[openssl-commits] [openssl] master update
The branch master has been updated via 96e05986f47bd7cd3991b7755c74ca708c8a3bc7 (commit) from e0810e3502bbf14ee274033e7eeabb551ce38510 (commit) - Log - commit 96e05986f47bd7cd3991b7755c74ca708c8a3bc7 Author: Alex Gaynor Date: Mon Sep 3 13:27:18 2018 -0400 Fixed a comment that referenced the wrong method Reviewed-by: Tim Hudson Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/7100) --- Summary of changes: include/openssl/x509.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/openssl/x509.h b/include/openssl/x509.h index 0b49864..3a03562 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -660,7 +660,7 @@ int X509_get_signature_type(const X509 *x); /* * This one is only used so that a binary form can output, as in - * i2d_X509_NAME(X509_get_X509_PUBKEY(x), ) + * i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), ) */ X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x); const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via e0810e3502bbf14ee274033e7eeabb551ce38510 (commit)
from bdd58bd249f1b6d4c7ccdd9c54fd33db874e0084 (commit)
- Log -
commit e0810e3502bbf14ee274033e7eeabb551ce38510
Author: Pauli
Date: Thu Aug 16 08:54:35 2018 +1000
Fix HMAC SHA3-224 and HMAC SHA3-256.
Added NIST test cases for these two as well.
Additionally deprecate the public definiton of HMAC_MAX_MD_CBLOCK in 1.2.0.
Reviewed-by: Tim Hudson
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/6972)
---
Summary of changes:
crypto/hmac/hmac.c | 12 +--
crypto/hmac/hmac_lcl.h | 7 +--
include/openssl/hmac.h | 6 --
test/recipes/30-test_evp_data/evpmac.txt | 36
4 files changed, 51 insertions(+), 10 deletions(-)
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index e0944b9..e4031b4 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -20,7 +20,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
{
int rv = 0;
int i, j, reset = 0;
-unsigned char pad[HMAC_MAX_MD_CBLOCK];
+unsigned char pad[HMAC_MAX_MD_CBLOCK_SIZE];
/* If we are changing MD then we must have a key */
if (md != NULL && md != ctx->md && (key == NULL || len < 0))
@@ -52,19 +52,19 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
memcpy(ctx->key, key, len);
ctx->key_length = len;
}
-if (ctx->key_length != HMAC_MAX_MD_CBLOCK)
+if (ctx->key_length != HMAC_MAX_MD_CBLOCK_SIZE)
memset(>key[ctx->key_length], 0,
- HMAC_MAX_MD_CBLOCK - ctx->key_length);
+ HMAC_MAX_MD_CBLOCK_SIZE - ctx->key_length);
}
if (reset) {
-for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
+for (i = 0; i < HMAC_MAX_MD_CBLOCK_SIZE; i++)
pad[i] = 0x36 ^ ctx->key[i];
if (!EVP_DigestInit_ex(ctx->i_ctx, md, impl)
|| !EVP_DigestUpdate(ctx->i_ctx, pad, EVP_MD_block_size(md)))
goto err;
-for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
+for (i = 0; i < HMAC_MAX_MD_CBLOCK_SIZE; i++)
pad[i] = 0x5c ^ ctx->key[i];
if (!EVP_DigestInit_ex(ctx->o_ctx, md, impl)
|| !EVP_DigestUpdate(ctx->o_ctx, pad, EVP_MD_block_size(md)))
@@ -194,7 +194,7 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
goto err;
if (!EVP_MD_CTX_copy_ex(dctx->md_ctx, sctx->md_ctx))
goto err;
-memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
+memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK_SIZE);
dctx->key_length = sctx->key_length;
dctx->md = sctx->md;
return 1;
diff --git a/crypto/hmac/hmac_lcl.h b/crypto/hmac/hmac_lcl.h
index 7ba0aac..8fd8345 100644
--- a/crypto/hmac/hmac_lcl.h
+++ b/crypto/hmac/hmac_lcl.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -10,13 +10,16 @@
#ifndef HEADER_HMAC_LCL_H
# define HEADER_HMAC_LCL_H
+/* The current largest case is for SHA3-224 */
+#define HMAC_MAX_MD_CBLOCK_SIZE 144
+
struct hmac_ctx_st {
const EVP_MD *md;
EVP_MD_CTX *md_ctx;
EVP_MD_CTX *i_ctx;
EVP_MD_CTX *o_ctx;
unsigned int key_length;
-unsigned char key[HMAC_MAX_MD_CBLOCK];
+unsigned char key[HMAC_MAX_MD_CBLOCK_SIZE];
};
#endif
diff --git a/include/openssl/hmac.h b/include/openssl/hmac.h
index 9f06896..458efc1 100644
--- a/include/openssl/hmac.h
+++ b/include/openssl/hmac.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,7 +14,9 @@
# include
-# define HMAC_MAX_MD_CBLOCK 128/* largest known is SHA512 */
