Update rsasve_recover to properly store outlen on success

Outlen was never validated in this function prior to use, nor is it set
to the decrypted value on sucess. Add both of those ope

Update rsasve_recover to properly store outlen on success

Outlen was never validated in this function prior to use, nor is it set
to the decrypted value on sucess. Add both of those operations

Fixes #25509

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25522)

show more ...

cmp_vfy_test.c: Avoid NULL pointer dereference

Fixes Coverity 1619463

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged fro

cmp_vfy_test.c: Avoid NULL pointer dereference

Fixes Coverity 1619463

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25503)

show more ...

Added check for __QNX__ define when using in_pktinfo.ipi_spec_dst

CLA: trivial

Reviewed-by: Hugo Landau <hlandau@devever.net>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Me

Added check for __QNX__ define when using in_pktinfo.ipi_spec_dst

CLA: trivial

Reviewed-by: Hugo Landau <hlandau@devever.net>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24361)

show more ...

Drop the aid field of the signature prov ctx

Signed-off-by: lan1120 <lanming@huawei.com>

Reviewed-by: Hugo Landau <hlandau@devever.net>
Reviewed-by: Tomas Mraz <tomas@openssl.or

Drop the aid field of the signature prov ctx

Signed-off-by: lan1120 <lanming@huawei.com>

Reviewed-by: Hugo Landau <hlandau@devever.net>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23094)

show more ...

Update test/quic-openssl-docker/run_endpoint.sh

Co-authored-by: Viktor Dukhovni <viktor1ghub@dukhovni.org>

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas M

Update test/quic-openssl-docker/run_endpoint.sh

Co-authored-by: Viktor Dukhovni <viktor1ghub@dukhovni.org>

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25528)

show more ...

quic-interop: exlude multiplexing

The multiplexing test works on local runs, but
appears to be failing in CI, possibly due to some environmental
limitation (the test generates a larg

quic-interop: exlude multiplexing

The multiplexing test works on local runs, but
appears to be failing in CI, possibly due to some environmental
limitation (the test generates a large list of requests in an
environment variable), leading to not sending all the requests needed.
Disable the test for now, and look to re-enable it after release when we
can appropriately diagnose the problem

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25528)

show more ...

Update quic interop docker container for chacha20

Need to update the docker interop container to use the quic-hq-interop
client so that the right alpn is negotiated for chacha20 testing

Update quic interop docker container for chacha20

Need to update the docker interop container to use the quic-hq-interop
client so that the right alpn is negotiated for chacha20 testing

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25528)

show more ...

Add SSL_CIPHER_SUITES env variable to quic-hq-interop

To run the chacha20 test in interop we need to:
1) negotiate an hq-interop alpn
2) only use chacha 20

Item 1 requires t

Add SSL_CIPHER_SUITES env variable to quic-hq-interop

To run the chacha20 test in interop we need to:
1) negotiate an hq-interop alpn
2) only use chacha 20

Item 1 requires the use of quic-hq-interop, the latter requires this
change

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25528)

show more ...

Exclude EVP_DigestSign and EVP_DigestVerify related APIs from the FIPS
provider.

Revert changes to m_sigver.c related to #ifdef FIPS_MODULE and exclude
the file using build.info inst

Exclude EVP_DigestSign and EVP_DigestVerify related APIs from the FIPS
provider.

Revert changes to m_sigver.c related to #ifdef FIPS_MODULE and exclude
the file using build.info instead.

Also exclude these calls inside EVP_DigestUpdate() within the FIPS
provider since this API should only be used for self testing digests.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25570)

show more ...

Fix rsa_sigalg_set_ctx_params() to return 1 for unknown parameters.

This keeps the code consistent with the changes done for other
algorithms that support sigalg_set_ctx_params().

Fix rsa_sigalg_set_ctx_params() to return 1 for unknown parameters.

This keeps the code consistent with the changes done for other
algorithms that support sigalg_set_ctx_params().

set_ctx_params() should always return 1 if the parameter is unknown.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25570)

show more ...

Change FIPS self tests to use EVP_PKEY_sign/verify API.

Self tests no longer use the EVP_DigestSign/Verify API's.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas

Change FIPS self tests to use EVP_PKEY_sign/verify API.

