EVP_get_default_properties - tests

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25434)

RSA decoder should check also sanity of p, q, e, d ... with respect to n

This issue has been discovered by osss-fuzzer [1]. The test function decodes
RSA key created by fuzzer and calls

RSA decoder should check also sanity of p, q, e, d ... with respect to n

This issue has been discovered by osss-fuzzer [1]. The test function decodes
RSA key created by fuzzer and calls EVP_PKEY_pairwise_check() which
proceeds to ossl_bn_miller_rabin_is_prime() check which takes too long
exceeding timeout (45secs).

The idea is to fix OSSL_DECODER_from_data() code path so invalid
RSA keys will be refused.

[1] https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69134

Test case generated by the fuzzer is added.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25190)

show more ...

Fix error handling in OBJ_add_object

This fixes the possible memory leak in OBJ_add_object
when a pre-existing object is replaced by a new one,
with identical NID, OID, and/or short/

Fix error handling in OBJ_add_object

This fixes the possible memory leak in OBJ_add_object
when a pre-existing object is replaced by a new one,
with identical NID, OID, and/or short/long name.
We do not try to delete any orphans, but only mark
them as type == -1, because the previously returned
pointers from OBJ_nid2obj/OBJ_nid2sn/OBJ_nid2ln
may be cached by applications and can thus not
be cleaned up before the application terminates.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22534)

show more ...

that open brace { should be on the previous line

Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed

that open brace { should be on the previous line

Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22097)

show more ...

EVP_DigestUpdate(): Check if ctx->update is set

The issue has been discovered by libFuzzer running on provider target.
There are currently three distinct reports which are addressed by

EVP_DigestUpdate(): Check if ctx->update is set

The issue has been discovered by libFuzzer running on provider target.
There are currently three distinct reports which are addressed by
code change here.

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69236#c1
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69243#c1
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69261#c1

the issue has been introduced with openssl 3.0.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24753)

show more ...

Handle empty param in EVP_PKEY_CTX_add1_hkdf_info

Fixes #24130
The regression was introduced in PR #23456.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz

Handle empty param in EVP_PKEY_CTX_add1_hkdf_info

Fixes #24130
The regression was introduced in PR #23456.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24141)

show more ...

Copyright year updates

Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes
(cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0)

Reviewed-by: Hugo Lan

Copyright year updates

Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes
(cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0)

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24034)

show more ...

Fix testcases to run on duplicated keys

The existing loop pattern did not really run the expected
tests on the duplicated keys.

Fixes #23129

Reviewed-by: Neil Horman <n

Fix testcases to run on duplicated keys

The existing loop pattern did not really run the expected
tests on the duplicated keys.

Fixes #23129

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23292)

show more ...

Add appropriate NULL checks in EVP_CIPHER api

The EVP_CIPHER api currently assumes that calls made into several APIs
have already initalized the cipher in a given context via a call to

Add appropriate NULL checks in EVP_CIPHER api

The EVP_CIPHER api currently assumes that calls made into several APIs
have already initalized the cipher in a given context via a call to
EVP_CipherInit[_ex[2]]. If that hasnt been done, instead of an error,
the result is typically a SIGSEGV.

Correct that by adding missing NULL checks in the apropriate apis prior
to using ctx->cipher

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22995)

show more ...

Add tests for re-using cipher contexts

Add test case for re-using a cipher context with the same key, iv and
cipher. It detects, if the hardware-specific cipher context is reset
corr

Add tests for re-using cipher contexts

Add test case for re-using a cipher context with the same key, iv and
cipher. It detects, if the hardware-specific cipher context is reset
correctly, like reported in issue #23175.

This test has encrypt and decrypt iterations for cfb128 and
ofb128. All iteations use the same key, iv and plaintext.

Signed-off-by: Holger Dengler <dengler@linux.ibm.com>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23201)

show more ...

Augment RSA provider to generate CRT coefficients on EVP_PKEY_fromdata()

It would be helpful to be able to generate RSA's dmp1/dmq1/iqmp values
when not provided in the param list to EVP

Augment RSA provider to generate CRT coefficients on EVP_PKEY_fromdata()

It would be helpful to be able to generate RSA's dmp1/dmq1/iqmp values
when not provided in the param list to EVP_PKEY_fromdata. Augment the
provider in ossl_rsa_fromdata to preform this generation iff:
a) At least p q n e and e are provided
b) the new parameter OSSL_PARAM_RSA_DERIVE_PQ is set to 1

Fixes #21826

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21875)

show more ...

