diff options
| author | Enji Cooper <ngie@FreeBSD.org> | 2025-09-30 12:03:15 -0700 |
|---|---|---|
| committer | Enji Cooper <ngie@FreeBSD.org> | 2025-09-30 12:03:51 -0700 |
| commit | 027bdf0ee383fb657033470517517ceebecc3aa4 (patch) | |
| tree | 510bc6bdc528e99a108b7d3d66af49a2113991f9 | |
| parent | ecf8229ffeb17a05c78fab6b973b0cccb84e25c5 (diff) | |
vendor/openssl: import 3.0.18vendor/openssl/3.0.18
Per the upstream release notes, this is a security release. However,
all of the needed fixes/mitigations have been deployed to all relevant
14.x branches making the update in this change less critical. This just
aids with future release backporting.
Obtained from: https://github.com/openssl/openssl/releases/download/openssl-3.0.18/openssl-3.0.18.tar.gz
87 files changed, 761 insertions, 293 deletions
diff --git a/CHANGES.md b/CHANGES.md index d3958d762af5..393b7700cf17 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -28,6 +28,74 @@ breaking changes, and mappings for the large list of deprecated functions. [Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod +### Changes between 3.0.17 and 3.0.18 [30 Sep 2025] + + * Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap + + Issue summary: An application trying to decrypt CMS messages encrypted using + password based encryption can trigger an out-of-bounds read and write. + + Impact summary: This out-of-bounds read may trigger a crash which leads to + Denial of Service for an application. The out-of-bounds write can cause + a memory corruption which can have various consequences including + a Denial of Service or Execution of attacker-supplied code. + + The issue was reported by Stanislav Fort (Aisle Research). + + ([CVE-2025-9230]) + + *Viktor Dukhovni* + + * Fix Out-of-bounds read in HTTP client no_proxy handling + + Issue summary: An application using the OpenSSL HTTP client API functions + may trigger an out-of-bounds read if the "no_proxy" environment variable is + set and the host portion of the authority component of the HTTP URL is an + IPv6 address. + + Impact summary: An out-of-bounds read can trigger a crash which leads to + Denial of Service for an application. + + The issue was reported by Stanislav Fort (Aisle Research). + + ([CVE-2025-9232]) + + *Stanislav Fort* + + * Avoided a potential race condition introduced in 3.0.17, where + `OSSL_STORE_CTX` kept open during lookup while potentially being used + by multiple threads simultaneously, that could lead to potential crashes + when multiple concurrent TLS connections are served. + + *Matt Caswell* + + * Secure memory allocation calls are no longer used for HMAC keys. + + *Dr Paul Dale* + + * `openssl req` no longer generates certificates with an empty extension list + when SKID/AKID are set to `none` during generation. + + *David Benjamin* + + * The man page date is now derived from the release date provided + in `VERSION.dat` and not the current date for the released builds. + + *Enji Cooper* + + * Hardened the provider implementation of the RSA public key "encrypt" + operation to add a missing check that the caller-indicated output buffer + size is at least as large as the byte count of the RSA modulus. The issue + was reported by Arash Ale Ebrahim from SYSPWN. + + This operation is typically invoked via `EVP_PKEY_encrypt(3)`. Callers that + in fact provide a sufficiently large buffer, but fail to correctly indicate + its size may now encounter unexpected errors. In applications that attempt + RSA public encryption into a buffer that is too small, an out-of-bounds + write is now avoided and an error is reported instead. + + *Viktor Dukhovni* + ### Changes between 3.0.16 and 3.0.17 [1 Jul 2025] * none yet @@ -19962,6 +20030,8 @@ ndif <!-- Links --> +[CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232 +[CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230 [CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176 [CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143 [CVE-2024-6119]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-6119 diff --git a/Configurations/50-nonstop.conf b/Configurations/50-nonstop.conf index ed3fe828b318..b131ca602bc4 100644 --- a/Configurations/50-nonstop.conf +++ b/Configurations/50-nonstop.conf @@ -167,12 +167,14 @@ # Build models 'nonstop-model-put' => { template => 1, + disable => [ 'secure-memory' ], defines => ['_PUT_MODEL_', '_REENTRANT', '_THREAD_SUPPORT_FUNCTIONS'], ex_libs => '-lput', }, 'nonstop-model-spt' => { template => 1, + disable => [ 'secure-memory' ], defines => ['_SPT_MODEL_', '_REENTRANT', '_ENABLE_FLOSS_THREADS'], ex_libs => '-lspt', diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index d2b0797a7edf..a68ae9f26fa1 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -3,6 +3,8 @@ ## ## {- join("\n## ", @autowarntext) -} {- + use Time::Piece; + use OpenSSL::Util; our $makedep_scheme = $config{makedep_scheme}; @@ -68,6 +70,15 @@ FIPSKEY={- $config{FIPSKEY} -} VERSION={- "$config{full_version}" -} VERSION_NUMBER={- "$config{version}" -} +RELEASE_DATE={- my $t = localtime; + if ($config{"release_date"}) { + # Provide the user with a more meaningful error message + # than the default internal parsing error from + # `Time::Piece->strptime(..)`. + eval { $t = Time::Piece->strptime($config{"release_date"}, "%d %b %Y"); } || + die "Parsing \$config{release_date} ('$config{release_date}') failed: $@"; + } + $t->strftime("%Y-%m-%d") -} MAJOR={- $config{major} -} MINOR={- $config{minor} -} SHLIB_VERSION_NUMBER={- $config{shlib_version} -} @@ -1540,7 +1551,8 @@ EOF return <<"EOF"; $args{src}: $pod pod2man --name=$name --section=$section\$(MANSUFFIX) --center=OpenSSL \\ - --release=\$(VERSION) $pod >\$\@ + --date=\$(RELEASE_DATE) --release=\$(VERSION) \\ + $pod >\$\@ EOF } elsif (platform->isdef($args{src})) { # @@ -18,6 +18,19 @@ OpenSSL Releases OpenSSL 3.0 ----------- +### Major changes between OpenSSL 3.0.17 and OpenSSL 3.0.18 [30 Sep 2025] + +OpenSSL 3.0.18 is a security patch release. The most severe CVE fixed in this +release is Moderate. + +This release incorporates the following bug fixes and mitigations: + + * Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. + ([CVE-2025-9230]) + + * Fix Out-of-bounds read in HTTP client no_proxy handling. + ([CVE-2025-9232]) + ### Major changes between OpenSSL 3.0.16 and OpenSSL 3.0.17 [1 Jul 2025] OpenSSL 3.0.17 is a bug fix release. @@ -1516,7 +1529,8 @@ OpenSSL 0.9.x * Support for various new platforms <!-- Links --> - +[CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232 +[CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230 [CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176 [CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143 [CVE-2024-6119]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-6119 diff --git a/VERSION.dat b/VERSION.dat index 344a35bc5fb3..817a2ed0fb4d 100644 --- a/VERSION.dat +++ b/VERSION.dat @@ -1,7 +1,7 @@ MAJOR=3 MINOR=0 -PATCH=17 +PATCH=18 PRE_RELEASE_TAG= BUILD_METADATA= -RELEASE_DATE="1 Jul 2025" +RELEASE_DATE="30 Sep 2025" SHLIB_VERSION=3 diff --git a/apps/asn1parse.c b/apps/asn1parse.c index 129b867c8cc7..04263eeb034d 100644 --- a/apps/asn1parse.c +++ b/apps/asn1parse.c @@ -40,8 +40,8 @@ const OPTIONS asn1parse_options[] = { {"length", OPT_LENGTH, 'p', "length of section in file"}, {"strparse", OPT_STRPARSE, 'p', "offset; a series of these can be used to 'dig'"}, - {"genstr", OPT_GENSTR, 's', "string to generate ASN1 structure from"}, {OPT_MORE_STR, 0, 0, "into multiple ASN1 blob wrappings"}, + {"genstr", OPT_GENSTR, 's', "string to generate ASN1 structure from"}, {"genconf", OPT_GENCONF, 's', "file to generate ASN1 structure from"}, {"strictpem", OPT_STRICTPEM, 0, "do not attempt base64 decode outside PEM markers"}, diff --git a/apps/cms.c b/apps/cms.c index 185396ca7b38..6184f7143fef 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -1246,6 +1246,7 @@ int cms_main(int argc, char **argv) goto end; } if (ret <= 0) { + BIO_printf(bio_err, "Error writing CMS output\n"); ret = 6; goto end; } diff --git a/apps/ecparam.c b/apps/ecparam.c index 9e9ad136837b..e78eb234d6d8 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2002-2025 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * * Licensed under the Apache License 2.0 (the "License"). You may not use @@ -243,9 +243,17 @@ int ecparam_main(int argc, char **argv) goto end; } } else { - params_key = load_keyparams(infile, informat, 1, "EC", "EC parameters"); - if (params_key == NULL || !EVP_PKEY_is_a(params_key, "EC")) + params_key = load_keyparams_suppress(infile, informat, 1, "EC", + "EC parameters", 1); + if (params_key == NULL) + params_key = load_keyparams_suppress(infile, informat, 1, "SM2", + "SM2 parameters", 1); + + if (params_key == NULL) { + BIO_printf(bio_err, "Unable to load parameters from %s\n", infile); goto end; + } + if (point_format && !EVP_PKEY_set_utf8_string_param( params_key, OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, diff --git a/apps/enc.c b/apps/enc.c index c275046cf57a..3846d4ad3e5e 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -234,6 +234,8 @@ int enc_main(int argc, char **argv) goto opthelp; if (k) n *= 1024; + if (n > INT_MAX) + goto opthelp; bsize = (int)n; break; case OPT_K: diff --git a/apps/include/apps.h b/apps/include/apps.h index baacd0025d68..c7e3e0351cb2 100644 --- a/apps/include/apps.h +++ b/apps/include/apps.