pool/openssl-1_1
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
factory
openssl-1_1/openssl-1_1-ossl-sli-002-ran-make-update.patch

947 lines
47 KiB
Diff
Raw Permalink Normal View History

Accepting request 1111331 from home:ohollmann:branches:security:tls - Update to 1.1.1w: * Fix POLY1305 MAC implementation corrupting XMM registers on Windows. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. (CVE-2023-4807) - Add missing FIPS patches from SLE: * Add patches: - bsc1185319-FIPS-KAT-for-ECDSA.patch - bsc1198207-FIPS-add-hash_hmac-drbg-kat.patch - openssl-1.1.1-fips-fix-memory-leaks.patch - openssl-1_1-FIPS-PBKDF2-KAT-requirements.patch - openssl-1_1-FIPS_drbg-rewire.patch - openssl-1_1-Zeroization.patch - openssl-1_1-fips-drbg-selftest.patch - openssl-1_1-fips-list-only-approved-digest-and-pubkey-algorithms.patch - openssl-1_1-jitterentropy-3.4.0.patch - openssl-1_1-ossl-sli-000-fix-build-error.patch OBS-URL: https://build.opensuse.org/request/show/1111331 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=144
2023-09-14 21:44:42 +02:00
---
apps/openssl-vms.cnf | 18 ++++
crypto/dh/dh_err.c | 8 -
crypto/dsa/dsa_err.c | 8 +
crypto/ec/ec_err.c | 29 ++++++-
crypto/err/openssl.txt | 40 +++++++++
crypto/evp/evp_err.c | 6 -
crypto/fips/fips_ers.c | 189 +++++++++++++++++++++++++++++++++++++++++++++--
crypto/rsa/rsa_err.c | 23 +++--
include/openssl/dherr.h | 15 +--
include/openssl/dsaerr.h | 18 +---
include/openssl/ecerr.h | 7 -
include/openssl/evperr.h | 19 ++--
include/openssl/rsaerr.h | 32 +++----
13 files changed, 333 insertions(+), 79 deletions(-)
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -11,6 +11,24 @@
# defined.
HOME = .
+openssl_conf = openssl_init
+
+[ openssl_init ]
+
+engines = engine_section
+
+[ engine_section ]
+
+# This include will look through the directory that will contain the
+# engine declarations for any engines provided by other packages.
Accepting request 1144565 from home:ohollmann:branches:security:tls - Rename engines directories to the same name like in SLE: /etc/ssl/engines1_1.d -> /etc/ssl/engines1.1.d /etc/ssl/engdef1_1.d -> /etc/ssl/engdef1.1.d * Add migration script to move files (bsc#1219562) /etc/ssl/engines.d/* -> /etc/ssl/engines1.1.d /etc/ssl/engdef.d/* -> /etc/ssl/engdef1.1.d - Security fix: [bsc#1219243, CVE-2024-0727] * Add NULL checks where ContentInfo data can be NULL * Add openssl-CVE-2024-0727.patch OBS-URL: https://build.opensuse.org/request/show/1144565 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=156
2024-02-06 13:52:41 +01:00
+.include /etc/ssl/engines1.1.d
Accepting request 1111331 from home:ohollmann:branches:security:tls - Update to 1.1.1w: * Fix POLY1305 MAC implementation corrupting XMM registers on Windows. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. (CVE-2023-4807) - Add missing FIPS patches from SLE: * Add patches: - bsc1185319-FIPS-KAT-for-ECDSA.patch - bsc1198207-FIPS-add-hash_hmac-drbg-kat.patch - openssl-1.1.1-fips-fix-memory-leaks.patch - openssl-1_1-FIPS-PBKDF2-KAT-requirements.patch - openssl-1_1-FIPS_drbg-rewire.patch - openssl-1_1-Zeroization.patch - openssl-1_1-fips-drbg-selftest.patch - openssl-1_1-fips-list-only-approved-digest-and-pubkey-algorithms.patch - openssl-1_1-jitterentropy-3.4.0.patch - openssl-1_1-ossl-sli-000-fix-build-error.patch OBS-URL: https://build.opensuse.org/request/show/1111331 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=144
2023-09-14 21:44:42 +02:00
+
+# This include will look through the directory that will contain the
+# definitions of the engines declared in the engine section.
