[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2018-09-04 Thread Paul I . Dale
The branch OpenSSL_1_1_0-stable has been updated
   via  374804bd0973e8af05046caecc40e6b906d1a375 (commit)
  from  bfd752fe83c72f248a6905d971217e8a3e3a287d (commit)


- Log -
commit 374804bd0973e8af05046caecc40e6b906d1a375
Author: Pauli 
Date:   Wed Sep 5 07:50:17 2018 +1000

Key zeroization fix for EVP_SealInit.

Manual backport from master.

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/7116)

---

Summary of changes:
 crypto/evp/p_seal.c   | 21 ++---
 test/evp_extra_test.c | 48 +++-
 2 files changed, 61 insertions(+), 8 deletions(-)

diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c
index faa2464..6f026e7 100644
--- a/crypto/evp/p_seal.c
+++ b/crypto/evp/p_seal.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -21,6 +21,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
 {
 unsigned char key[EVP_MAX_KEY_LENGTH];
 int i;
+int rv = 0;
 
 if (type) {
 EVP_CIPHER_CTX_reset(ctx);
@@ -31,21 +32,27 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER 
*type,
 return 1;
 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
 return 0;
+
 if (EVP_CIPHER_CTX_iv_length(ctx)
-&& RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0)
-return 0;
+&& RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0)
+goto err;
 
 if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
-return 0;
+goto err;
 
 for (i = 0; i < npubk; i++) {
 ekl[i] =
 EVP_PKEY_encrypt_old(ek[i], key, EVP_CIPHER_CTX_key_length(ctx),
  pubk[i]);
-if (ekl[i] <= 0)
-return (-1);
+if (ekl[i] <= 0) {
+rv = -1;
+goto err;
+}
 }
-return (npubk);
+rv = npubk;
+err:
+OPENSSL_cleanse(key, sizeof(key));
+return rv;
 }
 
 /*- MACRO
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index 9217f3a..bc02fad 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -9,6 +9,7 @@
 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -326,6 +327,46 @@ static int test_d2i_AutoPrivateKey(const unsigned char 
*input,
 return ret;
 }
 
+static int test_EVP_Enveloped(void)
+{
+int ret = 0;
+EVP_CIPHER_CTX *ctx = NULL;
+EVP_PKEY *keypair = NULL;
+unsigned char *kek = NULL;
+int kek_len;
+unsigned char iv[EVP_MAX_IV_LENGTH];
+static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
+int len, ciphertext_len, plaintext_len;
+unsigned char ciphertext[32], plaintext[16];
+const EVP_CIPHER *type = EVP_aes_256_cbc();
+
+if ((keypair = load_example_rsa_key()) == NULL
+|| (kek = OPENSSL_zalloc(EVP_PKEY_size(keypair))) == NULL
+|| (ctx = EVP_CIPHER_CTX_new()) == NULL
+|| !EVP_SealInit(ctx, type, &kek, &kek_len, iv, &keypair, 1)
+|| !EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
+   msg, sizeof(msg))
+|| !EVP_SealFinal(ctx, ciphertext + ciphertext_len, &len))
+goto err;
+
+ciphertext_len += len;
+if (!EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair)
+|| !EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
+   ciphertext, ciphertext_len)
+|| !EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)
+|| (plaintext_len += len) != sizeof(msg)
+|| memcmp(msg, plaintext, sizeof(msg)) != 0)
+goto err;
+
+ret = 1;
+
+err:
+OPENSSL_free(kek);
+EVP_PKEY_free(keypair);
+EVP_CIPHER_CTX_free(ctx);
+return ret;
+}
+
 #ifndef OPENSSL_NO_EC
 /* Tests loading a bad key in PKCS8 format */
 static int test_EVP_PKCS82PKEY(void)
@@ -386,6 +427,11 @@ int main(void)
 return 1;
 }
 
+if (!test_EVP_Enveloped()) {
+fprintf(stderr, "test_EVP_Enveloped failed\n");
+return 1;
+}
+
 #ifndef OPENSSL_NO_EC
 if (!test_d2i_AutoPrivateKey(kExampleECKeyDER, sizeof(kExampleECKeyDER),
  EVP_PKEY_EC)) {
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/l

[openssl-commits] [tools] master update

2018-09-04 Thread Richard Levitte
The branch master has been updated
   via  1f45f077ae95e501865207cc9aba81a7c3791756 (commit)
  from  2a01977682aadf36adcc66dd7ac2bbe0cbc26d24 (commit)


- Log -
commit 1f45f077ae95e501865207cc9aba81a7c3791756
Author: Richard Levitte 
Date:   Tue Sep 4 21:18:58 2018 +0200

gitaddrev: don't lowercase the reviewers

If we lowercase them, the occasional registered mixed case ID will not
be recognised.

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/28)

---

Summary of changes:
 review-tools/gitaddrev | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/review-tools/gitaddrev b/review-tools/gitaddrev
index cf041d4..18930b4 100755
--- a/review-tools/gitaddrev
+++ b/review-tools/gitaddrev
@@ -31,7 +31,7 @@ my @unknown_reviewers;
 my $skip_reviewer;
 my $omccount = 0;
 sub try_add_reviewer {
-my $id = lc(shift);
+my $id = shift;
 my $rc = undef;
 my $id2 = $id =~ /^\@(.*)$/ ? { github => $1 } : $id;
 my $rev = $query->find_person_tag($id2, 'rev');
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2018-09-04 Thread Paul I . Dale
The branch OpenSSL_1_1_0-stable has been updated
   via  bfd752fe83c72f248a6905d971217e8a3e3a287d (commit)
  from  fe4de29d48d6f7125576a6f8ac73c5af5e832083 (commit)


- Log -
commit bfd752fe83c72f248a6905d971217e8a3e3a287d
Author: Eric Curtin 
Date:   Mon Sep 3 15:23:37 2018 +0100

New openssl subject parser hard to debug

-subj 'subject=C = US, ST = A, L = root, O = Hewlett Packard Enterprise 
Company, OU = Remote Device Access, CN = Hewlett Packard Enterprise Remote 
Device Access Test Local CA, emailAddress = r...@hpe.com'
was a valid subject in openssl 1.0. Error received in 1.1 is:

problems making Certificate Request

Not very informative, I only figured this out because I compiled the
code and added logging.

Reviewed-by: Tim Hudson 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7098)

(cherry picked from commit 2167640b0bf76ec50a397dd90444b97c242e3f04)

---

Summary of changes:
 apps/apps.c | 8 +++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/apps/apps.c b/apps/apps.c
index d52201f..a162b16 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1707,8 +1707,14 @@ X509_NAME *parse_name(const char *cp, long chtype, int 
canmulti)
 char *work;
 X509_NAME *n;
 
-if (*cp++ != '/')
+if (*cp++ != '/') {
+BIO_printf(bio_err,
+   "name is expected to be in the format "
+   "/type0=value0/type1=value1/type2=... where characters may "
+   "be escaped by \\. This name is not in that format: '%s'\n",
+   --cp);
 return NULL;
+}
 
 n = X509_NAME_new();
 if (n == NULL)
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] master update

2018-09-04 Thread Paul I . Dale
The branch master has been updated
   via  2167640b0bf76ec50a397dd90444b97c242e3f04 (commit)
  from  64ed55ab033f1bfa795d46f0ecc61c313204b418 (commit)


- Log -
commit 2167640b0bf76ec50a397dd90444b97c242e3f04
Author: Eric Curtin 
Date:   Mon Sep 3 15:23:37 2018 +0100

New openssl subject parser hard to debug

-subj 'subject=C = US, ST = A, L = root, O = Hewlett Packard Enterprise 
Company, OU = Remote Device Access, CN = Hewlett Packard Enterprise Remote 
Device Access Test Local CA, emailAddress = r...@hpe.com'
was a valid subject in openssl 1.0. Error received in 1.1 is:

problems making Certificate Request

Not very informative, I only figured this out because I compiled the
code and added logging.

