forked from rpms/openssl
a99ab8f40a
This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/openssl.git#3413ff9700373616a74dcf14fe75868d046e22e2
267 lines
8.4 KiB
Diff
267 lines
8.4 KiB
Diff
diff -up openssl-1.1.1h/apps/speed.c.curves openssl-1.1.1h/apps/speed.c
|
|
--- openssl-1.1.1h/apps/speed.c.curves 2020-09-22 14:55:07.000000000 +0200
|
|
+++ openssl-1.1.1h/apps/speed.c 2020-11-06 13:27:15.659288431 +0100
|
|
@@ -490,90 +490,30 @@ static double rsa_results[RSA_NUM][2];
|
|
#endif /* OPENSSL_NO_RSA */
|
|
|
|
enum {
|
|
- R_EC_P160,
|
|
- R_EC_P192,
|
|
R_EC_P224,
|
|
R_EC_P256,
|
|
R_EC_P384,
|
|
R_EC_P521,
|
|
-#ifndef OPENSSL_NO_EC2M
|
|
- R_EC_K163,
|
|
- R_EC_K233,
|
|
- R_EC_K283,
|
|
- R_EC_K409,
|
|
- R_EC_K571,
|
|
- R_EC_B163,
|
|
- R_EC_B233,
|
|
- R_EC_B283,
|
|
- R_EC_B409,
|
|
- R_EC_B571,
|
|
-#endif
|
|
- R_EC_BRP256R1,
|
|
- R_EC_BRP256T1,
|
|
- R_EC_BRP384R1,
|
|
- R_EC_BRP384T1,
|
|
- R_EC_BRP512R1,
|
|
- R_EC_BRP512T1,
|
|
R_EC_X25519,
|
|
R_EC_X448
|
|
};
|
|
|
|
#ifndef OPENSSL_NO_EC
|
|
static OPT_PAIR ecdsa_choices[] = {
|
|
- {"ecdsap160", R_EC_P160},
|
|
- {"ecdsap192", R_EC_P192},
|
|
{"ecdsap224", R_EC_P224},
|
|
{"ecdsap256", R_EC_P256},
|
|
{"ecdsap384", R_EC_P384},
|
|
{"ecdsap521", R_EC_P521},
|
|
-# ifndef OPENSSL_NO_EC2M
|
|
- {"ecdsak163", R_EC_K163},
|
|
- {"ecdsak233", R_EC_K233},
|
|
- {"ecdsak283", R_EC_K283},
|
|
- {"ecdsak409", R_EC_K409},
|
|
- {"ecdsak571", R_EC_K571},
|
|
- {"ecdsab163", R_EC_B163},
|
|
- {"ecdsab233", R_EC_B233},
|
|
- {"ecdsab283", R_EC_B283},
|
|
- {"ecdsab409", R_EC_B409},
|
|
- {"ecdsab571", R_EC_B571},
|
|
-# endif
|
|
- {"ecdsabrp256r1", R_EC_BRP256R1},
|
|
- {"ecdsabrp256t1", R_EC_BRP256T1},
|
|
- {"ecdsabrp384r1", R_EC_BRP384R1},
|
|
- {"ecdsabrp384t1", R_EC_BRP384T1},
|
|
- {"ecdsabrp512r1", R_EC_BRP512R1},
|
|
- {"ecdsabrp512t1", R_EC_BRP512T1}
|
|
};
|
|
# define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
|
|
|
|
static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
|
|
|
|
static const OPT_PAIR ecdh_choices[] = {
|
|
- {"ecdhp160", R_EC_P160},
|
|
- {"ecdhp192", R_EC_P192},
|
|
{"ecdhp224", R_EC_P224},
|
|
{"ecdhp256", R_EC_P256},
|
|
{"ecdhp384", R_EC_P384},
|
|
{"ecdhp521", R_EC_P521},
|
|
-# ifndef OPENSSL_NO_EC2M
|
|
- {"ecdhk163", R_EC_K163},
|
|
- {"ecdhk233", R_EC_K233},
|
|
- {"ecdhk283", R_EC_K283},
|
|
- {"ecdhk409", R_EC_K409},
|
|
- {"ecdhk571", R_EC_K571},
|
|
- {"ecdhb163", R_EC_B163},
|
|
- {"ecdhb233", R_EC_B233},
|
|
- {"ecdhb283", R_EC_B283},
|
|
- {"ecdhb409", R_EC_B409},
|
|
- {"ecdhb571", R_EC_B571},
|
|
-# endif
|
|
- {"ecdhbrp256r1", R_EC_BRP256R1},
|
|
- {"ecdhbrp256t1", R_EC_BRP256T1},
|
|
- {"ecdhbrp384r1", R_EC_BRP384R1},
|
|
- {"ecdhbrp384t1", R_EC_BRP384T1},
|
|
- {"ecdhbrp512r1", R_EC_BRP512R1},
|
|
- {"ecdhbrp512t1", R_EC_BRP512T1},
|
|
{"ecdhx25519", R_EC_X25519},
|
|
{"ecdhx448", R_EC_X448}
|
|
};
|
|
@@ -1502,31 +1442,10 @@ int speed_main(int argc, char **argv)
|
|
unsigned int bits;
|
|
