diff -Nru openssl-3.0.0/apps/cmp.c openssl-3.0.1/apps/cmp.c --- openssl-3.0.0/apps/cmp.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/cmp.c 2021-12-14 17:16:25.000000000 +0100 @@ -9,6 +9,8 @@ * https://www.openssl.org/source/license.html */ +/* This app is disabled when OPENSSL_NO_CMP is defined. */ + #include #include @@ -66,12 +68,13 @@ } cmp_cmd_t; /* message transfer */ +#ifndef OPENSSL_NO_SOCK static char *opt_server = NULL; -static char server_port[32] = { '\0' }; -static char *opt_path = NULL; static char *opt_proxy = NULL; static char *opt_no_proxy = NULL; +#endif static char *opt_recipient = NULL; +static char *opt_path = NULL; static int opt_keep_alive = 1; static int opt_msg_timeout = -1; static int opt_total_timeout = -1; @@ -137,6 +140,7 @@ static char *opt_otherpass = NULL; static char *opt_engine = NULL; +#ifndef OPENSSL_NO_SOCK /* TLS connection */ static int opt_tls_used = 0; static char *opt_tls_cert = NULL; @@ -145,6 +149,7 @@ static char *opt_tls_extra = NULL; static char *opt_tls_trusted = NULL; static char *opt_tls_host = NULL; +#endif /* client-side debugging */ static int opt_batch = 0; @@ -157,9 +162,10 @@ static int opt_use_mock_srv = 0; /* server-side debugging */ +#ifndef OPENSSL_NO_SOCK static char *opt_port = NULL; static int opt_max_msgs = 0; - +#endif static char *opt_srv_ref = NULL; static char *opt_srv_secret = NULL; static char *opt_srv_cert = NULL; @@ -204,8 +210,10 @@ OPT_OLDCERT, OPT_REVREASON, - OPT_SERVER, OPT_PATH, OPT_PROXY, OPT_NO_PROXY, - OPT_RECIPIENT, +#ifndef OPENSSL_NO_SOCK + OPT_SERVER, OPT_PROXY, OPT_NO_PROXY, +#endif + OPT_RECIPIENT, OPT_PATH, OPT_KEEP_ALIVE, OPT_MSG_TIMEOUT, OPT_TOTAL_TIMEOUT, OPT_TRUSTED, OPT_UNTRUSTED, OPT_SRVCERT, @@ -225,15 +233,19 @@ OPT_PROV_ENUM, OPT_R_ENUM, +#ifndef OPENSSL_NO_SOCK OPT_TLS_USED, OPT_TLS_CERT, OPT_TLS_KEY, OPT_TLS_KEYPASS, OPT_TLS_EXTRA, OPT_TLS_TRUSTED, OPT_TLS_HOST, +#endif OPT_BATCH, OPT_REPEAT, OPT_REQIN, OPT_REQIN_NEW_TID, OPT_REQOUT, OPT_RSPIN, OPT_RSPOUT, OPT_USE_MOCK_SRV, +#ifndef OPENSSL_NO_SOCK OPT_PORT, OPT_MAX_MSGS, +#endif OPT_SRV_REF, OPT_SRV_SECRET, OPT_SRV_CERT, OPT_SRV_KEY, OPT_SRV_KEYPASS, OPT_SRV_TRUSTED, OPT_SRV_UNTRUSTED, @@ -331,20 +343,25 @@ "0..6, 8..10 (see RFC5280, 5.3.1) or -1. Default -1 = none included"}, OPT_SECTION("Message transfer"), +#ifdef OPENSSL_NO_SOCK + {OPT_MORE_STR, 0, 0, + "NOTE: -server, -proxy, and -no_proxy not supported due to no-sock build"}, +#else {"server", OPT_SERVER, 's', "[http[s]://]address[:port][/path] of CMP server. Default port 80 or 443."}, {OPT_MORE_STR, 0, 0, "address may be a DNS name or an IP address; path can be overridden by -path"}, - {"path", OPT_PATH, 's', - "HTTP path (aka CMP alias) at the CMP server. Default from -server, else \"/\""}, {"proxy", OPT_PROXY, 's', "[http[s]://]address[:port][/path] of HTTP(S) proxy to use; path is ignored"}, {"no_proxy", OPT_NO_PROXY, 's', "List of addresses of servers not to use HTTP(S) proxy for"}, {OPT_MORE_STR, 0, 0, "Default from environment variable 'no_proxy', else 'NO_PROXY', else none"}, +#endif {"recipient", OPT_RECIPIENT, 's', "DN of CA. Default: subject of -srvcert, -issuer, issuer of -oldcert or -cert"}, + {"path", OPT_PATH, 's', + "HTTP path (aka CMP alias) at the CMP server. Default from -server, else \"/\""}, {"keep_alive", OPT_KEEP_ALIVE, 'N', "Persistent HTTP connections. 0: no, 1 (the default): request, 2: require"}, {"msg_timeout", OPT_MSG_TIMEOUT, 'N', @@ -419,6 +436,10 @@ OPT_R_OPTIONS, OPT_SECTION("TLS connection"), +#ifdef OPENSSL_NO_SOCK + {OPT_MORE_STR, 0, 0, + "NOTE: -tls_used and all other TLS options not supported due to no-sock build"}, +#else {"tls_used", OPT_TLS_USED, '-', "Enable using TLS (also when other TLS options are not set)"}, {"tls_cert", OPT_TLS_CERT, 's', @@ -434,6 +455,7 @@ {OPT_MORE_STR, 0, 0, "this implies host name validation"}, {"tls_host", OPT_TLS_HOST, 's', "Address to be checked (rather than -server) during TLS host name validation"}, +#endif OPT_SECTION("Client-side debugging"), {"batch", OPT_BATCH, '-', @@ -451,9 +473,14 @@ {"use_mock_srv", OPT_USE_MOCK_SRV, '-', "Use mock server at API level, bypassing HTTP"}, OPT_SECTION("Mock server"), +#ifdef OPENSSL_NO_SOCK + {OPT_MORE_STR, 0, 0, + "NOTE: -port and -max_msgs not supported due to no-sock build"}, +#else {"port", OPT_PORT, 's', "Act as HTTP mock server listening on given port"}, {"max_msgs", OPT_MAX_MSGS, 'N', "max number of messages handled by HTTP mock server. Default: 0 = unlimited"}, +#endif {"srv_ref", OPT_SRV_REF, 's', "Reference value to use as senderKID of server in case no -srv_cert is given"}, @@ -532,8 +559,10 @@ {&opt_oldcert}, {(char **)&opt_revreason}, - {&opt_server}, {&opt_path}, {&opt_proxy}, {&opt_no_proxy}, - {&opt_recipient}, {(char **)&opt_keep_alive}, +#ifndef OPENSSL_NO_SOCK + {&opt_server}, {&opt_proxy}, {&opt_no_proxy}, +#endif + {&opt_recipient}, {&opt_path}, {(char **)&opt_keep_alive}, {(char **)&opt_msg_timeout}, {(char **)&opt_total_timeout}, {&opt_trusted}, {&opt_untrusted}, {&opt_srvcert}, @@ -552,15 +581,20 @@ {&opt_engine}, #endif +#ifndef OPENSSL_NO_SOCK {(char **)&opt_tls_used}, {&opt_tls_cert}, {&opt_tls_key}, {&opt_tls_keypass}, {&opt_tls_extra}, {&opt_tls_trusted}, {&opt_tls_host}, +#endif {(char **)&opt_batch}, {(char **)&opt_repeat}, {&opt_reqin}, {(char **)&opt_reqin_new_tid}, {&opt_reqout}, {&opt_rspin}, {&opt_rspout}, - {(char **)&opt_use_mock_srv}, {&opt_port}, {(char **)&opt_max_msgs}, + {(char **)&opt_use_mock_srv}, +#ifndef OPENSSL_NO_SOCK + {&opt_port}, {(char **)&opt_max_msgs}, +#endif {&opt_srv_ref}, {&opt_srv_secret}, {&opt_srv_cert}, {&opt_srv_key}, {&opt_srv_keypass}, {&opt_srv_trusted}, {&opt_srv_untrusted}, @@ -613,6 +647,12 @@ return OSSL_CMP_print_to_bio(bio_out, func, file, line, level, msg); } +static int print_to_bio_err(const char *func, const char *file, int line, + OSSL_CMP_severity level, const char *msg) +{ + return OSSL_CMP_print_to_bio(bio_err, func, file, line, level, msg); +} + static int set_verbosity(int level) { if (level < OSSL_CMP_LOG_EMERG || level > OSSL_CMP_LOG_MAX) { @@ -747,6 +787,7 @@ OSSL_CMP_MSG *req_new = NULL; OSSL_CMP_MSG *res = NULL; OSSL_CMP_PKIHEADER *hdr; + const char *prev_opt_rspin = opt_rspin; if (req != NULL && opt_reqout != NULL && !write_PKIMESSAGE(req, &opt_reqout)) @@ -776,7 +817,7 @@ if (res == NULL) goto err; - if (opt_reqin != NULL || opt_rspin != NULL) { + if (opt_reqin != NULL || prev_opt_rspin != NULL) { /* need to satisfy nonce and transactionID checks */ ASN1_OCTET_STRING *nonce; ASN1_OCTET_STRING *tid; @@ -1318,7 +1359,7 @@ SSL_CTX_free(ssl_ctx); return NULL; } -#endif +#endif /* OPENSSL_NO_SOCK */ /* * set up protection aspects of OSSL_CMP_CTX based on options from config @@ -1758,12 +1799,16 @@ static int setup_client_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine) { int ret = 0; - char *host = NULL, *port = NULL, *path = NULL, *used_path; + char *host = NULL, *port = NULL, *path = NULL, *used_path = opt_path; +#ifndef OPENSSL_NO_SOCK int portnum, ssl; + static char server_port[32] = { '\0' }; + const char *proxy_host = NULL; +#endif char server_buf[200] = { '\0' }; char proxy_buf[200] = { '\0' }; - const char *proxy_host = NULL; +#ifndef OPENSSL_NO_SOCK if (opt_server == NULL) { CMP_err("missing -server option"); goto err; @@ -1777,11 +1822,12 @@ CMP_err("missing -tls_used option since -server URL indicates https"); goto err; } + BIO_snprintf(server_port, sizeof(server_port), "%s", port); - used_path = opt_path != NULL ? opt_path : path; + if (opt_path == NULL) + used_path = path; if (!OSSL_CMP_CTX_set1_server(ctx, host) - || !OSSL_CMP_CTX_set_serverPort(ctx, portnum) - || !OSSL_CMP_CTX_set1_serverPath(ctx, used_path)) + || !OSSL_CMP_CTX_set_serverPort(ctx, portnum)) goto oom; if (opt_proxy != NULL && !OSSL_CMP_CTX_set1_proxy(ctx, opt_proxy)) goto oom; @@ -1795,6 +1841,10 @@ if (proxy_host != NULL) (void)BIO_snprintf(proxy_buf, sizeof(proxy_buf), " via %s", proxy_host); +#endif + + if (!OSSL_CMP_CTX_set1_serverPath(ctx, used_path)) + goto oom; if (!transform_opts()) goto err; @@ -1835,16 +1885,13 @@ || opt_rspin != NULL || opt_rspout != NULL || opt_use_mock_srv) (void)OSSL_CMP_CTX_set_transfer_cb(ctx, read_write_req_resp); +#ifndef OPENSSL_NO_SOCK if ((opt_tls_cert != NULL || opt_tls_key != NULL || opt_tls_keypass != NULL || opt_tls_extra != NULL || opt_tls_trusted != NULL || opt_tls_host != NULL) && !opt_tls_used) CMP_warn("TLS options(s) given but not -tls_used"); if (opt_tls_used) { -#ifdef OPENSSL_NO_SOCK - BIO_printf(bio_err, "Cannot use TLS - sockets not supported\n"); - goto err; -#else APP_HTTP_TLS_INFO *info; if (opt_tls_cert != NULL @@ -1873,8 +1920,8 @@ if (info->ssl_ctx == NULL) goto err; (void)OSSL_CMP_CTX_set_http_cb(ctx, app_http_tls_cb); -#endif } +#endif if (!setup_protection_ctx(ctx, engine)) goto err; @@ -1989,7 +2036,7 @@ } static char opt_item[SECTION_NAME_MAX + 1]; -/* get previous name from a comma-separated list of names */ +/* get previous name from a comma or space-separated list of names */ static const char *prev_item(const char *opt, const char *end) { const char *beg; @@ -1998,19 +2045,28 @@ if (end == opt) return NULL; beg = end; - while (beg != opt && beg[-1] != ',' && !isspace(beg[-1])) - beg--; + while (beg > opt) { + --beg; + if (beg[0] == ',' || isspace(beg[0])) { + ++beg; + break; + } + } len = end - beg; - if (len > SECTION_NAME_MAX) + if (len > SECTION_NAME_MAX) { + CMP_warn3("using only first %d characters of section name starting with \"%.*s\"", + SECTION_NAME_MAX, SECTION_NAME_MAX, beg); len = SECTION_NAME_MAX; - strncpy(opt_item, beg, len); - opt_item[SECTION_NAME_MAX] = '\0'; /* avoid gcc v8 O3 stringop-truncation */ + } + memcpy(opt_item, beg, len); opt_item[len] = '\0'; - if (len > SECTION_NAME_MAX) - CMP_warn2("using only first %d characters of section name starting with \"%s\"", - SECTION_NAME_MAX, opt_item); - while (beg != opt && (beg[-1] == ',' || isspace(beg[-1]))) - beg--; + while (beg > opt) { + --beg; + if (beg[0] != ',' && !isspace(beg[0])) { + ++beg; + break; + } + } return beg; } @@ -2058,16 +2114,16 @@ long num = 0; char *txt = NULL; const OPTIONS *opt; - int start = OPT_VERBOSITY; + int start_opt = OPT_VERBOSITY - OPT_HELP; + int start_idx = OPT_VERBOSITY - 2; /* * starting with offset OPT_VERBOSITY because OPT_CONFIG and OPT_SECTION * would not make sense within the config file. - * Moreover, these two options and OPT_VERBOSITY have already been handled. */ int n_options = OSSL_NELEM(cmp_options) - 1; - for (i = start - OPT_HELP, opt = &cmp_options[start]; - opt->name; i++, opt++) + for (opt = &cmp_options[start_opt], i = start_idx; + opt->name != NULL; i++, opt++) if (!strcmp(opt->name, OPT_SECTION_STR) || !strcmp(opt->name, OPT_MORE_STR)) n_options--; @@ -2075,8 +2131,8 @@ + OPT_PROV__FIRST + 1 - OPT_PROV__LAST + OPT_R__FIRST + 1 - OPT_R__LAST + OPT_V__FIRST + 1 - OPT_V__LAST); - for (i = start - OPT_HELP, opt = &cmp_options[start]; - opt->name; i++, opt++) { + for (opt = &cmp_options[start_opt], i = start_idx; + opt->name != NULL; i++, opt++) { int provider_option = (OPT_PROV__FIRST <= opt->retval && opt->retval < OPT_PROV__LAST); int rand_state_option = (OPT_R__FIRST <= opt->retval @@ -2106,7 +2162,7 @@ num, opt->name); return -1; } - if (opt->valtype == 'N' && num <= 0) { + if (opt->valtype == 'N' && num < 0) { opt_printf_stderr("Negative number \"%ld\" for config option -%s\n", num, opt->name); return -1; @@ -2216,8 +2272,12 @@ return -1; case OPT_CONFIG: /* has already been handled */ case OPT_SECTION: /* has already been handled */ - case OPT_VERBOSITY: /* has already been handled */ break; + case OPT_VERBOSITY: + if (!set_verbosity(opt_int_arg())) + goto opthelp; + break; +#ifndef OPENSSL_NO_SOCK case OPT_SERVER: opt_server = opt_str(); break; @@ -2227,12 +2287,13 @@ case OPT_NO_PROXY: opt_no_proxy = opt_str(); break; - case OPT_PATH: - opt_path = opt_str(); - break; +#endif case OPT_RECIPIENT: opt_recipient = opt_str(); break; + case OPT_PATH: + opt_path = opt_str(); + break; case OPT_KEEP_ALIVE: opt_keep_alive = opt_int_arg(); if (opt_keep_alive > 2) { @@ -2246,6 +2307,7 @@ case OPT_TOTAL_TIMEOUT: opt_total_timeout = opt_int_arg(); break; +#ifndef OPENSSL_NO_SOCK case OPT_TLS_USED: opt_tls_used = 1; break; @@ -2267,6 +2329,8 @@ case OPT_TLS_HOST: opt_tls_host = opt_str(); break; +#endif + case OPT_REF: opt_ref = opt_str(); break; @@ -2455,12 +2519,15 @@ case OPT_USE_MOCK_SRV: opt_use_mock_srv = 1; break; + +#ifndef OPENSSL_NO_SOCK case OPT_PORT: opt_port = opt_str(); break; case OPT_MAX_MSGS: opt_max_msgs = opt_int_arg(); break; +#endif case OPT_SRV_REF: opt_srv_ref = opt_str(); break; @@ -2625,7 +2692,9 @@ int i; X509 *newcert = NULL; ENGINE *engine = NULL; +#ifndef OPENSSL_NO_SOCK char mock_server[] = "mock server:1"; +#endif OSSL_CMP_CTX *srv_cmp_ctx = NULL; int ret = 0; /* default: failure */ @@ -2687,6 +2756,8 @@ } } ret = read_config(); + if (!set_verbosity(opt_verbosity)) /* just for checking range */ + ret = -1; if (ret <= 0) { if (ret == -1) BIO_printf(bio_err, "Use -help for summary.\n"); @@ -2714,6 +2785,7 @@ } } +#ifndef OPENSSL_NO_SOCK if (opt_port != NULL) { if (opt_use_mock_srv) { CMP_err("cannot use both -port and -use_mock_srv options"); @@ -2724,6 +2796,7 @@ goto err; } } +#endif cmp_ctx = OSSL_CMP_CTX_new(app_get0_libctx(), app_get0_propq()); if (cmp_ctx == NULL) @@ -2733,14 +2806,18 @@ CMP_err1("cannot set up error reporting and logging for %s", prog); goto err; } - if ((opt_use_mock_srv || opt_port != NULL)) { + if (opt_use_mock_srv +#ifndef OPENSSL_NO_SOCK + || opt_port != NULL +#endif + ) { OSSL_CMP_SRV_CTX *srv_ctx; if ((srv_ctx = setup_srv_ctx(engine)) == NULL) goto err; srv_cmp_ctx = OSSL_CMP_SRV_CTX_get0_cmp_ctx(srv_ctx); OSSL_CMP_CTX_set_transfer_cb_arg(cmp_ctx, srv_ctx); - if (!OSSL_CMP_CTX_set_log_cb(srv_cmp_ctx, print_to_bio_out)) { + if (!OSSL_CMP_CTX_set_log_cb(srv_cmp_ctx, print_to_bio_err)) { CMP_err1("cannot set up error reporting and logging for %s", prog); goto err; } @@ -2748,17 +2825,16 @@ } +#ifndef OPENSSL_NO_SOCK if (opt_port != NULL) { /* act as very basic CMP HTTP server */ -#ifdef OPENSSL_NO_SOCK - BIO_printf(bio_err, "Cannot act as server - sockets not supported\n"); -#else ret = cmp_server(srv_cmp_ctx); -#endif goto err; } +#endif /* else act as CMP client */ if (opt_use_mock_srv) { +#ifndef OPENSSL_NO_SOCK if (opt_server != NULL) { CMP_err("cannot use both -use_mock_srv and -server options"); goto err; @@ -2769,6 +2845,7 @@ } opt_server = mock_server; opt_proxy = "API"; +#endif } if (!setup_client_ctx(cmp_ctx, engine)) { @@ -2833,7 +2910,14 @@ const char *string = OSSL_CMP_CTX_snprint_PKIStatus(cmp_ctx, buf, OSSL_CMP_PKISI_BUFLEN); + const char *from = "", *server = ""; +#ifndef OPENSSL_NO_SOCK + if (opt_server != NULL) { + from = " from "; + server = opt_server; + } +#endif CMP_print(bio_err, status == OSSL_CMP_PKISTATUS_accepted ? OSSL_CMP_LOG_INFO : @@ -2844,8 +2928,8 @@ status == OSSL_CMP_PKISTATUS_rejection ? "server error" : status == OSSL_CMP_PKISTATUS_waiting ? "internal error" : "warning", - "received from %s %s %s", opt_server, - string != NULL ? string : "", ""); + "received%s%s %s", from, server, + string != NULL ? string : ""); OPENSSL_free(buf); } @@ -2882,7 +2966,9 @@ cleanse(opt_keypass); cleanse(opt_newkeypass); cleanse(opt_otherpass); +#ifndef OPENSSL_NO_SOCK cleanse(opt_tls_keypass); +#endif cleanse(opt_secret); cleanse(opt_srv_keypass); cleanse(opt_srv_secret); diff -Nru openssl-3.0.0/apps/dgst.c openssl-3.0.1/apps/dgst.c --- openssl-3.0.0/apps/dgst.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/dgst.c 2021-12-14 17:16:25.000000000 +0100 @@ -335,7 +335,7 @@ EVP_PKEY_CTX *pctx = NULL; int res; - if (!BIO_get_md_ctx(bmd, &mctx)) { + if (BIO_get_md_ctx(bmd, &mctx) <= 0) { BIO_printf(bio_err, "Error getting context\n"); goto end; } @@ -362,7 +362,7 @@ /* we use md as a filter, reading from 'in' */ else { EVP_MD_CTX *mctx = NULL; - if (!BIO_get_md_ctx(bmd, &mctx)) { + if (BIO_get_md_ctx(bmd, &mctx) <= 0) { BIO_printf(bio_err, "Error getting context\n"); goto end; } diff -Nru openssl-3.0.0/apps/dhparam.c openssl-3.0.1/apps/dhparam.c --- openssl-3.0.0/apps/dhparam.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/dhparam.c 2021-12-14 17:16:25.000000000 +0100 @@ -194,7 +194,7 @@ "Generating %s parameters, %d bit long %sprime\n", alg, num, dsaparam ? "" : "safe "); - if (!EVP_PKEY_paramgen_init(ctx)) { + if (EVP_PKEY_paramgen_init(ctx) <= 0) { BIO_printf(bio_err, "Error, unable to initialise %s parameters\n", alg); @@ -383,8 +383,8 @@ ctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL); if (ctx == NULL - || !EVP_PKEY_fromdata_init(ctx) - || !EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params)) { + || EVP_PKEY_fromdata_init(ctx) <= 0 + || EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0) { BIO_printf(bio_err, "Error, failed to set DH parameters\n"); goto err; } diff -Nru openssl-3.0.0/apps/dsaparam.c openssl-3.0.1/apps/dsaparam.c --- openssl-3.0.0/apps/dsaparam.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/dsaparam.c 2021-12-14 17:16:25.000000000 +0100 @@ -211,7 +211,7 @@ "Error, DSA key generation context allocation failed\n"); goto end; } - if (!EVP_PKEY_keygen_init(ctx)) { + if (EVP_PKEY_keygen_init(ctx) <= 0) { BIO_printf(bio_err, "Error, unable to initialise for key generation\n"); goto end; diff -Nru openssl-3.0.0/apps/lib/app_rand.c openssl-3.0.1/apps/lib/app_rand.c --- openssl-3.0.0/apps/lib/app_rand.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/lib/app_rand.c 2021-12-14 17:16:25.000000000 +0100 @@ -28,8 +28,14 @@ BIO_printf(bio_err, "Can't load %s into RNG\n", randfile); ERR_print_errors(bio_err); } - if (save_rand_file == NULL) + if (save_rand_file == NULL) { save_rand_file = OPENSSL_strdup(randfile); + /* If some internal memory errors have occurred */ + if (save_rand_file == NULL) { + BIO_printf(bio_err, "Can't duplicate %s\n", randfile); + ERR_print_errors(bio_err); + } + } } static int loadfiles(char *name) @@ -110,6 +116,8 @@ case OPT_R_WRITERAND: OPENSSL_free(save_rand_file); save_rand_file = OPENSSL_strdup(opt_arg()); + if (save_rand_file == NULL) + return 0; break; } return 1; diff -Nru openssl-3.0.0/apps/lib/apps.c openssl-3.0.1/apps/lib/apps.c --- openssl-3.0.0/apps/lib/apps.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/lib/apps.c 2021-12-14 17:16:25.000000000 +0100 @@ -2302,23 +2302,35 @@ return rv; } +/* + * do_X509_verify returns 1 if the signature is valid, + * 0 if the signature check fails, or -1 if error occurs. + */ int do_X509_verify(X509 *x, EVP_PKEY *pkey, STACK_OF(OPENSSL_STRING) *vfyopts) { int rv = 0; if (do_x509_init(x, vfyopts) > 0) - rv = (X509_verify(x, pkey) > 0); + rv = X509_verify(x, pkey); + else + rv = -1; return rv; } +/* + * do_X509_REQ_verify returns 1 if the signature is valid, + * 0 if the signature check fails, or -1 if error occurs. + */ int do_X509_REQ_verify(X509_REQ *x, EVP_PKEY *pkey, STACK_OF(OPENSSL_STRING) *vfyopts) { int rv = 0; if (do_x509_req_init(x, vfyopts) > 0) - rv = (X509_REQ_verify_ex(x, pkey, - app_get0_libctx(), app_get0_propq()) > 0); + rv = X509_REQ_verify_ex(x, pkey, + app_get0_libctx(), app_get0_propq()); + else + rv = -1; return rv; } diff -Nru openssl-3.0.0/apps/lib/engine_loader.c openssl-3.0.1/apps/lib/engine_loader.c --- openssl-3.0.0/apps/lib/engine_loader.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/lib/engine_loader.c 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -91,7 +91,7 @@ keyid = OPENSSL_strdup(q + 1); } - if (e != NULL) + if (e != NULL && keyid != NULL) ctx = OSSL_STORE_LOADER_CTX_new(e, keyid); if (ctx == NULL) { diff -Nru openssl-3.0.0/apps/lib/s_cb.c openssl-3.0.1/apps/lib/s_cb.c --- openssl-3.0.0/apps/lib/s_cb.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/lib/s_cb.c 2021-12-14 17:16:25.000000000 +0100 @@ -146,6 +146,7 @@ STACK_OF(X509) *chain, int build_chain) { int chflags = chain ? SSL_BUILD_CHAIN_FLAG_CHECK : 0; + if (cert == NULL) return 1; if (SSL_CTX_use_certificate(ctx, cert) <= 0) { @@ -199,6 +200,7 @@ const unsigned char *p; int i; int cert_type_num = SSL_get0_certificate_types(s, &p); + if (!cert_type_num) return; BIO_puts(bio, "Client Certificate Types: "); @@ -228,22 +230,22 @@ case EVP_PKEY_DSA: return "DSA"; - case EVP_PKEY_EC: + case EVP_PKEY_EC: return "ECDSA"; - case NID_ED25519: + case NID_ED25519: return "Ed25519"; - case NID_ED448: + case NID_ED448: return "Ed448"; - case NID_id_GostR3410_2001: + case NID_id_GostR3410_2001: return "gost2001"; - case NID_id_GostR3410_2012_256: + case NID_id_GostR3410_2012_256: return "gost2012_256"; - case NID_id_GostR3410_2012_512: + case NID_id_GostR3410_2012_512: return "gost2012_512"; default: @@ -254,6 +256,7 @@ static int do_print_sigalgs(BIO *out, SSL *s, int shared) { int i, nsig, client; + client = SSL_is_server(s) ? 0 : 1; if (shared) nsig = SSL_get_shared_sigalgs(s, 0, NULL, NULL, NULL, NULL, NULL); @@ -296,6 +299,7 @@ int ssl_print_sigalgs(BIO *out, SSL *s) { int nid; + if (!SSL_is_server(s)) ssl_print_client_cert_types(out, s); do_print_sigalgs(out, s, 0); @@ -312,6 +316,7 @@ { int i, nformats; const char *pformats; + nformats = SSL_get0_ec_point_formats(s, &pformats); if (nformats <= 0) return 1; @@ -895,6 +900,7 @@ SSL_EXCERT *exc = arg; #ifdef CERT_CB_TEST_RETRY static int retry_cnt; + if (retry_cnt < 5) { retry_cnt++; BIO_printf(bio_err, @@ -993,6 +999,7 @@ int load_excert(SSL_EXCERT **pexc) { SSL_EXCERT *exc = *pexc; + if (exc == NULL) return 1; /* If nothing in list, free and set to NULL */ @@ -1098,6 +1105,7 @@ const unsigned char *rlist; static const unsigned char scsv_id[] = { 0, 0xFF }; size_t i, rlistlen, num; + if (!SSL_is_server(s)) return; num = SSL_get0_raw_cipherlist(s, NULL); @@ -1275,6 +1283,7 @@ int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls, int crl_download) { X509_STORE *st; + st = SSL_CTX_get_cert_store(ctx); add_crls_store(st, crls); if (crl_download) @@ -1291,6 +1300,7 @@ { X509_STORE *vfy = NULL, *ch = NULL; int rv = 0; + if (vfyCApath != NULL || vfyCAfile != NULL || vfyCAstore != NULL) { vfy = X509_STORE_new(); if (vfy == NULL) @@ -1367,6 +1377,7 @@ int rv, show_bits = 1, cert_md = 0; const char *nm; int show_nm; + rv = sdb->old_cb(s, ctx, op, bits, nid, other, ex); if (rv == 1 && sdb->verbose < 2) return 1; @@ -1420,14 +1431,21 @@ { if (cert_md) { int sig_nid = X509_get_signature_nid(other); + BIO_puts(sdb->out, OBJ_nid2sn(sig_nid)); } else { EVP_PKEY *pkey = X509_get0_pubkey(other); - const char *algname = ""; - EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, - &algname, EVP_PKEY_get0_asn1(pkey)); - BIO_printf(sdb->out, "%s, bits=%d", - algname, EVP_PKEY_get_bits(pkey)); + + if (pkey == NULL) { + BIO_printf(sdb->out, "Public key missing"); + } else { + const char *algname = ""; + + EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, + &algname, EVP_PKEY_get0_asn1(pkey)); + BIO_printf(sdb->out, "%s, bits=%d", + algname, EVP_PKEY_get_bits(pkey)); + } } break; } diff -Nru openssl-3.0.0/apps/openssl.c openssl-3.0.1/apps/openssl.c --- openssl-3.0.0/apps/openssl.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/openssl.c 2021-12-14 17:16:25.000000000 +0100 @@ -168,14 +168,17 @@ { BIO *channel; tracedata *trace_data; + BIO *bio = NULL; if (OSSL_trace_enabled(category)) return; - channel = BIO_push(BIO_new(BIO_f_prefix()), dup_bio_err(FORMAT_TEXT)); + bio = BIO_new(BIO_f_prefix()); + channel = BIO_push(bio, dup_bio_err(FORMAT_TEXT)); trace_data = OPENSSL_zalloc(sizeof(*trace_data)); if (trace_data == NULL + || bio == NULL || (trace_data->bio = channel) == NULL || OSSL_trace_set_callback(category, internal_trace_cb, trace_data) == 0 @@ -395,6 +398,7 @@ if (argc <= 0 || argv[0] == NULL) return 0; + memset(&f, 0, sizeof(f)); f.name = argv[0]; fp = lh_FUNCTION_retrieve(prog, &f); if (fp == NULL) { diff -Nru openssl-3.0.0/apps/req.c openssl-3.0.1/apps/req.c --- openssl-3.0.0/apps/req.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/req.c 2021-12-14 17:16:25.000000000 +0100 @@ -103,7 +103,7 @@ {"keygen_engine", OPT_KEYGEN_ENGINE, 's', "Specify engine to be used for key generation operations"}, #endif - {"in", OPT_IN, '<', "X.509 request input file"}, + {"in", OPT_IN, '<', "X.509 request input file (default stdin)"}, {"inform", OPT_INFORM, 'F', "Input format - DER or PEM"}, {"verify", OPT_VERIFY, '-', "Verify self-signature on the request"}, @@ -136,10 +136,11 @@ "Cert extension section (override value in config file)"}, {"reqexts", OPT_REQEXTS, 's', "Request extension section (override value in config file)"}, - {"precert", OPT_PRECERT, '-', "Add a poison extension (implies -new)"}, + {"precert", OPT_PRECERT, '-', + "Add a poison extension to the generated cert (implies -new)"}, OPT_SECTION("Keys and Signing"), - {"key", OPT_KEY, 's', "Key to include and to use for self-signature"}, + {"key", OPT_KEY, 's', "Key for signing, and to include unless -in given"}, {"keyform", OPT_KEYFORM, 'f', "Key file format (ENGINE, other values ignored)"}, {"pubkey", OPT_PUBKEY, '-', "Output public key"}, {"keyout", OPT_KEYOUT, '>', "File to write private key to"}, @@ -742,7 +743,8 @@ goto end; if (!newreq) { - req = load_csr(infile, informat, "X509 request"); + req = load_csr(infile /* if NULL, reads from stdin */, + informat, "X509 request"); if (req == NULL) goto end; } @@ -752,7 +754,7 @@ if (CAkeyfile != NULL) { if (CAfile == NULL) { BIO_printf(bio_err, - "Ignoring -CAkey option since no -CA option is given\n"); + "Warning: Ignoring -CAkey option since no -CA option is given\n"); } else { if ((CAkey = load_key(CAkeyfile, FORMAT_UNDEF, 0, passin, e, @@ -788,6 +790,7 @@ BIO_printf(bio_err, "Error making certificate request\n"); goto end; } + /* Note that -x509 can take over -key and -subj option values. */ } if (gen_x509) { EVP_PKEY *pub_key = X509_REQ_get0_pubkey(req); diff -Nru openssl-3.0.0/apps/s_client.c openssl-3.0.1/apps/s_client.c --- openssl-3.0.0/apps/s_client.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/s_client.c 2021-12-14 17:16:25.000000000 +0100 @@ -3040,6 +3040,8 @@ #endif OPENSSL_free(connectstr); OPENSSL_free(bindstr); + OPENSSL_free(bindhost); + OPENSSL_free(bindport); OPENSSL_free(host); OPENSSL_free(port); OPENSSL_free(thost); @@ -3276,11 +3278,11 @@ BIO_printf(bio, " Label: '%s'\n", keymatexportlabel); BIO_printf(bio, " Length: %i bytes\n", keymatexportlen); exportedkeymat = app_malloc(keymatexportlen, "export key"); - if (!SSL_export_keying_material(s, exportedkeymat, + if (SSL_export_keying_material(s, exportedkeymat, keymatexportlen, keymatexportlabel, strlen(keymatexportlabel), - NULL, 0, 0)) { + NULL, 0, 0) <= 0) { BIO_printf(bio, " Error\n"); } else { BIO_printf(bio, " Keying material: "); diff -Nru openssl-3.0.0/apps/speed.c openssl-3.0.1/apps/speed.c --- openssl-3.0.0/apps/speed.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/speed.c 2021-12-14 17:16:25.000000000 +0100 @@ -462,6 +462,7 @@ unsigned char *buf_malloc; unsigned char *buf2_malloc; unsigned char *key; + size_t buflen; size_t sigsize; EVP_PKEY_CTX *rsa_sign_ctx[RSA_NUM]; EVP_PKEY_CTX *rsa_verify_ctx[RSA_NUM]; @@ -832,6 +833,7 @@ int ret, count; for (count = 0; COND(rsa_c[testnum][0]); count++) { + *rsa_num = tempargs->buflen; ret = EVP_PKEY_sign(rsa_sign_ctx[testnum], buf2, rsa_num, buf, 36); if (ret <= 0) { BIO_printf(bio_err, "RSA sign failure\n"); @@ -892,6 +894,7 @@ int ret, count; for (count = 0; COND(dsa_c[testnum][0]); count++) { + *dsa_num = tempargs->buflen; ret = EVP_PKEY_sign(dsa_sign_ctx[testnum], buf2, dsa_num, buf, 20); if (ret <= 0) { BIO_printf(bio_err, "DSA sign failure\n"); @@ -935,6 +938,7 @@ int ret, count; for (count = 0; COND(ecdsa_c[testnum][0]); count++) { + *ecdsa_num = tempargs->buflen; ret = EVP_PKEY_sign(ecdsa_sign_ctx[testnum], buf2, ecdsa_num, buf, 20); if (ret <= 0) { BIO_printf(bio_err, "ECDSA sign failure\n"); @@ -1540,6 +1544,10 @@ case OPT_MULTI: #ifndef NO_FORK multi = atoi(opt_arg()); + if ((size_t)multi >= SIZE_MAX / sizeof(int)) { + BIO_printf(bio_err, "%s: multi argument too large\n", prog); + return 0; + } #endif break; case OPT_ASYNCJOBS: @@ -1775,6 +1783,8 @@ /* Align the start of buffers on a 64 byte boundary */ loopargs[i].buf = loopargs[i].buf_malloc + misalign; loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign; + loopargs[i].buflen = buflen - misalign; + loopargs[i].sigsize = buflen - misalign; loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a"); loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b"); #ifndef OPENSSL_NO_DH @@ -2345,6 +2355,7 @@ for (i = 0; st && i < loopargs_len; i++) { loopargs[i].rsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(rsa_key, NULL); + loopargs[i].sigsize = loopargs[i].buflen; if (loopargs[i].rsa_sign_ctx[testnum] == NULL || EVP_PKEY_sign_init(loopargs[i].rsa_sign_ctx[testnum]) <= 0 || EVP_PKEY_sign(loopargs[i].rsa_sign_ctx[testnum], @@ -2423,6 +2434,7 @@ for (i = 0; st && i < loopargs_len; i++) { loopargs[i].dsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(dsa_key, NULL); + loopargs[i].sigsize = loopargs[i].buflen; if (loopargs[i].dsa_sign_ctx[testnum] == NULL || EVP_PKEY_sign_init(loopargs[i].dsa_sign_ctx[testnum]) <= 0 @@ -2501,6 +2513,7 @@ for (i = 0; st && i < loopargs_len; i++) { loopargs[i].ecdsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(ecdsa_key, NULL); + loopargs[i].sigsize = loopargs[i].buflen; if (loopargs[i].ecdsa_sign_ctx[testnum] == NULL || EVP_PKEY_sign_init(loopargs[i].ecdsa_sign_ctx[testnum]) <= 0 @@ -3092,10 +3105,9 @@ #endif if (!mr) { printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING)); - printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON)); - printf("options:"); - printf("%s ", BN_options()); - printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS)); + printf("%s\n", OpenSSL_version(OPENSSL_BUILT_ON)); + printf("options: %s\n", BN_options()); + printf("%s\n", OpenSSL_version(OPENSSL_CFLAGS)); printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO)); } diff -Nru openssl-3.0.0/apps/s_server.c openssl-3.0.1/apps/s_server.c --- openssl-3.0.0/apps/s_server.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/s_server.c 2021-12-14 17:16:25.000000000 +0100 @@ -131,12 +131,12 @@ if (s_debug) BIO_printf(bio_s_out, "psk_server_cb\n"); - if (SSL_version(ssl) >= TLS1_3_VERSION) { + if (!SSL_is_dtls(ssl) && SSL_version(ssl) >= TLS1_3_VERSION) { /* - * This callback is designed for use in TLSv1.2. It is possible to use - * a single callback for all protocol versions - but it is preferred to - * use a dedicated callback for TLSv1.3. For TLSv1.3 we have - * psk_find_session_cb. + * This callback is designed for use in (D)TLSv1.2 (or below). It is + * possible to use a single callback for all protocol versions - but it + * is preferred to use a dedicated callback for TLSv1.3. For TLSv1.3 we + * have psk_find_session_cb. */ return 0; } @@ -2940,11 +2940,11 @@ BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel); BIO_printf(bio_s_out, " Length: %i bytes\n", keymatexportlen); exportedkeymat = app_malloc(keymatexportlen, "export key"); - if (!SSL_export_keying_material(con, exportedkeymat, + if (SSL_export_keying_material(con, exportedkeymat, keymatexportlen, keymatexportlabel, strlen(keymatexportlabel), - NULL, 0, 0)) { + NULL, 0, 0) <= 0) { BIO_printf(bio_s_out, " Error\n"); } else { BIO_printf(bio_s_out, " Keying material: "); diff -Nru openssl-3.0.0/apps/tsget.in openssl-3.0.1/apps/tsget.in --- openssl-3.0.0/apps/tsget.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/tsget.in 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ #!{- $config{HASHBANGPERL} -} -# Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved. # Copyright (c) 2002 The OpenTSA Project. All rights reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use @@ -21,10 +21,10 @@ my $return_data = ""; my $data_len = length ${$state->{data}}; if ($state->{bytes} < $data_len) { - $data_len = $data_len - $state->{bytes}; - $data_len = $maxlength if $data_len > $maxlength; - $return_data = substr ${$state->{data}}, $state->{bytes}, $data_len; - $state->{bytes} += $data_len; + $data_len = $data_len - $state->{bytes}; + $data_len = $maxlength if $data_len > $maxlength; + $return_data = substr ${$state->{data}}, $state->{bytes}, $data_len; + $state->{bytes} += $data_len; } return $return_data; } @@ -53,8 +53,8 @@ $curl->setopt(CURLOPT_UPLOAD, 1); $curl->setopt(CURLOPT_CUSTOMREQUEST, "POST"); $curl->setopt(CURLOPT_HTTPHEADER, - ["Content-Type: application/timestamp-query", - "Accept: application/timestamp-reply,application/timestamp-response"]); + ["Content-Type: application/timestamp-query", + "Accept: application/timestamp-reply,application/timestamp-response"]); $curl->setopt(CURLOPT_READFUNCTION, \&read_body); $curl->setopt(CURLOPT_HEADERFUNCTION, sub { return length($_[0]); }); @@ -63,8 +63,8 @@ # SSL related options. $curl->setopt(CURLOPT_SSLKEYTYPE, "PEM"); - $curl->setopt(CURLOPT_SSL_VERIFYPEER, 1); # Verify server's certificate. - $curl->setopt(CURLOPT_SSL_VERIFYHOST, 2); # Check server's CN. + $curl->setopt(CURLOPT_SSL_VERIFYPEER, 1); # Verify server's certificate. + $curl->setopt(CURLOPT_SSL_VERIFYHOST, 2); # Check server's CN. $curl->setopt(CURLOPT_SSLKEY, $options{k}) if defined($options{k}); $curl->setopt(CURLOPT_SSLKEYPASSWD, $options{p}) if defined($options{p}); $curl->setopt(CURLOPT_SSLCERT, $options{c}) if defined($options{c}); @@ -101,15 +101,15 @@ my $error_string; if ($error_code != 0) { my $http_code = $curl->getinfo(CURLINFO_HTTP_CODE); - $error_string = "could not get timestamp"; - $error_string .= ", http code: $http_code" unless $http_code == 0; - $error_string .= ", curl code: $error_code"; - $error_string .= " ($::error_buf)" if defined($::error_buf); + $error_string = "could not get timestamp"; + $error_string .= ", http code: $http_code" unless $http_code == 0; + $error_string .= ", curl code: $error_code"; + $error_string .= " ($::error_buf)" if defined($::error_buf); } else { my $ct = $curl->getinfo(CURLINFO_CONTENT_TYPE); - if (lc($ct) ne "application/timestamp-reply" - && lc($ct) ne "application/timestamp-response") { - $error_string = "unexpected content type returned: $ct"; + if (lc($ct) ne "application/timestamp-reply" + && lc($ct) ne "application/timestamp-response") { + $error_string = "unexpected content type returned: $ct"; } } return ($ts_body, $error_string); @@ -163,15 +163,15 @@ # Read request. my $body; if ($input eq "-") { - # Read the request from STDIN; - $body = ; + # Read the request from STDIN; + $body = ; } else { - # Read the request from file. + # Read the request from file. open INPUT, "<" . $input - or warn("$input: could not open input file: $!\n"), next REQUEST; + or warn("$input: could not open input file: $!\n"), next REQUEST; $body = ; close INPUT - or warn("$input: could not close input file: $!\n"), next REQUEST; + or warn("$input: could not close input file: $!\n"), next REQUEST; } # Send request. @@ -179,21 +179,21 @@ my ($ts_body, $error) = get_timestamp $curl, \$body; if (defined($error)) { - die "$input: fatal error: $error\n"; + die "$input: fatal error: $error\n"; } STDERR->printflush(", reply received") if $options{v}; # Write response. if ($output eq "-") { - # Write to STDOUT. + # Write to STDOUT. print $ts_body; } else { - # Write to file. + # Write to file. open OUTPUT, ">", $output - or warn("$output: could not open output file: $!\n"), next REQUEST; + or warn("$output: could not open output file: $!\n"), next REQUEST; print OUTPUT $ts_body; close OUTPUT - or warn("$output: could not close output file: $!\n"), next REQUEST; + or warn("$output: could not close output file: $!\n"), next REQUEST; } STDERR->printflush(", $output written.\n") if $options{v}; } diff -Nru openssl-3.0.0/apps/x509.c openssl-3.0.1/apps/x509.c --- openssl-3.0.0/apps/x509.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/apps/x509.c 2021-12-14 17:16:25.000000000 +0100 @@ -61,7 +61,7 @@ {"help", OPT_HELP, '-', "Display this summary"}, {"in", OPT_IN, '<', - "Certificate input (default stdin), or CSR input file with -req"}, + "Certificate input, or CSR input file with -req (default stdin)"}, {"passin", OPT_PASSIN, 's', "Private key and cert file pass-phrase source"}, {"new", OPT_NEW, '-', "Generate a certificate from scratch"}, {"x509toreq", OPT_X509TOREQ, '-', @@ -73,7 +73,7 @@ "CSR input file format (DER or PEM) - default PEM"}, {"vfyopt", OPT_VFYOPT, 's', "CSR verification parameter in n:v form"}, {"key", OPT_KEY, 's', - "Key to be used in certificate or cert request"}, + "Key for signing, and to include unless using -force_pubkey"}, {"signkey", OPT_SIGNKEY, 's', "Same as -key"}, {"keyform", OPT_KEYFORM, 'E', @@ -235,6 +235,21 @@ return NULL; } +static int self_signed(X509_STORE *ctx, X509 *cert) +{ + X509_STORE_CTX *xsc = X509_STORE_CTX_new(); + int ret = 0; + + if (xsc == NULL || !X509_STORE_CTX_init(xsc, ctx, cert, NULL)) { + BIO_printf(bio_err, "Error initialising X509 store\n"); + } else { + X509_STORE_CTX_set_flags(xsc, X509_V_FLAG_CHECK_SS_SIGNATURE); + ret = X509_verify_cert(xsc) > 0; + } + X509_STORE_CTX_free(xsc); + return ret; +} + int x509_main(int argc, char **argv) { ASN1_INTEGER *sno = NULL; @@ -630,7 +645,7 @@ } if (privkeyfile == NULL && pubkeyfile == NULL) { BIO_printf(bio_err, - "The -new option without -key requires using -force_pubkey\n"); + "The -new option requires using the -key or -force_pubkey option\n"); goto end; } } @@ -642,7 +657,7 @@ CAkeyfile = CAfile; if (CAfile != NULL) { if (privkeyfile != NULL) { - BIO_printf(bio_err, "Cannot use both -key and -CA option\n"); + BIO_printf(bio_err, "Cannot use both -key/-signkey and -CA option\n"); goto end; } } else if (CAkeyfile != NULL) { @@ -787,6 +802,8 @@ sno = x509_load_serial(CAfile, CAserial, CA_createserial); if (sno == NULL) goto end; + if (!x509toreq && !reqfile && !newcert && !self_signed(ctx, x)) + goto end; } if (sno != NULL && !X509_set_serialNumber(x, sno)) @@ -799,7 +816,12 @@ goto end; } - X509V3_set_ctx(&ext_ctx, issuer_cert, x, req, NULL, X509V3_CTX_REPLACE); + X509V3_set_ctx(&ext_ctx, issuer_cert, x, NULL, NULL, X509V3_CTX_REPLACE); + /* prepare fallback for AKID, but only if issuer cert equals subject cert */ + if (CAfile == NULL) { + if (!X509V3_set_issuer_pkey(&ext_ctx, privkey)) + goto end; + } if (extconf != NULL && !x509toreq) { X509V3_set_nconf(&ext_ctx, extconf); if (!X509V3_EXT_add_nconf(extconf, &ext_ctx, extsect, x)) { @@ -819,7 +841,7 @@ if (x509toreq) { /* also works in conjunction with -req */ if (privkey == NULL) { - BIO_printf(bio_err, "Must specify request key using -key\n"); + BIO_printf(bio_err, "Must specify request signing key using -key\n"); goto end; } if (clrext && ext_copy != EXT_COPY_NONE) { @@ -856,21 +878,6 @@ if (!do_X509_sign(x, privkey, digest, sigopts, &ext_ctx)) goto end; } else if (CAfile != NULL) { - if (!reqfile && !newcert) { /* certificate should be self-signed */ - X509_STORE_CTX *xsc = X509_STORE_CTX_new(); - - if (xsc == NULL || !X509_STORE_CTX_init(xsc, ctx, x, NULL)) { - BIO_printf(bio_err, "Error initialising X509 store\n"); - X509_STORE_CTX_free(xsc); - goto end; - } - X509_STORE_CTX_set_cert(xsc, x); - X509_STORE_CTX_set_flags(xsc, X509_V_FLAG_CHECK_SS_SIGNATURE); - i = X509_verify_cert(xsc); - X509_STORE_CTX_free(xsc); - if (i <= 0) - goto end; - } if ((CAkey = load_key(CAkeyfile, CAkeyformat, 0, passin, e, "CA private key")) == NULL) goto end; diff -Nru openssl-3.0.0/CHANGES.md openssl-3.0.1/CHANGES.md --- openssl-3.0.0/CHANGES.md 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/CHANGES.md 2021-12-14 17:16:25.000000000 +0100 @@ -28,6 +28,80 @@ [Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod +### Changes between 3.0.0 and 3.0.1 [14 Dec 2021] + + * Fixed invalid handling of X509_verify_cert() internal errors in libssl + Internally libssl in OpenSSL calls X509_verify_cert() on the client side to + verify a certificate supplied by a server. That function may return a + negative return value to indicate an internal error (for example out of + memory). Such a negative return value is mishandled by OpenSSL and will cause + an IO function (such as SSL_connect() or SSL_do_handshake()) to not indicate + success and a subsequent call to SSL_get_error() to return the value + SSL_ERROR_WANT_RETRY_VERIFY. This return value is only supposed to be + returned by OpenSSL if the application has previously called + SSL_CTX_set_cert_verify_callback(). Since most applications do not do this + the SSL_ERROR_WANT_RETRY_VERIFY return value from SSL_get_error() will be + totally unexpected and applications may not behave correctly as a result. The + exact behaviour will depend on the application but it could result in + crashes, infinite loops or other similar incorrect responses. + + This issue is made more serious in combination with a separate bug in OpenSSL + 3.0 that will cause X509_verify_cert() to indicate an internal error when + processing a certificate chain. This will occur where a certificate does not + include the Subject Alternative Name extension but where a Certificate + Authority has enforced name constraints. This issue can occur even with valid + chains. + ([CVE-2021-4044]) + + *Matt Caswell* + + * Corrected a few file name and file reference bugs in the build, + installation and setup scripts, which lead to installation verification + failures. Slightly enhanced the installation verification script. + + *Richard Levitte* + + * Fixed EVP_PKEY_eq() to make it possible to use it with strictly private + keys. + + *Richard Levitte* + + * Fixed PVK encoder to properly query for the passphrase. + + *Tomáš Mráz* + + * Multiple fixes in the OSSL_HTTP API functions. + + *David von Oheimb* + + * Allow sign extension in OSSL_PARAM_allocate_from_text() for the + OSSL_PARAM_INTEGER data type and return error on negative numbers + used with the OSSL_PARAM_UNSIGNED_INTEGER data type. Make + OSSL_PARAM_BLD_push_BN{,_pad}() return an error on negative numbers. + + *Richard Levitte* + + * Allow copying uninitialized digest contexts with EVP_MD_CTX_copy_ex. + + *Tomáš Mráz* + + * Fixed detection of ARMv7 and ARM64 CPU features on FreeBSD. + + *Allan Jude* + + * Multiple threading fixes. + + *Matt Caswell* + + * Added NULL digest implementation to keep compatibility with 1.1.1 version. + + *Tomáš Mráz* + + * Allow fetching an operation from the provider that owns an unexportable key + as a fallback if that is still allowed by the property query. + + *Richard Levitte* + ### Changes between 1.1.1 and 3.0.0 [7 sep 2021] * TLS_MAX_VERSION, DTLS_MAX_VERSION and DTLS_MIN_VERSION constants are now @@ -1453,6 +1527,22 @@ OpenSSL 1.1.1 ------------- +### Changes between 1.1.1l and 1.1.1m [xx XXX xxxx] + + * Avoid loading of a dynamic engine twice. + + *Bernd Edlinger* + + * Prioritise DANE TLSA issuer certs over peer certs + + *Viktor Dukhovni* + + * Fixed random API for MacOS prior to 10.12 + + These MacOS versions don't support the CommonCrypto APIs + + *Lenny Primak* + ### Changes between 1.1.1k and 1.1.1l [24 Aug 2021] * Fixed an SM2 Decryption Buffer Overflow. diff -Nru openssl-3.0.0/Configurations/10-main.conf openssl-3.0.1/Configurations/10-main.conf --- openssl-3.0.0/Configurations/10-main.conf 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/Configurations/10-main.conf 2021-12-14 17:16:25.000000000 +0100 @@ -857,6 +857,7 @@ inherit_from => [ "linux-x86" ], CC => "clang", CXX => "clang++", + ex_libs => add(threads("-latomic")), }, "linux-x86_64" => { inherit_from => [ "linux-generic64" ], diff -Nru openssl-3.0.0/Configurations/15-ios.conf openssl-3.0.1/Configurations/15-ios.conf --- openssl-3.0.0/Configurations/15-ios.conf 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/Configurations/15-ios.conf 2021-12-14 17:16:25.000000000 +0100 @@ -10,7 +10,7 @@ template => 1, inherit_from => [ "darwin-common" ], sys_id => "iOS", - disable => [ "engine", "async" ], + disable => [ "shared", "async" ], }, "ios-xcrun" => { inherit_from => [ "ios-common" ], diff -Nru openssl-3.0.0/Configurations/descrip.mms.tmpl openssl-3.0.1/Configurations/descrip.mms.tmpl --- openssl-3.0.0/Configurations/descrip.mms.tmpl 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/Configurations/descrip.mms.tmpl 2021-12-14 17:16:25.000000000 +0100 @@ -9,7 +9,7 @@ (our $osslprefix_q = platform->osslprefix()) =~ s/\$/\\\$/; our $sover_dirname = platform->shlib_version_as_filename(); - our $osslver = sprintf "%02d%02d", split(/\./, $config{version}); + our $osslver = sprintf "%02d", split(/\./, $config{version}); our $sourcedir = $config{sourcedir}; our $builddir = $config{builddir}; @@ -110,9 +110,9 @@ @cnf_defines, 'OPENSSLDIR="""$(OPENSSLDIR_C)"""', 'ENGINESDIR="""$(ENGINESDIR_C)"""', - 'MODULESDIR="""$(MODULESDIR_C)"""', - #'$(DEFINES)' + 'MODULESDIR="""$(MODULESDIR_C)"""' ) + . '$(DEFINES)' . "'extradefines'"; our $lib_asflags = join(' ', $target{lib_asflags} || (), @{$config{lib_asflags}}, @@ -144,8 +144,8 @@ join(',', @{$target{dso_defines}}, @{$target{module_defines}}, @{$config{dso_defines}}, @{$config{module_defines}}, @cnf_defines, - #'$(DEFINES)' ) + . '$(DEFINES)' . "'extradefines'"; our $dso_asflags = join(' ', $target{dso_asflags} || (), $target{module_asflags} || (), @@ -180,8 +180,8 @@ join(',', @{$target{bin_defines}}, @{$config{bin_defines}}, @cnf_defines, - #'$(DEFINES)' ) + . '$(DEFINES)' . "'extradefines'"; our $bin_asflags = join(' ', $target{bin_asflags} || (), @@ -267,6 +267,7 @@ VERBOSE_FAILURE=$(VF) VERSION={- "$config{full_version}" -} +VERSION_NUMBER={- "$config{version}" -} MAJOR={- $config{major} -} MINOR={- $config{minor} -} SHLIB_VERSION_NUMBER={- $config{shlib_version} -} @@ -355,7 +356,7 @@ # Where installed ENGINE modules reside, for C ENGINESDIR_C={- platform->osslprefix() -}ENGINES{- $sover_dirname.$target{pointer_size} -}: # Where modules reside, for C -MODULESDIR_C={- platform->osslprefix() -}MODULES{- $sover_dirname.$target{pointer_size} -}: +MODULESDIR_C={- platform->osslprefix() -}MODULES{- $target{pointer_size} -}: ##### User defined commands and flags ################################ @@ -428,7 +429,9 @@ $(NODEBUG) ! them, so we create it instead. This is an unfortunate $(NODEBUG) ! necessity. $(NODEBUG) ! - $(NODEBUG) DEFINE openssl "{- sourcedir('include/openssl') -} + $(NODEBUG) openssl_inc1 = F$PARSE("[.include.openssl]","A.;",,,"syntax_only") - "A.;" + $(NODEBUG) openssl_inc2 = F$PARSE("sourcetop:[include.openssl]","A.;",,,"SYNTAX_ONLY") - "A.;" + $(NODEBUG) DEFINE openssl 'openssl_inc1','openssl_inc2' $(NODEBUG) ! $(NODEBUG) ! Figure out the architecture $(NODEBUG) ! @@ -441,9 +444,10 @@ .LAST : $(NODEBUG) {- join("\n\t\$(NODEBUG) ", map { "DEASSIGN ".uc($_) } @shlibs) || "!" -} + $(NODEBUG) DEASSIGN openssl $(NODEBUG) DEASSIGN ossl_dataroot $(NODEBUG) DEASSIGN ossl_installroot - $(NODEBUG) DEASSIGN openssl + $(NODEBUG) DEASSIGN ossl_sourceroot .DEFAULT : @ ! MMS cannot handle no actions... @@ -569,8 +573,10 @@ {- output_off() if $disabled{fips}; "" -} install_fips : build_sw $(INSTALL_FIPSMODULECONF) @ WRITE SYS$OUTPUT "*** Installing FIPS module" + - CREATE/DIR ossl_installroot:[MODULES{- $target{pointer_size} -}.'arch'] + - CREATE/DIR/PROT=(S:RWED,O:RWE,G:RE,W:RE) OSSL_DATAROOT:[000000] COPY/PROT=W:RE $(INSTALL_FIPSMODULES) - - ossl_installroot:[MODULES{- $sover_dirname.$target{pointer_size} -}.'arch']$(FIPSMODULENAME) + ossl_installroot:[MODULES{- $target{pointer_size} -}.'arch']$(FIPSMODULENAME) @ WRITE SYS$OUTPUT "*** Installing FIPS module configuration" COPY/PROT=W:RE $(INSTALL_FIPSMODULECONF) OSSL_DATAROOT:[000000] @@ -578,7 +584,7 @@ @ WRITE SYS$OUTPUT "*** Uninstalling FIPS module configuration" DELETE OSSL_DATAROOT:[000000]fipsmodule.cnf;* @ WRITE SYS$OUTPUT "*** Uninstalling FIPS module" - DELETE ossl_installroot:[MODULES{- $sover_dirname.$target{pointer_size} -}.'arch']$(FIPSMODULENAME);* + DELETE ossl_installroot:[MODULES{- $target{pointer_size} -}.'arch']$(FIPSMODULENAME);* {- output_on() if $disabled{fips}; "" -} install_ssldirs : check_INSTALLTOP @@ -607,7 +613,9 @@ @ WRITE SYS$OUTPUT "*** Installing development files" @ ! Install header files - CREATE/DIR ossl_installroot:[include.openssl] - COPY/PROT=W:R openssl:*.h ossl_installroot:[include.openssl] + COPY/PROT=W:R ossl_sourceroot:[include.openssl]*.h - + ossl_installroot:[include.openssl] + COPY/PROT=W:R [.include.openssl]*.h ossl_installroot:[include.openssl] @ ! Install static (development) libraries - CREATE/DIR ossl_installroot:[LIB.'arch'] {- join("\n ", @@ -626,9 +634,9 @@ install_modules : check_INSTALLTOP install_runtime_libs build_modules @ {- output_off() unless scalar @install_modules; "" -} ! @ WRITE SYS$OUTPUT "*** Installing modules" - - CREATE/DIR ossl_installroot:[MODULES{- $sover_dirname.$target{pointer_size} -}.'arch'] + - CREATE/DIR ossl_installroot:[MODULES{- $target{pointer_size} -}.'arch'] {- join("\n ", - map { "COPY/PROT=W:RE $_.EXE ossl_installroot:[MODULES$sover_dirname$target{pointer_size}.'arch']" } + map { "COPY/PROT=W:RE $_.EXE ossl_installroot:[MODULES$target{pointer_size}.'arch']" } @install_modules) -} @ {- output_on() unless scalar @install_modules; "" -} ! @@ -904,7 +912,7 @@ # my $target = platform->def($args{src}); my $mkdef = sourcefile('util', 'mkdef.pl'); - my $ord_ver = $args{intent} eq 'lib' ? ' --version $(VERSION)' : ''; + my $ord_ver = $args{intent} eq 'lib' ? ' --version $(VERSION_NUMBER)' : ''; my $ord_name = $args{generator}->[1] || basename($args{product}, '.EXE'); my $case_insensitive = diff -Nru openssl-3.0.0/Configurations/platform/Unix.pm openssl-3.0.1/Configurations/platform/Unix.pm --- openssl-3.0.0/Configurations/platform/Unix.pm 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/Configurations/platform/Unix.pm 2021-12-14 17:16:25.000000000 +0100 @@ -63,9 +63,21 @@ } sub sharedlib_simple { - return undef if $_[0]->shlibext() eq $_[0]->shlibextsimple(); - return platform::BASE::__concat($_[0]->sharedname_simple($_[1]), - $_[0]->shlibextsimple()); + # This function returns the simplified shared library name (no version + # or variant in the shared library file name) if the simple variants of + # the base name or the suffix differ from the full variants of the same. + + # Note: if $_[1] isn't a shared library name, then $_[0]->sharedname() + # and $_[0]->sharedname_simple() will return undef. This needs being + # accounted for. + my $name = $_[0]->sharedname($_[1]); + my $simplename = $_[0]->sharedname_simple($_[1]); + my $ext = $_[0]->shlibext(); + my $simpleext = $_[0]->shlibextsimple(); + + return undef unless defined $simplename && defined $name; + return undef if ($name eq $simplename && $ext eq $simpleext); + return platform::BASE::__concat($simplename, $simpleext); } sub sharedlib_import { diff -Nru openssl-3.0.0/Configurations/unix-Makefile.tmpl openssl-3.0.1/Configurations/unix-Makefile.tmpl --- openssl-3.0.0/Configurations/unix-Makefile.tmpl 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/Configurations/unix-Makefile.tmpl 2021-12-14 17:16:25.000000000 +0100 @@ -67,6 +67,7 @@ FIPSKEY={- $config{FIPSKEY} -} VERSION={- "$config{full_version}" -} +VERSION_NUMBER={- "$config{version}" -} MAJOR={- $config{major} -} MINOR={- $config{minor} -} SHLIB_VERSION_NUMBER={- $config{shlib_version} -} @@ -618,6 +619,7 @@ install_fips: build_sw $(INSTALL_FIPSMODULECONF) @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1) @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(MODULESDIR) + @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(OPENSSLDIR) @$(ECHO) "*** Installing FIPS module" @$(ECHO) "install $(INSTALL_FIPSMODULE) -> $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME)" @cp "$(INSTALL_FIPSMODULE)" $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).new @@ -691,11 +693,11 @@ @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1) @$(ECHO) "*** Installing development files" @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(INSTALLTOP)/include/openssl - @ : {- output_off() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "" -} + @ : {- output_off() if $disabled{uplink}; "" -} @$(ECHO) "install $(SRCDIR)/ms/applink.c -> $(DESTDIR)$(INSTALLTOP)/include/openssl/applink.c" @cp $(SRCDIR)/ms/applink.c $(DESTDIR)$(INSTALLTOP)/include/openssl/applink.c @chmod 644 $(DESTDIR)$(INSTALLTOP)/include/openssl/applink.c - @ : {- output_on() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "" -} + @ : {- output_on() if $disabled{uplink}; "" -} @set -e; for i in $(SRCDIR)/include/openssl/*.h \ $(BLDDIR)/include/openssl/*.h; do \ fn=`basename $$i`; \ @@ -765,10 +767,10 @@ uninstall_dev: uninstall_runtime_libs @$(ECHO) "*** Uninstalling development files" - @ : {- output_off() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "" -} + @ : {- output_off() if $disabled{uplink}; "" -} @$(ECHO) "$(RM) $(DESTDIR)$(INSTALLTOP)/include/openssl/applink.c" @$(RM) $(DESTDIR)$(INSTALLTOP)/include/openssl/applink.c - @ : {- output_on() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "" -} + @ : {- output_on() if $disabled{uplink}; "" -} @set -e; for i in $(SRCDIR)/include/openssl/*.h \ $(BLDDIR)/include/openssl/*.h; do \ fn=`basename $$i`; \ @@ -1305,23 +1307,23 @@ fill_lines(" ", $COLUMNS - 11, sort keys %sslheaders)) -} renumber: build_generated - $(PERL) $(SRCDIR)/util/mknum.pl --version $(VERSION) --no-warnings \ + $(PERL) $(SRCDIR)/util/mknum.pl --version $(VERSION_NUMBER) --no-warnings \ --ordinals $(SRCDIR)/util/libcrypto.num \ --symhacks $(SRCDIR)/include/openssl/symhacks.h \ --renumber \ $(CRYPTOHEADERS) - $(PERL) $(SRCDIR)/util/mknum.pl --version $(VERSION) --no-warnings \ + $(PERL) $(SRCDIR)/util/mknum.pl --version $(VERSION_NUMBER) --no-warnings \ --ordinals $(SRCDIR)/util/libssl.num \ --symhacks $(SRCDIR)/include/openssl/symhacks.h \ --renumber \ $(SSLHEADERS) ordinals: build_generated - $(PERL) $(SRCDIR)/util/mknum.pl --version $(VERSION) --no-warnings \ + $(PERL) $(SRCDIR)/util/mknum.pl --version $(VERSION_NUMBER) --no-warnings \ --ordinals $(SRCDIR)/util/libcrypto.num \ --symhacks $(SRCDIR)/include/openssl/symhacks.h \ $(CRYPTOHEADERS) - $(PERL) $(SRCDIR)/util/mknum.pl --version $(VERSION) --no-warnings \ + $(PERL) $(SRCDIR)/util/mknum.pl --version $(VERSION_NUMBER) --no-warnings \ --ordinals $(SRCDIR)/util/libssl.num \ --symhacks $(SRCDIR)/include/openssl/symhacks.h \ $(SSLHEADERS) @@ -1529,7 +1531,7 @@ # my $target = platform->def($args{src}); (my $mkdef_os = $target{shared_target}) =~ s|-shared$||; - my $ord_ver = $args{intent} eq 'lib' ? ' --version $(VERSION)' : ''; + my $ord_ver = $args{intent} eq 'lib' ? ' --version $(VERSION_NUMBER)' : ''; my $ord_name = $args{generator}->[1] || $args{product}; return <<"EOF"; $target: $gen0 $deps \$(SRCDIR)/util/mkdef.pl diff -Nru openssl-3.0.0/Configurations/windows-makefile.tmpl openssl-3.0.1/Configurations/windows-makefile.tmpl --- openssl-3.0.0/Configurations/windows-makefile.tmpl 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/Configurations/windows-makefile.tmpl 2021-12-14 17:16:25.000000000 +0100 @@ -41,6 +41,7 @@ FIPSKEY={- $config{FIPSKEY} -} VERSION={- "$config{full_version}" -} +VERSION_NUMBER={- "$config{version}" -} MAJOR={- $config{major} -} MINOR={- $config{minor} -} @@ -461,10 +462,10 @@ -del /Q /F $(LIBS) libcrypto.* libssl.* ossl_static.pdb clean: libclean - -rd /Q /S $(HTMLDOCS1_BLDDIRS) - -rd /Q /S $(HTMLDOCS3_BLDDIRS) - -rd /Q /S $(HTMLDOCS5_BLDDIRS) - -rd /Q /S $(HTMLDOCS7_BLDDIRS) + {- join("\n\t", map { "-del /Q /F $_" } @HTMLDOCS1) || "\@rem" -} + {- join("\n\t", map { "-del /Q /F $_" } @HTMLDOCS3) || "\@rem" -} + {- join("\n\t", map { "-del /Q /F $_" } @HTMLDOCS5) || "\@rem" -} + {- join("\n\t", map { "-del /Q /F $_" } @HTMLDOCS7) || "\@rem" -} {- join("\n\t", map { "-del /Q /F $_" } @PROGRAMS) || "\@rem" -} {- join("\n\t", map { "-del /Q /F $_" } @MODULES) || "\@rem" -} {- join("\n\t", map { "-del /Q /F $_" } @SCRIPTS) || "\@rem" -} @@ -499,6 +500,7 @@ install_fips: build_sw $(INSTALL_FIPSMODULECONF) # @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1) @$(PERL) $(SRCDIR)\util\mkdir-p.pl $(MODULESDIR) + @$(PERL) $(SRCDIR)\util\mkdir-p.pl $(OPENSSLDIR) @$(ECHO) "*** Installing FIPS module" @$(ECHO) "install $(INSTALL_FIPSMODULE) -> $(MODULESDIR)\$(FIPSMODULENAME)" @"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(INSTALL_FIPSMODULE)" "$(MODULESDIR)" @@ -541,10 +543,10 @@ @if "$(INSTALLTOP)"=="" ( $(ECHO) "INSTALLTOP should not be empty" & exit 1 ) @$(ECHO) "*** Installing development files" @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(INSTALLTOP)\include\openssl" - @{- output_off() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "" -} + @{- output_off() if $disabled{uplink}; "" -} @"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(SRCDIR)\ms\applink.c" \ "$(INSTALLTOP)\include\openssl" - @{- output_on() unless grep { $_ eq "OPENSSL_USE_APPLINK" } (@{$target{defines}}, @{$config{defines}}); "" -} + @{- output_on() if $disabled{uplink}; "" -} @"$(PERL)" "$(SRCDIR)\util\copy.pl" "-exclude_re=/__DECC_" \ "$(SRCDIR)\include\openssl\*.h" \ "$(INSTALLTOP)\include\openssl" @@ -727,7 +729,7 @@ my $mkdef = abs2rel(rel2abs(catfile($config{sourcedir}, "util", "mkdef.pl")), rel2abs($config{builddir})); - my $ord_ver = $args{intent} eq 'lib' ? ' --version $(VERSION)' : ''; + my $ord_ver = $args{intent} eq 'lib' ? ' --version $(VERSION_NUMBER)' : ''; my $ord_name = $args{generator}->[1] || platform->dsoname($args{product}); return <<"EOF"; @@ -981,6 +983,7 @@ @{$args{objs}}; my @deps = compute_lib_depends(@{$args{deps}}); my $objs = join($target{ld_resp_delim}, @objs); + my $ress = join($target{ld_resp_delim}, @ress); my $linklibs = join("", map { "$_$target{ld_resp_delim}" } @deps); my $deps = join(" ", @objs, @ress, @deps); return <<"EOF"; diff -Nru openssl-3.0.0/crypto/aes/build.info openssl-3.0.1/crypto/aes/build.info --- openssl-3.0.0/crypto/aes/build.info 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/aes/build.info 2021-12-14 17:16:25.000000000 +0100 @@ -5,7 +5,7 @@ $AESASM_x86=aes-586.s $AESDEF_x86=AES_ASM $AESASM_x86_sse2=vpaes-x86.s aesni-x86.s - $AESDEF_x86_sse2=VPAES_ASM + $AESDEF_x86_sse2=VPAES_ASM OPENSSL_IA32_SSE2 $AESASM_x86_64=\ aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s \ diff -Nru openssl-3.0.0/crypto/armcap.c openssl-3.0.1/crypto/armcap.c --- openssl-3.0.0/crypto/armcap.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/armcap.c 2021-12-14 17:16:25.000000000 +0100 @@ -112,20 +112,23 @@ * ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas * AArch64 used AT_HWCAP. */ +# ifndef AT_HWCAP +# define AT_HWCAP 16 +# endif +# ifndef AT_HWCAP2 +# define AT_HWCAP2 26 +# endif # if defined(__arm__) || defined (__arm) -# define HWCAP 16 - /* AT_HWCAP */ +# define HWCAP AT_HWCAP # define HWCAP_NEON (1 << 12) -# define HWCAP_CE 26 - /* AT_HWCAP2 */ +# define HWCAP_CE AT_HWCAP2 # define HWCAP_CE_AES (1 << 0) # define HWCAP_CE_PMULL (1 << 1) # define HWCAP_CE_SHA1 (1 << 2) # define HWCAP_CE_SHA256 (1 << 3) # elif defined(__aarch64__) -# define HWCAP 16 - /* AT_HWCAP */ +# define HWCAP AT_HWCAP # define HWCAP_NEON (1 << 1) # define HWCAP_CE HWCAP diff -Nru openssl-3.0.0/crypto/asn1/d2i_pu.c openssl-3.0.1/crypto/asn1/d2i_pu.c --- openssl-3.0.0/crypto/asn1/d2i_pu.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/asn1/d2i_pu.c 2021-12-14 17:16:25.000000000 +0100 @@ -29,16 +29,27 @@ long length) { EVP_PKEY *ret; + EVP_PKEY *copy = NULL; if ((a == NULL) || (*a == NULL)) { if ((ret = EVP_PKEY_new()) == NULL) { ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); return NULL; } - } else + } else { ret = *a; - if (type != EVP_PKEY_get_id(ret) && !EVP_PKEY_set_type(ret, type)) { +#ifndef OPENSSL_NO_EC + if (evp_pkey_is_provided(ret) + && EVP_PKEY_get_base_id(ret) == EVP_PKEY_EC) { + if (!evp_pkey_copy_downgraded(©, ret)) + goto err; + } +#endif + } + + if ((type != EVP_PKEY_get_id(ret) || copy != NULL) + && !EVP_PKEY_set_type(ret, type)) { ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); goto err; } @@ -52,7 +63,6 @@ break; #ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: - /* TMP UGLY CAST */ if (!d2i_DSAPublicKey(&ret->pkey.dsa, pp, length)) { ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto err; @@ -61,6 +71,11 @@ #endif #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: + if (copy != NULL) { + /* use downgraded parameters from copy */ + ret->pkey.ec = copy->pkey.ec; + copy->pkey.ec = NULL; + } if (!o2i_ECPublicKey(&ret->pkey.ec, pp, length)) { ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); goto err; @@ -73,9 +88,11 @@ } if (a != NULL) (*a) = ret; + EVP_PKEY_free(copy); return ret; err: if (a == NULL || *a != ret) EVP_PKEY_free(ret); + EVP_PKEY_free(copy); return NULL; } diff -Nru openssl-3.0.0/crypto/asn1/tasn_dec.c openssl-3.0.1/crypto/asn1/tasn_dec.c --- openssl-3.0.0/crypto/asn1/tasn_dec.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/asn1/tasn_dec.c 2021-12-14 17:16:25.000000000 +0100 @@ -648,9 +648,9 @@ break; } skfield = NULL; - if (!asn1_item_embed_d2i(&skfield, &p, len, + if (asn1_item_embed_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx, - depth, libctx, propq)) { + depth, libctx, propq) <= 0) { ERR_raise(ERR_LIB_ASN1, ERR_R_NESTED_ASN1_ERROR); /* |skfield| may be partially allocated despite failure. */ ASN1_item_free(skfield, ASN1_ITEM_ptr(tt->item)); diff -Nru openssl-3.0.0/crypto/async/async.c openssl-3.0.1/crypto/async/async.c --- openssl-3.0.0/crypto/async/async.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/async/async.c 2021-12-14 17:16:25.000000000 +0100 @@ -138,6 +138,10 @@ async_pool *pool; pool = (async_pool *)CRYPTO_THREAD_get_local(&poolkey); + if (pool == NULL) { + ERR_raise(ERR_LIB_ASYNC, ERR_R_INTERNAL_ERROR); + return; + } OPENSSL_free(job->funcargs); job->funcargs = NULL; sk_ASYNC_JOB_push(pool->jobs, job); @@ -148,6 +152,10 @@ ASYNC_JOB *job; async_ctx *ctx = async_get_ctx(); + if (ctx == NULL) { + ERR_raise(ERR_LIB_ASYNC, ERR_R_INTERNAL_ERROR); + return; + } while (1) { /* Run the job */ job = ctx->currjob; diff -Nru openssl-3.0.0/crypto/bio/bio_lib.c openssl-3.0.1/crypto/bio/bio_lib.c --- openssl-3.0.0/crypto/bio/bio_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/bio/bio_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -140,7 +140,7 @@ if (HAS_CALLBACK(a)) { ret = (int)bio_call_callback(a, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL); if (ret <= 0) - return ret; + return 0; } if ((a->method != NULL) && (a->method->destroy != NULL)) @@ -563,10 +563,8 @@ { long ret; - if (b == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_PASSED_NULL_PARAMETER); + if (b == NULL) return -1; - } if (b->method == NULL || b->method->ctrl == NULL) { ERR_raise(ERR_LIB_BIO, BIO_R_UNSUPPORTED_METHOD); return -2; @@ -591,10 +589,8 @@ { long ret; - if (b == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_PASSED_NULL_PARAMETER); + if (b == NULL) return -2; - } if (b->method == NULL || b->method->callback_ctrl == NULL || cmd != BIO_CTRL_SET_CALLBACK) { ERR_raise(ERR_LIB_BIO, BIO_R_UNSUPPORTED_METHOD); @@ -655,10 +651,8 @@ { BIO *ret; - if (b == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_PASSED_NULL_PARAMETER); + if (b == NULL) return NULL; - } ret = b->next_bio; BIO_ctrl(b, BIO_CTRL_POP, 0, b); @@ -728,10 +722,8 @@ BIO *BIO_next(BIO *b) { - if (b == NULL) { - ERR_raise(ERR_LIB_BIO, ERR_R_PASSED_NULL_PARAMETER); + if (b == NULL) return NULL; - } return b->next_bio; } diff -Nru openssl-3.0.0/crypto/bio/bss_mem.c openssl-3.0.1/crypto/bio/bss_mem.c --- openssl-3.0.0/crypto/bio/bss_mem.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/bio/bss_mem.c 2021-12-14 17:16:25.000000000 +0100 @@ -254,7 +254,7 @@ bm = bbm->readp; bo = bbm->buf; } - off = bm->data - bo->data; + off = (bm->data == bo->data) ? 0 : bm->data - bo->data; remain = bm->length; switch (cmd) { @@ -277,7 +277,7 @@ if (num < 0 || num > off + remain) return -1; /* Can't see outside of the current buffer */ - bm->data = bo->data + num; + bm->data = (num != 0) ? bo->data + num : bo->data; bm->length = bo->length - num; bm->max = bo->max - num; off = num; diff -Nru openssl-3.0.0/crypto/bn/asm/mips.pl openssl-3.0.1/crypto/bn/asm/mips.pl --- openssl-3.0.0/crypto/bn/asm/mips.pl 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/bn/asm/mips.pl 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2010-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -1986,6 +1986,8 @@ sltu $at,$c_2,$t_1 $ADDU $c_3,$t_2,$at $ST $c_2,$BNSZ($a0) + sltu $at,$c_3,$t_2 + $ADDU $c_1,$at mflo ($t_1,$a_2,$a_0) mfhi ($t_2,$a_2,$a_0) ___ @@ -2196,6 +2198,8 @@ sltu $at,$c_2,$t_1 $ADDU $c_3,$t_2,$at $ST $c_2,$BNSZ($a0) + sltu $at,$c_3,$t_2 + $ADDU $c_1,$at mflo ($t_1,$a_2,$a_0) mfhi ($t_2,$a_2,$a_0) ___ diff -Nru openssl-3.0.0/crypto/bn/bn_lib.c openssl-3.0.1/crypto/bn/bn_lib.c --- openssl-3.0.0/crypto/bn/bn_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/bn/bn_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -505,7 +505,8 @@ /* Swipe through whole available data and don't give away padded zero. */ atop = a->dmax * BN_BYTES; if (atop == 0) { - OPENSSL_cleanse(to, tolen); + if (tolen != 0) + memset(to, '\0', tolen); return tolen; } diff -Nru openssl-3.0.0/crypto/bn/bn_rand.c openssl-3.0.1/crypto/bn/bn_rand.c --- openssl-3.0.0/crypto/bn/bn_rand.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/bn/bn_rand.c 2021-12-14 17:16:25.000000000 +0100 @@ -287,7 +287,7 @@ goto err; } for (done = 0; done < num_k_bytes;) { - if (!RAND_priv_bytes_ex(libctx, random_bytes, sizeof(random_bytes), 0)) + if (RAND_priv_bytes_ex(libctx, random_bytes, sizeof(random_bytes), 0) <= 0) goto err; if (!EVP_DigestInit_ex(mdctx, md, NULL) diff -Nru openssl-3.0.0/crypto/bn/bn_rsa_fips186_4.c openssl-3.0.1/crypto/bn/bn_rsa_fips186_4.c --- openssl-3.0.0/crypto/bn/bn_rsa_fips186_4.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/bn/bn_rsa_fips186_4.c 2021-12-14 17:16:25.000000000 +0100 @@ -106,6 +106,7 @@ { int ret = 0; int i = 0; + int tmp = 0; if (BN_copy(p1, Xp1) == NULL) return 0; @@ -116,8 +117,11 @@ i++; BN_GENCB_call(cb, 0, i); /* MR test with trial division */ - if (BN_check_prime(p1, ctx, cb)) + tmp = BN_check_prime(p1, ctx, cb); + if (tmp > 0) break; + if (tmp < 0) + goto err; /* Get next odd number */ if (!BN_add_word(p1, 2)) goto err; @@ -329,8 +333,14 @@ || !BN_sub_word(y1, 1) || !BN_gcd(tmp, y1, e, ctx)) goto err; - if (BN_is_one(tmp) && BN_check_prime(Y, ctx, cb)) - goto end; + if (BN_is_one(tmp)) { + int rv = BN_check_prime(Y, ctx, cb); + + if (rv > 0) + goto end; + if (rv < 0) + goto err; + } /* (Step 8-10) */ if (++i >= imax || !BN_add(Y, Y, r1r2x2)) goto err; diff -Nru openssl-3.0.0/crypto/bn/rsaz_exp_x2.c openssl-3.0.1/crypto/bn/rsaz_exp_x2.c --- openssl-3.0.0/crypto/bn/rsaz_exp_x2.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/bn/rsaz_exp_x2.c 2021-12-14 17:16:25.000000000 +0100 @@ -14,6 +14,7 @@ */ #include +#include #include "rsaz_exp.h" #ifndef RSAZ_ENABLED @@ -310,14 +311,23 @@ /* Exponentiation */ { - int rem = BITSIZE_MODULUS % EXP_WIN_SIZE; - int delta = rem ? rem : EXP_WIN_SIZE; + const int rem = BITSIZE_MODULUS % EXP_WIN_SIZE; BN_ULONG table_idx_mask = EXP_WIN_MASK; - int exp_bit_no = BITSIZE_MODULUS - delta; + int exp_bit_no = BITSIZE_MODULUS - rem; int exp_chunk_no = exp_bit_no / 64; int exp_chunk_shift = exp_bit_no % 64; + /* + * If rem == 0, then + * exp_bit_no = modulus_bitsize - exp_win_size + * However, this isn't possible because rem is { 1024, 1536, 2048 } % 5 + * which is { 4, 1, 3 } respectively. + * + * If this assertion ever fails the fix above is easy. + */ + OPENSSL_assert(rem != 0); + /* Process 1-st exp window - just init result */ BN_ULONG red_table_idx_0 = expz[0][exp_chunk_no]; BN_ULONG red_table_idx_1 = expz[1][exp_chunk_no]; diff -Nru openssl-3.0.0/crypto/cmac/cmac.c openssl-3.0.1/crypto/cmac/cmac.c --- openssl-3.0.0/crypto/cmac/cmac.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/cmac/cmac.c 2021-12-14 17:16:25.000000000 +0100 @@ -227,7 +227,7 @@ for (i = 0; i < bl; i++) out[i] = ctx->last_block[i] ^ ctx->k2[i]; } - if (!EVP_Cipher(ctx->cctx, out, out, bl)) { + if (EVP_Cipher(ctx->cctx, out, out, bl) <= 0) { OPENSSL_cleanse(out, bl); return 0; } diff -Nru openssl-3.0.0/crypto/cmp/cmp_msg.c openssl-3.0.1/crypto/cmp/cmp_msg.c --- openssl-3.0.0/crypto/cmp/cmp_msg.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/cmp/cmp_msg.c 2021-12-14 17:16:25.000000000 +0100 @@ -1100,9 +1100,8 @@ return NULL; } - if ((bio = BIO_new_file(file, "rb")) == NULL) - return NULL; - if (d2i_OSSL_CMP_MSG_bio(bio, &msg) == NULL) { + if ((bio = BIO_new_file(file, "rb")) == NULL + || d2i_OSSL_CMP_MSG_bio(bio, &msg) == NULL) { OSSL_CMP_MSG_free(msg); msg = NULL; } diff -Nru openssl-3.0.0/crypto/cmp/cmp_server.c openssl-3.0.1/crypto/cmp/cmp_server.c --- openssl-3.0.0/crypto/cmp/cmp_server.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/cmp/cmp_server.c 2021-12-14 17:16:25.000000000 +0100 @@ -457,6 +457,9 @@ } ctx = srv_ctx->ctx; backup_secret = ctx->secretValue; + req_type = OSSL_CMP_MSG_get_bodytype(req); + ossl_cmp_log1(DEBUG, ctx, + "received %s", ossl_cmp_bodytype_to_string(req_type)); /* * Some things need to be done already before validating the message in @@ -469,7 +472,6 @@ if (!OSSL_CMP_CTX_set1_recipient(ctx, hdr->sender->d.directoryName)) goto err; - req_type = OSSL_CMP_MSG_get_bodytype(req); switch (req_type) { case OSSL_CMP_PKIBODY_IR: case OSSL_CMP_PKIBODY_CR: @@ -503,8 +505,6 @@ #endif } } - ossl_cmp_log1(DEBUG, ctx, - "received %s", ossl_cmp_bodytype_to_string(req_type)); res = ossl_cmp_msg_check_update(ctx, req, unprotected_exception, srv_ctx->acceptUnprotected); diff -Nru openssl-3.0.0/crypto/cmp/cmp_vfy.c openssl-3.0.1/crypto/cmp/cmp_vfy.c --- openssl-3.0.0/crypto/cmp/cmp_vfy.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/cmp/cmp_vfy.c 2021-12-14 17:16:25.000000000 +0100 @@ -27,12 +27,14 @@ { OSSL_CMP_PROTECTEDPART prot_part; EVP_PKEY *pubkey = NULL; - BIO *bio = BIO_new(BIO_s_mem()); /* may be NULL */ + BIO *bio; int res = 0; if (!ossl_assert(cmp_ctx != NULL && msg != NULL && cert != NULL)) return 0; + bio = BIO_new(BIO_s_mem()); /* may be NULL */ + /* verify that keyUsage, if present, contains digitalSignature */ if (!cmp_ctx->ignore_keyusage && (X509_get_key_usage(cert) & X509v3_KU_DIGITAL_SIGNATURE) == 0) { diff -Nru openssl-3.0.0/crypto/cms/cms_dh.c openssl-3.0.1/crypto/cms/cms_dh.c --- openssl-3.0.0/crypto/cms/cms_dh.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/cms/cms_dh.c 2021-12-14 17:16:25.000000000 +0100 @@ -118,7 +118,7 @@ if (kekctx == NULL) goto err; - if (!OBJ_obj2txt(name, sizeof(name), kekalg->algorithm, 0)) + if (OBJ_obj2txt(name, sizeof(name), kekalg->algorithm, 0) <= 0) goto err; kekcipher = EVP_CIPHER_fetch(pctx->libctx, name, pctx->propquery); diff -Nru openssl-3.0.0/crypto/cms/cms_ec.c openssl-3.0.1/crypto/cms/cms_ec.c --- openssl-3.0.0/crypto/cms/cms_ec.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/cms/cms_ec.c 2021-12-14 17:16:25.000000000 +0100 @@ -47,7 +47,7 @@ pctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", propq); if (pctx == NULL || EVP_PKEY_paramgen_init(pctx) <= 0) goto err; - if (!OBJ_obj2txt(groupname, sizeof(groupname), poid, 0) + if (OBJ_obj2txt(groupname, sizeof(groupname), poid, 0) <= 0 || !EVP_PKEY_CTX_set_group_name(pctx, groupname)) { ERR_raise(ERR_LIB_CMS, CMS_R_DECODE_ERROR); goto err; diff -Nru openssl-3.0.0/crypto/cms/cms_pwri.c openssl-3.0.1/crypto/cms/cms_pwri.c --- openssl-3.0.0/crypto/cms/cms_pwri.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/cms/cms_pwri.c 2021-12-14 17:16:25.000000000 +0100 @@ -85,6 +85,10 @@ goto merr; } ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) { + ERR_raise(ERR_LIB_CMS, ERR_R_MALLOC_FAILURE); + goto err; + } if (EVP_EncryptInit_ex(ctx, kekciph, NULL, NULL, NULL) <= 0) { ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB); diff -Nru openssl-3.0.0/crypto/cms/cms_sd.c openssl-3.0.1/crypto/cms/cms_sd.c --- openssl-3.0.0/crypto/cms/cms_sd.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/cms/cms_sd.c 2021-12-14 17:16:25.000000000 +0100 @@ -784,8 +784,8 @@ const CMS_CTX *ctx = si->cms_ctx; char md_name[OSSL_MAX_NAME_SIZE]; - if (!OBJ_obj2txt(md_name, sizeof(md_name), - si->digestAlgorithm->algorithm, 0)) + if (OBJ_obj2txt(md_name, sizeof(md_name), + si->digestAlgorithm->algorithm, 0) <= 0) return 0; if (CMS_signed_get_attr_by_NID(si, NID_pkcs9_signingTime, -1) < 0) { diff -Nru openssl-3.0.0/crypto/cms/cms_smime.c openssl-3.0.1/crypto/cms/cms_smime.c --- openssl-3.0.0/crypto/cms/cms_smime.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/cms/cms_smime.c 2021-12-14 17:16:25.000000000 +0100 @@ -608,6 +608,8 @@ /* Set embedded content */ pos = CMS_get0_content(cms); + if (pos == NULL) + goto err; *pos = os; r = 1; diff -Nru openssl-3.0.0/crypto/comp/c_zlib.c openssl-3.0.1/crypto/comp/c_zlib.c --- openssl-3.0.0/crypto/comp/c_zlib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/comp/c_zlib.c 2021-12-14 17:16:25.000000000 +0100 @@ -380,7 +380,11 @@ ERR_raise(ERR_LIB_COMP, ERR_R_MALLOC_FAILURE); return 0; } - inflateInit(zin); + if ((ret = inflateInit(zin)) != Z_OK) { + ERR_raise_data(ERR_LIB_COMP, COMP_R_ZLIB_INFLATE_ERROR, + "zlib error: %s", zError(ret)); + return 0; + } zin->next_in = ctx->ibuf; zin->avail_in = 0; } @@ -443,7 +447,11 @@ } ctx->optr = ctx->obuf; ctx->ocount = 0; - deflateInit(zout, ctx->comp_level); + if ((ret = deflateInit(zout, ctx->comp_level)) != Z_OK) { + ERR_raise_data(ERR_LIB_COMP, COMP_R_ZLIB_DEFLATE_ERROR, + "zlib error: %s", zError(ret)); + return 0; + } zout->next_out = ctx->obuf; zout->avail_out = ctx->obufsize; } diff -Nru openssl-3.0.0/crypto/conf/conf_api.c openssl-3.0.1/crypto/conf/conf_api.c --- openssl-3.0.0/crypto/conf/conf_api.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/conf/conf_api.c 2021-12-14 17:16:25.000000000 +0100 @@ -135,7 +135,11 @@ void _CONF_free_data(CONF *conf) { - if (conf == NULL || conf->data == NULL) + if (conf == NULL) + return; + + OPENSSL_free(conf->includedir); + if (conf->data == NULL) return; /* evil thing to make sure the 'OPENSSL_free()' works as expected */ @@ -147,7 +151,6 @@ * with */ - OPENSSL_free(conf->includedir); lh_CONF_VALUE_doall(conf->data, value_free_stack_doall); lh_CONF_VALUE_free(conf->data); } diff -Nru openssl-3.0.0/crypto/conf/conf_def.c openssl-3.0.1/crypto/conf/conf_def.c --- openssl-3.0.0/crypto/conf/conf_def.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/conf/conf_def.c 2021-12-14 17:16:25.000000000 +0100 @@ -424,6 +424,7 @@ if (!parsebool(pval, &conf->flag_abspath)) goto err; } else if (strcmp(p, "includedir") == 0) { + OPENSSL_free(conf->includedir); if ((conf->includedir = OPENSSL_strdup(pval)) == NULL) { ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); goto err; @@ -474,6 +475,7 @@ if (conf->flag_abspath && !ossl_is_absolute_path(include_path)) { ERR_raise(ERR_LIB_CONF, CONF_R_RELATIVE_PATH); + OPENSSL_free(include_path); goto err; } diff -Nru openssl-3.0.0/crypto/context.c openssl-3.0.1/crypto/context.c --- openssl-3.0.0/crypto/context.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/context.c 2021-12-14 17:16:25.000000000 +0100 @@ -240,6 +240,10 @@ if (ossl_lib_ctx_is_default(ctx)) return; +#ifndef FIPS_MODULE + if (ctx->ischild) + ossl_provider_deinit_child(ctx); +#endif context_deinit(ctx); OPENSSL_free(ctx); } diff -Nru openssl-3.0.0/crypto/core_algorithm.c openssl-3.0.1/crypto/core_algorithm.c --- openssl-3.0.0/crypto/core_algorithm.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/core_algorithm.c 2021-12-14 17:16:25.000000000 +0100 @@ -105,10 +105,23 @@ cbdata.post = post; cbdata.data = data; - if (provider == NULL) + if (provider == NULL) { ossl_provider_doall_activated(libctx, algorithm_do_this, &cbdata); - else + } else { + OSSL_LIB_CTX *libctx2 = ossl_provider_libctx(provider); + + /* + * If a provider is given, its library context MUST match the library + * context we're passed. If this turns out not to be true, there is + * a programming error in the functions up the call stack. + */ + if (!ossl_assert(ossl_lib_ctx_get_concrete(libctx) + == ossl_lib_ctx_get_concrete(libctx2))) + return; + + cbdata.libctx = libctx2; algorithm_do_this(provider, &cbdata); + } } char *ossl_algorithm_get1_first_name(const OSSL_ALGORITHM *algo) diff -Nru openssl-3.0.0/crypto/core_fetch.c openssl-3.0.1/crypto/core_fetch.c --- openssl-3.0.0/crypto/core_fetch.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/core_fetch.c 2021-12-14 17:16:25.000000000 +0100 @@ -105,19 +105,21 @@ } void *ossl_method_construct(OSSL_LIB_CTX *libctx, int operation_id, - int force_store, + OSSL_PROVIDER **provider_rw, int force_store, OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data) { void *method = NULL; - if ((method = mcm->get(NULL, mcm_data)) == NULL) { + if ((method = mcm->get(NULL, (const OSSL_PROVIDER **)provider_rw, + mcm_data)) == NULL) { + OSSL_PROVIDER *provider = provider_rw != NULL ? *provider_rw : NULL; struct construct_data_st cbdata; cbdata.store = NULL; cbdata.force_store = force_store; cbdata.mcm = mcm; cbdata.mcm_data = mcm_data; - ossl_algorithm_do_all(libctx, operation_id, NULL, + ossl_algorithm_do_all(libctx, operation_id, provider, ossl_method_construct_precondition, ossl_method_construct_this, ossl_method_construct_postcondition, @@ -125,11 +127,12 @@ /* If there is a temporary store, try there first */ if (cbdata.store != NULL) - method = mcm->get(cbdata.store, mcm_data); + method = mcm->get(cbdata.store, (const OSSL_PROVIDER **)provider_rw, + mcm_data); /* If no method was found yet, try the global store */ if (method == NULL) - method = mcm->get(NULL, mcm_data); + method = mcm->get(NULL, (const OSSL_PROVIDER **)provider_rw, mcm_data); } return method; diff -Nru openssl-3.0.0/crypto/core_namemap.c openssl-3.0.1/crypto/core_namemap.c --- openssl-3.0.0/crypto/core_namemap.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/core_namemap.c 2021-12-14 17:16:25.000000000 +0100 @@ -397,7 +397,7 @@ if ((obj = OBJ_nid2obj(nid)) != NULL) { char txtoid[OSSL_MAX_NAME_SIZE]; - if (OBJ_obj2txt(txtoid, sizeof(txtoid), obj, 1)) + if (OBJ_obj2txt(txtoid, sizeof(txtoid), obj, 1) > 0) num = ossl_namemap_add_name(arg, num, txtoid); } } diff -Nru openssl-3.0.0/crypto/cpt_err.c openssl-3.0.1/crypto/cpt_err.c --- openssl-3.0.0/crypto/cpt_err.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/cpt_err.c 2021-12-14 17:16:25.000000000 +0100 @@ -29,6 +29,8 @@ "insufficient param size"}, {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE), "insufficient secure data space"}, + {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INVALID_NEGATIVE_VALUE), + "invalid negative value"}, {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INVALID_NULL_ARGUMENT), "invalid null argument"}, {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INVALID_OSSL_PARAM_TYPE), diff -Nru openssl-3.0.0/crypto/crmf/crmf_pbm.c openssl-3.0.1/crypto/crmf/crmf_pbm.c --- openssl-3.0.0/crypto/crmf/crmf_pbm.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/crmf/crmf_pbm.c 2021-12-14 17:16:25.000000000 +0100 @@ -200,8 +200,8 @@ mac_nid = OBJ_obj2nid(pbmp->mac->algorithm); if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, mac_nid, NULL, &hmac_md_nid, NULL) - || !OBJ_obj2txt(hmac_mdname, sizeof(hmac_mdname), - OBJ_nid2obj(hmac_md_nid), 0)) { + || OBJ_obj2txt(hmac_mdname, sizeof(hmac_mdname), + OBJ_nid2obj(hmac_md_nid), 0) <= 0) { ERR_raise(ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_ALGORITHM); goto err; } diff -Nru openssl-3.0.0/crypto/des/set_key.c openssl-3.0.1/crypto/des/set_key.c --- openssl-3.0.0/crypto/des/set_key.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/des/set_key.c 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -23,6 +23,8 @@ #include "internal/deprecated.h" #include +#include "internal/constant_time.h" +#include "internal/nelem.h" #include "des_local.h" static const unsigned char odd_parity[256] = { @@ -62,15 +64,23 @@ (*key)[i] = odd_parity[(*key)[i]]; } +/* + * Check that a key has the correct parity. + * Return 1 if parity is okay and 0 if not. + */ int DES_check_key_parity(const_DES_cblock *key) { unsigned int i; + unsigned char res = 0377, b; for (i = 0; i < DES_KEY_SZ; i++) { - if ((*key)[i] != odd_parity[(*key)[i]]) - return 0; + b = (*key)[i]; + b ^= b >> 4; + b ^= b >> 2; + b ^= b >> 1; + res &= constant_time_eq_8(b & 1, 1); } - return 1; + return (int)(res & 1); } /*- @@ -81,8 +91,7 @@ * %I John Wiley & Sons * %D 1984 */ -#define NUM_WEAK_KEY 16 -static const DES_cblock weak_keys[NUM_WEAK_KEY] = { +static const DES_cblock weak_keys[] = { /* weak keys */ {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}, {0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE}, @@ -103,14 +112,20 @@ {0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1} }; +/* + * Check for weak keys. + * Return 1 if the key is weak and 0 otherwise. + */ int DES_is_weak_key(const_DES_cblock *key) { - int i; + unsigned int i, res = 0; + int j; - for (i = 0; i < NUM_WEAK_KEY; i++) - if (memcmp(weak_keys[i], key, sizeof(DES_cblock)) == 0) - return 1; - return 0; + for (i = 0; i < OSSL_NELEM(weak_keys); i++) { + j = CRYPTO_memcmp(weak_keys[i], key, sizeof(DES_cblock)); + res |= constant_time_is_zero((unsigned int)j); + } + return (int)(res & 1); } /*- @@ -279,9 +294,17 @@ } }; +/* Return values as DES_set_key_checked() but always set the key */ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule) { - return DES_set_key_checked(key, schedule); + int ret = 0; + + if (!DES_check_key_parity(key)) + ret = -1; + if (DES_is_weak_key(key)) + ret = -2; + DES_set_key_unchecked(key, schedule); + return ret; } /*- diff -Nru openssl-3.0.0/crypto/dh/dh_ameth.c openssl-3.0.1/crypto/dh/dh_ameth.c --- openssl-3.0.0/crypto/dh/dh_ameth.