Import OpenSSL 1.1.1l
This commit is contained in:
parent
706b1a5724
commit
9a3ae0cdef
@ -7,6 +7,71 @@
|
||||
https://github.com/openssl/openssl/commits/ and pick the appropriate
|
||||
release branch.
|
||||
|
||||
Changes between 1.1.1k and 1.1.1l [24 Aug 2021]
|
||||
|
||||
*) Fixed an SM2 Decryption Buffer Overflow.
|
||||
|
||||
In order to decrypt SM2 encrypted data an application is expected to call the
|
||||
API function EVP_PKEY_decrypt(). Typically an application will call this
|
||||
function twice. The first time, on entry, the "out" parameter can be NULL and,
|
||||
on exit, the "outlen" parameter is populated with the buffer size required to
|
||||
hold the decrypted plaintext. The application can then allocate a sufficiently
|
||||
sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL
|
||||
value for the "out" parameter.
|
||||
|
||||
A bug in the implementation of the SM2 decryption code means that the
|
||||
calculation of the buffer size required to hold the plaintext returned by the
|
||||
first call to EVP_PKEY_decrypt() can be smaller than the actual size required by
|
||||
the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is
|
||||
called by the application a second time with a buffer that is too small.
|
||||
|
||||
A malicious attacker who is able present SM2 content for decryption to an
|
||||
application could cause attacker chosen data to overflow the buffer by up to a
|
||||
maximum of 62 bytes altering the contents of other data held after the
|
||||
buffer, possibly changing application behaviour or causing the application to
|
||||
crash. The location of the buffer is application dependent but is typically
|
||||
heap allocated.
|
||||
(CVE-2021-3711)
|
||||
[Matt Caswell]
|
||||
|
||||
*) Fixed various read buffer overruns processing ASN.1 strings
|
||||
|
||||
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING
|
||||
structure which contains a buffer holding the string data and a field holding
|
||||
the buffer length. This contrasts with normal C strings which are repesented as
|
||||
a buffer for the string data which is terminated with a NUL (0) byte.
|
||||
|
||||
Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's
|
||||
own "d2i" functions (and other similar parsing functions) as well as any string
|
||||
whose value has been set with the ASN1_STRING_set() function will additionally
|
||||
NUL terminate the byte array in the ASN1_STRING structure.
|
||||
|
||||
However, it is possible for applications to directly construct valid ASN1_STRING
|
||||
structures which do not NUL terminate the byte array by directly setting the
|
||||
"data" and "length" fields in the ASN1_STRING array. This can also happen by
|
||||
using the ASN1_STRING_set0() function.
|
||||
|
||||
Numerous OpenSSL functions that print ASN.1 data have been found to assume that
|
||||
the ASN1_STRING byte array will be NUL terminated, even though this is not
|
||||
guaranteed for strings that have been directly constructed. Where an application
|
||||
requests an ASN.1 structure to be printed, and where that ASN.1 structure
|
||||
contains ASN1_STRINGs that have been directly constructed by the application
|
||||
without NUL terminating the "data" field, then a read buffer overrun can occur.
|
||||
|
||||
The same thing can also occur during name constraints processing of certificates
|
||||
(for example if a certificate has been directly constructed by the application
|
||||
instead of loading it via the OpenSSL parsing functions, and the certificate
|
||||
contains non NUL terminated ASN1_STRING structures). It can also occur in the
|
||||
X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions.
|
||||
|
||||
If a malicious actor can cause an application to directly construct an
|
||||
ASN1_STRING and then process it through one of the affected OpenSSL functions
|
||||
then this issue could be hit. This might result in a crash (causing a Denial of
|
||||
Service attack). It could also result in the disclosure of private memory
|
||||
contents (such as private keys, or sensitive plaintext).
|
||||
(CVE-2021-3712)
|
||||
[Matt Caswell]
|
||||
|
||||
Changes between 1.1.1j and 1.1.1k [25 Mar 2021]
|
||||
|
||||
*) Fixed a problem with verifying a certificate chain when using the
|
||||
|
@ -5,6 +5,11 @@
|
||||
This file gives a brief overview of the major changes between each OpenSSL
|
||||
release. For more details please read the CHANGES file.
|
||||
|
||||
Major changes between OpenSSL 1.1.1k and OpenSSL 1.1.1l [24 Aug 2021]
|
||||
|
||||
o Fixed an SM2 Decryption Buffer Overflow (CVE-2021-3711)
|
||||
o Fixed various read buffer overruns processing ASN.1 strings (CVE-2021-3712)
|
||||
|
||||
Major changes between OpenSSL 1.1.1j and OpenSSL 1.1.1k [25 Mar 2021]
|
||||
|
||||
o Fixed a problem with verifying a certificate chain when using the
|
||||
|
@ -1,5 +1,5 @@
|
||||
|
||||
OpenSSL 1.1.1k 25 Mar 2021
|
||||
OpenSSL 1.1.1l 24 Aug 2021
|
||||
|
||||
Copyright (c) 1998-2021 The OpenSSL Project
|
||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -120,19 +120,20 @@ int crl2pkcs7_main(int argc, char **argv)
|
||||
|
||||
if (!ASN1_INTEGER_set(p7s->version, 1))
|
||||
goto end;
|
||||
if ((crl_stack = sk_X509_CRL_new_null()) == NULL)
|
||||
goto end;
|
||||
p7s->crl = crl_stack;
|
||||
|
||||
if (crl != NULL) {
|
||||
if ((crl_stack = sk_X509_CRL_new_null()) == NULL)
|
||||
goto end;
|
||||
p7s->crl = crl_stack;
|
||||
sk_X509_CRL_push(crl_stack, crl);
|
||||
crl = NULL; /* now part of p7 for OPENSSL_freeing */
|
||||
}
|
||||
|
||||
if ((cert_stack = sk_X509_new_null()) == NULL)
|
||||
goto end;
|
||||
p7s->cert = cert_stack;
|
||||
if (certflst != NULL) {
|
||||
if ((cert_stack = sk_X509_new_null()) == NULL)
|
||||
goto end;
|
||||
p7s->cert = cert_stack;
|
||||
|
||||
if (certflst != NULL)
|
||||
for (i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) {
|
||||
certfile = sk_OPENSSL_STRING_value(certflst, i);
|
||||
if (add_certs_from_file(cert_stack, certfile) < 0) {
|
||||
@ -141,6 +142,7 @@ int crl2pkcs7_main(int argc, char **argv)
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
out = bio_open_default(outfile, 'w', outformat);
|
||||
if (out == NULL)
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -81,7 +81,7 @@ const OPTIONS enc_options[] = {
|
||||
{"", OPT_CIPHER, '-', "Any supported cipher"},
|
||||
OPT_R_OPTIONS,
|
||||
#ifdef ZLIB
|
||||
{"z", OPT_Z, '-', "Use zlib as the 'encryption'"},
|
||||
{"z", OPT_Z, '-', "Compress or decompress encrypted data using zlib"},
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
||||
* Copyright 2005 Nokia. All rights reserved.
|
||||
*
|
||||
@ -133,6 +133,17 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
|
||||
|
||||
if (s_debug)
|
||||
BIO_printf(bio_s_out, "psk_server_cb\n");
|
||||
|
||||
if (SSL_version(ssl) >= TLS1_3_VERSION) {
|
||||
/*
|
||||
* This callback is designed for use in TLSv1.2. It is possible to use
|
||||
* a single callback for all protocol versions - but it is preferred to
|
||||
* use a dedicated callback for TLSv1.3. For TLSv1.3 we have
|
||||
* psk_find_session_cb.
|
||||
*/
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (identity == NULL) {
|
||||
BIO_printf(bio_err, "Error: client did not send PSK identity\n");
|
||||
goto out_err;
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -214,6 +214,8 @@ int do_server(int *accept_sock, const char *host, const char *port,
|
||||
const BIO_ADDRINFO *next;
|
||||
int sock_family, sock_type, sock_protocol, sock_port;
|
||||
const BIO_ADDR *sock_address;
|
||||
int sock_family_fallback = AF_UNSPEC;
|
||||
const BIO_ADDR *sock_address_fallback = NULL;
|
||||
int sock_options = BIO_SOCK_REUSEADDR;
|
||||
int ret = 0;
|
||||
|
||||
@ -244,6 +246,10 @@ int do_server(int *accept_sock, const char *host, const char *port,
|
||||
&& BIO_ADDRINFO_protocol(next) == sock_protocol) {
|
||||
if (sock_family == AF_INET
|
||||
&& BIO_ADDRINFO_family(next) == AF_INET6) {
|
||||
/* In case AF_INET6 is returned but not supported by the
|
||||
* kernel, retry with the first detected address family */
|
||||
sock_family_fallback = sock_family;
|
||||
sock_address_fallback = sock_address;
|
||||
sock_family = AF_INET6;
|
||||
sock_address = BIO_ADDRINFO_address(next);
|
||||
} else if (sock_family == AF_INET6
|
||||
@ -253,6 +259,10 @@ int do_server(int *accept_sock, const char *host, const char *port,
|
||||
}
|
||||
|
||||
asock = BIO_socket(sock_family, sock_type, sock_protocol, 0);
|
||||
if (asock == INVALID_SOCKET && sock_family_fallback != AF_UNSPEC) {
|
||||
asock = BIO_socket(sock_family_fallback, sock_type, sock_protocol, 0);
|
||||
sock_address = sock_address_fallback;
|
||||
}
|
||||
if (asock == INVALID_SOCKET
|
||||
|| !BIO_listen(asock, sock_address, sock_options)) {
|
||||
BIO_ADDRINFO_free(res);
|
||||
|
@ -68,6 +68,12 @@ void OPENSSL_cpuid_setup(void) __attribute__ ((constructor));
|
||||
# include <sys/auxv.h>
|
||||
# define OSSL_IMPLEMENT_GETAUXVAL
|
||||
# endif
|
||||
# elif defined(__ANDROID_API__)
|
||||
/* see https://developer.android.google.cn/ndk/guides/cpu-features */
|
||||
# if __ANDROID_API__ >= 18
|
||||
# include <sys/auxv.h>
|
||||
# define OSSL_IMPLEMENT_GETAUXVAL
|
||||
# endif
|
||||
# endif
|
||||
# if defined(__FreeBSD__)
|
||||
# include <sys/param.h>
|
||||
@ -87,6 +93,15 @@ static unsigned long getauxval(unsigned long key)
|
||||
# endif
|
||||
# endif
|
||||
|
||||
/*
|
||||
* Android: according to https://developer.android.com/ndk/guides/cpu-features,
|
||||
* getauxval is supported starting with API level 18
|
||||
*/
|
||||
# if defined(__ANDROID__) && defined(__ANDROID_API__) && __ANDROID_API__ >= 18
|
||||
# include <sys/auxv.h>
|
||||
# define OSSL_IMPLEMENT_GETAUXVAL
|
||||
# endif
|
||||
|
||||
/*
|
||||
* ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas
|
||||
* AArch64 used AT_HWCAP.