+# if OPENSSL_API_COMPAT < 0x1020L
+# define HMAC_MAX_MD_CBLOCK 128/* Deprecated */
+# endif
#ifdef __cplusplus
extern "C" {
diff --git a/test/recipes/30-test_evp_data/evpmac.txt
b/test/recipes/30-test_evp_data/evpmac.txt
index ef7ba94..9de8be1 100644
--- a/test/recipes/30-test_evp_data/evpmac.txt
+++ b/test/recipes/30-test_evp_data/evpmac.txt
@@ -249,6 +249,42 @@ Title = SHA3
# NIST's test vectors
MAC = HMAC
+Algorithm = SHA3-224
+Input = "Sample message for keylenhttps://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via bdd58bd249f1b6d4c7ccdd9c54fd33db874e0084 (commit) from fc196a5eb97dc3a5465c37a6761428ddd81b023d (commit) - Log - commit bdd58bd249f1b6d4c7ccdd9c54fd33db874e0084 Author: Paulo Flabiano Smorigo Date: Wed Aug 29 11:00:44 2018 -0300 demos/evp: add make clean Add make clean for evp demos and remove whitespace from a line. CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/7072) --- Summary of changes: demos/evp/Makefile | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/demos/evp/Makefile b/demos/evp/Makefile index 3a85b22..c2e10a1 100644 --- a/demos/evp/Makefile +++ b/demos/evp/Makefile @@ -11,10 +11,13 @@ CFLAGS = $(OPENSSL_INCS_LOCATION) LDFLAGS = $(OPENSSL_LIBS_LOCATION) -lssl -lcrypto -all: aesccm aesgcm +all: aesccm aesgcm aesccm: aesccm.o aesgcm: aesgcm.o aesccm aesgcm: $(CC) $(CFLAGS) -o $@ $< $(LDFLAGS) + +clean: + $(RM) aesccm aesgcm *.o _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via fc196a5eb97dc3a5465c37a6761428ddd81b023d (commit)
from 2d28a42f899c2f5e03b0e49a660ed3c1f744e7a3 (commit)
- Log -
commit fc196a5eb97dc3a5465c37a6761428ddd81b023d
Author: Pauli
Date: Tue Sep 4 07:35:45 2018 +1000
Make OBJ_NAME case insensitive.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/7089)
---
Summary of changes:
.../{conf/conf_lcl.h => include/internal/lhash.h} | 6 ++-
crypto/lhash/lhash.c | 23 +
crypto/objects/o_names.c | 29 ++--
test/recipes/30-test_evp.t | 3 +-
test/recipes/30-test_evp_data/evpcase.txt | 54 ++
5 files changed, 98 insertions(+), 17 deletions(-)
copy crypto/{conf/conf_lcl.h => include/internal/lhash.h} (74%)
create mode 100644 test/recipes/30-test_evp_data/evpcase.txt
diff --git a/crypto/conf/conf_lcl.h b/crypto/include/internal/lhash.h
similarity index 74%
copy from crypto/conf/conf_lcl.h
copy to crypto/include/internal/lhash.h
index 6e1f7fe..200ba86 100644
--- a/crypto/conf/conf_lcl.h
+++ b/crypto/include/internal/lhash.h
@@ -7,5 +7,9 @@
* https://www.openssl.org/source/license.html
*/
-void conf_add_ssl_module(void);
+#ifndef INTERNAL_LHASH_H
+# define INTERNAL_LHASH_H
+unsigned long openssl_lh_strcasehash(const char *);
+
+#endif
diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
index f7ac9d0..8d9f933 100644
--- a/crypto/lhash/lhash.c
+++ b/crypto/lhash/lhash.c
@@ -13,6 +13,8 @@
#include
#include
#include
+#include "internal/ctype.h"
+#include "internal/lhash.h"
#include "lhash_lcl.h"
/*
@@ -349,6 +351,27 @@ unsigned long OPENSSL_LH_strhash(const char *c)
return (ret >> 16) ^ ret;
}
+unsigned long openssl_lh_strcasehash(const char *c)
+{
+unsigned long ret = 0;
+long n;
+unsigned long v;
+int r;
+
+if (c == NULL || *c == '\0')
+return ret;
+
+for (n = 0x100; *c != '\0'; n += 0x100) {
+v = n | ossl_tolower(*c);
+r = (int)((v >> 2) ^ v) & 0x0f;
+ret = (ret << r) | (ret >> (32 - r));
+ret &= 0xL;
+ret ^= v * v;
+c++;
+}
+return (ret >> 16) ^ ret;
+}
+
unsigned long OPENSSL_LH_num_items(const OPENSSL_LHASH *lh)
{
return lh ? lh->num_items : 0;
diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
index 8f7bc79..c435537 100644
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@@ -17,26 +17,25 @@
#include
#include
#include "internal/thread_once.h"
+#include "internal/lhash.h"
#include "obj_lcl.h"
+#include "e_os.h"
/*
* We define this wrapper for two reasons. Firstly, later versions of
* DEC C add linkage information to certain functions, which makes it
* tricky to use them as values to regular function pointers.
- * Secondly, in the EDK2 build environment, the strcmp function is
- * actually an external function (AsciiStrCmp) with the Microsoft ABI,
- * so we can't transparently assign function pointers to it.
