mirror of https://github.com/openssl/openssl.git
Merge branch 'master' into sm4_cbc_opt_scalar
This commit is contained in:
Iakov Polyak
commit
15d7a46896
107
CHANGES.md
107
CHANGES.md
|
|
@ -41,6 +41,11 @@ OpenSSL 4.0
|
||||||
|
|
||||||
*Igor Ustinov*
|
*Igor Ustinov*
|
||||||
|
|
||||||
|
* Enabled Server verification by default in `s_server` when option
|
||||||
|
verify_return_error is enabled.
|
||||||
|
|
||||||
|
*Ryan Hooper*
|
||||||
|
|
||||||
OpenSSL 3.6
|
OpenSSL 3.6
|
||||||
-----------
|
-----------
|
||||||
|
|
||||||
|
|
@ -291,6 +296,105 @@ OpenSSL 3.6
|
||||||
OpenSSL 3.5
|
OpenSSL 3.5
|
||||||
-----------
|
-----------
|
||||||
|
|
||||||
|
### Changes between 3.5.3 and 3.5.4 [xx XXX xxxx]
|
||||||
|
|
||||||
|
* Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap
|
||||||
|
|
||||||
|
Issue summary: An application trying to decrypt CMS messages encrypted using
|
||||||
|
password based encryption can trigger an out-of-bounds read and write.
|
||||||
|
|
||||||
|
Impact summary: This out-of-bounds read may trigger a crash which leads to
|
||||||
|
Denial of Service for an application. The out-of-bounds write can cause
|
||||||
|
a memory corruption which can have various consequences including
|
||||||
|
a Denial of Service or Execution of attacker-supplied code.
|
||||||
|
|
||||||
|
The issue was reported by Stanislav Fort (Aisle Research).
|
||||||
|
|
||||||
|
([CVE-2025-9230])
|
||||||
|
|
||||||
|
*Viktor Dukhovni*
|
||||||
|
|
||||||
|
* Fix Timing side-channel in SM2 algorithm on 64 bit ARM
|
||||||
|
|
||||||
|
Issue summary: A timing side-channel which could potentially allow remote
|
||||||
|
recovery of the private key exists in the SM2 algorithm implementation on
|
||||||
|
64 bit ARM platforms.
|
||||||
|
|
||||||
|
Impact summary: A timing side-channel in SM2 signature computations on
|
||||||
|
64 bit ARM platforms could allow recovering the private key by an attacker.
|
||||||
|
|
||||||
|
The issue was reported by Stanislav Fort (Aisle Research).
|
||||||
|
|
||||||
|
([CVE-2025-9231])
|
||||||
|
|
||||||
|
*Stanislav Fort and Tomáš Mráz*
|
||||||
|
|
||||||
|
* Fix Out-of-bounds read in HTTP client no_proxy handling
|
||||||
|
|
||||||
|
Issue summary: An application using the OpenSSL HTTP client API functions
|
||||||
|
may trigger an out-of-bounds read if the "no_proxy" environment variable is
|
||||||
|
set and the host portion of the authority component of the HTTP URL is an
|
||||||
|
IPv6 address.
|
||||||
|
|
||||||
|
Impact summary: An out-of-bounds read can trigger a crash which leads to
|
||||||
|
Denial of Service for an application.
|
||||||
|
|
||||||
|
The issue was reported by Stanislav Fort (Aisle Research).
|
||||||
|
|
||||||
|
([CVE-2025-9232])
|
||||||
|
|
||||||
|
*Stanislav Fort*
|
||||||
|
|
||||||
|
### Changes between 3.5.2 and 3.5.3 [16 Sep 2025]
|
||||||
|
|
||||||
|
* Avoided a potential race condition introduced in 3.5.1, where
|
||||||
|
`OSSL_STORE_CTX` kept open during lookup while potentially being used
|
||||||
|
by multiple threads simultaneously, that could lead to potential crashes
|
||||||
|
when multiple concurrent TLS connections are served.
|
||||||
|
|
||||||
|
*Matt Caswell*
|
||||||
|
|
||||||
|
* The FIPS provider no longer performs a PCT on key import for RSA, DH,
|
||||||
|
and EC keys (that was introduced in 3.5.2), following the latest update
|
||||||
|
on that requirement in FIPS 140-3 IG 10.3.A additional comment 1.
|
||||||
|
|
||||||
|
*Dr Paul Dale*
|
||||||
|
|
||||||
|
* Secure memory allocation calls are no longer used for HMAC keys.
|
||||||
|
|
||||||
|
*Dr Paul Dale*
|
||||||
|
|
||||||
|
* `openssl req` no longer generates certificates with an empty extension list
|
||||||
|
when SKID/AKID are set to `none` during generation.
|
||||||
|
|
||||||
|
*David Benjamin*
|
||||||
|
|
||||||
|
* The man page date is now derived from the release date provided
|
||||||
|
in `VERSION.dat` and not the current date for the released builds.
|
||||||
|
|
||||||
|
*Enji Cooper*
|
||||||
|
|
||||||
|
* Hardened the provider implementation of the RSA public key "encrypt"
|
||||||
|
operation to add a missing check that the caller-indicated output buffer
|
||||||
|
size is at least as large as the byte count of the RSA modulus. The issue
|
||||||
|
was reported by Arash Ale Ebrahim from SYSPWN.
|
||||||
|
|
||||||
|
This operation is typically invoked via `EVP_PKEY_encrypt(3)`. Callers that
|
||||||
|
in fact provide a sufficiently large buffer, but fail to correctly indicate
|
||||||
|
its size may now encounter unexpected errors. In applications that attempt
|
||||||
|
RSA public encryption into a buffer that is too small, an out-of-bounds
|
||||||
|
write is now avoided and an error is reported instead.
|
||||||
|
|
||||||
|
*Viktor Dukhovni*
|
||||||
|
|
||||||
|
* Added FIPS 140-3 PCT on DH key generation.
|
||||||
|
|
||||||
|
*Nikola Pajkovsky*
|
||||||
|
|
||||||
|
* Fixed the synthesised `OPENSSL_VERSION_NUMBER`.
|
||||||
|
|
||||||
|
*Richard Levitte*
|
||||||
|
|
||||||
### Changes between 3.5.1 and 3.5.2 [5 Aug 2025]
|
### Changes between 3.5.1 and 3.5.2 [5 Aug 2025]
|
||||||
|
|
||||||
* The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
|
* The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
|
||||||
|
|
@ -21497,6 +21601,9 @@ ndif
|
||||||
|
|
||||||
<!-- Links -->
|
<!-- Links -->
|
||||||
|
|
||||||
|
[CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232
|
||||||
|
[CVE-2025-9231]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9231
|
||||||
|
[CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230
|
||||||
[CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
|
[CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
|
||||||
[CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
|
[CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
|
||||||
[CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143
|
[CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143
|
||||||
|
|
|
||||||
|
|
@ -950,7 +950,9 @@ EOF
|
||||||
} elsif (-f $inprologue) {
|
} elsif (-f $inprologue) {
|
||||||
my $local_scripture .= <<"EOF";
|
my $local_scripture .= <<"EOF";
|
||||||
$outprologue : $inprologue
|
$outprologue : $inprologue
|
||||||
|
IF F$SEARCH("$outprologue") .EQS. "" SET FILE/PROT=(O:RWD) $outprologue
|
||||||
COPY $inprologue $outprologue
|
COPY $inprologue $outprologue
|
||||||
|
SET FILE/PROT=(O:RD) $outprologue
|
||||||
EOF
|
EOF
|
||||||
$includefile_cache{$outprologue} = $local_scripture;
|
$includefile_cache{$outprologue} = $local_scripture;
|
||||||
|
|
||||||
|
|
@ -962,7 +964,9 @@ EOF
|
||||||
} elsif (-f $inepilogue) {
|
} elsif (-f $inepilogue) {
|
||||||
my $local_scripture .= <<"EOF";
|
my $local_scripture .= <<"EOF";
|
||||||
$outepilogue : $inepilogue
|
$outepilogue : $inepilogue
|
||||||
|
IF F$SEARCH("$outepilogue") .EQS. "" SET FILE/PROT=(O:RWD) $outepilogue
|
||||||
COPY $inepilogue $outepilogue
|
COPY $inepilogue $outepilogue
|
||||||
|
SET FILE/PROT=(O:RD) $outepilogue
|
||||||
EOF
|
EOF
|
||||||
$includefile_cache{$outepilogue} = $local_scripture;
|
$includefile_cache{$outepilogue} = $local_scripture;
|
||||||
|
|
||||||
|
|
@ -1116,7 +1120,9 @@ EOF
|
||||||
|
|
||||||
return <<"EOF";
|
return <<"EOF";
|
||||||
$args{src} : $gen0 $deps
|
$args{src} : $gen0 $deps
|
||||||
|
IF F$SEARCH("\$\@") .EQS. "" SET FILE/PROT=(O:RWD) \$\@
|
||||||
\$(PERL)$perlmodules $dofile "-o$target{build_file}" $gen0$gen_args > \$\@
|
\$(PERL)$perlmodules $dofile "-o$target{build_file}" $gen0$gen_args > \$\@
|
||||||
|
SET FILE/PROT=(O:RD) \$\@
|
||||||
$decc_include_scripture
|
$decc_include_scripture
|
||||||
EOF
|
EOF
|
||||||
} elsif (grep { $_ eq $gen0 } @{$unified_info{programs}}) {
|
} elsif (grep { $_ eq $gen0 } @{$unified_info{programs}}) {
|
||||||
|
|
@ -1479,9 +1485,10 @@ EOF
|
||||||
rel2abs($config{builddir}));
|
rel2abs($config{builddir}));
|
||||||
return <<"EOF";
|
return <<"EOF";
|
||||||
$script : $sources configdata.pm
|
$script : $sources configdata.pm
|
||||||
|
IF F$SEARCH("$script") .EQS. "" SET FILE/PROT=(S:RWED,O:RWED,G:RE,W:RE) $script
|
||||||
\$(PERL) "-I\$(BLDDIR)" "-Mconfigdata" $dofile -
|
\$(PERL) "-I\$(BLDDIR)" "-Mconfigdata" $dofile -
|
||||||
"-o$target{build_file}" $sources > $script
|
"-o$target{build_file}" $sources > $script
|
||||||
SET FILE/PROT=(S:RWED,O:RWED,G:RE,W:RE) $script
|
SET FILE/PROT=(S:RWED,O:RE,G:RE,W:RE) $script
|
||||||
PURGE $script
|
PURGE $script
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1683,7 +1683,9 @@ EOF
|
||||||
|
|
||||||
return <<"EOF";
|
return <<"EOF";
|
||||||
$args{src}: $gen0 $deps
|
$args{src}: $gen0 $deps
|
||||||
|
if [ -r "\$@" ]; then chmod u+w \$@; fi
|
||||||
\$(PERL)$perlmodules "$dofile" "-o$target{build_file}" $gen0$gen_args > \$@
|
\$(PERL)$perlmodules "$dofile" "-o$target{build_file}" $gen0$gen_args > \$@
|
||||||
|
chmod a-w \$@
|
||||||
EOF
|
EOF
|
||||||
} elsif (grep { $_ eq $gen0 } @{$unified_info{programs}}) {
|
} elsif (grep { $_ eq $gen0 } @{$unified_info{programs}}) {
|
||||||
#
|
#
|
||||||
|
|
@ -2040,10 +2042,11 @@ EOF
|
||||||
rel2abs($config{builddir}));
|
rel2abs($config{builddir}));
|
||||||
return <<"EOF";
|
return <<"EOF";
|
||||||
$script: $sources configdata.pm
|
$script: $sources configdata.pm
|
||||||
|
if [ -r "$script" ]; then chmod u+w $script; fi
|
||||||
\$(RM) "$script"
|
\$(RM) "$script"
|
||||||
\$(PERL) "-I\$(BLDDIR)" -Mconfigdata "$dofile" \\
|
\$(PERL) "-I\$(BLDDIR)" -Mconfigdata "$dofile" \\
|
||||||
"-o$target{build_file}" $sources > "$script"
|
"-o$target{build_file}" $sources > "$script"
|
||||||
chmod a+x $script
|
chmod a+x,a-w $script
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
sub generatedir {
|
sub generatedir {
|
||||||
|
|
|
||||||
|
|
@ -845,7 +845,9 @@ EOF
|
||||||
|
|
||||||
return <<"EOF";
|
return <<"EOF";
|
||||||
$args{src}: "$gen0" $deps
|
$args{src}: "$gen0" $deps
|
||||||
|
if exist \$@ attrib -r \$@
|
||||||
"\$(PERL)"$perlmodules "$dofile" "-o$target{build_file}" "$gen0"$gen_args > \$@
|
"\$(PERL)"$perlmodules "$dofile" "-o$target{build_file}" "$gen0"$gen_args > \$@
|
||||||
|
attrib +r \$@
|
||||||
EOF
|
EOF
|
||||||
} elsif (grep { $_ eq $gen0 } @{$unified_info{programs}}) {
|
} elsif (grep { $_ eq $gen0 } @{$unified_info{programs}}) {
|
||||||
#
|
#
|
||||||
|
|
@ -1054,8 +1056,10 @@ EOF
|
||||||
rel2abs($config{builddir}));
|
rel2abs($config{builddir}));
|
||||||
return <<"EOF";
|
return <<"EOF";
|
||||||
$script: $sources configdata.pm
|
$script: $sources configdata.pm
|
||||||
|
if exist $script attrib -r $script
|
||||||
"\$(PERL)" "-I\$(BLDDIR)" -Mconfigdata "$dofile" \\
|
"\$(PERL)" "-I\$(BLDDIR)" -Mconfigdata "$dofile" \\
|
||||||
"-o$target{build_file}" $sources > \$@
|
"-o$target{build_file}" $sources > \$@
|
||||||
|
attrib +r $script
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
sub generatedir {
|
sub generatedir {
|
||||||
|
|
|
||||||
49
NEWS.md
49
NEWS.md
|
|
@ -37,9 +37,7 @@ OpenSSL 3.6
|
||||||
This release incorporates the following potentially significant or incompatible
|
This release incorporates the following potentially significant or incompatible
|
||||||
changes:
|
changes:
|
||||||
|
|
||||||
* Added PCT for key import for SLH-DSA when in FIPS mode
|
* Added FIPS 140-3 PCT on DH key generation.
|
||||||
|
|
||||||
* Added FIPS 140-3 PCT on DH key generation
|
|
||||||
|
|
||||||
* Added NIST security categories for PKEY objects.
|
* Added NIST security categories for PKEY objects.
|
||||||
|
|
||||||
|
|
@ -55,7 +53,7 @@ changes:
|
||||||
|
|
||||||
* The VxWorks platforms have been removed.
|
* The VxWorks platforms have been removed.
|
||||||
|
|
||||||
* Added an `openssl configutl` utility for processing the openssl
|
* Added an `openssl configutl` utility for processing the OpenSSL
|
||||||
configuration file and dumping the equal configuration file.
|
configuration file and dumping the equal configuration file.
|
||||||
|
|
||||||
* Added support for FIPS 186-5 deterministic ECDSA signature
|
* Added support for FIPS 186-5 deterministic ECDSA signature
|
||||||
|
|
@ -66,12 +64,40 @@ changes:
|
||||||
OpenSSL 3.5
|
OpenSSL 3.5
|
||||||
-----------
|
-----------
|
||||||
|
|
||||||
### Changes between 3.5.1 and 3.5.2 [5 Aug 2025]
|
### Major changes between OpenSSL 3.5.3 and OpenSSL 3.5.4 [under development]
|
||||||
|
|
||||||
|
OpenSSL 3.5.4 is a security patch release. The most severe CVE fixed in this
|
||||||
|
release is Moderate.
|
||||||
|
|
||||||
|
This release incorporates the following bug fixes and mitigations:
|
||||||
|
|
||||||
|
* Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap.
|
||||||
|
([CVE-2025-9230])
|
||||||
|
|
||||||
|
* Fix Timing side-channel in SM2 algorithm on 64 bit ARM.
|
||||||
|
([CVE-2025-9231])
|
||||||
|
|
||||||
|
* Fix Out-of-bounds read in HTTP client no_proxy handling.
|
||||||
|
([CVE-2025-9232])
|
||||||
|
|
||||||
|
### Major changes between OpenSSL 3.5.2 and OpenSSL 3.5.3 [16 Sep 2025]
|
||||||
|
|
||||||
|
OpenSSL 3.5.3 is a bug fix release.
|
||||||
|
|
||||||
|
This release incorporates the following bug fixes and mitigations:
|
||||||
|
|
||||||
|
* Added FIPS 140-3 PCT on DH key generation.
|
||||||
|
|
||||||
|
* Fixed the synthesised `OPENSSL_VERSION_NUMBER`.
|
||||||
|
|
||||||
|
* Removed PCT on key import in the FIPS provider as it is not required by
|
||||||
|
the standard.
|
||||||
|
|
||||||
|
### Major changes between OpenSSL 3.5.1 and OpenSSL 3.5.2 [5 Aug 2025]
|
||||||
|
|
||||||
|
OpenSSL 3.5.2 is a bug fix release.
|
||||||
|
|
||||||
* The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
|
* The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
|
||||||
This is mandated by FIPS 140-3 IG 10.3.A additional comment 1.
|
|
||||||
|
|
||||||
*Dr Paul Dale*
|
|
||||||
|
|
||||||
### Major changes between OpenSSL 3.5.0 and OpenSSL 3.5.1 [1 Jul 2025]
|
### Major changes between OpenSSL 3.5.0 and OpenSSL 3.5.1 [1 Jul 2025]
|
||||||
|
|
||||||
|
|
@ -83,7 +109,7 @@ This release incorporates the following bug fixes and mitigations:
|
||||||
* Fix x509 application adds trusted use instead of rejected use.
|
* Fix x509 application adds trusted use instead of rejected use.
|
||||||
([CVE-2025-4575])
|
([CVE-2025-4575])
|
||||||
|
|
||||||
### Major changes between OpenSSL 3.4 and OpenSSL 3.5 [8 Apr 2025]
|
### Major changes between OpenSSL 3.4 and OpenSSL 3.5.0 [8 Apr 2025]
|
||||||
|
|
||||||
OpenSSL 3.5.0 is a feature release adding significant new functionality to
|
OpenSSL 3.5.0 is a feature release adding significant new functionality to
|
||||||
OpenSSL.
|
OpenSSL.
|
||||||
|
|
@ -316,7 +342,7 @@ This release adds the following new features:
|
||||||
* Added X509_STORE_get1_objects to avoid issues with the existing
|
* Added X509_STORE_get1_objects to avoid issues with the existing
|
||||||
X509_STORE_get0_objects API in multi-threaded applications.
|
X509_STORE_get0_objects API in multi-threaded applications.
|
||||||
|
|
||||||
* Support for using certificate profiles and extened delayed delivery in CMP
|
* Support for using certificate profiles and extended delayed delivery in CMP
|
||||||
|
|
||||||
This release incorporates the following potentially significant or incompatible
|
This release incorporates the following potentially significant or incompatible
|
||||||
changes:
|
changes:
|
||||||
|
|
@ -1949,6 +1975,9 @@ OpenSSL 0.9.x
|
||||||
* Support for various new platforms
|
* Support for various new platforms
|
||||||
|
|
||||||
<!-- Links -->
|
<!-- Links -->
|
||||||
|
[CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232
|
||||||
|
[CVE-2025-9231]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9231
|
||||||
|
[CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230
|
||||||
[CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
|
[CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
|
||||||
[CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
|
[CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
|
||||||
[CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143
|
[CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143
|
||||||
|
|
|
||||||
13
NOTES-C99.md
13
NOTES-C99.md
|
|
@ -20,3 +20,16 @@ The list here is going to be updated by features we either
|
||||||
The list of C-99 features we don't support in OpenSSL project follows:
|
The list of C-99 features we don't support in OpenSSL project follows:
|
||||||
|
|
||||||
- do not use `//` for comments, stick to `/* ... */`
|
- do not use `//` for comments, stick to `/* ... */`
|
||||||
|
|
||||||
|
- do not use `<complex.h>`. MSVC doesn't quite implement it to standard.
|
||||||
|
|
||||||
|
- do not use variable length arrays, i.e. arrays where the size is
|
||||||
|
determined by another variable. MSVC doesn't implement it at all.
|
||||||
|
For clarity, this is an example of such an array:
|
||||||
|
|
||||||
|
``` C
|
||||||
|
int fun(size_t n)
|
||||||
|
{
|
||||||
|
char s[n]; /* variable size array */
|
||||||
|
...
|
||||||
|
```
|
||||||
|
|
|
||||||
|
|
@ -8,6 +8,7 @@ Welcome to the OpenSSL Project
|
||||||
[](https://github.com/openssl/openssl/actions/workflows/provider-compatibility.yml)
|
[](https://github.com/openssl/openssl/actions/workflows/provider-compatibility.yml)
|
||||||
[](https://github.com/openssl/openssl/actions/workflows/run_quic_interop.yml)
|
[](https://github.com/openssl/openssl/actions/workflows/run_quic_interop.yml)
|
||||||
[](https://github.com/openssl/openssl/actions/workflows/run-checker-daily.yml)
|
[](https://github.com/openssl/openssl/actions/workflows/run-checker-daily.yml)
|
||||||
|
[](https://insights.linuxfoundation.org/project/openssl)
|
||||||
|
|
||||||
OpenSSL is a robust, commercial-grade, full-featured Open Source Toolkit
|
OpenSSL is a robust, commercial-grade, full-featured Open Source Toolkit
|
||||||
for the TLS (formerly SSL), DTLS and QUIC protocols.
|
for the TLS (formerly SSL), DTLS and QUIC protocols.
|
||||||
|
|
|
||||||
|
|
@ -932,7 +932,7 @@ int load_key_certs_crls(const char *uri, int format, int maybe_stdin,
|
||||||
SET_EXPECT1(pparams, OSSL_STORE_INFO_PARAMS);
|
SET_EXPECT1(pparams, OSSL_STORE_INFO_PARAMS);
|
||||||
SET_EXPECT1(pcert, OSSL_STORE_INFO_CERT);
|
SET_EXPECT1(pcert, OSSL_STORE_INFO_CERT);
|
||||||
/*
|
/*
|
||||||
* Up to here, the follwing holds.
