summaryrefslogtreecommitdiffstats
path: root/crypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Use NULL as parameter when pointer can only be NULL.Pauli2019-08-021-1/+1
| | | | | | | Code clarification. Reviewed-by: Paul Yang <kaishen.yy@antfin.com> (Merged from https://github.com/openssl/openssl/pull/9514)
* Add missing accessors for X509 AuthorityKeyIdentifierDr. Matthias St. Pierre2019-08-011-0/+14
| | | | | | | | | | | Complements commit b383aa208146, which added X509_get0_authority_key_id(). const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x); const GENERAL_NAMES *X509_get0_authority_issuer(X509 *x); [NEW] const ASN1_INTEGER *X509_get0_authority_serial(X509 *x); [NEW] Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9493)
* Load the config file by defaultMatt Caswell2019-08-017-49/+104
| | | | | | | | Previously we only loaded the config file by default for libssl. Now we do it for libcrypto too. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9492)
* Prevent an infinite recursion when the query cache is flushed.Pauli2019-08-011-1/+1
| | | | | | | | | | The problem being that the "requires flush" flag was being cleared after the the flush. The fix is to clear it before. This is a problem because the cache flushing called RAND_bytes and if the DRBG hadn't been created yet, it would be queried and added to the cache causing the flush code to repeat. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/9477)
* The query cache has been updated to not depend on RAND_bytes being available.Pauli2019-08-011-31/+38
| | | | | | | | | The alternative is to use a fast and small xorshift random number generator. The stochastic flushing doesn't require good random numbers, just enough variety to avoid causing problems. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/9477)
* Fix warning C4164 in MSVC.joe2018Outlookcom2019-07-311-0/+1
| | | | | | | | | Fix: crypto\whrlpool\wp_block.c(90) : warning C4164: '_rotl64' : intrinsic function not declared. Fixes #9487 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9488)
* make RSA and DSA operations throw MISSING_PRIVATE_KEY if needed, adapt ECDSADavid von Oheimb2019-07-317-4/+36
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/9466)
* Add gcm ciphers (aes and aria) to providers.Shane Lontis2019-07-314-4/+19
| | | | | | | | | | | | | | | | | | The code has been modularized so that it can be shared by algorithms. A fixed size IV is now used instead of being allocated. The IV is not set into the low level struct now until the update (it uses an iv_state for this purpose). Hardware specific methods have been added to a PROV_GCM_HW object. The S390 code has been changed to just contain methods that can be accessed in a modular way. There are equivalent generic methods also for the other platforms. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/9231)
* ERR: fix err_data_size inconsistenciesRichard Levitte2019-07-312-4/+4
| | | | | | | | | | | | In ERR_add_error_vdata(), the size of err_data had 1 added to it in some spots, which could lead to buffer overflow. In ERR_vset_error(), ERR_MAX_DATA_SIZE was used instead of buf_size in the BIO_vsnprintf() call, which would lead to a buffer overflow if such a large buffer couldn't be allocated. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9491)
* Rename X509_STORE ptr stored in opaque struct X509_STORE_CTXShane Lontis2019-07-313-8/+8
| | | | | | | Change name from 'ctx' to 'store' to remove ctx->ctx from code. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9405)
* Add evp_util macrosShane Lontis2019-07-316-30/+73
| | | | | | | Also added EVP_CTRL_RET_UNSUPPORTED define (so magic numbers can be removed) Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9464)
* CAdES : lowercase name for now internal methods.FdaSilvaYY2019-07-315-11/+34
| | | | | | | | | | CAdES : rework CAdES signing API. Make it private, as it is unused outside library bounds. Fix varous doc-nits. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
* Refactor provider support for reporting errorsRichard Levitte2019-07-312-58/+67
| | | | | | | | | | | | | | | The core now supplies its own versions of ERR_new(), ERR_set_debug() and ERR_vset_error(). This should suffice for a provider to have any OpenSSL compatible functionlity it desires. The main difference between the ERR functions and the core counterparts is that the core counterparts take an OSSL_PROVIDER parameter instead of the library number. That way, providers do not need to know what number they have been assigned, that information stays in the core. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9452)
* ERR: Remove ERR_put_func_error() and reimplement ERR_put_error() as a macroRichard Levitte2019-07-311-38/+0
| | | | | | | Also, deprecate ERR_put_error() Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9452)
* ERR: Add new building blocks for reporting errorsRichard Levitte2019-07-312-1/+114
| | | | | | | | | | | | The new building block are ERR_new(), ERR_set_debug(), ERR_set_error(), ERR_vset_error(), which allocate a new error record and set the diverse data in them. They are designed in such a way that it's reasonably easy to create macros that use all of them but then rely completely on the function signature of ERR_set_error() or ERR_vset_error(). Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9452)
* ERR: refactor useful inner macros to err_locl.h. Add function name fieldRichard Levitte2019-07-312-43/+70
