Import OpenSSL 1.1.1j.
This commit is contained in:
parent
c25134eb4f
commit
4f55bd5321
7
AUTHORS
7
AUTHORS
@ -13,6 +13,8 @@ Ben Kaduk
|
||||
Bernd Edlinger
|
||||
Bodo Möller
|
||||
David Benjamin
|
||||
David von Oheimb
|
||||
Dmitry Belyavskiy (Дмитрий Белявский)
|
||||
Emilia Käsper
|
||||
Eric Young
|
||||
Geoff Thorpe
|
||||
@ -22,14 +24,19 @@ Lutz Jänicke
|
||||
Mark J. Cox
|
||||
Matt Caswell
|
||||
Matthias St. Pierre
|
||||
Nicola Tuveri
|
||||
Nils Larsch
|
||||
Patrick Steuer
|
||||
Paul Dale
|
||||
Paul C. Sutton
|
||||
Paul Yang
|
||||
Ralf S. Engelschall
|
||||
Rich Salz
|
||||
Richard Levitte
|
||||
Shane Lontis
|
||||
Stephen Henson
|
||||
Steve Marquess
|
||||
Tim Hudson
|
||||
Tomáš Mráz
|
||||
Ulf Möller
|
||||
Viktor Dukhovni
|
||||
|
37
CHANGES
37
CHANGES
@ -7,6 +7,43 @@
|
||||
https://github.com/openssl/openssl/commits/ and pick the appropriate
|
||||
release branch.
|
||||
|
||||
Changes between 1.1.1i and 1.1.1j [16 Feb 2021]
|
||||
|
||||
*) Fixed the X509_issuer_and_serial_hash() function. It attempts to
|
||||
create a unique hash value based on the issuer and serial number data
|
||||
contained within an X509 certificate. However it was failing to correctly
|
||||
handle any errors that may occur while parsing the issuer field (which might
|
||||
occur if the issuer field is maliciously constructed). This may subsequently
|
||||
result in a NULL pointer deref and a crash leading to a potential denial of
|
||||
service attack.
|
||||
(CVE-2021-23841)
|
||||
[Matt Caswell]
|
||||
|
||||
*) Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING
|
||||
padding mode to correctly check for rollback attacks. This is considered a
|
||||
bug in OpenSSL 1.1.1 because it does not support SSLv2. In 1.0.2 this is
|
||||
CVE-2021-23839.
|
||||
[Matt Caswell]
|
||||
|
||||
*) Fixed the EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate
|
||||
functions. Previously they could overflow the output length argument in some
|
||||
cases where the input length is close to the maximum permissable length for
|
||||
an integer on the platform. In such cases the return value from the function
|
||||
call would be 1 (indicating success), but the output length value would be
|
||||
negative. This could cause applications to behave incorrectly or crash.
|
||||
(CVE-2021-23840)
|
||||
[Matt Caswell]
|
||||
|
||||
*) Fixed SRP_Calc_client_key so that it runs in constant time. The previous
|
||||
implementation called BN_mod_exp without setting BN_FLG_CONSTTIME. This
|
||||
could be exploited in a side channel attack to recover the password. Since
|
||||
the attack is local host only this is outside of the current OpenSSL
|
||||
threat model and therefore no CVE is assigned.
|
||||
|
||||
Thanks to Mohammed Sabt and Daniel De Almeida Braga for reporting this
|
||||
issue.
|
||||
[Matt Caswell]
|
||||
|
||||
Changes between 1.1.1h and 1.1.1i [8 Dec 2020]
|
||||
|
||||
*) Fixed NULL pointer deref in the GENERAL_NAME_cmp function
|
||||
|
@ -41,8 +41,8 @@ guidelines:
|
||||
https://www.openssl.org/policies/codingstyle.html) and compile
|
||||
without warnings. Where gcc or clang is available you should use the
|
||||
--strict-warnings Configure option. OpenSSL compiles on many varied
|
||||
platforms: try to ensure you only use portable features. Clean builds
|
||||
via Travis and AppVeyor are required, and they are started automatically
|
||||
platforms: try to ensure you only use portable features. Clean builds via
|
||||
GitHub Actions and AppVeyor are required, and they are started automatically
|
||||
whenever a PR is created or updated.
