Implement OpenSSL secure memory for Windows

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl

Implement OpenSSL secure memory for Windows

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13172)

show more ...

Unexport internal MSBLOB and PVK functions

The following internal functions are affected:

ossl_do_blob_header
ossl_do_PVK_header
ossl_b2i
ossl_b2i_bio

Unexport internal MSBLOB and PVK functions

The following internal functions are affected:

ossl_do_blob_header
ossl_do_PVK_header
ossl_b2i
ossl_b2i_bio

This is reflected by moving include/internal/pem.h to include/crypto/pem.h
engines/e_loader_attic gets the source code added to it to have
continued access to those functions.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13195)

show more ...

Work around Windows ftell() bug as per Microsoft engineering's suggestion

See
https://developercommunity.visualstudio.com/content/problem/425878/fseek-ftell-fail-in-text-mode-for-unix-st

Work around Windows ftell() bug as per Microsoft engineering's suggestion

See
https://developercommunity.visualstudio.com/content/problem/425878/fseek-ftell-fail-in-text-mode-for-unix-style-text.html

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13190)

show more ...

Deprecate EVP_PKEY_set1_tls_encodedpoint()

Also deprecate EVP_PKEY_get1_tls_encodedpoint().

The preferred alternative is EVP_PKEY_set1_encoded_public_key() and
EVP_PKEY_get1_enc

Deprecate EVP_PKEY_set1_tls_encodedpoint()

Also deprecate EVP_PKEY_get1_tls_encodedpoint().

The preferred alternative is EVP_PKEY_set1_encoded_public_key() and
EVP_PKEY_get1_encoded_public_key().

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13105)

show more ...

Document EVP_PKEY_set1_encoded_public_key()

Also documented EVP_PKEY_get1_encoded_public_key

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/op

Document EVP_PKEY_set1_encoded_public_key()

Also documented EVP_PKEY_get1_encoded_public_key

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13105)

show more ...

Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key

We do the same thing for the "get1" version. In reality this has broader
use than just TLS (it can also be used

Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key

We do the same thing for the "get1" version. In reality this has broader
use than just TLS (it can also be used in CMS), and "encodedpoint" only
makes sense when you are talking about EC based algorithms.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13105)

show more ...

resolve defects: reverse_inull; row[DB_exp_date] referenced before checking

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged fro

resolve defects: reverse_inull; row[DB_exp_date] referenced before checking

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13170)

show more ...

Fix Aes-xts potential failure on aarch64

Add return value for aarch64 in the init key function.
This will avoid overwriting the stream pointers of aarch64.

Reviewed-by: Shane Lo

Fix Aes-xts potential failure on aarch64

Add return value for aarch64 in the init key function.
This will avoid overwriting the stream pointers of aarch64.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13133)

show more ...

Prefix crlNumber output with 0x.

When the crlNumber field contains only 0-9 digits, the output is
ambiguous as to what base it's in, which can be confusing. Adding this
prefix makes

Prefix crlNumber output with 0x.

When the crlNumber field contains only 0-9 digits, the output is
ambiguous as to what base it's in, which can be confusing. Adding this
prefix makes it explicit that it's in hex.

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12434)

show more ...

Fix no-dh

One of the x509 tests checks to make sure spurious errors don't appear on
the stack. The x509 app uses the OSSL_STORE code to load things. The
OSSL_STORE code will try vari

Fix no-dh

One of the x509 tests checks to make sure spurious errors don't appear on
the stack. The x509 app uses the OSSL_STORE code to load things. The
OSSL_STORE code will try various different formats - which results in
lots of failures. However those failures are typically suppressed by
OSSL_STORE unless they are interesting. OSSL_STORE thinks it knows what
kind of errors are uninteresting (ASN.1 errors) but gets confused if
upper levels of code add additional errors to the stack. This was
happening in the DSA code which confused OSSL_STORE and meant the errors
were not being suppressed properly - and hence the x509 test failed.

Interestingly this only impacts a no-dh build, because in a no-dh build
the DSA param decoder suddenly becomes the last to be tried. If it
happens earlier in the list the errors end up getting suppressed anyway.

The simplest solution is to just to remove the error from the DSA param
decoder code. It's not adding any useful information anyway.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13162)

show more ...

TEST: fix the DH tests to reproduce the priv_len settings

Some DH tests are done against files generated with '-pkeyopt priv_len:224'
This parameter must of course be reproduced when cre

TEST: fix the DH tests to reproduce the priv_len settings

Some DH tests are done against files generated with '-pkeyopt priv_len:224'
This parameter must of course be reproduced when creating the key with
EVP_PKEY_fromdata(), or there will be a default that's guaranteed to
differ from the key parameters on file.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13166)

show more ...

DH: have DH_set_length() increment the dirty count.

The recommended private key length is a key parameter among other key
parameters, and is included in the key data transferred in an im

DH: have DH_set_length() increment the dirty count.

