fips module header inclusion fine-tunning

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

fips module header inclusion fine-tunning

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15974)

show more ...

Fix DH private key check.

A recent addition removed setting the dh private key length when
a safe prime group is used. The private key validation check was relying on this
being set

Fix DH private key check.

A recent addition removed setting the dh private key length when
a safe prime group is used. The private key validation check was relying on this
being set for safe primes. Setting the upper bound no longer checks the
length if the value is zero.

This caused a failure in the daily build of acvp_tests.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15760)

show more ...

Do not allow creating empty RSA keys by duplication

Also avoid crashing in rsa_get_params on empty keys.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https:/

Do not allow creating empty RSA keys by duplication

Also avoid crashing in rsa_get_params on empty keys.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14793)

show more ...

Implement provider-side keymgmt_dup function

To avoid mutating key data add OSSL_FUNC_KEYMGMT_DUP function
to the provider API and implement it for all asym-key key
managements.

Implement provider-side keymgmt_dup function

To avoid mutating key data add OSSL_FUNC_KEYMGMT_DUP function
to the provider API and implement it for all asym-key key
managements.

Use it when copying everything to an empty EVP_PKEY
which is the case with EVP_PKEY_dup().

Fixes #14658

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14793)

show more ...

Update copyright year

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14512)

Fix external symbols related to dh keys

Partial fix for #12964

This adds ossl_ names for the following symbols:

dh_new_by_nid_ex, dh_new_ex, dh_generate_ffc_parameters, dh_

Fix external symbols related to dh keys

Partial fix for #12964

This adds ossl_ names for the following symbols:

dh_new_by_nid_ex, dh_new_ex, dh_generate_ffc_parameters, dh_generate_public_key,
dh_get_named_group_uid_from_size, dh_gen_type_id2name, dh_gen_type_name2id,
dh_cache_named_group, dh_get0_params, dh_get0_nid,
dh_params_fromdata, dh_key_fromdata, dh_params_todata, dh_key_todata,
dh_check_pub_key_partial, dh_check_priv_key, dh_check_pairwise,
dh_get_method, dh_buf2key, dh_key2buf, dh_KDF_X9_42_asn1,
dh_pkey_method, dhx_pkey_method

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14231)

show more ...

Fix typo in comment in DH_set0_pqg function

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pu

Fix typo in comment in DH_set0_pqg function

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14288)

show more ...

DH: Make DH_bits(), DH_size(), and DH_security_bits() check that there are key parameters

Fixes #13569
Signed-off-by: Sahana Prasad <sahana@redhat.com>

Reviewed-by: Richard Levi

DH: Make DH_bits(), DH_size(), and DH_security_bits() check that there are key parameters

Fixes #13569
Signed-off-by: Sahana Prasad <sahana@redhat.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13955)

show more ...

DECODER: Adjust the library context of keys in our decoders

Because decoders are coupled with keymgmts from the same provider,
ours need to produce provider side keys the same way. Sinc

DECODER: Adjust the library context of keys in our decoders

Because decoders are coupled with keymgmts from the same provider,
ours need to produce provider side keys the same way. Since our
keymgmts create key data with the provider library context, so must
our decoders.

We solve with functions to adjust the library context of decoded keys,
and use them.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13661)

show more ...

Deprecate DH_new as well as i2d_DHparams and d2i_DHparams

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13138)

Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call

This includes error reporting for libcrypto sub-libraries in surprising
places.

This was done using ut

Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call

This includes error reporting for libcrypto sub-libraries in surprising
places.

This was done using util/err-to-raise

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13318)

show more ...

DH: stop setting the private key length arbitrarily

The private key length is supposed to be a user settable parameter.
We do check if it's set or not, and if not, we do apply defaults.

DH: stop setting the private key length arbitrarily

The private key length is supposed to be a user settable parameter.
We do check if it's set or not, and if not, we do apply defaults.

Fixes #12071

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13140)

show more ...

DH: have DH_set_length() increment the dirty count.

The recommended private key length is a key parameter among other key
parameters, and is included in the key data transferred in an im

DH: have DH_set_length() increment the dirty count.

The recommended private key length is a key parameter among other key
parameters, and is included in the key data transferred in an import
or export between legacy implementations and provider implementations.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13166)

show more ...

DH: make the private key length importable / exportable

The DH private key length, which is an optional parameter, wasn't
properly imported / exported between legacy and provider side

DH: make the private key length importable / exportable

The DH private key length, which is an optional parameter, wasn't
properly imported / exported between legacy and provider side
implementations.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13166)

show more ...

Rename OPENSSL_CTX prefix to OSSL_LIB_CTX

Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.

Rename OPENSSL_CTX prefix to OSSL_LIB_CTX

Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.

The OPENSSL_CTX type stands out a little by using a different prefix.
For consistency reasons, this type is renamed to OSSL_LIB_CTX.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12621)

show more ...

ffc: add _ossl to exported but internal functions

The functions updated are:
ffc_generate_private_key, ffc_named_group_from_uid,
ffc_named_group_to_uid, ffc_params_FIPS186_2_

ffc: add _ossl to exported but internal functions

The functions updated are:
ffc_generate_private_key, ffc_named_group_from_uid,
ffc_named_group_to_uid, ffc_params_FIPS186_2_gen_verify,
ffc_params_FIPS186_2_generate, ffc_params_FIPS186_2_validate,
ffc_params_FIPS186_4_gen_verify, ffc_params_FIPS186_4_generate,
ffc_params_FIPS186_4_validate, ffc_params_cleanup, ffc_params_cmp,
ffc_params_copy, ffc_params_enable_flags, ffc_params_flags_from_name,
ffc_params_flags_to_name, ffc_params_fromdata,
ffc_params_get0_pqg, ffc_params_get_validate_params,
ffc_params_init, ffc_params_print, ffc_params_set0_j,
ffc_params_set0_pqg, ffc_params_set_flags, ffc_params_set_gindex,
ffc_params_set_h, ffc_params_set_pcounter, ffc_params_set_seed,
ffc_params_set_validate_params, ffc_params_simple_validate,
ffc_params_todata, ffc_params_validate_unverifiable_g, ffc_set_digest,
ffc_set_group_pqg, ffc_validate_private_key, ffc_validate_public_key
and ffc_validate_public_key_partial.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13041)

show more ...

Run the withlibctx.pl script

Automatically rename all instances of _with_libctx() to _ex() as per
our coding style.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged fro

Run the withlibctx.pl script

Automatically rename all instances of _with_libctx() to _ex() as per
our coding style.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12970)

show more ...

Add dh_kdf support to provider

Similiar to ecdh this supports the legacy kdf inside the provider dh key exchange.
The supporting EVP_PKEY_CTX macros have been changed into mehtods and mo

Add dh_kdf support to provider

Similiar to ecdh this supports the legacy kdf inside the provider dh key exchange.
The supporting EVP_PKEY_CTX macros have been changed into mehtods and moved into dh_ctrl.c
New kdfs such as SSKDF should be done as a seperate pass after doing the derive.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12575)

show more ...

Make EVP_PKEY_CTX_[get|set]_group_name work for DH too

The previous commit added the EVP_PKEY_CTX_[get|set]_group_name
functions to work with EC groups. We now extend that to also work f

Make EVP_PKEY_CTX_[get|set]_group_name work for DH too

The previous commit added the EVP_PKEY_CTX_[get|set]_group_name
functions to work with EC groups. We now extend that to also work for
DH.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)

show more ...

Update core_names.h fields and document most fields.

Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC.
Added some strings values related

Update core_names.h fields and document most fields.

Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC.
Added some strings values related to RSA keys.
Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file.
Updated Keyexchange and signature code and docs.
Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod.
Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it.

Added some usage examples. As a result of the usage examples the following change was also made:
ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11610)

show more ...

Rename FIPS_MODE to FIPS_MODULE

This macro is used to determine if certain pieces of code should
become part of the FIPS module or not. The old name was confusing.

Fixes #11538

Rename FIPS_MODE to FIPS_MODULE

This macro is used to determine if certain pieces of code should
become part of the FIPS module or not. The old name was confusing.

Fixes #11538

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11539)

show more ...

Fix DH_get_nid() so that it does not cache values.

DH_set0_pqg() is now responsible for caching the nid, q and length.

DH with or without named safe prime groups now default to usin

Fix DH_get_nid() so that it does not cache values.

DH_set0_pqg() is now responsible for caching the nid, q and length.

DH with or without named safe prime groups now default to using the maximum private key length (BN_num_bits(q) - 1)
when generating a DH private key. The code is now shared between fips and non fips mode for DH key generation.

The OSSL_PKEY_PARAM_DH_PRIV_LEN parameter can be used during keygen to override the maximum private key length to be
in the range (2 * strength ... bits(q) - 1). Where the strength depends on the length of p.

Added q = (p - 1) / 2 safe prime BIGNUMS so that the code is data driven (To simplify adding new names).
The BIGNUMS were code generated.

Fix error in documented return value for DH_get_nid

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11562)

show more ...

Add DH keygen to providers

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11332)

Constify various mostly X509-related parameter types in crypto/ and apps/

in particular X509_NAME*, X509_STORE{,_CTX}*, and ASN1_INTEGER *,
also some result types of new functions, which

Constify various mostly X509-related parameter types in crypto/ and apps/

in particular X509_NAME*, X509_STORE{,_CTX}*, and ASN1_INTEGER *,
also some result types of new functions, which does not break compatibility

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/10504)

show more ...

DH: add internal dh_get_method()

This should have been publically present a long time ago, to be
consistent with the RSA, DSA and EC_KEY APIs. However, since we've
now deprecated th

DH: add internal dh_get_method()

This should have been publically present a long time ago, to be
consistent with the RSA, DSA and EC_KEY APIs. However, since we've
now deprecated that kind of function for the other key types, there's
no point in adding a public function, but we still need it internally.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11193)

show more ...