|
* Up to here, the following holds.
|
||||||
* If just one of the ppkey, ppubkey, pparams, and pcert function parameters
|
* If just one of the ppkey, ppubkey, pparams, and pcert function parameters
|
||||||
* is nonzero, expect > 0 indicates which type of credential is expected.
|
* is nonzero, expect > 0 indicates which type of credential is expected.
|
||||||
* If expect == 0, more than one of them is nonzero (multiple types expected).
|
* If expect == 0, more than one of them is nonzero (multiple types expected).
|
||||||
|
|
|
||||||
|
|
@ -1568,6 +1568,7 @@ int s_server_main(int argc, char *argv[])
|
||||||
goto end;
|
goto end;
|
||||||
break;
|
break;
|
||||||
case OPT_VERIFY_RET_ERROR:
|
case OPT_VERIFY_RET_ERROR:
|
||||||
|
s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
|
||||||
verify_args.return_error = 1;
|
verify_args.return_error = 1;
|
||||||
break;
|
break;
|
||||||
case OPT_VERIFY_QUIET:
|
case OPT_VERIFY_QUIET:
|
||||||
|
|
|
||||||
|
|
@ -4317,7 +4317,7 @@ int speed_main(int argc, char **argv)
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Try explicitly fetching the signature algoritm implementation to
|
* Try explicitly fetching the signature algorithm implementation to
|
||||||
* use in case the algorithm does not support EVP_PKEY_sign_init
|
* use in case the algorithm does not support EVP_PKEY_sign_init
|
||||||
*/
|
*/
|
||||||
ERR_set_mark();
|
ERR_set_mark();
|
||||||
|
|
@ -4354,7 +4354,7 @@ int speed_main(int argc, char **argv)
|
||||||
}
|
}
|
||||||
if (EVP_PKEY_sign(sig_sign_ctx, NULL, &max_sig_len, md, md_len) <= 0) {
|
if (EVP_PKEY_sign(sig_sign_ctx, NULL, &max_sig_len, md, md_len) <= 0) {
|
||||||
BIO_printf(bio_err,
|
BIO_printf(bio_err,
|
||||||
"Error while obtaining signature bufffer length for %s.\n",
|
"Error while obtaining signature buffer length for %s.\n",
|
||||||
sig_name);
|
sig_name);
|
||||||
goto sig_err_break;
|
goto sig_err_break;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -328,25 +328,14 @@ int storeutl_main(int argc, char *argv[])
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int indent_printf(int indent, BIO *bio, const char *format, ...)
|
static void indent_printf(int indent, BIO *bio, const char *format, ...)
|
||||||
{
|
{
|
||||||
va_list args;
|
va_list args;
|
||||||
int ret, vret;
|
|
||||||
|
|
||||||
ret = BIO_printf(bio, "%*s", indent, "");
|
|
||||||
if (ret < 0)
|
|
||||||
return ret;
|
|
||||||
|
|
||||||
|
BIO_printf(bio, "%*s", indent, "");
|
||||||
va_start(args, format);
|
va_start(args, format);
|
||||||
vret = BIO_vprintf(bio, format, args);
|
BIO_vprintf(bio, format, args);
|
||||||
va_end(args);
|
va_end(args);
|
||||||
|
|
||||||
if (vret < 0)
|
|
||||||
return vret;
|
|
||||||
if (vret > INT_MAX - ret)
|
|
||||||
return INT_MAX;
|
|
||||||
|
|
||||||
return ret + vret;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
|
static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
|
||||||
|
|
|
||||||
|
|
@ -413,7 +413,7 @@ $code.=<<___;
|
||||||
|
|
||||||
/* get outstanding bytes of the digest */
|
/* get outstanding bytes of the digest */
|
||||||
sub x8,x5,x2
|
sub x8,x5,x2
|
||||||
/* substract loaded bytes */
|
/* subtract loaded bytes */
|
||||||
sub x5,x5,64
|
sub x5,x5,64
|
||||||
/*
|
/*
|
||||||
* main combined loop CBC
|
* main combined loop CBC
|
||||||
|
|
@ -2443,7 +2443,7 @@ asm_sha1_hmac_aescbc_dec:
|
||||||
rev32 v28.16b,v28.16b /* endian swap w2 */
|
rev32 v28.16b,v28.16b /* endian swap w2 */
|
||||||
rev32 v29.16b,v29.16b /* endian swap w3 */
|
rev32 v29.16b,v29.16b /* endian swap w3 */
|
||||||
|
|
||||||
/* substract loaded bytes */
|
/* subtract loaded bytes */
|
||||||
sub x5,x5,64
|
sub x5,x5,64
|
||||||
/*
|
/*
|
||||||
* now we can do the loop prolog, 1st sha1 block
|
* now we can do the loop prolog, 1st sha1 block
|
||||||
|
|
@ -2567,7 +2567,7 @@ asm_sha1_hmac_aescbc_dec:
|
||||||
ld1 {v29.16b},[x3],16 /* next w3 */
|
ld1 {v29.16b},[x3],16 /* next w3 */
|
||||||
sha1p q24,s22,v23.4s
|
sha1p q24,s22,v23.4s
|
||||||
|
|
||||||
/* substract loaded bytes */
|
/* subtract loaded bytes */
|
||||||
sub x5,x5,64
|
sub x5,x5,64
|
||||||
/*
|
/*
|
||||||
* aes_blocks_left := number after the main (sha) block is done.
|
* aes_blocks_left := number after the main (sha) block is done.
|
||||||
|
|
@ -2812,7 +2812,7 @@ $code.=<<___;
|
||||||
add v25.4s,v25.4s,v21.4s
|
add v25.4s,v25.4s,v21.4s
|
||||||
/* save aes res, bump aes_out_ptr */
|
/* save aes res, bump aes_out_ptr */
|
||||||
st1 {v3.16b},[x1],16
|
st1 {v3.16b},[x1],16
|
||||||
/* substract loaded bytes */
|
/* subtract loaded bytes */
|
||||||
sub x5,x5,64
|
sub x5,x5,64
|
||||||
/* loop if more to do */
|
/* loop if more to do */
|
||||||
cbnz x15,.Ldec_main_loop
|
cbnz x15,.Ldec_main_loop
|
||||||
|
|
|
||||||
|
|
@ -427,7 +427,7 @@ $code.=<<___;
|
||||||
|
|
||||||
/* get outstanding bytes of the digest */
|
/* get outstanding bytes of the digest */
|
||||||
sub x12,x5,x2
|
sub x12,x5,x2
|
||||||
/* substract loaded bytes */
|
/* subtract loaded bytes */
|
||||||
sub x5,x5,64
|
sub x5,x5,64
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
@ -2590,7 +2590,7 @@ asm_sha256_hmac_aescbc_dec:
|
||||||
rev32 v28.16b,v28.16b /* endian swap w2 */
|
rev32 v28.16b,v28.16b /* endian swap w2 */
|
||||||
rev32 v29.16b,v29.16b /* endian swap w3 */
|
rev32 v29.16b,v29.16b /* endian swap w3 */
|
||||||
|
|
||||||
/* substract loaded bytes */
|
/* subtract loaded bytes */
|
||||||
sub x5,x5,64
|
sub x5,x5,64
|
||||||
/*
|
/*
|
||||||
* now we can do the loop prolog, 1st sha256 block
|
* now we can do the loop prolog, 1st sha256 block
|
||||||
|
|
@ -2746,7 +2746,7 @@ asm_sha256_hmac_aescbc_dec:
|
||||||
sha256h q22, q23, v7.4s
|
sha256h q22, q23, v7.4s
|
||||||
sha256h2 q23, q21, v7.4s
|
sha256h2 q23, q21, v7.4s
|
||||||
|
|
||||||
/* substract loaded bytes */
|
/* subtract loaded bytes */
|
||||||
sub x5,x5,64
|
sub x5,x5,64
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
@ -3017,7 +3017,7 @@ $code.=<<___;
|
||||||
add v25.4s,v25.4s,v23.4s /* EFGH += working copy */
|
add v25.4s,v25.4s,v23.4s /* EFGH += working copy */
|
||||||
/* save aes res, bump aes_out_ptr */
|
/* save aes res, bump aes_out_ptr */
|
||||||
st1 {v3.16b},[x1],16
|
st1 {v3.16b},[x1],16
|
||||||
/* substract loaded bytes */
|
/* subtract loaded bytes */
|
||||||
sub x5,x5,64
|
sub x5,x5,64
|
||||||
cbnz x15,.Ldec_main_loop /* loop if more to do */
|
cbnz x15,.Ldec_main_loop /* loop if more to do */
|
||||||
/*
|
/*
|
||||||
|
|
|
||||||
|
|
@ -2194,7 +2194,7 @@ ___
|
||||||
vpxorq %zmm6,%zmm5,%zmm5{%k2}
|
vpxorq %zmm6,%zmm5,%zmm5{%k2}
|
||||||
vpxord %zmm5,%zmm7,%zmm10
|
vpxord %zmm5,%zmm7,%zmm10
|
||||||
|
|
||||||
# Make next 8 tweek values by all x 2^8
|
# Make next 8 tweak values by all x 2^8
|
||||||
vpsrldq \$0xf,%zmm9,%zmm13
|
vpsrldq \$0xf,%zmm9,%zmm13
|
||||||
vpclmulqdq \$0x0,%zmm25,%zmm13,%zmm14
|
vpclmulqdq \$0x0,%zmm25,%zmm13,%zmm14
|
||||||
vpslldq \$0x1,%zmm9,%zmm11
|
vpslldq \$0x1,%zmm9,%zmm11
|
||||||
|
|
@ -2234,7 +2234,7 @@ ___
|
||||||
jmp .L_do_n_blocks_${rndsuffix}
|
jmp .L_do_n_blocks_${rndsuffix}
|
||||||
|
|
||||||
.L_start_by8_${rndsuffix}:
|
.L_start_by8_${rndsuffix}:
|
||||||
# Make first 7 tweek values
|
# Make first 7 tweak values
|
||||||
vbroadcasti32x4 ($TW),%zmm0
|
vbroadcasti32x4 ($TW),%zmm0
|
||||||
vbroadcasti32x4 shufb_15_7(%rip),%zmm8
|
vbroadcasti32x4 shufb_15_7(%rip),%zmm8
|
||||||
mov \$0xaa,$tmp1
|
mov \$0xaa,$tmp1
|
||||||
|
|
|
||||||
|
|
@ -76,7 +76,7 @@ uint32_t OPENSSL_rdtsc(void)
|
||||||
# endif
|
# endif
|
||||||
# if defined(__FreeBSD__) || defined(__OpenBSD__)
|
# if defined(__FreeBSD__) || defined(__OpenBSD__)
|
||||||
# include <sys/param.h>
|
# include <sys/param.h>
|
||||||
# if (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || \
|
# if (defined(__FreeBSD__) && __FreeBSD_version >= 1104000) || \
|
||||||
(defined(__OpenBSD__) && OpenBSD >= 202409)
|
(defined(__OpenBSD__) && OpenBSD >= 202409)
|
||||||
# include <sys/auxv.h>
|
# include <sys/auxv.h>
|
||||||
# define OSSL_IMPLEMENT_GETAUXVAL
|
# define OSSL_IMPLEMENT_GETAUXVAL
|
||||||
|
|
|
||||||
|
|
@ -309,53 +309,23 @@ int BIO_sock_should_retry(int i)
|
||||||
|
|
||||||
int BIO_sock_non_fatal_error(int err)
|
int BIO_sock_non_fatal_error(int err)
|
||||||
{
|
{
|
||||||
switch (err) {
|
|
||||||
# if defined(OPENSSL_SYS_WINDOWS)
|
# if defined(OPENSSL_SYS_WINDOWS)
|
||||||
# if defined(WSAEWOULDBLOCK)
|
return err == WSAEWOULDBLOCK
|
||||||
case WSAEWOULDBLOCK:
|
|| err == WSAENOTCONN
|
||||||
|
|| err == WSAEINTR
|
||||||
|
|| err == WSAEINPROGRESS
|
||||||
|
|| err == WSAEALREADY;
|
||||||
|
# else /* POSIX.1-2001 */
|
||||||
|
return err == EWOULDBLOCK
|
||||||
|
|| err == EAGAIN
|
||||||
|
|| err == ENOTCONN
|
||||||
|
|| err == EINTR
|
||||||
|
# if ! defined (__DJGPP__)
|
||||||
|
|| err == EPROTO
|
||||||
# endif
|
# endif
|
||||||
|
|| err == EINPROGRESS
|
||||||
|
|| err == EALREADY;
|
||||||
# endif
|
# endif
|
||||||
|
|
||||||
# ifdef EWOULDBLOCK
|
|
||||||
# ifdef WSAEWOULDBLOCK
|
|
||||||
# if WSAEWOULDBLOCK != EWOULDBLOCK
|
|
||||||
case EWOULDBLOCK:
|
|
||||||
# endif
|
|
||||||
# else
|
|
||||||
case EWOULDBLOCK:
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# if defined(ENOTCONN)
|
|
||||||
case ENOTCONN:
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef EINTR
|
|
||||||
case EINTR:
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef EAGAIN
|
|
||||||
# if EWOULDBLOCK != EAGAIN
|
|
||||||
case EAGAIN:
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef EPROTO
|
|
||||||
case EPROTO:
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef EINPROGRESS
|
|
||||||
case EINPROGRESS:
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef EALREADY
|
|
||||||
case EALREADY:
|
|
||||||
# endif
|
|
||||||
return 1;
|
|
||||||
default:
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
return 0;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif /* #ifndef OPENSSL_NO_SOCK */
|
#endif /* #ifndef OPENSSL_NO_SOCK */
|
||||||
|
|
|
||||||
|
|
@ -243,7 +243,7 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen,
|
||||||
/* Check byte failure */
|
/* Check byte failure */
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (inlen < (size_t)(tmp[0] - 4)) {
|
if (inlen < 4 + (size_t)tmp[0]) {
|
||||||
/* Invalid length value */
|
/* Invalid length value */
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -146,7 +146,7 @@ void OPENSSL_cpuid_setup(void)
|
||||||
OPENSSL_ia32cap_P[index + 1] = (unsigned int)(vecx >> 32);
|
OPENSSL_ia32cap_P[index + 1] = (unsigned int)(vecx >> 32);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* skip delimeter */
|
/* skip delimiter */
|
||||||
if ((env = ossl_strchr(env, ':')) != NULL)
|
if ((env = ossl_strchr(env, ':')) != NULL)
|
||||||
env++;
|
env++;
|
||||||
} else { /* zeroize the next two indexes */
|
} else { /* zeroize the next two indexes */
|
||||||
|
|
|
||||||
|
|
@ -56,10 +56,6 @@ ALIGN32 static const BN_ULONG def_p[P256_LIMBS] = {
|
||||||
0xffffffffffffffff, 0xffffffff00000000,
|
0xffffffffffffffff, 0xffffffff00000000,
|
||||||
0xffffffffffffffff, 0xfffffffeffffffff
|
0xffffffffffffffff, 0xfffffffeffffffff
|
||||||
};
|
};
|
||||||
ALIGN32 static const BN_ULONG def_ord[P256_LIMBS] = {
|
|
||||||
0x53bbf40939d54123, 0x7203df6b21c6052b,
|
|
||||||
0xffffffffffffffff, 0xfffffffeffffffff
|
|
||||||
};
|
|
||||||
|
|
||||||
ALIGN32 static const BN_ULONG ONE[P256_LIMBS] = {1, 0, 0, 0};
|
ALIGN32 static const BN_ULONG ONE[P256_LIMBS] = {1, 0, 0, 0};
|
||||||
|
|
||||||
|
|
@ -177,13 +173,6 @@ static ossl_inline void ecp_sm2p256_mod_inverse(BN_ULONG* out,
|
||||||
BN_MOD_INV(out, in, ecp_sm2p256_div_by_2, ecp_sm2p256_sub, def_p);
|
BN_MOD_INV(out, in, ecp_sm2p256_div_by_2, ecp_sm2p256_sub, def_p);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Modular inverse mod order |out| = |in|^(-1) % |ord|. */
|
|
||||||
static ossl_inline void ecp_sm2p256_mod_ord_inverse(BN_ULONG* out,
|
|
||||||
const BN_ULONG* in) {
|
|
||||||
BN_MOD_INV(out, in, ecp_sm2p256_div_by_2_mod_ord, ecp_sm2p256_sub_mod_ord,
|
|
||||||
def_ord);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Point double: R <- P + P */
|
/* Point double: R <- P + P */
|
||||||
static void ecp_sm2p256_point_double(P256_POINT *R, const P256_POINT *P)
|
static void ecp_sm2p256_point_double(P256_POINT *R, const P256_POINT *P)
|
||||||
{
|
{
|
||||||
|
|
@ -454,52 +443,6 @@ static int ecp_sm2p256_is_affine_G(const EC_POINT *generator)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/*
|
|
||||||
* Convert Jacobian coordinate point into affine coordinate (x,y)
|
|
||||||
*/
|
|
||||||
static int ecp_sm2p256_get_affine(const EC_GROUP *group,
|
|
||||||
const EC_POINT *point,
|
|
||||||
BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
|
|
||||||
{
|
|
||||||
ALIGN32 BN_ULONG z_inv2[P256_LIMBS] = {0};
|
|
||||||
ALIGN32 BN_ULONG z_inv3[P256_LIMBS] = {0};
|
|
||||||
ALIGN32 BN_ULONG x_aff[P256_LIMBS] = {0};
|
|
||||||
ALIGN32 BN_ULONG y_aff[P256_LIMBS] = {0};
|
|
||||||
ALIGN32 BN_ULONG point_x[P256_LIMBS] = {0};
|
|
||||||
ALIGN32 BN_ULONG point_y[P256_LIMBS] = {0};
|
|
||||||
ALIGN32 BN_ULONG point_z[P256_LIMBS] = {0};
|
|
||||||
|
|
||||||
if (EC_POINT_is_at_infinity(group, point)) {
|
|
||||||
ECerr(ERR_LIB_EC, EC_R_POINT_AT_INFINITY);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (ecp_sm2p256_bignum_field_elem(point_x, point->X) <= 0
|
|
||||||
|| ecp_sm2p256_bignum_field_elem(point_y, point->Y) <= 0
|
|
||||||
|| ecp_sm2p256_bignum_field_elem(point_z, point->Z) <= 0) {
|
|
||||||
ECerr(ERR_LIB_EC, EC_R_COORDINATES_OUT_OF_RANGE);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
ecp_sm2p256_mod_inverse(z_inv3, point_z);
|
|
||||||
ecp_sm2p256_sqr(z_inv2, z_inv3);
|
|
||||||
|
|
||||||
if (x != NULL) {
|
|
||||||
ecp_sm2p256_mul(x_aff, point_x, z_inv2);
|
|
||||||
if (!bn_set_words(x, x_aff, P256_LIMBS))
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (y != NULL) {
|
|
||||||
ecp_sm2p256_mul(z_inv3, z_inv3, z_inv2);
|
|
||||||
ecp_sm2p256_mul(y_aff, point_y, z_inv3);
|
|
||||||
if (!bn_set_words(y, y_aff, P256_LIMBS))
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* r = sum(scalar[i]*point[i]) */
|
/* r = sum(scalar[i]*point[i]) */
|
||||||
static int ecp_sm2p256_windowed_mul(const EC_GROUP *group,
|
static int ecp_sm2p256_windowed_mul(const EC_GROUP *group,
|
||||||
P256_POINT *r,
|
P256_POINT *r,
|
||||||
|
|
@ -689,44 +632,6 @@ static int ecp_sm2p256_field_sqr(const EC_GROUP *group, BIGNUM *r,
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ecp_sm2p256_inv_mod_ord(const EC_GROUP *group, BIGNUM *r,
|
|
||||||
const BIGNUM *x, BN_CTX *ctx)
|
|
||||||
{
|
|
||||||
int ret = 0;
|
|
||||||
ALIGN32 BN_ULONG t[P256_LIMBS] = {0};
|
|
||||||
ALIGN32 BN_ULONG out[P256_LIMBS] = {0};
|
|
||||||
|
|
||||||
if (bn_wexpand(r, P256_LIMBS) == NULL) {
|
|
||||||
ECerr(ERR_LIB_EC, ERR_R_BN_LIB);
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ((BN_num_bits(x) > 256) || BN_is_negative(x)) {
|
|
||||||
BIGNUM *tmp;
|
|
||||||
|
|
||||||
if ((tmp = BN_CTX_get(ctx)) == NULL
|
|
||||||
|| !BN_nnmod(tmp, x, group->order, ctx)) {
|
|
||||||
ECerr(ERR_LIB_EC, ERR_R_BN_LIB);
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
x = tmp;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!ecp_sm2p256_bignum_field_elem(t, x)) {
|
|
||||||
ECerr(ERR_LIB_EC, EC_R_COORDINATES_OUT_OF_RANGE);
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
|
|
||||||
ecp_sm2p256_mod_ord_inverse(out, t);
|
|
||||||
|
|
||||||
if (!bn_set_words(r, out, P256_LIMBS))
|
|
||||||
goto err;
|
|
||||||
|
|
||||||
ret = 1;
|
|
||||||
err:
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
const EC_METHOD *EC_GFp_sm2p256_method(void)
|
const EC_METHOD *EC_GFp_sm2p256_method(void)
|
||||||
{
|
{
|
||||||
static const EC_METHOD ret = {
|
static const EC_METHOD ret = {
|
||||||
|
|
@ -747,7 +652,7 @@ const EC_METHOD *EC_GFp_sm2p256_method(void)
|
||||||
ossl_ec_GFp_simple_point_copy,
|
ossl_ec_GFp_simple_point_copy,
|
||||||
ossl_ec_GFp_simple_point_set_to_infinity,
|
ossl_ec_GFp_simple_point_set_to_infinity,
|
||||||
ossl_ec_GFp_simple_point_set_affine_coordinates,
|
ossl_ec_GFp_simple_point_set_affine_coordinates,
|
||||||
ecp_sm2p256_get_affine,
|
ossl_ec_GFp_simple_point_get_affine_coordinates,
|
||||||
0, 0, 0,
|
0, 0, 0,
|
||||||
ossl_ec_GFp_simple_add,
|
ossl_ec_GFp_simple_add,
|
||||||
ossl_ec_GFp_simple_dbl,
|
ossl_ec_GFp_simple_dbl,
|
||||||
|
|
@ -763,7 +668,7 @@ const EC_METHOD *EC_GFp_sm2p256_method(void)
|
||||||
ecp_sm2p256_field_mul,
|
ecp_sm2p256_field_mul,
|
||||||
ecp_sm2p256_field_sqr,
|
ecp_sm2p256_field_sqr,
|
||||||
0 /* field_div */,
|
0 /* field_div */,
|
||||||
0 /* field_inv */,
|
ossl_ec_GFp_simple_field_inv,
|
||||||
0 /* field_encode */,
|
0 /* field_encode */,
|
||||||
0 /* field_decode */,
|
0 /* field_decode */,
|
||||||
0 /* field_set_to_one */,
|
0 /* field_set_to_one */,
|
||||||
|
|
@ -779,7 +684,7 @@ const EC_METHOD *EC_GFp_sm2p256_method(void)
|
||||||
ossl_ecdsa_simple_sign_setup,
|
ossl_ecdsa_simple_sign_setup,
|
||||||
ossl_ecdsa_simple_sign_sig,
|
ossl_ecdsa_simple_sign_sig,
|
||||||
ossl_ecdsa_simple_verify_sig,
|
ossl_ecdsa_simple_verify_sig,
|
||||||
ecp_sm2p256_inv_mod_ord,
|
0, /* use constant‑time fallback for inverse mod order */
|
||||||
0, /* blind_coordinates */
|
0, /* blind_coordinates */
|
||||||
0, /* ladder_pre */
|
0, /* ladder_pre */
|
||||||
0, /* ladder_step */
|
0, /* ladder_step */
|
||||||
|
|
|
||||||
|
|
@ -560,7 +560,7 @@ static int block_in(BIO *b)
|
||||||
{
|
{
|
||||||
BIO_OK_CTX *ctx;
|
BIO_OK_CTX *ctx;
|
||||||
EVP_MD_CTX *md;
|
EVP_MD_CTX *md;
|
||||||
unsigned long tl = 0;
|
size_t tl = 0;
|
||||||
unsigned char tmp[EVP_MAX_MD_SIZE];
|
unsigned char tmp[EVP_MAX_MD_SIZE];
|
||||||
int md_size;
|
int md_size;
|
||||||
|
|
||||||
|
|
@ -571,15 +571,18 @@ static int block_in(BIO *b)
|
||||||
goto berr;
|
goto berr;
|
||||||
|
|
||||||
assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */
|
assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */
|
||||||
tl = ctx->buf[0];
|
tl = ((size_t)ctx->buf[0] << 24)
|
||||||
tl <<= 8;
|
| ((size_t)ctx->buf[1] << 16)
|
||||||
tl |= ctx->buf[1];
|
| ((size_t)ctx->buf[2] << 8)
|
||||||
tl <<= 8;
|
| ((size_t)ctx->buf[3]);
|
||||||
tl |= ctx->buf[2];
|
|
||||||
tl <<= 8;
|
|
||||||
tl |= ctx->buf[3];
|
|
||||||
|
|
||||||
if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md_size)
|
if (tl > OK_BLOCK_SIZE)
|
||||||
|
goto berr;
|
||||||
|
|
||||||
|
if (tl > SIZE_MAX - OK_BLOCK_BLOCK - (size_t)md_size)
|
||||||
|
goto berr;
|
||||||
|
|
||||||
|
if (ctx->buf_len < tl + OK_BLOCK_BLOCK + (size_t)md_size)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
if (!EVP_DigestUpdate(md,
|
if (!EVP_DigestUpdate(md,
|
||||||
|
|
@ -587,7 +590,7 @@ static int block_in(BIO *b)
|
||||||
goto berr;
|
goto berr;
|
||||||
if (!EVP_DigestFinal_ex(md, tmp, NULL))
|
if (!EVP_DigestFinal_ex(md, tmp, NULL))
|
||||||
goto berr;
|
goto berr;
|
||||||
if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md_size) == 0) {
|
if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, (size_t)md_size) == 0) {
|
||||||
/* there might be parts from next block lurking around ! */
|
/* there might be parts from next block lurking around ! */
|
||||||
ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md_size;
|
ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md_size;
|
||||||
ctx->buf_len_save = ctx->buf_len;
|
ctx->buf_len_save = ctx->buf_len;
|
||||||
|
|
|
||||||
|
|
@ -2878,7 +2878,7 @@ static int evp_pkey_ctx_setget_params_to_ctrl(EVP_PKEY_CTX *pctx,
|
||||||
* function to put it to good use, or maybe affect it.
