[openssl/openssl] f3090f: Implement deterministic ECDSA sign (RFC6979)

2022-11-29 Thread Shane 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: f3090fc710e30a749acaf9e5dfbe20dd163cf15d
  
https://github.com/openssl/openssl/commit/f3090fc710e30a749acaf9e5dfbe20dd163cf15d
  Author: slontis 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M crypto/build.info
A crypto/deterministic_nonce.c
M crypto/dsa/dsa_local.h
M crypto/dsa/dsa_ossl.c
M crypto/dsa/dsa_sign.c
M crypto/ec/ecdsa_ossl.c
M doc/build.info
A doc/man7/EVP_KDF-HMAC-DRBG.pod
M doc/man7/EVP_RAND-HMAC-DRBG.pod
M doc/man7/EVP_SIGNATURE-DSA.pod
M doc/man7/EVP_SIGNATURE-ECDSA.pod
M doc/man7/OSSL_PROVIDER-default.pod
M doc/man7/provider-signature.pod
M include/crypto/dsa.h
M include/crypto/ec.h
A include/internal/deterministic_nonce.h
M include/openssl/core_names.h
M providers/defltprov.c
A providers/implementations/include/prov/hmac_drbg.h
M providers/implementations/include/prov/implementations.h
M providers/implementations/include/prov/names.h
M providers/implementations/kdfs/build.info
A providers/implementations/kdfs/hmacdrbg_kdf.c
M providers/implementations/rands/drbg_hmac.c
M providers/implementations/rands/drbg_local.h
M providers/implementations/signature/dsa_sig.c
M providers/implementations/signature/ecdsa_sig.c
M test/evp_kdf_test.c
M test/evp_test.c
M test/recipes/30-test_evp.t
A test/recipes/30-test_evp_data/evpkdf_hmac_drbg.txt

  Log Message:
  ---
  Implement deterministic ECDSA sign (RFC6979)

This PR is based off the contributions in PR #9223 by Jemmy1228.

It has been modified and reworked to:
(1) Work with providers
(2) Support ECDSA and DSA
(3) Add a KDF HMAC_DRBG implementation that shares code with the RAND HMAC_DRBG.

A nonce_type is passed around inside the Signing API's, in order to support any
future deterministic algorithms.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18809)


  Commit: 0a7528cc7c3b80e00e3093f5d32525574138a33e
  
https://github.com/openssl/openssl/commit/0a7528cc7c3b80e00e3093f5d32525574138a33e
  Author: slontis 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M doc/man7/EVP_RAND-CTR-DRBG.pod
M doc/man7/EVP_RAND-HASH-DRBG.pod
M doc/man7/EVP_RAND-SEED-SRC.pod
M doc/man7/EVP_RAND-TEST-RAND.pod

  Log Message:
  ---
  Fix docs related to EVP_RAND_CTX_new() that were not passing the parent
parameter.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18809)


  Commit: 5375fd8e948234e8b8a10ded94badf6f59b53608
  
https://github.com/openssl/openssl/commit/5375fd8e948234e8b8a10ded94badf6f59b53608
  Author: Billy Brumley 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M test/recipes/30-test_evp.t
A test/recipes/30-test_evp_data/evppkey_rfc6979.txt

  Log Message:
  ---
  [test/recipes] RFC6979 deterministic ECDSA KATs in evptest format

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18809)


  Commit: 6b3d28757620e0781bb1556032bb6961ee39af63
  
https://github.com/openssl/openssl/commit/6b3d28757620e0781bb1556032bb6961ee39af63
  Author: slontis 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M test/evp_test.c
M test/recipes/30-test_evp.t
A test/recipes/30-test_evp_data/evppkey_dsa_rfc6979.txt
A test/recipes/30-test_evp_data/evppkey_ecdsa_rfc6979.txt
R test/recipes/30-test_evp_data/evppkey_rfc6979.txt

  Log Message:
  ---
  [test/recipes] Add RFC6979 deterministic DSA KATs in evptest format

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18809)


