ag/cpython-source-deps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: ag:openssl-1.1.1f
Branches Tags
ag:master ag:tcl ag:tk ag:sqlite ag:libffi ag:openssl-1.1.1 ag:bzip2 ag:openssl-1.0.2 ag:openssl ag:tk85 ag:tcl85 ag:zlib ag:bsddb ag:xz ag:tix
ag:tcl-core-8.6.12.0 ag:tk-8.6.12.0 ag:sqlite-3.36.0.0 ag:libffi-3.4.2 ag:openssl-1.1.1l ag:bzip2-1.0.8 ag:sqlite-3.35.5.0 ag:sqlite-3.35.0.0 ag:tk-8.6.11.1 ag:tk-8.6.11.0 ag:tcl-core-8.6.11.1 ag:tcl-core-8.6.11.0 ag:openssl-1.1.1k ag:sqlite-3.34.0.0 ag:openssl-1.1.1i ag:sqlite-3.33.0.0 ag:tk-8.6.10.0 ag:tk-8.6.10 ag:tcl-core-8.6.10.0 ag:sqlite-3.32.3.0 ag:openssl-1.1.1g ag:sqlite-3.32.2.0 ag:sqlite-3.32.1.0 ag:openssl-1.1.1f ag:sqlite-3.31.1.0 ag:sqlite-3.30.1.0 ag:libffi-3.3.0 ag:openssl-1.0.2t ag:openssl-1.1.0l ag:openssl-1.1.1d ag:sqlite-3.28.0.0 ag:openssl-1.0.2s ag:openssl-1.1.1c ag:openssl-1.1.1b ag:libffi-3.3.0-rc0-r1 ag:openssl-1.1.1a ag:tcl-core-8.6.9.0 ag:tk-8.6.9.0 ag:openssl-1.1.0j ag:openssl-1.0.2q ag:openssl-1.0.2p ag:openssl-1.1.0i ag:openssl-1.1.0h ag:openssl-1.0.2o ag:tcl-core-8.6.8.0 ag:tk-8.6.8.0 ag:tk-8.5.19.0 ag:tcl-8.5.19.0 ag:sqlite-3.21.0.0 ag:openssl-1.1.0f ag:zlib-1.2.11 ag:tk-8.5.15.0 ag:tcl-8.5.15.0 ag:bsddb-4.7.25.0 ag:xz-5.2.2 ag:tix-8.4.3.6 ag:tix-8.4.3.5 ag:sqlite-3.14.2.0 ag:tk-8.6.6.0 ag:tcl-core-8.6.6.0 ag:openssl-1.0.2k ag:bzip2-1.0.6
...
compare: ag:openssl-1.1.1
Branches Tags
ag:tcl ag:tk ag:sqlite ag:master ag:libffi ag:openssl-1.1.1 ag:bzip2 ag:openssl-1.0.2 ag:openssl ag:tk85 ag:tcl85 ag:zlib ag:bsddb ag:xz ag:tix
ag:tcl-core-8.6.12.0 ag:tk-8.6.12.0 ag:sqlite-3.36.0.0 ag:libffi-3.4.2 ag:openssl-1.1.1l ag:bzip2-1.0.8 ag:sqlite-3.35.5.0 ag:sqlite-3.35.0.0 ag:tk-8.6.11.1 ag:tk-8.6.11.0 ag:tcl-core-8.6.11.1 ag:tcl-core-8.6.11.0 ag:openssl-1.1.1k ag:sqlite-3.34.0.0 ag:openssl-1.1.1i ag:sqlite-3.33.0.0 ag:tk-8.6.10.0 ag:tk-8.6.10 ag:tcl-core-8.6.10.0 ag:sqlite-3.32.3.0 ag:openssl-1.1.1g ag:sqlite-3.32.2.0 ag:sqlite-3.32.1.0 ag:openssl-1.1.1f ag:sqlite-3.31.1.0 ag:sqlite-3.30.1.0 ag:libffi-3.3.0 ag:openssl-1.0.2t ag:openssl-1.1.0l ag:openssl-1.1.1d ag:sqlite-3.28.0.0 ag:openssl-1.0.2s ag:openssl-1.1.1c ag:openssl-1.1.1b ag:libffi-3.3.0-rc0-r1 ag:openssl-1.1.1a ag:tcl-core-8.6.9.0 ag:tk-8.6.9.0 ag:openssl-1.1.0j ag:openssl-1.0.2q ag:openssl-1.0.2p ag:openssl-1.1.0i ag:openssl-1.1.0h ag:openssl-1.0.2o ag:tcl-core-8.6.8.0 ag:tk-8.6.8.0 ag:tk-8.5.19.0 ag:tcl-8.5.19.0 ag:sqlite-3.21.0.0 ag:openssl-1.1.0f ag:zlib-1.2.11 ag:tk-8.5.15.0 ag:tcl-8.5.15.0 ag:bsddb-4.7.25.0 ag:xz-5.2.2 ag:tix-8.4.3.6 ag:tix-8.4.3.5 ag:sqlite-3.14.2.0 ag:tk-8.6.6.0 ag:tcl-core-8.6.6.0 ag:openssl-1.0.2k ag:bzip2-1.0.6

4 Commits
openssl-1. ... openssl-1.

Author SHA1 Message Date
Steve Dower
b123b12c0d Import OpenSSL 1.1.1l 2021-08-26 19:30:20 +01:00
Steve Dower
b439f09b29 Import OpenSSL1.1.1k 2021-03-29 21:47:40 +01:00
Steve Dower
ae8aba4cbc Import OpenSSL 1.1.1i 2021-01-05 19:44:35 +00:00
Steve Dower
7f34c3085f Import OpenSSL 1.1.1g 2020-06-12 20:28:47 +01:00
493 changed files with 8744 additions and 5256 deletions
Expand all files Collapse all files

7
AUTHORS
View File

@@ -13,6 +13,8 @@ Ben Kaduk
Bernd Edlinger
Bodo Möller
David Benjamin
David von Oheimb
Dmitry Belyavskiy (Дмитрий Белявский)
Emilia Käsper
Eric Young
Geoff Thorpe
@@ -22,14 +24,19 @@ Lutz Jänicke
Mark J. Cox
Matt Caswell
Matthias St. Pierre
Nicola Tuveri
Nils Larsch
Patrick Steuer
Paul Dale
Paul C. Sutton
Paul Yang
Ralf S. Engelschall
Rich Salz
Richard Levitte
Shane Lontis
Stephen Henson
Steve Marquess
Tim Hudson
Tomáš Mráz
Ulf Möller
Viktor Dukhovni

230
CHANGES
View File

@@ -7,6 +7,236 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
Changes between 1.1.1k and 1.1.1l [24 Aug 2021]
*) Fixed an SM2 Decryption Buffer Overflow.
In order to decrypt SM2 encrypted data an application is expected to call the
API function EVP_PKEY_decrypt(). Typically an application will call this
function twice. The first time, on entry, the "out" parameter can be NULL and,
on exit, the "outlen" parameter is populated with the buffer size required to
hold the decrypted plaintext. The application can then allocate a sufficiently
sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL
value for the "out" parameter.
A bug in the implementation of the SM2 decryption code means that the
calculation of the buffer size required to hold the plaintext returned by the
first call to EVP_PKEY_decrypt() can be smaller than the actual size required by
the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is
called by the application a second time with a buffer that is too small.
A malicious attacker who is able present SM2 content for decryption to an
application could cause attacker chosen data to overflow the buffer by up to a
maximum of 62 bytes altering the contents of other data held after the
buffer, possibly changing application behaviour or causing the application to
crash. The location of the buffer is application dependent but is typically
heap allocated.
(CVE-2021-3711)
[Matt Caswell]
*) Fixed various read buffer overruns processing ASN.1 strings
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING
structure which contains a buffer holding the string data and a field holding
the buffer length. This contrasts with normal C strings which are repesented as
a buffer for the string data which is terminated with a NUL (0) byte.
Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's
own "d2i" functions (and other similar parsing functions) as well as any string
whose value has been set with the ASN1_STRING_set() function will additionally
NUL terminate the byte array in the ASN1_STRING structure.
However, it is possible for applications to directly construct valid ASN1_STRING
structures which do not NUL terminate the byte array by directly setting the
"data" and "length" fields in the ASN1_STRING array. This can also happen by
using the ASN1_STRING_set0() function.
Numerous OpenSSL functions that print ASN.1 data have been found to assume that
the ASN1_STRING byte array will be NUL terminated, even though this is not
guaranteed for strings that have been directly constructed. Where an application
requests an ASN.1 structure to be printed, and where that ASN.1 structure
contains ASN1_STRINGs that have been directly constructed by the application
without NUL terminating the "data" field, then a read buffer overrun can occur.
The same thing can also occur during name constraints processing of certificates
(for example if a certificate has been directly constructed by the application
instead of loading it via the OpenSSL parsing functions, and the certificate
contains non NUL terminated ASN1_STRING structures). It can also occur in the
X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions.
If a malicious actor can cause an application to directly construct an
ASN1_STRING and then process it through one of the affected OpenSSL functions
then this issue could be hit. This might result in a crash (causing a Denial of
Service attack). It could also result in the disclosure of private memory
contents (such as private keys, or sensitive plaintext).
(CVE-2021-3712)
[Matt Caswell]
Changes between 1.1.1j and 1.1.1k [25 Mar 2021]
*) Fixed a problem with verifying a certificate chain when using the
X509_V_FLAG_X509_STRICT flag. This flag enables additional security checks
of the certificates present in a certificate chain. It is not set by
default.
Starting from OpenSSL version 1.1.1h a check to disallow certificates in
the chain that have explicitly encoded elliptic curve parameters was added
as an additional strict check.
An error in the implementation of this check meant that the result of a
previous check to confirm that certificates in the chain are valid CA
certificates was overwritten. This effectively bypasses the check
that non-CA certificates must not be able to issue other certificates.
If a "purpose" has been configured then there is a subsequent opportunity
for checks that the certificate is a valid CA. All of the named "purpose"
values implemented in libcrypto perform this check. Therefore, where
a purpose is set the certificate chain will still be rejected even when the
strict flag has been used. A purpose is set by default in libssl client and
server certificate verification routines, but it can be overridden or
removed by an application.
In order to be affected, an application must explicitly set the
X509_V_FLAG_X509_STRICT verification flag and either not set a purpose
for the certificate verification or, in the case of TLS client or server
applications, override the default purpose.
(CVE-2021-3450)
[Tomáš Mráz]
*) Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously
crafted renegotiation ClientHello message from a client. If a TLSv1.2
renegotiation ClientHello omits the signature_algorithms extension (where
it was present in the initial ClientHello), but includes a
signature_algorithms_cert extension then a NULL pointer dereference will
result, leading to a crash and a denial of service attack.
A server is only vulnerable if it has TLSv1.2 and renegotiation enabled
(which is the default configuration). OpenSSL TLS clients are not impacted
by this issue.
(CVE-2021-3449)
[Peter Kästle and Samuel Sapalski]
Changes between 1.1.1i and 1.1.1j [16 Feb 2021]
*) Fixed the X509_issuer_and_serial_hash() function. It attempts to
create a unique hash value based on the issuer and serial number data
contained within an X509 certificate. However it was failing to correctly
handle any errors that may occur while parsing the issuer field (which might
occur if the issuer field is maliciously constructed). This may subsequently
result in a NULL pointer deref and a crash leading to a potential denial of
service attack.
(CVE-2021-23841)
[Matt Caswell]
*) Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING
padding mode to correctly check for rollback attacks. This is considered a
bug in OpenSSL 1.1.1 because it does not support SSLv2. In 1.0.2 this is
CVE-2021-23839.
[Matt Caswell]
*) Fixed the EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate
functions. Previously they could overflow the output length argument in some
cases where the input length is close to the maximum permissable length for
an integer on the platform. In such cases the return value from the function
call would be 1 (indicating success), but the output length value would be
negative. This could cause applications to behave incorrectly or crash.
(CVE-2021-23840)
[Matt Caswell]
*) Fixed SRP_Calc_client_key so that it runs in constant time. The previous
implementation called BN_mod_exp without setting BN_FLG_CONSTTIME. This
could be exploited in a side channel attack to recover the password. Since
the attack is local host only this is outside of the current OpenSSL
threat model and therefore no CVE is assigned.
Thanks to Mohammed Sabt and Daniel De Almeida Braga for reporting this
issue.
[Matt Caswell]
Changes between 1.1.1h and 1.1.1i [8 Dec 2020]
*) Fixed NULL pointer deref in the GENERAL_NAME_cmp function
This function could crash if both GENERAL_NAMEs contain an EDIPARTYNAME.
If an attacker can control both items being compared then this could lead
to a possible denial of service attack. OpenSSL itself uses the
GENERAL_NAME_cmp function for two purposes:
1) Comparing CRL distribution point names between an available CRL and a
CRL distribution point embedded in an X509 certificate
2) When verifying that a timestamp response token signer matches the
timestamp authority name (exposed via the API functions
TS_RESP_verify_response and TS_RESP_verify_token)
(CVE-2020-1971)
[Matt Caswell]
*) Add support for Apple Silicon M1 Macs with the darwin64-arm64-cc target.
[Stuart Carnie]
*) The security callback, which can be customised by application code, supports
the security operation SSL_SECOP_TMP_DH. This is defined to take an EVP_PKEY
in the "other" parameter. In most places this is what is passed. All these
places occur server side. However there was one client side call of this
security operation and it passed a DH object instead. This is incorrect
according to the definition of SSL_SECOP_TMP_DH, and is inconsistent with all
of the other locations. Therefore this client side call has been changed to
pass an EVP_PKEY instead.
[Matt Caswell]
*) In 1.1.1h, an expired trusted (root) certificate was not anymore rejected
when validating a certificate path. This check is restored in 1.1.1i.
[David von Oheimb]
Changes between 1.1.1g and 1.1.1h [22 Sep 2020]
*) Certificates with explicit curve parameters are now disallowed in
verification chains if the X509_V_FLAG_X509_STRICT flag is used.
[Tomas Mraz]
*) The 'MinProtocol' and 'MaxProtocol' configuration commands now silently
ignore TLS protocol version bounds when configuring DTLS-based contexts, and
conversely, silently ignore DTLS protocol version bounds when configuring
TLS-based contexts. The commands can be repeated to set bounds of both
types. The same applies with the corresponding "min_protocol" and
"max_protocol" command-line switches, in case some application uses both TLS
and DTLS.
SSL_CTX instances that are created for a fixed protocol version (e.g.
TLSv1_server_method()) also silently ignore version bounds. Previously
attempts to apply bounds to these protocol versions would result in an
error. Now only the "version-flexible" SSL_CTX instances are subject to
limits in configuration files in command-line options.
[Viktor Dukhovni]
*) Handshake now fails if Extended Master Secret extension is dropped
on renegotiation.
[Tomas Mraz]
*) Accidentally, an expired trusted (root) certificate is not anymore rejected
when validating a certificate path.
[David von Oheimb]
*) The Oracle Developer Studio compiler will start reporting deprecated APIs
Changes between 1.1.1f and 1.1.1g [21 Apr 2020]
*) Fixed segmentation fault in SSL_check_chain()
Server or client applications that call the SSL_check_chain() function
during or after a TLS 1.3 handshake may crash due to a NULL pointer
dereference as a result of incorrect handling of the
"signature_algorithms_cert" TLS extension. The crash occurs if an invalid
or unrecognised signature algorithm is received from the peer. This could
be exploited by a malicious peer in a Denial of Service attack.
(CVE-2020-1967)
[Benjamin Kaduk]
*) Added AES consttime code for no-asm configurations
an optional constant time support for AES was added
when building openssl for no-asm.
Enable with: ./config no-asm -DOPENSSL_AES_CONST_TIME
Disable with: ./config no-asm -DOPENSSL_NO_AES_CONST_TIME
At this time this feature is by default disabled.
It will be enabled by default in 3.0.
[Bernd Edlinger]
Changes between 1.1.1e and 1.1.1f [31 Mar 2020]
*) Revert the change of EOF detection while reading in libssl to avoid

4
CONTRIBUTING
View File

@@ -41,8 +41,8 @@ guidelines:
https://www.openssl.org/policies/codingstyle.html) and compile
without warnings. Where gcc or clang is available you should use the
--strict-warnings Configure option. OpenSSL compiles on many varied
platforms: try to ensure you only use portable features. Clean builds
via Travis and AppVeyor are required, and they are started automatically
platforms: try to ensure you only use portable features. Clean builds via
GitHub Actions and AppVeyor are required, and they are started automatically
whenever a PR is created or updated.
5. When at all possible, patches should include tests. These can

32
Configurations/10-main.conf
View File

@@ -663,6 +663,7 @@ my %targets = (
"linux-ppc" => {
inherit_from => [ "linux-generic32", asm("ppc32_asm") ],
perlasm_scheme => "linux32",
lib_cppflags => add("-DB_ENDIAN"),
},
"linux-ppc64" => {
inherit_from => [ "linux-generic64", asm("ppc64_asm") ],
@@ -741,7 +742,7 @@ my %targets = (
inherit_from => [ "linux-generic32", asm("mips64_asm") ],
cflags => add("-mabi=n32"),
cxxflags => add("-mabi=n32"),
bn_ops => "SIXTY_FOUR_BIT RC4_CHAR",
bn_ops => "RC4_CHAR",
perlasm_scheme => "n32",
multilib => "32",
},
@@ -753,6 +754,13 @@ my %targets = (
multilib => "64",
},
# riscv64 below refers to contemporary RISCV Architecture
# specifications,
"linux64-riscv64" => {
inherit_from => [ "linux-generic64"],
perlasm_scheme => "linux64",
},
#### IA-32 targets...
#### These two targets are a bit aged and are to be used on older Linux
#### machines where gcc doesn't understand -m32 and -m64
@@ -1125,7 +1133,7 @@ my %targets = (
CFLAGS => picker(debug => "-O0 -g",
release => "-O"),
cflags => add(threads("-pthread")),
ex_libs => threads("-pthread"),
ex_libs => add(threads("-pthread")),
bn_ops => "BN_LLONG RC4_CHAR",
perlasm_scheme => "aix32",
shared_ldflag => add_before("-shared -static-libgcc"),
@@ -1138,7 +1146,7 @@ my %targets = (
CFLAGS => picker(debug => "-O0 -g",
release => "-O"),
cflags => combine("-maix64", threads("-pthread")),
ex_libs => threads("-pthread"),
ex_libs => add(threads("-pthread")),
bn_ops => "SIXTY_FOUR_BIT_LONG RC4_CHAR",
perlasm_scheme => "aix64",
shared_ldflag => add_before("-shared -static-libgcc"),
@@ -1154,7 +1162,7 @@ my %targets = (
cflags => combine("-q32 -qmaxmem=16384 -qro -qroconst",
threads("-qthreaded")),
cppflags => threads("-D_THREAD_SAFE"),
ex_libs => threads("-lpthreads"),
ex_libs => add(threads("-lpthreads")),
bn_ops => "BN_LLONG RC4_CHAR",
perlasm_scheme => "aix32",
shared_cflag => "-qpic",
@@ -1169,7 +1177,7 @@ my %targets = (
cflags => combine("-q64 -qmaxmem=16384 -qro -qroconst",
threads("-qthreaded")),
cppflags => threads("-D_THREAD_SAFE"),
ex_libs => threads("-lpthreads"),
ex_libs => add(threads("-lpthreads")),
bn_ops => "SIXTY_FOUR_BIT_LONG RC4_CHAR",
perlasm_scheme => "aix64",
dso_scheme => "dlfcn",
@@ -1365,9 +1373,9 @@ my %targets = (
}
push @ex_libs, '$(PORTSDK_LIBPATH)/portlib.lib'
if (defined(env('PORTSDK_LIBPATH')));
push @ex_libs, ' /nodefaultlib coredll.lib corelibc.lib'
if (env('TARGETCPU') eq "X86");
return @ex_libs;
push @ex_libs, '/nodefaultlib coredll.lib corelibc.lib'
if (env('TARGETCPU') =~ /^X86|^ARMV4[IT]/);
return join(" ", @ex_libs);
}),
},
@@ -1557,6 +1565,14 @@ my %targets = (
bn_ops => "SIXTY_FOUR_BIT_LONG",
perlasm_scheme => "macosx",
},
"darwin64-arm64-cc" => {
inherit_from => [ "darwin-common", asm("aarch64_asm") ],
CFLAGS => add("-Wall"),
cflags => add("-arch arm64"),
lib_cppflags => add("-DL_ENDIAN"),
bn_ops => "SIXTY_FOUR_BIT_LONG",
perlasm_scheme => "ios64",
},
##### GNU Hurd
"hurd-x86" => {

