Skip to content
Permalink
Branch: master
Commits on Jul 17, 2019
  1. Fix the return value for SSL_get0_chain_certs()

    mattcaswell committed Jul 16, 2019
    This function was always returning 0. It should return 1 on success.
    
    Fixes #9374
    
    Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
    (Merged from #9395)
Commits on Jul 16, 2019
  1. Document the new EVP_KEYEXCH type and related functions

    mattcaswell committed Jun 28, 2019
    Previous commits added the EVP_KEYEXCH type for representing key exchange
    algorithms. They also added various functions for fetching and using them,
    so we document all of those functions.
    
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #9266)
  2. Add the ability to set PKCS#3 DH padding in providers

    mattcaswell committed Jun 27, 2019
    This also adds the ability to set arbitrary parameters on key exchange
    algorithms. The ability to pad the output is one such parameter for DH.
    
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #9266)
  3. Enable PKCS#3 DH in the providers

    mattcaswell committed Jun 27, 2019
    The default provider now has support for PKCS#3 Diffie-Hellman so we
    switch libcrypto to using providers for that algorithm.
    
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #9266)
  4. Implement PKCS#3 DH Key Exchange in the default provider

    mattcaswell committed Jun 27, 2019
    We add the capability for the default provider to perform PKCS#3
    Diffie-Hellman key exchange. At this point the implementation is not used
    because libcrypto still uses legacy handling for Diffie-Hellman.
    
    Note X9.42 DH is not touched by this commit.
    
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #9266)
  5. Make the EVP Key Exchange code provider aware

    mattcaswell committed Jun 27, 2019
    We introduce a new EVP_KEYEXCH type to represent key exchange algorithms
    and refactor the existing code to use it where available.
    
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #9266)
Commits on Jul 15, 2019
  1. Make sure all BIGNUM operations work within the FIPS provider

    mattcaswell committed Jul 4, 2019
    The FIPS provider does not have a default OPENSSL_CTX so, where
    necessary, we need to ensure we can always access an explicit
    OPENSSL_CTX. We remove functions from the FIPS provider that use
    the default OPENSSL_CTX, and fixup some places which were using
    those removed functions.
    
    Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
    (Merged from #9310)
Commits on Jul 11, 2019
  1. Convert asn1_dsa.c to use the WPACKET API instead

    mattcaswell authored and paulidale committed Jun 10, 2019
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #9111)
  2. Give WPACKET the ability to have a NULL buffer underneath it

    mattcaswell authored and paulidale committed Jun 10, 2019
    This means the WPACKET API can be used for calculating the number of
    bytes that would have been written if a non-NULL buffer had been used.
    This enables us to calculate the number of length bytes required when
    encoding ASN.1
    
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #9111)
  3. Convert asn1_dsa.c to use the PACKET API instead

    mattcaswell authored and paulidale committed Jun 7, 2019
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #9111)
  4. Make the PACKET/WPACKET code available to both libcrypto and libssl

    mattcaswell authored and paulidale committed Jun 7, 2019
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #9111)
Commits on Jul 4, 2019
  1. Prevent the use of RUN_ONCE inside the FIPS module

    mattcaswell committed Jul 4, 2019
    FIPS module code *always* runs within the scope of an associated
    OPENSSL_CTX. When the module is loaded the OPENSSL_CTX gets created, and
    when the module is unloaded the OPENSSL_CX gets freed. A module may be
    loaded multiple times within the scope of different OPENSSL_CTX objects.
    "Global" data should always be stored within the OPENSSL_CTX. In this
    way it will always get cleaned up properly when the module is unloaded.
    
    All current code within the FIPS module works this way. To avoid
    "accidents" we disabled the RUN_ONCE code inside the FIPS module.
    
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #9308)
Commits on Jul 2, 2019
  1. Add a dummy call to BN_rand_ex() in the FIPS provider

    mattcaswell committed Jun 19, 2019
    The previous commit made BIGNUM RAND operations available from within
    the FIPS provider. We test this out by making a dummy call to check it
    completes successfully.
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
    (Merged from #9193)
  2. Make BIGNUM rand functions available within the FIPS module

    mattcaswell committed Jun 28, 2019
    The BIGNUM rand functions were previously disabled for the FIPS module.
    We can now re-enable them.
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
    (Merged from #9193)
  3. Provide rand_bytes_ex and rand_priv_bytes_ex

    mattcaswell committed Jun 28, 2019
    We provider internal versions of RAND_bytes() and RAND_priv_bytes() which
    have the addition of taking an OPENSSL_CTX as a parameter.
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
    (Merged from #9193)
Commits on Jul 1, 2019
  1. Fix a leak in evp_test

    mattcaswell committed Jun 28, 2019
    If evp_test fails to load the legacy provider then it leaks a reference
    to the default provider.
    
    Reviewed-by: Richard Levitte <levitte@openssl.org>
    Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
    (Merged from #9270)
  2. Change RC5_32_set_key to return an int type

    mattcaswell committed Jun 28, 2019
    If the key is too long we now return an error.
    
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #8834)
  3. Ensure that rc5 doesn't try to use a key longer than 2040 bits

    mattcaswell committed Apr 26, 2019
    The maximum key length for rc5 is 2040 bits so we should not attempt to
    use keys longer than this.
    
    Issue found by OSS-Fuzz and Guido Vranken.
    