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -286,16 +286,13 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* only the ASN1_OBJECTs from the 'table' will have values for ->sn or
|
||||
* ->ln
|
||||
*/
|
||||
if ((a == NULL) || ((*a) == NULL) ||
|
||||
!((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
|
||||
if ((ret = ASN1_OBJECT_new()) == NULL)
|
||||
return NULL;
|
||||
} else
|
||||
} else {
|
||||
ret = (*a);
|
||||
}
|
||||
|
||||
p = *pp;
|
||||
/* detach data from object */
|
||||
@ -313,6 +310,12 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
|
||||
ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
|
||||
}
|
||||
memcpy(data, p, length);
|
||||
/* If there are dynamic strings, free them here, and clear the flag */
|
||||
if ((ret->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) != 0) {
|
||||
OPENSSL_free((char *)ret->sn);
|
||||
OPENSSL_free((char *)ret->ln);
|
||||
ret->flags &= ~ASN1_OBJECT_FLAG_DYNAMIC_STRINGS;
|
||||
}
|
||||
/* reattach data to object, after which it remains const */
|
||||
ret->data = data;
|
||||
ret->length = length;
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -280,6 +280,8 @@ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg,
|
||||
t.type = str->type;
|
||||
t.value.ptr = (char *)str;
|
||||
der_len = i2d_ASN1_TYPE(&t, NULL);
|
||||
if (der_len <= 0)
|
||||
return -1;
|
||||
if ((der_buf = OPENSSL_malloc(der_len)) == NULL) {
|
||||
ASN1err(ASN1_F_DO_DUMP, ERR_R_MALLOC_FAILURE);
|
||||
return -1;
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -138,6 +138,11 @@ static int asn1_bio_free(BIO *b)
|
||||
if (ctx == NULL)
|
||||
return 0;
|
||||
|
||||
if (ctx->prefix_free != NULL)
|
||||
ctx->prefix_free(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg);
|
||||
if (ctx->suffix_free != NULL)
|
||||
ctx->suffix_free(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg);
|
||||
|
||||
OPENSSL_free(ctx->buf);
|
||||
OPENSSL_free(ctx);
|
||||
BIO_set_data(b, NULL);
|
||||
|
@ -142,6 +142,9 @@ static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen,
|
||||
|
||||
ndef_aux = *(NDEF_SUPPORT **)parg;
|
||||
|
||||
if (ndef_aux == NULL)
|
||||
return 0;
|
||||
|
||||
OPENSSL_free(ndef_aux->derbuf);
|
||||
|
||||
ndef_aux->derbuf = NULL;
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -78,13 +78,53 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
|
||||
* type
|
||||
*/
|
||||
|
||||
static EVP_PKEY *key_as_pkcs8(const unsigned char **pp, long length, int *carry_on)
|
||||
{
|
||||
const unsigned char *p = *pp;
|
||||
PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
|
||||
EVP_PKEY *ret;
|
||||
|
||||
if (p8 == NULL)
|
||||
return NULL;
|
||||
|
||||
ret = EVP_PKCS82PKEY(p8);
|
||||
if (ret == NULL)
|
||||
*carry_on = 0;
|
||||
|
||||
PKCS8_PRIV_KEY_INFO_free(p8);
|
||||
|
||||
if (ret != NULL)
|
||||
*pp = p;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
|
||||
long length)
|
||||
{
|
||||
STACK_OF(ASN1_TYPE) *inkey;
|
||||
const unsigned char *p;
|
||||
int keytype;
|
||||
EVP_PKEY *ret = NULL;
|
||||
int carry_on = 1;
|
||||
|
||||
ERR_set_mark();
|
||||
ret = key_as_pkcs8(pp, length, &carry_on);
|
||||
if (ret != NULL) {
|
||||
ERR_clear_last_mark();
|
||||
if (a != NULL)
|
||||
*a = ret;
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (carry_on == 0) {
|
||||
ERR_clear_last_mark();
|
||||
ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
|
||||
ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
|
||||
return NULL;
|
||||
}
|
||||
p = *pp;
|
||||
|
||||
/*
|
||||
* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
|
||||
* analyzing it we can determine the passed structure: this assumes the
|
||||
@ -100,28 +140,15 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
|
||||
keytype = EVP_PKEY_DSA;
|
||||
else if (sk_ASN1_TYPE_num(inkey) == 4)
|
||||
keytype = EVP_PKEY_EC;
|
||||
else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
|
||||
* traditional format */
|
||||
PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
|
||||
EVP_PKEY *ret;
|
||||
|
||||
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
|
||||
if (!p8) {
|
||||
ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
|
||||
ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
|
||||
return NULL;
|
||||
}
|
||||
ret = EVP_PKCS82PKEY(p8);
|
||||
PKCS8_PRIV_KEY_INFO_free(p8);
|
||||
if (ret == NULL)
|
||||
return NULL;
|
||||
*pp = p;
|
||||
if (a) {
|
||||
*a = ret;
|
||||
}
|
||||
return ret;
|
||||
} else
|
||||
else
|
||||
keytype = EVP_PKEY_RSA;
|
||||
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
|
||||
return d2i_PrivateKey(keytype, a, pp, length);
|
||||
|
||||
ret = d2i_PrivateKey(keytype, a, pp, length);
|
||||
if (ret != NULL)
|
||||
ERR_pop_to_mark();
|
||||
else
|
||||
ERR_clear_last_mark();
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -689,7 +689,7 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
|
||||
hints.ai_protocol = protocol;
|
||||
# ifdef AI_ADDRCONFIG
|
||||
# ifdef AF_UNSPEC
|
||||
if (family == AF_UNSPEC)
|
||||
if (host != NULL && family == AF_UNSPEC)
|
||||
# endif
|
||||
hints.ai_flags |= AI_ADDRCONFIG;
|
||||
# endif
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -255,7 +255,8 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options)
|
||||
}
|
||||
}
|
||||
|
||||
# ifdef IPV6_V6ONLY
|
||||
/* On OpenBSD it is always ipv6 only with ipv6 sockets thus read-only */
|
||||
# if defined(IPV6_V6ONLY) && !defined(__OpenBSD__)
|
||||
if (BIO_ADDR_family(addr) == AF_INET6) {
|
||||
/*
|
||||
* Note: Windows default of IPV6_V6ONLY is ON, and Linux is OFF.
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -268,7 +268,7 @@ int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
|
||||
BIGNUM *tmp, *snum, *sdiv, *res;
|
||||
BN_ULONG *resp, *wnum, *wnumtop;
|
||||
BN_ULONG d0, d1;
|
||||
int num_n, div_n;
|
||||
int num_n, div_n, num_neg;
|
||||
|
||||
assert(divisor->top > 0 && divisor->d[divisor->top - 1] != 0);
|
||||
|
||||
@ -326,7 +326,8 @@ int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
|
||||
/* Setup quotient */
|
||||
if (!bn_wexpand(res, loop))
|
||||
goto err;
|
||||
res->neg = (num->neg ^ divisor->neg);
|
||||
num_neg = num->neg;
|
||||
res->neg = (num_neg ^ divisor->neg);
|
||||
res->top = loop;
|
||||
res->flags |= BN_FLG_FIXED_TOP;
|
||||
resp = &(res->d[loop]);
|
||||
@ -442,7 +443,7 @@ int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
|
||||
*--resp = q;
|
||||
}
|
||||
/* snum holds remainder, it's as wide as divisor */
|
||||
snum->neg = num->neg;
|
||||
snum->neg = num_neg;
|
||||
snum->top = div_n;
|
||||
snum->flags |= BN_FLG_FIXED_TOP;
|
||||
if (rm != NULL)
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -471,7 +471,7 @@ sub SSSE3ROUND { # critical path is 20 "SIMD ticks" per round
|
||||
&por ($b,$t);
|
||||
}
|
||||
|
||||
my $xframe = $win64 ? 32+8 : 8;
|
||||
my $xframe = $win64 ? 160+8 : 8;
|
||||
|
||||
$code.=<<___;
|
||||
.type ChaCha20_ssse3,\@function,5
|
||||
@ -2499,7 +2499,7 @@ sub AVX512ROUND { # critical path is 14 "SIMD ticks" per round
|
||||
&vprold ($b,$b,7);
|
||||
}
|
||||
|
||||
my $xframe = $win64 ? 32+8 : 8;
|
||||
my $xframe = $win64 ? 160+8 : 8;
|
||||
|
||||
$code.=<<___;
|
||||
.type ChaCha20_avx512,\@function,5
|
||||
@ -2515,8 +2515,16 @@ ChaCha20_avx512:
|
||||
sub \$64+$xframe,%rsp
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
movaps %xmm6,-0x28(%r9)
|
||||
movaps %xmm7,-0x18(%r9)
|
||||
movaps %xmm6,-0xa8(%r9)
|
||||
movaps %xmm7,-0x98(%r9)
|
||||
movaps %xmm8,-0x88(%r9)
|
||||
movaps %xmm9,-0x78(%r9)
|
||||
movaps %xmm10,-0x68(%r9)
|
||||
movaps %xmm11,-0x58(%r9)
|
||||
movaps %xmm12,-0x48(%r9)
|
||||
movaps %xmm13,-0x38(%r9)
|
||||
movaps %xmm14,-0x28(%r9)
|
||||
movaps %xmm15,-0x18(%r9)
|
||||
.Lavx512_body:
|
||||
___
|
||||
$code.=<<___;
|
||||
@ -2683,8 +2691,16 @@ $code.=<<___;
|
||||
vzeroall
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
movaps -0x28(%r9),%xmm6
|
||||
movaps -0x18(%r9),%xmm7
|
||||
movaps -0xa8(%r9),%xmm6
|
||||
movaps -0x98(%r9),%xmm7
|
||||
movaps -0x88(%r9),%xmm8
|
||||
movaps -0x78(%r9),%xmm9
|
||||
movaps -0x68(%r9),%xmm10
|
||||
movaps -0x58(%r9),%xmm11
|
||||
movaps -0x48(%r9),%xmm12
|
||||
movaps -0x38(%r9),%xmm13
|
||||
movaps -0x28(%r9),%xmm14
|
||||
movaps -0x18(%r9),%xmm15
|
||||
___
|
||||
$code.=<<___;
|
||||
lea (%r9),%rsp
|
||||
@ -2711,8 +2727,16 @@ ChaCha20_avx512vl:
|
||||
sub \$64+$xframe,%rsp
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
movaps %xmm6,-0x28(%r9)
|
||||
movaps %xmm7,-0x18(%r9)
|
||||
movaps %xmm6,-0xa8(%r9)
|
||||
movaps %xmm7,-0x98(%r9)
|
||||
movaps %xmm8,-0x88(%r9)
|
||||
movaps %xmm9,-0x78(%r9)
|
||||
movaps %xmm10,-0x68(%r9)
|
||||
movaps %xmm11,-0x58(%r9)
|
||||
movaps %xmm12,-0x48(%r9)
|
||||
movaps %xmm13,-0x38(%r9)
|
||||
movaps %xmm14,-0x28(%r9)
|
||||
movaps %xmm15,-0x18(%r9)
|
||||
.Lavx512vl_body:
|
||||
___
|
||||
$code.=<<___;
|
||||
@ -2836,8 +2860,16 @@ $code.=<<___;
|
||||
vzeroall
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
movaps -0x28(%r9),%xmm6
|
||||
movaps -0x18(%r9),%xmm7
|
||||
movaps -0xa8(%r9),%xmm6
|
||||
movaps -0x98(%r9),%xmm7
|
||||
movaps -0x88(%r9),%xmm8
|
||||
movaps -0x78(%r9),%xmm9
|
||||
movaps -0x68(%r9),%xmm10
|
||||
movaps -0x58(%r9),%xmm11
|
||||
movaps -0x48(%r9),%xmm12
|
||||
movaps -0x38(%r9),%xmm13
|
||||
movaps -0x28(%r9),%xmm14
|
||||
movaps -0x18(%r9),%xmm15
|
||||
___
|
||||
$code.=<<___;
|
||||
lea (%r9),%rsp
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -49,9 +49,11 @@ int DSA_print(BIO *bp, const DSA *x, int off)
|
||||
EVP_PKEY *pk;
|
||||
int ret;
|
||||
pk = EVP_PKEY_new();
|
||||
if (pk == NULL || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
|
||||
if (pk == NULL)
|
||||
return 0;
|
||||
ret = EVP_PKEY_print_private(bp, pk, off, NULL);
|
||||
ret = EVP_PKEY_set1_DSA(pk, (DSA *)x);
|
||||
if (ret)
|
||||
ret = EVP_PKEY_print_private(bp, pk, off, NULL);
|
||||
EVP_PKEY_free(pk);
|
||||
return ret;
|
||||
}
|
||||
@ -61,9 +63,11 @@ int DSAparams_print(BIO *bp, const DSA *x)
|
||||
EVP_PKEY *pk;
|
||||
int ret;
|
||||
pk = EVP_PKEY_new();
|
||||
if (pk == NULL || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
|
||||
if (pk == NULL)
|
||||
return 0;
|
||||
ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
|
||||
ret = EVP_PKEY_set1_DSA(pk, (DSA *)x);
|
||||
if (ret)
|
||||
ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
|
||||
EVP_PKEY_free(pk);
|
||||
return ret;
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
@ -247,9 +247,21 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
|
||||
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
|
||||
return 0;
|
||||
}
|
||||
form = buf[0];
|
||||
y_bit = form & 1;
|
||||
form = form & ~1U;
|
||||
|
||||
/*
|
||||
* The first octet is the point converison octet PC, see X9.62, page 4
|
||||
* and section 4.4.2. It must be:
|
||||
* 0x00 for the point at infinity
|
||||
* 0x02 or 0x03 for compressed form
|
||||
* 0x04 for uncompressed form
|
||||
* 0x06 or 0x07 for hybrid form.
|
||||
* For compressed or hybrid forms, we store the last bit of buf[0] as
|
||||
* y_bit and clear it from buf[0] so as to obtain a POINT_CONVERSION_*.
|
||||
* We error if buf[0] contains any but the above values.
|
||||
*/
|
||||
y_bit = buf[0] & 1;
|
||||
form = buf[0] & ~1U;
|
||||
|
||||
if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
|
||||
&& (form != POINT_CONVERSION_UNCOMPRESSED)
|
||||
&& (form != POINT_CONVERSION_HYBRID)) {
|
||||
@ -261,6 +273,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* The point at infinity is represented by a single zero octet. */
|
||||
if (form == 0) {
|
||||
if (len != 1) {
|
||||
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
|
||||
@ -312,11 +325,23 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
|
||||
goto err;
|
||||
}
|
||||
if (form == POINT_CONVERSION_HYBRID) {
|
||||
if (!group->meth->field_div(group, yxi, y, x, ctx))
|
||||
goto err;
|
||||
if (y_bit != BN_is_odd(yxi)) {
|
||||
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
|
||||
goto err;
|
||||
/*
|
||||
* Check that the form in the encoding was set correctly
|
||||
* according to X9.62 4.4.2.a, 4(c), see also first paragraph
|
||||
* of X9.62, 4.4.1.b.