84
Configurations/15-android.conf
View File

@@ -29,18 +29,18 @@
$ndk = $ENV{$ndk_var};
last if defined $ndk;
}
die "\$ANDROID_NDK_HOME is not defined" if (!$ndk);
if (!-d "$ndk/platforms" && !-f "$ndk/AndroidVersion.txt") {
# $ndk/platforms is traditional "all-inclusive" NDK, while
# $ndk/AndroidVersion.txt is so-called standalone toolchain
# tailored for specific target down to API level.
die "\$ANDROID_NDK_HOME is not defined" if (!$ndk);
my $is_standalone_toolchain = -f "$ndk/AndroidVersion.txt";
my $ndk_src_props = "$ndk/source.properties";
my $is_ndk = -f $ndk_src_props;
if ($is_ndk == $is_standalone_toolchain) {
die "\$ANDROID_NDK_HOME=$ndk is invalid";
}
$ndk = canonpath($ndk);
my $ndkver = undef;
if (open my $fh, "<$ndk/source.properties") {
if (open my $fh, "<$ndk_src_props") {
local $_;
while(<$fh>) {
if (m|Pkg\.Revision\s*=\s*([0-9]+)|) {
@@ -59,7 +59,7 @@
if ($sysroot = $ENV{CROSS_SYSROOT}) {
$sysroot =~ m|/android-([0-9]+)/arch-(\w+)/?$|;
($api, $arch) = ($1, $2);
} elsif (-f "$ndk/AndroidVersion.txt") {
} elsif ($is_standalone_toolchain) {
$sysroot = "$ndk/sysroot";
} else {
$api = "*";
@@ -72,17 +72,31 @@
}
}
# list available platforms (numerically)
my @platforms = sort { $a =~ m/-([0-9]+)$/; my $aa = $1;
$b =~ m/-([0-9]+)$/; $aa <=> $1;
} glob("$ndk/platforms/android-$api");
die "no $ndk/platforms/android-$api" if ($#platforms < 0);
if (-d "$ndk/platforms") {
# list available platforms (numerically)
my @platforms = sort { $a =~ m/-([0-9]+)$/; my $aa = $1;
$b =~ m/-([0-9]+)$/; $aa <=> $1;
} glob("$ndk/platforms/android-$api");
die "no $ndk/platforms/android-$api" if ($#platforms < 0);
$sysroot = "@platforms[$#platforms]/arch-$arch";
$sysroot =~ m|/android-([0-9]+)/arch-$arch|;
$api = $1;
$sysroot = "@platforms[$#platforms]/arch-$arch";
$sysroot =~ m|/android-([0-9]+)/arch-$arch|;
$api = $1;
} elsif ($api eq "*") {
# r22 Removed platforms dir, use this JSON file
my $path = "$ndk/meta/platforms.json";
open my $fh, $path or die "Could not open '$path' $!";
while (<$fh>) {
if (/"max": (\d+),/) {
$api = $1;
last;
}
}
close $fh;
}
die "Could not get default API Level" if ($api eq "*");
}
die "no sysroot=$sysroot" if (!-d $sysroot);
die "no sysroot=$sysroot" if (length $sysroot && !-d $sysroot);
my $triarch = $triplet{$arch};
my $cflags;
@@ -95,17 +109,21 @@
my $arm = $ndkver > 16 ? "armv7a" : "armv5te";
(my $tridefault = $triarch) =~ s/^arm-/$arm-/;
(my $tritools = $triarch) =~ s/(?:x|i6)86(_64)?-.*/x86$1/;
$cflags .= " -target $tridefault "
. "-gcc-toolchain \$($ndk_var)/toolchains"
. "/$tritools-4.9/prebuilt/$host";
$user{CC} = "clang" if ($user{CC} !~ m|clang|);
if (length $sysroot) {
$cflags .= " -target $tridefault "
. "-gcc-toolchain \$($ndk_var)/toolchains"
. "/$tritools-4.9/prebuilt/$host";
$user{CC} = "clang" if ($user{CC} !~ m|clang|);
} else {
$user{CC} = "$tridefault$api-clang";
}
$user{CROSS_COMPILE} = undef;
if (which("llvm-ar") =~ m|^$ndk/.*/prebuilt/([^/]+)/|) {
$user{AR} = "llvm-ar";
$user{ARFLAGS} = [ "rs" ];
$user{RANLIB} = ":";
}
} elsif (-f "$ndk/AndroidVersion.txt") { #"standalone toolchain"
} elsif ($is_standalone_toolchain) {
my $cc = $user{CC} // "clang";
# One can probably argue that both clang and gcc should be
# probed, but support for "standalone toolchain" was added
@@ -127,19 +145,21 @@
$user{CROSS_COMPILE} = "$triarch-";
}
if (!-d "$sysroot/usr/include") {
my $incroot = "$ndk/sysroot/usr/include";
die "no $incroot" if (!-d $incroot);
die "no $incroot/$triarch" if (!-d "$incroot/$triarch");
$incroot =~ s|^$ndk/||;
$cppflags = "-D__ANDROID_API__=$api";
$cppflags .= " -isystem \$($ndk_var)/$incroot/$triarch";
$cppflags .= " -isystem \$($ndk_var)/$incroot";
if (length $sysroot) {
if (!-d "$sysroot/usr/include") {
my $incroot = "$ndk/sysroot/usr/include";
die "no $incroot" if (!-d $incroot);
die "no $incroot/$triarch" if (!-d "$incroot/$triarch");
$incroot =~ s|^$ndk/||;
$cppflags = "-D__ANDROID_API__=$api";
$cppflags .= " -isystem \$($ndk_var)/$incroot/$triarch";
$cppflags .= " -isystem \$($ndk_var)/$incroot";
}
$sysroot =~ s|^$ndk/||;
$sysroot = " --sysroot=\$($ndk_var)/$sysroot";
}
$sysroot =~ s|^$ndk/||;
$android_ndk = {
cflags => "$cflags --sysroot=\$($ndk_var)/$sysroot",
cflags => $cflags . $sysroot,
cppflags => $cppflags,
bn_ops => $arch =~ m/64$/ ? "SIXTY_FOUR_BIT_LONG"
: "BN_LLONG",

36
Configurations/descrip.mms.tmpl
View File

@@ -377,8 +377,13 @@ NODEBUG=@
$(NODEBUG) !
$(NODEBUG) ! Installation logical names
$(NODEBUG) !
$(NODEBUG) installtop = F$PARSE(staging_instdir,"$(INSTALLTOP)","[]A.;",,"SYNTAX_ONLY,NO_CONCEAL") - ".][000000" - "[000000." - "][" - "]A.;" + ".]"
$(NODEBUG) datatop = F$PARSE(staging_datadir,"$(OPENSSLDIR)","[]A.;",,"SYNTAX_ONLY,NO_CONCEAL") - ".][000000" - "[000000." - "][" - "]A.;" + ".]"
$(NODEBUG) ! This also creates a few DCL variables that are used for
$(NODEBUG) ! the "install_msg" target.
$(NODEBUG) !
$(NODEBUG) installroot = F$PARSE(staging_instdir,"$(INSTALLTOP)","[]A.;",,"SYNTAX_ONLY,NO_CONCEAL") - ".][000000" - "[000000." - "][" - "]A.;"
$(NODEBUG) installtop = installroot + ".]"
$(NODEBUG) dataroot = F$PARSE(staging_datadir,"$(OPENSSLDIR)","[]A.;",,"SYNTAX_ONLY,NO_CONCEAL") - ".][000000" - "[000000." - "][" - "]A.;"
$(NODEBUG) datatop = dataroot + ".]"
$(NODEBUG) DEFINE ossl_installroot 'installtop'
$(NODEBUG) DEFINE ossl_dataroot 'datatop'
$(NODEBUG) !
@@ -455,30 +460,19 @@ list-tests :
@ WRITE SYS$OUTPUT "Tests are not supported with your chosen Configure options"
@ ! {- output_on() if !$disabled{tests}; "" -}
install : install_sw install_ssldirs install_docs
install : install_sw install_ssldirs install_docs install_msg
@ !
install_msg :
@ WRITE SYS$OUTPUT ""
@ WRITE SYS$OUTPUT "######################################################################"
@ WRITE SYS$OUTPUT ""
@ IF "$(DESTDIR)" .EQS. "" THEN -
PIPE ( WRITE SYS$OUTPUT "Installation complete" ; -
WRITE SYS$OUTPUT "" ; -
WRITE SYS$OUTPUT "Run @$(SYSTARTUP)openssl_startup{- $osslver -} to set up logical names" ; -
WRITE SYS$OUTPUT "then run @$(SYSTARTUP)openssl_utils{- $osslver -} to define commands" ; -
WRITE SYS$OUTPUT "" )
@{- sourcefile("VMS", "msg_install.com") -} "$(SYSTARTUP)" "{- $osslver -}"
@ IF "$(DESTDIR)" .NES. "" THEN -
PIPE ( WRITE SYS$OUTPUT "Staging installation complete" ; -
WRITE SYS$OUTPUT "" ; -
WRITE SYS$OUTPUT "Finish or package in such a way that the contents of the directory tree" ; -
WRITE SYS$OUTPUT staging_instdir ; -
WRITE SYS$OUTPUT "ends up in $(INSTALLTOP)," ; -
WRITE SYS$OUTPUT "and that the contents of the contents of the directory tree" ; -
WRITE SYS$OUTPUT staging_datadir ; -
WRITE SYS$OUTPUT "ends up in $(OPENSSLDIR)" ; -
WRITE SYS$OUTPUT "" ; -
WRITE SYS$OUTPUT "When in its final destination," ; -
WRITE SYS$OUTPUT "Run @$(SYSTARTUP)openssl_startup{- $osslver -} to set up logical names" ; -
WRITE SYS$OUTPUT "then run @$(SYSTARTUP)openssl_utils{- $osslver -} to define commands" ; -
WRITE SYS$OUTPUT "" )
@{- sourcefile("VMS", "msg_staging.com") -} -
"''installroot']" "''dataroot']" "$(INSTALLTOP)" "$(OPENSSLDIR)" -
"$(SYSTARTUP)" "{- $osslver -}"
check_install :
spawn/nolog @ossl_installroot:[SYSTEST]openssl_ivp{- $osslver -}.com

5
Configurations/unix-Makefile.tmpl
View File

@@ -523,7 +523,6 @@ clean: libclean
$(RM) -r test/test-runs
$(RM) openssl.pc libcrypto.pc libssl.pc
-$(RM) `find . -type l \! -name '.*' -print`
$(RM) $(TARFILE)
distclean: clean
$(RM) configdata.pm
@@ -917,8 +916,8 @@ errors:
done )
ordinals:
( b=`pwd`; cd $(SRCDIR); $(PERL) -I$$b util/mkdef.pl crypto update )
( b=`pwd`; cd $(SRCDIR); $(PERL) -I$$b util/mkdef.pl ssl update )
$(PERL) $(SRCDIR)/util/mkdef.pl crypto update
$(PERL) $(SRCDIR)/util/mkdef.pl ssl update
test_ordinals:
( cd test; \

30
Configurations/windows-makefile.tmpl
View File

@@ -211,8 +211,8 @@ CNF_CPPFLAGS={- our $cppfags2 =
join(' ', $target{cppflags} || (),
(map { '-D'.quotify1($_) } @{$target{defines}},
@{$config{defines}}),
(map { '-I'.quotify1($_) } @{$target{includes}},
@{$config{includes}}),
(map { '-I'.'"'.$_.'"' } @{$target{includes}},
@{$config{includes}}),
@{$config{cppflags}}) -}
CNF_CFLAGS={- join(' ', $target{cflags} || (),
@{$config{cflags}}) -}
@@ -324,15 +324,15 @@ build_apps build_tests: build_programs
# Convenience target to prebuild all generated files, not just the mandatory
# ones
build_all_generated: $(GENERATED_MANDATORY) $(GENERATED)
@{- output_off() if $disabled{makedepend}; "" -}
@{- output_off() if $disabled{makedepend}; "\@rem" -}
@$(ECHO) "Warning: consider configuring with no-makedepend, because if"
@$(ECHO) " target system doesn't have $(PERL),"
@$(ECHO) " then make will fail..."
@{- output_on() if $disabled{makedepend}; "" -}
@{- output_on() if $disabled{makedepend}; "\@rem" -}
test: tests
{- dependmagic('tests'); -}: build_programs_nodep build_engines_nodep
@{- output_off() if $disabled{tests}; "" -}
@{- output_off() if $disabled{tests}; "\@rem" -}
-mkdir $(BLDDIR)\test\test-runs
set SRCTOP=$(SRCDIR)
set BLDTOP=$(BLDDIR)
@@ -341,17 +341,17 @@ test: tests
set OPENSSL_ENGINES=$(MAKEDIR)\engines
set OPENSSL_DEBUG_MEMORY=on
"$(PERL)" "$(SRCDIR)\test\run_tests.pl" $(TESTS)
@{- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
@{- if ($disabled{tests}) { output_on(); } else { output_off(); } "\@rem" -}
@$(ECHO) "Tests are not supported with your chosen Configure options"
@{- output_on() if !$disabled{tests}; "" -}
@{- output_on() if !$disabled{tests}; "\@rem" -}
list-tests:
@{- output_off() if $disabled{tests}; "" -}
@{- output_off() if $disabled{tests}; "\@rem" -}
@set SRCTOP=$(SRCDIR)
@"$(PERL)" "$(SRCDIR)\test\run_tests.pl" list
@{- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
@{- if ($disabled{tests}) { output_on(); } else { output_off(); } "\@rem" -}
@$(ECHO) "Tests are not supported with your chosen Configure options"
@{- output_on() if !$disabled{tests}; "" -}
@{- output_on() if !$disabled{tests}; "\@rem" -}
install: install_sw install_ssldirs install_docs
@@ -362,7 +362,7 @@ libclean:
-del /Q /F $(LIBS) libcrypto.* libssl.* ossl_static.pdb
clean: libclean
{- join("\n\t", map { "-del /Q /F $_" } @PROGRAMS) -}
{- join("\n\t", map { "-del /Q /F $_" } @PROGRAMS) || "\@rem" -}
-del /Q /F $(ENGINES)
-del /Q /F $(SCRIPTS)
-del /Q /F $(GENERATED_MANDATORY)
@@ -378,9 +378,9 @@ distclean: clean
-del /Q /F makefile
depend:
@ {- output_off() if $disabled{makedepend}; "" -}
@ {- output_off() if $disabled{makedepend}; "\@rem" -}
@ "$(PERL)" "$(SRCDIR)\util\add-depends.pl" "VC"
@ {- output_on() if $disabled{makedepend}; "" -}
@ {- output_on() if $disabled{makedepend}; "\@rem" -}
# Install helper targets #############################################
@@ -413,10 +413,10 @@ install_dev: install_runtime_libs
@if "$(INSTALLTOP)"=="" ( $(ECHO) "INSTALLTOP should not be empty" & exit 1 )
@$(ECHO) "*** Installing development files"
@"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(INSTALLTOP)\include\openssl"
@{- output_off() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "" -}
@{- output_off() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "\@rem" -}
@"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(SRCDIR)\ms\applink.c" \
"$(INSTALLTOP)\include\openssl"
@{- output_on() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "" -}
@{- output_on() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "\@rem" -}
@"$(PERL)" "$(SRCDIR)\util\copy.pl" "-exclude_re=/__DECC_" \
"$(SRCDIR)\include\openssl\*.h" \
"$(INSTALLTOP)\include\openssl"

67
Configure
View File

@@ -1,6 +1,6 @@
#! /usr/bin/env perl
# -*- mode: perl; -*-
# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -217,12 +217,22 @@ sub resolve_config;
# Unified build supports separate build dir
my $srcdir = catdir(absolutedir(dirname($0))); # catdir ensures local syntax
my $blddir = catdir(absolutedir(".")); # catdir ensures local syntax
# File::Spec::Unix doesn't detect case insensitivity, so we make sure to
# check if the source and build directory are really the same, and make
# them so. This avoids all kinds of confusion later on.
# We must check @File::Spec::ISA rather than using File::Spec->isa() to
# know if File::Spec ended up loading File::Spec::Unix.
$srcdir = $blddir
if (grep(/::Unix$/, @File::Spec::ISA)
&& samedir($srcdir, $blddir));
my $dofile = abs2rel(catfile($srcdir, "util/dofile.pl"));
my $local_config_envname = 'OPENSSL_LOCAL_CONFIG_DIR';
$config{sourcedir} = abs2rel($srcdir);
$config{builddir} = abs2rel($blddir);
$config{sourcedir} = abs2rel($srcdir, $blddir);
$config{builddir} = abs2rel($blddir, $blddir);
# Collect reconfiguration information if needed
my @argvcopy=@ARGV;
@@ -1049,6 +1059,9 @@ if (scalar(@seed_sources) == 0) {
print "Using os-specific seed configuration\n";
push @seed_sources, 'os';
}
if (scalar(grep { $_ eq 'egd' } @seed_sources) > 0) {
delete $disabled{'egd'};
}
if (scalar(grep { $_ eq 'none' } @seed_sources) > 0) {
die "Cannot seed with none and anything else" if scalar(@seed_sources) > 1;
warn <<_____ if scalar(@seed_sources) == 1;
@@ -1188,6 +1201,10 @@ foreach (keys %useradd) {
# At this point, we can forget everything about %user and %useradd,
# because it's now all been merged into the corresponding $config entry
if (grep { $_ eq '-static' } @{$config{LDFLAGS}}) {
disable('static', 'pic', 'threads');
}
# Allow overriding the build file name
$config{build_file} = env('BUILDFILE') || $target{build_file} || "Makefile";
@@ -1508,10 +1525,6 @@ if ($strict_warnings)
}
}
if (grep { $_ eq '-static' } @{$config{LDFLAGS}}) {
disable('static', 'pic', 'threads');
}
$config{CFLAGS} = [ map { $_ eq '--ossl-strict-warnings'
? @strict_warnings_collection
: ( $_ ) }
@@ -2598,19 +2611,22 @@ _____
}
print "\nEnabled features:\n\n";
foreach my $what (@disablables) {
print " $what\n" unless $disabled{$what};
print " $what\n"
unless grep { $_ =~ /^${what}$/ } keys %disabled;
}
print "\nDisabled features:\n\n";
foreach my $what (@disablables) {
if ($disabled{$what}) {
print " $what", ' ' x ($longest - length($what) + 1),
"[$disabled{$what}]", ' ' x ($longest2 - length($disabled{$what}) + 1);
print $disabled_info{$what}->{macro}
if $disabled_info{$what}->{macro};
my @what2 = grep { $_ =~ /^${what}$/ } keys %disabled;
my $what3 = $what2[0];
if ($what3) {
print " $what3", ' ' x ($longest - length($what3) + 1),
"[$disabled{$what3}]", ' ' x ($longest2 - length($disabled{$what3}) + 1);
print $disabled_info{$what3}->{macro}
if $disabled_info{$what3}->{macro};
print ' (skip ',
join(', ', @{$disabled_info{$what}->{skipped}}),
join(', ', @{$disabled_info{$what3}->{skipped}}),
')'
if $disabled_info{$what}->{skipped};
if $disabled_info{$what3}->{skipped};
print "\n";
}
}
@@ -3424,6 +3440,27 @@ sub absolutedir {
return realpath($dir);
}
# Check if all paths are one and the same, using stat. They must both exist
# We need this for the cases when File::Spec doesn't detect case insensitivity
# (File::Spec::Unix assumes case sensitivity)
sub samedir {
die "samedir expects two arguments\n" unless scalar @_ == 2;
my @stat0 = stat($_[0]); # First argument
my @stat1 = stat($_[1]); # Second argument
die "Couldn't stat $_[0]" unless @stat0;
die "Couldn't stat $_[1]" unless @stat1;
# Compare device number
return 0 unless ($stat0[0] == $stat1[0]);
# Compare "inode". The perl manual recommends comparing as
# string rather than as number.
return 0 unless ($stat0[1] eq $stat1[1]);
return 1; # All the same
}
sub quotify {
my %processors = (
perl => sub { my $x = shift;

21
INSTALL
View File

@@ -106,8 +106,7 @@
This will build and install OpenSSL in the default location, which is:
Unix: normal installation directories under /usr/local
OpenVMS: SYS$COMMON:[OPENSSL-'version'...], where 'version' is the
OpenSSL version number with underscores instead of periods.
OpenVMS: SYS$COMMON:[OPENSSL]
Windows: C:\Program Files\OpenSSL or C:\Program Files (x86)\OpenSSL
The installation directory should be appropriately protected to ensure
@@ -116,7 +115,9 @@
your Operating System it is recommended that you do not overwrite the system
version and instead install to somewhere else.
If you want to install it anywhere else, run config like this:
If you want to install it anywhere else, run config like this (the options
--prefix and --openssldir are explained further down, and the values shown
here are mere examples):
On Unix:
@@ -198,7 +199,7 @@
Unix: /usr/local
Windows: C:\Program Files\OpenSSL
or C:\Program Files (x86)\OpenSSL
OpenVMS: SYS$COMMON:[OPENSSL-'version']
OpenVMS: SYS$COMMON:[OPENSSL]
--release
Build OpenSSL without debugging symbols. This is the default.
@@ -535,9 +536,9 @@
conjunction with the "-DPEDANTIC" option (or the
--strict-warnings option).
no-ui
Don't build with the "UI" capability (i.e. the set of
features enabling text based prompts).
no-ui-console
Don't build with the "UI" console method (i.e. the "UI"
method that enables text based console prompts).
enable-unit-test
Enable additional unit test APIs. This should not typically
@@ -961,9 +962,9 @@
share/doc/openssl/html/man7
Contains the HTML rendition of the man-pages.
OpenVMS ('arch' is replaced with the architecture name, "Alpha"
or "ia64", 'sover' is replaced with the shared library version
(0101 for 1.1), and 'pz' is replaced with the pointer size
OpenVMS ('arch' is replaced with the architecture name, "ALPHA"
or "IA64", 'sover' is replaced with the shared library version
(0101 for 1.1.x), and 'pz' is replaced with the pointer size
OpenSSL was built with):
[.EXE.'arch'] Contains the openssl binary.

39
NEWS
View File

@@ -5,6 +5,45 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.1.1k and OpenSSL 1.1.1l [24 Aug 2021]
o Fixed an SM2 Decryption Buffer Overflow (CVE-2021-3711)
o Fixed various read buffer overruns processing ASN.1 strings (CVE-2021-3712)
Major changes between OpenSSL 1.1.1j and OpenSSL 1.1.1k [25 Mar 2021]
o Fixed a problem with verifying a certificate chain when using the
X509_V_FLAG_X509_STRICT flag (CVE-2021-3450)
o Fixed an issue where an OpenSSL TLS server may crash if sent a
maliciously crafted renegotiation ClientHello message from a client
(CVE-2021-3449)
Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [16 Feb 2021]
o Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
function (CVE-2021-23841)
o Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING
padding mode to correctly check for rollback attacks
o Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and
EVP_DecryptUpdate functions (CVE-2021-23840)
o Fixed SRP_Calc_client_key so that it runs in constant time
Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [8 Dec 2020]
o Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971)
Major changes between OpenSSL 1.1.1g and OpenSSL 1.1.1h [22 Sep 2020]
o Disallow explicit curve parameters in verifications chains when
X509_V_FLAG_X509_STRICT is used
o Enable 'MinProtocol' and 'MaxProtocol' to configure both TLS and DTLS
contexts
o Oracle Developer Studio will start reporting deprecation warnings
Major changes between OpenSSL 1.1.1f and OpenSSL 1.1.1g [21 Apr 2020]
o Fixed segmentation fault in SSL_check_chain() (CVE-2020-1967)
Major changes between OpenSSL 1.1.1e and OpenSSL 1.1.1f [31 Mar 2020]
o Revert the unexpected EOF reporting via SSL_ERROR_SSL

4
NOTES.ANDROID
View File

@@ -6,8 +6,8 @@
-------------------
Beside basic tools like perl and make you'll need to download the Android
NDK. It's available for Linux, Mac OS X and Windows, but only Linux
version was actually tested. There is no reason to believe that Mac OS X
NDK. It's available for Linux, macOS and Windows, but only Linux
version was actually tested. There is no reason to believe that macOS
wouldn't work. And as for Windows, it's unclear which "shell" would be
suitable, MSYS2 might have best chances. NDK version should play lesser
role, the goal is to support a range of most recent versions.

