This project is mirrored from https://github.com/openssl/openssl.git.
Pull mirroring failed .
Last successful update .
Last successful update .
- 23 Apr, 2020 10 commits
-
-
Matt Caswell authored
Reviewed-by:Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Reviewed-by:
-
Dr. David von Oheimb authored
Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11608)
-
Matt Caswell authored
The fips.so and legacy.so providers were not being installed because of a typo in the makefile templates. Reviewed-by:
Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11615)
-
Matt Caswell authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
This adds handling of the parameter "mandatory-digest" and responds with an empty string, meaning that no digest may be used. Reviewed-by:
-
Richard Levitte authored
EVP_DigestSignInit() and EVP_DigestVerifyInit() would detect if there is no default digest when using legacy (EVP_PKEY_ASN1_METHOD) implementations. However, it doesn't do that when provider side keys are used. Furthermore, because EVP_PKEY_get_default_digest_name() was used in the portion of the code that uses the provider implementation, the EVP_PKEY_ASN1_METHOD would be used if the key has one attached. This is now changed to use evp_keymgmt_util_get_deflt_digest_name() instead. Finally, we make sure to detect if the provider implementation supports the digest name parameters (default or mandatory), and returns with error if not. This is what the legacy portion of the code does. Fixes #11571 Reviewed-by:
-
Richard Levitte authored
evp_keymgmt_util_get_deflt_digest_name() is a refactor of the provider side key part of EVP_PKEY_get_default_digest_name(), that takes EVP_KEYMGMT and provider keydata pointers instead of an EVP_PKEY pointer. We also ensure that it uses SN_undef as the default name if the provider implementation gave us an empty string, since this is what EVP_PKEY_get_default_digest_name() responds when getting the digest name via a EVP_PKEY_ASN1_METHOD ctrl call that returns NID_undef. Reviewed-by:
-
Pauli authored
Several MACs and one KDF are included in the FIPS provider with the property "fips=yes" set but are not listed as being part of the OpenSSL validation. This removes them from the FIPS provider. Reviewed-by:
-
- 22 Apr, 2020 9 commits
-
-
Matt Caswell authored
This fixes an assertion failure that can occur in the CMP code in the event of a no-err build. The "improve_location_name" function assumed that the fallback argument was always populated with something. However in a no-err build this is not the case. Reviewed-by:
Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11584)
-
Matt Caswell authored
In a similar way to the previous commit we also skip a fipsinstall test if DSA has been disabled. Reviewed-by:
Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11582)
-
Matt Caswell authored
One of the sub-tests in the fipsinstall test corrupts a DH test to confirm that fipsinstall fails. However that is never noticed in a no-dh build - so we just skip that test in a no-dh build. Reviewed-by:
-
Matt Caswell authored
Add some missing OPENSSL_NO_DH guards. Reviewed-by:
-
Matt Caswell authored
This was missed by Travis because, although it has a no-ec build, the test that failed only runs in a debug build. The Travis job with no-ec is not a debug build and so the test was skipped. Reviewed-by:
David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by:
-
Matt Caswell authored
Provide a link to the 3.0 upgrade notes so that users of the alpha/beta/ final releases can understand the differences between this version and previous versions. Reviewed-by:
-
Nikolay Morozov authored
For GOST2012-GOST8912-GOST8912 IANA introduce TLS Supported Groups Identifiers https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8Reviewed-by:
Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11568)
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
- 21 Apr, 2020 12 commits
-
-
Billy Brumley authored
Reviewed-by:
-
Dirk-Willem van Gulik authored
Reviewed-by:
-
Matt Caswell authored
The GOST test only runs if it detects that the GOST engine is present. This is the case for the run-checker environment. The GOST engine uses some deprecated functions, so we disable that test in a no-deprecated build. Reviewed-by:
-
Matt Caswell authored
Disable a recently added CMS test in the case of no-des. Reviewed-by:
Paul Yang <kaishen.yy@antfin.com> (Merged from https://github.com/openssl/openssl/pull/11578)
-
Matt Caswell authored
In builds where SSLv3 is enabled ssl_test_old was failing. We need to make sure we disable SSLv3 related tests when using the FIPS provider. [extended tests] Reviewed-by:
-
Matt Caswell authored