|
||||
*/
|
||||
if (BN_is_zero(x)) {
|
||||
if (y_bit != 0) {
|
||||
ECerr(ERR_LIB_EC, EC_R_INVALID_ENCODING);
|
||||
goto err;
|
||||
}
|
||||
} else {
|
||||
if (!group->meth->field_div(group, yxi, y, x, ctx))
|
||||
goto err;
|
||||
if (y_bit != BN_is_odd(yxi)) {
|
||||
ECerr(ERR_LIB_EC, EC_R_INVALID_ENCODING);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1160,6 +1160,7 @@ SSL_F_FINAL_EC_PT_FORMATS:485:final_ec_pt_formats
|
||||
SSL_F_FINAL_EMS:486:final_ems
|
||||
SSL_F_FINAL_KEY_SHARE:503:final_key_share
|
||||
SSL_F_FINAL_MAXFRAGMENTLEN:557:final_maxfragmentlen
|
||||
SSL_F_FINAL_PSK:639:final_psk
|
||||
SSL_F_FINAL_RENEGOTIATE:483:final_renegotiate
|
||||
SSL_F_FINAL_SERVER_NAME:558:final_server_name
|
||||
SSL_F_FINAL_SIG_ALGS:497:final_sig_algs
|
||||
@ -1653,6 +1654,7 @@ X509V3_F_I2S_ASN1_ENUMERATED:121:i2s_ASN1_ENUMERATED
|
||||
X509V3_F_I2S_ASN1_IA5STRING:149:i2s_ASN1_IA5STRING
|
||||
X509V3_F_I2S_ASN1_INTEGER:120:i2s_ASN1_INTEGER
|
||||
X509V3_F_I2V_AUTHORITY_INFO_ACCESS:138:i2v_AUTHORITY_INFO_ACCESS
|
||||
X509V3_F_I2V_AUTHORITY_KEYID:173:i2v_AUTHORITY_KEYID
|
||||
X509V3_F_LEVEL_ADD_NODE:168:level_add_node
|
||||
X509V3_F_NOTICE_SECTION:132:notice_section
|
||||
X509V3_F_NREF_NOS:133:nref_nos
|
||||
@ -1693,6 +1695,7 @@ X509V3_F_V2I_SUBJECT_ALT:154:v2i_subject_alt
|
||||
X509V3_F_V2I_TLS_FEATURE:165:v2i_TLS_FEATURE
|
||||
X509V3_F_V3_GENERIC_EXTENSION:116:v3_generic_extension
|
||||
X509V3_F_X509V3_ADD1_I2D:140:X509V3_add1_i2d
|
||||
X509V3_F_X509V3_ADD_LEN_VALUE:174:x509v3_add_len_value
|
||||
X509V3_F_X509V3_ADD_VALUE:105:X509V3_add_value
|
||||
X509V3_F_X509V3_EXT_ADD:104:X509V3_EXT_add
|
||||
X509V3_F_X509V3_EXT_ADD_ALIAS:106:X509V3_EXT_add_alias
|
||||
@ -2742,6 +2745,7 @@ SSL_R_MISSING_DSA_SIGNING_CERT:165:missing dsa signing cert
|
||||
SSL_R_MISSING_ECDSA_SIGNING_CERT:381:missing ecdsa signing cert
|
||||
SSL_R_MISSING_FATAL:256:missing fatal
|
||||
SSL_R_MISSING_PARAMETERS:290:missing parameters
|
||||
SSL_R_MISSING_PSK_KEX_MODES_EXTENSION:310:missing psk kex modes extension
|
||||
SSL_R_MISSING_RSA_CERTIFICATE:168:missing rsa certificate
|
||||
SSL_R_MISSING_RSA_ENCRYPTING_CERT:169:missing rsa encrypting cert
|
||||
SSL_R_MISSING_RSA_SIGNING_CERT:170:missing rsa signing cert
|
||||
@ -2785,6 +2789,7 @@ SSL_R_NO_VALID_SCTS:216:no valid scts
|
||||
SSL_R_NO_VERIFY_COOKIE_CALLBACK:403:no verify cookie callback
|
||||
SSL_R_NULL_SSL_CTX:195:null ssl ctx
|
||||
SSL_R_NULL_SSL_METHOD_PASSED:196:null ssl method passed
|
||||
SSL_R_OCSP_CALLBACK_FAILURE:294:ocsp callback failure
|
||||
SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED:197:old session cipher not returned
|
||||
SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED:344:\
|
||||
old session compression algorithm not returned
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -611,22 +611,22 @@ void aes_t4_decrypt(const unsigned char *in, unsigned char *out,
|
||||
*/
|
||||
void aes128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const AES_KEY *key,
|
||||
unsigned char *ivec);
|
||||
unsigned char *ivec, int /*unused*/);
|
||||
void aes128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const AES_KEY *key,
|
||||
unsigned char *ivec);
|
||||
unsigned char *ivec, int /*unused*/);
|
||||
void aes192_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const AES_KEY *key,
|
||||
unsigned char *ivec);
|
||||
unsigned char *ivec, int /*unused*/);
|
||||
void aes192_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const AES_KEY *key,
|
||||
unsigned char *ivec);
|
||||
unsigned char *ivec, int /*unused*/);
|
||||
void aes256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const AES_KEY *key,
|
||||
unsigned char *ivec);
|
||||
unsigned char *ivec, int /*unused*/);
|
||||
void aes256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const AES_KEY *key,
|
||||
unsigned char *ivec);
|
||||
unsigned char *ivec, int /*unused*/);
|
||||
void aes128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t blocks, const AES_KEY *key,
|
||||
unsigned char *ivec);
|
||||
@ -1168,9 +1168,9 @@ typedef struct {
|
||||
static int s390x_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
const unsigned char *iv, int enc);
|
||||
|
||||
# define S390X_aes_128_cbc_CAPABLE 1 /* checked by callee */
|
||||
# define S390X_aes_192_cbc_CAPABLE 1
|
||||
# define S390X_aes_256_cbc_CAPABLE 1
|
||||
# define S390X_aes_128_cbc_CAPABLE 0 /* checked by callee */
|
||||
# define S390X_aes_192_cbc_CAPABLE 0
|
||||
# define S390X_aes_256_cbc_CAPABLE 0
|
||||
# define S390X_AES_CBC_CTX EVP_AES_KEY
|
||||
|
||||
# define s390x_aes_cbc_init_key aes_init_key
|
||||
@ -1190,11 +1190,11 @@ static int s390x_aes_ecb_init_key(EVP_CIPHER_CTX *ctx,
|
||||
S390X_AES_ECB_CTX *cctx = EVP_C_DATA(S390X_AES_ECB_CTX, ctx);
|
||||
const int keylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||
|
||||
cctx->fc = S390X_AES_FC(keylen);
|
||||
if (!enc)
|
||||
cctx->fc |= S390X_DECRYPT;
|
||||
cctx->fc = S390X_AES_FC(keylen) | (enc ? 0 : S390X_DECRYPT);
|
||||
|
||||
if (key != NULL)
|
||||
memcpy(cctx->km.param.k, key, keylen);
|
||||
|
||||
memcpy(cctx->km.param.k, key, keylen);
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -1222,14 +1222,17 @@ static int s390x_aes_ofb_init_key(EVP_CIPHER_CTX *ctx,
|
||||
const unsigned char *ivec, int enc)
|
||||
{
|
||||
S390X_AES_OFB_CTX *cctx = EVP_C_DATA(S390X_AES_OFB_CTX, ctx);
|
||||
const unsigned char *iv = EVP_CIPHER_CTX_original_iv(ctx);
|
||||
const unsigned char *oiv = EVP_CIPHER_CTX_original_iv(ctx);
|
||||
const int keylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||
const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
|
||||
|
||||
memcpy(cctx->kmo.param.cv, iv, ivlen);
|
||||
memcpy(cctx->kmo.param.k, key, keylen);
|
||||
cctx->fc = S390X_AES_FC(keylen);
|
||||
|
||||
if (key != NULL)
|
||||
memcpy(cctx->kmo.param.k, key, keylen);
|
||||
|
||||
cctx->res = 0;
|
||||
memcpy(cctx->kmo.param.cv, oiv, ivlen);
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -1237,9 +1240,12 @@ static int s390x_aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t len)
|
||||
{
|
||||
S390X_AES_OFB_CTX *cctx = EVP_C_DATA(S390X_AES_OFB_CTX, ctx);
|
||||
const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
|
||||
unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx);
|
||||
int n = cctx->res;
|
||||
int rem;
|
||||
|
||||
memcpy(cctx->kmo.param.cv, iv, ivlen);
|
||||
while (n && len) {
|
||||
*out = *in ^ cctx->kmo.param.cv[n];
|
||||
n = (n + 1) & 0xf;
|
||||
@ -1268,6 +1274,7 @@ static int s390x_aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
}
|
||||
}
|
||||
|
||||
memcpy(iv, cctx->kmo.param.cv, ivlen);
|
||||
cctx->res = n;
|
||||
return 1;
|
||||
}
|
||||
@ -1287,18 +1294,18 @@ static int s390x_aes_cfb_init_key(EVP_CIPHER_CTX *ctx,
|
||||
const unsigned char *ivec, int enc)
|
||||
{
|
||||
S390X_AES_CFB_CTX *cctx = EVP_C_DATA(S390X_AES_CFB_CTX, ctx);
|
||||
const unsigned char *iv = EVP_CIPHER_CTX_original_iv(ctx);
|
||||
const unsigned char *oiv = EVP_CIPHER_CTX_original_iv(ctx);
|
||||
const int keylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||
const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
|
||||
|
||||
cctx->fc = S390X_AES_FC(keylen);
|
||||
cctx->fc |= 16 << 24; /* 16 bytes cipher feedback */
|
||||
if (!enc)
|
||||
cctx->fc |= S390X_DECRYPT;
|
||||
cctx->fc = S390X_AES_FC(keylen) | (enc ? 0 : S390X_DECRYPT)
|
||||
| (16 << 24); /* 16 bytes cipher feedback */
|
||||
|
||||
if (key != NULL)
|
||||
memcpy(cctx->kmf.param.k, key, keylen);
|
||||
|
||||
cctx->res = 0;
|
||||
memcpy(cctx->kmf.param.cv, iv, ivlen);
|
||||
memcpy(cctx->kmf.param.k, key, keylen);
|
||||
memcpy(cctx->kmf.param.cv, oiv, ivlen);
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -1308,10 +1315,13 @@ static int s390x_aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
S390X_AES_CFB_CTX *cctx = EVP_C_DATA(S390X_AES_CFB_CTX, ctx);
|
||||
const int keylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||
const int enc = EVP_CIPHER_CTX_encrypting(ctx);
|
||||
const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
|
||||
unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx);
|
||||
int n = cctx->res;
|
||||
int rem;
|
||||
unsigned char tmp;
|
||||
|
||||
memcpy(cctx->kmf.param.cv, iv, ivlen);
|
||||
while (n && len) {
|
||||
tmp = *in;
|
||||
*out = cctx->kmf.param.cv[n] ^ tmp;
|
||||
@ -1344,6 +1354,7 @@ static int s390x_aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
}
|
||||
}
|
||||
|
||||
memcpy(iv, cctx->kmf.param.cv, ivlen);
|
||||
cctx->res = n;
|
||||
return 1;
|
||||
}
|
||||
@ -1360,17 +1371,18 @@ static int s390x_aes_cfb8_init_key(EVP_CIPHER_CTX *ctx,
|
||||
const unsigned char *ivec, int enc)
|
||||
{
|
||||
S390X_AES_CFB_CTX *cctx = EVP_C_DATA(S390X_AES_CFB_CTX, ctx);
|
||||
const unsigned char *iv = EVP_CIPHER_CTX_original_iv(ctx);
|
||||
const unsigned char *oiv = EVP_CIPHER_CTX_original_iv(ctx);
|
||||
const int keylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||
const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
|
||||
|
||||
cctx->fc = S390X_AES_FC(keylen);
|
||||
cctx->fc |= 1 << 24; /* 1 byte cipher feedback */
|
||||
if (!enc)
|
||||
cctx->fc |= S390X_DECRYPT;
|
||||
cctx->fc = S390X_AES_FC(keylen) | (enc ? 0 : S390X_DECRYPT)
|
||||
| (1 << 24); /* 1 byte cipher feedback flag */
|
||||
|
||||
memcpy(cctx->kmf.param.cv, iv, ivlen);
|
||||
memcpy(cctx->kmf.param.k, key, keylen);
|
||||
if (key != NULL)
|
||||
memcpy(cctx->kmf.param.k, key, keylen);
|
||||
|
||||
cctx->res = 0;
|
||||
memcpy(cctx->kmf.param.cv, oiv, ivlen);
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -1378,8 +1390,12 @@ static int s390x_aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t len)
|
||||
{
|
||||
S390X_AES_CFB_CTX *cctx = EVP_C_DATA(S390X_AES_CFB_CTX, ctx);
|
||||
const int ivlen = EVP_CIPHER_CTX_iv_length(ctx);
|
||||
unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx);
|
||||
|
||||
memcpy(cctx->kmf.param.cv, iv, ivlen);
|
||||
s390x_kmf(in, len, out, cctx->fc, &cctx->kmf.param);
|
||||
memcpy(iv, cctx->kmf.param.cv, ivlen);
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -1393,9 +1409,9 @@ static int s390x_aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
static int s390x_aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t len);
|
||||
|
||||
# define S390X_aes_128_ctr_CAPABLE 1 /* checked by callee */
|
||||
# define S390X_aes_192_ctr_CAPABLE 1
|
||||
# define S390X_aes_256_ctr_CAPABLE 1
|
||||
# define S390X_aes_128_ctr_CAPABLE 0 /* checked by callee */
|
||||
# define S390X_aes_192_ctr_CAPABLE 0
|
||||
# define S390X_aes_256_ctr_CAPABLE 0
|
||||
# define S390X_AES_CTR_CTX EVP_AES_KEY
|
||||
|
||||
# define s390x_aes_ctr_init_key aes_init_key
|
||||
@ -1563,8 +1579,7 @@ static int s390x_aes_gcm(S390X_AES_GCM_CTX *ctx, const unsigned char *in,
|
||||
/*-
|
||||
* Initialize context structure. Code is big-endian.
