From matt at openssl.org  Thu Apr  4 11:31:05 2019
From: matt at openssl.org (Matt Caswell)
Date: Thu, 4 Apr 2019 12:31:05 +0100
Subject: Monthly Status Report (March)
Message-ID: <07f3fcdb-377b-b411-05ec-e7db680eab6a@openssl.org>

As well as normal reviews, responding to user queries, wiki user
requests, OMC business, handling security reports, etc., key activities
this month:

- Fixed an issue where the ticket index was written to the session during the
handshake, even though the session is supposed to be immutable
- Significant review work on the Kernel TLS Receive side
- Investigated (with others) and fixed an underflow in ecp_nistp521.c
- Fixed an issue with long nonces in ChaCha20-Poly1305 (CVE-2019-1543)
- Significant review work on the CRMF/CMP chunk 2 code
- Changes to enable pkeyutl to work with Ed448 and Ed25519
- Updates to the pkeyutl documentation around the digest option
- Fixed enable-zlib
- Fixed some mem leaks in pkread.c demo file
- Fixed no-dso
- Fixed no-cmac, no-poly1305 and no-siphash
- Added some missing OPENSSL_NO_SM2 guards
- Worked on fix for no-posix-io (later replaced by a different PR)
- Created the default provider and moved SHA256 into it
- Created a PR for implementing a FIPS provider and moving SHA256 into it
- Created a PR for implementing a legacy provider and moving MD2 into it
- Fixed some MAC issues (Don't allow SHAKE128/SHAKE256 with HMAC)
- Fixed a memory leak in ARIA GCM
- Changes to tolerate 0 length input on Update functions
- Fixed no-ec
- Const fixes for OCSP_id_cmp and OCSP_id_issuer_cmp
- Created PR for fixed error handling in X509_chain_up_ref
- Created PR for supporting EVP_MD_block_size() with providers
- Created PR for ensuring EVP_MD_CTX_md() returns the EVP_MD that was originally
used.
- Significant review work on various FIPS related PRs

Matt



From paul.dale at oracle.com  Wed Apr 10 00:04:52 2019
From: paul.dale at oracle.com (Paul Dale)
Date: Tue, 9 Apr 2019 17:04:52 -0700 (PDT)
Subject: SP 800-90C 10.1.2
Message-ID: <5e0f83b3-2d92-49e2-ac12-494100957352@default>

Do any of the FIPS sponsors or OpenSSL project people think that SP 800-90C section 10.1.2 "Accessing a Source DRBG with Prediction Resistance to Obtain any Security Strength" is worthwhile including in the code base?

 

The main use is to allow a stronger DRBG to be seeded from a weaker one.  For example: seeding AES-CTR-256-DRBG from AES-CTR-128-DRBG.  The reasons in favour don't seem very compelling:

.         There are some obscure use cases for which there is a fairly easy work around (use stronger DRBGs everywhere). 

.         A low quality hardware source could be used for higher strength applications.

.         It would also provide some benefit for poorly set up DRBG chains.

.         It can be used to construct randomness of any strength but I'm not aware of a current method to compress this down to high quality entropy that is directly usable (i.e. preserves the strength). 

 

The PR is done (#8660 https://github.com/openssl/openssl/pull/8660) but I've closed it since it seems unloved.  If anyone here does think that that would beneficial, say something as justification or it is gone.

 

 

Pauli

-- 

Oracle

Dr Paul Dale | Cryptographer | Network Security & Encryption 

Phone +61 7 3031 7217

Oracle Australia

 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-project/attachments/20190409/fa664dd4/attachment.html>

From rsalz at akamai.com  Wed Apr 10 16:09:54 2019
From: rsalz at akamai.com (Salz, Rich)
Date: Wed, 10 Apr 2019 16:09:54 +0000
Subject: SP 800-90C 10.1.2
In-Reply-To: <5e0f83b3-2d92-49e2-ac12-494100957352@default>
References: <5e0f83b3-2d92-49e2-ac12-494100957352@default>
Message-ID: <85CFE7C1-204F-4061-A0F3-E3FCE4FBF5D7@akamai.com>

No love from Akamai for this: it seems to be done for completionist reasons and it seems risky.

