Import OpenSSL 1.1.1e.
This commit is contained in:
parent
fbc3ad1ae1
commit
aa144ced5d
85
CHANGES
85
CHANGES
@ -7,6 +7,73 @@
|
||||
https://github.com/openssl/openssl/commits/ and pick the appropriate
|
||||
release branch.
|
||||
|
||||
Changes between 1.1.1d and 1.1.1e [17 Mar 2020]
|
||||
*) Properly detect EOF while reading in libssl. Previously if we hit an EOF
|
||||
while reading in libssl then we would report an error back to the
|
||||
application (SSL_ERROR_SYSCALL) but errno would be 0. We now add
|
||||
an error to the stack (which means we instead return SSL_ERROR_SSL) and
|
||||
therefore give a hint as to what went wrong.
|
||||
[Matt Caswell]
|
||||
|
||||
*) Check that ed25519 and ed448 are allowed by the security level. Previously
|
||||
signature algorithms not using an MD were not being checked that they were
|
||||
allowed by the security level.
|
||||
[Kurt Roeckx]
|
||||
|
||||
*) Fixed SSL_get_servername() behaviour. The behaviour of SSL_get_servername()
|
||||
was not quite right. The behaviour was not consistent between resumption
|
||||
and normal handshakes, and also not quite consistent with historical
|
||||
behaviour. The behaviour in various scenarios has been clarified and
|
||||
it has been updated to make it match historical behaviour as closely as
|
||||
possible.
|
||||
[Matt Caswell]
|
||||
|
||||
*) [VMS only] The header files that the VMS compilers include automatically,
|
||||
__DECC_INCLUDE_PROLOGUE.H and __DECC_INCLUDE_EPILOGUE.H, use pragmas that
|
||||
the C++ compiler doesn't understand. This is a shortcoming in the
|
||||
compiler, but can be worked around with __cplusplus guards.
|
||||
|
||||
C++ applications that use OpenSSL libraries must be compiled using the
|
||||
qualifier '/NAMES=(AS_IS,SHORTENED)' to be able to use all the OpenSSL
|
||||
functions. Otherwise, only functions with symbols of less than 31
|
||||
characters can be used, as the linker will not be able to successfully
|
||||
resolve symbols with longer names.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Corrected the documentation of the return values from the EVP_DigestSign*
|
||||
set of functions. The documentation mentioned negative values for some
|
||||
errors, but this was never the case, so the mention of negative values
|
||||
was removed.
|
||||
|
||||
Code that followed the documentation and thereby check with something
|
||||
like 'EVP_DigestSignInit(...) <= 0' will continue to work undisturbed.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Fixed an an overflow bug in the x64_64 Montgomery squaring procedure
|
||||
used in exponentiation with 512-bit moduli. No EC algorithms are
|
||||
affected. Analysis suggests that attacks against 2-prime RSA1024,
|
||||
3-prime RSA1536, and DSA1024 as a result of this defect would be very
|
||||
difficult to perform and are not believed likely. Attacks against DH512
|
||||
are considered just feasible. However, for an attack the target would
|
||||
have to re-use the DH512 private key, which is not recommended anyway.
|
||||
Also applications directly using the low level API BN_mod_exp may be
|
||||
affected if they use BN_FLG_CONSTTIME.
|
||||
(CVE-2019-1551)
|
||||
[Andy Polyakov]
|
||||
|
||||
*) Added a new method to gather entropy on VMS, based on SYS$GET_ENTROPY.
|
||||
The presence of this system service is determined at run-time.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Added newline escaping functionality to a filename when using openssl dgst.
|
||||
This output format is to replicate the output format found in the '*sum'
|
||||
checksum programs. This aims to preserve backward compatibility.
|
||||
[Matt Eaton, Richard Levitte, and Paul Dale]
|
||||
|
||||
*) Print all values for a PKCS#12 attribute with 'openssl pkcs12', not just
|
||||
the first value.
|
||||
[Jon Spillett]
|
||||
|
||||
Changes between 1.1.1c and 1.1.1d [10 Sep 2019]
|
||||
|
||||
*) Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random
|
||||
@ -633,9 +700,9 @@
|
||||
bytes long. In theory it is permissible in SSLv3 - TLSv1.2 to fragment such
|
||||
alerts across multiple records (some of which could be empty). In practice
|
||||
it make no sense to send an empty alert record, or to fragment one. TLSv1.3
|
||||
prohibts this altogether and other libraries (BoringSSL, NSS) do not
|
||||
prohibits this altogether and other libraries (BoringSSL, NSS) do not
|
||||
support this at all. Supporting it adds significant complexity to the
|
||||
record layer, and its removal is unlikely to cause inter-operability
|
||||
record layer, and its removal is unlikely to cause interoperability
|
||||
issues.
|
||||
[Matt Caswell]
|
||||
|
||||
@ -3652,7 +3719,7 @@
|
||||
implementations).
|
||||
[Emilia Käsper, Adam Langley, Bodo Moeller (Google)]
|
||||
|
||||
*) Use type ossl_ssize_t instad of ssize_t which isn't available on
|
||||
*) Use type ossl_ssize_t instead of ssize_t which isn't available on
|
||||
all platforms. Move ssize_t definition from e_os.h to the public
|
||||
header file e_os2.h as it now appears in public header file cms.h
|
||||
[Steve Henson]
|
||||
@ -8373,7 +8440,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
|
||||
|
||||
*) New OCSP utility. Allows OCSP requests to be generated or
|
||||
read. The request can be sent to a responder and the output
|
||||
parsed, outputed or printed in text form. Not complete yet:
|
||||
parsed, outputted or printed in text form. Not complete yet:
|
||||
still needs to check the OCSP response validity.
|
||||
[Steve Henson]
|
||||
|
||||
@ -9368,7 +9435,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
|
||||
[Andy Polyakov]
|
||||
|
||||
*) Modified SSL library such that the verify_callback that has been set
|
||||
specificly for an SSL object with SSL_set_verify() is actually being
|
||||
specifically for an SSL object with SSL_set_verify() is actually being
|
||||
used. Before the change, a verify_callback set with this function was
|
||||
ignored and the verify_callback() set in the SSL_CTX at the time of
|
||||
the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
|
||||
@ -10485,10 +10552,10 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
|
||||
as other interfaces in OpenSSL, like the BIO interface.
|
||||
NCONF_dump_* dump the internal storage of the configuration file,
|
||||
which is useful for debugging. All other functions take the same
|
||||
arguments as the old CONF_* functions wth the exception of the
|
||||
arguments as the old CONF_* functions with the exception of the
|
||||
first that must be a `CONF *' instead of a `LHASH *'.
|
||||
|
||||
To make it easer to use the new classes with the old CONF_* functions,
|
||||
To make it easier to use the new classes with the old CONF_* functions,
|
||||
the function CONF_set_default_method is provided.
|
||||
[Richard Levitte]
|
||||
|
||||
@ -12331,7 +12398,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
|
||||
than the old method: it now uses a modified version of Ulf's parser to
|
||||
read the ANSI prototypes in all header files (thus the old K&R definitions
|
||||
aren't needed for error creation any more) and do a better job of
|
||||
translating function codes into names. The old 'ASN1 error code imbedded
|
||||
translating function codes into names. The old 'ASN1 error code embedded
|
||||
in a comment' is no longer necessary and it doesn't use .err files which
|
||||
have now been deleted. Also the error code call doesn't have to appear all
|
||||
on one line (which resulted in some large lines...).
|
||||
@ -12632,7 +12699,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
|
||||
|
||||
*) Add a useful kludge to allow package maintainers to specify compiler and
|
||||
other platforms details on the command line without having to patch the
|
||||
Configure script everytime: One now can use ``perl Configure
|
||||
Configure script every time: One now can use ``perl Configure
|
||||
<id>:<details>'', i.e. platform ids are allowed to have details appended
|
||||
to them (separated by colons). This is treated as there would be a static
|
||||
pre-configured entry in Configure's %table under key <id> with value
|
||||
|
@ -58,7 +58,7 @@ guidelines:
|
||||
consider adding a note in CHANGES. This could be a summarising
|
||||
description of the change, and could explain the grander details.
|
||||
Have a look through existing entries for inspiration.
|
||||
Please note that this is NOT simply a copy of git-log oneliners.
|
||||
Please note that this is NOT simply a copy of git-log one-liners.
|
||||
Also note that security fixes get an entry in CHANGES.
|
||||
This file helps users get more in depth information of what comes
|
||||
with a specific release without having to sift through the higher
|
||||
|
154
Configure
154
Configure
@ -1,6 +1,6 @@
|
||||
#! /usr/bin/env perl
|
||||
# -*- mode: perl; -*-
|
||||
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -69,7 +69,15 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lx
|
||||
# no-sse2 disables IA-32 SSE2 code in assembly modules, the above
|
||||
# mentioned '386' option implies this one
|
||||
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
|
||||
# -<xxx> +<xxx> compiler options are passed through
|
||||
# -<xxx> +<xxx> All options which are unknown to the 'Configure' script are
|
||||
# /<xxx> passed through to the compiler. Unix-style options beginning
|
||||
# with a '-' or '+' are recognized, as well as Windows-style
|
||||
# options beginning with a '/'. If the option contains arguments
|
||||
# separated by spaces, then the URL-style notation %20 can be
|
||||
# used for the space character in order to avoid having to quote
|
||||
# the option. For example, -opt%20arg gets expanded to -opt arg.
|
||||
# In fact, any ASCII character can be encoded as %xx using its
|
||||
# hexadecimal encoding.
|
||||
# -static while -static is also a pass-through compiler option (and
|
||||
# as such is limited to environments where it's actually
|
||||
# meaningful), it triggers a number configuration options,
|
||||
@ -152,6 +160,10 @@ my @clang_devteam_warn = qw(
|
||||
-Wmissing-variable-declarations
|
||||
);
|
||||
|
||||
my @cl_devteam_warn = qw(
|
||||
/WX
|
||||
);
|
||||
|
||||
# This adds backtrace information to the memory leak info. Is only used
|
||||
# when crypto-mdebug-backtrace is enabled.
|
||||
my $memleak_devteam_backtrace = "-rdynamic";
|
||||
@ -346,6 +358,7 @@ my @disablables = (
|
||||
"dgram",
|
||||
"dh",
|
||||
"dsa",
|
||||
"dso",
|
||||
"dtls",
|
||||
"dynamic-engine",
|
||||
"ec",
|
||||
@ -423,7 +436,6 @@ my %deprecated_disablables = (
|
||||
"buf-freelists" => undef,
|
||||
"ripemd" => "rmd160",
|
||||
"ui" => "ui-console",
|
||||
"dso" => "", # Empty string means we're silent about it
|
||||
);
|
||||
|
||||
# All of the following are disabled by default:
|
||||
@ -480,6 +492,7 @@ my @disable_cascades = (
|
||||
# Without position independent code, there can be no shared libraries or DSOs
|
||||
"pic" => [ "shared" ],
|
||||
"shared" => [ "dynamic-engine" ],
|
||||
"dso" => [ "dynamic-engine" ],
|
||||
"engine" => [ "afalgeng", "devcryptoeng" ],
|
||||
|
||||
# no-autoalginit is only useful when building non-shared
|
||||
@ -520,7 +533,7 @@ while ((my $first, my $second) = (shift @list, shift @list)) {
|
||||
|
||||
&usage if ($#ARGV < 0);
|
||||
|
||||
# For the "make variables" CINCLUDES and CDEFINES, we support lists with
|
||||
# For the "make variables" CPPINCLUDES and CPPDEFINES, we support lists with
|
||||
# platform specific list separators. Users from those platforms should
|
||||
# recognise those separators from how you set up the PATH to find executables.
|
||||
# The default is the Unix like separator, :, but as an exception, we also
|
||||
@ -776,7 +789,7 @@ while (@argvcopy)
|
||||
{
|
||||
die "FIPS mode not supported\n";
|
||||
}
|
||||
elsif (/^[-+]/)
|
||||
elsif (m|^[-+/]|)
|
||||
{
|
||||
if (/^--prefix=(.*)$/)
|
||||
{
|
||||
@ -853,11 +866,11 @@ while (@argvcopy)
|
||||
{
|
||||
push @{$useradd{LDFLAGS}}, $_;
|
||||
}
|
||||
elsif (/^-D(.*)$/)
|
||||
elsif (m|^[-/]D(.*)$|)
|
||||
{
|
||||
push @{$useradd{CPPDEFINES}}, $1;
|
||||
}
|
||||
elsif (/^-I(.*)$/)
|
||||
elsif (m|^[-/]I(.*)$|)
|
||||
{
|
||||
push @{$useradd{CPPINCLUDES}}, $1;
|
||||
}
|
||||
@ -867,11 +880,23 @@ while (@argvcopy)
|
||||
}
|
||||
else # common if (/^[-+]/), just pass down...
|
||||
{
|
||||
# Treat %xx as an ASCII code (e.g. replace %20 by a space character).
|
||||
# This provides a simple way to pass options with arguments separated
|
||||
# by spaces without quoting (e.g. -opt%20arg translates to -opt arg).
|
||||
$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
|
||||
push @{$useradd{CFLAGS}}, $_;
|
||||
push @{$useradd{CXXFLAGS}}, $_;
|
||||
}
|
||||
}
|
||||
elsif (m|^/|)
|
||||
{
|
||||
# Treat %xx as an ASCII code (e.g. replace %20 by a space character).
|
||||
# This provides a simple way to pass options with arguments separated
|
||||
# by spaces without quoting (e.g. /opt%20arg translates to /opt arg).
|
||||
$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
|
||||
push @{$useradd{CFLAGS}}, $_;
|
||||
push @{$useradd{CXXFLAGS}}, $_;
|
||||
}
|
||||
else
|
||||
{
|
||||
die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
|
||||
@ -949,7 +974,11 @@ foreach (keys %user) {
|
||||
|
||||
if (defined $value) {
|
||||
if (ref $user{$_} eq 'ARRAY') {
|
||||
if ($_ eq 'CPPDEFINES' || $_ eq 'CPPINCLUDES') {
|
||||
$user{$_} = [ split /$list_separator_re/, $value ];
|
||||
} else {
|
||||
$user{$_} = [ $value ];
|
||||
}
|
||||
} elsif (!defined $user{$_}) {
|
||||
$user{$_} = $value;
|
||||
}
|
||||
@ -1162,43 +1191,6 @@ foreach (keys %useradd) {
|
||||
# Allow overriding the build file name
|
||||
$config{build_file} = env('BUILDFILE') || $target{build_file} || "Makefile";
|
||||
|
||||
my %disabled_info = (); # For configdata.pm
|
||||
foreach my $what (sort keys %disabled) {
|
||||
$config{options} .= " no-$what";
|
||||
|
||||
if (!grep { $what eq $_ } ( 'buildtest-c++', 'threads', 'shared', 'pic',
|
||||
'dynamic-engine', 'makedepend',
|
||||
'zlib-dynamic', 'zlib', 'sse2' )) {
|
||||
(my $WHAT = uc $what) =~ s|-|_|g;
|
||||
|
||||
# Fix up C macro end names
|
||||
$WHAT = "RMD160" if $what eq "ripemd";
|
||||
|
||||
# fix-up crypto/directory name(s)
|
||||
$what = "ripemd" if $what eq "rmd160";
|
||||
$what = "whrlpool" if $what eq "whirlpool";
|
||||
|
||||
my $macro = $disabled_info{$what}->{macro} = "OPENSSL_NO_$WHAT";
|
||||
|
||||
if ((grep { $what eq $_ } @{$config{sdirs}})
|
||||
&& $what ne 'async' && $what ne 'err') {
|
||||
@{$config{sdirs}} = grep { $what ne $_} @{$config{sdirs}};
|
||||
$disabled_info{$what}->{skipped} = [ catdir('crypto', $what) ];
|
||||
|
||||
if ($what ne 'engine') {
|
||||
push @{$config{openssl_algorithm_defines}}, $macro;
|
||||
} else {
|
||||
@{$config{dirs}} = grep !/^engines$/, @{$config{dirs}};
|
||||
push @{$disabled_info{engine}->{skipped}}, catdir('engines');
|
||||
push @{$config{openssl_other_defines}}, $macro;
|
||||
}
|
||||
} else {
|
||||
push @{$config{openssl_other_defines}}, $macro;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
