/70-test_tls13messages.t b/test/recipes/70-test_tls13messages.t index 3113294f06..58b88a3ca8 100644 --- a/test/recipes/70-test_tls13messages.t +++ b/test/recipes/70-test_tls13messages.t @@ -31,8 +31,6 @@ plan skip_all => "$test_name needs TLSv1.3 enabled" plan skip_all => "$test_name needs EC enabled" if disabled("ec"); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - @handmessages = ( [TLSProxy::Message::MT_CLIENT_HELLO, checkhandshake::ALL_HANDSHAKES], diff --git a/test/recipes/70-test_tls13psk.t b/test/recipes/70-test_tls13psk.t index d24d52e35c..f36468de97 100644 --- a/test/recipes/70-test_tls13psk.t +++ b/test/recipes/70-test_tls13psk.t @@ -27,8 +27,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLSv1.3 enabled" if disabled("tls1_3") || (disabled("ec") && disabled("dh")); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - my $proxy = TLSProxy::Proxy->new( undef, cmdstr(app(["openssl"]), display => 1), diff --git a/test/recipes/70-test_tlsextms.t b/test/recipes/70-test_tlsextms.t index 20f980648d..a8b18c5f20 100644 --- a/test/recipes/70-test_tlsextms.t +++ b/test/recipes/70-test_tlsextms.t @@ -27,8 +27,6 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLSv1.0, TLSv1.1 or TLSv1.2 enabled" if disabled("tls1") && disabled("tls1_1") && disabled("tls1_2"); -$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - sub checkmessages($$$$$); sub setrmextms($$); sub clearall(); From tomas at openssl.org Wed Oct 6 15:23:46 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Wed, 06 Oct 2021 15:23:46 +0000 Subject: [openssl] master update Message-ID: <1633533826.860519.15528.nullmailer@dev.openssl.org> The branch master has been updated via e8655e16cab9cd14ebfe9f2214c2f2aa39c67a26 (commit) from 64da15c40d15aac58e211fd25d00e9ae84d0379b (commit) - Log ----------------------------------------------------------------- commit e8655e16cab9cd14ebfe9f2214c2f2aa39c67a26 Author: Tomas Mraz Date: Mon Oct 4 11:19:33 2021 +0200 s_socket.c: Avoid possible NULL pointer dereference Reviewed-by: Dmitry Belyavskiy Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/16736) ----------------------------------------------------------------------- Summary of changes: apps/lib/s_socket.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/apps/lib/s_socket.c b/apps/lib/s_socket.c index 4e262e681d..805a1f0f3d 100644 --- a/apps/lib/s_socket.c +++ b/apps/lib/s_socket.c @@ -82,7 +82,6 @@ int init_client(int *sock, const char *host, const char *port, BIO_ADDRINFO *bindaddr = NULL; const BIO_ADDRINFO *ai = NULL; const BIO_ADDRINFO *bi = NULL; - char *hostname = NULL; int found = 0; int ret; @@ -173,10 +172,6 @@ int init_client(int *sock, const char *host, const char *port, break; } - hostname = BIO_ADDR_hostname_string(BIO_ADDRINFO_address(ai), 1); - BIO_printf(bio_out, "Connecting to %s\n", hostname); - OPENSSL_free(hostname); - if (*sock == INVALID_SOCKET) { if (bindaddr != NULL && !found) { BIO_printf(bio_err, "Can't bind %saddress for %s%s%s\n", @@ -193,6 +188,13 @@ int init_client(int *sock, const char *host, const char *port, } ERR_print_errors(bio_err); } else { + char *hostname = NULL; + + hostname = BIO_ADDR_hostname_string(BIO_ADDRINFO_address(ai), 1); + if (hostname != NULL) { + BIO_printf(bio_out, "Connecting to %s\n", hostname); + OPENSSL_free(hostname); + } /* Remove any stale errors from previous connection attempts */ ERR_clear_error(); ret = 1; From bernd.edlinger at hotmail.de Thu Oct 7 14:04:11 2021 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 07 Oct 2021 14:04:11 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1633615451.572387.8051.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 503eb0e108ca5819dacd5ae171aedd37268654d9 (commit) from 2fd9c433712a08474af071cef538ffcd94dc4b57 (commit) - Log ----------------------------------------------------------------- commit 503eb0e108ca5819dacd5ae171aedd37268654d9 Author: Bernd Edlinger Date: Wed Oct 6 09:23:17 2021 +0200 Fix some possible memory leaks in EVP_CipherInit_ex An EVP_CONTEXT with zero cipher but non-zero engine, and/or cipher_data is possible if an error happens in EVP_CTRL_INIT or in EVP_CTRL_COPY, the error handling will just clear the cipher in that case. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16756) ----------------------------------------------------------------------- Summary of changes: crypto/evp/evp_enc.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index e3c165d48e..d835968f25 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -85,7 +85,11 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, * previous check attempted to avoid this if the same ENGINE and * EVP_CIPHER could be used). */ - if (ctx->cipher) { + if (ctx->cipher +#ifndef OPENSSL_NO_ENGINE + || ctx->engine +#endif + || ctx->cipher_data) { unsigned long flags = ctx->flags; EVP_CIPHER_CTX_reset(ctx); /* Restore encrypt and flags */ @@ -105,11 +109,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, /* There's an ENGINE for this job ... (apparently) */ const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid); if (!c) { - /* - * One positive side-effect of US's export control history, - * is that we should at least be able to avoid using US - * misspellings of "initialisation"? - */ + ENGINE_finish(impl); EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); return 0; } From dev at ddvo.net Thu Oct 7 14:05:01 2021 From: dev at ddvo.net (dev at ddvo.net) Date: Thu, 07 Oct 2021 14:05:01 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633615501.594930.9641.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 842118b747d0f6071f8624582e97b49658f063c1 (commit) from d5f6b038fe75f12603a67d0a67492aca4be9ccec (commit) - Log ----------------------------------------------------------------- commit 842118b747d0f6071f8624582e97b49658f063c1 Author: Dr. David von Oheimb Date: Tue Oct 5 12:54:15 2021 +0200 apps/x509: Fix self-signed check to happen before setting issuer name Fixes #16720 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16747) ----------------------------------------------------------------------- Summary of changes: apps/x509.c | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/apps/x509.c b/apps/x509.c index 3f0e2630f1..203ce919ba 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -235,6 +235,21 @@ static X509_REQ *x509_to_req(X509 *cert, int ext_copy, const char *names) return NULL; } +static int self_signed(X509_STORE *ctx, X509 *cert) +{ + X509_STORE_CTX *xsc = X509_STORE_CTX_new(); + int ret = 0; + + if (xsc == NULL || !X509_STORE_CTX_init(xsc, ctx, cert, NULL)) { + BIO_printf(bio_err, "Error initialising X509 store\n"); + } else { + X509_STORE_CTX_set_flags(xsc, X509_V_FLAG_CHECK_SS_SIGNATURE); + ret = X509_verify_cert(xsc) > 0; + } + X509_STORE_CTX_free(xsc); + return ret; +} + int x509_main(int argc, char **argv) { ASN1_INTEGER *sno = NULL; @@ -787,6 +802,8 @@ int x509_main(int argc, char **argv) sno = x509_load_serial(CAfile, CAserial, CA_createserial); if (sno == NULL) goto end; + if (!x509toreq && !reqfile && !newcert && !self_signed(ctx, x)) + goto end; } if (sno != NULL && !X509_set_serialNumber(x, sno)) @@ -856,21 +873,6 @@ int x509_main(int argc, char **argv) if (!do_X509_sign(x, privkey, digest, sigopts, &ext_ctx)) goto end; } else if (CAfile != NULL) { - if (!reqfile && !newcert) { /* certificate should be self-signed */ - X509_STORE_CTX *xsc = X509_STORE_CTX_new(); - - if (xsc == NULL || !X509_STORE_CTX_init(xsc, ctx, x, NULL)) { - BIO_printf(bio_err, "Error initialising X509 store\n"); - X509_STORE_CTX_free(xsc); - goto end; - } - X509_STORE_CTX_set_cert(xsc, x); - X509_STORE_CTX_set_flags(xsc, X509_V_FLAG_CHECK_SS_SIGNATURE); - i = X509_verify_cert(xsc); - X509_STORE_CTX_free(xsc); - if (i <= 0) - goto end; - } if ((CAkey = load_key(CAkeyfile, CAkeyformat, 0, passin, e, "CA private key")) == NULL) goto end; From dev at ddvo.net Thu Oct 7 14:05:47 2021 From: dev at ddvo.net (dev at ddvo.net) Date: Thu, 07 Oct 2021 14:05:47 +0000 Subject: [openssl] master update Message-ID: <1633615547.624374.11517.nullmailer@dev.openssl.org> The branch master has been updated via 18e0c544b01ed61e7eab61a6cd187c2f4eaa78bd (commit) from e8655e16cab9cd14ebfe9f2214c2f2aa39c67a26 (commit) - Log ----------------------------------------------------------------- commit 18e0c544b01ed61e7eab61a6cd187c2f4eaa78bd Author: Dr. David von Oheimb Date: Tue Oct 5 12:54:15 2021 +0200 apps/x509: Fix self-signed check to happen before setting issuer name Fixes #16720 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16747) ----------------------------------------------------------------------- Summary of changes: apps/x509.c | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/apps/x509.c b/apps/x509.c index 65af7f0d06..1f8a157c0e 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -235,6 +235,21 @@ static X509_REQ *x509_to_req(X509 *cert, int ext_copy, const char *names) return NULL; } +static int self_signed(X509_STORE *ctx, X509 *cert) +{ + X509_STORE_CTX *xsc = X509_STORE_CTX_new(); + int ret = 0; + + if (xsc == NULL || !X509_STORE_CTX_init(xsc, ctx, cert, NULL)) { + BIO_printf(bio_err, "Error initialising X509 store\n"); + } else { + X509_STORE_CTX_set_flags(xsc, X509_V_FLAG_CHECK_SS_SIGNATURE); + ret = X509_verify_cert(xsc) > 0; + } + X509_STORE_CTX_free(xsc); + return ret; +} + int x509_main(int argc, char **argv) { ASN1_INTEGER *sno = NULL; @@ -793,6 +808,8 @@ int x509_main(int argc, char **argv) sno = x509_load_serial(CAfile, CAserial, CA_createserial); if (sno == NULL) goto end; + if (!x509toreq && !reqfile && !newcert && !self_signed(ctx, x)) + goto end; } if (sno != NULL && !X509_set_serialNumber(x, sno)) @@ -862,21 +879,6 @@ int x509_main(int argc, char **argv) if (!do_X509_sign(x, privkey, digest, sigopts, &ext_ctx)) goto end; } else if (CAfile != NULL) { - if (!reqfile && !newcert) { /* certificate should be self-signed */ - X509_STORE_CTX *xsc = X509_STORE_CTX_new(); - - if (xsc == NULL || !X509_STORE_CTX_init(xsc, ctx, x, NULL)) { - BIO_printf(bio_err, "Error initialising X509 store\n"); - X509_STORE_CTX_free(xsc); - goto end; - } - X509_STORE_CTX_set_cert(xsc, x); - X509_STORE_CTX_set_flags(xsc, X509_V_FLAG_CHECK_SS_SIGNATURE); - i = X509_verify_cert(xsc); - X509_STORE_CTX_free(xsc); - if (i <= 0) - goto end; - } if ((CAkey = load_key(CAkeyfile, CAkeyformat, 0, passin, e, "CA private key")) == NULL) goto end; From bernd.edlinger at hotmail.de Thu Oct 7 14:06:24 2021 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 07 Oct 2021 14:06:24 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1633615584.745228.12938.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 14357a51130510d87fe5f31e45baaf70bd5c9027 (commit) from 503eb0e108ca5819dacd5ae171aedd37268654d9 (commit) - Log ----------------------------------------------------------------- commit 14357a51130510d87fe5f31e45baaf70bd5c9027 Author: Bernd Edlinger Date: Tue Oct 5 21:38:55 2021 +0200 Fix double-free in e_dasync.c When the cipher is copied, the inner_cihper_data need to be copied as well, using the EVP_CTRL_COPY method. The EVP_CIPH_CUSTOM_COPY bit needs to be set as well. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16751) ----------------------------------------------------------------------- Summary of changes: engines/e_dasync.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/engines/e_dasync.c b/engines/e_dasync.c index 07793037df..1f5d4117f2 100644 --- a/engines/e_dasync.c +++ b/engines/e_dasync.c @@ -244,7 +244,8 @@ static int bind_dasync(ENGINE *e) || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE - | EVP_CIPH_FLAG_PIPELINE) + | EVP_CIPH_FLAG_PIPELINE + | EVP_CIPH_CUSTOM_COPY) || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, dasync_aes128_init_key) || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, @@ -270,7 +271,8 @@ static int bind_dasync(ENGINE *e) EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_FLAG_AEAD_CIPHER - | EVP_CIPH_FLAG_PIPELINE) + | EVP_CIPH_FLAG_PIPELINE + | EVP_CIPH_CUSTOM_COPY) || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1, dasync_aes128_cbc_hmac_sha1_init_key) || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1, @@ -629,6 +631,21 @@ static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg, } } + case EVP_CTRL_COPY: + { + const EVP_CIPHER *cipher = aeadcapable + ? EVP_aes_128_cbc_hmac_sha1() + : EVP_aes_128_cbc(); + size_t data_size = EVP_CIPHER_impl_ctx_size(cipher); + void *cipher_data = OPENSSL_malloc(data_size); + + if (cipher_data == NULL) + return 0; + memcpy(cipher_data, pipe_ctx->inner_cipher_data, data_size); + pipe_ctx->inner_cipher_data = cipher_data; + return 1; + } + default: return 0; } From pauli at openssl.org Fri Oct 8 02:10:16 2021 From: pauli at openssl.org (Dr. Paul Dale) Date: Fri, 08 Oct 2021 02:10:16 +0000 Subject: [openssl] master update Message-ID: <1633659016.187521.7979.nullmailer@dev.openssl.org> The branch master has been updated via 0c75a7387d940468a530ee7470e0afce30f5a227 (commit) from 18e0c544b01ed61e7eab61a6cd187c2f4eaa78bd (commit) - Log ----------------------------------------------------------------- commit 0c75a7387d940468a530ee7470e0afce30f5a227 Author: Tobias Nie?en Date: Wed Oct 6 02:01:42 2021 +0200 Fix heading in random generator man7 page Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/16753) ----------------------------------------------------------------------- Summary of changes: doc/man7/RAND.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man7/RAND.pod b/doc/man7/RAND.pod index 39a7bcc81e..c4a630856c 100644 --- a/doc/man7/RAND.pod +++ b/doc/man7/RAND.pod @@ -54,7 +54,7 @@ only in exceptional cases and is not recommended, unless you have a profound knowledge of cryptographic principles and understand the implications of your changes. -=head1 DEAFULT SETUP +=head1 DEFAULT SETUP The default OpenSSL RAND method is based on the EVP_RAND deterministic random bit generator (DRBG) classes. From pauli at openssl.org Fri Oct 8 02:11:16 2021 From: pauli at openssl.org (Dr. Paul Dale) Date: Fri, 08 Oct 2021 02:11:16 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633659076.711004.9489.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 31ece182eea314ffe44dccb7d413ba16f29dc9ff (commit) from 842118b747d0f6071f8624582e97b49658f063c1 (commit) - Log ----------------------------------------------------------------- commit 31ece182eea314ffe44dccb7d413ba16f29dc9ff Author: Tobias Nie?en Date: Wed Oct 6 02:01:42 2021 +0200 Fix heading in random generator man7 page Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/16753) (cherry picked from commit 0c75a7387d940468a530ee7470e0afce30f5a227) ----------------------------------------------------------------------- Summary of changes: doc/man7/RAND.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man7/RAND.pod b/doc/man7/RAND.pod index 39a7bcc81e..c4a630856c 100644 --- a/doc/man7/RAND.pod +++ b/doc/man7/RAND.pod @@ -54,7 +54,7 @@ only in exceptional cases and is not recommended, unless you have a profound knowledge of cryptographic principles and understand the implications of your changes. -=head1 DEAFULT SETUP +=head1 DEFAULT SETUP The default OpenSSL RAND method is based on the EVP_RAND deterministic random bit generator (DRBG) classes. From tomas at openssl.org Fri Oct 8 09:47:03 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Fri, 08 Oct 2021 09:47:03 +0000 Subject: [openssl] master update Message-ID: <1633686423.754862.10357.nullmailer@dev.openssl.org> The branch master has been updated via 59a3e7b29574ff45f62e825f6e9923f45060f142 (commit) from 0c75a7387d940468a530ee7470e0afce30f5a227 (commit) - Log ----------------------------------------------------------------- commit 59a3e7b29574ff45f62e825f6e9923f45060f142 Author: PW Hu Date: Thu Oct 7 11:50:59 2021 +0800 Fix unsafe BIO_get_md_ctx check Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16768) ----------------------------------------------------------------------- Summary of changes: apps/dgst.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/dgst.c b/apps/dgst.c index 36a8c6fb08..bd23b76996 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -335,7 +335,7 @@ int dgst_main(int argc, char **argv) EVP_PKEY_CTX *pctx = NULL; int res; - if (!BIO_get_md_ctx(bmd, &mctx)) { + if (BIO_get_md_ctx(bmd, &mctx) <= 0) { BIO_printf(bio_err, "Error getting context\n"); goto end; } @@ -362,7 +362,7 @@ int dgst_main(int argc, char **argv) /* we use md as a filter, reading from 'in' */ else { EVP_MD_CTX *mctx = NULL; - if (!BIO_get_md_ctx(bmd, &mctx)) { + if (BIO_get_md_ctx(bmd, &mctx) <= 0) { BIO_printf(bio_err, "Error getting context\n"); goto end; } From tomas at openssl.org Fri Oct 8 09:47:45 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Fri, 08 Oct 2021 09:47:45 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633686465.788190.11615.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 4c09066ca62130c3a80365b1f94ade6c32b5d13b (commit) from 31ece182eea314ffe44dccb7d413ba16f29dc9ff (commit) - Log ----------------------------------------------------------------- commit 4c09066ca62130c3a80365b1f94ade6c32b5d13b Author: PW Hu Date: Thu Oct 7 11:50:59 2021 +0800 Fix unsafe BIO_get_md_ctx check Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16768) (cherry picked from commit 59a3e7b29574ff45f62e825f6e9923f45060f142) ----------------------------------------------------------------------- Summary of changes: apps/dgst.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/dgst.c b/apps/dgst.c index 36a8c6fb08..bd23b76996 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -335,7 +335,7 @@ int dgst_main(int argc, char **argv) EVP_PKEY_CTX *pctx = NULL; int res; - if (!BIO_get_md_ctx(bmd, &mctx)) { + if (BIO_get_md_ctx(bmd, &mctx) <= 0) { BIO_printf(bio_err, "Error getting context\n"); goto end; } @@ -362,7 +362,7 @@ int dgst_main(int argc, char **argv) /* we use md as a filter, reading from 'in' */ else { EVP_MD_CTX *mctx = NULL; - if (!BIO_get_md_ctx(bmd, &mctx)) { + if (BIO_get_md_ctx(bmd, &mctx) <= 0) { BIO_printf(bio_err, "Error getting context\n"); goto end; } From beldmit at gmail.com Sat Oct 9 08:32:24 2021 From: beldmit at gmail.com (beldmit at gmail.com) Date: Sat, 09 Oct 2021 08:32:24 +0000 Subject: [openssl] master update Message-ID: <1633768344.268867.3584.nullmailer@dev.openssl.org> The branch master has been updated via 0ce0c455862ed29bd7f2acdbddbe8d0b1783c1c9 (commit) from 59a3e7b29574ff45f62e825f6e9923f45060f142 (commit) - Log ----------------------------------------------------------------- commit 0ce0c455862ed29bd7f2acdbddbe8d0b1783c1c9 Author: Dmitry Belyavskiy Date: Thu Oct 7 19:14:50 2021 +0200 Bindhost/bindport should be freed Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16775) ----------------------------------------------------------------------- Summary of changes: apps/s_client.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apps/s_client.c b/apps/s_client.c index 6ccb7a42d0..760d2de550 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -3056,6 +3056,8 @@ int s_client_main(int argc, char **argv) #endif OPENSSL_free(connectstr); OPENSSL_free(bindstr); + OPENSSL_free(bindhost); + OPENSSL_free(bindport); OPENSSL_free(host); OPENSSL_free(port); OPENSSL_free(thost); From beldmit at gmail.com Sat Oct 9 08:33:03 2021 From: beldmit at gmail.com (beldmit at gmail.com) Date: Sat, 09 Oct 2021 08:33:03 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633768383.892715.4701.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via cc51b5d641b098b0188e04f7f8bb3b33b1aa465e (commit) from 4c09066ca62130c3a80365b1f94ade6c32b5d13b (commit) - Log ----------------------------------------------------------------- commit cc51b5d641b098b0188e04f7f8bb3b33b1aa465e Author: Dmitry Belyavskiy Date: Thu Oct 7 19:14:50 2021 +0200 Bindhost/bindport should be freed Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16775) (cherry picked from commit 0ce0c455862ed29bd7f2acdbddbe8d0b1783c1c9) ----------------------------------------------------------------------- Summary of changes: apps/s_client.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apps/s_client.c b/apps/s_client.c index 3b9be0e8c2..9ae2e22c1e 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -3040,6 +3040,8 @@ int s_client_main(int argc, char **argv) #endif OPENSSL_free(connectstr); OPENSSL_free(bindstr); + OPENSSL_free(bindhost); + OPENSSL_free(bindport); OPENSSL_free(host); OPENSSL_free(port); OPENSSL_free(thost); From beldmit at gmail.com Sat Oct 9 08:34:48 2021 From: beldmit at gmail.com (beldmit at gmail.com) Date: Sat, 09 Oct 2021 08:34:48 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1633768488.033703.5961.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via a653e037ef0236ea9cd84ec4c94f0bb94aca56ab (commit) from 14357a51130510d87fe5f31e45baaf70bd5c9027 (commit) - Log ----------------------------------------------------------------- commit a653e037ef0236ea9cd84ec4c94f0bb94aca56ab Author: Dmitry Belyavskiy Date: Thu Oct 7 19:14:50 2021 +0200 Bindhost/bindport should be freed Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16775) (cherry picked from commit 0ce0c455862ed29bd7f2acdbddbe8d0b1783c1c9) ----------------------------------------------------------------------- Summary of changes: apps/s_client.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apps/s_client.c b/apps/s_client.c index 83b3fc9c7f..fe34487787 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -3151,6 +3151,8 @@ int s_client_main(int argc, char **argv) #endif OPENSSL_free(connectstr); OPENSSL_free(bindstr); + OPENSSL_free(bindhost); + OPENSSL_free(bindport); OPENSSL_free(host); OPENSSL_free(port); X509_VERIFY_PARAM_free(vpm); From pauli at openssl.org Sat Oct 9 13:30:00 2021 From: pauli at openssl.org (Dr. Paul Dale) Date: Sat, 09 Oct 2021 13:30:00 +0000 Subject: [openssl] master update Message-ID: <1633786200.461971.29060.nullmailer@dev.openssl.org> The branch master has been updated via 78de5a94d8e2b0a27ae026de29c195e944a49c6d (commit) via 747d142318c5c9ecd80de3f061f54d7af4189039 (commit) via 8e61832ed7f59c15da003aa86aeaa4e5f44df711 (commit) from 0ce0c455862ed29bd7f2acdbddbe8d0b1783c1c9 (commit) - Log ----------------------------------------------------------------- commit 78de5a94d8e2b0a27ae026de29c195e944a49c6d Author: Pauli Date: Thu Sep 30 11:39:41 2021 +1000 doc: document that property names are unique Both queries and definitions only support each individual name appearing once. It is an error to have a name appear more than once. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16716) commit 747d142318c5c9ecd80de3f061f54d7af4189039 Author: Pauli Date: Thu Sep 30 11:35:32 2021 +1000 test: add failure testing for property parsing Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16716) commit 8e61832ed7f59c15da003aa86aeaa4e5f44df711 Author: Pauli Date: Thu Sep 30 11:33:37 2021 +1000 property: produce error if a name is duplicated Neither queries nor definitions handle duplicated property names well. Make having such an error. Fixes #16715 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16716) ----------------------------------------------------------------------- Summary of changes: crypto/property/property_parse.c | 20 ++++++++++++++--- doc/man7/property.pod | 4 +++- test/property_test.c | 47 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 67 insertions(+), 4 deletions(-) diff --git a/crypto/property/property_parse.c b/crypto/property/property_parse.c index 21228b4a39..3673fd7b05 100644 --- a/crypto/property/property_parse.c +++ b/crypto/property/property_parse.c @@ -277,12 +277,16 @@ static void pd_free(OSSL_PROPERTY_DEFINITION *pd) /* * Convert a stack of property definitions and queries into a fixed array. * The items are sorted for efficient query. The stack is not freed. + * This function also checks for duplicated names and returns an error if + * any exist. */ static OSSL_PROPERTY_LIST * -stack_to_property_list(STACK_OF(OSSL_PROPERTY_DEFINITION) *sk) +stack_to_property_list(OSSL_LIB_CTX *ctx, + STACK_OF(OSSL_PROPERTY_DEFINITION) *sk) { const int n = sk_OSSL_PROPERTY_DEFINITION_num(sk); OSSL_PROPERTY_LIST *r; + OSSL_PROPERTY_IDX prev_name_idx = 0; int i; r = OPENSSL_malloc(sizeof(*r) @@ -294,6 +298,16 @@ stack_to_property_list(STACK_OF(OSSL_PROPERTY_DEFINITION) *sk) for (i = 0; i < n; i++) { r->properties[i] = *sk_OSSL_PROPERTY_DEFINITION_value(sk, i); r->has_optional |= r->properties[i].optional; + + /* Check for duplicated names */ + if (i > 0 && r->properties[i].name_idx == prev_name_idx) { + OPENSSL_free(r); + ERR_raise_data(ERR_LIB_PROP, PROP_R_PARSE_FAILED, + "Duplicated name `%s'", + ossl_property_name_str(ctx, prev_name_idx)); + return NULL; + } + prev_name_idx = r->properties[i].name_idx; } r->num_properties = n; } @@ -351,7 +365,7 @@ OSSL_PROPERTY_LIST *ossl_parse_property(OSSL_LIB_CTX *ctx, const char *defn) "HERE-->%s", s); goto err; } - res = stack_to_property_list(sk); + res = stack_to_property_list(ctx, sk); err: OPENSSL_free(prop); @@ -414,7 +428,7 @@ skip_value: "HERE-->%s", s); goto err; } - res = stack_to_property_list(sk); + res = stack_to_property_list(ctx, sk); err: OPENSSL_free(prop); diff --git a/doc/man7/property.pod b/doc/man7/property.pod index a75f262246..109336ba47 100644 --- a/doc/man7/property.pod +++ b/doc/man7/property.pod @@ -41,7 +41,8 @@ property names like A I is a I pair. A I is a sequence of comma separated properties. -There can be any number of properties in a definition. +There can be any number of properties in a definition, however each name must +be unique. For example: "" defines an empty property definition (i.e., no restriction); "my.foo=bar" defines a property named I which has a string value I and "iteration.count=3" defines a property named I which @@ -68,6 +69,7 @@ Matching such clauses is not a requirement, but any additional optional match counts in favor of the algorithm. More details about that in the B section. A I is a sequence of comma separated property query clauses. +It is an error if a property name appears in more than one query clause. The full syntax for property queries appears below, but the available syntactic features are: diff --git a/test/property_test.c b/test/property_test.c index 6cc8eec138..c23ddb0f99 100644 --- a/test/property_test.c +++ b/test/property_test.c @@ -145,6 +145,52 @@ static int test_property_query_value_create(void) return r; } +static const struct { + int query; + const char *ps; +} parse_error_tests[] = { + { 0, "n=1, n=1" }, /* duplicate name */ + { 0, "n=1, a=hi, n=1" }, /* duplicate name */ + { 1, "n=1, a=bye, ?n=0" }, /* duplicate name */ + { 0, "a=abc,#@!, n=1" }, /* non-ASCII character located */ + { 1, "a='Hello" }, /* Unterminated string */ + { 0, "a=\"World" }, /* Unterminated string */ + { 1, "a=2, n=012345678" }, /* Bad octal digit */ + { 0, "n=0x28FG, a=3" }, /* Bad hex digit */ + { 0, "n=145d, a=2" }, /* Bad decimal digit */ + { 1, "@='hello'" }, /* Invalid name */ + { 1, "n0123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789=yes" }, /* Name too long */ + { 0, ".n=3" }, /* Invalid name */ + { 1, "fnord.fnord.