From 810fd50914df22a25136b2fcb9df4d3dcb6785cb Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Wed, 21 Jul 2021 10:25:05 +0000 Subject: [PATCH] import openssl-1.1.1k-4.el8 --- ...enssl-1.1.1-cleanup-peer-point-reneg.patch | 36 ++ .../openssl-1.1.1-detected-addr-ipv6.patch | 34 ++ SOURCES/openssl-1.1.1-fips.patch | 121 +++-- SOURCES/openssl-1.1.1-s390x-aes-tests.patch | 497 ++++++++++++++++++ SOURCES/openssl-1.1.1-s390x-aes.patch | 381 ++++++++++++++ SOURCES/openssl-1.1.1-servername-cb.patch | 108 ++++ SPECS/openssl.spec | 34 +- 7 files changed, 1160 insertions(+), 51 deletions(-) create mode 100644 SOURCES/openssl-1.1.1-cleanup-peer-point-reneg.patch create mode 100644 SOURCES/openssl-1.1.1-detected-addr-ipv6.patch create mode 100644 SOURCES/openssl-1.1.1-s390x-aes-tests.patch create mode 100644 SOURCES/openssl-1.1.1-s390x-aes.patch create mode 100644 SOURCES/openssl-1.1.1-servername-cb.patch diff --git a/SOURCES/openssl-1.1.1-cleanup-peer-point-reneg.patch b/SOURCES/openssl-1.1.1-cleanup-peer-point-reneg.patch new file mode 100644 index 0000000..8ea99e0 --- /dev/null +++ b/SOURCES/openssl-1.1.1-cleanup-peer-point-reneg.patch @@ -0,0 +1,36 @@ +diff -up openssl-1.1.1k/ssl/statem/extensions.c.cleanup-reneg openssl-1.1.1k/ssl/statem/extensions.c +--- openssl-1.1.1k/ssl/statem/extensions.c.cleanup-reneg 2021-03-25 14:28:38.000000000 +0100 ++++ openssl-1.1.1k/ssl/statem/extensions.c 2021-06-24 16:16:19.526181743 +0200 +@@ -42,6 +42,7 @@ static int tls_parse_certificate_authori + #ifndef OPENSSL_NO_SRP + static int init_srp(SSL *s, unsigned int context); + #endif ++static int init_ec_point_formats(SSL *s, unsigned int context); + static int init_etm(SSL *s, unsigned int context); + static int init_ems(SSL *s, unsigned int context); + static int final_ems(SSL *s, unsigned int context, int sent); +@@ -158,7 +159,7 @@ static const EXTENSION_DEFINITION ext_de + TLSEXT_TYPE_ec_point_formats, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_2_AND_BELOW_ONLY, +- NULL, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats, ++ init_ec_point_formats, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats, + tls_construct_stoc_ec_pt_formats, tls_construct_ctos_ec_pt_formats, + final_ec_pt_formats + }, +@@ -1164,6 +1165,15 @@ static int init_srp(SSL *s, unsigned int + } + #endif + ++static int init_ec_point_formats(SSL *s, unsigned int context) ++{ ++ OPENSSL_free(s->ext.peer_ecpointformats); ++ s->ext.peer_ecpointformats = NULL; ++ s->ext.peer_ecpointformats_len = 0; ++ ++ return 1; ++} ++ + static int init_etm(SSL *s, unsigned int context) + { + s->ext.use_etm = 0; diff --git a/SOURCES/openssl-1.1.1-detected-addr-ipv6.patch b/SOURCES/openssl-1.1.1-detected-addr-ipv6.patch new file mode 100644 index 0000000..d477e5d --- /dev/null +++ b/SOURCES/openssl-1.1.1-detected-addr-ipv6.patch @@ -0,0 +1,34 @@ +diff -up openssl-1.1.1k/apps/s_socket.c.addr-ipv6 openssl-1.1.1k/apps/s_socket.c +--- openssl-1.1.1k/apps/s_socket.c.addr-ipv6 2021-07-16 15:14:08.491986682 +0200 ++++ openssl-1.1.1k/apps/s_socket.c 2021-07-16 15:23:21.271329197 +0200 +@@ -214,6 +214,8 @@ int do_server(int *accept_sock, const ch + const BIO_ADDRINFO *next; + int sock_family, sock_type, sock_protocol, sock_port; + const BIO_ADDR *sock_address; ++ int sock_family_fallback = AF_UNSPEC; ++ const BIO_ADDR *sock_address_fallback = NULL; + int sock_options = BIO_SOCK_REUSEADDR; + int ret = 0; + +@@ -244,6 +246,10 @@ int do_server(int *accept_sock, const ch + && BIO_ADDRINFO_protocol(next) == sock_protocol) { + if (sock_family == AF_INET + && BIO_ADDRINFO_family(next) == AF_INET6) { ++ /* In case AF_INET6 is returned but not supported by the ++ * kernel, retry with the first detected address family */ ++ sock_family_fallback = sock_family; ++ sock_address_fallback = sock_address; + sock_family = AF_INET6; + sock_address = BIO_ADDRINFO_address(next); + } else if (sock_family == AF_INET6 +@@ -253,6 +259,10 @@ int do_server(int *accept_sock, const ch + } + + asock = BIO_socket(sock_family, sock_type, sock_protocol, 0); ++ if (asock == INVALID_SOCKET && sock_family_fallback != AF_UNSPEC) { ++ asock = BIO_socket(sock_family_fallback, sock_type, sock_protocol, 0); ++ sock_address = sock_address_fallback; ++ } + if (asock == INVALID_SOCKET + || !BIO_listen(asock, sock_address, sock_options)) { + BIO_ADDRINFO_free(res); diff --git a/SOURCES/openssl-1.1.1-fips.patch b/SOURCES/openssl-1.1.1-fips.patch index bf2be28..6ab63f1 100644 --- a/SOURCES/openssl-1.1.1-fips.patch +++ b/SOURCES/openssl-1.1.1-fips.patch @@ -2284,7 +2284,7 @@ diff -up openssl-1.1.1j/crypto/fips/fips.c.fips openssl-1.1.1j/crypto/fips/fips. diff -up openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c --- openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c.fips 2021-03-03 12:57:42.199734525 +0100 +++ openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c 2021-03-03 12:57:42.199734525 +0100 -@@ -0,0 +1,156 @@ +@@ -0,0 +1,161 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. + * @@ -2404,6 +2404,11 @@ diff -up openssl-1.1.1j/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1j/cry + const CMAC_KAT *t; + int rv = 1; + ++ if (ctx == NULL) { ++ rv = -1; ++ goto err; ++ } ++ + for (n = 0, t = vector; n < sizeof(vector) / sizeof(vector[0]); n++, t++) { + cipher = EVP_get_cipherbynid(t->nid); + if (!cipher) { @@ -2551,7 +2556,7 @@ diff -up openssl-1.1.1j/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1j/cryp diff -up openssl-1.1.1j/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1j/crypto/fips/fips_dh_selftest.c --- openssl-1.1.1j/crypto/fips/fips_dh_selftest.c.fips 2021-03-03 12:57:42.199734525 +0100 +++ openssl-1.1.1j/crypto/fips/fips_dh_selftest.c 2021-03-03 12:57:42.199734525 +0100 -@@ -0,0 +1,180 @@ +@@ -0,0 +1,196 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. + * Copyright (c) 2013 Red Hat, Inc. @@ -2613,64 +2618,80 @@ diff -up openssl-1.1.1j/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1j/crypt + +#ifdef OPENSSL_FIPS + -+static const unsigned char dh_test_2048_p[] = { -+ 0xAE, 0xEC, 0xEE, 0x22, 0xFA, 0x3A, 0xA5, 