Fix documentation regarding KMAC sizes

As per recommendation by jfinkhaeuser, this documents the defaults for
KMAC-128 as 32 and for KMAC-256 as 64. The code already accomodates for

Fix documentation regarding KMAC sizes

As per recommendation by jfinkhaeuser, this documents the defaults for
KMAC-128 as 32 and for KMAC-256 as 64. The code already accomodates for
these values, so no changes are needed there.

Fixes #22381

CLA: trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22614)

show more ...

ossl_qrl_enc_level_set_provide_secret(): Avoid leaking keyslot in error condition

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged

ossl_qrl_enc_level_set_provide_secret(): Avoid leaking keyslot in error condition

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22600)

show more ...

internal/common.h: rename macro `(un)likely` to `ossl_(un)likely`

The macro was introduced in commit ed6dfd1e3694 without an
openssl-specific prefix as mandated by the coding style.

internal/common.h: rename macro `(un)likely` to `ossl_(un)likely`

The macro was introduced in commit ed6dfd1e3694 without an
openssl-specific prefix as mandated by the coding style.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/22603)

show more ...

Add negative test for key length change

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2

Add negative test for key length change

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22590)

show more ...

Add negative test for iv length change

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22

Add negative test for iv length change

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22590)

show more ...

update/final: Return error if key is not set

Also make sure the key is not set if the key
length is changed on the context after the key was
set previously.

Reviewed-by: Pau

update/final: Return error if key is not set

Also make sure the key is not set if the key
length is changed on the context after the key was
set previously.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22590)

show more ...

When changing IV length invalidate previously set IV

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/o

When changing IV length invalidate previously set IV

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22590)

show more ...

rand uniform: fix likely usage

@mspncp noted that the condition should have been likely not unlikely.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by

rand uniform: fix likely usage

@mspncp noted that the condition should have been likely not unlikely.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22593)

show more ...

Add support for streams to the quic-client fuzzer

Enable the quic-client fuzzer to accept and create new streams

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Toma

Add support for streams to the quic-client fuzzer

Enable the quic-client fuzzer to accept and create new streams

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22592)

show more ...

Call SSL_write() in the quic-client-fuzzer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/

Call SSL_write() in the quic-client-fuzzer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22592)

show more ...

Add additional internal HPKE hardening checks resulting from code audit.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://g

Add additional internal HPKE hardening checks resulting from code audit.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22493)

show more ...

Add design notes for XOF API.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21443)

TLS: Fix use of an uninitialized value

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2

TLS: Fix use of an uninitialized value

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22523)

show more ...

QUIC: Test missing/malformed/duplicate/etc. transport parameters

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.

QUIC: Test missing/malformed/duplicate/etc. transport parameters

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22523)

show more ...

QUIC QTEST_FAULT: Allow deleted TLS extension to be output

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/op

QUIC QTEST_FAULT: Allow deleted TLS extension to be output

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22523)

show more ...

QUIC WIRE: Refuse integer transport params with trailing body bytes

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://gith

QUIC WIRE: Refuse integer transport params with trailing body bytes

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22523)

show more ...

QUIC CHANNEL: Set reason string for missing tparams extension

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com

QUIC CHANNEL: Set reason string for missing tparams extension

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22523)

show more ...

ossl_quic_new(): Fix a leak found by error injection

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/opens

ossl_quic_new(): Fix a leak found by error injection

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22572)

show more ...

Fix quicserver binding when duplicate entries exist

In testing the quic demos, I found that the quicserver refused to start for me,
indicating an inability to bind a socket to listen on

Fix quicserver binding when duplicate entries exist

In testing the quic demos, I found that the quicserver refused to start for me,
indicating an inability to bind a socket to listen on

The problem turned out to be that getaddrinfo on my system was returning
multiple entries, due to the fact that /etc/host maps the localhost host name to
both ipv4 (127.0.0.1) and ipv6 (::1), but returns the latter as an ipv4 mapped
address (specifying family == AF_INET)

It seems like the proper fix would be to modify the /etc/hosts file to not make
that mapping, and indeed that works. However, since several distribution ship
with this setup, it seems like it is worthwhile to manage it in the server code.

its also that some other application may be bound to a given address/port
leading to failure, which I think could be considered erroneous, as any failure
for the full addrinfo list in quicserver would lead to a complete failure

Fix this by modifying the create_dgram_bio function to count the number of
sockets is successfully binds/listens on, skipping any failures, and only exit
the application if the number of bound sockets is zero.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22559)

show more ...

tag ossl_assert not failing as being 'likely' to improve optimisation

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Mat

tag ossl_assert not failing as being 'likely' to improve optimisation

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22516)

show more ...

CHANGES.md: document BLAKE2b's "size"-setting support

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@a

CHANGES.md: document BLAKE2b's "size"-setting support

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22583)

show more ...

QUIC SSTREAM: Fix bug in ossl_quic_sstream_is_totally_acked

ossl_quic_sstream_is_totally_acked would return 0
if no data had been appended to the stream yet.
Fixed and added tests.

QUIC SSTREAM: Fix bug in ossl_quic_sstream_is_totally_acked

ossl_quic_sstream_is_totally_acked would return 0
if no data had been appended to the stream yet.
Fixed and added tests.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22580)

show more ...

Fix a possible memory leak in load_builtin_compressions

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlanda

Fix a possible memory leak in load_builtin_compressions

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22585)

show more ...

Update the OpenSSL Guide tutorials with changes to the demos

The demo code has changed to accept the hostname/port on the command line.
We update the tutorials to keep in sync with the d

Update the OpenSSL Guide tutorials with changes to the demos

The demo code has changed to accept the hostname/port on the command line.
We update the tutorials to keep in sync with the demo code.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22552)

show more ...

Update the README with information about how to run the QUIC demos

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte

Update the README with information about how to run the QUIC demos

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22552)

show more ...