Merge OpenSSL 1.1.1e.

This commit is contained in:
Jung-uk Kim 2020-03-18 02:13:12 +00:00
commit 17f01e9963
1473 changed files with 10063 additions and 48549 deletions

View File

@ -36,6 +36,12 @@
# xargs -n1 | sort | uniq -d;
# done
# 20200317: OpenSSL 1.1.1e import
OLD_FILES+=usr/share/openssl/man/man3/EVP_PKEY_security_bits.3.gz
OLD_FILES+=usr/share/openssl/man/man3/EVP_PKEY_size.3.gz
OLD_FILES+=usr/share/openssl/man/man3/X509_LOOKUP_get_method_data.3.gz
OLD_FILES+=usr/share/openssl/man/man3/X509_LOOKUP_get_store.3.gz
OLD_FILES+=usr/share/openssl/man/man3/X509_LOOKUP_set_method_data.3.gz
# 20200310: new clang import which bumps version from 9.0.1 to 10.0.0.
OLD_FILES+=usr/lib/clang/9.0.1/include/cuda_wrappers/algorithm
OLD_FILES+=usr/lib/clang/9.0.1/include/cuda_wrappers/complex

View File

@ -7,6 +7,73 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
Changes between 1.1.1d and 1.1.1e [17 Mar 2020]
*) Properly detect EOF while reading in libssl. Previously if we hit an EOF
while reading in libssl then we would report an error back to the
application (SSL_ERROR_SYSCALL) but errno would be 0. We now add
an error to the stack (which means we instead return SSL_ERROR_SSL) and
therefore give a hint as to what went wrong.
[Matt Caswell]
*) Check that ed25519 and ed448 are allowed by the security level. Previously
signature algorithms not using an MD were not being checked that they were
allowed by the security level.
[Kurt Roeckx]
*) Fixed SSL_get_servername() behaviour. The behaviour of SSL_get_servername()
was not quite right. The behaviour was not consistent between resumption
and normal handshakes, and also not quite consistent with historical
behaviour. The behaviour in various scenarios has been clarified and
it has been updated to make it match historical behaviour as closely as
possible.
[Matt Caswell]
*) [VMS only] The header files that the VMS compilers include automatically,
__DECC_INCLUDE_PROLOGUE.H and __DECC_INCLUDE_EPILOGUE.H, use pragmas that
the C++ compiler doesn't understand. This is a shortcoming in the
compiler, but can be worked around with __cplusplus guards.
C++ applications that use OpenSSL libraries must be compiled using the
qualifier '/NAMES=(AS_IS,SHORTENED)' to be able to use all the OpenSSL
functions. Otherwise, only functions with symbols of less than 31
characters can be used, as the linker will not be able to successfully
resolve symbols with longer names.
[Richard Levitte]
*) Corrected the documentation of the return values from the EVP_DigestSign*
set of functions. The documentation mentioned negative values for some
errors, but this was never the case, so the mention of negative values
was removed.
Code that followed the documentation and thereby check with something
like 'EVP_DigestSignInit(...) <= 0' will continue to work undisturbed.
[Richard Levitte]
*) Fixed an an overflow bug in the x64_64 Montgomery squaring procedure
used in exponentiation with 512-bit moduli. No EC algorithms are
affected. Analysis suggests that attacks against 2-prime RSA1024,
3-prime RSA1536, and DSA1024 as a result of this defect would be very
difficult to perform and are not believed likely. Attacks against DH512
are considered just feasible. However, for an attack the target would
have to re-use the DH512 private key, which is not recommended anyway.
Also applications directly using the low level API BN_mod_exp may be
affected if they use BN_FLG_CONSTTIME.
(CVE-2019-1551)
[Andy Polyakov]
*) Added a new method to gather entropy on VMS, based on SYS$GET_ENTROPY.
The presence of this system service is determined at run-time.
[Richard Levitte]
*) Added newline escaping functionality to a filename when using openssl dgst.
This output format is to replicate the output format found in the '*sum'
checksum programs. This aims to preserve backward compatibility.
[Matt Eaton, Richard Levitte, and Paul Dale]
*) Print all values for a PKCS#12 attribute with 'openssl pkcs12', not just
the first value.
[Jon Spillett]
Changes between 1.1.1c and 1.1.1d [10 Sep 2019]
*) Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random
@ -633,9 +700,9 @@
bytes long. In theory it is permissible in SSLv3 - TLSv1.2 to fragment such
alerts across multiple records (some of which could be empty). In practice
it make no sense to send an empty alert record, or to fragment one. TLSv1.3
prohibts this altogether and other libraries (BoringSSL, NSS) do not
prohibits this altogether and other libraries (BoringSSL, NSS) do not
support this at all. Supporting it adds significant complexity to the
record layer, and its removal is unlikely to cause inter-operability
record layer, and its removal is unlikely to cause interoperability
issues.
[Matt Caswell]
@ -3652,7 +3719,7 @@
implementations).
[Emilia Käsper, Adam Langley, Bodo Moeller (Google)]
*) Use type ossl_ssize_t instad of ssize_t which isn't available on
*) Use type ossl_ssize_t instead of ssize_t which isn't available on
all platforms. Move ssize_t definition from e_os.h to the public
header file e_os2.h as it now appears in public header file cms.h
[Steve Henson]
@ -8373,7 +8440,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
*) New OCSP utility. Allows OCSP requests to be generated or
read. The request can be sent to a responder and the output
parsed, outputed or printed in text form. Not complete yet:
parsed, outputted or printed in text form. Not complete yet:
still needs to check the OCSP response validity.
[Steve Henson]
@ -9368,7 +9435,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
[Andy Polyakov]
*) Modified SSL library such that the verify_callback that has been set
specificly for an SSL object with SSL_set_verify() is actually being
specifically for an SSL object with SSL_set_verify() is actually being
used. Before the change, a verify_callback set with this function was
ignored and the verify_callback() set in the SSL_CTX at the time of
the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
@ -10485,10 +10552,10 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
as other interfaces in OpenSSL, like the BIO interface.
NCONF_dump_* dump the internal storage of the configuration file,
which is useful for debugging. All other functions take the same
arguments as the old CONF_* functions wth the exception of the
arguments as the old CONF_* functions with the exception of the
first that must be a `CONF *' instead of a `LHASH *'.
To make it easer to use the new classes with the old CONF_* functions,
To make it easier to use the new classes with the old CONF_* functions,
the function CONF_set_default_method is provided.
[Richard Levitte]
@ -12331,7 +12398,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
than the old method: it now uses a modified version of Ulf's parser to
read the ANSI prototypes in all header files (thus the old K&R definitions
aren't needed for error creation any more) and do a better job of
translating function codes into names. The old 'ASN1 error code imbedded
translating function codes into names. The old 'ASN1 error code embedded
in a comment' is no longer necessary and it doesn't use .err files which
have now been deleted. Also the error code call doesn't have to appear all
on one line (which resulted in some large lines...).

View File

@ -58,7 +58,7 @@ guidelines:
consider adding a note in CHANGES. This could be a summarising
description of the change, and could explain the grander details.
Have a look through existing entries for inspiration.
Please note that this is NOT simply a copy of git-log oneliners.
Please note that this is NOT simply a copy of git-log one-liners.
Also note that security fixes get an entry in CHANGES.
This file helps users get more in depth information of what comes
with a specific release without having to sift through the higher