The recommended private key length is a key parameter among other key
parameters, and is included in the key data transferred in an import
or export between legacy implementations and provider implementations.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13166)

show more ...

DH: make the private key length importable / exportable

The DH private key length, which is an optional parameter, wasn't
properly imported / exported between legacy and provider side

DH: make the private key length importable / exportable

The DH private key length, which is an optional parameter, wasn't
properly imported / exported between legacy and provider side
implementations.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13166)

show more ...

Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING

Replace [collapsed reference links][] by [shortcut reference links],
in order to to improve the readability of the

Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING

Replace [collapsed reference links][] by [shortcut reference links],
in order to to improve the readability of the raw markdown text,
see also commit d8dc853825 (Change CVE link style in CHANGES and NEWS).

[collapsed reference links]:
https://github.github.com/gfm/#collapsed-reference-link

[shortcut reference links]:
https://github.github.com/gfm/#shortcut-reference-link

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13165)

show more ...

README: make the link to the OpenSSL 3.0 Wiki page more prominent

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https:/

README: make the link to the OpenSSL 3.0 Wiki page more prominent

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13164)

show more ...

ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally

OSSL_DECODER_CTX_set_params() and OSSL_ENCODER_CTX_set_params() would
stop as soon as a decoder / encoder

ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally

OSSL_DECODER_CTX_set_params() and OSSL_ENCODER_CTX_set_params() would
stop as soon as a decoder / encoder instance failed, which leaves the
rest of them with a possibly previous and different value.

Instead, these functions will now call them all, but will return 0 if
any of the instance calls failed.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13156)

show more ...

dev/release.sh: improve instruction for pushing the tag

'git push --follow-tags' does a little too much, any spurious tag
object that the releaser have in their local repository will com

dev/release.sh: improve instruction for pushing the tag

'git push --follow-tags' does a little too much, any spurious tag
object that the releaser have in their local repository will come
along, even though they have nothing to do with the commits being
pushed.

Therefore, we modify the instructions to show a separate and explicit
push of the release tag.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13159)

show more ...

TEST: modify tconversion.pl for forensics

In the interest of finding out what went wrong with a test by looking
at its output, tconversion.pl is modified to take arguments in option

TEST: modify tconversion.pl for forensics

In the interest of finding out what went wrong with a test by looking
at its output, tconversion.pl is modified to take arguments in option
form, and gets an additional -prefix option that callers can use to
ensure output files are uniquely named.

Test recipes are modified to use these new options.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13147)

show more ...

Add a CHANGES entry for the SSL_SECOP_TMP_DH change

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Ben Kaduk <kaduk@mit.

Add a CHANGES entry for the SSL_SECOP_TMP_DH change

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13136)

show more ...

Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback

The security operation SSL_SECOP_TMP_DH is defined to take an EVP_PKEY
in the "other" parameter:

/* Temporary DH

Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback

The security operation SSL_SECOP_TMP_DH is defined to take an EVP_PKEY
in the "other" parameter:

/* Temporary DH key */
# define SSL_SECOP_TMP_DH (7 | SSL_SECOP_OTHER_PKEY)

In most places this is what is passed. All these places occur server side.
However there is one client side call of this security operation and it
passes a DH object instead. This is incorrect according to the
definition of SSL_SECOP_TMP_DH, and is inconsistent with all of the other
locations.

Our own default security callback, and the debug callback in the apps,
never look at this value and therefore this issue was never noticed
previously. In theory a client side application could be relying on this
behaviour and could be broken by this change. This is probably fairly
unlikely but can't be ruled out.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13136)

show more ...

Concentrate deprecated libssl API usage in one file

We create a new file ssl/tls_depr.c to contain functions that need to call
deprecated APIs in libssl. This enables us to remove
OP

Concentrate deprecated libssl API usage in one file

We create a new file ssl/tls_depr.c to contain functions that need to call
deprecated APIs in libssl. This enables us to remove
OPENSSL_SUPPRESS_DEPRECATED from a number of other libssl files.

The deprecated API usage is either related to ENGINEs and is needed to
continue to support applications that use such ENGINEs. Or they are needed
to support some deprecated public libssl APIs.

One other file remains in libssl that still uses deprecated APIs: s3_cbc.c
This is needed to support the deprecated SSLv3.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13135)

show more ...

Fix missing include of string.h in apps/lib/engine.c for strcmp.

This include is required for c99 on the NonStop TNS/X platform.

CLA: trivial

Fixes #13102

Signed-o

Fix missing include of string.h in apps/lib/engine.c for strcmp.

This include is required for c99 on the NonStop TNS/X platform.

CLA: trivial

Fixes #13102

Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13103)

show more ...

list: add a -provider-info option.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13084)

null prov: fix gettable param array type.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13084)

Prepare for 3.0 alpha 8

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>