# Make sure build_scheme is consistent.
|
||||
$target{build_scheme} = [ $target{build_scheme} ]
|
||||
if ref($target{build_scheme}) ne "ARRAY";
|
||||
@ -1288,10 +1280,8 @@ if ($target{shared_target} eq "")
|
||||
}
|
||||
|
||||
if ($disabled{"dynamic-engine"}) {
|
||||
push @{$config{openssl_other_defines}}, "OPENSSL_NO_DYNAMIC_ENGINE";
|
||||
$config{dynamic_engines} = 0;
|
||||
} else {
|
||||
push @{$config{openssl_other_defines}}, "OPENSSL_NO_STATIC_ENGINE";
|
||||
$config{dynamic_engines} = 1;
|
||||
}
|
||||
|
||||
@ -1375,6 +1365,7 @@ unless ($disabled{asm}) {
|
||||
}
|
||||
if ($target{aes_asm_src}) {
|
||||
push @{$config{lib_defines}}, "AES_ASM" if ($target{aes_asm_src} =~ m/\baes-/);;
|
||||
push @{$config{lib_defines}}, "AESNI_ASM" if ($target{aes_asm_src} =~ m/\baesni-/);;
|
||||
# aes-ctr.fake is not a real file, only indication that assembler
|
||||
# module implements AES_ctr32_encrypt...
|
||||
push @{$config{lib_defines}}, "AES_CTR_ASM" if ($target{aes_asm_src} =~ s/\s*aes-ctr\.fake//);
|
||||
@ -1501,12 +1492,21 @@ if ($strict_warnings)
|
||||
my $wopt;
|
||||
my $gccver = $predefined_C{__GNUC__} // -1;
|
||||
|
||||
warn "WARNING --strict-warnings requires gcc[>=4] or gcc-alike"
|
||||
unless $gccver >= 4;
|
||||
if ($gccver >= 4)
|
||||
{
|
||||
push @strict_warnings_collection, @gcc_devteam_warn;
|
||||
push @strict_warnings_collection, @clang_devteam_warn
|
||||
if (defined($predefined_C{__clang__}));
|
||||
}
|
||||
elsif ($config{target} =~ /^VC-/)
|
||||
{
|
||||
push @strict_warnings_collection, @cl_devteam_warn;
|
||||
}
|
||||
else
|
||||
{
|
||||
warn "WARNING --strict-warnings requires gcc[>=4] or gcc-alike, or MSVC"
|
||||
}
|
||||
}
|
||||
|
||||
if (grep { $_ eq '-static' } @{$config{LDFLAGS}}) {
|
||||
disable('static', 'pic', 'threads');
|
||||
@ -1552,7 +1552,20 @@ unless ($disabled{afalgeng}) {
|
||||
}
|
||||
}
|
||||
|
||||
push @{$config{openssl_other_defines}}, "OPENSSL_NO_AFALGENG" if ($disabled{afalgeng});
|
||||
unless ($disabled{devcryptoeng}) {
|
||||
if ($target =~ m/^BSD/) {
|
||||
my $maxver = 5*100 + 7;
|
||||
my $sysstr = `uname -s`;
|
||||
my $verstr = `uname -r`;
|
||||
$sysstr =~ s|\R$||;
|
||||
$verstr =~ s|\R$||;
|
||||
my ($ma, $mi, @rest) = split m|\.|, $verstr;
|
||||
my $ver = $ma*100 + $mi;
|
||||
if ($sysstr eq 'OpenBSD' && $ver >= $maxver) {
|
||||
disable('too-new-kernel', 'devcryptoeng');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Get the extra flags used when building shared libraries and modules. We
|
||||
# do this late because some of them depend on %disabled.
|
||||
@ -1597,6 +1610,49 @@ $target{module_ldflags} = $target{shared_ldflag} unless defined $target{module_l
|
||||
|
||||
# ALL MODIFICATIONS TO %disabled, %config and %target MUST BE DONE FROM HERE ON
|
||||
|
||||
my %disabled_info = (); # For configdata.pm
|
||||
foreach my $what (sort keys %disabled) {
|
||||
$config{options} .= " no-$what";
|
||||
|
||||
if (!grep { $what eq $_ } ( 'buildtest-c++', 'threads', 'shared', 'pic',
|
||||
'dynamic-engine', 'makedepend',
|
||||
'zlib-dynamic', 'zlib', 'sse2' )) {
|
||||
(my $WHAT = uc $what) =~ s|-|_|g;
|
||||
|
||||
# Fix up C macro end names
|
||||
$WHAT = "RMD160" if $what eq "ripemd";
|
||||
|
||||
# fix-up crypto/directory name(s)
|
||||
$what = "ripemd" if $what eq "rmd160";
|
||||
$what = "whrlpool" if $what eq "whirlpool";
|
||||
|
||||
my $macro = $disabled_info{$what}->{macro} = "OPENSSL_NO_$WHAT";
|
||||
|
||||
if ((grep { $what eq $_ } @{$config{sdirs}})
|
||||
&& $what ne 'async' && $what ne 'err' && $what ne 'dso') {
|
||||
@{$config{sdirs}} = grep { $what ne $_} @{$config{sdirs}};
|
||||
$disabled_info{$what}->{skipped} = [ catdir('crypto', $what) ];
|
||||
|
||||
if ($what ne 'engine') {
|
||||
push @{$config{openssl_algorithm_defines}}, $macro;
|
||||
} else {
|
||||
@{$config{dirs}} = grep !/^engines$/, @{$config{dirs}};
|
||||
push @{$disabled_info{engine}->{skipped}}, catdir('engines');
|
||||
push @{$config{openssl_other_defines}}, $macro;
|
||||
}
|
||||
} else {
|
||||
push @{$config{openssl_other_defines}}, $macro;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
if ($disabled{"dynamic-engine"}) {
|
||||
push @{$config{openssl_other_defines}}, "OPENSSL_NO_DYNAMIC_ENGINE";
|
||||
} else {
|
||||
push @{$config{openssl_other_defines}}, "OPENSSL_NO_STATIC_ENGINE";
|
||||
}
|
||||
|
||||
# If we use the unified build, collect information from build.info files
|
||||
my %unified_info = ();
|
||||
|
||||
|
@ -11,7 +11,7 @@ First, read http://wiki.freebsd.org/SubversionPrimer/VendorImports
|
||||
# Xlist
|
||||
setenv XLIST /FreeBSD/work/openssl/svn-FREEBSD-files/FREEBSD-Xlist
|
||||
setenv FSVN "svn+ssh://repo.freebsd.org/base"
|
||||
setenv OSSLVER 1.1.1d
|
||||
setenv OSSLVER 1.1.1e
|
||||
|
||||
###setenv OSSLTAG v`echo ${OSSLVER} | tr . _`
|
||||
|
||||
|
20
INSTALL
20
INSTALL
@ -351,6 +351,9 @@
|
||||
Don't build support for datagram based BIOs. Selecting this
|
||||
option will also force the disabling of DTLS.
|
||||
|
||||
no-dso
|
||||
Don't build support for loading Dynamic Shared Objects.
|
||||
|
||||
enable-devcryptoeng
|
||||
Build the /dev/crypto engine. It is automatically selected
|
||||
on BSD implementations, in which case it can be disabled with
|
||||
@ -605,10 +608,19 @@
|
||||
Take note of the VAR=value documentation below and how
|
||||
these flags interact with those variables.
|
||||
|
||||
-xxx, +xxx
|
||||
-xxx, +xxx, /xxx
|
||||
Additional options that are not otherwise recognised are
|
||||
passed through as they are to the compiler as well. Again,
|
||||
consult your compiler documentation.
|
||||
passed through as they are to the compiler as well.
|
||||
Unix-style options beginning with a '-' or '+' and
|
||||
Windows-style options beginning with a '/' are recognized.
|
||||
Again, consult your compiler documentation.
|
||||
|
||||
If the option contains arguments separated by spaces,
|
||||
then the URL-style notation %20 can be used for the space
|
||||
character in order to avoid having to quote the option.
|
||||
For example, -opt%20arg gets expanded to -opt arg.
|
||||
In fact, any ASCII character can be encoded as %xx using its
|
||||
hexadecimal encoding.
|
||||
|
||||
Take note of the VAR=value documentation below and how
|
||||
these flags interact with those variables.
|
||||
@ -1071,7 +1083,7 @@
|
||||
|
||||
HASHBANGPERL
|
||||
The command string for the Perl executable to insert in the
|
||||
#! line of perl scripts that will be publically installed.
|
||||
#! line of perl scripts that will be publicly installed.
|
||||
Default: /usr/bin/env perl
|
||||
Note: the value of this variable is added to the same scripts
|
||||
on all platforms, but it's only relevant on Unix-like platforms.
|
||||
|
5
NEWS
5
NEWS
@ -5,6 +5,11 @@
|
||||
This file gives a brief overview of the major changes between each OpenSSL
|
||||
release. For more details please read the CHANGES file.
|
||||
|
||||
Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [17 Mar 2020]
|
||||
|
||||
o Fixed an overflow bug in the x64_64 Montgomery squaring procedure
|
||||
used in exponentiation with 512-bit moduli (CVE-2019-1551)
|
||||
|
||||
Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019]
|
||||
|
||||
o Fixed a fork protection issue (CVE-2019-1549)
|
||||
|
2
README
2
README
@ -1,5 +1,5 @@
|
||||
|
||||
OpenSSL 1.1.1d 10 Sep 2019
|
||||
OpenSSL 1.1.1e 17 Mar 2020
|
||||
|
||||
Copyright (c) 1998-2019 The OpenSSL Project
|
||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||
|
30
apps/apps.c
30
apps/apps.c
@ -1962,26 +1962,46 @@ unsigned char *next_protos_parse(size_t *outlen, const char *in)
|
||||
size_t len;
|
||||
unsigned char *out;
|
||||
size_t i, start = 0;
|
||||
size_t skipped = 0;
|
||||
|
||||
len = strlen(in);
|
||||
if (len >= 65535)
|
||||
if (len == 0 || len >= 65535)
|
||||
return NULL;
|
||||
|
||||
out = app_malloc(strlen(in) + 1, "NPN buffer");
|
||||
out = app_malloc(len + 1, "NPN buffer");
|
||||
for (i = 0; i <= len; ++i) {
|
||||
if (i == len || in[i] == ',') {
|
||||
/*
|
||||
* Zero-length ALPN elements are invalid on the wire, we could be
|
||||
* strict and reject the entire string, but just ignoring extra
|
||||
* commas seems harmless and more friendly.
|
||||
*
|
||||
* Every comma we skip in this way puts the input buffer another
|
||||
* byte ahead of the output buffer, so all stores into the output
|
||||
* buffer need to be decremented by the number commas skipped.
|
||||
*/
|
||||
if (i == start) {
|
||||
++start;
|
||||
++skipped;
|
||||
continue;
|
||||
}
|
||||
if (i - start > 255) {
|
||||
OPENSSL_free(out);
|
||||
return NULL;
|
||||
}
|
||||
out[start] = (unsigned char)(i - start);
|
||||
out[start-skipped] = (unsigned char)(i - start);
|
||||
start = i + 1;
|
||||
} else {
|
||||
out[i + 1] = in[i];
|
||||
out[i + 1 - skipped] = in[i];
|
||||
}
|
||||
}
|
||||
|
||||
*outlen = len + 1;
|
||||
if (len <= skipped) {
|
||||
OPENSSL_free(out);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
*outlen = len + 1 - skipped;
|
||||
return out;
|
||||
}
|
||||
|
||||
|
@ -7,8 +7,8 @@
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef HEADER_APPS_H
|
||||
# define HEADER_APPS_H
|
||||
#ifndef OSSL_APPS_H
|
||||
# define OSSL_APPS_H
|
||||
|
||||
# include "e_os.h" /* struct timeval for DTLS */
|
||||
# include "internal/nelem.h"
|
||||
|
126
apps/dgst.c
126
apps/dgst.c
@ -19,6 +19,7 @@
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/hmac.h>
|
||||
#include <ctype.h>
|
||||
|
||||
#undef BUFSIZE
|
||||
#define BUFSIZE 1024*8
|
||||
@ -27,9 +28,15 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||
EVP_PKEY *key, unsigned char *sigin, int siglen,
|
||||
const char *sig_name, const char *md_name,
|
||||
const char *file);
|
||||
static void show_digests(const OBJ_NAME *name, void *bio_);
|
||||
|
||||
struct doall_dgst_digests {
|
||||
BIO *bio;
|
||||
int n;
|
||||
};
|
||||
|
||||
typedef enum OPTION_choice {
|
||||
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
|
||||
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_LIST,
|
||||
OPT_C, OPT_R, OPT_OUT, OPT_SIGN, OPT_PASSIN, OPT_VERIFY,
|
||||
OPT_PRVERIFY, OPT_SIGNATURE, OPT_KEYFORM, OPT_ENGINE, OPT_ENGINE_IMPL,
|
||||
OPT_HEX, OPT_BINARY, OPT_DEBUG, OPT_FIPS_FINGERPRINT,
|
||||
@ -43,6 +50,7 @@ const OPTIONS dgst_options[] = {
|
||||
{OPT_HELP_STR, 1, '-',
|
||||
" file... files to digest (default is stdin)\n"},
|
||||
{"help", OPT_HELP, '-', "Display this summary"},
|
||||
{"list", OPT_LIST, '-', "List digests"},
|
||||
{"c", OPT_C, '-', "Print the digest with separating colons"},
|
||||
{"r", OPT_R, '-', "Print the digest in coreutils format"},
|
||||
{"out", OPT_OUT, '>', "Output to filename rather than stdout"},
|
||||
@ -91,6 +99,7 @@ int dgst_main(int argc, char **argv)
|
||||
int i, ret = 1, out_bin = -1, want_pub = 0, do_verify = 0;
|
||||
unsigned char *buf = NULL, *sigbuf = NULL;
|
||||
int engine_impl = 0;
|
||||
struct doall_dgst_digests dec;
|
||||
|
||||
prog = opt_progname(argv[0]);
|
||||
buf = app_malloc(BUFSIZE, "I/O buffer");
|
||||
@ -108,6 +117,15 @@ int dgst_main(int argc, char **argv)
|
||||
opt_help(dgst_options);
|
||||
ret = 0;
|
||||
goto end;
|
||||
case OPT_LIST:
|
||||
BIO_printf(bio_out, "Supported digests:\n");
|
||||
dec.bio = bio_out;
|
||||
dec.n = 0;
|
||||
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH,
|
||||
show_digests, &dec);
|
||||
BIO_printf(bio_out, "\n");
|
||||
ret = 0;
|
||||
goto end;
|
||||
case OPT_C:
|
||||
separator = 1;
|
||||
break;
|
||||
@ -413,20 +431,86 @@ int dgst_main(int argc, char **argv)
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void show_digests(const OBJ_NAME *name, void *arg)
|
||||
{
|
||||
struct doall_dgst_digests *dec = (struct doall_dgst_digests *)arg;
|
||||
const EVP_MD *md = NULL;
|
||||
|
||||
/* Filter out signed digests (a.k.a signature algorithms) */
|
||||
if (strstr(name->name, "rsa") != NULL || strstr(name->name, "RSA") != NULL)
|
||||
return;
|
||||
|
||||
if (!islower((unsigned char)*name->name))
|
||||
return;
|
||||
|
||||
/* Filter out message digests that we cannot use */
|
||||
md = EVP_get_digestbyname(name->name);
|
||||
if (md == NULL)
|
||||
return;
|
||||
|
||||
BIO_printf(dec->bio, "-%-25s", name->name);
|
||||
if (++dec->n == 3) {
|
||||
BIO_printf(dec->bio, "\n");
|
||||
dec->n = 0;
|
||||
} else {
|
||||
BIO_printf(dec->bio, " ");
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* The newline_escape_filename function performs newline escaping for any
|
||||
* filename that contains a newline. This function also takes a pointer
|
||||
* to backslash. The backslash pointer is a flag to indicating whether a newline
|
||||
* is present in the filename. If a newline is present, the backslash flag is
|
||||
* set and the output format will contain a backslash at the beginning of the
|
||||
* digest output. This output format is to replicate the output format found
|
||||
* in the '*sum' checksum programs. This aims to preserve backward
|
||||
* compatibility.