|
||||
*/
|
||||
static void s390x_aes_gcm_setiv(S390X_AES_GCM_CTX *ctx,
|
||||
const unsigned char *iv)
|
||||
static void s390x_aes_gcm_setiv(S390X_AES_GCM_CTX *ctx)
|
||||
{
|
||||
ctx->kma.param.t.g[0] = 0;
|
||||
ctx->kma.param.t.g[1] = 0;
|
||||
@ -1575,12 +1590,11 @@ static void s390x_aes_gcm_setiv(S390X_AES_GCM_CTX *ctx,
|
||||
ctx->kreslen = 0;
|
||||
|
||||
if (ctx->ivlen == 12) {
|
||||
memcpy(&ctx->kma.param.j0, iv, ctx->ivlen);
|
||||
memcpy(&ctx->kma.param.j0, ctx->iv, ctx->ivlen);
|
||||
ctx->kma.param.j0.w[3] = 1;
|
||||
ctx->kma.param.cv.w = 1;
|
||||
} else {
|
||||
/* ctx->iv has the right size and is already padded. */
|
||||
memcpy(ctx->iv, iv, ctx->ivlen);
|
||||
s390x_kma(ctx->iv, S390X_gcm_ivpadlen(ctx->ivlen), NULL, 0, NULL,
|
||||
ctx->fc, &ctx->kma.param);
|
||||
ctx->fc |= S390X_KMA_HS;
|
||||
@ -1694,7 +1708,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
|
||||
if (gctx->iv_gen == 0 || gctx->key_set == 0)
|
||||
return 0;
|
||||
|
||||
s390x_aes_gcm_setiv(gctx, gctx->iv);
|
||||
s390x_aes_gcm_setiv(gctx);
|
||||
|
||||
if (arg <= 0 || arg > gctx->ivlen)
|
||||
arg = gctx->ivlen;
|
||||
@ -1714,7 +1728,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
|
||||
return 0;
|
||||
|
||||
memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
|
||||
s390x_aes_gcm_setiv(gctx, gctx->iv);
|
||||
s390x_aes_gcm_setiv(gctx);
|
||||
gctx->iv_set = 1;
|
||||
return 1;
|
||||
|
||||
@ -1770,43 +1784,36 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
|
||||
}
|
||||
|
||||
/*-
|
||||
* Set key and/or iv. Returns 1 on success. Otherwise 0 is returned.
|
||||
* Set key or iv or enc/dec. Returns 1 on success. Otherwise 0 is returned.
|
||||
*/
|
||||
static int s390x_aes_gcm_init_key(EVP_CIPHER_CTX *ctx,
|
||||
const unsigned char *key,
|
||||
const unsigned char *iv, int enc)
|
||||
{
|
||||
S390X_AES_GCM_CTX *gctx = EVP_C_DATA(S390X_AES_GCM_CTX, ctx);
|
||||
int keylen;
|
||||
const int keylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||
|
||||
if (iv == NULL && key == NULL)
|
||||
return 1;
|
||||
gctx->fc = S390X_AES_FC(keylen) | (enc ? 0 : S390X_DECRYPT);
|
||||
|
||||
if (key != NULL) {
|
||||
keylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||
gctx->fc &= ~S390X_KMA_HS;
|
||||
memcpy(&gctx->kma.param.k, key, keylen);
|
||||
|
||||
gctx->fc = S390X_AES_FC(keylen);
|
||||
if (!enc)
|
||||
gctx->fc |= S390X_DECRYPT;
|
||||
|
||||
if (iv == NULL && gctx->iv_set)
|
||||
iv = gctx->iv;
|
||||
|
||||
if (iv != NULL) {
|
||||
s390x_aes_gcm_setiv(gctx, iv);
|
||||
gctx->iv_set = 1;
|
||||
}
|
||||
gctx->key_set = 1;
|
||||
} else {
|
||||
if (gctx->key_set)
|
||||
s390x_aes_gcm_setiv(gctx, iv);
|
||||
else
|
||||
memcpy(gctx->iv, iv, gctx->ivlen);
|
||||
|
||||
gctx->iv_set = 1;
|
||||
gctx->iv_gen = 0;
|
||||
}
|
||||
|
||||
if (iv != NULL) {
|
||||
memcpy(gctx->iv, iv, gctx->ivlen);
|
||||
gctx->iv_gen = 0;
|
||||
gctx->iv_set = 1;
|
||||
}
|
||||
|
||||
if (gctx->key_set && gctx->iv_set)
|
||||
s390x_aes_gcm_setiv(gctx);
|
||||
|
||||
gctx->fc &= ~(S390X_KMA_LPC | S390X_KMA_LAAD);
|
||||
gctx->areslen = 0;
|
||||
gctx->mreslen = 0;
|
||||
gctx->kreslen = 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -1895,7 +1902,6 @@ static int s390x_aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
/* recall that we already did en-/decrypt gctx->mres
|
||||
* and returned it to caller... */
|
||||
OPENSSL_cleanse(tmp, gctx->mreslen);
|
||||
gctx->iv_set = 0;
|
||||
|
||||
enc = EVP_CIPHER_CTX_encrypting(ctx);
|
||||
if (enc) {
|
||||
@ -1929,8 +1935,8 @@ static int s390x_aes_gcm_cleanup(EVP_CIPHER_CTX *c)
|
||||
}
|
||||
|
||||
# define S390X_AES_XTS_CTX EVP_AES_XTS_CTX
|
||||
# define S390X_aes_128_xts_CAPABLE 1 /* checked by callee */
|
||||
# define S390X_aes_256_xts_CAPABLE 1
|
||||
# define S390X_aes_128_xts_CAPABLE 0 /* checked by callee */
|
||||
# define S390X_aes_256_xts_CAPABLE 0
|
||||
|
||||
# define s390x_aes_xts_init_key aes_xts_init_key
|
||||
static int s390x_aes_xts_init_key(EVP_CIPHER_CTX *ctx,
|
||||
@ -2134,9 +2140,10 @@ static int s390x_aes_ccm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t len)
|
||||
{
|
||||
S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx);
|
||||
unsigned char *ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
|
||||
const unsigned char *ivec = EVP_CIPHER_CTX_iv(ctx);
|
||||
unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx);
|
||||
const int enc = EVP_CIPHER_CTX_encrypting(ctx);
|
||||
unsigned char iv[EVP_MAX_IV_LENGTH];
|
||||
|
||||
if (out != in
|
||||
|| len < (EVP_CCM_TLS_EXPLICIT_IV_LEN + (size_t)cctx->aes.ccm.m))
|
||||
@ -2152,8 +2159,9 @@ static int s390x_aes_ccm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
* Get explicit iv (sequence number). We already have fixed iv
|
||||
* (server/client_write_iv) here.
|
||||
*/
|
||||
memcpy(ivec + EVP_CCM_TLS_FIXED_IV_LEN, in, EVP_CCM_TLS_EXPLICIT_IV_LEN);
|
||||
s390x_aes_ccm_setiv(cctx, ivec, len);
|
||||
memcpy(iv, ivec, sizeof(iv));
|
||||
memcpy(iv + EVP_CCM_TLS_FIXED_IV_LEN, in, EVP_CCM_TLS_EXPLICIT_IV_LEN);
|
||||
s390x_aes_ccm_setiv(cctx, iv, len);
|
||||
|
||||
/* Process aad (sequence number|type|version|length) */
|
||||
s390x_aes_ccm_aad(cctx, buf, cctx->aes.ccm.tls_aad_len);
|
||||
@ -2180,42 +2188,35 @@ static int s390x_aes_ccm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
}
|
||||
|
||||
/*-
|
||||
* Set key and flag field and/or iv. Returns 1 if successful. Otherwise 0 is
|
||||
* returned.
|
||||
* Set key or iv or enc/dec. Returns 1 if successful.
|
||||
* Otherwise 0 is returned.
|
||||
*/
|
||||
static int s390x_aes_ccm_init_key(EVP_CIPHER_CTX *ctx,
|
||||
const unsigned char *key,
|
||||
const unsigned char *iv, int enc)
|
||||
{
|
||||
S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx);
|
||||
unsigned char *ivec;
|
||||
int keylen;
|
||||
const int keylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||
unsigned char *ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
|
||||
|
||||
if (iv == NULL && key == NULL)
|
||||
return 1;
|
||||
cctx->aes.ccm.fc = S390X_AES_FC(keylen);
|
||||
|
||||
if (key != NULL) {
|
||||
keylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||
cctx->aes.ccm.fc = S390X_AES_FC(keylen);
|
||||
memcpy(cctx->aes.ccm.kmac_param.k, key, keylen);
|
||||
|
||||
/* Store encoded m and l. */
|
||||
cctx->aes.ccm.nonce.b[0] = ((cctx->aes.ccm.l - 1) & 0x7)
|
||||
| (((cctx->aes.ccm.m - 2) >> 1) & 0x7) << 3;
|
||||
memset(cctx->aes.ccm.nonce.b + 1, 0,
|
||||
sizeof(cctx->aes.ccm.nonce.b));
|
||||
cctx->aes.ccm.blocks = 0;
|
||||
|
||||
cctx->aes.ccm.key_set = 1;
|
||||
}
|
||||
|
||||
if (iv != NULL) {
|
||||
ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
|
||||
memcpy(ivec, iv, 15 - cctx->aes.ccm.l);
|
||||
|
||||
cctx->aes.ccm.iv_set = 1;
|
||||
}
|
||||
|
||||
/* Store encoded m and l. */
|
||||
cctx->aes.ccm.nonce.b[0] = ((cctx->aes.ccm.l - 1) & 0x7)
|
||||
| (((cctx->aes.ccm.m - 2) >> 1) & 0x7) << 3;
|
||||
memset(cctx->aes.ccm.nonce.b + 1, 0, sizeof(cctx->aes.ccm.nonce.b) - 1);
|
||||
|
||||
cctx->aes.ccm.blocks = 0;
|
||||
cctx->aes.ccm.len_set = 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -2230,8 +2231,9 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
{
|
||||
S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx);
|
||||
const int enc = EVP_CIPHER_CTX_encrypting(ctx);
|
||||
const unsigned char *ivec = EVP_CIPHER_CTX_iv(ctx);
|
||||
unsigned char *buf;
|
||||
int rv;
|
||||
unsigned char *buf, *ivec;
|
||||
|
||||
if (!cctx->aes.ccm.key_set)
|
||||
return -1;
|
||||
@ -2253,7 +2255,6 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
if (out == NULL) {
|
||||
/* Update(): Pass message length. */
|
||||
if (in == NULL) {
|
||||
ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
|
||||
s390x_aes_ccm_setiv(cctx, ivec, len);
|
||||
|
||||
cctx->aes.ccm.len_set = 1;
|
||||
@ -2279,7 +2280,6 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
* In case message length was not previously set explicitly via
|
||||
* Update(), set it now.