From: "paul.dale at oracle.com" <paul.dale at oracle.com>
Date: Tuesday, April 9, 2019 at 8:07 PM
To: "fips-sponsors at openssl.org" <fips-sponsors at openssl.org>
Cc: "openssl-project at openssl.org" <openssl-project at openssl.org>
Subject: SP 800-90C 10.1.2

Do any of the FIPS sponsors or OpenSSL project people think that SP 800-90C section 10.1.2 ?Accessing a Source DRBG with Prediction Resistance to Obtain any Security Strength? is worthwhile including in the code base?

The main use is to allow a stronger DRBG to be seeded from a weaker one.  For example: seeding AES-CTR-256-DRBG from AES-CTR-128-DRBG.  The reasons in favour don?t seem very compelling:

  *   There are some obscure use cases for which there is a fairly easy work around (use stronger DRBGs everywhere).
  *   A low quality hardware source could be used for higher strength applications.
  *   It would also provide some benefit for poorly set up DRBG chains.
  *   It can be used to construct randomness of any strength but I?m not aware of a current method to compress this down to high quality entropy that is directly usable (i.e. preserves the strength).

The PR is done (#8660 https://github.com/openssl/openssl/pull/8660<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_openssl_openssl_pull_8660&d=DwMFAg&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=7y8i8f_jFNGUJCaPCDSdkHqGsI_jO52jpnghkgmKyy0&s=56TxKBgAh-dg3Z-02GgoT6B1_ZYQ9dHMblLe-d8qS3I&e=>) but I?ve closed it since it seems unloved.  If anyone here does think that that would beneficial, say something as justification or it is gone.


Pauli
--
Oracle
Dr Paul Dale | Cryptographer | Network Security & Encryption
Phone +61 7 3031 7217
Oracle Australia

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-project/attachments/20190410/b28e0797/attachment-0001.html>

From levitte at openssl.org  Tue Apr 16 20:07:47 2019
From: levitte at openssl.org (Richard Levitte)
Date: Tue, 16 Apr 2019 22:07:47 +0200
Subject: Late Monthly Status Report (January 2019)
Message-ID: <87r2a1k92k.wl-levitte@openssl.org>

[I've been too distracted to crank these out regularly, will do better]

Apart from normal business, such as normal reviews, OMC business,
normal system administration tasks, etc., key activities this month:

* Development

  - Significant work on the FIPS design/architecture
  - Finalized the first part of a major change in configuration and
    building
    (PR openssl/openssl#7473)
  - Finalized adding attributes for product files in build.info
    (PR openssl/openssl#7581)
  - Cleaned away build.info artifacts
    (PR openssl/openssl#8125)
  - Reviewed s390x related enhancements
    (PRs openssl/openssl#6919, openssl/openssl#7988)
  - Reviewed ppc related enhancements
    (PR openssl/openssl#8120)
  - Reviewed addition of "weak" symbol declarations
    (PR openssl/openssl#8087) 
  - Reviewed addition of CAdES support
    (PR openssl/openssl#7893)
  - Started work on the OpenSSL 3.0 core: core types
    (PR openssl/openssl#8286)
  - Started work on the OpenSSL 3.0 core: provider object
    (PR openssl/openssl#8287)
  
* Web

  - Implemented apropos-like list of manpages
    (PR openssl/web#102)
  - Reformat the FAQ for a more modern display, and also to make more
    direct use of markdown
    (PR openssl/web#103)
  - Added generation of HTML5 from markdown
    (PR openssl/web#108)
  - Reworked man-page generation to always generate the man1 / man3 /
    man5 / man7 structure, even of the source is the older apps /
    crypto / ssl form, as well as cross-referencing between man-pages
    of different OpenSSL versions
    (PR openssl/web#107)
  - Published the OpenSSL Strategic Architecture document
    (PR openssl/web#110)