Reviewed-by: Tim Hudson 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7098)

---

Summary of changes:
 apps/apps.c | 8 +++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/apps/apps.c b/apps/apps.c
index 4090e60..9be6560 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1768,8 +1768,14 @@ X509_NAME *parse_name(const char *cp, long chtype, int 
canmulti)
 char *work;
 X509_NAME *n;
 
-if (*cp++ != '/')
+if (*cp++ != '/') {
+BIO_printf(bio_err,
+   "name is expected to be in the format "
+   "/type0=value0/type1=value1/type2=... where characters may "
+   "be escaped by \\. This name is not in that format: '%s'\n",
+   --cp);
 return NULL;
+}
 
 n = X509_NAME_new();
 if (n == NULL)
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2018-09-04 Thread Paul I . Dale
The branch OpenSSL_1_1_0-stable has been updated
   via  fe4de29d48d6f7125576a6f8ac73c5af5e832083 (commit)
  from  b5b39779f3dfe811a64899bd8b33397647dda57a (commit)


- Log -
commit fe4de29d48d6f7125576a6f8ac73c5af5e832083
Author: Pauli 
Date:   Wed Sep 5 05:35:34 2018 +1000

Make OBJ_NAME case insensitive.

Reviewed-by: Richard Levitte 
Reviewed-by: Nicola Tuveri 
(Merged from https://github.com/openssl/openssl/pull/7101)

---

Summary of changes:
 .../{conf/conf_lcl.h => include/internal/lhash.h}  |  6 -
 crypto/lhash/lhash.c   | 23 
 crypto/objects/o_names.c   | 31 +++---
 test/evptests.txt  | 30 +
 4 files changed, 73 insertions(+), 17 deletions(-)
 copy crypto/{conf/conf_lcl.h => include/internal/lhash.h} (74%)

diff --git a/crypto/conf/conf_lcl.h b/crypto/include/internal/lhash.h
similarity index 74%
copy from crypto/conf/conf_lcl.h
copy to crypto/include/internal/lhash.h
index 6e1f7fe..200ba86 100644
--- a/crypto/conf/conf_lcl.h
+++ b/crypto/include/internal/lhash.h
@@ -7,5 +7,9 @@
  * https://www.openssl.org/source/license.html
  */
 
-void conf_add_ssl_module(void);
+#ifndef INTERNAL_LHASH_H
+# define INTERNAL_LHASH_H
 
+unsigned long openssl_lh_strcasehash(const char *);
+
+#endif
diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
index f485411..319dd49 100644
--- a/crypto/lhash/lhash.c
+++ b/crypto/lhash/lhash.c
@@ -12,6 +12,8 @@
 #include 
 #include 
 #include 
+#include 
+#include "internal/lhash.h"
 #include "lhash_lcl.h"
 
 /*
@@ -351,6 +353,27 @@ unsigned long OPENSSL_LH_strhash(const char *c)
 return ((ret >> 16) ^ ret);
 }
 
+unsigned long openssl_lh_strcasehash(const char *c)
+{
+unsigned long ret = 0;
+long n;
+unsigned long v;
+int r;
+
+if (c == NULL || *c == '\0')
+return ret;
+
+for (n = 0x100; *c != '\0'; n += 0x100) {
+v = n | tolower(*c);
+r = (int)((v >> 2) ^ v) & 0x0f;
+ret = (ret << r) | (ret >> (32 - r));
+ret &= 0xL;
+ret ^= v * v;
+c++;
+}
+return (ret >> 16) ^ ret;
+}
+
 unsigned long OPENSSL_LH_num_items(const OPENSSL_LHASH *lh)
 {
 return lh ? lh->num_items : 0;
diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
index 15fe653..709b9c3 100644
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@@ -16,27 +16,26 @@
 #include 
 #include 
 #include 
-#include 
+#include "internal/thread_once.h"
+#include "internal/lhash.h"
 #include "obj_lcl.h"
+#include "e_os.h"
 
 /*
  * We define this wrapper for two reasons. Firstly, later versions of
  * DEC C add linkage information to certain functions, which makes it
  * tricky to use them as values to regular function pointers.
- * Secondly, in the EDK2 build environment, the strcmp function is
- * actually an external function (AsciiStrCmp) with the Microsoft ABI,
- * so we can't transparently assign function pointers to it.
- * Arguably the latter is a stupidity of the UEFI environment, but
- * since the wrapper solves the DEC C issue too, let's just use the
- * same solution.
+ * Secondly, in the EDK2 build environment, the strcasecmp function is
+ * actually an external function with the Microsoft ABI, so we can't
+ * transparently assign function pointers to it.
  */
 #if defined(OPENSSL_SYS_VMS_DECC) || defined(OPENSSL_SYS_UEFI)
-static int obj_strcmp(const char *a, const char *b)
+static int obj_strcasecmp(const char *a, const char *b)
 {
-return strcmp(a, b);
+return strcasecmp(a, b);
 }
 #else
-#define obj_strcmp strcmp
+#define obj_strcasecmp strcasecmp
 #endif
 
 /*
@@ -111,8 +110,8 @@ int OBJ_NAME_new_index(unsigned long (*hash_func) (const 
char *),
 ret = 0;
 goto out;
 }
-name_funcs->hash_func = OPENSSL_LH_strhash;
-name_funcs->cmp_func = obj_strcmp;
+name_funcs->hash_func = openssl_lh_strcasehash;
+name_funcs->cmp_func = obj_strcasecmp;
 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
 
 push = sk_NAME_FUNCS_push(name_funcs_stack, name_funcs);
@@ -149,7 +148,7 @@ static int obj_name_cmp(const OBJ_NAME *a, const OBJ_NAME 
*b)
 ret = sk_NAME_FUNCS_value(name_funcs_stack,
   a->type)->cmp_func(a->name, b->name);
 } else
-ret = strcmp(a->name, b->name);
+ret = strcasecmp(a->name, b->name);
 }
 return ret;
 }
@@ -164,7 +163,7 @@ static unsigned long obj_name_hash(const OBJ_NAME *a)
 sk_NAME_FUNCS_value(name_funcs_stack,
 a->type)->hash_func(a->name);
 } else {
-ret = OPENSSL_LH_strhash(a->name);
+ret = openssl_lh_strcasehash(a->name);
 }
 ret ^= a->type;

[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2018-09-04 Thread Paul I . Dale
The branch OpenSSL_1_1_0-stable has been updated
   via  b5b39779f3dfe811a64899bd8b33397647dda57a (commit)
  from  febb025068f6c74f6776cc7faf1a8bcd55138f87 (commit)


- Log -
commit b5b39779f3dfe811a64899bd8b33397647dda57a
Author: Shane Lontis 
Date:   Tue Sep 4 14:01:37 2018 +1000

hkdf zeroization fix

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7106)

(cherry picked from commit 64ed55ab033f1bfa795d46f0ecc61c313204b418)

---

Summary of changes:
 crypto/kdf/hkdf.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/crypto/kdf/hkdf.c b/crypto/kdf/hkdf.c
index 00b95b5..6d38a2f 100644
--- a/crypto/kdf/hkdf.c
+++ b/crypto/kdf/hkdf.c
@@ -234,6 +234,7 @@ static unsigned char *HKDF_Expand(const EVP_MD *evp_md,
   unsigned char *okm, size_t okm_len)
 {
 HMAC_CTX *hmac;
+unsigned char *ret = NULL;
 
 unsigned int i;
 
@@ -283,11 +284,10 @@ static unsigned char *HKDF_Expand(const EVP_MD *evp_md,
 
 done_len += copy_len;
 }
-
-HMAC_CTX_free(hmac);
-return okm;
+ret = okm;
 
  err:
+OPENSSL_cleanse(prev, sizeof(prev));
 HMAC_CTX_free(hmac);
-return NULL;
+return ret;
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] master update

2018-09-04 Thread Paul I . Dale
The branch master has been updated
   via  64ed55ab033f1bfa795d46f0ecc61c313204b418 (commit)
  from  f5cee414fa8e7e9a088d8d5ebe641f368df20801 (commit)


- Log -
commit 64ed55ab033f1bfa795d46f0ecc61c313204b418
Author: Shane Lontis 
Date:   Tue Sep 4 14:01:37 2018 +1000

hkdf zeroization fix

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7106)