|
||||
|
||||
5. When at all possible, patches should include tests. These can
|
||||
|
29
Configure
29
Configure
@ -1,6 +1,6 @@
|
||||
#! /usr/bin/env perl
|
||||
# -*- mode: perl; -*-
|
||||
# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -1201,6 +1201,10 @@ foreach (keys %useradd) {
|
||||
# At this point, we can forget everything about %user and %useradd,
|
||||
# because it's now all been merged into the corresponding $config entry
|
||||
|
||||
if (grep { $_ eq '-static' } @{$config{LDFLAGS}}) {
|
||||
disable('static', 'pic', 'threads');
|
||||
}
|
||||
|
||||
# Allow overriding the build file name
|
||||
$config{build_file} = env('BUILDFILE') || $target{build_file} || "Makefile";
|
||||
|
||||
@ -1521,10 +1525,6 @@ if ($strict_warnings)
|
||||
}
|
||||
}
|
||||
|
||||
if (grep { $_ eq '-static' } @{$config{LDFLAGS}}) {
|
||||
disable('static', 'pic', 'threads');
|
||||
}
|
||||
|
||||
$config{CFLAGS} = [ map { $_ eq '--ossl-strict-warnings'
|
||||
? @strict_warnings_collection
|
||||
: ( $_ ) }
|
||||
@ -2611,19 +2611,22 @@ _____
|
||||
}
|
||||
print "\nEnabled features:\n\n";
|
||||
foreach my $what (@disablables) {
|
||||
print " $what\n" unless $disabled{$what};
|
||||
print " $what\n"
|
||||
unless grep { $_ =~ /^${what}$/ } keys %disabled;
|
||||
}
|
||||
print "\nDisabled features:\n\n";
|
||||
foreach my $what (@disablables) {
|
||||
if ($disabled{$what}) {
|
||||
print " $what", ' ' x ($longest - length($what) + 1),
|
||||
"[$disabled{$what}]", ' ' x ($longest2 - length($disabled{$what}) + 1);
|
||||
print $disabled_info{$what}->{macro}
|
||||
if $disabled_info{$what}->{macro};
|
||||
my @what2 = grep { $_ =~ /^${what}$/ } keys %disabled;
|
||||
my $what3 = $what2[0];
|
||||
if ($what3) {
|
||||
print " $what3", ' ' x ($longest - length($what3) + 1),
|
||||
"[$disabled{$what3}]", ' ' x ($longest2 - length($disabled{$what3}) + 1);
|
||||
print $disabled_info{$what3}->{macro}
|
||||
if $disabled_info{$what3}->{macro};
|
||||
print ' (skip ',
|
||||
join(', ', @{$disabled_info{$what}->{skipped}}),
|
||||
join(', ', @{$disabled_info{$what3}->{skipped}}),
|
||||
')'
|
||||
if $disabled_info{$what}->{skipped};
|
||||
if $disabled_info{$what3}->{skipped};
|
||||
print "\n";
|
||||
}
|
||||
}
|
||||
|
15
INSTALL
15
INSTALL
@ -106,8 +106,7 @@
|
||||
This will build and install OpenSSL in the default location, which is:
|
||||
|
||||
Unix: normal installation directories under /usr/local
|
||||
OpenVMS: SYS$COMMON:[OPENSSL-'version'...], where 'version' is the
|
||||
OpenSSL version number with underscores instead of periods.
|
||||
OpenVMS: SYS$COMMON:[OPENSSL]
|
||||
Windows: C:\Program Files\OpenSSL or C:\Program Files (x86)\OpenSSL
|
||||
|
||||
The installation directory should be appropriately protected to ensure
|
||||
@ -116,7 +115,9 @@
|
||||
your Operating System it is recommended that you do not overwrite the system
|
||||
version and instead install to somewhere else.
|
||||
|
||||
If you want to install it anywhere else, run config like this:
|
||||
If you want to install it anywhere else, run config like this (the options
|
||||
--prefix and --openssldir are explained further down, and the values shown
|
||||
here are mere examples):
|
||||
|
||||
On Unix:
|
||||
|
||||
@ -198,7 +199,7 @@
|
||||
Unix: /usr/local
|
||||
Windows: C:\Program Files\OpenSSL
|
||||
or C:\Program Files (x86)\OpenSSL
|
||||
OpenVMS: SYS$COMMON:[OPENSSL-'version']
|
||||
OpenVMS: SYS$COMMON:[OPENSSL]
|
||||
|
||||
--release
|
||||
Build OpenSSL without debugging symbols. This is the default.
|
||||
@ -961,9 +962,9 @@
|
||||
share/doc/openssl/html/man7
|
||||
Contains the HTML rendition of the man-pages.
|
||||
|
||||
OpenVMS ('arch' is replaced with the architecture name, "Alpha"
|
||||
or "ia64", 'sover' is replaced with the shared library version
|
||||
(0101 for 1.1), and 'pz' is replaced with the pointer size
|
||||
OpenVMS ('arch' is replaced with the architecture name, "ALPHA"
|
||||
or "IA64", 'sover' is replaced with the shared library version
|
||||
(0101 for 1.1.x), and 'pz' is replaced with the pointer size
|
||||
OpenSSL was built with):
|
||||
|
||||
[.EXE.'arch'] Contains the openssl binary.
|
||||
|
10
NEWS
10
NEWS
@ -5,6 +5,16 @@
|
||||
This file gives a brief overview of the major changes between each OpenSSL
|
||||
release. For more details please read the CHANGES file.