|
* function to put it to good use, or maybe affect it.
|
||||||
*
|
*
|
||||||
* NOTE: even though EVP_PKEY_CTX_ctrl return value is documented
|
* NOTE: even though EVP_PKEY_CTX_ctrl return value is documented
|
||||||
* as return positive on Success and 0 or negative on falure. There
|
* as return positive on Success and 0 or negative on failure. There
|
||||||
* maybe parameters (e.g. ecdh_cofactor), which actually return 0
|
* maybe parameters (e.g. ecdh_cofactor), which actually return 0
|
||||||
* as success value. That is why we do POST_PARAMS_TO_CTRL for 0
|
* as success value. That is why we do POST_PARAMS_TO_CTRL for 0
|
||||||
* value as well
|
* value as well
|
||||||
|
|
|
||||||
|
|
@ -1135,15 +1135,14 @@ int EVP_PKEY_can_sign(const EVP_PKEY *pkey)
|
||||||
} else {
|
} else {
|
||||||
const OSSL_PROVIDER *prov = EVP_KEYMGMT_get0_provider(pkey->keymgmt);
|
const OSSL_PROVIDER *prov = EVP_KEYMGMT_get0_provider(pkey->keymgmt);
|
||||||
OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov);
|
OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov);
|
||||||
const char *supported_sig =
|
EVP_SIGNATURE *sig;
|
||||||
pkey->keymgmt->query_operation_name != NULL
|
const char *name;
|
||||||
? pkey->keymgmt->query_operation_name(OSSL_OP_SIGNATURE)
|
|
||||||
: EVP_KEYMGMT_get0_name(pkey->keymgmt);
|
|
||||||
EVP_SIGNATURE *signature = NULL;
|
|
||||||
|
|
||||||
signature = EVP_SIGNATURE_fetch(libctx, supported_sig, NULL);
|
name = evp_keymgmt_util_query_operation_name(pkey->keymgmt,
|
||||||
if (signature != NULL) {
|
OSSL_OP_SIGNATURE);
|
||||||
EVP_SIGNATURE_free(signature);
|
sig = EVP_SIGNATURE_fetch(libctx, name, NULL);
|
||||||
|
if (sig != NULL) {
|
||||||
|
EVP_SIGNATURE_free(sig);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -842,7 +842,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
|
||||||
if (*p != '\r' && *p != '\n')
|
if (*p != '\r' && *p != '\n')
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (*p != '\0') /* not end of headers or not end of error reponse content */
|
if (*p != '\0') /* not end of headers or not end of error response content */
|
||||||
goto next_line;
|
goto next_line;
|
||||||
|
|
||||||
/* Found blank line(s) indicating end of headers */
|
/* Found blank line(s) indicating end of headers */
|
||||||
|
|
|
||||||
|
|
@ -263,6 +263,7 @@ static int use_proxy(const char *no_proxy, const char *server)
|
||||||
/* strip leading '[' and trailing ']' from escaped IPv6 address */
|
/* strip leading '[' and trailing ']' from escaped IPv6 address */
|
||||||
sl -= 2;
|
sl -= 2;
|
||||||
strncpy(host, server + 1, sl);
|
strncpy(host, server + 1, sl);
|
||||||
|
host[sl] = '\0';
|
||||||
server = host;
|
server = host;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,9 @@
|
||||||
#if defined(__arm__) || defined(__arm) || defined(__aarch64__)
|
#if defined(__arm__) || defined(__arm) || defined(__aarch64__)
|
||||||
# include "arm_arch.h"
|
# include "arm_arch.h"
|
||||||
# define CPU_INFO_STR_LEN 128
|
# define CPU_INFO_STR_LEN 128
|
||||||
|
#elif defined(__powerpc__) || defined(__POWERPC__) || defined(_ARCH_PPC)
|
||||||
|
# include "crypto/ppc_arch.h"
|
||||||
|
# define CPU_INFO_STR_LEN 128
|
||||||
#elif defined(__s390__) || defined(__s390x__)
|
#elif defined(__s390__) || defined(__s390x__)
|
||||||
# include "s390x_arch.h"
|
# include "s390x_arch.h"
|
||||||
# define CPU_INFO_STR_LEN 2048
|
# define CPU_INFO_STR_LEN 2048
|
||||||
|
|
@ -77,6 +80,15 @@ DEFINE_RUN_ONCE_STATIC(init_info_strings)
|
||||||
BIO_snprintf(ossl_cpu_info_str + strlen(ossl_cpu_info_str),
|
BIO_snprintf(ossl_cpu_info_str + strlen(ossl_cpu_info_str),
|
||||||
sizeof(ossl_cpu_info_str) - strlen(ossl_cpu_info_str),
|
sizeof(ossl_cpu_info_str) - strlen(ossl_cpu_info_str),
|
||||||
" env:%s", env);
|
" env:%s", env);
|
||||||
|
# elif defined(__powerpc__) || defined(__POWERPC__) || defined(_ARCH_PPC)
|
||||||
|
const char *env;
|
||||||
|
|
||||||
|
BIO_snprintf(ossl_cpu_info_str, sizeof(ossl_cpu_info_str),
|
||||||
|
CPUINFO_PREFIX "OPENSSL_ppccap=0x%x", OPENSSL_ppccap_P);
|
||||||
|
if ((env = getenv("OPENSSL_ppccap")) != NULL)
|
||||||
|
BIO_snprintf(ossl_cpu_info_str + strlen(ossl_cpu_info_str),
|
||||||
|
sizeof(ossl_cpu_info_str) - strlen(ossl_cpu_info_str),
|
||||||
|
" env:%s", env);
|
||||||
# elif defined(__s390__) || defined(__s390x__)
|
# elif defined(__s390__) || defined(__s390x__)
|
||||||
const char *env;
|
const char *env;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -56,7 +56,7 @@ uint16_t ossl_lm_ots_params_checksum(const LM_OTS_PARAMS *params,
|
||||||
{
|
{
|
||||||
uint16_t sum = 0;
|
uint16_t sum = 0;
|
||||||
uint16_t i;
|
uint16_t i;
|
||||||
/* Largest size is 8 * 32 / 1 = 256 (which doesnt quite fit into 8 bits) */
|
/* Largest size is 8 * 32 / 1 = 256 (which doesn't quite fit into 8 bits) */
|
||||||
uint16_t bytes = (8 * params->n / params->w);
|
uint16_t bytes = (8 * params->n / params->w);
|
||||||
uint16_t end = (1 << params->w) - 1;
|
uint16_t end = (1 << params->w) - 1;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -27,7 +27,7 @@ static int lm_ots_compute_pubkey_final(EVP_MD_CTX *ctx, EVP_MD_CTX *ctxIq,
|
||||||
* that returns a non finalized value of H(I || q)
|
* that returns a non finalized value of H(I || q)
|
||||||
* @param sig An LM_OTS_SIG object that contains C and y
|
* @param sig An LM_OTS_SIG object that contains C and y
|
||||||
* @param pub The public key LM_OTS_PARAMS
|
* @param pub The public key LM_OTS_PARAMS
|
||||||
* @param Id A 16 byte indentifier (I) associated with a LMS tree
|
* @param Id A 16 byte identifier (I) associated with a LMS tree
|
||||||
* @param q The leaf index of the LMS tree.
|
* @param q The leaf index of the LMS tree.
|
||||||
* @param msg A message to verify
|
* @param msg A message to verify
|
||||||
* @param msglen The size of |msg|
|
* @param msglen The size of |msg|
|
||||||
|
|
|
||||||
|
|
@ -51,7 +51,7 @@ int lms_sig_compute_tc_from_path(const unsigned char *paths, uint32_t n,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Calculate the public key Tc using the path
|
* Calculate the public key Tc using the path
|
||||||
* The root hash is the hash of its 2 childrens Hash values.
|
* The root hash is the hash of its 2 children's Hash values.
|
||||||
* A child hash for each level is passed in by paths, and we have
|
* A child hash for each level is passed in by paths, and we have
|
||||||
* a leaf value that can be used with the path to calculate the parent
|
* a leaf value that can be used with the path to calculate the parent
|
||||||
* hash.
|
* hash.
|
||||||
|
|
|
||||||
|
|
@ -319,6 +319,7 @@ int ossl_ml_dsa_key_has(const ML_DSA_KEY *key, int selection)
|
||||||
static int public_from_private(const ML_DSA_KEY *key, EVP_MD_CTX *md_ctx,
|
static int public_from_private(const ML_DSA_KEY *key, EVP_MD_CTX *md_ctx,
|
||||||
VECTOR *t1, VECTOR *t0)
|
VECTOR *t1, VECTOR *t0)
|
||||||
{
|
{
|
||||||
|
int ret = 0;
|
||||||
const ML_DSA_PARAMS *params = key->params;
|
const ML_DSA_PARAMS *params = key->params;
|
||||||
uint32_t k = (uint32_t)params->k, l = (uint32_t)params->l;
|
uint32_t k = (uint32_t)params->k, l = (uint32_t)params->l;
|
||||||
POLY *polys;
|
POLY *polys;
|
||||||
|
|
@ -351,9 +352,10 @@ static int public_from_private(const ML_DSA_KEY *key, EVP_MD_CTX *md_ctx,
|
||||||
|
|
||||||
/* Zeroize secret */
|
/* Zeroize secret */
|
||||||
vector_zero(&s1_ntt);
|
vector_zero(&s1_ntt);
|
||||||
|
ret = 1;
|
||||||
err:
|
err:
|
||||||
OPENSSL_free(polys);
|
OPENSSL_free(polys);
|
||||||
return 1;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
int ossl_ml_dsa_key_public_from_private(ML_DSA_KEY *key)
|
int ossl_ml_dsa_key_public_from_private(ML_DSA_KEY *key)
|
||||||
|
|
|
||||||
|
|
@ -50,7 +50,7 @@
|
||||||
/*
|
/*
|
||||||
* Return whether a value that can only be 0 or 1 is non-zero, in constant time
|
* Return whether a value that can only be 0 or 1 is non-zero, in constant time
|
||||||
* in practice! The return value is a mask that is all ones if true, and all
|
* in practice! The return value is a mask that is all ones if true, and all
|
||||||
* zeros otherwise (twos-complement arithmentic assumed for unsigned values).
|
* zeros otherwise (twos-complement arithmetic assumed for unsigned values).
|
||||||
*
|
*
|
||||||
* Although this is used in constant-time selects, we omit a value barrier
|
* Although this is used in constant-time selects, we omit a value barrier
|
||||||
* here. Value barriers impede auto-vectorization (likely because it forces
|
* here. Value barriers impede auto-vectorization (likely because it forces
|
||||||
|
|
@ -506,7 +506,7 @@ static void scalar_mult_const(scalar *s, uint16_t a)
|
||||||
}
|
}
|
||||||
|
|
||||||
/*-
|
/*-
|
||||||
* FIPS 203, Section 4.3, Algoritm 9: "NTT".
|
* FIPS 203, Section 4.3, Algorithm 9: "NTT".
|
||||||
* In-place number theoretic transform of a given scalar. Note that ML-KEM's
|
* In-place number theoretic transform of a given scalar. Note that ML-KEM's
|
||||||
* kPrime 3329 does not have a 512th root of unity, so this transform leaves
|
* kPrime 3329 does not have a 512th root of unity, so this transform leaves
|
||||||
* off the last iteration of the usual FFT code, with the 128 relevant roots of
|
* off the last iteration of the usual FFT code, with the 128 relevant roots of
|
||||||
|
|
@ -539,7 +539,7 @@ static void scalar_ntt(scalar *s)
|
||||||
}
|
}
|
||||||
|
|
||||||
/*-
|
/*-
|
||||||
* FIPS 203, Section 4.3, Algoritm 10: "NTT^(-1)".
|
* FIPS 203, Section 4.3, Algorithm 10: "NTT^(-1)".
|
||||||
* In-place inverse number theoretic transform of a given scalar, with pairs of
|
* In-place inverse number theoretic transform of a given scalar, with pairs of
|
||||||
* entries of s->v being interpreted as elements of GF(3329^2). Just as with
|
* entries of s->v being interpreted as elements of GF(3329^2). Just as with
|
||||||
* the number theoretic transform, this leaves off the first step of the normal
|
* the number theoretic transform, this leaves off the first step of the normal
|
||||||
|
|
@ -596,7 +596,7 @@ static void scalar_sub(scalar *lhs, const scalar *rhs)
|
||||||
* GF(3329)[X]/(X^2 - 17^(2*bitreverse(i)+1)).
|
* GF(3329)[X]/(X^2 - 17^(2*bitreverse(i)+1)).
|
||||||
*
|
*
|
||||||
* The value of 17^(2*bitreverse(i)+1) mod 3329 is stored in the precomputed
|
* The value of 17^(2*bitreverse(i)+1) mod 3329 is stored in the precomputed
|
||||||
* ModRoots table. Note that our Barrett transform only allows us to multipy
|
* ModRoots table. Note that our Barrett transform only allows us to multiply
|
||||||
* two reduced numbers together, so we need some intermediate reduction steps,
|
* two reduced numbers together, so we need some intermediate reduction steps,
|
||||||
* even if an uint64_t could hold 3 multiplied numbers.
|
* even if an uint64_t could hold 3 multiplied numbers.
|
||||||
*/
|
*/
|
||||||
|
|
@ -2080,5 +2080,5 @@ int ossl_ml_kem_pubkey_cmp(const ML_KEM_KEY *key1, const ML_KEM_KEY *key2)
|
||||||
* No match if just one of the public keys is not available, otherwise both
|
* No match if just one of the public keys is not available, otherwise both
|
||||||
* are unavailable, and for now such keys are considered equal.
|
* are unavailable, and for now such keys are considered equal.
|
||||||
*/
|
*/
|
||||||
return (ossl_ml_kem_have_pubkey(key1) ^ ossl_ml_kem_have_pubkey(key2));
|
return (!(ossl_ml_kem_have_pubkey(key1) ^ ossl_ml_kem_have_pubkey(key2)));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -2592,7 +2592,7 @@ ___
|
||||||
$code .= <<___;
|
$code .= <<___;
|
||||||
vpclmulqdq \$0x01,@{[XWORD($GH1L)]},@{[XWORD($RED_POLY)]},@{[XWORD($RED_P1)]}
|
vpclmulqdq \$0x01,@{[XWORD($GH1L)]},@{[XWORD($RED_POLY)]},@{[XWORD($RED_P1)]}
|
||||||
vpslldq \$8,@{[XWORD($RED_P1)]},@{[XWORD($RED_P1)]} # ; shift-L 2 DWs
|
vpslldq \$8,@{[XWORD($RED_P1)]},@{[XWORD($RED_P1)]} # ; shift-L 2 DWs
|
||||||
vpxorq @{[XWORD($RED_P1)]},@{[XWORD($GH1L)]},@{[XWORD($RED_P1)]} # ; first phase of the reduct
|
vpxorq @{[XWORD($RED_P1)]},@{[XWORD($GH1L)]},@{[XWORD($RED_P1)]} # ; first phase of the reduction
|
||||||
___
|
___
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -3222,7 +3222,7 @@ ___
|
||||||
$code .= <<___;
|
$code .= <<___;
|
||||||
vpclmulqdq \$0x01,@{[XWORD($GH1L)]},@{[XWORD($RED_POLY)]},@{[XWORD($RED_P1)]}
|
vpclmulqdq \$0x01,@{[XWORD($GH1L)]},@{[XWORD($RED_POLY)]},@{[XWORD($RED_P1)]}
|
||||||
vpslldq \$8,@{[XWORD($RED_P1)]},@{[XWORD($RED_P1)]} # ; shift-L 2 DWs
|
vpslldq \$8,@{[XWORD($RED_P1)]},@{[XWORD($RED_P1)]} # ; shift-L 2 DWs
|
||||||
vpxorq @{[XWORD($RED_P1)]},@{[XWORD($GH1L)]},@{[XWORD($RED_P1)]} # ; first phase of the reduct
|
vpxorq @{[XWORD($RED_P1)]},@{[XWORD($GH1L)]},@{[XWORD($RED_P1)]} # ; first phase of the reduction
|
||||||
___
|
___
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -202,9 +202,12 @@ int ossl_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen,
|
||||||
|| !EVP_MAC_final(mac_ctx, ctx->d.byte, &out_len,
|
|| !EVP_MAC_final(mac_ctx, ctx->d.byte, &out_len,
|
||||||
sizeof(ctx->d.byte))) {
|
sizeof(ctx->d.byte))) {
|
||||||
EVP_CIPHER_CTX_free(ctx->cipher_ctx);
|
EVP_CIPHER_CTX_free(ctx->cipher_ctx);
|
||||||
|
ctx->cipher_ctx = NULL;
|
||||||
EVP_MAC_CTX_free(ctx->mac_ctx_init);
|
EVP_MAC_CTX_free(ctx->mac_ctx_init);
|
||||||
|
ctx->mac_ctx_init = NULL;
|
||||||
EVP_MAC_CTX_free(mac_ctx);
|
EVP_MAC_CTX_free(mac_ctx);
|
||||||
EVP_MAC_free(ctx->mac);
|
EVP_MAC_free(ctx->mac);
|
||||||
|
ctx->mac = NULL;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
EVP_MAC_CTX_free(mac_ctx);
|
EVP_MAC_CTX_free(mac_ctx);
|
||||||
|
|
|
||||||
|
|
@ -39,6 +39,7 @@ struct added_obj_st {
|
||||||
|
|
||||||
static unsigned long added_obj_hash(const ADDED_OBJ *ca);
|
static unsigned long added_obj_hash(const ADDED_OBJ *ca);
|
||||||
static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb);
|
static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb);
|
||||||
|
static int add_object(const ASN1_OBJECT *obj, int indirect);
|
||||||
|
|
||||||
static LHASH_OF(ADDED_OBJ) *added = NULL;
|
static LHASH_OF(ADDED_OBJ) *added = NULL;
|
||||||
static CRYPTO_RWLOCK *ossl_obj_lock = NULL;
|
static CRYPTO_RWLOCK *ossl_obj_lock = NULL;
|
||||||
|
|
@ -155,6 +156,19 @@ static unsigned long added_obj_hash(const ADDED_OBJ *ca)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Compare two ASN1_OBJECTs, including SNAME and LNAME, but not NIDs.