0x22, 0xC0, 0xDE, 0x0F, 0x09, -+ 0x7E, 0x17, 0xC0, 0x05, 0xF9, 0xF1, 0xE7, 0xC6, 0x87, 0x14, 0x6D, 0x11, -+ 0xE7, 0xAE, 0xED, 0x2F, 0x72, 0x59, 0xC5, 0xA9, 0x9B, 0xB8, 0x02, 0xA5, -+ 0xF3, 0x69, 0x70, 0xD6, 0xDD, 0x90, 0xF9, 0x19, 0x79, 0xBE, 0x60, 0x8F, -+ 0x25, 0x92, 0x30, 0x1C, 0x51, 0x51, 0x38, 0x26, 0x82, 0x25, 0xE6, 0xFC, -+ 0xED, 0x65, 0x96, 0x8F, 0x57, 0xE5, 0x53, 0x8B, 0x38, 0x63, 0xC7, 0xCE, -+ 0xBC, 0x1B, 0x4D, 0x18, 0x2A, 0x5B, 0x04, 0x3F, 0x6A, 0x3C, 0x94, 0x39, -+ 0xAE, 0x36, 0xD6, 0x5E, 0x0F, 0xA2, 0xCC, 0xD0, 0xD4, 0xD5, 0xC6, 0x1E, -+ 0xF6, 0xA0, 0xF5, 0x89, 0x4E, 0xB4, 0x0B, 0xA4, 0xB3, 0x2B, 0x3D, 0xE2, -+ 0x4E, 0xE1, 0x49, 0x25, 0x99, 0x5F, 0x32, 0x16, 0x33, 0x32, 0x1B, 0x7A, -+ 0xA5, 0x5C, 0x6B, 0x34, 0x0D, 0x39, 0x99, 0xDC, 0xF0, 0x76, 0xE5, 0x5A, -+ 0xD4, 0x71, 0x00, 0xED, 0x5A, 0x73, 0xFB, 0xC8, 0x01, 0xAD, 0x99, 0xCF, -+ 0x99, 0x52, 0x7C, 0x9C, 0x64, 0xC6, 0x76, 0x40, 0x57, 0xAF, 0x59, 0xD7, -+ 0x38, 0x0B, 0x40, 0xDE, 0x33, 0x0D, 0xB8, 0x76, 0xEC, 0xA9, 0xD8, 0x73, -+ 0xF8, 0xEF, 0x26, 0x66, 0x06, 0x27, 0xDD, 0x7C, 0xA4, 0x10, 0x9C, 0xA6, -+ 0xAA, 0xF9, 0x53, 0x62, 0x73, 0x1D, 0xBA, 0x1C, 0xF1, 0x67, 0xF4, 0x35, -+ 0xED, 0x6F, 0x37, 0x92, 0xE8, 0x4F, 0x6C, 0xBA, 0x52, 0x6E, 0xA1, 0xED, -+ 0xDA, 0x9F, 0x85, 0x11, 0x82, 0x52, 0x62, 0x08, 0x44, 0xF1, 0x30, 0x03, -+ 0xC3, 0x38, 0x2C, 0x79, 0xBD, 0xD4, 0x43, 0x45, 0xEE, 0x8E, 0x50, 0xFC, -+ 0x29, 0x46, 0x9A, 0xFE, 0x54, 0x1A, 0x19, 0x8F, 0x4B, 0x84, 0x08, 0xDE, -+ 0x20, 0x62, 0x73, 0xCC, 0xDD, 0x7E, 0xF0, 0xEF, 0xA2, 0xFD, 0x86, 0x58, -+ 0x4B, 0xD8, 0x37, 0xEB ++static unsigned char dh_test_2048_p[] = { ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xAD, 0xF8, ++ 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, 0xAF, 0xDC, 0x56, 0x20, ++ 0x27, 0x3D, 0x3C, 0xF1, 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, ++ 0x36, 0x95, 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, ++ 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 0x7D, 0x2F, ++ 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, 0xF6, 0x81, 0xB2, 0x02, ++ 0xAE, 0xC4, 0x61, 0x7A, 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, ++ 0x65, 0x61, 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, ++ 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, 0xB5, 0x57, ++ 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, 0x98, 0x4F, 0x0C, 0x70, ++ 0xE0, 0xE6, 0x8B, 0x77, 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, ++ 0xE8, 0x72, 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, ++ 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, 0xBC, 0x0A, ++ 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, 0xD1, 0x08, 0xA9, 0x4B, ++ 0xB2, 0xC8, 0xE3, 0xFB, 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, ++ 0xF4, 0x68, 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, ++ 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 0x0B, 0x07, ++ 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, 0x9E, 0x02, 0xFC, 0xE1, ++ 0xCD, 0xF7, 0xE2, 0xEC, 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, ++ 0x2F, 0x61, 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, ++ 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, 0xC3, 0xFE, ++ 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 0x3B, 0xB5, 0xFC, 0xBC, ++ 0x2E, 0xC2, 0x20, 0x05, 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, ++ 0x83, 0xB2, 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, ++ 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, 0xFF, 0xFF, ++ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +}; + ++ +static const unsigned char dh_test_2048_g[] = { + 0x02 +}; + +static const unsigned char dh_test_2048_pub_key[] = { -+ 0xA0, 0x39, 0x11, 0x77, 0x9A, 0xC1, 0x30, 0x1F, 0xBE, 0x48, 0xA7, 0xAA, -+ 0xA0, 0x84, 0x54, 0x64, 0xAD, 0x1B, 0x70, 0xFA, 0x13, 0x55, 0x63, 0xD2, -+ 0x1F, 0x62, 0x32, 0x93, 0x8E, 0xC9, 0x3E, 0x09, 0xA7, 0x64, 0xE4, 0x12, -+ 0x6E, 0x1B, 0xF2, 0x92, 0x3B, 0xB9, 0xCB, 0x56, 0xEA, 0x07, 0x88, 0xB5, -+ 0xA6, 0xBC, 0x16, 0x1F, 0x27, 0xFE, 0xD8, 0xAA, 0x40, 0xB2, 0xB0, 0x2D, -+ 0x37, 0x76, 0xA6, 0xA4, 0x82, 0x2C, 0x0E, 0x22, 0x64, 0x9D, 0xCB, 0xD1, -+ 0x00, 0xB7, 0x89, 0x14, 0x72, 0x4E, 0xBE, 0x48, 0x41, 0xF8, 0xB2, 0x51, -+ 0x11, 0x09, 0x4B, 0x22, 0x01, 0x23, 0x39, 0x96, 0xE0, 0x15, 0xD7, 0x9F, -+ 0x60, 0xD1, 0xB7, 0xAE, 0xFE, 0x5F, 0xDB, 0xE7, 0x03, 0x17, 0x97, 0xA6, -+ 0x16, 0x74, 0xBD, 0x53, 0x81, 0x19, 0xC5, 0x47, 0x5E, 0xCE, 0x8D, 0xED, -+ 0x45, 0x5D, 0x3C, 0x00, 0xA0, 0x0A, 0x68, 0x6A, 0xE0, 0x8E, 0x06, 0x46, -+ 0x6F, 0xD7, 0xF9, 0xDF, 0x31, 0x7E, 0x77, 0x44, 0x0D, 0x98, 0xE0, 0xCA, -+ 0x98, 0x09, 0x52, 0x04, 0x90, 0xEA, 0x6D, 0xF4, 0x30, 0x69, 0x8F, 0xB1, -+ 0x9B, 0xC1, 0x43, 0xDB, 0xD5, 0x8D, 0xC8, 0x8E, 0xB6, 0x0B, 0x05, 0xBE, -+ 0x0E, 0xC5, 0x99, 0xC8, 0x6E, 0x4E, 0xF3, 0xCB, 0xC3, 0x5E, 0x9B, 0x53, -+ 0xF7, 0x06, 0x1C, 0x4F, 0xC7, 0xB8, 0x6E, 0x30, 0x18, 0xCA, 0x9B, 0xB9, -+ 0xBC, 0x5F, 0x17, 0x72, 0x29, 0x5A, 0xE5, 0xD9, 0x96, 0xB7, 0x0B, 0xF3, -+ 0x2D, 0x8C, 0xF1, 0xE1, 0x0E, 0x0D, 0x74, 0xD5, 0x9D, 0xF0, 0x06, 0xA9, -+ 0xB4, 0x95, 0x63, 0x76, 0x46, 0x55, 0x48, 0x82, 0x39, 0x90, 0xEF, 0x56, -+ 0x75, 0x34, 0xB8, 0x34, 0xC3, 0x18, 0x6E, 0x1E, 0xAD, 0xE3, 0x48, 0x7E, -+ 0x93, 0x2C, 0x23, 0xE7, 0xF8, 0x90, 0x73, 0xB1, 0x77, 0x80, 0x67, 0xA9, -+ 0x36, 0x9E, 0xDA, 0xD2 ++0x89, 0x25, 0x56, 0x5f, 0x4e, 0x17, 0x00, 0xa4, 0x32, 0x83, 0x71, 0x70, 0x87, 0xd7, ++0x14, 0x1d, 0x6d, 0xde, 0x0d, 0x44, 0x33, 0x8d, 0x6d, 0xb4, 0xa9, 0x2c, 0xf8, 0x3c, 0x21, ++0x41, 0xb4, 0x64, 0x70, 0x10, 0x85, 0x11, 0x28, 0x82, 0xd8, 0x9f, 0x4a, 0x51, 0xb8, 0x3e, ++0x06, 0x60, 0xdd, 0x28, 0x3b, 0x24, 0xf2, 0xba, 0x69, 0xee, 0x52, 0x64, 0x31, 0x98, 0x31, ++0x5a, 0x54, 0xdb, 0xd9, 0x44, 0x44, 0x91, 0x49, 0xfd, 0x6b, 0x69, 0x58, 0x06, 0x1c, 0x52, ++0xa9, 0x4f, 0xca, 0x3f, 0xdb, 0xcf, 0x3a, 0xff, 0xda, 0xea, 0x85, 0xdf, 0x49, 0x64, 0x7b, ++0xfe, 0xdb, 0x60, 0x60, 0xfd, 0x47, 0xb0, 0xef, 0xc3, 0x2d, 0x36, 0x70, 0x19, 0x35, 0xf9, ++0xc7, 0x10, 0xf6, 0xe2, 0xbc, 0x20, 0xa3, 0x13, 0x8d, 0x61, 0xee, 0x56, 0x64, 0x29, 0xb4, ++0xab, 0xca, 0x41, 0xc1, 0xd7, 0x76, 0x7e, 0xcd, 0x9d, 0x67, 0x39, 0xb4, 0x57, 