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -94,7 +94,6 @@ typedef struct args_st { /* We need both wrap and the "real" function because libcrypto uses both. */ int wrap_password_callback(char *buf, int bufsiz, int verify, void *cb_data); -int chopup_args(ARGS *arg, char *buf); void dump_cert_text(BIO *out, X509 *x); void print_name(BIO *out, const char *title, const X509_NAME *nm); void print_bignum_var(BIO *, const BIGNUM *, const char*, diff --git a/apps/lib/apps.c b/apps/lib/apps.c index b4c4148c2ec9..ea827464dda1 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -90,54 +90,6 @@ int load_key_certs_crls_suppress(const char *uri, int format, int maybe_stdin, int app_init(long mesgwin); -int chopup_args(ARGS *arg, char *buf) -{ - int quoted; - char c = '\0', *p = NULL; - - arg->argc = 0; - if (arg->size == 0) { - arg->size = 20; - arg->argv = app_malloc(sizeof(*arg->argv) * arg->size, "argv space"); - } - - for (p = buf;;) { - /* Skip whitespace. */ - while (*p && isspace(_UC(*p))) - p++; - if (*p == '\0') - break; - - /* The start of something good :-) */ - if (arg->argc >= arg->size) { - char **tmp; - arg->size += 20; - tmp = OPENSSL_realloc(arg->argv, sizeof(*arg->argv) * arg->size); - if (tmp == NULL) - return 0; - arg->argv = tmp; - } - quoted = *p == '\'' || *p == '"'; - if (quoted) - c = *p++; - arg->argv[arg->argc++] = p; - - /* now look for the end of this */ - if (quoted) { - while (*p && *p != c) - p++; - *p++ = '\0'; - } else { - while (*p && !isspace(_UC(*p))) - p++; - if (*p) - *p++ = '\0'; - } - } - arg->argv[arg->argc] = NULL; - return 1; -} - #ifndef APP_INIT int app_init(long mesgwin) { diff --git a/apps/ocsp.c b/apps/ocsp.c index 26340805c2b3..355adf92bf90 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -666,7 +666,8 @@ redo_accept: resp = OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, NULL); - send_ocsp_response(cbio, resp); + if (resp != NULL) + send_ocsp_response(cbio, resp); } goto done_resp; } @@ -764,16 +765,18 @@ redo_accept: BIO_free(derbio); } - i = OCSP_response_status(resp); - if (i != OCSP_RESPONSE_STATUS_SUCCESSFUL) { - BIO_printf(out, "Responder Error: %s (%d)\n", - OCSP_response_status_str(i), i); - if (!ignore_err) + if (resp != NULL) { + i = OCSP_response_status(resp); + if (i != OCSP_RESPONSE_STATUS_SUCCESSFUL) { + BIO_printf(out, "Responder Error: %s (%d)\n", + OCSP_response_status_str(i), i); + if (!ignore_err) goto end; - } + } - if (resp_text) - OCSP_RESPONSE_print(out, resp, 0); + if (resp_text) + OCSP_RESPONSE_print(out, resp, 0); + } /* If running as responder don't verify our own response */ if (cbio != NULL) { diff --git a/apps/storeutl.c b/apps/storeutl.c index 96b943bf6dd1..e7e614833769 100644 --- a/apps/storeutl.c +++ b/apps/storeutl.c @@ -335,14 +335,22 @@ int storeutl_main(int argc, char *argv[]) static int indent_printf(int indent, BIO *bio, const char *format, ...) { va_list args; - int ret; + int ret, vret; + + ret = BIO_printf(bio, "%*s", indent, ""); + if (ret < 0) + return ret; va_start(args, format); + vret = BIO_vprintf(bio, format, args); + va_end(args); - ret = BIO_printf(bio, "%*s", indent, "") + BIO_vprintf(bio, format, args); + if (vret < 0) + return vret; + if (vret > INT_MAX - ret) + return INT_MAX; - va_end(args); - return ret; + return ret + vret; } static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata, diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl index 5d1283f57690..2345d4574a41 100644 --- a/crypto/aes/asm/aes-s390x.pl +++ b/crypto/aes/asm/aes-s390x.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -1431,6 +1431,9 @@ $code.=<<___ if (!$softonly); st${g} $s3,0($sp) # backchain la %r1,$stdframe($sp) + xc $stdframe+0(64,$sp),$stdframe+0($sp) # clear reserved/unused + # in parameter block + lmg $s2,$s3,0($key) # copy key stg $s2,$stdframe+80($sp) stg $s3,$stdframe+88($sp) diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index c50665914e3c..f744398fd65a 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -168,6 +168,19 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs) BIO_write(out, ",", 1); write_comma = 1; md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm); + + /* RFC 8702 does not define a micalg for SHAKE, assuming "shake-<bitlen>" */ + if (md_nid == NID_shake128) { + if (BIO_puts(out, "shake-128") < 0) + goto err; + continue; + } + if (md_nid == NID_shake256) { + if (BIO_puts(out, "shake-256") < 0) + goto err; + continue; + } + md = EVP_get_digestbynid(md_nid); if (md && md->md_ctrl) { int rv; @@ -204,15 +217,15 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs) case NID_id_GostR3411_94: BIO_puts(out, "gostr3411-94"); - goto err; + break; case NID_id_GostR3411_2012_256: BIO_puts(out, "gostr3411-2012-256"); - goto err; + break; case NID_id_GostR3411_2012_512: BIO_puts(out, "gostr3411-2012-512"); - goto err; + break; default: if (have_unknown) { @@ -272,7 +285,8 @@ int SMIME_write_ASN1_ex(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, BIO_printf(bio, "Content-Type: multipart/signed;"); BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix); BIO_puts(bio, " micalg=\""); - asn1_write_micalg(bio, mdalgs); + if (!asn1_write_micalg(bio, mdalgs)) + return 0; BIO_printf(bio, "\"; boundary=\"----%s\"%s%s", bound, mime_eol, mime_eol); BIO_printf(bio, "This is an S/MIME signed message%s%s", diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c index 8ca1cf64ed47..4292d805a16a 100644 --- a/crypto/bio/bss_dgram.c +++ b/crypto/bio/bss_dgram.c @@ -1,5 +1,5 @@ /* - * Copyright 2005-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2005-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -349,11 +349,11 @@ static int dgram_write(BIO *b, const char *in, int inl) return ret; } -static long dgram_get_mtu_overhead(bio_dgram_data *data) +static long dgram_get_mtu_overhead(BIO_ADDR *addr) { long ret; - switch (BIO_ADDR_family(&data->peer)) { + switch (BIO_ADDR_family(addr)) { case AF_INET: /* * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP @@ -365,7 +365,8 @@ static long dgram_get_mtu_overhead(bio_dgram_data *data) { # ifdef IN6_IS_ADDR_V4MAPPED struct in6_addr tmp_addr; - if (BIO_ADDR_rawaddress(&data->peer, &tmp_addr, NULL) + + if (BIO_ADDR_rawaddress(addr, &tmp_addr, NULL) && IN6_IS_ADDR_V4MAPPED(&tmp_addr)) /* * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP @@ -492,11 +493,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) &sockopt_len)) < 0 || sockopt_val < 0) { ret = 0; } else { - /* - * we assume that the transport protocol is UDP and no IP - * options are used. - */ - data->mtu = sockopt_val - 8 - 20; + data->mtu = sockopt_val - dgram_get_mtu_overhead(&addr); ret = data->mtu; } break; @@ -508,11 +505,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) || sockopt_val < 0) { ret = 0; } else { - /* - * we assume that the transport protocol is UDP and no IPV6 - * options are used. - */ - data->mtu = sockopt_val - 8 - 40; + data->mtu = sockopt_val - dgram_get_mtu_overhead(&addr); ret = data->mtu; } break; @@ -526,7 +519,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) # endif break; case BIO_CTRL_DGRAM_GET_FALLBACK_MTU: - ret = -dgram_get_mtu_overhead(data); + ret = -dgram_get_mtu_overhead(&data->peer); switch (BIO_ADDR_family(&data->peer)) { case AF_INET: ret += 576; @@ -760,7 +753,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) } break; case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD: - ret = dgram_get_mtu_overhead(data); + ret = dgram_get_mtu_overhead(&data->peer); break; /* diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c index a6143b6abcf6..0c57c1bfb474 100644 --- a/crypto/bio/bss_file.c +++ b/crypto/bio/bss_file.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -296,7 +296,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr) if (fp == NULL) { ERR_raise_data(ERR_LIB_SYS, get_last_sys_error(), "calling fopen(%s, %s)", - ptr, p); + (const char *)ptr, p); ERR_raise(ERR_LIB_BIO, ERR_R_SYS_LIB); ret = 0; break; diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c index d5c3c8d399df..33a7ccaa76a3 100644 --- a/crypto/cms/cms_pwri.c +++ b/crypto/cms/cms_pwri.c @@ -229,7 +229,7 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen, /* Check byte failure */ goto err; } - if (inlen < (size_t)(tmp[0] - 4)) { + if (inlen < 4 + (size_t)tmp[0]) { /* Invalid length value */ goto err; } diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index afc49f5cdc87..19208a860212 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -263,7 +263,7 @@ static int generate_key(DH *dh) int ok = 0; int generate_new_key = 0; #ifndef FIPS_MODULE - unsigned l; + int l; #endif BN_CTX *ctx = NULL; BIGNUM *pub_key = NULL, *priv_key = NULL; @@ -323,11 +323,13 @@ static int generate_key(DH *dh) goto err; #else if (dh->params.q == NULL) { - /* secret exponent length, must satisfy 2^(l-1) <= p */ - if (dh->length != 0 - && dh->length >= BN_num_bits(dh->params.p)) + /* secret exponent length, must satisfy 2^l < (p-1)/2 */ + l = BN_num_bits(dh->params.p); + if (dh->length >= l) goto err; - l = dh->length ? dh->length : BN_num_bits(dh->params.p) - 1; + l -= 2; + if (dh->length != 0 && dh->length < l) + l = dh->length; if (!BN_priv_rand_ex(priv_key, l, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY, 0, ctx)) goto err; diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index fd6c85230236..931e1b88ec6f 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -410,7 +410,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, } dh = (DH *)EVP_PKEY_get0_DH(ctx->pkey); dhpub = EVP_PKEY_get0_DH(ctx->peerkey); - if (dhpub == NULL) { + if (dhpub == NULL || dh == NULL) { ERR_raise(ERR_LIB_DH, DH_R_KEYS_NOT_SET); return 0; } diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c index 97e67fcb6814..ec3664b40661 100644 --- a/crypto/evp/bio_ok.c +++ b/crypto/evp/bio_ok.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -557,7 +557,7 @@ static int block_in(BIO *b) { BIO_OK_CTX *ctx; EVP_MD_CTX *md; - unsigned long tl = 0; + size_t tl = 0; unsigned char tmp[EVP_MAX_MD_SIZE]; int md_size; @@ -568,15 +568,18 @@ static int block_in(BIO *b) goto berr; assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */ - tl = ctx->buf[0]; - tl <<= 8; - tl |= ctx->buf[1]; - tl <<= 8; - tl |= ctx->buf[2]; - tl <<= 8; - tl |= ctx->buf[3]; - - if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md_size) + tl = ((size_t)ctx->buf[0] << 24) + | ((size_t)ctx->buf[1] << 16) + | ((size_t)ctx->buf[2] << 8) + | ((size_t)ctx->buf[3]); + + if (tl > OK_BLOCK_SIZE) + goto berr; + + if (tl > SIZE_MAX - OK_BLOCK_BLOCK - (size_t)md_size) + goto berr; + + if (ctx->buf_len < tl + OK_BLOCK_BLOCK + (size_t)md_size) return 1; if (!EVP_DigestUpdate(md, @@ -584,7 +587,7 @@ static int block_in(BIO *b) goto berr; if (!EVP_DigestFinal_ex(md, tmp, NULL)) goto berr; - if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md_size) == 0) { + if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, (size_t)md_size) == 0) { /* there might be parts from next block lurking around ! */ ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md_size; ctx->buf_len_save = ctx->buf_len; diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c index cbf02dc5f831..6f9f1ce68277 100644 --- a/crypto/evp/ctrl_params_translate.c +++ b/crypto/evp/ctrl_params_translate.c @@ -1355,7 +1355,7 @@ static int fix_rsa_padding_mode(enum state state, if (i == OSSL_NELEM(str_value_map)) { ERR_raise_data(ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE, "[action:%d, state:%d] padding name %s", - ctx->action_type, state, ctx->p1); + ctx->action_type, state, (const char *)ctx->p2); ctx->p1 = ret = -2; } else if (state == POST_CTRL_TO_PARAMS) { /* EVP_PKEY_CTRL_GET_RSA_PADDING weirdness explained further up */ diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 6ff7eb7e02cf..0ce7f19b4128 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -1095,15 +1095,14 @@ int EVP_PKEY_can_sign(const EVP_PKEY *pkey) } else { const OSSL_PROVIDER *prov = EVP_KEYMGMT_get0_provider(pkey->keymgmt); OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); - const char *supported_sig = - pkey->keymgmt->query_operation_name != NULL - ? pkey->keymgmt->query_operation_name(OSSL_OP_SIGNATURE) - : EVP_KEYMGMT_get0_name(pkey->keymgmt); - EVP_SIGNATURE *signature = NULL; - - signature = EVP_SIGNATURE_fetch(libctx, supported_sig, NULL); - if (signature != NULL) { - EVP_SIGNATURE_free(signature); + EVP_SIGNATURE *sig; + const char *name; + + name = evp_keymgmt_util_query_operation_name(pkey->keymgmt, + OSSL_OP_SIGNATURE); + sig = EVP_SIGNATURE_fetch(libctx, name, NULL); + if (sig != NULL) { + EVP_SIGNATURE_free(sig); return 1; } } diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c index 475082d43116..3cb66ef84625 100644 --- a/crypto/evp/p_seal.c +++ b/crypto/evp/p_seal.