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/dh/dh_ameth.c 2021-12-14 17:16:25.000000000 +0100 @@ -311,7 +311,7 @@ static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) { - return ossl_ffc_params_cmp(&a->pkey.dh->params, &a->pkey.dh->params, + return ossl_ffc_params_cmp(&a->pkey.dh->params, &b->pkey.dh->params, a->ameth != &ossl_dhx_asn1_meth); } diff -Nru openssl-3.0.0/crypto/dh/dh_kdf.c openssl-3.0.1/crypto/dh/dh_kdf.c --- openssl-3.0.0/crypto/dh/dh_kdf.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/dh/dh_kdf.c 2021-12-14 17:16:25.000000000 +0100 @@ -70,7 +70,7 @@ const OSSL_PROVIDER *prov = EVP_MD_get0_provider(md); OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); - if (!OBJ_obj2txt(key_alg, sizeof(key_alg), key_oid, 0)) + if (OBJ_obj2txt(key_alg, sizeof(key_alg), key_oid, 0) <= 0) return 0; return ossl_dh_kdf_X9_42_asn1(out, outlen, Z, Zlen, key_alg, diff -Nru openssl-3.0.0/crypto/dsa/dsa_sign.c openssl-3.0.1/crypto/dsa/dsa_sign.c --- openssl-3.0.0/crypto/dsa/dsa_sign.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/dsa/dsa_sign.c 2021-12-14 17:16:25.000000000 +0100 @@ -65,7 +65,8 @@ sig->r = BN_new(); if (sig->s == NULL) sig->s = BN_new(); - if (ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) { + if (sig->r == NULL || sig->s == NULL + || ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) { if (psig == NULL || *psig == NULL) DSA_SIG_free(sig); return NULL; diff -Nru openssl-3.0.0/crypto/dso/dso_lib.c openssl-3.0.1/crypto/dso/dso_lib.c --- openssl-3.0.0/crypto/dso/dso_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/dso/dso_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -10,20 +10,10 @@ #include "dso_local.h" #include "internal/refcount.h" -static DSO_METHOD *default_DSO_meth = NULL; - static DSO *DSO_new_method(DSO_METHOD *meth) { DSO *ret; - if (default_DSO_meth == NULL) { - /* - * We default to DSO_METH_openssl() which in turn defaults to - * stealing the "best available" method. Will fallback to - * DSO_METH_null() in the worst case. - */ - default_DSO_meth = DSO_METHOD_openssl(); - } ret = OPENSSL_zalloc(sizeof(*ret)); if (ret == NULL) { ERR_raise(ERR_LIB_DSO, ERR_R_MALLOC_FAILURE); @@ -36,7 +26,7 @@ OPENSSL_free(ret); return NULL; } - ret->meth = default_DSO_meth; + ret->meth = DSO_METHOD_openssl(); ret->references = 1; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { @@ -309,9 +299,8 @@ int DSO_pathbyaddr(void *addr, char *path, int sz) { - DSO_METHOD *meth = default_DSO_meth; - if (meth == NULL) - meth = DSO_METHOD_openssl(); + DSO_METHOD *meth = DSO_METHOD_openssl(); + if (meth->pathbyaddr == NULL) { ERR_raise(ERR_LIB_DSO, DSO_R_UNSUPPORTED); return -1; @@ -339,9 +328,8 @@ void *DSO_global_lookup(const char *name) { - DSO_METHOD *meth = default_DSO_meth; - if (meth == NULL) - meth = DSO_METHOD_openssl(); + DSO_METHOD *meth = DSO_METHOD_openssl(); + if (meth->globallookup == NULL) { ERR_raise(ERR_LIB_DSO, DSO_R_UNSUPPORTED); return NULL; diff -Nru openssl-3.0.0/crypto/ec/ec_asn1.c openssl-3.0.1/crypto/ec/ec_asn1.c --- openssl-3.0.0/crypto/ec/ec_asn1.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/ec/ec_asn1.c 2021-12-14 17:16:25.000000000 +0100 @@ -1223,7 +1223,8 @@ sig->r = BN_new(); if (sig->s == NULL) sig->s = BN_new(); - if (ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) { + if (sig->r == NULL || sig->s == NULL + || ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) { if (psig == NULL || *psig == NULL) ECDSA_SIG_free(sig); return NULL; diff -Nru openssl-3.0.0/crypto/ec/ec_deprecated.c openssl-3.0.1/crypto/ec/ec_deprecated.c --- openssl-3.0.0/crypto/ec/ec_deprecated.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/ec/ec_deprecated.c 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -52,7 +52,7 @@ return NULL; } - if (!BN_bn2binpad(bn, buf, buf_len)) { + if (BN_bn2binpad(bn, buf, buf_len) < 0) { OPENSSL_free(buf); return NULL; } diff -Nru openssl-3.0.0/crypto/ec/ecx_backend.c openssl-3.0.1/crypto/ec/ecx_backend.c --- openssl-3.0.0/crypto/ec/ecx_backend.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/ec/ecx_backend.c 2021-12-14 17:16:25.000000000 +0100 @@ -70,11 +70,23 @@ if (param_pub_key == NULL && param_priv_key == NULL) return 0; - if (param_priv_key != NULL - && !OSSL_PARAM_get_octet_string(param_priv_key, - (void **)&ecx->privkey, ecx->keylen, - &privkeylen)) - return 0; + if (param_priv_key != NULL) { + if (!OSSL_PARAM_get_octet_string(param_priv_key, + (void **)&ecx->privkey, ecx->keylen, + &privkeylen)) + return 0; + if (privkeylen != ecx->keylen) { + /* + * Invalid key length. We will clear what we've received now. We + * can't leave it to ossl_ecx_key_free() because that will call + * OPENSSL_secure_clear_free() and assume the correct key length + */ + OPENSSL_secure_clear_free(ecx->privkey, privkeylen); + ecx->privkey = NULL; + return 0; + } + } + pubkey = ecx->pubkey; if (param_pub_key != NULL @@ -83,8 +95,7 @@ sizeof(ecx->pubkey), &pubkeylen)) return 0; - if ((param_pub_key != NULL && pubkeylen != ecx->keylen) - || (param_priv_key != NULL && privkeylen != ecx->keylen)) + if ((param_pub_key != NULL && pubkeylen != ecx->keylen)) return 0; if (param_pub_key == NULL && !ossl_ecx_public_from_private(ecx)) diff -Nru openssl-3.0.0/crypto/encode_decode/decoder_meth.c openssl-3.0.1/crypto/encode_decode/decoder_meth.c --- openssl-3.0.0/crypto/encode_decode/decoder_meth.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/encode_decode/decoder_meth.c 2021-12-14 17:16:25.000000000 +0100 @@ -125,7 +125,8 @@ } /* Get decoder methods from a store, or put one in */ -static void *get_decoder_from_store(void *store, void *data) +static void *get_decoder_from_store(void *store, const OSSL_PROVIDER **prov, + void *data) { struct decoder_data_st *methdata = data; void *method = NULL; @@ -154,7 +155,7 @@ && (store = get_decoder_store(methdata->libctx)) == NULL) return NULL; - if (!ossl_method_store_fetch(store, id, methdata->propquery, &method)) + if (!ossl_method_store_fetch(store, id, methdata->propquery, prov, &method)) return NULL; return method; } @@ -366,7 +367,7 @@ unsupported = 1; if (id == 0 - || !ossl_method_store_cache_get(store, id, properties, &method)) { + || !ossl_method_store_cache_get(store, NULL, id, properties, &method)) { OSSL_METHOD_CONSTRUCT_METHOD mcm = { get_tmp_decoder_store, get_decoder_from_store, @@ -380,7 +381,7 @@ methdata->propquery = properties; methdata->flag_construct_error_occurred = 0; if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_DECODER, - 0 /* !force_cache */, + NULL, 0 /* !force_cache */, &mcm, methdata)) != NULL) { /* * If construction did create a method for us, we know that @@ -391,7 +392,7 @@ if (id == 0 && name != NULL) id = ossl_namemap_name2num(namemap, name); if (id != 0) - ossl_method_store_cache_set(store, id, properties, method, + ossl_method_store_cache_set(store, NULL, id, properties, method, up_ref_decoder, free_decoder); } diff -Nru openssl-3.0.0/crypto/encode_decode/encoder_lib.c openssl-3.0.1/crypto/encode_decode/encoder_lib.c --- openssl-3.0.0/crypto/encode_decode/encoder_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/encode_decode/encoder_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -92,7 +92,7 @@ int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata, size_t *pdata_len) { - BIO *out = BIO_new(BIO_s_mem()); + BIO *out; BUF_MEM *buf = NULL; int ret = 0; @@ -101,7 +101,10 @@ return 0; } - if (OSSL_ENCODER_to_bio(ctx, out) + out = BIO_new(BIO_s_mem()); + + if (out != NULL + && OSSL_ENCODER_to_bio(ctx, out) && BIO_get_mem_ptr(out, &buf) > 0) { ret = 1; /* Hope for the best. A too small buffer will clear this */ diff -Nru openssl-3.0.0/crypto/encode_decode/encoder_meth.c openssl-3.0.1/crypto/encode_decode/encoder_meth.c --- openssl-3.0.0/crypto/encode_decode/encoder_meth.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/encode_decode/encoder_meth.c 2021-12-14 17:16:25.000000000 +0100 @@ -125,7 +125,8 @@ } /* Get encoder methods from a store, or put one in */ -static void *get_encoder_from_store(void *store, void *data) +static void *get_encoder_from_store(void *store, const OSSL_PROVIDER **prov, + void *data) { struct encoder_data_st *methdata = data; void *method = NULL; @@ -154,7 +155,7 @@ && (store = get_encoder_store(methdata->libctx)) == NULL) return NULL; - if (!ossl_method_store_fetch(store, id, methdata->propquery, &method)) + if (!ossl_method_store_fetch(store, id, methdata->propquery, prov, &method)) return NULL; return method; } @@ -376,7 +377,7 @@ unsupported = 1; if (id == 0 - || !ossl_method_store_cache_get(store, id, properties, &method)) { + || !ossl_method_store_cache_get(store, NULL, id, properties, &method)) { OSSL_METHOD_CONSTRUCT_METHOD mcm = { get_tmp_encoder_store, get_encoder_from_store, @@ -390,7 +391,7 @@ methdata->propquery = properties; methdata->flag_construct_error_occurred = 0; if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_ENCODER, - 0 /* !force_cache */, + NULL, 0 /* !force_cache */, &mcm, methdata)) != NULL) { /* * If construction did create a method for us, we know that @@ -400,7 +401,7 @@ */ if (id == 0) id = ossl_namemap_name2num(namemap, name); - ossl_method_store_cache_set(store, id, properties, method, + ossl_method_store_cache_set(store, NULL, id, properties, method, up_ref_encoder, free_encoder); } diff -Nru openssl-3.0.0/crypto/engine/eng_dyn.c openssl-3.0.1/crypto/engine/eng_dyn.c --- openssl-3.0.0/crypto/engine/eng_dyn.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/engine/eng_dyn.c 2021-12-14 17:16:25.000000000 +0100 @@ -484,7 +484,9 @@ engine_set_all_null(e); /* Try to bind the ENGINE onto our own ENGINE structure */ - if (!ctx->bind_engine(e, ctx->engine_id, &fns)) { + if (!engine_add_dynamic_id(e, (ENGINE_DYNAMIC_ID)ctx->bind_engine, 1) + || !ctx->bind_engine(e, ctx->engine_id, &fns)) { + engine_remove_dynamic_id(e, 1); ctx->bind_engine = NULL; ctx->v_check = NULL; DSO_free(ctx->dynamic_dso); diff -Nru openssl-3.0.0/crypto/engine/eng_lib.c openssl-3.0.1/crypto/engine/eng_lib.c --- openssl-3.0.0/crypto/engine/eng_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/engine/eng_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -65,6 +65,7 @@ e->load_pubkey = NULL; e->cmd_defns = NULL; e->flags = 0; + e->dynamic_id = NULL; } int engine_free_util(ENGINE *e, int not_locked) @@ -90,6 +91,7 @@ */ if (e->destroy) e->destroy(e); + engine_remove_dynamic_id(e, not_locked); CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data); OPENSSL_free(e); return 1; diff -Nru openssl-3.0.0/crypto/engine/eng_list.c openssl-3.0.1/crypto/engine/eng_list.c --- openssl-3.0.0/crypto/engine/eng_list.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/engine/eng_list.c 2021-12-14 17:16:25.000000000 +0100 @@ -28,6 +28,12 @@ static ENGINE *engine_list_tail = NULL; /* + * The linked list of currently loaded dynamic engines. + */ +static ENGINE *engine_dyn_list_head = NULL; +static ENGINE *engine_dyn_list_tail = NULL; + +/* * This cleanup function is only needed internally. If it should be called, * we register it with the "engine_cleanup_int()" stack to be called during * cleanup. @@ -128,6 +134,85 @@ return 1; } +/* Add engine to dynamic engine list. */ +int engine_add_dynamic_id(ENGINE *e, ENGINE_DYNAMIC_ID dynamic_id, + int not_locked) +{ + int result = 0; + ENGINE *iterator = NULL; + + if (e == NULL) + return 0; + + if (e->dynamic_id == NULL && dynamic_id == NULL) + return 0; + + if (not_locked && !CRYPTO_THREAD_write_lock(global_engine_lock)) + return 0; + + if (dynamic_id != NULL) { + iterator = engine_dyn_list_head; + while (iterator != NULL) { + if (iterator->dynamic_id == dynamic_id) + goto err; + iterator = iterator->next; + } + if (e->dynamic_id != NULL) + goto err; + e->dynamic_id = dynamic_id; + } + + if (engine_dyn_list_head == NULL) { + /* We are adding to an empty list. */ + if (engine_dyn_list_tail != NULL) + goto err; + engine_dyn_list_head = e; + e->prev_dyn = NULL; + } else { + /* We are adding to the tail of an existing list. */ + if (engine_dyn_list_tail == NULL + || engine_dyn_list_tail->next_dyn != NULL) + goto err; + engine_dyn_list_tail->next_dyn = e; + e->prev_dyn = engine_dyn_list_tail; + } + + engine_dyn_list_tail = e; + e->next_dyn = NULL; + result = 1; + + err: + if (not_locked) + CRYPTO_THREAD_unlock(global_engine_lock); + return result; +} + +/* Remove engine from dynamic engine list. */ +void engine_remove_dynamic_id(ENGINE *e, int not_locked) +{ + if (e == NULL || e->dynamic_id == NULL) + return; + + if (not_locked && !CRYPTO_THREAD_write_lock(global_engine_lock)) + return; + + e->dynamic_id = NULL; + + /* un-link e from the chain. */ + if (e->next_dyn != NULL) + e->next_dyn->prev_dyn = e->prev_dyn; + if (e->prev_dyn != NULL) + e->prev_dyn->next_dyn = e->next_dyn; + /* Correct our head/tail if necessary. */ + if (engine_dyn_list_head == e) + engine_dyn_list_head = e->next_dyn; + if (engine_dyn_list_tail == e) + engine_dyn_list_tail = e->prev_dyn; + + if (not_locked) + CRYPTO_THREAD_unlock(global_engine_lock); +} + /* Get the first/last "ENGINE" type available. */ ENGINE *ENGINE_get_first(void) { @@ -278,6 +363,8 @@ dest->load_pubkey = src->load_pubkey; dest->cmd_defns = src->cmd_defns; dest->flags = src->flags; + dest->dynamic_id = src->dynamic_id; + engine_add_dynamic_id(dest, NULL, 0); } ENGINE *ENGINE_by_id(const char *id) diff -Nru openssl-3.0.0/crypto/engine/eng_local.h openssl-3.0.1/crypto/engine/eng_local.h --- openssl-3.0.0/crypto/engine/eng_local.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/engine/eng_local.h 2021-12-14 17:16:25.000000000 +0100 @@ -99,6 +99,11 @@ extern CRYPTO_ONCE engine_lock_init; DECLARE_RUN_ONCE(do_engine_lock_init) +typedef void (*ENGINE_DYNAMIC_ID)(void); +int engine_add_dynamic_id(ENGINE *e, ENGINE_DYNAMIC_ID dynamic_id, + int not_locked); +void engine_remove_dynamic_id(ENGINE *e, int not_locked); + /* * This is a structure for storing implementations of various crypto * algorithms and functions. @@ -143,6 +148,10 @@ /* Used to maintain the linked-list of engines. */ struct engine_st *prev; struct engine_st *next; + /* Used to maintain the linked-list of dynamic engines. */ + struct engine_st *prev_dyn; + struct engine_st *next_dyn; + ENGINE_DYNAMIC_ID dynamic_id; }; typedef struct st_engine_pile ENGINE_PILE; diff -Nru openssl-3.0.0/crypto/err/err.c openssl-3.0.1/crypto/err/err.c --- openssl-3.0.0/crypto/err/err.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/err/err.c 2021-12-14 17:16:25.000000000 +0100 @@ -80,6 +80,10 @@ {0, NULL}, }; +/* + * Should make sure that all ERR_R_ reasons defined in include/openssl/err.h.in + * are listed. For maintainability, please keep all reasons in the same order. + */ static ERR_STRING_DATA ERR_str_reasons[] = { {ERR_R_SYS_LIB, "system lib"}, {ERR_R_BN_LIB, "BN lib"}, @@ -92,17 +96,16 @@ {ERR_R_DSA_LIB, "DSA lib"}, {ERR_R_X509_LIB, "X509 lib"}, {ERR_R_ASN1_LIB, "ASN1 lib"}, + {ERR_R_CRYPTO_LIB, "CRYPTO lib"}, {ERR_R_EC_LIB, "EC lib"}, {ERR_R_BIO_LIB, "BIO lib"}, {ERR_R_PKCS7_LIB, "PKCS7 lib"}, {ERR_R_X509V3_LIB, "X509V3 lib"}, {ERR_R_ENGINE_LIB, "ENGINE lib"}, {ERR_R_UI_LIB, "UI lib"}, - {ERR_R_OSSL_STORE_LIB, "STORE lib"}, {ERR_R_ECDSA_LIB, "ECDSA lib"}, - - {ERR_R_NESTED_ASN1_ERROR, "nested asn1 error"}, - {ERR_R_MISSING_ASN1_EOS, "missing asn1 eos"}, + {ERR_R_OSSL_STORE_LIB, "OSSL_STORE lib"}, + {ERR_R_OSSL_DECODER_LIB, "OSSL_DECODER lib"}, {ERR_R_FATAL, "fatal"}, {ERR_R_MALLOC_FAILURE, "malloc failure"}, @@ -112,10 +115,12 @@ {ERR_R_INTERNAL_ERROR, "internal error"}, {ERR_R_DISABLED, "called a function that was disabled at compile-time"}, {ERR_R_INIT_FAIL, "init fail"}, + {ERR_R_PASSED_INVALID_ARGUMENT, "passed invalid argument"}, {ERR_R_OPERATION_FAIL, "operation fail"}, {ERR_R_INVALID_PROVIDER_FUNCTIONS, "invalid provider functions"}, {ERR_R_INTERRUPTED_OR_CANCELLED, "interrupted or cancelled"}, - + {ERR_R_NESTED_ASN1_ERROR, "nested asn1 error"}, + {ERR_R_MISSING_ASN1_EOS, "missing asn1 eos"}, /* * Something is unsupported, exactly what is expressed with additional data */ @@ -125,7 +130,6 @@ * unsupported. */ {ERR_R_FETCH_FAILED, "fetch failed"}, - {ERR_R_INVALID_PROPERTY_DEFINITION, "invalid property definition"}, {ERR_R_UNABLE_TO_GET_READ_LOCK, "unable to get read lock"}, {ERR_R_UNABLE_TO_GET_WRITE_LOCK, "unable to get write lock"}, diff -Nru openssl-3.0.0/crypto/err/openssl.txt openssl-3.0.1/crypto/err/openssl.txt --- openssl-3.0.0/crypto/err/openssl.txt 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/err/openssl.txt 2021-12-14 17:16:25.000000000 +0100 @@ -434,6 +434,7 @@ CRYPTO_R_INSUFFICIENT_DATA_SPACE:106:insufficient data space CRYPTO_R_INSUFFICIENT_PARAM_SIZE:107:insufficient param size CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE:108:insufficient secure data space +CRYPTO_R_INVALID_NEGATIVE_VALUE:122:invalid negative value CRYPTO_R_INVALID_NULL_ARGUMENT:109:invalid null argument CRYPTO_R_INVALID_OSSL_PARAM_TYPE:110:invalid ossl param type CRYPTO_R_ODD_NUMBER_OF_DIGITS:103:odd number of digits @@ -778,6 +779,7 @@ HTTP_R_REDIRECTION_NOT_ENABLED:116:redirection not enabled HTTP_R_RESPONSE_LINE_TOO_LONG:113:response line too long HTTP_R_RESPONSE_PARSE_ERROR:104:response parse error +HTTP_R_RETRY_TIMEOUT:129:retry timeout HTTP_R_SERVER_CANCELED_CONNECTION:127:server canceled connection HTTP_R_SOCK_NOT_SUPPORTED:122:sock not supported HTTP_R_STATUS_CODE_UNSUPPORTED:114:status code unsupported diff -Nru openssl-3.0.0/crypto/evp/asymcipher.c openssl-3.0.1/crypto/evp/asymcipher.c --- openssl-3.0.0/crypto/evp/asymcipher.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/asymcipher.c 2021-12-14 17:16:25.000000000 +0100 @@ -24,7 +24,9 @@ void *provkey = NULL; EVP_ASYM_CIPHER *cipher = NULL; EVP_KEYMGMT *tmp_keymgmt = NULL; + const OSSL_PROVIDER *tmp_prov = NULL; const char *supported_ciph = NULL; + int iter; if (ctx == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); @@ -39,56 +41,102 @@ if (evp_pkey_ctx_is_legacy(ctx)) goto legacy; + if (ctx->pkey == NULL) { + ERR_clear_last_mark(); + ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET); + goto err; + } + /* - * Ensure that the key is provided, either natively, or as a cached export. - * If not, go legacy + * Try to derive the supported asym cipher from |ctx->keymgmt|. */ - tmp_keymgmt = ctx->keymgmt; - provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx, - &tmp_keymgmt, ctx->propquery); - if (provkey == NULL) - goto legacy; - if (!EVP_KEYMGMT_up_ref(tmp_keymgmt)) { + if (!ossl_assert(ctx->pkey->keymgmt == NULL + || ctx->pkey->keymgmt == ctx->keymgmt)) { + ERR_clear_last_mark(); + ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); + goto err; + } + supported_ciph + = evp_keymgmt_util_query_operation_name(ctx->keymgmt, + OSSL_OP_ASYM_CIPHER); + if (supported_ciph == NULL) { ERR_clear_last_mark(); ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } - EVP_KEYMGMT_free(ctx->keymgmt); - ctx->keymgmt = tmp_keymgmt; - - if (ctx->keymgmt->query_operation_name != NULL) - supported_ciph = - ctx->keymgmt->query_operation_name(OSSL_OP_ASYM_CIPHER); /* - * If we didn't get a supported ciph, assume there is one with the - * same name as the key type. + * We perform two iterations: + * + * 1. Do the normal asym cipher fetch, using the fetching data given by + * the EVP_PKEY_CTX. + * 2. Do the provider specific asym cipher fetch, from the same provider + * as |ctx->keymgmt| + * + * We then try to fetch the keymgmt from the same provider as the + * asym cipher, and try to export |ctx->pkey| to that keymgmt (when + * this keymgmt happens to be the same as |ctx->keymgmt|, the export + * is a no-op, but we call it anyway to not complicate the code even + * more). + * If the export call succeeds (returns a non-NULL provider key pointer), + * we're done and can perform the operation itself. If not, we perform + * the second iteration, or jump to legacy. */ - if (supported_ciph == NULL) - supported_ciph = ctx->keytype; + for (iter = 1, provkey = NULL; iter < 3 && provkey == NULL; iter++) { + EVP_KEYMGMT *tmp_keymgmt_tofree; - /* - * Because we cleared out old ops, we shouldn't need to worry about - * checking if cipher is already there. - */ - cipher = - EVP_ASYM_CIPHER_fetch(ctx->libctx, supported_ciph, ctx->propquery); + /* + * If we're on the second iteration, free the results from the first. + * They are NULL on the first iteration, so no need to check what + * iteration we're on. + */ + EVP_ASYM_CIPHER_free(cipher); + EVP_KEYMGMT_free(tmp_keymgmt); + + switch (iter) { + case 1: + cipher = EVP_ASYM_CIPHER_fetch(ctx->libctx, supported_ciph, + ctx->propquery); + if (cipher != NULL) + tmp_prov = EVP_ASYM_CIPHER_get0_provider(cipher); + break; + case 2: + tmp_prov = EVP_KEYMGMT_get0_provider(ctx->keymgmt); + cipher = + evp_asym_cipher_fetch_from_prov((OSSL_PROVIDER *)tmp_prov, + supported_ciph, ctx->propquery); + if (cipher == NULL) + goto legacy; + break; + } + if (cipher == NULL) + continue; - if (cipher == NULL - || (EVP_KEYMGMT_get0_provider(ctx->keymgmt) - != EVP_ASYM_CIPHER_get0_provider(cipher))) { /* - * We don't need to free ctx->keymgmt here, as it's not necessarily - * tied to this operation. It will be freed by EVP_PKEY_CTX_free(). + * Ensure that the key is provided, either natively, or as a cached + * export. We start by fetching the keymgmt with the same name as + * |ctx->pkey|, but from the provider of the asym cipher method, using + * the same property query as when fetching the asym cipher method. + * With the keymgmt we found (if we did), we try to export |ctx->pkey| + * to it (evp_pkey_export_to_provider() is smart enough to only actually + * export it if |tmp_keymgmt| is different from |ctx->pkey|'s keymgmt) */ + tmp_keymgmt_tofree = tmp_keymgmt + = evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)tmp_prov, + EVP_KEYMGMT_get0_name(ctx->keymgmt), + ctx->propquery); + if (tmp_keymgmt != NULL) + provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx, + &tmp_keymgmt, ctx->propquery); + if (tmp_keymgmt == NULL) + EVP_KEYMGMT_free(tmp_keymgmt_tofree); + } + + if (provkey == NULL) { EVP_ASYM_CIPHER_free(cipher); goto legacy; } - /* - * If we don't have the full support we need with provided methods, - * let's go see if legacy does. - */ ERR_pop_to_mark(); /* No more legacy from here down to legacy: */ @@ -125,6 +173,7 @@ if (ret <= 0) goto err; + EVP_KEYMGMT_free(tmp_keymgmt); return 1; legacy: @@ -133,6 +182,8 @@ * let's go see if legacy does. */ ERR_pop_to_mark(); + EVP_KEYMGMT_free(tmp_keymgmt); + tmp_keymgmt = NULL; if (ctx->pmeth == NULL || ctx->pmeth->encrypt == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); @@ -159,6 +210,7 @@ evp_pkey_ctx_free_old_ops(ctx); ctx->operation = EVP_PKEY_OP_UNDEFINED; } + EVP_KEYMGMT_free(tmp_keymgmt); return ret; } @@ -423,6 +475,17 @@ (void (*)(void *))EVP_ASYM_CIPHER_free); } +EVP_ASYM_CIPHER *evp_asym_cipher_fetch_from_prov(OSSL_PROVIDER *prov, + const char *algorithm, + const char *properties) +{ + return evp_generic_fetch_from_prov(prov, OSSL_OP_ASYM_CIPHER, + algorithm, properties, + evp_asym_cipher_from_algorithm, + (int (*)(void *))EVP_ASYM_CIPHER_up_ref, + (void (*)(void *))EVP_ASYM_CIPHER_free); +} + int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name) { return evp_is_a(cipher->prov, cipher->name_id, NULL, name); diff -Nru openssl-3.0.0/crypto/evp/ctrl_params_translate.c openssl-3.0.1/crypto/evp/ctrl_params_translate.c --- openssl-3.0.0/crypto/evp/ctrl_params_translate.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/ctrl_params_translate.c 2021-12-14 17:16:25.000000000 +0100 @@ -465,8 +465,8 @@ ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); return 0; } - if (!BN_bn2nativepad(ctx->p2, - ctx->allocated_buf, ctx->buflen)) { + if (BN_bn2nativepad(ctx->p2, + ctx->allocated_buf, ctx->buflen) < 0) { OPENSSL_free(ctx->allocated_buf); ctx->allocated_buf = NULL; return 0; @@ -1026,10 +1026,23 @@ if (ctx->action_type != SET) return 0; - if (state == PRE_CTRL_STR_TO_PARAMS) { + switch (state) { + case PRE_CTRL_TO_PARAMS: + ctx->p2 = (char *)ossl_ffc_named_group_get_name + (ossl_ffc_uid_to_dh_named_group(ctx->p1)); + ctx->p1 = 0; + break; + + case PRE_CTRL_STR_TO_PARAMS: + if (ctx->p2 == NULL) + return 0; ctx->p2 = (char *)ossl_ffc_named_group_get_name (ossl_ffc_uid_to_dh_named_group(atoi(ctx->p2))); ctx->p1 = 0; + break; + + default: + break; } return default_fixup_args(state, translation, ctx); @@ -1379,21 +1392,23 @@ if ((ctx->action_type == SET && state == PRE_PARAMS_TO_CTRL) || (ctx->action_type == GET && state == POST_CTRL_TO_PARAMS)) { size_t i; + int val; for (i = 0; i < OSSL_NELEM(str_value_map); i++) { if (strcmp(ctx->p2, str_value_map[i].ptr) == 0) break; } - if (i == OSSL_NELEM(str_value_map)) { - ctx->p1 = atoi(ctx->p2); - } else if (state == POST_CTRL_TO_PARAMS) { + + val = i == OSSL_NELEM(str_value_map) ? atoi(ctx->p2) + : (int)str_value_map[i].id; + if (state == POST_CTRL_TO_PARAMS) { /* * EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN weirdness explained further * up */ - *(int *)ctx->orig_p2 = str_value_map[i].id; + *(int *)ctx->orig_p2 = val; } else { - ctx->p1 = (int)str_value_map[i].id; + ctx->p1 = val; } ctx->p2 = NULL; } @@ -1595,10 +1610,13 @@ const EC_GROUP *ecg = EC_KEY_get0_group(eckey); const EC_POINT *point = EC_KEY_get0_public_key(eckey); + if (bnctx == NULL) + return 0; ctx->sz = EC_POINT_point2buf(ecg, point, POINT_CONVERSION_COMPRESSED, &buf, bnctx); ctx->p2 = buf; + BN_CTX_free(bnctx); break; } return 0; @@ -2738,4 +2756,3 @@ { return evp_pkey_setget_params_to_ctrl(pkey, GET, params); } - diff -Nru openssl-3.0.0/crypto/evp/digest.c openssl-3.0.1/crypto/evp/digest.c --- openssl-3.0.0/crypto/evp/digest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/digest.c 2021-12-14 17:16:25.000000000 +0100 @@ -228,7 +228,10 @@ ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); return 0; #else - EVP_MD *provmd = EVP_MD_fetch(NULL, OBJ_nid2sn(type->type), ""); + /* The NULL digest is a special case */ + EVP_MD *provmd = EVP_MD_fetch(NULL, + type->type != NID_undef ? OBJ_nid2sn(type->type) + : "NULL", ""); if (provmd == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); @@ -506,11 +509,20 @@ { unsigned char *tmp_buf; - if (in == NULL || in->digest == NULL) { - ERR_raise(ERR_LIB_EVP, EVP_R_INPUT_NOT_INITIALIZED); + if (in == NULL) { + ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER); return 0; } + if (in->digest == NULL) { + /* copying uninitialized digest context */ + EVP_MD_CTX_reset(out); + if (out->fetched_digest != NULL) + EVP_MD_free(out->fetched_digest); + *out = *in; + return 1; + } + if (in->digest->prov == NULL || (in->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0) goto legacy; diff -Nru openssl-3.0.0/crypto/evp/e_rc5.c openssl-3.0.1/crypto/evp/e_rc5.c --- openssl-3.0.0/crypto/evp/e_rc5.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/e_rc5.c 2021-12-14 17:16:25.000000000 +0100 @@ -72,12 +72,13 @@ static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - if (EVP_CIPHER_CTX_get_key_length(ctx) > 255) { + const int key_len = EVP_CIPHER_CTX_get_key_length(ctx); + + if (key_len > 255 || key_len < 0) { ERR_raise(ERR_LIB_EVP, EVP_R_BAD_KEY_LENGTH); return 0; } - return RC5_32_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_get_key_length(ctx), - key, data(ctx)->rounds); + return RC5_32_set_key(&data(ctx)->ks, key_len, key, data(ctx)->rounds); } #endif diff -Nru openssl-3.0.0/crypto/evp/evp_fetch.c openssl-3.0.1/crypto/evp/evp_fetch.c --- openssl-3.0.0/crypto/evp/evp_fetch.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/evp_fetch.c 2021-12-14 17:16:25.000000000 +0100 @@ -115,7 +115,8 @@ | (operation_id & METHOD_ID_OPERATION_MASK)); } -static void *get_evp_method_from_store(void *store, void *data) +static void *get_evp_method_from_store(void *store, const OSSL_PROVIDER **prov, + void *data) { struct evp_method_data_st *methdata = data; void *method = NULL; @@ -146,7 +147,7 @@ && (store = get_evp_method_store(methdata->libctx)) == NULL) return NULL; - if (!ossl_method_store_fetch(store, meth_id, methdata->propquery, + if (!ossl_method_store_fetch(store, meth_id, methdata->propquery, prov, &method)) return NULL; return method; @@ -234,7 +235,8 @@ } static void * -inner_evp_generic_fetch(struct evp_method_data_st *methdata, int operation_id, +inner_evp_generic_fetch(struct evp_method_data_st *methdata, + OSSL_PROVIDER *prov, int operation_id, int name_id, const char *name, const char *properties, void *(*new_method)(int name_id, @@ -297,7 +299,8 @@ unsupported = 1; if (meth_id == 0 - || !ossl_method_store_cache_get(store, meth_id, properties, &method)) { + || !ossl_method_store_cache_get(store, prov, meth_id, properties, + &method)) { OSSL_METHOD_CONSTRUCT_METHOD mcm = { get_tmp_evp_method_store, get_evp_method_from_store, @@ -315,7 +318,7 @@ methdata->destruct_method = free_method; methdata->flag_construct_error_occurred = 0; if ((method = ossl_method_construct(methdata->libctx, operation_id, - 0 /* !force_cache */, + &prov, 0 /* !force_cache */, &mcm, methdata)) != NULL) { /* * If construction did create a method for us, we know that @@ -327,8 +330,8 @@ name_id = ossl_namemap_name2num(namemap, name); meth_id = evp_method_id(name_id, operation_id); if (name_id != 0) - ossl_method_store_cache_set(store, meth_id, properties, method, - up_ref_method, free_method); + ossl_method_store_cache_set(store, prov, meth_id, properties, + method, up_ref_method, free_method); } /* @@ -366,8 +369,8 @@ methdata.libctx = libctx; methdata.tmp_store = NULL; - method = inner_evp_generic_fetch(&methdata, - operation_id, 0, name, properties, + method = inner_evp_generic_fetch(&methdata, NULL, operation_id, + 0, name, properties, new_method, up_ref_method, free_method); dealloc_tmp_evp_method_store(methdata.tmp_store); return method; @@ -378,7 +381,7 @@ * already known names, i.e. it refuses to work if no name_id can be found * (it's considered an internal programming error). * This is meant to be used when one method needs to fetch an associated - * other method. + * method. */ void *evp_generic_fetch_by_number(OSSL_LIB_CTX *libctx, int operation_id, int name_id, const char *properties, @@ -393,8 +396,34 @@ methdata.libctx = libctx; methdata.tmp_store = NULL; - method = inner_evp_generic_fetch(&methdata, - operation_id, name_id, NULL, properties, + method = inner_evp_generic_fetch(&methdata, NULL, operation_id, + name_id, NULL, properties, + new_method, up_ref_method, free_method); + dealloc_tmp_evp_method_store(methdata.tmp_store); + return method; +} + +/* + * evp_generic_fetch_from_prov() is special, and only returns methods from + * the given provider. + * This is meant to be used when one method needs to fetch an associated + * method. + */ +void *evp_generic_fetch_from_prov(OSSL_PROVIDER *prov, int operation_id, + const char *name, const char *properties, + void *(*new_method)(int name_id, + const OSSL_ALGORITHM *algodef, + OSSL_PROVIDER *prov), + int (*up_ref_method)(void *), + void (*free_method)(void *)) +{ + struct evp_method_data_st methdata; + void *method; + + methdata.libctx = ossl_provider_libctx(prov); + methdata.tmp_store = NULL; + method = inner_evp_generic_fetch(&methdata, prov, operation_id, + 0, name, properties, new_method, up_ref_method, free_method); dealloc_tmp_evp_method_store(methdata.tmp_store); return method; @@ -588,7 +617,7 @@ methdata.libctx = libctx; methdata.tmp_store = NULL; - (void)inner_evp_generic_fetch(&methdata, operation_id, 0, NULL, NULL, + (void)inner_evp_generic_fetch(&methdata, NULL, operation_id, 0, NULL, NULL, new_method, up_ref_method, free_method); data.operation_id = operation_id; diff -Nru openssl-3.0.0/crypto/evp/evp_lib.c openssl-3.0.1/crypto/evp/evp_lib.c --- openssl-3.0.0/crypto/evp/evp_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/evp_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -999,7 +999,7 @@ if (ctx == NULL) return NULL; md = (EVP_MD *)ctx->reqdigest; - if (!EVP_MD_up_ref(md)) + if (md == NULL || !EVP_MD_up_ref(md)) return NULL; return md; } diff -Nru openssl-3.0.0/crypto/evp/evp_local.h openssl-3.0.1/crypto/evp/evp_local.h --- openssl-3.0.0/crypto/evp/evp_local.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/evp_local.h 2021-12-14 17:16:25.000000000 +0100 @@ -276,6 +276,13 @@ OSSL_PROVIDER *prov), int (*up_ref_method)(void *), void (*free_method)(void *)); +void *evp_generic_fetch_from_prov(OSSL_PROVIDER *prov, int operation_id, + const char *name, const char *properties, + void *(*new_method)(int name_id, + const OSSL_ALGORITHM *algodef, + OSSL_PROVIDER *prov), + int (*up_ref_method)(void *), + void (*free_method)(void *)); void evp_generic_do_all_prefetched(OSSL_LIB_CTX *libctx, int operation_id, void (*user_fn)(void *method, void *arg), void *user_arg); @@ -291,6 +298,21 @@ /* Internal fetchers for method types that are to be combined with others */ EVP_KEYMGMT *evp_keymgmt_fetch_by_number(OSSL_LIB_CTX *ctx, int name_id, const char *properties); +EVP_KEYMGMT *evp_keymgmt_fetch_from_prov(OSSL_PROVIDER *prov, + const char *name, + const char *properties); +EVP_SIGNATURE *evp_signature_fetch_from_prov(OSSL_PROVIDER *prov, + const char *name, + const char *properties); +EVP_ASYM_CIPHER *evp_asym_cipher_fetch_from_prov(OSSL_PROVIDER *prov, + const char *name, + const char *properties); +EVP_KEYEXCH *evp_keyexch_fetch_from_prov(OSSL_PROVIDER *prov, + const char *name, + const char *properties); +EVP_KEM *evp_kem_fetch_from_prov(OSSL_PROVIDER *prov, + const char *name, + const char *properties); /* Internal structure constructors for fetched methods */ EVP_MD *evp_md_new(void); diff -Nru openssl-3.0.0/crypto/evp/exchange.c openssl-3.0.1/crypto/evp/exchange.c --- openssl-3.0.0/crypto/evp/exchange.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/exchange.c 2021-12-14 17:16:25.000000000 +0100 @@ -10,6 +10,7 @@ #include #include #include +#include "internal/cryptlib.h" #include "internal/refcount.h" #include "internal/provider.h" #include "internal/core.h" @@ -180,6 +181,17 @@ (void (*)(void *))EVP_KEYEXCH_free); } +EVP_KEYEXCH *evp_keyexch_fetch_from_prov(OSSL_PROVIDER *prov, + const char *algorithm, + const char *properties) +{ + return evp_generic_fetch_from_prov(prov, OSSL_OP_KEYEXCH, + algorithm, properties, + evp_keyexch_from_algorithm, + (int (*)(void *))EVP_KEYEXCH_up_ref, + (void (*)(void *))EVP_KEYEXCH_free); +} + int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) { return EVP_PKEY_derive_init_ex(ctx, NULL); @@ -191,7 +203,9 @@ void *provkey = NULL; EVP_KEYEXCH *exchange = NULL; EVP_KEYMGMT *tmp_keymgmt = NULL; + const OSSL_PROVIDER *tmp_prov = NULL; const char *supported_exch = NULL; + int iter; if (ctx == NULL) { ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER); @@ -207,73 +221,113 @@ goto legacy; /* - * Ensure that the key is provided, either natively, or as a cached export. - * If not, goto legacy + * Some algorithms (e.g. legacy KDFs) don't have a pkey - so we create + * a blank one. */ - tmp_keymgmt = ctx->keymgmt; if (ctx->pkey == NULL) { - /* - * Some algorithms (e.g. legacy KDFs) don't have a pkey - so we create - * a blank one. - */ EVP_PKEY *pkey = EVP_PKEY_new(); - if (pkey == NULL || !EVP_PKEY_set_type_by_keymgmt(pkey, tmp_keymgmt)) { + if (pkey == NULL + || !EVP_PKEY_set_type_by_keymgmt(pkey, ctx->keymgmt) + || (pkey->keydata = evp_keymgmt_newdata(ctx->keymgmt)) == NULL) { ERR_clear_last_mark(); EVP_PKEY_free(pkey); ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } - provkey = pkey->keydata = evp_keymgmt_newdata(tmp_keymgmt); - if (provkey == NULL) - EVP_PKEY_free(pkey); - else - ctx->pkey = pkey; - } else { - provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx, - &tmp_keymgmt, ctx->propquery); + ctx->pkey = pkey; } - if (provkey == NULL) - goto legacy; - if (!EVP_KEYMGMT_up_ref(tmp_keymgmt)) { + + /* + * Try to derive the supported exch from |ctx->keymgmt|. + */ + if (!ossl_assert(ctx->pkey->keymgmt == NULL + || ctx->pkey->keymgmt == ctx->keymgmt)) { + ERR_clear_last_mark(); + ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); + goto err; + } + supported_exch = evp_keymgmt_util_query_operation_name(ctx->keymgmt, + OSSL_OP_KEYEXCH); + if (supported_exch == NULL) { ERR_clear_last_mark(); ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } - EVP_KEYMGMT_free(ctx->keymgmt); - ctx->keymgmt = tmp_keymgmt; - if (ctx->keymgmt->query_operation_name != NULL) - supported_exch = ctx->keymgmt->query_operation_name(OSSL_OP_KEYEXCH); /* - * If we didn't get a supported exch, assume there is one with the - * same name as the key type. + * We perform two iterations: + * + * 1. Do the normal exchange fetch, using the fetching data given by + * the EVP_PKEY_CTX. + * 2. Do the provider specific exchange fetch, from the same provider + * as |ctx->keymgmt| + * + * We then try to fetch the keymgmt from the same provider as the + * exchange, and try to export |ctx->pkey| to that keymgmt (when + * this keymgmt happens to be the same as |ctx->keymgmt|, the export + * is a no-op, but we call it anyway to not complicate the code even + * more). + * If the export call succeeds (returns a non-NULL provider key pointer), + * we're done and can perform the operation itself. If not, we perform + * the second iteration, or jump to legacy. */ - if (supported_exch == NULL) - supported_exch = ctx->keytype; + for (iter = 1, provkey = NULL; iter < 3 && provkey == NULL; iter++) { + EVP_KEYMGMT *tmp_keymgmt_tofree = NULL; - /* - * Because we cleared out old ops, we shouldn't need to worry about - * checking if exchange is already there. - */ - exchange = EVP_KEYEXCH_fetch(ctx->libctx, supported_exch, ctx->propquery); + /* + * If we're on the second iteration, free the results from the first. + * They are NULL on the first iteration, so no need to check what + * iteration we're on. + */ + EVP_KEYEXCH_free(exchange); + EVP_KEYMGMT_free(tmp_keymgmt); + + switch (iter) { + case 1: + exchange = + EVP_KEYEXCH_fetch(ctx->libctx, supported_exch, ctx->propquery); + if (exchange != NULL) + tmp_prov = EVP_KEYEXCH_get0_provider(exchange); + break; + case 2: + tmp_prov = EVP_KEYMGMT_get0_provider(ctx->keymgmt); + exchange = + evp_keyexch_fetch_from_prov((OSSL_PROVIDER *)tmp_prov, + supported_exch, ctx->propquery); + if (exchange == NULL) + goto legacy; + break; + } + if (exchange == NULL) + continue; - if (exchange == NULL - || (EVP_KEYMGMT_get0_provider(ctx->keymgmt) - != EVP_KEYEXCH_get0_provider(exchange))) { /* - * We don't need to free ctx->keymgmt here, as it's not necessarily - * tied to this operation. It will be freed by EVP_PKEY_CTX_free(). + * Ensure that the key is provided, either natively, or as a cached + * export. We start by fetching the keymgmt with the same name as + * |ctx->pkey|, but from the provider of the exchange method, using + * the same property query as when fetching the exchange method. + * With the keymgmt we found (if we did), we try to export |ctx->pkey| + * to it (evp_pkey_export_to_provider() is smart enough to only actually + * export it if |tmp_keymgmt| is different from |ctx->pkey|'s keymgmt) */ + tmp_keymgmt_tofree = tmp_keymgmt = + evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)tmp_prov, + EVP_KEYMGMT_get0_name(ctx->keymgmt), + ctx->propquery); + if (tmp_keymgmt != NULL) + provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx, + &tmp_keymgmt, ctx->propquery); + if (tmp_keymgmt == NULL) + EVP_KEYMGMT_free(tmp_keymgmt_tofree); + } + + if (provkey == NULL) { EVP_KEYEXCH_free(exchange); goto legacy; } - /* - * If we don't have the full support we need with provided methods, - * let's go see if legacy does. - */ ERR_pop_to_mark(); /* No more legacy from here down to legacy: */ @@ -287,10 +341,12 @@ } ret = exchange->init(ctx->op.kex.algctx, provkey, params); + EVP_KEYMGMT_free(tmp_keymgmt); return ret ? 1 : 0; err: evp_pkey_ctx_free_old_ops(ctx); ctx->operation = EVP_PKEY_OP_UNDEFINED; + EVP_KEYMGMT_free(tmp_keymgmt); return 0; legacy: @@ -313,6 +369,7 @@ ret = ctx->pmeth->derive_init(ctx); if (ret <= 0) ctx->operation = EVP_PKEY_OP_UNDEFINED; + EVP_KEYMGMT_free(tmp_keymgmt); return ret; #endif } diff -Nru openssl-3.0.0/crypto/evp/kem.c openssl-3.0.1/crypto/evp/kem.c --- openssl-3.0.0/crypto/evp/kem.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/kem.c 2021-12-14 17:16:25.000000000 +0100 @@ -23,8 +23,10 @@ int ret = 0; EVP_KEM *kem = NULL; EVP_KEYMGMT *tmp_keymgmt = NULL; + const OSSL_PROVIDER *tmp_prov = NULL; void *provkey = NULL; const char *supported_kem = NULL; + int iter; if (ctx == NULL || ctx->keytype == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); @@ -34,35 +36,101 @@ evp_pkey_ctx_free_old_ops(ctx); ctx->operation = operation; + if (ctx->pkey == NULL) { + ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET); + goto err; + } + /* - * Ensure that the key is provided, either natively, or as a cached export. + * Try to derive the supported kem from |ctx->keymgmt|. */ - tmp_keymgmt = ctx->keymgmt; - provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx, - &tmp_keymgmt, ctx->propquery); - if (provkey == NULL - || !EVP_KEYMGMT_up_ref(tmp_keymgmt)) { + if (!ossl_assert(ctx->pkey->keymgmt == NULL + || ctx->pkey->keymgmt == ctx->keymgmt)) { + ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); + goto err; + } + supported_kem = evp_keymgmt_util_query_operation_name(ctx->keymgmt, + OSSL_OP_KEM); + if (supported_kem == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } - EVP_KEYMGMT_free(ctx->keymgmt); - ctx->keymgmt = tmp_keymgmt; - - if (ctx->keymgmt->query_operation_name != NULL) - supported_kem = ctx->keymgmt->query_operation_name(OSSL_OP_KEM); /* - * If we didn't get a supported kem, assume there is one with the - * same name as the key type. + * Because we cleared out old ops, we shouldn't need to worry about + * checking if kem is already there. + * We perform two iterations: + * + * 1. Do the normal kem fetch, using the fetching data given by + * the EVP_PKEY_CTX. + * 2. Do the provider specific kem fetch, from the same provider + * as |ctx->keymgmt| + * + * We then try to fetch the keymgmt from the same provider as the + * kem, and try to export |ctx->pkey| to that keymgmt (when this + * keymgmt happens to be the same as |ctx->keymgmt|, the export is + * a no-op, but we call it anyway to not complicate the code even + * more). + * If the export call succeeds (returns a non-NULL provider key pointer), + * we're done and can perform the operation itself. If not, we perform + * the second iteration, or jump to legacy. */ - if (supported_kem == NULL) - supported_kem = ctx->keytype; + for (iter = 1, provkey = NULL; iter < 3 && provkey == NULL; iter++) { + EVP_KEYMGMT *tmp_keymgmt_tofree = NULL; - kem = EVP_KEM_fetch(ctx->libctx, supported_kem, ctx->propquery); - if (kem == NULL - || (EVP_KEYMGMT_get0_provider(ctx->keymgmt) != EVP_KEM_get0_provider(kem))) { - ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - ret = -2; + /* + * If we're on the second iteration, free the results from the first. + * They are NULL on the first iteration, so no need to check what + * iteration we're on. + */ + EVP_KEM_free(kem); + EVP_KEYMGMT_free(tmp_keymgmt); + + switch (iter) { + case 1: + kem = EVP_KEM_fetch(ctx->libctx, supported_kem, ctx->propquery); + if (kem != NULL) + tmp_prov = EVP_KEM_get0_provider(kem); + break; + case 2: + tmp_prov = EVP_KEYMGMT_get0_provider(ctx->keymgmt); + kem = evp_kem_fetch_from_prov((OSSL_PROVIDER *)tmp_prov, + supported_kem, ctx->propquery); + + if (kem == NULL) { + ERR_raise(ERR_LIB_EVP, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + ret = -2; + goto err; + } + } + if (kem == NULL) + continue; + + /* + * Ensure that the key is provided, either natively, or as a cached + * export. We start by fetching the keymgmt with the same name as + * |ctx->pkey|, but from the provider of the kem method, using the + * same property query as when fetching the kem method. + * With the keymgmt we found (if we did), we try to export |ctx->pkey| + * to it (evp_pkey_export_to_provider() is smart enough to only actually + + * export it if |tmp_keymgmt| is different from |ctx->pkey|'s keymgmt) + */ + tmp_keymgmt_tofree = tmp_keymgmt = + evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)tmp_prov, + EVP_KEYMGMT_get0_name(ctx->keymgmt), + ctx->propquery); + if (tmp_keymgmt != NULL) + provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx, + &tmp_keymgmt, ctx->propquery); + if (tmp_keymgmt == NULL) + EVP_KEYMGMT_free(tmp_keymgmt_tofree); + } + + if (provkey == NULL) { + EVP_KEM_free(kem); + ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } @@ -96,6 +164,9 @@ goto err; } + EVP_KEYMGMT_free(tmp_keymgmt); + tmp_keymgmt = NULL; + if (ret > 0) return 1; err: @@ -103,6 +174,7 @@ evp_pkey_ctx_free_old_ops(ctx); ctx->operation = EVP_PKEY_OP_UNDEFINED; } + EVP_KEYMGMT_free(tmp_keymgmt); return ret; } @@ -338,6 +410,15 @@ (void (*)(void *))EVP_KEM_free); } +EVP_KEM *evp_kem_fetch_from_prov(OSSL_PROVIDER *prov, const char *algorithm, + const char *properties) +{ + return evp_generic_fetch_from_prov(prov, OSSL_OP_KEM, algorithm, properties, + evp_kem_from_algorithm, + (int (*)(void *))EVP_KEM_up_ref, + (void (*)(void *))EVP_KEM_free); +} + int EVP_KEM_is_a(const EVP_KEM *kem, const char *name) { return evp_is_a(kem->prov, kem->name_id, NULL, name); diff -Nru openssl-3.0.0/crypto/evp/keymgmt_lib.c openssl-3.0.1/crypto/evp/keymgmt_lib.c --- openssl-3.0.0/crypto/evp/keymgmt_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/keymgmt_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -197,6 +197,7 @@ /* Add the new export to the operation cache */ if (!evp_keymgmt_util_cache_keydata(pk, keymgmt, import_data.keydata)) { + CRYPTO_THREAD_unlock(pk->lock); evp_keymgmt_freedata(keymgmt, import_data.keydata); return NULL; } @@ -561,3 +562,22 @@ OPENSSL_strlcpy(mdname, result, mdname_sz); return rv; } + +/* + * If |keymgmt| has the method function |query_operation_name|, use it to get + * the name of a supported operation identity. Otherwise, return the keytype, + * assuming that it works as a default operation name. + */ +const char *evp_keymgmt_util_query_operation_name(EVP_KEYMGMT *keymgmt, + int op_id) +{ + const char *name = NULL; + + if (keymgmt != NULL) { + if (keymgmt->query_operation_name != NULL) + name = keymgmt->query_operation_name(op_id); + if (name == NULL) + name = EVP_KEYMGMT_get0_name(keymgmt); + } + return name; +} diff -Nru openssl-3.0.0/crypto/evp/keymgmt_meth.c openssl-3.0.1/crypto/evp/keymgmt_meth.c --- openssl-3.0.0/crypto/evp/keymgmt_meth.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/keymgmt_meth.c 2021-12-14 17:16:25.000000000 +0100 @@ -213,6 +213,17 @@ (void (*)(void *))EVP_KEYMGMT_free); } +EVP_KEYMGMT *evp_keymgmt_fetch_from_prov(OSSL_PROVIDER *prov, + const char *name, + const char *properties) +{ + return evp_generic_fetch_from_prov(prov, OSSL_OP_KEYMGMT, + name, properties, + keymgmt_from_algorithm, + (int (*)(void *))EVP_KEYMGMT_up_ref, + (void (*)(void *))EVP_KEYMGMT_free); +} + EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties) { diff -Nru openssl-3.0.0/crypto/evp/mac_lib.c openssl-3.0.1/crypto/evp/mac_lib.c --- openssl-3.0.0/crypto/evp/mac_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/mac_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -132,6 +132,7 @@ size_t l; int res; OSSL_PARAM params[2]; + size_t macsize; if (ctx == NULL || ctx->meth == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM); @@ -142,14 +143,19 @@ return 0; } + macsize = EVP_MAC_CTX_get_mac_size(ctx); if (out == NULL) { if (outl == NULL) { ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER); return 0; } - *outl = EVP_MAC_CTX_get_mac_size(ctx); + *outl = macsize; return 1; } + if (outsize < macsize) { + ERR_raise(ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL); + return 0; + } if (xof) { params[0] = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_XOF, &xof); params[1] = OSSL_PARAM_construct_end(); diff -Nru openssl-3.0.0/crypto/evp/m_sigver.c openssl-3.0.1/crypto/evp/m_sigver.c --- openssl-3.0.0/crypto/evp/m_sigver.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/m_sigver.c 2021-12-14 17:16:25.000000000 +0100 @@ -45,10 +45,11 @@ EVP_PKEY_CTX *locpctx = NULL; EVP_SIGNATURE *signature = NULL; EVP_KEYMGMT *tmp_keymgmt = NULL; + const OSSL_PROVIDER *tmp_prov = NULL; const char *supported_sig = NULL; char locmdname[80] = ""; /* 80 chars should be enough */ void *provkey = NULL; - int ret; + int ret, iter, reinit = 1; if (ctx->algctx != NULL) { if (!ossl_assert(ctx->digest != NULL)) { @@ -61,6 +62,7 @@ } if (ctx->pctx == NULL) { + reinit = 0; if (e == NULL) ctx->pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, props); else @@ -70,75 +72,133 @@ return 0; locpctx = ctx->pctx; - evp_pkey_ctx_free_old_ops(locpctx); + ERR_set_mark(); + + if (evp_pkey_ctx_is_legacy(locpctx)) + goto legacy; + + /* do not reinitialize if pkey is set or operation is different */ + if (reinit + && (pkey != NULL + || locpctx->operation != (ver ? EVP_PKEY_OP_VERIFYCTX + : EVP_PKEY_OP_SIGNCTX) + || (signature = locpctx->op.sig.signature) == NULL + || locpctx->op.sig.algctx == NULL)) + reinit = 0; if (props == NULL) props = locpctx->propquery; - ERR_set_mark(); + if (locpctx->pkey == NULL) { + ERR_clear_last_mark(); + ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET); + goto err; + } - if (evp_pkey_ctx_is_legacy(locpctx)) - goto legacy; + if (!reinit) { + evp_pkey_ctx_free_old_ops(locpctx); + } else { + if (mdname == NULL && type == NULL) + mdname = canon_mdname(EVP_MD_get0_name(ctx->reqdigest)); + goto reinitialize; + } /* - * Ensure that the key is provided, either natively, or as a cached export. + * Try to derive the supported signature from |locpctx->keymgmt|. */ - tmp_keymgmt = locpctx->keymgmt; - provkey = evp_pkey_export_to_provider(locpctx->pkey, locpctx->libctx, - &tmp_keymgmt, locpctx->propquery); - if (provkey == NULL) { + if (!ossl_assert(locpctx->pkey->keymgmt == NULL + || locpctx->pkey->keymgmt == locpctx->keymgmt)) { ERR_clear_last_mark(); - ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); + ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); goto err; } - if (!EVP_KEYMGMT_up_ref(tmp_keymgmt)) { + supported_sig = evp_keymgmt_util_query_operation_name(locpctx->keymgmt, + OSSL_OP_SIGNATURE); + if (supported_sig == NULL) { ERR_clear_last_mark(); ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } - EVP_KEYMGMT_free(locpctx->keymgmt); - locpctx->keymgmt = tmp_keymgmt; - - if (locpctx->keymgmt->query_operation_name != NULL) - supported_sig = - locpctx->keymgmt->query_operation_name(OSSL_OP_SIGNATURE); /* - * If we didn't get a supported sig, assume there is one with the - * same name as the key type. + * We perform two iterations: + * + * 1. Do the normal signature fetch, using the fetching data given by + * the EVP_PKEY_CTX. + * 2. Do the provider specific signature fetch, from the same provider + * as |ctx->keymgmt| + * + * We then try to fetch the keymgmt from the same provider as the + * signature, and try to export |ctx->pkey| to that keymgmt (when + * this keymgmt happens to be the same as |ctx->keymgmt|, the export + * is a no-op, but we call it anyway to not complicate the code even + * more). + * If the export call succeeds (returns a non-NULL provider key pointer), + * we're done and can perform the operation itself. If not, we perform + * the second iteration, or jump to legacy. */ - if (supported_sig == NULL) - supported_sig = locpctx->keytype; + for (iter = 1, provkey = NULL; iter < 3 && provkey == NULL; iter++) { + EVP_KEYMGMT *tmp_keymgmt_tofree = NULL; - /* - * Because we cleared out old ops, we shouldn't need to worry about - * checking if signature is already there. - */ - signature = EVP_SIGNATURE_fetch(locpctx->libctx, supported_sig, - locpctx->propquery); + /* + * If we're on the second iteration, free the results from the first. + * They are NULL on the first iteration, so no need to check what + * iteration we're on. + */ + EVP_SIGNATURE_free(signature); + EVP_KEYMGMT_free(tmp_keymgmt); + + switch (iter) { + case 1: + signature = EVP_SIGNATURE_fetch(locpctx->libctx, supported_sig, + locpctx->propquery); + if (signature != NULL) + tmp_prov = EVP_SIGNATURE_get0_provider(signature); + break; + case 2: + tmp_prov = EVP_KEYMGMT_get0_provider(locpctx->keymgmt); + signature = + evp_signature_fetch_from_prov((OSSL_PROVIDER *)tmp_prov, + supported_sig, locpctx->propquery); + if (signature == NULL) + goto legacy; + break; + } + if (signature == NULL) + continue; - if (signature == NULL - || (EVP_KEYMGMT_get0_provider(locpctx->keymgmt) - != EVP_SIGNATURE_get0_provider(signature))) { /* - * We don't need to free ctx->keymgmt here, as it's not necessarily - * tied to this operation. It will be freed by EVP_PKEY_CTX_free(). + * Ensure that the key is provided, either natively, or as a cached + * export. We start by fetching the keymgmt with the same name as + * |locpctx->pkey|, but from the provider of the signature method, using + * the same property query as when fetching the signature method. + * With the keymgmt we found (if we did), we try to export |locpctx->pkey| + * to it (evp_pkey_export_to_provider() is smart enough to only actually + + * export it if |tmp_keymgmt| is different from |locpctx->pkey|'s keymgmt) */ + tmp_keymgmt_tofree = tmp_keymgmt = + evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)tmp_prov, + EVP_KEYMGMT_get0_name(locpctx->keymgmt), + locpctx->propquery); + if (tmp_keymgmt != NULL) + provkey = evp_pkey_export_to_provider(locpctx->pkey, locpctx->libctx, + &tmp_keymgmt, locpctx->propquery); + if (tmp_keymgmt == NULL) + EVP_KEYMGMT_free(tmp_keymgmt_tofree); + } + + if (provkey == NULL) { EVP_SIGNATURE_free(signature); - goto legacy; + ERR_clear_last_mark(); + ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); + goto err; } - /* - * If we don't have the full support we need with provided methods, - * let's go see if legacy does. - */ ERR_pop_to_mark(); /* No more legacy from here down to legacy: */ - if (pctx != NULL) - *pctx = locpctx; - locpctx->op.sig.signature = signature; locpctx->operation = ver ? EVP_PKEY_OP_VERIFYCTX : EVP_PKEY_OP_SIGNCTX; @@ -148,12 +208,17 @@ ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } + + reinitialize: + if (pctx != NULL) + *pctx = locpctx; + if (type != NULL) { ctx->reqdigest = type; if (mdname == NULL) mdname = canon_mdname(EVP_MD_get0_name(type)); } else { - if (mdname == NULL) { + if (mdname == NULL && !reinit) { if (evp_keymgmt_util_get_deflt_digest_name(tmp_keymgmt, provkey, locmdname, sizeof(locmdname)) > 0) { @@ -221,6 +286,7 @@ err: evp_pkey_ctx_free_old_ops(locpctx); locpctx->operation = EVP_PKEY_OP_UNDEFINED; + EVP_KEYMGMT_free(tmp_keymgmt); return 0; legacy: @@ -229,6 +295,8 @@ * let's go see if legacy does. */ ERR_pop_to_mark(); + EVP_KEYMGMT_free(tmp_keymgmt); + tmp_keymgmt = NULL; if (type == NULL && mdname != NULL) type = evp_get_digestbyname_ex(locpctx->libctx, mdname); @@ -299,6 +367,7 @@ ret = evp_pkey_ctx_use_cached_data(locpctx); #endif + EVP_KEYMGMT_free(tmp_keymgmt); return ret > 0 ? 1 : 0; } @@ -411,14 +480,14 @@ if (sigret == NULL || (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) != 0) return pctx->op.sig.signature->digest_sign_final(pctx->op.sig.algctx, sigret, siglen, - SIZE_MAX); + (siglen == NULL) ? 0 : *siglen); dctx = EVP_PKEY_CTX_dup(pctx); if (dctx == NULL) return 0; r = dctx->op.sig.signature->digest_sign_final(dctx->op.sig.algctx, sigret, siglen, - SIZE_MAX); + (siglen == NULL) ? 0 : *siglen); EVP_PKEY_CTX_free(dctx); return r; @@ -506,7 +575,8 @@ && pctx->op.sig.signature != NULL) { if (pctx->op.sig.signature->digest_sign != NULL) return pctx->op.sig.signature->digest_sign(pctx->op.sig.algctx, - sigret, siglen, SIZE_MAX, + sigret, siglen, + sigret == NULL ? 0 : *siglen, tbs, tbslen); } else { /* legacy */ diff -Nru openssl-3.0.0/crypto/evp/p_lib.c openssl-3.0.1/crypto/evp/p_lib.c --- openssl-3.0.0/crypto/evp/p_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/p_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -343,7 +343,7 @@ if (a->keymgmt != NULL || b->keymgmt != NULL) return evp_pkey_cmp_any(a, b, (SELECT_PARAMETERS - | OSSL_KEYMGMT_SELECT_PUBLIC_KEY)); + | OSSL_KEYMGMT_SELECT_KEYPAIR)); /* All legacy keys */ if (a->type != b->type) @@ -529,12 +529,14 @@ if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY)) != NULL) return OSSL_PARAM_get_octet_string(p, (void **)raw_key->key, - SIZE_MAX, raw_key->len); + raw_key->key == NULL ? 0 : *raw_key->len, + raw_key->len); } else if (raw_key->selection == OSSL_KEYMGMT_SELECT_PUBLIC_KEY) { if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY)) != NULL) return OSSL_PARAM_get_octet_string(p, (void **)raw_key->key, - SIZE_MAX, raw_key->len); + raw_key->key == NULL ? 0 : *raw_key->len, + raw_key->len); } return 0; @@ -630,7 +632,7 @@ if (ctx == NULL) goto err; - if (!EVP_PKEY_fromdata_init(ctx)) { + if (EVP_PKEY_fromdata_init(ctx) <= 0) { ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); goto err; } @@ -649,7 +651,7 @@ # endif *p = OSSL_PARAM_construct_end(); - if (!EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params)) { + if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0) { ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED); goto err; } @@ -1554,7 +1556,6 @@ */ if (keymgmt == NULL) pkey->ameth = ameth; - pkey->engine = e; /* * The EVP_PKEY_ASN1_METHOD |pkey_id| retains its legacy key purpose @@ -1570,6 +1571,13 @@ } else { pkey->type = EVP_PKEY_KEYMGMT; } +# ifndef OPENSSL_NO_ENGINE + if (eptr == NULL && e != NULL && !ENGINE_init(e)) { + ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); + return 0; + } +# endif + pkey->engine = e; #endif } return 1; @@ -1842,6 +1850,8 @@ if (tmp_keymgmt == NULL) { EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pk, propquery); + if (ctx == NULL) + goto end; tmp_keymgmt = ctx->keymgmt; ctx->keymgmt = NULL; EVP_PKEY_CTX_free(ctx); diff -Nru openssl-3.0.0/crypto/evp/pmeth_lib.c openssl-3.0.1/crypto/evp/pmeth_lib.c --- openssl-3.0.0/crypto/evp/pmeth_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/pmeth_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -265,7 +265,20 @@ * fetching a provider implementation. */ if (e == NULL && app_pmeth == NULL && keytype != NULL) { - keymgmt = EVP_KEYMGMT_fetch(libctx, keytype, propquery); + /* + * If |pkey| is given and is provided, we take a reference to its + * keymgmt. Otherwise, we fetch one for the keytype we got. This + * is to ensure that operation init functions can access what they + * need through this single pointer. + */ + if (pkey != NULL && pkey->keymgmt != NULL) { + if (!EVP_KEYMGMT_up_ref(pkey->keymgmt)) + ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); + else + keymgmt = pkey->keymgmt; + } else { + keymgmt = EVP_KEYMGMT_fetch(libctx, keytype, propquery); + } if (keymgmt == NULL) return NULL; /* EVP_KEYMGMT_fetch() recorded an error */ diff -Nru openssl-3.0.0/crypto/evp/signature.c openssl-3.0.1/crypto/evp/signature.c --- openssl-3.0.0/crypto/evp/signature.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/evp/signature.c 2021-12-14 17:16:25.000000000 +0100 @@ -314,6 +314,17 @@ (void (*)(void *))EVP_SIGNATURE_free); } +EVP_SIGNATURE *evp_signature_fetch_from_prov(OSSL_PROVIDER *prov, + const char *algorithm, + const char *properties) +{ + return evp_generic_fetch_from_prov(prov, OSSL_OP_SIGNATURE, + algorithm, properties, + evp_signature_from_algorithm, + (int (*)(void *))EVP_SIGNATURE_up_ref, + (void (*)(void *))EVP_SIGNATURE_free); +} + int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name) { return evp_is_a(signature->prov, signature->name_id, NULL, name); @@ -386,7 +397,9 @@ void *provkey = NULL; EVP_SIGNATURE *signature = NULL; EVP_KEYMGMT *tmp_keymgmt = NULL; + const OSSL_PROVIDER *tmp_prov = NULL; const char *supported_sig = NULL; + int iter; if (ctx == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); @@ -401,55 +414,102 @@ if (evp_pkey_ctx_is_legacy(ctx)) goto legacy; + if (ctx->pkey == NULL) { + ERR_clear_last_mark(); + ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET); + goto err; + } + /* - * Ensure that the key is provided, either natively, or as a cached export. - * If not, go legacy + * Try to derive the supported signature from |ctx->keymgmt|. */ - tmp_keymgmt = ctx->keymgmt; - provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx, - &tmp_keymgmt, ctx->propquery); - if (tmp_keymgmt == NULL) - goto legacy; - if (!EVP_KEYMGMT_up_ref(tmp_keymgmt)) { + if (!ossl_assert(ctx->pkey->keymgmt == NULL + || ctx->pkey->keymgmt == ctx->keymgmt)) { + ERR_clear_last_mark(); + ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); + goto err; + } + supported_sig = evp_keymgmt_util_query_operation_name(ctx->keymgmt, + OSSL_OP_SIGNATURE); + if (supported_sig == NULL) { ERR_clear_last_mark(); ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } - EVP_KEYMGMT_free(ctx->keymgmt); - ctx->keymgmt = tmp_keymgmt; - - if (ctx->keymgmt->query_operation_name != NULL) - supported_sig = ctx->keymgmt->query_operation_name(OSSL_OP_SIGNATURE); /* - * If we didn't get a supported sig, assume there is one with the - * same name as the key type. + * We perform two iterations: + * + * 1. Do the normal signature fetch, using the fetching data given by + * the EVP_PKEY_CTX. + * 2. Do the provider specific signature fetch, from the same provider + * as |ctx->keymgmt| + * + * We then try to fetch the keymgmt from the same provider as the + * signature, and try to export |ctx->pkey| to that keymgmt (when + * this keymgmt happens to be the same as |ctx->keymgmt|, the export + * is a no-op, but we call it anyway to not complicate the code even + * more). + * If the export call succeeds (returns a non-NULL provider key pointer), + * we're done and can perform the operation itself. If not, we perform + * the second iteration, or jump to legacy. */ - if (supported_sig == NULL) - supported_sig = ctx->keytype; + for (iter = 1; iter < 3 && provkey == NULL; iter++) { + EVP_KEYMGMT *tmp_keymgmt_tofree = NULL; - /* - * Because we cleared out old ops, we shouldn't need to worry about - * checking if signature is already there. - */ - signature = - EVP_SIGNATURE_fetch(ctx->libctx, supported_sig, ctx->propquery); + /* + * If we're on the second iteration, free the results from the first. + * They are NULL on the first iteration, so no need to check what + * iteration we're on. + */ + EVP_SIGNATURE_free(signature); + EVP_KEYMGMT_free(tmp_keymgmt); + + switch (iter) { + case 1: + signature = + EVP_SIGNATURE_fetch(ctx->libctx, supported_sig, ctx->propquery); + if (signature != NULL) + tmp_prov = EVP_SIGNATURE_get0_provider(signature); + break; + case 2: + tmp_prov = EVP_KEYMGMT_get0_provider(ctx->keymgmt); + signature = + evp_signature_fetch_from_prov((OSSL_PROVIDER *)tmp_prov, + supported_sig, ctx->propquery); + if (signature == NULL) + goto legacy; + break; + } + if (signature == NULL) + continue; - if (signature == NULL - || (EVP_KEYMGMT_get0_provider(ctx->keymgmt) - != EVP_SIGNATURE_get0_provider(signature))) { /* - * We don't need to free ctx->keymgmt here, as it's not necessarily - * tied to this operation. It will be freed by EVP_PKEY_CTX_free(). + * Ensure that the key is provided, either natively, or as a cached + * export. We start by fetching the keymgmt with the same name as + * |ctx->pkey|, but from the provider of the signature method, using + * the same property query as when fetching the signature method. + * With the keymgmt we found (if we did), we try to export |ctx->pkey| + * to it (evp_pkey_export_to_provider() is smart enough to only actually + + * export it if |tmp_keymgmt| is different from |ctx->pkey|'s keymgmt) */ + tmp_keymgmt_tofree = tmp_keymgmt = + evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)tmp_prov, + EVP_KEYMGMT_get0_name(ctx->keymgmt), + ctx->propquery); + if (tmp_keymgmt != NULL) + provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx, + &tmp_keymgmt, ctx->propquery); + if (tmp_keymgmt == NULL) + EVP_KEYMGMT_free(tmp_keymgmt_tofree); + } + + if (provkey == NULL) { EVP_SIGNATURE_free(signature); goto legacy; } - /* - * If we don't have the full support we need with provided methods, - * let's go see if legacy does. - */ ERR_pop_to_mark(); /* No more legacy from here down to legacy: */ @@ -507,6 +567,8 @@ * let's go see if legacy does. */ ERR_pop_to_mark(); + EVP_KEYMGMT_free(tmp_keymgmt); + tmp_keymgmt = NULL; if (ctx->pmeth == NULL || (operation == EVP_PKEY_OP_SIGN && ctx->pmeth->sign == NULL) @@ -545,10 +607,12 @@ ret = evp_pkey_ctx_use_cached_data(ctx); #endif + EVP_KEYMGMT_free(tmp_keymgmt); return ret; err: evp_pkey_ctx_free_old_ops(ctx); ctx->operation = EVP_PKEY_OP_UNDEFINED; + EVP_KEYMGMT_free(tmp_keymgmt); return ret; } @@ -582,7 +646,7 @@ goto legacy; ret = ctx->op.sig.signature->sign(ctx->op.sig.algctx, sig, siglen, - SIZE_MAX, tbs, tbslen); + (sig == NULL) ? 0 : *siglen, tbs, tbslen); return ret; legacy: diff -Nru openssl-3.0.0/crypto/http/http_client.c openssl-3.0.1/crypto/http/http_client.c --- openssl-3.0.0/crypto/http/http_client.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/http/http_client.c 2021-12-14 17:16:25.000000000 +0100 @@ -369,12 +369,13 @@ /* * Parse first HTTP response line. This should be like this: "HTTP/1.0 200 OK". - * We need to obtain the numeric code and (optional) informational message. + * We need to obtain the status code and (optional) informational message. + * Return any received HTTP response status code, or 0 on fatal error. */ static int parse_http_line1(char *line, int *found_keep_alive) { - int i, retcode; + int i, retcode, err; char *code, *reason, *end; if (!HAS_PREFIX(line, HTTP_PREFIX_VERSION)) @@ -430,22 +431,21 @@ case HTTP_STATUS_CODE_FOUND: return retcode; default: + err = HTTP_R_RECEIVED_ERROR; if (retcode < 400) - retcode = HTTP_R_STATUS_CODE_UNSUPPORTED; - else - retcode = HTTP_R_RECEIVED_ERROR; + err = HTTP_R_STATUS_CODE_UNSUPPORTED; if (*reason == '\0') - ERR_raise_data(ERR_LIB_HTTP, retcode, "code=%s", code); + ERR_raise_data(ERR_LIB_HTTP, err, "code=%s", code); else - ERR_raise_data(ERR_LIB_HTTP, retcode, - "code=%s, reason=%s", code, reason); - return 0; + ERR_raise_data(ERR_LIB_HTTP, err, "code=%s, reason=%s", code, + reason); + return retcode; } err: - i = 0; - while (i < 60 && ossl_isprint(line[i])) - i++; + for (i = 0; i < 60 && line[i] != '\0'; i++) + if (!ossl_isprint(line[i])) + line[i] = ' '; line[i] = '\0'; ERR_raise_data(ERR_LIB_HTTP, HTTP_R_HEADER_PARSE_ERROR, "content=%s", line); return 0; @@ -464,6 +464,21 @@ return 1; } +static int may_still_retry(time_t max_time, int *ptimeout) +{ + time_t time_diff, now = time(NULL); + + if (max_time != 0) { + if (max_time < now) { + ERR_raise(ERR_LIB_HTTP, HTTP_R_RETRY_TIMEOUT); + return 0; + } + time_diff = max_time - now; + *ptimeout = time_diff > INT_MAX ? INT_MAX : (int)time_diff; + } + return 1; +} + /* * Try exchanging request and response via HTTP on (non-)blocking BIO in rctx. * Returns 1 on success, 0 on error or redirection, -1 on BIO_should_retry. @@ -474,7 +489,7 @@ long n; size_t resp_len; const unsigned char *p; - char *key, *value, *line_end = NULL; + char *buf, *key, *value, *line_end = NULL; if (rctx == NULL) { ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER); @@ -487,11 +502,20 @@ rctx->redirection_url = NULL; next_io: + buf = (char *)rctx->buf; if ((rctx->state & OHS_NOREAD) == 0) { - if (rctx->expect_asn1) + if (rctx->expect_asn1) { n = BIO_read(rctx->rbio, rctx->buf, rctx->buf_size); - else - n = BIO_gets(rctx->rbio, (char *)rctx->buf, rctx->buf_size); + } else { + (void)ERR_set_mark(); + n = BIO_gets(rctx->rbio, buf, rctx->buf_size); + if (n == -2) { /* unsupported method */ + (void)ERR_pop_to_mark(); + n = BIO_get_line(rctx->rbio, buf, rctx->buf_size); + } else { + (void)ERR_clear_last_mark(); + } + } if (n <= 0) { if (BIO_should_retry(rctx->rbio)) return -1; @@ -592,7 +616,7 @@ } goto next_io; } - n = BIO_gets(rctx->mem, (char *)rctx->buf, rctx->buf_size); + n = BIO_gets(rctx->mem, buf, rctx->buf_size); if (n <= 0) { if (BIO_should_retry(rctx->mem)) @@ -610,7 +634,7 @@ /* First line */ if (rctx->state == OHS_FIRSTLINE) { - switch (parse_http_line1((char *)rctx->buf, &found_keep_alive)) { + switch (parse_http_line1(buf, &found_keep_alive)) { case HTTP_STATUS_CODE_OK: rctx->state = OHS_HEADERS; goto next_line; @@ -625,10 +649,10 @@ /* fall through */ default: rctx->state = OHS_ERROR; - return 0; + goto next_line; } } - key = (char *)rctx->buf; + key = buf; value = strchr(key, ':'); if (value != NULL) { *(value++) = '\0'; @@ -684,11 +708,6 @@ if (*p != '\0') /* not end of headers */ goto next_line; - if (rctx->expected_ct != NULL && !found_expected_ct) { - ERR_raise_data(ERR_LIB_HTTP, HTTP_R_MISSING_CONTENT_TYPE, - "expected=%s", rctx->expected_ct); - return 0; - } if (rctx->keep_alive != 0 /* do not let server initiate keep_alive */ && !found_keep_alive /* otherwise there is no change */) { if (rctx->keep_alive == 2) { @@ -699,6 +718,14 @@ rctx->keep_alive = 0; } + if (rctx->state == OHS_ERROR) + return 0; + + if (rctx->expected_ct != NULL && !found_expected_ct) { + ERR_raise_data(ERR_LIB_HTTP, HTTP_R_MISSING_CONTENT_TYPE, + "expected=%s", rctx->expected_ct); + return 0; + } if (rctx->state == OHS_REDIRECT) { /* http status code indicated redirect but there was no Location */ ERR_raise(ERR_LIB_HTTP, HTTP_R_MISSING_REDIRECT_LOCATION); @@ -959,7 +986,7 @@ return 0; } use_http_proxy = rctx->proxy != NULL && !rctx->use_ssl; - if (use_http_proxy && (rctx->server == NULL || rctx->port == NULL)) { + if (use_http_proxy && rctx->server == NULL) { ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } @@ -1069,6 +1096,7 @@ int use_ssl; OSSL_HTTP_REQ_CTX *rctx; BIO *resp = NULL; + time_t max_time = timeout > 0 ? time(NULL) + timeout : 0; if (url == NULL) { ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER); @@ -1099,7 +1127,8 @@ } OPENSSL_free(path); if (resp == NULL && redirection_url != NULL) { - if (redirection_ok(++n_redirs, current_url, redirection_url)) { + if (redirection_ok(++n_redirs, current_url, redirection_url) + && may_still_retry(max_time, &timeout)) { (void)BIO_reset(bio); OPENSSL_free(current_url); current_url = redirection_url; diff -Nru openssl-3.0.0/crypto/http/http_err.c openssl-3.0.1/crypto/http/http_err.c --- openssl-3.0.0/crypto/http/http_err.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/http/http_err.c 2021-12-14 17:16:25.000000000 +0100 @@ -55,6 +55,7 @@ "response line too long"}, {ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_RESPONSE_PARSE_ERROR), "response parse error"}, + {ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_RETRY_TIMEOUT), "retry timeout"}, {ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_SERVER_CANCELED_CONNECTION), "server canceled connection"}, {ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_SOCK_NOT_SUPPORTED), diff -Nru openssl-3.0.0/crypto/initthread.c openssl-3.0.1/crypto/initthread.c --- openssl-3.0.0/crypto/initthread.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/initthread.c 2021-12-14 17:16:25.000000000 +0100 @@ -309,11 +309,23 @@ static void init_thread_stop(void *arg, THREAD_EVENT_HANDLER **hands) { THREAD_EVENT_HANDLER *curr, *prev = NULL, *tmp; +#ifndef FIPS_MODULE + GLOBAL_TEVENT_REGISTER *gtr; +#endif /* Can't do much about this */ if (hands == NULL) return; +#ifndef FIPS_MODULE + gtr = get_global_tevent_register(); + if (gtr == NULL) + return; + + if (!CRYPTO_THREAD_write_lock(gtr->lock)) + return; +#endif + curr = *hands; while (curr != NULL) { if (arg != NULL && curr->arg != arg) { @@ -332,6 +344,9 @@ OPENSSL_free(tmp); } +#ifndef FIPS_MODULE + CRYPTO_THREAD_unlock(gtr->lock); +#endif } int ossl_init_thread_start(const void *index, void *arg, diff -Nru openssl-3.0.0/crypto/objects/o_names.c openssl-3.0.1/crypto/objects/o_names.c --- openssl-3.0.0/crypto/objects/o_names.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/objects/o_names.c 2021-12-14 17:16:25.000000000 +0100 @@ -66,8 +66,14 @@ static CRYPTO_ONCE init = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(o_names_init) { - names_lh = lh_OBJ_NAME_new(obj_name_hash, obj_name_cmp); + names_lh = NULL; obj_lock = CRYPTO_THREAD_lock_new(); + if (obj_lock != NULL) + names_lh = lh_OBJ_NAME_new(obj_name_hash, obj_name_cmp); + if (names_lh == NULL) { + CRYPTO_THREAD_lock_free(obj_lock); + obj_lock = NULL; + } return names_lh != NULL && obj_lock != NULL; } diff -Nru openssl-3.0.0/crypto/ocsp/ocsp_http.c openssl-3.0.1/crypto/ocsp/ocsp_http.c --- openssl-3.0.0/crypto/ocsp/ocsp_http.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/ocsp/ocsp_http.c 2021-12-14 17:16:25.000000000 +0100 @@ -58,13 +58,11 @@ if (ctx == NULL) return NULL; mem = OSSL_HTTP_REQ_CTX_exchange(ctx); - resp = (OCSP_RESPONSE *) - ASN1_item_d2i_bio(ASN1_ITEM_rptr(OCSP_RESPONSE), mem, NULL); - BIO_free(mem); + /* ASN1_item_d2i_bio handles NULL bio gracefully */ + resp = (OCSP_RESPONSE *)ASN1_item_d2i_bio(ASN1_ITEM_rptr(OCSP_RESPONSE), + mem, NULL); - /* this indirectly calls ERR_clear_error(): */ OSSL_HTTP_REQ_CTX_free(ctx); - return resp; } #endif /* !defined(OPENSSL_NO_OCSP) */ diff -Nru openssl-3.0.0/crypto/param_build.c openssl-3.0.1/crypto/param_build.c --- openssl-3.0.0/crypto/param_build.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/param_build.c 2021-12-14 17:16:25.000000000 +0100 @@ -204,6 +204,12 @@ OSSL_PARAM_BLD_DEF *pd; if (bn != NULL) { + if (BN_is_negative(bn)) { + ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_UNSUPPORTED, + "Negative big numbers are unsupported for OSSL_PARAM"); + return 0; + } + n = BN_num_bytes(bn); if (n < 0) { ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_ZERO_LENGTH_NUMBER); diff -Nru openssl-3.0.0/crypto/params_from_text.c openssl-3.0.1/crypto/params_from_text.c --- openssl-3.0.0/crypto/params_from_text.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/params_from_text.c 2021-12-14 17:16:25.000000000 +0100 @@ -57,8 +57,14 @@ if (r == 0 || *tmpbn == NULL) return 0; + if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER + && BN_is_negative(*tmpbn)) { + ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_INVALID_NEGATIVE_VALUE); + return 0; + } + /* - * 2s complement negate, part 1 + * 2's complement negate, part 1 * * BN_bn2nativepad puts the absolute value of the number in the * buffer, i.e. if it's negative, we need to deal with it. We do @@ -73,6 +79,20 @@ } buf_bits = (size_t)BN_num_bits(*tmpbn); + + /* + * Compensate for cases where the most significant bit in + * the resulting OSSL_PARAM buffer will be set after the + * BN_bn2nativepad() call, as the implied sign may not be + * correct after the second part of the 2's complement + * negation has been performed. + * We fix these cases by extending the buffer by one byte + * (8 bits), which will give some padding. The second part + * of the 2's complement negation will do the rest. + */ + if (p->data_type == OSSL_PARAM_INTEGER && buf_bits % 8 == 0) + buf_bits += 8; + *buf_n = (buf_bits + 7) / 8; /* @@ -80,9 +100,7 @@ * range checking if a size is specified. */ if (p->data_size > 0) { - if (buf_bits > p->data_size * 8 - || (p->data_type == OSSL_PARAM_INTEGER - && buf_bits == p->data_size * 8)) { + if (buf_bits > p->data_size * 8) { ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER); /* Since this is a different error, we don't break */ return 0; @@ -132,7 +150,7 @@ BN_bn2nativepad(tmpbn, buf, buf_n); /* - * 2s complement negate, part two. + * 2's complement negation, part two. * * Because we did the first part on the BIGNUM itself, we can just * invert all the bytes here and be done with it. diff -Nru openssl-3.0.0/crypto/passphrase.c openssl-3.0.1/crypto/passphrase.c --- openssl-3.0.0/crypto/passphrase.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/passphrase.c 2021-12-14 17:16:25.000000000 +0100 @@ -296,7 +296,8 @@ return ret; } -int ossl_pw_pem_password(char *buf, int size, int rwflag, void *userdata) +static int ossl_pw_get_password(char *buf, int size, int rwflag, + void *userdata, const char *info) { size_t password_len = 0; OSSL_PARAM params[] = { @@ -304,13 +305,23 @@ OSSL_PARAM_END }; - params[0].data = "PEM"; + params[0].data = (void *)info; if (ossl_pw_get_passphrase(buf, (size_t)size, &password_len, params, rwflag, userdata)) return (int)password_len; return -1; } +int ossl_pw_pem_password(char *buf, int size, int rwflag, void *userdata) +{ + return ossl_pw_get_password(buf, size, rwflag, userdata, "PEM"); +} + +int ossl_pw_pvk_password(char *buf, int size, int rwflag, void *userdata) +{ + return ossl_pw_get_password(buf, size, rwflag, userdata, "PVK"); +} + int ossl_pw_passphrase_callback_enc(char *pass, size_t pass_size, size_t *pass_len, const OSSL_PARAM params[], void *arg) diff -Nru openssl-3.0.0/crypto/pem/pvkfmt.c openssl-3.0.1/crypto/pem/pvkfmt.c --- openssl-3.0.0/crypto/pem/pvkfmt.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/pem/pvkfmt.c 2021-12-14 17:16:25.000000000 +0100 @@ -832,6 +832,11 @@ #endif EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new(); + if (cctx == NULL) { + ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + goto err; + } + if (saltlen) { #ifndef OPENSSL_NO_RC4 unsigned int magic; diff -Nru openssl-3.0.0/crypto/perlasm/ppc-xlate.pl openssl-3.0.1/crypto/perlasm/ppc-xlate.pl --- openssl-3.0.0/crypto/perlasm/ppc-xlate.pl 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/perlasm/ppc-xlate.pl 2021-12-14 17:16:25.000000000 +0100 @@ -153,13 +153,14 @@ # vs -> v if N > 32 sub vsr2vr1 { my $in = shift; + my ($prefix, $reg) = ($in =~ m/(\D*)(\d+)/); - my $n = int($in); + my $n = int($reg); if ($n >= 32) { $n -= 32; } - return "$n"; + return "${prefix}${n}"; } # As above for first $num register args, returns list sub _vsr2vr { diff -Nru openssl-3.0.0/crypto/property/property.c openssl-3.0.1/crypto/property/property.c --- openssl-3.0.0/crypto/property/property.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/property/property.c 2021-12-14 17:16:25.000000000 +0100 @@ -45,6 +45,7 @@ DEFINE_STACK_OF(IMPLEMENTATION) typedef struct { + const OSSL_PROVIDER *provider; const char *query; METHOD method; char body[1]; @@ -117,7 +118,7 @@ globp = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_GLOBAL_PROPERTIES, &ossl_ctx_global_properties_method); - return &globp->list; + return globp != NULL ? &globp->list : NULL; } #ifndef FIPS_MODULE @@ -127,7 +128,7 @@ = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_GLOBAL_PROPERTIES, &ossl_ctx_global_properties_method); - return globp->no_mirrored ? 1 : 0; + return globp != NULL && globp->no_mirrored ? 1 : 0; } void ossl_global_properties_stop_mirroring(OSSL_LIB_CTX *libctx) @@ -136,7 +137,8 @@ = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_GLOBAL_PROPERTIES, &ossl_ctx_global_properties_method); - globp->no_mirrored = 1; + if (globp != NULL) + globp->no_mirrored = 1; } #endif @@ -172,7 +174,13 @@ static int query_cmp(const QUERY *a, const QUERY *b) { - return strcmp(a->query, b->query); + int res = strcmp(a->query, b->query); + + if (res == 0 && a->provider != NULL && b->provider != NULL) + res = b->provider > a->provider ? 