|
||||
*/
|
||||
static const char *newline_escape_filename(const char *file, int * backslash)
|
||||
{
|
||||
size_t i, e = 0, length = strlen(file), newline_count = 0, mem_len = 0;
|
||||
char *file_cpy = NULL;
|
||||
|
||||
for (i = 0; i < length; i++)
|
||||
if (file[i] == '\n')
|
||||
newline_count++;
|
||||
|
||||
mem_len = length + newline_count + 1;
|
||||
file_cpy = app_malloc(mem_len, file);
|
||||
i = 0;
|
||||
|
||||
while(e < length) {
|
||||
const char c = file[e];
|
||||
if (c == '\n') {
|
||||
file_cpy[i++] = '\\';
|
||||
file_cpy[i++] = 'n';
|
||||
*backslash = 1;
|
||||
} else {
|
||||
file_cpy[i++] = c;
|
||||
}
|
||||
e++;
|
||||
}
|
||||
file_cpy[i] = '\0';
|
||||
return (const char*)file_cpy;
|
||||
}
|
||||
|
||||
|
||||
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||
EVP_PKEY *key, unsigned char *sigin, int siglen,
|
||||
const char *sig_name, const char *md_name,
|
||||
const char *file)
|
||||
{
|
||||
size_t len;
|
||||
int i;
|
||||
size_t len = BUFSIZE;
|
||||
int i, backslash = 0, ret = 1;
|
||||
unsigned char *sigbuf = NULL;
|
||||
|
||||
while (BIO_pending(bp) || !BIO_eof(bp)) {
|
||||
i = BIO_read(bp, (char *)buf, BUFSIZE);
|
||||
if (i < 0) {
|
||||
BIO_printf(bio_err, "Read Error in %s\n", file);
|
||||
ERR_print_errors(bio_err);
|
||||
return 1;
|
||||
goto end;
|
||||
}
|
||||
if (i == 0)
|
||||
break;
|
||||
@ -439,37 +523,51 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||
BIO_printf(out, "Verified OK\n");
|
||||
} else if (i == 0) {
|
||||
BIO_printf(out, "Verification Failure\n");
|
||||
return 1;
|
||||
goto end;
|
||||
} else {
|
||||
BIO_printf(bio_err, "Error Verifying Data\n");
|
||||
ERR_print_errors(bio_err);
|
||||
return 1;
|
||||
goto end;
|
||||
}
|
||||
return 0;
|
||||
ret = 0;
|
||||
goto end;
|
||||
}
|
||||
if (key != NULL) {
|
||||
EVP_MD_CTX *ctx;
|
||||
int pkey_len;
|
||||
BIO_get_md_ctx(bp, &ctx);
|
||||
len = BUFSIZE;
|
||||
pkey_len = EVP_PKEY_size(key);
|
||||
if (pkey_len > BUFSIZE) {
|
||||
len = pkey_len;
|
||||
sigbuf = app_malloc(len, "Signature buffer");
|
||||
buf = sigbuf;
|
||||
}
|
||||
if (!EVP_DigestSignFinal(ctx, buf, &len)) {
|
||||
BIO_printf(bio_err, "Error Signing Data\n");
|
||||
ERR_print_errors(bio_err);
|
||||
return 1;
|
||||
goto end;
|
||||
}
|
||||
} else {
|
||||
len = BIO_gets(bp, (char *)buf, BUFSIZE);
|
||||
if ((int)len < 0) {
|
||||
ERR_print_errors(bio_err);
|
||||
return 1;
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
|
||||
if (binout) {
|
||||
BIO_write(out, buf, len);
|
||||
} else if (sep == 2) {
|
||||
file = newline_escape_filename(file, &backslash);
|
||||
|
||||
if (backslash == 1)
|
||||
BIO_puts(out, "\\");
|
||||
|
||||
for (i = 0; i < (int)len; i++)
|
||||
BIO_printf(out, "%02x", buf[i]);
|
||||
|
||||
BIO_printf(out, " *%s\n", file);
|
||||
OPENSSL_free((char *)file);
|
||||
} else {
|
||||
if (sig_name != NULL) {
|
||||
BIO_puts(out, sig_name);
|
||||
@ -488,5 +586,11 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
|
||||
}
|
||||
BIO_printf(out, "\n");
|
||||
}
|
||||
return 0;
|
||||
|
||||
ret = 0;
|
||||
end:
|
||||
if (sigbuf != NULL)
|
||||
OPENSSL_clear_free(sigbuf, len);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
@ -50,7 +50,8 @@ typedef enum OPTION_choice {
|
||||
|
||||
const OPTIONS enc_options[] = {
|
||||
{"help", OPT_HELP, '-', "Display this summary"},
|
||||
{"ciphers", OPT_LIST, '-', "List ciphers"},
|
||||
{"list", OPT_LIST, '-', "List ciphers"},
|
||||
{"ciphers", OPT_LIST, '-', "Alias for -list"},
|
||||
{"in", OPT_IN, '<', "Input file"},
|
||||
{"out", OPT_OUT, '>', "Output file"},
|
||||
{"pass", OPT_PASS, 's', "Passphrase source"},
|
||||
|
@ -114,7 +114,7 @@ static int acfd = (int) INVALID_SOCKET;
|
||||
static int index_changed(CA_DB *);
|
||||
static void spawn_loop(void);
|
||||
static int print_syslog(const char *str, size_t len, void *levPtr);
|
||||
static void sock_timeout(int signum);
|
||||
static void socket_timeout(int signum);
|
||||
# endif
|
||||
|
||||
# ifndef OPENSSL_NO_SOCK
|
||||
@ -597,7 +597,7 @@ int ocsp_main(int argc, char **argv)
|
||||
if (multi && acbio != NULL)
|
||||
spawn_loop();
|
||||
if (acbio != NULL && req_timeout > 0)
|
||||
signal(SIGALRM, sock_timeout);
|
||||
signal(SIGALRM, socket_timeout);
|
||||
#endif
|
||||
|
||||
if (acbio != NULL)
|
||||
@ -1352,7 +1352,7 @@ static int urldecode(char *p)
|
||||
# endif
|
||||
|
||||
# ifdef OCSP_DAEMON
|
||||
static void sock_timeout(int signum)
|
||||
static void socket_timeout(int signum)
|
||||
{
|
||||
if (acfd != (int)INVALID_SOCKET)
|
||||
(void)shutdown(acfd, SHUT_RD);
|
||||
|
@ -164,6 +164,13 @@ int main(int argc, char *argv[])
|
||||
}
|
||||
|
||||
prog = prog_init();
|
||||
if (prog == NULL) {
|
||||
BIO_printf(bio_err,
|
||||
"FATAL: Startup failure (dev note: prog_init() failed)\n");
|
||||
ERR_print_errors(bio_err);
|
||||
ret = 1;
|
||||
goto end;
|
||||
}
|
||||
pname = opt_progname(argv[0]);
|
||||
|
||||
/* first check the program name */
|
||||
|
@ -807,7 +807,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
|
||||
(*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */
|
||||
(*salt_p)[i] = 0;
|
||||
# ifdef CHARSET_EBCDIC
|
||||
/* The password encryption funtion will convert back to ASCII */
|
||||
/* The password encryption function will convert back to ASCII */
|
||||
ascii2ebcdic(*salt_p, *salt_p, saltlen);
|
||||
# endif
|
||||
}
|
||||
|
@ -41,6 +41,7 @@ int dump_certs_pkeys_bags(BIO *out, const STACK_OF(PKCS12_SAFEBAG) *bags,
|
||||
int dump_certs_pkeys_bag(BIO *out, const PKCS12_SAFEBAG *bags,
|
||||
const char *pass, int passlen,
|
||||
int options, char *pempass, const EVP_CIPHER *enc);
|
||||
void print_attribute(BIO *out, const ASN1_TYPE *av);
|
||||
int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst,
|
||||
const char *name);
|
||||
void hex_prin(BIO *out, unsigned char *buf, int len);
|
||||
@ -878,39 +879,12 @@ int cert_load(BIO *in, STACK_OF(X509) *sk)
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Generalised attribute print: handle PKCS#8 and bag attributes */
|
||||
/* Generalised x509 attribute value print */
|
||||
|
||||
int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst,
|
||||
const char *name)
|
||||
void print_attribute(BIO *out, const ASN1_TYPE *av)
|
||||
{
|
||||
X509_ATTRIBUTE *attr;
|
||||
ASN1_TYPE *av;
|
||||
char *value;
|
||||
int i, attr_nid;
|
||||
if (!attrlst) {
|
||||
BIO_printf(out, "%s: <No Attributes>\n", name);
|
||||
return 1;
|
||||
}
|
||||
if (!sk_X509_ATTRIBUTE_num(attrlst)) {
|
||||
BIO_printf(out, "%s: <Empty Attributes>\n", name);
|
||||
return 1;
|
||||
}
|
||||
BIO_printf(out, "%s\n", name);
|
||||
for (i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) {
|
||||
ASN1_OBJECT *attr_obj;
|
||||
attr = sk_X509_ATTRIBUTE_value(attrlst, i);
|
||||
attr_obj = X509_ATTRIBUTE_get0_object(attr);
|
||||
attr_nid = OBJ_obj2nid(attr_obj);
|
||||
BIO_printf(out, " ");
|
||||
if (attr_nid == NID_undef) {
|
||||
i2a_ASN1_OBJECT(out, attr_obj);
|
||||
BIO_printf(out, ": ");
|
||||
} else {
|
||||
BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid));
|
||||
}
|
||||
|
||||
if (X509_ATTRIBUTE_count(attr)) {
|
||||
av = X509_ATTRIBUTE_get0_type(attr, 0);
|
||||
switch (av->type) {
|
||||
case V_ASN1_BMPSTRING:
|
||||
value = OPENSSL_uni2asc(av->value.bmpstring->data,
|
||||
@ -935,6 +909,44 @@ int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst,
|
||||
BIO_printf(out, "<Unsupported tag %d>\n", av->type);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
/* Generalised attribute print: handle PKCS#8 and bag attributes */
|
||||
|
||||
int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst,
|
||||
const char *name)
|
||||
{
|
||||
X509_ATTRIBUTE *attr;
|
||||
ASN1_TYPE *av;
|
||||
int i, j, attr_nid;
|
||||
if (!attrlst) {
|
||||
BIO_printf(out, "%s: <No Attributes>\n", name);
|
||||
return 1;
|
||||
}
|
||||
if (!sk_X509_ATTRIBUTE_num(attrlst)) {
|
||||
BIO_printf(out, "%s: <Empty Attributes>\n", name);
|
||||
return 1;
|
||||
}
|
||||
BIO_printf(out, "%s\n", name);
|
||||
for (i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) {
|
||||
ASN1_OBJECT *attr_obj;
|
||||
attr = sk_X509_ATTRIBUTE_value(attrlst, i);
|
||||
attr_obj = X509_ATTRIBUTE_get0_object(attr);
|
||||
attr_nid = OBJ_obj2nid(attr_obj);
|
||||
BIO_printf(out, " ");
|
||||
if (attr_nid == NID_undef) {
|
||||
i2a_ASN1_OBJECT(out, attr_obj);
|
||||
BIO_printf(out, ": ");
|
||||
} else {
|
||||
BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid));
|
||||
}
|
||||
|
||||
if (X509_ATTRIBUTE_count(attr)) {
|
||||
for (j = 0; j < X509_ATTRIBUTE_count(attr); j++)
|
||||
{
|
||||
av = X509_ATTRIBUTE_get0_type(attr, j);
|
||||
print_attribute(out, av);
|
||||
}
|
||||
} else {
|
||||
BIO_printf(out, "<No Values>\n");
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -299,8 +299,7 @@ int pkeyutl_main(int argc, char **argv)
|
||||
/* Sanity check the input */
|
||||
if (buf_inlen > EVP_MAX_MD_SIZE
|
||||
&& (pkey_op == EVP_PKEY_OP_SIGN
|
||||
|| pkey_op == EVP_PKEY_OP_VERIFY
|
||||
|| pkey_op == EVP_PKEY_OP_VERIFYRECOVER)) {
|
||||
|| pkey_op == EVP_PKEY_OP_VERIFY)) {
|
||||
BIO_printf(bio_err,
|
||||
"Error: The input data looks too long to be a hash\n");
|
||||
goto end;
|
||||
|
15
apps/req.c
15
apps/req.c
@ -200,9 +200,12 @@ static int duplicated(LHASH_OF(OPENSSL_STRING) *addexts, char *kv)
|
||||
*p = '\0';
|
||||
|
||||
/* Finally have a clean "key"; see if it's there [by attempt to add it]. */
|
||||
if ((p = (char *)lh_OPENSSL_STRING_insert(addexts, (OPENSSL_STRING*)kv))
|
||||
!= NULL || lh_OPENSSL_STRING_error(addexts)) {
|
||||
OPENSSL_free(p != NULL ? p : kv);
|
||||
p = (char *)lh_OPENSSL_STRING_insert(addexts, (OPENSSL_STRING*)kv);
|
||||
if (p != NULL) {
|
||||
OPENSSL_free(p);
|
||||
return 1;
|
||||
} else if (lh_OPENSSL_STRING_error(addexts)) {
|
||||
OPENSSL_free(kv);
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -435,12 +438,14 @@ int req_main(int argc, char **argv)
|
||||
|
||||
if (verbose)
|
||||
BIO_printf(bio_err, "Using configuration from %s\n", template);
|
||||
req_conf = app_load_config(template);
|
||||
if ((req_conf = app_load_config(template)) == NULL)
|
||||
goto end;
|
||||
if (addext_bio) {
|
||||
if (verbose)
|
||||
BIO_printf(bio_err,
|
||||
"Using additional configuration from command line\n");
|
||||
addext_conf = app_load_config_bio(addext_bio, NULL);
|
||||
if ((addext_conf = app_load_config_bio(addext_bio, NULL)) == NULL)
|
||||
goto end;
|
||||
}
|
||||
if (template != default_config_file && !app_load_modules(req_conf))
|
||||
goto end;
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -188,6 +188,7 @@ static STRINT_PAIR cert_type_list[] = {
|
||||
{"RSA fixed ECDH", TLS_CT_RSA_FIXED_ECDH},
|
||||
{"ECDSA fixed ECDH", TLS_CT_ECDSA_FIXED_ECDH},
|
||||
{"GOST01 Sign", TLS_CT_GOST01_SIGN},
|
||||
{"GOST12 Sign", TLS_CT_GOST12_SIGN},
|
||||
{NULL}
|
||||
};
|
||||
|
||||
|
@ -180,9 +180,6 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
|
||||
}
|
||||
#endif
|
||||
|
||||
#define TLS13_AES_128_GCM_SHA256_BYTES ((const unsigned char *)"\x13\x01")
|
||||
#define TLS13_AES_256_GCM_SHA384_BYTES ((const unsigned char *)"\x13\x02")
|
||||
|
||||
static int psk_find_session_cb(SSL *ssl, const unsigned char *identity,
|
||||
size_t identity_len, SSL_SESSION **sess)
|
||||
{
|
||||
@ -3208,6 +3205,12 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
|
||||
if (e[0] == ' ')
|
||||
break;
|
||||
|
||||
if (e[0] == ':') {
|
||||
/* Windows drive. We treat this the same way as ".." */
|
||||
dot = -1;
|
||||
break;
|
||||
}
|
||||
|
||||
switch (dot) {
|
||||
case 1:
|
||||
dot = (e[0] == '.') ? 2 : 0;
|
||||
@ -3216,11 +3219,11 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
|
||||
dot = (e[0] == '.') ? 3 : 0;
|
||||
break;
|
||||
case 3:
|
||||
dot = (e[0] == '/') ? -1 : 0;
|
||||
dot = (e[0] == '/' || e[0] == '\\') ? -1 : 0;
|
||||
break;
|
||||
}
|
||||
if (dot == 0)
|
||||
dot = (e[0] == '/') ? 1 : 0;
|
||||
dot = (e[0] == '/' || e[0] == '\\') ? 1 : 0;
|
||||
}
|
||||
dot = (dot == 3) || (dot == -1); /* filename contains ".."
