summaryrefslogtreecommitdiff
path: root/test/evp_libctx_test.c
Commit message (Collapse)AuthorAgeFilesLines
* Revert "Remove conditional FIPS dependence for 3DES"Pauli2022-11-101-7/+1
| | | | | | | | This reverts commit 464c1011b02936850fc779739013dba52650840a. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19631)
* Remove conditional FIPS dependence for 3DESPauli2022-11-021-1/+7
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/19510)
* Fix the incorrect checks of EVP_CIPHER_CTX_rand_keyPeiwei Hu2022-05-271-1/+1
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18397)
* Update copyright yearMatt Caswell2022-05-031-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
* str[n]casecmp => OPENSSL_strncasecmpDmitry Belyavskiy2022-04-221-2/+1
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18069)
* Move e_os.h to include/internalRichard Levitte2022-02-051-1/+1
| | | | | | | | | | | | Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to be able to stop ourselves, the better move is to move e_os.h to an include directory that's part of the inclusion path given to the compiler. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17641)
* EVP_PKEY_keygen_init: fix return checkPeiwei Hu2021-11-161-1/+1
| | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17031)
* Add KEM dupctx testslontis2021-09-031-3/+5
| | | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16495)
* Add a gettable for provider ciphers to return the EVP_CIPH_RAND_KEY flagShane Lontis2021-06-081-0/+30
| | | | | | | | | | | | | Fixes #15531 DES and TDES set this flag which could possibly be used by applications. The gettable cipher param OSSL_CIPHER_PARAM_HAS_RAND_KEY has been added. Note that EVP_CIPHER_CTX_rand_key() uses this flag. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15606)
* Rename all getters to use get/get0 in nameTomas Mraz2021-06-011-9/+9
| | | | | | | | | | | | | | For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
* Enhance the encoder/decoder tests to allow testing with a non-default ↵Jon Spillett2021-06-011-1/+1
| | | | | | | | | library context and configurable providers Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14587)
* TEST: Prefer using precomputed RSA and DH keys for more efficient testsDr. David von Oheimb2021-05-271-2/+3
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13715)
* Add special case to skip RC4 reinitJon Spillett2021-05-261-4/+13
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15276)
* Add convenience functions and macros for asymmetric key generationDr. David von Oheimb2021-05-111-6/+1
| | | | | | | | | Add EVP_PKEY_gen(), EVP_PKEY_Q_gen(), EVP_RSA_gen(), and EVP_EC_gen(). Also export auxiliary function OSSL_EC_curve_nid2name() and improve deprecation info on RSA and EC key generation/management functions. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14695)
* Add type_name member to provided methods and use itTomas Mraz2021-04-261-10/+23
| | | | | | | Fixes #14701 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14898)
* Implement EVP_PKEY_dup() functionTomas Mraz2021-03-281-2/+18
| | | | | | | Fixes #14501 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14624)
* test: support params arguments to init functionsPauli2021-03-121-8/+8
| | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383)
* Fix external symbols for bnShane Lontis2021-02-261-2/+4
| | | | | | | | | Partial fix for #12964 This adds ossl_ names for symbols related to bn_* Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14296)
* Rename OSSL_ENCODER_CTX_new_by_EVP_PKEY and OSSL_DECODER_CTX_new_by_EVP_PKEYTomas Mraz2021-02-171-4/+4
| | | | | | | | | | Additional renames done in encoder and decoder implementation to follow the style. Fixes #13622 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14155)
* Update copyright yearRichard Levitte2021-01-281-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
* chacha20: Properly reinitialize the cipher context with NULL keyTomas Mraz2021-01-131-10/+26
| | | | | | | | | | | | Same for chacha20-poly1305. The test_cipher_reinit and test_cipher_reinit_partialupdate is modified to test this case of cipher context reinitialization. Fixes #13064 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13850)
* Use adapted test_get_libctx() for simpler test setup and better error reportingDr. David von Oheimb2020-12-101-13/+1
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13001)
* Adapt everything else to the updated OSSL_ENCODER_CTX_new_by_EVP_PKEY()Richard Levitte2020-12-021-1/+1
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13545)
* test/evp_libctx_test.c: use OSSL_ENCODER instead of i2d_PublicKey()Richard Levitte2020-11-111-2/+11
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13167)
* Rename OPENSSL_CTX prefix to OSSL_LIB_CTXDr. Matthias St. Pierre2020-10-151-4/+4
| | | | | | | | | | | | Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
* Run the withlibctx.pl scriptMatt Caswell2020-10-011-1/+1
| | | | | | | | Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12970)
* Add a copy of OSSL_SELF_TEST_get_callback() to the fips module.Shane Lontis2020-09-191-6/+3
| | | | | | | | | | | | | | | | The user can set up a self test callback that should be activated when a keygen operation (e.g ec) occurs for the fips module. The callback information is stored inside the applications library context, but this was not being triggered since the library context used for the key generation operation was the internal library context used by the fips module (which is not the same as the application's library context). During the keygen operation the OSSL_SELF_TEST_get_callback() function is used to retrieve the callback info. By having a seperate copy of OSSL_SELF_TEST_get_callback() for the fips module we can ensure that the parent library context is used instead. The core OSSL_SELF_TEST_get_callback() function pointer is passed across the boundary during the fips modules entry point such that the fips version of the function can call it after changing the libctx. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12877)
* Add KEM (Key encapsulation mechanism) support to providersShane Lontis2020-09-191-0/+181
| | | | | | | | | | | | | | | | | | | SP800-56Br2 requires support for the RSA primitives for RSASVE generate and recover. As these are simple KEM operations another operation type has been added that can support future extensions. Added public functions EVP_PKEY_encapsulate_init(), EVP_PKEY_encapsulate(), EVP_PKEY_decapsulate_init() and EVP_PKEY_decapsulate() Added EVP_KEM_* functions. Added OSSL_FUNC_kem_* dispatch functions Added EVP_PKEY_CTX_set_kem_op() so that different types of KEM can be added in the future. This value must currently be set to "RSASVE" after EVP_PKEY_encapsulate_init() & EVP_PKEY_decapsulate_init() as there is no default value. This allows the existing RSA key types, keymanagers, and encoders to be used with the encapsulation operations. The design of the public API's resulted from contributions from @romen & @levitte. Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12750)
* Fix stacks of OPENSSL_STRING, OPENSSL_CSTRING and OPENSSL_BLOCKMatt Caswell2020-09-131-2/+0
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
* Add dh_kdf support to providerShane Lontis2020-08-111-0/+88
| | | | | | | | | Similiar to ecdh this supports the legacy kdf inside the provider dh key exchange. The supporting EVP_PKEY_CTX macros have been changed into mehtods and moved into dh_ctrl.c New kdfs such as SSKDF should be done as a seperate pass after doing the derive. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12575)
* Fix provider cipher reinit after init/update with a partial update block.Shane Lontis2020-08-051-0/+78
| | | | | | | | | | | | The test added previously used a 16 byte block during the update which does not cause internal buffering in the provider. Some internal variables related to the buffering were not being cleared in the init, which meant that the second update would use the buffered data from the first update. Added test for this scenario with exclusions for ciphers that do not support partial block updates. Found by guidovranken. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12523)
* Fix no-dh and no-dsaMatt Caswell2020-07-261-3/+8
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12525)
* Fix provider cipher reinit issueShane Lontis2020-07-221-2/+88
| | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #12405 Fixes #12377 Calling Init()/Update() and then Init()/Update() again gave a different result when using the same key and iv. Cipher modes that were using ctx->num were not resetting this value, this includes OFB, CFB & CTR. The fix is to reset this value during the ciphers einit() and dinit() methods. Most ciphers go thru a generic method so one line fixes most cases. Add test for calling EVP_EncryptInit()/EVP_EncryptUpdate() multiple times for all ciphers. Ciphers should return the same value for both updates. DES3-WRAP does not since it uses a random in the update. CCM modes currently also fail on the second update (This also happens in 1_1_1). Fix memory leak in AES_OCB cipher if EVP_EncryptInit is called multiple times. Fix AES_SIV cipher dup_ctx and init. Calling EVP_CIPHER_init multiple times resulted in a memory leak in the siv. Fixing this leak also showed that the dup ctx was not working for siv mode. Note: aes_siv_cleanup() can not be used by aes_siv_dupctx() as it clears data that is required for the decrypt (e.g the tag). Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12413)
* Add multiple fixes for ffc key generation using invalid p,q,g parameters.Shane Lontis2020-07-091-0/+253
Fixes #11864 - The dsa keygen assumed valid p, q, g values were being passed. If this is not correct then it is possible that dsa keygen can either hang or segfault. The fix was to do a partial validation of p, q, and g inside the keygen. - Fixed a potential double free in the dsa keypair test in the case when in failed (It should never fail!). It freed internal object members without setting them to NULL. - Changed the FFC key validation to accept 1024 bit keys in non fips mode. - Added tests that use both the default provider & fips provider to test these cases. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12176)
View Lorry Controller Status