|
||||
*/
|
||||
ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
|
||||
s390x_aes_ccm_setiv(cctx, ivec, len);
|
||||
|
||||
cctx->aes.ccm.len_set = 1;
|
||||
@ -2304,9 +2304,6 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
if (rv == -1)
|
||||
OPENSSL_cleanse(out, len);
|
||||
|
||||
cctx->aes.ccm.iv_set = 0;
|
||||
cctx->aes.ccm.tag_set = 0;
|
||||
cctx->aes.ccm.len_set = 0;
|
||||
return rv;
|
||||
}
|
||||
}
|
||||
@ -2414,9 +2411,6 @@ static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
|
||||
return 0;
|
||||
|
||||
memcpy(ptr, cctx->aes.ccm.kmac_param.icv.b, cctx->aes.ccm.m);
|
||||
cctx->aes.ccm.tag_set = 0;
|
||||
cctx->aes.ccm.iv_set = 0;
|
||||
cctx->aes.ccm.len_set = 0;
|
||||
return 1;
|
||||
|
||||
case EVP_CTRL_COPY:
|
||||
@ -2453,7 +2447,7 @@ static const EVP_CIPHER s390x_aes_##keylen##_##mode = { \
|
||||
nid##_##keylen##_##nmode,blocksize, \
|
||||
keylen / 8, \
|
||||
ivlen, \
|
||||
flags | EVP_CIPH_##MODE##_MODE, \
|
||||
flags | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_##MODE##_MODE, \
|
||||
s390x_aes_##mode##_init_key, \
|
||||
s390x_aes_##mode##_cipher, \
|
||||
NULL, \
|
||||
@ -2490,7 +2484,7 @@ static const EVP_CIPHER s390x_aes_##keylen##_##mode = { \
|
||||
blocksize, \
|
||||
(EVP_CIPH_##MODE##_MODE == EVP_CIPH_XTS_MODE ? 2 : 1) * keylen / 8, \
|
||||
ivlen, \
|
||||
flags | EVP_CIPH_##MODE##_MODE, \
|
||||
flags | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_##MODE##_MODE, \
|
||||
s390x_aes_##mode##_init_key, \
|
||||
s390x_aes_##mode##_cipher, \
|
||||
s390x_aes_##mode##_cleanup, \
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -55,16 +55,16 @@ void cmll_t4_decrypt(const unsigned char *in, unsigned char *out,
|
||||
|
||||
void cmll128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec);
|
||||
unsigned char *ivec, int /*unused*/);
|
||||
void cmll128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec);
|
||||
unsigned char *ivec, int /*unused*/);
|
||||
void cmll256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec);
|
||||
unsigned char *ivec, int /*unused*/);
|
||||
void cmll256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec);
|
||||
unsigned char *ivec, int /*unused*/);
|
||||
void cmll128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t blocks, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -47,7 +47,8 @@ static int hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
|
||||
|
||||
static int hmac_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
|
||||
{
|
||||
return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
|
||||
/* the ameth pub_cmp must return 1 on match, 0 on mismatch */
|
||||
return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)) == 0;
|
||||
}
|
||||
|
||||
static int hmac_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -101,7 +101,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
|
||||
#endif
|
||||
v = EVP_MD_block_size(md_type);
|
||||
u = EVP_MD_size(md_type);
|
||||
if (u < 0 || v <= 0)
|
||||
if (u <= 0 || v <= 0)
|
||||
goto err;
|
||||
D = OPENSSL_malloc(v);
|
||||
Ai = OPENSSL_malloc(u);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -43,7 +43,7 @@ static int poly1305_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
|
||||
|
||||
static int poly1305_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
|
||||
{
|
||||
return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
|
||||
return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)) == 0;
|
||||
}
|
||||
|
||||
static int poly1305_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
|
||||
|
@ -211,6 +211,12 @@ size_t OPENSSL_instrument_bus2(unsigned int *out, size_t cnt, size_t max)
|
||||
# if __GLIBC_PREREQ(2, 16)
|
||||
# include <sys/auxv.h>
|
||||
# define OSSL_IMPLEMENT_GETAUXVAL
|
||||
# elif defined(__ANDROID_API__)
|
||||
/* see https://developer.android.google.cn/ndk/guides/cpu-features */
|
||||
# if __ANDROID_API__ >= 18
|
||||
# include <sys/auxv.h>
|
||||
# define OSSL_IMPLEMENT_GETAUXVAL
|
||||
# endif
|
||||
# endif
|
||||
#endif
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -34,6 +34,9 @@
|
||||
#if defined(__OpenBSD__)
|
||||
# include <sys/param.h>
|
||||
#endif
|
||||
#if defined(__APPLE__)
|
||||
# include <CommonCrypto/CommonRandom.h>
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__)
|
||||
# include <sys/types.h>
|
||||
@ -378,6 +381,11 @@ static ssize_t syscall_random(void *buf, size_t buflen)
|
||||
if (errno != ENOSYS)
|
||||
return -1;
|
||||
}
|
||||
# elif defined(__APPLE__)
|
||||
if (CCRandomGenerateBytes(buf, buflen) == kCCSuccess)
|
||||
return (ssize_t)buflen;
|
||||
|
||||
return -1;
|
||||
# else
|
||||
union {
|
||||
void *p;
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -34,9 +34,11 @@ int RSA_print(BIO *bp, const RSA *x, int off)
|
||||
EVP_PKEY *pk;
|
||||
int ret;
|
||||
pk = EVP_PKEY_new();
|
||||
if (pk == NULL || !EVP_PKEY_set1_RSA(pk, (RSA *)x))
|
||||
if (pk == NULL)
|
||||
return 0;
|
||||
ret = EVP_PKEY_print_private(bp, pk, off, NULL);
|
||||
ret = EVP_PKEY_set1_RSA(pk, (RSA *)x);
|
||||
if (ret)
|
||||
ret = EVP_PKEY_print_private(bp, pk, off, NULL);
|
||||
EVP_PKEY_free(pk);
|
||||
return ret;
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -44,7 +44,7 @@ static int siphash_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
|
||||
|
||||
static int siphash_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
|
||||
{
|
||||
return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
|
||||
return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)) == 0;
|
||||
}
|
||||
|
||||
static int siphash_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2017 Ribose Inc. All Rights Reserved.
|
||||
* Ported from Ribose contributions from Botan.
|
||||
*
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -16,6 +16,7 @@
|
||||
#include <unistd.h>
|
||||
#include <openssl/bn.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include "bn/bn_local.h" /* for definition of bn_mul_mont */
|
||||
|
||||
#include "sparc_arch.h"
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2004-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright (c) 2004, EdelKey Project. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
@ -684,7 +684,7 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
|
||||
BIGNUM *x = NULL;
|
||||
BN_CTX *bn_ctx = BN_CTX_new();
|
||||
unsigned char tmp2[MAX_LEN];
|
||||
BIGNUM *salttmp = NULL;
|
||||
BIGNUM *salttmp = NULL, *verif;
|
||||
|
||||
if ((user == NULL) ||
|
||||
(pass == NULL) ||
|
||||
@ -707,17 +707,18 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
|
||||
if (x == NULL)
|
||||
goto err;
|
||||
|
||||
*verifier = BN_new();
|
||||
if (*verifier == NULL)
|
||||
verif = BN_new();
|
||||
if (verif == NULL)
|
||||
goto err;
|
||||
|
||||
if (!BN_mod_exp(*verifier, g, x, N, bn_ctx)) {
|
||||
BN_clear_free(*verifier);
|
||||
if (!BN_mod_exp(verif, g, x, N, bn_ctx)) {
|
||||
BN_clear_free(verif);
|
||||
goto err;
|
||||
}
|
||||
|
||||
result = 1;
|
||||
*salt = salttmp;
|
||||
*verifier = verif;
|
||||
|
||||
err:
|
||||
if (salt != NULL && *salt != salttmp)
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -370,6 +370,7 @@ static OSSL_STORE_INFO *try_decode_PKCS8Encrypted(const char *pem_name,
|
||||
mem->data = (char *)new_data;
|
||||
mem->max = mem->length = (size_t)new_data_len;
|
||||
X509_SIG_free(p8);
|
||||
p8 = NULL;
|
||||
|
||||
store_info = ossl_store_info_new_EMBEDDED(PEM_STRING_PKCS8INF, mem);
|
||||
if (store_info == NULL) {
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -612,6 +612,7 @@ static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
|
||||
err:
|
||||
EVP_MD_CTX_free(md_ctx);
|
||||
X509_ALGOR_free(*md_alg);
|
||||
*md_alg = NULL;
|
||||
OPENSSL_free(*imprint);
|
||||
*imprint_len = 0;
|
||||
*imprint = 0;
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -126,6 +126,8 @@ TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
|
||||
goto err;
|
||||
msg = imprint->hashed_msg;
|
||||
ret->imprint_len = ASN1_STRING_length(msg);
|
||||
if (ret->imprint_len <= 0)
|
||||
goto err;
|
||||
if ((ret->imprint = OPENSSL_malloc(ret->imprint_len)) == NULL)
|
||||
goto err;
|
||||
memcpy(ret->imprint, ASN1_STRING_get0_data(msg), ret->imprint_len);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -36,6 +36,12 @@ int OPENSSL_issetugid(void)
|
||||
# include <sys/auxv.h>
|
||||
# define OSSL_IMPLEMENT_GETAUXVAL
|
||||
# endif
|
||||
# elif defined(__ANDROID_API__)
|
||||
/* see https://developer.android.google.cn/ndk/guides/cpu-features */
|
||||
# if __ANDROID_API__ >= 18
|
||||
# include <sys/auxv.h>
|
||||
# define OSSL_IMPLEMENT_GETAUXVAL
|
||||
# endif
|
||||
# endif
|
||||
|
||||
int OPENSSL_issetugid(void)
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -365,9 +365,9 @@ int X509_aux_print(BIO *out, X509 *x, int indent)
|
||||
BIO_puts(out, "\n");
|
||||
} else
|
||||
BIO_printf(out, "%*sNo Rejected Uses.\n", indent, "");
|
||||
alias = X509_alias_get0(x, NULL);
|
||||
alias = X509_alias_get0(x, &i);
|
||||
if (alias)
|
||||
BIO_printf(out, "%*sAlias: %s\n", indent, "", alias);
|
||||
BIO_printf(out, "%*sAlias: %.*s\n", indent, "", i, alias);
|
||||
keyid = X509_keyid_get0(x, &keyidlen);
|
||||
if (keyid) {
|
||||
BIO_printf(out, "%*sKey Id: ", indent, "");
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -199,7 +199,8 @@ int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Copy the host flags if and only if we're copying the host list */
|
||||
x509_verify_param_copy(hostflags, 0);
|
||||
|
||||
if (test_x509_verify_param_copy(hosts, NULL)) {
|
||||
sk_OPENSSL_STRING_pop_free(dest->hosts, str_free);
|
||||
dest->hosts = NULL;
|
||||
@ -208,7 +209,6 @@ int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,
|
||||
sk_OPENSSL_STRING_deep_copy(src->hosts, str_copy, str_free);
|
||||
if (dest->hosts == NULL)
|
||||
return 0;
|
||||
dest->hostflags = src->hostflags;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -45,12 +45,12 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
|
||||
if (akeyid->keyid) {
|
||||
tmp = OPENSSL_buf2hexstr(akeyid->keyid->data, akeyid->keyid->length);
|
||||
if (tmp == NULL) {
|
||||
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
|
||||
X509V3err(X509V3_F_I2V_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
|
||||
return NULL;
|
||||
}
|
||||
if (!X509V3_add_value("keyid", tmp, &extlist)) {
|
||||
OPENSSL_free(tmp);
|
||||
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_X509_LIB);
|
||||
X509V3err(X509V3_F_I2V_AUTHORITY_KEYID, ERR_R_X509_LIB);
|
||||
goto err;
|
||||
}
|
||||
OPENSSL_free(tmp);
|
||||
@ -58,7 +58,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
|
||||
if (akeyid->issuer) {
|
||||
tmpextlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
|
||||
if (tmpextlist == NULL) {
|
||||
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_X509_LIB);
|
||||
X509V3err(X509V3_F_I2V_AUTHORITY_KEYID, ERR_R_X509_LIB);
|
||||
goto err;
|
||||
}
|
||||
extlist = tmpextlist;
|
||||
@ -66,12 +66,12 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
|
||||
if (akeyid->serial) {
|
||||
tmp = OPENSSL_buf2hexstr(akeyid->serial->data, akeyid->serial->length);
|
||||
if (tmp == NULL) {
|
||||
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
|
||||
X509V3err(X509V3_F_I2V_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
if (!X509V3_add_value("serial", tmp, &extlist)) {
|
||||
OPENSSL_free(tmp);
|
||||
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_X509_LIB);
|
||||
X509V3err(X509V3_F_I2V_AUTHORITY_KEYID, ERR_R_X509_LIB);
|
||||
goto err;
|
||||
}
|
||||
OPENSSL_free(tmp);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2003-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2003-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -44,9 +44,12 @@ static int x509v3_add_len_value(const char *name, const char *value,
|
||||
|
||||
if (name != NULL && (tname = OPENSSL_strdup(name)) == NULL)
|
||||
goto err;
|
||||
if (value != NULL) {
|
||||
/* We don't allow embeded NUL characters */
|
||||
if (memchr(value, 0, vallen) != NULL)
|
||||
if (value != NULL && vallen > 0) {
|
||||
/*
|
||||
* We tolerate a single trailing NUL character, but otherwise no
|
||||
* embedded NULs
|
||||
*/
|
||||
if (memchr(value, 0, vallen - 1) != NULL)
|
||||
goto err;
|
||||
tvalue = OPENSSL_strndup(value, vallen);
|
||||
if (tvalue == NULL)
|
||||
@ -63,7 +66,7 @@ static int x509v3_add_len_value(const char *name, const char *value,
|
||||
goto err;
|
||||
return 1;
|
||||
err:
|
||||
X509V3err(X509V3_F_X509V3_ADD_VALUE, ERR_R_MALLOC_FAILURE);
|
||||
X509V3err(X509V3_F_X509V3_ADD_LEN_VALUE, ERR_R_MALLOC_FAILURE);
|
||||
if (sk_allocated) {
|
||||
sk_CONF_VALUE_free(*extlist);
|
||||
*extlist = NULL;
|
||||
|
@ -1,6 +1,6 @@
|
||||
/*
|
||||
* Generated by util/mkerr.pl DO NOT EDIT
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -39,6 +39,8 @@ static const ERR_STRING_DATA X509V3_str_functs[] = {
|
||||
"i2s_ASN1_INTEGER"},
|
||||
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_I2V_AUTHORITY_INFO_ACCESS, 0),
|
||||
"i2v_AUTHORITY_INFO_ACCESS"},
|
||||
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_I2V_AUTHORITY_KEYID, 0),
|
||||
"i2v_AUTHORITY_KEYID"},
|
||||
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_LEVEL_ADD_NODE, 0), "level_add_node"},
|
||||
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_NOTICE_SECTION, 0), "notice_section"},
|
||||
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_NREF_NOS, 0), "nref_nos"},
|
||||
@ -104,6 +106,8 @@ static const ERR_STRING_DATA X509V3_str_functs[] = {
|
||||
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_V3_GENERIC_EXTENSION, 0),
|
||||
"v3_generic_extension"},
|
||||
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_ADD1_I2D, 0), "X509V3_add1_i2d"},
|
||||
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_ADD_LEN_VALUE, 0),
|
||||
"x509v3_add_len_value"},
|
||||
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_ADD_VALUE, 0),
|
||||
"X509V3_add_value"},
|
||||
{ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_EXT_ADD, 0), "X509V3_EXT_add"},
|
||||
|
@ -180,8 +180,8 @@ Debug the BIOs used for I/O.