|
||||
* component */
|
||||
@ -3234,11 +3237,11 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
|
||||
|
||||
if (dot) {
|
||||
BIO_puts(io, text);
|
||||
BIO_printf(io, "'%s' contains '..' reference\r\n", p);
|
||||
BIO_printf(io, "'%s' contains '..' or ':'\r\n", p);
|
||||
break;
|
||||
}
|
||||
|
||||
if (*p == '/') {
|
||||
if (*p == '/' || *p == '\\') {
|
||||
BIO_puts(io, text);
|
||||
BIO_printf(io, "'%s' is an invalid path\r\n", p);
|
||||
break;
|
||||
|
@ -1,52 +1,47 @@
|
||||
subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert
|
||||
issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIID5zCCAs+gAwIBAgIJALnu1NlVpZ6zMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
|
||||
BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
|
||||
VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
|
||||
ZWRpYXRlIENBMB4XDTExMTIwODE0MDE0OFoXDTIxMTAxNjE0MDE0OFowZDELMAkG
|
||||
A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
|
||||
RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgU2VydmVyIENlcnQw
|
||||
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzhPOSNtyyRspmeuUpxfNJ
|
||||
KCLTuf7g3uQ4zu4iHOmRO5TQci+HhVlLZrHF9XqFXcIP0y4pWDbMSGuiorUmzmfi
|
||||
R7bfSdI/+qIQt8KXRH6HNG1t8ou0VSvWId5TS5Dq/er5ODUr9OaaDva7EquHIcMv
|
||||
vPQGuI+OEAcnleVCy9HVEIySrO4P3CNIicnGkwwiAud05yUAq/gPXBC1hTtmlPD7
|
||||
TVcGVSEiJdvzqqlgv02qedGrkki6GY4S7GjZxrrf7Foc2EP+51LJzwLQx3/JfrCU
|
||||
41NEWAsu/Sl0tQabXESN+zJ1pDqoZ3uHMgpQjeGiE0olr+YcsSW/tJmiU9OiAr8R
|
||||
AgMBAAGjgY8wgYwwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwLAYJYIZI
|
||||
AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
|
||||
BBSCvM8AABPR9zklmifnr9LvIBturDAfBgNVHSMEGDAWgBQ2w2yI55X+sL3szj49
|
||||
hqshgYfa2jANBgkqhkiG9w0BAQUFAAOCAQEAqb1NV0B0/pbpK9Z4/bNjzPQLTRLK
|
||||
WnSNm/Jh5v0GEUOE/Beg7GNjNrmeNmqxAlpqWz9qoeoFZax+QBpIZYjROU3TS3fp
|
||||
yLsrnlr0CDQ5R7kCCDGa8dkXxemmpZZLbUCpW2Uoy8sAA4JjN9OtsZY7dvUXFgJ7
|
||||
vVNTRnI01ghknbtD+2SxSQd3CWF6QhcRMAzZJ1z1cbbwGDDzfvGFPzJ+Sq+zEPds
|
||||
xoVLLSetCiBc+40ZcDS5dV98h9XD7JMTQfxzA7mNGv73JoZJA6nFgj+ADSlJsY/t
|
||||
JBv+z1iQRueoh9Qeee+ZbRifPouCB8FDx+AltvHTANdAq0t/K3o+pplMVA==
|
||||
MIIDJTCCAg2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
|
||||
IENBMCAXDTE2MDExNDIyMjk0NloYDzIxMTYwMTE1MjIyOTQ2WjAZMRcwFQYDVQQD
|
||||
DA5zZXJ2ZXIuZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
|
||||
ANVdYGrf/GHuSKqMEUhDpW22Ul2qmEmxYZI1sfw6BCUMbXn/tNXJ6VwcO+Crs7h9
|
||||
o95tveDd11q/FEcRQl6mgtBhwX/dE0bmCYUHDvLU/Bpk0gqtIKsga5bwrczEGVNV
|
||||
3AEdpLPvirRJU12KBRzx3OFEv8XX4ncZV1yXC3XuiENxD8pswbSyUKd3RmxYDxG/
|
||||
8XYkWq45QrdRZynh0FUwbxfkkeqt+CjCQ2+iZKn7nZiSYkg+6w1PgkqK/z9y7pa1
|
||||
rqHBmLrvfZB1bf9aUp6r9cB+0IdD24UHBw99OHr90dPuZR3T6jlqhzfuStPgDW71
|
||||
cKzCvfFu85KVXqnwoWWVk40CAwEAAaN9MHswHQYDVR0OBBYEFMDnhL/oWSczELBS
|
||||
T1FSLwbWwHrNMB8GA1UdIwQYMBaAFHB/Lq6DaFmYBCMqzes+F80k3QFJMAkGA1Ud
|
||||
EwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGQYDVR0RBBIwEIIOc2VydmVyLmV4
|
||||
YW1wbGUwDQYJKoZIhvcNAQELBQADggEBAHvTBEN1ig8RrsT716Ginv4gGNX0LzGI
|
||||
RrZ1jO7lm5emuaPNYJpGw0iX5Zdo91qGNXPZaZ75X3S55pQTActq3OPEBOll2pyk
|
||||
iyjz+Zp/v5cfRZLlBbFW5gv2R94eibYr4U3fSn4B0yPcl4xH/l/HzJhGDsSDW8qK
|
||||
8VIJvmvsPwmL0JMCv+FR59F+NFYZdND/KCXet59WUpF9ICmFCoBEX3EyJXEPwhbi
|
||||
X2sdPzJbCjx0HLli8e0HUKNttLQxCsBTRGo6iISLLamwN47mGDa9miBADwGSiz2q
|
||||
YeeuLO02zToHhnQ6KbPXOrQAqcL1kngO4g+j/ru+4AZThFkdkGnltvk=
|
||||
-----END CERTIFICATE-----
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEA84TzkjbcskbKZnrlKcXzSSgi07n+4N7kOM7uIhzpkTuU0HIv
|
||||
h4VZS2axxfV6hV3CD9MuKVg2zEhroqK1Js5n4ke230nSP/qiELfCl0R+hzRtbfKL
|
||||
tFUr1iHeU0uQ6v3q+Tg1K/Tmmg72uxKrhyHDL7z0BriPjhAHJ5XlQsvR1RCMkqzu
|
||||
D9wjSInJxpMMIgLndOclAKv4D1wQtYU7ZpTw+01XBlUhIiXb86qpYL9NqnnRq5JI
|
||||
uhmOEuxo2ca63+xaHNhD/udSyc8C0Md/yX6wlONTRFgLLv0pdLUGm1xEjfsydaQ6
|
||||
qGd7hzIKUI3hohNKJa/mHLElv7SZolPTogK/EQIDAQABAoIBAADq9FwNtuE5IRQn
|
||||
zGtO4q7Y5uCzZ8GDNYr9RKp+P2cbuWDbvVAecYq2NV9QoIiWJOAYZKklOvekIju3
|
||||
r0UZLA0PRiIrTg6NrESx3JrjWDK8QNlUO7CPTZ39/K+FrmMkV9lem9yxjJjyC34D
|
||||
AQB+YRTx+l14HppjdxNwHjAVQpIx/uO2F5xAMuk32+3K+pq9CZUtrofe1q4Agj9R
|
||||
5s8mSy9pbRo9kW9wl5xdEotz1LivFOEiqPUJTUq5J5PeMKao3vdK726XI4Z455Nm
|
||||
W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH
|
||||
674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg
|
||||
utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY
|
||||
BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX
|
||||
4qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a
|
||||
WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8
|
||||
bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH
|
||||
6ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex
|
||||
4UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa
|
||||
WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g
|
||||
n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB
|
||||
JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+
|
||||
OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX
|
||||
xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK
|
||||
UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVXWBq3/xh7kiq
|
||||
jBFIQ6VttlJdqphJsWGSNbH8OgQlDG15/7TVyelcHDvgq7O4faPebb3g3ddavxRH
|
||||
EUJepoLQYcF/3RNG5gmFBw7y1PwaZNIKrSCrIGuW8K3MxBlTVdwBHaSz74q0SVNd
|
||||
igUc8dzhRL/F1+J3GVdclwt17ohDcQ/KbMG0slCnd0ZsWA8Rv/F2JFquOUK3UWcp
|
||||
4dBVMG8X5JHqrfgowkNvomSp+52YkmJIPusNT4JKiv8/cu6Wta6hwZi6732QdW3/
|
||||
WlKeq/XAftCHQ9uFBwcPfTh6/dHT7mUd0+o5aoc37krT4A1u9XCswr3xbvOSlV6p
|
||||
8KFllZONAgMBAAECggEADLTt7A+A2Vg2jamf0dztejY0e42QWjstI2b9PZc67fXq
|
||||
gyx+WYkX07t+uWegYWliG/oPJ9guXiIpE/5sJHToL37S5kmFP2CtynVcJ4wVo4DD
|
||||
nY0n9+kLX0bgIuS+2V6wpoRcbbbjXM9NHrH8kfe5ftT4UtEDlLI2qLX6IcDd7p4u
|
||||
OYjILChR8GSGTw96yIy2Ws/1Uq9PMw64JoT4RcK5QqnkcPMDFRH1SeLOL+zXP2c4
|
||||
nEl9yOy3HauZKxwl/Ry/XK1s3DdjopIAU29ut+hAuMiTb06kzZnumL9NoplKoZtU
|
||||
otw/gVcCKhT+Ep+p6i8InLF0XEME8A0qUR0niWebgQKBgQD6vkxR49B8ZZQrzjw4
|
||||
XKs1lI9cP7cgPiuWlDHMNjYou3WbOaGrMeScvbB1Ldh9A8pjAhxlw8AaV/xs4qcA
|
||||
trmVmSISVMVyc1wSGlJXWi2nUzTNs9OE3vj22SyStihf8UUZtWwX2b5Y4JrYhA/V
|
||||
+ThGGqHR03oLNLShNLtJc2c7YQKBgQDZ1nkibEyrepexw/fnwkw61IJKq9wRIh1G
|
||||
PREakhbe9wU5ie0knuf9razt7awzQiwFmlixmWqsM7UEtLuXNnNPciwdrKhhbvrd
|
||||
vD/rkbIEHEPllIhFlDtOzn3hRBWTzWmXFjpou/2LvHTSbVis4IYVZymTp2jb1ZLs
|
||||
7VbiG9JTrQKBgQDc6n75g1szzpdehQT/r33U5j/syeJBUSU8NPMu9fB/sLHsgjlT
|
||||
SNEf2+y1QSBE/Or6kmiMrIv7advn30W+Vj9qc5HWTsPrk4HiHTjA553jl2alebN5
|
||||
lK4LZspjtIQcC8mS3goPdXPEgJdM/gWpwzr2YQ6DfOxBJT2j7n64NyoT4QKBgH7/
|
||||
yx+GhCx1DHtXBPDZFhg2TL+78lEK0oZgk9gp06up2CHzh44SFq6O0oLkTcCUk5Ww
|
||||
poTkLIy4mJBlzfgahp+KsK2cO46SZS9g0ONFzcMXt33hWpE2Gl2XhUwPpYTF/QlY
|
||||
rDTjZK5S8Mi9dzVSsNlJi7PJphiEK2R1+nFYRwcBAoGBANWoIG85jpXAOnq/Kcgx
|
||||
Rl3YivR0Ke6r1tFlP58rT7X3EkiboXyQl5vLIFCAwUte6RGrLl1dy3Qyh80B9ySL
|
||||
Jx6vj42CK7vgv6A96TuVYhnXTnEI6ZvwAQ2VGaw4BizhjALs/kdSE/og9aSCs3ws
|
||||
KQypwAFz0tbHxaNag/bSAN0J
|
||||
-----END PRIVATE KEY-----
|
||||
|
43
apps/speed.c
43
apps/speed.c
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
@ -1242,8 +1242,6 @@ static int run_benchmark(int async_jobs,
|
||||
OSSL_ASYNC_FD job_fd = 0;
|
||||
size_t num_job_fds = 0;
|
||||
|
||||
run = 1;
|
||||
|
||||
if (async_jobs == 0) {
|
||||
return loop_function((void *)&loopargs);
|
||||
}
|
||||
@ -2412,7 +2410,7 @@ int speed_main(int argc, char **argv)
|
||||
print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
|
||||
lengths[testnum], seconds.sym);
|
||||
Time_F(START);
|
||||
for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
|
||||
for (count = 0; COND(c[D_CBC_128_CML][testnum]); count++)
|
||||
Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
||||
(size_t)lengths[testnum], &camellia_ks1,
|
||||
iv, CAMELLIA_ENCRYPT);
|
||||
@ -2434,7 +2432,7 @@ int speed_main(int argc, char **argv)
|
||||
exit(1);
|
||||
}
|
||||
Time_F(START);
|
||||
for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
|
||||
for (count = 0; COND(c[D_CBC_192_CML][testnum]); count++)
|
||||
Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
||||
(size_t)lengths[testnum], &camellia_ks2,
|
||||
iv, CAMELLIA_ENCRYPT);
|
||||
@ -2452,7 +2450,7 @@ int speed_main(int argc, char **argv)
|
||||
print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
|
||||
lengths[testnum], seconds.sym);
|
||||
Time_F(START);
|
||||
for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
|
||||
for (count = 0; COND(c[D_CBC_256_CML][testnum]); count++)
|
||||
Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
||||
(size_t)lengths[testnum], &camellia_ks3,
|
||||
iv, CAMELLIA_ENCRYPT);
|
||||
@ -2472,7 +2470,7 @@ int speed_main(int argc, char **argv)
|
||||
print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
|
||||
lengths[testnum], seconds.sym);
|
||||
Time_F(START);
|
||||
for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
|
||||
for (count = 0; COND(c[D_CBC_IDEA][testnum]); count++)
|
||||
IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
||||
(size_t)lengths[testnum], &idea_ks,
|
||||
iv, IDEA_ENCRYPT);
|
||||
@ -2492,7 +2490,7 @@ int speed_main(int argc, char **argv)
|
||||
print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
|
||||
lengths[testnum], seconds.sym);
|
||||
Time_F(START);
|
||||
for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
|
||||
for (count = 0; COND(c[D_CBC_SEED][testnum]); count++)
|
||||
SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
||||
(size_t)lengths[testnum], &seed_ks, iv, 1);
|
||||
d = Time_F(STOP);
|
||||
@ -2515,7 +2513,7 @@ int speed_main(int argc, char **argv)
|
||||
exit(1);
|
||||
}
|
||||
Time_F(START);
|
||||
for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
|
||||
for (count = 0; COND(c[D_CBC_RC2][testnum]); count++)
|