2
NOTES.PERL
View File

@@ -109,7 +109,7 @@
$ cpan -f -i Text::Template
Note: on VMS, you must quote any argument that contains upper case
Note: on VMS, you must quote any argument that contains uppercase
characters, so the lines above would be:
$ cpan -i "Text::Template"

14
NOTES.VMS
View File

@@ -18,7 +18,7 @@
An ANSI C compiled is needed among other things. This means that
VAX C is not and will not be supported.
We have only tested with DEC C (a.k.a HP VMS C / VSI C) and require
We have only tested with DEC C (aka HP VMS C / VSI C) and require
version 7.1 or later. Compiling with a different ANSI C compiler may
require some work.
@@ -90,9 +90,9 @@
Unix mount point.
The easiest way to check if everything got through as it should is to
check for one of the following files:
check that this file exists:
[.crypto]opensslconf^.h.in
[.include.openssl]opensslconf^.h.in
The best way to get a correct distribution is to download the gzipped
tar file from ftp://ftp.openssl.org/source/, use GZIP -d to uncompress
@@ -105,3 +105,11 @@
Should you need it, you can find UnZip for VMS here:
http://www.info-zip.org/UnZip.html
How the value of 'arch' is determined
-------------------------------------
'arch' is mentioned in INSTALL. It's value is determined like this:
arch = f$edit( f$getsyi( "arch_name"), "upcase")

14
NOTES.WIN
View File

@@ -12,11 +12,11 @@
and require --cross-compile-prefix option. While on MSYS[2] it's solved
rather by placing gcc that produces "MinGW binary" code 1st on $PATH.
This is customarily source of confusion. "Hosted" applications "live" in
emulated file system name space with POSIX-y root, mount points, /dev
emulated filesystem name space with POSIX-y root, mount points, /dev
and even /proc. Confusion is intensified by the fact that MSYS2 shell
(or rather emulated execve(2) call) examines the binary it's about to
start, and if it's found *not* to be linked with MSYS2 POSIX-y thing,
command line arguments that look like file names get translated from
command line arguments that look like filenames get translated from
emulated name space to "native". For example '/c/some/where' becomes
'c:\some\where', '/dev/null' - 'nul'. This creates an illusion that
there is no difference between MSYS2 shell and "MinGW binary", but
@@ -26,7 +26,7 @@
it's referred to in quotes here, as "MinGW binary", it's just as
"native" as it can get.)
Visual C++ builds, a.k.a. VC-*
Visual C++ builds, aka VC-*
==============================
Requirement details
@@ -47,7 +47,7 @@
the other hand oldest one is known not to work. Everything between
falls into best-effort category.
- Netwide Assembler, a.k.a. NASM, available from https://www.nasm.us,
- Netwide Assembler, aka NASM, available from https://www.nasm.us,
is required. Note that NASM is the only supported assembler. Even
though Microsoft provided assembler is NOT supported, contemporary
64-bit version is exercised through continuous integration of
@@ -62,8 +62,8 @@
For VC-WIN32, the following defaults are use:
PREFIX: %ProgramFiles(86)%\OpenSSL
OPENSSLDIR: %CommonProgramFiles(86)%\SSL
PREFIX: %ProgramFiles(x86)%\OpenSSL
OPENSSLDIR: %CommonProgramFiles(x86)%\SSL
For VC-WIN64, the following defaults are use:
@@ -132,7 +132,7 @@
If you link with static OpenSSL libraries then you're expected to
additionally link your application with WS2_32.LIB, GDI32.LIB,
ADVAPI32.LIB, CRYPT32.LIB and USER32.LIB. Those developing
non-interactive service applications might feel concerned about
noninteractive service applications might feel concerned about
linking with GDI32.LIB and USER32.LIB, as they are justly associated
with interactive desktop, which is not available to service
processes. The toolkit is designed to detect in which context it's

4
README
View File

@@ -1,7 +1,7 @@
OpenSSL 1.1.1f 31 Mar 2020
OpenSSL 1.1.1l 24 Aug 2021
Copyright (c) 1998-2020 The OpenSSL Project
Copyright (c) 1998-2021 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
All rights reserved.

19
VMS/msg_install.com Normal file
View File

@@ -0,0 +1,19 @@
$ ! Used by the main descrip.mms to print the installation complete
$ ! message.
$ ! Arguments:
$ ! P1 startup / setup / shutdown scripts directory
$ ! P2 distinguishing version number ("major version")
$
$ systartup = p1
$ osslver = p2
$
$ WRITE SYS$OUTPUT "Installation complete"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The following commands need to be executed to enable you to use OpenSSL:"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "- to set up OpenSSL logical names:"
$ WRITE SYS$OUTPUT " @''systartup'openssl_startup''osslver'"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "- to define the OpenSSL command"
$ WRITE SYS$OUTPUT " @''systartup'openssl_utils''osslver'"
$ WRITE SYS$OUTPUT ""

37
VMS/msg_staging.com Normal file
View File

@@ -0,0 +1,37 @@
$ ! Used by the main descrip.mms to print the statging installation
$ ! complete
$ ! message.
$ ! Arguments:
$ ! P1 staging software installation directory
$ ! P2 staging data installation directory
$ ! P3 final software installation directory
$ ! P4 final data installation directory
$ ! P5 startup / setup / shutdown scripts directory
$ ! P6 distinguishing version number ("major version")
$
$ staging_instdir = p1
$ staging_datadir = p2
$ final_instdir = p3
$ final_datadir = p4
$ systartup = p5
$ osslver = p6
$
$ WRITE SYS$OUTPUT "Staging installation complete"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "Finish or package in such a way that the contents of the following directory"
$ WRITE SYS$OUTPUT "trees end up being copied:"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "- from ", staging_instdir
$ WRITE SYS$OUTPUT " to ", final_instdir
$ WRITE SYS$OUTPUT "- from ", staging_datadir
$ WRITE SYS$OUTPUT " to ", final_datadir
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "When in its final destination, the following commands need to be executed"
$ WRITE SYS$OUTPUT "to use OpenSSL:"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "- to set up OpenSSL logical names:"
$ WRITE SYS$OUTPUT " @''systartup'openssl_startup''osslver'"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "- to define the OpenSSL command"
$ WRITE SYS$OUTPUT " @''systartup'openssl_utils''osslver'"
$ WRITE SYS$OUTPUT ""

61
apps/build.info
View File

@@ -1,16 +1,17 @@
{- our @apps_openssl_src =
qw(openssl.c
asn1pars.c ca.c ciphers.c cms.c crl.c crl2p7.c dgst.c dhparam.c
dsa.c dsaparam.c ec.c ecparam.c enc.c engine.c errstr.c gendsa.c
genpkey.c genrsa.c nseq.c ocsp.c passwd.c pkcs12.c pkcs7.c pkcs8.c
pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c rsa.c rsautl.c
asn1pars.c ca.c ciphers.c cms.c crl.c crl2p7.c dgst.c
enc.c errstr.c
genpkey.c nseq.c passwd.c pkcs7.c pkcs8.c
pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c
s_client.c s_server.c s_time.c sess_id.c smime.c speed.c spkac.c
srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c);
verify.c version.c x509.c rehash.c storeutl.c);
our @apps_lib_src =
( qw(apps.c opt.c s_cb.c s_socket.c app_rand.c bf_prefix.c),
split(/\s+/, $target{apps_aux_src}) );
our @apps_init_src = split(/\s+/, $target{apps_init_src});
"" -}
IF[{- !$disabled{apps} -}]
LIBS_NO_INST=libapps.a
SOURCE[libapps.a]={- join(" ", @apps_lib_src) -}
@@ -21,11 +22,51 @@ IF[{- !$disabled{apps} -}]
SOURCE[openssl]={- join(" ", @apps_openssl_src) -}
INCLUDE[openssl]=.. ../include
DEPEND[openssl]=libapps.a ../libssl
IF[{- $config{target} =~ /^(?:Cygwin|mingw|VC-)/ -}]
GENERATE[openssl.rc]=../util/mkrc.pl openssl
SOURCE[openssl]=openssl.rc
ENDIF
IF[{- !$disabled{'des'} -}]
SOURCE[openssl]=pkcs12.c
DEPEND[pkcs12.o]=progs.h
ENDIF
IF[{- !$disabled{'ec'} -}]
SOURCE[openssl]=ec.c ecparam.c
DEPEND[ec.o]=progs.h
DEPEND[ecparam.o]=progs.h
ENDIF
IF[{- !$disabled{'ocsp'} -}]
SOURCE[openssl]=ocsp.c
DEPEND[ocsp.o]=progs.h
ENDIF
IF[{- !$disabled{'srp'} -}]
SOURCE[openssl]=srp.c
DEPEND[srp.o]=progs.h
ENDIF
IF[{- !$disabled{'ts'} -}]
SOURCE[openssl]=ts.c
DEPEND[ts.o]=progs.h
ENDIF
IF[{- !$disabled{'dh'} -}]
SOURCE[openssl]=dhparam.c
DEPEND[dhparam.o]=progs.h
ENDIF
IF[{- !$disabled{'dsa'} -}]
SOURCE[openssl]=dsa.c dsaparam.c gendsa.c
DEPEND[dsa.o]=progs.h
DEPEND[dsaparam.o]=progs.h
DEPEND[gendsa.o]=progs.h
ENDIF
IF[{- !$disabled{'engine'} -}]
SOURCE[openssl]=engine.c
DEPEND[engine.o]=progs.h
ENDIF
IF[{- !$disabled{'rsa'} -}]
SOURCE[openssl]=rsa.c rsautl.c genrsa.c
DEPEND[rsa.o]=progs.h
DEPEND[rsautl.o]=progs.h
DEPEND[genrsa.o]=progs.h
ENDIF
IF[{- $config{target} =~ /^(?:Cygwin|mingw|VC-)/ -}]
GENERATE[openssl.rc]=../util/mkrc.pl openssl
SOURCE[openssl]=openssl.rc
ENDIF
{- join("\n ", map { (my $x = $_) =~ s|\.c$|.o|; "DEPEND[$x]=progs.h" }
@apps_openssl_src) -}

57
apps/ca.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -1862,8 +1862,8 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
row[DB_exp_date][tm->length] = '\0';
row[DB_rev_date] = NULL;
row[DB_file] = OPENSSL_strdup("unknown");
if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
(row[DB_file] == NULL) || (row[DB_name] == NULL)) {
if ((row[DB_type] == NULL) || (row[DB_file] == NULL)
|| (row[DB_name] == NULL)) {
BIO_printf(bio_err, "Memory allocation failure\n");
goto end;
}
@@ -2223,62 +2223,51 @@ static int get_certificate_status(const char *serial, CA_DB *db)
static int do_updatedb(CA_DB *db)
{
ASN1_UTCTIME *a_tm = NULL;
ASN1_TIME *a_tm = NULL;
int i, cnt = 0;
int db_y2k, a_y2k; /* flags = 1 if y >= 2000 */
char **rrow, *a_tm_s;
char **rrow;
a_tm = ASN1_UTCTIME_new();
a_tm = ASN1_TIME_new();
if (a_tm == NULL)
return -1;
/* get actual time and make a string */
/* get actual time */
if (X509_gmtime_adj(a_tm, 0) == NULL) {
ASN1_UTCTIME_free(a_tm);
ASN1_TIME_free(a_tm);
return -1;
}
a_tm_s = app_malloc(a_tm->length + 1, "time string");
memcpy(a_tm_s, a_tm->data, a_tm->length);
a_tm_s[a_tm->length] = '\0';
if (strncmp(a_tm_s, "49", 2) <= 0)
a_y2k = 1;
else
a_y2k = 0;
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
rrow = sk_OPENSSL_PSTRING_value(db->db->data, i);
if (rrow[DB_type][0] == DB_TYPE_VAL) {
/* ignore entries that are not valid */
if (strncmp(rrow[DB_exp_date], "49", 2) <= 0)
db_y2k = 1;
else
db_y2k = 0;
ASN1_TIME *exp_date = NULL;
if (db_y2k == a_y2k) {
/* all on the same y2k side */
if (strcmp(rrow[DB_exp_date], a_tm_s) <= 0) {
rrow[DB_type][0] = DB_TYPE_EXP;
rrow[DB_type][1] = '\0';
cnt++;
exp_date = ASN1_TIME_new();
if (exp_date == NULL) {
ASN1_TIME_free(a_tm);
return -1;
}
BIO_printf(bio_err, "%s=Expired\n", rrow[DB_serial]);
}
} else if (db_y2k < a_y2k) {
if (!ASN1_TIME_set_string(exp_date, rrow[DB_exp_date])) {
ASN1_TIME_free(a_tm);
ASN1_TIME_free(exp_date);
return -1;
}
if (ASN1_TIME_compare(exp_date, a_tm) <= 0) {
rrow[DB_type][0] = DB_TYPE_EXP;
rrow[DB_type][1] = '\0';
cnt++;
BIO_printf(bio_err, "%s=Expired\n", rrow[DB_serial]);
}
ASN1_TIME_free(exp_date);
}
}
ASN1_UTCTIME_free(a_tm);
OPENSSL_free(a_tm_s);
ASN1_TIME_free(a_tm);
return cnt;
}

8
apps/cms.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -545,9 +545,11 @@ int cms_main(int argc, char **argv)
if (key_param == NULL || key_param->idx != keyidx) {
cms_key_param *nparam;
nparam = app_malloc(sizeof(*nparam), "key param buffer");
nparam->idx = keyidx;
if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL)
if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL) {
OPENSSL_free(nparam);
goto end;
}
nparam->idx = keyidx;
nparam->next = NULL;
if (key_first == NULL)
key_first = nparam;

18
apps/crl2p7.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -120,19 +120,20 @@ int crl2pkcs7_main(int argc, char **argv)
if (!ASN1_INTEGER_set(p7s->version, 1))
goto end;
if ((crl_stack = sk_X509_CRL_new_null()) == NULL)
goto end;
p7s->crl = crl_stack;
if (crl != NULL) {
if ((crl_stack = sk_X509_CRL_new_null()) == NULL)
goto end;
p7s->crl = crl_stack;
sk_X509_CRL_push(crl_stack, crl);
crl = NULL; /* now part of p7 for OPENSSL_freeing */
}
if ((cert_stack = sk_X509_new_null()) == NULL)
goto end;
p7s->cert = cert_stack;
if (certflst != NULL) {
if ((cert_stack = sk_X509_new_null()) == NULL)
goto end;
p7s->cert = cert_stack;
if (certflst != NULL)
for (i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) {
certfile = sk_OPENSSL_STRING_value(certflst, i);
if (add_certs_from_file(cert_stack, certfile) < 0) {
@@ -141,6 +142,7 @@ int crl2pkcs7_main(int argc, char **argv)
goto end;
}
}
}
out = bio_open_default(outfile, 'w', outformat);
if (out == NULL)

59
apps/dhparam.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,28 +8,24 @@
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_DH
NON_EMPTY_TRANSLATION_UNIT
#else
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
#include "apps.h"
#include "progs.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/dh.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
# include <stdio.h>
# include <stdlib.h>
# include <time.h>
# include <string.h>
# include "apps.h"
# include "progs.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/bn.h>
# include <openssl/dh.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
#ifndef OPENSSL_NO_DSA
# include <openssl/dsa.h>
#endif
# ifndef OPENSSL_NO_DSA
# include <openssl/dsa.h>
# endif
# define DEFBITS 2048
#define DEFBITS 2048
static int dh_cb(int p, int n, BN_GENCB *cb);
@@ -56,13 +52,13 @@ const OPTIONS dhparam_options[] = {
{"C", OPT_C, '-', "Print C code"},
{"2", OPT_2, '-', "Generate parameters using 2 as the generator value"},
{"5", OPT_5, '-', "Generate parameters using 5 as the generator value"},
# ifndef OPENSSL_NO_DSA
#ifndef OPENSSL_NO_DSA
{"dsaparam", OPT_DSAPARAM, '-',
"Read or generate DSA parameters, convert to DH"},
# endif
# ifndef OPENSSL_NO_ENGINE
#endif
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"},
# endif
#endif
{NULL}
};
@@ -146,13 +142,13 @@ int dhparam_main(int argc, char **argv)
if (g && !num)
num = DEFBITS;
# ifndef OPENSSL_NO_DSA
#ifndef OPENSSL_NO_DSA
if (dsaparam && g) {
BIO_printf(bio_err,
"generator may not be chosen for DSA parameters\n");
goto end;
}
# endif
#endif
out = bio_open_default(outfile, 'w', outformat);
if (out == NULL)
@@ -173,7 +169,7 @@ int dhparam_main(int argc, char **argv)
BN_GENCB_set(cb, dh_cb, bio_err);
# ifndef OPENSSL_NO_DSA
#ifndef OPENSSL_NO_DSA
if (dsaparam) {
DSA *dsa = DSA_new();
@@ -196,7 +192,7 @@ int dhparam_main(int argc, char **argv)
goto end;
}
} else
# endif
#endif
{
dh = DH_new();
BIO_printf(bio_err,
@@ -217,7 +213,7 @@ int dhparam_main(int argc, char **argv)
if (in == NULL)
goto end;
# ifndef OPENSSL_NO_DSA
#ifndef OPENSSL_NO_DSA
if (dsaparam) {
DSA *dsa;
@@ -239,7 +235,7 @@ int dhparam_main(int argc, char **argv)
goto end;
}
} else
# endif
#endif
{
if (informat == FORMAT_ASN1) {
/*
@@ -376,4 +372,3 @@ static int dh_cb(int p, int n, BN_GENCB *cb)
(void)BIO_flush(BN_GENCB_get_arg(cb));
return 1;
}
#endif

55
apps/dsa.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,23 +8,19 @@
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_DSA
NON_EMPTY_TRANSLATION_UNIT
#else
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include <time.h>
# include "apps.h"
# include "progs.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/dsa.h>
# include <openssl/evp.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
# include <openssl/bn.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include "apps.h"
#include "progs.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/dsa.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/bn.h>
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -49,14 +45,14 @@ const OPTIONS dsa_options[] = {
{"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
{"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
{"", OPT_CIPHER, '-', "Any supported cipher"},
# ifndef OPENSSL_NO_RC4
#ifndef OPENSSL_NO_RC4
{"pvk-strong", OPT_PVK_STRONG, '-', "Enable 'Strong' PVK encoding level (default)"},
{"pvk-weak", OPT_PVK_WEAK, '-', "Enable 'Weak' PVK encoding level"},
{"pvk-none", OPT_PVK_NONE, '-', "Don't enforce PVK encoding"},
# endif
# ifndef OPENSSL_NO_ENGINE
#endif
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"},
# endif
#endif
{NULL}
};
@@ -71,9 +67,9 @@ int dsa_main(int argc, char **argv)
OPTION_CHOICE o;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0;
int i, modulus = 0, pubin = 0, pubout = 0, ret = 1;
# ifndef OPENSSL_NO_RC4
#ifndef OPENSSL_NO_RC4
int pvk_encr = 2;
# endif
#endif
int private = 0;
prog = opt_init(argc, argv, dsa_options);
@@ -214,7 +210,7 @@ int dsa_main(int argc, char **argv)
i = PEM_write_bio_DSAPrivateKey(out, dsa, enc,
NULL, 0, NULL, passout);
}
# ifndef OPENSSL_NO_RSA
#ifndef OPENSSL_NO_RSA
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();
@@ -229,13 +225,13 @@ int dsa_main(int argc, char **argv)
goto end;
}
assert(private);
# ifdef OPENSSL_NO_RC4
# ifdef OPENSSL_NO_RC4
BIO_printf(bio_err, "PVK format not supported\n");
EVP_PKEY_free(pk);
goto end;
# else
# else
i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
# endif
# endif
} else if (pubin || pubout) {
i = i2b_PublicKey_bio(out, pk);
} else {
@@ -243,7 +239,7 @@ int dsa_main(int argc, char **argv)
i = i2b_PrivateKey_bio(out, pk);
}
EVP_PKEY_free(pk);
# endif
#endif
} else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
@@ -262,4 +258,3 @@ int dsa_main(int argc, char **argv)
OPENSSL_free(passout);
return ret;
}
#endif

35
apps/dsaparam.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,22 +8,18 @@
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_DSA
NON_EMPTY_TRANSLATION_UNIT
#else
# include <stdio.h>
# include <stdlib.h>
# include <time.h>
# include <string.h>
# include "apps.h"
# include "progs.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/bn.h>
# include <openssl/dsa.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
#include "apps.h"
#include "progs.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
static int dsa_cb(int p, int n, BN_GENCB *cb);
@@ -44,9 +40,9 @@ const OPTIONS dsaparam_options[] = {
{"noout", OPT_NOOUT, '-', "No output"},
{"genkey", OPT_GENKEY, '-', "Generate a DSA key"},
OPT_R_OPTIONS,
# ifndef OPENSSL_NO_ENGINE
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"},
# endif
#endif
{NULL}
};
@@ -255,4 +251,3 @@ static int dsa_cb(int p, int n, BN_GENCB *cb)
(void)BIO_flush(BN_GENCB_get_arg(cb));
return 1;
}
#endif

29
apps/ec.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,19 +8,15 @@
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_EC
NON_EMPTY_TRANSLATION_UNIT
#else
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include "apps.h"
# include "progs.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/evp.h>
# include <openssl/pem.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "apps.h"
#include "progs.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
static OPT_PAIR conv_forms[] = {
{"compressed", POINT_CONVERSION_COMPRESSED},
@@ -62,9 +58,9 @@ const OPTIONS ec_options[] = {
"Specifies the way the ec parameters are encoded"},
{"conv_form", OPT_CONV_FORM, 's', "Specifies the point conversion form "},
{"", OPT_CIPHER, '-', "Any supported cipher"},
# ifndef OPENSSL_NO_ENGINE
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
# endif
#endif
{NULL}
};
@@ -280,4 +276,3 @@ int ec_main(int argc, char **argv)
OPENSSL_free(passout);
return ret;
}
#endif

36
apps/ecparam.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -9,22 +9,18 @@
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_EC
NON_EMPTY_TRANSLATION_UNIT
#else
# include <stdio.h>
# include <stdlib.h>
# include <time.h>
# include <string.h>
# include "apps.h"
# include "progs.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/bn.h>
# include <openssl/ec.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
#include "apps.h"
#include "progs.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -55,9 +51,9 @@ const OPTIONS ecparam_options[] = {
"Specifies the way the ec parameters are encoded"},
{"genkey", OPT_GENKEY, '-', "Generate ec key"},
OPT_R_OPTIONS,
# ifndef OPENSSL_NO_ENGINE
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
# endif
#endif
{NULL}
};
@@ -446,5 +442,3 @@ int ecparam_main(int argc, char **argv)
BIO_free_all(out);
return ret;
}
#endif

