Correctly activate the provider in OSSL_PROVIDER_try_load

If during OSSL_PROVIDER_try_load() we attempt to load a provider, but
adding to the store gives back a different provider, then

Correctly activate the provider in OSSL_PROVIDER_try_load

If during OSSL_PROVIDER_try_load() we attempt to load a provider, but
adding to the store gives back a different provider, then we need to
ensure this different provider has its activation count increased.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16980)

show more ...

Stop receiving child callbacks in a child libctx when appropriate

We should stop receiving child callbacks if we're about to free up
the child libctx. Otherwise we can get callbacks when

Stop receiving child callbacks in a child libctx when appropriate

We should stop receiving child callbacks if we're about to free up
the child libctx. Otherwise we can get callbacks when the libctx is half
freed up.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16980)

show more ...

Don't bail out during provider deactivation if we don't have store

A provider may have been activated, but failed when being added to
the store. At this point we still need to deactivate

Don't bail out during provider deactivation if we don't have store

A provider may have been activated, but failed when being added to
the store. At this point we still need to deactivate it.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16980)

show more ...

Don't try and do ossl_provider_find in ossl_provider_new

We leave it to the caller to confirm that the provider does not exist
in the store. If it does exist then later adding it to the

Don't try and do ossl_provider_find in ossl_provider_new

We leave it to the caller to confirm that the provider does not exist
in the store. If it does exist then later adding it to the store will
fail.

It is possible that the provider could be added to the store in
between the caller checking, and the caller calling ossl_provider_new.
We leave it to the caller to properly handle the failure when it
attempts to add the provider to the store. This is simpler than
having ossl_provider_new try to handle it.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16980)

show more ...

Remove the isinited variable from child_prov_globals

This variable might have made sense at some point but it not longer does
so. It was being used to check whether we are still initing

Remove the isinited variable from child_prov_globals

This variable might have made sense at some point but it not longer does
so. It was being used to check whether we are still initing or not. If we
are still initing then the assumption was that we already hold the lock.
That assumption was untrue. We need to always take the lock.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16980)

show more ...

Avoid a race in init_thread_stop()

init_thread_stop() is called when a thread is stopping. It calls all
the callbacks that need to know about the demise of this thread. However,
the

Avoid a race in init_thread_stop()

init_thread_stop() is called when a thread is stopping. It calls all
the callbacks that need to know about the demise of this thread. However,
the list of callbacks is also available globally and may be updated by
other threads so we need to make sure we use the right lock.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16980)

show more ...

Don't attempt to deactive child providers if we don't need to

If a provider doesn't have any child providers then there is no need
to attempt to remove them - so we should not do so. Thi

Don't attempt to deactive child providers if we don't need to

If a provider doesn't have any child providers then there is no need
to attempt to remove them - so we should not do so. This removes some
potentialy thread races.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16980)

show more ...

Don't write to the globals ossl_property_true and ossl_property_false

These global variables were previously overwritten with the same value
every time we created a new OSSL_LIB_CTX. Ins

Don't write to the globals ossl_property_true and ossl_property_false

These global variables were previously overwritten with the same value
every time we created a new OSSL_LIB_CTX. Instead we preinitialise them
with the correct values, and then confirm that settings for each
OSSL_LIB_CTX agree with the preinitialised values.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16980)

show more ...

doc: Document outcome of multiple digestsign/digestverify calls

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16964)

evp_extra_test: Add SIPHASH MAC digestsign test with reinitialization

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16964)

providers: Allow possible reinitialization in all signature algorithms

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16964)

test: Add testing of reinitialization via EVP_DigestSignInit()

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16964)

do_sigver_init: Allow reinitialization of an existing operation.

Fixes #16936

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1

do_sigver_init: Allow reinitialization of an existing operation.

Fixes #16936

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16964)

show more ...

Fix return value checking of BN_check_prime invocations

Negative return value indicates an error so we bail out.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Kurt Roe

Fix return value checking of BN_check_prime invocations

Negative return value indicates an error so we bail out.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16975)

show more ...

Add return value NULL checks that were missing

Issues located by Brian Carpenter of Geeknik's Farm.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/o

Add return value NULL checks that were missing

Issues located by Brian Carpenter of Geeknik's Farm.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17007)

show more ...

x509: use safe maths calls for overflow detection

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16930)

run-checker: add CI to test safe_math without compiler support.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16930)

stack: increase the reallocation ratio

This change increases the reallocation ratio from 1.5 to 1.6.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/

stack: increase the reallocation ratio

This change increases the reallocation ratio from 1.5 to 1.6.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16930)

show more ...

test: add unit tests for integer overflow helpers

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16930)

doc: document the internal integer overflow helpers

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16930)

header: add integer overflow helper functions

Define a number of helper functions that ease the difficulty of detecting
integer overflows.

Reviewed-by: Tomas Mraz <tomas@openssl

header: add integer overflow helper functions

Define a number of helper functions that ease the difficulty of detecting
integer overflows.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16930)

show more ...

25-test_req.t: Add systematic SKID+AKID tests for self-issued (incl. self-signed) certs

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>

25-test_req.t: Add systematic SKID+AKID tests for self-issued (incl. self-signed) certs

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16342)

show more ...

X509: Fix handling of AKID and SKID extensions according to configuration

Fixes #16300

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.o

X509: Fix handling of AKID and SKID extensions according to configuration

Fixes #16300

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16342)

show more ...

Add OID for RPKI id-ct-ASPA

References: draft-ietf-sidrops-aspa-profile
"A Profile for Autonomous System Provider Authorization" (ASPA)

OID permanently assigned under 'SMI Secur

Add OID for RPKI id-ct-ASPA

References: draft-ietf-sidrops-aspa-profile
"A Profile for Autonomous System Provider Authorization" (ASPA)

OID permanently assigned under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)'
https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17002)

show more ...

sha/asm/keccak1600-ppc64.pl: Load data in 8 byte chunks on little endian

We currently load data byte by byte in order to byteswap it on big
endian. On little endian we can just do 8 byte

sha/asm/keccak1600-ppc64.pl: Load data in 8 byte chunks on little endian

We currently load data byte by byte in order to byteswap it on big
endian. On little endian we can just do 8 byte loads.

A SHAKE128 benchmark runs 10% faster on POWER9 with this patch applied.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8455)

show more ...