---

Summary of changes:
 crypto/kdf/hkdf.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/crypto/kdf/hkdf.c b/crypto/kdf/hkdf.c
index baaa16f..ec6090a 100644
--- a/crypto/kdf/hkdf.c
+++ b/crypto/kdf/hkdf.c
@@ -281,6 +281,7 @@ static unsigned char *HKDF_Expand(const EVP_MD *evp_md,
   unsigned char *okm, size_t okm_len)
 {
 HMAC_CTX *hmac;
+unsigned char *ret = NULL;
 
 unsigned int i;
 
@@ -330,11 +331,10 @@ static unsigned char *HKDF_Expand(const EVP_MD *evp_md,
 
 done_len += copy_len;
 }
-
-HMAC_CTX_free(hmac);
-return okm;
+ret = okm;
 
  err:
+OPENSSL_cleanse(prev, sizeof(prev));
 HMAC_CTX_free(hmac);
-return NULL;
+return ret;
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2018-09-04 Thread Paul I . Dale
The branch OpenSSL_1_1_0-stable has been updated
   via  febb025068f6c74f6776cc7faf1a8bcd55138f87 (commit)
  from  b4b651b09e738e8874c59f9fd24ec52d7258e5b4 (commit)


- Log -
commit febb025068f6c74f6776cc7faf1a8bcd55138f87
Author: Shane Lontis 
Date:   Tue Sep 4 15:00:21 2018 +1000

key zeroisation fix for p12

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7109)

(cherry picked from commit f5cee414fa8e7e9a088d8d5ebe641f368df20801)

---

Summary of changes:
 crypto/pkcs12/p12_mutl.c | 14 +-
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index a9e2202..02e529c 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -75,6 +75,7 @@ static int pkcs12_gen_mac(PKCS12 *p12, const char *pass, int 
passlen,
 unsigned char *out,
 const EVP_MD *md_type))
 {
+int ret = 0;
 const EVP_MD *md_type;
 HMAC_CTX *hmac = NULL;
 unsigned char key[EVP_MAX_MD_SIZE], *salt;
@@ -116,24 +117,27 @@ static int pkcs12_gen_mac(PKCS12 *p12, const char *pass, 
int passlen,
 if (!pkcs12_gen_gost_mac_key(pass, passlen, salt, saltlen, iter,
  md_size, key, md_type)) {
 PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR);
-return 0;
+goto err;
 }
 } else
 if (!(*pkcs12_key_gen)(pass, passlen, salt, saltlen, PKCS12_MAC_ID,
iter, md_size, key, md_type)) {
 PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR);
-return 0;
+goto err;
 }
 if ((hmac = HMAC_CTX_new()) == NULL
 || !HMAC_Init_ex(hmac, key, md_size, md_type, NULL)
 || !HMAC_Update(hmac, p12->authsafes->d.data->data,
 p12->authsafes->d.data->length)
 || !HMAC_Final(hmac, mac, maclen)) {
-HMAC_CTX_free(hmac);
-return 0;
+goto err;
 }
+ret = 1;
+
+err:
+OPENSSL_cleanse(key, sizeof(key));
 HMAC_CTX_free(hmac);
-return 1;
+return ret;
 }
 
 int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] master update

2018-09-04 Thread Paul I . Dale
The branch master has been updated
   via  f5cee414fa8e7e9a088d8d5ebe641f368df20801 (commit)
  from  0239283d99a37e8527199a62100fec867b9996cb (commit)


- Log -
commit f5cee414fa8e7e9a088d8d5ebe641f368df20801
Author: Shane Lontis 
Date:   Tue Sep 4 15:00:21 2018 +1000

key zeroisation fix for p12

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7109)

---

Summary of changes:
 crypto/pkcs12/p12_mutl.c | 14 +-
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index a9e2202..02e529c 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -75,6 +75,7 @@ static int pkcs12_gen_mac(PKCS12 *p12, const char *pass, int 
passlen,
 unsigned char *out,
 const EVP_MD *md_type))
 {
+int ret = 0;
 const EVP_MD *md_type;
 HMAC_CTX *hmac = NULL;
 unsigned char key[EVP_MAX_MD_SIZE], *salt;
@@ -116,24 +117,27 @@ static int pkcs12_gen_mac(PKCS12 *p12, const char *pass, 
int passlen,
 if (!pkcs12_gen_gost_mac_key(pass, passlen, salt, saltlen, iter,
  md_size, key, md_type)) {
 PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR);
-return 0;
+goto err;
 }
 } else
 if (!(*pkcs12_key_gen)(pass, passlen, salt, saltlen, PKCS12_MAC_ID,
iter, md_size, key, md_type)) {
 PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR);
-return 0;
+goto err;
 }
 if ((hmac = HMAC_CTX_new()) == NULL
 || !HMAC_Init_ex(hmac, key, md_size, md_type, NULL)
 || !HMAC_Update(hmac, p12->authsafes->d.data->data,
 p12->authsafes->d.data->length)
 || !HMAC_Final(hmac, mac, maclen)) {
-HMAC_CTX_free(hmac);
-return 0;
+goto err;
 }
+ret = 1;
+
+err:
+OPENSSL_cleanse(key, sizeof(key));
 HMAC_CTX_free(hmac);
-return 1;
+return ret;
 }
 
 int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2018-09-04 Thread Paul I . Dale
The branch OpenSSL_1_1_0-stable has been updated
   via  b4b651b09e738e8874c59f9fd24ec52d7258e5b4 (commit)
  from  1018ba701368bdcdec7190bfcd2fb4076d0c1244 (commit)


- Log -
commit b4b651b09e738e8874c59f9fd24ec52d7258e5b4
Author: Shane Lontis 
Date:   Tue Sep 4 14:31:11 2018 +1000

key zeroisation for pvkfmt now done on all branch paths

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7107)

(cherry picked from commit 0239283d99a37e8527199a62100fec867b9996cb)

---

Summary of changes:
 crypto/pem/pvkfmt.c | 11 ++-
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 63ce925..96a82eb 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -675,11 +675,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
 const unsigned char *p = *in;
 unsigned int magic;
 unsigned char *enctmp = NULL, *q;
+unsigned char keybuf[20];
 
 EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new();
 if (saltlen) {
 char psbuf[PEM_BUFSIZE];
-unsigned char keybuf[20];
 int enctmplen, inlen;
 if (cb)
 inlen = cb(psbuf, PEM_BUFSIZE, 0, u);
@@ -719,7 +719,6 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
 memset(keybuf + 5, 0, 11);
 if (!EVP_DecryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL))
 goto err;
-OPENSSL_cleanse(keybuf, 20);
 if (!EVP_DecryptUpdate(cctx, q, &enctmplen, p, inlen))
 goto err;
 if (!EVP_DecryptFinal_ex(cctx, q + enctmplen, &enctmplen))
@@ -729,15 +728,17 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
 PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);
 goto err;
 }
-} else
-OPENSSL_cleanse(keybuf, 20);
+}
 p = enctmp;
 }
 
 ret = b2i_PrivateKey(&p, keylen);
  err:
 EVP_CIPHER_CTX_free(cctx);
-OPENSSL_free(enctmp);
+if (enctmp != NULL) {
+OPENSSL_cleanse(keybuf, sizeof(keybuf));
+OPENSSL_free(enctmp);
+}
 return ret;
 }
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] master update

2018-09-04 Thread Paul I . Dale
The branch master has been updated
   via  0239283d99a37e8527199a62100fec867b9996cb (commit)
  from  8f39d8af7de12d5ac8699e54cf2fd8ae2325bcf2 (commit)


- Log -
commit 0239283d99a37e8527199a62100fec867b9996cb
Author: Shane Lontis 
Date:   Tue Sep 4 14:31:11 2018 +1000

key zeroisation for pvkfmt now done on all branch paths

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7107)

---

Summary of changes:
 crypto/pem/pvkfmt.c | 11 ++-
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 281c6cd..e39c243 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -676,11 +676,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
 const unsigned char *p = *in;
 unsigned int magic;
 unsigned char *enctmp = NULL, *q;
+unsigned char keybuf[20];
 
 EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new();
 if (saltlen) {
 char psbuf[PEM_BUFSIZE];
-unsigned char keybuf[20];
 int enctmplen, inlen;
 if (cb)
 inlen = cb(psbuf, PEM_BUFSIZE, 0, u);
@@ -720,7 +720,6 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
 memset(keybuf + 5, 0, 11);
 if (!EVP_DecryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL))
 goto err;
-OPENSSL_cleanse(keybuf, 20);
 if (!EVP_DecryptUpdate(cctx, q, &enctmplen, p, inlen))
 goto err;
 if (!EVP_DecryptFinal_ex(cctx, q + enctmplen, &enctmplen))
@@ -730,15 +729,17 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
 PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);
 goto err;
 }
-} else
-OPENSSL_cleanse(keybuf, 20);
+}
 p = enctmp;
 }
 
 ret = b2i_PrivateKey(&p, keylen);
  err:
 EVP_CIPHER_CTX_free(cctx);
-OPENSSL_free(enctmp);
+if (enctmp != NULL) {
+OPENSSL_cleanse(keybuf, sizeof(keybuf));
+OPENSSL_free(enctmp);
+}
 return ret;
 }
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] master update

2018-09-04 Thread Paul I . Dale
The branch master has been updated
   via  8f39d8af7de12d5ac8699e54cf2fd8ae2325bcf2 (commit)
  from  17147181bd3f97c53592e2a5c9319b854b954039 (commit)


- Log -
commit 8f39d8af7de12d5ac8699e54cf2fd8ae2325bcf2
Author: Shane Lontis 
Date:   Tue Sep 4 15:12:13 2018 +1000

key zeroization fix for a branch path of tls13_final_finish_mac

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7110)

---

Summary of changes:
 ssl/tls13_enc.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index 22db2f8..f7ab0fa 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -271,6 +271,7 @@ size_t tls13_final_finish_mac(SSL *s, const char *str, 
size_t slen,
 
 key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, finsecret,
hashlen);
+OPENSSL_cleanse(finsecret, sizeof(finsecret));
 }
 
 if (key == NULL
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2018-09-04 Thread Richard Levitte
The branch OpenSSL_1_0_2-stable has been updated
   via  6e873259029939657a297e9fe451196df4e3da48 (commit)
  from  62025a4590baef6fc44ae36c6f90d233a79d36e9 (commit)


- Log -
commit 6e873259029939657a297e9fe451196df4e3da48
Author: Richard Levitte 
Date:   Mon Sep 3 13:17:03 2018 +0200

openssl req: don't try to report bits

With the introduction of -pkeyopt, the number of bits may change
without |newkey| being updated.  Unfortunately, there is no API to
retrieve the information from a EVP_PKEY_CTX either, so chances are
that we report incorrect information.  For the moment, it's better not
to try to report the number of bits at all.

Fixes #7086

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7096)

(cherry picked from commit 17147181bd3f97c53592e2a5c9319b854b954039)

---

Summary of changes:
 apps/req.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/apps/req.c b/apps/req.c
index 7fcab18..5422cac 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -659,8 +659,7 @@ int MAIN(int argc, char **argv)
 }
 }
 
-BIO_printf(bio_err, "Generating a %ld bit %s private key\n",
-   newkey, keyalgstr);
+BIO_printf(bio_err, "Generating a %s private key\n", keyalgstr);
 
 EVP_PKEY_CTX_set_cb(genctx, genpkey_cb);
 EVP_PKEY_CTX_set_app_data(genctx, bio_err);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2018-09-04 Thread Richard Levitte
The branch OpenSSL_1_1_0-stable has been updated
   via  1018ba701368bdcdec7190bfcd2fb4076d0c1244 (commit)
  from  019cb1ec5bb74cd1e6ec11b5ce1f1b50b0c9b2e2 (commit)


- Log -
commit 1018ba701368bdcdec7190bfcd2fb4076d0c1244
Author: Richard Levitte 
Date:   Mon Sep 3 13:17:03 2018 +0200

openssl req: don't try to report bits

With the introduction of -pkeyopt, the number of bits may change
without |newkey| being updated.  Unfortunately, there is no API to
retrieve the information from a EVP_PKEY_CTX either, so chances are
that we report incorrect information.  For the moment, it's better not
to try to report the number of bits at all.

Fixes #7086

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7096)

(cherry picked from commit 17147181bd3f97c53592e2a5c9319b854b954039)

---

Summary of changes:
 apps/req.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/apps/req.c b/apps/req.c
index 2a21569..a691f93 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -509,8 +509,7 @@ int req_main(int argc, char **argv)
 if (pkey_type == EVP_PKEY_EC) {
 BIO_printf(bio_err, "Generating an EC private key\n");
 } else {
-BIO_printf(bio_err, "Generating a %ld bit %s private key\n",
-   newkey, keyalgstr);
+BIO_printf(bio_err, "Generating a %s private key\n", keyalgstr);
 }
 
 EVP_PKEY_CTX_set_cb(genctx, genpkey_cb);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] master update

2018-09-04 Thread Richard Levitte
The branch master has been updated
   via  17147181bd3f97c53592e2a5c9319b854b954039 (commit)
  from  8ec2bde994c272f7b14b4cc4d9232f38b9211cb1 (commit)


- Log -
commit 17147181bd3f97c53592e2a5c9319b854b954039
Author: Richard Levitte 
Date:   Mon Sep 3 13:17:03 2018 +0200

openssl req: don't try to report bits

With the introduction of -pkeyopt, the number of bits may change
without |newkey| being updated.  Unfortunately, there is no API to
retrieve the information from a EVP_PKEY_CTX either, so chances are
that we report incorrect information.  For the moment, it's better not
to try to report the number of bits at all.

Fixes #7086

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7096)

---

Summary of changes:
 apps/req.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/apps/req.c b/apps/req.c
index 08a1468e..6fd28a2 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -622,8 +622,7 @@ int req_main(int argc, char **argv)
 if (pkey_type == EVP_PKEY_EC) {
 BIO_printf(bio_err, "Generating an EC private key\n");
 } else {
-BIO_printf(bio_err, "Generating a %ld bit %s private key\n",
-   newkey, keyalgstr);
+BIO_printf(bio_err, "Generating a %s private key\n", keyalgstr);
 }
 
 EVP_PKEY_CTX_set_cb(genctx, genpkey_cb);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2018-09-04 Thread Richard Levitte
The branch OpenSSL_1_0_2-stable has been updated
   via  62025a4590baef6fc44ae36c6f90d233a79d36e9 (commit)
  from  85d5a4e125bf6597e1663658fac51092b8f40a44 (commit)


- Log -
commit 62025a4590baef6fc44ae36c6f90d233a79d36e9
Author: Richard Levitte 
Date:   Tue Sep 4 12:05:39 2018 +0200

VMS: add missing x509_time test to test scripts

Reviewed-by: Tim Hudson 
(Merged from https://github.com/openssl/openssl/pull/7112)

