Commit Graph

12055 Commits

Author SHA1 Message Date
Matt Caswell
29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API
These were previously added as an internal API. But since the CMS code
needs them, other code might do too.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13088)
2020-10-15 10:00:28 +01:00
Matt Caswell
7022d9b903 Remove CMS recipient info information out of the algorithm implementations
Low level algorithm implementations have no business knowing about details
of the higher level CMS concept. This knowledge is therefore moved into the
CMS layer.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13088)
2020-10-15 10:00:28 +01:00
Matt Caswell
9ab7fe4836 Move CMS signing code out of the algorithms and into CMS
There is a large amount of CMS sepcific code in the algorithms. This is in
the wrong place and breaks layering. This code should be in the CMS layer.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13088)
2020-10-15 10:00:28 +01:00
Matt Caswell
0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS
There is quite a large amount of algorithm specific CMS code sitting in
the algorithm directories. However, this seems to break layering.
Algorithms really have no business knowing anything about CMS. Really it
should be the other way around. Where there is algorithm specific CMS code
it is the CMS layer that should know how to handle different algorithms.

Therefore we move this code into the CMS layer.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13088)
2020-10-15 10:00:19 +01:00
Matt Caswell
99b3b762c3 Remove a CMS key downgrade
We were downgrading a key in the CMS code. This is no longer necessary.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13088)
2020-10-15 10:00:19 +01:00
Nicola Tuveri
8b17fbaf46 [ssl] Support ssl_encapsulate on server side
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13018)
2020-10-14 18:42:59 +03:00
Nicola Tuveri
a011b5861b [ssl] Support ssl_decapsulate on client side
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13018)
2020-10-14 18:42:59 +03:00
Richard Levitte
a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY
The temporary copy that's made didn't have a lock, which could end up
with a crash.  We now handle locks a bit better, and take extra care to
lock it and keep track of which lock is used where and which lock is
thrown away.

Fixes #12876

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12978)
2020-10-13 06:45:58 +02:00
Pauli
19431e5e44 vms: move otherwise dead code into the VMS relevant path.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13091)
2020-10-12 10:27:16 +10:00
Richard Levitte
113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data()
The functions i2d_PrivateKey(), try_key_value() i store_result.c and
X509_PUBKEY_set() were all essentially duplicating this functionality
to some degree.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13094)
2020-10-10 20:23:39 +02:00
Richard Levitte
25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer
This adds OSSL_ENCODER_to_data() and OSSL_DECODER_from_data().  These
functions allow fairly simple rewrites of type-specific i2d and d2i
calls.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13094)
2020-10-10 20:23:39 +02:00
Daniel Bevenius
d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex
This commit sets the error mark before calling old_priv_decode and if
old_priv_decode returns false, and if EVP_PKCS82PKEY is successful, the
errors are popped to the previously set mark.

The motivation for this is an issue we found when linking Node.js
against OpenSSL 3.0. Details can be found in the link below and the
test case provided in this commit attempts cover this.

Refs: https://github.com/danbev/learning-libcrypto#asn1-wrong-tag-issue
Refs: https://github.com/nodejs/node/issues/29817

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13073)
2020-10-08 17:53:21 +02:00
Dmitry Belyavskiy
13c5ec569e Fix zero-length content verification in S/MIME format
Fixes #13082

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13087)
2020-10-08 18:17:44 +03:00
Dr. David von Oheimb
55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13045)
2020-10-08 16:57:34 +02:00
André Klitzing
02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE
This unifies the behaviour of a single certificate with
an unknown CA certificate with a self-signed certificate.
The user callback can mask that error to retrieve additional
error information. So the user application can decide to
abort the connection instead to be forced by openssl.

This change in behaviour is backward compatible as user callbacks
who don't want to ignore UNABLE_TO_VERIFY_LEAF_SIGNATURE will
still abort the connection by default.

CLA: trivial
Fixes #11297

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13083)
2020-10-08 16:49:29 +02:00
Matt Caswell
df38dcfcd5 Fix the decoder start type handling
If an explicit decoder start type was provided then it wasn't being
handled correctly in all cases. Specifically if a PEM start type was
provided then the decoder would fail.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13050)
2020-10-08 12:31:00 +01:00
Jordan Montgomery
db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other
Add PKCS7_get_octet_string() and PKCS7_type_is_other() to the public interface.
Fixes #11139