Accepting request 1144565 from home:ohollmann:branches:security:tls - Rename engines directories to the same name like in SLE: /etc/ssl/engines1_1.d -> /etc/ssl/engines1.1.d /etc/ssl/engdef1_1.d -> /etc/ssl/engdef1.1.d * Add migration script to move files (bsc#1219562) /etc/ssl/engines.d/* -> /etc/ssl/engines1.1.d /etc/ssl/engdef.d/* -> /etc/ssl/engdef1.1.d - Security fix: [bsc#1219243, CVE-2024-0727] * Add NULL checks where ContentInfo data can be NULL * Add openssl-CVE-2024-0727.patch OBS-URL: https://build.opensuse.org/request/show/1144565 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=156
2024-02-06 13:52:41 +01:00
+.include /etc/ssl/engdef1.1.d
Accepting request 1111331 from home:ohollmann:branches:security:tls - Update to 1.1.1w: * Fix POLY1305 MAC implementation corrupting XMM registers on Windows. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. (CVE-2023-4807) - Add missing FIPS patches from SLE: * Add patches: - bsc1185319-FIPS-KAT-for-ECDSA.patch - bsc1198207-FIPS-add-hash_hmac-drbg-kat.patch - openssl-1.1.1-fips-fix-memory-leaks.patch - openssl-1_1-FIPS-PBKDF2-KAT-requirements.patch - openssl-1_1-FIPS_drbg-rewire.patch - openssl-1_1-Zeroization.patch - openssl-1_1-fips-drbg-selftest.patch - openssl-1_1-fips-list-only-approved-digest-and-pubkey-algorithms.patch - openssl-1_1-jitterentropy-3.4.0.patch - openssl-1_1-ossl-sli-000-fix-build-error.patch OBS-URL: https://build.opensuse.org/request/show/1111331 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=144
2023-09-14 21:44:42 +02:00
+
+[ oid_section ]
+
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
--- a/crypto/dh/dh_err.c
+++ b/crypto/dh/dh_err.c
@@ -26,8 +26,8 @@ static const ERR_STRING_DATA DH_str_func
{ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_SHARED_INFO, 0),
"dh_cms_set_shared_info"},
{ERR_PACK(ERR_LIB_DH, DH_F_DH_COMPUTE_KEY, 0), "DH_compute_key"},
- {ERR_PACK(ERR_LIB_DH, DH_F_DH_GENERATE_KEY, 0), "DH_generate_key"},
- {ERR_PACK(ERR_LIB_DH, DH_F_DH_GENERATE_PARAMETERS_EX, 0), "DH_generate_parameters_ex"},
+ {ERR_PACK(ERR_LIB_DH, DH_F_DH_GENERATE_PARAMETERS_EX, 0),
+ "DH_generate_parameters_ex"},
{ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_DUP, 0), "DH_meth_dup"},
{ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_NEW, 0), "DH_meth_new"},
{ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_SET1_NAME, 0), "DH_meth_set1_name"},
@@ -78,11 +78,11 @@ static const ERR_STRING_DATA DH_str_reas
{ERR_PACK(ERR_LIB_DH, 0, DH_R_KEY_SIZE_TOO_SMALL), "key size too small"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_MISSING_PUBKEY), "missing pubkey"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_MODULUS_TOO_LARGE), "modulus too large"},
+ {ERR_PACK(ERR_LIB_DH, 0, DH_R_NON_FIPS_METHOD), "non fips method"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_NOT_SUITABLE_GENERATOR),
"not suitable generator"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PARAMETERS_SET), "no parameters set"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PRIVATE_VALUE), "no private value"},
- {ERR_PACK(ERR_LIB_DH, 0, DH_R_NON_FIPS_METHOD), "non FIPS method"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR),
"parameter encoding error"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"},
--- a/crypto/dsa/dsa_err.c
+++ b/crypto/dsa/dsa_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -24,7 +24,8 @@ static const ERR_STRING_DATA DSA_str_fun
{ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_SIGN, 0), "DSA_do_sign"},
{ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_VERIFY, 0), "DSA_do_verify"},
{ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_GENERATE_KEY, 0), "DSA_generate_key"},
- {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_GENERATE_PARAMETERS_EX, 0), "DSA_generate_parameters_ex"},
+ {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_GENERATE_PARAMETERS_EX, 0),
+ "DSA_generate_parameters_ex"},
{ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_DUP, 0), "DSA_meth_dup"},
{ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_NEW, 0), "DSA_meth_new"},
{ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_SET1_NAME, 0), "DSA_meth_set1_name"},
@@ -60,8 +61,9 @@ static const ERR_STRING_DATA DSA_str_rea
{ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MISSING_PRIVATE_KEY),
"missing private key"},
{ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MODULUS_TOO_LARGE), "modulus too large"},
+ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NON_FIPS_DSA_METHOD),
+ "non fips dsa method"},
{ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NO_PARAMETERS_SET), "no parameters set"},
- {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NON_FIPS_DSA_METHOD), "non FIPS DSA method"},
{ERR_PACK(ERR_LIB_DSA, 0, DSA_R_PARAMETER_ENCODING_ERROR),
"parameter encoding error"},
{ERR_PACK(ERR_LIB_DSA, 0, DSA_R_Q_NOT_PRIME), "q not prime"},
--- a/crypto/ec/ec_err.c
+++ b/crypto/ec/ec_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -27,9 +27,19 @@ static const ERR_STRING_DATA EC_str_func
"ecdh_simple_compute_key"},
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_DO_SIGN_EX, 0), "ECDSA_do_sign_ex"},
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_DO_VERIFY, 0), "ECDSA_do_verify"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_S390X_NISTP_SIGN_SIG, 0),