---

Summary of changes:
 test/maketests.com | 2 +-
 test/tests.com | 8 +++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/test/maketests.com b/test/maketests.com
index f4e418b..c0e1730 100644
--- a/test/maketests.com
+++ b/test/maketests.com
@@ -151,7 +151,7 @@ $ TEST_FILES = 
"BNTEST,ECTEST,ECDSATEST,ECDHTEST,IDEATEST,"+ -
   "ASN1TEST,V3NAMETEST,HEARTBEAT_TEST,"+ -
   "CONSTANT_TIME_TEST,VERIFY_EXTRA_TEST,"+ -
"CLIENTHELLOTEST,SSLV2CONFTEST,DTLSTEST,"+ -
-   "BAD_DTLS_TEST,FATALERRTEST"
+   "BAD_DTLS_TEST,FATALERRTEST,X509_TIME_TEST"
 $!
 $! Additional directory information.
 $ T_D_BNTEST := [-.crypto.bn]
diff --git a/test/tests.com b/test/tests.com
index 27b01b6..21867bf 100644
--- a/test/tests.com
+++ b/test/tests.com
@@ -58,7 +58,7 @@ $ tests := -

test_ss,test_ca,test_engine,test_evp,test_evp_extra,test_ssl,test_tsa,test_ige,-
test_jpake,test_srp,test_cms,test_ocsp,test_v3name,test_heartbeat,-

test_constant_time,test_verify_extra,test_clienthello,test_sslv2conftest,-
-   test_dtls,test_bad_dtls,test_fatalerr
+   test_dtls,test_bad_dtls,test_fatalerr,test_x509_time
 $  endif
 $  tests = f$edit(tests,"COLLAPSE")
 $
@@ -107,6 +107,7 @@ $   BADDTLSTEST :=  bad_dtls_test
 $  SSLV2CONFTEST :=sslv2conftest
 $  DTLSTEST := dtlstest
 $  FATALERRTEST := fatalerrtest
+$  X509TIMETEST := x509_time_test
 $!
 $  tests_i = 0
 $ loop_tests:
@@ -415,6 +416,11 @@ $  write sys$output "''START' test_fatalerrtest"
 $  mcr 'texe_dir''fatalerrtest' 'ROOT'.APPS]server.pem 
'ROOT'.APPS]server.pem
 $  return
 $
+$ test_x509_time:
+$  write sys$output "''START' test_x509_time"
+$  mcr 'texe_dir''x509timetest'
+$  return
+$
 $ test_sslv2conftest:
 $  write sys$output "''START' test_sslv2conftest"
 $  mcr 'texe_dir''sslv2conftest'
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] master update

2018-09-04 Thread Matt Caswell
The branch master has been updated
   via  8ec2bde994c272f7b14b4cc4d9232f38b9211cb1 (commit)
  from  b2c4909c208994a94b4b09e1c34316c889985bb0 (commit)


- Log -
commit 8ec2bde994c272f7b14b4cc4d9232f38b9211cb1
Author: Matt Caswell 
Date:   Mon Sep 3 11:57:33 2018 +0100

Clarify the return value of SSL_client_version()

The SSL_client_version() function returns the value held in the
legacy_version field of the ClientHello. This is never greater than
TLSv1.2, even if TLSv1.3 later gets negotiated.

Fixes #7079

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/7095)

---

Summary of changes:
 doc/man3/SSL_get_version.pod | 22 +-
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/doc/man3/SSL_get_version.pod b/doc/man3/SSL_get_version.pod
index 9b49242..b0aaba3 100644
--- a/doc/man3/SSL_get_version.pod
+++ b/doc/man3/SSL_get_version.pod
@@ -19,17 +19,20 @@ protocol information of a connection
 
 =head1 DESCRIPTION
 
-SSL_client_version() returns the protocol version used by the client when
-initiating the connection. SSL_get_version() returns the name of the protocol
-used for the connection. SSL_version() returns the protocol version used for 
the
-connection. They should only be called after the initial handshake has been
-completed. Prior to that the results returned from these functions may be
-unreliable.
+SSL_client_version() returns the numeric protocol version advertised by the
+client in the legacy_version field of the ClientHello when initiating the
+connection. Note that, for TLS, this value will never indicate a version 
greater
+than TLSv1.2 even if TLSv1.3 is subsequently negotiated. SSL_get_version()
+returns the name of the protocol used for the connection. SSL_version() returns
+the numeric protocol version used for the connection. They should only be 
called
+after the initial handshake has been completed. Prior to that the results
+returned from these functions may be unreliable.
 
 SSL_is_dtls() returns one if the connection is using DTLS, zero if not.
 
 =head1 RETURN VALUES
 
+
 SSL_get_version() returns one of the following strings:
 
 =over 4
@@ -60,8 +63,8 @@ This indicates an unknown protocol version.
 
 =back
 
-SSL_version() and SSL_client_version() return an integer which could include 
any of
-the following:
+SSL_version() and SSL_client_version() return an integer which could include 
any
+of the following:
 
 =over 4
 
@@ -83,7 +86,8 @@ The connection uses the TLSv1.2 protocol.
 
 =item TLS1_3_VERSION
 
-The connection uses the TLSv1.3 protocol.
+The connection uses the TLSv1.3 protocol (never returned for
+SSL_client_version()).
 
 =back
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] master update

2018-09-04 Thread Matt Caswell
The branch master has been updated
   via  b2c4909c208994a94b4b09e1c34316c889985bb0 (commit)
   via  b8fef8ee929a8775262cb4371f62c35f7058dbed (commit)
  from  8614a4eb4ae8e38c3f5064113eb571aa8ca6b272 (commit)


- Log -
commit b2c4909c208994a94b4b09e1c34316c889985bb0
Author: Matt Caswell 
Date:   Mon Sep 3 16:29:35 2018 +0100

Add a test for RSA key exchange with both RSA and RSA-PSS certs

Check that we use an RSA certificate if an RSA key exchange ciphersuite
is being used and we have both RSA and RSA-PSS certificates configured.

Reviewed-by: Paul Dale 
Reviewed-by: Tim Hudson 
(Merged from https://github.com/openssl/openssl/pull/7099)

commit b8fef8ee929a8775262cb4371f62c35f7058dbed
Author: Matt Caswell 
Date:   Mon Sep 3 16:12:34 2018 +0100

Don't use an RSA-PSS cert for RSA key exchange

If we have selected a ciphersuite using RSA key exchange then we must
not attempt to use an RSA-PSS cert for that.

Fixes #7059

Reviewed-by: Paul Dale 
Reviewed-by: Tim Hudson 
(Merged from https://github.com/openssl/openssl/pull/7099)

---

Summary of changes:
 ssl/t1_lib.c  |  10 +-
 test/ssl-tests/20-cert-select.conf| 505 +++---
 test/ssl-tests/20-cert-select.conf.in |  30 ++
 3 files changed, 316 insertions(+), 229 deletions(-)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index ca05a3a..1564979 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2473,7 +2473,10 @@ static int tls12_get_cert_sigalg_idx(const SSL *s, const 
SIGALG_LOOKUP *lu)
 const SSL_CERT_LOOKUP *clu = ssl_cert_lookup_by_idx(sig_idx);
 
 /* If not recognised or not supported by cipher mask it is not suitable */
-if (clu == NULL || !(clu->amask & s->s3->tmp.new_cipher->algorithm_auth))
+if (clu == NULL
+|| (clu->amask & s->s3->tmp.new_cipher->algorithm_auth) == 0
+|| (clu->nid == EVP_PKEY_RSA_PSS
+&& (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kRSA) != 0))
 return -1;
 
 return s->s3->tmp.valid_flags[sig_idx] & CERT_PKEY_VALID ? sig_idx : -1;
@@ -2643,8 +2646,9 @@ int tls_choose_sigalg(SSL *s, int fatalerrs)
 if (i == s->cert->shared_sigalgslen) {
 if (!fatalerrs)
 return 1;
-SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CHOOSE_SIGALG,
- ERR_R_INTERNAL_ERROR);
+SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
+ SSL_F_TLS_CHOOSE_SIGALG,
+ SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM);
 return 0;
 }
 } else {
diff --git a/test/ssl-tests/20-cert-select.conf 
b/test/ssl-tests/20-cert-select.conf
index 0a92bf8..1bf81c1 100644
--- a/test/ssl-tests/20-cert-select.conf
+++ b/test/ssl-tests/20-cert-select.conf
@@ -1,6 +1,6 @@
 # Generated with generate_ssl_tests.pl
 