View File

@ -1,6 +1,6 @@
#! /usr/bin/env perl
# -*- mode: perl; -*-
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -69,7 +69,15 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lx
# no-sse2 disables IA-32 SSE2 code in assembly modules, the above
# mentioned '386' option implies this one
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
# -<xxx> +<xxx> compiler options are passed through
# -<xxx> +<xxx> All options which are unknown to the 'Configure' script are
# /<xxx> passed through to the compiler. Unix-style options beginning
# with a '-' or '+' are recognized, as well as Windows-style
# options beginning with a '/'. If the option contains arguments
# separated by spaces, then the URL-style notation %20 can be
# used for the space character in order to avoid having to quote
# the option. For example, -opt%20arg gets expanded to -opt arg.
# In fact, any ASCII character can be encoded as %xx using its
# hexadecimal encoding.
# -static while -static is also a pass-through compiler option (and
# as such is limited to environments where it's actually
# meaningful), it triggers a number configuration options,
@ -152,6 +160,10 @@ my @clang_devteam_warn = qw(
-Wmissing-variable-declarations
);
my @cl_devteam_warn = qw(
/WX
);
# This adds backtrace information to the memory leak info. Is only used
# when crypto-mdebug-backtrace is enabled.
my $memleak_devteam_backtrace = "-rdynamic";
@ -346,6 +358,7 @@ my @disablables = (
"dgram",
"dh",
"dsa",
"dso",
"dtls",
"dynamic-engine",
"ec",
@ -423,7 +436,6 @@ my %deprecated_disablables = (
"buf-freelists" => undef,
"ripemd" => "rmd160",
"ui" => "ui-console",
"dso" => "", # Empty string means we're silent about it
);
# All of the following are disabled by default:
@ -480,6 +492,7 @@ my @disable_cascades = (
# Without position independent code, there can be no shared libraries or DSOs
"pic" => [ "shared" ],
"shared" => [ "dynamic-engine" ],
"dso" => [ "dynamic-engine" ],
"engine" => [ "afalgeng", "devcryptoeng" ],
# no-autoalginit is only useful when building non-shared
@ -520,7 +533,7 @@ while ((my $first, my $second) = (shift @list, shift @list)) {
&usage if ($#ARGV < 0);
# For the "make variables" CINCLUDES and CDEFINES, we support lists with
# For the "make variables" CPPINCLUDES and CPPDEFINES, we support lists with
# platform specific list separators. Users from those platforms should
# recognise those separators from how you set up the PATH to find executables.
# The default is the Unix like separator, :, but as an exception, we also
@ -776,7 +789,7 @@ while (@argvcopy)
{
die "FIPS mode not supported\n";
}
elsif (/^[-+]/)
elsif (m|^[-+/]|)
{
if (/^--prefix=(.*)$/)
{
@ -853,11 +866,11 @@ while (@argvcopy)
{
push @{$useradd{LDFLAGS}}, $_;
}
elsif (/^-D(.*)$/)
elsif (m|^[-/]D(.*)$|)
{
push @{$useradd{CPPDEFINES}}, $1;
}
elsif (/^-I(.*)$/)
elsif (m|^[-/]I(.*)$|)
{
push @{$useradd{CPPINCLUDES}}, $1;
}
@ -867,11 +880,23 @@ while (@argvcopy)
}
else # common if (/^[-+]/), just pass down...
{
# Treat %xx as an ASCII code (e.g. replace %20 by a space character).
# This provides a simple way to pass options with arguments separated
# by spaces without quoting (e.g. -opt%20arg translates to -opt arg).
$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
push @{$useradd{CFLAGS}}, $_;
push @{$useradd{CXXFLAGS}}, $_;
}
}
elsif (m|^/|)
{
# Treat %xx as an ASCII code (e.g. replace %20 by a space character).
# This provides a simple way to pass options with arguments separated
# by spaces without quoting (e.g. /opt%20arg translates to /opt arg).
$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
push @{$useradd{CFLAGS}}, $_;
push @{$useradd{CXXFLAGS}}, $_;
}
else
{
die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
@ -949,7 +974,11 @@ foreach (keys %user) {
if (defined $value) {
if (ref $user{$_} eq 'ARRAY') {
if ($_ eq 'CPPDEFINES' || $_ eq 'CPPINCLUDES') {
$user{$_} = [ split /$list_separator_re/, $value ];
} else {
$user{$_} = [ $value ];
}
} elsif (!defined $user{$_}) {
$user{$_} = $value;
}
@ -1162,43 +1191,6 @@ foreach (keys %useradd) {
# Allow overriding the build file name
$config{build_file} = env('BUILDFILE') || $target{build_file} || "Makefile";
my %disabled_info = (); # For configdata.pm
foreach my $what (sort keys %disabled) {
$config{options} .= " no-$what";
if (!grep { $what eq $_ } ( 'buildtest-c++', 'threads', 'shared', 'pic',
'dynamic-engine', 'makedepend',
'zlib-dynamic', 'zlib', 'sse2' )) {
(my $WHAT = uc $what) =~ s|-|_|g;
# Fix up C macro end names
$WHAT = "RMD160" if $what eq "ripemd";
# fix-up crypto/directory name(s)
$what = "ripemd" if $what eq "rmd160";
$what = "whrlpool" if $what eq "whirlpool";
my $macro = $disabled_info{$what}->{macro} = "OPENSSL_NO_$WHAT";
if ((grep { $what eq $_ } @{$config{sdirs}})
&& $what ne 'async' && $what ne 'err') {
@{$config{sdirs}} = grep { $what ne $_} @{$config{sdirs}};
$disabled_info{$what}->{skipped} = [ catdir('crypto', $what) ];
if ($what ne 'engine') {
push @{$config{openssl_algorithm_defines}}, $macro;
} else {
@{$config{dirs}} = grep !/^engines$/, @{$config{dirs}};
push @{$disabled_info{engine}->{skipped}}, catdir('engines');
push @{$config{openssl_other_defines}}, $macro;
}
} else {
push @{$config{openssl_other_defines}}, $macro;
}
}
}
# Make sure build_scheme is consistent.
$target{build_scheme} = [ $target{build_scheme} ]
if ref($target{build_scheme}) ne "ARRAY";
@ -1288,10 +1280,8 @@ if ($target{shared_target} eq "")
}
if ($disabled{"dynamic-engine"}) {
push @{$config{openssl_other_defines}}, "OPENSSL_NO_DYNAMIC_ENGINE";
$config{dynamic_engines} = 0;
} else {
push @{$config{openssl_other_defines}}, "OPENSSL_NO_STATIC_ENGINE";
$config{dynamic_engines} = 1;
}
@ -1375,6 +1365,7 @@ unless ($disabled{asm}) {
}
if ($target{aes_asm_src}) {
push @{$config{lib_defines}}, "AES_ASM" if ($target{aes_asm_src} =~ m/\baes-/);;
push @{$config{lib_defines}}, "AESNI_ASM" if ($target{aes_asm_src} =~ m/\baesni-/);;
# aes-ctr.fake is not a real file, only indication that assembler
# module implements AES_ctr32_encrypt...
push @{$config{lib_defines}}, "AES_CTR_ASM" if ($target{aes_asm_src} =~ s/\s*aes-ctr\.fake//);
@ -1501,12 +1492,21 @@ if ($strict_warnings)
my $wopt;
my $gccver = $predefined_C{__GNUC__} // -1;
warn "WARNING --strict-warnings requires gcc[>=4] or gcc-alike"
unless $gccver >= 4;
if ($gccver >= 4)
{
push @strict_warnings_collection, @gcc_devteam_warn;
push @strict_warnings_collection, @clang_devteam_warn
if (defined($predefined_C{__clang__}));
}
elsif ($config{target} =~ /^VC-/)
{
push @strict_warnings_collection, @cl_devteam_warn;
}
else
{
warn "WARNING --strict-warnings requires gcc[>=4] or gcc-alike, or MSVC"
}
}
if (grep { $_ eq '-static' } @{$config{LDFLAGS}}) {
disable('static', 'pic', 'threads');
@ -1552,7 +1552,20 @@ unless ($disabled{afalgeng}) {
}
}
push @{$config{openssl_other_defines}}, "OPENSSL_NO_AFALGENG" if ($disabled{afalgeng});
unless ($disabled{devcryptoeng}) {
if ($target =~ m/^BSD/) {
my $maxver = 5*100 + 7;
my $sysstr = `uname -s`;
my $verstr = `uname -r`;
$sysstr =~ s|\R$||;
$verstr =~ s|\R$||;
my ($ma, $mi, @rest) = split m|\.|, $verstr;
my $ver = $ma*100 + $mi;
if ($sysstr eq 'OpenBSD' && $ver >= $maxver) {
disable('too-new-kernel', 'devcryptoeng');
}
}
}
# Get the extra flags used when building shared libraries and modules. We
# do this late because some of them depend on %disabled.
@ -1597,6 +1610,49 @@ $target{module_ldflags} = $target{shared_ldflag} unless defined $target{module_l
# ALL MODIFICATIONS TO %disabled, %config and %target MUST BE DONE FROM HERE ON
my %disabled_info = (); # For configdata.pm
foreach my $what (sort keys %disabled) {
$config{options} .= " no-$what";
if (!grep { $what eq $_ } ( 'buildtest-c++', 'threads', 'shared', 'pic',
'dynamic-engine', 'makedepend',
'zlib-dynamic', 'zlib', 'sse2' )) {
(my $WHAT = uc $what) =~ s|-|_|g;
# Fix up C macro end names
$WHAT = "RMD160" if $what eq "ripemd";
# fix-up crypto/directory name(s)
$what = "ripemd" if $what eq "rmd160";
$what = "whrlpool" if $what eq "whirlpool";
my $macro = $disabled_info{$what}->{macro} = "OPENSSL_NO_$WHAT";
if ((grep { $what eq $_ } @{$config{sdirs}})
&& $what ne 'async' && $what ne 'err' && $what ne 'dso') {
@{$config{sdirs}} = grep { $what ne $_} @{$config{sdirs}};
$disabled_info{$what}->{skipped} = [ catdir('crypto', $what) ];
if ($what ne 'engine') {
push @{$config{openssl_algorithm_defines}}, $macro;
} else {
@{$config{dirs}} = grep !/^engines$/, @{$config{dirs}};
push @{$disabled_info{engine}->{skipped}}, catdir('engines');
push @{$config{openssl_other_defines}}, $macro;
}
} else {
push @{$config{openssl_other_defines}}, $macro;
}
}
}
if ($disabled{"dynamic-engine"}) {
push @{$config{openssl_other_defines}}, "OPENSSL_NO_DYNAMIC_ENGINE";
} else {
push @{$config{openssl_other_defines}}, "OPENSSL_NO_STATIC_ENGINE";
}
# If we use the unified build, collect information from build.info files
my %unified_info = ();

View File

@ -351,6 +351,9 @@
Don't build support for datagram based BIOs. Selecting this
option will also force the disabling of DTLS.
no-dso
Don't build support for loading Dynamic Shared Objects.
enable-devcryptoeng
Build the /dev/crypto engine. It is automatically selected
on BSD implementations, in which case it can be disabled with
@ -605,10 +608,19 @@
Take note of the VAR=value documentation below and how
these flags interact with those variables.
-xxx, +xxx
-xxx, +xxx, /xxx
Additional options that are not otherwise recognised are
passed through as they are to the compiler as well. Again,
consult your compiler documentation.
passed through as they are to the compiler as well.
Unix-style options beginning with a '-' or '+' and
Windows-style options beginning with a '/' are recognized.
Again, consult your compiler documentation.
If the option contains arguments separated by spaces,
then the URL-style notation %20 can be used for the space
character in order to avoid having to quote the option.
For example, -opt%20arg gets expanded to -opt arg.
In fact, any ASCII character can be encoded as %xx using its
hexadecimal encoding.
Take note of the VAR=value documentation below and how
these flags interact with those variables.
@ -1071,7 +1083,7 @@
HASHBANGPERL
The command string for the Perl executable to insert in the
#! line of perl scripts that will be publically installed.
#! line of perl scripts that will be publicly installed.
Default: /usr/bin/env perl
Note: the value of this variable is added to the same scripts
on all platforms, but it's only relevant on Unix-like platforms.

View File

@ -5,6 +5,11 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [17 Mar 2020]
o Fixed an overflow bug in the x64_64 Montgomery squaring procedure
used in exponentiation with 512-bit moduli (CVE-2019-1551)
Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019]
o Fixed a fork protection issue (CVE-2019-1549)

View File

@ -1,5 +1,5 @@
OpenSSL 1.1.1d 10 Sep 2019
OpenSSL 1.1.1e 17 Mar 2020
Copyright (c) 1998-2019 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

View File

@ -1962,26 +1962,46 @@ unsigned char *next_protos_parse(size_t *outlen, const char *in)
size_t len;
unsigned char *out;
size_t i, start = 0;
size_t skipped = 0;
len = strlen(in);
if (len >= 65535)
if (len == 0 || len >= 65535)
return NULL;
out = app_malloc(strlen(in) + 1, "NPN buffer");
out = app_malloc(len + 1, "NPN buffer");
for (i = 0; i <= len; ++i) {
if (i == len || in[i] == ',') {
/*
* Zero-length ALPN elements are invalid on the wire, we could be
* strict and reject the entire string, but just ignoring extra
* commas seems harmless and more friendly.
*
* Every comma we skip in this way puts the input buffer another
* byte ahead of the output buffer, so all stores into the output
* buffer need to be decremented by the number commas skipped.
*/
if (i == start) {
++start;
++skipped;
continue;
}
if (i - start > 255) {
OPENSSL_free(out);
return NULL;
}
out[start] = (unsigned char)(i - start);
out[start-skipped] = (unsigned char)(i - start);
start = i + 1;
} else {
out[i + 1] = in[i];
out[i + 1 - skipped] = in[i];
}
}
*outlen = len + 1;
if (len <= skipped) {
OPENSSL_free(out);
return NULL;
}
*outlen = len + 1 - skipped;
return out;
}

View File

@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
#ifndef HEADER_APPS_H
# define HEADER_APPS_H
#ifndef OSSL_APPS_H
# define OSSL_APPS_H
# include "e_os.h" /* struct timeval for DTLS */
# include "internal/nelem.h"