|
||||
|
||||
Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [16 Feb 2021]
|
||||
|
||||
o Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
|
||||
function (CVE-2021-23841)
|
||||
o Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING
|
||||
padding mode to correctly check for rollback attacks
|
||||
o Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and
|
||||
EVP_DecryptUpdate functions (CVE-2021-23840)
|
||||
o Fixed SRP_Calc_client_key so that it runs in constant time
|
||||
|
||||
Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [8 Dec 2020]
|
||||
|
||||
o Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971)
|
||||
|
2
README
2
README
@ -1,5 +1,5 @@
|
||||
|
||||
OpenSSL 1.1.1i 8 Dec 2020
|
||||
OpenSSL 1.1.1j 16 Feb 2021
|
||||
|
||||
Copyright (c) 1998-2020 The OpenSSL Project
|
||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||
|
55
apps/ca.c
Normal file → Executable file
55
apps/ca.c
Normal file → Executable file
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -2223,62 +2223,51 @@ static int get_certificate_status(const char *serial, CA_DB *db)
|
||||
|
||||
static int do_updatedb(CA_DB *db)
|
||||
{
|
||||
ASN1_UTCTIME *a_tm = NULL;
|
||||
ASN1_TIME *a_tm = NULL;
|
||||
int i, cnt = 0;
|
||||
int db_y2k, a_y2k; /* flags = 1 if y >= 2000 */
|
||||
char **rrow, *a_tm_s;
|
||||
char **rrow;
|
||||
|
||||
a_tm = ASN1_UTCTIME_new();
|
||||
a_tm = ASN1_TIME_new();
|
||||
if (a_tm == NULL)
|
||||
return -1;
|
||||
|
||||
/* get actual time and make a string */
|
||||
/* get actual time */
|
||||
if (X509_gmtime_adj(a_tm, 0) == NULL) {
|
||||
ASN1_UTCTIME_free(a_tm);
|
||||
ASN1_TIME_free(a_tm);
|
||||
return -1;
|
||||
}
|
||||
a_tm_s = app_malloc(a_tm->length + 1, "time string");
|
||||
|
||||
memcpy(a_tm_s, a_tm->data, a_tm->length);
|
||||
a_tm_s[a_tm->length] = '\0';
|
||||
|
||||
if (strncmp(a_tm_s, "49", 2) <= 0)
|
||||
a_y2k = 1;
|
||||
else
|
||||
a_y2k = 0;
|
||||
|
||||
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
|
||||
rrow = sk_OPENSSL_PSTRING_value(db->db->data, i);
|
||||
|
||||
if (rrow[DB_type][0] == DB_TYPE_VAL) {
|
||||
/* ignore entries that are not valid */
|
||||
if (strncmp(rrow[DB_exp_date], "49", 2) <= 0)
|
||||
db_y2k = 1;
|
||||
else
|
||||
db_y2k = 0;
|
||||
ASN1_TIME *exp_date = NULL;
|
||||
|
||||
if (db_y2k == a_y2k) {
|
||||
/* all on the same y2k side */
|
||||
if (strcmp(rrow[DB_exp_date], a_tm_s) <= 0) {
|
||||
exp_date = ASN1_TIME_new();
|
||||
if (exp_date == NULL) {
|
||||
ASN1_TIME_free(a_tm);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (!ASN1_TIME_set_string(exp_date, rrow[DB_exp_date])) {
|
||||
ASN1_TIME_free(a_tm);
|
||||
ASN1_TIME_free(exp_date);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (ASN1_TIME_compare(exp_date, a_tm) <= 0) {
|
||||
rrow[DB_type][0] = DB_TYPE_EXP;
|
||||
rrow[DB_type][1] = '\0';
|
||||
cnt++;
|
||||
|
||||
BIO_printf(bio_err, "%s=Expired\n", rrow[DB_serial]);
|
||||
}
|
||||
} else if (db_y2k < a_y2k) {
|
||||
rrow[DB_type][0] = DB_TYPE_EXP;
|
||||
rrow[DB_type][1] = '\0';
|
||||
cnt++;
|
||||
|
||||
BIO_printf(bio_err, "%s=Expired\n", rrow[DB_serial]);
|
||||
}
|
||||
|
||||