| | | | | | | | The useful inner macros are now static inline functions. That will make them easier to debug in the future. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9452)
* Fix BIO_printf format warningsBernd Edlinger2019-07-301-1/+1
| | | | | | | [extended tests] Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9479)
* Document the provider CIPHER operationMatt Caswell2019-07-301-3/+2
| | | | | | | | Extends the existing provider documentation with information about the CIPHER operation. This is primarily for provider authors. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9473)
* ERR: re-use the err_data field when possibleRichard Levitte2019-07-301-32/+74
| | | | | | | | | | | | | | | | | To deallocate the err_data field and then allocating it again might be a waste of processing, but may also be a source of errors when memory is scarce. While we normally tolerate that, the ERR sub-system is an exception and we need to pay closer attention to how we handle memory. This adds a new err_data flag, ERR_TXT_IGNORE, which means that even if there is err_data memory allocated, its contents should be ignored. Deallocation of the err_data field is much more selective, aand should only happen when ERR_free_state() is called. Fixes #9458 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9459)
* s390x assembly pack: use getauxval to detect hw capabilitiesPatrick Steuer2019-07-261-32/+63
| | | | | | | | | if available. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9410)
* Add functions to see if a provider is available for use.Richard Levitte2019-07-262-41/+65
| | | | | | | | | | | | | | | Public function OSSL_PROVIDER_available() takes a library context and a provider name, and returns 1 if it's available for use, i.e. if it's possible to fetch implementations from it, otherwise 0. Internal function ossl_provider_activated() returns 1 if the given OSSL_PROVIDER is activated, otherwise 0. To make this possible, the activation of fallbacks got refactored out to a separate function, which ended up simplifying the code. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9398)
* Remove OPENSSL_X509V3_H include detector from openssl/cms.hDr. Matthias St. Pierre2019-07-241-3/+0
| | | | | | | | The check is redundant, because <openssl/x509v3.h> is included. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/9364)
* Remove HEADER_BSS_FILE_C module include guardDr. Matthias St. Pierre2019-07-241-33/+28
| | | | | | | | | | | This include guard inside an object file comes as a surprise and serves no purpose anymore. It seems like this object file was included by crypto/threads/mttest.c at some time, but the include directive was removed in commit bb8abd6. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/9364)
* Enforce a minimum DH modulus size of 512 bitsBernd Edlinger2019-07-245-0/+24
| | | | | | | [extended tests] Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9437)
* Adapt DH to use with KEYMGMTRichard Levitte2019-07-2313-167/+112
| | | | | | | | | The biggest part in this was to move the key->param builder from EVP to the DH ASN.1 method, and to implement the KEYMGMT support in the provider DH. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9394)
* Remove some utilities from the core to provider interfaceMatt Caswell2019-07-234-138/+121
| | | | | | | | | | | | The core provides a number of essential functions as "upcalls" to providers. Some of those were just utility functions that wrap other upcalls - which don't seem essential and bloat the interface. We should remove them in order to simplify the interface. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9432)
* Make rand_pool buffers more dynamic in their sizing.Pauli2019-07-233-5/+63
| | | | | Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/9428)
* Avoid double clearing some BIGNUMsPauli2019-07-231-11/+9
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9438)
* Replace OSSL_ITEM with OSSL_PARAM as parameter descriptor, everywhereRichard Levitte2019-07-232-7/+7
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9346)
* Add EVP_CIPHER_do_all_ex() and EVP_MD_do_all_ex()Richard Levitte2019-07-232-0/+18
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9356)
* Add internal function evp_generic_do_all()Richard Levitte2019-07-232-0/+45
| | | | | | | | | | | | | | This function is used to traverse all algorithm implementations for a given operation type, and execute the given function for each of them. For each algorithm implementation, a method is created and passed to the given function, and then freed after that function's return. If the caller wishes to keep the method for longer, they must call the appropriate up_ref function on the method, and they must also make sure to free the passed methods at some point. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9356)
* Refactor ossl_method_construct() in terms of ossl_algorithm_do_all()Richard Levitte2019-07-231-44/+34
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9356)
* Add internal function ossl_algorithm_do_all()Richard Levitte2019-07-232-1/+77
| | | | | | | | | | | | | This function is used to traverse all the implementations provided by one provider, or all implementation for a specific operation across all loaded providers, or both, and execute a given function for each occurence. This will be used by ossl_method_construct(), but also by information processing functions. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9356)
* Add OSSL_PROVIDER_name()Richard Levitte2019-07-231-0/+5
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9356)
* Add EVP_MD_provider() and EVP_CIPHER_provider()Richard Levitte2019-07-231-0/+10
