forked from rpms/openssl
import openssl-1.1.1g-11.el8
This commit is contained in:
parent
2b3c833414
commit
75887ccab4
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
|||||||
SOURCES/openssl-1.1.1c-hobbled.tar.xz
|
SOURCES/openssl-1.1.1g-hobbled.tar.xz
|
||||||
|
@ -1 +1 @@
|
|||||||
a85056adf2c2402e808bbe3201f6e473cfa8c214 SOURCES/openssl-1.1.1c-hobbled.tar.xz
|
b55517bdc9aa61627a9896c1a3a156d5f6a4348f SOURCES/openssl-1.1.1g-hobbled.tar.xz
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
@ -9,7 +9,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include "ec_lcl.h"
|
#include "ec_local.h"
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <openssl/obj_mac.h>
|
#include <openssl/obj_mac.h>
|
||||||
#include <openssl/opensslconf.h>
|
#include <openssl/opensslconf.h>
|
||||||
@ -468,3 +468,115 @@ int EC_curve_nist2nid(const char *name)
|
|||||||
}
|
}
|
||||||
return NID_undef;
|
return NID_undef;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#define NUM_BN_FIELDS 6
|
||||||
|
/*
|
||||||
|
* Validates EC domain parameter data for known named curves.
|
||||||
|
* This can be used when a curve is loaded explicitly (without a curve
|
||||||
|
* name) or to validate that domain parameters have not been modified.
|
||||||
|
*
|
||||||
|
* Returns: The nid associated with the found named curve, or NID_undef
|
||||||
|
* if not found. If there was an error it returns -1.
|
||||||
|
*/
|
||||||
|
int ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx)
|
||||||
|
{
|
||||||
|
int ret = -1, nid, len, field_type, param_len;
|
||||||
|
size_t i, seed_len;
|
||||||
|
const unsigned char *seed, *params_seed, *params;
|
||||||
|
unsigned char *param_bytes = NULL;
|
||||||
|
const EC_CURVE_DATA *data;
|
||||||
|
const EC_POINT *generator = NULL;
|
||||||
|
const EC_METHOD *meth;
|
||||||
|
const BIGNUM *cofactor = NULL;
|
||||||
|
/* An array of BIGNUMs for (p, a, b, x, y, order) */
|
||||||
|
BIGNUM *bn[NUM_BN_FIELDS] = {NULL, NULL, NULL, NULL, NULL, NULL};
|
||||||
|
|
||||||
|
meth = EC_GROUP_method_of(group);
|
||||||
|
if (meth == NULL)
|
||||||
|
return -1;
|
||||||
|
/* Use the optional named curve nid as a search field */
|
||||||
|
nid = EC_GROUP_get_curve_name(group);
|
||||||
|
field_type = EC_METHOD_get_field_type(meth);
|
||||||
|
seed_len = EC_GROUP_get_seed_len(group);
|
||||||
|
seed = EC_GROUP_get0_seed(group);
|
||||||
|
cofactor = EC_GROUP_get0_cofactor(group);
|
||||||
|
|
||||||
|
BN_CTX_start(ctx);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The built-in curves contains data fields (p, a, b, x, y, order) that are
|
||||||
|
* all zero-padded to be the same size. The size of the padding is
|
||||||
|
* determined by either the number of bytes in the field modulus (p) or the
|
||||||
|
* EC group order, whichever is larger.
|
||||||
|
*/
|
||||||
|
param_len = BN_num_bytes(group->order);
|
||||||
|
len = BN_num_bytes(group->field);
|
||||||
|
if (len > param_len)
|
||||||
|
param_len = len;
|
||||||
|
|
||||||
|
/* Allocate space to store the padded data for (p, a, b, x, y, order) */
|
||||||
|
param_bytes = OPENSSL_malloc(param_len * NUM_BN_FIELDS);
|
||||||
|
if (param_bytes == NULL)
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
/* Create the bignums */
|
||||||
|
for (i = 0; i < NUM_BN_FIELDS; ++i) {
|
||||||
|
if ((bn[i] = BN_CTX_get(ctx)) == NULL)
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
/*
|
||||||
|
* Fill in the bn array with the same values as the internal curves
|
||||||
|
* i.e. the values are p, a, b, x, y, order.
|
||||||
|
*/
|
||||||
|
/* Get p, a & b */
|
||||||
|
if (!(EC_GROUP_get_curve(group, bn[0], bn[1], bn[2], ctx)
|
||||||
|
&& ((generator = EC_GROUP_get0_generator(group)) != NULL)
|
||||||
|
/* Get x & y */
|
||||||
|
&& EC_POINT_get_affine_coordinates(group, generator, bn[3], bn[4], ctx)
|
||||||
|
/* Get order */
|
||||||
|
&& EC_GROUP_get_order(group, bn[5], ctx)))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Convert the bignum array to bytes that are joined together to form
|
||||||
|
* a single buffer that contains data for all fields.
|
||||||
|
* (p, a, b, x, y, order) are all zero padded to be the same size.
|
||||||
|
*/
|
||||||
|
for (i = 0; i < NUM_BN_FIELDS; ++i) {
|
||||||
|
if (BN_bn2binpad(bn[i], ¶m_bytes[i*param_len], param_len) <= 0)
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
for (i = 0; i < curve_list_length; i++) {
|
||||||
|
const ec_list_element curve = curve_list[i];
|
||||||
|
|
||||||
|
data = curve.data;
|
||||||
|
/* Get the raw order byte data */
|
||||||
|
params_seed = (const unsigned char *)(data + 1); /* skip header */
|
||||||
|
params = params_seed + data->seed_len;
|
||||||
|
|
||||||
|
/* Look for unique fields in the fixed curve data */
|
||||||
|
if (data->field_type == field_type
|
||||||
|
&& param_len == data->param_len
|
||||||
|
&& (nid <= 0 || nid == curve.nid)
|
||||||
|
/* check the optional cofactor (ignore if its zero) */
|
||||||
|
&& (BN_is_zero(cofactor)
|
||||||
|
|| BN_is_word(cofactor, (const BN_ULONG)curve.data->cofactor))
|
||||||
|
/* Check the optional seed (ignore if its not set) */
|
||||||
|
&& (data->seed_len == 0 || seed_len == 0
|
||||||
|
|| ((size_t)data->seed_len == seed_len
|
||||||
|
&& memcmp(params_seed, seed, seed_len) == 0))
|
||||||
|
/* Check that the groups params match the built-in curve params */
|
||||||
|
&& memcmp(param_bytes, params, param_len * NUM_BN_FIELDS)
|
||||||
|
== 0) {
|
||||||
|
ret = curve.nid;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
/* Gets here if the group was not found */
|
||||||
|
ret = NID_undef;
|
||||||
|
end:
|
||||||
|
OPENSSL_free(param_bytes);
|
||||||
|
BN_CTX_end(ctx);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
550
SOURCES/ectest.c
550
SOURCES/ectest.c
@ -844,6 +844,271 @@ static const unsigned char p521_explicit[] = {
|
|||||||
0xbb, 0x6f, 0xb7, 0x1e, 0x91, 0x38, 0x64, 0x09, 0x02, 0x01, 0x01,
|
0xbb, 0x6f, 0xb7, 0x1e, 0x91, 0x38, 0x64, 0x09, 0x02, 0x01, 0x01,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Sometime we cannot compare nids for equality, as the built-in curve table
|
||||||
|
* includes aliases with different names for the same curve.
|
||||||
|
*
|
||||||
|
* This function returns TRUE (1) if the checked nids are identical, or if they
|
||||||
|
* alias to the same curve. FALSE (0) otherwise.
|
||||||
|
*/
|
||||||
|
static ossl_inline
|
||||||
|
int are_ec_nids_compatible(int n1d, int n2d)
|
||||||
|
{
|
||||||
|
int ret = 0;
|
||||||
|
switch (n1d) {
|
||||||
|
# ifndef OPENSSL_NO_EC2M
|
||||||
|
case NID_sect113r1:
|
||||||
|
case NID_wap_wsg_idm_ecid_wtls4:
|
||||||
|
ret = (n2d == NID_sect113r1 || n2d == NID_wap_wsg_idm_ecid_wtls4);
|
||||||
|
break;
|
||||||
|
case NID_sect163k1:
|
||||||
|
case NID_wap_wsg_idm_ecid_wtls3:
|
||||||
|
ret = (n2d == NID_sect163k1 || n2d == NID_wap_wsg_idm_ecid_wtls3);
|
||||||
|
break;
|
||||||
|
case NID_sect233k1:
|
||||||
|
case NID_wap_wsg_idm_ecid_wtls10:
|
||||||
|
ret = (n2d == NID_sect233k1 || n2d == NID_wap_wsg_idm_ecid_wtls10);
|
||||||
|
break;
|
||||||
|
case NID_sect233r1:
|
||||||
|
case NID_wap_wsg_idm_ecid_wtls11:
|
||||||
|
ret = (n2d == NID_sect233r1 || n2d == NID_wap_wsg_idm_ecid_wtls11);
|
||||||
|
break;
|
||||||
|
case NID_X9_62_c2pnb163v1:
|
||||||
|
case NID_wap_wsg_idm_ecid_wtls5:
|
||||||
|
ret = (n2d == NID_X9_62_c2pnb163v1
|
||||||
|
|| n2d == NID_wap_wsg_idm_ecid_wtls5);
|
||||||
|
break;
|
||||||
|
# endif /* OPENSSL_NO_EC2M */
|
||||||
|
case NID_secp112r1:
|
||||||
|
case NID_wap_wsg_idm_ecid_wtls6:
|
||||||
|
ret = (n2d == NID_secp112r1 || n2d == NID_wap_wsg_idm_ecid_wtls6);
|
||||||
|
break;
|
||||||
|
case NID_secp160r2:
|
||||||
|
case NID_wap_wsg_idm_ecid_wtls7:
|
||||||
|
ret = (n2d == NID_secp160r2 || n2d == NID_wap_wsg_idm_ecid_wtls7);
|
||||||
|
break;
|
||||||
|
# ifdef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||||
|
case NID_secp224r1:
|
||||||
|
case NID_wap_wsg_idm_ecid_wtls12:
|
||||||
|
ret = (n2d == NID_secp224r1 || n2d == NID_wap_wsg_idm_ecid_wtls12);
|
||||||
|
break;
|
||||||
|
# else
|
||||||
|
/*
|
||||||
|
* For SEC P-224 we want to ensure that the SECP nid is returned, as
|
||||||
|
* that is associated with a specialized method.
|
||||||
|
*/
|
||||||
|
case NID_wap_wsg_idm_ecid_wtls12:
|
||||||
|
ret = (n2d == NID_secp224r1);
|
||||||
|
break;
|
||||||
|
# endif /* def(OPENSSL_NO_EC_NISTP_64_GCC_128) */
|
||||||
|
|
||||||
|
default:
|
||||||
|
ret = (n1d == n2d);
|
||||||
|
}
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This checks that EC_GROUP_bew_from_ecparameters() returns a "named"
|
||||||
|
* EC_GROUP for built-in curves.
|
||||||
|
*
|
||||||
|
* Note that it is possible to retrieve an alternative alias that does not match
|
||||||
|
* the original nid.
|
||||||
|
*
|
||||||
|
* Ensure that the OPENSSL_EC_EXPLICIT_CURVE ASN1 flag is set.
|
||||||
|
*/
|
||||||
|
static int check_named_curve_from_ecparameters(int id)
|
||||||
|
{
|
||||||
|
int ret = 0, nid, tnid;
|
||||||
|
EC_GROUP *group = NULL, *tgroup = NULL, *tmpg = NULL;
|
||||||
|
const EC_POINT *group_gen = NULL;
|
||||||
|
EC_POINT *other_gen = NULL;
|
||||||
|
BIGNUM *group_cofactor = NULL, *other_cofactor = NULL;
|
||||||
|
BIGNUM *other_gen_x = NULL, *other_gen_y = NULL;
|
||||||
|
const BIGNUM *group_order = NULL;
|
||||||
|
BIGNUM *other_order = NULL;
|
||||||
|
BN_CTX *bn_ctx = NULL;
|
||||||
|
static const unsigned char invalid_seed[] = "THIS IS NOT A VALID SEED";
|
||||||
|
static size_t invalid_seed_len = sizeof(invalid_seed);
|
||||||
|
ECPARAMETERS *params = NULL, *other_params = NULL;
|
||||||
|
EC_GROUP *g_ary[8] = {NULL};
|
||||||
|
EC_GROUP **g_next = &g_ary[0];
|
||||||
|
ECPARAMETERS *p_ary[8] = {NULL};
|
||||||
|
ECPARAMETERS **p_next = &p_ary[0];
|
||||||
|
|
||||||
|
/* Do some setup */
|
||||||
|
nid = curves[id].nid;
|
||||||
|
TEST_note("Curve %s", OBJ_nid2sn(nid));
|
||||||
|
if (!TEST_ptr(bn_ctx = BN_CTX_new()))
|
||||||
|
return ret;
|
||||||
|
BN_CTX_start(bn_ctx);
|
||||||
|
|
||||||
|
if (/* Allocations */
|
||||||
|
!TEST_ptr(group_cofactor = BN_CTX_get(bn_ctx))
|
||||||
|
|| !TEST_ptr(other_gen_x = BN_CTX_get(bn_ctx))
|
||||||
|
|| !TEST_ptr(other_gen_y = BN_CTX_get(bn_ctx))
|
||||||
|
|| !TEST_ptr(other_order = BN_CTX_get(bn_ctx))
|
||||||
|
|| !TEST_ptr(other_cofactor = BN_CTX_get(bn_ctx))
|
||||||
|
/* Generate reference group and params */
|
||||||
|
|| !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))
|
||||||
|
|| !TEST_ptr(params = EC_GROUP_get_ecparameters(group, NULL))
|
||||||
|
|| !TEST_ptr(group_gen = EC_GROUP_get0_generator(group))
|
||||||
|
|| !TEST_ptr(group_order = EC_GROUP_get0_order(group))
|
||||||
|
|| !TEST_true(EC_GROUP_get_cofactor(group, group_cofactor, NULL))
|
||||||
|
/* compute `other_*` values */
|
||||||
|
|| !TEST_ptr(tmpg = EC_GROUP_dup(group))
|
||||||
|
|| !TEST_ptr(other_gen = EC_POINT_dup(group_gen, group))
|
||||||
|
|| !TEST_true(EC_POINT_add(group, other_gen, group_gen, group_gen, NULL))
|
||||||
|
|| !TEST_true(EC_POINT_get_affine_coordinates(group, other_gen,
|
||||||
|
other_gen_x, other_gen_y, bn_ctx))
|
||||||
|
|| !TEST_true(BN_copy(other_order, group_order))
|
||||||
|
|| !TEST_true(BN_add_word(other_order, 1))
|
||||||
|
|| !TEST_true(BN_copy(other_cofactor, group_cofactor))
|
||||||
|
|| !TEST_true(BN_add_word(other_cofactor, 1)))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
EC_POINT_free(other_gen);
|
||||||
|
other_gen = NULL;
|
||||||
|
|
||||||
|
if (!TEST_ptr(other_gen = EC_POINT_new(tmpg))
|
||||||
|
|| !TEST_true(EC_POINT_set_affine_coordinates(tmpg, other_gen,
|
||||||
|
other_gen_x, other_gen_y,
|
||||||
|
bn_ctx)))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ###########################
|
||||||
|
* # Actual tests start here #
|
||||||
|
* ###########################
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Creating a group from built-in explicit parameters returns a
|
||||||
|
* "named" EC_GROUP
|
||||||
|
*/
|
||||||
|
if (!TEST_ptr(tgroup = *g_next++ = EC_GROUP_new_from_ecparameters(params))
|
||||||
|
|| !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef))
|
||||||
|
goto err;
|
||||||
|
/*
|
||||||
|
* We cannot always guarantee the names match, as the built-in table
|
||||||
|
* contains aliases for the same curve with different names.
|
||||||
|
*/
|
||||||
|
if (!TEST_true(are_ec_nids_compatible(nid, tnid))) {
|
||||||
|
TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid));
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
/* Ensure that the OPENSSL_EC_EXPLICIT_CURVE ASN1 flag is set. */
|
||||||
|
if (!TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), OPENSSL_EC_EXPLICIT_CURVE))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* An invalid seed in the parameters should be ignored: expect a "named"
|
||||||
|
* group.
|
||||||
|
*/
|
||||||
|
if (!TEST_int_eq(EC_GROUP_set_seed(tmpg, invalid_seed, invalid_seed_len),
|
||||||
|
invalid_seed_len)
|
||||||
|
|| !TEST_ptr(other_params = *p_next++ =
|
||||||
|
EC_GROUP_get_ecparameters(tmpg, NULL))
|
||||||
|
|| !TEST_ptr(tgroup = *g_next++ =
|
||||||
|
EC_GROUP_new_from_ecparameters(other_params))
|
||||||
|
|| !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
|
||||||
|
|| !TEST_true(are_ec_nids_compatible(nid, tnid))
|
||||||
|
|| !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
|
||||||
|
OPENSSL_EC_EXPLICIT_CURVE)) {
|
||||||
|
TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid));
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* A null seed in the parameters should be ignored, as it is optional:
|
||||||
|
* expect a "named" group.
|
||||||
|
*/
|
||||||
|
if (!TEST_int_eq(EC_GROUP_set_seed(tmpg, NULL, 0), 1)
|
||||||
|
|| !TEST_ptr(other_params = *p_next++ =
|
||||||
|
EC_GROUP_get_ecparameters(tmpg, NULL))
|
||||||
|
|| !TEST_ptr(tgroup = *g_next++ =
|
||||||
|
EC_GROUP_new_from_ecparameters(other_params))
|
||||||
|
|| !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
|
||||||
|
|| !TEST_true(are_ec_nids_compatible(nid, tnid))
|
||||||
|
|| !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
|
||||||
|
OPENSSL_EC_EXPLICIT_CURVE)) {
|
||||||
|
TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid));
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Check that changing any of the generator parameters does not yield a
|
||||||
|
* match with the built-in curves
|
||||||
|
*/
|
||||||
|
if (/* Other gen, same group order & cofactor */
|
||||||
|
!TEST_true(EC_GROUP_set_generator(tmpg, other_gen, group_order,
|
||||||
|
group_cofactor))
|
||||||
|
|| !TEST_ptr(other_params = *p_next++ =
|
||||||
|
EC_GROUP_get_ecparameters(tmpg, NULL))
|
||||||
|
|| !TEST_ptr(tgroup = *g_next++ =
|
||||||
|
EC_GROUP_new_from_ecparameters(other_params))
|
||||||
|
|| !TEST_int_eq((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
|
||||||
|
/* Same gen & cofactor, different order */
|
||||||
|
|| !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, other_order,
|
||||||
|
group_cofactor))
|
||||||
|
|| !TEST_ptr(other_params = *p_next++ =
|
||||||
|
EC_GROUP_get_ecparameters(tmpg, NULL))
|
||||||
|
|| !TEST_ptr(tgroup = *g_next++ =
|
||||||
|
EC_GROUP_new_from_ecparameters(other_params))
|
||||||
|
|| !TEST_int_eq((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
|
||||||
|
/* The order is not an optional field, so this should fail */
|
||||||
|
|| !TEST_false(EC_GROUP_set_generator(tmpg, group_gen, NULL,
|
||||||
|
group_cofactor))
|
||||||
|
/* Check that a wrong cofactor is ignored, and we still match */
|
||||||
|
|| !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order,
|
||||||
|
other_cofactor))
|
||||||
|
|| !TEST_ptr(other_params = *p_next++ =
|
||||||
|
EC_GROUP_get_ecparameters(tmpg, NULL))
|
||||||
|
|| !TEST_ptr(tgroup = *g_next++ =
|
||||||
|
EC_GROUP_new_from_ecparameters(other_params))
|
||||||
|
|| !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
|
||||||
|
|| !TEST_true(are_ec_nids_compatible(nid, tnid))
|
||||||
|
|| !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
|
||||||
|
OPENSSL_EC_EXPLICIT_CURVE)
|
||||||
|
/* Check that if the cofactor is not set then it still matches */
|
||||||
|
|| !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order,
|
||||||
|
NULL))
|
||||||
|
|| !TEST_ptr(other_params = *p_next++ =
|
||||||
|
EC_GROUP_get_ecparameters(tmpg, NULL))
|
||||||
|
|| !TEST_ptr(tgroup = *g_next++ =
|
||||||
|
EC_GROUP_new_from_ecparameters(other_params))
|
||||||
|
|| !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
|
||||||
|
|| !TEST_true(are_ec_nids_compatible(nid, tnid))
|
||||||
|
|| !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
|
||||||
|
OPENSSL_EC_EXPLICIT_CURVE)
|
||||||
|
/* check that restoring the generator passes */
|
||||||
|
|| !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order,
|
||||||
|
group_cofactor))
|
||||||
|
|| !TEST_ptr(other_params = *p_next++ =
|
||||||
|
EC_GROUP_get_ecparameters(tmpg, NULL))
|
||||||
|
|| !TEST_ptr(tgroup = *g_next++ =
|
||||||
|
EC_GROUP_new_from_ecparameters(other_params))
|
||||||
|
|| !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
|
||||||
|
|| !TEST_true(are_ec_nids_compatible(nid, tnid))
|
||||||
|
|| !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
|
||||||
|
OPENSSL_EC_EXPLICIT_CURVE))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
ret = 1;
|
||||||
|
err:
|
||||||
|
for (g_next = &g_ary[0]; g_next < g_ary + OSSL_NELEM(g_ary); g_next++)
|
||||||
|
EC_GROUP_free(*g_next);
|
||||||
|
for (p_next = &p_ary[0]; p_next < p_ary + OSSL_NELEM(g_ary); p_next++)
|
||||||
|
ECPARAMETERS_free(*p_next);
|
||||||
|
ECPARAMETERS_free(params);
|
||||||
|
EC_POINT_free(other_gen);
|
||||||
|
EC_GROUP_free(tmpg);
|
||||||
|
EC_GROUP_free(group);
|
||||||
|
BN_CTX_end(bn_ctx);
|
||||||
|
BN_CTX_free(bn_ctx);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
static int parameter_test(void)
|
static int parameter_test(void)
|
||||||
{
|
{
|
||||||
EC_GROUP *group = NULL, *group2 = NULL;
|
EC_GROUP *group = NULL, *group2 = NULL;
|
||||||
@ -851,7 +1116,8 @@ static int parameter_test(void)
|
|||||||
unsigned char *buf = NULL;
|
unsigned char *buf = NULL;
|
||||||
int r = 0, len;
|
int r = 0, len;
|
||||||
|
|
||||||
if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_secp384r1))
|
/* must use a curve without a special group method */
|
||||||
|
if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_secp256k1))
|
||||||
|| !TEST_ptr(ecparameters = EC_GROUP_get_ecparameters(group, NULL))
|
|| !TEST_ptr(ecparameters = EC_GROUP_get_ecparameters(group, NULL))
|
||||||
|| !TEST_ptr(group2 = EC_GROUP_new_from_ecparameters(ecparameters))
|
|| !TEST_ptr(group2 = EC_GROUP_new_from_ecparameters(ecparameters))
|
||||||
|| !TEST_int_eq(EC_GROUP_cmp(group, group2, NULL), 0))
|
|| !TEST_int_eq(EC_GROUP_cmp(group, group2, NULL), 0))
|
||||||
@ -886,7 +1152,280 @@ err:
|
|||||||
OPENSSL_free(buf);
|
OPENSSL_free(buf);
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
|
/*-
|
||||||
|
* random 256-bit explicit parameters curve, cofactor absent
|
||||||
|
* order: 0x0c38d96a9f892b88772ec2e39614a82f4f (132 bit)
|
||||||
|
* cofactor: 0x12bc94785251297abfafddf1565100da (125 bit)
|
||||||
|
*/
|
||||||
|
static const unsigned char params_cf_pass[] = {
|
||||||
|
0x30, 0x81, 0xcd, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86,
|
||||||
|
0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xe5, 0x00, 0x1f, 0xc5,
|
||||||
|
0xca, 0x71, 0x9d, 0x8e, 0xf7, 0x07, 0x4b, 0x48, 0x37, 0xf9, 0x33, 0x2d,
|
||||||
|
0x71, 0xbf, 0x79, 0xe7, 0xdc, 0x91, 0xc2, 0xff, 0xb6, 0x7b, 0xc3, 0x93,
|
||||||
|
0x44, 0x88, 0xe6, 0x91, 0x30, 0x44, 0x04, 0x20, 0xe5, 0x00, 0x1f, 0xc5,
|
||||||
|
0xca, 0x71, 0x9d, 0x8e, 0xf7, 0x07, 0x4b, 0x48, 0x37, 0xf9, 0x33, 0x2d,
|
||||||
|
0x71, 0xbf, 0x79, 0xe7, 0xdc, 0x91, 0xc2, 0xff, 0xb6, 0x7b, 0xc3, 0x93,
|
||||||
|
0x44, 0x88, 0xe6, 0x8e, 0x04, 0x20, 0x18, 0x8c, 0x59, 0x57, 0xc4, 0xbc,
|
||||||
|
0x85, 0x57, 0xc3, 0x66, 0x9f, 0x89, 0xd5, 0x92, 0x0d, 0x7e, 0x42, 0x27,
|
||||||
|
0x07, 0x64, 0xaa, 0x26, 0xed, 0x89, 0xc4, 0x09, 0x05, 0x4d, 0xc7, 0x23,
|
||||||
|
0x47, 0xda, 0x04, 0x41, 0x04, 0x1b, 0x6b, 0x41, 0x0b, 0xf9, 0xfb, 0x77,
|
||||||
|
0xfd, 0x50, 0xb7, 0x3e, 0x23, 0xa3, 0xec, 0x9a, 0x3b, 0x09, 0x31, 0x6b,
|
||||||
|
0xfa, 0xf6, 0xce, 0x1f, 0xff, 0xeb, 0x57, 0x93, 0x24, 0x70, 0xf3, 0xf4,
|
||||||
|
0xba, 0x7e, 0xfa, 0x86, 0x6e, 0x19, 0x89, 0xe3, 0x55, 0x6d, 0x5a, 0xe9,
|
||||||
|
0xc0, 0x3d, 0xbc, 0xfb, 0xaf, 0xad, 0xd4, 0x7e, 0xa6, 0xe5, 0xfa, 0x1a,
|
||||||
|
0x58, 0x07, 0x9e, 0x8f, 0x0d, 0x3b, 0xf7, 0x38, 0xca, 0x02, 0x11, 0x0c,
|
||||||
|
0x38, 0xd9, 0x6a, 0x9f, 0x89, 0x2b, 0x88, 0x77, 0x2e, 0xc2, 0xe3, 0x96,
|
||||||
|
0x14, 0xa8, 0x2f, 0x4f
|
||||||
|
};
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* random 256-bit explicit parameters curve, cofactor absent
|
||||||
|
* order: 0x045a75c0c17228ebd9b169a10e34a22101 (131 bit)
|
||||||
|
* cofactor: 0x2e134b4ede82649f67a2e559d361e5fe (126 bit)
|
||||||
|
*/
|
||||||
|
static const unsigned char params_cf_fail[] = {
|
||||||
|
0x30, 0x81, 0xcd, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86,
|
||||||
|
0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xc8, 0x95, 0x27, 0x37,
|
||||||
|
0xe8, 0xe1, 0xfd, 0xcc, 0xf9, 0x6e, 0x0c, 0xa6, 0x21, 0xc1, 0x7d, 0x6b,
|
||||||
|
0x9d, 0x44, 0x42, 0xea, 0x73, 0x4e, 0x04, 0xb6, 0xac, 0x62, 0x50, 0xd0,
|
||||||
|
0x33, 0xc2, 0xea, 0x13, 0x30, 0x44, 0x04, 0x20, 0xc8, 0x95, 0x27, 0x37,
|
||||||
|
0xe8, 0xe1, 0xfd, 0xcc, 0xf9, 0x6e, 0x0c, 0xa6, 0x21, 0xc1, 0x7d, 0x6b,
|
||||||
|
0x9d, 0x44, 0x42, 0xea, 0x73, 0x4e, 0x04, 0xb6, 0xac, 0x62, 0x50, 0xd0,
|
||||||
|
0x33, 0xc2, 0xea, 0x10, 0x04, 0x20, 0xbf, 0xa6, 0xa8, 0x05, 0x1d, 0x09,
|
||||||
|
0xac, 0x70, 0x39, 0xbb, 0x4d, 0xb2, 0x90, 0x8a, 0x15, 0x41, 0x14, 0x1d,
|
||||||
|
0x11, 0x86, 0x9f, 0x13, 0xa2, 0x63, 0x1a, 0xda, 0x95, 0x22, 0x4d, 0x02,
|
||||||
|
0x15, 0x0a, 0x04, 0x41, 0x04, 0xaf, 0x16, 0x71, 0xf9, 0xc4, 0xc8, 0x59,
|
||||||
|
0x1d, 0xa3, 0x6f, 0xe7, 0xc3, 0x57, 0xa1, 0xfa, 0x9f, 0x49, 0x7c, 0x11,
|
||||||
|
0x27, 0x05, 0xa0, 0x7f, 0xff, 0xf9, 0xe0, 0xe7, 0x92, 0xdd, 0x9c, 0x24,
|
||||||
|
0x8e, 0xc7, 0xb9, 0x52, 0x71, 0x3f, 0xbc, 0x7f, 0x6a, 0x9f, 0x35, 0x70,
|
||||||
|
0xe1, 0x27, 0xd5, 0x35, 0x8a, 0x13, 0xfa, 0xa8, 0x33, 0x3e, 0xd4, 0x73,
|
||||||
|
0x1c, 0x14, 0x58, 0x9e, 0xc7, 0x0a, 0x87, 0x65, 0x8d, 0x02, 0x11, 0x04,
|
||||||
|
0x5a, 0x75, 0xc0, 0xc1, 0x72, 0x28, 0xeb, 0xd9, 0xb1, 0x69, 0xa1, 0x0e,
|
||||||
|
0x34, 0xa2, 0x21, 0x01
|
||||||
|
};
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* Test two random 256-bit explicit parameters curves with absent cofactor.
|
||||||
|
* The two curves are chosen to roughly straddle the bounds at which the lib
|
||||||
|
* can compute the cofactor automatically, roughly 4*sqrt(p). So test that:
|
||||||
|
*
|
||||||
|
* - params_cf_pass: order is sufficiently close to p to compute cofactor
|
||||||
|
* - params_cf_fail: order is too far away from p to compute cofactor
|
||||||
|
*
|
||||||
|
* For standards-compliant curves, cofactor is chosen as small as possible.
|
||||||
|
* So you can see neither of these curves are fit for cryptographic use.
|
||||||
|
*
|
||||||
|
* Some standards even mandate an upper bound on the cofactor, e.g. SECG1 v2:
|
||||||
|
* h <= 2**(t/8) where t is the security level of the curve, for which the lib
|
||||||
|
* will always succeed in computing the cofactor. Neither of these curves
|
||||||
|
* conform to that -- this is just robustness testing.
|
||||||
|
*/
|
||||||
|
static int cofactor_range_test(void)
|
||||||
|
{
|
||||||
|
EC_GROUP *group = NULL;
|
||||||
|
BIGNUM *cf = NULL;
|
||||||
|
int ret = 0;
|
||||||
|
const unsigned char *b1 = (const unsigned char *)params_cf_fail;
|
||||||
|
const unsigned char *b2 = (const unsigned char *)params_cf_pass;
|
||||||
|
|
||||||
|
if (!TEST_ptr(group = d2i_ECPKParameters(NULL, &b1, sizeof(params_cf_fail)))
|
||||||
|
|| !TEST_BN_eq_zero(EC_GROUP_get0_cofactor(group))
|
||||||
|
|| !TEST_ptr(group = d2i_ECPKParameters(&group, &b2,
|
||||||
|
sizeof(params_cf_pass)))
|
||||||
|
|| !TEST_int_gt(BN_hex2bn(&cf, "12bc94785251297abfafddf1565100da"), 0)
|
||||||
|
|| !TEST_BN_eq(cf, EC_GROUP_get0_cofactor(group)))
|
||||||
|
goto err;
|
||||||
|
ret = 1;
|
||||||
|
err:
|
||||||
|
BN_free(cf);
|
||||||
|
EC_GROUP_free(group);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* For named curves, test that:
|
||||||
|
* - the lib correctly computes the cofactor if passed a NULL or zero cofactor
|
||||||
|
* - a nonsensical cofactor throws an error (negative test)
|
||||||
|
* - nonsensical orders throw errors (negative tests)
|
||||||
|
*/
|
||||||
|
static int cardinality_test(int n)
|
||||||
|
{
|
||||||
|
int ret = 0;
|
||||||
|
int nid = curves[n].nid;
|
||||||
|
BN_CTX *ctx = NULL;
|
||||||
|
EC_GROUP *g1 = NULL, *g2 = NULL;
|
||||||
|
EC_POINT *g2_gen = NULL;
|
||||||
|
BIGNUM *g1_p = NULL, *g1_a = NULL, *g1_b = NULL, *g1_x = NULL, *g1_y = NULL,
|
||||||
|
*g1_order = NULL, *g1_cf = NULL, *g2_cf = NULL;
|
||||||
|
|
||||||
|
TEST_info("Curve %s cardinality test", OBJ_nid2sn(nid));
|
||||||
|
|
||||||
|
if (!TEST_ptr(ctx = BN_CTX_new())
|
||||||
|
|| !TEST_ptr(g1 = EC_GROUP_new_by_curve_name(nid))
|
||||||
|
|| !TEST_ptr(g2 = EC_GROUP_new(EC_GROUP_method_of(g1)))) {
|
||||||
|
EC_GROUP_free(g1);
|
||||||
|
EC_GROUP_free(g2);
|
||||||
|
BN_CTX_free(ctx);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
BN_CTX_start(ctx);
|
||||||
|
g1_p = BN_CTX_get(ctx);
|
||||||
|
g1_a = BN_CTX_get(ctx);
|
||||||
|
g1_b = BN_CTX_get(ctx);
|
||||||
|
g1_x = BN_CTX_get(ctx);
|
||||||
|
g1_y = BN_CTX_get(ctx);
|
||||||
|
g1_order = BN_CTX_get(ctx);
|
||||||
|
g1_cf = BN_CTX_get(ctx);
|
||||||
|
|
||||||
|
if (!TEST_ptr(g2_cf = BN_CTX_get(ctx))
|
||||||
|
/* pull out the explicit curve parameters */
|
||||||
|
|| !TEST_true(EC_GROUP_get_curve(g1, g1_p, g1_a, g1_b, ctx))
|
||||||
|
|| !TEST_true(EC_POINT_get_affine_coordinates(g1,
|
||||||
|
EC_GROUP_get0_generator(g1), g1_x, g1_y, ctx))
|
||||||
|
|| !TEST_true(BN_copy(g1_order, EC_GROUP_get0_order(g1)))
|
||||||
|
|| !TEST_true(EC_GROUP_get_cofactor(g1, g1_cf, ctx))
|
||||||
|
/* construct g2 manually with g1 parameters */
|
||||||
|
|| !TEST_true(EC_GROUP_set_curve(g2, g1_p, g1_a, g1_b, ctx))
|
||||||
|
|| !TEST_ptr(g2_gen = EC_POINT_new(g2))
|
||||||
|
|| !TEST_true(EC_POINT_set_affine_coordinates(g2, g2_gen, g1_x, g1_y, ctx))
|
||||||
|
/* pass NULL cofactor: lib should compute it */
|
||||||
|
|| !TEST_true(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL))
|
||||||
|
|| !TEST_true(EC_GROUP_get_cofactor(g2, g2_cf, ctx))
|
||||||
|
|| !TEST_BN_eq(g1_cf, g2_cf)
|
||||||
|
/* pass zero cofactor: lib should compute it */
|
||||||
|
|| !TEST_true(BN_set_word(g2_cf, 0))
|
||||||
|
|| !TEST_true(EC_GROUP_set_generator(g2, g2_gen, g1_order, g2_cf))
|
||||||
|
|| !TEST_true(EC_GROUP_get_cofactor(g2, g2_cf, ctx))
|
||||||
|
|| !TEST_BN_eq(g1_cf, g2_cf)
|
||||||
|
/* negative test for invalid cofactor */
|
||||||
|
|| !TEST_true(BN_set_word(g2_cf, 0))
|
||||||
|
|| !TEST_true(BN_sub(g2_cf, g2_cf, BN_value_one()))
|
||||||
|
|| !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, g2_cf))
|
||||||
|
/* negative test for NULL order */
|
||||||
|
|| !TEST_false(EC_GROUP_set_generator(g2, g2_gen, NULL, NULL))
|
||||||
|
/* negative test for zero order */
|
||||||
|
|| !TEST_true(BN_set_word(g1_order, 0))
|
||||||
|
|| !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL))
|
||||||
|
/* negative test for negative order */
|
||||||
|
|| !TEST_true(BN_set_word(g2_cf, 0))
|
||||||
|
|| !TEST_true(BN_sub(g2_cf, g2_cf, BN_value_one()))
|
||||||
|
|| !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL))
|
||||||
|
/* negative test for too large order */
|
||||||
|
|| !TEST_true(BN_lshift(g1_order, g1_p, 2))
|
||||||
|
|| !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL)))
|
||||||
|
goto err;
|
||||||
|
ret = 1;
|
||||||
|
err:
|
||||||
|
EC_POINT_free(g2_gen);
|
||||||
|
EC_GROUP_free(g1);
|
||||||
|
EC_GROUP_free(g2);
|
||||||
|
BN_CTX_end(ctx);
|
||||||
|
BN_CTX_free(ctx);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Helper for ec_point_hex2point_test
|
||||||
|
*
|
||||||
|
* Self-tests EC_POINT_point2hex() against EC_POINT_hex2point() for the given
|
||||||
|
* (group,P) pair.
|
||||||
|
*
|
||||||
|
* If P is NULL use point at infinity.
|
||||||
|
*/
|
||||||
|
static ossl_inline
|
||||||
|
int ec_point_hex2point_test_helper(const EC_GROUP *group, const EC_POINT *P,
|
||||||
|
point_conversion_form_t form,
|
||||||
|
BN_CTX *bnctx)
|
||||||
|
{
|
||||||
|
int ret = 0;
|
||||||
|
EC_POINT *Q = NULL, *Pinf = NULL;
|
||||||
|
char *hex = NULL;
|
||||||
|
|
||||||
|
if (P == NULL) {
|
||||||
|
/* If P is NULL use point at infinity. */
|
||||||
|
if (!TEST_ptr(Pinf = EC_POINT_new(group))
|
||||||
|
|| !TEST_true(EC_POINT_set_to_infinity(group, Pinf)))
|
||||||
|
goto err;
|
||||||
|
P = Pinf;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!TEST_ptr(hex = EC_POINT_point2hex(group, P, form, bnctx))
|
||||||
|
|| !TEST_ptr(Q = EC_POINT_hex2point(group, hex, NULL, bnctx))
|
||||||
|
|| !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, bnctx)))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The next check is most likely superfluous, as EC_POINT_cmp should already
|
||||||
|
* cover this.
|
||||||
|
* Nonetheless it increases the test coverage for EC_POINT_is_at_infinity,
|
||||||
|
* so we include it anyway!
|
||||||
|
*/
|
||||||
|
if (Pinf != NULL
|
||||||
|
&& !TEST_true(EC_POINT_is_at_infinity(group, Q)))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
ret = 1;
|
||||||
|
|
||||||
|
err:
|
||||||
|
EC_POINT_free(Pinf);
|
||||||
|
OPENSSL_free(hex);
|
||||||
|
EC_POINT_free(Q);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This test self-validates EC_POINT_hex2point() and EC_POINT_point2hex()
|
||||||
|
*/
|
||||||
|
static int ec_point_hex2point_test(int id)
|
||||||
|
{
|
||||||
|
int ret = 0, nid;
|
||||||
|
EC_GROUP *group = NULL;
|
||||||
|
const EC_POINT *G = NULL;
|
||||||
|
EC_POINT *P = NULL;
|
||||||
|
BN_CTX * bnctx = NULL;
|
||||||
|
|
||||||
|
/* Do some setup */
|
||||||
|
nid = curves[id].nid;
|
||||||
|
if (!TEST_ptr(bnctx = BN_CTX_new())
|
||||||
|
|| !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))
|
||||||
|
|| !TEST_ptr(G = EC_GROUP_get0_generator(group))
|
||||||
|
|| !TEST_ptr(P = EC_POINT_dup(G, group)))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
if (!TEST_true(ec_point_hex2point_test_helper(group, P,
|
||||||
|
POINT_CONVERSION_COMPRESSED,
|
||||||
|
bnctx))
|
||||||
|
|| !TEST_true(ec_point_hex2point_test_helper(group, NULL,
|
||||||
|
POINT_CONVERSION_COMPRESSED,
|
||||||
|
bnctx))
|
||||||
|
|| !TEST_true(ec_point_hex2point_test_helper(group, P,
|
||||||
|
POINT_CONVERSION_UNCOMPRESSED,
|
||||||
|
bnctx))
|
||||||
|
|| !TEST_true(ec_point_hex2point_test_helper(group, NULL,
|
||||||
|
POINT_CONVERSION_UNCOMPRESSED,
|
||||||
|
bnctx))
|
||||||
|
|| !TEST_true(ec_point_hex2point_test_helper(group, P,
|
||||||
|
POINT_CONVERSION_HYBRID,
|
||||||
|
bnctx))
|
||||||
|
|| !TEST_true(ec_point_hex2point_test_helper(group, NULL,
|
||||||
|
POINT_CONVERSION_HYBRID,
|
||||||
|
bnctx)))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
ret = 1;
|
||||||
|
|
||||||
|
err:
|
||||||
|
EC_POINT_free(P);
|
||||||
|
EC_GROUP_free(group);
|
||||||
|
BN_CTX_free(bnctx);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif /* OPENSSL_NO_EC */
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
@ -897,6 +1436,8 @@ int setup_tests(void)
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
ADD_TEST(parameter_test);
|
ADD_TEST(parameter_test);
|
||||||
|
ADD_TEST(cofactor_range_test);
|
||||||
|
ADD_ALL_TESTS(cardinality_test, crv_len);
|
||||||
ADD_TEST(prime_field_tests);
|
ADD_TEST(prime_field_tests);
|
||||||
# ifndef OPENSSL_NO_EC2M
|
# ifndef OPENSSL_NO_EC2M
|
||||||
ADD_TEST(char2_field_tests);
|
ADD_TEST(char2_field_tests);
|
||||||
@ -908,7 +1449,10 @@ int setup_tests(void)
|
|||||||
# endif
|
# endif
|
||||||
ADD_ALL_TESTS(internal_curve_test, crv_len);
|
ADD_ALL_TESTS(internal_curve_test, crv_len);
|
||||||
ADD_ALL_TESTS(internal_curve_test_method, crv_len);
|
ADD_ALL_TESTS(internal_curve_test_method, crv_len);
|
||||||
#endif
|
|
||||||
|
ADD_ALL_TESTS(check_named_curve_from_ecparameters, crv_len);
|
||||||
|
ADD_ALL_TESTS(ec_point_hex2point_test, crv_len);
|
||||||
|
#endif /* OPENSSL_NO_EC */
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,12 +0,0 @@
|
|||||||
diff -up openssl-1.1.0-pre5/Configurations/unix-Makefile.tmpl.nohtml openssl-1.1.0-pre5/Configurations/unix-Makefile.tmpl
|
|
||||||
--- openssl-1.1.0-pre5/Configurations/unix-Makefile.tmpl.no-html 2016-04-19 16:57:52.000000000 +0200
|
|
||||||
+++ openssl-1.1.0-pre5/Configurations/unix-Makefile.tmpl 2016-07-18 13:58:55.060106243 +0200
|
|
||||||
@@ -288,7 +288,7 @@ install_sw: all install_dev install_engi
|
|
||||||
|
|
||||||
uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev
|
|
||||||
|
|
||||||
-install_docs: install_man_docs install_html_docs
|
|
||||||
+install_docs: install_man_docs
|
|
||||||
|
|
||||||
uninstall_docs: uninstall_man_docs uninstall_html_docs
|
|
||||||
$(RM) -r -v $(DESTDIR)$(DOCDIR)
|
|
27
SOURCES/openssl-1.1.1-alpn-cb.patch
Normal file
27
SOURCES/openssl-1.1.1-alpn-cb.patch
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
commit 9e885a707d604e9528b5491b78fb9c00f41193fc
|
||||||
|
Author: Tomas Mraz <tmraz@fedoraproject.org>
|
||||||
|
Date: Thu Mar 26 15:59:00 2020 +0100
|
||||||
|
|
||||||
|
s_server: Properly indicate ALPN protocol mismatch
|
||||||
|
|
||||||
|
Return SSL_TLSEXT_ERR_ALERT_FATAL from alpn_select_cb so that
|
||||||
|
an alert is sent to the client on ALPN protocol mismatch.
|
||||||
|
|
||||||
|
Fixes: #2708
|
||||||
|
|
||||||
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
||||||
|
(Merged from https://github.com/openssl/openssl/pull/11415)
|
||||||
|
|
||||||
|
diff --git a/apps/s_server.c b/apps/s_server.c
|
||||||
|
index bcc83e562c..591c6c19c5 100644
|
||||||
|
--- a/apps/s_server.c
|
||||||
|
+++ b/apps/s_server.c
|
||||||
|
@@ -707,7 +707,7 @@ static int alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen,
|
||||||
|
if (SSL_select_next_proto
|
||||||
|
((unsigned char **)out, outlen, alpn_ctx->data, alpn_ctx->len, in,
|
||||||
|
inlen) != OPENSSL_NPN_NEGOTIATED) {
|
||||||
|
- return SSL_TLSEXT_ERR_NOACK;
|
||||||
|
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!s_quiet) {
|
@ -1,28 +1,7 @@
|
|||||||
diff -up openssl-1.1.1-pre8/Configurations/unix-Makefile.tmpl.build openssl-1.1.1-pre8/Configurations/unix-Makefile.tmpl
|
diff -up openssl-1.1.1f/Configurations/10-main.conf.build openssl-1.1.1f/Configurations/10-main.conf
|
||||||
--- openssl-1.1.1-pre8/Configurations/unix-Makefile.tmpl.build 2018-06-20 16:48:09.000000000 +0200
|
--- openssl-1.1.1f/Configurations/10-main.conf.build 2020-03-31 14:17:45.000000000 +0200
|
||||||
+++ openssl-1.1.1-pre8/Configurations/unix-Makefile.tmpl 2018-07-16 17:15:38.108831031 +0200
|
+++ openssl-1.1.1f/Configurations/10-main.conf 2020-04-07 16:42:10.920546387 +0200
|
||||||
@@ -680,7 +680,7 @@ uninstall_runtime:
|
@@ -678,6 +678,7 @@ my %targets = (
|
||||||
install_man_docs:
|
|
||||||
@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
|
|
||||||
@$(ECHO) "*** Installing manpages"
|
|
||||||
- $(PERL) $(SRCDIR)/util/process_docs.pl \
|
|
||||||
+ TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
|
|
||||||
--destdir=$(DESTDIR)$(MANDIR) --type=man --suffix=$(MANSUFFIX)
|
|
||||||
|
|
||||||
uninstall_man_docs:
|
|
||||||
@@ -692,7 +692,7 @@ uninstall_man_docs:
|
|
||||||
install_html_docs:
|
|
||||||
@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
|
|
||||||
@$(ECHO) "*** Installing HTML manpages"
|
|
||||||
- $(PERL) $(SRCDIR)/util/process_docs.pl \
|
|
||||||
+ TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
|
|
||||||
--destdir=$(DESTDIR)$(HTMLDIR) --type=html
|
|
||||||
|
|
||||||
uninstall_html_docs:
|
|
||||||
diff -up openssl-1.1.1-pre8/Configurations/10-main.conf.build openssl-1.1.1-pre8/Configurations/10-main.conf
|
|
||||||
--- openssl-1.1.1-pre8/Configurations/10-main.conf.build 2018-06-20 16:48:09.000000000 +0200
|
|
||||||
+++ openssl-1.1.1-pre8/Configurations/10-main.conf 2018-07-16 17:17:10.312045203 +0200
|
|
||||||
@@ -693,6 +693,7 @@ my %targets = (
|
|
||||||
cxxflags => add("-m64"),
|
cxxflags => add("-m64"),
|
||||||
lib_cppflags => add("-DL_ENDIAN"),
|
lib_cppflags => add("-DL_ENDIAN"),
|
||||||
perlasm_scheme => "linux64le",
|
perlasm_scheme => "linux64le",
|
||||||
@ -30,7 +9,7 @@ diff -up openssl-1.1.1-pre8/Configurations/10-main.conf.build openssl-1.1.1-pre8
|
|||||||
},
|
},
|
||||||
|
|
||||||
"linux-armv4" => {
|
"linux-armv4" => {
|
||||||
@@ -733,6 +734,7 @@ my %targets = (
|
@@ -718,6 +719,7 @@ my %targets = (
|
||||||
"linux-aarch64" => {
|
"linux-aarch64" => {
|
||||||
inherit_from => [ "linux-generic64", asm("aarch64_asm") ],
|
inherit_from => [ "linux-generic64", asm("aarch64_asm") ],
|
||||||
perlasm_scheme => "linux64",
|
perlasm_scheme => "linux64",
|
||||||
@ -38,3 +17,24 @@ diff -up openssl-1.1.1-pre8/Configurations/10-main.conf.build openssl-1.1.1-pre8
|
|||||||
},
|
},
|
||||||
"linux-arm64ilp32" => { # https://wiki.linaro.org/Platform/arm64-ilp32
|
"linux-arm64ilp32" => { # https://wiki.linaro.org/Platform/arm64-ilp32
|
||||||
inherit_from => [ "linux-generic32", asm("aarch64_asm") ],
|
inherit_from => [ "linux-generic32", asm("aarch64_asm") ],
|
||||||
|
diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build openssl-1.1.1f/Configurations/unix-Makefile.tmpl
|
||||||
|
--- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build 2020-04-07 16:42:10.920546387 +0200
|
||||||
|
+++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl 2020-04-07 16:44:23.539142108 +0200
|
||||||
|
@@ -823,7 +823,7 @@ uninstall_runtime_libs:
|
||||||
|
install_man_docs:
|
||||||
|
@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
|
||||||
|
@$(ECHO) "*** Installing manpages"
|
||||||
|
- $(PERL) $(SRCDIR)/util/process_docs.pl \
|
||||||
|
+ TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
|
||||||
|
"--destdir=$(DESTDIR)$(MANDIR)" --type=man --suffix=$(MANSUFFIX)
|
||||||
|
|
||||||
|
uninstall_man_docs:
|
||||||
|
@@ -835,7 +835,7 @@ uninstall_man_docs:
|
||||||
|
install_html_docs:
|
||||||
|
@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
|
||||||
|
@$(ECHO) "*** Installing HTML manpages"
|
||||||
|
- $(PERL) $(SRCDIR)/util/process_docs.pl \
|
||||||
|
+ TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
|
||||||
|
"--destdir=$(DESTDIR)$(HTMLDIR)" --type=html
|
||||||
|
|
||||||
|
uninstall_html_docs:
|
||||||
|
@ -1,171 +0,0 @@
|
|||||||
From 30c22fa8b1d840036b8e203585738df62a03cec8 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Billy Brumley <bbrumley@gmail.com>
|
|
||||||
Date: Thu, 5 Sep 2019 21:25:37 +0300
|
|
||||||
Subject: [PATCH] [crypto/ec] for ECC parameters with NULL or zero cofactor,
|
|
||||||
compute it
|
|
||||||
|
|
||||||
The cofactor argument to EC_GROUP_set_generator is optional, and SCA
|
|
||||||
mitigations for ECC currently use it. So the library currently falls
|
|
||||||
back to very old SCA-vulnerable code if the cofactor is not present.
|
|
||||||
|
|
||||||
This PR allows EC_GROUP_set_generator to compute the cofactor for all
|
|
||||||
curves of cryptographic interest. Steering scalar multiplication to more
|
|
||||||
SCA-robust code.
|
|
||||||
|
|
||||||
This issue affects persisted private keys in explicit parameter form,
|
|
||||||
where the (optional) cofactor field is zero or absent.
|
|
||||||
|
|
||||||
It also affects curves not built-in to the library, but constructed
|
|
||||||
programatically with explicit parameters, then calling
|
|
||||||
EC_GROUP_set_generator with a nonsensical value (NULL, zero).
|
|
||||||
|
|
||||||
The very old scalar multiplication code is known to be vulnerable to
|
|
||||||
local uarch attacks, outside of the OpenSSL threat model. New results
|
|
||||||
suggest the code path is also vulnerable to traditional wall clock
|
|
||||||
timing attacks.
|
|
||||||
|
|
||||||
CVE-2019-1547
|
|
||||||
|
|
||||||
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
||||||
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
|
|
||||||
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
|
|
||||||
(Merged from https://github.com/openssl/openssl/pull/9781)
|
|
||||||
---
|
|
||||||
crypto/ec/ec_lib.c | 103 ++++++++++++++++++++++++++++++++++++++++++---
|
|
||||||
1 file changed, 96 insertions(+), 7 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
|
|
||||||
index 8cab5a5061..1289c8608e 100644
|
|
||||||
--- a/crypto/ec/ec_lib.c
|
|
||||||
+++ b/crypto/ec/ec_lib.c
|
|
||||||
@@ -265,6 +265,67 @@ int EC_METHOD_get_field_type(const EC_METHOD *meth)
|
|
||||||
|
|
||||||
static int ec_precompute_mont_data(EC_GROUP *);
|
|
||||||
|
|
||||||
+/*-
|
|
||||||
+ * Try computing cofactor from the generator order (n) and field cardinality (q).
|
|
||||||
+ * This works for all curves of cryptographic interest.
|
|
||||||
+ *
|
|
||||||
+ * Hasse thm: q + 1 - 2*sqrt(q) <= n*h <= q + 1 + 2*sqrt(q)
|
|
||||||
+ * h_min = (q + 1 - 2*sqrt(q))/n
|
|
||||||
+ * h_max = (q + 1 + 2*sqrt(q))/n
|
|
||||||
+ * h_max - h_min = 4*sqrt(q)/n
|
|
||||||
+ * So if n > 4*sqrt(q) holds, there is only one possible value for h:
|
|
||||||
+ * h = \lfloor (h_min + h_max)/2 \rceil = \lfloor (q + 1)/n \rceil
|
|
||||||
+ *
|
|
||||||
+ * Otherwise, zero cofactor and return success.
|
|
||||||
+ */
|
|
||||||
+static int ec_guess_cofactor(EC_GROUP *group) {
|
|
||||||
+ int ret = 0;
|
|
||||||
+ BN_CTX *ctx = NULL;
|
|
||||||
+ BIGNUM *q = NULL;
|
|
||||||
+
|
|
||||||
+ /*-
|
|
||||||
+ * If the cofactor is too large, we cannot guess it.