Statically link legacy provider to evp_extra_test

Like in #17345, evp_extra_test links libcrypto statically, but also has
a dynamic/shared load via the legacy provider, which leads to am

Statically link legacy provider to evp_extra_test

Like in #17345, evp_extra_test links libcrypto statically, but also has
a dynamic/shared load via the legacy provider, which leads to ambiguous
behavior in evp_extra_test on some platforms, usually a crash (SIGSEGV)
on exit via the atexit handlers. Statically link the legacy provider to
avoid this.

Fixes #22819

Helped-by: Neil Horman <nhorman@openssl.org>
Helped-by: Tomas Mraz <tomas@openssl.org>
Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22905)

show more ...

Add negative test for key length change

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2

Add negative test for key length change

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22590)

show more ...

Add negative test for iv length change

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22

Add negative test for iv length change

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22590)

show more ...

test: add unit test for CVE-2023-5363

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

rsa: Accept NULL OAEP label for backward compatibility

According to the manual page, EVP_PKEY_CTX_set0_rsa_oaep_label()
should accept NULL as the label argument, though the function

rsa: Accept NULL OAEP label for backward compatibility

According to the manual page, EVP_PKEY_CTX_set0_rsa_oaep_label()
should accept NULL as the label argument, though the function
currently rejects it while setting the corresponding octet string
parameter with OSSL_PARAM_construct_octet_string, which expects
non-NULL input. This adds a workaround to the caller for backward
compatibility.

Signed-off-by: Daiki Ueno <dueno@redhat.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22397)

show more ...

test: evp_extra: test signing with legacy app method based keys

This commit adds `test_EVP_PKEY_sign_with_app_method`, a regression
test for the bug fix in commit 1acc3e8cc3c6 (pull requ

test: evp_extra: test signing with legacy app method based keys

This commit adds `test_EVP_PKEY_sign_with_app_method`, a regression
test for the bug fix in commit 1acc3e8cc3c6 (pull request #22163).

It is analogous to `test_EVP_PKEY_sign`, only with a fake app method
based key. (The EC key test case was omitted, because there is no
`EC_KEY_METHOD_dup` method.)

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22185)

show more ...

test: evp_extra: fix indentation error

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/221

test: evp_extra: fix indentation error

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22185)

show more ...

Copyright year updates


Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes

configure: introduce no-ecx to remove ECX related feature

This can effectively reduce the binary size for platforms
that don't need ECX feature(~100KB).

Signed-off-by: Yi Li <yi

configure: introduce no-ecx to remove ECX related feature

This can effectively reduce the binary size for platforms
that don't need ECX feature(~100KB).

Signed-off-by: Yi Li <yi1.li@intel.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20781)

show more ...

provider: return error if buf too small when getting ec pubkey param

Fixes #20889

There was an incorrect value passed to EC_POINT_point2oct() for the
buffer size of the param pa

provider: return error if buf too small when getting ec pubkey param

Fixes #20889

There was an incorrect value passed to EC_POINT_point2oct() for the
buffer size of the param passed-in.

Added testcases.

Signed-off-by: Yi Li <yi1.li@intel.com>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20890)

show more ...

test: evp_extra: EC, read affine coordinates

Add a test to read the EC X,Y coordinates.
Support legacy keys.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>

Rev

test: evp_extra: EC, read affine coordinates

Add a test to read the EC X,Y coordinates.
Support legacy keys.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20535)

show more ...

Add test for context duplication failure

This checks that the first operation successfully completes even if
context duplication fails. But follwing operations get errors as
if the c

Add test for context duplication failure

This checks that the first operation successfully completes even if
context duplication fails. But follwing operations get errors as
if the context was finlised.

Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/20375)

show more ...

Workaround crash in atexit on NonStop platforms

We cannot dynamically load the legacy provider into an application
that is linked statically to libcrypto as this causes
a double load

Workaround crash in atexit on NonStop platforms

We cannot dynamically load the legacy provider into an application
that is linked statically to libcrypto as this causes
a double loading of libcrypto (one static and one dynamic) and
on NonStop this leads to a segfault in atexit().

Fixes #17537

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19844)

show more ...

Fix the check of EVP_PKEY_decrypt_init

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull

Fix the check of EVP_PKEY_decrypt_init

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19819)

show more ...