Compare: https://github.com/openssl/openssl/compare/9ba4f489ecd3...6b3d28757620

[openssl/openssl] 9ba4f4: evp_test: fix rebase mistake with no_gost

2022-11-29 Thread Pauli 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 9ba4f489ecd30901603d66a8ec578cbca08fac06
  
https://github.com/openssl/openssl/commit/9ba4f489ecd30901603d66a8ec578cbca08fac06
  Author: Pauli 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M test/recipes/30-test_evp.t

  Log Message:
  ---
  evp_test: fix rebase mistake with no_gost

Reviewed-by: Richard Levitte 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/19785)

[openssl/openssl] ca0dd5: Remove redundant assignment in felem_mul_ref in p521

2022-11-29 Thread openssl-machine 
  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: ca0dd5f4a303def58800a7e4d7edf9242ed73241
  
https://github.com/openssl/openssl/commit/ca0dd5f4a303def58800a7e4d7edf9242ed73241
  Author: Rohan McLure 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M crypto/ec/ecp_nistp521.c

  Log Message:
  ---
  Remove redundant assignment in felem_mul_ref in p521

ftmp4 is assigned immediately before receiving the reduced output of the
multiplication of ftmp and ftmp3, without being read inbetween these
assignments. Remove redundant assignment.

Reviewed-by: Hugo Landau 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/19766)

(cherry picked from commit 3d4dfeb28a5cb944b8300b4cf807e19ab97d04f5)

[openssl/openssl] 3d4dfe: Remove redundant assignment in felem_mul_ref in p521

2022-11-29 Thread openssl-machine 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 3d4dfeb28a5cb944b8300b4cf807e19ab97d04f5
  
https://github.com/openssl/openssl/commit/3d4dfeb28a5cb944b8300b4cf807e19ab97d04f5
  Author: Rohan McLure 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M crypto/ec/ecp_nistp521.c

  Log Message:
  ---
  Remove redundant assignment in felem_mul_ref in p521

ftmp4 is assigned immediately before receiving the reduced output of the
multiplication of ftmp and ftmp3, without being read inbetween these
assignments. Remove redundant assignment.

Reviewed-by: Hugo Landau 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/19766)

Coverity Scan: Analysis completed for openssl/openssl

2022-11-29 Thread scan-admin 


Your request for analysis of openssl/openssl has been completed 
successfully.
The results are available at 
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3D15wv_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeG8ZjpbZX0Bg98iYhPGkjp0yqsomTrmbHp4M3dH9azT75eDoW3P-2B00AfcYAnTXPoNpilDp-2BKgdvWkC6gkWZSanA8UVOAKNEIzSLutMAKCukJxgR-2Fs-2FCuYwJgZ2xkHRpLX9kb269xZIa5KeUNCJMfaVZbEeNoElari2l9rmcs812Lp95vOcdp4Rm2LYAvKX2LTM-3D

Build ID: 497391

Analysis Summary:
   New defects found: 0
   Defects eliminated: 7

[openssl/openssl] 059123: doc: fix location of AES-SIV ciphers

2022-11-29 Thread Pauli 
  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: 059123bed8fa4e6d5af2d30063ebffeb0020ee85
  
https://github.com/openssl/openssl/commit/059123bed8fa4e6d5af2d30063ebffeb0020ee85
  Author: Pauli 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M doc/man7/EVP_CIPHER-AES.pod

  Log Message:
  ---
  doc: fix location of AES-SIV ciphers

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19776)

(cherry picked from commit d1aa7d11363ebb0dff080966f842fade91135eaa)

[openssl/openssl] d1aa7d: doc: fix location of AES-SIV ciphers

2022-11-29 Thread Pauli 
  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: d1aa7d11363ebb0dff080966f842fade91135eaa
  
https://github.com/openssl/openssl/commit/d1aa7d11363ebb0dff080966f842fade91135eaa
  Author: Pauli 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M doc/man7/EVP_CIPHER-AES.pod

  Log Message:
  ---
  doc: fix location of AES-SIV ciphers

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19776)

[openssl/openssl] edaab8: aes: add AES-GCM-SIV modes to the FIPS provider

2022-11-29 Thread Pauli 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: edaab86dc001603741f5b5e406afc1cc3a1c4e6e
  
https://github.com/openssl/openssl/commit/edaab86dc001603741f5b5e406afc1cc3a1c4e6e
  Author: Pauli 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M doc/man7/EVP_CIPHER-AES.pod
M providers/fips/fipsprov.c
M providers/implementations/ciphers/build.info
M test/recipes/30-test_evp.t
M test/recipes/30-test_evp_data/evpciph_aes_gcm_siv.txt

  Log Message:
  ---
  aes: add AES-GCM-SIV modes to the FIPS provider

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19777)


  Commit: abff8bd842b802c09b981b7552bd92ef1d0ced64
  
https://github.com/openssl/openssl/commit/abff8bd842b802c09b981b7552bd92ef1d0ced64
  Author: Pauli 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M doc/man7/EVP_CIPHER-AES.pod
M test/recipes/30-test_evp_data/evpmac_common.txt

  Log Message:
  ---
  Update fips version check to be more robust

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19777)


  Commit: 4a7231df5ca9f3d8759dc8c22cb8e9f27b312024
  
https://github.com/openssl/openssl/commit/4a7231df5ca9f3d8759dc8c22cb8e9f27b312024
  Author: Pauli 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M doc/man7/OSSL_PROVIDER-FIPS.pod

  Log Message:
  ---
  fips prov: remove 3DES from list of inclusions

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19777)


Compare: https://github.com/openssl/openssl/compare/e44b34185268...4a7231df5ca9

[openssl/openssl] de8f6a: obj: Add SM4 XTS OID

2022-11-29 Thread xu-yi-zhou 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: de8f6a3e293a43f364cddefdf734b13486ec4cc9
  
https://github.com/openssl/openssl/commit/de8f6a3e293a43f364cddefdf734b13486ec4cc9
  Author: Xu Yizhou 
  Date:   2022-11-29 (Tue, 29 Nov 2022)

  Changed paths:
M crypto/objects/obj_dat.h
M crypto/objects/obj_mac.num
M crypto/objects/objects.txt
M fuzz/oids.txt
M include/openssl/obj_mac.h

  Log Message:
  ---
  obj: Add SM4 XTS OID

Add the following OID:

SM4-XTS: 1.2.156.10197.1.104.10

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19619)


  Commit: 2788b56f0c8306c89c97a6599484120afddfa14a
  
https://github.com/openssl/openssl/commit/2788b56f0c8306c89c97a6599484120afddfa14a
  Author: Xu Yizhou 
  Date:   2022-11-29 (Tue, 29 Nov 2022)

  Changed paths:
M crypto/modes/build.info
A crypto/modes/xts128gb.c
M include/crypto/modes.h
M include/openssl/core_names.h
M providers/defltprov.c
M providers/implementations/ciphers/build.info
A providers/implementations/ciphers/cipher_sm4_xts.c
A providers/implementations/ciphers/cipher_sm4_xts.h
A providers/implementations/ciphers/cipher_sm4_xts_hw.c
M providers/implementations/include/prov/implementations.h
M providers/implementations/include/prov/names.h

  Log Message:
  ---
  providers: Add SM4 XTS implementation

Signed-off-by: Xu Yizhou 

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19619)


  Commit: 6cdf83eaabda63f7c5cf9d69d51d931308da471e
  
https://github.com/openssl/openssl/commit/6cdf83eaabda63f7c5cf9d69d51d931308da471e
  Author: Xu Yizhou 
  Date:   2022-11-29 (Tue, 29 Nov 2022)

  Changed paths:
M test/evp_test.c
M test/recipes/30-test_evp_data/evpciph_sm4.txt

  Log Message:
  ---
  test: add sm4 xts test cases

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19619)


  Commit: e44b34185268e99ee2dc499073cf56d0465d60e2
  
https://github.com/openssl/openssl/commit/e44b34185268e99ee2dc499073cf56d0465d60e2
  Author: Xu Yizhou 
  Date:   2022-11-29 (Tue, 29 Nov 2022)

  Changed paths:
M doc/man3/EVP_EncryptInit.pod
M doc/man7/EVP_CIPHER-SM4.pod

  Log Message:
  ---
  doc: add note for sm4 xts

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19619)


Compare: https://github.com/openssl/openssl/compare/9fba7d261ac9...e44b34185268

[openssl/openssl] 926db4: Honor OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT a...

2022-11-29 Thread Nicola Tuveri 
  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: 926db476bc669fdcc4c4d2f1cb547060bdbfa153
  
https://github.com/openssl/openssl/commit/926db476bc669fdcc4c4d2f1cb547060bdbfa153
  Author: Nicola Tuveri 
  Date:   2022-11-29 (Tue, 29 Nov 2022)

  Changed paths:
M CHANGES.md
M crypto/ec/ec_ameth.c
M doc/man7/EVP_PKEY-EC.pod
M providers/implementations/keymgmt/ec_kmgmt.c
M test/evp_pkey_provided_test.c

  Log Message:
  ---
  Honor OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT as set and default to 
UNCOMPRESSED

Originally the code to im/export the EC pubkey was meant to be consumed
only by the im/export functions when crossing the provider boundary.
Having our providers exporting to a COMPRESSED format octet string made
sense to avoid memory waste, as it wasn't exposed outside the provider
API, and providers had all tools available to convert across the three
formats.

Later on, with #13139 deprecating the `EC_KEY_*` functions, more state
was added among the params imported/exported on an EC provider-native
key (including `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT`, although it
did not affect the format used to export `OSSL_PKEY_PARAM_PUB_KEY`).

Finally, in #14800, `EVP_PKEY_todata()` was introduced and prominently
exposed directly to users outside the provider API, and the choice of
COMPRESSED over UNCOMPRESSED as the default became less sensible in
light of usability, given the latter is more often needed by
applications and protocols.

This commit fixes it, by using `EC_KEY_get_conv_form()` to get the
point format from the internal state (an `EC_KEY` under the hood) of the
provider-side object, and using it on
`EVP_PKEY_export()`/`EVP_PKEY_todata()` to format
`OSSL_PKEY_PARAM_PUB_KEY`.
The default for an `EC_KEY` was already UNCOMPRESSED, and it is altered
if the user sets `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` via
`EVP_PKEY_fromdata()`, `EVP_PKEY_set_params()`, or one of the
more specialized methods.

For symmetry, this commit also alters `ec_pkey_export_to()` in
`crypto/ec/ec_ameth.c`, part of the `EVP_PKEY_ASN1_METHOD` for legacy EC
keys: it exclusively used COMPRESSED format, and now it honors the
conversion format specified in the EC_KEY object being exported to a
provider when this function is called.

Expand documentation about `OSSL_PKEY_PARAM_PUB_KEY` and mention the
3.1 change in behavior for our providers.

Fixes #16595

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19681)


  Commit: d656efb9eb7692c0b1cba843d7787751e388cc8a
  
https://github.com/openssl/openssl/commit/d656efb9eb7692c0b1cba843d7787751e388cc8a
  Author: Nicola Tuveri 
  Date:   2022-11-29 (Tue, 29 Nov 2022)

  Changed paths:
M pyca-cryptography

  Log Message:
  ---
  Update pyca-cryptography submodule to 38.0.4

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19681)


Compare: https://github.com/openssl/openssl/compare/18e72cbefec5...d656efb9eb76

[openssl/openssl] a16e86: Honor OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT a...

2022-11-29 Thread Nicola Tuveri 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: a16e86683e8d76c4b9268d757c584b5c971db728
  
https://github.com/openssl/openssl/commit/a16e86683e8d76c4b9268d757c584b5c971db728
  Author: Nicola Tuveri 
  Date:   2022-11-29 (Tue, 29 Nov 2022)

  Changed paths:
M CHANGES.md
M crypto/ec/ec_ameth.c
M doc/man7/EVP_PKEY-EC.pod
M providers/implementations/keymgmt/ec_kmgmt.c
M test/evp_pkey_provided_test.c

  Log Message:
  ---
  Honor OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT as set and default to 
UNCOMPRESSED

Originally the code to im/export the EC pubkey was meant to be consumed
only by the im/export functions when crossing the provider boundary.
Having our providers exporting to a COMPRESSED format octet string made
sense to avoid memory waste, as it wasn't exposed outside the provider
API, and providers had all tools available to convert across the three
formats.

Later on, with #13139 deprecating the `EC_KEY_*` functions, more state
was added among the params imported/exported on an EC provider-native
key (including `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT`, although it
did not affect the format used to export `OSSL_PKEY_PARAM_PUB_KEY`).

Finally, in #14800, `EVP_PKEY_todata()` was introduced and prominently
exposed directly to users outside the provider API, and the choice of
COMPRESSED over UNCOMPRESSED as the default became less sensible in
light of usability, given the latter is more often needed by
applications and protocols.

This commit fixes it, by using `EC_KEY_get_conv_form()` to get the
point format from the internal state (an `EC_KEY` under the hood) of the
provider-side object, and using it on
`EVP_PKEY_export()`/`EVP_PKEY_todata()` to format
`OSSL_PKEY_PARAM_PUB_KEY`.
The default for an `EC_KEY` was already UNCOMPRESSED, and it is altered
if the user sets `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` via
`EVP_PKEY_fromdata()`, `EVP_PKEY_set_params()`, or one of the
more specialized methods.

For symmetry, this commit also alters `ec_pkey_export_to()` in
`crypto/ec/ec_ameth.c`, part of the `EVP_PKEY_ASN1_METHOD` for legacy EC
keys: it exclusively used COMPRESSED format, and now it honors the
conversion format specified in the EC_KEY object being exported to a
provider when this function is called.

Expand documentation about `OSSL_PKEY_PARAM_PUB_KEY` and mention the
3.1 change in behavior for our providers.

Fixes #16595

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19681)

(cherry picked from commit 926db476bc669fdcc4c4d2f1cb547060bdbfa153)


  Commit: 9fba7d261ac970e43e80dc41b11f2655a1b530b0
  
https://github.com/openssl/openssl/commit/9fba7d261ac970e43e80dc41b11f2655a1b530b0
  Author: Nicola Tuveri 
  Date:   2022-11-29 (Tue, 29 Nov 2022)

  Changed paths:
M pyca-cryptography

  Log Message:
  ---
  Update pyca-cryptography submodule to 38.0.4

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19681)

(cherry picked from commit d656efb9eb7692c0b1cba843d7787751e388cc8a)


Compare: https://github.com/openssl/openssl/compare/450f96e965f0...9fba7d261ac9

[openssl/openssl] 450f96: Fix Coverity issues in HPKE

2022-11-29 Thread Shane 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 450f96e965f0d5e89737755364df5933b5085639
  
https://github.com/openssl/openssl/commit/450f96e965f0d5e89737755364df5933b5085639
  Author: slontis 
  Date:   2022-11-29 (Tue, 29 Nov 2022)

  Changed paths:
M crypto/hpke/hpke.c
M test/hpke_test.c

  Log Message:
  ---
  Fix Coverity issues in HPKE

CID 1517043 and 1517038: (Forward NULL) - Removed redundant check that is 
already
done by the caller. It was complaining that it checked for ctlen == NULL
and then did a goto that used this *ctlen.

CID 1517042 and 1517041: (Forward NULL) - Similar to above for ptlen in
hpke_aead_dec()

CID 1517040: Remove unneeded logging. This gets rid of the warning
related to taking the sizeof(&)

CID 1517039: Check returned value of  RAND_bytes_ex() in hpke_test

CID 1517038: Check return result of KEM_INFO_find() in
OSSL_HPKE_get_recomended_ikmelen. Even though this is a false positive,
it should not rely on the internals of other function calls.

Changed some goto's into returns to match OpenSSL coding guidelines.
Removed Raises from calls to _new which fail from malloc calls.

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19774)