ASN1_TIME_free(exp_date);
|
||||
}
|
||||
}
|
||||
|
||||
ASN1_UTCTIME_free(a_tm);
|
||||
OPENSSL_free(a_tm_s);
|
||||
ASN1_TIME_free(a_tm);
|
||||
return cnt;
|
||||
}
|
||||
|
||||
|
0
crypto/aes/asm/aes-armv4.pl
Executable file → Normal file
0
crypto/aes/asm/aes-armv4.pl
Executable file → Normal file
0
crypto/aes/asm/aes-c64xplus.pl
Executable file → Normal file
0
crypto/aes/asm/aes-c64xplus.pl
Executable file → Normal file
0
crypto/aes/asm/aes-mips.pl
Executable file → Normal file
0
crypto/aes/asm/aes-mips.pl
Executable file → Normal file
0
crypto/aes/asm/aes-parisc.pl
Executable file → Normal file
0
crypto/aes/asm/aes-parisc.pl
Executable file → Normal file
0
crypto/aes/asm/aes-ppc.pl
Executable file → Normal file
0
crypto/aes/asm/aes-ppc.pl
Executable file → Normal file
0
crypto/aes/asm/aes-s390x.pl
Executable file → Normal file
0
crypto/aes/asm/aes-s390x.pl
Executable file → Normal file
0
crypto/aes/asm/aesfx-sparcv9.pl
Executable file → Normal file
0
crypto/aes/asm/aesfx-sparcv9.pl
Executable file → Normal file
0
crypto/aes/asm/aesni-mb-x86_64.pl
Executable file → Normal file
0
crypto/aes/asm/aesni-mb-x86_64.pl
Executable file → Normal file
0
crypto/aes/asm/aesni-sha1-x86_64.pl
Executable file → Normal file
0
crypto/aes/asm/aesni-sha1-x86_64.pl
Executable file → Normal file
0
crypto/aes/asm/aesni-sha256-x86_64.pl
Executable file → Normal file
0
crypto/aes/asm/aesni-sha256-x86_64.pl
Executable file → Normal file
0
crypto/aes/asm/aesni-x86.pl
Executable file → Normal file
0
crypto/aes/asm/aesni-x86.pl
Executable file → Normal file
0
crypto/aes/asm/aesni-x86_64.pl
Executable file → Normal file
0
crypto/aes/asm/aesni-x86_64.pl
Executable file → Normal file
0
crypto/aes/asm/aest4-sparcv9.pl
Executable file → Normal file
0
crypto/aes/asm/aest4-sparcv9.pl
Executable file → Normal file
0
crypto/aes/asm/bsaes-armv7.pl
Executable file → Normal file
0
crypto/aes/asm/bsaes-armv7.pl
Executable file → Normal file
0
crypto/aes/asm/vpaes-ppc.pl
Executable file → Normal file
0
crypto/aes/asm/vpaes-ppc.pl
Executable file → Normal file
0
crypto/aes/asm/vpaes-x86.pl
Executable file → Normal file
0
crypto/aes/asm/vpaes-x86.pl
Executable file → Normal file
0
crypto/aes/asm/vpaes-x86_64.pl
Executable file → Normal file
0
crypto/aes/asm/vpaes-x86_64.pl
Executable file → Normal file
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -69,6 +69,23 @@ void OPENSSL_cpuid_setup(void) __attribute__ ((constructor));
|
||||
# define OSSL_IMPLEMENT_GETAUXVAL
|
||||
# endif
|
||||
# endif
|
||||
# if defined(__FreeBSD__)
|
||||
# include <sys/param.h>
|
||||
# if __FreeBSD_version >= 1200000
|
||||
# include <sys/auxv.h>
|
||||
# define OSSL_IMPLEMENT_GETAUXVAL
|
||||
|
||||
static unsigned long getauxval(unsigned long key)
|
||||
{
|
||||
unsigned long val = 0ul;
|
||||
|
||||
if (elf_aux_info((int)key, &val, sizeof(val)) != 0)
|
||||
return 0ul;
|
||||
|
||||
return val;
|
||||
}
|
||||
# endif
|
||||
# endif
|
||||
|
||||
/*
|
||||
* ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas
|
||||
|
0
crypto/armv4cpuid.pl
Executable file → Normal file
0
crypto/armv4cpuid.pl
Executable file → Normal file
@ -2,7 +2,7 @@
|
||||
* WARNING: do not edit!