4
apps/enc.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -81,7 +81,7 @@ const OPTIONS enc_options[] = {
{"", OPT_CIPHER, '-', "Any supported cipher"},
OPT_R_OPTIONS,
#ifdef ZLIB
{"z", OPT_Z, '-', "Use zlib as the 'encryption'"},
{"z", OPT_Z, '-', "Compress or decompress encrypted data using zlib"},
#endif
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},

25
apps/engine.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,19 +8,15 @@
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_ENGINE
NON_EMPTY_TRANSLATION_UNIT
#else
# include "apps.h"
# include "progs.h"
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include <openssl/err.h>
# include <openssl/engine.h>
# include <openssl/ssl.h>
# include <openssl/store.h>
#include "apps.h"
#include "progs.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/err.h>
#include <openssl/engine.h>
#include <openssl/ssl.h>
#include <openssl/store.h>
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -486,4 +482,3 @@ int engine_main(int argc, char **argv)
BIO_free_all(out);
return ret;
}
#endif

35
apps/gendsa.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,22 +8,18 @@
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_DSA
NON_EMPTY_TRANSLATION_UNIT
#else
# include <stdio.h>
# include <string.h>
# include <sys/types.h>
# include <sys/stat.h>
# include "apps.h"
# include "progs.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/bn.h>
# include <openssl/dsa.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include "apps.h"
#include "progs.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -39,9 +35,9 @@ const OPTIONS gendsa_options[] = {
{"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
OPT_R_OPTIONS,
{"", OPT_CIPHER, '-', "Encrypt the output with any supported cipher"},
# ifndef OPENSSL_NO_ENGINE
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
# endif
#endif
{NULL}
};
@@ -143,4 +139,3 @@ int gendsa_main(int argc, char **argv)
OPENSSL_free(passout);
return ret;
}
#endif

8
apps/genpkey.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -177,9 +177,12 @@ int genpkey_main(int argc, char **argv)
goto end;
}
ret = 0;
if (rv <= 0) {
BIO_puts(bio_err, "Error writing key\n");
ERR_print_errors(bio_err);
ret = 1;
}
if (text) {
@@ -191,11 +194,10 @@ int genpkey_main(int argc, char **argv)
if (rv <= 0) {
BIO_puts(bio_err, "Error printing key\n");
ERR_print_errors(bio_err);
ret = 1;
}
}
ret = 0;
end:
EVP_PKEY_free(pkey);
EVP_PKEY_CTX_free(ctx);

43
apps/genrsa.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,27 +8,23 @@
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_RSA
NON_EMPTY_TRANSLATION_UNIT
#else
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include "apps.h"
#include "progs.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
# include <stdio.h>
# include <string.h>
# include <sys/types.h>
# include <sys/stat.h>
# include "apps.h"
# include "progs.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/bn.h>
# include <openssl/rsa.h>
# include <openssl/evp.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
# include <openssl/rand.h>
# define DEFBITS 2048
# define DEFPRIMES 2
#define DEFBITS 2048
#define DEFPRIMES 2
static int genrsa_cb(int p, int n, BN_GENCB *cb);
@@ -48,9 +44,9 @@ const OPTIONS genrsa_options[] = {
OPT_R_OPTIONS,
{"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
{"", OPT_CIPHER, '-', "Encrypt the output with any supported cipher"},
# ifndef OPENSSL_NO_ENGINE
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
# endif
#endif
{"primes", OPT_PRIMES, 'p', "Specify number of primes"},
{NULL}
};
@@ -198,4 +194,3 @@ static int genrsa_cb(int p, int n, BN_GENCB *cb)
(void)BIO_flush(BN_GENCB_get_arg(cb));
return 1;
}
#endif

165
apps/ocsp.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,65 +9,62 @@
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_OCSP
NON_EMPTY_TRANSLATION_UNIT
#else
# ifdef OPENSSL_SYS_VMS
# define _XOPEN_SOURCE_EXTENDED/* So fd_set and friends get properly defined
#ifdef OPENSSL_SYS_VMS
# define _XOPEN_SOURCE_EXTENDED/* So fd_set and friends get properly defined
* on OpenVMS */
# endif
#endif
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include <time.h>
# include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <ctype.h>
/* Needs to be included before the openssl headers */
# include "apps.h"
# include "progs.h"
# include "internal/sockets.h"
# include <openssl/e_os2.h>
# include <openssl/crypto.h>
# include <openssl/err.h>
# include <openssl/ssl.h>
# include <openssl/evp.h>
# include <openssl/bn.h>
# include <openssl/x509v3.h>
# include <openssl/rand.h>
#include "apps.h"
#include "progs.h"
#include "internal/sockets.h"
#include <openssl/e_os2.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <openssl/evp.h>
#include <openssl/bn.h>
#include <openssl/x509v3.h>
#include <openssl/rand.h>
#ifndef HAVE_FORK
# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS)
# define HAVE_FORK 0
# else
# define HAVE_FORK 1
# endif
#if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS)
# define HAVE_FORK 0
#else
# define HAVE_FORK 1
#endif
#endif
#if HAVE_FORK
# undef NO_FORK
#undef NO_FORK
#else
# define NO_FORK
#define NO_FORK
#endif
# if !defined(NO_FORK) && !defined(OPENSSL_NO_SOCK) \
#if !defined(NO_FORK) && !defined(OPENSSL_NO_SOCK) \
&& !defined(OPENSSL_NO_POSIX_IO)
# define OCSP_DAEMON
# include <sys/types.h>
# include <sys/wait.h>
# include <syslog.h>
# include <signal.h>
# define MAXERRLEN 1000 /* limit error text sent to syslog to 1000 bytes */
# else
# undef LOG_INFO
# undef LOG_WARNING
# undef LOG_ERR
# define LOG_INFO 0
# define LOG_WARNING 1
# define LOG_ERR 2
# endif
# define OCSP_DAEMON
# include <sys/types.h>
# include <sys/wait.h>
# include <syslog.h>
# include <signal.h>
# define MAXERRLEN 1000 /* limit error text sent to syslog to 1000 bytes */
#else
# undef LOG_INFO
# undef LOG_WARNING
# undef LOG_ERR
# define LOG_INFO 0
# define LOG_WARNING 1
# define LOG_ERR 2
#endif
# if defined(OPENSSL_SYS_VXWORKS)
#if defined(OPENSSL_SYS_VXWORKS)
/* not supported */
int setpgid(pid_t pid, pid_t pgid)
{
@@ -80,9 +77,9 @@ pid_t fork(void)
errno = ENOSYS;
return (pid_t) -1;
}
# endif
#endif
/* Maximum leeway in validity period: default 5 minutes */
# define MAX_VALIDITY_PERIOD (5 * 60)
#define MAX_VALIDITY_PERIOD (5 * 60)
static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
const EVP_MD *cert_id_md, X509 *issuer,
@@ -109,20 +106,20 @@ static void log_message(int level, const char *fmt, ...);
static char *prog;
static int multi = 0;
# ifdef OCSP_DAEMON
#ifdef OCSP_DAEMON
static int acfd = (int) INVALID_SOCKET;
static int index_changed(CA_DB *);
static void spawn_loop(void);
static int print_syslog(const char *str, size_t len, void *levPtr);
static void socket_timeout(int signum);
# endif
#endif
# ifndef OPENSSL_NO_SOCK
#ifndef OPENSSL_NO_SOCK
static OCSP_RESPONSE *query_responder(BIO *cbio, const char *host,
const char *path,
const STACK_OF(CONF_VALUE) *headers,
OCSP_REQUEST *req, int req_timeout);
# endif
#endif
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -160,9 +157,9 @@ const OPTIONS ocsp_options[] = {
"Don't include any certificates in response"},
{"resp_key_id", OPT_RESP_KEY_ID, '-',
"Identify response by signing certificate key ID"},
# ifdef OCSP_DAEMON
#ifdef OCSP_DAEMON
{"multi", OPT_MULTI, 'p', "run multiple responder processes"},
# endif
#endif
{"no_certs", OPT_NO_CERTS, '-',
"Don't include any certificates in signed request"},
{"no_signature_verify", OPT_NO_SIGNATURE_VERIFY, '-',
@@ -511,9 +508,9 @@ int ocsp_main(int argc, char **argv)
trailing_md = 1;
break;
case OPT_MULTI:
# ifdef OCSP_DAEMON
#ifdef OCSP_DAEMON
multi = atoi(opt_arg());
# endif
#endif
break;
}
}
@@ -593,7 +590,7 @@ int ocsp_main(int argc, char **argv)
}
}
# ifdef OCSP_DAEMON
#ifdef OCSP_DAEMON
if (multi && acbio != NULL)
spawn_loop();
if (acbio != NULL && req_timeout > 0)
@@ -606,7 +603,7 @@ int ocsp_main(int argc, char **argv)
redo_accept:
if (acbio != NULL) {
# ifdef OCSP_DAEMON
#ifdef OCSP_DAEMON
if (index_changed(rdb)) {
CA_DB *newrdb = load_index(ridx_filename, NULL);
@@ -619,7 +616,7 @@ redo_accept:
ridx_filename);
}
}
# endif
#endif
req = NULL;
if (!do_responder(&req, &cbio, acbio, req_timeout))
@@ -688,16 +685,16 @@ redo_accept:
if (cbio != NULL)
send_ocsp_response(cbio, resp);
} else if (host != NULL) {
# ifndef OPENSSL_NO_SOCK
#ifndef OPENSSL_NO_SOCK
resp = process_responder(req, host, path,
port, use_ssl, headers, req_timeout);
if (resp == NULL)
goto end;
# else
#else
BIO_printf(bio_err,
"Error creating connect BIO - sockets not supported.\n");
goto end;
# endif
#endif
} else if (respin != NULL) {
derbio = bio_open_default(respin, 'r', FORMAT_ASN1);
if (derbio == NULL)
@@ -840,7 +837,7 @@ log_message(int level, const char *fmt, ...)
va_list ap;
va_start(ap, fmt);
# ifdef OCSP_DAEMON
#ifdef OCSP_DAEMON
if (multi) {
char buf[1024];
if (vsnprintf(buf, sizeof(buf), fmt, ap) > 0) {
@@ -849,7 +846,7 @@ log_message(int level, const char *fmt, ...)
if (level >= LOG_ERR)
ERR_print_errors_cb(print_syslog, &level);
}
# endif
#endif
if (!multi) {
BIO_printf(bio_err, "%s: ", prog);
BIO_vprintf(bio_err, fmt, ap);
@@ -858,7 +855,7 @@ log_message(int level, const char *fmt, ...)
va_end(ap);
}
# ifdef OCSP_DAEMON
#ifdef OCSP_DAEMON
static int print_syslog(const char *str, size_t len, void *levPtr)
{
@@ -1011,7 +1008,7 @@ static void spawn_loop(void)
syslog(LOG_INFO, "terminating on signal: %d", termsig);
killall(0, kidpids);
}
# endif
#endif
static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
const EVP_MD *cert_id_md, X509 *issuer,
@@ -1291,11 +1288,11 @@ static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
static BIO *init_responder(const char *port)
{
# ifdef OPENSSL_NO_SOCK
#ifdef OPENSSL_NO_SOCK
BIO_printf(bio_err,
"Error setting up accept BIO - sockets not supported.\n");
return NULL;
# else
#else
BIO *acbio = NULL, *bufbio = NULL;
bufbio = BIO_new(BIO_f_buffer());
@@ -1322,10 +1319,10 @@ static BIO *init_responder(const char *port)
BIO_free_all(acbio);
BIO_free(bufbio);
return NULL;
# endif
#endif
}
# ifndef OPENSSL_NO_SOCK
#ifndef OPENSSL_NO_SOCK
/*
* Decode %xx URL-decoding in-place. Ignores mal-formed sequences.
*/
@@ -1349,22 +1346,22 @@ static int urldecode(char *p)
*out = '\0';
return (int)(out - save);
}
# endif
#endif
# ifdef OCSP_DAEMON
#ifdef OCSP_DAEMON
static void socket_timeout(int signum)
{
if (acfd != (int)INVALID_SOCKET)
(void)shutdown(acfd, SHUT_RD);
}
# endif
#endif
static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
int timeout)
{
# ifdef OPENSSL_NO_SOCK
#ifdef OPENSSL_NO_SOCK
return 0;
# else
#else
int len;
OCSP_REQUEST *req = NULL;
char inbuf[2048], reqbuf[2048];
@@ -1382,12 +1379,12 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
*pcbio = cbio;
client = BIO_get_peer_name(cbio);
# ifdef OCSP_DAEMON
# ifdef OCSP_DAEMON
if (timeout > 0) {
(void) BIO_get_fd(cbio, &acfd);
alarm(timeout);
}
# endif
# endif
/* Read the request line. */
len = BIO_gets(cbio, reqbuf, sizeof(reqbuf));
@@ -1450,11 +1447,11 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
break;
}
# ifdef OCSP_DAEMON
# ifdef OCSP_DAEMON
/* Clear alarm before we close the client socket */
alarm(0);
timeout = 0;
# endif
# endif
/* Try to read OCSP request */
if (getbio != NULL) {
@@ -1470,13 +1467,13 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
*preq = req;
out:
# ifdef OCSP_DAEMON
# ifdef OCSP_DAEMON
if (timeout > 0)
alarm(0);
acfd = (int)INVALID_SOCKET;
# endif
return 1;
# endif
return 1;
#endif
}
static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
@@ -1492,7 +1489,7 @@ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
return 1;
}
# ifndef OPENSSL_NO_SOCK
#ifndef OPENSSL_NO_SOCK
static OCSP_RESPONSE *query_responder(BIO *cbio, const char *host,
const char *path,
const STACK_OF(CONF_VALUE) *headers,
@@ -1623,6 +1620,4 @@ OCSP_RESPONSE *process_responder(OCSP_REQUEST *req,
SSL_CTX_free(ctx);
return resp;
}
# endif
#endif

52
apps/pkcs12.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,25 +8,21 @@
*/
#include <openssl/opensslconf.h>
#if defined(OPENSSL_NO_DES)
NON_EMPTY_TRANSLATION_UNIT
#else
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "apps.h"
#include "progs.h"
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/pkcs12.h>
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include "apps.h"
# include "progs.h"
# include <openssl/crypto.h>
# include <openssl/err.h>
# include <openssl/pem.h>
# include <openssl/pkcs12.h>
# define NOKEYS 0x1
# define NOCERTS 0x2
# define INFO 0x4
# define CLCERTS 0x8
# define CACERTS 0x10
#define NOKEYS 0x1
#define NOCERTS 0x2
#define INFO 0x4
#define CLCERTS 0x8
#define CACERTS 0x10
#define PASSWD_BUF_SIZE 2048
@@ -74,15 +70,15 @@ const OPTIONS pkcs12_options[] = {
{"chain", OPT_CHAIN, '-', "Add certificate chain"},
{"twopass", OPT_TWOPASS, '-', "Separate MAC, encryption passwords"},
{"nomacver", OPT_NOMACVER, '-', "Don't verify MAC"},
# ifndef OPENSSL_NO_RC2
#ifndef OPENSSL_NO_RC2
{"descert", OPT_DESCERT, '-',
"Encrypt output with 3DES (default RC2-40)"},
{"certpbe", OPT_CERTPBE, 's',
"Certificate PBE algorithm (default RC2-40)"},
# else
#else
{"descert", OPT_DESCERT, '-', "Encrypt output with 3DES (the default)"},
{"certpbe", OPT_CERTPBE, 's', "Certificate PBE algorithm (default 3DES)"},
# endif
#endif
{"export", OPT_EXPORT, '-', "Output PKCS12 file"},
{"noiter", OPT_NOITER, '-', "Don't use encryption iteration"},
{"maciter", OPT_MACITER, '-', "Use MAC iteration"},
@@ -113,9 +109,9 @@ const OPTIONS pkcs12_options[] = {
{"no-CApath", OPT_NOCAPATH, '-',
"Do not load certificates from the default certificates directory"},
{"", OPT_CIPHER, '-', "Any supported cipher"},
# ifndef OPENSSL_NO_ENGINE
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
# endif
#endif
{NULL}
};
@@ -126,11 +122,11 @@ int pkcs12_main(int argc, char **argv)
char pass[PASSWD_BUF_SIZE] = "", macpass[PASSWD_BUF_SIZE] = "";
int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0;
int iter = PKCS12_DEFAULT_ITER, maciter = PKCS12_DEFAULT_ITER;
# ifndef OPENSSL_NO_RC2
#ifndef OPENSSL_NO_RC2
int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
# else
#else
int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
# endif
#endif
int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
int ret = 1, macver = 1, add_lmk = 0, private = 0;
int noprompt = 0;
@@ -976,5 +972,3 @@ static int set_pbe(int *ppbe, const char *str)
}
return 1;
}
#endif

59
apps/rsa.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,23 +8,19 @@
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_RSA
NON_EMPTY_TRANSLATION_UNIT
#else
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include <time.h>
# include "apps.h"
# include "progs.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/rsa.h>
# include <openssl/evp.h>
# include <openssl/x509.h>
# include <openssl/pem.h>
# include <openssl/bn.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include "apps.h"
#include "progs.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/rsa.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/bn.h>
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -53,14 +49,14 @@ const OPTIONS rsa_options[] = {
{"modulus", OPT_MODULUS, '-', "Print the RSA key modulus"},
{"check", OPT_CHECK, '-', "Verify key consistency"},
{"", OPT_CIPHER, '-', "Any supported cipher"},
# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
{"pvk-strong", OPT_PVK_STRONG, '-', "Enable 'Strong' PVK encoding level (default)"},
{"pvk-weak", OPT_PVK_WEAK, '-', "Enable 'Weak' PVK encoding level"},
{"pvk-none", OPT_PVK_NONE, '-', "Don't enforce PVK encoding"},
# endif
# ifndef OPENSSL_NO_ENGINE
#endif
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
# endif
#endif
{NULL}
};
@@ -75,9 +71,9 @@ int rsa_main(int argc, char **argv)
int i, private = 0;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, check = 0;
int noout = 0, modulus = 0, pubin = 0, pubout = 0, ret = 1;
# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
int pvk_encr = 2;
# endif
#endif
OPTION_CHOICE o;
prog = opt_init(argc, argv, rsa_options);
@@ -130,9 +126,9 @@ int rsa_main(int argc, char **argv)
case OPT_PVK_STRONG: /* pvk_encr:= 2 */
case OPT_PVK_WEAK: /* pvk_encr:= 1 */
case OPT_PVK_NONE: /* pvk_encr:= 0 */
# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
pvk_encr = (o - OPT_PVK_NONE);
# endif
#endif
break;
case OPT_NOOUT:
noout = 1;
@@ -265,7 +261,7 @@ int rsa_main(int argc, char **argv)
i = PEM_write_bio_RSAPrivateKey(out, rsa,
enc, NULL, 0, NULL, passout);
}
# ifndef OPENSSL_NO_DSA
#ifndef OPENSSL_NO_DSA
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();
@@ -280,13 +276,13 @@ int rsa_main(int argc, char **argv)
goto end;
}
assert(private);
# ifdef OPENSSL_NO_RC4
# ifdef OPENSSL_NO_RC4
BIO_printf(bio_err, "PVK format not supported\n");
EVP_PKEY_free(pk);
goto end;
# else
# else
i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
# endif
# endif
} else if (pubin || pubout) {
i = i2b_PublicKey_bio(out, pk);
} else {
@@ -294,7 +290,7 @@ int rsa_main(int argc, char **argv)
i = i2b_PrivateKey_bio(out, pk);
}
EVP_PKEY_free(pk);
# endif
#endif
} else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
@@ -313,4 +309,3 @@ int rsa_main(int argc, char **argv)
OPENSSL_free(passout);
return ret;
}
#endif

4
apps/rsa8192.pem
View File

@@ -1,5 +1,4 @@
-----BEGIN RSA PRIVATE KEY-----
MIISKAIBAAKCBAEAiQ2f1X6Bte1DKD0OoCBKEikzPW+5w3oXk3WwnE97Wxzy6wJZ
ebbZC3CZKKBnJeBMrysPf+lK+9+fP6Vm8bp1wvbcSIA59BDrX6irFSuM/bdnkbuF
MFlDjt+uVrxwoyqfPi2IPot1HQg3l5mdyBqcTWvbOnU2L9HZxJfPUCjfzdTMPrMY
@@ -62,7 +61,7 @@ JH1/Qx7C/mTAMRsN5SkOthnGq0djCNWfPv/3JV0H67Uf5krFlnwLebrgfTYoPPdo
yO7iBUNJzv6Qh22malLp4P8gzACkD7DGlSTnoB5cLwcjmDGg+i9WrUBbOiVTeQfZ
kOj1o+Tz35ndpq/DDUVlqliB9krcxva+QHeJPH53EGI+YVg1nD+s/vUDZ3mQMGX9
DQou2L8uU6RnWNv/BihGcL8QvS4Ty6QyPOUPpD3zc70JQAEcQk9BxQNaELgJX0IN
22cYn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU
2cYUn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU
ojF5U6cwextMja1ZIIZgh9eugIRUeIE7319nQNDzuXWjRCcoBLA25P7wnpHWDRpz
D9ovXCIvdja74lL5psqobV6L5+fbLPkSgXoImKR0LQKCAgAIC9Jk8kxumCyIVGCP
PeM5Uby9M3GMuKrfYsn0Y5e97+kSJF1dpojTodBgR2KQar6eVrvXt+8uZCcIjfx8
@@ -98,4 +97,3 @@ TwEgE67iOb2iIoUpon/NyP4LesMzvdpsu2JFlfz13PmmQ34mFI7tWvOb3NA5DP3c
rMlMLtKfp2w8HlMZpsUlToNCx6CI+tJrohzcs3BAVAbjFAXRKWGijB1rxwyDdHPv
I+/wJTNaRNPQ1M0SwtEL/zJd21y3KSPn4eL+GP3efhlDSjtlDvZqkdAUsU8=
-----END RSA PRIVATE KEY-----

37
apps/rsautl.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,25 +8,21 @@
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_RSA
NON_EMPTY_TRANSLATION_UNIT
#else
#include "apps.h"
#include "progs.h"
#include <string.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
# include "apps.h"
# include "progs.h"
# include <string.h>
# include <openssl/err.h>
# include <openssl/pem.h>
# include <openssl/rsa.h>
#define RSA_SIGN 1
#define RSA_VERIFY 2
#define RSA_ENCRYPT 3
#define RSA_DECRYPT 4
# define RSA_SIGN 1
# define RSA_VERIFY 2
# define RSA_ENCRYPT 3
# define RSA_DECRYPT 4
# define KEY_PRIVKEY 1
# define KEY_PUBKEY 2
# define KEY_CERT 3
#define KEY_PRIVKEY 1
#define KEY_PUBKEY 2
#define KEY_CERT 3
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -60,9 +56,9 @@ const OPTIONS rsautl_options[] = {
{"decrypt", OPT_DECRYPT, '-', "Decrypt with private key"},
{"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
OPT_R_OPTIONS,
# ifndef OPENSSL_NO_ENGINE
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
# endif
#endif
{NULL}
};
@@ -279,4 +275,3 @@ int rsautl_main(int argc, char **argv)
OPENSSL_free(passin);
return ret;
}
#endif