} test_curves[] = {
|
|
/* Prime Curves */
|
|
- {"secp160r1", NID_secp160r1, 160},
|
|
- {"nistp192", NID_X9_62_prime192v1, 192},
|
|
{"nistp224", NID_secp224r1, 224},
|
|
{"nistp256", NID_X9_62_prime256v1, 256},
|
|
{"nistp384", NID_secp384r1, 384},
|
|
{"nistp521", NID_secp521r1, 521},
|
|
-# ifndef OPENSSL_NO_EC2M
|
|
- /* Binary Curves */
|
|
- {"nistk163", NID_sect163k1, 163},
|
|
- {"nistk233", NID_sect233k1, 233},
|
|
- {"nistk283", NID_sect283k1, 283},
|
|
- {"nistk409", NID_sect409k1, 409},
|
|
- {"nistk571", NID_sect571k1, 571},
|
|
- {"nistb163", NID_sect163r2, 163},
|
|
- {"nistb233", NID_sect233r1, 233},
|
|
- {"nistb283", NID_sect283r1, 283},
|
|
- {"nistb409", NID_sect409r1, 409},
|
|
- {"nistb571", NID_sect571r1, 571},
|
|
-# endif
|
|
- {"brainpoolP256r1", NID_brainpoolP256r1, 256},
|
|
- {"brainpoolP256t1", NID_brainpoolP256t1, 256},
|
|
- {"brainpoolP384r1", NID_brainpoolP384r1, 384},
|
|
- {"brainpoolP384t1", NID_brainpoolP384t1, 384},
|
|
- {"brainpoolP512r1", NID_brainpoolP512r1, 512},
|
|
- {"brainpoolP512t1", NID_brainpoolP512t1, 512},
|
|
/* Other and ECDH only ones */
|
|
{"X25519", NID_X25519, 253},
|
|
{"X448", NID_X448, 448}
|
|
@@ -2026,9 +1945,9 @@ int speed_main(int argc, char **argv)
|
|
# endif
|
|
|
|
# ifndef OPENSSL_NO_EC
|
|
- ecdsa_c[R_EC_P160][0] = count / 1000;
|
|
- ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
|
|
- for (i = R_EC_P192; i <= R_EC_P521; i++) {
|
|
+ ecdsa_c[R_EC_P224][0] = count / 1000;
|
|
+ ecdsa_c[R_EC_P224][1] = count / 1000 / 2;
|
|
+ for (i = R_EC_P256; i <= R_EC_P521; i++) {
|
|
ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
|
|
ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
|
|
if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
|
|
@@ -2040,7 +1959,7 @@ int speed_main(int argc, char **argv)
|
|
}
|
|
}
|
|
}
|
|
-# ifndef OPENSSL_NO_EC2M
|
|
+# if 0
|
|
ecdsa_c[R_EC_K163][0] = count / 1000;
|
|
ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
|
|
for (i = R_EC_K233; i <= R_EC_K571; i++) {
|
|
@@ -2071,8 +1990,8 @@ int speed_main(int argc, char **argv)
|
|
}
|
|
# endif
|
|
|
|
- ecdh_c[R_EC_P160][0] = count / 1000;
|
|
- for (i = R_EC_P192; i <= R_EC_P521; i++) {
|
|
+ ecdh_c[R_EC_P224][0] = count / 1000;
|
|
+ for (i = R_EC_P256; i <= R_EC_P521; i++) {
|
|
ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
|
|
if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
|
|
ecdh_doit[i] = 0;
|
|
@@ -2082,7 +2001,7 @@ int speed_main(int argc, char **argv)
|
|
}
|
|
}
|
|
}
|
|
-# ifndef OPENSSL_NO_EC2M
|
|
+# if 0
|
|
ecdh_c[R_EC_K163][0] = count / 1000;
|
|
for (i = R_EC_K233; i <= R_EC_K571; i++) {
|
|
ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
|
|
diff -up openssl-1.1.1h/crypto/ec/ecp_smpl.c.curves openssl-1.1.1h/crypto/ec/ecp_smpl.c
|
|
--- openssl-1.1.1h/crypto/ec/ecp_smpl.c.curves 2020-09-22 14:55:07.000000000 +0200
|
|
+++ openssl-1.1.1h/crypto/ec/ecp_smpl.c 2020-11-06 13:27:15.659288431 +0100
|
|