=3" } /* Invalid name */ +}; + +static int test_property_parse_error(int n) +{ + OSSL_METHOD_STORE *store; + OSSL_PROPERTY_LIST *p = NULL; + int r = 0; + const char *ps; + + if (!TEST_ptr(store = ossl_method_store_new(NULL)) + || !add_property_names("a", "n", NULL)) + goto err; + ps = parse_error_tests[n].ps; + if (parse_error_tests[n].query) { + if (!TEST_ptr_null(p = ossl_parse_query(NULL, ps, 1))) + goto err; + } else if (!TEST_ptr_null(p = ossl_parse_property(NULL, ps))) { + goto err; + } + r = 1; + err: + ossl_property_free(p); + ossl_method_store_free(store); + return r; +} + static const struct { const char *q_global; const char *q_local; @@ -493,6 +539,7 @@ int setup_tests(void) ADD_TEST(test_property_string); ADD_TEST(test_property_query_value_create); ADD_ALL_TESTS(test_property_parse, OSSL_NELEM(parser_tests)); + ADD_ALL_TESTS(test_property_parse_error, OSSL_NELEM(parse_error_tests)); ADD_ALL_TESTS(test_property_merge, OSSL_NELEM(merge_tests)); ADD_TEST(test_property_defn_cache); ADD_ALL_TESTS(test_definition_compares, OSSL_NELEM(definition_tests)); From pauli at openssl.org Sat Oct 9 13:30:48 2021 From: pauli at openssl.org (Dr. Paul Dale) Date: Sat, 09 Oct 2021 13:30:48 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633786248.808815.30864.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 6e3d51ae6826850580138790bcc13ac7c01d7b47 (commit) from cc51b5d641b098b0188e04f7f8bb3b33b1aa465e (commit) - Log ----------------------------------------------------------------- commit 6e3d51ae6826850580138790bcc13ac7c01d7b47 Author: Pauli Date: Thu Sep 30 11:33:37 2021 +1000 property: produce error if a name is duplicated Neither queries nor definitions handle duplicated property names well. Make having such an error. Fixes #16715 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16716) (cherry picked from commit 8e61832ed7f59c15da003aa86aeaa4e5f44df711) ----------------------------------------------------------------------- Summary of changes: crypto/property/property_parse.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/crypto/property/property_parse.c b/crypto/property/property_parse.c index 21228b4a39..3673fd7b05 100644 --- a/crypto/property/property_parse.c +++ b/crypto/property/property_parse.c @@ -277,12 +277,16 @@ static void pd_free(OSSL_PROPERTY_DEFINITION *pd) /* * Convert a stack of property definitions and queries into a fixed array. * The items are sorted for efficient query. The stack is not freed. + * This function also checks for duplicated names and returns an error if + * any exist. */ static OSSL_PROPERTY_LIST * -stack_to_property_list(STACK_OF(OSSL_PROPERTY_DEFINITION) *sk) +stack_to_property_list(OSSL_LIB_CTX *ctx, + STACK_OF(OSSL_PROPERTY_DEFINITION) *sk) { const int n = sk_OSSL_PROPERTY_DEFINITION_num(sk); OSSL_PROPERTY_LIST *r; + OSSL_PROPERTY_IDX prev_name_idx = 0; int i; r = OPENSSL_malloc(sizeof(*r) @@ -294,6 +298,16 @@ stack_to_property_list(STACK_OF(OSSL_PROPERTY_DEFINITION) *sk) for (i = 0; i < n; i++) { r->properties[i] = *sk_OSSL_PROPERTY_DEFINITION_value(sk, i); r->has_optional |= r->properties[i].optional; + + /* Check for duplicated names */ + if (i > 0 && r->properties[i].name_idx == prev_name_idx) { + OPENSSL_free(r); + ERR_raise_data(ERR_LIB_PROP, PROP_R_PARSE_FAILED, + "Duplicated name `%s'", + ossl_property_name_str(ctx, prev_name_idx)); + return NULL; + } + prev_name_idx = r->properties[i].name_idx; } r->num_properties = n; } @@ -351,7 +365,7 @@ OSSL_PROPERTY_LIST *ossl_parse_property(OSSL_LIB_CTX *ctx, const char *defn) "HERE-->%s", s); goto err; } - res = stack_to_property_list(sk); + res = stack_to_property_list(ctx, sk); err: OPENSSL_free(prop); @@ -414,7 +428,7 @@ skip_value: "HERE-->%s", s); goto err; } - res = stack_to_property_list(sk); + res = stack_to_property_list(ctx, sk); err: OPENSSL_free(prop); From pauli at openssl.org Sat Oct 9 13:31:08 2021 From: pauli at openssl.org (Dr. Paul Dale) Date: Sat, 09 Oct 2021 13:31:08 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633786268.945675.32375.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via c3b89fc770f3e83ddd0976403c1b321496778b38 (commit) from 6e3d51ae6826850580138790bcc13ac7c01d7b47 (commit) - Log ----------------------------------------------------------------- commit c3b89fc770f3e83ddd0976403c1b321496778b38 Author: Pauli Date: Thu Sep 30 11:35:32 2021 +1000 test: add failure testing for property parsing Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16716) (cherry picked from commit 747d142318c5c9ecd80de3f061f54d7af4189039) ----------------------------------------------------------------------- Summary of changes: test/property_test.c | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/test/property_test.c b/test/property_test.c index 6cc8eec138..c23ddb0f99 100644 --- a/test/property_test.c +++ b/test/property_test.c @@ -145,6 +145,52 @@ static int test_property_query_value_create(void) return r; } +static const struct { + int query; + const char *ps; +} parse_error_tests[] = { + { 0, "n=1, n=1" }, /* duplicate name */ + { 0, "n=1, a=hi, n=1" }, /* duplicate name */ + { 1, "n=1, a=bye, ?n=0" }, /* duplicate name */ + { 0, "a=abc,#@!, n=1" }, /* non-ASCII character located */ + { 1, "a='Hello" }, /* Unterminated string */ + { 0, "a=\"World" }, /* Unterminated string */ + { 1, "a=2, n=012345678" }, /* Bad octal digit */ + { 0, "n=0x28FG, a=3" }, /* Bad hex digit */ + { 0, "n=145d, a=2" }, /* Bad decimal digit */ + { 1, "@='hello'" }, /* Invalid name */ + { 1, "n0123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789=yes" }, /* Name too long */ + { 0, ".n=3" }, /* Invalid name */ + { 1, "fnord.fnord.=3" } /* Invalid name */ +}; + +static int test_property_parse_error(int n) +{ + OSSL_METHOD_STORE *store; + OSSL_PROPERTY_LIST *p = NULL; + int r = 0; + const char *ps; + + if (!TEST_ptr(store = ossl_method_store_new(NULL)) + || !add_property_names("a", "n", NULL)) + goto err; + ps = parse_error_tests[n].ps; + if (parse_error_tests[n].query) { + if (!TEST_ptr_null(p = ossl_parse_query(NULL, ps, 1))) + goto err; + } else if (!TEST_ptr_null(p = ossl_parse_property(NULL, ps))) { + goto err; + } + r = 1; + err: + ossl_property_free(p); + ossl_method_store_free(store); + return r; +} + static const struct { const char *q_global; const char *q_local; @@ -493,6 +539,7 @@ int setup_tests(void) ADD_TEST(test_property_string); ADD_TEST(test_property_query_value_create); ADD_ALL_TESTS(test_property_parse, OSSL_NELEM(parser_tests)); + ADD_ALL_TESTS(test_property_parse_error, OSSL_NELEM(parse_error_tests)); ADD_ALL_TESTS(test_property_merge, OSSL_NELEM(merge_tests)); ADD_TEST(test_property_defn_cache); ADD_ALL_TESTS(test_definition_compares, OSSL_NELEM(definition_tests)); From pauli at openssl.org Sat Oct 9 13:31:36 2021 From: pauli at openssl.org (Dr. Paul Dale) Date: Sat, 09 Oct 2021 13:31:36 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633786296.277732.1615.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via ce5b392c8dc99f849dabea8bc9a21f66908b4188 (commit) from c3b89fc770f3e83ddd0976403c1b321496778b38 (commit) - Log ----------------------------------------------------------------- commit ce5b392c8dc99f849dabea8bc9a21f66908b4188 Author: Pauli Date: Thu Sep 30 11:39:41 2021 +1000 doc: document that property names are unique Both queries and definitions only support each individual name appearing once. It is an error to have a name appear more than once. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16716) (cherry picked from commit 78de5a94d8e2b0a27ae026de29c195e944a49c6d) ----------------------------------------------------------------------- Summary of changes: doc/man7/property.pod | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/doc/man7/property.pod b/doc/man7/property.pod index a75f262246..109336ba47 100644 --- a/doc/man7/property.pod +++ b/doc/man7/property.pod @@ -41,7 +41,8 @@ property names like A I is a I pair. A I is a sequence of comma separated properties. -There can be any number of properties in a definition. +There can be any number of properties in a definition, however each name must +be unique. For example: "" defines an empty property definition (i.e., no restriction); "my.foo=bar" defines a property named I which has a string value I and "iteration.count=3" defines a property named I which @@ -68,6 +69,7 @@ Matching such clauses is not a requirement, but any additional optional match counts in favor of the algorithm. More details about that in the B section. A I is a sequence of comma separated property query clauses. +It is an error if a property name appears in more than one query clause. The full syntax for property queries appears below, but the available syntactic features are: From no-reply at appveyor.com Sat Oct 9 16:33:28 2021 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 09 Oct 2021 16:33:28 +0000 Subject: Build failed: openssl master.42837 Message-ID: <20211009163328.1.B936D2FCDF80163E@appveyor.com> An HTML attachment was scrubbed... URL: From beldmit at gmail.com Sat Oct 9 17:59:34 2021 From: beldmit at gmail.com (beldmit at gmail.com) Date: Sat, 09 Oct 2021 17:59:34 +0000 Subject: [openssl] master update Message-ID: <1633802374.765305.13774.nullmailer@dev.openssl.org> The branch master has been updated via 518ce65d93692ecd4c004b96b47d58da8e5922ea (commit) via a4c4090c21058a75e8bf1ffcc469b6d9755c55ce (commit) via 61cab65029e787d59d3f3138e0160adb8df85f99 (commit) via b3a33dac8880b88038083b64d234506659921436 (commit) from 78de5a94d8e2b0a27ae026de29c195e944a49c6d (commit) - Log ----------------------------------------------------------------- commit 518ce65d93692ecd4c004b96b47d58da8e5922ea Author: Matt Caswell Date: Fri Oct 8 13:45:51 2021 +0100 Update gost-engine to the latest version Update the gost-engine submodule to pick up the latest version including fixes for the default security level of 2. Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/16760) commit a4c4090c21058a75e8bf1ffcc469b6d9755c55ce Author: Matt Caswell Date: Wed Oct 6 15:08:43 2021 +0100 Update document for default security level change Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/16760) commit 61cab65029e787d59d3f3138e0160adb8df85f99 Author: Matt Caswell Date: Tue Oct 5 17:30:09 2021 +0100 Fix tests for new default security level Fix tests that were expecting a default security level of 1 to work with the new default of 2. Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/16760) commit b3a33dac8880b88038083b64d234506659921436 Author: Matt Caswell Date: Tue Oct 5 17:29:35 2021 +0100 Increase the default security level to 2 OTC voted to increase the security level from 1 to 2 Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/16760) ----------------------------------------------------------------------- Summary of changes: CHANGES.md | 9 ++ doc/man3/SSL_CTX_set_security_level.pod | 8 +- gost-engine | 2 +- include/openssl/tls1.h | 2 +- test/ssl-tests/12-ct.cnf | 24 ++-- test/ssl-tests/12-ct.cnf.in | 18 ++- test/ssl-tests/14-curves.cnf | 220 ++++++++++++++++---------------- test/ssl-tests/14-curves.cnf.in | 9 +- test/ssl-tests/22-compression.cnf | 32 ++--- test/ssl-tests/22-compression.cnf.in | 16 +++ test/sslapitest.c | 24 +++- 11 files changed, 207 insertions(+), 157 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 963289ca09..4902332206 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -24,6 +24,15 @@ OpenSSL 3.1 ### Changes between 3.0 and 3.1 [xx XXX xxxx] + * The default SSL/TLS security level has been changed from 1 to 2. RSA, + DSA and DH keys of 1024 bits and above and less than 2048 bits and ECC keys + of 160 bits and above and less than 224 bits were previously accepted by + default but are now no longer allowed. By default TLS compression was + already disabled in previous OpenSSL versions. At security level 2 it cannot + be enabled. + + *Matt Caswell* + * The SSL_CTX_set_cipher_list family functions now accept ciphers using their IANA standard names. diff --git a/doc/man3/SSL_CTX_set_security_level.pod b/doc/man3/SSL_CTX_set_security_level.pod index d9965572c8..85dae713f0 100644 --- a/doc/man3/SSL_CTX_set_security_level.pod +++ b/doc/man3/SSL_CTX_set_security_level.pod @@ -75,10 +75,8 @@ OpenSSL. The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits -are prohibited. All export cipher suites are prohibited since they all offer -less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite -using MD5 for the MAC is also prohibited. Any cipher suites using CCM with -a 64 bit authentication tag are prohibited. +are prohibited. Any cipher suite using MD5 for the MAC is also prohibited. Any +cipher suites using CCM with a 64 bit authentication tag are prohibited. =item B @@ -116,7 +114,7 @@ I =head1 NOTES The default security level can be configured when OpenSSL is compiled by -setting B<-DOPENSSL_TLS_SECURITY_LEVEL=level>. If not set then 1 is used. +setting B<-DOPENSSL_TLS_SECURITY_LEVEL=level>. If not set then 2 is used. The security framework disables or reject parameters inconsistent with the set security level. In the past this was difficult as applications had to set diff --git a/gost-engine b/gost-engine index 9869058423..a6014f3569 160000 --- a/gost-engine +++ b/gost-engine @@ -1 +1 @@ -Subproject commit 986905842330e4a54e61334eb508fe3147c43e38 +Subproject commit a6014f3569ca1819b6d3060124f8cdc5125f074e diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h index d6e9331fa1..7be6d473f8 100644 --- a/include/openssl/tls1.h +++ b/include/openssl/tls1.h @@ -28,7 +28,7 @@ extern "C" { /* Default security level if not overridden at config time */ # ifndef OPENSSL_TLS_SECURITY_LEVEL -# define OPENSSL_TLS_SECURITY_LEVEL 1 +# define OPENSSL_TLS_SECURITY_LEVEL 2 # endif /* TLS*_VERSION constants are defined in prov_ssl.h */ diff --git a/test/ssl-tests/12-ct.cnf b/test/ssl-tests/12-ct.cnf index 2e6e9dea67..369c5d4e8e 100644 --- a/test/ssl-tests/12-ct.cnf +++ b/test/ssl-tests/12-ct.cnf @@ -19,11 +19,11 @@ client = 0-ct-permissive-without-scts-client [0-ct-permissive-without-scts-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-ct-permissive-without-scts-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -46,11 +46,11 @@ client = 1-ct-permissive-with-scts-client [1-ct-permissive-with-scts-server] Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem [1-ct-permissive-with-scts-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem VerifyMode = Peer @@ -73,11 +73,11 @@ client = 2-ct-strict-without-scts-client [2-ct-strict-without-scts-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [2-ct-strict-without-scts-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -101,11 +101,11 @@ client = 3-ct-strict-with-scts-client [3-ct-strict-with-scts-server] Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem [3-ct-strict-with-scts-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem VerifyMode = Peer @@ -130,11 +130,11 @@ resume-client = 4-ct-permissive-resumption-client [4-ct-permissive-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem [4-ct-permissive-resumption-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem VerifyMode = Peer @@ -162,11 +162,11 @@ resume-client = 5-ct-strict-resumption-resume-client [5-ct-strict-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem [5-ct-strict-resumption-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem VerifyMode = Peer diff --git a/test/ssl-tests/12-ct.cnf.in b/test/ssl-tests/12-ct.cnf.in index bf34e4b5e7..93890b9fce 100644 --- a/test/ssl-tests/12-ct.cnf.in +++ b/test/ssl-tests/12-ct.cnf.in @@ -18,8 +18,11 @@ package ssltests; our @tests = ( { name => "ct-permissive-without-scts", - server => { }, + server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', + }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', extra => { "CTValidation" => "Permissive", }, @@ -31,10 +34,12 @@ our @tests = ( { name => "ct-permissive-with-scts", server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "Certificate" => test_pem("embeddedSCTs1.pem"), "PrivateKey" => test_pem("embeddedSCTs1-key.pem"), }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"), extra => { "CTValidation" => "Permissive", @@ -46,8 +51,11 @@ our @tests = ( }, { name => "ct-strict-without-scts", - server => { }, + server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', + }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', extra => { "CTValidation" => "Strict", }, @@ -60,10 +68,12 @@ our @tests = ( { name => "ct-strict-with-scts", server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "Certificate" => test_pem("embeddedSCTs1.pem"), "PrivateKey" => test_pem("embeddedSCTs1-key.pem"), }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"), extra => { "CTValidation" => "Strict", @@ -76,10 +86,12 @@ our @tests = ( { name => "ct-permissive-resumption", server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "Certificate" => test_pem("embeddedSCTs1.pem"), "PrivateKey" => test_pem("embeddedSCTs1-key.pem"), }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"), extra => { "CTValidation" => "Permissive", @@ -94,10 +106,12 @@ our @tests = ( { name => "ct-strict-resumption", server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "Certificate" => test_pem("embeddedSCTs1.pem"), "PrivateKey" => test_pem("embeddedSCTs1-key.pem"), }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"), extra => { "CTValidation" => "Strict", diff --git a/test/ssl-tests/14-curves.cnf b/test/ssl-tests/14-curves.cnf index 824a9f9a0e..7f4534c29d 100644 --- a/test/ssl-tests/14-curves.cnf +++ b/test/ssl-tests/14-curves.cnf @@ -68,13 +68,13 @@ client = 0-curve-prime256v1-client [0-curve-prime256v1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = prime256v1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-curve-prime256v1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = prime256v1 MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -97,13 +97,13 @@ client = 1-curve-secp384r1-client [1-curve-secp384r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp384r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-curve-secp384r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp384r1 MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -126,13 +126,13 @@ client = 2-curve-secp521r1-client [2-curve-secp521r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp521r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [2-curve-secp521r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp521r1 MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -155,13 +155,13 @@ client = 3-curve-X25519-client [3-curve-X25519-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = X25519 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [3-curve-X25519-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = X25519 MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -184,13 +184,13 @@ client = 4-curve-X448-client [4-curve-X448-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = X448 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-curve-X448-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = X448 MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -213,13 +213,13 @@ client = 5-curve-sect233k1-client [5-curve-sect233k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect233k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-curve-sect233k1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect233k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -242,13 +242,13 @@ client = 6-curve-sect233r1-client [6-curve-sect233r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect233r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-curve-sect233r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect233r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -271,13 +271,13 @@ client = 7-curve-sect283k1-client [7-curve-sect283k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect283k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-curve-sect283k1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect283k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -300,13 +300,13 @@ client = 8-curve-sect283r1-client [8-curve-sect283r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect283r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-curve-sect283r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect283r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -329,13 +329,13 @@ client = 9-curve-sect409k1-client [9-curve-sect409k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect409k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [9-curve-sect409k1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect409k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -358,13 +358,13 @@ client = 10-curve-sect409r1-client [10-curve-sect409r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect409r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-curve-sect409r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect409r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -387,13 +387,13 @@ client = 11-curve-sect571k1-client [11-curve-sect571k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect571k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-curve-sect571k1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect571k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -416,13 +416,13 @@ client = 12-curve-sect571r1-client [12-curve-sect571r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect571r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [12-curve-sect571r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect571r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -445,13 +445,13 @@ client = 13-curve-secp224r1-client [13-curve-secp224r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp224r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [13-curve-secp224r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp224r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -474,13 +474,13 @@ client = 14-curve-sect163k1-client [14-curve-sect163k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect163k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-curve-sect163k1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect163k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -503,13 +503,13 @@ client = 15-curve-sect163r2-client [15-curve-sect163r2-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect163r2 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-curve-sect163r2-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect163r2 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -532,13 +532,13 @@ client = 16-curve-prime192v1-client [16-curve-prime192v1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = prime192v1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [16-curve-prime192v1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = prime192v1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -561,13 +561,13 @@ client = 17-curve-sect163r1-client [17-curve-sect163r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect163r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [17-curve-sect163r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect163r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -590,13 +590,13 @@ client = 18-curve-sect193r1-client [18-curve-sect193r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect193r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [18-curve-sect193r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect193r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -619,13 +619,13 @@ client = 19-curve-sect193r2-client [19-curve-sect193r2-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect193r2 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [19-curve-sect193r2-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect193r2 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -648,13 +648,13 @@ client = 20-curve-sect239k1-client [20-curve-sect239k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect239k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [20-curve-sect239k1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect239k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -677,13 +677,13 @@ client = 21-curve-secp160k1-client [21-curve-secp160k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp160k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [21-curve-secp160k1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp160k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -706,13 +706,13 @@ client = 22-curve-secp160r1-client [22-curve-secp160r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp160r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [22-curve-secp160r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp160r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -735,13 +735,13 @@ client = 23-curve-secp160r2-client [23-curve-secp160r2-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp160r2 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [23-curve-secp160r2-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp160r2 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -764,13 +764,13 @@ client = 24-curve-secp192k1-client [24-curve-secp192k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp192k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [24-curve-secp192k1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp192k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -793,13 +793,13 @@ client = 25-curve-secp224k1-client [25-curve-secp224k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp224k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [25-curve-secp224k1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp224k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -822,13 +822,13 @@ client = 26-curve-secp256k1-client [26-curve-secp256k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp256k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [26-curve-secp256k1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp256k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -851,13 +851,13 @@ client = 27-curve-brainpoolP256r1-client [27-curve-brainpoolP256r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = brainpoolP256r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [27-curve-brainpoolP256r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = brainpoolP256r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -880,13 +880,13 @@ client = 28-curve-brainpoolP384r1-client [28-curve-brainpoolP384r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = brainpoolP384r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [28-curve-brainpoolP384r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = brainpoolP384r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -909,13 +909,13 @@ client = 29-curve-brainpoolP512r1-client [29-curve-brainpoolP512r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = brainpoolP512r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [29-curve-brainpoolP512r1-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = brainpoolP512r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -938,13 +938,13 @@ client = 30-curve-sect233k1-tls13-client [30-curve-sect233k1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect233k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [30-curve-sect233k1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect233k1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -965,13 +965,13 @@ client = 31-curve-sect233r1-tls13-client [31-curve-sect233r1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect233r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [31-curve-sect233r1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect233r1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -992,13 +992,13 @@ client = 32-curve-sect283k1-tls13-client [32-curve-sect283k1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect283k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [32-curve-sect283k1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect283k1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1019,13 +1019,13 @@ client = 33-curve-sect283r1-tls13-client [33-curve-sect283r1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect283r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [33-curve-sect283r1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect283r1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1046,13 +1046,13 @@ client = 34-curve-sect409k1-tls13-client [34-curve-sect409k1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect409k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [34-curve-sect409k1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect409k1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1073,13 +1073,13 @@ client = 35-curve-sect409r1-tls13-client [35-curve-sect409r1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect409r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [35-curve-sect409r1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect409r1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1100,13 +1100,13 @@ client = 36-curve-sect571k1-tls13-client [36-curve-sect571k1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect571k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [36-curve-sect571k1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect571k1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1127,13 +1127,13 @@ client = 37-curve-sect571r1-tls13-client [37-curve-sect571r1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect571r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [37-curve-sect571r1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect571r1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1154,13 +1154,13 @@ client = 38-curve-secp224r1-tls13-client [38-curve-secp224r1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp224r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [38-curve-secp224r1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp224r1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1181,13 +1181,13 @@ client = 39-curve-sect163k1-tls13-client [39-curve-sect163k1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect163k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [39-curve-sect163k1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect163k1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1208,13 +1208,13 @@ client = 40-curve-sect163r2-tls13-client [40-curve-sect163r2-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect163r2 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [40-curve-sect163r2-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect163r2 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1235,13 +1235,13 @@ client = 41-curve-prime192v1-tls13-client [41-curve-prime192v1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = prime192v1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [41-curve-prime192v1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = prime192v1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1262,13 +1262,13 @@ client = 42-curve-sect163r1-tls13-client [42-curve-sect163r1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect163r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [42-curve-sect163r1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect163r1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1289,13 +1289,13 @@ client = 43-curve-sect193r1-tls13-client [43-curve-sect193r1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect193r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [43-curve-sect193r1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect193r1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1316,13 +1316,13 @@ client = 44-curve-sect193r2-tls13-client [44-curve-sect193r2-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect193r2 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [44-curve-sect193r2-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect193r2 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1343,13 +1343,13 @@ client = 45-curve-sect239k1-tls13-client [45-curve-sect239k1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = sect239k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [45-curve-sect239k1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = sect239k1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1370,13 +1370,13 @@ client = 46-curve-secp160k1-tls13-client [46-curve-secp160k1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp160k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [46-curve-secp160k1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp160k1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1397,13 +1397,13 @@ client = 47-curve-secp160r1-tls13-client [47-curve-secp160r1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp160r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [47-curve-secp160r1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp160r1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1424,13 +1424,13 @@ client = 48-curve-secp160r2-tls13-client [48-curve-secp160r2-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp160r2 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [48-curve-secp160r2-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp160r2 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1451,13 +1451,13 @@ client = 49-curve-secp192k1-tls13-client [49-curve-secp192k1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp192k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [49-curve-secp192k1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp192k1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1478,13 +1478,13 @@ client = 50-curve-secp224k1-tls13-client [50-curve-secp224k1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp224k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [50-curve-secp224k1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp224k1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1505,13 +1505,13 @@ client = 51-curve-secp256k1-tls13-client [51-curve-secp256k1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = secp256k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [51-curve-secp256k1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = secp256k1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1532,13 +1532,13 @@ client = 52-curve-brainpoolP256r1-tls13-client [52-curve-brainpoolP256r1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = brainpoolP256r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [52-curve-brainpoolP256r1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = brainpoolP256r1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1559,13 +1559,13 @@ client = 53-curve-brainpoolP384r1-tls13-client [53-curve-brainpoolP384r1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = brainpoolP384r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [53-curve-brainpoolP384r1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = brainpoolP384r1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -1586,13 +1586,13 @@ client = 54-curve-brainpoolP512r1-tls13-client [54-curve-brainpoolP512r1-tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Curves = brainpoolP512r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [54-curve-brainpoolP512r1-tls13-client] -CipherString = ECDHE +CipherString = ECDHE at SECLEVEL=1 Curves = brainpoolP512r1 MinProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem diff --git a/test/ssl-tests/14-curves.cnf.in b/test/ssl-tests/14-curves.cnf.in index 4c905a8ea8..6426b175b5 100644 --- a/test/ssl-tests/14-curves.cnf.in +++ b/test/ssl-tests/14-curves.cnf.in @@ -36,10 +36,11 @@ sub generate_tests() { name => "curve-${curve}", server => { "Curves" => $curve, + "CipherString" => 'DEFAULT at SECLEVEL=1', "MaxProtocol" => "TLSv1.3" }, client => { - "CipherString" => "ECDHE", + "CipherString" => 'ECDHE at SECLEVEL=1', "MaxProtocol" => "TLSv1.3", "Curves" => $curve }, @@ -56,10 +57,11 @@ sub generate_tests() { name => "curve-${curve}", server => { "Curves" => $curve, + "CipherString" => 'DEFAULT at SECLEVEL=1', "MaxProtocol" => "TLSv1.3" }, client => { - "CipherString" => "ECDHE", + "CipherString" => 'ECDHE at SECLEVEL=1', "MaxProtocol" => "TLSv1.2", "Curves" => $curve }, @@ -76,10 +78,11 @@ sub generate_tests() { name => "curve-${curve}-tls13", server => { "Curves" => $curve, + "CipherString" => 'DEFAULT at SECLEVEL=1', "MaxProtocol" => "TLSv1.3" }, client => { - "CipherString" => "ECDHE", + "CipherString" => 'ECDHE at SECLEVEL=1', "MinProtocol" => "TLSv1.3", "Curves" => $curve }, diff --git a/test/ssl-tests/22-compression.cnf b/test/ssl-tests/22-compression.cnf index c85d3129ab..a70f01b7af 100644 --- a/test/ssl-tests/22-compression.cnf +++ b/test/ssl-tests/22-compression.cnf @@ -21,12 +21,12 @@ client = 0-tlsv1_3-both-compress-client [0-tlsv1_3-both-compress-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Options = Compression PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-tlsv1_3-both-compress-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Options = Compression VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -47,11 +47,11 @@ client = 1-tlsv1_3-client-compress-client [1-tlsv1_3-client-compress-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-tlsv1_3-client-compress-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Options = Compression VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -72,12 +72,12 @@ client = 2-tlsv1_3-server-compress-client [2-tlsv1_3-server-compress-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Options = Compression PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [2-tlsv1_3-server-compress-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -97,11 +97,11 @@ client = 3-tlsv1_3-neither-compress-client [3-tlsv1_3-neither-compress-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [3-tlsv1_3-neither-compress-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -121,12 +121,12 @@ client = 4-tlsv1_2-both-compress-client [4-tlsv1_2-both-compress-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Options = Compression PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-tlsv1_2-both-compress-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 MaxProtocol = TLSv1.2 Options = Compression VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -148,11 +148,11 @@ client = 5-tlsv1_2-client-compress-client [5-tlsv1_2-client-compress-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-tlsv1_2-client-compress-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 MaxProtocol = TLSv1.2 Options = Compression VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem @@ -174,12 +174,12 @@ client = 6-tlsv1_2-server-compress-client [6-tlsv1_2-server-compress-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 Options = Compression PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-tlsv1_2-server-compress-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -200,11 +200,11 @@ client = 7-tlsv1_2-neither-compress-client [7-tlsv1_2-neither-compress-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-tlsv1_2-neither-compress-client] -CipherString = DEFAULT +CipherString = DEFAULT at SECLEVEL=1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer diff --git a/test/ssl-tests/22-compression.cnf.in b/test/ssl-tests/22-compression.cnf.in index 69a2e7f801..0b8f010b76 100644 --- a/test/ssl-tests/22-compression.cnf.in +++ b/test/ssl-tests/22-compression.cnf.in @@ -21,9 +21,11 @@ our @tests_tls1_3 = ( { name => "tlsv1_3-both-compress", server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "Options" => "Compression" }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "Options" => "Compression" }, test => { @@ -34,8 +36,10 @@ our @tests_tls1_3 = ( { name => "tlsv1_3-client-compress", server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "Options" => "Compression" }, test => { @@ -46,9 +50,11 @@ our @tests_tls1_3 = ( { name => "tlsv1_3-server-compress", server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "Options" => "Compression" }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', }, test => { "CompressionExpected" => "No", @@ -58,8 +64,10 @@ our @tests_tls1_3 = ( { name => "tlsv1_3-neither-compress", server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', }, test => { "CompressionExpected" => "No", @@ -71,9 +79,11 @@ our @tests_tls1_2 = ( { name => "tlsv1_2-both-compress", server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "Options" => "Compression" }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "Options" => "Compression", "MaxProtocol" => "TLSv1.2" }, @@ -85,8 +95,10 @@ our @tests_tls1_2 = ( { name => "tlsv1_2-client-compress", server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "Options" => "Compression", "MaxProtocol" => "TLSv1.2" }, @@ -98,9 +110,11 @@ our @tests_tls1_2 = ( { name => "tlsv1_2-server-compress", server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "Options" => "Compression" }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "MaxProtocol" => "TLSv1.2" }, test => { @@ -111,8 +125,10 @@ our @tests_tls1_2 = ( { name => "tlsv1_2-neither-compress", server => { + "CipherString" => 'DEFAULT at SECLEVEL=1', }, client => { + "CipherString" => 'DEFAULT at SECLEVEL=1', "MaxProtocol" => "TLSv1.2" }, test => { diff --git a/test/sslapitest.c b/test/sslapitest.c index 25dc61b876..e7a00a43e2 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -9196,7 +9196,8 @@ static int test_set_tmp_dh(int idx) */ static int test_dh_auto(int idx) { - SSL_CTX *cctx = NULL, *sctx = NULL; + SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, TLS_client_method()); + SSL_CTX *sctx = SSL_CTX_new_ex(libctx, NULL, TLS_server_method()); SSL *clientssl = NULL, *serverssl = NULL; int testresult = 0; EVP_PKEY *tmpkey = NULL; @@ -9204,14 +9205,21 @@ static int test_dh_auto(int idx) size_t expdhsize = 0; const char *ciphersuite = "DHE-RSA-AES128-SHA"; + if (!TEST_ptr(sctx) || !TEST_ptr(cctx)) + goto end; + switch (idx) { case 0: /* The FIPS provider doesn't support this DH size - so we ignore it */ - if (is_fips) - return 1; + if (is_fips) { + testresult = 1; + goto end; + } thiscert = cert1024; thiskey = privkey1024; expdhsize = 1024; + SSL_CTX_set_security_level(sctx, 1); + SSL_CTX_set_security_level(cctx, 1); break; case 1: /* 2048 bit prime */ @@ -9237,8 +9245,10 @@ static int test_dh_auto(int idx) /* No certificate cases */ case 5: /* The FIPS provider doesn't support this DH size - so we ignore it */ - if (is_fips) - return 1; + if (is_fips) { + testresult = 1; + goto end; + } ciphersuite = "ADH-AES128-SHA256:@SECLEVEL=0"; expdhsize = 1024; break; @@ -9251,8 +9261,8 @@ static int test_dh_auto(int idx) goto end; } - if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), - TLS_client_method(), + if (!TEST_true(create_ssl_ctx_pair(libctx, NULL, + NULL, 0, 0, &sctx, &cctx, thiscert, thiskey))) From no-reply at appveyor.com Sat Oct 9 18:13:36 2021 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 09 Oct 2021 18:13:36 +0000 Subject: Build completed: openssl openssl-3.0.42838 Message-ID: <20211009181336.1.E9E7811A0E89ED91@appveyor.com> An HTML attachment was scrubbed... URL: From tomas at openssl.org Mon Oct 11 08:45:50 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Mon, 11 Oct 2021 08:45:50 +0000 Subject: [openssl] master update Message-ID: <1633941950.124029.18613.nullmailer@dev.openssl.org> The branch master has been updated via d11cab47810715ba472070300b180944a1d93633 (commit) via 5e199c356d09aca3b625b5ea16966b36d24b0201 (commit) from 518ce65d93692ecd4c004b96b47d58da8e5922ea (commit) - Log ----------------------------------------------------------------- commit d11cab47810715ba472070300b180944a1d93633 Author: PW Hu Date: Fri Oct 8 17:01:47 2021 +0800 Bugfix: unsafe return check of EVP_PKEY_fromdata Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16783) commit 5e199c356d09aca3b625b5ea16966b36d24b0201 Author: PW Hu Date: Fri Oct 8 16:59:00 2021 +0800 Bugfix: unsafe return check of EVP_PKEY_fromdata_init Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16783) ----------------------------------------------------------------------- Summary of changes: apps/dhparam.c | 4 ++-- crypto/evp/p_lib.c | 4 ++-- test/helpers/predefined_dhparams.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/apps/dhparam.c b/apps/dhparam.c index 982b2db549..db9e964cf0 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -383,8 +383,8 @@ static EVP_PKEY *dsa_to_dh(EVP_PKEY *dh) ctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL); if (ctx == NULL - || !EVP_PKEY_fromdata_init(ctx) - || !EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params)) { + || EVP_PKEY_fromdata_init(ctx) <= 0 + || EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0) { BIO_printf(bio_err, "Error, failed to set DH parameters\n"); goto err; } diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 2bc1237488..61cfe1efb9 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -630,7 +630,7 @@ static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len, if (ctx == NULL) goto err; - if (!EVP_PKEY_fromdata_init(ctx)) { + if (EVP_PKEY_fromdata_init(ctx) <= 0) { ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); goto err; } @@ -649,7 +649,7 @@ static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len, # endif *p = OSSL_PARAM_construct_end(); - if (!EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params)) { + if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0) { ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); goto err; } diff --git a/test/helpers/predefined_dhparams.c b/test/helpers/predefined_dhparams.c index a6dd8c08a5..ebb9c8891d 100644 --- a/test/helpers/predefined_dhparams.c +++ b/test/helpers/predefined_dhparams.c @@ -23,7 +23,7 @@ static EVP_PKEY *get_dh_from_pg_bn(OSSL_LIB_CTX *libctx, const char *type, OSSL_PARAM *params = NULL; EVP_PKEY *dhpkey = NULL; - if (pctx == NULL || !EVP_PKEY_fromdata_init(pctx)) + if (pctx == NULL || EVP_PKEY_fromdata_init(pctx) <= 0) goto err; if ((tmpl = OSSL_PARAM_BLD_new()) == NULL @@ -35,7 +35,7 @@ static EVP_PKEY *get_dh_from_pg_bn(OSSL_LIB_CTX *libctx, const char *type, params = OSSL_PARAM_BLD_to_param(tmpl); if (params == NULL - || !EVP_PKEY_fromdata(pctx, &dhpkey, EVP_PKEY_KEY_PARAMETERS, params)) + || EVP_PKEY_fromdata(pctx, &dhpkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0) goto err; err: From tomas at openssl.org Mon Oct 11 08:46:08 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Mon, 11 Oct 2021 08:46:08 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633941968.769155.19669.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 6e463bcd53fedbb4ec277a5eb885619e32adcdd2 (commit) from ce5b392c8dc99f849dabea8bc9a21f66908b4188 (commit) - Log ----------------------------------------------------------------- commit 6e463bcd53fedbb4ec277a5eb885619e32adcdd2 Author: PW Hu Date: Fri Oct 8 16:59:00 2021 +0800 Bugfix: unsafe return check of EVP_PKEY_fromdata_init Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16783) (cherry picked from commit 5e199c356d09aca3b625b5ea16966b36d24b0201) ----------------------------------------------------------------------- Summary of changes: apps/dhparam.c | 2 +- crypto/evp/p_lib.c | 2 +- test/helpers/predefined_dhparams.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/apps/dhparam.c b/apps/dhparam.c index 982b2db549..6b8546e93b 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -383,7 +383,7 @@ static EVP_PKEY *dsa_to_dh(EVP_PKEY *dh) ctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL); if (ctx == NULL - || !EVP_PKEY_fromdata_init(ctx) + || EVP_PKEY_fromdata_init(ctx) <= 0 || !EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params)) { BIO_printf(bio_err, "Error, failed to set DH parameters\n"); goto err; diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 2bc1237488..424d11b259 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -630,7 +630,7 @@ static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len, if (ctx == NULL) goto err; - if (!EVP_PKEY_fromdata_init(ctx)) { + if (EVP_PKEY_fromdata_init(ctx) <= 0) { ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); goto err; } diff --git a/test/helpers/predefined_dhparams.c b/test/helpers/predefined_dhparams.c index a6dd8c08a5..b2f6601188 100644 --- a/test/helpers/predefined_dhparams.c +++ b/test/helpers/predefined_dhparams.c @@ -23,7 +23,7 @@ static EVP_PKEY *get_dh_from_pg_bn(OSSL_LIB_CTX *libctx, const char *type, OSSL_PARAM *params = NULL; EVP_PKEY *dhpkey = NULL; - if (pctx == NULL || !EVP_PKEY_fromdata_init(pctx)) + if (pctx == NULL || EVP_PKEY_fromdata_init(pctx) <= 0) goto err; if ((tmpl = OSSL_PARAM_BLD_new()) == NULL From tomas at openssl.org Mon Oct 11 08:46:25 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Mon, 11 Oct 2021 08:46:25 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633941985.603383.20959.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via fa885e4ba153b6be3e446c8f323762482cef92ae (commit) from 6e463bcd53fedbb4ec277a5eb885619e32adcdd2 (commit) - Log ----------------------------------------------------------------- commit fa885e4ba153b6be3e446c8f323762482cef92ae Author: PW Hu Date: Fri Oct 8 17:01:47 2021 +0800 Bugfix: unsafe return check of EVP_PKEY_fromdata Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16783) (cherry picked from commit d11cab47810715ba472070300b180944a1d93633) ----------------------------------------------------------------------- Summary of changes: apps/dhparam.c | 2 +- crypto/evp/p_lib.c | 2 +- test/helpers/predefined_dhparams.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/apps/dhparam.c b/apps/dhparam.c index 6b8546e93b..db9e964cf0 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -384,7 +384,7 @@ static EVP_PKEY *dsa_to_dh(EVP_PKEY *dh) ctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL); if (ctx == NULL || EVP_PKEY_fromdata_init(ctx) <= 0 - || !EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params)) { + || EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0) { BIO_printf(bio_err, "Error, failed to set DH parameters\n"); goto err; } diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 424d11b259..61cfe1efb9 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -649,7 +649,7 @@ static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len, # endif *p = OSSL_PARAM_construct_end(); - if (!EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params)) { + if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0) { ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); goto err; } diff --git a/test/helpers/predefined_dhparams.c b/test/helpers/predefined_dhparams.c index b2f6601188..ebb9c8891d 100644 --- a/test/helpers/predefined_dhparams.c +++ b/test/helpers/predefined_dhparams.c @@ -35,7 +35,7 @@ static EVP_PKEY *get_dh_from_pg_bn(OSSL_LIB_CTX *libctx, const char *type, params = OSSL_PARAM_BLD_to_param(tmpl); if (params == NULL - || !EVP_PKEY_fromdata(pctx, &dhpkey, EVP_PKEY_KEY_PARAMETERS, params)) + || EVP_PKEY_fromdata(pctx, &dhpkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0) goto err; err: From tomas at openssl.org Mon Oct 11 08:59:02 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Mon, 11 Oct 2021 08:59:02 +0000 Subject: [openssl] master update Message-ID: <1633942742.892380.27409.nullmailer@dev.openssl.org> The branch master has been updated via 2b80a7490d5008fa40417b804ea16e8fee13d93d (commit) from d11cab47810715ba472070300b180944a1d93633 (commit) - Log ----------------------------------------------------------------- commit 2b80a7490d5008fa40417b804ea16e8fee13d93d Author: Tomas Mraz Date: Thu Oct 7 11:10:19 2021 +0200 doc: OPENSSL_CORE_CTX should never be cast to OSSL_LIB_CTX Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/16771) ----------------------------------------------------------------------- Summary of changes: doc/man7/provider-base.pod | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/doc/man7/provider-base.pod b/doc/man7/provider-base.pod index 5af35bf4dc..881854a3af 100644 --- a/doc/man7/provider-base.pod +++ b/doc/man7/provider-base.pod @@ -220,10 +220,14 @@ the thread that is stopping and gets passed the provider context as an argument. This may be useful to perform thread specific clean up such as freeing thread local variables. -core_get_libctx() retrieves the library context in which the library +core_get_libctx() retrieves the core context in which the library object for the current provider is stored, accessible through the I. -This may sometimes be useful if the provider wishes to store a -reference to its context in the same library context. +This function is useful only for built-in providers such as the default +provider. Never cast this to OSSL_LIB_CTX in a provider that is not +built-in as the OSSL_LIB_CTX of the library loading the provider might be +a completely different structure than the OSSL_LIB_CTX of the library the +provider is linked to. Use L instead to obtain +a proper library context that is linked to the application library context. core_new_error(), core_set_error_debug() and core_vset_error() are building blocks for reporting an error back to the core, with From tomas at openssl.org Mon Oct 11 08:59:17 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Mon, 11 Oct 2021 08:59:17 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633942757.404358.28636.