|
||||
* Generated by crypto/asn1/charmap.pl
|
||||
*
|
||||
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
0
crypto/bn/asm/armv4-gf2m.pl
Executable file → Normal file
0
crypto/bn/asm/armv4-gf2m.pl
Executable file → Normal file
0
crypto/bn/asm/armv4-mont.pl
Executable file → Normal file
0
crypto/bn/asm/armv4-mont.pl
Executable file → Normal file
0
crypto/bn/asm/c64xplus-gf2m.pl
Executable file → Normal file
0
crypto/bn/asm/c64xplus-gf2m.pl
Executable file → Normal file
0
crypto/bn/asm/ia64-mont.pl
Executable file → Normal file
0
crypto/bn/asm/ia64-mont.pl
Executable file → Normal file
0
crypto/bn/asm/mips-mont.pl
Executable file → Normal file
0
crypto/bn/asm/mips-mont.pl
Executable file → Normal file
0
crypto/bn/asm/mips.pl
Executable file → Normal file
0
crypto/bn/asm/mips.pl
Executable file → Normal file
0
crypto/bn/asm/parisc-mont.pl
Executable file → Normal file
0
crypto/bn/asm/parisc-mont.pl
Executable file → Normal file
0
crypto/bn/asm/ppc-mont.pl
Executable file → Normal file
0
crypto/bn/asm/ppc-mont.pl
Executable file → Normal file
0
crypto/bn/asm/ppc64-mont.pl
Executable file → Normal file
0
crypto/bn/asm/ppc64-mont.pl
Executable file → Normal file
0
crypto/bn/asm/s390x-gf2m.pl
Executable file → Normal file
0
crypto/bn/asm/s390x-gf2m.pl
Executable file → Normal file
0
crypto/bn/asm/s390x-mont.pl
Executable file → Normal file
0
crypto/bn/asm/s390x-mont.pl
Executable file → Normal file
0
crypto/bn/asm/s390x.S
Executable file → Normal file
0
crypto/bn/asm/s390x.S
Executable file → Normal file
0
crypto/bn/asm/sparcv9-gf2m.pl
Executable file → Normal file
0
crypto/bn/asm/sparcv9-gf2m.pl
Executable file → Normal file
0
crypto/bn/asm/sparcv9-mont.pl
Executable file → Normal file
0
crypto/bn/asm/sparcv9-mont.pl
Executable file → Normal file
0
crypto/bn/asm/via-mont.pl
Executable file → Normal file
0
crypto/bn/asm/via-mont.pl
Executable file → Normal file
0
crypto/bn/asm/vis3-mont.pl
Executable file → Normal file
0
crypto/bn/asm/vis3-mont.pl
Executable file → Normal file
0
crypto/bn/asm/x86-gf2m.pl
Executable file → Normal file
0
crypto/bn/asm/x86-gf2m.pl
Executable file → Normal file
0
crypto/bn/asm/x86_64-gf2m.pl
Executable file → Normal file
0
crypto/bn/asm/x86_64-gf2m.pl
Executable file → Normal file
0
crypto/bn/bn_const.c
Executable file → Normal file
0
crypto/bn/bn_const.c
Executable file → Normal file
@ -2,7 +2,7 @@
|
||||
* WARNING: do not edit!
|
||||
* Generated by crypto/bn/bn_prime.pl
|
||||
*
|
||||
* Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1998-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
0
crypto/c64xpluscpuid.pl
Executable file → Normal file
0
crypto/c64xpluscpuid.pl
Executable file → Normal file
0
crypto/camellia/asm/cmll-x86.pl
Executable file → Normal file
0
crypto/camellia/asm/cmll-x86.pl
Executable file → Normal file
0
crypto/camellia/asm/cmll-x86_64.pl
Executable file → Normal file
0
crypto/camellia/asm/cmll-x86_64.pl
Executable file → Normal file
0
crypto/camellia/asm/cmllt4-sparcv9.pl
Executable file → Normal file
0
crypto/camellia/asm/cmllt4-sparcv9.pl
Executable file → Normal file
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -185,6 +185,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
|
||||
BUF_MEM *buff = NULL;
|
||||
char *s, *p, *end;
|
||||
int again;
|
||||
int first_call = 1;
|
||||
long eline = 0;
|
||||
char btmp[DECIMAL_SIZE(eline) + 1];
|
||||
CONF_VALUE *v = NULL, *tv;
|
||||
@ -233,6 +234,19 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
|
||||
BIO_gets(in, p, CONFBUFSIZE - 1);
|
||||
p[CONFBUFSIZE - 1] = '\0';
|
||||
ii = i = strlen(p);
|
||||
if (first_call) {
|
||||
/* Other BOMs imply unsupported multibyte encoding,
|
||||
* so don't strip them and let the error raise */
|
||||
const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF};
|
||||
|
||||
if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) {
|
||||
memmove(p, p + 3, i - 3);
|
||||
p[i - 3] = 0;
|
||||
i -= 3;
|
||||
ii -= 3;
|
||||
}
|
||||
first_call = 0;
|
||||
}
|
||||
if (i == 0 && !again) {
|
||||
/* the currently processed BIO is at EOF */
|
||||
BIO *parent;
|
||||
|
@ -2,7 +2,7 @@
|
||||
* WARNING: do not edit!
|
||||
* Generated by crypto/conf/keysets.pl
|
||||
*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
|
0
crypto/des/asm/dest4-sparcv9.pl
Executable file → Normal file
0
crypto/des/asm/dest4-sparcv9.pl
Executable file → Normal file
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -25,18 +25,45 @@ int DH_generate_key(DH *dh)
|
||||
return dh->meth->generate_key(dh);
|
||||
}
|
||||
|
||||
/*-
|
||||
* NB: This function is inherently not constant time due to the
|
||||
* RFC 5246 (8.1.2) padding style that strips leading zero bytes.
|
||||
*/
|
||||
int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
|
||||
{
|
||||
return dh->meth->compute_key(key, pub_key, dh);
|
||||
int ret = 0, i;
|
||||
volatile size_t npad = 0, mask = 1;
|
||||
|
||||
/* compute the key; ret is constant unless compute_key is external */
|
||||
if ((ret = dh->meth->compute_key(key, pub_key, dh)) <= 0)
|
||||
return ret;
|
||||
|
||||
/* count leading zero bytes, yet still touch all bytes */
|
||||
for (i = 0; i < ret; i++) {
|
||||
mask &= !key[i];
|
||||
npad += mask;
|
||||
}
|
||||
|
||||
/* unpad key */
|
||||
ret -= npad;
|
||||
/* key-dependent memory access, potentially leaking npad / ret */
|
||||
memmove(key, key + npad, ret);
|
||||
/* key-dependent memory access, potentially leaking npad / ret */
|
||||
memset(key + ret, 0, npad);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh)
|
||||
{
|
||||
int rv, pad;
|
||||
|
||||
/* rv is constant unless compute_key is external */
|
||||
rv = dh->meth->compute_key(key, pub_key, dh);
|
||||
if (rv <= 0)
|
||||
return rv;
|
||||
pad = BN_num_bytes(dh->p) - rv;
|
||||
/* pad is constant (zero) unless compute_key is external */
|
||||
if (pad > 0) {
|
||||
memmove(key + pad, key, rv);
|
||||
memset(key, 0, pad);
|
||||
@ -212,7 +239,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
|
||||
goto err;
|
||||
}
|
||||
|
||||
ret = BN_bn2bin(tmp, key);
|
||||
ret = BN_bn2binpad(tmp, key, BN_num_bytes(dh->p));
|
||||
err:
|
||||
BN_CTX_end(ctx);
|
||||
BN_CTX_free(ctx);
|
||||
|
0
crypto/ec/asm/ecp_nistz256-armv8.pl
Executable file → Normal file
0
crypto/ec/asm/ecp_nistz256-armv8.pl
Executable file → Normal file
@ -1,4 +1,4 @@
|
||||
# Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -2283,6 +2283,7 @@ EVP_R_ONLY_ONESHOT_SUPPORTED:177:only oneshot supported
|
||||
EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\
|
||||
operation not supported for this keytype
|
||||
EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized
|
||||
EVP_R_OUTPUT_WOULD_OVERFLOW:184:output would overflow
|
||||
EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers
|
||||
EVP_R_PBKDF2_ERROR:181:pbkdf2 error
|
||||
EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\
|
||||
|
@ -8,6 +8,7 @@
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <limits.h>
|
||||
#include <assert.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/evp.h>
|
||||
@ -355,6 +356,19 @@ static int evp_EncryptDecryptUpdate(EVP_CIPHER_CTX *ctx,
|
||||
return 1;
|
||||
} else {
|
||||
j = bl - i;
|
||||
|
||||
/*
|
||||
* Once we've processed the first j bytes from in, the amount of
|
||||
* data left that is a multiple of the block length is:
|
||||
* (inl - j) & ~(bl - 1)
|
||||
* We must ensure that this amount of data, plus the one block that
|
||||
* we process from ctx->buf does not exceed INT_MAX
|
||||
*/
|
||||
if (((inl - j) & ~(bl - 1)) > INT_MAX - bl) {
|
||||
EVPerr(EVP_F_EVP_ENCRYPTDECRYPTUPDATE,
|
||||
EVP_R_OUTPUT_WOULD_OVERFLOW);
|
||||
return 0;
|
||||
}
|
||||
memcpy(&(ctx->buf[i]), in, j);
|
||||
inl -= j;
|
||||
in += j;
|
||||
@ -502,6 +516,19 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
|
||||
EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
|
||||
return 0;
|
||||
}
|
||||
/*
|
||||
* final_used is only ever set if buf_len is 0. Therefore the maximum
|
||||
* length output we will ever see from evp_EncryptDecryptUpdate is
|
||||
* the maximum multiple of the block length that is <= inl, or just:
|
||||
* inl & ~(b - 1)
|
||||
* Since final_used has been set then the final output length is:
|
||||
* (inl & ~(b - 1)) + b
|
||||
* This must never exceed INT_MAX
|
||||
*/
|
||||
if ((inl & ~(b - 1)) > INT_MAX - b) {
|
||||
EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_OUTPUT_WOULD_OVERFLOW);
|
||||
return 0;
|
||||
}
|
||||
memcpy(out, ctx->final, b);
|
||||
out += b;
|
||||
fix_len = 1;
|
||||
|
@ -1,6 +1,6 @@
|
||||
/*
|
||||
* Generated by util/mkerr.pl DO NOT EDIT
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -239,6 +239,8 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
|
||||
"operation not supported for this keytype"},
|
||||
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED),
|
||||
"operaton not initialized"},
|
||||
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OUTPUT_WOULD_OVERFLOW),
|
||||
"output would overflow"},
|
||||
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING),
|
||||
"partially overlapping buffers"},
|
||||
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"},
|
||||
|
0
crypto/md5/asm/md5-sparcv9.pl
Executable file → Normal file
0
crypto/md5/asm/md5-sparcv9.pl
Executable file → Normal file
@ -34,6 +34,12 @@
|
||||
# include <errno.h>
|
||||
# endif
|
||||
# endif
|
||||
# if defined(__FreeBSD__)
|
||||
# define MADV_DONTDUMP MADV_NOCORE
|
||||
# endif
|
||||
# if !defined(MAP_CONCEAL)
|
||||
# define MAP_CONCEAL 0
|
||||
# endif
|
||||
# include <sys/param.h>
|
||||
# include <sys/stat.h>
|
||||
# include <fcntl.h>
|
||||
@ -442,7 +448,7 @@ static int sh_init(size_t size, int minsize)
|
||||
if (1) {
|
||||
#ifdef MAP_ANON
|
||||
sh.map_result = mmap(NULL, sh.map_size,
|
||||
PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0);
|
||||
PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE|MAP_CONCEAL, -1, 0);
|
||||
} else {
|
||||
#endif
|
||||
int fd;
|
||||
|
0
crypto/modes/asm/aesni-gcm-x86_64.pl
Executable file → Normal file
0
crypto/modes/asm/aesni-gcm-x86_64.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-armv4.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-armv4.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-c64xplus.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-c64xplus.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-parisc.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-parisc.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-s390x.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-s390x.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-sparcv9.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-sparcv9.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-x86.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-x86.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-x86_64.pl
Executable file → Normal file
0
crypto/modes/asm/ghash-x86_64.pl
Executable file → Normal file
0
crypto/modes/asm/ghashv8-armx.pl
Executable file → Normal file
0
crypto/modes/asm/ghashv8-armx.pl
Executable file → Normal file
@ -2,7 +2,7 @@
|
||||
* WARNING: do not edit!
|
||||
* Generated by crypto/objects/obj_dat.pl
|
||||
*
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
|
@ -2,7 +2,7 @@
|
||||
* WARNING: do not edit!
|
||||
* Generated by objxref.pl
|
||||
*
|
||||
* Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1998-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
0
crypto/objects/objxref.pl
Executable file → Normal file
0
crypto/objects/objxref.pl
Executable file → Normal file
0
crypto/ocsp/ocsp_cl.c
Executable file → Normal file
0
crypto/ocsp/ocsp_cl.c
Executable file → Normal file
0
crypto/ocsp/ocsp_ext.c
Executable file → Normal file
0
crypto/ocsp/ocsp_ext.c
Executable file → Normal file
0
crypto/ocsp/ocsp_lib.c
Executable file → Normal file
0
crypto/ocsp/ocsp_lib.c
Executable file → Normal file
0
crypto/ocsp/ocsp_srv.c
Executable file → Normal file
0
crypto/ocsp/ocsp_srv.c
Executable file → Normal file
0
crypto/pariscid.pl
Executable file → Normal file
0
crypto/pariscid.pl
Executable file → Normal file
0
crypto/perlasm/sparcv9_modes.pl
Executable file → Normal file
0
crypto/perlasm/sparcv9_modes.pl
Executable file → Normal file
0
crypto/perlasm/x86gas.pl
Executable file → Normal file
0
crypto/perlasm/x86gas.pl
Executable file → Normal file
0
crypto/perlasm/x86masm.pl
Executable file → Normal file
0
crypto/perlasm/x86masm.pl
Executable file → Normal file
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -133,10 +133,10 @@ poly1305_init:
|
||||
# ifdef __thumb2__
|
||||
itete eq
|
||||
# endif
|
||||
addeq r12,r11,#(poly1305_emit-.Lpoly1305_init)
|
||||
addne r12,r11,#(poly1305_emit_neon-.Lpoly1305_init)
|
||||
addeq r11,r11,#(poly1305_blocks-.Lpoly1305_init)
|
||||
addne r11,r11,#(poly1305_blocks_neon-.Lpoly1305_init)
|
||||
addeq r12,r11,#(.Lpoly1305_emit-.Lpoly1305_init)
|
||||
addne r12,r11,#(.Lpoly1305_emit_neon-.Lpoly1305_init)
|
||||
addeq r11,r11,#(.Lpoly1305_blocks-.Lpoly1305_init)
|
||||
addne r11,r11,#(.Lpoly1305_blocks_neon-.Lpoly1305_init)
|
||||
# endif
|
||||
# ifdef __thumb2__
|
||||
orr r12,r12,#1 @ thumb-ify address
|
||||
@ -352,6 +352,7 @@ $code.=<<___;
|
||||
.type poly1305_emit,%function
|
||||
.align 5
|
||||
poly1305_emit:
|
||||
.Lpoly1305_emit:
|
||||
stmdb sp!,{r4-r11}
|
||||
.Lpoly1305_emit_enter:
|
||||
|
||||