- * Arguably the latter is a stupidity of the UEFI environment, but
- * since the wrapper solves the DEC C issue too, let's just use the
- * same solution.
+ * Secondly, in the EDK2 build environment, the strcasecmp function is
+ * actually an external function with the Microsoft ABI, so we can't
+ * transparently assign function pointers to it.
*/
#if defined(OPENSSL_SYS_VMS_DECC) || defined(OPENSSL_SYS_UEFI)
-static int obj_strcmp(const char *a, const char *b)
+static int obj_strcasecmp(const char *a, const char *b)
{
-return strcmp(a, b);
+return strcasecmp(a, b);
}
#else
-#define obj_strcmp strcmp
+#define obj_strcasecmp strcasecmp
#endif
/*
@@ -111,8 +110,8 @@ int OBJ_NAME_new_index(unsigned long (*hash_func) (const
char *),
ret = 0;
goto out;
}
-name_funcs->hash_func = OPENSSL_LH_strhash;
-name_funcs->cmp_func = obj_strcmp;
+name_funcs->hash_func = openssl_lh_strcasehash;
+name_funcs->cmp_func = obj_strcasecmp;
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
push = sk_NAME_FUNCS_push(name_funcs_stack, name_funcs);
@@ -149,7 +148,7 @@ static int obj_name_cmp(const OBJ_NAME *a, const OBJ_NAME
*b)
ret = sk_NAME_FUNCS_value(name_funcs_stack,
a->type)->cmp_func(a->name, b->name);
} else
-ret = strcmp(a->name, b->name);
+ret = strcasecmp(a->name, b->name);
}
return ret;
}
@@ -164,7 +163,7 @@ static unsigned long obj_name_hash(const OBJ_NAME *a)
sk_NAME_FUNCS_value(name_funcs_stack,
a->type)->hash_func(a->name);
} else {
-ret = OPENSSL_LH_strhash(a->name);
+ret =
[openssl-commits] [openssl] master update
The branch master has been updated
via 2d28a42f899c2f5e03b0e49a660ed3c1f744e7a3 (commit)
from bfb10b975818d1887d676d309fcc21a765611f6d (commit)
- Log -
commit 2d28a42f899c2f5e03b0e49a660ed3c1f744e7a3
Author: Shane Lontis
Date: Mon Sep 3 14:15:13 2018 +1000
hmac_init cleanup and fix key zeroization issue
Reviewed-by: Matthias St. Pierre
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/7092)
---
Summary of changes:
crypto/hmac/hmac.c | 33 -
1 file changed, 16 insertions(+), 17 deletions(-)
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 156725e..e0944b9 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -18,6 +18,7 @@
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md, ENGINE *impl)
{
+int rv = 0;
int i, j, reset = 0;
unsigned char pad[HMAC_MAX_MD_CBLOCK];
@@ -38,15 +39,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
reset = 1;
j = EVP_MD_block_size(md);
if (!ossl_assert(j <= (int)sizeof(ctx->key)))
-goto err;
+return 0;
if (j < len) {
-if (!EVP_DigestInit_ex(ctx->md_ctx, md, impl))
-goto err;
-if (!EVP_DigestUpdate(ctx->md_ctx, key, len))
-goto err;
-if (!EVP_DigestFinal_ex(ctx->md_ctx, ctx->key,
->key_length))
-goto err;
+if (!EVP_DigestInit_ex(ctx->md_ctx, md, impl)
+|| !EVP_DigestUpdate(ctx->md_ctx, key, len)
+|| !EVP_DigestFinal_ex(ctx->md_ctx, ctx->key,
+ >key_length))
+return 0;
} else {
if (len < 0 || len > (int)sizeof(ctx->key))
return 0;
@@ -61,23 +60,23 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
if (reset) {
for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
pad[i] = 0x36 ^ ctx->key[i];
-if (!EVP_DigestInit_ex(ctx->i_ctx, md, impl))
-goto err;
-if (!EVP_DigestUpdate(ctx->i_ctx, pad, EVP_MD_block_size(md)))
+if (!EVP_DigestInit_ex(ctx->i_ctx, md, impl)
+|| !EVP_DigestUpdate(ctx->i_ctx, pad, EVP_MD_block_size(md)))
goto err;
for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
pad[i] = 0x5c ^ ctx->key[i];
-if (!EVP_DigestInit_ex(ctx->o_ctx, md, impl))
-goto err;
-if (!EVP_DigestUpdate(ctx->o_ctx, pad, EVP_MD_block_size(md)))
+if (!EVP_DigestInit_ex(ctx->o_ctx, md, impl)
+|| !EVP_DigestUpdate(ctx->o_ctx, pad, EVP_MD_block_size(md)))
goto err;
}
if (!EVP_MD_CTX_copy_ex(ctx->md_ctx, ctx->i_ctx))
goto err;
-return 1;
+rv = 1;
err:
-return 0;
+if (reset)
+OPENSSL_cleanse(pad, sizeof(pad));
+return rv;
}
#if OPENSSL_API_COMPAT < 0x1010L
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via bfb10b975818d1887d676d309fcc21a765611f6d (commit)
via 30c41bfb158c0f595809d0eaf032926a3c2cf236 (commit)