+ "ecdsa_s390x_nistp_sign_sig"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, 0),
+ "ecdsa_s390x_nistp_verify_sig"},
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIGN_EX, 0), "ECDSA_sign_ex"},
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIGN_SETUP, 0), "ECDSA_sign_setup"},
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIG_NEW, 0), "ECDSA_SIG_new"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIMPLE_SIGN_SETUP, 0),
+ "ecdsa_simple_sign_setup"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIMPLE_SIGN_SIG, 0),
+ "ecdsa_simple_sign_sig"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIMPLE_VERIFY_SIG, 0),
+ "ecdsa_simple_verify_sig"},
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_VERIFY, 0), "ECDSA_verify"},
{ERR_PACK(ERR_LIB_EC, EC_F_ECD_ITEM_VERIFY, 0), "ecd_item_verify"},
{ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_PARAM2TYPE, 0), "eckey_param2type"},
@@ -193,6 +203,7 @@ static const ERR_STRING_DATA EC_str_func
{ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_PRINT_FP, 0), "EC_KEY_print_fp"},
{ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_PRIV2BUF, 0), "EC_KEY_priv2buf"},
{ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_PRIV2OCT, 0), "EC_KEY_priv2oct"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_PUBLIC_CHECK, 0), "ec_key_public_check"},
{ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES, 0),
"EC_KEY_set_public_key_affine_coordinates"},
{ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_SIMPLE_CHECK_KEY, 0),
@@ -266,6 +277,8 @@ static const ERR_STRING_DATA EC_str_func
{ERR_PACK(ERR_LIB_EC, EC_F_OLD_EC_PRIV_DECODE, 0), "old_ec_priv_decode"},
{ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDH_COMPUTE_KEY, 0),
"ossl_ecdh_compute_key"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_SIGN_SETUP, 0),
+ "ossl_ecdsa_sign_setup"},
{ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_SIGN_SIG, 0), "ossl_ecdsa_sign_sig"},
{ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_VERIFY_SIG, 0),
"ossl_ecdsa_verify_sig"},
@@ -284,6 +297,18 @@ static const ERR_STRING_DATA EC_str_func
{ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_KEYGEN, 0), "pkey_ec_keygen"},
{ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_PARAMGEN, 0), "pkey_ec_paramgen"},
{ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_SIGN, 0), "pkey_ec_sign"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_DIGESTSIGN25519, 0),
+ "s390x_pkey_ecd_digestsign25519"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_DIGESTSIGN448, 0),
+ "s390x_pkey_ecd_digestsign448"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_KEYGEN25519, 0),
+ "s390x_pkey_ecd_keygen25519"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_KEYGEN448, 0),
+ "s390x_pkey_ecd_keygen448"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECX_KEYGEN25519, 0),
+ "s390x_pkey_ecx_keygen25519"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECX_KEYGEN448, 0),
+ "s390x_pkey_ecx_keygen448"},
{ERR_PACK(ERR_LIB_EC, EC_F_VALIDATE_ECX_DERIVE, 0), "validate_ecx_derive"},
{0, NULL}
};
@@ -298,6 +323,8 @@ static const ERR_STRING_DATA EC_str_reas
"coordinates out of range"},
{ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH),
"curve does not support ecdh"},
+ {ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA),
+ "curve does not support ecdsa"},
{ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING),
"curve does not support signing"},
{ERR_PACK(ERR_LIB_EC, 0, EC_R_D2I_ECPKPARAMETERS_FAILURE),
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -408,6 +408,8 @@ DH_F_DH_CHECK_PUB_KEY_EX:123:DH_check_pu
DH_F_DH_CMS_DECRYPT:114:dh_cms_decrypt
DH_F_DH_CMS_SET_PEERKEY:115:dh_cms_set_peerkey
DH_F_DH_CMS_SET_SHARED_INFO:116:dh_cms_set_shared_info
+DH_F_DH_COMPUTE_KEY:126:DH_compute_key
+DH_F_DH_GENERATE_PARAMETERS_EX:127:DH_generate_parameters_ex
DH_F_DH_METH_DUP:117:DH_meth_dup
DH_F_DH_METH_NEW:118:DH_meth_new
DH_F_DH_METH_SET1_NAME:119:DH_meth_set1_name
@@ -427,10 +429,13 @@ DH_F_PKEY_DH_INIT:125:pkey_dh_init
DH_F_PKEY_DH_KEYGEN:113:pkey_dh_keygen
DSA_F_DSAPARAMS_PRINT:100:DSAparams_print
DSA_F_DSAPARAMS_PRINT_FP:101:DSAparams_print_fp
+DSA_F_DSA_BUILTIN_KEYGEN:108:dsa_builtin_keygen
DSA_F_DSA_BUILTIN_PARAMGEN:125:dsa_builtin_paramgen
DSA_F_DSA_BUILTIN_PARAMGEN2:126:dsa_builtin_paramgen2
DSA_F_DSA_DO_SIGN:112:DSA_do_sign
DSA_F_DSA_DO_VERIFY:113:DSA_do_verify
+DSA_F_DSA_GENERATE_KEY:109:DSA_generate_key
+DSA_F_DSA_GENERATE_PARAMETERS_EX:110:DSA_generate_parameters_ex
DSA_F_DSA_METH_DUP:127:DSA_meth_dup
DSA_F_DSA_METH_NEW:128:DSA_meth_new
DSA_F_DSA_METH_SET1_NAME:129:DSA_meth_set1_name
@@ -494,15 +499,15 @@ EC_F_ECDH_COMPUTE_KEY:246:ECDH_compute_k
EC_F_ECDH_SIMPLE_COMPUTE_KEY:257:ecdh_simple_compute_key
EC_F_ECDSA_DO_SIGN_EX:251:ECDSA_do_sign_ex
EC_F_ECDSA_DO_VERIFY:252:ECDSA_do_verify
+EC_F_ECDSA_S390X_NISTP_SIGN_SIG:313:ecdsa_s390x_nistp_sign_sig
+EC_F_ECDSA_S390X_NISTP_VERIFY_SIG:314:ecdsa_s390x_nistp_verify_sig
EC_F_ECDSA_SIGN_EX:254:ECDSA_sign_ex
EC_F_ECDSA_SIGN_SETUP:248:ECDSA_sign_setup
EC_F_ECDSA_SIG_NEW:265:ECDSA_SIG_new
-EC_F_ECDSA_VERIFY:253:ECDSA_verify
EC_F_ECDSA_SIMPLE_SIGN_SETUP:310:ecdsa_simple_sign_setup
EC_F_ECDSA_SIMPLE_SIGN_SIG:311:ecdsa_simple_sign_sig
EC_F_ECDSA_SIMPLE_VERIFY_SIG:312:ecdsa_simple_verify_sig
-EC_F_ECDSA_S390X_NISTP_SIGN_SIG:313:ecdsa_s390x_nistp_sign_sig
-EC_F_ECDSA_S390X_NISTP_VERIFY_SIG:314:ecdsa_s390x_nistp_verify_sig
+EC_F_ECDSA_VERIFY:253:ECDSA_verify
EC_F_ECD_ITEM_VERIFY:270:ecd_item_verify
EC_F_ECKEY_PARAM2TYPE:223:eckey_param2type
EC_F_ECKEY_PARAM_DECODE:212:eckey_param_decode
@@ -610,6 +615,7 @@ EC_F_EC_KEY_PRINT:180:EC_KEY_print
EC_F_EC_KEY_PRINT_FP:181:EC_KEY_print_fp
EC_F_EC_KEY_PRIV2BUF:279:EC_KEY_priv2buf
EC_F_EC_KEY_PRIV2OCT:256:EC_KEY_priv2oct
+EC_F_EC_KEY_PUBLIC_CHECK:299:ec_key_public_check
EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES:229:\
EC_KEY_set_public_key_affine_coordinates
EC_F_EC_KEY_SIMPLE_CHECK_KEY:258:ec_key_simple_check_key
@@ -735,6 +741,7 @@ EVP_F_AES_OCB_CIPHER:169:aes_ocb_cipher
EVP_F_AES_T4_INIT_KEY:178:aes_t4_init_key
EVP_F_AES_T4_XTS_INIT_KEY:208:aes_t4_xts_init_key
EVP_F_AES_WRAP_CIPHER:170:aes_wrap_cipher
+EVP_F_AES_XTS_CIPHER:210:aes_xts_cipher
EVP_F_AES_XTS_INIT_KEY:209:aes_xts_init_key
EVP_F_ALG_MODULE_INIT:177:alg_module_init
EVP_F_ARIA_CCM_INIT_KEY:175:aria_ccm_init_key
@@ -844,6 +851,8 @@ FIPS_F_EVP_CIPHER_CTX_NEW:137:EVP_CIPHER
FIPS_F_EVP_CIPHER_CTX_RESET:122:EVP_CIPHER_CTX_reset
FIPS_F_EVP_CIPHERINIT_EX:124:EVP_CipherInit_ex
FIPS_F_EVP_DIGESTINIT_EX:125:EVP_DigestInit_ex
+FIPS_F_ECDSA_SIMPLE_SIGN_SIG:104:ecdsa_simple_sign_sig
+FIPS_F_ECDSA_SIMPLE_VERIFY_SIG:105:ecdsa_simple_verify_sig
FIPS_F_FIPS_CHECK_DSA:104:fips_check_dsa
FIPS_F_FIPS_CHECK_EC:142:fips_check_ec
FIPS_F_FIPS_CHECK_RSA:106:fips_check_rsa
@@ -874,9 +883,15 @@ FIPS_F_FIPS_SELFTEST_CMAC:130:FIPS_selft
FIPS_F_FIPS_SELFTEST_DES:111:FIPS_selftest_des
FIPS_F_FIPS_SELFTEST_DSA:112:FIPS_selftest_dsa
FIPS_F_FIPS_SELFTEST_ECDSA:133:FIPS_selftest_ecdsa
+FIPS_F_FIPS_SELFTEST_HKDF:136:FIPS_selftest_hkdf
FIPS_F_FIPS_SELFTEST_HMAC:113:FIPS_selftest_hmac
+FIPS_F_FIPS_SELFTEST_PBKDF2:138:FIPS_selftest_pbkdf2
FIPS_F_FIPS_SELFTEST_SHA1:115:FIPS_selftest_sha1
FIPS_F_FIPS_SELFTEST_SHA2:105:FIPS_selftest_sha2
+FIPS_F_FIPS_SELFTEST_SHA3:141:FIPS_selftest_sha3
+FIPS_F_FIPS_SELFTEST_SSH:142:FIPS_selftest_ssh
+FIPS_F_FIPS_SELFTEST_TLS:143:FIPS_selftest_tls
+FIPS_F_OSSL_ECDH_COMPUTE_KEY:144:ossl_ecdh_compute_key
FIPS_F_OSSL_ECDSA_SIGN_SIG:143:ossl_ecdsa_sign_sig
FIPS_F_OSSL_ECDSA_VERIFY_SIG:148:ossl_ecdsa_verify_sig
FIPS_F_RSA_BUILTIN_KEYGEN:116:rsa_builtin_keygen
@@ -1126,6 +1141,7 @@ RAND_F_RAND_PSEUDO_BYTES:126:RAND_pseudo
RAND_F_RAND_WRITE_FILE:112:RAND_write_file
RSA_F_CHECK_PADDING_MD:140:check_padding_md
RSA_F_ENCODE_PKCS1:146:encode_pkcs1
+RSA_F_FIPS_RSA_BUILTIN_KEYGEN:168:fips_rsa_builtin_keygen
RSA_F_INT_RSA_VERIFY:145:int_rsa_verify
RSA_F_OLD_RSA_PRIV_DECODE:147:old_rsa_priv_decode
RSA_F_PKEY_PSS_INIT:165:pkey_pss_init
@@ -1140,6 +1156,8 @@ RSA_F_RSA_CHECK_KEY:123:RSA_check_key
RSA_F_RSA_CHECK_KEY_EX:160:RSA_check_key_ex
RSA_F_RSA_CMS_DECRYPT:159:rsa_cms_decrypt
RSA_F_RSA_CMS_VERIFY:158:rsa_cms_verify
+RSA_F_RSA_GENERATE_KEY_EX:169:RSA_generate_key_ex
+RSA_F_RSA_GENERATE_MULTI_PRIME_KEY:170:RSA_generate_multi_prime_key
RSA_F_RSA_ITEM_VERIFY:148:rsa_item_verify
RSA_F_RSA_METH_DUP:161:RSA_meth_dup
RSA_F_RSA_METH_NEW:162:RSA_meth_new
@@ -1175,12 +1193,18 @@ RSA_F_RSA_PADDING_CHECK_X931:128:RSA_pad
RSA_F_RSA_PARAM_DECODE:164:rsa_param_decode
RSA_F_RSA_PRINT:115:RSA_print
RSA_F_RSA_PRINT_FP:116:RSA_print_fp
+RSA_F_RSA_PRIVATE_DECRYPT:171:RSA_private_decrypt
+RSA_F_RSA_PRIVATE_ENCRYPT:172:RSA_private_encrypt
RSA_F_RSA_PRIV_DECODE:150:rsa_priv_decode
RSA_F_RSA_PRIV_ENCODE:138:rsa_priv_encode
RSA_F_RSA_PSS_GET_PARAM:151:rsa_pss_get_param
RSA_F_RSA_PSS_TO_CTX:155:rsa_pss_to_ctx
+RSA_F_RSA_PUBLIC_DECRYPT:173:RSA_public_decrypt
+RSA_F_RSA_PUBLIC_ENCRYPT:174:RSA_public_encrypt
RSA_F_RSA_PUB_DECODE:139:rsa_pub_decode
RSA_F_RSA_SETUP_BLINDING:136:RSA_setup_blinding
+RSA_F_RSA_SET_DEFAULT_METHOD:175:RSA_set_default_method
+RSA_F_RSA_SET_METHOD:176:RSA_set_method
RSA_F_RSA_SIGN:117:RSA_sign
RSA_F_RSA_SIGN_ASN1_OCTET_STRING:118:RSA_sign_ASN1_OCTET_STRING
RSA_F_RSA_VERIFY:119:RSA_verify
@@ -2189,8 +2213,10 @@ DH_R_INVALID_PARAMETER_NID:114:invalid p
DH_R_INVALID_PUBKEY:102:invalid public key
DH_R_KDF_PARAMETER_ERROR:112:kdf parameter error
DH_R_KEYS_NOT_SET:108:keys not set
+DH_R_KEY_SIZE_TOO_SMALL:126:key size too small
DH_R_MISSING_PUBKEY:125:missing pubkey
DH_R_MODULUS_TOO_LARGE:103:modulus too large
+DH_R_NON_FIPS_METHOD:127:non fips method
DH_R_NOT_SUITABLE_GENERATOR:120:not suitable generator
DH_R_NO_PARAMETERS_SET:107:no parameters set
DH_R_NO_PRIVATE_VALUE:100:no private value
@@ -2204,9 +2230,12 @@ DSA_R_BN_ERROR:109:bn error
DSA_R_DECODE_ERROR:104:decode error
DSA_R_INVALID_DIGEST_TYPE:106:invalid digest type
DSA_R_INVALID_PARAMETERS:112:invalid parameters
+DSA_R_KEY_SIZE_INVALID:114:key size invalid
+DSA_R_KEY_SIZE_TOO_SMALL:115:key size too small
DSA_R_MISSING_PARAMETERS:101:missing parameters
DSA_R_MISSING_PRIVATE_KEY:111:missing private key
DSA_R_MODULUS_TOO_LARGE:103:modulus too large
+DSA_R_NON_FIPS_DSA_METHOD:116:non fips dsa method
DSA_R_NO_PARAMETERS_SET:107:no parameters set
DSA_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error
DSA_R_Q_NOT_PRIME:113:q not prime
@@ -2344,6 +2373,7 @@ EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH:
EVP_R_DECODE_ERROR:114:decode error
EVP_R_DIFFERENT_KEY_TYPES:101:different key types
EVP_R_DIFFERENT_PARAMETERS:153:different parameters
+EVP_R_DISABLED_FOR_FIPS:185:disabled for fips
EVP_R_ERROR_LOADING_SECTION:165:error loading section
EVP_R_ERROR_SETTING_FIPS_MODE:166:error setting fips mode