View File

@ -19,6 +19,7 @@
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/hmac.h>
#include <ctype.h>
#undef BUFSIZE
#define BUFSIZE 1024*8
@ -27,9 +28,15 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
EVP_PKEY *key, unsigned char *sigin, int siglen,
const char *sig_name, const char *md_name,
const char *file);
static void show_digests(const OBJ_NAME *name, void *bio_);
struct doall_dgst_digests {
BIO *bio;
int n;
};
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_LIST,
OPT_C, OPT_R, OPT_OUT, OPT_SIGN, OPT_PASSIN, OPT_VERIFY,
OPT_PRVERIFY, OPT_SIGNATURE, OPT_KEYFORM, OPT_ENGINE, OPT_ENGINE_IMPL,
OPT_HEX, OPT_BINARY, OPT_DEBUG, OPT_FIPS_FINGERPRINT,
@ -43,6 +50,7 @@ const OPTIONS dgst_options[] = {
{OPT_HELP_STR, 1, '-',
" file... files to digest (default is stdin)\n"},
{"help", OPT_HELP, '-', "Display this summary"},
{"list", OPT_LIST, '-', "List digests"},
{"c", OPT_C, '-', "Print the digest with separating colons"},
{"r", OPT_R, '-', "Print the digest in coreutils format"},
{"out", OPT_OUT, '>', "Output to filename rather than stdout"},
@ -91,6 +99,7 @@ int dgst_main(int argc, char **argv)
int i, ret = 1, out_bin = -1, want_pub = 0, do_verify = 0;
unsigned char *buf = NULL, *sigbuf = NULL;
int engine_impl = 0;
struct doall_dgst_digests dec;
prog = opt_progname(argv[0]);
buf = app_malloc(BUFSIZE, "I/O buffer");
@ -108,6 +117,15 @@ int dgst_main(int argc, char **argv)
opt_help(dgst_options);
ret = 0;
goto end;
case OPT_LIST:
BIO_printf(bio_out, "Supported digests:\n");
dec.bio = bio_out;
dec.n = 0;
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH,
show_digests, &dec);
BIO_printf(bio_out, "\n");
ret = 0;
goto end;
case OPT_C:
separator = 1;
break;
@ -413,20 +431,86 @@ int dgst_main(int argc, char **argv)
return ret;
}
static void show_digests(const OBJ_NAME *name, void *arg)
{
struct doall_dgst_digests *dec = (struct doall_dgst_digests *)arg;
const EVP_MD *md = NULL;
/* Filter out signed digests (a.k.a signature algorithms) */
if (strstr(name->name, "rsa") != NULL || strstr(name->name, "RSA") != NULL)
return;
if (!islower((unsigned char)*name->name))
return;
/* Filter out message digests that we cannot use */
md = EVP_get_digestbyname(name->name);
if (md == NULL)
return;
BIO_printf(dec->bio, "-%-25s", name->name);
if (++dec->n == 3) {
BIO_printf(dec->bio, "\n");
dec->n = 0;
} else {
BIO_printf(dec->bio, " ");
}
}
/*
* The newline_escape_filename function performs newline escaping for any
* filename that contains a newline. This function also takes a pointer
* to backslash. The backslash pointer is a flag to indicating whether a newline
* is present in the filename. If a newline is present, the backslash flag is
* set and the output format will contain a backslash at the beginning of the
* digest output. This output format is to replicate the output format found
* in the '*sum' checksum programs. This aims to preserve backward
* compatibility.
*/
static const char *newline_escape_filename(const char *file, int * backslash)
{
size_t i, e = 0, length = strlen(file), newline_count = 0, mem_len = 0;
char *file_cpy = NULL;
for (i = 0; i < length; i++)
if (file[i] == '\n')
newline_count++;
mem_len = length + newline_count + 1;
file_cpy = app_malloc(mem_len, file);
i = 0;
while(e < length) {
const char c = file[e];
if (c == '\n') {
file_cpy[i++] = '\\';
file_cpy[i++] = 'n';
*backslash = 1;
} else {
file_cpy[i++] = c;
}
e++;
}
file_cpy[i] = '\0';
return (const char*)file_cpy;
}
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
EVP_PKEY *key, unsigned char *sigin, int siglen,
const char *sig_name, const char *md_name,
const char *file)
{
size_t len;
int i;
size_t len = BUFSIZE;
int i, backslash = 0, ret = 1;
unsigned char *sigbuf = NULL;
while (BIO_pending(bp) || !BIO_eof(bp)) {
i = BIO_read(bp, (char *)buf, BUFSIZE);
if (i < 0) {
BIO_printf(bio_err, "Read Error in %s\n", file);
ERR_print_errors(bio_err);
return 1;
goto end;
}
if (i == 0)
break;
@ -439,37 +523,51 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
BIO_printf(out, "Verified OK\n");
} else if (i == 0) {
BIO_printf(out, "Verification Failure\n");
return 1;
goto end;
} else {
BIO_printf(bio_err, "Error Verifying Data\n");
ERR_print_errors(bio_err);
return 1;
goto end;
}
return 0;
ret = 0;
goto end;
}
if (key != NULL) {
EVP_MD_CTX *ctx;
int pkey_len;
BIO_get_md_ctx(bp, &ctx);
len = BUFSIZE;
pkey_len = EVP_PKEY_size(key);
if (pkey_len > BUFSIZE) {
len = pkey_len;
sigbuf = app_malloc(len, "Signature buffer");
buf = sigbuf;
}
if (!EVP_DigestSignFinal(ctx, buf, &len)) {
BIO_printf(bio_err, "Error Signing Data\n");
ERR_print_errors(bio_err);
return 1;
goto end;
}
} else {
len = BIO_gets(bp, (char *)buf, BUFSIZE);
if ((int)len < 0) {
ERR_print_errors(bio_err);
return 1;
goto end;
}
}
if (binout) {
BIO_write(out, buf, len);
} else if (sep == 2) {
file = newline_escape_filename(file, &backslash);
if (backslash == 1)
BIO_puts(out, "\\");
for (i = 0; i < (int)len; i++)
BIO_printf(out, "%02x", buf[i]);
BIO_printf(out, " *%s\n", file);
OPENSSL_free((char *)file);
} else {
if (sig_name != NULL) {
BIO_puts(out, sig_name);
@ -488,5 +586,11 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
}
BIO_printf(out, "\n");
}
return 0;
ret = 0;
end:
if (sigbuf != NULL)
OPENSSL_clear_free(sigbuf, len);
return ret;
}

View File

@ -50,7 +50,8 @@ typedef enum OPTION_choice {
const OPTIONS enc_options[] = {
{"help", OPT_HELP, '-', "Display this summary"},
{"ciphers", OPT_LIST, '-', "List ciphers"},
{"list", OPT_LIST, '-', "List ciphers"},
{"ciphers", OPT_LIST, '-', "Alias for -list"},
{"in", OPT_IN, '<', "Input file"},
{"out", OPT_OUT, '>', "Output file"},
{"pass", OPT_PASS, 's', "Passphrase source"},

View File

@ -114,7 +114,7 @@ static int acfd = (int) INVALID_SOCKET;
static int index_changed(CA_DB *);
static void spawn_loop(void);
static int print_syslog(const char *str, size_t len, void *levPtr);
static void sock_timeout(int signum);
static void socket_timeout(int signum);
# endif
# ifndef OPENSSL_NO_SOCK
@ -597,7 +597,7 @@ int ocsp_main(int argc, char **argv)
if (multi && acbio != NULL)
spawn_loop();
if (acbio != NULL && req_timeout > 0)
signal(SIGALRM, sock_timeout);
signal(SIGALRM, socket_timeout);
#endif
if (acbio != NULL)
@ -1352,7 +1352,7 @@ static int urldecode(char *p)
# endif
# ifdef OCSP_DAEMON
static void sock_timeout(int signum)
static void socket_timeout(int signum)
{
if (acfd != (int)INVALID_SOCKET)
(void)shutdown(acfd, SHUT_RD);

View File

@ -164,6 +164,13 @@ int main(int argc, char *argv[])
}
prog = prog_init();
if (prog == NULL) {
BIO_printf(bio_err,
"FATAL: Startup failure (dev note: prog_init() failed)\n");
ERR_print_errors(bio_err);
ret = 1;
goto end;
}
pname = opt_progname(argv[0]);
/* first check the program name */

View File

@ -807,7 +807,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
(*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */
(*salt_p)[i] = 0;
# ifdef CHARSET_EBCDIC
/* The password encryption funtion will convert back to ASCII */
/* The password encryption function will convert back to ASCII */
ascii2ebcdic(*salt_p, *salt_p, saltlen);
# endif
}

View File

@ -41,6 +41,7 @@ int dump_certs_pkeys_bags(BIO *out, const STACK_OF(PKCS12_SAFEBAG) *bags,
int dump_certs_pkeys_bag(BIO *out, const PKCS12_SAFEBAG *bags,
const char *pass, int passlen,
int options, char *pempass, const EVP_CIPHER *enc);
void print_attribute(BIO *out, const ASN1_TYPE *av);
int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst,
const char *name);
void hex_prin(BIO *out, unsigned char *buf, int len);
@ -878,39 +879,12 @@ int cert_load(BIO *in, STACK_OF(X509) *sk)
return ret;
}
/* Generalised attribute print: handle PKCS#8 and bag attributes */
/* Generalised x509 attribute value print */
int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst,
const char *name)
void print_attribute(BIO *out, const ASN1_TYPE *av)
{
X509_ATTRIBUTE *attr;
ASN1_TYPE *av;
char *value;
int i, attr_nid;
if (!attrlst) {
BIO_printf(out, "%s: <No Attributes>\n", name);
return 1;
}
if (!sk_X509_ATTRIBUTE_num(attrlst)) {
BIO_printf(out, "%s: <Empty Attributes>\n", name);
return 1;
}
BIO_printf(out, "%s\n", name);
for (i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) {
ASN1_OBJECT *attr_obj;
attr = sk_X509_ATTRIBUTE_value(attrlst, i);
attr_obj = X509_ATTRIBUTE_get0_object(attr);
attr_nid = OBJ_obj2nid(attr_obj);
BIO_printf(out, " ");
if (attr_nid == NID_undef) {
i2a_ASN1_OBJECT(out, attr_obj);
BIO_printf(out, ": ");
} else {
BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid));
}
if (X509_ATTRIBUTE_count(attr)) {
av = X509_ATTRIBUTE_get0_type(attr, 0);
switch (av->type) {
case V_ASN1_BMPSTRING:
value = OPENSSL_uni2asc(av->value.bmpstring->data,
@ -935,6 +909,44 @@ int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst,
BIO_printf(out, "<Unsupported tag %d>\n", av->type);
break;
}
}
/* Generalised attribute print: handle PKCS#8 and bag attributes */
int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst,
const char *name)
{
X509_ATTRIBUTE *attr;
ASN1_TYPE *av;
int i, j, attr_nid;
if (!attrlst) {
BIO_printf(out, "%s: <No Attributes>\n", name);
return 1;
}
if (!sk_X509_ATTRIBUTE_num(attrlst)) {
BIO_printf(out, "%s: <Empty Attributes>\n", name);
return 1;
}
BIO_printf(out, "%s\n", name);
for (i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) {
ASN1_OBJECT *attr_obj;
attr = sk_X509_ATTRIBUTE_value(attrlst, i);
attr_obj = X509_ATTRIBUTE_get0_object(attr);
attr_nid = OBJ_obj2nid(attr_obj);
BIO_printf(out, " ");
if (attr_nid == NID_undef) {
i2a_ASN1_OBJECT(out, attr_obj);
BIO_printf(out, ": ");
} else {
BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid));
}
if (X509_ATTRIBUTE_count(attr)) {
for (j = 0; j < X509_ATTRIBUTE_count(attr); j++)
{
av = X509_ATTRIBUTE_get0_type(attr, j);
print_attribute(out, av);
}
} else {
BIO_printf(out, "<No Values>\n");
}

View File

@ -1,5 +1,5 @@
/*
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -299,8 +299,7 @@ int pkeyutl_main(int argc, char **argv)
/* Sanity check the input */
if (buf_inlen > EVP_MAX_MD_SIZE
&& (pkey_op == EVP_PKEY_OP_SIGN
|| pkey_op == EVP_PKEY_OP_VERIFY
|| pkey_op == EVP_PKEY_OP_VERIFYRECOVER)) {
|| pkey_op == EVP_PKEY_OP_VERIFY)) {
BIO_printf(bio_err,
"Error: The input data looks too long to be a hash\n");
goto end;

View File

@ -200,9 +200,12 @@ static int duplicated(LHASH_OF(OPENSSL_STRING) *addexts, char *kv)
*p = '\0';
/* Finally have a clean "key"; see if it's there [by attempt to add it]. */
if ((p = (char *)lh_OPENSSL_STRING_insert(addexts, (OPENSSL_STRING*)kv))
!= NULL || lh_OPENSSL_STRING_error(addexts)) {
OPENSSL_free(p != NULL ? p : kv);
p = (char *)lh_OPENSSL_STRING_insert(addexts, (OPENSSL_STRING*)kv);
if (p != NULL) {
OPENSSL_free(p);
return 1;
} else if (lh_OPENSSL_STRING_error(addexts)) {
OPENSSL_free(kv);
return -1;
}
@ -435,12 +438,14 @@ int req_main(int argc, char **argv)
if (verbose)
BIO_printf(bio_err, "Using configuration from %s\n", template);
req_conf = app_load_config(template);
if ((req_conf = app_load_config(template)) == NULL)
goto end;
if (addext_bio) {
if (verbose)
BIO_printf(bio_err,
"Using additional configuration from command line\n");
addext_conf = app_load_config_bio(addext_bio, NULL);
if ((addext_conf = app_load_config_bio(addext_bio, NULL)) == NULL)
goto end;
}
if (template != default_config_file && !app_load_modules(req_conf))
goto end;