|
|
||||||
+ * The RHS of below is a strict overestimate of lg(4 * sqrt(q))
|
|
||||||
+ */
|
|
||||||
+ if (BN_num_bits(group->order) <= (BN_num_bits(group->field) + 1) / 2 + 3) {
|
|
||||||
+ /* default to 0 */
|
|
||||||
+ BN_zero(group->cofactor);
|
|
||||||
+ /* return success */
|
|
||||||
+ return 1;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if ((ctx = BN_CTX_new()) == NULL)
|
|
||||||
+ return 0;
|
|
||||||
+
|
|
||||||
+ BN_CTX_start(ctx);
|
|
||||||
+ if ((q = BN_CTX_get(ctx)) == NULL)
|
|
||||||
+ goto err;
|
|
||||||
+
|
|
||||||
+ /* set q = 2**m for binary fields; q = p otherwise */
|
|
||||||
+ if (group->meth->field_type == NID_X9_62_characteristic_two_field) {
|
|
||||||
+ BN_zero(q);
|
|
||||||
+ if (!BN_set_bit(q, BN_num_bits(group->field) - 1))
|
|
||||||
+ goto err;
|
|
||||||
+ } else {
|
|
||||||
+ if (!BN_copy(q, group->field))
|
|
||||||
+ goto err;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ /* compute h = \lfloor (q + 1)/n \rceil = \lfloor (q + 1 + n/2)/n \rfloor */
|
|
||||||
+ if (!BN_rshift1(group->cofactor, group->order) /* n/2 */
|
|
||||||
+ || !BN_add(group->cofactor, group->cofactor, q) /* q + n/2 */
|
|
||||||
+ /* q + 1 + n/2 */
|
|
||||||
+ || !BN_add(group->cofactor, group->cofactor, BN_value_one())
|
|
||||||
+ /* (q + 1 + n/2)/n */
|
|
||||||
+ || !BN_div(group->cofactor, NULL, group->cofactor, group->order, ctx))
|
|
||||||
+ goto err;
|
|
||||||
+ ret = 1;
|
|
||||||
+ err:
|
|
||||||
+ BN_CTX_end(ctx);
|
|
||||||
+ BN_CTX_free(ctx);
|
|
||||||
+ return ret;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
|
|
||||||
const BIGNUM *order, const BIGNUM *cofactor)
|
|
||||||
{
|
|
||||||
@@ -273,6 +334,34 @@ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ /* require group->field >= 1 */
|
|
||||||
+ if (group->field == NULL || BN_is_zero(group->field)
|
|
||||||
+ || BN_is_negative(group->field)) {
|
|
||||||
+ ECerr(EC_F_EC_GROUP_SET_GENERATOR, EC_R_INVALID_FIELD);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ /*-
|
|
||||||
+ * - require order >= 1
|
|
||||||
+ * - enforce upper bound due to Hasse thm: order can be no more than one bit
|
|
||||||
+ * longer than field cardinality
|
|
||||||
+ */
|
|
||||||
+ if (order == NULL || BN_is_zero(order) || BN_is_negative(order)
|
|
||||||
+ || BN_num_bits(order) > BN_num_bits(group->field) + 1) {
|
|
||||||
+ ECerr(EC_F_EC_GROUP_SET_GENERATOR, EC_R_INVALID_GROUP_ORDER);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ /*-
|
|
||||||
+ * Unfortunately the cofactor is an optional field in many standards.
|
|
||||||
+ * Internally, the lib uses 0 cofactor as a marker for "unknown cofactor".
|
|
||||||
+ * So accept cofactor == NULL or cofactor >= 0.
|
|
||||||
+ */
|
|
||||||
+ if (cofactor != NULL && BN_is_negative(cofactor)) {
|
|
||||||
+ ECerr(EC_F_EC_GROUP_SET_GENERATOR, EC_R_UNKNOWN_COFACTOR);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
if (group->generator == NULL) {
|
|
||||||
group->generator = EC_POINT_new(group);
|
|
||||||
if (group->generator == NULL)
|
|
||||||
@@ -281,17 +370,17 @@ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
|
|
||||||
if (!EC_POINT_copy(group->generator, generator))
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
- if (order != NULL) {
|
|
||||||
- if (!BN_copy(group->order, order))
|
|
||||||
- return 0;
|
|
||||||
- } else
|
|
||||||
- BN_zero(group->order);
|
|
||||||
+ if (!BN_copy(group->order, order))
|
|
||||||
+ return 0;
|
|
||||||
|
|
||||||
- if (cofactor != NULL) {
|
|
||||||
+ /* Either take the provided positive cofactor, or try to compute it */
|
|
||||||
+ if (cofactor != NULL && !BN_is_zero(cofactor)) {
|
|
||||||
if (!BN_copy(group->cofactor, cofactor))
|
|
||||||
return 0;
|
|
||||||
- } else
|
|
||||||
+ } else if (!ec_guess_cofactor(group)) {
|
|
||||||
BN_zero(group->cofactor);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Some groups have an order with
|
|
||||||
--
|
|
||||||
2.20.1
|
|
||||||
|
|
@ -1,300 +0,0 @@
|
|||||||
diff -up openssl-1.1.1c/crypto/fips/fips.c.fork-safety openssl-1.1.1c/crypto/fips/fips.c
|
|
||||||
--- openssl-1.1.1c/crypto/fips/fips.c.fork-safety 2019-11-20 11:36:22.343506961 +0100
|
|
||||||
+++ openssl-1.1.1c/crypto/fips/fips.c 2019-11-21 17:44:32.920776849 +0100
|
|
||||||
@@ -472,7 +472,7 @@ int FIPS_module_mode_set(int onoff)
|
|
||||||
|
|
||||||
fips_set_mode(onoff);
|
|
||||||
/* force RNG reseed with entropy from getrandom() on next call */
|
|
||||||
- rand_fork();
|
|
||||||
+ rand_force_reseed();
|
|
||||||
|
|
||||||
ret = 1;
|
|
||||||
goto end;
|
|
||||||
diff -up openssl-1.1.1c/crypto/include/internal/rand_int.h.fork-safety openssl-1.1.1c/crypto/include/internal/rand_int.h
|
|
||||||
--- openssl-1.1.1c/crypto/include/internal/rand_int.h.fork-safety 2019-11-20 11:36:22.382506277 +0100
|
|
||||||
+++ openssl-1.1.1c/crypto/include/internal/rand_int.h 2019-11-21 17:45:42.102456672 +0100
|
|
||||||
@@ -24,9 +24,9 @@
|
|
||||||
typedef struct rand_pool_st RAND_POOL;
|
|
||||||
|
|
||||||
void rand_cleanup_int(void);
|
|
||||||
+void rand_force_reseed(void);
|
|
||||||
void rand_drbg_cleanup_int(void);
|
|
||||||
void drbg_delete_thread_state(void);
|
|
||||||
-void rand_fork(void);
|
|
||||||
|
|
||||||
/* Hardware-based seeding functions. */
|
|
||||||
size_t rand_acquire_entropy_from_tsc(RAND_POOL *pool);
|
|
||||||
diff -up openssl-1.1.1c/crypto/init.c.fork-safety openssl-1.1.1c/crypto/init.c
|
|
||||||
--- openssl-1.1.1c/crypto/init.c.fork-safety 2019-05-28 15:12:21.000000000 +0200
|
|
||||||
+++ openssl-1.1.1c/crypto/init.c 2019-11-21 17:34:13.478597398 +0100
|
|
||||||
@@ -847,6 +847,5 @@ void OPENSSL_fork_parent(void)
|
|
||||||
|
|
||||||
void OPENSSL_fork_child(void)
|
|
||||||
{
|
|
||||||
- rand_fork();
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
diff -up openssl-1.1.1c/crypto/rand/drbg_lib.c.fork-safety openssl-1.1.1c/crypto/rand/drbg_lib.c
|
|
||||||
--- openssl-1.1.1c/crypto/rand/drbg_lib.c.fork-safety 2019-11-20 11:36:22.383506260 +0100
|
|
||||||
+++ openssl-1.1.1c/crypto/rand/drbg_lib.c 2019-11-21 17:46:37.583397431 +0100
|
|
||||||
@@ -197,7 +197,7 @@ static RAND_DRBG *rand_drbg_new(int secu
|
|
||||||
}
|
|
||||||
|
|
||||||
drbg->secure = secure && CRYPTO_secure_allocated(drbg);
|
|
||||||
- drbg->fork_count = rand_fork_count;
|
|
||||||
+ drbg->fork_id = openssl_get_fork_id();
|
|
||||||
drbg->parent = parent;
|
|
||||||
|
|
||||||
if (parent == NULL) {
|
|
||||||
@@ -583,6 +583,7 @@ int RAND_DRBG_generate(RAND_DRBG *drbg,
|
|
||||||
int prediction_resistance,
|
|
||||||
const unsigned char *adin, size_t adinlen)
|
|
||||||
{
|
|
||||||
+ int fork_id;
|
|
||||||
int reseed_required = 0;
|
|
||||||
|
|
||||||
if (drbg->state != DRBG_READY) {
|
|
||||||
@@ -608,8 +609,10 @@ int RAND_DRBG_generate(RAND_DRBG *drbg,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (drbg->fork_count != rand_fork_count) {
|
|
||||||
- drbg->fork_count = rand_fork_count;
|
|
||||||
+ fork_id = openssl_get_fork_id();
|
|
||||||
+
|
|
||||||
+ if (drbg->fork_id != fork_id) {
|
|
||||||
+ drbg->fork_id = fork_id;
|
|
||||||
reseed_required = 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -1011,6 +1014,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg
|
|
||||||
return min_entropy > min_entropylen ? min_entropy : min_entropylen;
|
|
||||||
}
|
|
||||||
|
|
||||||
+void rand_force_reseed(void)
|
|
||||||
+{
|
|
||||||
+ RAND_DRBG *drbg;
|
|
||||||
+
|
|
||||||
+ drbg = RAND_DRBG_get0_master();
|
|
||||||
+ drbg->fork_id = 0;
|
|
||||||
+
|
|
||||||
+ drbg = RAND_DRBG_get0_private();
|
|
||||||
+ drbg->fork_id = 0;
|
|
||||||
+
|
|
||||||
+ drbg = RAND_DRBG_get0_public();
|
|
||||||
+ drbg->fork_id = 0;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
/* Implements the default OpenSSL RAND_add() method */
|
|
||||||
static int drbg_add(const void *buf, int num, double randomness)
|
|
||||||
{
|
|
||||||
diff -up openssl-1.1.1c/crypto/rand/rand_lcl.h.fork-safety openssl-1.1.1c/crypto/rand/rand_lcl.h
|
|
||||||
--- openssl-1.1.1c/crypto/rand/rand_lcl.h.fork-safety 2019-11-20 11:36:22.383506260 +0100
|
|
||||||
+++ openssl-1.1.1c/crypto/rand/rand_lcl.h 2019-11-21 17:34:13.485597265 +0100
|
|
||||||
@@ -176,12 +176,12 @@ struct rand_drbg_st {
|
|
||||||
int secure; /* 1: allocated on the secure heap, 0: otherwise */
|
|
||||||
int type; /* the nid of the underlying algorithm */
|
|
||||||
/*
|
|
||||||
- * Stores the value of the rand_fork_count global as of when we last
|
|
||||||
- * reseeded. The DRBG reseeds automatically whenever drbg->fork_count !=
|
|
||||||
- * rand_fork_count. Used to provide fork-safety and reseed this DRBG in
|
|
||||||
- * the child process.
|
|
||||||
+ * Stores the return value of openssl_get_fork_id() as of when we last
|
|
||||||
+ * reseeded. The DRBG reseeds automatically whenever drbg->fork_id !=
|
|
||||||
+ * openssl_get_fork_id(). Used to provide fork-safety and reseed this
|
|
||||||
+ * DRBG in the child process.
|
|
||||||
*/
|
|
||||||
- int fork_count;
|
|
||||||
+ int fork_id;
|
|
||||||
unsigned short flags; /* various external flags */
|
|
||||||
|
|
||||||
/*
|
|
||||||
@@ -273,19 +273,6 @@ struct rand_drbg_st {
|
|
||||||
/* The global RAND method, and the global buffer and DRBG instance. */
|
|
||||||
extern RAND_METHOD rand_meth;
|
|
||||||
|
|
||||||
-/*
|
|
||||||
- * A "generation count" of forks. Incremented in the child process after a
|
|
||||||
- * fork. Since rand_fork_count is increment-only, and only ever written to in
|
|
||||||
- * the child process of the fork, which is guaranteed to be single-threaded, no
|
|
||||||
- * locking is needed for normal (read) accesses; the rest of pthread fork
|
|
||||||
- * processing is assumed to introduce the necessary memory barriers. Sibling
|
|
||||||
- * children of a given parent will produce duplicate values, but this is not
|
|
||||||
- * problematic because the reseeding process pulls input from the system CSPRNG
|
|
||||||
- * and/or other global sources, so the siblings will end up generating
|
|
||||||
- * different output streams.
|
|
||||||
- */
|
|
||||||
-extern int rand_fork_count;
|
|
||||||
-
|
|
||||||
/* DRBG helpers */
|
|
||||||
int rand_drbg_restart(RAND_DRBG *drbg,
|
|
||||||
const unsigned char *buffer, size_t len, size_t entropy);
|
|
||||||
diff -up openssl-1.1.1c/crypto/rand/rand_lib.c.fork-safety openssl-1.1.1c/crypto/rand/rand_lib.c
|
|
||||||
--- openssl-1.1.1c/crypto/rand/rand_lib.c.fork-safety 2019-11-20 11:36:22.374506418 +0100
|
|
||||||
+++ openssl-1.1.1c/crypto/rand/rand_lib.c 2019-11-21 17:34:13.487597227 +0100
|
|
||||||
@@ -30,8 +30,6 @@ static CRYPTO_RWLOCK *rand_meth_lock;
|
|
||||||
static const RAND_METHOD *default_RAND_meth;
|
|
||||||
static CRYPTO_ONCE rand_init = CRYPTO_ONCE_STATIC_INIT;
|
|
||||||
|
|
||||||
-int rand_fork_count;
|
|
||||||
-
|
|
||||||
static CRYPTO_RWLOCK *rand_nonce_lock;
|
|
||||||
static int rand_nonce_count;
|
|
||||||
|
|
||||||
@@ -303,11 +301,6 @@ void rand_drbg_cleanup_additional_data(R
|
|
||||||
rand_pool_reattach(pool, out);
|
|
||||||
}
|
|
||||||
|
|
||||||
-void rand_fork(void)
|
|
||||||
-{
|
|
||||||
- rand_fork_count++;
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
DEFINE_RUN_ONCE_STATIC(do_rand_init)
|
|
||||||
{
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
diff -up openssl-1.1.1c/crypto/threads_none.c.fork-safety openssl-1.1.1c/crypto/threads_none.c
|
|
||||||
--- openssl-1.1.1c/crypto/threads_none.c.fork-safety 2019-05-28 15:12:21.000000000 +0200
|
|
||||||
+++ openssl-1.1.1c/crypto/threads_none.c 2019-11-21 17:34:13.489597189 +0100
|
|
||||||
@@ -12,6 +12,11 @@
|
|
||||||
|
|
||||||
#if !defined(OPENSSL_THREADS) || defined(CRYPTO_TDEBUG)
|
|
||||||
|
|
||||||
+# if defined(OPENSSL_SYS_UNIX)
|
|
||||||
+# include <sys/types.h>
|
|
||||||
+# include <unistd.h>
|
|
||||||
+# endif
|
|
||||||
+
|
|
||||||
CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void)
|
|
||||||
{
|
|
||||||
CRYPTO_RWLOCK *lock;
|
|
||||||
@@ -133,4 +138,12 @@ int openssl_init_fork_handlers(void)
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+int openssl_get_fork_id(void)
|
|
||||||
+{
|
|
||||||
+# if defined(OPENSSL_SYS_UNIX)
|
|
||||||
+ return getpid();
|
|
||||||
+# else
|
|
||||||
+ return 0;
|
|
||||||
+# endif
|
|
||||||
+}
|
|
||||||
#endif
|
|
||||||
diff -up openssl-1.1.1c/crypto/threads_pthread.c.fork-safety openssl-1.1.1c/crypto/threads_pthread.c
|
|
||||||
--- openssl-1.1.1c/crypto/threads_pthread.c.fork-safety 2019-05-28 15:12:21.000000000 +0200
|
|
||||||
+++ openssl-1.1.1c/crypto/threads_pthread.c 2019-11-21 17:34:13.492597131 +0100
|
|
||||||
@@ -12,6 +12,11 @@
|
|
||||||
|
|
||||||
#if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG) && !defined(OPENSSL_SYS_WINDOWS)
|
|
||||||
|
|
||||||
+# if defined(OPENSSL_SYS_UNIX)
|
|
||||||
+# include <sys/types.h>
|
|
||||||
+# include <unistd.h>
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
# ifdef PTHREAD_RWLOCK_INITIALIZER
|
|
||||||
# define USE_RWLOCK
|
|
||||||
# endif
|
|
||||||
@@ -193,4 +198,9 @@ int openssl_init_fork_handlers(void)
|
|
||||||
# endif
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+int openssl_get_fork_id(void)
|
|
||||||
+{
|
|
||||||
+ return getpid();
|
|
||||||
+}
|
|
||||||
#endif
|
|
||||||
diff -up openssl-1.1.1c/crypto/threads_win.c.fork-safety openssl-1.1.1c/crypto/threads_win.c
|
|
||||||
--- openssl-1.1.1c/crypto/threads_win.c.fork-safety 2019-05-28 15:12:21.000000000 +0200
|
|
||||||
+++ openssl-1.1.1c/crypto/threads_win.c 2019-11-21 17:34:13.495597074 +0100
|
|
||||||
@@ -164,4 +164,8 @@ int openssl_init_fork_handlers(void)
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+int openssl_get_fork_id(void)
|
|
||||||
+{
|
|
||||||
+ return 0;
|
|
||||||
+}
|
|
||||||
#endif
|
|
||||||
diff -up openssl-1.1.1c/include/internal/cryptlib.h.fork-safety openssl-1.1.1c/include/internal/cryptlib.h
|
|
||||||
--- openssl-1.1.1c/include/internal/cryptlib.h.fork-safety 2019-05-28 15:12:21.000000000 +0200
|
|
||||||
+++ openssl-1.1.1c/include/internal/cryptlib.h 2019-11-21 17:34:13.497597036 +0100
|
|
||||||
@@ -80,6 +80,7 @@ extern unsigned int OPENSSL_ia32cap_P[];
|
|
||||||
void OPENSSL_showfatal(const char *fmta, ...);
|
|
||||||
void crypto_cleanup_all_ex_data_int(void);
|
|
||||||
int openssl_init_fork_handlers(void);
|
|
||||||
+int openssl_get_fork_id(void);
|
|
||||||
|
|
||||||
char *ossl_safe_getenv(const char *name);
|
|
||||||
|
|
||||||
diff -up openssl-1.1.1c/test/drbgtest.c.fork-safety openssl-1.1.1c/test/drbgtest.c
|
|
||||||
--- openssl-1.1.1c/test/drbgtest.c.fork-safety 2019-11-20 11:36:22.384506242 +0100
|
|
||||||
+++ openssl-1.1.1c/test/drbgtest.c 2019-11-21 17:34:13.499596998 +0100
|
|
||||||
@@ -22,6 +22,13 @@
|
|
||||||
# include <windows.h>
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+
|
|
||||||
+#if defined(OPENSSL_SYS_UNIX)
|
|
||||||
+# include <sys/types.h>
|
|
||||||
+# include <sys/wait.h>
|
|
||||||
+# include <unistd.h>
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
#include "testutil.h"
|
|
||||||
#include "drbgtest.h"
|
|
||||||
|
|
||||||
@@ -696,6 +703,40 @@ static int test_drbg_reseed(int expect_s
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
+
|
|
||||||
+#if defined(OPENSSL_SYS_UNIX)
|
|
||||||
+/*
|
|
||||||
+ * Test whether master, public and private DRBG are reseeded after
|
|
||||||
+ * forking the process.
|
|
||||||
+ */
|
|
||||||
+static int test_drbg_reseed_after_fork(RAND_DRBG *master,
|
|
||||||
+ RAND_DRBG *public,
|
|
||||||
+ RAND_DRBG *private)
|
|
||||||
+{
|
|
||||||
+ pid_t pid;
|
|
||||||
+ int status=0;
|
|
||||||
+
|
|
||||||
+ pid = fork();
|
|
||||||
+ if (!TEST_int_ge(pid, 0))
|
|
||||||
+ return 0;
|
|
||||||
+
|
|
||||||
+ if (pid > 0) {
|
|
||||||
+ /* I'm the parent; wait for the child and check its exit code */
|
|
||||||
+ return TEST_int_eq(waitpid(pid, &status, 0), pid) && TEST_int_eq(status, 0);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ /* I'm the child; check whether all three DRBGs reseed. */
|
|
||||||
+ if (!TEST_true(test_drbg_reseed(1, master, public, private, 1, 1, 1, 0)))
|
|
||||||
+ status = 1;
|
|
||||||
+
|
|
||||||
+ /* Remove hooks */
|
|
||||||
+ unhook_drbg(master);
|
|
||||||
+ unhook_drbg(public);
|
|
||||||
+ unhook_drbg(private);
|
|
||||||
+ exit(status);
|
|
||||||
+}
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
/*
|
|
||||||
* Test whether the default rand_method (RAND_OpenSSL()) is
|
|
||||||
* setup correctly, in particular whether reseeding works
|
|
||||||
@@ -786,6 +827,10 @@ static int test_rand_drbg_reseed(void)
|
|
||||||
goto error;
|
|
||||||
reset_drbg_hook_ctx();
|
|
||||||
|
|
||||||
+#if defined(OPENSSL_SYS_UNIX)
|
|
||||||
+ if (!TEST_true(test_drbg_reseed_after_fork(master, public, private)))
|
|
||||||
+ goto error;
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
/* fill 'randomness' buffer with some arbitrary data */
|
|
||||||
memset(rand_add_buf, 'r', sizeof(rand_add_buf));
|
|
@ -1,147 +0,0 @@
|
|||||||
From 08229ad838c50f644d7e928e2eef147b4308ad64 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
|
|
||||||
Date: Sun, 1 Sep 2019 00:16:28 +0200
|
|
||||||
Subject: [PATCH] Fix a padding oracle in PKCS7_dataDecode and
|
|
||||||
CMS_decrypt_set1_pkey
|
|
||||||
|
|
||||||
An attack is simple, if the first CMS_recipientInfo is valid but the
|
|
||||||
second CMS_recipientInfo is chosen ciphertext. If the second
|
|
||||||
recipientInfo decodes to PKCS #1 v1.5 form plaintext, the correct
|
|
||||||
encryption key will be replaced by garbage, and the message cannot be
|
|
||||||
decoded, but if the RSA decryption fails, the correct encryption key is
|
|
||||||
used and the recipient will not notice the attack.
|
|
||||||
|
|
||||||
As a work around for this potential attack the length of the decrypted
|
|
||||||
key must be equal to the cipher default key length, in case the
|
|
||||||
certifiate is not given and all recipientInfo are tried out.
|
|
||||||
|
|
||||||
The old behaviour can be re-enabled in the CMS code by setting the
|
|
||||||
CMS_DEBUG_DECRYPT flag.
|
|
||||||
|
|
||||||
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
||||||
(Merged from https://github.com/openssl/openssl/pull/9777)
|
|
||||||
|
|
||||||
(cherry picked from commit 5840ed0cd1e6487d247efbc1a04136a41d7b3a37)
|
|
||||||
---
|
|
||||||
crypto/cms/cms_env.c | 18 +++++++++++++++++-
|
|
||||||
crypto/cms/cms_lcl.h | 2 ++
|
|
||||||
crypto/cms/cms_smime.c | 4 ++++
|
|
||||||
crypto/pkcs7/pk7_doit.c | 12 ++++++++----
|
|
||||||
5 files changed, 45 insertions(+), 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c
|
|
||||||
index bb95af75e3..25df1c40b1 100644
|
|
||||||
--- a/crypto/cms/cms_env.c
|
|
||||||
+++ b/crypto/cms/cms_env.c
|
|
||||||
@@ -363,6 +363,7 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
|
|
||||||
unsigned char *ek = NULL;
|
|
||||||
size_t eklen;
|
|
||||||
int ret = 0;
|
|
||||||
+ size_t fixlen = 0;
|
|
||||||
CMS_EncryptedContentInfo *ec;
|
|
||||||
ec = cms->d.envelopedData->encryptedContentInfo;
|
|
||||||
|
|
||||||
@@ -371,6 +372,19 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ if (cms->d.envelopedData->encryptedContentInfo->havenocert
|
|
||||||
+ && !cms->d.envelopedData->encryptedContentInfo->debug) {
|
|
||||||
+ X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
|
|
||||||
+ const EVP_CIPHER *ciph = EVP_get_cipherbyobj(calg->algorithm);
|
|
||||||
+
|
|
||||||
+ if (ciph == NULL) {
|
|
||||||
+ CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_UNKNOWN_CIPHER);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ fixlen = EVP_CIPHER_key_length(ciph);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
ktri->pctx = EVP_PKEY_CTX_new(pkey, NULL);
|
|
||||||
if (ktri->pctx == NULL)
|
|
||||||
return 0;
|
|
||||||
@@ -401,7 +415,9 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
|
|
||||||
|
|
||||||
if (EVP_PKEY_decrypt(ktri->pctx, ek, &eklen,
|
|
||||||
ktri->encryptedKey->data,
|
|
||||||
- ktri->encryptedKey->length) <= 0) {
|
|
||||||
+ ktri->encryptedKey->length) <= 0
|
|
||||||
+ || eklen == 0
|
|
||||||
+ || (fixlen != 0 && eklen != fixlen)) {
|
|
||||||
CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CMS_LIB);
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
diff --git a/crypto/cms/cms_lcl.h b/crypto/cms/cms_lcl.h
|
|
||||||
index b5c06b7f6c..8eddb02493 100644
|
|
||||||
--- a/crypto/cms/cms_lcl.h
|
|
||||||
+++ b/crypto/cms/cms_lcl.h
|
|
||||||
@@ -125,6 +125,8 @@ struct CMS_EncryptedContentInfo_st {
|
|
||||||
size_t keylen;
|
|
||||||
/* Set to 1 if we are debugging decrypt and don't fake keys for MMA */
|
|
||||||
int debug;
|
|
||||||
+ /* Set to 1 if we have no cert and need extra safety measures for MMA */
|
|
||||||
+ int havenocert;
|
|
||||||
};
|
|
||||||
|
|
||||||
struct CMS_RecipientInfo_st {
|
|
||||||
diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
|
|
||||||
index 5dcf803f4b..3a26108b8c 100644
|
|
||||||
--- a/crypto/cms/cms_smime.c
|
|
||||||
+++ b/crypto/cms/cms_smime.c
|
|
||||||
@@ -743,6 +743,10 @@ int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
|
|
||||||
cms->d.envelopedData->encryptedContentInfo->debug = 1;
|
|
||||||
else
|
|
||||||
cms->d.envelopedData->encryptedContentInfo->debug = 0;
|
|
||||||
+ if (!cert)
|
|
||||||
+ cms->d.envelopedData->encryptedContentInfo->havenocert = 1;
|
|
||||||
+ else
|
|
||||||
+ cms->d.envelopedData->encryptedContentInfo->havenocert = 0;
|
|
||||||
if (!pk && !cert && !dcont && !out)
|
|
||||||
return 1;
|
|
||||||
if (pk && !CMS_decrypt_set1_pkey(cms, pk, cert))
|
|
||||||
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
|
|
||||||
index ee08e602a1..15a6160cfe 100644
|
|
||||||
--- a/crypto/pkcs7/pk7_doit.c
|
|
||||||
+++ b/crypto/pkcs7/pk7_doit.c
|
|
||||||
@@ -137,7 +137,8 @@ static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
|
|
||||||
}
|
|
||||||
|
|
||||||
static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
|
|
||||||
- PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey)
|
|
||||||
+ PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey,
|
|
||||||
+ size_t fixlen)
|
|
||||||
{
|
|
||||||
EVP_PKEY_CTX *pctx = NULL;
|
|
||||||
unsigned char *ek = NULL;
|
|
||||||
@@ -170,7 +171,9 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
|
|
||||||
}
|
|
||||||
|
|
||||||
if (EVP_PKEY_decrypt(pctx, ek, &eklen,
|
|
||||||
- ri->enc_key->data, ri->enc_key->length) <= 0) {
|
|
||||||
+ ri->enc_key->data, ri->enc_key->length) <= 0
|
|
||||||
+ || eklen == 0
|
|
||||||
+ || (fixlen != 0 && eklen != fixlen)) {
|
|
||||||
ret = 0;
|
|
||||||
PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);
|
|
||||||
goto err;
|
|
||||||
@@ -499,13 +502,14 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
|
|
||||||
for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
|
|
||||||
ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
|
|
||||||
|
|
||||||
- if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
|
|
||||||
+ if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey,
|
|
||||||
+ EVP_CIPHER_key_length(evp_cipher)) < 0)
|
|
||||||
goto err;
|
|
||||||
ERR_clear_error();
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
/* Only exit on fatal errors, not decrypt failure */
|
|
||||||
- if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
|
|
||||||
+ if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey, 0) < 0)
|
|
||||||
goto err;
|
|
||||||
ERR_clear_error();
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.20.1
|
|
||||||
|
|
@ -1,17 +1,40 @@
|
|||||||
diff -up openssl-1.1.1c/crypto/evp/pkey_kdf.c.edk2-build openssl-1.1.1c/crypto/evp/pkey_kdf.c
|
diff -up openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build openssl-1.1.1g/crypto/evp/pkey_kdf.c
|
||||||
--- openssl-1.1.1c/crypto/evp/pkey_kdf.c.edk2-build 2019-11-14 16:25:09.437914854 +0100
|
--- openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build 2020-05-18 12:55:53.299548432 +0200
|
||||||
+++ openssl-1.1.1c/crypto/evp/pkey_kdf.c 2019-11-15 14:52:40.216905772 +0100
|
+++ openssl-1.1.1g/crypto/evp/pkey_kdf.c 2020-05-18 12:55:53.340548788 +0200
|
||||||
@@ -12,6 +12,7 @@
|
@@ -12,6 +12,7 @@
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <openssl/kdf.h>
|
#include <openssl/kdf.h>
|
||||||
+#include "internal/numbers.h"
|
+#include "internal/numbers.h"
|
||||||
#include "internal/evp_int.h"
|
#include "crypto/evp.h"
|
||||||
|
|
||||||
static int pkey_kdf_init(EVP_PKEY_CTX *ctx)
|
static int pkey_kdf_init(EVP_PKEY_CTX *ctx)
|
||||||
diff -up openssl-1.1.1c/crypto/include/internal/fips_int.h.edk2-build openssl-1.1.1c/crypto/include/internal/fips_int.h
|
diff -up openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build openssl-1.1.1g/crypto/kdf/hkdf.c
|
||||||
--- openssl-1.1.1c/crypto/include/internal/fips_int.h.edk2-build 2019-11-14 16:25:09.430914981 +0100
|
--- openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build 2020-05-18 12:55:53.340548788 +0200
|
||||||
+++ openssl-1.1.1c/crypto/include/internal/fips_int.h 2019-11-15 14:48:02.489936610 +0100
|
+++ openssl-1.1.1g/crypto/kdf/hkdf.c 2020-05-18 12:57:18.648288904 +0200
|
||||||
|
@@ -13,6 +13,7 @@
|
||||||
|
#include <openssl/hmac.h>
|
||||||
|
#include <openssl/kdf.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
+#include "internal/numbers.h"
|
||||||
|
#include "internal/cryptlib.h"
|
||||||
|
#include "crypto/evp.h"
|
||||||
|
#include "kdf_local.h"
|
||||||
|
diff -up openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build openssl-1.1.1g/crypto/rand/rand_unix.c
|
||||||
|
--- openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build 2020-05-18 12:56:05.646655554 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/rand/rand_unix.c 2020-05-18 12:58:51.088090896 +0200
|
||||||
|
@@ -20,7 +20,7 @@
|
||||||
|
#include "crypto/fips.h"
|
||||||
|
#include <stdio.h>
|
||||||
|
#include "internal/dso.h"
|
||||||
|
-#ifdef __linux
|
||||||
|
+#if defined(__linux) && !defined(OPENSSL_SYS_UEFI)
|
||||||
|
# include <sys/syscall.h>
|
||||||
|
# include <sys/random.h>
|
||||||
|
# ifdef DEVRANDOM_WAIT
|
||||||
|
diff -up openssl-1.1.1g/include/crypto/fips.h.edk2-build openssl-1.1.1g/include/crypto/fips.h
|
||||||
|
--- openssl-1.1.1g/include/crypto/fips.h.edk2-build 2020-05-18 12:55:53.296548406 +0200
|
||||||
|
+++ openssl-1.1.1g/include/crypto/fips.h 2020-05-18 12:55:53.340548788 +0200
|
||||||
@@ -50,10 +50,6 @@
|
@@ -50,10 +50,6 @@
|
||||||
#include <openssl/opensslconf.h>
|
#include <openssl/opensslconf.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
@ -32,37 +55,3 @@ diff -up openssl-1.1.1c/crypto/include/internal/fips_int.h.edk2-build openssl-1.
|
|||||||
+# define fips_in_post() 0
|
+# define fips_in_post() 0
|
||||||
+
|
+
|
||||||
#endif
|
#endif
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/hkdf.c.edk2-build openssl-1.1.1c/crypto/kdf/hkdf.c
|
|
||||||
--- openssl-1.1.1c/crypto/kdf/hkdf.c.edk2-build 2019-11-14 16:25:09.438914836 +0100
|
|
||||||
+++ openssl-1.1.1c/crypto/kdf/hkdf.c 2019-11-15 14:48:53.360015134 +0100
|
|
||||||
@@ -13,6 +13,7 @@
|
|
||||||
#include <openssl/hmac.h>
|
|
||||||
#include <openssl/evp.h>
|
|
||||||
#include <openssl/kdf.h>
|
|
||||||
+#include "internal/numbers.h"
|
|
||||||
#include "internal/cryptlib.h"
|
|
||||||
#include "internal/evp_int.h"
|
|
||||||
#include "kdf_local.h"
|
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/sshkdf.c.edk2-build openssl-1.1.1c/crypto/kdf/sshkdf.c
|
|
||||||
--- openssl-1.1.1c/crypto/kdf/sshkdf.c.edk2-build 2019-11-14 16:25:09.452914583 +0100
|
|
||||||
+++ openssl-1.1.1c/crypto/kdf/sshkdf.c 2019-11-15 14:53:14.769279878 +0100
|
|
||||||
@@ -12,6 +12,7 @@
|
|
||||||
#include <string.h>
|
|
||||||
#include <openssl/evp.h>
|
|
||||||
#include <openssl/kdf.h>
|
|
||||||
+#include "internal/numbers.h"
|
|
||||||
#include "internal/cryptlib.h"
|
|
||||||
#include "internal/evp_int.h"
|
|
||||||
#include "kdf_local.h"
|
|
||||||
diff -up openssl-1.1.1c/crypto/rand/rand_unix.c.edk2-build openssl-1.1.1c/crypto/rand/rand_unix.c
|
|
||||||
--- openssl-1.1.1c/crypto/rand/rand_unix.c.edk2-build 2019-11-14 16:25:09.430914981 +0100
|
|
||||||
+++ openssl-1.1.1c/crypto/rand/rand_unix.c 2019-11-15 14:51:41.634966941 +0100
|
|
||||||
@@ -19,7 +19,7 @@
|
|
||||||
#include "internal/fips_int.h"
|
|
||||||
#include <stdio.h>
|
|
||||||
#include "internal/dso.h"
|
|
||||||
-#if defined(__linux)
|
|
||||||
+#if defined(__linux) && !defined(OPENSSL_SYS_UEFI)
|
|
||||||
# include <sys/syscall.h>
|
|
||||||
# include <sys/random.h>
|
|
||||||
#endif
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
diff -up openssl-1.1.1b/crypto/err/openssl.txt.evp-kdf openssl-1.1.1b/crypto/err/openssl.txt
|
diff -up openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf openssl-1.1.1e/crypto/err/openssl.txt
|
||||||
--- openssl-1.1.1b/crypto/err/openssl.txt.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/crypto/err/openssl.txt 2019-02-28 13:05:05.651521474 +0100
|
+++ openssl-1.1.1e/crypto/err/openssl.txt 2020-03-19 16:04:11.299063517 +0100
|
||||||
@@ -743,6 +743,9 @@ EVP_F_EVP_DIGESTINIT_EX:128:EVP_DigestIn
|
@@ -747,6 +747,9 @@ EVP_F_EVP_DIGESTINIT_EX:128:EVP_DigestIn
|
||||||
EVP_F_EVP_ENCRYPTDECRYPTUPDATE:219:evp_EncryptDecryptUpdate
|
EVP_F_EVP_ENCRYPTDECRYPTUPDATE:219:evp_EncryptDecryptUpdate
|
||||||
EVP_F_EVP_ENCRYPTFINAL_EX:127:EVP_EncryptFinal_ex
|
EVP_F_EVP_ENCRYPTFINAL_EX:127:EVP_EncryptFinal_ex
|
||||||
EVP_F_EVP_ENCRYPTUPDATE:167:EVP_EncryptUpdate
|
EVP_F_EVP_ENCRYPTUPDATE:167:EVP_EncryptUpdate
|
||||||
@ -11,7 +11,7 @@ diff -up openssl-1.1.1b/crypto/err/openssl.txt.evp-kdf openssl-1.1.1b/crypto/err
|
|||||||
EVP_F_EVP_MD_CTX_COPY_EX:110:EVP_MD_CTX_copy_ex
|
EVP_F_EVP_MD_CTX_COPY_EX:110:EVP_MD_CTX_copy_ex
|
||||||
EVP_F_EVP_MD_SIZE:162:EVP_MD_size
|
EVP_F_EVP_MD_SIZE:162:EVP_MD_size
|
||||||
EVP_F_EVP_OPENINIT:102:EVP_OpenInit
|
EVP_F_EVP_OPENINIT:102:EVP_OpenInit
|
||||||
@@ -805,11 +808,30 @@ EVP_F_PKCS5_PBE_KEYIVGEN:117:PKCS5_PBE_k
|
@@ -809,12 +812,31 @@ EVP_F_PKCS5_PBE_KEYIVGEN:117:PKCS5_PBE_k
|
||||||
EVP_F_PKCS5_V2_PBE_KEYIVGEN:118:PKCS5_v2_PBE_keyivgen
|
EVP_F_PKCS5_V2_PBE_KEYIVGEN:118:PKCS5_v2_PBE_keyivgen
|
||||||
EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN:164:PKCS5_v2_PBKDF2_keyivgen
|
EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN:164:PKCS5_v2_PBKDF2_keyivgen
|
||||||
EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN:180:PKCS5_v2_scrypt_keyivgen
|
EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN:180:PKCS5_v2_scrypt_keyivgen
|
||||||
@ -19,6 +19,7 @@ diff -up openssl-1.1.1b/crypto/err/openssl.txt.evp-kdf openssl-1.1.1b/crypto/err
|
|||||||
EVP_F_PKEY_SET_TYPE:158:pkey_set_type
|
EVP_F_PKEY_SET_TYPE:158:pkey_set_type
|
||||||
EVP_F_RC2_MAGIC_TO_METH:109:rc2_magic_to_meth
|
EVP_F_RC2_MAGIC_TO_METH:109:rc2_magic_to_meth
|
||||||
EVP_F_RC5_CTRL:125:rc5_ctrl
|
EVP_F_RC5_CTRL:125:rc5_ctrl
|
||||||
|
EVP_F_R_32_12_16_INIT_KEY:242:r_32_12_16_init_key
|
||||||
EVP_F_S390X_AES_GCM_CTRL:201:s390x_aes_gcm_ctrl
|
EVP_F_S390X_AES_GCM_CTRL:201:s390x_aes_gcm_ctrl
|
||||||
+EVP_F_SCRYPT_ALG:228:scrypt_alg
|
+EVP_F_SCRYPT_ALG:228:scrypt_alg
|
||||||
EVP_F_UPDATE:173:update
|
EVP_F_UPDATE:173:update
|
||||||
@ -42,7 +43,7 @@ diff -up openssl-1.1.1b/crypto/err/openssl.txt.evp-kdf openssl-1.1.1b/crypto/err
|
|||||||
KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str
|
KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str
|
||||||
KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive
|
KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive
|
||||||
KDF_F_PKEY_HKDF_INIT:108:pkey_hkdf_init
|
KDF_F_PKEY_HKDF_INIT:108:pkey_hkdf_init
|
||||||
@@ -821,6 +843,7 @@ KDF_F_PKEY_SCRYPT_SET_MEMBUF:107:pkey_sc
|
@@ -826,6 +848,7 @@ KDF_F_PKEY_SCRYPT_SET_MEMBUF:107:pkey_sc
|
||||||
KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tls1_prf_ctrl_str
|
KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tls1_prf_ctrl_str
|
||||||
KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive
|
KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive
|
||||||
KDF_F_PKEY_TLS1_PRF_INIT:110:pkey_tls1_prf_init
|
KDF_F_PKEY_TLS1_PRF_INIT:110:pkey_tls1_prf_init
|
||||||
@ -50,7 +51,7 @@ diff -up openssl-1.1.1b/crypto/err/openssl.txt.evp-kdf openssl-1.1.1b/crypto/err
|
|||||||
KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg
|
KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg
|
||||||
OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object
|
OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object
|
||||||
OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid
|
OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid
|
||||||
@@ -2264,6 +2287,7 @@ EVP_R_ONLY_ONESHOT_SUPPORTED:177:only on
|
@@ -2277,6 +2300,7 @@ EVP_R_ONLY_ONESHOT_SUPPORTED:177:only on
|
||||||
EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\
|
EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\
|
||||||
operation not supported for this keytype
|
operation not supported for this keytype
|
||||||
EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized
|
EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized
|
||||||
@ -58,7 +59,7 @@ diff -up openssl-1.1.1b/crypto/err/openssl.txt.evp-kdf openssl-1.1.1b/crypto/err
|
|||||||
EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers
|
EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers
|
||||||
EVP_R_PBKDF2_ERROR:181:pbkdf2 error
|
EVP_R_PBKDF2_ERROR:181:pbkdf2 error
|
||||||
EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\
|
EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\
|
||||||
@@ -2299,6 +2323,7 @@ KDF_R_MISSING_SEED:106:missing seed
|
@@ -2313,6 +2337,7 @@ KDF_R_MISSING_SEED:106:missing seed
|
||||||
KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type
|
KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type
|
||||||
KDF_R_VALUE_ERROR:108:value error
|
KDF_R_VALUE_ERROR:108:value error
|
||||||
KDF_R_VALUE_MISSING:102:value missing
|
KDF_R_VALUE_MISSING:102:value missing
|
||||||
@ -66,9 +67,9 @@ diff -up openssl-1.1.1b/crypto/err/openssl.txt.evp-kdf openssl-1.1.1b/crypto/err
|
|||||||
OBJ_R_OID_EXISTS:102:oid exists
|
OBJ_R_OID_EXISTS:102:oid exists
|
||||||
OBJ_R_UNKNOWN_NID:101:unknown nid
|
OBJ_R_UNKNOWN_NID:101:unknown nid
|
||||||
OCSP_R_CERTIFICATE_VERIFY_ERROR:101:certificate verify error
|
OCSP_R_CERTIFICATE_VERIFY_ERROR:101:certificate verify error
|
||||||
diff -up openssl-1.1.1b/crypto/evp/build.info.evp-kdf openssl-1.1.1b/crypto/evp/build.info
|
diff -up openssl-1.1.1e/crypto/evp/build.info.evp-kdf openssl-1.1.1e/crypto/evp/build.info
|
||||||
--- openssl-1.1.1b/crypto/evp/build.info.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/crypto/evp/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/crypto/evp/build.info 2019-02-28 13:05:05.651521474 +0100
|
+++ openssl-1.1.1e/crypto/evp/build.info 2020-03-19 16:04:11.300063500 +0100
|
||||||
@@ -9,7 +9,8 @@ SOURCE[../../libcrypto]=\
|
@@ -9,7 +9,8 @@ SOURCE[../../libcrypto]=\
|
||||||
p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
|
p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
|
||||||
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
|
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
|
||||||
@ -79,44 +80,37 @@ diff -up openssl-1.1.1b/crypto/evp/build.info.evp-kdf openssl-1.1.1b/crypto/evp/
|
|||||||
e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
|
e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
|
||||||
e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \
|
e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \
|
||||||
e_chacha20_poly1305.c cmeth_lib.c
|
e_chacha20_poly1305.c cmeth_lib.c
|
||||||
diff -up openssl-1.1.1b/crypto/evp/e_chacha20_poly1305.c.evp-kdf openssl-1.1.1b/crypto/evp/e_chacha20_poly1305.c
|
diff -up openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c.evp-kdf openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c
|
||||||
--- openssl-1.1.1b/crypto/evp/e_chacha20_poly1305.c.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c.evp-kdf 2020-03-19 16:04:11.300063500 +0100
|
||||||
+++ openssl-1.1.1b/crypto/evp/e_chacha20_poly1305.c 2019-02-28 13:05:05.651521474 +0100
|
+++ openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c 2020-03-19 16:16:46.497967633 +0100
|
||||||
@@ -14,8 +14,8 @@
|
@@ -14,9 +14,9 @@
|
||||||
|
|
||||||
# include <openssl/evp.h>
|
# include <openssl/evp.h>
|
||||||
# include <openssl/objects.h>
|
# include <openssl/objects.h>
|
||||||
-# include "evp_locl.h"
|
-# include "evp_local.h"
|
||||||
# include "internal/evp_int.h"
|
# include "crypto/evp.h"
|
||||||
+# include "evp_locl.h"
|
# include "crypto/chacha.h"
|
||||||
# include "internal/chacha.h"
|
+# include "evp_local.h"
|
||||||
|
|
||||||
typedef struct {
|
typedef struct {
|
||||||
diff -up openssl-1.1.1b/crypto/evp/encode.c.evp-kdf openssl-1.1.1b/crypto/evp/encode.c
|
union {
|
||||||
--- openssl-1.1.1b/crypto/evp/encode.c.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
diff -up openssl-1.1.1e/crypto/evp/encode.c.evp-kdf openssl-1.1.1e/crypto/evp/encode.c
|
||||||
+++ openssl-1.1.1b/crypto/evp/encode.c 2019-02-28 13:05:05.651521474 +0100
|
--- openssl-1.1.1e/crypto/evp/encode.c.evp-kdf 2020-03-19 16:04:11.301063483 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/evp/encode.c 2020-03-19 16:14:13.147628683 +0100
|
||||||
@@ -11,8 +11,8 @@
|
@@ -11,8 +11,8 @@
|
||||||
#include <limits.h>
|
#include <limits.h>
|
||||||
#include "internal/cryptlib.h"
|
#include "internal/cryptlib.h"
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
-#include "evp_locl.h"
|
-#include "evp_local.h"
|
||||||
#include "internal/evp_int.h"
|
#include "crypto/evp.h"
|
||||||
+#include "evp_locl.h"
|
+#include "evp_local.h"
|
||||||
|
|
||||||
static unsigned char conv_ascii2bin(unsigned char a,
|
static unsigned char conv_ascii2bin(unsigned char a,
|
||||||
const unsigned char *table);
|
const unsigned char *table);
|
||||||
diff -up openssl-1.1.1b/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1b/crypto/evp/evp_err.c
|
diff -up openssl-1.1.1e/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1e/crypto/evp/evp_err.c
|
||||||
--- openssl-1.1.1b/crypto/evp/evp_err.c.evp-kdf 2019-02-28 13:05:05.617522103 +0100
|
--- openssl-1.1.1e/crypto/evp/evp_err.c.evp-kdf 2020-03-19 16:04:11.218064919 +0100
|
||||||
+++ openssl-1.1.1b/crypto/evp/evp_err.c 2019-02-28 13:05:05.651521474 +0100
|
+++ openssl-1.1.1e/crypto/evp/evp_err.c 2020-03-19 16:04:11.302063465 +0100
|
||||||
@@ -1,6 +1,6 @@
|
@@ -60,6 +60,9 @@ static const ERR_STRING_DATA EVP_str_fun
|
||||||
/*
|
|
||||||
* Generated by util/mkerr.pl DO NOT EDIT
|
|
||||||
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
|
||||||
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
||||||
*
|
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
|
||||||
@@ -56,6 +56,9 @@ static const ERR_STRING_DATA EVP_str_fun
|
|
||||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, 0),
|
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, 0),
|
||||||
"EVP_EncryptFinal_ex"},
|
"EVP_EncryptFinal_ex"},
|
||||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTUPDATE, 0), "EVP_EncryptUpdate"},
|
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTUPDATE, 0), "EVP_EncryptUpdate"},
|
||||||
@ -126,7 +120,7 @@ diff -up openssl-1.1.1b/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1b/crypto/evp/e
|
|||||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_CTX_COPY_EX, 0), "EVP_MD_CTX_copy_ex"},
|
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_CTX_COPY_EX, 0), "EVP_MD_CTX_copy_ex"},
|
||||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_SIZE, 0), "EVP_MD_size"},
|
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_SIZE, 0), "EVP_MD_size"},
|
||||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_OPENINIT, 0), "EVP_OpenInit"},
|
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_OPENINIT, 0), "EVP_OpenInit"},
|
||||||
@@ -147,10 +150,12 @@ static const ERR_STRING_DATA EVP_str_fun