0x0c, 0xb2, ++0x42, 0x07, 0xe8, 0x8a, 0x21, 0x47, 0x3d, 0xa2, 0x3a, 0x97, 0xf1, 0xc9, 0x4e, 0x67, 0xaf, ++0x7f, 0x74, 0x34, 0x60, 0xf4, 0xcf, 0xe4, 0x66, 0x1e, 0xb4, 0x95, 0xaf, 0x66, 0x97, 0x44, ++0xdf, 0x70, 0xb5, 0x08, 0xc7, 0x4d, 0x66, 0x1f, 0x95, 0x6b, 0x7b, 0x93, 0xe2, 0x31, 0x9f, ++0x69, 0xe9, 0x56, 0xaa, 0xac, 0xf1, 0x52, 0x25, 0xb7, 0x67, 0x94, 0xaf, 0x1c, 0x65, 0x8f, ++0xca, 0x7a, 0xf6, 0x68, 0x60, 0xc9, 0x54, 0xd4, 0x9a, 0x51, 0x6e, 0x18, 0x64, 0xb9, 0x5d, ++0xed, 0xe4, 0x23, 0x68, 0xf3, 0x01, 0x6b, 0xf5, 0xd4, 0xd1, 0x83, 0x81, 0x33, 0xe5, 0x55, ++0x5a, 0x28, 0x60, 0xfb, 0xa1, 0x21, 0xf9, 0x2b, 0x60, 0xa5, 0x2c, 0x30, 0x07, 0x8c, 0x04, ++0x5b, 0xdb, 0xca, 0x6e, 0x1f, 0x81, 0x6d, 0x33, 0x35, 0x04, 0x70, 0x9e, 0x7f, 0x3c, 0xba, ++0x77, 0xc6 +}; + +static const unsigned char dh_test_2048_priv_key[] = { -+ 0x0C, 0x4B, 0x30, 0x89, 0xD1, 0xB8, 0x62, 0xCB, 0x3C, 0x43, 0x64, 0x91, -+ 0xF0, 0x91, 0x54, 0x70, 0xC5, 0x27, 0x96, 0xE3, 0xAC, 0xBE, 0xE8, 0x00, -+ 0xEC, 0x55, 0xF6, 0xCC ++0x6d, 0x76, 0xeb, 0xc3, 0x39, 0xcd, 0xf7, 0x22, 0xb1, 0x63, 0xb5, 0x06, 0xb4, 0xa5, 0xdf, ++0x9d, 0x1d, 0xcf, 0x22, 0x59, 0xe3, 0x38, 0x5b, 0xb5, 0x4f, 0xbb, 0x82, 0xf4, 0x4d, 0xd0, ++0x9e, 0x2e, 0x91, 0x2c, 0x05, 0xfb, 0x5c, 0x4a, 0x9f, 0x81, 0x93, 0x4f, 0x93, 0x92, 0x0b, ++0xaa, 0xcd, 0x47, 0x78, 0x16, 0xcb, 0xe2, 0x11, 0x92, 0x18, 0x6a, 0x6a, 0xc9, 0x59, 0x22, ++0xb0, 0x2a, 0x61, 0x6b, 0xa7, 0xee, 0xcb, 0x00, 0x30, 0x43, 0xe9, 0x6e, 0xa0, 0x42, 0x3f, ++0xf0, 0xda, 0xda, 0xd1, 0x77, 0x1b, 0x71, 0x81, 0x60, 0x30, 0x03, 0xcb, 0x6d, 0xd7, 0xdf, ++0xc5, 0x79, 0x79, 0xad, 0x31, 0x33, 0x4a, 0xc7, 0xd3, 0xf4, 0x4a, 0x9e, 0xa8, 0xfd, 0x29, ++0xb0, 0xb6, 0x63, 0x3e, 0x1f, 0x75, 0x3e, 0x8b, 0x83, 0xbf, 0xa0, 0xb2, 0x61, 0x37, 0x8e, ++0xe5, 0x1a, 0xd6, 0xdc, 0xed, 0xf8, 0x71, 0xb5, 0x94, 0x08, 0x26, 0xc0, 0xa8, 0x50, 0xa4, ++0x7c, 0x04, 0xdc, 0x72, 0x95, 0xbf, 0xf0, 0x68, 0x62, 0xeb, 0x8c, 0x0a, 0x14, 0xc8, 0xad, ++0x81, 0x18, 0x52, 0x76, 0x94, 0xb2, 0xae, 0x51, 0xaa, 0xb1, 0x6c, 0xcd, 0xfa, 0x49, 0x2d, ++0x2a, 0x0d, 0x64, 0x9f, 0x51, 0x28, 0xd4, 0x41, 0xf1, 0xd2, 0x1b, 0xd5, 0xda, 0x82, 0x21, ++0x31, 0x94, 0xc4, 0x1e, 0xdc, 0x86, 0xf4, 0x47, 0xee, 0xab, 0x3e, 0x08, 0x8d, 0x51, 0xd9, ++0xbe, 0xec, 0x1e, 0x23, 0x30, 0x9c, 0xe9, 0xc1, 0x46, 0x8a, 0x2b, 0xa3, 0x11, 0x18, 0x94, ++0x2d, 0x6e, 0x92, 0xb6, 0x50, 0x9d, 0x8e, 0x8c, 0xcb, 0x78, 0x5a, 0x84, 0xca, 0xbf, 0x6d, ++0x83, 0x71, 0xa0, 0xe0, 0x19, 0x5a, 0x58, 0x37, 0x4c, 0x0e, 0x29, 0x62, 0x66, 0xb8, 0x25, ++0x30, 0x36, 0x6a, 0xe7, 0x06, 0x2d, 0xfd, 0xa3, 0x9b, 0xb8, 0xd7, 0x4b, 0xca, 0x82, 0xdb, ++0xcb +}; + +int FIPS_selftest_dh() diff --git a/SOURCES/openssl-1.1.1-s390x-aes-tests.patch b/SOURCES/openssl-1.1.1-s390x-aes-tests.patch new file mode 100644 index 0000000..f461566 --- /dev/null +++ b/SOURCES/openssl-1.1.1-s390x-aes-tests.patch @@ -0,0 +1,497 @@ +diff -up openssl-1.1.1k/test/evp_extra_test.c.s390x-test-aes openssl-1.1.1k/test/evp_extra_test.c +--- openssl-1.1.1k/test/evp_extra_test.c.s390x-test-aes 2021-07-16 17:33:04.663181698 +0200 ++++ openssl-1.1.1k/test/evp_extra_test.c 2021-07-16 17:49:27.780439742 +0200 +@@ -320,6 +320,97 @@ static const unsigned char pExampleECPar + }; + #endif + ++static const unsigned char kCFBDefaultKey[] = { ++ 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, 0xAB, 0xF7, 0x15, 0x88, ++ 0x09, 0xCF, 0x4F, 0x3C ++}; ++ ++static const unsigned char kGCMDefaultKey[32] = { 0 }; ++ ++static const unsigned char kGCMResetKey[] = { ++ 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, ++ 0x67, 0x30, 0x83, 0x08, 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, ++ 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 ++}; ++ ++static const unsigned char iCFBIV[] = { ++ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, ++ 0x0C, 0x0D, 0x0E, 0x0F ++}; ++ ++static const unsigned char iGCMDefaultIV[12] = { 0 }; ++ ++static const unsigned char iGCMResetIV1[] = { ++ 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad ++}; ++ ++static const unsigned char iGCMResetIV2[] = { ++ 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88 ++}; ++ ++static const unsigned char cfbPlaintext[] = { ++ 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, 0xE9, 0x3D, 0x7E, 0x11, ++ 0x73, 0x93, 0x17, 0x2A ++}; ++ ++static const unsigned char gcmDefaultPlaintext[16] = { 0 }; ++ ++static const unsigned char gcmResetPlaintext[] = { ++ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5, ++ 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, ++ 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95, ++ 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, ++ 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39 ++}; ++ ++static const unsigned char cfbCiphertext[] = { ++ 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20, 0x33, 0x34, 0x49, 0xF8, ++ 0xE8, 0x3C, 0xFB, 0x4A ++}; ++ ++static const unsigned char gcmDefaultCiphertext[] = { ++ 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e, 0x07, 0x4e, 0xc5, 0xd3, ++ 0xba, 0xf3, 0x9d, 0x18 ++}; ++ ++static const unsigned char gcmResetCiphertext1[] = { ++ 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32, 0xae, 0x47, 0xc1, 0x3b, ++ 0xf1, 0x98, 0x44, 0xcb, 0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa, ++ 0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0, 0xfe, 0xb5, 0x82, 0xd3, ++ 0x39, 0x34, 0xa4, 0xf0, 0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78, ++ 0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99, 0xf4, 0x7c, 0x9b, 0x1f ++}; ++ ++static const unsigned char gcmResetCiphertext2[] = { ++ 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, 0xf4, 0x7f, 0x37, 0xa3, ++ 0x2a, 0x84, 0x42, 0x7d, 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, ++ 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, 0x8c, 0xb0, 0x8e, 0x48, ++ 0x59, 0x0d, 0xbb, 0x3d, 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, ++ 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, 0xbc, 0xc9, 0xf6, 0x62 ++}; ++ ++static const unsigned char gcmAAD[] = { ++ 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xfa, 0xce, ++ 0xde, 0xad, 