@@ -145,6 +145,11 @@ int ec_GFp_simple_group_set_curve(EC_GRO
|
|
return 0;
|
|
}
|
|
|
|
+ if (BN_num_bits(p) < 224) {
|
|
+ ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
|
|
+ return 0;
|
|
+ }
|
|
+
|
|
if (ctx == NULL) {
|
|
ctx = new_ctx = BN_CTX_new();
|
|
if (ctx == NULL)
|
|
diff -up openssl-1.1.1h/test/ecdsatest.h.curves openssl-1.1.1h/test/ecdsatest.h
|
|
--- openssl-1.1.1h/test/ecdsatest.h.curves 2020-11-06 13:27:15.627288114 +0100
|
|
+++ openssl-1.1.1h/test/ecdsatest.h 2020-11-06 13:27:15.660288441 +0100
|
|
@@ -32,23 +32,6 @@ typedef struct {
|
|
} ecdsa_cavs_kat_t;
|
|
|
|
static const ecdsa_cavs_kat_t ecdsa_cavs_kats[] = {
|
|
- /* prime KATs from X9.62 */
|
|
- {NID_X9_62_prime192v1, NID_sha1,
|
|
- "616263", /* "abc" */
|
|
- "1a8d598fc15bf0fd89030b5cb1111aeb92ae8baf5ea475fb",
|
|
- "0462b12d60690cdcf330babab6e69763b471f994dd702d16a563bf5ec08069705ffff65e"
|
|
- "5ca5c0d69716dfcb3474373902",
|
|
- "fa6de29746bbeb7f8bb1e761f85f7dfb2983169d82fa2f4e",
|
|
- "885052380ff147b734c330c43d39b2c4a89f29b0f749fead",
|
|
- "e9ecc78106def82bf1070cf1d4d804c3cb390046951df686"},
|
|
- {NID_X9_62_prime239v1, NID_sha1,
|
|
- "616263", /* "abc" */
|
|
- "7ef7c6fabefffdea864206e80b0b08a9331ed93e698561b64ca0f7777f3d",
|
|
- "045b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c707fd9f1ed2e"
|
|
- "65f09f6ce0893baf5e8e31e6ae82ea8c3592335be906d38dee",
|
|
- "656c7196bf87dcc5d1f1020906df2782360d36b2de7a17ece37d503784af",
|
|
- "2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0",
|
|
- "2eeae988104e9c2234a3c2beb1f53bfa5dc11ff36a875d1e3ccb1f7e45cf"},
|
|
/* prime KATs from NIST CAVP */
|
|
{NID_secp224r1, NID_sha224,
|
|
"699325d6fc8fbbb4981a6ded3c3a54ad2e4e3db8a5669201912064c64e700c139248cdc1"
|
|
--- openssl-1.1.1h/test/recipes/15-test_genec.t.ec-curves 2020-11-06 13:58:36.402895540 +0100
|
|
+++ openssl-1.1.1h/test/recipes/15-test_genec.t 2020-11-06 13:59:38.508484498 +0100
|
|
@@ -20,45 +20,11 @@ plan skip_all => "This test is unsupport
|
|
if disabled("ec");
|
|
|
|
my @prime_curves = qw(
|
|
- secp112r1
|
|
- secp112r2
|
|
- secp128r1
|
|
- secp128r2
|
|
- secp160k1
|
|
- secp160r1
|
|
- secp160r2
|
|
- secp192k1
|
|
- secp224k1
|
|
secp224r1
|
|
secp256k1
|
|
secp384r1
|
|
secp521r1
|
|
- prime192v1
|
|
- prime192v2
|
|
- prime192v3
|
|
- prime239v1
|
|
- prime239v2
|
|
- prime239v3
|
|
prime256v1
|
|
- wap-wsg-idm-ecid-wtls6
|
|
- wap-wsg-idm-ecid-wtls7
|
|
- wap-wsg-idm-ecid-wtls8
|
|
- wap-wsg-idm-ecid-wtls9
|
|
- wap-wsg-idm-ecid-wtls12
|
|
- brainpoolP160r1
|
|
- brainpoolP160t1
|
|
- brainpoolP192r1
|
|
- brainpoolP192t1
|
|
- brainpoolP224r1
|
|
- brainpoolP224t1
|
|
- brainpoolP256r1
|
|
- brainpoolP256t1
|
|
- brainpoolP320r1
|
|
- brainpoolP320t1
|
|
- brainpoolP384r1
|
|
- brainpoolP384t1
|
|
- brainpoolP512r1
|
|
- brainpoolP512t1
|
|
);
|
|
|
|
my @binary_curves = qw(
|
|
@@ -115,7 +81,6 @@ push(@other_curves, 'SM2')
|
|
if !disabled("sm2");
|
|
|
|
my @curve_aliases = qw(
|
|
- P-192
|
|
P-224
|
|
P-256
|
|
P-384
|