||||
RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
||||
(size_t)lengths[testnum], &rc2_ks,
|
||||
iv, RC2_ENCRYPT);
|
||||
@ -2539,7 +2537,7 @@ int speed_main(int argc, char **argv)
|
||||
exit(1);
|
||||
}
|
||||
Time_F(START);
|
||||
for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
|
||||
for (count = 0; COND(c[D_CBC_RC5][testnum]); count++)
|
||||
RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
||||
(size_t)lengths[testnum], &rc5_ks,
|
||||
iv, RC5_ENCRYPT);
|
||||
@ -2559,7 +2557,7 @@ int speed_main(int argc, char **argv)
|
||||
print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
|
||||
lengths[testnum], seconds.sym);
|
||||
Time_F(START);
|
||||
for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
|
||||
for (count = 0; COND(c[D_CBC_BF][testnum]); count++)
|
||||
BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
||||
(size_t)lengths[testnum], &bf_ks,
|
||||
iv, BF_ENCRYPT);
|
||||
@ -2579,7 +2577,7 @@ int speed_main(int argc, char **argv)
|
||||
print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
|
||||
lengths[testnum], seconds.sym);
|
||||
Time_F(START);
|
||||
for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
|
||||
for (count = 0; COND(c[D_CBC_CAST][testnum]); count++)
|
||||
CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
||||
(size_t)lengths[testnum], &cast_ks,
|
||||
iv, CAST_ENCRYPT);
|
||||
@ -3006,7 +3004,7 @@ int speed_main(int argc, char **argv)
|
||||
pctx = NULL;
|
||||
}
|
||||
if (kctx == NULL || /* keygen ctx is not null */
|
||||
!EVP_PKEY_keygen_init(kctx) /* init keygen ctx */ ) {
|
||||
EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
|
||||
ecdh_checks = 0;
|
||||
BIO_printf(bio_err, "ECDH keygen failure.\n");
|
||||
ERR_print_errors(bio_err);
|
||||
@ -3014,12 +3012,12 @@ int speed_main(int argc, char **argv)
|
||||
break;
|
||||
}
|
||||
|
||||
if (!EVP_PKEY_keygen(kctx, &key_A) || /* generate secret key A */
|
||||
!EVP_PKEY_keygen(kctx, &key_B) || /* generate secret key B */
|
||||
if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
|
||||
EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
|
||||
!(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
|
||||
!EVP_PKEY_derive_init(ctx) || /* init derivation ctx */
|
||||
!EVP_PKEY_derive_set_peer(ctx, key_B) || /* set peer pubkey in ctx */
|
||||
!EVP_PKEY_derive(ctx, NULL, &outlen) || /* determine max length */
|
||||
EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
|
||||
EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
|
||||
EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
|
||||
outlen == 0 || /* ensure outlen is a valid size */
|
||||
outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
|
||||
ecdh_checks = 0;
|
||||
@ -3106,8 +3104,8 @@ int speed_main(int argc, char **argv)
|
||||
|
||||
if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
|
||||
== NULL
|
||||
|| !EVP_PKEY_keygen_init(ed_pctx)
|
||||
|| !EVP_PKEY_keygen(ed_pctx, &ed_pkey)) {
|
||||
|| EVP_PKEY_keygen_init(ed_pctx) <= 0
|
||||
|| EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
|
||||
st = 0;
|
||||
EVP_PKEY_CTX_free(ed_pctx);
|
||||
break;
|
||||
@ -3395,6 +3393,7 @@ static void print_message(const char *s, long num, int length, int tm)
|
||||
mr ? "+DT:%s:%d:%d\n"
|
||||
: "Doing %s for %ds on %d size blocks: ", s, tm, length);
|
||||
(void)BIO_flush(bio_err);
|
||||
run = 1;
|
||||
alarm(tm);
|
||||
#else
|
||||
BIO_printf(bio_err,
|
||||
@ -3412,6 +3411,7 @@ static void pkey_print_message(const char *str, const char *str2, long num,
|
||||
mr ? "+DTP:%d:%s:%s:%d\n"
|
||||
: "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
|
||||
(void)BIO_flush(bio_err);
|
||||
run = 1;
|
||||
alarm(tm);
|
||||
#else
|
||||
BIO_printf(bio_err,
|
||||
@ -3584,6 +3584,7 @@ static int do_multi(int multi, int size_num)
|
||||
p = buf + 4;
|
||||
k = atoi(sstrsep(&p, sep));
|
||||
sstrsep(&p, sep);
|
||||
sstrsep(&p, sep);
|
||||
|
||||
d = atof(sstrsep(&p, sep));
|
||||
eddsa_results[k][0] += d;
|
||||
@ -3641,7 +3642,7 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
|
||||
for (j = 0; j < num; j++) {
|
||||
print_message(alg_name, 0, mblengths[j], seconds->sym);
|
||||
Time_F(START);
|
||||
for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
|
||||
for (count = 0; run && count < 0x7fffffff; count++) {
|
||||
unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
|
||||
EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
|
||||
size_t len = mblengths[j];
|
||||
|
@ -7,11 +7,11 @@
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef INCLUDED_TIMEOUTS_H
|
||||
# define INCLUDED_TIMEOUTS_H
|
||||
#ifndef OSSL_APPS_TIMEOUTS_H
|
||||
# define OSSL_APPS_TIMEOUTS_H
|
||||
|
||||
/* numbers in us */
|
||||
# define DGRAM_RCV_TIMEOUT 250000
|
||||
# define DGRAM_SND_TIMEOUT 250000
|
||||
|
||||
#endif /* ! INCLUDED_TIMEOUTS_H */
|
||||
#endif /* ! OSSL_APPS_TIMEOUTS_H */
|
||||
|
@ -282,7 +282,8 @@ int ts_main(int argc, char **argv)
|
||||
goto end;
|
||||
}
|
||||
|
||||
conf = load_config_file(configfile);
|
||||
if ((conf = load_config_file(configfile)) == NULL)
|
||||
goto end;
|
||||
if (configfile != default_config_file && !app_load_modules(conf))
|
||||
goto end;
|
||||
|
||||
|
12
apps/x509.c
12
apps/x509.c
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -72,7 +72,7 @@ const OPTIONS x509_options[] = {
|
||||
{"outform", OPT_OUTFORM, 'f',
|
||||
"Output format - default PEM (one of DER or PEM)"},
|
||||
{"out", OPT_OUT, '>', "Output file - default stdout"},
|
||||
{"keyform", OPT_KEYFORM, 'F', "Private key format - default PEM"},
|
||||
{"keyform", OPT_KEYFORM, 'E', "Private key format - default PEM"},
|
||||
{"passin", OPT_PASSIN, 's', "Private key password/pass-phrase source"},
|
||||
{"serial", OPT_SERIAL, '-', "Print serial number value"},
|
||||
{"subject_hash", OPT_HASH, '-', "Print subject hash value"},
|
||||
@ -107,7 +107,7 @@ const OPTIONS x509_options[] = {
|
||||
{"checkend", OPT_CHECKEND, 'M',
|
||||
"Check whether the cert expires in the next arg seconds"},
|
||||
{OPT_MORE_STR, 1, 1, "Exit 1 if so, 0 if not"},
|
||||
{"signkey", OPT_SIGNKEY, '<', "Self sign cert with arg"},
|
||||
{"signkey", OPT_SIGNKEY, 's', "Self sign cert with arg"},
|
||||
{"x509toreq", OPT_X509TOREQ, '-',
|
||||
"Output a certification request object"},
|
||||
{"req", OPT_REQ, '-', "Input is a certificate request, sign and output"},
|
||||
@ -130,7 +130,7 @@ const OPTIONS x509_options[] = {
|
||||
{"checkemail", OPT_CHECKEMAIL, 's', "Check certificate matches email"},
|
||||
{"checkip", OPT_CHECKIP, 's', "Check certificate matches ipaddr"},
|
||||
{"CAform", OPT_CAFORM, 'F', "CA format - default PEM"},
|
||||
{"CAkeyform", OPT_CAKEYFORM, 'f', "CA key format - default PEM"},
|
||||
{"CAkeyform", OPT_CAKEYFORM, 'E', "CA key format - default PEM"},
|
||||
{"sigopt", OPT_SIGOPT, 's', "Signature parameter in n:v form"},
|
||||
{"force_pubkey", OPT_FORCE_PUBKEY, '<', "Force the Key to put inside certificate"},
|
||||
{"next_serial", OPT_NEXT_SERIAL, '-', "Increment current certificate serial number"},
|
||||
@ -217,7 +217,7 @@ int x509_main(int argc, char **argv)
|
||||
goto opthelp;
|
||||
break;
|
||||
case OPT_KEYFORM:
|
||||
if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &keyformat))
|
||||
if (!opt_format(opt_arg(), OPT_FMT_PDE, &keyformat))
|
||||
goto opthelp;
|
||||
break;
|
||||
case OPT_CAFORM:
|
||||
@ -225,7 +225,7 @@ int x509_main(int argc, char **argv)
|
||||
goto opthelp;
|
||||
break;
|
||||
case OPT_CAKEYFORM:
|
||||
if (!opt_format(opt_arg(), OPT_FMT_ANY, &CAkeyformat))
|
||||
if (!opt_format(opt_arg(), OPT_FMT_PDE, &CAkeyformat))
|
||||
goto opthelp;
|
||||
break;
|
||||
case OPT_OUT:
|
||||
|
19
appveyor.yml
19
appveyor.yml
@ -1,3 +1,6 @@
|
||||
image:
|
||||
- Visual Studio 2017
|
||||
|
||||
platform:
|
||||
- x64
|
||||
- x86
|
||||
@ -5,17 +8,24 @@ platform:
|
||||
environment:
|
||||
fast_finish: true
|
||||
matrix:
|
||||
- VSVER: 14
|
||||
- VSVER: 15
|
||||
|
||||
configuration:
|
||||
- shared
|
||||
- plain
|
||||
- minimal
|
||||
|
||||
before_build:
|
||||
- ps: >-
|
||||
Install-Module VSSetup -Scope CurrentUser
|
||||
- ps: >-
|
||||
Get-VSSetupInstance -All
|
||||
- ps: >-
|
||||
gci env:* | sort-object name
|
||||
- ps: >-
|
||||
If ($env:Platform -Match "x86") {
|
||||
$env:VCVARS_PLATFORM="x86"
|
||||
$env:TARGET="VC-WIN32 no-asm"
|
||||
$env:TARGET="VC-WIN32 no-asm --strict-warnings"
|
||||
} Else {
|
||||
$env:VCVARS_PLATFORM="amd64"
|
||||
$env:TARGET="VC-WIN64A-masm"
|
||||
@ -23,11 +33,12 @@ before_build:
|
||||
- ps: >-
|
||||
If ($env:Configuration -Match "shared") {
|
||||
$env:SHARED="no-makedepend"
|
||||
} ElseIf ($env:Configuration -Match "minimal") {
|
||||
$env:SHARED="no-shared no-dso no-makedepend no-aria no-async no-autoload-config no-blake2 no-bf no-camellia no-cast no-chacha no-cmac no-cms no-comp no-ct no-des no-dgram no-dh no-dsa no-dtls no-ec2m no-engine no-filenames no-gost no-idea no-mdc2 no-md4 no-multiblock no-nextprotoneg no-ocsp no-ocb no-poly1305 no-psk no-rc2 no-rc4 no-rmd160 no-seed no-siphash no-sm2 no-sm3 no-sm4 no-srp no-srtp no-ssl3 no-ssl3-method no-ts no-ui-console no-whirlpool no-asm -DOPENSSL_SMALL_FOOTPRINT"
|
||||
} Else {
|
||||
$env:SHARED="no-shared no-makedepend"
|
||||
}
|
||||
- ps: $env:VSCOMNTOOLS=(Get-Content ("env:VS" + "$env:VSVER" + "0COMNTOOLS"))
|
||||
- call "%VSCOMNTOOLS%\..\..\VC\vcvarsall.bat" %VCVARS_PLATFORM%
|
||||
- call "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvarsall.bat" %VCVARS_PLATFORM%
|
||||
- mkdir _build
|
||||
- cd _build
|
||||
- perl ..\Configure %TARGET% %SHARED%
|
||||
|
14
build.info
14
build.info
@ -9,20 +9,20 @@
|
||||
"";
