13add4d2 | 05-Sep-2024 |
Tomas Mraz |
make update Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes |
7ed6de99 | 05-Sep-2024 |
Tomas Mraz |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes |
210dc9a5 | 03-Sep-2024 |
Richard Levitte |
util/mkinstallvars.pl: replace List::Util::pairs with out own Unfortunately, List::Util::pairs didn't appear in perl core modules before 5.19.3, and our minimum requirement is 5.10.
util/mkinstallvars.pl: replace List::Util::pairs with out own Unfortunately, List::Util::pairs didn't appear in perl core modules before 5.19.3, and our minimum requirement is 5.10. Fortunately, we already have a replacement implementation, and can re-apply it in this script. Fixes #25366 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25367)
show more ...
|
c4a5d70d | 04-Sep-2024 |
Tomas Mraz |
CI: Update upload-artifact action to be compatible The download-artifact action was updated to 4.x and the upload-artifact must be kept in sync. Reviewed-by: Richard Levitte <le
CI: Update upload-artifact action to be compatible The download-artifact action was updated to 4.x and the upload-artifact must be kept in sync. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25383)
show more ...
|
2a6305df | 03-Sep-2024 |
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
build(deps): bump actions/download-artifact in /.github/workflows Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.1.7. - [Release notes](https
build(deps): bump actions/download-artifact in /.github/workflows Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.1.7. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v3...v4.1.7) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> CLA: trivial Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25374)
show more ...
|
bbe4571f | 28-Aug-2024 |
Alexandr Nedvedicky |
EVP_CIPHER_CTX_get_algor_params() may attempt to access params array at position -1 (prams[=1]). The issue has been reported by coverity check. Reviewed-by: Richard Levitte <lev
EVP_CIPHER_CTX_get_algor_params() may attempt to access params array at position -1 (prams[=1]). The issue has been reported by coverity check. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25303)
show more ...
|
c23ce352 | 02-Sep-2024 |
Ingo Franzki |
s390x: Fix prehash-by-caller handling for ED25519 and ED448 In case of prehash or prehash-by-caller is set skip the s390x specific acceleration an fallback to the non-accelerated code pa
s390x: Fix prehash-by-caller handling for ED25519 and ED448 In case of prehash or prehash-by-caller is set skip the s390x specific acceleration an fallback to the non-accelerated code path. Fixes: 66966827740a04249300b0b25735e9d4c9bcab26 Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25351)
show more ...
|
a75d6263 | 26-Aug-2024 |
Ingo Franzki |
s390x: Disable HMAC hardware acceleration when an engine is used for the digest The TLSProxy uses the 'ossltest' engine to produce known output for digests and HMAC calls. However, when
s390x: Disable HMAC hardware acceleration when an engine is used for the digest The TLSProxy uses the 'ossltest' engine to produce known output for digests and HMAC calls. However, when running on a s390x system that supports hardware acceleration of HMAC, the engine is not used for calculating HMACs, but the s390x specific HMAC implementation is used, which does produce correct output, but not the known output that the engine would produce. This causes some tests (i.e. test_key_share, test_sslextension, test_sslrecords, test_sslvertol, and test_tlsextms) to fail. Disable the s390x HMAC hardware acceleration if an engine is used for the digest of the HMAC calculation. This provides compatibility for engines that provide digest implementations, and assume that these implementations are also used when calculating an HMAC. Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25287)
show more ...
|
03b22b4d | 03-Sep-2024 |
Tomas Mraz |
Add CVE-2024-5535 to CHANGES and NEWS Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit abcb0f83d060eb816503a6a36959ce8498a24111) |
ca979e85 | 10-Jul-2024 |
Viktor Dukhovni |
Updated CHANGES and NEWS for CVE-2024-6119 fix Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (cherry picked from commit cf384d35aa7142cc3
Updated CHANGES and NEWS for CVE-2024-6119 fix Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (cherry picked from commit cf384d35aa7142cc3b5de19f64d3972e77d3ff74)
show more ...