View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -188,6 +188,7 @@ static STRINT_PAIR cert_type_list[] = {
{"RSA fixed ECDH", TLS_CT_RSA_FIXED_ECDH},
{"ECDSA fixed ECDH", TLS_CT_ECDSA_FIXED_ECDH},
{"GOST01 Sign", TLS_CT_GOST01_SIGN},
{"GOST12 Sign", TLS_CT_GOST12_SIGN},
{NULL}
};

View File

@ -180,9 +180,6 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
}
#endif
#define TLS13_AES_128_GCM_SHA256_BYTES ((const unsigned char *)"\x13\x01")
#define TLS13_AES_256_GCM_SHA384_BYTES ((const unsigned char *)"\x13\x02")
static int psk_find_session_cb(SSL *ssl, const unsigned char *identity,
size_t identity_len, SSL_SESSION **sess)
{
@ -3208,6 +3205,12 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
if (e[0] == ' ')
break;
if (e[0] == ':') {
/* Windows drive. We treat this the same way as ".." */
dot = -1;
break;
}
switch (dot) {
case 1:
dot = (e[0] == '.') ? 2 : 0;
@ -3216,11 +3219,11 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
dot = (e[0] == '.') ? 3 : 0;
break;
case 3:
dot = (e[0] == '/') ? -1 : 0;
dot = (e[0] == '/' || e[0] == '\\') ? -1 : 0;
break;
}
if (dot == 0)
dot = (e[0] == '/') ? 1 : 0;
dot = (e[0] == '/' || e[0] == '\\') ? 1 : 0;
}
dot = (dot == 3) || (dot == -1); /* filename contains ".."
* component */
@ -3234,11 +3237,11 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
if (dot) {
BIO_puts(io, text);
BIO_printf(io, "'%s' contains '..' reference\r\n", p);
BIO_printf(io, "'%s' contains '..' or ':'\r\n", p);
break;
}
if (*p == '/') {
if (*p == '/' || *p == '\\') {
BIO_puts(io, text);
BIO_printf(io, "'%s' is an invalid path\r\n", p);
break;

View File

@ -1,52 +1,47 @@
subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert
issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
-----BEGIN CERTIFICATE-----
MIID5zCCAs+gAwIBAgIJALnu1NlVpZ6zMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
ZWRpYXRlIENBMB4XDTExMTIwODE0MDE0OFoXDTIxMTAxNjE0MDE0OFowZDELMAkG
A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgU2VydmVyIENlcnQw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzhPOSNtyyRspmeuUpxfNJ
KCLTuf7g3uQ4zu4iHOmRO5TQci+HhVlLZrHF9XqFXcIP0y4pWDbMSGuiorUmzmfi
R7bfSdI/+qIQt8KXRH6HNG1t8ou0VSvWId5TS5Dq/er5ODUr9OaaDva7EquHIcMv
vPQGuI+OEAcnleVCy9HVEIySrO4P3CNIicnGkwwiAud05yUAq/gPXBC1hTtmlPD7
TVcGVSEiJdvzqqlgv02qedGrkki6GY4S7GjZxrrf7Foc2EP+51LJzwLQx3/JfrCU
41NEWAsu/Sl0tQabXESN+zJ1pDqoZ3uHMgpQjeGiE0olr+YcsSW/tJmiU9OiAr8R
AgMBAAGjgY8wgYwwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwLAYJYIZI
AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
BBSCvM8AABPR9zklmifnr9LvIBturDAfBgNVHSMEGDAWgBQ2w2yI55X+sL3szj49
hqshgYfa2jANBgkqhkiG9w0BAQUFAAOCAQEAqb1NV0B0/pbpK9Z4/bNjzPQLTRLK
WnSNm/Jh5v0GEUOE/Beg7GNjNrmeNmqxAlpqWz9qoeoFZax+QBpIZYjROU3TS3fp
yLsrnlr0CDQ5R7kCCDGa8dkXxemmpZZLbUCpW2Uoy8sAA4JjN9OtsZY7dvUXFgJ7
vVNTRnI01ghknbtD+2SxSQd3CWF6QhcRMAzZJ1z1cbbwGDDzfvGFPzJ+Sq+zEPds
xoVLLSetCiBc+40ZcDS5dV98h9XD7JMTQfxzA7mNGv73JoZJA6nFgj+ADSlJsY/t
JBv+z1iQRueoh9Qeee+ZbRifPouCB8FDx+AltvHTANdAq0t/K3o+pplMVA==
MIIDJTCCAg2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNDIyMjk0NloYDzIxMTYwMTE1MjIyOTQ2WjAZMRcwFQYDVQQD
DA5zZXJ2ZXIuZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANVdYGrf/GHuSKqMEUhDpW22Ul2qmEmxYZI1sfw6BCUMbXn/tNXJ6VwcO+Crs7h9
o95tveDd11q/FEcRQl6mgtBhwX/dE0bmCYUHDvLU/Bpk0gqtIKsga5bwrczEGVNV
3AEdpLPvirRJU12KBRzx3OFEv8XX4ncZV1yXC3XuiENxD8pswbSyUKd3RmxYDxG/
8XYkWq45QrdRZynh0FUwbxfkkeqt+CjCQ2+iZKn7nZiSYkg+6w1PgkqK/z9y7pa1
rqHBmLrvfZB1bf9aUp6r9cB+0IdD24UHBw99OHr90dPuZR3T6jlqhzfuStPgDW71
cKzCvfFu85KVXqnwoWWVk40CAwEAAaN9MHswHQYDVR0OBBYEFMDnhL/oWSczELBS
T1FSLwbWwHrNMB8GA1UdIwQYMBaAFHB/Lq6DaFmYBCMqzes+F80k3QFJMAkGA1Ud
EwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGQYDVR0RBBIwEIIOc2VydmVyLmV4
YW1wbGUwDQYJKoZIhvcNAQELBQADggEBAHvTBEN1ig8RrsT716Ginv4gGNX0LzGI
RrZ1jO7lm5emuaPNYJpGw0iX5Zdo91qGNXPZaZ75X3S55pQTActq3OPEBOll2pyk
iyjz+Zp/v5cfRZLlBbFW5gv2R94eibYr4U3fSn4B0yPcl4xH/l/HzJhGDsSDW8qK
8VIJvmvsPwmL0JMCv+FR59F+NFYZdND/KCXet59WUpF9ICmFCoBEX3EyJXEPwhbi
X2sdPzJbCjx0HLli8e0HUKNttLQxCsBTRGo6iISLLamwN47mGDa9miBADwGSiz2q
YeeuLO02zToHhnQ6KbPXOrQAqcL1kngO4g+j/ru+4AZThFkdkGnltvk=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA84TzkjbcskbKZnrlKcXzSSgi07n+4N7kOM7uIhzpkTuU0HIv
h4VZS2axxfV6hV3CD9MuKVg2zEhroqK1Js5n4ke230nSP/qiELfCl0R+hzRtbfKL
tFUr1iHeU0uQ6v3q+Tg1K/Tmmg72uxKrhyHDL7z0BriPjhAHJ5XlQsvR1RCMkqzu
D9wjSInJxpMMIgLndOclAKv4D1wQtYU7ZpTw+01XBlUhIiXb86qpYL9NqnnRq5JI
uhmOEuxo2ca63+xaHNhD/udSyc8C0Md/yX6wlONTRFgLLv0pdLUGm1xEjfsydaQ6
qGd7hzIKUI3hohNKJa/mHLElv7SZolPTogK/EQIDAQABAoIBAADq9FwNtuE5IRQn
zGtO4q7Y5uCzZ8GDNYr9RKp+P2cbuWDbvVAecYq2NV9QoIiWJOAYZKklOvekIju3
r0UZLA0PRiIrTg6NrESx3JrjWDK8QNlUO7CPTZ39/K+FrmMkV9lem9yxjJjyC34D
AQB+YRTx+l14HppjdxNwHjAVQpIx/uO2F5xAMuk32+3K+pq9CZUtrofe1q4Agj9R
5s8mSy9pbRo9kW9wl5xdEotz1LivFOEiqPUJTUq5J5PeMKao3vdK726XI4Z455Nm
W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH
674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg
utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY
BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX
4qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a
WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8
bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH
6ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex
4UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa
WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g
n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB
JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+
OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX
xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK
UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ==
-----END RSA PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVXWBq3/xh7kiq
jBFIQ6VttlJdqphJsWGSNbH8OgQlDG15/7TVyelcHDvgq7O4faPebb3g3ddavxRH
EUJepoLQYcF/3RNG5gmFBw7y1PwaZNIKrSCrIGuW8K3MxBlTVdwBHaSz74q0SVNd
igUc8dzhRL/F1+J3GVdclwt17ohDcQ/KbMG0slCnd0ZsWA8Rv/F2JFquOUK3UWcp
4dBVMG8X5JHqrfgowkNvomSp+52YkmJIPusNT4JKiv8/cu6Wta6hwZi6732QdW3/
WlKeq/XAftCHQ9uFBwcPfTh6/dHT7mUd0+o5aoc37krT4A1u9XCswr3xbvOSlV6p
8KFllZONAgMBAAECggEADLTt7A+A2Vg2jamf0dztejY0e42QWjstI2b9PZc67fXq
gyx+WYkX07t+uWegYWliG/oPJ9guXiIpE/5sJHToL37S5kmFP2CtynVcJ4wVo4DD
nY0n9+kLX0bgIuS+2V6wpoRcbbbjXM9NHrH8kfe5ftT4UtEDlLI2qLX6IcDd7p4u
OYjILChR8GSGTw96yIy2Ws/1Uq9PMw64JoT4RcK5QqnkcPMDFRH1SeLOL+zXP2c4
nEl9yOy3HauZKxwl/Ry/XK1s3DdjopIAU29ut+hAuMiTb06kzZnumL9NoplKoZtU
otw/gVcCKhT+Ep+p6i8InLF0XEME8A0qUR0niWebgQKBgQD6vkxR49B8ZZQrzjw4
XKs1lI9cP7cgPiuWlDHMNjYou3WbOaGrMeScvbB1Ldh9A8pjAhxlw8AaV/xs4qcA
trmVmSISVMVyc1wSGlJXWi2nUzTNs9OE3vj22SyStihf8UUZtWwX2b5Y4JrYhA/V
+ThGGqHR03oLNLShNLtJc2c7YQKBgQDZ1nkibEyrepexw/fnwkw61IJKq9wRIh1G
PREakhbe9wU5ie0knuf9razt7awzQiwFmlixmWqsM7UEtLuXNnNPciwdrKhhbvrd
vD/rkbIEHEPllIhFlDtOzn3hRBWTzWmXFjpou/2LvHTSbVis4IYVZymTp2jb1ZLs
7VbiG9JTrQKBgQDc6n75g1szzpdehQT/r33U5j/syeJBUSU8NPMu9fB/sLHsgjlT
SNEf2+y1QSBE/Or6kmiMrIv7advn30W+Vj9qc5HWTsPrk4HiHTjA553jl2alebN5
lK4LZspjtIQcC8mS3goPdXPEgJdM/gWpwzr2YQ6DfOxBJT2j7n64NyoT4QKBgH7/
yx+GhCx1DHtXBPDZFhg2TL+78lEK0oZgk9gp06up2CHzh44SFq6O0oLkTcCUk5Ww
poTkLIy4mJBlzfgahp+KsK2cO46SZS9g0ONFzcMXt33hWpE2Gl2XhUwPpYTF/QlY
rDTjZK5S8Mi9dzVSsNlJi7PJphiEK2R1+nFYRwcBAoGBANWoIG85jpXAOnq/Kcgx
Rl3YivR0Ke6r1tFlP58rT7X3EkiboXyQl5vLIFCAwUte6RGrLl1dy3Qyh80B9ySL
Jx6vj42CK7vgv6A96TuVYhnXTnEI6ZvwAQ2VGaw4BizhjALs/kdSE/og9aSCs3ws
KQypwAFz0tbHxaNag/bSAN0J
-----END PRIVATE KEY-----