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #8834)
  4. Only cache a method if we actually created one

    mattcaswell committed Jun 28, 2019
    We were attempting to cache a method after we failed to create it
    which leads to an assertion failure.
    
    Fixes #9264
    
    Reviewed-by: Richard Levitte <levitte@openssl.org>
    Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
    (Merged from #9269)
Commits on Jun 28, 2019
  1. Change the DRBG HMAC implementation to lookup allowed digest names

    mattcaswell committed Jun 20, 2019
    As per the previous commit we make the same change for DRBG HMAC and
    more closely align the FIPS_MODE and non FIPS_MODE implementations.
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
    (Merged from #9035)
  2. Change the DRBG HASH implementation to lookup all allowed algorithm n…

    mattcaswell committed Jun 20, 2019
    …ames
    
    We use the new function ossl_prov_util_nid_to_name() to look up the
    algorithm and unify the FIPS_MODE and non-FIPS_MODE handling.
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
    (Merged from #9035)
  3. Add a nid 2 algorithm name mapping capability

    mattcaswell committed Jun 20, 2019
    Providers that link against libcrypto can just use OBJ_nid2sn() to look
    up the name of an algorithm given a NID. However that doesn't work for the
    FIPS provider because OBJ_nid2sn() is not available there (due to the
    reliance of the code on ASN.1 types). Therefore we provider a new function
    to do this mapping. For providers linking against libcrypto the new function
    just wraps OBJ_nid2sn(). For the FIPS provider it has a look up for all the
    NIDs known there.
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
    (Merged from #9035)
  4. Call RAND_DRBG_bytes from inside the FIPS provider

    mattcaswell committed May 28, 2019
    Insert a dummy call to RAND_DRBG_bytes from inside the FIPS provider to
    demonstrate that it is possible to use the RAND code from inside the
    module. This is temporary and will be removed once real uses of the RAND
    code are available inside the module.
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
    (Merged from #9035)
  5. Fix NULL pointer dereference in the ex_data code

    mattcaswell committed May 28, 2019
    In some circumstances the global data held in the "global" variable can
    be NULL, so we should error out in the circumstance instead of crashing.
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
    (Merged from #9035)
  6. Make the RAND code available from inside the FIPS module

    mattcaswell committed May 23, 2019
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
    (Merged from #9035)
  7. Document EVP_CIPHER_up_ref()

    mattcaswell committed Jun 24, 2019
    Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
    (Merged from #9233)
  8. Rename EVP_MD_upref/EVP_CIPHER_upref to EVP_MD_up_ref/EVP_CIPHER_up_ref

    mattcaswell committed Jun 24, 2019
    All the other upref functions are spelled as "up_ref". These new functions
    should be consistent.
    
    Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
    (Merged from #9233)
  9. Add documentation for EVP_CIPHER_fetch

    mattcaswell committed Jun 24, 2019
    We extend the EVP_MD_fetch documentation to be more generic and to also
    cover EVP_CIPHER_fetch. We expect this to be further expanded with other
    "fetch" functions in the future.
    
    Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
    (Merged from #9233)
Commits on Jun 27, 2019
  1. Move the public SIV mode functions from public headers to internal ones

    mattcaswell committed Jun 24, 2019
    SIV mode is accessible via EVP. There should be no reason to make the low
    level SIV functions from the modes directory part of the public API. Since
    these functions do not exist in 1.1.1 we are still able to make this change.
    
    This also reduces the list of newly added undocumented symbols from
    issue #9095.
    
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from #9232)
Commits on Jun 19, 2019
  1. Fix a doc-nits failure

    mattcaswell committed Jun 19, 2019
    We need blank lines on each side of a section heading.
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
    (Merged from #9192)
  2. Add some internal documentation for some thread related functions

    mattcaswell committed Jun 19, 2019
    Reviewed-by: Richard Levitte <levitte@openssl.org>
    (Merged from #9186)
  3. Provide an ability to deregister thread stop handlers

    mattcaswell committed Jun 18, 2019
    If a provider gets unloaded then any thread stop handlers that it had
    registered will be left hanging. We should clean them up before tearing
    down the provider.
    
    Reviewed-by: Richard Levitte <levitte@openssl.org>
    (Merged from #9186)
  4. Don't create an OPENSSL_CTX twice

    mattcaswell committed Jun 18, 2019
    The fips provider was creating the OPENSSL_CTX twice due to a previous
    merge error.
    
    Reviewed-by: Richard Levitte <levitte@openssl.org>
    (Merged from #9184)
Commits on Jun 18, 2019
  1. Following the previous 2 commits also move ecpointformats out of session

    mattcaswell committed Jun 18, 2019
    The previous 2 commits moved supported groups and ciphers out of the
    session object to avoid race conditions. We now also move ecpointformats
    for consistency. There does not seem to be a race condition with access
    to this data since it is only ever set in a non-resumption handshake.
    However, there is no reason for it to be in the session.
    
    Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
    (Merged from #9162)
  2. Fix a race condition in ciphers handling

    mattcaswell committed Jun 14, 2019
    Similarly to the previous commit we were storing the peer offered list
    of ciphers in the session. In practice there is no need for this
    information to be avilable from one resumption to the next since this
    list is specific to a particular handshake. Since the session object is
    supposed to be immutable we should not be updating it once we have decided
    to resume. The solution is to remove the session list out of the session
    object.
    
    Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
    (Merged from #9162)
Older
You can’t perform that action at this time.