| 184d29db | 22-May-2024 |
Ingo Franzki |
speed: Fix regression of measuring shake with -evp
After commit b911fef216d1386210ec24e201d54d709528abb4 speed with shake128 or
shake256 does not run anymore:
# openssl speed
speed: Fix regression of measuring shake with -evp
After commit b911fef216d1386210ec24e201d54d709528abb4 speed with shake128 or
shake256 does not run anymore:
# openssl speed -seconds 1 -evp shake128 -bytes 256
Doing shake128 ops for 1s on 256 size blocks: shake128 error!
000003FF9B7F2080:error:1C8000A6:Provider routines:keccak_final:invalid digest
length:providers/implementations/digests/sha3_prov.c:117:
version: 3.4.0-dev
...
type 256 bytes
shake128 0.00
Function EVP_Digest_loop() must use EVP_DigestInit_ex2(), EVP_DigestUpdate(),
and EVP_DigestFinalXOF() in case of shake instead of just EVP_Digest() to get
around this.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24462)
show more ...
|
| 05faa4ff | 22-May-2024 |
Dimitri John Ledkov |
rand: remove unimplemented librandom stub code
Clean up of unsuable / no-op code.
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merg
rand: remove unimplemented librandom stub code
Clean up of unsuable / no-op code.
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24465)
show more ...
|
| 46f55238 | 07-May-2024 |
Max Ammann |
EVP_CIPHER_CTX_get_key_length(): Add null check of ctx->cipher
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github
EVP_CIPHER_CTX_get_key_length(): Add null check of ctx->cipher
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22964)
show more ...
|
| f3b988dc | 03-Oct-2023 |
Max Ammann |
Add provider fuzzer
Test recipe 99-test_fuzz_provider.t added.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https
Add provider fuzzer
Test recipe 99-test_fuzz_provider.t added.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22964)
show more ...
|
| b9e084f1 | 20-May-2024 |
Randall S. Becker |
Added an explicit yield (OP_SLEEP) to QUIC testing for cooperative threading.
Fixes: #24442
Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>
Reviewed-by: Matt
Added an explicit yield (OP_SLEEP) to QUIC testing for cooperative threading.
Fixes: #24442
Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24443)
show more ...
|
| a0da3cb4 | 22-May-2024 |
Dimitri John Ledkov |
test: remove the just added, but now unrealistic, shake128 OAEP tests
These were added as a POC in #24387. However, such combinations are no
longer unusable since #24105 got merged.
test: remove the just added, but now unrealistic, shake128 OAEP tests
These were added as a POC in #24387. However, such combinations are no
longer unusable since #24105 got merged.
This should unbreak all build failures on mainline.
Partially reverts: 1bfc8d17f3 (rsa-oaep: block SHAKE usage in FIPS
mode, 2024-05-13)
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@surgut.co.uk>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24463)
show more ...
|
| 3472732c | 21-May-2024 |
PiotrBzdrega |
signal.h included two times
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Richard Levitte <levitte@op
signal.h included two times
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24445)
show more ...
|
| 1bfc8d17 | 13-May-2024 |
Dimitri John Ledkov |
rsa-oaep: block SHAKE usage in FIPS mode
NIST SP 800-56 rev2 only allows using approved hash algorithms in
OAEP. Unlike FIPS 186-5 it doesn't have text allowing to use XOF SHAKE
func
rsa-oaep: block SHAKE usage in FIPS mode
NIST SP 800-56 rev2 only allows using approved hash algorithms in
OAEP. Unlike FIPS 186-5 it doesn't have text allowing to use XOF SHAKE
functions. Maybe future revisions of SP 800-56 will adopt similar text
to FIPS 186-5 and allow XOF as MD and MGF (not MGF1).
RFC documents do not specify if SHAKE is allowed or blocked for usage
(i.e. there is no equivalent of RFC 8692 or RFC 8702 for OAEP). Status
quo allows their usage.