View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
@ -1242,8 +1242,6 @@ static int run_benchmark(int async_jobs,
OSSL_ASYNC_FD job_fd = 0;
size_t num_job_fds = 0;
run = 1;
if (async_jobs == 0) {
return loop_function((void *)&loopargs);
}
@ -2412,7 +2410,7 @@ int speed_main(int argc, char **argv)
print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
lengths[testnum], seconds.sym);
Time_F(START);
for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
for (count = 0; COND(c[D_CBC_128_CML][testnum]); count++)
Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
(size_t)lengths[testnum], &camellia_ks1,
iv, CAMELLIA_ENCRYPT);
@ -2434,7 +2432,7 @@ int speed_main(int argc, char **argv)
exit(1);
}
Time_F(START);
for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
for (count = 0; COND(c[D_CBC_192_CML][testnum]); count++)
Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
(size_t)lengths[testnum], &camellia_ks2,
iv, CAMELLIA_ENCRYPT);
@ -2452,7 +2450,7 @@ int speed_main(int argc, char **argv)
print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
lengths[testnum], seconds.sym);
Time_F(START);
for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
for (count = 0; COND(c[D_CBC_256_CML][testnum]); count++)
Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
(size_t)lengths[testnum], &camellia_ks3,
iv, CAMELLIA_ENCRYPT);
@ -2472,7 +2470,7 @@ int speed_main(int argc, char **argv)
print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
lengths[testnum], seconds.sym);
Time_F(START);
for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
for (count = 0; COND(c[D_CBC_IDEA][testnum]); count++)
IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
(size_t)lengths[testnum], &idea_ks,
iv, IDEA_ENCRYPT);
@ -2492,7 +2490,7 @@ int speed_main(int argc, char **argv)
print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
lengths[testnum], seconds.sym);
Time_F(START);
for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
for (count = 0; COND(c[D_CBC_SEED][testnum]); count++)
SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
(size_t)lengths[testnum], &seed_ks, iv, 1);
d = Time_F(STOP);
@ -2515,7 +2513,7 @@ int speed_main(int argc, char **argv)
exit(1);
}
Time_F(START);
for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
for (count = 0; COND(c[D_CBC_RC2][testnum]); count++)
RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
(size_t)lengths[testnum], &rc2_ks,
iv, RC2_ENCRYPT);
@ -2539,7 +2537,7 @@ int speed_main(int argc, char **argv)
exit(1);
}
Time_F(START);
for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
for (count = 0; COND(c[D_CBC_RC5][testnum]); count++)
RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
(size_t)lengths[testnum], &rc5_ks,
iv, RC5_ENCRYPT);
@ -2559,7 +2557,7 @@ int speed_main(int argc, char **argv)
print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
lengths[testnum], seconds.sym);
Time_F(START);
for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
for (count = 0; COND(c[D_CBC_BF][testnum]); count++)
BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
(size_t)lengths[testnum], &bf_ks,
iv, BF_ENCRYPT);
@ -2579,7 +2577,7 @@ int speed_main(int argc, char **argv)
print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
lengths[testnum], seconds.sym);
Time_F(START);
for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
for (count = 0; COND(c[D_CBC_CAST][testnum]); count++)
CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
(size_t)lengths[testnum], &cast_ks,
iv, CAST_ENCRYPT);
@ -3006,7 +3004,7 @@ int speed_main(int argc, char **argv)
pctx = NULL;
}
if (kctx == NULL || /* keygen ctx is not null */
!EVP_PKEY_keygen_init(kctx) /* init keygen ctx */ ) {
EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
ecdh_checks = 0;
BIO_printf(bio_err, "ECDH keygen failure.\n");
ERR_print_errors(bio_err);
@ -3014,12 +3012,12 @@ int speed_main(int argc, char **argv)
break;
}
if (!EVP_PKEY_keygen(kctx, &key_A) || /* generate secret key A */
!EVP_PKEY_keygen(kctx, &key_B) || /* generate secret key B */
if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
!(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
!EVP_PKEY_derive_init(ctx) || /* init derivation ctx */
!EVP_PKEY_derive_set_peer(ctx, key_B) || /* set peer pubkey in ctx */
!EVP_PKEY_derive(ctx, NULL, &outlen) || /* determine max length */
EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
outlen == 0 || /* ensure outlen is a valid size */
outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
ecdh_checks = 0;
@ -3106,8 +3104,8 @@ int speed_main(int argc, char **argv)
if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
== NULL
|| !EVP_PKEY_keygen_init(ed_pctx)
|| !EVP_PKEY_keygen(ed_pctx, &ed_pkey)) {
|| EVP_PKEY_keygen_init(ed_pctx) <= 0
|| EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
st = 0;
EVP_PKEY_CTX_free(ed_pctx);
break;
@ -3395,6 +3393,7 @@ static void print_message(const char *s, long num, int length, int tm)
mr ? "+DT:%s:%d:%d\n"
: "Doing %s for %ds on %d size blocks: ", s, tm, length);
(void)BIO_flush(bio_err);
run = 1;
alarm(tm);
#else
BIO_printf(bio_err,
@ -3412,6 +3411,7 @@ static void pkey_print_message(const char *str, const char *str2, long num,
mr ? "+DTP:%d:%s:%s:%d\n"
: "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
(void)BIO_flush(bio_err);
run = 1;
alarm(tm);
#else
BIO_printf(bio_err,
@ -3584,6 +3584,7 @@ static int do_multi(int multi, int size_num)
p = buf + 4;
k = atoi(sstrsep(&p, sep));
sstrsep(&p, sep);
sstrsep(&p, sep);
d = atof(sstrsep(&p, sep));
eddsa_results[k][0] += d;
@ -3641,7 +3642,7 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
for (j = 0; j < num; j++) {
print_message(alg_name, 0, mblengths[j], seconds->sym);
Time_F(START);
for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
for (count = 0; run && count < 0x7fffffff; count++) {
unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
size_t len = mblengths[j];

View File

@ -7,11 +7,11 @@
* https://www.openssl.org/source/license.html
*/
#ifndef INCLUDED_TIMEOUTS_H
# define INCLUDED_TIMEOUTS_H
#ifndef OSSL_APPS_TIMEOUTS_H
# define OSSL_APPS_TIMEOUTS_H
/* numbers in us */
# define DGRAM_RCV_TIMEOUT 250000
# define DGRAM_SND_TIMEOUT 250000
#endif /* ! INCLUDED_TIMEOUTS_H */
#endif /* ! OSSL_APPS_TIMEOUTS_H */

View File

@ -282,7 +282,8 @@ int ts_main(int argc, char **argv)
goto end;
}
conf = load_config_file(configfile);
if ((conf = load_config_file(configfile)) == NULL)
goto end;
if (configfile != default_config_file && !app_load_modules(conf))
goto end;

View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -72,7 +72,7 @@ const OPTIONS x509_options[] = {
{"outform", OPT_OUTFORM, 'f',
"Output format - default PEM (one of DER or PEM)"},
{"out", OPT_OUT, '>', "Output file - default stdout"},
{"keyform", OPT_KEYFORM, 'F', "Private key format - default PEM"},
{"keyform", OPT_KEYFORM, 'E', "Private key format - default PEM"},
{"passin", OPT_PASSIN, 's', "Private key password/pass-phrase source"},
{"serial", OPT_SERIAL, '-', "Print serial number value"},
{"subject_hash", OPT_HASH, '-', "Print subject hash value"},
@ -107,7 +107,7 @@ const OPTIONS x509_options[] = {
{"checkend", OPT_CHECKEND, 'M',
"Check whether the cert expires in the next arg seconds"},
{OPT_MORE_STR, 1, 1, "Exit 1 if so, 0 if not"},
{"signkey", OPT_SIGNKEY, '<', "Self sign cert with arg"},
{"signkey", OPT_SIGNKEY, 's', "Self sign cert with arg"},
{"x509toreq", OPT_X509TOREQ, '-',
"Output a certification request object"},
{"req", OPT_REQ, '-', "Input is a certificate request, sign and output"},
@ -130,7 +130,7 @@ const OPTIONS x509_options[] = {
{"checkemail", OPT_CHECKEMAIL, 's', "Check certificate matches email"},
{"checkip", OPT_CHECKIP, 's', "Check certificate matches ipaddr"},
{"CAform", OPT_CAFORM, 'F', "CA format - default PEM"},
{"CAkeyform", OPT_CAKEYFORM, 'f', "CA key format - default PEM"},
{"CAkeyform", OPT_CAKEYFORM, 'E', "CA key format - default PEM"},
{"sigopt", OPT_SIGOPT, 's', "Signature parameter in n:v form"},
{"force_pubkey", OPT_FORCE_PUBKEY, '<', "Force the Key to put inside certificate"},
{"next_serial", OPT_NEXT_SERIAL, '-', "Increment current certificate serial number"},
@ -217,7 +217,7 @@ int x509_main(int argc, char **argv)
goto opthelp;
break;
case OPT_KEYFORM:
if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &keyformat))
if (!opt_format(opt_arg(), OPT_FMT_PDE, &keyformat))
goto opthelp;
break;
case OPT_CAFORM:
@ -225,7 +225,7 @@ int x509_main(int argc, char **argv)
goto opthelp;
break;
case OPT_CAKEYFORM:
if (!opt_format(opt_arg(), OPT_FMT_ANY, &CAkeyformat))
if (!opt_format(opt_arg(), OPT_FMT_PDE, &CAkeyformat))
goto opthelp;
break;
case OPT_OUT:

View File

@ -1,3 +1,6 @@
image:
- Visual Studio 2017
platform:
- x64
- x86
@ -5,17 +8,24 @@ platform:
environment:
fast_finish: true
matrix:
- VSVER: 14
- VSVER: 15
configuration:
- shared
- plain
- minimal
before_build:
- ps: >-
Install-Module VSSetup -Scope CurrentUser
- ps: >-
Get-VSSetupInstance -All
- ps: >-
gci env:* | sort-object name
- ps: >-
If ($env:Platform -Match "x86") {
$env:VCVARS_PLATFORM="x86"
$env:TARGET="VC-WIN32 no-asm"
$env:TARGET="VC-WIN32 no-asm --strict-warnings"
} Else {
$env:VCVARS_PLATFORM="amd64"
$env:TARGET="VC-WIN64A-masm"
@ -23,11 +33,12 @@ before_build:
- ps: >-
If ($env:Configuration -Match "shared") {
$env:SHARED="no-makedepend"
} ElseIf ($env:Configuration -Match "minimal") {
$env:SHARED="no-shared no-dso no-makedepend no-aria no-async no-autoload-config no-blake2 no-bf no-camellia no-cast no-chacha no-cmac no-cms no-comp no-ct no-des no-dgram no-dh no-dsa no-dtls no-ec2m no-engine no-filenames no-gost no-idea no-mdc2 no-md4 no-multiblock no-nextprotoneg no-ocsp no-ocb no-poly1305 no-psk no-rc2 no-rc4 no-rmd160 no-seed no-siphash no-sm2 no-sm3 no-sm4 no-srp no-srtp no-ssl3 no-ssl3-method no-ts no-ui-console no-whirlpool no-asm -DOPENSSL_SMALL_FOOTPRINT"
} Else {
$env:SHARED="no-shared no-makedepend"
}
- ps: $env:VSCOMNTOOLS=(Get-Content ("env:VS" + "$env:VSVER" + "0COMNTOOLS"))
- call "%VSCOMNTOOLS%\..\..\VC\vcvarsall.bat" %VCVARS_PLATFORM%
- call "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvarsall.bat" %VCVARS_PLATFORM%
- mkdir _build
- cd _build
- perl ..\Configure %TARGET% %SHARED%

