[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via bfa90fcaeaef775d0dfa5da3c0ad7da9f09fb60d (commit) via cfe271e2b89658e6980e7d054bde9c164f2e8687 (commit) via fc87d5dad26b4ad3351ed006024f9c48deebccb5 (commit) via 213a33e79fc1d0554d7cdad8496a805d6eacc77f (commit) via 9aaa943f0a9f9cc2b6610d40619423cc5614dc38 (commit) from bfda2e0d85fcc521544920b7bbe45c87b425ae90 (commit) - Log - commit bfa90fcaeaef775d0dfa5da3c0ad7da9f09fb60d Author: Richard Levitte Date: Fri Dec 10 13:18:42 2021 +0100 test/evp_extra_test.c: Add EVP_PKEY comparisons in test_EC_priv_pub() Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16765) (cherry picked from commit edc8566f475d63278d5f85cd25f324cf2fe9aaf9) commit cfe271e2b89658e6980e7d054bde9c164f2e8687 Author: Richard Levitte Date: Fri Dec 10 13:15:10 2021 +0100 test/evp_extra_test.c: Refactor test_fromdata() test_fromdata() turns out to be a bit inflexible, so we split it into two functions, make_key_fromdata() and test_selection(), and adjust test_EVP_PKEY_ffc_priv_pub() and test_EC_priv_pub() accordingly. This allows us to check the resulting keys further, not only to check that the bits we expect are there, but also that the bits that we expect not to be there to actually not be there! Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16765) (cherry picked from commit 5fbe15fd3b7c90a0cfb9f00be16225d8ed18b0dd) commit fc87d5dad26b4ad3351ed006024f9c48deebccb5 Author: Richard Levitte Date: Wed Sep 29 13:45:55 2021 +0200 Enhance the explanation of selector bits in provider-keymgmt(7) This uncovers what has been a mere comment in an attempt to clarify that the use of selector bits is very much at the discretion of the provider implementation. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16765) (cherry picked from commit e67254e4c3d82b1b8f5102bc4a0e7914f0b87ef0) commit 213a33e79fc1d0554d7cdad8496a805d6eacc77f Author: Richard Levitte Date: Wed Sep 29 11:05:41 2021 +0200 Adapt our OSSL_FUNC_keymgmt_match() implementations to the EVP_PKEY_eq() fix The match function (called OSSL_FUNC_keymgmt_match() in our documentation) in our KEYMGMT implementations were interpretting the selector bits a bit too strictly, so they get a bit relaxed to make it reasonable to match diverse key contents. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16765) (cherry picked from commit ee22a3741e3fc27c981e7f7e9bcb8d3342b0c65a) commit 9aaa943f0a9f9cc2b6610d40619423cc5614dc38 Author: Richard Levitte Date: Wed Sep 29 10:58:21 2021 +0200 Fix EVP_PKEY_eq() to be possible to use with strictly private keys EVP_PKEY_eq() assumed that an EVP_PKEY always has the public key component if it has a private key component. However, this assumption no longer strictly holds true, at least for provider backed keys. EVP_PKEY_eq() therefore needs to be modified to specify that the private key should be checked too (at the discretion of what's reasonable for the implementation doing the actual comparison). Fixes #16267 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16765) (cherry picked from commit f3ba62653815b2f7991103cdbea1ac155c8c916a) --- Summary of changes: crypto/evp/p_lib.c| 2 +- doc/man3/EVP_PKEY_copy_parameters.pod | 40 +-- doc/man7/provider-keymgmt.pod | 11 +- providers/implementations/keymgmt/dh_kmgmt.c | 28 - providers/implementations/keymgmt/dsa_kmgmt.c | 30 -- providers/implementations/keymgmt/ec_kmgmt.c | 30 -- providers/implementations/keymgmt/ecx_kmgmt.c | 51 + providers/implementations/keymgmt/rsa_kmgmt.c | 28 - test/evp_extra_test.c | 150 ++ 9 files changed, 272 insertions(+), 98 deletions(-) diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 2552dd702a..27138af564 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -343,7 +343,7 @@ int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b) if (a->keymgmt != NULL || b->keymgmt != NULL) return evp_pkey_cmp_any(a, b, (SELECT_PARAMETERS - | OSSL_KEYMGMT_SELECT_PUBLIC_KEY)); + | OSSL_KEYMGMT_SELECT_KEYPAIR)); /* All legacy keys */ if (a->type != b->type) diff --git a/doc/man3/EVP_PKEY_copy_parameters.pod b/doc/man3/EVP_PKEY_copy_parameters.pod index 46ce8be19b..adb5c2084e 100644 --- a/doc/man3/EVP_PKEY_copy_parameters.pod +++
[openssl] master update
The branch master has been updated via edc8566f475d63278d5f85cd25f324cf2fe9aaf9 (commit) via 5fbe15fd3b7c90a0cfb9f00be16225d8ed18b0dd (commit) via e67254e4c3d82b1b8f5102bc4a0e7914f0b87ef0 (commit) via ee22a3741e3fc27c981e7f7e9bcb8d3342b0c65a (commit) via f3ba62653815b2f7991103cdbea1ac155c8c916a (commit) from 23effeb81fbcdc436b1e871e7fff34456d6bfbaf (commit) - Log - commit edc8566f475d63278d5f85cd25f324cf2fe9aaf9 Author: Richard Levitte Date: Fri Dec 10 13:18:42 2021 +0100 test/evp_extra_test.c: Add EVP_PKEY comparisons in test_EC_priv_pub() Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16765) commit 5fbe15fd3b7c90a0cfb9f00be16225d8ed18b0dd Author: Richard Levitte Date: Fri Dec 10 13:15:10 2021 +0100 test/evp_extra_test.c: Refactor test_fromdata() test_fromdata() turns out to be a bit inflexible, so we split it into two functions, make_key_fromdata() and test_selection(), and adjust test_EVP_PKEY_ffc_priv_pub() and test_EC_priv_pub() accordingly. This allows us to check the resulting keys further, not only to check that the bits we expect are there, but also that the bits that we expect not to be there to actually not be there! Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16765) commit e67254e4c3d82b1b8f5102bc4a0e7914f0b87ef0 Author: Richard Levitte Date: Wed Sep 29 13:45:55 2021 +0200 Enhance the explanation of selector bits in provider-keymgmt(7) This uncovers what has been a mere comment in an attempt to clarify that the use of selector bits is very much at the discretion of the provider implementation. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16765) commit ee22a3741e3fc27c981e7f7e9bcb8d3342b0c65a Author: Richard Levitte Date: Wed Sep 29 11:05:41 2021 +0200 Adapt our OSSL_FUNC_keymgmt_match() implementations to the EVP_PKEY_eq() fix The match function (called OSSL_FUNC_keymgmt_match() in our documentation) in our KEYMGMT implementations were interpretting the selector bits a bit too strictly, so they get a bit relaxed to make it reasonable to match diverse key contents. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16765) commit f3ba62653815b2f7991103cdbea1ac155c8c916a Author: Richard Levitte Date: Wed Sep 29 10:58:21 2021 +0200 Fix EVP_PKEY_eq() to be possible to use with strictly private keys EVP_PKEY_eq() assumed that an EVP_PKEY always has the public key component if it has a private key component. However, this assumption no longer strictly holds true, at least for provider backed keys. EVP_PKEY_eq() therefore needs to be modified to specify that the private key should be checked too (at the discretion of what's reasonable for the implementation doing the actual comparison). Fixes #16267 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16765) --- Summary of changes: crypto/evp/p_lib.c| 2 +- doc/man3/EVP_PKEY_copy_parameters.pod | 40 +-- doc/man7/provider-keymgmt.pod | 11 +- providers/implementations/keymgmt/dh_kmgmt.c | 28 - providers/implementations/keymgmt/dsa_kmgmt.c | 30 -- providers/implementations/keymgmt/ec_kmgmt.c | 30 -- providers/implementations/keymgmt/ecx_kmgmt.c | 51 + providers/implementations/keymgmt/rsa_kmgmt.c | 28 - test/evp_extra_test.c | 150 ++ 9 files changed, 272 insertions(+), 98 deletions(-) diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 2552dd702a..27138af564 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -343,7 +343,7 @@ int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b) if (a->keymgmt != NULL || b->keymgmt != NULL) return evp_pkey_cmp_any(a, b, (SELECT_PARAMETERS - | OSSL_KEYMGMT_SELECT_PUBLIC_KEY)); + | OSSL_KEYMGMT_SELECT_KEYPAIR)); /* All legacy keys */ if (a->type != b->type) diff --git a/doc/man3/EVP_PKEY_copy_parameters.pod b/doc/man3/EVP_PKEY_copy_parameters.pod index 46ce8be19b..adb5c2084e 100644 --- a/doc/man3/EVP_PKEY_copy_parameters.pod +++ b/doc/man3/EVP_PKEY_copy_parameters.pod @@ -37,8 +37,8 @@ in B and B are both present and match this function has no effect. The function EVP_PKEY_parameters_eq() checks the parameters of keys B and B for equality. -The function EVP_PKEY_eq() checks the public key components and parameters -(if present) of keys B and B for equality. +The function EVP_PKEY_eq() checks the keys B and B for
Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DkVmE_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeG5vz0FnT3fyKqZ9ejvEzdujFzWaaC35jvUXEoq5ES1yWacIWn7W1eL-2FoElbChQXpUSbO9kzW4FrMlTIjmPSH576iL1cH50DBlP6FdUFFqA3vjoAbbuKo3qMOwILopeuTjnNZ5nnL02dob5jG72WPuXCgkafjOMZx5ZDGqt4BbwD0oyyiTtZR4ThykkxqKC474-3D Build ID: 423329 Analysis Summary: New defects found: 0 Defects eliminated: 1
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via bfda2e0d85fcc521544920b7bbe45c87b425ae90 (commit) from 792d224772f849ac23384a55499ef2377ff781d3 (commit) - Log - commit bfda2e0d85fcc521544920b7bbe45c87b425ae90 Author: Pauli Date: Wed Nov 24 11:38:51 2021 +1000 Fix Coverity 1494385 logically dead code. Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/17123) (cherry picked from commit 23effeb81fbcdc436b1e871e7fff34456d6bfbaf with manual corrections) --- Summary of changes: crypto/bn/rsaz_exp_x2.c | 16 +--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/crypto/bn/rsaz_exp_x2.c b/crypto/bn/rsaz_exp_x2.c index b7d11180f8..15db0c1f05 100644 --- a/crypto/bn/rsaz_exp_x2.c +++ b/crypto/bn/rsaz_exp_x2.c @@ -14,6 +14,7 @@ */ #include +#include #include "rsaz_exp.h" #ifndef RSAZ_ENABLED @@ -310,14 +311,23 @@ static void RSAZ_exp52x20_x2_256(BN_ULONG *out, /* [2][20] */ /* Exponentiation */ { -int rem = BITSIZE_MODULUS % EXP_WIN_SIZE; -int delta = rem ? rem : EXP_WIN_SIZE; +const int rem = BITSIZE_MODULUS % EXP_WIN_SIZE; BN_ULONG table_idx_mask = EXP_WIN_MASK; -int exp_bit_no = BITSIZE_MODULUS - delta; +int exp_bit_no = BITSIZE_MODULUS - rem; int exp_chunk_no = exp_bit_no / 64; int exp_chunk_shift = exp_bit_no % 64; +/* + * If rem == 0, then + * exp_bit_no = modulus_bitsize - exp_win_size + * However, this isn't possible because rem is { 1024, 1536, 2048 } % 5 + * which is { 4, 1, 3 } respectively. + * + * If this assertion ever fails the fix above is easy. + */ +OPENSSL_assert(rem != 0); + /* Process 1-st exp window - just init result */ BN_ULONG red_table_idx_0 = expz[0][exp_chunk_no]; BN_ULONG red_table_idx_1 = expz[1][exp_chunk_no];
[openssl] master update
The branch master has been updated via 23effeb81fbcdc436b1e871e7fff34456d6bfbaf (commit) from 391ce6d980c4f8f474ed28d1ea83849cc9a00100 (commit) - Log - commit 23effeb81fbcdc436b1e871e7fff34456d6bfbaf Author: Pauli Date: Wed Nov 24 11:38:51 2021 +1000 Fix Coverity 1494385 logically dead code. Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/17123) --- Summary of changes: crypto/bn/rsaz_exp_x2.c | 18 ++ 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/crypto/bn/rsaz_exp_x2.c b/crypto/bn/rsaz_exp_x2.c index 93f104f68e..3371b6c6d7 100644 --- a/crypto/bn/rsaz_exp_x2.c +++ b/crypto/bn/rsaz_exp_x2.c @@ -15,6 +15,7 @@ */ #include +#include #include "rsaz_exp.h" #ifndef RSAZ_ENABLED @@ -404,14 +405,23 @@ int RSAZ_mod_exp_x2_ifma256(BN_ULONG *out, /* Exponentiation */ { -int rem = modulus_bitsize % exp_win_size; -int delta = rem ? rem : exp_win_size; -BN_ULONG table_idx_mask = exp_win_mask; +const int rem = modulus_bitsize % exp_win_size; +const BN_ULONG table_idx_mask = exp_win_mask; -int exp_bit_no = modulus_bitsize - delta; +int exp_bit_no = modulus_bitsize - rem; int exp_chunk_no = exp_bit_no / 64; int exp_chunk_shift = exp_bit_no % 64; +/* + * If rem == 0, then + * exp_bit_no = modulus_bitsize - exp_win_size + * However, this isn't possible because rem is { 1024, 1536, 2048 } % 5 + * which is { 4, 1, 3 } respectively. + * + * If this assertion ever fails the fix above is easy. + */ +OPENSSL_assert(rem != 0); + /* Process 1-st exp window - just init result */ BN_ULONG red_table_idx_0 = expz[exp_chunk_no + 0 * (exp_digits + 1)]; BN_ULONG red_table_idx_1 = expz[exp_chunk_no + 1 * (exp_digits + 1)];