-- 
Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

From levitte at openssl.org  Tue Apr 16 20:09:29 2019
From: levitte at openssl.org (Richard Levitte)
Date: Tue, 16 Apr 2019 22:09:29 +0200
Subject: Late Monthly Status Report (February 2019)
Message-ID: <87pnplk8zq.wl-levitte@openssl.org>

[I've been too distracted to crank these out regularly, will do better]

Apart from normal business, such as normal reviews, OMC business,
normal system administration tasks, etc., key activities this month:

* Development

  - Final review of of blake2 EVP_MAC addition
    (PR openssl/openssl#7726)
  - Reviewed making OPENSSL_malloc_init() a no-op
    (PR openssl/openssl#8167)
  - Final review of the remake of test command line parsing
    (PR openssl/openssl#6975)
  - Converted most build uses of ENGINES to MODULES
    (PR openssl/openssl#8147)
  - Reviewed the addition of the sparse array type
    (PR openssl/openssl#8197, openssl/openssl#8229)
  - Final review of the conversion of the devcrypto engine to an
    engine module
    (PR openssl/openssl#7859)
  - Moved libapps include files into their own directory
    (PR openssl/openssl#8210)
  - Final review of the EVP_KDF API addition
    (PR openssl/openssl#6674)
  - Reworked '--strict-warnings' to work like any compiler option
    (PR openssl/openssl#8239)
  - Implemented the OpenSSL library context API
    (PR openssl/openssl#8225)
  - Proposed writing internal documentation and extended
    util/find-docs-nits to check that as well
    (PR openssl/openssl#8269)
  - Added BN_native2bn and BN_bn2nativepad
    (PR openssl/openssl#8346)
  - Finalized work on the OpenSSL 3.0 core: core types
    (PR openssl/openssl#8286)
  - Started work on a X509_LOOKUP implementation of OSSL_STORE
    (PR openssl/openssl#8442)
  - Continued work on the OpenSSL 3.0 core: provider object
    (PR openssl/openssl#8287)
  - Started work on the OpenSSL 3.0 core: generic method constructor
    (PR openssl/openssl#8340)
  - Started work on the OpenSSL 3.0 EVP: constructor for EVP methods
    (PR openssl/openssl#8341)

* Web

  - Published the OpenSSL 3.0 Design document
    (PR openssl/web#113)
  - Reworked the release strategy to include the version scheme for
    OpenSSL 3.0 and on; generalised the criteria for alpha, beta and
    release; reviewed the new stability policy
    (PR openssl/web#82)
  - Reviewed the added extended support contract information
    (PR openssl/web#122)
  - Reworked web site building to centralise release information
    (PR openssl/web#120)

-- 
Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

From levitte at openssl.org  Tue Apr 16 20:10:17 2019
From: levitte at openssl.org (Richard Levitte)
Date: Tue, 16 Apr 2019 22:10:17 +0200
Subject: Monthly Status Report (March 2019)
Message-ID: <87o955k8ye.wl-levitte@openssl.org>

Apart from normal business, such as normal reviews, OMC business,
normal system administration tasks, etc., key activities this month:

* Development

  - Deprecated the "hw" configuration option and made "padlockeng"
    disablable
    (PR openssl/openssl#8380)
  - Finalized addition of generic trace API together with Matthias
    St Pierre
    (PR openssl/openssl#8198)
  - Finalized work on the basics for OpenSSL 3.0 replumbing: provider
    object
    (PRs openssl/openssl#8287)
  - Finalized work on the OpenSSL 3.0 core: generic method constructor
    (PR openssl/openssl#8340)
  - Finalized work on the OpenSSL 3.0 EVP: constructor for EVP methods
    (PR openssl/openssl#8341)
  - Reviewed the added OSSL_PARAM API
    (PR openssl/openssl#8451)
  - Reviewed further trace API work
    (PR openssl/openssl#8463)
  - Added mechanism for fallback providers and pre-populating the
    provider store with well known providers ("default")
    (PR openssl/openssl#8480)
  - Reviewed the addition of chacha20 and poly1305 assembler for ia64
    (PR openssl/openssl#8540)
  - Finally remove everything that has to do with "heartbeats"
    (PR openssl/openssl#1928)
  - Started work on the OpenSSL 3.0 core: config module for providers
    (PR openssl/openssl#8549)
  - Started work on OSSL_PARAM name registration and checking
    (PR openssl/openssl#8461)
  - Started work on tidying our common perl scripts
    (PR openssl/openssl#8525)
  - [unpublished] Started work on flexible installation commands for
    Makefiles
  - [unpublished] Continued work on flexible building commands for
    Makefiles