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -56,6 +56,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, for (i = 0; i < npubk; i++) { size_t keylen = len; + size_t outlen = EVP_PKEY_get_size(pubk[i]); pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pubk[i], NULL); if (pctx == NULL) { @@ -64,9 +65,9 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, } if (EVP_PKEY_encrypt_init(pctx) <= 0 - || EVP_PKEY_encrypt(pctx, ek[i], &keylen, key, keylen) <= 0) + || EVP_PKEY_encrypt(pctx, ek[i], &outlen, key, keylen) <= 0) goto err; - ekl[i] = (int)keylen; + ekl[i] = (int)outlen; EVP_PKEY_CTX_free(pctx); } pctx = NULL; diff --git a/crypto/http/http_lib.c b/crypto/http/http_lib.c index 9c41f57541d7..614fd200b7c0 100644 --- a/crypto/http/http_lib.c +++ b/crypto/http/http_lib.c @@ -267,6 +267,7 @@ static int use_proxy(const char *no_proxy, const char *server) /* strip leading '[' and trailing ']' from escaped IPv6 address */ sl -= 2; strncpy(host, server + 1, sl); + host[sl] = '\0'; server = host; } diff --git a/crypto/info.c b/crypto/info.c index a0dc2e80136f..b14afc777339 100644 --- a/crypto/info.c +++ b/crypto/info.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -18,6 +18,9 @@ #if defined(__arm__) || defined(__arm) || defined(__aarch64__) # include "arm_arch.h" # define CPU_INFO_STR_LEN 128 +#elif defined(__powerpc__) || defined(__POWERPC__) || defined(_ARCH_PPC) +# include "crypto/ppc_arch.h" +# define CPU_INFO_STR_LEN 128 #elif defined(__s390__) || defined(__s390x__) # include "s390x_arch.h" # define CPU_INFO_STR_LEN 2048 @@ -62,6 +65,15 @@ DEFINE_RUN_ONCE_STATIC(init_info_strings) BIO_snprintf(ossl_cpu_info_str + strlen(ossl_cpu_info_str), sizeof(ossl_cpu_info_str) - strlen(ossl_cpu_info_str), " env:%s", env); +# elif defined(__powerpc__) || defined(__POWERPC__) || defined(_ARCH_PPC) + const char *env; + + BIO_snprintf(ossl_cpu_info_str, sizeof(ossl_cpu_info_str), + CPUINFO_PREFIX "OPENSSL_ppccap=0x%x", OPENSSL_ppccap_P); + if ((env = getenv("OPENSSL_ppccap")) != NULL) + BIO_snprintf(ossl_cpu_info_str + strlen(ossl_cpu_info_str), + sizeof(ossl_cpu_info_str) - strlen(ossl_cpu_info_str), + " env:%s", env); # elif defined(__s390__) || defined(__s390x__) const char *env; diff --git a/crypto/modes/siv128.c b/crypto/modes/siv128.c index e6348a8d3753..76f43e347671 100644 --- a/crypto/modes/siv128.c +++ b/crypto/modes/siv128.c @@ -1,5 +1,5 @@ /* - * Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -202,9 +202,12 @@ int ossl_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen, || !EVP_MAC_final(mac_ctx, ctx->d.byte, &out_len, sizeof(ctx->d.byte))) { EVP_CIPHER_CTX_free(ctx->cipher_ctx); + ctx->cipher_ctx = NULL; EVP_MAC_CTX_free(ctx->mac_ctx_init); + ctx->mac_ctx_init = NULL; EVP_MAC_CTX_free(mac_ctx); EVP_MAC_free(ctx->mac); + ctx->mac = NULL; return 0; } EVP_MAC_CTX_free(mac_ctx); diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index e9de097da186..ad9416d423b5 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -334,8 +334,11 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) if (xalg->parameter == NULL) goto err; } - if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) <= 0) + if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) <= 0) { + ASN1_TYPE_free(xalg->parameter); + xalg->parameter = NULL; goto err; + } } /* Lets do the pub key stuff :-) */ diff --git a/crypto/property/property_parse.c b/crypto/property/property_parse.c index 45c798f1b50b..1548c07563e5 100644 --- a/crypto/property/property_parse.c +++ b/crypto/property/property_parse.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use @@ -642,7 +642,7 @@ static void put_str(const char *str, char **buf, size_t *remain, size_t *needed) } quotes = quote != '\0'; - if (*remain == 0) { + if (*remain <= (size_t)quotes) { *needed += 2 * quotes; return; } diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index b4854a4c4eab..e7a5cc6b8e5f 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -167,6 +167,10 @@ int RAND_load_file(const char *file, long bytes) /* If given a bytecount, and we did it, break. */ if (bytes > 0 && (bytes -= i) <= 0) break; + + /* We can hit a signed integer overflow on the next iteration */ + if (ret > INT_MAX - RAND_LOAD_BUF_SIZE) + break; } OPENSSL_cleanse(buf, sizeof(buf)); diff --git a/crypto/sm2/sm2_sign.c b/crypto/sm2/sm2_sign.c index 2097cd2fca86..85b42d8d7725 100644 --- a/crypto/sm2/sm2_sign.c +++ b/crypto/sm2/sm2_sign.c @@ -1,5 +1,5 @@ /* - * Copyright 2017-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2025 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2017 Ribose Inc. All Rights Reserved. * Ported from Ribose contributions from Botan. * @@ -217,6 +217,10 @@ static ECDSA_SIG *sm2_sig_gen(const EC_KEY *key, const BIGNUM *e) BIGNUM *tmp = NULL; OSSL_LIB_CTX *libctx = ossl_ec_key_get_libctx(key); + if (dA == NULL) { + ERR_raise(ERR_LIB_SM2, SM2_R_INVALID_PRIVATE_KEY); + goto done; + } kG = EC_POINT_new(group); ctx = BN_CTX_new_ex(libctx); if (kG == NULL || ctx == NULL) { diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c index bc12d8dd13a2..b81d3982c567 100644 --- a/crypto/store/store_lib.c +++ b/crypto/store/store_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -410,12 +410,6 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx) if (ctx->loader != NULL) OSSL_TRACE(STORE, "Loading next object\n"); - if (ctx->cached_info != NULL - && sk_OSSL_STORE_INFO_num(ctx->cached_info) == 0) { - sk_OSSL_STORE_INFO_free(ctx->cached_info); - ctx->cached_info = NULL; - } - if (ctx->cached_info != NULL) { v = sk_OSSL_STORE_INFO_shift(ctx->cached_info); } else { @@ -491,14 +485,23 @@ int OSSL_STORE_error(OSSL_STORE_CTX *ctx) int OSSL_STORE_eof(OSSL_STORE_CTX *ctx) { - int ret = 1; + int ret = 0; - if (ctx->fetched_loader != NULL) - ret = ctx->loader->p_eof(ctx->loader_ctx); + if (ctx->cached_info != NULL + && sk_OSSL_STORE_INFO_num(ctx->cached_info) == 0) { + sk_OSSL_STORE_INFO_free(ctx->cached_info); + ctx->cached_info = NULL; + } + + if (ctx->cached_info == NULL) { + ret = 1; + if (ctx->fetched_loader != NULL) + ret = ctx->loader->p_eof(ctx->loader_ctx); #ifndef OPENSSL_NO_DEPRECATED_3_0 - if (ctx->fetched_loader == NULL) - ret = ctx->loader->eof(ctx->loader_ctx); + if (ctx->fetched_loader == NULL) + ret = ctx->loader->eof(ctx->loader_ctx); #endif + } return ret != 0; } diff --git a/crypto/threads_pthread.c b/crypto/threads_pthread.c index 303f481bef12..dfa338b11734 100644 --- a/crypto/threads_pthread.c +++ b/crypto/threads_pthread.c @@ -38,7 +38,13 @@ # include <assert.h> -# ifdef PTHREAD_RWLOCK_INITIALIZER +/* + * The Non-Stop KLT thread model currently seems broken in its rwlock + * implementation + * Likewise is there a problem with the glibc implementation on riscv. + */ +# if defined(PTHREAD_RWLOCK_INITIALIZER) && !defined(_KLT_MODEL_) \ + && !defined(__riscv) # define USE_RWLOCK # endif diff --git a/crypto/x509/by_store.c b/crypto/x509/by_store.c index e486fb0a9d94..a00fc2c7352f 100644 --- a/crypto/x509/by_store.c +++ b/crypto/x509/by_store.c @@ -17,7 +17,6 @@ typedef struct cached_store_st { char *uri; OSSL_LIB_CTX *libctx; char *propq; - OSSL_STORE_CTX *ctx; } CACHED_STORE; DEFINE_STACK_OF(CACHED_STORE) @@ -27,14 +26,12 @@ static int cache_objects(X509_LOOKUP *lctx, CACHED_STORE *store, const OSSL_STORE_SEARCH *criterion, int depth) { int ok = 0; - OSSL_STORE_CTX *ctx = store->ctx; + OSSL_STORE_CTX *ctx; X509_STORE *xstore = X509_LOOKUP_get_store(lctx); - if (ctx == NULL - && (ctx = OSSL_STORE_open_ex(store->uri, store->libctx, store->propq, - NULL, NULL, NULL, NULL, NULL)) == NULL) + if ((ctx = OSSL_STORE_open_ex(store->uri, store->libctx, store->propq, + NULL, NULL, NULL, NULL, NULL)) == NULL) return 0; - store->ctx = ctx; /* * We try to set the criterion, but don't care if it was valid or not. @@ -79,7 +76,6 @@ static int cache_objects(X509_LOOKUP *lctx, CACHED_STORE *store, substore.uri = (char *)OSSL_STORE_INFO_get0_NAME(info); substore.libctx = store->libctx; substore.propq = store->propq; - substore.ctx = NULL; ok = cache_objects(lctx, &substore, criterion, depth - 1); } } else { @@ -105,7 +101,6 @@ static int cache_objects(X509_LOOKUP *lctx, CACHED_STORE *store, break; } OSSL_STORE_close(ctx); - store->ctx = NULL; return ok; } @@ -114,7 +109,6 @@ static int cache_objects(X509_LOOKUP *lctx, CACHED_STORE *store, static void free_store(CACHED_STORE *store) { if (store != NULL) { - OSSL_STORE_close(store->ctx); OPENSSL_free(store->uri); OPENSSL_free(store->propq); OPENSSL_free(store); @@ -148,6 +142,7 @@ static int by_store_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp, { STACK_OF(CACHED_STORE) *stores = X509_LOOKUP_get_method_data(ctx); CACHED_STORE *store = OPENSSL_zalloc(sizeof(*store)); + OSSL_STORE_CTX *sctx; if (store == NULL) { return 0; @@ -157,14 +152,20 @@ static int by_store_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp, store->libctx = libctx; if (propq != NULL) store->propq = OPENSSL_strdup(propq); - store->ctx = OSSL_STORE_open_ex(argp, libctx, propq, NULL, NULL, - NULL, NULL, NULL); - if (store->ctx == NULL + /* + * We open this to check for errors now - so we can report those + * errors early. + */ + sctx = OSSL_STORE_open_ex(argp, libctx, propq, NULL, NULL, + NULL, NULL, NULL); + if (sctx == NULL || (propq != NULL && store->propq == NULL) || store->uri == NULL) { + OSSL_STORE_close(sctx); free_store(store); return use_default; } + OSSL_STORE_close(sctx); if (stores == NULL) { stores = sk_CACHED_STORE_new_null(); @@ -184,7 +185,6 @@ static int by_store_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp, store.uri = (char *)argp; store.libctx = libctx; store.propq = (char *)propq; - store.ctx = NULL; return cache_objects(ctx, &store, NULL, 0); } default: @@ -230,8 +230,14 @@ static int by_store_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, OSSL_STORE_SEARCH_free(criterion); - if (ok) + if (ok) { + X509_STORE *store = X509_LOOKUP_get_store(ctx); + + if (!X509_STORE_lock(store)) + return 0; tmp = X509_OBJECT_retrieve_by_subject(store_objects, type, name); + X509_STORE_unlock(store); + } ok = 0; if (tmp != NULL) { diff --git a/crypto/x509/t_req.c b/crypto/x509/t_req.c index 63626c0d9810..c6b73c1d6208 100644 --- a/crypto/x509/t_req.c +++ b/crypto/x509/t_req.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -40,7 +40,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, long l; int i; EVP_PKEY *pkey; - STACK_OF(X509_EXTENSION) *exts; + STACK_OF(X509_EXTENSION) *exts = NULL; char mlch = ' '; int nmindent = 0, printok = 0; @@ -191,6 +191,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, goto err; } sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); + exts = NULL; } } @@ -204,6 +205,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, return 1; err: + sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB); return 0; } diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c index 5b0282bc132f..3333cf131d92 100644 --- a/crypto/x509/t_x509.c +++ b/crypto/x509/t_x509.