from a7eeefeadc29f4290978ef1cdd800f3ea2850c10 (commit)
- Log -
commit bfb10b975818d1887d676d309fcc21a765611f6d
Author: Billy Brumley
Date: Wed Aug 22 12:27:34 2018 +0300
[test] throw error from wrapper function instead of an EC_METHOD specific
one
Reviewed-by: Paul Dale
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/7028)
commit 30c41bfb158c0f595809d0eaf032926a3c2cf236
Author: Billy Brumley
Date: Wed Aug 22 09:50:43 2018 +0300
[test] ECC: make sure negative tests pass for the right reasons
Reviewed-by: Paul Dale
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/7028)
---
Summary of changes:
crypto/ec/ec_lib.c| 4 +
test/recipes/30-test_evp_data/evppkey.txt | 2 +
test/recipes/30-test_evp_data/evppkey_ecc.txt | 168 ++
3 files changed, 174 insertions(+)
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 2204152..b89e397 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -757,6 +757,10 @@ int EC_POINT_get_affine_coordinates(const EC_GROUP *group,
ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES, EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
+if (EC_POINT_is_at_infinity(group, point)) {
+ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES, EC_R_POINT_AT_INFINITY);
+return 0;
+}
return group->meth->point_get_affine_coordinates(group, point, x, y, ctx);
}
diff --git a/test/recipes/30-test_evp_data/evppkey.txt
b/test/recipes/30-test_evp_data/evppkey.txt
index 2d769d4..f4470ff 100644
--- a/test/recipes/30-test_evp_data/evppkey.txt
+++ b/test/recipes/30-test_evp_data/evppkey.txt
@@ -17286,6 +17286,8 @@ Derive=ALICE_cf_sect283k1
PeerKey=BOB_cf_sect283k1_PUB
Ctrl=ecdh_cofactor_mode:1
Result = DERIVE_ERROR
+Function=EC_POINT_get_affine_coordinates
+Reason=point at infinity
Title = Test keypair mismatches
diff --git a/test/recipes/30-test_evp_data/evppkey_ecc.txt
b/test/recipes/30-test_evp_data/evppkey_ecc.txt
index 8e95c02..8e618c8 100644
--- a/test/recipes/30-test_evp_data/evppkey_ecc.txt
+++ b/test/recipes/30-test_evp_data/evppkey_ecc.txt
@@ -623,12 +623,16 @@ Derive=BOB_cf_c2pnb163v1
PeerKey=MALICE_cf_c2pnb163v1_PUB
Ctrl=ecdh_cofactor_mode:1
Result=DERIVE_ERROR
+Function=EC_POINT_get_affine_coordinates
+Reason=point at infinity
# ECC CDH Alice with Malice peer
Derive=ALICE_cf_c2pnb163v1
PeerKey=MALICE_cf_c2pnb163v1_PUB
Ctrl=ecdh_cofactor_mode:1
Result=DERIVE_ERROR
+Function=EC_POINT_get_affine_coordinates
+Reason=point at infinity
Title=c2pnb163v2 curve tests
@@ -691,12 +695,16 @@ Derive=BOB_cf_c2pnb163v2
PeerKey=MALICE_cf_c2pnb163v2_PUB
Ctrl=ecdh_cofactor_mode:1
Result=DERIVE_ERROR
+Function=EC_POINT_get_affine_coordinates
+Reason=point at infinity
# ECC CDH Alice with Malice peer
Derive=ALICE_cf_c2pnb163v2
PeerKey=MALICE_cf_c2pnb163v2_PUB
Ctrl=ecdh_cofactor_mode:1
Result=DERIVE_ERROR
+Function=EC_POINT_get_affine_coordinates
+Reason=point at infinity
Title=c2pnb163v3 curve tests
@@ -759,12 +767,16 @@ Derive=BOB_cf_c2pnb163v3
PeerKey=MALICE_cf_c2pnb163v3_PUB
Ctrl=ecdh_cofactor_mode:1
Result=DERIVE_ERROR
+Function=EC_POINT_get_affine_coordinates
+Reason=point at infinity
# ECC CDH Alice with Malice peer
Derive=ALICE_cf_c2pnb163v3
PeerKey=MALICE_cf_c2pnb163v3_PUB
Ctrl=ecdh_cofactor_mode:1
Result=DERIVE_ERROR
+Function=EC_POINT_get_affine_coordinates
+Reason=point at infinity
Title=c2pnb176v1 curve tests
@@ -827,12 +839,16 @@ Derive=BOB_cf_c2pnb176v1
PeerKey=MALICE_cf_c2pnb176v1_PUB
Ctrl=ecdh_cofactor_mode:1
Result=DERIVE_ERROR
+Function=EC_POINT_get_affine_coordinates
+Reason=point at infinity
# ECC CDH Alice with Malice peer
Derive=ALICE_cf_c2pnb176v1
PeerKey=MALICE_cf_c2pnb176v1_PUB
Ctrl=ecdh_cofactor_mode:1
Result=DERIVE_ERROR
+Function=EC_POINT_get_affine_coordinates
+Reason=point at infinity
Title=c2pnb208w1 curve tests
@@ -897,12 +913,16 @@ Derive=BOB_cf_c2pnb208w1
PeerKey=MALICE_cf_c2pnb208w1_PUB
Ctrl=ecdh_cofactor_mode:1
Result=DERIVE_ERROR
+Function=EC_POINT_get_affine_coordinates
+Reason=point at infinity
# ECC CDH Alice with Malice peer
Derive=ALICE_cf_c2pnb208w1