1 + : b->provider < a->provider ? -1 + : 0; + return res; } static void impl_free(IMPLEMENTATION *impl) @@ -260,6 +268,9 @@ if (properties == NULL) properties = ""; + if (!ossl_assert(prov != NULL)) + return 0; + /* Create new entry */ impl = OPENSSL_malloc(sizeof(*impl)); if (impl == NULL) @@ -393,15 +404,15 @@ ossl_sa_ALGORITHM_doall_arg(store->algs, alg_do_each, &data); } -int ossl_method_store_fetch(OSSL_METHOD_STORE *store, int nid, - const char *prop_query, - void **method) +int ossl_method_store_fetch(OSSL_METHOD_STORE *store, + int nid, const char *prop_query, + const OSSL_PROVIDER **prov_rw, void **method) { OSSL_PROPERTY_LIST **plp; ALGORITHM *alg; - IMPLEMENTATION *impl; + IMPLEMENTATION *impl, *best_impl = NULL; OSSL_PROPERTY_LIST *pq = NULL, *p2 = NULL; - METHOD *best_method = NULL; + const OSSL_PROVIDER *prov = prov_rw != NULL ? *prov_rw : NULL; int ret = 0; int j, best = -1, score, optional; @@ -438,29 +449,38 @@ } if (pq == NULL) { - if ((impl = sk_IMPLEMENTATION_value(alg->impls, 0)) != NULL) { - best_method = &impl->method; - ret = 1; + for (j = 0; j < sk_IMPLEMENTATION_num(alg->impls); j++) { + if ((impl = sk_IMPLEMENTATION_value(alg->impls, j)) != NULL + && (prov == NULL || impl->provider == prov)) { + best_impl = impl; + ret = 1; + break; + } } goto fin; } optional = ossl_property_has_optional(pq); for (j = 0; j < sk_IMPLEMENTATION_num(alg->impls); j++) { - impl = sk_IMPLEMENTATION_value(alg->impls, j); - score = ossl_property_match_count(pq, impl->properties); - if (score > best) { - best_method = &impl->method; - best = score; - ret = 1; - if (!optional) - goto fin; + if ((impl = sk_IMPLEMENTATION_value(alg->impls, j)) != NULL + && (prov == NULL || impl->provider == prov)) { + score = ossl_property_match_count(pq, impl->properties); + if (score > best) { + best_impl = impl; + best = score; + ret = 1; + if (!optional) + goto fin; + } } } fin: - if (ret && ossl_method_up_ref(best_method)) - *method = best_method->method; - else + if (ret && ossl_method_up_ref(&best_impl->method)) { + *method = best_impl->method.method; + if (prov_rw != NULL) + *prov_rw = best_impl->provider; + } else { ret = 0; + } ossl_property_unlock(store); ossl_property_free(p2); return ret; @@ -569,8 +589,8 @@ store->nelem = state.nelem; } -int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, int nid, - const char *prop_query, void **method) +int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, OSSL_PROVIDER *prov, + int nid, const char *prop_query, void **method) { ALGORITHM *alg; QUERY elem, *r; @@ -586,6 +606,7 @@ goto err; elem.query = prop_query != NULL ? prop_query : ""; + elem.provider = prov; r = lh_QUERY_retrieve(alg->cache, &elem); if (r == NULL) goto err; @@ -598,8 +619,8 @@ return res; } -int ossl_method_store_cache_set(OSSL_METHOD_STORE *store, int nid, - const char *prop_query, void *method, +int ossl_method_store_cache_set(OSSL_METHOD_STORE *store, OSSL_PROVIDER *prov, + int nid, const char *prop_query, void *method, int (*method_up_ref)(void *), void (*method_destruct)(void *)) { @@ -613,6 +634,9 @@ if (prop_query == NULL) return 1; + if (!ossl_assert(prov != NULL)) + return 0; + if (!ossl_property_write_lock(store)) return 0; if (store->need_flush) @@ -623,6 +647,7 @@ if (method == NULL) { elem.query = prop_query; + elem.provider = prov; if ((old = lh_QUERY_delete(alg->cache, &elem)) != NULL) { impl_cache_free(old); store->nelem--; @@ -632,6 +657,7 @@ p = OPENSSL_malloc(sizeof(*p) + (len = strlen(prop_query))); if (p != NULL) { p->query = p->body; + p->provider = prov; p->method.method = method; p->method.up_ref = method_up_ref; p->method.free = method_destruct; diff -Nru openssl-3.0.0/crypto/property/property_local.h openssl-3.0.1/crypto/property/property_local.h --- openssl-3.0.0/crypto/property/property_local.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/property/property_local.h 2021-12-14 17:16:25.000000000 +0100 @@ -34,7 +34,8 @@ OSSL_PROPERTY_DEFINITION properties[1]; }; -extern OSSL_PROPERTY_IDX ossl_property_true, ossl_property_false; +#define OSSL_PROPERTY_TRUE 1 +#define OSSL_PROPERTY_FALSE 2 /* Property string functions */ OSSL_PROPERTY_IDX ossl_property_name(OSSL_LIB_CTX *ctx, const char *s, diff -Nru openssl-3.0.0/crypto/property/property_parse.c openssl-3.0.1/crypto/property/property_parse.c --- openssl-3.0.0/crypto/property/property_parse.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/property/property_parse.c 2021-12-14 17:16:25.000000000 +0100 @@ -19,8 +19,6 @@ #include "property_local.h" #include "e_os.h" -OSSL_PROPERTY_IDX ossl_property_true, ossl_property_false; - DEFINE_STACK_OF(OSSL_PROPERTY_DEFINITION) static const char *skip_space(const char *s) @@ -277,12 +275,16 @@ /* * Convert a stack of property definitions and queries into a fixed array. * The items are sorted for efficient query. The stack is not freed. + * This function also checks for duplicated names and returns an error if + * any exist. */ static OSSL_PROPERTY_LIST * -stack_to_property_list(STACK_OF(OSSL_PROPERTY_DEFINITION) *sk) +stack_to_property_list(OSSL_LIB_CTX *ctx, + STACK_OF(OSSL_PROPERTY_DEFINITION) *sk) { const int n = sk_OSSL_PROPERTY_DEFINITION_num(sk); OSSL_PROPERTY_LIST *r; + OSSL_PROPERTY_IDX prev_name_idx = 0; int i; r = OPENSSL_malloc(sizeof(*r) @@ -294,6 +296,16 @@ for (i = 0; i < n; i++) { r->properties[i] = *sk_OSSL_PROPERTY_DEFINITION_value(sk, i); r->has_optional |= r->properties[i].optional; + + /* Check for duplicated names */ + if (i > 0 && r->properties[i].name_idx == prev_name_idx) { + OPENSSL_free(r); + ERR_raise_data(ERR_LIB_PROP, PROP_R_PARSE_FAILED, + "Duplicated name `%s'", + ossl_property_name_str(ctx, prev_name_idx)); + return NULL; + } + prev_name_idx = r->properties[i].name_idx; } r->num_properties = n; } @@ -338,7 +350,7 @@ } else { /* A name alone means a true Boolean */ prop->type = OSSL_PROPERTY_TYPE_STRING; - prop->v.str_val = ossl_property_true; + prop->v.str_val = OSSL_PROPERTY_TRUE; } if (!sk_OSSL_PROPERTY_DEFINITION_push(sk, prop)) @@ -351,7 +363,7 @@ "HERE-->%s", s); goto err; } - res = stack_to_property_list(sk); + res = stack_to_property_list(ctx, sk); err: OPENSSL_free(prop); @@ -397,7 +409,7 @@ /* A name alone is a Boolean comparison for true */ prop->oper = OSSL_PROPERTY_OPER_EQ; prop->type = OSSL_PROPERTY_TYPE_STRING; - prop->v.str_val = ossl_property_true; + prop->v.str_val = OSSL_PROPERTY_TRUE; goto skip_value; } if (!parse_value(ctx, &s, prop, create_values)) @@ -414,7 +426,7 @@ "HERE-->%s", s); goto err; } - res = stack_to_property_list(sk); + res = stack_to_property_list(ctx, sk); err: OPENSSL_free(prop); @@ -471,9 +483,9 @@ return -1; } else if (q[i].type != OSSL_PROPERTY_TYPE_STRING || (oper == OSSL_PROPERTY_OPER_EQ - && q[i].v.str_val != ossl_property_false) + && q[i].v.str_val != OSSL_PROPERTY_FALSE) || (oper == OSSL_PROPERTY_OPER_NE - && q[i].v.str_val == ossl_property_false)) { + && q[i].v.str_val == OSSL_PROPERTY_FALSE)) { if (!q[i].optional) return -1; } else { @@ -546,9 +558,13 @@ if (ossl_property_name(ctx, predefined_names[i], 1) == 0) goto err; - /* Pre-populate the two Boolean values */ - if ((ossl_property_true = ossl_property_value(ctx, "yes", 1)) == 0 - || (ossl_property_false = ossl_property_value(ctx, "no", 1)) == 0) + /* + * Pre-populate the two Boolean values. We must do them before any other + * values and in this order so that we get the same index as the global + * OSSL_PROPERTY_TRUE and OSSL_PROPERTY_FALSE values + */ + if ((ossl_property_value(ctx, "yes", 1) != OSSL_PROPERTY_TRUE) + || (ossl_property_value(ctx, "no", 1) != OSSL_PROPERTY_FALSE)) goto err; return 1; diff -Nru openssl-3.0.0/crypto/property/property_query.c openssl-3.0.1/crypto/property/property_query.c --- openssl-3.0.0/crypto/property/property_query.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/property/property_query.c 2021-12-14 17:16:25.000000000 +0100 @@ -75,8 +75,8 @@ return 0; return (prop->type == OSSL_PROPERTY_TYPE_STRING && ((prop->oper == OSSL_PROPERTY_OPER_EQ - && prop->v.str_val == ossl_property_true) + && prop->v.str_val == OSSL_PROPERTY_TRUE) || (prop->oper == OSSL_PROPERTY_OPER_NE - && prop->v.str_val != ossl_property_true))); + && prop->v.str_val != OSSL_PROPERTY_TRUE))); } diff -Nru openssl-3.0.0/crypto/provider.c openssl-3.0.1/crypto/provider.c --- openssl-3.0.0/crypto/provider.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/provider.c 2021-12-14 17:16:25.000000000 +0100 @@ -35,10 +35,16 @@ actual = prov; if (isnew && !ossl_provider_add_to_store(prov, &actual, retain_fallbacks)) { - ossl_provider_deactivate(prov); + ossl_provider_deactivate(prov, 1); ossl_provider_free(prov); return NULL; } + if (actual != prov) { + if (!ossl_provider_activate(actual, 1, 0)) { + ossl_provider_free(actual); + return NULL; + } + } return actual; } @@ -53,7 +59,7 @@ int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov) { - if (!ossl_provider_deactivate(prov)) + if (!ossl_provider_deactivate(prov, 1)) return 0; ossl_provider_free(prov); return 1; diff -Nru openssl-3.0.0/crypto/provider_child.c openssl-3.0.1/crypto/provider_child.c --- openssl-3.0.0/crypto/provider_child.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/provider_child.c 2021-12-14 17:16:25.000000000 +0100 @@ -22,7 +22,6 @@ struct child_prov_globals { const OSSL_CORE_HANDLE *handle; const OSSL_CORE_HANDLE *curr_prov; - unsigned int isinited:1; CRYPTO_RWLOCK *lock; OSSL_FUNC_core_get_libctx_fn *c_get_libctx; OSSL_FUNC_provider_register_child_cb_fn *c_provider_register_child_cb; @@ -43,7 +42,6 @@ { struct child_prov_globals *gbl = vgbl; - gbl->c_provider_deregister_child_cb(gbl->handle); CRYPTO_THREAD_lock_free(gbl->lock); OPENSSL_free(gbl); } @@ -110,11 +108,7 @@ if (gbl == NULL) return 0; - /* - * If !gbl->isinited, then we are still initing and we already hold the - * lock - so don't take it again. - */ - if (gbl->isinited && !CRYPTO_THREAD_write_lock(gbl->lock)) + if (!CRYPTO_THREAD_write_lock(gbl->lock)) return 0; provname = gbl->c_prov_name(prov); @@ -153,7 +147,7 @@ if (!ossl_provider_set_child(cprov, prov) || !ossl_provider_add_to_store(cprov, NULL, 0)) { - ossl_provider_deactivate(cprov); + ossl_provider_deactivate(cprov, 0); ossl_provider_free(cprov); goto err; } @@ -161,8 +155,7 @@ ret = 1; err: - if (gbl->isinited) - CRYPTO_THREAD_unlock(gbl->lock); + CRYPTO_THREAD_unlock(gbl->lock); return ret; } @@ -188,7 +181,7 @@ */ ossl_provider_free(cprov); if (ossl_provider_is_child(cprov) - && !ossl_provider_deactivate(cprov)) + && !ossl_provider_deactivate(cprov, 1)) return 0; return 1; @@ -272,11 +265,20 @@ ctx)) return 0; - gbl->isinited = 1; - return 1; } +void ossl_provider_deinit_child(OSSL_LIB_CTX *ctx) +{ + struct child_prov_globals *gbl + = ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_CHILD_PROVIDER_INDEX, + &child_prov_ossl_ctx_method); + if (gbl == NULL) + return; + + gbl->c_provider_deregister_child_cb(gbl->handle); +} + int ossl_provider_up_ref_parent(OSSL_PROVIDER *prov, int activate) { struct child_prov_globals *gbl; diff -Nru openssl-3.0.0/crypto/provider_conf.c openssl-3.0.1/crypto/provider_conf.c --- openssl-3.0.0/crypto/provider_conf.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/provider_conf.c 2021-12-14 17:16:25.000000000 +0100 @@ -146,9 +146,6 @@ const char *path = NULL; long activate = 0; int ok = 0; - PROVIDER_CONF_GLOBAL *pcgbl - = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX, - &provider_conf_ossl_ctx_method); name = skip_dot(name); OSSL_TRACE1(CONF, "Configuring provider %s\n", name); @@ -185,7 +182,11 @@ } if (activate) { - if (!CRYPTO_THREAD_write_lock(pcgbl->lock)) { + PROVIDER_CONF_GLOBAL *pcgbl + = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_CONF_INDEX, + &provider_conf_ossl_ctx_method); + + if (pcgbl == NULL || !CRYPTO_THREAD_write_lock(pcgbl->lock)) { ERR_raise(ERR_LIB_CRYPTO, ERR_R_INTERNAL_ERROR); return 0; } @@ -221,13 +222,24 @@ if (!ossl_provider_activate(prov, 1, 0)) { ok = 0; } else if (!ossl_provider_add_to_store(prov, &actual, 0)) { - ossl_provider_deactivate(prov); + ossl_provider_deactivate(prov, 1); + ok = 0; + } else if (actual != prov + && !ossl_provider_activate(actual, 1, 0)) { + ossl_provider_free(actual); ok = 0; } else { if (pcgbl->activated_providers == NULL) pcgbl->activated_providers = sk_OSSL_PROVIDER_new_null(); - sk_OSSL_PROVIDER_push(pcgbl->activated_providers, actual); - ok = 1; + if (pcgbl->activated_providers == NULL + || !sk_OSSL_PROVIDER_push(pcgbl->activated_providers, + actual)) { + ossl_provider_deactivate(actual, 1); + ossl_provider_free(actual); + ok = 0; + } else { + ok = 1; + } } } if (!ok) diff -Nru openssl-3.0.0/crypto/provider_core.c openssl-3.0.1/crypto/provider_core.c --- openssl-3.0.0/crypto/provider_core.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/provider_core.c 2021-12-14 17:16:25.000000000 +0100 @@ -107,8 +107,8 @@ * some other function while holding a lock make sure you know whether it * will make any upcalls or not. For example ossl_provider_up_ref() can call * ossl_provider_up_ref_parent() which can call the c_prov_up_ref() upcall. - * - It is permissible to hold the store lock when calling child provider - * callbacks. No other locks may be held during such callbacks. + * - It is permissible to hold the store and flag locks when calling child + * provider callbacks. No other locks may be held during such callbacks. */ static OSSL_PROVIDER *provider_new(const char *name, @@ -230,7 +230,7 @@ static void provider_deactivate_free(OSSL_PROVIDER *prov) { if (prov->flag_activated) - ossl_provider_deactivate(prov); + ossl_provider_deactivate(prov, 1); ossl_provider_free(prov); } @@ -424,7 +424,11 @@ #endif tmpl.name = (char *)name; - if (!CRYPTO_THREAD_read_lock(store->lock)) + /* + * A "find" operation can sort the stack, and therefore a write lock is + * required. + */ + if (!CRYPTO_THREAD_write_lock(store->lock)) return NULL; if ((i = sk_OSSL_PROVIDER_find(store->providers, &tmpl)) != -1) prov = sk_OSSL_PROVIDER_value(store->providers, i); @@ -499,13 +503,18 @@ static int provider_free_intern(OSSL_PROVIDER *prov, int deactivate) { if (deactivate) - return ossl_provider_deactivate(prov); + return ossl_provider_deactivate(prov, 1); ossl_provider_free(prov); return 1; } #endif +/* + * We assume that the requested provider does not already exist in the store. + * The caller should check. If it does exist then adding it to the store later + * will fail. + */ OSSL_PROVIDER *ossl_provider_new(OSSL_LIB_CTX *libctx, const char *name, OSSL_provider_init_fn *init_function, int noconfig) @@ -517,14 +526,6 @@ if ((store = get_provider_store(libctx)) == NULL) return NULL; - if ((prov = ossl_provider_find(libctx, name, - noconfig)) != NULL) { /* refcount +1 */ - ossl_provider_free(prov); /* refcount -1 */ - ERR_raise_data(ERR_LIB_CRYPTO, CRYPTO_R_PROVIDER_ALREADY_EXISTS, - "name=%s", name); - return NULL; - } - memset(&template, 0, sizeof(template)); if (init_function == NULL) { const OSSL_PROVIDER_INFO *p; @@ -645,8 +646,11 @@ * name and raced to put them in the store. This thread lost. We * deactivate the one we just created and use the one that already * exists instead. + * If we get here then we know we did not create provider children + * above, so we inform ossl_provider_deactivate not to attempt to remove + * any. */ - ossl_provider_deactivate(prov); + ossl_provider_deactivate(prov, 0); ossl_provider_free(prov); } @@ -1003,27 +1007,35 @@ } /* - * Deactivate a provider. + * Deactivate a provider. If upcalls is 0 then we suppress any upcalls to a + * parent provider. If removechildren is 0 then we suppress any calls to remove + * child providers. * Return -1 on failure and the activation count on success */ -static int provider_deactivate(OSSL_PROVIDER *prov, int upcalls) +static int provider_deactivate(OSSL_PROVIDER *prov, int upcalls, + int removechildren) { int count; struct provider_store_st *store; #ifndef FIPS_MODULE - int freeparent = 0, removechildren = 0; + int freeparent = 0; #endif + int lock = 1; if (!ossl_assert(prov != NULL)) return -1; + /* + * No need to lock if we've got no store because we've not been shared with + * other threads. + */ store = get_provider_store(prov->libctx); if (store == NULL) - return -1; + lock = 0; - if (!CRYPTO_THREAD_read_lock(store->lock)) + if (lock && !CRYPTO_THREAD_read_lock(store->lock)) return -1; - if (!CRYPTO_THREAD_write_lock(prov->flag_lock)) { + if (lock && !CRYPTO_THREAD_write_lock(prov->flag_lock)) { CRYPTO_THREAD_unlock(store->lock); return -1; } @@ -1040,17 +1052,15 @@ } #endif - if ((count = --prov->activatecnt) < 1) { + if ((count = --prov->activatecnt) < 1) prov->flag_activated = 0; #ifndef FIPS_MODULE - removechildren = 1; + else + removechildren = 0; #endif - } - - CRYPTO_THREAD_unlock(prov->flag_lock); #ifndef FIPS_MODULE - if (removechildren) { + if (removechildren && store != NULL) { int i, max = sk_OSSL_PROVIDER_CHILD_CB_num(store->child_cbs); OSSL_PROVIDER_CHILD_CB *child_cb; @@ -1060,7 +1070,10 @@ } } #endif - CRYPTO_THREAD_unlock(store->lock); + if (lock) { + CRYPTO_THREAD_unlock(prov->flag_lock); + CRYPTO_THREAD_unlock(store->lock); + } #ifndef FIPS_MODULE if (freeparent) ossl_provider_free_parent(prov, 1); @@ -1078,7 +1091,7 @@ { int count = -1; struct provider_store_st *store; - int ret = 1, createchildren = 0; + int ret = 1; store = prov->store; /* @@ -1116,15 +1129,13 @@ count = ++prov->activatecnt; prov->flag_activated = 1; - if (prov->activatecnt == 1 && store != NULL) - createchildren = 1; - - if (lock) - CRYPTO_THREAD_unlock(prov->flag_lock); - if (createchildren) + if (prov->activatecnt == 1 && store != NULL) { ret = create_provider_children(prov); - if (lock) + } + if (lock) { + CRYPTO_THREAD_unlock(prov->flag_lock); CRYPTO_THREAD_unlock(store->lock); + } if (!ret) return -1; @@ -1170,11 +1181,12 @@ return 0; } -int ossl_provider_deactivate(OSSL_PROVIDER *prov) +int ossl_provider_deactivate(OSSL_PROVIDER *prov, int removechildren) { int count; - if (prov == NULL || (count = provider_deactivate(prov, 1)) < 0) + if (prov == NULL + || (count = provider_deactivate(prov, 1, removechildren)) < 0) return 0; return count == 0 ? provider_flush_store_cache(prov) : 1; } @@ -1356,7 +1368,7 @@ for (curr++; curr < max; curr++) { OSSL_PROVIDER *prov = sk_OSSL_PROVIDER_value(provs, curr); - provider_deactivate(prov, 0); + provider_deactivate(prov, 0, 1); /* * As above where we did the up-ref, we don't call ossl_provider_free * to avoid making upcalls. There should always be at least one ref diff -Nru openssl-3.0.0/crypto/rsa/rsa_backend.c openssl-3.0.1/crypto/rsa/rsa_backend.c --- openssl-3.0.0/crypto/rsa/rsa_backend.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/rsa/rsa_backend.c 2021-12-14 17:16:25.000000000 +0100 @@ -392,6 +392,8 @@ if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0 && (pnum = sk_RSA_PRIME_INFO_num(rsa->prime_infos)) > 0) { dupkey->prime_infos = sk_RSA_PRIME_INFO_new_reserve(NULL, pnum); + if (dupkey->prime_infos == NULL) + goto err; for (i = 0; i < pnum; i++) { const RSA_PRIME_INFO *pinfo = NULL; RSA_PRIME_INFO *duppinfo = NULL; diff -Nru openssl-3.0.0/crypto/rsa/rsa_lib.c openssl-3.0.1/crypto/rsa/rsa_lib.c --- openssl-3.0.0/crypto/rsa/rsa_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/rsa/rsa_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -1244,8 +1244,11 @@ * When we're dealing with a provider, there's no need to duplicate * pubexp, as it gets copied when transforming to an OSSL_PARAM anyway. */ - if (evp_pkey_ctx_is_legacy(ctx)) + if (evp_pkey_ctx_is_legacy(ctx)) { pubexp = BN_dup(pubexp); + if (pubexp == NULL) + return 0; + } ret = EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp); if (evp_pkey_ctx_is_legacy(ctx) && ret <= 0) diff -Nru openssl-3.0.0/crypto/sm2/sm2_sign.c openssl-3.0.1/crypto/sm2/sm2_sign.c --- openssl-3.0.0/crypto/sm2/sm2_sign.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/sm2/sm2_sign.c 2021-12-14 17:16:25.000000000 +0100 @@ -239,6 +239,15 @@ goto done; } + /* + * A3: Generate a random number k in [1,n-1] using random number generators; + * A4: Compute (x1,y1)=[k]G, and convert the type of data x1 to be integer + * as specified in clause 4.2.8 of GM/T 0003.1-2012; + * A5: Compute r=(e+x1) mod n. If r=0 or r+k=n, then go to A3; + * A6: Compute s=(1/(1+dA)*(k-r*dA)) mod n. If s=0, then go to A3; + * A7: Convert the type of data (r,s) to be bit strings according to the details + * in clause 4.2.2 of GM/T 0003.1-2012. Then the signature of message M is (r,s). + */ for (;;) { if (!BN_priv_rand_range_ex(k, order, 0, ctx)) { ERR_raise(ERR_LIB_SM2, ERR_R_INTERNAL_ERROR); @@ -274,6 +283,10 @@ goto done; } + /* try again if s == 0 */ + if (BN_is_zero(s)) + continue; + sig = ECDSA_SIG_new(); if (sig == NULL) { ERR_raise(ERR_LIB_SM2, ERR_R_MALLOC_FAILURE); diff -Nru openssl-3.0.0/crypto/store/store_meth.c openssl-3.0.1/crypto/store/store_meth.c --- openssl-3.0.0/crypto/store/store_meth.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/store/store_meth.c 2021-12-14 17:16:25.000000000 +0100 @@ -128,7 +128,8 @@ } /* Get loader methods from a store, or put one in */ -static void *get_loader_from_store(void *store, void *data) +static void *get_loader_from_store(void *store, const OSSL_PROVIDER **prov, + void *data) { struct loader_data_st *methdata = data; void *method = NULL; @@ -144,7 +145,7 @@ && (store = get_loader_store(methdata->libctx)) == NULL) return NULL; - if (!ossl_method_store_fetch(store, id, methdata->propquery, &method)) + if (!ossl_method_store_fetch(store, id, methdata->propquery, prov, &method)) return NULL; return method; } @@ -308,7 +309,7 @@ unsupported = 1; if (id == 0 - || !ossl_method_store_cache_get(store, id, properties, &method)) { + || !ossl_method_store_cache_get(store, NULL, id, properties, &method)) { OSSL_METHOD_CONSTRUCT_METHOD mcm = { get_tmp_loader_store, get_loader_from_store, @@ -322,7 +323,7 @@ methdata->propquery = properties; methdata->flag_construct_error_occurred = 0; if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_STORE, - 0 /* !force_cache */, + NULL, 0 /* !force_cache */, &mcm, methdata)) != NULL) { /* * If construction did create a method for us, we know that there @@ -331,7 +332,7 @@ */ if (id == 0) id = ossl_namemap_name2num(namemap, scheme); - ossl_method_store_cache_set(store, id, properties, method, + ossl_method_store_cache_set(store, NULL, id, properties, method, up_ref_loader, free_loader); } diff -Nru openssl-3.0.0/crypto/threads_win.c openssl-3.0.1/crypto/threads_win.c --- openssl-3.0.0/crypto/threads_win.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/threads_win.c 2021-12-14 17:16:25.000000000 +0100 @@ -10,7 +10,6 @@ #if defined(_WIN32) # include # if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x600 -# include # define USE_RWLOCK # endif #endif diff -Nru openssl-3.0.0/crypto/x509/v3_akid.c openssl-3.0.1/crypto/x509/v3_akid.c --- openssl-3.0.0/crypto/x509/v3_akid.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/x509/v3_akid.c 2021-12-14 17:16:25.000000000 +0100 @@ -107,6 +107,7 @@ ASN1_INTEGER *serial = NULL; X509_EXTENSION *ext; X509 *issuer_cert; + int same_issuer, ss; AUTHORITY_KEYID *akeyid = AUTHORITY_KEYID_new(); if (akeyid == NULL) @@ -144,14 +145,26 @@ ERR_raise(ERR_LIB_X509V3, X509V3_R_NO_ISSUER_CERTIFICATE); goto err; } - - if (keyid != 0) { - /* prefer any pre-existing subject key identifier of the issuer cert */ + same_issuer = ctx->subject_cert == ctx->issuer_cert; + ERR_set_mark(); + if (ctx->issuer_pkey != NULL) + ss = X509_check_private_key(ctx->subject_cert, ctx->issuer_pkey); + else + ss = same_issuer; + ERR_pop_to_mark(); + + /* unless forced with "always", AKID is suppressed for self-signed certs */ + if (keyid == 2 || (keyid == 1 && !ss)) { + /* + * prefer any pre-existing subject key identifier of the issuer cert + * except issuer cert is same as subject cert and is not self-signed + */ i = X509_get_ext_by_NID(issuer_cert, NID_subject_key_identifier, -1); - if (i >= 0 && (ext = X509_get_ext(issuer_cert, i)) != NULL) + if (i >= 0 && (ext = X509_get_ext(issuer_cert, i)) != NULL + && !(same_issuer && !ss)) ikeyid = X509V3_EXT_d2i(ext); - if (ikeyid == NULL && ctx->issuer_pkey != NULL) { /* fallback */ - /* generate AKID from scratch, emulating s2i_skey_id(..., "hash") */ + if (ikeyid == NULL && same_issuer && ctx->issuer_pkey != NULL) { + /* generate fallback AKID, emulating s2i_skey_id(..., "hash") */ X509_PUBKEY *pubkey = NULL; if (X509_PUBKEY_set(&pubkey, ctx->issuer_pkey)) diff -Nru openssl-3.0.0/crypto/x509/v3_ncons.c openssl-3.0.1/crypto/x509/v3_ncons.c --- openssl-3.0.0/crypto/x509/v3_ncons.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/x509/v3_ncons.c 2021-12-14 17:16:25.000000000 +0100 @@ -714,6 +714,9 @@ if (baseat != baseptr) { if ((baseat - baseptr) != (emlat - emlptr)) return X509_V_ERR_PERMITTED_VIOLATION; + if (memchr(baseptr, 0, baseat - baseptr) || + memchr(emlptr, 0, emlat - emlptr)) + return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; /* Case sensitive match of local part */ if (strncmp(baseptr, emlptr, emlat - emlptr)) return X509_V_ERR_PERMITTED_VIOLATION; diff -Nru openssl-3.0.0/crypto/x509/v3_san.c openssl-3.0.1/crypto/x509/v3_san.c --- openssl-3.0.0/crypto/x509/v3_san.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/x509/v3_san.c 2021-12-14 17:16:25.000000000 +0100 @@ -393,11 +393,11 @@ for (i = 0; i < num; i++) { cnf = sk_CONF_VALUE_value(nval, i); - if (!ossl_v3_name_cmp(cnf->name, "email") + if (ossl_v3_name_cmp(cnf->name, "email") == 0 && cnf->value && strcmp(cnf->value, "copy") == 0) { if (!copy_email(ctx, gens, 0)) goto err; - } else if (!ossl_v3_name_cmp(cnf->name, "email") + } else if (ossl_v3_name_cmp(cnf->name, "email") == 0 && cnf->value && strcmp(cnf->value, "move") == 0) { if (!copy_email(ctx, gens, 1)) goto err; @@ -434,10 +434,9 @@ return 0; } /* Find the subject name */ - if (ctx->subject_cert) - nm = X509_get_subject_name(ctx->subject_cert); - else - nm = X509_REQ_get_subject_name(ctx->subject_req); + nm = ctx->subject_cert != NULL ? + X509_get_subject_name(ctx->subject_cert) : + X509_REQ_get_subject_name(ctx->subject_req); /* Now add any email address(es) to STACK */ while ((i = X509_NAME_get_index_by_NID(nm, diff -Nru openssl-3.0.0/crypto/x509/v3_skid.c openssl-3.0.1/crypto/x509/v3_skid.c --- openssl-3.0.0/crypto/x509/v3_skid.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/x509/v3_skid.c 2021-12-14 17:16:25.000000000 +0100 @@ -105,7 +105,7 @@ return NULL; } - return ossl_x509_pubkey_hash(ctx->subject_req != NULL ? - ctx->subject_req->req_info.pubkey : - ctx->subject_cert->cert_info.key); + return ossl_x509_pubkey_hash(ctx->subject_cert != NULL ? + ctx->subject_cert->cert_info.key : + ctx->subject_req->req_info.pubkey); } diff -Nru openssl-3.0.0/crypto/x509/x509_cmp.c openssl-3.0.1/crypto/x509/x509_cmp.c --- openssl-3.0.0/crypto/x509/x509_cmp.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/x509/x509_cmp.c 2021-12-14 17:16:25.000000000 +0100 @@ -208,8 +208,12 @@ return 1; } } - if ((flags & X509_ADD_FLAG_NO_SS) != 0 && X509_self_signed(cert, 0)) - return 1; + if ((flags & X509_ADD_FLAG_NO_SS) != 0) { + int ret = X509_self_signed(cert, 0); + + if (ret != 0) + return ret > 0 ? 1 : 0; + } if (!sk_X509_insert(sk, cert, (flags & X509_ADD_FLAG_PREPEND) != 0 ? 0 : -1)) { ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); diff -Nru openssl-3.0.0/crypto/x509/x509_vfy.c openssl-3.0.1/crypto/x509/x509_vfy.c --- openssl-3.0.0/crypto/x509/x509_vfy.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/x509/x509_vfy.c 2021-12-14 17:16:25.000000000 +0100 @@ -630,7 +630,7 @@ GENERAL_NAMES *gs = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL); if (gs == NULL) - return -1; + return 0; for (i = 0; i < sk_GENERAL_NAME_num(gs); i++) { GENERAL_NAME *g = sk_GENERAL_NAME_value(gs, i); @@ -3023,23 +3023,27 @@ may_trusted = 1; } - /* - * Shallow-copy the stack of untrusted certificates (with TLS, this is - * typically the content of the peer's certificate message) so can make - * multiple passes over it, while free to remove elements as we go. - */ - if ((sk_untrusted = sk_X509_dup(ctx->untrusted)) == NULL) + /* Initialize empty untrusted stack. */ + if ((sk_untrusted = sk_X509_new_null()) == NULL) goto memerr; /* - * If we got any "DANE-TA(2) Cert(0) Full(0)" trust anchors from DNS, add - * them to our working copy of the untrusted certificate stack. + * If we got any "Cert(0) Full(0)" trust anchors from DNS, *prepend* them + * to our working copy of the untrusted certificate stack. */ if (DANETLS_ENABLED(dane) && dane->certs != NULL && !X509_add_certs(sk_untrusted, dane->certs, X509_ADD_FLAG_DEFAULT)) goto memerr; /* + * Shallow-copy the stack of untrusted certificates (with TLS, this is + * typically the content of the peer's certificate message) so we can make + * multiple passes over it, while free to remove elements as we go. + */ + if (!X509_add_certs(sk_untrusted, ctx->untrusted, X509_ADD_FLAG_DEFAULT)) + goto memerr; + + /* * Still absurdly large, but arithmetically safe, a lower hard upper bound * might be reasonable. */ @@ -3227,7 +3231,7 @@ if (!ossl_assert(num == ctx->num_untrusted)) goto int_err; curr = sk_X509_value(ctx->chain, num - 1); - issuer = (X509_self_signed(curr, 0) || num > max_depth) ? + issuer = (X509_self_signed(curr, 0) > 0 || num > max_depth) ? NULL : find_issuer(ctx, sk_untrusted, curr); if (issuer == NULL) { /* @@ -3298,7 +3302,7 @@ CB_FAIL_IF(DANETLS_ENABLED(dane) && (!DANETLS_HAS_PKIX(dane) || dane->pdpth >= 0), ctx, NULL, num - 1, X509_V_ERR_DANE_NO_MATCH); - if (X509_self_signed(sk_X509_value(ctx->chain, num - 1), 0)) + if (X509_self_signed(sk_X509_value(ctx->chain, num - 1), 0) > 0) return verify_cb_cert(ctx, NULL, num - 1, num == 1 ? X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT diff -Nru openssl-3.0.0/crypto/x509/x_name.c openssl-3.0.1/crypto/x509/x_name.c --- openssl-3.0.0/crypto/x509/x_name.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/x509/x_name.c 2021-12-14 17:16:25.000000000 +0100 @@ -219,8 +219,8 @@ if (ret < 0) return ret; ret = x509_name_canon(a); - if (ret < 0) - return ret; + if (!ret) + return -1; } ret = a->bytes->length; if (out != NULL) { diff -Nru openssl-3.0.0/crypto/x509/x_pubkey.c openssl-3.0.1/crypto/x509/x_pubkey.c --- openssl-3.0.0/crypto/x509/x_pubkey.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/x509/x_pubkey.c 2021-12-14 17:16:25.000000000 +0100 @@ -289,14 +289,28 @@ || (pubkey->algor = X509_ALGOR_dup(a->algor)) == NULL || (pubkey->public_key = ASN1_BIT_STRING_new()) == NULL || !ASN1_BIT_STRING_set(pubkey->public_key, - a->public_key->data, a->public_key->length) - || (a->pkey != NULL && !EVP_PKEY_up_ref(a->pkey))) { + a->public_key->data, + a->public_key->length)) { x509_pubkey_ex_free((ASN1_VALUE **)&pubkey, ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL)); ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); return NULL; } - pubkey->pkey = a->pkey; + + if (a->pkey != NULL) { + ERR_set_mark(); + pubkey->pkey = EVP_PKEY_dup(a->pkey); + if (pubkey->pkey == NULL) { + pubkey->flag_force_legacy = 1; + if (x509_pubkey_decode(&pubkey->pkey, pubkey) <= 0) { + x509_pubkey_ex_free((ASN1_VALUE **)&pubkey, + ASN1_ITEM_rptr(X509_PUBKEY_INTERNAL)); + ERR_clear_last_mark(); + return NULL; + } + } + ERR_pop_to_mark(); + } return pubkey; } diff -Nru openssl-3.0.0/crypto/x509/x_x509.c openssl-3.0.1/crypto/x509/x_x509.c --- openssl-3.0.0/crypto/x509/x_x509.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/crypto/x509/x_x509.c 2021-12-14 17:16:25.000000000 +0100 @@ -104,23 +104,6 @@ if (!ossl_x509_set0_libctx(ret, old->libctx, old->propq)) return 0; - if (old->cert_info.key != NULL) { - EVP_PKEY *pkey = X509_PUBKEY_get0(old->cert_info.key); - - if (pkey != NULL) { - pkey = EVP_PKEY_dup(pkey); - if (pkey == NULL) { - ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!X509_PUBKEY_set(&ret->cert_info.key, pkey)) { - EVP_PKEY_free(pkey); - ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR); - return 0; - } - EVP_PKEY_free(pkey); - } - } } break; case ASN1_OP_GET0_LIBCTX: @@ -130,6 +113,7 @@ *libctx = ret->libctx; } break; + case ASN1_OP_GET0_PROPQ: { const char **propq = exarg; @@ -137,6 +121,7 @@ *propq = ret->propq; } break; + default: break; } diff -Nru openssl-3.0.0/debian/changelog openssl-3.0.1/debian/changelog --- openssl-3.0.0/debian/changelog 2021-12-07 17:15:51.000000000 +0100 +++ openssl-3.0.1/debian/changelog 2021-12-16 09:10:48.000000000 +0100 @@ -1,3 +1,15 @@ +openssl (3.0.1-0ubuntu1) jammy; urgency=medium + + * New upstream release (LP: #1955026). + + Dropped patches, merged upstream: + - d/p/double-engine-load* + - d/p/Add-null-digest-implementation-to-the-default-provid.patch + - d/p/Don-t-create-an-ECX-key-with-short-keys.patch + + Refreshed patches: + - d/p/c_rehash-compat.patch + + -- Simon Chopin Thu, 16 Dec 2021 09:10:48 +0100 + openssl (3.0.0-1ubuntu2) jammy; urgency=medium * Cherry-pick upstream fixes to prevent double engine loading (LP: #1951943) diff -Nru openssl-3.0.0/debian/patches/Add-null-digest-implementation-to-the-default-provid.patch openssl-3.0.1/debian/patches/Add-null-digest-implementation-to-the-default-provid.patch --- openssl-3.0.0/debian/patches/Add-null-digest-implementation-to-the-default-provid.patch 2021-12-07 17:15:51.000000000 +0100 +++ openssl-3.0.1/debian/patches/Add-null-digest-implementation-to-the-default-provid.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,217 +0,0 @@ -From cf9a84a12dc4f3b314347e44f5c51b473a504926 Mon Sep 17 00:00:00 2001 -From: Tomas Mraz -Date: Fri, 12 Nov 2021 16:31:35 +0100 -Subject: [PATCH] Add null digest implementation to the default provider - -This is necessary to keep compatibility with 1.1.1. - -Fixes #16660 - -Reviewed-by: Matt Caswell -(Merged from https://github.com/openssl/openssl/pull/17016) - -(cherry picked from commit bef9b48e5071cdd2b41a4f486d1bcb5e14b2a5c3) ---- - crypto/evp/digest.c | 5 +- - providers/defltprov.c | 1 + - providers/implementations/digests/build.info | 3 ++ - providers/implementations/digests/null_prov.c | 52 +++++++++++++++++++ - .../include/prov/digestcommon.h | 23 ++++---- - .../include/prov/implementations.h | 1 + - test/evp_extra_test.c | 30 +++++++++++ - 7 files changed, 104 insertions(+), 11 deletions(-) - create mode 100644 providers/implementations/digests/null_prov.c - ---- a/crypto/evp/digest.c -+++ b/crypto/evp/digest.c -@@ -228,7 +228,10 @@ - ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); - return 0; - #else -- EVP_MD *provmd = EVP_MD_fetch(NULL, OBJ_nid2sn(type->type), ""); -+ /* The NULL digest is a special case */ -+ EVP_MD *provmd = EVP_MD_fetch(NULL, -+ type->type != NID_undef ? OBJ_nid2sn(type->type) -+ : "NULL", ""); - - if (provmd == NULL) { - ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); ---- a/providers/defltprov.c -+++ b/providers/defltprov.c -@@ -148,6 +148,7 @@ - { PROV_NAMES_MD5_SHA1, "provider=default", ossl_md5_sha1_functions }, - #endif /* OPENSSL_NO_MD5 */ - -+ { PROV_NAMES_NULL, "provider=default", ossl_nullmd_functions }, - { NULL, NULL, NULL } - }; - ---- a/providers/implementations/digests/build.info -+++ b/providers/implementations/digests/build.info -@@ -9,6 +9,7 @@ - $BLAKE2_GOAL=../../libdefault.a - $SM3_GOAL=../../libdefault.a - $MD5_GOAL=../../libdefault.a -+$NULL_GOAL=../../libdefault.a - - $MD2_GOAL=../../liblegacy.a - $MD4_GOAL=../../liblegacy.a -@@ -22,6 +23,8 @@ - SOURCE[$SHA2_GOAL]=sha2_prov.c - SOURCE[$SHA3_GOAL]=sha3_prov.c - -+SOURCE[$NULL_GOAL]=null_prov.c -+ - IF[{- !$disabled{blake2} -}] - SOURCE[$BLAKE2_GOAL]=blake2_prov.c blake2b_prov.c blake2s_prov.c - ENDIF ---- /dev/null -+++ b/providers/implementations/digests/null_prov.c -@@ -0,0 +1,52 @@ -+/* -+ * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the Apache License 2.0 (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include -+#include "prov/digestcommon.h" -+#include "prov/implementations.h" -+ -+typedef struct { -+ unsigned char nothing; -+} NULLMD_CTX; -+ -+static int null_init(NULLMD_CTX *ctx) -+{ -+ return 1; -+} -+ -+static int null_update(NULLMD_CTX *ctx, const void *data, size_t datalen) -+{ -+ return 1; -+} -+ -+static int null_final(unsigned char *md, NULLMD_CTX *ctx) -+{ -+ return 1; -+} -+ -+/* -+ * We must override the PROV_FUNC_DIGEST_FINAL as dgstsize == 0 -+ * and that would cause compilation warnings with the default implementation. -+ */ -+#undef PROV_FUNC_DIGEST_FINAL -+#define PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \ -+static OSSL_FUNC_digest_final_fn name##_internal_final; \ -+static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \ -+ size_t outsz) \ -+{ \ -+ if (ossl_prov_is_running() && fin(out, ctx)) { \ -+ *outl = dgstsize; \ -+ return 1; \ -+ } \ -+ return 0; \ -+} -+ -+IMPLEMENT_digest_functions(nullmd, NULLMD_CTX, -+ 0, 0, 0, -+ null_init, null_update, null_final) ---- a/providers/implementations/include/prov/digestcommon.h -+++ b/providers/implementations/include/prov/digestcommon.h -@@ -35,6 +35,18 @@ - { OSSL_FUNC_DIGEST_GETTABLE_PARAMS, \ - (void (*)(void))ossl_digest_default_gettable_params } - -+# define PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \ -+static OSSL_FUNC_digest_final_fn name##_internal_final; \ -+static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \ -+ size_t outsz) \ -+{ \ -+ if (ossl_prov_is_running() && outsz >= dgstsize && fin(out, ctx)) { \ -+ *outl = dgstsize; \ -+ return 1; \ -+ } \ -+ return 0; \ -+} -+ - # define PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_START( \ - name, CTX, blksize, dgstsize, flags, upd, fin) \ - static OSSL_FUNC_digest_newctx_fn name##_newctx; \ -@@ -58,16 +70,7 @@ - *ret = *in; \ - return ret; \ - } \ --static OSSL_FUNC_digest_final_fn name##_internal_final; \ --static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \ -- size_t outsz) \ --{ \ -- if (ossl_prov_is_running() && outsz >= dgstsize && fin(out, ctx)) { \ -- *outl = dgstsize; \ -- return 1; \ -- } \ -- return 0; \ --} \ -+PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \ - PROV_FUNC_DIGEST_GET_PARAM(name, blksize, dgstsize, flags) \ - const OSSL_DISPATCH ossl_##name##_functions[] = { \ - { OSSL_FUNC_DIGEST_NEWCTX, (void (*)(void))name##_newctx }, \ ---- a/providers/implementations/include/prov/implementations.h -+++ b/providers/implementations/include/prov/implementations.h -@@ -36,6 +36,7 @@ - extern const OSSL_DISPATCH ossl_mdc2_functions[]; - extern const OSSL_DISPATCH ossl_wp_functions[]; - extern const OSSL_DISPATCH ossl_ripemd160_functions[]; -+extern const OSSL_DISPATCH ossl_nullmd_functions[]; - - /* Ciphers */ - extern const OSSL_DISPATCH ossl_null_functions[]; ---- a/test/evp_extra_test.c -+++ b/test/evp_extra_test.c -@@ -1252,6 +1252,35 @@ - return ret; - } - -+static int test_EVP_md_null(void) -+{ -+ int ret = 0; -+ EVP_MD_CTX *md_ctx = NULL; -+ const EVP_MD *md_null = EVP_md_null(); -+ unsigned char md_value[EVP_MAX_MD_SIZE]; -+ unsigned int md_len = sizeof(md_value); -+ -+ if (nullprov != NULL) -+ return TEST_skip("Test does not support a non-default library context"); -+ -+ if (!TEST_ptr(md_null) -+ || !TEST_ptr(md_ctx = EVP_MD_CTX_new())) -+ goto out; -+ -+ if (!TEST_true(EVP_DigestInit_ex(md_ctx, md_null, NULL)) -+ || !TEST_true(EVP_DigestUpdate(md_ctx, "test", 4)) -+ || !TEST_true(EVP_DigestFinal_ex(md_ctx, md_value, &md_len))) -+ goto out; -+ -+ if (!TEST_uint_eq(md_len, 0)) -+ goto out; -+ -+ ret = 1; -+ out: -+ EVP_MD_CTX_free(md_ctx); -+ return ret; -+} -+ - static int test_d2i_AutoPrivateKey(int i) - { - int ret = 0; -@@ -3900,6 +3929,7 @@ - ADD_ALL_TESTS(test_EVP_DigestSignInit, 9); - ADD_TEST(test_EVP_DigestVerifyInit); - ADD_TEST(test_EVP_Digest); -+ ADD_TEST(test_EVP_md_null); - ADD_ALL_TESTS(test_EVP_Enveloped, 2); - ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata)); - ADD_TEST(test_privatekey_to_pkcs8); diff -Nru openssl-3.0.0/debian/patches/c_rehash-compat.patch openssl-3.0.1/debian/patches/c_rehash-compat.patch --- openssl-3.0.0/debian/patches/c_rehash-compat.patch 2021-12-07 17:15:51.000000000 +0100 +++ openssl-3.0.1/debian/patches/c_rehash-compat.patch 2021-12-16 09:10:48.000000000 +0100 @@ -22,49 +22,49 @@ my $flag = shift @ARGV; last if ( $flag eq '--'); - if ( $flag eq '-old') { -- $x509hash = "-subject_hash_old"; -- $crlhash = "-hash_old"; +- $x509hash = "-subject_hash_old"; +- $crlhash = "-hash_old"; - } elsif ( $flag eq '-h' || $flag eq '-help' ) { + if ( $flag eq '-h' || $flag eq '-help' ) { - help(); + help(); } elsif ( $flag eq '-n' ) { - $removelinks = 0; + $removelinks = 0; @@ -128,7 +123,9 @@ - next; - } - link_hash_cert($fname) if ($cert); -+ link_hash_cert_old($fname) if ($cert); - link_hash_crl($fname) if ($crl); -+ link_hash_crl_old($fname) if ($crl); - } + next; + } + link_hash_cert($fname) if ($cert); ++ link_hash_cert_old($fname) if ($cert); + link_hash_crl($fname) if ($crl); ++ link_hash_crl_old($fname) if ($crl); + } } @@ -161,6 +158,7 @@ sub link_hash_cert { - my $fname = $_[0]; -+ my $x509hash = $_[1] || '-subject_hash'; - $fname =~ s/\"/\\\"/g; - my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`; - chomp $hash; + my $fname = $_[0]; ++ my $x509hash = $_[1] || '-subject_hash'; + $fname =~ s/\"/\\\"/g; + my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`; + chomp $hash; @@ -198,10 +196,20 @@ - $hashlist{$hash} = $fprint; + $hashlist{$hash} = $fprint; } +sub link_hash_cert_old { -+ link_hash_cert($_[0], '-subject_hash_old'); ++ link_hash_cert($_[0], '-subject_hash_old'); +} + +sub link_hash_crl_old { -+ link_hash_crl($_[0], '-hash_old'); ++ link_hash_crl($_[0], '-hash_old'); +} + + # Same as above except for a CRL. CRL links are of the form .r sub link_hash_crl { - my $fname = $_[0]; -+ my $crlhash = $_[1] || "-hash"; - $fname =~ s/'/'\\''/g; - my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`; - chomp $hash; + my $fname = $_[0]; ++ my $crlhash = $_[1] || "-hash"; + $fname =~ s/'/'\\''/g; + my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`; + chomp $hash; diff -Nru openssl-3.0.0/debian/patches/Don-t-create-an-ECX-key-with-short-keys.patch openssl-3.0.1/debian/patches/Don-t-create-an-ECX-key-with-short-keys.patch --- openssl-3.0.0/debian/patches/Don-t-create-an-ECX-key-with-short-keys.patch 2021-12-07 17:15:51.000000000 +0100 +++ openssl-3.0.1/debian/patches/Don-t-create-an-ECX-key-with-short-keys.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,65 +0,0 @@ -From 8c97fcbdf7c7b274a855e54466c38c8522f23a22 Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Mon, 15 Nov 2021 12:14:03 +0000 -Subject: [PATCH 1/2] Don't create an ECX key with short keys -Origin: https://github.com/openssl/openssl/pull/17041 -Bug: https://github.com/openssl/openssl/issues/17017 - -If an ECX key is created and the private key is too short, a fromdata -call would create the key, and then later detect the error and report it -after freeing the key. However freeing the key was calling -OPENSSL_secure_clear_free() and assuming that the private key was of the -correct length. If it was actually too short this will write over memory -that it shouldn't. - -Fixes #17017 ---- - crypto/ec/ecx_backend.c | 25 ++++++++++++++++++------- - 1 file changed, 18 insertions(+), 7 deletions(-) - -diff --git a/crypto/ec/ecx_backend.c b/crypto/ec/ecx_backend.c -index a0144d5a86..2ab7611be9 100644 ---- a/crypto/ec/ecx_backend.c -+++ b/crypto/ec/ecx_backend.c -@@ -70,11 +70,23 @@ int ossl_ecx_key_fromdata(ECX_KEY *ecx, const OSSL_PARAM params[], - if (param_pub_key == NULL && param_priv_key == NULL) - return 0; - -- if (param_priv_key != NULL -- && !OSSL_PARAM_get_octet_string(param_priv_key, -- (void **)&ecx->privkey, ecx->keylen, -- &privkeylen)) -- return 0; -+ if (param_priv_key != NULL) { -+ if (!OSSL_PARAM_get_octet_string(param_priv_key, -+ (void **)&ecx->privkey, ecx->keylen, -+ &privkeylen)) -+ return 0; -+ if (privkeylen != ecx->keylen) { -+ /* -+ * Invalid key length. We will clear what we've received now. We -+ * can't leave it to ossl_ecx_key_free() because that will call -+ * OPENSSL_secure_clear_free() and assume the correct key length -+ */ -+ OPENSSL_secure_clear_free(ecx->privkey, privkeylen); -+ ecx->privkey = NULL; -+ return 0; -+ } -+ } -+ - - pubkey = ecx->pubkey; - if (param_pub_key != NULL -@@ -83,8 +95,7 @@ int ossl_ecx_key_fromdata(ECX_KEY *ecx, const OSSL_PARAM params[], - sizeof(ecx->pubkey), &pubkeylen)) - return 0; - -- if ((param_pub_key != NULL && pubkeylen != ecx->keylen) -- || (param_priv_key != NULL && privkeylen != ecx->keylen)) -+ if ((param_pub_key != NULL && pubkeylen != ecx->keylen)) - return 0; - - if (param_pub_key == NULL && !ossl_ecx_public_from_private(ecx)) --- -2.32.0 - diff -Nru openssl-3.0.0/debian/patches/double-engine-load.patch openssl-3.0.1/debian/patches/double-engine-load.patch --- openssl-3.0.0/debian/patches/double-engine-load.patch 2021-12-07 17:15:51.000000000 +0100 +++ openssl-3.0.1/debian/patches/double-engine-load.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,201 +0,0 @@ -From 81c11349c2a0e945aa3dfc6bd81c957363dd2011 Mon Sep 17 00:00:00 2001 -From: Bernd Edlinger -Date: Fri, 19 Nov 2021 11:33:34 +0100 -Subject: [PATCH] Avoid loading of a dynamic engine twice - -Use the address of the bind function as a DYNAMIC_ID, -since the true name of the engine is not known -before the bind function returns, -but invoking the bind function before the engine -is unloaded results in memory corruption. - -Fixes #17023 - -Reviewed-by: Tomas Mraz -Reviewed-by: Dmitry Belyavskiy -(Merged from https://github.com/openssl/openssl/pull/17073) - -(cherry picked from commit e2571e02d2b0cd83ed1c79d384fe941f27e603c0) - -Bug-Ubuntu: https://bugs.launchpad.net/bugs/1951943 ---- - crypto/engine/eng_dyn.c | 4 +- - crypto/engine/eng_lib.c | 2 + - crypto/engine/eng_list.c | 87 +++++++++++++++++++++++++++++++++++++++ - crypto/engine/eng_local.h | 9 ++++ - 4 files changed, 101 insertions(+), 1 deletion(-) - -diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c -index f401063d377..c8a54f7d444 100644 ---- a/crypto/engine/eng_dyn.c -+++ b/crypto/engine/eng_dyn.c -@@ -484,7 +484,9 @@ static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx) - engine_set_all_null(e); - - /* Try to bind the ENGINE onto our own ENGINE structure */ -- if (!ctx->bind_engine(e, ctx->engine_id, &fns)) { -+ if (!engine_add_dynamic_id(e, (ENGINE_DYNAMIC_ID)ctx->bind_engine, 1) -+ || !ctx->bind_engine(e, ctx->engine_id, &fns)) { -+ engine_remove_dynamic_id(e, 1); - ctx->bind_engine = NULL; - ctx->v_check = NULL; - DSO_free(ctx->dynamic_dso); -diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c -index 44e997e77b3..05c6a67c1e1 100644 ---- a/crypto/engine/eng_lib.c -+++ b/crypto/engine/eng_lib.c -@@ -65,6 +65,7 @@ void engine_set_all_null(ENGINE *e) - e->load_pubkey = NULL; - e->cmd_defns = NULL; - e->flags = 0; -+ e->dynamic_id = NULL; - } - - int engine_free_util(ENGINE *e, int not_locked) -@@ -90,6 +91,7 @@ int engine_free_util(ENGINE *e, int not_locked) - */ - if (e->destroy) - e->destroy(e); -+ engine_remove_dynamic_id(e, not_locked); - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data); - OPENSSL_free(e); - return 1; -diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c -index fec0ef7129c..04c73c76286 100644 ---- a/crypto/engine/eng_list.c -+++ b/crypto/engine/eng_list.c -@@ -27,6 +27,12 @@ - static ENGINE *engine_list_head = NULL; - static ENGINE *engine_list_tail = NULL; - -+/* -+ * The linked list of currently loaded dynamic engines. -+ */ -+static ENGINE *engine_dyn_list_head = NULL; -+static ENGINE *engine_dyn_list_tail = NULL; -+ - /* - * This cleanup function is only needed internally. If it should be called, - * we register it with the "engine_cleanup_int()" stack to be called during -@@ -128,6 +134,85 @@ static int engine_list_remove(ENGINE *e) - return 1; - } - -+/* Add engine to dynamic engine list. */ -+int engine_add_dynamic_id(ENGINE *e, ENGINE_DYNAMIC_ID dynamic_id, -+ int not_locked) -+{ -+ int result = 0; -+ ENGINE *iterator = NULL; -+ -+ if (e == NULL) -+ return 0; -+ -+ if (e->dynamic_id == NULL && dynamic_id == NULL) -+ return 0; -+ -+ if (not_locked && !CRYPTO_THREAD_write_lock(global_engine_lock)) -+ return 0; -+ -+ if (dynamic_id != NULL) { -+ iterator = engine_dyn_list_head; -+ while (iterator != NULL) { -+ if (iterator->dynamic_id == dynamic_id) -+ goto err; -+ iterator = iterator->next; -+ } -+ if (e->dynamic_id != NULL) -+ goto err; -+ e->dynamic_id = dynamic_id; -+ } -+ -+ if (engine_dyn_list_head == NULL) { -+ /* We are adding to an empty list. */ -+ if (engine_dyn_list_tail != NULL) -+ goto err; -+ engine_dyn_list_head = e; -+ e->prev_dyn = NULL; -+ } else { -+ /* We are adding to the tail of an existing list. */ -+ if (engine_dyn_list_tail == NULL -+ || engine_dyn_list_tail->next_dyn != NULL) -+ goto err; -+ engine_dyn_list_tail->next_dyn = e; -+ e->prev_dyn = engine_dyn_list_tail; -+ } -+ -+ engine_dyn_list_tail = e; -+ e->next_dyn = NULL; -+ result = 1; -+ -+ err: -+ if (not_locked) -+ CRYPTO_THREAD_unlock(global_engine_lock); -+ return result; -+} -+ -+/* Remove engine from dynamic engine list. */ -+void engine_remove_dynamic_id(ENGINE *e, int not_locked) -+{ -+ if (e == NULL || e->dynamic_id == NULL) -+ return; -+ -+ if (not_locked && !CRYPTO_THREAD_write_lock(global_engine_lock)) -+ return; -+ -+ e->dynamic_id = NULL; -+ -+ /* un-link e from the chain. */ -+ if (e->next_dyn != NULL) -+ e->next_dyn->prev_dyn = e->prev_dyn; -+ if (e->prev_dyn != NULL) -+ e->prev_dyn->next_dyn = e->next_dyn; -+ /* Correct our head/tail if necessary. */ -+ if (engine_dyn_list_head == e) -+ engine_dyn_list_head = e->next_dyn; -+ if (engine_dyn_list_tail == e) -+ engine_dyn_list_tail = e->prev_dyn; -+ -+ if (not_locked) -+ CRYPTO_THREAD_unlock(global_engine_lock); -+} -+ - /* Get the first/last "ENGINE" type available. */ - ENGINE *ENGINE_get_first(void) - { -@@ -278,6 +363,8 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src) - dest->load_pubkey = src->load_pubkey; - dest->cmd_defns = src->cmd_defns; - dest->flags = src->flags; -+ dest->dynamic_id = src->dynamic_id; -+ engine_add_dynamic_id(dest, NULL, 0); - } - - ENGINE *ENGINE_by_id(const char *id) -diff --git a/crypto/engine/eng_local.h b/crypto/engine/eng_local.h -index 455dc1fdb78..03a86299cf8 100644 ---- a/crypto/engine/eng_local.h -+++ b/crypto/engine/eng_local.h -@@ -99,6 +99,11 @@ void engine_pkey_asn1_meths_free(ENGINE *e); - extern CRYPTO_ONCE engine_lock_init; - DECLARE_RUN_ONCE(do_engine_lock_init) - -+typedef void (*ENGINE_DYNAMIC_ID)(void); -+int engine_add_dynamic_id(ENGINE *e, ENGINE_DYNAMIC_ID dynamic_id, -+ int not_locked); -+void engine_remove_dynamic_id(ENGINE *e, int not_locked); -+ - /* - * This is a structure for storing implementations of various crypto - * algorithms and functions. -@@ -143,6 +148,10 @@ struct engine_st { - /* Used to maintain the linked-list of engines. */ - struct engine_st *prev; - struct engine_st *next; -+ /* Used to maintain the linked-list of dynamic engines. */ -+ struct engine_st *prev_dyn; -+ struct engine_st *next_dyn; -+ ENGINE_DYNAMIC_ID dynamic_id; - }; - - typedef struct st_engine_pile ENGINE_PILE; diff -Nru openssl-3.0.0/debian/patches/double-engine-load-test.patch openssl-3.0.1/debian/patches/double-engine-load-test.patch --- openssl-3.0.0/debian/patches/double-engine-load-test.patch 2021-12-07 17:15:51.000000000 +0100 +++ openssl-3.0.1/debian/patches/double-engine-load-test.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,59 +0,0 @@ -From 38e2957249c90317a26a080c7e7eb186dd5b6598 Mon Sep 17 00:00:00 2001 -From: Bernd Edlinger -Date: Fri, 19 Nov 2021 16:38:55 +0100 -Subject: [PATCH] Add a test case for duplicate engine loading - -Reviewed-by: Tomas Mraz -Reviewed-by: Dmitry Belyavskiy -(Merged from https://github.com/openssl/openssl/pull/17073) - -(cherry picked from commit 2595eef82c2b67ea75cc3368529078b643a1ecb6) ---- - test/recipes/20-test_dgst.t | 23 +++++++++++++++++++++-- - 1 file changed, 21 insertions(+), 2 deletions(-) - -diff --git a/test/recipes/20-test_dgst.t b/test/recipes/20-test_dgst.t -index 5af74aec2ac..e72038d8529 100644 ---- a/test/recipes/20-test_dgst.t -+++ b/test/recipes/20-test_dgst.t -@@ -12,12 +12,12 @@ use warnings; - - use File::Spec; - use File::Basename; --use OpenSSL::Test qw/:DEFAULT with srctop_file/; -+use OpenSSL::Test qw/:DEFAULT with srctop_file bldtop_file/; - use OpenSSL::Test::Utils; - - setup("test_dgst"); - --plan tests => 9; -+plan tests => 10; - - sub tsignverify { - my $testtext = shift; -@@ -103,6 +103,25 @@ SKIP: { - }; - } - -+SKIP: { -+ skip "dgst with engine is not supported by this OpenSSL build", 1 -+ if disabled("engine") || disabled("dynamic-engine"); -+ -+ subtest "SHA1 generation by engine with `dgst` CLI" => sub { -+ plan tests => 1; -+ -+ my $testdata = srctop_file('test', 'data.bin'); -+ # intentionally using -engine twice, please do not remove the duplicate line -+ my @macdata = run(app(['openssl', 'dgst', '-sha1', -+ '-engine', $^O eq 'linux' ? bldtop_file("engines", "ossltest.so") : "ossltest", -+ '-engine', $^O eq 'linux' ? bldtop_file("engines", "ossltest.so") : "ossltest", -+ $testdata]), capture => 1); -+ chomp(@macdata); -+ my $expected = qr/SHA1\(\Q$testdata\E\)= 000102030405060708090a0b0c0d0e0f10111213/; -+ ok($macdata[0] =~ $expected, "SHA1: Check HASH value is as expected ($macdata[0]) vs ($expected)"); -+ } -+} -+ - subtest "HMAC generation with `dgst` CLI" => sub { - plan tests => 2; - diff -Nru openssl-3.0.0/debian/patches/series openssl-3.0.1/debian/patches/series --- openssl-3.0.0/debian/patches/series 2021-12-07 17:15:51.000000000 +0100 +++ openssl-3.0.1/debian/patches/series 2021-12-16 09:10:48.000000000 +0100 @@ -10,9 +10,3 @@ # Ubuntu patches tests-use-seclevel-1.patch tls1.2-min-seclevel2.patch - -#Upstream backports -Don-t-create-an-ECX-key-with-short-keys.patch -Add-null-digest-implementation-to-the-default-provid.patch -double-engine-load.patch -double-engine-load-test.patch diff -Nru openssl-3.0.0/demos/signature/EVP_Signature_demo.c openssl-3.0.1/demos/signature/EVP_Signature_demo.c --- openssl-3.0.0/demos/signature/EVP_Signature_demo.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/demos/signature/EVP_Signature_demo.c 2021-12-14 17:16:25.000000000 +0100 @@ -188,7 +188,7 @@ fprintf(stderr, "EVP_DigestVerifyUpdate(hamlet_2) failed.\n"); goto cleanup; } - if (!EVP_DigestVerifyFinal(verify_context, sig_value, sig_len)) { + if (EVP_DigestVerifyFinal(verify_context, sig_value, sig_len) <= 0) { fprintf(stderr, "EVP_DigestVerifyFinal failed.\n"); goto cleanup; } diff -Nru openssl-3.0.0/doc/build.info openssl-3.0.1/doc/build.info --- openssl-3.0.0/doc/build.info 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/build.info 2021-12-14 17:16:25.000000000 +0100 @@ -1307,10 +1307,10 @@ GENERATE[html/man3/EVP_RAND.html]=man3/EVP_RAND.pod DEPEND[man/man3/EVP_RAND.3]=man3/EVP_RAND.pod GENERATE[man/man3/EVP_RAND.3]=man3/EVP_RAND.pod -DEPEND[html/man3/EVP_SIGNATURE_free.html]=man3/EVP_SIGNATURE_free.pod -GENERATE[html/man3/EVP_SIGNATURE_free.html]=man3/EVP_SIGNATURE_free.pod -DEPEND[man/man3/EVP_SIGNATURE_free.3]=man3/EVP_SIGNATURE_free.pod -GENERATE[man/man3/EVP_SIGNATURE_free.3]=man3/EVP_SIGNATURE_free.pod +DEPEND[html/man3/EVP_SIGNATURE.html]=man3/EVP_SIGNATURE.pod +GENERATE[html/man3/EVP_SIGNATURE.html]=man3/EVP_SIGNATURE.pod +DEPEND[man/man3/EVP_SIGNATURE.3]=man3/EVP_SIGNATURE.pod +GENERATE[man/man3/EVP_SIGNATURE.3]=man3/EVP_SIGNATURE.pod DEPEND[html/man3/EVP_SealInit.html]=man3/EVP_SealInit.pod GENERATE[html/man3/EVP_SealInit.html]=man3/EVP_SealInit.pod DEPEND[man/man3/EVP_SealInit.3]=man3/EVP_SealInit.pod @@ -3046,7 +3046,7 @@ html/man3/EVP_PKEY_verify.html \ html/man3/EVP_PKEY_verify_recover.html \ html/man3/EVP_RAND.html \ -html/man3/EVP_SIGNATURE_free.html \ +html/man3/EVP_SIGNATURE.html \ html/man3/EVP_SealInit.html \ html/man3/EVP_SignInit.html \ html/man3/EVP_VerifyInit.html \ @@ -3638,7 +3638,7 @@ man/man3/EVP_PKEY_verify.3 \ man/man3/EVP_PKEY_verify_recover.3 \ man/man3/EVP_RAND.3 \ -man/man3/EVP_SIGNATURE_free.3 \ +man/man3/EVP_SIGNATURE.3 \ man/man3/EVP_SealInit.3 \ man/man3/EVP_SignInit.3 \ man/man3/EVP_VerifyInit.3 \ diff -Nru openssl-3.0.0/doc/build.info.in openssl-3.0.1/doc/build.info.in --- openssl-3.0.0/doc/build.info.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/build.info.in 2021-12-14 17:16:25.000000000 +0100 @@ -14,7 +14,7 @@ map { $_ => 1 } glob catfile($sourcedir, "man$section", "img", "*.png"); my %podfiles = map { $_ => 1 } glob catfile($sourcedir, "man$section", "*.pod"); - my %podinfiles = + my %podinfiles = map { $_ => 1 } glob catfile($sourcedir, "man$section", "*.pod.in"); foreach (keys %podinfiles) { diff -Nru openssl-3.0.0/doc/internal/man3/cms_add1_signing_cert.pod openssl-3.0.1/doc/internal/man3/cms_add1_signing_cert.pod --- openssl-3.0.0/doc/internal/man3/cms_add1_signing_cert.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/internal/man3/cms_add1_signing_cert.pod 2021-12-14 17:16:25.000000000 +0100 @@ -31,12 +31,12 @@ =head1 RETURN VALUES -cms_add1_signing_cert() and cms_add1_signing_cert_v2() return 1 if attribute +cms_add1_signing_cert() and cms_add1_signing_cert_v2() return 1 if attribute is added or 0 if an error occurred. =head1 COPYRIGHT -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/internal/man3/evp_generic_fetch.pod openssl-3.0.1/doc/internal/man3/evp_generic_fetch.pod --- openssl-3.0.0/doc/internal/man3/evp_generic_fetch.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/internal/man3/evp_generic_fetch.pod 2021-12-14 17:16:25.000000000 +0100 @@ -2,7 +2,7 @@ =head1 NAME -evp_generic_fetch, evp_generic_fetch_by_number +evp_generic_fetch, evp_generic_fetch_by_number, evp_generic_fetch_from_prov - generic algorithm fetchers and method creators for EVP =head1 SYNOPSIS @@ -29,6 +29,15 @@ void *method_data, int (*up_ref_method)(void *), void (*free_method)(void *)); + void *evp_generic_fetch_from_prov(OSSL_PROVIDER *prov, int operation_id, + int name_id, const char *properties, + void *(*new_method)(int name_id, + const OSSL_DISPATCH *fns, + OSSL_PROVIDER *prov, + void *method_data), + void *method_data, + int (*up_ref_method)(void *), + void (*free_method)(void *)); =head1 DESCRIPTION @@ -37,14 +46,19 @@ it to create an EVP method with the help of the functions I, I, and I. -evp_generic_fetch_by_number() does the same thing as evp_generic_fetch(), +evp_generic_fetch_by_number() does the same thing as evp_generic_fetch(), but takes a numeric I instead of a name. I must always be nonzero; as a matter of fact, it being zero is considered a programming error. This is meant to be used when one method needs to fetch an associated -other method, and is typically called from inside the given function +method, and is typically called from inside the given function I. +evp_generic_fetch_from_prov() does the same thing as evp_generic_fetch(), +but limits the search of methods to the provider given with I. +This is meant to be used when one method needs to fetch an associated +method in the same provider. + The three functions I, I, and I are supposed to: diff -Nru openssl-3.0.0/doc/internal/man3/evp_md_get_number.pod openssl-3.0.1/doc/internal/man3/evp_md_get_number.pod --- openssl-3.0.0/doc/internal/man3/evp_md_get_number.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/internal/man3/evp_md_get_number.pod 2021-12-14 17:16:25.000000000 +0100 @@ -10,7 +10,7 @@ =head1 SYNOPSIS - #include + #include "crypto/evp.h" int evp_asym_cipher_get_number(const EVP_ASYM_CIPHER *cipher); int evp_cipher_get_number(const EVP_CIPHER *e); diff -Nru openssl-3.0.0/doc/internal/man3/OPTIONS.pod openssl-3.0.1/doc/internal/man3/OPTIONS.pod --- openssl-3.0.0/doc/internal/man3/OPTIONS.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/internal/man3/OPTIONS.pod 2021-12-14 17:16:25.000000000 +0100 @@ -189,7 +189,7 @@ OPT_PARAMETERS() {OPT_PARAM_STR, 1, '-', "Parameters:\n"} -Every "option" after after this should contain the parameter and +Every "option" after after this should contain the parameter and the help string: {"text", 0, 0, "Words to display (optional)"}, diff -Nru openssl-3.0.0/doc/internal/man3/ossl_lib_ctx_get_data.pod openssl-3.0.1/doc/internal/man3/ossl_lib_ctx_get_data.pod --- openssl-3.0.0/doc/internal/man3/ossl_lib_ctx_get_data.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/internal/man3/ossl_lib_ctx_get_data.pod 2021-12-14 17:16:25.000000000 +0100 @@ -91,7 +91,7 @@ } /* - * Include a reference to this in the methods table in context.c + * Include a reference to this in the methods table in context.c * OSSL_LIB_CTX_FOO_INDEX should be added to internal/cryptlib.h * Priorities can be OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY, * OSSL_LIB_CTX_METHOD_PRIORITY_1, OSSL_LIB_CTX_METHOD_PRIORITY_2, etc. diff -Nru openssl-3.0.0/doc/internal/man3/ossl_method_construct.pod openssl-3.0.1/doc/internal/man3/ossl_method_construct.pod --- openssl-3.0.0/doc/internal/man3/ossl_method_construct.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/internal/man3/ossl_method_construct.pod 2021-12-14 17:16:25.000000000 +0100 @@ -13,21 +13,20 @@ /* Get a temporary store */ void *(*get_tmp_store)(void *data); /* Get an already existing method from a store */ - void *(*get)(void *store, void *data); + void *(*get)(void *store, const OSSL_PROVIDER *prov, void *data); /* Store a method in a store */ - int (*put)(void *store, void *method, - const OSSL_PROVIDER *prov, const char *name, - const char *propdef, void *data); + int (*put)(void *store, void *method, const OSSL_PROVIDER *prov, + const char *name, const char *propdef, void *data); /* Construct a new method */ - void *(*construct)(const char *name, const OSSL_DISPATCH *fns, - OSSL_PROVIDER *prov, void *data); + void *(*construct)(const OSSL_ALGORITHM *algodef, OSSL_PROVIDER *prov, + void *data); /* Destruct a method */ - void (*destruct)(void *method); + void (*destruct)(void *method, void *data); }; typedef struct ossl_method_construct_method OSSL_METHOD_CONSTRUCT_METHOD; void *ossl_method_construct(OSSL_LIB_CTX *ctx, int operation_id, - int force_cache, + OSSL_PROVIDER *prov, int force_cache, OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data); @@ -57,6 +56,9 @@ calling the appropriate functions given by the subsystem specific method creator through I and the data in I (which is passed by ossl_method_construct()). +If I is not NULL, only that provider is considered, which is +useful in the case a method must be found in that particular +provider. This function assumes that the subsystem method creator implements reference counting and acts accordingly (i.e. it will call the @@ -72,17 +74,13 @@ =over 4 -=item alloc_tmp_store() +=item get_tmp_store() Create a temporary method store in the scope of the library context I. This store is used to temporarily store methods for easier lookup, for when the provider doesn't want its dispatch table stored in a longer term cache. -=item dealloc_tmp_store() - -Remove a temporary store. - =item get() Look up an already existing method from a store by name. @@ -97,7 +95,10 @@ In other words, the ossl_method_construct() caller is entirely responsible for ensuring the necesssary data is made available. -This function is expected to increment the method's reference count. +Optionally, I may be given as a search criterion, to narrow down the +search of a method belonging to just one provider. + +This function is expected to increment the resulting method's reference count. =item put() @@ -109,7 +110,7 @@ must be used. This default store should be stored in the library context I. -The method should be associated with the given I, +The method should be associated with the given provider I, I and property definition I as well as any identification data given through I (which is the I that was passed to ossl_construct_method()). diff -Nru openssl-3.0.0/doc/internal/man3/OSSL_METHOD_STORE.pod openssl-3.0.1/doc/internal/man3/OSSL_METHOD_STORE.pod --- openssl-3.0.0/doc/internal/man3/OSSL_METHOD_STORE.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/internal/man3/OSSL_METHOD_STORE.pod 2021-12-14 17:16:25.000000000 +0100 @@ -27,14 +27,14 @@ int nid, const void *method); int ossl_method_store_fetch(OSSL_METHOD_STORE *store, int nid, const char *properties, - void **method); - int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, int nid, - const char *prop_query, void **method); - int ossl_method_store_cache_set(OSSL_METHOD_STORE *store, int nid, - const char *prop_query, void *method, + void **method, const OSSL_PROVIDER **prov_rw); + int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, OSSL_PROVIDER *prov, + int nid, const char *prop_query, void **method); + int ossl_method_store_cache_set(OSSL_METHOD_STORE *store, OSSL_PROVIDER *prov, + int nid, const char *prop_query, void *method, int (*method_up_ref)(void *), void (*method_destruct)(void *)); - void ossl_method_store_flush_cache(OSSL_METHOD_STORE *store); + void ossl_method_store_flush_cache(OSSL_METHOD_STORE *store, int all); =head1 DESCRIPTION @@ -79,7 +79,9 @@ ossl_method_store_fetch() queries I for a method identified by I that matches the property query I. -The result, if any, is returned in I. +I<*prop> may be a pointer to a provider, which will narrow the search +to methods from that provider. +The result, if any, is returned in I<*method>, and its provider in I<*prov>. ossl_method_store_flush_cache() flushes all cached entries associated with I. @@ -89,10 +91,12 @@ ossl_method_store_cache_get() queries the cache associated with the I for a method identified by I that matches the property query I. +Additionally, if I isn't NULL, it will be used to narrow the search +to only include methods from that provider. The result, if any, is returned in I. -ossl_method_store_cache_set() sets a cache entry identified by I with the -property query I in the I. +ossl_method_store_cache_set() sets a cache entry identified by I from the +provider I, with the property query I in the I. Future calls to ossl_method_store_cache_get() will return the specified I. The I function is called to increment the reference count of the method and the I function is called diff -Nru openssl-3.0.0/doc/internal/man3/ossl_provider_new.pod openssl-3.0.1/doc/internal/man3/ossl_provider_new.pod --- openssl-3.0.0/doc/internal/man3/ossl_provider_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/internal/man3/ossl_provider_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,7 +8,7 @@ ossl_provider_add_parameter, ossl_provider_set_child, ossl_provider_get_parent, ossl_provider_up_ref_parent, ossl_provider_free_parent, ossl_provider_default_props_update, ossl_provider_get0_dispatch, -ossl_provider_init_as_child, +ossl_provider_init_as_child, ossl_provider_deinit_child, ossl_provider_activate, ossl_provider_deactivate, ossl_provider_add_to_store, ossl_provider_ctx, ossl_provider_doall_activated, @@ -54,7 +54,7 @@ * If the Provider is a module, the module will be loaded */ int ossl_provider_activate(OSSL_PROVIDER *prov, int upcalls, int aschild); - int ossl_provider_deactivate(OSSL_PROVIDER *prov); + int ossl_provider_deactivate(OSSL_PROVIDER *prov, int removechildren); int ossl_provider_add_to_store(OSSL_PROVIDER *prov, OSSL_PROVIDER **actualprov, int retain_fallbacks); @@ -99,7 +99,7 @@ int ossl_provider_init_as_child(OSSL_LIB_CTX *ctx, const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH *in); - + void ossl_provider_deinit_child(OSSL_LIB_CTX *ctx); =head1 DESCRIPTION @@ -226,7 +226,9 @@ ossl_provider_deactivate() "deactivates" the provider for the given provider object I by decrementing its activation count. When -that count reaches zero, the activation flag is cleared. +that count reaches zero, the activation flag is cleared. If the +I parameter is 0 then no attempt is made to remove any +associated child providers. ossl_provider_add_to_store() adds the provider I to the provider store and makes it available to other threads. This will prevent future automatic loading @@ -296,7 +298,7 @@ ossl_provider_test_operation_bit() checks if the bit operation I is set (1) or not (0) in the internal I bitstring, and sets -I<*result> to 1 or 0 accorddingly. +I<*result> to 1 or 0 accorddingly. ossl_provider_clear_all_operation_bits() clears all of the operation bits to (0) for all providers in the library context I. @@ -306,6 +308,10 @@ parameters are the B and B pointers that were passed to the provider's B function. +ossl_provider_deinit_child() deregisters callbacks from the parent library +context about provider creation or removal events for the child library context +I. Must only be called if I is a child library context. + =head1 NOTES Locating a provider module happens as follows: diff -Nru openssl-3.0.0/doc/internal/man3/ossl_punycode_decode.pod openssl-3.0.1/doc/internal/man3/ossl_punycode_decode.pod --- openssl-3.0.0/doc/internal/man3/ossl_punycode_decode.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/internal/man3/ossl_punycode_decode.pod 2021-12-14 17:16:25.000000000 +0100 @@ -22,10 +22,10 @@ representation of host names in ASCII-only format. Some specifications, such as RFC 8398, require comparison of host names encoded in UTF-8 charset. -ossl_a2ulabel() decodes NULL-terminated hostname from PUNYCODE to UTF-8, +ossl_a2ulabel() decodes NUL-terminated hostname from PUNYCODE to UTF-8, using a provided buffer for output. -ossl_a2ucompare() accepts two NULL-terminated hostnames, decodes the 1st +ossl_a2ucompare() accepts two NUL-terminated hostnames, decodes the 1st from PUNYCODE to UTF-8 and compares it with the 2nd one as is. ossl_punycode_decode() decodes one label (one dot-separated part) from @@ -49,7 +49,7 @@ =head1 COPYRIGHT -Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/internal/man7/build.info.pod openssl-3.0.1/doc/internal/man7/build.info.pod --- openssl-3.0.0/doc/internal/man7/build.info.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/internal/man7/build.info.pod 2021-12-14 17:16:25.000000000 +0100 @@ -574,7 +574,7 @@ through other libraries), they will be ordered in such a way that this dependency is maintained: - DEPEND[libfoo.a]{weak}=libfoo.a libcookie.a + DEPEND[libfoo.a]{weak}=libfoo.a libcookie.a This is useful in complex dependency trees where two libraries can be used as alternatives for each other. In this example, C and diff -Nru openssl-3.0.0/doc/internal/man7/DERlib.pod openssl-3.0.1/doc/internal/man7/DERlib.pod --- openssl-3.0.0/doc/internal/man7/DERlib.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/internal/man7/DERlib.pod 2021-12-14 17:16:25.000000000 +0100 @@ -81,7 +81,7 @@ -- From RFC 3280, section 4.1.1.2 AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, - parameters ANY DEFINED BY algorithm OPTIONAL } + parameters ANY DEFINED BY algorithm OPTIONAL } And the RSASSA-PSS OID and parameters are specified like this: @@ -139,7 +139,7 @@ =head1 COPYRIGHT -Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/life-cycles/digest.dot openssl-3.0.1/doc/life-cycles/digest.dot --- openssl-3.0.0/doc/life-cycles/digest.dot 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/life-cycles/digest.dot 2021-12-14 17:16:25.000000000 +0100 @@ -30,4 +30,4 @@ finaled -> initialised [label="EVP_DigestInit", style=dashed, color="#034f84", fontcolor="#034f84"]; } - + diff -Nru openssl-3.0.0/doc/life-cycles/kdf.dot openssl-3.0.1/doc/life-cycles/kdf.dot --- openssl-3.0.0/doc/life-cycles/kdf.dot 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/life-cycles/kdf.dot 2021-12-14 17:16:25.000000000 +0100 @@ -13,4 +13,4 @@ deriving -> newed [label="EVP_KDF_CTX_reset", style=dashed, color="#034f84", fontcolor="#034f84"]; } - + diff -Nru openssl-3.0.0/doc/life-cycles/mac.dot openssl-3.0.1/doc/life-cycles/mac.dot --- openssl-3.0.0/doc/life-cycles/mac.dot 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/life-cycles/mac.dot 2021-12-14 17:16:25.000000000 +0100 @@ -25,4 +25,4 @@ finaled -> initialised [label="EVP_MAC_init", style=dashed, color="#034f84", fontcolor="#034f84"]; } - + diff -Nru openssl-3.0.0/doc/life-cycles/rand.dot openssl-3.0.1/doc/life-cycles/rand.dot --- openssl-3.0.0/doc/life-cycles/rand.dot 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/life-cycles/rand.dot 2021-12-14 17:16:25.000000000 +0100 @@ -14,4 +14,4 @@ uninstantiated -> end [label="EVP_RAND_CTX_free"]; uninstantiated -> instantiated [label="EVP_RAND_instantiate", style=dashed, color="#034f84", fontcolor="#034f84"]; } - + diff -Nru openssl-3.0.0/doc/man1/openssl-cmp.pod.in openssl-3.0.1/doc/man1/openssl-cmp.pod.in --- openssl-3.0.0/doc/man1/openssl-cmp.pod.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man1/openssl-cmp.pod.in 2021-12-14 17:16:25.000000000 +0100 @@ -48,10 +48,10 @@ Message transfer options: [B<-server> I<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]>] -[B<-path> I] [B<-proxy> I<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]>] [B<-no_proxy> I] [B<-recipient> I] +[B<-path> I] [B<-keep_alive> I] [B<-msg_timeout> I] [B<-total_timeout> I] @@ -448,11 +448,6 @@ Any given query component is handled as part of the path component. If a path is included it provides the default value for the B<-path> option. -=item B<-path> I - -HTTP path at the CMP server (aka CMP alias) to use for POST requests. -Defaults to any path given with B<-server>, else C<"/">. - =item B<-proxy> I<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]> The HTTP(S) proxy server to use for reaching the CMP server unless B<-no_proxy> @@ -487,6 +482,11 @@ The argument must be formatted as I. For details see the description of the B<-subject> option. +=item B<-path> I + +HTTP path at the CMP server (aka CMP alias) to use for POST requests. +Defaults to any path given with B<-server>, else C<"/">. + =item B<-keep_alive> I If the given value is 0 then HTTP connections are not kept open @@ -835,7 +835,7 @@ =item B<-tls_host> I -Address to be checked during hostname validation. +Address to be checked during hostname validation. This may be a DNS name or an IP address. If not given it defaults to the B<-server> address. diff -Nru openssl-3.0.0/doc/man1/openssl-fipsinstall.pod.in openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in --- openssl-3.0.0/doc/man1/openssl-fipsinstall.pod.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man1/openssl-fipsinstall.pod.in 2021-12-14 17:16:25.000000000 +0100 @@ -197,6 +197,18 @@ =back +=head1 NOTES + +Self tests results are logged by default if the options B<-quiet> and B<-noout> +are not specified, or if either of the options B<-corrupt_desc> or +B<-corrupt_type> are used. +If the base configuration file is set up to autoload the fips module, then the +fips module will be loaded and self tested BEFORE the fipsinstall application +has a chance to set up its own self test callback. As a result of this the self +test output and the options B<-corrupt_desc> and B<-corrupt_type> will be ignored. +For normal usage the base configuration file should use the default provider +when generating the fips configuration file. + =head1 EXAMPLES Calculate the mac of a FIPS module F and run a FIPS self test diff -Nru openssl-3.0.0/doc/man1/openssl-mac.pod.in openssl-3.0.1/doc/man1/openssl-mac.pod.in --- openssl-3.0.0/doc/man1/openssl-mac.pod.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man1/openssl-mac.pod.in 2021-12-14 17:16:25.000000000 +0100 @@ -116,7 +116,7 @@ =item I Specifies the name of a supported MAC algorithm which will be used. -To see the list of supported MAC's use the command C. =back diff -Nru openssl-3.0.0/doc/man1/openssl-passwd.pod.in openssl-3.0.1/doc/man1/openssl-passwd.pod.in --- openssl-3.0.0/doc/man1/openssl-passwd.pod.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man1/openssl-passwd.pod.in 2021-12-14 17:16:25.000000000 +0100 @@ -31,8 +31,6 @@ run-time or the hash of each password in a list. The password list is taken from the named file for option B<-in>, from stdin for option B<-stdin>, or from the command line, or from the terminal otherwise. -The MD5-based BSD password algorithm B<-1>, its Apache variant B<-apr1>, -and its AIX variant are available. =head1 OPTIONS diff -Nru openssl-3.0.0/doc/man1/openssl-req.pod.in openssl-3.0.1/doc/man1/openssl-req.pod.in --- openssl-3.0.0/doc/man1/openssl-req.pod.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man1/openssl-req.pod.in 2021-12-14 17:16:25.000000000 +0100 @@ -79,9 +79,10 @@ =item B<-in> I -This specifies the input filename to read a request from or standard input -if this option is not specified. A request is only read if the creation -options (B<-new> or B<-newkey>) are not specified. +This specifies the input filename to read a request from. +This defaults to standard input unless B<-x509> or B<-CA> is specified. +A request is only read if the creation options +(B<-new> or B<-newkey> or B<-precert>) are not specified. =item B<-sigopt> I:I @@ -156,8 +157,13 @@ =item B<-newkey> I -This option creates a new certificate request and a new private -key. The argument takes one of several forms. +This option is used to generate a new private key unless B<-key> is given. +It is subsequently used as if it was given using the B<-key> option. + +This option implies the B<-new> flag to create a new certificate request +or a new certificate in case B<-x509> is given. + +The argument takes one of several forms. [B]I generates an RSA key I in size. If I is omitted, i.e., B<-newkey> B is specified, @@ -193,9 +199,14 @@ =item B<-key> I|I -This specifies the key to include and to use for request self-signature -and for self-signing certificates produced with the B<-x509> option. -It also accepts PKCS#8 format private keys for PEM format files. +This option provides the private key for signing a new certificate or +certificate request. +Unless B<-in> is given, the corresponding public key is placed in +the new certificate or certificate request, resulting in a self-signature. + +For certificate signing this option is overridden by the B<-CA> option. + +This option also accepts PKCS#8 format private keys for PEM format files. =item B<-keyform> B|B|B|B @@ -268,6 +279,8 @@ This is typically used to generate test certificates. It is implied by the B<-CA> option. +This option implies the B<-new> flag if B<-in> is not given. + If an existing request is specified with the B<-in> option, it is converted to the a certificate; otherwise a request is created from scratch. diff -Nru openssl-3.0.0/doc/man1/openssl-x509.pod.in openssl-3.0.1/doc/man1/openssl-x509.pod.in --- openssl-3.0.0/doc/man1/openssl-x509.pod.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man1/openssl-x509.pod.in 2021-12-14 17:16:25.000000000 +0100 @@ -102,9 +102,11 @@ =item B<-in> I|I -If the B<-req> option is not used this specifies the input -to read a certificate from or standard input if this option is not specified. -With the B<-req> option this specifies a certificate request file. +This specifies the input to read a certificate from +or the input file for reading a certificate request if the B<-req> flag is used. +In both cases this defaults to standard input. + +This option cannot be combined with the B<-new> flag. =item B<-passin> I @@ -118,14 +120,14 @@ or certificate request. So the B<-in> option must not be used in this case. Instead, the B<-subj> option needs to be given. The public key to include can be given with the B<-force_pubkey> option -and defaults to the key given with the B<-key> option, +and defaults to the key given with the B<-key> (or B<-signkey>) option, which implies self-signature. =item B<-x509toreq> Output a PKCS#10 certificate request (rather than a certificate). -The B<-key> option must be used to provide the private key for self-signing; -the corresponding public key is placed in the subjectPKInfo field. +The B<-key> (or B<-signkey>) option must be used to provide the private key for +self-signing; the corresponding public key is placed in the subjectPKInfo field. X.509 extensions included in a certificate input are not copied by default. X.509 extensions to be added can be specified using the B<-extfile> option. @@ -163,9 +165,12 @@ =item B<-key> I|I -This option causes the new certificate or certificate request -to be self-signed using the supplied private key. -This cannot be used in conjunction with the B<-CA> option. +This option provides the private key for signing a new certificate or +certificate request. +Unless B<-force_pubkey> is given, the corresponding public key is placed in +the new certificate or certificate request, resulting in a self-signature. + +This option cannot be used in conjunction with the B<-CA> option. It sets the issuer name to the subject name (i.e., makes it self-issued) and changes the public key to the supplied value (unless overridden @@ -355,8 +360,9 @@ =item B<-set_serial> I -Specifies the serial number to use. This option can be used with either -the B<-key> or B<-CA> options. If used in conjunction with the B<-CA> option +Specifies the serial number to use. +This option can be used with the B<-key>, B<-signkey>, or B<-CA> options. +If used in conjunction with the B<-CA> option the serial number file (as specified by the B<-CAserial> option) is not used. The serial number can be decimal or hex (if preceded by C<0x>). @@ -400,7 +406,8 @@ =item B<-force_pubkey> I When a certificate is created set its public key to the key in I -instead of the key contained in the input or given with the B<-key> option. +instead of the key contained in the input +or given with the B<-key> (or B<-signkey>) option. This option is useful for creating self-issued certificates that are not self-signed, for instance when the key cannot be used for signing, such as DH. @@ -446,7 +453,7 @@ The digest to use. This affects any signing or printing option that uses a message -digest, such as the B<-fingerprint>, B<-key> and B<-CA> options. +digest, such as the B<-fingerprint>, B<-key>, and B<-CA> options. Any digest supported by the L command can be used. If not specified then SHA1 is used with B<-fingerprint> or the default digest for the signing algorithm is used, typically SHA256. @@ -464,9 +471,9 @@ The subject name of the "CA" certificate is placed as issuer name in the new certificate, which is then signed using the "CA" key given as detailed below. -This option cannot be used in conjunction with the B<-key> option. +This option cannot be used in conjunction with B<-key> (or B<-signkey>). This option is normally combined with the B<-req> option referencing a CSR. -Without the B<-req> option the input must be a self-signed certificate +Without the B<-req> option the input must be an existing certificate unless the B<-new> option is given, which generates a certificate from scratch. =item B<-CAform> B|B|B, diff -Nru openssl-3.0.0/doc/man3/ASN1_INTEGER_get_int64.pod openssl-3.0.1/doc/man3/ASN1_INTEGER_get_int64.pod --- openssl-3.0.0/doc/man3/ASN1_INTEGER_get_int64.