|
@@ -151,12 +154,14 @@ static const ERR_STRING_DATA EVP_str_fun
|
||||||
"PKCS5_v2_PBKDF2_keyivgen"},
|
"PKCS5_v2_PBKDF2_keyivgen"},
|
||||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN, 0),
|
{ERR_PACK(ERR_LIB_EVP, EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN, 0),
|
||||||
"PKCS5_v2_scrypt_keyivgen"},
|
"PKCS5_v2_scrypt_keyivgen"},
|
||||||
@ -134,12 +128,14 @@ diff -up openssl-1.1.1b/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1b/crypto/evp/e
|
|||||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_SET_TYPE, 0), "pkey_set_type"},
|
{ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_SET_TYPE, 0), "pkey_set_type"},
|
||||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_RC2_MAGIC_TO_METH, 0), "rc2_magic_to_meth"},
|
{ERR_PACK(ERR_LIB_EVP, EVP_F_RC2_MAGIC_TO_METH, 0), "rc2_magic_to_meth"},
|
||||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_RC5_CTRL, 0), "rc5_ctrl"},
|
{ERR_PACK(ERR_LIB_EVP, EVP_F_RC5_CTRL, 0), "rc5_ctrl"},
|
||||||
|
{ERR_PACK(ERR_LIB_EVP, EVP_F_R_32_12_16_INIT_KEY, 0),
|
||||||
|
"r_32_12_16_init_key"},
|
||||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_S390X_AES_GCM_CTRL, 0), "s390x_aes_gcm_ctrl"},
|
{ERR_PACK(ERR_LIB_EVP, EVP_F_S390X_AES_GCM_CTRL, 0), "s390x_aes_gcm_ctrl"},
|
||||||
+ {ERR_PACK(ERR_LIB_EVP, EVP_F_SCRYPT_ALG, 0), "scrypt_alg"},
|
+ {ERR_PACK(ERR_LIB_EVP, EVP_F_SCRYPT_ALG, 0), "scrypt_alg"},
|
||||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_UPDATE, 0), "update"},
|
{ERR_PACK(ERR_LIB_EVP, EVP_F_UPDATE, 0), "update"},
|
||||||
{0, NULL}
|
{0, NULL}
|
||||||
};
|
};
|
||||||
@@ -233,6 +238,8 @@ static const ERR_STRING_DATA EVP_str_rea
|
@@ -241,6 +246,8 @@ static const ERR_STRING_DATA EVP_str_rea
|
||||||
"operation not supported for this keytype"},
|
"operation not supported for this keytype"},
|
||||||
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED),
|
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED),
|
||||||
"operaton not initialized"},
|
"operaton not initialized"},
|
||||||
@ -148,9 +144,9 @@ diff -up openssl-1.1.1b/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1b/crypto/evp/e
|
|||||||
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING),
|
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING),
|
||||||
"partially overlapping buffers"},
|
"partially overlapping buffers"},
|
||||||
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"},
|
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"},
|
||||||
diff -up openssl-1.1.1b/crypto/evp/evp_locl.h.evp-kdf openssl-1.1.1b/crypto/evp/evp_locl.h
|
diff -up openssl-1.1.1e/crypto/evp/evp_local.h.evp-kdf openssl-1.1.1e/crypto/evp/evp_local.h
|
||||||
--- openssl-1.1.1b/crypto/evp/evp_locl.h.evp-kdf 2019-02-28 13:05:05.253528831 +0100
|
--- openssl-1.1.1e/crypto/evp/evp_local.h.evp-kdf 2020-03-19 16:04:10.657074629 +0100
|
||||||
+++ openssl-1.1.1b/crypto/evp/evp_locl.h 2019-02-28 13:05:05.652521456 +0100
|
+++ openssl-1.1.1e/crypto/evp/evp_local.h 2020-03-19 16:04:20.722900404 +0100
|
||||||
@@ -41,6 +41,11 @@ struct evp_cipher_ctx_st {
|
@@ -41,6 +41,11 @@ struct evp_cipher_ctx_st {
|
||||||
unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */
|
unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */
|
||||||
} /* EVP_CIPHER_CTX */ ;
|
} /* EVP_CIPHER_CTX */ ;
|
||||||
@ -163,20 +159,20 @@ diff -up openssl-1.1.1b/crypto/evp/evp_locl.h.evp-kdf openssl-1.1.1b/crypto/evp/
|
|||||||
int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
|
int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
|
||||||
int passlen, ASN1_TYPE *param,
|
int passlen, ASN1_TYPE *param,
|
||||||
const EVP_CIPHER *c, const EVP_MD *md,
|
const EVP_CIPHER *c, const EVP_MD *md,
|
||||||
diff -up openssl-1.1.1b/crypto/evp/evp_pbe.c.evp-kdf openssl-1.1.1b/crypto/evp/evp_pbe.c
|
diff -up openssl-1.1.1e/crypto/evp/evp_pbe.c.evp-kdf openssl-1.1.1e/crypto/evp/evp_pbe.c
|
||||||
--- openssl-1.1.1b/crypto/evp/evp_pbe.c.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/crypto/evp/evp_pbe.c.evp-kdf 2020-03-19 16:04:20.723900386 +0100
|
||||||
+++ openssl-1.1.1b/crypto/evp/evp_pbe.c 2019-02-28 13:05:05.652521456 +0100
|
+++ openssl-1.1.1e/crypto/evp/evp_pbe.c 2020-03-19 16:11:56.425001210 +0100
|
||||||
@@ -12,6 +12,7 @@
|
@@ -12,6 +12,7 @@
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/pkcs12.h>
|
#include <openssl/pkcs12.h>
|
||||||
#include <openssl/x509.h>
|
#include <openssl/x509.h>
|
||||||
+#include "internal/evp_int.h"
|
+#include "crypto/evp.h"
|
||||||
#include "evp_locl.h"
|
#include "evp_local.h"
|
||||||
|
|
||||||
/* Password based encryption (PBE) functions */
|
/* Password based encryption (PBE) functions */
|
||||||
diff -up openssl-1.1.1b/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1b/crypto/evp/kdf_lib.c
|
diff -up openssl-1.1.1e/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1e/crypto/evp/kdf_lib.c
|
||||||
--- openssl-1.1.1b/crypto/evp/kdf_lib.c.evp-kdf 2019-02-28 13:05:05.652521456 +0100
|
--- openssl-1.1.1e/crypto/evp/kdf_lib.c.evp-kdf 2020-03-19 16:04:20.723900386 +0100
|
||||||
+++ openssl-1.1.1b/crypto/evp/kdf_lib.c 2019-02-28 13:05:05.652521456 +0100
|
+++ openssl-1.1.1e/crypto/evp/kdf_lib.c 2020-03-19 16:04:20.723900386 +0100
|
||||||
@@ -0,0 +1,165 @@
|
@@ -0,0 +1,165 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -195,10 +191,10 @@ diff -up openssl-1.1.1b/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1b/crypto/evp/k
|
|||||||
+#include <openssl/evp.h>
|
+#include <openssl/evp.h>
|
||||||
+#include <openssl/x509v3.h>
|
+#include <openssl/x509v3.h>
|
||||||
+#include <openssl/kdf.h>
|
+#include <openssl/kdf.h>
|
||||||
+#include "internal/asn1_int.h"
|
+#include "crypto/asn1.h"
|
||||||
+#include "internal/evp_int.h"
|
+#include "crypto/evp.h"
|
||||||
+#include "internal/numbers.h"
|
+#include "internal/numbers.h"
|
||||||
+#include "evp_locl.h"
|
+#include "evp_local.h"
|
||||||
+
|
+
|
||||||
+typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
|
+typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
|
||||||
+
|
+
|
||||||
@ -343,9 +339,9 @@ diff -up openssl-1.1.1b/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1b/crypto/evp/k
|
|||||||
+ return ctx->kmeth->derive(ctx->impl, key, keylen);
|
+ return ctx->kmeth->derive(ctx->impl, key, keylen);
|
||||||
+}
|
+}
|
||||||
+
|
+
|
||||||
diff -up openssl-1.1.1b/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1b/crypto/evp/p5_crpt2.c
|
diff -up openssl-1.1.1e/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1e/crypto/evp/p5_crpt2.c
|
||||||
--- openssl-1.1.1b/crypto/evp/p5_crpt2.c.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/crypto/evp/p5_crpt2.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/crypto/evp/p5_crpt2.c 2019-02-28 13:05:05.652521456 +0100
|
+++ openssl-1.1.1e/crypto/evp/p5_crpt2.c 2020-03-19 16:17:48.822886126 +0100
|
||||||
@@ -1,5 +1,5 @@
|
@@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
|
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -360,13 +356,13 @@ diff -up openssl-1.1.1b/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1b/crypto/evp/
|
|||||||
-# include <openssl/x509.h>
|
-# include <openssl/x509.h>
|
||||||
-# include <openssl/evp.h>
|
-# include <openssl/evp.h>
|
||||||
-# include <openssl/hmac.h>
|
-# include <openssl/hmac.h>
|
||||||
-# include "evp_locl.h"
|
-# include "evp_local.h"
|
||||||
+#include <openssl/x509.h>
|
+#include <openssl/x509.h>
|
||||||
+#include <openssl/evp.h>
|
+#include <openssl/evp.h>
|
||||||
+#include <openssl/kdf.h>
|
+#include <openssl/kdf.h>
|
||||||
+#include <openssl/hmac.h>
|
+#include <openssl/hmac.h>
|
||||||
+#include "internal/evp_int.h"
|
+#include "crypto/evp.h"
|
||||||
+#include "evp_locl.h"
|
+#include "evp_local.h"
|
||||||
|
|
||||||
/* set this to print out info about the keygen algorithm */
|
/* set this to print out info about the keygen algorithm */
|
||||||
/* #define OPENSSL_DEBUG_PKCS5V2 */
|
/* #define OPENSSL_DEBUG_PKCS5V2 */
|
||||||
@ -494,9 +490,9 @@ diff -up openssl-1.1.1b/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1b/crypto/evp/
|
|||||||
}
|
}
|
||||||
|
|
||||||
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
|
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
|
||||||
diff -up openssl-1.1.1b/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1b/crypto/evp/pbe_scrypt.c
|
diff -up openssl-1.1.1e/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1e/crypto/evp/pbe_scrypt.c
|
||||||
--- openssl-1.1.1b/crypto/evp/pbe_scrypt.c.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/crypto/evp/pbe_scrypt.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/crypto/evp/pbe_scrypt.c 2019-02-28 13:33:18.446264056 +0100
|
+++ openssl-1.1.1e/crypto/evp/pbe_scrypt.c 2020-03-19 16:04:20.725900352 +0100
|
||||||
@@ -7,135 +7,12 @@
|
@@ -7,135 +7,12 @@
|
||||||
* https://www.openssl.org/source/license.html
|
* https://www.openssl.org/source/license.html
|
||||||
*/
|
*/
|
||||||
@ -682,9 +678,11 @@ diff -up openssl-1.1.1b/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1b/crypto/ev
|
|||||||
- */
|
- */
|
||||||
- if (Blen > INT_MAX) {
|
- if (Blen > INT_MAX) {
|
||||||
- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
|
- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
|
||||||
- return 0;
|
+ if (r > UINT32_MAX || p > UINT32_MAX) {
|
||||||
- }
|
+ EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE);
|
||||||
-
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
- /*
|
- /*
|
||||||
- * Check 32 * r * (N + 2) * sizeof(uint32_t) fits in uint64_t
|
- * Check 32 * r * (N + 2) * sizeof(uint32_t) fits in uint64_t
|
||||||
- * This is combined size V, X and T (section 4)
|
- * This is combined size V, X and T (section 4)
|
||||||
@ -692,21 +690,18 @@ diff -up openssl-1.1.1b/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1b/crypto/ev
|
|||||||
- i = UINT64_MAX / (32 * sizeof(uint32_t));
|
- i = UINT64_MAX / (32 * sizeof(uint32_t));
|
||||||
- if (N + 2 > i / r) {
|
- if (N + 2 > i / r) {
|
||||||
- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
|
- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
|
||||||
+ if (r > UINT32_MAX || p > UINT32_MAX) {
|
|
||||||
+ EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
- Vlen = 32 * r * (N + 2) * sizeof(uint32_t);
|
|
||||||
|
|
||||||
- /* check total allocated size fits in uint64_t */
|
|
||||||
- if (Blen > UINT64_MAX - Vlen) {
|
|
||||||
- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
|
|
||||||
- return 0;
|
- return 0;
|
||||||
+ /* Maintain existing behaviour. */
|
+ /* Maintain existing behaviour. */
|
||||||
+ if (pass == NULL) {
|
+ if (pass == NULL) {
|
||||||
+ pass = empty;
|
+ pass = empty;
|
||||||
+ passlen = 0;
|
+ passlen = 0;
|
||||||
+ }
|
}
|
||||||
|
- Vlen = 32 * r * (N + 2) * sizeof(uint32_t);
|
||||||
|
-
|
||||||
|
- /* check total allocated size fits in uint64_t */
|
||||||
|
- if (Blen > UINT64_MAX - Vlen) {
|
||||||
|
- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
|
||||||
|
- return 0;
|
||||||
+ if (salt == NULL) {
|
+ if (salt == NULL) {
|
||||||
+ salt = (const unsigned char *)empty;
|
+ salt = (const unsigned char *)empty;
|
||||||
+ saltlen = 0;
|
+ saltlen = 0;
|
||||||
@ -768,9 +763,9 @@ diff -up openssl-1.1.1b/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1b/crypto/ev
|
|||||||
}
|
}
|
||||||
+
|
+
|
||||||
#endif
|
#endif
|
||||||
diff -up openssl-1.1.1b/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1b/crypto/evp/pkey_kdf.c
|
diff -up openssl-1.1.1e/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1e/crypto/evp/pkey_kdf.c
|
||||||
--- openssl-1.1.1b/crypto/evp/pkey_kdf.c.evp-kdf 2019-02-28 13:05:05.653521437 +0100
|
--- openssl-1.1.1e/crypto/evp/pkey_kdf.c.evp-kdf 2020-03-19 16:04:20.726900334 +0100
|
||||||
+++ openssl-1.1.1b/crypto/evp/pkey_kdf.c 2019-02-28 13:05:05.653521437 +0100
|
+++ openssl-1.1.1e/crypto/evp/pkey_kdf.c 2020-03-19 16:04:20.725900352 +0100
|
||||||
@@ -0,0 +1,255 @@
|
@@ -0,0 +1,255 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -786,7 +781,7 @@ diff -up openssl-1.1.1b/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1b/crypto/evp/
|
|||||||
+#include <openssl/evp.h>
|
+#include <openssl/evp.h>
|
||||||
+#include <openssl/err.h>
|
+#include <openssl/err.h>
|
||||||
+#include <openssl/kdf.h>
|
+#include <openssl/kdf.h>
|
||||||
+#include "internal/evp_int.h"
|
+#include "crypto/evp.h"
|
||||||
+
|
+
|
||||||
+static int pkey_kdf_init(EVP_PKEY_CTX *ctx)
|
+static int pkey_kdf_init(EVP_PKEY_CTX *ctx)
|
||||||
+{
|
+{
|
||||||
@ -1027,45 +1022,17 @@ diff -up openssl-1.1.1b/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1b/crypto/evp/
|
|||||||
+ pkey_kdf_ctrl_str
|
+ pkey_kdf_ctrl_str
|
||||||
+};
|
+};
|
||||||
+
|
+
|
||||||
diff -up openssl-1.1.1b/crypto/include/internal/evp_int.h.evp-kdf openssl-1.1.1b/crypto/include/internal/evp_int.h
|
diff -up openssl-1.1.1e/crypto/kdf/build.info.evp-kdf openssl-1.1.1e/crypto/kdf/build.info
|
||||||
--- openssl-1.1.1b/crypto/include/internal/evp_int.h.evp-kdf 2019-02-28 13:05:05.304527888 +0100
|
--- openssl-1.1.1e/crypto/kdf/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/crypto/include/internal/evp_int.h 2019-02-28 13:05:05.653521437 +0100
|
+++ openssl-1.1.1e/crypto/kdf/build.info 2020-03-19 16:04:32.347699194 +0100
|
||||||
@@ -112,6 +112,24 @@ extern const EVP_PKEY_METHOD hkdf_pkey_m
|
|
||||||
extern const EVP_PKEY_METHOD poly1305_pkey_meth;
|
|
||||||
extern const EVP_PKEY_METHOD siphash_pkey_meth;
|
|
||||||
|
|
||||||
+/* struct evp_kdf_impl_st is defined by the implementation */
|
|
||||||
+typedef struct evp_kdf_impl_st EVP_KDF_IMPL;
|
|
||||||
+typedef struct {
|
|
||||||
+ int type;
|
|
||||||
+ EVP_KDF_IMPL *(*new) (void);
|
|
||||||
+ void (*free) (EVP_KDF_IMPL *impl);
|
|
||||||
+ void (*reset) (EVP_KDF_IMPL *impl);
|
|
||||||
+ int (*ctrl) (EVP_KDF_IMPL *impl, int cmd, va_list args);
|
|
||||||
+ int (*ctrl_str) (EVP_KDF_IMPL *impl, const char *type, const char *value);
|
|
||||||
+ size_t (*size) (EVP_KDF_IMPL *impl);
|
|
||||||
+ int (*derive) (EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen);
|
|
||||||
+} EVP_KDF_METHOD;
|
|
||||||
+
|
|
||||||
+extern const EVP_KDF_METHOD pbkdf2_kdf_meth;
|
|
||||||
+extern const EVP_KDF_METHOD scrypt_kdf_meth;
|
|
||||||
+extern const EVP_KDF_METHOD tls1_prf_kdf_meth;
|
|
||||||
+extern const EVP_KDF_METHOD hkdf_kdf_meth;
|
|
||||||
+
|
|
||||||
struct evp_md_st {
|
|
||||||
int type;
|
|
||||||
int pkey_type;
|
|
||||||
diff -up openssl-1.1.1b/crypto/kdf/build.info.evp-kdf openssl-1.1.1b/crypto/kdf/build.info
|
|
||||||
--- openssl-1.1.1b/crypto/kdf/build.info.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
|
||||||
+++ openssl-1.1.1b/crypto/kdf/build.info 2019-02-28 13:05:05.653521437 +0100
|
|
||||||
@@ -1,3 +1,3 @@
|
@@ -1,3 +1,3 @@
|
||||||
LIBS=../../libcrypto
|
LIBS=../../libcrypto
|
||||||
SOURCE[../../libcrypto]=\
|
SOURCE[../../libcrypto]=\
|
||||||
- tls1_prf.c kdf_err.c hkdf.c scrypt.c
|
- tls1_prf.c kdf_err.c hkdf.c scrypt.c
|
||||||
+ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c
|
+ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c
|
||||||
diff -up openssl-1.1.1b/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1b/crypto/kdf/hkdf.c
|
diff -up openssl-1.1.1e/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1e/crypto/kdf/hkdf.c
|
||||||
--- openssl-1.1.1b/crypto/kdf/hkdf.c.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/crypto/kdf/hkdf.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/crypto/kdf/hkdf.c 2019-02-28 13:05:05.653521437 +0100
|
+++ openssl-1.1.1e/crypto/kdf/hkdf.c 2020-03-19 16:06:59.757147720 +0100
|
||||||
@@ -8,32 +8,33 @@
|
@@ -8,32 +8,33 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
@ -1073,11 +1040,10 @@ diff -up openssl-1.1.1b/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1b/crypto/kdf/hkdf
|
|||||||
+#include <stdarg.h>
|
+#include <stdarg.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <openssl/hmac.h>
|
#include <openssl/hmac.h>
|
||||||
-#include <openssl/kdf.h>
|
#include <openssl/kdf.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
+#include <openssl/kdf.h>
|
|
||||||
#include "internal/cryptlib.h"
|
#include "internal/cryptlib.h"
|
||||||
#include "internal/evp_int.h"
|
#include "crypto/evp.h"
|
||||||
+#include "kdf_local.h"
|
+#include "kdf_local.h"
|
||||||
|
|
||||||
#define HKDF_MAXBUF 1024
|
#define HKDF_MAXBUF 1024
|
||||||
@ -1198,18 +1164,18 @@ diff -up openssl-1.1.1b/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1b/crypto/kdf/hkdf
|
|||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
- if (p1 < 0)
|
- if (p1 < 0)
|
||||||
- return 0;
|
|
||||||
-
|
|
||||||
- if (kctx->salt != NULL)
|
|
||||||
- OPENSSL_clear_free(kctx->salt, kctx->salt_len);
|
|
||||||
-
|
|
||||||
- kctx->salt = OPENSSL_memdup(p2, p1);
|
|
||||||
- if (kctx->salt == NULL)
|
|
||||||
+ OPENSSL_free(impl->salt);
|
+ OPENSSL_free(impl->salt);
|
||||||
+ impl->salt = OPENSSL_memdup(p, len);
|
+ impl->salt = OPENSSL_memdup(p, len);
|
||||||
+ if (impl->salt == NULL)
|
+ if (impl->salt == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
- if (kctx->salt != NULL)
|
||||||
|
- OPENSSL_clear_free(kctx->salt, kctx->salt_len);
|
||||||
|
-
|
||||||
|
- kctx->salt = OPENSSL_memdup(p2, p1);
|
||||||
|
- if (kctx->salt == NULL)
|
||||||
|
- return 0;
|
||||||
|
-
|
||||||
- kctx->salt_len = p1;
|
- kctx->salt_len = p1;
|
||||||
+ impl->salt_len = len;
|
+ impl->salt_len = len;
|
||||||
return 1;
|
return 1;
|
||||||
@ -1327,14 +1293,14 @@ diff -up openssl-1.1.1b/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1b/crypto/kdf/hkdf
|
|||||||
+static size_t kdf_hkdf_size(EVP_KDF_IMPL *impl)
|
+static size_t kdf_hkdf_size(EVP_KDF_IMPL *impl)
|
||||||
{
|
{
|
||||||
- HKDF_PKEY_CTX *kctx = ctx->data;
|
- HKDF_PKEY_CTX *kctx = ctx->data;
|
||||||
-
|
+ if (impl->mode != EVP_KDF_HKDF_MODE_EXTRACT_ONLY)
|
||||||
|
+ return SIZE_MAX;
|
||||||
|
|
||||||
- OPENSSL_clear_free(kctx->key, kctx->key_len);
|
- OPENSSL_clear_free(kctx->key, kctx->key_len);
|
||||||
- OPENSSL_clear_free(kctx->salt, kctx->salt_len);
|
- OPENSSL_clear_free(kctx->salt, kctx->salt_len);
|
||||||
- OPENSSL_cleanse(kctx->info, kctx->info_len);
|
- OPENSSL_cleanse(kctx->info, kctx->info_len);
|
||||||
- memset(kctx, 0, sizeof(*kctx));
|
- memset(kctx, 0, sizeof(*kctx));
|
||||||
+ if (impl->mode != EVP_KDF_HKDF_MODE_EXTRACT_ONLY)
|
-
|
||||||
+ return SIZE_MAX;
|
|
||||||
|
|
||||||
- return 1;
|
- return 1;
|
||||||
+ if (impl->md == NULL) {
|
+ if (impl->md == NULL) {
|
||||||
+ KDFerr(KDF_F_KDF_HKDF_SIZE, KDF_R_MISSING_MESSAGE_DIGEST);
|
+ KDFerr(KDF_F_KDF_HKDF_SIZE, KDF_R_MISSING_MESSAGE_DIGEST);
|
||||||
@ -1532,9 +1498,9 @@ diff -up openssl-1.1.1b/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1b/crypto/kdf/hkdf
|
|||||||
|
|
||||||
err:
|
err:
|
||||||
OPENSSL_cleanse(prev, sizeof(prev));
|
OPENSSL_cleanse(prev, sizeof(prev));
|
||||||
diff -up openssl-1.1.1b/crypto/kdf/kdf_err.c.evp-kdf openssl-1.1.1b/crypto/kdf/kdf_err.c
|
diff -up openssl-1.1.1e/crypto/kdf/kdf_err.c.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_err.c
|
||||||
--- openssl-1.1.1b/crypto/kdf/kdf_err.c.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/crypto/kdf/kdf_err.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/crypto/kdf/kdf_err.c 2019-02-28 13:05:05.654521419 +0100
|
+++ openssl-1.1.1e/crypto/kdf/kdf_err.c 2020-03-19 16:04:32.349699159 +0100
|
||||||
@@ -1,6 +1,6 @@
|
@@ -1,6 +1,6 @@
|
||||||
/*
|
/*
|
||||||
* Generated by util/mkerr.pl DO NOT EDIT
|
* Generated by util/mkerr.pl DO NOT EDIT
|
||||||
@ -1590,9 +1556,9 @@ diff -up openssl-1.1.1b/crypto/kdf/kdf_err.c.evp-kdf openssl-1.1.1b/crypto/kdf/k
|
|||||||
{0, NULL}
|
{0, NULL}
|
||||||
};
|
};
|
||||||
|
|
||||||
diff -up openssl-1.1.1b/crypto/kdf/kdf_local.h.evp-kdf openssl-1.1.1b/crypto/kdf/kdf_local.h
|
diff -up openssl-1.1.1e/crypto/kdf/kdf_local.h.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_local.h
|
||||||
--- openssl-1.1.1b/crypto/kdf/kdf_local.h.evp-kdf 2019-02-28 13:05:05.654521419 +0100
|
--- openssl-1.1.1e/crypto/kdf/kdf_local.h.evp-kdf 2020-03-19 16:04:32.349699159 +0100
|
||||||
+++ openssl-1.1.1b/crypto/kdf/kdf_local.h 2019-02-28 13:05:05.654521419 +0100
|
+++ openssl-1.1.1e/crypto/kdf/kdf_local.h 2020-03-19 16:04:32.349699159 +0100
|
||||||
@@ -0,0 +1,22 @@
|
@@ -0,0 +1,22 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -1616,9 +1582,9 @@ diff -up openssl-1.1.1b/crypto/kdf/kdf_local.h.evp-kdf openssl-1.1.1b/crypto/kdf
|
|||||||
+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
|
+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
|
||||||
+ int cmd, const char *md_name);
|
+ int cmd, const char *md_name);
|
||||||
+
|
+
|
||||||
diff -up openssl-1.1.1b/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1b/crypto/kdf/kdf_util.c
|
diff -up openssl-1.1.1e/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_util.c
|
||||||
--- openssl-1.1.1b/crypto/kdf/kdf_util.c.evp-kdf 2019-02-28 13:05:05.654521419 +0100
|
--- openssl-1.1.1e/crypto/kdf/kdf_util.c.evp-kdf 2020-03-19 16:04:32.350699142 +0100
|
||||||
+++ openssl-1.1.1b/crypto/kdf/kdf_util.c 2019-02-28 13:05:05.654521419 +0100
|
+++ openssl-1.1.1e/crypto/kdf/kdf_util.c 2020-03-19 16:04:32.350699142 +0100
|
||||||
@@ -0,0 +1,73 @@
|
@@ -0,0 +1,73 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -1635,7 +1601,7 @@ diff -up openssl-1.1.1b/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1b/crypto/kdf/
|
|||||||
+#include <openssl/kdf.h>
|
+#include <openssl/kdf.h>
|
||||||
+#include <openssl/evp.h>
|
+#include <openssl/evp.h>
|
||||||
+#include "internal/cryptlib.h"
|
+#include "internal/cryptlib.h"
|
||||||
+#include "internal/evp_int.h"
|
+#include "crypto/evp.h"
|
||||||
+#include "internal/numbers.h"
|
+#include "internal/numbers.h"
|
||||||
+#include "kdf_local.h"
|
+#include "kdf_local.h"
|
||||||
+
|
+
|
||||||
@ -1693,9 +1659,9 @@ diff -up openssl-1.1.1b/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1b/crypto/kdf/
|
|||||||
+ return call_ctrl(ctrl, impl, cmd, md);
|
+ return call_ctrl(ctrl, impl, cmd, md);
|
||||||
+}
|
+}
|
||||||
+
|
+
|
||||||
diff -up openssl-1.1.1b/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1b/crypto/kdf/pbkdf2.c
|
diff -up openssl-1.1.1e/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1e/crypto/kdf/pbkdf2.c
|
||||||
--- openssl-1.1.1b/crypto/kdf/pbkdf2.c.evp-kdf 2019-02-28 13:05:05.654521419 +0100
|
--- openssl-1.1.1e/crypto/kdf/pbkdf2.c.evp-kdf 2020-03-19 16:04:32.374698727 +0100
|
||||||
+++ openssl-1.1.1b/crypto/kdf/pbkdf2.c 2019-02-28 13:05:05.654521419 +0100
|
+++ openssl-1.1.1e/crypto/kdf/pbkdf2.c 2020-03-19 16:04:32.374698727 +0100
|
||||||
@@ -0,0 +1,264 @@
|
@@ -0,0 +1,264 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -1713,7 +1679,7 @@ diff -up openssl-1.1.1b/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1b/crypto/kdf/pb
|
|||||||
+#include <openssl/evp.h>
|
+#include <openssl/evp.h>
|
||||||
+#include <openssl/kdf.h>
|
+#include <openssl/kdf.h>
|
||||||
+#include "internal/cryptlib.h"
|
+#include "internal/cryptlib.h"
|
||||||
+#include "internal/evp_int.h"
|
+#include "crypto/evp.h"
|
||||||
+#include "kdf_local.h"
|
+#include "kdf_local.h"
|
||||||
+
|
+
|
||||||
+static void kdf_pbkdf2_reset(EVP_KDF_IMPL *impl);
|
+static void kdf_pbkdf2_reset(EVP_KDF_IMPL *impl);
|
||||||
@ -1961,22 +1927,21 @@ diff -up openssl-1.1.1b/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1b/crypto/kdf/pb
|
|||||||
+ HMAC_CTX_free(hctx_tpl);
|
+ HMAC_CTX_free(hctx_tpl);
|
||||||
+ return ret;
|
+ return ret;
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1b/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1b/crypto/kdf/scrypt.c
|
diff -up openssl-1.1.1e/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1e/crypto/kdf/scrypt.c
|
||||||
--- openssl-1.1.1b/crypto/kdf/scrypt.c.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/crypto/kdf/scrypt.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/crypto/kdf/scrypt.c 2019-02-28 13:05:05.655521400 +0100
|
+++ openssl-1.1.1e/crypto/kdf/scrypt.c 2020-03-19 16:11:06.215872475 +0100
|
||||||
@@ -8,25 +8,34 @@
|
@@ -8,25 +8,35 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
+#include <stdarg.h>
|
+#include <stdarg.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
-#include <openssl/hmac.h>
|
#include <openssl/hmac.h>
|
||||||
-#include <openssl/kdf.h>
|
#include <openssl/kdf.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
-#include "internal/cryptlib.h"
|
-#include "internal/cryptlib.h"
|
||||||
+#include <openssl/kdf.h>
|
|
||||||
+#include <openssl/err.h>
|
+#include <openssl/err.h>
|
||||||
#include "internal/evp_int.h"
|
#include "crypto/evp.h"
|
||||||
+#include "internal/numbers.h"
|
+#include "internal/numbers.h"
|
||||||
+#include "kdf_local.h"
|
+#include "kdf_local.h"
|
||||||
|
|
||||||
@ -2005,7 +1970,7 @@ diff -up openssl-1.1.1b/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1b/crypto/kdf/sc
|
|||||||
|
|
||||||
/* Custom uint64_t parser since we do not have strtoull */
|
/* Custom uint64_t parser since we do not have strtoull */
|
||||||
static int atou64(const char *nptr, uint64_t *result)
|
static int atou64(const char *nptr, uint64_t *result)
|
||||||
@@ -53,51 +62,53 @@ static int atou64(const char *nptr, uint
|
@@ -53,51 +63,53 @@ static int atou64(const char *nptr, uint
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2090,7 +2055,7 @@ diff -up openssl-1.1.1b/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1b/crypto/kdf/sc
|
|||||||
|
|
||||||
if (new_buflen > 0) {
|
if (new_buflen > 0) {
|
||||||
*buffer = OPENSSL_memdup(new_buffer, new_buflen);
|
*buffer = OPENSSL_memdup(new_buffer, new_buflen);
|
||||||
@@ -105,7 +116,7 @@ static int pkey_scrypt_set_membuf(unsign
|
@@ -105,7 +117,7 @@ static int pkey_scrypt_set_membuf(unsign
|
||||||
*buffer = OPENSSL_malloc(1);
|
*buffer = OPENSSL_malloc(1);
|
||||||
}
|
}
|
||||||
if (*buffer == NULL) {
|
if (*buffer == NULL) {
|
||||||
@ -2099,7 +2064,7 @@ diff -up openssl-1.1.1b/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1b/crypto/kdf/sc
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -118,149 +129,378 @@ static int is_power_of_two(uint64_t valu
|
@@ -118,149 +130,378 @@ static int is_power_of_two(uint64_t valu
|
||||||
return (value != 0) && ((value & (value - 1)) == 0);
|
return (value != 0) && ((value & (value - 1)) == 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2552,9 +2517,9 @@ diff -up openssl-1.1.1b/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1b/crypto/kdf/sc
|
|||||||
+}
|
+}
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
diff -up openssl-1.1.1b/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1b/crypto/kdf/tls1_prf.c
|
diff -up openssl-1.1.1e/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1e/crypto/kdf/tls1_prf.c
|
||||||
--- openssl-1.1.1b/crypto/kdf/tls1_prf.c.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/crypto/kdf/tls1_prf.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/crypto/kdf/tls1_prf.c 2019-02-28 13:05:05.655521400 +0100
|
+++ openssl-1.1.1e/crypto/kdf/tls1_prf.c 2020-03-19 16:10:32.317460707 +0100
|
||||||
@@ -8,11 +8,15 @@
|
@@ -8,11 +8,15 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
@ -2562,10 +2527,9 @@ diff -up openssl-1.1.1b/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1b/crypto/kdf/
|
|||||||
+#include <stdarg.h>
|
+#include <stdarg.h>
|
||||||
+#include <string.h>
|
+#include <string.h>
|
||||||
#include "internal/cryptlib.h"
|
#include "internal/cryptlib.h"
|
||||||
-#include <openssl/kdf.h>
|
#include <openssl/kdf.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
+#include <openssl/kdf.h>
|
#include "crypto/evp.h"
|
||||||
#include "internal/evp_int.h"
|
|
||||||
+#include "kdf_local.h"
|
+#include "kdf_local.h"
|
||||||
|
|
||||||
+static void kdf_tls1_prf_reset(EVP_KDF_IMPL *impl);
|
+static void kdf_tls1_prf_reset(EVP_KDF_IMPL *impl);
|
||||||
@ -2665,15 +2629,15 @@ diff -up openssl-1.1.1b/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1b/crypto/kdf/
|
|||||||
- kctx->seclen = p1;
|
- kctx->seclen = p1;
|
||||||
+
|
+
|
||||||
+ impl->seclen = len;
|
+ impl->seclen = len;
|
||||||
|
+ return 1;
|
||||||
|
+
|
||||||
|
+ case EVP_KDF_CTRL_RESET_TLS_SEED:
|
||||||
|
+ OPENSSL_cleanse(impl->seed, impl->seedlen);
|
||||||
|
+ impl->seedlen = 0;
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
- case EVP_PKEY_CTRL_TLS_SEED:
|
- case EVP_PKEY_CTRL_TLS_SEED:
|
||||||
- if (p1 == 0 || p2 == NULL)
|
- if (p1 == 0 || p2 == NULL)
|
||||||
+ case EVP_KDF_CTRL_RESET_TLS_SEED:
|
|
||||||
+ OPENSSL_cleanse(impl->seed, impl->seedlen);
|
|
||||||
+ impl->seedlen = 0;
|
|
||||||
+ return 1;
|
|
||||||
+
|
|
||||||
+ case EVP_KDF_CTRL_ADD_TLS_SEED:
|
+ case EVP_KDF_CTRL_ADD_TLS_SEED:
|
||||||
+ p = va_arg(args, const unsigned char *);
|
+ p = va_arg(args, const unsigned char *);
|
||||||
+ len = va_arg(args, size_t);
|
+ len = va_arg(args, size_t);
|
||||||
@ -2838,9 +2802,9 @@ diff -up openssl-1.1.1b/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1b/crypto/kdf/
|
|||||||
OPENSSL_clear_free(tmp, olen);
|
OPENSSL_clear_free(tmp, olen);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
diff -up openssl-1.1.1b/doc/man3/EVP_KDF_CTX.pod.evp-kdf openssl-1.1.1b/doc/man3/EVP_KDF_CTX.pod
|
diff -up openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod.evp-kdf openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod
|
||||||
--- openssl-1.1.1b/doc/man3/EVP_KDF_CTX.pod.evp-kdf 2019-02-28 13:05:05.656521382 +0100
|
--- openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod.evp-kdf 2020-03-19 16:04:32.377698675 +0100
|
||||||
+++ openssl-1.1.1b/doc/man3/EVP_KDF_CTX.pod 2019-02-28 13:05:05.655521400 +0100
|
+++ openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod 2020-03-19 16:04:32.377698675 +0100
|
||||||
@@ -0,0 +1,217 @@
|
@@ -0,0 +1,217 @@
|
||||||
+=pod
|
+=pod
|
||||||
+
|
+
|
||||||
@ -3059,9 +3023,9 @@ diff -up openssl-1.1.1b/doc/man3/EVP_KDF_CTX.pod.evp-kdf openssl-1.1.1b/doc/man3
|
|||||||
+L<https://www.openssl.org/source/license.html>.
|
+L<https://www.openssl.org/source/license.html>.
|
||||||
+
|
+
|
||||||
+=cut
|
+=cut
|
||||||
diff -up openssl-1.1.1b/doc/man7/EVP_KDF_HKDF.pod.evp-kdf openssl-1.1.1b/doc/man7/EVP_KDF_HKDF.pod
|
diff -up openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod
|
||||||
--- openssl-1.1.1b/doc/man7/EVP_KDF_HKDF.pod.evp-kdf 2019-02-28 13:05:05.656521382 +0100
|
--- openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod.evp-kdf 2020-03-19 16:04:32.377698675 +0100
|
||||||
+++ openssl-1.1.1b/doc/man7/EVP_KDF_HKDF.pod 2019-02-28 13:05:05.656521382 +0100
|
+++ openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod 2020-03-19 16:04:32.377698675 +0100
|
||||||
@@ -0,0 +1,180 @@
|
@@ -0,0 +1,180 @@
|
||||||
+=pod
|
+=pod
|
||||||
+
|
+
|
||||||
@ -3243,9 +3207,9 @@ diff -up openssl-1.1.1b/doc/man7/EVP_KDF_HKDF.pod.evp-kdf openssl-1.1.1b/doc/man
|
|||||||
+L<https://www.openssl.org/source/license.html>.
|
+L<https://www.openssl.org/source/license.html>.
|
||||||
+
|
+
|
||||||
+=cut
|
+=cut
|
||||||
diff -up openssl-1.1.1b/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf openssl-1.1.1b/doc/man7/EVP_KDF_PBKDF2.pod
|
diff -up openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod
|
||||||
--- openssl-1.1.1b/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf 2019-02-28 13:05:05.656521382 +0100
|
--- openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100
|
||||||
+++ openssl-1.1.1b/doc/man7/EVP_KDF_PBKDF2.pod 2019-02-28 13:05:05.656521382 +0100
|
+++ openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod 2020-03-19 16:04:32.378698658 +0100
|
||||||
@@ -0,0 +1,78 @@
|
@@ -0,0 +1,78 @@
|
||||||
+=pod
|
+=pod
|
||||||
+
|
+
|
||||||
@ -3325,9 +3289,9 @@ diff -up openssl-1.1.1b/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf openssl-1.1.1b/doc/m
|
|||||||
+L<https://www.openssl.org/source/license.html>.
|
+L<https://www.openssl.org/source/license.html>.
|
||||||
+
|
+
|
||||||
+=cut
|
+=cut
|
||||||
diff -up openssl-1.1.1b/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf openssl-1.1.1b/doc/man7/EVP_KDF_SCRYPT.pod
|
diff -up openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod
|
||||||
--- openssl-1.1.1b/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf 2019-02-28 13:05:05.656521382 +0100
|
--- openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100
|
||||||
+++ openssl-1.1.1b/doc/man7/EVP_KDF_SCRYPT.pod 2019-02-28 13:05:05.656521382 +0100
|
+++ openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod 2020-03-19 16:04:32.378698658 +0100
|
||||||
@@ -0,0 +1,149 @@
|
@@ -0,0 +1,149 @@
|
||||||
+=pod
|
+=pod
|
||||||
+
|
+
|
||||||
@ -3478,9 +3442,9 @@ diff -up openssl-1.1.1b/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf openssl-1.1.1b/doc/m
|
|||||||
+L<https://www.openssl.org/source/license.html>.
|
+L<https://www.openssl.org/source/license.html>.
|
||||||
+
|
+
|
||||||
+=cut
|
+=cut
|
||||||
diff -up openssl-1.1.1b/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf openssl-1.1.1b/doc/man7/EVP_KDF_TLS1_PRF.pod
|
diff -up openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod
|
||||||
--- openssl-1.1.1b/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf 2019-02-28 13:05:05.656521382 +0100
|
--- openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100
|
||||||
+++ openssl-1.1.1b/doc/man7/EVP_KDF_TLS1_PRF.pod 2019-02-28 13:05:05.656521382 +0100
|
+++ openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod 2020-03-19 16:04:32.378698658 +0100
|
||||||
@@ -0,0 +1,142 @@
|
@@ -0,0 +1,142 @@
|
||||||
+=pod
|
+=pod
|
||||||
+
|
+
|
||||||
@ -3624,18 +3588,38 @@ diff -up openssl-1.1.1b/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf openssl-1.1.1b/doc
|
|||||||
+L<https://www.openssl.org/source/license.html>.
|
+L<https://www.openssl.org/source/license.html>.
|
||||||
+
|
+
|
||||||
+=cut
|
+=cut
|
||||||
diff -up openssl-1.1.1b/include/openssl/evperr.h.evp-kdf openssl-1.1.1b/include/openssl/evperr.h
|
diff -up openssl-1.1.1e/include/crypto/evp.h.evp-kdf openssl-1.1.1e/include/crypto/evp.h
|
||||||
--- openssl-1.1.1b/include/openssl/evperr.h.evp-kdf 2019-02-28 13:05:05.633521807 +0100
|
--- openssl-1.1.1e/include/crypto/evp.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/include/openssl/evperr.h 2019-02-28 13:05:05.657521363 +0100
|
+++ openssl-1.1.1e/include/crypto/evp.h 2020-03-19 16:04:32.347699194 +0100
|
||||||
@@ -1,6 +1,6 @@
|
@@ -112,6 +112,24 @@ extern const EVP_PKEY_METHOD hkdf_pkey_m
|
||||||
/*
|
extern const EVP_PKEY_METHOD poly1305_pkey_meth;
|
||||||
* Generated by util/mkerr.pl DO NOT EDIT
|
extern const EVP_PKEY_METHOD siphash_pkey_meth;
|
||||||
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
|
||||||
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
+/* struct evp_kdf_impl_st is defined by the implementation */
|
||||||
*
|
+typedef struct evp_kdf_impl_st EVP_KDF_IMPL;
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
+typedef struct {
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
+ int type;
|
||||||
@@ -51,6 +51,9 @@ int ERR_load_EVP_strings(void);
|
+ EVP_KDF_IMPL *(*new) (void);
|
||||||
|
+ void (*free) (EVP_KDF_IMPL *impl);
|
||||||
|
+ void (*reset) (EVP_KDF_IMPL *impl);
|
||||||
|
+ int (*ctrl) (EVP_KDF_IMPL *impl, int cmd, va_list args);
|
||||||
|
+ int (*ctrl_str) (EVP_KDF_IMPL *impl, const char *type, const char *value);
|
||||||
|
+ size_t (*size) (EVP_KDF_IMPL *impl);
|
||||||
|
+ int (*derive) (EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen);
|
||||||
|
+} EVP_KDF_METHOD;
|
||||||
|
+
|
||||||
|
+extern const EVP_KDF_METHOD pbkdf2_kdf_meth;
|
||||||
|
+extern const EVP_KDF_METHOD scrypt_kdf_meth;
|
||||||
|
+extern const EVP_KDF_METHOD tls1_prf_kdf_meth;
|
||||||
|
+extern const EVP_KDF_METHOD hkdf_kdf_meth;
|
||||||
|
+
|
||||||
|
struct evp_md_st {
|
||||||
|
int type;
|
||||||
|
int pkey_type;
|
||||||
|
diff -up openssl-1.1.1e/include/openssl/evperr.h.evp-kdf openssl-1.1.1e/include/openssl/evperr.h
|
||||||
|
--- openssl-1.1.1e/include/openssl/evperr.h.evp-kdf 2020-03-19 16:04:11.250064365 +0100
|
||||||
|
+++ openssl-1.1.1e/include/openssl/evperr.h 2020-03-19 16:04:32.379698640 +0100
|
||||||
|
@@ -58,6 +58,9 @@ int ERR_load_EVP_strings(void);
|
||||||
# define EVP_F_EVP_ENCRYPTDECRYPTUPDATE 219
|
# define EVP_F_EVP_ENCRYPTDECRYPTUPDATE 219
|
||||||
# define EVP_F_EVP_ENCRYPTFINAL_EX 127
|
# define EVP_F_EVP_ENCRYPTFINAL_EX 127
|
||||||
# define EVP_F_EVP_ENCRYPTUPDATE 167
|
# define EVP_F_EVP_ENCRYPTUPDATE 167
|
||||||
@ -3645,7 +3629,7 @@ diff -up openssl-1.1.1b/include/openssl/evperr.h.evp-kdf openssl-1.1.1b/include/
|
|||||||
# define EVP_F_EVP_MD_CTX_COPY_EX 110
|
# define EVP_F_EVP_MD_CTX_COPY_EX 110
|
||||||
# define EVP_F_EVP_MD_SIZE 162
|
# define EVP_F_EVP_MD_SIZE 162
|
||||||
# define EVP_F_EVP_OPENINIT 102
|
# define EVP_F_EVP_OPENINIT 102
|
||||||
@@ -113,10 +116,12 @@ int ERR_load_EVP_strings(void);
|
@@ -120,11 +123,13 @@ int ERR_load_EVP_strings(void);
|
||||||
# define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
|
# define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
|
||||||
# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
|
# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
|
||||||
# define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN 180
|
# define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN 180
|
||||||
@ -3653,12 +3637,13 @@ diff -up openssl-1.1.1b/include/openssl/evperr.h.evp-kdf openssl-1.1.1b/include/
|
|||||||
# define EVP_F_PKEY_SET_TYPE 158
|
# define EVP_F_PKEY_SET_TYPE 158
|
||||||
# define EVP_F_RC2_MAGIC_TO_METH 109
|
# define EVP_F_RC2_MAGIC_TO_METH 109
|
||||||
# define EVP_F_RC5_CTRL 125
|
# define EVP_F_RC5_CTRL 125
|
||||||
|
# define EVP_F_R_32_12_16_INIT_KEY 242
|
||||||
# define EVP_F_S390X_AES_GCM_CTRL 201
|
# define EVP_F_S390X_AES_GCM_CTRL 201
|
||||||
+# define EVP_F_SCRYPT_ALG 228
|
+# define EVP_F_SCRYPT_ALG 228
|
||||||
# define EVP_F_UPDATE 173
|
# define EVP_F_UPDATE 173
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -171,6 +176,7 @@ int ERR_load_EVP_strings(void);
|
@@ -181,6 +186,7 @@ int ERR_load_EVP_strings(void);
|
||||||
# define EVP_R_ONLY_ONESHOT_SUPPORTED 177
|
# define EVP_R_ONLY_ONESHOT_SUPPORTED 177
|
||||||
# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
|
# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
|
||||||
# define EVP_R_OPERATON_NOT_INITIALIZED 151
|
# define EVP_R_OPERATON_NOT_INITIALIZED 151
|
||||||
@ -3666,18 +3651,10 @@ diff -up openssl-1.1.1b/include/openssl/evperr.h.evp-kdf openssl-1.1.1b/include/
|
|||||||
# define EVP_R_PARTIALLY_OVERLAPPING 162
|
# define EVP_R_PARTIALLY_OVERLAPPING 162
|
||||||
# define EVP_R_PBKDF2_ERROR 181
|
# define EVP_R_PBKDF2_ERROR 181
|
||||||
# define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179
|
# define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179
|
||||||
diff -up openssl-1.1.1b/include/openssl/kdferr.h.evp-kdf openssl-1.1.1b/include/openssl/kdferr.h
|
diff -up openssl-1.1.1e/include/openssl/kdferr.h.evp-kdf openssl-1.1.1e/include/openssl/kdferr.h
|
||||||
--- openssl-1.1.1b/include/openssl/kdferr.h.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/include/openssl/kdferr.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/include/openssl/kdferr.h 2019-02-28 13:05:05.657521363 +0100
|
+++ openssl-1.1.1e/include/openssl/kdferr.h 2020-03-19 16:04:32.379698640 +0100
|
||||||
@@ -1,6 +1,6 @@
|
@@ -23,6 +23,23 @@ int ERR_load_KDF_strings(void);
|
||||||
/*
|
|
||||||
* Generated by util/mkerr.pl DO NOT EDIT
|
|
||||||
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
|
||||||
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
||||||
*
|
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
|
||||||
@@ -19,6 +19,23 @@ int ERR_load_KDF_strings(void);
|
|
||||||
/*
|
/*
|
||||||
* KDF function codes.
|
* KDF function codes.