PeerKey=MALICE_cf_c2pnb208w1_PUB
Ctrl=ecdh_cofactor_mode:1
Result=DERIVE_ERROR
+Function=EC_POINT_get_affine_coordinates
+Reason=point at infinity
Title=c2pnb272w1 curve tests
@@ -967,12 +987,16 @@ Derive=BOB_cf_c2pnb272w1
PeerKey=MALICE_cf_c2pnb272w1_PUB
Ctrl=ecdh_cofactor_mode:1
Result=DERIVE_ERROR
+Function=EC_POINT_get_affine_coordinates
+Reason=point at infinity
# ECC CDH Alice with Malice peer
Derive=ALICE_cf_c2pnb272w1
[openssl-commits] [openssl] master update
The branch master has been updated
via a7eeefeadc29f4290978ef1cdd800f3ea2850c10 (commit)
from 64a48fc7f0bc2d3ff587791b93a357bd98e1a5b8 (commit)
- Log -
commit a7eeefeadc29f4290978ef1cdd800f3ea2850c10
Author: wzhang
Date: Wed Aug 8 01:04:18 2018 -0700
Fix the comment of PEM_read_bio_ex
Add one more unit test case
Reviewed-by: Richard Levitte
Reviewed-by: Tim Hudson
Reviewed-by: Paul Yang
(Merged from https://github.com/openssl/openssl/pull/6892)
---
Summary of changes:
crypto/pem/pem_lib.c | 3 +--
test/pemtest.c | 30 ++
2 files changed, 23 insertions(+), 10 deletions(-)
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 5c21a86..4bb8646 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -880,8 +880,7 @@ err:
* Read in PEM-formatted data from the given BIO.
*
* By nature of the PEM format, all content must be printable ASCII (except
- * for line endings). Other characters, or lines that are longer than 80
- * characters, are malformed input and will be rejected.
+ * for line endings). Other characters are malformed input and will be
rejected.
*/
int PEM_read_bio_ex(BIO *bp, char **name_out, char **header,
unsigned char **data, long *len_out, unsigned int flags)
diff --git a/test/pemtest.c b/test/pemtest.c
index dfef80d..7f40ea3 100644
--- a/test/pemtest.c
+++ b/test/pemtest.c
@@ -12,18 +12,31 @@
#include
#include "testutil.h"
+#include "internal/nelem.h"
-static const char raw[] = "hello world";
-static const char encoded[] = "aGVsbG8gd29ybGQ=";
-static const char pemtype[] = "PEMTESTDATA";
+typedef struct {
+const char *raw;
+const char *encoded;
+} TESTDATA;
-static int test_b64(void)
+static TESTDATA b64_pem_data[] = {
+{ "hello world",
+ "aGVsbG8gd29ybGQ=" },
+{ "a very
ooong
input",
+
"YSB2ZXJ5IG9vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29uZyBpbnB1dA=="
}
+};
+
+static const char *pemtype = "PEMTESTDATA";
+
+static int test_b64(int idx)
{
BIO *b = BIO_new(BIO_s_mem());
char *name = NULL, *header = NULL;
unsigned char *data = NULL;
long len;
int ret = 0;
+const char *raw = b64_pem_data[idx].raw;
+const char *encoded = b64_pem_data[idx].encoded;
if (!TEST_ptr(b)
|| !TEST_true(BIO_printf(b, "-BEGIN %s-\n", pemtype))
@@ -32,9 +45,9 @@ static int test_b64(void)
|| !TEST_true(PEM_read_bio_ex(b, , , , ,
PEM_FLAG_ONLY_B64)))
goto err;
-if (!TEST_int_eq(memcmp(pemtype, name, sizeof(pemtype) - 1), 0)
-|| !TEST_int_eq(len,sizeof(raw) - 1)
-|| !TEST_int_eq(memcmp(data, raw, sizeof(raw) - 1), 0))
+if (!TEST_int_eq(memcmp(pemtype, name, strlen(pemtype)), 0)
+|| !TEST_int_eq(len, strlen(raw))
+|| !TEST_int_eq(memcmp(data, raw, strlen(raw)), 0))
goto err;
ret = 1;
err:
@@ -51,6 +64,7 @@ static int test_invalid(void)
char *name = NULL, *header = NULL;
unsigned char *data = NULL;
long len;
+const char *encoded = b64_pem_data[0].encoded;
if (!TEST_ptr(b)
|| !TEST_true(BIO_printf(b, "-BEGIN %s-\n", pemtype))
@@ -71,7 +85,7 @@ static int test_invalid(void)
int setup_tests(void)
{
-ADD_TEST(test_b64);
+ADD_ALL_TESTS(test_b64, OSSL_NELEM(b64_pem_data));
ADD_TEST(test_invalid);
return 1;
}
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 64a48fc7f0bc2d3ff587791b93a357bd98e1a5b8 (commit)
from 6ad952ba75ccf183da18939e70e7aa91f0b7f5b6 (commit)
- Log -
commit 64a48fc7f0bc2d3ff587791b93a357bd98e1a5b8
Author: Richard Levitte
Date: Mon Aug 13 07:11:47 2018 +0200
Rename SSL[_CTX]_add1_CA_list -> SSL[_CTX]_add1_to_CA_list
They add a single item, so the names give a false impression of what
they do, making them hard to remember. Better to give them a somewhat
better name.