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 4f4711c7657396239ba9b9e5a7149e3cdcafe2e4 (commit) from fa885e4ba153b6be3e446c8f323762482cef92ae (commit) - Log ----------------------------------------------------------------- commit 4f4711c7657396239ba9b9e5a7149e3cdcafe2e4 Author: Tomas Mraz Date: Thu Oct 7 11:10:19 2021 +0200 doc: OPENSSL_CORE_CTX should never be cast to OSSL_LIB_CTX Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/16771) (cherry picked from commit 2b80a7490d5008fa40417b804ea16e8fee13d93d) ----------------------------------------------------------------------- Summary of changes: doc/man7/provider-base.pod | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/doc/man7/provider-base.pod b/doc/man7/provider-base.pod index d1e26baa11..0005dc7181 100644 --- a/doc/man7/provider-base.pod +++ b/doc/man7/provider-base.pod @@ -220,10 +220,14 @@ the thread that is stopping and gets passed the provider context as an argument. This may be useful to perform thread specific clean up such as freeing thread local variables. -core_get_libctx() retrieves the library context in which the library +core_get_libctx() retrieves the core context in which the library object for the current provider is stored, accessible through the I. -This may sometimes be useful if the provider wishes to store a -reference to its context in the same library context. +This function is useful only for built-in providers such as the default +provider. Never cast this to OSSL_LIB_CTX in a provider that is not +built-in as the OSSL_LIB_CTX of the library loading the provider might be +a completely different structure than the OSSL_LIB_CTX of the library the +provider is linked to. Use L instead to obtain +a proper library context that is linked to the application library context. core_new_error(), core_set_error_debug() and core_vset_error() are building blocks for reporting an error back to the core, with From matt at openssl.org Mon Oct 11 10:39:24 2021 From: matt at openssl.org (Matt Caswell) Date: Mon, 11 Oct 2021 10:39:24 +0000 Subject: [openssl] master update Message-ID: <1633948764.944002.22150.nullmailer@dev.openssl.org> The branch master has been updated via 0db3a9904fa00569905be130854a31dab7b8f49d (commit) via cbb862fbaaa1ec5a3e33836bc92a6dbea97ceba0 (commit) from 2b80a7490d5008fa40417b804ea16e8fee13d93d (commit) - Log ----------------------------------------------------------------- commit 0db3a9904fa00569905be130854a31dab7b8f49d Author: Matt Caswell Date: Mon Sep 20 14:36:42 2021 +0100 Extend custom extension testing Test the scenario where we add a custom extension to a cetificate request and expect a response in the client's certificate message. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16634) commit cbb862fbaaa1ec5a3e33836bc92a6dbea97ceba0 Author: Matt Caswell Date: Mon Sep 20 14:15:18 2021 +0100 New extensions can be sent in a certificate request Normally we expect a client to send new extensions in the ClientHello, which may be echoed back by the server in subsequent messages. However the server can also send a new extension in the certificate request message to be echoed back in a certificate message Fixes #16632 Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16634) ----------------------------------------------------------------------- Summary of changes: ssl/statem/extensions_cust.c | 11 ++++++----- test/sslapitest.c | 37 ++++++++++++++++++++++++++++--------- 2 files changed, 34 insertions(+), 14 deletions(-) diff --git a/ssl/statem/extensions_cust.c b/ssl/statem/extensions_cust.c index a00194bf33..401a4c5c76 100644 --- a/ssl/statem/extensions_cust.c +++ b/ssl/statem/extensions_cust.c @@ -145,11 +145,12 @@ int custom_ext_parse(SSL *s, unsigned int context, unsigned int ext_type, } /* - * Extensions received in the ClientHello are marked with the - * SSL_EXT_FLAG_RECEIVED. This is so we know to add the equivalent - * extensions in the ServerHello/EncryptedExtensions message + * Extensions received in the ClientHello or CertificateRequest are marked + * with the SSL_EXT_FLAG_RECEIVED. This is so we know to add the equivalent + * extensions in the response messages */ - if ((context & SSL_EXT_CLIENT_HELLO) != 0) + if ((context & (SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_CERTIFICATE_REQUEST)) + != 0) meth->ext_flags |= SSL_EXT_FLAG_RECEIVED; /* If no parse function set return success */ @@ -191,7 +192,7 @@ int custom_ext_add(SSL *s, int context, WPACKET *pkt, X509 *x, size_t chainidx, | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS | SSL_EXT_TLS1_3_CERTIFICATE | SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST)) != 0) { - /* Only send extensions present in ClientHello. */ + /* Only send extensions present in ClientHello/CertificateRequest */ if (!(meth->ext_flags & SSL_EXT_FLAG_RECEIVED)) continue; } diff --git a/test/sslapitest.c b/test/sslapitest.c index e7a00a43e2..fbec107edb 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -5560,6 +5560,11 @@ static int sni_cb(SSL *s, int *al, void *arg) return SSL_TLSEXT_ERR_OK; } +static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) +{ + return 1; +} + /* * Custom call back tests. * Test 0: Old style callbacks in TLSv1.2 @@ -5567,6 +5572,7 @@ static int sni_cb(SSL *s, int *al, void *arg) * Test 2: New style callbacks in TLSv1.2 with SNI * Test 3: New style callbacks in TLSv1.3. Extensions in CH and EE * Test 4: New style callbacks in TLSv1.3. Extensions in CH, SH, EE, Cert + NST + * Test 5: New style callbacks in TLSv1.3. Extensions in CR + Client Cert */ static int test_custom_exts(int tst) { @@ -5608,7 +5614,19 @@ static int test_custom_exts(int tst) SSL_CTX_set_options(sctx2, SSL_OP_NO_TLSv1_3); } - if (tst == 4) { + if (tst == 5) { + context = SSL_EXT_TLS1_3_CERTIFICATE_REQUEST + | SSL_EXT_TLS1_3_CERTIFICATE; + SSL_CTX_set_verify(sctx, + SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, + verify_cb); + if (!TEST_int_eq(SSL_CTX_use_certificate_file(cctx, cert, + SSL_FILETYPE_PEM), 1) + || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(cctx, privkey, + SSL_FILETYPE_PEM), 1) + || !TEST_int_eq(SSL_CTX_check_private_key(cctx), 1)) + goto end; + } else if (tst == 4) { context = SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_TLS1_3_SERVER_HELLO @@ -5704,6 +5722,12 @@ static int test_custom_exts(int tst) || (tst != 2 && snicb != 0) || (tst == 2 && snicb != 1)) goto end; + } else if (tst == 5) { + if (clntaddnewcb != 1 + || clntparsenewcb != 1 + || srvaddnewcb != 1 + || srvparsenewcb != 1) + goto end; } else { /* In this case there 2 NewSessionTicket messages created */ if (clntaddnewcb != 1 @@ -5720,8 +5744,8 @@ static int test_custom_exts(int tst) SSL_free(clientssl); serverssl = clientssl = NULL; - if (tst == 3) { - /* We don't bother with the resumption aspects for this test */ + if (tst == 3 || tst == 5) { + /* We don't bother with the resumption aspects for these tests */ testresult = 1; goto end; } @@ -8150,11 +8174,6 @@ err: return 0; } -static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) -{ - return 1; -} - static int test_client_cert_cb(int tst) { SSL_CTX *cctx = NULL, *sctx = NULL; @@ -9685,7 +9704,7 @@ int setup_tests(void) /* Test with only TLSv1.3 versions */ ADD_ALL_TESTS(test_key_exchange, 12); # endif - ADD_ALL_TESTS(test_custom_exts, 5); + ADD_ALL_TESTS(test_custom_exts, 6); ADD_TEST(test_stateless); ADD_TEST(test_pha_key_update); #else From matt at openssl.org Mon Oct 11 10:39:35 2021 From: matt at openssl.org (Matt Caswell) Date: Mon, 11 Oct 2021 10:39:35 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633948775.697436.23191.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 549675c54686b8fb0527720abf760313a78a1ae7 (commit) via e164577e720e9377b4f5ae4c726f47878547e616 (commit) from 4f4711c7657396239ba9b9e5a7149e3cdcafe2e4 (commit) - Log ----------------------------------------------------------------- commit 549675c54686b8fb0527720abf760313a78a1ae7 Author: Matt Caswell Date: Mon Sep 20 14:36:42 2021 +0100 Extend custom extension testing Test the scenario where we add a custom extension to a cetificate request and expect a response in the client's certificate message. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16634) (cherry picked from commit 0db3a9904fa00569905be130854a31dab7b8f49d) commit e164577e720e9377b4f5ae4c726f47878547e616 Author: Matt Caswell Date: Mon Sep 20 14:15:18 2021 +0100 New extensions can be sent in a certificate request Normally we expect a client to send new extensions in the ClientHello, which may be echoed back by the server in subsequent messages. However the server can also send a new extension in the certificate request message to be echoed back in a certificate message Fixes #16632 Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16634) (cherry picked from commit cbb862fbaaa1ec5a3e33836bc92a6dbea97ceba0) ----------------------------------------------------------------------- Summary of changes: ssl/statem/extensions_cust.c | 11 ++++++----- test/sslapitest.c | 37 ++++++++++++++++++++++++++++--------- 2 files changed, 34 insertions(+), 14 deletions(-) diff --git a/ssl/statem/extensions_cust.c b/ssl/statem/extensions_cust.c index a00194bf33..401a4c5c76 100644 --- a/ssl/statem/extensions_cust.c +++ b/ssl/statem/extensions_cust.c @@ -145,11 +145,12 @@ int custom_ext_parse(SSL *s, unsigned int context, unsigned int ext_type, } /* - * Extensions received in the ClientHello are marked with the - * SSL_EXT_FLAG_RECEIVED. This is so we know to add the equivalent - * extensions in the ServerHello/EncryptedExtensions message + * Extensions received in the ClientHello or CertificateRequest are marked + * with the SSL_EXT_FLAG_RECEIVED. This is so we know to add the equivalent + * extensions in the response messages */ - if ((context & SSL_EXT_CLIENT_HELLO) != 0) + if ((context & (SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_CERTIFICATE_REQUEST)) + != 0) meth->ext_flags |= SSL_EXT_FLAG_RECEIVED; /* If no parse function set return success */ @@ -191,7 +192,7 @@ int custom_ext_add(SSL *s, int context, WPACKET *pkt, X509 *x, size_t chainidx, | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS | SSL_EXT_TLS1_3_CERTIFICATE | SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST)) != 0) { - /* Only send extensions present in ClientHello. */ + /* Only send extensions present in ClientHello/CertificateRequest */ if (!(meth->ext_flags & SSL_EXT_FLAG_RECEIVED)) continue; } diff --git a/test/sslapitest.c b/test/sslapitest.c index 7af0eab3fc..68907923e8 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -5544,6 +5544,11 @@ static int sni_cb(SSL *s, int *al, void *arg) return SSL_TLSEXT_ERR_OK; } +static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) +{ + return 1; +} + /* * Custom call back tests. * Test 0: Old style callbacks in TLSv1.2 @@ -5551,6 +5556,7 @@ static int sni_cb(SSL *s, int *al, void *arg) * Test 2: New style callbacks in TLSv1.2 with SNI * Test 3: New style callbacks in TLSv1.3. Extensions in CH and EE * Test 4: New style callbacks in TLSv1.3. Extensions in CH, SH, EE, Cert + NST + * Test 5: New style callbacks in TLSv1.3. Extensions in CR + Client Cert */ static int test_custom_exts(int tst) { @@ -5592,7 +5598,19 @@ static int test_custom_exts(int tst) SSL_CTX_set_options(sctx2, SSL_OP_NO_TLSv1_3); } - if (tst == 4) { + if (tst == 5) { + context = SSL_EXT_TLS1_3_CERTIFICATE_REQUEST + | SSL_EXT_TLS1_3_CERTIFICATE; + SSL_CTX_set_verify(sctx, + SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, + verify_cb); + if (!TEST_int_eq(SSL_CTX_use_certificate_file(cctx, cert, + SSL_FILETYPE_PEM), 1) + || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(cctx, privkey, + SSL_FILETYPE_PEM), 1) + || !TEST_int_eq(SSL_CTX_check_private_key(cctx), 1)) + goto end; + } else if (tst == 4) { context = SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_TLS1_3_SERVER_HELLO @@ -5688,6 +5706,12 @@ static int test_custom_exts(int tst) || (tst != 2 && snicb != 0) || (tst == 2 && snicb != 1)) goto end; + } else if (tst == 5) { + if (clntaddnewcb != 1 + || clntparsenewcb != 1 + || srvaddnewcb != 1 + || srvparsenewcb != 1) + goto end; } else { /* In this case there 2 NewSessionTicket messages created */ if (clntaddnewcb != 1 @@ -5704,8 +5728,8 @@ static int test_custom_exts(int tst) SSL_free(clientssl); serverssl = clientssl = NULL; - if (tst == 3) { - /* We don't bother with the resumption aspects for this test */ + if (tst == 3 || tst == 5) { + /* We don't bother with the resumption aspects for these tests */ testresult = 1; goto end; } @@ -8134,11 +8158,6 @@ err: return 0; } -static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) -{ - return 1; -} - static int test_client_cert_cb(int tst) { SSL_CTX *cctx = NULL, *sctx = NULL; @@ -9659,7 +9678,7 @@ int setup_tests(void) /* Test with only TLSv1.3 versions */ ADD_ALL_TESTS(test_key_exchange, 12); # endif - ADD_ALL_TESTS(test_custom_exts, 5); + ADD_ALL_TESTS(test_custom_exts, 6); ADD_TEST(test_stateless); ADD_TEST(test_pha_key_update); #else From matt at openssl.org Mon Oct 11 10:39:46 2021 From: matt at openssl.org (Matt Caswell) Date: Mon, 11 Oct 2021 10:39:46 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1633948786.991484.24273.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 993ae6d207be1ae8c1901ea70a34adf0414e3e71 (commit) via f5ed4f0bbe31617b6df897ac6a28af9b3c8fd18e (commit) from a653e037ef0236ea9cd84ec4c94f0bb94aca56ab (commit) - Log ----------------------------------------------------------------- commit 993ae6d207be1ae8c1901ea70a34adf0414e3e71 Author: Matt Caswell Date: Mon Sep 20 14:36:42 2021 +0100 Extend custom extension testing Test the scenario where we add a custom extension to a cetificate request and expect a response in the client's certificate message. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16634) (cherry picked from commit 0db3a9904fa00569905be130854a31dab7b8f49d) commit f5ed4f0bbe31617b6df897ac6a28af9b3c8fd18e Author: Matt Caswell Date: Mon Sep 20 14:15:18 2021 +0100 New extensions can be sent in a certificate request Normally we expect a client to send new extensions in the ClientHello, which may be echoed back by the server in subsequent messages. However the server can also send a new extension in the certificate request message to be echoed back in a certificate message Fixes #16632 Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16634) (cherry picked from commit cbb862fbaaa1ec5a3e33836bc92a6dbea97ceba0) ----------------------------------------------------------------------- Summary of changes: ssl/statem/extensions_cust.c | 11 ++++++----- test/sslapitest.c | 37 ++++++++++++++++++++++++++++--------- 2 files changed, 34 insertions(+), 14 deletions(-) diff --git a/ssl/statem/extensions_cust.c b/ssl/statem/extensions_cust.c index a0ba18efa7..fa24344db7 100644 --- a/ssl/statem/extensions_cust.c +++ b/ssl/statem/extensions_cust.c @@ -146,11 +146,12 @@ int custom_ext_parse(SSL *s, unsigned int context, unsigned int ext_type, } /* - * Extensions received in the ClientHello are marked with the - * SSL_EXT_FLAG_RECEIVED. This is so we know to add the equivalent - * extensions in the ServerHello/EncryptedExtensions message + * Extensions received in the ClientHello or CertificateRequest are marked + * with the SSL_EXT_FLAG_RECEIVED. This is so we know to add the equivalent + * extensions in the response messages */ - if ((context & SSL_EXT_CLIENT_HELLO) != 0) + if ((context & (SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_CERTIFICATE_REQUEST)) + != 0) meth->ext_flags |= SSL_EXT_FLAG_RECEIVED; /* If no parse function set return success */ @@ -192,7 +193,7 @@ int custom_ext_add(SSL *s, int context, WPACKET *pkt, X509 *x, size_t chainidx, | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS | SSL_EXT_TLS1_3_CERTIFICATE | SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST)) != 0) { - /* Only send extensions present in ClientHello. */ + /* Only send extensions present in ClientHello/CertificateRequest */ if (!(meth->ext_flags & SSL_EXT_FLAG_RECEIVED)) continue; } diff --git a/test/sslapitest.c b/test/sslapitest.c index d311bb2ad3..21322ceec5 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -4110,6 +4110,11 @@ static int sni_cb(SSL *s, int *al, void *arg) return SSL_TLSEXT_ERR_OK; } +static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) +{ + return 1; +} + /* * Custom call back tests. * Test 0: Old style callbacks in TLSv1.2 @@ -4117,6 +4122,7 @@ static int sni_cb(SSL *s, int *al, void *arg) * Test 2: New style callbacks in TLSv1.2 with SNI * Test 3: New style callbacks in TLSv1.3. Extensions in CH and EE * Test 4: New style callbacks in TLSv1.3. Extensions in CH, SH, EE, Cert + NST + * Test 5: New style callbacks in TLSv1.3. Extensions in CR + Client Cert */ static int test_custom_exts(int tst) { @@ -4158,7 +4164,19 @@ static int test_custom_exts(int tst) SSL_CTX_set_options(sctx2, SSL_OP_NO_TLSv1_3); } - if (tst == 4) { + if (tst == 5) { + context = SSL_EXT_TLS1_3_CERTIFICATE_REQUEST + | SSL_EXT_TLS1_3_CERTIFICATE; + SSL_CTX_set_verify(sctx, + SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, + verify_cb); + if (!TEST_int_eq(SSL_CTX_use_certificate_file(cctx, cert, + SSL_FILETYPE_PEM), 1) + || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(cctx, privkey, + SSL_FILETYPE_PEM), 1) + || !TEST_int_eq(SSL_CTX_check_private_key(cctx), 1)) + goto end; + } else if (tst == 4) { context = SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_TLS1_3_SERVER_HELLO @@ -4254,6 +4272,12 @@ static int test_custom_exts(int tst) || (tst != 2 && snicb != 0) || (tst == 2 && snicb != 1)) goto end; + } else if (tst == 5) { + if (clntaddnewcb != 1 + || clntparsenewcb != 1 + || srvaddnewcb != 1 + || srvparsenewcb != 1) + goto end; } else { /* In this case there 2 NewSessionTicket messages created */ if (clntaddnewcb != 1 @@ -4270,8 +4294,8 @@ static int test_custom_exts(int tst) SSL_free(clientssl); serverssl = clientssl = NULL; - if (tst == 3) { - /* We don't bother with the resumption aspects for this test */ + if (tst == 3 || tst == 5) { + /* We don't bother with the resumption aspects for these tests */ testresult = 1; goto end; } @@ -6250,11 +6274,6 @@ static int client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey) return 1; } -static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) -{ - return 1; -} - static int test_client_cert_cb(int tst) { SSL_CTX *cctx = NULL, *sctx = NULL; @@ -6922,7 +6941,7 @@ int setup_tests(void) #else ADD_ALL_TESTS(test_tls13_psk, 4); #endif /* OPENSSL_NO_PSK */ - ADD_ALL_TESTS(test_custom_exts, 5); + ADD_ALL_TESTS(test_custom_exts, 6); ADD_TEST(test_stateless); ADD_TEST(test_pha_key_update); #else From bernd.edlinger at hotmail.de Mon Oct 11 14:25:32 2021 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Mon, 11 Oct 2021 14:25:32 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1633962332.146319.5288.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 14fd5a0d55652a7539c66df18d1120baed42248e (commit) from 549675c54686b8fb0527720abf760313a78a1ae7 (commit) - Log ----------------------------------------------------------------- commit 14fd5a0d55652a7539c66df18d1120baed42248e Author: Bernd Edlinger Date: Sun May 24 16:14:02 2020 +0200 Replace the AES-128-CBC-HMAC-SHA1 cipher in e_ossltest.c This replaces the AES-128-CBC-HMAC-SHA1 cipher with a non-encrypting version for use the test suite. [extended tests] Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16693) (cherry picked from commit 64da15c40d15aac58e211fd25d00e9ae84d0379b) ----------------------------------------------------------------------- Summary of changes: engines/e_ossltest.c | 216 +++++++++++++++++++++++++++++++++++++++++++---- ssl/record/ssl3_record.c | 23 ++--- ssl/record/tls_pad.c | 2 - ssl/tls_depr.c | 10 ++- 4 files changed, 210 insertions(+), 41 deletions(-) diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c index 8479414f01..0506faa628 100644 --- a/engines/e_ossltest.c +++ b/engines/e_ossltest.c @@ -38,6 +38,7 @@ #include #include #include +#include #include "e_ossltest_err.c" @@ -247,21 +248,39 @@ static int ossltest_ciphers(ENGINE *, const EVP_CIPHER **, const int **, int); static int ossltest_cipher_nids[] = { - NID_aes_128_cbc, NID_aes_128_gcm, 0 + NID_aes_128_cbc, NID_aes_128_gcm, + NID_aes_128_cbc_hmac_sha1, 0 }; /* AES128 */ -int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); -int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); +static int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc); +static int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl); +static int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc); +static int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl); static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); +static int ossltest_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, + int enc); +static int ossltest_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + size_t inl); +static int ossltest_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, + int arg, void *ptr); + +typedef struct { + size_t payload_length; /* AAD length in decrypt case */ + unsigned int tls_ver; +} EVP_AES_HMAC_SHA1; static EVP_CIPHER *_hidden_aes_128_cbc = NULL; static const EVP_CIPHER *ossltest_aes_128_cbc(void) @@ -285,6 +304,7 @@ static const EVP_CIPHER *ossltest_aes_128_cbc(void) } return _hidden_aes_128_cbc; } + static EVP_CIPHER *_hidden_aes_128_gcm = NULL; #define AES_GCM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \ @@ -315,11 +335,45 @@ static const EVP_CIPHER *ossltest_aes_128_gcm(void) return _hidden_aes_128_gcm; } +static EVP_CIPHER *_hidden_aes_128_cbc_hmac_sha1 = NULL; + +static const EVP_CIPHER *ossltest_aes_128_cbc_hmac_sha1(void) +{ + if (_hidden_aes_128_cbc_hmac_sha1 == NULL + && ((_hidden_aes_128_cbc_hmac_sha1 + = EVP_CIPHER_meth_new(NID_aes_128_cbc_hmac_sha1, + 16 /* block size */, + 16 /* key len */)) == NULL + || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc_hmac_sha1,16) + || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc_hmac_sha1, + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | + EVP_CIPH_FLAG_AEAD_CIPHER) + || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1, + ossltest_aes128_cbc_hmac_sha1_init_key) + || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1, + ossltest_aes128_cbc_hmac_sha1_cipher) + || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc_hmac_sha1, + ossltest_aes128_cbc_hmac_sha1_ctrl) + || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_aes_128_cbc_hmac_sha1, + EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv) + || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_aes_128_cbc_hmac_sha1, + EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv) + || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc_hmac_sha1, + sizeof(EVP_AES_HMAC_SHA1)))) { + EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); + _hidden_aes_128_cbc_hmac_sha1 = NULL; + } + return _hidden_aes_128_cbc_hmac_sha1; +} + static void destroy_ciphers(void) { EVP_CIPHER_meth_free(_hidden_aes_128_cbc); EVP_CIPHER_meth_free(_hidden_aes_128_gcm); + EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); _hidden_aes_128_cbc = NULL; + _hidden_aes_128_gcm = NULL; + _hidden_aes_128_cbc_hmac_sha1 = NULL; } /* Key loading */ @@ -490,6 +544,9 @@ static int ossltest_ciphers(ENGINE *e, const EVP_CIPHER **cipher, case NID_aes_128_gcm: *cipher = ossltest_aes_128_gcm(); break; + case NID_aes_128_cbc_hmac_sha1: + *cipher = ossltest_aes_128_cbc_hmac_sha1(); + break; default: ok = 0; *cipher = NULL; @@ -634,14 +691,15 @@ static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md) * AES128 Implementation */ -int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) +static int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc) { return EVP_CIPHER_meth_get_init(EVP_aes_128_cbc()) (ctx, key, iv, enc); } -int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) +static int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) { unsigned char *tmpbuf; int ret; @@ -667,15 +725,15 @@ int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return ret; } -int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) +static int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc) { return EVP_CIPHER_meth_get_init(EVP_aes_128_gcm()) (ctx, key, iv, enc); } - -int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) +static int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) { unsigned char *tmpbuf = OPENSSL_malloc(inl); @@ -720,6 +778,128 @@ static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, return 1; } +#define NO_PAYLOAD_LENGTH ((size_t)-1) +# define data(ctx) ((EVP_AES_HMAC_SHA1 *)EVP_CIPHER_CTX_get_cipher_data(ctx)) + +static int ossltest_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *inkey, + const unsigned char *iv, + int enc) +{ + EVP_AES_HMAC_SHA1 *key = data(ctx); + key->payload_length = NO_PAYLOAD_LENGTH; + return 1; +} + +static int ossltest_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + size_t len) +{ + EVP_AES_HMAC_SHA1 *key = data(ctx); + unsigned int l; + size_t plen = key->payload_length; + + key->payload_length = NO_PAYLOAD_LENGTH; + + if (len % AES_BLOCK_SIZE) + return 0; + + if (EVP_CIPHER_CTX_is_encrypting(ctx)) { + if (plen == NO_PAYLOAD_LENGTH) + plen = len; + else if (len != + ((plen + SHA_DIGEST_LENGTH + + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)) + return 0; + + memmove(out, in, plen); + + if (plen != len) { /* "TLS" mode of operation */ + /* calculate HMAC and append it to payload */ + fill_known_data(out + plen, SHA_DIGEST_LENGTH); + + /* pad the payload|hmac */ + plen += SHA_DIGEST_LENGTH; + for (l = len - plen - 1; plen < len; plen++) + out[plen] = l; + } + } else { + /* decrypt HMAC|padding at once */ + memmove(out, in, len); + + if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */ + unsigned int maxpad, pad; + + if (key->tls_ver >= TLS1_1_VERSION) { + if (len < (AES_BLOCK_SIZE + SHA_DIGEST_LENGTH + 1)) + return 0; + + /* omit explicit iv */ + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; + len -= AES_BLOCK_SIZE; + } else if (len < (SHA_DIGEST_LENGTH + 1)) + return 0; + + /* figure out payload length */ + pad = out[len - 1]; + maxpad = len - (SHA_DIGEST_LENGTH + 1); + if (pad > maxpad) + return 0; + for (plen = len - pad - 1; plen < len; plen++) + if (out[plen] != pad) + return 0; + } + } + + return 1; +} + +static int ossltest_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, + int arg, void *ptr) +{ + EVP_AES_HMAC_SHA1 *key = data(ctx); + + switch (type) { + case EVP_CTRL_AEAD_SET_MAC_KEY: + return 1; + + case EVP_CTRL_AEAD_TLS1_AAD: + { + unsigned char *p = ptr; + unsigned int len; + + if (arg != EVP_AEAD_TLS1_AAD_LEN) + return -1; + + len = p[arg - 2] << 8 | p[arg - 1]; + key->tls_ver = p[arg - 4] << 8 | p[arg - 3]; + + if (EVP_CIPHER_CTX_is_encrypting(ctx)) { + key->payload_length = len; + if (key->tls_ver >= TLS1_1_VERSION) { + if (len < AES_BLOCK_SIZE) + return 0; + len -= AES_BLOCK_SIZE; + p[arg - 2] = len >> 8; + p[arg - 1] = len; + } + + return (int)(((len + SHA_DIGEST_LENGTH + + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) + - len); + } else { + key->payload_length = arg; + + return SHA_DIGEST_LENGTH; + } + } + default: + return -1; + } +} + static int ossltest_rand_bytes(unsigned char *buf, int num) { unsigned char val = 1; diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index b6ac61e0e8..c713f231ca 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -1218,23 +1218,17 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending, } if (!sending) { - /* Adjust the record to remove the explicit IV/MAC/Tag */ - if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_GCM_MODE) { - for (ctr = 0; ctr < n_recs; ctr++) { + for (ctr = 0; ctr < n_recs; ctr++) { + /* Adjust the record to remove the explicit IV/MAC/Tag */ + if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_GCM_MODE) { recs[ctr].data += EVP_GCM_TLS_EXPLICIT_IV_LEN; recs[ctr].input += EVP_GCM_TLS_EXPLICIT_IV_LEN; recs[ctr].length -= EVP_GCM_TLS_EXPLICIT_IV_LEN; - } - } else if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_CCM_MODE) { - for (ctr = 0; ctr < n_recs; ctr++) { + } else if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_CCM_MODE) { recs[ctr].data += EVP_CCM_TLS_EXPLICIT_IV_LEN; recs[ctr].input += EVP_CCM_TLS_EXPLICIT_IV_LEN; recs[ctr].length -= EVP_CCM_TLS_EXPLICIT_IV_LEN; - } - } - - for (ctr = 0; ctr < n_recs; ctr++) { - if (bs != 1 && SSL_USE_EXPLICIT_IV(s)) { + } else if (bs != 1 && SSL_USE_EXPLICIT_IV(s)) { if (recs[ctr].length < bs) return 0; recs[ctr].data += bs; @@ -1254,17 +1248,12 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending, (macs != NULL) ? &macs[ctr].alloced : NULL, bs, - macsize, + pad ? (size_t)pad : macsize, (EVP_CIPHER_get_flags(enc) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0, s->ctx->libctx)) return 0; } - if (pad) { - for (ctr = 0; ctr < n_recs; ctr++) { - recs[ctr].length -= pad; - } - } } } } diff --git a/ssl/record/tls_pad.c b/ssl/record/tls_pad.c index 46614e143b..528c605554 100644 --- a/ssl/record/tls_pad.c +++ b/ssl/record/tls_pad.c @@ -138,8 +138,6 @@ int tls1_cbc_remove_padding_and_mac(size_t *reclen, if (aead) { /* padding is already verified and we don't need to check the MAC */ *reclen -= padding_length + 1 + mac_size; - *mac = NULL; - *alloced = 0; return 1; } diff --git a/ssl/tls_depr.c b/ssl/tls_depr.c index 0b21ff7669..1761ba1d8e 100644 --- a/ssl/tls_depr.c +++ b/ssl/tls_depr.c @@ -27,6 +27,7 @@ void tls_engine_finish(ENGINE *e) const EVP_CIPHER *tls_get_cipher_from_engine(int nid) { + const EVP_CIPHER *ret = NULL; #ifndef OPENSSL_NO_ENGINE ENGINE *eng; @@ -36,15 +37,16 @@ const EVP_CIPHER *tls_get_cipher_from_engine(int nid) */ eng = ENGINE_get_cipher_engine(nid); if (eng != NULL) { + ret = ENGINE_get_cipher(eng, nid); ENGINE_finish(eng); - return EVP_get_cipherbynid(nid); } #endif - return NULL; + return ret; } const EVP_MD *tls_get_digest_from_engine(int nid) { + const EVP_MD *ret = NULL; #ifndef OPENSSL_NO_ENGINE ENGINE *eng; @@ -54,11 +56,11 @@ const EVP_MD *tls_get_digest_from_engine(int nid) */ eng = ENGINE_get_digest_engine(nid); if (eng != NULL) { + ret = ENGINE_get_digest(eng, nid); ENGINE_finish(eng); - return EVP_get_digestbynid(nid); } #endif - return NULL; + return ret; } #ifndef OPENSSL_NO_ENGINE From tomas at openssl.org Mon Oct 11 14:32:18 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Mon, 11 Oct 2021 14:32:18 +0000 Subject: [openssl] master update Message-ID: <1633962738.773388.10180.nullmailer@dev.openssl.org> The branch master has been updated via 58608487a44b3991ecc6d431d6273b2ca8c980a6 (commit) from 0db3a9904fa00569905be130854a31dab7b8f49d (commit) - Log ----------------------------------------------------------------- commit 58608487a44b3991ecc6d431d6273b2ca8c980a6 Author: Tomas Mraz Date: Thu Oct 7 17:34:08 2021 +0200 req: Do not warn about using stdin when generating new request Fixes #16773 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/16774) ----------------------------------------------------------------------- Summary of changes: apps/req.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/req.c b/apps/req.c index f756c25b2a..aac972e29b 100644 --- a/apps/req.c +++ b/apps/req.c @@ -492,7 +492,7 @@ int req_main(int argc, char **argv) if (infile == NULL) { if (gen_x509) newreq = 1; - else + else if (!newreq) BIO_printf(bio_err, "Warning: Will read cert request from stdin since no -in option is given\n"); } From no-reply at appveyor.com Mon Oct 11 15:04:47 2021 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 11 Oct 2021 15:04:47 +0000 Subject: Build failed: openssl openssl-3.0.42844 Message-ID: <20211011150447.1.A579BF453936316B@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 11 18:14:04 2021 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 11 Oct 2021 18:14:04 +0000 Subject: Build completed: openssl master.42845 Message-ID: <20211011181404.1.2BF28EF2E3DDE6BA@appveyor.com> An HTML attachment was scrubbed... URL: From tomas at openssl.org Tue Oct 12 14:45:53 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Tue, 12 Oct 2021 14:45:53 +0000 Subject: [openssl] master update Message-ID: <1634049953.390122.12913.nullmailer@dev.openssl.org> The branch master has been updated via 374d5cf2f6b8bdf87c04b5e293a7d291f2c23203 (commit) via 922422119df1f6aabd2a15e6e4108d98b6143adf (commit) from 58608487a44b3991ecc6d431d6273b2ca8c980a6 (commit) - Log ----------------------------------------------------------------- commit 374d5cf2f6b8bdf87c04b5e293a7d291f2c23203 Author: Tomas Mraz Date: Mon Oct 11 15:04:46 2021 +0200 cmp_vfy.c, encoder_lib.c: Fix potential leak of a BIO Fixes #16787 Reviewed-by: Matt Caswell Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/16804) commit 922422119df1f6aabd2a15e6e4108d98b6143adf Author: Tomas Mraz Date: Mon Oct 11 15:03:47 2021 +0200 ctrl_params_translate: Fix leak of BN_CTX Also add a missing allocation failure check. Fixes #16788 Reviewed-by: Matt Caswell Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/16804) ----------------------------------------------------------------------- Summary of changes: crypto/cmp/cmp_vfy.c | 4 +++- crypto/encode_decode/encoder_lib.c | 7 +++++-- crypto/evp/ctrl_params_translate.c | 3 +++ 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c index aa4665a562..b9d6fc2bdd 100644 --- a/crypto/cmp/cmp_vfy.c +++ b/crypto/cmp/cmp_vfy.c @@ -27,12 +27,14 @@ static int verify_signature(const OSSL_CMP_CTX *cmp_ctx, { OSSL_CMP_PROTECTEDPART prot_part; EVP_PKEY *pubkey = NULL; - BIO *bio = BIO_new(BIO_s_mem()); /* may be NULL */ + BIO *bio; int res = 0; if (!ossl_assert(cmp_ctx != NULL && msg != NULL && cert != NULL)) return 0; + bio = BIO_new(BIO_s_mem()); /* may be NULL */ + /* verify that keyUsage, if present, contains digitalSignature */ if (!cmp_ctx->ignore_keyusage && (X509_get_key_usage(cert) & X509v3_KU_DIGITAL_SIGNATURE) == 0) { diff --git a/crypto/encode_decode/encoder_lib.c b/crypto/encode_decode/encoder_lib.c index 6c20fbb3d1..cfd9275172 100644 --- a/crypto/encode_decode/encoder_lib.c +++ b/crypto/encode_decode/encoder_lib.c @@ -92,7 +92,7 @@ int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp) int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata, size_t *pdata_len) { - BIO *out = BIO_new(BIO_s_mem()); + BIO *out; BUF_MEM *buf = NULL; int ret = 0; @@ -101,7 +101,10 @@ int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata, return 0; } - if (OSSL_ENCODER_to_bio(ctx, out) + out = BIO_new(BIO_s_mem()); + + if (out != NULL + && OSSL_ENCODER_to_bio(ctx, out) && BIO_get_mem_ptr(out, &buf) > 0) { ret = 1; /* Hope for the best. A too small buffer will clear this */ diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c index 88945e13e6..b17ce3cbf9 100644 --- a/crypto/evp/ctrl_params_translate.c +++ b/crypto/evp/ctrl_params_translate.c @@ -1595,10 +1595,13 @@ static int get_payload_public_key(enum state state, const EC_GROUP *ecg = EC_KEY_get0_group(eckey); const EC_POINT *point = EC_KEY_get0_public_key(eckey); + if (bnctx == NULL) + return 0; ctx->sz = EC_POINT_point2buf(ecg, point, POINT_CONVERSION_COMPRESSED, &buf, bnctx); ctx->p2 = buf; + BN_CTX_free(bnctx); break; } return 0; From tomas at openssl.org Tue Oct 12 14:47:02 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Tue, 12 Oct 2021 14:47:02 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1634050022.583575.14548.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via a7731e5f8bd01d0aed5f262f7815a75269045c32 (commit) from 14fd5a0d55652a7539c66df18d1120baed42248e (commit) - Log ----------------------------------------------------------------- commit a7731e5f8bd01d0aed5f262f7815a75269045c32 Author: Tomas Mraz Date: Mon Oct 11 15:03:47 2021 +0200 ctrl_params_translate: Fix leak of BN_CTX Also add a missing allocation failure check. Fixes #16788 Reviewed-by: Matt Caswell Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/16804) (cherry picked from commit 922422119df1f6aabd2a15e6e4108d98b6143adf) ----------------------------------------------------------------------- Summary of changes: crypto/evp/ctrl_params_translate.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c index 88945e13e6..b17ce3cbf9 100644 --- a/crypto/evp/ctrl_params_translate.c +++ b/crypto/evp/ctrl_params_translate.c @@ -1595,10 +1595,13 @@ static int get_payload_public_key(enum state state, const EC_GROUP *ecg = EC_KEY_get0_group(eckey); const EC_POINT *point = EC_KEY_get0_public_key(eckey); + if (bnctx == NULL) + return 0; ctx->sz = EC_POINT_point2buf(ecg, point, POINT_CONVERSION_COMPRESSED, &buf, bnctx); ctx->p2 = buf; + BN_CTX_free(bnctx); break; } return 0; From tomas at openssl.org Tue Oct 12 14:47:32 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Tue, 12 Oct 2021 14:47:32 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1634050052.900766.15780.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 5c863749f19c55506fdc63ce6dbaf2523d06297c (commit) from a7731e5f8bd01d0aed5f262f7815a75269045c32 (commit) - Log ----------------------------------------------------------------- commit 5c863749f19c55506fdc63ce6dbaf2523d06297c Author: Tomas Mraz Date: Mon Oct 11 15:04:46 2021 +0200 cmp_vfy.c, encoder_lib.c: Fix potential leak of a BIO Fixes #16787 Reviewed-by: Matt Caswell Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/16804) (cherry picked from commit 374d5cf2f6b8bdf87c04b5e293a7d291f2c23203) ----------------------------------------------------------------------- Summary of changes: crypto/cmp/cmp_vfy.c | 4 +++- crypto/encode_decode/encoder_lib.c | 7 +++++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c index aa4665a562..b9d6fc2bdd 100644 --- a/crypto/cmp/cmp_vfy.c +++ b/crypto/cmp/cmp_vfy.c @@ -27,12 +27,14 @@ static int verify_signature(const OSSL_CMP_CTX *cmp_ctx, { OSSL_CMP_PROTECTEDPART prot_part; EVP_PKEY *pubkey = NULL; - BIO *bio = BIO_new(BIO_s_mem()); /* may be NULL */ + BIO *bio; int res = 0; if (!ossl_assert(cmp_ctx != NULL && msg != NULL && cert != NULL)) return 0; + bio = BIO_new(BIO_s_mem()); /* may be NULL */ + /* verify that keyUsage, if present, contains digitalSignature */ if (!cmp_ctx->ignore_keyusage && (X509_get_key_usage(cert) & X509v3_KU_DIGITAL_SIGNATURE) == 0) { diff --git a/crypto/encode_decode/encoder_lib.c b/crypto/encode_decode/encoder_lib.c index 6c20fbb3d1..cfd9275172 100644 --- a/crypto/encode_decode/encoder_lib.c +++ b/crypto/encode_decode/encoder_lib.c @@ -92,7 +92,7 @@ int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp) int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata, size_t *pdata_len) { - BIO *out = BIO_new(BIO_s_mem()); + BIO *out; BUF_MEM *buf = NULL; int ret = 0; @@ -101,7 +101,10 @@ int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata, return 0; } - if (OSSL_ENCODER_to_bio(ctx, out) + out = BIO_new(BIO_s_mem()); + + if (out != NULL + && OSSL_ENCODER_to_bio(ctx, out) && BIO_get_mem_ptr(out, &buf) > 0) { ret = 1; /* Hope for the best. A too small buffer will clear this */ From tomas at openssl.org Tue Oct 12 16:09:31 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Tue, 12 Oct 2021 16:09:31 +0000 Subject: [openssl] master update Message-ID: <1634054971.962772.3255.nullmailer@dev.openssl.org> The branch master has been updated via f087ebcb2eb516a424245fcb93642e57ba024cc4 (commit) from 374d5cf2f6b8bdf87c04b5e293a7d291f2c23203 (commit) - Log ----------------------------------------------------------------- commit f087ebcb2eb516a424245fcb93642e57ba024cc4 Author: Mingjun.Yang Date: Mon Oct 11 15:51:34 2021 +0800 feat: Add sm2 signature test case from GM/T 0003.5-2012 Reviewed-by: Bernd Edlinger Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16802) ----------------------------------------------------------------------- Summary of changes: test/sm2_internal_test.c | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/test/sm2_internal_test.c b/test/sm2_internal_test.c index 4899d5e213..2d91827749 100644 --- a/test/sm2_internal_test.c +++ b/test/sm2_internal_test.c @@ -370,6 +370,7 @@ static int test_sm2_sign(const EC_GROUP *group, static int sm2_sig_test(void) { int testresult = 0; + EC_GROUP *gm_group = NULL; /* From draft-shen-sm2-ecdsa-02 */ EC_GROUP *test_group = create_EC_group @@ -395,10 +396,42 @@ static int sm2_sig_test(void) "6FC6DAC32C5D5CF10C77DFB20F7C2EB667A457872FB09EC56327A67EC7DEEBE7"))) goto done; + /* From Annex A in both GM/T0003.5-2012 and GB/T 32918.5-2016.*/ + gm_group = create_EC_group( + "fffffffeffffffffffffffffffffffffffffffff00000000ffffffffffffffff", + "fffffffeffffffffffffffffffffffffffffffff00000000fffffffffffffffc", + "28e9fa9e9d9f5e344d5a9e4bcf6509a7f39789f515ab8f92ddbcbd414d940e93", + "32c4ae2c1f1981195f9904466a39c9948fe30bbff2660be1715a4589334c74c7", + "bc3736a2f4f6779c59bdcee36b692153d0a9877cc62a474002df32e52139f0a0", + "fffffffeffffffffffffffffffffffff7203df6b21c6052b53bbf40939d54123", + "1"); + + if (!TEST_ptr(gm_group)) + goto done; + + if (!TEST_true(test_sm2_sign( + gm_group, + /* the default ID specified in GM/T 0009-2012 (Sec. 10).*/ + SM2_DEFAULT_USERID, + /* privkey */ + "3945208F7B2144B13F36E38AC6D39F95889393692860B51A42FB81EF4DF7C5B8", + /* plaintext message */ + "message digest", + /* ephemeral nonce k */ + "59276E27D506861A16680F3AD9C02DCCEF3CC1FA3CDBE4CE6D54B80DEAC1BC21", + /* expected signature, the field values are from GM/T 0003.5-2012, + Annex A. */ + /* signature R, 0x20 bytes */ + "F5A03B0648D2C4630EEAC513E1BB81A15944DA3827D5B74143AC7EACEEE720B3", + /* signature S, 0x20 bytes */ + "B1B6AA29DF212FD8763182BC0D421CA1BB9038FD1F7F42D4840B69C485BBC1AA"))) + goto done; + testresult = 1; done: EC_GROUP_free(test_group); + EC_GROUP_free(gm_group); return testresult; } From levitte at openssl.org Thu Oct 14 08:57:08 2021 From: levitte at openssl.org (Richard Levitte) Date: Thu, 14 Oct 2021 08:57:08 +0000 Subject: [openssl] master update Message-ID: <1634201828.419619.1796.nullmailer@dev.openssl.org> The branch master has been updated via a85b4de6a6cbe03c46219d4b1c3b2828ca3fd51c (commit) from f087ebcb2eb516a424245fcb93642e57ba024cc4 (commit) - Log ----------------------------------------------------------------- commit a85b4de6a6cbe03c46219d4b1c3b2828ca3fd51c Author: Richard Levitte Date: Wed Oct 13 09:09:05 2021 +0200 Fix test/recipes/01-test_symbol_presence.t to allow for stripped libraries It's a small change to the 'nm' call, to have it look at dynamic symbols rather than the normal ones. Fixes #16810 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16822) ----------------------------------------------------------------------- Summary of changes: test/recipes/01-test_symbol_presence.t | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index 4271ac32a3..12ad278e27 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -48,12 +48,12 @@ foreach my $libname (@libnames) { *OSTDOUT = *STDOUT; open STDERR, ">", devnull(); open STDOUT, ">", devnull(); - my @nm_lines = map { s|\R$||; $_ } `nm -Pg $shlibpath 2> /dev/null`; + my @nm_lines = map { s|\R$||; $_ } `nm -DPg $shlibpath 2> /dev/null`; close STDERR; close STDOUT; *STDERR = *OSTDERR; *STDOUT = *OSTDOUT; - skip "Can't run 'nm -Pg $shlibpath' => $?... ignoring", 2 + skip "Can't run 'nm -DPg $shlibpath' => $?... ignoring", 2 unless $? == 0; my $bldtop = bldtop_dir(); From levitte at openssl.org Thu Oct 14 08:58:58 2021 From: levitte at openssl.org (Richard Levitte) Date: Thu, 14 Oct 2021 08:58:58 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1634201938.580995.4584.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 1ca2bd42afc584c6eb9d909852d666ae634e638b (commit) from 5c863749f19c55506fdc63ce6dbaf2523d06297c (commit) - Log ----------------------------------------------------------------- commit 1ca2bd42afc584c6eb9d909852d666ae634e638b Author: Richard Levitte Date: Wed Oct 13 09:09:05 2021 +0200 Fix test/recipes/01-test_symbol_presence.t to allow for stripped libraries It's a small change to the 'nm' call, to have it look at dynamic symbols rather than the normal ones. Fixes #16810 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16822) (cherry picked from commit a85b4de6a6cbe03c46219d4b1c3b2828ca3fd51c) ----------------------------------------------------------------------- Summary of changes: test/recipes/01-test_symbol_presence.t | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index 4271ac32a3..12ad278e27 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -48,12 +48,12 @@ foreach my $libname (@libnames) { *OSTDOUT = *STDOUT; open STDERR, ">", devnull(); open STDOUT, ">", devnull(); - my @nm_lines = map { s|\R$||; $_ } `nm -Pg $shlibpath 2> /dev/null`; + my @nm_lines = map { s|\R$||; $_ } `nm -DPg $shlibpath 2> /dev/null`; close STDERR; close STDOUT; *STDERR = *OSTDERR; *STDOUT = *OSTDOUT; - skip "Can't run 'nm -Pg $shlibpath' => $?... ignoring", 2 + skip "Can't run 'nm -DPg $shlibpath' => $?... ignoring", 2 unless $? == 0; my $bldtop = bldtop_dir(); From levitte at openssl.org Thu Oct 14 09:00:27 2021 From: levitte at openssl.org (Richard Levitte) Date: Thu, 14 Oct 2021 09:00:27 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1634202027.789436.7138.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 6b0f7a67f71e03b90b654ed20786acca54d20fae (commit) from 993ae6d207be1ae8c1901ea70a34adf0414e3e71 (commit) - Log ----------------------------------------------------------------- commit 6b0f7a67f71e03b90b654ed20786acca54d20fae Author: Richard Levitte Date: Wed Oct 13 09:09:05 2021 +0200 Fix test/recipes/01-test_symbol_presence.t to allow for stripped libraries It's a small change to the 'nm' call, to have it look at dynamic symbols rather than the normal ones. Fixes #16810 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16822) (cherry picked from commit a85b4de6a6cbe03c46219d4b1c3b2828ca3fd51c) ----------------------------------------------------------------------- Summary of changes: test/recipes/01-test_symbol_presence.t | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index 7f2a2d75b8..39ed4d447b 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -37,12 +37,12 @@ foreach my $libname (@libnames) { *OSTDOUT = *STDOUT; open STDERR, ">", devnull(); open STDOUT, ">", devnull(); - my @nm_lines = map { s|\R$||; $_ } `nm -Pg $shlibpath 2> /dev/null`; + my @nm_lines = map { s|\R$||; $_ } `nm -DPg $shlibpath 2> /dev/null`; close STDERR; close STDOUT; *STDERR = *OSTDERR; *STDOUT = *OSTDOUT; - skip "Can't run 'nm -Pg $shlibpath' => $?... ignoring", 2 + skip "Can't run 'nm -DPg $shlibpath' => $?... ignoring", 2 unless $? == 0; my $bldtop = bldtop_dir(); From bernd.edlinger at hotmail.de Thu Oct 14 12:57:49 2021 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 14 Oct 2021 12:57:49 +0000 Subject: [openssl] master update Message-ID: <1634216269.692373.19854.nullmailer@dev.openssl.org> The branch master has been updated via 19b30f1c596a8df2a522f9d6dfc1c1782790fc78 (commit) via 74b485848a608383d8d37c04480821ea7b613110 (commit) from a85b4de6a6cbe03c46219d4b1c3b2828ca3fd51c (commit) - Log ----------------------------------------------------------------- commit 19b30f1c596a8df2a522f9d6dfc1c1782790fc78 Author: Bernd Edlinger Date: Wed Oct 13 06:37:46 2021 +0200 Fix another memory leak reported in CIFuzz Direct leak of 2 byte(s) in 1 object(s) allocated from: #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3 #1 0x57acd9 in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12 #2 0x57e106 in CRYPTO_strdup /src/openssl/crypto/o_str.c:24:11 #3 0x5c139f in def_load_bio /src/openssl/crypto/conf/conf_def.c:427:45 #4 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12 #5 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5 #6 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12 #7 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp #8 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6 #9 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp #10 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10 #11 0x7f15336bf0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2) Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16813) commit 74b485848a608383d8d37c04480821ea7b613110 Author: Bernd Edlinger Date: Tue Oct 12 19:38:14 2021 +0200 Fix a memory leak reported in CIFuzz Direct leak of 4 byte(s) in 1 object(s) allocated from: #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3 #1 0x57af0d in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12 #2 0x57af0d in CRYPTO_realloc /src/openssl/crypto/mem.c:207:16 #3 0x569d17 in BUF_MEM_grow /src/openssl/crypto/buffer/buffer.c:97:15 #4 0x5c3629 in str_copy /src/openssl/crypto/conf/conf_def.c:642:10 #5 0x5c1cc1 in def_load_bio /src/openssl/crypto/conf/conf_def.c:452:22 #6 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12 #7 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5 #8 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12 #9 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp #10 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6 #11 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp #12 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16813) ----------------------------------------------------------------------- Summary of changes: crypto/conf/conf_api.c | 7 +++++-- crypto/conf/conf_def.c | 2 ++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index e4e305c714..7a4efe6dbb 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -135,7 +135,11 @@ IMPLEMENT_LHASH_DOALL_ARG_CONST(CONF_VALUE, LH_CONF_VALUE); void _CONF_free_data(CONF *conf) { - if (conf == NULL || conf->data == NULL) + if (conf == NULL) + return; + + OPENSSL_free(conf->includedir); + if (conf->data == NULL) return; /* evil thing to make sure the 'OPENSSL_free()' works as expected */ @@ -147,7 +151,6 @@ void _CONF_free_data(CONF *conf) * with */ - OPENSSL_free(conf->includedir); lh_CONF_VALUE_doall(conf->data, value_free_stack_doall); lh_CONF_VALUE_free(conf->data); } diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 7b67854c8b..c05c3c6b10 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -424,6 +424,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) if (!parsebool(pval, &conf->flag_abspath)) goto err; } else if (strcmp(p, "includedir") == 0) { + OPENSSL_free(conf->includedir); if ((conf->includedir = OPENSSL_strdup(pval)) == NULL) { ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); goto err; @@ -474,6 +475,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) if (conf->flag_abspath && !ossl_is_absolute_path(include_path)) { ERR_raise(ERR_LIB_CONF, CONF_R_RELATIVE_PATH); + OPENSSL_free(include_path); goto err; } From bernd.edlinger at hotmail.de Thu Oct 14 12:58:29 2021 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 14 Oct 2021 12:58:29 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1634216309.528097.21454.