-num_tests = 47
+num_tests = 49
 
 test-0 = 0-ECDSA CipherString Selection
 test-1 = 1-ECDSA CipherString Selection
@@ -24,31 +24,33 @@ test-18 = 18-RSA-PSS Certificate Legacy Signature Algorithm 
Selection
 test-19 = 19-RSA-PSS Certificate Unified Signature Algorithm Selection
 test-20 = 20-Only RSA-PSS Certificate
 test-21 = 21-RSA-PSS Certificate, no PSS signature algorithms
-test-22 = 22-Suite B P-256 Hash Algorithm Selection
-test-23 = 23-Suite B P-384 Hash Algorithm Selection
-test-24 = 24-TLS 1.2 Ed25519 Client Auth
-test-25 = 25-TLS 1.2 Ed448 Client Auth
-test-26 = 26-Only RSA-PSS Certificate, TLS v1.1
-test-27 = 27-TLS 1.3 ECDSA Signature Algorithm Selection
-test-28 = 28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point
-test-29 = 29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1
-test-30 = 30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS
-test-31 = 31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS
-test-32 = 32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate
-test-33 = 33-TLS 1.3 RSA Signature Algorithm Selection, no PSS
-test-34 = 34-TLS 1.3 RSA-PSS Signature Algorithm Selection
-test-35 = 35-TLS 1.3 Ed25519 Signature Algorithm Selection
-test-36 = 36-TLS 1.3 Ed448 Signature Algorithm Selection
-test-37 = 37-TLS 1.3 Ed25519 CipherString and Groups Selection
-test-38 = 38-TLS 1.3 Ed448 CipherString and Groups Selection
-test-39 = 39-TLS 1.3 RSA Client Auth Signature Algorithm Selection
-test-40 = 40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty 
CA Names
-test-41 = 41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection
-test-42 = 42-TLS 1.3 Ed25519 Client Auth
-test-43 = 43-TLS 1.3 Ed448 Client Auth
-test-44 = 44-TLS 1.2 DSA Certificate Test
-test-45 = 45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms
-test-46 = 46-TLS 1.3 DSA Certificate Test
+test-22 = 22-RSA key excha

[openssl-commits] [openssl] master update

2018-09-04 Thread Matt Caswell
The branch master has been updated
   via  8614a4eb4ae8e38c3f5064113eb571aa8ca6b272 (commit)
   via  51256b34d82d008cca7be0d1903c357bfa99f753 (commit)
  from  f097e8759820f6f9b78adb99eb4bfced2945d623 (commit)


- Log -
commit 8614a4eb4ae8e38c3f5064113eb571aa8ca6b272
Author: Matt Caswell 
Date:   Mon Aug 27 01:39:00 2018 +0100

Test creation of tickets when using a TLSv1.3 PSK

Add a test to check that we create the correct number of tickets after a
TLSv1.3 PSK.

Reviewed-by: Viktor Dukhovni 
(Merged from https://github.com/openssl/openssl/pull/7097)

commit 51256b34d82d008cca7be0d1903c357bfa99f753
Author: Matt Caswell 
Date:   Fri Aug 24 16:16:28 2018 +0100

Send a NewSessionTicket after using an external PSK

Treat a connection using an external PSK like we would a resumption and
send a single NewSessionTicket afterwards.

Fixes #6941

Reviewed-by: Viktor Dukhovni 
(Merged from https://github.com/openssl/openssl/pull/7097)

---

Summary of changes:
 ssl/statem/extensions_srvr.c |   2 +
 test/sslapitest.c| 131 ++-
 2 files changed, 106 insertions(+), 27 deletions(-)

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 295d3e7..0f2b223 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -1160,6 +1160,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int 
context, X509 *x,
 ext = 1;
 if (id == 0)
 s->ext.early_data_ok = 1;
+s->ext.ticket_expected = 1;
 } else {
 uint32_t ticket_age = 0, now, agesec, agems;
 int ret;
@@ -1235,6 +1236,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int 
context, X509 *x,
 SSL_SESSION_free(sess);
 sess = NULL;
 s->ext.early_data_ok = 0;
+s->ext.ticket_expected = 0;
 continue;
 }
 break;
diff --git a/test/sslapitest.c b/test/sslapitest.c
index d21b39d..f9ba60a 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -24,6 +24,24 @@
 #include "internal/nelem.h"
 #include "../ssl/ssl_locl.h"
 
+#ifndef OPENSSL_NO_TLS1_3
+
+static SSL_SESSION *clientpsk = NULL;
+static SSL_SESSION *serverpsk = NULL;
+static const char *pskid = "Identity";
+static const char *srvid;
+
+static int use_session_cb(SSL *ssl, const EVP_MD *md, const unsigned char **id,
+  size_t *idlen, SSL_SESSION **sess);
+static int find_session_cb(SSL *ssl, const unsigned char *identity,
+   size_t identity_len, SSL_SESSION **sess);
+
+static int use_session_cb_cnt = 0;
+static int find_session_cb_cnt = 0;
+
+static SSL_SESSION *create_a_psk(SSL *ssl);
+#endif
+
 static char *cert = NULL;
 static char *privkey = NULL;
 static char *srpvfile = NULL;
@@ -1430,6 +1448,61 @@ static int test_stateful_tickets(int idx)
 {
 return test_tickets(1, idx);
 }
+
+static int test_psk_tickets(void)
+{
+SSL_CTX *sctx = NULL, *cctx = NULL;
+SSL *serverssl = NULL, *clientssl = NULL;
+int testresult = 0;
+int sess_id_ctx = 1;
+
+if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), 
TLS_client_method(),
+   TLS1_VERSION, TLS_MAX_VERSION, &sctx,
+   &cctx, NULL, NULL))
+|| !TEST_true(SSL_CTX_set_session_id_context(sctx,
+ (void *)&sess_id_ctx,
+ sizeof(sess_id_ctx
+goto end;
+
+SSL_CTX_set_session_cache_mode(cctx, SSL_SESS_CACHE_CLIENT
+ | SSL_SESS_CACHE_NO_INTERNAL_STORE);
+SSL_CTX_set_psk_use_session_callback(cctx, use_session_cb);
+SSL_CTX_set_psk_find_session_callback(sctx, find_session_cb);
+SSL_CTX_sess_set_new_cb(cctx, new_session_cb);
+use_session_cb_cnt = 0;
+find_session_cb_cnt = 0;
+srvid = pskid;
+new_called = 0;
+
+if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+  NULL, NULL)))
+goto end;
+clientpsk = serverpsk = create_a_psk(clientssl);
+if (!TEST_ptr(clientpsk))
+goto end;
+SSL_SESSION_up_ref(clientpsk);
+
+if (!TEST_true(create_ssl_connection(serverssl, clientssl,
+SSL_ERROR_NONE))
+|| !TEST_int_eq(1, find_session_cb_cnt)
+|| !TEST_int_eq(1, use_session_cb_cnt)
+   /* We should always get 1 ticket when using external PSK */
+|| !TEST_int_eq(1, new_called))
+goto end;
+
+testresult = 1;
+
+ end:
+SSL_free(serverssl);
+SSL_free(clientssl);
+SSL_CTX_free(sctx);
+SSL_CTX_free(cc

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2018-09-04 Thread Matt Caswell
The branch OpenSSL_1_0_2-stable has been updated
   via  85d5a4e125bf6597e1663658fac51092b8f40a44 (commit)
  from  3c55cb200a416fa796f117410c189c577b57a36f (commit)


- Log -
commit 85d5a4e125bf6597e1663658fac51092b8f40a44
Author: Matt Caswell 
Date:   Thu Aug 23 11:37:22 2018 +0100

Clarify the EVP_DigestSignInit docs

They did not make it clear how the memory management works for the |pctx|
parameter.

Reviewed-by: Tim Hudson 
(Merged from https://github.com/openssl/openssl/pull/7043)

---

Summary of changes:
 doc/crypto/EVP_DigestSignInit.pod   | 7 +--
 doc/crypto/EVP_DigestVerifyInit.pod | 7 +--
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/doc/crypto/EVP_DigestSignInit.pod 
b/doc/crypto/EVP_DigestSignInit.pod
index 83e6589..7a3e84d 100644
--- a/doc/crypto/EVP_DigestSignInit.pod
+++ b/doc/crypto/EVP_DigestSignInit.pod
@@ -19,9 +19,12 @@ The EVP signature routines are a high level interface to 
digital signatures.
 