|
||||||
|
*/
|
||||||
|
static int obj_equivalent(const ASN1_OBJECT *a, const ASN1_OBJECT *b)
|
||||||
|
{
|
||||||
|
return a->length == b->length
|
||||||
|
&& memcmp(a->data, b->data, (size_t)a->length) == 0
|
||||||
|
&& (a->sn == NULL) == (b->sn == NULL)
|
||||||
|
&& strcmp(a->sn ? a->sn : "", b->sn ? b->sn : "") == 0
|
||||||
|
&& (a->ln == NULL) == (b->ln == NULL)
|
||||||
|
&& strcmp(a->ln ? a->ln : "", b->ln ? b->ln : "") == 0;
|
||||||
|
}
|
||||||
|
|
||||||
static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb)
|
static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb)
|
||||||
{
|
{
|
||||||
ASN1_OBJECT *a, *b;
|
ASN1_OBJECT *a, *b;
|
||||||
|
|
@ -722,15 +736,11 @@ int OBJ_create(const char *oid, const char *sn, const char *ln)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
tmpoid->nid = OBJ_new_nid(1);
|
tmpoid->nid = NID_undef;
|
||||||
|
|
||||||
if (tmpoid->nid == NID_undef)
|
|
||||||
goto err;
|
|
||||||
|
|
||||||
tmpoid->sn = (char *)sn;
|
tmpoid->sn = (char *)sn;
|
||||||
tmpoid->ln = (char *)ln;
|
tmpoid->ln = (char *)ln;
|
||||||
|
|
||||||
ok = OBJ_add_object(tmpoid);
|
ok = add_object(tmpoid, 1);
|
||||||
|
|
||||||
tmpoid->sn = NULL;
|
tmpoid->sn = NULL;
|
||||||
tmpoid->ln = NULL;
|
tmpoid->ln = NULL;
|
||||||
|
|
@ -754,14 +764,35 @@ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj)
|
||||||
return obj->data;
|
return obj->data;
|
||||||
}
|
}
|
||||||
|
|
||||||
int OBJ_add_object(const ASN1_OBJECT *obj)
|
static int add_object(const ASN1_OBJECT *obj, int indirect)
|
||||||
{
|
{
|
||||||
ASN1_OBJECT *o = NULL;
|
ASN1_OBJECT *o = NULL, *dup = NULL;
|
||||||
ADDED_OBJ *ao[4] = { NULL, NULL, NULL, NULL }, *aop[4];
|
ADDED_OBJ *ao[4] = { NULL, NULL, NULL, NULL }, *aop[4];
|
||||||
int i;
|
int i, ret = NID_undef, nid = obj->nid;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Indirect calls leave the NID unspecified, in which case we generate a
|
||||||
|
* fresh NID here. Direct calls via `OBJ_add_object()` must explicity
|
||||||
|
* specify the nid, and we then also check against the compile-time bsearch
|
||||||
|
* lists that the indirect calls have checked while holding a read lock.
|
||||||
|
*/
|
||||||
|
if (indirect) {
|
||||||
|
if (nid != NID_undef
|
||||||
|
|| (nid = OBJ_new_nid(1)) < NUM_NID
|
||||||
|
|| (o = OBJ_dup(obj)) == NULL)
|
||||||
|
return ret;
|
||||||
|
o->nid = nid;
|
||||||
|
} else if (nid < NUM_NID
|
||||||
|
|| (obj->data != NULL
|
||||||
|
&& OBJ_bsearch_obj(&obj, obj_objs, NUM_OBJ) != NULL)
|
||||||
|
|| (obj->sn != NULL
|
||||||
|
&& OBJ_bsearch_sn(&obj, sn_objs, NUM_SN) != NULL)
|
||||||
|
|| (obj->ln != NULL
|
||||||
|
&& OBJ_bsearch_ln(&obj, ln_objs, NUM_LN) != NULL)
|
||||||
|
|| (o = OBJ_dup(obj)) == NULL) {
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
if ((o = OBJ_dup(obj)) == NULL)
|
|
||||||
return NID_undef;
|
|
||||||
if ((ao[ADDED_NID] = OPENSSL_malloc(sizeof(*ao[0]))) == NULL
|
if ((ao[ADDED_NID] = OPENSSL_malloc(sizeof(*ao[0]))) == NULL
|
||||||
|| (o->length != 0
|
|| (o->length != 0
|
||||||
&& obj->data != NULL
|
&& obj->data != NULL
|
||||||
|
|
@ -778,26 +809,43 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
|
||||||
}
|
}
|
||||||
|
|
||||||
for (i = ADDED_DATA; i <= ADDED_NID; i++) {
|
for (i = ADDED_DATA; i <= ADDED_NID; i++) {
|
||||||
if (ao[i] != NULL) {
|
if (ao[i] == NULL)
|
||||||
|
continue;
|
||||||
ao[i]->type = i;
|
ao[i]->type = i;
|
||||||
ao[i]->obj = o;
|
ao[i]->obj = o;
|
||||||
aop[i] = lh_ADDED_OBJ_retrieve(added, ao[i]);
|
if ((aop[i] = lh_ADDED_OBJ_retrieve(added, ao[i])) != NULL)
|
||||||
if (aop[i] != NULL)
|
dup = aop[i]->obj;
|
||||||
aop[i]->type = -1;
|
}
|
||||||
|
|
||||||
|
if (dup != NULL) {
|
||||||
|
/*
|
||||||
|
* We found a possible conflict. If the caller did not specify a NID,
|
||||||
|
* return NID_undef to signal the conflict. Otherwise, if the NID and
|
||||||
|
* parameters are unchanged, return the old NID, else NID_undef to
|
||||||
|
* signal the conflict. This ensures that object registrations are
|
||||||
|
* immutable.
|
||||||
|
*
|
||||||
|
* In the future, ideally also return an equivalent existing NID also
|
||||||
|
* when the caller did not specify a NID, as in OBJ_create().
|
||||||
|
*/
|
||||||
|
if (obj->nid == dup->nid && obj_equivalent(obj, dup))
|
||||||
|
ret = dup->nid;
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
for (i = ADDED_DATA; i <= ADDED_NID; i++) {
|
||||||
|
if (ao[i] == NULL)
|
||||||
|
continue;
|
||||||
(void)lh_ADDED_OBJ_insert(added, ao[i]);
|
(void)lh_ADDED_OBJ_insert(added, ao[i]);
|
||||||
if (lh_ADDED_OBJ_error(added)) {
|
if (lh_ADDED_OBJ_error(added)) {
|
||||||
if (aop[i] != NULL)
|
|
||||||
aop[i]->type = i;
|
|
||||||
while (i-- > ADDED_DATA) {
|
while (i-- > ADDED_DATA) {
|
||||||
|
if (ao[i] != NULL)
|
||||||
lh_ADDED_OBJ_delete(added, ao[i]);
|
lh_ADDED_OBJ_delete(added, ao[i]);
|
||||||
if (aop[i] != NULL)
|
|
||||||
aop[i]->type = i;
|
|
||||||
}
|
}
|
||||||
ERR_raise(ERR_LIB_OBJ, ERR_R_CRYPTO_LIB);
|
ERR_raise(ERR_LIB_OBJ, ERR_R_CRYPTO_LIB);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
o->flags &=
|
o->flags &=
|
||||||
~(ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
|
~(ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
|
||||||
ASN1_OBJECT_FLAG_DYNAMIC_DATA);
|
ASN1_OBJECT_FLAG_DYNAMIC_DATA);
|
||||||
|
|
@ -811,7 +859,12 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
|
||||||
for (i = ADDED_DATA; i <= ADDED_NID; i++)
|
for (i = ADDED_DATA; i <= ADDED_NID; i++)
|
||||||
OPENSSL_free(ao[i]);
|
OPENSSL_free(ao[i]);
|
||||||
ASN1_OBJECT_free(o);
|
ASN1_OBJECT_free(o);
|
||||||
return NID_undef;
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
int OBJ_add_object(const ASN1_OBJECT *obj)
|
||||||
|
{
|
||||||
|
return add_object(obj, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
int OBJ_obj2nid(const ASN1_OBJECT *a)
|
int OBJ_obj2nid(const ASN1_OBJECT *a)
|
||||||
|
|
|
||||||
|
|
@ -101,7 +101,7 @@ size_t OPENSSL_instrument_bus2(unsigned int *out, size_t cnt, size_t max)
|
||||||
|
|
||||||
#if defined(__FreeBSD__) || defined(__OpenBSD__)
|
#if defined(__FreeBSD__) || defined(__OpenBSD__)
|
||||||
# include <sys/param.h>
|
# include <sys/param.h>
|
||||||
# if (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || \
|
# if (defined(__FreeBSD__) && __FreeBSD_version >= 1104000) || \
|
||||||
(defined(__OpenBSD__) && OpenBSD >= 202409)
|
(defined(__OpenBSD__) && OpenBSD >= 202409)
|
||||||
# include <sys/auxv.h>
|
# include <sys/auxv.h>
|
||||||
# define OSSL_IMPLEMENT_GETAUXVAL
|
# define OSSL_IMPLEMENT_GETAUXVAL
|
||||||
|
|
|
||||||
|
|
@ -641,7 +641,7 @@ static void put_str(const char *str, char **buf, size_t *remain, size_t *needed)
|
||||||
}
|
}
|
||||||
|
|
||||||
quotes = quote != '\0';
|
quotes = quote != '\0';
|
||||||
if (*remain == 0) {
|
if (*remain <= (size_t)quotes) {
|
||||||
*needed += 2 * quotes;
|
*needed += 2 * quotes;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1038,7 +1038,7 @@ static int provider_init(OSSL_PROVIDER *prov)
|
||||||
#ifndef FIPS_MODULE
|
#ifndef FIPS_MODULE
|
||||||
OSSL_TRACE_BEGIN(PROVIDER) {
|
OSSL_TRACE_BEGIN(PROVIDER) {
|
||||||
BIO_printf(trc_out,
|
BIO_printf(trc_out,
|
||||||
"(provider %s) initalizing\n", prov->name);
|
"(provider %s) initializing\n", prov->name);
|
||||||
} OSSL_TRACE_END(PROVIDER);
|
} OSSL_TRACE_END(PROVIDER);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -734,18 +734,3 @@ err:
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef FIPS_MODULE
|
|
||||||
int ossl_rsa_key_pairwise_test(RSA *rsa)
|
|
||||||
{
|
|
||||||
OSSL_CALLBACK *stcb;
|
|
||||||
void *stcbarg;
|
|
||||||
int res;
|
|
||||||
|
|
||||||
OSSL_SELF_TEST_get_callback(rsa->libctx, &stcb, &stcbarg);
|
|
||||||
res = rsa_keygen_pairwise_test(rsa, stcb, stcbarg);
|
|
||||||
if (res <= 0)
|
|
||||||
ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT_IMPORT);
|
|
||||||
return res;
|
|
||||||
}
|
|
||||||
#endif /* FIPS_MODULE */
|
|
||||||
|
|
|
||||||
|
|
@ -129,7 +129,7 @@ static const unsigned char digestinfo_ripemd160_der[] = {
|
||||||
# ifndef OPENSSL_NO_SM3
|
# ifndef OPENSSL_NO_SM3
|
||||||
/* SM3 (1 2 156 10197 1 401) */
|
/* SM3 (1 2 156 10197 1 401) */
|
||||||
static const unsigned char digestinfo_sm3_der[] = {
|
static const unsigned char digestinfo_sm3_der[] = {
|
||||||
ASN1_SEQUENCE, 0x0f + SM3_DIGEST_LENGTH,
|
ASN1_SEQUENCE, 0x10 + SM3_DIGEST_LENGTH,
|
||||||
ASN1_SEQUENCE, 0x0c,
|
ASN1_SEQUENCE, 0x0c,
|
||||||
ASN1_OID, 0x08, 1 * 40 + 2, 0x81, 0x1c, 0xcf, 0x55, 1, 0x83, 0x78,
|
ASN1_OID, 0x08, 1 * 40 + 2, 0x81, 0x1c, 0xcf, 0x55, 1, 0x83, 0x78,
|
||||||
ASN1_NULL, 0x00,
|
ASN1_NULL, 0x00,
|
||||||
|
|
|
||||||
|
|
@ -257,14 +257,25 @@ int OPENSSL_sk_insert(OPENSSL_STACK *st, const void *data, int loc)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if ((loc >= st->num) || (loc < 0)) {
|
if ((loc >= st->num) || (loc < 0)) {
|
||||||
st->data[st->num] = data;
|
loc = st->num;
|
||||||
|
st->data[loc] = data;
|
||||||
} else {
|
} else {
|
||||||
memmove(&st->data[loc + 1], &st->data[loc],
|
memmove(&st->data[loc + 1], &st->data[loc],
|
||||||
sizeof(st->data[0]) * (st->num - loc));
|
sizeof(st->data[0]) * (st->num - loc));
|
||||||
st->data[loc] = data;
|
st->data[loc] = data;
|
||||||
}
|
}
|
||||||
st->num++;
|
st->num++;
|
||||||
st->sorted = st->num <= 1;
|
if (st->sorted && st->num > 1) {
|
||||||
|
if (st->comp != NULL) {
|
||||||
|
if (loc > 0 && (st->comp(&st->data[loc - 1], &st->data[loc]) > 0))
|
||||||
|
st->sorted = 0;
|
||||||
|
if (loc < st->num - 1
|
||||||
|
&& (st->comp(&st->data[loc + 1], &st->data[loc]) < 0))
|
||||||
|
st->sorted = 0;
|
||||||
|
} else {
|
||||||
|
st->sorted = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
return st->num;
|
return st->num;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -302,7 +313,7 @@ void *OPENSSL_sk_delete(OPENSSL_STACK *st, int loc)
|
||||||
return internal_delete(st, loc);
|
return internal_delete(st, loc);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int internal_find(OPENSSL_STACK *st, const void *data,
|
static int internal_find(const OPENSSL_STACK *st, const void *data,
|
||||||
int ret_val_options, int *pnum_matched)
|
int ret_val_options, int *pnum_matched)
|
||||||
{
|
{
|
||||||
const void *r;
|
const void *r;
|
||||||
|
|
@ -367,17 +378,17 @@ static int internal_find(OPENSSL_STACK *st, const void *data,
|
||||||
return r == NULL ? -1 : (int)((const void **)r - st->data);
|
return r == NULL ? -1 : (int)((const void **)r - st->data);
|
||||||
}
|
}
|
||||||
|
|
||||||
int OPENSSL_sk_find(OPENSSL_STACK *st, const void *data)
|
int OPENSSL_sk_find(const OPENSSL_STACK *st, const void *data)
|
||||||
{
|
{
|
||||||
return internal_find(st, data, OSSL_BSEARCH_FIRST_VALUE_ON_MATCH, NULL);
|
return internal_find(st, data, OSSL_BSEARCH_FIRST_VALUE_ON_MATCH, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
int OPENSSL_sk_find_ex(OPENSSL_STACK *st, const void *data)
|
int OPENSSL_sk_find_ex(const OPENSSL_STACK *st, const void *data)
|
||||||
{
|
{
|
||||||
return internal_find(st, data, OSSL_BSEARCH_VALUE_ON_NOMATCH, NULL);
|
return internal_find(st, data, OSSL_BSEARCH_VALUE_ON_NOMATCH, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
int OPENSSL_sk_find_all(OPENSSL_STACK *st, const void *data, int *pnum)
|
int OPENSSL_sk_find_all(const OPENSSL_STACK *st, const void *data, int *pnum)
|
||||||
{
|
{
|
||||||
return internal_find(st, data, OSSL_BSEARCH_FIRST_VALUE_ON_MATCH, pnum);
|
return internal_find(st, data, OSSL_BSEARCH_FIRST_VALUE_ON_MATCH, pnum);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -92,8 +92,10 @@ __tsan_mutex_post_lock((x), 0, 0)
|
||||||
/*
|
/*
|
||||||
* The Non-Stop KLT thread model currently seems broken in its rwlock
|
* The Non-Stop KLT thread model currently seems broken in its rwlock
|
||||||
* implementation
|
* implementation
|
||||||
|
* Likewise is there a problem with the glibc implementation on riscv.
|
||||||
*/
|
*/
|
||||||
# if defined(PTHREAD_RWLOCK_INITIALIZER) && !defined(_KLT_MODEL_)
|
# if defined(PTHREAD_RWLOCK_INITIALIZER) && !defined(_KLT_MODEL_) \
|
||||||
|
&& !defined(__riscv)
|
||||||
# define USE_RWLOCK
|
# define USE_RWLOCK
|
||||||
# endif
|
# endif
|
||||||
|
|
||||||
|
|
@ -309,7 +311,7 @@ static struct rcu_qp *get_hold_current_qp(struct rcu_lock_st *lock)
|
||||||
|
|
||||||
/* if the idx hasn't changed, we're good, else try again */
|
/* if the idx hasn't changed, we're good, else try again */
|
||||||
if (qp_idx == ATOMIC_LOAD_N(uint32_t, &lock->reader_idx,
|
if (qp_idx == ATOMIC_LOAD_N(uint32_t, &lock->reader_idx,
|
||||||
__ATOMIC_RELAXED))
|
__ATOMIC_ACQUIRE))
|
||||||
break;
|
break;
|
||||||
|
|
||||||
ATOMIC_SUB_FETCH(&lock->qp_group[qp_idx].users, (uint64_t)1,
|
ATOMIC_SUB_FETCH(&lock->qp_group[qp_idx].users, (uint64_t)1,
|
||||||
|
|
@ -440,8 +442,12 @@ static struct rcu_qp *update_qp(CRYPTO_RCU_LOCK *lock, uint32_t *curr_id)
|
||||||
*curr_id = lock->id_ctr;
|
*curr_id = lock->id_ctr;
|
||||||
lock->id_ctr++;
|
lock->id_ctr++;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* make the current state of everything visible by this release
|
||||||
|
* when get_hold_current_qp acquires the next qp
|
||||||
|
*/
|
||||||
ATOMIC_STORE_N(uint32_t, &lock->reader_idx, lock->current_alloc_idx,
|
ATOMIC_STORE_N(uint32_t, &lock->reader_idx, lock->current_alloc_idx,
|
||||||
__ATOMIC_RELAXED);
|
__ATOMIC_RELEASE);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* this should make sure that the new value of reader_idx is visible in
|
* this should make sure that the new value of reader_idx is visible in
|
||||||
|
|
|
||||||
|
|
@ -408,7 +408,6 @@ static int x509_store_add(X509_STORE *store, void *x, int crl)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!X509_STORE_lock(store)) {
|
if (!X509_STORE_lock(store)) {
|
||||||
obj->type = X509_LU_NONE;
|
|
||||||
X509_OBJECT_free(obj);
|
X509_OBJECT_free(obj);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -408,7 +408,7 @@ static int sk_X509_contains(STACK_OF(X509) *sk, X509 *cert)
|
||||||
* Likely it would be good if build_chain() sets |check_signing_allowed|.
|
* Likely it would be good if build_chain() sets |check_signing_allowed|.
|
||||||
* Yet if |sk| is a list of trusted certs, as with X509_STORE_CTX_set0_trusted_stack(),
|
* Yet if |sk| is a list of trusted certs, as with X509_STORE_CTX_set0_trusted_stack(),
|
||||||
* better not set |check_signing_allowed|.
|
* better not set |check_signing_allowed|.
|
||||||
* Maybe not touch X509_STORE_CTX_get1_issuer(), for API backward compatiblity.
|
* Maybe not touch X509_STORE_CTX_get1_issuer(), for API backward compatibility.
|
||||||
*/
|
*/
|
||||||
static X509 *get0_best_issuer_sk(X509_STORE_CTX *ctx, int check_signing_allowed,
|
static X509 *get0_best_issuer_sk(X509_STORE_CTX *ctx, int check_signing_allowed,
|
||||||
int no_dup, STACK_OF(X509) *sk, X509 *x)
|
int no_dup, STACK_OF(X509) *sk, X509 *x)
|
||||||
|
|
|
||||||
|
|
@ -75,7 +75,7 @@
|
||||||
* This is a simple non-blocking QUIC HTTP/1.0 server application.
|
* This is a simple non-blocking QUIC HTTP/1.0 server application.
|
||||||
* Server accepts QUIC connections. It then accepts bi-directional
|
* Server accepts QUIC connections. It then accepts bi-directional
|
||||||
* stream from client and reads request. By default it sends
|
* stream from client and reads request. By default it sends
|
||||||
* 12345 bytes back as HHTTP/1.0 response to any GET request.
|
* 12345 bytes back as HTTP/1.0 response to any GET request.
|
||||||
* If GET request comes with URL for example as follows:
|
* If GET request comes with URL for example as follows:
|
||||||
* /foo/bar/file_65535.txt
|
* /foo/bar/file_65535.txt
|
||||||
* then the server sends 64kB of data in HTTP/1.0 response.
|
* then the server sends 64kB of data in HTTP/1.0 response.
