Support DEFAULT keyword and '-' prefix in SSL_CTX_set1_groups_list()

Fixes #25790

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(M

Support DEFAULT keyword and '-' prefix in SSL_CTX_set1_groups_list()

Fixes #25790

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25813)

show more ...

APPS/pkeyutl: strengthen error message on too long sign/verify input

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https:

APPS/pkeyutl: strengthen error message on too long sign/verify input

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22910)

show more ...

APPS/pkeyutl: -digest implies -rawin and can only be used with -sign and -verify

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged

APPS/pkeyutl: -digest implies -rawin and can only be used with -sign and -verify

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22910)

show more ...

APPS/pkeyutl: improve -rawin usability (implied by Ed25519 and Ed448) and doc

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged fr

APPS/pkeyutl: improve -rawin usability (implied by Ed25519 and Ed448) and doc

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22910)

show more ...

CHANGES.md: re-word 'app' to 'command' and 'apps' to 'commands' for consistency

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged

CHANGES.md: re-word 'app' to 'command' and 'apps' to 'commands' for consistency

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22910)

show more ...

apps/speed.c: Fix the benchmarking for AEAD ciphers

Fixed the benchmarking for the evp aead interface for ccm, gcm, ocb, and siv,
where decryption fails when executing
`openssl speed

apps/speed.c: Fix the benchmarking for AEAD ciphers

Fixed the benchmarking for the evp aead interface for ccm, gcm, ocb, and siv,
where decryption fails when executing
`openssl speed -evp aes-128-ccm -decrypt` and
`openssl speed -evp aes-128-gcm -decrypt`.

Related issues are [24686](https://github.com/openssl/openssl/issues/24686)
and [24250](https://github.com/openssl/openssl/issues/24250).
Now both encryption and decryption, with or without AAD, executes correctly
without issues.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25823)

show more ...

apps: Change default cipher to aes-256-cbc for req, cms and smime apps

Update `CHANGES.md` and `NEWS.md`; remove `no-des` guard from req, cms,
and smime apps

Update MAN pages fo

apps: Change default cipher to aes-256-cbc for req, cms and smime apps

Update `CHANGES.md` and `NEWS.md`; remove `no-des` guard from req, cms,
and smime apps

Update MAN pages for default cipher; fix styling by removing braces around single statements

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25839)

show more ...

Fix incorrect openssl-smime doc sample command for encrypt

Original documented sample command causes error. PEM recipient cert argument needs to go last.

CLA: trivial

Revie

Fix incorrect openssl-smime doc sample command for encrypt

Original documented sample command causes error. PEM recipient cert argument needs to go last.

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25829)

show more ...

speed.c: Check for 0 block size

Although this cannot really happen check for 0 block size
to avoid division by 0.

Fixes Coverity 1633936

Reviewed-by: Paul Dale <ppzgs1@

speed.c: Check for 0 block size

Although this cannot really happen check for 0 block size
to avoid division by 0.

Fixes Coverity 1633936

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25822)

show more ...

Fix potential memory leak in OSSL_HPKE_CTX_new()

ctx->propq is a duplicated string, but the error code does not free
the duplicated string's memory. If e.g. EVP_CIPHER_fetch() fails then

Fix potential memory leak in OSSL_HPKE_CTX_new()

ctx->propq is a duplicated string, but the error code does not free
the duplicated string's memory. If e.g. EVP_CIPHER_fetch() fails then
we can leak the string's memory.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25812)

show more ...

test: Add test cases for req -cipher option

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/open

test: Add test cases for req -cipher option

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25796)

show more ...

req: Add -cipher option to specify private key encryption cipher

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://gi

req: Add -cipher option to specify private key encryption cipher

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25796)

show more ...

Remove sslkeylog file setup from quic-hq-interop

Now that libcrypto supports the user of SSLKEYLOGFILE, the interop demo
attempts to open the same file based on the same env variable.

Remove sslkeylog file setup from quic-hq-interop

Now that libcrypto supports the user of SSLKEYLOGFILE, the interop demo
attempts to open the same file based on the same env variable.

The hq-interop-demo code can just be removed, and it fixes the open
failure when both libcrypto and hq-interop attempt to open and write the
same file, which is causing the nightly failure

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25819)

show more ...

fix: util/check-format-commit.sh - fix ending check

Look at the end result instead of the file name it's stored in

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by:

fix: util/check-format-commit.sh - fix ending check

Look at the end result instead of the file name it's stored in

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25810)

show more ...

output negotiated TLS1.3 group

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25808)

speed.c: Check block size before running EVP_Cipher_loop()

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tom Cosgrove <tom.

speed.c: Check block size before running EVP_Cipher_loop()

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/25792)

show more ...

test_speed: Explicitly test the crashing command line on sparc

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tom Cosgrove <

test_speed: Explicitly test the crashing command line on sparc

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/25792)

show more ...

Fix builds on riscv64 using musl

Some environments using musl are reported to have the hwprobe.h include
file but not have the __NR_riscv_hwprobe define.

Fixes #25772

R

Fix builds on riscv64 using musl

Some environments using musl are reported to have the hwprobe.h include
file but not have the __NR_riscv_hwprobe define.

Fixes #25772

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/25787)

show more ...

Fix ambiguous output of Signature Algorithms

Signature Algorithms are printed in a SIG+HASH format.
In some cases this is ambiguous like brainpool and RSA-PSS.
And the name of ed2551

Fix ambiguous output of Signature Algorithms

Signature Algorithms are printed in a SIG+HASH format.
In some cases this is ambiguous like brainpool and RSA-PSS.
And the name of ed25519 and ed448 must be spelled in lower case,
so that the output can be used as a -sigalgs parameter value.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25797)

show more ...

check-format-commit.sh: various improvements; check unstaged changes on empty commit range

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(M

check-format-commit.sh: various improvements; check unstaged changes on empty commit range

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25666)

show more ...

check-format-commit.sh: make awk patterns more robust for MacOS and certain flavors of Linux

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>

check-format-commit.sh: make awk patterns more robust for MacOS and certain flavors of Linux

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25666)

show more ...

Dependabot update

CLA: trivial

(deps): Bump actions/setup-python

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.2.0 to 5.3.0.
- [Release n

Dependabot update

CLA: trivial

(deps): Bump actions/setup-python

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.2.0 to 5.3.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v5.2.0...v5.3.0)

---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25795)

show more ...

github: add fips configuration, with legacy transitions turned off

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.c

github: add fips configuration, with legacy transitions turned off

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25762)

show more ...

fips no-des: compile out TDES KAT

FIPS provider correctly supports no-des build time option and doesn't
advertise DES related algorithms. However KAT test for DES is still
attempted

fips no-des: compile out TDES KAT

FIPS provider correctly supports no-des build time option and doesn't
advertise DES related algorithms. However KAT test for DES is still
attempted to be executed and fails.

This prevents configuring FIPS provider without legacy behaviour as
defined in SP 800-131Arev2. Also see #25761 internal docs.

Fix `enable-fips no-des` build option, and add a daily checker for
"legacy-free" (as much as currently feasible) FIPS configuration.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25762)

show more ...

tls_common.c: Align the calculation of maximal alignment value

In tls_setup_write_buffer() and tls_setup_read_buffer() the calculation
is different. Make them the same.

Fixes #2

tls_common.c: Align the calculation of maximal alignment value

In tls_setup_write_buffer() and tls_setup_read_buffer() the calculation
is different. Make them the same.

Fixes #25746

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25764)

show more ...