 EVP_DigestSignInit() sets up signing context B to use digest B from
 ENGINE B and private key B. B must be initialized with
-EVP_MD_CTX_init() before calling this function. If B is not NULL the
+EVP_MD_CTX_init() before calling this function. If B is not NULL, the
 EVP_PKEY_CTX of the signing operation will be written to B<*pctx>: this can
-be used to set alternative signing options.
+be used to set alternative signing options. Note that any existing value in
+B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed
+directly by the application (it will be freed automatically when the EVP_MD_CTX
+is freed). The digest B may be NULL if the signing algorithm supports it.
 
 EVP_DigestSignUpdate() hashes B bytes of data at B into the
 signature context B. This function can be called several times on the
diff --git a/doc/crypto/EVP_DigestVerifyInit.pod 
b/doc/crypto/EVP_DigestVerifyInit.pod
index 347c511..2e2c0fd 100644
--- a/doc/crypto/EVP_DigestVerifyInit.pod
+++ b/doc/crypto/EVP_DigestVerifyInit.pod
@@ -19,9 +19,12 @@ The EVP signature routines are a high level interface to 
digital signatures.
 
 EVP_DigestVerifyInit() sets up verification context B to use digest
 B from ENGINE B and public key B. B must be initialized
-with EVP_MD_CTX_init() before calling this function. If B is not NULL the
+with EVP_MD_CTX_init() before calling this function. If B is not NULL, 
the
 EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this
-can be used to set alternative verification options.
+can be used to set alternative verification options. Note that any existing
+value in B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be
+freed directly by the application (it will be freed automatically when the
+EVP_MD_CTX is freed).
 
 EVP_DigestVerifyUpdate() hashes B bytes of data at B into the
 verification context B. This function can be called several times on the
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] master update

2018-09-04 Thread Matt Caswell
The branch master has been updated
   via  f097e8759820f6f9b78adb99eb4bfced2945d623 (commit)
  from  f273ff953abfafbb5fc4d68904469f862fbeae8a (commit)


- Log -
commit f097e8759820f6f9b78adb99eb4bfced2945d623
Author: Matt Caswell 
Date:   Thu Aug 23 11:37:22 2018 +0100

Clarify the EVP_DigestSignInit docs

They did not make it clear how the memory management works for the |pctx|
parameter.

Fixes #7037

Reviewed-by: Tim Hudson 
(Merged from https://github.com/openssl/openssl/pull/7042)

---

Summary of changes:
 doc/man3/EVP_DigestSignInit.pod   | 8 +---
 doc/man3/EVP_DigestVerifyInit.pod | 7 +--
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod
index 1919801..fe2be7b 100644
--- a/doc/man3/EVP_DigestSignInit.pod
+++ b/doc/man3/EVP_DigestSignInit.pod
@@ -24,10 +24,12 @@ The EVP signature routines are a high level interface to 
digital signatures.
 
 EVP_DigestSignInit() sets up signing context B to use digest B from
 ENGINE B and private key B. B must be created with
-EVP_MD_CTX_new() before calling this function. If B is not NULL the
+EVP_MD_CTX_new() before calling this function. If B is not NULL, the
 EVP_PKEY_CTX of the signing operation will be written to B<*pctx>: this can
-be used to set alternative signing options. The digest B may be NULL if
-the signing algorithm supports it.
+be used to set alternative signing options. Note that any existing value in
+B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed
+directly by the application (it will be freed automatically when the EVP_MD_CTX
+is freed). The digest B may be NULL if the signing algorithm supports it.
 
 Only EVP_PKEY types that support signing can be used with these functions. This
 includes MAC algorithms where the MAC generation is considered as a form of
diff --git a/doc/man3/EVP_DigestVerifyInit.pod 
b/doc/man3/EVP_DigestVerifyInit.pod
index e24a925..0d25deb 100644
--- a/doc/man3/EVP_DigestVerifyInit.pod
+++ b/doc/man3/EVP_DigestVerifyInit.pod
@@ -23,9 +23,12 @@ The EVP signature routines are a high level interface to 
digital signatures.
 
 EVP_DigestVerifyInit() sets up verification context B to use digest
 B from ENGINE B and public key B. B must be created
-with EVP_MD_CTX_new() before calling this function. If B is not NULL the
+with EVP_MD_CTX_new() before calling this function. If B is not NULL, the
 EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this
-can be used to set alternative verification options.
+can be used to set alternative verification options. Note that any existing
+value in B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be
+freed directly by the application (it will be freed automatically when the
+EVP_MD_CTX is freed).
 
 EVP_DigestVerifyUpdate() hashes B bytes of data at B into the
 verification context B. This function can be called several times on the
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2018-09-04 Thread Matt Caswell
The branch OpenSSL_1_1_0-stable has been updated
   via  019cb1ec5bb74cd1e6ec11b5ce1f1b50b0c9b2e2 (commit)
  from  e25fc6b5b2b99ed02f8966192c94c820b6f69add (commit)


- Log -
commit 019cb1ec5bb74cd1e6ec11b5ce1f1b50b0c9b2e2
Author: Matt Caswell 
Date:   Thu Aug 23 11:37:22 2018 +0100

Clarify the EVP_DigestSignInit docs

They did not make it clear how the memory management works for the |pctx|
parameter.

Fixes #7037

Reviewed-by: Tim Hudson 
(Merged from https://github.com/openssl/openssl/pull/7042)

(cherry picked from commit f097e8759820f6f9b78adb99eb4bfced2945d623)

---

Summary of changes:
 doc/crypto/EVP_DigestSignInit.pod   | 8 +---
 doc/crypto/EVP_DigestVerifyInit.pod | 7 +--
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/doc/crypto/EVP_DigestSignInit.pod 
b/doc/crypto/EVP_DigestSignInit.pod
index 5fadc82..bec8e9d 100644
--- a/doc/crypto/EVP_DigestSignInit.pod
+++ b/doc/crypto/EVP_DigestSignInit.pod
@@ -19,10 +19,12 @@ The EVP signature routines are a high level interface to 
digital signatures.
 
 EVP_DigestSignInit() sets up signing context B to use digest B from
 ENGINE B and private key B. B must be created with
-EVP_MD_CTX_new() before calling this function. If B is not NULL the
+EVP_MD_CTX_new() before calling this function. If B is not NULL, the
 EVP_PKEY_CTX of the signing operation will be written to B<*pctx>: this can
-be used to set alternative signing options. The digest B may be NULL if
-the signing algorithm supports it.
+be used to set alternative signing options. Note that any existing value in
+B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed
+directly by the application (it will be freed automatically when the EVP_MD_CTX
+is freed). The digest B may be NULL if the signing algorithm supports it.
 
 Only EVP_PKEY types that support signing can be used with these functions. This
 includes MAC algorithms where the MAC generation is considered as a form of
diff --git a/doc/crypto/EVP_DigestVerifyInit.pod 
b/doc/crypto/EVP_DigestVerifyInit.pod
index ce59422..6c3d070 100644
--- a/doc/crypto/EVP_DigestVerifyInit.pod
+++ b/doc/crypto/EVP_DigestVerifyInit.pod
@@ -19,9 +19,12 @@ The EVP signature routines are a high level interface to 
digital signatures.
 
 EVP_DigestVerifyInit() sets up verification context B to use digest
 B from ENGINE B and public key B. B must be created
-with EVP_MD_CTX_new() before calling this function. If B is not NULL the
+with EVP_MD_CTX_new() before calling this function. If B is not NULL, the
 EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this
-can be used to set alternative verification options.
+can be used to set alternative verification options. Note that any existing
+value in B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be
+freed directly by the application (it will be freed automatically when the
+EVP_MD_CTX is freed).
 