|
0890cd13 | 19-Jun-2024 |
Viktor Dukhovni |
Avoid type errors in EAI-related name check logic. The incorrectly typed data is read only, used in a compare operation, so neither remote code execution, nor memory content disclosure w
Avoid type errors in EAI-related name check logic. The incorrectly typed data is read only, used in a compare operation, so neither remote code execution, nor memory content disclosure were possible. However, applications performing certificate name checks were vulnerable to denial of service. The GENERAL_TYPE data type is a union, and we must take care to access the correct member, based on `gen->type`, not all the member fields have the same structure, and a segfault is possible if the wrong member field is read. The code in question was lightly refactored with the intent to make it more obviously correct. Fixes CVE-2024-6119 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
show more ...
|
56502897 | 30-Aug-2024 |
Tomas Mraz |
Add CHANGES.md and NEWS.md updates for the 3.4 release Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosg
Add CHANGES.md and NEWS.md updates for the 3.4 release Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/25339)
show more ...
|
01f4b44e | 01-Sep-2024 |
Brad Smith |
Add support for elf_aux_info() on OpenBSD CLA: trivial Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas
Add support for elf_aux_info() on OpenBSD CLA: trivial Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25346)
show more ...
|
16e7da09 | 30-Aug-2024 |
Theo Buehler |
Missing .rodata for AVX2/AVX512 codepaths This is a follow-up to #23997 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by:
Missing .rodata for AVX2/AVX512 codepaths This is a follow-up to #23997 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25340)
show more ...
|
c94d13a0 | 29-Jul-2024 |
Adam (ThinLinc team) <146726448+CendioHalim@users.noreply.github.com> |
Detect MinGW 32 bit for NO_INTERLOCKEDOR64 Builds using 32 bit MinGW will fail, due to the same reasoning described in commit 2d46a44ff24173d2cf5ea2196360cb79470d49c7. CLA: trivial
Detect MinGW 32 bit for NO_INTERLOCKEDOR64 Builds using 32 bit MinGW will fail, due to the same reasoning described in commit 2d46a44ff24173d2cf5ea2196360cb79470d49c7. CLA: trivial Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25025)
show more ...
|
d5b3c0e2 | 28-Aug-2024 |
Ingo Franzki |
s390x: Fix HMAC digest detection Use EVP_MD_is_a() instead of EVP_MD_get_type() to detect the digest type. EVP_MD_get_type() does not always return the expected NID, e.g. when runnin
s390x: Fix HMAC digest detection Use EVP_MD_is_a() instead of EVP_MD_get_type() to detect the digest type. EVP_MD_get_type() does not always return the expected NID, e.g. when running in the FIPS provider, EVP_MD_get_type() returns zero, causing to skip the HMAC acceleration path. Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25304)
show more ...
|
0cd9dd70 | 21-Aug-2024 |
Viktor Dukhovni |
Improve base64 BIO correctness and error reporting Also improve related documentation. - The BIO_FLAGS_BASE64_NO_NL flag did not behave as advertised, only leading and trailin
Improve base64 BIO correctness and error reporting Also improve related documentation. - The BIO_FLAGS_BASE64_NO_NL flag did not behave as advertised, only leading and trailing, but not internal, whitespace was supported: $ echo 'AA AA' | openssl base64 -A -d | wc -c 0 - Switching from ignored leading input to valid base64 input misbehaved when the length of the skipped input was one more than the length of the second and subsequent valid base64 lines in the internal 1k buffer: $ printf '#foo\n#bar\nA\nAAA\nAAAA\n' | openssl base64 -d | wc -c 0 - When the underlying BIO is retriable, and a read returns less than 1k of data, some of the already buffered input lines that could have been decoded and returned were retained internally for a retry by the caller. This is somewhat surprising, and the new code decodes as many of the buffered lines as possible. Issue reported by Michał Trojnara. - After all valid data has been read, the next BIO_read(3) should return 0 when the input was all valid or -1 if an error was detected. This now occurs in more consistently, but further tests and code refactoring may be needed to ensure this always happens. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25253)
show more ...