|
||||
|
||||
=item B<-z>
|
||||
|
||||
Compress or decompress clear text using zlib before encryption or after
|
||||
decryption. This option exists only if OpenSSL with compiled with zlib
|
||||
Compress or decompress encrypted data using zlib after encryption or before
|
||||
decryption. This option exists only if OpenSSL was compiled with the zlib
|
||||
or zlib-dynamic option.
|
||||
|
||||
=item B<-none>
|
||||
|
@ -797,7 +797,7 @@ server.
|
||||
|
||||
The B<s_client> utility is a test tool and is designed to continue the
|
||||
handshake after any certificate verification errors. As a result it will
|
||||
accept any certificate chain (trusted or not) sent by the peer. None test
|
||||
accept any certificate chain (trusted or not) sent by the peer. Non-test
|
||||
applications should B<not> do this as it makes them vulnerable to a MITM
|
||||
attack. This behaviour can be changed by with the B<-verify_return_error>
|
||||
option: any verify errors are then returned aborting the handshake.
|
||||
|
@ -701,7 +701,7 @@ disabling the ephemeral DH cipher suites.
|
||||
|
||||
=item B<-alpn val>, B<-nextprotoneg val>
|
||||
|
||||
These flags enable the Enable the Application-Layer Protocol Negotiation
|
||||
These flags enable the Application-Layer Protocol Negotiation
|
||||
or Next Protocol Negotiation (NPN) extension, respectively. ALPN is the
|
||||
IETF standard and replaces NPN.
|
||||
The B<val> list is a comma-separated list of supported protocol
|
||||
|
@ -185,11 +185,6 @@ unencrypted example in L<BIO_s_connect(3)>.
|
||||
ERR_print_errors_fp(stderr);
|
||||
exit(1);
|
||||
}
|
||||
if (BIO_do_handshake(sbio) <= 0) {
|
||||
fprintf(stderr, "Error establishing SSL connection\n");
|
||||
ERR_print_errors_fp(stderr);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
/* XXX Could examine ssl here to get connection info */
|
||||
|
||||
@ -298,7 +293,7 @@ be modified to handle this fix or they may free up an already freed BIO.
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
Licensed under the OpenSSL license (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -61,8 +61,8 @@ the new chain is B<md1-md2-b64-f>. Data written to B<md1> will be digested
|
||||
by B<md1> and B<md2>, B<base64> encoded and written to B<f>.
|
||||
|
||||
It should be noted that reading causes data to pass in the reverse
|
||||
direction, that is data is read from B<f>, base64 B<decoded> and digested
|
||||
by B<md1> and B<md2>. If the call:
|
||||
direction, that is data is read from B<f>, B<base64> decoded and digested
|
||||
by B<md2> and B<md1>. If the call:
|
||||
|
||||
BIO_pop(md2);
|
||||
|
||||
@ -79,7 +79,7 @@ The BIO_set_next() function was added in OpenSSL 1.1.0.
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
Licensed under the OpenSSL license (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -2,42 +2,47 @@
|
||||
|
||||
=head1 NAME
|
||||
|
||||
BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM comparison and test functions
|
||||
BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_abs_is_word, BN_is_odd - BIGNUM comparison and test functions
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
#include <openssl/bn.h>
|
||||
|
||||
int BN_cmp(BIGNUM *a, BIGNUM *b);
|
||||
int BN_ucmp(BIGNUM *a, BIGNUM *b);
|
||||
int BN_cmp(const BIGNUM *a, const BIGNUM *b);
|
||||
int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
|
||||
|
||||
int BN_is_zero(BIGNUM *a);
|
||||
int BN_is_one(BIGNUM *a);
|
||||
int BN_is_word(BIGNUM *a, BN_ULONG w);
|
||||
int BN_is_odd(BIGNUM *a);
|
||||
int BN_is_zero(const BIGNUM *a);
|
||||
int BN_is_one(const BIGNUM *a);
|
||||
int BN_is_word(const BIGNUM *a, const BN_ULONG w);
|
||||
int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w);
|
||||
int BN_is_odd(const BIGNUM *a);
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
BN_cmp() compares the numbers B<a> and B<b>. BN_ucmp() compares their
|
||||
BN_cmp() compares the numbers I<a> and I<b>. BN_ucmp() compares their
|
||||
absolute values.
|
||||
|
||||
BN_is_zero(), BN_is_one() and BN_is_word() test if B<a> equals 0, 1,
|
||||
or B<w> respectively. BN_is_odd() tests if a is odd.
|
||||
|
||||
BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros.
|
||||
BN_is_zero(), BN_is_one(), BN_is_word() and BN_abs_is_word() test if
|
||||
I<a> equals 0, 1, I<w>, or E<verbar>I<w>E<verbar> respectively.
|
||||
BN_is_odd() tests if I<a> is odd.
|
||||
|
||||
=head1 RETURN VALUES
|
||||
|
||||
BN_cmp() returns -1 if B<a> E<lt> B<b>, 0 if B<a> == B<b> and 1 if
|
||||
B<a> E<gt> B<b>. BN_ucmp() is the same using the absolute values
|
||||
of B<a> and B<b>.
|
||||
BN_cmp() returns -1 if I<a> E<lt> I<b>, 0 if I<a> == I<b> and 1 if
|
||||
I<a> E<gt> I<b>. BN_ucmp() is the same using the absolute values
|
||||
of I<a> and I<b>.
|
||||
|
||||
BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if
|
||||
the condition is true, 0 otherwise.
|
||||
BN_is_zero(), BN_is_one() BN_is_word(), BN_abs_is_word() and
|
||||
BN_is_odd() return 1 if the condition is true, 0 otherwise.
|
||||
|
||||
=head1 HISTORY
|
||||
|
||||
Prior to OpenSSL 1.1.0, BN_is_zero(), BN_is_one(), BN_is_word(),
|
||||
BN_abs_is_word() and BN_is_odd() were macros.
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
Licensed under the OpenSSL license (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -42,6 +42,10 @@ These functions are similar to the d2i_X509() functions; see L<d2i_X509(3)>.
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
All the functions that operate on data in memory update the data pointer I<*pp>
|
||||
after a successful operation, just like the other d2i and i2d functions;
|
||||
see L<d2i_X509(3)>.
|
||||
|
||||
All these functions use DER format and unencrypted keys. Applications wishing
|
||||
to encrypt or decrypt private keys should use other functions such as
|
||||
d2i_PKCS8PrivateKey() instead.
|
||||
@ -71,7 +75,7 @@ L<d2i_PKCS8PrivateKey_bio(3)>
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
Licensed under the OpenSSL license (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -11,7 +11,7 @@ x509 - X.509 certificate handling
|
||||
=head1 DESCRIPTION
|
||||
|
||||
An X.509 certificate is a structured grouping of information about
|
||||
an individual, a device, or anything one can imagine. A X.509 CRL
|
||||
an individual, a device, or anything one can imagine. An X.509 CRL
|
||||
(certificate revocation list) is a tool to help determine if a
|
||||
certificate is still valid. The exact definition of those can be
|
||||
found in the X.509 document from ITU-T, or in RFC3280 from PKIX.
|
||||
@ -24,7 +24,7 @@ X509_REQ is used to express such a certificate request.
|
||||
|
||||
To handle some complex parts of a certificate, there are the types
|
||||
X509_NAME (to express a certificate name), X509_ATTRIBUTE (to express
|
||||
a certificate attributes), X509_EXTENSION (to express a certificate
|
||||
a certificate attribute), X509_EXTENSION (to express a certificate
|
||||
extension) and a few more.
|
||||
|
||||
Finally, there's the supertype X509_INFO, which can contain a CRL, a
|
||||
@ -63,7 +63,7 @@ L<crypto(7)>
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2003-2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
Copyright 2003-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
Licensed under the OpenSSL license (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2017 Ribose Inc. All Rights Reserved.
|
||||
* Ported from Ribose contributions from Botan.
|
||||
*
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -279,7 +279,8 @@ typedef unsigned __int64 uint64_t;
|
||||
# define ossl_inline inline
|
||||
# endif
|
||||
|
||||
# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
|
||||
# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L && \
|
||||
!defined(__cplusplus)
|
||||
# define ossl_noreturn _Noreturn
|
||||
# elif defined(__GNUC__) && __GNUC__ >= 2
|
||||
# define ossl_noreturn __attribute__((noreturn))
|
||||
|
@ -39,8 +39,8 @@ extern "C" {
|
||||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||
* major minor fix final patch/beta)
|
||||
*/
|
||||
# define OPENSSL_VERSION_NUMBER 0x101010bfL
|
||||
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1k-freebsd 24 Aug 2021"
|
||||
# define OPENSSL_VERSION_NUMBER 0x101010cfL
|
||||
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1l-freebsd 24 Aug 2021"
|
||||
|
||||
/*-
|
||||
* The macros below are to be used for shared library (.so, .dll, ...)