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/ASN1_INTEGER_get_int64.pod 2021-12-14 17:16:25.000000000 +0100 @@ -14,7 +14,7 @@ long ASN1_INTEGER_get(const ASN1_INTEGER *a); int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r); - int ASN1_INTEGER_set(const ASN1_INTEGER *a, long v); + int ASN1_INTEGER_set(ASN1_INTEGER *a, long v); int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a); int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r); @@ -28,8 +28,8 @@ int ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *a, int64_t r); int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v); - ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai); - BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn); + ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai); + BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn); =head1 DESCRIPTION @@ -123,7 +123,7 @@ =head1 COPYRIGHT -Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/ASN1_item_d2i_bio.pod openssl-3.0.1/doc/man3/ASN1_item_d2i_bio.pod --- openssl-3.0.0/doc/man3/ASN1_item_d2i_bio.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/ASN1_item_d2i_bio.pod 2021-12-14 17:16:25.000000000 +0100 @@ -10,15 +10,15 @@ #include - ASN1_VALUE *ASN1_item_d2i_ex(ASN1_VALUE **val, const unsigned char **in, + ASN1_VALUE *ASN1_item_d2i_ex(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, OSSL_LIB_CTX *libctx, const char *propq); - ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, + ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it); - void *ASN1_item_d2i_bio_ex(const ASN1_ITEM *it, BIO *in, void *pval, + void *ASN1_item_d2i_bio_ex(const ASN1_ITEM *it, BIO *in, void *x, OSSL_LIB_CTX *libctx, const char *propq); - void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *pval); + void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x); void *ASN1_item_d2i_fp_ex(const ASN1_ITEM *it, FILE *in, void *x, OSSL_LIB_CTX *libctx, const char *propq); diff -Nru openssl-3.0.0/doc/man3/ASN1_TYPE_get.pod openssl-3.0.1/doc/man3/ASN1_TYPE_get.pod --- openssl-3.0.0/doc/man3/ASN1_TYPE_get.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/ASN1_TYPE_get.pod 2021-12-14 17:16:25.000000000 +0100 @@ -24,7 +24,7 @@ B structure can contain any ASN.1 type or constructed type such as a SEQUENCE: it is effectively equivalent to the ASN.1 ANY type. -ASN1_TYPE_get() returns the type of I. +ASN1_TYPE_get() returns the type of I or 0 if it fails. ASN1_TYPE_set() sets the value of I to I and I. This function uses the pointer I internally so it must B be freed @@ -91,7 +91,7 @@ =head1 COPYRIGHT -Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/BF_encrypt.pod openssl-3.0.1/doc/man3/BF_encrypt.pod --- openssl-3.0.0/doc/man3/BF_encrypt.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BF_encrypt.pod 2021-12-14 17:16:25.000000000 +0100 @@ -9,9 +9,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void BF_set_key(BF_KEY *key, int len, const unsigned char *data); @@ -121,7 +121,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/BIO_ctrl.pod openssl-3.0.1/doc/man3/BIO_ctrl.pod --- openssl-3.0.0/doc/man3/BIO_ctrl.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_ctrl.pod 2021-12-14 17:16:25.000000000 +0100 @@ -77,26 +77,27 @@ macros which call BIO_ctrl(). BIO_get_ktls_send() returns 1 if the BIO is using the Kernel TLS data-path for -sending. Otherwise, it returns zero. +sending. Otherwise, it returns zero. It also returns negative values for failure. BIO_get_ktls_recv() returns 1 if the BIO is using the Kernel TLS data-path for -receiving. Otherwise, it returns zero. +receiving. Otherwise, it returns zero. It also returns negative values for failure. =head1 RETURN VALUES -BIO_reset() normally returns 1 for success and 0 or -1 for failure. File +BIO_reset() normally returns 1 for success and <=0 for failure. File BIOs are an exception, they return 0 for success and -1 for failure. BIO_seek() and BIO_tell() both return the current file position on success and -1 for failure, except file BIOs which for BIO_seek() always return 0 for success and -1 for failure. -BIO_flush() returns 1 for success and 0 or -1 for failure. +BIO_flush() returns 1 for success and <=0 for failure. -BIO_eof() returns 1 if EOF has been reached, 0 if not, or -1 for failure. +BIO_eof() returns 1 if EOF has been reached, 0 if not, or negative values for failure. -BIO_set_close() always returns 1. +BIO_set_close() returns 1 on success or <=0 for failure. -BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE. +BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE. It also +returns other negative values if an error occurs. BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending() return the amount of pending data. diff -Nru openssl-3.0.0/doc/man3/BIO_f_buffer.pod openssl-3.0.1/doc/man3/BIO_f_buffer.pod --- openssl-3.0.0/doc/man3/BIO_f_buffer.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_f_buffer.pod 2021-12-14 17:16:25.000000000 +0100 @@ -74,12 +74,13 @@ BIO_f_buffer() returns the buffering BIO method. -BIO_get_buffer_num_lines() returns the number of lines buffered (may be 0). +BIO_get_buffer_num_lines() returns the number of lines buffered (may be 0) or +a negative value in case of errors. BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size() -return 1 if the buffer was successfully resized or 0 for failure. +return 1 if the buffer was successfully resized or <=0 for failure. -BIO_set_buffer_read_data() returns 1 if the data was set correctly or 0 if +BIO_set_buffer_read_data() returns 1 if the data was set correctly or <=0 if there was an error. =head1 SEE ALSO @@ -92,7 +93,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/BIO_f_cipher.pod openssl-3.0.1/doc/man3/BIO_f_cipher.pod --- openssl-3.0.0/doc/man3/BIO_f_cipher.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_f_cipher.pod 2021-12-14 17:16:25.000000000 +0100 @@ -12,8 +12,8 @@ #include const BIO_METHOD *BIO_f_cipher(void); - void BIO_set_cipher(BIO *b, const EVP_CIPHER *cipher, - unsigned char *key, unsigned char *iv, int enc); + int BIO_set_cipher(BIO *b, const EVP_CIPHER *cipher, + const unsigned char *key, const unsigned char *iv, int enc); int BIO_get_cipher_status(BIO *b); int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx); @@ -62,16 +62,16 @@ BIO_f_cipher() returns the cipher BIO method. -BIO_set_cipher() does not return a value. +BIO_set_cipher() returns 1 for success and 0 for failure. -BIO_get_cipher_status() returns 1 for a successful decrypt and 0 +BIO_get_cipher_status() returns 1 for a successful decrypt and <=0 for failure. -BIO_get_cipher_ctx() currently always returns 1. +BIO_get_cipher_ctx() returns 1 for success and <=0 for failure. =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/BIO_f_md.pod openssl-3.0.1/doc/man3/BIO_f_md.pod --- openssl-3.0.0/doc/man3/BIO_f_md.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_f_md.pod 2021-12-14 17:16:25.000000000 +0100 @@ -69,7 +69,7 @@ BIO_f_md() returns the digest BIO method. BIO_set_md(), BIO_get_md() and BIO_md_ctx() return 1 for success and -0 for failure. +<=0 for failure. =head1 EXAMPLES diff -Nru openssl-3.0.0/doc/man3/BIO_f_prefix.pod openssl-3.0.1/doc/man3/BIO_f_prefix.pod --- openssl-3.0.0/doc/man3/BIO_f_prefix.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_f_prefix.pod 2021-12-14 17:16:25.000000000 +0100 @@ -46,13 +46,13 @@ BIO_f_prefix() returns the prefix BIO method. -BIO_set_prefix() returns 1 if the prefix was correctly set, or 0 on +BIO_set_prefix() returns 1 if the prefix was correctly set, or <=0 on failure. -BIO_set_indent() returns 1 if the prefix was correctly set, or 0 on +BIO_set_indent() returns 1 if the prefix was correctly set, or <=0 on failure. -BIO_get_indent() returns the current indentation. +BIO_get_indent() returns the current indentation, or a negative value for failure. =head1 SEE ALSO @@ -60,7 +60,7 @@ =head1 COPYRIGHT -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/BIO_f_ssl.pod openssl-3.0.1/doc/man3/BIO_f_ssl.pod --- openssl-3.0.0/doc/man3/BIO_f_ssl.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_f_ssl.pod 2021-12-14 17:16:25.000000000 +0100 @@ -54,26 +54,26 @@ If the close flag is set when an SSL BIO is freed then the internal SSL structure is also freed using SSL_free(). -BIO_set_ssl() sets the internal SSL pointer of BIO B to B using +BIO_set_ssl() sets the internal SSL pointer of SSL BIO B to B using the close flag B. -BIO_get_ssl() retrieves the SSL pointer of BIO B, it can then be +BIO_get_ssl() retrieves the SSL pointer of SSL BIO B, it can then be manipulated using the standard SSL library functions. BIO_set_ssl_mode() sets the SSL BIO mode to B. If B is 1 client mode is set. If B is 0 server mode is set. -BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count +BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count of SSL BIO B to B. When set after every B bytes of I/O (read and write) the SSL session is automatically renegotiated. B must be at least 512 bytes. -BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to -B. When the renegotiate timeout elapses the session is -automatically renegotiated. +BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout of SSL BIO B +to B. +When the renegotiate timeout elapses the session is automatically renegotiated. BIO_get_num_renegotiates() returns the total number of session -renegotiations due to I/O or timeout. +renegotiations due to I/O or timeout of SSL BIO B. BIO_new_ssl() allocates an SSL BIO using SSL_CTX B and using client mode if B is non zero. @@ -82,8 +82,7 @@ SSL BIO (using B) followed by a connect BIO. BIO_new_buffer_ssl_connect() creates a new BIO chain consisting -of a buffering BIO, an SSL BIO (using B) and a connect -BIO. +of a buffering BIO, an SSL BIO (using B), and a connect BIO. BIO_ssl_copy_session_id() copies an SSL session id between BIO chains B and B. It does this by locating the @@ -96,7 +95,7 @@ pointer. BIO_do_handshake() attempts to complete an SSL handshake on the --supplied BIO and establish the SSL connection. +supplied BIO and establish the SSL connection. For non-SSL BIOs the connection is done typically at TCP level. If domain name resolution yields multiple IP addresses all of them are tried after connect() failures. diff -Nru openssl-3.0.0/doc/man3/BIO_get_ex_new_index.pod openssl-3.0.1/doc/man3/BIO_get_ex_new_index.pod --- openssl-3.0.0/doc/man3/BIO_get_ex_new_index.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_get_ex_new_index.pod 2021-12-14 17:16:25.000000000 +0100 @@ -43,9 +43,9 @@ #define TYPE_set_app_data(TYPE *d, void *arg) #define TYPE_get_app_data(TYPE *d) -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); diff -Nru openssl-3.0.0/doc/man3/BIO_push.pod openssl-3.0.1/doc/man3/BIO_push.pod --- openssl-3.0.0/doc/man3/BIO_push.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_push.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,22 +8,27 @@ #include - BIO *BIO_push(BIO *b, BIO *append); + BIO *BIO_push(BIO *b, BIO *next); BIO *BIO_pop(BIO *b); void BIO_set_next(BIO *b, BIO *next); =head1 DESCRIPTION -The BIO_push() function appends the BIO B to B, it returns -B. - -BIO_pop() removes the BIO B from a chain and returns the next BIO -in the chain, or NULL if there is no next BIO. The removed BIO then -becomes a single BIO with no association with the original chain, -it can thus be freed or attached to a different chain. +BIO_push() pushes I on I. +If I is NULL the function does nothing and returns I. +Otherwise it prepends I, which may be a single BIO or a chain of BIOs, +to I (unless I is NULL). +It then makes a control call on I and returns I. + +BIO_pop() removes the BIO I from any chain is is part of. +If I is NULL the function does nothing and returns NULL. +Otherwise it makes a control call on I and +returns the next BIO in the chain, or NULL if there is no next BIO. +The removed BIO becomes a single BIO with no association with +the original chain, it can thus be freed or be made part of a different chain. BIO_set_next() replaces the existing next BIO in a chain with the BIO pointed to -by B. The new chain may include some of the same BIOs from the old chain +by I. The new chain may include some of the same BIOs from the old chain or it may be completely different. =head1 NOTES @@ -33,41 +38,45 @@ the deleted BIO does not need to be at the end of a chain. The process of calling BIO_push() and BIO_pop() on a BIO may have additional -consequences (a control call is made to the affected BIOs) any effects will -be noted in the descriptions of individual BIOs. +consequences (a control call is made to the affected BIOs). +Any effects will be noted in the descriptions of individual BIOs. =head1 RETURN VALUES -BIO_push() returns the end of the chain, B. +BIO_push() returns the head of the chain, +which usually is I, or I if I is NULL. -BIO_pop() returns the next BIO in the chain, or NULL if there is no next -BIO. +BIO_pop() returns the next BIO in the chain, +or NULL if there is no next BIO. =head1 EXAMPLES -For these examples suppose B and B are digest BIOs, B is -a base64 BIO and B is a file BIO. +For these examples suppose I and I are digest BIOs, +I is a base64 BIO and I is a file BIO. If the call: BIO_push(b64, f); -is made then the new chain will be B. After making the calls +is made then the new chain will be I. After making the calls BIO_push(md2, b64); BIO_push(md1, md2); -the new chain is B. Data written to B will be digested -by B and B, B encoded and written to B. +the new chain is I. Data written to I will be digested +by I and I, base64 encoded, and finally written to I. It should be noted that reading causes data to pass in the reverse -direction, that is data is read from B, B decoded and digested -by B and B. If the call: +direction, that is data is read from I, base64 decoded, +and digested by I and then I. + +The call: BIO_pop(md2); -The call will return B and the new chain will be B data can -be written to B as before. +will return I and the new chain will be I. +Data can be written to and read from I as before, +except that I will no more be applied. =head1 SEE ALSO diff -Nru openssl-3.0.0/doc/man3/BIO_s_accept.pod openssl-3.0.1/doc/man3/BIO_s_accept.pod --- openssl-3.0.0/doc/man3/BIO_s_accept.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_s_accept.pod 2021-12-14 17:16:25.000000000 +0100 @@ -169,16 +169,16 @@ BIO_do_accept(), BIO_set_accept_name(), BIO_set_accept_port(), BIO_set_nbio_accept(), BIO_set_accept_bios(), BIO_set_accept_ip_family(), and BIO_set_bind_mode() -return 1 for success and 0 or -1 for failure. +return 1 for success and <=0 for failure. BIO_get_accept_name() returns the accept name or NULL on error. BIO_get_peer_name() returns the peer name or NULL on error. BIO_get_accept_port() returns the accept port as a string or NULL on error. BIO_get_peer_port() returns the peer port as a string or NULL on error. -BIO_get_accept_ip_family() returns the IP family or -1 on error. +BIO_get_accept_ip_family() returns the IP family or <=0 on error. -BIO_get_bind_mode() returns the set of B flags, or -1 on failure. +BIO_get_bind_mode() returns the set of B flags, or <=0 on failure. BIO_new_accept() returns a BIO or NULL on error. diff -Nru openssl-3.0.0/doc/man3/BIO_s_connect.pod openssl-3.0.1/doc/man3/BIO_s_connect.pod --- openssl-3.0.0/doc/man3/BIO_s_connect.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_s_connect.pod 2021-12-14 17:16:25.000000000 +0100 @@ -15,7 +15,7 @@ const BIO_METHOD *BIO_s_connect(void); - BIO *BIO_new_connect(char *name); + BIO *BIO_new_connect(const char *name); long BIO_set_conn_hostname(BIO *b, char *name); long BIO_set_conn_port(BIO *b, char *port); @@ -141,9 +141,9 @@ BIO_s_connect() returns the connect BIO method. BIO_set_conn_address(), BIO_set_conn_port(), and BIO_set_conn_ip_family() -always return 1. +return 1 or <=0 if an error occurs. -BIO_set_conn_hostname() returns 1 on success and 0 on failure. +BIO_set_conn_hostname() returns 1 on success and <=0 on failure. BIO_get_conn_address() returns the address information or NULL if none was set. @@ -156,10 +156,10 @@ BIO_get_conn_port() returns a string representing the connected port or NULL if not set. -BIO_set_nbio() always returns 1. +BIO_set_nbio() returns 1 or <=0 if an error occurs. BIO_do_connect() returns 1 if the connection was successfully -established and 0 or -1 if the connection failed. +established and <=0 if the connection failed. =head1 EXAMPLES diff -Nru openssl-3.0.0/doc/man3/BIO_set_callback.pod openssl-3.0.1/doc/man3/BIO_set_callback.pod --- openssl-3.0.0/doc/man3/BIO_set_callback.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_set_callback.pod 2021-12-14 17:16:25.000000000 +0100 @@ -24,14 +24,14 @@ long BIO_debug_callback_ex(BIO *bio, int oper, const char *argp, size_t len, int argi, long argl, int ret, size_t *processed); - Deprecated since OpenSSL 3.0, can be hidden entirely by defining - OPENSSL_API_COMPAT with a suitable version value, see - openssl_user_macros(7): +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi, long argl, long ret); void BIO_set_callback(BIO *b, BIO_callback_fn cb); - BIO_callback_fn BIO_get_callback(BIO *b); + BIO_callback_fn BIO_get_callback(const BIO *b); long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi, long argl, long ret); diff -Nru openssl-3.0.0/doc/man3/BIO_s_fd.pod openssl-3.0.1/doc/man3/BIO_s_fd.pod --- openssl-3.0.0/doc/man3/BIO_s_fd.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_s_fd.pod 2021-12-14 17:16:25.000000000 +0100 @@ -60,10 +60,10 @@ BIO_s_fd() returns the file descriptor BIO method. -BIO_set_fd() always returns 1. +BIO_set_fd() returns 1 on success or <=0 for failure. BIO_get_fd() returns the file descriptor or -1 if the BIO has not -been initialized. +been initialized. It also returns zero and negative values if other error occurs. BIO_new_fd() returns the newly allocated BIO or NULL is an error occurred. diff -Nru openssl-3.0.0/doc/man3/BIO_s_file.pod openssl-3.0.1/doc/man3/BIO_s_file.pod --- openssl-3.0.0/doc/man3/BIO_s_file.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BIO_s_file.pod 2021-12-14 17:16:25.000000000 +0100 @@ -87,16 +87,15 @@ BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error occurred. -BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure +BIO_set_fp() and BIO_get_fp() return 1 for success or <=0 for failure (although the current implementation never return 0). -BIO_seek() returns the same value as the underlying fseek() function: -0 for success or -1 for failure. +BIO_seek() returns 0 for success or negative values for failure. -BIO_tell() returns the current file position. +BIO_tell() returns the current file position or negative values for failure. BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and -BIO_rw_filename() return 1 for success or 0 for failure. +BIO_rw_filename() return 1 for success or <=0 for failure. =head1 EXAMPLES @@ -114,7 +113,7 @@ bio_out = BIO_new(BIO_s_file()); if (bio_out == NULL) /* Error */ - if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE)) + if (BIO_set_fp(bio_out, stdout, BIO_NOCLOSE) <= 0) /* Error */ BIO_printf(bio_out, "Hello World\n"); @@ -135,7 +134,7 @@ out = BIO_new(BIO_s_file()); if (out == NULL) /* Error */ - if (!BIO_write_filename(out, "filename.txt")) + if (BIO_write_filename(out, "filename.txt") <= 0) /* Error */ BIO_printf(out, "Hello World\n"); BIO_free(out); @@ -158,7 +157,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/BN_BLINDING_new.pod openssl-3.0.1/doc/man3/BN_BLINDING_new.pod --- openssl-3.0.0/doc/man3/BN_BLINDING_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BN_BLINDING_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -26,8 +26,8 @@ void BN_BLINDING_set_current_thread(BN_BLINDING *b); int BN_BLINDING_lock(BN_BLINDING *b); int BN_BLINDING_unlock(BN_BLINDING *b); - unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); - void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); + unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b); + void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags); BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, int (*bn_mod_exp)(BIGNUM *r, @@ -116,7 +116,7 @@ =head1 COPYRIGHT -Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/BN_bn2bin.pod openssl-3.0.1/doc/man3/BN_bn2bin.pod --- openssl-3.0.0/doc/man3/BN_bn2bin.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BN_bn2bin.pod 2021-12-14 17:16:25.000000000 +0100 @@ -91,10 +91,10 @@ BN_bn2bin() returns the length of the big-endian number placed at B. BN_bin2bn() returns the B, NULL on error. -BN_bn2binpad() returns the number of bytes written or -1 if the supplied +BN_bn2binpad(), BN_bn2lebinpad(), and BN_bn2nativepad() return the number of bytes written or -1 if the supplied buffer is too small. -BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL +BN_bn2hex() and BN_bn2dec() return a NUL-terminated string, or NULL on error. BN_hex2bn() and BN_dec2bn() return the number of characters used in parsing, or 0 on error, in which case no new B will be created. @@ -114,7 +114,7 @@ =head1 COPYRIGHT -Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/BN_generate_prime.pod openssl-3.0.1/doc/man3/BN_generate_prime.pod --- openssl-3.0.0/doc/man3/BN_generate_prime.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BN_generate_prime.pod 2021-12-14 17:16:25.000000000 +0100 @@ -34,9 +34,9 @@ void *BN_GENCB_get_arg(BN_GENCB *cb); -Deprecated since OpenSSL 0.9.8, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 0.9.8, and can be +hidden entirely by defining B with a suitable version value, +see L: BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add, BIGNUM *rem, void (*callback)(int, int, void *), @@ -49,7 +49,9 @@ void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg, int do_trial_division); -Deprecated since OpenSSL 3.0: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb); diff -Nru openssl-3.0.0/doc/man3/BN_mod_mul_reciprocal.pod openssl-3.0.1/doc/man3/BN_mod_mul_reciprocal.pod --- openssl-3.0.0/doc/man3/BN_mod_mul_reciprocal.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BN_mod_mul_reciprocal.pod 2021-12-14 17:16:25.000000000 +0100 @@ -15,10 +15,10 @@ int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx); - int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *a, BN_RECP_CTX *recp, + int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, BN_RECP_CTX *recp, BN_CTX *ctx); - int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b, + int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_RECP_CTX *recp, BN_CTX *ctx); =head1 DESCRIPTION @@ -66,7 +66,7 @@ =head1 COPYRIGHT -Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/BN_rand.pod openssl-3.0.1/doc/man3/BN_rand.pod --- openssl-3.0.0/doc/man3/BN_rand.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/BN_rand.pod 2021-12-14 17:16:25.000000000 +0100 @@ -19,20 +19,20 @@ unsigned int strength, BN_CTX *ctx); int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom); - int BN_rand_range_ex(BIGNUM *rnd, BIGNUM *range, unsigned int strength, + int BN_rand_range_ex(BIGNUM *rnd, const BIGNUM *range, unsigned int strength, BN_CTX *ctx); - int BN_rand_range(BIGNUM *rnd, BIGNUM *range); + int BN_rand_range(BIGNUM *rnd, const BIGNUM *range); - int BN_priv_rand_range_ex(BIGNUM *rnd, BIGNUM *range, unsigned int strength, + int BN_priv_rand_range_ex(BIGNUM *rnd, const BIGNUM *range, unsigned int strength, BN_CTX *ctx); - int BN_priv_rand_range(BIGNUM *rnd, BIGNUM *range); + int BN_priv_rand_range(BIGNUM *rnd, const BIGNUM *range); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -OPENSSL_API_COMPAT with a suitable version value, see -openssl_user_macros(7): +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom); - int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range); + int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range); =head1 DESCRIPTION @@ -53,7 +53,7 @@ numbers will always have 2*I length. If I is B, the number will be odd; if it is B it can be odd or even. -If I is 1 then I cannot also be B. +If I is 1 then I cannot also be B. BN_rand() is the same as BN_rand_ex() except that the default library context is always used. diff -Nru openssl-3.0.0/doc/man3/CMS_add1_recipient_cert.pod openssl-3.0.1/doc/man3/CMS_add1_recipient_cert.pod --- openssl-3.0.0/doc/man3/CMS_add1_recipient_cert.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/CMS_add1_recipient_cert.pod 2021-12-14 17:16:25.000000000 +0100 @@ -9,7 +9,7 @@ #include CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip, - EVP_PKEY *originatorPrivKey, + EVP_PKEY *originatorPrivKey, X509 *originator, unsigned int flags); CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, @@ -76,7 +76,7 @@ =head1 COPYRIGHT -Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/CMS_get0_RecipientInfos.pod openssl-3.0.1/doc/man3/CMS_get0_RecipientInfos.pod --- openssl-3.0.0/doc/man3/CMS_get0_RecipientInfos.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/CMS_get0_RecipientInfos.pod 2021-12-14 17:16:25.000000000 +0100 @@ -140,12 +140,12 @@ =head1 HISTORY -B and B +B and B were added in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/CMS_verify.pod openssl-3.0.1/doc/man3/CMS_verify.pod --- openssl-3.0.0/doc/man3/CMS_verify.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/CMS_verify.pod 2021-12-14 17:16:25.000000000 +0100 @@ -71,7 +71,7 @@ If B is set the signed attributes signature is not verified, unless CMS_CADES flag is also set. -If B is set, each signer certificate is checked against the +If B is set, each signer certificate is checked against the ESS signingCertificate or ESS signingCertificateV2 extension that is required in the signed attributes of the signature. diff -Nru openssl-3.0.0/doc/man3/CONF_modules_free.pod openssl-3.0.1/doc/man3/CONF_modules_free.pod --- openssl-3.0.0/doc/man3/CONF_modules_free.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/CONF_modules_free.pod 2021-12-14 17:16:25.000000000 +0100 @@ -12,9 +12,9 @@ void CONF_modules_finish(void); void CONF_modules_unload(int all); -Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 1.1.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void CONF_modules_free(void); @@ -48,7 +48,7 @@ =head1 COPYRIGHT -Copyright 2004-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/CRYPTO_get_ex_new_index.pod openssl-3.0.1/doc/man3/CRYPTO_get_ex_new_index.pod --- openssl-3.0.0/doc/man3/CRYPTO_get_ex_new_index.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/CRYPTO_get_ex_new_index.pod 2021-12-14 17:16:25.000000000 +0100 @@ -32,7 +32,7 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg); - void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx); + void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *r, int idx); void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *r); @@ -152,7 +152,7 @@ CRYPTO_get_ex_new_index() returns a new index or -1 on failure. CRYPTO_free_ex_index(), CRYPTO_alloc_ex_data() and CRYPTO_set_ex_data() -return 1 on success or 0 on failure. +return 1 on success or 0 on failure. CRYPTO_get_ex_data() returns the application data or NULL on failure; note that NULL may be a valid value. diff -Nru openssl-3.0.0/doc/man3/d2i_RSAPrivateKey.pod openssl-3.0.1/doc/man3/d2i_RSAPrivateKey.pod --- openssl-3.0.0/doc/man3/d2i_RSAPrivateKey.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/d2i_RSAPrivateKey.pod 2021-12-14 17:16:25.000000000 +0100 @@ -70,9 +70,9 @@ =for openssl generic -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: TYPE *d2i_TYPEPrivateKey(TYPE **a, const unsigned char **ppin, long length); TYPE *d2i_TYPEPrivateKey_bio(BIO *bp, TYPE **a); @@ -172,13 +172,13 @@ =item * Replace -bPrivateKey()> with L, -bPublicKey()> with L, -bparams()> with L, -b_PUBKEY()> with L, -bPrivateKey()> with L, -bPublicKey()> with L, -bparams()> with L, +bPrivateKey()> with L, +bPublicKey()> with L, +bparams()> with L, +b_PUBKEY()> with L, +bPrivateKey()> with L, +bPublicKey()> with L, +bparams()> with L, b_PUBKEY()> with L. A caveat is that L may output a DER encoded PKCS#8 outermost structure instead of the type specific structure, and that diff -Nru openssl-3.0.0/doc/man3/d2i_X509.pod openssl-3.0.1/doc/man3/d2i_X509.pod --- openssl-3.0.0/doc/man3/d2i_X509.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/d2i_X509.pod 2021-12-14 17:16:25.000000000 +0100 @@ -154,6 +154,8 @@ d2i_TS_TST_INFO_fp, d2i_USERNOTICE, d2i_X509, +d2i_X509_bio, +d2i_X509_fp, d2i_X509_ALGOR, d2i_X509_ALGORS, d2i_X509_ATTRIBUTE, @@ -325,6 +327,8 @@ i2d_TS_TST_INFO_fp, i2d_USERNOTICE, i2d_X509, +i2d_X509_bio, +i2d_X509_fp, i2d_X509_ALGOR, i2d_X509_ALGORS, i2d_X509_ATTRIBUTE, diff -Nru openssl-3.0.0/doc/man3/DEFINE_STACK_OF.pod openssl-3.0.1/doc/man3/DEFINE_STACK_OF.pod --- openssl-3.0.0/doc/man3/DEFINE_STACK_OF.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DEFINE_STACK_OF.pod 2021-12-14 17:16:25.000000000 +0100 @@ -178,7 +178,10 @@ B_find>() returns the index of a matching element or B<-1> if there is no match. Note that, in this case the comparison function will usually compare the values pointed to rather than the pointers themselves and -the order of elements in I can change. +the order of elements in I can change. Note that because the stack may be +sorted as the result of a B_find>() call, if a lock is being used to +synchronise access to the stack across multiple threads, then that lock must be +a "write" lock. B_find_ex>() operates like B_find>() except when a comparison function has been specified and no matching element is found. diff -Nru openssl-3.0.0/doc/man3/DES_random_key.pod openssl-3.0.1/doc/man3/DES_random_key.pod --- openssl-3.0.0/doc/man3/DES_random_key.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DES_random_key.pod 2021-12-14 17:16:25.000000000 +0100 @@ -16,9 +16,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void DES_random_key(DES_cblock *ret); @@ -320,7 +320,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/DH_generate_key.pod openssl-3.0.1/doc/man3/DH_generate_key.pod --- openssl-3.0.0/doc/man3/DH_generate_key.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DH_generate_key.pod 2021-12-14 17:16:25.000000000 +0100 @@ -9,9 +9,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int DH_generate_key(DH *dh); diff -Nru openssl-3.0.0/doc/man3/DH_generate_parameters.pod openssl-3.0.1/doc/man3/DH_generate_parameters.pod --- openssl-3.0.0/doc/man3/DH_generate_parameters.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DH_generate_parameters.pod 2021-12-14 17:16:25.000000000 +0100 @@ -12,9 +12,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb); @@ -25,9 +25,9 @@ int DH_check_params_ex(const DH *dh); int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key); -Deprecated since OpenSSL 0.9.8, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 0.9.8, and can be +hidden entirely by defining B with a suitable version value, +see L: DH *DH_generate_parameters(int prime_len, int generator, void (*callback)(int, int, void *), void *cb_arg); @@ -160,7 +160,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/DH_get0_pqg.pod openssl-3.0.1/doc/man3/DH_get0_pqg.pod --- openssl-3.0.0/doc/man3/DH_get0_pqg.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DH_get0_pqg.pod 2021-12-14 17:16:25.000000000 +0100 @@ -12,9 +12,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g); diff -Nru openssl-3.0.0/doc/man3/DH_get_1024_160.pod openssl-3.0.1/doc/man3/DH_get_1024_160.pod --- openssl-3.0.0/doc/man3/DH_get_1024_160.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DH_get_1024_160.pod 2021-12-14 17:16:25.000000000 +0100 @@ -39,9 +39,9 @@ BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn); BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: #include diff -Nru openssl-3.0.0/doc/man3/DH_meth_new.pod openssl-3.0.1/doc/man3/DH_meth_new.pod --- openssl-3.0.0/doc/man3/DH_meth_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DH_meth_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -14,9 +14,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: DH_METHOD *DH_meth_new(const char *name, int flags); @@ -166,7 +166,7 @@ =head1 COPYRIGHT -Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/DH_new_by_nid.pod openssl-3.0.1/doc/man3/DH_new_by_nid.pod --- openssl-3.0.0/doc/man3/DH_new_by_nid.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DH_new_by_nid.pod 2021-12-14 17:16:25.000000000 +0100 @@ -9,9 +9,9 @@ #include DH *DH_new_by_nid(int nid); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int DH_get_nid(const DH *dh); @@ -41,7 +41,7 @@ =head1 COPYRIGHT -Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/DH_set_method.pod openssl-3.0.1/doc/man3/DH_set_method.pod --- openssl-3.0.0/doc/man3/DH_set_method.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DH_set_method.pod 2021-12-14 17:16:25.000000000 +0100 @@ -9,9 +9,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void DH_set_default_method(const DH_METHOD *meth); @@ -89,7 +89,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/DH_size.pod openssl-3.0.1/doc/man3/DH_size.pod --- openssl-3.0.0/doc/man3/DH_size.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DH_size.pod 2021-12-14 17:16:25.000000000 +0100 @@ -9,9 +9,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int DH_bits(const DH *dh); diff -Nru openssl-3.0.0/doc/man3/DSA_do_sign.pod openssl-3.0.1/doc/man3/DSA_do_sign.pod --- openssl-3.0.0/doc/man3/DSA_do_sign.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DSA_do_sign.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); diff -Nru openssl-3.0.0/doc/man3/DSA_dup_DH.pod openssl-3.0.1/doc/man3/DSA_dup_DH.pod --- openssl-3.0.0/doc/man3/DSA_dup_DH.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DSA_dup_DH.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: DH *DSA_dup_DH(const DSA *r); @@ -43,7 +43,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/DSA_generate_key.pod openssl-3.0.1/doc/man3/DSA_generate_key.pod --- openssl-3.0.0/doc/man3/DSA_generate_key.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DSA_generate_key.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int DSA_generate_key(DSA *a); diff -Nru openssl-3.0.0/doc/man3/DSA_generate_parameters.pod openssl-3.0.1/doc/man3/DSA_generate_parameters.pod --- openssl-3.0.0/doc/man3/DSA_generate_parameters.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DSA_generate_parameters.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,18 +8,18 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int DSA_generate_parameters_ex(DSA *dsa, int bits, const unsigned char *seed, int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); -Deprecated since OpenSSL 0.9.8, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 0.9.8, and can be +hidden entirely by defining B with a suitable version value, +see L: DSA *DSA_generate_parameters(int bits, unsigned char *seed, int seed_len, int *counter_ret, unsigned long *h_ret, diff -Nru openssl-3.0.0/doc/man3/DSA_get0_pqg.pod openssl-3.0.1/doc/man3/DSA_get0_pqg.pod --- openssl-3.0.0/doc/man3/DSA_get0_pqg.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DSA_get0_pqg.pod 2021-12-14 17:16:25.000000000 +0100 @@ -13,9 +13,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g); @@ -113,7 +113,7 @@ =head1 COPYRIGHT -Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/DSA_meth_new.pod openssl-3.0.1/doc/man3/DSA_meth_new.pod --- openssl-3.0.0/doc/man3/DSA_meth_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DSA_meth_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -16,9 +16,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: DSA_METHOD *DSA_meth_new(const char *name, int flags); @@ -214,7 +214,7 @@ =head1 COPYRIGHT -Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/DSA_new.pod openssl-3.0.1/doc/man3/DSA_new.pod --- openssl-3.0.0/doc/man3/DSA_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DSA_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: DSA* DSA_new(void); @@ -50,7 +50,7 @@ =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/DSA_set_method.pod openssl-3.0.1/doc/man3/DSA_set_method.pod --- openssl-3.0.0/doc/man3/DSA_set_method.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DSA_set_method.pod 2021-12-14 17:16:25.000000000 +0100 @@ -9,9 +9,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void DSA_set_default_method(const DSA_METHOD *meth); @@ -21,7 +21,7 @@ DSA *DSA_new_method(ENGINE *engine); - DSA_METHOD *DSA_OpenSSL(void); + const DSA_METHOD *DSA_OpenSSL(void); =head1 DESCRIPTION diff -Nru openssl-3.0.0/doc/man3/DSA_sign.pod openssl-3.0.1/doc/man3/DSA_sign.pod --- openssl-3.0.0/doc/man3/DSA_sign.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DSA_sign.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int DSA_sign(int type, const unsigned char *dgst, int len, unsigned char *sigret, unsigned int *siglen, DSA *dsa); diff -Nru openssl-3.0.0/doc/man3/DSA_size.pod openssl-3.0.1/doc/man3/DSA_size.pod --- openssl-3.0.0/doc/man3/DSA_size.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/DSA_size.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int DSA_bits(const DSA *dsa); diff -Nru openssl-3.0.0/doc/man3/ECDSA_SIG_new.pod openssl-3.0.1/doc/man3/ECDSA_SIG_new.pod --- openssl-3.0.0/doc/man3/ECDSA_SIG_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/ECDSA_SIG_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -19,9 +19,9 @@ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig); int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int ECDSA_size(const EC_KEY *eckey); diff -Nru openssl-3.0.0/doc/man3/EC_GFp_simple_method.pod openssl-3.0.1/doc/man3/EC_GFp_simple_method.pod --- openssl-3.0.0/doc/man3/EC_GFp_simple_method.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EC_GFp_simple_method.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,7 +8,9 @@ #include -Deprecated since OpenSSL 3.0: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: const EC_METHOD *EC_GFp_simple_method(void); const EC_METHOD *EC_GFp_mont_method(void); @@ -71,7 +73,7 @@ =head1 COPYRIGHT -Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/EC_GROUP_copy.pod openssl-3.0.1/doc/man3/EC_GROUP_copy.pod --- openssl-3.0.0/doc/man3/EC_GROUP_copy.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EC_GROUP_copy.pod 2021-12-14 17:16:25.000000000 +0100 @@ -64,7 +64,9 @@ int EC_GROUP_get_field_type(const EC_GROUP *group); -Deprecated since OpenSSL 3.0: +The following function has been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group); diff -Nru openssl-3.0.0/doc/man3/EC_GROUP_new.pod openssl-3.0.1/doc/man3/EC_GROUP_new.pod --- openssl-3.0.0/doc/man3/EC_GROUP_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EC_GROUP_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -55,9 +55,9 @@ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems); const char *OSSL_EC_curve_nid2name(int nid); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: EC_GROUP *EC_GROUP_new(const EC_METHOD *meth); void EC_GROUP_clear_free(EC_GROUP *group); diff -Nru openssl-3.0.0/doc/man3/EC_KEY_new.pod openssl-3.0.1/doc/man3/EC_KEY_new.pod --- openssl-3.0.0/doc/man3/EC_KEY_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EC_KEY_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -23,9 +23,9 @@ EVP_PKEY *EVP_EC_gen(const char *curve); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: EC_KEY *EC_KEY_new_ex(OSSL_LIB_CTX *ctx, const char *propq); EC_KEY *EC_KEY_new(void); diff -Nru openssl-3.0.0/doc/man3/ECPKParameters_print.pod openssl-3.0.1/doc/man3/ECPKParameters_print.pod --- openssl-3.0.0/doc/man3/ECPKParameters_print.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/ECPKParameters_print.pod 2021-12-14 17:16:25.000000000 +0100 @@ -9,9 +9,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off); int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off); diff -Nru openssl-3.0.0/doc/man3/EC_POINT_add.pod openssl-3.0.1/doc/man3/EC_POINT_add.pod --- openssl-3.0.0/doc/man3/EC_POINT_add.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EC_POINT_add.pod 2021-12-14 17:16:25.000000000 +0100 @@ -18,7 +18,9 @@ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx); -Deprecated since OpenSSL 3.0: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx); int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, @@ -88,7 +90,7 @@ =head1 COPYRIGHT -Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/EC_POINT_new.pod openssl-3.0.1/doc/man3/EC_POINT_new.pod --- openssl-3.0.0/doc/man3/EC_POINT_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EC_POINT_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -60,7 +60,9 @@ EC_POINT *EC_POINT_hex2point(const EC_GROUP *group, const char *hex, EC_POINT *p, BN_CTX *ctx); -Deprecated since OpenSSL 3.0: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: const EC_METHOD *EC_POINT_method_of(const EC_POINT *point); int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, @@ -267,7 +269,7 @@ =head1 COPYRIGHT -Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/ENGINE_add.pod openssl-3.0.1/doc/man3/ENGINE_add.pod --- openssl-3.0.0/doc/man3/ENGINE_add.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/ENGINE_add.pod 2021-12-14 17:16:25.000000000 +0100 @@ -46,9 +46,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: ENGINE *ENGINE_get_first(void); ENGINE *ENGINE_get_last(void); @@ -158,9 +158,9 @@ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method, void *callback_data); -Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following function has been deprecated since OpenSSL 1.1.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void ENGINE_cleanup(void); @@ -604,8 +604,7 @@ All ENGINE_register_TYPE() functions return 1 on success or 0 on error. -ENGINE_register_complete() and ENGINE_register_all_complete() return 1 on success -or 0 on error. +ENGINE_register_complete() and ENGINE_register_all_complete() always return 1. ENGINE_ctrl() returns a positive value on success or others on error. @@ -616,7 +615,7 @@ ENGINE_new() returns a valid B structure on success or NULL if an error occurred. -ENGINE_free() returns 1 on success or 0 on error. +ENGINE_free() always returns 1. ENGINE_up_ref() returns 1 on success or 0 on error. diff -Nru openssl-3.0.0/doc/man3/ERR_get_error.pod openssl-3.0.1/doc/man3/ERR_get_error.pod --- openssl-3.0.0/doc/man3/ERR_get_error.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/ERR_get_error.pod 2021-12-14 17:16:25.000000000 +0100 @@ -37,7 +37,9 @@ const char *func, const char **data, int *flags); -Deprecated since OpenSSL 3.0: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: unsigned long ERR_get_error_line(const char **file, int *line); unsigned long ERR_get_error_line_data(const char **file, int *line, @@ -78,14 +80,14 @@ ERR_peek_error_line() and ERR_peek_last_error_line() are the same as ERR_peek_error() and ERR_peek_last_error(), but on success they additionally store the filename and line number where the error occurred in *I and -*I, as far as they are not NULL. +*I, as far as they are not NULL. An unset filename is indicated as "", i.e., an empty string. An unset line number is indicated as 0. ERR_peek_error_func() and ERR_peek_last_error_func() are the same as ERR_peek_error() and ERR_peek_last_error(), but on success they additionally store the name of the function where the error occurred in *I, unless -it is NULL. +it is NULL. An unset function name is indicated as "". ERR_peek_error_data() and ERR_peek_last_error_data() are the same as @@ -130,7 +132,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/ERR_load_crypto_strings.pod openssl-3.0.1/doc/man3/ERR_load_crypto_strings.pod --- openssl-3.0.0/doc/man3/ERR_load_crypto_strings.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/ERR_load_crypto_strings.pod 2021-12-14 17:16:25.000000000 +0100 @@ -7,9 +7,9 @@ =head1 SYNOPSIS -Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 1.1.0, and can be +hidden entirely by defining B with a suitable version value, +see L: #include @@ -46,7 +46,7 @@ =head1 COPYRIGHT -Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/ERR_load_strings.pod openssl-3.0.1/doc/man3/ERR_load_strings.pod --- openssl-3.0.0/doc/man3/ERR_load_strings.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/ERR_load_strings.pod 2021-12-14 17:16:25.000000000 +0100 @@ -9,7 +9,7 @@ #include - void ERR_load_strings(int lib, ERR_STRING_DATA str[]); + int ERR_load_strings(int lib, ERR_STRING_DATA *str); int ERR_get_next_error_library(void); @@ -38,7 +38,7 @@ =head1 RETURN VALUES -ERR_load_strings() returns no value. ERR_PACK() return the error code. +ERR_load_strings() returns 1 for success and 0 for failure. ERR_PACK() returns the error code. ERR_get_next_error_library() returns zero on failure, otherwise a new library number. @@ -48,7 +48,7 @@ =head1 COPYRIGHT -Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/ERR_put_error.pod openssl-3.0.1/doc/man3/ERR_put_error.pod --- openssl-3.0.0/doc/man3/ERR_put_error.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/ERR_put_error.pod 2021-12-14 17:16:25.000000000 +0100 @@ -21,7 +21,9 @@ void ERR_add_error_txt(const char *sep, const char *txt); void ERR_add_error_mem_bio(const char *sep, BIO *bio); -Deprecated since OpenSSL 3.0: +The following function has been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void ERR_put_error(int lib, int func, int reason, const char *file, int line); @@ -35,7 +37,7 @@ ERR_raise_data() does the same thing as ERR_raise(), but also lets the caller specify additional information as a format string B and an -arbitrary number of values, which are processed with L. +arbitrary number of values, which are processed with L. ERR_put_error() adds an error code to the thread's error queue. It signals that the error of reason code B occurred in function @@ -177,7 +179,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/ERR_remove_state.pod openssl-3.0.1/doc/man3/ERR_remove_state.pod --- openssl-3.0.0/doc/man3/ERR_remove_state.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/ERR_remove_state.pod 2021-12-14 17:16:25.000000000 +0100 @@ -6,15 +6,15 @@ =head1 SYNOPSIS -Deprecated since OpenSSL 1.0.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following function has been deprecated since OpenSSL 1.0.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void ERR_remove_state(unsigned long tid); -Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following function has been deprecated since OpenSSL 1.1.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void ERR_remove_thread_state(void *tid); @@ -41,7 +41,7 @@ =head1 COPYRIGHT -Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/EVP_CIPHER_CTX_get_original_iv.pod openssl-3.0.1/doc/man3/EVP_CIPHER_CTX_get_original_iv.pod --- openssl-3.0.0/doc/man3/EVP_CIPHER_CTX_get_original_iv.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EVP_CIPHER_CTX_get_original_iv.pod 2021-12-14 17:16:25.000000000 +0100 @@ -13,9 +13,9 @@ int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len); int EVP_CIPHER_CTX_get_updated_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx); const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx); diff -Nru openssl-3.0.0/doc/man3/EVP_CIPHER_meth_new.pod openssl-3.0.1/doc/man3/EVP_CIPHER_meth_new.pod --- openssl-3.0.0/doc/man3/EVP_CIPHER_meth_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EVP_CIPHER_meth_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -17,9 +17,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len); EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher); @@ -249,7 +249,7 @@ =head1 COPYRIGHT -Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/EVP_DigestInit.pod openssl-3.0.1/doc/man3/EVP_DigestInit.pod --- openssl-3.0.0/doc/man3/EVP_DigestInit.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EVP_DigestInit.pod 2021-12-14 17:16:25.000000000 +0100 @@ -117,9 +117,9 @@ #define EVP_MD_CTX_pkey_ctx EVP_MD_CTX_get_pkey_ctx #define EVP_MD_CTX_md_data EVP_MD_CTX_get0_md_data -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx); @@ -420,6 +420,24 @@ Returns an B structure when passed a digest name, a digest B or an B structure respectively. +The EVP_get_digestbyname() function is present for backwards compatibility with +OpenSSL prior to version 3 and is different to the EVP_MD_fetch() function +since it does not attempt to "fetch" an implementation of the cipher. +Additionally, it only knows about digests that are built-in to OpenSSL and have +an associated NID. Similarly EVP_get_digestbynid() and EVP_get_digestbyobj() +also return objects without an associated implementation. + +When the digest objects returned by these functions are used (such as in a call +to EVP_DigestInit_ex()) an implementation of the digest will be implicitly +fetched from the loaded providers. This fetch could fail if no suitable +implementation is available. Use EVP_MD_fetch() instead to explicitly fetch +the algorithm and an associated implementation from a provider. + +See L for more information about fetching. + +The digest objects returned from these functions do not need to be freed with +EVP_MD_free(). + =item EVP_MD_CTX_get_pkey_ctx() Returns the B assigned to I. The returned pointer should not diff -Nru openssl-3.0.0/doc/man3/EVP_DigestSignInit.pod openssl-3.0.1/doc/man3/EVP_DigestSignInit.pod --- openssl-3.0.0/doc/man3/EVP_DigestSignInit.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EVP_DigestSignInit.pod 2021-12-14 17:16:25.000000000 +0100 @@ -130,7 +130,11 @@ EVP_DigestSign() signs I bytes of data at I and places the signature in I and its length in I in a similar way to -EVP_DigestSignFinal(). +EVP_DigestSignFinal(). In the event of a failure EVP_DigestSign() cannot be +called again without reinitialising the EVP_MD_CTX. If I is NULL before the +call then I will be populated with the required size for the I +buffer. If I is non-NULL before the call then I should contain the +length of the I buffer. =head1 RETURN VALUES @@ -163,9 +167,10 @@ context. This means that calls to EVP_DigestSignUpdate() and EVP_DigestSignFinal() can be called later to digest and sign additional data. -Since only a copy of the digest context is ever finalized, the context must -be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak -will occur. +EVP_DigestSignInit() and EVP_DigestSignInit_ex() functions can be called +multiple times on a context and the parameters set by previous calls should be +preserved if the I parameter is NULL. The call then just resets the state +of the I. The use of EVP_PKEY_get_size() with these functions is discouraged because some signature operations may have a signature length which depends on the diff -Nru openssl-3.0.0/doc/man3/EVP_DigestVerifyInit.pod openssl-3.0.1/doc/man3/EVP_DigestVerifyInit.pod --- openssl-3.0.0/doc/man3/EVP_DigestVerifyInit.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EVP_DigestVerifyInit.pod 2021-12-14 17:16:25.000000000 +0100 @@ -57,7 +57,7 @@ EVP_DigestVerifyInit_ex then it will use the B specified in I and the property query string specified in I. -No B will be created by EVP_DigestSignInit_ex() if the +No B will be created by EVP_DigestVerifyInit_ex() if the passed B has already been assigned one via L. See also L. @@ -156,9 +156,10 @@ context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional data. -Since only a copy of the digest context is ever finalized, the context must -be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak -will occur. +EVP_DigestVerifyInit() and EVP_DigestVerifyInit_ex() functions can be called +multiple times on a context and the parameters set by previous calls should be +preserved if the I parameter is NULL. The call then just resets the state +of the I. =head1 SEE ALSO diff -Nru openssl-3.0.0/doc/man3/EVP_EncryptInit.pod openssl-3.0.1/doc/man3/EVP_EncryptInit.pod --- openssl-3.0.0/doc/man3/EVP_EncryptInit.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EVP_EncryptInit.pod 2021-12-14 17:16:25.000000000 +0100 @@ -229,15 +229,15 @@ #define EVP_CIPHER_CTX_type EVP_CIPHER_CTX_get_type #define EVP_CIPHER_CTX_mode EVP_CIPHER_CTX_get_mode -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following function has been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx); -Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following function has been deprecated since OpenSSL 1.1.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx); @@ -444,13 +444,30 @@ =item EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() -Return an EVP_CIPHER structure when passed a cipher name, a NID or an -ASN1_OBJECT structure. +Returns an B structure when passed a cipher name, a cipher B or +an B structure respectively. EVP_get_cipherbyname() will return NULL for algorithms such as "AES-128-SIV", "AES-128-CBC-CTS" and "CAMELLIA-128-CBC-CTS" which were previously only -accessible via low level interfaces. Use EVP_CIPHER_fetch() instead to retrieve -these algorithms from a provider. +accessible via low level interfaces. + +The EVP_get_cipherbyname() function is present for backwards compatibility with +OpenSSL prior to version 3 and is different to the EVP_CIPHER_fetch() function +since it does not attempt to "fetch" an implementation of the cipher. +Additionally, it only knows about ciphers that are built-in to OpenSSL and have +an associated NID. Similarly EVP_get_cipherbynid() and EVP_get_cipherbyobj() +also return objects without an associated implementation. + +When the cipher objects returned by these functions are used (such as in a call +to EVP_EncryptInit_ex()) an implementation of the cipher will be implicitly +fetched from the loaded providers. This fetch could fail if no suitable +implementation is available. Use EVP_CIPHER_fetch() instead to explicitly fetch +the algorithm and an associated implementation from a provider. + +See L for more information about fetching. + +The cipher objects returned from these functions do not need to be freed with +EVP_CIPHER_free(). =item EVP_CIPHER_get_nid() and EVP_CIPHER_CTX_get_nid() @@ -1283,18 +1300,20 @@ =item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag) -Sets the expected tag to C bytes from C. -The tag length can only be set before specifying an IV. +When decrypting, this call sets the expected tag to C bytes from C. C must be between 1 and 16 inclusive. +The tag must be set prior to any call to EVP_DecryptFinal() or +EVP_DecryptFinal_ex(). For GCM, this call is only valid when decrypting data. For OCB, this call is valid when decrypting data to set the expected tag, -and before encryption to set the desired tag length. +and when encrypting to set the desired tag length. -In OCB mode, calling this before encryption with C set to C sets the -tag length. If this is not called prior to encryption, a default tag length is -used. +In OCB mode, calling this when encrypting with C set to C sets the +tag length. The tag length can only be set before specifying an IV. If this is +not called prior to setting the IV during encryption, then a default tag length +is used. For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the maximum tag length for OCB. @@ -1330,7 +1349,7 @@ =item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL) -Sets the CCM nonce (IV) length. This call can only be made before specifying a +Sets the CCM nonce (IV) length. This call can only be made before specifying a nonce value. The nonce length is given by B<15 - L> so it is 7 by default for AES. diff -Nru openssl-3.0.0/doc/man3/EVP_MD_meth_new.pod openssl-3.0.1/doc/man3/EVP_MD_meth_new.pod --- openssl-3.0.0/doc/man3/EVP_MD_meth_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EVP_MD_meth_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -18,9 +18,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type); void EVP_MD_meth_free(EVP_MD *md); diff -Nru openssl-3.0.0/doc/man3/EVP_PKEY_copy_parameters.pod openssl-3.0.1/doc/man3/EVP_PKEY_copy_parameters.pod --- openssl-3.0.0/doc/man3/EVP_PKEY_copy_parameters.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EVP_PKEY_copy_parameters.pod 2021-12-14 17:16:25.000000000 +0100 @@ -16,9 +16,9 @@ int EVP_PKEY_parameters_eq(const EVP_PKEY *a, const EVP_PKEY *b); int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b); int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b); @@ -37,8 +37,8 @@ The function EVP_PKEY_parameters_eq() checks the parameters of keys B and B for equality. -The function EVP_PKEY_eq() checks the public key components and parameters -(if present) of keys B and B for equality. +The function EVP_PKEY_eq() checks the keys B and B for equality, +including their parameters if they are available. =head1 NOTES @@ -47,14 +47,40 @@ parameters are sometimes omitted from a public key if they are inherited from the CA that signed it. -Since OpenSSL private keys contain public key components too the function -EVP_PKEY_eq() can also be used to determine if a private key matches -a public key. - The deprecated functions EVP_PKEY_cmp() and EVP_PKEY_cmp_parameters() differ in -their return values compared to other _cmp() functions. They are aliases for +their return values compared to other _cmp() functions. They are aliases for EVP_PKEY_eq() and EVP_PKEY_parameters_eq(). +The function EVP_PKEY_cmp() previously only checked the key parameters +(if there are any) and the public key, assuming that there always was +a public key and that private key equality could be derived from that. +Because it's no longer assumed that the private key in an L is +always accompanied by a public key, the comparison can not rely on public +key comparison alone. + +Instead, EVP_PKEY_eq() (and therefore also EVP_PKEY_cmp()) now compares: + +=over 4 + +=item 1. + +the key parameters (if there are any) + +=item 2. + +the public keys or the private keys of the two Bs, depending on +what they both contain. + +=back + +=begin comment + +Exactly what is compared is ultimately at the discretion of the provider +that holds the key, as they will compare what makes sense to them that fits +the selector bits they are passed. + +=end comment + =head1 RETURN VALUES The function EVP_PKEY_missing_parameters() returns 1 if the public key @@ -64,7 +90,7 @@ These functions EVP_PKEY_copy_parameters() returns 1 for success and 0 for failure. -The functions EVP_PKEY_cmp_parameters(), EVP_PKEY_parameters_eq(), +The functions EVP_PKEY_cmp_parameters(), EVP_PKEY_parameters_eq(), EVP_PKEY_cmp() and EVP_PKEY_eq() return 1 if their inputs match, 0 if they don't match, -1 if the key types are different and -2 if the operation is not supported. diff -Nru openssl-3.0.0/doc/man3/EVP_PKEY_CTX_ctrl.pod openssl-3.0.1/doc/man3/EVP_PKEY_CTX_ctrl.pod --- openssl-3.0.0/doc/man3/EVP_PKEY_CTX_ctrl.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/EVP_PKEY_CTX_ctrl.pod 2021-12-14 17:16:25.000000000 +0100 @@ -116,7 +116,7 @@ int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md); int EVP_PKEY_CTX_get_rsa_oaep_md_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen); - int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, + int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, void *label, int len); int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label); @@ -176,9 +176,9 @@ int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id); int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: #include @@ -356,8 +356,8 @@ returned. The EVP_MD object may be NULL if the digest is not one of these (such as a digest only implemented in a third party provider). -EVP_PKEY_CTX_set0_rsa_oaep_label() sets the RSA OAEP label to -I into a textual representation. -The representation is written as a null terminated string to I +Unless I is NULL, +the representation is written as a NUL-terminated string to I, where at most I bytes are written, truncating the result if necessary. -The total amount of space required is returned. If I is 0 then -if the object has a long or short name then that will be used, otherwise -the numerical form will be used. If I is 1 then the numerical -form will always be used. +In any case it returns the total string length, excluding the NUL character, +required for non-truncated representation, or -1 on error. +If I is 0 then if the object has a long or short name +then that will be used, otherwise the numerical form will be used. +If I is 1 then the numerical form will always be used. i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the I set to zero. @@ -152,6 +154,11 @@ OBJ_add_sigid() returns 1 on success or 0 on error. +i2t_ASN1_OBJECT() an OBJ_obj2txt() return -1 on error. +On success, they return the length of the string written to I if I is +not NULL and I is big enough, otherwise the total string length. +Note that this does not count the trailing NUL character. + =head1 EXAMPLES Create an object for B: @@ -174,13 +181,6 @@ =head1 BUGS -OBJ_obj2txt() is awkward and messy to use: it doesn't follow the -convention of other OpenSSL functions where the buffer can be set -to B to determine the amount of data that should be written. -Instead I must point to a valid buffer and I should -be set to a positive value. A buffer length of 80 should be more -than enough to handle any OID encountered in practice. - Neither OBJ_create() nor OBJ_add_sigid() do any locking and are thus not thread safe. Moreover, none of the other functions should be called while concurrent calls to these two functions are possible. diff -Nru openssl-3.0.0/doc/man3/OCSP_sendreq_new.pod openssl-3.0.1/doc/man3/OCSP_sendreq_new.pod --- openssl-3.0.0/doc/man3/OCSP_sendreq_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OCSP_sendreq_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -21,9 +21,9 @@ const OCSP_REQUEST *req, int buf_size); OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: typedef OSSL_HTTP_REQ_CTX OCSP_REQ_CTX; int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx); diff -Nru openssl-3.0.0/doc/man3/OpenSSL_add_all_algorithms.pod openssl-3.0.1/doc/man3/OpenSSL_add_all_algorithms.pod --- openssl-3.0.0/doc/man3/OpenSSL_add_all_algorithms.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OpenSSL_add_all_algorithms.pod 2021-12-14 17:16:25.000000000 +0100 @@ -9,9 +9,9 @@ #include -Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 1.1.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void OpenSSL_add_all_algorithms(void); void OpenSSL_add_all_ciphers(void); @@ -53,7 +53,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/OPENSSL_config.pod openssl-3.0.1/doc/man3/OPENSSL_config.pod --- openssl-3.0.0/doc/man3/OPENSSL_config.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OPENSSL_config.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 1.1.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void OPENSSL_config(const char *appname); void OPENSSL_no_config(void); @@ -77,7 +77,7 @@ =head1 COPYRIGHT -Copyright 2004-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/OPENSSL_fork_prepare.pod openssl-3.0.1/doc/man3/OPENSSL_fork_prepare.pod --- openssl-3.0.0/doc/man3/OPENSSL_fork_prepare.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OPENSSL_fork_prepare.pod 2021-12-14 17:16:25.000000000 +0100 @@ -11,9 +11,9 @@ #include -Deprecated since OpenSSL 3.0.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void OPENSSL_fork_prepare(void); void OPENSSL_fork_parent(void); @@ -60,7 +60,7 @@ =head1 COPYRIGHT -Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/OPENSSL_instrument_bus.pod openssl-3.0.1/doc/man3/OPENSSL_instrument_bus.pod --- openssl-3.0.0/doc/man3/OPENSSL_instrument_bus.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OPENSSL_instrument_bus.pod 2021-12-14 17:16:25.000000000 +0100 @@ -7,8 +7,8 @@ =head1 SYNOPSIS #ifdef OPENSSL_CPUID_OBJ - size_t OPENSSL_instrument_bus(int *vector, size_t num); - size_t OPENSSL_instrument_bus2(int *vector, size_t num, size_t max); + size_t OPENSSL_instrument_bus(unsigned int *vector, size_t num); + size_t OPENSSL_instrument_bus2(unsigned int *vector, size_t num, size_t max); #endif =head1 DESCRIPTION @@ -43,7 +43,7 @@ =head1 COPYRIGHT -Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/OPENSSL_malloc.pod openssl-3.0.1/doc/man3/OPENSSL_malloc.pod --- openssl-3.0.0/doc/man3/OPENSSL_malloc.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OPENSSL_malloc.pod 2021-12-14 17:16:25.000000000 +0100 @@ -66,9 +66,9 @@ env OPENSSL_MALLOC_FAILURES=... env OPENSSL_MALLOC_FD=... -Deprecated since OpenSSL 3.0.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int CRYPTO_mem_leaks(BIO *b); int CRYPTO_mem_leaks_fp(FILE *fp); diff -Nru openssl-3.0.0/doc/man3/OSSL_CMP_MSG_get0_header.pod openssl-3.0.1/doc/man3/OSSL_CMP_MSG_get0_header.pod --- openssl-3.0.0/doc/man3/OSSL_CMP_MSG_get0_header.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OSSL_CMP_MSG_get0_header.pod 2021-12-14 17:16:25.000000000 +0100 @@ -20,7 +20,7 @@ int OSSL_CMP_MSG_get_bodytype(const OSSL_CMP_MSG *msg); int OSSL_CMP_MSG_update_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg); OSSL_CRMF_MSG *OSSL_CMP_CTX_setup_CRM(OSSL_CMP_CTX *ctx, int for_KUR, int rid); - OSSL_CMP_MSG *OSSL_CMP_MSG_read(const char *file); + OSSL_CMP_MSG *OSSL_CMP_MSG_read(const char *file, OSSL_LIB_CTX *libctx, const char *propq); int OSSL_CMP_MSG_write(const char *file, const OSSL_CMP_MSG *msg); OSSL_CMP_MSG *d2i_OSSL_CMP_MSG_bio(BIO *bio, OSSL_CMP_MSG **msg); int i2d_OSSL_CMP_MSG_bio(BIO *bio, const OSSL_CMP_MSG *msg); diff -Nru openssl-3.0.0/doc/man3/OSSL_CMP_SRV_CTX_new.pod openssl-3.0.1/doc/man3/OSSL_CMP_SRV_CTX_new.pod --- openssl-3.0.0/doc/man3/OSSL_CMP_SRV_CTX_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OSSL_CMP_SRV_CTX_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -100,7 +100,7 @@ The B must be set as I of I. OSSL_CMP_SRV_CTX_new() creates and initializes an B structure -associated with the library context I and property query string +associated with the library context I and property query string I, both of which may be NULL to select the defaults. OSSL_CMP_SRV_CTX_free() deletes the given I. diff -Nru openssl-3.0.0/doc/man3/OSSL_DECODER_CTX.pod openssl-3.0.1/doc/man3/OSSL_DECODER_CTX.pod --- openssl-3.0.0/doc/man3/OSSL_DECODER_CTX.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OSSL_DECODER_CTX.pod 2021-12-14 17:16:25.000000000 +0100 @@ -47,7 +47,9 @@ int OSSL_DECODER_CTX_set_input_structure(OSSL_DECODER_CTX *ctx, const char *input_structure); int OSSL_DECODER_CTX_add_decoder(OSSL_DECODER_CTX *ctx, OSSL_DECODER *decoder); - int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX *ctx); + int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX *ctx, + OSSL_LIB_CTX *libctx, + const char *propq); int OSSL_DECODER_CTX_get_num_decoders(OSSL_DECODER_CTX *ctx); typedef struct ossl_decoder_instance_st OSSL_DECODER_INSTANCE; @@ -159,7 +161,7 @@ OSSL_DECODER_export() is a fallback function for constructors that cannot use the data they get directly for diverse reasons. It takes the same -decode instance I that the constructor got and an object +decode instance I that the constructor got and an object I, unpacks the object which it refers to, and exports it by creating an L array that it then passes to I, along with I. @@ -247,7 +249,7 @@ =head1 COPYRIGHT -Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/OSSL_ENCODER_to_bio.pod openssl-3.0.1/doc/man3/OSSL_ENCODER_to_bio.pod --- openssl-3.0.0/doc/man3/OSSL_ENCODER_to_bio.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OSSL_ENCODER_to_bio.pod 2021-12-14 17:16:25.000000000 +0100 @@ -92,7 +92,7 @@ size_t datalen; ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, - OSSL_KEYMGMT_SELECT_KEYPAIR, + OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, format, structure, NULL); diff -Nru openssl-3.0.0/doc/man3/OSSL_HTTP_parse_url.pod openssl-3.0.1/doc/man3/OSSL_HTTP_parse_url.pod --- openssl-3.0.0/doc/man3/OSSL_HTTP_parse_url.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OSSL_HTTP_parse_url.pod 2021-12-14 17:16:25.000000000 +0100 @@ -23,9 +23,9 @@ char **pport, int *pport_num, char **ppath, char **pquery, char **pfrag); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath, int *pssl); diff -Nru openssl-3.0.0/doc/man3/OSSL_HTTP_REQ_CTX.pod openssl-3.0.1/doc/man3/OSSL_HTTP_REQ_CTX.pod --- openssl-3.0.0/doc/man3/OSSL_HTTP_REQ_CTX.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OSSL_HTTP_REQ_CTX.pod 2021-12-14 17:16:25.000000000 +0100 @@ -70,8 +70,7 @@ memory B, which collects the HTTP request and additional headers as text. OSSL_HTTP_REQ_CTX_free() frees up the HTTP request context I. -The I and I are not free'd and it is up to the application -to do so. +The I is not free'd, I will be free'd if I is set. OSSL_HTTP_REQ_CTX_set_request_line() adds the HTTP request line to the context. The HTTP method is determined by I, @@ -140,13 +139,15 @@ OSSL_HTTP_REQ_CTX_exchange() calls OSSL_HTTP_REQ_CTX_nbio() as often as needed in order to exchange a request and response or until a timeout is reached. -If successful and an ASN.1-encoded response was expected, the response contents -should be read via the BIO returned by OSSL_HTTP_REQ_CTX_get0_mem_bio(). -Else the I that was given when calling OSSL_HTTP_REQ_CTX_new() -represents the current state of reading the response. -If OSSL_HTTP_REQ_CTX_exchange() was successful, this BIO has been read past the -end of the response headers, such that the actual response contents can be read -via this BIO, which may support streaming. +On success it returns a pointer to the BIO that can be used to read the result. +If an ASN.1-encoded response was expected, this is the BIO +returned by OSSL_HTTP_REQ_CTX_get0_mem_bio() when called after the exchange. +This memory BIO does not support streaming. +Otherwise it may be the I given when calling OSSL_HTTP_REQ_CTX_new(), +and this BIO has been read past the end of the response headers, +such that the actual response body can be read via this BIO, +which may support streaming. +The returned BIO pointer must not be freed by the caller. OSSL_HTTP_REQ_CTX_get0_mem_bio() returns the internal memory B. Before sending the request, this could used to modify the HTTP request text. @@ -154,6 +155,7 @@ After receiving a response via HTTP, the BIO represents the current state of reading the response headers. If the response was expected to be ASN.1 encoded, its contents can be read via this BIO, which does not support streaming. +The returned BIO pointer must not be freed by the caller. OSSL_HTTP_REQ_CTX_get_resp_len() returns the size of the response contents in I if provided by the server as header field, else 0. @@ -228,6 +230,7 @@ OSSL_HTTP_REQ_CTX_exchange() and OSSL_HTTP_REQ_CTX_get0_mem_bio() return a pointer to a B on success and NULL on failure. +The returned BIO must not be freed by the caller. OSSL_HTTP_REQ_CTX_get_resp_len() returns the size of the response contents or 0 if not available or an error occurred. diff -Nru openssl-3.0.0/doc/man3/OSSL_HTTP_transfer.pod openssl-3.0.1/doc/man3/OSSL_HTTP_transfer.pod --- openssl-3.0.0/doc/man3/OSSL_HTTP_transfer.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OSSL_HTTP_transfer.pod 2021-12-14 17:16:25.000000000 +0100 @@ -56,9 +56,10 @@ NULL, else by connecting to a given I optionally via a I. Typically the OpenSSL build supports sockets and the I parameter is NULL. -In this case I must be NULL as well, and the -library creates a network BIO internally for connecting to the given I -at the specified I if any, defaulting to 80 for HTTP or 443 for HTTPS. +In this case I must be NULL as well and the I must be non-NULL. +The function creates a network BIO internally using L +for connecting to the given server and the optionally given I, +defaulting to 80 for HTTP or 443 for HTTPS. Then this internal BIO is used for setting up a connection and for exchanging one or more request and response. If I is given and I is NULL then this I is used instead. @@ -68,6 +69,8 @@ As soon as the client has flushed I the server must be ready to provide a response or indicate a waiting condition via I. +If I is given, it is an error to provide I or I arguments, +while I and I arguments may be given to support diagnostic output. If I is NULL the optional I parameter can be used to set an HTTP(S) proxy to use (unless overridden by "no_proxy" settings). If TLS is not used this defaults to the environment variable C @@ -95,16 +98,19 @@ BIO *(*OSSL_HTTP_bio_cb_t)(BIO *bio, void *arg, int connect, int detail) -The callback may modify the HTTP BIO provided in the I argument, +The callback function may modify the BIO provided in the I argument, whereby it may make use of a custom defined argument I, -which may for instance refer to an I structure. -During connection establishment, just after calling BIO_do_connect_retry(), -the function is invoked with the I argument being 1 and the I +which may for instance point to an B structure. +During connection establishment, just after calling BIO_do_connect_retry(), the +callback function is invoked with the I argument being 1 and the I argument being 1 if HTTPS is requested, i.e., SSL/TLS should be enabled, else 0. On disconnect I is 0 and I is 1 if no error occurred, else 0. -For instance, on connect the function may prepend a TLS BIO to implement HTTPS; -after disconnect it may do some diagnostic output and/or specific cleanup. -The function should return NULL to indicate failure. +For instance, on connect the callback may push an SSL BIO to implement HTTPS; +after disconnect it may do some diagnostic output and pop and free the SSL BIO. + +The callback function must return either the potentially modified BIO I. +or NULL to indicate failure, in which case it should not modify the BIO. + Here is a simple example that supports TLS connections (but not via a proxy): BIO *http_tls_cb(BIO *hbio, void *arg, int connect, int detail) @@ -147,6 +153,8 @@ OSSL_HTTP_set1_request() sets up in I the request header and content data and expectations on the response using the following parameters. +If indicates using a proxy for HTTP (but not HTTPS), the server hostname +(and optionally port) needs to be placed in the header and thus must be present. If I is NULL it defaults to "/". If I is NULL the HTTP GET method will be used to send the request else HTTP POST with the contents of I and optional I, where @@ -185,10 +193,11 @@ an ASN.1-encoded response is expected, which should include a total length, the length indications received are checked for consistency and for not exceeding any given maximum response length. -On receiving a response, the function returns the contents as a memory BIO, -which does not support streaming, in case an ASN.1-encoded response is expected. -Else it returns directly the read BIO that holds the response contents, +If an ASN.1-encoded response is expected, the function returns on success +the contents as a memory BIO, which does not support streaming. +Otherwise it returns directly the read BIO that holds the response contents, which allows a response of indefinite length and may support streaming. +The caller is responsible for freeing the BIO pointer obtained. OSSL_HTTP_get() uses HTTP GET to obtain data from I if non-NULL, else from the server contained in the I, and returns it as a BIO. @@ -202,6 +211,7 @@ and the I, as described for OSSL_HTTP_open(), must be provided. Also the remaining parameters are interpreted as described for OSSL_HTTP_open() and OSSL_HTTP_set1_request(), respectively. +The caller is responsible for freeing the BIO pointer obtained. OSSL_HTTP_transfer() exchanges an HTTP request and response over a connection managed via I without supporting redirection. @@ -213,10 +223,12 @@ and assigns NULL to I<*prctx>. The remaining parameters are interpreted as described for OSSL_HTTP_open() and OSSL_HTTP_set1_request(), respectively. +The caller is responsible for freeing the BIO pointer obtained. OSSL_HTTP_close() closes the connection and releases I. The I parameter is passed to any BIO update function given during setup as described above for OSSL_HTTP_open(). +It must be 1 if no error occurred during the HTTP transfer and 0 otherwise. =head1 NOTES @@ -238,12 +250,13 @@ The BIO must be freed by the caller. On failure, they return NULL. Failure conditions include connection/transfer timeout, parse errors, etc. +The caller is responsible for freeing the BIO pointer obtained. OSSL_HTTP_close() returns 0 if anything went wrong while disconnecting, else 1. =head1 SEE ALSO -L, L +L, L, L, L, L diff -Nru openssl-3.0.0/doc/man3/OSSL_PARAM_BLD.pod openssl-3.0.1/doc/man3/OSSL_PARAM_BLD.pod --- openssl-3.0.0/doc/man3/OSSL_PARAM_BLD.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OSSL_PARAM_BLD.pod 2021-12-14 17:16:25.000000000 +0100 @@ -124,6 +124,11 @@ All of the OSSL_PARAM_BLD_push_TYPE functions return 1 on success and 0 on error. +=head1 NOTES + +OSSL_PARAM_BLD_push_BN() and OSSL_PARAM_BLD_push_BN_pad() currently only +support nonnegative Bs. They return an error on negative Bs. + =head1 EXAMPLES Both examples creating an OSSL_PARAM array that contains an RSA key. diff -Nru openssl-3.0.0/doc/man3/OSSL_PARAM_int.pod openssl-3.0.1/doc/man3/OSSL_PARAM_int.pod --- openssl-3.0.0/doc/man3/OSSL_PARAM_int.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OSSL_PARAM_int.pod 2021-12-14 17:16:25.000000000 +0100 @@ -331,6 +331,12 @@ Apart from that, the functions must be used appropriately for the expected type of the parameter. +OSSL_PARAM_get_BN() and OSSL_PARAM_set_BN() currently only support +nonnegative Bs, and by consequence, only +B. OSSL_PARAM_construct_BN() currently +constructs an B structure with the data type +B. + For OSSL_PARAM_construct_utf8_ptr() and OSSL_PARAM_consstruct_octet_ptr(), I is not relevant if the purpose is to send the B array to a I, i.e. to get parameter data back. diff -Nru openssl-3.0.0/doc/man3/OSSL_STORE_LOADER.pod openssl-3.0.1/doc/man3/OSSL_STORE_LOADER.pod --- openssl-3.0.0/doc/man3/OSSL_STORE_LOADER.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OSSL_STORE_LOADER.pod 2021-12-14 17:16:25.000000000 +0100 @@ -52,9 +52,9 @@ void (*fn)(const char *name, void *data), void *data); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme); const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER diff -Nru openssl-3.0.0/doc/man3/OSSL_STORE_open.pod openssl-3.0.1/doc/man3/OSSL_STORE_open.pod --- openssl-3.0.0/doc/man3/OSSL_STORE_open.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/OSSL_STORE_open.pod 2021-12-14 17:16:25.000000000 +0100 @@ -33,9 +33,9 @@ int OSSL_STORE_error(OSSL_STORE_CTX *ctx); int OSSL_STORE_close(OSSL_STORE_CTX *ctx); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following function has been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */); diff -Nru openssl-3.0.0/doc/man3/PEM_read_bio_PrivateKey.pod openssl-3.0.1/doc/man3/PEM_read_bio_PrivateKey.pod --- openssl-3.0.0/doc/man3/PEM_read_bio_PrivateKey.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/PEM_read_bio_PrivateKey.pod 2021-12-14 17:16:25.000000000 +0100 @@ -134,9 +134,9 @@ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x); int PEM_write_PKCS7(FILE *fp, PKCS7 *x); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x, pem_password_cb *cb, void *u); @@ -209,7 +209,14 @@ B>(), and B>() functions. Some operations have additional variants that take a library context I -and a property query string I. +and a property query string I. The B, B and B +objects may have an associated library context or property query string but +there are no variants of these functions that take a library context or property +query string parameter. In this case it is possible to set the appropriate +library context or property query string by creating an empty B, +B or B object using L, L +or L respectively. Then pass the empty object as a parameter +to the relevant PEM function. See the L section below. The B functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are @@ -448,7 +455,8 @@ X509_free(x); x = PEM_read_bio_X509(bp, NULL, 0, NULL); -is guaranteed to work. +is guaranteed to work. It is always acceptable for I to contain a newly +allocated, empty B object (for example allocated via L). =head1 RETURN VALUES diff -Nru openssl-3.0.0/doc/man3/PEM_read_CMS.pod openssl-3.0.1/doc/man3/PEM_read_CMS.pod --- openssl-3.0.0/doc/man3/PEM_read_CMS.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/PEM_read_CMS.pod 2021-12-14 17:16:25.000000000 +0100 @@ -55,9 +55,9 @@ int PEM_write_TYPE(FILE *fp, const TYPE *a); int PEM_write_bio_TYPE(BIO *bp, const TYPE *a); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: #include diff -Nru openssl-3.0.0/doc/man3/PKCS12_decrypt_skey.pod openssl-3.0.1/doc/man3/PKCS12_decrypt_skey.pod --- openssl-3.0.0/doc/man3/PKCS12_decrypt_skey.