Correct the CHANGES entry for CVE-2023-1255

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/op

Correct the CHANGES entry for CVE-2023-1255

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/20798)

show more ...

doc: document that the "info" KDF param concatenates

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openss

doc: document that the "info" KDF param concatenates

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20724)

show more ...

Add "info" concatenation tests

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20724)

Update KDFs to use shared functions.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2

Update KDFs to use shared functions.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20724)

show more ...

params: add helper functions to allocate & copy params

Added a function to allocate a buffer and copy a maching param.
Added a function to allocate a buffer and concatenate all matching

params: add helper functions to allocate & copy params

Added a function to allocate a buffer and copy a maching param.
Added a function to allocate a buffer and concatenate all matching params.

Fixes #20717

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20724)

show more ...

Added ability to pass additional ASFLAGS to Configure

This allows additional command line options to be passed to the assembler.

For example:
Configure VC-WIN64A ASFLAGS=--repro

Added ability to pass additional ASFLAGS to Configure

This allows additional command line options to be passed to the assembler.

For example:
Configure VC-WIN64A ASFLAGS=--reproducible

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20813)

show more ...

Fix regression of no-posix-io builds

Instead of using stat() to check if a file is a directory
we just skip . and .. as a workaround.

Reviewed-by: Hugo Landau <hlandau@openssl.o

Fix regression of no-posix-io builds

Instead of using stat() to check if a file is a directory
we just skip . and .. as a workaround.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/20786)

show more ...

dtls: code cleanup and refactorization

- factorize BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT calls.
- simplify a return type
- style nits

Reviewed-by: Todd Short <todd.short@me.com>

dtls: code cleanup and refactorization

- factorize BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT calls.
- simplify a return type
- style nits

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20602)

show more ...

Fixup demo exit status magic numbers

The demo code is quite often block copied for new demos,
so this PR changes demos to use EXIT_SUCCESS & EXIT_FAILURE
instead of using 0 and 1.

Fixup demo exit status magic numbers

The demo code is quite often block copied for new demos,
so this PR changes demos to use EXIT_SUCCESS & EXIT_FAILURE
instead of using 0 and 1.
Internal functions use the normal notation of 0 = error, 1 = success,
but the value returned by main() must use EXIT_SUCCESS and EXIT_FAILURE.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20545)

show more ...

Replace use of strstr with strchr

It is better to use strchr where we are looking for a single character.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tom

Replace use of strstr with strchr

It is better to use strchr where we are looking for a single character.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20788)

show more ...

Coverity 1524619: unexpected control flow

Using "continue" in a do...while(0) loop is pointless. The original intent
was that the loop would continue to a second iteration in this case.

Coverity 1524619: unexpected control flow

Using "continue" in a do...while(0) loop is pointless. The original intent
was that the loop would continue to a second iteration in this case.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20788)

show more ...

Revert "Adding Control Flow guard to Windows Builds"

Reasons:
- The patch was missing the linker flag /guard:cf
As a result no binary with CFG was ever built
- /guard:cf is inc

Revert "Adding Control Flow guard to Windows Builds"

Reasons:
- The patch was missing the linker flag /guard:cf
As a result no binary with CFG was ever built
- /guard:cf is incompatible with NASM
If the linker flag is added, the resulting binary fails with this exception:
Unhandled exception at 0x00007FFFB8B93C90 (ntdll.dll) in openssl.exe: Indirect call guard check detected invalid control transfer.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20807)

show more ...

Fix calling pthread_key_delete on uninitialized data

default_context_do_init may be never called and CRYPTO_THREAD_init_local
inside it may be never called too. But corresponding
CRY

Fix calling pthread_key_delete on uninitialized data

default_context_do_init may be never called and CRYPTO_THREAD_init_local
inside it may be never called too. But corresponding
CRYPTO_THREAD_cleanup_local is always called at cleanup stage. This lead
to undefined behavior.

So, add flag to check that default_context_do_init will be called
successfully or not.