|
||||||
|
|
@ -216,7 +216,7 @@ struct poll_event_connection {
|
||||||
* Members in poll manager deserve some explanation:
|
* Members in poll manager deserve some explanation:
|
||||||
* - pm_head, holds a list of poll_event structures (connections and
|
* - pm_head, holds a list of poll_event structures (connections and
|
||||||
* streams)
|
* streams)
|
||||||
* - pm_event_count number of events to montior in SSL_poll(3ossl)
|
* - pm_event_count number of events to monitor in SSL_poll(3ossl)
|
||||||
* - pm_poll_set array of events to poll on
|
* - pm_poll_set array of events to poll on
|
||||||
* - pm_poll_set_sz number of slots (space) available in pm_poll_set
|
* - pm_poll_set_sz number of slots (space) available in pm_poll_set
|
||||||
* - pm_need_rebuild whenever list of events to monitor in a list changes
|
* - pm_need_rebuild whenever list of events to monitor in a list changes
|
||||||
|
|
|
||||||
|
|
@ -44,7 +44,7 @@ subsequent computations (encapsulation).
|
||||||
Since the private key includes the public key as one of its components, the matrix
|
Since the private key includes the public key as one of its components, the matrix
|
||||||
is also pre-computed and stored with the private key, and then need not be
|
is also pre-computed and stored with the private key, and then need not be
|
||||||
regenerated during decapsulation.
|
regenerated during decapsulation.
|
||||||
During encapsulation (typically peformed by servers), it is in principle
|
During encapsulation (typically performed by servers), it is in principle
|
||||||
possible to save space and compute the matrix elements *just-in-time*, as each
|
possible to save space and compute the matrix elements *just-in-time*, as each
|
||||||
matrix element is used exactly once.
|
matrix element is used exactly once.
|
||||||
This is not currently implemented, and the matrix is pre-computed in full.
|
This is not currently implemented, and the matrix is pre-computed in full.
|
||||||
|
|
@ -90,7 +90,7 @@ Keys can be generated via the usual **EVP_PKEY_generate()** and
|
||||||
|
|
||||||
An explicit seed can be specified by setting the key generation
|
An explicit seed can be specified by setting the key generation
|
||||||
**OSSL_PKEY_PARAM_ML_KEM_SEED** parameter to a 64-byte octet-string
|
**OSSL_PKEY_PARAM_ML_KEM_SEED** parameter to a 64-byte octet-string
|
||||||
(concatentation of the **d** and **z** values (32-bytes each) in that order).
|
(concatenation of the **d** and **z** values (32-bytes each) in that order).
|
||||||
|
|
||||||
KEM API
|
KEM API
|
||||||
-------
|
-------
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@ and `EVP_PKEY_verify()` remain supported.
|
||||||
Some more recent verification algorithms need to obtain the signature
|
Some more recent verification algorithms need to obtain the signature
|
||||||
before processing the data.
|
before processing the data.
|
||||||
This is particularly important for streaming modes of operation.
|
This is particularly important for streaming modes of operation.
|
||||||
This design proposes a mechanism to accomodate these algorithms
|
This design proposes a mechanism to accommodate these algorithms
|
||||||
and modes of operation.
|
and modes of operation.
|
||||||
|
|
||||||
New public API - API Reference
|
New public API - API Reference
|
||||||
|
|
|
||||||
|
|
@ -103,7 +103,7 @@ the API's used should be
|
||||||
OpenSSL command line support
|
OpenSSL command line support
|
||||||
----------------------------
|
----------------------------
|
||||||
|
|
||||||
For backwards compatability reasons `EVP_DigestSignInit_ex()`,
|
For backwards compatibility reasons `EVP_DigestSignInit_ex()`,
|
||||||
`EVP_DigestSign()`, `EVP_DigestVerifyInit_ex()` and `EVP_DigestVerify()` may
|
`EVP_DigestSign()`, `EVP_DigestVerifyInit_ex()` and `EVP_DigestVerify()` may
|
||||||
also be used, but the digest passed in `mdname` must be NULL (i.e. it
|
also be used, but the digest passed in `mdname` must be NULL (i.e. it
|
||||||
effectively behaves the same as above).
|
effectively behaves the same as above).
|
||||||
|
|
|
||||||
|
|
@ -386,7 +386,7 @@ int ossl_cml_write(QUIC_CML *cml, QUIC_CML_PIPE pipe_handle,
|
||||||
/*
|
/*
|
||||||
* Returns the number of bytes a receiving pipe currently has waiting to be
|
* Returns the number of bytes a receiving pipe currently has waiting to be
|
||||||
* read. The returned value may increase over time asynchronously but will only
|
* read. The returned value may increase over time asynchronously but will only
|
||||||
* decreate in response to an ossl_cml_read call.
|
* decrease in response to an ossl_cml_read call.
|
||||||
*/
|
*/
|
||||||
size_t ossl_cml_read_available(QUIC_CML *cml, QUIC_CML_PIPE pipe_handle);
|
size_t ossl_cml_read_available(QUIC_CML *cml, QUIC_CML_PIPE pipe_handle);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1072,7 +1072,7 @@ typedef struct ssl_poll_event_st {
|
||||||
* this, applications must still ensure no events in an SSL_POLL_EVENT
|
* this, applications must still ensure no events in an SSL_POLL_EVENT
|
||||||
* structure recorded from a previous call to this function are left over, which
|
* structure recorded from a previous call to this function are left over, which
|
||||||
* may still reference that poll descriptor. Therefore, applications must still
|
* may still reference that poll descriptor. Therefore, applications must still
|
||||||
* excercise caution when freeing resources which are registered, or which were
|
* exercise caution when freeing resources which are registered, or which were
|
||||||
* previously registered in a poll group.
|
* previously registered in a poll group.
|
||||||
*/
|
*/
|
||||||
#define SSL_POLL_FLAG_NO_HANDLE_EVENTS (1U << 0)
|
#define SSL_POLL_FLAG_NO_HANDLE_EVENTS (1U << 0)
|
||||||
|
|
@ -1324,13 +1324,13 @@ void process_event(const SSL_POLL_EVENT *event)
|
||||||
for (i = 0; i < nevents; ++i) {
|
for (i = 0; i < nevents; ++i) {
|
||||||
process_event(&events[i]); /* do something in application */
|
process_event(&events[i]); /* do something in application */
|
||||||
|
|
||||||
/* We have processed the event so now reenable it. */
|
/* We have processed the event so now re-enable it. */
|
||||||
SSL_POLL_CHANGE_chflag(chg++, events[i].desc, events[i].instance,
|
SSL_POLL_CHANGE_chflag(chg++, events[i].desc, events[i].instance,
|
||||||
SSL_POLL_EVENT_FLAG_DISABLE, 0);
|
SSL_POLL_EVENT_FLAG_DISABLE, 0);
|
||||||
++nchanges;
|
++nchanges;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Reenable any event we processed and go to sleep again. */
|
/* Re-enable any event we processed and go to sleep again. */
|
||||||
if (!SSL_POLL_GROUP_change_poll(pg, changes, nchanges, sizeof(changes[0]),
|
if (!SSL_POLL_GROUP_change_poll(pg, changes, nchanges, sizeof(changes[0]),
|
||||||
events, OSSL_NELEM(events), sizeof(events[0]),
|
events, OSSL_NELEM(events), sizeof(events[0]),
|
||||||
NULL, 0, &nevents))
|
NULL, 0, &nevents))
|
||||||
|
|
@ -1419,7 +1419,7 @@ There are two kinds of polling that occur:
|
||||||
Firstly, the `SSL_POLL_METHOD` object is defined abstractly as follows:
|
Firstly, the `SSL_POLL_METHOD` object is defined abstractly as follows:
|
||||||
|
|
||||||
```c
|
```c
|
||||||
/* API (Psuedocode) */
|
/* API (Pseudocode) */
|
||||||
#define SSL_POLL_METHOD_CAP_IMMEDIATE (1U << 0) /* supports immediate mode */
|
#define SSL_POLL_METHOD_CAP_IMMEDIATE (1U << 0) /* supports immediate mode */
|
||||||
#define SSL_POLL_METHOD_CAP_RETAINED (1U << 1) /* supports retained mode */
|
#define SSL_POLL_METHOD_CAP_RETAINED (1U << 1) /* supports retained mode */
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -121,7 +121,7 @@ Only the entries of type "A" (Attribute Type) are potentially relevant. All
|
||||||
the *mainstream* attribute types are already listed in
|
the *mainstream* attribute types are already listed in
|
||||||
`crypto/objects/objects.txt` and should be already supported:
|
`crypto/objects/objects.txt` and should be already supported:
|
||||||
|
|
||||||
| Atribute Name | OID | Reference |
|
| Attribute Name | OID | Reference |
|
||||||
|---|---|---|
|
|---|---|---|
|
||||||
| uid | 0.9.2342.19200300.100.1.1 | [RFC4519] |
|
| uid | 0.9.2342.19200300.100.1.1 | [RFC4519] |
|
||||||
| userId | 0.9.2342.19200300.100.1.1 | [RFC4519] |
|
| userId | 0.9.2342.19200300.100.1.1 | [RFC4519] |
|
||||||
|
|
|
||||||
|
|
@ -52,9 +52,9 @@ OPENSSL_sk_sort, OPENSSL_sk_unshift, OPENSSL_sk_value, OPENSSL_sk_zero
|
||||||
void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
|
void sk_TYPE_pop_free(STACK_OF(TYPE) *sk, sk_TYPE_freefunc freefunc);
|
||||||
int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
|
int sk_TYPE_insert(STACK_OF(TYPE) *sk, TYPE *ptr, int idx);
|
||||||
TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
|
TYPE *sk_TYPE_set(STACK_OF(TYPE) *sk, int idx, const TYPE *ptr);
|
||||||
int sk_TYPE_find(STACK_OF(TYPE) *sk, TYPE *ptr);
|
int sk_TYPE_find(const STACK_OF(TYPE) *sk, TYPE *ptr);
|
||||||
int sk_TYPE_find_ex(STACK_OF(TYPE) *sk, TYPE *ptr);
|
int sk_TYPE_find_ex(const STACK_OF(TYPE) *sk, TYPE *ptr);
|
||||||
int sk_TYPE_find_all(STACK_OF(TYPE) *sk, TYPE *ptr, int *pnum);
|
int sk_TYPE_find_all(const STACK_OF(TYPE) *sk, TYPE *ptr, int *pnum);
|
||||||
void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
|
void sk_TYPE_sort(const STACK_OF(TYPE) *sk);
|
||||||
int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
|
int sk_TYPE_is_sorted(const STACK_OF(TYPE) *sk);
|
||||||
STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
|
STACK_OF(TYPE) *sk_TYPE_dup(const STACK_OF(TYPE) *sk);
|
||||||
|
|
@ -170,15 +170,14 @@ B<sk_I<TYPE>_set>() sets element I<idx> of I<sk> to I<ptr> replacing the current
|
||||||
element. The new element value is returned or NULL if an error occurred:
|
element. The new element value is returned or NULL if an error occurred:
|
||||||
this will only happen if I<sk> is NULL or I<idx> is out of range.
|
this will only happen if I<sk> is NULL or I<idx> is out of range.
|
||||||
|
|
||||||
B<sk_I<TYPE>_find>() searches I<sk> for the element I<ptr>. In the case
|
B<sk_I<TYPE>_find>() searches I<sk> for the element I<ptr>. In the
|
||||||
where no comparison function has been specified, the function performs
|
case where no comparison function has been specified, the function
|
||||||
a linear search for a pointer equal to I<ptr>. The index of the first
|
performs a linear search for a pointer equal to I<ptr>. In the case
|
||||||
matching element is returned or B<-1> if there is no match. In the case
|
where a comparison function has been specified, the function performs
|
||||||
where a comparison function has been specified, I<sk> is sorted and
|
a search for a element that the comparison function indicates is a
|
||||||
B<sk_I<TYPE>_find>() returns the index of a matching element or B<-1> if there
|
match. If the stack is sorted, a binary search is used, otherwise, a
|
||||||
is no match. Note that, in this case the comparison function will usually
|
linear search is used. B<sk_I<TYPE>_find>() returns the index of a
|
||||||
compare the values pointed to rather than the pointers themselves and
|
matching element or B<-1> if there is no match.
|
||||||
the order of elements in I<sk> can change.
|
|
||||||
|
|
||||||
B<sk_I<TYPE>_find_ex>() operates like B<sk_I<TYPE>_find>() except when a
|
B<sk_I<TYPE>_find_ex>() operates like B<sk_I<TYPE>_find>() except when a
|
||||||
comparison function has been specified and no matching element is found.
|
comparison function has been specified and no matching element is found.
|
||||||
|
|
|
||||||
|
|
@ -135,7 +135,7 @@ EVP_SKEY_up_ref() returns 1 for success and 0 on failure.
|
||||||
EVP_SKEY_export() and EVP_SKEY_get0_raw_key() return 1 for success and 0 on failure.
|
EVP_SKEY_export() and EVP_SKEY_get0_raw_key() return 1 for success and 0 on failure.
|
||||||
|
|
||||||
EVP_SKEY_get0_skeymgmt_name() and EVP_SKEY_get0_provider_name() return the
|
EVP_SKEY_get0_skeymgmt_name() and EVP_SKEY_get0_provider_name() return the
|
||||||
names of the associated EVP_SKEYMGMT object and its provider correspondigly.
|
names of the associated EVP_SKEYMGMT object and its provider correspondingly.
|
||||||
|
|
||||||
EVP_SKEY_is_a() returns 1 if I<skey> has the key type I<name>,
|
EVP_SKEY_is_a() returns 1 if I<skey> has the key type I<name>,
|
||||||
otherwise 0.
|
otherwise 0.
|
||||||
|
|
|
||||||
|
|
@ -206,7 +206,7 @@ I<capability>. For each capability of that name supported by the provider it
|
||||||
will call the callback I<cb> and supply a set of L<OSSL_PARAM(3)>s describing the
|
will call the callback I<cb> and supply a set of L<OSSL_PARAM(3)>s describing the
|
||||||
capability. It will also pass back the argument I<arg>. For more details about
|
capability. It will also pass back the argument I<arg>. For more details about
|
||||||
capabilities and what they can be used for please see
|
capabilities and what they can be used for please see
|
||||||
L<provider-base(7)/CAPABILTIIES>.
|
L<provider-base(7)/CAPABILITIES>.
|
||||||
|
|
||||||
=head1 RETURN VALUES
|
=head1 RETURN VALUES
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -256,6 +256,13 @@ L<crypto(7)>
|
||||||
The macros and functions described here were added in OpenSSL 3.0,
|
The macros and functions described here were added in OpenSSL 3.0,
|
||||||
except for OPENSSL_VERSION_NUMBER and OpenSSL_version_num().
|
except for OPENSSL_VERSION_NUMBER and OpenSSL_version_num().
|
||||||
|
|
||||||
|
=head1 BUGS
|
||||||
|
|
||||||
|
There was a discrepancy between this manual and commentary + code
|
||||||
|
in F<< <openssl/opensslv.h> >>, where the latter suggested that the
|
||||||
|
four least significant bits of B<OPENSSL_VERSION_NUMBER> could be
|
||||||
|
C<0x0f> in released OpenSSL versions.
|
||||||
|
|
||||||
=head1 COPYRIGHT
|
=head1 COPYRIGHT
|
||||||
|
|
||||||
Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
|
Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
|
|
||||||
|
|
@ -81,7 +81,7 @@ https://meganorm.ru/mega_doc/norm/prikaz/25/r_1323565_1_041-2022_rekomendatsii_p
|
||||||
If this environment variable is set, MAC generation that utilises
|
If this environment variable is set, MAC generation that utilises
|
||||||
GOST R 34.11-94 or GOST 34.11-2012 hashing algorithms is performed the usual
|
GOST R 34.11-94 or GOST 34.11-2012 hashing algorithms is performed the usual
|
||||||
way and not in accordance with the specification provided in the methodical
|
way and not in accordance with the specification provided in the methodical
|
||||||
recommendation MP 26.2.002-2012 (or in its later versions, standartisation
|
recommendation MP 26.2.002-2012 (or in its later versions, standardisation
|
||||||
recommendation P 50.1.112-2016 or P 1323565.1.041-2022)
|
recommendation P 50.1.112-2016 or P 1323565.1.041-2022)
|
||||||
of Technical Committee 26, that specifies that the key used for MAC
|
of Technical Committee 26, that specifies that the key used for MAC
|
||||||
generation should be the last 32 bytes of the 96-byte sequence generated
|
generation should be the last 32 bytes of the 96-byte sequence generated
|
||||||
|
|
|
||||||
|
|
@ -37,7 +37,7 @@ SSL_CIPHER_get_protocol_id
|
||||||
int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
|
int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
|
||||||
const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
|
const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
|
||||||
uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
|
uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
|
||||||
uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);
|
uint16_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);
|
||||||
|
|
||||||
=head1 DESCRIPTION
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -42,7 +42,7 @@ Specifying this flag configures the Single-Threaded Concurrency Model (SCM).
|
||||||
|
|
||||||
=item B<SSL_DOMAIN_FLAG_MULTI_THREAD>
|
=item B<SSL_DOMAIN_FLAG_MULTI_THREAD>
|
||||||
|
|
||||||
Speciyfing this flag configures the Contentive Concurrency Model (CCM) (unless
|
Specifying this flag configures the Contentive Concurrency Model (CCM) (unless
|
||||||
B<SSL_DOMAIN_FLAG_THREAD_ASSISTED> is also specified).
|
B<SSL_DOMAIN_FLAG_THREAD_ASSISTED> is also specified).
|
||||||
|
|
||||||
If OpenSSL was built without thread support, this is identical to
|
If OpenSSL was built without thread support, this is identical to
|
||||||
|
|
|
||||||
|
|
@ -23,9 +23,10 @@ SSL_SESSION_set1_alpn_selected
|
||||||
|
|
||||||
=head1 DESCRIPTION
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
SSL_SESSION_get0_hostname() retrieves the SNI value that was sent by the
|
SSL_SESSION_get0_hostname() retrieves the Server Name Indication (SNI) value
|
||||||
client when the session was created if it was accepted by the server. Otherwise
|
that was sent by the client when the session was created if the server
|
||||||
NULL is returned.
|
acknowledged the client's SNI extension by including an empty SNI extension
|
||||||
|
in response. Otherwise NULL is returned.
|
||||||
|
|
||||||
The value returned is a pointer to memory maintained within B<s> and
|
The value returned is a pointer to memory maintained within B<s> and
|
||||||
should not be free'd.
|
should not be free'd.
|
||||||
|
|
@ -44,8 +45,7 @@ B<alpn>.
|
||||||
|
|
||||||
=head1 RETURN VALUES
|
=head1 RETURN VALUES
|
||||||
|
|
||||||
SSL_SESSION_get0_hostname() returns either a string or NULL based on if there
|
SSL_SESSION_get0_hostname() returns the SNI string if available, or NULL if not.
|
||||||
is the SNI value sent by client.
|
|
||||||
|
|
||||||
SSL_SESSION_set1_hostname() returns 1 on success or 0 on error.
|
SSL_SESSION_set1_hostname() returns 1 on success or 0 on error.