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -243,7 +243,8 @@ int X509_ocspid_print(BIO *bp, X509 *x) goto err; if ((der = dertmp = OPENSSL_malloc(derlen)) == NULL) goto err; - i2d_X509_NAME(subj, &dertmp); + if (i2d_X509_NAME(subj, &dertmp) < 0) + goto err; md = EVP_MD_fetch(x->libctx, SN_sha1, x->propq); if (md == NULL) diff --git a/crypto/x509/x509_ext.c b/crypto/x509/x509_ext.c index a7b85857bdad..1d40cb5c3811 100644 --- a/crypto/x509/x509_ext.c +++ b/crypto/x509/x509_ext.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -42,9 +42,21 @@ X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc) return X509v3_get_ext(x->crl.extensions, loc); } +static X509_EXTENSION *delete_ext(STACK_OF(X509_EXTENSION) **sk, int loc) +{ + X509_EXTENSION *ret = X509v3_delete_ext(*sk, loc); + + /* Empty extension lists are omitted. */ + if (*sk != NULL && sk_X509_EXTENSION_num(*sk) == 0) { + sk_X509_EXTENSION_pop_free(*sk, X509_EXTENSION_free); + *sk = NULL; + } + return ret; +} + X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc) { - return X509v3_delete_ext(x->crl.extensions, loc); + return delete_ext(&x->crl.extensions, loc); } void *X509_CRL_get_ext_d2i(const X509_CRL *x, int nid, int *crit, int *idx) @@ -91,7 +103,7 @@ X509_EXTENSION *X509_get_ext(const X509 *x, int loc) X509_EXTENSION *X509_delete_ext(X509 *x, int loc) { - return X509v3_delete_ext(x->cert_info.extensions, loc); + return delete_ext(&x->cert_info.extensions, loc); } int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc) @@ -139,7 +151,7 @@ X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc) X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc) { - return X509v3_delete_ext(x->extensions, loc); + return delete_ext(&x->extensions, loc); } int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc) diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index d8927bda0706..a9bd41faba22 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -374,7 +374,6 @@ static int x509_store_add(X509_STORE *store, void *x, int crl) { } if (!X509_STORE_lock(store)) { - obj->type = X509_LU_NONE; X509_OBJECT_free(obj); return 0; } diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c index 998ce8ac1ba1..0f62e331f68c 100644 --- a/crypto/x509/x509_vpm.c +++ b/crypto/x509/x509_vpm.c @@ -1,5 +1,5 @@ /* - * Copyright 2004-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2004-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -614,6 +614,11 @@ const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id) { int num = OSSL_NELEM(default_table); + if (id < 0) { + ERR_raise(ERR_LIB_X509, ERR_R_PASSED_INVALID_ARGUMENT); + return NULL; + } + if (id < num) return default_table + id; return sk_X509_VERIFY_PARAM_value(param_table, id - num); diff --git a/demos/bio/saccept.c b/demos/bio/saccept.c index 6da22ea44091..206efbf54506 100644 --- a/demos/bio/saccept.c +++ b/demos/bio/saccept.c @@ -1,5 +1,5 @@ /* - * Copyright 1998-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -49,7 +49,8 @@ int main(int argc, char *argv[]) { char *port = NULL; BIO *in = NULL; - BIO *ssl_bio, *tmp; + BIO *ssl_bio = NULL; + BIO *tmp; SSL_CTX *ctx; char buf[512]; int ret = EXIT_FAILURE, i; @@ -79,6 +80,7 @@ int main(int argc, char *argv[]) * Basically it means the SSL BIO will be automatically setup */ BIO_set_accept_bios(in, ssl_bio); + ssl_bio = NULL; /* Arrange to leave server loop on interrupt */ sigsetup(); @@ -117,5 +119,6 @@ int main(int argc, char *argv[]) if (ret != EXIT_SUCCESS) ERR_print_errors_fp(stderr); BIO_free(in); + BIO_free_all(ssl_bio); return ret; } diff --git a/demos/bio/server-arg.c b/demos/bio/server-arg.c index 60a87725a9de..ccf59b14056b 100644 --- a/demos/bio/server-arg.c +++ b/demos/bio/server-arg.c @@ -1,5 +1,5 @@ /* - * Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2013-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -23,7 +23,8 @@ int main(int argc, char *argv[]) { char *port = "*:4433"; - BIO *ssl_bio, *tmp; + BIO *ssl_bio = NULL; + BIO *tmp; SSL_CTX *ctx; SSL_CONF_CTX *cctx; char buf[512]; @@ -105,6 +106,7 @@ int main(int argc, char *argv[]) * Basically it means the SSL BIO will be automatically setup */ BIO_set_accept_bios(in, ssl_bio); + ssl_bio = NULL; again: /* @@ -140,5 +142,6 @@ int main(int argc, char *argv[]) if (ret != EXIT_SUCCESS) ERR_print_errors_fp(stderr); BIO_free(in); + BIO_free_all(ssl_bio); return ret; } diff --git a/demos/bio/server-cmod.c b/demos/bio/server-cmod.c index 3642fbacf6ce..4970a6b6466b 100644 --- a/demos/bio/server-cmod.c +++ b/demos/bio/server-cmod.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -24,7 +24,8 @@ int main(int argc, char *argv[]) unsigned char buf[512]; char *port = "*:4433"; BIO *in = NULL; - BIO *ssl_bio, *tmp; + BIO *ssl_bio = NULL; + BIO *tmp; SSL_CTX *ctx; int ret = EXIT_FAILURE, i; @@ -52,6 +53,7 @@ int main(int argc, char *argv[]) * Basically it means the SSL BIO will be automatically setup */ BIO_set_accept_bios(in, ssl_bio); + ssl_bio = NULL; again: /* @@ -90,5 +92,6 @@ int main(int argc, char *argv[]) if (ret != EXIT_SUCCESS) ERR_print_errors_fp(stderr); BIO_free(in); + BIO_free_all(ssl_bio); return ret; } diff --git a/demos/bio/server-conf.c b/demos/bio/server-conf.c index 5e07a15e7bc7..2c03d1d367cc 100644 --- a/demos/bio/server-conf.c +++ b/demos/bio/server-conf.c @@ -1,5 +1,5 @@ /* - * Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2013-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -25,7 +25,8 @@ int main(int argc, char *argv[]) { char *port = "*:4433"; BIO *in = NULL; - BIO *ssl_bio, *tmp; + BIO *ssl_bio = NULL; + BIO *tmp; SSL_CTX *ctx; SSL_CONF_CTX *cctx = NULL; CONF *conf = NULL; @@ -97,6 +98,7 @@ int main(int argc, char *argv[]) * Basically it means the SSL BIO will be automatically setup */ BIO_set_accept_bios(in, ssl_bio); + ssl_bio = NULL; again: /* @@ -135,5 +137,6 @@ int main(int argc, char *argv[]) if (ret != EXIT_SUCCESS) ERR_print_errors_fp(stderr); BIO_free(in); + BIO_free_all(ssl_bio); return ret; } diff --git a/demos/cms/cms_ddec.c b/demos/cms/cms_ddec.c index cb6c2694c697..462067b075a7 100644 --- a/demos/cms/cms_ddec.c +++ b/demos/cms/cms_ddec.c @@ -1,5 +1,5 @@ /* - * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -57,7 +57,7 @@ int main(int argc, char **argv) /* Open file containing detached content */ dcont = BIO_new_file("smencr.out", "rb"); - if (!in) + if (dcont == NULL) goto err; out = BIO_new_file("encrout.txt", "w"); diff --git a/demos/cms/cms_denc.c b/demos/cms/cms_denc.c index 60b0aa192bc0..d48ffd00f06c 100644 --- a/demos/cms/cms_denc.c +++ b/demos/cms/cms_denc.c @@ -1,5 +1,5 @@ /* - * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -57,7 +57,7 @@ int main(int argc, char **argv) dout = BIO_new_file("smencr.out", "wb"); - if (!in) + if (in == NULL || dout == NULL) goto err; /* encrypt content */ diff --git a/demos/pkey/EVP_PKEY_RSA_keygen.c b/demos/pkey/EVP_PKEY_RSA_keygen.c index fbecfb6bdb0a..6f46efd24dad 100644 --- a/demos/pkey/EVP_PKEY_RSA_keygen.c +++ b/demos/pkey/EVP_PKEY_RSA_keygen.c @@ -1,5 +1,5 @@ /*- - * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -254,7 +254,7 @@ int main(int argc, char **argv) if (argc > 1) { bits_i = atoi(argv[1]); - if (bits < 512) { + if (bits_i < 512) { fprintf(stderr, "Invalid RSA key size\n"); return 1; } diff --git a/doc/man1/openssl-enc.pod.in b/doc/man1/openssl-enc.pod.in index a47e783e2d63..ad2d918c7a1a 100644 --- a/doc/man1/openssl-enc.pod.in +++ b/doc/man1/openssl-enc.pod.in @@ -180,9 +180,12 @@ Print out the key and IV used. Print out the key and IV used then immediately exit: don't do any encryption or decryption. -=item B<-bufsize> I<number> +=item B<-bufsize> I<number>[B<k>] Set the buffer size for I/O. +The maximum size that can be specified is B<2^31-1> (2147483647) bytes. +The B<k> suffix can be specified to indicate that I<number> is provided +in kibibytes (multiples of 1024 bytes). =item B<-nopad> @@ -251,7 +254,7 @@ Some of the ciphers do not have large keys and others have security implications if not used correctly. A beginner is advised to just use a strong block cipher, such as AES, in CBC mode. -All the block ciphers normally use PKCS#5 padding, also known as standard +All the block ciphers normally use PKCS#7 padding, also known as standard block padding. This allows a rudimentary integrity or password check to be performed. However, since the chance of random data passing the test is better than 1 in 256 it isn't a very good test. @@ -458,7 +461,7 @@ The B<-ciphers> and B<-engine> options were deprecated in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/BN_generate_prime.pod b/doc/man3/BN_generate_prime.pod index accc8a749f0c..6b8d1de19cd8 100644 --- a/doc/man3/BN_generate_prime.pod +++ b/doc/man3/BN_generate_prime.pod @@ -130,7 +130,7 @@ or all the tests passed. If B<p> passes all these tests, it is considered a probable prime. The test performed on B<p> are trial division by a number of small primes -and rounds of the of the Miller-Rabin probabilistic primality test. +and rounds of the Miller-Rabin probabilistic primality test. The functions do at least 64 rounds of the Miller-Rabin test giving a maximum false positive rate of 2^-128. @@ -148,7 +148,7 @@ and BN_is_prime_fasttest() are deprecated. BN_is_prime_fasttest() and BN_is_prime() behave just like BN_is_prime_fasttest_ex() and BN_is_prime_ex() respectively, but with the old -style call back. +style callback. B<ctx> is a preallocated B<BN_CTX> (to save the overhead of allocating and freeing the structure in a loop), or B<NULL>. @@ -246,7 +246,7 @@ BN_check_prime() was added in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index a4635f994c2f..497e6cfe26da 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -744,7 +744,7 @@ See also EVP_CIPHER_CTX_get_key_length() and EVP_CIPHER_CTX_set_key_length(). =item "tag" (B<OSSL_CIPHER_PARAM_AEAD_TAG>) <octet string> Gets or sets the AEAD tag for the associated cipher context I<ctx>. -See L<EVP_EncryptInit(3)/AEAD Interface>. +See L<EVP_EncryptInit(3)/AEAD INTERFACE>. =item "keybits" (B<OSSL_CIPHER_PARAM_RC2_KEYBITS>) <unsigned integer> @@ -1746,7 +1746,7 @@ The EVP_CIPHER_CTX_flags() macro was deprecated in OpenSSL 1.1.0. =head1 COPYRIGHT -Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/EVP_PKEY_new.pod b/doc/man3/EVP_PKEY_new.pod index 1c75c7571994..1815f56f743e 100644 --- a/doc/man3/EVP_PKEY_new.pod +++ b/doc/man3/EVP_PKEY_new.pod @@ -168,7 +168,19 @@ general private key without reference to any particular algorithm. The structure returned by EVP_PKEY_new() is empty. To add a private or public key to this empty