EVP_R_EXPECTING_AN_HMAC_KEY:174:expecting an hmac key
@@ -2389,6 +2419,7 @@ EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREA
EVP_R_PRIVATE_KEY_DECODE_ERROR:145:private key decode error
EVP_R_PRIVATE_KEY_ENCODE_ERROR:146:private key encode error
EVP_R_PUBLIC_KEY_NOT_RSA:106:public key not rsa
+EVP_R_TOO_LARGE:186:too large
EVP_R_UNKNOWN_CIPHER:160:unknown cipher
EVP_R_UNKNOWN_DIGEST:161:unknown digest
EVP_R_UNKNOWN_OPTION:169:unknown option
@@ -2711,11 +2742,13 @@ RSA_R_MODULUS_TOO_LARGE:105:modulus too
RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R:168:mp coefficient not inverse of r
RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D:169:mp exponent not congruent to d
RSA_R_MP_R_NOT_PRIME:170:mp r not prime
+RSA_R_NON_FIPS_RSA_METHOD:171:non fips rsa method
RSA_R_NO_PUBLIC_EXPONENT:140:no public exponent
RSA_R_NULL_BEFORE_BLOCK_MISSING:113:null before block missing
RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES:172:n does not equal product of primes
RSA_R_N_DOES_NOT_EQUAL_P_Q:127:n does not equal p q
RSA_R_OAEP_DECODING_ERROR:121:oaep decoding error
+RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE:173:operation not allowed in fips mode
RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:148:\
operation not supported for this keytype
RSA_R_PADDING_CHECK_FAILED:114:padding check failed
@@ -2737,6 +2770,7 @@ RSA_R_UNSUPPORTED_ENCRYPTION_TYPE:162:un
RSA_R_UNSUPPORTED_LABEL_SOURCE:163:unsupported label source
RSA_R_UNSUPPORTED_MASK_ALGORITHM:153:unsupported mask algorithm
RSA_R_UNSUPPORTED_MASK_PARAMETER:154:unsupported mask parameter
+RSA_R_UNSUPPORTED_PARAMETERS:174:unsupported parameters
RSA_R_UNSUPPORTED_SIGNATURE_TYPE:155:unsupported signature type
RSA_R_VALUE_MISSING:147:value missing
RSA_R_WRONG_SIGNATURE_LENGTH:119:wrong signature length
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -192,7 +192,7 @@ static const ERR_STRING_DATA EVP_str_rea
"different key types"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DIFFERENT_PARAMETERS),
"different parameters"},
- {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DISABLED_FOR_FIPS), "disabled for FIPS"},
+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DISABLED_FOR_FIPS), "disabled for fips"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_LOADING_SECTION),
"error loading section"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_SETTING_FIPS_MODE),
@@ -286,8 +286,6 @@ static const ERR_STRING_DATA EVP_str_rea
"wrap mode not allowed"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRONG_FINAL_BLOCK_LENGTH),
"wrong final block length"},
- {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE),
- "xts data unit is too large"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DUPLICATED_KEYS),
"xts duplicated keys"},
{0, NULL}
--- a/crypto/fips/fips_ers.c
+++ b/crypto/fips/fips_ers.c
@@ -1,7 +1,186 @@
-#include <openssl/opensslconf.h>
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
-#ifdef OPENSSL_FIPS
-# include "fips_err.h"
-#else
-static void *dummy = &dummy;
+#include <openssl/err.h>
+#include "crypto/fipserr.h"
+
+#ifndef OPENSSL_NO_ERR
+
+static const ERR_STRING_DATA FIPS_str_functs[] = {
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_DRBG_RESEED, 0), "drbg_reseed"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_DSA_BUILTIN_PARAMGEN2, 0),
+ "dsa_builtin_paramgen2"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_DSA_DO_SIGN, 0), "DSA_do_sign"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_DSA_DO_VERIFY, 0), "DSA_do_verify"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_ECDSA_SIMPLE_SIGN_SIG, 0),
+ "ecdsa_simple_sign_sig"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_ECDSA_SIMPLE_VERIFY_SIG, 0),
+ "ecdsa_simple_verify_sig"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_EVP_CIPHERINIT_EX, 0), "EVP_CipherInit_ex"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_EVP_CIPHER_CTX_NEW, 0),
+ "EVP_CIPHER_CTX_new"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_EVP_CIPHER_CTX_RESET, 0),
+ "EVP_CIPHER_CTX_reset"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_EVP_DIGESTINIT_EX, 0), "EVP_DigestInit_ex"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_CHECK_DSA, 0), "fips_check_dsa"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_CHECK_EC, 0), "fips_check_ec"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_CHECK_RSA, 0), "fips_check_rsa"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_BYTES, 0), "fips_drbg_bytes"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_CHECK, 0), "fips_drbg_check"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_ERROR_CHECK, 0),
+ "fips_drbg_error_check"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_GENERATE, 0),
+ "FIPS_drbg_generate"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_INIT, 0), "FIPS_drbg_init"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_INSTANTIATE, 0),
+ "FIPS_drbg_instantiate"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_NEW, 0), "FIPS_drbg_new"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_SINGLE_KAT, 0),
+ "fips_drbg_single_kat"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_GET_ENTROPY, 0), "fips_get_entropy"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_MODULE_MODE_SET, 0),
+ "FIPS_module_mode_set"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_PKEY_SIGNATURE_TEST, 0),