Fixes #6930
Reviewed-by: Tim Hudson
(Merged from https://github.com/openssl/openssl/pull/6931)
---
Summary of changes:
doc/man3/SSL_CTX_set0_CA_list.pod | 12 ++--
include/openssl/ssl.h | 4 ++--
ssl/ssl_cert.c| 8 ++--
util/libssl.num | 4 ++--
4 files changed, 16 insertions(+), 12 deletions(-)
diff --git a/doc/man3/SSL_CTX_set0_CA_list.pod
b/doc/man3/SSL_CTX_set0_CA_list.pod
index 0f8b7da..958d735 100644
--- a/doc/man3/SSL_CTX_set0_CA_list.pod
+++ b/doc/man3/SSL_CTX_set0_CA_list.pod
@@ -3,7 +3,7 @@
=head1 NAME
SSL_set0_CA_list, SSL_CTX_set0_CA_list, SSL_get0_CA_list,
-SSL_CTX_get0_CA_list, SSL_add1_CA_list, SSL_CTX_add1_CA_list,
+SSL_CTX_get0_CA_list, SSL_add1_to_CA_list, SSL_CTX_add1_to_CA_list,
SSL_get0_peer_CA_list - get or set CA list
=head1 SYNOPSIS
@@ -14,8 +14,8 @@ SSL_get0_peer_CA_list - get or set CA list
void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
- int SSL_CTX_add1_CA_list(SSL_CTX *ctx, const X509 *x);
- int SSL_add1_CA_list(SSL *ssl, const X509 *x);
+ int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+ int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);
@@ -35,10 +35,10 @@ B.
SSL_CTX_get0_CA_list() retrieves any previously set list of CAs set for
B or if none are set the list from the parent B is retrieved.
-SSL_CTX_add1_CA_list() appends the CA subject name extracted from B to the
+SSL_CTX_add1_to_CA_list() appends the CA subject name extracted from B to
the
list of CAs sent to peer for B.
-SSL_add1_CA_list() appends the CA subject name extracted from B to the
+SSL_add1_to_CA_list() appends the CA subject name extracted from B to the
list of CAs sent to the peer for B, overriding the setting in the parent
B.
@@ -66,7 +66,7 @@ SSL_CTX_set0_CA_list() and SSL_set0_CA_list() do not return a
value.
SSL_CTX_get0_CA_list() and SSL_get0_CA_list() return a stack of CA names
or B is no CA names are set.
-SSL_CTX_add1_CA_list() and SSL_add1_CA_list() return 1 for success and 0
+SSL_CTX_add1_to_CA_list() and SSL_add1_to_CA_list() return 1 for success and 0
for failure.
SSL_get0_peer_CA_list() returns a stack of CA names sent by the peer or
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index eb689c1..0a18a43 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1913,8 +1913,8 @@ void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME)
*name_list);
void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
__owur const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
__owur const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
-__owur int SSL_add1_CA_list(SSL *ssl, const X509 *x);
-__owur int SSL_CTX_add1_CA_list(SSL_CTX *ctx, const X509 *x);
+__owur int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+__owur int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
__owur const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);
void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index e740a8c..52a4a7e 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -545,16 +545,20 @@ static int add_ca_name(STACK_OF(X509_NAME) **sk, const
X509 *x)
return 1;
}
-int SSL_add1_CA_list(SSL *ssl, const X509 *x)
+int SSL_add1_to_CA_list(SSL *ssl, const X509 *x)
{
return add_ca_name(>ca_names, x);
}
-int SSL_CTX_add1_CA_list(SSL_CTX *ctx, const X509 *x)
+int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x)
{
return add_ca_name(>ca_names, x);
}
+/*
+ * The following two are older names are to be replaced with
+ * SSL(_CTX)_add1_to_CA_list
+ */
int SSL_add_client_CA(SSL *ssl, X509 *x)
{
return add_ca_name(>ca_names, x);
diff --git a/util/libssl.num b/util/libssl.num
index 3c31d7c..ccf7341 100644
--- a/util/libssl.num
+++ b/util/libssl.num
@@ -432,12 +432,12 @@ SSL_write_early_data432 1_1_1
EXIST::FUNCTION:
SSL_read_early_data 4331_1_1 EXIST::FUNCTION:
SSL_get_early_data_status 4341_1_1 EXIST::FUNCTION:
[openssl-commits] [openssl] master update
The branch master has been updated
via 322755cc2a91d08b66826b38a7b8c20f68cd8890 (commit)
from 13da3ad00c80e1da816ca27f6c15b0ecee1bb0b8 (commit)
- Log -
commit 322755cc2a91d08b66826b38a7b8c20f68cd8890
Author: Hubert Kario
Date: Sat Sep 1 08:40:51 2018 +0800
TLSv1.3 related changes to man pages
Add or update the documentation of the different man pages in relation to
TLSv1.3 behaviour.