|
||||||
*/
|
*/
|
||||||
@ -3701,7 +3678,7 @@ diff -up openssl-1.1.1b/include/openssl/kdferr.h.evp-kdf openssl-1.1.1b/include/
|
|||||||
# define KDF_F_PKEY_HKDF_CTRL_STR 103
|
# define KDF_F_PKEY_HKDF_CTRL_STR 103
|
||||||
# define KDF_F_PKEY_HKDF_DERIVE 102
|
# define KDF_F_PKEY_HKDF_DERIVE 102
|
||||||
# define KDF_F_PKEY_HKDF_INIT 108
|
# define KDF_F_PKEY_HKDF_INIT 108
|
||||||
@@ -30,6 +47,7 @@ int ERR_load_KDF_strings(void);
|
@@ -34,6 +51,7 @@ int ERR_load_KDF_strings(void);
|
||||||
# define KDF_F_PKEY_TLS1_PRF_CTRL_STR 100
|
# define KDF_F_PKEY_TLS1_PRF_CTRL_STR 100
|
||||||
# define KDF_F_PKEY_TLS1_PRF_DERIVE 101
|
# define KDF_F_PKEY_TLS1_PRF_DERIVE 101
|
||||||
# define KDF_F_PKEY_TLS1_PRF_INIT 110
|
# define KDF_F_PKEY_TLS1_PRF_INIT 110
|
||||||
@ -3709,16 +3686,16 @@ diff -up openssl-1.1.1b/include/openssl/kdferr.h.evp-kdf openssl-1.1.1b/include/
|
|||||||
# define KDF_F_TLS1_PRF_ALG 111
|
# define KDF_F_TLS1_PRF_ALG 111
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -47,5 +65,6 @@ int ERR_load_KDF_strings(void);
|
@@ -51,5 +69,6 @@ int ERR_load_KDF_strings(void);
|
||||||
# define KDF_R_UNKNOWN_PARAMETER_TYPE 103
|
# define KDF_R_UNKNOWN_PARAMETER_TYPE 103
|
||||||
# define KDF_R_VALUE_ERROR 108
|
# define KDF_R_VALUE_ERROR 108
|
||||||
# define KDF_R_VALUE_MISSING 102
|
# define KDF_R_VALUE_MISSING 102
|
||||||
+# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112
|
+# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
diff -up openssl-1.1.1b/include/openssl/kdf.h.evp-kdf openssl-1.1.1b/include/openssl/kdf.h
|
diff -up openssl-1.1.1e/include/openssl/kdf.h.evp-kdf openssl-1.1.1e/include/openssl/kdf.h
|
||||||
--- openssl-1.1.1b/include/openssl/kdf.h.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/include/openssl/kdf.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/include/openssl/kdf.h 2019-02-28 13:05:05.657521363 +0100
|
+++ openssl-1.1.1e/include/openssl/kdf.h 2020-03-19 16:04:32.380698623 +0100
|
||||||
@@ -10,10 +10,50 @@
|
@@ -10,10 +10,50 @@
|
||||||
#ifndef HEADER_KDF_H
|
#ifndef HEADER_KDF_H
|
||||||
# define HEADER_KDF_H
|
# define HEADER_KDF_H
|
||||||
@ -3797,9 +3774,9 @@ diff -up openssl-1.1.1b/include/openssl/kdf.h.evp-kdf openssl-1.1.1b/include/ope
|
|||||||
}
|
}
|
||||||
# endif
|
# endif
|
||||||
#endif
|
#endif
|
||||||
diff -up openssl-1.1.1b/include/openssl/ossl_typ.h.evp-kdf openssl-1.1.1b/include/openssl/ossl_typ.h
|
diff -up openssl-1.1.1e/include/openssl/ossl_typ.h.evp-kdf openssl-1.1.1e/include/openssl/ossl_typ.h
|
||||||
--- openssl-1.1.1b/include/openssl/ossl_typ.h.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/include/openssl/ossl_typ.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/include/openssl/ossl_typ.h 2019-02-28 13:05:05.657521363 +0100
|
+++ openssl-1.1.1e/include/openssl/ossl_typ.h 2020-03-19 16:04:32.381698606 +0100
|
||||||
@@ -97,6 +97,8 @@ typedef struct evp_pkey_asn1_method_st E
|
@@ -97,6 +97,8 @@ typedef struct evp_pkey_asn1_method_st E
|
||||||
typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
|
typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
|
||||||
typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
|
typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
|
||||||
@ -3809,10 +3786,10 @@ diff -up openssl-1.1.1b/include/openssl/ossl_typ.h.evp-kdf openssl-1.1.1b/includ
|
|||||||
typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX;
|
typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX;
|
||||||
|
|
||||||
typedef struct hmac_ctx_st HMAC_CTX;
|
typedef struct hmac_ctx_st HMAC_CTX;
|
||||||
diff -up openssl-1.1.1b/test/build.info.evp-kdf openssl-1.1.1b/test/build.info
|
diff -up openssl-1.1.1e/test/build.info.evp-kdf openssl-1.1.1e/test/build.info
|
||||||
--- openssl-1.1.1b/test/build.info.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/test/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/test/build.info 2019-02-28 13:05:05.657521363 +0100
|
+++ openssl-1.1.1e/test/build.info 2020-03-19 16:04:32.381698606 +0100
|
||||||
@@ -43,7 +43,8 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I
|
@@ -44,7 +44,8 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I
|
||||||
ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \
|
ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \
|
||||||
bio_callback_test bio_memleak_test \
|
bio_callback_test bio_memleak_test \
|
||||||
bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \
|
bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \
|
||||||
@ -3822,7 +3799,7 @@ diff -up openssl-1.1.1b/test/build.info.evp-kdf openssl-1.1.1b/test/build.info
|
|||||||
asn1_encode_test asn1_decode_test asn1_string_table_test \
|
asn1_encode_test asn1_decode_test asn1_string_table_test \
|
||||||
x509_time_test x509_dup_cert_test x509_check_cert_pkey_test \
|
x509_time_test x509_dup_cert_test x509_check_cert_pkey_test \
|
||||||
recordlentest drbgtest sslbuffertest \
|
recordlentest drbgtest sslbuffertest \
|
||||||
@@ -335,6 +336,10 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I
|
@@ -336,6 +337,10 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I
|
||||||
INCLUDE[pkey_meth_kdf_test]=../include
|
INCLUDE[pkey_meth_kdf_test]=../include
|
||||||
DEPEND[pkey_meth_kdf_test]=../libcrypto libtestutil.a
|
DEPEND[pkey_meth_kdf_test]=../libcrypto libtestutil.a
|
||||||
|
|
||||||
@ -3833,9 +3810,9 @@ diff -up openssl-1.1.1b/test/build.info.evp-kdf openssl-1.1.1b/test/build.info
|
|||||||
SOURCE[x509_time_test]=x509_time_test.c
|
SOURCE[x509_time_test]=x509_time_test.c
|
||||||
INCLUDE[x509_time_test]=../include
|
INCLUDE[x509_time_test]=../include
|
||||||
DEPEND[x509_time_test]=../libcrypto libtestutil.a
|
DEPEND[x509_time_test]=../libcrypto libtestutil.a
|
||||||
diff -up openssl-1.1.1b/test/evp_kdf_test.c.evp-kdf openssl-1.1.1b/test/evp_kdf_test.c
|
diff -up openssl-1.1.1e/test/evp_kdf_test.c.evp-kdf openssl-1.1.1e/test/evp_kdf_test.c
|
||||||
--- openssl-1.1.1b/test/evp_kdf_test.c.evp-kdf 2019-02-28 13:05:05.658521345 +0100
|
--- openssl-1.1.1e/test/evp_kdf_test.c.evp-kdf 2020-03-19 16:04:32.382698588 +0100
|
||||||
+++ openssl-1.1.1b/test/evp_kdf_test.c 2019-02-28 13:05:05.658521345 +0100
|
+++ openssl-1.1.1e/test/evp_kdf_test.c 2020-03-19 16:04:32.382698588 +0100
|
||||||
@@ -0,0 +1,237 @@
|
@@ -0,0 +1,237 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -4074,10 +4051,10 @@ diff -up openssl-1.1.1b/test/evp_kdf_test.c.evp-kdf openssl-1.1.1b/test/evp_kdf_
|
|||||||
+#endif
|
+#endif
|
||||||
+ return 1;
|
+ return 1;
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1b/test/evp_test.c.evp-kdf openssl-1.1.1b/test/evp_test.c
|
diff -up openssl-1.1.1e/test/evp_test.c.evp-kdf openssl-1.1.1e/test/evp_test.c
|
||||||
--- openssl-1.1.1b/test/evp_test.c.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/test/evp_test.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/test/evp_test.c 2019-02-28 13:05:05.658521345 +0100
|
+++ openssl-1.1.1e/test/evp_test.c 2020-03-19 16:04:32.383698571 +0100
|
||||||
@@ -1672,13 +1672,14 @@ static const EVP_TEST_METHOD encode_test
|
@@ -1705,13 +1705,14 @@ static const EVP_TEST_METHOD encode_test
|
||||||
encode_test_run,
|
encode_test_run,
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -4093,7 +4070,7 @@ diff -up openssl-1.1.1b/test/evp_test.c.evp-kdf openssl-1.1.1b/test/evp_test.c
|
|||||||
/* Expected output */
|
/* Expected output */
|
||||||
unsigned char *output;
|
unsigned char *output;
|
||||||
size_t output_len;
|
size_t output_len;
|
||||||
@@ -1705,16 +1706,11 @@ static int kdf_test_init(EVP_TEST *t, co
|
@@ -1738,16 +1739,11 @@ static int kdf_test_init(EVP_TEST *t, co
|
||||||
|
|
||||||
if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
|
if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
|
||||||
return 0;
|
return 0;
|
||||||
@ -4111,7 +4088,7 @@ diff -up openssl-1.1.1b/test/evp_test.c.evp-kdf openssl-1.1.1b/test/evp_test.c
|
|||||||
t->data = kdata;
|
t->data = kdata;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@@ -1723,7 +1719,42 @@ static void kdf_test_cleanup(EVP_TEST *t
|
@@ -1756,7 +1752,42 @@ static void kdf_test_cleanup(EVP_TEST *t
|
||||||
{
|
{
|
||||||
KDF_DATA *kdata = t->data;
|
KDF_DATA *kdata = t->data;
|
||||||
OPENSSL_free(kdata->output);
|
OPENSSL_free(kdata->output);
|
||||||
@ -4155,7 +4132,7 @@ diff -up openssl-1.1.1b/test/evp_test.c.evp-kdf openssl-1.1.1b/test/evp_test.c
|
|||||||
}
|
}
|
||||||
|
|
||||||
static int kdf_test_parse(EVP_TEST *t,
|
static int kdf_test_parse(EVP_TEST *t,
|
||||||
@@ -1734,7 +1765,7 @@ static int kdf_test_parse(EVP_TEST *t,
|
@@ -1767,7 +1798,7 @@ static int kdf_test_parse(EVP_TEST *t,
|
||||||
if (strcmp(keyword, "Output") == 0)
|
if (strcmp(keyword, "Output") == 0)
|
||||||
return parse_bin(value, &kdata->output, &kdata->output_len);
|
return parse_bin(value, &kdata->output, &kdata->output_len);
|
||||||
if (strncmp(keyword, "Ctrl", 4) == 0)
|
if (strncmp(keyword, "Ctrl", 4) == 0)
|
||||||
@ -4164,7 +4141,7 @@ diff -up openssl-1.1.1b/test/evp_test.c.evp-kdf openssl-1.1.1b/test/evp_test.c
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1748,7 +1779,7 @@ static int kdf_test_run(EVP_TEST *t)
|
@@ -1781,7 +1812,7 @@ static int kdf_test_run(EVP_TEST *t)
|
||||||
t->err = "INTERNAL_ERROR";
|
t->err = "INTERNAL_ERROR";
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@ -4173,7 +4150,7 @@ diff -up openssl-1.1.1b/test/evp_test.c.evp-kdf openssl-1.1.1b/test/evp_test.c
|
|||||||
t->err = "KDF_DERIVE_ERROR";
|
t->err = "KDF_DERIVE_ERROR";
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@@ -1774,6 +1805,106 @@ static const EVP_TEST_METHOD kdf_test_me
|
@@ -1807,6 +1838,106 @@ static const EVP_TEST_METHOD kdf_test_me
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -4280,7 +4257,7 @@ diff -up openssl-1.1.1b/test/evp_test.c.evp-kdf openssl-1.1.1b/test/evp_test.c
|
|||||||
*** KEYPAIR TESTS
|
*** KEYPAIR TESTS
|
||||||
**/
|
**/
|
||||||
|
|
||||||
@@ -2277,6 +2408,7 @@ static const EVP_TEST_METHOD *evp_test_l
|
@@ -2310,6 +2441,7 @@ static const EVP_TEST_METHOD *evp_test_l
|
||||||
&digestverify_test_method,
|
&digestverify_test_method,
|
||||||
&encode_test_method,
|
&encode_test_method,
|
||||||
&kdf_test_method,
|
&kdf_test_method,
|
||||||
@ -4288,9 +4265,9 @@ diff -up openssl-1.1.1b/test/evp_test.c.evp-kdf openssl-1.1.1b/test/evp_test.c
|
|||||||
&keypair_test_method,
|
&keypair_test_method,
|
||||||
&keygen_test_method,
|
&keygen_test_method,
|
||||||
&mac_test_method,
|
&mac_test_method,
|
||||||
diff -up openssl-1.1.1b/test/pkey_meth_kdf_test.c.evp-kdf openssl-1.1.1b/test/pkey_meth_kdf_test.c
|
diff -up openssl-1.1.1e/test/pkey_meth_kdf_test.c.evp-kdf openssl-1.1.1e/test/pkey_meth_kdf_test.c
|
||||||
--- openssl-1.1.1b/test/pkey_meth_kdf_test.c.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/test/pkey_meth_kdf_test.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/test/pkey_meth_kdf_test.c 2019-02-28 13:05:05.658521345 +0100
|
+++ openssl-1.1.1e/test/pkey_meth_kdf_test.c 2020-03-19 16:04:32.386698519 +0100
|
||||||
@@ -1,5 +1,5 @@
|
@@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -4494,9 +4471,9 @@ diff -up openssl-1.1.1b/test/pkey_meth_kdf_test.c.evp-kdf openssl-1.1.1b/test/pk
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
diff -up openssl-1.1.1b/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf openssl-1.1.1b/test/recipes/30-test_evp_data/evpkdf.txt
|
diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt
|
||||||
--- openssl-1.1.1b/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/test/recipes/30-test_evp_data/evpkdf.txt 2019-02-28 13:05:05.659521326 +0100
|
+++ openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt 2020-03-19 16:04:32.388698484 +0100
|
||||||
@@ -1,5 +1,5 @@
|
@@ -1,5 +1,5 @@
|
||||||
#
|
#
|
||||||
-# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
|
-# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -4895,9 +4872,9 @@ diff -up openssl-1.1.1b/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf openssl
|
|||||||
+Ctrl.digest = digest:sha512
|
+Ctrl.digest = digest:sha512
|
||||||
+Output = 00ef42cdbfc98d29db20976608e455567fdddf14
|
+Output = 00ef42cdbfc98d29db20976608e455567fdddf14
|
||||||
+
|
+
|
||||||
diff -up openssl-1.1.1b/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf openssl-1.1.1b/test/recipes/30-test_evp_data/evppkey_kdf.txt
|
diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt
|
||||||
--- openssl-1.1.1b/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf 2019-02-28 13:05:05.659521326 +0100
|
--- openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf 2020-03-19 16:04:32.389698467 +0100
|
||||||
+++ openssl-1.1.1b/test/recipes/30-test_evp_data/evppkey_kdf.txt 2019-02-28 13:05:05.659521326 +0100
|
+++ openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt 2020-03-19 16:04:32.389698467 +0100
|
||||||
@@ -0,0 +1,305 @@
|
@@ -0,0 +1,305 @@
|
||||||
+#
|
+#
|
||||||
+# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
|
+# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -5204,9 +5181,9 @@ diff -up openssl-1.1.1b/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf op
|
|||||||
+Ctrl.p = p:1
|
+Ctrl.p = p:1
|
||||||
+Result = INTERNAL_ERROR
|
+Result = INTERNAL_ERROR
|
||||||
+
|
+
|
||||||
diff -up openssl-1.1.1b/test/recipes/30-test_evp_kdf.t.evp-kdf openssl-1.1.1b/test/recipes/30-test_evp_kdf.t
|
diff -up openssl-1.1.1e/test/recipes/30-test_evp_kdf.t.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_kdf.t
|
||||||
--- openssl-1.1.1b/test/recipes/30-test_evp_kdf.t.evp-kdf 2019-02-28 13:05:05.659521326 +0100
|
--- openssl-1.1.1e/test/recipes/30-test_evp_kdf.t.evp-kdf 2020-03-19 16:04:32.390698450 +0100
|
||||||
+++ openssl-1.1.1b/test/recipes/30-test_evp_kdf.t 2019-02-28 13:05:05.659521326 +0100
|
+++ openssl-1.1.1e/test/recipes/30-test_evp_kdf.t 2020-03-19 16:04:32.390698450 +0100
|
||||||
@@ -0,0 +1,13 @@
|
@@ -0,0 +1,13 @@
|
||||||
+#! /usr/bin/env perl
|
+#! /usr/bin/env perl
|
||||||
+# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
+# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -5221,9 +5198,9 @@ diff -up openssl-1.1.1b/test/recipes/30-test_evp_kdf.t.evp-kdf openssl-1.1.1b/te
|
|||||||
+use OpenSSL::Test::Simple;
|
+use OpenSSL::Test::Simple;
|
||||||
+
|
+
|
||||||
+simple_test("test_evp_kdf", "evp_kdf_test");
|
+simple_test("test_evp_kdf", "evp_kdf_test");
|
||||||
diff -up openssl-1.1.1c/test/recipes/30-test_evp.t.evp-kdf openssl-1.1.1c/test/recipes/30-test_evp.t
|
diff -up openssl-1.1.1e/test/recipes/30-test_evp.t.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp.t
|
||||||
--- openssl-1.1.1c/test/recipes/30-test_evp.t.evp-kdf 2019-05-29 16:55:38.236960543 +0200
|
--- openssl-1.1.1e/test/recipes/30-test_evp.t.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1c/test/recipes/30-test_evp.t 2019-05-29 16:57:46.348718012 +0200
|
+++ openssl-1.1.1e/test/recipes/30-test_evp.t 2020-03-19 16:04:32.390698450 +0100
|
||||||
@@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT data_file/
|
@@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT data_file/
|
||||||
setup("test_evp");
|
setup("test_evp");
|
||||||
|
|
||||||
@ -5233,11 +5210,10 @@ diff -up openssl-1.1.1c/test/recipes/30-test_evp.t.evp-kdf openssl-1.1.1c/test/r
|
|||||||
"evpcase.txt", "evpccmcavs.txt" );
|
"evpcase.txt", "evpccmcavs.txt" );
|
||||||
|
|
||||||
plan tests => scalar(@files);
|
plan tests => scalar(@files);
|
||||||
|
diff -up openssl-1.1.1e/util/libcrypto.num.evp-kdf openssl-1.1.1e/util/libcrypto.num
|
||||||
diff -up openssl-1.1.1b/util/libcrypto.num.evp-kdf openssl-1.1.1b/util/libcrypto.num
|
--- openssl-1.1.1e/util/libcrypto.num.evp-kdf 2020-03-19 16:04:11.263064140 +0100
|
||||||
--- openssl-1.1.1b/util/libcrypto.num.evp-kdf 2019-02-28 13:05:05.636521752 +0100
|
+++ openssl-1.1.1e/util/libcrypto.num 2020-03-19 16:04:32.392698415 +0100
|
||||||
+++ openssl-1.1.1b/util/libcrypto.num 2019-02-28 13:05:05.660521308 +0100
|
@@ -4622,3 +4622,11 @@ FIPS_drbg_get_strength
|
||||||
@@ -4614,3 +4614,11 @@ FIPS_drbg_get_strength
|
|
||||||
FIPS_rand_strength 6380 1_1_0g EXIST::FUNCTION:
|
FIPS_rand_strength 6380 1_1_0g EXIST::FUNCTION:
|
||||||
FIPS_drbg_get_blocklength 6381 1_1_0g EXIST::FUNCTION:
|
FIPS_drbg_get_blocklength 6381 1_1_0g EXIST::FUNCTION:
|
||||||
FIPS_drbg_init 6382 1_1_0g EXIST::FUNCTION:
|
FIPS_drbg_init 6382 1_1_0g EXIST::FUNCTION:
|
||||||
@ -5249,9 +5225,9 @@ diff -up openssl-1.1.1b/util/libcrypto.num.evp-kdf openssl-1.1.1b/util/libcrypto
|
|||||||
+EVP_KDF_ctrl_str 6595 1_1_1b EXIST::FUNCTION:
|
+EVP_KDF_ctrl_str 6595 1_1_1b EXIST::FUNCTION:
|
||||||
+EVP_KDF_size 6596 1_1_1b EXIST::FUNCTION:
|
+EVP_KDF_size 6596 1_1_1b EXIST::FUNCTION:
|
||||||
+EVP_KDF_derive 6597 1_1_1b EXIST::FUNCTION:
|
+EVP_KDF_derive 6597 1_1_1b EXIST::FUNCTION:
|
||||||
diff -up openssl-1.1.1b/util/private.num.evp-kdf openssl-1.1.1b/util/private.num
|
diff -up openssl-1.1.1e/util/private.num.evp-kdf openssl-1.1.1e/util/private.num
|
||||||
--- openssl-1.1.1b/util/private.num.evp-kdf 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/util/private.num.evp-kdf 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/util/private.num 2019-02-28 13:05:05.660521308 +0100
|
+++ openssl-1.1.1e/util/private.num 2020-03-19 16:04:32.393698398 +0100
|
||||||
@@ -21,6 +21,7 @@ CRYPTO_EX_dup
|
@@ -21,6 +21,7 @@ CRYPTO_EX_dup
|
||||||
CRYPTO_EX_free datatype
|
CRYPTO_EX_free datatype
|
||||||
CRYPTO_EX_new datatype
|
CRYPTO_EX_new datatype
|
||||||
|
@ -1,33 +1,17 @@
|
|||||||
diff -up openssl-1.1.1b/crypto/include/internal/rand_int.h.crng-test openssl-1.1.1b/crypto/include/internal/rand_int.h
|
diff -up openssl-1.1.1g/crypto/rand/build.info.crng-test openssl-1.1.1g/crypto/rand/build.info
|
||||||
--- openssl-1.1.1b/crypto/include/internal/rand_int.h.crng-test 2019-05-07 08:56:33.242179136 +0200
|
--- openssl-1.1.1g/crypto/rand/build.info.crng-test 2020-04-23 13:30:45.863389837 +0200
|
||||||
+++ openssl-1.1.1b/crypto/include/internal/rand_int.h 2019-05-07 09:54:14.920204875 +0200
|
+++ openssl-1.1.1g/crypto/rand/build.info 2020-04-23 13:31:55.847069892 +0200
|
||||||
@@ -49,6 +49,14 @@ size_t rand_drbg_get_additional_data(RAN
|
@@ -1,6 +1,6 @@
|
||||||
|
|
||||||
void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out);
|
|
||||||
|
|
||||||
+/* CRNG test entropy filter callbacks. */
|
|
||||||
+size_t rand_crngt_get_entropy(RAND_DRBG *drbg,
|
|
||||||
+ unsigned char **pout,
|
|
||||||
+ int entropy, size_t min_len, size_t max_len,
|
|
||||||
+ int prediction_resistance);
|
|
||||||
+void rand_crngt_cleanup_entropy(RAND_DRBG *drbg,
|
|
||||||
+ unsigned char *out, size_t outlen);
|
|
||||||
+
|
|
||||||
/*
|
|
||||||
* RAND_POOL functions
|
|
||||||
*/
|
|
||||||
diff -up openssl-1.1.1b/crypto/rand/build.info.crng-test openssl-1.1.1b/crypto/rand/build.info
|
|
||||||
--- openssl-1.1.1b/crypto/rand/build.info.crng-test 2019-05-07 09:54:14.921204857 +0200
|
|
||||||
+++ openssl-1.1.1b/crypto/rand/build.info 2019-05-07 09:55:22.730014705 +0200
|
|
||||||
@@ -1,4 +1,4 @@
|
|
||||||
LIBS=../../libcrypto
|
LIBS=../../libcrypto
|
||||||
SOURCE[../../libcrypto]=\
|
SOURCE[../../libcrypto]=\
|
||||||
- randfile.c rand_lib.c rand_err.c rand_egd.c \
|
- randfile.c rand_lib.c rand_err.c rand_egd.c \
|
||||||
+ randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \
|
+ randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \
|
||||||
rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c
|
rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c
|
||||||
diff -up openssl-1.1.1b/crypto/rand/drbg_lib.c.crng-test openssl-1.1.1b/crypto/rand/drbg_lib.c
|
|
||||||
--- openssl-1.1.1b/crypto/rand/drbg_lib.c.crng-test 2019-02-26 15:15:30.000000000 +0100
|
INCLUDE[drbg_ctr.o]=../modes
|
||||||
+++ openssl-1.1.1b/crypto/rand/drbg_lib.c 2019-05-07 10:04:51.753157224 +0200
|
diff -up openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test openssl-1.1.1g/crypto/rand/drbg_lib.c
|
||||||
|
--- openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test 2020-04-23 13:30:45.818390686 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/rand/drbg_lib.c 2020-04-23 13:30:45.864389819 +0200
|
||||||
@@ -67,7 +67,7 @@ static CRYPTO_THREAD_LOCAL private_drbg;
|
@@ -67,7 +67,7 @@ static CRYPTO_THREAD_LOCAL private_drbg;
|
||||||
|
|
||||||
|
|
||||||
@ -51,9 +35,9 @@ diff -up openssl-1.1.1b/crypto/rand/drbg_lib.c.crng-test openssl-1.1.1b/crypto/r
|
|||||||
#ifndef RAND_DRBG_GET_RANDOM_NONCE
|
#ifndef RAND_DRBG_GET_RANDOM_NONCE
|
||||||
drbg->get_nonce = rand_drbg_get_nonce;
|
drbg->get_nonce = rand_drbg_get_nonce;
|
||||||
drbg->cleanup_nonce = rand_drbg_cleanup_nonce;
|
drbg->cleanup_nonce = rand_drbg_cleanup_nonce;
|
||||||
diff -up openssl-1.1.1b/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1b/crypto/rand/rand_crng_test.c
|
diff -up openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1g/crypto/rand/rand_crng_test.c
|
||||||
--- openssl-1.1.1b/crypto/rand/rand_crng_test.c.crng-test 2019-05-07 09:54:14.925204787 +0200
|
--- openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test 2020-04-23 13:30:45.864389819 +0200
|
||||||
+++ openssl-1.1.1b/crypto/rand/rand_crng_test.c 2019-05-07 09:54:14.932204664 +0200
|
+++ openssl-1.1.1g/crypto/rand/rand_crng_test.c 2020-04-23 13:30:45.864389819 +0200
|
||||||
@@ -0,0 +1,118 @@
|
@@ -0,0 +1,118 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -71,9 +55,9 @@ diff -up openssl-1.1.1b/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1b/cr
|
|||||||
+
|
+
|
||||||
+#include <string.h>
|
+#include <string.h>
|
||||||
+#include <openssl/evp.h>
|
+#include <openssl/evp.h>
|
||||||
+#include "internal/rand_int.h"
|
+#include "crypto/rand.h"
|
||||||
+#include "internal/thread_once.h"
|
+#include "internal/thread_once.h"
|
||||||
+#include "rand_lcl.h"
|
+#include "rand_local.h"
|
||||||
+
|
+
|
||||||
+static RAND_POOL *crngt_pool;
|
+static RAND_POOL *crngt_pool;
|
||||||
+static unsigned char crngt_prev[EVP_MAX_MD_SIZE];
|
+static unsigned char crngt_prev[EVP_MAX_MD_SIZE];
|
||||||
@ -110,7 +94,7 @@ diff -up openssl-1.1.1b/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1b/cr
|
|||||||
+{
|
+{
|
||||||
+ unsigned char buf[CRNGT_BUFSIZ];
|
+ unsigned char buf[CRNGT_BUFSIZ];
|
||||||
+
|
+
|
||||||
+ if ((crngt_pool = rand_pool_new(0, CRNGT_BUFSIZ, CRNGT_BUFSIZ)) == NULL)
|
+ if ((crngt_pool = rand_pool_new(0, 1, CRNGT_BUFSIZ, CRNGT_BUFSIZ)) == NULL)
|
||||||
+ return 0;
|
+ return 0;
|
||||||
+ if (crngt_get_entropy(buf, crngt_prev, NULL)) {
|
+ if (crngt_get_entropy(buf, crngt_prev, NULL)) {
|
||||||
+ OPENSSL_cleanse(buf, sizeof(buf));
|
+ OPENSSL_cleanse(buf, sizeof(buf));
|
||||||
@ -147,7 +131,7 @@ diff -up openssl-1.1.1b/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1b/cr
|
|||||||
+ if (!RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init))
|
+ if (!RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init))
|
||||||
+ return 0;
|
+ return 0;
|
||||||
+
|
+
|
||||||
+ if ((pool = rand_pool_new(entropy, min_len, max_len)) == NULL)
|
+ if ((pool = rand_pool_new(entropy, 1, min_len, max_len)) == NULL)
|
||||||
+ return 0;
|
+ return 0;
|
||||||
+
|
+
|
||||||
+ while ((q = rand_pool_bytes_needed(pool, 1)) > 0 && attempts-- > 0) {
|
+ while ((q = rand_pool_bytes_needed(pool, 1)) > 0 && attempts-- > 0) {
|
||||||
@ -173,9 +157,9 @@ diff -up openssl-1.1.1b/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1b/cr
|
|||||||
+{
|
+{
|
||||||
+ OPENSSL_secure_clear_free(out, outlen);
|
+ OPENSSL_secure_clear_free(out, outlen);
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1b/crypto/rand/rand_lcl.h.crng-test openssl-1.1.1b/crypto/rand/rand_lcl.h
|
diff -up openssl-1.1.1g/crypto/rand/rand_local.h.crng-test openssl-1.1.1g/crypto/rand/rand_local.h
|
||||||
--- openssl-1.1.1b/crypto/rand/rand_lcl.h.crng-test 2019-05-07 08:56:33.330177674 +0200
|
--- openssl-1.1.1g/crypto/rand/rand_local.h.crng-test 2020-04-23 13:30:45.470397250 +0200
|
||||||
+++ openssl-1.1.1b/crypto/rand/rand_lcl.h 2019-05-07 09:54:14.933204647 +0200
|
+++ openssl-1.1.1g/crypto/rand/rand_local.h 2020-04-23 13:30:45.864389819 +0200
|
||||||
@@ -33,7 +33,15 @@
|
@@ -33,7 +33,15 @@
|
||||||
# define MASTER_RESEED_TIME_INTERVAL (60*60) /* 1 hour */
|
# define MASTER_RESEED_TIME_INTERVAL (60*60) /* 1 hour */
|
||||||
# define SLAVE_RESEED_TIME_INTERVAL (7*60) /* 7 minutes */
|
# define SLAVE_RESEED_TIME_INTERVAL (7*60) /* 7 minutes */
|
||||||
@ -193,17 +177,16 @@ diff -up openssl-1.1.1b/crypto/rand/rand_lcl.h.crng-test openssl-1.1.1b/crypto/r
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* Maximum input size for the DRBG (entropy, nonce, personalization string)
|
* Maximum input size for the DRBG (entropy, nonce, personalization string)
|
||||||
@@ -44,7 +52,8 @@
|
@@ -44,6 +52,8 @@
|
||||||
*/
|
*/
|
||||||
# define DRBG_MAX_LENGTH INT32_MAX
|
# define DRBG_MAX_LENGTH INT32_MAX
|
||||||
|
|
||||||
-
|
|
||||||
+/* The default nonce */
|
+/* The default nonce */
|
||||||
+# define DRBG_DEFAULT_PERS_STRING "OpenSSL NIST SP 800-90A DRBG"
|
+# define DRBG_DEFAULT_PERS_STRING "OpenSSL NIST SP 800-90A DRBG"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Maximum allocation size for RANDOM_POOL buffers
|
* Maximum allocation size for RANDOM_POOL buffers
|
||||||
@@ -290,4 +299,22 @@ int rand_drbg_enable_locking(RAND_DRBG *
|
@@ -296,4 +306,22 @@ int rand_drbg_enable_locking(RAND_DRBG *
|
||||||
/* initializes the AES-CTR DRBG implementation */
|
/* initializes the AES-CTR DRBG implementation */
|
||||||
int drbg_ctr_init(RAND_DRBG *drbg);
|
int drbg_ctr_init(RAND_DRBG *drbg);
|
||||||
|
|
||||||
@ -226,10 +209,28 @@ diff -up openssl-1.1.1b/crypto/rand/rand_lcl.h.crng-test openssl-1.1.1b/crypto/r
|
|||||||
+int rand_crngt_single_init(void);
|
+int rand_crngt_single_init(void);
|
||||||
+
|
+
|
||||||
#endif
|
#endif
|
||||||
diff -up openssl-1.1.1b/test/drbgtest.c.crng-test openssl-1.1.1b/test/drbgtest.c
|
diff -up openssl-1.1.1g/include/crypto/rand.h.crng-test openssl-1.1.1g/include/crypto/rand.h
|
||||||
--- openssl-1.1.1b/test/drbgtest.c.crng-test 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1g/include/crypto/rand.h.crng-test 2020-04-23 13:30:45.824390573 +0200
|
||||||
+++ openssl-1.1.1b/test/drbgtest.c 2019-05-07 10:06:24.706551561 +0200
|
+++ openssl-1.1.1g/include/crypto/rand.h 2020-04-23 13:30:45.864389819 +0200
|
||||||
@@ -143,6 +143,31 @@ static size_t kat_nonce(RAND_DRBG *drbg,
|
@@ -49,6 +49,14 @@ size_t rand_drbg_get_additional_data(RAN
|
||||||
|
|
||||||
|
void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out);
|
||||||
|
|
||||||
|
+/* CRNG test entropy filter callbacks. */
|
||||||
|
+size_t rand_crngt_get_entropy(RAND_DRBG *drbg,
|
||||||
|
+ unsigned char **pout,
|
||||||
|
+ int entropy, size_t min_len, size_t max_len,
|
||||||
|
+ int prediction_resistance);
|
||||||
|
+void rand_crngt_cleanup_entropy(RAND_DRBG *drbg,
|
||||||
|
+ unsigned char *out, size_t outlen);
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* RAND_POOL functions
|
||||||
|
*/
|
||||||
|
diff -up openssl-1.1.1g/test/drbgtest.c.crng-test openssl-1.1.1g/test/drbgtest.c
|
||||||
|
--- openssl-1.1.1g/test/drbgtest.c.crng-test 2020-04-21 14:22:39.000000000 +0200
|
||||||
|
+++ openssl-1.1.1g/test/drbgtest.c 2020-04-23 13:30:45.865389800 +0200
|
||||||
|
@@ -150,6 +150,31 @@ static size_t kat_nonce(RAND_DRBG *drbg,
|
||||||
return t->noncelen;
|
return t->noncelen;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -261,7 +262,7 @@ diff -up openssl-1.1.1b/test/drbgtest.c.crng-test openssl-1.1.1b/test/drbgtest.c
|
|||||||
static int uninstantiate(RAND_DRBG *drbg)
|
static int uninstantiate(RAND_DRBG *drbg)
|
||||||
{
|
{
|
||||||
int ret = drbg == NULL ? 1 : RAND_DRBG_uninstantiate(drbg);
|
int ret = drbg == NULL ? 1 : RAND_DRBG_uninstantiate(drbg);
|
||||||
@@ -168,7 +193,8 @@ static int single_kat(DRBG_SELFTEST_DATA
|
@@ -175,7 +200,8 @@ static int single_kat(DRBG_SELFTEST_DATA
|
||||||
if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, td->flags, NULL)))
|
if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, td->flags, NULL)))
|
||||||
return 0;
|
return 0;
|
||||||
if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
|
if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
|
||||||
@ -271,7 +272,7 @@ diff -up openssl-1.1.1b/test/drbgtest.c.crng-test openssl-1.1.1b/test/drbgtest.c
|
|||||||
failures++;
|
failures++;
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@@ -286,7 +312,8 @@ static int error_check(DRBG_SELFTEST_DAT
|
@@ -293,7 +319,8 @@ static int error_check(DRBG_SELFTEST_DAT
|
||||||
unsigned int reseed_counter_tmp;
|
unsigned int reseed_counter_tmp;
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
|
||||||
@ -281,7 +282,7 @@ diff -up openssl-1.1.1b/test/drbgtest.c.crng-test openssl-1.1.1b/test/drbgtest.c
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -699,6 +726,10 @@ static int test_rand_drbg_reseed(void)
|
@@ -740,6 +767,10 @@ static int test_rand_drbg_reseed(void)
|
||||||
|| !TEST_ptr_eq(private->parent, master))
|
|| !TEST_ptr_eq(private->parent, master))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
@ -292,7 +293,7 @@ diff -up openssl-1.1.1b/test/drbgtest.c.crng-test openssl-1.1.1b/test/drbgtest.c
|
|||||||
/* uninstantiate the three global DRBGs */
|
/* uninstantiate the three global DRBGs */
|
||||||
RAND_DRBG_uninstantiate(private);
|
RAND_DRBG_uninstantiate(private);
|
||||||
RAND_DRBG_uninstantiate(public);
|
RAND_DRBG_uninstantiate(public);
|
||||||
@@ -919,7 +950,8 @@ static int test_rand_seed(void)
|
@@ -964,7 +995,8 @@ static int test_rand_seed(void)
|
||||||
size_t rand_buflen;
|
size_t rand_buflen;
|
||||||
size_t required_seed_buflen = 0;
|
size_t required_seed_buflen = 0;
|
||||||
|
|
||||||
@ -302,7 +303,7 @@ diff -up openssl-1.1.1b/test/drbgtest.c.crng-test openssl-1.1.1b/test/drbgtest.c
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
#ifdef OPENSSL_RAND_SEED_NONE
|
#ifdef OPENSSL_RAND_SEED_NONE
|
||||||
@@ -968,6 +1000,95 @@ static int test_rand_add(void)
|
@@ -1013,6 +1045,95 @@ static int test_rand_add(void)
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -398,7 +399,7 @@ diff -up openssl-1.1.1b/test/drbgtest.c.crng-test openssl-1.1.1b/test/drbgtest.c
|
|||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL);
|
app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL);
|
||||||
@@ -980,5 +1101,6 @@ int setup_tests(void)
|
@@ -1025,5 +1146,6 @@ int setup_tests(void)
|
||||||
#if defined(OPENSSL_THREADS)
|
#if defined(OPENSSL_THREADS)
|
||||||
ADD_TEST(test_multi_thread);
|
ADD_TEST(test_multi_thread);
|
||||||
#endif
|
#endif
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
diff -up openssl-1.1.1c/crypto/ec/ec_curve.c.fips-curves openssl-1.1.1c/crypto/ec/ec_curve.c
|
diff -up openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves openssl-1.1.1g/crypto/ec/ec_curve.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ec_curve.c.fips-curves 2019-11-25 13:18:40.719532357 +0100
|
--- openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves 2020-05-18 12:59:54.839643980 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ec_curve.c 2019-11-25 13:18:40.765531559 +0100
|
+++ openssl-1.1.1g/crypto/ec/ec_curve.c 2020-05-18 12:59:54.852644093 +0200
|
||||||
@@ -13,6 +13,7 @@
|
@@ -13,6 +13,7 @@
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <openssl/obj_mac.h>
|
#include <openssl/obj_mac.h>
|
||||||
@ -106,18 +106,10 @@ diff -up openssl-1.1.1c/crypto/ec/ec_curve.c.fips-curves openssl-1.1.1c/crypto/e
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Functions to translate between common NIST curve names and NIDs */
|
/* Functions to translate between common NIST curve names and NIDs */
|
||||||
diff -up openssl-1.1.1c/ssl/t1_lib.c.fips-curves openssl-1.1.1c/ssl/t1_lib.c
|
diff -up openssl-1.1.1g/ssl/t1_lib.c.fips-curves openssl-1.1.1g/ssl/t1_lib.c
|
||||||
--- openssl-1.1.1c/ssl/t1_lib.c.fips-curves 2019-11-25 13:18:40.658533416 +0100
|
--- openssl-1.1.1g/ssl/t1_lib.c.fips-curves 2020-05-18 12:59:54.797643616 +0200
|
||||||
+++ openssl-1.1.1c/ssl/t1_lib.c 2019-11-26 17:57:15.014742428 +0100
|
+++ openssl-1.1.1g/ssl/t1_lib.c 2020-05-18 13:03:54.748725463 +0200
|
||||||
@@ -20,6 +20,7 @@
|
@@ -678,6 +678,36 @@ static const uint16_t tls12_sigalgs[] =
|
||||||
#include "internal/nelem.h"
|
|
||||||
#include "ssl_locl.h"
|
|
||||||
#include <openssl/ct.h>
|
|
||||||
+#include <openssl/crypto.h>
|
|
||||||
|
|
||||||
SSL3_ENC_METHOD const TLSv1_enc_data = {
|
|
||||||
tls1_enc,
|
|
||||||
@@ -676,6 +677,36 @@ static const uint16_t tls12_sigalgs[] =
|
|
||||||
#endif
|
#endif
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -154,20 +146,16 @@ diff -up openssl-1.1.1c/ssl/t1_lib.c.fips-curves openssl-1.1.1c/ssl/t1_lib.c
|
|||||||
#ifndef OPENSSL_NO_EC
|
#ifndef OPENSSL_NO_EC
|
||||||
static const uint16_t suiteb_sigalgs[] = {
|
static const uint16_t suiteb_sigalgs[] = {
|
||||||
TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
|
TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
|
||||||
@@ -890,8 +921,11 @@ static const SIGALG_LOOKUP *tls1_get_leg
|
@@ -894,6 +924,8 @@ static const SIGALG_LOOKUP *tls1_get_leg
|
||||||
|
}
|
||||||
if (idx < 0 || idx >= (int)OSSL_NELEM(tls_default_sigalg))
|
if (idx < 0 || idx >= (int)OSSL_NELEM(tls_default_sigalg))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
+ if (FIPS_mode()) /* We do not allow legacy SHA1 signatures in FIPS mode */
|
||||||
|
+ return NULL;
|
||||||
if (SSL_USE_SIGALGS(s) || idx != SSL_PKEY_RSA) {
|
if (SSL_USE_SIGALGS(s) || idx != SSL_PKEY_RSA) {
|
||||||
- const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(tls_default_sigalg[idx]);
|
const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(tls_default_sigalg[idx]);
|
||||||
+ const SIGALG_LOOKUP *lu;
|
|
||||||
|
|
||||||
+ if (FIPS_mode()) /* We do not allow SHA1 signatures in FIPS mode */
|
@@ -954,6 +986,9 @@ size_t tls12_get_psigalgs(SSL *s, int se
|
||||||
+ return NULL;
|
|
||||||
+ lu = tls1_lookup_sigalg(tls_default_sigalg[idx]);
|
|
||||||
if (!tls1_lookup_md(lu, NULL))
|
|
||||||
return NULL;
|
|
||||||
return lu;
|
|
||||||
@@ -945,6 +979,9 @@ size_t tls12_get_psigalgs(SSL *s, int se
|
|
||||||
} else if (s->cert->conf_sigalgs) {
|
} else if (s->cert->conf_sigalgs) {
|
||||||
*psigs = s->cert->conf_sigalgs;
|
*psigs = s->cert->conf_sigalgs;
|
||||||
return s->cert->conf_sigalgslen;
|
return s->cert->conf_sigalgslen;
|
||||||
@ -177,7 +165,7 @@ diff -up openssl-1.1.1c/ssl/t1_lib.c.fips-curves openssl-1.1.1c/ssl/t1_lib.c
|
|||||||
} else {
|
} else {
|
||||||
*psigs = tls12_sigalgs;
|
*psigs = tls12_sigalgs;
|
||||||
return OSSL_NELEM(tls12_sigalgs);
|
return OSSL_NELEM(tls12_sigalgs);
|
||||||
@@ -964,6 +1001,9 @@ int tls_check_sigalg_curve(const SSL *s,
|
@@ -973,6 +1008,9 @@ int tls_check_sigalg_curve(const SSL *s,
|
||||||
if (s->cert->conf_sigalgs) {
|
if (s->cert->conf_sigalgs) {
|
||||||
sigs = s->cert->conf_sigalgs;
|
sigs = s->cert->conf_sigalgs;
|
||||||
siglen = s->cert->conf_sigalgslen;
|
siglen = s->cert->conf_sigalgslen;
|
||||||
@ -187,7 +175,7 @@ diff -up openssl-1.1.1c/ssl/t1_lib.c.fips-curves openssl-1.1.1c/ssl/t1_lib.c
|
|||||||
} else {
|
} else {
|
||||||
sigs = tls12_sigalgs;
|
sigs = tls12_sigalgs;
|
||||||
siglen = OSSL_NELEM(tls12_sigalgs);
|
siglen = OSSL_NELEM(tls12_sigalgs);
|
||||||
@@ -1582,6 +1622,8 @@ static int tls12_sigalg_allowed(SSL *s,
|
@@ -1617,6 +1655,8 @@ static int tls12_sigalg_allowed(const SS
|
||||||
if (lu->sig == NID_id_GostR3410_2012_256
|
if (lu->sig == NID_id_GostR3410_2012_256
|
||||||
|| lu->sig == NID_id_GostR3410_2012_512
|
|| lu->sig == NID_id_GostR3410_2012_512
|
||||||
|| lu->sig == NID_id_GostR3410_2001) {
|
|| lu->sig == NID_id_GostR3410_2001) {
|
||||||
@ -196,7 +184,7 @@ diff -up openssl-1.1.1c/ssl/t1_lib.c.fips-curves openssl-1.1.1c/ssl/t1_lib.c
|
|||||||
/* We never allow GOST sig algs on the server with TLSv1.3 */
|
/* We never allow GOST sig algs on the server with TLSv1.3 */
|
||||||
if (s->server && SSL_IS_TLS13(s))
|
if (s->server && SSL_IS_TLS13(s))
|
||||||
return 0;
|
return 0;
|
||||||
@@ -2720,6 +2762,13 @@ int tls_choose_sigalg(SSL *s, int fatale
|
@@ -2842,6 +2882,13 @@ int tls_choose_sigalg(SSL *s, int fatale
|
||||||
const uint16_t *sent_sigs;
|
const uint16_t *sent_sigs;
|
||||||
size_t sent_sigslen;
|
size_t sent_sigslen;
|
||||||
|
|
||||||
|
2806
SOURCES/openssl-1.1.1-fips-dh.patch
Normal file
2806
SOURCES/openssl-1.1.1-fips-dh.patch
Normal file
File diff suppressed because it is too large
Load Diff
@ -1,11 +1,11 @@
|
|||||||
diff -up openssl-1.1.1c/crypto/fips/fips_post.c.drbg-selftest openssl-1.1.1c/crypto/fips/fips_post.c
|
diff -up openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest openssl-1.1.1g/crypto/fips/fips_post.c
|
||||||
--- openssl-1.1.1c/crypto/fips/fips_post.c.drbg-selftest 2020-03-05 10:10:00.934004474 +0100
|
--- openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest 2020-04-23 13:33:12.500624151 +0200
|
||||||
+++ openssl-1.1.1c/crypto/fips/fips_post.c 2020-03-05 10:16:58.051865408 +0100
|
+++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-04-23 13:33:12.618621925 +0200
|
||||||
@@ -67,12 +67,18 @@
|
@@ -67,12 +67,18 @@
|
||||||
|
|
||||||
# include <openssl/fips.h>
|
# include <openssl/fips.h>
|
||||||
# include "internal/fips_int.h"
|
# include "crypto/fips.h"
|
||||||
+# include "internal/rand_int.h"
|
+# include "crypto/rand.h"
|
||||||
# include "fips_locl.h"
|
# include "fips_locl.h"
|
||||||
|
|
||||||
/* Run all selftests */
|
/* Run all selftests */
|
||||||
@ -20,31 +20,20 @@ diff -up openssl-1.1.1c/crypto/fips/fips_post.c.drbg-selftest openssl-1.1.1c/cry
|
|||||||
if (!FIPS_selftest_drbg())
|
if (!FIPS_selftest_drbg())
|
||||||
rv = 0;
|
rv = 0;
|
||||||
if (!FIPS_selftest_sha1())
|
if (!FIPS_selftest_sha1())
|
||||||
diff -up openssl-1.1.1c/crypto/include/internal/rand_int.h.drbg-selftest openssl-1.1.1c/crypto/include/internal/rand_int.h
|
diff -up openssl-1.1.1g/crypto/rand/build.info.drbg-selftest openssl-1.1.1g/crypto/rand/build.info
|
||||||
--- openssl-1.1.1c/crypto/include/internal/rand_int.h.drbg-selftest 2020-03-05 10:10:01.053002437 +0100
|
--- openssl-1.1.1g/crypto/rand/build.info.drbg-selftest 2020-04-23 13:33:12.619621907 +0200
|
||||||
+++ openssl-1.1.1c/crypto/include/internal/rand_int.h 2020-03-05 10:10:01.090001804 +0100
|
+++ openssl-1.1.1g/crypto/rand/build.info 2020-04-23 13:34:10.857523497 +0200
|
||||||
@@ -139,4 +139,9 @@ void rand_pool_cleanup(void);
|
@@ -1,6 +1,6 @@
|
||||||
*/
|
|
||||||
void rand_pool_keep_random_devices_open(int keep);
|
|
||||||
|
|
||||||
+/*
|
|
||||||
+ * Perform the DRBG KAT selftests
|
|
||||||
+ */
|
|
||||||
+int rand_drbg_selftest(void);
|
|
||||||
+
|
|
||||||
#endif
|
|
||||||
diff -up openssl-1.1.1c/crypto/rand/build.info.drbg-selftest openssl-1.1.1c/crypto/rand/build.info
|
|
||||||
--- openssl-1.1.1c/crypto/rand/build.info.drbg-selftest 2020-03-05 10:10:01.020003002 +0100
|
|
||||||
+++ openssl-1.1.1c/crypto/rand/build.info 2020-03-05 10:10:01.090001804 +0100
|
|
||||||
@@ -1,4 +1,4 @@
|
|
||||||
LIBS=../../libcrypto
|
LIBS=../../libcrypto
|
||||||
SOURCE[../../libcrypto]=\
|
SOURCE[../../libcrypto]=\
|
||||||
randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \
|
randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \
|
||||||
- rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c
|
- rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c
|
||||||
+ rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c drbg_selftest.c
|
+ rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c drbg_selftest.c
|
||||||
diff -up openssl-1.1.1c/crypto/rand/drbg_selftest.c.drbg-selftest openssl-1.1.1c/crypto/rand/drbg_selftest.c
|
|
||||||
--- openssl-1.1.1c/crypto/rand/drbg_selftest.c.drbg-selftest 2020-03-05 10:10:01.090001804 +0100
|
INCLUDE[drbg_ctr.o]=../modes
|
||||||
+++ openssl-1.1.1c/crypto/rand/drbg_selftest.c 2020-03-05 10:10:01.090001804 +0100
|
diff -up openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest openssl-1.1.1g/crypto/rand/drbg_selftest.c
|
||||||
|
--- openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest 2020-04-23 13:33:12.619621907 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/rand/drbg_selftest.c 2020-04-23 13:33:12.619621907 +0200
|
||||||
@@ -0,0 +1,537 @@
|
@@ -0,0 +1,537 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -63,7 +52,7 @@ diff -up openssl-1.1.1c/crypto/rand/drbg_selftest.c.drbg-selftest openssl-1.1.1c
|
|||||||
+#include <openssl/rand_drbg.h>
|
+#include <openssl/rand_drbg.h>
|
||||||
+#include <openssl/obj_mac.h>
|
+#include <openssl/obj_mac.h>
|
||||||
+#include "internal/thread_once.h"
|
+#include "internal/thread_once.h"
|
||||||
+#include "internal/rand_int.h"
|
+#include "crypto/rand.h"
|
||||||
+
|
+
|
||||||
+typedef struct test_ctx_st {
|
+typedef struct test_ctx_st {
|
||||||
+ const unsigned char *entropy;
|
+ const unsigned char *entropy;
|
||||||
@ -583,3 +572,16 @@ diff -up openssl-1.1.1c/crypto/rand/drbg_selftest.c.drbg-selftest openssl-1.1.1c
|
|||||||
+
|
+
|
||||||
+ return 1;
|
+ return 1;
|
||||||
+}
|
+}
|
||||||
|
diff -up openssl-1.1.1g/include/crypto/rand.h.drbg-selftest openssl-1.1.1g/include/crypto/rand.h
|
||||||
|
--- openssl-1.1.1g/include/crypto/rand.h.drbg-selftest 2020-04-23 13:33:12.587622510 +0200
|
||||||
|
+++ openssl-1.1.1g/include/crypto/rand.h 2020-04-23 13:33:12.619621907 +0200
|
||||||
|
@@ -140,4 +140,9 @@ void rand_pool_cleanup(void);
|
||||||
|
*/
|
||||||
|
void rand_pool_keep_random_devices_open(int keep);
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * Perform the DRBG KAT selftests
|
||||||
|
+ */
|
||||||
|
+int rand_drbg_selftest(void);
|
||||||
|
+
|
||||||
|
#endif
|
||||||
|
@ -1,11 +1,11 @@
|
|||||||
diff -up openssl-1.1.1c/crypto/fips/fips.c.fips-post-rand openssl-1.1.1c/crypto/fips/fips.c
|
diff -up openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand openssl-1.1.1e/crypto/fips/fips.c
|
||||||
--- openssl-1.1.1c/crypto/fips/fips.c.fips-post-rand 2019-05-29 15:53:56.328216002 +0200
|
--- openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand 2020-03-17 18:06:16.822418854 +0100
|
||||||
+++ openssl-1.1.1c/crypto/fips/fips.c 2019-05-29 15:53:56.359215457 +0200
|
+++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-17 18:06:16.861418172 +0100
|
||||||
@@ -68,6 +68,7 @@
|
@@ -68,6 +68,7 @@
|
||||||
|
|
||||||
# include <openssl/fips.h>
|
# include <openssl/fips.h>
|
||||||
# include "internal/thread_once.h"
|
# include "internal/thread_once.h"
|
||||||
+# include "internal/rand_int.h"
|
+# include "crypto/rand.h"
|
||||||
|
|
||||||
# ifndef PATH_MAX
|
# ifndef PATH_MAX
|
||||||
# define PATH_MAX 1024
|
# define PATH_MAX 1024
|
||||||
@ -46,41 +46,52 @@ diff -up openssl-1.1.1c/crypto/fips/fips.c.fips-post-rand openssl-1.1.1c/crypto/
|
|||||||
+
|
+
|
||||||
fips_set_mode(onoff);
|
fips_set_mode(onoff);
|
||||||
+ /* force RNG reseed with entropy from getrandom() on next call */
|
+ /* force RNG reseed with entropy from getrandom() on next call */
|
||||||
+ rand_fork();
|
+ rand_force_reseed();
|
||||||
+
|
+
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
diff -up openssl-1.1.1c/crypto/include/internal/fips_int.h.fips-post-rand openssl-1.1.1c/crypto/include/internal/fips_int.h
|
diff -up openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1e/crypto/rand/drbg_lib.c
|
||||||
--- openssl-1.1.1c/crypto/include/internal/fips_int.h.fips-post-rand 2019-05-29 15:53:56.337215844 +0200
|
--- openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1c/crypto/include/internal/fips_int.h 2019-05-29 15:53:56.359215457 +0200
|
+++ openssl-1.1.1e/crypto/rand/drbg_lib.c 2020-03-17 18:07:35.305045521 +0100
|
||||||
@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void);
|
@@ -1009,6 +1009,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg
|
||||||
int FIPS_selftest_drbg(void);
|
return min_entropy > min_entropylen ? min_entropy : min_entropylen;
|
||||||
int FIPS_selftest_cmac(void);
|
}
|
||||||
|
|
||||||
+int fips_in_post(void);
|
+void rand_force_reseed(void)
|
||||||
|
+{
|
||||||
|
+ RAND_DRBG *drbg;
|
||||||
+
|
+
|
||||||
int fips_pkey_signature_test(EVP_PKEY *pkey,
|
+ drbg = RAND_DRBG_get0_master();
|
||||||
const unsigned char *tbs, int tbslen,
|
+ drbg->fork_id = 0;
|
||||||
const unsigned char *kat,
|
+
|
||||||
diff -up openssl-1.1.1c/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1c/crypto/rand/rand_unix.c
|
+ drbg = RAND_DRBG_get0_private();
|
||||||
--- openssl-1.1.1c/crypto/rand/rand_unix.c.fips-post-rand 2019-05-28 15:12:21.000000000 +0200
|
+ drbg->fork_id = 0;
|
||||||
+++ openssl-1.1.1c/crypto/rand/rand_unix.c 2019-05-29 16:54:16.471391802 +0200
|
+
|
||||||
@@ -16,10 +16,12 @@
|
+ drbg = RAND_DRBG_get0_public();
|
||||||
#include <openssl/rand.h>
|
+ drbg->fork_id = 0;
|
||||||
#include "rand_lcl.h"
|
+}
|
||||||
#include "internal/rand_int.h"
|
+
|
||||||
+#include "internal/fips_int.h"
|
/* Implements the default OpenSSL RAND_add() method */
|
||||||
|
static int drbg_add(const void *buf, int num, double randomness)
|
||||||
|
{
|
||||||
|
diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/crypto/rand/rand_unix.c
|
||||||
|
--- openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/rand/rand_unix.c 2020-03-17 18:09:01.503537189 +0100
|
||||||
|
@@ -17,10 +17,12 @@
|
||||||
|
#include <openssl/crypto.h>
|
||||||
|
#include "rand_local.h"
|
||||||
|
#include "crypto/rand.h"
|
||||||
|
+#include "crypto/fips.h"
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include "internal/dso.h"
|
#include "internal/dso.h"
|
||||||
#if defined(__linux)
|
#ifdef __linux
|
||||||
-# include <asm/unistd.h>
|
# include <sys/syscall.h>
|
||||||
+# include <sys/syscall.h>
|
|
||||||
+# include <sys/random.h>
|
+# include <sys/random.h>
|
||||||
#endif
|
# ifdef DEVRANDOM_WAIT
|
||||||
#if defined(__FreeBSD__)
|
# include <sys/shm.h>
|
||||||
# include <sys/types.h>
|
# include <sys/utsname.h>
|
||||||
@@ -279,7 +281,7 @@ static ssize_t sysctl_random(char *buf,
|
@@ -342,7 +344,7 @@ static ssize_t sysctl_random(char *buf,
|
||||||
* syscall_random(): Try to get random data using a system call
|
* syscall_random(): Try to get random data using a system call
|
||||||
* returns the number of bytes returned in buf, or < 0 on error.
|
* returns the number of bytes returned in buf, or < 0 on error.
|
||||||
*/
|
*/
|
||||||
@ -89,7 +100,7 @@ diff -up openssl-1.1.1c/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1c/cr
|
|||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
* Note: 'buflen' equals the size of the buffer which is used by the
|
* Note: 'buflen' equals the size of the buffer which is used by the
|
||||||
@@ -301,6 +303,7 @@ static ssize_t syscall_random(void *buf,
|
@@ -364,6 +366,7 @@ static ssize_t syscall_random(void *buf,
|
||||||
* - Linux since 3.17 with glibc 2.25
|
* - Linux since 3.17 with glibc 2.25
|
||||||
* - FreeBSD since 12.0 (1200061)
|
* - FreeBSD since 12.0 (1200061)
|
||||||
*/
|
*/
|
||||||
@ -97,7 +108,7 @@ diff -up openssl-1.1.1c/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1c/cr
|
|||||||
# if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux)
|
# if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux)
|
||||||
extern int getentropy(void *buffer, size_t length) __attribute__((weak));
|
extern int getentropy(void *buffer, size_t length) __attribute__((weak));
|
||||||
|
|
||||||
@@ -322,10 +325,10 @@ static ssize_t syscall_random(void *buf,
|
@@ -385,10 +388,10 @@ static ssize_t syscall_random(void *buf,
|
||||||
if (p_getentropy.p != NULL)
|
if (p_getentropy.p != NULL)
|
||||||
return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1;
|
return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1;
|
||||||
# endif
|
# endif
|
||||||
@ -111,19 +122,17 @@ diff -up openssl-1.1.1c/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1c/cr
|
|||||||
# elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)
|
# elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)
|
||||||
return sysctl_random(buf, buflen);
|
return sysctl_random(buf, buflen);
|
||||||
# else
|
# else
|
||||||
@@ -475,8 +478,10 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
@@ -623,6 +626,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||||
size_t bytes_needed;
|
size_t entropy_available;
|
||||||
size_t entropy_available = 0;
|
|
||||||
unsigned char *buffer;
|
|
||||||
-
|
|
||||||
# if defined(OPENSSL_RAND_SEED_GETRANDOM)
|
# if defined(OPENSSL_RAND_SEED_GETRANDOM)
|
||||||
+ int in_post;
|
+ int in_post;
|
||||||
+
|
+
|
||||||
+ for (in_post = fips_in_post(); in_post >= 0; --in_post) {
|
+ for (in_post = fips_in_post(); in_post >= 0; --in_post) {
|
||||||
{
|
{
|
||||||
ssize_t bytes;
|
size_t bytes_needed;
|
||||||
/* Maximum allowed number of consecutive unsuccessful attempts */
|
unsigned char *buffer;
|
||||||
@@ -485,7 +490,7 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
@@ -633,7 +639,7 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||||
bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
|
bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
|
||||||
while (bytes_needed != 0 && attempts-- > 0) {
|
while (bytes_needed != 0 && attempts-- > 0) {
|
||||||
buffer = rand_pool_add_begin(pool, bytes_needed);
|
buffer = rand_pool_add_begin(pool, bytes_needed);
|
||||||
@ -132,7 +141,7 @@ diff -up openssl-1.1.1c/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1c/cr
|
|||||||
if (bytes > 0) {
|
if (bytes > 0) {
|
||||||
rand_pool_add_end(pool, bytes, 8 * bytes);
|
rand_pool_add_end(pool, bytes, 8 * bytes);
|
||||||
bytes_needed -= bytes;
|
bytes_needed -= bytes;
|
||||||
@@ -540,8 +545,10 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
@@ -668,8 +674,10 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||||
int attempts = 3;
|
int attempts = 3;
|
||||||
const int fd = get_random_device(i);
|
const int fd = get_random_device(i);
|
||||||
|
|
||||||
@ -144,8 +153,8 @@ diff -up openssl-1.1.1c/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1c/cr
|
|||||||
|
|
||||||
while (bytes_needed != 0 && attempts-- > 0) {
|
while (bytes_needed != 0 && attempts-- > 0) {
|
||||||
buffer = rand_pool_add_begin(pool, bytes_needed);
|
buffer = rand_pool_add_begin(pool, bytes_needed);
|
||||||
@@ -601,7 +608,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
@@ -732,7 +740,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||||
}
|
return entropy_available;
|
||||||
}
|
}
|
||||||
# endif
|
# endif
|
||||||
-
|
-
|
||||||
@ -155,3 +164,26 @@ diff -up openssl-1.1.1c/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1c/cr
|
|||||||
return rand_pool_entropy_available(pool);
|
return rand_pool_entropy_available(pool);
|
||||||
# endif
|
# endif
|
||||||
}
|
}
|
||||||
|
diff -up openssl-1.1.1e/include/crypto/fips.h.fips-post-rand openssl-1.1.1e/include/crypto/fips.h
|
||||||
|
--- openssl-1.1.1e/include/crypto/fips.h.fips-post-rand 2020-03-17 18:06:16.831418696 +0100
|
||||||
|
+++ openssl-1.1.1e/include/crypto/fips.h 2020-03-17 18:06:16.861418172 +0100
|
||||||
|
@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void);
|
||||||
|
int FIPS_selftest_drbg(void);
|
||||||
|
int FIPS_selftest_cmac(void);
|
||||||
|
|
||||||
|
+int fips_in_post(void);
|
||||||
|
+
|
||||||
|
int fips_pkey_signature_test(EVP_PKEY *pkey,
|
||||||
|
const unsigned char *tbs, int tbslen,
|
||||||
|
const unsigned char *kat,
|
||||||
|
diff -up openssl-1.1.1e/include/crypto/rand.h.fips-post-rand openssl-1.1.1e/include/crypto/rand.h
|
||||||
|
--- openssl-1.1.1e/include/crypto/rand.h.fips-post-rand 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/include/crypto/rand.h 2020-03-17 18:07:35.303045555 +0100
|
||||||
|
@@ -24,6 +24,7 @@
|
||||||
|
typedef struct rand_pool_st RAND_POOL;
|
||||||
|
|
||||||
|
void rand_cleanup_int(void);
|
||||||
|
+void rand_force_reseed(void);
|
||||||
|
void rand_drbg_cleanup_int(void);
|
||||||
|
void drbg_delete_thread_state(void);
|
||||||
|
|
||||||
|
File diff suppressed because it is too large
Load Diff
500
SOURCES/openssl-1.1.1-intel-cet.patch
Normal file
500
SOURCES/openssl-1.1.1-intel-cet.patch
Normal file
@ -0,0 +1,500 @@
|
|||||||
|
diff -up openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl
|
||||||
|
--- openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl 2020-03-19 17:07:02.626522694 +0100
|
||||||
|
@@ -275,6 +275,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
movups ($inp),$inout0 # load input
|
||||||
|
mov 240($key),$rounds # key->rounds
|
||||||
|
___
|
||||||
|
@@ -293,6 +294,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_decrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
movups ($inp),$inout0 # load input
|
||||||
|
mov 240($key),$rounds # key->rounds
|
||||||
|
___
|
||||||
|
@@ -613,6 +615,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
aesni_ecb_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0x58(%rsp),%rsp
|
||||||
|
@@ -985,6 +988,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
aesni_ccm64_encrypt_blocks:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0x58(%rsp),%rsp
|
||||||
|
@@ -1077,6 +1081,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
aesni_ccm64_decrypt_blocks:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0x58(%rsp),%rsp
|
||||||
|
@@ -1203,6 +1208,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
aesni_ctr32_encrypt_blocks:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
cmp \$1,$len
|
||||||
|
jne .Lctr32_bulk
|
||||||
|
|
||||||
|
@@ -1775,6 +1781,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
aesni_xts_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
lea (%rsp),%r11 # frame pointer
|
||||||
|
.cfi_def_cfa_register %r11
|
||||||
|
push %rbp
|
||||||
|
@@ -2258,6 +2265,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
aesni_xts_decrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
lea (%rsp),%r11 # frame pointer
|
||||||
|
.cfi_def_cfa_register %r11
|
||||||
|
push %rbp
|
||||||
|
@@ -2783,6 +2791,7 @@ $code.=<<___;
|
||||||
|
.align 32
|
||||||
|
aesni_ocb_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
lea (%rsp),%rax
|
||||||
|
push %rbx
|
||||||
|
.cfi_push %rbx
|
||||||
|
@@ -3249,6 +3258,7 @@ __ocb_encrypt1:
|
||||||
|
.align 32
|
||||||
|
aesni_ocb_decrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
lea (%rsp),%rax
|
||||||
|
push %rbx
|
||||||
|
.cfi_push %rbx
|
||||||
|
@@ -3737,6 +3747,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_cbc_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
test $len,$len # check length
|
||||||
|
jz .Lcbc_ret
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl
|
||||||
|
--- openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl 2020-03-19 17:00:15.974621757 +0100
|
||||||
|
@@ -696,6 +696,7 @@ _vpaes_schedule_mangle:
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_set_encrypt_key:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0xb8(%rsp),%rsp
|
||||||
|
@@ -746,6 +747,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_set_decrypt_key:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0xb8(%rsp),%rsp
|
||||||
|
@@ -801,6 +803,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0xb8(%rsp),%rsp
|
||||||
|
@@ -846,6 +849,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_decrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0xb8(%rsp),%rsp
|
||||||
|
@@ -897,6 +901,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_cbc_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
xchg $key,$len
|
||||||
|
___
|
||||||
|
($len,$key)=($key,$len);
|
||||||
|
diff -up openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.c
|
||||||
|
--- openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/async/arch/async_posix.c 2020-03-19 17:00:15.974621757 +0100
|
||||||
|
@@ -34,7 +34,9 @@ void async_local_cleanup(void)
|
||||||
|
|
||||||
|
int async_fibre_makecontext(async_fibre *fibre)
|
||||||
|
{
|
||||||
|
+#ifndef USE_SWAPCONTEXT
|
||||||
|
fibre->env_init = 0;
|
||||||
|
+#endif
|
||||||
|
if (getcontext(&fibre->fibre) == 0) {
|
||||||
|
fibre->fibre.uc_stack.ss_sp = OPENSSL_malloc(STACKSIZE);
|
||||||
|
if (fibre->fibre.uc_stack.ss_sp != NULL) {
|
||||||
|
diff -up openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.h
|
||||||
|
--- openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet 2020-03-19 17:00:15.435631166 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/async/arch/async_posix.h 2020-03-19 17:00:15.975621739 +0100
|
||||||
|
@@ -25,17 +25,33 @@
|
||||||
|
# define ASYNC_POSIX
|
||||||
|
# define ASYNC_ARCH
|
||||||
|
|
||||||
|
+# ifdef __CET__
|
||||||
|
+/*
|
||||||
|
+ * When Intel CET is enabled, makecontext will create a different
|
||||||
|
+ * shadow stack for each context. async_fibre_swapcontext cannot
|
||||||
|
+ * use _longjmp. It must call swapcontext to swap shadow stack as
|
||||||
|
+ * well as normal stack.