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/PKCS12_decrypt_skey.pod 2021-12-14 17:16:25.000000000 +0100 @@ -21,7 +21,7 @@ PKCS12_decrypt_skey() Decrypt the PKCS#8 shrouded keybag contained within I using the supplied password I of length I. -PKCS12_decrypt_skey_ex() is similar to the above but allows for a library contex +PKCS12_decrypt_skey_ex() is similar to the above but allows for a library contex I and property query I to be used to select algorithm implementations. =head1 RETURN VALUES diff -Nru openssl-3.0.0/doc/man3/PKCS12_SAFEBAG_create_cert.pod openssl-3.0.1/doc/man3/PKCS12_SAFEBAG_create_cert.pod --- openssl-3.0.0/doc/man3/PKCS12_SAFEBAG_create_cert.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/PKCS12_SAFEBAG_create_cert.pod 2021-12-14 17:16:25.000000000 +0100 @@ -3,7 +3,7 @@ =head1 NAME PKCS12_SAFEBAG_create_cert, PKCS12_SAFEBAG_create_crl, -PKCS12_SAFEBAG_create_secret, PKCS12_SAFEBAG_create0_p8inf, +PKCS12_SAFEBAG_create_secret, PKCS12_SAFEBAG_create0_p8inf, PKCS12_SAFEBAG_create0_pkcs8, PKCS12_SAFEBAG_create_pkcs8_encrypt, PKCS12_SAFEBAG_create_pkcs8_encrypt_ex - Create PKCS#12 safeBag objects @@ -52,7 +52,7 @@ PKCS12_SAFEBAG_create0_pkcs8() creates a new B of type B containing the supplied PKCS8 structure. -PKCS12_SAFEBAG_create_pkcs8_encrypt() creates a new B of type +PKCS12_SAFEBAG_create_pkcs8_encrypt() creates a new B of type B by encrypting the supplied PKCS8 I. If I is 0, a default encryption algorithm is used. I is the passphrase and I is the iteration count. If I is zero then a default diff -Nru openssl-3.0.0/doc/man3/PKCS12_SAFEBAG_get0_attrs.pod openssl-3.0.1/doc/man3/PKCS12_SAFEBAG_get0_attrs.pod --- openssl-3.0.0/doc/man3/PKCS12_SAFEBAG_get0_attrs.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/PKCS12_SAFEBAG_get0_attrs.pod 2021-12-14 17:16:25.000000000 +0100 @@ -16,7 +16,7 @@ =head1 DESCRIPTION -PKCS12_SAFEBAG_get0_attrs() retrieves the stack of Bs from a +PKCS12_SAFEBAG_get0_attrs() retrieves the stack of Bs from a PKCS#12 safeBag. I is the B to retrieve the attributes from. PKCS12_get_attr_gen() retrieves an attribute by NID from a stack of @@ -24,10 +24,10 @@ =head1 RETURN VALUES -PKCS12_SAFEBAG_get0_attrs() returns the stack of Bs from a +PKCS12_SAFEBAG_get0_attrs() returns the stack of Bs from a PKCS#12 safeBag, which could be empty. -PKCS12_get_attr_gen() returns an B object containing the attribute, +PKCS12_get_attr_gen() returns an B object containing the attribute, or NULL if the attribute was either not present or an error occurred. PKCS12_get_attr_gen() does not allocate a new attribute. The returned attribute @@ -40,7 +40,7 @@ =head1 COPYRIGHT -Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/PKCS12_SAFEBAG_get1_cert.pod openssl-3.0.1/doc/man3/PKCS12_SAFEBAG_get1_cert.pod --- openssl-3.0.0/doc/man3/PKCS12_SAFEBAG_get1_cert.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/PKCS12_SAFEBAG_get1_cert.pod 2021-12-14 17:16:25.000000000 +0100 @@ -48,7 +48,7 @@ from a PKCS8shroudedKeyBag or a keyBag. PKCS12_SAFEBAG_get0_safes() retrieves the set of B contained within a -safeContentsBag. +safeContentsBag. =head1 RETURN VALUES @@ -64,7 +64,7 @@ =head1 COPYRIGHT -Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/RAND_add.pod openssl-3.0.1/doc/man3/RAND_add.pod --- openssl-3.0.0/doc/man3/RAND_add.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RAND_add.pod 2021-12-14 17:16:25.000000000 +0100 @@ -18,9 +18,9 @@ void RAND_keep_random_devices_open(int keep); -Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 1.1.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam); void RAND_screen(void); @@ -101,7 +101,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/RAND_bytes.pod openssl-3.0.1/doc/man3/RAND_bytes.pod --- openssl-3.0.0/doc/man3/RAND_bytes.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RAND_bytes.pod 2021-12-14 17:16:25.000000000 +0100 @@ -17,9 +17,9 @@ int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num, unsigned int strength); -Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following function has been deprecated since OpenSSL 1.1.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int RAND_pseudo_bytes(unsigned char *buf, int num); diff -Nru openssl-3.0.0/doc/man3/RAND_cleanup.pod openssl-3.0.1/doc/man3/RAND_cleanup.pod --- openssl-3.0.0/doc/man3/RAND_cleanup.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RAND_cleanup.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following function has been deprecated since OpenSSL 1.1.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void RAND_cleanup(void); @@ -36,7 +36,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/RAND_set_rand_method.pod openssl-3.0.1/doc/man3/RAND_set_rand_method.pod --- openssl-3.0.0/doc/man3/RAND_set_rand_method.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RAND_set_rand_method.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: RAND_METHOD *RAND_OpenSSL(void); diff -Nru openssl-3.0.0/doc/man3/RC4_set_key.pod openssl-3.0.1/doc/man3/RC4_set_key.pod --- openssl-3.0.0/doc/man3/RC4_set_key.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RC4_set_key.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); @@ -68,7 +68,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/RIPEMD160_Init.pod openssl-3.0.1/doc/man3/RIPEMD160_Init.pod --- openssl-3.0.0/doc/man3/RIPEMD160_Init.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RIPEMD160_Init.pod 2021-12-14 17:16:25.000000000 +0100 @@ -9,9 +9,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, unsigned char *md); @@ -73,7 +73,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/RSA_blinding_on.pod openssl-3.0.1/doc/man3/RSA_blinding_on.pod --- openssl-3.0.0/doc/man3/RSA_blinding_on.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_blinding_on.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); diff -Nru openssl-3.0.0/doc/man3/RSA_check_key.pod openssl-3.0.1/doc/man3/RSA_check_key.pod --- openssl-3.0.0/doc/man3/RSA_check_key.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_check_key.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,13 +8,13 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: - int RSA_check_key_ex(RSA *rsa, BN_GENCB *cb); + int RSA_check_key_ex(const RSA *rsa, BN_GENCB *cb); - int RSA_check_key(RSA *rsa); + int RSA_check_key(const RSA *rsa); =head1 DESCRIPTION @@ -84,7 +84,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/RSA_generate_key.pod openssl-3.0.1/doc/man3/RSA_generate_key.pod --- openssl-3.0.0/doc/man3/RSA_generate_key.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_generate_key.pod 2021-12-14 17:16:25.000000000 +0100 @@ -12,14 +12,16 @@ EVP_PKEY *EVP_RSA_gen(unsigned int bits); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb); -Deprecated since OpenSSL 0.9.8: +The following function has been deprecated since OpenSSL 0.9.8, and can be +hidden entirely by defining B with a suitable version value, +see L: RSA *RSA_generate_key(int bits, unsigned long e, void (*callback)(int, int, void *), void *cb_arg); diff -Nru openssl-3.0.0/doc/man3/RSA_get0_key.pod openssl-3.0.1/doc/man3/RSA_get0_key.pod --- openssl-3.0.0/doc/man3/RSA_get0_key.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_get0_key.pod 2021-12-14 17:16:25.000000000 +0100 @@ -16,9 +16,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); diff -Nru openssl-3.0.0/doc/man3/RSA_meth_new.pod openssl-3.0.1/doc/man3/RSA_meth_new.pod --- openssl-3.0.0/doc/man3/RSA_meth_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_meth_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -20,9 +20,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: RSA_METHOD *RSA_meth_new(const char *name, int flags); void RSA_meth_free(RSA_METHOD *meth); @@ -260,7 +260,7 @@ =head1 COPYRIGHT -Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/RSA_new.pod openssl-3.0.1/doc/man3/RSA_new.pod --- openssl-3.0.0/doc/man3/RSA_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,7 +8,9 @@ #include -Deprecated since OpenSSL 3.0: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: RSA *RSA_new(void); diff -Nru openssl-3.0.0/doc/man3/RSA_padding_add_PKCS1_type_1.pod openssl-3.0.1/doc/man3/RSA_padding_add_PKCS1_type_1.pod --- openssl-3.0.0/doc/man3/RSA_padding_add_PKCS1_type_1.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_padding_add_PKCS1_type_1.pod 2021-12-14 17:16:25.000000000 +0100 @@ -13,9 +13,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, const unsigned char *f, int fl); diff -Nru openssl-3.0.0/doc/man3/RSA_print.pod openssl-3.0.1/doc/man3/RSA_print.pod --- openssl-3.0.0/doc/man3/RSA_print.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_print.pod 2021-12-14 17:16:25.000000000 +0100 @@ -10,32 +10,32 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: - int RSA_print(BIO *bp, RSA *x, int offset); - int RSA_print_fp(FILE *fp, RSA *x, int offset); + int RSA_print(BIO *bp, const RSA *x, int offset); + int RSA_print_fp(FILE *fp, const RSA *x, int offset); #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: - - int DSAparams_print(BIO *bp, DSA *x); - int DSAparams_print_fp(FILE *fp, DSA *x); - int DSA_print(BIO *bp, DSA *x, int offset); - int DSA_print_fp(FILE *fp, DSA *x, int offset); +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: + + int DSAparams_print(BIO *bp, const DSA *x); + int DSAparams_print_fp(FILE *fp, const DSA *x); + int DSA_print(BIO *bp, const DSA *x, int offset); + int DSA_print_fp(FILE *fp, const DSA *x, int offset); #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int DHparams_print(BIO *bp, DH *x); - int DHparams_print_fp(FILE *fp, DH *x); + int DHparams_print_fp(FILE *fp, const DH *x); =head1 DESCRIPTION @@ -50,7 +50,10 @@ =head1 RETURN VALUES -These functions return 1 on success, 0 on error. +DSAparams_print(), DSAparams_print_fp(), DSA_print(), and DSA_print_fp() +return 1 for success and 0 or a negative value for failure. + +DHparams_print() and DHparams_print_fp() return 1 on success, 0 on error. =head1 SEE ALSO @@ -64,7 +67,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/RSA_private_encrypt.pod openssl-3.0.1/doc/man3/RSA_private_encrypt.pod --- openssl-3.0.0/doc/man3/RSA_private_encrypt.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_private_encrypt.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding); diff -Nru openssl-3.0.0/doc/man3/RSA_public_encrypt.pod openssl-3.0.1/doc/man3/RSA_public_encrypt.pod --- openssl-3.0.0/doc/man3/RSA_public_encrypt.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_public_encrypt.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding); diff -Nru openssl-3.0.0/doc/man3/RSA_set_method.pod openssl-3.0.1/doc/man3/RSA_set_method.pod --- openssl-3.0.0/doc/man3/RSA_set_method.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_set_method.pod 2021-12-14 17:16:25.000000000 +0100 @@ -10,19 +10,19 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void RSA_set_default_method(const RSA_METHOD *meth); - RSA_METHOD *RSA_get_default_method(void); + const RSA_METHOD *RSA_get_default_method(void); int RSA_set_method(RSA *rsa, const RSA_METHOD *meth); - RSA_METHOD *RSA_get_method(const RSA *rsa); + const RSA_METHOD *RSA_get_method(const RSA *rsa); - RSA_METHOD *RSA_PKCS1_OpenSSL(void); + const RSA_METHOD *RSA_PKCS1_OpenSSL(void); int RSA_flags(const RSA *rsa); @@ -185,7 +185,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/RSA_sign_ASN1_OCTET_STRING.pod openssl-3.0.1/doc/man3/RSA_sign_ASN1_OCTET_STRING.pod --- openssl-3.0.0/doc/man3/RSA_sign_ASN1_OCTET_STRING.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_sign_ASN1_OCTET_STRING.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m, unsigned int m_len, unsigned char *sigret, @@ -68,7 +68,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/RSA_sign.pod openssl-3.0.1/doc/man3/RSA_sign.pod --- openssl-3.0.0/doc/man3/RSA_sign.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_sign.pod 2021-12-14 17:16:25.000000000 +0100 @@ -8,9 +8,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int RSA_sign(int type, const unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, RSA *rsa); @@ -67,7 +67,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/RSA_size.pod openssl-3.0.1/doc/man3/RSA_size.pod --- openssl-3.0.0/doc/man3/RSA_size.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/RSA_size.pod 2021-12-14 17:16:25.000000000 +0100 @@ -10,9 +10,9 @@ int RSA_bits(const RSA *rsa); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int RSA_size(const RSA *rsa); diff -Nru openssl-3.0.0/doc/man3/SCT_print.pod openssl-3.0.1/doc/man3/SCT_print.pod --- openssl-3.0.0/doc/man3/SCT_print.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SCT_print.pod 2021-12-14 17:16:25.000000000 +0100 @@ -31,7 +31,7 @@ =head1 RETURN VALUES -SCT_validation_status_string() returns a null-terminated string representing +SCT_validation_status_string() returns a NUL-terminated string representing the validation status of an B object. =head1 SEE ALSO @@ -47,7 +47,7 @@ =head1 COPYRIGHT -Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SHA256_Init.pod openssl-3.0.1/doc/man3/SHA256_Init.pod --- openssl-3.0.0/doc/man3/SHA256_Init.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SHA256_Init.pod 2021-12-14 17:16:25.000000000 +0100 @@ -11,15 +11,15 @@ #include - unsigned char *SHA1(const void *data, size_t count, unsigned char *md_buf); - unsigned char *SHA224(const void *data, size_t count, unsigned char *md_buf); - unsigned char *SHA256(const void *data, size_t count, unsigned char *md_buf); - unsigned char *SHA384(const void *data, size_t count, unsigned char *md_buf); - unsigned char *SHA512(const void *data, size_t count, unsigned char *md_buf); + unsigned char *SHA1(const unsigned char *data, size_t count, unsigned char *md_buf); + unsigned char *SHA224(const unsigned char *data, size_t count, unsigned char *md_buf); + unsigned char *SHA256(const unsigned char *data, size_t count, unsigned char *md_buf); + unsigned char *SHA384(const unsigned char *data, size_t count, unsigned char *md_buf); + unsigned char *SHA512(const unsigned char *data, size_t count, unsigned char *md_buf); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int SHA1_Init(SHA_CTX *c); int SHA1_Update(SHA_CTX *c, const void *data, size_t len); diff -Nru openssl-3.0.0/doc/man3/SRP_Calc_B.pod openssl-3.0.1/doc/man3/SRP_Calc_B.pod --- openssl-3.0.0/doc/man3/SRP_Calc_B.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SRP_Calc_B.pod 2021-12-14 17:16:25.000000000 +0100 @@ -18,9 +18,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: /* server side .... */ BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u, diff -Nru openssl-3.0.0/doc/man3/SRP_create_verifier.pod openssl-3.0.1/doc/man3/SRP_create_verifier.pod --- openssl-3.0.0/doc/man3/SRP_create_verifier.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SRP_create_verifier.pod 2021-12-14 17:16:25.000000000 +0100 @@ -14,9 +14,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int SRP_create_verifier_BN_ex(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, const BIGNUM *N, diff -Nru openssl-3.0.0/doc/man3/SRP_user_pwd_new.pod openssl-3.0.1/doc/man3/SRP_user_pwd_new.pod --- openssl-3.0.0/doc/man3/SRP_user_pwd_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SRP_user_pwd_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -13,9 +13,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: SRP_user_pwd *SRP_user_pwd_new(void); void SRP_user_pwd_free(SRP_user_pwd *user_pwd); diff -Nru openssl-3.0.0/doc/man3/SRP_VBASE_new.pod openssl-3.0.1/doc/man3/SRP_VBASE_new.pod --- openssl-3.0.0/doc/man3/SRP_VBASE_new.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SRP_VBASE_new.pod 2021-12-14 17:16:25.000000000 +0100 @@ -14,9 +14,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: SRP_VBASE *SRP_VBASE_new(char *seed_key); void SRP_VBASE_free(SRP_VBASE *vb); diff -Nru openssl-3.0.0/doc/man3/SSL_CIPHER_get_name.pod openssl-3.0.1/doc/man3/SSL_CIPHER_get_name.pod --- openssl-3.0.0/doc/man3/SSL_CIPHER_get_name.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_CIPHER_get_name.pod 2021-12-14 17:16:25.000000000 +0100 @@ -27,7 +27,7 @@ const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher); const char *OPENSSL_cipher_name(const char *stdname); int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits); - char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher); + const char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher); char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size); int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c); int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c); @@ -157,7 +157,7 @@ SSL_CIPHER_get_name(), SSL_CIPHER_standard_name(), OPENSSL_cipher_name(), SSL_CIPHER_get_version() and SSL_CIPHER_description() return the corresponding -value in a null-terminated string for a specific cipher or "(NONE)" +value in a NUL-terminated string for a specific cipher or "(NONE)" if the cipher is not found. SSL_CIPHER_get_bits() returns a positive integer representing the number of @@ -203,7 +203,7 @@ =head1 COPYRIGHT -Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SSL_COMP_add_compression_method.pod openssl-3.0.1/doc/man3/SSL_COMP_add_compression_method.pod --- openssl-3.0.0/doc/man3/SSL_COMP_add_compression_method.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_COMP_add_compression_method.pod 2021-12-14 17:16:25.000000000 +0100 @@ -15,9 +15,9 @@ const char *SSL_COMP_get0_name(const SSL_COMP *comp); int SSL_COMP_get_id(const SSL_COMP *comp); -Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following function has been deprecated since OpenSSL 1.1.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void SSL_COMP_free_compression_methods(void); @@ -96,7 +96,7 @@ =head1 COPYRIGHT -Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SSL_CTX_set_client_hello_cb.pod openssl-3.0.1/doc/man3/SSL_CTX_set_client_hello_cb.pod --- openssl-3.0.0/doc/man3/SSL_CTX_set_client_hello_cb.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_CTX_set_client_hello_cb.pod 2021-12-14 17:16:25.000000000 +0100 @@ -18,7 +18,7 @@ const unsigned char **out); int SSL_client_hello_get1_extensions_present(SSL *s, int **out, size_t *outlen); - int SSL_client_hello_get0_ext(SSL *s, int type, const unsigned char **out, + int SSL_client_hello_get0_ext(SSL *s, unsigned int type, const unsigned char **out, size_t *outlen); =head1 DESCRIPTION @@ -122,7 +122,7 @@ =head1 COPYRIGHT -Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SSL_CTX_set_keylog_callback.pod openssl-3.0.1/doc/man3/SSL_CTX_set_keylog_callback.pod --- openssl-3.0.0/doc/man3/SSL_CTX_set_keylog_callback.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_CTX_set_keylog_callback.pod 2021-12-14 17:16:25.000000000 +0100 @@ -29,7 +29,7 @@ with the connection, and B, a string containing the key material in the format used by NSS for its B debugging output. To recreate that file, the key logging callback should log B, followed by a newline. -B will always be a NULL-terminated string. +B will always be a NUL-terminated string. =head1 RETURN VALUES @@ -42,7 +42,7 @@ =head1 COPYRIGHT -Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SSL_CTX_set_num_tickets.pod openssl-3.0.1/doc/man3/SSL_CTX_set_num_tickets.pod --- openssl-3.0.0/doc/man3/SSL_CTX_set_num_tickets.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_CTX_set_num_tickets.pod 2021-12-14 17:16:25.000000000 +0100 @@ -14,9 +14,9 @@ #include int SSL_set_num_tickets(SSL *s, size_t num_tickets); - size_t SSL_get_num_tickets(SSL *s); + size_t SSL_get_num_tickets(const SSL *s); int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets); - size_t SSL_CTX_get_num_tickets(SSL_CTX *ctx); + size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx); int SSL_new_session_ticket(SSL *s); =head1 DESCRIPTION @@ -27,10 +27,10 @@ the B argument. Typically these functions should be called before the start of the handshake. -The default number of tickets is 2; the default number of tickets sent following -a resumption handshake is 1 but this cannot be changed using these functions. -The number of tickets following a resumption handshake can be reduced to 0 using -custom session ticket callbacks (see L). +The default number of tickets is 2. Following a resumption the number of tickets +issued will never be more than 1 regardless of the value set via +SSL_set_num_tickets() or SSL_CTX_set_num_tickets(). If B is set to +0 then no tickets will be issued for either a normal connection or a resumption. Tickets are also issued on receipt of a post-handshake certificate from the client following a request by the server using diff -Nru openssl-3.0.0/doc/man3/SSL_CTX_set_options.pod openssl-3.0.1/doc/man3/SSL_CTX_set_options.pod --- openssl-3.0.0/doc/man3/SSL_CTX_set_options.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_CTX_set_options.pod 2021-12-14 17:16:25.000000000 +0100 @@ -16,8 +16,8 @@ uint64_t SSL_CTX_clear_options(SSL_CTX *ctx, uint64_t options); uint64_t SSL_clear_options(SSL *ssl, uint64_t options); - uint64_t SSL_CTX_get_options(SSL_CTX *ctx); - uint64_t SSL_get_options(SSL *ssl); + uint64_t SSL_CTX_get_options(const SSL_CTX *ctx); + uint64_t SSL_get_options(const SSL *ssl); long SSL_get_secure_renegotiation_support(SSL *ssl); diff -Nru openssl-3.0.0/doc/man3/SSL_CTX_set_psk_client_callback.pod openssl-3.0.1/doc/man3/SSL_CTX_set_psk_client_callback.pod --- openssl-3.0.0/doc/man3/SSL_CTX_set_psk_client_callback.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_CTX_set_psk_client_callback.pod 2021-12-14 17:16:25.000000000 +0100 @@ -107,11 +107,11 @@ The callback is set using functions SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback(). The callback function is given the -connection in parameter B, a B-terminated PSK identity hint +connection in parameter B, a B-terminated PSK identity hint sent by the server in parameter B, a buffer B of -length B bytes where the resulting -B-terminated identity is to be stored, and a buffer B of -length B bytes where the resulting pre-shared key is to +length B bytes (including the B-terminator) where the +resulting B-terminated identity is to be stored, and a buffer B +of length B bytes where the resulting pre-shared key is to be stored. The callback for use in TLSv1.2 will also work in TLSv1.3 although it is @@ -169,7 +169,7 @@ =head1 COPYRIGHT -Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SSL_CTX_set_security_level.pod openssl-3.0.1/doc/man3/SSL_CTX_set_security_level.pod --- openssl-3.0.0/doc/man3/SSL_CTX_set_security_level.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_CTX_set_security_level.pod 2021-12-14 17:16:25.000000000 +0100 @@ -77,7 +77,9 @@ DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite -using MD5 for the MAC is also prohibited. +using MD5 for the MAC is also prohibited. Note that signatures using SHA1 +and MD5 are also forbidden at this level as they have less than 80 security +bits. =item B @@ -147,10 +149,11 @@ alert. Attempts to set certificates or parameters with insufficient security are -also blocked. For example trying to set a certificate using a 512 bit RSA -key using SSL_CTX_use_certificate() at level 1. Applications which do not -check the return values for errors will misbehave: for example it might -appear that a certificate is not set at all because it had been rejected. +also blocked. For example trying to set a certificate using a 512 bit RSA key +or a certificate with a signature with SHA1 digest at level 1 using +SSL_CTX_use_certificate(). Applications which do not check the return values +for errors will misbehave: for example it might appear that a certificate is +not set at all because it had been rejected. =head1 RETURN VALUES @@ -178,7 +181,7 @@ =head1 COPYRIGHT -Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2014-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SSL_CTX_set_split_send_fragment.pod openssl-3.0.1/doc/man3/SSL_CTX_set_split_send_fragment.pod --- openssl-3.0.0/doc/man3/SSL_CTX_set_split_send_fragment.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_CTX_set_split_send_fragment.pod 2021-12-14 17:16:25.000000000 +0100 @@ -28,7 +28,7 @@ int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode); int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode); - uint8_t SSL_SESSION_get_max_fragment_length(SSL_SESSION *session); + uint8_t SSL_SESSION_get_max_fragment_length(const SSL_SESSION *session); =head1 DESCRIPTION @@ -179,7 +179,7 @@ =head1 COPYRIGHT -Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SSL_CTX_set_srp_password.pod openssl-3.0.1/doc/man3/SSL_CTX_set_srp_password.pod --- openssl-3.0.0/doc/man3/SSL_CTX_set_srp_password.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_CTX_set_srp_password.pod 2021-12-14 17:16:25.000000000 +0100 @@ -21,9 +21,9 @@ #include -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name); int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password); diff -Nru openssl-3.0.0/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod openssl-3.0.1/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod --- openssl-3.0.0/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod 2021-12-14 17:16:25.000000000 +0100 @@ -15,9 +15,9 @@ unsigned char iv[EVP_MAX_IV_LENGTH], EVP_CIPHER_CTX *ctx, EVP_MAC_CTX *hctx, int enc)); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following function has been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: int SSL_CTX_set_tlsext_ticket_key_cb(SSL_CTX sslctx, int (*cb)(SSL *s, unsigned char key_name[16], @@ -145,7 +145,7 @@ =head1 RETURN VALUES -returns 0 to indicate the callback function was set. +Returns 1 to indicate the callback function was set and 0 otherwise. =head1 EXAMPLES diff -Nru openssl-3.0.0/doc/man3/SSL_CTX_set_tmp_dh_callback.pod openssl-3.0.1/doc/man3/SSL_CTX_set_tmp_dh_callback.pod --- openssl-3.0.0/doc/man3/SSL_CTX_set_tmp_dh_callback.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_CTX_set_tmp_dh_callback.pod 2021-12-14 17:16:25.000000000 +0100 @@ -16,9 +16,9 @@ int SSL_CTX_set0_tmp_dh_pkey(SSL_CTX *ctx, EVP_PKEY *dhpkey); int SSL_set0_tmp_dh_pkey(SSL *s, EVP_PKEY *dhpkey); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*tmp_dh_callback)(SSL *ssl, int is_export, @@ -112,7 +112,7 @@ =head1 COPYRIGHT -Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SSL_CTX_use_certificate.pod openssl-3.0.1/doc/man3/SSL_CTX_use_certificate.pod --- openssl-3.0.0/doc/man3/SSL_CTX_use_certificate.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_CTX_use_certificate.pod 2021-12-14 17:16:25.000000000 +0100 @@ -20,27 +20,27 @@ #include int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); - int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d); + int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d); int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type); int SSL_use_certificate(SSL *ssl, X509 *x); - int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len); + int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len); int SSL_use_certificate_file(SSL *ssl, const char *file, int type); int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); int SSL_use_certificate_chain_file(SSL *ssl, const char *file); int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); - int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d, + int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, const unsigned char *d, long len); int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type); int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); - int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len); + int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len); int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type); int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); - int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len); + int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d, long len); int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type); int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); - int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len); + int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len); int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type); int SSL_CTX_check_private_key(const SSL_CTX *ctx); @@ -194,7 +194,7 @@ =head1 COPYRIGHT -Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SSL_get_session.pod openssl-3.0.1/doc/man3/SSL_get_session.pod --- openssl-3.0.0/doc/man3/SSL_get_session.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_get_session.pod 2021-12-14 17:16:25.000000000 +0100 @@ -37,8 +37,11 @@ SSL_SESSION object can be used for resumption or not. Additionally, in TLSv1.3, a server can send multiple messages that establish a -session for a single connection. In that case the above functions will only -return information on the last session that was received. +session for a single connection. In that case, on the client side, the above +functions will only return information on the last session that was received. On +the server side they will only return information on the last session that was +sent, or if no session tickets were sent then the session for the current +connection. The preferred way for applications to obtain a resumable SSL_SESSION object is to use a new session callback as described in L. @@ -100,7 +103,7 @@ =head1 COPYRIGHT -Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SSL_group_to_name.pod openssl-3.0.1/doc/man3/SSL_group_to_name.pod --- openssl-3.0.0/doc/man3/SSL_group_to_name.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_group_to_name.pod 2021-12-14 17:16:25.000000000 +0100 @@ -20,7 +20,7 @@ =head1 RETURN VALUES If non-NULL, SSL_group_to_name() returns the TLS group name -corresponding to the given I as a NULL-terminated string. +corresponding to the given I as a NUL-terminated string. If SSL_group_to_name() returns NULL, an error occurred; possibly no corresponding tlsname was registered during provider initialisation. diff -Nru openssl-3.0.0/doc/man3/SSL_set_async_callback.pod openssl-3.0.1/doc/man3/SSL_set_async_callback.pod --- openssl-3.0.0/doc/man3/SSL_set_async_callback.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_set_async_callback.pod 2021-12-14 17:16:25.000000000 +0100 @@ -55,7 +55,7 @@ =item 1. -Application sets the async callback and callback data on an SSL connection +Application sets the async callback and callback data on an SSL connection by calling SSL_set_async_callback(). =item 2. @@ -121,7 +121,7 @@ =head1 COPYRIGHT -Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SSL_set_bio.pod openssl-3.0.1/doc/man3/SSL_set_bio.pod --- openssl-3.0.0/doc/man3/SSL_set_bio.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_set_bio.pod 2021-12-14 17:16:25.000000000 +0100 @@ -78,7 +78,7 @@ If the B and B parameters are different and the B is the same as the previously set value and the old B and B values were different -to each other, then one reference is consumed for the B and one +to each other, then one reference is consumed for the B and one reference is consumed for the B. =back @@ -102,7 +102,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/SSL_set_fd.pod openssl-3.0.1/doc/man3/SSL_set_fd.pod --- openssl-3.0.0/doc/man3/SSL_set_fd.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/SSL_set_fd.pod 2021-12-14 17:16:25.000000000 +0100 @@ -45,6 +45,17 @@ =back +=head1 NOTES + +On Windows, a socket handle is a 64-bit data type (UINT_PTR), which leads to a +compiler warning (conversion from 'SOCKET' to 'int', possible loss of data) when +passing the socket handle to SSL_set_*fd(). For the time being, this warning can +safely be ignored, because although the Microsoft documentation claims that the +upper limit is INVALID_SOCKET-1 (2^64 - 2), in practice the current socket() +implementation returns an index into the kernel handle table, the size of which +is limited to 2^24. + + =head1 SEE ALSO L, L, @@ -53,7 +64,7 @@ =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/X509_dup.pod openssl-3.0.1/doc/man3/X509_dup.pod --- openssl-3.0.0/doc/man3/X509_dup.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/X509_dup.pod 2021-12-14 17:16:25.000000000 +0100 @@ -320,9 +320,9 @@ void TYPE_free(TYPE *a); int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following functions have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: DSA *DSAparams_dup(const DSA *dsa); RSA *RSAPrivateKey_dup(const RSA *rsa); diff -Nru openssl-3.0.0/doc/man3/X509_get0_signature.pod openssl-3.0.1/doc/man3/X509_get0_signature.pod --- openssl-3.0.0/doc/man3/X509_get0_signature.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/X509_get0_signature.pod 2021-12-14 17:16:25.000000000 +0100 @@ -3,8 +3,8 @@ =head1 NAME X509_get0_signature, X509_REQ_set0_signature, X509_REQ_set1_signature_algo, -X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, -X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, +X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, +X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid, X509_get_signature_info, X509_SIG_INFO_get, X509_SIG_INFO_set - signature information =head1 SYNOPSIS @@ -132,7 +132,7 @@ =head1 COPYRIGHT -Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/X509_get_pubkey.pod openssl-3.0.1/doc/man3/X509_get_pubkey.pod --- openssl-3.0.0/doc/man3/X509_get_pubkey.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/X509_get_pubkey.pod 2021-12-14 17:16:25.000000000 +0100 @@ -14,7 +14,7 @@ EVP_PKEY *X509_get_pubkey(X509 *x); EVP_PKEY *X509_get0_pubkey(const X509 *x); int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); - X509_PUBKEY *X509_get_X509_PUBKEY(X509 *x); + X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x); EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req); EVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req); @@ -77,7 +77,7 @@ =head1 COPYRIGHT -Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man3/X509_get_subject_name.pod openssl-3.0.1/doc/man3/X509_get_subject_name.pod --- openssl-3.0.0/doc/man3/X509_get_subject_name.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/X509_get_subject_name.pod 2021-12-14 17:16:25.000000000 +0100 @@ -15,8 +15,6 @@ unsigned long X509_NAME_hash_ex(const X509_NAME *x, OSSL_LIB_CTX *libctx, const char *propq, int *ok); -Deprecated since OpenSSL 3.0: - #define X509_NAME_hash(x) X509_NAME_hash_ex(x, NULL, NULL, NULL) X509_NAME *X509_get_subject_name(const X509 *x); int X509_set_subject_name(X509 *x, const X509_NAME *name); @@ -32,6 +30,12 @@ X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl); int X509_CRL_set_issuer_name(X509_CRL *x, const X509_NAME *name); +The following macro has been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: + + #define X509_NAME_hash(x) X509_NAME_hash_ex(x, NULL, NULL, NULL) + =head1 DESCRIPTION X509_NAME_hash_ex() returns a hash value of name I or 0 on failure, diff -Nru openssl-3.0.0/doc/man3/X509_load_http.pod openssl-3.0.1/doc/man3/X509_load_http.pod --- openssl-3.0.0/doc/man3/X509_load_http.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/X509_load_http.pod 2021-12-14 17:16:25.000000000 +0100 @@ -15,9 +15,9 @@ X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout); X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout); -Deprecated since OpenSSL 3.0, can be hidden entirely by defining -B with a suitable version value, see -L: +The following macros have been deprecated since OpenSSL 3.0, and can be +hidden entirely by defining B with a suitable version value, +see L: #define X509_http_nbio(rctx, pcert) #define X509_CRL_http_nbio(rctx, pcrl) diff -Nru openssl-3.0.0/doc/man3/X509V3_set_ctx.pod openssl-3.0.1/doc/man3/X509V3_set_ctx.pod --- openssl-3.0.0/doc/man3/X509V3_set_ctx.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man3/X509V3_set_ctx.pod 2021-12-14 17:16:25.000000000 +0100 @@ -18,12 +18,16 @@ X509V3_set_ctx() fills in the basic fields of I of type B, providing details potentially needed by functions producing X509 v3 extensions, e.g., to look up values for filling in authority key identifiers. -Any of I, I, or I may be provided, pointing to a certificate, +Any of I, I, or I may be provided, pointing to a certificate, certification request, or certificate revocation list, respectively. -If I or I is provided, I should point to its issuer, +When constructing the subject key identifier of a certificate by computing a +hash value of its public key, the public key is taken from I or I. +Similarly, when constructing subject alternative names from any email addresses +contained in a subject DN, the subject DN is taken from I or I. +If I or I is provided, I should point to its issuer, for instance to help generating an authority key identifier extension. -Note that if I is provided, I may be the same as I, -which means that I is self-issued (or even self-signed). +Note that if I is provided, I may be the same as I, +which means that I is self-issued (or even self-signed). I may be 0 or contain B, which means that just the syntax of extension definitions is to be checked without actually producing an extension, diff -Nru openssl-3.0.0/doc/man5/x509v3_config.pod openssl-3.0.1/doc/man5/x509v3_config.pod --- openssl-3.0.0/doc/man5/x509v3_config.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man5/x509v3_config.pod 2021-12-14 17:16:25.000000000 +0100 @@ -194,13 +194,16 @@ or both of them, separated by C<,>. Either or both can have the option B, indicated by putting a colon C<:> between the value and this option. +For self-signed certificates the AKID is suppressed unless B is present. By default the B, B, and B apps behave as if "none" was given for self-signed certificates and "keyid, issuer" otherwise. -If B is present, an attempt is made to compute the hash of the public key -corresponding to the signing key in case the certificate is self-signed, -or else to copy the subject key identifier (SKID) from the issuer certificate. -If this fails and the option B is present, an error is returned. +If B is present, an attempt is made to +copy the subject key identifier (SKID) from the issuer certificate except if +the issuer certificate is the same as the current one and it is not self-signed. +The hash of the public key related to the signing key is taken as fallback +if the issuer certificate is the same as the current certificate. +If B is present but no value can be obtained, an error is returned. If B is present, and in addition it has the option B specified or B is not present, @@ -225,9 +228,11 @@ and B. The syntax of each is described in the following paragraphs. -The B option has a special C value, which will automatically -include any email addresses contained in the certificate subject name in -the extension. +The B option has two special values. +C will automatically include any email addresses +contained in the certificate subject name in the extension. +C will automatically move any email addresses +from the certificate subject name to the extension. The IP address used in the B option can be in either IPv4 or IPv6 format. @@ -289,8 +294,8 @@ syntax as subject alternative name (except that B is not supported). Possible values for access_id include B (OCSP responder), -B (CA Issuers), -B (AD Time Stamping), +B (CA Issuers), +B (AD Time Stamping), B (ad dvcs), B (CA Repository). diff -Nru openssl-3.0.0/doc/man7/bio.pod openssl-3.0.1/doc/man7/bio.pod --- openssl-3.0.0/doc/man7/bio.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/bio.pod 2021-12-14 17:16:25.000000000 +0100 @@ -49,7 +49,7 @@ Normally the I argument is supplied by a function which returns a pointer to a BIO_METHOD. There is a naming convention for such functions: -a source/sink BIO typically starts with I and +a source/sink BIO typically starts with I and a filter BIO with I. =head1 EXAMPLES diff -Nru openssl-3.0.0/doc/man7/crypto.pod openssl-3.0.1/doc/man7/crypto.pod --- openssl-3.0.0/doc/man7/crypto.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/crypto.pod 2021-12-14 17:16:25.000000000 +0100 @@ -167,8 +167,8 @@ =head2 Implicit fetch OpenSSL has a number of functions that return an algorithm object with no -associated implementation, such as L, -L or L. These are present for +associated implementation, such as L, L, +L or L. These are present for compatibility with OpenSSL before version 3.0 where explicit fetching was not available. @@ -181,6 +181,35 @@ using default search criteria and an algorithm name that is consistent with the context in which it is being used. +Functions that revolve around B and L, such as +L and friends, all fetch the implementations +implicitly. Because these functions involve both an operation type (such as +L) and an L for the L, they try +the following: + +=over 4 + +=item 1. + +Fetch the operation type implementation from any provider given a library +context and property string stored in the B. + +If the provider of the operation type implementation is different from the +provider of the L's L implementation, try to +fetch a L implementation in the same provider as the operation +type implementation and export the L to it (effectively making a +temporary copy of the original key). + +If anything in this step fails, the next step is used as a fallback. + +=item 2. + +As a fallback, try to fetch the operation type implementation from the same +provider as the original L's L, still using the +propery string from the B. + +=back + =head1 FETCHING EXAMPLES The following section provides a series of examples of fetching algorithm @@ -259,7 +288,7 @@ specific manual pages linked below for further details about using the algorithms available in each of the providers. -As well as the OpenSSL providers third parties can also implemment providers. +As well as the OpenSSL providers third parties can also implement providers. For information on writing a provider see L. =head2 Default provider diff -Nru openssl-3.0.0/doc/man7/EVP_KDF-SSHKDF.pod openssl-3.0.1/doc/man7/EVP_KDF-SSHKDF.pod --- openssl-3.0.0/doc/man7/EVP_KDF-SSHKDF.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/EVP_KDF-SSHKDF.pod 2021-12-14 17:16:25.000000000 +0100 @@ -121,7 +121,7 @@ key, (size_t)1024); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SSHKDF_XCGHASH, xcghash, (size_t)32); - *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, session_id, (size_t)32); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_SSHKDF_TYPE, &type, sizeof(type)); diff -Nru openssl-3.0.0/doc/man7/EVP_KEYEXCH-ECDH.pod openssl-3.0.1/doc/man7/EVP_KEYEXCH-ECDH.pod --- openssl-3.0.0/doc/man7/EVP_KEYEXCH-ECDH.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/EVP_KEYEXCH-ECDH.pod 2021-12-14 17:16:25.000000000 +0100 @@ -74,7 +74,7 @@ L using the same curve name. The code to generate a shared secret for the normal case is identical to -L. +L. To derive a shared secret on the host using the host's key and the peer's public key but also using X963KDF with a user key material: diff -Nru openssl-3.0.0/doc/man7/EVP_PKEY-DH.pod openssl-3.0.1/doc/man7/EVP_PKEY-DH.pod --- openssl-3.0.0/doc/man7/EVP_PKEY-DH.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/EVP_PKEY-DH.pod 2021-12-14 17:16:25.000000000 +0100 @@ -74,7 +74,7 @@ Used for DH generation of safe primes using the old safe prime generator code. The default value is 2. It is recommended to use a named safe prime group instead, if domain parameter -validation is required. +validation is required. Randomly generated safe primes are not allowed by FIPS, so setting this value for the OpenSSL FIPS provider will instead choose a named safe prime group @@ -156,7 +156,7 @@ EVP_PKEY_CTX_set_params(pctx, params); EVP_PKEY_generate(pctx, &pkey); ... - EVP_PKEY_free(key); + EVP_PKEY_free(pkey); EVP_PKEY_CTX_free(pctx); B domain parameters can be generated according to B by calling: diff -Nru openssl-3.0.0/doc/man7/EVP_PKEY-EC.pod openssl-3.0.1/doc/man7/EVP_PKEY-EC.pod --- openssl-3.0.0/doc/man7/EVP_PKEY-EC.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/EVP_PKEY-EC.pod 2021-12-14 17:16:25.000000000 +0100 @@ -71,7 +71,7 @@ =item "decoded-from-explicit" (B) Gets a flag indicating wether the key or parameters were decoded from explicit -curve parameters. Set to 1 if so or 0 if a named curve was used. +curve parameters. Set to 1 if so or 0 if a named curve was used. =item "use-cofactor-flag" (B) diff -Nru openssl-3.0.0/doc/man7/EVP_PKEY-FFC.pod openssl-3.0.1/doc/man7/EVP_PKEY-FFC.pod --- openssl-3.0.0/doc/man7/EVP_PKEY-FFC.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/EVP_PKEY-FFC.pod 2021-12-14 17:16:25.000000000 +0100 @@ -92,7 +92,7 @@ =item "hindex" (B) -For unverifiable generation of the generator I this value is output during +For unverifiable generation of the generator I this value is output during generation of I. Its value is the first integer larger than one that satisfies g = h^j mod p (where g != 1 and "j" is the cofactor). diff -Nru openssl-3.0.0/doc/man7/EVP_RAND-TEST-RAND.pod openssl-3.0.1/doc/man7/EVP_RAND-TEST-RAND.pod --- openssl-3.0.0/doc/man7/EVP_RAND-TEST-RAND.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/EVP_RAND-TEST-RAND.pod 2021-12-14 17:16:25.000000000 +0100 @@ -52,9 +52,8 @@ =item "test_entropy" (B) Sets the bytes returned when the test generator is sent an entropy request. -When entropy is requested, these bytes are treated as a cyclic buffer and they -are repeated as required. The current position is remembered across generate -calls. +The current position is remembered across generate calls. +If there are insufficient data present to satisfy a call, an error is returned. =item "test_nonce" (B) diff -Nru openssl-3.0.0/doc/man7/EVP_SIGNATURE-DSA.pod openssl-3.0.1/doc/man7/EVP_SIGNATURE-DSA.pod --- openssl-3.0.0/doc/man7/EVP_SIGNATURE-DSA.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/EVP_SIGNATURE-DSA.pod 2021-12-14 17:16:25.000000000 +0100 @@ -14,7 +14,7 @@ The following signature parameters can be set using EVP_PKEY_CTX_set_params(). This may be called after EVP_PKEY_sign_init() or EVP_PKEY_verify_init(), -and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). +and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). =over 4 @@ -48,7 +48,7 @@ =head1 COPYRIGHT -Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man7/EVP_SIGNATURE-ECDSA.pod openssl-3.0.1/doc/man7/EVP_SIGNATURE-ECDSA.pod --- openssl-3.0.0/doc/man7/EVP_SIGNATURE-ECDSA.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/EVP_SIGNATURE-ECDSA.pod 2021-12-14 17:16:25.000000000 +0100 @@ -13,7 +13,7 @@ The following signature parameters can be set using EVP_PKEY_CTX_set_params(). This may be called after EVP_PKEY_sign_init() or EVP_PKEY_verify_init(), -and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). +and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). =over 4 @@ -47,7 +47,7 @@ =head1 COPYRIGHT -Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man7/EVP_SIGNATURE-RSA.pod openssl-3.0.1/doc/man7/EVP_SIGNATURE-RSA.pod --- openssl-3.0.0/doc/man7/EVP_SIGNATURE-RSA.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/EVP_SIGNATURE-RSA.pod 2021-12-14 17:16:25.000000000 +0100 @@ -14,7 +14,7 @@ The following signature parameters can be set using EVP_PKEY_CTX_set_params(). This may be called after EVP_PKEY_sign_init() or EVP_PKEY_verify_init(), -and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). +and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). =over 4 @@ -32,11 +32,11 @@ =item "none" (B) -=item "pkcs1" (B) +=item "pkcs1" (B) =item "x931" (B) -=item "pss" (B) +=item "pss" (B) =back diff -Nru openssl-3.0.0/doc/man7/life_cycle-cipher.pod openssl-3.0.1/doc/man7/life_cycle-cipher.pod --- openssl-3.0.0/doc/man7/life_cycle-cipher.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/life_cycle-cipher.pod 2021-12-14 17:16:25.000000000 +0100 @@ -126,12 +126,12 @@ Function Call ---------------------------------------------- Current State ----------------------------------------------- start newed initialised updated finaled initialised updated initialised updated freed decryption decryption encryption encryption - EVP_CIPHER_CTX_new newed + EVP_CIPHER_CTX_new newed EVP_CipherInit initialised initialised initialised initialised initialised initialised initialised initialised EVP_DecryptInit initialised initialised initialised initialised initialised initialised initialised initialised - decryption decryption decryption decryption decryption decryption decryption decryption + decryption decryption decryption decryption decryption decryption decryption decryption EVP_EncryptInit initialised initialised initialised initialised initialised initialised initialised initialised - encryption encryption encryption encryption encryption encryption encryption encryption + encryption encryption encryption encryption encryption encryption encryption encryption EVP_CipherUpdate updated updated EVP_DecryptUpdate updated updated decryption decryption diff -Nru openssl-3.0.0/doc/man7/life_cycle-digest.pod openssl-3.0.1/doc/man7/life_cycle-digest.pod --- openssl-3.0.0/doc/man7/life_cycle-digest.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/life_cycle-digest.pod 2021-12-14 17:16:25.000000000 +0100 @@ -93,7 +93,7 @@ Function Call --------------------- Current State ---------------------- start newed initialised updated finaled freed - EVP_MD_CTX_new newed + EVP_MD_CTX_new newed EVP_DigestInit initialised initialised initialised initialised EVP_DigestUpdate updated updated EVP_DigestFinal finaled diff -Nru openssl-3.0.0/doc/man7/life_cycle-kdf.pod openssl-3.0.1/doc/man7/life_cycle-kdf.pod --- openssl-3.0.0/doc/man7/life_cycle-kdf.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/life_cycle-kdf.pod 2021-12-14 17:16:25.000000000 +0100 @@ -75,7 +75,7 @@ Function Call ------------- Current State ------------- start newed deriving freed - EVP_KDF_CTX_new newed + EVP_KDF_CTX_new newed EVP_KDF_derive deriving deriving EVP_KDF_CTX_free freed freed freed EVP_KDF_CTX_reset newed newed @@ -103,19 +103,19 @@ EVP_KDF_derive - newed deriving - -EVP_KDF_CTX_free - - newed deriving -EVP_KDF_CTX_reset +EVP_KDF_CTX_free freed freed freed +EVP_KDF_CTX_reset + + newed + newed + EVP_KDF_CTX_get_params newed diff -Nru openssl-3.0.0/doc/man7/life_cycle-mac.pod openssl-3.0.1/doc/man7/life_cycle-mac.pod --- openssl-3.0.0/doc/man7/life_cycle-mac.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/life_cycle-mac.pod 2021-12-14 17:16:25.000000000 +0100 @@ -94,7 +94,7 @@ Function Call --------------------- Current State ---------------------- start newed initialised updated finaled freed - EVP_MAC_CTX_new newed + EVP_MAC_CTX_new newed EVP_MAC_init initialised initialised initialised initialised EVP_MAC_update updated updated EVP_MAC_final finaled diff -Nru openssl-3.0.0/doc/man7/life_cycle-rand.pod openssl-3.0.1/doc/man7/life_cycle-rand.pod --- openssl-3.0.0/doc/man7/life_cycle-rand.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/life_cycle-rand.pod 2021-12-14 17:16:25.000000000 +0100 @@ -87,7 +87,7 @@ Function Call ------------------ Current State ------------------ start newed instantiated uninstantiated freed - EVP_RAND_CTX_new newed + EVP_RAND_CTX_new newed EVP_RAND_instantiate instantiated EVP_RAND_generate instantiated EVP_RAND_uninstantiate uninstantiated diff -Nru openssl-3.0.0/doc/man7/migration_guide.pod openssl-3.0.1/doc/man7/migration_guide.pod --- openssl-3.0.0/doc/man7/migration_guide.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/migration_guide.pod 2021-12-14 17:16:25.000000000 +0100 @@ -119,7 +119,22 @@ This is particularly relevant for applications written to use the OpenSSL 3.0 FIPS module, as detailed below. Authors and maintainers of external engines are strongly encouraged to refactor their code transforming engines into providers -using the new Provider API and avoiding deprecated methods. +using the new Provider API and avoiding deprecated methods. + +=head3 Support of legacy engines + +If openssl is not built without engine support or deprecated API support, engines +will still work. However, their applicability will be limited. + +New algorithms provided via engines will still work. + +Engine-backed keys can be loaded via custom B implementation. +In this case the B objects created via L +will be concidered legacy and will continue to work. + +To ensure the future compatibility, the engines should be turned to providers. +To prefer the provider-based hardware offload, you can specify the default +properties to prefer your provider. =head3 Versioning Scheme @@ -133,7 +148,7 @@ instead the patch level is indicated by the final number in the version. A change in the second (MINOR) number indicates that new features may have been added. OpenSSL versions with the same major number are API and ABI compatible. -If the major number changes then API and ABI compatibility is not guaranteed. +If the major number changes then API and ABI compatibility is not guaranteed. For more information, see L. @@ -409,7 +424,7 @@ This may mean result in an error in L rather than during L. -To disable this check use EVP_PKEY_derive_set_peer_ex(dh, peer, 0). +To disable this check use EVP_PKEY_derive_set_peer_ex(dh, peer, 0). =head4 The print format has cosmetic changes for some functions @@ -451,6 +466,11 @@ EVP_PKEY_CTX_set_ec_paramgen_curve_nid() this function call will not fail but later keygen operations with the EVP_PKEY_CTX will fail. +=head4 Removal of function code from the error codes + +The function code part of the error code is now always set to 0. For that +reason the ERR_GET_FUNC() macro was removed. Applications must resolve +the error codes only using the library number and the reason code. =head2 Installation and Compilation @@ -541,14 +561,14 @@ Support for TLSv1.3 has been added. -This has a number of implications for SSL/TLS applications. See the +This has a number of implications for SSL/TLS applications. See the L for further details. =back More details about the breaking changes between OpenSSL versions 1.0.2 and 1.1.0 can be found on the -L. +L. =head3 Upgrading from the OpenSSL 2.0 FIPS Object Module @@ -985,7 +1005,7 @@ Functions that access low-level objects directly such as L are now deprecated. Applications should use one of L, L, l, -L, L or +L, L or L to access fields from an EVP_PKEY. Gettable parameters are listed in L, L, L, @@ -1115,7 +1135,7 @@ usage of these functions is believed to be very small. In particular AES_bi_ige_encrypt() has a known bug. It accepts 2 AES keys, but only one is ever used. The security implications are believed to be minimal, but -this issue was never fixed for backwards compatibility reasons. +this issue was never fixed for backwards compatibility reasons. =item * @@ -1265,7 +1285,7 @@ DES_ede3_cfb_encrypt(),DES_ede3_ofb64_encrypt(), DES_ecb_encrypt(), DES_ecb3_encrypt(), DES_ofb64_encrypt(), DES_ofb_encrypt(), DES_cfb64_encrypt DES_cfb_encrypt(), DES_cbc_encrypt(), DES_ncbc_encrypt(), -DES_pcbc_encrypt(), DES_xcbc_encrypt(), DES_cbc_cksum(), DES_quad_cksum(), +DES_pcbc_encrypt(), DES_xcbc_encrypt(), DES_cbc_cksum(), DES_quad_cksum(), DES_check_key_parity(), DES_is_weak_key(), DES_key_sched(), DES_options(), DES_random_key(), DES_set_key(), DES_set_key_checked(), DES_set_key_unchecked(), DES_set_odd_parity(), DES_string_to_2keys(), DES_string_to_key() @@ -1513,7 +1533,7 @@ See L which handles flags as seperate parameters for B, B, B, -B and +B and B. See also L @@ -1715,7 +1735,7 @@ =item * -EVP_PKEY_encrypt_old(), EVP_PKEY_decrypt_old(), +EVP_PKEY_encrypt_old(), EVP_PKEY_decrypt_old(), Applications should use L and L or L and L instead. @@ -1795,7 +1815,7 @@ i2d_DHparams(), i2d_DHxparams() See L -and L +and L =item * @@ -1804,7 +1824,7 @@ i2d_DSA_PUBKEY_fp(), i2d_DSAPublicKey() See L -and L +and L =item * @@ -1813,7 +1833,7 @@ i2d_EC_PUBKEY_fp(), i2o_ECPublicKey() See L -and L +and L =item * @@ -1822,7 +1842,7 @@ i2d_RSAPublicKey(), i2d_RSAPublicKey_bio(), i2d_RSAPublicKey_fp() See L -and L +and L =item * @@ -2201,7 +2221,7 @@ multiple times to load any providers, such as the 'legacy' provider or third party providers. If used then the 'default' provider would also need to be specified if required. The B<-provider_path> must be specified before the -B<-provider> option. +B<-provider> option. The B app has many new options. See L for more information. diff -Nru openssl-3.0.0/doc/man7/openssl-core.h.pod openssl-3.0.1/doc/man7/openssl-core.h.pod --- openssl-3.0.0/doc/man7/openssl-core.h.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/openssl-core.h.pod 2021-12-14 17:16:25.000000000 +0100 @@ -67,7 +67,7 @@ This type is a structure that allows passing arbitrary object data between two parties that have no or very little shared knowledge about -their respective internal structures for that object. +their respective internal structures for that object. It's normally passed in arrays, where the array is terminated with an element where all fields are zero (for non-pointers) or NULL (for pointers). diff -Nru openssl-3.0.0/doc/man7/openssl-env.pod openssl-3.0.1/doc/man7/openssl-env.pod --- openssl-3.0.0/doc/man7/openssl-env.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/openssl-env.pod 2021-12-14 17:16:25.000000000 +0100 @@ -74,6 +74,19 @@ Additional arguments for the L command. +=item B, B, B, B, B + +OpenSSL supports a number of different algorithm implementations for +various machines and, by default, it determines which to use based on the +processor capabilities and run time feature enquiry. These environment +variables can be used to exert more control over this selection process. +See L, L. + +=item B, B, B + +Specify a proxy hostname. +See L. + =back =head1 COPYRIGHT diff -Nru openssl-3.0.0/doc/man7/openssl-glossary.pod openssl-3.0.1/doc/man7/openssl-glossary.pod --- openssl-3.0.0/doc/man7/openssl-glossary.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/openssl-glossary.pod 2021-12-14 17:16:25.000000000 +0100 @@ -132,7 +132,7 @@ =item Operation -An operation is a group of OpenSSL functions with a common purpose such as +An operation is a group of OpenSSL functions with a common purpose such as encryption, or digesting. L diff -Nru openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod openssl-3.0.1/doc/man7/OSSL_PROVIDER-FIPS.pod --- openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/OSSL_PROVIDER-FIPS.pod 2021-12-14 17:16:25.000000000 +0100 @@ -6,7 +6,7 @@ =head1 DESCRIPTION -The OpenSSL FIPS provider is a special provider that conforms to the Federal +The OpenSSL FIPS provider is a special provider that conforms to the Federal Information Processing Standards (FIPS) specified in FIPS 140-2. This 'module' contains an approved set of cryptographic algorithms that is validated by an accredited testing laboratory. @@ -214,7 +214,7 @@ Known answer test for a signature. -=item "PCT_Signature" (B) +=item "PCT_Signature" (B) Pairwise Consistency check for a signature. diff -Nru openssl-3.0.0/doc/man7/ossl_store.pod openssl-3.0.1/doc/man7/ossl_store.pod --- openssl-3.0.0/doc/man7/ossl_store.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/ossl_store.pod 2021-12-14 17:16:25.000000000 +0100 @@ -58,7 +58,7 @@ * here just one example */ switch (OSSL_STORE_INFO_get_type(info)) { - case OSSL_STORE_INFO_X509: + case OSSL_STORE_INFO_CERT: /* Print the X.509 certificate text */ X509_print_fp(stdout, OSSL_STORE_INFO_get0_CERT(info)); /* Print the X.509 certificate PEM output */ @@ -77,7 +77,7 @@ =head1 COPYRIGHT -Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man7/property.pod openssl-3.0.1/doc/man7/property.pod --- openssl-3.0.0/doc/man7/property.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/property.pod 2021-12-14 17:16:25.000000000 +0100 @@ -41,7 +41,8 @@ A I is a I pair. A I is a sequence of comma separated properties. -There can be any number of properties in a definition. +There can be any number of properties in a definition, however each name must +be unique. For example: "" defines an empty property definition (i.e., no restriction); "my.foo=bar" defines a property named I which has a string value I and "iteration.count=3" defines a property named I which @@ -68,6 +69,7 @@ match counts in favor of the algorithm. More details about that in the B section. A I is a sequence of comma separated property query clauses. +It is an error if a property name appears in more than one query clause. The full syntax for property queries appears below, but the available syntactic features are: @@ -144,7 +146,7 @@ The lexical syntax in EBNF is given by: - Definition ::= PropertyName ( '=' Value )? + Definition ::= PropertyName ( '=' Value )? ( ',' PropertyName ( '=' Value )? )* Query ::= PropertyQuery ( ',' PropertyQuery )* PropertyQuery ::= '-' PropertyName @@ -162,7 +164,7 @@ =head1 COPYRIGHT -Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man7/provider-base.pod openssl-3.0.1/doc/man7/provider-base.pod --- openssl-3.0.0/doc/man7/provider-base.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/provider-base.pod 2021-12-14 17:16:25.000000000 +0100 @@ -42,11 +42,6 @@ */ void *CRYPTO_malloc(size_t num, const char *file, int line); void *CRYPTO_zalloc(size_t num, const char *file, int line); - void *CRYPTO_memdup(const void *str, size_t siz, - const char *file, int line); - char *CRYPTO_strdup(const char *str, const char *file, int line); - char *CRYPTO_strndup(const char *str, size_t s, - const char *file, int line); void CRYPTO_free(void *ptr, const char *file, int line); void CRYPTO_clear_free(void *ptr, size_t num, const char *file, int line); @@ -153,9 +148,6 @@ core_obj_create OSSL_FUNC_CORE_OBJ_CREATE CRYPTO_malloc OSSL_FUNC_CRYPTO_MALLOC CRYPTO_zalloc OSSL_FUNC_CRYPTO_ZALLOC - CRYPTO_memdup OSSL_FUNC_CRYPTO_MEMDUP - CRYPTO_strdup OSSL_FUNC_CRYPTO_STRDUP - CRYPTO_strndup OSSL_FUNC_CRYPTO_STRNDUP CRYPTO_free OSSL_FUNC_CRYPTO_FREE CRYPTO_clear_free OSSL_FUNC_CRYPTO_CLEAR_FREE CRYPTO_realloc OSSL_FUNC_CRYPTO_REALLOC @@ -220,10 +212,14 @@ argument. This may be useful to perform thread specific clean up such as freeing thread local variables. -core_get_libctx() retrieves the library context in which the library +core_get_libctx() retrieves the core context in which the library object for the current provider is stored, accessible through the I. -This may sometimes be useful if the provider wishes to store a -reference to its context in the same library context. +This function is useful only for built-in providers such as the default +provider. Never cast this to OSSL_LIB_CTX in a provider that is not +built-in as the OSSL_LIB_CTX of the library loading the provider might be +a completely different structure than the OSSL_LIB_CTX of the library the +provider is linked to. Use L instead to obtain +a proper library context that is linked to the application library context. core_new_error(), core_set_error_debug() and core_vset_error() are building blocks for reporting an error back to the core, with @@ -285,8 +281,7 @@ failure. This function is not thread safe. -CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_memdup(), CRYPTO_strdup(), -CRYPTO_strndup(), CRYPTO_free(), CRYPTO_clear_free(), +CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_free(), CRYPTO_clear_free(), CRYPTO_realloc(), CRYPTO_clear_realloc(), CRYPTO_secure_malloc(), CRYPTO_secure_zalloc(), CRYPTO_secure_free(), CRYPTO_secure_clear_free(), CRYPTO_secure_allocated(), @@ -443,7 +438,7 @@ This returns 0 if the provider has entered an error state, otherwise it returns 1. -=back +=back provider_gettable_params() should return the above parameters. diff -Nru openssl-3.0.0/doc/man7/provider-keyexch.pod openssl-3.0.1/doc/man7/provider-keyexch.pod --- openssl-3.0.0/doc/man7/provider-keyexch.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/provider-keyexch.pod 2021-12-14 17:16:25.000000000 +0100 @@ -43,7 +43,7 @@ for further information. The key exchange (OSSL_OP_KEYEXCH) operation enables providers to implement key -exchange algorithms and make them available to applications via +exchange algorithms and make them available to applications via L and other related functions). diff -Nru openssl-3.0.0/doc/man7/provider-keymgmt.pod openssl-3.0.1/doc/man7/provider-keymgmt.pod --- openssl-3.0.0/doc/man7/provider-keymgmt.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/provider-keymgmt.pod 2021-12-14 17:16:25.000000000 +0100 @@ -200,12 +200,11 @@ The exact interpretation of those bits or how they combine is left to each function where you can specify a selector. -=for comment One might think that a combination of bits means that all -the selected data subsets must be considered, but then you have to -consider that when comparing key objects (future function), an -implementation might opt to not compare the private key if it has -compared the public key, since a match of one half implies a match of -the other half. +It's left to the provider implementation to decide what is reasonable +to do with regards to received selector bits and how to do it. +Among others, an implementation of OSSL_FUNC_keymgmt_match() might opt +to not compare the private half if it has compared the public half, +since a match of one half implies a match of the other half. =head2 Constructing and Destructing Functions @@ -237,7 +236,7 @@ I in the key object generation context I. OSSL_FUNC_keymgmt_gen_settable_params() should return a constant array of -descriptor B, for parameters that OSSL_FUNC_keymgmt_gen_set_params() +descriptor B, for parameters that OSSL_FUNC_keymgmt_gen_set_params() can handle. OSSL_FUNC_keymgmt_gen() should perform the key object generation itself, and @@ -254,9 +253,10 @@ Outside the provider, this reference is simply an array of bytes. At least one of OSSL_FUNC_keymgmt_new(), OSSL_FUNC_keymgmt_gen() and -OSSL_FUNC_keymgmt_load() are mandatory, as well as OSSL_FUNC_keymgmt_free(). -Additionally, if OSSL_FUNC_keymgmt_gen() is present, OSSL_FUNC_keymgmt_gen_init() -and OSSL_FUNC_keymgmt_gen_cleanup() must be present as well. +OSSL_FUNC_keymgmt_load() are mandatory, as well as OSSL_FUNC_keymgmt_free() and +OSSL_FUNC_keymgmt_has(). Additionally, if OSSL_FUNC_keymgmt_gen() is present, +OSSL_FUNC_keymgmt_gen_init() and OSSL_FUNC_keymgmt_gen_cleanup() must be +present as well. =head2 Key Object Information Functions diff -Nru openssl-3.0.0/doc/man7/provider-signature.pod openssl-3.0.1/doc/man7/provider-signature.pod --- openssl-3.0.0/doc/man7/provider-signature.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/provider-signature.pod 2021-12-14 17:16:25.000000000 +0100 @@ -18,7 +18,7 @@ */ /* Context management */ - void *OSSL_FUNC_signature_newctx(void *provctx); + void *OSSL_FUNC_signature_newctx(void *provctx, const char *propq); void OSSL_FUNC_signature_freectx(void *ctx); void *OSSL_FUNC_signature_dupctx(void *ctx); @@ -104,7 +104,7 @@ B. For example, the "function" OSSL_FUNC_signature_newctx() has these: - typedef void *(OSSL_FUNC_signature_newctx_fn)(void *provctx); + typedef void *(OSSL_FUNC_signature_newctx_fn)(void *provctx, const char *propq); static ossl_inline OSSL_FUNC_signature_newctx_fn OSSL_FUNC_signature_newctx(const OSSL_DISPATCH *opf); @@ -183,7 +183,9 @@ A pointer to this context will be passed back in a number of the other signature operation function calls. The parameter I is the provider context generated during provider -initialisation (see L). +initialisation (see L). The I parameter is a property query +string that may be (optionally) used by the provider during any "fetches" that +it may perform (if it performs any). OSSL_FUNC_signature_freectx() is passed a pointer to the provider side signature context in the I parameter. @@ -371,7 +373,7 @@ calculated signature is invalid. In the normal mode of operation - new random values are chosen until the signature operation succeeds. -By default it retries until a signature is calculated. +By default it retries until a signature is calculated. Setting the value to 0 causes the sign operation to retry, otherwise the sign operation is only tried once and returns whether or not it was successful. diff -Nru openssl-3.0.0/doc/man7/proxy-certificates.pod openssl-3.0.1/doc/man7/proxy-certificates.pod --- openssl-3.0.0/doc/man7/proxy-certificates.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/proxy-certificates.pod 2021-12-14 17:16:25.000000000 +0100 @@ -215,7 +215,7 @@ * bottom. You get the CA root first, followed by the * possible chain of intermediate CAs, followed by the EE * certificate, followed by the possible proxy - * certificates. + * certificates. */ X509 *xs = X509_STORE_CTX_get_current_cert(ctx); @@ -234,7 +234,7 @@ * by pulling them from some database. If there * are none to be found, clear all rights (making * this and any subsequent proxy certificate void - * of any rights). + * of any rights). */ memset(rights->rights, 0, sizeof(rights->rights)); break; @@ -351,7 +351,7 @@ =head1 COPYRIGHT -Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff -Nru openssl-3.0.0/doc/man7/RAND.pod openssl-3.0.1/doc/man7/RAND.pod --- openssl-3.0.0/doc/man7/RAND.pod 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/doc/man7/RAND.pod 2021-12-14 17:16:25.000000000 +0100 @@ -54,7 +54,7 @@ knowledge of cryptographic principles and understand the implications of your changes. -=head1 DEAFULT SETUP +=head1 DEFAULT SETUP The default OpenSSL RAND method is based on the EVP_RAND deterministic random bit generator (DRBG) classes. diff -Nru openssl-3.0.0/engines/e_afalg.c openssl-3.0.1/engines/e_afalg.c --- openssl-3.0.0/engines/e_afalg.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/engines/e_afalg.c 2021-12-14 17:16:25.000000000 +0100 @@ -683,11 +683,8 @@ } actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); - if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) { - ALG_WARN("%s afalg ctx passed\n", - ctx == NULL ? "NULL" : "Uninitialised"); - return 0; - } + if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) + return 1; close(actx->sfd); close(actx->bfd); diff -Nru openssl-3.0.0/engines/e_dasync.c openssl-3.0.1/engines/e_dasync.c --- openssl-3.0.0/engines/e_dasync.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/engines/e_dasync.c 2021-12-14 17:16:25.000000000 +0100 @@ -211,7 +211,8 @@ /* Setup RSA */ ; if ((dasync_rsa_orig = EVP_PKEY_meth_find(EVP_PKEY_RSA)) == NULL - || (dasync_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0)) == NULL) + || (dasync_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, + EVP_PKEY_FLAG_AUTOARGLEN)) == NULL) return 0; EVP_PKEY_meth_set_init(dasync_rsa, dasync_rsa_init); EVP_PKEY_meth_set_cleanup(dasync_rsa, dasync_rsa_cleanup); @@ -267,7 +268,8 @@ || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE - | EVP_CIPH_FLAG_PIPELINE) + | EVP_CIPH_FLAG_PIPELINE + | EVP_CIPH_CUSTOM_COPY) || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, dasync_aes128_init_key) || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, @@ -292,7 +294,8 @@ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_FLAG_AEAD_CIPHER - | EVP_CIPH_FLAG_PIPELINE) + | EVP_CIPH_FLAG_PIPELINE + | EVP_CIPH_CUSTOM_COPY) || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1, dasync_aes128_cbc_hmac_sha1_init_key) || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1, @@ -312,7 +315,10 @@ static void destroy_pkey(void) { - EVP_PKEY_meth_free(dasync_rsa); + /* + * We don't actually need to free the dasync_rsa method since this is + * automatically freed for us by libcrypto. + */ dasync_rsa_orig = NULL; dasync_rsa = NULL; } @@ -576,7 +582,8 @@ /* Cipher helper functions */ static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg, - void *ptr, int aeadcapable) + void *ptr, int aeadcapable, + const EVP_CIPHER *ciph) { int ret; struct dasync_pipeline_ctx *pipe_ctx = @@ -586,6 +593,18 @@ return 0; switch (type) { + case EVP_CTRL_COPY: + { + size_t sz = EVP_CIPHER_impl_ctx_size(ciph); + void *inner_cipher_data = OPENSSL_malloc(sz); + + if (inner_cipher_data == NULL) + return -1; + memcpy(inner_cipher_data, pipe_ctx->inner_cipher_data, sz); + pipe_ctx->inner_cipher_data = inner_cipher_data; + } + break; + case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: pipe_ctx->numpipes = arg; pipe_ctx->outbufs = (unsigned char **)ptr; @@ -740,7 +759,7 @@ static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { - return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 0); + return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 0, EVP_aes_128_cbc()); } static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, @@ -768,7 +787,7 @@ static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { - return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 1); + return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 1, EVP_aes_128_cbc_hmac_sha1()); } static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, @@ -829,7 +848,7 @@ if (pparamgen_init == NULL) EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, &pparamgen_init, NULL); - return pparamgen_init(ctx); + return pparamgen_init != NULL ? pparamgen_init(ctx) : 1; } static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) @@ -838,7 +857,7 @@ if (pparamgen == NULL) EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, NULL, &pparamgen); - return pparamgen(ctx, pkey); + return pparamgen != NULL ? pparamgen(ctx, pkey) : 1; } static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx) @@ -847,7 +866,7 @@ if (pkeygen_init == NULL) EVP_PKEY_meth_get_keygen(dasync_rsa_orig, &pkeygen_init, NULL); - return pkeygen_init(ctx); + return pkeygen_init != NULL ? pkeygen_init(ctx) : 1; } static int dasync_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) @@ -865,7 +884,7 @@ if (pencrypt_init == NULL) EVP_PKEY_meth_get_encrypt(dasync_rsa_orig, &pencrypt_init, NULL); - return pencrypt_init(ctx); + return pencrypt_init != NULL ? pencrypt_init(ctx) : 1; } static int dasync_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, @@ -887,7 +906,7 @@ if (pdecrypt_init == NULL) EVP_PKEY_meth_get_decrypt(dasync_rsa_orig, &pdecrypt_init, NULL); - return pdecrypt_init(ctx); + return pdecrypt_init != NULL ? pdecrypt_init(ctx) : 1; } static int dasync_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, diff -Nru openssl-3.0.0/engines/e_loader_attic.c openssl-3.0.1/engines/e_loader_attic.c --- openssl-3.0.0/engines/e_loader_attic.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/engines/e_loader_attic.c 2021-12-14 17:16:25.000000000 +0100 @@ -1354,8 +1354,8 @@ if (BIO_buffer_peek(bp, peekbuf, sizeof(peekbuf)) <= 0) return 0; - if (!ossl_do_blob_header(&p, sizeof(peekbuf), &magic, &bitlen, - &isdss, &ispub)) + if (ossl_do_blob_header(&p, sizeof(peekbuf), &magic, &bitlen, + &isdss, &ispub) <= 0) return 0; } diff -Nru openssl-3.0.0/engines/e_ossltest.c openssl-3.0.1/engines/e_ossltest.c --- openssl-3.0.0/engines/e_ossltest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/engines/e_ossltest.c 2021-12-14 17:16:25.000000000 +0100 @@ -38,6 +38,7 @@ #include #include #include +#include #include "e_ossltest_err.c" @@ -247,21 +248,39 @@ const int **, int); static int ossltest_cipher_nids[] = { - NID_aes_128_cbc, NID_aes_128_gcm, 0 + NID_aes_128_cbc, NID_aes_128_gcm, + NID_aes_128_cbc_hmac_sha1, 0 }; /* AES128 */ -int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); -int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); +static int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc); +static int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl); +static int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc); +static int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl); static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); +static int ossltest_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, + int enc); +static int ossltest_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + size_t inl); +static int ossltest_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, + int arg, void *ptr); + +typedef struct { + size_t payload_length; /* AAD length in decrypt case */ + unsigned int tls_ver; +} EVP_AES_HMAC_SHA1; static EVP_CIPHER *_hidden_aes_128_cbc = NULL; static const EVP_CIPHER *ossltest_aes_128_cbc(void) @@ -285,6 +304,7 @@ } return _hidden_aes_128_cbc; } + static EVP_CIPHER *_hidden_aes_128_gcm = NULL; #define AES_GCM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \ @@ -315,11 +335,45 @@ return _hidden_aes_128_gcm; } +static EVP_CIPHER *_hidden_aes_128_cbc_hmac_sha1 = NULL; + +static const EVP_CIPHER *ossltest_aes_128_cbc_hmac_sha1(void) +{ + if (_hidden_aes_128_cbc_hmac_sha1 == NULL + && ((_hidden_aes_128_cbc_hmac_sha1 + = EVP_CIPHER_meth_new(NID_aes_128_cbc_hmac_sha1, + 16 /* block size */, + 16 /* key len */)) == NULL + || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc_hmac_sha1,16) + || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc_hmac_sha1, + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | + EVP_CIPH_FLAG_AEAD_CIPHER) + || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1, + ossltest_aes128_cbc_hmac_sha1_init_key) + || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1, + ossltest_aes128_cbc_hmac_sha1_cipher) + || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc_hmac_sha1, + ossltest_aes128_cbc_hmac_sha1_ctrl) + || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_aes_128_cbc_hmac_sha1, + EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv) + || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_aes_128_cbc_hmac_sha1, + EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv) + || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc_hmac_sha1, + sizeof(EVP_AES_HMAC_SHA1)))) { + EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); + _hidden_aes_128_cbc_hmac_sha1 = NULL; + } + return _hidden_aes_128_cbc_hmac_sha1; +} + static void destroy_ciphers(void) { EVP_CIPHER_meth_free(_hidden_aes_128_cbc); EVP_CIPHER_meth_free(_hidden_aes_128_gcm); + EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); _hidden_aes_128_cbc = NULL; + _hidden_aes_128_gcm = NULL; + _hidden_aes_128_cbc_hmac_sha1 = NULL; } /* Key loading */ @@ -490,6 +544,9 @@ case NID_aes_128_gcm: *cipher = ossltest_aes_128_gcm(); break; + case NID_aes_128_cbc_hmac_sha1: + *cipher = ossltest_aes_128_cbc_hmac_sha1(); + break; default: ok = 0; *cipher = NULL; @@ -634,14 +691,15 @@ * AES128 Implementation */ -int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) +static int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc) { return EVP_CIPHER_meth_get_init(EVP_aes_128_cbc()) (ctx, key, iv, enc); } -int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) +static int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) { unsigned char *tmpbuf; int ret; @@ -667,15 +725,15 @@ return ret; } -int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) +static int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc) { return EVP_CIPHER_meth_get_init(EVP_aes_128_gcm()) (ctx, key, iv, enc); } - -int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) +static int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) { unsigned char *tmpbuf = OPENSSL_malloc(inl); @@ -720,6 +778,128 @@ return 1; } +#define NO_PAYLOAD_LENGTH ((size_t)-1) +# define data(ctx) ((EVP_AES_HMAC_SHA1 *)EVP_CIPHER_CTX_get_cipher_data(ctx)) + +static int ossltest_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *inkey, + const unsigned char *iv, + int enc) +{ + EVP_AES_HMAC_SHA1 *key = data(ctx); + key->payload_length = NO_PAYLOAD_LENGTH; + return 1; +} + +static int ossltest_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + size_t len) +{ + EVP_AES_HMAC_SHA1 *key = data(ctx); + unsigned int l; + size_t plen = key->payload_length; + + key->payload_length = NO_PAYLOAD_LENGTH; + + if (len % AES_BLOCK_SIZE) + return 0; + + if (EVP_CIPHER_CTX_is_encrypting(ctx)) { + if (plen == NO_PAYLOAD_LENGTH) + plen = len; + else if (len != + ((plen + SHA_DIGEST_LENGTH + + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)) + return 0; + + memmove(out, in, plen); + + if (plen != len) { /* "TLS" mode of operation */ + /* calculate HMAC and append it to payload */ + fill_known_data(out + plen, SHA_DIGEST_LENGTH); + + /* pad the payload|hmac */ + plen += SHA_DIGEST_LENGTH; + for (l = len - plen - 1; plen < len; plen++) + out[plen] = l; + } + } else { + /* decrypt HMAC|padding at once */ + memmove(out, in, len); + + if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */ + unsigned int maxpad, pad; + + if (key->tls_ver >= TLS1_1_VERSION) { + if (len < (AES_BLOCK_SIZE + SHA_DIGEST_LENGTH + 1)) + return 0; + + /* omit explicit iv */ + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; + len -= AES_BLOCK_SIZE; + } else if (len < (SHA_DIGEST_LENGTH + 1)) + return 0; + + /* figure out payload length */ + pad = out[len - 1]; + maxpad = len - (SHA_DIGEST_LENGTH + 1); + if (pad > maxpad) + return 0; + for (plen = len - pad - 1; plen < len; plen++) + if (out[plen] != pad) + return 0; + } + } + + return 1; +} + +static int ossltest_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, + int arg, void *ptr) +{ + EVP_AES_HMAC_SHA1 *key = data(ctx); + + switch (type) { + case EVP_CTRL_AEAD_SET_MAC_KEY: + return 1; + + case EVP_CTRL_AEAD_TLS1_AAD: + { + unsigned char *p = ptr; + unsigned int len; + + if (arg != EVP_AEAD_TLS1_AAD_LEN) + return -1; + + len = p[arg - 2] << 8 | p[arg - 1]; + key->tls_ver = p[arg - 4] << 8 | p[arg - 3]; + + if (EVP_CIPHER_CTX_is_encrypting(ctx)) { + key->payload_length = len; + if (key->tls_ver >= TLS1_1_VERSION) { + if (len < AES_BLOCK_SIZE) + return 0; + len -= AES_BLOCK_SIZE; + p[arg - 2] = len >> 8; + p[arg - 1] = len; + } + + return (int)(((len + SHA_DIGEST_LENGTH + + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) + - len); + } else { + key->payload_length = arg; + + return SHA_DIGEST_LENGTH; + } + } + default: + return -1; + } +} + static int ossltest_rand_bytes(unsigned char *buf, int num) { unsigned char val = 1; diff -Nru openssl-3.0.0/include/crypto/aes_platform.h openssl-3.0.1/include/crypto/aes_platform.h --- openssl-3.0.0/include/crypto/aes_platform.