View File

@ -9,20 +9,20 @@
"";
-}
LIBS=libcrypto libssl
INCLUDE[libcrypto]=. crypto/include include
INCLUDE[libcrypto]=. include
INCLUDE[libssl]=. include
DEPEND[libssl]=libcrypto
# Empty DEPEND "indices" means the dependencies are expected to be built
# unconditionally before anything else.
DEPEND[]=include/openssl/opensslconf.h crypto/include/internal/bn_conf.h \
crypto/include/internal/dso_conf.h
DEPEND[]=include/openssl/opensslconf.h include/crypto/bn_conf.h \
include/crypto/dso_conf.h
DEPEND[include/openssl/opensslconf.h]=configdata.pm
GENERATE[include/openssl/opensslconf.h]=include/openssl/opensslconf.h.in
DEPEND[crypto/include/internal/bn_conf.h]=configdata.pm
GENERATE[crypto/include/internal/bn_conf.h]=crypto/include/internal/bn_conf.h.in
DEPEND[crypto/include/internal/dso_conf.h]=configdata.pm
GENERATE[crypto/include/internal/dso_conf.h]=crypto/include/internal/dso_conf.h.in
DEPEND[include/crypto/bn_conf.h]=configdata.pm
GENERATE[include/crypto/bn_conf.h]=include/crypto/bn_conf.h.in
DEPEND[include/crypto/dso_conf.h]=configdata.pm
GENERATE[include/crypto/dso_conf.h]=include/crypto/dso_conf.h.in
IF[{- defined $target{shared_defflag} -}]
IF[{- $config{target} =~ /^mingw/ -}]

View File

@ -1,5 +1,5 @@
#!/bin/sh
# Copyright 1998-2019 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -509,10 +509,7 @@ case "$GUESSOS" in
OUT="ios64-cross" ;;
alpha-*-linux2)
ISA=`awk '/cpu model/{print$4;exit(0);}' /proc/cpuinfo`
case ${ISA:-generic} in
*[678]) OUT="linux-alpha+bwx-$CC" ;;
*) OUT="linux-alpha-$CC" ;;
esac
OUT="linux-alpha-$CC"
if [ "$CC" = "gcc" ]; then
case ${ISA:-generic} in
EV5|EV45) __CNF_CFLAGS="$__CNF_CFLAGS -mcpu=ev5"
@ -908,8 +905,12 @@ fi
OUT="$OUT"
$PERL $THERE/Configure LIST | grep "$OUT" > /dev/null
if [ $? = "0" ]; then
if [ "$OUT" = "darwin64-x86_64-cc" ]; then
echo "WARNING! If you wish to build 32-bit libraries, then you have to"
echo " invoke 'KERNEL_BITS=32 $THERE/config $options'."
fi
if $PERL $THERE/Configure LIST | grep "$OUT" > /dev/null; then
if [ "$VERBOSE" = "true" ]; then
echo /usr/bin/env \
__CNF_CPPDEFINES="'$__CNF_CPPDEFINES'" \
@ -939,8 +940,5 @@ else
exit 1
fi
if [ "$OUT" = "darwin64-x86_64-cc" ]; then
echo "WARNING! If you wish to build 32-bit libraries, then you have to"
echo " invoke 'KERNEL_BITS=32 $THERE/config $options'."
fi
# Do not add anothing from here on, so we don't lose the Configure exit code
)

View File

@ -131,9 +131,8 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
return 0;
}
strncpy((*ctx)->entry_name, direntry->d_name,
sizeof((*ctx)->entry_name) - 1);
(*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
OPENSSL_strlcpy((*ctx)->entry_name, direntry->d_name,
sizeof((*ctx)->entry_name));
#ifdef __VMS
if ((*ctx)->expect_file_generations) {
char *p = (*ctx)->entry_name + strlen((*ctx)->entry_name);

View File

@ -41,7 +41,7 @@
#include <stdlib.h>
#include <openssl/crypto.h>
#include <openssl/aes.h>
#include "aes_locl.h"
#include "aes_local.h"
#ifndef AES_ASM
/*-

View File

@ -10,7 +10,7 @@
#include <assert.h>
#include <openssl/aes.h>
#include "aes_locl.h"
#include "aes_local.h"
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key, const int enc)

View File

@ -10,7 +10,7 @@
#include "internal/cryptlib.h"
#include <openssl/aes.h>
#include "aes_locl.h"
#include "aes_local.h"
#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
typedef struct {

View File

@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
#ifndef HEADER_AES_LOCL_H
# define HEADER_AES_LOCL_H
#ifndef OSSL_CRYPTO_AES_LOCAL_H
# define OSSL_CRYPTO_AES_LOCAL_H
# include <openssl/e_os2.h>
# include <stdio.h>
@ -39,4 +39,4 @@ typedef unsigned char u8;
/* This controls loop-unrolling in aes_core.c */
# undef FULL_UNROLL
#endif /* !HEADER_AES_LOCL_H */
#endif /* !OSSL_CRYPTO_AES_LOCAL_H */

View File

@ -9,7 +9,7 @@
#include <openssl/opensslv.h>
#include <openssl/aes.h>
#include "aes_locl.h"
#include "aes_local.h"
const char *AES_options(void)
{

View File

@ -46,7 +46,7 @@
#include <stdlib.h>
#include <openssl/aes.h>
#include "aes_locl.h"
#include "aes_local.h"
/*
* These two parameters control which table, 256-byte or 2KB, is

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1242,4 +1242,4 @@ while(<SELF>) {
close SELF;
print $code;
close STDOUT; # enforce flush
close STDOUT or die "error closing STDOUT: $!"; # enforce flush

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1379,4 +1379,4 @@ AES_Td4:
___
print $code;
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -2167,4 +2167,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1035,4 +1035,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1456,4 +1456,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1987,7 +1987,7 @@ $code.=<<___;
.Lxts_enc_done:
stg $sp,$tweak+0($sp) # wipe tweak
stg $sp,$twesk+8($sp)
stg $sp,$tweak+8($sp)
lm${g} %r6,$ra,6*$SIZE_T($sp)
br $ra
.size AES_xts_encrypt,.-AES_xts_encrypt
@ -2267,7 +2267,7 @@ $code.=<<___;
stg $sp,$tweak-16+8($sp)
.Lxts_dec_done:
stg $sp,$tweak+0($sp) # wipe tweak
stg $sp,$twesk+8($sp)
stg $sp,$tweak+8($sp)
lm${g} %r6,$ra,6*$SIZE_T($sp)
br $ra
.size AES_xts_decrypt,.-AES_xts_decrypt
@ -2279,4 +2279,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
close STDOUT; # force flush
close STDOUT or die "error closing STDOUT: $!"; # force flush

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1189,4 +1189,4 @@ ___
$code =~ s/fmovs.*$//gm;
print $code;
close STDOUT; # ensure flush
close STDOUT or die "error closing STDOUT: $!"; # ensure flush