5
apps/s_cb.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -934,7 +934,8 @@ static int set_cert_cb(SSL *ssl, void *arg)
if (!SSL_build_cert_chain(ssl, 0))
return 0;
} else if (exc->chain != NULL) {
SSL_set1_chain(ssl, exc->chain);
if (!SSL_set1_chain(ssl, exc->chain))
return 0;
}
}
exc = exc->prev;

22
apps/s_client.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2005 Nokia. All rights reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -1283,22 +1283,42 @@ int s_client_main(int argc, char **argv)
case OPT_SSL3:
min_version = SSL3_VERSION;
max_version = SSL3_VERSION;
socket_type = SOCK_STREAM;
#ifndef OPENSSL_NO_DTLS
isdtls = 0;
#endif
break;
case OPT_TLS1_3:
min_version = TLS1_3_VERSION;
max_version = TLS1_3_VERSION;
socket_type = SOCK_STREAM;
#ifndef OPENSSL_NO_DTLS
isdtls = 0;
#endif
break;
case OPT_TLS1_2:
min_version = TLS1_2_VERSION;
max_version = TLS1_2_VERSION;
socket_type = SOCK_STREAM;
#ifndef OPENSSL_NO_DTLS
isdtls = 0;
#endif
break;
case OPT_TLS1_1:
min_version = TLS1_1_VERSION;
max_version = TLS1_1_VERSION;
socket_type = SOCK_STREAM;
#ifndef OPENSSL_NO_DTLS
isdtls = 0;
#endif
break;
case OPT_TLS1:
min_version = TLS1_VERSION;
max_version = TLS1_VERSION;
socket_type = SOCK_STREAM;
#ifndef OPENSSL_NO_DTLS
isdtls = 0;
#endif
break;
case OPT_DTLS:
#ifndef OPENSSL_NO_DTLS

13
apps/s_server.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
@@ -133,6 +133,17 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
if (s_debug)
BIO_printf(bio_s_out, "psk_server_cb\n");
if (SSL_version(ssl) >= TLS1_3_VERSION) {
/*
* This callback is designed for use in TLSv1.2. It is possible to use
* a single callback for all protocol versions - but it is preferred to
* use a dedicated callback for TLSv1.3. For TLSv1.3 we have
* psk_find_session_cb.
*/
return 0;
}
if (identity == NULL) {
BIO_printf(bio_err, "Error: client did not send PSK identity\n");
goto out_err;

12
apps/s_socket.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -214,6 +214,8 @@ int do_server(int *accept_sock, const char *host, const char *port,
const BIO_ADDRINFO *next;
int sock_family, sock_type, sock_protocol, sock_port;
const BIO_ADDR *sock_address;
int sock_family_fallback = AF_UNSPEC;
const BIO_ADDR *sock_address_fallback = NULL;
int sock_options = BIO_SOCK_REUSEADDR;
int ret = 0;
@@ -244,6 +246,10 @@ int do_server(int *accept_sock, const char *host, const char *port,
&& BIO_ADDRINFO_protocol(next) == sock_protocol) {
if (sock_family == AF_INET
&& BIO_ADDRINFO_family(next) == AF_INET6) {
/* In case AF_INET6 is returned but not supported by the
* kernel, retry with the first detected address family */
sock_family_fallback = sock_family;
sock_address_fallback = sock_address;
sock_family = AF_INET6;
sock_address = BIO_ADDRINFO_address(next);
} else if (sock_family == AF_INET6
@@ -253,6 +259,10 @@ int do_server(int *accept_sock, const char *host, const char *port,
}
asock = BIO_socket(sock_family, sock_type, sock_protocol, 0);
if (asock == INVALID_SOCKET && sock_family_fallback != AF_UNSPEC) {
asock = BIO_socket(sock_family_fallback, sock_type, sock_protocol, 0);
sock_address = sock_address_fallback;
}
if (asock == INVALID_SOCKET
|| !BIO_listen(asock, sock_address, sock_options)) {
BIO_ADDRINFO_free(res);

6
apps/s_time.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -62,6 +62,7 @@ const OPTIONS s_time_options[] = {
{"key", OPT_KEY, '<', "File with key, PEM; default is -cert file"},
{"CApath", OPT_CAPATH, '/', "PEM format directory of CA's"},
{"cafile", OPT_CAFILE, '<', "PEM format file of CA's"},
{"CAfile", OPT_CAFILE, '<', "PEM format file of CA's"},
{"no-CAfile", OPT_NOCAFILE, '-',
"Do not load the default certificates file"},
{"no-CApath", OPT_NOCAPATH, '-',
@@ -262,7 +263,8 @@ int s_time_main(int argc, char **argv)
nConn, totalTime, ((double)nConn / totalTime), bytes_read);
printf
("%d connections in %ld real seconds, %ld bytes read per connection\n",
nConn, (long)time(NULL) - finishtime + maxtime, bytes_read / nConn);
nConn, (long)time(NULL) - finishtime + maxtime,
nConn > 0 ? bytes_read / nConn : 0l);
/*
* Now loop and time connections using the same session id over and over

41
apps/srp.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2004-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2004, EdelKey Project. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -12,28 +12,24 @@
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_SRP
NON_EMPTY_TRANSLATION_UNIT
#else
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/conf.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/txt_db.h>
#include <openssl/buffer.h>
#include <openssl/srp.h>
#include "apps.h"
#include "progs.h"
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include <openssl/conf.h>
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/txt_db.h>
# include <openssl/buffer.h>
# include <openssl/srp.h>
# include "apps.h"
# include "progs.h"
# define BASE_SECTION "srp"
# define CONFIG_FILE "openssl.cnf"
#define BASE_SECTION "srp"
#define CONFIG_FILE "openssl.cnf"
# define ENV_DATABASE "srpvfile"
# define ENV_DEFAULT_SRP "default_srp"
#define ENV_DATABASE "srpvfile"
#define ENV_DEFAULT_SRP "default_srp"
static int get_index(CA_DB *db, char *id, char type)
{
@@ -212,9 +208,9 @@ const OPTIONS srp_options[] = {
{"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
{"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
OPT_R_OPTIONS,
# ifndef OPENSSL_NO_ENGINE
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
# endif
#endif
{NULL}
};
@@ -610,4 +606,3 @@ int srp_main(int argc, char **argv)
release_engine(e);
return ret;
}
#endif

48
apps/ts.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,29 +8,26 @@
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_TS
NON_EMPTY_TRANSLATION_UNIT
#else
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include "apps.h"
# include "progs.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/pem.h>
# include <openssl/rand.h>
# include <openssl/ts.h>
# include <openssl/bn.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "apps.h"
#include "progs.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#include <openssl/ts.h>
#include <openssl/bn.h>
/* Request nonce length, in bits (must be a multiple of 8). */
# define NONCE_LENGTH 64
#define NONCE_LENGTH 64
/* Name of config entry that defines the OID file. */
# define ENV_OID_FILE "oid_file"
#define ENV_OID_FILE "oid_file"
/* Is |EXACTLY_ONE| of three pointers set? */
# define EXACTLY_ONE(a, b, c) \
#define EXACTLY_ONE(a, b, c) \
(( a && !b && !c) || \
( b && !a && !c) || \
( c && !a && !b))
@@ -114,9 +111,9 @@ const OPTIONS ts_options[] = {
{"CAfile", OPT_CAFILE, '<', "File with trusted CA certs"},
{"untrusted", OPT_UNTRUSTED, '<', "File with untrusted certs"},
{"", OPT_MD, '-', "Any supported digest"},
# ifndef OPENSSL_NO_ENGINE
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
# endif
#endif
{OPT_HELP_STR, 1, '-', "\nOptions specific to 'ts -verify': \n"},
OPT_V_OPTIONS,
{OPT_HELP_STR, 1, '-', "\n"},
@@ -137,11 +134,11 @@ static char* opt_helplist[] = {
" [-signer tsa_cert.pem] [-inkey private_key.pem]",
" [-chain certs_file.pem] [-tspolicy oid]",
" [-in file] [-token_in] [-out file] [-token_out]",
# ifndef OPENSSL_NO_ENGINE
#ifndef OPENSSL_NO_ENGINE
" [-text] [-engine id]",
# else
#else
" [-text]",
# endif
#endif
" or",
"ts -verify -CApath dir -CAfile file.pem -untrusted file.pem",
" [-data file] [-digest hexstring]",
@@ -682,10 +679,10 @@ static TS_RESP *create_response(CONF *conf, const char *section, const char *eng
goto end;
if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx))
goto end;
# ifndef OPENSSL_NO_ENGINE
#ifndef OPENSSL_NO_ENGINE
if (!TS_CONF_set_crypto_device(conf, section, engine))
goto end;
# endif
#endif
if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx))
goto end;
if (!TS_CONF_set_certs(conf, section, chain, resp_ctx))
@@ -984,4 +981,3 @@ static int verify_cb(int ok, X509_STORE_CTX *ctx)
{
return ok;
}
#endif /* ndef OPENSSL_NO_TS */

4
apps/x509.c
View File

@@ -140,9 +140,9 @@ const OPTIONS x509_options[] = {
{"", OPT_MD, '-', "Any supported digest"},
#ifndef OPENSSL_NO_MD5
{"subject_hash_old", OPT_SUBJECT_HASH_OLD, '-',
"Print old-style (MD5) issuer hash value"},
{"issuer_hash_old", OPT_ISSUER_HASH_OLD, '-',
"Print old-style (MD5) subject hash value"},
{"issuer_hash_old", OPT_ISSUER_HASH_OLD, '-',
"Print old-style (MD5) issuer hash value"},
#endif
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},

3
appveyor.yml
View File

@@ -46,7 +46,8 @@ before_build:
- cd ..
- ps: >-
if (-not $env:APPVEYOR_PULL_REQUEST_NUMBER`
-or (&git log -2 | Select-String "\[extended tests\]") ) {
-or (&git log -1 $env:APPVEYOR_PULL_REQUEST_HEAD_COMMIT |
Select-String "\[extended tests\]") ) {
$env:EXTENDED_TESTS="yes"
}

8
config
View File

@@ -253,11 +253,8 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
Power*)
echo "ppc-apple-darwin${VERSION}"
;;
x86_64)
echo "x86_64-apple-darwin${VERSION}"
;;
*)
echo "i686-apple-darwin${VERSION}"
echo "${MACHINE}-apple-darwin${VERSION}"
;;
esac
exit 0
@@ -497,6 +494,9 @@ case "$GUESSOS" in
else
OUT="darwin64-x86_64-cc"
fi ;;
$MACHINE-apple-darwin*)
OUT="darwin64-$MACHINE-cc"
;;
armv6+7-*-iphoneos)
__CNF_CFLAGS="$__CNF_CFLAGS -arch armv6 -arch armv7"
__CNF_CXXFLAGS="$__CNF_CXXFLAGS -arch armv6 -arch armv7"