structure use the appropriate functions described in L<EVP_PKEY_set1_RSA(3)>, L<EVP_PKEY_set1_DSA(3)>, L<EVP_PKEY_set1_DH(3)> or -L<EVP_PKEY_set1_EC_KEY(3)>. +L<EVP_PKEY_set1_EC_KEY(3)> for legacy key types implemented in internal +OpenSSL providers. + +For fully provider-managed key types (see L<provider-keymgmt(7)>), +possibly implemented in external providers, use functions such as +L<EVP_PKEY_set1_encoded_public_key(3)> or L<EVP_PKEY_fromdata(3)> +to populate key data. + +Generally caution is advised for using an B<EVP_PKEY> structure across +different library contexts: In order for an B<EVP_PKEY> to be shared by +multiple library contexts the providers associated with the library contexts +must have key managers that support the key type and implement the +OSSL_FUNC_keymgmt_import() and OSSL_FUNC_keymgmt_export() functions. =head1 RETURN VALUES @@ -210,7 +222,7 @@ previously implied to be disallowed. =head1 COPYRIGHT -Copyright 2002-2023 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2002-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/EVP_aes_128_gcm.pod b/doc/man3/EVP_aes_128_gcm.pod index 485705ea7889..9bac62b10b32 100644 --- a/doc/man3/EVP_aes_128_gcm.pod +++ b/doc/man3/EVP_aes_128_gcm.pod @@ -127,7 +127,7 @@ EVP_aes_256_ocb() AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM), Galois Counter Mode (GCM) and OCB Mode respectively. These ciphers require additional control -operations to function correctly, see the L<EVP_EncryptInit(3)/AEAD Interface> +operations to function correctly, see the L<EVP_EncryptInit(3)/AEAD INTERFACE> section for details. =item EVP_aes_128_wrap(), @@ -184,7 +184,7 @@ L<EVP_CIPHER_meth_new(3)> =head1 COPYRIGHT -Copyright 2017-2023 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2017-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/EVP_aria_128_gcm.pod b/doc/man3/EVP_aria_128_gcm.pod index 91aa75ec3871..74e21444db8f 100644 --- a/doc/man3/EVP_aria_128_gcm.pod +++ b/doc/man3/EVP_aria_128_gcm.pod @@ -88,7 +88,7 @@ EVP_aria_256_gcm(), ARIA for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM). These ciphers require additional control operations to function -correctly, see the L<EVP_EncryptInit(3)/AEAD Interface> section for details. +correctly, see the L<EVP_EncryptInit(3)/AEAD INTERFACE> section for details. =back @@ -113,7 +113,7 @@ L<EVP_CIPHER_meth_new(3)> =head1 COPYRIGHT -Copyright 2017-2023 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2017-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/EVP_chacha20.pod b/doc/man3/EVP_chacha20.pod index 7e80c8de40c9..0dfce7389b78 100644 --- a/doc/man3/EVP_chacha20.pod +++ b/doc/man3/EVP_chacha20.pod @@ -36,7 +36,7 @@ With an initial counter of 42 (2a in hex) would be expressed as: Authenticated encryption with ChaCha20-Poly1305. Like EVP_chacha20(), the key is 256 bits and the IV is 96 bits. This supports additional authenticated data (AAD) and produces a 128-bit authentication tag. See the -L<EVP_EncryptInit(3)/AEAD Interface> section for more information. +L<EVP_EncryptInit(3)/AEAD INTERFACE> section for more information. =back @@ -64,7 +64,7 @@ L<EVP_CIPHER_meth_new(3)> =head1 COPYRIGHT -Copyright 2017-2023 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2017-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/OPENSSL_secure_malloc.pod b/doc/man3/OPENSSL_secure_malloc.pod index 1bddd7737069..dbc7073aac18 100644 --- a/doc/man3/OPENSSL_secure_malloc.pod +++ b/doc/man3/OPENSSL_secure_malloc.pod @@ -45,7 +45,12 @@ the program's dynamic memory area, where keys and other sensitive information might be stored, OpenSSL supports the concept of a "secure heap." The level and type of security guarantees depend on the operating system. It is a good idea to review the code and see if it addresses your -threat model and concerns. +threat model and concerns. It should be noted that the secure heap +uses a single read/write lock, and therefore any operations +that involve allocation or freeing of secure heap memory are serialised, +blocking other threads. With that in mind, highly concurrent applications +should enable the secure heap with caution and be aware of the performance +implications for multi-threaded code. If a secure heap is used, then private key B<BIGNUM> values are stored there. This protects long-term storage of private keys, but will not necessarily @@ -135,7 +140,7 @@ a B<size_t> in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2015-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/OpenSSL_version.pod b/doc/man3/OpenSSL_version.pod index e1cf16e2a109..2cc6c3dfebb9 100644 --- a/doc/man3/OpenSSL_version.pod +++ b/doc/man3/OpenSSL_version.pod @@ -238,9 +238,16 @@ L<crypto(7)> The macros and functions described here were added in OpenSSL 3.0, except for OPENSSL_VERSION_NUMBER and OpenSSL_version_num(). +=head1 BUGS + +There was a discrepancy between this manual and commentary + code +in F<< <openssl/opensslv.h> >>, where the latter suggested that the +four least significant bits of B<OPENSSL_VERSION_NUMBER> could be +C<0x0f> in released OpenSSL versions. + =head1 COPYRIGHT -Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/PEM_read_CMS.pod b/doc/man3/PEM_read_CMS.pod index dbccf26cd893..880e31481029 100644 --- a/doc/man3/PEM_read_CMS.pod +++ b/doc/man3/PEM_read_CMS.pod @@ -84,9 +84,9 @@ see L<openssl_user_macros(7)>: =head1 DESCRIPTION -All of the functions described on this page are deprecated. -Applications should use OSSL_ENCODER_to_bio() and OSSL_DECODER_from_bio() -instead. +To replace the deprecated functions listed above, applications should use the +B<EVP_PKEY> type and OSSL_DECODER_from_bio() and OSSL_ENCODER_to_bio() to +read and write PEM data containing key parameters or private and public keys. In the description below, B<I<TYPE>> is used as a placeholder for any of the OpenSSL datatypes, such as B<X509>. @@ -142,7 +142,7 @@ were deprecated in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 1998-2023 The OpenSSL Project Authors. All Rights Reserved. +Copyright 1998-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/RAND_load_file.pod b/doc/man3/RAND_load_file.pod index baca54cb3c89..45570920ca95 100644 --- a/doc/man3/RAND_load_file.pod +++ b/doc/man3/RAND_load_file.pod @@ -19,7 +19,11 @@ RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file RAND_load_file() reads a number of bytes from file B<filename> and adds them to the PRNG. If B<max_bytes> is nonnegative, up to B<max_bytes> are read; -if B<max_bytes> is -1, the complete file is read. +if B<max_bytes> is -1, the complete file is read (unless the file +is not a regular file, in that case a fixed number of bytes, +256 in the current implementation, is attempted to be read). +RAND_load_file() can read less than the complete file or the requested number +of bytes if it doesn't fit in the return value type. Do not load the same file multiple times unless its contents have been updated by RAND_write_file() between reads. Also, note that B<filename> should be adequately protected so that an @@ -77,7 +81,7 @@ L<RAND(7)> =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/SSL_CIPHER_get_name.pod b/doc/man3/SSL_CIPHER_get_name.pod index 09b7280bdd58..a10942433aa7 100644 --- a/doc/man3/SSL_CIPHER_get_name.pod +++ b/doc/man3/SSL_CIPHER_get_name.pod @@ -37,7 +37,7 @@ SSL_CIPHER_get_protocol_id int SSL_CIPHER_is_aead(const SSL_CIPHER *c); const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr); uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c); - uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c); + uint16_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c); =head1 DESCRIPTION @@ -203,7 +203,7 @@ The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1. =head1 COPYRIGHT -Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod index 4799ada6844b..902cefdfa366 100644 --- a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod +++ b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod @@ -58,9 +58,11 @@ the actual key is newly generated during the negotiation. Typically applications should use well known DH parameters that have built-in support in OpenSSL. The macros SSL_CTX_set_dh_auto() and SSL_set_dh_auto() configure OpenSSL to use the default built-in DH parameters for the B<SSL_CTX> -and B<SSL> objects respectively. Passing a value of 1 in the I<onoff> parameter -switches the feature on, and passing a value of 0 switches it off. The default -setting is off. +and B<SSL> objects respectively. Passing a value of 2 or 1 in the I<onoff> +parameter switches it on. If the I<onoff> parameter is set to 2, it will force +the DH key size to 1024 if the B<SSL_CTX> or B<SSL> security level +L<SSL_CTX_set_security_level(3)> is 0 or 1. Passing a value of 0 switches +it off. The default setting is off. If "auto" DH parameters are switched on then the parameters will be selected to be consistent with the size of the key associated with the server's certificate. @@ -112,7 +114,7 @@ L<openssl-ciphers(1)>, L<openssl-dhparam(1)> =head1 COPYRIGHT -Copyright 2001-2023 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2001-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/SSL_SESSION_get0_hostname.pod b/doc/man3/SSL_SESSION_get0_hostname.pod index f7add16d7bdd..0140deee9a5e 100644 --- a/doc/man3/SSL_SESSION_get0_hostname.pod +++ b/doc/man3/SSL_SESSION_get0_hostname.pod @@ -23,9 +23,10 @@ SSL_SESSION_set1_alpn_selected =head1 DESCRIPTION -SSL_SESSION_get0_hostname() retrieves the SNI value that was sent by the -client when the session was created if it was accepted by the server. Otherwise -NULL is returned. +SSL_SESSION_get0_hostname() retrieves the Server Name Indication (SNI) value +that was sent by the client when the session was created if the server +acknowledged the client's SNI extension by including an empty SNI extension +in response. Otherwise NULL is returned. The value returned is a pointer to memory maintained within B<s> and should not be free'd. @@ -44,8 +45,7 @@ B<alpn>. =head1 RETURN VALUES -SSL_SESSION_get0_hostname() returns either a string or NULL based on if there -is the SNI value sent by client. +SSL_SESSION_get0_hostname() returns the SNI string if available, or NULL if not. SSL_SESSION_set1_hostname() returns 1 on success or 0 on error. diff --git a/doc/man3/d2i_X509.pod b/doc/man3/d2i_X509.pod index c4b589dd8957..2d21b799a100 100644 --- a/doc/man3/d2i_X509.pod +++ b/doc/man3/d2i_X509.pod @@ -500,8 +500,9 @@ freed in the event of error and I<*a> is set to NULL. B<i2d_I<TYPE>>() returns the number of bytes successfully encoded or a negative value if an error occurs. -B<i2d_I<TYPE>_bio>() and B<i2d_I<TYPE>_fp>() return 1 for success and 0 if an -error occurs. +B<i2d_I<TYPE>_bio>() and B<i2d_I<TYPE>_fp>(), +as well as i2d_ASN1_bio_stream(), +return 1 for success and 0 if an error occurs. =head1 EXAMPLES @@ -617,7 +618,7 @@ efficiency reasons. =head1 COPYRIGHT -Copyright 1998-2024 