Add test cases for SHAKE in RSA-OAEP as allowed in default provider,
and blocked in fips.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24387)
show more ...
|
| 973ddaa0 | 11-May-2024 |
Dimitri John Ledkov |
rsa-pss: add tests checking for SHAKE usage in RSA-PSS
FIPS 186-5, RFC 8692, RFC 8702 all agree and specify that Shake shall
be used directly as MGF (not as a hash in MGF1). Add tests th
rsa-pss: add tests checking for SHAKE usage in RSA-PSS
FIPS 186-5, RFC 8692, RFC 8702 all agree and specify that Shake shall
be used directly as MGF (not as a hash in MGF1). Add tests that try to
specify shake hash as MGF1 to ensure that fails.
Separately the above standards specify how to use SHAKE as a message
digest with either fixed or minimum output lengths. However, currently
shake is not part of allowed hashes.
Note that rsa_setup_md()/rsa_setup_mgf1_md() call
ossl_digest_rsa_sign_get_md_nid() ->
ossl_digest_get_approved_nid_with_sha1() ->
ossl_digest_get_approved_nid() which only contain sha1/sha2/sha3
digests without XOF.
The digest test case will need to be replace if/when shake with
minimum output lengths is added to ossl_digest_get_approved_nid().
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24387)
show more ...
|
| 7884bedc | 21-Apr-2024 |
Alexandr Nedvedicky |
fix crash in ecp_nistz256_point_add_affine()
The .rodata section with precomputed constant `ecp_nistz256_precomputed` needs to be
terminated by .text, because the ecp_nistz256_precompute
fix crash in ecp_nistz256_point_add_affine()
The .rodata section with precomputed constant `ecp_nistz256_precomputed` needs to be
terminated by .text, because the ecp_nistz256_precomputed' happens to be the
first section in the file. The lack of .text makes code to arrive into the same
.rodata section where ecp_nistz256_precomputed is found. The exception is raised
as soon as CPU attempts to execute the code from read only section.
Fixes #24184
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24192)
show more ...
|
| a73e07db | 18-May-2024 |
Ruslan Baratov |
[Docs] Default value for verification flags is 'SSL_VERIFY_NONE'
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com
[Docs] Default value for verification flags is 'SSL_VERIFY_NONE'
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24435)
show more ...
|
| 4e8c4b77 | 17-Apr-2024 |
Richard Levitte |
Add installation documentation and notes on ANSI C and POSIX
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.
Add installation documentation and notes on ANSI C and POSIX
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24173)
show more ...
|
| 8cf9ac9c | 17-Apr-2024 |
Richard Levitte |
When defining ossl_ssize_t = ssize_t, remember to include sys/types.h
ssize_t isn't a C language type in any C language level, but is a POSIX type
defined in <sys/types.h>, so make sure
When defining ossl_ssize_t = ssize_t, remember to include sys/types.h
ssize_t isn't a C language type in any C language level, but is a POSIX type
defined in <sys/types.h>, so make sure to include that before use.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24173)
show more ...
|
| f352c808 | 17-Apr-2024 |
Richard Levitte |
For Unix, refactor OSSL_sleep() to use nanosleep() instead of usleep()
usleep() is obsolete since POSIX.1-2001 and removed in POSIX.1-2008,
in favor of nanosleep(), which has been presen
For Unix, refactor OSSL_sleep() to use nanosleep() instead of usleep()
usleep() is obsolete since POSIX.1-2001 and removed in POSIX.1-2008,
in favor of nanosleep(), which has been present since POSIX.1-2001.
The exceptions for DJGPP and TANDEM are preserved. Also, just in case
nanosleep() turns out to be unavailable on any Unix machinery that we
are unaware of, we allow a revert to using usleep() by defining
OPENSSL_USE_USLEEP.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24173)
show more ...
|
| 34f35473 | 17-Apr-2024 |
Richard Levitte |
Work on ANSI C compatibility: modifying the github workflow
The github workflow that attempts to check that OpenSSL ANSI C compatible
defined '_DEFAULT_SOURCE', which effectively turns g
Work on ANSI C compatibility: modifying the github workflow
The github workflow that attempts to check that OpenSSL ANSI C compatible
defined '_DEFAULT_SOURCE', which effectively turns gcc and clang into a C99
compiler... perhaps not with regard to pure language features, but it enables
a few too many types and functions that aren't defined in ANSI C library, or
in some cases, in any C language level library.