|
||||
|
@ -1,6 +1,6 @@
|
||||
/*
|
||||
* Generated by util/mkerr.pl DO NOT EDIT
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -70,6 +70,7 @@ int ERR_load_SSL_strings(void);
|
||||
# define SSL_F_FINAL_EMS 486
|
||||
# define SSL_F_FINAL_KEY_SHARE 503
|
||||
# define SSL_F_FINAL_MAXFRAGMENTLEN 557
|
||||
# define SSL_F_FINAL_PSK 639
|
||||
# define SSL_F_FINAL_RENEGOTIATE 483
|
||||
# define SSL_F_FINAL_SERVER_NAME 558
|
||||
# define SSL_F_FINAL_SIG_ALGS 497
|
||||
@ -593,6 +594,7 @@ int ERR_load_SSL_strings(void);
|
||||
# define SSL_R_MISSING_ECDSA_SIGNING_CERT 381
|
||||
# define SSL_R_MISSING_FATAL 256
|
||||
# define SSL_R_MISSING_PARAMETERS 290
|
||||
# define SSL_R_MISSING_PSK_KEX_MODES_EXTENSION 310
|
||||
# define SSL_R_MISSING_RSA_CERTIFICATE 168
|
||||
# define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
|
||||
# define SSL_R_MISSING_RSA_SIGNING_CERT 170
|
||||
@ -634,6 +636,7 @@ int ERR_load_SSL_strings(void);
|
||||
# define SSL_R_NO_VERIFY_COOKIE_CALLBACK 403
|
||||
# define SSL_R_NULL_SSL_CTX 195
|
||||
# define SSL_R_NULL_SSL_METHOD_PASSED 196
|
||||
# define SSL_R_OCSP_CALLBACK_FAILURE 294
|
||||
# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
|
||||
# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
|
||||
# define SSL_R_OVERFLOW_ERROR 237
|
||||
|
@ -1,6 +1,6 @@
|
||||
/*
|
||||
* Generated by util/mkerr.pl DO NOT EDIT
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -38,6 +38,7 @@ int ERR_load_X509V3_strings(void);
|
||||
# define X509V3_F_I2S_ASN1_IA5STRING 149
|
||||
# define X509V3_F_I2S_ASN1_INTEGER 120
|
||||
# define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138
|
||||
# define X509V3_F_I2V_AUTHORITY_KEYID 173
|
||||
# define X509V3_F_LEVEL_ADD_NODE 168
|
||||
# define X509V3_F_NOTICE_SECTION 132
|
||||
# define X509V3_F_NREF_NOS 133
|
||||
@ -78,6 +79,7 @@ int ERR_load_X509V3_strings(void);
|
||||
# define X509V3_F_V2I_TLS_FEATURE 165
|
||||
# define X509V3_F_V3_GENERIC_EXTENSION 116
|
||||
# define X509V3_F_X509V3_ADD1_I2D 140
|
||||
# define X509V3_F_X509V3_ADD_LEN_VALUE 174
|
||||
# define X509V3_F_X509V3_ADD_VALUE 105
|
||||
# define X509V3_F_X509V3_EXT_ADD 104
|
||||
# define X509V3_F_X509V3_EXT_ADD_ALIAS 106
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -451,6 +451,7 @@ BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
|
||||
goto err;
|
||||
return ret;
|
||||
err:
|
||||
BIO_free(ssl);
|
||||
BIO_free(con);
|
||||
#endif
|
||||
return NULL;
|
||||
|
@ -342,12 +342,11 @@ int dtls1_is_timer_expired(SSL *s)
|
||||
return 1;
|
||||
}
|
||||
|
||||
void dtls1_double_timeout(SSL *s)
|
||||
static void dtls1_double_timeout(SSL *s)
|
||||
{
|
||||
s->d1->timeout_duration_us *= 2;
|
||||
if (s->d1->timeout_duration_us > 60000000)
|
||||
s->d1->timeout_duration_us = 60000000;
|
||||
dtls1_start_timer(s);
|
||||
}
|
||||
|
||||
void dtls1_stop_timer(SSL *s)
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -172,9 +172,9 @@ int ssl3_read_n(SSL *s, size_t n, size_t max, int extend, int clearold,
|
||||
/*
|
||||
* If extend == 0, obtain new n-byte packet; if extend == 1, increase
|
||||
* packet by another n bytes. The packet will be in the sub-array of
|
||||
* s->s3->rbuf.buf specified by s->packet and s->packet_length. (If
|
||||
* s->rlayer.read_ahead is set, 'max' bytes may be stored in rbuf [plus
|
||||
* s->packet_length bytes if extend == 1].)
|
||||
* s->rlayer.rbuf.buf specified by s->rlayer.packet and
|
||||
* s->rlayer.packet_length. (If s->rlayer.read_ahead is set, 'max' bytes may
|
||||
* be stored in rbuf [plus s->rlayer.packet_length bytes if extend == 1].)
|
||||
* if clearold == 1, move the packet to the start of the buffer; if
|
||||
* clearold == 0 then leave any old packets where they were
|
||||
*/
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -74,7 +74,6 @@ int ssl3_setup_read_buffer(SSL *s)
|
||||
b->len = len;
|
||||
}
|
||||
|
||||
RECORD_LAYER_set_packet(&s->rlayer, &(b->buf[0]));
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -432,7 +432,7 @@ int ssl3_get_record(SSL *s)
|
||||
}
|
||||
|
||||
if (more > 0) {
|
||||
/* now s->packet_length == SSL3_RT_HEADER_LENGTH */
|
||||
/* now s->rlayer.packet_length == SSL3_RT_HEADER_LENGTH */
|
||||
|
||||
rret = ssl3_read_n(s, more, more, 1, 0, &n);
|
||||
if (rret <= 0)
|
||||
@ -443,9 +443,9 @@ int ssl3_get_record(SSL *s)
|
||||
RECORD_LAYER_set_rstate(&s->rlayer, SSL_ST_READ_HEADER);
|
||||
|
||||
/*
|
||||
* At this point, s->packet_length == SSL3_RT_HEADER_LENGTH
|
||||
* + thisrr->length, or s->packet_length == SSL2_RT_HEADER_LENGTH
|
||||
* + thisrr->length and we have that many bytes in s->packet
|
||||
* At this point, s->rlayer.packet_length == SSL3_RT_HEADER_LENGTH
|
||||
* + thisrr->length, or s->rlayer.packet_length == SSL2_RT_HEADER_LENGTH
|
||||
* + thisrr->length and we have that many bytes in s->rlayer.packet
|
||||
*/
|
||||
if (thisrr->rec_version == SSL2_VERSION) {
|
||||
thisrr->input =
|
||||
@ -456,11 +456,11 @@ int ssl3_get_record(SSL *s)
|
||||
}
|
||||
|
||||
/*
|
||||
* ok, we can now read from 's->packet' data into 'thisrr' thisrr->input
|
||||
* points at thisrr->length bytes, which need to be copied into
|
||||
* thisrr->data by either the decryption or by the decompression When
|
||||
* the data is 'copied' into the thisrr->data buffer, thisrr->input will
|
||||
* be pointed at the new buffer
|
||||
* ok, we can now read from 's->rlayer.packet' data into 'thisrr'.
|
||||
* thisrr->input points at thisrr->length bytes, which need to be copied
|
||||
* into thisrr->data by either the decryption or by the decompression.
|
||||
* When the data is 'copied' into the thisrr->data buffer,
|
||||
* thisrr->input will be updated to point at the new buffer
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -1653,16 +1653,16 @@ int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap)
|
||||
sess = s->session;
|
||||
|
||||
/*
|
||||
* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
|
||||
* and we have that many bytes in s->packet
|
||||
* At this point, s->rlayer.packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
|
||||
* and we have that many bytes in s->rlayer.packet
|
||||
*/
|
||||
rr->input = &(RECORD_LAYER_get_packet(&s->rlayer)[DTLS1_RT_HEADER_LENGTH]);
|
||||
|
||||
/*
|
||||
* ok, we can now read from 's->packet' data into 'rr' rr->input points
|
||||
* at rr->length bytes, which need to be copied into rr->data by either
|
||||
* the decryption or by the decompression When the data is 'copied' into
|
||||
* the rr->data buffer, rr->input will be pointed at the new buffer
|
||||
* ok, we can now read from 's->rlayer.packet' data into 'rr'. rr->input
|
||||
* points at rr->length bytes, which need to be copied into rr->data by
|
||||
* either the decryption or by the decompression. When the data is 'copied'
|
||||
* into the rr->data buffer, rr->input will be pointed at the new buffer
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -1984,7 +1984,7 @@ int dtls1_get_record(SSL *s)
|
||||
|
||||
if (rr->length >
|
||||
RECORD_LAYER_get_packet_length(&s->rlayer) - DTLS1_RT_HEADER_LENGTH) {
|
||||
/* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
|
||||
/* now s->rlayer.packet_length == DTLS1_RT_HEADER_LENGTH */
|
||||
more = rr->length;
|
||||
rret = ssl3_read_n(s, more, more, 1, 1, &n);
|
||||
/* this packet contained a partial record, dump it */
|
||||
@ -2000,7 +2000,7 @@ int dtls1_get_record(SSL *s)
|
||||
}
|
||||
|
||||
/*
|
||||
* now n == rr->length, and s->packet_length ==
|
||||
* now n == rr->length, and s->rlayer.packet_length ==
|
||||
* DTLS1_RT_HEADER_LENGTH + rr->length
|
||||
*/
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -48,6 +48,8 @@ int ssl3_send_alert(SSL *s, int level, int desc)
|
||||
* protocol_version alerts */
|
||||
if (desc < 0)
|
||||
return -1;
|
||||
if (s->shutdown & SSL_SENT_SHUTDOWN && desc != SSL_AD_CLOSE_NOTIFY)
|
||||
return -1;
|
||||
/* If a fatal one, remove from cache */
|
||||
if ((level == SSL3_AL_FATAL) && (s->session != NULL))
|
||||
SSL_CTX_remove_session(s->session_ctx, s->session);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
@ -876,18 +876,36 @@ int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref)
|
||||
return 1;
|
||||
}
|
||||
|
||||
int ssl_get_security_level_bits(const SSL *s, const SSL_CTX *ctx, int *levelp)
|
||||
{
|
||||
int level;
|
||||
static const int minbits_table[5 + 1] = { 0, 80, 112, 128, 192, 256 };
|
||||
|
||||
if (ctx != NULL)
|
||||
level = SSL_CTX_get_security_level(ctx);
|
||||
else
|
||||
level = SSL_get_security_level(s);
|
||||
|
||||
if (level > 5)
|
||||
level = 5;
|
||||
else if (level < 0)
|
||||
level = 0;
|
||||
|
||||
if (levelp != NULL)
|
||||
*levelp = level;
|
||||
|
||||
return minbits_table[level];
|
||||
}
|
||||
|
||||
static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx,
|
||||
int op, int bits, int nid, void *other,
|
||||
void *ex)
|
||||
{
|
||||
int level, minbits;
|
||||
static const int minbits_table[5] = { 80, 112, 128, 192, 256 };
|
||||
if (ctx)
|
||||
level = SSL_CTX_get_security_level(ctx);
|
||||
else
|
||||
level = SSL_get_security_level(s);
|
||||
|
||||
if (level <= 0) {
|
||||
minbits = ssl_get_security_level_bits(s, ctx, &level);
|
||||
|
||||
if (level == 0) {
|
||||
/*
|
||||
* No EDH keys weaker than 1024-bits even at level 0, otherwise,
|
||||
* anything goes.
|
||||
@ -896,9 +914,6 @@ static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx,
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
if (level > 5)
|
||||
level = 5;
|
||||
minbits = minbits_table[level - 1];
|
||||
switch (op) {
|
||||
case SSL_SECOP_CIPHER_SUPPORTED:
|
||||
case SSL_SECOP_CIPHER_SHARED:
|
||||
|
@ -1,6 +1,6 @@
|
||||
/*
|
||||
* Generated by util/mkerr.pl DO NOT EDIT
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -85,6 +85,7 @@ static const ERR_STRING_DATA SSL_str_functs[] = {
|
||||
{ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_KEY_SHARE, 0), "final_key_share"},
|
||||
{ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_MAXFRAGMENTLEN, 0),
|
||||
"final_maxfragmentlen"},
|
||||
{ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_PSK, 0), "final_psk"},
|
||||
{ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_RENEGOTIATE, 0), "final_renegotiate"},
|
||||
{ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_SERVER_NAME, 0), "final_server_name"},
|
||||
{ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_SIG_ALGS, 0), "final_sig_algs"},
|
||||
@ -949,6 +950,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
|
||||
"missing ecdsa signing cert"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_FATAL), "missing fatal"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_PARAMETERS), "missing parameters"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_PSK_KEX_MODES_EXTENSION),
|
||||
"missing psk kex modes extension"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_RSA_CERTIFICATE),
|
||||
"missing rsa certificate"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_RSA_ENCRYPTING_CERT),
|
||||
@ -1019,6 +1022,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_CTX), "null ssl ctx"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_METHOD_PASSED),
|
||||
"null ssl method passed"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OCSP_CALLBACK_FAILURE),
|
||||
"ocsp callback failure"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
|
||||
"old session cipher not returned"},
|
||||
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
|
||||
|
@ -2204,6 +2204,11 @@ int SSL_key_update(SSL *s, int updatetype)
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (RECORD_LAYER_write_pending(&s->rlayer)) {
|
||||
SSLerr(SSL_F_SSL_KEY_UPDATE, SSL_R_BAD_WRITE_RETRY);
|
||||
return 0;
|
||||
}
|
||||
|
||||
ossl_statem_set_in_init(s, 1);
|
||||
s->key_update = updatetype;
|
||||
return 1;
|
||||
@ -2918,6 +2923,19 @@ void SSL_CTX_set_npn_select_cb(SSL_CTX *ctx,
|
||||
}
|
||||
#endif
|
||||
|
||||
static int alpn_value_ok(const unsigned char *protos, unsigned int protos_len)
|
||||
{
|
||||
unsigned int idx;
|
||||
|
||||
if (protos_len < 2 || protos == NULL)
|
||||
return 0;
|
||||
|
||||
for (idx = 0; idx < protos_len; idx += protos[idx] + 1) {
|
||||
if (protos[idx] == 0)
|
||||
return 0;
|
||||
}
|
||||
return idx == protos_len;
|
||||
}
|
||||
/*
|
||||
* SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|.