Fix: #20697

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20801)

show more ...

fips: setup the FIPS provider in pendantic mode for testing

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <

fips: setup the FIPS provider in pendantic mode for testing

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20762)

show more ...

test: update ssl_new tests in line with pedantic FIPS policy

Add a new option to the `test' section of SSL test data structure.
This contains a space separated list of version checks, al

test: update ssl_new tests in line with pedantic FIPS policy

Add a new option to the `test' section of SSL test data structure.
This contains a space separated list of version checks, all of which must
pass.

Note that the version checks are as they as because:

- 3.1.0 doesn't have mandatory EMS support, so it can run the old tests.
- 3.1.1 (& later) will have mandatory EMS support, so they can't run them.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20762)

show more ...

test: update TLS PDF tests in line with pedantic FIPS policy

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau

test: update TLS PDF tests in line with pedantic FIPS policy

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20762)

show more ...

test: update evprand tests in line with pedantic FIPS policy

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau

test: update evprand tests in line with pedantic FIPS policy

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20762)

show more ...

sslapi: use correct fipsmodule.cnf

The SSL API tests copies fipsmodule.cnf and modifies it. Unfortunately, it
grabbed the wrong instance of this file.

Reviewed-by: Tomas Mraz <

sslapi: use correct fipsmodule.cnf

The SSL API tests copies fipsmodule.cnf and modifies it. Unfortunately, it
grabbed the wrong instance of this file.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20762)

show more ...

Bump actions/setup-python from 4.5.0 to 4.6.0

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/setu

Bump actions/setup-python from 4.5.0 to 4.6.0

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4.5.0...v4.6.0)

---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20792)

show more ...

Replaced '{ 0, NULL }' with OSSL_DISPATCH_END in OSSL_DISPATCH arrays

Fixes #20710

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Replaced '{ 0, NULL }' with OSSL_DISPATCH_END in OSSL_DISPATCH arrays

Fixes #20710

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20745)

show more ...

Added a macro OSSL_DISPATCH_END as marker of the end of OSSL_DISPATCH arrays

Also updated the corresponding documentations.

Fixes #20710

Reviewed-by: Paul Dale <pauli@opens

Added a macro OSSL_DISPATCH_END as marker of the end of OSSL_DISPATCH arrays

Also updated the corresponding documentations.

Fixes #20710

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20745)

show more ...

Fix checking return code of EVP_PKEY_get_int_param at check_curve

According to docs, EVP_PKEY_get_int_param should return 1 on Success, and
0 on Failure. So, fix checking of this return

Fix checking return code of EVP_PKEY_get_int_param at check_curve

According to docs, EVP_PKEY_get_int_param should return 1 on Success, and
0 on Failure. So, fix checking of this return value at check_curve

CLA: trivial

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20770)

show more ...

Minor refactoring of the Argon2 derive function

Cache the fetched MAC and MD implementation until propq changes.
No need to keep the output stored in the context.

Reviewed-by: T

Minor refactoring of the Argon2 derive function

Cache the fetched MAC and MD implementation until propq changes.
No need to keep the output stored in the context.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20534)

show more ...

Bump coverallsapp/github-action from 2.1.0 to 2.1.2

Bumps [coverallsapp/github-action](https://github.com/coverallsapp/github-action) from 2.1.0 to 2.1.2.
- [Release notes](https://githu

Bump coverallsapp/github-action from 2.1.0 to 2.1.2

Bumps [coverallsapp/github-action](https://github.com/coverallsapp/github-action) from 2.1.0 to 2.1.2.
- [Release notes](https://github.com/coverallsapp/github-action/releases)
- [Commits](https://github.com/coverallsapp/github-action/compare/v2.1.0...v2.1.2)

---
updated-dependencies:
- dependency-name: coverallsapp/github-action
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

CLA: trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20773)

show more ...

aesv8-armx.pl: Avoid buffer overrread in AES-XTS decryption

Original author: Nevine Ebeid (Amazon)
Fixes: CVE-2023-1255

The buffer overread happens on decrypts of 4 mod 5 sizes.

aesv8-armx.pl: Avoid buffer overrread in AES-XTS decryption

Original author: Nevine Ebeid (Amazon)
Fixes: CVE-2023-1255

The buffer overread happens on decrypts of 4 mod 5 sizes.
Unless the memory just after the buffer is unmapped this is harmless.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/20759)

show more ...