EVP_PKEY_CTX_get/settable_params: pass provider operation context

This allows making the signature operations return different
settable params when the context is initialized with
EV

EVP_PKEY_CTX_get/settable_params: pass provider operation context

This allows making the signature operations return different
settable params when the context is initialized with
EVP_DigestSign/VerifyInit.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14338)

show more ...

Fix external symbols related to dh keys

Partial fix for #12964

This adds ossl_ names for the following symbols:

dh_new_by_nid_ex, dh_new_ex, dh_generate_ffc_parameters, dh_

Fix external symbols related to dh keys

Partial fix for #12964

This adds ossl_ names for the following symbols:

dh_new_by_nid_ex, dh_new_ex, dh_generate_ffc_parameters, dh_generate_public_key,
dh_get_named_group_uid_from_size, dh_gen_type_id2name, dh_gen_type_name2id,
dh_cache_named_group, dh_get0_params, dh_get0_nid,
dh_params_fromdata, dh_key_fromdata, dh_params_todata, dh_key_todata,
dh_check_pub_key_partial, dh_check_priv_key, dh_check_pairwise,
dh_get_method, dh_buf2key, dh_key2buf, dh_KDF_X9_42_asn1,
dh_pkey_method, dhx_pkey_method

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14231)

show more ...

Add EVP_PKEY_public_check_quick.

Adding the EVP_PKEY_param_check_quick() reminded me that there are also
partial checks for public keys as part of SP800-56A for FFC (DH named safe
pr

Add EVP_PKEY_public_check_quick.

Adding the EVP_PKEY_param_check_quick() reminded me that there are also
partial checks for public keys as part of SP800-56A for FFC (DH named safe
prime groups) and ECC. The code was mainly already there and just needed
to be plumbed into the validate methods.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14206)

show more ...

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)

Implement EVP_PKEY_param_check_quick() and use it in libssl

The low level DH API has two functions for checking parameters:
DH_check_ex() and DH_check_params_ex(). The former does a "ful

Implement EVP_PKEY_param_check_quick() and use it in libssl

The low level DH API has two functions for checking parameters:
DH_check_ex() and DH_check_params_ex(). The former does a "full" check,
while the latter does a "quick" check. Most importantly it skips the
check for a safe prime. We're ok without using safe primes here because
we're doing ephemeral DH.

Now that libssl is fully using the EVP API, we need a way to specify that
we want a quick check instead of a full check. Therefore we introduce
EVP_PKEY_param_check_quick() and use it.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14146)

show more ...

Run DH_check_ex() not DH_check_params_ex() when checking params

Both DH_check_ex() and DH_check_params_ex() check the parameters.
DH_check_ex() performs a more complete check, while DH_c

Run DH_check_ex() not DH_check_params_ex() when checking params

Both DH_check_ex() and DH_check_params_ex() check the parameters.
DH_check_ex() performs a more complete check, while DH_check_params_ex()
performs a lightweight check. In 1.1.1 EVP_PKEY_param_check() would call
DH_check_ex() for DH keys. For backwards compatibility we should continue
with that behaviour.

Fixes #13501

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14146)

show more ...

EVP_PKEY & DH: Make DH EVP_PKEY_CTX parameter ctrls / setters more available

EVP_PKEY_CTX_set_dh_ functions were only available when DH was enabled
('no-dsa' not configured). However, t

EVP_PKEY & DH: Make DH EVP_PKEY_CTX parameter ctrls / setters more available

EVP_PKEY_CTX_set_dh_ functions were only available when DH was enabled
('no-dsa' not configured). However, that makes it impossible to use
these functions with an engine or a provider that happens to implement
DH. This change solves that problem by shuffling these functions to
more appropriate places.

By consequence, there are a number of places where we can remove the
check of OPENSSL_NO_DH. This requires some re-arrangements of
internal tables to translate between numeric identities and names.

Partially fixes #13550

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13589)

show more ...

Fix crash in genpkey app when -pkeyopt digest:name is used for DH or DSA.

By the time the keygen is called the references to strings inside the
gen ctx are floating pointers. A strdup so

Fix crash in genpkey app when -pkeyopt digest:name is used for DH or DSA.

By the time the keygen is called the references to strings inside the
gen ctx are floating pointers. A strdup solves this problem.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13432)

show more ...

Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module

The documentation claimed this was already the default but it wasn't. This
was causing the dhparam applicatio

Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module

The documentation claimed this was already the default but it wasn't. This
was causing the dhparam application to change behaviour when compared to
1.1.1

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13228)

show more ...

Constify OSSL_FUNC_keymgmt_validate()

The keydata argument of OSSL_FUNC_keymgmt_validate() should be read-only.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from

Constify OSSL_FUNC_keymgmt_validate()

The keydata argument of OSSL_FUNC_keymgmt_validate() should be read-only.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13201)

show more ...

Constify OSSL_FUNC_keymgmt_has()

The keydata argument of OSSL_FUNC_keymgmt_has() should be read-only.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <

Constify OSSL_FUNC_keymgmt_has()

The keydata argument of OSSL_FUNC_keymgmt_has() should be read-only.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13200)

show more ...

Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key

We do the same thing for the "get1" version. In reality this has broader
use than just TLS (it can also be used

Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key

We do the same thing for the "get1" version. In reality this has broader
use than just TLS (it can also be used in CMS), and "encodedpoint" only
makes sense when you are talking about EC based algorithms.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13105)

show more ...

DH: make the private key length importable / exportable

The DH private key length, which is an optional parameter, wasn't
properly imported / exported between legacy and provider side

DH: make the private key length importable / exportable

The DH private key length, which is an optional parameter, wasn't
properly imported / exported between legacy and provider side
implementations.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13166)

show more ...

Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx'

This change makes the naming more consistent, because three different terms
were used for the same thing. (The term

Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx'

This change makes the naming more consistent, because three different terms
were used for the same thing. (The term libctx was used by far most often.)

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12621)

show more ...

Rename OPENSSL_CTX prefix to OSSL_LIB_CTX

Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.

Rename OPENSSL_CTX prefix to OSSL_LIB_CTX

Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.

The OPENSSL_CTX type stands out a little by using a different prefix.
For consistency reasons, this type is renamed to OSSL_LIB_CTX.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12621)

show more ...

ffc: add _ossl to exported but internal functions

The functions updated are:
ffc_generate_private_key, ffc_named_group_from_uid,
ffc_named_group_to_uid, ffc_params_FIPS186_2_

ffc: add _ossl to exported but internal functions

The functions updated are:
ffc_generate_private_key, ffc_named_group_from_uid,
ffc_named_group_to_uid, ffc_params_FIPS186_2_gen_verify,
ffc_params_FIPS186_2_generate, ffc_params_FIPS186_2_validate,
ffc_params_FIPS186_4_gen_verify, ffc_params_FIPS186_4_generate,
ffc_params_FIPS186_4_validate, ffc_params_cleanup, ffc_params_cmp,
ffc_params_copy, ffc_params_enable_flags, ffc_params_flags_from_name,
ffc_params_flags_to_name, ffc_params_fromdata,
ffc_params_get0_pqg, ffc_params_get_validate_params,
ffc_params_init, ffc_params_print, ffc_params_set0_j,
ffc_params_set0_pqg, ffc_params_set_flags, ffc_params_set_gindex,
ffc_params_set_h, ffc_params_set_pcounter, ffc_params_set_seed,
ffc_params_set_validate_params, ffc_params_simple_validate,
ffc_params_todata, ffc_params_validate_unverifiable_g, ffc_set_digest,
ffc_set_group_pqg, ffc_validate_private_key, ffc_validate_public_key
and ffc_validate_public_key_partial.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13041)

show more ...

Run the withlibctx.pl script

Automatically rename all instances of _with_libctx() to _ex() as per
our coding style.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged fro

Run the withlibctx.pl script

Automatically rename all instances of _with_libctx() to _ex() as per
our coding style.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12970)

show more ...

prov: prefix all OSSL_DISPATCH tables names with ossl_

This stops them leaking into other namespaces in a static build.
They remain internal.

Reviewed-by: Richard Levitte <levit

prov: prefix all OSSL_DISPATCH tables names with ossl_

This stops them leaking into other namespaces in a static build.
They remain internal.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13013)

show more ...

keymgmt: add FIPS error state handling

The functions that check for the provider being runnable are: new, gen_init,
gen, gen_set_template, load, has, match, validate, import and export.

keymgmt: add FIPS error state handling

The functions that check for the provider being runnable are: new, gen_init,
gen, gen_set_template, load, has, match, validate, import and export.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12801)

show more ...

Fix DSA/DH so that legacy keys can still be generated by the default provider

Fixes #12589

The 'type' parameter needed to be propagated to the ffc params during keygen,
so that

Fix DSA/DH so that legacy keys can still be generated by the default provider

Fixes #12589

The 'type' parameter needed to be propagated to the ffc params during keygen,
so that the simple validation of params done during keygen can handle legacy keys for the default provider.
The fips provider ignores this change and only allows fips186-4 approved sizes.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12623)

show more ...

Add DHX support to keymanager

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12575)

gettables: provider changes to pass the provider context.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12581)

DESERIALIZER: Add deserializers for the rest of our asymmetric key types

To be able to implement this, there was a need for the standard
EVP_PKEY_set1_, EVP_PKEY_get0_ and EVP_PKEY_get1_

DESERIALIZER: Add deserializers for the rest of our asymmetric key types

To be able to implement this, there was a need for the standard
EVP_PKEY_set1_, EVP_PKEY_get0_ and EVP_PKEY_get1_ functions for
ED25519, ED448, X25519 and X448, as well as the corresponding
EVP_PKEY_assign_ macros. There was also a need to extend the list of
hard coded names that EVP_PKEY_is_a() recognise.

Along with this, OSSL_FUNC_keymgmt_load() are implemented for all
those key types.

The deserializers for these key types are all implemented generically,
in providers/implementations/serializers/deserializer_der2key.c.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12544)

show more ...

Make the naming scheme for dispatched functions more consistent

The new naming scheme consistently usese the `OSSL_FUNC_` prefix for all
functions which are dispatched between the core a

Make the naming scheme for dispatched functions more consistent

The new naming scheme consistently usese the `OSSL_FUNC_` prefix for all
functions which are dispatched between the core and providers.

This change includes in particular all up- and downcalls, i.e., the
dispatched functions passed from core to provider and vice versa.

- OSSL_core_ -> OSSL_FUNC_core_
- OSSL_provider_ -> OSSL_FUNC_core_

For operations and their function dispatch tables, the following convention
is used:

Type | Name (evp_generic_fetch(3)) |
---------------------|-----------------------------------|
operation | OSSL_OP_FOO |
function id | OSSL_FUNC_FOO_FUNCTION_NAME |
function "name" | OSSL_FUNC_foo_function_name |
function typedef | OSSL_FUNC_foo_function_name_fn |
function ptr getter | OSSL_FUNC_foo_function_name |

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12222)

show more ...

Rename <openssl/core_numbers.h> -> <openssl/core_dispatch.h>

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12222)