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -203,9 +203,9 @@ struct padlock_cipher_data {
|
||||||
int rounds:4;
|
int rounds:4;
|
||||||
int dgst:1; /* n/a in C3 */
|
int dgst:1; /* n/a in C3 */
|
||||||
int align:1; /* n/a in C3 */
|
int align:1; /* n/a in C3 */
|
||||||
int ciphr:1; /* n/a in C3 */
|
int cipher:1; /* n/a in C3 */
|
||||||
unsigned int keygen:1;
|
unsigned int keygen:1;
|
||||||
int interm:1;
|
int intern:1;
|
||||||
unsigned int encdec:1;
|
unsigned int encdec:1;
|
||||||
int ksize:2;
|
int ksize:2;
|
||||||
} b;
|
} b;
|
||||||
|
|
|
||||||
|
|
@ -640,7 +640,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
|
||||||
return -1;
|
return -1;
|
||||||
/*
|
/*
|
||||||
* Get the first byte of the buffer to tell us what operation
|
* Get the first byte of the buffer to tell us what operation
|
||||||
* to preform
|
* to perform
|
||||||
*/
|
*/
|
||||||
buffer_cursor = consume_uint8t(buf, &len, &operation);
|
buffer_cursor = consume_uint8t(buf, &len, &operation);
|
||||||
if (buffer_cursor == NULL)
|
if (buffer_cursor == NULL)
|
||||||
|
|
|
||||||
|
|
@ -378,7 +378,7 @@ static void slh_dsa_sign_verify(uint8_t **buf, size_t *len, void *key1,
|
||||||
/*
|
/*
|
||||||
* the context_string parameter can be no more than 255 bytes, so if
|
* the context_string parameter can be no more than 255 bytes, so if
|
||||||
* our random input buffer is greater than that, we expect failure above,
|
* our random input buffer is greater than that, we expect failure above,
|
||||||
* which we check for. In that event, theres nothing more we can do here
|
* which we check for. In that event, there's nothing more we can do here
|
||||||
* so bail out
|
* so bail out
|
||||||
*/
|
*/
|
||||||
if (expect_init_rc == 0)
|
if (expect_init_rc == 0)
|
||||||
|
|
@ -439,7 +439,7 @@ static void slh_dsa_export_import(uint8_t **buf, size_t *len, void *key1,
|
||||||
* EVP_PKEY returns:
|
* EVP_PKEY returns:
|
||||||
* 1 if the keys are equivalent
|
* 1 if the keys are equivalent
|
||||||
* 0 if the keys are not equivalent
|
* 0 if the keys are not equivalent
|
||||||
* -1 if the key types are differnt
|
* -1 if the key types are different
|
||||||
* -2 if the operation is not supported
|
* -2 if the operation is not supported
|
||||||
*/
|
*/
|
||||||
OPENSSL_assert(EVP_PKEY_eq(alice, new) == 1);
|
OPENSSL_assert(EVP_PKEY_eq(alice, new) == 1);
|
||||||
|
|
@ -578,7 +578,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
|
||||||
return -1;
|
return -1;
|
||||||
/*
|
/*
|
||||||
* Get the first byte of the buffer to tell us what operation
|
* Get the first byte of the buffer to tell us what operation
|
||||||
* to preform
|
* to perform
|
||||||
*/
|
*/
|
||||||
buffer_cursor = consume_uint8t(buf, &len, &operation);
|
buffer_cursor = consume_uint8t(buf, &len, &operation);
|
||||||
if (buffer_cursor == NULL)
|
if (buffer_cursor == NULL)
|
||||||
|
|
|
||||||
|
|
@ -154,7 +154,7 @@ typedef struct {
|
||||||
int security_category;
|
int security_category;
|
||||||
} ML_KEM_VINFO;
|
} ML_KEM_VINFO;
|
||||||
|
|
||||||
/* Retrive global variant-specific parameters */
|
/* Retrieve global variant-specific parameters */
|
||||||
const ML_KEM_VINFO *ossl_ml_kem_get_vinfo(int evp_type);
|
const ML_KEM_VINFO *ossl_ml_kem_get_vinfo(int evp_type);
|
||||||
|
|
||||||
/* Known as ML_KEM_KEY via crypto/types.h */
|
/* Known as ML_KEM_KEY via crypto/types.h */
|
||||||
|
|
|
||||||
|
|
@ -124,10 +124,6 @@ ASN1_STRING *ossl_rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx);
|
||||||
int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
|
int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
|
||||||
const X509_ALGOR *sigalg, EVP_PKEY *pkey);
|
const X509_ALGOR *sigalg, EVP_PKEY *pkey);
|
||||||
|
|
||||||
# ifdef FIPS_MODULE
|
|
||||||
int ossl_rsa_key_pairwise_test(RSA *rsa);
|
|
||||||
# endif /* FIPS_MODULE */
|
|
||||||
|
|
||||||
# if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
|
# if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
|
||||||
int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]);
|
int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]);
|
||||||
void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst);
|
void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst);
|
||||||
|
|
|
||||||
|
|
@ -89,12 +89,12 @@ extern "C" {
|
||||||
|
|
||||||
# define OPENSSL_VERSION_TEXT "OpenSSL {- "$config{full_version} $config{release_date}" -}"
|
# define OPENSSL_VERSION_TEXT "OpenSSL {- "$config{full_version} $config{release_date}" -}"
|
||||||
|
|
||||||
/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
|
/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PP0L */
|
||||||
# define OPENSSL_VERSION_NUMBER \
|
# define OPENSSL_VERSION_NUMBER \
|
||||||
( (OPENSSL_VERSION_MAJOR<<28) \
|
( (OPENSSL_VERSION_MAJOR<<28) \
|
||||||
|(OPENSSL_VERSION_MINOR<<20) \
|
|(OPENSSL_VERSION_MINOR<<20) \
|
||||||
|(OPENSSL_VERSION_PATCH<<4) \
|
|(OPENSSL_VERSION_PATCH<<4) \
|
||||||
|{- @config{prerelease} ? "0x0L" : "0xfL" -} )
|
|0x0L )
|
||||||
|
|
||||||
# ifdef __cplusplus
|
# ifdef __cplusplus
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -161,17 +161,18 @@ extern "C" {
|
||||||
{ \
|
{ \
|
||||||
return (t2 *)OPENSSL_sk_set((OPENSSL_STACK *)sk, idx, (const void *)ptr); \
|
return (t2 *)OPENSSL_sk_set((OPENSSL_STACK *)sk, idx, (const void *)ptr); \
|
||||||
} \
|
} \
|
||||||
static ossl_unused ossl_inline int sk_##t1##_find(STACK_OF(t1) *sk, t2 *ptr) \
|
static ossl_unused ossl_inline int sk_##t1##_find(const STACK_OF(t1) *sk, t2 *ptr) \
|
||||||
{ \
|
{ \
|
||||||
return OPENSSL_sk_find((OPENSSL_STACK *)sk, (const void *)ptr); \
|
return OPENSSL_sk_find((const OPENSSL_STACK *)sk, (const void *)ptr); \
|
||||||
} \
|
} \
|
||||||
static ossl_unused ossl_inline int sk_##t1##_find_ex(STACK_OF(t1) *sk, t2 *ptr) \
|
static ossl_unused ossl_inline int sk_##t1##_find_ex(const STACK_OF(t1) *sk, t2 *ptr) \
|
||||||
{ \
|
{ \
|
||||||
return OPENSSL_sk_find_ex((OPENSSL_STACK *)sk, (const void *)ptr); \
|
return OPENSSL_sk_find_ex((const OPENSSL_STACK *)sk, (const void *)ptr); \
|
||||||
} \
|
} \
|
||||||
static ossl_unused ossl_inline int sk_##t1##_find_all(STACK_OF(t1) *sk, t2 *ptr, int *pnum) \
|
static ossl_unused ossl_inline int sk_##t1##_find_all(const STACK_OF(t1) *sk, t2 *ptr, \
|
||||||
|
int *pnum) \
|
||||||
{ \
|
{ \
|
||||||
return OPENSSL_sk_find_all((OPENSSL_STACK *)sk, (const void *)ptr, pnum); \
|
return OPENSSL_sk_find_all((const OPENSSL_STACK *)sk, (const void *)ptr, pnum); \
|
||||||
} \
|
} \
|
||||||
static ossl_unused ossl_inline void sk_##t1##_sort(STACK_OF(t1) *sk) \
|
static ossl_unused ossl_inline void sk_##t1##_sort(STACK_OF(t1) *sk) \
|
||||||
{ \
|
{ \
|
||||||
|
|
|
||||||
|
|
@ -45,9 +45,9 @@ OPENSSL_STACK *OPENSSL_sk_deep_copy(const OPENSSL_STACK *,
|
||||||
int OPENSSL_sk_insert(OPENSSL_STACK *sk, const void *data, int where);
|
int OPENSSL_sk_insert(OPENSSL_STACK *sk, const void *data, int where);
|
||||||
void *OPENSSL_sk_delete(OPENSSL_STACK *st, int loc);
|
void *OPENSSL_sk_delete(OPENSSL_STACK *st, int loc);
|
||||||
void *OPENSSL_sk_delete_ptr(OPENSSL_STACK *st, const void *p);
|
void *OPENSSL_sk_delete_ptr(OPENSSL_STACK *st, const void *p);
|
||||||
int OPENSSL_sk_find(OPENSSL_STACK *st, const void *data);
|
int OPENSSL_sk_find(const OPENSSL_STACK *st, const void *data);
|
||||||
int OPENSSL_sk_find_ex(OPENSSL_STACK *st, const void *data);
|
int OPENSSL_sk_find_ex(const OPENSSL_STACK *st, const void *data);
|
||||||
int OPENSSL_sk_find_all(OPENSSL_STACK *st, const void *data, int *pnum);
|
int OPENSSL_sk_find_all(const OPENSSL_STACK *st, const void *data, int *pnum);
|
||||||
int OPENSSL_sk_push(OPENSSL_STACK *st, const void *data);
|
int OPENSSL_sk_push(OPENSSL_STACK *st, const void *data);
|
||||||
int OPENSSL_sk_unshift(OPENSSL_STACK *st, const void *data);
|
int OPENSSL_sk_unshift(OPENSSL_STACK *st, const void *data);
|
||||||
void *OPENSSL_sk_shift(OPENSSL_STACK *st);
|
void *OPENSSL_sk_shift(OPENSSL_STACK *st);
|
||||||
|
|
|
||||||
|
|
@ -1450,6 +1450,18 @@ static const ST_KAT_PARAM rsa_priv_key[] = {
|
||||||
ST_KAT_PARAM_END()
|
ST_KAT_PARAM_END()
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the
|
||||||
|
* ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
|
||||||
|
* HP/UX PA-RISC compilers.
|
||||||
|
*/
|
||||||
|
static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
|
||||||
|
|
||||||
|
static const ST_KAT_PARAM rsa_enc_params[] = {
|
||||||
|
ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),
|
||||||
|
ST_KAT_PARAM_END()
|
||||||
|
};
|
||||||
|
|
||||||
static const unsigned char rsa_sig_msg[] = "Hello World!";
|
static const unsigned char rsa_sig_msg[] = "Hello World!";
|
||||||
|
|
||||||
static const unsigned char rsa_expected_sig[256] = {
|
static const unsigned char rsa_expected_sig[256] = {
|
||||||
|
|
@ -3664,3 +3676,33 @@ static const ST_KAT_ASYM_KEYGEN st_kat_asym_keygen_tests[] = {
|
||||||
# endif
|
# endif
|
||||||
};
|
};
|
||||||
#endif /* !OPENSSL_NO_ML_DSA || !OPENSSL_NO_SLH_DSA */
|
#endif /* !OPENSSL_NO_ML_DSA || !OPENSSL_NO_SLH_DSA */
|
||||||
|
|
||||||
|
static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
|
||||||
|
{
|
||||||
|
OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
|
||||||
|
"RSA",
|
||||||
|
1,
|
||||||
|
rsa_pub_key,
|
||||||
|
rsa_enc_params,
|
||||||
|
ITM(rsa_asym_plaintext_encrypt),
|
||||||
|
ITM(rsa_asym_expected_encrypt),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
|
||||||
|
"RSA",
|
||||||
|
0,
|
||||||
|
rsa_priv_key,
|
||||||
|
rsa_enc_params,
|
||||||
|
ITM(rsa_asym_expected_encrypt),
|
||||||
|
ITM(rsa_asym_plaintext_encrypt),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
|
||||||
|
"RSA",
|
||||||
|
0,
|
||||||
|
rsa_crt_key,
|
||||||
|
rsa_enc_params,
|
||||||
|
ITM(rsa_asym_expected_encrypt),
|
||||||
|
ITM(rsa_asym_plaintext_encrypt),
|
||||||
|
},
|
||||||
|
};
|
||||||
|
|
|
||||||
|
|
@ -858,6 +858,93 @@ err:
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Test an encrypt or decrypt KAT..
|
||||||
|
*
|
||||||
|
* FIPS 140-2 IG D.9 states that separate KAT tests are needed for encrypt
|
||||||
|
* and decrypt..
|
||||||
|
*/
|
||||||
|
static int self_test_asym_cipher(const ST_KAT_ASYM_CIPHER *t, OSSL_SELF_TEST *st,
|
||||||
|
OSSL_LIB_CTX *libctx)
|
||||||
|
{
|
||||||
|
int ret = 0;
|
||||||
|
OSSL_PARAM *keyparams = NULL, *initparams = NULL;
|
||||||
|
OSSL_PARAM_BLD *keybld = NULL, *initbld = NULL;
|
||||||
|
EVP_PKEY_CTX *encctx = NULL, *keyctx = NULL;
|
||||||
|
EVP_PKEY *key = NULL;
|
||||||
|
BN_CTX *bnctx = NULL;
|
||||||
|
unsigned char out[256];
|
||||||
|
size_t outlen = sizeof(out);
|
||||||
|
|
||||||
|
OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER, t->desc);
|
||||||
|
|
||||||
|
bnctx = BN_CTX_new_ex(libctx);
|
||||||
|
if (bnctx == NULL)
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
/* Load a public or private key from data */
|
||||||
|
keybld = OSSL_PARAM_BLD_new();
|
||||||
|
if (keybld == NULL
|
||||||
|
|| !add_params(keybld, t->key, bnctx))
|
||||||
|
goto err;
|
||||||
|
keyparams = OSSL_PARAM_BLD_to_param(keybld);
|
||||||
|
keyctx = EVP_PKEY_CTX_new_from_name(libctx, t->algorithm, NULL);
|
||||||
|
if (keyctx == NULL || keyparams == NULL)
|
||||||
|
goto err;
|
||||||
|
if (EVP_PKEY_fromdata_init(keyctx) <= 0
|
||||||
|
|| EVP_PKEY_fromdata(keyctx, &key, EVP_PKEY_KEYPAIR, keyparams) <= 0)
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
/* Create a EVP_PKEY_CTX to use for the encrypt or decrypt operation */
|
||||||
|
encctx = EVP_PKEY_CTX_new_from_pkey(libctx, key, NULL);
|
||||||
|
if (encctx == NULL
|
||||||
|
|| (t->encrypt && EVP_PKEY_encrypt_init(encctx) <= 0)
|
||||||
|
|| (!t->encrypt && EVP_PKEY_decrypt_init(encctx) <= 0))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
/* Add any additional parameters such as padding */
|
||||||
|
if (t->postinit != NULL) {
|
||||||
|
initbld = OSSL_PARAM_BLD_new();
|
||||||
|
if (initbld == NULL)
|
||||||
|
goto err;
|
||||||
|
if (!add_params(initbld, t->postinit, bnctx))
|
||||||
|
goto err;
|
||||||
|
initparams = OSSL_PARAM_BLD_to_param(initbld);
|
||||||
|
if (initparams == NULL)
|
||||||
|
goto err;
|
||||||
|
if (EVP_PKEY_CTX_set_params(encctx, initparams) <= 0)
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (t->encrypt) {
|
||||||
|
if (EVP_PKEY_encrypt(encctx, out, &outlen,
|
||||||
|
t->in, t->in_len) <= 0)
|
||||||
|
goto err;
|
||||||
|
} else {
|
||||||
|
if (EVP_PKEY_decrypt(encctx, out, &outlen,
|
||||||
|
t->in, t->in_len) <= 0)
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
/* Check the KAT */
|
||||||
|
OSSL_SELF_TEST_oncorrupt_byte(st, out);
|
||||||
|
if (outlen != t->expected_len
|
||||||
|
|| memcmp(out, t->expected, t->expected_len) != 0)
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
ret = 1;
|
||||||
|
err:
|
||||||
|
BN_CTX_free(bnctx);
|
||||||
|
EVP_PKEY_free(key);
|
||||||
|
EVP_PKEY_CTX_free(encctx);
|
||||||
|
EVP_PKEY_CTX_free(keyctx);
|
||||||
|
OSSL_PARAM_free(keyparams);
|
||||||
|
OSSL_PARAM_BLD_free(keybld);
|
||||||
|
OSSL_PARAM_free(initparams);
|
||||||
|
OSSL_PARAM_BLD_free(initbld);
|
||||||
|
OSSL_SELF_TEST_onend(st, ret);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Test a data driven list of KAT's for digest algorithms.
|
* Test a data driven list of KAT's for digest algorithms.
|
||||||
* All tests are run regardless of if they fail or not.
|
* All tests are run regardless of if they fail or not.
|
||||||
|
|
@ -899,6 +986,17 @@ static int self_test_kems(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int self_test_asym_ciphers(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
|
||||||
|
{
|
||||||
|
int i, ret = 1;
|
||||||
|
|
||||||
|
for (i = 0; i < (int)OSSL_NELEM(st_kat_asym_cipher_tests); ++i) {
|
||||||
|
if (!self_test_asym_cipher(&st_kat_asym_cipher_tests[i], st, libctx))
|
||||||
|
ret = 0;
|
||||||
|
}
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
static int self_test_kdfs(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
|
static int self_test_kdfs(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
|
||||||
{
|
{
|
||||||
int i, ret = 1;
|
int i, ret = 1;
|
||||||
|
|
@ -1151,6 +1249,8 @@ int SELF_TEST_kats(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
|
||||||
ret = 0;
|
ret = 0;
|
||||||
if (!self_test_kems(st, libctx))
|
if (!self_test_kems(st, libctx))
|
||||||
ret = 0;
|
ret = 0;
|
||||||
|
if (!self_test_asym_ciphers(st, libctx))
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
RAND_set0_private(libctx, saved_rand);
|
RAND_set0_private(libctx, saved_rand);
|
||||||
return ret;
|
return ret;
|
||||||
|
|
|
||||||
|
|
@ -57,7 +57,7 @@ ossl_ml_common_pkcs8_fmt_order(const char *algorithm_name,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Formats are case-insensitive, separated by spaces, tabs or commas.
|
* Formats are case-insensitive, separated by spaces, tabs or commas.
|
||||||
* Duplicate formats are allowed, the first occurence determines the order.
|
* Duplicate formats are allowed, the first occurrence determines the order.
|
||||||
*/
|
*/
|
||||||
do {
|
do {
|
||||||
if (*(fmt += strspn(fmt, sep)) == '\0')
|
if (*(fmt += strspn(fmt, sep)) == '\0')
|
||||||
|
|
|
||||||
|
|
@ -126,7 +126,7 @@ ossl_ml_dsa_d2i_PUBKEY(const uint8_t *pk, int pk_len, int evp_type,
|
||||||
|
|
||||||
if (!ossl_ml_dsa_pk_decode(ret, pk, (size_t) pk_len)) {
|
if (!ossl_ml_dsa_pk_decode(ret, pk, (size_t) pk_len)) {
|
||||||
ERR_raise_data(ERR_LIB_PROV, PROV_R_BAD_ENCODING,
|
ERR_raise_data(ERR_LIB_PROV, PROV_R_BAD_ENCODING,
|
||||||
"errror parsing %s public key from input SPKI",
|
"error parsing %s public key from input SPKI",
|
||||||
params->alg);
|
params->alg);
|
||||||
ossl_ml_dsa_key_free(ret);
|
ossl_ml_dsa_key_free(ret);
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
|
||||||
|
|
@ -125,7 +125,7 @@ ossl_ml_kem_d2i_PUBKEY(const uint8_t *pubenc, int publen, int evp_type,
|
||||||
|
|
||||||
if (!ossl_ml_kem_parse_public_key(pubenc, (size_t) publen, ret)) {
|
if (!ossl_ml_kem_parse_public_key(pubenc, (size_t) publen, ret)) {
|
||||||
ERR_raise_data(ERR_LIB_PROV, PROV_R_BAD_ENCODING,
|
ERR_raise_data(ERR_LIB_PROV, PROV_R_BAD_ENCODING,
|
||||||
"errror parsing %s public key from input SPKI",
|
"error parsing %s public key from input SPKI",
|
||||||
v->algorithm_name);
|
v->algorithm_name);
|
||||||
ossl_ml_kem_key_free(ret);
|
ossl_ml_kem_key_free(ret);
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
|
||||||
|
|
@ -359,7 +359,7 @@ static int cipher_init(EVP_CIPHER_CTX *ctx,
|
||||||
{
|
{
|
||||||
int klen, ret;
|
int klen, ret;
|
||||||
|
|
||||||
ret = EVP_EncryptInit_ex(ctx, cipher, engine, key, NULL);
|
ret = EVP_EncryptInit_ex(ctx, cipher, engine, NULL, NULL);
|
||||||
if (!ret)
|
if (!ret)
|
||||||
goto out;
|
goto out;
|
||||||
/* set the key len for the odd variable key len cipher */
|
/* set the key len for the odd variable key len cipher */
|
||||||
|
|
@ -371,6 +371,9 @@ static int cipher_init(EVP_CIPHER_CTX *ctx,
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
ret = EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
|
||||||
|
if (!ret)
|
||||||
|
goto out;
|
||||||
/* we never want padding, either the length requested is a multiple of
|
/* we never want padding, either the length requested is a multiple of
|
||||||
* the cipher block size or we are passed a cipher that can cope with
|
* the cipher block size or we are passed a cipher that can cope with
|
||||||
* partial blocks via techniques like cipher text stealing */
|
* partial blocks via techniques like cipher text stealing */
|
||||||
|
|
|
||||||
|
|
@ -302,7 +302,7 @@ static int rsasve_generate(PROV_RSA_CTX *prsactx,
|
||||||
/*
|
/*
|
||||||
* If outlen is specified, then it must report the length
|
* If outlen is specified, then it must report the length
|
||||||
* of the out buffer on input so that we can confirm
|
* of the out buffer on input so that we can confirm
|
||||||
* its size is sufficent for encapsulation
|
* its size is sufficient for encapsulation
|
||||||
*/
|
*/
|
||||||
if (outlen != NULL && *outlen < nlen) {
|
if (outlen != NULL && *outlen < nlen) {
|
||||||
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_OUTPUT_LENGTH);
|
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_OUTPUT_LENGTH);
|
||||||
|
|
@ -334,7 +334,7 @@ static int rsasve_generate(PROV_RSA_CTX *prsactx,
|
||||||
/**
|
/**
|
||||||
* rsasve_recover - Recovers a secret value from ciphertext using an RSA
|
* rsasve_recover - Recovers a secret value from ciphertext using an RSA
|
||||||
* private key. Once, recovered, the secret value is considered to be a
|
* private key. Once, recovered, the secret value is considered to be a
|
||||||
* shared secret. Algorithm is preformed as per
|
* shared secret. Algorithm is performed as per
|
||||||
* NIST SP 800-56B Rev 2
|
* NIST SP 800-56B Rev 2
|
||||||
* 7.2.1.3 RSASVE Recovery Operation (RSASVE.RECOVER).
|
* 7.2.1.3 RSASVE Recovery Operation (RSASVE.RECOVER).