|
||||||
|
+ */
|
||||||
|
+# define USE_SWAPCONTEXT
|
||||||
|
+# endif
|
||||||
|
# include <ucontext.h>
|
||||||
|
-# include <setjmp.h>
|
||||||
|
+# ifndef USE_SWAPCONTEXT
|
||||||
|
+# include <setjmp.h>
|
||||||
|
+# endif
|
||||||
|
|
||||||
|
typedef struct async_fibre_st {
|
||||||
|
ucontext_t fibre;
|
||||||
|
+# ifndef USE_SWAPCONTEXT
|
||||||
|
jmp_buf env;
|
||||||
|
int env_init;
|
||||||
|
+# endif
|
||||||
|
} async_fibre;
|
||||||
|
|
||||||
|
static ossl_inline int async_fibre_swapcontext(async_fibre *o, async_fibre *n, int r)
|
||||||
|
{
|
||||||
|
+# ifdef USE_SWAPCONTEXT
|
||||||
|
+ swapcontext(&o->fibre, &n->fibre);
|
||||||
|
+# else
|
||||||
|
o->env_init = 1;
|
||||||
|
|
||||||
|
if (!r || !_setjmp(o->env)) {
|
||||||
|
@@ -44,6 +60,7 @@ static ossl_inline int async_fibre_swapc
|
||||||
|
else
|
||||||
|
setcontext(&n->fibre);
|
||||||
|
}
|
||||||
|
+# endif
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
diff -up openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl
|
||||||
|
--- openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl 2020-03-19 17:00:15.975621739 +0100
|
||||||
|
@@ -685,6 +685,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
Camellia_cbc_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
cmp \$0,%rdx
|
||||||
|
je .Lcbc_abort
|
||||||
|
push %rbx
|
||||||
|
diff -up openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl
|
||||||
|
--- openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl 2020-03-19 17:00:15.975621739 +0100
|
||||||
|
@@ -239,6 +239,7 @@ $code=<<___;
|
||||||
|
.align 16
|
||||||
|
gcm_gmult_4bit:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
push %rbx
|
||||||
|
.cfi_push %rbx
|
||||||
|
push %rbp # %rbp and others are pushed exclusively in
|
||||||
|
@@ -286,6 +287,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
gcm_ghash_4bit:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
push %rbx
|
||||||
|
.cfi_push %rbx
|
||||||
|
push %rbp
|
||||||
|
@@ -612,6 +614,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
gcm_gmult_clmul:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
.L_gmult_clmul:
|
||||||
|
movdqu ($Xip),$Xi
|
||||||
|
movdqa .Lbswap_mask(%rip),$T3
|
||||||
|
@@ -663,6 +666,7 @@ $code.=<<___;
|
||||||
|
.align 32
|
||||||
|
gcm_ghash_clmul:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
.L_ghash_clmul:
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
@@ -1166,6 +1170,7 @@ $code.=<<___;
|
||||||
|
.align 32
|
||||||
|
gcm_gmult_avx:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
jmp .L_gmult_clmul
|
||||||
|
.cfi_endproc
|
||||||
|
.size gcm_gmult_avx,.-gcm_gmult_avx
|
||||||
|
@@ -1177,6 +1182,7 @@ $code.=<<___;
|
||||||
|
.align 32
|
||||||
|
gcm_ghash_avx:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
if ($avx) {
|
||||||
|
my ($Xip,$Htbl,$inp,$len)=@_4args;
|
||||||
|
diff -up openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet openssl-1.1.1e/crypto/perlasm/cbc.pl
|
||||||
|
--- openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/perlasm/cbc.pl 2020-03-19 17:00:15.976621722 +0100
|
||||||
|
@@ -165,21 +165,28 @@ sub cbc
|
||||||
|
&jmp_ptr($count);
|
||||||
|
|
||||||
|
&set_label("ej7");
|
||||||
|
+ &endbranch()
|
||||||
|
&movb(&HB("edx"), &BP(6,$in,"",0));
|
||||||
|
&shl("edx",8);
|
||||||
|
&set_label("ej6");
|
||||||
|
+ &endbranch()
|
||||||
|
&movb(&HB("edx"), &BP(5,$in,"",0));
|
||||||
|
&set_label("ej5");
|
||||||
|
+ &endbranch()
|
||||||
|
&movb(&LB("edx"), &BP(4,$in,"",0));
|
||||||
|
&set_label("ej4");
|
||||||
|
+ &endbranch()
|
||||||
|
&mov("ecx", &DWP(0,$in,"",0));
|
||||||
|
&jmp(&label("ejend"));
|
||||||
|
&set_label("ej3");
|
||||||
|
+ &endbranch()
|
||||||
|
&movb(&HB("ecx"), &BP(2,$in,"",0));
|
||||||
|
&shl("ecx",8);
|
||||||
|
&set_label("ej2");
|
||||||
|
+ &endbranch()
|
||||||
|
&movb(&HB("ecx"), &BP(1,$in,"",0));
|
||||||
|
&set_label("ej1");
|
||||||
|
+ &endbranch()
|
||||||
|
&movb(&LB("ecx"), &BP(0,$in,"",0));
|
||||||
|
&set_label("ejend");
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl
|
||||||
|
--- openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl 2020-03-19 17:00:15.984621582 +0100
|
||||||
|
@@ -101,6 +101,33 @@ elsif (!$gas)
|
||||||
|
$decor="\$L\$";
|
||||||
|
}
|
||||||
|
|
||||||
|
+my $cet_property;
|
||||||
|
+if ($flavour =~ /elf/) {
|
||||||
|
+ # Always generate .note.gnu.property section for ELF outputs to
|
||||||
|
+ # mark Intel CET support since all input files must be marked
|
||||||
|
+ # with Intel CET support in order for linker to mark output with
|
||||||
|
+ # Intel CET support.
|
||||||
|
+ my $p2align=3; $p2align=2 if ($flavour eq "elf32");
|
||||||
|
+ $cet_property = <<_____;
|
||||||
|
+ .section ".note.gnu.property", "a"
|
||||||
|
+ .p2align $p2align
|
||||||
|
+ .long 1f - 0f
|
||||||
|
+ .long 4f - 1f
|
||||||
|
+ .long 5
|
||||||
|
+0:
|
||||||
|
+ .asciz "GNU"
|
||||||
|
+1:
|
||||||
|
+ .p2align $p2align
|
||||||
|
+ .long 0xc0000002
|
||||||
|
+ .long 3f - 2f
|
||||||
|
+2:
|
||||||
|
+ .long 3
|
||||||
|
+3:
|
||||||
|
+ .p2align $p2align
|
||||||
|
+4:
|
||||||
|
+_____
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
my $current_segment;
|
||||||
|
my $current_function;
|
||||||
|
my %globals;
|
||||||
|
@@ -1213,6 +1240,7 @@ while(defined(my $line=<>)) {
|
||||||
|
print $line,"\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
+print "$cet_property" if ($cet_property);
|
||||||
|
print "\n$current_segment\tENDS\n" if ($current_segment && $masm);
|
||||||
|
print "END\n" if ($masm);
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86gas.pl
|
||||||
|
--- openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/perlasm/x86gas.pl 2020-03-19 17:00:15.985621565 +0100
|
||||||
|
@@ -124,6 +124,7 @@ sub ::function_begin_B
|
||||||
|
push(@out,".align\t$align\n");
|
||||||
|
push(@out,"$func:\n");
|
||||||
|
push(@out,"$begin:\n") if ($global);
|
||||||
|
+ &::endbranch();
|
||||||
|
$::stack=4;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -172,6 +173,26 @@ sub ::file_end
|
||||||
|
else { push (@out,"$tmp\n"); }
|
||||||
|
}
|
||||||
|
push(@out,$initseg) if ($initseg);
|
||||||
|
+ if ($::elf) {
|
||||||
|
+ push(@out,"
|
||||||
|
+ .section \".note.gnu.property\", \"a\"
|
||||||
|
+ .p2align 2
|
||||||
|
+ .long 1f - 0f
|
||||||
|
+ .long 4f - 1f
|
||||||
|
+ .long 5
|
||||||
|
+0:
|
||||||
|
+ .asciz \"GNU\"
|
||||||
|
+1:
|
||||||
|
+ .p2align 2
|
||||||
|
+ .long 0xc0000002
|
||||||
|
+ .long 3f - 2f
|
||||||
|
+2:
|
||||||
|
+ .long 3
|
||||||
|
+3:
|
||||||
|
+ .p2align 2
|
||||||
|
+4:
|
||||||
|
+");
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
sub ::data_byte { push(@out,".byte\t".join(',',@_)."\n"); }
|
||||||
|
diff -up openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl
|
||||||
|
--- openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet 2020-03-19 17:00:38.185234015 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl 2020-03-19 17:05:46.575850341 +0100
|
||||||
|
@@ -2806,6 +2806,7 @@ $code.=<<___;
|
||||||
|
.align 32
|
||||||
|
poly1305_blocks_vpmadd52:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
shr \$4,$len
|
||||||
|
jz .Lno_data_vpmadd52 # too short
|
||||||
|
|
||||||
|
@@ -3739,6 +3740,7 @@ $code.=<<___;
|
||||||
|
.align 32
|
||||||
|
poly1305_emit_base2_44:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
mov 0($ctx),%r8 # load hash value
|
||||||
|
mov 8($ctx),%r9
|
||||||
|
mov 16($ctx),%r10
|
||||||
|
diff -up openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl
|
||||||
|
--- openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet 2020-03-19 17:00:38.190233928 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl 2020-03-19 17:05:02.598618064 +0100
|
||||||
|
@@ -140,6 +140,7 @@ $code=<<___;
|
||||||
|
.align 16
|
||||||
|
RC4:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
or $len,$len
|
||||||
|
jne .Lentry
|
||||||
|
ret
|
||||||
|
@@ -455,6 +456,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
RC4_set_key:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
lea 8($dat),$dat
|
||||||
|
lea ($inp,$len),$inp
|
||||||
|
neg $len
|
||||||
|
@@ -529,6 +531,7 @@ RC4_set_key:
|
||||||
|
.align 16
|
||||||
|
RC4_options:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
lea .Lopts(%rip),%rax
|
||||||
|
mov OPENSSL_ia32cap_P(%rip),%edx
|
||||||
|
bt \$20,%edx
|
||||||
|
diff -up openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet openssl-1.1.1e/crypto/x86_64cpuid.pl
|
||||||
|
--- openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/x86_64cpuid.pl 2020-03-19 17:03:58.172742775 +0100
|
||||||
|
@@ -40,6 +40,7 @@ print<<___;
|
||||||
|
.align 16
|
||||||
|
OPENSSL_atomic_add:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
movl ($arg1),%eax
|
||||||
|
.Lspin: leaq ($arg2,%rax),%r8
|
||||||
|
.byte 0xf0 # lock
|
||||||
|
@@ -56,6 +57,7 @@ OPENSSL_atomic_add:
|
||||||
|
.align 16
|
||||||
|
OPENSSL_rdtsc:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
rdtsc
|
||||||
|
shl \$32,%rdx
|
||||||
|
or %rdx,%rax
|
||||||
|
@@ -68,6 +70,7 @@ OPENSSL_rdtsc:
|
||||||
|
.align 16
|
||||||
|
OPENSSL_ia32_cpuid:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
mov %rbx,%r8 # save %rbx
|
||||||
|
.cfi_register %rbx,%r8
|
||||||
|
|
||||||
|
@@ -237,6 +240,7 @@ OPENSSL_ia32_cpuid:
|
||||||
|
.align 16
|
||||||
|
OPENSSL_cleanse:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
xor %rax,%rax
|
||||||
|
cmp \$15,$arg2
|
||||||
|
jae .Lot
|
||||||
|
@@ -274,6 +278,7 @@ OPENSSL_cleanse:
|
||||||
|
.align 16
|
||||||
|
CRYPTO_memcmp:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
xor %rax,%rax
|
||||||
|
xor %r10,%r10
|
||||||
|
cmp \$0,$arg3
|
||||||
|
@@ -312,6 +317,7 @@ print<<___ if (!$win64);
|
||||||
|
.align 16
|
||||||
|
OPENSSL_wipe_cpu:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
pxor %xmm0,%xmm0
|
||||||
|
pxor %xmm1,%xmm1
|
||||||
|
pxor %xmm2,%xmm2
|
||||||
|
@@ -346,6 +352,8 @@ print<<___ if ($win64);
|
||||||
|
.type OPENSSL_wipe_cpu,\@abi-omnipotent
|
||||||
|
.align 16
|
||||||
|
OPENSSL_wipe_cpu:
|
||||||
|
+.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
pxor %xmm0,%xmm0
|
||||||
|
pxor %xmm1,%xmm1
|
||||||
|
pxor %xmm2,%xmm2
|
||||||
|
@@ -376,6 +384,7 @@ print<<___;
|
||||||
|
.align 16
|
||||||
|
OPENSSL_instrument_bus:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
mov $arg1,$out # tribute to Win64
|
||||||
|
mov $arg2,$cnt
|
||||||
|
mov $arg2,$max
|
||||||
|
@@ -410,6 +419,7 @@ OPENSSL_instrument_bus:
|
||||||
|
.align 16
|
||||||
|
OPENSSL_instrument_bus2:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
mov $arg1,$out # tribute to Win64
|
||||||
|
mov $arg2,$cnt
|
||||||
|
mov $arg3,$max
|
||||||
|
@@ -465,6 +475,7 @@ print<<___;
|
||||||
|
.align 16
|
||||||
|
OPENSSL_ia32_${rdop}_bytes:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
xor %rax, %rax # return value
|
||||||
|
cmp \$0,$arg2
|
||||||
|
je .Ldone_${rdop}_bytes
|
170
SOURCES/openssl-1.1.1-kdf-selftest.patch
Normal file
170
SOURCES/openssl-1.1.1-kdf-selftest.patch
Normal file
@ -0,0 +1,170 @@
|
|||||||
|
diff -up openssl-1.1.1g/crypto/fips/build.info.kdf-selftest openssl-1.1.1g/crypto/fips/build.info
|
||||||
|
--- openssl-1.1.1g/crypto/fips/build.info.kdf-selftest 2020-06-03 16:08:36.274849058 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/build.info 2020-06-03 16:11:05.609079372 +0200
|
||||||
|
@@ -5,7 +5,7 @@ SOURCE[../../libcrypto]=\
|
||||||
|
fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \
|
||||||
|
fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \
|
||||||
|
fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c \
|
||||||
|
- fips_dh_selftest.c fips_ers.c
|
||||||
|
+ fips_dh_selftest.c fips_kdf_selftest.c fips_ers.c
|
||||||
|
|
||||||
|
PROGRAMS_NO_INST=\
|
||||||
|
fips_standalone_hmac
|
||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest 2020-06-03 16:08:36.337849577 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c 2020-06-03 16:08:36.337849577 +0200
|
||||||
|
@@ -0,0 +1,117 @@
|
||||||
|
+/*
|
||||||
|
+ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
+ * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved.
|
||||||
|
+ *
|
||||||
|
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
|
+ * this file except in compliance with the License. You can obtain a copy
|
||||||
|
+ * in the file LICENSE in the source distribution or at
|
||||||
|
+ * https://www.openssl.org/source/license.html
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#include <string.h>
|
||||||
|
+#include <openssl/err.h>
|
||||||
|
+#include <openssl/fips.h>
|
||||||
|
+#include "crypto/fips.h"
|
||||||
|
+
|
||||||
|
+#include <openssl/evp.h>
|
||||||
|
+#include <openssl/kdf.h>
|
||||||
|
+
|
||||||
|
+#ifdef OPENSSL_FIPS
|
||||||
|
+int FIPS_selftest_pbkdf2(void)
|
||||||
|
+{
|
||||||
|
+ int ret = 0;
|
||||||
|
+ EVP_KDF_CTX *kctx;
|
||||||
|
+ unsigned char out[32];
|
||||||
|
+
|
||||||
|
+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) == NULL) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ {
|
||||||
|
+ const unsigned char expected[sizeof(out)] = {
|
||||||
|
+ 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3,
|
||||||
|
+ 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0,
|
||||||
|
+ 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf,
|
||||||
|
+ 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43
|
||||||
|
+ };
|
||||||
|
+ if (memcmp(out, expected, sizeof(expected))) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ ret = 1;
|
||||||
|
+
|
||||||
|
+err:
|
||||||
|
+ if (!ret)
|
||||||
|
+ FIPSerr(FIPS_F_FIPS_SELFTEST_PBKDF2, FIPS_R_SELFTEST_FAILED);
|
||||||
|
+ EVP_KDF_CTX_free(kctx);
|
||||||
|
+ return ret;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/* Test vector from RFC 8009 (AES Encryption with HMAC-SHA2 for Kerberos
|
||||||
|
+ * 5) appendix A. */
|
||||||
|
+int FIPS_selftest_kbkdf(void)
|
||||||
|
+{
|
||||||
|
+ int ret = 0;
|
||||||
|
+ EVP_KDF_CTX *kctx;
|
||||||
|
+ char *label = "prf", *prf_input = "test";
|
||||||
|
+ static unsigned char input_key[] = {
|
||||||
|
+ 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
|
||||||
|
+ 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
|
||||||
|
+ };
|
||||||
|
+ static unsigned char output[] = {
|
||||||
|
+ 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
|
||||||
|
+ 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
|
||||||
|
+ 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
|
||||||
|
+ 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
|
||||||
|
+ };
|
||||||
|
+ unsigned char result[sizeof(output)] = { 0 };
|
||||||
|
+
|
||||||
|
+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ ret = EVP_KDF_derive(kctx, result, sizeof(result)) > 0
|
||||||
|
+ && memcmp(result, output, sizeof(output)) == 0;
|
||||||
|
+err:
|
||||||
|
+
|
||||||
|
+ if (!ret)
|
||||||
|
+ FIPSerr(FIPS_F_FIPS_SELFTEST_KBKDF, FIPS_R_SELFTEST_FAILED);
|
||||||
|
+ EVP_KDF_CTX_free(kctx);
|
||||||
|
+ return ret;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int FIPS_selftest_kdf(void)
|
||||||
|
+{
|
||||||
|
+ return FIPS_selftest_pbkdf2() && FIPS_selftest_kbkdf();
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#endif
|
||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_post.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest 2020-06-03 16:08:36.332849536 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-03 16:08:36.338849585 +0200
|
||||||
|
@@ -111,6 +111,8 @@ int FIPS_selftest(void)
|
||||||
|
rv = 0;
|
||||||
|
if (!FIPS_selftest_ecdh())
|
||||||
|
rv = 0;
|
||||||
|
+ if (!FIPS_selftest_kdf())
|
||||||
|
+ rv = 0;
|
||||||
|
return rv;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1g/include/crypto/fips.h.kdf-selftest openssl-1.1.1g/include/crypto/fips.h
|
||||||
|
--- openssl-1.1.1g/include/crypto/fips.h.kdf-selftest 2020-06-03 16:08:36.330849519 +0200
|
||||||
|
+++ openssl-1.1.1g/include/crypto/fips.h 2020-06-03 16:08:36.338849585 +0200
|
||||||
|
@@ -72,6 +72,9 @@ void FIPS_drbg_stick(int onoff);
|
||||||
|
int FIPS_selftest_hmac(void);
|
||||||
|
int FIPS_selftest_drbg(void);
|
||||||
|
int FIPS_selftest_cmac(void);
|
||||||
|
+int FIPS_selftest_kbkdf(void);
|
||||||
|
+int FIPS_selftest_pbkdf2(void);
|
||||||
|
+int FIPS_selftest_kdf(void);
|
||||||
|
|
||||||
|
int fips_in_post(void);
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1g/include/openssl/fips.h.kdf-selftest openssl-1.1.1g/include/openssl/fips.h
|
||||||
|
--- openssl-1.1.1g/include/openssl/fips.h.kdf-selftest 2020-06-03 16:08:36.282849124 +0200
|
||||||
|
+++ openssl-1.1.1g/include/openssl/fips.h 2020-06-03 16:08:36.338849585 +0200
|
||||||
|
@@ -123,6 +123,8 @@ extern "C" {
|
||||||
|
# define FIPS_F_FIPS_SELFTEST_DSA 112
|
||||||
|
# define FIPS_F_FIPS_SELFTEST_ECDSA 133
|
||||||
|
# define FIPS_F_FIPS_SELFTEST_HMAC 113
|
||||||
|
+# define FIPS_F_FIPS_SELFTEST_KBKDF 151
|
||||||
|
+# define FIPS_F_FIPS_SELFTEST_PBKDF2 152
|
||||||
|
# define FIPS_F_FIPS_SELFTEST_SHA1 115
|
||||||
|
# define FIPS_F_FIPS_SELFTEST_SHA2 105
|
||||||
|
# define FIPS_F_OSSL_ECDSA_SIGN_SIG 143
|
@ -1,7 +1,7 @@
|
|||||||
diff -up openssl-1.1.1c/crypto/err/openssl.txt.krb5-kdf openssl-1.1.1c/crypto/err/openssl.txt
|
diff -up openssl-1.1.1d/crypto/err/openssl.txt.krb5-kdf openssl-1.1.1d/crypto/err/openssl.txt
|
||||||
--- openssl-1.1.1c/crypto/err/openssl.txt.krb5-kdf 2019-11-14 16:25:09.445914709 +0100
|
--- openssl-1.1.1d/crypto/err/openssl.txt.krb5-kdf 2019-11-14 15:07:05.320094521 +0100
|
||||||
+++ openssl-1.1.1c/crypto/err/openssl.txt 2019-11-14 16:26:10.333811902 +0100
|
+++ openssl-1.1.1d/crypto/err/openssl.txt 2019-11-14 15:07:05.342094129 +0100
|
||||||
@@ -816,6 +816,11 @@ EVP_F_S390X_AES_GCM_CTRL:201:s390x_aes_g
|
@@ -821,6 +821,11 @@ EVP_F_S390X_AES_GCM_CTRL:201:s390x_aes_g
|
||||||
EVP_F_SCRYPT_ALG:228:scrypt_alg
|
EVP_F_SCRYPT_ALG:228:scrypt_alg
|
||||||
EVP_F_UPDATE:173:update
|
EVP_F_UPDATE:173:update
|
||||||
KDF_F_HKDF_EXTRACT:112:HKDF_Extract
|
KDF_F_HKDF_EXTRACT:112:HKDF_Extract
|
||||||
@ -13,7 +13,7 @@ diff -up openssl-1.1.1c/crypto/err/openssl.txt.krb5-kdf openssl-1.1.1c/crypto/er
|
|||||||
KDF_F_KDF_HKDF_DERIVE:113:kdf_hkdf_derive
|
KDF_F_KDF_HKDF_DERIVE:113:kdf_hkdf_derive
|
||||||
KDF_F_KDF_HKDF_NEW:114:kdf_hkdf_new
|
KDF_F_KDF_HKDF_NEW:114:kdf_hkdf_new
|
||||||
KDF_F_KDF_HKDF_SIZE:115:kdf_hkdf_size
|
KDF_F_KDF_HKDF_SIZE:115:kdf_hkdf_size
|
||||||
@@ -835,6 +840,8 @@ KDF_F_KDF_SSHKDF_NEW:133:kdf_sshkdf_new
|
@@ -840,6 +845,8 @@ KDF_F_KDF_SSHKDF_NEW:133:kdf_sshkdf_new
|
||||||
KDF_F_KDF_TLS1_PRF_CTRL_STR:125:kdf_tls1_prf_ctrl_str
|
KDF_F_KDF_TLS1_PRF_CTRL_STR:125:kdf_tls1_prf_ctrl_str
|
||||||
KDF_F_KDF_TLS1_PRF_DERIVE:126:kdf_tls1_prf_derive
|
KDF_F_KDF_TLS1_PRF_DERIVE:126:kdf_tls1_prf_derive
|
||||||
KDF_F_KDF_TLS1_PRF_NEW:127:kdf_tls1_prf_new
|
KDF_F_KDF_TLS1_PRF_NEW:127:kdf_tls1_prf_new
|
||||||
@ -22,7 +22,7 @@ diff -up openssl-1.1.1c/crypto/err/openssl.txt.krb5-kdf openssl-1.1.1c/crypto/er
|
|||||||
KDF_F_PBKDF2_SET_MEMBUF:128:pbkdf2_set_membuf
|
KDF_F_PBKDF2_SET_MEMBUF:128:pbkdf2_set_membuf
|
||||||
KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str
|
KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str
|
||||||
KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive
|
KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive
|
||||||
@@ -848,6 +855,9 @@ KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tl
|
@@ -853,6 +860,9 @@ KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tl
|
||||||
KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive
|
KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive
|
||||||
KDF_F_PKEY_TLS1_PRF_INIT:110:pkey_tls1_prf_init
|
KDF_F_PKEY_TLS1_PRF_INIT:110:pkey_tls1_prf_init
|
||||||
KDF_F_SCRYPT_SET_MEMBUF:129:scrypt_set_membuf
|
KDF_F_SCRYPT_SET_MEMBUF:129:scrypt_set_membuf
|
||||||
@ -32,10 +32,10 @@ diff -up openssl-1.1.1c/crypto/err/openssl.txt.krb5-kdf openssl-1.1.1c/crypto/er
|
|||||||
KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg
|
KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg
|
||||||
OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object
|
OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object
|
||||||
OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid
|
OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid
|
||||||
@@ -2315,7 +2325,13 @@ EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM:
|
@@ -2325,7 +2335,13 @@ EVP_R_UNSUPPORTED_SALT_TYPE:126:unsuppor
|
||||||
EVP_R_UNSUPPORTED_SALT_TYPE:126:unsupported salt type
|
|
||||||
EVP_R_WRAP_MODE_NOT_ALLOWED:170:wrap mode not allowed
|
EVP_R_WRAP_MODE_NOT_ALLOWED:170:wrap mode not allowed
|
||||||
EVP_R_WRONG_FINAL_BLOCK_LENGTH:109:wrong final block length
|
EVP_R_WRONG_FINAL_BLOCK_LENGTH:109:wrong final block length
|
||||||
|
EVP_R_XTS_DUPLICATED_KEYS:183:xts duplicated keys
|
||||||
+KDF_R_FAILED_TO_GENERATE_KEY:118:failed to generate key
|
+KDF_R_FAILED_TO_GENERATE_KEY:118:failed to generate key
|
||||||
+KDF_R_INVALID_CIPHER:116:invalid cipher
|
+KDF_R_INVALID_CIPHER:116:invalid cipher
|
||||||
+KDF_R_INVALID_CONSTANT_LENGTH:119:invalid constant length
|
+KDF_R_INVALID_CONSTANT_LENGTH:119:invalid constant length
|
||||||
@ -46,7 +46,7 @@ diff -up openssl-1.1.1c/crypto/err/openssl.txt.krb5-kdf openssl-1.1.1c/crypto/er
|
|||||||
KDF_R_MISSING_ITERATION_COUNT:109:missing iteration count
|
KDF_R_MISSING_ITERATION_COUNT:109:missing iteration count
|
||||||
KDF_R_MISSING_KEY:104:missing key
|
KDF_R_MISSING_KEY:104:missing key
|
||||||
KDF_R_MISSING_MESSAGE_DIGEST:105:missing message digest
|
KDF_R_MISSING_MESSAGE_DIGEST:105:missing message digest
|
||||||
@@ -2330,6 +2346,7 @@ KDF_R_MISSING_XCGHASH:115:missing xcghas
|
@@ -2340,6 +2356,7 @@ KDF_R_MISSING_XCGHASH:115:missing xcghas
|
||||||
KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type
|
KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type
|
||||||
KDF_R_VALUE_ERROR:108:value error
|
KDF_R_VALUE_ERROR:108:value error
|
||||||
KDF_R_VALUE_MISSING:102:value missing
|
KDF_R_VALUE_MISSING:102:value missing
|
||||||
@ -54,9 +54,9 @@ diff -up openssl-1.1.1c/crypto/err/openssl.txt.krb5-kdf openssl-1.1.1c/crypto/er
|
|||||||
KDF_R_WRONG_OUTPUT_BUFFER_SIZE:112:wrong output buffer size
|
KDF_R_WRONG_OUTPUT_BUFFER_SIZE:112:wrong output buffer size
|
||||||
OBJ_R_OID_EXISTS:102:oid exists
|
OBJ_R_OID_EXISTS:102:oid exists
|
||||||
OBJ_R_UNKNOWN_NID:101:unknown nid
|
OBJ_R_UNKNOWN_NID:101:unknown nid
|
||||||
diff -up openssl-1.1.1c/crypto/evp/kdf_lib.c.krb5-kdf openssl-1.1.1c/crypto/evp/kdf_lib.c
|
diff -up openssl-1.1.1d/crypto/evp/kdf_lib.c.krb5-kdf openssl-1.1.1d/crypto/evp/kdf_lib.c
|
||||||
--- openssl-1.1.1c/crypto/evp/kdf_lib.c.krb5-kdf 2019-11-14 16:25:09.445914709 +0100
|
--- openssl-1.1.1d/crypto/evp/kdf_lib.c.krb5-kdf 2019-11-14 15:07:05.320094521 +0100
|
||||||
+++ openssl-1.1.1c/crypto/evp/kdf_lib.c 2019-11-14 16:25:09.475914166 +0100
|
+++ openssl-1.1.1d/crypto/evp/kdf_lib.c 2019-11-14 15:07:05.342094129 +0100
|
||||||
@@ -31,6 +31,9 @@ static const EVP_KDF_METHOD *standard_me
|
@@ -31,6 +31,9 @@ static const EVP_KDF_METHOD *standard_me
|
||||||
&tls1_prf_kdf_meth,
|
&tls1_prf_kdf_meth,
|
||||||
&hkdf_kdf_meth,
|
&hkdf_kdf_meth,
|
||||||
@ -67,9 +67,9 @@ diff -up openssl-1.1.1c/crypto/evp/kdf_lib.c.krb5-kdf openssl-1.1.1c/crypto/evp/
|
|||||||
};
|
};
|
||||||
|
|
||||||
DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *,
|
DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *,
|
||||||
diff -up openssl-1.1.1c/crypto/include/internal/evp_int.h.krb5-kdf openssl-1.1.1c/crypto/include/internal/evp_int.h
|
diff -up openssl-1.1.1d/include/crypto/evp.h.krb5-kdf openssl-1.1.1d/include/crypto/evp.h
|
||||||
--- openssl-1.1.1c/crypto/include/internal/evp_int.h.krb5-kdf 2019-11-14 16:25:09.446914691 +0100
|
--- openssl-1.1.1d/include/crypto/evp.h.krb5-kdf 2019-11-14 15:07:05.320094521 +0100
|
||||||
+++ openssl-1.1.1c/crypto/include/internal/evp_int.h 2019-11-14 16:25:09.475914166 +0100
|
+++ openssl-1.1.1d/include/crypto/evp.h 2019-11-14 15:07:05.342094129 +0100
|
||||||
@@ -130,6 +130,9 @@ extern const EVP_KDF_METHOD scrypt_kdf_m
|
@@ -130,6 +130,9 @@ extern const EVP_KDF_METHOD scrypt_kdf_m
|
||||||
extern const EVP_KDF_METHOD tls1_prf_kdf_meth;
|
extern const EVP_KDF_METHOD tls1_prf_kdf_meth;
|
||||||
extern const EVP_KDF_METHOD hkdf_kdf_meth;
|
extern const EVP_KDF_METHOD hkdf_kdf_meth;
|
||||||
@ -80,17 +80,17 @@ diff -up openssl-1.1.1c/crypto/include/internal/evp_int.h.krb5-kdf openssl-1.1.1
|
|||||||
|
|
||||||
struct evp_md_st {
|
struct evp_md_st {
|
||||||
int type;
|
int type;
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/build.info.krb5-kdf openssl-1.1.1c/crypto/kdf/build.info
|
diff -up openssl-1.1.1d/crypto/kdf/build.info.krb5-kdf openssl-1.1.1d/crypto/kdf/build.info
|
||||||
--- openssl-1.1.1c/crypto/kdf/build.info.krb5-kdf 2019-11-14 16:25:09.446914691 +0100
|
--- openssl-1.1.1d/crypto/kdf/build.info.krb5-kdf 2019-11-14 15:07:05.320094521 +0100
|
||||||
+++ openssl-1.1.1c/crypto/kdf/build.info 2019-11-14 16:25:09.475914166 +0100
|
+++ openssl-1.1.1d/crypto/kdf/build.info 2019-11-14 15:07:05.342094129 +0100
|
||||||
@@ -1,3 +1,3 @@
|
@@ -1,3 +1,3 @@
|
||||||
LIBS=../../libcrypto
|
LIBS=../../libcrypto
|
||||||
SOURCE[../../libcrypto]=\
|
SOURCE[../../libcrypto]=\
|
||||||
- tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c
|
- tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c
|
||||||
+ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c kbkdf.c krb5kdf.c sskdf.c
|
+ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c kbkdf.c krb5kdf.c sskdf.c
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/kbkdf.c.krb5-kdf openssl-1.1.1c/crypto/kdf/kbkdf.c
|
diff -up openssl-1.1.1d/crypto/kdf/kbkdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kbkdf.c
|
||||||
--- openssl-1.1.1c/crypto/kdf/kbkdf.c.krb5-kdf 2019-11-14 16:25:09.475914166 +0100
|
--- openssl-1.1.1d/crypto/kdf/kbkdf.c.krb5-kdf 2019-11-14 15:07:05.343094112 +0100
|
||||||
+++ openssl-1.1.1c/crypto/kdf/kbkdf.c 2019-11-18 17:21:58.326635901 +0100
|
+++ openssl-1.1.1d/crypto/kdf/kbkdf.c 2019-11-18 17:21:58.326635901 +0100
|
||||||
@@ -0,0 +1,540 @@
|
@@ -0,0 +1,540 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -129,7 +129,7 @@ diff -up openssl-1.1.1c/crypto/kdf/kbkdf.c.krb5-kdf openssl-1.1.1c/crypto/kdf/kb
|
|||||||
+
|
+
|
||||||
+#include "internal/numbers.h"
|
+#include "internal/numbers.h"
|
||||||
+#include "internal/cryptlib.h"
|
+#include "internal/cryptlib.h"
|
||||||
+#include "internal/evp_int.h"
|
+#include "crypto/evp.h"
|
||||||
+#include "kdf_local.h"
|
+#include "kdf_local.h"
|
||||||
+
|
+
|
||||||
+#include "e_os.h"
|
+#include "e_os.h"
|
||||||
@ -632,9 +632,9 @@ diff -up openssl-1.1.1c/crypto/kdf/kbkdf.c.krb5-kdf openssl-1.1.1c/crypto/kdf/kb
|
|||||||
+ kbkdf_derive,
|
+ kbkdf_derive,
|
||||||
+};
|
+};
|
||||||
+
|
+
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/kdf_err.c.krb5-kdf openssl-1.1.1c/crypto/kdf/kdf_err.c
|
diff -up openssl-1.1.1d/crypto/kdf/kdf_err.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kdf_err.c
|
||||||
--- openssl-1.1.1c/crypto/kdf/kdf_err.c.krb5-kdf 2019-11-14 16:25:09.446914691 +0100
|
--- openssl-1.1.1d/crypto/kdf/kdf_err.c.krb5-kdf 2019-11-14 15:07:05.320094521 +0100
|
||||||
+++ openssl-1.1.1c/crypto/kdf/kdf_err.c 2019-11-14 16:25:09.475914166 +0100
|
+++ openssl-1.1.1d/crypto/kdf/kdf_err.c 2019-11-14 15:07:05.343094112 +0100
|
||||||
@@ -15,6 +15,11 @@
|
@@ -15,6 +15,11 @@
|
||||||
|
|
||||||
static const ERR_STRING_DATA KDF_str_functs[] = {
|
static const ERR_STRING_DATA KDF_str_functs[] = {
|
||||||
@ -688,9 +688,9 @@ diff -up openssl-1.1.1c/crypto/kdf/kdf_err.c.krb5-kdf openssl-1.1.1c/crypto/kdf/
|
|||||||
{ERR_PACK(ERR_LIB_KDF, 0, KDF_R_WRONG_OUTPUT_BUFFER_SIZE),
|
{ERR_PACK(ERR_LIB_KDF, 0, KDF_R_WRONG_OUTPUT_BUFFER_SIZE),
|
||||||
"wrong output buffer size"},
|
"wrong output buffer size"},
|
||||||
{0, NULL}
|
{0, NULL}
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/kdf_local.h.krb5-kdf openssl-1.1.1c/crypto/kdf/kdf_local.h
|
diff -up openssl-1.1.1d/crypto/kdf/kdf_local.h.krb5-kdf openssl-1.1.1d/crypto/kdf/kdf_local.h
|
||||||
--- openssl-1.1.1c/crypto/kdf/kdf_local.h.krb5-kdf 2019-11-14 16:25:09.438914836 +0100
|
--- openssl-1.1.1d/crypto/kdf/kdf_local.h.krb5-kdf 2019-11-14 15:07:05.313094646 +0100
|
||||||
+++ openssl-1.1.1c/crypto/kdf/kdf_local.h 2019-11-14 16:25:09.475914166 +0100
|
+++ openssl-1.1.1d/crypto/kdf/kdf_local.h 2019-11-14 15:07:05.344094093 +0100
|
||||||
@@ -19,4 +19,6 @@ int kdf_hex2ctrl(EVP_KDF_IMPL *impl,
|
@@ -19,4 +19,6 @@ int kdf_hex2ctrl(EVP_KDF_IMPL *impl,
|
||||||
int kdf_md2ctrl(EVP_KDF_IMPL *impl,
|
int kdf_md2ctrl(EVP_KDF_IMPL *impl,
|
||||||
int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
|
int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
|
||||||
@ -699,9 +699,9 @@ diff -up openssl-1.1.1c/crypto/kdf/kdf_local.h.krb5-kdf openssl-1.1.1c/crypto/kd
|
|||||||
+int kdf_cipher2ctrl(EVP_KDF_IMPL *impl,
|
+int kdf_cipher2ctrl(EVP_KDF_IMPL *impl,
|
||||||
+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
|
+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
|
||||||
+ int cmd, const char *cipher_name);
|
+ int cmd, const char *cipher_name);
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/kdf_util.c.krb5-kdf openssl-1.1.1c/crypto/kdf/kdf_util.c
|
diff -up openssl-1.1.1d/crypto/kdf/kdf_util.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kdf_util.c
|
||||||
--- openssl-1.1.1c/crypto/kdf/kdf_util.c.krb5-kdf 2019-11-14 16:25:09.438914836 +0100
|
--- openssl-1.1.1d/crypto/kdf/kdf_util.c.krb5-kdf 2019-11-14 15:07:05.313094646 +0100
|
||||||
+++ openssl-1.1.1c/crypto/kdf/kdf_util.c 2019-11-14 16:25:09.475914166 +0100
|
+++ openssl-1.1.1d/crypto/kdf/kdf_util.c 2019-11-14 15:07:05.344094093 +0100
|
||||||
@@ -71,3 +71,16 @@ int kdf_md2ctrl(EVP_KDF_IMPL *impl,
|
@@ -71,3 +71,16 @@ int kdf_md2ctrl(EVP_KDF_IMPL *impl,
|
||||||
return call_ctrl(ctrl, impl, cmd, md);
|
return call_ctrl(ctrl, impl, cmd, md);
|
||||||
}
|
}
|
||||||
@ -719,9 +719,9 @@ diff -up openssl-1.1.1c/crypto/kdf/kdf_util.c.krb5-kdf openssl-1.1.1c/crypto/kdf
|
|||||||
+ }
|
+ }
|
||||||
+ return call_ctrl(ctrl, impl, cmd, cipher);
|
+ return call_ctrl(ctrl, impl, cmd, cipher);
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/krb5kdf.c.krb5-kdf openssl-1.1.1c/crypto/kdf/krb5kdf.c
|
diff -up openssl-1.1.1d/crypto/kdf/krb5kdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/krb5kdf.c
|
||||||
--- openssl-1.1.1c/crypto/kdf/krb5kdf.c.krb5-kdf 2019-11-14 16:25:09.476914148 +0100
|
--- openssl-1.1.1d/crypto/kdf/krb5kdf.c.krb5-kdf 2019-11-14 15:07:05.344094093 +0100
|
||||||
+++ openssl-1.1.1c/crypto/kdf/krb5kdf.c 2019-11-18 17:18:13.056604404 +0100
|
+++ openssl-1.1.1d/crypto/kdf/krb5kdf.c 2019-11-18 17:18:13.056604404 +0100
|
||||||
@@ -0,0 +1,423 @@
|
@@ -0,0 +1,423 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -741,7 +741,7 @@ diff -up openssl-1.1.1c/crypto/kdf/krb5kdf.c.krb5-kdf openssl-1.1.1c/crypto/kdf/
|
|||||||
+#include <openssl/kdf.h>
|
+#include <openssl/kdf.h>
|
||||||
+
|
+
|
||||||
+#include "internal/cryptlib.h"
|
+#include "internal/cryptlib.h"
|
||||||
+#include "internal/evp_int.h"
|
+#include "crypto/evp.h"
|
||||||
+#include "kdf_local.h"
|
+#include "kdf_local.h"
|
||||||
+
|
+
|
||||||
+/* KRB5 KDF defined in RFC 3961, Section 5.1 */
|
+/* KRB5 KDF defined in RFC 3961, Section 5.1 */
|
||||||
@ -1146,10 +1146,18 @@ diff -up openssl-1.1.1c/crypto/kdf/krb5kdf.c.krb5-kdf openssl-1.1.1c/crypto/kdf/
|
|||||||
+ krb5kdf_derive,
|
+ krb5kdf_derive,
|
||||||
+};
|
+};
|
||||||
+
|
+
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/sshkdf.c.krb5-kdf openssl-1.1.1c/crypto/kdf/sshkdf.c
|
diff -up openssl-1.1.1d/crypto/kdf/sshkdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/sshkdf.c
|
||||||
--- openssl-1.1.1c/crypto/kdf/sshkdf.c.krb5-kdf 2019-11-15 14:53:14.769279878 +0100
|
--- openssl-1.1.1d/crypto/kdf/sshkdf.c.krb5-kdf 2019-11-14 15:07:05.327094396 +0100
|
||||||
+++ openssl-1.1.1c/crypto/kdf/sshkdf.c 2019-11-18 17:18:25.343388314 +0100
|
+++ openssl-1.1.1d/crypto/kdf/sshkdf.c 2019-11-18 17:18:25.343388314 +0100
|
||||||
@@ -69,6 +69,12 @@ static int kdf_sshkdf_parse_buffer_arg(u
|
@@ -12,6 +12,7 @@
|
||||||
|
#include <string.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/kdf.h>
|
||||||
|
+#include "internal/numbers.h"
|
||||||
|
#include "internal/cryptlib.h"
|
||||||
|
#include "crypto/evp.h"
|
||||||
|
#include "kdf_local.h"
|
||||||
|
@@ -68,6 +69,12 @@ static int kdf_sshkdf_parse_buffer_arg(u
|
||||||
p = va_arg(args, const unsigned char *);
|
p = va_arg(args, const unsigned char *);
|
||||||
len = va_arg(args, size_t);
|
len = va_arg(args, size_t);
|
||||||
OPENSSL_clear_free(*dst, *dst_len);
|
OPENSSL_clear_free(*dst, *dst_len);
|
||||||
@ -1162,9 +1170,9 @@ diff -up openssl-1.1.1c/crypto/kdf/sshkdf.c.krb5-kdf openssl-1.1.1c/crypto/kdf/s
|
|||||||
*dst = OPENSSL_memdup(p, len);
|
*dst = OPENSSL_memdup(p, len);
|
||||||
if (*dst == NULL)
|
if (*dst == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/sskdf.c.krb5-kdf openssl-1.1.1c/crypto/kdf/sskdf.c
|
diff -up openssl-1.1.1d/crypto/kdf/sskdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/sskdf.c
|
||||||
--- openssl-1.1.1c/crypto/kdf/sskdf.c.krb5-kdf 2019-11-14 16:25:09.476914148 +0100
|
--- openssl-1.1.1d/crypto/kdf/sskdf.c.krb5-kdf 2019-11-14 15:07:05.344094093 +0100
|
||||||
+++ openssl-1.1.1c/crypto/kdf/sskdf.c 2019-11-18 17:21:40.349952802 +0100
|
+++ openssl-1.1.1d/crypto/kdf/sskdf.c 2019-11-18 17:21:40.349952802 +0100
|
||||||
@@ -0,0 +1,255 @@
|
@@ -0,0 +1,255 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -1210,7 +1218,7 @@ diff -up openssl-1.1.1c/crypto/kdf/sskdf.c.krb5-kdf openssl-1.1.1c/crypto/kdf/ss
|
|||||||
+#include <openssl/evp.h>
|
+#include <openssl/evp.h>
|
||||||
+#include <openssl/kdf.h>
|
+#include <openssl/kdf.h>
|
||||||
+#include "internal/cryptlib.h"
|
+#include "internal/cryptlib.h"
|
||||||
+#include "internal/evp_int.h"
|
+#include "crypto/evp.h"
|
||||||
+#include "kdf_local.h"
|
+#include "kdf_local.h"
|
||||||
+
|
+
|
||||||
+struct evp_kdf_impl_st {
|
+struct evp_kdf_impl_st {
|
||||||
@ -1421,9 +1429,9 @@ diff -up openssl-1.1.1c/crypto/kdf/sskdf.c.krb5-kdf openssl-1.1.1c/crypto/kdf/ss
|
|||||||
+ sskdf_size,
|
+ sskdf_size,
|
||||||
+ sskdf_derive
|
+ sskdf_derive
|
||||||
+};
|
+};
|
||||||
diff -up openssl-1.1.1c/crypto/objects/obj_dat.h.krb5-kdf openssl-1.1.1c/crypto/objects/obj_dat.h
|
diff -up openssl-1.1.1d/crypto/objects/obj_dat.h.krb5-kdf openssl-1.1.1d/crypto/objects/obj_dat.h
|
||||||
--- openssl-1.1.1c/crypto/objects/obj_dat.h.krb5-kdf 2019-11-14 16:25:09.447914673 +0100
|
--- openssl-1.1.1d/crypto/objects/obj_dat.h.krb5-kdf 2019-11-14 15:07:05.322094485 +0100
|
||||||
+++ openssl-1.1.1c/crypto/objects/obj_dat.h 2019-11-14 16:25:09.477914130 +0100
|
+++ openssl-1.1.1d/crypto/objects/obj_dat.h 2019-11-14 15:07:05.345094076 +0100
|
||||||
@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = {
|
@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = {
|
||||||
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */
|
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */
|
||||||
};
|
};
|
||||||
@ -1493,9 +1501,9 @@ diff -up openssl-1.1.1c/crypto/objects/obj_dat.h.krb5-kdf openssl-1.1.1c/crypto/
|
|||||||
16, /* "stateOrProvinceName" */
|
16, /* "stateOrProvinceName" */
|
||||||
660, /* "streetAddress" */
|
660, /* "streetAddress" */
|
||||||
498, /* "subtreeMaximumQuality" */
|
498, /* "subtreeMaximumQuality" */
|
||||||
diff -up openssl-1.1.1c/crypto/objects/objects.txt.krb5-kdf openssl-1.1.1c/crypto/objects/objects.txt
|
diff -up openssl-1.1.1d/crypto/objects/objects.txt.krb5-kdf openssl-1.1.1d/crypto/objects/objects.txt
|
||||||
--- openssl-1.1.1c/crypto/objects/objects.txt.krb5-kdf 2019-11-14 16:25:09.447914673 +0100
|
--- openssl-1.1.1d/crypto/objects/objects.txt.krb5-kdf 2019-11-14 15:07:05.322094485 +0100
|
||||||
+++ openssl-1.1.1c/crypto/objects/objects.txt 2019-11-14 16:25:09.477914130 +0100
|
+++ openssl-1.1.1d/crypto/objects/objects.txt 2019-11-14 15:07:05.345094076 +0100
|
||||||
@@ -1603,6 +1603,15 @@ secg-scheme 14 3 : dhSinglePass-cofactor
|
@@ -1603,6 +1603,15 @@ secg-scheme 14 3 : dhSinglePass-cofactor
|
||||||
# NID for SSHKDF
|
# NID for SSHKDF
|
||||||
: SSHKDF : sshkdf
|
: SSHKDF : sshkdf
|
||||||
@ -1512,9 +1520,9 @@ diff -up openssl-1.1.1c/crypto/objects/objects.txt.krb5-kdf openssl-1.1.1c/crypt
|
|||||||
# RFC 4556
|
# RFC 4556
|
||||||
1 3 6 1 5 2 3 : id-pkinit
|
1 3 6 1 5 2 3 : id-pkinit
|
||||||
id-pkinit 4 : pkInitClientAuth : PKINIT Client Auth
|
id-pkinit 4 : pkInitClientAuth : PKINIT Client Auth
|
||||||
diff -up openssl-1.1.1c/crypto/objects/obj_mac.num.krb5-kdf openssl-1.1.1c/crypto/objects/obj_mac.num
|
diff -up openssl-1.1.1d/crypto/objects/obj_mac.num.krb5-kdf openssl-1.1.1d/crypto/objects/obj_mac.num
|
||||||
--- openssl-1.1.1c/crypto/objects/obj_mac.num.krb5-kdf 2019-11-14 16:25:09.447914673 +0100
|
--- openssl-1.1.1d/crypto/objects/obj_mac.num.krb5-kdf 2019-11-14 15:07:05.322094485 +0100
|
||||||
+++ openssl-1.1.1c/crypto/objects/obj_mac.num 2019-11-14 16:25:09.477914130 +0100
|
+++ openssl-1.1.1d/crypto/objects/obj_mac.num 2019-11-14 15:07:05.346094058 +0100
|
||||||
@@ -1193,3 +1193,6 @@ magma_mac 1192
|
@@ -1193,3 +1193,6 @@ magma_mac 1192
|
||||||
hmacWithSHA512_224 1193
|
hmacWithSHA512_224 1193
|
||||||
hmacWithSHA512_256 1194
|
hmacWithSHA512_256 1194
|
||||||
@ -1522,9 +1530,9 @@ diff -up openssl-1.1.1c/crypto/objects/obj_mac.num.krb5-kdf openssl-1.1.1c/crypt
|
|||||||
+kbkdf 1196
|
+kbkdf 1196
|
||||||
+krb5kdf 1197
|
+krb5kdf 1197
|
||||||
+sskdf 1198
|
+sskdf 1198
|
||||||
diff -up openssl-1.1.1c/doc/man3/EVP_KDF_CTX.pod.krb5-kdf openssl-1.1.1c/doc/man3/EVP_KDF_CTX.pod
|
diff -up openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod.krb5-kdf openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod
|
||||||
--- openssl-1.1.1c/doc/man3/EVP_KDF_CTX.pod.krb5-kdf 2019-11-14 16:25:09.439914818 +0100
|
--- openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod.krb5-kdf 2019-11-14 15:07:05.314094628 +0100
|
||||||
+++ openssl-1.1.1c/doc/man3/EVP_KDF_CTX.pod 2019-11-14 16:25:09.477914130 +0100
|
+++ openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod 2019-11-14 15:07:05.346094058 +0100
|
||||||
@@ -140,7 +140,14 @@ The value string is expected to be a dec
|
@@ -140,7 +140,14 @@ The value string is expected to be a dec
|
||||||
This control expects one argument: C<EVP_MD *md>
|
This control expects one argument: C<EVP_MD *md>
|
||||||
|
|
||||||
@ -1541,9 +1549,9 @@ diff -up openssl-1.1.1c/doc/man3/EVP_KDF_CTX.pod.krb5-kdf openssl-1.1.1c/doc/man
|
|||||||
|
|
||||||
EVP_KDF_ctrl_str() type string: "md"
|
EVP_KDF_ctrl_str() type string: "md"
|
||||||
|
|
||||||
diff -up openssl-1.1.1c/doc/man7/EVP_KDF_KB.pod.krb5-kdf openssl-1.1.1c/doc/man7/EVP_KDF_KB.pod
|
diff -up openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod.krb5-kdf openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod
|
||||||
--- openssl-1.1.1c/doc/man7/EVP_KDF_KB.pod.krb5-kdf 2019-11-14 16:25:09.478914112 +0100
|
--- openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod.krb5-kdf 2019-11-14 15:07:05.346094058 +0100
|
||||||
+++ openssl-1.1.1c/doc/man7/EVP_KDF_KB.pod 2019-11-14 16:25:09.478914112 +0100
|
+++ openssl-1.1.1d/doc/man7/EVP_KDF_KB.pod 2019-11-14 15:07:05.346094058 +0100
|
||||||
@@ -0,0 +1,173 @@
|
@@ -0,0 +1,173 @@
|
||||||
+=pod
|
+=pod
|
||||||
+
|
+
|
||||||
@ -1718,9 +1726,9 @@ diff -up openssl-1.1.1c/doc/man7/EVP_KDF_KB.pod.krb5-kdf openssl-1.1.1c/doc/man7
|
|||||||
+L<https://www.openssl.org/source/license.html>.
|
+L<https://www.openssl.org/source/license.html>.
|
||||||
+
|
+
|
||||||
+=cut
|
+=cut
|
||||||
diff -up openssl-1.1.1c/doc/man7/EVP_KDF_KRB5KDF.pod.krb5-kdf openssl-1.1.1c/doc/man7/EVP_KDF_KRB5KDF.pod
|
diff -up openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod.krb5-kdf openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod
|
||||||
--- openssl-1.1.1c/doc/man7/EVP_KDF_KRB5KDF.pod.krb5-kdf 2019-11-14 16:25:09.478914112 +0100
|
--- openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod.krb5-kdf 2019-11-14 15:07:05.346094058 +0100
|
||||||
+++ openssl-1.1.1c/doc/man7/EVP_KDF_KRB5KDF.pod 2019-11-14 16:25:09.478914112 +0100
|
+++ openssl-1.1.1d/doc/man7/EVP_KDF_KRB5KDF.pod 2019-11-14 15:07:05.346094058 +0100
|
||||||
@@ -0,0 +1,107 @@
|
@@ -0,0 +1,107 @@
|
||||||
+=pod
|
+=pod
|
||||||
+
|
+
|
||||||
@ -1829,9 +1837,9 @@ diff -up openssl-1.1.1c/doc/man7/EVP_KDF_KRB5KDF.pod.krb5-kdf openssl-1.1.1c/doc
|
|||||||
+
|
+
|
||||||
+=cut
|
+=cut
|
||||||
+
|
+
|
||||||
diff -up openssl-1.1.1c/doc/man7/EVP_KDF_SS.pod.krb5-kdf openssl-1.1.1c/doc/man7/EVP_KDF_SS.pod
|
diff -up openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod.krb5-kdf openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod
|
||||||
--- openssl-1.1.1c/doc/man7/EVP_KDF_SS.pod.krb5-kdf 2019-11-14 16:25:09.478914112 +0100
|
--- openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod.krb5-kdf 2019-11-14 15:07:05.346094058 +0100
|
||||||
+++ openssl-1.1.1c/doc/man7/EVP_KDF_SS.pod 2019-11-14 16:25:09.478914112 +0100
|
+++ openssl-1.1.1d/doc/man7/EVP_KDF_SS.pod 2019-11-14 15:07:05.346094058 +0100
|
||||||
@@ -0,0 +1,146 @@
|
@@ -0,0 +1,146 @@
|
||||||
+=pod
|
+=pod
|
||||||
+
|
+
|
||||||
@ -1979,10 +1987,10 @@ diff -up openssl-1.1.1c/doc/man7/EVP_KDF_SS.pod.krb5-kdf openssl-1.1.1c/doc/man7
|
|||||||
+L<https://www.openssl.org/source/license.html>.