 EVP_DigestVerifyUpdate() hashes B bytes of data at B into the
 verification context B. This function can be called several times on the
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] master update

2018-09-04 Thread Matt Caswell
The branch master has been updated
   via  f273ff953abfafbb5fc4d68904469f862fbeae8a (commit)
  from  785e614a95a134831f213749332bcf40c4920f69 (commit)


- Log -
commit f273ff953abfafbb5fc4d68904469f862fbeae8a
Author: Matt Caswell 
Date:   Mon Aug 13 20:18:32 2018 +0100

Ignore EPIPE when sending NewSessionTickets in TLSv1.3

If a client sends data to a server and then immediately closes without
waiting to read the NewSessionTickets then the server can receive EPIPE
when trying to write the tickets and never gets the opportunity to read
the data that was sent. Therefore we ignore EPIPE when writing out the
tickets in TLSv1.3

Fixes #6904

Reviewed-by: Tim Hudson 
(Merged from https://github.com/openssl/openssl/pull/6944)

---

Summary of changes:
 ssl/statem/statem_srvr.c | 33 -
 1 file changed, 32 insertions(+), 1 deletion(-)

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index db5aafe..346b1e3 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -764,6 +764,22 @@ WORK_STATE ossl_statem_server_pre_work(SSL *s, WORK_STATE 
wst)
 return WORK_FINISHED_CONTINUE;
 }
 
+static ossl_inline int conn_is_closed(void)
+{
+switch (get_last_sys_error()) {
+#if defined(EPIPE)
+case EPIPE:
+return 1;
+#endif
+#if defined(ECONNRESET)
+case ECONNRESET:
+return 1;
+#endif
+default:
+return 0;
+}
+}
+
 /*
  * Perform any work that needs to be done after sending a message from the
  * server to the client.
@@ -939,8 +955,23 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE 
wst)
 break;
 
 case TLS_ST_SW_SESSION_TICKET:
-if (SSL_IS_TLS13(s) && statem_flush(s) != 1)
+clear_sys_error();
+if (SSL_IS_TLS13(s) && statem_flush(s) != 1) {
+if (SSL_get_error(s, 0) == SSL_ERROR_SYSCALL
+&& conn_is_closed()) {
+/*
+ * We ignore connection closed errors in TLSv1.3 when sending a
+ * NewSessionTicket and behave as if we were successful. This 
is
+ * so that we are still able to read data sent to us by a 
client
+ * that closes soon after the end of the handshake without
+ * waiting to read our post-handshake NewSessionTickets.
+ */
+s->rwstate = SSL_NOTHING;
+break;
+}
+
 return WORK_MORE_A;
+}
 break;
 }
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2018-09-04 Thread Richard Levitte
The branch OpenSSL_1_0_2-stable has been updated
   via  3c55cb200a416fa796f117410c189c577b57a36f (commit)
  from  e121d5c7e7d1178d53fea3ffbfa37e2d3b2edc08 (commit)


- Log -
commit 3c55cb200a416fa796f117410c189c577b57a36f
Author: Jakub Wilk 
Date:   Mon Sep 3 11:09:51 2018 +0200

Fix example in crl(1) man page

The default input format is PEM, so explicit "-inform DER" is needed to
read DER-encoded CRL.

CLA: trivial

Reviewed-by: Paul Yang 
Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/7094)

(cherry picked from commit 785e614a95a134831f213749332bcf40c4920f69)
(cherry picked from commit e25fc6b5b2b99ed02f8966192c94c820b6f69add)

---

Summary of changes:
 doc/apps/crl.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/apps/crl.pod b/doc/apps/crl.pod
index cdced1c..92efbf4 100644
--- a/doc/apps/crl.pod
+++ b/doc/apps/crl.pod
@@ -115,7 +115,7 @@ Convert a CRL file from PEM to DER:
 
 Output the text form of a DER encoded certificate:
 
- openssl crl -in crl.der -text -noout
+ openssl crl -in crl.der -inform DER -text -noout
 
 =head1 BUGS
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2018-09-04 Thread Richard Levitte
The branch OpenSSL_1_1_0-stable has been updated
   via  e25fc6b5b2b99ed02f8966192c94c820b6f69add (commit)
  from  fab16cd1476e047a2052ca418527b055faa988bd (commit)


- Log -
commit e25fc6b5b2b99ed02f8966192c94c820b6f69add
Author: Jakub Wilk 
Date:   Mon Sep 3 11:09:51 2018 +0200

Fix example in crl(1) man page

The default input format is PEM, so explicit "-inform DER" is needed to
read DER-encoded CRL.

CLA: trivial

Reviewed-by: Paul Yang 
Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/7094)

(cherry picked from commit 785e614a95a134831f213749332bcf40c4920f69)

---

Summary of changes:
 doc/apps/crl.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/apps/crl.pod b/doc/apps/crl.pod
index fded397..8207ee9 100644
--- a/doc/apps/crl.pod
+++ b/doc/apps/crl.pod
@@ -120,7 +120,7 @@ Convert a CRL file from PEM to DER:
 
 Output the text form of a DER encoded certificate:
 
- openssl crl -in crl.der -text -noout
+ openssl crl -in crl.der -inform DER -text -noout
 
 =head1 BUGS
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] master update

2018-09-04 Thread Richard Levitte
The branch master has been updated
   via  785e614a95a134831f213749332bcf40c4920f69 (commit)
  from  96e05986f47bd7cd3991b7755c74ca708c8a3bc7 (commit)


- Log -
commit 785e614a95a134831f213749332bcf40c4920f69
Author: Jakub Wilk 
Date:   Mon Sep 3 11:09:51 2018 +0200

Fix example in crl(1) man page

The default input format is PEM, so explicit "-inform DER" is needed to
read DER-encoded CRL.

CLA: trivial

Reviewed-by: Paul Yang 
Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/7094)

---

Summary of changes:
 doc/man1/crl.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man1/crl.pod b/doc/man1/crl.pod
index 9a00967..29f4600 100644
--- a/doc/man1/crl.pod
+++ b/doc/man1/crl.pod
@@ -120,7 +120,7 @@ Convert a CRL file from PEM to DER:
 
 Output the text form of a DER encoded certificate:
 
- openssl crl -in crl.der -text -noout
+ openssl crl -in crl.der -inform DER -text -noout
 
 =head1 BUGS
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

2018-09-04 Thread Matt Caswell
The branch OpenSSL_1_0_2-stable has been updated
   via  e121d5c7e7d1178d53fea3ffbfa37e2d3b2edc08 (commit)
  from  78ca7b7b319c7027310c56eaa05b8c295624a357 (commit)


- Log -
commit e121d5c7e7d1178d53fea3ffbfa37e2d3b2edc08
Author: Matt Caswell 
Date:   Thu Aug 9 16:25:29 2018 +0100

The req documentation incorrectly states that we default to md5

Just remove that statement. It's not been true since 2005.

Reviewed-by: Nicola Tuveri 
(Merged from https://github.com/openssl/openssl/pull/6906)

---

Summary of changes:
 doc/apps/req.pod | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/doc/apps/req.pod b/doc/apps/req.pod
index 20b2f39..01c1c2e 100644
--- a/doc/apps/req.pod
+++ b/doc/apps/req.pod
@@ -393,8 +393,7 @@ option. For compatibility B is an 
equivalent option.
 =item B
 
 This option specifies the digest algorithm to use. Possible values
-include B. If not present then MD5 is used. This
-option can be overridden on the command line.
+include B. This option can be overridden on the command line.
 
 =item B
 
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits


[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

2018-09-04 Thread Matt Caswell
The branch OpenSSL_1_1_0-stable has been updated
   via  fab16cd1476e047a2052ca418527b055faa988bd (commit)
  from  b50c9f3be062f3af1f6261c87ddb0fbbcb682d09 (commit)


- Log -
commit fab16cd1476e047a2052ca418527b055faa988bd
Author: Matt Caswell 
Date:   Thu Aug 9 16:25:29 2018 +0100

The req documentation incorrectly states that we default to md5

Just remove that statement. It's not been true since 2005.

Reviewed-by: Nicola Tuveri 
(Merged from https://github.com/openssl/openssl/pull/6905)

---

Summary of changes:
 doc/apps/req.pod | 1 -
 1 file changed, 1 deletion(-)

diff --git a/doc/apps/req.pod b/doc/apps/req.pod
index c5b5260..0a28aea 100644
--- a/doc/apps/req.pod
+++ b/doc/apps/req.pod
@@ -369,7 +369,6 @@ option. For compatibility B is an 
equivalent option.
 
 This option specifies the digest algorithm to use.
 Any digest supported by the OpenSSL B command can be used.
-If not present then MD5 is used.
 This option can be overridden on the command line.
 
 =item B
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits