[openssl/openssl] 86945b: Fix verify_callback in the openssl s_client/s_serv...

2022-07-20 Thread beldmit
  Branch: refs/heads/OpenSSL_1_1_1-stable
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 86945b10ccd84f685bd6215bbb00d1e700303e49
  
https://github.openssl.org/openssl/openssl/commit/86945b10ccd84f685bd6215bbb00d1e700303e49
  Author: Dmitry Belyavskiy 
  Date:   2022-07-20 (Wed, 20 Jul 2022)

  Changed paths:
M apps/s_cb.c

  Log Message:
  ---
  Fix verify_callback in the openssl s_client/s_server app

We need to check that error cert is available before printing its data

Reviewed-by: Tomas Mraz 
Reviewed-by: David von Oheimb 
Reviewed-by: Viktor Dukhovni 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18805)

(cherry picked from commit fad0f80eff188ef938fed614245a56ed56110deb)




[openssl/openssl] cc90ba: Fix verify_callback in the openssl s_client/s_serv...

2022-07-20 Thread beldmit
  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: cc90ba66062afc27e31e403613711dba5a7475a8
  
https://github.openssl.org/openssl/openssl/commit/cc90ba66062afc27e31e403613711dba5a7475a8
  Author: Dmitry Belyavskiy 
  Date:   2022-07-20 (Wed, 20 Jul 2022)

  Changed paths:
M apps/lib/s_cb.c

  Log Message:
  ---
  Fix verify_callback in the openssl s_client/s_server app

We need to check that error cert is available before printing its data

Reviewed-by: Tomas Mraz 
Reviewed-by: David von Oheimb 
Reviewed-by: Viktor Dukhovni 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18805)

(cherry picked from commit fad0f80eff188ef938fed614245a56ed56110deb)




[openssl/openssl] fad0f8: Fix verify_callback in the openssl s_client/s_serv...

2022-07-20 Thread beldmit
  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: fad0f80eff188ef938fed614245a56ed56110deb
  
https://github.openssl.org/openssl/openssl/commit/fad0f80eff188ef938fed614245a56ed56110deb
  Author: Dmitry Belyavskiy 
  Date:   2022-07-20 (Wed, 20 Jul 2022)

  Changed paths:
M apps/lib/s_cb.c

  Log Message:
  ---
  Fix verify_callback in the openssl s_client/s_server app

We need to check that error cert is available before printing its data

Reviewed-by: Tomas Mraz 
Reviewed-by: David von Oheimb 
Reviewed-by: Viktor Dukhovni 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18805)




[openssl/openssl] a58978: Improve diagnostics on setting groups

2022-06-22 Thread beldmit
  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: a58978f1bf44706f88395d9011a7be405a0c6e4b
  
https://github.openssl.org/openssl/openssl/commit/a58978f1bf44706f88395d9011a7be405a0c6e4b
  Author: Dmitry Belyavskiy 
  Date:   2022-06-22 (Wed, 22 Jun 2022)

  Changed paths:
M ssl/t1_lib.c

  Log Message:
  ---
  Improve diagnostics on setting groups

- If keymgmmt is not available, it's not an error but the error message
  persists in stack
- when setting groups, it's worth saying which group is not available
Fixes #18585

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18591)

(cherry picked from commit ce8822b7e5f4fdf836677faee336a5cf996d4363)




[openssl/openssl] ce8822: Improve diagnostics on setting groups

2022-06-22 Thread beldmit
  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: ce8822b7e5f4fdf836677faee336a5cf996d4363
  
https://github.openssl.org/openssl/openssl/commit/ce8822b7e5f4fdf836677faee336a5cf996d4363
  Author: Dmitry Belyavskiy 
  Date:   2022-06-22 (Wed, 22 Jun 2022)

  Changed paths:
M ssl/t1_lib.c

  Log Message:
  ---
  Improve diagnostics on setting groups

- If keymgmmt is not available, it's not an error but the error message
  persists in stack
- when setting groups, it's worth saying which group is not available
Fixes #18585

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18591)




[openssl/openssl] dd1515: Fix inadvertent NULL assignments in ternary ops

2022-06-05 Thread beldmit
  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: dd151560f9aea3edfc7aa8759c1c11f35a11c4a2
  
https://github.openssl.org/openssl/openssl/commit/dd151560f9aea3edfc7aa8759c1c11f35a11c4a2
  Author: Clemens Lang 
  Date:   2022-06-05 (Sun, 05 Jun 2022)

  Changed paths:
M crypto/encode_decode/decoder_meth.c
M crypto/encode_decode/encoder_meth.c
M crypto/store/store_meth.c

  Log Message:
  ---
  Fix inadvertent NULL assignments in ternary ops

As identified by both clang with a warning and
$> git grep -P '(?
CLA: trivial

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18469)

(cherry picked from commit 1a01e5c29dfaf09af3960b4c8e6ec0f8171eda80)



[openssl/openssl] 1a01e5: Fix inadvertent NULL assignments in ternary ops

2022-06-05 Thread beldmit
  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 1a01e5c29dfaf09af3960b4c8e6ec0f8171eda80
  
https://github.openssl.org/openssl/openssl/commit/1a01e5c29dfaf09af3960b4c8e6ec0f8171eda80
  Author: Clemens Lang 
  Date:   2022-06-05 (Sun, 05 Jun 2022)

  Changed paths:
M crypto/encode_decode/decoder_meth.c
M crypto/encode_decode/encoder_meth.c
M crypto/store/store_meth.c

  Log Message:
  ---
  Fix inadvertent NULL assignments in ternary ops

As identified by both clang with a warning and
$> git grep -P '(?
CLA: trivial

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18469)



[openssl/openssl] 373de4: Use safe pattern for buffer size determining in ca...

2022-05-24 Thread beldmit
  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 373de40f3f76c63e4f2684abd86706f3863347ca
  
https://github.openssl.org/openssl/openssl/commit/373de40f3f76c63e4f2684abd86706f3863347ca
  Author: Dmitry Belyavskiy 
  Date:   2022-05-24 (Tue, 24 May 2022)

  Changed paths:
M ssl/statem/statem_clnt.c

  Log Message:
  ---
  Use safe pattern for buffer size determining in case of GOST key exchange

Related: CVE-2022-29242

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18381)

(cherry picked from commit 2b5e89992e3ada1131beebb2a22722168b9389c2)


  Commit: 71544090df4fe34f1ebd182e4e77c8b26568dbfe
  
https://github.openssl.org/openssl/openssl/commit/71544090df4fe34f1ebd182e4e77c8b26568dbfe
  Author: Dmitry Belyavskiy 
  Date:   2022-05-24 (Tue, 24 May 2022)

  Changed paths:
M gost-engine

  Log Message:
  ---
  Update gost-engine to the last changes

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18381)

(cherry picked from commit 828613c3e44ca1de6407a37d34de64c673ca61e9)


Compare: 
https://github.openssl.org/openssl/openssl/compare/3be529cd2eb4...71544090df4f


[openssl/openssl] 2b5e89: Use safe pattern for buffer size determining in ca...

2022-05-24 Thread beldmit
  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 2b5e89992e3ada1131beebb2a22722168b9389c2
  
https://github.openssl.org/openssl/openssl/commit/2b5e89992e3ada1131beebb2a22722168b9389c2
  Author: Dmitry Belyavskiy 
  Date:   2022-05-24 (Tue, 24 May 2022)

  Changed paths:
M ssl/statem/statem_clnt.c

  Log Message:
  ---
  Use safe pattern for buffer size determining in case of GOST key exchange

Related: CVE-2022-29242

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18381)


  Commit: 828613c3e44ca1de6407a37d34de64c673ca61e9
  
https://github.openssl.org/openssl/openssl/commit/828613c3e44ca1de6407a37d34de64c673ca61e9
  Author: Dmitry Belyavskiy 
  Date:   2022-05-24 (Tue, 24 May 2022)

  Changed paths:
M gost-engine

  Log Message:
  ---
  Update gost-engine to the last changes

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18381)


Compare: 
https://github.openssl.org/openssl/openssl/compare/dc0ef292f7df...828613c3e44c


[openssl/openssl] c73ba8: add support for SHA-3 based PRF to PBES2

2022-05-18 Thread beldmit
  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: c73ba81899c291d60851321e6de8913d4800c456
  
https://github.openssl.org/openssl/openssl/commit/c73ba81899c291d60851321e6de8913d4800c456
  Author: Hubert Kario 
  Date:   2022-05-18 (Wed, 18 May 2022)

  Changed paths:
M crypto/evp/evp_pbe.c

  Log Message:
  ---
  add support for SHA-3 based PRF to PBES2

As there are no limitations for HMACs used in PBKDF2 inside PBES2,
as more specifically the SHA-3 hashes are drop-in replacements for
SHA-2 hashes, we can easily add support for SHA-3 here.

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16237)


  Commit: 5702392f73e679fd9ed9dd912cf4c9dc613c4d71
  
https://github.openssl.org/openssl/openssl/commit/5702392f73e679fd9ed9dd912cf4c9dc613c4d71
  Author: Hubert Kario 
  Date:   2022-05-18 (Wed, 18 May 2022)

  Changed paths:
M test/recipes/30-test_evp_data/evpkdf_pbkdf2.txt
M test/recipes/30-test_evp_data/evppbe_pbkdf2.txt

  Log Message:
  ---
  add tests for PBKDF2 with SHA-3

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16237)


Compare: 
https://github.openssl.org/openssl/openssl/compare/8b97bf43...5702392f73e6


[openssl/openssl] 167f3f: Missing changes entry about OPENSSL_str[n]casecmp

2022-05-17 Thread beldmit
  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 167f3f47de3b8948ba3ee8b79931a86d8de3deb8
  
https://github.openssl.org/openssl/openssl/commit/167f3f47de3b8948ba3ee8b79931a86d8de3deb8
  Author: Dmitry Belyavskiy 
  Date:   2022-05-17 (Tue, 17 May 2022)

  Changed paths:
M CHANGES.md

  Log Message:
  ---
  Missing changes entry about OPENSSL_str[n]casecmp

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18302)

(cherry picked from commit 8b97bf4328c65156bff6886db8733df39fde)




[openssl/openssl] 8b97bf: Missing changes entry about OPENSSL_str[n]casecmp

2022-05-17 Thread beldmit
  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 8b97bf4328c65156bff6886db8733df39fde
  
https://github.openssl.org/openssl/openssl/commit/8b97bf4328c65156bff6886db8733df39fde
  Author: Dmitry Belyavskiy 
  Date:   2022-05-17 (Tue, 17 May 2022)

  Changed paths:
M CHANGES.md

  Log Message:
  ---
  Missing changes entry about OPENSSL_str[n]casecmp

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18302)




[openssl/openssl] ae3ece: Improving locale test

2022-05-02 Thread beldmit
  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: ae3ece03a61e8822fd7ea58f44812871efba82d1
  
https://github.openssl.org/openssl/openssl/commit/ae3ece03a61e8822fd7ea58f44812871efba82d1
  Author: Dmitry Belyavskiy 
  Date:   2022-05-02 (Mon, 02 May 2022)

  Changed paths:
M test/localetest.c

  Log Message:
  ---
  Improving locale test

Fixes #18205

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18211)

(cherry picked from commit 93983e31a8d9bf70d12e4cfdb5ce2f337e3b)




[openssl/openssl] 93983e: Improving locale test

2022-05-02 Thread beldmit
  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 93983e31a8d9bf70d12e4cfdb5ce2f337e3b
  
https://github.openssl.org/openssl/openssl/commit/93983e31a8d9bf70d12e4cfdb5ce2f337e3b
  Author: Dmitry Belyavskiy 
  Date:   2022-05-02 (Mon, 02 May 2022)

  Changed paths:
M test/localetest.c

  Log Message:
  ---
  Improving locale test

Fixes #18205

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18211)




[openssl/openssl] e56065: Ensure we initialized the locale before evp_pkey_n...

2022-04-29 Thread beldmit
  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: e560655f72dc27bcea973c6abfe99af75d313ad7
  
https://github.openssl.org/openssl/openssl/commit/e560655f72dc27bcea973c6abfe99af75d313ad7
  Author: Dmitry Belyavskiy 
  Date:   2022-04-29 (Fri, 29 Apr 2022)

  Changed paths:
M crypto/evp/pmeth_lib.c

  Log Message:
  ---
  Ensure we initialized the locale before evp_pkey_name2type

Fixes #18158

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18199)


  Commit: 2d96bfd957149e491feba55a3d04afb26b2668b5
  
https://github.openssl.org/openssl/openssl/commit/2d96bfd957149e491feba55a3d04afb26b2668b5
  Author: Dmitry Belyavskiy 
  Date:   2022-04-29 (Fri, 29 Apr 2022)

  Changed paths:
M test/build.info
A test/evp_pkey_ctx_new_from_name.c
M test/recipes/02-test_localetest.t

  Log Message:
  ---
  Testing the EVP_PKEY_CTX_new_from_name without preliminary init

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18199)


Compare: 
https://github.openssl.org/openssl/openssl/compare/49d874e0b751...2d96bfd95714


[openssl/openssl] ac844f: Ensure we initialized the locale before evp_pkey_n...

2022-04-26 Thread beldmit
  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: ac844f7ca8a15ac6727f113335f5a54b8c0ef7cf
  
https://github.openssl.org/openssl/openssl/commit/ac844f7ca8a15ac6727f113335f5a54b8c0ef7cf
  Author: Dmitry Belyavskiy 
  Date:   2022-04-26 (Tue, 26 Apr 2022)

  Changed paths:
M crypto/evp/pmeth_lib.c

  Log Message:
  ---
  Ensure we initialized the locale before evp_pkey_name2type

Fixes #18158

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18175)


  Commit: 1a68de8fb205e007a0e02d31cfae7955c51a4bca
  
https://github.openssl.org/openssl/openssl/commit/1a68de8fb205e007a0e02d31cfae7955c51a4bca
  Author: Dmitry Belyavskiy 
  Date:   2022-04-26 (Tue, 26 Apr 2022)

  Changed paths:
M test/build.info
A test/evp_pkey_ctx_new_from_name.c
M test/recipes/02-test_localetest.t

  Log Message:
  ---
  Testing the EVP_PKEY_CTX_new_from_name without preliminary init

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18175)


Compare: 
https://github.openssl.org/openssl/openssl/compare/cfe6a6d28adb...1a68de8fb205


[openssl/openssl] 4b2bd2: Public API functions OPENSSL_str[n]casecmp

2022-04-22 Thread beldmit
  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 4b2bd2722b8294a6b27c9e1fcf7d76f7d9de9b44
  
https://github.openssl.org/openssl/openssl/commit/4b2bd2722b8294a6b27c9e1fcf7d76f7d9de9b44
  Author: Dmitry Belyavskiy 
  Date:   2022-04-22 (Fri, 22 Apr 2022)

  Changed paths:
M crypto/ctype.c
M crypto/init.c
M doc/build.info
A doc/man3/OPENSSL_strcasecmp.pod
M include/crypto/ctype.h
M include/internal/core.h
M include/internal/e_os.h
M include/openssl/crypto.h.in
M util/libcrypto.num

  Log Message:
  ---
  Public API functions OPENSSL_str[n]casecmp

Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18069)


  Commit: fba140c73541c03e22b4fdb219a05d129bf0406d
  
https://github.openssl.org/openssl/openssl/commit/fba140c73541c03e22b4fdb219a05d129bf0406d
  Author: Dmitry Belyavskiy 
  Date:   2022-04-22 (Fri, 22 Apr 2022)

  Changed paths:
M apps/ca.c
M apps/ecparam.c
M apps/lib/apps.c
M apps/lib/http_server.c
M apps/lib/names.c
M apps/lib/vms_term_sock.c
M apps/list.c
M apps/rehash.c
M apps/s_server.c
M crypto/LPdir_unix.c
M crypto/asn1/ameth_lib.c
M crypto/asn1/asn1_gen.c
M crypto/conf/conf_def.c
M crypto/core_namemap.c
M crypto/dh/dh_group_params.c
M crypto/ec/ec_backend.c
M crypto/ec/ec_lib.c
M crypto/encode_decode/decoder_lib.c
M crypto/encode_decode/decoder_pkey.c
M crypto/encode_decode/encoder_lib.c
M crypto/encode_decode/encoder_pkey.c
M crypto/engine/tb_asnmth.c
M crypto/evp/ctrl_params_translate.c
M crypto/evp/ec_support.c
M crypto/evp/evp_lib.c
M crypto/evp/p_lib.c
M crypto/ffc/ffc_dh.c
M crypto/ffc/ffc_params.c
M crypto/http/http_client.c
M crypto/objects/o_names.c
M crypto/params_dup.c
M crypto/property/property_parse.c
M crypto/rand/rand_lib.c
M crypto/rsa/rsa_backend.c
M crypto/store/store_lib.c
M crypto/store/store_result.c
M crypto/trace.c
M crypto/x509/v3_tlsf.c
M engines/e_devcrypto.c
M engines/e_loader_attic.c
M include/internal/common.h
M providers/common/capabilities.c
M providers/implementations/ciphers/cipher_cts.c
M providers/implementations/kdfs/hkdf.c
M providers/implementations/kdfs/kbkdf.c
M providers/implementations/kdfs/tls1_prf.c
M providers/implementations/kem/rsa_kem.c
M providers/implementations/keymgmt/dsa_kmgmt.c
M providers/implementations/keymgmt/ec_kmgmt.c
M providers/implementations/keymgmt/ecx_kmgmt.c
M providers/implementations/keymgmt/mac_legacy_kmgmt.c
M providers/implementations/rands/drbg_ctr.c
M providers/implementations/signature/rsa_sig.c
M providers/implementations/storemgmt/file_store.c
M ssl/ssl_conf.c
M test/bntest.c
M test/evp_extra_test.c
M test/evp_libctx_test.c
M test/evp_test.c
M test/helpers/ssl_test_ctx.c
M test/params_conversion_test.c
M test/ssl_old_test.c
M test/v3nametest.c

  Log Message:
  ---
  str[n]casecmp => OPENSSL_strncasecmp

Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18069)


  Commit: c5e7de5dee9995cbc7247e37ccd0a6ddd1f7db56
  
https://github.openssl.org/openssl/openssl/commit/c5e7de5dee9995cbc7247e37ccd0a6ddd1f7db56
  Author: Dmitry Belyavskiy 
  Date:   2022-04-22 (Fri, 22 Apr 2022)

  Changed paths:
M providers/fips/fipsprov.c

  Log Message:
  ---
  FIPS provider modifications

Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18069)


  Commit: c29cf39449f78008e39af8f83760f2464815248b
  
https://github.openssl.org/openssl/openssl/commit/c29cf39449f78008e39af8f83760f2464815248b
  Author: Dmitry Belyavskiy 
  Date:   2022-04-22 (Fri, 22 Apr 2022)

  Changed paths:
M .github/workflows/ci.yml
M test/build.info
A test/localetest.c
A test/recipes/02-test_localetest.t

  Log Message:
  ---
  Minimal test checking we can get public key in Turkish locale

Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18069)


Compare: 
https://github.openssl.org/openssl/openssl/compare/5adddcd96255...c29cf39449f7


[openssl/openssl] 130de7: Public API functions OPENSSL_str[n]casecmp

2022-04-21 Thread beldmit
  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 130de70e0f85ecec08fcfe4daed1d0c491089ea6
  
https://github.openssl.org/openssl/openssl/commit/130de70e0f85ecec08fcfe4daed1d0c491089ea6
  Author: Dmitry Belyavskiy 
  Date:   2022-04-21 (Thu, 21 Apr 2022)

  Changed paths:
M crypto/context.c
M crypto/ctype.c
M crypto/init.c
M doc/build.info
A doc/man3/OPENSSL_strcasecmp.pod
M e_os.h
M include/crypto/ctype.h
M include/internal/core.h
M include/openssl/crypto.h.in
M util/libcrypto.num

  Log Message:
  ---
  Public API functions OPENSSL_str[n]casecmp

Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18103)


  Commit: 467b6f17a6747fd2e09b7c1475f2e9c91ef2e0ed
  
https://github.openssl.org/openssl/openssl/commit/467b6f17a6747fd2e09b7c1475f2e9c91ef2e0ed
  Author: Dmitry Belyavskiy 
  Date:   2022-04-21 (Thu, 21 Apr 2022)

  Changed paths:
M providers/fips/fipsprov.c

  Log Message:
  ---
  FIPS provider modifications

Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18103)


  Commit: a8e4ddc6d15b6e6b308428753bc22b12422adacf
  
https://github.openssl.org/openssl/openssl/commit/a8e4ddc6d15b6e6b308428753bc22b12422adacf
  Author: Dmitry Belyavskiy 
  Date:   2022-04-21 (Thu, 21 Apr 2022)

  Changed paths:
M .github/workflows/ci.yml
M test/build.info
A test/localetest.c
A test/recipes/02-test_localetest.t

  Log Message:
  ---
  Minimal test checking we can get public key in Turkish locale

(cherry picked from commit 6ae39acaf0c3578850be6699026a3a5c3f4bdfce)

Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18103)


  Commit: 2c31d942af28a20e87979cbc76c3dd8d162c1a9c
  
https://github.openssl.org/openssl/openssl/commit/2c31d942af28a20e87979cbc76c3dd8d162c1a9c
  Author: Dmitry Belyavskiy 
  Date:   2022-04-21 (Thu, 21 Apr 2022)

  Changed paths:
M apps/ca.c
M apps/cmp.c
M apps/ecparam.c
M apps/lib/apps.c
M apps/lib/engine_loader.c
M apps/lib/http_server.c
M apps/lib/names.c
M apps/lib/vms_term_sock.c
M apps/list.c
M apps/rehash.c
M apps/s_server.c
M crypto/LPdir_unix.c
M crypto/asn1/ameth_lib.c
M crypto/asn1/asn1_gen.c
M crypto/conf/conf_def.c
M crypto/core_namemap.c
M crypto/dh/dh_group_params.c
M crypto/ec/ec_backend.c
M crypto/ec/ec_lib.c
M crypto/encode_decode/decoder_lib.c
M crypto/encode_decode/decoder_pkey.c
M crypto/encode_decode/encoder_lib.c
M crypto/encode_decode/encoder_pkey.c
M crypto/engine/tb_asnmth.c
M crypto/evp/ctrl_params_translate.c
M crypto/evp/ec_support.c
M crypto/evp/evp_lib.c
M crypto/evp/p_lib.c
M crypto/ffc/ffc_dh.c
M crypto/ffc/ffc_params.c
M crypto/http/http_client.c
M crypto/objects/o_names.c
M crypto/params_dup.c
M crypto/property/property_parse.c
M crypto/rand/rand_lib.c
M crypto/rsa/rsa_backend.c
M crypto/store/store_lib.c
M crypto/store/store_result.c
M crypto/trace.c
M crypto/x509/v3_tlsf.c
M crypto/x509/v3_utl.c
M engines/e_devcrypto.c
M engines/e_loader_attic.c
M engines/e_ossltest.c
M providers/common/capabilities.c
M providers/implementations/ciphers/cipher_cts.c
M providers/implementations/kdfs/hkdf.c
M providers/implementations/kdfs/kbkdf.c
M providers/implementations/kdfs/tls1_prf.c
M providers/implementations/kem/rsa_kem.c
M providers/implementations/keymgmt/dsa_kmgmt.c
M providers/implementations/keymgmt/ec_kmgmt.c
M providers/implementations/keymgmt/ecx_kmgmt.c
M providers/implementations/keymgmt/mac_legacy_kmgmt.c
M providers/implementations/rands/drbg_ctr.c
M providers/implementations/signature/rsa_sig.c
M providers/implementations/storemgmt/file_store.c
M ssl/ssl_conf.c
M test/bntest.c
M test/evp_extra_test.c
M test/evp_libctx_test.c
M test/evp_test.c
M test/helpers/ssl_test_ctx.c
M test/params_conversion_test.c
M test/ssl_old_test.c
M test/v3nametest.c

  Log Message:
  ---
  str[n]casecmp => OPENSSL_strncasecmp

Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18103)


Compare: 
https://github.openssl.org/openssl/openssl/compare/455e158ef9b3...2c31d942af28


[openssl] openssl-3.0 update

2022-01-13 Thread beldmit
The branch openssl-3.0 has been updated
   via  941c877bdb71038f6beeaf416d9b7b7951ff1f19 (commit)
  from  21467ec273818e70a05ddece1019a13796c0fd26 (commit)


- Log -
commit 941c877bdb71038f6beeaf416d9b7b7951ff1f19
Author: Dmitry Belyavskiy 
Date:   Wed Jan 12 16:54:45 2022 +0100

Cleansing all the temporary data for s390x

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17486)

(cherry picked from commit 79c7acc59bb98c2b8451b048ed1dd8cc517df76e)

---

Summary of changes:
 crypto/ec/ecp_s390x_nistp.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/ec/ecp_s390x_nistp.c b/crypto/ec/ecp_s390x_nistp.c
index 5c70b2d678..c5726c638b 100644
--- a/crypto/ec/ecp_s390x_nistp.c
+++ b/crypto/ec/ecp_s390x_nistp.c
@@ -116,7 +116,7 @@ ret:
 /* Otherwise use default. */
 if (rc == -1)
 rc = ossl_ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx);
-OPENSSL_cleanse(param + S390X_OFF_SCALAR(len), len);
+OPENSSL_cleanse(param, sizeof(param));
 BN_CTX_end(ctx);
 BN_CTX_free(new_ctx);
 return rc;
@@ -212,7 +212,7 @@ static ECDSA_SIG *ecdsa_s390x_nistp_sign_sig(const unsigned 
char *dgst,
 
 ok = 1;
 ret:
-OPENSSL_cleanse(param + S390X_OFF_K(len), 2 * len);
+OPENSSL_cleanse(param, sizeof(param));
 if (ok != 1) {
 ECDSA_SIG_free(sig);
 sig = NULL;


[openssl] master update

2022-01-13 Thread beldmit
The branch master has been updated
   via  79c7acc59bb98c2b8451b048ed1dd8cc517df76e (commit)
  from  3bfb7239daf3d6a89476e163dc925c641d356729 (commit)


- Log -
commit 79c7acc59bb98c2b8451b048ed1dd8cc517df76e
Author: Dmitry Belyavskiy 
Date:   Wed Jan 12 16:54:45 2022 +0100

Cleansing all the temporary data for s390x

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17486)

---

Summary of changes:
 crypto/ec/ecp_s390x_nistp.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/ec/ecp_s390x_nistp.c b/crypto/ec/ecp_s390x_nistp.c
index 5c70b2d678..c5726c638b 100644
--- a/crypto/ec/ecp_s390x_nistp.c
+++ b/crypto/ec/ecp_s390x_nistp.c
@@ -116,7 +116,7 @@ ret:
 /* Otherwise use default. */
 if (rc == -1)
 rc = ossl_ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx);
-OPENSSL_cleanse(param + S390X_OFF_SCALAR(len), len);
+OPENSSL_cleanse(param, sizeof(param));
 BN_CTX_end(ctx);
 BN_CTX_free(new_ctx);
 return rc;
@@ -212,7 +212,7 @@ static ECDSA_SIG *ecdsa_s390x_nistp_sign_sig(const unsigned 
char *dgst,
 
 ok = 1;
 ret:
-OPENSSL_cleanse(param + S390X_OFF_K(len), 2 * len);
+OPENSSL_cleanse(param, sizeof(param));
 if (ok != 1) {
 ECDSA_SIG_free(sig);
 sig = NULL;


[openssl] master update

2022-01-11 Thread beldmit
The branch master has been updated
   via  e5fb4b1469f317aa92768cdf804dfa29b72cb8f3 (commit)
  from  2c2724476ef50b8926b033f009bdfc85ac3f1816 (commit)


- Log -
commit e5fb4b1469f317aa92768cdf804dfa29b72cb8f3
Author: Dmitry Belyavskiy 
Date:   Sun Jan 9 17:39:41 2022 +0100

Don't run TLSFuzzer tests when it is not properly set

Reviewed-by: Bernd Edlinger 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17448)

---

Summary of changes:
 test/recipes/95-test_external_tlsfuzzer.t | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/recipes/95-test_external_tlsfuzzer.t 
b/test/recipes/95-test_external_tlsfuzzer.t
index e506f8007a..265968e02d 100644
--- a/test/recipes/95-test_external_tlsfuzzer.t
+++ b/test/recipes/95-test_external_tlsfuzzer.t
@@ -18,8 +18,8 @@ plan skip_all => "No external tests in this configuration"
 if disabled("external-tests");
 plan skip_all => "TLSFuzzer tests not available on Windows or VMS"
 if $^O =~ /^(VMS|MSWin32)$/;
-plan skip_all => "TLSFuzzer tests not supported in out of tree builds"
-if bldtop_dir() ne srctop_dir();
+plan skip_all => "TLSFuzzer is not properly checked out"
+unless (-d srctop_dir("tlsfuzzer") && -d srctop_dir("tlsfuzzer", "tests"));
 
 $ENV{TESTDATADIR} = abs_path(data_dir());
 plan tests => 1;


[openssl] master update

2022-01-05 Thread beldmit
The branch master has been updated
   via  e66c41725f03dae2b295df048312fe6d28729e98 (commit)
   via  db87f89b7393eea395b82050c7fc4e1869ef112e (commit)
   via  cccbb4fa60ca890a0ce6757fcba5669208fffa46 (commit)
  from  0da3b39af3d961486758262ca71d2135d7013048 (commit)


- Log -
commit e66c41725f03dae2b295df048312fe6d28729e98
Author: Dmitry Belyavskiy 
Date:   Thu Dec 23 11:19:07 2021 +0100

Run TLSfuzzer tests for CI

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17340)

commit db87f89b7393eea395b82050c7fc4e1869ef112e
Author: Dmitry Belyavskiy 
Date:   Wed Dec 22 18:13:40 2021 +0100

TLS Fuzzer: initial test infrastructure

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17340)

commit cccbb4fa60ca890a0ce6757fcba5669208fffa46
Author: Dmitry Belyavskiy 
Date:   Wed Dec 22 18:11:21 2021 +0100

TLSfuzzer: submodules

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17340)

---

Summary of changes:
 .github/workflows/ci.yml   |  2 +
 .gitmodules|  9 +++
 python-ecdsa   |  1 +
 test/recipes/95-test_external_tlsfuzzer.t  | 28 +
 .../95-test_external_tlsfuzzer_data/cert.json.in   | 38 +++
 .../tls-fuzzer-cert.sh |  9 +++
 .../95-test_external_tlsfuzzer_data/tlsfuzzer.sh   | 73 ++
 tlsfuzzer  |  1 +
 tlslite-ng |  1 +
 9 files changed, 162 insertions(+)
 create mode 16 python-ecdsa
 create mode 100644 test/recipes/95-test_external_tlsfuzzer.t
 create mode 100644 test/recipes/95-test_external_tlsfuzzer_data/cert.json.in
 create mode 100644 
test/recipes/95-test_external_tlsfuzzer_data/tls-fuzzer-cert.sh
 create mode 100644 test/recipes/95-test_external_tlsfuzzer_data/tlsfuzzer.sh
 create mode 16 tlsfuzzer
 create mode 16 tlslite-ng

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b52b8c15f4..103f4c774f 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -273,6 +273,8 @@ jobs:
   run: make test TESTS="test_external_gost_engine"
 - name: test external krb5
   run: make test TESTS="test_external_krb5"
+- name: test external_tlsfuzzer
+  run: make test TESTS="test_external_tlsfuzzer"
 
   external-test-pyca:
 runs-on: ubuntu-latest
diff --git a/.gitmodules b/.gitmodules
index 35f803a99c..1d4c6c9da7 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -13,3 +13,12 @@
 [submodule "wycheproof"]
path = wycheproof
url = https://github.com/google/wycheproof
+[submodule "tlsfuzzer"]
+   path = tlsfuzzer
+   url = https://github.com/tlsfuzzer/tlsfuzzer
+[submodule "python-ecdsa"]
+   path = python-ecdsa
+   url = https://github.com/tlsfuzzer/python-ecdsa
+[submodule "tlslite-ng"]
+   path = tlslite-ng
+   url = https://github.com/tlsfuzzer/tlslite-ng
diff --git a/python-ecdsa b/python-ecdsa
new file mode 16
index 00..4de8d5bf89
--- /dev/null
+++ b/python-ecdsa
@@ -0,0 +1 @@
+Subproject commit 4de8d5bf89089d1140eb99aa5d7eb2dc8e6337b6
diff --git a/test/recipes/95-test_external_tlsfuzzer.t 
b/test/recipes/95-test_external_tlsfuzzer.t
new file mode 100644
index 00..e506f8007a
--- /dev/null
+++ b/test/recipes/95-test_external_tlsfuzzer.t
@@ -0,0 +1,28 @@
+#! /usr/bin/env perl
+# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+use OpenSSL::Test;
+use OpenSSL::Test::Utils;
+use OpenSSL::Test qw/:DEFAULT data_file data_dir bldtop_dir srctop_dir cmdstr/;
+use Cwd qw(abs_path);
+
+setup("test_external_tlsfuzzer");
+
+plan skip_all => "No external tests in this configuration"
+if disabled("external-tests");
+plan skip_all => "TLSFuzzer tests not available on Windows or VMS"
+if $^O =~ /^(VMS|MSWin32)$/;
+plan skip_all => "TLSFuzzer tests not supported in out of tree builds"
+if bldtop_dir() ne srctop_dir();
+
+$ENV{TESTDATADIR} = abs_path(data_dir());
+plan tests => 1;
+
+ok(run(cmd(["sh", data_file("tls-fuzzer-cert.sh")])),
+   "running TLSFuzzer tests");
diff --git a/test/recipes/95-test_external_tlsfuzzer_data/cert.json.in 
b/test/recipes/95-test_external_tlsfuzzer_data/cert.json.in
new file mode 100644
index 00..1bc20799d9
--- /dev/null
+++ b/test/recipes/95-test_external_tlsfuzzer_data/cert.json.in
@@ -0,0 +1,38 @@
+[
+{"server_command": ["@SERVER@", "s_server", "-www",
+   

[openssl] openssl-3.0 update

2021-12-10 Thread beldmit
The branch openssl-3.0 has been updated
   via  cec27290387fe2b1706131c4840123b1f8bfb34f (commit)
   via  6b7d7dd99cddf733aa5ee91012000ee51a60682e (commit)
  from  7174656d82b724a36948b2ac30a3c6f7e4cc12e4 (commit)


- Log -
commit cec27290387fe2b1706131c4840123b1f8bfb34f
Author: Richard Levitte 
Date:   Mon Dec 6 21:06:06 2021 +0100

Teach OpenSSL::ParseC about OPENSSL_EXPORT and OPENSSL_EXTERN

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17215)

(cherry picked from commit 7a2ad00f3ecffa6be350e9e72992d4ec003f54ae)

commit 6b7d7dd99cddf733aa5ee91012000ee51a60682e
Author: Richard Levitte 
Date:   Mon Dec 6 20:54:17 2021 +0100

Make OSSL_provider_init() OPENSSL_EXPORT, not just extern

On non-Windows systems, there's no difference at all.  On Windows systems,
__declspec(dllexport) is added, which ensures it gets exported no matter
what.

Fixes #17203

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17215)

(cherry picked from commit d977a26ed8ca5066d4d72a6d73f1669c8619f4a1)

---

Summary of changes:
 include/openssl/core.h  | 2 +-
 util/perl/OpenSSL/ParseC.pm | 6 ++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/include/openssl/core.h b/include/openssl/core.h
index 3356ef2088..9683ac70a5 100644
--- a/include/openssl/core.h
+++ b/include/openssl/core.h
@@ -195,7 +195,7 @@ typedef int (OSSL_provider_init_fn)(const OSSL_CORE_HANDLE 
*handle,
 #  pragma names save
 #  pragma names uppercase,truncated
 # endif
-extern OSSL_provider_init_fn OSSL_provider_init;
+OPENSSL_EXPORT OSSL_provider_init_fn OSSL_provider_init;
 # ifdef __VMS
 #  pragma names restore
 # endif
diff --git a/util/perl/OpenSSL/ParseC.pm b/util/perl/OpenSSL/ParseC.pm
index ee127e88c8..e3cfe07827 100644
--- a/util/perl/OpenSSL/ParseC.pm
+++ b/util/perl/OpenSSL/ParseC.pm
@@ -610,6 +610,12 @@ EOF
   },
 },
 
+# OpenSSL's declaration of externs with possible export linkage
+# (really only relevant on Windows)
+{ regexp   => qr/OPENSSL_(?:EXPORT|EXTERN)/,
+  massager => sub { return ("extern"); }
+},
+
 # Spurious stuff found in the OpenSSL headers
 # Usually, these are just macros that expand to, well, something
 { regexp   => qr/__NDK_FPABI__/,


[openssl] master update

2021-12-10 Thread beldmit
The branch master has been updated
   via  7a2ad00f3ecffa6be350e9e72992d4ec003f54ae (commit)
   via  d977a26ed8ca5066d4d72a6d73f1669c8619f4a1 (commit)
  from  2e3b82926a8cdae5a1bfbf3ac47a6012c270391b (commit)


- Log -
commit 7a2ad00f3ecffa6be350e9e72992d4ec003f54ae
Author: Richard Levitte 
Date:   Mon Dec 6 21:06:06 2021 +0100

Teach OpenSSL::ParseC about OPENSSL_EXPORT and OPENSSL_EXTERN

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17215)

commit d977a26ed8ca5066d4d72a6d73f1669c8619f4a1
Author: Richard Levitte 
Date:   Mon Dec 6 20:54:17 2021 +0100

Make OSSL_provider_init() OPENSSL_EXPORT, not just extern

On non-Windows systems, there's no difference at all.  On Windows systems,
__declspec(dllexport) is added, which ensures it gets exported no matter
what.

Fixes #17203

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17215)

---

Summary of changes:
 include/openssl/core.h  | 2 +-
 util/perl/OpenSSL/ParseC.pm | 6 ++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/include/openssl/core.h b/include/openssl/core.h
index 3356ef2088..9683ac70a5 100644
--- a/include/openssl/core.h
+++ b/include/openssl/core.h
@@ -195,7 +195,7 @@ typedef int (OSSL_provider_init_fn)(const OSSL_CORE_HANDLE 
*handle,
 #  pragma names save
 #  pragma names uppercase,truncated
 # endif
-extern OSSL_provider_init_fn OSSL_provider_init;
+OPENSSL_EXPORT OSSL_provider_init_fn OSSL_provider_init;
 # ifdef __VMS
 #  pragma names restore
 # endif
diff --git a/util/perl/OpenSSL/ParseC.pm b/util/perl/OpenSSL/ParseC.pm
index ee127e88c8..e3cfe07827 100644
--- a/util/perl/OpenSSL/ParseC.pm
+++ b/util/perl/OpenSSL/ParseC.pm
@@ -610,6 +610,12 @@ EOF
   },
 },
 
+# OpenSSL's declaration of externs with possible export linkage
+# (really only relevant on Windows)
+{ regexp   => qr/OPENSSL_(?:EXPORT|EXTERN)/,
+  massager => sub { return ("extern"); }
+},
+
 # Spurious stuff found in the OpenSSL headers
 # Usually, these are just macros that expand to, well, something
 { regexp   => qr/__NDK_FPABI__/,


[openssl] master update

2021-12-01 Thread beldmit
The branch master has been updated
   via  07ba69483a7d8005a53284cbde55b9dac8c5c554 (commit)
  from  a632bfaa4ee3339749f7a6a07ab4d0abee4eaaef (commit)


- Log -
commit 07ba69483a7d8005a53284cbde55b9dac8c5c554
Author: Dmitry Belyavskiy 
Date:   Mon Nov 22 10:14:27 2021 +0100

Refactor: a separate func for provider activation from config

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17099)

---

Summary of changes:
 crypto/provider_conf.c | 140 ++---
 1 file changed, 75 insertions(+), 65 deletions(-)

diff --git a/crypto/provider_conf.c b/crypto/provider_conf.c
index c13c887c3d..6a62f0df60 100644
--- a/crypto/provider_conf.c
+++ b/crypto/provider_conf.c
@@ -136,13 +136,86 @@ static int prov_already_activated(const char *name,
 return 0;
 }
 
+static int provider_conf_activate(OSSL_LIB_CTX *libctx, const char *name,
+  const char *value, const char *path,
+  int soft, const CONF *cnf)
+{
+PROVIDER_CONF_GLOBAL *pcgbl
+= ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX,
+_conf_ossl_ctx_method);
+OSSL_PROVIDER *prov = NULL, *actual = NULL;
+int ok = 0;
+
+if (pcgbl == NULL || !CRYPTO_THREAD_write_lock(pcgbl->lock)) {
+ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR);
+return 0;
+}
+if (!prov_already_activated(name, pcgbl->activated_providers)) {
+/*
+* There is an attempt to activate a provider, so we should disable
+* loading of fallbacks. Otherwise a misconfiguration could mean the
+* intended provider does not get loaded. Subsequent fetches could
+* then fallback to the default provider - which may be the wrong
+* thing.
+*/
+if (!ossl_provider_disable_fallback_loading(libctx)) {
+CRYPTO_THREAD_unlock(pcgbl->lock);
+ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR);
+return 0;
+}
+prov = ossl_provider_find(libctx, name, 1);
+if (prov == NULL)
+prov = ossl_provider_new(libctx, name, NULL, 1);
+if (prov == NULL) {
+CRYPTO_THREAD_unlock(pcgbl->lock);
+if (soft)
+ERR_clear_error();
+return 0;
+}
+
+if (path != NULL)
+ossl_provider_set_module_path(prov, path);
+
+ok = provider_conf_params(prov, NULL, NULL, value, cnf);
+
+if (ok) {
+if (!ossl_provider_activate(prov, 1, 0)) {
+ok = 0;
+} else if (!ossl_provider_add_to_store(prov, , 0)) {
+ossl_provider_deactivate(prov, 1);
+ok = 0;
+} else if (actual != prov
+   && !ossl_provider_activate(actual, 1, 0)) {
+ossl_provider_free(actual);
+ok = 0;
+} else {
+if (pcgbl->activated_providers == NULL)
+pcgbl->activated_providers = sk_OSSL_PROVIDER_new_null();
+if (pcgbl->activated_providers == NULL
+|| !sk_OSSL_PROVIDER_push(pcgbl->activated_providers,
+  actual)) {
+ossl_provider_deactivate(actual, 1);
+ossl_provider_free(actual);
+ok = 0;
+} else {
+ok = 1;
+}
+}
+}
+if (!ok)
+ossl_provider_free(prov);
+}
+CRYPTO_THREAD_unlock(pcgbl->lock);
+
+return ok;
+}
+
 static int provider_conf_load(OSSL_LIB_CTX *libctx, const char *name,
   const char *value, const CONF *cnf)
 {
 int i;
 STACK_OF(CONF_VALUE) *ecmds;
 int soft = 0;
-OSSL_PROVIDER *prov = NULL, *actual = NULL;
 const char *path = NULL;
 long activate = 0;
 int ok = 0;
@@ -182,70 +255,7 @@ static int provider_conf_load(OSSL_LIB_CTX *libctx, const 
char *name,
 }
 
 if (activate) {
-PROVIDER_CONF_GLOBAL *pcgbl
-= ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX,
-_conf_ossl_ctx_method);
-
-if (pcgbl == NULL || !CRYPTO_THREAD_write_lock(pcgbl->lock)) {
-ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR);
-return 0;
-}
-if (!prov_already_activated(name, pcgbl->activated_providers)) {
-/*
-* There is an attempt to activate a provider, so we should disable
-* loading of fallbacks. Otherwise a misconfiguration could mean the
-* intended provider does not get loaded. Subsequent fetches could
-* then fallback to the 

[openssl] OpenSSL_1_1_1-stable update

2021-12-01 Thread beldmit
The branch OpenSSL_1_1_1-stable has been updated
   via  76eb12aa278cb30a495bcee3fdc176d0a6c35052 (commit)
  from  162bd56e99b2e73cfdc6777acb3f1b3dafccc9ba (commit)


- Log -
commit 76eb12aa278cb30a495bcee3fdc176d0a6c35052
Author: Dmitry Belyavskiy 
Date:   Mon Nov 29 16:37:32 2021 +0100

No EtM for GOST ciphers

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17158)

---

Summary of changes:
 ssl/statem/extensions_clnt.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 621fcfa561..9d38ac23b5 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1741,7 +1741,9 @@ int tls_parse_stoc_etm(SSL *s, PACKET *pkt, unsigned int 
context, X509 *x,
 /* Ignore if inappropriate ciphersuite */
 if (!(s->options & SSL_OP_NO_ENCRYPT_THEN_MAC)
 && s->s3->tmp.new_cipher->algorithm_mac != SSL_AEAD
-&& s->s3->tmp.new_cipher->algorithm_enc != SSL_RC4)
+&& s->s3->tmp.new_cipher->algorithm_enc != SSL_RC4
+&& s->s3->tmp.new_cipher->algorithm_enc != SSL_eGOST2814789CNT
+&& s->s3->tmp.new_cipher->algorithm_enc != SSL_eGOST2814789CNT12)
 s->ext.use_etm = 1;
 
 return 1;


[openssl] openssl-3.0 update

2021-11-30 Thread beldmit
The branch openssl-3.0 has been updated
   via  0c9afd6918dfe5e818b3545ede88011adeb6e76b (commit)
  from  09e1818a54cad2d348138427234660fcabae793e (commit)


- Log -
commit 0c9afd6918dfe5e818b3545ede88011adeb6e76b
Author: Dmitry Belyavskiy 
Date:   Tue Nov 23 15:18:52 2021 +0100

More detailed explanation how do engines work in 3.0

Related: #16868, #17081, #17107

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17115)

(cherry picked from commit 29a27cb2c5c1757831f42117871f8c59058343a9)

---

Summary of changes:
 doc/man7/migration_guide.pod | 15 +++
 1 file changed, 15 insertions(+)

diff --git a/doc/man7/migration_guide.pod b/doc/man7/migration_guide.pod
index 627173f180..67e102fa4c 100644
--- a/doc/man7/migration_guide.pod
+++ b/doc/man7/migration_guide.pod
@@ -121,6 +121,21 @@ FIPS module, as detailed below. Authors and maintainers of 
external engines are
 strongly encouraged to refactor their code transforming engines into providers
 using the new Provider API and avoiding deprecated methods.
 
+=head3 Support of legacy engines
+
+If openssl is not built without engine support or deprecated API support, 
engines
+will still work. However, their applicability will be limited.
+
+New algorithms provided via engines will still work.
+
+Engine-backed keys can be loaded via custom B implementation.
+In this case the B objects created via L
+will be concidered legacy and will continue to work.
+
+To ensure the future compatibility, the engines should be turned to providers.
+To prefer the provider-based hardware offload, you can specify the default
+properties to prefer your provider.
+
 =head3 Versioning Scheme
 
 The OpenSSL versioning scheme has changed with the OpenSSL 3.0 release. The new


[openssl] master update

2021-11-30 Thread beldmit
The branch master has been updated
   via  29a27cb2c5c1757831f42117871f8c59058343a9 (commit)
  from  d724da69389196cdb9ef8db036656882fbc5a6ab (commit)


- Log -
commit 29a27cb2c5c1757831f42117871f8c59058343a9
Author: Dmitry Belyavskiy 
Date:   Tue Nov 23 15:18:52 2021 +0100

More detailed explanation how do engines work in 3.0

Related: #16868, #17081, #17107

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17115)

---

Summary of changes:
 doc/man7/migration_guide.pod | 15 +++
 1 file changed, 15 insertions(+)

diff --git a/doc/man7/migration_guide.pod b/doc/man7/migration_guide.pod
index 627173f180..67e102fa4c 100644
--- a/doc/man7/migration_guide.pod
+++ b/doc/man7/migration_guide.pod
@@ -121,6 +121,21 @@ FIPS module, as detailed below. Authors and maintainers of 
external engines are
 strongly encouraged to refactor their code transforming engines into providers
 using the new Provider API and avoiding deprecated methods.
 
+=head3 Support of legacy engines
+
+If openssl is not built without engine support or deprecated API support, 
engines
+will still work. However, their applicability will be limited.
+
+New algorithms provided via engines will still work.
+
+Engine-backed keys can be loaded via custom B implementation.
+In this case the B objects created via L
+will be concidered legacy and will continue to work.
+
+To ensure the future compatibility, the engines should be turned to providers.
+To prefer the provider-based hardware offload, you can specify the default
+properties to prefer your provider.
+
 =head3 Versioning Scheme
 
 The OpenSSL versioning scheme has changed with the OpenSSL 3.0 release. The new


[openssl] openssl-3.0 update

2021-11-29 Thread beldmit
The branch openssl-3.0 has been updated
   via  09e1818a54cad2d348138427234660fcabae793e (commit)
  from  91b749a2726351aa5fb37db7064a9104df074c9b (commit)


- Log -
commit 09e1818a54cad2d348138427234660fcabae793e
Author: Dmitry Belyavskiy 
Date:   Sun Nov 28 10:21:21 2021 +0100

No EtM for GOST ciphers in TLS 1.2

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17150)

(cherry picked from commit d724da69389196cdb9ef8db036656882fbc5a6ab)

---

Summary of changes:
 ssl/statem/extensions_clnt.c | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index b38c9ca684..4cd7affe23 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1678,7 +1678,11 @@ int tls_parse_stoc_etm(SSL *s, PACKET *pkt, unsigned int 
context, X509 *x,
 /* Ignore if inappropriate ciphersuite */
 if (!(s->options & SSL_OP_NO_ENCRYPT_THEN_MAC)
 && s->s3.tmp.new_cipher->algorithm_mac != SSL_AEAD
-&& s->s3.tmp.new_cipher->algorithm_enc != SSL_RC4)
+&& s->s3.tmp.new_cipher->algorithm_enc != SSL_RC4
+&& s->s3.tmp.new_cipher->algorithm_enc != SSL_eGOST2814789CNT
+&& s->s3.tmp.new_cipher->algorithm_enc != SSL_eGOST2814789CNT12
+&& s->s3.tmp.new_cipher->algorithm_enc != SSL_MAGMA
+&& s->s3.tmp.new_cipher->algorithm_enc != SSL_KUZNYECHIK)
 s->ext.use_etm = 1;
 
 return 1;


[openssl] master update

2021-11-29 Thread beldmit
The branch master has been updated
   via  d724da69389196cdb9ef8db036656882fbc5a6ab (commit)
  from  bc42cf51c8b2a22282bb3cdf6303e230dc7b7873 (commit)


- Log -
commit d724da69389196cdb9ef8db036656882fbc5a6ab
Author: Dmitry Belyavskiy 
Date:   Sun Nov 28 10:21:21 2021 +0100

No EtM for GOST ciphers in TLS 1.2

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17150)

---

Summary of changes:
 ssl/statem/extensions_clnt.c | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index d6d4e55ce7..c5de5ca5ba 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1695,7 +1695,11 @@ int tls_parse_stoc_etm(SSL *s, PACKET *pkt, unsigned int 
context, X509 *x,
 /* Ignore if inappropriate ciphersuite */
 if (!(s->options & SSL_OP_NO_ENCRYPT_THEN_MAC)
 && s->s3.tmp.new_cipher->algorithm_mac != SSL_AEAD
-&& s->s3.tmp.new_cipher->algorithm_enc != SSL_RC4)
+&& s->s3.tmp.new_cipher->algorithm_enc != SSL_RC4
+&& s->s3.tmp.new_cipher->algorithm_enc != SSL_eGOST2814789CNT
+&& s->s3.tmp.new_cipher->algorithm_enc != SSL_eGOST2814789CNT12
+&& s->s3.tmp.new_cipher->algorithm_enc != SSL_MAGMA
+&& s->s3.tmp.new_cipher->algorithm_enc != SSL_KUZNYECHIK)
 s->ext.use_etm = 1;
 
 return 1;


[openssl] master update

2021-10-09 Thread beldmit
The branch master has been updated
   via  518ce65d93692ecd4c004b96b47d58da8e5922ea (commit)
   via  a4c4090c21058a75e8bf1ffcc469b6d9755c55ce (commit)
   via  61cab65029e787d59d3f3138e0160adb8df85f99 (commit)
   via  b3a33dac8880b88038083b64d234506659921436 (commit)
  from  78de5a94d8e2b0a27ae026de29c195e944a49c6d (commit)


- Log -
commit 518ce65d93692ecd4c004b96b47d58da8e5922ea
Author: Matt Caswell 
Date:   Fri Oct 8 13:45:51 2021 +0100

Update gost-engine to the latest version

Update the gost-engine submodule to pick up the latest version
including fixes for the default security level of 2.

Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16760)

commit a4c4090c21058a75e8bf1ffcc469b6d9755c55ce
Author: Matt Caswell 
Date:   Wed Oct 6 15:08:43 2021 +0100

Update document for default security level change

Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16760)

commit 61cab65029e787d59d3f3138e0160adb8df85f99
Author: Matt Caswell 
Date:   Tue Oct 5 17:30:09 2021 +0100

Fix tests for new default security level

Fix tests that were expecting a default security level of 1 to work with
the new default of 2.

Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16760)

commit b3a33dac8880b88038083b64d234506659921436
Author: Matt Caswell 
Date:   Tue Oct 5 17:29:35 2021 +0100

Increase the default security level to 2

OTC voted to increase the security level from 1 to 2

Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16760)

---

Summary of changes:
 CHANGES.md  |   9 ++
 doc/man3/SSL_CTX_set_security_level.pod |   8 +-
 gost-engine |   2 +-
 include/openssl/tls1.h  |   2 +-
 test/ssl-tests/12-ct.cnf|  24 ++--
 test/ssl-tests/12-ct.cnf.in |  18 ++-
 test/ssl-tests/14-curves.cnf| 220 
 test/ssl-tests/14-curves.cnf.in |   9 +-
 test/ssl-tests/22-compression.cnf   |  32 ++---
 test/ssl-tests/22-compression.cnf.in|  16 +++
 test/sslapitest.c   |  24 +++-
 11 files changed, 207 insertions(+), 157 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index 963289ca09..4902332206 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -24,6 +24,15 @@ OpenSSL 3.1
 
 ### Changes between 3.0 and 3.1 [xx XXX ]
 
+ * The default SSL/TLS security level has been changed from 1 to 2. RSA,
+   DSA and DH keys of 1024 bits and above and less than 2048 bits and ECC keys
+   of 160 bits and above and less than 224 bits were previously accepted by
+   default but are now no longer allowed. By default TLS compression was
+   already disabled in previous OpenSSL versions. At security level 2 it cannot
+   be enabled.
+
+   *Matt Caswell*
+
  * The SSL_CTX_set_cipher_list family functions now accept ciphers using their
IANA standard names.
 
diff --git a/doc/man3/SSL_CTX_set_security_level.pod 
b/doc/man3/SSL_CTX_set_security_level.pod
index d9965572c8..85dae713f0 100644
--- a/doc/man3/SSL_CTX_set_security_level.pod
+++ b/doc/man3/SSL_CTX_set_security_level.pod
@@ -75,10 +75,8 @@ OpenSSL.
 The security level corresponds to a minimum of 80 bits of security. Any
 parameters offering below 80 bits of security are excluded. As a result RSA,
 DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits
-are prohibited. All export cipher suites are prohibited since they all offer
-less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite
-using MD5 for the MAC is also prohibited. Any cipher suites using CCM with
-a 64 bit authentication tag are prohibited.
+are prohibited. Any cipher suite using MD5 for the MAC is also prohibited. Any
+cipher suites using CCM with a 64 bit authentication tag are prohibited.
 
 =item B
 
@@ -116,7 +114,7 @@ I
 =head1 NOTES
 
 The default security level can be configured when OpenSSL is compiled by
-setting B<-DOPENSSL_TLS_SECURITY_LEVEL=level>. If not set then 1 is used.
+setting B<-DOPENSSL_TLS_SECURITY_LEVEL=level>. If not set then 2 is used.
 
 The security framework disables or reject parameters inconsistent with the
 set security level. In the past this was difficult as applications had to set
diff --git a/gost-engine b/gost-engine
index 9869058423..a6014f3569 16
--- a/gost-engine
+++ b/gost-engine
@@ -1 +1 @@
-Subproject commit 986905842330e4a54e61334eb508fe3147c43e38
+Subproject commit a6014f3569ca1819b6d3060124f8cdc5125f074e
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
index d6e9331fa1..7be6d473f8 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -28,7 +28,7 @@ extern "C" {
 
 

[openssl] OpenSSL_1_1_1-stable update

2021-10-09 Thread beldmit
The branch OpenSSL_1_1_1-stable has been updated
   via  a653e037ef0236ea9cd84ec4c94f0bb94aca56ab (commit)
  from  14357a51130510d87fe5f31e45baaf70bd5c9027 (commit)


- Log -
commit a653e037ef0236ea9cd84ec4c94f0bb94aca56ab
Author: Dmitry Belyavskiy 
Date:   Thu Oct 7 19:14:50 2021 +0200

Bindhost/bindport should be freed

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16775)

(cherry picked from commit 0ce0c455862ed29bd7f2acdbddbe8d0b1783c1c9)

---

Summary of changes:
 apps/s_client.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/apps/s_client.c b/apps/s_client.c
index 83b3fc9c7f..fe34487787 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -3151,6 +3151,8 @@ int s_client_main(int argc, char **argv)
 #endif
 OPENSSL_free(connectstr);
 OPENSSL_free(bindstr);
+OPENSSL_free(bindhost);
+OPENSSL_free(bindport);
 OPENSSL_free(host);
 OPENSSL_free(port);
 X509_VERIFY_PARAM_free(vpm);


[openssl] openssl-3.0 update

2021-10-09 Thread beldmit
The branch openssl-3.0 has been updated
   via  cc51b5d641b098b0188e04f7f8bb3b33b1aa465e (commit)
  from  4c09066ca62130c3a80365b1f94ade6c32b5d13b (commit)


- Log -
commit cc51b5d641b098b0188e04f7f8bb3b33b1aa465e
Author: Dmitry Belyavskiy 
Date:   Thu Oct 7 19:14:50 2021 +0200

Bindhost/bindport should be freed

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16775)

(cherry picked from commit 0ce0c455862ed29bd7f2acdbddbe8d0b1783c1c9)

---

Summary of changes:
 apps/s_client.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/apps/s_client.c b/apps/s_client.c
index 3b9be0e8c2..9ae2e22c1e 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -3040,6 +3040,8 @@ int s_client_main(int argc, char **argv)
 #endif
 OPENSSL_free(connectstr);
 OPENSSL_free(bindstr);
+OPENSSL_free(bindhost);
+OPENSSL_free(bindport);
 OPENSSL_free(host);
 OPENSSL_free(port);
 OPENSSL_free(thost);


[openssl] master update

2021-10-09 Thread beldmit
The branch master has been updated
   via  0ce0c455862ed29bd7f2acdbddbe8d0b1783c1c9 (commit)
  from  59a3e7b29574ff45f62e825f6e9923f45060f142 (commit)


- Log -
commit 0ce0c455862ed29bd7f2acdbddbe8d0b1783c1c9
Author: Dmitry Belyavskiy 
Date:   Thu Oct 7 19:14:50 2021 +0200

Bindhost/bindport should be freed

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16775)

---

Summary of changes:
 apps/s_client.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/apps/s_client.c b/apps/s_client.c
index 6ccb7a42d0..760d2de550 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -3056,6 +3056,8 @@ int s_client_main(int argc, char **argv)
 #endif
 OPENSSL_free(connectstr);
 OPENSSL_free(bindstr);
+OPENSSL_free(bindhost);
+OPENSSL_free(bindport);
 OPENSSL_free(host);
 OPENSSL_free(port);
 OPENSSL_free(thost);


[openssl] master update

2021-10-06 Thread beldmit
The branch master has been updated
   via  59cd0bc1364b5ea817af7f6d36df89c93610cdb5 (commit)
  from  a596d38a8cddca4af3416b2664e120028d96e6a9 (commit)


- Log -
commit 59cd0bc1364b5ea817af7f6d36df89c93610cdb5
Author: Dmitry Belyavskiy 
Date:   Sun Oct 3 20:20:23 2021 +0200

Fix for the dasync engine

Fixes: #16724
Fixes: #16735

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/16734)

---

Summary of changes:
 engines/e_dasync.c | 18 +++---
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/engines/e_dasync.c b/engines/e_dasync.c
index e2e587d839..b775d59a2c 100644
--- a/engines/e_dasync.c
+++ b/engines/e_dasync.c
@@ -211,7 +211,8 @@ static int bind_dasync(ENGINE *e)
 /* Setup RSA */
 ;
 if ((dasync_rsa_orig = EVP_PKEY_meth_find(EVP_PKEY_RSA)) == NULL
-|| (dasync_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0)) == NULL)
+|| (dasync_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA,
+   EVP_PKEY_FLAG_AUTOARGLEN)) == NULL)
 return 0;
 EVP_PKEY_meth_set_init(dasync_rsa, dasync_rsa_init);
 EVP_PKEY_meth_set_cleanup(dasync_rsa, dasync_rsa_cleanup);
@@ -312,7 +313,10 @@ static int bind_dasync(ENGINE *e)
 
 static void destroy_pkey(void)
 {
-EVP_PKEY_meth_free(dasync_rsa);
+/*
+ * We don't actually need to free the dasync_rsa method since this is
+ * automatically freed for us by libcrypto.
+ */
 dasync_rsa_orig = NULL;
 dasync_rsa = NULL;
 }
@@ -829,7 +833,7 @@ static int dasync_rsa_paramgen_init(EVP_PKEY_CTX *ctx)
 
 if (pparamgen_init == NULL)
 EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, _init, NULL);
-return pparamgen_init(ctx);
+return pparamgen_init != NULL ? pparamgen_init(ctx) : 1;
 }
 
 static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
@@ -838,7 +842,7 @@ static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY 
*pkey)
 
 if (pparamgen == NULL)
 EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, NULL, );
-return pparamgen(ctx, pkey);
+return pparamgen != NULL ? pparamgen(ctx, pkey) : 1;
 }
 
 static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx)
@@ -847,7 +851,7 @@ static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx)
 
 if (pkeygen_init == NULL)
 EVP_PKEY_meth_get_keygen(dasync_rsa_orig, _init, NULL);
-return pkeygen_init(ctx);
+return pkeygen_init != NULL ? pkeygen_init(ctx) : 1;
 }
 
 static int dasync_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
@@ -865,7 +869,7 @@ static int dasync_rsa_encrypt_init(EVP_PKEY_CTX *ctx)
 
 if (pencrypt_init == NULL)
 EVP_PKEY_meth_get_encrypt(dasync_rsa_orig, _init, NULL);
-return pencrypt_init(ctx);
+return pencrypt_init != NULL ? pencrypt_init(ctx) : 1;
 }
 
 static int dasync_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
@@ -887,7 +891,7 @@ static int dasync_rsa_decrypt_init(EVP_PKEY_CTX *ctx)
 
 if (pdecrypt_init == NULL)
 EVP_PKEY_meth_get_decrypt(dasync_rsa_orig, _init, NULL);
-return pdecrypt_init(ctx);
+return pdecrypt_init != NULL ? pdecrypt_init(ctx) : 1;
 }
 
 static int dasync_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,


[openssl] openssl-3.0 update

2021-10-06 Thread beldmit
The branch openssl-3.0 has been updated
   via  d62c5d6be13cca99fa94e780e55a1c63445ad9cd (commit)
  from  7b4fccc8a53b6befc9dc1aa4204a87cf5050747c (commit)


- Log -
commit d62c5d6be13cca99fa94e780e55a1c63445ad9cd
Author: Dmitry Belyavskiy 
Date:   Sun Oct 3 20:20:23 2021 +0200

Fix for the dasync engine

Fixes: #16724
Fixes: #16735

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/16734)

(cherry picked from commit 59cd0bc1364b5ea817af7f6d36df89c93610cdb5)

---

Summary of changes:
 engines/e_dasync.c | 18 +++---
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/engines/e_dasync.c b/engines/e_dasync.c
index e2e587d839..b775d59a2c 100644
--- a/engines/e_dasync.c
+++ b/engines/e_dasync.c
@@ -211,7 +211,8 @@ static int bind_dasync(ENGINE *e)
 /* Setup RSA */
 ;
 if ((dasync_rsa_orig = EVP_PKEY_meth_find(EVP_PKEY_RSA)) == NULL
-|| (dasync_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0)) == NULL)
+|| (dasync_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA,
+   EVP_PKEY_FLAG_AUTOARGLEN)) == NULL)
 return 0;
 EVP_PKEY_meth_set_init(dasync_rsa, dasync_rsa_init);
 EVP_PKEY_meth_set_cleanup(dasync_rsa, dasync_rsa_cleanup);
@@ -312,7 +313,10 @@ static int bind_dasync(ENGINE *e)
 
 static void destroy_pkey(void)
 {
-EVP_PKEY_meth_free(dasync_rsa);
+/*
+ * We don't actually need to free the dasync_rsa method since this is
+ * automatically freed for us by libcrypto.
+ */
 dasync_rsa_orig = NULL;
 dasync_rsa = NULL;
 }
@@ -829,7 +833,7 @@ static int dasync_rsa_paramgen_init(EVP_PKEY_CTX *ctx)
 
 if (pparamgen_init == NULL)
 EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, _init, NULL);
-return pparamgen_init(ctx);
+return pparamgen_init != NULL ? pparamgen_init(ctx) : 1;
 }
 
 static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
@@ -838,7 +842,7 @@ static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY 
*pkey)
 
 if (pparamgen == NULL)
 EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, NULL, );
-return pparamgen(ctx, pkey);
+return pparamgen != NULL ? pparamgen(ctx, pkey) : 1;
 }
 
 static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx)
@@ -847,7 +851,7 @@ static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx)
 
 if (pkeygen_init == NULL)
 EVP_PKEY_meth_get_keygen(dasync_rsa_orig, _init, NULL);
-return pkeygen_init(ctx);
+return pkeygen_init != NULL ? pkeygen_init(ctx) : 1;
 }
 
 static int dasync_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
@@ -865,7 +869,7 @@ static int dasync_rsa_encrypt_init(EVP_PKEY_CTX *ctx)
 
 if (pencrypt_init == NULL)
 EVP_PKEY_meth_get_encrypt(dasync_rsa_orig, _init, NULL);
-return pencrypt_init(ctx);
+return pencrypt_init != NULL ? pencrypt_init(ctx) : 1;
 }
 
 static int dasync_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
@@ -887,7 +891,7 @@ static int dasync_rsa_decrypt_init(EVP_PKEY_CTX *ctx)
 
 if (pdecrypt_init == NULL)
 EVP_PKEY_meth_get_decrypt(dasync_rsa_orig, _init, NULL);
-return pdecrypt_init(ctx);
+return pdecrypt_init != NULL ? pdecrypt_init(ctx) : 1;
 }
 
 static int dasync_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,


[openssl] openssl-3.0 update

2021-09-24 Thread beldmit
The branch openssl-3.0 has been updated
   via  5b896265e7305f85f3b14283869393c255ab401e (commit)
  from  f8543a08ffe18485b2e1361d4f496d33d6e6f35e (commit)


- Log -
commit 5b896265e7305f85f3b14283869393c255ab401e
Author: Dmitry Belyavskiy 
Date:   Wed Sep 22 16:40:13 2021 +0200

FIPS and KTLS may interfere

New Linux kernels (>= 5.11) enable KTLS CHACHA which is not
FIPS-suitable.

Fixes #16657

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/16658)

(cherry picked from commit a5d8a2f8f10b83e5afb297698fe72cee77b1837f)

---

Summary of changes:
 .github/workflows/ci.yml | 13 +
 test/sslapitest.c| 10 ++
 2 files changed, 23 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index c7a344c529..b52b8c15f4 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -179,6 +179,19 @@ jobs:
 - name: make test
   run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
 
+  fips_and_ktls:
+runs-on: ubuntu-latest
+steps:
+- uses: actions/checkout@v2
+- name: modprobe tls
+  run: sudo modprobe tls
+- name: config
+  run: ./config --banner=Configured --strict-warnings enable-ktls 
enable-fips && perl configdata.pm --dump
+- name: make
+  run: make -s -j4
+- name: make test
+  run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
+
   no-legacy:
 runs-on: ubuntu-latest
 steps:
diff --git a/test/sslapitest.c b/test/sslapitest.c
index e95d2657f4..7af0eab3fc 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -1158,6 +1158,11 @@ static int execute_test_ktls(int cis_ktls, int sis_ktls,
 goto end;
 }
 
+if (is_fips && strstr(cipher, "CHACHA") != NULL) {
+testresult = TEST_skip("CHACHA is not supported in FIPS");
+goto end;
+}
+
 /* Create a session based on SHA-256 */
 if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
TLS_client_method(),
@@ -1292,6 +1297,11 @@ static int execute_test_ktls_sendfile(int tls_version, 
const char *cipher)
 goto end;
 }
 
+if (is_fips && strstr(cipher, "CHACHA") != NULL) {
+testresult = TEST_skip("CHACHA is not supported in FIPS");
+goto end;
+}
+
 /* Create a session based on SHA-256 */
 if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
TLS_client_method(),


[openssl] master update

2021-09-24 Thread beldmit
The branch master has been updated
   via  a5d8a2f8f10b83e5afb297698fe72cee77b1837f (commit)
  from  aa58071e4b8b245db1564f476731c978738e7e98 (commit)


- Log -
commit a5d8a2f8f10b83e5afb297698fe72cee77b1837f
Author: Dmitry Belyavskiy 
Date:   Wed Sep 22 16:40:13 2021 +0200

FIPS and KTLS may interfere

New Linux kernels (>= 5.11) enable KTLS CHACHA which is not
FIPS-suitable.

Fixes #16657

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/16658)

---

Summary of changes:
 .github/workflows/ci.yml | 13 +
 test/sslapitest.c| 10 ++
 2 files changed, 23 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index c7a344c529..b52b8c15f4 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -179,6 +179,19 @@ jobs:
 - name: make test
   run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
 
+  fips_and_ktls:
+runs-on: ubuntu-latest
+steps:
+- uses: actions/checkout@v2
+- name: modprobe tls
+  run: sudo modprobe tls
+- name: config
+  run: ./config --banner=Configured --strict-warnings enable-ktls 
enable-fips && perl configdata.pm --dump
+- name: make
+  run: make -s -j4
+- name: make test
+  run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
+
   no-legacy:
 runs-on: ubuntu-latest
 steps:
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 1337698e0d..25dc61b876 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -1158,6 +1158,11 @@ static int execute_test_ktls(int cis_ktls, int sis_ktls,
 goto end;
 }
 
+if (is_fips && strstr(cipher, "CHACHA") != NULL) {
+testresult = TEST_skip("CHACHA is not supported in FIPS");
+goto end;
+}
+
 /* Create a session based on SHA-256 */
 if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
TLS_client_method(),
@@ -1292,6 +1297,11 @@ static int execute_test_ktls_sendfile(int tls_version, 
const char *cipher)
 goto end;
 }
 
+if (is_fips && strstr(cipher, "CHACHA") != NULL) {
+testresult = TEST_skip("CHACHA is not supported in FIPS");
+goto end;
+}
+
 /* Create a session based on SHA-256 */
 if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
TLS_client_method(),


[openssl] openssl-3.0 update

2021-09-24 Thread beldmit
The branch openssl-3.0 has been updated
   via  f8543a08ffe18485b2e1361d4f496d33d6e6f35e (commit)
  from  b3242ca622ef3da34ebb7b78b1f82cd5f0b516e7 (commit)


- Log -
commit f8543a08ffe18485b2e1361d4f496d33d6e6f35e
Author: Dominic Letz 
Date:   Wed Sep 22 18:03:28 2021 +0200

Update 15-ios.conf

CLA: trivial

I assume this has been an error in the initial ios conf file. In order to 
build for ios the shared engine library, needs to be disabled because iOS 
doesn't have the concept of shared libraries. But instead of only disabling 
`dynamic-engine` (or like in this commit disabled the `shared`) option the 
previous config did disable `engine` and with that the `static-engine` 
compilation as well. This restores the `static-engine` option being enabled by 
default, but keeping compilation going on iOS.

Cheers!

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16659)

(cherry picked from commit aa58071e4b8b245db1564f476731c978738e7e98)

---

Summary of changes:
 Configurations/15-ios.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Configurations/15-ios.conf b/Configurations/15-ios.conf
index 4b5aeecc28..54d37f63f4 100644
--- a/Configurations/15-ios.conf
+++ b/Configurations/15-ios.conf
@@ -10,7 +10,7 @@ my %targets = (
 template => 1,
 inherit_from => [ "darwin-common" ],
 sys_id   => "iOS",
-disable  => [ "engine", "async" ],
+disable  => [ "shared", "async" ],
 },
 "ios-xcrun" => {
 inherit_from => [ "ios-common" ],


[openssl] master update

2021-09-24 Thread beldmit
The branch master has been updated
   via  aa58071e4b8b245db1564f476731c978738e7e98 (commit)
  from  e07102220afe4059bc45aa3d7073b7678329e26e (commit)


- Log -
commit aa58071e4b8b245db1564f476731c978738e7e98
Author: Dominic Letz 
Date:   Wed Sep 22 18:03:28 2021 +0200

Update 15-ios.conf

CLA: trivial

I assume this has been an error in the initial ios conf file. In order to 
build for ios the shared engine library, needs to be disabled because iOS 
doesn't have the concept of shared libraries. But instead of only disabling 
`dynamic-engine` (or like in this commit disabled the `shared`) option the 
previous config did disable `engine` and with that the `static-engine` 
compilation as well. This restores the `static-engine` option being enabled by 
default, but keeping compilation going on iOS.

Cheers!

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16659)

---

Summary of changes:
 Configurations/15-ios.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Configurations/15-ios.conf b/Configurations/15-ios.conf
index 4b5aeecc28..54d37f63f4 100644
--- a/Configurations/15-ios.conf
+++ b/Configurations/15-ios.conf
@@ -10,7 +10,7 @@ my %targets = (
 template => 1,
 inherit_from => [ "darwin-common" ],
 sys_id   => "iOS",
-disable  => [ "engine", "async" ],
+disable  => [ "shared", "async" ],
 },
 "ios-xcrun" => {
 inherit_from => [ "ios-common" ],


[openssl] openssl-3.0 update

2021-09-21 Thread beldmit
The branch openssl-3.0 has been updated
   via  c84f7c4c22828574885916479885ede6b32ba473 (commit)
  from  5a05c0d05233051f7af736e4f906b99f42212526 (commit)


- Log -
commit c84f7c4c22828574885916479885ede6b32ba473
Author: Dmitry Belyavskiy 
Date:   Mon Sep 20 16:35:10 2021 +0200

Avoid double-free on unsuccessful getting PRNG seeding

Fixes #16631

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16636)

(cherry picked from commit 52dcc011191ad1a40fd52ae92ef009309deaca52)

---

Summary of changes:
 providers/implementations/rands/seed_src.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/providers/implementations/rands/seed_src.c 
b/providers/implementations/rands/seed_src.c
index 173c99ce17..7a4b780bb4 100644
--- a/providers/implementations/rands/seed_src.c
+++ b/providers/implementations/rands/seed_src.c
@@ -201,10 +201,11 @@ static size_t seed_get_seed(void *vseed, unsigned char 
**pout,
 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
 return 0;
 }
-*pout = p;
 if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance,
-  adin, adin_len) != 0)
+  adin, adin_len) != 0) {
+*pout = p;
 return bytes_needed;
+}
 OPENSSL_secure_clear_free(p, bytes_needed);
 return 0;
 }


[openssl] master update

2021-09-21 Thread beldmit
The branch master has been updated
   via  52dcc011191ad1a40fd52ae92ef009309deaca52 (commit)
  from  6923d261b819cdd5d9e0a72337da6d6a92cef2a2 (commit)


- Log -
commit 52dcc011191ad1a40fd52ae92ef009309deaca52
Author: Dmitry Belyavskiy 
Date:   Mon Sep 20 16:35:10 2021 +0200

Avoid double-free on unsuccessful getting PRNG seeding

Fixes #16631

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16636)

---

Summary of changes:
 providers/implementations/rands/seed_src.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/providers/implementations/rands/seed_src.c 
b/providers/implementations/rands/seed_src.c
index 173c99ce17..7a4b780bb4 100644
--- a/providers/implementations/rands/seed_src.c
+++ b/providers/implementations/rands/seed_src.c
@@ -201,10 +201,11 @@ static size_t seed_get_seed(void *vseed, unsigned char 
**pout,
 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
 return 0;
 }
-*pout = p;
 if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance,
-  adin, adin_len) != 0)
+  adin, adin_len) != 0) {
+*pout = p;
 return bytes_needed;
+}
 OPENSSL_secure_clear_free(p, bytes_needed);
 return 0;
 }


[openssl] master update

2021-09-21 Thread beldmit
The branch master has been updated
   via  6923d261b819cdd5d9e0a72337da6d6a92cef2a2 (commit)
   via  537976defe0775c016b9dbb36406bee1e96d0edb (commit)
   via  7e399f03829aad161b52b9c433b8d349c5922739 (commit)
   via  7a27bdbdce3d6d6548d5878a30aecc989fcab574 (commit)
   via  86cfd132ffc4f6198cc640a29c293850c0a59914 (commit)
  from  dc18f036f161e1e49e1d001046716c77d1699e70 (commit)


- Log -
commit 6923d261b819cdd5d9e0a72337da6d6a92cef2a2
Author: Dmitry Belyavskiy 
Date:   Fri Sep 17 17:49:39 2021 +0200

Update the default value for the -nameopt option - documentation

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16583)

commit 537976defe0775c016b9dbb36406bee1e96d0edb
Author: Dmitry Belyavskiy 
Date:   Fri Sep 17 17:47:55 2021 +0200

NEWS and CHANGES are updated about switching to utf8

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16583)

commit 7e399f03829aad161b52b9c433b8d349c5922739
Author: Dmitry Belyavskiy 
Date:   Mon Sep 13 19:24:24 2021 +0200

Tests adjustments for default output change

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16583)

commit 7a27bdbdce3d6d6548d5878a30aecc989fcab574
Author: Dmitry Belyavskiy 
Date:   Thu Sep 16 17:47:47 2021 +0200

Update gost-engine to match new default nameopt

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16583)

commit 86cfd132ffc4f6198cc640a29c293850c0a59914
Author: Dmitry Belyavskiy 
Date:   Sat Sep 11 13:56:28 2021 +0200

Use -nameopt utf8 by default

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16583)

---

Summary of changes:
 CHANGES.md   | 5 -
 NEWS.md  | 5 +++--
 apps/lib/apps.c  | 2 +-
 doc/man1/openssl-namedisplay-options.pod | 2 +-
 gost-engine  | 2 +-
 test/recipes/25-test_rusext.t| 6 +-
 test/recipes/80-test_pkcs12.t| 2 +-
 7 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index 58dffb15ef..c9d3825eec 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -24,7 +24,10 @@ OpenSSL 3.1
 
 ### Changes between 3.0 and 3.1 [xx XXX ]
 
- *
+ * Subject or issuer names in X.509 objects are now displayed as UTF-8 strings
+   by default.
+
+   *Dmitry Belyavskiy*
 
 OpenSSL 3.0
 ---
diff --git a/NEWS.md b/NEWS.md
index 7cf0d8a7b7..720cec7330 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -21,12 +21,13 @@ OpenSSL 3.1
 
 ### Major changes between OpenSSL 3.0 and OpenSSL 3.1 [under development]
 
- *
+ * Subject or issuer names in X.509 objects are now displayed as UTF-8 strings
+   by default.
 
 OpenSSL 3.0
 ---
 
-### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0 [under development]
+### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0
 
   * Enhanced 'openssl list' with many new options.
   * Added migration guide to man7.
diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index 43c01401e8..6fe99422b9 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -197,7 +197,7 @@ int set_nameopt(const char *arg)
 
 unsigned long get_nameopt(void)
 {
-return (nmflag_set) ? nmflag : XN_FLAG_ONELINE;
+return (nmflag_set) ? nmflag : XN_FLAG_SEP_CPLUS_SPC | 
ASN1_STRFLGS_UTF8_CONVERT;
 }
 
 void dump_cert_text(BIO *out, X509 *x)
diff --git a/doc/man1/openssl-namedisplay-options.pod 
b/doc/man1/openssl-namedisplay-options.pod
index ff6ed1f4b4..a12f4dbf66 100644
--- a/doc/man1/openssl-namedisplay-options.pod
+++ b/doc/man1/openssl-namedisplay-options.pod
@@ -18,7 +18,7 @@ displayed.
 This is specified by using the B<-nameopt> option, which takes a
 comma-separated list of options from the following set.
 An option may be preceded by a minus sign, C<->, to turn it off.
-The default value is C.
+The default value is C.
 The first four are the most commonly used.
 
 =head1 OPTIONS
diff --git a/gost-engine b/gost-engine
index 62583fb222..9869058423 16
--- a/gost-engine
+++ b/gost-engine
@@ -1 +1 @@
-Subproject commit 62583fb222ec89ff4f6aa3d18b91ed3e64ed5cea
+Subproject commit 986905842330e4a54e61334eb508fe3147c43e38
diff --git a/test/recipes/25-test_rusext.t b/test/recipes/25-test_rusext.t
index 05727f9d04..6c02ed1ba2 100644
--- a/test/recipes/25-test_rusext.t
+++ b/test/recipes/25-test_rusext.t
@@ -16,7 +16,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/;
 
 setup("test_rusext");
 
-plan tests => 5;
+plan tests => 7;
 
 require_ok(srctop_file('test', 'recipes', 'tconversion.pl'));
 my $pem = srctop_file("test/certs", "grfc.pem");
@@ -31,3 +31,7 @@ 

[openssl] OpenSSL_1_1_1-stable update

2021-08-29 Thread beldmit
The branch OpenSSL_1_1_1-stable has been updated
   via  0888183816636f994a3384cde211c88e0d4d1f6a (commit)
  from  dc3520b1ad3e1d70b899210bacc002318ebe276a (commit)


- Log -
commit 0888183816636f994a3384cde211c88e0d4d1f6a
Author: Daniel Krügler 
Date:   Fri Aug 27 18:32:20 2021 +0200

Ensure that _GNU_SOURCE is defined for bss_dgram.c

This fixes the following error with gcc10 under strict ANSI conditions:

.../crypto/bio/bss_dgram.c:373:20: error: 'const struct in6_addr' has no 
member named 's6_addr32'

CLA: trivial
Fixes #16449

Reviewed-by: Bernd Edlinger 
Reviewed-by: Paul Dale 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16451)

(cherry picked from commit e8e1f6d1a9e599d575431f559200018b8f822e0f)

---

Summary of changes:
 crypto/bio/bss_dgram.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
index 942fd8b514..2b2e4d5f88 100644
--- a/crypto/bio/bss_dgram.c
+++ b/crypto/bio/bss_dgram.c
@@ -7,6 +7,10 @@
  * https://www.openssl.org/source/license.html
  */
 
+#ifndef _GNU_SOURCE
+# define _GNU_SOURCE
+#endif
+
 #include 
 #include 
 


[openssl] master update

2021-08-29 Thread beldmit
The branch master has been updated
   via  e8e1f6d1a9e599d575431f559200018b8f822e0f (commit)
  from  d15506874bff1b128b36ceb847d24ac4b8cd4958 (commit)


- Log -
commit e8e1f6d1a9e599d575431f559200018b8f822e0f
Author: Daniel Krügler 
Date:   Fri Aug 27 18:32:20 2021 +0200

Ensure that _GNU_SOURCE is defined for bss_dgram.c

This fixes the following error with gcc10 under strict ANSI conditions:

.../crypto/bio/bss_dgram.c:373:20: error: 'const struct in6_addr' has no 
member named 's6_addr32'

CLA: trivial
Fixes #16449

Reviewed-by: Bernd Edlinger 
Reviewed-by: Paul Dale 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16451)

---

Summary of changes:
 crypto/bio/bss_dgram.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
index c79abe8746..8e7daa1998 100644
--- a/crypto/bio/bss_dgram.c
+++ b/crypto/bio/bss_dgram.c
@@ -7,6 +7,10 @@
  * https://www.openssl.org/source/license.html
  */
 
+#ifndef _GNU_SOURCE
+# define _GNU_SOURCE
+#endif
+
 #include 
 #include 
 


[openssl] master update

2021-08-28 Thread beldmit
The branch master has been updated
   via  d15506874bff1b128b36ceb847d24ac4b8cd4958 (commit)
  from  cce935b23ce2f7942e2ef4368dd93b60e21d3d83 (commit)


- Log -
commit d15506874bff1b128b36ceb847d24ac4b8cd4958
Author: Dmitry Belyavskiy 
Date:   Fri Aug 27 18:03:15 2021 +0200

Adjust the list of default provider's algorithms

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/16448)

---

Summary of changes:
 doc/man7/OSSL_PROVIDER-default.pod | 14 +-
 1 file changed, 1 insertion(+), 13 deletions(-)

diff --git a/doc/man7/OSSL_PROVIDER-default.pod 
b/doc/man7/OSSL_PROVIDER-default.pod
index 88ae3fec9d..14d590cbde 100644
--- a/doc/man7/OSSL_PROVIDER-default.pod
+++ b/doc/man7/OSSL_PROVIDER-default.pod
@@ -81,24 +81,12 @@ The OpenSSL default provider supports these operations and 
algorithms:
 
 =item CAMELLIA, see L
 
-=item DES, see L
-
-=item BF, see L
-
-=item IDEA, see L
-
-=item CAST5, see L
+=item 3DES, see L
 
 =item SEED, see L
 
 =item SM4, see L
 
-=item RC2, see L
-
-=item RC4, see L
-
-=item RC5, see L
-
 =item ChaCha20, see L
 
 =item ChaCha20-Poly1305, see L


[openssl] master update

2021-08-28 Thread beldmit
The branch master has been updated
   via  20b39175b59b5ae83223bbb9f743c73ae822d681 (commit)
  from  5327da81f0c70e35bdd8860af9af351313ca4ae2 (commit)


- Log -
commit 20b39175b59b5ae83223bbb9f743c73ae822d681
Author: Rich Salz 
Date:   Thu Aug 26 16:03:15 2021 -0400

Yet another doc-nits fix

Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16436)

---

Summary of changes:
 doc/man1/openssl-req.pod.in | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/doc/man1/openssl-req.pod.in b/doc/man1/openssl-req.pod.in
index 9926901571..e78b04c65b 100644
--- a/doc/man1/openssl-req.pod.in
+++ b/doc/man1/openssl-req.pod.in
@@ -401,8 +401,7 @@ The options available are described in detail below.
 
 =over 4
 
-=item B
-=item B
+=item B, B
 
 The passwords for the input private key file (if present) and
 the output private key file (if one will be created). The


[openssl] master update

2021-08-25 Thread beldmit
The branch master has been updated
   via  69b920bb134417213adce260e15da3f751922cf4 (commit)
  from  e5f8935c5bdf4677618017f7d907ce1d9e3df6a6 (commit)


- Log -
commit 69b920bb134417213adce260e15da3f751922cf4
Author: Dr. David von Oheimb 
Date:   Tue Aug 24 12:15:41 2021 +0200

CMS app: Fix new -wrap option

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16396)

---

Summary of changes:
 apps/cms.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/cms.c b/apps/cms.c
index b30273f171..76c7896719 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -680,7 +680,7 @@ int cms_main(int argc, char **argv)
 goto end;
 break;
 case OPT_WRAP:
-wrapname = opt_unknown();
+wrapname = opt_arg();
 break;
 case OPT_AES128_WRAP:
 case OPT_AES192_WRAP:


[openssl] master update

2021-08-22 Thread beldmit
The branch master has been updated
   via  f4d8b29a26cc3ee0ef37e2073c192bdbb2b796c4 (commit)
  from  43044ede54da4a4d5bd69e34cfb41ea03d7eb847 (commit)


- Log -
commit f4d8b29a26cc3ee0ef37e2073c192bdbb2b796c4
Author: Dmitry Belyavskiy 
Date:   Fri Aug 20 16:45:15 2021 +0200

Get rid of warn_binary

Current implementation of warn_binary introduces a regression
when the content is passed in /dev/stdin as an explicit file name
and reads the file to be processed twice otherwise.

I suggest to reimplement this functionality after 3.0 if necessary.

Fixes #16359

Reviewed-by: David von Oheimb 
(Merged from https://github.com/openssl/openssl/pull/16367)

---

Summary of changes:
 apps/cms.c | 29 -
 1 file changed, 29 deletions(-)

diff --git a/apps/cms.c b/apps/cms.c
index c22027e3b1..b30273f171 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -272,31 +272,6 @@ static CMS_ContentInfo *load_content_info(int informat, 
BIO *in, int flags,
 return NULL;
 }
 
-static void warn_binary(const char *file)
-{
-BIO *bio;
-unsigned char linebuf[1024], *cur, *end;
-int len;
-
-if (file == NULL)
-return; /* cannot give a warning for stdin input */
-if ((bio = bio_open_default(file, 'r', FORMAT_BINARY)) == NULL)
-return; /* cannot give a proper warning since there is an error */
-while ((len = BIO_read(bio, linebuf, sizeof(linebuf))) > 0) {
-end = linebuf + len;
-for (cur = linebuf; cur < end; cur++) {
-if (*cur == '\0' || *cur >= 0x80) {
-BIO_printf(bio_err, "Warning: input file '%s' contains %s"
-   " character; better use -binary option\n",
-   file, *cur == '\0' ? "NUL" : "8-bit");
-goto end;
-}
-}
-}
- end:
-BIO_free(bio);
-}
-
 int cms_main(int argc, char **argv)
 {
 CONF *conf = NULL;
@@ -911,8 +886,6 @@ int cms_main(int argc, char **argv)
 goto end;
 }
 
-if ((flags & CMS_BINARY) == 0)
-warn_binary(infile);
 in = bio_open_default(infile, 'r',
   binary_files ? FORMAT_BINARY : informat);
 if (in == NULL)
@@ -924,8 +897,6 @@ int cms_main(int argc, char **argv)
 goto end;
 if (contfile != NULL) {
 BIO_free(indata);
-if ((flags & CMS_BINARY) == 0)
-warn_binary(contfile);
 if ((indata = BIO_new_file(contfile, "rb")) == NULL) {
 BIO_printf(bio_err, "Can't read content file %s\n", contfile);
 goto end;


[openssl] master update

2021-08-20 Thread beldmit
The branch master has been updated
   via  43044ede54da4a4d5bd69e34cfb41ea03d7eb847 (commit)
  from  c727cddc9cb4c6c4cfe157727eb5bf7fe9c3fa21 (commit)


- Log -
commit 43044ede54da4a4d5bd69e34cfb41ea03d7eb847
Author: Omair Majid 
Date:   Wed Aug 18 14:57:57 2021 -0400

Fix documentation referring to 'function code'

ERR_GET_FUNC was removed, so remove references to 'function code' as
well from docs.

CLA: trivial

Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16353)

---

Summary of changes:
 doc/man3/ERR_GET_LIB.pod | 13 ++---
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/doc/man3/ERR_GET_LIB.pod b/doc/man3/ERR_GET_LIB.pod
index e388d32de2..f0779548e6 100644
--- a/doc/man3/ERR_GET_LIB.pod
+++ b/doc/man3/ERR_GET_LIB.pod
@@ -18,18 +18,17 @@ ERR_GET_LIB, ERR_GET_REASON, ERR_FATAL_ERROR
 =head1 DESCRIPTION
 
 The error code returned by ERR_get_error() consists of a library
-number, function code and reason code. ERR_GET_LIB()
+number and reason code. ERR_GET_LIB()
 and ERR_GET_REASON() can be used to extract these.
 
 ERR_FATAL_ERROR() indicates whether a given error code is a fatal error.
 
-The library number and function code describe where the error
+The library number describes where the error
 occurred, the reason code is the information about what went wrong.
 
-Each sub-library of OpenSSL has a unique library number; function and
-reason codes are unique within each sub-library.  Note that different
-libraries may use the same value to signal different functions and
-reasons.
+Each sub-library of OpenSSL has a unique library number; the
+reason code is unique within each sub-library.  Note that different
+libraries may use the same value to signal different reasons.
 
 B reason codes such as B are globally
 unique. However, when checking for sub-library specific reason codes,
@@ -39,7 +38,7 @@ ERR_GET_LIB(), ERR_GET_REASON(), and ERR_FATAL_ERROR() are 
macros.
 
 =head1 RETURN VALUES
 
-The library number, function code, reason code, and whether the error
+The library number, reason code, and whether the error
 is fatal, respectively.
 Starting with OpenSSL 3.0.0, the function code is always set to zero.
 


[openssl] master update

2021-08-12 Thread beldmit
The branch master has been updated
   via  a5f4099d275520caf90a28a88e889cb36683b412 (commit)
  from  dbd0244a16ebf577401e92cce374467dbc3226df (commit)


- Log -
commit a5f4099d275520caf90a28a88e889cb36683b412
Author: Dmitry Belyavskiy 
Date:   Tue Aug 10 15:04:37 2021 +0200

Disclaimer about the default provider activation added to config

Fixes #16249

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16280)

---

Summary of changes:
 apps/openssl-vms.cnf | 8 
 apps/openssl.cnf | 8 
 doc/man5/config.pod  | 9 +
 3 files changed, 25 insertions(+)

diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf
index 4d96a1f32d..59c6776a1e 100644
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -60,6 +60,14 @@ default = default_sect
 # included fipsmodule.cnf.
 # fips = fips_sect
 
+# If no providers are activated explicitly, the default one is activated 
implicitly.
+# See man 7 OSSL_PROVIDER-default for more details.
+#
+# If you add a section explicitly activating any other provider(s), you most
+# probably need to explicitly activate the default provider, otherwise it
+# becomes unavailable in openssl.  As a consequence applications depending on
+# OpenSSL may not work correctly which could lead to significant system
+# problems including inability to remotely access the system.
 [default_sect]
 # activate = 1
 
diff --git a/apps/openssl.cnf b/apps/openssl.cnf
index ffb424a871..03330e0120 100644
--- a/apps/openssl.cnf
+++ b/apps/openssl.cnf
@@ -60,6 +60,14 @@ default = default_sect
 # included fipsmodule.cnf.
 # fips = fips_sect
 
+# If no providers are activated explicitly, the default one is activated 
implicitly.
+# See man 7 OSSL_PROVIDER-default for more details.
+#
+# If you add a section explicitly activating any other provider(s), you most
+# probably need to explicitly activate the default provider, otherwise it
+# becomes unavailable in openssl.  As a consequence applications depending on
+# OpenSSL may not work correctly which could lead to significant system
+# problems including inability to remotely access the system.
 [default_sect]
 # activate = 1
 
diff --git a/doc/man5/config.pod b/doc/man5/config.pod
index 7bd603a2cc..77a8055e81 100644
--- a/doc/man5/config.pod
+++ b/doc/man5/config.pod
@@ -273,6 +273,15 @@ significant.
 All parameters in the section as well as sub-sections are made
 available to the provider.
 
+=head3 Default provider and its activation
+
+If no providers are activated explicitly, the default one is activated 
implicitly.
+See L for more details.
+
+If you add a section explicitly activating any other provider(s),
+you most probably need to explicitly activate the default provider,
+otherwise it becomes unavailable in openssl. It may make the system remotely 
unavailable.
+
 =head2 EVP Configuration
 
 The name B in the initialization section names the section


[openssl] master update

2021-08-11 Thread beldmit
The branch master has been updated
   via  0f70d6013435308ada5d0eb662b31f370b07ebd7 (commit)
  from  12e055991e9d755c8a395f60abf97783795be626 (commit)


- Log -
commit 0f70d6013435308ada5d0eb662b31f370b07ebd7
Author: Tomas Mraz 
Date:   Tue Aug 10 14:51:21 2021 +0200

EVP_CIPHER_CTX_set_key_length: Raise error when key length is not settable

If key length is different from the existing key length and it is not
a settable parameter, raise an error.

Fixes #16277

Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16279)

---

Summary of changes:
 crypto/evp/evp_enc.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index e0f411aa06..519cab3f2b 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -986,8 +986,10 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int 
keylen)
 
 /* Check the cipher actually understands this parameter */
 if (OSSL_PARAM_locate_const(EVP_CIPHER_settable_ctx_params(c->cipher),
-OSSL_CIPHER_PARAM_KEYLEN) == NULL)
+OSSL_CIPHER_PARAM_KEYLEN) == NULL) {
+ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
 return 0;
+}
 
 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, 
);
 ok = evp_do_ciph_ctx_setparams(c->cipher, c->algctx, params);


[openssl] master update

2021-08-11 Thread beldmit
The branch master has been updated
   via  b4f1b7b65871de8f44228e77fc9ab2ac8b6d7918 (commit)
  from  ad2fc0bed4a111a5ff6803ee2ed0fee98db9d2f2 (commit)


- Log -
commit b4f1b7b65871de8f44228e77fc9ab2ac8b6d7918
Author: Dmitry Belyavskiy 
Date:   Wed Aug 4 15:40:24 2021 +0200

Omitted signature_algorithms extension alerts updated

Fixes #15484

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16217)

---

Summary of changes:
 ssl/t1_lib.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 3579202c22..9345838f6a 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3302,7 +3302,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs)
 if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) {
 if (!fatalerrs)
 return 1;
-SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
  SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM);
 return 0;
 }
@@ -3317,7 +3317,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs)
 if (i == sent_sigslen) {
 if (!fatalerrs)
 return 1;
-SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,
+SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
  SSL_R_WRONG_SIGNATURE_TYPE);
 return 0;
 }


[openssl] OpenSSL_1_1_1-stable update

2021-08-05 Thread beldmit
The branch OpenSSL_1_1_1-stable has been updated
   via  5b31b9df7f89d2c2cb935c5e50a912cd048c07c9 (commit)
  from  ba4c89a9700ff07cecde90248707056292bf36d1 (commit)


- Log -
commit 5b31b9df7f89d2c2cb935c5e50a912cd048c07c9
Author: Billy Brumley 
Date:   Wed Aug 4 10:45:52 2021 +0300

[doc/man3] documentation: BN_cmp manpage updates

Reviewed-by: Paul Dale 
Reviewed-by: Nicola Tuveri 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16214)

(cherry picked from commit 3d4ca443b4778e3230ff23f17625f58f815a9142)

---

Summary of changes:
 doc/man3/BN_cmp.pod | 41 +++--
 1 file changed, 23 insertions(+), 18 deletions(-)

diff --git a/doc/man3/BN_cmp.pod b/doc/man3/BN_cmp.pod
index 95d162ff29..261619c512 100644
--- a/doc/man3/BN_cmp.pod
+++ b/doc/man3/BN_cmp.pod
@@ -2,42 +2,47 @@
 
 =head1 NAME
 
-BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM 
comparison and test functions
+BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_abs_is_word, BN_is_odd 
- BIGNUM comparison and test functions
 
 =head1 SYNOPSIS
 
  #include 
 
- int BN_cmp(BIGNUM *a, BIGNUM *b);
- int BN_ucmp(BIGNUM *a, BIGNUM *b);
+ int BN_cmp(const BIGNUM *a, const BIGNUM *b);
+ int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
 
- int BN_is_zero(BIGNUM *a);
- int BN_is_one(BIGNUM *a);
- int BN_is_word(BIGNUM *a, BN_ULONG w);
- int BN_is_odd(BIGNUM *a);
+ int BN_is_zero(const BIGNUM *a);
+ int BN_is_one(const BIGNUM *a);
+ int BN_is_word(const BIGNUM *a, const BN_ULONG w);
+ int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w);
+ int BN_is_odd(const BIGNUM *a);
 
 =head1 DESCRIPTION
 
-BN_cmp() compares the numbers B and B. BN_ucmp() compares their
+BN_cmp() compares the numbers I and I. BN_ucmp() compares their
 absolute values.
 
-BN_is_zero(), BN_is_one() and BN_is_word() test if B equals 0, 1,
-or B respectively. BN_is_odd() tests if a is odd.
-
-BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros.
+BN_is_zero(), BN_is_one(), BN_is_word() and BN_abs_is_word() test if
+I equals 0, 1, I, or EIE respectively.
+BN_is_odd() tests if I is odd.
 
 =head1 RETURN VALUES
 
-BN_cmp() returns -1 if B E B, 0 if B == B and 1 if
-B E B. BN_ucmp() is the same using the absolute values
-of B and B.
+BN_cmp() returns -1 if I E I, 0 if I == I and 1 if
+I E I. BN_ucmp() is the same using the absolute values
+of I and I.
+
+BN_is_zero(), BN_is_one() BN_is_word(), BN_abs_is_word() and
+BN_is_odd() return 1 if the condition is true, 0 otherwise.
+
+=head1 HISTORY
 
-BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if
-the condition is true, 0 otherwise.
+Prior to OpenSSL 1.1.0, BN_is_zero(), BN_is_one(), BN_is_word(),
+BN_abs_is_word() and BN_is_odd() were macros.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy


[openssl] master update

2021-08-05 Thread beldmit
The branch master has been updated
   via  3d4ca443b4778e3230ff23f17625f58f815a9142 (commit)
  from  46d51520319b8e4220b203c517b1232cf33a579f (commit)


- Log -
commit 3d4ca443b4778e3230ff23f17625f58f815a9142
Author: Billy Brumley 
Date:   Wed Aug 4 10:45:52 2021 +0300

[doc/man3] documentation: BN_cmp manpage updates

Reviewed-by: Paul Dale 
Reviewed-by: Nicola Tuveri 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16214)

---

Summary of changes:
 doc/man3/BN_cmp.pod | 41 +++--
 1 file changed, 23 insertions(+), 18 deletions(-)

diff --git a/doc/man3/BN_cmp.pod b/doc/man3/BN_cmp.pod
index da4e1fe8b8..f302818f21 100644
--- a/doc/man3/BN_cmp.pod
+++ b/doc/man3/BN_cmp.pod
@@ -2,42 +2,47 @@
 
 =head1 NAME
 
-BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM 
comparison and test functions
+BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_abs_is_word, BN_is_odd 
- BIGNUM comparison and test functions
 
 =head1 SYNOPSIS
 
  #include 
 
- int BN_cmp(BIGNUM *a, BIGNUM *b);
- int BN_ucmp(BIGNUM *a, BIGNUM *b);
+ int BN_cmp(const BIGNUM *a, const BIGNUM *b);
+ int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
 
- int BN_is_zero(BIGNUM *a);
- int BN_is_one(BIGNUM *a);
- int BN_is_word(BIGNUM *a, BN_ULONG w);
- int BN_is_odd(BIGNUM *a);
+ int BN_is_zero(const BIGNUM *a);
+ int BN_is_one(const BIGNUM *a);
+ int BN_is_word(const BIGNUM *a, const BN_ULONG w);
+ int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w);
+ int BN_is_odd(const BIGNUM *a);
 
 =head1 DESCRIPTION
 
-BN_cmp() compares the numbers B and B. BN_ucmp() compares their
+BN_cmp() compares the numbers I and I. BN_ucmp() compares their
 absolute values.
 
-BN_is_zero(), BN_is_one() and BN_is_word() test if B equals 0, 1,
-or B respectively. BN_is_odd() tests if a is odd.
-
-BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros.
+BN_is_zero(), BN_is_one(), BN_is_word() and BN_abs_is_word() test if
+I equals 0, 1, I, or EIE respectively.
+BN_is_odd() tests if I is odd.
 
 =head1 RETURN VALUES
 
-BN_cmp() returns -1 if B E B, 0 if B == B and 1 if
-B E B. BN_ucmp() is the same using the absolute values
-of B and B.
+BN_cmp() returns -1 if I E I, 0 if I == I and 1 if
+I E I. BN_ucmp() is the same using the absolute values
+of I and I.
+
+BN_is_zero(), BN_is_one() BN_is_word(), BN_abs_is_word() and
+BN_is_odd() return 1 if the condition is true, 0 otherwise.
+
+=head1 HISTORY
 
-BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if
-the condition is true, 0 otherwise.
+Prior to OpenSSL 1.1.0, BN_is_zero(), BN_is_one(), BN_is_word(),
+BN_abs_is_word() and BN_is_odd() were macros.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy


[openssl] master update

2021-08-05 Thread beldmit
The branch master has been updated
   via  46d51520319b8e4220b203c517b1232cf33a579f (commit)
   via  5cdeb99f9c8ab0ee5a4b17c677fc054f5acc0b2c (commit)
  from  d209fc6cce47be332ca10dbef1ada8077a22fb38 (commit)


- Log -
commit 46d51520319b8e4220b203c517b1232cf33a579f
Author: Pauli 
Date:   Thu Aug 5 09:25:56 2021 +1000

test: add -macopt hexkey: to dgst command tests

Comparison checksum generated using 1.1.1f.

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16212)

commit 5cdeb99f9c8ab0ee5a4b17c677fc054f5acc0b2c
Author: Pauli 
Date:   Wed Aug 4 13:30:44 2021 +1000

ctrls: add missing control string translation for key -> priv for HMAC

Fixes #16200

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16212)

---

Summary of changes:
 crypto/evp/ctrl_params_translate.c |  2 +-
 test/recipes/20-test_dgst.t| 17 -
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/crypto/evp/ctrl_params_translate.c 
b/crypto/evp/ctrl_params_translate.c
index 4ea17380af..a441c1f4b7 100644
--- a/crypto/evp/ctrl_params_translate.c
+++ b/crypto/evp/ctrl_params_translate.c
@@ -2221,7 +2221,7 @@ static const struct translation_st 
evp_pkey_ctx_translations[] = {
   EVP_PKEY_CTRL_CIPHER, NULL, NULL,
   OSSL_PKEY_PARAM_CIPHER, OSSL_PARAM_UTF8_STRING, fix_cipher },
 { SET, -1, -1, EVP_PKEY_OP_KEYGEN,
-  EVP_PKEY_CTRL_SET_MAC_KEY, NULL, NULL,
+  EVP_PKEY_CTRL_SET_MAC_KEY, "key", "hexkey",
   OSSL_PKEY_PARAM_PRIV_KEY, OSSL_PARAM_OCTET_STRING, NULL },
 
 { SET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
diff --git a/test/recipes/20-test_dgst.t b/test/recipes/20-test_dgst.t
index d64d810edd..5af74aec2a 100644
--- a/test/recipes/20-test_dgst.t
+++ b/test/recipes/20-test_dgst.t
@@ -17,7 +17,7 @@ use OpenSSL::Test::Utils;
 
 setup("test_dgst");
 
-plan tests => 8;
+plan tests => 9;
 
 sub tsignverify {
 my $testtext = shift;
@@ -131,6 +131,21 @@ subtest "HMAC generation with `dgst` CLI, default digest" 
=> sub {
"HMAC: Check second HMAC value is consistent with the first 
($hmacdata[1]) vs ($expected)");
 };
 
+subtest "HMAC generation with `dgst` CLI, key via option" => sub {
+plan tests => 2;
+
+my $testdata = srctop_file('test', 'data.bin');
+#HMAC the data twice to check consistency
+my @hmacdata = run(app(['openssl', 'dgst', '-sha256', '-hmac',
+'-macopt', 'hexkey:',
+$testdata, $testdata]), capture => 1);
+chomp(@hmacdata);
+my $expected = qr/HMAC-SHA2-256\(\Q$testdata\E\)= 
b6727b7bb251dfa65846e0a8223bdd57d244aa6d7e312cb906d8e21f2dee3a57/;
+ok($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected 
($hmacdata[0]) vs ($expected)");
+ok($hmacdata[1] =~ $expected,
+   "HMAC: Check second HMAC value is consistent with the first 
($hmacdata[1]) vs ($expected)");
+};
+
 subtest "Custom length XOF digest generation with `dgst` CLI" => sub {
 plan tests => 2;
 


[openssl] master update

2021-08-03 Thread beldmit
The branch master has been updated
   via  6b38d7dc1bccc708279ca5091ebc28cd4bdf225d (commit)
  from  ab98861e919b8f8f7fee3f2d44ef3b4b05908a25 (commit)


- Log -
commit 6b38d7dc1bccc708279ca5091ebc28cd4bdf225d
Author: Dmitry Belyavskiy 
Date:   Mon Aug 2 17:00:51 2021 +0200

If we have passed the private key, don't copy it implicitly

Fixes #16197

Reviewed-by: David von Oheimb 
Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16199)

---

Summary of changes:
 apps/req.c  |  2 +-
 doc/man1/openssl-req.pod.in | 11 ++-
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/apps/req.c b/apps/req.c
index eb286f8a8e..5524092f2c 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -686,7 +686,7 @@ int req_main(int argc, char **argv)
 EVP_PKEY_CTX_free(genctx);
 genctx = NULL;
 }
-if (keyout == NULL) {
+if (keyout == NULL && keyfile == NULL) {
 keyout = NCONF_get_string(req_conf, section, KEYFILE);
 if (keyout == NULL)
 ERR_clear_error();
diff --git a/doc/man1/openssl-req.pod.in b/doc/man1/openssl-req.pod.in
index 7897610818..75d0da1743 100644
--- a/doc/man1/openssl-req.pod.in
+++ b/doc/man1/openssl-req.pod.in
@@ -205,11 +205,12 @@ See L for details.
 =item B<-keyout> I
 
 This gives the filename to write any private key to that has been newly created
-or read from B<-key>.
-If the B<-keyout> option is not given the filename specified in the
-configuration file with the B option is used, if present.
-If a new key is generated and no filename is specified
-the key is written to standard output.
+or read from B<-key>.  If neither the B<-keyout> option nor the B<-key> option
+are given then the filename specified in the configuration file with the
+B option is used, if present.  Thus, if you want to write the
+private key and the B<-key> option is provided, you should provide the
+B<-keyout> option explicitly.  If a new key is generated and no filename is
+specified the key is written to standard output.
 
 =item B<-noenc>
 


[openssl] master update

2021-08-02 Thread beldmit
The branch master has been updated
   via  ab98861e919b8f8f7fee3f2d44ef3b4b05908a25 (commit)
  from  2625807aff370830b55c0fb71b63357e8523733e (commit)


- Log -
commit ab98861e919b8f8f7fee3f2d44ef3b4b05908a25
Author: Tanzinul Islam 
Date:   Sat Jul 31 18:28:34 2021 +0100

Redefine getpid() -> _getpid() only for MSVC

This was introduced in 814b5133e for MSVC. C++Builder doesn't need it.

Reviewed-by: Paul Dale 
Reviewed-by: Matthias St. Pierre 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16192)

---

Summary of changes:
 apps/lib/s_socket.c | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/apps/lib/s_socket.c b/apps/lib/s_socket.c
index 6884fd86cd..dbeebb54c5 100644
--- a/apps/lib/s_socket.c
+++ b/apps/lib/s_socket.c
@@ -27,12 +27,12 @@ typedef unsigned int u_int;
 #endif
 
 #ifdef _WIN32
-/*
- * With MSVC, certain POSIX functions have been renamed to have an underscore
- * prefix.
- */
 # include 
-# define getpid _getpid
+
+/* MSVC renamed some POSIX functions to have an underscore prefix. */
+# ifdef _MSC_VER
+#  define getpid _getpid
+# endif
 #endif
 
 #ifndef OPENSSL_NO_SOCK


[openssl] master update

2021-07-10 Thread beldmit
The branch master has been updated
   via  15729bef385211bc2a0497e2d53a45c45d677d2c (commit)
  from  6bfd3e51c04faa97ed98f38e35bd9bb5294b9070 (commit)


- Log -
commit 15729bef385211bc2a0497e2d53a45c45d677d2c
Author: Daiki Ueno 
Date:   Thu Jul 8 19:22:36 2021 +0200

BIO_lookup_ex: use AI_ADDRCONFIG only if explicit host name is given

The flag only affects which record types are queried via DNS (A or
, or both).  When node is NULL and AF_UNSPEC is used, it prevents
getaddrinfo returning the right address associated with the loopback
interface.

Signed-off-by: Daiki Ueno 

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16033)

---

Summary of changes:
 crypto/bio/bio_addr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/bio/bio_addr.c b/crypto/bio/bio_addr.c
index 0efbc3cb44..d18c849ade 100644
--- a/crypto/bio/bio_addr.c
+++ b/crypto/bio/bio_addr.c
@@ -696,7 +696,7 @@ int BIO_lookup_ex(const char *host, const char *service, 
int lookup_type,
 hints.ai_protocol = protocol;
 # ifdef AI_ADDRCONFIG
 #  ifdef AF_UNSPEC
-if (family == AF_UNSPEC)
+if (host != NULL && family == AF_UNSPEC)
 #  endif
 hints.ai_flags |= AI_ADDRCONFIG;
 # endif


[openssl] master update

2021-06-29 Thread beldmit
The branch master has been updated
   via  a73a5d0a14842f51d1a6bad15f3e997b0468b99d (commit)
  from  452580e5b0f85201006bacb1a697e0c5b7154b76 (commit)


- Log -
commit a73a5d0a14842f51d1a6bad15f3e997b0468b99d
Author: Dmitry Belyavskiy 
Date:   Mon Jun 28 15:44:45 2021 +0200

Missing link to fips_config documentation

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/15940)

---

Summary of changes:
 doc/man7/fips_module.pod | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/doc/man7/fips_module.pod b/doc/man7/fips_module.pod
index 8133f01eaf..1d709be513 100644
--- a/doc/man7/fips_module.pod
+++ b/doc/man7/fips_module.pod
@@ -452,8 +452,7 @@ L.
 
 =head1 SEE ALSO
 
-L,
-L
+L, L, L
 
 =head1 COPYRIGHT
 


[openssl] master update

2021-06-15 Thread beldmit
The branch master has been updated
   via  4832560be3b2a709557497cd881f8c390ba7ec34 (commit)
  from  835dd706d3a916dacdb302905899a32638ed8adc (commit)


- Log -
commit 4832560be3b2a709557497cd881f8c390ba7ec34
Author: Dmitry Belyavskiy 
Date:   Mon Jun 14 11:40:31 2021 +0200

Disabling Encrypt-then-MAC extension in s_client/s_server

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/15735)

---

Summary of changes:
 apps/include/opt.h   | 9 ++---
 doc/man1/openssl-s_client.pod.in | 5 +
 doc/man1/openssl-s_server.pod.in | 5 +
 doc/perlvars.pm  | 3 ++-
 ssl/ssl_conf.c   | 6 +-
 5 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/apps/include/opt.h b/apps/include/opt.h
index b77c5a52e5..96e78e4b79 100644
--- a/apps/include/opt.h
+++ b/apps/include/opt.h
@@ -163,7 +163,7 @@
 OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, OPT_S_CIPHERSUITES, \
 OPT_S_RECORD_PADDING, OPT_S_DEBUGBROKE, OPT_S_COMP, \
 OPT_S_MINPROTO, OPT_S_MAXPROTO, \
-OPT_S_NO_RENEGOTIATION, OPT_S_NO_MIDDLEBOX, OPT_S__LAST
+OPT_S_NO_RENEGOTIATION, OPT_S_NO_MIDDLEBOX, OPT_S_NO_ETM, OPT_S__LAST
 
 # define OPT_S_OPTIONS \
 OPT_SECTION("TLS/SSL"), \
@@ -216,7 +216,9 @@
 {"debug_broken_protocol", OPT_S_DEBUGBROKE, '-', \
 "Perform all sorts of protocol violations for testing purposes"}, \
 {"no_middlebox", OPT_S_NO_MIDDLEBOX, '-', \
-"Disable TLSv1.3 middlebox compat mode" }
+"Disable TLSv1.3 middlebox compat mode" }, \
+{"no_etm", OPT_S_NO_ETM, '-', \
+"Disable Encrypt-then-Mac extension"}
 
 # define OPT_S_CASES \
 OPT_S__FIRST: case OPT_S__LAST: break; \
@@ -250,7 +252,8 @@
 case OPT_S_MINPROTO: \
 case OPT_S_MAXPROTO: \
 case OPT_S_DEBUGBROKE: \
-case OPT_S_NO_MIDDLEBOX
+case OPT_S_NO_MIDDLEBOX: \
+case OPT_S_NO_ETM
 
 #define IS_NO_PROT_FLAG(o) \
  (o == OPT_S_NOSSL3 || o == OPT_S_NOTLS1 || o == OPT_S_NOTLS1_1 \
diff --git a/doc/man1/openssl-s_client.pod.in b/doc/man1/openssl-s_client.pod.in
index 144e367d4e..6328cd07d9 100644
--- a/doc/man1/openssl-s_client.pod.in
+++ b/doc/man1/openssl-s_client.pod.in
@@ -56,6 +56,7 @@ B B
 [B<-msg>]
 [B<-timeout>]
 [B<-mtu> I]
+[B<-no_etm>]
 [B<-keymatexport> I]
 [B<-keymatexportlen> I]
 [B<-msgfile> I]
@@ -448,6 +449,10 @@ Enable send/receive timeout on DTLS connections.
 
 Set MTU of the link layer to the specified size.
 
+=item B<-no_etm>
+
+Disable Encrypt-then-MAC negotiation.
+
 =item B<-keymatexport> I
 
 Export keying material using the specified label.
diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in
index c4289a12e3..115eceb0e3 100644
--- a/doc/man1/openssl-s_server.pod.in
+++ b/doc/man1/openssl-s_server.pod.in
@@ -70,6 +70,7 @@ B B
 [B<-verify_quiet>]
 [B<-ign_eof>]
 [B<-no_ign_eof>]
+[B<-no_etm>]
 [B<-status>]
 [B<-status_verbose>]
 [B<-status_timeout> I]
@@ -487,6 +488,10 @@ Ignore input EOF (default: when B<-quiet>).
 
 Do not ignore input EOF.
 
+=item B<-no_etm>
+
+Disable Encrypt-then-MAC negotiation.
+
 =item B<-status>
 
 Enables certificate status request support (aka OCSP stapling).
diff --git a/doc/perlvars.pm b/doc/perlvars.pm
index 133ad3c416..f4c20aa392 100644
--- a/doc/perlvars.pm
+++ b/doc/perlvars.pm
@@ -185,6 +185,7 @@ $OpenSSL::safe::opt_s_synopsis = ""
 . "[B<-no_resumption_on_reneg>]\n"
 . "[B<-legacy_server_connect>]\n"
 . "[B<-no_legacy_server_connect>]\n"
+. "[B<-no_etm>]\n"
 . "[B<-allow_no_dhe_kex>]\n"
 . "[B<-prioritize_chacha>]\n"
 . "[B<-strict>]\n"
@@ -205,7 +206,7 @@ $OpenSSL::safe::opt_s_item = ""
 . "B<-client_renegotiation>,\n"
 . "B<-legacy_renegotiation>, B<-no_renegotiation>,\n"
 . "B<-no_resumption_on_reneg>,\n"
-. "B<-legacy_server_connect>, B<-no_legacy_server_connect>,\n"
+. "B<-legacy_server_connect>, B<-no_legacy_server_connect>, B<-no_etm>\n"
 . "B<-allow_no_dhe_kex>, B<-prioritize_chacha>, B<-strict>, B<-sigalgs>\n"
 . "I, B<-client_sigalgs> I, B<-groups> I, B<-curves>\n"
 . "I, B<-named_curve> I, B<-cipher> I, 
B<-ciphersuites>\n"
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index b15c847176..c0cbbe5e2c 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -676,7 +676,8 @@ typedef struct {
 #define SSL_CONF_CMD_SWITCH(name, flags) \
 {0, NULL, name, flags, SSL_CONF_TYPE_NONE}
 
-/* See apps/apps.h if you change this table. */
+/* See apps/include/opt.h if you change this table. */
+/* The SSL_CONF_CMD_SWITCH should be the same order as ssl_cmd_switches */
 static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
 SSL_CONF_CMD_SWITCH("no_ssl3", 0),
 SSL_CONF_CMD_SWITCH("no_tls1", 0),
@@ -701,6 +702,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
 

[openssl] master update

2021-06-15 Thread beldmit
The branch master has been updated
   via  04fb4ec8facce1e289029c289ebc4b487db8 (commit)
  from  9067cf6ccdce0a73922f06937e54c2fce2752038 (commit)


- Log -
commit 04fb4ec8facce1e289029c289ebc4b487db8
Author: Hubert Kario 
Date:   Mon Jun 14 13:38:02 2021 +0200

s_server: make -rev option easier to find (mention echo)

Since the service is echo-like (see TCP port 7 from RFC 862 or
gnutls-serv --echo), make it easier to find by mentioning "echo" in
the description of it in the help message an man page

Also fixes the man page inconsistency ("sends it back to the server")

Reviewed-by: Paul Dale 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/15739)

---

Summary of changes:
 apps/s_server.c  | 2 +-
 doc/man1/openssl-s_server.pod.in | 5 ++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/apps/s_server.c b/apps/s_server.c
index e32d25e800..9c0c467ed6 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -856,7 +856,7 @@ const OPTIONS s_server_options[] = {
 {"brief", OPT_BRIEF, '-',
  "Restrict output to brief summary of connection parameters"},
 {"rev", OPT_REV, '-',
- "act as a simple test server which just sends back with the received text 
reversed"},
+ "act as an echo server that sends back received text reversed"},
 {"debug", OPT_DEBUG, '-', "Print more output"},
 {"msg", OPT_MSG, '-', "Show protocol messages"},
 {"msgfile", OPT_MSGFILE, '>',
diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in
index 97852ae7bf..c4289a12e3 100644
--- a/doc/man1/openssl-s_server.pod.in
+++ b/doc/man1/openssl-s_server.pod.in
@@ -545,9 +545,8 @@ output.
 
 =item B<-rev>
 
-Simple test server which just reverses the text received from the client
-and sends it back to the server. Also sets B<-brief>. Cannot be used in
-conjunction with B<-early_data>.
+Simple echo server that sends back received text reversed. Also sets B<-brief>.
+Cannot be used in conjunction with B<-early_data>.
 
 =item B<-async>
 


[openssl] OpenSSL_1_1_1-stable update

2021-05-29 Thread beldmit
The branch OpenSSL_1_1_1-stable has been updated
   via  3ee328ab9eff0bf0c86d07b24555a81f403d2ecb (commit)
  from  9008dc9e38bc35541957eacebafac35912d20821 (commit)


- Log -
commit 3ee328ab9eff0bf0c86d07b24555a81f403d2ecb
Author: Tomas Mraz 
Date:   Fri May 28 14:12:12 2021 +0200

Put init_ec_point_formats() inside #ifndef OPENSSL_NO_EC

Reviewed-by: Matt Caswell 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/15518)

---

Summary of changes:
 ssl/statem/extensions.c | 20 ++--
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 19e91b6f4e..0f39275baa 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -18,6 +18,7 @@ static int final_renegotiate(SSL *s, unsigned int context, 
int sent);
 static int init_server_name(SSL *s, unsigned int context);
 static int final_server_name(SSL *s, unsigned int context, int sent);
 #ifndef OPENSSL_NO_EC
+static int init_ec_point_formats(SSL *s, unsigned int context);
 static int final_ec_pt_formats(SSL *s, unsigned int context, int sent);
 #endif
 static int init_session_ticket(SSL *s, unsigned int context);
@@ -42,7 +43,6 @@ static int tls_parse_certificate_authorities(SSL *s, PACKET 
*pkt,
 #ifndef OPENSSL_NO_SRP
 static int init_srp(SSL *s, unsigned int context);
 #endif
-static int init_ec_point_formats(SSL *s, unsigned int context);
 static int init_etm(SSL *s, unsigned int context);
 static int init_ems(SSL *s, unsigned int context);
 static int final_ems(SSL *s, unsigned int context, int sent);
@@ -1028,6 +1028,15 @@ static int final_server_name(SSL *s, unsigned int 
context, int sent)
 }
 
 #ifndef OPENSSL_NO_EC
+static int init_ec_point_formats(SSL *s, unsigned int context)
+{
+OPENSSL_free(s->ext.peer_ecpointformats);
+s->ext.peer_ecpointformats = NULL;
+s->ext.peer_ecpointformats_len = 0;
+
+return 1;
+}
+
 static int final_ec_pt_formats(SSL *s, unsigned int context, int sent)
 {
 unsigned long alg_k, alg_a;
@@ -1166,15 +1175,6 @@ static int init_srp(SSL *s, unsigned int context)
 }
 #endif
 
-static int init_ec_point_formats(SSL *s, unsigned int context)
-{
-OPENSSL_free(s->ext.peer_ecpointformats);
-s->ext.peer_ecpointformats = NULL;
-s->ext.peer_ecpointformats_len = 0;
-
-return 1;
-}
-
 static int init_etm(SSL *s, unsigned int context)
 {
 s->ext.use_etm = 0;


[openssl] master update

2021-05-22 Thread beldmit
The branch master has been updated
   via  84faea44e6ad9ff7f470b5958e7303f6c521bf2e (commit)
  from  56c98a7d94d25df5999bd12c600788ec947e588c (commit)


- Log -
commit 84faea44e6ad9ff7f470b5958e7303f6c521bf2e
Author: Robbie Harwood 
Date:   Wed May 19 15:15:19 2021 -0400

Fix upgrading docs for RSA_private_encrypt/RSA_public_decrypt

Despite the name, these functions manipulate signatures, which means
that their replacements are the EVP_PKEY_sign/EVP_PKEY_verify family.

Signed-off-by: Robbie Harwood 

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/15359)

---

Summary of changes:
 doc/man3/RSA_private_encrypt.pod | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/doc/man3/RSA_private_encrypt.pod b/doc/man3/RSA_private_encrypt.pod
index a74a39834c..4b97d874c3 100644
--- a/doc/man3/RSA_private_encrypt.pod
+++ b/doc/man3/RSA_private_encrypt.pod
@@ -21,9 +21,9 @@ L:
 =head1 DESCRIPTION
 
 Both of the functions described on this page are deprecated.
-Applications should instead use L,
-L, L and
-L.
+Applications should instead use L,
+L, L and
+L.
 
 These functions handle RSA signatures at a low-level.
 


[openssl] OpenSSL_1_1_1-stable update

2021-05-21 Thread beldmit
The branch OpenSSL_1_1_1-stable has been updated
   via  7fc0b9376135e9e5db76c713122a6e319c0b9768 (commit)
  from  ca28c2422a7b32644161caa55f818dfafd8eeb9a (commit)


- Log -
commit 7fc0b9376135e9e5db76c713122a6e319c0b9768
Author: Dmitry Belyavskiy 
Date:   Thu May 20 16:03:05 2021 +0200

Cleanup the peer point formats on regotiation

Fixes #14875

Reviewed-by: Ben Kaduk 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/15383)

(cherry picked from commit 3f987381929ee725daf4746591144dde18f313e1)

---

Summary of changes:
 ssl/statem/extensions.c | 12 +++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 07803537ba..19e91b6f4e 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -42,6 +42,7 @@ static int tls_parse_certificate_authorities(SSL *s, PACKET 
*pkt,
 #ifndef OPENSSL_NO_SRP
 static int init_srp(SSL *s, unsigned int context);
 #endif
+static int init_ec_point_formats(SSL *s, unsigned int context);
 static int init_etm(SSL *s, unsigned int context);
 static int init_ems(SSL *s, unsigned int context);
 static int final_ems(SSL *s, unsigned int context, int sent);
@@ -159,7 +160,7 @@ static const EXTENSION_DEFINITION ext_defs[] = {
 TLSEXT_TYPE_ec_point_formats,
 SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO
 | SSL_EXT_TLS1_2_AND_BELOW_ONLY,
-NULL, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats,
+init_ec_point_formats, tls_parse_ctos_ec_pt_formats, 
tls_parse_stoc_ec_pt_formats,
 tls_construct_stoc_ec_pt_formats, tls_construct_ctos_ec_pt_formats,
 final_ec_pt_formats
 },
@@ -1165,6 +1166,15 @@ static int init_srp(SSL *s, unsigned int context)
 }
 #endif
 
+static int init_ec_point_formats(SSL *s, unsigned int context)
+{
+OPENSSL_free(s->ext.peer_ecpointformats);
+s->ext.peer_ecpointformats = NULL;
+s->ext.peer_ecpointformats_len = 0;
+
+return 1;
+}
+
 static int init_etm(SSL *s, unsigned int context)
 {
 s->ext.use_etm = 0;


[openssl] master update

2021-05-21 Thread beldmit
The branch master has been updated
   via  3f987381929ee725daf4746591144dde18f313e1 (commit)
  from  0491691342cf8fefb61de14b8edd56a937b458ac (commit)


- Log -
commit 3f987381929ee725daf4746591144dde18f313e1
Author: Dmitry Belyavskiy 
Date:   Thu May 20 16:03:05 2021 +0200

Cleanup the peer point formats on regotiation

Fixes #14875

Reviewed-by: Ben Kaduk 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/15383)

---

Summary of changes:
 ssl/statem/extensions.c | 12 +++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index ee047dc638..42d591e11e 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -45,6 +45,7 @@ static int tls_parse_certificate_authorities(SSL *s, PACKET 
*pkt,
 #ifndef OPENSSL_NO_SRP
 static int init_srp(SSL *s, unsigned int context);
 #endif
+static int init_ec_point_formats(SSL *s, unsigned int context);
 static int init_etm(SSL *s, unsigned int context);
 static int init_ems(SSL *s, unsigned int context);
 static int final_ems(SSL *s, unsigned int context, int sent);
@@ -159,7 +160,7 @@ static const EXTENSION_DEFINITION ext_defs[] = {
 TLSEXT_TYPE_ec_point_formats,
 SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO
 | SSL_EXT_TLS1_2_AND_BELOW_ONLY,
-NULL, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats,
+init_ec_point_formats, tls_parse_ctos_ec_pt_formats, 
tls_parse_stoc_ec_pt_formats,
 tls_construct_stoc_ec_pt_formats, tls_construct_ctos_ec_pt_formats,
 final_ec_pt_formats
 },
@@ -1145,6 +1146,15 @@ static int init_srp(SSL *s, unsigned int context)
 }
 #endif
 
+static int init_ec_point_formats(SSL *s, unsigned int context)
+{
+OPENSSL_free(s->ext.peer_ecpointformats);
+s->ext.peer_ecpointformats = NULL;
+s->ext.peer_ecpointformats_len = 0;
+
+return 1;
+}
+
 static int init_etm(SSL *s, unsigned int context)
 {
 s->ext.use_etm = 0;


[openssl] master update

2021-05-21 Thread beldmit
The branch master has been updated
   via  819b94c0c0d338fbec0aee828f3b61d7878c3837 (commit)
  from  6d3f798cba8075e73aaf34f1e72bb930086c (commit)


- Log -
commit 819b94c0c0d338fbec0aee828f3b61d7878c3837
Author: Dmitry Belyavskiy 
Date:   Thu May 20 10:59:07 2021 +0200

HMAC doesn't work with a default digest

Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/15371)

---

Summary of changes:
 apps/dgst.c |  2 ++
 test/recipes/20-test_dgst.t | 16 +++-
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/apps/dgst.c b/apps/dgst.c
index 15f9e2e685..7ac1013303 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -330,6 +330,8 @@ int dgst_main(int argc, char **argv)
 }
 
 if (hmac_key != NULL) {
+if (md == NULL)
+md = (EVP_MD *)EVP_sha256();
 sigkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, impl,
   (unsigned char *)hmac_key,
   strlen(hmac_key));
diff --git a/test/recipes/20-test_dgst.t b/test/recipes/20-test_dgst.t
index 1083da71b8..d64d810edd 100644
--- a/test/recipes/20-test_dgst.t
+++ b/test/recipes/20-test_dgst.t
@@ -17,7 +17,7 @@ use OpenSSL::Test::Utils;
 
 setup("test_dgst");
 
-plan tests => 7;
+plan tests => 8;
 
 sub tsignverify {
 my $testtext = shift;
@@ -117,6 +117,20 @@ subtest "HMAC generation with `dgst` CLI" => sub {
"HMAC: Check second HMAC value is consistent with the first 
($hmacdata[1]) vs ($expected)");
 };
 
+subtest "HMAC generation with `dgst` CLI, default digest" => sub {
+plan tests => 2;
+
+my $testdata = srctop_file('test', 'data.bin');
+#HMAC the data twice to check consistency
+my @hmacdata = run(app(['openssl', 'dgst', '-hmac', '123456',
+$testdata, $testdata]), capture => 1);
+chomp(@hmacdata);
+my $expected = qr/HMAC-SHA256\(\Q$testdata\E\)= 
6f12484129c4a761747f13d8234a1ff0e074adb34e9e9bf3a155c391b97b9a7c/;
+ok($hmacdata[0] =~ $expected, "HMAC: Check HMAC value is as expected 
($hmacdata[0]) vs ($expected)");
+ok($hmacdata[1] =~ $expected,
+   "HMAC: Check second HMAC value is consistent with the first 
($hmacdata[1]) vs ($expected)");
+};
+
 subtest "Custom length XOF digest generation with `dgst` CLI" => sub {
 plan tests => 2;
 


[openssl] OpenSSL_1_1_1-stable update

2021-05-13 Thread beldmit
The branch OpenSSL_1_1_1-stable has been updated
   via  9a48d4a4fec6827d387ee63756504892e3656299 (commit)
   via  fffb067b468f8e6ffd003b346d7aba558f205c23 (commit)
  from  207b8693b0821aab356ce9dccb7f2fe86e5e035a (commit)


- Log -
commit 9a48d4a4fec6827d387ee63756504892e3656299
Author: Dmitry Belyavskiy 
Date:   Fri Apr 30 18:13:14 2021 +0200

Testing private keys with extra attributes

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/15075)

commit fffb067b468f8e6ffd003b346d7aba558f205c23
Author: Dmitry Belyavskiy 
Date:   Wed Apr 28 21:43:35 2021 +0300

Try to parse private key as PKCS#8 first, fallback afterwards

Fixes #15022

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/15075)

---

Summary of changes:
 crypto/asn1/d2i_pr.c   |  71 +++--
 test/recipes/25-test_req.t |  27 +++--
 test/testrsa_withattrs.der | Bin 0 -> 1277 bytes
 test/testrsa_withattrs.pem |  29 ++
 4 files changed, 103 insertions(+), 24 deletions(-)
 create mode 100644 test/testrsa_withattrs.der
 create mode 100644 test/testrsa_withattrs.pem

diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index 7b127d2092..091b6e7216 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -78,13 +78,53 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const 
unsigned char **pp,
  * type
  */
 
+static EVP_PKEY *key_as_pkcs8(const unsigned char **pp, long length, int 
*carry_on)
+{
+const unsigned char *p = *pp;
+PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, , length);
+EVP_PKEY *ret;
+
+if (p8 == NULL)
+return NULL;
+
+ret = EVP_PKCS82PKEY(p8);
+if (ret == NULL)
+*carry_on = 0;
+
+PKCS8_PRIV_KEY_INFO_free(p8);
+
+if (ret != NULL)
+*pp = p;
+
+return ret;
+}
+
 EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
  long length)
 {
 STACK_OF(ASN1_TYPE) *inkey;
 const unsigned char *p;
 int keytype;
+EVP_PKEY *ret = NULL;
+int carry_on = 1;
+
+ERR_set_mark();
+ret = key_as_pkcs8(pp, length, _on);
+if (ret != NULL) {
+ERR_clear_last_mark();
+if (a != NULL)
+*a = ret;
+return ret;
+}
+
+if (carry_on == 0) {
+ERR_clear_last_mark();
+ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
+ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+return NULL;
+}
 p = *pp;
+
 /*
  * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
  * analyzing it we can determine the passed structure: this assumes the
@@ -100,28 +140,15 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned 
char **pp,
 keytype = EVP_PKEY_DSA;
 else if (sk_ASN1_TYPE_num(inkey) == 4)
 keytype = EVP_PKEY_EC;
-else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
-  * traditional format */
-PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, , length);
-EVP_PKEY *ret;
-
-sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
-if (!p8) {
-ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
-ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
-return NULL;
-}
-ret = EVP_PKCS82PKEY(p8);
-PKCS8_PRIV_KEY_INFO_free(p8);
-if (ret == NULL)
-return NULL;
-*pp = p;
-if (a) {
-*a = ret;
-}
-return ret;
-} else
+else
 keytype = EVP_PKEY_RSA;
 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
-return d2i_PrivateKey(keytype, a, pp, length);
+
+ret = d2i_PrivateKey(keytype, a, pp, length);
+if (ret != NULL)
+ERR_pop_to_mark();
+else
+ERR_clear_last_mark();
+
+return ret;
 }
diff --git a/test/recipes/25-test_req.t b/test/recipes/25-test_req.t
index 5e1ea308a2..be4cdb1626 100644
--- a/test/recipes/25-test_req.t
+++ b/test/recipes/25-test_req.t
@@ -47,7 +47,7 @@ ok(!run(app([@addext_args, "-addext", $val, "-addext", 
$val3])));
 ok(!run(app([@addext_args, "-addext", $val2, "-addext", $val3])));
 
 subtest "generating certificate requests with RSA" => sub {
-plan tests => 2;
+plan tests => 6;
 
 SKIP: {
 skip "RSA is not supported by this OpenSSL build", 2
@@ -63,6 +63,29 @@ subtest "generating certificate requests with RSA" => sub {
 "-config", srctop_file("test", "test.cnf"),
 "-verify", "-in", "testreq.pem", "-noout"])),
"Verifying signature on request");
+
+ok(run(app(["openssl", "req",
+"-config", srctop_file("test", "test.cnf"),
+"-new", "-out", 

[openssl] master update

2021-05-13 Thread beldmit
The branch master has been updated
   via  4639772523e5cb979722483b9374e0c275afde7d (commit)
   via  6581b17dedb77112fca328a09d6073723a013727 (commit)
  from  ca6197ca3c1a18be004c447cf4bf5a1a40d7dd19 (commit)


- Log -
commit 4639772523e5cb979722483b9374e0c275afde7d
Author: Dmitry Belyavskiy 
Date:   Fri May 7 17:36:42 2021 +0200

clarification about the DES status

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/15197)

commit 6581b17dedb77112fca328a09d6073723a013727
Author: Dmitry Belyavskiy 
Date:   Fri May 7 17:16:29 2021 +0200

Enumerating the legacy provider's cipher algorithms

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/15197)

---

Summary of changes:
 doc/man3/EVP_des_cbc.pod  |  4 
 doc/man3/EVP_desx_cbc.pod |  4 
 doc/man7/OSSL_PROVIDER-legacy.pod | 26 ++
 3 files changed, 34 insertions(+)

diff --git a/doc/man3/EVP_des_cbc.pod b/doc/man3/EVP_des_cbc.pod
index d00179eacb..bcae9d7a4e 100644
--- a/doc/man3/EVP_des_cbc.pod
+++ b/doc/man3/EVP_des_cbc.pod
@@ -54,6 +54,10 @@ EVP_des_ofb()
 DES in CBC, ECB, CFB with 64-bit shift, CFB with 1-bit shift, CFB with 8-bit
 shift and OFB modes.
 
+None of these algorithms are provided by the OpenSSL default provider.
+To use them it is necessary to load either the OpenSSL legacy provider or 
another
+implementation.
+
 =item EVP_des_ede(),
 EVP_des_ede_cbc(),
 EVP_des_ede_cfb(),
diff --git a/doc/man3/EVP_desx_cbc.pod b/doc/man3/EVP_desx_cbc.pod
index c9e250f34c..2a41e08898 100644
--- a/doc/man3/EVP_desx_cbc.pod
+++ b/doc/man3/EVP_desx_cbc.pod
@@ -23,6 +23,10 @@ All modes below use a key length of 128 bits and acts on 
blocks of 128-bits.
 
 The DES-X algorithm in CBC mode.
 
+This algorithm is not provided by the OpenSSL default provider.
+To use it is necessary to load either the OpenSSL legacy provider or another
+implementation.
+
 =back
 
 =head1 RETURN VALUES
diff --git a/doc/man7/OSSL_PROVIDER-legacy.pod 
b/doc/man7/OSSL_PROVIDER-legacy.pod
index 36aeafec94..86ac3fa9a0 100644
--- a/doc/man7/OSSL_PROVIDER-legacy.pod
+++ b/doc/man7/OSSL_PROVIDER-legacy.pod
@@ -52,6 +52,32 @@ The OpenSSL legacy provider supports these operations and 
algorithms:
 
 =back
 
+=head2 Symmetric Ciphers
+
+Not all of these symmetric cipher algorithms are enabled by default.
+
+=over 4
+
+=item Blowfish
+
+=item CAST
+
+=item DES
+
+=item IDEA
+
+=item RC2
+
+=item RC4
+
+=item RC5
+
+Disabled by default. Use I config option to enable.
+
+=item SEED
+
+=back
+
 =begin comment
 
 When algorithms for other operations start appearing, the


[openssl] master update

2021-05-11 Thread beldmit
The branch master has been updated
   via  6dbb277627de86578577185084378135605d2df1 (commit)
  from  f60e35d01e8b0116c53575774dbf26dcd2d2311d (commit)


- Log -
commit 6dbb277627de86578577185084378135605d2df1
Author: Dmitry Belyavskiy 
Date:   Tue May 4 20:47:42 2021 +0200

Tests for creating req from PKCS8 keys with extra attrs

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/15142)

---

Summary of changes:
 test/recipes/25-test_req.t |  25 -
 test/testrsa_withattrs.der | Bin 0 -> 1277 bytes
 test/testrsa_withattrs.pem |  29 +
 3 files changed, 53 insertions(+), 1 deletion(-)
 create mode 100644 test/testrsa_withattrs.der
 create mode 100644 test/testrsa_withattrs.pem

diff --git a/test/recipes/25-test_req.t b/test/recipes/25-test_req.t
index 30c1c43a7f..0fcb56a46a 100644
--- a/test/recipes/25-test_req.t
+++ b/test/recipes/25-test_req.t
@@ -73,7 +73,7 @@ subtest "generating alt certificate requests with RSA" => sub 
{
 
 
 subtest "generating certificate requests with RSA" => sub {
-plan tests => 3;
+plan tests => 7;
 
 SKIP: {
 skip "RSA is not supported by this OpenSSL build", 2
@@ -97,6 +97,29 @@ subtest "generating certificate requests with RSA" => sub {
 "-config", srctop_file("test", "test.cnf"),
 "-verify", "-in", "testreq-rsa.pem", "-noout"])),
"Verifying signature on request");
+
+ok(run(app(["openssl", "req",
+"-config", srctop_file("test", "test.cnf"),
+"-new", "-out", "testreq_withattrs_pem.pem", "-utf8",
+"-key", srctop_file("test", "testrsa_withattrs.pem")])),
+   "Generating request from a key with extra attributes - PEM");
+
+ok(run(app(["openssl", "req",
+"-config", srctop_file("test", "test.cnf"),
+"-verify", "-in", "testreq_withattrs_pem.pem", "-noout"])),
+   "Verifying signature on request from a key with extra attributes - 
PEM");
+
+ok(run(app(["openssl", "req",
+"-config", srctop_file("test", "test.cnf"),
+"-new", "-out", "testreq_withattrs_der.pem", "-utf8",
+"-key", srctop_file("test", "testrsa_withattrs.der"),
+   "-keyform", "DER"])),
+   "Generating request from a key with extra attributes - PEM");
+
+ok(run(app(["openssl", "req",
+"-config", srctop_file("test", "test.cnf"),
+"-verify", "-in", "testreq_withattrs_der.pem", "-noout"])),
+   "Verifying signature on request from a key with extra attributes - 
PEM");
 }
 };
 
diff --git a/test/testrsa_withattrs.der b/test/testrsa_withattrs.der
new file mode 100644
index 00..811e1e0bcb
Binary files /dev/null and b/test/testrsa_withattrs.der differ
diff --git a/test/testrsa_withattrs.pem b/test/testrsa_withattrs.pem
new file mode 100644
index 00..42d0a3c51c
--- /dev/null
+++ b/test/testrsa_withattrs.pem
@@ -0,0 +1,29 @@
+-BEGIN PRIVATE KEY-
+MIIE+QIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDsh7QWxhftrqng
+RC3Ms+HxH2NFCX1sRoiIV4cYK2z0DQdEiNpFdpHlcs3weTuudcpr8XursodVFMTB
+eHjROhgwO/LT9xReEUiaoHJgfv6KcKcxEvntCjQkzGhkw03OH5VYdtTRAbwpwcYt
+groPiZ2STINpQOmFabzai+K+3rddwTGkkca3C5kY7KOMlnt9IuvmycksRqH6MPKz
+P5QbztlgY95rtra+OEzKLYQ1ux6hkaUlpxT5eGKfzYdccwKJWa0dUXyT/8F6rpTm
+Zbz3BxdKGAWMywaTfh5ywhNmVNTeIumxIRc3+PInn0rqKTaDrWylxiBdb3t27HxQ
+InDZmPwdAgMBAAECggEBAMTRrzN8JxEq1ES/tvStgodoPOyHlwxwLNB3NP0RtZnm
+9XM8BZTjs0egnmlKGDV14riruuMGrcJIg+kR3EcN9m68k7V51kLoUugINuTBCAIe
+96DIT5vFb9pnFT8znRy1/0obp787mF2O1t+r9jNTqgDBFmCRGUBg2jtpR4bYQPEL
+ZjXMDPcsmOlmbBdsyQvjlOHqXjCoUWwOCBEZdtaLzxaOPrBW5Jh2h3Xz1pV3NdZ/
+xufAYRhpJamPNiSipRehBZAeQP2ZAyHj/5x3tgEcA+C04Ki8NvuwJx/6T/lGKD+1
+x3DKsniNi6fEbGlpST/Zp1GY4WyVPcrLa8JxyO+UagECgYEA+gvBBI+LSK5enPXu
+WooEQP17fKzdZG7Cic8TfTPbtBIcXjNQFLHjFoBNk+TBFCjZma7L+fEcKcDm+Bg1
+qa4xihOP6BoQqHXZZNZ+9ZU96MPmI9Zb60CMG9lM1VVhSqrm2n3Q+tefod/a2bQk
+oz8QsdpsUFqVFCF5l+Tb6lp2QN0CgYEA8imPEml6LG35snBY1H6t0ASCHT1oFdHP
+o01WKQas/tuLO+pMfZrA0zLZBExxZuUJloC6COsTcOrlK+hGM60Ab6TgSPbUvYqH
+8yMV7SYLvheEngqIiFExmHg79mxnys3Rgv9KMxAV2Ip2wBrBMwUOaURU9pUKXlIN
+xiaUuevSVEECgYEA0Dbrcs3JUSuKM7AC3DfjlO6/XrFf5hrpOfJKq058m/Uc1EBs
+Zd8/V2RdtVKeiRf/Ix9QUYA6UHaGnn8iaHpaXD0v7zmNN4pzDaojrIKrO+GtCZid
+kEd+pE4N0fO4AYJQnA567/aPwi7zQaflfl6smz1kRoE3dLzvUNHNYtgTcq0CgYAm
+Op1VgMVCwlHK86VyVlVGI5AO4aTO3QJ0ez8A1wb0bOA8Iy7UHVwXe017Oj4kyj+L
+POMhiUrWZp6rIc4DVmpdNaAapKzNB1OS9JT/jSQJbFkJQgxvyLGVqlV8/3wbLgbH
+MVobWYy5VJKOnSqmzUOLJrhq/PhYD4gRIgIUn7/igQKBgQCptqrREOq9fXDEpozC
+39TL4vDrKJWpB1uK6pBEjgEVD/+tcfziVN40j5hnNFDUu/8kxxp9/4w8mPjdJ0CF
+hWIvrXasjnnFehy6IewWCljNH5CfOM64rDoXaF+ESIM4rLBHbQ8KYvaKkMjOcdNB
+JG1sRWVU01AwEhnvxS1zbyBtiqA4MDYGCCqFAwIJAwgBMSoEKBqiSOXm8r5I7hEA

[openssl] OpenSSL_1_1_1-stable update

2021-05-06 Thread beldmit
The branch OpenSSL_1_1_1-stable has been updated
   via  a9e808fadcff1b1b4bf5dece753ee5eb00c9cc16 (commit)
  from  9f85ab647c8c9f47a1523f99facdf15fc34797a0 (commit)


- Log -
commit a9e808fadcff1b1b4bf5dece753ee5eb00c9cc16
Author: Dmitry Belyavskiy 
Date:   Wed May 5 14:29:28 2021 +0200

Avoid sending alerts after shutdown

Fixes #11388

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/15159)

(cherry picked from commit 22d1138fe2fde9a16e80b81de1d848ae6fa879ef)

---

Summary of changes:
 ssl/s3_msg.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c
index 339fb2774a..721bbb7320 100644
--- a/ssl/s3_msg.c
+++ b/ssl/s3_msg.c
@@ -48,6 +48,8 @@ int ssl3_send_alert(SSL *s, int level, int desc)
   * protocol_version alerts */
 if (desc < 0)
 return -1;
+if (s->shutdown & SSL_SENT_SHUTDOWN && desc != SSL_AD_CLOSE_NOTIFY)
+return -1;
 /* If a fatal one, remove from cache */
 if ((level == SSL3_AL_FATAL) && (s->session != NULL))
 SSL_CTX_remove_session(s->session_ctx, s->session);


[openssl] master update

2021-05-06 Thread beldmit
The branch master has been updated
   via  22d1138fe2fde9a16e80b81de1d848ae6fa879ef (commit)
  from  021521aa91d7b1a47f3c3b704f1cc39f169b2e5b (commit)


- Log -
commit 22d1138fe2fde9a16e80b81de1d848ae6fa879ef
Author: Dmitry Belyavskiy 
Date:   Wed May 5 14:29:28 2021 +0200

Avoid sending alerts after shutdown

Fixes #11388

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/15159)

---

Summary of changes:
 ssl/s3_msg.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c
index 066623d5fb..4b0906820e 100644
--- a/ssl/s3_msg.c
+++ b/ssl/s3_msg.c
@@ -52,6 +52,8 @@ int ssl3_send_alert(SSL *s, int level, int desc)
   * protocol_version alerts */
 if (desc < 0)
 return -1;
+if (s->shutdown & SSL_SENT_SHUTDOWN && desc != SSL_AD_CLOSE_NOTIFY)
+return -1;
 /* If a fatal one, remove from cache */
 if ((level == SSL3_AL_FATAL) && (s->session != NULL))
 SSL_CTX_remove_session(s->session_ctx, s->session);


[openssl] OpenSSL_1_1_1-stable update

2021-05-04 Thread beldmit
The branch OpenSSL_1_1_1-stable has been updated
   via  4b1be3c8868cf0b26a031f68ffebc34248e1836c (commit)
  from  6682083fa51fb94b95afd68b2b57f7609d9e41e7 (commit)


- Log -
commit 4b1be3c8868cf0b26a031f68ffebc34248e1836c
Author: Dmitry Belyavskiy 
Date:   Sat May 1 13:29:05 2021 +0200

Use OCSP-specific error code for clarity

Fixes #12735 for 1.1.1

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/15109)

---

Summary of changes:
 crypto/err/openssl.txt   | 1 +
 include/openssl/sslerr.h | 3 ++-
 ssl/ssl_err.c| 4 +++-
 ssl/statem/statem_clnt.c | 2 +-
 4 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 7e1776375d..e0e60ffa38 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2784,6 +2784,7 @@ SSL_R_NO_VALID_SCTS:216:no valid scts
 SSL_R_NO_VERIFY_COOKIE_CALLBACK:403:no verify cookie callback
 SSL_R_NULL_SSL_CTX:195:null ssl ctx
 SSL_R_NULL_SSL_METHOD_PASSED:196:null ssl method passed
+SSL_R_OCSP_CALLBACK_FAILURE:294:ocsp callback failure
 SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED:197:old session cipher not returned
 SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED:344:\
old session compression algorithm not returned
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
index 82983d3c1e..9060fd1b75 100644
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -633,6 +633,7 @@ int ERR_load_SSL_strings(void);
 # define SSL_R_NO_VERIFY_COOKIE_CALLBACK  403
 # define SSL_R_NULL_SSL_CTX   195
 # define SSL_R_NULL_SSL_METHOD_PASSED 196
+# define SSL_R_OCSP_CALLBACK_FAILURE  294
 # define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED197
 # define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
 # define SSL_R_OVERFLOW_ERROR 237
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 4b12ed1485..d0c69821b5 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -1018,6 +1018,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
 {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_CTX), "null ssl ctx"},
 {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_METHOD_PASSED),
 "null ssl method passed"},
+{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OCSP_CALLBACK_FAILURE),
+"ocsp callback failure"},
 {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
 "old session cipher not returned"},
 {ERR_PACK(ERR_LIB_SSL, 0, 
SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index de58f1a4b7..5543e08c59 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2833,7 +2833,7 @@ int tls_process_initial_server_flight(SSL *s)
 if (ret < 0) {
 SSLfatal(s, SSL_AD_INTERNAL_ERROR,
  SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT,
- ERR_R_MALLOC_FAILURE);
+ SSL_R_OCSP_CALLBACK_FAILURE);
 return 0;
 }
 }


[openssl] master update

2021-05-01 Thread beldmit
The branch master has been updated
   via  045a893091994a5837a2bec9cc5646ae9ff07a2c (commit)
  from  dd28d1c4d305574e5feacb0f3fee21192b9ccf2f (commit)


- Log -
commit 045a893091994a5837a2bec9cc5646ae9ff07a2c
Author: FdaSilvaYY 
Date:   Tue Apr 27 22:50:18 2021 +0200

ssl:  fix possible ref counting fields use before init.

`strdup(propq)` failure is doing a `goto err;` from where `SSL_CTX_free` is 
called.
The possible call is made before reference and lock fields setup.

Reviewed-by: Paul Dale 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/15052)

---

Summary of changes:
 ssl/ssl_lib.c | 16 +---
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 3d0f309fd2..27a5ec4581 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3181,6 +3181,15 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char 
*propq,
 if (ret == NULL)
 goto err;
 
+/* Init the reference counting before any call to SSL_CTX_free */
+ret->references = 1;
+ret->lock = CRYPTO_THREAD_lock_new();
+if (ret->lock == NULL) {
+ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
+OPENSSL_free(ret);
+return NULL;
+}
+
 ret->libctx = libctx;
 if (propq != NULL) {
 ret->propq = OPENSSL_strdup(propq);
@@ -3196,13 +3205,6 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char 
*propq,
 ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
 /* We take the system default. */
 ret->session_timeout = meth->get_timeout();
-ret->references = 1;
-ret->lock = CRYPTO_THREAD_lock_new();
-if (ret->lock == NULL) {
-ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
-OPENSSL_free(ret);
-return NULL;
-}
 ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
 ret->verify_mode = SSL_VERIFY_NONE;
 if ((ret->cert = ssl_cert_new()) == NULL)


[openssl] OpenSSL_1_1_1-stable update

2021-05-01 Thread beldmit
The branch OpenSSL_1_1_1-stable has been updated
   via  6682083fa51fb94b95afd68b2b57f7609d9e41e7 (commit)
  from  7c65179ad95d0f6f598ee82e763fce2567fe5802 (commit)


- Log -
commit 6682083fa51fb94b95afd68b2b57f7609d9e41e7
Author: Hubert Kario 
Date:   Fri Apr 30 16:41:17 2021 +0200

man: s_server: fix typo in -alpn option description

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/15098)

---

Summary of changes:
 doc/man1/s_server.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man1/s_server.pod b/doc/man1/s_server.pod
index 9fdac49190..aa6c19d31f 100644
--- a/doc/man1/s_server.pod
+++ b/doc/man1/s_server.pod
@@ -701,7 +701,7 @@ disabling the ephemeral DH cipher suites.
 
 =item B<-alpn val>, B<-nextprotoneg val>
 
-These flags enable the Enable the Application-Layer Protocol Negotiation
+These flags enable the Application-Layer Protocol Negotiation
 or Next Protocol Negotiation (NPN) extension, respectively. ALPN is the
 IETF standard and replaces NPN.
 The B list is a comma-separated list of supported protocol


[openssl] master update

2021-05-01 Thread beldmit
The branch master has been updated
   via  dd28d1c4d305574e5feacb0f3fee21192b9ccf2f (commit)
  from  f4407385f58242dcc6ae95a60c2a3dc8782bee42 (commit)


- Log -
commit dd28d1c4d305574e5feacb0f3fee21192b9ccf2f
Author: Hubert Kario 
Date:   Fri Apr 30 16:45:47 2021 +0200

man: s_server: fix text repetition in -alpn description

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/15099)

---

Summary of changes:
 doc/man1/openssl-s_server.pod.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in
index 55227d9080..243ab8b3e0 100644
--- a/doc/man1/openssl-s_server.pod.in
+++ b/doc/man1/openssl-s_server.pod.in
@@ -672,7 +672,7 @@ disabling the ephemeral DH cipher suites.
 
 =item B<-alpn> I, B<-nextprotoneg> I
 
-These flags enable the Enable the Application-Layer Protocol Negotiation
+These flags enable the Application-Layer Protocol Negotiation
 or Next Protocol Negotiation (NPN) extension, respectively. ALPN is the
 IETF standard and replaces NPN.
 The I list is a comma-separated list of supported protocol


[openssl] master update

2021-05-01 Thread beldmit
The branch master has been updated
   via  c0f4400c4051cc26fbe385b6af9fc67e7c66dbdd (commit)
  from  39da32729401110572da1782c80bef39c6f3f64b (commit)


- Log -
commit c0f4400c4051cc26fbe385b6af9fc67e7c66dbdd
Author: Dmitry Belyavskiy 
Date:   Fri Apr 30 11:27:19 2021 +0200

Use OCSP-specific error code for clarity

Fixes #12735

Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/x)

---

Summary of changes:
 crypto/err/openssl.txt   | 1 +
 include/openssl/sslerr.h | 1 +
 ssl/ssl_err.c| 2 ++
 ssl/statem/statem_clnt.c | 3 ++-
 4 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 517ebc0a01..d3e29a5553 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1409,6 +1409,7 @@ SSL_R_NO_VALID_SCTS:216:no valid scts
 SSL_R_NO_VERIFY_COOKIE_CALLBACK:403:no verify cookie callback
 SSL_R_NULL_SSL_CTX:195:null ssl ctx
 SSL_R_NULL_SSL_METHOD_PASSED:196:null ssl method passed
+SSL_R_OCSP_CALLBACK_FAILURE:305:ocsp callback failure
 SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED:197:old session cipher not returned
 SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED:344:\
old session compression algorithm not returned
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
index 7fea8a87b7..30d843cf2d 100644
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@@ -203,6 +203,7 @@
 # define SSL_R_NO_VERIFY_COOKIE_CALLBACK  403
 # define SSL_R_NULL_SSL_CTX   195
 # define SSL_R_NULL_SSL_METHOD_PASSED 196
+# define SSL_R_OCSP_CALLBACK_FAILURE  305
 # define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED197
 # define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
 # define SSL_R_OVERFLOW_ERROR 237
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 357cfc7d94..347b263d69 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -312,6 +312,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
 {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_CTX), "null ssl ctx"},
 {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_METHOD_PASSED),
 "null ssl method passed"},
+{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OCSP_CALLBACK_FAILURE),
+"ocsp callback failure"},
 {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
 "old session cipher not returned"},
 {ERR_PACK(ERR_LIB_SSL, 0, 
SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 2178be95bd..dab4d1c4bc 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2699,7 +2699,8 @@ int tls_process_initial_server_flight(SSL *s)
 return 0;
 }
 if (ret < 0) {
-SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
+SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_R_OCSP_CALLBACK_FAILURE);
 return 0;
 }
 }


[openssl] master update

2021-04-30 Thread beldmit
The branch master has been updated
   via  91034b68b39e3525f09fb263b9272de410a3ba4c (commit)
  from  4489655c23f1f7f412309e25a5b9fd7acf7db3f2 (commit)


- Log -
commit 91034b68b39e3525f09fb263b9272de410a3ba4c
Author: Petr Gotthard 
Date:   Sat Apr 24 12:40:36 2021 +0200

apps/ca,req,x509: Switch to EVP_DigestSignInit_ex

Switch lib/apps.c do_sign_init() to use EVP_DigestSignInit_ex, so it
works with external providers.
Since EVP_DigestSignInit_ex requires a digest name instead of
an EVP_MD pointer, the apps using do_sign_init() had to be modified
to pass char* instead of EVP_MD*.

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/15014)

---

Summary of changes:
 apps/ca.c   | 47 +--
 apps/include/apps.h |  6 +++---
 apps/lib/apps.c | 20 +++-
 apps/req.c  | 19 +--
 apps/x509.c | 32 ++--
 5 files changed, 58 insertions(+), 66 deletions(-)

diff --git a/apps/ca.c b/apps/ca.c
index 2476343fdd..4f125b22a9 100755
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -90,7 +90,7 @@ static char *lookup_conf(const CONF *conf, const char *group, 
const char *tag);
 
 static int certify(X509 **xret, const char *infile, int informat,
EVP_PKEY *pkey, X509 *x509,
-   const EVP_MD *dgst,
+   const char *dgst,
STACK_OF(OPENSSL_STRING) *sigopts,
STACK_OF(OPENSSL_STRING) *vfyopts,
STACK_OF(CONF_VALUE) *policy, CA_DB *db,
@@ -102,7 +102,7 @@ static int certify(X509 **xret, const char *infile, int 
informat,
int default_op, int ext_copy, int selfsign);
 static int certify_cert(X509 **xret, const char *infile, int certformat,
 const char *passin, EVP_PKEY *pkey, X509 *x509,
-const EVP_MD *dgst,
+const char *dgst,
 STACK_OF(OPENSSL_STRING) *sigopts,
 STACK_OF(OPENSSL_STRING) *vfyopts,
 STACK_OF(CONF_VALUE) *policy, CA_DB *db,
@@ -112,7 +112,7 @@ static int certify_cert(X509 **xret, const char *infile, 
int certformat,
 CONF *conf, int verbose, unsigned long certopt,
 unsigned long nameopt, int default_op, int ext_copy);
 static int certify_spkac(X509 **xret, const char *infile, EVP_PKEY *pkey,
- X509 *x509, const EVP_MD *dgst,
+ X509 *x509, const char *dgst,
  STACK_OF(OPENSSL_STRING) *sigopts,
  STACK_OF(CONF_VALUE) *policy, CA_DB *db,
  BIGNUM *serial, const char *subj, unsigned long 
chtype,
@@ -121,7 +121,7 @@ static int certify_spkac(X509 **xret, const char *infile, 
EVP_PKEY *pkey,
  int verbose, unsigned long certopt,
  unsigned long nameopt, int default_op, int ext_copy);
 static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
-   const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+   const char *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,
const char *subj, unsigned long chtype, int multirdn,
int email_dn, const char *startdate, const char *enddate, 
long days,
@@ -270,9 +270,9 @@ int ca_main(int argc, char **argv)
 STACK_OF(OPENSSL_STRING) *sigopts = NULL, *vfyopts = NULL;
 STACK_OF(X509) *cert_sk = NULL;
 X509_CRL *crl = NULL;
-EVP_MD *dgst = NULL;
 char *configfile = default_config_file, *section = NULL;
-char *md = NULL, *policy = NULL, *keyfile = NULL;
+char def_dgst[80] = "";
+char *dgst = NULL, *policy = NULL, *keyfile = NULL;
 char *certfile = NULL, *crl_ext = NULL, *crlnumberfile = NULL;
 int certformat = FORMAT_PEM, informat = FORMAT_PEM;
 const char *infile = NULL, *spkac_file = NULL, *ss_cert_file = NULL;
@@ -291,7 +291,7 @@ int ca_main(int argc, char **argv)
 int batch = 0, default_op = 1, doupdatedb = 0, ext_copy = EXT_COPY_NONE;
 int keyformat = FORMAT_PEM, multirdn = 1, notext = 0, output_der = 0;
 int ret = 1, email_dn = 1, req = 0, verbose = 0, gencrl = 0, dorevoke = 0;
-int rand_ser = 0, i, j, selfsign = 0, def_nid, def_ret;
+int rand_ser = 0, i, j, selfsign = 0, def_ret;
 char *crl_lastupdate = NULL, *crl_nextupdate = NULL;
 long crldays = 0, crlhours = 0, crlsec = 0, days = 0;
 unsigned long chtype = MBSTRING_ASC, certopt = 0;
@@ -358,7 +358,7 @@ opthelp:
 days = atoi(opt_arg());
 break;
 case OPT_MD:
- 

[openssl] master update

2021-04-29 Thread beldmit
The branch master has been updated
   via  0f077b5fd86e2df0b41608fbd5684fa1a2b58f59 (commit)
  from  c404e4fab3b4497a2d04bc9c171c5460b940bf91 (commit)


- Log -
commit 0f077b5fd86e2df0b41608fbd5684fa1a2b58f59
Author: Scott McPeak 
Date:   Thu Apr 22 19:13:09 2021 -0700

asn1_lib.c: ASN1_put_object: Remove comment about "class 0".

ASN1_put_object() was preceded by the nonsensical comment:

  /*
   * class 0 is constructed constructed == 2 for indefinite length 
constructed
   */

This is the result of concatenating two sentences in 0f113f3ee4d by
automated reformatting.  The first sentence, "class 0 is constructed",
goes back to d02b48c63a, the import of SSLeay 0.8.1b.  Even in that
context, it made little sense; class 0 means "universal", not
constructed, and there is no special significance to class 0 in this
function in any case.

Therefore I have simply removed that first sentence.

CLA: trivial

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/14998)

---

Summary of changes:
 crypto/asn1/asn1_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index 72d15acc7e..b1fa6b55a0 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -155,7 +155,7 @@ static int asn1_get_length(const unsigned char **pp, int 
*inf, long *rl,
 }
 
 /*
- * class 0 is constructed constructed == 2 for indefinite length constructed
+ * constructed == 2 for indefinite length constructed
  */
 void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
  int xclass)


[openssl] master update

2021-04-22 Thread beldmit
The branch master has been updated
   via  fc5245a92e96b8bf5f6618b27ad9ca4830bbd96c (commit)
  from  ed82976b43934789b5afa0641236d881b1aedd0e (commit)


- Log -
commit fc5245a92e96b8bf5f6618b27ad9ca4830bbd96c
Author: Hubert Kario 
Date:   Wed Apr 21 14:27:31 2021 +0200

add Changelog item for TLS1.3 FFDHE work

Raja added support for FFDHE in TLS 1.3 in commits 9aaecbfc98eb89,
8e63900a71df38ff, dfa1f5476e86f3 in 2019, reflect this in the changelog.

Reviewed-by: Paul Dale 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/14972)

---

Summary of changes:
 CHANGES.md | 4 
 1 file changed, 4 insertions(+)

diff --git a/CHANGES.md b/CHANGES.md
index 9b4a122e6c..d2d9e01f35 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1718,6 +1718,10 @@ OpenSSL 3.0
 
*Randall S. Becker*
 
+ * Added support for FFDHE key exchange in TLS 1.3.
+
+   *Raja Ashok*
+
 OpenSSL 1.1.1
 -
 


[openssl] master update

2021-04-22 Thread beldmit
The branch master has been updated
   via  6b2978406d050b910a889a33f7a0e14b1217976d (commit)
  from  fc5245a92e96b8bf5f6618b27ad9ca4830bbd96c (commit)


- Log -
commit 6b2978406d050b910a889a33f7a0e14b1217976d
Author: Prcuvu 
Date:   Sat Mar 14 03:59:11 2020 +

e_os.h: Include wspiapi.h to improve Windows backward compatibility

CLA: trivial

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/14550)

---

Summary of changes:
 e_os.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/e_os.h b/e_os.h
index d8bf78c094..b19c4829de 100644
--- a/e_os.h
+++ b/e_os.h
@@ -108,6 +108,7 @@
 */
 #include 
 #include 
+#include 
/* yes, they have to be #included prior to  */
 #   endif
 #   include 


[openssl] master update

2021-04-20 Thread beldmit
The branch master has been updated
   via  a78c7c0bfe56d67022ca18cfabefc73926dde0ae (commit)
   via  99adfa455ccd1abb73e264224c33c09e586776d2 (commit)
   via  606a417fb2b6ce5d1d112f2f3f710c8085744627 (commit)
  from  c39352e4e4952a9f4b2171134af0e015a4d40768 (commit)


- Log -
commit a78c7c0bfe56d67022ca18cfabefc73926dde0ae
Author: Rich Salz 
Date:   Fri Apr 16 11:29:35 2021 -0400

Flip ordering back

Reviewed-by: Richard Levitte 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/14219)

commit 99adfa455ccd1abb73e264224c33c09e586776d2
Author: Rich Salz 
Date:   Thu Apr 15 17:00:57 2021 -0400

Fetch before get-by-name

This causes tests to break.  Pushing it to help others debug.

Reviewed-by: Richard Levitte 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/14219)

commit 606a417fb2b6ce5d1d112f2f3f710c8085744627
Author: Rich Salz 
Date:   Wed Feb 17 16:15:27 2021 -0500

Fetch and free cipher and md's

Reviewed-by: Richard Levitte 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/14219)

---

Summary of changes:
 apps/ca.c  |  5 +++--
 apps/cms.c | 17 ++---
 apps/crl.c |  3 ++-
 apps/dgst.c| 10 ++
 apps/dsa.c |  3 ++-
 apps/ec.c  |  3 ++-
 apps/enc.c |  8 +---
 apps/gendsa.c  |  3 ++-
 apps/genpkey.c |  3 ++-
 apps/genrsa.c  |  3 ++-
 apps/include/opt.h |  4 ++--
 apps/lib/opt.c | 14 ++
 apps/ocsp.c| 14 --
 apps/pkcs12.c  |  9 +
 apps/pkcs8.c   |  9 +
 apps/pkey.c|  3 ++-
 apps/pkeyutl.c |  2 ++
 apps/req.c |  8 +---
 apps/rsa.c |  3 ++-
 apps/smime.c   |  8 +---
 apps/storeutl.c|  3 ++-
 apps/ts.c  |  3 ++-
 apps/x509.c|  3 ++-
 23 files changed, 88 insertions(+), 53 deletions(-)

diff --git a/apps/ca.c b/apps/ca.c
index cec5c8f1ac..6c1df8d2e3 100755
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -270,7 +270,7 @@ int ca_main(int argc, char **argv)
 STACK_OF(OPENSSL_STRING) *sigopts = NULL, *vfyopts = NULL;
 STACK_OF(X509) *cert_sk = NULL;
 X509_CRL *crl = NULL;
-const EVP_MD *dgst = NULL;
+EVP_MD *dgst = NULL;
 char *configfile = default_config_file, *section = NULL;
 char *md = NULL, *policy = NULL, *keyfile = NULL;
 char *certfile = NULL, *crl_ext = NULL, *crlnumberfile = NULL;
@@ -795,7 +795,7 @@ end_of_options:
  */
 if (def_ret == 2 && def_nid == NID_undef) {
 /* The signing algorithm requires there to be no digest */
-dgst = EVP_md_null();
+dgst = (EVP_MD *)EVP_md_null();
 } else if (md == NULL
&& (md = lookup_conf(conf, section, ENV_DEFAULT_MD)) == NULL) {
 goto end;
@@ -1330,6 +1330,7 @@ end_of_options:
 sk_OPENSSL_STRING_free(sigopts);
 sk_OPENSSL_STRING_free(vfyopts);
 EVP_PKEY_free(pkey);
+EVP_MD_free(dgst);
 X509_free(x509);
 X509_CRL_free(crl);
 NCONF_free(conf);
diff --git a/apps/cms.c b/apps/cms.c
index 56f0b37bbf..b55e0063dd 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -276,8 +276,8 @@ int cms_main(int argc, char **argv)
 CMS_ReceiptRequest *rr = NULL;
 ENGINE *e = NULL;
 EVP_PKEY *key = NULL;
-const EVP_CIPHER *cipher = NULL, *wrap_cipher = NULL;
-const EVP_MD *sign_md = NULL;
+EVP_CIPHER *cipher = NULL, *wrap_cipher = NULL;
+EVP_MD *sign_md = NULL;
 STACK_OF(OPENSSL_STRING) *rr_to = NULL, *rr_from = NULL;
 STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
 STACK_OF(X509) *encerts = NULL, *other = NULL;
@@ -679,17 +679,17 @@ int cms_main(int argc, char **argv)
 break;
 case OPT_3DES_WRAP:
 # ifndef OPENSSL_NO_DES
-wrap_cipher = EVP_des_ede3_wrap();
+wrap_cipher = (EVP_CIPHER *)EVP_des_ede3_wrap();
 # endif
 break;
 case OPT_AES128_WRAP:
-wrap_cipher = EVP_aes_128_wrap();
+wrap_cipher = (EVP_CIPHER *)EVP_aes_128_wrap();
 break;
 case OPT_AES192_WRAP:
-wrap_cipher = EVP_aes_192_wrap();
+wrap_cipher = (EVP_CIPHER *)EVP_aes_192_wrap();
 break;
 case OPT_AES256_WRAP:
-wrap_cipher = EVP_aes_256_wrap();
+wrap_cipher = (EVP_CIPHER *)EVP_aes_256_wrap();
 break;
 case OPT_WRAP:
 if (!opt_cipher(opt_unknown(), _cipher))
@@ -803,7 +803,7 @@ int cms_main(int argc, char **argv)
 if (operation == SMIME_ENCRYPT) {
 if (!cipher) {
 # ifndef OPENSSL_NO_DES
-cipher = EVP_des_ede3_cbc();
+cipher = (EVP_CIPHER *)EVP_des_ede3_cbc();
 # else
 BIO_printf(bio_err, "No cipher 

[openssl] master update

2021-04-19 Thread beldmit
The branch master has been updated
   via  5ae52001e115452ca285713feb1c2feaf07902ad (commit)
   via  daf98015aac8bf392cf95edf9a54d845c1c22fd7 (commit)
   via  491a1e3363228e8276ee293a86acd7a961ffe9d3 (commit)
   via  16f2a44435fccbd7466b0659220c765a17e5d0c0 (commit)
   via  96d4ec6724a9ecc5d193172d0cf1a347f428372a (commit)
   via  6afb36342d4bc63a774fd96088ededfc00401e1d (commit)
   via  5fee3fe2760d65a141873601c4b7b9fd2fc5c7b1 (commit)
   via  c4f4cb14e3f06362c2ee9e0e480b816ab46f15b6 (commit)
   via  55aa235e85e156bf71c339804ef317ad4d0f27a5 (commit)
   via  d5a6b54b49905cdb4edfe1e1caf9656896171cb6 (commit)
   via  847f41d97c966707d45da5640792e3bd8f8d23fd (commit)
   via  583a9f1f6b0d0842f8d63a21c335b24494fc67bc (commit)
   via  f1ee757daaf8ea1000c6558abd1ffc8ad5234c09 (commit)
   via  a8368d573e5b4553e7344dd37239da6d72480832 (commit)
   via  a75a87561b491fc9b96b15153eba1f5e142280c5 (commit)
   via  830cd025b199fab165a378884fb5b4373799bde9 (commit)
   via  8557bdde4836b4dc63ad305c9f3c648816a05e86 (commit)
   via  e15eff3aaabe17be37ec42ae7ca342cbf2a2733c (commit)
   via  118faf5ffe2ba495407f482a8d8438b7d266815c (commit)
   via  23f3242ffe8613411714eb9350275371059c7bfe (commit)
   via  1bb381227b432676451ead3f9d4b92352464e9cc (commit)
  from  a4afa6c1d00c027a5afc8974a298e0f54607f1b5 (commit)


- Log -
commit 5ae52001e115452ca285713feb1c2feaf07902ad
Author: Tanzinul Islam 
Date:   Mon Dec 14 23:31:49 2020 +

Remove crypt32.lib from C++Builder configuration

`import32.lib` serves the purpose for most Windows API libraries, including 
this one. For example, with a GNU `grep` utility:

>tdump %BDS%\lib\win32c\release\import32.lib | grep -B 3 -A 1 CertOpenStore
171E32 COMENT  Purge: Yes, List: Yes, Class: 160 (0A0h), SubClass: 1 (01h)
Dynamic link import (IMPDEF)
  Imported by: name
  Internal Name: CertOpenStore
  Module Name: CRYPT32.dll

Reviewed-by: Richard Levitte 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13540)

commit daf98015aac8bf392cf95edf9a54d845c1c22fd7
Author: Tanzinul Islam 
Date:   Sun Dec 13 18:04:43 2020 +

Link with uplink module

The Clang-based `bcc32c.exe` expects AT syntax for inline assembly.
References:
 - 
http://docwiki.embarcadero.com/RADStudio/Sydney/en/Differences_Between_Clang-enhanced_C%2B%2B_Compilers_and_Previous-Generation_C%2B%2B_Compilers#Inline_Assembly
 - https://gcc.gnu.org/onlinedocs/gcc/Extended-Asm.html
 - https://sourceware.org/binutils/docs/as/i386_002dVariations.html

Reviewed-by: Richard Levitte 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13540)

commit 491a1e3363228e8276ee293a86acd7a961ffe9d3
Author: Tanzinul Islam 
Date:   Sun Dec 13 18:01:46 2020 +

Link with .def files

MSVC's `link.exe` automatically finds `__cdecl` C functions (which are
decorated with a leading underscore by the compiler) when they are
mentioned in a `.def` file without the leading underscore.  This is an
[under-documented feature][1] of MSVC's `link.exe`.  C++Builder's
`ilink32.exe` doesn't do this, and thus needs the name-translation in
the `.def` file.  Then `implib.exe` needs to be told to re-add it.