|
||||||
*
|
*
|
||||||
|
|
|
||||||
|
|
@ -229,14 +229,6 @@ static int ecx_import(void *keydata, int selection, const OSSL_PARAM params[])
|
||||||
include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
|
include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
|
||||||
ok = ok && ossl_ecx_key_fromdata(key, p.pub, p.priv, include_private);
|
ok = ok && ossl_ecx_key_fromdata(key, p.pub, p.priv, include_private);
|
||||||
|
|
||||||
#ifdef FIPS_MODULE
|
|
||||||
if (ok > 0 && ecx_key_type_is_ed(key->type) && !ossl_fips_self_testing())
|
|
||||||
if (key->haspubkey && key->privkey != NULL) {
|
|
||||||
ok = ecd_fips140_pairwise_test(key, key->type, 1);
|
|
||||||
if (ok <= 0)
|
|
||||||
ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT_IMPORT);
|
|
||||||
}
|
|
||||||
#endif /* FIPS_MODULE */
|
|
||||||
return ok;
|
return ok;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -146,7 +146,7 @@ static int blake2_mac_final(void *vmacctx,
|
||||||
return BLAKE2_FINAL(out, &macctx->ctx);
|
return BLAKE2_FINAL(out, &macctx->ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* See blake2.h for parameter defintion */
|
/* See blake2.h for parameter definition */
|
||||||
static const OSSL_PARAM *blake2_gettable_ctx_params(ossl_unused void *ctx,
|
static const OSSL_PARAM *blake2_gettable_ctx_params(ossl_unused void *ctx,
|
||||||
ossl_unused void *provctx)
|
ossl_unused void *provctx)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -111,7 +111,7 @@ typedef struct {
|
||||||
unsigned int mgf1_md_set : 1;
|
unsigned int mgf1_md_set : 1;
|
||||||
/*
|
/*
|
||||||
* Flags to say what are the possible next external calls in what
|
* Flags to say what are the possible next external calls in what
|
||||||
* consitutes the life cycle of an algorithm. The relevant calls are:
|
* constitutes the life cycle of an algorithm. The relevant calls are:
|
||||||
* - init
|
* - init
|
||||||
* - update
|
* - update
|
||||||
* - final
|
* - final
|
||||||
|
|
|
||||||
|
|
@ -2478,7 +2478,7 @@ static void ch_rx_handle_packet(QUIC_CHANNEL *ch, int channel_only)
|
||||||
while (PACKET_remaining(&vpkt) > 0) {
|
while (PACKET_remaining(&vpkt) > 0) {
|
||||||
/*
|
/*
|
||||||
* We only support quic version 1 at the moment, so
|
* We only support quic version 1 at the moment, so
|
||||||
* look to see if thats offered
|
* look to see if that's offered
|
||||||
*/
|
*/
|
||||||
if (!PACKET_get_net_4(&vpkt, &supported_ver))
|
if (!PACKET_get_net_4(&vpkt, &supported_ver))
|
||||||
return;
|
return;
|
||||||
|
|
|
||||||
|
|
@ -3241,6 +3241,7 @@ int ossl_quic_conn_stream_conclude(SSL *s)
|
||||||
QCTX ctx;
|
QCTX ctx;
|
||||||
QUIC_STREAM *qs;
|
QUIC_STREAM *qs;
|
||||||
int err;
|
int err;
|
||||||
|
int ret;
|
||||||
|
|
||||||
if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, /*io=*/0, &ctx))
|
if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, /*io=*/0, &ctx))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
@ -3248,13 +3249,15 @@ int ossl_quic_conn_stream_conclude(SSL *s)
|
||||||
qs = ctx.xso->stream;
|
qs = ctx.xso->stream;
|
||||||
|
|
||||||
if (!quic_mutation_allowed(ctx.qc, /*req_active=*/1)) {
|
if (!quic_mutation_allowed(ctx.qc, /*req_active=*/1)) {
|
||||||
|
ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
|
||||||
qctx_unlock(&ctx);
|
qctx_unlock(&ctx);
|
||||||
return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!quic_validate_for_write(ctx.xso, &err)) {
|
if (!quic_validate_for_write(ctx.xso, &err)) {
|
||||||
|
ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
|
||||||
qctx_unlock(&ctx);
|
qctx_unlock(&ctx);
|
||||||
return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ossl_quic_sstream_get_final_size(qs->sstream, NULL)) {
|
if (ossl_quic_sstream_get_final_size(qs->sstream, NULL)) {
|
||||||
|
|
|
||||||
|
|
@ -520,9 +520,9 @@ static QUIC_CHANNEL *port_make_channel(QUIC_PORT *port, SSL *tls, OSSL_QRX *qrx,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Creating a a new channel is made a bit tricky here as there is a
|
* Creating a a new channel is made a bit tricky here as there is a
|
||||||
* bit of a circular dependency. Initalizing a channel requires that
|
* bit of a circular dependency. Initializing a channel requires that
|
||||||
* the ch->tls and optionally the qlog_title be configured prior to
|
* the ch->tls and optionally the qlog_title be configured prior to
|
||||||
* initalization, but we need the channel at least partially configured
|
* initialization, but we need the channel at least partially configured
|
||||||
* to create the new handshake layer, so we have to do this in a few steps.
|
* to create the new handshake layer, so we have to do this in a few steps.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
@ -1033,7 +1033,7 @@ err:
|
||||||
/**
|
/**
|
||||||
* @brief Parses contents of a buffer into a validation token.
|
* @brief Parses contents of a buffer into a validation token.
|
||||||
*
|
*
|
||||||
* VALIDATION_TOKEN should already be initalized. Does some basic sanity checks.
|
* VALIDATION_TOKEN should already be initialized. Does some basic sanity checks.
|
||||||
*
|
*
|
||||||
* @param token Validation token to fill data in.
|
* @param token Validation token to fill data in.
|
||||||
* @param buf Buffer of previously marshaled validation token.
|
* @param buf Buffer of previously marshaled validation token.
|
||||||
|
|
@ -1291,7 +1291,7 @@ static void port_send_version_negotiation(QUIC_PORT *port, BIO_ADDR *peer,
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief defintions of token lifetimes
|
* @brief definitions of token lifetimes
|
||||||
*
|
*
|
||||||
* RETRY tokens are only valid for 10 seconds
|
* RETRY tokens are only valid for 10 seconds
|
||||||
* NEW_TOKEN tokens have a lifetime of 3600 sec (1 hour)
|
* NEW_TOKEN tokens have a lifetime of 3600 sec (1 hour)
|
||||||
|
|
|
||||||
|
|
@ -44,7 +44,7 @@ int ossl_quic_hkdf_extract(OSSL_LIB_CTX *libctx,
|
||||||
* at least 8 bytes. It means that the length of destination connection ID
|
* at least 8 bytes. It means that the length of destination connection ID
|
||||||
* may be less than the minimum length for HKDF required by FIPS provider.
|
* may be less than the minimum length for HKDF required by FIPS provider.
|
||||||
*
|
*
|
||||||
* Therefore, we need to set `key-check` to zero to allow using destionation
|
* Therefore, we need to set `key-check` to zero to allow using destination
|
||||||
* connection ID as IKM.
|
* connection ID as IKM.
|
||||||
*/
|
*/
|
||||||
*p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_FIPS_KEY_CHECK, &key_check);
|
*p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_FIPS_KEY_CHECK, &key_check);
|
||||||
|
|
|
||||||
|
|
@ -1093,9 +1093,12 @@ int tls13_common_post_process_record(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rl->msg_callback != NULL)
|
if (rl->msg_callback != NULL) {
|
||||||
rl->msg_callback(0, rl->version, SSL3_RT_INNER_CONTENT_TYPE, &rec->type,
|
unsigned char ctype = (unsigned char)rec->type;
|
||||||
|
|
||||||
|
rl->msg_callback(0, rl->version, SSL3_RT_INNER_CONTENT_TYPE, &ctype,
|
||||||
1, rl->cbarg);
|
1, rl->cbarg);
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* TLSv1.3 alert and handshake records are required to be non-zero in
|
* TLSv1.3 alert and handshake records are required to be non-zero in
|
||||||
|
|
|
||||||
|
|
@ -83,7 +83,7 @@ static int create_socket(int domain, int socktype, int protocol)
|
||||||
/*
|
/*
|
||||||
* Its also possible that someone is building a binary on a newer windows
|
* Its also possible that someone is building a binary on a newer windows
|
||||||
* SDK, but running it on a runtime that doesn't support inheritance
|
* SDK, but running it on a runtime that doesn't support inheritance
|
||||||
* supression. In that case the above will return INVALID_SOCKET, and
|
* suppression. In that case the above will return INVALID_SOCKET, and
|
||||||
* our response for those older platforms is to try the call again
|
* our response for those older platforms is to try the call again
|
||||||
* without the flag
|
* without the flag
|
||||||
*/
|
*/
|
||||||
|
|
@ -142,7 +142,7 @@ static int create_socket(int domain, int socktype, int protocol)
|
||||||
*
|
*
|
||||||
* Win32 does not support socketpair(2), and Win32 pipes are not compatible with
|
* Win32 does not support socketpair(2), and Win32 pipes are not compatible with
|
||||||
* Winsock select(2). This means our only means of making select(2) wakeable is
|
* Winsock select(2). This means our only means of making select(2) wakeable is
|
||||||
* to artifically create a loopback TCP connection and send bytes to it.
|
* to artificially create a loopback TCP connection and send bytes to it.
|
||||||
*/
|
*/
|
||||||
int ossl_rio_notifier_init(RIO_NOTIFIER *nfy)
|
int ossl_rio_notifier_init(RIO_NOTIFIER *nfy)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -3962,8 +3962,8 @@ static long check_keylog_bio_free(BIO *b, int oper, const char *argp,
|
||||||
/*
|
/*
|
||||||
* Note we _dont_ take the keylog_lock here
|
* Note we _dont_ take the keylog_lock here
|
||||||
* This is intentional, because we only free the keylog lock
|
* This is intentional, because we only free the keylog lock
|
||||||
* During SSL_CTX_free, in which we already posess the lock, so
|
* During SSL_CTX_free, in which we already possess the lock, so
|
||||||
* Theres no need to grab it again here
|
* There's no need to grab it again here
|
||||||
*/
|
*/
|
||||||
if (oper == BIO_CB_FREE)
|
if (oper == BIO_CB_FREE)
|
||||||
keylog_bio = NULL;
|
keylog_bio = NULL;
|
||||||
|
|
@ -4319,7 +4319,7 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq,
|
||||||
/* Make sure we have a global lock allocated */
|
/* Make sure we have a global lock allocated */
|
||||||
if (!RUN_ONCE(&ssl_keylog_once, ssl_keylog_init)) {
|
if (!RUN_ONCE(&ssl_keylog_once, ssl_keylog_init)) {
|
||||||
/* use a trace message as a warning */
|
/* use a trace message as a warning */
|
||||||
OSSL_TRACE(TLS, "Unable to initalize keylog data\n");
|
OSSL_TRACE(TLS, "Unable to initialize keylog data\n");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1056,10 +1056,13 @@ static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *pr
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!X509_up_ref(x509))
|
if (!X509_up_ref(x509)) {
|
||||||
|
OSSL_STACK_OF_X509_free(dup_chain);
|
||||||
goto out;
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
if (!EVP_PKEY_up_ref(privatekey)) {
|
if (!EVP_PKEY_up_ref(privatekey)) {
|
||||||
|
OSSL_STACK_OF_X509_free(dup_chain);
|
||||||
X509_free(x509);
|
X509_free(x509);
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -901,7 +901,7 @@ int tls_parse_ctos_key_share(SSL_CONNECTION *s, PACKET *pkt,
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* We now have the folowing lists available to make a decision for
|
* We now have the following lists available to make a decision for
|
||||||
* which group the server should use for key exchange :
|
* which group the server should use for key exchange :
|
||||||
* From client: clntgroups[clnt_num_groups],
|
* From client: clntgroups[clnt_num_groups],
|
||||||
* keyshares_arr[keyshares_cnt], encoded_pubkey_arr[keyshares_cnt]
|
* keyshares_arr[keyshares_cnt], encoded_pubkey_arr[keyshares_cnt]
|
||||||
|
|
|
||||||
|
|
@ -72,7 +72,7 @@ static int tls1_PRF(SSL_CONNECTION *s,
|
||||||
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED,
|
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED,
|
||||||
(void *)seed5, (size_t)seed5_len);
|
(void *)seed5, (size_t)seed5_len);
|
||||||
/*
|
/*
|
||||||
* If we have a propery query string, the kdf needs to know about it in the event
|
* If we have a property query string, the kdf needs to know about it in the event
|
||||||
* the specific kdf in use allocated a digest as part of its implementation
|
* the specific kdf in use allocated a digest as part of its implementation
|
||||||
*/
|
*/
|
||||||
if (SSL_CONNECTION_GET_CTX(s)->propq != NULL)
|
if (SSL_CONNECTION_GET_CTX(s)->propq != NULL)
|
||||||
|
|
|
||||||
|
|
@ -1583,10 +1583,10 @@ static int tuple_cb(const char *tuple, int len, void *arg)
|
||||||
/*
|
/*
|
||||||
* Set groups and prepare generation of keyshares based on a string of groupnames,
|
* Set groups and prepare generation of keyshares based on a string of groupnames,
|
||||||
* names separated by the group or the tuple delimiter, with per-group prefixes to
|
* names separated by the group or the tuple delimiter, with per-group prefixes to
|
||||||
* (1) add a key share for this group, (2) ignore the group if unkown to the current
|
* (1) add a key share for this group, (2) ignore the group if unknown to the current
|
||||||
* context, (3) delete a previous occurrence of the group in the current tuple.
|
* context, (3) delete a previous occurrence of the group in the current tuple.
|
||||||
*
|
*
|
||||||
* The list parsing is done in two hierachical steps: The top-level step extracts the
|
* The list parsing is done in two hierarchical steps: The top-level step extracts the
|
||||||
* string of a tuple using tuple_cb, while the next lower step uses gid_cb to
|
* string of a tuple using tuple_cb, while the next lower step uses gid_cb to
|
||||||
* parse and process the groups inside a tuple
|
* parse and process the groups inside a tuple
|
||||||
*/
|
*/
|
||||||
|
|
@ -1646,7 +1646,7 @@ int tls1_set_groups_list(SSL_CTX *ctx,
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* We check whether a tuple was completly emptied by using "-" prefix
|
* We check whether a tuple was completely emptied by using "-" prefix
|
||||||
* excessively, in which case we remove the tuple
|
* excessively, in which case we remove the tuple
|
||||||
*/
|
*/
|
||||||
for (i = j = 0; j < gcb.tplcnt; j++) {
|
for (i = j = 0; j < gcb.tplcnt; j++) {
|
||||||
|
|
@ -1693,7 +1693,7 @@ int tls1_set_groups_list(SSL_CTX *ctx,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* tuple_cb and gid_cb combo ensures there are no duplicates or unknown groups so we
|
* tuple_cb and gid_cb combo ensures there are no duplicates or unknown groups so we
|
||||||
* can just go ahead and set the results (after diposing the existing)
|
* can just go ahead and set the results (after disposing the existing)
|
||||||
*/
|
*/
|
||||||
OPENSSL_free(*grpext);
|
OPENSSL_free(*grpext);
|
||||||
*grpext = gcb.gid_arr;
|
*grpext = gcb.gid_arr;
|
||||||
|
|
|
||||||
|
|
@ -548,8 +548,12 @@ static const ssl_trace_tbl ssl_groups_tbl[] = {
|
||||||
{258, "ffdhe4096"},
|
{258, "ffdhe4096"},
|
||||||
{259, "ffdhe6144"},
|
{259, "ffdhe6144"},
|
||||||
{260, "ffdhe8192"},
|
{260, "ffdhe8192"},
|
||||||
|
{512, "MLKEM512"},
|
||||||
|
{513, "MLKEM768"},
|
||||||
|
{514, "MLKEM1024"},
|
||||||
{4587, "SecP256r1MLKEM768"},
|
{4587, "SecP256r1MLKEM768"},
|
||||||
{4588, "X25519MLKEM768"},
|
{4588, "X25519MLKEM768"},
|
||||||
|
{4589, "SecP384r1MLKEM1024"},
|
||||||
{25497, "X25519Kyber768Draft00"},
|
{25497, "X25519Kyber768Draft00"},
|
||||||
{25498, "SecP256r1Kyber768Draft00"},
|
{25498, "SecP256r1Kyber768Draft00"},
|
||||||
{0xFF01, "arbitrary_explicit_prime_curves"},
|
{0xFF01, "arbitrary_explicit_prime_curves"},
|
||||||
|
|
@ -1306,7 +1310,7 @@ static int ssl_print_certificate(BIO *bio, const SSL_CONNECTION *sc, int indent,
|
||||||
x = NULL;
|
x = NULL;
|
||||||
}
|
}
|
||||||
if (x == NULL)
|
if (x == NULL)
|
||||||
BIO_puts(bio, "<UNPARSEABLE CERTIFICATE>\n");
|
BIO_puts(bio, "<UNPARSABLE CERTIFICATE>\n");
|
||||||
else {
|
else {
|
||||||
BIO_puts(bio, "\n------details-----\n");
|
BIO_puts(bio, "\n------details-----\n");
|
||||||
X509_print_ex(bio, x, XN_FLAG_ONELINE, 0);
|
X509_print_ex(bio, x, XN_FLAG_ONELINE, 0);
|
||||||
|
|
@ -1537,7 +1541,7 @@ static int ssl_print_cert_request(BIO *bio, int indent, const SSL_CONNECTION *sc
|
||||||
p = msg;
|
p = msg;
|
||||||
nm = d2i_X509_NAME(NULL, &p, (long)dlen);
|
nm = d2i_X509_NAME(NULL, &p, (long)dlen);
|
||||||
if (!nm) {
|
if (!nm) {
|
||||||
BIO_puts(bio, "<UNPARSEABLE DN>\n");
|
BIO_puts(bio, "<UNPARSABLE DN>\n");
|
||||||
} else {
|
} else {
|
||||||
X509_NAME_print_ex(bio, nm, 0, XN_FLAG_ONELINE);
|
X509_NAME_print_ex(bio, nm, 0, XN_FLAG_ONELINE);
|
||||||
BIO_puts(bio, "\n");
|
BIO_puts(bio, "\n");
|
||||||
|
|
|
||||||
|
|
@ -31,7 +31,8 @@ IF[{- !$disabled{tests} -}]
|
||||||
testutil/format_output.c testutil/load.c testutil/fake_random.c \
|
testutil/format_output.c testutil/load.c testutil/fake_random.c \
|
||||||
testutil/test_cleanup.c testutil/main.c testutil/testutil_init.c \
|
testutil/test_cleanup.c testutil/main.c testutil/testutil_init.c \
|
||||||
testutil/options.c testutil/test_options.c testutil/provider.c \
|
testutil/options.c testutil/test_options.c testutil/provider.c \
|
||||||
testutil/apps_shims.c testutil/random.c testutil/helper.c $LIBAPPSSRC
|
testutil/apps_shims.c testutil/random.c testutil/helper.c \
|
||||||
|
testutil/compare.c $LIBAPPSSRC
|
||||||
INCLUDE[libtestutil.a]=../include ../apps/include ..
|
INCLUDE[libtestutil.a]=../include ../apps/include ..
|
||||||
DEPEND[libtestutil.a]=../libcrypto
|
DEPEND[libtestutil.a]=../libcrypto
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -35,6 +35,8 @@ static int exptypes_selection;
|
||||||
static int query_id;
|
static int query_id;
|
||||||
static int key_deleted;
|
static int key_deleted;
|
||||||
|
|
||||||
|
unsigned fake_rsa_query_operation_name = 0;
|
||||||
|
|
||||||
typedef struct {
|
typedef struct {
|
||||||
OSSL_LIB_CTX *libctx;
|
OSSL_LIB_CTX *libctx;
|
||||||
} PROV_FAKE_RSA_CTX;
|
} PROV_FAKE_RSA_CTX;
|
||||||
|
|
@ -90,7 +92,7 @@ static const char *fake_rsa_keymgmt_query(int id)
|
||||||
/* record global for checking */
|
/* record global for checking */
|
||||||
query_id = id;
|
query_id = id;
|
||||||
|
|
||||||
return "RSA";
|
return fake_rsa_query_operation_name ? NULL: "RSA";
|
||||||
}
|
}
|
||||||
|
|
||||||
static int fake_rsa_keymgmt_import(void *keydata, int selection,
|
static int fake_rsa_keymgmt_import(void *keydata, int selection,
|
||||||
|
|
|
||||||
|
|
@ -14,5 +14,14 @@
|
||||||
/* Fake RSA provider implementation */
|
/* Fake RSA provider implementation */
|
||||||
OSSL_PROVIDER *fake_rsa_start(OSSL_LIB_CTX *libctx);
|
OSSL_PROVIDER *fake_rsa_start(OSSL_LIB_CTX *libctx);
|
||||||
void fake_rsa_finish(OSSL_PROVIDER *p);
|
void fake_rsa_finish(OSSL_PROVIDER *p);
|
||||||
|
|
||||||
OSSL_PARAM *fake_rsa_key_params(int priv);
|
OSSL_PARAM *fake_rsa_key_params(int priv);
|
||||||
void fake_rsa_restore_store_state(void);
|
void fake_rsa_restore_store_state(void);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* When fake_rsa_query_operation_name is set to a non-zero value,
|
||||||
|
* query_operation_name() will return NULL.
|
||||||
|
*
|
||||||
|
* By default, it is 0, in which case query_operation_name() will return "RSA".