Self tests no longer use the EVP_DigestSign/Verify API's.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25570)

show more ...

v3_ncons: Fix difference args names in nc_match_single function

The arguments of the `nc_match_single` function have different names
in the declaration and definition or are mixed up in

v3_ncons: Fix difference args names in nc_match_single function

The arguments of the `nc_match_single` function have different names
in the declaration and definition or are mixed up in places.

CLA: trivial

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25592)

show more ...

add test/recipes/15-test_pkey.t

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/255

add test/recipes/15-test_pkey.t

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)

show more ...

APPS/pkey: fix case where infile and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.co

APPS/pkey: fix case where infile and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)

show more ...

APPS/pkcs8: fix case where infile and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.c

APPS/pkcs8: fix case where infile and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)

show more ...

APPS/ocsp: fix case where reqin and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com

APPS/ocsp: fix case where reqin and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)

show more ...

APPS/{ecparam,pkeyparam}: fix case where infile and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from ht

APPS/{ecparam,pkeyparam}: fix case where infile and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)

show more ...

APPS/dsaparam: fix case where infile and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://githu

APPS/dsaparam: fix case where infile and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)

show more ...

APPS/dhparam: fix case where infile and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github

APPS/dhparam: fix case where infile and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)

show more ...

os-zoo.yml: Disable stringop-overflow warning on alpine edge

fortify-headers are broken due to this warning.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Richard

os-zoo.yml: Disable stringop-overflow warning on alpine edge

fortify-headers are broken due to this warning.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25599)

show more ...

Update fips-label.yml to make 'Cleanup artifact' conditional

If it's not conditional in the same manner as the other steps, it fails
because the artifacts aren't present => job failure.

Update fips-label.yml to make 'Cleanup artifact' conditional

If it's not conditional in the same manner as the other steps, it fails
because the artifacts aren't present => job failure.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25584)

show more ...

fips: add lots of potentially missing ossl_prov_is_running checks

After rudimentary analysis, it appears the below functions can
potentially produce output, whilst the provider is in err

fips: add lots of potentially missing ossl_prov_is_running checks

After rudimentary analysis, it appears the below functions can
potentially produce output, whilst the provider is in error state.

These functions were detected using this method:

```
CFLAGS='-save-temps' ./Configure enable-fips --debug
make -j10
find . -name '*.i' | xargs git add -f
git grep --cached -p ossl_prov_is_running | grep libfips-lib > ossl_prov_is_running.txt
git grep --cached -p 'return' | grep libfips-lib > return.txt
grep '\.i=' return.txt > func-with_return.txt
grep '\.i=' ossl_prov_is_running.txt > func-with-ossl_prov_is_running.txt
grep --fixed-strings --line-regexp --file=func-with-ossl_prov_is_running.txt return.txt > func-without-ossl_prov_is_running.txt
grep -e newctx -e initctx -e dupctx func-without-ossl_prov_is_running.txt | grep -v ossl_prov_is_running
```

And from there doing manual inspection, as the list was short at that
point.

As in compile with keeping pre-processed source code; and use `git
grep --cached -p` to find these preprocessed files, and scan for calls
to return or opssl_prov_is_running, with function name printed. And
then exclude one from the other, to hopefully get a list of all the
functions that do not check for ossl_prov_is_running.

As number of functions without "func-without-ossl_prov_is_running"
check is large, I do wonder which other functions are "interesting" to
check for. I think I'm not scanning for _update functions
correctly. Any tips on improving above analysis will help with
maintaining such checks going forward.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25580)

show more ...

Use the correct length value for input salt

In this function the salt can be either a zero buffer of exactly mdlen
length, or an arbitrary salt of prevsecretlen length.
Although in p

Use the correct length value for input salt

In this function the salt can be either a zero buffer of exactly mdlen
length, or an arbitrary salt of prevsecretlen length.
Although in practice OpenSSL will always pass in a salt of mdlen size
bytes in the current TLS 1.3 code, the openssl kdf command can pass in
arbitrary values (I did it for testing), and a future change in the
higher layer code could also result in unmatched lengths.

If prevsecretlen is > mdlen this will cause incorrect salt expansion, if
prevsecretlen < mdlen this could cause a crash or reading random
information. Inboth case the generated output would be incorrect.

Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25579)

show more ...

ci: add 3.4 to prov-compat-label tests

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.or

ci: add 3.4 to prov-compat-label tests

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25583)

show more ...

ci: add 3.4 to the provider compatibility test

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@op

ci: add 3.4 to the provider compatibility test

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25583)

show more ...