|
||||
-}
|
||||
LIBS=libcrypto libssl
|
||||
INCLUDE[libcrypto]=. crypto/include include
|
||||
INCLUDE[libcrypto]=. include
|
||||
INCLUDE[libssl]=. include
|
||||
DEPEND[libssl]=libcrypto
|
||||
|
||||
# Empty DEPEND "indices" means the dependencies are expected to be built
|
||||
# unconditionally before anything else.
|
||||
DEPEND[]=include/openssl/opensslconf.h crypto/include/internal/bn_conf.h \
|
||||
crypto/include/internal/dso_conf.h
|
||||
DEPEND[]=include/openssl/opensslconf.h include/crypto/bn_conf.h \
|
||||
include/crypto/dso_conf.h
|
||||
DEPEND[include/openssl/opensslconf.h]=configdata.pm
|
||||
GENERATE[include/openssl/opensslconf.h]=include/openssl/opensslconf.h.in
|
||||
DEPEND[crypto/include/internal/bn_conf.h]=configdata.pm
|
||||
GENERATE[crypto/include/internal/bn_conf.h]=crypto/include/internal/bn_conf.h.in
|
||||
DEPEND[crypto/include/internal/dso_conf.h]=configdata.pm
|
||||
GENERATE[crypto/include/internal/dso_conf.h]=crypto/include/internal/dso_conf.h.in
|
||||
DEPEND[include/crypto/bn_conf.h]=configdata.pm
|
||||
GENERATE[include/crypto/bn_conf.h]=include/crypto/bn_conf.h.in
|
||||
DEPEND[include/crypto/dso_conf.h]=configdata.pm
|
||||
GENERATE[include/crypto/dso_conf.h]=include/crypto/dso_conf.h.in
|
||||
|
||||
IF[{- defined $target{shared_defflag} -}]
|
||||
IF[{- $config{target} =~ /^mingw/ -}]
|
||||
|
20
config
20
config
@ -1,5 +1,5 @@
|
||||
#!/bin/sh
|
||||
# Copyright 1998-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -509,10 +509,7 @@ case "$GUESSOS" in
|
||||
OUT="ios64-cross" ;;
|
||||
alpha-*-linux2)
|
||||
ISA=`awk '/cpu model/{print$4;exit(0);}' /proc/cpuinfo`
|
||||
case ${ISA:-generic} in
|
||||
*[678]) OUT="linux-alpha+bwx-$CC" ;;
|
||||
*) OUT="linux-alpha-$CC" ;;
|
||||
esac
|
||||
OUT="linux-alpha-$CC"
|
||||
if [ "$CC" = "gcc" ]; then
|
||||
case ${ISA:-generic} in
|
||||
EV5|EV45) __CNF_CFLAGS="$__CNF_CFLAGS -mcpu=ev5"
|
||||
@ -908,8 +905,12 @@ fi
|
||||
|
||||
OUT="$OUT"
|
||||
|
||||
$PERL $THERE/Configure LIST | grep "$OUT" > /dev/null
|
||||
if [ $? = "0" ]; then
|
||||
if [ "$OUT" = "darwin64-x86_64-cc" ]; then
|
||||
echo "WARNING! If you wish to build 32-bit libraries, then you have to"
|
||||
echo " invoke 'KERNEL_BITS=32 $THERE/config $options'."
|
||||
fi
|
||||
|
||||
if $PERL $THERE/Configure LIST | grep "$OUT" > /dev/null; then
|
||||
if [ "$VERBOSE" = "true" ]; then
|
||||
echo /usr/bin/env \
|
||||
__CNF_CPPDEFINES="'$__CNF_CPPDEFINES'" \
|
||||
@ -939,8 +940,5 @@ else
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ "$OUT" = "darwin64-x86_64-cc" ]; then
|
||||
echo "WARNING! If you wish to build 32-bit libraries, then you have to"
|
||||
echo " invoke 'KERNEL_BITS=32 $THERE/config $options'."
|
||||
fi
|
||||
# Do not add anothing from here on, so we don't lose the Configure exit code
|
||||
)
|
||||
|
@ -131,9 +131,8 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
|
||||
return 0;
|
||||
}
|
||||
|
||||
strncpy((*ctx)->entry_name, direntry->d_name,
|
||||
sizeof((*ctx)->entry_name) - 1);
|
||||
(*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
|
||||
OPENSSL_strlcpy((*ctx)->entry_name, direntry->d_name,
|
||||
sizeof((*ctx)->entry_name));
|
||||
#ifdef __VMS
|
||||
if ((*ctx)->expect_file_generations) {
|
||||
char *p = (*ctx)->entry_name + strlen((*ctx)->entry_name);
|
||||
|
@ -41,7 +41,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/aes.h>
|
||||
#include "aes_locl.h"
|
||||
#include "aes_local.h"
|
||||
|
||||
#ifndef AES_ASM
|
||||
/*-
|
||||
|
@ -10,7 +10,7 @@
|
||||
#include <assert.h>
|
||||
|
||||
#include <openssl/aes.h>
|
||||
#include "aes_locl.h"
|
||||
#include "aes_local.h"
|
||||
|
||||
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const AES_KEY *key, const int enc)
|
||||
|
@ -10,7 +10,7 @@
|
||||
#include "internal/cryptlib.h"
|
||||
|
||||
#include <openssl/aes.h>
|
||||
#include "aes_locl.h"
|
||||
#include "aes_local.h"
|
||||
|
||||
#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
|
||||
typedef struct {
|
||||
|
@ -7,8 +7,8 @@
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef HEADER_AES_LOCL_H
|
||||
# define HEADER_AES_LOCL_H
|
||||
#ifndef OSSL_CRYPTO_AES_LOCAL_H
|
||||
# define OSSL_CRYPTO_AES_LOCAL_H
|
||||
|
||||
# include <openssl/e_os2.h>
|
||||
# include <stdio.h>
|
||||
@ -39,4 +39,4 @@ typedef unsigned char u8;
|
||||
/* This controls loop-unrolling in aes_core.c */
|
||||
# undef FULL_UNROLL
|
||||
|
||||
#endif /* !HEADER_AES_LOCL_H */
|
||||
#endif /* !OSSL_CRYPTO_AES_LOCAL_H */
|
@ -9,7 +9,7 @@
|
||||
|
||||
#include <openssl/opensslv.h>
|
||||
#include <openssl/aes.h>
|
||||
#include "aes_locl.h"
|
||||
#include "aes_local.h"
|
||||
|
||||
const char *AES_options(void)
|
||||
{
|
||||
|
@ -46,7 +46,7 @@
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <openssl/aes.h>
|
||||
#include "aes_locl.h"
|
||||
#include "aes_local.h"
|
||||
|
||||
/*
|
||||
* These two parameters control which table, 256-byte or 2KB, is
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -1242,4 +1242,4 @@ while(<SELF>) {
|
||||
close SELF;
|
||||
|
||||
print $code;
|
||||
close STDOUT; # enforce flush
|
||||
close STDOUT or die "error closing STDOUT: $!"; # enforce flush
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -1379,4 +1379,4 @@ AES_Td4:
|
||||
___
|
||||
|
||||
print $code;
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -2167,4 +2167,4 @@ foreach (split("\n",$code)) {
|
||||
print $_,"\n";
|
||||
}
|
||||
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -1035,4 +1035,4 @@ foreach (split("\n",$code)) {
|
||||
|
||||
print $_,"\n";
|
||||
}
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -1456,4 +1456,4 @@ ___
|
||||
|
||||
$code =~ s/\`([^\`]*)\`/eval $1/gem;
|
||||
print $code;
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -1987,7 +1987,7 @@ $code.=<<___;
|
||||
|
||||
.Lxts_enc_done:
|
||||
stg $sp,$tweak+0($sp) # wipe tweak
|
||||
stg $sp,$twesk+8($sp)
|
||||
stg $sp,$tweak+8($sp)
|
||||
lm${g} %r6,$ra,6*$SIZE_T($sp)
|
||||
br $ra
|
||||
.size AES_xts_encrypt,.-AES_xts_encrypt
|
||||
@ -2267,7 +2267,7 @@ $code.=<<___;
|
||||
stg $sp,$tweak-16+8($sp)
|
||||
.Lxts_dec_done:
|
||||
stg $sp,$tweak+0($sp) # wipe tweak
|
||||
stg $sp,$twesk+8($sp)
|
||||
stg $sp,$tweak+8($sp)
|
||||
lm${g} %r6,$ra,6*$SIZE_T($sp)
|
||||
br $ra
|
||||
.size AES_xts_decrypt,.-AES_xts_decrypt
|
||||
@ -2279,4 +2279,4 @@ ___
|
||||
|
||||
$code =~ s/\`([^\`]*)\`/eval $1/gem;
|
||||
print $code;
|
||||
close STDOUT; # force flush
|
||||
close STDOUT or die "error closing STDOUT: $!"; # force flush
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -1189,4 +1189,4 @@ ___
|
||||
$code =~ s/fmovs.*$//gm;
|
||||
|
||||
print $code;
|
||||
close STDOUT; # ensure flush
|
||||
close STDOUT or die "error closing STDOUT: $!"; # ensure flush
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -1267,4 +1267,4 @@ foreach (split("\n",$code)) {
|
||||
print $_,"\n";
|
||||
}
|
||||
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
||||
$avx = ($1>=10) + ($1>=11);
|
||||
}
|
||||
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) {
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
|
||||
$avx = ($2>=3.0) + ($2>3.0);
|
||||
}
|
||||
|
||||
@ -1471,4 +1471,4 @@ $code =~ s/\`([^\`]*)\`/eval($1)/gem;
|
||||
$code =~ s/\b(aes.*%xmm[0-9]+).*$/aesni($1)/gem;
|
||||
|
||||
print $code;
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -108,7 +108,7 @@ $avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
|
||||
$avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
||||
`ml64 2>&1` =~ /Version ([0-9]+)\./ &&
|
||||
$1>=10);
|
||||
$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/ && $2>=3.0);
|
||||
$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/ && $2>=3.0);
|
||||
|
||||
$shaext=1; ### set to zero if compiling for 1.0.1
|
||||
|
||||
@ -133,6 +133,7 @@ $code.=<<___;
|
||||
.type aesni_cbc_sha1_enc,\@abi-omnipotent
|
||||
.align 32
|
||||
aesni_cbc_sha1_enc:
|
||||
.cfi_startproc
|
||||
# caller should check for SSSE3 and AES-NI bits
|
||||
mov OPENSSL_ia32cap_P+0(%rip),%r10d
|
||||
mov OPENSSL_ia32cap_P+4(%rip),%r11
|
||||
@ -151,6 +152,7 @@ ___
|
||||
$code.=<<___;
|
||||
jmp aesni_cbc_sha1_enc_ssse3
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size aesni_cbc_sha1_enc,.-aesni_cbc_sha1_enc
|
||||
___
|
||||
|
||||
@ -840,6 +842,7 @@ $code.=<<___;
|
||||
.type aesni256_cbc_sha1_dec,\@abi-omnipotent
|
||||
.align 32
|
||||
aesni256_cbc_sha1_dec:
|
||||
.cfi_startproc
|
||||
# caller should check for SSSE3 and AES-NI bits
|
||||
mov OPENSSL_ia32cap_P+0(%rip),%r10d
|
||||
mov OPENSSL_ia32cap_P+4(%rip),%r11d
|
||||
@ -854,6 +857,7 @@ ___
|
||||
$code.=<<___;
|
||||
jmp aesni256_cbc_sha1_dec_ssse3
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size aesni256_cbc_sha1_dec,.-aesni256_cbc_sha1_dec
|
||||
|
||||
.type aesni256_cbc_sha1_dec_ssse3,\@function,6
|
||||
@ -1760,6 +1764,7 @@ $code.=<<___;
|
||||
.type aesni_cbc_sha1_enc_shaext,\@function,6
|
||||
.align 32
|
||||
aesni_cbc_sha1_enc_shaext:
|
||||
.cfi_startproc
|
||||
mov `($win64?56:8)`(%rsp),$inp # load 7th argument
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
@ -1911,6 +1916,7 @@ $code.=<<___ if ($win64);
|
||||
___
|
||||
$code.=<<___;
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size aesni_cbc_sha1_enc_shaext,.-aesni_cbc_sha1_enc_shaext
|
||||
___
|
||||
}}}
|
||||
@ -2137,4 +2143,4 @@ foreach (split("\n",$code)) {
|
||||
|
||||
print $_,"\n";
|
||||
}
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
|
||||
$avx = ($1>=10) + ($1>=12);
|
||||
}
|
||||
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) {
|
||||
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
|
||||
$avx = ($2>=3.0) + ($2>3.0);
|
||||
}
|
||||
|
||||
@ -123,6 +123,7 @@ $code=<<___;
|
||||
.type $func,\@abi-omnipotent
|
||||
.align 16
|
||||
$func:
|
||||
.cfi_startproc
|
||||
___
|
||||
if ($avx) {
|
||||
$code.=<<___;
|
||||
@ -162,6 +163,7 @@ $code.=<<___;
|
||||
ud2
|
||||
.Lprobe:
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size $func,.-$func
|
||||
|
||||
.align 64
|
||||
@ -1084,7 +1086,23 @@ $code.=<<___;
|
||||
vmovdqa $t0,0x00(%rsp)
|
||||
xor $a1,$a1
|
||||
vmovdqa $t1,0x20(%rsp)
|
||||
___
|
||||
$code.=<<___ if (!$win64);
|
||||
# temporarily use %rsi as frame pointer
|
||||
mov $_rsp,%rsi
|
||||
.cfi_def_cfa %rsi,8
|
||||
___
|
||||
$code.=<<___;
|
||||
lea -$PUSH8(%rsp),%rsp
|
||||
___
|
||||
$code.=<<___ if (!$win64);
|
||||
# the frame info is at $_rsp, but the stack is moving...
|
||||
# so a second frame pointer is saved at -8(%rsp)
|
||||
# that is in the red zone
|
||||
mov %rsi,-8(%rsp)
|
||||
.cfi_cfa_expression %rsp-8,deref,+8
|
||||
___
|
||||
$code.=<<___;
|
||||
mov $B,$a3
|
||||
vmovdqa $t2,0x00(%rsp)
|
||||
xor $C,$a3 # magic
|
||||
@ -1106,7 +1124,17 @@ my @X = @_;
|
||||
my @insns = (&$body,&$body,&$body,&$body); # 96 instructions
|
||||
my $base = "+2*$PUSH8(%rsp)";
|
||||
|
||||
&lea ("%rsp","-$PUSH8(%rsp)") if (($j%2)==0);
|
||||
if (($j%2)==0) {
|
||||
&lea ("%rsp","-$PUSH8(%rsp)");
|
||||
$code.=<<___ if (!$win64);
|
||||
.cfi_cfa_expression %rsp+`$PUSH8-8`,deref,+8
|
||||
# copy secondary frame pointer to new location again at -8(%rsp)
|
||||
pushq $PUSH8-8(%rsp)
|
||||
.cfi_cfa_expression %rsp,deref,+8
|
||||
lea 8(%rsp),%rsp
|
||||
.cfi_cfa_expression %rsp-8,deref,+8
|
||||
___
|
||||
}
|
||||
foreach (Xupdate_256_AVX()) { # 29 instructions
|
||||
eval;
|
||||
eval(shift(@insns));
|
||||
@ -1232,26 +1260,28 @@ $code.=<<___;
|
||||
|
||||
jbe .Loop_avx2
|
||||
lea (%rsp),$Tbl
|
||||
# temporarily use $Tbl as index to $_rsp
|
||||
# this avoids the need to save a secondary frame pointer at -8(%rsp)
|
||||
.cfi_cfa_expression $Tbl+`16*$SZ+7*8`,deref,+8
|
||||
|
||||
.Ldone_avx2:
|
||||
lea ($Tbl),%rsp
|
||||
mov $_ivp,$ivp
|
||||
mov $_rsp,%rsi
|
||||
mov 16*$SZ+4*8($Tbl),$ivp
|
||||
mov 16*$SZ+7*8($Tbl),%rsi
|
||||
.cfi_def_cfa %rsi,8
|
||||
vmovdqu $iv,($ivp) # output IV
|
||||
vzeroall
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
movaps `$framesz+16*0`(%rsp),%xmm6
|
||||
movaps `$framesz+16*1`(%rsp),%xmm7
|
||||
movaps `$framesz+16*2`(%rsp),%xmm8
|
||||
movaps `$framesz+16*3`(%rsp),%xmm9
|
||||
movaps `$framesz+16*4`(%rsp),%xmm10
|
||||
movaps `$framesz+16*5`(%rsp),%xmm11
|
||||
movaps `$framesz+16*6`(%rsp),%xmm12
|
||||
movaps `$framesz+16*7`(%rsp),%xmm13
|
||||
movaps `$framesz+16*8`(%rsp),%xmm14
|
||||
movaps `$framesz+16*9`(%rsp),%xmm15
|
||||
movaps `$framesz+16*0`($Tbl),%xmm6
|
||||
movaps `$framesz+16*1`($Tbl),%xmm7
|
||||
movaps `$framesz+16*2`($Tbl),%xmm8
|
||||
movaps `$framesz+16*3`($Tbl),%xmm9
|
||||
movaps `$framesz+16*4`($Tbl),%xmm10
|
||||
movaps `$framesz+16*5`($Tbl),%xmm11
|
||||
movaps `$framesz+16*6`($Tbl),%xmm12
|
||||
movaps `$framesz+16*7`($Tbl),%xmm13
|
||||
movaps `$framesz+16*8`($Tbl),%xmm14
|
||||
movaps `$framesz+16*9`($Tbl),%xmm15
|
||||
___
|
||||
$code.=<<___;
|
||||
mov -48(%rsi),%r15
|
||||
@ -1339,6 +1369,7 @@ $code.=<<___;
|
||||
.type ${func}_shaext,\@function,6
|
||||
.align 32
|
||||
${func}_shaext:
|
||||
.cfi_startproc
|
||||
mov `($win64?56:8)`(%rsp),$inp # load 7th argument
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
@ -1555,6 +1586,7 @@ $code.=<<___ if ($win64);
|
||||
___
|
||||
$code.=<<___;
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size ${func}_shaext,.-${func}_shaext
|
||||
___
|
||||
}
|
||||
@ -1767,4 +1799,4 @@ sub rex {
|
||||
$code =~ s/\`([^\`]*)\`/eval $1/gem;
|
||||
$code =~ s/\b(sha256[^\s]*)\s+(.*)/sha256op38($1,$2)/gem;
|
||||
print $code;
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -3412,4 +3412,4 @@ my ($l_,$block,$i1,$i3,$i5) = ($rounds_,$key_,$rounds,$len,$out);
|
||||
|
||||
&asm_finish();
|
||||
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2009-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -59,7 +59,7 @@
|
||||
# nothing one can do and the result appears optimal. CCM result is
|
||||
# identical to CBC, because CBC-MAC is essentially CBC encrypt without
|
||||
# saving output. CCM CTR "stays invisible," because it's neatly
|
||||
# interleaved wih CBC-MAC. This provides ~30% improvement over
|
||||
# interleaved with CBC-MAC. This provides ~30% improvement over
|
||||
# "straightforward" CCM implementation with CTR and CBC-MAC performed
|
||||
# disjointly. Parallelizable modes practically achieve the theoretical
|
||||
# limit.
|
||||
@ -984,6 +984,7 @@ $code.=<<___;
|
||||
.type aesni_ccm64_encrypt_blocks,\@function,6
|
||||
.align 16
|
||||
aesni_ccm64_encrypt_blocks:
|
||||
.cfi_startproc
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
lea -0x58(%rsp),%rsp
|
||||
@ -1066,6 +1067,7 @@ $code.=<<___ if ($win64);
|
||||
___
|
||||
$code.=<<___;
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size aesni_ccm64_encrypt_blocks,.-aesni_ccm64_encrypt_blocks
|
||||
___
|
||||
######################################################################
|
||||
@ -1074,6 +1076,7 @@ $code.=<<___;
|
||||
.type aesni_ccm64_decrypt_blocks,\@function,6
|
||||
.align 16
|
||||
aesni_ccm64_decrypt_blocks:
|
||||
.cfi_startproc
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
lea -0x58(%rsp),%rsp
|
||||
@ -1173,6 +1176,7 @@ $code.=<<___ if ($win64);
|
||||
___
|
||||
$code.=<<___;
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size aesni_ccm64_decrypt_blocks,.-aesni_ccm64_decrypt_blocks
|
||||
___
|
||||
}
|
||||
@ -2339,7 +2343,7 @@ $code.=<<___;
|
||||
movdqu `16*0`($inp),$inout0 # load input
|
||||
movdqa $rndkey0,$twmask
|
||||
movdqu `16*1`($inp),$inout1
|
||||
pxor @tweak[0],$inout0 # intput^=tweak^round[0]
|
||||
pxor @tweak[0],$inout0 # input^=tweak^round[0]
|
||||
movdqu `16*2`($inp),$inout2
|
||||
pxor @tweak[1],$inout1
|
||||
aesdec $rndkey1,$inout0
|
||||
@ -3031,6 +3035,7 @@ $code.=<<___;
|
||||
.type __ocb_encrypt6,\@abi-omnipotent
|
||||
.align 32
|
||||
__ocb_encrypt6:
|
||||
.cfi_startproc
|
||||
pxor $rndkey0l,@offset[5] # offset_i ^ round[0]
|
||||
movdqu ($L_p,$i1),@offset[1]
|
||||
movdqa @offset[0],@offset[2]
|
||||
@ -3128,11 +3133,13 @@ __ocb_encrypt6:
|
||||
aesenclast @offset[4],$inout4
|
||||
aesenclast @offset[5],$inout5
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size __ocb_encrypt6,.-__ocb_encrypt6
|
||||
|
||||
.type __ocb_encrypt4,\@abi-omnipotent
|
||||
.align 32
|
||||
__ocb_encrypt4:
|
||||
.cfi_startproc
|
||||
pxor $rndkey0l,@offset[5] # offset_i ^ round[0]
|
||||
movdqu ($L_p,$i1),@offset[1]
|
||||
movdqa @offset[0],@offset[2]
|
||||
@ -3197,11 +3204,13 @@ __ocb_encrypt4:
|
||||
aesenclast @offset[2],$inout2
|
||||
aesenclast @offset[3],$inout3
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size __ocb_encrypt4,.-__ocb_encrypt4
|
||||
|
||||
.type __ocb_encrypt1,\@abi-omnipotent
|
||||
.align 32
|
||||
__ocb_encrypt1:
|
||||
.cfi_startproc
|
||||
pxor @offset[5],$inout5 # offset_i
|
||||
pxor $rndkey0l,$inout5 # offset_i ^ round[0]
|
||||
pxor $inout0,$checksum # accumulate checksum
|
||||
@ -3232,6 +3241,7 @@ __ocb_encrypt1:
|
||||
|
||||
aesenclast $inout5,$inout0
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size __ocb_encrypt1,.-__ocb_encrypt1
|
||||
|
||||
.globl aesni_ocb_decrypt
|
||||
@ -3513,6 +3523,7 @@ $code.=<<___;
|
||||
.type __ocb_decrypt6,\@abi-omnipotent
|
||||
.align 32
|
||||
__ocb_decrypt6:
|
||||
.cfi_startproc
|
||||
pxor $rndkey0l,@offset[5] # offset_i ^ round[0]
|
||||
movdqu ($L_p,$i1),@offset[1]
|
||||
movdqa @offset[0],@offset[2]
|
||||
@ -3604,11 +3615,13 @@ __ocb_decrypt6:
|
||||
aesdeclast @offset[4],$inout4
|
||||
aesdeclast @offset[5],$inout5
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size __ocb_decrypt6,.-__ocb_decrypt6
|
||||
|
||||
.type __ocb_decrypt4,\@abi-omnipotent
|
||||
.align 32
|
||||
__ocb_decrypt4:
|
||||
.cfi_startproc
|
||||
pxor $rndkey0l,@offset[5] # offset_i ^ round[0]
|
||||
movdqu ($L_p,$i1),@offset[1]
|
||||
movdqa @offset[0],@offset[2]
|
||||
@ -3669,11 +3682,13 @@ __ocb_decrypt4:
|
||||
aesdeclast @offset[2],$inout2
|
||||
aesdeclast @offset[3],$inout3
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size __ocb_decrypt4,.-__ocb_decrypt4
|
||||
|
||||
.type __ocb_decrypt1,\@abi-omnipotent
|
||||
.align 32
|
||||
__ocb_decrypt1:
|
||||
.cfi_startproc
|
||||
pxor @offset[5],$inout5 # offset_i
|
||||
pxor $rndkey0l,$inout5 # offset_i ^ round[0]
|
||||
pxor $inout5,$inout0 # input ^ round[0] ^ offset_i
|
||||
@ -3703,6 +3718,7 @@ __ocb_decrypt1:
|
||||
|
||||
aesdeclast $inout5,$inout0
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size __ocb_decrypt1,.-__ocb_decrypt1
|
||||
___
|
||||
} }}
|
||||
@ -4637,7 +4653,6 @@ __aesni_set_encrypt_key:
|
||||
add \$8,%rsp
|
||||
.cfi_adjust_cfa_offset -8
|
||||
ret
|
||||
.cfi_endproc
|
||||
.LSEH_end_set_encrypt_key:
|
||||
|
||||
.align 16
|
||||
@ -4708,6 +4723,7 @@ __aesni_set_encrypt_key:
|
||||
shufps \$0b10101010,%xmm1,%xmm1 # critical path
|
||||
xorps %xmm1,%xmm2
|
||||
ret
|
||||
.cfi_endproc
|
||||
.size ${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key
|
||||
.size __aesni_set_encrypt_key,.-__aesni_set_encrypt_key
|
||||
___
|
||||
@ -4812,7 +4828,7 @@ ctr_xts_se_handler:
|
||||
mov 56($disp),%r11 # disp->HandlerData
|
||||
|
||||
mov 0(%r11),%r10d # HandlerData[0]
|
||||
lea (%rsi,%r10),%r10 # prologue lable
|
||||
lea (%rsi,%r10),%r10 # prologue label
|
||||
cmp %r10,%rbx # context->Rip<prologue label
|
||||
jb .Lcommon_seh_tail
|
||||
|
||||
@ -4856,7 +4872,7 @@ ocb_se_handler:
|
||||
mov 56($disp),%r11 # disp->HandlerData
|
||||
|
||||
mov 0(%r11),%r10d # HandlerData[0]
|
||||
lea (%rsi,%r10),%r10 # prologue lable
|
||||
lea (%rsi,%r10),%r10 # prologue label
|
||||
cmp %r10,%rbx # context->Rip<prologue label
|
||||
jb .Lcommon_seh_tail
|
||||
|
||||
@ -5138,4 +5154,4 @@ $code =~ s/\bmovbe\s+%eax,\s*([0-9]+)\(%rsp\)/movbe($1)/gem;
|
||||
|
||||
print $code;
|
||||
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2014-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -3804,4 +3804,4 @@ foreach(split("\n",$code)) {
|
||||
print $_,"\n";
|
||||
}
|
||||
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -926,4 +926,4 @@ ___
|
||||
|
||||
&emit_assembler();
|
||||
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2014-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -1008,4 +1008,4 @@ if ($flavour =~ /64/) { ######## 64-bit code
|
||||
}
|
||||
}
|
||||
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -2488,4 +2488,4 @@ close SELF;
|
||||
|
||||
print $code;
|
||||
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -1274,4 +1274,4 @@ ___
|
||||
} }
|
||||
print $code;
|
||||
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -1591,4 +1591,4 @@ foreach (split("\n",$code)) {
|
||||
print $_,"\n";
|
||||
}
|
||||
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -913,4 +913,4 @@ $k_dsbo=0x2c0; # decryption sbox final output
|
||||
|
||||
&asm_finish();
|
||||
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -1238,4 +1238,4 @@ $code =~ s/\`([^\`]*)\`/eval($1)/gem;
|
||||
|
||||
print $code;
|
||||
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -19,7 +19,7 @@
|
||||
*/
|
||||
|
||||
#include <openssl/e_os2.h>
|
||||
#include "internal/aria.h"
|
||||
#include "crypto/aria.h"
|
||||
|
||||
#include <assert.h>
|
||||
#include <string.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -144,4 +144,4 @@ CRYPTO_memcmp:
|
||||
___
|
||||
|
||||
print $code;
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -7,8 +7,8 @@
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef __ARM_ARCH_H__
|
||||
# define __ARM_ARCH_H__
|
||||
#ifndef OSSL_CRYPTO_ARM_ARCH_H
|
||||
# define OSSL_CRYPTO_ARM_ARCH_H
|
||||
|
||||
# if !defined(__ARM_ARCH__)
|
||||
# if defined(__CC_ARM)
|
||||
|
@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@ -293,4 +293,4 @@ atomic_add_spinlock:
|
||||
___
|
||||
|
||||
print $code;
|
||||
close STDOUT;
|
||||
close STDOUT or die "error closing STDOUT: $!";
|
||||
|
@ -11,7 +11,7 @@
|
||||
#include <stdio.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/asn1.h>
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
|
||||
{
|
||||
|
@ -13,7 +13,7 @@
|
||||
#include "internal/numbers.h"
|
||||
#include <openssl/buffer.h>
|
||||
#include <openssl/asn1.h>
|
||||
#include "internal/asn1_int.h"
|
||||
#include "crypto/asn1.h"
|
||||
|
||||
#ifndef NO_OLD_ASN1
|
||||
# ifndef OPENSSL_NO_STDIO
|
||||
|
@ -15,7 +15,7 @@
|
||||
#include <time.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/asn1.h>
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
/* This is the primary function used to parse ASN1_GENERALIZEDTIME */
|
||||
int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
|
||||
|
@ -13,7 +13,7 @@
|
||||
#include <limits.h>
|
||||
#include <openssl/asn1.h>
|
||||
#include <openssl/bn.h>
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)
|
||||
{
|
||||
|
@ -8,7 +8,7 @@
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include "internal/ctype.h"
|
||||
#include "crypto/ctype.h"
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/asn1.h>
|
||||
|
||||
|
@ -9,14 +9,14 @@
|
||||
|
||||
#include <stdio.h>
|
||||
#include <limits.h>
|
||||
#include "internal/ctype.h"
|
||||
#include "crypto/ctype.h"
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/buffer.h>
|
||||
#include <openssl/asn1.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/bn.h>
|
||||
#include "internal/asn1_int.h"
|
||||
#include "asn1_locl.h"
|
||||
#include "crypto/asn1.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp)
|
||||
{
|
||||
|
@ -8,7 +8,7 @@
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include "internal/ctype.h"
|
||||
#include "crypto/ctype.h"