|
||||||
|
*/
|
||||||
|
extern unsigned fake_rsa_query_operation_name;
|
||||||
|
|
|
||||||
|
|
@ -551,6 +551,7 @@ int setup_tests(void)
|
||||||
{
|
{
|
||||||
OPTION_CHOICE o;
|
OPTION_CHOICE o;
|
||||||
char *config_file = NULL;
|
char *config_file = NULL;
|
||||||
|
EVP_PKEY_CTX *ctx = NULL;
|
||||||
|
|
||||||
/* Swap the libctx to test non-default context only */
|
/* Swap the libctx to test non-default context only */
|
||||||
propq = "provider=default";
|
propq = "provider=default";
|
||||||
|
|
@ -571,6 +572,11 @@ int setup_tests(void)
|
||||||
if (!test_get_libctx(&libctx, &nullprov, config_file, &libprov, NULL))
|
if (!test_get_libctx(&libctx, &nullprov, config_file, &libprov, NULL))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
ctx = EVP_PKEY_CTX_new_from_name(libctx, "LMS", propq);
|
||||||
|
if (ctx == NULL && ERR_get_error() == EVP_R_UNSUPPORTED_ALGORITHM)
|
||||||
|
return TEST_skip("LMS algorithm is not available in provider");
|
||||||
|
EVP_PKEY_CTX_free(ctx);
|
||||||
|
|
||||||
ADD_TEST(lms_bad_pub_len_test);
|
ADD_TEST(lms_bad_pub_len_test);
|
||||||
ADD_TEST(lms_key_validate_test);
|
ADD_TEST(lms_key_validate_test);
|
||||||
ADD_TEST(lms_key_eq_test);
|
ADD_TEST(lms_key_eq_test);
|
||||||
|
|
|
||||||
|
|
@ -140,9 +140,19 @@ static int test_ml_kem(void)
|
||||||
if (!TEST_int_gt(EVP_PKEY_copy_parameters(bkey, akey), 0))
|
if (!TEST_int_gt(EVP_PKEY_copy_parameters(bkey, akey), 0))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
|
/* Bob's empty key is not equal to Alice's */
|
||||||
|
if (!TEST_false(EVP_PKEY_eq(akey, bkey))
|
||||||
|
|| !TEST_false(EVP_PKEY_eq(bkey, akey)))
|
||||||
|
goto err;
|
||||||
|
|
||||||
if (!TEST_true(EVP_PKEY_set1_encoded_public_key(bkey, rawpub, publen)))
|
if (!TEST_true(EVP_PKEY_set1_encoded_public_key(bkey, rawpub, publen)))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
|
/* Bob's copy of Alice's public key makes the two equal */
|
||||||
|
if (!TEST_true(EVP_PKEY_eq(akey, bkey))
|
||||||
|
|| !TEST_true(EVP_PKEY_eq(bkey, akey)))
|
||||||
|
goto err;
|
||||||
|
|
||||||
/* Encapsulate Bob's key */
|
/* Encapsulate Bob's key */
|
||||||
ctx = EVP_PKEY_CTX_new_from_pkey(testctx, bkey, NULL);
|
ctx = EVP_PKEY_CTX_new_from_pkey(testctx, bkey, NULL);
|
||||||
if (!TEST_ptr(ctx))
|
if (!TEST_ptr(ctx))
|
||||||
|
|
|
||||||
|
|
@ -1369,7 +1369,8 @@ static int ossl_test_aes128cbchmacsha1_set_ctx_params(void *vprovctx, const OSSL
|
||||||
|
|
||||||
p = OSSL_PARAM_locate((OSSL_PARAM *)params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD);
|
p = OSSL_PARAM_locate((OSSL_PARAM *)params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD);
|
||||||
if (p != NULL) {
|
if (p != NULL) {
|
||||||
OSSL_PARAM_get_octet_string_ptr(p, (const void **)&val, &vlen);
|
if (OSSL_PARAM_get_octet_string_ptr(p, (const void **)&val, &vlen) != 1)
|
||||||
|
return 0;
|
||||||
len = val[EVP_AEAD_TLS1_AAD_LEN - 2] << 8 | val[EVP_AEAD_TLS1_AAD_LEN - 1];
|
len = val[EVP_AEAD_TLS1_AAD_LEN - 2] << 8 | val[EVP_AEAD_TLS1_AAD_LEN - 1];
|
||||||
ctx->tls_ver = val[EVP_AEAD_TLS1_AAD_LEN - 4] << 8 | val[EVP_AEAD_TLS1_AAD_LEN -3];
|
ctx->tls_ver = val[EVP_AEAD_TLS1_AAD_LEN - 4] << 8 | val[EVP_AEAD_TLS1_AAD_LEN -3];
|
||||||
|
|
||||||
|
|
@ -1665,8 +1666,10 @@ static int drbg_ctr_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
|
||||||
{
|
{
|
||||||
OSSL_PARAM *p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_MAX_REQUEST);
|
OSSL_PARAM *p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_MAX_REQUEST);
|
||||||
|
|
||||||
if (p != NULL)
|
if (p != NULL && !OSSL_PARAM_set_size_t(p, (size_t)(1 << 16))) {
|
||||||
OSSL_PARAM_set_size_t(p, (size_t)(1 << 16));
|
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -687,6 +687,22 @@ static int test_property_list_to_string(int i)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int test_property_list_to_string_bounds(void)
|
||||||
|
{
|
||||||
|
OSSL_PROPERTY_LIST *pl = NULL;
|
||||||
|
char buf[16];
|
||||||
|
int ret = 0;
|
||||||
|
|
||||||
|
if (!TEST_ptr(pl = ossl_parse_query(NULL, "provider='$1'", 1)))
|
||||||
|
goto err;
|
||||||
|
if (!TEST_size_t_eq(ossl_property_list_to_string(NULL, pl, buf, 10), 14))
|
||||||
|
goto err;
|
||||||
|
ret = 1;
|
||||||
|
err:
|
||||||
|
ossl_property_free(pl);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
ADD_TEST(test_property_string);
|
ADD_TEST(test_property_string);
|
||||||
|
|
@ -701,5 +717,6 @@ int setup_tests(void)
|
||||||
ADD_TEST(test_query_cache_stochastic);
|
ADD_TEST(test_query_cache_stochastic);
|
||||||
ADD_TEST(test_fips_mode);
|
ADD_TEST(test_fips_mode);
|
||||||
ADD_ALL_TESTS(test_property_list_to_string, OSSL_NELEM(to_string_tests));
|
ADD_ALL_TESTS(test_property_list_to_string, OSSL_NELEM(to_string_tests));
|
||||||
|
ADD_TEST(test_property_list_to_string_bounds);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -239,6 +239,77 @@ end:
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int test_pkey_can_sign(void)
|
||||||
|
{
|
||||||
|
OSSL_PROVIDER *fake_rsa = NULL;
|
||||||
|
EVP_PKEY *pkey_fake = NULL;
|
||||||
|
EVP_PKEY_CTX *ctx = NULL;
|
||||||
|
OSSL_PARAM *params = NULL;
|
||||||
|
int ret = 0;
|
||||||
|
|
||||||
|
if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx)))
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Ensure other tests did not forget to reset fake_rsa_query_operation_name
|
||||||
|
* to its default value: 0
|
||||||
|
*/
|
||||||
|
if (!TEST_int_eq(fake_rsa_query_operation_name, 0))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
if (!TEST_ptr(params = fake_rsa_key_params(0))
|
||||||
|
|| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA",
|
||||||
|
"provider=fake-rsa"))
|
||||||
|
|| !TEST_true(EVP_PKEY_fromdata_init(ctx))
|
||||||
|
|| !TEST_true(EVP_PKEY_fromdata(ctx, &pkey_fake, EVP_PKEY_PUBLIC_KEY,
|
||||||
|
params))
|
||||||
|
|| !TEST_true(EVP_PKEY_can_sign(pkey_fake))
|
||||||
|
|| !TEST_ptr(pkey_fake))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
EVP_PKEY_CTX_free(ctx);
|
||||||
|
ctx = NULL;
|
||||||
|
EVP_PKEY_free(pkey_fake);
|
||||||
|
pkey_fake = NULL;
|
||||||
|
OSSL_PARAM_free(params);
|
||||||
|
params = NULL;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Documented behavior for OSSL_FUNC_keymgmt_query_operation_name()
|
||||||
|
* allows it to return NULL, in which case the fallback should be to use
|
||||||
|
* EVP_KEYMGMT_get0_name(). That is exactly the thing we are testing here.
|
||||||
|
*/
|
||||||
|
fake_rsa_query_operation_name = 1;
|
||||||
|
|
||||||
|
if (!TEST_ptr(params = fake_rsa_key_params(0))
|
||||||
|
|| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA",
|
||||||
|
"provider=fake-rsa"))
|
||||||
|
|| !TEST_true(EVP_PKEY_fromdata_init(ctx))
|
||||||
|
|| !TEST_true(EVP_PKEY_fromdata(ctx, &pkey_fake, EVP_PKEY_PUBLIC_KEY,
|
||||||
|
params))
|
||||||
|
|| !TEST_true(EVP_PKEY_can_sign(pkey_fake))
|
||||||
|
|| !TEST_ptr(pkey_fake))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
EVP_PKEY_CTX_free(ctx);
|
||||||
|
ctx = NULL;
|
||||||
|
EVP_PKEY_free(pkey_fake);
|
||||||
|
pkey_fake = NULL;
|
||||||
|
OSSL_PARAM_free(params);
|
||||||
|
params = NULL;
|
||||||
|
|
||||||
|
ret = 1;
|
||||||
|
end:
|
||||||
|
|
||||||
|
EVP_PKEY_CTX_free(ctx);
|
||||||
|
EVP_PKEY_free(pkey_fake);
|
||||||
|
OSSL_PARAM_free(params);
|
||||||
|
fake_rsa_query_operation_name = 0;
|
||||||
|
|
||||||
|
fake_rsa_finish(fake_rsa);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
static int test_pkey_store(int idx)
|
static int test_pkey_store(int idx)
|
||||||
{
|
{
|
||||||
OSSL_PROVIDER *deflt = NULL;
|
OSSL_PROVIDER *deflt = NULL;
|
||||||
|
|
@ -719,6 +790,7 @@ int setup_tests(void)
|
||||||
ADD_TEST(test_pkey_sig);
|
ADD_TEST(test_pkey_sig);
|
||||||
ADD_TEST(test_alternative_keygen_init);
|
ADD_TEST(test_alternative_keygen_init);
|
||||||
ADD_TEST(test_pkey_eq);
|
ADD_TEST(test_pkey_eq);
|
||||||
|
ADD_TEST(test_pkey_can_sign);
|
||||||
ADD_ALL_TESTS(test_pkey_store, 2);
|
ADD_ALL_TESTS(test_pkey_store, 2);
|
||||||
ADD_TEST(test_pkey_delete);
|
ADD_TEST(test_pkey_delete);
|
||||||
ADD_TEST(test_pkey_store_open_ex);
|
ADD_TEST(test_pkey_store_open_ex);
|
||||||
|
|
|
||||||
|
|
@ -429,91 +429,6 @@ static int test_version(void)
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(DO_SSL_TRACE_TEST)
|
#if defined(DO_SSL_TRACE_TEST)
|
||||||
static void strip_line_ends(char *str)
|
|
||||||
{
|
|
||||||
size_t i;
|
|
||||||
|
|
||||||
for (i = strlen(str);
|
|
||||||
i > 0 && (str[i - 1] == '\n' || str[i - 1] == '\r');
|
|
||||||
i--);
|
|
||||||
|
|
||||||
str[i] = '\0';
|
|
||||||
}
|
|
||||||
|
|
||||||
static int compare_with_file(BIO *membio)
|
|
||||||
{
|
|
||||||
BIO *file = NULL, *newfile = NULL;
|
|
||||||
char buf1[8192], buf2[8192];
|
|
||||||
char *reffile;
|
|
||||||
int ret = 0;
|
|
||||||
size_t i;
|
|
||||||
|
|
||||||
#ifdef OPENSSL_NO_ZLIB
|
|
||||||
reffile = test_mk_file_path(datadir, "ssltraceref.txt");
|
|
||||||
#else
|
|
||||||
reffile = test_mk_file_path(datadir, "ssltraceref-zlib.txt");
|
|
||||||
#endif
|
|
||||||
if (!TEST_ptr(reffile))
|
|
||||||
goto err;
|
|
||||||
|
|
||||||
file = BIO_new_file(reffile, "rb");
|
|
||||||
if (!TEST_ptr(file))
|
|
||||||
goto err;
|
|
||||||
|
|
||||||
newfile = BIO_new_file("ssltraceref-new.txt", "wb");
|
|
||||||
if (!TEST_ptr(newfile))
|
|
||||||
goto err;
|
|
||||||
|
|
||||||
while (BIO_gets(membio, buf2, sizeof(buf2)) > 0)
|
|
||||||
if (BIO_puts(newfile, buf2) <= 0) {
|
|
||||||
TEST_error("Failed writing new file data");
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!TEST_int_ge(BIO_seek(membio, 0), 0))
|
|
||||||
goto err;
|
|
||||||
|
|
||||||
while (BIO_gets(file, buf1, sizeof(buf1)) > 0) {
|
|
||||||
size_t line_len;
|
|
||||||
|
|
||||||
if (BIO_gets(membio, buf2, sizeof(buf2)) <= 0) {
|
|
||||||
TEST_error("Failed reading mem data");
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
strip_line_ends(buf1);
|
|
||||||
strip_line_ends(buf2);
|
|
||||||
line_len = strlen(buf1);
|
|
||||||
if (line_len > 0 && buf1[line_len - 1] == '?') {
|
|
||||||
/* Wildcard at the EOL means ignore anything after it */
|
|
||||||
if (strlen(buf2) > line_len)
|
|
||||||
buf2[line_len] = '\0';
|
|
||||||
}
|
|
||||||
if (line_len != strlen(buf2)) {
|
|
||||||
TEST_error("Actual and ref line data length mismatch");
|
|
||||||
TEST_info("%s", buf1);
|
|
||||||
TEST_info("%s", buf2);
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
for (i = 0; i < line_len; i++) {
|
|
||||||
/* '?' is a wild card character in the reference text */
|
|
||||||
if (buf1[i] == '?')
|
|
||||||
buf2[i] = '?';
|
|
||||||
}
|
|
||||||
if (!TEST_str_eq(buf1, buf2))
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
if (!TEST_true(BIO_eof(file))
|
|
||||||
|| !TEST_true(BIO_eof(membio)))
|
|
||||||
goto err;
|
|
||||||
|
|
||||||
ret = 1;
|
|
||||||
err:
|
|
||||||
OPENSSL_free(reffile);
|
|
||||||
BIO_free(file);
|
|
||||||
BIO_free(newfile);
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Tests that the SSL_trace() msg_callback works as expected with a QUIC
|
* Tests that the SSL_trace() msg_callback works as expected with a QUIC
|
||||||
* connection. This also provides testing of the msg_callback at the same time.
|
* connection. This also provides testing of the msg_callback at the same time.
|
||||||
|
|
@ -525,6 +440,7 @@ static int test_ssl_trace(void)
|
||||||
QUIC_TSERVER *qtserv = NULL;
|
QUIC_TSERVER *qtserv = NULL;
|
||||||
int testresult = 0;
|
int testresult = 0;
|
||||||
BIO *bio = NULL;
|
BIO *bio = NULL;
|
||||||
|
char *reffile = NULL;
|
||||||
|
|
||||||
if (!TEST_ptr(cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method()))
|
if (!TEST_ptr(cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method()))
|
||||||
|| !TEST_ptr(bio = BIO_new(BIO_s_mem()))
|
|| !TEST_ptr(bio = BIO_new(BIO_s_mem()))
|
||||||
|
|
@ -548,7 +464,13 @@ static int test_ssl_trace(void)
|
||||||
if (!TEST_int_gt(BIO_pending(bio), 0))
|
if (!TEST_int_gt(BIO_pending(bio), 0))
|
||||||
goto err;
|
goto err;
|
||||||
} else {
|
} else {
|
||||||
if (!TEST_true(compare_with_file(bio)))
|
|
||||||
|
# ifdef OPENSSL_NO_ZLIB
|
||||||
|
reffile = test_mk_file_path(datadir, "ssltraceref.txt");
|
||||||
|
# else
|
||||||
|
reffile = test_mk_file_path(datadir, "ssltraceref-zlib.txt");
|
||||||
|
# endif
|
||||||
|
if (!TEST_true(compare_with_reference_file(bio, reffile)))
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -558,6 +480,7 @@ static int test_ssl_trace(void)
|
||||||
SSL_free(clientquic);
|
SSL_free(clientquic);
|
||||||
SSL_CTX_free(cctx);
|
SSL_CTX_free(cctx);
|
||||||
BIO_free(bio);
|
BIO_free(bio);
|
||||||
|
OPENSSL_free(reffile);
|
||||||
|
|
||||||
return testresult;
|
return testresult;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -63,7 +63,7 @@ my @commandline =
|
||||||
( 'x942kdf_key_check', 'x942kdf-key-check' )
|
( 'x942kdf_key_check', 'x942kdf-key-check' )
|
||||||
);
|
);
|
||||||
|
|
||||||
plan tests => 40 + (scalar @pedantic_okay) + (scalar @pedantic_fail)
|
plan tests => 41 + (scalar @pedantic_okay) + (scalar @pedantic_fail)
|
||||||
+ 4 * (scalar @commandline);
|
+ 4 * (scalar @commandline);
|
||||||
|
|
||||||
my $infile = bldtop_file('providers', platform->dso('fips'));
|
my $infile = bldtop_file('providers', platform->dso('fips'));
|
||||||
|
|
@ -392,6 +392,16 @@ SKIP: {
|
||||||
"fipsinstall fails when the ML-KEM decapsulate implicit failure result is corrupted");
|
"fipsinstall fails when the ML-KEM decapsulate implicit failure result is corrupted");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# corrupt an Asymmetric cipher test
|
||||||
|
SKIP: {
|
||||||
|
skip "Skipping Asymmetric RSA corruption test because of no rsa in this build", 1
|
||||||
|
if disabled("rsa") || disabled("fips-post");
|
||||||
|
ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips.cnf', '-module', $infile,
|
||||||
|
'-corrupt_desc', 'RSA_Encrypt',
|
||||||
|
'-corrupt_type', 'KAT_AsymmetricCipher'])),
|
||||||
|
"fipsinstall fails when the asymmetric cipher result is corrupted");
|
||||||
|
}
|
||||||
|
|
||||||
# 'local' ensures that this change is only done in this file.
|
# 'local' ensures that this change is only done in this file.
|
||||||
local $ENV{OPENSSL_CONF_INCLUDE} = abs2rel(curdir());
|
local $ENV{OPENSSL_CONF_INCLUDE} = abs2rel(curdir());
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -129,3 +129,11 @@ Ctrl.cipher = cipher:DES-EDE3-CBC
|
||||||
Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92
|
Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92
|
||||||
Ctrl.hexconstant = hexconstant:0000000155
|
Ctrl.hexconstant = hexconstant:0000000155
|
||||||
Output = 935079d14490a75c3093c4a6e8c3b049c71e6ee705
|
Output = 935079d14490a75c3093c4a6e8c3b049c71e6ee705
|
||||||
|
|
||||||
|
#Erroneous key size for the cipher as XTS has double key size
|
||||||
|
KDF = KRB5KDF
|
||||||
|
Ctrl.cipher = cipher:AES-256-XTS
|
||||||
|
Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161
|
||||||
|
Ctrl.hexconstant = hexconstant:0000000255
|
||||||
|
Output = 97151B4C76945063E2EB0529DC067D97D7BBA90776D8126D91F34F3101AEA8BA
|
||||||
|
Result = KDF_DERIVE_ERROR
|
||||||
|
|
|
||||||
|
|
@ -186,4 +186,4 @@ Output = 6a7fc08e9999fc9d50cda476e973a01a06efeb52eece1c78cb1422950476cbff67408c6
|
||||||
Availablein = default
|
Availablein = default
|
||||||
Sign-Message = RSA-SM3:RSA-2048
|
Sign-Message = RSA-SM3:RSA-2048
|
||||||
Input = "Hello World"
|
Input = "Hello World"
|
||||||
Output = 92657e22036214c343d8e95d129c0c47430d5a1ae452371a7847a963f533f96e018aa6658958e6a584cf0d380aa9435175cf2de3dfa60100aca893b76aa6d8f0cc9154ee982cb5ea8f19153fe8a9c801aa2da8bb4451c7ec6fd836e81ecdacf022b68294db068efa47decf3a7c548ea7088a16433029b8733b9573053b7e7122ea10b662726fc97bd149c663617434a9707b672b024f95865d91077edfb79c8ed4c8528032204c46c984a6c82b17794cbf9c4dfe4c1af1d59535f7755540ff36d6a2b55accbf046896c4aae9287a33f38c2a269a02abdac46c17b1b55ee89cc9eb3011a84916596f982c5375dd2110633be6dc43532919466d83bd0f3e406978
|
Output = b74e03c18050807541bde949aa0ac91d43fb9730f0b529d5100d5776f4f446d0ca0f0992359dc5f89386ed45bc3bf52cac1f75fbcc088fc2ea77624fd962569d2d317e90886dec424fb6757c4eba1e881ddf4f7942e8003b54e05cc974558dea171ce23a2fc158f71a5621c9a2c3ce45c9af4c706d3f60efe0c0f087a6ec504f771b08e2a1d78e0316c74706c678869bf121d5da00e2e8c8dc1cd273315b4ad8ab9962c62f81cebc5fb393b7f8860ee68545578413feada82b1c2bbfabfa157e298f0354bffc1cc6aa68f058a5d34b6b70ffacd3532c6b2c6a0de059bf605edf392ac8adbf1769555a0a50b2b13c63cae98a461498fae7f0d1729b710f05f39e
|
||||||
|
|
|
||||||
|
|
@ -45,7 +45,10 @@ ok(run(test(["sslapitest", srctop_dir("test", "certs"),
|
||||||
srctop_file("test",
|
srctop_file("test",
|
||||||
"recipes",
|
"recipes",
|
||||||
"90-test_sslapi_data",
|
"90-test_sslapi_data",
|
||||||
"dhparams.pem")])),
|
"dhparams.pem"),
|
||||||
|
srctop_dir("test",
|
||||||
|
"recipes",
|
||||||
|
"90-test_sslapi_data")])),
|
||||||
"running sslapitest");
|
"running sslapitest");
|
||||||
|
|
||||||
SKIP: {
|
SKIP: {
|
||||||
|
|
@ -62,7 +65,10 @@ SKIP: {
|
||||||
srctop_file("test",
|
srctop_file("test",
|
||||||
"recipes",
|
"recipes",
|
||||||
"90-test_sslapi_data",
|
"90-test_sslapi_data",
|
||||||
"dhparams.pem")])),
|
"dhparams.pem"),
|
||||||
|
srctop_dir("test",
|
||||||
|
"recipes",
|
||||||
|
"90-test_sslapi_data")])),
|
||||||
"running sslapitest with default fips config");
|
"running sslapitest with default fips config");
|
||||||
|
|
||||||
run(test(["fips_version_test", "-config", $provconf, ">=3.1.0"]),
|
run(test(["fips_version_test", "-config", $provconf, ">=3.1.0"]),
|
||||||
|
|
@ -140,7 +146,10 @@ SKIP: {
|
||||||
srctop_file("test",
|
srctop_file("test",
|
||||||
"recipes",
|
"recipes",
|
||||||
"90-test_sslapi_data",
|
"90-test_sslapi_data",
|
||||||
"dhparams.pem")])),
|
"dhparams.pem"),
|
||||||
|
srctop_dir("test",
|
||||||
|
"recipes",
|
||||||
|
"90-test_sslapi_data")])),
|
||||||
"running sslapitest with modified fips config");
|
"running sslapitest with modified fips config");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue