OpenSSL: Merge OpenSSL 1.1.1j

Merge commit '4f55bd5321b72491d4eff396e4928e9ab0706735'
This commit is contained in:
Jung-uk Kim 2021-02-16 17:00:27 -05:00
commit 88e852c0b5
90 changed files with 432 additions and 201 deletions

View File

@ -13,6 +13,8 @@ Ben Kaduk
Bernd Edlinger Bernd Edlinger
Bodo Möller Bodo Möller
David Benjamin David Benjamin
David von Oheimb
Dmitry Belyavskiy (Дмитрий Белявский)
Emilia Käsper Emilia Käsper
Eric Young Eric Young
Geoff Thorpe Geoff Thorpe
@ -22,14 +24,19 @@ Lutz Jänicke
Mark J. Cox Mark J. Cox
Matt Caswell Matt Caswell
Matthias St. Pierre Matthias St. Pierre
Nicola Tuveri
Nils Larsch Nils Larsch
Patrick Steuer
Paul Dale Paul Dale
Paul C. Sutton Paul C. Sutton
Paul Yang
Ralf S. Engelschall Ralf S. Engelschall
Rich Salz Rich Salz
Richard Levitte Richard Levitte
Shane Lontis
Stephen Henson Stephen Henson
Steve Marquess Steve Marquess
Tim Hudson Tim Hudson
Tomáš Mráz
Ulf Möller Ulf Möller
Viktor Dukhovni Viktor Dukhovni

View File

@ -7,6 +7,43 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch. release branch.
Changes between 1.1.1i and 1.1.1j [16 Feb 2021]
*) Fixed the X509_issuer_and_serial_hash() function. It attempts to
create a unique hash value based on the issuer and serial number data
contained within an X509 certificate. However it was failing to correctly
handle any errors that may occur while parsing the issuer field (which might
occur if the issuer field is maliciously constructed). This may subsequently
result in a NULL pointer deref and a crash leading to a potential denial of
service attack.
(CVE-2021-23841)
[Matt Caswell]
*) Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING
padding mode to correctly check for rollback attacks. This is considered a
bug in OpenSSL 1.1.1 because it does not support SSLv2. In 1.0.2 this is
CVE-2021-23839.
[Matt Caswell]
*) Fixed the EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate
functions. Previously they could overflow the output length argument in some
cases where the input length is close to the maximum permissable length for
an integer on the platform. In such cases the return value from the function
call would be 1 (indicating success), but the output length value would be
negative. This could cause applications to behave incorrectly or crash.
(CVE-2021-23840)
[Matt Caswell]
*) Fixed SRP_Calc_client_key so that it runs in constant time. The previous
implementation called BN_mod_exp without setting BN_FLG_CONSTTIME. This
could be exploited in a side channel attack to recover the password. Since
the attack is local host only this is outside of the current OpenSSL
threat model and therefore no CVE is assigned.
Thanks to Mohammed Sabt and Daniel De Almeida Braga for reporting this
issue.
[Matt Caswell]
Changes between 1.1.1h and 1.1.1i [8 Dec 2020] Changes between 1.1.1h and 1.1.1i [8 Dec 2020]
*) Fixed NULL pointer deref in the GENERAL_NAME_cmp function *) Fixed NULL pointer deref in the GENERAL_NAME_cmp function

View File

@ -41,8 +41,8 @@ guidelines:
https://www.openssl.org/policies/codingstyle.html) and compile https://www.openssl.org/policies/codingstyle.html) and compile
without warnings. Where gcc or clang is available you should use the without warnings. Where gcc or clang is available you should use the
--strict-warnings Configure option. OpenSSL compiles on many varied --strict-warnings Configure option. OpenSSL compiles on many varied
platforms: try to ensure you only use portable features. Clean builds platforms: try to ensure you only use portable features. Clean builds via
via Travis and AppVeyor are required, and they are started automatically GitHub Actions and AppVeyor are required, and they are started automatically
whenever a PR is created or updated. whenever a PR is created or updated.
5. When at all possible, patches should include tests. These can 5. When at all possible, patches should include tests. These can

View File

@ -1,6 +1,6 @@
#! /usr/bin/env perl #! /usr/bin/env perl
# -*- mode: perl; -*- # -*- mode: perl; -*-
# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. # Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
# #
# Licensed under the OpenSSL license (the "License"). You may not use # Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy # this file except in compliance with the License. You can obtain a copy
@ -1203,6 +1203,10 @@ foreach (keys %useradd) {
# At this point, we can forget everything about %user and %useradd, # At this point, we can forget everything about %user and %useradd,
# because it's now all been merged into the corresponding $config entry # because it's now all been merged into the corresponding $config entry
if (grep { $_ eq '-static' } @{$config{LDFLAGS}}) {
disable('static', 'pic', 'threads');
}
# Allow overriding the build file name # Allow overriding the build file name
$config{build_file} = env('BUILDFILE') || $target{build_file} || "Makefile"; $config{build_file} = env('BUILDFILE') || $target{build_file} || "Makefile";
@ -1523,10 +1527,6 @@ if ($strict_warnings)
} }
} }
if (grep { $_ eq '-static' } @{$config{LDFLAGS}}) {
disable('static', 'pic', 'threads');
}
$config{CFLAGS} = [ map { $_ eq '--ossl-strict-warnings' $config{CFLAGS} = [ map { $_ eq '--ossl-strict-warnings'
? @strict_warnings_collection ? @strict_warnings_collection
: ( $_ ) } : ( $_ ) }
@ -2640,19 +2640,22 @@ _____
} }
print "\nEnabled features:\n\n"; print "\nEnabled features:\n\n";
foreach my $what (@disablables) { foreach my $what (@disablables) {
print " $what\n" unless $disabled{$what}; print " $what\n"
unless grep { $_ =~ /^${what}$/ } keys %disabled;
} }
print "\nDisabled features:\n\n"; print "\nDisabled features:\n\n";
foreach my $what (@disablables) { foreach my $what (@disablables) {
if ($disabled{$what}) { my @what2 = grep { $_ =~ /^${what}$/ } keys %disabled;
print " $what", ' ' x ($longest - length($what) + 1), my $what3 = $what2[0];
"[$disabled{$what}]", ' ' x ($longest2 - length($disabled{$what}) + 1); if ($what3) {
print $disabled_info{$what}->{macro} print " $what3", ' ' x ($longest - length($what3) + 1),
if $disabled_info{$what}->{macro}; "[$disabled{$what3}]", ' ' x ($longest2 - length($disabled{$what3}) + 1);
print $disabled_info{$what3}->{macro}
if $disabled_info{$what3}->{macro};
print ' (skip ', print ' (skip ',
join(', ', @{$disabled_info{$what}->{skipped}}), join(', ', @{$disabled_info{$what3}->{skipped}}),
')' ')'
if $disabled_info{$what}->{skipped}; if $disabled_info{$what3}->{skipped};
print "\n"; print "\n";
} }
} }

View File

@ -106,8 +106,7 @@
This will build and install OpenSSL in the default location, which is: This will build and install OpenSSL in the default location, which is:
Unix: normal installation directories under /usr/local Unix: normal installation directories under /usr/local
OpenVMS: SYS$COMMON:[OPENSSL-'version'...], where 'version' is the OpenVMS: SYS$COMMON:[OPENSSL]
OpenSSL version number with underscores instead of periods.
Windows: C:\Program Files\OpenSSL or C:\Program Files (x86)\OpenSSL Windows: C:\Program Files\OpenSSL or C:\Program Files (x86)\OpenSSL
The installation directory should be appropriately protected to ensure The installation directory should be appropriately protected to ensure
@ -116,7 +115,9 @@
your Operating System it is recommended that you do not overwrite the system your Operating System it is recommended that you do not overwrite the system
version and instead install to somewhere else. version and instead install to somewhere else.
If you want to install it anywhere else, run config like this: If you want to install it anywhere else, run config like this (the options
--prefix and --openssldir are explained further down, and the values shown
here are mere examples):
On Unix: On Unix:
@ -198,7 +199,7 @@
Unix: /usr/local Unix: /usr/local
Windows: C:\Program Files\OpenSSL Windows: C:\Program Files\OpenSSL
or C:\Program Files (x86)\OpenSSL or C:\Program Files (x86)\OpenSSL
OpenVMS: SYS$COMMON:[OPENSSL-'version'] OpenVMS: SYS$COMMON:[OPENSSL]
--release --release
Build OpenSSL without debugging symbols. This is the default. Build OpenSSL without debugging symbols. This is the default.
@ -970,9 +971,9 @@
share/doc/openssl/html/man7 share/doc/openssl/html/man7
Contains the HTML rendition of the man-pages. Contains the HTML rendition of the man-pages.
OpenVMS ('arch' is replaced with the architecture name, "Alpha" OpenVMS ('arch' is replaced with the architecture name, "ALPHA"
or "ia64", 'sover' is replaced with the shared library version or "IA64", 'sover' is replaced with the shared library version
(0101 for 1.1), and 'pz' is replaced with the pointer size (0101 for 1.1.x), and 'pz' is replaced with the pointer size
OpenSSL was built with): OpenSSL was built with):
[.EXE.'arch'] Contains the openssl binary. [.EXE.'arch'] Contains the openssl binary.

View File

@ -5,6 +5,16 @@
This file gives a brief overview of the major changes between each OpenSSL This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file. release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [16 Feb 2021]
o Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
function (CVE-2021-23841)
o Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING
padding mode to correctly check for rollback attacks
o Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and
EVP_DecryptUpdate functions (CVE-2021-23840)
o Fixed SRP_Calc_client_key so that it runs in constant time
Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [8 Dec 2020] Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [8 Dec 2020]
o Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971) o Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971)

View File

@ -1,5 +1,5 @@
OpenSSL 1.1.1i 8 Dec 2020 OpenSSL 1.1.1j 16 Feb 2021
Copyright (c) 1998-2020 The OpenSSL Project Copyright (c) 1998-2020 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -2223,62 +2223,51 @@ static int get_certificate_status(const char *serial, CA_DB *db)
static int do_updatedb(CA_DB *db) static int do_updatedb(CA_DB *db)
{ {
ASN1_UTCTIME *a_tm = NULL; ASN1_TIME *a_tm = NULL;
int i, cnt = 0; int i, cnt = 0;
int db_y2k, a_y2k; /* flags = 1 if y >= 2000 */ char **rrow;
char **rrow, *a_tm_s;
a_tm = ASN1_UTCTIME_new(); a_tm = ASN1_TIME_new();
if (a_tm == NULL) if (a_tm == NULL)
return -1; return -1;
/* get actual time and make a string */ /* get actual time */
if (X509_gmtime_adj(a_tm, 0) == NULL) { if (X509_gmtime_adj(a_tm, 0) == NULL) {
ASN1_UTCTIME_free(a_tm); ASN1_TIME_free(a_tm);
return -1; return -1;
} }
a_tm_s = app_malloc(a_tm->length + 1, "time string");
memcpy(a_tm_s, a_tm->data, a_tm->length);
a_tm_s[a_tm->length] = '\0';
if (strncmp(a_tm_s, "49", 2) <= 0)
a_y2k = 1;
else
a_y2k = 0;
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
rrow = sk_OPENSSL_PSTRING_value(db->db->data, i); rrow = sk_OPENSSL_PSTRING_value(db->db->data, i);
if (rrow[DB_type][0] == DB_TYPE_VAL) { if (rrow[DB_type][0] == DB_TYPE_VAL) {
/* ignore entries that are not valid */ /* ignore entries that are not valid */
if (strncmp(rrow[DB_exp_date], "49", 2) <= 0) ASN1_TIME *exp_date = NULL;
db_y2k = 1;
else
db_y2k = 0;
if (db_y2k == a_y2k) { exp_date = ASN1_TIME_new();
/* all on the same y2k side */ if (exp_date == NULL) {
if (strcmp(rrow[DB_exp_date], a_tm_s) <= 0) { ASN1_TIME_free(a_tm);
rrow[DB_type][0] = DB_TYPE_EXP; return -1;
rrow[DB_type][1] = '\0'; }
cnt++;
BIO_printf(bio_err, "%s=Expired\n", rrow[DB_serial]); if (!ASN1_TIME_set_string(exp_date, rrow[DB_exp_date])) {
} ASN1_TIME_free(a_tm);
} else if (db_y2k < a_y2k) { ASN1_TIME_free(exp_date);
return -1;
}
if (ASN1_TIME_compare(exp_date, a_tm) <= 0) {
rrow[DB_type][0] = DB_TYPE_EXP; rrow[DB_type][0] = DB_TYPE_EXP;
rrow[DB_type][1] = '\0'; rrow[DB_type][1] = '\0';
cnt++; cnt++;
BIO_printf(bio_err, "%s=Expired\n", rrow[DB_serial]); BIO_printf(bio_err, "%s=Expired\n", rrow[DB_serial]);
} }
ASN1_TIME_free(exp_date);
} }
} }
ASN1_UTCTIME_free(a_tm); ASN1_TIME_free(a_tm);
OPENSSL_free(a_tm_s);
return cnt; return cnt;
} }

0
crypto/openssl/apps/progs.pl Normal file → Executable file
View File

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -69,6 +69,23 @@ void OPENSSL_cpuid_setup(void) __attribute__ ((constructor));
# define OSSL_IMPLEMENT_GETAUXVAL # define OSSL_IMPLEMENT_GETAUXVAL
# endif # endif
# endif # endif
# if defined(__FreeBSD__)
# include <sys/param.h>
# if __FreeBSD_version >= 1200000
# include <sys/auxv.h>
# define OSSL_IMPLEMENT_GETAUXVAL
static unsigned long getauxval(unsigned long key)
{
unsigned long val = 0ul;
if (elf_aux_info((int)key, &val, sizeof(val)) != 0)
return 0ul;
return val;
}
# endif
# endif
/* /*
* ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas * ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas

View File

@ -2,7 +2,7 @@
* WARNING: do not edit! * WARNING: do not edit!
* Generated by crypto/asn1/charmap.pl * Generated by crypto/asn1/charmap.pl
* *
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy

0
crypto/openssl/crypto/asn1/charmap.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/bf/asm/bf-586.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/bn/asm/bn-586.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/bn/asm/co-586.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/bn/asm/ppc.pl Normal file → Executable file
View File

View File

@ -2,7 +2,7 @@
* WARNING: do not edit! * WARNING: do not edit!
* Generated by crypto/bn/bn_prime.pl * Generated by crypto/bn/bn_prime.pl
* *
* Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1998-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy

0
crypto/openssl/crypto/bn/bn_prime.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/cast/asm/cast-586.pl Normal file → Executable file
View File

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -185,6 +185,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
BUF_MEM *buff = NULL; BUF_MEM *buff = NULL;
char *s, *p, *end; char *s, *p, *end;
int again; int again;
int first_call = 1;
long eline = 0; long eline = 0;
char btmp[DECIMAL_SIZE(eline) + 1]; char btmp[DECIMAL_SIZE(eline) + 1];
CONF_VALUE *v = NULL, *tv; CONF_VALUE *v = NULL, *tv;
@ -233,6 +234,19 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
BIO_gets(in, p, CONFBUFSIZE - 1); BIO_gets(in, p, CONFBUFSIZE - 1);
p[CONFBUFSIZE - 1] = '\0'; p[CONFBUFSIZE - 1] = '\0';
ii = i = strlen(p); ii = i = strlen(p);
if (first_call) {
/* Other BOMs imply unsupported multibyte encoding,
* so don't strip them and let the error raise */
const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF};
if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) {
memmove(p, p + 3, i - 3);
p[i - 3] = 0;
i -= 3;
ii -= 3;
}
first_call = 0;
}
if (i == 0 && !again) { if (i == 0 && !again) {
/* the currently processed BIO is at EOF */ /* the currently processed BIO is at EOF */
BIO *parent; BIO *parent;

View File

@ -2,7 +2,7 @@
* WARNING: do not edit! * WARNING: do not edit!
* Generated by crypto/conf/keysets.pl * Generated by crypto/conf/keysets.pl
* *
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at * in the file LICENSE in the source distribution or at

0
crypto/openssl/crypto/conf/keysets.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/des/asm/crypt586.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/des/asm/des-586.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/des/asm/desboth.pl Normal file → Executable file
View File

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -25,18 +25,45 @@ int DH_generate_key(DH *dh)
return dh->meth->generate_key(dh); return dh->meth->generate_key(dh);
} }
/*-
* NB: This function is inherently not constant time due to the
* RFC 5246 (8.1.2) padding style that strips leading zero bytes.
*/
int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
{ {
return dh->meth->compute_key(key, pub_key, dh); int ret = 0, i;
volatile size_t npad = 0, mask = 1;
/* compute the key; ret is constant unless compute_key is external */
if ((ret = dh->meth->compute_key(key, pub_key, dh)) <= 0)
return ret;
/* count leading zero bytes, yet still touch all bytes */
for (i = 0; i < ret; i++) {
mask &= !key[i];
npad += mask;
}
/* unpad key */
ret -= npad;
/* key-dependent memory access, potentially leaking npad / ret */
memmove(key, key + npad, ret);
/* key-dependent memory access, potentially leaking npad / ret */
memset(key + ret, 0, npad);
return ret;
} }
int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh) int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh)
{ {
int rv, pad; int rv, pad;
/* rv is constant unless compute_key is external */
rv = dh->meth->compute_key(key, pub_key, dh); rv = dh->meth->compute_key(key, pub_key, dh);
if (rv <= 0) if (rv <= 0)
return rv; return rv;
pad = BN_num_bytes(dh->p) - rv; pad = BN_num_bytes(dh->p) - rv;
/* pad is constant (zero) unless compute_key is external */
if (pad > 0) { if (pad > 0) {
memmove(key + pad, key, rv); memmove(key + pad, key, rv);
memset(key, 0, pad); memset(key, 0, pad);
@ -212,7 +239,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
goto err; goto err;
} }
ret = BN_bn2bin(tmp, key); ret = BN_bn2binpad(tmp, key, BN_num_bytes(dh->p));
err: err:
BN_CTX_end(ctx); BN_CTX_end(ctx);
BN_CTX_free(ctx); BN_CTX_free(ctx);

View File

@ -1,4 +1,4 @@
# Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. # Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
# #
# Licensed under the OpenSSL license (the "License"). You may not use # Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy # this file except in compliance with the License. You can obtain a copy
@ -2284,6 +2284,7 @@ EVP_R_ONLY_ONESHOT_SUPPORTED:177:only oneshot supported
EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\
operation not supported for this keytype operation not supported for this keytype
EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized
EVP_R_OUTPUT_WOULD_OVERFLOW:184:output would overflow
EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers
EVP_R_PBKDF2_ERROR:181:pbkdf2 error EVP_R_PBKDF2_ERROR:181:pbkdf2 error
EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\ EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\

View File

@ -8,6 +8,7 @@
*/ */
#include <stdio.h> #include <stdio.h>
#include <limits.h>
#include <assert.h> #include <assert.h>
#include "internal/cryptlib.h" #include "internal/cryptlib.h"
#include <openssl/evp.h> #include <openssl/evp.h>
@ -355,6 +356,19 @@ static int evp_EncryptDecryptUpdate(EVP_CIPHER_CTX *ctx,
return 1; return 1;
} else { } else {
j = bl - i; j = bl - i;
/*
* Once we've processed the first j bytes from in, the amount of
* data left that is a multiple of the block length is:
* (inl - j) & ~(bl - 1)
* We must ensure that this amount of data, plus the one block that
* we process from ctx->buf does not exceed INT_MAX
*/
if (((inl - j) & ~(bl - 1)) > INT_MAX - bl) {
EVPerr(EVP_F_EVP_ENCRYPTDECRYPTUPDATE,
EVP_R_OUTPUT_WOULD_OVERFLOW);
return 0;
}
memcpy(&(ctx->buf[i]), in, j); memcpy(&(ctx->buf[i]), in, j);
inl -= j; inl -= j;
in += j; in += j;
@ -502,6 +516,19 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING); EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
return 0; return 0;
} }
/*
* final_used is only ever set if buf_len is 0. Therefore the maximum
* length output we will ever see from evp_EncryptDecryptUpdate is
* the maximum multiple of the block length that is <= inl, or just:
* inl & ~(b - 1)
* Since final_used has been set then the final output length is:
* (inl & ~(b - 1)) + b
* This must never exceed INT_MAX
*/
if ((inl & ~(b - 1)) > INT_MAX - b) {
EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_OUTPUT_WOULD_OVERFLOW);
return 0;
}
memcpy(out, ctx->final, b); memcpy(out, ctx->final, b);
out += b; out += b;
fix_len = 1; fix_len = 1;

View File

@ -1,6 +1,6 @@
/* /*
* Generated by util/mkerr.pl DO NOT EDIT * Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -239,6 +239,8 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
"operation not supported for this keytype"}, "operation not supported for this keytype"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED), {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED),
"operaton not initialized"}, "operaton not initialized"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OUTPUT_WOULD_OVERFLOW),
"output would overflow"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING), {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING),
"partially overlapping buffers"}, "partially overlapping buffers"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"},

0
crypto/openssl/crypto/md5/asm/md5-586.pl Normal file → Executable file
View File

View File

@ -34,6 +34,12 @@
# include <errno.h> # include <errno.h>
# endif # endif
# endif # endif
# if defined(__FreeBSD__)
# define MADV_DONTDUMP MADV_NOCORE
# endif
# if !defined(MAP_CONCEAL)
# define MAP_CONCEAL 0
# endif
# include <sys/param.h> # include <sys/param.h>
# include <sys/stat.h> # include <sys/stat.h>
# include <fcntl.h> # include <fcntl.h>
@ -442,7 +448,7 @@ static int sh_init(size_t size, int minsize)
if (1) { if (1) {
#ifdef MAP_ANON #ifdef MAP_ANON
sh.map_result = mmap(NULL, sh.map_size, sh.map_result = mmap(NULL, sh.map_size,
PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0); PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE|MAP_CONCEAL, -1, 0);
} else { } else {
#endif #endif
int fd; int fd;

View File

@ -2,7 +2,7 @@
* WARNING: do not edit! * WARNING: do not edit!
* Generated by crypto/objects/obj_dat.pl * Generated by crypto/objects/obj_dat.pl
* *
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at * in the file LICENSE in the source distribution or at

0
crypto/openssl/crypto/objects/obj_dat.pl Normal file → Executable file
View File

View File

@ -2,7 +2,7 @@
* WARNING: do not edit! * WARNING: do not edit!
* Generated by objxref.pl * Generated by objxref.pl
* *
* Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1998-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy

0
crypto/openssl/crypto/objects/objects.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/perlasm/cbc.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/perlasm/x86asm.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/perlasm/x86nasm.pl Normal file → Executable file
View File

View File

@ -1,5 +1,5 @@
#! /usr/bin/env perl #! /usr/bin/env perl
# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. # Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
# #
# Licensed under the OpenSSL license (the "License"). You may not use # Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy # this file except in compliance with the License. You can obtain a copy
@ -133,10 +133,10 @@ poly1305_init:
# ifdef __thumb2__ # ifdef __thumb2__
itete eq itete eq
# endif # endif
addeq r12,r11,#(poly1305_emit-.Lpoly1305_init) addeq r12,r11,#(.Lpoly1305_emit-.Lpoly1305_init)
addne r12,r11,#(poly1305_emit_neon-.Lpoly1305_init) addne r12,r11,#(.Lpoly1305_emit_neon-.Lpoly1305_init)
addeq r11,r11,#(poly1305_blocks-.Lpoly1305_init) addeq r11,r11,#(.Lpoly1305_blocks-.Lpoly1305_init)
addne r11,r11,#(poly1305_blocks_neon-.Lpoly1305_init) addne r11,r11,#(.Lpoly1305_blocks_neon-.Lpoly1305_init)
# endif # endif
# ifdef __thumb2__ # ifdef __thumb2__
orr r12,r12,#1 @ thumb-ify address orr r12,r12,#1 @ thumb-ify address
@ -352,6 +352,7 @@ $code.=<<___;
.type poly1305_emit,%function .type poly1305_emit,%function
.align 5 .align 5
poly1305_emit: poly1305_emit:
.Lpoly1305_emit:
stmdb sp!,{r4-r11} stmdb sp!,{r4-r11}
.Lpoly1305_emit_enter: .Lpoly1305_emit_enter:
@ -671,6 +672,7 @@ poly1305_init_neon:
.type poly1305_blocks_neon,%function .type poly1305_blocks_neon,%function
.align 5 .align 5
poly1305_blocks_neon: poly1305_blocks_neon:
.Lpoly1305_blocks_neon:
ldr ip,[$ctx,#36] @ is_base2_26 ldr ip,[$ctx,#36] @ is_base2_26
ands $len,$len,#-16 ands $len,$len,#-16
beq .Lno_data_neon beq .Lno_data_neon
@ -1157,6 +1159,7 @@ poly1305_blocks_neon:
.type poly1305_emit_neon,%function .type poly1305_emit_neon,%function
.align 5 .align 5
poly1305_emit_neon: poly1305_emit_neon:
.Lpoly1305_emit_neon:
ldr ip,[$ctx,#36] @ is_base2_26 ldr ip,[$ctx,#36] @ is_base2_26
stmdb sp!,{r4-r11} stmdb sp!,{r4-r11}

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2009-2019 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -214,6 +214,24 @@ size_t OPENSSL_instrument_bus2(unsigned int *out, size_t cnt, size_t max)
# endif # endif
#endif #endif
#if defined(__FreeBSD__)
# include <sys/param.h>
# if __FreeBSD_version >= 1200000
# include <sys/auxv.h>
# define OSSL_IMPLEMENT_GETAUXVAL
static unsigned long getauxval(unsigned long key)
{
unsigned long val = 0ul;
if (elf_aux_info((int)key, &val, sizeof(val)) != 0)
return 0ul;
return val;
}
# endif
#endif
/* I wish <sys/auxv.h> was universally available */ /* I wish <sys/auxv.h> was universally available */
#define HWCAP 16 /* AT_HWCAP */ #define HWCAP 16 /* AT_HWCAP */
#define HWCAP_PPC64 (1U << 30) #define HWCAP_PPC64 (1U << 30)

0
crypto/openssl/crypto/rc4/asm/rc4-586.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/rc5/asm/rc5-586.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/ripemd/asm/rmd-586.pl Normal file → Executable file
View File

View File

@ -55,7 +55,7 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
/* /*
* Copy of RSA_padding_check_PKCS1_type_2 with a twist that rejects padding * Copy of RSA_padding_check_PKCS1_type_2 with a twist that rejects padding
* if nul delimiter is not preceded by 8 consecutive 0x03 bytes. It also * if nul delimiter is preceded by 8 consecutive 0x03 bytes. It also
* preserves error code reporting for backward compatibility. * preserves error code reporting for backward compatibility.
*/ */
int RSA_padding_check_SSLv23(unsigned char *to, int tlen, int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
@ -122,7 +122,13 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
RSA_R_NULL_BEFORE_BLOCK_MISSING); RSA_R_NULL_BEFORE_BLOCK_MISSING);
mask = ~good; mask = ~good;
good &= constant_time_ge(threes_in_row, 8); /*
* Reject if nul delimiter is preceded by 8 consecutive 0x03 bytes. Note
* that RFC5246 incorrectly states this the other way around, i.e. reject
* if it is not preceded by 8 consecutive 0x03 bytes. However this is
* corrected in subsequent errata for that RFC.
*/
good &= constant_time_lt(threes_in_row, 8);
err = constant_time_select_int(mask | good, err, err = constant_time_select_int(mask | good, err,
RSA_R_SSLV3_ROLLBACK_ATTACK); RSA_R_SSLV3_ROLLBACK_ATTACK);
mask = ~good; mask = ~good;

0
crypto/openssl/crypto/sha/asm/sha1-586.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/sha/asm/sha1-ia64.pl Normal file → Executable file
View File

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2004-2019 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2004, EdelKey Project. All Rights Reserved. * Copyright (c) 2004, EdelKey Project. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
@ -177,6 +177,7 @@ BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
const BIGNUM *x, const BIGNUM *a, const BIGNUM *u) const BIGNUM *x, const BIGNUM *a, const BIGNUM *u)
{ {
BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL; BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL;
BIGNUM *xtmp = NULL;
BN_CTX *bn_ctx; BN_CTX *bn_ctx;
if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULL if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULL
@ -185,10 +186,13 @@ BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
if ((tmp = BN_new()) == NULL || if ((tmp = BN_new()) == NULL ||
(tmp2 = BN_new()) == NULL || (tmp2 = BN_new()) == NULL ||
(tmp3 = BN_new()) == NULL) (tmp3 = BN_new()) == NULL ||
(xtmp = BN_new()) == NULL)
goto err; goto err;
if (!BN_mod_exp(tmp, g, x, N, bn_ctx)) BN_with_flags(xtmp, x, BN_FLG_CONSTTIME);
BN_set_flags(tmp, BN_FLG_CONSTTIME);
if (!BN_mod_exp(tmp, g, xtmp, N, bn_ctx))
goto err; goto err;
if ((k = srp_Calc_k(N, g)) == NULL) if ((k = srp_Calc_k(N, g)) == NULL)
goto err; goto err;
@ -196,7 +200,7 @@ BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
goto err; goto err;
if (!BN_mod_sub(tmp, B, tmp2, N, bn_ctx)) if (!BN_mod_sub(tmp, B, tmp2, N, bn_ctx))
goto err; goto err;
if (!BN_mul(tmp3, u, x, bn_ctx)) if (!BN_mul(tmp3, u, xtmp, bn_ctx))
goto err; goto err;
if (!BN_add(tmp2, a, tmp3)) if (!BN_add(tmp2, a, tmp3))
goto err; goto err;
@ -208,6 +212,7 @@ BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
err: err:
BN_CTX_free(bn_ctx); BN_CTX_free(bn_ctx);
BN_free(xtmp);
BN_clear_free(tmp); BN_clear_free(tmp);
BN_clear_free(tmp2); BN_clear_free(tmp2);
BN_clear_free(tmp3); BN_clear_free(tmp3);

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -39,6 +39,8 @@ unsigned long X509_issuer_and_serial_hash(X509 *a)
if (ctx == NULL) if (ctx == NULL)
goto err; goto err;
f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0); f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0);
if (f == NULL)
goto err;
if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL)) if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL))
goto err; goto err;
if (!EVP_DigestUpdate(ctx, (unsigned char *)f, strlen(f))) if (!EVP_DigestUpdate(ctx, (unsigned char *)f, strlen(f)))
@ -133,19 +135,21 @@ unsigned long X509_subject_name_hash_old(X509 *x)
*/ */
int X509_cmp(const X509 *a, const X509 *b) int X509_cmp(const X509 *a, const X509 *b)
{ {
int rv; int rv = 0;
if (a == b) /* for efficiency */ if (a == b) /* for efficiency */
return 0; return 0;
/* ensure hash is valid */
if (X509_check_purpose((X509 *)a, -1, 0) != 1)
return -2;
if (X509_check_purpose((X509 *)b, -1, 0) != 1)
return -2;
rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH); /* try to make sure hash is valid */
if (rv) (void)X509_check_purpose((X509 *)a, -1, 0);
(void)X509_check_purpose((X509 *)b, -1, 0);
if ((a->ex_flags & EXFLAG_NO_FINGERPRINT) == 0
&& (b->ex_flags & EXFLAG_NO_FINGERPRINT) == 0)
rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
if (rv != 0)
return rv; return rv;
/* Check for match against stored encoding too */ /* Check for match against stored encoding too */
if (!a->cert_info.enc.modified && !b->cert_info.enc.modified) { if (!a->cert_info.enc.modified && !b->cert_info.enc.modified) {
if (a->cert_info.enc.len < b->cert_info.enc.len) if (a->cert_info.enc.len < b->cert_info.enc.len)

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -323,9 +323,10 @@ static int sk_X509_contains(STACK_OF(X509) *sk, X509 *cert)
} }
/* /*
* Find in given STACK_OF(X509) sk a non-expired issuer cert (if any) of given cert x. * Find in given STACK_OF(X509) sk an issuer cert of given cert x.
* The issuer must not be the same as x and must not yet be in ctx->chain, where the * The issuer must not yet be in ctx->chain, where the exceptional case
* exceptional case x is self-issued and ctx->chain has just one element is allowed. * that x is self-issued and ctx->chain has just one element is allowed.
* Prefer the first one that is not expired, else take the last expired one.
*/ */
static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
{ {
@ -334,11 +335,7 @@ static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
for (i = 0; i < sk_X509_num(sk); i++) { for (i = 0; i < sk_X509_num(sk); i++) {
issuer = sk_X509_value(sk, i); issuer = sk_X509_value(sk, i);
/* if (ctx->check_issued(ctx, x, issuer)
* Below check 'issuer != x' is an optimization and safety precaution:
* Candidate issuer cert cannot be the same as the subject cert 'x'.
*/
if (issuer != x && ctx->check_issued(ctx, x, issuer)
&& (((x->ex_flags & EXFLAG_SI) != 0 && sk_X509_num(ctx->chain) == 1) && (((x->ex_flags & EXFLAG_SI) != 0 && sk_X509_num(ctx->chain) == 1)
|| !sk_X509_contains(ctx->chain, issuer))) { || !sk_X509_contains(ctx->chain, issuer))) {
rv = issuer; rv = issuer;

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -363,7 +363,7 @@ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
unsigned int *len) unsigned int *len)
{ {
if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0 if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0
&& (data->ex_flags & EXFLAG_INVALID) == 0) { && (data->ex_flags & EXFLAG_NO_FINGERPRINT) == 0) {
/* Asking for SHA1 and we already computed it. */ /* Asking for SHA1 and we already computed it. */
if (len != NULL) if (len != NULL)
*len = sizeof(data->sha1_hash); *len = sizeof(data->sha1_hash);

View File

@ -37,10 +37,13 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
{ {
X509_ATTRIBUTE *ret = NULL; X509_ATTRIBUTE *ret = NULL;
ASN1_TYPE *val = NULL; ASN1_TYPE *val = NULL;
ASN1_OBJECT *oid;
if ((oid = OBJ_nid2obj(nid)) == NULL)
return NULL;
if ((ret = X509_ATTRIBUTE_new()) == NULL) if ((ret = X509_ATTRIBUTE_new()) == NULL)
return NULL; return NULL;
ret->object = OBJ_nid2obj(nid); ret->object = oid;
if ((val = ASN1_TYPE_new()) == NULL) if ((val = ASN1_TYPE_new()) == NULL)
goto err; goto err;
if (!sk_ASN1_TYPE_push(ret->set, val)) if (!sk_ASN1_TYPE_push(ret->set, val))

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -348,14 +348,17 @@ static int setup_crldp(X509 *x)
/* Check that issuer public key algorithm matches subject signature algorithm */ /* Check that issuer public key algorithm matches subject signature algorithm */
static int check_sig_alg_match(const EVP_PKEY *pkey, const X509 *subject) static int check_sig_alg_match(const EVP_PKEY *pkey, const X509 *subject)
{ {
int pkey_nid; int pkey_sig_nid, subj_sig_nid;
if (pkey == NULL) if (pkey == NULL)
return X509_V_ERR_NO_ISSUER_PUBLIC_KEY; return X509_V_ERR_NO_ISSUER_PUBLIC_KEY;
if (OBJ_find_sigid_algs(EVP_PKEY_base_id(pkey),
NULL, &pkey_sig_nid) == 0)
pkey_sig_nid = EVP_PKEY_base_id(pkey);
if (OBJ_find_sigid_algs(OBJ_obj2nid(subject->cert_info.signature.algorithm), if (OBJ_find_sigid_algs(OBJ_obj2nid(subject->cert_info.signature.algorithm),
NULL, &pkey_nid) == 0) NULL, &subj_sig_nid) == 0)
return X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM; return X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM;
if (EVP_PKEY_type(pkey_nid) != EVP_PKEY_base_id(pkey)) if (pkey_sig_nid != EVP_PKEY_type(subj_sig_nid))
return X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH; return X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH;
return X509_V_OK; return X509_V_OK;
} }
@ -391,7 +394,8 @@ static void x509v3_cache_extensions(X509 *x)
} }
if (!X509_digest(x, EVP_sha1(), x->sha1_hash, NULL)) if (!X509_digest(x, EVP_sha1(), x->sha1_hash, NULL))
x->ex_flags |= EXFLAG_INVALID; x->ex_flags |= (EXFLAG_NO_FINGERPRINT | EXFLAG_INVALID);
/* V1 should mean no extensions ... */ /* V1 should mean no extensions ... */
if (!X509_get_version(x)) if (!X509_get_version(x))
x->ex_flags |= EXFLAG_V1; x->ex_flags |= EXFLAG_V1;

0
crypto/openssl/crypto/x86_64cpuid.pl Normal file → Executable file
View File

0
crypto/openssl/crypto/x86cpuid.pl Normal file → Executable file
View File

View File

@ -163,7 +163,7 @@ self-signed certificate.
=item B<-passin arg> =item B<-passin arg>
The key password source. For more information about the format of B<arg> The key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-notext> =item B<-notext>
@ -759,7 +759,7 @@ L<config(5)>, L<x509v3_config(5)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -465,7 +465,7 @@ or to modify default parameters for ECDH.
=item B<-passin arg> =item B<-passin arg>
The private key password source. For more information about the format of B<arg> The private key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-rand file...> =item B<-rand file...>
@ -735,7 +735,7 @@ The -no_alt_chains option was added in OpenSSL 1.0.2b.
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -56,7 +56,7 @@ output by default.
Specifies a filename containing one or more certificates in B<PEM> format. Specifies a filename containing one or more certificates in B<PEM> format.
All certificates in the file will be added to the PKCS#7 structure. This All certificates in the file will be added to the PKCS#7 structure. This
option can be used more than once to read certificates form multiple option can be used more than once to read certificates from multiple
files. files.
=item B<-nocrl> =item B<-nocrl>
@ -96,7 +96,7 @@ L<pkcs7(1)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -109,7 +109,7 @@ Names and values of these options are algorithm-specific.
=item B<-passin arg> =item B<-passin arg>
The private key password source. For more information about the format of B<arg> The private key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-verify filename> =item B<-verify filename>
@ -241,7 +241,7 @@ The FIPS-related options were removed in OpenSSL 1.1.0.
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -75,7 +75,7 @@ prompted for.
=item B<-passin arg> =item B<-passin arg>
The input file password source. For more information about the format of B<arg> The input file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-out filename> =item B<-out filename>
@ -87,7 +87,7 @@ filename.
=item B<-passout arg> =item B<-passout arg>
The output file password source. For more information about the format of B<arg> The output file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea> =item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea>
@ -172,7 +172,7 @@ L<genrsa(1)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -68,7 +68,7 @@ prompted for.
=item B<-passin arg> =item B<-passin arg>
The input file password source. For more information about the format of B<arg> The input file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-out filename> =item B<-out filename>
@ -80,7 +80,7 @@ filename.
=item B<-passout arg> =item B<-passout arg>
The output file password source. For more information about the format of B<arg> The output file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-des|-des3|-idea> =item B<-des|-des3|-idea>
@ -193,7 +193,7 @@ L<ecparam(1)>, L<dsa(1)>, L<rsa(1)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2003-2019 The OpenSSL Project Authors. All Rights Reserved. Copyright 2003-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -76,7 +76,7 @@ The output filename, standard output by default.
=item B<-pass arg> =item B<-pass arg>
The password source. For more information about the format of B<arg> The password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-e> =item B<-e>
@ -428,7 +428,7 @@ The B<-list> option was added in OpenSSL 1.1.1e.
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -44,7 +44,7 @@ This specifies the output format DER or PEM. The default format is PEM.
=item B<-pass arg> =item B<-pass arg>
The output file password source. For more information about the format of B<arg> The output file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-I<cipher>> =item B<-I<cipher>>
@ -325,7 +325,7 @@ The ability to generate X448, ED25519 and ED448 keys was added in OpenSSL 1.1.1.
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved. Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -51,7 +51,7 @@ standard output is used.
=item B<-passout arg> =item B<-passout arg>
The output file password source. For more information about the format The output file password source. For more information about the format
of B<arg> see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. of B<arg> see L<openssl(1)/Pass Phrase Options>.
=item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea> =item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea>
@ -118,7 +118,7 @@ L<gendsa(1)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -78,14 +78,12 @@ default. They are all written in PEM format.
=item B<-passin arg> =item B<-passin arg>
The PKCS#12 file (i.e. input file) password source. For more information about The PKCS#12 file (i.e. input file) password source. For more information about
the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in the format of B<arg> see L<openssl(1)/Pass Phrase Options>.
L<openssl(1)>.
=item B<-passout arg> =item B<-passout arg>
Pass phrase source to encrypt any outputted private keys with. For more Pass phrase source to encrypt any outputted private keys with. For more
information about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section information about the format of B<arg> see L<openssl(1)/Pass Phrase Options>.
in L<openssl(1)>.
=item B<-password arg> =item B<-password arg>
@ -206,14 +204,12 @@ displays them.
=item B<-pass arg>, B<-passout arg> =item B<-pass arg>, B<-passout arg>
The PKCS#12 file (i.e. output file) password source. For more information about The PKCS#12 file (i.e. output file) password source. For more information about
the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in the format of B<arg> see L<openssl(1)/Pass Phrase Options>.
L<openssl(1)>.
=item B<-passin password> =item B<-passin password>
Pass phrase source to decrypt any input private keys with. For more information Pass phrase source to decrypt any input private keys with. For more information
about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in about the format of B<arg> see L<openssl(1)/Pass Phrase Options>.
L<openssl(1)>.
=item B<-chain> =item B<-chain>
@ -383,7 +379,7 @@ L<pkcs8(1)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -75,7 +75,7 @@ prompted for.
=item B<-passin arg> =item B<-passin arg>
The input file password source. For more information about the format of B<arg> The input file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-out filename> =item B<-out filename>
@ -87,7 +87,7 @@ filename.
=item B<-passout arg> =item B<-passout arg>
The output file password source. For more information about the format of B<arg> The output file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-iter count> =item B<-iter count>
@ -309,7 +309,7 @@ The B<-iter> option was added in OpenSSL 1.1.0.
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -57,7 +57,7 @@ prompted for.
=item B<-passin arg> =item B<-passin arg>
The input file password source. For more information about the format of B<arg> The input file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-out filename> =item B<-out filename>
@ -69,7 +69,7 @@ filename.
=item B<-passout password> =item B<-passout password>
The output file password source. For more information about the format of B<arg> The output file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-traditional> =item B<-traditional>
@ -158,7 +158,7 @@ L<dsa(1)>, L<genrsa(1)>, L<gendsa(1)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved. Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -74,7 +74,7 @@ The key format PEM, DER or ENGINE. Default is PEM.
=item B<-passin arg> =item B<-passin arg>
The input key password source. For more information about the format of B<arg> The input key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-peerkey file> =item B<-peerkey file>
@ -327,7 +327,7 @@ L<EVP_PKEY_CTX_set_hkdf_md(3)>, L<EVP_PKEY_CTX_set_tls1_prf_md(3)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -91,7 +91,7 @@ Names and values of these options are algorithm-specific.
=item B<-passin arg> =item B<-passin arg>
The input file password source. For more information about the format of B<arg> The input file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-out filename> =item B<-out filename>
@ -101,7 +101,7 @@ default.
=item B<-passout arg> =item B<-passout arg>
The output file password source. For more information about the format of B<arg> The output file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-text> =item B<-text>
@ -695,7 +695,7 @@ L<x509v3_config(5)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -75,7 +75,7 @@ prompted for.
=item B<-passin arg> =item B<-passin arg>
The input file password source. For more information about the format of B<arg> The input file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-out filename> =item B<-out filename>
@ -87,7 +87,7 @@ filename.
=item B<-passout password> =item B<-passout password>
The output file password source. For more information about the format of B<arg> The output file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea> =item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea>
@ -195,7 +195,7 @@ L<gendsa(1)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -258,7 +258,7 @@ Extra certificate and private key format respectively.
=item B<-pass arg> =item B<-pass arg>
the private key password source. For more information about the format of B<arg> the private key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-verify depth> =item B<-verify depth>
@ -828,7 +828,7 @@ The B<-name> option was added in OpenSSL 1.1.1.
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -297,7 +297,7 @@ The private format to use: DER or PEM. PEM is the default.
=item B<-pass val> =item B<-pass val>
The private key password source. For more information about the format of B<val> The private key password source. For more information about the format of B<val>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-dcert infile>, B<-dkey infile> =item B<-dcert infile>, B<-dkey infile>
@ -845,7 +845,7 @@ The
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -295,7 +295,7 @@ specified, the argument is given to the engine as a key identifier.
=item B<-passin arg> =item B<-passin arg>
The private key password source. For more information about the format of B<arg> The private key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-rand file...> =item B<-rand file...>
@ -514,7 +514,7 @@ The -no_alt_chains option was added in OpenSSL 1.1.0.
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -60,7 +60,7 @@ The default is PEM.
=item B<-passin password> =item B<-passin password>
The input file password source. For more information about the format of B<arg> The input file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-challenge string> =item B<-challenge string>
@ -145,7 +145,7 @@ L<ca(1)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -51,7 +51,7 @@ this option prevents output of the PEM data.
=item B<-passin arg> =item B<-passin arg>
the key password source. For more information about the format of B<arg> the key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-text> =item B<-text>
@ -123,7 +123,7 @@ The B<openssl> B<storeutl> app was added in OpenSSL 1.1.1.
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -242,7 +242,7 @@ The name of the file containing a DER encoded timestamp request. (Optional)
=item B<-passin> password_src =item B<-passin> password_src
Specifies the password source for the private key of the TSA. See Specifies the password source for the private key of the TSA. See
B<PASS PHRASE ARGUMENTS> in L<openssl(1)>. (Optional) L<openssl(1)/Pass Phrase Options>. (Optional)
=item B<-signer> tsa_cert.pem =item B<-signer> tsa_cert.pem
@ -665,7 +665,7 @@ L<config(5)>
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -376,7 +376,7 @@ Names and values of these options are algorithm-specific.
=item B<-passin arg> =item B<-passin arg>
The key password source. For more information about the format of B<arg> The key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>. see L<openssl(1)/Pass Phrase Options>.
=item B<-clrext> =item B<-clrext>
@ -932,7 +932,7 @@ the old form must have their links rebuilt using B<c_rehash> or similar.
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -2,7 +2,8 @@
=head1 NAME =head1 NAME
DH_generate_key, DH_compute_key - perform Diffie-Hellman key exchange DH_generate_key, DH_compute_key, DH_compute_key_padded - perform
Diffie-Hellman key exchange
=head1 SYNOPSIS =head1 SYNOPSIS
@ -10,14 +11,16 @@ DH_generate_key, DH_compute_key - perform Diffie-Hellman key exchange
int DH_generate_key(DH *dh); int DH_generate_key(DH *dh);
int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh);
=head1 DESCRIPTION =head1 DESCRIPTION
DH_generate_key() performs the first step of a Diffie-Hellman key DH_generate_key() performs the first step of a Diffie-Hellman key
exchange by generating private and public DH values. By calling exchange by generating private and public DH values. By calling
DH_compute_key(), these are combined with the other party's public DH_compute_key() or DH_compute_key_padded(), these are combined with
value to compute the shared key. the other party's public value to compute the shared key.
DH_generate_key() expects B<dh> to contain the shared parameters DH_generate_key() expects B<dh> to contain the shared parameters
B<dh-E<gt>p> and B<dh-E<gt>g>. It generates a random private DH value B<dh-E<gt>p> and B<dh-E<gt>g>. It generates a random private DH value
@ -28,6 +31,14 @@ published.
DH_compute_key() computes the shared secret from the private DH value DH_compute_key() computes the shared secret from the private DH value
in B<dh> and the other party's public value in B<pub_key> and stores in B<dh> and the other party's public value in B<pub_key> and stores
it in B<key>. B<key> must point to B<DH_size(dh)> bytes of memory. it in B<key>. B<key> must point to B<DH_size(dh)> bytes of memory.
The padding style is RFC 5246 (8.1.2) that strips leading zero bytes.
It is not constant time due to the leading zero bytes being stripped.
The return value should be considered public.
DH_compute_key_padded() is similar but stores a fixed number of bytes.
The padding style is NIST SP 800-56A (C.1) that retains leading zero bytes.
It is constant time due to the leading zero bytes being retained.
The return value should be considered public.
=head1 RETURN VALUES =head1 RETURN VALUES
@ -36,15 +47,21 @@ DH_generate_key() returns 1 on success, 0 otherwise.
DH_compute_key() returns the size of the shared secret on success, -1 DH_compute_key() returns the size of the shared secret on success, -1
on error. on error.
DH_compute_key_padded() returns B<DH_size(dh)> on success, -1 on error.
The error codes can be obtained by L<ERR_get_error(3)>. The error codes can be obtained by L<ERR_get_error(3)>.
=head1 SEE ALSO =head1 SEE ALSO
L<DH_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>, L<DH_size(3)> L<DH_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>, L<DH_size(3)>
=head1 HISTORY
DH_compute_key_padded() was added in OpenSSL 1.0.2.
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -2,9 +2,15 @@
=head1 NAME =head1 NAME
OCSP_sendreq_new, OCSP_sendreq_nbio, OCSP_REQ_CTX_free, OCSP_sendreq_new,
OCSP_set_max_response_length, OCSP_REQ_CTX_add1_header, OCSP_sendreq_nbio,
OCSP_REQ_CTX_set1_req, OCSP_sendreq_bio - OCSP responder query functions OCSP_REQ_CTX_free,
OCSP_set_max_response_length,
OCSP_REQ_CTX_add1_header,
OCSP_REQ_CTX_set1_req,
OCSP_sendreq_bio,
OCSP_REQ_CTX_i2d
- OCSP responder query functions
=head1 SYNOPSIS =head1 SYNOPSIS
@ -26,6 +32,9 @@ OCSP_REQ_CTX_set1_req, OCSP_sendreq_bio - OCSP responder query functions
OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req); OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req);
int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const char *content_type,
const ASN1_ITEM *it, ASN1_VALUE *req);
=head1 DESCRIPTION =head1 DESCRIPTION
The function OCSP_sendreq_new() returns an B<OCSP_CTX> structure using the The function OCSP_sendreq_new() returns an B<OCSP_CTX> structure using the
@ -51,6 +60,15 @@ additional headers are set.
OCSP_REQ_CTX_set1_req() sets the OCSP request in B<rctx> to B<req>. This OCSP_REQ_CTX_set1_req() sets the OCSP request in B<rctx> to B<req>. This
function should be called after any calls to OCSP_REQ_CTX_add1_header(). function should be called after any calls to OCSP_REQ_CTX_add1_header().
OCSP_REQ_CTX_set1_req(rctx, req) is equivalent to the following:
OCSP_REQ_CTX_i2d(rctx, "application/ocsp-request",
ASN1_ITEM_rptr(OCSP_REQUEST), (ASN1_VALUE *)req)
OCSP_REQ_CTX_i2d() sets the request context B<rctx> to have the request
B<req>, which has the ASN.1 type B<it>.
The B<content_type>, if not NULL, will be included in the HTTP request.
The function should be called after all other headers have already been added.
OCSP_sendreq_bio() performs an OCSP request using the responder B<io>, the URL OCSP_sendreq_bio() performs an OCSP request using the responder B<io>, the URL
path B<path>, and the OCSP request B<req> with a response header maximum line path B<path>, and the OCSP request B<req> with a response header maximum line
@ -64,8 +82,8 @@ an error occurred.
OCSP_sendreq_nbio() returns B<1> if the operation was completed successfully, OCSP_sendreq_nbio() returns B<1> if the operation was completed successfully,
B<-1> if the operation should be retried and B<0> if an error occurred. B<-1> if the operation should be retried and B<0> if an error occurred.
OCSP_REQ_CTX_add1_header() and OCSP_REQ_CTX_set1_req() return B<1> for success OCSP_REQ_CTX_add1_header(), OCSP_REQ_CTX_set1_req(), and OCSP_REQ_CTX_i2d()
and B<0> for failure. return B<1> for success and B<0> for failure.
OCSP_sendreq_bio() returns the B<OCSP_RESPONSE> structure sent by the OCSP_sendreq_bio() returns the B<OCSP_RESPONSE> structure sent by the
responder or B<NULL> if an error occurred. responder or B<NULL> if an error occurred.

View File

@ -104,7 +104,7 @@ before ultimately calling OPENSSL_free().
OPENSSL_cleanse() fills B<ptr> of size B<len> with a string of 0's. OPENSSL_cleanse() fills B<ptr> of size B<len> with a string of 0's.
Use OPENSSL_cleanse() with care if the memory is a mapping of a file. Use OPENSSL_cleanse() with care if the memory is a mapping of a file.
If the storage controller uses write compression, then its possible If the storage controller uses write compression, then it's possible
that sensitive tail bytes will survive zeroization because the block of that sensitive tail bytes will survive zeroization because the block of
zeros will be compressed. If the storage controller uses wear leveling, zeros will be compressed. If the storage controller uses wear leveling,
then the old sensitive data will not be overwritten; rather, a block of then the old sensitive data will not be overwritten; rather, a block of

View File

@ -78,12 +78,17 @@ The certificate contains an unhandled critical extension.
=item B<EXFLAG_INVALID> =item B<EXFLAG_INVALID>
Some certificate extension values are invalid or inconsistent. The Some certificate extension values are invalid or inconsistent.
certificate should be rejected. The certificate should be rejected.
This bit may also be raised after an out-of-memory error while This bit may also be raised after an out-of-memory error while
processing the X509 object, so it may not be related to the processed processing the X509 object, so it may not be related to the processed
ASN1 object itself. ASN1 object itself.
=item B<EXFLAG_NO_FINGERPRINT>
Failed to compute the internal SHA1 hash value of the certificate.
This may be due to malloc failure or because no SHA1 implementation was found.
=item B<EXFLAG_INVALID_POLICY> =item B<EXFLAG_INVALID_POLICY>
The NID_certificate_policies certificate extension is invalid or The NID_certificate_policies certificate extension is invalid or
@ -194,7 +199,7 @@ X509_get_proxy_pathlen() were added in OpenSSL 1.1.0.
=head1 COPYRIGHT =head1 COPYRIGHT
Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy this file except in compliance with the License. You can obtain a copy

View File

@ -1,6 +1,6 @@
/* /*
* Generated by util/mkerr.pl DO NOT EDIT * Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -11,9 +11,7 @@
#ifndef HEADER_EVPERR_H #ifndef HEADER_EVPERR_H
# define HEADER_EVPERR_H # define HEADER_EVPERR_H
# ifndef HEADER_SYMHACKS_H # include <openssl/symhacks.h>
# include <openssl/symhacks.h>
# endif
# ifdef __cplusplus # ifdef __cplusplus
extern "C" extern "C"
@ -179,6 +177,7 @@ int ERR_load_EVP_strings(void);
# define EVP_R_ONLY_ONESHOT_SUPPORTED 177 # define EVP_R_ONLY_ONESHOT_SUPPORTED 177
# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
# define EVP_R_OPERATON_NOT_INITIALIZED 151 # define EVP_R_OPERATON_NOT_INITIALIZED 151
# define EVP_R_OUTPUT_WOULD_OVERFLOW 184
# define EVP_R_PARTIALLY_OVERLAPPING 162 # define EVP_R_PARTIALLY_OVERLAPPING 162
# define EVP_R_PBKDF2_ERROR 181 # define EVP_R_PBKDF2_ERROR 181
# define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179 # define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179

View File

@ -2,7 +2,7 @@
* WARNING: do not edit! * WARNING: do not edit!
* Generated by crypto/objects/objects.pl * Generated by crypto/objects/objects.pl
* *
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at * in the file LICENSE in the source distribution or at

View File

@ -39,8 +39,8 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta) * major minor fix final patch/beta)
*/ */
# define OPENSSL_VERSION_NUMBER 0x1010109fL # define OPENSSL_VERSION_NUMBER 0x101010afL
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1i-freebsd 8 Dec 2020" # define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1j-freebsd 16 Feb 2021"
/*- /*-
* The macros below are to be used for shared library (.so, .dll, ...) * The macros below are to be used for shared library (.so, .dll, ...)

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -364,8 +364,9 @@ struct ISSUING_DIST_POINT_st {
# define EXFLAG_INVALID_POLICY 0x800 # define EXFLAG_INVALID_POLICY 0x800
# define EXFLAG_FRESHEST 0x1000 # define EXFLAG_FRESHEST 0x1000
/* Self signed */ # define EXFLAG_SS 0x2000 /* cert is apparently self-signed */
# define EXFLAG_SS 0x2000
# define EXFLAG_NO_FINGERPRINT 0x100000
# define KU_DIGITAL_SIGNATURE 0x0080 # define KU_DIGITAL_SIGNATURE 0x0080
# define KU_NON_REPUDIATION 0x0040 # define KU_NON_REPUDIATION 0x0040

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -142,10 +142,11 @@ void dtls1_free(SSL *s)
ssl3_free(s); ssl3_free(s);
dtls1_clear_queues(s); if (s->d1 != NULL) {
dtls1_clear_queues(s);
pqueue_free(s->d1->buffered_messages); pqueue_free(s->d1->buffered_messages);
pqueue_free(s->d1->sent_messages); pqueue_free(s->d1->sent_messages);
}
OPENSSL_free(s->d1); OPENSSL_free(s->d1);
s->d1 = NULL; s->d1 = NULL;

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -46,6 +46,9 @@ int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl)
void DTLS_RECORD_LAYER_free(RECORD_LAYER *rl) void DTLS_RECORD_LAYER_free(RECORD_LAYER *rl)
{ {
if (rl->d == NULL)
return;
DTLS_RECORD_LAYER_clear(rl); DTLS_RECORD_LAYER_clear(rl);
pqueue_free(rl->d->unprocessed_rcds.q); pqueue_free(rl->d->unprocessed_rcds.q);
pqueue_free(rl->d->processed_rcds.q); pqueue_free(rl->d->processed_rcds.q);

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved. * Copyright 2005 Nokia. All rights reserved.
* *
@ -539,7 +539,6 @@ struct ssl_session_st {
int not_resumable; int not_resumable;
/* This is the cert and type for the other end. */ /* This is the cert and type for the other end. */
X509 *peer; X509 *peer;
int peer_type;
/* Certificate chain peer sent. */ /* Certificate chain peer sent. */
STACK_OF(X509) *peer_chain; STACK_OF(X509) *peer_chain;
/* /*

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -966,7 +966,8 @@ static int final_server_name(SSL *s, unsigned int context, int sent)
* context, to avoid the confusing situation of having sess_accept_good * context, to avoid the confusing situation of having sess_accept_good
* exceed sess_accept (zero) for the new context. * exceed sess_accept (zero) for the new context.
*/ */
if (SSL_IS_FIRST_HANDSHAKE(s) && s->ctx != s->session_ctx) { if (SSL_IS_FIRST_HANDSHAKE(s) && s->ctx != s->session_ctx
&& s->hello_retry_request == SSL_HRR_NONE) {
tsan_counter(&s->ctx->stats.sess_accept); tsan_counter(&s->ctx->stats.sess_accept);
tsan_decr(&s->session_ctx->stats.sess_accept); tsan_decr(&s->session_ctx->stats.sess_accept);
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved. * Copyright 2005 Nokia. All rights reserved.
* *
@ -1960,7 +1960,6 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt)
goto err; goto err;
} }
} }
s->session->peer_type = certidx;
X509_free(s->session->peer); X509_free(s->session->peer);
X509_up_ref(x); X509_up_ref(x);

View File

@ -1504,8 +1504,8 @@ static int ssl_method_error(const SSL *s, const SSL_METHOD *method)
/* /*
* Only called by servers. Returns 1 if the server has a TLSv1.3 capable * Only called by servers. Returns 1 if the server has a TLSv1.3 capable
* certificate type, or has PSK or a certificate callback configured. Otherwise * certificate type, or has PSK or a certificate callback configured, or has
* returns 0. * a servername callback configured. Otherwise returns 0.
*/ */
static int is_tls13_capable(const SSL *s) static int is_tls13_capable(const SSL *s)
{ {
@ -1515,6 +1515,17 @@ static int is_tls13_capable(const SSL *s)
EC_KEY *eckey; EC_KEY *eckey;
#endif #endif
if (!ossl_assert(s->ctx != NULL) || !ossl_assert(s->session_ctx != NULL))
return 0;
/*
* A servername callback can change the available certs, so if a servername
* cb is set then we just assume TLSv1.3 will be ok
*/
if (s->ctx->ext.servername_cb != NULL
|| s->session_ctx->ext.servername_cb != NULL)
return 1;
#ifndef OPENSSL_NO_PSK #ifndef OPENSSL_NO_PSK
if (s->psk_server_callback != NULL) if (s->psk_server_callback != NULL)
return 1; return 1;