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/include/crypto/aes_platform.h 2021-12-14 17:16:25.000000000 +0100 @@ -100,7 +100,7 @@ # define AES_PMULL_CAPABLE ((OPENSSL_armcap_P & ARMV8_PMULL) && (OPENSSL_armcap_P & ARMV8_AES)) # define AES_GCM_ENC_BYTES 512 # define AES_GCM_DEC_BYTES 512 -# if __ARM_MAX_ARCH__>=8 +# if __ARM_MAX_ARCH__>=8 && defined(__aarch64__) # define AES_gcm_encrypt armv8_aes_gcm_encrypt # define AES_gcm_decrypt armv8_aes_gcm_decrypt # define AES_GCM_ASM(gctx) ((gctx)->ctr==aes_v8_ctr32_encrypt_blocks && \ diff -Nru openssl-3.0.0/include/crypto/evp.h openssl-3.0.1/include/crypto/evp.h --- openssl-3.0.0/include/crypto/evp.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/include/crypto/evp.h 2021-12-14 17:16:25.000000000 +0100 @@ -38,6 +38,7 @@ OSSL_LIB_CTX *libctx; char *propquery; const char *keytype; + /* If |pkey| below is set, this field is always a reference to its keymgmt */ EVP_KEYMGMT *keymgmt; union { @@ -794,6 +795,8 @@ int evp_keymgmt_util_get_deflt_digest_name(EVP_KEYMGMT *keymgmt, void *keydata, char *mdname, size_t mdname_sz); +const char *evp_keymgmt_util_query_operation_name(EVP_KEYMGMT *keymgmt, + int op_id); /* * KEYMGMT provider interface functions diff -Nru openssl-3.0.0/include/crypto/rand.h openssl-3.0.1/include/crypto/rand.h --- openssl-3.0.0/include/crypto/rand.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/include/crypto/rand.h 2021-12-14 17:16:25.000000000 +0100 @@ -24,7 +24,7 @@ # if defined(__APPLE__) && !defined(OPENSSL_NO_APPLE_CRYPTO_RANDOM) # include -# if (defined(__MAC_OS_X_VERSION_MIN_REQUIRED) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101000) || \ +# if (defined(__MAC_OS_X_VERSION_MIN_REQUIRED) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200) || \ (defined(__IPHONE_OS_VERSION_MIN_REQUIRED) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 80000) # define OPENSSL_APPLE_CRYPTO_RANDOM 1 # include diff -Nru openssl-3.0.0/include/internal/core.h openssl-3.0.1/include/internal/core.h --- openssl-3.0.0/include/internal/core.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/include/internal/core.h 2021-12-14 17:16:25.000000000 +0100 @@ -31,7 +31,7 @@ /* Get a temporary store */ void *(*get_tmp_store)(void *data); /* Get an already existing method from a store */ - void *(*get)(void *store, void *data); + void *(*get)(void *store, const OSSL_PROVIDER **prov, void *data); /* Store a method in a store */ int (*put)(void *store, void *method, const OSSL_PROVIDER *prov, const char *name, const char *propdef, void *data); @@ -43,7 +43,7 @@ } OSSL_METHOD_CONSTRUCT_METHOD; void *ossl_method_construct(OSSL_LIB_CTX *ctx, int operation_id, - int force_cache, + OSSL_PROVIDER **provider_rw, int force_cache, OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data); void ossl_algorithm_do_all(OSSL_LIB_CTX *libctx, int operation_id, diff -Nru openssl-3.0.0/include/internal/passphrase.h openssl-3.0.1/include/internal/passphrase.h --- openssl-3.0.0/include/internal/passphrase.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/include/internal/passphrase.h 2021-12-14 17:16:25.000000000 +0100 @@ -114,6 +114,7 @@ */ pem_password_cb ossl_pw_pem_password; +pem_password_cb ossl_pw_pvk_password; /* One callback for encoding (verification prompt) and one for decoding */ OSSL_PASSPHRASE_CALLBACK ossl_pw_passphrase_callback_enc; OSSL_PASSPHRASE_CALLBACK ossl_pw_passphrase_callback_dec; diff -Nru openssl-3.0.0/include/internal/property.h openssl-3.0.1/include/internal/property.h --- openssl-3.0.0/include/internal/property.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/include/internal/property.h 2021-12-14 17:16:25.000000000 +0100 @@ -61,18 +61,19 @@ void ossl_method_store_do_all(OSSL_METHOD_STORE *store, void (*fn)(int id, void *method, void *fnarg), void *fnarg); -int ossl_method_store_fetch(OSSL_METHOD_STORE *store, int nid, - const char *prop_query, void **method); +int ossl_method_store_fetch(OSSL_METHOD_STORE *store, + int nid, const char *prop_query, + const OSSL_PROVIDER **prov, void **method); /* Get the global properties associate with the specified library context */ OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OSSL_LIB_CTX *ctx, int loadconfig); /* property query cache functions */ -int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, int nid, - const char *prop_query, void **result); -int ossl_method_store_cache_set(OSSL_METHOD_STORE *store, int nid, - const char *prop_query, void *result, +int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, OSSL_PROVIDER *prov, + int nid, const char *prop_query, void **result); +int ossl_method_store_cache_set(OSSL_METHOD_STORE *store, OSSL_PROVIDER *prov, + int nid, const char *prop_query, void *result, int (*method_up_ref)(void *), void (*method_destruct)(void *)); diff -Nru openssl-3.0.0/include/internal/provider.h openssl-3.0.1/include/internal/provider.h --- openssl-3.0.0/include/internal/provider.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/include/internal/provider.h 2021-12-14 17:16:25.000000000 +0100 @@ -57,7 +57,7 @@ * If the Provider is a module, the module will be loaded */ int ossl_provider_activate(OSSL_PROVIDER *prov, int upcalls, int aschild); -int ossl_provider_deactivate(OSSL_PROVIDER *prov); +int ossl_provider_deactivate(OSSL_PROVIDER *prov, int removechildren); int ossl_provider_add_to_store(OSSL_PROVIDER *prov, OSSL_PROVIDER **actualprov, int retain_fallbacks); @@ -108,6 +108,7 @@ int ossl_provider_init_as_child(OSSL_LIB_CTX *ctx, const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH *in); +void ossl_provider_deinit_child(OSSL_LIB_CTX *ctx); # ifdef __cplusplus } diff -Nru openssl-3.0.0/include/openssl/core.h openssl-3.0.1/include/openssl/core.h --- openssl-3.0.0/include/openssl/core.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/include/openssl/core.h 2021-12-14 17:16:25.000000000 +0100 @@ -195,7 +195,7 @@ # pragma names save # pragma names uppercase,truncated # endif -extern OSSL_provider_init_fn OSSL_provider_init; +OPENSSL_EXPORT OSSL_provider_init_fn OSSL_provider_init; # ifdef __VMS # pragma names restore # endif diff -Nru openssl-3.0.0/include/openssl/cryptoerr.h openssl-3.0.1/include/openssl/cryptoerr.h --- openssl-3.0.0/include/openssl/cryptoerr.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/include/openssl/cryptoerr.h 2021-12-14 17:16:25.000000000 +0100 @@ -28,6 +28,7 @@ # define CRYPTO_R_INSUFFICIENT_DATA_SPACE 106 # define CRYPTO_R_INSUFFICIENT_PARAM_SIZE 107 # define CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE 108 +# define CRYPTO_R_INVALID_NEGATIVE_VALUE 122 # define CRYPTO_R_INVALID_NULL_ARGUMENT 109 # define CRYPTO_R_INVALID_OSSL_PARAM_TYPE 110 # define CRYPTO_R_ODD_NUMBER_OF_DIGITS 103 diff -Nru openssl-3.0.0/include/openssl/httperr.h openssl-3.0.1/include/openssl/httperr.h --- openssl-3.0.0/include/openssl/httperr.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/include/openssl/httperr.h 2021-12-14 17:16:25.000000000 +0100 @@ -44,6 +44,7 @@ # define HTTP_R_REDIRECTION_NOT_ENABLED 116 # define HTTP_R_RESPONSE_LINE_TOO_LONG 113 # define HTTP_R_RESPONSE_PARSE_ERROR 104 +# define HTTP_R_RETRY_TIMEOUT 129 # define HTTP_R_SERVER_CANCELED_CONNECTION 127 # define HTTP_R_SOCK_NOT_SUPPORTED 122 # define HTTP_R_STATUS_CODE_UNSUPPORTED 114 diff -Nru openssl-3.0.0/include/openssl/macros.h openssl-3.0.1/include/openssl/macros.h --- openssl-3.0.0/include/openssl/macros.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/include/openssl/macros.h 2021-12-14 17:16:25.000000000 +0100 @@ -20,7 +20,7 @@ # define OPENSSL_MSTR(x) OPENSSL_MSTR_HELPER(x) /* - * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers + * Sometimes OPENSSL_NO_xxx ends up with an empty file and some compilers * don't like that. This will hopefully silence them. */ # define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy; diff -Nru openssl-3.0.0/NEWS.md openssl-3.0.1/NEWS.md --- openssl-3.0.0/NEWS.md 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/NEWS.md 2021-12-14 17:16:25.000000000 +0100 @@ -18,6 +18,13 @@ OpenSSL 3.0 ----------- +### Major changes between OpenSSL 3.0.0 and OpenSSL 3.0.1 [14 Dec 2021] + + * Fixed invalid handling of X509_verify_cert() internal errors in libssl + ([CVE-2021-4044]) + * Allow fetching an operation from the provider that owns an unexportable key + as a fallback if that is still allowed by the property query. + ### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0 [7 sep 2021] * Enhanced 'openssl list' with many new options. diff -Nru openssl-3.0.0/NOTES-VALGRIND.md openssl-3.0.1/NOTES-VALGRIND.md --- openssl-3.0.0/NOTES-VALGRIND.md 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/NOTES-VALGRIND.md 2021-12-14 17:16:25.000000000 +0100 @@ -16,7 +16,7 @@ See 2. Valgrind installed on the platform See -3. OpensSSL compiled +3. OpenSSL compiled See [INSTALL.md](INSTALL.md) Running Tests diff -Nru openssl-3.0.0/providers/common/provider_util.c openssl-3.0.1/providers/common/provider_util.c --- openssl-3.0.0/providers/common/provider_util.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/common/provider_util.c 2021-12-14 17:16:25.000000000 +0100 @@ -16,6 +16,7 @@ #include #ifndef FIPS_MODULE # include +# include "crypto/evp.h" #endif #include "prov/provider_util.h" #include "internal/nelem.h" @@ -25,6 +26,9 @@ EVP_CIPHER_free(pc->alloc_cipher); pc->alloc_cipher = NULL; pc->cipher = NULL; +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + ENGINE_finish(pc->engine); +#endif pc->engine = NULL; } @@ -32,6 +36,12 @@ { if (src->alloc_cipher != NULL && !EVP_CIPHER_up_ref(src->alloc_cipher)) return 0; +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + if (src->engine != NULL && !ENGINE_init(src->engine)) { + EVP_CIPHER_free(src->alloc_cipher); + return 0; + } +#endif dst->engine = src->engine; dst->cipher = src->cipher; dst->alloc_cipher = src->alloc_cipher; @@ -51,6 +61,9 @@ *propquery = p->data; } +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + ENGINE_finish(*engine); +#endif *engine = NULL; /* Inside the FIPS module, we don't support legacy ciphers */ #if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) @@ -58,10 +71,18 @@ if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) return 0; - ENGINE_finish(*engine); + /* Get a structural reference */ *engine = ENGINE_by_id(p->data); if (*engine == NULL) return 0; + /* Get a functional reference */ + if (!ENGINE_init(*engine)) { + ENGINE_free(*engine); + *engine = NULL; + return 0; + } + /* Free the structural reference */ + ENGINE_free(*engine); } #endif return 1; @@ -90,8 +111,14 @@ ERR_set_mark(); pc->cipher = pc->alloc_cipher = EVP_CIPHER_fetch(ctx, p->data, propquery); #ifndef FIPS_MODULE /* Inside the FIPS module, we don't support legacy ciphers */ - if (pc->cipher == NULL) - pc->cipher = EVP_get_cipherbyname(p->data); + if (pc->cipher == NULL) { + const EVP_CIPHER *cipher; + + cipher = EVP_get_cipherbyname(p->data); + /* Do not use global EVP_CIPHERs */ + if (cipher != NULL && cipher->origin != EVP_ORIG_GLOBAL) + pc->cipher = cipher; + } #endif if (pc->cipher != NULL) ERR_pop_to_mark(); @@ -115,6 +142,9 @@ EVP_MD_free(pd->alloc_md); pd->alloc_md = NULL; pd->md = NULL; +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + ENGINE_finish(pd->engine); +#endif pd->engine = NULL; } @@ -122,6 +152,12 @@ { if (src->alloc_md != NULL && !EVP_MD_up_ref(src->alloc_md)) return 0; +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + if (src->engine != NULL && !ENGINE_init(src->engine)) { + EVP_MD_free(src->alloc_md); + return 0; + } +#endif dst->engine = src->engine; dst->md = src->md; dst->alloc_md = src->alloc_md; @@ -159,8 +195,14 @@ ERR_set_mark(); ossl_prov_digest_fetch(pd, ctx, p->data, propquery); #ifndef FIPS_MODULE /* Inside the FIPS module, we don't support legacy digests */ - if (pd->md == NULL) - pd->md = EVP_get_digestbyname(p->data); + if (pd->md == NULL) { + const EVP_MD *md; + + md = EVP_get_digestbyname(p->data); + /* Do not use global EVP_MDs */ + if (md != NULL && md->origin != EVP_ORIG_GLOBAL) + pd->md = md; + } #endif if (pd->md != NULL) ERR_pop_to_mark(); diff -Nru openssl-3.0.0/providers/defltprov.c openssl-3.0.1/providers/defltprov.c --- openssl-3.0.0/providers/defltprov.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/defltprov.c 2021-12-14 17:16:25.000000000 +0100 @@ -148,6 +148,7 @@ { PROV_NAMES_MD5_SHA1, "provider=default", ossl_md5_sha1_functions }, #endif /* OPENSSL_NO_MD5 */ + { PROV_NAMES_NULL, "provider=default", ossl_nullmd_functions }, { NULL, NULL, NULL } }; diff -Nru openssl-3.0.0/providers/fips/self_test_kats.c openssl-3.0.1/providers/fips/self_test_kats.c --- openssl-3.0.0/providers/fips/self_test_kats.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/fips/self_test_kats.c 2021-12-14 17:16:25.000000000 +0100 @@ -446,7 +446,7 @@ EVP_PKEY *pkey = NULL; unsigned char sig[256]; BN_CTX *bnctx = NULL; - size_t siglen = 0; + size_t siglen = sizeof(sig); static const unsigned char dgst[] = { 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81, 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28, diff -Nru openssl-3.0.0/providers/fips.checksum openssl-3.0.1/providers/fips.checksum --- openssl-3.0.0/providers/fips.checksum 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/fips.checksum 2021-12-14 17:16:25.000000000 +0100 @@ -1 +1 @@ -bbbd640470428086f7a658e7020fa73149e276e594412a83347ca1782c0e0486 providers/fips-sources.checksums +a59d74b7f6b55bd9d58d55876562fdd00d28dbb3c942ae80ccea859da4624f1d providers/fips-sources.checksums diff -Nru openssl-3.0.0/providers/fips-sources.checksums openssl-3.0.1/providers/fips-sources.checksums --- openssl-3.0.0/providers/fips-sources.checksums 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/fips-sources.checksums 2021-12-14 17:16:25.000000000 +0100 @@ -39,7 +39,7 @@ 199b9b100f194a2a128c14f2a71be5a04d50d069666d90ca5b69baee1318ccb7 crypto/bn/asm/ia64-mont.pl a511aafbf76647a0c83705d4491c898a5584d300aa449fa6166c8803372946eb crypto/bn/asm/ia64.S 687c5d6606fdfd0e242005972d15db74a9cbac2b8a9a54a56fcb1e99d3880ff3 crypto/bn/asm/mips-mont.pl -eb240c1f72063048abe026ab7fab340361a329d5cd355276a25950be446cc091 crypto/bn/asm/mips.pl +8aca83d2ec45a40af15e59cff1ac2dc33737a3d25f0a0b74d401fa778a5c5eb8 crypto/bn/asm/mips.pl b27ec5181e387e812925bb26823b830f49d7a6e4971b6d11ea583f5632a1504b crypto/bn/asm/parisc-mont.pl 9973523b361db963eea4938a7a8a3adc692e1a4e1aec4fa1f1e57dc93da37921 crypto/bn/asm/ppc-mont.pl 59cd27e1e10c4984b7fb684b27f491e7634473b1bcff197a07e0ca653124aa9a crypto/bn/asm/ppc.pl @@ -79,7 +79,7 @@ 4d6cc7ed36978247a191df1eea0120f8ee97b639ba228793dabe5a8355a1a609 crypto/bn/bn_gf2m.c 081e8a6abc23599307dab3b1a92113a65e0bf8717cbc40c970c7469350bc4581 crypto/bn/bn_intern.c 602ed46fbfe12c899dfb7d9d99ff0dbfff96b454fce3cd02817f3e2488dd9192 crypto/bn/bn_kron.c -7e8f6e8bfc0958fc73d163f8139194a71385d98868e6ed51f4d52198b0649acf crypto/bn/bn_lib.c +b33295765dc6d3843e3571007e2d6dbe75564645ebf181191a91464706d9fadb crypto/bn/bn_lib.c 64bce599181c45d999f0c5bda9ce36b2820f0e91ec6590cc8cba77e2760f8287 crypto/bn/bn_local.h 07247dc2ccc55f3be525baed92fd20031bbaa80fd0bc56155e80ee0da3fc943d crypto/bn/bn_mod.c 4f8763847752d570ef95dc0d06e51240829ab55c3529301214d3c2b613c6a18b crypto/bn/bn_mont.c @@ -88,22 +88,22 @@ 40d04d1bc722bef0d6392e8a9061af8305552f955478fa782230a0b8bf2288b5 crypto/bn/bn_nist.c 0d85203a3bd9ba7ebf711885cfb621eefb27002f5cb4ef2adfe4f49c7dd7b4a6 crypto/bn/bn_prime.c c56ad3073108a0de21c5820a48beae2bccdbf5aa8075ec21738878222eb9adc3 crypto/bn/bn_prime.h -3a0f76ec95802d15d0f7b299e36a3aed2c96414363c20a74a4ad2c410be600dc crypto/bn/bn_rand.c +18779263932eb2bf50728b9758fc83b1e721a1d22aa75d6443c80591ccd9bb79 crypto/bn/bn_rand.c 1f6e13da1d9965b341f81bc0842a987a7db9b7de0fa7f7040d49be01b92d282b crypto/bn/bn_recp.c -b180881a08942e99e9a6b7714b98e8ce3d7958e1e0be8524966ad859c6d2be39 crypto/bn/bn_rsa_fips186_4.c +9d8c10645db51c3baedf57d5f0f32b67fc7eba223c192bc1ae7d87af40307e59 crypto/bn/bn_rsa_fips186_4.c 704b0b4723e5c9e9bae5f3e35f9ae8ae8dca3383929e954de9e5169845abfdb2 crypto/bn/bn_shift.c 622e90766b29e0d25f46474429aebda8eba2246835b9e85dc26da7cdbd49334f crypto/bn/bn_sqr.c 8e397a44eefa00ecb85fafc11fe8c883b3bb1572d6ac136373946d472fbe2490 crypto/bn/bn_sqrt.c 24e62baa56e02f2db6454e10168b7c7fa7638db9221b9acda1803d43f38f36e0 crypto/bn/bn_word.c 3a85d20f80c4d96b3704e58b173fc876ec81f19eac805ae2b125c138c91c86c4 crypto/bn/rsaz_exp.c affabb87861653b216e746d6c2fce5c2ac395b0ca570d439508e9f5e102ee340 crypto/bn/rsaz_exp.h -35d5b375e857743403762f759d43a48416652554636e6700d84372cd9ee1b731 crypto/bn/rsaz_exp_x2.c +e18b943bfc1623597d6233421c358f3453bb0f026f28ae11cfd3b3c484c0bc4b crypto/bn/rsaz_exp_x2.c 834db8ff36006e5cb53e09ca6c44290124bd23692f4341ea6563b66fcade4cea crypto/bsearch.c c39334b70e1394e43f378ae8d31b6e6dc125e4d9181e6536d38e649c4eaadb75 crypto/buffer/buffer.c -490681100f1cbaf629a7cc89f1785689d7ecef8791af4b8aae1e26da86de1b98 crypto/cmac/cmac.c +23d46ae37a8d9452c0c88418d2cb8350153f8c2c6060234130a2e429da2370e0 crypto/cmac/cmac.c b352903e60908dc7287051983e2068508715b4d9f3f46575540295010908bfa0 crypto/context.c -018a6c130a15cbcd6ed40b4253eacfba42f02e958d06d6a3d77d3c2ee506f7d0 crypto/core_algorithm.c -0b27e62cf5e635c2e8cfeb478d716640dd38fa38aca695861439b30e247dd2d6 crypto/core_fetch.c +83b8912fb01bacfe0b5269c7afa69db7e1718530cce1ed27870abef1407951d6 crypto/core_algorithm.c +60321d1af7bf9697d969438f6b319fbcb4fdc1a47a0b056d02b971973a8550ca crypto/core_fetch.c 4982395fa843f62c83b95f81e1f5622d799a2fe17108bde44cdab935b77e8ae1 crypto/core_namemap.c 469e2f53b5f76cd487a60d3d4c44c8fc3a6c4d08405597ba664661ba485508d3 crypto/cpuid.c 71f0fff881eb4c5505fb17662f0ea4bbff24c6858c045a013ad8f786b07da5c4 crypto/cryptlib.c @@ -114,7 +114,7 @@ eeef5722ad56bf1af2ff71681bcc8b8525bc7077e973c98cee920ce9bcc66c81 crypto/des/ecb3_enc.c 04d4cc355200b57f1e7d265a2cebdf094df1eb6e96621b533adddc3d60d31fbe crypto/des/fcrypt_b.c 499513b3ad386fe694c4e04b3c8a9fd4c4e18fc44bb6c4f94d6bf2d9362a3a5a crypto/des/ncbc_enc.c -5771c2e517df1dfa35e0cc06ce1d9808e3a5ab21110020d4bdf77284fedb41e1 crypto/des/set_key.c +61926e30dd940616e80936d1c94c5f522daf0d475fb3a40a9e589e78f322901e crypto/des/set_key.c 8344811b14d151f6cd40a7bc45c8f4a1106252b119c1d5e6a589a023f39b107d crypto/des/spr.h 0209b1ff430e2c237bf96e2e283c24df4b6708014c5a7005b295c28733d2a8ce crypto/dh/dh_backend.c 832e5a1caf9cb0dacfd937fc59252aaac7c5c1bf0ae1a9ebf3c3af6e59dcf4c0 crypto/dh/dh_check.c @@ -131,7 +131,7 @@ 9e436a2e0867920c3a5ac58bc14300cad4ab2c4c8fe5e40b355dfd21bfdfe146 crypto/dsa/dsa_lib.c f4d52d3897219786c6046bf76abb2f174655c584caa50272bf5d281720df5022 crypto/dsa/dsa_local.h f88db9fd73a78e66967e56df442b55230f405b4cd804f31f8696324f0b702f15 crypto/dsa/dsa_ossl.c -b57b648524bc7dd98f8e2737f4e87b5578c7921df59b1df4a03a34e23e977e8a crypto/dsa/dsa_sign.c +6222aa8f60d7451d974dd87c66995033919f36d7f858cbe609cf731ad1eee34e crypto/dsa/dsa_sign.c 53fa10cc87ac63e35df661882852dc46ae68e6fee83b842f1aeefe00b8900ee1 crypto/dsa/dsa_vrf.c 0a206e4c4de4702808cba7c9304bedb66abcbc33e513bc25574a795cd5fa3db0 crypto/ec/asm/ecp_nistp521-ppc64.pl 78ad06b88fcc8689a3a846b82f9ee01546e5734acd1bccf2494e523b71dc74d1 crypto/ec/asm/ecp_nistz256-armv4.pl @@ -160,7 +160,7 @@ 3052a044afae2e91b677542fc8b34b3ec9d033e0c6562b0d43098cfb34ab3c9d crypto/ec/curve448/word.h ae1637d89287c9d22a34bdc0d67f6e01262a2f8dcef9b61369dba8c334f5a80d crypto/ec/ec2_oct.c 6bbbf570ce31f5b579f7e03ec9f8a774663c7c1eb5e475bd31f8fee94a021ffc crypto/ec/ec2_smpl.c -69d64accd498583e65df2dc43730eee2922217a7bfefda2cd1a9da176e3d1dcd crypto/ec/ec_asn1.c +2a71bd8dbe4f427c117d990581709a4ddce07fa8e530794b5a9574fef7c48a0c crypto/ec/ec_asn1.c c07fa05c6885e59913e2ce345ff52ef9dfb0418842de3affa6163ad3e71f9c1b crypto/ec/ec_backend.c 86e2becf9b3870979e2abefa1bd318e1a31820d275e2b50e03b17fc287abb20a crypto/ec/ec_check.c 265f911b9d4aada326a2d52cd8a589b556935c8b641598dcd36c6f85d29ce655 crypto/ec/ec_curve.c @@ -181,33 +181,33 @@ c016eb9412aad8cd1213a2f5b1083df1a1a9cb734dc6cc19d99e706935c81ef2 crypto/ec/ecp_nistz256.c 51cb98e7e9c241e33261589f0d74103238baaa850e333c61ff1da360e127518a crypto/ec/ecp_oct.c b4b7c683279454ba41438f50a015cb63ef056ccb9be0168918dfbae00313dc68 crypto/ec/ecp_smpl.c -4d9e693c64709a9359ac724a767a85566849373231e314b8d8127b707dd5e83d crypto/ec/ecx_backend.c +2096e13aa2fbcb0d4b10faca3e3f5359cf66098b0397a6d74c6fca14f5dee659 crypto/ec/ecx_backend.c 5ee19c357c318b2948ff5d9118a626a6207af2b2eade7d8536051d4a522668d3 crypto/ec/ecx_backend.h 22c44f561ab42d1bd7fd3a3c538ebaba375a704f98056b035e7949d73963c580 crypto/ec/ecx_key.c -6618159105f23d5b2aa03d806d66f9c7a0b97298fe1e8ec7d503b066d627b31d crypto/evp/asymcipher.c +28abc295dad8888b5482eb61d31cd78dd80545ecb67dc6f9446a36deb8c40a5e crypto/evp/asymcipher.c 0e75a058dcbbb62cfe39fec6c4a85385dc1a8fce794e4278ce6cebb29763b82b crypto/evp/dh_support.c -847e039a249a1f9af42dfc6427de2ad4925f1116f86619dd420cf8cec9d3bbfe crypto/evp/digest.c +e696c10cc2ed2fc5552e659b343af751b9edc3b4dbce1a2108d21e8b10424657 crypto/evp/digest.c 5e2c5d865029ae86855f15e162360d091f28ca0d4c67260700c90aa25faf308b crypto/evp/ec_support.c 37b5e0bdb30a24c925a26f818828fd3b4ab4c1725f84797260556c0f47f2b76d crypto/evp/evp_enc.c -363dda606a23f1cbb6eefc713903bb353b8fc8661dee0e853366c7798f050483 crypto/evp/evp_fetch.c -6e0a2b11440a3cfd80d5539aa6a4b133dbfefc6a646736980dbbd504b3f16ac8 crypto/evp/evp_lib.c -34574e474d3f5daf24981200cae9e24a427d165cd43d8fb738844fa9b0fc991f crypto/evp/evp_local.h +d8162b57e041e83da55efe6f073d156a00b8d7a3b2fb7782b05295f2c0ea3c14 crypto/evp/evp_fetch.c +029df8bb80a2fb45c22765234b9041ffce82735108e0b11580fd3fbd805362dd crypto/evp/evp_lib.c +9ac3d97d756ec008db16dd1952115b551f32b2d0590d9a85e1c87d1c78620257 crypto/evp/evp_local.h e822c16fc4dc30f2c86e8598c721a9ddfe46d318ce78f4e8e883cdcf8b936221 crypto/evp/evp_rand.c 2a128617ec0178e9eeacbe41d75a5530755f41ea524cd124607543cf73456a0c crypto/evp/evp_utils.c -befe4e1ec273973748a9fff49d8510873737ea04d86eac70c2e11bbb0d874ca1 crypto/evp/exchange.c +5496cf34a1643923ff434e4ae16ee203a626b36685e98201dec30547857847d8 crypto/evp/exchange.c a3164e3247e2a38f4f9a20db463779b5260e4e6639ac8eec6e960b265fc8cce5 crypto/evp/kdf_lib.c 1d72f5506984df1df8606e8c7045f041cf517223e2e1b50c4da8ba8bf1c6c186 crypto/evp/kdf_meth.c -f88b3d178f0d5e7bcd250fd2b3d2fabb19f05f3ecc0627c100c5418e9fdd0ade crypto/evp/kem.c -df82657d18fb15d4da3218e33e7326248db509443304889b1dbee5810cbcb78b crypto/evp/keymgmt_lib.c -7b850a8f7e7c5018546541254cd33da479834c47273b5018fdcb8a9ccf77f522 crypto/evp/keymgmt_meth.c +38715a14f202e7d24602e5cc19d2f78abbd9f5fa3dde8d7b2bfded907690e18f crypto/evp/kem.c +787105780e2aa625bfedfbfd7167be16f743883d02a897969695ad8e637298af crypto/evp/keymgmt_lib.c +3d0a2c5fea0d9bb01a09e1eabc041e3bc76ba4ee90bc0af54ef414e7ca3a531f crypto/evp/keymgmt_meth.c e1a052839b8b70dca20dbac1282d61abd1c415bf4fb6afb56b811e8770d8a2e1 crypto/evp/m_sigver.c -f9988dfed6253c30b08a966496f188763671cb72a2fcb25455f65f8d270027cc crypto/evp/mac_lib.c +5b8b0bcd4b720b66ce6bc54090ec333891126bb7f6cce4502daf2333668c3db9 crypto/evp/mac_lib.c e7e8eb5683cd3fbd409df888020dc353b65ac291361829cc4131d5bc86c9fcb3 crypto/evp/mac_meth.c -cd2902a111d200417d04f0422451b3760a67fc21cd1f9ca3b02200dc91b8b916 crypto/evp/p_lib.c +b976077a1f880768f2f0a1c996a53dfdd363605e4977c56fb37e9c1f84f35aa6 crypto/evp/p_lib.c 3b4228b92eebd04616ecc3ee58684095313dd5ffd1b43cf698a7d6c202cb4622 crypto/evp/pmeth_check.c bbce11755bcc5ba2ee8e9c1eb95905447136f614fdc2b0f74cf785fe81ead6a5 crypto/evp/pmeth_gn.c -fdaddf5c4b274d83292a5121d9b0541dce82fb83e59d64d48a93964840421f30 crypto/evp/pmeth_lib.c -c2158cf4f1d149889746665501035f38049dc1cdcea8c61cd377c0c3be6b8a43 crypto/evp/signature.c +76511fba789089a50ef87774817a5482c33633a76a94ecf7b6e8eb915585575d crypto/evp/pmeth_lib.c +f3a5cbbccb1078cf1fafd74c4caa9f30827081832fbe6dfa5579b17ef809776c crypto/evp/signature.c b06cb8fd4bd95aae1f66e1e145269c82169257f1a60ef0f78f80a3d4c5131fac crypto/ex_data.c 00ca3b72cd56308aabb2826b6a400c675526afa7efca052d39c74b2ac6d137d8 crypto/ffc/ffc_backend.c ead786b4f5689ab69d6cca5d49e513e0f90cb558b67e6c5898255f2671f1393d crypto/ffc/ffc_dh.c @@ -245,18 +245,18 @@ 608a04f387be2a509b4d4ad414b7015ab833e56b85020e692e193160f36883a2 crypto/modes/xts128.c ca8f63ee71797f51c2bf5629190897306b3308882feb3d64c982239f18e8b738 crypto/o_str.c 7b8d9f5dfe00460df5fbcfd4a5f2f36128020ebd2ced85ff5071b91f98740b2e crypto/packet.c -e30c9e30e4356621236136caf001ee60d51aac492a5bf0fb7f1022b973aec425 crypto/param_build.c +cc4483ec9ba7a30908e3a433a6817e2f211d4c1f69c206e6bae24bbd39a68281 crypto/param_build.c c2fe815fb3fd5efe9a6544cae55f9469063a0f6fb728361737b927f6182ae0bb crypto/param_build_set.c 02dfeb286c85567bb1b6323a53c089ba66447db97695cc78eceb6677fbc76bf9 crypto/params.c 4f2a8c9acf5898fdc1e4bf98813049947221cd9a1db04faaa490250591f54cb4 crypto/params_dup.c -d0f6af3e89a693f0327e1bf073666cbec6786220ef3b3688ef0be9539d5ab6bf crypto/params_from_text.c +a0097ff2da8955fe15ba204cb54f3fd48a06f846e2b9826f507b26acf65715c3 crypto/params_from_text.c 2140778d5f35e503e22b173736e18ff84406f6657463e8ff9e7b91a78aa686d3 crypto/property/defn_cache.c -ed7724ac6350afe2ac49498f894259b40176092ebdfeff9e9afa3e28681442fe crypto/property/property.c -726b1102bfffd0b1f18759e6373fc21d491dd001f21a0a4c3d26d6867f39623c crypto/property/property_local.h -5d780fd1a656db32a0292d2692690f69aa1b977646282f4884f17dca861fe681 crypto/property/property_parse.c -43259a466b118d938e4480f4e6f46aaa8eab452f971ff0788e2eb8369ff1b5ec crypto/property/property_query.c +b09bfc2cdde7ab703b54630a67cc8d01ca92af402be246e5a9f82d176abd9442 crypto/property/property.c +a2c69527b60692a8b07cfdfe7e75f654daa092411d5de5e02b446a4ef3752855 crypto/property/property_local.h +c3217b73871d93d81ab9f15e9f1fc37ea609bbe4bbc0c1b84ec62a99c91f6756 crypto/property/property_parse.c +a7cefda6a117550e2c76e0f307565ce1e11640b11ba10c80e469a837fd1212a3 crypto/property/property_query.c 065698c8d88a5facc0cbc02a3bd0c642c94687a8c5dd79901c942138b406067d crypto/property/property_string.c -a065691f37df209ce2ab5ce721e6fc45008e2f00edfbad0ceaa5ef2a0cfee23d crypto/provider_core.c +c56fb722699e1148dc392bad8069292e6521e7498c8aa9572661af118ff59e16 crypto/provider_core.c d0af10d4091b2032aac1b7db80f8c2e14fa7176592716b25b9437ab6b53c0a89 crypto/provider_local.h 5ba2e1c74ddcd0453d02e32612299d1eef18eff8493a7606c15d0dc3738ad1d9 crypto/provider_predefined.c 5d16318d3a36b06145af74afa3523109768990a33457c81895c7ab8a830654f8 crypto/rand/rand_lib.c @@ -333,10 +333,10 @@ 7b4efa594d8d1f3ecbf4605cf54f72fb296a3b1d951bdc69e415aaa08f34e5c8 crypto/threads_lib.c a41ae93a755e2ec89b3cb5b4932e2b508fdda92ace2e025a2650a6da0e9e972c crypto/threads_none.c ebb210a22c280839853920bee245eb769c713ab99cb35a468ed2b1df0d112a7f crypto/threads_pthread.c -60bdd9213c67c4d9a287cb57517eca63913c134ef57fcb102b641eb56ddce19a crypto/threads_win.c +68e1cdeb948d3a106b5a27b76bcddbae6bb053b2bdc4a21a1fec9797a00cd904 crypto/threads_win.c fd6c27cf7c6b5449b17f2b725f4203c4c10207f1973db09fd41571efe5de08fd crypto/x86_64cpuid.pl d13560a5f8a66d7b956d54cd6bf24eade529d686992d243bfb312376a57b475e e_os.h -4dab31beb4bbd9275a914839f590eaa328cc8ddec3561acd3e6fae0606758b32 include/crypto/aes_platform.h +6f353dc7c8c4d8f24f7ffbf920668ccb224ebb5810805a7c80d96770cd858005 include/crypto/aes_platform.h 8c6f308c1ca774e6127e325c3b80511dbcdc99631f032694d8db53a5c02364ee include/crypto/asn1_dsa.h 8ce1b35c6924555ef316c7c51d6c27656869e6da7f513f45b7a7051579e3e54d include/crypto/bn.h 1c46818354d42bd1b1c4e5fdae9e019814936e775fd8c918ca49959c2a6416df include/crypto/bn_conf.h.in @@ -348,11 +348,11 @@ 7ddd70f02371c7bd190414369d2bbe7c9c6d2de085dfe1e3eab0c4082f803ca1 include/crypto/dsa.h 2ea47c059e84ce9d14cc31f4faf45f64d631de9e2937aa1d7a83de5571c63574 include/crypto/ec.h edbfae8720502a4708983b60eac72aa04f031059f197ada31627cb5e72812858 include/crypto/ecx.h -1930dcf277bba1f458bcb1b74bba2db0fd28a8e047d8ceef5bf6973075167bdd include/crypto/evp.h +782ea27154525789cd49afd36a8056457dfab4ea662481b502363cc0a55ed34e include/crypto/evp.h bbe5e52d84e65449a13e42cd2d6adce59b8ed6e73d6950917aa77dc1f3f5dff6 include/crypto/lhash.h 162812058c69f65a824906193057cd3edeabc22f51a4220aea7cb9064379a9b6 include/crypto/md32_common.h f12bfc145290444bcc7bf408874bded348e742443c145b8b5bc70ae558d96c31 include/crypto/modes.h -11734df47031edd5fd025313ab10d3cfd777920760c023f0bc7019d0653e73df include/crypto/rand.h +0e4472433ca4008aa4fc9234761be70f323a22a4519bb9d62728dc001d606f04 include/crypto/rand.h 90930fc8788d6e04e57829346e0405293ac7a678c3cef23d0692c742e9586d09 include/crypto/rand_pool.h bd5ce686c97a8a3a0e3d7ca1e4f16706fd51df5da9673169303a4428d62da233 include/crypto/rsa.h 32f0149ab1d82fddbdfbbc44e3078b4a4cc6936d35187e0f8d02cc0bc19f2401 include/crypto/security_bits.h @@ -361,7 +361,7 @@ 5bfeea62d21b7cb43d9a819c5cd2800f02ea019687a8331abf313d615889ad37 include/crypto/types.h a1778b610a244f49317a09e1e6c78b5fb68bc6d003ffdea0f6eefe5733ee5b5f include/internal/bio.h 92aacb3e49288f91b44f97e41933e88fe455706e1dd21a365683c2ab545db131 include/internal/constant_time.h -28195bbbe81d831792f07485287fd3ac400e03f1f1733a19e3f7115c0f1828f6 include/internal/core.h +71ddae419297069056065ab71f32fe88b09ddbe4db2200a759fedd8ad4349628 include/internal/core.h d7ddeab97434a21cb2cad1935a3cb130f6cd0b3c75322463d431c5eab3ab1ae1 include/internal/cryptlib.h 9571cfd3d5666749084b354a6d65adee443deeb5713a58c098c7b03bc69dbc63 include/internal/deprecated.h 8a2371f964cbb7fc3916583d2a4cee5c56f98595dfa30bd60c71637811a6d9da include/internal/der.h @@ -374,9 +374,9 @@ ae41a2fb41bf592bbb47e4855cf4efd9ef85fc11f910a7e195ceef78fb4321dc include/internal/numbers.h ea1bec4f1fff37aef8d4a62745bb451baa3e3ad20ba1bc68920a24f5cbb2f0a7 include/internal/packet.h dd7ddecf30bef3002313e6b776ce34d660931e783b2f6edacf64c7c6e729e688 include/internal/param_build_set.h -d10417cb2dc5b9f04d98decc641ffcfd2efd3a23fbf4d7fcf69941812d62487a include/internal/property.h +0cee1d5908e8e262b88554e71a0a52fa3a8c2a30a9bf782bdf2b89364840bde6 include/internal/property.h 727326afb3d33fdffdf26471e313f27892708318c0934089369e4b28267e2635 include/internal/propertyerr.h -772a7a733103ead30439959f8d06e904af53d738021ff752b234fdded393521a include/internal/provider.h +94e90e25183c244b20c344885d2b8386a85475afaa3e7885a84bc64566558f26 include/internal/provider.h 5af9a40c44def13576fe2c0eb082fb73c3565c5e00f902d51b1ed1593d481ccb include/internal/refcount.h 11ee9893f7774c83fcfdee6e0ca593af3d28b779107883553facdbfdae3a68f5 include/internal/sha3.h 494ab5c802716bf38032986674fb094dde927a21752fe395d82e6044d81801d1 include/internal/sizes.h @@ -399,11 +399,11 @@ f20c3c845129a129f5e0b1dae970d86a5c96ab49f2e3f6f364734521e9e1abe3 include/openssl/conferr.h 02a1baff7b71a298419c6c5dcb43eaa9cc13e9beeb88c03fb14854b4e84e8862 include/openssl/configuration.h.in 6b3810dac6c9d6f5ee36a10ad6d895a5e4553afdfb9641ce9b7dc5db7eef30b7 include/openssl/conftypes.h -792488b5d6bb87a5138322d7a6ae011faa279918321af62e76fa018e1a991c93 include/openssl/core.h +df5e60af861665675e4a00d40d15e36884f940e3379c7b45c9f717eaf1942697 include/openssl/core.h 00110e80b9b4f621c604ea99f05e7a75d3db4721fc2779224e6fa7e52f06e345 include/openssl/core_dispatch.h cbd9d7855ca3ba4240207fc025c22bbfef7411116446ff63511e336a0559bed0 include/openssl/core_names.h d165f5c61bfe17ba366a3ba94afb30d3c8ce6b21e9cff59a15f3622f2654ae49 include/openssl/crypto.h.in -06e9f521a6e98e104cdf37260ce967d928e25d424e0013f1feb3ff4da18eaec0 include/openssl/cryptoerr.h +1d1697bd3e35920ff9eaec23c29472d727a7fc4d108150957f41f6f5ecf80f1a include/openssl/cryptoerr.h bbc82260cbcadd406091f39b9e3b5ea63146d9a4822623ead16fa12c43ab9fc6 include/openssl/cryptoerr_legacy.h fa3e6b6c2e6222424b9cd7005e3c5499a2334c831cd5d6a29256ce945be8cb1d include/openssl/des.h 3a57eceec58ab781d79cb0458c2251a233f45ba0ef8f414d148c55ac2dff1bc8 include/openssl/dh.h @@ -486,7 +486,7 @@ fdbaf748044ce54f13e673b92db876e32436e4d5644f443cc43d063112a89676 providers/fips/self_test.c f822a03138e8b83ccaa910b89d72f31691da6778bf6638181f993ec7ae1167e3 providers/fips/self_test.h 7a23cc81ca7542325634891d1982c70e68a27914b088a51ca60249d54031bfc2 providers/fips/self_test_data.inc -85c068c86363777941e226a37b3cba23c78f963eda2bd848f66af4a7eedc0e21 providers/fips/self_test_kats.c +2f4f23ebc2c7ed5ef71c98ca71f06b639112a1dea04784c46af58083482c150f providers/fips/self_test_kats.c f054b24ea53ad5db41dd7f37f20f42166ed68b832121a94858cb0173b1aaeb1d providers/implementations/asymciphers/rsa_enc.c 4db1826ecce8b60cb641bcd7a61430ec8cef73d2fe3cbc06aa33526afe1c954a providers/implementations/ciphers/cipher_aes.c f9d4b30e7110c90064b990c07430bb79061f4436b06ccaa981b25c306cfbfaa2 providers/implementations/ciphers/cipher_aes.h @@ -538,45 +538,45 @@ 6dc876a1a785420e84210f085be6e4c7aca407ffb5433dbca4cd3f1c11bb7f06 providers/implementations/include/prov/ciphercommon_aead.h dd07797d61988fd4124cfb920616df672938da80649fac5977bfd061c981edc5 providers/implementations/include/prov/ciphercommon_ccm.h 0c1e99d70155402a790e4de65923228c8df8ad970741caccfe8b513837457d7f providers/implementations/include/prov/ciphercommon_gcm.h -79a5ed6e4a97431233c56eede9d9c9eec27598fff53590c627ea40bd5b871fd5 providers/implementations/include/prov/digestcommon.h -c47c960398bad27844f837e68d19df3912e2c9497362789b3d5c858ca4f9242b providers/implementations/include/prov/implementations.h +b9a61ce951c1904d8315b1bb26c0ab0aaadb47e71d4ead5df0a891608c728c4b providers/implementations/include/prov/digestcommon.h +f7017afcde9e5477b0542ca0eff31edfbd8a3488b28bfdd66db56c78c72329c6 providers/implementations/include/prov/implementations.h 5f09fc71874b00419d71646714f21ebbdcceda277463b6f77d3d3ea6946914e8 providers/implementations/include/prov/kdfexchange.h c95ce5498e724b9b3d58e3c2f4723e7e3e4beb07f9bea9422e43182cbadb43af providers/implementations/include/prov/macsignature.h 29d1a112b799e1f45fdf8bcee8361c2ed67428c250c1cdf408a9fbb7ebf4cce1 providers/implementations/include/prov/names.h 2187713b446d8b6d24ee986748b941ac3e24292c71e07ff9fb53a33021decdda providers/implementations/include/prov/seeding.h 432e2d5e467a50bd031a6b94b27072f5d66f4fadb6d62c9bfd9453d444c2aedf providers/implementations/kdfs/hkdf.c -b2e971a5a5d91da121db468cd8c8501c154643120dae31bb674e758c6403ad14 providers/implementations/kdfs/kbkdf.c -fb62e76d7d751bf3b4c39157d601aa0a16477bb9335121ec6649ba7176a43f8d providers/implementations/kdfs/pbkdf2.c +06c93b62806819ee51f69c899413fda5be2435d43a70ef467b77a7296cd9528a providers/implementations/kdfs/kbkdf.c +e0644e727aacfea4da3cf2c4d2602d7ef0626ebb760b6467432ffd54d5fbb24d providers/implementations/kdfs/pbkdf2.c c0778565abff112c0c5257329a7750ec4605e62f26cc36851fa1fbee6e03c70c providers/implementations/kdfs/pbkdf2.h abe2b0f3711eaa34846e155cffc9242e4051c45de896f747afd5ac9d87f637dc providers/implementations/kdfs/pbkdf2_fips.c -09efa4d172009398bb9b7256822a32a191bf296297480d1ce3ee6a0fa6eae202 providers/implementations/kdfs/sshkdf.c -5b30c7a7d0b3e6c511aa876cbec3cf206d67899b5f5116b333857877b79555dc providers/implementations/kdfs/sskdf.c +66d30c754c1e16d97a8e989f7f2e89eab59ec40ca3731dea664ba56ec38c4002 providers/implementations/kdfs/sshkdf.c +7c692170729ab1d648564abdbf9bcbba5071f9a81a25fab9eae66899316bcd4a providers/implementations/kdfs/sskdf.c 3c46ec0e14be09a133d709c3a1c3d5ab05a4f1ed5385c3e7a1afb2f0ee47ef7a providers/implementations/kdfs/tls1_prf.c 27bb6ee5e2d00c545635c0c29402b10e74a1831adbc9800c159cbe04f2bfa2f7 providers/implementations/kdfs/x942kdf.c f419a9f6b17cfba1543a3690326188ac8335db66807c58de211a3d69e18f7d4d providers/implementations/kem/rsa_kem.c -b2055b38d436e918a06ccdb095ba888ae4d650f5d57c58cc1ce5f0a367f92852 providers/implementations/keymgmt/dh_kmgmt.c -a06a0c2ff67772da75f2498ec5390a84a9cb221b70974e687e6e48cdf719004d providers/implementations/keymgmt/dsa_kmgmt.c -a388e52f059331a8636c6b73fc7cc03c8d51a585f2a8ae1a5e21bd967db9f9f5 providers/implementations/keymgmt/ec_kmgmt.c +6878218c16d5c9c308a414af67790e11912ced638ba9e64668912ec98ca20d9d providers/implementations/keymgmt/dh_kmgmt.c +4f9e8263d529f619766be73a11223b8a3dfaf46b506c17b44d8a1cd9d2eaee54 providers/implementations/keymgmt/dsa_kmgmt.c +3e2798d299d6571c973fc75468e2ac025b7c893ae2f15f14e057430325622a69 providers/implementations/keymgmt/ec_kmgmt.c 258ae17bb2dd87ed1511a8eb3fe99eed9b77f5c2f757215ff6b3d0e8791fc251 providers/implementations/keymgmt/ec_kmgmt_imexport.inc -75b23aa264e2935794ce5e0420e3815f798c8d6aa82abb1447f0a2c10ce475b5 providers/implementations/keymgmt/ecx_kmgmt.c +085e1cf54941fa1c1e423b4a75b820945a1c05d1c347d4910d9a772b8c9d9f3a providers/implementations/keymgmt/ecx_kmgmt.c 053a2be39a87f50b877ebdbbf799cf5faf8b2de33b04311d819d212ee1ea329b providers/implementations/keymgmt/kdf_legacy_kmgmt.c -bcb51fe05014ade575494b44c55b1a0b3dc404e31ff7acee40bb2f63a8f6712f providers/implementations/keymgmt/mac_legacy_kmgmt.c -464d6f9236351e7dc3b991f5bba142c7aabcf2db3c236367332a9dd0308ddfac providers/implementations/keymgmt/rsa_kmgmt.c +260c560930c5aca61225a40ed49dfbb905f2b1fa50728d1388e946358f9d5e18 providers/implementations/keymgmt/mac_legacy_kmgmt.c +9c16e76419aeb422d189ff7c5bf9a07f37abb54043dd47e48d450d68329de933 providers/implementations/keymgmt/rsa_kmgmt.c 79da66d4b696388d7eab6b2126bccc88908915813d79c4305b8b4d545a500469 providers/implementations/macs/cmac_prov.c 41464d1e640434bb3ff9998f093829d5e2c1963d68033dca7d31e5ab75365fb1 providers/implementations/macs/gmac_prov.c 282c1065f18c87073529ed1bdc2c0b3a1967701728084de6632ddc72c671d209 providers/implementations/macs/hmac_prov.c aa7ba1d39ea4e3347294eb50b4dfcb895ef1a22bd6117d3b076a74e9ff11c242 providers/implementations/macs/kmac_prov.c bf30274dd6b528ae913984775bd8f29c6c48c0ef06d464d0f738217727b7aa5c providers/implementations/rands/crngt.c -f6c4b38dd1c22d562ef8b172218b688070336dc43550f40af01bb2e77eb3ea4d providers/implementations/rands/drbg.c +f8d24c882fda71c117a00bf4e6c7ffb6b88946c16a816249a5a7499dbdff712d providers/implementations/rands/drbg.c b1e7a0b2610aaab5800af7ede0df13a184f4a321a4084652cdb509357c55783b providers/implementations/rands/drbg_ctr.c a05adc3f6d9d6f948e5ead75f0522ed3164cb5b2d301169242f3cb97c4a7fac3 providers/implementations/rands/drbg_hash.c 0876dfae991028c569631938946e458e6829cacf4cfb673d2b144ae50a3160bb providers/implementations/rands/drbg_hmac.c fc43558964bdf12442d3f6ab6cc3e6849f7adb42f4d0123a1279819befcf71cb providers/implementations/rands/drbg_local.h -888a671934abef4225956f9931cff842f245f90660e11f23a55228edca962e16 providers/implementations/rands/test_rng.c -9b9111a1502badf60c5e93603bb8841e62c6541ff82e356fb8c1ca31bd374b0a providers/implementations/signature/dsa_sig.c -bcacc02b7c92a20acf32b3d26b1a8f2bf8d4cab4ef97b91cfaa3e2062a7b839f providers/implementations/signature/ecdsa_sig.c -2f2b974819c29112144c1086e61dd6fd7bd3ebd924376f8ebdcff9f477a821c7 providers/implementations/signature/eddsa_sig.c -762b49aa68fa7cd15c0496c35a23acb85df9588c8bb4ecb54438f86cc06ce13d providers/implementations/signature/mac_legacy_sig.c -c35f9ceff14f539526e568afc7e52282d732be9f0ff4bd9fbb9da9c4d3a663ef providers/implementations/signature/rsa_sig.c -737b9afe8f03f58797034ae906f982179677f5a9cf42965468f7126cf15e6694 ssl/record/tls_pad.c +04339b66c10017229ef368cb48077f58a252ebfda9ab12b9f919e4149b1036ed providers/implementations/rands/test_rng.c +cafb9e6f54ad15889fcebddac6df61336bff7d78936f7de3bb5aab8aee5728d2 providers/implementations/signature/dsa_sig.c +a30dc6308de0ca33406e7ce909f3bcf7580fb84d863b0976b275839f866258df providers/implementations/signature/ecdsa_sig.c +b057870cf8be1fd28834670fb092f0e6f202424c7ae19282fe9df4e52c9ce036 providers/implementations/signature/eddsa_sig.c +3bb0f342b4cc1b4594ed0986adc47791c0a7b5c1ae7b1888c1fb5edb268a78d9 providers/implementations/signature/mac_legacy_sig.c +cee0e3304cc365ef76b422363ef12affc4d03670fd2ab2c8f3babc38f9d5db37 providers/implementations/signature/rsa_sig.c +c8df17850314b145ca83d4037207d6bf0994f9c34e6e55116860cf575df58e81 ssl/record/tls_pad.c 3f2e01a98d9e3fda6cc5cb4b44dd43f6cae4ec34994e8f734d11b1e643e58636 ssl/s3_cbc.c diff -Nru openssl-3.0.0/providers/implementations/digests/build.info openssl-3.0.1/providers/implementations/digests/build.info --- openssl-3.0.0/providers/implementations/digests/build.info 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/digests/build.info 2021-12-14 17:16:25.000000000 +0100 @@ -9,6 +9,7 @@ $BLAKE2_GOAL=../../libdefault.a $SM3_GOAL=../../libdefault.a $MD5_GOAL=../../libdefault.a +$NULL_GOAL=../../libdefault.a $MD2_GOAL=../../liblegacy.a $MD4_GOAL=../../liblegacy.a @@ -22,6 +23,8 @@ SOURCE[$SHA2_GOAL]=sha2_prov.c SOURCE[$SHA3_GOAL]=sha3_prov.c +SOURCE[$NULL_GOAL]=null_prov.c + IF[{- !$disabled{blake2} -}] SOURCE[$BLAKE2_GOAL]=blake2_prov.c blake2b_prov.c blake2s_prov.c ENDIF diff -Nru openssl-3.0.0/providers/implementations/digests/null_prov.c openssl-3.0.1/providers/implementations/digests/null_prov.c --- openssl-3.0.0/providers/implementations/digests/null_prov.c 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/providers/implementations/digests/null_prov.c 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,52 @@ +/* + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include "prov/digestcommon.h" +#include "prov/implementations.h" + +typedef struct { + unsigned char nothing; +} NULLMD_CTX; + +static int null_init(NULLMD_CTX *ctx) +{ + return 1; +} + +static int null_update(NULLMD_CTX *ctx, const void *data, size_t datalen) +{ + return 1; +} + +static int null_final(unsigned char *md, NULLMD_CTX *ctx) +{ + return 1; +} + +/* + * We must override the PROV_FUNC_DIGEST_FINAL as dgstsize == 0 + * and that would cause compilation warnings with the default implementation. + */ +#undef PROV_FUNC_DIGEST_FINAL +#define PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \ +static OSSL_FUNC_digest_final_fn name##_internal_final; \ +static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \ + size_t outsz) \ +{ \ + if (ossl_prov_is_running() && fin(out, ctx)) { \ + *outl = dgstsize; \ + return 1; \ + } \ + return 0; \ +} + +IMPLEMENT_digest_functions(nullmd, NULLMD_CTX, + 0, 0, 0, + null_init, null_update, null_final) diff -Nru openssl-3.0.0/providers/implementations/encode_decode/decode_pvk2key.c openssl-3.0.1/providers/implementations/encode_decode/decode_pvk2key.c --- openssl-3.0.0/providers/implementations/encode_decode/decode_pvk2key.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/encode_decode/decode_pvk2key.c 2021-12-14 17:16:25.000000000 +0100 @@ -100,7 +100,7 @@ if (!ossl_pw_set_ossl_passphrase_cb(&pwdata, pw_cb, pw_cbarg)) goto end; - key = ctx->desc->read_private_key(in, ossl_pw_pem_password, &pwdata, + key = ctx->desc->read_private_key(in, ossl_pw_pvk_password, &pwdata, PROV_LIBCTX_OF(ctx->provctx), NULL); /* diff -Nru openssl-3.0.0/providers/implementations/encode_decode/decode_spki2typespki.c openssl-3.0.1/providers/implementations/encode_decode/decode_spki2typespki.c --- openssl-3.0.0/providers/implementations/encode_decode/decode_spki2typespki.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/encode_decode/decode_spki2typespki.c 2021-12-14 17:16:25.000000000 +0100 @@ -87,7 +87,7 @@ strcpy(dataname, "SM2"); else #endif - if (!OBJ_obj2txt(dataname, sizeof(dataname), oid, 0)) + if (OBJ_obj2txt(dataname, sizeof(dataname), oid, 0) <= 0) goto end; ossl_X509_PUBKEY_INTERNAL_free(xpub); diff -Nru openssl-3.0.0/providers/implementations/encode_decode/encode_key2any.c openssl-3.0.1/providers/implementations/encode_decode/encode_key2any.c --- openssl-3.0.0/providers/implementations/encode_decode/encode_key2any.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/encode_decode/encode_key2any.c 2021-12-14 17:16:25.000000000 +0100 @@ -401,7 +401,7 @@ { return PEM_ASN1_write_bio(k2d, pemname, out, key, ctx->cipher, - NULL, 0, ossl_pw_pem_password, &ctx->pwdata) > 0; + NULL, 0, cb, cbarg) > 0; } static int key_to_type_specific_pem_priv_bio(BIO *out, const void *key, @@ -701,6 +701,10 @@ static int ec_spki_pub_to_der(const void *eckey, unsigned char **pder) { + if (EC_KEY_get0_public_key(eckey) == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY); + return 0; + } return i2o_ECPublicKey(eckey, pder); } @@ -727,7 +731,7 @@ # define ec_epki_priv_to_der ec_pki_priv_to_der # define ec_type_specific_params_to_der (i2d_of_void *)i2d_ECParameters -# define ec_type_specific_pub_to_der (i2d_of_void *)i2o_ECPublicKey +/* No ec_type_specific_pub_to_der, there simply is no such thing */ # define ec_type_specific_priv_to_der (i2d_of_void *)i2d_ECPrivateKey # define ec_check_key_type NULL @@ -1186,11 +1190,11 @@ #define DO_DSA_selection_mask DO_type_specific_selection_mask #define DO_DSA(impl, type, output) DO_type_specific(impl, type, output) -#define DO_EC_selection_mask DO_type_specific_selection_mask -#define DO_EC(impl, type, output) DO_type_specific(impl, type, output) +#define DO_EC_selection_mask DO_type_specific_no_pub_selection_mask +#define DO_EC(impl, type, output) DO_type_specific_no_pub(impl, type, output) -#define DO_SM2_selection_mask DO_type_specific_selection_mask -#define DO_SM2(impl, type, output) DO_type_specific(impl, type, output) +#define DO_SM2_selection_mask DO_type_specific_no_pub_selection_mask +#define DO_SM2(impl, type, output) DO_type_specific_no_pub(impl, type, output) /* PKCS#1 defines a structure for RSA private and public keys */ #define DO_PKCS1_selection_mask DO_RSA_selection_mask diff -Nru openssl-3.0.0/providers/implementations/encode_decode/encode_key2ms.c openssl-3.0.1/providers/implementations/encode_decode/encode_key2ms.c --- openssl-3.0.0/providers/implementations/encode_decode/encode_key2ms.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/encode_decode/encode_key2ms.c 2021-12-14 17:16:25.000000000 +0100 @@ -47,8 +47,7 @@ } static int write_pvk(struct key2ms_ctx_st *ctx, OSSL_CORE_BIO *cout, - EVP_PKEY *pkey, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + EVP_PKEY *pkey) { BIO *out = NULL; int ret = 0; @@ -56,7 +55,7 @@ out = ossl_bio_new_from_core_bio(ctx->provctx, cout); ret = i2b_PVK_bio_ex(out, pkey, ctx->pvk_encr_level, - ossl_pw_pem_password, &ctx->pwdata, libctx, NULL); + ossl_pw_pvk_password, &ctx->pwdata, libctx, NULL); BIO_free(out); return ret; @@ -81,6 +80,7 @@ { struct key2ms_ctx_st *ctx = vctx; + ossl_pw_clear_passphrase_data(&ctx->pwdata); OPENSSL_free(ctx); } @@ -154,8 +154,10 @@ if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) == 0) return 0; /* Error */ - if ((pkey = EVP_PKEY_new()) != NULL && set1_key(pkey, key)) - ok = write_pvk(ctx, cout, pkey, pw_cb, pw_cbarg); + if ((pkey = EVP_PKEY_new()) != NULL && set1_key(pkey, key) + && (pw_cb == NULL + || ossl_pw_set_ossl_passphrase_cb(&ctx->pwdata, pw_cb, pw_cbarg))) + ok = write_pvk(ctx, cout, pkey); EVP_PKEY_free(pkey); return ok; } diff -Nru openssl-3.0.0/providers/implementations/include/prov/digestcommon.h openssl-3.0.1/providers/implementations/include/prov/digestcommon.h --- openssl-3.0.0/providers/implementations/include/prov/digestcommon.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/include/prov/digestcommon.h 2021-12-14 17:16:25.000000000 +0100 @@ -35,6 +35,18 @@ { OSSL_FUNC_DIGEST_GETTABLE_PARAMS, \ (void (*)(void))ossl_digest_default_gettable_params } +# define PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \ +static OSSL_FUNC_digest_final_fn name##_internal_final; \ +static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \ + size_t outsz) \ +{ \ + if (ossl_prov_is_running() && outsz >= dgstsize && fin(out, ctx)) { \ + *outl = dgstsize; \ + return 1; \ + } \ + return 0; \ +} + # define PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_START( \ name, CTX, blksize, dgstsize, flags, upd, fin) \ static OSSL_FUNC_digest_newctx_fn name##_newctx; \ @@ -58,16 +70,7 @@ *ret = *in; \ return ret; \ } \ -static OSSL_FUNC_digest_final_fn name##_internal_final; \ -static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \ - size_t outsz) \ -{ \ - if (ossl_prov_is_running() && outsz >= dgstsize && fin(out, ctx)) { \ - *outl = dgstsize; \ - return 1; \ - } \ - return 0; \ -} \ +PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \ PROV_FUNC_DIGEST_GET_PARAM(name, blksize, dgstsize, flags) \ const OSSL_DISPATCH ossl_##name##_functions[] = { \ { OSSL_FUNC_DIGEST_NEWCTX, (void (*)(void))name##_newctx }, \ diff -Nru openssl-3.0.0/providers/implementations/include/prov/implementations.h openssl-3.0.1/providers/implementations/include/prov/implementations.h --- openssl-3.0.0/providers/implementations/include/prov/implementations.h 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/include/prov/implementations.h 2021-12-14 17:16:25.000000000 +0100 @@ -36,6 +36,7 @@ extern const OSSL_DISPATCH ossl_mdc2_functions[]; extern const OSSL_DISPATCH ossl_wp_functions[]; extern const OSSL_DISPATCH ossl_ripemd160_functions[]; +extern const OSSL_DISPATCH ossl_nullmd_functions[]; /* Ciphers */ extern const OSSL_DISPATCH ossl_null_functions[]; diff -Nru openssl-3.0.0/providers/implementations/kdfs/kbkdf.c openssl-3.0.1/providers/implementations/kdfs/kbkdf.c --- openssl-3.0.0/providers/implementations/kdfs/kbkdf.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/kdfs/kbkdf.c 2021-12-14 17:16:25.000000000 +0100 @@ -46,7 +46,7 @@ #include "e_os.h" -#define MIN(a, b) ((a) < (b)) ? (a) : (b) +#define ossl_min(a, b) ((a) < (b)) ? (a) : (b) typedef enum { COUNTER = 0, @@ -195,7 +195,7 @@ goto done; to_write = ko_len - written; - memcpy(ko + written, k_i, MIN(to_write, h)); + memcpy(ko + written, k_i, ossl_min(to_write, h)); written += h; k_i_len = h; diff -Nru openssl-3.0.0/providers/implementations/kdfs/krb5kdf.c openssl-3.0.1/providers/implementations/kdfs/krb5kdf.c --- openssl-3.0.0/providers/implementations/kdfs/krb5kdf.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/kdfs/krb5kdf.c 2021-12-14 17:16:25.000000000 +0100 @@ -98,6 +98,7 @@ { OPENSSL_clear_free(*dst, *dst_len); *dst = NULL; + *dst_len = 0; return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len); } diff -Nru openssl-3.0.0/providers/implementations/kdfs/pbkdf1.c openssl-3.0.1/providers/implementations/kdfs/pbkdf1.c --- openssl-3.0.0/providers/implementations/kdfs/pbkdf1.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/kdfs/pbkdf1.c 2021-12-14 17:16:25.000000000 +0100 @@ -134,13 +134,15 @@ const OSSL_PARAM *p) { OPENSSL_clear_free(*buffer, *buflen); + *buffer = NULL; + *buflen = 0; + if (p->data_size == 0) { if ((*buffer = OPENSSL_malloc(1)) == NULL) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return 0; } } else if (p->data != NULL) { - *buffer = NULL; if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; } diff -Nru openssl-3.0.0/providers/implementations/kdfs/pbkdf2.c openssl-3.0.1/providers/implementations/kdfs/pbkdf2.c --- openssl-3.0.0/providers/implementations/kdfs/pbkdf2.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/kdfs/pbkdf2.c 2021-12-14 17:16:25.000000000 +0100 @@ -126,13 +126,15 @@ const OSSL_PARAM *p) { OPENSSL_clear_free(*buffer, *buflen); + *buffer = NULL; + *buflen = 0; + if (p->data_size == 0) { if ((*buffer = OPENSSL_malloc(1)) == NULL) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return 0; } } else if (p->data != NULL) { - *buffer = NULL; if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; } diff -Nru openssl-3.0.0/providers/implementations/kdfs/pkcs12kdf.c openssl-3.0.1/providers/implementations/kdfs/pkcs12kdf.c --- openssl-3.0.0/providers/implementations/kdfs/pkcs12kdf.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/kdfs/pkcs12kdf.c 2021-12-14 17:16:25.000000000 +0100 @@ -182,13 +182,15 @@ const OSSL_PARAM *p) { OPENSSL_clear_free(*buffer, *buflen); + *buffer = NULL; + *buflen = 0; + if (p->data_size == 0) { if ((*buffer = OPENSSL_malloc(1)) == NULL) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return 0; } } else if (p->data != NULL) { - *buffer = NULL; if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; } diff -Nru openssl-3.0.0/providers/implementations/kdfs/scrypt.c openssl-3.0.1/providers/implementations/kdfs/scrypt.c --- openssl-3.0.0/providers/implementations/kdfs/scrypt.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/kdfs/scrypt.c 2021-12-14 17:16:25.000000000 +0100 @@ -108,13 +108,15 @@ const OSSL_PARAM *p) { OPENSSL_clear_free(*buffer, *buflen); + *buffer = NULL; + *buflen = 0; + if (p->data_size == 0) { if ((*buffer = OPENSSL_malloc(1)) == NULL) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return 0; } } else if (p->data != NULL) { - *buffer = NULL; if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; } diff -Nru openssl-3.0.0/providers/implementations/kdfs/sshkdf.c openssl-3.0.1/providers/implementations/kdfs/sshkdf.c --- openssl-3.0.0/providers/implementations/kdfs/sshkdf.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/kdfs/sshkdf.c 2021-12-14 17:16:25.000000000 +0100 @@ -91,6 +91,7 @@ { OPENSSL_clear_free(*dst, *dst_len); *dst = NULL; + *dst_len = 0; return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len); } diff -Nru openssl-3.0.0/providers/implementations/kdfs/sskdf.c openssl-3.0.1/providers/implementations/kdfs/sskdf.c --- openssl-3.0.0/providers/implementations/kdfs/sskdf.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/kdfs/sskdf.c 2021-12-14 17:16:25.000000000 +0100 @@ -239,7 +239,7 @@ goto end; out_len = EVP_MAC_CTX_get_mac_size(ctx_init); /* output size */ - if (out_len <= 0) + if (out_len <= 0 || (mac == mac_buf && out_len > sizeof(mac_buf))) goto end; len = derived_key_len; @@ -263,7 +263,7 @@ if (len == 0) break; } else { - if (!EVP_MAC_final(ctx, mac, NULL, len)) + if (!EVP_MAC_final(ctx, mac, NULL, out_len)) goto end; memcpy(out, mac, len); break; diff -Nru openssl-3.0.0/providers/implementations/keymgmt/dh_kmgmt.c openssl-3.0.1/providers/implementations/keymgmt/dh_kmgmt.c --- openssl-3.0.0/providers/implementations/keymgmt/dh_kmgmt.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/keymgmt/dh_kmgmt.c 2021-12-14 17:16:25.000000000 +0100 @@ -154,10 +154,30 @@ if (!ossl_prov_is_running()) return 0; - if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) - ok = ok && BN_cmp(DH_get0_pub_key(dh1), DH_get0_pub_key(dh2)) == 0; - if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) - ok = ok && BN_cmp(DH_get0_priv_key(dh1), DH_get0_priv_key(dh2)) == 0; + if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { + int key_checked = 0; + + if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { + const BIGNUM *pa = DH_get0_pub_key(dh1); + const BIGNUM *pb = DH_get0_pub_key(dh2); + + if (pa != NULL && pb != NULL) { + ok = ok && BN_cmp(pa, pb) == 0; + key_checked = 1; + } + } + if (!key_checked + && (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { + const BIGNUM *pa = DH_get0_priv_key(dh1); + const BIGNUM *pb = DH_get0_priv_key(dh2); + + if (pa != NULL && pb != NULL) { + ok = ok && BN_cmp(pa, pb) == 0; + key_checked = 1; + } + } + ok = ok && key_checked; + } if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) { FFC_PARAMS *dhparams1 = ossl_dh_get0_params((DH *)dh1); FFC_PARAMS *dhparams2 = ossl_dh_get0_params((DH *)dh2); diff -Nru openssl-3.0.0/providers/implementations/keymgmt/dsa_kmgmt.c openssl-3.0.1/providers/implementations/keymgmt/dsa_kmgmt.c --- openssl-3.0.0/providers/implementations/keymgmt/dsa_kmgmt.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/keymgmt/dsa_kmgmt.c 2021-12-14 17:16:25.000000000 +0100 @@ -154,12 +154,30 @@ if (!ossl_prov_is_running()) return 0; - if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) - ok = ok - && BN_cmp(DSA_get0_pub_key(dsa1), DSA_get0_pub_key(dsa2)) == 0; - if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) - ok = ok - && BN_cmp(DSA_get0_priv_key(dsa1), DSA_get0_priv_key(dsa2)) == 0; + if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { + int key_checked = 0; + + if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { + const BIGNUM *pa = DSA_get0_pub_key(dsa1); + const BIGNUM *pb = DSA_get0_pub_key(dsa2); + + if (pa != NULL && pb != NULL) { + ok = ok && BN_cmp(pa, pb) == 0; + key_checked = 1; + } + } + if (!key_checked + && (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { + const BIGNUM *pa = DSA_get0_priv_key(dsa1); + const BIGNUM *pb = DSA_get0_priv_key(dsa2); + + if (pa != NULL && pb != NULL) { + ok = ok && BN_cmp(pa, pb) == 0; + key_checked = 1; + } + } + ok = ok && key_checked; + } if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) { FFC_PARAMS *dsaparams1 = ossl_dsa_get0_params((DSA *)dsa1); FFC_PARAMS *dsaparams2 = ossl_dsa_get0_params((DSA *)dsa2); diff -Nru openssl-3.0.0/providers/implementations/keymgmt/ec_kmgmt.c openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c --- openssl-3.0.0/providers/implementations/keymgmt/ec_kmgmt.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/keymgmt/ec_kmgmt.c 2021-12-14 17:16:25.000000000 +0100 @@ -337,17 +337,29 @@ if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) ok = ok && group_a != NULL && group_b != NULL && EC_GROUP_cmp(group_a, group_b, ctx) == 0; - if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { - const BIGNUM *pa = EC_KEY_get0_private_key(ec1); - const BIGNUM *pb = EC_KEY_get0_private_key(ec2); + if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { + int key_checked = 0; - ok = ok && BN_cmp(pa, pb) == 0; - } - if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { - const EC_POINT *pa = EC_KEY_get0_public_key(ec1); - const EC_POINT *pb = EC_KEY_get0_public_key(ec2); + if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { + const EC_POINT *pa = EC_KEY_get0_public_key(ec1); + const EC_POINT *pb = EC_KEY_get0_public_key(ec2); + + if (pa != NULL && pb != NULL) { + ok = ok && EC_POINT_cmp(group_b, pa, pb, ctx) == 0; + key_checked = 1; + } + } + if (!key_checked + && (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { + const BIGNUM *pa = EC_KEY_get0_private_key(ec1); + const BIGNUM *pb = EC_KEY_get0_private_key(ec2); - ok = ok && EC_POINT_cmp(group_b, pa, pb, ctx) == 0; + if (pa != NULL && pb != NULL) { + ok = ok && BN_cmp(pa, pb) == 0; + key_checked = 1; + } + } + ok = ok && key_checked; } BN_CTX_free(ctx); return ok; diff -Nru openssl-3.0.0/providers/implementations/keymgmt/ecx_kmgmt.c openssl-3.0.1/providers/implementations/keymgmt/ecx_kmgmt.c --- openssl-3.0.0/providers/implementations/keymgmt/ecx_kmgmt.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/keymgmt/ecx_kmgmt.c 2021-12-14 17:16:25.000000000 +0100 @@ -153,24 +153,39 @@ if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) ok = ok && key1->type == key2->type; - if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { - if ((key1->privkey == NULL && key2->privkey != NULL) - || (key1->privkey != NULL && key2->privkey == NULL) - || key1->type != key2->type) - ok = 0; - else - ok = ok && (key1->privkey == NULL /* implies key2->privkey == NULL */ - || CRYPTO_memcmp(key1->privkey, key2->privkey, - key1->keylen) == 0); - } - if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { - if (key1->haspubkey != key2->haspubkey - || key1->type != key2->type) - ok = 0; - else - ok = ok && (key1->haspubkey == 0 /* implies key2->haspubkey == 0 */ - || CRYPTO_memcmp(key1->pubkey, key2->pubkey, - key1->keylen) == 0); + if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { + int key_checked = 0; + + if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { + const unsigned char *pa = key1->haspubkey ? key1->pubkey : NULL; + const unsigned char *pb = key2->haspubkey ? key2->pubkey : NULL; + size_t pal = key1->keylen; + size_t pbl = key2->keylen; + + if (pa != NULL && pb != NULL) { + ok = ok + && key1->type == key2->type + && pal == pbl + && CRYPTO_memcmp(pa, pb, pal) == 0; + key_checked = 1; + } + } + if (!key_checked + && (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { + const unsigned char *pa = key1->privkey; + const unsigned char *pb = key2->privkey; + size_t pal = key1->keylen; + size_t pbl = key2->keylen; + + if (pa != NULL && pb != NULL) { + ok = ok + && key1->type == key2->type + && pal == pbl + && CRYPTO_memcmp(pa, pb, pal) == 0; + key_checked = 1; + } + } + ok = ok && key_checked; } return ok; } diff -Nru openssl-3.0.0/providers/implementations/keymgmt/mac_legacy_kmgmt.c openssl-3.0.1/providers/implementations/keymgmt/mac_legacy_kmgmt.c --- openssl-3.0.0/providers/implementations/keymgmt/mac_legacy_kmgmt.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/keymgmt/mac_legacy_kmgmt.c 2021-12-14 17:16:25.000000000 +0100 @@ -508,6 +508,7 @@ * of this can be removed and we will only support the EVP_KDF APIs. */ if (!ossl_prov_cipher_copy(&key->cipher, &gctx->cipher)) { + ossl_mac_key_free(key); ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); return NULL; } diff -Nru openssl-3.0.0/providers/implementations/keymgmt/rsa_kmgmt.c openssl-3.0.1/providers/implementations/keymgmt/rsa_kmgmt.c --- openssl-3.0.0/providers/implementations/keymgmt/rsa_kmgmt.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/keymgmt/rsa_kmgmt.c 2021-12-14 17:16:25.000000000 +0100 @@ -143,10 +143,30 @@ /* There is always an |e| */ ok = ok && BN_cmp(RSA_get0_e(rsa1), RSA_get0_e(rsa2)) == 0; - if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) - ok = ok && BN_cmp(RSA_get0_n(rsa1), RSA_get0_n(rsa2)) == 0; - if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) - ok = ok && BN_cmp(RSA_get0_d(rsa1), RSA_get0_d(rsa2)) == 0; + if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { + int key_checked = 0; + + if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { + const BIGNUM *pa = RSA_get0_n(rsa1); + const BIGNUM *pb = RSA_get0_n(rsa2); + + if (pa != NULL && pb != NULL) { + ok = ok && BN_cmp(pa, pb) == 0; + key_checked = 1; + } + } + if (!key_checked + && (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { + const BIGNUM *pa = RSA_get0_d(rsa1); + const BIGNUM *pb = RSA_get0_d(rsa2); + + if (pa != NULL && pb != NULL) { + ok = ok && BN_cmp(pa, pb) == 0; + key_checked = 1; + } + } + ok = ok && key_checked; + } return ok; } diff -Nru openssl-3.0.0/providers/implementations/rands/drbg.c openssl-3.0.1/providers/implementations/rands/drbg.c --- openssl-3.0.0/providers/implementations/rands/drbg.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/rands/drbg.c 2021-12-14 17:16:25.000000000 +0100 @@ -459,9 +459,11 @@ if (!drbg->instantiate(drbg, entropy, entropylen, nonce, noncelen, pers, perslen)) { + cleanup_entropy(drbg, entropy, entropylen); ERR_raise(ERR_LIB_PROV, PROV_R_ERROR_INSTANTIATING_DRBG); goto end; } + cleanup_entropy(drbg, entropy, entropylen); drbg->state = EVP_RAND_STATE_READY; drbg->generate_counter = 1; @@ -469,8 +471,6 @@ tsan_store(&drbg->reseed_counter, drbg->reseed_next_counter); end: - if (entropy != NULL) - cleanup_entropy(drbg, entropy, entropylen); if (nonce != NULL) ossl_prov_cleanup_nonce(drbg->provctx, nonce, noncelen); if (drbg->state == EVP_RAND_STATE_READY) diff -Nru openssl-3.0.0/providers/implementations/rands/seed_src.c openssl-3.0.1/providers/implementations/rands/seed_src.c --- openssl-3.0.0/providers/implementations/rands/seed_src.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/rands/seed_src.c 2021-12-14 17:16:25.000000000 +0100 @@ -201,10 +201,11 @@ ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return 0; } - *pout = p; if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance, - adin, adin_len) != 0) + adin, adin_len) != 0) { + *pout = p; return bytes_needed; + } OPENSSL_secure_clear_free(p, bytes_needed); return 0; } diff -Nru openssl-3.0.0/providers/implementations/rands/test_rng.c openssl-3.0.1/providers/implementations/rands/test_rng.c --- openssl-3.0.0/providers/implementations/rands/test_rng.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/rands/test_rng.c 2021-12-14 17:16:25.000000000 +0100 @@ -52,9 +52,6 @@ { PROV_TEST_RNG *t; - if (parent != NULL) - return NULL; - t = OPENSSL_zalloc(sizeof(*t)); if (t == NULL) return NULL; @@ -107,16 +104,11 @@ const unsigned char *adin, size_t adin_len) { PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; - size_t i; - if (strength > t->strength) + if (strength > t->strength || t->entropy_len - t->entropy_pos < outlen) return 0; - - for (i = 0; i < outlen; i++) { - out[i] = t->entropy[t->entropy_pos++]; - if (t->entropy_pos >= t->entropy_len) - break; - } + memcpy(out, t->entropy + t->entropy_pos, outlen); + t->entropy_pos += outlen; return 1; } diff -Nru openssl-3.0.0/providers/implementations/signature/dsa_sig.c openssl-3.0.1/providers/implementations/signature/dsa_sig.c --- openssl-3.0.0/providers/implementations/signature/dsa_sig.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/signature/dsa_sig.c 2021-12-14 17:16:25.000000000 +0100 @@ -189,22 +189,31 @@ PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; if (!ossl_prov_is_running() - || pdsactx == NULL - || vdsa == NULL - || !DSA_up_ref(vdsa)) + || pdsactx == NULL) return 0; - DSA_free(pdsactx->dsa); - pdsactx->dsa = vdsa; + + if (vdsa == NULL && pdsactx->dsa == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); + return 0; + } + + if (vdsa != NULL) { + if (!ossl_dsa_check_key(pdsactx->libctx, vdsa, + operation == EVP_PKEY_OP_SIGN)) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); + return 0; + } + if (!DSA_up_ref(vdsa)) + return 0; + DSA_free(pdsactx->dsa); + pdsactx->dsa = vdsa; + } + pdsactx->operation = operation; if (!dsa_set_ctx_params(pdsactx, params)) return 0; - if (!ossl_dsa_check_key(pdsactx->libctx, vdsa, - operation == EVP_PKEY_OP_SIGN)) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); - return 0; - } return 1; } @@ -278,9 +287,12 @@ return 0; pdsactx->flag_allow_md = 0; - pdsactx->mdctx = EVP_MD_CTX_new(); - if (pdsactx->mdctx == NULL) - goto error; + + if (pdsactx->mdctx == NULL) { + pdsactx->mdctx = EVP_MD_CTX_new(); + if (pdsactx->mdctx == NULL) + goto error; + } if (!EVP_DigestInit_ex2(pdsactx->mdctx, pdsactx->md, params)) goto error; @@ -289,9 +301,7 @@ error: EVP_MD_CTX_free(pdsactx->mdctx); - EVP_MD_free(pdsactx->md); pdsactx->mdctx = NULL; - pdsactx->md = NULL; return 0; } diff -Nru openssl-3.0.0/providers/implementations/signature/ecdsa_sig.c openssl-3.0.1/providers/implementations/signature/ecdsa_sig.c --- openssl-3.0.0/providers/implementations/signature/ecdsa_sig.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/signature/ecdsa_sig.c 2021-12-14 17:16:25.000000000 +0100 @@ -131,16 +131,29 @@ PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; if (!ossl_prov_is_running() - || ctx == NULL - || ec == NULL - || !EC_KEY_up_ref(ec)) + || ctx == NULL) return 0; - EC_KEY_free(ctx->ec); - ctx->ec = ec; + + if (ec == NULL && ctx->ec == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); + return 0; + } + + if (ec != NULL) { + if (!ossl_ec_check_key(ctx->libctx, ec, operation == EVP_PKEY_OP_SIGN)) + return 0; + if (!EC_KEY_up_ref(ec)) + return 0; + EC_KEY_free(ctx->ec); + ctx->ec = ec; + } + ctx->operation = operation; + if (!ecdsa_set_ctx_params(ctx, params)) return 0; - return ossl_ec_check_key(ctx->libctx, ec, operation == EVP_PKEY_OP_SIGN); + + return 1; } static int ecdsa_sign_init(void *vctx, void *ec, const OSSL_PARAM params[]) @@ -279,18 +292,19 @@ return 0; ctx->flag_allow_md = 0; - ctx->mdctx = EVP_MD_CTX_new(); - if (ctx->mdctx == NULL) - goto error; + + if (ctx->mdctx == NULL) { + ctx->mdctx = EVP_MD_CTX_new(); + if (ctx->mdctx == NULL) + goto error; + } if (!EVP_DigestInit_ex2(ctx->mdctx, ctx->md, params)) goto error; return 1; error: EVP_MD_CTX_free(ctx->mdctx); - EVP_MD_free(ctx->md); ctx->mdctx = NULL; - ctx->md = NULL; return 0; } diff -Nru openssl-3.0.0/providers/implementations/signature/eddsa_sig.c openssl-3.0.1/providers/implementations/signature/eddsa_sig.c --- openssl-3.0.0/providers/implementations/signature/eddsa_sig.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/signature/eddsa_sig.c 2021-12-14 17:16:25.000000000 +0100 @@ -100,6 +100,14 @@ return 0; } + if (edkey == NULL) { + if (peddsactx->key != NULL) + /* there is nothing to do on reinit */ + return 1; + ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); + return 0; + } + if (!ossl_ecx_key_up_ref(edkey)) { ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); return 0; @@ -124,6 +132,7 @@ default: /* Should never happen */ ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); + ossl_ecx_key_free(edkey); return 0; } if (ret && WPACKET_finish(&pkt)) { diff -Nru openssl-3.0.0/providers/implementations/signature/mac_legacy_sig.c openssl-3.0.1/providers/implementations/signature/mac_legacy_sig.c --- openssl-3.0.0/providers/implementations/signature/mac_legacy_sig.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/signature/mac_legacy_sig.c 2021-12-14 17:16:25.000000000 +0100 @@ -16,6 +16,7 @@ #include #include #include +#include #ifndef FIPS_MODULE # include #endif @@ -101,13 +102,20 @@ const char *ciphername = NULL, *engine = NULL; if (!ossl_prov_is_running() - || pmacctx == NULL - || vkey == NULL - || !ossl_mac_key_up_ref(vkey)) + || pmacctx == NULL) return 0; - ossl_mac_key_free(pmacctx->key); - pmacctx->key = vkey; + if (pmacctx->key == NULL && vkey == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); + return 0; + } + + if (vkey != NULL) { + if (!ossl_mac_key_up_ref(vkey)) + return 0; + ossl_mac_key_free(pmacctx->key); + pmacctx->key = vkey; + } if (pmacctx->key->cipher.cipher != NULL) ciphername = (char *)EVP_CIPHER_get0_name(pmacctx->key->cipher.cipher); diff -Nru openssl-3.0.0/providers/implementations/signature/rsa_sig.c openssl-3.0.1/providers/implementations/signature/rsa_sig.c --- openssl-3.0.0/providers/implementations/signature/rsa_sig.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/signature/rsa_sig.c 2021-12-14 17:16:25.000000000 +0100 @@ -190,6 +190,9 @@ prsactx->libctx = PROV_LIBCTX_OF(provctx); prsactx->flag_allow_md = 1; prsactx->propq = propq_copy; + /* Maximum for sign, auto for verify */ + prsactx->saltlen = RSA_PSS_SALTLEN_AUTO; + prsactx->min_saltlen = -1; return prsactx; } @@ -386,23 +389,25 @@ { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; - if (!ossl_prov_is_running()) + if (!ossl_prov_is_running() || prsactx == NULL) return 0; - if (prsactx == NULL || vrsa == NULL) + if (vrsa == NULL && prsactx->rsa == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); return 0; + } - if (!ossl_rsa_check_key(prsactx->libctx, vrsa, operation)) - return 0; + if (vrsa != NULL) { + if (!ossl_rsa_check_key(prsactx->libctx, vrsa, operation)) + return 0; - if (!RSA_up_ref(vrsa)) - return 0; - RSA_free(prsactx->rsa); - prsactx->rsa = vrsa; - prsactx->operation = operation; + if (!RSA_up_ref(vrsa)) + return 0; + RSA_free(prsactx->rsa); + prsactx->rsa = vrsa; + } - if (!rsa_set_ctx_params(prsactx, params)) - return 0; + prsactx->operation = operation; /* Maximum for sign, auto for verify */ prsactx->saltlen = RSA_PSS_SALTLEN_AUTO; @@ -457,9 +462,10 @@ prsactx->saltlen = min_saltlen; /* call rsa_setup_mgf1_md before rsa_setup_md to avoid duplication */ - return rsa_setup_mgf1_md(prsactx, mgf1mdname, prsactx->propq) - && rsa_setup_md(prsactx, mdname, prsactx->propq) - && rsa_check_parameters(prsactx, min_saltlen); + if (!rsa_setup_mgf1_md(prsactx, mgf1mdname, prsactx->propq) + || !rsa_setup_md(prsactx, mdname, prsactx->propq) + || !rsa_check_parameters(prsactx, min_saltlen)) + return 0; } } @@ -469,6 +475,9 @@ return 0; } + if (!rsa_set_ctx_params(prsactx, params)) + return 0; + return 1; } @@ -842,6 +851,7 @@ if (!rsa_signverify_init(vprsactx, vrsa, params, operation)) return 0; + if (mdname != NULL /* was rsa_setup_md already called in rsa_signverify_init()? */ && (mdname[0] == '\0' || strcasecmp(prsactx->mdname, mdname) != 0) @@ -849,10 +859,11 @@ return 0; prsactx->flag_allow_md = 0; - prsactx->mdctx = EVP_MD_CTX_new(); + if (prsactx->mdctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - goto error; + prsactx->mdctx = EVP_MD_CTX_new(); + if (prsactx->mdctx == NULL) + goto error; } if (!EVP_DigestInit_ex2(prsactx->mdctx, prsactx->md, params)) @@ -862,9 +873,7 @@ error: EVP_MD_CTX_free(prsactx->mdctx); - EVP_MD_free(prsactx->md); prsactx->mdctx = NULL; - prsactx->md = NULL; return 0; } diff -Nru openssl-3.0.0/providers/implementations/signature/sm2_sig.c openssl-3.0.1/providers/implementations/signature/sm2_sig.c --- openssl-3.0.0/providers/implementations/signature/sm2_sig.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/providers/implementations/signature/sm2_sig.c 2021-12-14 17:16:25.000000000 +0100 @@ -27,6 +27,7 @@ #include "internal/cryptlib.h" #include "internal/sm3.h" #include "prov/implementations.h" +#include "prov/providercommon.h" #include "prov/provider_ctx.h" #include "crypto/ec.h" #include "crypto/sm2.h" @@ -94,9 +95,16 @@ if (psm2ctx->md == NULL) /* We need an SM3 md to compare with */ psm2ctx->md = EVP_MD_fetch(psm2ctx->libctx, psm2ctx->mdname, psm2ctx->propq); - if (psm2ctx->md == NULL - || strlen(mdname) >= sizeof(psm2ctx->mdname) + if (psm2ctx->md == NULL) + return 0; + + if (mdname == NULL) + return 1; + + if (strlen(mdname) >= sizeof(psm2ctx->mdname) || !EVP_MD_is_a(psm2ctx->md, mdname)) { + ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, "digest=%s", + mdname); return 0; } @@ -127,10 +135,22 @@ { PROV_SM2_CTX *psm2ctx = (PROV_SM2_CTX *)vpsm2ctx; - if (psm2ctx == NULL || ec == NULL || !EC_KEY_up_ref(ec)) + if (!ossl_prov_is_running() + || psm2ctx == NULL) return 0; - EC_KEY_free(psm2ctx->ec); - psm2ctx->ec = ec; + + if (ec == NULL && psm2ctx->ec == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); + return 0; + } + + if (ec != NULL) { + if (!EC_KEY_up_ref(ec)) + return 0; + EC_KEY_free(psm2ctx->ec); + psm2ctx->ec = ec; + } + return sm2sig_set_ctx_params(psm2ctx, params); } @@ -193,10 +213,11 @@ || !sm2sig_set_mdname(ctx, mdname)) return ret; - EVP_MD_CTX_free(ctx->mdctx); - ctx->mdctx = EVP_MD_CTX_new(); - if (ctx->mdctx == NULL) - goto error; + if (ctx->mdctx == NULL) { + ctx->mdctx = EVP_MD_CTX_new(); + if (ctx->mdctx == NULL) + goto error; + } md_nid = EVP_MD_get_type(ctx->md); @@ -224,8 +245,6 @@ ret = 1; error: - if (!ret) - free_md(ctx); return ret; } diff -Nru openssl-3.0.0/ssl/bio_ssl.c openssl-3.0.1/ssl/bio_ssl.c --- openssl-3.0.0/ssl/bio_ssl.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/bio_ssl.c 2021-12-14 17:16:25.000000000 +0100 @@ -76,13 +76,12 @@ if (a == NULL) return 0; bs = BIO_get_data(a); - if (bs->ssl != NULL) - SSL_shutdown(bs->ssl); if (BIO_get_shutdown(a)) { + if (bs->ssl != NULL) + SSL_shutdown(bs->ssl); if (BIO_get_init(a)) SSL_free(bs->ssl); - /* Clear all flags */ - BIO_clear_flags(a, ~0); + BIO_clear_flags(a, ~0); /* Clear all flags */ BIO_set_init(a, 0); } OPENSSL_free(bs); diff -Nru openssl-3.0.0/ssl/ktls.c openssl-3.0.1/ssl/ktls.c --- openssl-3.0.0/ssl/ktls.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/ktls.c 2021-12-14 17:16:25.000000000 +0100 @@ -129,28 +129,28 @@ /* check that cipher is AES_GCM_128, AES_GCM_256, AES_CCM_128 * or Chacha20-Poly1305 */ - switch (EVP_CIPHER_get_nid(c)) - { # ifdef OPENSSL_KTLS_AES_CCM_128 - case NID_aes_128_ccm: + if (EVP_CIPHER_is_a(c, "AES-128-CCM")) { if (s->version == TLS_1_3_VERSION /* broken on 5.x kernels */ || EVP_CIPHER_CTX_get_tag_length(dd) != EVP_CCM_TLS_TAG_LEN) - return 0; + return 0; + return 1; + } else # endif + if (0 # ifdef OPENSSL_KTLS_AES_GCM_128 - /* Fall through */ - case NID_aes_128_gcm: + || EVP_CIPHER_is_a(c, "AES-128-GCM") # endif # ifdef OPENSSL_KTLS_AES_GCM_256 - case NID_aes_256_gcm: + || EVP_CIPHER_is_a(c, "AES-256-GCM") # endif # ifdef OPENSSL_KTLS_CHACHA20_POLY1305 - case NID_chacha20_poly1305: + || EVP_CIPHER_is_a(c, "ChaCha20-Poly1305") # endif + ) { return 1; - default: - return 0; } + return 0; } /* Function to configure kernel TLS structure */ diff -Nru openssl-3.0.0/ssl/record/rec_layer_s3.c openssl-3.0.1/ssl/record/rec_layer_s3.c --- openssl-3.0.0/ssl/record/rec_layer_s3.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/record/rec_layer_s3.c 2021-12-14 17:16:25.000000000 +0100 @@ -1246,7 +1246,7 @@ * * This function must handle any surprises the peer may have for us, such as * Alert records (e.g. close_notify) or renegotiation requests. ChangeCipherSpec - * messages are treated as if they were handshake messages *if* the |recd_type| + * messages are treated as if they were handshake messages *if* the |recvd_type| * argument is non NULL. * Also if record payloads contain fragments too small to process, we store * them until there is enough for the respective protocol (the record protocol diff -Nru openssl-3.0.0/ssl/record/ssl3_record.c openssl-3.0.1/ssl/record/ssl3_record.c --- openssl-3.0.0/ssl/record/ssl3_record.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/record/ssl3_record.c 2021-12-14 17:16:25.000000000 +0100 @@ -1218,23 +1218,17 @@ } if (!sending) { - /* Adjust the record to remove the explicit IV/MAC/Tag */ - if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_GCM_MODE) { - for (ctr = 0; ctr < n_recs; ctr++) { + for (ctr = 0; ctr < n_recs; ctr++) { + /* Adjust the record to remove the explicit IV/MAC/Tag */ + if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_GCM_MODE) { recs[ctr].data += EVP_GCM_TLS_EXPLICIT_IV_LEN; recs[ctr].input += EVP_GCM_TLS_EXPLICIT_IV_LEN; recs[ctr].length -= EVP_GCM_TLS_EXPLICIT_IV_LEN; - } - } else if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_CCM_MODE) { - for (ctr = 0; ctr < n_recs; ctr++) { + } else if (EVP_CIPHER_get_mode(enc) == EVP_CIPH_CCM_MODE) { recs[ctr].data += EVP_CCM_TLS_EXPLICIT_IV_LEN; recs[ctr].input += EVP_CCM_TLS_EXPLICIT_IV_LEN; recs[ctr].length -= EVP_CCM_TLS_EXPLICIT_IV_LEN; - } - } - - for (ctr = 0; ctr < n_recs; ctr++) { - if (bs != 1 && SSL_USE_EXPLICIT_IV(s)) { + } else if (bs != 1 && SSL_USE_EXPLICIT_IV(s)) { if (recs[ctr].length < bs) return 0; recs[ctr].data += bs; @@ -1254,17 +1248,12 @@ (macs != NULL) ? &macs[ctr].alloced : NULL, bs, - macsize, + pad ? (size_t)pad : macsize, (EVP_CIPHER_get_flags(enc) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0, s->ctx->libctx)) return 0; } - if (pad) { - for (ctr = 0; ctr < n_recs; ctr++) { - recs[ctr].length -= pad; - } - } } } } diff -Nru openssl-3.0.0/ssl/record/tls_pad.c openssl-3.0.1/ssl/record/tls_pad.c --- openssl-3.0.0/ssl/record/tls_pad.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/record/tls_pad.c 2021-12-14 17:16:25.000000000 +0100 @@ -138,8 +138,6 @@ if (aead) { /* padding is already verified and we don't need to check the MAC */ *reclen -= padding_length + 1 + mac_size; - *mac = NULL; - *alloced = 0; return 1; } @@ -253,7 +251,7 @@ } /* Create the random MAC we will emit if padding is bad */ - if (!RAND_bytes_ex(libctx, randmac, mac_size, 0)) + if (RAND_bytes_ex(libctx, randmac, mac_size, 0) <= 0) return 0; if (!ossl_assert(mac != NULL && alloced != NULL)) diff -Nru openssl-3.0.0/ssl/s3_lib.c openssl-3.0.1/ssl/s3_lib.c --- openssl-3.0.0/ssl/s3_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/s3_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -3448,7 +3448,11 @@ ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } - return SSL_set0_tmp_dh_pkey(s, pkdh); + if (!SSL_set0_tmp_dh_pkey(s, pkdh)) { + EVP_PKEY_free(pkdh); + return 0; + } + return 1; } break; case SSL_CTRL_SET_TMP_DH_CB: @@ -3771,7 +3775,11 @@ ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); return 0; } - return SSL_CTX_set0_tmp_dh_pkey(ctx, pkdh); + if (!SSL_CTX_set0_tmp_dh_pkey(ctx, pkdh)) { + EVP_PKEY_free(pkdh); + return 0; + } + return 1; } case SSL_CTRL_SET_TMP_DH_CB: { diff -Nru openssl-3.0.0/ssl/ssl_cert.c openssl-3.0.1/ssl/ssl_cert.c --- openssl-3.0.0/ssl/ssl_cert.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/ssl_cert.c 2021-12-14 17:16:25.000000000 +0100 @@ -362,6 +362,13 @@ c->cert_cb_arg = arg; } +/* + * Verify a certificate chain + * Return codes: + * 1: Verify success + * 0: Verify failure or error + * -1: Retry required + */ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) { X509 *x; @@ -423,10 +430,14 @@ if (s->verify_callback) X509_STORE_CTX_set_verify_cb(ctx, s->verify_callback); - if (s->ctx->app_verify_callback != NULL) + if (s->ctx->app_verify_callback != NULL) { i = s->ctx->app_verify_callback(ctx, s->ctx->app_verify_arg); - else + } else { i = X509_verify_cert(ctx); + /* We treat an error in the same way as a failure to verify */ + if (i < 0) + i = 0; + } s->verify_result = X509_STORE_CTX_get_error(ctx); sk_X509_pop_free(s->verified_chain, X509_free); @@ -625,7 +636,7 @@ ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); goto err; } - if (!BIO_read_filename(in, file)) + if (BIO_read_filename(in, file) <= 0) goto err; /* Internally lh_X509_NAME_retrieve() needs the libctx to retrieve SHA1 */ @@ -696,7 +707,7 @@ goto err; } - if (!BIO_read_filename(in, file)) + if (BIO_read_filename(in, file) <= 0) goto err; for (;;) { diff -Nru openssl-3.0.0/ssl/ssl_ciph.c openssl-3.0.1/ssl/ssl_ciph.c --- openssl-3.0.0/ssl/ssl_ciph.