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2 ++}; ++ ++static const unsigned char gcmDefaultTag[] = { ++ 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0, 0x26, 0x5b, 0x98, 0xb5, ++ 0xd4, 0x8a, 0xb9, 0x19 ++}; ++ ++static const unsigned char gcmResetTag1[] = { ++ 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4, 0x5e, 0x45, 0x49, 0x13, ++ 0xfe, 0x2e, 0xa8, 0xf2 ++}; ++ ++static const unsigned char gcmResetTag2[] = { ++ 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68, 0xcd, 0xdf, 0x88, 0x53, ++ 0xbb, 0x2d, 0x55, 0x1b ++}; ++ ++ ++ + typedef struct APK_DATA_st { + const unsigned char *kder; + size_t size; +@@ -330,6 +421,385 @@ typedef struct APK_DATA_st { + int type; /* 0 for private, 1 for public, 2 for params */ + } APK_DATA; + ++typedef struct { ++ const char *cipher; ++ const unsigned char *key; ++ const unsigned char *iv; ++ const unsigned char *input; ++ const unsigned char *expected; ++ const unsigned char *tag; ++ size_t ivlen; /* 0 if we do not need to set a specific IV len */ ++ size_t inlen; ++ size_t expectedlen; ++ size_t taglen; ++ int keyfirst; ++ int initenc; ++ int finalenc; ++} EVP_INIT_TEST_st; ++ ++static const EVP_INIT_TEST_st evp_init_tests[] = { ++ { ++ "aes-128-cfb", kCFBDefaultKey, iCFBIV, cfbPlaintext, ++ cfbCiphertext, NULL, 0, sizeof(cfbPlaintext), sizeof(cfbCiphertext), ++ 0, 1, 0, 1 ++ }, ++ { ++ "aes-256-gcm", kGCMDefaultKey, iGCMDefaultIV, gcmDefaultPlaintext, ++ gcmDefaultCiphertext, gcmDefaultTag, sizeof(iGCMDefaultIV), ++ sizeof(gcmDefaultPlaintext), sizeof(gcmDefaultCiphertext), ++ sizeof(gcmDefaultTag), 1, 0, 1 ++ }, ++ { ++ "aes-128-cfb", kCFBDefaultKey, iCFBIV, cfbPlaintext, ++ cfbCiphertext, NULL, 0, sizeof(cfbPlaintext), sizeof(cfbCiphertext), ++ 0, 0, 0, 1 ++ }, ++ { ++ "aes-256-gcm", kGCMDefaultKey, iGCMDefaultIV, gcmDefaultPlaintext, ++ gcmDefaultCiphertext, gcmDefaultTag, sizeof(iGCMDefaultIV), ++ sizeof(gcmDefaultPlaintext), sizeof(gcmDefaultCiphertext), ++ sizeof(gcmDefaultTag), 0, 0, 1 ++ }, ++ { ++ "aes-128-cfb", kCFBDefaultKey, iCFBIV, cfbCiphertext, ++ cfbPlaintext, NULL, 0, sizeof(cfbCiphertext), sizeof(cfbPlaintext), ++ 0, 1, 1, 0 ++ }, ++ { ++ "aes-256-gcm", kGCMDefaultKey, iGCMDefaultIV, gcmDefaultCiphertext, ++ gcmDefaultPlaintext, gcmDefaultTag, sizeof(iGCMDefaultIV), ++ sizeof(gcmDefaultCiphertext), sizeof(gcmDefaultPlaintext), ++ sizeof(gcmDefaultTag), 1, 1, 0 ++ }, ++ { ++ "aes-128-cfb", kCFBDefaultKey, iCFBIV, cfbCiphertext, ++ cfbPlaintext, NULL, 0, sizeof(cfbCiphertext), sizeof(cfbPlaintext), ++ 0, 0, 1, 0 ++ }, ++ { ++ "aes-256-gcm", kGCMDefaultKey, iGCMDefaultIV, gcmDefaultCiphertext, ++ gcmDefaultPlaintext, gcmDefaultTag, sizeof(iGCMDefaultIV), ++ sizeof(gcmDefaultCiphertext), sizeof(gcmDefaultPlaintext), ++ sizeof(gcmDefaultTag), 0, 1, 0 ++ } ++}; ++ ++static int evp_init_seq_set_iv(EVP_CIPHER_CTX *ctx, const EVP_INIT_TEST_st *t) ++{ ++ int res = 0; ++ ++ if (t->ivlen != 0) { ++ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, t->ivlen, NULL))) ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, NULL, t->iv, -1))) ++ goto err; ++ res = 1; ++ err: ++ return res; ++} ++ ++/* ++ * Test step-wise cipher initialization via EVP_CipherInit_ex where the ++ * arguments are given one at a time and a final adjustment to the enc ++ * parameter sets the correct operation. ++ */ ++static int test_evp_init_seq(int idx) ++{ ++ int outlen1, outlen2; ++ int testresult = 0; ++ unsigned char outbuf[1024]; ++ unsigned char tag[16]; ++ const EVP_INIT_TEST_st *t = &evp_init_tests[idx]; ++ EVP_CIPHER_CTX *ctx = NULL; ++ const EVP_CIPHER *type = NULL; ++ size_t taglen = sizeof(tag); ++ char *errmsg = NULL; ++ ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) { ++ errmsg = "CTX_ALLOC"; ++ goto err; ++ } ++ if (!TEST_ptr(type = EVP_get_cipherbyname(t->cipher))) { ++ errmsg = "GET_CIPHERBYNAME"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherInit_ex(ctx, type, NULL, NULL, NULL, t->initenc))) { ++ errmsg = "EMPTY_ENC_INIT"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0))) { ++ errmsg = "PADDING"; ++ goto err; ++ } ++ if (t->keyfirst && !TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, t->key, NULL, -1))) { ++ errmsg = "KEY_INIT (before iv)"; ++ goto err; ++ } ++ if (!evp_init_seq_set_iv(ctx, t)) { ++ errmsg = "IV_INIT"; ++ goto err; ++ } ++ if (t->keyfirst == 0 && !TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, t->key, NULL, -1))) { ++ errmsg = "KEY_INIT (after iv)"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, t->finalenc))) { ++ errmsg = "FINAL_ENC_INIT"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherUpdate(ctx, outbuf, &outlen1, t->input, t->inlen))) { ++ errmsg = "CIPHER_UPDATE"; ++ goto err; ++ } ++ if (t->finalenc == 0 && t->tag != NULL) { ++ /* Set expected tag */ ++ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, ++ t->taglen, (void *)t->tag))) { ++ errmsg = "SET_TAG"; ++ goto err; ++ } ++ } ++ if (!TEST_true(EVP_CipherFinal_ex(ctx, outbuf + outlen1, &outlen2))) { ++ errmsg = "CIPHER_FINAL"; ++ goto err; ++ } ++ if (!TEST_mem_eq(t->expected, t->expectedlen, outbuf, outlen1 + outlen2)) { ++ errmsg = "WRONG_RESULT"; ++ goto err; ++ } ++ if (t->finalenc != 0 && t->tag != NULL) { ++ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag))) { ++ errmsg = "GET_TAG"; ++ goto err; ++ } ++ if (!TEST_mem_eq(t->tag, t->taglen, tag, taglen)) { ++ errmsg = "TAG_ERROR"; ++ goto err; ++ } ++ } ++ testresult = 1; ++ err: ++ if (errmsg != NULL) ++ TEST_info("evp_init_test %d: %s", idx, errmsg); ++ EVP_CIPHER_CTX_free(ctx); ++ return testresult; ++} ++ ++typedef struct { ++ const unsigned char *input; ++ const unsigned char *expected; ++ size_t inlen; ++ size_t expectedlen; ++ int enc; ++} EVP_RESET_TEST_st; ++ ++static const EVP_RESET_TEST_st evp_reset_tests[] = { ++ { ++ cfbPlaintext, cfbCiphertext, ++ sizeof(cfbPlaintext), sizeof(cfbCiphertext), 1 ++ }, ++ { ++ cfbCiphertext, cfbPlaintext, ++ sizeof(cfbCiphertext), sizeof(cfbPlaintext), 0 ++ } ++}; ++ ++/* ++ * Test a reset of a cipher via EVP_CipherInit_ex after the cipher has already ++ * been