Reviewed-by: Tim Hudson
Reviewed-by: Ben Kaduk
Reviewed-by: Paul Yang
(Merged from https://github.com/openssl/openssl/pull/6939)
---
Summary of changes:
doc/man1/s_time.pod | 8 +--
doc/man1/sess_id.pod | 2 +-
doc/man3/SSL_CONF_cmd.pod | 80 +--
doc/man3/SSL_CTX_new.pod | 7 ++-
doc/man3/SSL_CTX_set_cert_cb.pod | 6 +-
doc/man3/SSL_SESSION_get_protocol_version.pod | 2 +-
doc/man3/SSL_check_chain.pod | 6 +-
doc/man3/SSL_get_peer_signature_nid.pod | 4 +-
doc/man3/SSL_get_shared_sigalgs.pod | 8 ++-
doc/man7/ssl.pod | 2 +
10 files changed, 78 insertions(+), 47 deletions(-)
diff --git a/doc/man1/s_time.pod b/doc/man1/s_time.pod
index d17e137..c08e44a 100644
--- a/doc/man1/s_time.pod
+++ b/doc/man1/s_time.pod
@@ -135,16 +135,16 @@ option enables various workarounds.
This allows the TLSv1.2 and below cipher list sent by the client to be
modified.
This list will be combined with any TLSv1.3 ciphersuites that have been
configured. Although the server determines which cipher suite is used it should
-take the first supported cipher in the list sent by the client. See the
-L command for more information.
+take the first supported cipher in the list sent by the client. See
+L for more information.
=item B<-ciphersuites val>
This allows the TLSv1.3 ciphersuites sent by the client to be modified. This
list will be combined with any TLSv1.2 and below ciphersuites that have been
configured. Although the server determines which cipher suite is used it should
-take the first supported cipher in the list sent by the client. See the
-B command for more information. The format for this list is a simple
+take the first supported cipher in the list sent by the client. See
+L for more information. The format for this list is a simple
colon (":") separated list of TLSv1.3 ciphersuite names.
=item B<-time length>
diff --git a/doc/man1/sess_id.pod b/doc/man1/sess_id.pod
index 0c0e7e8..99aa858 100644
--- a/doc/man1/sess_id.pod
+++ b/doc/man1/sess_id.pod
@@ -99,7 +99,7 @@ Theses are described below in more detail.
=item B
-This is the protocol in use TLSv1.2, TLSv1.1, TLSv1 or SSLv3.
+This is the protocol in use TLSv1.3, TLSv1.2, TLSv1.1, TLSv1 or SSLv3.
=item B
diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod
index 4edd49c..b399bcf 100644
--- a/doc/man3/SSL_CONF_cmd.pod
+++ b/doc/man3/SSL_CONF_cmd.pod
@@ -33,25 +33,36 @@ prefix for command line commands is B<-> and that is
reflected below.
=item B<-sigalgs>
-This sets the supported signature algorithms for TLS v1.2. For clients this
+This sets the supported signature algorithms for TLSv1.2 and TLSv1.3.
+For clients this
value is used directly for the supported signature algorithms extension. For
servers it is used to determine which signature algorithms to support.
The B argument should be a colon separated list of signature algorithms
-in order of decreasing preference of the form B. B
+in order of decreasing preference of the form B or
+B. B
is one of B, B or B and B is a supported algorithm
OID short name such as B, B, B, B of B.
Note: algorithm and hash names are case sensitive.
+B is one of the signature schemes defined in TLSv1.3,
+specified using the IETF name, e.g., B, B,
+or B.
If this option is not set then all signature algorithms supported by the
OpenSSL library are permissible.
+Note: algorithms which specify a PKCS#1 v1.5 signature scheme (either by
+using B as the B or by using one of the B
+identifiers) are ignored in TLSv1.3 and will not be negotiated.
+
=item B<-client_sigalgs>
This sets the supported signature algorithms associated with client
-authentication for TLS v1.2. For servers the value is used in the supported
-signature algorithms field of a certificate request. For clients it is
-used to determine which signature algorithm to with the client certificate.
+authentication for TLSv1.2 and TLSv1.3.
+For servers the value is used in the
+B field of a B message.
+For clients it is
+used to determine which signature algorithm to use with the client certificate.
If a server does not request a certificate this option has no effect.