634
crypto/aes/aes_core.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -43,7 +43,637 @@
#include <openssl/aes.h>
#include "aes_local.h"
#ifndef AES_ASM
#if defined(OPENSSL_AES_CONST_TIME) && !defined(AES_ASM)
typedef union {
unsigned char b[8];
u32 w[2];
u64 d;
} uni;
/*
* Compute w := (w * x) mod (x^8 + x^4 + x^3 + x^1 + 1)
* Therefore the name "xtime".
*/
static void XtimeWord(u32 *w)
{
u32 a, b;
a = *w;
b = a & 0x80808080u;
a ^= b;
b -= b >> 7;
b &= 0x1B1B1B1Bu;
b ^= a << 1;
*w = b;
}
static void XtimeLong(u64 *w)
{
u64 a, b;
a = *w;
b = a & 0x8080808080808080uLL;
a ^= b;
b -= b >> 7;
b &= 0x1B1B1B1B1B1B1B1BuLL;
b ^= a << 1;
*w = b;
}
/*
* This computes w := S * w ^ -1 + c, where c = {01100011}.
* Instead of using GF(2^8) mod (x^8+x^4+x^3+x+1} we do the inversion
* in GF(GF(GF(2^2)^2)^2) mod (X^2+X+8)
* and GF(GF(2^2)^2) mod (X^2+X+2)
* and GF(2^2) mod (X^2+X+1)
* The first part of the algorithm below transfers the coordinates
* {0x01,0x02,0x04,0x08,0x10,0x20,0x40,0x80} =>
* {1,Y,Y^2,Y^3,Y^4,Y^5,Y^6,Y^7} with Y=0x41:
* {0x01,0x41,0x66,0x6c,0x56,0x9a,0x58,0xc4}
* The last part undoes the coordinate transfer and the final affine
* transformation S:
* b[i] = b[i] + b[(i+4)%8] + b[(i+5)%8] + b[(i+6)%8] + b[(i+7)%8] + c[i]
* in one step.
* The multiplication in GF(2^2^2^2) is done in ordinary coords:
* A = (a0*1 + a1*x^4)
* B = (b0*1 + b1*x^4)
* AB = ((a0*b0 + 8*a1*b1)*1 + (a1*b0 + (a0+a1)*b1)*x^4)
* When A = (a0,a1) is given we want to solve AB = 1:
* (a) 1 = a0*b0 + 8*a1*b1
* (b) 0 = a1*b0 + (a0+a1)*b1
* => multiply (a) by a1 and (b) by a0
* (c) a1 = a1*a0*b0 + (8*a1*a1)*b1
* (d) 0 = a1*a0*b0 + (a0*a0+a1*a0)*b1
* => add (c) + (d)
* (e) a1 = (a0*a0 + a1*a0 + 8*a1*a1)*b1
* => therefore
* b1 = (a0*a0 + a1*a0 + 8*a1*a1)^-1 * a1
* => and adding (a1*b0) to (b) we get
* (f) a1*b0 = (a0+a1)*b1
* => therefore
* b0 = (a0*a0 + a1*a0 + 8*a1*a1)^-1 * (a0+a1)
* Note this formula also works for the case
* (a0+a1)*a0 + 8*a1*a1 = 0
* if the inverse element for 0^-1 is mapped to 0.
* Repeat the same for GF(2^2^2) and GF(2^2).
* We get the following algorithm:
* inv8(a0,a1):
* x0 = a0^a1
* [y0,y1] = mul4([x0,a1],[a0,a1]); (*)
* y1 = mul4(8,y1);
* t = inv4(y0^y1);
* [b0,b1] = mul4([x0,a1],[t,t]); (*)
* return [b0,b1];
* The non-linear multiplies (*) can be done in parallel at no extra cost.
*/
static void SubWord(u32 *w)
{
u32 x, y, a1, a2, a3, a4, a5, a6;
x = *w;
y = ((x & 0xFEFEFEFEu) >> 1) | ((x & 0x01010101u) << 7);
x &= 0xDDDDDDDDu;
x ^= y & 0x57575757u;
y = ((y & 0xFEFEFEFEu) >> 1) | ((y & 0x01010101u) << 7);
x ^= y & 0x1C1C1C1Cu;
y = ((y & 0xFEFEFEFEu) >> 1) | ((y & 0x01010101u) << 7);
x ^= y & 0x4A4A4A4Au;
y = ((y & 0xFEFEFEFEu) >> 1) | ((y & 0x01010101u) << 7);
x ^= y & 0x42424242u;
y = ((y & 0xFEFEFEFEu) >> 1) | ((y & 0x01010101u) << 7);
x ^= y & 0x64646464u;
y = ((y & 0xFEFEFEFEu) >> 1) | ((y & 0x01010101u) << 7);
x ^= y & 0xE0E0E0E0u;
a1 = x;
a1 ^= (x & 0xF0F0F0F0u) >> 4;
a2 = ((x & 0xCCCCCCCCu) >> 2) | ((x & 0x33333333u) << 2);
a3 = x & a1;
a3 ^= (a3 & 0xAAAAAAAAu) >> 1;
a3 ^= (((x << 1) & a1) ^ ((a1 << 1) & x)) & 0xAAAAAAAAu;
a4 = a2 & a1;
a4 ^= (a4 & 0xAAAAAAAAu) >> 1;
a4 ^= (((a2 << 1) & a1) ^ ((a1 << 1) & a2)) & 0xAAAAAAAAu;
a5 = (a3 & 0xCCCCCCCCu) >> 2;
a3 ^= ((a4 << 2) ^ a4) & 0xCCCCCCCCu;
a4 = a5 & 0x22222222u;
a4 |= a4 >> 1;
a4 ^= (a5 << 1) & 0x22222222u;
a3 ^= a4;
a5 = a3 & 0xA0A0A0A0u;
a5 |= a5 >> 1;
a5 ^= (a3 << 1) & 0xA0A0A0A0u;
a4 = a5 & 0xC0C0C0C0u;
a6 = a4 >> 2;
a4 ^= (a5 << 2) & 0xC0C0C0C0u;
a5 = a6 & 0x20202020u;
a5 |= a5 >> 1;
a5 ^= (a6 << 1) & 0x20202020u;
a4 |= a5;
a3 ^= a4 >> 4;
a3 &= 0x0F0F0F0Fu;
a2 = a3;
a2 ^= (a3 & 0x0C0C0C0Cu) >> 2;
a4 = a3 & a2;
a4 ^= (a4 & 0x0A0A0A0A0Au) >> 1;
a4 ^= (((a3 << 1) & a2) ^ ((a2 << 1) & a3)) & 0x0A0A0A0Au;
a5 = a4 & 0x08080808u;
a5 |= a5 >> 1;
a5 ^= (a4 << 1) & 0x08080808u;
a4 ^= a5 >> 2;
a4 &= 0x03030303u;
a4 ^= (a4 & 0x02020202u) >> 1;
a4 |= a4 << 2;
a3 = a2 & a4;
a3 ^= (a3 & 0x0A0A0A0Au) >> 1;
a3 ^= (((a2 << 1) & a4) ^ ((a4 << 1) & a2)) & 0x0A0A0A0Au;
a3 |= a3 << 4;
a2 = ((a1 & 0xCCCCCCCCu) >> 2) | ((a1 & 0x33333333u) << 2);
x = a1 & a3;
x ^= (x & 0xAAAAAAAAu) >> 1;
x ^= (((a1 << 1) & a3) ^ ((a3 << 1) & a1)) & 0xAAAAAAAAu;
a4 = a2 & a3;
a4 ^= (a4 & 0xAAAAAAAAu) >> 1;
a4 ^= (((a2 << 1) & a3) ^ ((a3 << 1) & a2)) & 0xAAAAAAAAu;
a5 = (x & 0xCCCCCCCCu) >> 2;
x ^= ((a4 << 2) ^ a4) & 0xCCCCCCCCu;
a4 = a5 & 0x22222222u;
a4 |= a4 >> 1;
a4 ^= (a5 << 1) & 0x22222222u;
x ^= a4;
y = ((x & 0xFEFEFEFEu) >> 1) | ((x & 0x01010101u) << 7);
x &= 0x39393939u;
x ^= y & 0x3F3F3F3Fu;
y = ((y & 0xFCFCFCFCu) >> 2) | ((y & 0x03030303u) << 6);
x ^= y & 0x97979797u;
y = ((y & 0xFEFEFEFEu) >> 1) | ((y & 0x01010101u) << 7);
x ^= y & 0x9B9B9B9Bu;
y = ((y & 0xFEFEFEFEu) >> 1) | ((y & 0x01010101u) << 7);
x ^= y & 0x3C3C3C3Cu;
y = ((y & 0xFEFEFEFEu) >> 1) | ((y & 0x01010101u) << 7);
x ^= y & 0xDDDDDDDDu;
y = ((y & 0xFEFEFEFEu) >> 1) | ((y & 0x01010101u) << 7);
x ^= y & 0x72727272u;
x ^= 0x63636363u;
*w = x;
}
static void SubLong(u64 *w)
{
u64 x, y, a1, a2, a3, a4, a5, a6;
x = *w;
y = ((x & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((x & 0x0101010101010101uLL) << 7);
x &= 0xDDDDDDDDDDDDDDDDuLL;
x ^= y & 0x5757575757575757uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x1C1C1C1C1C1C1C1CuLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x4A4A4A4A4A4A4A4AuLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x4242424242424242uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x6464646464646464uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0xE0E0E0E0E0E0E0E0uLL;
a1 = x;
a1 ^= (x & 0xF0F0F0F0F0F0F0F0uLL) >> 4;
a2 = ((x & 0xCCCCCCCCCCCCCCCCuLL) >> 2) | ((x & 0x3333333333333333uLL) << 2);
a3 = x & a1;
a3 ^= (a3 & 0xAAAAAAAAAAAAAAAAuLL) >> 1;
a3 ^= (((x << 1) & a1) ^ ((a1 << 1) & x)) & 0xAAAAAAAAAAAAAAAAuLL;
a4 = a2 & a1;
a4 ^= (a4 & 0xAAAAAAAAAAAAAAAAuLL) >> 1;
a4 ^= (((a2 << 1) & a1) ^ ((a1 << 1) & a2)) & 0xAAAAAAAAAAAAAAAAuLL;
a5 = (a3 & 0xCCCCCCCCCCCCCCCCuLL) >> 2;
a3 ^= ((a4 << 2) ^ a4) & 0xCCCCCCCCCCCCCCCCuLL;
a4 = a5 & 0x2222222222222222uLL;
a4 |= a4 >> 1;
a4 ^= (a5 << 1) & 0x2222222222222222uLL;
a3 ^= a4;
a5 = a3 & 0xA0A0A0A0A0A0A0A0uLL;
a5 |= a5 >> 1;
a5 ^= (a3 << 1) & 0xA0A0A0A0A0A0A0A0uLL;
a4 = a5 & 0xC0C0C0C0C0C0C0C0uLL;
a6 = a4 >> 2;
a4 ^= (a5 << 2) & 0xC0C0C0C0C0C0C0C0uLL;
a5 = a6 & 0x2020202020202020uLL;
a5 |= a5 >> 1;
a5 ^= (a6 << 1) & 0x2020202020202020uLL;
a4 |= a5;
a3 ^= a4 >> 4;
a3 &= 0x0F0F0F0F0F0F0F0FuLL;
a2 = a3;
a2 ^= (a3 & 0x0C0C0C0C0C0C0C0CuLL) >> 2;
a4 = a3 & a2;
a4 ^= (a4 & 0x0A0A0A0A0A0A0A0AuLL) >> 1;
a4 ^= (((a3 << 1) & a2) ^ ((a2 << 1) & a3)) & 0x0A0A0A0A0A0A0A0AuLL;
a5 = a4 & 0x0808080808080808uLL;
a5 |= a5 >> 1;
a5 ^= (a4 << 1) & 0x0808080808080808uLL;
a4 ^= a5 >> 2;
a4 &= 0x0303030303030303uLL;
a4 ^= (a4 & 0x0202020202020202uLL) >> 1;
a4 |= a4 << 2;
a3 = a2 & a4;
a3 ^= (a3 & 0x0A0A0A0A0A0A0A0AuLL) >> 1;
a3 ^= (((a2 << 1) & a4) ^ ((a4 << 1) & a2)) & 0x0A0A0A0A0A0A0A0AuLL;
a3 |= a3 << 4;
a2 = ((a1 & 0xCCCCCCCCCCCCCCCCuLL) >> 2) | ((a1 & 0x3333333333333333uLL) << 2);
x = a1 & a3;
x ^= (x & 0xAAAAAAAAAAAAAAAAuLL) >> 1;
x ^= (((a1 << 1) & a3) ^ ((a3 << 1) & a1)) & 0xAAAAAAAAAAAAAAAAuLL;
a4 = a2 & a3;
a4 ^= (a4 & 0xAAAAAAAAAAAAAAAAuLL) >> 1;
a4 ^= (((a2 << 1) & a3) ^ ((a3 << 1) & a2)) & 0xAAAAAAAAAAAAAAAAuLL;
a5 = (x & 0xCCCCCCCCCCCCCCCCuLL) >> 2;
x ^= ((a4 << 2) ^ a4) & 0xCCCCCCCCCCCCCCCCuLL;
a4 = a5 & 0x2222222222222222uLL;
a4 |= a4 >> 1;
a4 ^= (a5 << 1) & 0x2222222222222222uLL;
x ^= a4;
y = ((x & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((x & 0x0101010101010101uLL) << 7);
x &= 0x3939393939393939uLL;
x ^= y & 0x3F3F3F3F3F3F3F3FuLL;
y = ((y & 0xFCFCFCFCFCFCFCFCuLL) >> 2) | ((y & 0x0303030303030303uLL) << 6);
x ^= y & 0x9797979797979797uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x9B9B9B9B9B9B9B9BuLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x3C3C3C3C3C3C3C3CuLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0xDDDDDDDDDDDDDDDDuLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x7272727272727272uLL;
x ^= 0x6363636363636363uLL;
*w = x;
}
/*
* This computes w := (S^-1 * (w + c))^-1
*/
static void InvSubLong(u64 *w)
{
u64 x, y, a1, a2, a3, a4, a5, a6;
x = *w;
x ^= 0x6363636363636363uLL;
y = ((x & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((x & 0x0101010101010101uLL) << 7);
x &= 0xFDFDFDFDFDFDFDFDuLL;
x ^= y & 0x5E5E5E5E5E5E5E5EuLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0xF3F3F3F3F3F3F3F3uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0xF5F5F5F5F5F5F5F5uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x7878787878787878uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x7777777777777777uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x1515151515151515uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0xA5A5A5A5A5A5A5A5uLL;
a1 = x;
a1 ^= (x & 0xF0F0F0F0F0F0F0F0uLL) >> 4;
a2 = ((x & 0xCCCCCCCCCCCCCCCCuLL) >> 2) | ((x & 0x3333333333333333uLL) << 2);
a3 = x & a1;
a3 ^= (a3 & 0xAAAAAAAAAAAAAAAAuLL) >> 1;
a3 ^= (((x << 1) & a1) ^ ((a1 << 1) & x)) & 0xAAAAAAAAAAAAAAAAuLL;
a4 = a2 & a1;
a4 ^= (a4 & 0xAAAAAAAAAAAAAAAAuLL) >> 1;
a4 ^= (((a2 << 1) & a1) ^ ((a1 << 1) & a2)) & 0xAAAAAAAAAAAAAAAAuLL;
a5 = (a3 & 0xCCCCCCCCCCCCCCCCuLL) >> 2;
a3 ^= ((a4 << 2) ^ a4) & 0xCCCCCCCCCCCCCCCCuLL;
a4 = a5 & 0x2222222222222222uLL;
a4 |= a4 >> 1;
a4 ^= (a5 << 1) & 0x2222222222222222uLL;
a3 ^= a4;
a5 = a3 & 0xA0A0A0A0A0A0A0A0uLL;
a5 |= a5 >> 1;
a5 ^= (a3 << 1) & 0xA0A0A0A0A0A0A0A0uLL;
a4 = a5 & 0xC0C0C0C0C0C0C0C0uLL;
a6 = a4 >> 2;
a4 ^= (a5 << 2) & 0xC0C0C0C0C0C0C0C0uLL;
a5 = a6 & 0x2020202020202020uLL;
a5 |= a5 >> 1;
a5 ^= (a6 << 1) & 0x2020202020202020uLL;
a4 |= a5;
a3 ^= a4 >> 4;
a3 &= 0x0F0F0F0F0F0F0F0FuLL;
a2 = a3;
a2 ^= (a3 & 0x0C0C0C0C0C0C0C0CuLL) >> 2;
a4 = a3 & a2;
a4 ^= (a4 & 0x0A0A0A0A0A0A0A0AuLL) >> 1;
a4 ^= (((a3 << 1) & a2) ^ ((a2 << 1) & a3)) & 0x0A0A0A0A0A0A0A0AuLL;
a5 = a4 & 0x0808080808080808uLL;
a5 |= a5 >> 1;
a5 ^= (a4 << 1) & 0x0808080808080808uLL;
a4 ^= a5 >> 2;
a4 &= 0x0303030303030303uLL;
a4 ^= (a4 & 0x0202020202020202uLL) >> 1;
a4 |= a4 << 2;
a3 = a2 & a4;
a3 ^= (a3 & 0x0A0A0A0A0A0A0A0AuLL) >> 1;
a3 ^= (((a2 << 1) & a4) ^ ((a4 << 1) & a2)) & 0x0A0A0A0A0A0A0A0AuLL;
a3 |= a3 << 4;
a2 = ((a1 & 0xCCCCCCCCCCCCCCCCuLL) >> 2) | ((a1 & 0x3333333333333333uLL) << 2);
x = a1 & a3;
x ^= (x & 0xAAAAAAAAAAAAAAAAuLL) >> 1;
x ^= (((a1 << 1) & a3) ^ ((a3 << 1) & a1)) & 0xAAAAAAAAAAAAAAAAuLL;
a4 = a2 & a3;
a4 ^= (a4 & 0xAAAAAAAAAAAAAAAAuLL) >> 1;
a4 ^= (((a2 << 1) & a3) ^ ((a3 << 1) & a2)) & 0xAAAAAAAAAAAAAAAAuLL;
a5 = (x & 0xCCCCCCCCCCCCCCCCuLL) >> 2;
x ^= ((a4 << 2) ^ a4) & 0xCCCCCCCCCCCCCCCCuLL;
a4 = a5 & 0x2222222222222222uLL;
a4 |= a4 >> 1;
a4 ^= (a5 << 1) & 0x2222222222222222uLL;
x ^= a4;
y = ((x & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((x & 0x0101010101010101uLL) << 7);
x &= 0xB5B5B5B5B5B5B5B5uLL;
x ^= y & 0x4040404040404040uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x8080808080808080uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x1616161616161616uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0xEBEBEBEBEBEBEBEBuLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x9797979797979797uLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0xFBFBFBFBFBFBFBFBuLL;
y = ((y & 0xFEFEFEFEFEFEFEFEuLL) >> 1) | ((y & 0x0101010101010101uLL) << 7);
x ^= y & 0x7D7D7D7D7D7D7D7DuLL;
*w = x;
}
static void ShiftRows(u64 *state)
{
unsigned char s[4];
unsigned char *s0;
int r;
s0 = (unsigned char *)state;
for (r = 0; r < 4; r++) {
s[0] = s0[0*4 + r];
s[1] = s0[1*4 + r];
s[2] = s0[2*4 + r];
s[3] = s0[3*4 + r];
s0[0*4 + r] = s[(r+0) % 4];
s0[1*4 + r] = s[(r+1) % 4];
s0[2*4 + r] = s[(r+2) % 4];
s0[3*4 + r] = s[(r+3) % 4];
}
}
static void InvShiftRows(u64 *state)
{
unsigned char s[4];
unsigned char *s0;
int r;
s0 = (unsigned char *)state;
for (r = 0; r < 4; r++) {
s[0] = s0[0*4 + r];
s[1] = s0[1*4 + r];
s[2] = s0[2*4 + r];
s[3] = s0[3*4 + r];
s0[0*4 + r] = s[(4-r) % 4];
s0[1*4 + r] = s[(5-r) % 4];
s0[2*4 + r] = s[(6-r) % 4];
s0[3*4 + r] = s[(7-r) % 4];
}
}
static void MixColumns(u64 *state)
{
uni s1;
uni s;
int c;
for (c = 0; c < 2; c++) {
s1.d = state[c];
s.d = s1.d;
s.d ^= ((s.d & 0xFFFF0000FFFF0000uLL) >> 16)
| ((s.d & 0x0000FFFF0000FFFFuLL) << 16);
s.d ^= ((s.d & 0xFF00FF00FF00FF00uLL) >> 8)
| ((s.d & 0x00FF00FF00FF00FFuLL) << 8);
s.d ^= s1.d;
XtimeLong(&s1.d);
s.d ^= s1.d;
s.b[0] ^= s1.b[1];
s.b[1] ^= s1.b[2];
s.b[2] ^= s1.b[3];
s.b[3] ^= s1.b[0];
s.b[4] ^= s1.b[5];
s.b[5] ^= s1.b[6];
s.b[6] ^= s1.b[7];
s.b[7] ^= s1.b[4];
state[c] = s.d;
}
}
static void InvMixColumns(u64 *state)
{
uni s1;
uni s;
int c;
for (c = 0; c < 2; c++) {
s1.d = state[c];
s.d = s1.d;
s.d ^= ((s.d & 0xFFFF0000FFFF0000uLL) >> 16)
| ((s.d & 0x0000FFFF0000FFFFuLL) << 16);
s.d ^= ((s.d & 0xFF00FF00FF00FF00uLL) >> 8)
| ((s.d & 0x00FF00FF00FF00FFuLL) << 8);
s.d ^= s1.d;
XtimeLong(&s1.d);
s.d ^= s1.d;
s.b[0] ^= s1.b[1];
s.b[1] ^= s1.b[2];
s.b[2] ^= s1.b[3];
s.b[3] ^= s1.b[0];
s.b[4] ^= s1.b[5];
s.b[5] ^= s1.b[6];
s.b[6] ^= s1.b[7];
s.b[7] ^= s1.b[4];
XtimeLong(&s1.d);
s1.d ^= ((s1.d & 0xFFFF0000FFFF0000uLL) >> 16)
| ((s1.d & 0x0000FFFF0000FFFFuLL) << 16);
s.d ^= s1.d;
XtimeLong(&s1.d);
s1.d ^= ((s1.d & 0xFF00FF00FF00FF00uLL) >> 8)
| ((s1.d & 0x00FF00FF00FF00FFuLL) << 8);
s.d ^= s1.d;
state[c] = s.d;
}
}
static void AddRoundKey(u64 *state, const u64 *w)
{
state[0] ^= w[0];
state[1] ^= w[1];
}
static void Cipher(const unsigned char *in, unsigned char *out,
const u64 *w, int nr)
{
u64 state[2];
int i;
memcpy(state, in, 16);
AddRoundKey(state, w);
for (i = 1; i < nr; i++) {
SubLong(&state[0]);
SubLong(&state[1]);
ShiftRows(state);
MixColumns(state);
AddRoundKey(state, w + i*2);
}
SubLong(&state[0]);
SubLong(&state[1]);
ShiftRows(state);
AddRoundKey(state, w + nr*2);
memcpy(out, state, 16);
}
static void InvCipher(const unsigned char *in, unsigned char *out,
const u64 *w, int nr)
{
u64 state[2];
int i;
memcpy(state, in, 16);
AddRoundKey(state, w + nr*2);
for (i = nr - 1; i > 0; i--) {
InvShiftRows(state);
InvSubLong(&state[0]);
InvSubLong(&state[1]);
AddRoundKey(state, w + i*2);
InvMixColumns(state);
}
InvShiftRows(state);
InvSubLong(&state[0]);
InvSubLong(&state[1]);
AddRoundKey(state, w);
memcpy(out, state, 16);
}
static void RotWord(u32 *x)
{
unsigned char *w0;
unsigned char tmp;
w0 = (unsigned char *)x;
tmp = w0[0];
w0[0] = w0[1];
w0[1] = w0[2];
w0[2] = w0[3];
w0[3] = tmp;
}
static void KeyExpansion(const unsigned char *key, u64 *w,
int nr, int nk)
{
u32 rcon;
uni prev;
u32 temp;
int i, n;
memcpy(w, key, nk*4);
memcpy(&rcon, "\1\0\0\0", 4);
n = nk/2;
prev.d = w[n-1];
for (i = n; i < (nr+1)*2; i++) {
temp = prev.w[1];
if (i % n == 0) {
RotWord(&temp);
SubWord(&temp);
temp ^= rcon;
XtimeWord(&rcon);
} else if (nk > 6 && i % n == 2) {
SubWord(&temp);
}
prev.d = w[i-n];
prev.w[0] ^= temp;
prev.w[1] ^= prev.w[0];
w[i] = prev.d;
}
}
/**
* Expand the cipher key into the encryption key schedule.
*/
int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key)
{
u64 *rk;
if (!userKey || !key)
return -1;
if (bits != 128 && bits != 192 && bits != 256)
return -2;
rk = (u64*)key->rd_key;
if (bits == 128)
key->rounds = 10;
else if (bits == 192)
key->rounds = 12;
else
key->rounds = 14;
KeyExpansion(userKey, rk, key->rounds, bits/32);
return 0;
}
/**
* Expand the cipher key into the decryption key schedule.
*/
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key)
{
return AES_set_encrypt_key(userKey, bits, key);
}
/*
* Encrypt a single block
* in and out can overlap
*/
void AES_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key)
{
const u64 *rk;
assert(in && out && key);
rk = (u64*)key->rd_key;
Cipher(in, out, rk, key->rounds);
}
/*
* Decrypt a single block
* in and out can overlap
*/
void AES_decrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key)
{
const u64 *rk;
assert(in && out && key);
rk = (u64*)key->rd_key;
InvCipher(in, out, rk, key->rounds);
}
#elif !defined(AES_ASM)
/*-
Te0[x] = S [x].[02, 01, 01, 03];
Te1[x] = S [x].[03, 02, 01, 01];

16
crypto/aes/aes_ige.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,11 +12,6 @@
#include <openssl/aes.h>
#include "aes_local.h"
#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
typedef struct {
unsigned long data[N_WORDS];
} aes_block_t;
/* XXX: probably some better way to do this */
#if defined(__i386__) || defined(__x86_64__)
# define UNALIGNED_MEMOPS_ARE_FAST 1
@@ -24,6 +19,15 @@ typedef struct {
# define UNALIGNED_MEMOPS_ARE_FAST 0
#endif
#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
typedef struct {
unsigned long data[N_WORDS];
#if defined(__GNUC__) && UNALIGNED_MEMOPS_ARE_FAST
} aes_block_t __attribute((__aligned__(1)));
#else
} aes_block_t;
#endif
#if UNALIGNED_MEMOPS_ARE_FAST
# define load_block(d, s) (d) = *(const aes_block_t *)(s)
# define store_block(d, s) *(aes_block_t *)(d) = (s)

3
crypto/aes/aes_local.h
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -24,6 +24,7 @@
# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
# endif
typedef unsigned long long u64;
# ifdef AES_LONG
typedef unsigned long u32;
# else

2
crypto/aes/asm/aesni-mb-x86_64.pl
View File

@@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}

2
crypto/aes/asm/aesni-sha1-x86_64.pl
View File

@@ -108,7 +108,7 @@ $avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
$avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
`ml64 2>&1` =~ /Version ([0-9]+)\./ &&
$1>=10);
$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/ && $2>=3.0);
$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/ && $2>=3.0);
$shaext=1; ### set to zero if compiling for 1.0.1

2
crypto/aes/asm/aesni-sha256-x86_64.pl
View File

@@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=12);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}

38
crypto/aes/asm/aesv8-armx.pl
View File

@@ -183,7 +183,12 @@ $code.=<<___;
.Loop192:
vtbl.8 $key,{$in1},$mask
vext.8 $tmp,$zero,$in0,#12
#ifdef __ARMEB__
vst1.32 {$in1},[$out],#16
sub $out,$out,#8
#else
vst1.32 {$in1},[$out],#8
#endif
aese $key,$zero
subs $bits,$bits,#1
@@ -715,8 +720,11 @@ $code.=<<___;
ldr $rounds,[$key,#240]
ldr $ctr, [$ivp, #12]
#ifdef __ARMEB__
vld1.8 {$dat0},[$ivp]
#else
vld1.32 {$dat0},[$ivp]
#endif
vld1.32 {q8-q9},[$key] // load key schedule...
sub $rounds,$rounds,#4
mov $step,#16
@@ -732,17 +740,17 @@ $code.=<<___;
#ifndef __ARMEB__
rev $ctr, $ctr
#endif
vorr $dat1,$dat0,$dat0
add $tctr1, $ctr, #1
vorr $dat2,$dat0,$dat0
add $ctr, $ctr, #2
vorr $ivec,$dat0,$dat0
rev $tctr1, $tctr1
vmov.32 ${dat1}[3],$tctr1
vmov.32 ${ivec}[3],$tctr1
add $ctr, $ctr, #2
vorr $dat1,$ivec,$ivec
b.ls .Lctr32_tail
rev $tctr2, $ctr
vmov.32 ${ivec}[3],$tctr2
sub $len,$len,#3 // bias
vmov.32 ${dat2}[3],$tctr2
vorr $dat2,$ivec,$ivec
b .Loop3x_ctr32
.align 4
@@ -769,11 +777,11 @@ $code.=<<___;
aese $dat1,q8
aesmc $tmp1,$dat1
vld1.8 {$in0},[$inp],#16
vorr $dat0,$ivec,$ivec
add $tctr0,$ctr,#1
aese $dat2,q8
aesmc $dat2,$dat2
vld1.8 {$in1},[$inp],#16
vorr $dat1,$ivec,$ivec
rev $tctr0,$tctr0
aese $tmp0,q9
aesmc $tmp0,$tmp0
aese $tmp1,q9
@@ -782,8 +790,6 @@ $code.=<<___;
mov $key_,$key
aese $dat2,q9
aesmc $tmp2,$dat2
vorr $dat2,$ivec,$ivec
add $tctr0,$ctr,#1
aese $tmp0,q12
aesmc $tmp0,$tmp0
aese $tmp1,q12
@@ -799,20 +805,22 @@ $code.=<<___;
aese $tmp1,q13
aesmc $tmp1,$tmp1
veor $in2,$in2,$rndlast
rev $tctr0,$tctr0
vmov.32 ${ivec}[3], $tctr0
aese $tmp2,q13
aesmc $tmp2,$tmp2
vmov.32 ${dat0}[3], $tctr0
vorr $dat0,$ivec,$ivec
rev $tctr1,$tctr1
aese $tmp0,q14
aesmc $tmp0,$tmp0
vmov.32 ${ivec}[3], $tctr1
rev $tctr2,$ctr
aese $tmp1,q14
aesmc $tmp1,$tmp1
vmov.32 ${dat1}[3], $tctr1
rev $tctr2,$ctr
vorr $dat1,$ivec,$ivec
vmov.32 ${ivec}[3], $tctr2
aese $tmp2,q14
aesmc $tmp2,$tmp2
vmov.32 ${dat2}[3], $tctr2
vorr $dat2,$ivec,$ivec
subs $len,$len,#3
aese $tmp0,q15
aese $tmp1,q15

34
crypto/armcap.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -68,7 +68,39 @@ void OPENSSL_cpuid_setup(void) __attribute__ ((constructor));
# include <sys/auxv.h>
# define OSSL_IMPLEMENT_GETAUXVAL
# endif
# elif defined(__ANDROID_API__)
/* see https://developer.android.google.cn/ndk/guides/cpu-features */
# if __ANDROID_API__ >= 18
# include <sys/auxv.h>
# define OSSL_IMPLEMENT_GETAUXVAL
# endif
# endif
# if defined(__FreeBSD__)
# include <sys/param.h>
# if __FreeBSD_version >= 1200000
# include <sys/auxv.h>
# define OSSL_IMPLEMENT_GETAUXVAL
static unsigned long getauxval(unsigned long key)
{
unsigned long val = 0ul;
if (elf_aux_info((int)key, &val, sizeof(val)) != 0)
return 0ul;
return val;
}
# endif
# endif
/*
* Android: according to https://developer.android.com/ndk/guides/cpu-features,
* getauxval is supported starting with API level 18
*/
# if defined(__ANDROID__) && defined(__ANDROID_API__) && __ANDROID_API__ >= 18
# include <sys/auxv.h>
# define OSSL_IMPLEMENT_GETAUXVAL
# endif
/*
* ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas

15
crypto/asn1/a_object.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -286,16 +286,13 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
}
}
/*
* only the ASN1_OBJECTs from the 'table' will have values for ->sn or
* ->ln
*/
if ((a == NULL) || ((*a) == NULL) ||
!((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
if ((ret = ASN1_OBJECT_new()) == NULL)
return NULL;
} else
} else {
ret = (*a);
}
p = *pp;
/* detach data from object */
@@ -313,6 +310,12 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
}
memcpy(data, p, length);
/* If there are dynamic strings, free them here, and clear the flag */
if ((ret->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) != 0) {
OPENSSL_free((char *)ret->sn);
OPENSSL_free((char *)ret->ln);
ret->flags &= ~ASN1_OBJECT_FLAG_DYNAMIC_STRINGS;
}
/* reattach data to object, after which it remains const */
ret->data = data;
ret->length = length;

4
crypto/asn1/a_strex.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -280,6 +280,8 @@ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg,
t.type = str->type;
t.value.ptr = (char *)str;
der_len = i2d_ASN1_TYPE(&t, NULL);
if (der_len <= 0)
return -1;
if ((der_buf = OPENSSL_malloc(der_len)) == NULL) {
ASN1err(ASN1_F_DO_DUMP, ERR_R_MALLOC_FAILURE);
return -1;