used. ++ */ ++static int test_evp_reset(int idx) ++{ ++ const EVP_RESET_TEST_st *t = &evp_reset_tests[idx]; ++ int outlen1, outlen2; ++ int testresult = 0; ++ unsigned char outbuf[1024]; ++ EVP_CIPHER_CTX *ctx = NULL; ++ const EVP_CIPHER *type = NULL; ++ char *errmsg = NULL; ++ ++ if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())) { ++ errmsg = "CTX_ALLOC"; ++ goto err; ++ } ++ if (!TEST_ptr(type = EVP_get_cipherbyname("aes-128-cfb"))) { ++ errmsg = "GET_CIPHERBYNAME"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherInit_ex(ctx, type, NULL, kCFBDefaultKey, iCFBIV, t->enc))) { ++ errmsg = "CIPHER_INIT"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0))) { ++ errmsg = "PADDING"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherUpdate(ctx, outbuf, &outlen1, t->input, t->inlen))) { ++ errmsg = "CIPHER_UPDATE"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherFinal_ex(ctx, outbuf + outlen1, &outlen2))) { ++ errmsg = "CIPHER_FINAL"; ++ goto err; ++ } ++ if (!TEST_mem_eq(t->expected, t->expectedlen, outbuf, outlen1 + outlen2)) { ++ errmsg = "WRONG_RESULT"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, -1))) { ++ errmsg = "CIPHER_REINIT"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherUpdate(ctx, outbuf, &outlen1, t->input, t->inlen))) { ++ errmsg = "CIPHER_UPDATE (reinit)"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherFinal_ex(ctx, outbuf + outlen1, &outlen2))) { ++ errmsg = "CIPHER_FINAL (reinit)"; ++ goto err; ++ } ++ if (!TEST_mem_eq(t->expected, t->expectedlen, outbuf, outlen1 + outlen2)) { ++ errmsg = "WRONG_RESULT (reinit)"; ++ goto err; ++ } ++ testresult = 1; ++ err: ++ if (errmsg != NULL) ++ TEST_info("test_evp_reset %d: %s", idx, errmsg); ++ EVP_CIPHER_CTX_free(ctx); ++ return testresult; ++} ++ ++typedef struct { ++ const unsigned char *iv1; ++ const unsigned char *iv2; ++ const unsigned char *expected1; ++ const unsigned char *expected2; ++ const unsigned char *tag1; ++ const unsigned char *tag2; ++ size_t ivlen1; ++ size_t ivlen2; ++ size_t expectedlen1; ++ size_t expectedlen2; ++} TEST_GCM_IV_REINIT_st; ++ ++static const TEST_GCM_IV_REINIT_st gcm_reinit_tests[] = { ++ { ++ iGCMResetIV1, iGCMResetIV2, gcmResetCiphertext1, gcmResetCiphertext2, ++ gcmResetTag1, gcmResetTag2, sizeof(iGCMResetIV1), sizeof(iGCMResetIV2), ++ sizeof(gcmResetCiphertext1), sizeof(gcmResetCiphertext2) ++ }, ++ { ++ iGCMResetIV2, iGCMResetIV1, gcmResetCiphertext2, gcmResetCiphertext1, ++ gcmResetTag2, gcmResetTag1, sizeof(iGCMResetIV2), sizeof(iGCMResetIV1), ++ sizeof(gcmResetCiphertext2), sizeof(gcmResetCiphertext1) ++ } ++}; ++ ++static int test_gcm_reinit(int idx) ++{ ++ int outlen1, outlen2, outlen3; ++ int testresult = 0; ++ unsigned char outbuf[1024]; ++ unsigned char tag[16]; ++ const TEST_GCM_IV_REINIT_st *t = &gcm_reinit_tests[idx]; ++ EVP_CIPHER_CTX *ctx = NULL; ++ const EVP_CIPHER *type = NULL; ++ size_t taglen = sizeof(tag); ++ char *errmsg = NULL; ++ ++ if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())) { ++ errmsg = "CTX_ALLOC"; ++ goto err; ++ } ++ if (!TEST_ptr(type = EVP_get_cipherbyname("aes-256-gcm"))) { ++ errmsg = "GET_CIPHERBYNAME"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherInit_ex(ctx, type, NULL, NULL, NULL, 1))) { ++ errmsg = "ENC_INIT"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, t->ivlen1, NULL))) { ++ errmsg = "SET_IVLEN1"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, kGCMResetKey, t->iv1, 1))) { ++ errmsg = "SET_IV1"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherUpdate(ctx, NULL, &outlen3, gcmAAD, sizeof(gcmAAD)))) { ++ errmsg = "AAD1"; ++ goto err; ++ } ++ EVP_CIPHER_CTX_set_padding(ctx, 0); ++ if (!TEST_true(EVP_CipherUpdate(ctx, outbuf, &outlen1, gcmResetPlaintext, ++ sizeof(gcmResetPlaintext)))) { ++ errmsg = "CIPHER_UPDATE1"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherFinal_ex(ctx, outbuf + outlen1, &outlen2))) { ++ errmsg = "CIPHER_FINAL1"; ++ goto err; ++ } ++ if (!TEST_mem_eq(t->expected1, t->expectedlen1, outbuf, outlen1 + outlen2)) { ++ errmsg = "WRONG_RESULT1"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag))) { ++ errmsg = "GET_TAG1"; ++ goto err; ++ } ++ if (!TEST_mem_eq(t->tag1, taglen, tag, taglen)) { ++ errmsg = "TAG_ERROR1"; ++ goto err; ++ } ++ /* Now reinit */ ++ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, t->ivlen2, NULL))) { ++ errmsg = "SET_IVLEN2"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, NULL, t->iv2, -1))) { ++ errmsg = "SET_IV2"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherUpdate(ctx, NULL, &outlen3, gcmAAD, sizeof(gcmAAD)))) { ++ errmsg = "AAD2"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherUpdate(ctx, outbuf, &outlen1, gcmResetPlaintext, ++ sizeof(gcmResetPlaintext)))) { ++ errmsg = "CIPHER_UPDATE2"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CipherFinal_ex(ctx, outbuf + outlen1, &outlen2))) { ++ errmsg = "CIPHER_FINAL2"; ++ goto err; ++ } ++ if (!TEST_mem_eq(t->expected2, t->expectedlen2, outbuf, outlen1 + outlen2)) { ++ errmsg = "WRONG_RESULT2"; ++ goto err; ++ } ++ if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag))) { ++ errmsg = "GET_TAG2"; ++ goto err; ++ } ++ if (!TEST_mem_eq(t->tag2, taglen, tag, taglen)) { ++ errmsg = "TAG_ERROR2"; ++ goto err; ++ } ++ testresult = 1; ++ err: ++ if (errmsg != NULL) ++ TEST_info("evp_init_test %d: %s", idx, errmsg); ++ EVP_CIPHER_CTX_free(ctx); ++ return testresult; ++} ++ ++ ++ + static APK_DATA keydata[] = { + {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA}, + {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA}, +@@ -1208,6 +1678,8 @@ int setup_tests(void) + #ifndef OPENSSL_NO_DH + ADD_TEST(test_EVP_PKEY_set1_DH); + #endif +- ++ ADD_ALL_TESTS(test_evp_init_seq, OSSL_NELEM(evp_init_tests)); ++ ADD_ALL_TESTS(test_evp_reset, OSSL_NELEM(evp_reset_tests)); ++ ADD_ALL_TESTS(test_gcm_reinit, OSSL_NELEM(gcm_reinit_tests)); + return 1; + } diff --git a/SOURCES/openssl-1.1.1-s390x-aes.patch b/SOURCES/openssl-1.1.1-s390x-aes.patch new file mode 100644 index 0000000..e971f2c --- /dev/null +++ b/SOURCES/openssl-1.1.1-s390x-aes.patch @@ -0,0 +1,381 @@ +diff -up openssl-1.1.1k/crypto/evp/e_aes.c.s390x-aes openssl-1.1.1k/crypto/evp/e_aes.c +--- openssl-1.1.1k/crypto/evp/e_aes.c.s390x-aes 2021-07-16 11:03:14.362127435 +0200 ++++ openssl-1.1.1k/crypto/evp/e_aes.c 2021-07-16 15:00:42.531477251 +0200 +@@ -1168,9 +1168,9 @@ typedef struct { + static int s390x_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); + +-# define S390X_aes_128_cbc_CAPABLE 1 /* checked by callee */ +-# define S390X_aes_192_cbc_CAPABLE 1 +-# define S390X_aes_256_cbc_CAPABLE 1 ++# define S390X_aes_128_cbc_CAPABLE 0 /* checked by callee */ ++# define S390X_aes_192_cbc_CAPABLE 0 ++# define S390X_aes_256_cbc_CAPABLE 0 + # define S390X_AES_CBC_CTX EVP_AES_KEY + + # define s390x_aes_cbc_init_key aes_init_key +@@ -1190,11 +1190,10 @@ static int s390x_aes_ecb_init_key(EVP_CI + S390X_AES_ECB_CTX *cctx = EVP_C_DATA(S390X_AES_ECB_CTX, ctx); + const int keylen = EVP_CIPHER_CTX_key_length(ctx); + +- cctx->fc = S390X_AES_FC(keylen); +- if (!enc) +- cctx->fc |= S390X_DECRYPT; ++ cctx->fc = S390X_AES_FC(keylen) | (enc ? 0 : S390X_DECRYPT); + +- memcpy(cctx->km.param.k, key, keylen); ++ if (key != NULL) ++ memcpy(cctx->km.param.k, key, keylen); + return 1; + } + +@@ -1222,14 +1221,17 @@ static int s390x_aes_ofb_init_key(EVP_CI + const unsigned char *ivec, int enc) + { + S390X_AES_OFB_CTX *cctx = EVP_C_DATA(S390X_AES_OFB_CTX, ctx); +- const unsigned char *iv = EVP_CIPHER_CTX_original_iv(ctx); ++ const unsigned char *oiv = EVP_CIPHER_CTX_original_iv(ctx); + const int keylen = EVP_CIPHER_CTX_key_length(ctx); + const int ivlen = EVP_CIPHER_CTX_iv_length(ctx); + +- memcpy(cctx->kmo.param.cv, iv, ivlen); +- memcpy(cctx->kmo.param.k, key, keylen); + cctx->fc = S390X_AES_FC(keylen); ++ ++ if (key != NULL) ++ memcpy(cctx->kmo.param.k, key, keylen); ++ + cctx->res = 0; ++ memcpy(cctx->kmo.param.cv, oiv, ivlen); + return 1; + } + +@@ -1287,18 +1289,18 @@ static int s390x_aes_cfb_init_key(EVP_CI + const unsigned char *ivec, int enc) + { + S390X_AES_CFB_CTX *cctx = EVP_C_DATA(S390X_AES_CFB_CTX, ctx); +- const unsigned char *iv = EVP_CIPHER_CTX_original_iv(ctx); ++ const unsigned char *oiv = EVP_CIPHER_CTX_original_iv(ctx); + const int keylen = EVP_CIPHER_CTX_key_length(ctx); + const int ivlen = EVP_CIPHER_CTX_iv_length(ctx); + +- cctx->fc = S390X_AES_FC(keylen); +- cctx->fc |= 16 << 24; /* 16 bytes cipher feedback */ +- if (!enc) +- cctx->fc |= S390X_DECRYPT; ++ cctx->fc = S390X_AES_FC(keylen)| (enc ? 0 : S390X_DECRYPT) ++ | (16 << 24); /* 16 bytes cipher feedback */ ++ ++ if (key != NULL) ++ memcpy(cctx->kmf.param.k, key, keylen); + + cctx->res = 0; +- memcpy(cctx->kmf.param.cv, iv, ivlen); +- memcpy(cctx->kmf.param.k, key, keylen); ++ memcpy(cctx->kmf.param.cv, oiv, ivlen); + return 1; + } + +@@ -1360,17 +1362,18 @@ static int s390x_aes_cfb8_init_key(EVP_C + const unsigned char *ivec, int enc) + { + S390X_AES_CFB_CTX *cctx = EVP_C_DATA(S390X_AES_CFB_CTX, ctx); +- const unsigned char *iv = EVP_CIPHER_CTX_original_iv(ctx); ++ const unsigned char *oiv = EVP_CIPHER_CTX_original_iv(ctx); + const int keylen = EVP_CIPHER_CTX_key_length(ctx); + const int ivlen = EVP_CIPHER_CTX_iv_length(ctx); + +- cctx->fc = S390X_AES_FC(keylen); +- cctx->fc |= 1 << 24; /* 1 byte cipher feedback */ +- if (!enc) +- cctx->fc |= S390X_DECRYPT; ++ cctx->fc = S390X_AES_FC(keylen) | (enc ? 0 : S390X_DECRYPT) ++ | (1 << 24); /* 1 byte cipher feedback flag */ ++ ++ if (key != NULL) ++ memcpy(cctx->kmf.param.k, key, keylen); + +- memcpy(cctx->kmf.param.cv, iv, ivlen); +- memcpy(cctx->kmf.param.k, key, keylen); ++ cctx->res = 0; ++ memcpy(cctx->kmf.param.cv, oiv, ivlen); + return 1; + } + +@@ -1393,9 +1396,9 @@ static int s390x_aes_cfb8_cipher(EVP_CIP + static int s390x_aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t len); + +-# define S390X_aes_128_ctr_CAPABLE 1 /* checked by callee */ +-# define S390X_aes_192_ctr_CAPABLE 1 +-# define S390X_aes_256_ctr_CAPABLE 1 ++# define S390X_aes_128_ctr_CAPABLE 0 /* checked by callee */ ++# define S390X_aes_192_ctr_CAPABLE 0 ++# define S390X_aes_256_ctr_CAPABLE 0 + # define S390X_AES_CTR_CTX EVP_AES_KEY + + # define s390x_aes_ctr_init_key aes_init_key +@@ -1563,8 +1566,7 @@ static int s390x_aes_gcm(S390X_AES_GCM_C + /*- + * Initialize context structure. Code is big-endian. + */ +-static void s390x_aes_gcm_setiv(S390X_AES_GCM_CTX *ctx, +- const unsigned char *iv) ++static void s390x_aes_gcm_setiv(S390X_AES_GCM_CTX *ctx) + { + ctx->kma.param.t.g[0] = 0; + ctx->kma.param.t.g[1] = 0; +@@ -1575,12 +1577,11 @@ static void s390x_aes_gcm_setiv(S390X_AE + ctx->kreslen = 0; + + if (ctx->ivlen == 12) { +- memcpy(&ctx->kma.param.j0, iv, ctx->ivlen); ++ memcpy(&ctx->kma.param.j0, ctx->iv, ctx->ivlen); + ctx->kma.param.j0.w[3] = 1; + ctx->kma.param.cv.w = 1; + } else { + /* ctx->iv has the right size and is already padded. */ +- memcpy(ctx->iv, iv, ctx->ivlen); + s390x_kma(ctx->iv, S390X_gcm_ivpadlen(ctx->ivlen), NULL, 0, NULL, + ctx->fc, &ctx->kma.param); + ctx->fc |= S390X_KMA_HS; +@@ -1694,7 +1695,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER + if (gctx->iv_gen == 0 || gctx->key_set == 0) + return 0; + +- s390x_aes_gcm_setiv(gctx, gctx->iv); ++ s390x_aes_gcm_setiv(gctx); + + if (arg <= 0 || arg > gctx->ivlen) + arg = gctx->ivlen; +@@ -1714,7 +1715,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER + return 0; + + memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg); +- s390x_aes_gcm_setiv(gctx, gctx->iv); ++ s390x_aes_gcm_setiv(gctx); + gctx->iv_set = 1; + return 1; + +@@ -1770,43 +1771,35 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER + } + + /*- +- * Set key and/or iv. Returns 1 on success. Otherwise 0 is returned. ++ * Set key or iv or enc/dec. Returns 1 on success. Otherwise 0 is returned. + */ + static int s390x_aes_gcm_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc) + { + S390X_AES_GCM_CTX *gctx = EVP_C_DATA(S390X_AES_GCM_CTX, ctx); +- int keylen; ++ const int keylen = EVP_CIPHER_CTX_key_length(ctx); + +- if (iv == NULL && key == NULL) +- return 1; ++ gctx->fc = S390X_AES_FC(keylen) | (enc ? 