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/asn1.h>
|
||||
|
||||
|
@ -18,8 +18,8 @@
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/buffer.h>
|
||||
#include "internal/asn1_int.h"
|
||||
#include "internal/evp_int.h"
|
||||
#include "crypto/asn1.h"
|
||||
#include "crypto/evp.h"
|
||||
|
||||
#ifndef NO_ASN1_OLD
|
||||
|
||||
|
@ -10,7 +10,7 @@
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include "internal/asn1_int.h"
|
||||
#include "crypto/asn1.h"
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/asn1.h>
|
||||
|
@ -16,10 +16,10 @@
|
||||
|
||||
#include <stdio.h>
|
||||
#include <time.h>
|
||||
#include "internal/ctype.h"
|
||||
#include "crypto/ctype.h"
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/asn1t.h>
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
|
||||
|
||||
|
@ -11,7 +11,7 @@
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/asn1t.h>
|
||||
#include <openssl/objects.h>
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
int ASN1_TYPE_get(const ASN1_TYPE *a)
|
||||
{
|
||||
|
@ -11,7 +11,7 @@
|
||||
#include <time.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/asn1.h>
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
/* This is the primary function used to parse ASN1_UTCTIME */
|
||||
int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d)
|
||||
|
@ -18,8 +18,8 @@
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/buffer.h>
|
||||
#include <openssl/evp.h>
|
||||
#include "internal/asn1_int.h"
|
||||
#include "internal/evp_int.h"
|
||||
#include "crypto/asn1.h"
|
||||
#include "crypto/evp.h"
|
||||
|
||||
#ifndef NO_ASN1_OLD
|
||||
|
||||
|
@ -13,8 +13,8 @@
|
||||
#include <openssl/asn1t.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/engine.h>
|
||||
#include "internal/asn1_int.h"
|
||||
#include "internal/evp_int.h"
|
||||
#include "crypto/asn1.h"
|
||||
#include "crypto/evp.h"
|
||||
|
||||
#include "standard_methods.h"
|
||||
|
||||
|
@ -11,7 +11,7 @@
|
||||
#include <limits.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/asn1.h>
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
|
||||
long max);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -75,6 +75,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
|
||||
int nl, hl, j, r;
|
||||
ASN1_OBJECT *o = NULL;
|
||||
ASN1_OCTET_STRING *os = NULL;
|
||||
ASN1_INTEGER *ai = NULL;
|
||||
ASN1_ENUMERATED *ae = NULL;
|
||||
/* ASN1_BMPSTRING *bmp=NULL; */
|
||||
int dump_indent, dump_cont = 0;
|
||||
|
||||
@ -250,22 +252,21 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
|
||||
ASN1_OCTET_STRING_free(os);
|
||||
os = NULL;
|
||||
} else if (tag == V_ASN1_INTEGER) {
|
||||
ASN1_INTEGER *bs;
|
||||
int i;
|
||||
|
||||
opp = op;
|
||||
bs = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
|
||||
if (bs != NULL) {
|
||||
ai = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
|
||||
if (ai != NULL) {
|
||||
if (BIO_write(bp, ":", 1) <= 0)
|
||||
goto end;
|
||||
if (bs->type == V_ASN1_NEG_INTEGER)
|
||||
if (ai->type == V_ASN1_NEG_INTEGER)
|
||||
if (BIO_write(bp, "-", 1) <= 0)
|
||||
goto end;
|
||||
for (i = 0; i < bs->length; i++) {
|
||||
if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
|
||||
for (i = 0; i < ai->length; i++) {
|
||||
if (BIO_printf(bp, "%02X", ai->data[i]) <= 0)
|
||||
goto end;
|
||||
}
|
||||
if (bs->length == 0) {
|
||||
if (ai->length == 0) {
|
||||
if (BIO_write(bp, "00", 2) <= 0)
|
||||
goto end;
|
||||
}
|
||||
@ -274,24 +275,24 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
|
||||
goto end;
|
||||
dump_cont = 1;
|
||||
}
|
||||
ASN1_INTEGER_free(bs);
|
||||
ASN1_INTEGER_free(ai);
|
||||
ai = NULL;
|
||||
} else if (tag == V_ASN1_ENUMERATED) {
|
||||
ASN1_ENUMERATED *bs;
|
||||
int i;
|
||||
|
||||
opp = op;
|
||||
bs = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
|
||||
if (bs != NULL) {
|
||||
ae = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
|
||||
if (ae != NULL) {
|
||||
if (BIO_write(bp, ":", 1) <= 0)
|
||||
goto end;
|
||||
if (bs->type == V_ASN1_NEG_ENUMERATED)
|
||||
if (ae->type == V_ASN1_NEG_ENUMERATED)
|
||||
if (BIO_write(bp, "-", 1) <= 0)
|
||||
goto end;
|
||||
for (i = 0; i < bs->length; i++) {
|
||||
if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
|
||||
for (i = 0; i < ae->length; i++) {
|
||||
if (BIO_printf(bp, "%02X", ae->data[i]) <= 0)
|
||||
goto end;
|
||||
}
|
||||
if (bs->length == 0) {
|
||||
if (ae->length == 0) {
|
||||
if (BIO_write(bp, "00", 2) <= 0)
|
||||
goto end;
|
||||
}
|
||||
@ -300,7 +301,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
|
||||
goto end;
|
||||
dump_cont = 1;
|
||||
}
|
||||
ASN1_ENUMERATED_free(bs);
|
||||
ASN1_ENUMERATED_free(ae);
|
||||
ae = NULL;
|
||||
} else if (len > 0 && dump) {
|
||||
if (!nl) {
|
||||
if (BIO_write(bp, "\n", 1) <= 0)
|
||||
@ -341,6 +343,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
|
||||
end:
|
||||
ASN1_OBJECT_free(o);
|
||||
ASN1_OCTET_STRING_free(os);
|
||||
ASN1_INTEGER_free(ai);
|
||||
ASN1_ENUMERATED_free(ae);
|
||||
*pp = p;
|
||||
return ret;
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@ -8,15 +8,15 @@
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include "internal/ctype.h"
|
||||
#include "crypto/ctype.h"
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/asn1.h>
|
||||
#include <openssl/asn1t.h>
|
||||
#include "internal/evp_int.h"
|
||||
#include "crypto/evp.h"
|
||||
#include "internal/bio.h"
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
/*
|
||||
* Generalised MIME like utilities for streaming ASN1. Although many have a
|
||||
@ -198,6 +198,14 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
|
||||
BIO_puts(out, "gostr3411-94");
|
||||
goto err;
|
||||
|
||||
case NID_id_GostR3411_2012_256:
|
||||
BIO_puts(out, "gostr3411-2012-256");
|
||||
goto err;
|
||||
|
||||
case NID_id_GostR3411_2012_512:
|
||||
BIO_puts(out, "gostr3411-2012-512");
|
||||
goto err;
|
||||
|
||||
default:
|
||||
if (have_unknown)
|
||||
write_comma = 0;
|
||||
|
@ -8,13 +8,13 @@
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include "internal/ctype.h"
|
||||
#include "crypto/ctype.h"
|
||||
#include <openssl/crypto.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/x509.h>
|
||||
#include "internal/asn1_int.h"
|
||||
#include "internal/objects.h"
|
||||
#include "crypto/asn1.h"
|
||||
#include "crypto/objects.h"
|
||||
|
||||
/* Simple ASN1 OID module: add all objects in a given section */
|
||||
|
||||
|
@ -2,7 +2,7 @@
|
||||
* WARNING: do not edit!
|
||||
* Generated by crypto/asn1/charmap.pl
|
||||
*
|
||||
* Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
|
@ -15,8 +15,8 @@
|
||||
#include <openssl/engine.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/asn1.h>
|
||||
#include "internal/asn1_int.h"
|
||||
#include "internal/evp_int.h"
|
||||
#include "crypto/asn1.h"
|
||||
#include "crypto/evp.h"
|
||||
|
||||
EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
|
||||
long length)
|
||||
|
@ -17,7 +17,7 @@
|
||||
#include <openssl/dsa.h>
|
||||
#include <openssl/ec.h>
|
||||
|
||||
#include "internal/evp_int.h"
|
||||
#include "crypto/evp.h"
|
||||
|
||||
EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
|
||||
long length)
|
||||
|
@ -8,7 +8,7 @@
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include "internal/ctype.h"
|
||||
#include "crypto/ctype.h"
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/buffer.h>
|
||||
#include <openssl/asn1.h>
|
||||
|
@ -8,7 +8,7 @@
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include "internal/ctype.h"
|
||||
#include "crypto/ctype.h"
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/buffer.h>
|
||||
#include <openssl/asn1.h>
|
||||
|
@ -11,8 +11,8 @@
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/x509.h>
|
||||
#include "internal/asn1_int.h"
|
||||
#include "internal/evp_int.h"
|
||||
#include "crypto/asn1.h"
|
||||
#include "crypto/evp.h"
|
||||
|
||||
int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
|
||||
{
|
||||
|
@ -11,7 +11,7 @@
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/asn1t.h>
|
||||
#include <openssl/x509.h>
|
||||
#include "internal/x509_int.h"
|
||||
#include "crypto/x509.h"
|
||||
|
||||
/* Minor tweak to operation: zero private key data */
|
||||
static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
||||
|
@ -11,7 +11,7 @@
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/buffer.h>
|
||||
#include "internal/bn_int.h"
|
||||
#include "crypto/bn.h"
|
||||
|
||||
/* Number of octets per line */
|
||||
#define ASN1_BUF_PRINT_WIDTH 15
|
||||
|
@ -15,7 +15,7 @@
|
||||
#include <openssl/buffer.h>
|
||||
#include <openssl/err.h>
|
||||
#include "internal/numbers.h"
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
|
||||
/*
|
||||
|
@ -13,8 +13,8 @@
|
||||
#include <openssl/asn1.h>
|
||||
#include <openssl/asn1t.h>
|
||||
#include <openssl/objects.h>
|
||||
#include "internal/asn1_int.h"
|
||||
#include "asn1_locl.h"
|
||||
#include "crypto/asn1.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
|
||||
const ASN1_ITEM *it, int tag, int aclass);
|
||||
|
@ -11,7 +11,7 @@
|
||||
#include <openssl/asn1.h>
|
||||
#include <openssl/asn1t.h>
|
||||
#include <openssl/objects.h>
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
/* Free up an ASN1 structure */
|
||||
|
||||
|
@ -13,7 +13,7 @@
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/asn1t.h>
|
||||
#include <string.h>
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
static int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
|
||||
int embed);
|
||||
|
@ -15,8 +15,8 @@
|
||||
#include <openssl/buffer.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/x509v3.h>
|
||||
#include "internal/asn1_int.h"
|
||||
#include "asn1_locl.h"
|
||||
#include "crypto/asn1.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
/*
|
||||
* Print routines.
|
||||
|
@ -15,7 +15,7 @@
|
||||
#include <openssl/buffer.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/x509v3.h>
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
/*
|
||||
* General ASN1 structure recursive scanner: iterate through all fields
|
||||
|
@ -15,7 +15,7 @@
|
||||
#include <openssl/asn1t.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/err.h>
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
/* Utility functions for manipulating fields and offsets */
|
||||
|
||||
|
@ -11,7 +11,7 @@
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/asn1.h>
|
||||
#include <openssl/asn1t.h>
|
||||
#include "internal/evp_int.h"
|
||||
#include "crypto/evp.h"
|
||||
|
||||
ASN1_SEQUENCE(X509_ALGOR) = {
|
||||
ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT),
|
||||
|
@ -82,7 +82,7 @@ static int bn_secure_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
|
||||
|
||||
static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
|
||||
{
|
||||
if (!*pval)
|
||||
if (*pval == NULL)
|
||||
return;
|
||||
if (it->size & BN_SENSITIVE)
|
||||
BN_clear_free((BIGNUM *)*pval);
|
||||
@ -96,7 +96,7 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
|
||||
{
|
||||
BIGNUM *bn;
|
||||
int pad;
|
||||
if (!*pval)
|
||||
if (*pval == NULL)
|
||||
return -1;
|
||||
bn = (BIGNUM *)*pval;
|
||||
/* If MSB set in an octet we need a padding byte */
|
||||
@ -133,7 +133,7 @@ static int bn_secure_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
|
||||
int ret;
|
||||
BIGNUM *bn;
|
||||
|
||||
if (!*pval && !bn_secure_new(pval, it))
|
||||
if (*pval == NULL && !bn_secure_new(pval, it))
|
||||
return 0;
|
||||
|
||||
ret = bn_c2i(pval, cont, len, utype, free_cont, it);
|
||||
|
@ -12,7 +12,7 @@
|
||||
#include "internal/numbers.h"
|
||||
#include <openssl/asn1t.h>
|
||||
#include <openssl/bn.h>
|
||||
#include "asn1_locl.h"
|
||||
#include "asn1_local.h"
|
||||
|
||||
/*
|
||||
* Custom primitive types for handling int32_t, int64_t, uint32_t, uint64_t.
|
||||
|
@ -11,7 +11,7 @@
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/asn1t.h>
|
||||
#include <openssl/x509.h>
|
||||
#include "internal/x509_int.h"
|
||||
#include "crypto/x509.h"
|
||||
|
||||
ASN1_SEQUENCE(X509_SIG) = {
|
||||
ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR),
|
||||
|
@ -8,7 +8,7 @@
|
||||
*/
|
||||
|
||||
/* This must be the first #include file */
|
||||
#include "../async_locl.h"
|
||||
#include "../async_local.h"
|
||||
|
||||
#ifdef ASYNC_NULL
|
||||
int ASYNC_is_capable(void)
|
||||
|
@ -8,7 +8,7 @@
|
||||
*/
|
||||
|
||||
/* This must be the first #include file */
|
||||
#include "../async_locl.h"
|
||||
#include "../async_local.h"
|
||||
|
||||
#ifdef ASYNC_POSIX
|
||||
|
||||
|
@ -7,8 +7,8 @@
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef OPENSSL_ASYNC_ARCH_ASYNC_POSIX_H
|
||||
#define OPENSSL_ASYNC_ARCH_ASYNC_POSIX_H
|
||||
#ifndef OSSL_CRYPTO_ASYNC_POSIX_H
|
||||
#define OSSL_CRYPTO_ASYNC_POSIX_H
|
||||
#include <openssl/e_os2.h>
|
||||
|
||||
#if defined(OPENSSL_SYS_UNIX) \
|
||||
@ -55,4 +55,4 @@ void async_fibre_free(async_fibre *fibre);
|
||||
|
||||
# endif
|
||||
#endif
|
||||
#endif /* OPENSSL_ASYNC_ARCH_ASYNC_POSIX_H */
|
||||
#endif /* OSSL_CRYPTO_ASYNC_POSIX_H */
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user