+ "fips_pkey_signature_test"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_RAND_BYTES, 0), "FIPS_rand_bytes"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_RAND_SEED, 0), "FIPS_rand_seed"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_RAND_SET_METHOD, 0),
+ "FIPS_rand_set_method"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_RAND_STATUS, 0), "FIPS_rand_status"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, 0),
+ "fips_rsa_builtin_keygen"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_AES, 0), "FIPS_selftest_aes"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_AES_CCM, 0),
+ "FIPS_selftest_aes_ccm"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_AES_GCM, 0),
+ "FIPS_selftest_aes_gcm"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_AES_XTS, 0),
+ "FIPS_selftest_aes_xts"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_CMAC, 0),
+ "FIPS_selftest_cmac"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_DES, 0), "FIPS_selftest_des"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_ECDSA, 0),
+ "FIPS_selftest_ecdsa"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_HKDF, 0),
+ "FIPS_selftest_hkdf"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_HMAC, 0),
+ "FIPS_selftest_hmac"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_PBKDF2, 0),
+ "FIPS_selftest_pbkdf2"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_SHA1, 0),
+ "FIPS_selftest_sha1"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_SHA2, 0),
+ "FIPS_selftest_sha2"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_SHA3, 0),
+ "FIPS_selftest_sha3"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_SSH, 0), "FIPS_selftest_ssh"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_TLS, 0), "FIPS_selftest_tls"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_OSSL_ECDH_COMPUTE_KEY, 0),
+ "ossl_ecdh_compute_key"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_RSA_OSSL_PRIVATE_DECRYPT, 0),
+ "rsa_ossl_private_decrypt"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_RSA_OSSL_PRIVATE_ENCRYPT, 0),
+ "rsa_ossl_private_encrypt"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_RSA_OSSL_PUBLIC_DECRYPT, 0),
+ "rsa_ossl_public_decrypt"},
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_RSA_OSSL_PUBLIC_ENCRYPT, 0),
+ "rsa_ossl_public_encrypt"},
+ {0, NULL}
+};
+
+static const ERR_STRING_DATA FIPS_str_reasons[] = {
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED),
+ "additional input error undetected"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ADDITIONAL_INPUT_TOO_LONG),
+ "additional input too long"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ALREADY_INSTANTIATED),
+ "already instantiated"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_DRBG_NOT_INITIALISED),
+ "drbg not initialised"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ENTROPY_ERROR_UNDETECTED),
+ "entropy error undetected"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED),
+ "entropy not requested for reseed"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ENTROPY_SOURCE_STUCK),
+ "entropy source stuck"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ERROR_INITIALISING_DRBG),
+ "error initialising drbg"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ERROR_INSTANTIATING_DRBG),
+ "error instantiating drbg"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT),
+ "error retrieving additional input"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ERROR_RETRIEVING_ENTROPY),
+ "error retrieving entropy"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ERROR_RETRIEVING_NONCE),
+ "error retrieving nonce"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_FINGERPRINT_DOES_NOT_MATCH),
+ "fingerprint does not match"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_FIPS_MODE_ALREADY_SET),
+ "fips mode already set"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_FIPS_SELFTEST_FAILED),
+ "fips selftest failed"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_FUNCTION_ERROR), "function error"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_GENERATE_ERROR), "generate error"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_GENERATE_ERROR_UNDETECTED),
+ "generate error undetected"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_INSTANTIATE_ERROR), "instantiate error"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_INVALID_KEY_LENGTH),
+ "invalid key length"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_IN_ERROR_STATE), "in error state"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_KEY_TOO_SHORT), "key too short"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_NONCE_ERROR_UNDETECTED),
+ "nonce error undetected"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_NON_FIPS_METHOD), "non fips method"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_NOPR_TEST1_FAILURE),
+ "nopr test1 failure"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_NOPR_TEST2_FAILURE),
+ "nopr test2 failure"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_NOT_INSTANTIATED), "not instantiated"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_PAIRWISE_TEST_FAILED),
+ "pairwise test failed"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_PERSONALISATION_ERROR_UNDETECTED),
+ "personalisation error undetected"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_PERSONALISATION_STRING_TOO_LONG),