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13059)
2020-10-08 13:26:44 +03:00
Daniel Bevenius
5884b05109 ERR: fix comment typo in err.c
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13076)
2020-10-08 09:15:27 +02:00
Pauli
23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls.
The functions being:
    rsa_check_crt_components, rsa_check_key, rsa_check_pminusq_diff,
    rsa_check_prime_factor, rsa_check_prime_factor_range,
    rsa_check_private_exponent, rsa_check_public_exponent,
    rsa_digestinfo_encoding, rsa_fips186_4_gen_prob_primes, rsa_fromdata,
    rsa_get0_all_params, rsa_get0_libctx, rsa_get0_pss_params_30,
    rsa_get_lcm, rsa_mgf_nid2name, rsa_mp_coeff_names, rsa_mp_exp_names,
    rsa_mp_factor_names, rsa_new_with_ctx, rsa_oaeppss_md2nid,
    rsa_oaeppss_nid2name, rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx,
    rsa_padding_add_PKCS1_type_2_with_libctx,
    rsa_padding_add_SSLv23_with_libctx, rsa_padding_check_PKCS1_type_2_TLS,
    rsa_pkey_method, rsa_pss_params_30_copy, rsa_pss_params_30_fromdata,
    rsa_pss_params_30_hashalg, rsa_pss_params_30_is_unrestricted,
    rsa_pss_params_30_maskgenalg, rsa_pss_params_30_maskgenhashalg,
    rsa_pss_params_30_saltlen, rsa_pss_params_30_set_defaults,
    rsa_pss_params_30_set_hashalg, rsa_pss_params_30_set_maskgenalg,
    rsa_pss_params_30_set_maskgenhashalg, rsa_pss_params_30_set_saltlen,
    rsa_pss_params_30_set_trailerfield, rsa_pss_params_30_todata,
    rsa_pss_params_30_trailerfield, rsa_pss_pkey_method, rsa_set0_all_params,
    rsa_sp800_56b_check_keypair, rsa_sp800_56b_check_private,
    rsa_sp800_56b_check_public, rsa_sp800_56b_derive_params_from_pq,
    rsa_sp800_56b_generate_key, rsa_sp800_56b_pairwise_test,
    rsa_sp800_56b_validate_strength, rsa_todata, rsa_validate_pairwise,
    rsa_validate_private and rsa_validate_public.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13040)
2020-10-07 09:04:51 +10:00
Pauli
5357c10624 ffc: add _ossl to exported but internal functions
The functions updated are:
    ffc_generate_private_key, ffc_named_group_from_uid,
    ffc_named_group_to_uid, ffc_params_FIPS186_2_gen_verify,
    ffc_params_FIPS186_2_generate, ffc_params_FIPS186_2_validate,
    ffc_params_FIPS186_4_gen_verify, ffc_params_FIPS186_4_generate,
    ffc_params_FIPS186_4_validate, ffc_params_cleanup, ffc_params_cmp,
    ffc_params_copy, ffc_params_enable_flags, ffc_params_flags_from_name,
    ffc_params_flags_to_name, ffc_params_fromdata,
    ffc_params_get0_pqg, ffc_params_get_validate_params,
    ffc_params_init, ffc_params_print, ffc_params_set0_j,
    ffc_params_set0_pqg, ffc_params_set_flags, ffc_params_set_gindex,
    ffc_params_set_h, ffc_params_set_pcounter, ffc_params_set_seed,
    ffc_params_set_validate_params, ffc_params_simple_validate,
    ffc_params_todata, ffc_params_validate_unverifiable_g, ffc_set_digest,
    ffc_set_group_pqg, ffc_validate_private_key, ffc_validate_public_key
    and ffc_validate_public_key_partial.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13041)
2020-10-06 09:04:19 +10:00
Dmitry Belyavskiy
856198aac7 Some OIDs used in Russian X.509 certificates.
OBJ_OGRNIP denotes a specific legal status of the certificate owner.
OBJ_classSignTool* denotes a level of certification of the software
created the certificate.

http://www.garant.ru/products/ipo/prime/doc/70033464/ is the relevant
link (in Russian).

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8309)
2020-10-05 12:14:17 +03:00
Richard Levitte
70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY()
There is some data that is very difficult to guess.  For example, DSA
parameters and X9.42 DH parameters look exactly the same, a SEQUENCE
of 3 INTEGER.  Therefore, callers may need the possibility to select
the exact keytype that they expect to get.

This will also allow use to translate d2i_TYPEPrivateKey(),
d2i_TYPEPublicKey() and d2i_TYPEParams() into OSSL_DECODER terms much
more smoothly.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13061)
2020-10-04 13:01:47 +02:00
Richard Levitte
ecadfdadde DECODER: Handle abstract object data type
The PEM->DER decoder passes the data type of its contents, something
that decoder_process() ignored.

On the other hand, the PEM->DER decoder passed nonsense.

Both issues are fixed here.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13060)
2020-10-04 12:58:41 +02:00
drgler
99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV
Since glibc 2.8, these defines like `NI_MAXHOST` are exposed only
if suitable feature test macros are defined, namely: _GNU_SOURCE,
_DEFAULT_SOURCE (since glibc 2.19), or _BSD_SOURCE or _SVID_SOURCE
(before glibc 2.19), see GETNAMEINFO(3).