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 7c8826032a5fedcaef9bc4a5e37eebad27599e08 (commit) from 1ca2bd42afc584c6eb9d909852d666ae634e638b (commit) - Log ----------------------------------------------------------------- commit 7c8826032a5fedcaef9bc4a5e37eebad27599e08 Author: Bernd Edlinger Date: Tue Oct 12 19:38:14 2021 +0200 Fix a memory leak reported in CIFuzz Direct leak of 4 byte(s) in 1 object(s) allocated from: #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3 #1 0x57af0d in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12 #2 0x57af0d in CRYPTO_realloc /src/openssl/crypto/mem.c:207:16 #3 0x569d17 in BUF_MEM_grow /src/openssl/crypto/buffer/buffer.c:97:15 #4 0x5c3629 in str_copy /src/openssl/crypto/conf/conf_def.c:642:10 #5 0x5c1cc1 in def_load_bio /src/openssl/crypto/conf/conf_def.c:452:22 #6 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12 #7 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5 #8 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12 #9 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp #10 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6 #11 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp #12 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16813) (cherry picked from commit 74b485848a608383d8d37c04480821ea7b613110) ----------------------------------------------------------------------- Summary of changes: crypto/conf/conf_def.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 7b67854c8b..1832cf535f 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -474,6 +474,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) if (conf->flag_abspath && !ossl_is_absolute_path(include_path)) { ERR_raise(ERR_LIB_CONF, CONF_R_RELATIVE_PATH); + OPENSSL_free(include_path); goto err; } From bernd.edlinger at hotmail.de Thu Oct 14 12:58:45 2021 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 14 Oct 2021 12:58:45 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1634216325.633700.22721.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 09fc3420b5eb2efe90c01e03715e00b361b9e6ab (commit) from 7c8826032a5fedcaef9bc4a5e37eebad27599e08 (commit) - Log ----------------------------------------------------------------- commit 09fc3420b5eb2efe90c01e03715e00b361b9e6ab Author: Bernd Edlinger Date: Wed Oct 13 06:37:46 2021 +0200 Fix another memory leak reported in CIFuzz Direct leak of 2 byte(s) in 1 object(s) allocated from: #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3 #1 0x57acd9 in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12 #2 0x57e106 in CRYPTO_strdup /src/openssl/crypto/o_str.c:24:11 #3 0x5c139f in def_load_bio /src/openssl/crypto/conf/conf_def.c:427:45 #4 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12 #5 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5 #6 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12 #7 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp #8 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6 #9 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp #10 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10 #11 0x7f15336bf0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2) Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16813) (cherry picked from commit 19b30f1c596a8df2a522f9d6dfc1c1782790fc78) ----------------------------------------------------------------------- Summary of changes: crypto/conf/conf_api.c | 7 +++++-- crypto/conf/conf_def.c | 1 + 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index e4e305c714..7a4efe6dbb 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -135,7 +135,11 @@ IMPLEMENT_LHASH_DOALL_ARG_CONST(CONF_VALUE, LH_CONF_VALUE); void _CONF_free_data(CONF *conf) { - if (conf == NULL || conf->data == NULL) + if (conf == NULL) + return; + + OPENSSL_free(conf->includedir); + if (conf->data == NULL) return; /* evil thing to make sure the 'OPENSSL_free()' works as expected */ @@ -147,7 +151,6 @@ void _CONF_free_data(CONF *conf) * with */ - OPENSSL_free(conf->includedir); lh_CONF_VALUE_doall(conf->data, value_free_stack_doall); lh_CONF_VALUE_free(conf->data); } diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 1832cf535f..c05c3c6b10 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -424,6 +424,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) if (!parsebool(pval, &conf->flag_abspath)) goto err; } else if (strcmp(p, "includedir") == 0) { + OPENSSL_free(conf->includedir); if ((conf->includedir = OPENSSL_strdup(pval)) == NULL) { ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); goto err; From levitte at openssl.org Thu Oct 14 17:03:35 2021 From: levitte at openssl.org (Richard Levitte) Date: Thu, 14 Oct 2021 17:03:35 +0000 Subject: [openssl] master update Message-ID: <1634231015.022235.30184.nullmailer@dev.openssl.org> The branch master has been updated via 73970cb91fdf8e7b4b434d479b875a47a0aa0dbc (commit) from 19b30f1c596a8df2a522f9d6dfc1c1782790fc78 (commit) - Log ----------------------------------------------------------------- commit 73970cb91fdf8e7b4b434d479b875a47a0aa0dbc Author: Richard Levitte Date: Thu Oct 14 18:49:11 2021 +0200 Fix test/recipes/01-test_symbol_presence.t to disregard version info The output of 'nm -DPg' contains version info attached to the symbols, which makes the test fail. Simply dropping the version info makes the test work again. Fixes #16810 (followup) Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/16840) ----------------------------------------------------------------------- Summary of changes: test/recipes/01-test_symbol_presence.t | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index 12ad278e27..5be59bb7e1 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -69,7 +69,17 @@ foreach my $libname (@libnames) { note "Number of lines in \@def_lines before massaging: ", scalar @def_lines; # Massage the nm output to only contain defined symbols - @nm_lines = sort map { s| .*||; $_ } grep(m|.* [BCDST] .*|, @nm_lines); + @nm_lines = + sort + map { + # Drop the first space and everything following it + s| .*||; + # Drop OpenSSL dynamic version information if there is any + s|\@\@OPENSSL_[0-9._]+[a-z]?$||; + # Return the result + $_ + } + grep(m|.* [BCDST] .*|, @nm_lines); # Massage the mkdef.pl output to only contain global symbols # The output we got is in Unix .map format, which has a global From levitte at openssl.org Thu Oct 14 17:04:46 2021 From: levitte at openssl.org (Richard Levitte) Date: Thu, 14 Oct 2021 17:04:46 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1634231086.578939.32423.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 4c60a96e1ed4c6f2c23c1e0eab006224e959e06c (commit) from 09fc3420b5eb2efe90c01e03715e00b361b9e6ab (commit) - Log ----------------------------------------------------------------- commit 4c60a96e1ed4c6f2c23c1e0eab006224e959e06c Author: Richard Levitte Date: Thu Oct 14 18:49:11 2021 +0200 Fix test/recipes/01-test_symbol_presence.t to disregard version info The output of 'nm -DPg' contains version info attached to the symbols, which makes the test fail. Simply dropping the version info makes the test work again. Fixes #16810 (followup) Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/16840) (cherry picked from commit 73970cb91fdf8e7b4b434d479b875a47a0aa0dbc) ----------------------------------------------------------------------- Summary of changes: test/recipes/01-test_symbol_presence.t | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index 12ad278e27..5be59bb7e1 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -69,7 +69,17 @@ foreach my $libname (@libnames) { note "Number of lines in \@def_lines before massaging: ", scalar @def_lines; # Massage the nm output to only contain defined symbols - @nm_lines = sort map { s| .*||; $_ } grep(m|.* [BCDST] .*|, @nm_lines); + @nm_lines = + sort + map { + # Drop the first space and everything following it + s| .*||; + # Drop OpenSSL dynamic version information if there is any + s|\@\@OPENSSL_[0-9._]+[a-z]?$||; + # Return the result + $_ + } + grep(m|.* [BCDST] .*|, @nm_lines); # Massage the mkdef.pl output to only contain global symbols # The output we got is in Unix .map format, which has a global From levitte at openssl.org Thu Oct 14 17:05:02 2021 From: levitte at openssl.org (Richard Levitte) Date: Thu, 14 Oct 2021 17:05:02 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1634231102.885764.1177.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via bf07844312caf4ac251f5303993230c254e7c771 (commit) from 6b0f7a67f71e03b90b654ed20786acca54d20fae (commit) - Log ----------------------------------------------------------------- commit bf07844312caf4ac251f5303993230c254e7c771 Author: Richard Levitte Date: Thu Oct 14 18:49:11 2021 +0200 Fix test/recipes/01-test_symbol_presence.t to disregard version info The output of 'nm -DPg' contains version info attached to the symbols, which makes the test fail. Simply dropping the version info makes the test work again. Fixes #16810 (followup) Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/16840) (cherry picked from commit 73970cb91fdf8e7b4b434d479b875a47a0aa0dbc) ----------------------------------------------------------------------- Summary of changes: test/recipes/01-test_symbol_presence.t | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index 39ed4d447b..e75d2c3e72 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -57,7 +57,17 @@ foreach my $libname (@libnames) { note "Number of lines in \@def_lines before massaging: ", scalar @def_lines; # Massage the nm output to only contain defined symbols - @nm_lines = sort map { s| .*||; $_ } grep(m|.* [BCDST] .*|, @nm_lines); + @nm_lines = + sort + map { + # Drop the first space and everything following it + s| .*||; + # Drop OpenSSL dynamic version information if there is any + s|\@\@OPENSSL_[0-9._]+[a-z]?$||; + # Return the result + $_ + } + grep(m|.* [BCDST] .*|, @nm_lines); # Massage the mkdef.pl output to only contain global symbols # The output we got is in Unix .map format, which has a global From tomas at openssl.org Fri Oct 15 06:55:14 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Fri, 15 Oct 2021 06:55:14 +0000 Subject: [openssl] master update Message-ID: <1634280914.167355.31570.nullmailer@dev.openssl.org> The branch master has been updated via 34563be5368fb8e6ade7d06d8376522ba83cd6ac (commit) from 73970cb91fdf8e7b4b434d479b875a47a0aa0dbc (commit) - Log ----------------------------------------------------------------- commit 34563be5368fb8e6ade7d06d8376522ba83cd6ac Author: Peiwei Hu Date: Tue Oct 12 10:50:12 2021 +0800 test/ssl_old_test.c: Fix potential leak Reviewed-by: Kurt Roeckx Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16806) ----------------------------------------------------------------------- Summary of changes: test/ssl_old_test.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/test/ssl_old_test.c b/test/ssl_old_test.c index 60a275a014..3ccc8e06e4 100644 --- a/test/ssl_old_test.c +++ b/test/ssl_old_test.c @@ -829,12 +829,14 @@ static SSL_SESSION *read_session(const char *filename) static int write_session(const char *filename, SSL_SESSION *sess) { - BIO *f = BIO_new_file(filename, "w"); + BIO *f; if (sess == NULL) { BIO_printf(bio_err, "No session information\n"); return 0; } + + f = BIO_new_file(filename, "w"); if (f == NULL) { BIO_printf(bio_err, "Can't open session file %s\n", filename); ERR_print_errors(bio_err); From tomas at openssl.org Fri Oct 15 06:56:52 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Fri, 15 Oct 2021 06:56:52 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1634281012.054086.649.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via f9c48239879a870b9d43ccd05f659f6355831139 (commit) from 4c60a96e1ed4c6f2c23c1e0eab006224e959e06c (commit) - Log ----------------------------------------------------------------- commit f9c48239879a870b9d43ccd05f659f6355831139 Author: Peiwei Hu Date: Tue Oct 12 10:50:12 2021 +0800 test/ssl_old_test.c: Fix potential leak Reviewed-by: Kurt Roeckx Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16806) (cherry picked from commit 34563be5368fb8e6ade7d06d8376522ba83cd6ac) ----------------------------------------------------------------------- Summary of changes: test/ssl_old_test.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/test/ssl_old_test.c b/test/ssl_old_test.c index 60a275a014..3ccc8e06e4 100644 --- a/test/ssl_old_test.c +++ b/test/ssl_old_test.c @@ -829,12 +829,14 @@ static SSL_SESSION *read_session(const char *filename) static int write_session(const char *filename, SSL_SESSION *sess) { - BIO *f = BIO_new_file(filename, "w"); + BIO *f; if (sess == NULL) { BIO_printf(bio_err, "No session information\n"); return 0; } + + f = BIO_new_file(filename, "w"); if (f == NULL) { BIO_printf(bio_err, "Can't open session file %s\n", filename); ERR_print_errors(bio_err); From tomas at openssl.org Fri Oct 15 06:57:03 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Fri, 15 Oct 2021 06:57:03 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1634281023.245637.1741.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 2f8b8045e6b9a7780873c28c569a8a6388e11306 (commit) from bf07844312caf4ac251f5303993230c254e7c771 (commit) - Log ----------------------------------------------------------------- commit 2f8b8045e6b9a7780873c28c569a8a6388e11306 Author: Peiwei Hu Date: Tue Oct 12 10:50:12 2021 +0800 test/ssl_old_test.c: Fix potential leak Reviewed-by: Kurt Roeckx Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16806) (cherry picked from commit 34563be5368fb8e6ade7d06d8376522ba83cd6ac) ----------------------------------------------------------------------- Summary of changes: test/ssltest_old.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/test/ssltest_old.c b/test/ssltest_old.c index cc98e4f866..b6e21e4e18 100644 --- a/test/ssltest_old.c +++ b/test/ssltest_old.c @@ -841,12 +841,14 @@ static SSL_SESSION *read_session(const char *filename) static int write_session(const char *filename, SSL_SESSION *sess) { - BIO *f = BIO_new_file(filename, "w"); + BIO *f; if (sess == NULL) { BIO_printf(bio_err, "No session information\n"); return 0; } + + f = BIO_new_file(filename, "w"); if (f == NULL) { BIO_printf(bio_err, "Can't open session file %s\n", filename); ERR_print_errors(bio_err); From tomas at openssl.org Fri Oct 15 12:37:35 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Fri, 15 Oct 2021 12:37:35 +0000 Subject: [openssl] master update Message-ID: <1634301455.265877.16547.nullmailer@dev.openssl.org> The branch master has been updated via d5d95daba59adc41ab60ea86acd513f255fca3c0 (commit) from 34563be5368fb8e6ade7d06d8376522ba83cd6ac (commit) - Log ----------------------------------------------------------------- commit d5d95daba59adc41ab60ea86acd513f255fca3c0 Author: Tomas Mraz Date: Thu Oct 14 11:02:36 2021 +0200 Raise error when invalid digest used with SM2 Otherwise commands like openssl req -newkey sm2 fail silently without reporting any error unless -sm3 option is added. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/16833) ----------------------------------------------------------------------- Summary of changes: providers/implementations/signature/sm2_sig.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/providers/implementations/signature/sm2_sig.c b/providers/implementations/signature/sm2_sig.c index 719e7a2eb2..10a9496904 100644 --- a/providers/implementations/signature/sm2_sig.c +++ b/providers/implementations/signature/sm2_sig.c @@ -94,9 +94,13 @@ static int sm2sig_set_mdname(PROV_SM2_CTX *psm2ctx, const char *mdname) if (psm2ctx->md == NULL) /* We need an SM3 md to compare with */ psm2ctx->md = EVP_MD_fetch(psm2ctx->libctx, psm2ctx->mdname, psm2ctx->propq); - if (psm2ctx->md == NULL - || strlen(mdname) >= sizeof(psm2ctx->mdname) + if (psm2ctx->md == NULL) + return 0; + + if (strlen(mdname) >= sizeof(psm2ctx->mdname) || !EVP_MD_is_a(psm2ctx->md, mdname)) { + ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, "digest=%s", + mdname); return 0; } From tomas at openssl.org Fri Oct 15 12:38:08 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Fri, 15 Oct 2021 12:38:08 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1634301488.300685.17816.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 31287743c07cef63a2bc9b31a393a7e3b2527f88 (commit) from f9c48239879a870b9d43ccd05f659f6355831139 (commit) - Log ----------------------------------------------------------------- commit 31287743c07cef63a2bc9b31a393a7e3b2527f88 Author: Tomas Mraz Date: Thu Oct 14 11:02:36 2021 +0200 Raise error when invalid digest used with SM2 Otherwise commands like openssl req -newkey sm2 fail silently without reporting any error unless -sm3 option is added. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/16833) (cherry picked from commit d5d95daba59adc41ab60ea86acd513f255fca3c0) ----------------------------------------------------------------------- Summary of changes: providers/implementations/signature/sm2_sig.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/providers/implementations/signature/sm2_sig.c b/providers/implementations/signature/sm2_sig.c index 719e7a2eb2..10a9496904 100644 --- a/providers/implementations/signature/sm2_sig.c +++ b/providers/implementations/signature/sm2_sig.c @@ -94,9 +94,13 @@ static int sm2sig_set_mdname(PROV_SM2_CTX *psm2ctx, const char *mdname) if (psm2ctx->md == NULL) /* We need an SM3 md to compare with */ psm2ctx->md = EVP_MD_fetch(psm2ctx->libctx, psm2ctx->mdname, psm2ctx->propq); - if (psm2ctx->md == NULL - || strlen(mdname) >= sizeof(psm2ctx->mdname) + if (psm2ctx->md == NULL) + return 0; + + if (strlen(mdname) >= sizeof(psm2ctx->mdname) || !EVP_MD_is_a(psm2ctx->md, mdname)) { + ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, "digest=%s", + mdname); return 0; } From levitte at openssl.org Mon Oct 18 05:57:12 2021 From: levitte at openssl.org (Richard Levitte) Date: Mon, 18 Oct 2021 05:57:12 +0000 Subject: [openssl] master update Message-ID: <1634536632.701082.19647.nullmailer@dev.openssl.org> The branch master has been updated via fb0f65fff831d9294e34b6ef6f579c157db54b04 (commit) from d5d95daba59adc41ab60ea86acd513f255fca3c0 (commit) - Log ----------------------------------------------------------------- commit fb0f65fff831d9294e34b6ef6f579c157db54b04 Author: Richard Levitte Date: Sat Oct 16 10:22:42 2021 +0200 Fix lock leak in evp_keymgmt_util_export_to_provider() Fixes #16847 Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/16849) ----------------------------------------------------------------------- Summary of changes: crypto/evp/keymgmt_lib.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c index 32e4fbcbaa..875c9a83de 100644 --- a/crypto/evp/keymgmt_lib.c +++ b/crypto/evp/keymgmt_lib.c @@ -197,6 +197,7 @@ void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt) /* Add the new export to the operation cache */ if (!evp_keymgmt_util_cache_keydata(pk, keymgmt, import_data.keydata)) { + CRYPTO_THREAD_unlock(pk->lock); evp_keymgmt_freedata(keymgmt, import_data.keydata); return NULL; } From levitte at openssl.org Mon Oct 18 05:58:21 2021 From: levitte at openssl.org (Richard Levitte) Date: Mon, 18 Oct 2021 05:58:21 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1634536701.758355.21246.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 26d2016d5b81d78de90f075d630d38fe2badb84f (commit) from 31287743c07cef63a2bc9b31a393a7e3b2527f88 (commit) - Log ----------------------------------------------------------------- commit 26d2016d5b81d78de90f075d630d38fe2badb84f Author: Richard Levitte Date: Sat Oct 16 10:22:42 2021 +0200 Fix lock leak in evp_keymgmt_util_export_to_provider() Fixes #16847 Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/16849) (cherry picked from commit fb0f65fff831d9294e34b6ef6f579c157db54b04) ----------------------------------------------------------------------- Summary of changes: crypto/evp/keymgmt_lib.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c index 32e4fbcbaa..875c9a83de 100644 --- a/crypto/evp/keymgmt_lib.c +++ b/crypto/evp/keymgmt_lib.c @@ -197,6 +197,7 @@ void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt) /* Add the new export to the operation cache */ if (!evp_keymgmt_util_cache_keydata(pk, keymgmt, import_data.keydata)) { + CRYPTO_THREAD_unlock(pk->lock); evp_keymgmt_freedata(keymgmt, import_data.keydata); return NULL; } From tomas at openssl.org Mon Oct 18 07:42:10 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Mon, 18 Oct 2021 07:42:10 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1634542930.499253.22275.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 2f98fd4b04bcb25fd7134c39ea4930c57615d4ea (commit) from 26d2016d5b81d78de90f075d630d38fe2badb84f (commit) - Log ----------------------------------------------------------------- commit 2f98fd4b04bcb25fd7134c39ea4930c57615d4ea Author: Matt Caswell Date: Thu Oct 14 17:04:16 2021 +0100 Fix the signature newctx documentation The documentation omitted the propq parameter Fixes #16755 Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16836) (cherry picked from commit 5fdc95e443b4d62a3d1f7094ae6d6ae4682b77e0) ----------------------------------------------------------------------- Summary of changes: doc/man7/provider-signature.pod | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/doc/man7/provider-signature.pod b/doc/man7/provider-signature.pod index a299d43cc5..9d4df86fd6 100644 --- a/doc/man7/provider-signature.pod +++ b/doc/man7/provider-signature.pod @@ -18,7 +18,7 @@ provider-signature - The signature library E-E provider functions */ /* Context management */ - void *OSSL_FUNC_signature_newctx(void *provctx); + void *OSSL_FUNC_signature_newctx(void *provctx, const char *propq); void OSSL_FUNC_signature_freectx(void *ctx); void *OSSL_FUNC_signature_dupctx(void *ctx); @@ -104,7 +104,7 @@ function pointer from an B element named B. For example, the "function" OSSL_FUNC_signature_newctx() has these: - typedef void *(OSSL_FUNC_signature_newctx_fn)(void *provctx); + typedef void *(OSSL_FUNC_signature_newctx_fn)(void *provctx, const char *propq); static ossl_inline OSSL_FUNC_signature_newctx_fn OSSL_FUNC_signature_newctx(const OSSL_DISPATCH *opf); @@ -183,7 +183,9 @@ structure for holding context information during a signature operation. A pointer to this context will be passed back in a number of the other signature operation function calls. The parameter I is the provider context generated during provider -initialisation (see L). +initialisation (see L). The I parameter is a property query +string that may be (optionally) used by the provider during any "fetches" that +it may perform (if it performs any). OSSL_FUNC_signature_freectx() is passed a pointer to the provider side signature context in the I parameter. From tomas at openssl.org Mon Oct 18 07:41:57 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Mon, 18 Oct 2021 07:41:57 +0000 Subject: [openssl] master update Message-ID: <1634542917.217370.20997.nullmailer@dev.openssl.org> The branch master has been updated via 5fdc95e443b4d62a3d1f7094ae6d6ae4682b77e0 (commit) from fb0f65fff831d9294e34b6ef6f579c157db54b04 (commit) - Log ----------------------------------------------------------------- commit 5fdc95e443b4d62a3d1f7094ae6d6ae4682b77e0 Author: Matt Caswell Date: Thu Oct 14 17:04:16 2021 +0100 Fix the signature newctx documentation The documentation omitted the propq parameter Fixes #16755 Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16836) ----------------------------------------------------------------------- Summary of changes: doc/man7/provider-signature.pod | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/doc/man7/provider-signature.pod b/doc/man7/provider-signature.pod index a299d43cc5..9d4df86fd6 100644 --- a/doc/man7/provider-signature.pod +++ b/doc/man7/provider-signature.pod @@ -18,7 +18,7 @@ provider-signature - The signature library E-E provider functions */ /* Context management */ - void *OSSL_FUNC_signature_newctx(void *provctx); + void *OSSL_FUNC_signature_newctx(void *provctx, const char *propq); void OSSL_FUNC_signature_freectx(void *ctx); void *OSSL_FUNC_signature_dupctx(void *ctx); @@ -104,7 +104,7 @@ function pointer from an B element named B. For example, the "function" OSSL_FUNC_signature_newctx() has these: - typedef void *(OSSL_FUNC_signature_newctx_fn)(void *provctx); + typedef void *(OSSL_FUNC_signature_newctx_fn)(void *provctx, const char *propq); static ossl_inline OSSL_FUNC_signature_newctx_fn OSSL_FUNC_signature_newctx(const OSSL_DISPATCH *opf); @@ -183,7 +183,9 @@ structure for holding context information during a signature operation. A pointer to this context will be passed back in a number of the other signature operation function calls. The parameter I is the provider context generated during provider -initialisation (see L). +initialisation (see L). The I parameter is a property query +string that may be (optionally) used by the provider during any "fetches" that +it may perform (if it performs any). OSSL_FUNC_signature_freectx() is passed a pointer to the provider side signature context in the I parameter. From matt at openssl.org Mon Oct 18 09:50:21 2021 From: matt at openssl.org (Matt Caswell) Date: Mon, 18 Oct 2021 09:50:21 +0000 Subject: [web] master update Message-ID: <1634550621.930309.11564.nullmailer@dev.openssl.org> The branch master has been updated via 03e84f49907d92dda63a9360090781fc8ed96910 (commit) from 95646d33a713dd67de6aef668fb717aca07fa11a (commit) - Log ----------------------------------------------------------------- commit 03e84f49907d92dda63a9360090781fc8ed96910 Author: Matt Caswell Date: Wed Oct 13 11:24:10 2021 +0100 Update the platform policy as per OMC decision Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/web/pull/266) ----------------------------------------------------------------------- Summary of changes: policies/platformpolicy.html | 247 +++++++++++++++++++++++++++++++++++-------- 1 file changed, 202 insertions(+), 45 deletions(-) diff --git a/policies/platformpolicy.html b/policies/platformpolicy.html index 24b4829..cdf2db4 100644 --- a/policies/platformpolicy.html +++ b/policies/platformpolicy.html @@ -7,59 +7,216 @@
-
-
-
-