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9356)
* Re-implement EVP_MD_name() and EVP_CIPHER_name() as functionsRichard Levitte2019-07-231-0/+22
| | | | | | | | They will do the same as usual for non-provider algorithms implementations, but can handle provider implementations as well. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9356)
* Add a mechnism to save the name of fetched methodsRichard Levitte2019-07-239-13/+41
| | | | | | | | | This will be useful for information display, as well as for code that want to check the name of an algorithm. This can eventually replace all NID checks. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9356)
* Remove superfluous call to OPENSSL_cpuid_setupPatrick Steuer2019-07-221-3/+0
| | | | | | | | Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9417)
* Change DH parameters to generate the order q subgroup instead of 2qBernd Edlinger2019-07-223-58/+47
| | | | | | | | This avoids leaking bit 0 of the private key. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/9363)
* Deprecate SYSerr, add new FUNCerr macroRich Salz2019-07-229-34/+35
| | | | | | Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9072)
* Add ERR_put_func_error, and use it.Rich Salz2019-07-229-41/+41
| | | | | | | | | | Change SYSerr to have the function name; remove SYS_F_xxx defines Add a test and documentation. Use get_last_socket_err, which removes some ifdef's in OpenSSL code. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9072)
* Allocate DRBG additional data pool from non-secure memoryBernd Edlinger2019-07-225-14/+31
| | | | | | | | | | | | The additional data allocates 12K per DRBG instance in the secure memory, which is not necessary. Also nonces are not considered secret. [extended tests] Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9423)
* x509: publish X509_PUBKEY_dupDr. Matthias St. Pierre2019-07-222-3/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9353)
* Add an internal API to access the KEYMGMT provider functionsRichard Levitte2019-07-222-0/+113
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9312)
* Add evp_keymgmt_clear_pkey_cache() and use itRichard Levitte2019-07-223-8/+25
| | | | | | | | | This function clears the cache of provider key references, and is used in evp_keymgmt_export_to_provider() when the internal key is dirty, as well as by EVP_PKEY_free_it(). Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9312)
* Adapt int_ctx_new() to use with providersRichard Levitte2019-07-221-2/+14
| | | | | | | | | | | | | | | | | | This affects all its callers: EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(). They are now possible to called with "zero" values, i.e.: EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(NULL, NULL); or EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(0, NULL); This is suitable for provider use, as the key functionality is tied with its keys, and the operation time is determined by the init functions the EVP_PKEY_CTX is used with. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9312)
* Add evp_keymgmt_export_to_provider(), for key transfer between providersRichard Levitte2019-07-224-2/+206
| | | | | | | | | | | | | | | | | | This function is used to transport private key materia from whatever is already attached to the EVP_PKEY to the new provider, using key data export and import functionality. If a legacy lower level key has been assigned to the EVP_PKEY, we use its data to create a provider side key, and thereby have a bridge between old style public key types and the EVP_PKEY on providers. If successful, this function returns a reference to the appropriate provider side data for the key. This can be used by any operation that wants to use this key. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9312)
* Add basic EVP_KEYMGMT API and libcrypto <-> provider interfaceRichard Levitte2019-07-224-5/+236
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The idea with the key management "operation" is to support the following set of functionality: - Key domain parameter generation - Key domain parameter import - Key domain parameter export - Key generation - Key import - Key export - Key loading (HSM / hidden key support) With that set of function, we can support handling domain parameters on one provider, key handling on another, and key usage on a third, with transparent export / import of applicable data. Of course, if a provider doesn't offer export / import functionality, then all operations surrounding a key must be performed with the same provider. This method also avoids having to do anything special with legacy assignment of libcrypto key structures, i.e. EVP_PKEY_assign_RSA(). They will simply be used as keys to be exported from whenever they are used with provider based operations. This change only adds the EVP_KEYMGMT API and the libcrypto <-> provider interface. Further changes will integrate them into existing libcrypto functionality. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9312)
* Add param builder free function.Pauli2019-07-181-18/+30
| | | | | | | | This means include deallocation information in the return from the ossl_param_bld_to_param function. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9404)
* Cygwin: enable the use of Dl_info and dladdr()Richard Levitte2019-07-211-2/+1
| | | | | | | | | | These weren't available in Cygwin at the time our DSO code was written, but things have changed since. Fixes #9385 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9402)