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/ssl_ciph.c 2021-12-14 17:16:25.000000000 +0100 @@ -1365,7 +1365,8 @@ return 1; } -static int update_cipher_list(STACK_OF(SSL_CIPHER) **cipher_list, +static int update_cipher_list(SSL_CTX *ctx, + STACK_OF(SSL_CIPHER) **cipher_list, STACK_OF(SSL_CIPHER) **cipher_list_by_id, STACK_OF(SSL_CIPHER) *tls13_ciphersuites) { @@ -1385,9 +1386,17 @@ (void)sk_SSL_CIPHER_delete(tmp_cipher_list, 0); /* Insert the new TLSv1.3 ciphersuites */ - for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) - sk_SSL_CIPHER_insert(tmp_cipher_list, - sk_SSL_CIPHER_value(tls13_ciphersuites, i), i); + for (i = sk_SSL_CIPHER_num(tls13_ciphersuites) - 1; i >= 0; i--) { + const SSL_CIPHER *sslc = sk_SSL_CIPHER_value(tls13_ciphersuites, i); + + /* Don't include any TLSv1.3 ciphersuites that are disabled */ + if ((sslc->algorithm_enc & ctx->disabled_enc_mask) == 0 + && (ssl_cipher_table_mac[sslc->algorithm2 + & SSL_HANDSHAKE_MAC_MASK].mask + & ctx->disabled_mac_mask) == 0) { + sk_SSL_CIPHER_unshift(tmp_cipher_list, sslc); + } + } if (!update_cipher_list_by_id(cipher_list_by_id, tmp_cipher_list)) { sk_SSL_CIPHER_free(tmp_cipher_list); @@ -1405,7 +1414,7 @@ int ret = set_ciphersuites(&(ctx->tls13_ciphersuites), str); if (ret && ctx->cipher_list != NULL) - return update_cipher_list(&ctx->cipher_list, &ctx->cipher_list_by_id, + return update_cipher_list(ctx, &ctx->cipher_list, &ctx->cipher_list_by_id, ctx->tls13_ciphersuites); return ret; @@ -1421,7 +1430,7 @@ s->cipher_list = sk_SSL_CIPHER_dup(cipher_list); } if (ret && s->cipher_list != NULL) - return update_cipher_list(&s->cipher_list, &s->cipher_list_by_id, + return update_cipher_list(s->ctx, &s->cipher_list, &s->cipher_list_by_id, s->tls13_ciphersuites); return ret; @@ -1638,6 +1647,7 @@ } if (!sk_SSL_CIPHER_push(cipherstack, sslc)) { + OPENSSL_free(co_list); sk_SSL_CIPHER_free(cipherstack); return NULL; } diff -Nru openssl-3.0.0/ssl/ssl_lib.c openssl-3.0.1/ssl/ssl_lib.c --- openssl-3.0.0/ssl/ssl_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/ssl_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -1770,6 +1770,8 @@ (s->waitctx, ssl_async_wait_ctx_cb, s)) return -1; } + + s->rwstate = SSL_NOTHING; switch (ASYNC_start_job(&s->job, s->waitctx, &ret, func, args, sizeof(struct ssl_async_args))) { case ASYNC_ERR: @@ -5973,7 +5975,6 @@ if (!ssl_security(s, SSL_SECOP_TMP_DH, EVP_PKEY_get_security_bits(dhpkey), 0, dhpkey)) { ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL); - EVP_PKEY_free(dhpkey); return 0; } EVP_PKEY_free(s->cert->dh_tmp); @@ -5986,7 +5987,6 @@ if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH, EVP_PKEY_get_security_bits(dhpkey), 0, dhpkey)) { ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL); - EVP_PKEY_free(dhpkey); return 0; } EVP_PKEY_free(ctx->cert->dh_tmp); diff -Nru openssl-3.0.0/ssl/statem/extensions_clnt.c openssl-3.0.1/ssl/statem/extensions_clnt.c --- openssl-3.0.0/ssl/statem/extensions_clnt.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/statem/extensions_clnt.c 2021-12-14 17:16:25.000000000 +0100 @@ -1678,7 +1678,11 @@ /* Ignore if inappropriate ciphersuite */ if (!(s->options & SSL_OP_NO_ENCRYPT_THEN_MAC) && s->s3.tmp.new_cipher->algorithm_mac != SSL_AEAD - && s->s3.tmp.new_cipher->algorithm_enc != SSL_RC4) + && s->s3.tmp.new_cipher->algorithm_enc != SSL_RC4 + && s->s3.tmp.new_cipher->algorithm_enc != SSL_eGOST2814789CNT + && s->s3.tmp.new_cipher->algorithm_enc != SSL_eGOST2814789CNT12 + && s->s3.tmp.new_cipher->algorithm_enc != SSL_MAGMA + && s->s3.tmp.new_cipher->algorithm_enc != SSL_KUZNYECHIK) s->ext.use_etm = 1; return 1; @@ -1830,6 +1834,7 @@ skey = EVP_PKEY_new(); if (skey == NULL || EVP_PKEY_copy_parameters(skey, ckey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_COPY_PARAMETERS_FAILED); + EVP_PKEY_free(skey); return 0; } diff -Nru openssl-3.0.0/ssl/statem/extensions_cust.c openssl-3.0.1/ssl/statem/extensions_cust.c --- openssl-3.0.0/ssl/statem/extensions_cust.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/statem/extensions_cust.c 2021-12-14 17:16:25.000000000 +0100 @@ -145,11 +145,12 @@ } /* - * Extensions received in the ClientHello are marked with the - * SSL_EXT_FLAG_RECEIVED. This is so we know to add the equivalent - * extensions in the ServerHello/EncryptedExtensions message + * Extensions received in the ClientHello or CertificateRequest are marked + * with the SSL_EXT_FLAG_RECEIVED. This is so we know to add the equivalent + * extensions in the response messages */ - if ((context & SSL_EXT_CLIENT_HELLO) != 0) + if ((context & (SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_CERTIFICATE_REQUEST)) + != 0) meth->ext_flags |= SSL_EXT_FLAG_RECEIVED; /* If no parse function set return success */ @@ -191,7 +192,7 @@ | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS | SSL_EXT_TLS1_3_CERTIFICATE | SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST)) != 0) { - /* Only send extensions present in ClientHello. */ + /* Only send extensions present in ClientHello/CertificateRequest */ if (!(meth->ext_flags & SSL_EXT_FLAG_RECEIVED)) continue; } diff -Nru openssl-3.0.0/ssl/statem/README.md openssl-3.0.1/ssl/statem/README.md --- openssl-3.0.0/ssl/statem/README.md 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/statem/README.md 2021-12-14 17:16:25.000000000 +0100 @@ -56,7 +56,7 @@ | | | | ____________V_______V________ ________V______V_______________ | | | | - | statem_both.c | | statem_dtls.c | + | statem_lib.c | | statem_dtls.c | | | | | | Non core functions common | | Non core functions common to | | to both servers and clients | | both DTLS servers and clients | diff -Nru openssl-3.0.0/ssl/statem/statem_clnt.c openssl-3.0.1/ssl/statem/statem_clnt.c --- openssl-3.0.0/ssl/statem/statem_clnt.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/statem/statem_clnt.c 2021-12-14 17:16:25.000000000 +0100 @@ -1878,7 +1878,7 @@ * (less clean) historic behaviour of performing validation if any flag is * set. The *documented* interface remains the same. */ - if (s->verify_mode != SSL_VERIFY_NONE && i <= 0) { + if (s->verify_mode != SSL_VERIFY_NONE && i == 0) { SSLfatal(s, ssl_x509err2alert(s->verify_result), SSL_R_CERTIFICATE_VERIFY_FAILED); return WORK_ERROR; diff -Nru openssl-3.0.0/ssl/statem/statem_lib.c openssl-3.0.1/ssl/statem/statem_lib.c --- openssl-3.0.0/ssl/statem/statem_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/statem/statem_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -2381,6 +2381,8 @@ if (!EVP_MD_CTX_copy_ex(s->pha_dgst, s->s3.handshake_dgst)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); + EVP_MD_CTX_free(s->pha_dgst); + s->pha_dgst = NULL; return 0; } } diff -Nru openssl-3.0.0/ssl/t1_lib.c openssl-3.0.1/ssl/t1_lib.c --- openssl-3.0.0/ssl/t1_lib.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/t1_lib.c 2021-12-14 17:16:25.000000000 +0100 @@ -1267,6 +1267,8 @@ for (i = 0; i < SSL_PKEY_NUM; i++) { const SSL_CERT_LOOKUP *clu = ssl_cert_lookup_by_idx(i); + if (clu == NULL) + continue; if (clu->amask & s->s3.tmp.new_cipher->algorithm_auth) { idx = i; break; diff -Nru openssl-3.0.0/ssl/tls_depr.c openssl-3.0.1/ssl/tls_depr.c --- openssl-3.0.0/ssl/tls_depr.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/ssl/tls_depr.c 2021-12-14 17:16:25.000000000 +0100 @@ -27,6 +27,7 @@ const EVP_CIPHER *tls_get_cipher_from_engine(int nid) { + const EVP_CIPHER *ret = NULL; #ifndef OPENSSL_NO_ENGINE ENGINE *eng; @@ -36,15 +37,16 @@ */ eng = ENGINE_get_cipher_engine(nid); if (eng != NULL) { + ret = ENGINE_get_cipher(eng, nid); ENGINE_finish(eng); - return EVP_get_cipherbynid(nid); } #endif - return NULL; + return ret; } const EVP_MD *tls_get_digest_from_engine(int nid) { + const EVP_MD *ret = NULL; #ifndef OPENSSL_NO_ENGINE ENGINE *eng; @@ -54,11 +56,11 @@ */ eng = ENGINE_get_digest_engine(nid); if (eng != NULL) { + ret = ENGINE_get_digest(eng, nid); ENGINE_finish(eng); - return EVP_get_digestbynid(nid); } #endif - return NULL; + return ret; } #ifndef OPENSSL_NO_ENGINE diff -Nru openssl-3.0.0/SUPPORT.md openssl-3.0.1/SUPPORT.md --- openssl-3.0.0/SUPPORT.md 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/SUPPORT.md 2021-12-14 17:16:25.000000000 +0100 @@ -55,7 +55,7 @@ The fastest way to get a bug fixed is to fix it yourself ;-). If you are experienced in programming and know how to fix the bug, you can open a -pull request. The details are covered in the [Contributing](#contributing) section. +pull request. The details are covered in the [Contributing][contributing] section. Don't hesitate to open a pull request, even if it's only a small change like a grammatical or typographical error in the documentation. @@ -89,3 +89,5 @@ [openssl-announce]: https://mta.openssl.org/mailman/listinfo/openssl-announce [openssl-project]: https://mta.openssl.org/mailman/listinfo/openssl-project [openssl-dev]: https://mta.openssl.org/mailman/listinfo/openssl-dev +[github-issues]: https://github.com/openssl/openssl/issues/new/choose +[contributing]: https://github.com/openssl/openssl/blob/master/CONTRIBUTING.md diff -Nru openssl-3.0.0/test/acvp_test.c openssl-3.0.1/test/acvp_test.c --- openssl-3.0.0/test/acvp_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/acvp_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -71,7 +71,7 @@ buf = OPENSSL_zalloc(sz); if (buf == NULL) goto err; - if (!BN_bn2binpad(bn, buf, sz)) + if (BN_bn2binpad(bn, buf, sz) <= 0) goto err; *out_len = sz; @@ -94,6 +94,7 @@ size_t sig_len; size_t sz = EVP_PKEY_get_size(pkey); + sig_len = sz; if (!TEST_ptr(sig = OPENSSL_malloc(sz)) || !TEST_ptr(md_ctx = EVP_MD_CTX_new()) || !TEST_int_eq(EVP_DigestSignInit_ex(md_ctx, NULL, digest_name, libctx, @@ -164,7 +165,7 @@ pub, pub_len) > 0) || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL)) - || !TEST_true(EVP_PKEY_fromdata_init(ctx)) + || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_PUBLIC_KEY, params), expected)) goto err; @@ -339,7 +340,7 @@ EVP_PKEY *param_key = NULL; if (!TEST_ptr(paramgen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL)) - || !TEST_true(EVP_PKEY_paramgen_init(paramgen_ctx)) + || !TEST_int_gt(EVP_PKEY_paramgen_init(paramgen_ctx), 0) || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(paramgen_ctx, L)) || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(paramgen_ctx, N)) || !TEST_true(EVP_PKEY_paramgen(paramgen_ctx, ¶m_key))) @@ -415,7 +416,7 @@ const struct dsa_paramgen_st *tst = &dsa_paramgen_data[id]; if (!TEST_ptr(paramgen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL)) - || !TEST_true(EVP_PKEY_paramgen_init(paramgen_ctx)) + || !TEST_int_gt(EVP_PKEY_paramgen_init(paramgen_ctx), 0) || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(paramgen_ctx, tst->L)) || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(paramgen_ctx, tst->N)) || !TEST_true(EVP_PKEY_paramgen(paramgen_ctx, ¶m_key)) @@ -503,8 +504,9 @@ } if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL)) - || !TEST_true(EVP_PKEY_fromdata_init(ctx)) - || !TEST_true(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_PUBLIC_KEY, params))) + || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) + || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_PUBLIC_KEY, + params), 1)) goto err; ret = 1; @@ -924,7 +926,7 @@ if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL)) - || !TEST_true(EVP_PKEY_fromdata_init(ctx)) + || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_KEYPAIR, params), pass)) goto err; @@ -1033,8 +1035,9 @@ } if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL)) - || !TEST_true(EVP_PKEY_fromdata_init(ctx)) - || !TEST_true(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_KEYPAIR, params))) + || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) + || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_KEYPAIR, params), + 1)) goto err; ret = 1; @@ -1258,7 +1261,7 @@ test_output_memory("n", n, n_len); test_output_memory("e", e, e_len); - if (!EVP_PKEY_decrypt(ctx, pt, &pt_len, tst->ct, tst->ct_len)) + if (EVP_PKEY_decrypt(ctx, pt, &pt_len, tst->ct, tst->ct_len) <= 0) TEST_note("Decryption Failed"); else test_output_memory("pt", pt, pt_len); diff -Nru openssl-3.0.0/test/afalgtest.c openssl-3.0.1/test/afalgtest.c --- openssl-3.0.0/test/afalgtest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/afalgtest.c 2021-12-14 17:16:25.000000000 +0100 @@ -24,26 +24,7 @@ #ifndef OPENSSL_NO_ENGINE static ENGINE *e; -#endif - - -#ifndef OPENSSL_NO_AFALGENG -# include -# define K_MAJ 4 -# define K_MIN1 1 -# define K_MIN2 0 -# if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2) -/* - * If we get here then it looks like there is a mismatch between the linux - * headers and the actual kernel version, so we have tried to compile with - * afalg support, but then skipped it in e_afalg.c. As far as this test is - * concerned we behave as if we had been configured without support - */ -# define OPENSSL_NO_AFALGENG -# endif -#endif -#ifndef OPENSSL_NO_AFALGENG static int test_afalg_aes_cbc(int keysize_idx) { EVP_CIPHER_CTX *ctx; @@ -127,9 +108,25 @@ EVP_CIPHER_CTX_free(ctx); return ret; } -#endif -#ifndef OPENSSL_NO_ENGINE +static int test_pr16743(void) +{ + int ret = 0; + const EVP_CIPHER * cipher; + EVP_CIPHER_CTX *ctx; + + if (!TEST_true(ENGINE_init(e))) + return 0; + cipher = ENGINE_get_cipher(e, NID_aes_128_cbc); + ctx = EVP_CIPHER_CTX_new(); + if (cipher != NULL && ctx != NULL) + ret = EVP_EncryptInit_ex(ctx, cipher, e, NULL, NULL); + TEST_true(ret); + EVP_CIPHER_CTX_free(ctx); + ENGINE_finish(e); + return ret; +} + int global_init(void) { ENGINE_load_builtin_engines(); @@ -147,9 +144,8 @@ /* Probably a platform env issue, not a test failure. */ TEST_info("Can't load AFALG engine"); } else { -# ifndef OPENSSL_NO_AFALGENG ADD_ALL_TESTS(test_afalg_aes_cbc, 3); -# endif + ADD_TEST(test_pr16743); } #endif diff -Nru openssl-3.0.0/test/algorithmid_test.c openssl-3.0.1/test/algorithmid_test.c --- openssl-3.0.0/test/algorithmid_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/algorithmid_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -48,7 +48,7 @@ goto end; X509_ALGOR_get0(&oid, NULL, NULL, alg); - if (!TEST_true(OBJ_obj2txt(name, sizeof(name), oid, 0))) + if (!TEST_int_gt(OBJ_obj2txt(name, sizeof(name), oid, 0), 0)) goto end; /* diff -Nru openssl-3.0.0/test/bio_enc_test.c openssl-3.0.1/test/bio_enc_test.c --- openssl-3.0.0/test/bio_enc_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/bio_enc_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -51,6 +51,8 @@ /* reference output for single-chunk operation */ b = BIO_new(BIO_f_cipher()); + if (!TEST_ptr(b)) + return 0; if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) return 0; BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE)); @@ -60,6 +62,8 @@ /* perform split operations and compare to reference */ for (i = 1; i < lref; i++) { b = BIO_new(BIO_f_cipher()); + if (!TEST_ptr(b)) + return 0; if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) { TEST_info("Split encrypt failed @ operation %d", i); return 0; @@ -87,6 +91,8 @@ int delta; b = BIO_new(BIO_f_cipher()); + if (!TEST_ptr(b)) + return 0; if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) { TEST_info("Small chunk encrypt failed @ operation %d", i); return 0; @@ -108,6 +114,8 @@ /* reference output for single-chunk operation */ b = BIO_new(BIO_f_cipher()); + if (!TEST_ptr(b)) + return 0; if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT))) return 0; /* Use original reference output as input */ @@ -123,6 +131,8 @@ /* perform split operations and compare to reference */ for (i = 1; i < lref; i++) { b = BIO_new(BIO_f_cipher()); + if (!TEST_ptr(b)) + return 0; if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT))) { TEST_info("Split decrypt failed @ operation %d", i); return 0; @@ -150,6 +160,8 @@ int delta; b = BIO_new(BIO_f_cipher()); + if (!TEST_ptr(b)) + return 0; if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT))) { TEST_info("Small chunk decrypt failed @ operation %d", i); return 0; diff -Nru openssl-3.0.0/test/bio_prefix_text.c openssl-3.0.1/test/bio_prefix_text.c --- openssl-3.0.0/test/bio_prefix_text.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/bio_prefix_text.c 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -211,7 +211,7 @@ progname, idx, amount - 1); return 0; } - if (!BIO_set_indent(chain[idx], (long)indent)) { + if (BIO_set_indent(chain[idx], (long)indent) <= 0) { BIO_printf(bio_err, "%s: failed setting indentation: %s", progname, arg); return 0; @@ -242,7 +242,7 @@ progname, idx, amount - 1); return 0; } - if (!BIO_set_prefix(chain[idx], colon)) { + if (BIO_set_prefix(chain[idx], colon) <= 0) { BIO_printf(bio_err, "%s: failed setting prefix: %s", progname, arg); return 0; diff -Nru openssl-3.0.0/test/bntest.c openssl-3.0.1/test/bntest.c --- openssl-3.0.0/test/bntest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/bntest.c 2021-12-14 17:16:25.000000000 +0100 @@ -30,7 +30,6 @@ /* * Things in boring, not in openssl. */ -#define HAVE_BN_PADDED 0 #define HAVE_BN_SQRT 0 typedef struct filetest_st { @@ -631,6 +630,51 @@ if (!TEST_BN_eq(c, d)) goto err; + /* + * Regression test for overflow bug in bn_sqr_comba4/8 for + * mips-linux-gnu and mipsel-linux-gnu 32bit targets. + */ + { + static const char *ehex[] = { + "95564994a96c45954227b845a1e99cb939d5a1da99ee91acc962396ae999a9ee", + "38603790448f2f7694c242a875f0cad0aae658eba085f312d2febbbd128dd2b5", + "8f7d1149f03724215d704344d0d62c587ae3c5939cba4b9b5f3dc5e8e911ef9a", + "5ce1a5a749a4989d0d8368f6e1f8cdf3a362a6c97fb02047ff152b480a4ad985", + "2d45efdf0770542992afca6a0590d52930434bba96017afbc9f99e112950a8b1", + "a359473ec376f329bdae6a19f503be6d4be7393c4e43468831234e27e3838680", + "b949390d2e416a3f9759e5349ab4c253f6f29f819a6fe4cbfd27ada34903300e", + "da021f62839f5878a36f1bc3085375b00fd5fa3e68d316c0fdace87a97558465", + NULL}; + static const char *phex[] = { + "f95dc0f980fbd22e90caa5a387cc4a369f3f830d50dd321c40db8c09a7e1a241", + "a536e096622d3280c0c1ba849c1f4a79bf490f60006d081e8cf69960189f0d31", + "2cd9e17073a3fba7881b21474a13b334116cb2f5dbf3189a6de3515d0840f053", + "c776d3982d391b6d04d642dda5cc6d1640174c09875addb70595658f89efb439", + "dc6fbd55f903aadd307982d3f659207f265e1ec6271b274521b7a5e28e8fd7a5", + "5df089292820477802a43cf5b6b94e999e8c9944ddebb0d0e95a60f88cb7e813", + "ba110d20e1024774107dd02949031864923b3cb8c3f7250d6d1287b0a40db6a4", + "7bd5a469518eb65aa207ddc47d8c6e5fc8e0c105be8fc1d4b57b2e27540471d5", + NULL}; + static const char *mhex[] = { + "fef15d5ce4625f1bccfbba49fc8439c72bf8202af039a2259678941b60bb4a8f", + "2987e965d58fd8cf86a856674d519763d0e1211cc9f8596971050d56d9b35db3", + "785866cfbca17cfdbed6060be3629d894f924a89fdc1efc624f80d41a22f1900", + "9503fcc3824ef62ccb9208430c26f2d8ceb2c63488ec4c07437aa4c96c43dd8b", + "9289ed00a712ff66ee195dc71f5e4ead02172b63c543d69baf495f5fd63ba7bc", + "c633bd309c016e37736da92129d0b053d4ab28d21ad7d8b6fab2a8bbdc8ee647", + "d2fbcf2cf426cf892e6f5639e0252993965dfb73ccd277407014ea784aaa280c", + "b7b03972bc8b0baa72360bdb44b82415b86b2f260f877791cd33ba8f2d65229b", + NULL}; + + if (!TEST_true(parse_bigBN(&e, ehex)) + || !TEST_true(parse_bigBN(&p, phex)) + || !TEST_true(parse_bigBN(&m, mhex)) + || !TEST_true(BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL)) + || !TEST_true(BN_mod_exp_simple(a, e, p, m, ctx)) + || !TEST_BN_eq(a, d)) + goto err; + } + /* Zero input */ if (!TEST_true(BN_bntest_rand(p, 1024, 0, 0))) goto err; @@ -1734,52 +1778,52 @@ static int test_bn2padded(void) { -#if HAVE_BN_PADDED uint8_t zeros[256], out[256], reference[128]; - BIGNUM *n = BN_new(); + size_t bytes; + BIGNUM *n; int st = 0; /* Test edge case at 0. */ - if (n == NULL) + if (!TEST_ptr((n = BN_new()))) goto err; - if (!TEST_true(BN_bn2bin_padded(NULL, 0, n))) + if (!TEST_int_eq(BN_bn2binpad(n, NULL, 0), 0)) goto err; memset(out, -1, sizeof(out)); - if (!TEST_true(BN_bn2bin_padded(out, sizeof(out)), n)) + if (!TEST_int_eq(BN_bn2binpad(n, out, sizeof(out)), sizeof(out))) goto err; memset(zeros, 0, sizeof(zeros)); if (!TEST_mem_eq(zeros, sizeof(zeros), out, sizeof(out))) goto err; /* Test a random numbers at various byte lengths. */ - for (size_t bytes = 128 - 7; bytes <= 128; bytes++) { + for (bytes = 128 - 7; bytes <= 128; bytes++) { # define TOP_BIT_ON 0 # define BOTTOM_BIT_NOTOUCH 0 if (!TEST_true(BN_rand(n, bytes * 8, TOP_BIT_ON, BOTTOM_BIT_NOTOUCH))) goto err; - if (!TEST_int_eq(BN_num_bytes(n),A) bytes - || TEST_int_eq(BN_bn2bin(n, reference), bytes)) + if (!TEST_int_eq(BN_num_bytes(n), bytes) + || !TEST_int_eq(BN_bn2bin(n, reference), bytes)) goto err; /* Empty buffer should fail. */ - if (!TEST_int_eq(BN_bn2bin_padded(NULL, 0, n)), 0) + if (!TEST_int_eq(BN_bn2binpad(n, NULL, 0), -1)) goto err; /* One byte short should fail. */ - if (BN_bn2bin_padded(out, bytes - 1, n)) + if (!TEST_int_eq(BN_bn2binpad(n, out, bytes - 1), -1)) goto err; /* Exactly right size should encode. */ - if (!TEST_true(BN_bn2bin_padded(out, bytes, n)) - || TEST_mem_eq(out, bytes, reference, bytes)) + if (!TEST_int_eq(BN_bn2binpad(n, out, bytes), bytes) + || !TEST_mem_eq(out, bytes, reference, bytes)) goto err; /* Pad up one byte extra. */ - if (!TEST_true(BN_bn2bin_padded(out, bytes + 1, n)) + if (!TEST_int_eq(BN_bn2binpad(n, out, bytes + 1), bytes + 1) || !TEST_mem_eq(out + 1, bytes, reference, bytes) || !TEST_mem_eq(out, 1, zeros, 1)) goto err; /* Pad up to 256. */ - if (!TEST_true(BN_bn2bin_padded(out, sizeof(out)), n) + if (!TEST_int_eq(BN_bn2binpad(n, out, sizeof(out)), sizeof(out)) || !TEST_mem_eq(out + sizeof(out) - bytes, bytes, reference, bytes) - || !TEST_mem_eq(out, sizseof(out) - bytes, + || !TEST_mem_eq(out, sizeof(out) - bytes, zeros, sizeof(out) - bytes)) goto err; } @@ -1788,9 +1832,6 @@ err: BN_free(n); return st; -#else - return ctx != NULL; -#endif } static int test_dec2bn(void) diff -Nru openssl-3.0.0/test/build.info openssl-3.0.1/test/build.info --- openssl-3.0.0/test/build.info 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/build.info 2021-12-14 17:16:25.000000000 +0100 @@ -62,7 +62,7 @@ context_internal_test aesgcmtest params_test evp_pkey_dparams_test \ keymgmt_internal_test hexstr_test provider_status_test defltfips_test \ bio_readbuffer_test user_property_test pkcs7_test upcallstest \ - provfetchtest prov_config_test + provfetchtest prov_config_test rand_test IF[{- !$disabled{'deprecated-3.0'} -}] PROGRAMS{noinst}=enginetest @@ -84,6 +84,10 @@ INCLUDE[sanitytest]=../include ../apps/include DEPEND[sanitytest]=../libcrypto libtestutil.a + SOURCE[rand_test]=rand_test.c + INCLUDE[rand_test]=../include ../apps/include + DEPEND[rand_test]=../libcrypto libtestutil.a + SOURCE[rsa_complex]=rsa_complex.c INCLUDE[rsa_complex]=../include ../apps/include @@ -840,6 +844,11 @@ INCLUDE[provider_fallback_test]=../include ../apps/include DEPEND[provider_fallback_test]=../libcrypto libtestutil.a + PROGRAMS{noinst}=provider_pkey_test + SOURCE[provider_pkey_test]=provider_pkey_test.c fake_rsaprov.c + INCLUDE[provider_pkey_test]=../include ../apps/include + DEPEND[provider_pkey_test]=../libcrypto libtestutil.a + PROGRAMS{noinst}=params_test SOURCE[params_test]=params_test.c INCLUDE[params_test]=.. ../include ../apps/include diff -Nru openssl-3.0.0/test/certs/cross-key.pem openssl-3.0.1/test/certs/cross-key.pem --- openssl-3.0.0/test/certs/cross-key.pem 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/test/certs/cross-key.pem 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCSkfwkYXTJFL4I +ICRQFXji6eX9I1NI97GBu2Yk8ejwctMttcJTlBLYpYRFQnZgsLwVEhA25KKlSNPz +PPrEVipT5Ll5J6uhWEBGLHETh8Qx4sI508B2zUP+2tnDapYtk5MNSVdQZXVt6wJu +sXY8vd58nHPLo4zr61MTwrj3Ld0lU18YHtxnGSMMYPPTxecE0mjYU038ELxZMdlT ++VSC0KOBJddj64+kXRdiDtQGVWE58MtX5/18LgSY3J/hvNhmcWuY611pgXcmwDPr +Sn1fDeRqG87Qs8KniS1dtWHDCVW/5KZOQeLcK6VTaEdnwdPYQ7BiJp4+3ypKmErd +T9TYBs8XAgMBAAECggEABIxdeGpm8DjGRgSQLjLg88CNPWG89sBrQk0SbvQ1HJfq +dJXRDxgMFtBsFTfX6kla3xfyHpQ/dY4qJZvmQNBXIQ/oiqumw9Ah153qlGJJmXdG +PEQDEz7+2lExawwmjgk6Uvs58LMHmCNUibUdzHgsdZcwudq8R6FWZ8lvIIo6GOJg +1gOoPbeAQtNAx8LPr+eDvpXoWJrCKJKuZCSRLV2CDmEH/+KH123cD4Lg+MsPNBJd +DsOitnVczlqnKDf5gSUXy3cwQlKFtOBa/0pN9wZvZDEWa30RmJmXI2bLo/h6GxGB +JXK57mTJG3UboWFIgNBU9IudPOdzDfJE1ul/Jon/AQKBgQC7/mmZg31a/8zlPLji +oWoEEutyNu0O28BCbBrw9t1SqtPFLm53AzIzB4RFVjn9i5dnxljh618KQiY4FbKM +mz1Yuzf7zCV7n8c1NakGwmW9Ezl8ZoLE44Nu7Pccukorl6uEY7kZa2vGa7krmIcI +6kFbvVbl4scbXlDL88hGHezhoQKBgQDHl3O8kOvOhIwfVH6qIjIO+0oR57Tqtwaw +A3oq6Ppdp65GK9G4f+/5L0z/Ay69MyauBLRA6+9LlW6SmAACSK69juvPMK6gd5uS +yWQ8imh6l304BAryjOHiNXHtpnmiaPAGNgFZKPsPbWlOo4ZexTEBq23i4JM1TUph +xpCmGY1ltwKBgEuYyPo0iAo55zkfq/Fmm2079nYdZEKfV7beJg9UFjgR/crDGyS8 +okkm8qe3PuaYZbATcNaYgcVsSFYxU3V7T7YIw0B8HW6TF9Zr16aiMatQucMurdNi +8g1/OPfSadURzqUUPPDd458M3o+LbHHHUbUEdJdJFGwLB06cn6KikglBAoGAMz8M +xV7EXOsleynbt9090yDsPLqsdhN2UR0jcf8NwZw7H+NCXsfimq1tbJCpoISQqt+k +VIL/lv2QPW1vmyaET0FyBGmwfJ0ZQdAZv32eI9Pfn9FR6kMIAGfOj8FNu8iL0Fxv +bjAafjSOdFWCO7UPxyj39ufIhEgLEB3GqA8pgfMCgYEAn/1Ov1Lu4MWq+72LygqG +78rxk6rIGGET64grG1CSjkylQ9mo14jG6O1lM4fwTjlbGQrKGtzQtL785dW+t5uH +zC2lDRDp8of+ErC31e+N4YDMdUHWeRBgHDYgsx4EgI0jNb02/UlziL1eARBpnfz6 +tw1erVdMmlA3LRBR5Mj+xso= +-----END PRIVATE KEY----- diff -Nru openssl-3.0.0/test/certs/cross-root.pem openssl-3.0.1/test/certs/cross-root.pem --- openssl-3.0.0/test/certs/cross-root.pem 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/test/certs/cross-root.pem 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+jCCAeKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApDcm9z +cyBSb290MCAXDTIxMDgzMDE4MzMyNloYDzIxMjEwODMxMTgzMzI2WjAVMRMwEQYD +VQQDDApDcm9zcyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +kpH8JGF0yRS+CCAkUBV44unl/SNTSPexgbtmJPHo8HLTLbXCU5QS2KWERUJ2YLC8 +FRIQNuSipUjT8zz6xFYqU+S5eSeroVhARixxE4fEMeLCOdPAds1D/trZw2qWLZOT +DUlXUGV1besCbrF2PL3efJxzy6OM6+tTE8K49y3dJVNfGB7cZxkjDGDz08XnBNJo +2FNN/BC8WTHZU/lUgtCjgSXXY+uPpF0XYg7UBlVhOfDLV+f9fC4EmNyf4bzYZnFr +mOtdaYF3JsAz60p9Xw3kahvO0LPCp4ktXbVhwwlVv+SmTkHi3CulU2hHZ8HT2EOw +YiaePt8qSphK3U/U2AbPFwIDAQABo1MwUTAdBgNVHQ4EFgQUL16/ihJvr2w9I5k6 +3jjZ13SPW20wHwYDVR0jBBgwFoAUL16/ihJvr2w9I5k63jjZ13SPW20wDwYDVR0T +AQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUiqf8oQaPX3aW6I+dcRhsq5g +bpYF0X5jePk6UqWu86YcmpoRtGLH7e5aHGJYqrVrkOoo0q4eTL3Pm1/sB3omPRMb +ey/i7Z70wwd5yI8iz/WBmQDahYxq5wSDsUSdZDL0kSyoU2jCwXUPtuC6F1kMZBFI +uUeaFcF8oKVGuOHvZgj/FMBpT7tyjdPpDG4uo6AT04AKGhf5xO5UY2N+uqmEsXHK +HsKAEMrVhdeU5mbrfifvSkMYcYgJOX1KFP+t4U+ogqCHy1/Nfhq+WG1XN5GwhtuO +ze25NqI6ZvA2og4AoeIzvJ/+Nfl5PNtClm0IjbGvR77oOBMs71lO4GjUYj9eiw== +-----END CERTIFICATE----- diff -Nru openssl-3.0.0/test/certs/goodcn2-cert.pem openssl-3.0.1/test/certs/goodcn2-cert.pem --- openssl-3.0.0/test/certs/goodcn2-cert.pem 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/test/certs/goodcn2-cert.pem 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDHTCCAgWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0 +IE5DIENBIDEwIBcNMjExMjAyMTcyNTAyWhgPMjEyMTEyMDMxNzI1MDJaMDwxIzAh +BgNVBAoMGkdvb2QgTkMgVGVzdCBDZXJ0aWZpY2F0ZSAxMRUwEwYDVQQDDAx3d3cu +Z29vZC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqx1t7HiPe +kRAWdiGUt4pklKGZ7338An6R7/y0e/8Grx2jeUfyc19BAB7MW1p8L+zdMjbclNE0 +UZ6RZZNexfgMksNI/nW+4Lzu8qu2wFx1MjbTpMT8w/vnsGBMthxLu6+2wdnpdD1B +0led8xu7PSBgVULqyHcUvoLeRGEsB14yGx7dbIsokYxno1nr4u3BK5ic9KTTSxJR +Ig93qwo2pAZR7mfnOo33B9alhzvSwmEKJ9v7pERDnIP5ED0HaWFAeXl7GFgoH2y9 +QDyJVuwWsoSWIx4Mr8UIr0IbVJU6KsqEiqqc5P5rX/y4tYMkpHZd9U1EONd2uwmX +dwSp0LEmQb/DAgMBAAGjTTBLMB0GA1UdDgQWBBSfJPZqs1tk+xjjDrovr13ORDWn +ojAfBgNVHSMEGDAWgBQI0Zv55tVkcKDxaxqe7VLa3fVQQzAJBgNVHRMEAjAAMA0G +CSqGSIb3DQEBCwUAA4IBAQAEKXs56hB4DOO1vJe7pByfCHU33ij/ux7u68BdkDQ8 +S9SNaoD7h1XNSmC8kKULvpoKctJzJxh1IH4wtvGGGXsUt1By0a6Y5SnKW9/mG4NM +D4fGea0G2AeI8BHFs6vl8voYK9wgx9Ygus3Kj/8h6V7t2zB8ZhhVqpZkAQEjj0C2 +1IV273wD0VdZl7uB+MEKk+7eTjNMeo6JzlBBf5GhtA1WbLNdszMfI0ljo7HAX+9L +yco0xKSKkZQ+v7VdJBfC6odp+epPMZqfyHrkFzUr8XRJfriP1lydPK7AbXLVrLJg +fIXCvUdxQx4B1LaclUDORL5r2tRhRYdAEKtUz7RpQzJK +-----END CERTIFICATE----- diff -Nru openssl-3.0.0/test/certs/goodcn2-chain.pem openssl-3.0.1/test/certs/goodcn2-chain.pem --- openssl-3.0.0/test/certs/goodcn2-chain.pem 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/test/certs/goodcn2-chain.pem 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,40 @@ +-----BEGIN CERTIFICATE----- +MIIDHTCCAgWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxUZXN0 +IE5DIENBIDEwIBcNMjExMjAyMTcyNTAyWhgPMjEyMTEyMDMxNzI1MDJaMDwxIzAh +BgNVBAoMGkdvb2QgTkMgVGVzdCBDZXJ0aWZpY2F0ZSAxMRUwEwYDVQQDDAx3d3cu +Z29vZC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqx1t7HiPe +kRAWdiGUt4pklKGZ7338An6R7/y0e/8Grx2jeUfyc19BAB7MW1p8L+zdMjbclNE0 +UZ6RZZNexfgMksNI/nW+4Lzu8qu2wFx1MjbTpMT8w/vnsGBMthxLu6+2wdnpdD1B +0led8xu7PSBgVULqyHcUvoLeRGEsB14yGx7dbIsokYxno1nr4u3BK5ic9KTTSxJR +Ig93qwo2pAZR7mfnOo33B9alhzvSwmEKJ9v7pERDnIP5ED0HaWFAeXl7GFgoH2y9 +QDyJVuwWsoSWIx4Mr8UIr0IbVJU6KsqEiqqc5P5rX/y4tYMkpHZd9U1EONd2uwmX +dwSp0LEmQb/DAgMBAAGjTTBLMB0GA1UdDgQWBBSfJPZqs1tk+xjjDrovr13ORDWn +ojAfBgNVHSMEGDAWgBQI0Zv55tVkcKDxaxqe7VLa3fVQQzAJBgNVHRMEAjAAMA0G +CSqGSIb3DQEBCwUAA4IBAQAEKXs56hB4DOO1vJe7pByfCHU33ij/ux7u68BdkDQ8 +S9SNaoD7h1XNSmC8kKULvpoKctJzJxh1IH4wtvGGGXsUt1By0a6Y5SnKW9/mG4NM +D4fGea0G2AeI8BHFs6vl8voYK9wgx9Ygus3Kj/8h6V7t2zB8ZhhVqpZkAQEjj0C2 +1IV273wD0VdZl7uB+MEKk+7eTjNMeo6JzlBBf5GhtA1WbLNdszMfI0ljo7HAX+9L +yco0xKSKkZQ+v7VdJBfC6odp+epPMZqfyHrkFzUr8XRJfriP1lydPK7AbXLVrLJg +fIXCvUdxQx4B1LaclUDORL5r2tRhRYdAEKtUz7RpQzJK +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDZjCCAk6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTIwMTIxMjIwMTk0NFoYDzIxMjAxMjEzMjAxOTQ0WjAXMRUwEwYDVQQD +DAxUZXN0IE5DIENBIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC +XjL5JEImsGFW5whlXCfDTeqjZAVb+rSXAhZQ25bP9YvhsbmPVYe8A61zwGStl2rF +mChzN9/+LA40/lh0mjCV82mfNp1XLRPhE9sPGXwfLgJGCy/d6pp/8yGuFmkWPus9 +bhxlOk7ADw4e3R3kVdwn9I3O3mIrI+I45ywZpzrbs/NGFiqhRxXbZTAKyI4INxgB +VZfkoxqesnjD1j36fq7qEVas6gVm27YA9b+31ofFLM7WN811LQELwTdWiF0/xXiO +XawU1QnkrNPxCSPWyeaM4tN50ZPRQA/ArV4I7szKhKskRzGwFgdaxorYn8c+2gTq +fedLPvNw1WPryAumidqTAgMBAAGjgb8wgbwwDwYDVR0TAQH/BAUwAwEB/zALBgNV +HQ8EBAMCAQYwHQYDVR0OBBYEFAjRm/nm1WRwoPFrGp7tUtrd9VBDMB8GA1UdIwQY +MBaAFI71Ja8em2uEPXyAmslTnE1y96NSMFwGA1UdHgRVMFOgUTAOggx3d3cuZ29v +ZC5vcmcwCoIIZ29vZC5jb20wD4ENZ29vZEBnb29kLm9yZzAKgQhnb29kLmNvbTAK +hwh/AAAB/////zAKhwjAqAAA//8AADANBgkqhkiG9w0BAQsFAAOCAQEAVyRsB6B8 +iCYZxBTOO10Bor+Q4xxgs0udVR90/tM57P8GHd10e8suaW2Dtg9stxZJ3cmsn3zd ++QNxNIQuwHTNtVU0OSqKv6puj6ZQETSya4jDAmRqY47R866MHkSwLUYDMFtuM1Wy +gnoD5m1/Uy1K/Wvbnp1Zq4jtTB6su8TmIdJgtpEmte7tIQu5kPXsuJrz/x5a1TfR +hu7h4LJYwKlQtd/LRINnHKd241YSE7PVdG8SPxyrX11hJSC+1Z5Epxc6BCVDVN1E +fyVDdLXvKf30Nlbg2hZfO/cGTmwOt7RImygzhV/s41v4wtMW0EPuVanGQusRgHFm +3JC//UMgfkkwAA== +-----END CERTIFICATE----- diff -Nru openssl-3.0.0/test/certs/goodcn2-key.pem openssl-3.0.1/test/certs/goodcn2-key.pem --- openssl-3.0.0/test/certs/goodcn2-key.pem 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/test/certs/goodcn2-key.pem 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDqx1t7HiPekRAW +diGUt4pklKGZ7338An6R7/y0e/8Grx2jeUfyc19BAB7MW1p8L+zdMjbclNE0UZ6R +ZZNexfgMksNI/nW+4Lzu8qu2wFx1MjbTpMT8w/vnsGBMthxLu6+2wdnpdD1B0led +8xu7PSBgVULqyHcUvoLeRGEsB14yGx7dbIsokYxno1nr4u3BK5ic9KTTSxJRIg93 +qwo2pAZR7mfnOo33B9alhzvSwmEKJ9v7pERDnIP5ED0HaWFAeXl7GFgoH2y9QDyJ +VuwWsoSWIx4Mr8UIr0IbVJU6KsqEiqqc5P5rX/y4tYMkpHZd9U1EONd2uwmXdwSp +0LEmQb/DAgMBAAECggEAIdXrXDoCx1+2ptYNjuZIvqghBhNa38foP9YLYGOCZI82 +QUoIUWvJLY/74E3GI6GwjExhVbbo05ZzuNafv4fecMlx9YIerAytje5RSvw8FvPO +rP/RF/CSzFhB+KxCNbPt5fPYGOoUrfjHgc74jyqHEPsYsseDSe0O5UOLkZHaRHQX +bOhj/lXCN1KKsK+UXscRO55T5SRmHAe4RWaXX3Z4H6FGabKY+AVkT5GWq814PIFU +amoch4TwAKgAY8h7kpkfVgLNe3hLddLU0roakfM1cZdpf9n0EGGi21KluNvSa09a +tiDifv5WDkIQ/Ca2fUvE27atMb1gm4bUzp5OoTWhoQKBgQDrfuxqvouVvM3AyxUY +e6r7vegg5NiODjpBlT/QUqJjhqTSw6Tq4/f5VWnLy3bzipwvzxFQ8E2LjQMtl2Su +aQ8jSb9jwpmmWCoOecRExWgboYPzpczhnXpF4DIYhyomBKTBVbk9EI0wJ/tx9F1B +XCHhA3z8tJvkPTM+QAGGJxdcEQKBgQD/OHN4ujRZ5NgXZp4L9VDosMREvRUbwz+4 +7fgQ70JKdWIVbKFa5/TVIObspLZoRI0jaa4OaaE3v6rqF/yxdPsaPAXW7URR7K52 +HbI41skH0bcflISDdeTpqmlIRAzHG7MeAobV/ARmCnLpa7Lt4p8wT+zAzuY+ncv3 +DabNjePCkwKBgQDoVH/Jj9MGFw6mdbSKQvedBO5OBXfgLgkrSqN6UwwCRIO3q2y4 +j8/FHI8Tj9f6zXTpddAPmgPm+Wd5QzMBHoTgu5EmSoZrpe9X+Km5b0gWenJDnf9T +Vpma9mR17mOWvl4MnxXxOLMSH1/iPMMECHEkHNziMwzZT8eOUncucsKJAQKBgEnp +62c3ZhnysLJ2Qads8HWzW+QcbpSPw1CneoRNBoHR5QoXX9OYAcwHr1kxirI/yDBN +Vt9NsCcZF0Kcl8489svuPjK0nGithwkmKItViPr+vW4j8QyxhA44EC2hp6GyX/l8 ++dfXGN8Ef6siSbujOj8fpo1gXkYcJQnzpi85vJCJAoGAdheX12Afx94YbljuaCdT +T/E+t6xHHnDCpETHmsLh53H03Kv91JCrANMu+BZzKUXI+FW06GJB43S26hF5s+k5 +ZAjJKpgbVC1Jo4Zq5SjlCQhiOvwJ9rt2/6g7qzHZsQMjY/FZKd+8PMgPxWkvjeI7 +lAagooTJyC/VDf6LB05mitg= +-----END PRIVATE KEY----- diff -Nru openssl-3.0.0/test/certs/mkcert.sh openssl-3.0.1/test/certs/mkcert.sh --- openssl-3.0.0/test/certs/mkcert.sh 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/certs/mkcert.sh 2021-12-14 17:16:25.000000000 +0100 @@ -195,6 +195,23 @@ -set_serial 2 -days "${DAYS}" } +geneeconfig() { + local key=$1; shift + local cert=$1; shift + local cakey=$1; shift + local ca=$1; shift + local conf=$1; shift + + exts=$(printf "%s\n%s\n%s\n%s\n" \ + "subjectKeyIdentifier = hash" \ + "authorityKeyIdentifier = keyid" \ + "basicConstraints = CA:false"; \ + echo "$conf") + + cert "$cert" "$exts" -CA "${ca}.pem" -CAkey "${cakey}.pem" \ + -set_serial 2 -days "${DAYS}" +} + # Usage: $0 geneealt keyname certname cakeyname cacertname alt1 alt2 ... # # Note: takes csr on stdin, so must be used with $0 req like this: @@ -206,15 +223,11 @@ local cakey=$1; shift local ca=$1; shift - exts=$(printf "%s\n%s\n%s\n%s\n" \ - "subjectKeyIdentifier = hash" \ - "authorityKeyIdentifier = keyid" \ - "basicConstraints = CA:false" \ - "subjectAltName = @alts"; + conf=$(echo "subjectAltName = @alts" echo "[alts]"; - for x in "$@"; do echo $x; done) - cert "$cert" "$exts" -CA "${ca}.pem" -CAkey "${cakey}.pem" \ - -set_serial 2 -days "${DAYS}" + for x in "$@"; do echo "$x"; done) + + geneeconfig $key $cert $cakey $ca "$conf" } genee() { diff -Nru openssl-3.0.0/test/certs/root-cross-cert.pem openssl-3.0.1/test/certs/root-cross-cert.pem --- openssl-3.0.0/test/certs/root-cross-cert.pem 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/test/certs/root-cross-cert.pem 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC9zCCAd+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApDcm9z +cyBSb290MCAXDTIxMDgzMDE4MzYzOFoYDzIxMjEwODMxMTgzNjM4WjASMRAwDgYD +VQQDDAdSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eYA +9Qa8oEY4eQ8/HnEZE20C3yubdmv8rLAh7daRCEI7pWM17FJboKJKxdYAlAOXWj25 +ZyjSfeMhXKTtxjyNjoTRnVTDPdl0opZ2Z3H5xhpQd7P9eO5b4OOMiSPCmiLsPtQ3 +ngfNwCtVERc6NEIcaQ06GLDtFZRexv2eh8Yc55QaksBfBcFzQ+UD3gmRySTO2I6L +fi7gMUjRhipqVSZ66As2Tpex4KTJ2lxpSwOACFaDox+yKrjBTP7FsU3UwAGq7b7O +Jb3uaa32B81uK6GJVPVo65gJ7clgZsszYkoDsGjWDqtfwTVVfv1G7rrr3Laio+2F +f3fftWgiQ35mJCOvxQIDAQABo1MwUTAdBgNVHQ4EFgQUjvUlrx6ba4Q9fICayVOc +TXL3o1IwHwYDVR0jBBgwFoAUL16/ihJvr2w9I5k63jjZ13SPW20wDwYDVR0TAQH/ +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHi+qdZF/jJrR/F3L60JVLOOUhTpi +LxFFBksZPVaiVf+6R8pSMy0WtDEkzGT430ji6V4i8O/70HXIG9n9pCye8sLsOl6D +exXj/MkwwSd3J0Y58zd8ZwMrK9m/jyFrk9TlWokfIFL/eC8VFsu7qmSSRLIjMuxc +YPPisgR5+WPcus7Jf8auqcYw8eW0GPc1ugJobwucs5e/TinksMfwQrzEydmOPoWI +Pfur7MjPr5IQXROtQv+CihMigPIHvi73YzSe5zdPCw8JcuZ5vBi2pwquvzvGLtMM +Btln/SwonyQMks5WV4dOk6NOB73mCMywCir4ybp9ElJMaUGEF9nLO+h8Fg== +-----END CERTIFICATE----- diff -Nru openssl-3.0.0/test/certs/setup.sh openssl-3.0.1/test/certs/setup.sh --- openssl-3.0.0/test/certs/setup.sh 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/certs/setup.sh 2021-12-14 17:16:25.000000000 +0100 @@ -7,6 +7,9 @@ ./mkcert.sh genroot "Root CA" root-key2 root-cert2 ./mkcert.sh genroot "Root Cert 2" root-key root-name2 DAYS=-1 ./mkcert.sh genroot "Root CA" root-key root-expired +# cross root and root cross cert +./mkcert.sh genroot "Cross Root" cross-key cross-root +./mkcert.sh genca "Root CA" root-key root-cross-cert cross-key cross-root # trust variants: +serverAuth -serverAuth +clientAuth -clientAuth, openssl x509 -in root-cert.pem -trustout \ -addtrust serverAuth -out root+serverAuth.pem @@ -279,6 +282,12 @@ ./mkcert.sh geneealt goodcn1-key goodcn1-cert ncca1-key ncca1-cert \ "IP = 127.0.0.1" "IP = 192.168.0.1" +# all DNS-like CNs allowed by CA1, no SANs + +./mkcert.sh req goodcn2-key "O = Good NC Test Certificate 1" \ + "CN=www.good.org" | \ + ./mkcert.sh geneeconfig goodcn2-key goodcn2-cert ncca1-key ncca1-cert + # Some DNS-like CNs not permitted by CA1, no DNS SANs. ./mkcert.sh req badcn1-key "O = Good NC Test Certificate 1" \ diff -Nru openssl-3.0.0/test/dane-cross.in openssl-3.0.1/test/dane-cross.in --- openssl-3.0.0/test/dane-cross.in 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/test/dane-cross.in 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,113 @@ +# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html +# +# Blank and comment lines ignored. +# +# The first line in each block takes the form: +# +# +# +# It is followed by lines of the form: +# +# +# +# and finally, by certificates. + +# 1 +# Ensure TLSA with direct root works when peer chain provides a +# cross-cert. +1 4 0 0 2 +2 0 0 308202f1308201d9a003020102020101300d06092a864886f70d01010b050030123110300e06035504030c07526f6f742043413020170d3136303131353038313934395a180f32313136303131363038313934395a30123110300e06035504030c07526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e1e600f506bca04638790f3f1e7119136d02df2b9b766bfcacb021edd69108423ba56335ec525ba0a24ac5d6009403975a3db96728d27de3215ca4edc63c8d8e84d19d54c33dd974a296766771f9c61a5077b3fd78ee5be0e38c8923c29a22ec3ed4379e07cdc02b5511173a34421c690d3a18b0ed15945ec6fd9e87c61ce7941a92c05f05c17343e503de0991c924ced88e8b7e2ee03148d1862a6a55267ae80b364e97b1e0a4c9da5c694b0380085683a31fb22ab8c14cfec5b14dd4c001aaedbece25bdee69adf607cd6e2ba18954f568eb9809edc96066cb33624a03b068d60eab5fc135557efd46eebaebdcb6a2a3ed857f77dfb56822437e662423afc50203010001a350304e301d0603551d0e041604148ef525af1e9b6b843d7c809ac9539c4d72f7a352301f0603551d230418301680148ef525af1e9b6b843d7c809ac9539c4d72f7a352300c0603551d13040530030101ff300d06092a864886f70d01010b05000382010100c91449c76ed660ea203d76693df00cb7ca6d6a9affba02d618b9706f32b24a8c8ba68576fd8340bd300607dd2216aeb1fee8e3acae35fc44b4a77bf7f3f41fbb1a36e2071981cfe860b57652a47eb860b1ebca763962d872d06c011b5858e1203e11c56fd695c5c3902b2647b62bc35f4c0b197fa7a99a075fd21899cd2c6e944144ccf146c0a16f30f9adef6467936b8248c0e8327b8d88761a2b4e33aa085370ddf7ea64ddb084905520472f6a37f93e0327aa1f541c6f92d4f8c4e6970f1b9b2ce630e05981d7a0b4ee07b2170130ed39e0a481dd649f04f0ce6c4859d2f9bf970eb74c68bcf3220cb65926714da0d112a979023de86e907aa1f2285de9f0 +subject=CN = server.example +issuer=CN = CA +notBefore=Jan 15 08:19:49 2016 GMT +notAfter=Jan 16 08:19:49 2116 GMT +-----BEGIN CERTIFICATE----- +MIIDIDCCAgigAwIBAgIBAjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJDQTAg +Fw0xNjAxMTUwODE5NDlaGA8yMTE2MDExNjA4MTk0OVowGTEXMBUGA1UEAwwOc2Vy +dmVyLmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo/4lY +YYWu3tssD9Vz++K3qBt6dWAr1H08c3a1rt6TL38kkG3JHPSKOM2fooAWVsu0LLuT +5Rcf/w3GQ/4xNPgo2HXpo7uIgu+jcuJTYgVFTeAxl++qnRDSWA2eBp4yuxsIVl1l +Dz9mjsI2oBH/wFk1/Ukc3RxCMwZ4rgQ4I+XndWfTlK1aqUAfrFkQ9QzBZK1KxMY1 +U7OWaoIbFYvRmavknm+UqtKW5Vf7jJFkijwkFsbSGb6CYBM7YrDtPh2zyvlr3zG5 +ep5LR2inKcc/SuIiJ7TvkGPX79ByST5brbkb1Ctvhmjd1XMSuEPJ3EEPoqNGT4tn +iIQPYf55NB9KiR+3AgMBAAGjfTB7MB0GA1UdDgQWBBTnm+IqrYpsOst2UeWOB5gi +l+FzojAfBgNVHSMEGDAWgBS0ETPx1+Je91OeICIQT4YGvx/JXjAJBgNVHRMEAjAA +MBMGA1UdJQQMMAoGCCsGAQUFBwMBMBkGA1UdEQQSMBCCDnNlcnZlci5leGFtcGxl +MA0GCSqGSIb3DQEBCwUAA4IBAQBBtDxPYULl5b7VFC7/U0NgV8vTJk4zpPnUMMQ4 +QF2AWDFAek8oLKrz18KQ8M/DEhDxgkaoeXEMLT6BJUEVNYuFEYHEDGarl0nMDRXL +xOgAExfz3Tf/pjsLaha5aWH7NyCSKWC+lYkIOJ/Kb/m/6QsDJoXsEC8AhrPfqJhz +UzsCoxIlaDWqawH4+S8bdeX0tvs2VtJk/WOJHxMqXra6kgI4fAgyvr2kIZHinQ3y +cgX40uAC38bwpE95kJ7FhSfQlE1Rt7sOspUj098Dd0RNDn2uKyOTxEqIELHfw4AX +O3XAzt8qDyho8nEd/xiQ6qgsQnvXa+hSRJw42g3/czVskxRx +-----END CERTIFICATE----- +subject=CN = CA +issuer=CN = Root CA +notBefore=Jan 15 08:19:49 2016 GMT +notAfter=Jan 16 08:19:49 2116 GMT +-----BEGIN CERTIFICATE----- +MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD +DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd +j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz +n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W +l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l +YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc +ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9 +CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G +A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ +KoZIhvcNAQELBQADggEBADnZ9uXGAdwfNC3xuERIlBwgLROeBRGgcfHWdXZB/tWk +IM9ox88wYKWynanPbra4n0zhepooKt+naeY2HLR8UgwT6sTi0Yfld9mjytA8/DP6 +AcqtIDDf60vNI00sgxjgZqofVayA9KShzIPzjBec4zI1sg5YzoSNyH28VXFstEpi +8CVtmRYQHhc2gDI9MGge4sHRYwaIFkegzpwcEUnp6tTVe9ZvHawgsXF/rCGfH4M6 +uNO0D+9Md1bdW7382yOtWbkyibsugqnfBYCUH6hAhDlfYzpba2Smb0roc6Crq7HR +5HpEYY6qEir9wFMkD5MZsWrNRGRuzd5am82J+aaHz/4= +-----END CERTIFICATE----- +subject=CN = Root CA +issuer=CN = Cross Root +notBefore=Aug 30 18:36:38 2021 GMT +notAfter=Aug 31 18:36:38 2121 GMT +-----BEGIN CERTIFICATE----- +MIIC9zCCAd+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApDcm9z +cyBSb290MCAXDTIxMDgzMDE4MzYzOFoYDzIxMjEwODMxMTgzNjM4WjASMRAwDgYD +VQQDDAdSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eYA +9Qa8oEY4eQ8/HnEZE20C3yubdmv8rLAh7daRCEI7pWM17FJboKJKxdYAlAOXWj25 +ZyjSfeMhXKTtxjyNjoTRnVTDPdl0opZ2Z3H5xhpQd7P9eO5b4OOMiSPCmiLsPtQ3 +ngfNwCtVERc6NEIcaQ06GLDtFZRexv2eh8Yc55QaksBfBcFzQ+UD3gmRySTO2I6L +fi7gMUjRhipqVSZ66As2Tpex4KTJ2lxpSwOACFaDox+yKrjBTP7FsU3UwAGq7b7O +Jb3uaa32B81uK6GJVPVo65gJ7clgZsszYkoDsGjWDqtfwTVVfv1G7rrr3Laio+2F +f3fftWgiQ35mJCOvxQIDAQABo1MwUTAdBgNVHQ4EFgQUjvUlrx6ba4Q9fICayVOc +TXL3o1IwHwYDVR0jBBgwFoAUL16/ihJvr2w9I5k63jjZ13SPW20wDwYDVR0TAQH/ +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHi+qdZF/jJrR/F3L60JVLOOUhTpi +LxFFBksZPVaiVf+6R8pSMy0WtDEkzGT430ji6V4i8O/70HXIG9n9pCye8sLsOl6D +exXj/MkwwSd3J0Y58zd8ZwMrK9m/jyFrk9TlWokfIFL/eC8VFsu7qmSSRLIjMuxc +YPPisgR5+WPcus7Jf8auqcYw8eW0GPc1ugJobwucs5e/TinksMfwQrzEydmOPoWI +Pfur7MjPr5IQXROtQv+CihMigPIHvi73YzSe5zdPCw8JcuZ5vBi2pwquvzvGLtMM +Btln/SwonyQMks5WV4dOk6NOB73mCMywCir4ybp9ElJMaUGEF9nLO+h8Fg== +-----END CERTIFICATE----- +subject=CN = Cross Root +issuer=CN = Cross Root +notBefore=Aug 30 18:33:26 2021 GMT +notAfter=Aug 31 18:33:26 2121 GMT +-----BEGIN CERTIFICATE----- +MIIC+jCCAeKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApDcm9z +cyBSb290MCAXDTIxMDgzMDE4MzMyNloYDzIxMjEwODMxMTgzMzI2WjAVMRMwEQYD +VQQDDApDcm9zcyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +kpH8JGF0yRS+CCAkUBV44unl/SNTSPexgbtmJPHo8HLTLbXCU5QS2KWERUJ2YLC8 +FRIQNuSipUjT8zz6xFYqU+S5eSeroVhARixxE4fEMeLCOdPAds1D/trZw2qWLZOT +DUlXUGV1besCbrF2PL3efJxzy6OM6+tTE8K49y3dJVNfGB7cZxkjDGDz08XnBNJo +2FNN/BC8WTHZU/lUgtCjgSXXY+uPpF0XYg7UBlVhOfDLV+f9fC4EmNyf4bzYZnFr +mOtdaYF3JsAz60p9Xw3kahvO0LPCp4ktXbVhwwlVv+SmTkHi3CulU2hHZ8HT2EOw +YiaePt8qSphK3U/U2AbPFwIDAQABo1MwUTAdBgNVHQ4EFgQUL16/ihJvr2w9I5k6 +3jjZ13SPW20wHwYDVR0jBBgwFoAUL16/ihJvr2w9I5k63jjZ13SPW20wDwYDVR0T +AQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUiqf8oQaPX3aW6I+dcRhsq5g +bpYF0X5jePk6UqWu86YcmpoRtGLH7e5aHGJYqrVrkOoo0q4eTL3Pm1/sB3omPRMb +ey/i7Z70wwd5yI8iz/WBmQDahYxq5wSDsUSdZDL0kSyoU2jCwXUPtuC6F1kMZBFI +uUeaFcF8oKVGuOHvZgj/FMBpT7tyjdPpDG4uo6AT04AKGhf5xO5UY2N+uqmEsXHK +HsKAEMrVhdeU5mbrfifvSkMYcYgJOX1KFP+t4U+ogqCHy1/Nfhq+WG1XN5GwhtuO +ze25NqI6ZvA2og4AoeIzvJ/+Nfl5PNtClm0IjbGvR77oOBMs71lO4GjUYj9eiw== +-----END CERTIFICATE----- diff -Nru openssl-3.0.0/test/danetest.c openssl-3.0.1/test/danetest.c --- openssl-3.0.0/test/danetest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/danetest.c 2021-12-14 17:16:25.000000000 +0100 @@ -149,10 +149,10 @@ static char *read_to_eol(BIO *f) { - static char buf[1024]; + static char buf[4096]; int n; - if (!BIO_gets(f, buf, sizeof(buf))) + if (BIO_gets(f, buf, sizeof(buf)) <= 0) return NULL; n = strlen(buf); diff -Nru openssl-3.0.0/test/destest.c openssl-3.0.1/test/destest.c --- openssl-3.0.0/test/destest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/destest.c 2021-12-14 17:16:25.000000000 +0100 @@ -771,6 +771,73 @@ EVP_CIPHER_CTX_free(ctx); return res; } + +/*- + * Weak and semi weak keys as taken from + * %A D.W. Davies + * %A W.L. Price + * %T Security for Computer Networks + * %I John Wiley & Sons + * %D 1984 + */ +static struct { + const DES_cblock key; + int expect; +} weak_keys[] = { + /* weak keys */ + {{0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}, 1 }, + {{0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE}, 1 }, + {{0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E}, 1 }, + {{0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1}, 1 }, + /* semi-weak keys */ + {{0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE}, 1 }, + {{0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01}, 1 }, + {{0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1}, 1 }, + {{0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E}, 1 }, + {{0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1}, 1 }, + {{0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01}, 1 }, + {{0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE}, 1 }, + {{0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E}, 1 }, + {{0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E}, 1 }, + {{0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01}, 1 }, + {{0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE}, 1 }, + {{0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1}, 1 }, + /* good key */ + {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 } +}; + +static int test_des_weak_keys(int n) +{ + const_DES_cblock *key = (unsigned char (*)[8])weak_keys[n].key; + + return TEST_int_eq(DES_is_weak_key(key), weak_keys[n].expect); +} + +static struct { + const DES_cblock key; + int expect; +} bad_parity_keys[] = { + {{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 0 }, + {{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 0 }, + /* Perturb each byte in turn to create even parity */ + {{0x48, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, + {{0x49, 0xE8, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, + {{0x49, 0xE9, 0x5C, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, + {{0x49, 0xE9, 0x5D, 0x7D, 0x4C, 0xA2, 0x29, 0xBF}, 0 }, + {{0x49, 0xE9, 0x5D, 0x6D, 0x5C, 0xA2, 0x29, 0xBF}, 0 }, + {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA3, 0x29, 0xBF}, 0 }, + {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x39, 0xBF}, 0 }, + {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBE}, 0 }, + /* Odd parity version of above */ + {{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF}, 1 } +}; + +static int test_des_check_bad_parity(int n) +{ + const_DES_cblock *key = (unsigned char (*)[8])bad_parity_keys[n].key; + + return TEST_int_eq(DES_check_key_parity(key), bad_parity_keys[n].expect); +} #endif int setup_tests(void) @@ -797,6 +864,8 @@ ADD_ALL_TESTS(test_input_align, 4); ADD_ALL_TESTS(test_output_align, 4); ADD_ALL_TESTS(test_des_key_wrap, OSSL_NELEM(test_des_key_wrap_sizes)); + ADD_ALL_TESTS(test_des_weak_keys, OSSL_NELEM(weak_keys)); + ADD_ALL_TESTS(test_des_check_bad_parity, OSSL_NELEM(bad_parity_keys)); #endif return 1; } diff -Nru openssl-3.0.0/test/dhtest.c openssl-3.0.1/test/dhtest.c --- openssl-3.0.0/test/dhtest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/dhtest.c 2021-12-14 17:16:25.000000000 +0100 @@ -730,6 +730,27 @@ return ok; } +static int dh_rfc5114_fix_nid_test(void) +{ + int ok = 0; + EVP_PKEY_CTX *paramgen_ctx; + + /* Run the test. Success is any time the test does not cause a SIGSEGV interrupt */ + paramgen_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DHX, 0); + if (!TEST_ptr(paramgen_ctx)) + goto err; + if (!TEST_int_eq(EVP_PKEY_paramgen_init(paramgen_ctx), 1)) + goto err; + /* Tested function is called here */ + if (!TEST_int_eq(EVP_PKEY_CTX_set_dhx_rfc5114(paramgen_ctx, 3), 1)) + goto err; + /* If we're still running then the test passed. */ + ok = 1; +err: + EVP_PKEY_CTX_free(paramgen_ctx); + return ok; +} + static int dh_get_nid(void) { int ok = 0; @@ -876,6 +897,7 @@ ADD_ALL_TESTS(dh_test_prime_groups, OSSL_NELEM(prime_groups)); ADD_TEST(dh_get_nid); ADD_TEST(dh_load_pkcs3_namedgroup_privlen_test); + ADD_TEST(dh_rfc5114_fix_nid_test); #endif return 1; } diff -Nru openssl-3.0.0/test/ecdsatest.c openssl-3.0.1/test/ecdsatest.c --- openssl-3.0.0/test/ecdsatest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/ecdsatest.c 2021-12-14 17:16:25.000000000 +0100 @@ -46,7 +46,7 @@ || !TEST_true(BN_hex2bn(&tmp, numbers[fbytes_counter])) /* tmp might need leading zeros so pad it out */ || !TEST_int_le(BN_num_bytes(tmp), num) - || !TEST_true(BN_bn2binpad(tmp, buf, num))) + || !TEST_int_gt(BN_bn2binpad(tmp, buf, num), 0)) goto err; fbytes_counter = (fbytes_counter + 1) % OSSL_NELEM(numbers); diff -Nru openssl-3.0.0/test/ectest.c openssl-3.0.1/test/ectest.c --- openssl-3.0.0/test/ectest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/ectest.c 2021-12-14 17:16:25.000000000 +0100 @@ -2919,11 +2919,11 @@ /* create two new provider-native `EVP_PKEY`s */ EVP_PKEY_CTX_free(pctx2); if (!TEST_ptr(pctx2 = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) - || !TEST_true(EVP_PKEY_fromdata_init(pctx2)) - || !TEST_true(EVP_PKEY_fromdata(pctx2, &pkey1, EVP_PKEY_KEYPAIR, - params1)) - || !TEST_true(EVP_PKEY_fromdata(pctx2, &pkey2, EVP_PKEY_PUBLIC_KEY, - params2))) + || !TEST_int_eq(EVP_PKEY_fromdata_init(pctx2), 1) + || !TEST_int_eq(EVP_PKEY_fromdata(pctx2, &pkey1, EVP_PKEY_KEYPAIR, + params1), 1) + || !TEST_int_eq(EVP_PKEY_fromdata(pctx2, &pkey2, EVP_PKEY_PUBLIC_KEY, + params2), 1)) goto err; /* compute keyexchange once more using the provider keys */ @@ -2966,6 +2966,47 @@ return ret; } +static int ec_d2i_publickey_test(void) +{ + unsigned char buf[1000]; + unsigned char *pubkey_enc = buf; + const unsigned char *pk_enc = pubkey_enc; + EVP_PKEY *gen_key = NULL, *decoded_key = NULL; + EVP_PKEY_CTX *pctx = NULL; + int pklen, ret = 0; + OSSL_PARAM params[2]; + + if (!TEST_ptr(gen_key = EVP_EC_gen("P-256"))) + goto err; + + if (!TEST_int_gt(pklen = i2d_PublicKey(gen_key, &pubkey_enc), 0)) + goto err; + + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, + "P-256", 0); + params[1] = OSSL_PARAM_construct_end(); + + if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) + || !TEST_true(EVP_PKEY_fromdata_init(pctx)) + || !TEST_true(EVP_PKEY_fromdata(pctx, &decoded_key, + OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + params)) + || !TEST_ptr(decoded_key) + || !TEST_ptr(decoded_key = d2i_PublicKey(EVP_PKEY_EC, &decoded_key, + &pk_enc, pklen))) + goto err; + + if (!TEST_true(EVP_PKEY_eq(gen_key, decoded_key))) + goto err; + ret = 1; + + err: + EVP_PKEY_CTX_free(pctx); + EVP_PKEY_free(gen_key); + EVP_PKEY_free(decoded_key); + return ret; +} + int setup_tests(void) { crv_len = EC_get_builtin_curves(NULL, 0); @@ -2993,6 +3034,7 @@ ADD_ALL_TESTS(ec_point_hex2point_test, crv_len); ADD_ALL_TESTS(custom_generator_test, crv_len); ADD_ALL_TESTS(custom_params_test, crv_len); + ADD_TEST(ec_d2i_publickey_test); return 1; } diff -Nru openssl-3.0.0/test/enginetest.c openssl-3.0.1/test/enginetest.c --- openssl-3.0.0/test/enginetest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/enginetest.c 2021-12-14 17:16:25.000000000 +0100 @@ -23,6 +23,7 @@ # include # include # include +# include static void display_engine_list(void) { @@ -352,6 +353,80 @@ OPENSSL_free(tmp); return to_return; } + +static int test_x509_dup_w_engine(void) +{ + ENGINE *e = NULL; + X509 *cert = NULL, *dupcert = NULL; + X509_PUBKEY *pubkey, *duppubkey = NULL; + int ret = 0; + BIO *b = NULL; + RSA_METHOD *rsameth = NULL; + + if (!TEST_ptr(b = BIO_new_file(test_get_argument(0), "r")) + || !TEST_ptr(cert = PEM_read_bio_X509(b, NULL, NULL, NULL))) + goto err; + + /* Dup without an engine */ + if (!TEST_ptr(dupcert = X509_dup(cert))) + goto err; + X509_free(dupcert); + dupcert = NULL; + + if (!TEST_ptr(pubkey = X509_get_X509_PUBKEY(cert)) + || !TEST_ptr(duppubkey = X509_PUBKEY_dup(pubkey)) + || !TEST_ptr_ne(duppubkey, pubkey) + || !TEST_ptr_ne(X509_PUBKEY_get0(duppubkey), X509_PUBKEY_get0(pubkey))) + goto err; + + X509_PUBKEY_free(duppubkey); + duppubkey = NULL; + + X509_free(cert); + cert = NULL; + + /* Create a test ENGINE */ + if (!TEST_ptr(e = ENGINE_new()) + || !TEST_true(ENGINE_set_id(e, "Test dummy engine")) + || !TEST_true(ENGINE_set_name(e, "Test dummy engine"))) + goto err; + + if (!TEST_ptr(rsameth = RSA_meth_dup(RSA_get_default_method()))) + goto err; + + ENGINE_set_RSA(e, rsameth); + + if (!TEST_true(ENGINE_set_default_RSA(e))) + goto err; + + if (!TEST_int_ge(BIO_seek(b, 0), 0) + || !TEST_ptr(cert = PEM_read_bio_X509(b, NULL, NULL, NULL))) + goto err; + + /* Dup with an engine set on the key */ + if (!TEST_ptr(dupcert = X509_dup(cert))) + goto err; + + if (!TEST_ptr(pubkey = X509_get_X509_PUBKEY(cert)) + || !TEST_ptr(duppubkey = X509_PUBKEY_dup(pubkey)) + || !TEST_ptr_ne(duppubkey, pubkey) + || !TEST_ptr_ne(X509_PUBKEY_get0(duppubkey), X509_PUBKEY_get0(pubkey))) + goto err; + + ret = 1; + + err: + X509_free(cert); + X509_free(dupcert); + X509_PUBKEY_free(duppubkey); + if (e != NULL) { + ENGINE_unregister_RSA(e); + ENGINE_free(e); + } + RSA_meth_free(rsameth); + BIO_free(b); + return ret; +} #endif int global_init(void) @@ -363,13 +438,27 @@ return OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL); } +OPT_TEST_DECLARE_USAGE("certfile\n") + int setup_tests(void) { #ifdef OPENSSL_NO_ENGINE TEST_note("No ENGINE support"); #else + int n; + + if (!test_skip_common_options()) { + TEST_error("Error parsing test options\n"); + return 0; + } + + n = test_get_argument_count(); + if (n == 0) + return 0; + ADD_TEST(test_engines); ADD_TEST(test_redirect); + ADD_TEST(test_x509_dup_w_engine); #endif return 1; } diff -Nru openssl-3.0.0/test/evp_extra_test2.c openssl-3.0.1/test/evp_extra_test2.c --- openssl-3.0.0/test/evp_extra_test2.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/evp_extra_test2.c 2021-12-14 17:16:25.000000000 +0100 @@ -20,9 +20,7 @@ #include #include #include -#ifndef OPENSSL_NO_DEPRECATED_3_0 -# include -#endif +#include #include #include "testutil.h" #include "internal/nelem.h" @@ -818,6 +816,59 @@ return ret; } +static int test_rsa_pss_sign(void) +{ + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *pctx = NULL; + int ret = 0; + const unsigned char *pdata = keydata[0].kder; + const char *mdname = "SHA2-256"; + OSSL_PARAM sig_params[3]; + unsigned char mdbuf[256 / 8] = { 0 }; + int padding = RSA_PKCS1_PSS_PADDING; + unsigned char *sig = NULL; + size_t sig_len = 0; + + sig_params[0] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_PAD_MODE, + &padding); + sig_params[1] = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, + (char *)mdname, 0); + sig_params[2] = OSSL_PARAM_construct_end(); + + ret = TEST_ptr(pkey = d2i_AutoPrivateKey_ex(NULL, &pdata, keydata[0].size, + mainctx, NULL)) + && TEST_ptr(pctx = EVP_PKEY_CTX_new_from_pkey(mainctx, pkey, NULL)) + && TEST_int_gt(EVP_PKEY_sign_init_ex(pctx, sig_params), 0) + && TEST_int_gt(EVP_PKEY_sign(pctx, NULL, &sig_len, mdbuf, + sizeof(mdbuf)), 0) + && TEST_int_gt(sig_len, 0) + && TEST_ptr(sig = OPENSSL_malloc(sig_len)) + && TEST_int_gt(EVP_PKEY_sign(pctx, sig, &sig_len, mdbuf, + sizeof(mdbuf)), 0); + + EVP_PKEY_CTX_free(pctx); + OPENSSL_free(sig); + EVP_PKEY_free(pkey); + + return ret; +} + +static int test_evp_md_ctx_copy(void) +{ + EVP_MD_CTX *mdctx = NULL; + EVP_MD_CTX *copyctx = NULL; + int ret; + + /* test copying freshly initialized context */ + ret = TEST_ptr(mdctx = EVP_MD_CTX_new()) + && TEST_ptr(copyctx = EVP_MD_CTX_new()) + && TEST_true(EVP_MD_CTX_copy_ex(copyctx, mdctx)); + + EVP_MD_CTX_free(mdctx); + EVP_MD_CTX_free(copyctx); + return ret; +} + int setup_tests(void) { if (!test_get_libctx(&mainctx, &nullprov, NULL, NULL, NULL)) { @@ -843,6 +894,8 @@ ADD_TEST(test_pkcs8key_nid_bio); #endif ADD_ALL_TESTS(test_PEM_read_bio_negative, OSSL_NELEM(keydata)); + ADD_TEST(test_rsa_pss_sign); + ADD_TEST(test_evp_md_ctx_copy); return 1; } diff -Nru openssl-3.0.0/test/evp_extra_test.c openssl-3.0.1/test/evp_extra_test.c --- openssl-3.0.0/test/evp_extra_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/evp_extra_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -30,6 +30,7 @@ #include #include #include +#include #include "testutil.h" #include "internal/nelem.h" #include "internal/sizes.h" @@ -599,6 +600,14 @@ } #endif +#ifndef OPENSSL_NO_EC +static EVP_PKEY *load_example_ec_key(void) +{ + return load_example_key("EC", kExampleECKeyDER, + sizeof(kExampleECKeyDER)); +} +#endif + #ifndef OPENSSL_NO_DEPRECATED_3_0 # ifndef OPENSSL_NO_DH static EVP_PKEY *load_example_dh_key(void) @@ -609,12 +618,6 @@ # endif # ifndef OPENSSL_NO_EC -static EVP_PKEY *load_example_ec_key(void) -{ - return load_example_key("EC", kExampleECKeyDER, - sizeof(kExampleECKeyDER)); -} - static EVP_PKEY *load_example_ed25519_key(void) { return load_example_key("ED25519", kExampleED25519KeyDER, @@ -676,26 +679,56 @@ } #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) -static int test_fromdata(char *keytype, OSSL_PARAM *params) +static EVP_PKEY *make_key_fromdata(char *keytype, OSSL_PARAM *params) { EVP_PKEY_CTX *pctx = NULL; - EVP_PKEY *pkey = NULL; - int testresult = 0; + EVP_PKEY *tmp_pkey = NULL, *pkey = NULL; if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, keytype, testpropq))) goto err; if (!TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0) - || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_KEYPAIR, + || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &tmp_pkey, EVP_PKEY_KEYPAIR, params), 0)) goto err; - if (!TEST_ptr(pkey)) + if (!TEST_ptr(tmp_pkey)) goto err; - testresult = 1; + pkey = tmp_pkey; + tmp_pkey = NULL; err: - EVP_PKEY_free(pkey); + EVP_PKEY_free(tmp_pkey); EVP_PKEY_CTX_free(pctx); + return pkey; +} + +static int test_selection(EVP_PKEY *pkey, int selection) +{ + int testresult = 0; + int ret; + BIO *bio = BIO_new(BIO_s_mem()); + + ret = PEM_write_bio_PUBKEY(bio, pkey); + if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { + if (!TEST_true(ret)) + goto err; + } else { + if (!TEST_false(ret)) + goto err; + } + ret = PEM_write_bio_PrivateKey_ex(bio, pkey, NULL, NULL, 0, NULL, NULL, + testctx, NULL); + if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { + if (!TEST_true(ret)) + goto err; + } else { + if (!TEST_false(ret)) + goto err; + } + + testresult = 1; + err: + BIO_free(bio); return testresult; } @@ -710,6 +743,10 @@ { OSSL_PARAM_BLD *bld = NULL; OSSL_PARAM *params = NULL; + EVP_PKEY *just_params = NULL; + EVP_PKEY *params_and_priv = NULL; + EVP_PKEY *params_and_pub = NULL; + EVP_PKEY *params_and_keypair = NULL; BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL; int ret = 0; @@ -730,14 +767,18 @@ || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q)) || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))) goto err; - if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))) + if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) + || !TEST_ptr(just_params = make_key_fromdata(keytype, params))) goto err; - if (!test_fromdata(keytype, params)) - goto err; OSSL_PARAM_free(params); - params = NULL; OSSL_PARAM_BLD_free(bld); + params = NULL; + bld = NULL; + + if (!test_selection(just_params, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) + || test_selection(just_params, OSSL_KEYMGMT_SELECT_KEYPAIR)) + goto err; /* Test priv and !pub */ if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) @@ -747,14 +788,18 @@ || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))) goto err; - if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))) + if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) + || !TEST_ptr(params_and_priv = make_key_fromdata(keytype, params))) goto err; - if (!test_fromdata(keytype, params)) - goto err; OSSL_PARAM_free(params); - params = NULL; OSSL_PARAM_BLD_free(bld); + params = NULL; + bld = NULL; + + if (!test_selection(params_and_priv, OSSL_KEYMGMT_SELECT_PRIVATE_KEY) + || test_selection(params_and_priv, OSSL_KEYMGMT_SELECT_PUBLIC_KEY)) + goto err; /* Test !priv and pub */ if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) @@ -764,14 +809,18 @@ || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))) goto err; - if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))) + if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) + || !TEST_ptr(params_and_pub = make_key_fromdata(keytype, params))) goto err; - if (!test_fromdata(keytype, params)) - goto err; OSSL_PARAM_free(params); - params = NULL; OSSL_PARAM_BLD_free(bld); + params = NULL; + bld = NULL; + + if (!test_selection(params_and_pub, OSSL_KEYMGMT_SELECT_PUBLIC_KEY) + || test_selection(params_and_pub, OSSL_KEYMGMT_SELECT_PRIVATE_KEY)) + goto err; /* Test priv and pub */ if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) @@ -783,16 +832,21 @@ || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))) goto err; - if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))) + if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) + || !TEST_ptr(params_and_keypair = make_key_fromdata(keytype, params))) goto err; - if (!test_fromdata(keytype, params)) + if (!test_selection(params_and_keypair, EVP_PKEY_KEYPAIR)) goto err; ret = 1; err: OSSL_PARAM_free(params); OSSL_PARAM_BLD_free(bld); + EVP_PKEY_free(just_params); + EVP_PKEY_free(params_and_priv); + EVP_PKEY_free(params_and_pub); + EVP_PKEY_free(params_and_keypair); BN_free(p); BN_free(q); BN_free(g); @@ -826,6 +880,10 @@ { OSSL_PARAM_BLD *bld = NULL; OSSL_PARAM *params = NULL; + EVP_PKEY *just_params = NULL; + EVP_PKEY *params_and_priv = NULL; + EVP_PKEY *params_and_pub = NULL; + EVP_PKEY *params_and_keypair = NULL; BIGNUM *priv = NULL; int ret = 0; @@ -842,14 +900,18 @@ OSSL_PKEY_PARAM_GROUP_NAME, "P-256", 0))) goto err; - if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))) + if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) + || !TEST_ptr(just_params = make_key_fromdata("EC", params))) goto err; - if (!test_fromdata("EC", params)) - goto err; OSSL_PARAM_free(params); - params = NULL; OSSL_PARAM_BLD_free(bld); + params = NULL; + bld = NULL; + + if (!test_selection(just_params, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) + || test_selection(just_params, OSSL_KEYMGMT_SELECT_KEYPAIR)) + goto err; /* Test priv and !pub */ if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) @@ -859,14 +921,24 @@ || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))) goto err; - if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))) + if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) + || !TEST_ptr(params_and_priv = make_key_fromdata("EC", params))) goto err; - if (!test_fromdata("EC", params)) - goto err; OSSL_PARAM_free(params); - params = NULL; OSSL_PARAM_BLD_free(bld); + params = NULL; + bld = NULL; + + /* + * We indicate only parameters here, in spite of having built a key that + * has a private part, because the PEM_write_bio_PrivateKey_ex call is + * expected to fail because it does not support exporting a private EC + * key without a corresponding public key + */ + if (!test_selection(params_and_priv, OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) + || test_selection(params_and_priv, OSSL_KEYMGMT_SELECT_PUBLIC_KEY)) + goto err; /* Test !priv and pub */ if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) @@ -877,14 +949,18 @@ OSSL_PKEY_PARAM_PUB_KEY, ec_pub, sizeof(ec_pub)))) goto err; - if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))) + if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) + || !TEST_ptr(params_and_pub = make_key_fromdata("EC", params))) goto err; - if (!test_fromdata("EC", params)) - goto err; OSSL_PARAM_free(params); - params = NULL; OSSL_PARAM_BLD_free(bld); + params = NULL; + bld = NULL; + + if (!test_selection(params_and_pub, OSSL_KEYMGMT_SELECT_PUBLIC_KEY) + || test_selection(params_and_pub, OSSL_KEYMGMT_SELECT_PRIVATE_KEY)) + goto err; /* Test priv and pub */ if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) @@ -897,16 +973,35 @@ || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))) goto err; - if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))) + if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) + || !TEST_ptr(params_and_keypair = make_key_fromdata("EC", params))) + goto err; + + if (!test_selection(params_and_keypair, EVP_PKEY_KEYPAIR)) goto err; - if (!test_fromdata("EC", params)) + /* Try key equality */ + if (!TEST_int_gt(EVP_PKEY_parameters_eq(just_params, just_params), 0) + || !TEST_int_gt(EVP_PKEY_parameters_eq(just_params, params_and_pub), + 0) + || !TEST_int_gt(EVP_PKEY_parameters_eq(just_params, params_and_priv), + 0) + || !TEST_int_gt(EVP_PKEY_parameters_eq(just_params, params_and_keypair), + 0) + || !TEST_int_gt(EVP_PKEY_eq(params_and_pub, params_and_pub), 0) + || !TEST_int_gt(EVP_PKEY_eq(params_and_priv, params_and_priv), 0) + || !TEST_int_gt(EVP_PKEY_eq(params_and_keypair, params_and_pub), 0) + || !TEST_int_gt(EVP_PKEY_eq(params_and_keypair, params_and_priv), 0)) goto err; ret = 1; err: OSSL_PARAM_free(params); OSSL_PARAM_BLD_free(bld); + EVP_PKEY_free(just_params); + EVP_PKEY_free(params_and_priv); + EVP_PKEY_free(params_and_pub); + EVP_PKEY_free(params_and_keypair); BN_free(priv); return ret; @@ -978,6 +1073,66 @@ # endif /* OPENSSL_NO_DEPRECATED_3_0 */ #endif /* OPENSSL_NO_EC */ +static int test_EVP_PKEY_sign(int tst) +{ + int ret = 0; + EVP_PKEY *pkey = NULL; + unsigned char *sig = NULL; + size_t sig_len = 0, shortsig_len = 1; + EVP_PKEY_CTX *ctx = NULL; + unsigned char tbs[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13 + }; + + if (tst == 0 ) { + if (!TEST_ptr(pkey = load_example_rsa_key())) + goto out; + } else if (tst == 1) { +#ifndef OPENSSL_NO_DSA + if (!TEST_ptr(pkey = load_example_dsa_key())) + goto out; +#else + ret = 1; + goto out; +#endif + } else { +#ifndef OPENSSL_NO_EC + if (!TEST_ptr(pkey = load_example_ec_key())) + goto out; +#else + ret = 1; + goto out; +#endif + } + + ctx = EVP_PKEY_CTX_new_from_pkey(testctx, pkey, NULL); + if (!TEST_ptr(ctx) + || !TEST_int_gt(EVP_PKEY_sign_init(ctx), 0) + || !TEST_int_gt(EVP_PKEY_sign(ctx, NULL, &sig_len, tbs, + sizeof(tbs)), 0)) + goto out; + sig = OPENSSL_malloc(sig_len); + if (!TEST_ptr(sig) + /* Test sending a signature buffer that is too short is rejected */ + || !TEST_int_le(EVP_PKEY_sign(ctx, sig, &shortsig_len, tbs, + sizeof(tbs)), 0) + || !TEST_int_gt(EVP_PKEY_sign(ctx, sig, &sig_len, tbs, sizeof(tbs)), + 0) + /* Test the signature round-trips */ + || !TEST_int_gt(EVP_PKEY_verify_init(ctx), 0) + || !TEST_int_gt(EVP_PKEY_verify(ctx, sig, sig_len, tbs, sizeof(tbs)), + 0)) + goto out; + + ret = 1; + out: + EVP_PKEY_CTX_free(ctx); + OPENSSL_free(sig); + EVP_PKEY_free(pkey); + return ret; +} + /* * n = 0 => test using legacy cipher * n = 1 => test using fetched cipher @@ -1046,24 +1201,37 @@ * Test 6: Use an MD BIO to do the Update calls instead (RSA) * Test 7: Use an MD BIO to do the Update calls instead (DSA) * Test 8: Use an MD BIO to do the Update calls instead (HMAC) + * Test 9: Use EVP_DigestSign (Implicit fetch digest, RSA, short sig) + * Test 10: Use EVP_DigestSign (Implicit fetch digest, DSA, short sig) + * Test 11: Use EVP_DigestSign (Implicit fetch digest, HMAC, short sig) + * Test 12: Use EVP_DigestSign (Implicit fetch digest, RSA) + * Test 13: Use EVP_DigestSign (Implicit fetch digest, DSA) + * Test 14: Use EVP_DigestSign (Implicit fetch digest, HMAC) + * Test 15-29: Same as above with reinitialization */ static int test_EVP_DigestSignInit(int tst) { int ret = 0; EVP_PKEY *pkey = NULL; unsigned char *sig = NULL, *sig2 = NULL; - size_t sig_len = 0, sig2_len = 0; + size_t sig_len = 0, sig2_len = 0, shortsig_len = 1; EVP_MD_CTX *md_ctx = NULL, *md_ctx_verify = NULL; EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL; BIO *mdbio = NULL, *membio = NULL; size_t written; const EVP_MD *md; EVP_MD *mdexp = NULL; + int reinit = 0; if (nullprov != NULL) return TEST_skip("Test does not support a non-default library context"); - if (tst >= 6) { + if (tst >= 15) { + reinit = 1; + tst -= 15; + } + + if (tst >= 6 && tst <= 8) { membio = BIO_new(BIO_s_mem()); mdbio = BIO_new(BIO_f_md()); if (!TEST_ptr(membio) || !TEST_ptr(mdbio)) @@ -1077,10 +1245,10 @@ goto out; } - if (tst == 0 || tst == 3 || tst == 6) { + if (tst % 3 == 0) { if (!TEST_ptr(pkey = load_example_rsa_key())) goto out; - } else if (tst == 1 || tst == 4 || tst == 7) { + } else if (tst % 3 == 1) { #ifndef OPENSSL_NO_DSA if (!TEST_ptr(pkey = load_example_dsa_key())) goto out; @@ -1101,26 +1269,57 @@ if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, md, NULL, pkey))) goto out; - if (tst >= 6) { + if (reinit && !TEST_true(EVP_DigestSignInit(md_ctx, NULL, NULL, NULL, NULL))) + goto out; + + if (tst >= 6 && tst <= 8) { if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written)) goto out; - } else { + } else if (tst < 6) { if (!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg)))) goto out; } - /* Determine the size of the signature. */ - if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)) - || !TEST_ptr(sig = OPENSSL_malloc(sig_len)) - || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len))) - goto out; + if (tst >= 9) { + /* Determine the size of the signature. */ + if (!TEST_true(EVP_DigestSign(md_ctx, NULL, &sig_len, kMsg, + sizeof(kMsg))) + || !TEST_ptr(sig = OPENSSL_malloc(sig_len))) + goto out; + if (tst <= 11) { + /* Test that supply a short sig buffer fails */ + if (!TEST_false(EVP_DigestSign(md_ctx, sig, &shortsig_len, kMsg, + sizeof(kMsg)))) + goto out; + /* + * We end here because once EVP_DigestSign() has failed you should + * not call it again without re-initing the ctx + */ + ret = 1; + goto out; + } + if (!TEST_true(EVP_DigestSign(md_ctx, sig, &sig_len, kMsg, + sizeof(kMsg)))) + goto out; + } else { + /* Determine the size of the signature. */ + if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)) + || !TEST_ptr(sig = OPENSSL_malloc(sig_len)) + /* + * Trying to create a signature with a deliberately short + * buffer should fail. + */ + || !TEST_false(EVP_DigestSignFinal(md_ctx, sig, &shortsig_len)) + || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len))) + goto out; + } /* * Ensure that the signature round-trips (Verification isn't supported for * HMAC via EVP_DigestVerify*) */ - if (tst != 2 && tst != 5 && tst != 8) { - if (tst >= 6) { + if (tst % 3 != 2) { + if (tst >= 6 && tst <= 8) { if (!TEST_int_gt(BIO_reset(mdbio), 0) || !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0)) goto out; @@ -1130,7 +1329,7 @@ NULL, pkey))) goto out; - if (tst >= 6) { + if (tst >= 6 && tst <= 8) { if (!TEST_true(BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))) goto out; } else { @@ -1138,11 +1337,11 @@ sizeof(kMsg)))) goto out; } - if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len))) + if (!TEST_int_gt(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len), 0)) goto out; /* Multiple calls to EVP_DigestVerifyFinal should work */ - if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len))) + if (!TEST_int_gt(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len), 0)) goto out; } else { /* @@ -1188,8 +1387,15 @@ if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey)) || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg))) - || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature, - sizeof(kSignature)))) + || !TEST_int_gt(EVP_DigestVerifyFinal(md_ctx, kSignature, + sizeof(kSignature)), 0)) + goto out; + + /* test with reinitialization */ + if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, NULL, NULL, NULL)) + || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg))) + || !TEST_int_gt(EVP_DigestVerifyFinal(md_ctx, kSignature, + sizeof(kSignature)), 0)) goto out; ret = 1; @@ -1199,6 +1405,57 @@ return ret; } +#ifndef OPENSSL_NO_SIPHASH +/* test SIPHASH MAC via EVP_PKEY with non-default parameters and reinit */ +static int test_siphash_digestsign(void) +{ + unsigned char key[16]; + unsigned char buf[8], digest[8]; + unsigned char expected[8] = { + 0x6d, 0x3e, 0x54, 0xc2, 0x2f, 0xf1, 0xfe, 0xe2 + }; + EVP_PKEY *pkey = NULL; + EVP_MD_CTX *mdctx = NULL; + EVP_PKEY_CTX *ctx = NULL; + int ret = 0; + size_t len = 8; + + if (nullprov != NULL) + return TEST_skip("Test does not support a non-default library context"); + + memset(buf, 0, 8); + memset(key, 1, 16); + if (!TEST_ptr(pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_SIPHASH, NULL, + key, 16))) + goto out; + + if (!TEST_ptr(mdctx = EVP_MD_CTX_create())) + goto out; + + if (!TEST_true(EVP_DigestSignInit(mdctx, &ctx, NULL, NULL, pkey))) + goto out; + if (!TEST_int_eq(EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_SIGNCTX, + EVP_PKEY_CTRL_SET_DIGEST_SIZE, + 8, NULL), 1)) + goto out; + /* reinitialize */ + if (!TEST_true(EVP_DigestSignInit(mdctx, NULL, NULL, NULL, NULL))) + goto out; + if (!TEST_true(EVP_DigestSignUpdate(mdctx, buf, 8))) + goto out; + if (!TEST_true(EVP_DigestSignFinal(mdctx, digest, &len))) + goto out; + if (!TEST_mem_eq(digest, len, expected, sizeof(expected))) + goto out; + + ret = 1; + out: + EVP_PKEY_free(pkey); + EVP_MD_CTX_free(mdctx); + return ret; +} +#endif + /* * Test corner cases of EVP_DigestInit/Update/Final API call behavior. */ @@ -1252,6 +1509,35 @@ return ret; } +static int test_EVP_md_null(void) +{ + int ret = 0; + EVP_MD_CTX *md_ctx = NULL; + const EVP_MD *md_null = EVP_md_null(); + unsigned char md_value[EVP_MAX_MD_SIZE]; + unsigned int md_len = sizeof(md_value); + + if (nullprov != NULL) + return TEST_skip("Test does not support a non-default library context"); + + if (!TEST_ptr(md_null) + || !TEST_ptr(md_ctx = EVP_MD_CTX_new())) + goto out; + + if (!TEST_true(EVP_DigestInit_ex(md_ctx, md_null, NULL)) + || !TEST_true(EVP_DigestUpdate(md_ctx, "test", 4)) + || !TEST_true(EVP_DigestFinal_ex(md_ctx, md_value, &md_len))) + goto out; + + if (!TEST_uint_eq(md_len, 0)) + goto out; + + ret = 1; + out: + EVP_MD_CTX_free(md_ctx); + return ret; +} + static int test_d2i_AutoPrivateKey(int i) { int ret = 0; @@ -1473,7 +1759,7 @@ /* Create key parameters */ if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, "EC", NULL)) - || !TEST_true(EVP_PKEY_paramgen_init(pctx)) + || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0) || !TEST_true(EVP_PKEY_CTX_set_group_name(pctx, "P-256")) || !TEST_true(EVP_PKEY_CTX_set_ec_param_enc(pctx, enc)) || !TEST_true(EVP_PKEY_paramgen(pctx, ¶ms)) @@ -1482,7 +1768,7 @@ /* Create key */ if (!TEST_ptr(kctx = EVP_PKEY_CTX_new_from_pkey(testctx, params, NULL)) - || !TEST_true(EVP_PKEY_keygen_init(kctx)) + || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0) || !TEST_true(EVP_PKEY_keygen(kctx, &key)) || !TEST_ptr(key)) goto done; @@ -1564,7 +1850,7 @@ if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg)))) goto done; - if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature)))) + if (!TEST_int_gt(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature)), 0)) goto done; rc = 1; @@ -1622,7 +1908,7 @@ pkeyparams, testpropq))) goto done; - if (!TEST_true(EVP_PKEY_keygen_init(kctx))) + if (!TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)) goto done; if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey))) @@ -1674,7 +1960,7 @@ if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg)))) goto done; - if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len))) + if (!TEST_int_gt(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len), 0)) goto done; /* now check encryption/decryption */ @@ -1718,8 +2004,8 @@ if (!TEST_true(EVP_PKEY_CTX_set_params(cctx, sparams))) goto done; - if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, - ctext_len))) + if (!TEST_int_gt(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, + ctext_len), 0)) goto done; if (!TEST_true(EVP_PKEY_CTX_get_params(cctx, gparams))) @@ -1805,7 +2091,7 @@ int ret = 0; unsigned char buf[80]; unsigned char *in; - size_t inlen, len = 0; + size_t inlen, len = 0, shortlen = 1; EVP_PKEY *pkey; /* Check if this algorithm supports public keys */ @@ -1855,8 +2141,20 @@ || !TEST_int_eq(EVP_PKEY_eq(pkey, pkey), 1) || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len))) || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len))) - || !TEST_true(len == inlen) - || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len))) + || !TEST_true(len == inlen)) + goto done; + if (tst != 1) { + /* + * Test that supplying a buffer that is too small fails. Doesn't apply + * to HMAC with a zero length key + */ + if ((!pub && !TEST_false(EVP_PKEY_get_raw_private_key(pkey, buf, + &shortlen))) + || (pub && !TEST_false(EVP_PKEY_get_raw_public_key(pkey, buf, + &shortlen)))) + goto done; + } + if ((!