Platform Policy

-
+
+
+
+

Platform Policy

+
+
+

Platforms are classified as "primary", "secondary", "community" + and "unadopted". Support for a new platform should only be + added if it is being adopted as a primary, secondary or + community platform.

+
+
Primary
+
+ Definition: A platform that is regularly tested + through project CI on a project owned and managed system +

-
+ New Pull Requests (PRs) should not be merged unless the + primary platforms are showing as "green" in CI. If the CI + breaks for a branch (such as for a stable version or master) + then it should be fixed as a priority.

+
+
Secondary
+
+ Definition: A platform that is regularly tested + through project CI on a system that is not owned or managed by + the project. At least one project committer must have access + to the system and be able and willing to support it.

-

NOTE: Work In Progress

+ New Pull Requests (PRs) should avoid introducing new breaks to + CI in secondary platforms where possible but may still be + merged where a resolution is not easily achievable without + access to the platform. If the CI for a branch (such as for a + stable version or master) on a secondary platform breaks, then + a resolution should be sought as soon as is practically + possible and before a release is made from the branch.

+
+
Community
+
+ Definition: Platforms that one or more members of the + OpenSSL community have volunteered to support. May or may not + be in project CI. Members of the community providing support + do not have to be committers.

-

Each platform is classified as:

-
-
Primary
-
- Target(s) on which the majority of OpenSSL - development occurs
+ Where a community platform is in project CI then new Pull + Requests (PRs) should avoid introducing new breaks to CI on + such platforms where possible but may still be merged where a + resolution is not easily achievable without access to the + platform. If the CI for a branch (such as for a + stable version or master) on a community platform breaks, then + an attempt should be made to contact the community maintainer + to request a fix. In the event that a community platform is + broken in CI for a protacted period then it may be dropped + from CI.
- The current primary development platform is - Linux. -
-
Secondary
-
- Targets which at least one team member actively supports, or the - platform is covered by CI and at least one team member has access to - the platform.
+ If defects are raised that are specific to a community + platform then the community maintainer may be contacted to + help find a resolution. If a community maintainer is + unresponsive, or unable to provide fixes then the platform may + be moved to "unadopted".

+
+
Unadopted
+
+ Definition: Platforms that no one has volunteered to + support.

+ Support may still be provided for such platforms where + possible without access to the platform itself. Platform + specific issues may be left unresolved where it is not + feasible to find a suitable fix. Support for such platforms + may be removed entirely from the OpenSSL code base in future + releases. +
+
+

+ The current primary platforms are: - The current secondary development platforms - are: FreeBSD, Windows (Visual Studio, MinGW), MacOS - X and VMS -

-
Community
-
Targets that one or more members of the OpenSSL - community supports
-
Unknown
-
Targets that the team doesn't know the status of
-
Deprecated
-
Targets that the team plans to remove from the OpenSSL - code base
-
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Target  O/S  Architecture  Toolchain
linux-x86_64  Ubuntu Server 20.04.3  x86_64  gcc 9.3.0
BSD-x86_64  FreeBSD 13.0  x86_64  ??
VC-WIN64A  Windows 10  x86_64  Visual Studio 2019 Community Edition
mingw64  Windows 10  x86_64  MinGW (64 bit) and MSYS2
darwin64-x86_64  Mac OS Big Sur (11)  x86_64  clang 12.?
darwin64-arm64  Mac OS Big Sur (11)  AArch64 (M1)  clang 12.?
+

+

+ The current secondary platforms are: -

- -
-
- + + + + + + + + + + + + + + + + + + + + + + + +
Target  O/S  Architecture  Toolchain  Nominated Committer(s)
??  ??  ??  ??  ??
+

+

+ The current community platforms are: + + + + + + + + + + + + + + + + + + + + + + + + +
Target  O/S  Architecture  Toolchain  Nominated Community Member(s)
??  OpenVMS 9.1  Itanium  ??  @levitte
+

+
+ + +
+
- From tomas at openssl.org Tue Oct 19 10:16:30 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Tue, 19 Oct 2021 10:16:30 +0000 Subject: [openssl] master update Message-ID: <1634638591.000446.10408.nullmailer@dev.openssl.org> The branch master has been updated via a98b26588b683eb024ab81f3bb3549c43acd5188 (commit) from 5fdc95e443b4d62a3d1f7094ae6d6ae4682b77e0 (commit) - Log ----------------------------------------------------------------- commit a98b26588b683eb024ab81f3bb3549c43acd5188 Author: jwalch Date: Fri Oct 15 19:03:17 2021 -0400 Avoid NULL+X UB in bss_mem.c Fixes #16816 Reviewed-by: Matt Caswell Reviewed-by: Bernd Edlinger Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16818) ----------------------------------------------------------------------- Summary of changes: crypto/bio/bss_mem.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c index 7e501762bb..9153c1f1cd 100644 --- a/crypto/bio/bss_mem.c +++ b/crypto/bio/bss_mem.c @@ -254,7 +254,7 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) bm = bbm->readp; bo = bbm->buf; } - off = bm->data - bo->data; + off = (bm->data == bo->data) ? 0 : bm->data - bo->data; remain = bm->length; switch (cmd) { @@ -277,7 +277,7 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) if (num < 0 || num > off + remain) return -1; /* Can't see outside of the current buffer */ - bm->data = bo->data + num; + bm->data = (num != 0) ? bo->data + num : bo->data; bm->length = bo->length - num; bm->max = bo->max - num; off = num; From tomas at openssl.org Tue Oct 19 10:16:40 2021 From: tomas at openssl.org (tomas at openssl.org) Date: Tue, 19 Oct 2021 10:16:40 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1634638600.919581.11359.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 0c34ce7c99d6113dec7652bceafe6d7744edf2cf (commit) from 2f98fd4b04bcb25fd7134c39ea4930c57615d4ea (commit) - Log ----------------------------------------------------------------- commit 0c34ce7c99d6113dec7652bceafe6d7744edf2cf Author: jwalch Date: Fri Oct 15 19:03:17 2021 -0400 Avoid NULL+X UB in bss_mem.c Fixes #16816 Reviewed-by: Matt Caswell Reviewed-by: Bernd Edlinger Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16818) (cherry picked from commit a98b26588b683eb024ab81f3bb3549c43acd5188) ----------------------------------------------------------------------- Summary of changes: crypto/bio/bss_mem.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c index 7e501762bb..9153c1f1cd 100644 --- a/crypto/bio/bss_mem.c +++ b/crypto/bio/bss_mem.c @@ -254,7 +254,7 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) bm = bbm->readp; bo = bbm->buf; } - off = bm->data - bo->data; + off = (bm->data == bo->data) ? 0 : bm->data - bo->data; remain = bm->length; switch (cmd) { @@ -277,7 +277,7 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) if (num < 0 || num > off + remain) return -1; /* Can't see outside of the current buffer */ - bm->data = bo->data + num; + bm->data = (num != 0) ? bo->data + num : bo->data; bm->length = bo->length - num; bm->max = bo->max - num; off = num; From matt at openssl.org Tue Oct 19 15:33:42 2021 From: matt at openssl.org (Matt Caswell) Date: Tue, 19 Oct 2021 15:33:42 +0000 Subject: [openssl] master update Message-ID: <1634657622.339050.12300.nullmailer@dev.openssl.org> The branch master has been updated via 0299094c52ddb66f9a22cfff4e7d70c139112832 (commit) via 86c15ba87488f88e6191f098ff154f79ce91847b (commit) via f7d6868d0d48fedd5d9daad0c3e0cbcaef423ff3 (commit) via a0cbc2d222743fc4ffd276b97bd5f8aeacf01122 (commit) from a98b26588b683eb024ab81f3bb3549c43acd5188 (commit) - Log ----------------------------------------------------------------- commit 0299094c52ddb66f9a22cfff4e7d70c139112832 Author: Matt Caswell Date: Fri Oct 15 16:30:45 2021 +0100 Add tests for ENGINE problems Add some tests which would have caught the issues fixed in the previous 3 commits related to engine handling. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16846) commit 86c15ba87488f88e6191f098ff154f79ce91847b Author: Matt Caswell Date: Fri Oct 15 16:28:53 2021 +0100 Update provider_util.c to correctly handle ENGINE references provider_util.c failed to free ENGINE references when clearing a cipher or a digest. Additionally ciphers and digests were not copied correctly, which would lead to double-frees if it were not for the previously mentioned leaks. Fixes #16845 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16846) commit f7d6868d0d48fedd5d9daad0c3e0cbcaef423ff3 Author: Matt Caswell Date: Fri Oct 15 16:23:31 2021 +0100 Ensure pkey_set_type handles ENGINE references correctly pkey_set_type should not consume the ENGINE references that may be passed to it. Fixes #16757 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16846) commit a0cbc2d222743fc4ffd276b97bd5f8aeacf01122 Author: Matt Caswell Date: Fri Oct 15 16:06:28 2021 +0100 Make sure EVP_CIPHER_CTX_copy works with the dasync engine Ciphers in the daysnc engine were failing to copy their context properly in the event of EVP_CIPHER_CTX_copy() because they did not define the flag EVP_CIPH_CUSTOM_FLAG Fixes #16844 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16846) ----------------------------------------------------------------------- Summary of changes: crypto/evp/p_lib.c | 8 ++- engines/e_dasync.c | 25 +++++-- providers/common/provider_util.c | 31 +++++++- test/evp_extra_test.c | 148 +++++++++++++++++++++++++++++++++++++++ 4 files changed, 205 insertions(+), 7 deletions(-) diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 61cfe1efb9..aabd92d555 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1554,7 +1554,6 @@ static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, */ if (keymgmt == NULL) pkey->ameth = ameth; - pkey->engine = e; /* * The EVP_PKEY_ASN1_METHOD |pkey_id| retains its legacy key purpose @@ -1570,6 +1569,13 @@ static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, } else { pkey->type = EVP_PKEY_KEYMGMT; } +# ifndef OPENSSL_NO_ENGINE + if (eptr == NULL && e != NULL && !ENGINE_init(e)) { + ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); + return 0; + } +# endif + pkey->engine = e; #endif } return 1; diff --git a/engines/e_dasync.c b/engines/e_dasync.c index b775d59a2c..5a303a9f85 100644 --- a/engines/e_dasync.c +++ b/engines/e_dasync.c @@ -268,7 +268,8 @@ static int bind_dasync(ENGINE *e) || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE - | EVP_CIPH_FLAG_PIPELINE) + | EVP_CIPH_FLAG_PIPELINE + | EVP_CIPH_CUSTOM_COPY) || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, dasync_aes128_init_key) || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, @@ -293,7 +294,8 @@ static int bind_dasync(ENGINE *e) EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_FLAG_AEAD_CIPHER - | EVP_CIPH_FLAG_PIPELINE) + | EVP_CIPH_FLAG_PIPELINE + | EVP_CIPH_CUSTOM_COPY) || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1, dasync_aes128_cbc_hmac_sha1_init_key) || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1, @@ -580,7 +582,8 @@ static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) /* Cipher helper functions */ static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg, - void *ptr, int aeadcapable) + void *ptr, int aeadcapable, + const EVP_CIPHER *ciph) { int ret; struct dasync_pipeline_ctx *pipe_ctx = @@ -590,6 +593,18 @@ static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg, return 0; switch (type) { + case EVP_CTRL_COPY: + { + size_t sz = EVP_CIPHER_impl_ctx_size(ciph); + void *inner_cipher_data = OPENSSL_malloc(sz); + + if (inner_cipher_data == NULL) + return -1; + memcpy(inner_cipher_data, pipe_ctx->inner_cipher_data, sz); + pipe_ctx->inner_cipher_data = inner_cipher_data; + } + break; + case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: pipe_ctx->numpipes = arg; pipe_ctx->outbufs = (unsigned char **)ptr; @@ -744,7 +759,7 @@ static int dasync_cipher_cleanup_helper(EVP_CIPHER_CTX *ctx, static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { - return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 0); + return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 0, EVP_aes_128_cbc()); } static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, @@ -772,7 +787,7 @@ static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx) static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { - return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 1); + return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 1, EVP_aes_128_cbc_hmac_sha1()); } static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, diff --git a/providers/common/provider_util.c b/providers/common/provider_util.c index fcfbab632d..58d4db3379 100644 --- a/providers/common/provider_util.c +++ b/providers/common/provider_util.c @@ -26,6 +26,9 @@ void ossl_prov_cipher_reset(PROV_CIPHER *pc) EVP_CIPHER_free(pc->alloc_cipher); pc->alloc_cipher = NULL; pc->cipher = NULL; +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + ENGINE_finish(pc->engine); +#endif pc->engine = NULL; } @@ -33,6 +36,12 @@ int ossl_prov_cipher_copy(PROV_CIPHER *dst, const PROV_CIPHER *src) { if (src->alloc_cipher != NULL && !EVP_CIPHER_up_ref(src->alloc_cipher)) return 0; +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + if (src->engine != NULL && !ENGINE_init(src->engine)) { + EVP_CIPHER_free(src->alloc_cipher); + return 0; + } +#endif dst->engine = src->engine; dst->cipher = src->cipher; dst->alloc_cipher = src->alloc_cipher; @@ -52,6 +61,9 @@ static int load_common(const OSSL_PARAM params[], const char **propquery, *propquery = p->data; } +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + ENGINE_finish(*engine); +#endif *engine = NULL; /* Inside the FIPS module, we don't support legacy ciphers */ #if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) @@ -59,10 +71,18 @@ static int load_common(const OSSL_PARAM params[], const char **propquery, if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) return 0; - ENGINE_finish(*engine); + /* Get a structural reference */ *engine = ENGINE_by_id(p->data); if (*engine == NULL) return 0; + /* Get a functional reference */ + if (!ENGINE_init(*engine)) { + ENGINE_free(*engine); + *engine = NULL; + return 0; + } + /* Free the structural reference */ + ENGINE_free(*engine); } #endif return 1; @@ -122,6 +142,9 @@ void ossl_prov_digest_reset(PROV_DIGEST *pd) EVP_MD_free(pd->alloc_md); pd->alloc_md = NULL; pd->md = NULL; +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + ENGINE_finish(pd->engine); +#endif pd->engine = NULL; } @@ -129,6 +152,12 @@ int ossl_prov_digest_copy(PROV_DIGEST *dst, const PROV_DIGEST *src) { if (src->alloc_md != NULL && !EVP_MD_up_ref(src->alloc_md)) return 0; +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + if (src->engine != NULL && !ENGINE_init(src->engine)) { + EVP_MD_free(src->alloc_md); + return 0; + } +#endif dst->engine = src->engine; dst->md = src->md; dst->alloc_md = src->alloc_md; diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 83f8902d24..baa93beb11 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -30,6 +30,7 @@ #include #include #include +#include #include "testutil.h" #include "internal/nelem.h" #include "internal/sizes.h" @@ -3854,6 +3855,141 @@ static int test_evp_md_cipher_meth(void) return testresult; } + +# ifndef OPENSSL_NO_DYNAMIC_ENGINE +/* Test we can create a signature keys with an associated ENGINE */ +static int test_signatures_with_engine(int tst) +{ + ENGINE *e; + const char *engine_id = "dasync"; + EVP_PKEY *pkey = NULL; + const unsigned char badcmackey[] = { 0x00, 0x01 }; + const unsigned char cmackey[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f + }; + const unsigned char ed25519key[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f + }; + const unsigned char msg[] = { 0x00, 0x01, 0x02, 0x03 }; + int testresult = 0; + EVP_MD_CTX *ctx = NULL; + unsigned char *mac = NULL; + size_t maclen = 0; + int ret; + + if (!TEST_ptr(e = ENGINE_by_id(engine_id))) + return 0; + + if (!TEST_true(ENGINE_init(e))) { + ENGINE_free(e); + return 0; + } + + switch (tst) { + case 0: + pkey = EVP_PKEY_new_CMAC_key(e, cmackey, sizeof(cmackey), + EVP_aes_128_cbc()); + break; + case 1: + pkey = EVP_PKEY_new_CMAC_key(e, badcmackey, sizeof(badcmackey), + EVP_aes_128_cbc()); + break; + case 2: + pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, e, ed25519key, + sizeof(ed25519key)); + break; + default: + TEST_error("Invalid test case"); + goto err; + } + if (!TEST_ptr(pkey)) + goto err; + + if (!TEST_ptr(ctx = EVP_MD_CTX_new())) + goto err; + + ret = EVP_DigestSignInit(ctx, NULL, tst == 2 ? NULL : EVP_sha256(), NULL, + pkey); + if (tst == 0) { + if (!TEST_true(ret)) + goto err; + + if (!TEST_true(EVP_DigestSignUpdate(ctx, msg, sizeof(msg))) + || !TEST_true(EVP_DigestSignFinal(ctx, NULL, &maclen))) + goto err; + + if (!TEST_ptr(mac = OPENSSL_malloc(maclen))) + goto err; + + if (!TEST_true(EVP_DigestSignFinal(ctx, mac, &maclen))) + goto err; + } else { + /* We used a bad key. We expect a failure here */ + if (!TEST_false(ret)) + goto err; + } + + testresult = 1; + err: + EVP_MD_CTX_free(ctx); + OPENSSL_free(mac); + EVP_PKEY_free(pkey); + ENGINE_finish(e); + ENGINE_free(e); + + return testresult; +} + +static int test_cipher_with_engine(void) +{ + ENGINE *e; + const char *engine_id = "dasync"; + const unsigned char keyiv[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f + }; + const unsigned char msg[] = { 0x00, 0x01, 0x02, 0x03 }; + int testresult = 0; + EVP_CIPHER_CTX *ctx = NULL, *ctx2 = NULL; + unsigned char buf[AES_BLOCK_SIZE]; + int len = 0; + + if (!TEST_ptr(e = ENGINE_by_id(engine_id))) + return 0; + + if (!TEST_true(ENGINE_init(e))) { + ENGINE_free(e); + return 0; + } + + if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()) + || !TEST_ptr(ctx2 = EVP_CIPHER_CTX_new())) + goto err; + + if (!TEST_true(EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), e, keyiv, keyiv))) + goto err; + + /* Copy the ctx, and complete the operation with the new ctx */ + if (!TEST_true(EVP_CIPHER_CTX_copy(ctx2, ctx))) + goto err; + + if (!TEST_true(EVP_EncryptUpdate(ctx2, buf, &len, msg, sizeof(msg))) + || !TEST_true(EVP_EncryptFinal_ex(ctx2, buf + len, &len))) + goto err; + + testresult = 1; + err: + EVP_CIPHER_CTX_free(ctx); + EVP_CIPHER_CTX_free(ctx2); + ENGINE_finish(e); + ENGINE_free(e); + + return testresult; +} +# endif /* OPENSSL_NO_DYNAMIC_ENGINE */ #endif /* OPENSSL_NO_DEPRECATED_3_0 */ typedef enum OPTION_choice { @@ -3980,6 +4116,18 @@ int setup_tests(void) #ifndef OPENSSL_NO_DEPRECATED_3_0 ADD_ALL_TESTS(test_custom_pmeth, 12); ADD_TEST(test_evp_md_cipher_meth); + +# ifndef OPENSSL_NO_DYNAMIC_ENGINE + /* Tests only support the default libctx */ + if (testctx == NULL) { +# ifndef OPENSSL_NO_EC + ADD_ALL_TESTS(test_signatures_with_engine, 3); +# else + ADD_ALL_TESTS(test_signatures_with_engine, 2); +# endif + ADD_TEST(test_cipher_with_engine); + } +# endif #endif return 1; From matt at openssl.org Tue Oct 19 15:33:53 2021 From: matt at openssl.org (Matt Caswell) Date: Tue, 19 Oct 2021 15:33:53 +0000 Subject: [openssl] openssl-3.0 update Message-ID: <1634657633.007526.13391.nullmailer@dev.openssl.org> The branch openssl-3.0 has been updated via 7199bbf88fe3f42e0ec8a7c2d7ca80b23f1de932 (commit) via 51100ac4b5bea7a9e9f57ede350d655243b526b1 (commit) via 3d292eeab27f69511453d3726e8c35532cfc159d (commit) via 1ba91d5fad6a8d1663b1d5b6bcc0dcc17f8202aa (commit) from 0c34ce7c99d6113dec7652bceafe6d7744edf2cf (commit) - Log ----------------------------------------------------------------- commit 7199bbf88fe3f42e0ec8a7c2d7ca80b23f1de932 Author: Matt Caswell Date: Fri Oct 15 16:30:45 2021 +0100 Add tests for ENGINE problems Add some tests which would have caught the issues fixed in the previous 3 commits related to engine handling. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16846) (cherry picked from commit 0299094c52ddb66f9a22cfff4e7d70c139112832) commit 51100ac4b5bea7a9e9f57ede350d655243b526b1 Author: Matt Caswell Date: Fri Oct 15 16:28:53 2021 +0100 Update provider_util.c to correctly handle ENGINE references provider_util.c failed to free ENGINE references when clearing a cipher or a digest. Additionally ciphers and digests were not copied correctly, which would lead to double-frees if it were not for the previously mentioned leaks. Fixes #16845 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16846) (cherry picked from commit 86c15ba87488f88e6191f098ff154f79ce91847b) commit 3d292eeab27f69511453d3726e8c35532cfc159d Author: Matt Caswell Date: Fri Oct 15 16:23:31 2021 +0100 Ensure pkey_set_type handles ENGINE references correctly pkey_set_type should not consume the ENGINE references that may be passed to it. Fixes #16757 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16846) (cherry picked from commit f7d6868d0d48fedd5d9daad0c3e0cbcaef423ff3) commit 1ba91d5fad6a8d1663b1d5b6bcc0dcc17f8202aa Author: Matt Caswell Date: Fri Oct 15 16:06:28 2021 +0100 Make sure EVP_CIPHER_CTX_copy works with the dasync engine Ciphers in the daysnc engine were failing to copy their context properly in the event of EVP_CIPHER_CTX_copy() because they did not define the flag EVP_CIPH_CUSTOM_FLAG Fixes #16844 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16846) (cherry picked from commit a0cbc2d222743fc4ffd276b97bd5f8aeacf01122) ----------------------------------------------------------------------- Summary of changes: crypto/evp/p_lib.c | 8 ++- engines/e_dasync.c | 25 +++++-- providers/common/provider_util.c | 31 +++++++- test/evp_extra_test.c | 148 +++++++++++++++++++++++++++++++++++++++ 4 files changed, 205 insertions(+), 7 deletions(-) diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 61cfe1efb9..aabd92d555 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1554,7 +1554,6 @@ static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, */ if (keymgmt == NULL) pkey->ameth = ameth; - pkey->engine = e; /* * The EVP_PKEY_ASN1_METHOD |pkey_id| retains its legacy key purpose @@ -1570,6 +1569,13 @@ static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str, } else { pkey->type = EVP_PKEY_KEYMGMT; } +# ifndef OPENSSL_NO_ENGINE + if (eptr == NULL && e != NULL && !ENGINE_init(e)) { + ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); + return 0; + } +# endif + pkey->engine = e; #endif } return 1; diff --git a/engines/e_dasync.c b/engines/e_dasync.c index b775d59a2c..5a303a9f85 100644 --- a/engines/e_dasync.c +++ b/engines/e_dasync.c @@ -268,7 +268,8 @@ static int bind_dasync(ENGINE *e) || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE - | EVP_CIPH_FLAG_PIPELINE) + | EVP_CIPH_FLAG_PIPELINE + | EVP_CIPH_CUSTOM_COPY) || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, dasync_aes128_init_key) || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, @@ -293,7 +294,8 @@ static int bind_dasync(ENGINE *e) EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_FLAG_AEAD_CIPHER - | EVP_CIPH_FLAG_PIPELINE) + | EVP_CIPH_FLAG_PIPELINE + | EVP_CIPH_CUSTOM_COPY) || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1, dasync_aes128_cbc_hmac_sha1_init_key) || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1, @@ -580,7 +582,8 @@ static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) /* Cipher helper functions */ static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg, - void *ptr, int aeadcapable) + void *ptr, int aeadcapable, + const EVP_CIPHER *ciph) { int ret; struct dasync_pipeline_ctx *pipe_ctx = @@ -590,6 +593,18 @@ static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg, return 0; switch (type) { + case EVP_CTRL_COPY: + { + size_t sz = EVP_CIPHER_impl_ctx_size(ciph); + void *inner_cipher_data = OPENSSL_malloc(sz); + + if (inner_cipher_data == NULL) + return -1; + memcpy(inner_cipher_data, pipe_ctx->inner_cipher_data, sz); + pipe_ctx->inner_cipher_data = inner_cipher_data; + } + break; + case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: pipe_ctx->numpipes = arg; pipe_ctx->outbufs = (unsigned char **)ptr; @@ -744,7 +759,7 @@ static int dasync_cipher_cleanup_helper(EVP_CIPHER_CTX *ctx, static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { - return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 0); + return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 0, EVP_aes_128_cbc()); } static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, @@ -772,7 +787,7 @@ static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx) static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { - return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 1); + return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 1, EVP_aes_128_cbc_hmac_sha1()); } static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, diff --git a/providers/common/provider_util.c b/providers/common/provider_util.c index fcfbab632d..58d4db3379 100644 --- a/providers/common/provider_util.c +++ b/providers/common/provider_util.c @@ -26,6 +26,9 @@ void ossl_prov_cipher_reset(PROV_CIPHER *pc) EVP_CIPHER_free(pc->alloc_cipher); pc->alloc_cipher = NULL; pc->cipher = NULL; +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + ENGINE_finish(pc->engine); +#endif pc->engine = NULL; } @@ -33,6 +36,12 @@ int ossl_prov_cipher_copy(PROV_CIPHER *dst, const PROV_CIPHER *src) { if (src->alloc_cipher != NULL && !EVP_CIPHER_up_ref(src->alloc_cipher)) return 0; +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + if (src->engine != NULL && !ENGINE_init(src->engine)) { + EVP_CIPHER_free(src->alloc_cipher); + return 0; + } +#endif dst->engine = src->engine; dst->cipher = src->cipher; dst->alloc_cipher = src->alloc_cipher; @@ -52,6 +61,9 @@ static int load_common(const OSSL_PARAM params[], const char **propquery, *propquery = p->data; } +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + ENGINE_finish(*engine); +#endif *engine = NULL; /* Inside the FIPS module, we don't support legacy ciphers */ #if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) @@ -59,10 +71,18 @@ static int load_common(const OSSL_PARAM params[], const char **propquery, if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) return 0; - ENGINE_finish(*engine); + /* Get a structural reference */ *engine = ENGINE_by_id(p->data); if (*engine == NULL) return 0; + /* Get a functional reference */ + if (!ENGINE_init(*engine)) { + ENGINE_free(*engine); + *engine = NULL; + return 0; + } + /* Free the structural reference */ + ENGINE_free(*engine); } #endif return 1; @@ -122,6 +142,9 @@ void ossl_prov_digest_reset(PROV_DIGEST *pd) EVP_MD_free(pd->alloc_md); pd->alloc_md = NULL; pd->md = NULL; +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + ENGINE_finish(pd->engine); +#endif pd->engine = NULL; } @@ -129,6 +152,12 @@ int ossl_prov_digest_copy(PROV_DIGEST *dst, const PROV_DIGEST *src) { if (src->alloc_md != NULL && !EVP_MD_up_ref(src->alloc_md)) return 0; +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + if (src->engine != NULL && !ENGINE_init(src->engine)) { + EVP_MD_free(src->alloc_md); + return 0; + } +#endif dst->engine = src->engine; dst->md = src->md; dst->alloc_md = src->alloc_md; diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 83f8902d24..baa93beb11 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -30,6 +30,7 @@ #include #include #include +#include #include "testutil.h" #include "internal/nelem.h" #include "internal/sizes.h" @@ -3854,6 +3855,141 @@ static int test_evp_md_cipher_meth(void) return testresult; } + +# ifndef OPENSSL_NO_DYNAMIC_ENGINE +/* Test we can create a signature keys with an associated ENGINE */ +static int test_signatures_with_engine(int tst) +{ + ENGINE *e; + const char *engine_id = "dasync"; + EVP_PKEY *pkey = NULL; + const unsigned char badcmackey[] = { 0x00, 0x01 }; + const unsigned char cmackey[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f + }; + const unsigned char ed25519key[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f + }; + const unsigned char msg[] = { 0x00, 0x01, 0x02, 0x03 }; + int testresult = 0; + EVP_MD_CTX *ctx = NULL; + unsigned char *mac = NULL; + size_t maclen = 0; + int ret; + + if (!TEST_ptr(e = ENGINE_by_id(engine_id))) + return 0; + + if (!TEST_true(ENGINE_init(e))) { + ENGINE_free(e); + return 0; + } + + switch (tst) { + case 0: + pkey = EVP_PKEY_new_CMAC_key(e, cmackey, sizeof(cmackey), + EVP_aes_128_cbc()); + break; + case 1: + pkey = EVP_PKEY_new_CMAC_key(e, badcmackey, sizeof(badcmackey), + EVP_aes_128_cbc()); + break; + case 2: + pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, e, ed25519key, + sizeof(ed25519key)); + break; + default: + TEST_error("Invalid test case"); + goto err; + } + if (!TEST_ptr(pkey)) + goto err; + + if (!TEST_ptr(ctx = EVP_MD_CTX_new())) + goto err; + + ret = EVP_DigestSignInit(ctx, NULL, tst == 2 ? NULL : EVP_sha256(), NULL, + pkey); + if (tst == 0) { + if (!TEST_true(ret)) + goto err; + + if (!TEST_true(EVP_DigestSignUpdate(ctx, msg, sizeof(msg))) + || !TEST_true(EVP_DigestSignFinal(ctx, NULL, &maclen))) + goto err; + + if (!TEST_ptr(mac = OPENSSL_malloc(maclen))) + goto err; + + if (!TEST_true(EVP_DigestSignFinal(ctx, mac, &maclen))) + goto err; + } else { + /* We used a bad key. We expect a failure here */ + if (!TEST_false(ret)) + goto err; + } + + testresult = 1; + err: + EVP_MD_CTX_free(ctx); + OPENSSL_free(mac); + EVP_PKEY_free(pkey); + ENGINE_finish(e); + ENGINE_free(e); + + return testresult; +} + +static int test_cipher_with_engine(void) +{ + ENGINE *e; + const char *engine_id = "dasync"; + const unsigned char keyiv[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f + }; + const unsigned char msg[] = { 0x00, 0x01, 0x02, 0x03 }; + int testresult = 0; + EVP_CIPHER_CTX *ctx = NULL, *ctx2 = NULL; + unsigned char buf[AES_BLOCK_SIZE]; + int len = 0; + + if (!TEST_ptr(e = ENGINE_by_id(engine_id))) + return 0; + + if (!TEST_true(ENGINE_init(e))) { + ENGINE_free(e); + return 0; + } + + if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()) + || !TEST_ptr(ctx2 = EVP_CIPHER_CTX_new())) + goto err; + + if (!TEST_true(EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), e, keyiv, keyiv))) + goto err; + + /* Copy the ctx, and complete the operation with the new ctx */ + if (!TEST_true(EVP_CIPHER_CTX_copy(ctx2, ctx))) + goto err; + + if (!TEST_true(EVP_EncryptUpdate(ctx2, buf, &len, msg, sizeof(msg))) + || !TEST_true(EVP_EncryptFinal_ex(ctx2, buf + len, &len))) + goto err; + + testresult = 1; + err: + EVP_CIPHER_CTX_free(ctx); + EVP_CIPHER_CTX_free(ctx2); + ENGINE_finish(e); + ENGINE_free(e); + + return testresult; +} +# endif /* OPENSSL_NO_DYNAMIC_ENGINE */ #endif /* OPENSSL_NO_DEPRECATED_3_0 */ typedef enum OPTION_choice { @@ -3980,6 +4116,18 @@ int setup_tests(void) #ifndef OPENSSL_NO_DEPRECATED_3_0 ADD_ALL_TESTS(test_custom_pmeth, 12); ADD_TEST(test_evp_md_cipher_meth); + +# ifndef OPENSSL_NO_DYNAMIC_ENGINE + /* Tests only support the default libctx */ + if (testctx == NULL) { +# ifndef OPENSSL_NO_EC + ADD_ALL_TESTS(test_signatures_with_engine, 3); +# else + ADD_ALL_TESTS(test_signatures_with_engine, 2); +# endif + ADD_TEST(test_cipher_with_engine); + } +# endif #endif return 1; From kurt at openssl.org Wed Oct 20 07:32:01 2021 From: kurt at openssl.org (Kurt Roeckx) Date: Wed, 20 Oct 2021 07:32:01 +0000 Subject: [web] master update Message-ID: <1634715121.208011.11030.nullmailer@dev.openssl.org> The branch master has been updated via 4d8357b7e6fb544f0a618e65d98a9206a2df05f6 (commit) via 1628f0f455848c12f365c9bac03bfc30b50e2d86 (commit) via f50ade47ca53ad5c6757bb4afe5dfa51cf261475 (commit) from 03e84f49907d92dda63a9360090781fc8ed96910 (commit) - Log ----------------------------------------------------------------- commit 4d8357b7e6fb544f0a618e65d98a9206a2df05f6 Author: Kurt Roeckx Date: Wed Oct 20 09:31:44 2021 +0200 Update info about FreeBSD and VMS commit 1628f0f455848c12f365c9bac03bfc30b50e2d86 Author: Kurt Roeckx Date: Wed Oct 20 09:11:50 2021 +0200 Fix spelling error commit f50ade47ca53ad5c6757bb4afe5dfa51cf261475 Author: Kurt Roeckx Date: Wed Oct 20 09:10:20 2021 +0200 Add platforms for which we have a configuartion ----------------------------------------------------------------------- Summary of changes: policies/platformpolicy.html | 1321 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 1316 insertions(+), 5 deletions(-) diff --git a/policies/platformpolicy.html b/policies/platformpolicy.html index cdf2db4..abf1ac7 100644 --- a/policies/platformpolicy.html +++ b/policies/platformpolicy.html @@ -59,7 +59,7 @@ stable version or master) on a community platform breaks, then an attempt should be made to contact the community maintainer to request a fix. In the event that a community platform is - broken in CI for a protacted period then it may be dropped + broken in CI for a protracted period then it may be dropped from CI.
If defects are raised that are specific to a community @@ -109,7 +109,7 @@    x86_64    - ?? + Clang 11 VC-WIN64A @@ -193,11 +193,11 @@ Nominated Community Member(s) - ?? + vms-ia64?    - OpenVMS 9.1 + OpenVMS 8.4    - Itanium + ia64    ??    @@ -205,6 +205,1317 @@