A couple of fetches of the MD5 and SHA1 digests were not using the libctx in libssl and causing test_ssl_new to fail in travis. This only occurs on builds with SSLv3 enabled (its disabled by default). [extended tests] Reviewed-by:
-
Richard Levitte authored
Unfortunately, this won't work on MacOS because of system integrity measures on that platform, which clears DYLD_LIBRARY_PATH before starting a sub-process executable. Ref: https://developer.apple.com/library/archive/documentation/Security/Conceptual/System_Integrity_Protection_Guide/RuntimeProtections/RuntimeProtections.html This reverts commit ae6b654b. Reviewed-by:
-
Benjamin Kaduk authored
In the tls1_check_sig_alg() helper function, we loop through the list of "signature_algorithms_cert" values received from the client and attempt to look up each one in turn in our internal table that maps wire codepoint to string-form name, digest and/or signature NID, etc., in order to compare the signature scheme from the peer's list against what is used to sign the certificates in the certificate chain we're checking. Unfortunately, when the peer sends a value that we don't support, the lookup returns NULL, but we unconditionally dereference the lookup result for the comparison, leading to an application crash triggerable by an unauthenticated client. Since we will not be able to say anything about algorithms we don't recognize, treat NULL return from lookup as "does not match". We currently only apply the "signature_algorithm_cert" checks on TLS 1.3 connections, so previous TLS versions are unaffected. SSL_check_chain() is not called directly from libssl, but may be used by the application inside a callback (e.g., client_hello or cert callback) to verify that a candidate certificate chain will be acceptable to the client. CVE-2020-1967 Reviewed-by: -
Benjamin Kaduk authored
Add to test_sslsigalgs a TLSProxy test that injects a "signature_algorithms_cert" extension that contains an unallocated codepoint. The test currently fails, since s_server segfaults instead of ignoring the unrecognized value. Since "signature_algorithms" and "signature_algorithms_cert" are very similar, also add the analogous test for "signature_algorithms". Reviewed-by: -
Richard Levitte authored
The old release script that exists in another repository has aged, and risks becoming messy beyond maintainability if it's made to deal with multiple OpenSSL version schemes. A solution, which has been seen in other projects, is to have the release script as part of the versioned source tree, and ensure it's adapted for the ongoing version scheme in that source tree. This introduces dev/, a directory of OpenSSL developer "stuff". We may expand it with other practical scripts to easy development setup and other similar things that developers may need. For now, it's the release script dev/release.sh, with auxilliary files in dev/release-aux/. The script is self describing, the manual is available by running the command `./dev/release.sh --manual`. The dev/ directory shall never appear in a source distribution. Reviewed-by:
-
Dr. David von Oheimb authored
[extended tests] Reviewed-by:
-
Pauli authored
Reviewed-by:
-
- 20 Apr, 2020 9 commits
-
-
Matt Caswell authored
Reviewed-by:
Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11534)
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
HMACs used via the legacy EVP_DigestSign interface are strange in that they use legacy codepath's which eventually (under the covers) transform the operation into a new style EVP_MAC. This can mean the digest in use can be a legacy one, so we need to be careful with any digest we extract from the ctx. Reviewed-by:
-
Matt Caswell authored
We load the FIPS module and make sure it is configured before running the ssl_test_new tests. Reviewed-by:
-
Matt Caswell authored
We now run the tests twice: Once with no specific providers loaded and just using the default libctx, and a second time with a non-default libctx and the default provider. In the second run we disable tests which use a PSS cert/key because we don't yet have support for that. Reviewed-by:
-
Matt Caswell authored
We also prepare the way for a future commit to run ssl_test_new with just the FIPS provider loaded. Reviewed-by:
-
Dr. David von Oheimb authored
Reviewed-by:
-
Dr. David von Oheimb authored
fix doc of s_client and s_server credentials and verification options fix doc of verification options also for s_time, x509, crl, req, ts, and verify correcting and extending texts regarding untrusted and trusted certs, making the order of options in the docs and help texts more consistent, etc. Reviewed-by:
-
Dr. Matthias St. Pierre authored
The order of the function's parameters `name_id` and `operation_id` was reverted compared to their order of appearance in the comments and assertions. Reviewed-by:
-