4
crypto/asn1/asn1_err.c
View File

@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -49,6 +49,7 @@ static const ERR_STRING_DATA ASN1_str_functs[] = {
"asn1_item_embed_d2i"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EMBED_NEW, 0),
"asn1_item_embed_new"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EX_I2D, 0), "ASN1_item_ex_i2d"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_FLAGS_I2D, 0),
"asn1_item_flags_i2d"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_I2D_BIO, 0), "ASN1_item_i2d_bio"},
@@ -160,6 +161,7 @@ static const ERR_STRING_DATA ASN1_str_reasons[] = {
"asn1 sig parse error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_AUX_ERROR), "aux error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_OBJECT_HEADER), "bad object header"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_TEMPLATE), "bad template"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BMPSTRING_IS_WRONG_LENGTH),
"bmpstring is wrong length"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BN_LIB), "bn lib"},

35
crypto/asn1/asn1_lib.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -268,20 +268,36 @@ ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str)
return ret;
}
int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len_in)
{
unsigned char *c;
const char *data = _data;
size_t len;
if (len < 0) {
if (len_in < 0) {
if (data == NULL)
return 0;
else
len = strlen(data);
len = strlen(data);
} else {
len = (size_t)len_in;
}
if ((str->length <= len) || (str->data == NULL)) {
/*
* Verify that the length fits within an integer for assignment to
* str->length below. The additional 1 is subtracted to allow for the
* '\0' terminator even though this isn't strictly necessary.
*/
if (len > INT_MAX - 1) {
ASN1err(0, ASN1_R_TOO_LARGE);
return 0;
}
if ((size_t)str->length <= len || str->data == NULL) {
c = str->data;
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
/* No NUL terminator in fuzzing builds */
str->data = OPENSSL_realloc(c, len);
#else
str->data = OPENSSL_realloc(c, len + 1);
#endif
if (str->data == NULL) {
ASN1err(ASN1_F_ASN1_STRING_SET, ERR_R_MALLOC_FAILURE);
str->data = c;
@@ -291,8 +307,13 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
str->length = len;
if (data != NULL) {
memcpy(str->data, data, len);
/* an allowance for strings :-) */
#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
/*
* Add a NUL terminator. This should not be necessary - but we add it as
* a safety precaution
*/
str->data[len] = '\0';
#endif
}
return 1;
}

3
crypto/asn1/asn1_par.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -325,6 +325,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
}
if (BIO_puts(bp, "]") <= 0)
goto end;
dump_cont = 0;
}
if (!nl) {

7
crypto/asn1/bio_asn1.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -138,6 +138,11 @@ static int asn1_bio_free(BIO *b)
if (ctx == NULL)
return 0;
if (ctx->prefix_free != NULL)
ctx->prefix_free(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg);
if (ctx->suffix_free != NULL)
ctx->suffix_free(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg);
OPENSSL_free(ctx->buf);
OPENSSL_free(ctx);
BIO_set_data(b, NULL);

7
crypto/asn1/bio_ndef.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -113,6 +113,8 @@ static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
ndef_aux = *(NDEF_SUPPORT **)parg;
derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
if (derlen < 0)
return 0;
if ((p = OPENSSL_malloc(derlen)) == NULL) {
ASN1err(ASN1_F_NDEF_PREFIX, ERR_R_MALLOC_FAILURE);
return 0;
@@ -140,6 +142,9 @@ static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen,
ndef_aux = *(NDEF_SUPPORT **)parg;
if (ndef_aux == NULL)
return 0;
OPENSSL_free(ndef_aux->derbuf);
ndef_aux->derbuf = NULL;

2
crypto/asn1/charmap.h
View File

@@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by crypto/asn1/charmap.pl
*
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy

75
crypto/asn1/d2i_pr.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -56,6 +56,8 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
goto err;
EVP_PKEY_free(ret);
ret = tmp;
if (EVP_PKEY_type(type) != EVP_PKEY_base_id(ret))
goto err;
} else {
ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
goto err;
@@ -76,13 +78,53 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
* type
*/
static EVP_PKEY *key_as_pkcs8(const unsigned char **pp, long length, int *carry_on)
{
const unsigned char *p = *pp;
PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
EVP_PKEY *ret;
if (p8 == NULL)
return NULL;
ret = EVP_PKCS82PKEY(p8);
if (ret == NULL)
*carry_on = 0;
PKCS8_PRIV_KEY_INFO_free(p8);
if (ret != NULL)
*pp = p;
return ret;
}
EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
long length)
{
STACK_OF(ASN1_TYPE) *inkey;
const unsigned char *p;
int keytype;
EVP_PKEY *ret = NULL;
int carry_on = 1;
ERR_set_mark();
ret = key_as_pkcs8(pp, length, &carry_on);
if (ret != NULL) {
ERR_clear_last_mark();
if (a != NULL)
*a = ret;
return ret;
}
if (carry_on == 0) {
ERR_clear_last_mark();
ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
return NULL;
}
p = *pp;
/*
* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
* analyzing it we can determine the passed structure: this assumes the
@@ -98,28 +140,15 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
keytype = EVP_PKEY_DSA;
else if (sk_ASN1_TYPE_num(inkey) == 4)
keytype = EVP_PKEY_EC;
else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
* traditional format */
PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
EVP_PKEY *ret;
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
if (!p8) {
ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
return NULL;
}
ret = EVP_PKCS82PKEY(p8);
PKCS8_PRIV_KEY_INFO_free(p8);
if (ret == NULL)
return NULL;
*pp = p;
if (a) {
*a = ret;
}
return ret;
} else
else
keytype = EVP_PKEY_RSA;
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
return d2i_PrivateKey(keytype, a, pp, length);
ret = d2i_PrivateKey(keytype, a, pp, length);
if (ret != NULL)
ERR_pop_to_mark();
else
ERR_clear_last_mark();
return ret;
}

4
crypto/asn1/t_spki.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -38,7 +38,7 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
}
chal = spki->spkac->challenge;
if (chal->length)
BIO_printf(out, " Challenge String: %s\n", chal->data);
BIO_printf(out, " Challenge String: %.*s\n", chal->length, chal->data);
i = OBJ_obj2nid(spki->sig_algor.algorithm);
BIO_printf(out, " Signature Algorithm: %s",
(i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));

21
crypto/asn1/tasn_dec.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -182,6 +182,15 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, const unsigned char **in,
tag, aclass, opt, ctx);
case ASN1_ITYPE_MSTRING:
/*
* It never makes sense for multi-strings to have implicit tagging, so
* if tag != -1, then this looks like an error in the template.
*/
if (tag != -1) {
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_BAD_TEMPLATE);
goto err;
}
p = *in;
/* Just read in tag and class */
ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
@@ -199,6 +208,7 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, const unsigned char **in,
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL);
goto err;
}
/* Check tag matches bit map */
if (!(ASN1_tag2bit(otag) & it->utype)) {
/* If OPTIONAL, assume this is OK */
@@ -215,6 +225,15 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, const unsigned char **in,
return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx);
case ASN1_ITYPE_CHOICE:
/*
* It never makes sense for CHOICE types to have implicit tagging, so
* if tag != -1, then this looks like an error in the template.
*/
if (tag != -1) {
ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_BAD_TEMPLATE);
goto err;
}
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
goto auxerr;
if (*pval) {

18
crypto/asn1/tasn_enc.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -103,9 +103,25 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
case ASN1_ITYPE_MSTRING:
/*
* It never makes sense for multi-strings to have implicit tagging, so
* if tag != -1, then this looks like an error in the template.
*/
if (tag != -1) {
ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE);
return -1;
}
return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
case ASN1_ITYPE_CHOICE:
/*
* It never makes sense for CHOICE types to have implicit tagging, so
* if tag != -1, then this looks like an error in the template.
*/
if (tag != -1) {
ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE);
return -1;
}
if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
return 0;
i = asn1_get_choice_selector(pval, it);

34
crypto/asn1/x_algor.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -92,3 +92,35 @@ int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
return 0;
return ASN1_TYPE_cmp(a->parameter, b->parameter);
}
int X509_ALGOR_copy(X509_ALGOR *dest, const X509_ALGOR *src)
{
if (src == NULL || dest == NULL)
return 0;
if (dest->algorithm)
ASN1_OBJECT_free(dest->algorithm);
dest->algorithm = NULL;
if (dest->parameter)
ASN1_TYPE_free(dest->parameter);
dest->parameter = NULL;
if (src->algorithm)
if ((dest->algorithm = OBJ_dup(src->algorithm)) == NULL)
return 0;
if (src->parameter) {
dest->parameter = ASN1_TYPE_new();
if (dest->parameter == NULL)
return 0;
/* Assuming this is also correct for a BOOL.
* set does copy as a side effect.
*/
if (ASN1_TYPE_set1(dest->parameter,
src->parameter->type, src->parameter->value.ptr) == 0)
return 0;
}
return 1;
}

8
crypto/bio/b_addr.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +7,10 @@
* https://www.openssl.org/source/license.html
*/
#ifndef _GNU_SOURCE
# define _GNU_SOURCE
#endif
#include <assert.h>
#include <string.h>
@@ -685,7 +689,7 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
hints.ai_protocol = protocol;
# ifdef AI_ADDRCONFIG
# ifdef AF_UNSPEC
if (family == AF_UNSPEC)
if (host != NULL && family == AF_UNSPEC)
# endif
hints.ai_flags |= AI_ADDRCONFIG;
# endif

8
crypto/bio/b_print.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -635,7 +635,11 @@ fmtfp(char **sbuffer,
fvalue = tmpvalue;
}
ufvalue = abs_val(fvalue);
if (ufvalue > ULONG_MAX) {
/*
* By subtracting 65535 (2^16-1) we cancel the low order 15 bits
* of ULONG_MAX to avoid using imprecise floating point values.
*/
if (ufvalue >= (double)(ULONG_MAX - 65535) + 65536.0) {
/* Number too big */
return 0;
}

5
crypto/bio/b_sock2.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -243,7 +243,8 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options)
}
}
# ifdef IPV6_V6ONLY
/* On OpenBSD it is always ipv6 only with ipv6 sockets thus read-only */
# if defined(IPV6_V6ONLY) && !defined(__OpenBSD__)
if (BIO_ADDR_family(addr) == AF_INET6) {
/*
* Note: Windows default of IPV6_V6ONLY is ON, and Linux is OFF.

19
crypto/bio/bss_acpt.c
View File

@@ -222,10 +222,10 @@ static int acpt_state(BIO *b, BIO_ACCEPT *c)
break;
case ACPT_S_CREATE_SOCKET:
ret = BIO_socket(BIO_ADDRINFO_family(c->addr_iter),
BIO_ADDRINFO_socktype(c->addr_iter),
BIO_ADDRINFO_protocol(c->addr_iter), 0);
if (ret == (int)INVALID_SOCKET) {
s = BIO_socket(BIO_ADDRINFO_family(c->addr_iter),
BIO_ADDRINFO_socktype(c->addr_iter),
BIO_ADDRINFO_protocol(c->addr_iter), 0);
if (s == (int)INVALID_SOCKET) {
SYSerr(SYS_F_SOCKET, get_last_socket_error());
ERR_add_error_data(4,
"hostname=", c->param_addr,
@@ -233,9 +233,10 @@ static int acpt_state(BIO *b, BIO_ACCEPT *c)
BIOerr(BIO_F_ACPT_STATE, BIO_R_UNABLE_TO_CREATE_SOCKET);
goto exit_loop;
}
c->accept_sock = ret;
b->num = ret;
c->accept_sock = s;
b->num = s;
c->state = ACPT_S_LISTEN;
s = -1;
break;
case ACPT_S_LISTEN:
@@ -433,8 +434,10 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
b->init = 1;
} else if (num == 1) {
OPENSSL_free(data->param_serv);
data->param_serv = BUF_strdup(ptr);
b->init = 1;
if ((data->param_serv = OPENSSL_strdup(ptr)) == NULL)
ret = 0;
else
b->init = 1;
} else if (num == 2) {
data->bind_mode |= BIO_SOCK_NONBLOCK;
} else if (num == 3) {

36
crypto/bio/bss_conn.c
View File

@@ -186,8 +186,17 @@ static int conn_state(BIO *b, BIO_CONNECT *c)
case BIO_CONN_S_BLOCKED_CONNECT:
i = BIO_sock_error(b->num);
if (i) {
if (i != 0) {
BIO_clear_retry_flags(b);
if ((c->addr_iter = BIO_ADDRINFO_next(c->addr_iter)) != NULL) {
/*
* if there are more addresses to try, do that first
*/
BIO_closesocket(b->num);
c->state = BIO_CONN_S_CREATE_SOCKET;
ERR_clear_error();
break;
}
SYSerr(SYS_F_CONNECT, i);
ERR_add_error_data(4,
"hostname=", c->param_hostname,
@@ -407,12 +416,13 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_C_SET_CONNECT:
if (ptr != NULL) {
b->init = 1;
if (num == 0) {
if (num == 0) { /* BIO_set_conn_hostname */
char *hold_service = data->param_service;
/* We affect the hostname regardless. However, the input
* string might contain a host:service spec, so we must
* parse it, which might or might not affect the service
*/
OPENSSL_free(data->param_hostname);
data->param_hostname = NULL;
ret = BIO_parse_hostserv(ptr,
@@ -421,19 +431,29 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
BIO_PARSE_PRIO_HOST);
if (hold_service != data->param_service)
OPENSSL_free(hold_service);
} else if (num == 1) {
} else if (num == 1) { /* BIO_set_conn_port */
OPENSSL_free(data->param_service);
data->param_service = BUF_strdup(ptr);
} else if (num == 2) {
if ((data->param_service = OPENSSL_strdup(ptr)) == NULL)
ret = 0;
} else if (num == 2) { /* BIO_set_conn_address */
const BIO_ADDR *addr = (const BIO_ADDR *)ptr;
char *host = BIO_ADDR_hostname_string(addr, 1);
char *service = BIO_ADDR_service_string(addr, 1);
ret = host != NULL && service != NULL;
if (ret) {
data->param_hostname = BIO_ADDR_hostname_string(addr, 1);
data->param_service = BIO_ADDR_service_string(addr, 1);
OPENSSL_free(data->param_hostname);
data->param_hostname = host;
OPENSSL_free(data->param_service);
data->param_service = service;
BIO_ADDRINFO_free(data->addr_first);
data->addr_first = NULL;
data->addr_iter = NULL;
} else {
OPENSSL_free(host);
OPENSSL_free(service);
}
} else if (num == 3) {
} else if (num == 3) { /* BIO_set_conn_ip_family */
data->connect_family = *(int *)ptr;
} else {
ret = 0;

2
crypto/bn/asm/rsaz-avx2.pl
View File

@@ -66,7 +66,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+)\.([0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$avx = ($ver>=3.0) + ($ver>=3.01);
$addx = ($ver>=3.03);

2
crypto/bn/asm/rsaz-x86_64.pl
View File

@@ -81,7 +81,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$addx = ($ver>=3.03);
}

2
crypto/bn/asm/x86_64-mont.pl
View File

@@ -75,7 +75,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$addx = ($ver>=3.03);
}

2
crypto/bn/asm/x86_64-mont5.pl
View File

@@ -60,7 +60,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$addx = ($ver>=3.03);
}

9
crypto/bn/bn_div.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -268,7 +268,7 @@ int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
BIGNUM *tmp, *snum, *sdiv, *res;
BN_ULONG *resp, *wnum, *wnumtop;
BN_ULONG d0, d1;
int num_n, div_n;
int num_n, div_n, num_neg;
assert(divisor->top > 0 && divisor->d[divisor->top - 1] != 0);
@@ -326,7 +326,8 @@ int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
/* Setup quotient */
if (!bn_wexpand(res, loop))
goto err;
res->neg = (num->neg ^ divisor->neg);
num_neg = num->neg;
res->neg = (num_neg ^ divisor->neg);
res->top = loop;
res->flags |= BN_FLG_FIXED_TOP;
resp = &(res->d[loop]);
@@ -442,7 +443,7 @@ int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
*--resp = q;
}
/* snum holds remainder, it's as wide as divisor */
snum->neg = num->neg;
snum->neg = num_neg;
snum->top = div_n;
snum->flags |= BN_FLG_FIXED_TOP;
if (rm != NULL)

386
crypto/bn/bn_gcd.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -10,22 +10,189 @@
#include "internal/cryptlib.h"
#include "bn_local.h"
/* solves ax == 1 (mod n) */
static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n,
BN_CTX *ctx);
BIGNUM *BN_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
/*
* bn_mod_inverse_no_branch is a special version of BN_mod_inverse. It does
* not contain branches that may leak sensitive information.
*
* This is a static function, we ensure all callers in this file pass valid
* arguments: all passed pointers here are non-NULL.
*/
static ossl_inline
BIGNUM *bn_mod_inverse_no_branch(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n,
BN_CTX *ctx, int *pnoinv)
{
BIGNUM *rv;
int noinv;
rv = int_bn_mod_inverse(in, a, n, ctx, &noinv);
if (noinv)
BNerr(BN_F_BN_MOD_INVERSE, BN_R_NO_INVERSE);
return rv;
BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
BIGNUM *ret = NULL;
int sign;
bn_check_top(a);
bn_check_top(n);
BN_CTX_start(ctx);
A = BN_CTX_get(ctx);
B = BN_CTX_get(ctx);
X = BN_CTX_get(ctx);
D = BN_CTX_get(ctx);
M = BN_CTX_get(ctx);
Y = BN_CTX_get(ctx);
T = BN_CTX_get(ctx);
if (T == NULL)
goto err;
if (in == NULL)
R = BN_new();
else
R = in;
if (R == NULL)
goto err;
BN_one(X);
BN_zero(Y);
if (BN_copy(B, a) == NULL)
goto err;
if (BN_copy(A, n) == NULL)
goto err;
A->neg = 0;
if (B->neg || (BN_ucmp(B, A) >= 0)) {
/*
* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
* BN_div_no_branch will be called eventually.
*/
{
BIGNUM local_B;
bn_init(&local_B);
BN_with_flags(&local_B, B, BN_FLG_CONSTTIME);
if (!BN_nnmod(B, &local_B, A, ctx))
goto err;
/* Ensure local_B goes out of scope before any further use of B */
}
}
sign = -1;
/*-
* From B = a mod |n|, A = |n| it follows that
*
* 0 <= B < A,
* -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|).
*/
while (!BN_is_zero(B)) {
BIGNUM *tmp;
/*-
* 0 < B < A,
* (*) -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|)
*/
/*
* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
* BN_div_no_branch will be called eventually.
*/
{
BIGNUM local_A;
bn_init(&local_A);
BN_with_flags(&local_A, A, BN_FLG_CONSTTIME);
/* (D, M) := (A/B, A%B) ... */
if (!BN_div(D, M, &local_A, B, ctx))
goto err;
/* Ensure local_A goes out of scope before any further use of A */
}
/*-
* Now
* A = D*B + M;
* thus we have
* (**) sign*Y*a == D*B + M (mod |n|).
*/
tmp = A; /* keep the BIGNUM object, the value does not
* matter */
/* (A, B) := (B, A mod B) ... */
A = B;
B = M;
/* ... so we have 0 <= B < A again */
/*-
* Since the former M is now B and the former B is now A,
* (**) translates into
* sign*Y*a == D*A + B (mod |n|),
* i.e.
* sign*Y*a - D*A == B (mod |n|).
* Similarly, (*) translates into
* -sign*X*a == A (mod |n|).
*
* Thus,
* sign*Y*a + D*sign*X*a == B (mod |n|),
* i.e.
* sign*(Y + D*X)*a == B (mod |n|).
*
* So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at
* -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|).
* Note that X and Y stay non-negative all the time.
*/
if (!BN_mul(tmp, D, X, ctx))
goto err;
if (!BN_add(tmp, tmp, Y))
goto err;
M = Y; /* keep the BIGNUM object, the value does not
* matter */
Y = X;
X = tmp;
sign = -sign;
}
/*-
* The while loop (Euclid's algorithm) ends when
* A == gcd(a,n);
* we have
* sign*Y*a == A (mod |n|),
* where Y is non-negative.
*/
if (sign < 0) {
if (!BN_sub(Y, n, Y))
goto err;
}
/* Now Y*a == A (mod |n|). */
if (BN_is_one(A)) {
/* Y*a == 1 (mod |n|) */
if (!Y->neg && BN_ucmp(Y, n) < 0) {
if (!BN_copy(R, Y))
goto err;
} else {
if (!BN_nnmod(R, Y, n, ctx))
goto err;
}
} else {
*pnoinv = 1;
/* caller sets the BN_R_NO_INVERSE error */
goto err;
}
ret = R;
*pnoinv = 0;
err:
if ((ret == NULL) && (in == NULL))
BN_free(R);
BN_CTX_end(ctx);
bn_check_top(ret);
return ret;
}
/*
* This is an internal function, we assume all callers pass valid arguments:
* all pointers passed here are assumed non-NULL.
*/
BIGNUM *int_bn_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx,
int *pnoinv)
@@ -36,17 +203,15 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
/* This is invalid input so we don't worry about constant time here */
if (BN_abs_is_word(n, 1) || BN_is_zero(n)) {
if (pnoinv != NULL)
*pnoinv = 1;
*pnoinv = 1;
return NULL;
}
if (pnoinv != NULL)
*pnoinv = 0;
*pnoinv = 0;
if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0)
|| (BN_get_flags(n, BN_FLG_CONSTTIME) != 0)) {
return BN_mod_inverse_no_branch(in, a, n, ctx);
return bn_mod_inverse_no_branch(in, a, n, ctx, pnoinv);
}
bn_check_top(a);
@@ -332,8 +497,7 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
goto err;
}
} else {
if (pnoinv)
*pnoinv = 1;
*pnoinv = 1;
goto err;
}
ret = R;
@@ -345,175 +509,27 @@ BIGNUM *int_bn_mod_inverse(BIGNUM *in,
return ret;
}
/*
* BN_mod_inverse_no_branch is a special version of BN_mod_inverse. It does
* not contain branches that may leak sensitive information.
*/
static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n,
BN_CTX *ctx)
/* solves ax == 1 (mod n) */
BIGNUM *BN_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
{
BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
BIGNUM *ret = NULL;
int sign;
BN_CTX *new_ctx = NULL;
BIGNUM *rv;
int noinv = 0;
bn_check_top(a);
bn_check_top(n);
BN_CTX_start(ctx);
A = BN_CTX_get(ctx);
B = BN_CTX_get(ctx);
X = BN_CTX_get(ctx);
D = BN_CTX_get(ctx);
M = BN_CTX_get(ctx);
Y = BN_CTX_get(ctx);
T = BN_CTX_get(ctx);
if (T == NULL)
goto err;
if (in == NULL)
R = BN_new();
else
R = in;
if (R == NULL)
goto err;
BN_one(X);
BN_zero(Y);
if (BN_copy(B, a) == NULL)
goto err;
if (BN_copy(A, n) == NULL)
goto err;
A->neg = 0;
if (B->neg || (BN_ucmp(B, A) >= 0)) {
/*
* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
* BN_div_no_branch will be called eventually.
*/
{
BIGNUM local_B;
bn_init(&local_B);
BN_with_flags(&local_B, B, BN_FLG_CONSTTIME);
if (!BN_nnmod(B, &local_B, A, ctx))
goto err;
/* Ensure local_B goes out of scope before any further use of B */
if (ctx == NULL) {
ctx = new_ctx = BN_CTX_new();
if (ctx == NULL) {
BNerr(BN_F_BN_MOD_INVERSE, ERR_R_MALLOC_FAILURE);
return NULL;
}
}
sign = -1;
/*-
* From B = a mod |n|, A = |n| it follows that
*
* 0 <= B < A,
* -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|).
*/
while (!BN_is_zero(B)) {
BIGNUM *tmp;
/*-
* 0 < B < A,
* (*) -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|)
*/
/*
* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
* BN_div_no_branch will be called eventually.
*/
{
BIGNUM local_A;
bn_init(&local_A);
BN_with_flags(&local_A, A, BN_FLG_CONSTTIME);
/* (D, M) := (A/B, A%B) ... */
if (!BN_div(D, M, &local_A, B, ctx))
goto err;
/* Ensure local_A goes out of scope before any further use of A */
}
/*-
* Now
* A = D*B + M;
* thus we have
* (**) sign*Y*a == D*B + M (mod |n|).
*/
tmp = A; /* keep the BIGNUM object, the value does not
* matter */
/* (A, B) := (B, A mod B) ... */
A = B;
B = M;
/* ... so we have 0 <= B < A again */
/*-
* Since the former M is now B and the former B is now A,
* (**) translates into
* sign*Y*a == D*A + B (mod |n|),
* i.e.
* sign*Y*a - D*A == B (mod |n|).
* Similarly, (*) translates into
* -sign*X*a == A (mod |n|).
*
* Thus,
* sign*Y*a + D*sign*X*a == B (mod |n|),
* i.e.
* sign*(Y + D*X)*a == B (mod |n|).
*
* So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at
* -sign*X*a == B (mod |n|),
* sign*Y*a == A (mod |n|).
* Note that X and Y stay non-negative all the time.
*/
if (!BN_mul(tmp, D, X, ctx))
goto err;
if (!BN_add(tmp, tmp, Y))
goto err;
M = Y; /* keep the BIGNUM object, the value does not
* matter */
Y = X;
X = tmp;
sign = -sign;
}
/*-
* The while loop (Euclid's algorithm) ends when
* A == gcd(a,n);
* we have
* sign*Y*a == A (mod |n|),
* where Y is non-negative.
*/
if (sign < 0) {
if (!BN_sub(Y, n, Y))
goto err;
}
/* Now Y*a == A (mod |n|). */
if (BN_is_one(A)) {
/* Y*a == 1 (mod |n|) */
if (!Y->neg && BN_ucmp(Y, n) < 0) {
if (!BN_copy(R, Y))
goto err;
} else {
if (!BN_nnmod(R, Y, n, ctx))
goto err;
}
} else {
BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH, BN_R_NO_INVERSE);
goto err;
}
ret = R;
err:
if ((ret == NULL) && (in == NULL))
BN_free(R);
BN_CTX_end(ctx);
bn_check_top(ret);
return ret;
rv = int_bn_mod_inverse(in, a, n, ctx, &noinv);
if (noinv)
BNerr(BN_F_BN_MOD_INVERSE, BN_R_NO_INVERSE);
BN_CTX_free(new_ctx);
return rv;
}
/*-