|
+L<https://www.openssl.org/source/license.html>.
|
||||||
+
|
+
|
||||||
+=cut
|
+=cut
|
||||||
diff -up openssl-1.1.1c/include/openssl/kdferr.h.krb5-kdf openssl-1.1.1c/include/openssl/kdferr.h
|
diff -up openssl-1.1.1d/include/openssl/kdferr.h.krb5-kdf openssl-1.1.1d/include/openssl/kdferr.h
|
||||||
--- openssl-1.1.1c/include/openssl/kdferr.h.krb5-kdf 2019-11-14 16:25:09.448914655 +0100
|
--- openssl-1.1.1d/include/openssl/kdferr.h.krb5-kdf 2019-11-14 15:07:05.323094468 +0100
|
||||||
+++ openssl-1.1.1c/include/openssl/kdferr.h 2019-11-14 16:25:09.478914112 +0100
|
+++ openssl-1.1.1d/include/openssl/kdferr.h 2019-11-14 15:07:05.347094040 +0100
|
||||||
@@ -20,6 +20,11 @@ int ERR_load_KDF_strings(void);
|
@@ -24,6 +24,11 @@ int ERR_load_KDF_strings(void);
|
||||||
* KDF function codes.
|
* KDF function codes.
|
||||||
*/
|
*/
|
||||||
# define KDF_F_HKDF_EXTRACT 112
|
# define KDF_F_HKDF_EXTRACT 112
|
||||||
@ -1994,7 +2002,7 @@ diff -up openssl-1.1.1c/include/openssl/kdferr.h.krb5-kdf openssl-1.1.1c/include
|
|||||||
# define KDF_F_KDF_HKDF_DERIVE 113
|
# define KDF_F_KDF_HKDF_DERIVE 113
|
||||||
# define KDF_F_KDF_HKDF_NEW 114
|
# define KDF_F_KDF_HKDF_NEW 114
|
||||||
# define KDF_F_KDF_HKDF_SIZE 115
|
# define KDF_F_KDF_HKDF_SIZE 115
|
||||||
@@ -39,6 +44,8 @@ int ERR_load_KDF_strings(void);
|
@@ -43,6 +48,8 @@ int ERR_load_KDF_strings(void);
|
||||||
# define KDF_F_KDF_TLS1_PRF_CTRL_STR 125
|
# define KDF_F_KDF_TLS1_PRF_CTRL_STR 125
|
||||||
# define KDF_F_KDF_TLS1_PRF_DERIVE 126
|
# define KDF_F_KDF_TLS1_PRF_DERIVE 126
|
||||||
# define KDF_F_KDF_TLS1_PRF_NEW 127
|
# define KDF_F_KDF_TLS1_PRF_NEW 127
|
||||||
@ -2003,7 +2011,7 @@ diff -up openssl-1.1.1c/include/openssl/kdferr.h.krb5-kdf openssl-1.1.1c/include
|
|||||||
# define KDF_F_PBKDF2_SET_MEMBUF 128
|
# define KDF_F_PBKDF2_SET_MEMBUF 128
|
||||||
# define KDF_F_PKEY_HKDF_CTRL_STR 103
|
# define KDF_F_PKEY_HKDF_CTRL_STR 103
|
||||||
# define KDF_F_PKEY_HKDF_DERIVE 102
|
# define KDF_F_PKEY_HKDF_DERIVE 102
|
||||||
@@ -52,12 +59,21 @@ int ERR_load_KDF_strings(void);
|
@@ -56,12 +63,21 @@ int ERR_load_KDF_strings(void);
|
||||||
# define KDF_F_PKEY_TLS1_PRF_DERIVE 101
|
# define KDF_F_PKEY_TLS1_PRF_DERIVE 101
|
||||||
# define KDF_F_PKEY_TLS1_PRF_INIT 110
|
# define KDF_F_PKEY_TLS1_PRF_INIT 110
|
||||||
# define KDF_F_SCRYPT_SET_MEMBUF 129
|
# define KDF_F_SCRYPT_SET_MEMBUF 129
|
||||||
@ -2025,7 +2033,7 @@ diff -up openssl-1.1.1c/include/openssl/kdferr.h.krb5-kdf openssl-1.1.1c/include
|
|||||||
# define KDF_R_MISSING_ITERATION_COUNT 109
|
# define KDF_R_MISSING_ITERATION_COUNT 109
|
||||||
# define KDF_R_MISSING_KEY 104
|
# define KDF_R_MISSING_KEY 104
|
||||||
# define KDF_R_MISSING_MESSAGE_DIGEST 105
|
# define KDF_R_MISSING_MESSAGE_DIGEST 105
|
||||||
@@ -72,6 +88,7 @@ int ERR_load_KDF_strings(void);
|
@@ -76,6 +92,7 @@ int ERR_load_KDF_strings(void);
|
||||||
# define KDF_R_UNKNOWN_PARAMETER_TYPE 103
|
# define KDF_R_UNKNOWN_PARAMETER_TYPE 103
|
||||||
# define KDF_R_VALUE_ERROR 108
|
# define KDF_R_VALUE_ERROR 108
|
||||||
# define KDF_R_VALUE_MISSING 102
|
# define KDF_R_VALUE_MISSING 102
|
||||||
@ -2033,9 +2041,9 @@ diff -up openssl-1.1.1c/include/openssl/kdferr.h.krb5-kdf openssl-1.1.1c/include
|
|||||||
# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112
|
# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
diff -up openssl-1.1.1c/include/openssl/kdf.h.krb5-kdf openssl-1.1.1c/include/openssl/kdf.h
|
diff -up openssl-1.1.1d/include/openssl/kdf.h.krb5-kdf openssl-1.1.1d/include/openssl/kdf.h
|
||||||
--- openssl-1.1.1c/include/openssl/kdf.h.krb5-kdf 2019-11-14 16:25:09.448914655 +0100
|
--- openssl-1.1.1d/include/openssl/kdf.h.krb5-kdf 2019-11-14 15:07:05.323094468 +0100
|
||||||
+++ openssl-1.1.1c/include/openssl/kdf.h 2019-11-14 16:25:09.478914112 +0100
|
+++ openssl-1.1.1d/include/openssl/kdf.h 2019-11-14 15:07:05.347094040 +0100
|
||||||
@@ -21,6 +21,9 @@ extern "C" {
|
@@ -21,6 +21,9 @@ extern "C" {
|
||||||
# define EVP_KDF_TLS1_PRF NID_tls1_prf
|
# define EVP_KDF_TLS1_PRF NID_tls1_prf
|
||||||
# define EVP_KDF_HKDF NID_hkdf
|
# define EVP_KDF_HKDF NID_hkdf
|
||||||
@ -2073,9 +2081,9 @@ diff -up openssl-1.1.1c/include/openssl/kdf.h.krb5-kdf openssl-1.1.1c/include/op
|
|||||||
/**** The legacy PKEY-based KDF API follows. ****/
|
/**** The legacy PKEY-based KDF API follows. ****/
|
||||||
|
|
||||||
# define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL)
|
# define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL)
|
||||||
diff -up openssl-1.1.1c/include/openssl/obj_mac.h.krb5-kdf openssl-1.1.1c/include/openssl/obj_mac.h
|
diff -up openssl-1.1.1d/include/openssl/obj_mac.h.krb5-kdf openssl-1.1.1d/include/openssl/obj_mac.h
|
||||||
--- openssl-1.1.1c/include/openssl/obj_mac.h.krb5-kdf 2019-11-14 16:25:09.449914637 +0100
|
--- openssl-1.1.1d/include/openssl/obj_mac.h.krb5-kdf 2019-11-14 15:07:05.323094468 +0100
|
||||||
+++ openssl-1.1.1c/include/openssl/obj_mac.h 2019-11-14 16:25:09.479914093 +0100
|
+++ openssl-1.1.1d/include/openssl/obj_mac.h 2019-11-14 15:07:05.347094040 +0100
|
||||||
@@ -4974,6 +4974,18 @@
|
@@ -4974,6 +4974,18 @@
|
||||||
#define LN_sshkdf "sshkdf"
|
#define LN_sshkdf "sshkdf"
|
||||||
#define NID_sshkdf 1203
|
#define NID_sshkdf 1203
|
||||||
@ -2095,9 +2103,9 @@ diff -up openssl-1.1.1c/include/openssl/obj_mac.h.krb5-kdf openssl-1.1.1c/includ
|
|||||||
#define SN_id_pkinit "id-pkinit"
|
#define SN_id_pkinit "id-pkinit"
|
||||||
#define NID_id_pkinit 1031
|
#define NID_id_pkinit 1031
|
||||||
#define OBJ_id_pkinit 1L,3L,6L,1L,5L,2L,3L
|
#define OBJ_id_pkinit 1L,3L,6L,1L,5L,2L,3L
|
||||||
diff -up openssl-1.1.1c/test/evp_kdf_test.c.krb5-kdf openssl-1.1.1c/test/evp_kdf_test.c
|
diff -up openssl-1.1.1d/test/evp_kdf_test.c.krb5-kdf openssl-1.1.1d/test/evp_kdf_test.c
|
||||||
--- openssl-1.1.1c/test/evp_kdf_test.c.krb5-kdf 2019-11-14 16:25:09.441914782 +0100
|
--- openssl-1.1.1d/test/evp_kdf_test.c.krb5-kdf 2019-11-14 15:07:05.315094610 +0100
|
||||||
+++ openssl-1.1.1c/test/evp_kdf_test.c 2019-11-14 16:25:09.479914093 +0100
|
+++ openssl-1.1.1d/test/evp_kdf_test.c 2019-11-14 15:07:05.348094022 +0100
|
||||||
@@ -225,13 +225,358 @@ err:
|
@@ -225,13 +225,358 @@ err:
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@ -2457,9 +2465,9 @@ diff -up openssl-1.1.1c/test/evp_kdf_test.c.krb5-kdf openssl-1.1.1c/test/evp_kdf
|
|||||||
+ ADD_TEST(test_kdf_ss_hash);
|
+ ADD_TEST(test_kdf_ss_hash);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
diff -up openssl-1.1.1c/test/recipes/30-test_evp_data/evpkdf.txt.krb5-kdf openssl-1.1.1c/test/recipes/30-test_evp_data/evpkdf.txt
|
diff -up openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt.krb5-kdf openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt
|
||||||
--- openssl-1.1.1c/test/recipes/30-test_evp_data/evpkdf.txt.krb5-kdf 2019-11-14 16:25:09.451914601 +0100
|
--- openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt.krb5-kdf 2019-11-14 15:07:05.327094396 +0100
|
||||||
+++ openssl-1.1.1c/test/recipes/30-test_evp_data/evpkdf.txt 2019-11-14 16:25:09.480914075 +0100
|
+++ openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt 2019-11-14 15:07:05.349094005 +0100
|
||||||
@@ -5286,3 +5286,559 @@ Ctrl.hexsession_id = hexsession_id:a4ebd
|
@@ -5286,3 +5286,559 @@ Ctrl.hexsession_id = hexsession_id:a4ebd
|
||||||
Ctrl.type = type:A
|
Ctrl.type = type:A
|
||||||
Output = FF
|
Output = FF
|
||||||
|
@ -1,17 +1,16 @@
|
|||||||
diff -up openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.in.no-brainpool openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.in
|
diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in
|
||||||
--- openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.in.no-brainpool 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool 2019-09-10 15:13:07.000000000 +0200
|
||||||
+++ openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.in 2019-05-07 11:52:35.885597934 +0200
|
+++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in 2019-09-13 15:11:07.358687169 +0200
|
||||||
@@ -141,22 +141,23 @@ our @tests = (
|
@@ -147,22 +147,22 @@ our @tests = (
|
||||||
{
|
{
|
||||||
name => "ECDSA with brainpool",
|
name => "ECDSA with brainpool",
|
||||||
server => {
|
server => {
|
||||||
- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
|
- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
|
||||||
- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
|
- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
|
||||||
- "Groups" => "brainpoolP256r1",
|
- "Groups" => "brainpoolP256r1",
|
||||||
+# "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
|
+ "Certificate" => test_pem("server-ecdsa-cert.pem"),
|
||||||
+# "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
|
+ "PrivateKey" => test_pem("server-ecdsa-key.pem"),
|
||||||
+# "Groups" => "brainpoolP256r1",
|
+# "Groups" => "brainpoolP256r1",
|
||||||
+ "CipherString" => "aNULL",
|
|
||||||
},
|
},
|
||||||
client => {
|
client => {
|
||||||
#We don't restrict this to TLSv1.2, although use of brainpool
|
#We don't restrict this to TLSv1.2, although use of brainpool
|
||||||
@ -32,17 +31,16 @@ diff -up openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.in.no-brainpool opens
|
|||||||
"ExpectedResult" => "Success"
|
"ExpectedResult" => "Success"
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
@@ -787,18 +788,19 @@ my @tests_tls_1_3 = (
|
@@ -853,18 +853,18 @@ my @tests_tls_1_3 = (
|
||||||
{
|
{
|
||||||
name => "TLS 1.3 ECDSA with brainpool",
|
name => "TLS 1.3 ECDSA with brainpool",
|
||||||
server => {
|
server => {
|
||||||
- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
|
- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
|
||||||
- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
|
- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
|
||||||
- "Groups" => "brainpoolP256r1",
|
- "Groups" => "brainpoolP256r1",
|
||||||
+# "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
|
+ "Certificate" => test_pem("server-ecdsa-cert.pem"),
|
||||||
+# "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
|
+ "PrivateKey" => test_pem("server-ecdsa-key.pem"),
|
||||||
+# "Groups" => "brainpoolP256r1",
|
+# "Groups" => "brainpoolP256r1",
|
||||||
+ "CipherString" => "aNULL",
|
|
||||||
},
|
},
|
||||||
client => {
|
client => {
|
||||||
"RequestCAFile" => test_pem("root-cert.pem"),
|
"RequestCAFile" => test_pem("root-cert.pem"),
|
||||||
@ -57,20 +55,19 @@ diff -up openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.in.no-brainpool opens
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
);
|
);
|
||||||
diff -up openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.no-brainpool openssl-1.1.1b/test/ssl-tests/20-cert-select.conf
|
diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf
|
||||||
--- openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.no-brainpool 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool 2019-09-10 15:13:07.000000000 +0200
|
||||||
+++ openssl-1.1.1b/test/ssl-tests/20-cert-select.conf 2019-05-07 12:15:12.762907496 +0200
|
+++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf 2019-09-13 15:12:27.380288469 +0200
|
||||||
@@ -233,23 +233,18 @@ server = 5-ECDSA with brainpool-server
|
@@ -238,23 +238,18 @@ server = 5-ECDSA with brainpool-server
|
||||||
client = 5-ECDSA with brainpool-client
|
client = 5-ECDSA with brainpool-client
|
||||||
|
|
||||||
[5-ECDSA with brainpool-server]
|
[5-ECDSA with brainpool-server]
|
||||||
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
|
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
|
||||||
-CipherString = DEFAULT
|
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
||||||
|
CipherString = DEFAULT
|
||||||
-Groups = brainpoolP256r1
|
-Groups = brainpoolP256r1
|
||||||
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
|
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
|
||||||
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
||||||
+CipherString = aNULL
|
|
||||||
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
||||||
|
|
||||||
[5-ECDSA with brainpool-client]
|
[5-ECDSA with brainpool-client]
|
||||||
CipherString = aECDSA
|
CipherString = aECDSA
|
||||||
@ -87,28 +84,27 @@ diff -up openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.no-brainpool openssl-
|
|||||||
|
|
||||||
|
|
||||||
# ===========================================================
|
# ===========================================================
|
||||||
@@ -1577,14 +1572,12 @@ server = 47-TLS 1.3 ECDSA with brainpool
|
@@ -1713,14 +1708,12 @@ server = 52-TLS 1.3 ECDSA with brainpool
|
||||||
client = 47-TLS 1.3 ECDSA with brainpool-client
|
client = 52-TLS 1.3 ECDSA with brainpool-client
|
||||||
|
|
||||||
[47-TLS 1.3 ECDSA with brainpool-server]
|
[52-TLS 1.3 ECDSA with brainpool-server]
|
||||||
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
|
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
|
||||||
-CipherString = DEFAULT
|
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
||||||
|
CipherString = DEFAULT
|
||||||
-Groups = brainpoolP256r1
|
-Groups = brainpoolP256r1
|
||||||
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
|
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
|
||||||
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
||||||
+CipherString = aNULL
|
|
||||||
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
||||||
|
|
||||||
[47-TLS 1.3 ECDSA with brainpool-client]
|
[52-TLS 1.3 ECDSA with brainpool-client]
|
||||||
CipherString = DEFAULT
|
CipherString = DEFAULT
|
||||||
-Groups = brainpoolP256r1
|
-Groups = brainpoolP256r1
|
||||||
MaxProtocol = TLSv1.3
|
MaxProtocol = TLSv1.3
|
||||||
MinProtocol = TLSv1.3
|
MinProtocol = TLSv1.3
|
||||||
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||||
@@ -1592,7 +1585,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/ro
|
@@ -1728,7 +1721,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/ro
|
||||||
VerifyMode = Peer
|
VerifyMode = Peer
|
||||||
|
|
||||||
[test-47]
|
[test-52]
|
||||||
-ExpectedResult = ServerFail
|
-ExpectedResult = ServerFail
|
||||||
+ExpectedResult = Success
|
+ExpectedResult = Success
|
||||||
|
|
||||||
|
12
SOURCES/openssl-1.1.1-no-html.patch
Normal file
12
SOURCES/openssl-1.1.1-no-html.patch
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.no-html openssl-1.1.1f/Configurations/unix-Makefile.tmpl
|
||||||
|
--- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.no-html 2020-04-07 16:45:21.904083989 +0200
|
||||||
|
+++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl 2020-04-07 16:45:56.218461895 +0200
|
||||||
|
@@ -544,7 +544,7 @@ install_sw: install_dev install_engines
|
||||||
|
|
||||||
|
uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev
|
||||||
|
|
||||||
|
-install_docs: install_man_docs install_html_docs
|
||||||
|
+install_docs: install_man_docs
|
||||||
|
|
||||||
|
uninstall_docs: uninstall_man_docs uninstall_html_docs
|
||||||
|
$(RM) -r "$(DESTDIR)$(DOCDIR)"
|
@ -1,16 +0,0 @@
|
|||||||
diff -up openssl-1.1.1b/crypto/conf/conf_lib.c.regression openssl-1.1.1b/crypto/conf/conf_lib.c
|
|
||||||
--- openssl-1.1.1b/crypto/conf/conf_lib.c.regression 2019-02-26 15:15:30.000000000 +0100
|
|
||||||
+++ openssl-1.1.1b/crypto/conf/conf_lib.c 2019-05-10 14:28:57.718049429 +0200
|
|
||||||
@@ -356,8 +356,10 @@ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(
|
|
||||||
{
|
|
||||||
OPENSSL_INIT_SETTINGS *ret = malloc(sizeof(*ret));
|
|
||||||
|
|
||||||
- if (ret != NULL)
|
|
||||||
- memset(ret, 0, sizeof(*ret));
|
|
||||||
+ if (ret == NULL)
|
|
||||||
+ return NULL;
|
|
||||||
+
|
|
||||||
+ memset(ret, 0, sizeof(*ret));
|
|
||||||
ret->flags = DEFAULT_CONF_MFLAGS;
|
|
||||||
|
|
||||||
return ret;
|
|
44
SOURCES/openssl-1.1.1-reneg-no-extms.patch
Normal file
44
SOURCES/openssl-1.1.1-reneg-no-extms.patch
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
diff -up openssl-1.1.1g/include/openssl/ssl3.h.reneg-no-extms openssl-1.1.1g/include/openssl/ssl3.h
|
||||||
|
--- openssl-1.1.1g/include/openssl/ssl3.h.reneg-no-extms 2020-04-21 14:22:39.000000000 +0200
|
||||||
|
+++ openssl-1.1.1g/include/openssl/ssl3.h 2020-06-05 15:20:22.090682776 +0200
|
||||||
|
@@ -292,6 +292,9 @@ extern "C" {
|
||||||
|
|
||||||
|
# define TLS1_FLAGS_STATELESS 0x0800
|
||||||
|
|
||||||
|
+/* Set if extended master secret extension required on renegotiation */
|
||||||
|
+# define TLS1_FLAGS_REQUIRED_EXTMS 0x1000
|
||||||
|
+
|
||||||
|
# define SSL3_MT_HELLO_REQUEST 0
|
||||||
|
# define SSL3_MT_CLIENT_HELLO 1
|
||||||
|
# define SSL3_MT_SERVER_HELLO 2
|
||||||
|
diff -up openssl-1.1.1g/ssl/statem/extensions.c.reneg-no-extms openssl-1.1.1g/ssl/statem/extensions.c
|
||||||
|
--- openssl-1.1.1g/ssl/statem/extensions.c.reneg-no-extms 2020-04-21 14:22:39.000000000 +0200
|
||||||
|
+++ openssl-1.1.1g/ssl/statem/extensions.c 2020-06-05 15:22:19.677653437 +0200
|
||||||
|
@@ -1168,14 +1168,26 @@ static int init_etm(SSL *s, unsigned int
|
||||||
|
|
||||||
|
static int init_ems(SSL *s, unsigned int context)
|
||||||
|
{
|
||||||
|
- if (!s->server)
|
||||||
|
+ if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) {
|
||||||
|
s->s3->flags &= ~TLS1_FLAGS_RECEIVED_EXTMS;
|
||||||
|
+ s->s3->flags |= TLS1_FLAGS_REQUIRED_EXTMS;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int final_ems(SSL *s, unsigned int context, int sent)
|
||||||
|
{
|
||||||
|
+ /*
|
||||||
|
+ * Check extended master secret extension is not dropped on
|
||||||
|
+ * renegotiation.
|
||||||
|
+ */
|
||||||
|
+ if (!(s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)
|
||||||
|
+ && (s->s3->flags & TLS1_FLAGS_REQUIRED_EXTMS)) {
|
||||||
|
+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_FINAL_EMS,
|
||||||
|
+ SSL_R_INCONSISTENT_EXTMS);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
if (!s->server && s->hit) {
|
||||||
|
/*
|
||||||
|
* Check extended master secret extension is consistent with
|
170
SOURCES/openssl-1.1.1-rewire-fips-drbg.patch
Normal file
170
SOURCES/openssl-1.1.1-rewire-fips-drbg.patch
Normal file
@ -0,0 +1,170 @@
|
|||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_lib.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_drbg_lib.c 2020-06-22 13:32:47.675852917 +0200
|
||||||
|
@@ -337,6 +337,19 @@ static int drbg_reseed(DRBG_CTX *dctx,
|
||||||
|
int FIPS_drbg_reseed(DRBG_CTX *dctx,
|
||||||
|
const unsigned char *adin, size_t adinlen)
|
||||||
|
{
|
||||||
|
+ int len = (int)adinlen;
|
||||||
|
+
|
||||||
|
+ if (len < 0 || (size_t)len != adinlen) {
|
||||||
|
+ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_ADDITIONAL_INPUT_TOO_LONG);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+ RAND_seed(adin, len);
|
||||||
|
+ return 1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int FIPS_drbg_reseed_internal(DRBG_CTX *dctx,
|
||||||
|
+ const unsigned char *adin, size_t adinlen)
|
||||||
|
+{
|
||||||
|
return drbg_reseed(dctx, adin, adinlen, 1);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -358,6 +371,19 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, u
|
||||||
|
int prediction_resistance,
|
||||||
|
const unsigned char *adin, size_t adinlen)
|
||||||
|
{
|
||||||
|
+ int len = (int)outlen;
|
||||||
|
+
|
||||||
|
+ if (len < 0 || (size_t)len != outlen) {
|
||||||
|
+ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+ return RAND_bytes(out, len);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int FIPS_drbg_generate_internal(DRBG_CTX *dctx, unsigned char *out, size_t outlen,
|
||||||
|
+ int prediction_resistance,
|
||||||
|
+ const unsigned char *adin, size_t adinlen)
|
||||||
|
+{
|
||||||
|
int r = 0;
|
||||||
|
|
||||||
|
if (FIPS_selftest_failed()) {
|
||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_rand.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_drbg_rand.c 2020-06-22 13:32:47.675852917 +0200
|
||||||
|
@@ -57,6 +57,8 @@
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/rand.h>
|
||||||
|
#include <openssl/fips.h>
|
||||||
|
+#define FIPS_DRBG_generate FIPS_DRBG_generate_internal
|
||||||
|
+#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal
|
||||||
|
#include <openssl/fips_rand.h>
|
||||||
|
#include "fips_rand_lcl.h"
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg 2020-06-22 13:32:47.612852927 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c 2020-06-22 13:32:47.675852917 +0200
|
||||||
|
@@ -55,6 +55,8 @@
|
||||||
|
#include <openssl/crypto.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/fips.h>
|
||||||
|
+#define FIPS_DRBG_generate FIPS_DRBG_generate_internal
|
||||||
|
+#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal
|
||||||
|
#include <openssl/fips_rand.h>
|
||||||
|
#include "fips_rand_lcl.h"
|
||||||
|
#include "fips_locl.h"
|
||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_post.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-22 13:32:47.675852917 +0200
|
||||||
|
@@ -79,8 +79,6 @@ int FIPS_selftest(void)
|
||||||
|
ERR_add_error_data(2, "Type=", "rand_drbg_selftest");
|
||||||
|
rv = 0;
|
||||||
|
}
|
||||||
|
- if (!FIPS_selftest_drbg())
|
||||||
|
- rv = 0;
|
||||||
|
if (!FIPS_selftest_sha1())
|
||||||
|
rv = 0;
|
||||||
|
if (!FIPS_selftest_sha2())
|
||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_rand_lib.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.613852927 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_rand_lib.c 2020-06-22 13:36:28.722817967 +0200
|
||||||
|
@@ -120,6 +120,7 @@ void FIPS_rand_reset(void)
|
||||||
|
|
||||||
|
int FIPS_rand_seed(const void *buf, int num)
|
||||||
|
{
|
||||||
|
+#if 0
|
||||||
|
if (!fips_approved_rand_meth && FIPS_module_mode()) {
|
||||||
|
FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD);
|
||||||
|
return 0;
|
||||||
|
@@ -127,10 +128,15 @@ int FIPS_rand_seed(const void *buf, int
|
||||||
|
if (fips_rand_meth && fips_rand_meth->seed)
|
||||||
|
fips_rand_meth->seed(buf, num);
|
||||||
|
return 1;
|
||||||
|
+#else
|
||||||
|
+ RAND_seed(buf, num);
|
||||||
|
+ return 1;
|
||||||
|
+#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
int FIPS_rand_bytes(unsigned char *buf, int num)
|
||||||
|
{
|
||||||
|
+#if 0
|
||||||
|
if (!fips_approved_rand_meth && FIPS_module_mode()) {
|
||||||
|
FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD);
|
||||||
|
return 0;
|
||||||
|
@@ -138,10 +144,14 @@ int FIPS_rand_bytes(unsigned char *buf,
|
||||||
|
if (fips_rand_meth && fips_rand_meth->bytes)
|
||||||
|
return fips_rand_meth->bytes(buf, num);
|
||||||
|
return 0;
|
||||||
|
+#else
|
||||||
|
+ return RAND_bytes(buf, num);
|
||||||
|
+#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
int FIPS_rand_status(void)
|
||||||
|
{
|
||||||
|
+#if 0
|
||||||
|
if (!fips_approved_rand_meth && FIPS_module_mode()) {
|
||||||
|
FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD);
|
||||||
|
return 0;
|
||||||
|
@@ -149,6 +159,9 @@ int FIPS_rand_status(void)
|
||||||
|
if (fips_rand_meth && fips_rand_meth->status)
|
||||||
|
return fips_rand_meth->status();
|
||||||
|
return 0;
|
||||||
|
+#else
|
||||||
|
+ return RAND_status();
|
||||||
|
+#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Return instantiated strength of PRNG. For DRBG this is an internal
|
||||||
|
diff -up openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips.h
|
||||||
|
--- openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200
|
||||||
|
+++ openssl-1.1.1g/include/openssl/fips.h 2020-06-22 13:32:47.675852917 +0200
|
||||||
|
@@ -64,6 +64,11 @@ extern "C" {
|
||||||
|
|
||||||
|
int FIPS_selftest(void);
|
||||||
|
int FIPS_selftest_failed(void);
|
||||||
|
+
|
||||||
|
+ /*
|
||||||
|
+ * This function is deprecated as it performs selftest of the old FIPS drbg
|
||||||
|
+ * implementation that is not validated.
|
||||||
|
+ */
|
||||||
|
int FIPS_selftest_drbg_all(void);
|
||||||
|
|
||||||
|
int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
|
||||||
|
diff -up openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips_rand.h
|
||||||
|
--- openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg 2020-06-22 13:32:47.617852926 +0200
|
||||||
|
+++ openssl-1.1.1g/include/openssl/fips_rand.h 2020-06-22 13:32:47.675852917 +0200
|
||||||
|
@@ -60,6 +60,20 @@
|
||||||
|
# ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
# endif
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * IMPORTANT NOTE:
|
||||||
|
+ * All functions in this header file are deprecated and should not be used
|
||||||
|
+ * as they use the old FIPS_drbg implementation that is not FIPS validated
|
||||||
|
+ * anymore.
|
||||||
|
+ * To provide backwards compatibility for applications that need FIPS compliant
|
||||||
|
+ * RNG number generation and use FIPS_drbg_generate, this function was
|
||||||
|
+ * re-wired to call the FIPS validated DRBG instance instead through
|
||||||
|
+ * the RAND_bytes() call.
|
||||||
|
+ *
|
||||||
|
+ * All these functions will be removed in future.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
typedef struct drbg_ctx_st DRBG_CTX;
|
||||||
|
/* DRBG external flags */
|
||||||
|
/* Flag for CTR mode only: use derivation function ctr_df */
|
@ -1,6 +1,6 @@
|
|||||||
diff -up openssl-1.1.1c/Configurations/00-base-templates.conf.s390x-ecc openssl-1.1.1c/Configurations/00-base-templates.conf
|
diff -up openssl-1.1.1g/Configurations/00-base-templates.conf.s390x-ecc openssl-1.1.1g/Configurations/00-base-templates.conf
|
||||||
--- openssl-1.1.1c/Configurations/00-base-templates.conf.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/Configurations/00-base-templates.conf.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/Configurations/00-base-templates.conf 2019-11-20 11:36:02.190860451 +0100
|
+++ openssl-1.1.1g/Configurations/00-base-templates.conf 2020-05-18 12:45:40.855234262 +0200
|
||||||
@@ -289,6 +289,7 @@ my %targets=(
|
@@ -289,6 +289,7 @@ my %targets=(
|
||||||
template => 1,
|
template => 1,
|
||||||
cpuid_asm_src => "s390xcap.c s390xcpuid.S",
|
cpuid_asm_src => "s390xcap.c s390xcpuid.S",
|
||||||
@ -9,10 +9,10 @@ diff -up openssl-1.1.1c/Configurations/00-base-templates.conf.s390x-ecc openssl-
|
|||||||
aes_asm_src => "aes-s390x.S aes-ctr.fake aes-xts.fake",
|
aes_asm_src => "aes-s390x.S aes-ctr.fake aes-xts.fake",
|
||||||
sha1_asm_src => "sha1-s390x.S sha256-s390x.S sha512-s390x.S",
|
sha1_asm_src => "sha1-s390x.S sha256-s390x.S sha512-s390x.S",
|
||||||
rc4_asm_src => "rc4-s390x.s",
|
rc4_asm_src => "rc4-s390x.s",
|
||||||
diff -up openssl-1.1.1c/Configure.s390x-ecc openssl-1.1.1c/Configure
|
diff -up openssl-1.1.1g/Configure.s390x-ecc openssl-1.1.1g/Configure
|
||||||
--- openssl-1.1.1c/Configure.s390x-ecc 2019-11-20 11:36:02.078862415 +0100
|
--- openssl-1.1.1g/Configure.s390x-ecc 2020-05-18 12:45:40.781233618 +0200
|
||||||
+++ openssl-1.1.1c/Configure 2019-11-20 11:36:02.191860433 +0100
|
+++ openssl-1.1.1g/Configure 2020-05-18 12:45:40.856234270 +0200
|
||||||
@@ -1410,6 +1410,9 @@ unless ($disabled{asm}) {
|
@@ -1398,6 +1398,9 @@ unless ($disabled{asm}) {
|
||||||
if ($target{ec_asm_src} =~ /ecp_nistz256/) {
|
if ($target{ec_asm_src} =~ /ecp_nistz256/) {
|
||||||
push @{$config{lib_defines}}, "ECP_NISTZ256_ASM";
|
push @{$config{lib_defines}}, "ECP_NISTZ256_ASM";
|
||||||
}
|
}
|
||||||
@ -22,21 +22,9 @@ diff -up openssl-1.1.1c/Configure.s390x-ecc openssl-1.1.1c/Configure
|
|||||||
if ($target{ec_asm_src} =~ /x25519/) {
|
if ($target{ec_asm_src} =~ /x25519/) {
|
||||||
push @{$config{lib_defines}}, "X25519_ASM";
|
push @{$config{lib_defines}}, "X25519_ASM";
|
||||||
}
|
}
|
||||||
diff -up openssl-1.1.1c/crypto/bn/asm/s390x.S.s390x-ecc openssl-1.1.1c/crypto/bn/asm/s390x.S
|
diff -up openssl-1.1.1g/crypto/cmac/cm_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/cmac/cm_pmeth.c
|
||||||
--- openssl-1.1.1c/crypto/bn/asm/s390x.S.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/cmac/cm_pmeth.c.s390x-ecc 2020-05-18 12:45:40.782233627 +0200
|
||||||
+++ openssl-1.1.1c/crypto/bn/asm/s390x.S 2019-11-20 11:36:02.191860433 +0100
|
+++ openssl-1.1.1g/crypto/cmac/cm_pmeth.c 2020-05-18 12:45:42.661249957 +0200
|
||||||
@@ -511,7 +511,7 @@ bn_mul_comba4:
|
|
||||||
lghi zero,0
|
|
||||||
|
|
||||||
mul_add_c(0,0,c1,c2,c3);
|
|
||||||
- stg c1,0*8(%r3)
|
|
||||||
+ stg c1,0*8(%r2)
|
|
||||||
lghi c1,0
|
|
||||||
|
|
||||||
mul_add_c(0,1,c2,c3,c1);
|
|
||||||
diff -up openssl-1.1.1c/crypto/cmac/cm_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/cmac/cm_pmeth.c
|
|
||||||
--- openssl-1.1.1c/crypto/cmac/cm_pmeth.c.s390x-ecc 2019-11-20 11:36:02.078862415 +0100
|
|
||||||
+++ openssl-1.1.1c/crypto/cmac/cm_pmeth.c 2019-11-20 11:36:02.191860433 +0100
|
|
||||||
@@ -159,3 +159,8 @@ const EVP_PKEY_METHOD cmac_pkey_meth = {
|
@@ -159,3 +159,8 @@ const EVP_PKEY_METHOD cmac_pkey_meth = {
|
||||||
pkey_cmac_ctrl,
|
pkey_cmac_ctrl,
|
||||||
pkey_cmac_ctrl_str
|
pkey_cmac_ctrl_str
|
||||||
@ -46,9 +34,9 @@ diff -up openssl-1.1.1c/crypto/cmac/cm_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/c
|
|||||||
+{
|
+{
|
||||||
+ return &cmac_pkey_meth;
|
+ return &cmac_pkey_meth;
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1c/crypto/dh/dh_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/dh/dh_pmeth.c
|
diff -up openssl-1.1.1g/crypto/dh/dh_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/dh/dh_pmeth.c
|
||||||
--- openssl-1.1.1c/crypto/dh/dh_pmeth.c.s390x-ecc 2019-11-20 11:36:02.079862397 +0100
|
--- openssl-1.1.1g/crypto/dh/dh_pmeth.c.s390x-ecc 2020-05-18 12:45:40.782233627 +0200
|
||||||
+++ openssl-1.1.1c/crypto/dh/dh_pmeth.c 2019-11-20 11:36:02.191860433 +0100
|
+++ openssl-1.1.1g/crypto/dh/dh_pmeth.c 2020-05-18 12:45:42.661249957 +0200
|
||||||
@@ -512,6 +512,11 @@ const EVP_PKEY_METHOD dh_pkey_meth = {
|
@@ -512,6 +512,11 @@ const EVP_PKEY_METHOD dh_pkey_meth = {
|
||||||
pkey_dh_ctrl_str
|
pkey_dh_ctrl_str
|
||||||
};
|
};
|
||||||
@ -70,10 +58,10 @@ diff -up openssl-1.1.1c/crypto/dh/dh_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/dh/
|
|||||||
+{
|
+{
|
||||||
+ return &dhx_pkey_meth;
|
+ return &dhx_pkey_meth;
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1c/crypto/dsa/dsa_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/dsa/dsa_pmeth.c
|
diff -up openssl-1.1.1g/crypto/dsa/dsa_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/dsa/dsa_pmeth.c
|
||||||
--- openssl-1.1.1c/crypto/dsa/dsa_pmeth.c.s390x-ecc 2019-11-20 11:36:02.100862029 +0100
|
--- openssl-1.1.1g/crypto/dsa/dsa_pmeth.c.s390x-ecc 2020-05-18 12:45:40.783233636 +0200
|
||||||
+++ openssl-1.1.1c/crypto/dsa/dsa_pmeth.c 2019-11-20 11:36:02.191860433 +0100
|
+++ openssl-1.1.1g/crypto/dsa/dsa_pmeth.c 2020-05-18 12:45:42.662249966 +0200
|
||||||
@@ -275,3 +275,8 @@ const EVP_PKEY_METHOD dsa_pkey_meth = {
|
@@ -271,3 +271,8 @@ const EVP_PKEY_METHOD dsa_pkey_meth = {
|
||||||
pkey_dsa_ctrl,
|
pkey_dsa_ctrl,
|
||||||
pkey_dsa_ctrl_str
|
pkey_dsa_ctrl_str
|
||||||
};
|
};
|
||||||
@ -82,9 +70,9 @@ diff -up openssl-1.1.1c/crypto/dsa/dsa_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/d
|
|||||||
+{
|
+{
|
||||||
+ return &dsa_pkey_meth;
|
+ return &dsa_pkey_meth;
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1c/crypto/ec/build.info.s390x-ecc openssl-1.1.1c/crypto/ec/build.info
|
diff -up openssl-1.1.1g/crypto/ec/build.info.s390x-ecc openssl-1.1.1g/crypto/ec/build.info
|
||||||
--- openssl-1.1.1c/crypto/ec/build.info.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/ec/build.info.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/build.info 2019-11-20 11:36:02.192860416 +0100
|
+++ openssl-1.1.1g/crypto/ec/build.info 2020-05-18 12:45:42.662249966 +0200
|
||||||
@@ -26,6 +26,9 @@ GENERATE[ecp_nistz256-armv8.S]=asm/ecp_n
|
@@ -26,6 +26,9 @@ GENERATE[ecp_nistz256-armv8.S]=asm/ecp_n
|
||||||
INCLUDE[ecp_nistz256-armv8.o]=..
|
INCLUDE[ecp_nistz256-armv8.o]=..
|
||||||
GENERATE[ecp_nistz256-ppc64.s]=asm/ecp_nistz256-ppc64.pl $(PERLASM_SCHEME)
|
GENERATE[ecp_nistz256-ppc64.s]=asm/ecp_nistz256-ppc64.pl $(PERLASM_SCHEME)
|
||||||
@ -95,9 +83,9 @@ diff -up openssl-1.1.1c/crypto/ec/build.info.s390x-ecc openssl-1.1.1c/crypto/ec/
|
|||||||
GENERATE[x25519-x86_64.s]=asm/x25519-x86_64.pl $(PERLASM_SCHEME)
|
GENERATE[x25519-x86_64.s]=asm/x25519-x86_64.pl $(PERLASM_SCHEME)
|
||||||
GENERATE[x25519-ppc64.s]=asm/x25519-ppc64.pl $(PERLASM_SCHEME)
|
GENERATE[x25519-ppc64.s]=asm/x25519-ppc64.pl $(PERLASM_SCHEME)
|
||||||
|
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ec_curve.c.s390x-ecc openssl-1.1.1c/crypto/ec/ec_curve.c
|
diff -up openssl-1.1.1g/crypto/ec/ec_curve.c.s390x-ecc openssl-1.1.1g/crypto/ec/ec_curve.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ec_curve.c.s390x-ecc 2019-11-20 11:36:02.043863029 +0100
|
--- openssl-1.1.1g/crypto/ec/ec_curve.c.s390x-ecc 2020-05-18 12:45:40.753233375 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ec_curve.c 2019-11-20 11:36:02.192860416 +0100
|
+++ openssl-1.1.1g/crypto/ec/ec_curve.c 2020-05-18 12:45:42.663249975 +0200
|
||||||
@@ -255,20 +255,29 @@ static const ec_list_element curve_list[
|
@@ -255,20 +255,29 @@ static const ec_list_element curve_list[
|
||||||
{NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
|
{NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
|
||||||
"SECG curve over a 256 bit prime field"},
|
"SECG curve over a 256 bit prime field"},
|
||||||
@ -136,9 +124,9 @@ diff -up openssl-1.1.1c/crypto/ec/ec_curve.c.s390x-ecc openssl-1.1.1c/crypto/ec/
|
|||||||
EC_GFp_nistp256_method,
|
EC_GFp_nistp256_method,
|
||||||
#else
|
#else
|
||||||
0,
|
0,
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1c/crypto/ec/ecdsa_ossl.c
|
diff -up openssl-1.1.1g/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecdsa_ossl.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ecdsa_ossl.c.s390x-ecc 2019-11-20 11:36:02.100862029 +0100
|
--- openssl-1.1.1g/crypto/ec/ecdsa_ossl.c.s390x-ecc 2020-05-18 12:45:40.784233644 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ecdsa_ossl.c 2019-11-20 11:36:02.192860416 +0100
|
+++ openssl-1.1.1g/crypto/ec/ecdsa_ossl.c 2020-05-18 12:45:42.664249983 +0200
|
||||||
@@ -18,6 +18,41 @@
|
@@ -18,6 +18,41 @@
|
||||||
# include <openssl/fips.h>
|
# include <openssl/fips.h>
|
||||||
#endif
|
#endif
|
||||||
@ -181,7 +169,7 @@ diff -up openssl-1.1.1c/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen,
|
int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen,
|
||||||
unsigned char *sig, unsigned int *siglen,
|
unsigned char *sig, unsigned int *siglen,
|
||||||
const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey)
|
const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey)
|
||||||
@@ -145,15 +180,15 @@ static int ecdsa_sign_setup(EC_KEY *ecke
|
@@ -149,15 +184,15 @@ static int ecdsa_sign_setup(EC_KEY *ecke
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -202,7 +190,7 @@ diff -up openssl-1.1.1c/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
{
|
{
|
||||||
int ok = 0, i;
|
int ok = 0, i;
|
||||||
BIGNUM *kinv = NULL, *s, *m = NULL;
|
BIGNUM *kinv = NULL, *s, *m = NULL;
|
||||||
@@ -210,25 +245,25 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns
|
@@ -218,25 +253,25 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns
|
||||||
if (8 * dgst_len > i)
|
if (8 * dgst_len > i)
|
||||||
dgst_len = (i + 7) / 8;
|
dgst_len = (i + 7) / 8;
|
||||||
if (!BN_bin2bn(dgst, dgst_len, m)) {
|
if (!BN_bin2bn(dgst, dgst_len, m)) {
|
||||||
@ -232,7 +220,7 @@ diff -up openssl-1.1.1c/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -242,11 +277,11 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns
|
@@ -250,11 +285,11 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns
|
||||||
*/
|
*/
|
||||||
if (!bn_to_mont_fixed_top(s, ret->r, group->mont_data, ctx)
|
if (!bn_to_mont_fixed_top(s, ret->r, group->mont_data, ctx)
|
||||||
|| !bn_mul_mont_fixed_top(s, s, priv_key, group->mont_data, ctx)) {
|
|| !bn_mul_mont_fixed_top(s, s, priv_key, group->mont_data, ctx)) {
|
||||||
@ -246,7 +234,7 @@ diff -up openssl-1.1.1c/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
/*
|
/*
|
||||||
@@ -255,7 +290,7 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns
|
@@ -263,7 +298,7 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns
|
||||||
*/
|
*/
|
||||||
if (!bn_to_mont_fixed_top(s, s, group->mont_data, ctx)
|
if (!bn_to_mont_fixed_top(s, s, group->mont_data, ctx)
|
||||||
|| !BN_mod_mul_montgomery(s, s, ckinv, group->mont_data, ctx)) {
|
|| !BN_mod_mul_montgomery(s, s, ckinv, group->mont_data, ctx)) {
|
||||||
@ -255,7 +243,7 @@ diff -up openssl-1.1.1c/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -265,7 +300,7 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns
|
@@ -273,7 +308,7 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const uns
|
||||||
* generate new kinv and r values
|
* generate new kinv and r values
|
||||||
*/
|
*/
|
||||||
if (in_kinv != NULL && in_r != NULL) {
|
if (in_kinv != NULL && in_r != NULL) {
|
||||||
@ -264,7 +252,7 @@ diff -up openssl-1.1.1c/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
@@ -317,8 +352,8 @@ int ossl_ecdsa_verify(int type, const un
|
@@ -325,8 +360,8 @@ int ossl_ecdsa_verify(int type, const un
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -275,7 +263,7 @@ diff -up openssl-1.1.1c/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
{
|
{
|
||||||
int ret = -1, i;
|
int ret = -1, i;
|
||||||
BN_CTX *ctx;
|
BN_CTX *ctx;
|
||||||
@@ -338,18 +373,18 @@ int ossl_ecdsa_verify_sig(const unsigned
|
@@ -346,18 +381,18 @@ int ossl_ecdsa_verify_sig(const unsigned
|
||||||
/* check input values */
|
/* check input values */
|
||||||
if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL ||
|
if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL ||
|
||||||
(pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) {
|
(pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) {
|
||||||
@ -297,7 +285,7 @@ diff -up openssl-1.1.1c/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
BN_CTX_start(ctx);
|
BN_CTX_start(ctx);
|
||||||
@@ -358,26 +393,26 @@ int ossl_ecdsa_verify_sig(const unsigned
|
@@ -366,26 +401,26 @@ int ossl_ecdsa_verify_sig(const unsigned
|
||||||
m = BN_CTX_get(ctx);
|
m = BN_CTX_get(ctx);
|
||||||
X = BN_CTX_get(ctx);
|
X = BN_CTX_get(ctx);
|
||||||
if (X == NULL) {
|
if (X == NULL) {
|
||||||
@ -328,7 +316,7 @@ diff -up openssl-1.1.1c/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
/* digest -> m */
|
/* digest -> m */
|
||||||
@@ -388,41 +423,41 @@ int ossl_ecdsa_verify_sig(const unsigned
|
@@ -396,41 +431,41 @@ int ossl_ecdsa_verify_sig(const unsigned
|
||||||
if (8 * dgst_len > i)
|
if (8 * dgst_len > i)
|
||||||
dgst_len = (i + 7) / 8;
|
dgst_len = (i + 7) / 8;
|
||||||
if (!BN_bin2bn(dgst, dgst_len, m)) {
|
if (!BN_bin2bn(dgst, dgst_len, m)) {
|
||||||
@ -378,9 +366,9 @@ diff -up openssl-1.1.1c/crypto/ec/ecdsa_ossl.c.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
/* if the signature is correct u1 is equal to sig->r */
|
/* if the signature is correct u1 is equal to sig->r */
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ec_err.c.s390x-ecc openssl-1.1.1c/crypto/ec/ec_err.c
|
diff -up openssl-1.1.1g/crypto/ec/ec_err.c.s390x-ecc openssl-1.1.1g/crypto/ec/ec_err.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ec_err.c.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/ec/ec_err.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ec_err.c 2019-11-20 11:36:02.192860416 +0100
|
+++ openssl-1.1.1g/crypto/ec/ec_err.c 2020-05-18 12:45:42.664249983 +0200
|
||||||
@@ -31,6 +31,11 @@ static const ERR_STRING_DATA EC_str_func
|
@@ -31,6 +31,11 @@ static const ERR_STRING_DATA EC_str_func
|
||||||
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIGN_SETUP, 0), "ECDSA_sign_setup"},
|
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIGN_SETUP, 0), "ECDSA_sign_setup"},
|
||||||
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIG_NEW, 0), "ECDSA_SIG_new"},
|
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIG_NEW, 0), "ECDSA_SIG_new"},
|
||||||
@ -423,18 +411,9 @@ diff -up openssl-1.1.1c/crypto/ec/ec_err.c.s390x-ecc openssl-1.1.1c/crypto/ec/ec
|
|||||||
{ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING),
|
{ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING),
|
||||||
"curve does not support signing"},
|
"curve does not support signing"},
|
||||||
{ERR_PACK(ERR_LIB_EC, 0, EC_R_D2I_ECPKPARAMETERS_FAILURE),
|
{ERR_PACK(ERR_LIB_EC, 0, EC_R_D2I_ECPKPARAMETERS_FAILURE),
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ec_lcl.h.s390x-ecc openssl-1.1.1c/crypto/ec/ec_lcl.h
|
diff -up openssl-1.1.1g/crypto/ec/ec_local.h.s390x-ecc openssl-1.1.1g/crypto/ec/ec_local.h
|
||||||
--- openssl-1.1.1c/crypto/ec/ec_lcl.h.s390x-ecc 2019-11-20 11:36:01.676869466 +0100
|
--- openssl-1.1.1g/crypto/ec/ec_local.h.s390x-ecc 2020-05-18 12:45:40.554231646 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ec_lcl.h 2019-11-20 11:36:02.192860416 +0100
|
+++ openssl-1.1.1g/crypto/ec/ec_local.h 2020-05-18 12:45:44.564266496 +0200
|
||||||
@@ -154,7 +154,7 @@ struct ec_method_st {
|
|
||||||
int (*field_div) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
|
|
||||||
const BIGNUM *b, BN_CTX *);
|
|
||||||
/*-
|
|
||||||
- * 'field_inv' computes the multipicative inverse of a in the field,
|
|
||||||
+ * 'field_inv' computes the multiplicative inverse of a in the field,
|
|
||||||
* storing the result in r.
|
|
||||||
*
|
|
||||||
* If 'a' is zero (or equivalent), you'll get an EC_R_CANNOT_INVERT error.
|
|
||||||
@@ -179,6 +179,14 @@ struct ec_method_st {
|
@@ -179,6 +179,14 @@ struct ec_method_st {
|
||||||
/* custom ECDH operation */
|
/* custom ECDH operation */
|
||||||
int (*ecdh_compute_key)(unsigned char **pout, size_t *poutlen,
|
int (*ecdh_compute_key)(unsigned char **pout, size_t *poutlen,
|
||||||
@ -462,7 +441,7 @@ diff -up openssl-1.1.1c/crypto/ec/ec_lcl.h.s390x-ecc openssl-1.1.1c/crypto/ec/ec
|
|||||||
|
|
||||||
size_t ec_key_simple_priv2oct(const EC_KEY *eckey,
|
size_t ec_key_simple_priv2oct(const EC_KEY *eckey,
|
||||||
unsigned char *buf, size_t len);
|
unsigned char *buf, size_t len);
|
||||||
@@ -649,6 +662,13 @@ int ossl_ecdsa_verify(int type, const un
|
@@ -651,6 +664,13 @@ int ossl_ecdsa_verify(int type, const un
|
||||||
const unsigned char *sigbuf, int sig_len, EC_KEY *eckey);
|
const unsigned char *sigbuf, int sig_len, EC_KEY *eckey);
|
||||||
int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
|
int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
|
||||||
const ECDSA_SIG *sig, EC_KEY *eckey);
|
const ECDSA_SIG *sig, EC_KEY *eckey);
|
||||||
@ -476,9 +455,9 @@ diff -up openssl-1.1.1c/crypto/ec/ec_lcl.h.s390x-ecc openssl-1.1.1c/crypto/ec/ec
|
|||||||
|
|
||||||
int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len,
|
int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len,
|
||||||
const uint8_t public_key[32], const uint8_t private_key[32]);
|
const uint8_t public_key[32], const uint8_t private_key[32]);
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ec_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/ec/ec_pmeth.c
|
diff -up openssl-1.1.1g/crypto/ec/ec_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/ec/ec_pmeth.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ec_pmeth.c.s390x-ecc 2019-11-20 11:36:02.101862012 +0100
|
--- openssl-1.1.1g/crypto/ec/ec_pmeth.c.s390x-ecc 2020-05-18 12:45:40.784233644 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ec_pmeth.c 2019-11-20 11:36:02.193860398 +0100
|
+++ openssl-1.1.1g/crypto/ec/ec_pmeth.c 2020-05-18 12:45:44.565266505 +0200
|
||||||
@@ -474,3 +474,8 @@ const EVP_PKEY_METHOD ec_pkey_meth = {
|
@@ -474,3 +474,8 @@ const EVP_PKEY_METHOD ec_pkey_meth = {
|
||||||
pkey_ec_ctrl,
|
pkey_ec_ctrl,
|
||||||
pkey_ec_ctrl_str
|
pkey_ec_ctrl_str
|
||||||
@ -488,9 +467,9 @@ diff -up openssl-1.1.1c/crypto/ec/ec_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/ec/
|
|||||||
+{
|
+{
|
||||||
+ return &ec_pkey_meth;
|
+ return &ec_pkey_meth;
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ecp_mont.c.s390x-ecc openssl-1.1.1c/crypto/ec/ecp_mont.c
|
diff -up openssl-1.1.1g/crypto/ec/ecp_mont.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_mont.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ecp_mont.c.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/ec/ecp_mont.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ecp_mont.c 2019-11-20 11:36:02.193860398 +0100
|
+++ openssl-1.1.1g/crypto/ec/ecp_mont.c 2020-05-18 12:45:44.567266523 +0200
|
||||||
@@ -63,6 +63,9 @@ const EC_METHOD *EC_GFp_mont_method(void
|
@@ -63,6 +63,9 @@ const EC_METHOD *EC_GFp_mont_method(void
|
||||||
0, /* keycopy */
|
0, /* keycopy */
|
||||||
0, /* keyfinish */
|
0, /* keyfinish */
|
||||||
@ -501,9 +480,9 @@ diff -up openssl-1.1.1c/crypto/ec/ecp_mont.c.s390x-ecc openssl-1.1.1c/crypto/ec/
|
|||||||
0, /* field_inverse_mod_ord */
|
0, /* field_inverse_mod_ord */
|
||||||
ec_GFp_simple_blind_coordinates,
|
ec_GFp_simple_blind_coordinates,
|
||||||
ec_GFp_simple_ladder_pre,
|
ec_GFp_simple_ladder_pre,
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ecp_nist.c.s390x-ecc openssl-1.1.1c/crypto/ec/ecp_nist.c
|
diff -up openssl-1.1.1g/crypto/ec/ecp_nist.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nist.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ecp_nist.c.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/ec/ecp_nist.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ecp_nist.c 2019-11-20 11:36:02.193860398 +0100
|
+++ openssl-1.1.1g/crypto/ec/ecp_nist.c 2020-05-18 12:45:44.567266523 +0200
|
||||||
@@ -65,6 +65,9 @@ const EC_METHOD *EC_GFp_nist_method(void
|
@@ -65,6 +65,9 @@ const EC_METHOD *EC_GFp_nist_method(void
|
||||||
0, /* keycopy */
|
0, /* keycopy */
|
||||||
0, /* keyfinish */
|
0, /* keyfinish */
|
||||||
@ -514,9 +493,9 @@ diff -up openssl-1.1.1c/crypto/ec/ecp_nist.c.s390x-ecc openssl-1.1.1c/crypto/ec/
|
|||||||
0, /* field_inverse_mod_ord */
|
0, /* field_inverse_mod_ord */
|
||||||
ec_GFp_simple_blind_coordinates,
|
ec_GFp_simple_blind_coordinates,
|
||||||
ec_GFp_simple_ladder_pre,
|
ec_GFp_simple_ladder_pre,
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ecp_nistp224.c.s390x-ecc openssl-1.1.1c/crypto/ec/ecp_nistp224.c
|
diff -up openssl-1.1.1g/crypto/ec/ecp_nistp224.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nistp224.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ecp_nistp224.c.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/ec/ecp_nistp224.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ecp_nistp224.c 2019-11-20 11:36:02.193860398 +0100
|
+++ openssl-1.1.1g/crypto/ec/ecp_nistp224.c 2020-05-18 12:45:44.568266531 +0200
|
||||||
@@ -292,6 +292,9 @@ const EC_METHOD *EC_GFp_nistp224_method(
|
@@ -292,6 +292,9 @@ const EC_METHOD *EC_GFp_nistp224_method(
|
||||||
0, /* keycopy */
|
0, /* keycopy */
|
||||||
0, /* keyfinish */
|
0, /* keyfinish */
|
||||||
@ -527,10 +506,10 @@ diff -up openssl-1.1.1c/crypto/ec/ecp_nistp224.c.s390x-ecc openssl-1.1.1c/crypto
|
|||||||
0, /* field_inverse_mod_ord */
|
0, /* field_inverse_mod_ord */
|
||||||
0, /* blind_coordinates */
|
0, /* blind_coordinates */
|
||||||
0, /* ladder_pre */
|
0, /* ladder_pre */
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ecp_nistp256.c.s390x-ecc openssl-1.1.1c/crypto/ec/ecp_nistp256.c
|
diff -up openssl-1.1.1g/crypto/ec/ecp_nistp256.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nistp256.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ecp_nistp256.c.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/ec/ecp_nistp256.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ecp_nistp256.c 2019-11-20 11:36:02.194860380 +0100
|
+++ openssl-1.1.1g/crypto/ec/ecp_nistp256.c 2020-05-18 12:45:44.568266531 +0200
|
||||||
@@ -1823,6 +1823,9 @@ const EC_METHOD *EC_GFp_nistp256_method(
|
@@ -1829,6 +1829,9 @@ const EC_METHOD *EC_GFp_nistp256_method(
|
||||||
0, /* keycopy */
|
0, /* keycopy */
|
||||||
0, /* keyfinish */
|
0, /* keyfinish */
|
||||||
ecdh_simple_compute_key,
|
ecdh_simple_compute_key,
|
||||||
@ -540,10 +519,10 @@ diff -up openssl-1.1.1c/crypto/ec/ecp_nistp256.c.s390x-ecc openssl-1.1.1c/crypto
|
|||||||
0, /* field_inverse_mod_ord */
|
0, /* field_inverse_mod_ord */
|
||||||
0, /* blind_coordinates */
|
0, /* blind_coordinates */
|
||||||
0, /* ladder_pre */
|
0, /* ladder_pre */
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ecp_nistp521.c.s390x-ecc openssl-1.1.1c/crypto/ec/ecp_nistp521.c
|
diff -up openssl-1.1.1g/crypto/ec/ecp_nistp521.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nistp521.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ecp_nistp521.c.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/ec/ecp_nistp521.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ecp_nistp521.c 2019-11-20 11:36:02.194860380 +0100
|
+++ openssl-1.1.1g/crypto/ec/ecp_nistp521.c 2020-05-18 12:45:44.569266540 +0200
|
||||||
@@ -1665,6 +1665,9 @@ const EC_METHOD *EC_GFp_nistp521_method(
|
@@ -1669,6 +1669,9 @@ const EC_METHOD *EC_GFp_nistp521_method(
|
||||||
0, /* keycopy */
|
0, /* keycopy */
|
||||||
0, /* keyfinish */
|
0, /* keyfinish */
|
||||||
ecdh_simple_compute_key,
|
ecdh_simple_compute_key,
|
||||||
@ -553,10 +532,10 @@ diff -up openssl-1.1.1c/crypto/ec/ecp_nistp521.c.s390x-ecc openssl-1.1.1c/crypto
|
|||||||
0, /* field_inverse_mod_ord */
|
0, /* field_inverse_mod_ord */
|
||||||
0, /* blind_coordinates */
|
0, /* blind_coordinates */
|
||||||
0, /* ladder_pre */
|
0, /* ladder_pre */
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ecp_nistz256.c.s390x-ecc openssl-1.1.1c/crypto/ec/ecp_nistz256.c
|
diff -up openssl-1.1.1g/crypto/ec/ecp_nistz256.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_nistz256.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ecp_nistz256.c.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/ec/ecp_nistz256.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ecp_nistz256.c 2019-11-20 11:36:02.195860363 +0100
|
+++ openssl-1.1.1g/crypto/ec/ecp_nistz256.c 2020-05-18 12:45:44.570266549 +0200
|
||||||
@@ -1689,6 +1689,9 @@ const EC_METHOD *EC_GFp_nistz256_method(
|
@@ -1720,6 +1720,9 @@ const EC_METHOD *EC_GFp_nistz256_method(
|
||||||
0, /* keycopy */
|
0, /* keycopy */
|
||||||
0, /* keyfinish */
|
0, /* keyfinish */
|
||||||
ecdh_simple_compute_key,
|
ecdh_simple_compute_key,
|
||||||
@ -566,9 +545,9 @@ diff -up openssl-1.1.1c/crypto/ec/ecp_nistz256.c.s390x-ecc openssl-1.1.1c/crypto
|
|||||||
ecp_nistz256_inv_mod_ord, /* can be #define-d NULL */
|
ecp_nistz256_inv_mod_ord, /* can be #define-d NULL */
|
||||||
0, /* blind_coordinates */
|
0, /* blind_coordinates */
|
||||||
0, /* ladder_pre */
|
0, /* ladder_pre */
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ecp_s390x_nistp.c.s390x-ecc openssl-1.1.1c/crypto/ec/ecp_s390x_nistp.c
|
diff -up openssl-1.1.1g/crypto/ec/ecp_s390x_nistp.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_s390x_nistp.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ecp_s390x_nistp.c.s390x-ecc 2019-11-20 11:36:02.195860363 +0100
|
--- openssl-1.1.1g/crypto/ec/ecp_s390x_nistp.c.s390x-ecc 2020-05-18 12:45:44.571266557 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ecp_s390x_nistp.c 2019-11-20 11:36:02.195860363 +0100
|
+++ openssl-1.1.1g/crypto/ec/ecp_s390x_nistp.c 2020-05-18 12:45:44.571266557 +0200
|
||||||
@@ -0,0 +1,394 @@
|
@@ -0,0 +1,394 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -583,7 +562,7 @@ diff -up openssl-1.1.1c/crypto/ec/ecp_s390x_nistp.c.s390x-ecc openssl-1.1.1c/cry
|
|||||||
+#include <string.h>
|
+#include <string.h>
|
||||||
+#include <openssl/err.h>
|
+#include <openssl/err.h>
|
||||||
+#include <openssl/rand.h>
|
+#include <openssl/rand.h>
|
||||||
+#include "ec_lcl.h"
|
+#include "ec_local.h"
|
||||||
+#include "s390x_arch.h"
|
+#include "s390x_arch.h"
|
||||||
+
|
+
|
||||||
+/* Size of parameter blocks */
|
+/* Size of parameter blocks */
|
||||||
@ -964,9 +943,9 @@ diff -up openssl-1.1.1c/crypto/ec/ecp_s390x_nistp.c.s390x-ecc openssl-1.1.1c/cry
|
|||||||
+EC_GFP_S390X_NISTP_METHOD(256)
|
+EC_GFP_S390X_NISTP_METHOD(256)
|
||||||
+EC_GFP_S390X_NISTP_METHOD(384)
|
+EC_GFP_S390X_NISTP_METHOD(384)
|
||||||
+EC_GFP_S390X_NISTP_METHOD(521)
|
+EC_GFP_S390X_NISTP_METHOD(521)
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ecp_smpl.c.s390x-ecc openssl-1.1.1c/crypto/ec/ecp_smpl.c
|
diff -up openssl-1.1.1g/crypto/ec/ecp_smpl.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecp_smpl.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ecp_smpl.c.s390x-ecc 2019-11-20 11:36:02.066862626 +0100
|
--- openssl-1.1.1g/crypto/ec/ecp_smpl.c.s390x-ecc 2020-05-18 12:45:40.769233514 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ecp_smpl.c 2019-11-20 11:36:02.195860363 +0100
|
+++ openssl-1.1.1g/crypto/ec/ecp_smpl.c 2020-05-18 12:45:44.572266566 +0200
|
||||||
@@ -64,6 +64,9 @@ const EC_METHOD *EC_GFp_simple_method(vo
|
@@ -64,6 +64,9 @@ const EC_METHOD *EC_GFp_simple_method(vo
|
||||||
0, /* keycopy */
|
0, /* keycopy */
|
||||||
0, /* keyfinish */
|
0, /* keyfinish */
|
||||||
@ -977,9 +956,9 @@ diff -up openssl-1.1.1c/crypto/ec/ecp_smpl.c.s390x-ecc openssl-1.1.1c/crypto/ec/
|
|||||||
0, /* field_inverse_mod_ord */
|
0, /* field_inverse_mod_ord */
|
||||||
ec_GFp_simple_blind_coordinates,
|
ec_GFp_simple_blind_coordinates,
|
||||||
ec_GFp_simple_ladder_pre,
|
ec_GFp_simple_ladder_pre,
|
||||||
diff -up openssl-1.1.1c/crypto/ec/ecx_meth.c.s390x-ecc openssl-1.1.1c/crypto/ec/ecx_meth.c
|
diff -up openssl-1.1.1g/crypto/ec/ecx_meth.c.s390x-ecc openssl-1.1.1g/crypto/ec/ecx_meth.c
|
||||||
--- openssl-1.1.1c/crypto/ec/ecx_meth.c.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/ec/ecx_meth.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/ec/ecx_meth.c 2019-11-20 11:36:02.196860345 +0100
|
+++ openssl-1.1.1g/crypto/ec/ecx_meth.c 2020-05-18 12:45:44.573266575 +0200
|
||||||
@@ -20,6 +20,7 @@
|
@@ -20,6 +20,7 @@
|
||||||
#define X25519_BITS 253
|
#define X25519_BITS 253
|
||||||
#define X25519_SECURITY_BITS 128
|
#define X25519_SECURITY_BITS 128
|
||||||
@ -995,7 +974,7 @@ diff -up openssl-1.1.1c/crypto/ec/ecx_meth.c.s390x-ecc openssl-1.1.1c/crypto/ec/
|
|||||||
+
|
+
|
||||||
+#ifdef S390X_EC_ASM
|
+#ifdef S390X_EC_ASM
|
||||||
+# include "s390x_arch.h"
|
+# include "s390x_arch.h"
|
||||||
+# include "internal/constant_time_locl.h"
|
+# include "internal/constant_time.h"
|
||||||
+
|
+
|
||||||
+static void s390x_x25519_mod_p(unsigned char u[32])
|
+static void s390x_x25519_mod_p(unsigned char u[32])
|
||||||
+{
|
+{
|
||||||
@ -1655,10 +1634,10 @@ diff -up openssl-1.1.1c/crypto/ec/ecx_meth.c.s390x-ecc openssl-1.1.1c/crypto/ec/
|
|||||||
+#endif
|
+#endif
|
||||||
+ return &ed448_pkey_meth;
|
+ return &ed448_pkey_meth;
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1c/crypto/err/openssl.txt.s390x-ecc openssl-1.1.1c/crypto/err/openssl.txt
|
diff -up openssl-1.1.1g/crypto/err/openssl.txt.s390x-ecc openssl-1.1.1g/crypto/err/openssl.txt
|
||||||
--- openssl-1.1.1c/crypto/err/openssl.txt.s390x-ecc 2019-11-20 11:36:02.158861012 +0100
|
--- openssl-1.1.1g/crypto/err/openssl.txt.s390x-ecc 2020-05-18 12:45:40.834234079 +0200
|
||||||
+++ openssl-1.1.1c/crypto/err/openssl.txt 2019-11-20 11:36:02.196860345 +0100
|
+++ openssl-1.1.1g/crypto/err/openssl.txt 2020-05-18 12:45:44.575266592 +0200
|
||||||
@@ -495,6 +495,11 @@ EC_F_ECDSA_SIGN_EX:254:ECDSA_sign_ex
|
@@ -496,6 +496,11 @@ EC_F_ECDSA_SIGN_EX:254:ECDSA_sign_ex
|
||||||
EC_F_ECDSA_SIGN_SETUP:248:ECDSA_sign_setup
|
EC_F_ECDSA_SIGN_SETUP:248:ECDSA_sign_setup
|
||||||
EC_F_ECDSA_SIG_NEW:265:ECDSA_SIG_new
|
EC_F_ECDSA_SIG_NEW:265:ECDSA_SIG_new
|
||||||
EC_F_ECDSA_VERIFY:253:ECDSA_verify
|
EC_F_ECDSA_VERIFY:253:ECDSA_verify
|
||||||
@ -1670,7 +1649,7 @@ diff -up openssl-1.1.1c/crypto/err/openssl.txt.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
EC_F_ECD_ITEM_VERIFY:270:ecd_item_verify
|
EC_F_ECD_ITEM_VERIFY:270:ecd_item_verify
|
||||||
EC_F_ECKEY_PARAM2TYPE:223:eckey_param2type
|
EC_F_ECKEY_PARAM2TYPE:223:eckey_param2type
|
||||||
EC_F_ECKEY_PARAM_DECODE:212:eckey_param_decode
|
EC_F_ECKEY_PARAM_DECODE:212:eckey_param_decode
|
||||||
@@ -656,6 +661,7 @@ EC_F_NISTP521_PRE_COMP_NEW:237:nistp521_
|
@@ -657,6 +662,7 @@ EC_F_NISTP521_PRE_COMP_NEW:237:nistp521_
|
||||||
EC_F_O2I_ECPUBLICKEY:152:o2i_ECPublicKey
|
EC_F_O2I_ECPUBLICKEY:152:o2i_ECPublicKey
|
||||||
EC_F_OLD_EC_PRIV_DECODE:222:old_ec_priv_decode
|
EC_F_OLD_EC_PRIV_DECODE:222:old_ec_priv_decode
|
||||||
EC_F_OSSL_ECDH_COMPUTE_KEY:247:ossl_ecdh_compute_key
|
EC_F_OSSL_ECDH_COMPUTE_KEY:247:ossl_ecdh_compute_key
|
||||||
@ -1678,7 +1657,7 @@ diff -up openssl-1.1.1c/crypto/err/openssl.txt.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
EC_F_OSSL_ECDSA_SIGN_SIG:249:ossl_ecdsa_sign_sig
|
EC_F_OSSL_ECDSA_SIGN_SIG:249:ossl_ecdsa_sign_sig
|
||||||
EC_F_OSSL_ECDSA_VERIFY_SIG:250:ossl_ecdsa_verify_sig
|
EC_F_OSSL_ECDSA_VERIFY_SIG:250:ossl_ecdsa_verify_sig
|
||||||
EC_F_PKEY_ECD_CTRL:271:pkey_ecd_ctrl
|
EC_F_PKEY_ECD_CTRL:271:pkey_ecd_ctrl
|
||||||
@@ -671,6 +677,12 @@ EC_F_PKEY_EC_KDF_DERIVE:283:pkey_ec_kdf_
|
@@ -672,6 +678,12 @@ EC_F_PKEY_EC_KDF_DERIVE:283:pkey_ec_kdf_
|
||||||
EC_F_PKEY_EC_KEYGEN:199:pkey_ec_keygen
|
EC_F_PKEY_EC_KEYGEN:199:pkey_ec_keygen
|
||||||
EC_F_PKEY_EC_PARAMGEN:219:pkey_ec_paramgen
|
EC_F_PKEY_EC_PARAMGEN:219:pkey_ec_paramgen
|
||||||
EC_F_PKEY_EC_SIGN:218:pkey_ec_sign
|
EC_F_PKEY_EC_SIGN:218:pkey_ec_sign
|
||||||
@ -1691,7 +1670,7 @@ diff -up openssl-1.1.1c/crypto/err/openssl.txt.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
EC_F_VALIDATE_ECX_DERIVE:278:validate_ecx_derive
|
EC_F_VALIDATE_ECX_DERIVE:278:validate_ecx_derive
|
||||||
ENGINE_F_DIGEST_UPDATE:198:digest_update
|
ENGINE_F_DIGEST_UPDATE:198:digest_update
|
||||||
ENGINE_F_DYNAMIC_CTRL:180:dynamic_ctrl
|
ENGINE_F_DYNAMIC_CTRL:180:dynamic_ctrl
|
||||||
@@ -2149,6 +2161,7 @@ EC_R_BUFFER_TOO_SMALL:100:buffer too sma
|
@@ -2160,6 +2172,7 @@ EC_R_BUFFER_TOO_SMALL:100:buffer too sma
|
||||||
EC_R_CANNOT_INVERT:165:cannot invert
|
EC_R_CANNOT_INVERT:165:cannot invert
|
||||||
EC_R_COORDINATES_OUT_OF_RANGE:146:coordinates out of range
|
EC_R_COORDINATES_OUT_OF_RANGE:146:coordinates out of range
|
||||||
EC_R_CURVE_DOES_NOT_SUPPORT_ECDH:160:curve does not support ecdh
|
EC_R_CURVE_DOES_NOT_SUPPORT_ECDH:160:curve does not support ecdh
|
||||||
@ -1699,11 +1678,11 @@ diff -up openssl-1.1.1c/crypto/err/openssl.txt.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING:159:curve does not support signing
|
EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING:159:curve does not support signing
|
||||||
EC_R_D2I_ECPKPARAMETERS_FAILURE:117:d2i ecpkparameters failure
|
EC_R_D2I_ECPKPARAMETERS_FAILURE:117:d2i ecpkparameters failure
|
||||||
EC_R_DECODE_ERROR:142:decode error
|
EC_R_DECODE_ERROR:142:decode error
|
||||||
diff -up openssl-1.1.1c/crypto/evp/pmeth_lib.c.s390x-ecc openssl-1.1.1c/crypto/evp/pmeth_lib.c
|
diff -up openssl-1.1.1g/crypto/evp/pmeth_lib.c.s390x-ecc openssl-1.1.1g/crypto/evp/pmeth_lib.c
|
||||||
--- openssl-1.1.1c/crypto/evp/pmeth_lib.c.s390x-ecc 2019-11-20 11:36:02.105861942 +0100
|
--- openssl-1.1.1g/crypto/evp/pmeth_lib.c.s390x-ecc 2020-05-18 12:45:40.787233671 +0200
|
||||||
+++ openssl-1.1.1c/crypto/evp/pmeth_lib.c 2019-11-20 11:36:02.197860328 +0100
|
+++ openssl-1.1.1g/crypto/evp/pmeth_lib.c 2020-05-18 12:45:44.576266601 +0200
|
||||||
@@ -17,60 +17,67 @@
|
@@ -17,60 +17,67 @@
|
||||||
#include "internal/evp_int.h"
|
#include "crypto/evp.h"
|
||||||
#include "internal/numbers.h"
|
#include "internal/numbers.h"
|
||||||
|
|
||||||
+typedef const EVP_PKEY_METHOD *(*pmeth_fn)(void);
|
+typedef const EVP_PKEY_METHOD *(*pmeth_fn)(void);
|
||||||
@ -1833,9 +1812,9 @@ diff -up openssl-1.1.1c/crypto/evp/pmeth_lib.c.s390x-ecc openssl-1.1.1c/crypto/e
|
|||||||
if (app_pkey_methods == NULL)
|
if (app_pkey_methods == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
idx -= OSSL_NELEM(standard_methods);
|
idx -= OSSL_NELEM(standard_methods);
|
||||||
diff -up openssl-1.1.1c/crypto/hmac/hm_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/hmac/hm_pmeth.c
|
diff -up openssl-1.1.1g/crypto/hmac/hm_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/hmac/hm_pmeth.c
|
||||||
--- openssl-1.1.1c/crypto/hmac/hm_pmeth.c.s390x-ecc 2019-11-20 11:36:02.115861766 +0100
|
--- openssl-1.1.1g/crypto/hmac/hm_pmeth.c.s390x-ecc 2020-05-18 12:45:40.796233749 +0200
|
||||||
+++ openssl-1.1.1c/crypto/hmac/hm_pmeth.c 2019-11-20 11:36:02.197860328 +0100
|
+++ openssl-1.1.1g/crypto/hmac/hm_pmeth.c 2020-05-18 12:45:44.576266601 +0200
|
||||||
@@ -210,3 +210,8 @@ const EVP_PKEY_METHOD hmac_pkey_meth = {
|
@@ -210,3 +210,8 @@ const EVP_PKEY_METHOD hmac_pkey_meth = {
|
||||||
pkey_hmac_ctrl,
|
pkey_hmac_ctrl,
|
||||||
pkey_hmac_ctrl_str
|
pkey_hmac_ctrl_str
|
||||||
@ -1845,35 +1824,9 @@ diff -up openssl-1.1.1c/crypto/hmac/hm_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/h
|
|||||||
+{
|
+{
|
||||||
+ return &hmac_pkey_meth;
|
+ return &hmac_pkey_meth;
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1c/crypto/include/internal/evp_int.h.s390x-ecc openssl-1.1.1c/crypto/include/internal/evp_int.h
|
diff -up openssl-1.1.1g/crypto/kdf/hkdf.c.s390x-ecc openssl-1.1.1g/crypto/kdf/hkdf.c
|
||||||
--- openssl-1.1.1c/crypto/include/internal/evp_int.h.s390x-ecc 2019-11-20 11:36:02.158861012 +0100
|
--- openssl-1.1.1g/crypto/kdf/hkdf.c.s390x-ecc 2020-05-18 12:45:40.826234009 +0200
|
||||||
+++ openssl-1.1.1c/crypto/include/internal/evp_int.h 2019-11-20 11:36:02.197860328 +0100
|
+++ openssl-1.1.1g/crypto/kdf/hkdf.c 2020-05-18 12:45:44.577266609 +0200
|
||||||
@@ -459,3 +459,22 @@ void evp_encode_ctx_set_flags(EVP_ENCODE
|
|
||||||
#define EVP_ENCODE_CTX_NO_NEWLINES 1
|
|
||||||
/* Use the SRP base64 alphabet instead of the standard one */
|
|
||||||
#define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2
|
|
||||||
+
|
|
||||||
+const EVP_PKEY_METHOD *cmac_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *dh_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *dhx_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *dsa_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *ec_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *sm2_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *ecx25519_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *ecx448_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *ed25519_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *ed448_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *hmac_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *rsa_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *rsa_pss_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *scrypt_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *tls1_prf_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *hkdf_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *poly1305_pkey_method(void);
|
|
||||||
+const EVP_PKEY_METHOD *siphash_pkey_method(void);
|
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/hkdf.c.s390x-ecc openssl-1.1.1c/crypto/kdf/hkdf.c
|
|
||||||
--- openssl-1.1.1c/crypto/kdf/hkdf.c.s390x-ecc 2019-11-20 11:36:02.148861187 +0100
|
|
||||||
+++ openssl-1.1.1c/crypto/kdf/hkdf.c 2019-11-20 11:36:02.198860310 +0100
|
|
||||||
@@ -233,6 +233,11 @@ const EVP_KDF_METHOD hkdf_kdf_meth = {
|
@@ -233,6 +233,11 @@ const EVP_KDF_METHOD hkdf_kdf_meth = {
|
||||||
kdf_hkdf_derive
|
kdf_hkdf_derive
|
||||||
};
|
};
|
||||||
@ -1886,10 +1839,10 @@ diff -up openssl-1.1.1c/crypto/kdf/hkdf.c.s390x-ecc openssl-1.1.1c/crypto/kdf/hk
|
|||||||
static int HKDF(const EVP_MD *evp_md,
|
static int HKDF(const EVP_MD *evp_md,
|
||||||
const unsigned char *salt, size_t salt_len,
|
const unsigned char *salt, size_t salt_len,
|
||||||
const unsigned char *key, size_t key_len,
|
const unsigned char *key, size_t key_len,
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/scrypt.c.s390x-ecc openssl-1.1.1c/crypto/kdf/scrypt.c
|
diff -up openssl-1.1.1g/crypto/kdf/scrypt.c.s390x-ecc openssl-1.1.1g/crypto/kdf/scrypt.c
|
||||||
--- openssl-1.1.1c/crypto/kdf/scrypt.c.s390x-ecc 2019-11-20 11:36:02.149861170 +0100
|
--- openssl-1.1.1g/crypto/kdf/scrypt.c.s390x-ecc 2020-05-18 12:45:40.827234018 +0200
|
||||||
+++ openssl-1.1.1c/crypto/kdf/scrypt.c 2019-11-20 11:36:02.198860310 +0100
|
+++ openssl-1.1.1g/crypto/kdf/scrypt.c 2020-05-18 12:45:44.578266618 +0200
|
||||||
@@ -503,4 +503,9 @@ static int scrypt_alg(const char *pass,
|
@@ -504,4 +504,9 @@ static int scrypt_alg(const char *pass,
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1899,9 +1852,9 @@ diff -up openssl-1.1.1c/crypto/kdf/scrypt.c.s390x-ecc openssl-1.1.1c/crypto/kdf/
|
|||||||
+}
|
+}
|
||||||
+
|
+
|
||||||
#endif
|
#endif
|
||||||
diff -up openssl-1.1.1c/crypto/kdf/tls1_prf.c.s390x-ecc openssl-1.1.1c/crypto/kdf/tls1_prf.c
|
diff -up openssl-1.1.1g/crypto/kdf/tls1_prf.c.s390x-ecc openssl-1.1.1g/crypto/kdf/tls1_prf.c
|
||||||
--- openssl-1.1.1c/crypto/kdf/tls1_prf.c.s390x-ecc 2019-11-20 11:36:02.149861170 +0100
|
--- openssl-1.1.1g/crypto/kdf/tls1_prf.c.s390x-ecc 2020-05-18 12:45:40.828234027 +0200
|
||||||
+++ openssl-1.1.1c/crypto/kdf/tls1_prf.c 2019-11-20 11:36:02.198860310 +0100
|
+++ openssl-1.1.1g/crypto/kdf/tls1_prf.c 2020-05-18 12:45:44.578266618 +0200
|
||||||
@@ -168,6 +168,11 @@ const EVP_KDF_METHOD tls1_prf_kdf_meth =
|
@@ -168,6 +168,11 @@ const EVP_KDF_METHOD tls1_prf_kdf_meth =
|
||||||
kdf_tls1_prf_derive
|
kdf_tls1_prf_derive
|
||||||
};
|
};
|
||||||
@ -1914,9 +1867,9 @@ diff -up openssl-1.1.1c/crypto/kdf/tls1_prf.c.s390x-ecc openssl-1.1.1c/crypto/kd
|
|||||||
static int tls1_prf_P_hash(const EVP_MD *md,
|
static int tls1_prf_P_hash(const EVP_MD *md,
|
||||||
const unsigned char *sec, size_t sec_len,
|
const unsigned char *sec, size_t sec_len,
|
||||||
const unsigned char *seed, size_t seed_len,
|
const unsigned char *seed, size_t seed_len,
|
||||||
diff -up openssl-1.1.1c/crypto/poly1305/poly1305_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/poly1305/poly1305_pmeth.c
|
diff -up openssl-1.1.1g/crypto/poly1305/poly1305_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/poly1305/poly1305_pmeth.c
|
||||||
--- openssl-1.1.1c/crypto/poly1305/poly1305_pmeth.c.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/poly1305/poly1305_pmeth.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/poly1305/poly1305_pmeth.c 2019-11-20 11:36:02.199860293 +0100
|
+++ openssl-1.1.1g/crypto/poly1305/poly1305_pmeth.c 2020-05-18 12:45:44.579266627 +0200
|
||||||
@@ -192,3 +192,8 @@ const EVP_PKEY_METHOD poly1305_pkey_meth
|
@@ -192,3 +192,8 @@ const EVP_PKEY_METHOD poly1305_pkey_meth
|
||||||
pkey_poly1305_ctrl,
|
pkey_poly1305_ctrl,
|
||||||
pkey_poly1305_ctrl_str
|
pkey_poly1305_ctrl_str
|
||||||
@ -1926,9 +1879,9 @@ diff -up openssl-1.1.1c/crypto/poly1305/poly1305_pmeth.c.s390x-ecc openssl-1.1.1
|
|||||||
+{
|
+{
|
||||||
+ return &poly1305_pkey_meth;
|
+ return &poly1305_pkey_meth;
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1c/crypto/rsa/rsa_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/rsa/rsa_pmeth.c
|
diff -up openssl-1.1.1g/crypto/rsa/rsa_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/rsa/rsa_pmeth.c
|
||||||
--- openssl-1.1.1c/crypto/rsa/rsa_pmeth.c.s390x-ecc 2019-11-20 11:36:02.117861731 +0100
|
--- openssl-1.1.1g/crypto/rsa/rsa_pmeth.c.s390x-ecc 2020-05-18 12:45:40.798233766 +0200
|
||||||
+++ openssl-1.1.1c/crypto/rsa/rsa_pmeth.c 2019-11-20 11:36:02.199860293 +0100
|
+++ openssl-1.1.1g/crypto/rsa/rsa_pmeth.c 2020-05-18 12:45:44.580266635 +0200
|
||||||
@@ -789,6 +789,11 @@ const EVP_PKEY_METHOD rsa_pkey_meth = {
|
@@ -789,6 +789,11 @@ const EVP_PKEY_METHOD rsa_pkey_meth = {
|
||||||
pkey_rsa_ctrl_str
|
pkey_rsa_ctrl_str
|
||||||
};
|
};
|
||||||
@ -1950,9 +1903,9 @@ diff -up openssl-1.1.1c/crypto/rsa/rsa_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/r
|
|||||||
+{
|
+{
|
||||||
+ return &rsa_pss_pkey_meth;
|
+ return &rsa_pss_pkey_meth;
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1c/crypto/s390x_arch.h.s390x-ecc openssl-1.1.1c/crypto/s390x_arch.h
|
diff -up openssl-1.1.1g/crypto/s390x_arch.h.s390x-ecc openssl-1.1.1g/crypto/s390x_arch.h
|
||||||
--- openssl-1.1.1c/crypto/s390x_arch.h.s390x-ecc 2019-11-20 11:36:01.867866116 +0100
|
--- openssl-1.1.1g/crypto/s390x_arch.h.s390x-ecc 2020-05-18 12:45:40.603232072 +0200
|
||||||
+++ openssl-1.1.1c/crypto/s390x_arch.h 2019-11-20 11:36:02.199860293 +0100
|
+++ openssl-1.1.1g/crypto/s390x_arch.h 2020-05-18 12:45:44.580266635 +0200
|
||||||
@@ -26,6 +26,12 @@ void s390x_kmf(const unsigned char *in,
|
@@ -26,6 +26,12 @@ void s390x_kmf(const unsigned char *in,
|
||||||
unsigned int fc, void *param);
|
unsigned int fc, void *param);
|
||||||
void s390x_kma(const unsigned char *aad, size_t alen, const unsigned char *in,
|
void s390x_kma(const unsigned char *aad, size_t alen, const unsigned char *in,
|
||||||
@ -2023,9 +1976,9 @@ diff -up openssl-1.1.1c/crypto/s390x_arch.h.s390x-ecc openssl-1.1.1c/crypto/s390
|
|||||||
+# define S390X_KDSA_D 0x80
|
+# define S390X_KDSA_D 0x80
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
diff -up openssl-1.1.1c/crypto/s390xcpuid.pl.s390x-ecc openssl-1.1.1c/crypto/s390xcpuid.pl
|
diff -up openssl-1.1.1g/crypto/s390xcpuid.pl.s390x-ecc openssl-1.1.1g/crypto/s390xcpuid.pl
|
||||||
--- openssl-1.1.1c/crypto/s390xcpuid.pl.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/s390xcpuid.pl.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/s390xcpuid.pl 2019-11-20 11:36:02.199860293 +0100
|
+++ openssl-1.1.1g/crypto/s390xcpuid.pl 2020-05-18 12:45:44.581266644 +0200
|
||||||
@@ -58,6 +58,10 @@ OPENSSL_s390x_facilities:
|
@@ -58,6 +58,10 @@ OPENSSL_s390x_facilities:
|
||||||
stg %r0,S390X_PRNO+8(%r4)
|
stg %r0,S390X_PRNO+8(%r4)
|
||||||
stg %r0,S390X_KMA(%r4)
|
stg %r0,S390X_KMA(%r4)
|
||||||
@ -2195,9 +2148,9 @@ diff -up openssl-1.1.1c/crypto/s390xcpuid.pl.s390x-ecc openssl-1.1.1c/crypto/s39
|
|||||||
$code.=<<___;
|
$code.=<<___;
|
||||||
.section .init
|
.section .init
|
||||||
brasl $ra,OPENSSL_cpuid_setup
|
brasl $ra,OPENSSL_cpuid_setup
|
||||||
diff -up openssl-1.1.1c/crypto/siphash/siphash_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/siphash/siphash_pmeth.c
|
diff -up openssl-1.1.1g/crypto/siphash/siphash_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/siphash/siphash_pmeth.c
|
||||||
--- openssl-1.1.1c/crypto/siphash/siphash_pmeth.c.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/siphash/siphash_pmeth.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/siphash/siphash_pmeth.c 2019-11-20 11:36:02.200860275 +0100
|
+++ openssl-1.1.1g/crypto/siphash/siphash_pmeth.c 2020-05-18 12:45:44.581266644 +0200
|
||||||
@@ -203,3 +203,8 @@ const EVP_PKEY_METHOD siphash_pkey_meth
|
@@ -203,3 +203,8 @@ const EVP_PKEY_METHOD siphash_pkey_meth
|
||||||
pkey_siphash_ctrl,
|
pkey_siphash_ctrl,
|
||||||
pkey_siphash_ctrl_str
|
pkey_siphash_ctrl_str
|
||||||
@ -2207,10 +2160,10 @@ diff -up openssl-1.1.1c/crypto/siphash/siphash_pmeth.c.s390x-ecc openssl-1.1.1c/
|
|||||||
+{
|
+{
|
||||||
+ return &siphash_pkey_meth;
|
+ return &siphash_pkey_meth;
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1c/crypto/sm2/sm2_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/sm2/sm2_pmeth.c
|
diff -up openssl-1.1.1g/crypto/sm2/sm2_pmeth.c.s390x-ecc openssl-1.1.1g/crypto/sm2/sm2_pmeth.c
|
||||||
--- openssl-1.1.1c/crypto/sm2/sm2_pmeth.c.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/crypto/sm2/sm2_pmeth.c.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/crypto/sm2/sm2_pmeth.c 2019-11-20 11:36:02.200860275 +0100
|
+++ openssl-1.1.1g/crypto/sm2/sm2_pmeth.c 2020-05-18 12:45:44.582266653 +0200
|
||||||
@@ -323,3 +323,8 @@ const EVP_PKEY_METHOD sm2_pkey_meth = {
|
@@ -327,3 +327,8 @@ const EVP_PKEY_METHOD sm2_pkey_meth = {
|
||||||
|
|
||||||
pkey_sm2_digest_custom
|
pkey_sm2_digest_custom
|
||||||
};
|
};
|
||||||
@ -2219,10 +2172,36 @@ diff -up openssl-1.1.1c/crypto/sm2/sm2_pmeth.c.s390x-ecc openssl-1.1.1c/crypto/s
|
|||||||
+{
|
+{
|
||||||
+ return &sm2_pkey_meth;
|
+ return &sm2_pkey_meth;
|
||||||
+}
|
+}
|
||||||
diff -up openssl-1.1.1c/include/internal/constant_time_locl.h.s390x-ecc openssl-1.1.1c/include/internal/constant_time_locl.h
|
diff -up openssl-1.1.1g/include/crypto/evp.h.s390x-ecc openssl-1.1.1g/include/crypto/evp.h
|
||||||
--- openssl-1.1.1c/include/internal/constant_time_locl.h.s390x-ecc 2019-11-20 11:36:02.176860696 +0100
|
--- openssl-1.1.1g/include/crypto/evp.h.s390x-ecc 2020-05-18 12:45:40.834234079 +0200
|
||||||
+++ openssl-1.1.1c/include/internal/constant_time_locl.h 2019-11-20 11:36:02.200860275 +0100
|
+++ openssl-1.1.1g/include/crypto/evp.h 2020-05-18 12:45:44.577266609 +0200
|
||||||
@@ -347,6 +347,34 @@ static ossl_inline void constant_time_co
|
@@ -459,3 +459,22 @@ void evp_encode_ctx_set_flags(EVP_ENCODE
|
||||||
|
#define EVP_ENCODE_CTX_NO_NEWLINES 1
|
||||||
|
/* Use the SRP base64 alphabet instead of the standard one */
|
||||||
|
#define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2
|
||||||
|
+
|
||||||
|
+const EVP_PKEY_METHOD *cmac_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *dh_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *dhx_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *dsa_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *ec_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *sm2_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *ecx25519_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *ecx448_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *ed25519_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *ed448_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *hmac_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *rsa_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *rsa_pss_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *scrypt_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *tls1_prf_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *hkdf_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *poly1305_pkey_method(void);
|
||||||
|
+const EVP_PKEY_METHOD *siphash_pkey_method(void);
|
||||||
|
diff -up openssl-1.1.1g/include/internal/constant_time.h.s390x-ecc openssl-1.1.1g/include/internal/constant_time.h
|
||||||
|
--- openssl-1.1.1g/include/internal/constant_time.h.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
|
+++ openssl-1.1.1g/include/internal/constant_time.h 2020-05-18 12:45:44.582266653 +0200
|
||||||
|
@@ -353,6 +353,34 @@ static ossl_inline void constant_time_co
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -2257,10 +2236,10 @@ diff -up openssl-1.1.1c/include/internal/constant_time_locl.h.s390x-ecc openssl-
|
|||||||
* table is a two dimensional array of bytes. Each row has rowsize elements.
|
* table is a two dimensional array of bytes. Each row has rowsize elements.
|
||||||
* Copies row number idx into out. rowsize and numrows are not considered
|
* Copies row number idx into out. rowsize and numrows are not considered
|
||||||
* private.
|
* private.
|
||||||
diff -up openssl-1.1.1c/include/openssl/ecerr.h.s390x-ecc openssl-1.1.1c/include/openssl/ecerr.h
|
diff -up openssl-1.1.1g/include/openssl/ecerr.h.s390x-ecc openssl-1.1.1g/include/openssl/ecerr.h
|
||||||
--- openssl-1.1.1c/include/openssl/ecerr.h.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/include/openssl/ecerr.h.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/include/openssl/ecerr.h 2019-11-20 11:36:02.200860275 +0100
|
+++ openssl-1.1.1g/include/openssl/ecerr.h 2020-05-18 12:45:44.583266662 +0200
|
||||||
@@ -38,6 +38,11 @@ int ERR_load_EC_strings(void);
|
@@ -42,6 +42,11 @@ int ERR_load_EC_strings(void);
|
||||||
# define EC_F_ECDSA_SIGN_SETUP 248
|
# define EC_F_ECDSA_SIGN_SETUP 248
|
||||||
# define EC_F_ECDSA_SIG_NEW 265
|
# define EC_F_ECDSA_SIG_NEW 265
|
||||||
# define EC_F_ECDSA_VERIFY 253
|
# define EC_F_ECDSA_VERIFY 253
|
||||||
@ -2272,7 +2251,7 @@ diff -up openssl-1.1.1c/include/openssl/ecerr.h.s390x-ecc openssl-1.1.1c/include
|
|||||||
# define EC_F_ECD_ITEM_VERIFY 270
|
# define EC_F_ECD_ITEM_VERIFY 270
|
||||||
# define EC_F_ECKEY_PARAM2TYPE 223
|
# define EC_F_ECKEY_PARAM2TYPE 223
|
||||||
# define EC_F_ECKEY_PARAM_DECODE 212
|
# define EC_F_ECKEY_PARAM_DECODE 212
|
||||||
@@ -181,6 +186,7 @@ int ERR_load_EC_strings(void);
|
@@ -185,6 +190,7 @@ int ERR_load_EC_strings(void);
|
||||||
# define EC_F_O2I_ECPUBLICKEY 152
|
# define EC_F_O2I_ECPUBLICKEY 152
|
||||||
# define EC_F_OLD_EC_PRIV_DECODE 222
|
# define EC_F_OLD_EC_PRIV_DECODE 222
|
||||||
# define EC_F_OSSL_ECDH_COMPUTE_KEY 247
|
# define EC_F_OSSL_ECDH_COMPUTE_KEY 247
|
||||||
@ -2280,7 +2259,7 @@ diff -up openssl-1.1.1c/include/openssl/ecerr.h.s390x-ecc openssl-1.1.1c/include
|
|||||||
# define EC_F_OSSL_ECDSA_SIGN_SIG 249
|
# define EC_F_OSSL_ECDSA_SIGN_SIG 249
|
||||||
# define EC_F_OSSL_ECDSA_VERIFY_SIG 250
|
# define EC_F_OSSL_ECDSA_VERIFY_SIG 250
|
||||||
# define EC_F_PKEY_ECD_CTRL 271
|
# define EC_F_PKEY_ECD_CTRL 271
|
||||||
@@ -196,6 +202,12 @@ int ERR_load_EC_strings(void);
|
@@ -200,6 +206,12 @@ int ERR_load_EC_strings(void);
|
||||||
# define EC_F_PKEY_EC_KEYGEN 199
|
# define EC_F_PKEY_EC_KEYGEN 199
|
||||||
# define EC_F_PKEY_EC_PARAMGEN 219
|
# define EC_F_PKEY_EC_PARAMGEN 219
|
||||||
# define EC_F_PKEY_EC_SIGN 218
|
# define EC_F_PKEY_EC_SIGN 218
|
||||||
@ -2293,7 +2272,7 @@ diff -up openssl-1.1.1c/include/openssl/ecerr.h.s390x-ecc openssl-1.1.1c/include
|
|||||||
# define EC_F_VALIDATE_ECX_DERIVE 278
|
# define EC_F_VALIDATE_ECX_DERIVE 278
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -208,6 +220,7 @@ int ERR_load_EC_strings(void);
|
@@ -212,6 +224,7 @@ int ERR_load_EC_strings(void);
|
||||||
# define EC_R_CANNOT_INVERT 165
|
# define EC_R_CANNOT_INVERT 165
|
||||||
# define EC_R_COORDINATES_OUT_OF_RANGE 146
|
# define EC_R_COORDINATES_OUT_OF_RANGE 146
|
||||||
# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH 160
|
# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH 160
|
||||||
@ -2301,9 +2280,9 @@ diff -up openssl-1.1.1c/include/openssl/ecerr.h.s390x-ecc openssl-1.1.1c/include
|
|||||||
# define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING 159
|
# define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING 159
|
||||||
# define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
|
# define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
|
||||||
# define EC_R_DECODE_ERROR 142
|
# define EC_R_DECODE_ERROR 142
|
||||||
diff -up openssl-1.1.1c/test/recipes/30-test_evp_data/evppkey.txt.s390x-ecc openssl-1.1.1c/test/recipes/30-test_evp_data/evppkey.txt
|
diff -up openssl-1.1.1g/test/recipes/30-test_evp_data/evppkey.txt.s390x-ecc openssl-1.1.1g/test/recipes/30-test_evp_data/evppkey.txt
|
||||||
--- openssl-1.1.1c/test/recipes/30-test_evp_data/evppkey.txt.s390x-ecc 2019-05-28 15:12:21.000000000 +0200
|
--- openssl-1.1.1g/test/recipes/30-test_evp_data/evppkey.txt.s390x-ecc 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1c/test/recipes/30-test_evp_data/evppkey.txt 2019-11-20 11:36:02.203860223 +0100
|
+++ openssl-1.1.1g/test/recipes/30-test_evp_data/evppkey.txt 2020-05-18 12:45:44.590266722 +0200
|
||||||
@@ -814,6 +814,8 @@ PublicKeyRaw=Bob-448-PUBLIC-Raw:X448:3eb
|
@@ -814,6 +814,8 @@ PublicKeyRaw=Bob-448-PUBLIC-Raw:X448:3eb
|
||||||
|
|
||||||
PrivPubKeyPair = Bob-448-Raw:Bob-448-PUBLIC-Raw
|
PrivPubKeyPair = Bob-448-Raw:Bob-448-PUBLIC-Raw
|
||||||
|
@ -1,40 +0,0 @@
|
|||||||
diff -up openssl-1.1.1c/crypto/s390xcap.c.s390x-sigill openssl-1.1.1c/crypto/s390xcap.c
|
|
||||||
--- openssl-1.1.1c/crypto/s390xcap.c.s390x-sigill 2019-05-28 15:12:21.000000000 +0200
|
|
||||||
+++ openssl-1.1.1c/crypto/s390xcap.c 2020-02-12 17:05:54.566258533 +0100
|
|
||||||
@@ -1,5 +1,5 @@
|
|
||||||
/*
|
|
||||||
- * Copyright 2010-2017 The OpenSSL Project Authors. All Rights Reserved.
|
|
||||||
+ * Copyright 2010-2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
||||||
*
|
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
|
||||||
@@ -29,7 +29,7 @@ struct OPENSSL_s390xcap_st OPENSSL_s390x
|
|
||||||
void OPENSSL_cpuid_setup(void)
|
|
||||||
{
|
|
||||||
sigset_t oset;
|
|
||||||
- struct sigaction ill_act, oact;
|
|
||||||
+ struct sigaction ill_act, oact_ill, oact_fpe;
|
|
||||||
|
|
||||||
if (OPENSSL_s390xcap_P.stfle[0])
|
|
||||||
return;
|
|
||||||
@@ -44,8 +44,8 @@ void OPENSSL_cpuid_setup(void)
|
|
||||||
sigdelset(&ill_act.sa_mask, SIGFPE);
|
|
||||||
sigdelset(&ill_act.sa_mask, SIGTRAP);
|
|
||||||
sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
|
|
||||||
- sigaction(SIGILL, &ill_act, &oact);
|
|
||||||
- sigaction(SIGFPE, &ill_act, &oact);
|
|
||||||
+ sigaction(SIGILL, &ill_act, &oact_ill);
|
|
||||||
+ sigaction(SIGFPE, &ill_act, &oact_fpe);
|
|
||||||
|
|
||||||
/* protection against missing store-facility-list-extended */
|
|
||||||
if (sigsetjmp(ill_jmp, 1) == 0)
|
|
||||||
@@ -61,7 +61,7 @@ void OPENSSL_cpuid_setup(void)
|
|
||||||
| S390X_CAPBIT(S390X_VXE));
|
|
||||||
}
|
|
||||||
|
|
||||||
- sigaction(SIGFPE, &oact, NULL);
|
|
||||||
- sigaction(SIGILL, &oact, NULL);
|
|
||||||
+ sigaction(SIGFPE, &oact_fpe, NULL);
|
|
||||||
+ sigaction(SIGILL, &oact_ill, NULL);
|
|
||||||
sigprocmask(SIG_SETMASK, &oset, NULL);
|
|
||||||
}
|
|
@ -1,13 +1,6 @@
|
|||||||
diff -up openssl-1.1.1b/crypto/chacha/asm/chacha-s390x.pl.s390x-update openssl-1.1.1b/crypto/chacha/asm/chacha-s390x.pl
|
diff -up openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl.s390x-update openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl
|
||||||
--- openssl-1.1.1b/crypto/chacha/asm/chacha-s390x.pl.s390x-update 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl.s390x-update 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/crypto/chacha/asm/chacha-s390x.pl 2019-05-06 10:54:00.035367605 +0200
|
+++ openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl 2020-03-19 16:45:05.483440129 +0100
|
||||||
@@ -1,5 +1,5 @@
|
|
||||||
#! /usr/bin/env perl
|
|
||||||
-# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
||||||
+# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
||||||
#
|
|
||||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
|
||||||
@@ -20,41 +20,53 @@
|
@@ -20,41 +20,53 @@
|
||||||
#
|
#
|
||||||
# 3 times faster than compiler-generated code.
|
# 3 times faster than compiler-generated code.
|
||||||
@ -472,7 +465,7 @@ diff -up openssl-1.1.1b/crypto/chacha/asm/chacha-s390x.pl.s390x-update openssl-1
|
|||||||
+ vsldb (@b[$_],@b[$_],@b[$_],$odd?12:4) for (0..5);
|
+ vsldb (@b[$_],@b[$_],@b[$_],$odd?12:4) for (0..5);
|
||||||
+ vsldb (@d[$_],@d[$_],@d[$_],$odd?4:12) for (0..5);
|
+ vsldb (@d[$_],@d[$_],@d[$_],$odd?4:12) for (0..5);
|
||||||
}
|
}
|
||||||
-close STDOUT;
|
-close STDOUT or die "error closing STDOUT: $!";
|
||||||
+
|
+
|
||||||
+PERLASM_BEGIN($output);
|
+PERLASM_BEGIN($output);
|
||||||
+
|
+
|
||||||
@ -1290,9 +1283,9 @@ diff -up openssl-1.1.1b/crypto/chacha/asm/chacha-s390x.pl.s390x-update openssl-1
|
|||||||
+ALIGN (4);
|
+ALIGN (4);
|
||||||
+
|
+
|
||||||
+PERLASM_END();
|
+PERLASM_END();
|
||||||
diff -up openssl-1.1.1b/crypto/perlasm/s390x.pm.s390x-update openssl-1.1.1b/crypto/perlasm/s390x.pm
|
diff -up openssl-1.1.1e/crypto/perlasm/s390x.pm.s390x-update openssl-1.1.1e/crypto/perlasm/s390x.pm
|
||||||
--- openssl-1.1.1b/crypto/perlasm/s390x.pm.s390x-update 2019-05-06 10:54:00.037367571 +0200
|
--- openssl-1.1.1e/crypto/perlasm/s390x.pm.s390x-update 2020-03-19 16:20:22.039227394 +0100
|
||||||
+++ openssl-1.1.1b/crypto/perlasm/s390x.pm 2019-05-06 10:54:00.038367554 +0200
|
+++ openssl-1.1.1e/crypto/perlasm/s390x.pm 2020-03-19 16:20:22.039227394 +0100
|
||||||
@@ -0,0 +1,3060 @@
|
@@ -0,0 +1,3060 @@
|
||||||
+#!/usr/bin/env perl
|
+#!/usr/bin/env perl
|
||||||
+# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
+# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
@ -4354,9 +4347,9 @@ diff -up openssl-1.1.1b/crypto/perlasm/s390x.pm.s390x-update openssl-1.1.1b/cryp
|
|||||||
+}
|
+}
|
||||||
+
|
+
|
||||||
+1;
|
+1;
|
||||||
diff -up openssl-1.1.1b/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update openssl-1.1.1b/crypto/poly1305/asm/poly1305-s390x.pl
|
diff -up openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl
|
||||||
--- openssl-1.1.1b/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update 2019-02-26 15:15:30.000000000 +0100
|
--- openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update 2020-03-19 16:20:22.041227359 +0100
|
||||||
+++ openssl-1.1.1b/crypto/poly1305/asm/poly1305-s390x.pl 2019-05-06 10:54:00.036367588 +0200
|
+++ openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl 2020-03-19 16:23:22.364098257 +0100
|
||||||
@@ -24,204 +24,961 @@
|
@@ -24,204 +24,961 @@
|
||||||
#
|
#
|
||||||
# On side note, z13 enables vector base 2^26 implementation...
|
# On side note, z13 enables vector base 2^26 implementation...
|
||||||
@ -5494,11 +5487,11 @@ diff -up openssl-1.1.1b/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update opens
|
|||||||
+STRING ("\"Poly1305 for s390x, CRYPTOGAMS by <appro\@openssl.org>\"");
|
+STRING ("\"Poly1305 for s390x, CRYPTOGAMS by <appro\@openssl.org>\"");
|
||||||
|
|
||||||
-print $code;
|
-print $code;
|
||||||
-close STDOUT;
|
-close STDOUT or die "error closing STDOUT: $!";
|
||||||
+PERLASM_END();
|
+PERLASM_END();
|
||||||
diff -up openssl-1.1.1b/crypto/poly1305/build.info.s390x-update openssl-1.1.1b/crypto/poly1305/build.info
|
diff -up openssl-1.1.1e/crypto/poly1305/build.info.s390x-update openssl-1.1.1e/crypto/poly1305/build.info
|
||||||
--- openssl-1.1.1b/crypto/poly1305/build.info.s390x-update 2019-05-06 10:54:00.036367588 +0200
|
--- openssl-1.1.1e/crypto/poly1305/build.info.s390x-update 2020-03-17 15:31:17.000000000 +0100
|
||||||
+++ openssl-1.1.1b/crypto/poly1305/build.info 2019-05-06 10:56:14.964105164 +0200
|
+++ openssl-1.1.1e/crypto/poly1305/build.info 2020-03-19 16:20:22.042227342 +0100
|
||||||
@@ -18,6 +18,7 @@ INCLUDE[poly1305-armv8.o]=..
|
@@ -18,6 +18,7 @@ INCLUDE[poly1305-armv8.o]=..
|
||||||
GENERATE[poly1305-mips.S]=asm/poly1305-mips.pl $(PERLASM_SCHEME)
|
GENERATE[poly1305-mips.S]=asm/poly1305-mips.pl $(PERLASM_SCHEME)
|
||||||
INCLUDE[poly1305-mips.o]=..
|
INCLUDE[poly1305-mips.o]=..
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
diff -up openssl-1.1.1/crypto/x509/x509_vfy.c.seclevel openssl-1.1.1/crypto/x509/x509_vfy.c
|
diff -up openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel openssl-1.1.1g/crypto/x509/x509_vfy.c
|
||||||
--- openssl-1.1.1/crypto/x509/x509_vfy.c.seclevel 2018-09-11 14:48:22.000000000 +0200
|
--- openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1/crypto/x509/x509_vfy.c 2018-10-01 14:34:43.083145020 +0200
|
+++ openssl-1.1.1g/crypto/x509/x509_vfy.c 2020-06-05 17:16:54.835536823 +0200
|
||||||
@@ -3220,6 +3220,7 @@ static int build_chain(X509_STORE_CTX *c
|
@@ -3225,6 +3225,7 @@ static int build_chain(X509_STORE_CTX *c
|
||||||
}
|
}
|
||||||
|
|
||||||
static const int minbits_table[] = { 80, 112, 128, 192, 256 };
|
static const int minbits_table[] = { 80, 112, 128, 192, 256 };
|
||||||
@ -9,20 +9,23 @@ diff -up openssl-1.1.1/crypto/x509/x509_vfy.c.seclevel openssl-1.1.1/crypto/x509
|
|||||||
static const int NUM_AUTH_LEVELS = OSSL_NELEM(minbits_table);
|
static const int NUM_AUTH_LEVELS = OSSL_NELEM(minbits_table);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -3264,6 +3265,8 @@ static int check_sig_level(X509_STORE_CT
|
@@ -3276,6 +3277,11 @@ static int check_sig_level(X509_STORE_CT
|
||||||
|
|
||||||
if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL))
|
if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL))
|
||||||
return 0;
|
return 0;
|
||||||
-
|
-
|
||||||
- return secbits >= minbits_table[level - 1];
|
- return secbits >= minbits_table[level - 1];
|
||||||
+ /* Allow SHA1 in SECLEVEL 2 in non-FIPS mode */
|
+ /*
|
||||||
+ if (FIPS_mode())
|
+ * Allow SHA1 in SECLEVEL 2 in non-FIPS mode or when the magic
|
||||||
|
+ * disable SHA1 flag is not set.
|
||||||
|
+ */
|
||||||
|
+ if ((ctx->param->flags & 0x40000000) || FIPS_mode())
|
||||||
+ return secbits >= minbits_table[level - 1];
|
+ return secbits >= minbits_table[level - 1];
|
||||||
+ return secbits >= minbits_digest_table[level - 1];
|
+ return secbits >= minbits_digest_table[level - 1];
|
||||||
}
|
}
|
||||||
diff -up openssl-1.1.1/doc/man3/SSL_CTX_set_security_level.pod.seclevel openssl-1.1.1/doc/man3/SSL_CTX_set_security_level.pod
|
diff -up openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod
|
||||||
--- openssl-1.1.1/doc/man3/SSL_CTX_set_security_level.pod.seclevel 2018-09-11 14:48:22.000000000 +0200
|
--- openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1/doc/man3/SSL_CTX_set_security_level.pod 2018-10-01 14:34:43.083145020 +0200
|
+++ openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod 2020-06-04 15:48:01.608178833 +0200
|
||||||
@@ -81,8 +81,10 @@ using MD5 for the MAC is also prohibited
|
@@ -81,8 +81,10 @@ using MD5 for the MAC is also prohibited
|
||||||
|
|
||||||
=item B<Level 2>
|
=item B<Level 2>
|
||||||
@ -36,23 +39,115 @@ diff -up openssl-1.1.1/doc/man3/SSL_CTX_set_security_level.pod.seclevel openssl-
|
|||||||
In addition to the level 1 exclusions any cipher suite using RC4 is also
|
In addition to the level 1 exclusions any cipher suite using RC4 is also
|
||||||
prohibited. SSL version 3 is also not allowed. Compression is disabled.
|
prohibited. SSL version 3 is also not allowed. Compression is disabled.
|
||||||
|
|
||||||
diff -up openssl-1.1.1/ssl/ssl_cert.c.seclevel openssl-1.1.1/ssl/ssl_cert.c
|
diff -up openssl-1.1.1g/ssl/ssl_cert.c.seclevel openssl-1.1.1g/ssl/ssl_cert.c
|
||||||
--- openssl-1.1.1/ssl/ssl_cert.c.seclevel 2018-09-11 14:48:23.000000000 +0200
|
--- openssl-1.1.1g/ssl/ssl_cert.c.seclevel 2020-04-21 14:22:39.000000000 +0200
|
||||||
+++ openssl-1.1.1/ssl/ssl_cert.c 2018-10-12 15:29:12.673799305 +0200
|
+++ openssl-1.1.1g/ssl/ssl_cert.c 2020-06-05 17:10:11.842198401 +0200
|
||||||
@@ -983,6 +983,9 @@ static int ssl_security_default_callback
|
@@ -27,6 +27,7 @@
|
||||||
|
static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx,
|
||||||
|
int op, int bits, int nid, void *other,
|
||||||
|
void *ex);
|
||||||
|
+static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx);
|
||||||
|
|
||||||
|
static CRYPTO_ONCE ssl_x509_store_ctx_once = CRYPTO_ONCE_STATIC_INIT;
|
||||||
|
static volatile int ssl_x509_store_ctx_idx = -1;
|
||||||
|
@@ -396,7 +397,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_
|
||||||
|
X509_VERIFY_PARAM_set_auth_level(param, SSL_get_security_level(s));
|
||||||
|
|
||||||
|
/* Set suite B flags if needed */
|
||||||
|
- X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s));
|
||||||
|
+ X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s) | sha1_disable(s, NULL));
|
||||||
|
if (!X509_STORE_CTX_set_ex_data
|
||||||
|
(ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s)) {
|
||||||
|
goto end;
|
||||||
|
@@ -953,12 +954,33 @@ static int ssl_security_default_callback
|
||||||
return 0;
|
return 0;
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
+ /* allow SHA1 in SECLEVEL 2 in non FIPS mode */
|
+ /* allow SHA1 in SECLEVEL 2 in non FIPS mode */
|
||||||
+ if (nid == NID_sha1 && minbits == 112 && !FIPS_mode())
|
+ if (nid == NID_sha1 && minbits == 112 && !sha1_disable(s, ctx))
|
||||||
+ break;
|
+ break;
|
||||||
if (bits < minbits)
|
if (bits < minbits)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
diff -up openssl-1.1.1/test/recipes/25-test_verify.t.seclevel openssl-1.1.1/test/recipes/25-test_verify.t
|
return 1;
|
||||||
--- openssl-1.1.1/test/recipes/25-test_verify.t.seclevel 2018-09-11 14:48:24.000000000 +0200
|
}
|
||||||
+++ openssl-1.1.1/test/recipes/25-test_verify.t 2018-10-01 14:34:43.084145044 +0200
|
|
||||||
@@ -342,8 +342,8 @@ ok(verify("ee-pss-sha1-cert", "sslserver
|
+static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx)
|
||||||
|
+{
|
||||||
|
+ unsigned long ret = 0x40000000; /* a magical internal value used by X509_VERIFY_PARAM */
|
||||||
|
+ const CERT *c;
|
||||||
|
+
|
||||||
|
+ if (FIPS_mode())
|
||||||
|
+ return ret;
|
||||||
|
+
|
||||||
|
+ if (ctx != NULL) {
|
||||||
|
+ c = ctx->cert;
|
||||||
|
+ } else {
|
||||||
|
+ c = s->cert;
|
||||||
|
+ }
|
||||||
|
+ if (tls1_cert_sigalgs_have_sha1(c))
|
||||||
|
+ return 0;
|
||||||
|
+ return ret;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
int ssl_security(const SSL *s, int op, int bits, int nid, void *other)
|
||||||
|
{
|
||||||
|
return s->cert->sec_cb(s, NULL, op, bits, nid, other, s->cert->sec_ex);
|
||||||
|
diff -up openssl-1.1.1g/ssl/ssl_local.h.seclevel openssl-1.1.1g/ssl/ssl_local.h
|
||||||
|
--- openssl-1.1.1g/ssl/ssl_local.h.seclevel 2020-06-04 15:48:01.602178783 +0200
|
||||||
|
+++ openssl-1.1.1g/ssl/ssl_local.h 2020-06-05 17:02:22.666313410 +0200
|
||||||
|
@@ -2576,6 +2576,7 @@ __owur int tls1_save_sigalgs(SSL *s, PAC
|
||||||
|
__owur int tls1_process_sigalgs(SSL *s);
|
||||||
|
__owur int tls1_set_peer_legacy_sigalg(SSL *s, const EVP_PKEY *pkey);
|
||||||
|
__owur int tls1_lookup_md(const SIGALG_LOOKUP *lu, const EVP_MD **pmd);
|
||||||
|
+int tls1_cert_sigalgs_have_sha1(const CERT *c);
|
||||||
|
__owur size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs);
|
||||||
|
# ifndef OPENSSL_NO_EC
|
||||||
|
__owur int tls_check_sigalg_curve(const SSL *s, int curve);
|
||||||
|
diff -up openssl-1.1.1g/ssl/t1_lib.c.seclevel openssl-1.1.1g/ssl/t1_lib.c
|
||||||
|
--- openssl-1.1.1g/ssl/t1_lib.c.seclevel 2020-06-04 15:48:01.654179221 +0200
|
||||||
|
+++ openssl-1.1.1g/ssl/t1_lib.c 2020-06-05 17:02:40.268459157 +0200
|
||||||
|
@@ -2145,6 +2145,36 @@ int tls1_set_sigalgs(CERT *c, const int
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static int tls1_sigalgs_have_sha1(const uint16_t *sigalgs, size_t sigalgslen)
|
||||||
|
+{
|
||||||
|
+ size_t i;
|
||||||
|
+
|
||||||
|
+ for (i = 0; i < sigalgslen; i++, sigalgs++) {
|
||||||
|
+ const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(*sigalgs);
|
||||||
|
+
|
||||||
|
+ if (lu == NULL)
|
||||||
|
+ continue;
|
||||||
|
+ if (lu->hash == NID_sha1)
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+int tls1_cert_sigalgs_have_sha1(const CERT *c)
|
||||||
|
+{
|
||||||
|
+ if (c->client_sigalgs != NULL) {
|
||||||
|
+ if (tls1_sigalgs_have_sha1(c->client_sigalgs, c->client_sigalgslen))
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+ if (c->conf_sigalgs != NULL) {
|
||||||
|
+ if (tls1_sigalgs_have_sha1(c->conf_sigalgs, c->conf_sigalgslen))
|
||||||
|
+ return 1;
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+ return 1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid)
|
||||||
|
{
|
||||||
|
int sig_nid, use_pc_sigalgs = 0;
|
||||||
|
diff -up openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel openssl-1.1.1g/test/recipes/25-test_verify.t
|
||||||
|
--- openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel 2020-04-21 14:22:39.000000000 +0200
|
||||||
|
+++ openssl-1.1.1g/test/recipes/25-test_verify.t 2020-06-04 15:48:01.608178833 +0200
|
||||||
|
@@ -346,8 +346,8 @@ ok(verify("ee-pss-sha1-cert", "sslserver
|
||||||
ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], ),
|
ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], ),
|
||||||
"CA with PSS signature using SHA256");
|
"CA with PSS signature using SHA256");
|
||||||
|
|
||||||
|
@ -51,10 +51,10 @@ index 05f5cec3a9..811fe727f6 100644
|
|||||||
};
|
};
|
||||||
|
|
||||||
DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *,
|
DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *,
|
||||||
diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h
|
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
|
||||||
index a109e561b3..8c313c65ac 100644
|
index a109e561b3..8c313c65ac 100644
|
||||||
--- a/crypto/include/internal/evp_int.h
|
--- a/include/crypto/evp.h
|
||||||
+++ b/crypto/include/internal/evp_int.h
|
+++ b/include/crypto/evp.h
|
||||||
@@ -129,6 +129,7 @@ extern const EVP_KDF_METHOD pbkdf2_kdf_meth;
|
@@ -129,6 +129,7 @@ extern const EVP_KDF_METHOD pbkdf2_kdf_meth;
|
||||||
extern const EVP_KDF_METHOD scrypt_kdf_meth;
|
extern const EVP_KDF_METHOD scrypt_kdf_meth;
|
||||||
extern const EVP_KDF_METHOD tls1_prf_kdf_meth;
|
extern const EVP_KDF_METHOD tls1_prf_kdf_meth;
|
||||||
@ -119,7 +119,7 @@ index 0000000000..24f37cbed4
|
|||||||
+#include <openssl/evp.h>
|
+#include <openssl/evp.h>
|
||||||
+#include <openssl/kdf.h>
|
+#include <openssl/kdf.h>
|
||||||
+#include "internal/cryptlib.h"
|
+#include "internal/cryptlib.h"
|
||||||
+#include "internal/evp_int.h"
|
+#include "crypto/evp.h"
|
||||||
+#include "kdf_local.h"
|
+#include "kdf_local.h"
|
||||||
+
|
+
|
||||||
+/* See RFC 4253, Section 7.2 */
|
+/* See RFC 4253, Section 7.2 */
|
||||||
|
@ -1,26 +0,0 @@
|
|||||||
diff -up openssl-1.1.1c/ssl/record/ssl3_record.c.compliance openssl-1.1.1c/ssl/record/ssl3_record.c
|
|
||||||
--- openssl-1.1.1c/ssl/record/ssl3_record.c.compliance 2019-05-28 15:12:21.000000000 +0200
|
|
||||||
+++ openssl-1.1.1c/ssl/record/ssl3_record.c 2019-11-25 13:10:53.890637381 +0100
|
|
||||||
@@ -559,7 +559,7 @@ int ssl3_get_record(SSL *s)
|
|
||||||
RECORD_LAYER_reset_read_sequence(&s->rlayer);
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
- SSLfatal(s, SSL_AD_DECRYPTION_FAILED, SSL_F_SSL3_GET_RECORD,
|
|
||||||
+ SSLfatal(s, SSL_AD_BAD_RECORD_MAC, SSL_F_SSL3_GET_RECORD,
|
|
||||||
SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
diff -up openssl-1.1.1c/ssl/statem/extensions_srvr.c.compliance openssl-1.1.1c/ssl/statem/extensions_srvr.c
|
|
||||||
--- openssl-1.1.1c/ssl/statem/extensions_srvr.c.compliance 2019-05-28 15:12:21.000000000 +0200
|
|
||||||
+++ openssl-1.1.1c/ssl/statem/extensions_srvr.c 2019-11-25 13:12:59.329459528 +0100
|
|
||||||
@@ -1487,6 +1487,10 @@ EXT_RETURN tls_construct_stoc_status_req
|
|
||||||
unsigned int context, X509 *x,
|
|
||||||
size_t chainidx)
|
|
||||||
{
|
|
||||||
+ /* We don't currently support this extension inside a CertificateRequest */
|
|
||||||
+ if (context == SSL_EXT_TLS1_3_CERTIFICATE_REQUEST)
|
|
||||||
+ return EXT_RETURN_NOT_SENT;
|
|
||||||
+
|
|
||||||
if (!s->ext.status_expected)
|
|
||||||
return EXT_RETURN_NOT_SENT;
|
|
||||||
|
|
@ -1,534 +0,0 @@
|
|||||||
diff -up openssl-1.1.1c/crypto/dsa/dsa_ameth.c.sync openssl-1.1.1c/crypto/dsa/dsa_ameth.c
|
|
||||||
--- openssl-1.1.1c/crypto/dsa/dsa_ameth.c.sync 2019-05-28 15:12:21.000000000 +0200
|
|
||||||
+++ openssl-1.1.1c/crypto/dsa/dsa_ameth.c 2019-05-29 17:10:39.768187283 +0200
|
|
||||||
@@ -503,7 +503,7 @@ static int dsa_pkey_ctrl(EVP_PKEY *pkey,
|
|
||||||
|
|
||||||
case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
|
|
||||||
*(int *)arg2 = NID_sha256;
|
|
||||||
- return 2;
|
|
||||||
+ return 1;
|
|
||||||
|
|
||||||
default:
|
|
||||||
return -2;
|
|
||||||
diff -up openssl-1.1.1c/crypto/err/err.c.sync openssl-1.1.1c/crypto/err/err.c
|
|
||||||
--- openssl-1.1.1c/crypto/err/err.c.sync 2019-05-28 15:12:21.000000000 +0200
|
|
||||||
+++ openssl-1.1.1c/crypto/err/err.c 2019-05-29 17:07:13.345793792 +0200
|
|
||||||
@@ -184,8 +184,8 @@ static ERR_STRING_DATA *int_err_get_item
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_ERR
|
|
||||||
-/* A measurement on Linux 2018-11-21 showed about 3.5kib */
|
|
||||||
-# define SPACE_SYS_STR_REASONS 4 * 1024
|
|
||||||
+/* 2019-05-21: Russian and Ukrainian locales on Linux require more than 6,5 kB */
|
|
||||||
+# define SPACE_SYS_STR_REASONS 8 * 1024
|
|
||||||
# define NUM_SYS_STR_REASONS 127
|
|
||||||
|
|
||||||
static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
|
|
||||||
@@ -219,21 +219,23 @@ static void build_SYS_str_reasons(void)
|
|
||||||
ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
|
|
||||||
|
|
||||||
str->error = ERR_PACK(ERR_LIB_SYS, 0, i);
|
|
||||||
- if (str->string == NULL) {
|
|
||||||
+ /*
|
|
||||||
+ * If we have used up all the space in strerror_pool,
|
|
||||||
+ * there's no point in calling openssl_strerror_r()
|
|
||||||
+ */
|
|
||||||
+ if (str->string == NULL && cnt < sizeof(strerror_pool)) {
|
|
||||||
if (openssl_strerror_r(i, cur, sizeof(strerror_pool) - cnt)) {
|
|
||||||
size_t l = strlen(cur);
|
|
||||||
|
|
||||||
str->string = cur;
|
|
||||||
cnt += l;
|
|
||||||
- if (cnt > sizeof(strerror_pool))
|
|
||||||
- cnt = sizeof(strerror_pool);
|
|
||||||
cur += l;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* VMS has an unusual quirk of adding spaces at the end of
|
|
||||||
- * some (most? all?) messages. Lets trim them off.
|
|
||||||
+ * some (most? all?) messages. Lets trim them off.
|
|
||||||
*/
|
|
||||||
- while (ossl_isspace(cur[-1])) {
|
|
||||||
+ while (cur > strerror_pool && ossl_isspace(cur[-1])) {
|
|
||||||
cur--;
|
|
||||||
cnt--;
|
|
||||||
}
|
|
||||||
diff -up openssl-1.1.1c/crypto/rand/rand_lib.c.sync openssl-1.1.1c/crypto/rand/rand_lib.c
|
|
||||||
--- openssl-1.1.1c/crypto/rand/rand_lib.c.sync 2019-05-29 17:20:17.175099183 +0200
|
|
||||||
+++ openssl-1.1.1c/crypto/rand/rand_lib.c 2019-05-30 11:51:20.784850208 +0200
|
|
||||||
@@ -239,8 +239,9 @@ size_t rand_drbg_get_nonce(RAND_DRBG *dr
|
|
||||||
struct {
|
|
||||||
void * instance;
|
|
||||||
int count;
|
|
||||||
- } data = { NULL, 0 };
|
|
||||||
+ } data;
|
|
||||||
|
|
||||||
+ memset(&data, 0, sizeof(data));
|
|
||||||
pool = rand_pool_new(0, min_len, max_len);
|
|
||||||
if (pool == NULL)
|
|
||||||
return 0;
|
|
||||||
From 6c2f347c78a530407b5310497080810094427920 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Matt Caswell <matt@openssl.org>
|
|
||||||
Date: Wed, 17 Apr 2019 11:09:05 +0100
|
|
||||||
Subject: [PATCH 1/2] Defer sending a KeyUpdate until after pending writes are
|
|
||||||
complete
|
|
||||||
|
|
||||||
If we receive a KeyUpdate message (update requested) from the peer while
|
|
||||||
we are in the middle of a write, we should defer sending the responding
|
|
||||||
KeyUpdate message until after the current write is complete. We do this
|
|
||||||
by waiting to send the KeyUpdate until the next time we write and there is
|
|
||||||
no pending write data.
|
|
||||||
|
|
||||||
This does imply a subtle change in behaviour. Firstly the responding
|
|
||||||
KeyUpdate message won't be sent straight away as it is now. Secondly if
|
|
||||||
the peer sends multiple KeyUpdates without us doing any writing then we
|
|
||||||
will only send one response, as opposed to previously where we sent a
|
|
||||||
response for each KeyUpdate received.
|
|
||||||
|
|
||||||
Fixes #8677
|
|
||||||
|
|
||||||
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
|
|
||||||
(Merged from https://github.com/openssl/openssl/pull/8773)
|
|
||||||
|
|
||||||
(cherry picked from commit feb9e31c40c49de6384dd0413685e9b5a15adc99)
|
|
||||||
---
|
|
||||||
ssl/record/rec_layer_s3.c | 7 +++++++
|
|
||||||
ssl/statem/statem_clnt.c | 6 ------
|
|
||||||
ssl/statem/statem_lib.c | 7 ++-----
|
|
||||||
ssl/statem/statem_srvr.c | 6 ------
|
|
||||||
4 files changed, 9 insertions(+), 17 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
|
|
||||||
index b2f97ef905..b65137c332 100644
|
|
||||||
--- a/ssl/record/rec_layer_s3.c
|
|
||||||
+++ b/ssl/record/rec_layer_s3.c
|
|
||||||
@@ -373,6 +373,13 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len,
|
|
||||||
|
|
||||||
s->rlayer.wnum = 0;
|
|
||||||
|
|
||||||
+ /*
|
|
||||||
+ * If we are supposed to be sending a KeyUpdate then go into init unless we
|
|
||||||
+ * have writes pending - in which case we should finish doing that first.
|
|
||||||
+ */
|
|
||||||
+ if (wb->left == 0 && s->key_update != SSL_KEY_UPDATE_NONE)
|
|
||||||
+ ossl_statem_set_in_init(s, 1);
|
|
||||||
+
|
|
||||||
/*
|
|
||||||
* When writing early data on the server side we could be "in_init" in
|
|
||||||
* between receiving the EoED and the CF - but we don't want to handle those
|
|
||||||
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
|
|
||||||
index 87800cd835..6410414fb6 100644
|
|
||||||
--- a/ssl/statem/statem_clnt.c
|
|
||||||
+++ b/ssl/statem/statem_clnt.c
|
|
||||||
@@ -473,12 +473,6 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s)
|
|
||||||
return WRITE_TRAN_CONTINUE;
|
|
||||||
|
|
||||||
case TLS_ST_CR_KEY_UPDATE:
|
|
||||||
- if (s->key_update != SSL_KEY_UPDATE_NONE) {
|
|
||||||
- st->hand_state = TLS_ST_CW_KEY_UPDATE;
|
|
||||||
- return WRITE_TRAN_CONTINUE;
|
|
||||||
- }
|
|
||||||
- /* Fall through */
|
|
||||||
-
|
|
||||||
case TLS_ST_CW_KEY_UPDATE:
|
|
||||||
case TLS_ST_CR_SESSION_TICKET:
|
|
||||||
case TLS_ST_CW_FINISHED:
|
|
||||||
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
|
|
||||||
index c0482b0a90..2960dafa52 100644
|
|
||||||
--- a/ssl/statem/statem_lib.c
|
|
||||||
+++ b/ssl/statem/statem_lib.c
|
|
||||||
@@ -645,12 +645,9 @@ MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt)
|
|
||||||
/*
|
|
||||||
* If we get a request for us to update our sending keys too then, we need
|
|
||||||
* to additionally send a KeyUpdate message. However that message should
|
|
||||||
- * not also request an update (otherwise we get into an infinite loop). We
|
|
||||||
- * ignore a request for us to update our sending keys too if we already
|
|
||||||
- * sent close_notify.
|
|
||||||
+ * not also request an update (otherwise we get into an infinite loop).
|
|
||||||
*/
|
|
||||||
- if (updatetype == SSL_KEY_UPDATE_REQUESTED
|
|
||||||
- && (s->shutdown & SSL_SENT_SHUTDOWN) == 0)
|
|
||||||
+ if (updatetype == SSL_KEY_UPDATE_REQUESTED)
|
|
||||||
s->key_update = SSL_KEY_UPDATE_NOT_REQUESTED;
|
|
||||||
|
|
||||||
if (!tls13_update_key(s, 0)) {
|
|
||||||
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
|
|
||||||
index d454326a99..04a23320fc 100644
|
|
||||||
--- a/ssl/statem/statem_srvr.c
|
|
||||||
+++ b/ssl/statem/statem_srvr.c
|
|
||||||
@@ -502,12 +502,6 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
|
|
||||||
return WRITE_TRAN_CONTINUE;
|
|
||||||
|
|
||||||
case TLS_ST_SR_KEY_UPDATE:
|
|
||||||
- if (s->key_update != SSL_KEY_UPDATE_NONE) {
|
|
||||||
- st->hand_state = TLS_ST_SW_KEY_UPDATE;
|
|
||||||
- return WRITE_TRAN_CONTINUE;
|
|
||||||
- }
|
|
||||||
- /* Fall through */
|
|
||||||
-
|
|
||||||
case TLS_ST_SW_KEY_UPDATE:
|
|
||||||
st->hand_state = TLS_ST_OK;
|
|
||||||
return WRITE_TRAN_CONTINUE;
|
|
||||||
--
|
|
||||||
2.20.1
|
|
||||||
|
|
||||||
From c8feb1039ccc4cd11e6db084df1446bf863bee1e Mon Sep 17 00:00:00 2001
|
|
||||||
From: Matt Caswell <matt@openssl.org>
|
|
||||||
Date: Wed, 17 Apr 2019 10:30:53 +0100
|
|
||||||
Subject: [PATCH 2/2] Write a test for receiving a KeyUpdate (update requested)
|
|
||||||
while writing
|
|
||||||
|
|
||||||
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
|
|
||||||
(Merged from https://github.com/openssl/openssl/pull/8773)
|
|
||||||
|
|
||||||
(cherry picked from commit a77b4dba237d001073d2d1c5d55c674a196c949f)
|
|
||||||
---
|
|
||||||
test/sslapitest.c | 92 +++++++++++++++++++++++++++++++++++++++++++++
|
|
||||||
test/ssltestlib.c | 96 +++++++++++++++++++++++++++++++++++++++++++++++
|
|
||||||
test/ssltestlib.h | 3 ++
|
|
||||||
3 files changed, 191 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/test/sslapitest.c b/test/sslapitest.c
|
|
||||||
index 2261fe4a7a..577342644d 100644
|
|
||||||
--- a/test/sslapitest.c
|
|
||||||
+++ b/test/sslapitest.c
|
|
||||||
@@ -4290,6 +4290,11 @@ static int test_key_update(void)
|
|
||||||
|| !TEST_int_eq(SSL_read(serverssl, buf, sizeof(buf)),
|
|
||||||
strlen(mess)))
|
|
||||||
goto end;
|
|
||||||
+
|
|
||||||
+ if (!TEST_int_eq(SSL_write(serverssl, mess, strlen(mess)), strlen(mess))
|
|
||||||
+ || !TEST_int_eq(SSL_read(clientssl, buf, sizeof(buf)),
|
|
||||||
+ strlen(mess)))
|
|
||||||
+ goto end;
|
|
||||||
}
|
|
||||||
|
|
||||||
testresult = 1;
|
|
||||||
@@ -4302,6 +4307,91 @@ static int test_key_update(void)
|
|
||||||
|
|
||||||
return testresult;
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+/*
|
|
||||||
+ * Test we can handle a KeyUpdate (update requested) message while write data
|
|
||||||
+ * is pending.
|
|
||||||
+ * Test 0: Client sends KeyUpdate while Server is writing
|
|
||||||
+ * Test 1: Server sends KeyUpdate while Client is writing
|
|
||||||
+ */
|
|
||||||
+static int test_key_update_in_write(int tst)
|
|
||||||
+{
|
|
||||||
+ SSL_CTX *cctx = NULL, *sctx = NULL;
|
|
||||||
+ SSL *clientssl = NULL, *serverssl = NULL;
|
|
||||||
+ int testresult = 0;
|
|
||||||
+ char buf[20];
|
|
||||||
+ static char *mess = "A test message";
|
|
||||||
+ BIO *bretry = BIO_new(bio_s_always_retry());
|
|
||||||
+ BIO *tmp = NULL;
|
|
||||||
+ SSL *peerupdate = NULL, *peerwrite = NULL;
|
|
||||||
+
|
|
||||||
+ if (!TEST_ptr(bretry)
|
|
||||||
+ || !TEST_true(create_ssl_ctx_pair(TLS_server_method(),
|
|
||||||
+ TLS_client_method(),
|
|
||||||
+ TLS1_3_VERSION,
|
|
||||||
+ 0,
|
|
||||||
+ &sctx, &cctx, cert, privkey))
|
|
||||||
+ || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
|
|
||||||
+ NULL, NULL))
|
|
||||||
+ || !TEST_true(create_ssl_connection(serverssl, clientssl,
|
|
||||||
+ SSL_ERROR_NONE)))
|
|
||||||
+ goto end;
|
|
||||||
+
|
|
||||||
+ peerupdate = tst == 0 ? clientssl : serverssl;
|
|
||||||
+ peerwrite = tst == 0 ? serverssl : clientssl;
|
|
||||||
+
|
|
||||||
+ if (!TEST_true(SSL_key_update(peerupdate, SSL_KEY_UPDATE_REQUESTED))
|
|
||||||
+ || !TEST_true(SSL_do_handshake(peerupdate)))
|
|
||||||
+ goto end;
|
|
||||||
+
|
|
||||||
+ /* Swap the writing endpoint's write BIO to force a retry */
|
|
||||||
+ tmp = SSL_get_wbio(peerwrite);
|
|
||||||
+ if (!TEST_ptr(tmp) || !TEST_true(BIO_up_ref(tmp))) {
|
|
||||||
+ tmp = NULL;
|
|
||||||
+ goto end;
|
|
||||||
+ }
|
|
||||||
+ SSL_set0_wbio(peerwrite, bretry);
|
|
||||||
+ bretry = NULL;
|
|
||||||
+
|
|
||||||
+ /* Write data that we know will fail with SSL_ERROR_WANT_WRITE */
|
|
||||||
+ if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), -1)
|
|
||||||
+ || !TEST_int_eq(SSL_get_error(peerwrite, 0), SSL_ERROR_WANT_WRITE))
|
|
||||||
+ goto end;
|
|
||||||
+
|
|
||||||
+ /* Reinstate the original writing endpoint's write BIO */
|
|
||||||
+ SSL_set0_wbio(peerwrite, tmp);
|
|
||||||
+ tmp = NULL;
|
|
||||||
+
|
|
||||||
+ /* Now read some data - we will read the key update */
|
|
||||||
+ if (!TEST_int_eq(SSL_read(peerwrite, buf, sizeof(buf)), -1)
|
|
||||||
+ || !TEST_int_eq(SSL_get_error(peerwrite, 0), SSL_ERROR_WANT_READ))
|
|
||||||
+ goto end;
|
|
||||||
+
|
|
||||||
+ /*
|
|
||||||
+ * Complete the write we started previously and read it from the other
|
|
||||||
+ * endpoint
|
|
||||||
+ */
|
|
||||||
+ if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess))
|
|
||||||
+ || !TEST_int_eq(SSL_read(peerupdate, buf, sizeof(buf)), strlen(mess)))
|
|
||||||
+ goto end;
|
|
||||||
+
|
|
||||||
+ /* Write more data to ensure we send the KeyUpdate message back */
|
|
||||||
+ if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess))
|
|
||||||
+ || !TEST_int_eq(SSL_read(peerupdate, buf, sizeof(buf)), strlen(mess)))
|
|
||||||
+ goto end;
|
|
||||||
+
|
|
||||||
+ testresult = 1;
|
|
||||||
+
|
|
||||||
+ end:
|
|
||||||
+ SSL_free(serverssl);
|
|
||||||
+ SSL_free(clientssl);
|
|
||||||
+ SSL_CTX_free(sctx);
|
|
||||||
+ SSL_CTX_free(cctx);
|
|
||||||
+ BIO_free(bretry);
|
|
||||||
+ BIO_free(tmp);
|
|
||||||
+
|
|
||||||
+ return testresult;
|
|
||||||
+}
|
|
||||||
#endif /* OPENSSL_NO_TLS1_3 */
|
|
||||||
|
|
||||||
static int test_ssl_clear(int idx)
|
|
||||||
@@ -5982,6 +6072,7 @@ int setup_tests(void)
|
|
||||||
#ifndef OPENSSL_NO_TLS1_3
|
|
||||||
ADD_ALL_TESTS(test_export_key_mat_early, 3);
|
|
||||||
ADD_TEST(test_key_update);
|
|
||||||
+ ADD_ALL_TESTS(test_key_update_in_write, 2);
|
|
||||||
#endif
|
|
||||||
ADD_ALL_TESTS(test_ssl_clear, 2);
|
|
||||||
ADD_ALL_TESTS(test_max_fragment_len_ext, OSSL_NELEM(max_fragment_len_test));
|
|
||||||
@@ -6002,4 +6093,5 @@ int setup_tests(void)
|
|
||||||
void cleanup_tests(void)
|
|
||||||
{
|
|
||||||
bio_s_mempacket_test_free();
|
|
||||||
+ bio_s_always_retry_free();
|
|
||||||
}
|
|
||||||
diff --git a/test/ssltestlib.c b/test/ssltestlib.c
|
|
||||||
index 05139be750..e1038620ac 100644
|
|
||||||
--- a/test/ssltestlib.c
|
|
||||||
+++ b/test/ssltestlib.c
|
|
||||||
@@ -62,9 +62,11 @@ static int tls_dump_puts(BIO *bp, const char *str);
|
|
||||||
/* Choose a sufficiently large type likely to be unused for this custom BIO */
|
|
||||||
#define BIO_TYPE_TLS_DUMP_FILTER (0x80 | BIO_TYPE_FILTER)
|
|
||||||
#define BIO_TYPE_MEMPACKET_TEST 0x81
|
|
||||||
+#define BIO_TYPE_ALWAYS_RETRY 0x82
|
|
||||||
|
|
||||||
static BIO_METHOD *method_tls_dump = NULL;
|
|
||||||
static BIO_METHOD *meth_mem = NULL;
|
|
||||||
+static BIO_METHOD *meth_always_retry = NULL;
|
|
||||||
|
|
||||||
/* Note: Not thread safe! */
|
|
||||||
const BIO_METHOD *bio_f_tls_dump_filter(void)
|
|
||||||
@@ -612,6 +614,100 @@ static int mempacket_test_puts(BIO *bio, const char *str)
|
|
||||||
return mempacket_test_write(bio, str, strlen(str));
|
|
||||||
}
|
|
||||||
|
|
||||||
+static int always_retry_new(BIO *bi);
|
|
||||||
+static int always_retry_free(BIO *a);
|
|
||||||
+static int always_retry_read(BIO *b, char *out, int outl);
|
|
||||||
+static int always_retry_write(BIO *b, const char *in, int inl);
|
|
||||||
+static long always_retry_ctrl(BIO *b, int cmd, long num, void *ptr);
|
|
||||||
+static int always_retry_gets(BIO *bp, char *buf, int size);
|
|
||||||
+static int always_retry_puts(BIO *bp, const char *str);
|
|
||||||
+
|
|
||||||
+const BIO_METHOD *bio_s_always_retry(void)
|
|
||||||
+{
|
|
||||||
+ if (meth_always_retry == NULL) {
|
|
||||||
+ if (!TEST_ptr(meth_always_retry = BIO_meth_new(BIO_TYPE_ALWAYS_RETRY,
|
|
||||||
+ "Always Retry"))
|
|
||||||
+ || !TEST_true(BIO_meth_set_write(meth_always_retry,
|
|
||||||
+ always_retry_write))
|
|
||||||
+ || !TEST_true(BIO_meth_set_read(meth_always_retry,
|
|
||||||
+ always_retry_read))
|
|
||||||
+ || !TEST_true(BIO_meth_set_puts(meth_always_retry,
|
|
||||||
+ always_retry_puts))
|
|
||||||
+ || !TEST_true(BIO_meth_set_gets(meth_always_retry,
|
|
||||||
+ always_retry_gets))
|
|
||||||
+ || !TEST_true(BIO_meth_set_ctrl(meth_always_retry,
|
|
||||||
+ always_retry_ctrl))
|
|
||||||
+ || !TEST_true(BIO_meth_set_create(meth_always_retry,
|
|
||||||
+ always_retry_new))
|
|
||||||
+ || !TEST_true(BIO_meth_set_destroy(meth_always_retry,
|
|
||||||
+ always_retry_free)))
|
|
||||||
+ return NULL;
|
|
||||||
+ }
|
|
||||||
+ return meth_always_retry;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+void bio_s_always_retry_free(void)
|
|
||||||
+{
|
|
||||||
+ BIO_meth_free(meth_always_retry);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static int always_retry_new(BIO *bio)
|
|
||||||
+{
|
|
||||||
+ BIO_set_init(bio, 1);
|
|
||||||
+ return 1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static int always_retry_free(BIO *bio)
|
|
||||||
+{
|
|
||||||
+ BIO_set_data(bio, NULL);
|
|
||||||
+ BIO_set_init(bio, 0);
|
|
||||||
+ return 1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static int always_retry_read(BIO *bio, char *out, int outl)
|
|
||||||
+{
|
|
||||||
+ BIO_set_retry_read(bio);
|
|
||||||
+ return -1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static int always_retry_write(BIO *bio, const char *in, int inl)
|
|
||||||
+{
|
|
||||||
+ BIO_set_retry_write(bio);
|
|
||||||
+ return -1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static long always_retry_ctrl(BIO *bio, int cmd, long num, void *ptr)
|
|
||||||
+{
|
|
||||||
+ long ret = 1;
|
|
||||||
+
|
|
||||||
+ switch (cmd) {
|
|
||||||
+ case BIO_CTRL_FLUSH:
|
|
||||||
+ BIO_set_retry_write(bio);
|
|
||||||
+ /* fall through */
|
|
||||||
+ case BIO_CTRL_EOF:
|
|
||||||
+ case BIO_CTRL_RESET:
|
|
||||||
+ case BIO_CTRL_DUP:
|
|
||||||
+ case BIO_CTRL_PUSH:
|
|
||||||
+ case BIO_CTRL_POP:
|
|
||||||
+ default:
|
|
||||||
+ ret = 0;
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ return ret;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static int always_retry_gets(BIO *bio, char *buf, int size)
|
|
||||||
+{
|
|
||||||
+ BIO_set_retry_read(bio);
|
|
||||||
+ return -1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static int always_retry_puts(BIO *bio, const char *str)
|
|
||||||
+{
|
|
||||||
+ BIO_set_retry_write(bio);
|
|
||||||
+ return -1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm,
|
|
||||||
int min_proto_version, int max_proto_version,
|
|
||||||
SSL_CTX **sctx, SSL_CTX **cctx, char *certfile,
|
|
||||||
diff --git a/test/ssltestlib.h b/test/ssltestlib.h
|
|
||||||
index fa19e7d80d..56e323f5bc 100644
|
|
||||||
--- a/test/ssltestlib.h
|
|
||||||
+++ b/test/ssltestlib.h
|
|
||||||
@@ -30,6 +30,9 @@ void bio_f_tls_dump_filter_free(void);
|
|
||||||
const BIO_METHOD *bio_s_mempacket_test(void);
|
|
||||||
void bio_s_mempacket_test_free(void);
|
|
||||||
|
|
||||||
+const BIO_METHOD *bio_s_always_retry(void);
|
|
||||||
+void bio_s_always_retry_free(void);
|
|
||||||
+
|
|
||||||
/* Packet types - value 0 is reserved */
|
|
||||||
#define INJECT_PACKET 1
|
|
||||||
#define INJECT_PACKET_IGNORE_REC_SEQ 2
|
|
||||||
--
|
|
||||||
2.20.1
|
|
||||||
|
|
||||||
diff -up openssl-1.1.1c/include/internal/constant_time_locl.h.valgrind openssl-1.1.1c/include/internal/constant_time_locl.h
|
|
||||||
--- openssl-1.1.1c/include/internal/constant_time_locl.h.valgrind 2019-05-28 15:12:21.000000000 +0200
|
|
||||||
+++ openssl-1.1.1c/include/internal/constant_time_locl.h 2019-06-24 15:02:12.796053536 +0200
|
|
||||||
@@ -213,18 +213,66 @@ static ossl_inline unsigned char constan
|
|
||||||
return constant_time_eq_8((unsigned)(a), (unsigned)(b));
|
|
||||||
}
|
|
||||||
|
|
||||||
+/* Returns the value unmodified, but avoids optimizations. */
|
|
||||||
+static ossl_inline unsigned int value_barrier(unsigned int a)
|
|
||||||
+{
|
|
||||||
+#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
|
|
||||||
+ unsigned int r;
|
|
||||||
+ __asm__("" : "=r"(r) : "0"(a));
|
|
||||||
+#else
|
|
||||||
+ volatile unsigned int r = a;
|
|
||||||
+#endif
|
|
||||||
+ return r;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+/* Convenience method for uint32_t. */
|
|
||||||
+static ossl_inline uint32_t value_barrier_32(uint32_t a)
|
|
||||||
+{
|
|
||||||
+#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
|
|
||||||
+ uint32_t r;
|
|
||||||
+ __asm__("" : "=r"(r) : "0"(a));
|
|
||||||
+#else
|
|
||||||
+ volatile uint32_t r = a;
|
|
||||||
+#endif
|
|
||||||
+ return r;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+/* Convenience method for uint64_t. */
|
|
||||||
+static ossl_inline uint64_t value_barrier_64(uint64_t a)
|
|
||||||
+{
|
|
||||||
+#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
|
|
||||||
+ uint64_t r;
|
|
||||||
+ __asm__("" : "=r"(r) : "0"(a));
|
|
||||||
+#else
|
|
||||||
+ volatile uint64_t r = a;
|
|
||||||
+#endif
|
|
||||||
+ return r;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+/* Convenience method for size_t. */
|
|
||||||
+static ossl_inline size_t value_barrier_s(size_t a)
|
|
||||||
+{
|
|
||||||
+#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
|
|
||||||
+ size_t r;
|
|
||||||
+ __asm__("" : "=r"(r) : "0"(a));
|
|
||||||
+#else
|
|
||||||
+ volatile size_t r = a;
|
|
||||||
+#endif
|
|
||||||
+ return r;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static ossl_inline unsigned int constant_time_select(unsigned int mask,
|
|
||||||
unsigned int a,
|
|
||||||
unsigned int b)
|
|
||||||
{
|
|
||||||
- return (mask & a) | (~mask & b);
|
|
||||||
+ return (value_barrier(mask) & a) | (value_barrier(~mask) & b);
|
|
||||||
}
|
|
||||||
|
|
||||||
static ossl_inline size_t constant_time_select_s(size_t mask,
|
|
||||||
size_t a,
|
|
||||||
size_t b)
|
|
||||||
{
|
|
||||||
- return (mask & a) | (~mask & b);
|
|
||||||
+ return (value_barrier_s(mask) & a) | (value_barrier_s(~mask) & b);
|
|
||||||
}
|
|
||||||
|
|
||||||
static ossl_inline unsigned char constant_time_select_8(unsigned char mask,
|
|
||||||
@@ -249,13 +297,13 @@ static ossl_inline int constant_time_sel
|
|
||||||
static ossl_inline uint32_t constant_time_select_32(uint32_t mask, uint32_t a,
|
|
||||||
uint32_t b)
|
|
||||||
{
|
|
||||||
- return (mask & a) | (~mask & b);
|
|
||||||
+ return (value_barrier_32(mask) & a) | (value_barrier_32(~mask) & b);
|
|
||||||
}
|
|
||||||
|
|
||||||
static ossl_inline uint64_t constant_time_select_64(uint64_t mask, uint64_t a,
|
|
||||||
uint64_t b)
|
|
||||||
{
|
|
||||||
- return (mask & a) | (~mask & b);
|
|
||||||
+ return (value_barrier_64(mask) & a) | (value_barrier_64(~mask) & b);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
@ -1,12 +1,12 @@
|
|||||||
diff -up openssl-1.1.1c/include/openssl/opensslv.h.version-override openssl-1.1.1c/include/openssl/opensslv.h
|
diff -up openssl-1.1.1g/include/openssl/opensslv.h.version-override openssl-1.1.1g/include/openssl/opensslv.h
|
||||||
--- openssl-1.1.1c/include/openssl/opensslv.h.version-override 2019-05-29 15:52:30.014734859 +0200
|
--- openssl-1.1.1g/include/openssl/opensslv.h.version-override 2020-04-23 13:29:37.802673513 +0200
|
||||||
+++ openssl-1.1.1c/include/openssl/opensslv.h 2019-05-29 15:53:23.093800831 +0200
|
+++ openssl-1.1.1g/include/openssl/opensslv.h 2020-04-23 13:30:13.064008458 +0200
|
||||||
@@ -40,7 +40,7 @@ extern "C" {
|
@@ -40,7 +40,7 @@ extern "C" {
|
||||||
* major minor fix final patch/beta)
|
* major minor fix final patch/beta)
|
||||||
*/
|
*/
|
||||||
# define OPENSSL_VERSION_NUMBER 0x1010103fL
|
# define OPENSSL_VERSION_NUMBER 0x1010107fL
|
||||||
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1c 28 May 2019"
|
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1g 21 Apr 2020"
|
||||||
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1c FIPS 28 May 2019"
|
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1g FIPS 21 Apr 2020"
|
||||||
|
|
||||||
/*-
|
/*-
|
||||||
* The macros below are to be used for shared library (.so, .dll, ...)
|
* The macros below are to be used for shared library (.so, .dll, ...)
|
||||||
|
@ -21,8 +21,8 @@
|
|||||||
|
|
||||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 1.1.1c
|
Version: 1.1.1g
|
||||||
Release: 15%{?dist}
|
Release: 11%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
# We have to remove certain patented algorithms from the openssl source
|
# We have to remove certain patented algorithms from the openssl source
|
||||||
# tarball with the hobble-openssl script which is included below.
|
# tarball with the hobble-openssl script which is included below.
|
||||||
@ -40,7 +40,7 @@ Source13: ectest.c
|
|||||||
# Build changes
|
# Build changes
|
||||||
Patch1: openssl-1.1.1-build.patch
|
Patch1: openssl-1.1.1-build.patch
|
||||||
Patch2: openssl-1.1.1-defaults.patch
|
Patch2: openssl-1.1.1-defaults.patch
|
||||||
Patch3: openssl-1.1.0-no-html.patch
|
Patch3: openssl-1.1.1-no-html.patch
|
||||||
Patch4: openssl-1.1.1-man-rename.patch
|
Patch4: openssl-1.1.1-man-rename.patch
|
||||||
# Bug fixes
|
# Bug fixes
|
||||||
Patch21: openssl-1.1.0-issuer-hash.patch
|
Patch21: openssl-1.1.0-issuer-hash.patch
|
||||||
@ -62,25 +62,23 @@ Patch47: openssl-1.1.1-ts-sha256-default.patch
|
|||||||
Patch48: openssl-1.1.1-fips-post-rand.patch
|
Patch48: openssl-1.1.1-fips-post-rand.patch
|
||||||
Patch49: openssl-1.1.1-evp-kdf.patch
|
Patch49: openssl-1.1.1-evp-kdf.patch
|
||||||
Patch50: openssl-1.1.1-ssh-kdf.patch
|
Patch50: openssl-1.1.1-ssh-kdf.patch
|
||||||
|
Patch51: openssl-1.1.1-intel-cet.patch
|
||||||
Patch60: openssl-1.1.1-krb5-kdf.patch
|
Patch60: openssl-1.1.1-krb5-kdf.patch
|
||||||
Patch61: openssl-1.1.1-edk2-build.patch
|
Patch61: openssl-1.1.1-edk2-build.patch
|
||||||
Patch62: openssl-1.1.1-fips-curves.patch
|
Patch62: openssl-1.1.1-fips-curves.patch
|
||||||
Patch65: openssl-1.1.1-fips-drbg-selftest.patch
|
Patch65: openssl-1.1.1-fips-drbg-selftest.patch
|
||||||
|
Patch66: openssl-1.1.1-fips-dh.patch
|
||||||
|
Patch67: openssl-1.1.1-kdf-selftest.patch
|
||||||
|
Patch68: openssl-1.1.1-reneg-no-extms.patch
|
||||||
|
Patch69: openssl-1.1.1-alpn-cb.patch
|
||||||
|
Patch70: openssl-1.1.1-rewire-fips-drbg.patch
|
||||||
# Backported fixes including security fixes
|
# Backported fixes including security fixes
|
||||||
Patch51: openssl-1.1.1-upstream-sync.patch
|
|
||||||
Patch52: openssl-1.1.1-s390x-update.patch
|
Patch52: openssl-1.1.1-s390x-update.patch
|
||||||
Patch53: openssl-1.1.1-fips-crng-test.patch
|
Patch53: openssl-1.1.1-fips-crng-test.patch
|
||||||
Patch54: openssl-1.1.1-regression-fixes.patch
|
|
||||||
Patch55: openssl-1.1.1-arm-update.patch
|
Patch55: openssl-1.1.1-arm-update.patch
|
||||||
Patch56: openssl-1.1.1-s390x-ecc.patch
|
Patch56: openssl-1.1.1-s390x-ecc.patch
|
||||||
Patch57: openssl-1.1.1-cve-2019-1547.patch
|
|
||||||
Patch58: openssl-1.1.1-cve-2019-1563.patch
|
|
||||||
Patch59: openssl-1.1.1-cve-2019-1549.patch
|
|
||||||
Patch63: openssl-1.1.1-tls-compliance.patch
|
|
||||||
Patch64: openssl-1.1.1-s390x-sigill.patch
|
|
||||||
|
|
||||||
License: OpenSSL
|
License: OpenSSL and ASL 2.0
|
||||||
Group: System Environment/Libraries
|
|
||||||
URL: http://www.openssl.org/
|
URL: http://www.openssl.org/
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: coreutils, perl-interpreter, sed, zlib-devel, /usr/bin/cmp
|
BuildRequires: coreutils, perl-interpreter, sed, zlib-devel, /usr/bin/cmp
|
||||||
@ -91,6 +89,7 @@ BuildRequires: /usr/sbin/sysctl
|
|||||||
BuildRequires: perl(Test::Harness), perl(Test::More), perl(Math::BigInt)
|
BuildRequires: perl(Test::Harness), perl(Test::More), perl(Math::BigInt)
|
||||||
BuildRequires: perl(Module::Load::Conditional), perl(File::Temp)
|
BuildRequires: perl(Module::Load::Conditional), perl(File::Temp)
|
||||||
BuildRequires: perl(Time::HiRes)
|
BuildRequires: perl(Time::HiRes)
|
||||||
|
BuildRequires: perl(FindBin), perl(lib), perl(File::Compare), perl(File::Copy)
|
||||||
Requires: coreutils
|
Requires: coreutils
|
||||||
Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
|
Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
|
||||||
|
|
||||||
@ -102,7 +101,6 @@ protocols.
|
|||||||
|
|
||||||
%package libs
|
%package libs
|
||||||
Summary: A general purpose cryptography library with TLS implementation
|
Summary: A general purpose cryptography library with TLS implementation
|
||||||
Group: System Environment/Libraries
|
|
||||||
Requires: ca-certificates >= 2008-5
|
Requires: ca-certificates >= 2008-5
|
||||||
Requires: crypto-policies >= 20180730
|
Requires: crypto-policies >= 20180730
|
||||||
Recommends: openssl-pkcs11%{?_isa}
|
Recommends: openssl-pkcs11%{?_isa}
|
||||||
@ -118,7 +116,6 @@ support cryptographic algorithms and protocols.
|
|||||||
|
|
||||||
%package devel
|
%package devel
|
||||||
Summary: Files for development of applications which will use OpenSSL
|
Summary: Files for development of applications which will use OpenSSL
|
||||||
Group: Development/Libraries
|
|
||||||
Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
|
Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
|
||||||
Requires: krb5-devel%{?_isa}, zlib-devel%{?_isa}
|
Requires: krb5-devel%{?_isa}, zlib-devel%{?_isa}
|
||||||
Requires: pkgconfig
|
Requires: pkgconfig
|
||||||
@ -130,7 +127,6 @@ support various cryptographic algorithms and protocols.
|
|||||||
|
|
||||||
%package static
|
%package static
|
||||||
Summary: Libraries for static linking of applications which will use OpenSSL
|
Summary: Libraries for static linking of applications which will use OpenSSL
|
||||||
Group: Development/Libraries
|
|
||||||
Requires: %{name}-devel%{?_isa} = %{epoch}:%{version}-%{release}
|
Requires: %{name}-devel%{?_isa} = %{epoch}:%{version}-%{release}
|
||||||
|
|
||||||
%description static
|
%description static
|
||||||
@ -141,7 +137,6 @@ protocols.
|
|||||||
|
|
||||||
%package perl
|
%package perl
|
||||||
Summary: Perl scripts provided with OpenSSL
|
Summary: Perl scripts provided with OpenSSL
|
||||||
Group: Applications/Internet
|
|
||||||
Requires: perl-interpreter
|
Requires: perl-interpreter
|
||||||
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
|
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
|
||||||
|
|
||||||
@ -184,21 +179,21 @@ cp %{SOURCE13} test/
|
|||||||
%patch48 -p1 -b .fips-post-rand
|
%patch48 -p1 -b .fips-post-rand
|
||||||
%patch49 -p1 -b .evp-kdf
|
%patch49 -p1 -b .evp-kdf
|
||||||
%patch50 -p1 -b .ssh-kdf
|
%patch50 -p1 -b .ssh-kdf
|
||||||
%patch51 -p1 -b .upstream-sync
|
%patch51 -p1 -b .intel-cet
|
||||||
%patch52 -p1 -b .s390x-update
|
%patch52 -p1 -b .s390x-update
|
||||||
%patch53 -p1 -b .crng-test
|
%patch53 -p1 -b .crng-test
|
||||||
%patch54 -p1 -b .regression
|
|
||||||
%patch55 -p1 -b .arm-update
|
%patch55 -p1 -b .arm-update
|
||||||
%patch56 -p1 -b .s390x-ecc
|
%patch56 -p1 -b .s390x-ecc
|
||||||
%patch57 -p1 -b .compute-cofactor
|
|
||||||
%patch58 -p1 -b .cms-padding-oracle
|
|
||||||
%patch59 -p1 -b .fork-safety
|
|
||||||
%patch60 -p1 -b .krb5-kdf
|
%patch60 -p1 -b .krb5-kdf
|
||||||
%patch61 -p1 -b .edk2-build
|
%patch61 -p1 -b .edk2-build
|
||||||
%patch62 -p1 -b .fips-curves
|
%patch62 -p1 -b .fips-curves
|
||||||
%patch63 -p1 -b .compliance
|
|
||||||
%patch64 -p1 -b .s390x-sigill
|
|
||||||
%patch65 -p1 -b .drbg-selftest
|
%patch65 -p1 -b .drbg-selftest
|
||||||
|
%patch66 -p1 -b .fips-dh
|
||||||
|
%patch67 -p1 -b .kdf-selftest
|
||||||
|
%patch68 -p1 -b .reneg-no-extms
|
||||||
|
%patch69 -p1 -b .alpn-cb
|
||||||
|
%patch70 -p1 -b .rewire-fips-drbg
|
||||||
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
# Figure out which flags we want to use.
|
# Figure out which flags we want to use.
|
||||||
@ -482,6 +477,30 @@ export LD_LIBRARY_PATH
|
|||||||
%postun libs -p /sbin/ldconfig
|
%postun libs -p /sbin/ldconfig
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Jul 20 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-11
|
||||||
|
- Further changes for SP 800-56A rev3 requirements
|
||||||
|
|
||||||
|
* Tue Jun 23 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-9
|
||||||
|
- Rewire FIPS_drbg API to use the RAND_DRBG
|
||||||
|
- Use the well known DH groups in TLS even for 2048 and 1024 bit parameters
|
||||||
|
|
||||||
|
* Mon Jun 8 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-7
|
||||||
|
- Disallow dropping Extended Master Secret extension
|
||||||
|
on renegotiation
|
||||||
|
- Return alert from s_server if ALPN protocol does not match
|
||||||
|
- SHA1 is allowed in @SECLEVEL=2 only if allowed by
|
||||||
|
TLS SigAlgs configuration
|
||||||
|
|
||||||
|
* Wed Jun 3 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-6
|
||||||
|
- Add FIPS selftest for PBKDF2 and KBKDF
|
||||||
|
|
||||||
|
* Wed May 27 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-5
|
||||||
|
- Allow only well known DH groups in the FIPS mode
|
||||||
|
|
||||||
|
* Mon May 18 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1g-1
|
||||||
|
- update to the 1.1.1g release
|
||||||
|
- FIPS module installed state definition is modified
|
||||||
|
|
||||||
* Thu Mar 5 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-15
|
* Thu Mar 5 2020 Tomáš Mráz <tmraz@redhat.com> 1.1.1c-15
|
||||||
- add selftest of the RAND_DRBG implementation
|
- add selftest of the RAND_DRBG implementation
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user