* Web

  - Published the OpenSSL 3.0 Design document
    (PR openssl/web#113)
  - Reworked the release strategy to include the version scheme for
    OpenSSL 3.0 and on; generalised the criteria for alpha, beta and
    release; reviewed the new stability policy
    (PR openssl/web#82)
  - Reviewed the added extended support contract information
    (PR openssl/web#122)
  - Reworked web site building to centralise release information
    (PR openssl/web#120)

-- 
Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

From levitte at openssl.org  Tue Apr 16 20:15:31 2019
From: levitte at openssl.org (Richard Levitte)
Date: Tue, 16 Apr 2019 22:15:31 +0200
Subject: Monthly Status Report (March 2019)
In-Reply-To: <87o955k8ye.wl-levitte@openssl.org>
References: <87o955k8ye.wl-levitte@openssl.org>
Message-ID: <87mukpk8po.wl-levitte@openssl.org>

There's an oops, the Web part is a copy of the February report.
Ignore it in this report.

On Tue, 16 Apr 2019 22:10:17 +0200,
Richard Levitte wrote:
> 
> Apart from normal business, such as normal reviews, OMC business,
> normal system administration tasks, etc., key activities this month:
> 
> * Development
> 
>   - Deprecated the "hw" configuration option and made "padlockeng"
>     disablable
>     (PR openssl/openssl#8380)
>   - Finalized addition of generic trace API together with Matthias
>     St Pierre
>     (PR openssl/openssl#8198)
>   - Finalized work on the basics for OpenSSL 3.0 replumbing: provider
>     object
>     (PRs openssl/openssl#8287)
>   - Finalized work on the OpenSSL 3.0 core: generic method constructor
>     (PR openssl/openssl#8340)
>   - Finalized work on the OpenSSL 3.0 EVP: constructor for EVP methods
>     (PR openssl/openssl#8341)
>   - Reviewed the added OSSL_PARAM API
>     (PR openssl/openssl#8451)
>   - Reviewed further trace API work
>     (PR openssl/openssl#8463)
>   - Added mechanism for fallback providers and pre-populating the
>     provider store with well known providers ("default")
>     (PR openssl/openssl#8480)
>   - Reviewed the addition of chacha20 and poly1305 assembler for ia64
>     (PR openssl/openssl#8540)
>   - Finally remove everything that has to do with "heartbeats"
>     (PR openssl/openssl#1928)
>   - Started work on the OpenSSL 3.0 core: config module for providers
>     (PR openssl/openssl#8549)
>   - Started work on OSSL_PARAM name registration and checking
>     (PR openssl/openssl#8461)
>   - Started work on tidying our common perl scripts
>     (PR openssl/openssl#8525)
>   - [unpublished] Started work on flexible installation commands for
>     Makefiles
>   - [unpublished] Continued work on flexible building commands for
>     Makefiles
> 
> * Web
> 
>   - Published the OpenSSL 3.0 Design document
>     (PR openssl/web#113)
>   - Reworked the release strategy to include the version scheme for
>     OpenSSL 3.0 and on; generalised the criteria for alpha, beta and
>     release; reviewed the new stability policy
>     (PR openssl/web#82)
>   - Reviewed the added extended support contract information
>     (PR openssl/web#122)
>   - Reworked web site building to centralise release information
>     (PR openssl/web#120)
> 
> -- 
> Richard Levitte         levitte at openssl.org
> OpenSSL Project         http://www.openssl.org/~levitte/
> 
-- 
Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/