The OpenSSL Project Authors. All Rights Reserved. +Copyright 1998-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man7/EVP_PKEY-DSA.pod b/doc/man7/EVP_PKEY-DSA.pod index cdafc0edad5c..54619553f927 100644 --- a/doc/man7/EVP_PKEY-DSA.pod +++ b/doc/man7/EVP_PKEY-DSA.pod @@ -104,7 +104,7 @@ The following sections of FIPS186-4: =head1 SEE ALSO L<EVP_PKEY-FFC(7)>, -L<EVP_SIGNATURE-DSA(7)> +L<EVP_SIGNATURE-DSA(7)>, L<EVP_PKEY(3)>, L<provider-keymgmt(7)>, L<EVP_KEYMGMT(3)>, @@ -113,7 +113,7 @@ L<OSSL_PROVIDER-FIPS(7)> =head1 COPYRIGHT -Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man7/EVP_PKEY-FFC.pod b/doc/man7/EVP_PKEY-FFC.pod index 0b96bc24a614..a28bb84e0a36 100644 --- a/doc/man7/EVP_PKEY-FFC.pod +++ b/doc/man7/EVP_PKEY-FFC.pod @@ -213,7 +213,7 @@ The following sections of FIPS186-4: L<EVP_PKEY-DSA(7)>, L<EVP_PKEY-DH(7)>, L<EVP_SIGNATURE-DSA(7)>, -L<EVP_KEYEXCH-DH(7)> +L<EVP_KEYEXCH-DH(7)>, L<EVP_KEYMGMT(3)>, L<EVP_PKEY(3)>, L<provider-keymgmt(7)>, @@ -222,7 +222,7 @@ L<OSSL_PROVIDER-FIPS(7)>, =head1 COPYRIGHT -Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/include/openssl/opensslv.h.in b/include/openssl/opensslv.h.in index 3f47a2ac08f0..69b9caacf4dc 100644 --- a/include/openssl/opensslv.h.in +++ b/include/openssl/opensslv.h.in @@ -1,7 +1,7 @@ /* * {- join("\n * ", @autowarntext) -} * - * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -89,17 +89,12 @@ extern "C" { # define OPENSSL_VERSION_TEXT "OpenSSL {- "$config{full_version} $config{release_date}" -}" -/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */ -# ifdef OPENSSL_VERSION_PRE_RELEASE -# define _OPENSSL_VERSION_PRE_RELEASE 0x0L -# else -# define _OPENSSL_VERSION_PRE_RELEASE 0xfL -# endif +/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PP0L */ # define OPENSSL_VERSION_NUMBER \ ( (OPENSSL_VERSION_MAJOR<<28) \ |(OPENSSL_VERSION_MINOR<<20) \ |(OPENSSL_VERSION_PATCH<<4) \ - |_OPENSSL_VERSION_PRE_RELEASE ) + |0x0L ) # ifdef __cplusplus } diff --git a/include/openssl/pem.h b/include/openssl/pem.h index 80940dfa969b..2909ca979a4e 100644 --- a/include/openssl/pem.h +++ b/include/openssl/pem.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -54,6 +54,8 @@ extern "C" { # define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY" # define PEM_STRING_PARAMETERS "PARAMETERS" # define PEM_STRING_CMS "CMS" +# define PEM_STRING_SM2PRIVATEKEY "SM2 PRIVATE KEY" +# define PEM_STRING_SM2PARAMETERS "SM2 PARAMETERS" # define PEM_TYPE_ENCRYPTED 10 # define PEM_TYPE_MIC_ONLY 20 diff --git a/providers/decoders.inc b/providers/decoders.inc index 2772aad05da7..12e2104fb83f 100644 --- a/providers/decoders.inc +++ b/providers/decoders.inc @@ -1,5 +1,5 @@ /* - * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -69,6 +69,7 @@ DECODER_w_structure("X448", der, SubjectPublicKeyInfo, x448, yes), # ifndef OPENSSL_NO_SM2 DECODER_w_structure("SM2", der, PrivateKeyInfo, sm2, no), DECODER_w_structure("SM2", der, SubjectPublicKeyInfo, sm2, no), +DECODER_w_structure("SM2", der, type_specific_no_pub, sm2, no), # endif #endif DECODER_w_structure("RSA", der, PrivateKeyInfo, rsa, yes), diff --git a/providers/fips-sources.checksums b/providers/fips-sources.checksums index 2352a671d7f5..456db42ec1dc 100644 --- a/providers/fips-sources.checksums +++ b/providers/fips-sources.checksums @@ -10,7 +10,7 @@ a2466f18da5847c7d9fbced17524633c10ce024671a72f53f9c9c55b9b9923dd crypto/aes/aes 88b6f8396cd9d86004743d5c3b0f72b7b8c3d5a2b00b0bbb761ba91ae5a7cdc8 crypto/aes/asm/aes-mips.pl 7ff9c96ef3d591d45d776fa4b244601ea0d9328e289aeab1e1b92436ce7d02ad crypto/aes/asm/aes-parisc.pl f1244cdeadcb4e48f35bc5df19d4cfaf07e0086ad951b84f07ff6966501faa5b crypto/aes/asm/aes-ppc.pl -ecbfe826f4c514810c3ee20e265f4f621149694c298554b2682e5de4f029f14f crypto/aes/asm/aes-s390x.pl +290ae2a09826d24e83763415a021e328d41a163f41cff8c9e3b882e973677f33 crypto/aes/asm/aes-s390x.pl ee4e8cacef972942d2a89c1a83c984df9cad87c61a54383403c5c4864c403ba1 crypto/aes/asm/aes-sparcv9.pl 2b3b9ac56bf54334d053857a24bdb08592151e8a7a60b89b8195846b7f8ee7b5 crypto/aes/asm/aes-x86_64.pl c56c324667b67d726e040d70379efba5b270e2937f403c1b5979018b836903c7 crypto/aes/asm/aesfx-sparcv9.pl @@ -261,7 +261,7 @@ b6cbfc8791b31587f32a3f9e4c117549793528ebddc34a361bad1ad8cf8d4c42 crypto/params_ b4d34272a0bd1fbe6562022bf7ea6259b6a5a021a48222d415be47ef5ef2a905 crypto/property/defn_cache.c 9b5fbefe6b18f665b44f79d1d08a977b484064a9fba46506ed8e812e581e9d97 crypto/property/property.c 66da4f28d408133fb544b14aeb9ad4913e7c5c67e2826e53f0dc5bf4d8fada26 crypto/property/property_local.h -b0b382ce829192d2537561cfb0fb5c7afb04305f321f7b3c91441b4ba99b9c92 crypto/property/property_parse.c +02ceadd33f54298eb4940cf0c00bea2b6d974d4707ea5e396369ab4d9cd0aac9 crypto/property/property_parse.c a7cefda6a117550e2c76e0f307565ce1e11640b11ba10c80e469a837fd1212a3 crypto/property/property_query.c 065698c8d88a5facc0cbc02a3bd0c642c94687a8c5dd79901c942138b406067d crypto/property/property_string.c dcc44eba5d01dc248c37ec7b394d48660627c0fa4933d2b93993e1f2ac4b71da crypto/provider_core.c @@ -344,7 +344,7 @@ c50c584c55e56347bb43aca4b796b5344d70daece3061f586b79c871c21f5d1a crypto/sparse_ 8da78169fa8c09dc3c29c9bf1602b22e88c5eac4815e274ba1864c166e31584b crypto/stack/stack.c 7b4efa594d8d1f3ecbf4605cf54f72fb296a3b1d951bdc69e415aaa08f34e5c8 crypto/threads_lib.c a41ae93a755e2ec89b3cb5b4932e2b508fdda92ace2e025a2650a6da0e9e972c crypto/threads_none.c -0a085bd6a70d449c79783c7b11383ae427df28a19fd4651571003306079bb72f crypto/threads_pthread.c +9cdcc15b140141d2646945d9b37c08ab55c31c83b7008a1f8faa55671bd27449 crypto/threads_pthread.c f82715745b668297d71b66d05e6bfc3c817bf80bd967c0f33ca7ffbb6e347645 crypto/threads_win.c fd6c27cf7c6b5449b17f2b725f4203c4c10207f1973db09fd41571efe5de08fd crypto/x86_64cpuid.pl bbec287bb9bf35379885f8f8998b7fd9e8fc22efee9e1b299109af0f33a7ee16 crypto/x86cpuid.pl @@ -443,7 +443,7 @@ fd5c049ac6c3498750fa8f8dcbf88b2a31c02fa62dfe43a33d7b490fb86f61c8 include/openss 157797b450215f973eb10be96a04e58048ab9c131ad29427e80d0e37e230ed98 include/openssl/objects.h d25537af264684dff033dd8ae62b0348f868fcfec4aa51fa8f07bcfa4bd807ad include/openssl/objectserr.h fe6acd42c3e90db31aaafc2236a7d30ebfa53c4c07ea4d8265064c7fcb951970 include/openssl/opensslconf.h -1bf52d136e94f727a96651c1f48ad040482f35dae152519ccd585efd410b92f0 include/openssl/opensslv.h.in +6c1a8837bbba633db2a8951ff29ccfe09e7d2a24a37ee2af90f2d897c190da9a include/openssl/opensslv.h.in 767d9d7d5051c937a3ce8a268c702902fda93eeaa210a94dfde1f45c23277d20 include/openssl/param_build.h 30085f4d1b4934bb25ffe7aa9a30859966318a1b4d4dcea937c426e90e6e1984 include/openssl/params.h 097615b849375e2903967521f76c570512e5be47b8159fdbcd31e433f8a4cca7 include/openssl/prov_ssl.h @@ -500,7 +500,7 @@ abd5997bc33b681a4ab275978b92aebca0806a4a3f0c2f41dacf11b3b6f4e101 providers/fips f822a03138e8b83ccaa910b89d72f31691da6778bf6638181f993ec7ae1167e3 providers/fips/self_test.h d3c95c9c6cc4e3b1a5e4b2bfb2ae735a4109d763bcda7b1e9b8f9eb253f79820 providers/fips/self_test_data.inc 629f619ad055723e42624230c08430a3ef53e17ab405dc0fd35499e9ca4e389c providers/fips/self_test_kats.c -99baeec10374301e90352ab637056104a8ea28a6880804f44c640d0c9ee16eba providers/implementations/asymciphers/rsa_enc.c +a4c71215f53775a80a92433a8ad2b949cc54436c5d131286bbc9ec4e97e2e9d5 providers/implementations/asymciphers/rsa_enc.c 4db1826ecce8b60cb641bcd7a61430ec8cef73d2fe3cbc06aa33526afe1c954a providers/implementations/ciphers/cipher_aes.c 6ba7d817081cf0d87ba7bfb38cd9d70e41505480bb8bc796ef896f68d4514ea6 providers/implementations/ciphers/cipher_aes.h aef500281e7cd5a25a806a9bd45ec00a5b73984673202527dac5896fbcc9fa9c providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c @@ -552,7 +552,7 @@ a9f5de1623221f327245957ec1dfd66a1914bff25adf4bcb81213c7955d19382 providers/impl dd07797d61988fd4124cfb920616df672938da80649fac5977bfd061c981edc5 providers/implementations/include/prov/ciphercommon_ccm.h 0c1e99d70155402a790e4de65923228c8df8ad970741caccfe8b513837457d7f providers/implementations/include/prov/ciphercommon_gcm.h b9a61ce951c1904d8315b1bb26c0ab0aaadb47e71d4ead5df0a891608c728c4b providers/implementations/include/prov/digestcommon.h -3e2558c36298cdb4fdaebe5a0cfa1dbbc78e0f60a9012f3a34e711cafb09c7b5 providers/implementations/include/prov/implementations.h +5f7ac2239579cf1ad503cf1644e8dae129179ff071abb1a1be1e0a4b69056469 providers/implementations/include/prov/implementations.h 5f09fc71874b00419d71646714f21ebbdcceda277463b6f77d3d3ea6946914e8 providers/implementations/include/prov/kdfexchange.h c95ce5498e724b9b3d58e3c2f4723e7e3e4beb07f9bea9422e43182cbadb43af providers/implementations/include/prov/macsignature.h 29d1a112b799e1f45fdf8bcee8361c2ed67428c250c1cdf408a9fbb7ebf4cce1 providers/implementations/include/prov/names.h @@ -577,7 +577,7 @@ e0450f253ca54624587046edd28f071f55bf3088847dc8a4de79491079ad475d providers/impl 19f22fc70a6321441e56d5bd4aab3d01d52d17069d4e4b5cefce0f411ecece75 providers/implementations/keymgmt/rsa_kmgmt.c 5eb96ea2df635cf79c5aeccae270fbe896b5e6384a5b3e4b187ce8c10fe8dfc7 providers/implementations/macs/cmac_prov.c e69aa06f8f3c6f5a26702b9f44a844b8589b99dc0ee590953a29e8b9ef10acbe providers/implementations/macs/gmac_prov.c -895c8dc7235b9ad5ff893be0293cbc245a5455e8850195ac7d446646e4ea71d0 providers/implementations/macs/hmac_prov.c +ba90013acb3a8725630cd71eda55ab735978930b73f2fd8f48a19800f365dfd3 providers/implementations/macs/hmac_prov.c 8640b63fd8325aaf8f7128d6cc448d9af448a65bf51a8978075467d33a67944e providers/implementations/macs/kmac_prov.c bf30274dd6b528ae913984775bd8f29c6c48c0ef06d464d0f738217727b7aa5c providers/implementations/rands/crngt.c f9457255fc57ef5739aa2584e535195e38cc947e31fd044d28d64c28c8a946ce providers/implementations/rands/drbg.c diff --git a/providers/fips.checksum b/providers/fips.checksum index 9ca4c219e703..32b833e6e16e 100644 --- a/providers/fips.checksum +++ b/providers/fips.checksum @@ -1 +1 @@ -0cbed2adf7acee36e3ef1906e6de0946b423cc9354c878e54bcbc7a363aeec0d providers/fips-sources.checksums +46b5dbc2fdaeae2a41830f026fddc5ec0c9b8c36936d420a7cf42aede2cb139c providers/fips-sources.checksums diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c index c8921acd6e61..8242546f61ae 100644 --- a/providers/implementations/asymciphers/rsa_enc.c +++ b/providers/implementations/asymciphers/rsa_enc.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -136,22 +136,27 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen, size_t outsize, const unsigned char *in, size_t inlen) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; + size_t len = RSA_size(prsactx->rsa); int ret; if (!ossl_prov_is_running()) return 0; - if (out == NULL) { - size_t len = RSA_size(prsactx->rsa); + if (len == 0) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY); + return 0; + } - if (len == 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY); - return 0; - } + if (out == NULL) { *outlen = len; return 1; } + if (outsize < len) { + ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); + return 0; + } + if (prsactx->pad_mode == RSA_PKCS1_OAEP_PADDING) { int rsasize = RSA_size(prsactx->rsa); unsigned char *tbuf; diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c index f2d9d8255648..075f90153607 100644 --- a/providers/implementations/encode_decode/decode_der2key.c +++ b/providers/implementations/encode_decode/decode_der2key.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -806,6 +806,7 @@ MAKE_DECODER("ED448", ed448, ecx, SubjectPublicKeyInfo); # ifndef OPENSSL_NO_SM2 MAKE_DECODER("SM2", sm2, ec, PrivateKeyInfo); MAKE_DECODER("SM2", sm2, ec, SubjectPublicKeyInfo); +MAKE_DECODER("SM2", sm2, sm2, type_specific_no_pub); # endif #endif MAKE_DECODER("RSA", rsa, rsa, PrivateKeyInfo); diff --git a/providers/implementations/encode_decode/decode_pem2der.c b/providers/implementations/encode_decode/decode_pem2der.c index bc937ffb9d27..ce21b6b80388 100644 --- a/providers/implementations/encode_decode/decode_pem2der.c +++ b/providers/implementations/encode_decode/decode_pem2der.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -119,6 +119,8 @@ static int pem2der_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, { PEM_STRING_DSAPARAMS, OSSL_OBJECT_PKEY, "DSA", "type-specific" }, { PEM_STRING_ECPRIVATEKEY, OSSL_OBJECT_PKEY, "EC", "type-specific" }, { PEM_STRING_ECPARAMETERS, OSSL_OBJECT_PKEY, "EC", "type-specific" }, + { PEM_STRING_SM2PRIVATEKEY, OSSL_OBJECT_PKEY, "SM2", "type-specific" }, + { PEM_STRING_SM2PARAMETERS, OSSL_OBJECT_PKEY, "SM2", "type-specific" }, { PEM_STRING_RSA, OSSL_OBJECT_PKEY, "RSA", "type-specific" }, { PEM_STRING_RSA_PUBLIC, OSSL_OBJECT_PKEY, "RSA", "type-specific" }, diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c index 637fcf6a1214..363031e83dbe 100644 --- a/providers/implementations/encode_decode/encode_key2text.c +++ b/providers/implementations/encode_decode/encode_key2text.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -513,7 +513,8 @@ static int ec_to_text(BIO *out, const void *key, int selection) else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) type_label = "Public-Key"; else if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) - type_label = "EC-Parameters"; + if (EC_GROUP_get_curve_name(group) != NID_sm2) + type_label = "EC-Parameters"; if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { const BIGNUM *priv_key = EC_KEY_get0_private_key(ec); @@ -539,8 +540,9 @@ static int ec_to_text(BIO *out, const void *key, int selection) goto err; } - if (BIO_printf(out, "%s: (%d bit)\n", type_label, - EC_GROUP_order_bits(group)) <= 0) + if (type_label != NULL + && BIO_printf(out, "%s: (%d bit)\n", type_label, + EC_GROUP_order_bits(group)) <= 0) goto err; if (priv != NULL && !print_labeled_buf(out, "priv:", priv, priv_len)) diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h index 3f6dd7ee16b6..6786ad691535 100644 --- a/providers/implementations/include/prov/implementations.h +++ b/providers/implementations/include/prov/implementations.h @@ -1,5 +1,5 @@ /* - * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -498,6 +498,7 @@ extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_ed448_decoder_functi #ifndef OPENSSL_NO_SM2 extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_sm2_decoder_functions[]; extern const OSSL_DISPATCH ossl_SubjectPublicKeyInfo_der_to_sm2_decoder_functions[]; +extern const OSSL_DISPATCH ossl_type_specific_no_pub_der_to_sm2_decoder_functions[]; #endif extern const OSSL_DISPATCH ossl_PrivateKeyInfo_der_to_rsa_decoder_functions[]; diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c index 8516a3f824af..fc7a3e600cc7 100644 --- a/providers/implementations/kdfs/krb5kdf.c +++ b/providers/implementations/kdfs/krb5kdf.c @@ -1,5 +1,5 @@ /* - * Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -329,7 +329,7 @@ static int cipher_init(EVP_CIPHER_CTX *ctx, { int klen, ret; - ret = EVP_EncryptInit_ex(ctx, cipher, engine, key, NULL); + ret = EVP_EncryptInit_ex(ctx, cipher, engine, NULL, NULL); if (!ret) goto out; /* set the key len for the odd variable key len cipher */ @@ -341,6 +341,9 @@ static int cipher_init(EVP_CIPHER_CTX *ctx, goto out; } } + ret = EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL); + if (!ret) + goto out; /* we never want padding, either the length requested is a multiple of * the cipher block size or we are passed a cipher that can cope with * partial blocks via techniques like cipher text stealing */ diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c index 52ebb08b8f62..2dce0eb6b757 100644 --- a/providers/implementations/macs/hmac_prov.c +++ b/providers/implementations/macs/hmac_prov.c @@ -1,5 +1,5 @@ /* - * Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -94,7 +94,7 @@ static void hmac_free(void *vmacctx) if (macctx != NULL) { HMAC_CTX_free(macctx->ctx); ossl_prov_digest_reset(&macctx->digest); - OPENSSL_secure_clear_free(macctx->key, macctx->keylen); + OPENSSL_clear_free(macctx->key, macctx->keylen); OPENSSL_free(macctx); } } @@ -123,13 +123,13 @@ static void *hmac_dup(void *vsrc) return NULL; } if (src->key != NULL) { - /* There is no "secure" OPENSSL_memdup */ - dst->key = OPENSSL_secure_malloc(src->keylen > 0 ? src->keylen : 1); + dst->key = OPENSSL_malloc(src->keylen > 0 ? src->keylen : 1); if (dst->key == NULL) { hmac_free(dst); return 0; } - memcpy(dst->key, src->key, src->keylen); + if (src->keylen > 0) + memcpy(dst->key, src->key, src->keylen); } return dst; } @@ -154,12 +154,14 @@ static int hmac_setkey(struct hmac_data_st *macctx, const EVP_MD *digest; if (macctx->key != NULL) - OPENSSL_secure_clear_free(macctx->key, macctx->keylen); + OPENSSL_clear_free(macctx->key, macctx->keylen); /* Keep a copy of the key in case we need it for TLS HMAC */ - macctx->key = OPENSSL_secure_malloc(keylen > 0 ? keylen : 1); + macctx->key = OPENSSL_malloc(keylen > 0 ? keylen : 1); if (macctx->key == NULL) return 0; - memcpy(macctx->key, key, keylen); + + if (keylen > 0) + memcpy(macctx->key, key, keylen); macctx->keylen = keylen; digest = ossl_prov_digest_md(&macctx->digest); diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index c626829fdfb8..b783ee45182d 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -3010,6 +3010,48 @@ static int test_RSA_OAEP_set_null_label(void) return ret; } +static int test_RSA_encrypt(void) +{ + int ret = 0; + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *pctx = NULL; + unsigned char *cbuf = NULL, *pbuf = NULL; + size_t clen = 0, plen = 0; + + if (!TEST_ptr(pkey = load_example_rsa_key()) + || !TEST_ptr(pctx = EVP_PKEY_CTX_new_from_pkey(testctx, + pkey, testpropq)) + || !TEST_int_gt(EVP_PKEY_encrypt_init(pctx), 0) + || !TEST_int_gt(EVP_PKEY_encrypt(pctx, cbuf, &clen, kMsg, sizeof(kMsg)), 0) + || !TEST_ptr(cbuf = OPENSSL_malloc(clen)) + || !TEST_int_gt(EVP_PKEY_encrypt(pctx, cbuf, &clen, kMsg, sizeof(kMsg)), 0)) + goto done; + + /* Require failure when the output buffer is too small */ + plen = clen - 1; + if (!TEST_int_le(EVP_PKEY_encrypt(pctx, cbuf, &plen, kMsg, sizeof(kMsg)), 0)) + goto done; + /* flush error stack */ + TEST_openssl_errors(); + + /* Check decryption of encrypted result */ + if (!TEST_int_gt(EVP_PKEY_decrypt_init(pctx), 0) + || !TEST_int_gt(EVP_PKEY_decrypt(pctx, pbuf, &plen, cbuf, clen), 0) + || !TEST_ptr(pbuf = OPENSSL_malloc(plen)) + || !TEST_int_gt(EVP_PKEY_decrypt(pctx, pbuf, &plen, cbuf, clen), 0) + || !TEST_mem_eq(pbuf, plen, kMsg, sizeof(kMsg)) + || !TEST_int_gt(EVP_PKEY_encrypt_init(pctx), 0)) + goto done; + + ret = 1; +done: + EVP_PKEY_CTX_free(pctx); + EVP_PKEY_free(pkey); + OPENSSL_free(cbuf); + OPENSSL_free(pbuf); + return ret; +} + #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) static int test_decrypt_null_chunks(void) { @@ -5464,6 +5506,7 @@ int setup_tests(void) ADD_TEST(test_RSA_get_set_params); ADD_TEST(test_RSA_OAEP_set_get_params); ADD_TEST(test_RSA_OAEP_set_null_label); + ADD_TEST(test_RSA_encrypt); #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) ADD_TEST(test_decrypt_null_chunks); #endif diff --git a/test/fake_rsaprov.c b/test/fake_rsaprov.c index be08bfd39981..12698a95a704 100644 --- a/test/fake_rsaprov.c +++ b/test/fake_rsaprov.c @@ -1,5 +1,5 @@ /* - * Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -31,6 +31,8 @@ static int imptypes_selection; static int exptypes_selection; static int query_id; +unsigned fake_rsa_query_operation_name = 0; + struct fake_rsa_keydata { int selection; int status; @@ -71,7 +73,7 @@ static const char *fake_rsa_keymgmt_query(int id) /* record global for checking */ query_id = id; - return "RSA"; + return fake_rsa_query_operation_name ? NULL: "RSA"; } static int fake_rsa_keymgmt_import(void *keydata, int selection, diff --git a/test/fake_rsaprov.h b/test/fake_rsaprov.h index 190c46a285c0..841b5f4c4e97 100644 --- a/test/fake_rsaprov.h +++ b/test/fake_rsaprov.h @@ -1,5 +1,5 @@ /* - * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,4 +12,13 @@ /* Fake RSA provider implementation */ OSSL_PROVIDER *fake_rsa_start(OSSL_LIB_CTX *libctx); void fake_rsa_finish(OSSL_PROVIDER *p); + OSSL_PARAM *fake_rsa_key_params(int priv); + +/* + * When fake_rsa_query_operation_name is set to a non-zero value, + * query_operation_name() will return NULL. + * + * By default, it is 0, in which case query_operation_name() will return "RSA". + */ +extern unsigned fake_rsa_query_operation_name; diff --git a/test/property_test.c b/test/property_test.c index 1f1171ad90a6..f3fd0291b980 100644 --- a/test/property_test.c +++ b/test/property_test.c @@ -665,6 +665,22 @@ static int test_property_list_to_string(int i) return ret; } +static int test_property_list_to_string_bounds(void) +{ + OSSL_PROPERTY_LIST *pl = NULL; + char buf[16]; + int ret = 0; + + if (!TEST_ptr(pl = ossl_parse_query(NULL, "provider='$1'", 1))) + goto err; + if (!TEST_size_t_eq(ossl_property_list_to_string(NULL, pl, buf, 10), 14)) + goto err; + ret = 1; + err: + ossl_property_free(pl); + return ret; +} + int setup_tests(void) { ADD_TEST(test_property_string); @@ -679,5 +695,6 @@ int setup_tests(void) ADD_TEST(test_query_cache_stochastic); ADD_TEST(test_fips_mode); ADD_ALL_TESTS(test_property_list_to_string, OSSL_NELEM(to_string_tests)); + ADD_TEST(test_property_list_to_string_bounds); return 1; } diff --git a/test/provider_pkey_test.c b/test/provider_pkey_test.c index 249e9babcfa8..3d5f29756f59 100644 --- a/test/provider_pkey_test.c +++ b/test/provider_pkey_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -237,6 +237,77 @@ end: return ret; } +static int test_pkey_can_sign(void) +{ + OSSL_PROVIDER *fake_rsa = NULL; + EVP_PKEY *pkey_fake = NULL; + EVP_PKEY_CTX *ctx = NULL; + OSSL_PARAM *params = NULL; + int ret = 0; + + if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx))) + return 0; + + /* + * Ensure other tests did not forget to reset fake_rsa_query_operation_name + * to its default value: 0 + */ + if (!TEST_int_eq(fake_rsa_query_operation_name, 0)) + goto end; + + if (!TEST_ptr(params = fake_rsa_key_params(0)) + || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", + "provider=fake-rsa")) + || !TEST_true(EVP_PKEY_fromdata_init(ctx)) + || !TEST_true(EVP_PKEY_fromdata(ctx, &pkey_fake, EVP_PKEY_PUBLIC_KEY, + params)) + || !TEST_true(EVP_PKEY_can_sign(pkey_fake)) + || !TEST_ptr(pkey_fake)) + goto end; + + EVP_PKEY_CTX_free(ctx); + ctx = NULL; + EVP_PKEY_free(pkey_fake); + pkey_fake = NULL; + OSSL_PARAM_free(params); + params = NULL; + + /* + * Documented behavior for OSSL_FUNC_keymgmt_query_operation_name() + * allows it to return NULL, in which case the fallback should be to use + * EVP_KEYMGMT_get0_name(). That is exactly the thing we are testing here. + */ + fake_rsa_query_operation_name = 1; + + if (!TEST_ptr(params = fake_rsa_key_params(0)) + || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", + "provider=fake-rsa")) + || !TEST_true(EVP_PKEY_fromdata_init(ctx)) + || !TEST_true(EVP_PKEY_fromdata(ctx, &pkey_fake, EVP_PKEY_PUBLIC_KEY, + params)) + || !TEST_true(EVP_PKEY_can_sign(pkey_fake)) + || !TEST_ptr(pkey_fake)) + goto end; + + EVP_PKEY_CTX_free(ctx); + ctx = NULL; + EVP_PKEY_free(pkey_fake); + pkey_fake = NULL; + OSSL_PARAM_free(params); + params = NULL; + + ret = 1; +end: + + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(pkey_fake); + OSSL_PARAM_free(params); + fake_rsa_query_operation_name = 0; + + fake_rsa_finish(fake_rsa); + return ret; +} + static int test_pkey_store(int idx) { OSSL_PROVIDER *deflt = NULL; @@ -297,6 +368,7 @@ int setup_tests(void) ADD_TEST(test_pkey_sig); ADD_TEST(test_alternative_keygen_init); ADD_TEST(test_pkey_eq); + ADD_TEST(test_pkey_can_sign); ADD_ALL_TESTS(test_pkey_store, 2); return 1; diff --git a/test/recipes/15-test_ec.t b/test/recipes/15-test_ec.t index 0638d626e744..b010a43ee384 100644 --- a/test/recipes/15-test_ec.t +++ b/test/recipes/15-test_ec.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2025 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -18,7 +18,7 @@ setup("test_ec"); plan skip_all => 'EC is not supported in this build' if disabled('ec'); -plan tests => 15; +plan tests => 16; my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); @@ -33,6 +33,16 @@ subtest 'EC conversions -- private key' => sub { tconversion( -type => 'ec', -prefix => 'ec-priv', -in => srctop_file("test","testec-p256.pem") ); }; + +SKIP: { + skip "SM2 is not supported by this OpenSSL build", 1 + if disabled("sm2"); + subtest 'EC conversions -- private key' => sub { + tconversion( -type => 'ec', -prefix => 'sm2-priv', + -in => srctop_file("test","testec-sm2.pem") ); + }; +} + subtest 'EC conversions -- private key PKCS#8' => sub { tconversion( -type => 'ec', -prefix => 'ec-pkcs8', -in => srctop_file("test","testec-p256.pem"), diff --git a/test/recipes/15-test_ecparam.t b/test/recipes/15-test_ecparam.t index 37bf620f35ee..feb16904f2df 100644 --- a/test/recipes/15-test_ecparam.t +++ b/test/recipes/15-test_ecparam.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2017-2025 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -25,6 +25,10 @@ my @valid = glob(data_file("valid", "*.pem")); my @noncanon = glob(data_file("noncanon", "*.pem")); my @invalid = glob(data_file("invalid", "*.pem")); +if (disabled("sm2")) { + @valid = grep { !/sm2-.*\.pem/} @valid; +} + plan tests => 12; sub checkload { diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t index 7bada5186d75..19c528f0b89a 100644 --- a/test/recipes/25-test_verify.t +++ b/test/recipes/25-test_verify.t @@ -537,9 +537,10 @@ ok(vfy_root("-CAfile", $rootcert), "CAfile"); ok(vfy_root("-CAstore", $rootcert), "CAstore"); ok(vfy_root("-CAstore", $rootcert, "-CAfile", $rootcert), "CAfile and existing CAstore"); ok(!vfy_root("-CAstore", "non-existing", "-CAfile", $rootcert), "CAfile and non-existing CAstore"); + SKIP: { - skip "file names with colons aren't supported on Windows and VMS", 2 - if $^O =~ /^(MsWin32|VMS)$/; + skip "file names with colons aren't supported on Windows and VMS", 1 + if $^O =~ /^(MSWin32|VMS)$/; my $foo_file = "foo:cert.pem"; copy($rootcert, $foo_file); ok(vfy_root("-CAstore", $foo_file), "CAstore foo:file"); diff --git a/test/recipes/30-test_evp_data/evpkdf_krb5.txt b/test/recipes/30-test_evp_data/evpkdf_krb5.txt index d8f6aa72a175..e2de4754fa74 100644 --- a/test/recipes/30-test_evp_data/evpkdf_krb5.txt +++ b/test/recipes/30-test_evp_data/evpkdf_krb5.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2025 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -129,3 +129,11 @@ Ctrl.cipher = cipher:DES-EDE3-CBC Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92 Ctrl.hexconstant = hexconstant:0000000155 Output = 935079d14490a75c3093c4a6e8c3b049c71e6ee705 + +#Erroneous key size for the cipher as XTS has double key size +KDF = KRB5KDF +Ctrl.cipher = cipher:AES-256-XTS +Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161 +Ctrl.hexconstant = hexconstant:0000000255 +Output = 97151B4C76945063E2EB0529DC067D97D7BBA90776D8126D91F34F3101AEA8BA +Result = KDF_DERIVE_ERROR diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t index df8e7e614464..8c58152759e7 100644 --- a/test/recipes/80-test_cms.t +++ b/test/recipes/80-test_cms.t @@ -83,6 +83,15 @@ my @smime_pkcs7_tests = ( \&final_compare ], + [ "signed text content DER format, RSA key", + [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", + "-certfile", $smroot, "-signer", $smrsa1, "-text", + "-out", "{output}.cms" ], + [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", "-inform", "DER", + "-text", "-CAfile", $smroot, "-out", "{output}.txt" ], + \&final_compare + ], + [ "signed detached content DER format, RSA key", [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-outform", "DER", "-signer", $smrsa1, "-out", "{output}.cms" ], @@ -216,6 +225,14 @@ my @smime_pkcs7_tests = ( \&final_compare ], + [ "enveloped text content streaming S/MIME format, DES, 1 recipient", + [ "{cmd1}", @defaultprov, "-encrypt", "-in", $smcont, + "-stream", "-text", "-out", "{output}.cms", $smrsa1 ], + [ "{cmd2}", @defaultprov, "-decrypt", "-recip", $smrsa1, + "-in", "{output}.cms", "-text", "-out", "{output}.txt" ], + \&final_compare + ], + [ "enveloped content test streaming S/MIME format, DES, 3 recipients, 3rd used", [ "{cmd1}", @defaultprov, "-encrypt", "-in", $smcont, "-stream", "-out", "{output}.cms", diff --git a/test/recipes/90-test_store_cases.t b/test/recipes/90-test_store_cases.t index 05b00e6b4eb1..5915a1b76a53 100644 --- a/test/recipes/90-test_store_cases.t +++ b/test/recipes/90-test_store_cases.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2023 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2023-2025 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -18,9 +18,10 @@ use OpenSSL::Test::Utils; my $test_name = "test_store_cases"; setup($test_name); -plan tests => 2; +plan tests => 3; my $stderr; +my @stdout; # The case of the garbage PKCS#12 DER file where a passphrase was # prompted for. That should not have happened. @@ -34,3 +35,24 @@ open DATA, $stderr; close DATA; ok(scalar @match > 0 ? 0 : 1, "checking that storeutl didn't ask for a passphrase"); + + SKIP: { + skip "The objects in test-BER.p12 contain EC keys, which is disabled in this build", 1 + if disabled("ec"); + skip "test-BER.p12 has contents encrypted with DES-EDE3-CBC, which is disabled in this build", 1 + if disabled("des"); + + # The case with a BER-encoded PKCS#12 file, using infinite + EOC + # constructs. There was a bug with those in OpenSSL 3.0 and newer, + # where OSSL_STORE_load() (and by consequence, 'openssl storeutl') + # only extracted the first available object from that file and + # ignored the rest. + # Our test file has a total of four objects, and this should be + # reflected in the total that 'openssl storeutl' outputs + @stdout = run(app(['openssl', 'storeutl', '-passin', 'pass:12345', + data_file('test-BER.p12')]), + capture => 1); + @stdout = map { my $x = $_; $x =~ s/\R$//; $x } @stdout; # Better chomp + ok((grep { $_ eq 'Total found: 4' } @stdout), + "Checking that 'openssl storeutl' with test-BER.p12 returns 4 objects"); +} diff --git a/test/threadstest.c b/test/threadstest.c index 046a9eb80239..0a712c84d914 100644 --- a/test/threadstest.c +++ b/test/threadstest.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -30,6 +30,7 @@ static int do_fips = 0; static char *privkey; +static char *storedir; static char *config_file = NULL; static int multidefault_run = 0; static const char *default_provider[] = { "default", NULL }; @@ -582,7 +583,6 @@ static int test_multi_default(void) { thread_t thread1, thread2; int testresult = 0; - OSSL_PROVIDER *prov = NULL; /* Avoid running this test twice */ if (multidefault_run) { @@ -593,9 +593,6 @@ static int test_multi_default(void) multi_success = 1; multi_libctx = NULL; - prov = OSSL_PROVIDER_load(multi_libctx, "default"); - if (!TEST_ptr(prov)) - goto err; if (!TEST_true(run_thread(&thread1, thread_multi_simple_fetch)) || !TEST_true(run_thread(&thread2, thread_multi_simple_fetch))) @@ -611,7 +608,6 @@ static int test_multi_default(void) testresult = 1; err: - OSSL_PROVIDER_unload(prov); return testresult; } @@ -663,6 +659,62 @@ static int test_lib_ctx_load_config(void) 1, default_provider); } +static X509_STORE *store = NULL; + +static void test_x509_store_by_subject(void) +{ + X509_STORE_CTX *ctx; + X509_OBJECT *obj = NULL; + X509_NAME *name = NULL; + int success = 0; + + ctx = X509_STORE_CTX_new(); + if (!TEST_ptr(ctx)) + goto err; + + if (!TEST_true(X509_STORE_CTX_init(ctx, store, NULL, NULL))) + goto err; + + name = X509_NAME_new(); + if (!TEST_ptr(name)) + goto err; + if (!TEST_true(X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, + (unsigned char *)"Root CA", + -1, -1, 0))) + goto err; + obj = X509_STORE_CTX_get_obj_by_subject(ctx, X509_LU_X509, name); + if (!TEST_ptr(obj)) + goto err; + + success = 1; + err: + X509_OBJECT_free(obj); + X509_STORE_CTX_free(ctx); + X509_NAME_free(name); + if (!success) + multi_success = 0; +} + +/* Test accessing an X509_STORE from multiple threads */ +static int test_x509_store(void) +{ + int ret = 0; + + store = X509_STORE_new(); + if (!TEST_ptr(store)) + return 0; + if (!TEST_true(X509_STORE_load_store(store, storedir))) + goto err; + + ret = thread_run_test(&test_x509_store_by_subject, MAXIMUM_THREADS, + &test_x509_store_by_subject, 0, NULL); + + err: + X509_STORE_free(store); + store = NULL; + return ret; +} + typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, @@ -709,20 +761,24 @@ int setup_tests(void) if (!TEST_ptr(privkey)) return 0; + storedir = test_mk_file_path(datadir, "store"); + /* Keep first to validate auto creation of default library context */ ADD_TEST(test_multi_default); - ADD_TEST(test_lock); ADD_TEST(test_once); ADD_TEST(test_thread_local); ADD_TEST(test_atomic); ADD_TEST(test_multi_load); + ADD_ALL_TESTS(test_multi, 6); ADD_TEST(test_lib_ctx_load_config); + ADD_TEST(test_x509_store); return 1; } void cleanup_tests(void) { OPENSSL_free(privkey); + OPENSSL_free(storedir); } |