+

+ The current unadopted platforms are: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Target  O/S  Architecture  Toolchain
vos-gcc  VOS  ??  gcc
solaris-x86-gcc  Solaris  x86  gcc
solaris64-x86_64-gcc  Solaris  x86_64  gcc
solaris64-x86_64-cc  Solaris  x86_64  Sun C
solaris-sparcv7-gcc  Solaris  Sparc V7  gcc
solaris-sparcv8-gcc  Solaris  Sparc V8  gcc
solaris-sparcv9-gcc  Solaris  Sparc V9 32 bit  gcc
solaris64-sparcv9-gcc  Solaris  Sparc V9 64 bit  gcc
solaris-sparcv7-cc  Solaris  Sparc V7  Sun C
solaris-sparcv8-cc  Solaris  Sparc V8  Sun C
solaris-sparcv9-cc  Solaris  Sparc V9 32 bit  Sun C
solaris64-sparcv9-cc  Solaris  Sparc V9 64 bit  Sun C
irix-mips3-gcc  Irix 6.x  mips64 n32  gcc
irix-mips3-cc  Irix 6.x  mips64 n32  ??
irix64-mips4-gcc  Irix 6.x  mips64 n64  gcc
irix64-mips4-cc  Irix 6.x  mips64 n64  ??
hpux-parisc-gcc  HP-UX  parisc  gcc
hpux-parisc1_1-gcc  HP-UX  parisc 1.1 32 bit  gcc
hpux64-parisc2-gcc  HP-UX  parisc 2.0 64 bit  gcc
hpux-parisc-cc  HP-UX  parisc  ??
hpux-parisc1_1-cc  HP-UX  parisc 1.0 32 bit  ??
hpux64-parisc2-cc  HP-UX  parisc 2.0 64 bit  ??
hpux-ia64-cc  HP-UX  IA64 32 bit  ??
hpux64-ia64-cc  HP-UX  IA64 64 bit  ??
hpux-ia64-gcc  HP-UX  IA64 32 bit  gcc
hpux64-ia64-gcc  HP-UX  IA64 64 bit  gcc
MPE/iX-gcc  MPE/iX  parisc?  gcc
tru64-alpha-gcc  Tru64  alpha  gcc
tru64-alpha-cc  Tru64  alpha  ??
linux-ppc  Linux  ppc32  gcc
linux-ppc64  Linux  ppc64 big endian  gcc
linux-ppc64le  Linux  ppc64 little endian  gcc
linux-armv4  Linux  armv4  gcc
linux-aarch64  Linux  aarch64  gcc
linux-arm64ilp32  Linux  aarch64-ilp32  gcc
linux-mips32  Linux  mips32 o32  gcc
linux-mips64  Linux  mips64 n32  gcc
linux64-mips64  Linux  mips64 64 bit  gcc
linux64-riscv64  Linux  riscv64  gcc
linux-x86  Linux  x86  gcc
linux-x86-clang  Linux  x86  clang
linux-x86_64-clang  Linux  x86_64  clang
linux-x32  Linux  x86_64 x32  gcc
linux-ia64  Linux  ia64  gcc
linux64-s390x  Linux  s390x  gcc
linux32-s390x  Linux  s390x 31 bit  gcc
linux-sparcv8  Linux  sparc v8  gcc
linux-sparcv9  Linux  sparc v9 32 bit  gcc
linux64-sparcv9  Linux  sparc v9 64 bit  gcc
linux-alpha-gcc  Linux  alpha  gcc
linux-c64xplus  Linux  c64xplus  gcc
linux-c64xplus  Linux  c64xplus  gcc
BSD-x86  FreeBSD / OpenBSD / NetBSD / ?  x86 a.out  ??
BSD-x86-elf  FreeBSD / OpenBSD / NetBSD / ?  x86 elf  ??
BSD-sparcv8  ?  Sparc v8  ??
BSD-sparcv9  ?  Sparc v9 32 bit  ??
BSD-ia64  ?  IA64  ??
BSD-x86_64  OpenBSD / NetBSD / ?  x86_64  ??
bsdi-elf-gcc  BSDi  ??  ??
unixware-2.0  unixware 2.0  ??  ??
unixware-2.1  unixware 2.1  ??  ??
unixware-7  unixware 7  x86  ??
unixware-7-gcc  unixware 7  x86  gcc
sco5-cc  Open Server 5?  x86  ??
sco5-gcc  Open Server 5?  x86  gcc
aix-gcc  AIX  ppc32  gcc
aix64-gcc  AIX  ppc64  gcc
aix64-gcc-as  AIX  ppc64  gcc with as?
aix-cc  AIX  ppc32  ??
aix64-cc  AIX  ppc64  ??
BS2000-OSD  BS2000/OSD  ??  ??
VC-WIN64I  Windows XP / Windows Server 2008?  ia64  Visual C
VC-WIN32  Windows 10  x86  Visual C
VC-CE  Windows CE  x86 / armv4?  Visual C
VC-WIN64A-masm  Windows 10  x86  Visual C with masm
mingw  Windows 10?  x86  gcc
mingw64  Windows 10?  x86_64  gcc
UEFI-x86  UEFI  x86  ??
UEFI-x86_64  UEFI  x86_64  ??
UWIN  UWIN  x86  ?
Cygwin-x86  Windows 10  x86  gcc
Cygwin-x86_64  Windows 10  x86_64  gcc
darwin-ppc  MacOS?  ppc32  ?
darwin64-ppc  MacOS?  ppc64  ?
darwin-i386  MacOS?  x86  ?
darwin-i386  MacOS?  x86  ?
hurd-x86  Hurd  x86  gcc
vxworks-ppc60x  vxworks  ppc32  ?
vxworks-ppcgen  vxworks  ppc32  ?
vxworks-ppc405  vxworks  ppc32 405  ?
vxworks-ppc750  vxworks  ppc32 750  ?
vxworks-ppc860  vxworks  ppc32 860  ?
vxworks-simlinux  vxworks  x86?  ?
vxworks-mips  vxworks  mips32 o32  ?
uClinux-dist  uClinux  ?  gcc
uClinux-dist64  uClinux  ?  gcc
vms-alpha  VMS  alpha  ?
vms-alpha-p32  VMS  alpha 32 bit pointers?  ?
vms-alpha-p64  VMS  alpha 64 bit pointers?  ?
vms-ia64-p32  VMS  ia64 32 bit pointers?  ?
vms-ia64-p64  VMS  ia64 64 bit pointers?  ?
vms-x86_64  VMS  x86_64  ?
android-arm  android  armv4  ?
android-arm64  android  aarch64  ?
android-mips  android  mips32 o32  ?
android-mips64  android  mips64  ?
android-x86  android  x86  ?
android-x86_64  android  x86_64  ?
ios-xcrun  iOS  armv7  ?
ios64-xcrun  iOS  aarch64  ?
iossimulator-xcrun  iOS  ?  ?
iphoneos-cross  iphoneos?  ?  ?
ios-cross  iOS  armv7  ?
ios64-cross  iOS  aarch64  ?
BC-32  Windows 10?  x86  Borland C, C++ Builder?
DJGPP  DOS?  x86?  djgpp
haiku-x86  Haiku  x86  gcc?
haiku-x86_64  Haiku  x86_64  gcc?
nonstop-nsx  NonStop OSS  x86_64 ilp32  ?
nonstop-nsx_put  NonStop OSS PUT  x86_64 ilp32  ?
nonstop-nsx_64  NonStop OSS  x86_64 lp64  ?
nonstop-nsx_64_put  NonStop OSS  x86_64 lp64 PUT  ?
nonstop-nsx_spt  NonStop OSS  x86_64 ilp32 SPT  ?
nonstop-nsx_spt_floss  NonStop OSS  x86_64 ilp32 SPT FLOSS  ?
nonstop-nsx_g  NonStop Guardian  x86_64 ilp32  ?
nonstop-nsx_g_tandem  NonStop Guardian  x86_64 ilp32  ?
nonstop-nsv  NonStop OSS  x86_64 ilp32  ?
nonstop-nse  NonStop OSS  ia64 ilp32  ?
nonstop-nse_put  NonStop OSS  ia64 ilp32 PUT  ?
nonstop-nse_64  NonStop OSS  ia64 lp64  ?
nonstop-nse_64_put  NonStop OSS  ia64 lp64 PUT  ?
nonstop-nse_spt  NonStop OSS  ia64 ipl32 SPT  ?
nonstop-nse_spt_floss  NonStop OSS  ia64 ipl32 SPT FLOSS  ?
nonstop-nse_g  NonStop Guardian  ia64 ipl32  ?
nonstop-nse_g_tandem  NonStop Guardian  ia64 ipl32  ?
OS390-Unix  zOS  s390  ?
VC-WIN32-ONECORE  Windows OneCore  x86  Visual C
VC-WIN64A-ONECORE  Windows OneCore  x86_64  Visual C
VC-WIN32-ARM  Windows OneCore  arm  Visual C
VC-WIN64-ARM  Windows OneCore  aarch64  Visual C
VC-WIN32-UWP  Windows UWP  x86  Visual C
VC-WIN64A-UWP  Windows UWP  x86_64  Visual C
VC-ARM-UWP  Windows UWP  arm  Visual C
VC-ARM64-UWP  Windows UWP  aarch64  Visual C
+