|
d1c2c054 | 28-Aug-2024 |
Richard Levitte |
fix: ossl_digest_get_approved_nid() returns NID_undef on invalid digest We checked using 'md_nid < 0', which is faulty. Impact: DSA and ECDSA signature provider implementations
fix: ossl_digest_get_approved_nid() returns NID_undef on invalid digest We checked using 'md_nid < 0', which is faulty. Impact: DSA and ECDSA signature provider implementations Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24992)
show more ...
|
f68ba38e | 24-Jul-2024 |
Richard Levitte |
Refactor OpenSSL 'ECDSA' EVP_SIGNATURE to also include ECDSA+hash composites Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-b
Refactor OpenSSL 'ECDSA' EVP_SIGNATURE to also include ECDSA+hash composites Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24992)
show more ...
|
bb2be4f0 | 24-Jul-2024 |
Richard Levitte |
Refactor OpenSSL 'DSA' EVP_SIGNATURE to also include DSA+hash composites (in the code, "sigalg" is used to refer to these composite algorithms, which is a nod to libcrypto and libssl, wh
Refactor OpenSSL 'DSA' EVP_SIGNATURE to also include DSA+hash composites (in the code, "sigalg" is used to refer to these composite algorithms, which is a nod to libcrypto and libssl, where that term is commonly used for composite algorithms) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24992)
show more ...
|
c6c6af18 | 30-Aug-2024 |
Pauli |
endecode_test.c: Fix !fips v3.0.0 check The fips_provider_version_* functions return true if the FIPS provider isn't loaded. This is somewhat counterintuitive and the fix in #25327 negl
endecode_test.c: Fix !fips v3.0.0 check The fips_provider_version_* functions return true if the FIPS provider isn't loaded. This is somewhat counterintuitive and the fix in #25327 neglected this nuance resulting in not running the SM2 tests when the FIPS provider wasn't being loaded. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25331)
show more ...
|
15b74849 | 28-Aug-2024 |
Richard Levitte |
exporters for pkg-config: align with the changes for CMake The latest CMake exporter changes reworked the the variables in builddata.pm and installdata.pm. Unfortunately, the pkg-config
exporters for pkg-config: align with the changes for CMake The latest CMake exporter changes reworked the the variables in builddata.pm and installdata.pm. Unfortunately, the pkg-config exporter templates were forgotten in that effort. Fixes #25299 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25308)
show more ...
|
0b97a550 | 29-Aug-2024 |
Tomas Mraz |
endecode_test.c: Avoid running the SM2 tests with 3.0.0 FIPS provider Fixes #25326 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.o
endecode_test.c: Avoid running the SM2 tests with 3.0.0 FIPS provider Fixes #25326 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25327)
show more ...
|
b4e4bf29 | 28-Aug-2024 |
Viktor Dukhovni |
Check for excess data in CertificateVerify As reported by Alicja Kario, we ignored excess bytes after the signature payload in TLS CertificateVerify Messages. These should not be pr
Check for excess data in CertificateVerify As reported by Alicja Kario, we ignored excess bytes after the signature payload in TLS CertificateVerify Messages. These should not be present. Fixes: #25298 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25302)
show more ...
|
25f5d7b8 | 29-Feb-2024 |
Joerg Schmidbauer |
s390x: support CPACF sha3/shake performance improvements On newer machines the SHA3/SHAKE performance of CPACF instructions KIMD and KLMD can be enhanced by using additional modifier bit
s390x: support CPACF sha3/shake performance improvements On newer machines the SHA3/SHAKE performance of CPACF instructions KIMD and KLMD can be enhanced by using additional modifier bits. This allows the application to omit initializing the ICV, but also affects the internal processing of the instructions. Performance is mostly gained when processing short messages. The new CPACF feature is backwards compatible with older machines, i.e. the new modifier bits are ignored on older machines. However, to save the ICV initialization, the application must detect the MSA level and omit the ICV initialization only if this feature is supported. Signed-off-by: Joerg Schmidbauer <jschmidb@de.ibm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25235)
show more ...
|