@ -671,6 +672,7 @@ poly1305_init_neon:
|
||||
.type poly1305_blocks_neon,%function
|
||||
.align 5
|
||||
poly1305_blocks_neon:
|
||||
.Lpoly1305_blocks_neon:
|
||||
ldr ip,[$ctx,#36] @ is_base2_26
|
||||
ands $len,$len,#-16
|
||||
beq .Lno_data_neon
|
||||
@ -1157,6 +1159,7 @@ poly1305_blocks_neon:
|
||||
.type poly1305_emit_neon,%function
|
||||
.align 5
|
||||
poly1305_emit_neon:
|
||||
.Lpoly1305_emit_neon:
|
||||
ldr ip,[$ctx,#36] @ is_base2_26
|
||||
|
||||
stmdb sp!,{r4-r11}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2009-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -214,6 +214,24 @@ size_t OPENSSL_instrument_bus2(unsigned int *out, size_t cnt, size_t max)
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if defined(__FreeBSD__)
|
||||
# include <sys/param.h>
|
||||
# if __FreeBSD_version >= 1200000
|
||||
# include <sys/auxv.h>
|
||||
# define OSSL_IMPLEMENT_GETAUXVAL
|
||||
|
||||
static unsigned long getauxval(unsigned long key)
|
||||
{
|
||||
unsigned long val = 0ul;
|
||||
|
||||
if (elf_aux_info((int)key, &val, sizeof(val)) != 0)
|
||||
return 0ul;
|
||||
|
||||
return val;
|
||||
}
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/* I wish <sys/auxv.h> was universally available */
|
||||
#define HWCAP 16 /* AT_HWCAP */
|
||||
#define HWCAP_PPC64 (1U << 30)
|
||||
|
0
crypto/rc4/asm/rc4-c64xplus.pl
Executable file → Normal file
0
crypto/rc4/asm/rc4-c64xplus.pl
Executable file → Normal file
0
crypto/rc4/asm/rc4-md5-x86_64.pl
Executable file → Normal file
0
crypto/rc4/asm/rc4-md5-x86_64.pl
Executable file → Normal file
0
crypto/rc4/asm/rc4-parisc.pl
Executable file → Normal file
0
crypto/rc4/asm/rc4-parisc.pl
Executable file → Normal file
0
crypto/rc4/asm/rc4-s390x.pl
Executable file → Normal file
0
crypto/rc4/asm/rc4-s390x.pl
Executable file → Normal file
@ -55,7 +55,7 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
|
||||
|
||||
/*
|
||||
* Copy of RSA_padding_check_PKCS1_type_2 with a twist that rejects padding
|
||||
* if nul delimiter is not preceded by 8 consecutive 0x03 bytes. It also
|
||||
* if nul delimiter is preceded by 8 consecutive 0x03 bytes. It also
|
||||
* preserves error code reporting for backward compatibility.
|
||||
*/
|
||||
int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
|
||||
@ -122,7 +122,13 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
|
||||
RSA_R_NULL_BEFORE_BLOCK_MISSING);
|
||||
mask = ~good;
|
||||
|
||||
good &= constant_time_ge(threes_in_row, 8);
|
||||
/*
|
||||
* Reject if nul delimiter is preceded by 8 consecutive 0x03 bytes. Note
|
||||
* that RFC5246 incorrectly states this the other way around, i.e. reject
|
||||
* if it is not preceded by 8 consecutive 0x03 bytes. However this is
|
||||
* corrected in subsequent errata for that RFC.
|
||||
*/
|
||||
good &= constant_time_lt(threes_in_row, 8);
|
||||
err = constant_time_select_int(mask | good, err,
|
||||
RSA_R_SSLV3_ROLLBACK_ATTACK);
|
||||
mask = ~good;
|
||||
|
0
crypto/sha/asm/sha1-armv4-large.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-armv4-large.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-armv8.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-armv8.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-c64xplus.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-c64xplus.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-mb-x86_64.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-mb-x86_64.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-mips.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-mips.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-parisc.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-parisc.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-s390x.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-s390x.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-sparcv9.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-sparcv9.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-sparcv9a.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-sparcv9a.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-thumb.pl
Executable file → Normal file
0
crypto/sha/asm/sha1-thumb.pl
Executable file → Normal file
0
crypto/sha/asm/sha256-586.pl
Executable file → Normal file
0
crypto/sha/asm/sha256-586.pl
Executable file → Normal file
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user