22
crypto/bn/bn_lib.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -87,6 +87,15 @@ const BIGNUM *BN_value_one(void)
return &const_one;
}
/*
* Old Visual Studio ARM compiler miscompiles BN_num_bits_word()
* https://mta.openssl.org/pipermail/openssl-users/2018-August/008465.html
*/
#if defined(_MSC_VER) && defined(_ARM_) && defined(_WIN32_WCE) \
&& _MSC_VER>=1400 && _MSC_VER<1501
# define MS_BROKEN_BN_num_bits_word
# pragma optimize("", off)
#endif
int BN_num_bits_word(BN_ULONG l)
{
BN_ULONG x, mask;
@@ -131,6 +140,9 @@ int BN_num_bits_word(BN_ULONG l)
return bits;
}
#ifdef MS_BROKEN_BN_num_bits_word
# pragma optimize("", on)
#endif
/*
* This function still leaks `a->dmax`: it's caller's responsibility to
@@ -322,15 +334,19 @@ BIGNUM *BN_dup(const BIGNUM *a)
BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
{
int bn_words;
bn_check_top(b);
bn_words = BN_get_flags(b, BN_FLG_CONSTTIME) ? b->dmax : b->top;
if (a == b)
return a;
if (bn_wexpand(a, b->top) == NULL)
if (bn_wexpand(a, bn_words) == NULL)
return NULL;
if (b->top > 0)
memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
memcpy(a->d, b->d, sizeof(b->d[0]) * bn_words);
a->neg = b->neg;
a->top = b->top;

4
crypto/bn/bn_mpi.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -45,7 +45,7 @@ BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *ain)
int neg = 0;
BIGNUM *a = NULL;
if (n < 4) {
if (n < 4 || (d[0] & 0x80) != 0) {
BNerr(BN_F_BN_MPI2BN, BN_R_INVALID_LENGTH);
return NULL;
}

2
crypto/bn/bn_prime.h
View File

@@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by crypto/bn/bn_prime.pl
*
* Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1998-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy

1
crypto/chacha/asm/chacha-armv8.pl
View File

@@ -125,6 +125,7 @@ $code.=<<___;
.text
.extern OPENSSL_armcap_P
.hidden OPENSSL_armcap_P
.align 5
.Lsigma:

2
crypto/chacha/asm/chacha-x86.pl
View File

@@ -62,7 +62,7 @@ $ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32" &&
$1>=10); # first version supporting AVX
$ymm=1 if ($xmm && !$ymm &&
`$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
`$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
$2>=3.0); # first version supporting AVX
$a="eax";

56
crypto/chacha/asm/chacha-x86_64.pl
View File

@@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -85,7 +85,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}
@@ -471,7 +471,7 @@ sub SSSE3ROUND { # critical path is 20 "SIMD ticks" per round
&por ($b,$t);
}
my $xframe = $win64 ? 32+8 : 8;
my $xframe = $win64 ? 160+8 : 8;
$code.=<<___;
.type ChaCha20_ssse3,\@function,5
@@ -2499,7 +2499,7 @@ sub AVX512ROUND { # critical path is 14 "SIMD ticks" per round
&vprold ($b,$b,7);
}
my $xframe = $win64 ? 32+8 : 8;
my $xframe = $win64 ? 160+8 : 8;
$code.=<<___;
.type ChaCha20_avx512,\@function,5
@@ -2515,8 +2515,16 @@ ChaCha20_avx512:
sub \$64+$xframe,%rsp
___
$code.=<<___ if ($win64);
movaps %xmm6,-0x28(%r9)
movaps %xmm7,-0x18(%r9)
movaps %xmm6,-0xa8(%r9)
movaps %xmm7,-0x98(%r9)
movaps %xmm8,-0x88(%r9)
movaps %xmm9,-0x78(%r9)
movaps %xmm10,-0x68(%r9)
movaps %xmm11,-0x58(%r9)
movaps %xmm12,-0x48(%r9)
movaps %xmm13,-0x38(%r9)
movaps %xmm14,-0x28(%r9)
movaps %xmm15,-0x18(%r9)
.Lavx512_body:
___
$code.=<<___;
@@ -2683,8 +2691,16 @@ $code.=<<___;
vzeroall
___
$code.=<<___ if ($win64);
movaps -0x28(%r9),%xmm6
movaps -0x18(%r9),%xmm7
movaps -0xa8(%r9),%xmm6
movaps -0x98(%r9),%xmm7
movaps -0x88(%r9),%xmm8
movaps -0x78(%r9),%xmm9
movaps -0x68(%r9),%xmm10
movaps -0x58(%r9),%xmm11
movaps -0x48(%r9),%xmm12
movaps -0x38(%r9),%xmm13
movaps -0x28(%r9),%xmm14
movaps -0x18(%r9),%xmm15
___
$code.=<<___;
lea (%r9),%rsp
@@ -2711,8 +2727,16 @@ ChaCha20_avx512vl:
sub \$64+$xframe,%rsp
___
$code.=<<___ if ($win64);
movaps %xmm6,-0x28(%r9)
movaps %xmm7,-0x18(%r9)
movaps %xmm6,-0xa8(%r9)
movaps %xmm7,-0x98(%r9)
movaps %xmm8,-0x88(%r9)
movaps %xmm9,-0x78(%r9)
movaps %xmm10,-0x68(%r9)
movaps %xmm11,-0x58(%r9)
movaps %xmm12,-0x48(%r9)
movaps %xmm13,-0x38(%r9)
movaps %xmm14,-0x28(%r9)
movaps %xmm15,-0x18(%r9)
.Lavx512vl_body:
___
$code.=<<___;
@@ -2836,8 +2860,16 @@ $code.=<<___;
vzeroall
___
$code.=<<___ if ($win64);
movaps -0x28(%r9),%xmm6
movaps -0x18(%r9),%xmm7
movaps -0xa8(%r9),%xmm6
movaps -0x98(%r9),%xmm7
movaps -0x88(%r9),%xmm8
movaps -0x78(%r9),%xmm9
movaps -0x68(%r9),%xmm10
movaps -0x58(%r9),%xmm11
movaps -0x48(%r9),%xmm12
movaps -0x38(%r9),%xmm13
movaps -0x28(%r9),%xmm14
movaps -0x18(%r9),%xmm15
___
$code.=<<___;
lea (%r9),%rsp

21
crypto/cmac/cmac.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -116,11 +116,18 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
return 1;
}
/* Initialise context */
if (cipher && !EVP_EncryptInit_ex(ctx->cctx, cipher, impl, NULL, NULL))
return 0;
if (cipher != NULL) {
/* Ensure we can't use this ctx until we also have a key */
ctx->nlast_block = -1;
if (!EVP_EncryptInit_ex(ctx->cctx, cipher, impl, NULL, NULL))
return 0;
}
/* Non-NULL key means initialisation complete */
if (key) {
if (key != NULL) {
int bl;
/* If anything fails then ensure we can't use this ctx */
ctx->nlast_block = -1;
if (!EVP_CIPHER_CTX_cipher(ctx->cctx))
return 0;
if (!EVP_CIPHER_CTX_set_key_length(ctx->cctx, keylen))
@@ -128,7 +135,7 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
if (!EVP_EncryptInit_ex(ctx->cctx, NULL, NULL, key, zero_iv))
return 0;
bl = EVP_CIPHER_CTX_block_size(ctx->cctx);
if (!EVP_Cipher(ctx->cctx, ctx->tbl, zero_iv, bl))
if (EVP_Cipher(ctx->cctx, ctx->tbl, zero_iv, bl) <= 0)
return 0;
make_kn(ctx->k1, ctx->tbl, bl);
make_kn(ctx->k2, ctx->k1, bl);
@@ -166,12 +173,12 @@ int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
return 1;
data += nleft;
/* Else not final block so encrypt it */
if (!EVP_Cipher(ctx->cctx, ctx->tbl, ctx->last_block, bl))
if (EVP_Cipher(ctx->cctx, ctx->tbl, ctx->last_block, bl) <= 0)
return 0;
}
/* Encrypt all but one of the complete blocks left */
while (dlen > bl) {
if (!EVP_Cipher(ctx->cctx, ctx->tbl, data, bl))
if (EVP_Cipher(ctx->cctx, ctx->tbl, data, bl) <= 0)
return 0;
dlen -= bl;
data += bl;

5
crypto/cms/cms_lib.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -92,12 +92,13 @@ BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont)
default:
CMSerr(CMS_F_CMS_DATAINIT, CMS_R_UNSUPPORTED_TYPE);
return NULL;
goto err;
}
if (cmsbio)
return BIO_push(cmsbio, cont);
err:
if (!icont)
BIO_free(cont);
return NULL;

6
crypto/cms/cms_sd.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -897,8 +897,10 @@ int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
ASN1_INTEGER *key = NULL;
if (keysize > 0) {
key = ASN1_INTEGER_new();
if (key == NULL || !ASN1_INTEGER_set(key, keysize))
if (key == NULL || !ASN1_INTEGER_set(key, keysize)) {
ASN1_INTEGER_free(key);
return 0;
}
}
alg = X509_ALGOR_new();
if (alg == NULL) {

4
crypto/cms/cms_smime.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -341,7 +341,7 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
char *ptr;
long len;
len = BIO_get_mem_data(dcont, &ptr);
tmpin = BIO_new_mem_buf(ptr, len);
tmpin = (len == 0) ? dcont : BIO_new_mem_buf(ptr, len);
if (tmpin == NULL) {
CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
goto err2;

18
crypto/conf/conf_def.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -185,6 +185,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
BUF_MEM *buff = NULL;
char *s, *p, *end;
int again;
int first_call = 1;
long eline = 0;
char btmp[DECIMAL_SIZE(eline) + 1];
CONF_VALUE *v = NULL, *tv;
@@ -233,6 +234,19 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
BIO_gets(in, p, CONFBUFSIZE - 1);
p[CONFBUFSIZE - 1] = '\0';
ii = i = strlen(p);
if (first_call) {
/* Other BOMs imply unsupported multibyte encoding,
* so don't strip them and let the error raise */
const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF};
if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) {
memmove(p, p + 3, i - 3);
p[i - 3] = 0;
i -= 3;
ii -= 3;
}
first_call = 0;
}
if (i == 0 && !again) {
/* the currently processed BIO is at EOF */
BIO *parent;
@@ -376,11 +390,13 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
if (biosk == NULL) {
if ((biosk = sk_BIO_new_null()) == NULL) {
CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
BIO_free(next);
goto err;
}
}
if (!sk_BIO_push(biosk, in)) {
CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
BIO_free(next);
goto err;
}
/* continue with reading from the included BIO */

2
crypto/conf/conf_def.h
View File

@@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by crypto/conf/keysets.pl
*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at

33
crypto/dh/dh_key.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -25,18 +25,45 @@ int DH_generate_key(DH *dh)
return dh->meth->generate_key(dh);
}
/*-
* NB: This function is inherently not constant time due to the
* RFC 5246 (8.1.2) padding style that strips leading zero bytes.
*/
int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
{
return dh->meth->compute_key(key, pub_key, dh);
int ret = 0, i;
volatile size_t npad = 0, mask = 1;
/* compute the key; ret is constant unless compute_key is external */
if ((ret = dh->meth->compute_key(key, pub_key, dh)) <= 0)
return ret;
/* count leading zero bytes, yet still touch all bytes */
for (i = 0; i < ret; i++) {
mask &= !key[i];
npad += mask;
}
/* unpad key */
ret -= npad;
/* key-dependent memory access, potentially leaking npad / ret */
memmove(key, key + npad, ret);
/* key-dependent memory access, potentially leaking npad / ret */
memset(key + ret, 0, npad);
return ret;
}
int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh)
{
int rv, pad;
/* rv is constant unless compute_key is external */
rv = dh->meth->compute_key(key, pub_key, dh);
if (rv <= 0)
return rv;
pad = BN_num_bytes(dh->p) - rv;
/* pad is constant (zero) unless compute_key is external */
if (pad > 0) {
memmove(key + pad, key, rv);
memset(key, 0, pad);
@@ -212,7 +239,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
goto err;
}
ret = BN_bn2bin(tmp, key);
ret = BN_bn2binpad(tmp, key, BN_num_bytes(dh->p));
err:
BN_CTX_end(ctx);
BN_CTX_free(ctx);

14
crypto/dsa/dsa_prn.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -49,9 +49,11 @@ int DSA_print(BIO *bp, const DSA *x, int off)
EVP_PKEY *pk;
int ret;
pk = EVP_PKEY_new();
if (pk == NULL || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
if (pk == NULL)
return 0;
ret = EVP_PKEY_print_private(bp, pk, off, NULL);
ret = EVP_PKEY_set1_DSA(pk, (DSA *)x);
if (ret)
ret = EVP_PKEY_print_private(bp, pk, off, NULL);
EVP_PKEY_free(pk);
return ret;
}
@@ -61,9 +63,11 @@ int DSAparams_print(BIO *bp, const DSA *x)
EVP_PKEY *pk;
int ret;
pk = EVP_PKEY_new();
if (pk == NULL || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
if (pk == NULL)
return 0;
ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
ret = EVP_PKEY_set1_DSA(pk, (DSA *)x);
if (ret)
ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
EVP_PKEY_free(pk);
return ret;
}

6
crypto/dso/dso_win32.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -565,8 +565,8 @@ static int win32_pathbyaddr(void *addr, char *path, int sz)
/* Enumerate the modules to find one which includes me. */
do {
if ((uintptr_t) addr >= (uintptr_t) me32.modBaseAddr &&
(uintptr_t) addr < (uintptr_t) (me32.modBaseAddr + me32.modBaseSize)) {
if ((size_t) addr >= (size_t) me32.modBaseAddr &&
(size_t) addr < (size_t) (me32.modBaseAddr + me32.modBaseSize)) {
(*close_snap) (hModuleSnap);
FreeLibrary(dll);
# ifdef _WIN32_WCE

6
crypto/ec/asm/ecp_nistz256-armv4.pl
View File

@@ -1517,9 +1517,9 @@ ecp_nistz256_point_add:
ldr $t2,[sp,#32*18+12] @ ~is_equal(S1,S2)
mvn $t0,$t0 @ -1/0 -> 0/-1
mvn $t1,$t1 @ -1/0 -> 0/-1
orr $a0,$t0
orr $a0,$t1
orrs $a0,$t2 @ set flags
orr $a0,$a0,$t0
orr $a0,$a0,$t1
orrs $a0,$a0,$t2 @ set flags
@ if(~is_equal(U1,U2) | in1infty | in2infty | ~is_equal(S1,S2))
bne .Ladd_proceed

2080
crypto/ec/asm/ecp_nistz256-avx2.pl
View File

File diff suppressed because it is too large Load Diff

2
crypto/ec/asm/ecp_nistz256-x86_64.pl
View File

@@ -72,7 +72,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$avx = ($ver>=3.0) + ($ver>=3.01);
$addx = ($ver>=3.03);

2
crypto/ec/asm/x25519-x86_64.pl
View File

@@ -90,7 +90,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$addx = ($ver>=3.03);
}

43
crypto/ec/ec2_oct.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -247,9 +247,21 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
return 0;
}
form = buf[0];
y_bit = form & 1;
form = form & ~1U;
/*
* The first octet is the point converison octet PC, see X9.62, page 4
* and section 4.4.2. It must be:
* 0x00 for the point at infinity
* 0x02 or 0x03 for compressed form
* 0x04 for uncompressed form
* 0x06 or 0x07 for hybrid form.
* For compressed or hybrid forms, we store the last bit of buf[0] as
* y_bit and clear it from buf[0] so as to obtain a POINT_CONVERSION_*.
* We error if buf[0] contains any but the above values.
*/
y_bit = buf[0] & 1;
form = buf[0] & ~1U;
if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
&& (form != POINT_CONVERSION_UNCOMPRESSED)
&& (form != POINT_CONVERSION_HYBRID)) {
@@ -261,6 +273,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
return 0;
}
/* The point at infinity is represented by a single zero octet. */
if (form == 0) {
if (len != 1) {
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
@@ -312,11 +325,23 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
goto err;
}
if (form == POINT_CONVERSION_HYBRID) {
if (!group->meth->field_div(group, yxi, y, x, ctx))
goto err;
if (y_bit != BN_is_odd(yxi)) {
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
goto err;
/*
* Check that the form in the encoding was set correctly
* according to X9.62 4.4.2.a, 4(c), see also first paragraph
* of X9.62, 4.4.1.b.
*/
if (BN_is_zero(x)) {
if (y_bit != 0) {
ECerr(ERR_LIB_EC, EC_R_INVALID_ENCODING);
goto err;
}
} else {
if (!group->meth->field_div(group, yxi, y, x, ctx))
goto err;
if (y_bit != BN_is_odd(yxi)) {
ECerr(ERR_LIB_EC, EC_R_INVALID_ENCODING);
goto err;
}
}
}

27
crypto/ec/ec_ameth.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -23,7 +23,7 @@ static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
static int ecdh_cms_encrypt(CMS_RecipientInfo *ri);
#endif
static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
static int eckey_param2type(int *pptype, void **ppval, const EC_KEY *ec_key)
{
const EC_GROUP *group;
int nid;
@@ -35,7 +35,14 @@ static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
&& (nid = EC_GROUP_get_curve_name(group)))
/* we have a 'named curve' => just set the OID */
{
*ppval = OBJ_nid2obj(nid);
ASN1_OBJECT *asn1obj = OBJ_nid2obj(nid);
if (asn1obj == NULL || OBJ_length(asn1obj) == 0) {
ASN1_OBJECT_free(asn1obj);
ECerr(EC_F_ECKEY_PARAM2TYPE, EC_R_MISSING_OID);
return 0;
}
*ppval = asn1obj;
*pptype = V_ASN1_OBJECT;
} else { /* explicit parameters */
@@ -43,7 +50,17 @@ static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
pstr = ASN1_STRING_new();
if (pstr == NULL)
return 0;
pstr->length = i2d_ECParameters(ec_key, &pstr->data);
/*
* The cast in the following line is intentional as the
* `i2d_ECParameters` signature can't be constified (see discussion at
* https://github.com/openssl/openssl/pull/9347 where related and
* required constification backports were rejected).
*
* This cast should be safe anyway, because we can expect
* `i2d_ECParameters()` to treat the first argument as if it was const.
*/
pstr->length = i2d_ECParameters((EC_KEY *)ec_key, &pstr->data);
if (pstr->length <= 0) {
ASN1_STRING_free(pstr);
ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB);
@@ -57,7 +74,7 @@ static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
{
EC_KEY *ec_key = pkey->pkey.ec;
const EC_KEY *ec_key = pkey->pkey.ec;
void *pval = NULL;
int ptype;
unsigned char *penc = NULL, *p;

Some files were not shown because too many files have changed in this diff Show More