0 : S390X_DECRYPT); + + if (key != NULL) { +- keylen = EVP_CIPHER_CTX_key_length(ctx); ++ gctx->fc &= ~S390X_KMA_HS; + memcpy(&gctx->kma.param.k, key, keylen); +- +- gctx->fc = S390X_AES_FC(keylen); +- if (!enc) +- gctx->fc |= S390X_DECRYPT; +- +- if (iv == NULL && gctx->iv_set) +- iv = gctx->iv; +- +- if (iv != NULL) { +- s390x_aes_gcm_setiv(gctx, iv); +- gctx->iv_set = 1; +- } + gctx->key_set = 1; +- } else { +- if (gctx->key_set) +- s390x_aes_gcm_setiv(gctx, iv); +- else +- memcpy(gctx->iv, iv, gctx->ivlen); +- +- gctx->iv_set = 1; ++ } ++ if (iv != NULL) { ++ memcpy(gctx->iv, iv, gctx->ivlen); + gctx->iv_gen = 0; ++ gctx->iv_set = 1; + } ++ ++ if (gctx->key_set && gctx->iv_set) ++ s390x_aes_gcm_setiv(gctx); ++ ++ gctx->fc &= ~(S390X_KMA_LPC | S390X_KMA_LAAD); ++ gctx->areslen = 0; ++ gctx->mreslen = 0; ++ gctx->kreslen = 0; + return 1; + } + +@@ -1895,7 +1888,6 @@ static int s390x_aes_gcm_cipher(EVP_CIPH + /* recall that we already did en-/decrypt gctx->mres + * and returned it to caller... */ + OPENSSL_cleanse(tmp, gctx->mreslen); +- gctx->iv_set = 0; + + enc = EVP_CIPHER_CTX_encrypting(ctx); + if (enc) { +@@ -1929,8 +1921,8 @@ static int s390x_aes_gcm_cleanup(EVP_CIP + } + + # define S390X_AES_XTS_CTX EVP_AES_XTS_CTX +-# define S390X_aes_128_xts_CAPABLE 1 /* checked by callee */ +-# define S390X_aes_256_xts_CAPABLE 1 ++# define S390X_aes_128_xts_CAPABLE 0 /* checked by callee */ ++# define S390X_aes_256_xts_CAPABLE 0 + + # define s390x_aes_xts_init_key aes_xts_init_key + static int s390x_aes_xts_init_key(EVP_CIPHER_CTX *ctx, +@@ -2134,9 +2126,10 @@ static int s390x_aes_ccm_tls_cipher(EVP_ + const unsigned char *in, size_t len) + { + S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx); +- unsigned char *ivec = EVP_CIPHER_CTX_iv_noconst(ctx); ++ const unsigned char *ivec = EVP_CIPHER_CTX_iv(ctx); + unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx); + const int enc = EVP_CIPHER_CTX_encrypting(ctx); ++ unsigned char iv[EVP_MAX_IV_LENGTH]; + + if (out != in + || len < (EVP_CCM_TLS_EXPLICIT_IV_LEN + (size_t)cctx->aes.ccm.m)) +@@ -2152,8 +2145,9 @@ static int s390x_aes_ccm_tls_cipher(EVP_ + * Get explicit iv (sequence number). We already have fixed iv + * (server/client_write_iv) here. + */ +- memcpy(ivec + EVP_CCM_TLS_FIXED_IV_LEN, in, EVP_CCM_TLS_EXPLICIT_IV_LEN); +- s390x_aes_ccm_setiv(cctx, ivec, len); ++ memcpy(iv, ivec, sizeof(iv)); ++ memcpy(iv + EVP_CCM_TLS_FIXED_IV_LEN, in, EVP_CCM_TLS_EXPLICIT_IV_LEN); ++ s390x_aes_ccm_setiv(cctx, iv, len); + + /* Process aad (sequence number|type|version|length) */ + s390x_aes_ccm_aad(cctx, buf, cctx->aes.ccm.tls_aad_len); +@@ -2180,42 +2174,34 @@ static int s390x_aes_ccm_tls_cipher(EVP_ + } + + /*- +- * Set key and flag field and/or iv. Returns 1 if successful. Otherwise 0 is +- * returned. ++ * Set key or iv or enc/dec. Returns 1 if successful. ++ * Otherwise 0 is returned. + */ + static int s390x_aes_ccm_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc) + { + S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx); +- unsigned char *ivec; +- int keylen; ++ const int keylen = EVP_CIPHER_CTX_key_length(ctx); ++ unsigned char *ivec = EVP_CIPHER_CTX_iv_noconst(ctx); + +- if (iv == NULL && key == NULL) +- return 1; ++ cctx->aes.ccm.fc = S390X_AES_FC(keylen); + + if (key != NULL) { +- keylen = EVP_CIPHER_CTX_key_length(ctx); +- cctx->aes.ccm.fc = S390X_AES_FC(keylen); + memcpy(cctx->aes.ccm.kmac_param.k, key, keylen); +- +- /* Store encoded m and l. */ +- cctx->aes.ccm.nonce.b[0] = ((cctx->aes.ccm.l - 1) & 0x7) +- | (((cctx->aes.ccm.m - 2) >> 1) & 0x7) << 3; +- memset(cctx->aes.ccm.nonce.b + 1, 0, +- sizeof(cctx->aes.ccm.nonce.b)); +- cctx->aes.ccm.blocks = 0; +- + cctx->aes.ccm.key_set = 1; + } +- + if (iv != NULL) { +- ivec = EVP_CIPHER_CTX_iv_noconst(ctx); + memcpy(ivec, iv, 15 - cctx->aes.ccm.l); +- + cctx->aes.ccm.iv_set = 1; + } ++ /* Store encoded m and l. */ ++ cctx->aes.ccm.nonce.b[0] = ((cctx->aes.ccm.l - 1) & 0x7) ++ | (((cctx->aes.ccm.m - 2) >> 1) & 0x7) << 3; ++ memset(cctx->aes.ccm.nonce.b + 1, 0, sizeof(cctx->aes.ccm.nonce.b) - 1); + ++ cctx->aes.ccm.blocks = 0; ++ cctx->aes.ccm.len_set = 0; + return 1; + } + +@@ -2230,8 +2216,9 @@ static int s390x_aes_ccm_cipher(EVP_CIPH + { + S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx); + const int enc = EVP_CIPHER_CTX_encrypting(ctx); ++ const unsigned char *ivec = EVP_CIPHER_CTX_iv(ctx); ++ unsigned char *buf; + int rv; +- unsigned char *buf, *ivec; + + if (!cctx->aes.ccm.key_set) + return -1; +@@ -2253,7 +2240,6 @@ static int s390x_aes_ccm_cipher(EVP_CIPH + if (out == NULL) { + /* Update(): Pass message length. */ + if (in == NULL) { +- ivec = EVP_CIPHER_CTX_iv_noconst(ctx); + s390x_aes_ccm_setiv(cctx, ivec, len); + + cctx->aes.ccm.len_set = 1; +@@ -2279,7 +2265,6 @@ static int s390x_aes_ccm_cipher(EVP_CIPH + * In case message length was not previously set explicitly via + * Update(), set it now. + */ +- ivec = EVP_CIPHER_CTX_iv_noconst(ctx); + s390x_aes_ccm_setiv(cctx, ivec, len); + + cctx->aes.ccm.len_set = 1; +@@ -2304,9 +2289,6 @@ static int s390x_aes_ccm_cipher(EVP_CIPH + if (rv == -1) + OPENSSL_cleanse(out, len); + +- cctx->aes.ccm.iv_set = 0; +- cctx->aes.ccm.tag_set = 0; +- cctx->aes.ccm.len_set = 0; + return rv; + } + } +@@ -2414,9 +2396,6 @@ static int s390x_aes_ccm_ctrl(EVP_CIPHER + return 0; + + memcpy(ptr, cctx->aes.ccm.kmac_param.icv.b, cctx->aes.ccm.m); +- cctx->aes.ccm.tag_set = 0; +- cctx->aes.ccm.iv_set = 0; +- cctx->aes.ccm.len_set = 0; + return 1; + + case EVP_CTRL_COPY: +@@ -2453,7 +2432,7 @@ static const EVP_CIPHER s390x_aes_##keyl + nid##_##keylen##_##nmode,blocksize, \ + keylen / 8, \ + ivlen, \ +- flags | EVP_CIPH_##MODE##_MODE, \ ++ flags | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_##MODE##_MODE, \ + s390x_aes_##mode##_init_key, \ + s390x_aes_##mode##_cipher, \ + NULL, \ +@@ -2490,7 +2469,7 @@ static const EVP_CIPHER s390x_aes_##keyl + blocksize, \ + (EVP_CIPH_##MODE##_MODE == EVP_CIPH_XTS_MODE ? 2 : 1) * keylen / 8, \ + ivlen, \ +- flags | EVP_CIPH_##MODE##_MODE, \ ++ flags | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_##MODE##_MODE, \ + s390x_aes_##mode##_init_key, \ + s390x_aes_##mode##_cipher, \ + s390x_aes_##mode##_cleanup, \ diff --git a/SOURCES/openssl-1.1.1-servername-cb.patch b/SOURCES/openssl-1.1.1-servername-cb.patch new file mode 100644 index 0000000..68ef64c --- /dev/null +++ b/SOURCES/openssl-1.1.1-servername-cb.patch @@ -0,0 +1,108 @@ +diff -up openssl-1.1.1k/ssl/statem/statem_lib.c.servername-cb openssl-1.1.1k/ssl/statem/statem_lib.c +--- openssl-1.1.1k/ssl/statem/statem_lib.c.servername-cb 2021-07-16 16:03:04.200024170 +0200 ++++ openssl-1.1.1k/ssl/statem/statem_lib.c 2021-07-16 16:08:04.076630415 +0200 +@@ -1504,8 +1504,8 @@ static int ssl_method_error(const SSL *s + + /* + * Only called by servers. Returns 1 if the server has a TLSv1.3 capable +- * certificate type, or has PSK or a certificate callback configured, or has +- * a servername callback configured. Otherwise returns 0. ++ * certificate type, or has PSK or a certificate callback configured. Otherwise ++ * returns 0. + */ + static int is_tls13_capable(const SSL *s) + { +@@ -1515,17 +1515,6 @@ static int is_tls13_capable(const SSL *s + EC_KEY *eckey; + #endif + +- if (!ossl_assert(s->ctx != NULL) || !ossl_assert(s->session_ctx != NULL)) +- return 0; +- +- /* +- * A servername callback can change the available certs, so if a servername +- * cb is set then we just assume TLSv1.3 will be ok +- */ +- if (s->ctx->ext.servername_cb != NULL +- || s->session_ctx->ext.servername_cb != NULL) +- return 1; +- + #ifndef OPENSSL_NO_PSK + if (s->psk_server_callback != NULL) + return 1; +diff -up openssl-1.1.1k/test/sslapitest.c.servername-cb openssl-1.1.1k/test/sslapitest.c +--- openssl-1.1.1k/test/sslapitest.c.servername-cb 2021-07-16 16:08:20.094823046 +0200 ++++ openssl-1.1.1k/test/sslapitest.c 2021-07-16 16:09:25.708612095 +0200 +@@ -6658,62 +6658,6 @@ static int test_ssl_dup(void) + } + #endif + +-#ifndef OPENSSL_NO_TLS1_3 +-/* +- * Test that setting an SNI callback works with TLSv1.3. Specifically we check +- * that it works even without a certificate configured for the original +- * SSL_CTX +- */ +-static int test_sni_tls13(void) +-{ +- SSL_CTX *cctx = NULL, *sctx = NULL, *sctx2 = NULL; +- SSL *clientssl = NULL, *serverssl = NULL; +- int testresult = 0; +- +- /* Reset callback counter */ +- snicb = 0; +- +- /* Create an initial SSL_CTX with no certificate configured */ +- sctx = SSL_CTX_new(TLS_server_method()); +- if (!TEST_ptr(sctx)) +- goto end; +- /* Require TLSv1.3 as a minimum */ +- if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), +- TLS1_3_VERSION, 0, &sctx2, &cctx, cert, +- privkey))) +- goto end; +- +- /* Set up SNI */ +- if (!TEST_true(SSL_CTX_set_tlsext_servername_callback(sctx, sni_cb)) +- || !TEST_true(SSL_CTX_set_tlsext_servername_arg(sctx, sctx2))) +- goto end; +- +- /* +- * Connection should still succeed because the final SSL_CTX has the right +- * certificates configured. +- */ +- if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, +- &clientssl, NULL, NULL)) +- || !TEST_true(create_ssl_connection(serverssl, clientssl, +- SSL_ERROR_NONE))) +- goto end; +- +- /* We should have had the SNI callback called exactly once */ +- if (!TEST_int_eq(snicb, 1)) +- goto end; +- +- testresult = 1; +- +-end: +- SSL_free(serverssl); +- SSL_free(clientssl); +- SSL_CTX_free(sctx2); +- SSL_CTX_free(sctx); +- SSL_CTX_free(cctx); +- return testresult; +-} +-#endif +- + int setup_tests(void) + { + if (!TEST_ptr(certsdir = test_get_argument(0)) +@@ -6837,9 +6781,6 @@ int setup_tests(void) + #ifndef OPENSSL_NO_TLS1_2 + ADD_TEST(test_ssl_dup); + #endif +-#ifndef OPENSSL_NO_TLS1_3 +- ADD_TEST(test_sni_tls13); +-#endif + return 1; + } + diff --git a/SPECS/openssl.spec b/SPECS/openssl.spec index e6d9cc8..3ebe296 100644 --- a/SPECS/openssl.spec +++ b/SPECS/openssl.spec @@ -22,7 +22,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 1.1.1k -Release: 1%{?dist} +Release: 4%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -69,6 +69,11 @@ Patch66: openssl-1.1.1-fips-dh.patch Patch67: openssl-1.1.1-kdf-selftest.patch Patch69: openssl-1.1.1-alpn-cb.patch Patch70: openssl-1.1.1-rewire-fips-drbg.patch +Patch76: openssl-1.1.1-cleanup-peer-point-reneg.patch +Patch77: openssl-1.1.1-s390x-aes.patch +Patch78: openssl-1.1.1-detected-addr-ipv6.patch +Patch79: openssl-1.1.1-servername-cb.patch +Patch80: openssl-1.1.1-s390x-aes-tests.patch # Backported fixes including security fixes Patch52: openssl-1.1.1-s390x-update.patch Patch53: openssl-1.1.1-fips-crng-test.patch @@ -190,6 +195,11 @@ cp %{SOURCE13} test/ %patch70 -p1 -b .rewire-fips-drbg %patch74 -p1 -b .addrconfig %patch75 -p1 -b .tls13-curves +%patch76 -p1 -b .cleanup-reneg +%patch77 -p1 -b .s390x-aes +%patch78 -p1 -b .addr-ipv6 +%patch79 -p1 -b .servername-cb +%patch80 -p1 -b .s390x-test-aes %build @@ -474,6 +484,28 @@ export LD_LIBRARY_PATH %postun libs -p /sbin/ldconfig %changelog +* Fri Jul 16 2021 Sahana Prasad - 1:1.1.1k-4 +- Fixes bugs in s390x AES code. +- Uses the first detected address family if IPv6 is not available +- Reverts the changes in https://github.com/openssl/openssl/pull/13305 + as it introduces a regression if server has a DSA key pair, the handshake fails + when the protocol is not explicitly set to TLS 1.2. However, if the patch is reverted, + it has an effect on the "ssl_reject_handshake" feature in nginx. Although, this feature + will continue to work, TLS 1.3 protocol becomes unavailable/disabled. This is already + known - https://trac.nginx.org/nginx/ticket/2071#comment:1 + As per https://github.com/openssl/openssl/issues/16075#issuecomment-879939938, nginx + could early callback instead of servername callback. +- Resolves: rhbz#1978214 +- Related: rhbz#1934534 + +* Thu Jun 24 2021 Sahana Prasad - 1:1.1.1k-3 +- Cleansup the peer point formats on renegotiation +- Resolves rhbz#1965362 + +* Wed Jun 23 2021 Dmitry Belyavskiy - 1:1.1.1k-2 +- Fixes FIPS_selftest to work in FIPS mode. Resolves: rhbz#1940085 +- Using safe primes for FIPS DH self-test + * Mon May 24 2021 Sahana Prasad 1.1.1k-1 - Update to version 1.1.1k