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1267,4 +1267,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}
@ -1471,4 +1471,4 @@ $code =~ s/\`([^\`]*)\`/eval($1)/gem;
$code =~ s/\b(aes.*%xmm[0-9]+).*$/aesni($1)/gem;
print $code;
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -108,7 +108,7 @@ $avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
$avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
`ml64 2>&1` =~ /Version ([0-9]+)\./ &&
$1>=10);
$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/ && $2>=3.0);
$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/ && $2>=3.0);
$shaext=1; ### set to zero if compiling for 1.0.1
@ -133,6 +133,7 @@ $code.=<<___;
.type aesni_cbc_sha1_enc,\@abi-omnipotent
.align 32
aesni_cbc_sha1_enc:
.cfi_startproc
# caller should check for SSSE3 and AES-NI bits
mov OPENSSL_ia32cap_P+0(%rip),%r10d
mov OPENSSL_ia32cap_P+4(%rip),%r11
@ -151,6 +152,7 @@ ___
$code.=<<___;
jmp aesni_cbc_sha1_enc_ssse3
ret
.cfi_endproc
.size aesni_cbc_sha1_enc,.-aesni_cbc_sha1_enc
___
@ -840,6 +842,7 @@ $code.=<<___;
.type aesni256_cbc_sha1_dec,\@abi-omnipotent
.align 32
aesni256_cbc_sha1_dec:
.cfi_startproc
# caller should check for SSSE3 and AES-NI bits
mov OPENSSL_ia32cap_P+0(%rip),%r10d
mov OPENSSL_ia32cap_P+4(%rip),%r11d
@ -854,6 +857,7 @@ ___
$code.=<<___;
jmp aesni256_cbc_sha1_dec_ssse3
ret
.cfi_endproc
.size aesni256_cbc_sha1_dec,.-aesni256_cbc_sha1_dec
.type aesni256_cbc_sha1_dec_ssse3,\@function,6
@ -1760,6 +1764,7 @@ $code.=<<___;
.type aesni_cbc_sha1_enc_shaext,\@function,6
.align 32
aesni_cbc_sha1_enc_shaext:
.cfi_startproc
mov `($win64?56:8)`(%rsp),$inp # load 7th argument
___
$code.=<<___ if ($win64);
@ -1911,6 +1916,7 @@ $code.=<<___ if ($win64);
___
$code.=<<___;
ret
.cfi_endproc
.size aesni_cbc_sha1_enc_shaext,.-aesni_cbc_sha1_enc_shaext
___
}}}
@ -2137,4 +2143,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=12);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) {
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}
@ -123,6 +123,7 @@ $code=<<___;
.type $func,\@abi-omnipotent
.align 16
$func:
.cfi_startproc
___
if ($avx) {
$code.=<<___;
@ -162,6 +163,7 @@ $code.=<<___;
ud2
.Lprobe:
ret
.cfi_endproc
.size $func,.-$func
.align 64
@ -1084,7 +1086,23 @@ $code.=<<___;
vmovdqa $t0,0x00(%rsp)
xor $a1,$a1
vmovdqa $t1,0x20(%rsp)
___
$code.=<<___ if (!$win64);
# temporarily use %rsi as frame pointer
mov $_rsp,%rsi
.cfi_def_cfa %rsi,8
___
$code.=<<___;
lea -$PUSH8(%rsp),%rsp
___
$code.=<<___ if (!$win64);
# the frame info is at $_rsp, but the stack is moving...
# so a second frame pointer is saved at -8(%rsp)
# that is in the red zone
mov %rsi,-8(%rsp)
.cfi_cfa_expression %rsp-8,deref,+8
___
$code.=<<___;
mov $B,$a3
vmovdqa $t2,0x00(%rsp)
xor $C,$a3 # magic
@ -1106,7 +1124,17 @@ my @X = @_;
my @insns = (&$body,&$body,&$body,&$body); # 96 instructions
my $base = "+2*$PUSH8(%rsp)";
&lea ("%rsp","-$PUSH8(%rsp)") if (($j%2)==0);
if (($j%2)==0) {
&lea ("%rsp","-$PUSH8(%rsp)");
$code.=<<___ if (!$win64);
.cfi_cfa_expression %rsp+`$PUSH8-8`,deref,+8
# copy secondary frame pointer to new location again at -8(%rsp)
pushq $PUSH8-8(%rsp)
.cfi_cfa_expression %rsp,deref,+8
lea 8(%rsp),%rsp
.cfi_cfa_expression %rsp-8,deref,+8
___
}
foreach (Xupdate_256_AVX()) { # 29 instructions
eval;
eval(shift(@insns));
@ -1232,26 +1260,28 @@ $code.=<<___;
jbe .Loop_avx2
lea (%rsp),$Tbl
# temporarily use $Tbl as index to $_rsp
# this avoids the need to save a secondary frame pointer at -8(%rsp)
.cfi_cfa_expression $Tbl+`16*$SZ+7*8`,deref,+8
.Ldone_avx2:
lea ($Tbl),%rsp
mov $_ivp,$ivp
mov $_rsp,%rsi
mov 16*$SZ+4*8($Tbl),$ivp
mov 16*$SZ+7*8($Tbl),%rsi
.cfi_def_cfa %rsi,8
vmovdqu $iv,($ivp) # output IV
vzeroall
___
$code.=<<___ if ($win64);
movaps `$framesz+16*0`(%rsp),%xmm6
movaps `$framesz+16*1`(%rsp),%xmm7
movaps `$framesz+16*2`(%rsp),%xmm8
movaps `$framesz+16*3`(%rsp),%xmm9
movaps `$framesz+16*4`(%rsp),%xmm10
movaps `$framesz+16*5`(%rsp),%xmm11
movaps `$framesz+16*6`(%rsp),%xmm12
movaps `$framesz+16*7`(%rsp),%xmm13
movaps `$framesz+16*8`(%rsp),%xmm14
movaps `$framesz+16*9`(%rsp),%xmm15
movaps `$framesz+16*0`($Tbl),%xmm6
movaps `$framesz+16*1`($Tbl),%xmm7
movaps `$framesz+16*2`($Tbl),%xmm8
movaps `$framesz+16*3`($Tbl),%xmm9
movaps `$framesz+16*4`($Tbl),%xmm10
movaps `$framesz+16*5`($Tbl),%xmm11
movaps `$framesz+16*6`($Tbl),%xmm12
movaps `$framesz+16*7`($Tbl),%xmm13
movaps `$framesz+16*8`($Tbl),%xmm14
movaps `$framesz+16*9`($Tbl),%xmm15
___
$code.=<<___;
mov -48(%rsi),%r15
@ -1339,6 +1369,7 @@ $code.=<<___;
.type ${func}_shaext,\@function,6
.align 32
${func}_shaext:
.cfi_startproc
mov `($win64?56:8)`(%rsp),$inp # load 7th argument
___
$code.=<<___ if ($win64);
@ -1555,6 +1586,7 @@ $code.=<<___ if ($win64);
___
$code.=<<___;
ret
.cfi_endproc
.size ${func}_shaext,.-${func}_shaext
___
}
@ -1767,4 +1799,4 @@ sub rex {
$code =~ s/\`([^\`]*)\`/eval $1/gem;
$code =~ s/\b(sha256[^\s]*)\s+(.*)/sha256op38($1,$2)/gem;
print $code;
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -3412,4 +3412,4 @@ my ($l_,$block,$i1,$i3,$i5) = ($rounds_,$key_,$rounds,$len,$out);
&asm_finish();
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2009-2019 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -59,7 +59,7 @@
# nothing one can do and the result appears optimal. CCM result is
# identical to CBC, because CBC-MAC is essentially CBC encrypt without
# saving output. CCM CTR "stays invisible," because it's neatly
# interleaved wih CBC-MAC. This provides ~30% improvement over
# interleaved with CBC-MAC. This provides ~30% improvement over
# "straightforward" CCM implementation with CTR and CBC-MAC performed
# disjointly. Parallelizable modes practically achieve the theoretical
# limit.
@ -984,6 +984,7 @@ $code.=<<___;
.type aesni_ccm64_encrypt_blocks,\@function,6
.align 16
aesni_ccm64_encrypt_blocks:
.cfi_startproc
___
$code.=<<___ if ($win64);
lea -0x58(%rsp),%rsp
@ -1066,6 +1067,7 @@ $code.=<<___ if ($win64);
___
$code.=<<___;
ret
.cfi_endproc
.size aesni_ccm64_encrypt_blocks,.-aesni_ccm64_encrypt_blocks
___
######################################################################
@ -1074,6 +1076,7 @@ $code.=<<___;
.type aesni_ccm64_decrypt_blocks,\@function,6
.align 16
aesni_ccm64_decrypt_blocks:
.cfi_startproc
___
$code.=<<___ if ($win64);
lea -0x58(%rsp),%rsp
@ -1173,6 +1176,7 @@ $code.=<<___ if ($win64);
___
$code.=<<___;
ret
.cfi_endproc
.size aesni_ccm64_decrypt_blocks,.-aesni_ccm64_decrypt_blocks
___
}
@ -2339,7 +2343,7 @@ $code.=<<___;
movdqu `16*0`($inp),$inout0 # load input
movdqa $rndkey0,$twmask
movdqu `16*1`($inp),$inout1
pxor @tweak[0],$inout0 # intput^=tweak^round[0]
pxor @tweak[0],$inout0 # input^=tweak^round[0]
movdqu `16*2`($inp),$inout2
pxor @tweak[1],$inout1
aesdec $rndkey1,$inout0
@ -3031,6 +3035,7 @@ $code.=<<___;
.type __ocb_encrypt6,\@abi-omnipotent
.align 32
__ocb_encrypt6:
.cfi_startproc
pxor $rndkey0l,@offset[5] # offset_i ^ round[0]
movdqu ($L_p,$i1),@offset[1]
movdqa @offset[0],@offset[2]
@ -3128,11 +3133,13 @@ __ocb_encrypt6:
aesenclast @offset[4],$inout4
aesenclast @offset[5],$inout5
ret
.cfi_endproc
.size __ocb_encrypt6,.-__ocb_encrypt6
.type __ocb_encrypt4,\@abi-omnipotent
.align 32
__ocb_encrypt4:
.cfi_startproc
pxor $rndkey0l,@offset[5] # offset_i ^ round[0]
movdqu ($L_p,$i1),@offset[1]
movdqa @offset[0],@offset[2]
@ -3197,11 +3204,13 @@ __ocb_encrypt4:
aesenclast @offset[2],$inout2
aesenclast @offset[3],$inout3
ret
.cfi_endproc
.size __ocb_encrypt4,.-__ocb_encrypt4
.type __ocb_encrypt1,\@abi-omnipotent
.align 32
__ocb_encrypt1:
.cfi_startproc
pxor @offset[5],$inout5 # offset_i
pxor $rndkey0l,$inout5 # offset_i ^ round[0]
pxor $inout0,$checksum # accumulate checksum
@ -3232,6 +3241,7 @@ __ocb_encrypt1:
aesenclast $inout5,$inout0
ret
.cfi_endproc
.size __ocb_encrypt1,.-__ocb_encrypt1
.globl aesni_ocb_decrypt
@ -3513,6 +3523,7 @@ $code.=<<___;
.type __ocb_decrypt6,\@abi-omnipotent
.align 32
__ocb_decrypt6:
.cfi_startproc
pxor $rndkey0l,@offset[5] # offset_i ^ round[0]
movdqu ($L_p,$i1),@offset[1]
movdqa @offset[0],@offset[2]
@ -3604,11 +3615,13 @@ __ocb_decrypt6:
aesdeclast @offset[4],$inout4
aesdeclast @offset[5],$inout5
ret
.cfi_endproc
.size __ocb_decrypt6,.-__ocb_decrypt6
.type __ocb_decrypt4,\@abi-omnipotent
.align 32
__ocb_decrypt4:
.cfi_startproc
pxor $rndkey0l,@offset[5] # offset_i ^ round[0]
movdqu ($L_p,$i1),@offset[1]
movdqa @offset[0],@offset[2]
@ -3669,11 +3682,13 @@ __ocb_decrypt4:
aesdeclast @offset[2],$inout2
aesdeclast @offset[3],$inout3
ret
.cfi_endproc
.size __ocb_decrypt4,.-__ocb_decrypt4
.type __ocb_decrypt1,\@abi-omnipotent
.align 32
__ocb_decrypt1:
.cfi_startproc
pxor @offset[5],$inout5 # offset_i
pxor $rndkey0l,$inout5 # offset_i ^ round[0]
pxor $inout5,$inout0 # input ^ round[0] ^ offset_i
@ -3703,6 +3718,7 @@ __ocb_decrypt1:
aesdeclast $inout5,$inout0
ret
.cfi_endproc
.size __ocb_decrypt1,.-__ocb_decrypt1
___
} }}
@ -4637,7 +4653,6 @@ __aesni_set_encrypt_key:
add \$8,%rsp
.cfi_adjust_cfa_offset -8
ret
.cfi_endproc
.LSEH_end_set_encrypt_key:
.align 16
@ -4708,6 +4723,7 @@ __aesni_set_encrypt_key:
shufps \$0b10101010,%xmm1,%xmm1 # critical path
xorps %xmm1,%xmm2
ret
.cfi_endproc
.size ${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key
.size __aesni_set_encrypt_key,.-__aesni_set_encrypt_key
___
@ -4812,7 +4828,7 @@ ctr_xts_se_handler:
mov 56($disp),%r11 # disp->HandlerData
mov 0(%r11),%r10d # HandlerData[0]
lea (%rsi,%r10),%r10 # prologue lable
lea (%rsi,%r10),%r10 # prologue label
cmp %r10,%rbx # context->Rip<prologue label
jb .Lcommon_seh_tail
@ -4856,7 +4872,7 @@ ocb_se_handler:
mov 56($disp),%r11 # disp->HandlerData
mov 0(%r11),%r10d # HandlerData[0]
lea (%rsi,%r10),%r10 # prologue lable
lea (%rsi,%r10),%r10 # prologue label
cmp %r10,%rbx # context->Rip<prologue label
jb .Lcommon_seh_tail
@ -5138,4 +5154,4 @@ $code =~ s/\bmovbe\s+%eax,\s*([0-9]+)\(%rsp\)/movbe($1)/gem;
print $code;
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2014-2019 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -3804,4 +3804,4 @@ foreach(split("\n",$code)) {
print $_,"\n";
}
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -926,4 +926,4 @@ ___
&emit_assembler();
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2014-2019 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1008,4 +1008,4 @@ if ($flavour =~ /64/) { ######## 64-bit code
}
}
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -2488,4 +2488,4 @@ close SELF;
print $code;
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1274,4 +1274,4 @@ ___
} }
print $code;
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1591,4 +1591,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -913,4 +913,4 @@ $k_dsbo=0x2c0; # decryption sbox final output
&asm_finish();
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -1238,4 +1238,4 @@ $code =~ s/\`([^\`]*)\`/eval($1)/gem;
print $code;
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -19,7 +19,7 @@
*/
#include <openssl/e_os2.h>
#include "internal/aria.h"
#include "crypto/aria.h"
#include <assert.h>
#include <string.h>

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -144,4 +144,4 @@ CRYPTO_memcmp:
___
print $code;
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
#ifndef __ARM_ARCH_H__
# define __ARM_ARCH_H__
#ifndef OSSL_CRYPTO_ARM_ARCH_H
# define OSSL_CRYPTO_ARM_ARCH_H
# if !defined(__ARM_ARCH__)
# if defined(__CC_ARM)

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@ -293,4 +293,4 @@ atomic_add_spinlock:
___
print $code;
close STDOUT;
close STDOUT or die "error closing STDOUT: $!";

View File

@ -11,7 +11,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
#include "asn1_locl.h"
#include "asn1_local.h"
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
{

View File

@ -13,7 +13,7 @@
#include "internal/numbers.h"
#include <openssl/buffer.h>
#include <openssl/asn1.h>
#include "internal/asn1_int.h"
#include "crypto/asn1.h"
#ifndef NO_OLD_ASN1
# ifndef OPENSSL_NO_STDIO

View File

@ -15,7 +15,7 @@
#include <time.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
#include "asn1_locl.h"
#include "asn1_local.h"
/* This is the primary function used to parse ASN1_GENERALIZEDTIME */
int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)