+ "personalisation string too long"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_PR_TEST1_FAILURE), "pr test1 failure"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_PR_TEST2_FAILURE), "pr test2 failure"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED),
+ "request length error undetected"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG),
+ "request too large for drbg"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_RESEED_COUNTER_ERROR),
+ "reseed counter error"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_RESEED_ERROR), "reseed error"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_SELFTEST_FAILED), "selftest failed"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_SELFTEST_FAILURE), "selftest failure"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_TEST_FAILURE), "test failure"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_UNINSTANTIATE_ERROR),
+ "uninstantiate error"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_UNINSTANTIATE_ZEROISE_ERROR),
+ "uninstantiate zeroise error"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_UNSUPPORTED_DRBG_TYPE),
+ "unsupported drbg type"},
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_UNSUPPORTED_PLATFORM),
+ "unsupported platform"},
+ {0, NULL}
+};
+
+#endif
+
+int ERR_load_FIPS_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+ if (ERR_func_error_string(FIPS_str_functs[0].error) == NULL) {
+ ERR_load_strings_const(FIPS_str_functs);
+ ERR_load_strings_const(FIPS_str_reasons);
+ }
#endif
+ return 1;
+}
--- a/crypto/rsa/rsa_err.c
+++ b/crypto/rsa/rsa_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -34,7 +34,8 @@ static const ERR_STRING_DATA RSA_str_fun
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CHECK_KEY_EX, 0), "RSA_check_key_ex"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_DECRYPT, 0), "rsa_cms_decrypt"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_VERIFY, 0), "rsa_cms_verify"},
- {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_GENERATE_KEY_EX, 0), "RSA_generate_key_ex"},
+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_GENERATE_KEY_EX, 0),
+ "RSA_generate_key_ex"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_GENERATE_MULTI_PRIME_KEY, 0),
"RSA_generate_multi_prime_key"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_ITEM_VERIFY, 0), "rsa_item_verify"},
@@ -93,16 +94,21 @@ static const ERR_STRING_DATA RSA_str_fun
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PARAM_DECODE, 0), "rsa_param_decode"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRINT, 0), "RSA_print"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRINT_FP, 0), "RSA_print_fp"},
+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_DECRYPT, 0),
+ "RSA_private_decrypt"},
+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_ENCRYPT, 0),
+ "RSA_private_encrypt"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIV_DECODE, 0), "rsa_priv_decode"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIV_ENCODE, 0), "rsa_priv_encode"},
- {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_DECRYPT, 0), "RSA_private_decrypt"},
- {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_ENCRYPT, 0), "RSA_private_encrypt"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PSS_GET_PARAM, 0), "rsa_pss_get_param"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PSS_TO_CTX, 0), "rsa_pss_to_ctx"},
- {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUB_DECODE, 0), "rsa_pub_decode"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUBLIC_DECRYPT, 0), "RSA_public_decrypt"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUBLIC_ENCRYPT, 0), "RSA_public_encrypt"},
+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUB_DECODE, 0), "rsa_pub_decode"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SETUP_BLINDING, 0), "RSA_setup_blinding"},
+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_DEFAULT_METHOD, 0),
+ "RSA_set_default_method"},
+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_METHOD, 0), "RSA_set_method"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN, 0), "RSA_sign"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN_ASN1_OCTET_STRING, 0),
"RSA_sign_ASN1_OCTET_STRING"},
@@ -111,8 +117,6 @@ static const ERR_STRING_DATA RSA_str_fun
"RSA_verify_ASN1_OCTET_STRING"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, 0),
"RSA_verify_PKCS1_PSS_mgf1"},
- {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_DEFAULT_METHOD, 0), "RSA_set_default_method"},
- {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_METHOD, 0), "RSA_set_method"},
{ERR_PACK(ERR_LIB_RSA, RSA_F_SETUP_TBUF, 0), "setup_tbuf"},
{0, NULL}
};
@@ -193,8 +197,9 @@ static const ERR_STRING_DATA RSA_str_rea
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D),
"mp exponent not congruent to d"},
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MP_R_NOT_PRIME), "mp r not prime"},
+ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NON_FIPS_RSA_METHOD),
+ "non fips rsa method"},
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NO_PUBLIC_EXPONENT), "no public exponent"},
- {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NON_FIPS_RSA_METHOD), "non FIPS rsa method"},
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NULL_BEFORE_BLOCK_MISSING),
"null before block missing"},