(The Clang-based `bcc32c.exe` doesn't implement the [`-vu` or `-u-`][2]
options to skip adding the leading underscore to `__cdecl` C function
names, so this is the only way to have things work with non-underscored
export names in the DLLs.)

[1]: https://github.com/MicrosoftDocs/cpp-docs/issues/2653
[2]: 
http://docwiki.embarcadero.com/RADStudio/Sydney/en/Options_Not_Supported_by_Clang-enhanced_C%2B%2B_Compilers#BCC32_Options_that_Are_Not_Supported_by_Clang-enhanced_C.2B.2B_Compilers

Also silence linker warnings on duplicate symbols and ensure that error-
case cleanup in link rules work in C++Builder's `make.exe`.

Reviewed-by: Richard Levitte 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13540)

commit 16f2a44435fccbd7466b0659220c765a17e5d0c0
Author: Tanzinul Islam 
Date:   Thu Dec 10 14:53:07 2020 +

Generate dependency information

The Clang-based `bcc32c.exe` doesn't implement the `-Hp` option, so we
have to use [`cpp32.exe`][1] instead.  Therefore, change the dependency-
emitting command to use `$(CPP)` instead of `$(CC)`, which which also
uncovered the [existing bug of `2>&1` before `> $dep`][2].  Also
C++Builder's `make.exe` doesn't implement `2>&1` in its command runner,
so wrap the whole line in a `cmd /C`.

[1]: 
http://docwiki.embarcadero.com/RADStudio/Sydney/en/CPP32.EXE,_the_C_Compiler_Preprocessor
[2]: 

[openssl] master update

2021-03-09 Thread beldmit
The branch master has been updated
   via  896dcda18bf9347deb507f1d3c1f7e17638dd745 (commit)
  from  c99248ea812ddc8df9194ffa2b2c8a31117bcb26 (commit)


- Log -
commit 896dcda18bf9347deb507f1d3c1f7e17638dd745
Author: Dmitry Belyavskiy 
Date:   Mon Mar 8 21:36:10 2021 +0100

Non-const accessor to legacy keys

Fixes #14466.

Reverting the changes of the EVP_PKEY_get0 function.

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/14468)

---

Summary of changes:
 CHANGES.md |  8 ++--
 crypto/evp/p_lib.c | 34 +++---
 doc/man3/EVP_PKEY_set1_RSA.pod |  9 ++---
 include/openssl/evp.h  |  2 +-
 test/threadstest.c |  2 +-
 util/missingcrypto.txt |  1 -
 6 files changed, 37 insertions(+), 19 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index c8f8e503ee..def93b8ff5 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -22,8 +22,12 @@ OpenSSL 3.0
 ---
 
 ### Changes between 1.1.1 and 3.0 [xx XXX ]
+ * The deprecated function EVP_PKEY_get0() now returns NULL being called for a
+   provided key.
 
- * The deprecated functions EVP_PKEY_get0(), EVP_PKEY_get0_RSA(),
+   *Dmitry Belyavskiy*
+
+ * The deprecated functions EVP_PKEY_get0_RSA(),
EVP_PKEY_get0_DSA(), EVP_PKEY_get0_EC_KEY(), EVP_PKEY_get0_DH(),
EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305() and EVP_PKEY_get0_siphash() 
as
well as the similarly named "get1" functions behave slightly differently in
@@ -41,7 +45,7 @@ OpenSSL 3.0
 
For the above reasons the keys returned from these functions should 
typically
be treated as read-only. To emphasise this the value returned from
-   EVP_PKEY_get0(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(),
+   EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(),
EVP_PKEY_get0_EC_KEY() and EVP_PKEY_get0_DH() has been made const. This may
break some existing code. Applications broken by this change should be
modified. The preferred solution is to refactor the code to avoid the use of
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 21fbc2ea4c..30ba8d6428 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -740,12 +740,15 @@ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
 }
 # endif
 
-const void *EVP_PKEY_get0(const EVP_PKEY *pkey)
+void *EVP_PKEY_get0(const EVP_PKEY *pkey)
 {
 if (pkey == NULL)
 return NULL;
 
-return evp_pkey_get_legacy((EVP_PKEY *)pkey);
+if (!evp_pkey_is_provided(pkey))
+return pkey->pkey.ptr;
+
+return NULL;
 }
 
 const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len)
@@ -755,9 +758,12 @@ const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY 
*pkey, size_t *len)
 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_AN_HMAC_KEY);
 return NULL;
 }
-os = EVP_PKEY_get0(pkey);
-*len = os->length;
-return os->data;
+os = evp_pkey_get_legacy((EVP_PKEY *)pkey);
+if (os != NULL) {
+*len = os->length;
+return os->data;
+}
+return NULL;
 }
 
 # ifndef OPENSSL_NO_POLY1305
@@ -768,9 +774,12 @@ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY 
*pkey, size_t *len)
 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_POLY1305_KEY);
 return NULL;
 }
-os = EVP_PKEY_get0(pkey);
-*len = os->length;
-return os->data;
+os = evp_pkey_get_legacy((EVP_PKEY *)pkey);
+if (os != NULL) {
+*len = os->length;
+return os->data;
+}
+return NULL;
 }
 # endif
 
@@ -783,9 +792,12 @@ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY 
*pkey, size_t *len)
 ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_SIPHASH_KEY);
 return NULL;
 }
-os = EVP_PKEY_get0(pkey);
-*len = os->length;
-return os->data;
+os = evp_pkey_get_legacy((EVP_PKEY *)pkey);
+if (os != NULL) {
+*len = os->length;
+return os->data;
+}
+return NULL;
 }
 # endif
 
diff --git a/doc/man3/EVP_PKEY_set1_RSA.pod b/doc/man3/EVP_PKEY_set1_RSA.pod
index 64760b2923..68e13d3480 100644
--- a/doc/man3/EVP_PKEY_set1_RSA.pod
+++ b/doc/man3/EVP_PKEY_set1_RSA.pod
@@ -8,8 +8,9 @@ EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, 
EVP_PKEY_get0_EC_KEY,
 EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH,
 EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH,
 EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash,
-EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type,
-EVP_PKEY_set1_engine, EVP_PKEY_get0_engine - EVP_PKEY assignment functions
+EVP_PKEY_get0, EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id,
+EVP_PKEY_set_alias_type, EVP_PKEY_set1_engine, EVP_PKEY_get0_engine -
+EVP_PKEY assignment functions
 
 =head1 SYNOPSIS
 
@@ -42,6 +43,7 @@ L:
  const DSA 

[openssl] master update

2021-03-06 Thread beldmit
The branch master has been updated
   via  a2c911c2d069b5c6f9e2a8f20764de83a82b1c99 (commit)
  from  9293046fb447b1fd0ef1753017d9db4c3c333860 (commit)


- Log -
commit a2c911c2d069b5c6f9e2a8f20764de83a82b1c99
Author: Dmitry Belyavskiy 
Date:   Fri Mar 5 18:50:37 2021 +0100

Restore GOST macros compatibility with 1.1.1

Fixes #14440

Before IANA assigned the official codes for the GOST signature
algorithms in TLS, the values from the Reserved for Private Use range
were in use in Russia. The old values were renamed.

Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/14448)

---

Summary of changes:
 include/openssl/tls1.h | 5 +
 1 file changed, 5 insertions(+)

diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
index f8e3e9ca0d..10332997de 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -1121,6 +1121,11 @@ int SSL_CTX_set_tlsext_ticket_key_evp_cb
 # define TLS_CT_GOST12_LEGACY_SIGN   238
 # define TLS_CT_GOST12_LEGACY_512_SIGN   239
 
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+#  define TLS_CT_GOST12_SIGN TLS_CT_GOST12_LEGACY_SIGN
+#  define TLS_CT_GOST12_512_SIGN TLS_CT_GOST12_LEGACY_512_SIGN
+# endif
+
 /*
  * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
  * comment there)


[openssl] master update

2021-03-06 Thread beldmit
The branch master has been updated
   via  29ce1066bc54838ecb835244b03d763b55d7fadb (commit)
  from  a7a041c2301fcb7fc2080ddd22a6076060bbaa69 (commit)


- Log -
commit 29ce1066bc54838ecb835244b03d763b55d7fadb
Author: Paul Nelson 
Date:   Wed Feb 10 16:49:19 2021 -0600

Update the demos/README file because it is really old. New demos should 
provide best practice for API use.
Add demonstration for computing a SHA3-512 digest - digest/EVP_MD_demo

Reviewed-by: Paul Dale 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/14150)

---

Summary of changes:
 demos/README.txt|  26 +--
 demos/digest/BIO_f_md.c | 122 +
 demos/digest/EVP_MD_demo.c  | 183 
 demos/digest/EVP_MD_stdin.c | 134 
 demos/digest/Makefile   |  22 ++
 5 files changed, 481 insertions(+), 6 deletions(-)
 create mode 100755 demos/digest/BIO_f_md.c
 create mode 100644 demos/digest/EVP_MD_demo.c
 create mode 100755 demos/digest/EVP_MD_stdin.c
 create mode 100644 demos/digest/Makefile

diff --git a/demos/README.txt b/demos/README.txt
index d2155ef973..cfb2b3c82d 100644
--- a/demos/README.txt
+++ b/demos/README.txt
@@ -1,9 +1,23 @@
-NOTE: Don't expect any of these programs to work with current
-OpenSSL releases, or even with later SSLeay releases.
+OpenSSL Demonstration Applications
 
-Original README:
-=
+This folder contains source code that demonstrates the proper use of the 
OpenSSL
+library API.
 
-Some demo programs sent to me by various people
+bio:  Demonstration of a simple TLS client and server.
 
-eric
+certs:Demonstration of creating certs, using OCSP
+
+ciphers:
+
+cms:
+
+digest:
+EVP_MD_demo.c  Compute a digest from multiple buffers
+EVP_MD_stdin.c Compute a digest with data read from stdin
+EVP_f_md.c Compute a digest using BIO and EVP_f_md
+
+smime:
+
+pkcs12:
+pkread.c   Print out a description of a PKCS12 file.
+pkwrite.c  Add a password to an existing PKCS12 file.
diff --git a/demos/digest/BIO_f_md.c b/demos/digest/BIO_f_md.c
new file mode 100755
index 00..ce1dfcc34a
--- /dev/null
+++ b/demos/digest/BIO_f_md.c
@@ -0,0 +1,122 @@
+/*-
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*-
+ * Example of using EVP_MD_fetch and EVP_Digest* methods to calculate
+ * a digest of static buffers
+ * You can find SHA3 test vectors from NIST here:
+ * 
https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/sha3/sha-3bytetestvectors.zip
+ * For example, contains these lines:
+Len = 80
+Msg = 1ca984dcc913344370cf
+MD = 
6915ea0eeffb99b9b246a0e34daf3947852684c3d618260119a22835659e4f23d4eb66a15d0affb8e93771578f5e8f25b7a5f2a55f511fb8b96325ba2cd14816
+ * use xxd convert the hex message string to binary input for BIO_f_md:
+ * echo "1ca984dcc913344370cf" | xxd -r -p | ./BIO_f_md
+ * and then verify the output matches MD above.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+
+/*-
+ * This demonstration will show how to digest data using
+ * a BIO configured with a message digest
+ * A message digest name may be passed as an argument.
+ * The default digest is SHA3-512
+ */
+
+int main(int argc, char * argv[])
+{
+int result = 1;
+OSSL_LIB_CTX *library_context = NULL;
+BIO *input = NULL;
+BIO *bio_digest = NULL;
+EVP_MD *md = NULL;
+unsigned char buffer[512];
+size_t readct, writect;
+size_t digest_size;
+char *digest_value=NULL;
+int j;
+
+input = BIO_new_fd( fileno(stdin), 1 );
+if (input == NULL) {
+fprintf(stderr, "BIO_new_fd() for stdin returned NULL\n");
+goto cleanup;
+}
+library_context = OSSL_LIB_CTX_new();
+if (library_context == NULL) {
+fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
+goto cleanup;
+}
+
+/*
+ * Fetch a message digest by name
+ * The algorithm name is case insensitive. 
+ * See providers(7) for details about algorithm fetching
+ */
+md = EVP_MD_fetch( library_context, "SHA3-512", NULL );
+if (md == NULL) {
+fprintf(stderr, "EVP_MD_fetch did not find SHA3-512.\n");
+goto cleanup;
+}
+digest_size = EVP_MD_size(md);
+digest_value = OPENSSL_malloc(digest_size);
+if (digest_value == NULL) {
+fprintf(stderr, "Can't allocate %lu bytes 

[openssl] master update

2021-03-01 Thread beldmit
The branch master has been updated
   via  bed963d58d837c5cbf0707bffe250cafffc64690 (commit)
  from  b0aae913246af1d07e728d24f53f55028f61c696 (commit)


- Log -
commit bed963d58d837c5cbf0707bffe250cafffc64690
Author: UndefBehavior 
Date:   Fri Feb 26 13:36:08 2021 +0300

Fix build of /dev/crypto engine with no-dynamic-engine option

CLA: trivial

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/14329)

---

Summary of changes:
 engines/e_devcrypto.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/engines/e_devcrypto.c b/engines/e_devcrypto.c
index e1c4372f72..76255a978d 100644
--- a/engines/e_devcrypto.c
+++ b/engines/e_devcrypto.c
@@ -1361,7 +1361,6 @@ void engine_load_devcrypto_int(void)
  */
 ERR_pop_to_mark();
 }
-}
 
 #else
 


[openssl] master update

2021-02-23 Thread beldmit
The branch master has been updated
   via  444b25b1e96fa444ffe3a67671796cfc1b599735 (commit)
  from  f16f363a85baa6338744e20671c5a227844f2847 (commit)


- Log -
commit 444b25b1e96fa444ffe3a67671796cfc1b599735
Author: Shane Lontis 
Date:   Mon Feb 22 13:03:21 2021 +1000

Add back in legacy paths for d2i_PrivateKey/d2i_AutoPrivateKey.

Fixes #14263

If the new decoder code fails, it now falls back to the old legacy code
and tries that also.
Tested manually using gost engine master.

Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/14266)

---

Summary of changes:
 crypto/asn1/d2i_pr.c | 84 
 1 file changed, 79 insertions(+), 5 deletions(-)

diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index c657f0f3a7..4da5a0c9be 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -23,9 +23,9 @@
 #include "crypto/evp.h"
 #include "internal/asn1.h"
 
-EVP_PKEY *d2i_PrivateKey_ex(int keytype, EVP_PKEY **a, const unsigned char 
**pp,
-long length, OSSL_LIB_CTX *libctx,
-const char *propq)
+static EVP_PKEY *
+d2i_PrivateKey_decoder(int keytype, EVP_PKEY **a, const unsigned char **pp,
+   long length, OSSL_LIB_CTX *libctx, const char *propq)
 {
 OSSL_DECODER_CTX *dctx = NULL;
 size_t len = length;
@@ -44,6 +44,8 @@ EVP_PKEY *d2i_PrivateKey_ex(int keytype, EVP_PKEY **a, const 
unsigned char **pp,
 ppkey = a;
 
 for (i = 0;  i < (int)OSSL_NELEM(input_structures); ++i) {
+const unsigned char *p = *pp;
+
 dctx = OSSL_DECODER_CTX_new_for_pkey(ppkey, "DER",
  input_structures[i], key_name,
  EVP_PKEY_KEYPAIR, libctx, propq);
@@ -56,6 +58,7 @@ EVP_PKEY *d2i_PrivateKey_ex(int keytype, EVP_PKEY **a, const 
unsigned char **pp,
 if (*ppkey != NULL
 && evp_keymgmt_util_has(*ppkey, 
OSSL_KEYMGMT_SELECT_PRIVATE_KEY))
 return *ppkey;
+*pp = p;
 goto err;
 }
 }
@@ -132,12 +135,77 @@ EVP_PKEY *evp_privatekey_from_binary(int keytype, 
EVP_PKEY **a,
 return NULL;
 }
 
+EVP_PKEY *d2i_PrivateKey_ex(int keytype, EVP_PKEY **a, const unsigned char 
**pp,
+long length, OSSL_LIB_CTX *libctx,
+const char *propq)
+{
+EVP_PKEY *ret;
+
+ret = d2i_PrivateKey_decoder(keytype, a, pp, length, libctx, propq);
+/* try the legacy path if the decoder failed */
+if (ret == NULL)
+ret = evp_privatekey_from_binary(keytype, a, pp, length, libctx, 
propq);
+return ret;
+}
+
 EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
  long length)
 {
 return d2i_PrivateKey_ex(type, a, pp, length, NULL, NULL);
 }
 
+static EVP_PKEY *d2i_AutoPrivateKey_legacy(EVP_PKEY **a,
+   const unsigned char **pp,
+   long length,
+   OSSL_LIB_CTX *libctx,
+   const char *propq)
+{
+STACK_OF(ASN1_TYPE) *inkey;
+const unsigned char *p;
+int keytype;
+
+p = *pp;
+/*
+ * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
+ * analyzing it we can determine the passed structure: this assumes the
+ * input is surrounded by an ASN1 SEQUENCE.
+ */
+inkey = d2i_ASN1_SEQUENCE_ANY(NULL, , length);
+p = *pp;
+/*
+ * Since we only need to discern "traditional format" RSA and DSA keys we
+ * can just count the elements.
+ */
+if (sk_ASN1_TYPE_num(inkey) == 6) {
+keytype = EVP_PKEY_DSA;
+} else if (sk_ASN1_TYPE_num(inkey) == 4) {
+keytype = EVP_PKEY_EC;
+} else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
+  * traditional format */
+PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, , length);
+EVP_PKEY *ret;
+
+sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
+if (p8 == NULL) {
+ERR_raise(ERR_LIB_ASN1, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+return NULL;
+}
+ret = EVP_PKCS82PKEY_ex(p8, libctx, propq);
+

[openssl] master update

2021-02-18 Thread beldmit
The branch master has been updated
   via  5d8ffebbcdf4992d3c428201b1f3330020bbe92e (commit)
  from  0b3139e815d3d14c4d7506488add6e02a2b682ec (commit)


- Log -
commit 5d8ffebbcdf4992d3c428201b1f3330020bbe92e
Author: Sahana Prasad 
Date:   Mon Jan 25 14:44:29 2021 +0100

DH: Make DH_bits(), DH_size(), and DH_security_bits() check that there are 
key parameters

Fixes #13569
Signed-off-by: Sahana Prasad 

Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13955)

---

Summary of changes:
 crypto/dh/dh_lib.c   | 12 +---
 doc/man3/DH_size.pod |  9 ++---
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index e8a66878ab..46aba02bad 100644
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -187,12 +187,16 @@ void *DH_get_ex_data(const DH *d, int idx)
 
 int DH_bits(const DH *dh)
 {
-return BN_num_bits(dh->params.p);
+if (dh->params.p != NULL)
+return BN_num_bits(dh->params.p);
+return -1;
 }
 
 int DH_size(const DH *dh)
 {
-return BN_num_bytes(dh->params.p);
+if (dh->params.p != NULL)
+return BN_num_bytes(dh->params.p);
+return -1;
 }
 
 int DH_security_bits(const DH *dh)
@@ -204,7 +208,9 @@ int DH_security_bits(const DH *dh)
 N = dh->length;
 else
 N = -1;
-return BN_security_bits(BN_num_bits(dh->params.p), N);
+if (dh->params.p != NULL)
+return BN_security_bits(BN_num_bits(dh->params.p), N);
+return -1;
 }
 
 void DH_get0_pqg(const DH *dh,
diff --git a/doc/man3/DH_size.pod b/doc/man3/DH_size.pod
index 099c1bad3f..99e34034f2 100644
--- a/doc/man3/DH_size.pod
+++ b/doc/man3/DH_size.pod
@@ -38,11 +38,14 @@ key. See L.
 
 =head1 RETURN VALUES
 
-DH_bits() returns the number of bits in the key.
+DH_bits() returns the number of bits in the key, or -1 if
+B doesn't hold any key parameters.
 
-DH_size() returns the prime size of Diffie-Hellman in bytes.
+DH_size() returns the prime size of Diffie-Hellman in bytes, or -1 if
+B doesn't hold any key parameters.
 
-DH_security_bits() returns the number of security bits.
+DH_security_bits() returns the number of security bits, or -1 if
+B doesn't hold any key parameters.
 
 =head1 SEE ALSO
 


[openssl] master update

2021-02-17 Thread beldmit
The branch master has been updated
   via  b51bed05c2ab54a1933b5c18862e68cd4540278c (commit)
   via  d44a8a16c8a2851af7f70575ff3dd23cc06f30e1 (commit)
  from  fe75766c9c2919f649df7b3ad209df2bc5e56dd0 (commit)


- Log -
commit b51bed05c2ab54a1933b5c18862e68cd4540278c
Author: Dr. David von Oheimb 
Date:   Sun Feb 14 20:25:42 2021 +0100

apps/cmp.c: Improve initialization of ext_ctx structure w.r.t. CSR

Also improve doc how the -reqexts option affects the CSR given with the 
-csr option.

Reviewed-by: David von Oheimb 
Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/14181)

commit d44a8a16c8a2851af7f70575ff3dd23cc06f30e1
Author: Dr. David von Oheimb 
Date:   Sun Feb 14 20:12:38 2021 +0100

apps/ca.c: Make sure ext_ctx structure gets initialized

Fixes #14175

Reviewed-by: David von Oheimb 
Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/14181)

---

Summary of changes:
 apps/ca.c   | 11 +
 apps/cmp.c  | 54 +++--
 doc/man1/openssl-cmp.pod.in |  2 ++
 3 files changed, 37 insertions(+), 30 deletions(-)

diff --git a/apps/ca.c b/apps/ca.c
index 29f62f86f2..dbb4d15eb8 100755
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -863,6 +863,7 @@ end_of_options:
 if (extensions != NULL) {
 /* Check syntax of config file section */
 X509V3_CTX ctx;
+
 X509V3_set_ctx_test();
 X509V3_set_nconf(, conf);
 if (!X509V3_EXT_add_nconf(conf, , extensions, NULL)) {
@@ -1141,6 +1142,7 @@ end_of_options:
 if (crl_ext != NULL) {
 /* Check syntax of file */
 X509V3_CTX ctx;
+
 X509V3_set_ctx_test();
 X509V3_set_nconf(, conf);
 if (!X509V3_EXT_add_nconf(conf, , crl_ext, NULL)) {
@@ -1230,6 +1232,7 @@ end_of_options:
 
 if (crl_ext != NULL || crlnumberfile != NULL) {
 X509V3_CTX crlctx;
+
 X509V3_set_ctx(, x509, NULL, NULL, crl, 0);
 X509V3_set_nconf(, conf);
 
@@ -1697,12 +1700,12 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 
*x509,
 if (!i)
 goto end;
 
+/* Initialize the context structure */
+X509V3_set_ctx(_ctx, selfsign ? ret : x509,
+   ret, req, NULL, X509V3_CTX_REPLACE);
+
 /* Lets add the extensions, if there are any */
 if (ext_sect) {
-/* Initialize the context structure */
-X509V3_set_ctx(_ctx, selfsign ? ret : x509,
-   ret, req, NULL, X509V3_CTX_REPLACE);
-
 if (extfile_conf != NULL) {
 if (verbose)
 BIO_printf(bio_err, "Extra configuration file found\n");
diff --git a/apps/cmp.c b/apps/cmp.c
index 1dbd1f7339..887ec5d22e 100644
--- a/apps/cmp.c
+++ b/apps/cmp.c
@@ -1601,6 +1601,10 @@ static int setup_protection_ctx(OSSL_CMP_CTX *ctx, 
ENGINE *engine)
  */
 static int setup_request_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine)
 {
+X509_REQ *csr = NULL;
+X509_EXTENSIONS *exts = NULL;
+X509V3_CTX ext_ctx;
+
 if (opt_subject == NULL
 && opt_csr == NULL && opt_oldcert == NULL && opt_cert == NULL
 && opt_cmd != CMP_RR && opt_cmd != CMP_GENM)
@@ -1648,30 +1652,41 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx, ENGINE 
*engine)
 return 0;
 }
 
+if (opt_csr != NULL) {
+if (opt_cmd == CMP_GENM) {
+CMP_warn("-csr option is ignored for genm command");
+} else {
+csr = load_csr_autofmt(opt_csr, "PKCS#10 CSR for p10cr");
+if (csr == NULL)
+return 0;
+if (!OSSL_CMP_CTX_set1_p10CSR(ctx, csr)) {
+X509_REQ_free(csr);
+goto oom;
+}
+}
+}
 if (opt_reqexts != NULL || opt_policies != NULL) {
-X509V3_CTX ext_ctx;
-X509_EXTENSIONS *exts = sk_X509_EXTENSION_new_null();
-
-if (exts == NULL)
-return 0;
-X509V3_set_ctx(_ctx, NULL, NULL, NULL, NULL, 0);
+if ((exts = sk_X509_EXTENSION_new_null()) == NULL)
+goto exts_err;
+X509V3_set_ctx(_ctx, NULL, NULL, csr, NULL, X509V3_CTX_REPLACE);
 X509V3_set_nconf(_ctx, conf);
 if (opt_reqexts != NULL
 && !X509V3_EXT_add_nconf_sk(conf, _ctx, opt_reqexts, )) {
 CMP_err1("cannot load certificate request extension section '%s'",
  opt_reqexts);
-sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
-return 0;
+goto exts_err;
 }
 if (opt_policies != NULL
 && !X509V3_EXT_add_nconf_sk(conf, _ctx, opt_policies, )) {
   

[openssl] master update

2021-02-04 Thread beldmit
The branch master has been updated
   via  a7246ea645b5d4c5ca7bde3dad4fcd6e63e11896 (commit)
  from  d53b437f9992f974c1623e9b9b9bdf053aefbcc3 (commit)


- Log -
commit a7246ea645b5d4c5ca7bde3dad4fcd6e63e11896
Author: Dmitry Belyavskiy 
Date:   Fri Jan 22 14:54:09 2021 +0100

DH/DHX parameter check using pkeyparam

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/13930)

---

Summary of changes:
 test/recipes/20-test_dhparam_check.t   | 84 ++
 .../20-test_dhparam_check_data/valid/dh5114_1.pem  |  8 +++
 .../20-test_dhparam_check_data/valid/dh5114_2.pem  | 14 
 .../20-test_dhparam_check_data/valid/dh5114_3.pem  | 14 
 .../valid/dh_p1024_t1862.pem   |  8 +++
 .../valid/dh_p2048_t1862.pem   | 13 
 .../valid/dh_p2048_t1864.pem   | 13 
 .../valid/dh_p3072_t1862.pem   | 19 +
 .../valid/dhx_p1024_q160_t1862.pem |  9 +++
 .../valid/dhx_p1024_q160_t1864.pem |  9 +++
 .../valid/dhx_p1024_q224_t1862.pem |  9 +++
 .../valid/dhx_p1024_q256_t1862.pem | 10 +++
 .../valid/dhx_p2048_q160_t1862.pem | 15 
 .../valid/dhx_p2048_q224_t1862.pem | 15 
 .../valid/dhx_p2048_q224_t1864.pem | 15 
 .../valid/dhx_p2048_q256_t1862.pem | 15 
 .../valid/dhx_p2048_q256_t1864.pem | 15 
 .../valid/dhx_p3072_q160_t1862.pem | 20 ++
 .../valid/dhx_p3072_q224_t1862.pem | 20 ++
 .../valid/dhx_p3072_q256_t1862.pem | 20 ++
 20 files changed, 345 insertions(+)
 create mode 100644 test/recipes/20-test_dhparam_check.t
 create mode 100644 test/recipes/20-test_dhparam_check_data/valid/dh5114_1.pem
 create mode 100644 test/recipes/20-test_dhparam_check_data/valid/dh5114_2.pem
 create mode 100644 test/recipes/20-test_dhparam_check_data/valid/dh5114_3.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dh_p1024_t1862.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dh_p2048_t1862.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dh_p2048_t1864.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dh_p3072_t1862.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dhx_p1024_q160_t1862.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dhx_p1024_q160_t1864.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dhx_p1024_q224_t1862.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dhx_p1024_q256_t1862.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dhx_p2048_q160_t1862.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dhx_p2048_q224_t1862.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dhx_p2048_q224_t1864.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dhx_p2048_q256_t1862.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dhx_p2048_q256_t1864.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dhx_p3072_q160_t1862.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dhx_p3072_q224_t1862.pem
 create mode 100644 
test/recipes/20-test_dhparam_check_data/valid/dhx_p3072_q256_t1862.pem

diff --git a/test/recipes/20-test_dhparam_check.t 
b/test/recipes/20-test_dhparam_check.t
new file mode 100644
index 00..97e1506d8a
--- /dev/null
+++ b/test/recipes/20-test_dhparam_check.t
@@ -0,0 +1,84 @@
+#! /usr/bin/env perl
+# Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+use strict;
+use warnings;
+
+use File::Spec;
+use OpenSSL::Glob;
+use OpenSSL::Test qw/:DEFAULT data_file/;
+use OpenSSL::Test::Utils;
+
+setup("test_dhparam_check");
+
+plan skip_all => "DH isn't supported in this build"
+if disabled("dh");
+
+=pod Generation script
+
+#!/bin/sh
+
+TESTDIR=test/recipes/20-test_dhparam_check_data/valid
+rm -rf $TESTDIR
+mkdir -p $TESTDIR
+
+./util/opensslwrap.sh genpkey -genparam -algorithm DH -pkeyopt dh_rfc5114:1 
-out $TESTDIR/dh5114_1.pem
+./util/opensslwrap.sh genpkey -genparam -algorithm DH -pkeyopt dh_rfc5114:2 
-out $TESTDIR/dh5114_2.pem
+./util/opensslwrap.sh genpkey -genparam -algorithm DH -pkeyopt dh_rfc5114:3 
-out $TESTDIR/dh5114_3.pem
+
+./util/opensslwrap.sh genpkey -genparam -algorithm DH -pkeyopt pbits:1024 
-pkeyopt type:fips186_2 -out 