View File

@ -13,7 +13,7 @@
#include <limits.h>
#include <openssl/asn1.h>
#include <openssl/bn.h>
#include "asn1_locl.h"
#include "asn1_local.h"
ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)
{

View File

@ -8,7 +8,7 @@
*/
#include <stdio.h>
#include "internal/ctype.h"
#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/asn1.h>

View File

@ -9,14 +9,14 @@
#include <stdio.h>
#include <limits.h>
#include "internal/ctype.h"
#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/asn1.h>
#include <openssl/objects.h>
#include <openssl/bn.h>
#include "internal/asn1_int.h"
#include "asn1_locl.h"
#include "crypto/asn1.h"
#include "asn1_local.h"
int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp)
{

View File

@ -8,7 +8,7 @@
*/
#include <stdio.h>
#include "internal/ctype.h"
#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/asn1.h>

View File

@ -18,8 +18,8 @@
#include <openssl/x509.h>
#include <openssl/objects.h>
#include <openssl/buffer.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#include "crypto/asn1.h"
#include "crypto/evp.h"
#ifndef NO_ASN1_OLD

View File

@ -10,7 +10,7 @@
#include <stdio.h>
#include <string.h>
#include "internal/cryptlib.h"
#include "internal/asn1_int.h"
#include "crypto/asn1.h"
#include <openssl/crypto.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>

View File

@ -16,10 +16,10 @@
#include <stdio.h>
#include <time.h>
#include "internal/ctype.h"
#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include "asn1_locl.h"
#include "asn1_local.h"
IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)

View File

@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/objects.h>
#include "asn1_locl.h"
#include "asn1_local.h"
int ASN1_TYPE_get(const ASN1_TYPE *a)
{

View File

@ -11,7 +11,7 @@
#include <time.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
#include "asn1_locl.h"
#include "asn1_local.h"
/* This is the primary function used to parse ASN1_UTCTIME */
int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d)

View File

@ -18,8 +18,8 @@
#include <openssl/objects.h>
#include <openssl/buffer.h>
#include <openssl/evp.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#include "crypto/asn1.h"
#include "crypto/evp.h"
#ifndef NO_ASN1_OLD

View File

@ -13,8 +13,8 @@
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/engine.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#include "crypto/asn1.h"
#include "crypto/evp.h"
#include "standard_methods.h"

View File

@ -11,7 +11,7 @@
#include <limits.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
#include "asn1_locl.h"
#include "asn1_local.h"
static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
long max);

View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -75,6 +75,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
int nl, hl, j, r;
ASN1_OBJECT *o = NULL;
ASN1_OCTET_STRING *os = NULL;
ASN1_INTEGER *ai = NULL;
ASN1_ENUMERATED *ae = NULL;
/* ASN1_BMPSTRING *bmp=NULL; */
int dump_indent, dump_cont = 0;
@ -250,22 +252,21 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
ASN1_OCTET_STRING_free(os);
os = NULL;
} else if (tag == V_ASN1_INTEGER) {
ASN1_INTEGER *bs;
int i;
opp = op;
bs = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
if (bs != NULL) {
ai = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
if (ai != NULL) {
if (BIO_write(bp, ":", 1) <= 0)
goto end;
if (bs->type == V_ASN1_NEG_INTEGER)
if (ai->type == V_ASN1_NEG_INTEGER)
if (BIO_write(bp, "-", 1) <= 0)
goto end;
for (i = 0; i < bs->length; i++) {
if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
for (i = 0; i < ai->length; i++) {
if (BIO_printf(bp, "%02X", ai->data[i]) <= 0)
goto end;
}
if (bs->length == 0) {
if (ai->length == 0) {
if (BIO_write(bp, "00", 2) <= 0)
goto end;
}
@ -274,24 +275,24 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
goto end;
dump_cont = 1;
}
ASN1_INTEGER_free(bs);
ASN1_INTEGER_free(ai);
ai = NULL;
} else if (tag == V_ASN1_ENUMERATED) {
ASN1_ENUMERATED *bs;
int i;
opp = op;
bs = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
if (bs != NULL) {
ae = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
if (ae != NULL) {
if (BIO_write(bp, ":", 1) <= 0)
goto end;
if (bs->type == V_ASN1_NEG_ENUMERATED)
if (ae->type == V_ASN1_NEG_ENUMERATED)
if (BIO_write(bp, "-", 1) <= 0)
goto end;
for (i = 0; i < bs->length; i++) {
if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
for (i = 0; i < ae->length; i++) {
if (BIO_printf(bp, "%02X", ae->data[i]) <= 0)
goto end;
}
if (bs->length == 0) {
if (ae->length == 0) {
if (BIO_write(bp, "00", 2) <= 0)
goto end;
}
@ -300,7 +301,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
goto end;
dump_cont = 1;
}
ASN1_ENUMERATED_free(bs);
ASN1_ENUMERATED_free(ae);
ae = NULL;
} else if (len > 0 && dump) {
if (!nl) {
if (BIO_write(bp, "\n", 1) <= 0)
@ -341,6 +343,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
end:
ASN1_OBJECT_free(o);
ASN1_OCTET_STRING_free(os);
ASN1_INTEGER_free(ai);
ASN1_ENUMERATED_free(ae);
*pp = p;
return ret;
}

View File

@ -1,5 +1,5 @@
/*
* Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -8,15 +8,15 @@
*/
#include <stdio.h>
#include "internal/ctype.h"
#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/rand.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include "internal/evp_int.h"
#include "crypto/evp.h"
#include "internal/bio.h"
#include "asn1_locl.h"
#include "asn1_local.h"
/*
* Generalised MIME like utilities for streaming ASN1. Although many have a
@ -198,6 +198,14 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
BIO_puts(out, "gostr3411-94");
goto err;
case NID_id_GostR3411_2012_256:
BIO_puts(out, "gostr3411-2012-256");
goto err;
case NID_id_GostR3411_2012_512:
BIO_puts(out, "gostr3411-2012-512");
goto err;
default:
if (have_unknown)
write_comma = 0;

View File

@ -8,13 +8,13 @@
*/
#include <stdio.h>
#include "internal/ctype.h"
#include "crypto/ctype.h"
#include <openssl/crypto.h>
#include "internal/cryptlib.h"
#include <openssl/conf.h>
#include <openssl/x509.h>
#include "internal/asn1_int.h"
#include "internal/objects.h"
#include "crypto/asn1.h"
#include "crypto/objects.h"
/* Simple ASN1 OID module: add all objects in a given section */

View File

@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by crypto/asn1/charmap.pl
*
* Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy

View File

@ -15,8 +15,8 @@
#include <openssl/engine.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#include "crypto/asn1.h"
#include "crypto/evp.h"
EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)

View File

@ -17,7 +17,7 @@
#include <openssl/dsa.h>
#include <openssl/ec.h>
#include "internal/evp_int.h"
#include "crypto/evp.h"
EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)

View File

@ -8,7 +8,7 @@
*/
#include <stdio.h>
#include "internal/ctype.h"
#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/asn1.h>

View File

@ -8,7 +8,7 @@
*/
#include <stdio.h>
#include "internal/ctype.h"
#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/asn1.h>

View File

@ -11,8 +11,8 @@
#include "internal/cryptlib.h"
#include <openssl/evp.h>
#include <openssl/x509.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#include "crypto/asn1.h"
#include "crypto/evp.h"
int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
{

View File

@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include "internal/x509_int.h"
#include "crypto/x509.h"
/* Minor tweak to operation: zero private key data */
static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,

View File

@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#include <openssl/objects.h>
#include <openssl/buffer.h>
#include "internal/bn_int.h"
#include "crypto/bn.h"
/* Number of octets per line */
#define ASN1_BUF_PRINT_WIDTH 15

View File

@ -15,7 +15,7 @@
#include <openssl/buffer.h>
#include <openssl/err.h>
#include "internal/numbers.h"
#include "asn1_locl.h"
#include "asn1_local.h"
/*

View File

@ -13,8 +13,8 @@
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/objects.h>
#include "internal/asn1_int.h"
#include "asn1_locl.h"
#include "crypto/asn1.h"
#include "asn1_local.h"
static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);

View File

@ -11,7 +11,7 @@
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/objects.h>
#include "asn1_locl.h"
#include "asn1_local.h"
/* Free up an ASN1 structure */

View File

@ -13,7 +13,7 @@
#include <openssl/err.h>
#include <openssl/asn1t.h>
#include <string.h>
#include "asn1_locl.h"
#include "asn1_local.h"
static int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
int embed);

View File

@ -15,8 +15,8 @@
#include <openssl/buffer.h>
#include <openssl/err.h>
#include <openssl/x509v3.h>
#include "internal/asn1_int.h"
#include "asn1_locl.h"
#include "crypto/asn1.h"
#include "asn1_local.h"
/*
* Print routines.

View File

@ -15,7 +15,7 @@
#include <openssl/buffer.h>
#include <openssl/err.h>
#include <openssl/x509v3.h>
#include "asn1_locl.h"
#include "asn1_local.h"
/*
* General ASN1 structure recursive scanner: iterate through all fields

View File

@ -15,7 +15,7 @@
#include <openssl/asn1t.h>
#include <openssl/objects.h>
#include <openssl/err.h>
#include "asn1_locl.h"
#include "asn1_local.h"
/* Utility functions for manipulating fields and offsets */

View File

@ -11,7 +11,7 @@
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include "internal/evp_int.h"
#include "crypto/evp.h"
ASN1_SEQUENCE(X509_ALGOR) = {
ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT),

View File

@ -82,7 +82,7 @@ static int bn_secure_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
if (!*pval)
if (*pval == NULL)
return;
if (it->size & BN_SENSITIVE)
BN_clear_free((BIGNUM *)*pval);
@ -96,7 +96,7 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
{
BIGNUM *bn;
int pad;
if (!*pval)
if (*pval == NULL)
return -1;
bn = (BIGNUM *)*pval;
/* If MSB set in an octet we need a padding byte */
@ -133,7 +133,7 @@ static int bn_secure_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int ret;
BIGNUM *bn;
if (!*pval && !bn_secure_new(pval, it))
if (*pval == NULL && !bn_secure_new(pval, it))
return 0;
ret = bn_c2i(pval, cont, len, utype, free_cont, it);

View File

@ -12,7 +12,7 @@
#include "internal/numbers.h"
#include <openssl/asn1t.h>
#include <openssl/bn.h>
#include "asn1_locl.h"
#include "asn1_local.h"
/*
* Custom primitive types for handling int32_t, int64_t, uint32_t, uint64_t.

View File

@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include "internal/x509_int.h"
#include "crypto/x509.h"
ASN1_SEQUENCE(X509_SIG) = {
ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR),

View File

@ -8,7 +8,7 @@
*/
/* This must be the first #include file */
#include "../async_locl.h"
#include "../async_local.h"
#ifdef ASYNC_NULL
int ASYNC_is_capable(void)

View File

@ -8,7 +8,7 @@
*/
/* This must be the first #include file */
#include "../async_locl.h"
#include "../async_local.h"
#ifdef ASYNC_POSIX

View File

@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_ASYNC_ARCH_ASYNC_POSIX_H
#define OPENSSL_ASYNC_ARCH_ASYNC_POSIX_H
#ifndef OSSL_CRYPTO_ASYNC_POSIX_H
#define OSSL_CRYPTO_ASYNC_POSIX_H
#include <openssl/e_os2.h>
#if defined(OPENSSL_SYS_UNIX) \
@ -55,4 +55,4 @@ void async_fibre_free(async_fibre *fibre);
# endif
#endif
#endif /* OPENSSL_ASYNC_ARCH_ASYNC_POSIX_H */
#endif /* OSSL_CRYPTO_ASYNC_POSIX_H */

Some files were not shown because too many files have changed in this diff Show More