|
||||
* |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
|
||||
@ -2926,13 +2944,25 @@ void SSL_CTX_set_npn_select_cb(SSL_CTX *ctx,
|
||||
int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
|
||||
unsigned int protos_len)
|
||||
{
|
||||
OPENSSL_free(ctx->ext.alpn);
|
||||
ctx->ext.alpn = OPENSSL_memdup(protos, protos_len);
|
||||
if (ctx->ext.alpn == NULL) {
|
||||
unsigned char *alpn;
|
||||
|
||||
if (protos_len == 0 || protos == NULL) {
|
||||
OPENSSL_free(ctx->ext.alpn);
|
||||
ctx->ext.alpn = NULL;
|
||||
ctx->ext.alpn_len = 0;
|
||||
return 0;
|
||||
}
|
||||
/* Not valid per RFC */
|
||||
if (!alpn_value_ok(protos, protos_len))
|
||||
return 1;
|
||||
|
||||
alpn = OPENSSL_memdup(protos, protos_len);
|
||||
if (alpn == NULL) {
|
||||
SSLerr(SSL_F_SSL_CTX_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
|
||||
return 1;
|
||||
}
|
||||
OPENSSL_free(ctx->ext.alpn);
|
||||
ctx->ext.alpn = alpn;
|
||||
ctx->ext.alpn_len = protos_len;
|
||||
|
||||
return 0;
|
||||
@ -2946,13 +2976,25 @@ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
|
||||
int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
|
||||
unsigned int protos_len)
|
||||
{
|
||||
OPENSSL_free(ssl->ext.alpn);
|
||||
ssl->ext.alpn = OPENSSL_memdup(protos, protos_len);
|
||||
if (ssl->ext.alpn == NULL) {
|
||||
unsigned char *alpn;
|
||||
|
||||
if (protos_len == 0 || protos == NULL) {
|
||||
OPENSSL_free(ssl->ext.alpn);
|
||||
ssl->ext.alpn = NULL;
|
||||
ssl->ext.alpn_len = 0;
|
||||
return 0;
|
||||
}
|
||||
/* Not valid per RFC */
|
||||
if (!alpn_value_ok(protos, protos_len))
|
||||
return 1;
|
||||
|
||||
alpn = OPENSSL_memdup(protos, protos_len);
|
||||
if (alpn == NULL) {
|
||||
SSLerr(SSL_F_SSL_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
|
||||
return 1;
|
||||
}
|
||||
OPENSSL_free(ssl->ext.alpn);
|
||||
ssl->ext.alpn = alpn;
|
||||
ssl->ext.alpn_len = protos_len;
|
||||
|
||||
return 0;
|
||||
@ -4616,8 +4658,11 @@ int ssl_handshake_hash(SSL *s, unsigned char *out, size_t outlen,
|
||||
}
|
||||
|
||||
ctx = EVP_MD_CTX_new();
|
||||
if (ctx == NULL)
|
||||
if (ctx == NULL) {
|
||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_HANDSHAKE_HASH,
|
||||
ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (!EVP_MD_CTX_copy_ex(ctx, hdgst)
|
||||
|| EVP_DigestFinal_ex(ctx, out, NULL) <= 0) {
|
||||
|
@ -2307,6 +2307,7 @@ __owur int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain,
|
||||
__owur int ssl_security(const SSL *s, int op, int bits, int nid, void *other);
|
||||
__owur int ssl_ctx_security(const SSL_CTX *ctx, int op, int bits, int nid,
|
||||
void *other);
|
||||
int ssl_get_security_level_bits(const SSL *s, const SSL_CTX *ctx, int *levelp);
|
||||
|
||||
__owur int ssl_cert_lookup_by_nid(int nid, size_t *pidx);
|
||||
__owur const SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk,
|
||||
@ -2428,7 +2429,6 @@ __owur int dtls1_handle_timeout(SSL *s);
|
||||
void dtls1_start_timer(SSL *s);
|
||||
void dtls1_stop_timer(SSL *s);
|
||||
__owur int dtls1_is_timer_expired(SSL *s);
|
||||
void dtls1_double_timeout(SSL *s);
|
||||
__owur int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie,
|
||||
size_t cookie_len);
|
||||
__owur size_t dtls1_min_mtu(SSL *s);
|
||||
|
@ -18,6 +18,7 @@ static int final_renegotiate(SSL *s, unsigned int context, int sent);
|
||||
static int init_server_name(SSL *s, unsigned int context);
|
||||
static int final_server_name(SSL *s, unsigned int context, int sent);
|
||||
#ifndef OPENSSL_NO_EC
|
||||
static int init_ec_point_formats(SSL *s, unsigned int context);
|
||||
static int final_ec_pt_formats(SSL *s, unsigned int context, int sent);
|
||||
#endif
|
||||
static int init_session_ticket(SSL *s, unsigned int context);
|
||||
@ -56,6 +57,7 @@ static int final_sig_algs(SSL *s, unsigned int context, int sent);
|
||||
static int final_early_data(SSL *s, unsigned int context, int sent);
|
||||
static int final_maxfragmentlen(SSL *s, unsigned int context, int sent);
|
||||
static int init_post_handshake_auth(SSL *s, unsigned int context);
|
||||
static int final_psk(SSL *s, unsigned int context, int sent);
|
||||
|
||||
/* Structure to define a built-in extension */
|
||||
typedef struct extensions_definition_st {
|
||||
@ -158,7 +160,7 @@ static const EXTENSION_DEFINITION ext_defs[] = {
|
||||
TLSEXT_TYPE_ec_point_formats,
|
||||
SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO
|
||||
| SSL_EXT_TLS1_2_AND_BELOW_ONLY,
|
||||
NULL, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats,
|
||||
init_ec_point_formats, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats,
|
||||
tls_construct_stoc_ec_pt_formats, tls_construct_ctos_ec_pt_formats,
|
||||
final_ec_pt_formats
|
||||
},
|
||||
@ -389,7 +391,7 @@ static const EXTENSION_DEFINITION ext_defs[] = {
|
||||
SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_SERVER_HELLO
|
||||
| SSL_EXT_TLS_IMPLEMENTATION_ONLY | SSL_EXT_TLS1_3_ONLY,
|
||||
NULL, tls_parse_ctos_psk, tls_parse_stoc_psk, tls_construct_stoc_psk,
|
||||
tls_construct_ctos_psk, NULL
|
||||
tls_construct_ctos_psk, final_psk
|
||||
}
|
||||
};
|
||||
|
||||
@ -1026,6 +1028,15 @@ static int final_server_name(SSL *s, unsigned int context, int sent)
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_EC
|
||||
static int init_ec_point_formats(SSL *s, unsigned int context)
|
||||
{
|
||||
OPENSSL_free(s->ext.peer_ecpointformats);
|
||||
s->ext.peer_ecpointformats = NULL;
|
||||
s->ext.peer_ecpointformats_len = 0;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int final_ec_pt_formats(SSL *s, unsigned int context, int sent)
|
||||
{
|
||||
unsigned long alg_k, alg_a;
|
||||
@ -1718,3 +1729,19 @@ static int init_post_handshake_auth(SSL *s, unsigned int context)
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
* If clients offer "pre_shared_key" without a "psk_key_exchange_modes"
|
||||
* extension, servers MUST abort the handshake.
|
||||
*/
|
||||
static int final_psk(SSL *s, unsigned int context, int sent)
|
||||
{
|
||||
if (s->server && sent && s->clienthello != NULL
|
||||
&& !s->clienthello->pre_proc_exts[TLSEXT_IDX_psk_kex_modes].present) {
|
||||
SSLfatal(s, TLS13_AD_MISSING_EXTENSION, SSL_F_FINAL_PSK,
|
||||
SSL_R_MISSING_PSK_KEX_MODES_EXTENSION);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -1714,6 +1714,13 @@ EXT_RETURN tls_construct_stoc_key_share(SSL *s, WPACKET *pkt,
|
||||
}
|
||||
return EXT_RETURN_NOT_SENT;
|
||||
}
|
||||
if (s->hit && (s->ext.psk_kex_mode & TLSEXT_KEX_MODE_FLAG_KE_DHE) == 0) {
|
||||
/*
|
||||
* PSK ('hit') and explicitly not doing DHE (if the client sent the
|
||||
* DHE option we always take it); don't send key share.
|
||||
*/
|
||||
return EXT_RETURN_NOT_SENT;
|
||||
}
|
||||
|
||||
if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_key_share)
|
||||
|| !WPACKET_start_sub_packet_u16(pkt)
|
||||
|
@ -1001,7 +1001,8 @@ size_t ossl_statem_client_max_message_size(SSL *s)
|
||||
return CCS_MAX_LENGTH;
|
||||
|
||||
case TLS_ST_CR_SESSION_TICKET:
|
||||
return SSL3_RT_MAX_PLAIN_LENGTH;
|
||||
return (SSL_IS_TLS13(s)) ? SESSION_TICKET_MAX_LENGTH_TLS13
|
||||
: SESSION_TICKET_MAX_LENGTH_TLS12;
|
||||
|
||||
case TLS_ST_CR_FINISHED:
|
||||
return FINISHED_MAX_LENGTH;
|
||||
@ -2833,7 +2834,7 @@ int tls_process_initial_server_flight(SSL *s)
|
||||
if (ret < 0) {
|
||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
|
||||
SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT,
|
||||
ERR_R_MALLOC_FAILURE);
|
||||
SSL_R_OCSP_CALLBACK_FAILURE);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -22,6 +22,8 @@
|
||||
#define SERVER_HELLO_MAX_LENGTH 20000
|
||||
#define HELLO_RETRY_REQUEST_MAX_LENGTH 20000
|
||||
#define ENCRYPTED_EXTENSIONS_MAX_LENGTH 20000
|
||||
#define SESSION_TICKET_MAX_LENGTH_TLS13 131338
|
||||
#define SESSION_TICKET_MAX_LENGTH_TLS12 65541
|
||||
#define SERVER_KEY_EXCH_MAX_LENGTH 102400
|
||||
#define SERVER_HELLO_DONE_MAX_LENGTH 0
|
||||
#define KEY_UPDATE_MAX_LENGTH 1
|
||||
|
@ -3753,6 +3753,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
|
||||
|
||||
sk_X509_pop_free(s->session->peer_chain, X509_free);
|
||||
s->session->peer_chain = sk;
|
||||
sk = NULL;
|
||||
|
||||
/*
|
||||
* Freeze the handshake buffer. For <TLS1.3 we do this after the CKE
|
||||
@ -3767,7 +3768,6 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
|
||||
* Inconsistency alert: cert_chain does *not* include the peer's own
|
||||
* certificate, while we do include it in statem_clnt.c
|
||||
*/
|
||||
sk = NULL;
|
||||
|
||||
/* Save the current hash state for when we receive the CertificateVerify */
|
||||
if (SSL_IS_TLS13(s)) {
|
||||
@ -4139,9 +4139,12 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
|
||||
}
|
||||
|
||||
if (tctx->generate_ticket_cb != NULL &&
|
||||
tctx->generate_ticket_cb(s, tctx->ticket_cb_data) == 0)
|
||||
tctx->generate_ticket_cb(s, tctx->ticket_cb_data) == 0) {
|
||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
|
||||
SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET,
|
||||
ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
|
||||
}
|
||||
/*
|
||||
* If we are using anti-replay protection then we behave as if
|
||||
* SSL_OP_NO_TICKET is set - we are caching tickets anyway so there
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -2441,7 +2441,8 @@ DH *ssl_get_auto_dh(SSL *s)
|
||||
{
|
||||
DH *dhp = NULL;
|
||||
BIGNUM *p = NULL, *g = NULL;
|
||||
int dh_secbits = 80;
|
||||
int dh_secbits = 80, sec_level_bits;
|
||||
|
||||
if (s->cert->dh_tmp_auto != 2) {
|
||||
if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aPSK)) {
|
||||
if (s->s3->tmp.new_cipher->strength_bits == 256)
|
||||
@ -2464,6 +2465,12 @@ DH *ssl_get_auto_dh(SSL *s)
|
||||
BN_free(g);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* Do not pick a prime that is too weak for the current security level */
|
||||
sec_level_bits = ssl_get_security_level_bits(s, NULL, NULL);
|
||||
if (dh_secbits < sec_level_bits)
|
||||
dh_secbits = sec_level_bits;
|
||||
|
||||
if (dh_secbits >= 192)
|
||||
p = BN_get_rfc3526_prime_8192(NULL);
|
||||
else if (dh_secbits >= 152)
|
||||
|
Loading…
Reference in New Issue
Block a user