[openssl] master update

2021-02-02 Thread beldmit
The branch master has been updated
   via  d3372c2f35495d0c61ab09daf7fba3ecbbb595aa (commit)
  from  6aab42c39060c7aa39d96c7a265ddc661cea2ed8 (commit)


- Log -
commit d3372c2f35495d0c61ab09daf7fba3ecbbb595aa
Author: Job Snijders 
Date:   Sun Jan 24 14:00:02 2021 +

Add some PKIX-RPKI objects

References:

RFC6482 - A Profile for Route Origin Authorizations (ROAs)
RFC6484 - Certificate Policy (CP) for the RPKI
RFC6493 - The RPKI Ghostbusters Record
RFC8182 - The RPKI Repository Delta Protocol (RRDP)
RFC8360 - RPKI Validation Reconsidered
draft-ietf-sidrops-rpki-rta - A profile for RTAs

CLA: trivial

Reviewed-by: Paul Dale 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13948)

---

Summary of changes:
 crypto/objects/obj_dat.h   | 70 ++
 crypto/objects/obj_mac.num | 12 
 crypto/objects/objects.txt | 15 +-
 fuzz/oids.txt  | 12 
 include/openssl/obj_mac.h  | 51 +
 5 files changed, 154 insertions(+), 6 deletions(-)

diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index 1b852e6dfa..697cd527b3 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -10,7 +10,7 @@
  */
 
 /* Serialized OID's */
-static const unsigned char so[7947] = {
+static const unsigned char so[8054] = {
 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [0] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,/* [6] OBJ_pkcs */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,   /* [   13] OBJ_md2 */
@@ -1101,9 +1101,21 @@ static const unsigned char so[7947] = {
 0x2A,0x85,0x03,0x64,0x71,0x04, /* [ 7928] 
OBJ_classSignToolKB1 */
 0x2A,0x85,0x03,0x64,0x71,0x05, /* [ 7934] 
OBJ_classSignToolKB2 */
 0x2A,0x85,0x03,0x64,0x71,0x06, /* [ 7940] 
OBJ_classSignToolKA1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x18,  /* [ 7946] 
OBJ_id_ct_routeOriginAuthz */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1A,  /* [ 7957] 
OBJ_id_ct_rpkiManifest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x23,  /* [ 7968] 
OBJ_id_ct_rpkiGhostbusters */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x24,  /* [ 7979] 
OBJ_id_ct_resourceTaggedAttest */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0E,/* [ 7990] OBJ_id_cp */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x1C,   /* [ 7997] 
OBJ_sbgp_ipAddrBlockv2 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x1D,   /* [ 8005] 
OBJ_sbgp_autonomousSysNumv2 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0E,0x02,   /* [ 8013] 
OBJ_ipAddr_asNumber */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0E,0x03,   /* [ 8021] 
OBJ_ipAddr_asNumberv2 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x0A,   /* [ 8029] OBJ_rpkiManifest 
*/
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x0B,   /* [ 8037] OBJ_signedObject 
*/
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x0D,   /* [ 8045] OBJ_rpkiNotify */
 };
 
-#define NUM_NID 1234
+#define NUM_NID 1246
 static const ASN1_OBJECT nid_objs[NUM_NID] = {
 {"UNDEF", "undefined", NID_undef},
 {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, [0]},
@@ -2339,9 +2351,21 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
 {"classSignToolKB1", "Class of Signing Tool KB1", NID_classSignToolKB1, 6, 
[7928]},
 {"classSignToolKB2", "Class of Signing Tool KB2", NID_classSignToolKB2, 6, 
[7934]},
 {"classSignToolKA1", "Class of Signing Tool KA1", NID_classSignToolKA1, 6, 
[7940]},
+{"id-ct-routeOriginAuthz", "id-ct-routeOriginAuthz", 
NID_id_ct_routeOriginAuthz, 11, [7946]},
+{"id-ct-rpkiManifest", "id-ct-rpkiManifest", NID_id_ct_rpkiManifest, 11, 
[7957]},
+{"id-ct-rpkiGhostbusters", "id-ct-rpkiGhostbusters", 
NID_id_ct_rpkiGhostbusters, 11, [7968]},
+{"id-ct-resourceTaggedAttest", "id-ct-resourceTaggedAttest", 
NID_id_ct_resourceTaggedAttest, 11, [7979]},
+{"id-cp", "id-cp", NID_id_cp, 7, [7990]},
+{"sbgp-ipAddrBlockv2", "sbgp-ipAddrBlockv2", NID_sbgp_ipAddrBlockv2, 8, 
[7997]},
+{"sbgp-autonomousSysNumv2", "sbgp-autonomousSysNumv2", 
NID_sbgp_autonomousSysNumv2, 8, [8005]},
+{"ipAddr-asNumber", "ipAddr-asNumber", NID_ipAddr_asNumber, 8, [8013]},
+{"ipAddr-asNumberv2", "ipAddr-asNumberv2", NID_ipAddr_asNumberv2, 8, 
[8021]},
+{"rpkiManifest", "RPKI Manifest", NID_rpkiManifest, 8, [8029]},
+{"signedObject", "Signed Object", NID_signedObject, 8, [8037]},
+{"rpkiNotify", "RPKI Notify", NID_rpkiNotify, 8, [8045]},
 };
 
-#define NUM_SN 1225
+#define NUM_SN 1237
 static const unsigned int sn_objs[NUM_SN] = {
  364,/* "AD_DVCS" */
  419,/* "AES-128-CBC" */
@@ -2951,7 +2975,12 @@ static const unsigned int sn_objs[NUM_SN] 

[openssl] OpenSSL_1_1_1-stable update

2021-01-14 Thread beldmit
The branch OpenSSL_1_1_1-stable has been updated
   via  2a9785c252df6836da90da33aaeed8edb506e556 (commit)
  from  cfd7225fbb9507b2e443a494459bdaab5236d29d (commit)


- Log -
commit 2a9785c252df6836da90da33aaeed8edb506e556
Author: Dmitry Belyavskiy 
Date:   Wed Jan 13 08:51:39 2021 +0100

Skip BOM when reading the config file

Fixes #13840

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/13857)

(cherry picked from commit 4369a882a565c42673b28c586a5c46a8bca98d17)

---

Summary of changes:
 crypto/conf/conf_def.c | 14 ++
 1 file changed, 14 insertions(+)

diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 3d710f12ae..c097ec1286 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -185,6 +185,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
 BUF_MEM *buff = NULL;
 char *s, *p, *end;
 int again;
+int first_call = 1;
 long eline = 0;
 char btmp[DECIMAL_SIZE(eline) + 1];
 CONF_VALUE *v = NULL, *tv;
@@ -233,6 +234,19 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
 BIO_gets(in, p, CONFBUFSIZE - 1);
 p[CONFBUFSIZE - 1] = '\0';
 ii = i = strlen(p);
+if (first_call) {
+/* Other BOMs imply unsupported multibyte encoding,
+ * so don't strip them and let the error raise */
+const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF};
+
+if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) {
+memmove(p, p + 3, i - 3);
+p[i - 3] = 0;
+i -= 3;
+ii -= 3;
+}
+first_call = 0;
+}
 if (i == 0 && !again) {
 /* the currently processed BIO is at EOF */
 BIO *parent;


[openssl] master update

2021-01-14 Thread beldmit
The branch master has been updated
   via  4369a882a565c42673b28c586a5c46a8bca98d17 (commit)
  from  5eb24fbd1c3e0d130ba7f81f1ccf457a2b9d75ad (commit)


- Log -
commit 4369a882a565c42673b28c586a5c46a8bca98d17
Author: Dmitry Belyavskiy 
Date:   Wed Jan 13 08:51:39 2021 +0100

Skip BOM when reading the config file

Fixes #13840

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/13857)

---

Summary of changes:
 crypto/conf/conf_def.c | 14 ++
 1 file changed, 14 insertions(+)

diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index a7f5677a26..99063eaf68 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -194,6 +194,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
 BUF_MEM *buff = NULL;
 char *s, *p, *end;
 int again;
+int first_call = 1;
 long eline = 0;
 char btmp[DECIMAL_SIZE(eline) + 1];
 CONF_VALUE *v = NULL, *tv;
@@ -243,6 +244,19 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
 goto err;
 p[CONFBUFSIZE - 1] = '\0';
 ii = i = strlen(p);
+if (first_call) {
+/* Other BOMs imply unsupported multibyte encoding,
+ * so don't strip them and let the error raise */
+const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF};
+
+if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) {
+memmove(p, p + 3, i - 3);
+p[i - 3] = 0;
+i -= 3;
+ii -= 3;
+}
+first_call = 0;
+}
 if (i == 0 && !again) {
 /* the currently processed BIO is NULL or at EOF */
 BIO *parent;


[openssl] master update

2021-01-09 Thread beldmit
The branch master has been updated
   via  e211d949cd5737e53cd3399e6a88453930768b98 (commit)
  from  42141197a107ef9cd297a7755fece569b84016b8 (commit)


- Log -
commit e211d949cd5737e53cd3399e6a88453930768b98
Author: Sahana Prasad 
Date:   Fri Jan 8 16:26:21 2021 +0100

doc/man7/provider.pod: updates providers to use EVP_MD_free() and 
EVP_CIPHER_free()
instead of EVP_MD_meth_free() and EVP_CIPHER_meth_free() respectively which 
are used mostly by the engine (legacy) code.

Signed-off-by: Sahana Prasad 

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13814)

---

Summary of changes:
 doc/man7/provider.pod | 16 
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/doc/man7/provider.pod b/doc/man7/provider.pod
index 2eb396fad3..18a80eff5a 100644
--- a/doc/man7/provider.pod
+++ b/doc/man7/provider.pod
@@ -324,34 +324,34 @@ Fetch any available implementation of SHA2-256 in the 
default context:
 
  EVP_MD *md = EVP_MD_fetch(NULL, "SHA2-256", NULL);
  ...
- EVP_MD_meth_free(md);
+ EVP_MD_free(md);
 
 Fetch any available implementation of AES-128-CBC in the default context:
 
  EVP_CIPHER *cipher = EVP_CIPHER_fetch(NULL, "AES-128-CBC", NULL);
  ...
- EVP_CIPHER_meth_free(cipher);
+ EVP_CIPHER_free(cipher);
 
 Fetch an implementation of SHA2-256 from the default provider in the default
 context:
 
  EVP_MD *md = EVP_MD_fetch(NULL, "SHA2-256", "provider=default");
  ...
- EVP_MD_meth_free(md);
+ EVP_MD_free(md);
 
 Fetch an implementation of SHA2-256 that is not from the default provider in 
the
 default context:
 
  EVP_MD *md = EVP_MD_fetch(NULL, "SHA2-256", "provider!=default");
  ...
- EVP_MD_meth_free(md);
+ EVP_MD_free(md);
 
 Fetch an implementation of SHA2-256 from the default provider in the specified
 context:
 
  EVP_MD *md = EVP_MD_fetch(ctx, "SHA2-256", "provider=default");
  ...
- EVP_MD_meth_free(md);
+ EVP_MD_free(md);
 
 Load the legacy provider into the default context and then fetch an
 implementation of WHIRLPOOL from it:
@@ -361,7 +361,7 @@ implementation of WHIRLPOOL from it:
 
  EVP_MD *md = EVP_MD_fetch(NULL, "WHIRLPOOL", "provider=legacy");
  ...
- EVP_MD_meth_free(md);
+ EVP_MD_free(md);
 
 Note that in the above example the property string "provider=legacy" is 
optional
 since, assuming no other providers have been loaded, the only implementation of
@@ -376,8 +376,8 @@ other providers:
  EVP_MD *md_whirlpool = EVP_MD_fetch(NULL, "whirlpool", NULL);
  EVP_MD *md_sha256 = EVP_MD_fetch(NULL, "SHA2-256", NULL);
  ...
- EVP_MD_meth_free(md_whirlpool);
- EVP_MD_meth_free(md_sha256);
+ EVP_MD_free(md_whirlpool);
+ EVP_MD_free(md_sha256);
 
 
 =head1 SEE ALSO


[openssl] master update

2020-12-31 Thread beldmit
The branch master has been updated
   via  ea08f8b294d129371536649463c76a81dc4d4e55 (commit)
   via  49fff26d674adb65f3532eec4f0f37369b41a594 (commit)
   via  db6bcc81ab86fca74730566f0b471a7c3757c95c (commit)
   via  d5e742de653954bfae88f0e5f6c8f0a7a5f6c437 (commit)
  from  30af356df487b2dad571be15574b454daf70743c (commit)


- Log -
commit ea08f8b294d129371536649463c76a81dc4d4e55
Author: Matt Caswell 
Date:   Wed Dec 23 11:35:54 2020 +

Add a test for the new CRYPTO_atomic_* functions

Also tests the older CRYPTO_atomic_add() which was without a test

Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13733)

commit 49fff26d674adb65f3532eec4f0f37369b41a594
Author: Matt Caswell 
Date:   Wed Dec 23 11:15:03 2020 +

Add documentation for CRYPTO_atomic_or and CRYPTO_atomic_load

Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13733)

commit db6bcc81ab86fca74730566f0b471a7c3757c95c
Author: Matt Caswell 
Date:   Tue Dec 22 17:44:07 2020 +

Optimise OPENSSL_init_crypto

If everything has already been initialised we can check this with a
single test at the beginning of OPENSSL_init_crypto() and therefore
reduce the amount of time spent in this function. Since this is called
via very many codepaths this should have significant performance benefits.

Partially fixes #13725 and #13578

Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13733)

commit d5e742de653954bfae88f0e5f6c8f0a7a5f6c437
Author: Matt Caswell 
Date:   Tue Dec 22 17:43:07 2020 +

Add some more CRYPTO_atomic functions

We add an implementation for CRYPTO_atomic_or() and CRYPTO_atomic_load()

Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13733)

---

Summary of changes:
 crypto/init.c   | 38 +++
 crypto/threads_none.c   | 16 
 crypto/threads_pthread.c| 50 +++-
 crypto/threads_win.c| 19 --
 doc/man3/CRYPTO_THREAD_run_once.pod | 43 -
 include/openssl/crypto.h.in |  3 ++
 test/threadstest.c  | 76 +
 util/libcrypto.num  |  2 +
 8 files changed, 233 insertions(+), 14 deletions(-)

diff --git a/crypto/init.c b/crypto/init.c
index f1100df169..50aec32c3d 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -34,6 +34,7 @@
 #include 
 
 static int stopped = 0;
+static uint64_t optsdone = 0;
 
 typedef struct ossl_init_stop_st OPENSSL_INIT_STOP;
 struct ossl_init_stop_st {
@@ -464,6 +465,28 @@ void OPENSSL_cleanup(void)
  */
 int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
 {
+uint64_t tmp;
+int aloaddone = 0;
+
+/*
+ * We ignore failures from this function. It is probably because we are
+ * on a platform that doesn't support lockless atomic loads (we may not
+ * have created init_lock yet so we can't use it). This is just an
+ * optimisation to skip the full checks in this function if we don't need
+ * to, so we carry on regardless in the event of failure.
+ *
+ * There could be a race here with other threads, so that optsdone has not
+ * been updated yet, even though the options have in fact been initialised.
+ * This doesn't matter - it just means we will run the full function
+ * unnecessarily - but all the critical code is contained in RUN_ONCE
+ * functions anyway so we are safe.
+ */
+if (CRYPTO_atomic_load(, , NULL)) {
+if ((tmp & opts) == opts)
+return 1;
+aloaddone = 1;
+}
+
 /*
  * TODO(3.0): This function needs looking at with a view to moving most/all
  * of this into OSSL_LIB_CTX.
@@ -492,6 +515,18 @@ int OPENSSL_init_crypto(uint64_t opts, const 
OPENSSL_INIT_SETTINGS *settings)
 if (opts & OPENSSL_INIT_BASE_ONLY)
 return 1;
 
+/*
+ * init_lock should definitely be set up now, so we can now repeat the
+ * same check from above but be sure that it will work even on platforms
+ * without lockless CRYPTO_atomic_load
+ */
+if (!aloaddone) {
+if (!CRYPTO_atomic_load(, , init_lock))
+return 0;
+if ((tmp & opts) == opts)
+return 1;
+}
+
 /*
  * Now we don't always set up exit handlers, the INIT_BASE_ONLY calls
  * should not have the side-effect of setting up exit handlers, and
@@ -614,6 +649,9 @@ int OPENSSL_init_crypto(uint64_t opts, const 
OPENSSL_INIT_SETTINGS *settings)
 return 0;
 #endif
 
+if (!CRYPTO_atomic_or(, opts, , init_lock))
+return 0;
+
 return 1;
 }
 
diff --git 

[openssl] master update

2020-12-30 Thread beldmit
The branch master has been updated
   via  30af356df487b2dad571be15574b454daf70743c (commit)
  from  ae031148fde2b55238d56dcbe4ac05625382d970 (commit)


- Log -
commit 30af356df487b2dad571be15574b454daf70743c
Author: Matt Caswell 
Date:   Wed Dec 23 16:30:36 2020 +

Don't call EVP_CIPHER_CTX_block_size() to find the block size

The EVP lib was calling EVP_CIPHER_CTX_block_size(), which in turn calls
EVP_CIPHER_block_size() in order to find the block_size in every
EVP_EncryptUpdate() call. This adds a surprising amount of overhead when
using speed to test aes-128-cbc. Since we're in the EVP lib itself, we can
just directly access this value.

To test performance I ran the command:
openssl speed -evp aes-128-cbc -bytes 16 -seconds 30

For the before and after, I ran this twice and discarded the first result
to "warm up" my machine.

Before:
aes-128-cbc 716949.71k

After:
aes-128-cbc 742807.11k

This represents a performance improvement of about 4%

Partially fixes #13407

Reviewed-by: Kurt Roeckx 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13734)

---

Summary of changes:
 crypto/evp/evp_enc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index c1c8f1cf28..eb8c0faf14 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -556,7 +556,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char 
*out, int *outl,
 if (ctx->cipher->prov == NULL)
 goto legacy;
 
-blocksize = EVP_CIPHER_CTX_block_size(ctx);
+blocksize = ctx->cipher->block_size;
 
 if (ctx->cipher->cupdate == NULL  || blocksize < 1) {
 ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);


[openssl] master update

2020-12-24 Thread beldmit
The branch master has been updated
   via  ae031148fde2b55238d56dcbe4ac05625382d970 (commit)
  from  38f7931429859a3bd07725dbc451c0b4cac26a10 (commit)


- Log -
commit ae031148fde2b55238d56dcbe4ac05625382d970
Author: Matt Caswell 
Date:   Tue Dec 22 15:16:51 2020 +

Optimise OPENSSL_init_crypto to not need a lock when loading config

Most of the time we don't have any explicit settings when loading a
config file. Therefore we optimise things so that we don't need to use
a lock in that instance.

Partially addresses performance issues in #13725

Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13731)

---

Summary of changes:
 crypto/init.c | 25 -
 1 file changed, 20 insertions(+), 5 deletions(-)

diff --git a/crypto/init.c b/crypto/init.c
index ba8706655b..f1100df169 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -233,8 +233,16 @@ static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT;
 static int config_inited = 0;
 static const OPENSSL_INIT_SETTINGS *conf_settings = NULL;
 DEFINE_RUN_ONCE_STATIC(ossl_init_config)
+{
+int ret = openssl_config_int(NULL);
+
+config_inited = 1;
+return ret;
+}
+DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_config_settings, ossl_init_config)
 {
 int ret = openssl_config_int(conf_settings);
+
 config_inited = 1;
 return ret;
 }
@@ -539,11 +547,18 @@ int OPENSSL_init_crypto(uint64_t opts, const 
OPENSSL_INIT_SETTINGS *settings)
 
 if (opts & OPENSSL_INIT_LOAD_CONFIG) {
 int ret;
-CRYPTO_THREAD_write_lock(init_lock);
-conf_settings = settings;
-ret = RUN_ONCE(, ossl_init_config);
-conf_settings = NULL;
-CRYPTO_THREAD_unlock(init_lock);
+
+if (settings == NULL) {
+ret = RUN_ONCE(, ossl_init_config);
+} else {
+CRYPTO_THREAD_write_lock(init_lock);
+conf_settings = settings;
+ret = RUN_ONCE_ALT(, ossl_init_config_settings,
+   ossl_init_config);
+conf_settings = NULL;
+CRYPTO_THREAD_unlock(init_lock);
+}
+
 if (ret <= 0)
 return 0;
 }


[openssl] master update

2020-12-23 Thread beldmit
The branch master has been updated
   via  38f7931429859a3bd07725dbc451c0b4cac26a10 (commit)
   via  ae69da05a7749e21c7526831173405e3570917b2 (commit)
  from  fdf05eb7611a1fdb283162228985286a09d07940 (commit)


- Log -
commit 38f7931429859a3bd07725dbc451c0b4cac26a10
Author: Matt Caswell 
Date:   Tue Dec 22 11:36:30 2020 +

Cache Digest constants

EVP_CIPHER already caches certain constants so that we don't have to
query the provider every time. We do the same thing with EVP_MD constants.
Without this we can get performance issues, e.g. running "speed" with
small blocks of data to digest can spend a long time in EVP_MD_size(),
which should be quick.

Partialy fixes #13578

Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13730)

commit ae69da05a7749e21c7526831173405e3570917b2
Author: Matt Caswell 
Date:   Tue Dec 22 11:54:16 2020 +

Move the caching of cipher constants into evp_cipher_from_dispatch

Previously we cached the cipher constants in EVP_CIPHER_fetch(). However,
this means we do the caching every time we call that function, even if
the core has previusly fetched the cipher and cached it already. This
means we can end up re-caching the constants even though they are already
present. This also means we could be updating these constants from
multiple threads at the same time.

Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/13730)

---

Summary of changes:
 crypto/err/openssl.txt   |  1 +
 crypto/evp/digest.c  | 29 +
 crypto/evp/evp_enc.c | 10 ++
 crypto/evp/evp_err.c |  2 ++
 crypto/evp/evp_lib.c | 33 +++--
 include/crypto/evperr.h  |  2 +-
 include/openssl/evperr.h |  1 +
 7 files changed, 43 insertions(+), 35 deletions(-)

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 60f343eb7d..5440e47093 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2528,6 +2528,7 @@ EVP_R_BAD_ALGORITHM_NAME:200:bad algorithm name
 EVP_R_BAD_DECRYPT:100:bad decrypt
 EVP_R_BAD_KEY_LENGTH:195:bad key length
 EVP_R_BUFFER_TOO_SMALL:155:buffer too small
+EVP_R_CACHE_CONSTANTS_FAILED:225:cache constants failed
 EVP_R_CAMELLIA_KEY_SETUP_FAILED:157:camellia key setup failed
 EVP_R_CANNOT_GET_PARAMETERS:197:cannot get parameters
 EVP_R_CANNOT_SET_PARAMETERS:198:cannot set parameters
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 1d16c52060..46f4d201d9 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -827,6 +827,29 @@ static void set_legacy_nid(const char *name, void 
*vlegacy_nid)
 }
 #endif
 
+static int evp_md_cache_constants(EVP_MD *md)
+{
+int ok;
+size_t blksz = 0;
+size_t mdsize = 0;
+unsigned long flags = 0;
+OSSL_PARAM params[4];
+
+params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, 
);
+params[1] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, );
+params[2] = OSSL_PARAM_construct_ulong(OSSL_DIGEST_PARAM_FLAGS, );
+params[3] = OSSL_PARAM_construct_end();
+ok = evp_do_md_getparams(md, params);
+if (mdsize > INT_MAX || blksz > INT_MAX)
+ok = 0;
+if (ok) {
+md->block_size = (int)blksz;
+md->md_size = (int)mdsize;
+md->flags = flags;
+}
+return ok;
+}
+
 static void *evp_md_from_dispatch(int name_id,
   const OSSL_DISPATCH *fns,
   OSSL_PROVIDER *prov)
@@ -938,6 +961,12 @@ static void *evp_md_from_dispatch(int name_id,
 if (prov != NULL)
 ossl_provider_up_ref(prov);
 
+if (!evp_md_cache_constants(md)) {
+EVP_MD_free(md);
+ERR_raise(ERR_LIB_EVP, EVP_R_CACHE_CONSTANTS_FAILED);
+md = NULL;
+}
+
 return md;
 }
 
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 7818ab25ea..c1c8f1cf28 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -1470,6 +1470,12 @@ static void *evp_cipher_from_dispatch(const int name_id,
 if (prov != NULL)
 ossl_provider_up_ref(prov);
 
+if (!evp_cipher_cache_constants(cipher)) {
+EVP_CIPHER_free(cipher);
+ERR_raise(ERR_LIB_EVP, EVP_R_CACHE_CONSTANTS_FAILED);
+cipher = NULL;
+}
+
 return cipher;
 }
 
@@ -1491,10 +1497,6 @@ EVP_CIPHER *EVP_CIPHER_fetch(OSSL_LIB_CTX *ctx, const 
char *algorithm,
   evp_cipher_from_dispatch, evp_cipher_up_ref,
   evp_cipher_free);
 
-if (cipher != NULL && !evp_cipher_cache_constants(cipher)) {
-EVP_CIPHER_free(cipher);
-cipher = NULL;
-}
 return cipher;
 }
 
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index c2259f0beb..894f0cebcb 100644
--- 

[openssl] master update

2020-12-23 Thread beldmit
The branch master has been updated
   via  128d25ba6a9e02481381d47e3a5aa915700b9a1e (commit)
  from  c4b2c53fadb158bee34aef90d5a7d500aead1f70 (commit)


- Log -
commit 128d25ba6a9e02481381d47e3a5aa915700b9a1e
Author: Dmitry Belyavskiy 
Date:   Mon Dec 21 14:23:17 2020 +0100

Fetch provided algorithm once per benchmark

Partially fixes #13578

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/13721)

---

Summary of changes:
 apps/speed.c | 50 ++
 1 file changed, 46 insertions(+), 4 deletions(-)

diff --git a/apps/speed.c b/apps/speed.c
index 5b944290fc..c8c4f65b47 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1003,7 +1003,9 @@ static int EVP_Update_loop_aead(void *args)
 return count;
 }
 
-static const EVP_MD *evp_md = NULL;
+static EVP_MD *evp_md = NULL;
+static int fetched_alg = 0;
+
 static int EVP_Digest_loop(void *args)
 {
 loopargs_t *tempargs = *(loopargs_t **) args;
@@ -1491,6 +1493,38 @@ static int run_benchmark(int async_jobs,
 return error ? -1 : total_op_count;
 }
 
+static EVP_MD *obtain_md(const char *name)
+{
+EVP_MD *md = NULL;
+
+/* Look through providers' digests */
+ERR_set_mark();
+md = EVP_MD_fetch(NULL, name, NULL);
+ERR_pop_to_mark();
+if (md != NULL) {
+fetched_alg = 1;
+return md;
+}
+
+return (EVP_MD *)EVP_get_digestbyname(name);
+}
+
+static EVP_CIPHER *obtain_cipher(const char *name)
+{
+EVP_CIPHER *cipher = NULL;
+
+/* Look through providers' ciphers */
+ERR_set_mark();
+cipher = EVP_CIPHER_fetch(NULL, name, NULL);
+ERR_pop_to_mark();
+if (cipher != NULL) {
+fetched_alg = 1;
+return cipher;
+}
+
+return (EVP_CIPHER *)EVP_get_cipherbyname(name);
+}
+
 #define stop_it(do_it, test_num)\
 memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num);
 
@@ -1500,7 +1534,7 @@ int speed_main(int argc, char **argv)
 loopargs_t *loopargs = NULL;
 const char *prog;
 const char *engine_id = NULL;
-const EVP_CIPHER *evp_cipher = NULL;
+EVP_CIPHER *evp_cipher = NULL;
 double d = 0.0;
 OPTION_CHOICE o;
 int async_init = 0, multiblock = 0, pr_header = 0;
@@ -1694,10 +1728,14 @@ int speed_main(int argc, char **argv)
 usertime = 0;
 break;
 case OPT_EVP:
+if (doit[D_EVP]) {
+BIO_printf(bio_err, "%s: -evp option cannot be used more than 
once\n", prog);
+goto opterr;
+}
 evp_md = NULL;
-evp_cipher = EVP_get_cipherbyname(opt_arg());
+evp_cipher = obtain_cipher(opt_arg());
 if (evp_cipher == NULL)
-evp_md = EVP_get_digestbyname(opt_arg());
+evp_md = obtain_md(opt_arg());
 if (evp_cipher == NULL && evp_md == NULL) {
 BIO_printf(bio_err,
"%s: %s is an unknown cipher or digest\n",
@@ -4091,6 +4129,10 @@ int speed_main(int argc, char **argv)
 }
 OPENSSL_free(loopargs);
 release_engine(e);
+if (fetched_alg) {
+EVP_MD_free(evp_md);
+EVP_CIPHER_free(evp_cipher);
+}
 return ret;
 }
 


  1   2   >