Instead of '_DEFAULT_SOURCE', this modification defines '_XOPEN_SOURCE=1' and
'_POSIX_SOURCE=200809L', to enable the use of 'timezone', 'ssize_t' and 'strdup()'.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24173)
show more ...
|
| a192b243 | 16-May-2024 |
Hongren Zheng |
fips provider: explicitly setup cpuid when initializing
Fixes: #23979
Previously fips module relied on OPENSSL_cpuid_setup
being used as constructor by the linker to correctly
fips provider: explicitly setup cpuid when initializing
Fixes: #23979
Previously fips module relied on OPENSSL_cpuid_setup
being used as constructor by the linker to correctly
setup the capability vector, either via .section .init
(for x86_64) or via __attribute__((constructor)).
This would make ld.so call OPENSSL_cpuid_setup before
the init function for fips module. However, this early
constructing behavior has several disadvantages:
1. Not all platform/toolchain supports such behavior
2. Initialisation sequence is not well defined, and
some function might not be initialized when cpuid_setup
is called
3. Implicit path is hard to maintain and debug
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24419)
show more ...
|
| 4dbd4925 | 30-Apr-2024 |
shridhar kalavagunta |
Fix mem leak in threadpool_test.c
Fixes #24104
Added a goto label for cleanup.
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Fix mem leak in threadpool_test.c
Fixes #24104
Added a goto label for cleanup.
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24412)
show more ...
|
| 45f5d51b | 16-May-2024 |
James Muir |
Fix typo in CONTRIBUTING.md
CLA: trivial
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/
Fix typo in CONTRIBUTING.md
CLA: trivial
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24413)
show more ...
|
| 85ccbab2 | 08-May-2024 |
Tomas Mraz |
Check DSA parameters for excessive sizes before validating
This avoids overly long computation of various validation
checks.
Fixes CVE-2024-4603
Reviewed-by: Paul Dale
Check DSA parameters for excessive sizes before validating
This avoids overly long computation of various validation
checks.
Fixes CVE-2024-4603
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/24346)
show more ...
|
| e91579db | 08-May-2024 |
Tomas Mraz |
Sync up CHANGES.md with 3.3 branch
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-
Sync up CHANGES.md with 3.3 branch
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/24346)
show more ...
|
| a6afe2b2 | 11-May-2024 |
Andrew Golovashevich |
Additional testcases for bn_gcd
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Mer
Additional testcases for bn_gcd
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24332)
show more ...
|
| aaa1bda7 | 05-May-2024 |
Andrew Golovashevich |
Optimizated calculation of shared power of 2 in bn_gcd
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <toma
Optimizated calculation of shared power of 2 in bn_gcd
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24332)
show more ...
|
| 5a0c92cf | 05-Apr-2024 |
DominikN |
Update openssl-smime.pod.in
Remove duplicate entries for -nocerts and -noattr
CLA:trivial
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@opens
Update openssl-smime.pod.in
Remove duplicate entries for -nocerts and -noattr
CLA:trivial
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24052)
show more ...
|
| 987baef4 | 12-May-2024 |
Ruslan Baratov |
[Docs] 'SSL_CTX_set_cert_store' ownership of 'store'
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/
[Docs] 'SSL_CTX_set_cert_store' ownership of 'store'
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24375)
show more ...
|
| 50153ad2 | 13-May-2024 |
Matt Caswell |
Suppress a spurious error from the sysdefault test
Running the sysdefault test results in spurious error output - even
though the test has actually passed
Fixes #24383
Suppress a spurious error from the sysdefault test
Running the sysdefault test results in spurious error output - even
though the test has actually passed
Fixes #24383
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24384)
show more ...
|