The syntax of B is identical to B<-sigalgs>. If not set then
@@ -61,22 +72,21 @@ the
[openssl-commits] [openssl] master update
The branch master has been updated
via d6c46adf180aa3e29d5dac075fb673bbc273ae08 (commit)
from 322755cc2a91d08b66826b38a7b8c20f68cd8890 (commit)
- Log -
commit d6c46adf180aa3e29d5dac075fb673bbc273ae08
Author: Erik Forsberg
Date: Sun Aug 19 10:24:44 2018 -0700
Fix ssl/t1_trce.c to parse certificate chains
Fixes #6994
Reviewed-by: Matt Caswell
Reviewed-by: Tim Hudson
Reviewed-by: Paul Yang
(Merged from https://github.com/openssl/openssl/pull/7009)
---
Summary of changes:
ssl/t1_trce.c | 27 +--
1 file changed, 17 insertions(+), 10 deletions(-)
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index b79c776..be3039a 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -885,28 +885,35 @@ static int ssl_print_extensions(BIO *bio, int indent, int
server,
BIO_indent(bio, indent, 80);
if (msglen == 0) {
-BIO_puts(bio, "No Extensions\n");
+BIO_puts(bio, "No extensions\n");
return 1;
}
if (msglen < 2)
return 0;
extslen = (msg[0] << 8) | msg[1];
-if (extslen != msglen - 2)
-return 0;
+msglen -= 2;
msg += 2;
-msglen = extslen;
-BIO_printf(bio, "extensions, length = %d\n", (int)msglen);
-while (msglen > 0) {
+if (extslen == 0) {
+BIO_puts(bio, "No extensions\n");
+*msgin = msg;
+*msginlen = msglen;
+return 1;
+}
+if (extslen > msglen)
+return 0;
+BIO_printf(bio, "extensions, length = %d\n", (int)extslen);
+msglen -= extslen;
+while (extslen > 0) {
int extype;
size_t extlen;
-if (msglen < 4)
+if (extslen < 4)
return 0;
extype = (msg[0] << 8) | msg[1];
extlen = (msg[2] << 8) | msg[3];
-if (msglen < extlen + 4) {
+if (extslen < extlen + 4) {
BIO_printf(bio, "extensions, extype = %d, extlen = %d\n", extype,
(int)extlen);
-BIO_dump_indent(bio, (const char *)msg, msglen, indent + 2);
+BIO_dump_indent(bio, (const char *)msg, extslen, indent + 2);
return 0;
}
msg += 4;
@@ -914,7 +921,7 @@ static int ssl_print_extensions(BIO *bio, int indent, int
server,
extlen))
return 0;
msg += extlen;
-msglen -= extlen + 4;
+extslen -= extlen + 4;
}
*msgin = msg;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 354e010757b95d27fb36d364412ee7a5e7111963 (commit) from d6c46adf180aa3e29d5dac075fb673bbc273ae08 (commit) - Log - commit 354e010757b95d27fb36d364412ee7a5e7111963 Author: Matt Caswell Date: Thu Aug 23 14:37:01 2018 +0100 Add a note in the docs about sharing PSKs between TLSv1.2 and TLSv1.3 Fixes #6490 Reviewed-by: Tim Hudson Reviewed-by: Paul Yang (Merged from https://github.com/openssl/openssl/pull/7044) --- Summary of changes: doc/man3/SSL_CTX_set_psk_client_callback.pod | 8 doc/man3/SSL_CTX_use_psk_identity_hint.pod | 10 ++ 2 files changed, 18 insertions(+) diff --git a/doc/man3/SSL_CTX_set_psk_client_callback.pod b/doc/man3/SSL_CTX_set_psk_client_callback.pod index 6d1a9b5..eb4e4f5 100644 --- a/doc/man3/SSL_CTX_set_psk_client_callback.pod +++ b/doc/man3/SSL_CTX_set_psk_client_callback.pod @@ -132,6 +132,14 @@ Note that parameter B given to the callback may be B. A connection established via a TLSv1.3 PSK will appear as if session resumption has occurred so that L will return true. +There are no known security issues with sharing the same PSK between TLSv1.2 (or +below) and TLSv1.3. However the RFC has this note of caution: + +"While there is no known way in which the same PSK might produce related output +in both versions, only limited analysis has been done. Implementations can +ensure safety from cross-protocol related output by not reusing PSKs between +TLS 1.3 and TLS 1.2." + =head1 RETURN VALUES Return values from the B callback are interpreted as diff --git a/doc/man3/SSL_CTX_use_psk_identity_hint.pod b/doc/man3/SSL_CTX_use_psk_identity_hint.pod index 2b2bc3e..c8f7526 100644 --- a/doc/man3/SSL_CTX_use_psk_identity_hint.pod +++ b/doc/man3/SSL_CTX_use_psk_identity_hint.pod @@ -123,6 +123,16 @@ completely. The B callback should return 1 on success or 0 on failure. In the event of failure the connection setup fails. +=head1 NOTES + +There are no known security issues with sharing the same PSK between TLSv1.2 (or +below) and TLSv1.3. However the RFC has this note of caution: + +"While there is no known way in which the same PSK might produce related output +in both versions, only limited analysis has been done. Implementations can +ensure safety from cross-protocol related output by not reusing PSKs between +TLS 1.3 and TLS 1.2." + =head1 SEE ALSO L, _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