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len))) || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len))) || !TEST_mem_eq(in, inlen, buf, len)) goto done; @@ -1961,7 +2259,7 @@ { EVP_MD_CTX *mdctx = EVP_MD_CTX_new(); const char msg[] = "Hello World"; - size_t maclen; + size_t maclen = AES_BLOCK_SIZE; int ret = 1; if (!TEST_ptr(mdctx) @@ -2169,7 +2467,7 @@ if (!TEST_ptr(X509_PUBKEY_get0(xq)) || !TEST_ptr(X509_PUBKEY_get0(xp)) - || !TEST_ptr_eq(X509_PUBKEY_get0(xq), X509_PUBKEY_get0(xp))) + || !TEST_ptr_ne(X509_PUBKEY_get0(xq), X509_PUBKEY_get0(xp))) goto done; X509_PUBKEY_free(xq); @@ -2984,7 +3282,7 @@ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); if (!TEST_ptr(ctx) - || !TEST_true(EVP_PKEY_keygen_init(ctx)) + || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0) || !TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid)) || !TEST_true(EVP_PKEY_keygen(ctx, &pkey))) goto done; @@ -3038,7 +3336,7 @@ md = EVP_MD_fetch(testctx, "sha256", testpropq); ret = TEST_ptr(md) && TEST_ptr((ctx = EVP_PKEY_CTX_new_from_name(testctx, "RSA", testpropq))) - && TEST_true(EVP_PKEY_keygen_init(ctx)) + && TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0) && TEST_int_gt(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 512), 0) && TEST_true(EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, md)) && TEST_true(EVP_PKEY_keygen(ctx, &pkey)); @@ -3049,6 +3347,32 @@ return ret; } +static int test_EVP_rsa_pss_set_saltlen(void) +{ + int ret = 0; + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *pkey_ctx = NULL; + EVP_MD *sha256 = NULL; + EVP_MD_CTX *sha256_ctx = NULL; + int saltlen = 9999; /* buggy EVP_PKEY_CTX_get_rsa_pss_saltlen() didn't update this */ + const int test_value = 32; + + ret = TEST_ptr(pkey = load_example_rsa_key()) + && TEST_ptr(sha256 = EVP_MD_fetch(testctx, "sha256", NULL)) + && TEST_ptr(sha256_ctx = EVP_MD_CTX_new()) + && TEST_true(EVP_DigestSignInit(sha256_ctx, &pkey_ctx, sha256, NULL, pkey)) + && TEST_true(EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING)) + && TEST_true(EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, test_value)) + && TEST_true(EVP_PKEY_CTX_get_rsa_pss_saltlen(pkey_ctx, &saltlen)) + && TEST_int_eq(saltlen, test_value); + + EVP_MD_CTX_free(sha256_ctx); + EVP_PKEY_free(pkey); + EVP_MD_free(sha256); + + return ret; +} + static int success = 1; static void md_names(const char *name, void *vctx) { @@ -3854,8 +4178,171 @@ return testresult; } + +# ifndef OPENSSL_NO_DYNAMIC_ENGINE +/* Test we can create a signature keys with an associated ENGINE */ +static int test_signatures_with_engine(int tst) +{ + ENGINE *e; + const char *engine_id = "dasync"; + EVP_PKEY *pkey = NULL; + const unsigned char badcmackey[] = { 0x00, 0x01 }; + const unsigned char cmackey[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f + }; + const unsigned char ed25519key[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f + }; + const unsigned char msg[] = { 0x00, 0x01, 0x02, 0x03 }; + int testresult = 0; + EVP_MD_CTX *ctx = NULL; + unsigned char *mac = NULL; + size_t maclen = 0; + int ret; + +# ifdef OPENSSL_NO_CMAC + /* Skip CMAC tests in a no-cmac build */ + if (tst <= 1) + return 1; +# endif + + if (!TEST_ptr(e = ENGINE_by_id(engine_id))) + return 0; + + if (!TEST_true(ENGINE_init(e))) { + ENGINE_free(e); + return 0; + } + + switch (tst) { + case 0: + pkey = EVP_PKEY_new_CMAC_key(e, cmackey, sizeof(cmackey), + EVP_aes_128_cbc()); + break; + case 1: + pkey = EVP_PKEY_new_CMAC_key(e, badcmackey, sizeof(badcmackey), + EVP_aes_128_cbc()); + break; + case 2: + pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, e, ed25519key, + sizeof(ed25519key)); + break; + default: + TEST_error("Invalid test case"); + goto err; + } + if (!TEST_ptr(pkey)) + goto err; + + if (!TEST_ptr(ctx = EVP_MD_CTX_new())) + goto err; + + ret = EVP_DigestSignInit(ctx, NULL, tst == 2 ? NULL : EVP_sha256(), NULL, + pkey); + if (tst == 0) { + if (!TEST_true(ret)) + goto err; + + if (!TEST_true(EVP_DigestSignUpdate(ctx, msg, sizeof(msg))) + || !TEST_true(EVP_DigestSignFinal(ctx, NULL, &maclen))) + goto err; + + if (!TEST_ptr(mac = OPENSSL_malloc(maclen))) + goto err; + + if (!TEST_true(EVP_DigestSignFinal(ctx, mac, &maclen))) + goto err; + } else { + /* We used a bad key. We expect a failure here */ + if (!TEST_false(ret)) + goto err; + } + + testresult = 1; + err: + EVP_MD_CTX_free(ctx); + OPENSSL_free(mac); + EVP_PKEY_free(pkey); + ENGINE_finish(e); + ENGINE_free(e); + + return testresult; +} + +static int test_cipher_with_engine(void) +{ + ENGINE *e; + const char *engine_id = "dasync"; + const unsigned char keyiv[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f + }; + const unsigned char msg[] = { 0x00, 0x01, 0x02, 0x03 }; + int testresult = 0; + EVP_CIPHER_CTX *ctx = NULL, *ctx2 = NULL; + unsigned char buf[AES_BLOCK_SIZE]; + int len = 0; + + if (!TEST_ptr(e = ENGINE_by_id(engine_id))) + return 0; + + if (!TEST_true(ENGINE_init(e))) { + ENGINE_free(e); + return 0; + } + + if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()) + || !TEST_ptr(ctx2 = EVP_CIPHER_CTX_new())) + goto err; + + if (!TEST_true(EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), e, keyiv, keyiv))) + goto err; + + /* Copy the ctx, and complete the operation with the new ctx */ + if (!TEST_true(EVP_CIPHER_CTX_copy(ctx2, ctx))) + goto err; + + if (!TEST_true(EVP_EncryptUpdate(ctx2, buf, &len, msg, sizeof(msg))) + || !TEST_true(EVP_EncryptFinal_ex(ctx2, buf + len, &len))) + goto err; + + testresult = 1; + err: + EVP_CIPHER_CTX_free(ctx); + EVP_CIPHER_CTX_free(ctx2); + ENGINE_finish(e); + ENGINE_free(e); + + return testresult; +} +# endif /* OPENSSL_NO_DYNAMIC_ENGINE */ #endif /* OPENSSL_NO_DEPRECATED_3_0 */ +static int ecxnids[] = { + NID_X25519, + NID_X448, + NID_ED25519, + NID_ED448 +}; + +/* Test that creating ECX keys with a short private key fails as expected */ +static int test_ecx_short_keys(int tst) +{ + unsigned char ecxkeydata = 1; + EVP_PKEY *pkey; + + + pkey = EVP_PKEY_new_raw_private_key(ecxnids[tst], NULL, &ecxkeydata, 1); + if (!TEST_ptr_null(pkey)) { + EVP_PKEY_free(pkey); + return 0; + } + return 1; +} + typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, @@ -3897,9 +4384,14 @@ } ADD_TEST(test_EVP_set_default_properties); - ADD_ALL_TESTS(test_EVP_DigestSignInit, 9); + ADD_ALL_TESTS(test_EVP_DigestSignInit, 30); ADD_TEST(test_EVP_DigestVerifyInit); +#ifndef OPENSSL_NO_SIPHASH + ADD_TEST(test_siphash_digestsign); +#endif ADD_TEST(test_EVP_Digest); + ADD_TEST(test_EVP_md_null); + ADD_ALL_TESTS(test_EVP_PKEY_sign, 3); ADD_ALL_TESTS(test_EVP_Enveloped, 2); ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata)); ADD_TEST(test_privatekey_to_pkcs8); @@ -3966,6 +4458,7 @@ ADD_ALL_TESTS(test_evp_iv_des, 6); #endif ADD_TEST(test_EVP_rsa_pss_with_keygen_bits); + ADD_TEST(test_EVP_rsa_pss_set_saltlen); #ifndef OPENSSL_NO_EC ADD_ALL_TESTS(test_ecpub, OSSL_NELEM(ecpub_nids)); #endif @@ -3980,8 +4473,22 @@ #ifndef OPENSSL_NO_DEPRECATED_3_0 ADD_ALL_TESTS(test_custom_pmeth, 12); ADD_TEST(test_evp_md_cipher_meth); + +# ifndef OPENSSL_NO_DYNAMIC_ENGINE + /* Tests only support the default libctx */ + if (testctx == NULL) { +# ifndef OPENSSL_NO_EC + ADD_ALL_TESTS(test_signatures_with_engine, 3); +# else + ADD_ALL_TESTS(test_signatures_with_engine, 2); +# endif + ADD_TEST(test_cipher_with_engine); + } +# endif #endif + ADD_ALL_TESTS(test_ecx_short_keys, OSSL_NELEM(ecxnids)); + return 1; } diff -Nru openssl-3.0.0/test/evp_fetch_prov_test.c openssl-3.0.1/test/evp_fetch_prov_test.c --- openssl-3.0.0/test/evp_fetch_prov_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/evp_fetch_prov_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -220,11 +220,11 @@ X509_ALGOR_get0(&obj, NULL, NULL, algor); switch (idx) { case 0: - if (!TEST_true(OBJ_obj2txt(id, sizeof(id), obj, 0))) + if (!TEST_int_gt(OBJ_obj2txt(id, sizeof(id), obj, 0), 0)) goto end; break; case 1: - if (!TEST_true(OBJ_obj2txt(id, sizeof(id), obj, 1))) + if (!TEST_int_gt(OBJ_obj2txt(id, sizeof(id), obj, 1), 0)) goto end; break; } @@ -336,11 +336,11 @@ X509_ALGOR_get0(&obj, NULL, NULL, algor); switch (idx) { case 0: - if (!TEST_true(OBJ_obj2txt(id, sizeof(id), obj, 0))) + if (!TEST_int_gt(OBJ_obj2txt(id, sizeof(id), obj, 0), 0)) goto end; break; case 1: - if (!TEST_true(OBJ_obj2txt(id, sizeof(id), obj, 1))) + if (!TEST_int_gt(OBJ_obj2txt(id, sizeof(id), obj, 1), 0)) goto end; break; } diff -Nru openssl-3.0.0/test/evp_kdf_test.c openssl-3.0.1/test/evp_kdf_test.c --- openssl-3.0.0/test/evp_kdf_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/evp_kdf_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -502,7 +502,8 @@ unsigned int iterations = 4096; OSSL_LIB_CTX *libctx = NULL; OSSL_PARAM *params = NULL; - OSSL_PROVIDER *prov = NULL; + OSSL_PROVIDER *legacyprov = NULL; + OSSL_PROVIDER *defprov = NULL; const unsigned char expected[sizeof(out)] = { 0xfb, 0x83, 0x4d, 0x36, 0x6d, 0xbc, 0x53, 0x87, 0x35, 0x1b, 0x34, 0x75, 0x95, 0x88, 0x32, 0x4f, 0x3e, 0x82, 0x81, 0x01, 0x21, 0x93, 0x64, 0x00, @@ -513,12 +514,15 @@ goto err; /* PBKDF1 only available in the legacy provider */ - prov = OSSL_PROVIDER_load(libctx, "legacy"); - if (prov == NULL) { + legacyprov = OSSL_PROVIDER_load(libctx, "legacy"); + if (legacyprov == NULL) { OSSL_LIB_CTX_free(libctx); return TEST_skip("PBKDF1 only available in legacy provider"); } + if (!TEST_ptr(defprov = OSSL_PROVIDER_load(libctx, "default"))) + goto err; + params = construct_pbkdf1_params("passwordPASSWORDpassword", "sha256", "saltSALTsaltSALTsaltSALTsaltSALTsalt", &iterations); @@ -534,7 +538,8 @@ err: EVP_KDF_CTX_free(kctx); OPENSSL_free(params); - OSSL_PROVIDER_unload(prov); + OSSL_PROVIDER_unload(defprov); + OSSL_PROVIDER_unload(legacyprov); OSSL_LIB_CTX_free(libctx); return ret; } diff -Nru openssl-3.0.0/test/evp_libctx_test.c openssl-3.0.1/test/evp_libctx_test.c --- openssl-3.0.0/test/evp_libctx_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/evp_libctx_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -669,7 +669,7 @@ params[1] = OSSL_PARAM_construct_end(); if (!TEST_ptr(gctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL)) - || !TEST_true(EVP_PKEY_keygen_init(gctx)) + || !TEST_int_gt(EVP_PKEY_keygen_init(gctx), 0) || !TEST_true(EVP_PKEY_CTX_set_params(gctx, params)) || !TEST_true(EVP_PKEY_keygen(gctx, &pkey))) goto err; diff -Nru openssl-3.0.0/test/evp_pkey_provided_test.c openssl-3.0.1/test/evp_pkey_provided_test.c --- openssl-3.0.0/test/evp_pkey_provided_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/evp_pkey_provided_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -141,7 +141,7 @@ (unsigned char *)"pass", 4, NULL, NULL)) /* Private key in text form */ - || !TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL)) + || !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0) || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio)) /* Public key in PEM form */ || !TEST_true(PEM_write_bio_PUBKEY(membio, pk)) @@ -340,9 +340,9 @@ if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))) goto err; - if (!TEST_true(EVP_PKEY_fromdata_init(ctx)) - || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, - fromdata_params))) + if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) + || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, + fromdata_params), 1)) goto err; while (dup_pk == NULL) { @@ -431,9 +431,9 @@ || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d)) || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)) || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) - || !TEST_true(EVP_PKEY_fromdata_init(ctx)) - || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, - fromdata_params)) + || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) + || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, + fromdata_params), 1) || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")) || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out)) || !TEST_BN_eq(n, n_out)) @@ -522,9 +522,9 @@ if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL))) goto err; - if (!TEST_true(EVP_PKEY_fromdata_init(ctx)) - || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, - fromdata_params))) + if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) + || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, + fromdata_params), 1)) goto err; /* @@ -734,9 +734,9 @@ if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL))) goto err; - if (!TEST_true(EVP_PKEY_fromdata_init(ctx)) - || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, - fromdata_params))) + if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) + || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, + fromdata_params), 1)) goto err; while (dup_pk == NULL) { @@ -1041,9 +1041,9 @@ fromdata_params = params; } - if (!TEST_true(EVP_PKEY_fromdata_init(ctx)) - || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, - fromdata_params))) + if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) + || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, + fromdata_params), 1)) goto err; while (dup_pk == NULL) { @@ -1179,9 +1179,9 @@ if (!TEST_ptr(ctx)) goto err; - if (!TEST_true(EVP_PKEY_fromdata_init(ctx)) - || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, - fromdata_params))) + if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) + || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, + fromdata_params), 1)) goto err; while (dup_pk == NULL) { @@ -1484,9 +1484,9 @@ if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))) goto err; - if (!TEST_true(EVP_PKEY_fromdata_init(ctx)) - || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, - fromdata_params))) + if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) + || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, + fromdata_params), 1)) goto err; while (dup_pk == NULL) { diff -Nru openssl-3.0.0/test/fake_rsaprov.c openssl-3.0.1/test/fake_rsaprov.c --- openssl-3.0.0/test/fake_rsaprov.c 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/test/fake_rsaprov.c 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,234 @@ +/* + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * https://www.openssl.org/source/license.html + * or in the file LICENSE in the source distribution. + */ + +#include +#include +#include +#include +#include "testutil.h" +#include "fake_rsaprov.h" + +static OSSL_FUNC_keymgmt_new_fn fake_rsa_keymgmt_new; +static OSSL_FUNC_keymgmt_free_fn fake_rsa_keymgmt_free; +static OSSL_FUNC_keymgmt_has_fn fake_rsa_keymgmt_has; +static OSSL_FUNC_keymgmt_query_operation_name_fn fake_rsa_keymgmt_query; +static OSSL_FUNC_keymgmt_import_fn fake_rsa_keymgmt_import; +static OSSL_FUNC_keymgmt_import_types_fn fake_rsa_keymgmt_imptypes; + +static int has_selection; +static int imptypes_selection; +static int query_id; + +static void *fake_rsa_keymgmt_new(void *provctx) +{ + unsigned char *keydata = OPENSSL_zalloc(1); + + TEST_ptr(keydata); + + /* clear test globals */ + has_selection = 0; + imptypes_selection = 0; + query_id = 0; + + return keydata; +} + +static void fake_rsa_keymgmt_free(void *keydata) +{ + OPENSSL_free(keydata); +} + +static int fake_rsa_keymgmt_has(const void *key, int selection) +{ + /* record global for checking */ + has_selection = selection; + + return 1; +} + + +static const char *fake_rsa_keymgmt_query(int id) +{ + /* record global for checking */ + query_id = id; + + return "RSA"; +} + +static int fake_rsa_keymgmt_import(void *keydata, int selection, + const OSSL_PARAM *p) +{ + unsigned char *fake_rsa_key = keydata; + + /* key was imported */ + *fake_rsa_key = 1; + + return 1; +} + +static const OSSL_PARAM fake_rsa_import_key_types[] = { + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0), + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0), + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, NULL, 0), + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, NULL, 0), + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, NULL, 0), + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, NULL, 0), + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, NULL, 0), + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, NULL, 0), + OSSL_PARAM_END +}; + +static const OSSL_PARAM *fake_rsa_keymgmt_imptypes(int selection) +{ + /* record global for checking */ + imptypes_selection = selection; + + return fake_rsa_import_key_types; +} + +static const OSSL_DISPATCH fake_rsa_keymgmt_funcs[] = { + { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))fake_rsa_keymgmt_new }, + { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))fake_rsa_keymgmt_free} , + { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))fake_rsa_keymgmt_has }, + { OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME, + (void (*)(void))fake_rsa_keymgmt_query }, + { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))fake_rsa_keymgmt_import }, + { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, + (void (*)(void))fake_rsa_keymgmt_imptypes }, + { 0, NULL } +}; + +static const OSSL_ALGORITHM fake_rsa_keymgmt_algs[] = { + { "RSA:rsaEncryption", "provider=fake-rsa", fake_rsa_keymgmt_funcs, "Fake RSA Key Management" }, + { NULL, NULL, NULL, NULL } +}; + +static OSSL_FUNC_signature_newctx_fn fake_rsa_sig_newctx; +static OSSL_FUNC_signature_freectx_fn fake_rsa_sig_freectx; +static OSSL_FUNC_signature_sign_init_fn fake_rsa_sig_sign_init; +static OSSL_FUNC_signature_sign_fn fake_rsa_sig_sign; + +static void *fake_rsa_sig_newctx(void *provctx, const char *propq) +{ + unsigned char *sigctx = OPENSSL_zalloc(1); + + TEST_ptr(sigctx); + + return sigctx; +} + +static void fake_rsa_sig_freectx(void *sigctx) +{ + OPENSSL_free(sigctx); +} + +static int fake_rsa_sig_sign_init(void *ctx, void *provkey, + const OSSL_PARAM params[]) +{ + unsigned char *sigctx = ctx; + unsigned char *keydata = provkey; + + /* we must have a ctx */ + if (!TEST_ptr(sigctx)) + return 0; + + /* we must have some initialized key */ + if (!TEST_ptr(keydata) || !TEST_int_gt(keydata[0], 0)) + return 0; + + /* record that sign init was called */ + *sigctx = 1; + return 1; +} + +static int fake_rsa_sig_sign(void *ctx, unsigned char *sig, + size_t *siglen, size_t sigsize, + const unsigned char *tbs, size_t tbslen) +{ + unsigned char *sigctx = ctx; + + /* we must have a ctx and init was called upon it */ + if (!TEST_ptr(sigctx) || !TEST_int_eq(*sigctx, 1)) + return 0; + + *siglen = 256; + /* record that the real sign operation was called */ + if (sig != NULL) { + if (!TEST_int_ge(sigsize, *siglen)) + return 0; + *sigctx = 2; + /* produce a fake signature */ + memset(sig, 'a', *siglen); + } + + return 1; +} + +static const OSSL_DISPATCH fake_rsa_sig_funcs[] = { + { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))fake_rsa_sig_newctx }, + { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))fake_rsa_sig_freectx }, + { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))fake_rsa_sig_sign_init }, + { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))fake_rsa_sig_sign }, + { 0, NULL } +}; + +static const OSSL_ALGORITHM fake_rsa_sig_algs[] = { + { "RSA:rsaEncryption", "provider=fake-rsa", fake_rsa_sig_funcs, "Fake RSA Signature" }, + { NULL, NULL, NULL, NULL } +}; + +static const OSSL_ALGORITHM *fake_rsa_query(void *provctx, + int operation_id, + int *no_cache) +{ + *no_cache = 0; + switch (operation_id) { + case OSSL_OP_SIGNATURE: + return fake_rsa_sig_algs; + + case OSSL_OP_KEYMGMT: + return fake_rsa_keymgmt_algs; + } + return NULL; +} + +/* Functions we provide to the core */ +static const OSSL_DISPATCH fake_rsa_method[] = { + { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))OSSL_LIB_CTX_free }, + { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fake_rsa_query }, + { 0, NULL } +}; + +static int fake_rsa_provider_init(const OSSL_CORE_HANDLE *handle, + const OSSL_DISPATCH *in, + const OSSL_DISPATCH **out, void **provctx) +{ + if (!TEST_ptr(*provctx = OSSL_LIB_CTX_new())) + return 0; + *out = fake_rsa_method; + return 1; +} + +OSSL_PROVIDER *fake_rsa_start(OSSL_LIB_CTX *libctx) +{ + OSSL_PROVIDER *p; + + if (!TEST_true(OSSL_PROVIDER_add_builtin(libctx, "fake-rsa", + fake_rsa_provider_init)) + || !TEST_ptr(p = OSSL_PROVIDER_try_load(libctx, "fake-rsa", 1))) + return NULL; + + return p; +} + +void fake_rsa_finish(OSSL_PROVIDER *p) +{ + OSSL_PROVIDER_unload(p); +} diff -Nru openssl-3.0.0/test/fake_rsaprov.h openssl-3.0.1/test/fake_rsaprov.h --- openssl-3.0.0/test/fake_rsaprov.h 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/test/fake_rsaprov.h 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,14 @@ +/* + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +/* Fake RSA provider implementation */ +OSSL_PROVIDER *fake_rsa_start(OSSL_LIB_CTX *libctx); +void fake_rsa_finish(OSSL_PROVIDER *p); diff -Nru openssl-3.0.0/test/helpers/predefined_dhparams.c openssl-3.0.1/test/helpers/predefined_dhparams.c --- openssl-3.0.0/test/helpers/predefined_dhparams.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/helpers/predefined_dhparams.c 2021-12-14 17:16:25.000000000 +0100 @@ -23,7 +23,7 @@ OSSL_PARAM *params = NULL; EVP_PKEY *dhpkey = NULL; - if (pctx == NULL || !EVP_PKEY_fromdata_init(pctx)) + if (pctx == NULL || EVP_PKEY_fromdata_init(pctx) <= 0) goto err; if ((tmpl = OSSL_PARAM_BLD_new()) == NULL @@ -35,7 +35,7 @@ params = OSSL_PARAM_BLD_to_param(tmpl); if (params == NULL - || !EVP_PKEY_fromdata(pctx, &dhpkey, EVP_PKEY_KEY_PARAMETERS, params)) + || EVP_PKEY_fromdata(pctx, &dhpkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0) goto err; err: diff -Nru openssl-3.0.0/test/keymgmt_internal_test.c openssl-3.0.1/test/keymgmt_internal_test.c --- openssl-3.0.0/test/keymgmt_internal_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/keymgmt_internal_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -88,7 +88,7 @@ int ret = 1; /* Ever so hopeful */ if (!TEST_true(OSSL_PARAM_get_BN(p, &n)) - || !TEST_true(BN_bn2nativepad(n, (unsigned char *)goal, sizeof(*goal)))) + || !TEST_int_ge(BN_bn2nativepad(n, (unsigned char *)goal, sizeof(*goal)), 0)) ret = 0; BN_free(n); return ret; diff -Nru openssl-3.0.0/test/packettest.c openssl-3.0.1/test/packettest.c --- openssl-3.0.0/test/packettest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/packettest.c 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -302,7 +302,7 @@ static int test_PACKET_buf_init(void) { - unsigned char buf1[BUF_LEN]; + unsigned char buf1[BUF_LEN] = { 0 }; PACKET pkt; /* Also tests PACKET_remaining() */ diff -Nru openssl-3.0.0/test/params_test.c openssl-3.0.1/test/params_test.c --- openssl-3.0.0/test/params_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/params_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -551,40 +551,64 @@ */ static const OSSL_PARAM params_from_text[] = { + /* Fixed size buffer */ OSSL_PARAM_int32("int", NULL), OSSL_PARAM_DEFN("short", OSSL_PARAM_INTEGER, NULL, sizeof(int16_t)), OSSL_PARAM_DEFN("ushort", OSSL_PARAM_UNSIGNED_INTEGER, NULL, sizeof(uint16_t)), + /* Arbitrary size buffer. Make sure the result fits in a long */ + OSSL_PARAM_DEFN("num", OSSL_PARAM_INTEGER, NULL, 0), + OSSL_PARAM_DEFN("unum", OSSL_PARAM_UNSIGNED_INTEGER, NULL, 0), OSSL_PARAM_END, }; struct int_from_text_test_st { const char *argname; const char *strval; - long int intval; - int res; + long int expected_intval; + int expected_res; + size_t expected_bufsize; }; static struct int_from_text_test_st int_from_text_test_cases[] = { - { "int", "", 0, 0 }, - { "int", "0", 0, 1 }, - { "int", "101", 101, 1 }, - { "int", "-102", -102, 1 }, - { "int", "12A", 12, 1 }, /* incomplete */ - { "int", "0x12B", 0x12B, 1 }, - { "hexint", "12C", 0x12C, 1 }, - { "hexint", "0x12D", 0, 1 }, /* zero */ + { "int", "", 0, 0, 0 }, + { "int", "0", 0, 1, 4 }, + { "int", "101", 101, 1, 4 }, + { "int", "-102", -102, 1, 4 }, + { "int", "12A", 12, 1, 4 }, /* incomplete */ + { "int", "0x12B", 0x12B, 1, 4 }, + { "hexint", "12C", 0x12C, 1, 4 }, + { "hexint", "0x12D", 0, 1, 4 }, /* zero */ /* test check of the target buffer size */ - { "int", "0x7fffffff", INT32_MAX, 1 }, - { "int", "2147483647", INT32_MAX, 1 }, - { "int", "2147483648", 0, 0 }, /* too small buffer */ - { "int", "-2147483648", INT32_MIN, 1 }, - { "int", "-2147483649", 0, 0 }, /* too small buffer */ - { "short", "0x7fff", INT16_MAX, 1 }, - { "short", "32767", INT16_MAX, 1 }, - { "short", "32768", 0, 0 }, /* too small buffer */ - { "ushort", "0xffff", UINT16_MAX, 1 }, - { "ushort", "65535", UINT16_MAX, 1 }, - { "ushort", "65536", 0, 0 }, /* too small buffer */ + { "int", "0x7fffffff", INT32_MAX, 1, 4 }, + { "int", "2147483647", INT32_MAX, 1, 4 }, + { "int", "2147483648", 0, 0, 0 }, /* too small buffer */ + { "int", "-2147483648", INT32_MIN, 1, 4 }, + { "int", "-2147483649", 0, 0, 4 }, /* too small buffer */ + { "short", "0x7fff", INT16_MAX, 1, 2 }, + { "short", "32767", INT16_MAX, 1, 2 }, + { "short", "32768", 0, 0, 0 }, /* too small buffer */ + { "ushort", "0xffff", UINT16_MAX, 1, 2 }, + { "ushort", "65535", UINT16_MAX, 1, 2 }, + { "ushort", "65536", 0, 0, 0 }, /* too small buffer */ + /* test check of sign extension in arbitrary size results */ + { "num", "0", 0, 1, 1 }, + { "num", "0", 0, 1, 1 }, + { "num", "0xff", 0xff, 1, 2 }, /* sign extension */ + { "num", "-0xff", -0xff, 1, 2 }, /* sign extension */ + { "num", "0x7f", 0x7f, 1, 1 }, /* no sign extension */ + { "num", "-0x7f", -0x7f, 1, 1 }, /* no sign extension */ + { "num", "0x80", 0x80, 1, 2 }, /* sign extension */ + { "num", "-0x80", -0x80, 1, 1 }, /* no sign extension */ + { "num", "0x81", 0x81, 1, 2 }, /* sign extension */ + { "num", "-0x81", -0x81, 1, 2 }, /* sign extension */ + { "unum", "0xff", 0xff, 1, 1 }, + { "unum", "-0xff", -0xff, 0, 0 }, /* invalid neg number */ + { "unum", "0x7f", 0x7f, 1, 1 }, + { "unum", "-0x7f", -0x7f, 0, 0 }, /* invalid neg number */ + { "unum", "0x80", 0x80, 1, 1 }, + { "unum", "-0x80", -0x80, 0, 0 }, /* invalid neg number */ + { "unum", "0x81", 0x81, 1, 1 }, + { "unum", "-0x81", -0x81, 0, 0 }, /* invalid neg number */ }; static int check_int_from_text(const struct int_from_text_test_st a) @@ -595,21 +619,40 @@ if (!OSSL_PARAM_allocate_from_text(¶m, params_from_text, a.argname, a.strval, 0, NULL)) { - if (a.res) - TEST_error("errant %s param \"%s\"", a.argname, a.strval); - return !a.res; + if (a.expected_res) + TEST_error("unexpected OSSL_PARAM_allocate_from_text() return for %s \"%s\"", + a.argname, a.strval); + return !a.expected_res; } + /* For data size zero, OSSL_PARAM_get_long() may crash */ + if (param.data_size == 0) { + OPENSSL_free(param.data); + TEST_error("unexpected zero size for %s \"%s\"", + a.argname, a.strval); + return 0; + } res = OSSL_PARAM_get_long(¶m, &val); OPENSSL_free(param.data); - if (res ^ a.res || val != a.intval) { - TEST_error("errant %s \"%s\" %li != %li", - a.argname, a.strval, a.intval, val); + if (res ^ a.expected_res) { + TEST_error("unexpected OSSL_PARAM_get_long() return for %s \"%s\": " + "%d != %d", a.argname, a.strval, a.expected_res, res); + return 0; + } + if (val != a.expected_intval) { + TEST_error("unexpected result for %s \"%s\": %li != %li", + a.argname, a.strval, a.expected_intval, val); + return 0; + } + if (param.data_size != a.expected_bufsize) { + TEST_error("unexpected size for %s \"%s\": %d != %d", + a.argname, a.strval, + (int)a.expected_bufsize, (int)param.data_size); return 0; } - return a.res; + return a.expected_res; } static int test_allocate_from_text(int i) diff -Nru openssl-3.0.0/test/property_test.c openssl-3.0.1/test/property_test.c --- openssl-3.0.0/test/property_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/property_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -15,6 +15,16 @@ #include "internal/property.h" #include "../crypto/property/property_local.h" +/* + * We make our OSSL_PROVIDER for testing purposes. All we really need is + * a pointer. We know that as long as we don't try to use the method + * cache flush functions, the provider pointer is merely a pointer being + * passed around, and used as a tag of sorts. + */ +struct ossl_provider_st { + int x; +}; + static int add_property_names(const char *n, ...) { va_list args; @@ -146,6 +156,52 @@ } static const struct { + int query; + const char *ps; +} parse_error_tests[] = { + { 0, "n=1, n=1" }, /* duplicate name */ + { 0, "n=1, a=hi, n=1" }, /* duplicate name */ + { 1, "n=1, a=bye, ?n=0" }, /* duplicate name */ + { 0, "a=abc,#@!, n=1" }, /* non-ASCII character located */ + { 1, "a='Hello" }, /* Unterminated string */ + { 0, "a=\"World" }, /* Unterminated string */ + { 1, "a=2, n=012345678" }, /* Bad octal digit */ + { 0, "n=0x28FG, a=3" }, /* Bad hex digit */ + { 0, "n=145d, a=2" }, /* Bad decimal digit */ + { 1, "@='hello'" }, /* Invalid name */ + { 1, "n0123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789=yes" }, /* Name too long */ + { 0, ".n=3" }, /* Invalid name */ + { 1, "fnord.fnord.=3" } /* Invalid name */ +}; + +static int test_property_parse_error(int n) +{ + OSSL_METHOD_STORE *store; + OSSL_PROPERTY_LIST *p = NULL; + int r = 0; + const char *ps; + + if (!TEST_ptr(store = ossl_method_store_new(NULL)) + || !add_property_names("a", "n", NULL)) + goto err; + ps = parse_error_tests[n].ps; + if (parse_error_tests[n].query) { + if (!TEST_ptr_null(p = ossl_parse_query(NULL, ps, 1))) + goto err; + } else if (!TEST_ptr_null(p = ossl_parse_property(NULL, ps))) { + goto err; + } + r = 1; + err: + ossl_property_free(p); + ossl_method_store_free(store); + return r; +} + +static const struct { const char *q_global; const char *q_local; const char *prop; @@ -267,13 +323,14 @@ size_t i; int ret = 0; OSSL_METHOD_STORE *store; + OSSL_PROVIDER prov = { 1 }; if (!TEST_ptr(store = ossl_method_store_new(NULL)) || !add_property_names("position", NULL)) goto err; for (i = 0; i < OSSL_NELEM(impls); i++) - if (!TEST_true(ossl_method_store_add(store, NULL, impls[i].nid, + if (!TEST_true(ossl_method_store_add(store, &prov, impls[i].nid, impls[i].prop, impls[i].impl, &up_ref, &down_ref))) { TEST_note("iteration %zd", i + 1); @@ -302,34 +359,40 @@ static int test_property(void) { + static OSSL_PROVIDER fake_provider1 = { 1 }; + static OSSL_PROVIDER fake_provider2 = { 2 }; + static const OSSL_PROVIDER *fake_prov1 = &fake_provider1; + static const OSSL_PROVIDER *fake_prov2 = &fake_provider2; static const struct { + const OSSL_PROVIDER **prov; int nid; const char *prop; char *impl; } impls[] = { - { 1, "fast=no, colour=green", "a" }, - { 1, "fast, colour=blue", "b" }, - { 1, "", "-" }, - { 9, "sky=blue, furry", "c" }, - { 3, NULL, "d" }, - { 6, "sky.colour=blue, sky=green, old.data", "e" }, + { &fake_prov1, 1, "fast=no, colour=green", "a" }, + { &fake_prov1, 1, "fast, colour=blue", "b" }, + { &fake_prov1, 1, "", "-" }, + { &fake_prov2, 9, "sky=blue, furry", "c" }, + { &fake_prov2, 3, NULL, "d" }, + { &fake_prov2, 6, "sky.colour=blue, sky=green, old.data", "e" }, }; static struct { + const OSSL_PROVIDER **prov; int nid; const char *prop; char *expected; } queries[] = { - { 1, "fast", "b" }, - { 1, "fast=yes", "b" }, - { 1, "fast=no, colour=green", "a" }, - { 1, "colour=blue, fast", "b" }, - { 1, "colour=blue", "b" }, - { 9, "furry", "c" }, - { 6, "sky.colour=blue", "e" }, - { 6, "old.data", "e" }, - { 9, "furry=yes, sky=blue", "c" }, - { 1, "", "a" }, - { 3, "", "d" }, + { &fake_prov1, 1, "fast", "b" }, + { &fake_prov1, 1, "fast=yes", "b" }, + { &fake_prov1, 1, "fast=no, colour=green", "a" }, + { &fake_prov1, 1, "colour=blue, fast", "b" }, + { &fake_prov1, 1, "colour=blue", "b" }, + { &fake_prov2, 9, "furry", "c" }, + { &fake_prov2, 6, "sky.colour=blue", "e" }, + { &fake_prov2, 6, "old.data", "e" }, + { &fake_prov2, 9, "furry=yes, sky=blue", "c" }, + { &fake_prov1, 1, "", "a" }, + { &fake_prov2, 3, "", "d" }, }; OSSL_METHOD_STORE *store; size_t i; @@ -341,17 +404,24 @@ goto err; for (i = 0; i < OSSL_NELEM(impls); i++) - if (!TEST_true(ossl_method_store_add(store, NULL, impls[i].nid, - impls[i].prop, impls[i].impl, + if (!TEST_true(ossl_method_store_add(store, *impls[i].prov, + impls[i].nid, impls[i].prop, + impls[i].impl, &up_ref, &down_ref))) { TEST_note("iteration %zd", i + 1); goto err; } + /* + * The first check of queries is with NULL given as provider. All + * queries are expected to succeed. + */ for (i = 0; i < OSSL_NELEM(queries); i++) { + const OSSL_PROVIDER *nullprov = NULL; OSSL_PROPERTY_LIST *pq = NULL; - if (!TEST_true(ossl_method_store_fetch(store, queries[i].nid, - queries[i].prop, &result)) + if (!TEST_true(ossl_method_store_fetch(store, + queries[i].nid, queries[i].prop, + &nullprov, &result)) || !TEST_str_eq((char *)result, queries[i].expected)) { TEST_note("iteration %zd", i + 1); ossl_property_free(pq); @@ -359,6 +429,70 @@ } ossl_property_free(pq); } + /* + * The second check of queries is with &address1 given as provider. + */ + for (i = 0; i < OSSL_NELEM(queries); i++) { + OSSL_PROPERTY_LIST *pq = NULL; + + result = NULL; + if (queries[i].prov == &fake_prov1) { + if (!TEST_true(ossl_method_store_fetch(store, + queries[i].nid, + queries[i].prop, + &fake_prov1, &result)) + || !TEST_ptr_eq(fake_prov1, &fake_provider1) + || !TEST_str_eq((char *)result, queries[i].expected)) { + TEST_note("iteration %zd", i + 1); + ossl_property_free(pq); + goto err; + } + } else { + if (!TEST_false(ossl_method_store_fetch(store, + queries[i].nid, + queries[i].prop, + &fake_prov1, &result)) + || !TEST_ptr_eq(fake_prov1, &fake_provider1) + || !TEST_ptr_null(result)) { + TEST_note("iteration %zd", i + 1); + ossl_property_free(pq); + goto err; + } + } + ossl_property_free(pq); + } + /* + * The third check of queries is with &address2 given as provider. + */ + for (i = 0; i < OSSL_NELEM(queries); i++) { + OSSL_PROPERTY_LIST *pq = NULL; + + result = NULL; + if (queries[i].prov == &fake_prov2) { + if (!TEST_true(ossl_method_store_fetch(store, + queries[i].nid, + queries[i].prop, + &fake_prov2, &result)) + || !TEST_ptr_eq(fake_prov2, &fake_provider2) + || !TEST_str_eq((char *)result, queries[i].expected)) { + TEST_note("iteration %zd", i + 1); + ossl_property_free(pq); + goto err; + } + } else { + if (!TEST_false(ossl_method_store_fetch(store, + queries[i].nid, + queries[i].prop, + &fake_prov2, &result)) + || !TEST_ptr_eq(fake_prov2, &fake_provider2) + || !TEST_ptr_null(result)) { + TEST_note("iteration %zd", i + 1); + ossl_property_free(pq); + goto err; + } + } + ossl_property_free(pq); + } ret = 1; err: ossl_method_store_free(store); @@ -374,6 +508,7 @@ void *result; int errors = 0; int v[10001]; + OSSL_PROVIDER prov = { 1 }; if (!TEST_ptr(store = ossl_method_store_new(NULL)) || !add_property_names("n", NULL)) @@ -382,20 +517,21 @@ for (i = 1; i <= max; i++) { v[i] = 2 * i; BIO_snprintf(buf, sizeof(buf), "n=%d\n", i); - if (!TEST_true(ossl_method_store_add(store, NULL, i, buf, "abc", + if (!TEST_true(ossl_method_store_add(store, &prov, i, buf, "abc", &up_ref, &down_ref)) - || !TEST_true(ossl_method_store_cache_set(store, i, buf, v + i, + || !TEST_true(ossl_method_store_cache_set(store, &prov, i, + buf, v + i, &up_ref, &down_ref)) - || !TEST_true(ossl_method_store_cache_set(store, i, "n=1234", - "miss", &up_ref, - &down_ref))) { + || !TEST_true(ossl_method_store_cache_set(store, &prov, i, + "n=1234", "miss", + &up_ref, &down_ref))) { TEST_note("iteration %d", i); goto err; } } for (i = 1; i <= max; i++) { BIO_snprintf(buf, sizeof(buf), "n=%d\n", i); - if (!ossl_method_store_cache_get(store, i, buf, &result) + if (!ossl_method_store_cache_get(store, NULL, i, buf, &result) || result != v + i) errors++; } @@ -493,6 +629,7 @@ ADD_TEST(test_property_string); ADD_TEST(test_property_query_value_create); ADD_ALL_TESTS(test_property_parse, OSSL_NELEM(parser_tests)); + ADD_ALL_TESTS(test_property_parse_error, OSSL_NELEM(parse_error_tests)); ADD_ALL_TESTS(test_property_merge, OSSL_NELEM(merge_tests)); ADD_TEST(test_property_defn_cache); ADD_ALL_TESTS(test_definition_compares, OSSL_NELEM(definition_tests)); diff -Nru openssl-3.0.0/test/provfetchtest.c openssl-3.0.1/test/provfetchtest.c --- openssl-3.0.0/test/provfetchtest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/provfetchtest.c 2021-12-14 17:16:25.000000000 +0100 @@ -213,7 +213,7 @@ * Do some work using the child libctx, to make sure this is possible from * inside the init function. */ - if (!RAND_bytes_ex(libctx, buf, sizeof(buf), 0)) + if (RAND_bytes_ex(libctx, buf, sizeof(buf), 0) <= 0) return 0; return 1; diff -Nru openssl-3.0.0/test/provider_internal_test.c openssl-3.0.1/test/provider_internal_test.c --- openssl-3.0.0/test/provider_internal_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/provider_internal_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -31,7 +31,7 @@ && TEST_ptr(greeting = greeting_request[0].data) && TEST_size_t_gt(greeting_request[0].data_size, 0) && TEST_str_eq(greeting, expected_greeting) - && TEST_true(ossl_provider_deactivate(prov)); + && TEST_true(ossl_provider_deactivate(prov, 1)); TEST_info("Got this greeting: %s\n", greeting); ossl_provider_free(prov); diff -Nru openssl-3.0.0/test/provider_pkey_test.c openssl-3.0.1/test/provider_pkey_test.c --- openssl-3.0.0/test/provider_pkey_test.c 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/test/provider_pkey_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,132 @@ +/* + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include +#include "testutil.h" +#include "fake_rsaprov.h" + +static OSSL_LIB_CTX *libctx = NULL; + +/* Fetch SIGNATURE method using a libctx and propq */ +static int fetch_sig(OSSL_LIB_CTX *ctx, const char *alg, const char *propq, + OSSL_PROVIDER *expected_prov) +{ + OSSL_PROVIDER *prov; + EVP_SIGNATURE *sig = EVP_SIGNATURE_fetch(ctx, "RSA", propq); + int ret = 0; + + if (!TEST_ptr(sig)) + return 0; + + if (!TEST_ptr(prov = EVP_SIGNATURE_get0_provider(sig))) + goto end; + + if (!TEST_ptr_eq(prov, expected_prov)) { + TEST_info("Fetched provider: %s, Expected provider: %s", + OSSL_PROVIDER_get0_name(prov), + OSSL_PROVIDER_get0_name(expected_prov)); + goto end; + } + + ret = 1; +end: + EVP_SIGNATURE_free(sig); + return ret; +} + + +static int test_pkey_sig(void) +{ + OSSL_PROVIDER *deflt = NULL; + OSSL_PROVIDER *fake_rsa = NULL; + int i, ret = 0; + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *ctx = NULL; + + if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx))) + return 0; + + if (!TEST_ptr(deflt = OSSL_PROVIDER_load(libctx, "default"))) + goto end; + + /* Do a direct fetch to see it works */ + if (!TEST_true(fetch_sig(libctx, "RSA", "provider=fake-rsa", fake_rsa)) + || !TEST_true(fetch_sig(libctx, "RSA", "?provider=fake-rsa", fake_rsa))) + goto end; + + /* Construct a pkey using precise propq to use our provider */ + if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", + "provider=fake-rsa")) + || !TEST_true(EVP_PKEY_fromdata_init(ctx)) + || !TEST_true(EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, NULL)) + || !TEST_ptr(pkey)) + goto end; + + EVP_PKEY_CTX_free(ctx); + ctx = NULL; + + /* try exercising signature_init ops a few times */ + for (i = 0; i < 3; i++) { + size_t siglen; + + /* + * Create a signing context for our pkey with optional propq. + * The sign init should pick both keymgmt and signature from + * fake-rsa as the key is not exportable. + */ + if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, + "?provider=default"))) + goto end; + + /* + * If this picks the wrong signature without realizing it + * we can get a segfault or some internal error. At least watch + * whether fake-rsa sign_init is is exercised by calling sign. + */ + if (!TEST_int_eq(EVP_PKEY_sign_init(ctx), 1)) + goto end; + + if (!TEST_int_eq(EVP_PKEY_sign(ctx, NULL, &siglen, NULL, 0), 1) + || !TEST_size_t_eq(siglen, 256)) + goto end; + + EVP_PKEY_CTX_free(ctx); + ctx = NULL; + } + + ret = 1; + +end: + fake_rsa_finish(fake_rsa); + OSSL_PROVIDER_unload(deflt); + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(pkey); + return ret; +} + +int setup_tests(void) +{ + libctx = OSSL_LIB_CTX_new(); + if (libctx == NULL) + return 0; + + ADD_TEST(test_pkey_sig); + + return 1; +} + +void cleanup_tests(void) +{ + OSSL_LIB_CTX_free(libctx); +} diff -Nru openssl-3.0.0/test/rand_test.c openssl-3.0.1/test/rand_test.c --- openssl-3.0.0/test/rand_test.c 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/test/rand_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,53 @@ +/* + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the >License>). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include "testutil.h" + +static int test_rand(void) +{ + EVP_RAND_CTX *privctx; + OSSL_PARAM params[2], *p = params; + unsigned char entropy1[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 }; + unsigned char entropy2[] = { 0xff, 0xfe, 0xfd }; + unsigned char outbuf[3]; + + *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY, + entropy1, sizeof(entropy1)); + *p = OSSL_PARAM_construct_end(); + + if (!TEST_ptr(privctx = RAND_get0_private(NULL)) + || !TEST_true(EVP_RAND_CTX_set_params(privctx, params)) + || !TEST_int_gt(RAND_priv_bytes(outbuf, sizeof(outbuf)), 0) + || !TEST_mem_eq(outbuf, sizeof(outbuf), entropy1, sizeof(outbuf)) + || !TEST_int_le(RAND_priv_bytes(outbuf, sizeof(outbuf) + 1), 0) + || !TEST_int_gt(RAND_priv_bytes(outbuf, sizeof(outbuf)), 0) + || !TEST_mem_eq(outbuf, sizeof(outbuf), + entropy1 + sizeof(outbuf), sizeof(outbuf))) + return 0; + + *params = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY, + entropy2, sizeof(entropy2)); + if (!TEST_true(EVP_RAND_CTX_set_params(privctx, params)) + || !TEST_int_gt(RAND_priv_bytes(outbuf, sizeof(outbuf)), 0) + || !TEST_mem_eq(outbuf, sizeof(outbuf), entropy2, sizeof(outbuf))) + return 0; + return 1; +} + +int setup_tests(void) +{ + if (!TEST_true(RAND_set_DRBG_type(NULL, "TEST-RAND", NULL, NULL, NULL))) + return 0; + ADD_TEST(test_rand); + return 1; +} diff -Nru openssl-3.0.0/test/recipes/01-test_symbol_presence.t openssl-3.0.1/test/recipes/01-test_symbol_presence.t --- openssl-3.0.0/test/recipes/01-test_symbol_presence.t 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/01-test_symbol_presence.t 2021-12-14 17:16:25.000000000 +0100 @@ -23,7 +23,8 @@ plan skip_all => "Test is disabled on NonStop" if config('target') =~ m|^nonstop|; # MacOS arranges symbol names differently plan skip_all => "Test is disabled on MacOS" if config('target') =~ m|^darwin|; -plan skip_all => "Test is disabled on MinGW" if config('target') =~ m|^mingw|; +plan skip_all => "This is unsupported on MSYS, MinGW or MSWin32" + if $^O eq 'msys' or $^O eq 'MSWin32' or config('target') =~ m|^mingw|; plan skip_all => "Only useful when building shared libraries" if disabled("shared"); @@ -48,12 +49,12 @@ *OSTDOUT = *STDOUT; open STDERR, ">", devnull(); open STDOUT, ">", devnull(); - my @nm_lines = map { s|\R$||; $_ } `nm -Pg $shlibpath 2> /dev/null`; + my @nm_lines = map { s|\R$||; $_ } `nm -DPg $shlibpath 2> /dev/null`; close STDERR; close STDOUT; *STDERR = *OSTDERR; *STDOUT = *OSTDOUT; - skip "Can't run 'nm -Pg $shlibpath' => $?... ignoring", 2 + skip "Can't run 'nm -DPg $shlibpath' => $?... ignoring", 2 unless $? == 0; my $bldtop = bldtop_dir(); @@ -69,7 +70,17 @@ note "Number of lines in \@def_lines before massaging: ", scalar @def_lines; # Massage the nm output to only contain defined symbols - @nm_lines = sort map { s| .*||; $_ } grep(m|.* [BCDST] .*|, @nm_lines); + @nm_lines = + sort + map { + # Drop the first space and everything following it + s| .*||; + # Drop OpenSSL dynamic version information if there is any + s|\@\@OPENSSL_[0-9._]+[a-z]?$||; + # Return the result + $_ + } + grep(m|.* [BCDST] .*|, @nm_lines); # Massage the mkdef.pl output to only contain global symbols # The output we got is in Unix .map format, which has a global diff -Nru openssl-3.0.0/test/recipes/02-test_errstr.t openssl-3.0.1/test/recipes/02-test_errstr.t --- openssl-3.0.0/test/recipes/02-test_errstr.t 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/02-test_errstr.t 2021-12-14 17:16:25.000000000 +0100 @@ -139,7 +139,7 @@ $reason =~ s|\R$||; $reason = ( split_error($reason) )[3]; - return match_any($reason, $errcode, @strings); + return match_any($reason, $errcode_hex, @strings); } sub match_syserr_reason { diff -Nru openssl-3.0.0/test/recipes/04-test_provider_pkey.t openssl-3.0.1/test/recipes/04-test_provider_pkey.t --- openssl-3.0.0/test/recipes/04-test_provider_pkey.t 1970-01-01 01:00:00.000000000 +0100 +++ openssl-3.0.1/test/recipes/04-test_provider_pkey.t 2021-12-14 17:16:25.000000000 +0100 @@ -0,0 +1,18 @@ +#! /usr/bin/env perl +# Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use File::Spec; +use OpenSSL::Test::Simple; + +# We must ensure that OPENSSL_CONF points at an empty file. Otherwise, we +# risk that the configuration file contains statements that load providers, +# which defeats the purpose of this test. The NUL device is good enough. +$ENV{OPENSSL_CONF} = File::Spec->devnull(); + +simple_test("test_provider_pkey", "provider_pkey_test"); diff -Nru openssl-3.0.0/test/recipes/05-test_rand.t openssl-3.0.1/test/recipes/05-test_rand.t --- openssl-3.0.0/test/recipes/05-test_rand.t 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/05-test_rand.t 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -11,8 +11,9 @@ use OpenSSL::Test; use OpenSSL::Test::Utils; -plan tests => 2; +plan tests => 3; setup("test_rand"); +ok(run(test(["rand_test"]))); ok(run(test(["drbgtest"]))); ok(run(test(["rand_status_test"]))); diff -Nru openssl-3.0.0/test/recipes/15-test_rsa.t openssl-3.0.1/test/recipes/15-test_rsa.t --- openssl-3.0.0/test/recipes/15-test_rsa.t 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/15-test_rsa.t 2021-12-14 17:16:25.000000000 +0100 @@ -16,7 +16,7 @@ setup("test_rsa"); -plan tests => 10; +plan tests => 12; require_ok(srctop_file('test', 'recipes', 'tconversion.pl')); @@ -32,7 +32,7 @@ ok(run(app([ 'openssl', $cmd, '-check', '-in', srctop_file('test', 'testrsa.pem'), '-noout'])), "$cmd -check" ); - SKIP: { + SKIP: { skip "Skipping $cmd conversion test", 3 if disabled("rsa"); @@ -47,7 +47,7 @@ }; } - SKIP: { + SKIP: { skip "Skipping msblob conversion test", 1 if disabled($cmd) || $cmd eq 'pkey'; @@ -57,4 +57,18 @@ -args => ["rsa", "-pubin", "-pubout"] ); }; } + SKIP: { + skip "Skipping PVK conversion test", 1 + if disabled($cmd) || $cmd eq 'pkey' || disabled("rc4") + || disabled ("legacy"); + + subtest "$cmd conversions -- private key" => sub { + tconversion( -type => 'pvk', -prefix => "$cmd-pvk", + -in => srctop_file("test", "testrsa.pem"), + -args => ["rsa", "-passin", "pass:testpass", + "-passout", "pass:testpass", + "-provider", "default", + "-provider", "legacy"] ); + }; + } } diff -Nru openssl-3.0.0/test/recipes/20-test_dgst.t openssl-3.0.1/test/recipes/20-test_dgst.t --- openssl-3.0.0/test/recipes/20-test_dgst.t 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/20-test_dgst.t 2021-12-14 17:16:25.000000000 +0100 @@ -12,12 +12,12 @@ use File::Spec; use File::Basename; -use OpenSSL::Test qw/:DEFAULT with srctop_file/; +use OpenSSL::Test qw/:DEFAULT with srctop_file bldtop_file/; use OpenSSL::Test::Utils; setup("test_dgst"); -plan tests => 9; +plan tests => 10; sub tsignverify { my $testtext = shift; @@ -103,6 +103,25 @@ }; } +SKIP: { + skip "dgst with engine is not supported by this OpenSSL build", 1 + if disabled("engine") || disabled("dynamic-engine"); + + subtest "SHA1 generation by engine with `dgst` CLI" => sub { + plan tests => 1; + + my $testdata = srctop_file('test', 'data.bin'); + # intentionally using -engine twice, please do not remove the duplicate line + my @macdata = run(app(['openssl', 'dgst', '-sha1', + '-engine', $^O eq 'linux' ? bldtop_file("engines", "ossltest.so") : "ossltest", + '-engine', $^O eq 'linux' ? bldtop_file("engines", "ossltest.so") : "ossltest", + $testdata]), capture => 1); + chomp(@macdata); + my $expected = qr/SHA1\(\Q$testdata\E\)= 000102030405060708090a0b0c0d0e0f10111213/; + ok($macdata[0] =~ $expected, "SHA1: Check HASH value is as expected ($macdata[0]) vs ($expected)"); + } +} + subtest "HMAC generation with `dgst` CLI" => sub { plan tests => 2; diff -Nru openssl-3.0.0/test/recipes/25-test_req.t openssl-3.0.1/test/recipes/25-test_req.t --- openssl-3.0.0/test/recipes/25-test_req.t 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/25-test_req.t 2021-12-14 17:16:25.000000000 +0100 @@ -433,7 +433,7 @@ $cert = "self-signed_v3_CA_both_KIDs.pem"; generate_cert($cert, @v3_ca, "-addext", "subjectKeyIdentifier = hash", - "-addext", "authorityKeyIdentifier = keyid"); + "-addext", "authorityKeyIdentifier = keyid:always"); cert_ext_has_n_different_lines($cert, 3, $SKID_AKID); # SKID == AKID strict_verify($cert, 1); diff -Nru openssl-3.0.0/test/recipes/25-test_verify.t openssl-3.0.1/test/recipes/25-test_verify.t --- openssl-3.0.0/test/recipes/25-test_verify.t 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/25-test_verify.t 2021-12-14 17:16:25.000000000 +0100 @@ -29,7 +29,7 @@ run(app([@args])); } -plan tests => 159; +plan tests => 160; # Canonical success ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]), @@ -337,6 +337,9 @@ ok(verify("goodcn1-cert", "", ["root-cert"], ["ncca1-cert"], ), "Name Constraints CNs permitted"); +ok(verify("goodcn2-cert", "", ["root-cert"], ["ncca1-cert"], ), + "Name Constraints CNs permitted - no SAN extension"); + ok(!verify("badcn1-cert", "", ["root-cert"], ["ncca1-cert"], ), "Name Constraints CNs not permitted"); diff -Nru openssl-3.0.0/test/recipes/30-test_engine.t openssl-3.0.1/test/recipes/30-test_engine.t --- openssl-3.0.0/test/recipes/30-test_engine.t 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/30-test_engine.t 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -10,13 +10,16 @@ use strict; use warnings; -use OpenSSL::Test; +use OpenSSL::Test qw/:DEFAULT srctop_file/; use OpenSSL::Test::Utils; setup("test_engine"); +my @path = qw(test certs); + plan skip_all => "engines are deprecated" if disabled('deprecated-3.0'); plan tests => 1; -ok(run(test(["enginetest"])), "running enginetest"); +ok(run(test(["enginetest", srctop_file(@path, "root-cert.pem")])), + "running enginetest"); diff -Nru openssl-3.0.0/test/recipes/80-test_cmp_http_data/Mock/server.cnf openssl-3.0.1/test/recipes/80-test_cmp_http_data/Mock/server.cnf --- openssl-3.0.0/test/recipes/80-test_cmp_http_data/Mock/server.cnf 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/80-test_cmp_http_data/Mock/server.cnf 2021-12-14 17:16:25.000000000 +0100 @@ -12,3 +12,5 @@ rsp_cert = signer_only.crt rsp_capubs = signer_root.crt rsp_extracerts = signer_issuing.crt + +verbosity = 7 diff -Nru openssl-3.0.0/test/recipes/80-test_cmp_http_data/test_commands.csv openssl-3.0.1/test/recipes/80-test_cmp_http_data/test_commands.csv --- openssl-3.0.0/test/recipes/80-test_cmp_http_data/test_commands.csv 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/80-test_cmp_http_data/test_commands.csv 2021-12-14 17:16:25.000000000 +0100 @@ -53,3 +53,7 @@ 0,geninfo bad syntax: missing ':', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:12345,BLANK,, -geninfo,1.2.3:int987,,,, 0,geninfo bad syntax: double ':', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:12345,BLANK,, -geninfo,1.2.3:int::987,,,, 0,geninfo bad syntax: missing ':int', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:12345,BLANK,, -geninfo,1.2.3,,,, +,,,,,,,,,,,,,,,,,,, +1,reqout+rspout, -section,, -cmd,ir,,-reqout,_RESULT_DIR/req1.der _RESULT_DIR/req2.der,,-rspout,_RESULT_DIR/rsp1.der _RESULT_DIR/rsp2.der,,BLANK,,BLANK, +1,reqin, -section,, -cmd,ir,,-reqin,_RESULT_DIR/req1.der _RESULT_DIR/req2.der,,BLANK,,,BLANK,,BLANK, +1,rspin, -section,, -cmd,ir,,BLANK,,,-rspin,_RESULT_DIR/rsp1.der _RESULT_DIR/rsp2.der,,BLANK,,BLANK, diff -Nru openssl-3.0.0/test/recipes/80-test_cmp_http.t openssl-3.0.1/test/recipes/80-test_cmp_http.t --- openssl-3.0.0/test/recipes/80-test_cmp_http.t 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/80-test_cmp_http.t 2021-12-14 17:16:25.000000000 +0100 @@ -42,8 +42,8 @@ return $str; } -my $proxy = ""; -$proxy = chop_dblquot($ENV{http_proxy} // $ENV{HTTP_PROXY} // $proxy); +my $proxy = chop_dblquot($ENV{http_proxy} // $ENV{HTTP_PROXY} // ""); +$proxy = "" if $proxy eq ""; $proxy =~ s{^https?://}{}i; my $no_proxy = $ENV{no_proxy} // $ENV{NO_PROXY}; diff -Nru openssl-3.0.0/test/recipes/80-test_dane.t openssl-3.0.1/test/recipes/80-test_dane.t --- openssl-3.0.0/test/recipes/80-test_dane.t 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/80-test_dane.t 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -17,8 +17,12 @@ plan skip_all => "test_dane uses ec which is not supported by this OpenSSL build" if disabled("ec"); -plan tests => 1; # The number of tests being performed +plan tests => 2; # The number of tests being performed ok(run(test(["danetest", "example.com", srctop_file("test", "danetest.pem"), srctop_file("test", "danetest.in")])), "dane tests"); + +ok(run(test(["danetest", "server.example", + srctop_file("test", "certs", "cross-root.pem"), + srctop_file("test", "dane-cross.in")])), "dane cross CA test"); diff -Nru openssl-3.0.0/test/recipes/90-test_fipsload.t openssl-3.0.1/test/recipes/90-test_fipsload.t --- openssl-3.0.0/test/recipes/90-test_fipsload.t 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/90-test_fipsload.t 2021-12-14 17:16:25.000000000 +0100 @@ -6,7 +6,7 @@ # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html -use OpenSSL::Test qw/:DEFAULT srctop_dir bldtop_dir/; +use OpenSSL::Test qw/:DEFAULT srctop_dir bldtop_dir bldtop_file/; use OpenSSL::Test::Utils; BEGIN { @@ -25,7 +25,7 @@ plan tests => 1; -my $fips = bldtop_dir('providers', platform->dso('fips')); +my $fips = bldtop_file('providers', platform->dso('fips')); ok(run(test(['moduleloadtest', $fips, 'OSSL_provider_init'])), "trying to load $fips in its own"); diff -Nru openssl-3.0.0/test/recipes/tconversion.pl openssl-3.0.1/test/recipes/tconversion.pl --- openssl-3.0.0/test/recipes/tconversion.pl 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/recipes/tconversion.pl 2021-12-14 17:16:25.000000000 +0100 @@ -19,6 +19,7 @@ # specific test types as key. "*" => [ "d", "p" ], "msb" => [ "d", "p", "msblob" ], + "pvk" => [ "d", "p", "pvk" ], ); sub tconversion { my %opts = @_; @@ -45,8 +46,9 @@ + $n # initial conversions from p to all forms (A) + $n*$n # conversion from result of A to all forms (B) + 1 # comparing original test file to p form of A - + $n*($n-1); # comparing first conversion to each fom in A with B + + $n*($n-1); # comparing first conversion to each form in A with B $totaltests-- if ($testtype eq "p7d"); # no comparison of original test file + $totaltests -= $n if ($testtype eq "pvk"); # no comparisons of the pvk form plan tests => $totaltests; my @cmd = ("openssl", @openssl_args); @@ -91,7 +93,7 @@ } foreach my $to (@conversionforms) { - next if $to eq "d"; + next if $to eq "d" or $to eq "pvk"; foreach my $from (@conversionforms) { is(cmp_text("$prefix-f.$to", "$prefix-ff.$from$to"), 0, "comparing $to to $from$to"); diff -Nru openssl-3.0.0/test/sm2_internal_test.c openssl-3.0.1/test/sm2_internal_test.c --- openssl-3.0.0/test/sm2_internal_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/sm2_internal_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -209,6 +209,7 @@ static int sm2_crypt_test(void) { int testresult = 0; + EC_GROUP *gm_group = NULL; EC_GROUP *test_group = create_EC_group ("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", @@ -251,9 +252,49 @@ "88E3C5AAFC0413229E6C9AEE2BB92CAD649FE2C035689785DA33")) goto done; + /* From Annex C in both GM/T0003.5-2012 and GB/T 32918.5-2016.*/ + gm_group = create_EC_group( + "fffffffeffffffffffffffffffffffffffffffff00000000ffffffffffffffff", + "fffffffeffffffffffffffffffffffffffffffff00000000fffffffffffffffc", + "28e9fa9e9d9f5e344d5a9e4bcf6509a7f39789f515ab8f92ddbcbd414d940e93", + "32c4ae2c1f1981195f9904466a39c9948fe30bbff2660be1715a4589334c74c7", + "bc3736a2f4f6779c59bdcee36b692153d0a9877cc62a474002df32e52139f0a0", + "fffffffeffffffffffffffffffffffff7203df6b21c6052b53bbf40939d54123", + "1"); + + if (!TEST_ptr(gm_group)) + goto done; + + if (!test_sm2_crypt( + gm_group, + EVP_sm3(), + /* privkey (from which the encrypting public key is derived) */ + "3945208F7B2144B13F36E38AC6D39F95889393692860B51A42FB81EF4DF7C5B8", + /* plaintext message */ + "encryption standard", + /* ephemeral nonce k */ + "59276E27D506861A16680F3AD9C02DCCEF3CC1FA3CDBE4CE6D54B80DEAC1BC21", + /* + * expected ciphertext, the field values are from GM/T 0003.5-2012 + * (Annex C), but serialized following the ASN.1 format specified + * in GM/T 0009-2012 (Sec. 7.2). + */ + "307C" /* SEQUENCE, 0x7c bytes */ + "0220" /* INTEGER, 0x20 bytes */ + "04EBFC718E8D1798620432268E77FEB6415E2EDE0E073C0F4F640ECD2E149A73" + "0221" /* INTEGER, 0x21 bytes */ + "00" /* leading 00 due to DER for pos. int with topmost bit set */ + "E858F9D81E5430A57B36DAAB8F950A3C64E6EE6A63094D99283AFF767E124DF0" + "0420" /* OCTET STRING, 0x20 bytes */ + "59983C18F809E262923C53AEC295D30383B54E39D609D160AFCB1908D0BD8766" + "0413" /* OCTET STRING, 0x13 bytes */ + "21886CA989CA9C7D58087307CA93092D651EFA")) + goto done; + testresult = 1; done: EC_GROUP_free(test_group); + EC_GROUP_free(gm_group); return testresult; } diff -Nru openssl-3.0.0/test/sslapitest.c openssl-3.0.1/test/sslapitest.c --- openssl-3.0.0/test/sslapitest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/sslapitest.c 2021-12-14 17:16:25.000000000 +0100 @@ -1158,6 +1158,11 @@ goto end; } + if (is_fips && strstr(cipher, "CHACHA") != NULL) { + testresult = TEST_skip("CHACHA is not supported in FIPS"); + goto end; + } + /* Create a session based on SHA-256 */ if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), TLS_client_method(), @@ -1292,6 +1297,11 @@ goto end; } + if (is_fips && strstr(cipher, "CHACHA") != NULL) { + testresult = TEST_skip("CHACHA is not supported in FIPS"); + goto end; + } + /* Create a session based on SHA-256 */ if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), TLS_client_method(), @@ -1327,7 +1337,7 @@ goto end; } - if (!TEST_true(RAND_bytes_ex(libctx, buf, SENDFILE_SZ, 0))) + if (!TEST_int_gt(RAND_bytes_ex(libctx, buf, SENDFILE_SZ, 0), 0)) goto end; out = BIO_new_file(tmpfilename, "wb"); @@ -5534,6 +5544,11 @@ return SSL_TLSEXT_ERR_OK; } +static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) +{ + return 1; +} + /* * Custom call back tests. * Test 0: Old style callbacks in TLSv1.2 @@ -5541,6 +5556,7 @@ * Test 2: New style callbacks in TLSv1.2 with SNI * Test 3: New style callbacks in TLSv1.3. Extensions in CH and EE * Test 4: New style callbacks in TLSv1.3. Extensions in CH, SH, EE, Cert + NST + * Test 5: New style callbacks in TLSv1.3. Extensions in CR + Client Cert */ static int test_custom_exts(int tst) { @@ -5582,7 +5598,19 @@ SSL_CTX_set_options(sctx2, SSL_OP_NO_TLSv1_3); } - if (tst == 4) { + if (tst == 5) { + context = SSL_EXT_TLS1_3_CERTIFICATE_REQUEST + | SSL_EXT_TLS1_3_CERTIFICATE; + SSL_CTX_set_verify(sctx, + SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, + verify_cb); + if (!TEST_int_eq(SSL_CTX_use_certificate_file(cctx, cert, + SSL_FILETYPE_PEM), 1) + || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(cctx, privkey, + SSL_FILETYPE_PEM), 1) + || !TEST_int_eq(SSL_CTX_check_private_key(cctx), 1)) + goto end; + } else if (tst == 4) { context = SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_TLS1_3_SERVER_HELLO @@ -5678,6 +5706,12 @@ || (tst != 2 && snicb != 0) || (tst == 2 && snicb != 1)) goto end; + } else if (tst == 5) { + if (clntaddnewcb != 1 + || clntparsenewcb != 1 + || srvaddnewcb != 1 + || srvparsenewcb != 1) + goto end; } else { /* In this case there 2 NewSessionTicket messages created */ if (clntaddnewcb != 1 @@ -5694,8 +5728,8 @@ SSL_free(clientssl); serverssl = clientssl = NULL; - if (tst == 3) { - /* We don't bother with the resumption aspects for this test */ + if (tst == 3 || tst == 5) { + /* We don't bother with the resumption aspects for these tests */ testresult = 1; goto end; } @@ -6752,7 +6786,7 @@ row = NULL; - if (!TXT_DB_write(out, db)) + if (TXT_DB_write(out, db) <= 0) goto end; ret = 1; @@ -7944,7 +7978,7 @@ if (!TEST_ptr(chain)) goto out; if (!TEST_ptr(in = BIO_new(BIO_s_file())) - || !TEST_int_ge(BIO_read_filename(in, rootfile), 0) + || !TEST_int_gt(BIO_read_filename(in, rootfile), 0) || !TEST_ptr(rootx = X509_new_ex(libctx, NULL)) || !TEST_ptr(PEM_read_bio_X509(in, &rootx, NULL, NULL)) || !TEST_true(sk_X509_push(chain, rootx))) @@ -7952,13 +7986,13 @@ rootx = NULL; BIO_free(in); if (!TEST_ptr(in = BIO_new(BIO_s_file())) - || !TEST_int_ge(BIO_read_filename(in, ecdsacert), 0) + || !TEST_int_gt(BIO_read_filename(in, ecdsacert), 0) || !TEST_ptr(x509 = X509_new_ex(libctx, NULL)) || !TEST_ptr(PEM_read_bio_X509(in, &x509, NULL, NULL))) goto out; BIO_free(in); if (!TEST_ptr(in = BIO_new(BIO_s_file())) - || !TEST_int_ge(BIO_read_filename(in, ecdsakey), 0) + || !TEST_int_gt(BIO_read_filename(in, ecdsakey), 0) || !TEST_ptr(pkey = PEM_read_bio_PrivateKey_ex(in, NULL, NULL, NULL, libctx, NULL))) @@ -8124,11 +8158,6 @@ return 0; } -static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) -{ - return 1; -} - static int test_client_cert_cb(int tst) { SSL_CTX *cctx = NULL, *sctx = NULL; @@ -8985,7 +9014,7 @@ pctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL); if (!TEST_ptr(pctx) - || !TEST_true(EVP_PKEY_fromdata_init(pctx))) + || !TEST_int_eq(EVP_PKEY_fromdata_init(pctx), 1)) goto end; tmpl = OSSL_PARAM_BLD_new(); @@ -9000,8 +9029,9 @@ params = OSSL_PARAM_BLD_to_param(tmpl); if (!TEST_ptr(params) - || !TEST_true(EVP_PKEY_fromdata(pctx, &dhpkey, - EVP_PKEY_KEY_PARAMETERS, params))) + || !TEST_int_eq(EVP_PKEY_fromdata(pctx, &dhpkey, + EVP_PKEY_KEY_PARAMETERS, + params), 1)) goto end; tmp_dh_params = dhpkey; @@ -9649,7 +9679,7 @@ /* Test with only TLSv1.3 versions */ ADD_ALL_TESTS(test_key_exchange, 12); # endif - ADD_ALL_TESTS(test_custom_exts, 5); + ADD_ALL_TESTS(test_custom_exts, 6); ADD_TEST(test_stateless); ADD_TEST(test_pha_key_update); #else diff -Nru openssl-3.0.0/test/ssl_old_test.c openssl-3.0.1/test/ssl_old_test.c --- openssl-3.0.0/test/ssl_old_test.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/ssl_old_test.c 2021-12-14 17:16:25.000000000 +0100 @@ -829,12 +829,14 @@ static int write_session(const char *filename, SSL_SESSION *sess) { - BIO *f = BIO_new_file(filename, "w"); + BIO *f; if (sess == NULL) { BIO_printf(bio_err, "No session information\n"); return 0; } + + f = BIO_new_file(filename, "w"); if (f == NULL) { BIO_printf(bio_err, "Can't open session file %s\n", filename); ERR_print_errors(bio_err); @@ -1894,9 +1896,9 @@ BIO_snprintf(addr_str, sizeof(addr_str), ":%s", BIO_get_accept_port(acpt)); client = BIO_new_connect(addr_str); - BIO_set_conn_ip_family(client, family); if (!client) goto err; + BIO_set_conn_ip_family(client, family); if (BIO_set_nbio(client, 1) <= 0) goto err; diff -Nru openssl-3.0.0/test/ssl-tests/01-simple.cnf openssl-3.0.1/test/ssl-tests/01-simple.cnf --- openssl-3.0.0/test/ssl-tests/01-simple.cnf 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/ssl-tests/01-simple.cnf 2021-12-14 17:16:25.000000000 +0100 @@ -1,10 +1,11 @@ # Generated with generate_ssl_tests.pl -num_tests = 3 +num_tests = 4 test-0 = 0-default test-1 = 1-Server signature algorithms bug test-2 = 2-verify-cert +test-3 = 3-name-constraints-no-san-in-ee # =========================================================== [0-default] @@ -76,3 +77,26 @@ ExpectedResult = ClientFail +# =========================================================== + +[3-name-constraints-no-san-in-ee] +ssl_conf = 3-name-constraints-no-san-in-ee-ssl + +[3-name-constraints-no-san-in-ee-ssl] +server = 3-name-constraints-no-san-in-ee-server +client = 3-name-constraints-no-san-in-ee-client + +[3-name-constraints-no-san-in-ee-server] +Certificate = ${ENV::TEST_CERTS_DIR}/goodcn2-chain.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/goodcn2-key.pem + +[3-name-constraints-no-san-in-ee-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Peer + +[test-3] +ExpectedResult = Success + + diff -Nru openssl-3.0.0/test/ssl-tests/01-simple.cnf.in openssl-3.0.1/test/ssl-tests/01-simple.cnf.in --- openssl-3.0.0/test/ssl-tests/01-simple.cnf.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/ssl-tests/01-simple.cnf.in 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ # -*- mode: perl; -*- -# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -39,4 +39,16 @@ "ExpectedClientAlert" => "UnknownCA", }, }, + + { + name => "name-constraints-no-san-in-ee", + server => { + "Certificate" => test_pem("goodcn2-chain.pem"), + "PrivateKey" => test_pem("goodcn2-key.pem"), + }, + client => { + "VerifyCAFile" => test_pem("root-cert.pem"), + }, + test => { "ExpectedResult" => "Success" }, + }, ); diff -Nru openssl-3.0.0/test/testutil/tests.c openssl-3.0.1/test/testutil/tests.c --- openssl-3.0.0/test/testutil/tests.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/testutil/tests.c 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -417,8 +417,8 @@ if (a != NULL && BN_is_word(a, w)) return 1; - bw = BN_new(); - BN_set_word(bw, w); + if ((bw = BN_new()) != NULL) + BN_set_word(bw, w); test_fail_bignum_message(NULL, file, line, "BIGNUM", bns, ws, "==", a, bw); BN_free(bw); return 0; @@ -431,10 +431,10 @@ if (a != NULL && BN_abs_is_word(a, w)) return 1; - bw = BN_new(); - aa = BN_dup(a); - BN_set_negative(aa, 0); - BN_set_word(bw, w); + if ((aa = BN_dup(a)) != NULL) + BN_set_negative(aa, 0); + if ((bw = BN_new()) != NULL) + BN_set_word(bw, w); test_fail_bignum_message(NULL, file, line, "BIGNUM", bns, ws, "abs==", aa, bw); BN_free(bw); diff -Nru openssl-3.0.0/test/testutil/testutil_init.c openssl-3.0.1/test/testutil/testutil_init.c --- openssl-3.0.0/test/testutil/testutil_init.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/testutil/testutil_init.c 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -71,15 +71,18 @@ { BIO *channel; tracedata *trace_data; + BIO *bio = NULL; if (OSSL_trace_enabled(category)) return; - channel = BIO_push(BIO_new(BIO_f_prefix()), + bio = BIO_new(BIO_f_prefix()); + channel = BIO_push(bio, BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT)); trace_data = OPENSSL_zalloc(sizeof(*trace_data)); if (trace_data == NULL + || bio == NULL || (trace_data->bio = channel) == NULL || OSSL_trace_set_callback(category, internal_trace_cb, trace_data) == 0 diff -Nru openssl-3.0.0/test/threadstest.c openssl-3.0.1/test/threadstest.c --- openssl-3.0.0/test/threadstest.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/threadstest.c 2021-12-14 17:16:25.000000000 +0100 @@ -293,7 +293,7 @@ char *msg = "Hello World"; unsigned char ctbuf[256]; unsigned char ptbuf[256]; - size_t ptlen = sizeof(ptbuf), ctlen = sizeof(ctbuf); + size_t ptlen, ctlen = sizeof(ctbuf); EVP_PKEY_CTX *ctx = NULL; int success = 0; int i; @@ -319,8 +319,9 @@ if (!TEST_ptr(ctx)) goto err; + ptlen = sizeof(ptbuf); if (!TEST_int_ge(EVP_PKEY_decrypt_init(ctx), 0) - || !TEST_int_ge(EVP_PKEY_decrypt(ctx, ptbuf, &ptlen, ctbuf, ctlen), + || !TEST_int_gt(EVP_PKEY_decrypt(ctx, ptbuf, &ptlen, ctbuf, ctlen), 0) || !TEST_mem_eq(msg, strlen(msg), ptbuf, ptlen)) goto err; @@ -464,18 +465,20 @@ return testresult; } +static char *multi_load_provider = "legacy"; /* * This test attempts to load several providers at the same time, and if * run with a thread sanitizer, should crash if the core provider code * doesn't synchronize well enough. */ -#define MULTI_LOAD_THREADS 3 +#define MULTI_LOAD_THREADS 10 static void test_multi_load_worker(void) { OSSL_PROVIDER *prov; - (void)TEST_ptr(prov = OSSL_PROVIDER_load(NULL, "default")); - (void)TEST_true(OSSL_PROVIDER_unload(prov)); + if (!TEST_ptr(prov = OSSL_PROVIDER_load(NULL, multi_load_provider)) + || !TEST_true(OSSL_PROVIDER_unload(prov))) + multi_success = 0; } static int test_multi_default(void) @@ -519,6 +522,7 @@ { thread_t threads[MULTI_LOAD_THREADS]; int i, res = 1; + OSSL_PROVIDER *prov; /* The multidefault test must run prior to this test */ if (!multidefault_run) { @@ -526,13 +530,27 @@ res = test_multi_default(); } + /* + * We use the legacy provider in test_multi_load_worker because it uses a + * child libctx that might hit more codepaths that might be sensitive to + * threading issues. But in a no-legacy build that won't be loadable so + * we use the default provider instead. + */ + prov = OSSL_PROVIDER_load(NULL, "legacy"); + if (prov == NULL) { + TEST_info("Cannot load legacy provider - assuming this is a no-legacy build"); + multi_load_provider = "default"; + } + OSSL_PROVIDER_unload(prov); + + multi_success = 1; for (i = 0; i < MULTI_LOAD_THREADS; i++) (void)TEST_true(run_thread(&threads[i], test_multi_load_worker)); for (i = 0; i < MULTI_LOAD_THREADS; i++) (void)TEST_true(wait_for_thread(threads[i])); - return res; + return res && multi_success; } typedef enum OPTION_choice { diff -Nru openssl-3.0.0/test/tls-provider.c openssl-3.0.1/test/tls-provider.c --- openssl-3.0.0/test/tls-provider.c 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/test/tls-provider.c 2021-12-14 17:16:25.000000000 +0100 @@ -813,7 +813,7 @@ int i; retry: - if (!RAND_bytes_ex(libctx, (unsigned char *)&group_id, sizeof(group_id), 0)) + if (RAND_bytes_ex(libctx, (unsigned char *)&group_id, sizeof(group_id), 0) <= 0) return 0; /* * Ensure group_id is within the IANA Reserved for private use range diff -Nru openssl-3.0.0/tools/c_rehash.in openssl-3.0.1/tools/c_rehash.in --- openssl-3.0.0/tools/c_rehash.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/tools/c_rehash.in 2021-12-14 17:16:25.000000000 +0100 @@ -28,35 +28,35 @@ my $flag = shift @ARGV; last if ( $flag eq '--'); if ( $flag eq '-old') { - $x509hash = "-subject_hash_old"; - $crlhash = "-hash_old"; + $x509hash = "-subject_hash_old"; + $crlhash = "-hash_old"; } elsif ( $flag eq '-h' || $flag eq '-help' ) { - help(); + help(); } elsif ( $flag eq '-n' ) { - $removelinks = 0; + $removelinks = 0; } elsif ( $flag eq '-v' ) { - $verbose++; + $verbose++; } else { - print STDERR "Usage error; try -h.\n"; - exit 1; + print STDERR "Usage error; try -h.\n"; + exit 1; } } sub help { - print "Usage: c_rehash [-old] [-h] [-help] [-v] [dirs...]\n"; - print " -old use old-style digest\n"; - print " -h or -help print this help text\n"; - print " -v print files removed and linked\n"; - exit 0; + print "Usage: c_rehash [-old] [-h] [-help] [-v] [dirs...]\n"; + print " -old use old-style digest\n"; + print " -h or -help print this help text\n"; + print " -v print files removed and linked\n"; + exit 0; } eval "require Cwd"; if (defined(&Cwd::getcwd)) { - $pwd=Cwd::getcwd(); + $pwd=Cwd::getcwd(); } else { - $pwd=`pwd`; - chomp($pwd); + $pwd=`pwd`; + chomp($pwd); } # DOS/Win32 or Unix delimiter? Prefix our installdir, then search. @@ -64,92 +64,92 @@ $ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : ""); if (! -x $openssl) { - my $found = 0; - foreach (split /$path_delim/, $ENV{PATH}) { - if (-x "$_/$openssl") { - $found = 1; - $openssl = "$_/$openssl"; - last; - } - } - if ($found == 0) { - print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n"; - exit 0; - } + my $found = 0; + foreach (split /$path_delim/, $ENV{PATH}) { + if (-x "$_/$openssl") { + $found = 1; + $openssl = "$_/$openssl"; + last; + } + } + if ($found == 0) { + print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n"; + exit 0; + } } if (@ARGV) { - @dirlist = @ARGV; + @dirlist = @ARGV; } elsif ($ENV{SSL_CERT_DIR}) { - @dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR}; + @dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR}; } else { - $dirlist[0] = "$dir/certs"; + $dirlist[0] = "$dir/certs"; } if (-d $dirlist[0]) { - chdir $dirlist[0]; - $openssl="$pwd/$openssl" if (!-x $openssl); - chdir $pwd; + chdir $dirlist[0]; + $openssl="$pwd/$openssl" if (!-x $openssl); + chdir $pwd; } foreach (@dirlist) { - if (-d $_ ) { - if ( -w $_) { - hash_dir($_); - } else { - print "Skipping $_, can't write\n"; - $errorcount++; - } - } + if (-d $_ ) { + if ( -w $_) { + hash_dir($_); + } else { + print "Skipping $_, can't write\n"; + $errorcount++; + } + } } exit($errorcount); sub hash_dir { - my %hashlist; - print "Doing $_[0]\n"; - chdir $_[0]; - opendir(DIR, "."); - my @flist = sort readdir(DIR); - closedir DIR; - if ( $removelinks ) { - # Delete any existing symbolic links - foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) { - if (-l $_) { - print "unlink $_" if $verbose; - unlink $_ || warn "Can't unlink $_, $!\n"; - } - } - } - FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) { - # Check to see if certificates and/or CRLs present. - my ($cert, $crl) = check_file($fname); - if (!$cert && !$crl) { - print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n"; - next; - } - link_hash_cert($fname) if ($cert); - link_hash_crl($fname) if ($crl); - } + my %hashlist; + print "Doing $_[0]\n"; + chdir $_[0]; + opendir(DIR, "."); + my @flist = sort readdir(DIR); + closedir DIR; + if ( $removelinks ) { + # Delete any existing symbolic links + foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) { + if (-l $_) { + print "unlink $_" if $verbose; + unlink $_ || warn "Can't unlink $_, $!\n"; + } + } + } + FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) { + # Check to see if certificates and/or CRLs present. + my ($cert, $crl) = check_file($fname); + if (!$cert && !$crl) { + print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n"; + next; + } + link_hash_cert($fname) if ($cert); + link_hash_crl($fname) if ($crl); + } } sub check_file { - my ($is_cert, $is_crl) = (0,0); - my $fname = $_[0]; - open IN, $fname; - while() { - if (/^-----BEGIN (.*)-----/) { - my $hdr = $1; - if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) { - $is_cert = 1; - last if ($is_crl); - } elsif ($hdr eq "X509 CRL") { - $is_crl = 1; - last if ($is_cert); - } - } - } - close IN; - return ($is_cert, $is_crl); + my ($is_cert, $is_crl) = (0,0); + my $fname = $_[0]; + open IN, $fname; + while() { + if (/^-----BEGIN (.*)-----/) { + my $hdr = $1; + if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) { + $is_cert = 1; + last if ($is_crl); + } elsif ($hdr eq "X509 CRL") { + $is_crl = 1; + last if ($is_cert); + } + } + } + close IN; + return ($is_cert, $is_crl); } @@ -160,72 +160,72 @@ # certificate fingerprints sub link_hash_cert { - my $fname = $_[0]; - $fname =~ s/\"/\\\"/g; - my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`; - chomp $hash; - chomp $fprint; - $fprint =~ s/^.*=//; - $fprint =~ tr/://d; - my $suffix = 0; - # Search for an unused hash filename - while(exists $hashlist{"$hash.$suffix"}) { - # Hash matches: if fingerprint matches its a duplicate cert - if ($hashlist{"$hash.$suffix"} eq $fprint) { - print STDERR "WARNING: Skipping duplicate certificate $fname\n"; - return; - } - $suffix++; - } - $hash .= ".$suffix"; - if ($symlink_exists) { - print "link $fname -> $hash\n" if $verbose; - symlink $fname, $hash || warn "Can't symlink, $!"; - } else { - print "copy $fname -> $hash\n" if $verbose; - if (open($in, "<", $fname)) { - if (open($out,">", $hash)) { - print $out $_ while (<$in>); - close $out; - } else { - warn "can't open $hash for write, $!"; - } - close $in; - } else { - warn "can't open $fname for read, $!"; - } - } - $hashlist{$hash} = $fprint; + my $fname = $_[0]; + $fname =~ s/\"/\\\"/g; + my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`; + chomp $hash; + chomp $fprint; + $fprint =~ s/^.*=//; + $fprint =~ tr/://d; + my $suffix = 0; + # Search for an unused hash filename + while(exists $hashlist{"$hash.$suffix"}) { + # Hash matches: if fingerprint matches its a duplicate cert + if ($hashlist{"$hash.$suffix"} eq $fprint) { + print STDERR "WARNING: Skipping duplicate certificate $fname\n"; + return; + } + $suffix++; + } + $hash .= ".$suffix"; + if ($symlink_exists) { + print "link $fname -> $hash\n" if $verbose; + symlink $fname, $hash || warn "Can't symlink, $!"; + } else { + print "copy $fname -> $hash\n" if $verbose; + if (open($in, "<", $fname)) { + if (open($out,">", $hash)) { + print $out $_ while (<$in>); + close $out; + } else { + warn "can't open $hash for write, $!"; + } + close $in; + } else { + warn "can't open $fname for read, $!"; + } + } + $hashlist{$hash} = $fprint; } # Same as above except for a CRL. CRL links are of the form .r sub link_hash_crl { - my $fname = $_[0]; - $fname =~ s/'/'\\''/g; - my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`; - chomp $hash; - chomp $fprint; - $fprint =~ s/^.*=//; - $fprint =~ tr/://d; - my $suffix = 0; - # Search for an unused hash filename - while(exists $hashlist{"$hash.r$suffix"}) { - # Hash matches: if fingerprint matches its a duplicate cert - if ($hashlist{"$hash.r$suffix"} eq $fprint) { - print STDERR "WARNING: Skipping duplicate CRL $fname\n"; - return; - } - $suffix++; - } - $hash .= ".r$suffix"; - if ($symlink_exists) { - print "link $fname -> $hash\n" if $verbose; - symlink $fname, $hash || warn "Can't symlink, $!"; - } else { - print "cp $fname -> $hash\n" if $verbose; - system ("cp", $fname, $hash); - warn "Can't copy, $!" if ($? >> 8) != 0; - } - $hashlist{$hash} = $fprint; + my $fname = $_[0]; + $fname =~ s/'/'\\''/g; + my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`; + chomp $hash; + chomp $fprint; + $fprint =~ s/^.*=//; + $fprint =~ tr/://d; + my $suffix = 0; + # Search for an unused hash filename + while(exists $hashlist{"$hash.r$suffix"}) { + # Hash matches: if fingerprint matches its a duplicate cert + if ($hashlist{"$hash.r$suffix"} eq $fprint) { + print STDERR "WARNING: Skipping duplicate CRL $fname\n"; + return; + } + $suffix++; + } + $hash .= ".r$suffix"; + if ($symlink_exists) { + print "link $fname -> $hash\n" if $verbose; + symlink $fname, $hash || warn "Can't symlink, $!"; + } else { + print "cp $fname -> $hash\n" if $verbose; + system ("cp", $fname, $hash); + warn "Can't copy, $!" if ($? >> 8) != 0; + } + $hashlist{$hash} = $fprint; } diff -Nru openssl-3.0.0/util/missingcrypto111.txt openssl-3.0.1/util/missingcrypto111.txt --- openssl-3.0.0/util/missingcrypto111.txt 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/util/missingcrypto111.txt 2021-12-14 17:16:25.000000000 +0100 @@ -1713,8 +1713,6 @@ conf_ssl_get(3) conf_ssl_get_cmd(3) conf_ssl_name_find(3) -d2i_X509_bio(3) -d2i_X509_fp(3) err_free_strings_int(3) i2a_ACCESS_DESCRIPTION(3) i2a_ASN1_ENUMERATED(3) @@ -1726,8 +1724,6 @@ i2b_PublicKey_bio(3) i2d_PrivateKey_bio(3) i2d_PrivateKey_fp(3) -i2d_X509_bio(3) -i2d_X509_fp(3) i2o_ECPublicKey(3) i2s_ASN1_ENUMERATED(3) i2s_ASN1_ENUMERATED_TABLE(3) diff -Nru openssl-3.0.0/util/missingcrypto.txt openssl-3.0.1/util/missingcrypto.txt --- openssl-3.0.0/util/missingcrypto.txt 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/util/missingcrypto.txt 2021-12-14 17:16:25.000000000 +0100 @@ -1413,8 +1413,6 @@ conf_ssl_get(3) conf_ssl_get_cmd(3) conf_ssl_name_find(3) -d2i_X509_bio(3) -d2i_X509_fp(3) err_free_strings_int(3) i2a_ACCESS_DESCRIPTION(3) i2a_ASN1_ENUMERATED(3) @@ -1423,8 +1421,6 @@ i2a_ASN1_STRING(3) i2b_PrivateKey_bio(3) i2b_PublicKey_bio(3) -i2d_X509_bio(3) -i2d_X509_fp(3) i2o_ECPublicKey(3) i2v_ASN1_BIT_STRING(3) i2v_GENERAL_NAME(3) diff -Nru openssl-3.0.0/util/mkpod2html.pl openssl-3.0.1/util/mkpod2html.pl --- openssl-3.0.0/util/mkpod2html.pl 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/util/mkpod2html.pl 2021-12-14 17:16:25.000000000 +0100 @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -12,6 +12,7 @@ use lib "."; use Getopt::Std; use Pod::Html; +use File::Spec::Functions qw(:DEFAULT rel2abs); # Options. our($opt_i); # -i INFILE @@ -25,6 +26,14 @@ die "-t flag missing" unless $opt_t; die "-r flag missing" unless $opt_r; +# We originally used realpath() here, but the Windows implementation appears +# to require that the directory or file exist to be able to process the input, +# so we use rel2abs() instead, which only processes the string without +# looking further. +$opt_i = rel2abs($opt_i) or die "Can't convert to real path: $!"; +$opt_o = rel2abs($opt_o) or die "Can't convert to real path: $!"; +$opt_r = rel2abs($opt_r) or die "Can't convert to real path: $!"; + pod2html "--infile=$opt_i", "--outfile=$opt_o", diff -Nru openssl-3.0.0/util/other.syms openssl-3.0.1/util/other.syms --- openssl-3.0.0/util/other.syms 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/util/other.syms 2021-12-14 17:16:25.000000000 +0100 @@ -51,6 +51,7 @@ EVP_PKEY_ASN1_METHOD datatype EVP_RAND datatype EVP_RAND_CTX datatype +EVP_SIGNATURE datatype GEN_SESSION_CB datatype OPENSSL_Applink external OSSL_LIB_CTX datatype diff -Nru openssl-3.0.0/util/perl/OpenSSL/Ordinals.pm openssl-3.0.1/util/perl/OpenSSL/Ordinals.pm --- openssl-3.0.0/util/perl/OpenSSL/Ordinals.pm 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/util/perl/OpenSSL/Ordinals.pm 2021-12-14 17:16:25.000000000 +0100 @@ -623,8 +623,6 @@ my $version = shift // '*'; my $baseversion = shift // '*'; - $version =~ s|-.*||g; - if ($baseversion eq '*') { $baseversion = $version; if ($baseversion ne '*') { diff -Nru openssl-3.0.0/util/perl/OpenSSL/ParseC.pm openssl-3.0.1/util/perl/OpenSSL/ParseC.pm --- openssl-3.0.0/util/perl/OpenSSL/ParseC.pm 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/util/perl/OpenSSL/ParseC.pm 2021-12-14 17:16:25.000000000 +0100 @@ -610,6 +610,12 @@ }, }, + # OpenSSL's declaration of externs with possible export linkage + # (really only relevant on Windows) + { regexp => qr/OPENSSL_(?:EXPORT|EXTERN)/, + massager => sub { return ("extern"); } + }, + # Spurious stuff found in the OpenSSL headers # Usually, these are just macros that expand to, well, something { regexp => qr/__NDK_FPABI__/, diff -Nru openssl-3.0.0/VERSION.dat openssl-3.0.1/VERSION.dat --- openssl-3.0.0/VERSION.dat 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/VERSION.dat 2021-12-14 17:16:25.000000000 +0100 @@ -1,7 +1,7 @@ MAJOR=3 MINOR=0 -PATCH=0 +PATCH=1 PRE_RELEASE_TAG= BUILD_METADATA= -RELEASE_DATE="7 sep 2021" +RELEASE_DATE="14 Dec 2021" SHLIB_VERSION=3 diff -Nru openssl-3.0.0/VMS/openssl_ivp.com.in openssl-3.0.1/VMS/openssl_ivp.com.in --- openssl-3.0.0/VMS/openssl_ivp.com.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/VMS/openssl_ivp.com.in 2021-12-14 17:16:25.000000000 +0100 @@ -14,8 +14,8 @@ $ OPENSSLDIR_ = F$PARSE("A.;",OPENSSLDIR,,,"NO_CONCEAL") - - ".][000000" - "[000000." - "][" - "]A.;" + "." $ -$ v := {- sprintf "%02d%02d", split(/\./, $config{version}) -} -$ pz := {- $config{pointer_size} -} +$ v := {- sprintf "%02d", split(/\./, $config{version}) -} +$ pz := {- $target{pointer_size} -} $ $ @'INSTALLTOP_'SYS$STARTUP]openssl_startup'v' $ @'INSTALLTOP_'SYS$STARTUP]openssl_utils'v' @@ -41,6 +41,12 @@ $ ! FUTURE ENHANCEMENT: Verify that engines are where they should be. $ ! openssl engine -c -t checker $ +$ ! Verify that the built in providers are reachable. If they aren't, +$ ! then we're likely to get an image activation error here +$ openssl list -provider base -providers +$ openssl list -provider default -providers +$ openssl list -provider legacy -providers +$ $ WRITE SYS$ERROR "OpenSSL IVP passed" $ EXIT %x10000001 $ diff -Nru openssl-3.0.0/VMS/openssl_shutdown.com.in openssl-3.0.1/VMS/openssl_shutdown.com.in --- openssl-3.0.0/VMS/openssl_shutdown.com.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/VMS/openssl_shutdown.com.in 2021-12-14 17:16:25.000000000 +0100 @@ -26,15 +26,16 @@ $ $ ! Abbrevs $ DEAS := DEASSIGN /NOLOG 'P1' -$ sv := {- sprintf "%02d%02d", split m|\.|, $config{shlib_version} -} -$ pz := {- $config{pointer_size} -} +$ sv := {- platform->shlib_version_as_filename(); -} +$ pz := {- $target{pointer_size} -} $ $ DEAS OSSL$DATAROOT $ DEAS OSSL$INSTROOT $ DEAS OSSL$INCLUDE $ DEAS OSSL$LIB $ DEAS OSSL$SHARE -$ DEAS OSSL$ENGINES'sv' +$ DEAS OSSL$ENGINES'sv''pz' +$ DEAS OSSL$MODULES'pz' $ DEAS OSSL$EXE $ DEAS OSSL$LIBCRYPTO'pz' $ DEAS OSSL$LIBSSL'pz' @@ -46,7 +47,7 @@ $ $ IF P2 .NES. "NOALIASES" $ THEN -$ DEAS OSSL$ENGINES +$ DEAS OSSL$ENGINES'pz' ${- output_off() if $config{no_shared}; "" -} $ DEAS OSSL$LIBCRYPTO_SHR'pz' $ DEAS OSSL$LIBSSL_SHR'pz' diff -Nru openssl-3.0.0/VMS/openssl_startup.com.in openssl-3.0.1/VMS/openssl_startup.com.in --- openssl-3.0.0/VMS/openssl_startup.com.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/VMS/openssl_startup.com.in 2021-12-14 17:16:25.000000000 +0100 @@ -15,7 +15,8 @@ $ ! OSSL$SHARE Where the shareable image files $ ! are located $ ! OSSL$EXE Where the executables are located -$ ! OSSL$ENGINESnnn Where the shareable images are located +$ ! OSSL$ENGINESnnn Where the engines modules are located +$ ! OSSL$MODULES Where the non-engine modules are located $ ! OSSL$LIBCRYPTO The static crypto library $ ! OSSL$LIBSSL The static ssl library $ ! OSSL$LIBCRYPTOnnn_SHR The shareable crypto image @@ -88,8 +89,8 @@ $ ! Abbrevs $ DEFT := DEFINE /TRANSLATION=CONCEALED /NOLOG 'P1' $ DEF := DEFINE /NOLOG 'P1' -$ sv := {- sprintf "%02d%02d", split m|\.|, $config{shlib_version} -} -$ pz := {- $config{pointer_size} -} +$ sv := {- platform->shlib_version_as_filename(); -} +$ pz := {- $target{pointer_size} -} $ $ DEFT OSSL$DATAROOT 'OPENSSLDIR_'] $ DEFT OSSL$INSTROOT 'INSTALLTOP_'] @@ -97,6 +98,7 @@ $ DEF OSSL$LIB OSSL$INSTROOT:[LIB.'arch'] $ DEF OSSL$SHARE OSSL$INSTROOT:[LIB.'arch'] $ DEF OSSL$ENGINES'sv''pz' OSSL$INSTROOT:[ENGINES'sv''pz'.'arch'] +$ DEF OSSL$MODULES'pz' OSSL$INSTROOT:[MODULES'pz'.'arch'] $ DEF OSSL$EXE OSSL$INSTROOT:[EXE.'arch'],- OSSL$INSTROOT:[EXE] $ DEF OSSL$LIBCRYPTO'pz' OSSL$LIB:OSSL$LIBCRYPTO'pz'.OLB diff -Nru openssl-3.0.0/VMS/openssl_utils.com.in openssl-3.0.1/VMS/openssl_utils.com.in --- openssl-3.0.0/VMS/openssl_utils.com.in 2021-09-07 13:46:32.000000000 +0200 +++ openssl-3.0.1/VMS/openssl_utils.com.in 2021-12-14 17:16:25.000000000 +0100 @@ -1,7 +1,7 @@ $ ! OpenSSL utilities $ ! $ -$ v := {- sprintf "%02d%02d", split(/\./, $config{version}) -} +$ v := {- sprintf "%02d", split(/\./, $config{version}) -} $ $ OPENSSL'v' :== $OSSL$EXE:OPENSSL'v' $ OPENSSL :== $OSSL$EXE:OPENSSL'v'