CLA: trivial
Fixes #13049

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/13054)
2020-10-03 16:01:53 +02:00
Nicola Tuveri
993c437dbd Fix segfault on missing provider_query_operation()
A provider without `provider_query_operation()` is admittedly quite
useless, yet technically the base provider functions are not mandatory
according to our documentation.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13058)
2020-10-03 14:38:22 +03:00
Richard Levitte
f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use
We've had explicit checks for when to fall back to legacy code for
operations that use an EVP_PKEY.  Unfortunately, the checks were
radically different in different spots, so we refactor that into a
macro that gets used everywhere.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13043)
2020-10-01 19:54:10 +02:00
Dr. David von Oheimb
7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2
Was detected via test_req_distinguishing_id() with config having no-ec but not no-sm2

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13021)
2020-10-01 14:13:18 +02:00
Matt Caswell
746f367489 Fix some things the rename script didn't quite get right
The previous commit ran an automated rename throughout the codebase.
There are a small number of things it didn't quite get right so we fix
those in this commit.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12970)
2020-10-01 09:25:20 +01:00
Matt Caswell
d8652be06e Run the withlibctx.pl script
Automatically rename all instances of _with_libctx() to _ex() as per
our coding style.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12970)
2020-10-01 09:25:20 +01:00
Pauli
a55b00bdbc der: _ossl prefix DER functions
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13038)
2020-10-01 11:25:12 +10:00
Shane Lontis
c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode.
Reported by Tim Hudson

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13011)
2020-10-01 10:52:30 +10:00
Dr. David von Oheimb
4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13023)
2020-09-30 20:49:44 +02:00
Dr. David von Oheimb
66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc.
Also adds error output tests on loading key files with unsupported algorithms to 30-test_evp.t

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13023)
2020-09-30 20:49:44 +02:00
Pauli
c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider
Fixes #12984

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12997)
2020-09-28 08:49:05 +10:00
Richard Levitte
8c27ee6e05 STORE: Clear a couple of TODOs that were there for the sake of SM2
We now have decoder support for SM2, so the cheats that were in place
for the sake of lacking decoders aren't needed any more.

Fixes #12982

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12986)
2020-09-27 09:04:31 +02:00
Dr. David von Oheimb
4ff993d791 Implement treatment of id-pkix-ocsp-no-check extension for OCSP_basic_verify()
Fixes #7761

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12947)
2020-09-26 14:03:44 +02:00
jwalch
3786d74868 en EVP_PKEY_CTX_set_rsa_keygen_pubexp() BIGNUM management
Fixes #12635

As discussed in the issue, supporting the set0-like semantics long-term is not necessarily desirable, although necessary for short-term compatibility concerns. So I've deprecated the original method and added an equivalent that is explicitly labelled as set1.

I tried to audit existing usages of the (now-deprecated) API and update them to use set1 if that appeared to align with their expectations.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12917)
2020-09-26 07:31:59 +10:00
Shane Lontis
1c52bf3c04 Add EVP_ASYM_CIPHER_gettable_ctx_params() and EVP_ASYM_CIPHER_settable_ctx_params()
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12943)
2020-09-26 07:13:21 +10:00
Shane Lontis
5a9500488d Add EVP_KEM_gettable_ctx_params() and EVP_KEM_settable_ctx_params()
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12943)
2020-09-26 07:13:21 +10:00
Matt Caswell
989684227b Remove some dead SM2 code
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12913)
2020-09-25 11:13:53 +01:00
Richard Levitte
14711fffbf EVP: Enforce that EVP_PKEY_set_alias_type() only works with legacy keys
This also deprecates the function, as it is not necessary any more,
and should fall out of use.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12920)
2020-09-25 11:07:42 +02:00
Richard Levitte
25b16562d3 Hide ECX_KEY again
ECX_KEY was not meant for public consumption, it was only to be
accessed indirectly via EVP routines.  However, we still need internal
access for our decoders.

This partially reverts 7c664b1f1b

Fixes #12880

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12956)
2020-09-25 12:12:22 +10:00
Dr. David von Oheimb
29844ea5b3 Prune low-level ASN.1 parse errors from error queue in decoder_process()
Fixes #12840

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12893)
2020-09-24 14:34:56 +02:00
Richard Levitte
cdb5129e5c Use OPENSSL_SYS_TANDEM instead of OPENSSL_SYSNAME_TANDEM
This streamlines with all other config targets, and draws from the
'sys_id' config attribute.

Fixes #12858

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12933)
2020-09-24 08:06:50 +02:00
Shane Lontis
0ecec0fa08 Fix missing propq in sm2
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12944)
2020-09-23 17:31:40 +10:00
Shane Lontis
851886b061 Fix missing propq in ffc_params_generate
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12944)
2020-09-23 17:31:40 +10:00
Shane Lontis
c4b3ea73a7 Fix missing propq in ecdh_cms_set_shared_info()
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12944)
2020-09-23 17:31:40 +10:00
Shane Lontis
8dbef010e7 Fix ecx so that is uses a settable propertyquery
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12944)
2020-09-23 17:31:40 +10:00
Shane Lontis
719523c76d Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST
rsa_pss_params_30_fromdata() now uses the OSSL_PKEY_PARAM_RSA_DIGEST_PROPS parameter also.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12944)
2020-09-23 17:31:40 +10:00
Shane Lontis
81777339e9 Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12930)
2020-09-23 17:16:39 +10:00