[openssl/openssl] 39d857: make inability to dup/clone ciphers an error

Neil Horman noreply at github.com
Tue Sep 12 14:02:20 UTC 2023 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 39d857bb610d25b3de4e414264246ec41753c446
      https://github.com/openssl/openssl/commit/39d857bb610d25b3de4e414264246ec41753c446
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2023-09-12 (Tue, 12 Sep 2023)

  Changed paths:
    M test/evp_test.c

  Log Message:
  -----------
  make inability to dup/clone ciphers an error

There should be no reason that a cipher can't be duplicated

Fixes #21887

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21933)


  Commit: 0239fb3db77e9de2031c5054854cba8e417c1b72
      https://github.com/openssl/openssl/commit/0239fb3db77e9de2031c5054854cba8e417c1b72
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2023-09-12 (Tue, 12 Sep 2023)

  Changed paths:
    M providers/implementations/ciphers/cipher_aes_ccm.c
    M providers/implementations/ciphers/cipher_aes_gcm.c
    M providers/implementations/ciphers/cipher_aria_ccm.c
    M providers/implementations/ciphers/cipher_aria_gcm.c
    M providers/implementations/ciphers/cipher_sm4_ccm.c
    M providers/implementations/ciphers/cipher_sm4_gcm.c
    M providers/implementations/include/prov/ciphercommon_aead.h

  Log Message:
  -----------
  Add dupctx support to aead ciphers

Add dupctx method support to to ciphers implemented with IMPLEMENT_aead_cipher
This includes:
aes-<kbits>-gcm
aria-<kbits>-ccm
aria-<kbits>-gcm
sm4-<kibs>-gcm

Fixes #21887

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21933)


  Commit: 2c021e7d11f03ede2330398c4fd8e8c7bd8768ee
      https://github.com/openssl/openssl/commit/2c021e7d11f03ede2330398c4fd8e8c7bd8768ee
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2023-09-12 (Tue, 12 Sep 2023)

  Changed paths:
    M providers/implementations/ciphers/cipher_aes_wrp.c

  Log Message:
  -----------
  implement dupctx for aes_WRAP methods

create a dupctx method for aes_WRAP implementations of all sizes

Fixes #21887

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21933)


  Commit: c32c3f2653e6c6ac42e09a83a2f51f8667827a04
      https://github.com/openssl/openssl/commit/c32c3f2653e6c6ac42e09a83a2f51f8667827a04
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2023-09-12 (Tue, 12 Sep 2023)

  Changed paths:
    M providers/implementations/ciphers/cipher_aes_gcm_siv.c

  Log Message:
  -----------
  Fix aes_gcm_siv dupctx function

This cipher family has a dupctx function, but was failing because it was
attempting to memdup a field only if it was null

Fix the conditional check to get it working again

Fixes #21887

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21933)


  Commit: df93b3c9e72571876bd01e5a50a5ba8368c6c77f
      https://github.com/openssl/openssl/commit/df93b3c9e72571876bd01e5a50a5ba8368c6c77f
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2023-09-12 (Tue, 12 Sep 2023)

  Changed paths:
    M providers/implementations/ciphers/cipher_chacha20_poly1305.c

  Log Message:
  -----------
  implement dupctx for chacha20_poly1305

Same as chacha20 in the last commit, just clone the ctx and its
underlying tlsmac array if its allocated

Fixes #21887

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21933)


  Commit: 123c85864fa7fe97d8ae3a09989d410501d957a5
      https://github.com/openssl/openssl/commit/123c85864fa7fe97d8ae3a09989d410501d957a5
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2023-09-12 (Tue, 12 Sep 2023)

  Changed paths:
    M providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
    M providers/implementations/ciphers/cipher_rc4_hmac_md5.c

  Log Message:
  -----------
  Add dupctx support to rc4_hmac_md5 algo

Pretty straightforward, just clone the requested context, no pointers to
fixup

Fixes #21887

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21933)


Compare: https://github.com/openssl/openssl/compare/9912dfb98c9c...123c85864fa7

More information about the openssl-commits mailing list