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES),
@@ -204,7 +209,7 @@ static const ERR_STRING_DATA RSA_str_rea
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OAEP_DECODING_ERROR),
"oaep decoding error"},
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),
- "operation not allowed in FIPS mode"},
+ "operation not allowed in fips mode"},
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
"operation not supported for this keytype"},
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PADDING_CHECK_FAILED),
--- a/include/openssl/dherr.h
+++ b/include/openssl/dherr.h
@@ -11,9 +11,7 @@
#ifndef HEADER_DHERR_H
# define HEADER_DHERR_H
-# ifndef HEADER_SYMHACKS_H
-# include <openssl/symhacks.h>
-# endif
+# include <openssl/symhacks.h>
# include <openssl/opensslconf.h>
@@ -36,9 +34,8 @@ int ERR_load_DH_strings(void);
# define DH_F_DH_CMS_DECRYPT 114
# define DH_F_DH_CMS_SET_PEERKEY 115
# define DH_F_DH_CMS_SET_SHARED_INFO 116
-# define DH_F_DH_COMPUTE_KEY 203
-# define DH_F_DH_GENERATE_KEY 202
-# define DH_F_DH_GENERATE_PARAMETERS_EX 201
+# define DH_F_DH_COMPUTE_KEY 126
+# define DH_F_DH_GENERATE_PARAMETERS_EX 127
# define DH_F_DH_METH_DUP 117
# define DH_F_DH_METH_NEW 118
# define DH_F_DH_METH_SET1_NAME 119
@@ -76,14 +73,14 @@ int ERR_load_DH_strings(void);
# define DH_R_INVALID_PARAMETER_NID 114
# define DH_R_INVALID_PUBKEY 102
# define DH_R_KDF_PARAMETER_ERROR 112
-# define DH_R_KEY_SIZE_TOO_SMALL 201
# define DH_R_KEYS_NOT_SET 108
+# define DH_R_KEY_SIZE_TOO_SMALL 126
# define DH_R_MISSING_PUBKEY 125
# define DH_R_MODULUS_TOO_LARGE 103
+# define DH_R_NON_FIPS_METHOD 127
# define DH_R_NOT_SUITABLE_GENERATOR 120
# define DH_R_NO_PARAMETERS_SET 107
# define DH_R_NO_PRIVATE_VALUE 100
-# define DH_R_NON_FIPS_METHOD 202
# define DH_R_PARAMETER_ENCODING_ERROR 105
# define DH_R_PEER_KEY_ERROR 111
# define DH_R_SHARED_INFO_ERROR 113
--- a/include/openssl/dsaerr.h
+++ b/include/openssl/dsaerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,9 +11,7 @@
#ifndef HEADER_DSAERR_H
# define HEADER_DSAERR_H
-# ifndef HEADER_SYMHACKS_H
-# include <openssl/symhacks.h>
-# endif
+# include <openssl/symhacks.h>
# include <openssl/opensslconf.h>
@@ -29,13 +27,13 @@ int ERR_load_DSA_strings(void);
*/
# define DSA_F_DSAPARAMS_PRINT 100
# define DSA_F_DSAPARAMS_PRINT_FP 101
-# define DSA_F_DSA_BUILTIN_KEYGEN 202
+# define DSA_F_DSA_BUILTIN_KEYGEN 108
# define DSA_F_DSA_BUILTIN_PARAMGEN 125
# define DSA_F_DSA_BUILTIN_PARAMGEN2 126
-# define DSA_F_DSA_GENERATE_KEY 201
-# define DSA_F_DSA_GENERATE_PARAMETERS_EX 200
# define DSA_F_DSA_DO_SIGN 112
# define DSA_F_DSA_DO_VERIFY 113
+# define DSA_F_DSA_GENERATE_KEY 109
+# define DSA_F_DSA_GENERATE_PARAMETERS_EX 110
# define DSA_F_DSA_METH_DUP 127
# define DSA_F_DSA_METH_NEW 128
# define DSA_F_DSA_METH_SET1_NAME 129
@@ -63,13 +61,13 @@ int ERR_load_DSA_strings(void);
# define DSA_R_DECODE_ERROR 104
# define DSA_R_INVALID_DIGEST_TYPE 106
# define DSA_R_INVALID_PARAMETERS 112
-# define DSA_R_KEY_SIZE_INVALID 201
-# define DSA_R_KEY_SIZE_TOO_SMALL 202
+# define DSA_R_KEY_SIZE_INVALID 114
+# define DSA_R_KEY_SIZE_TOO_SMALL 115
# define DSA_R_MISSING_PARAMETERS 101
# define DSA_R_MISSING_PRIVATE_KEY 111
# define DSA_R_MODULUS_TOO_LARGE 103
+# define DSA_R_NON_FIPS_DSA_METHOD 116
# define DSA_R_NO_PARAMETERS_SET 107
-# define DSA_R_NON_FIPS_DSA_METHOD 200
# define DSA_R_PARAMETER_ENCODING_ERROR 105
# define DSA_R_Q_NOT_PRIME 113
# define DSA_R_SEED_LEN_SMALL 110
--- a/include/openssl/ecerr.h
+++ b/include/openssl/ecerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,9 +11,7 @@
#ifndef HEADER_ECERR_H
# define HEADER_ECERR_H
-# ifndef HEADER_SYMHACKS_H
-# include <openssl/symhacks.h>
-# endif
+# include <openssl/symhacks.h>
# include <openssl/opensslconf.h>
@@ -143,6 +141,7 @@ int ERR_load_EC_strings(void);
# define EC_F_EC_KEY_PRINT_FP 181
# define EC_F_EC_KEY_PRIV2BUF 279
# define EC_F_EC_KEY_PRIV2OCT 256
+# define EC_F_EC_KEY_PUBLIC_CHECK 299
# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229
# define EC_F_EC_KEY_SIMPLE_CHECK_KEY 258
# define EC_F_EC_KEY_SIMPLE_OCT2PRIV 259
--- a/include/openssl/evperr.h
+++ b/include/openssl/evperr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -22,15 +22,15 @@ int ERR_load_EVP_strings(void);
* EVP function codes.
*/
# define EVP_F_AESNI_INIT_KEY 165
-# define EVP_F_AESNI_XTS_INIT_KEY 233
+# define EVP_F_AESNI_XTS_INIT_KEY 207
# define EVP_F_AES_GCM_CTRL 196
# define EVP_F_AES_INIT_KEY 133
# define EVP_F_AES_OCB_CIPHER 169
# define EVP_F_AES_T4_INIT_KEY 178
-# define EVP_F_AES_T4_XTS_INIT_KEY 234
+# define EVP_F_AES_T4_XTS_INIT_KEY 208
# define EVP_F_AES_WRAP_CIPHER 170
-# define EVP_F_AES_XTS_CIPHER 229
-# define EVP_F_AES_XTS_INIT_KEY 235
+# define EVP_F_AES_XTS_CIPHER 210
+# define EVP_F_AES_XTS_INIT_KEY 209
# define EVP_F_ALG_MODULE_INIT 177
# define EVP_F_ARIA_CCM_INIT_KEY 175
# define EVP_F_ARIA_GCM_CTRL 197
@@ -146,9 +146,9 @@ int ERR_load_EVP_strings(void);
# define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
# define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
# define EVP_R_DECODE_ERROR 114
-# define EVP_R_DISABLED_FOR_FIPS 200
# define EVP_R_DIFFERENT_KEY_TYPES 101
# define EVP_R_DIFFERENT_PARAMETERS 153
+# define EVP_R_DISABLED_FOR_FIPS 185
# define EVP_R_ERROR_LOADING_SECTION 165
# define EVP_R_ERROR_SETTING_FIPS_MODE 166
# define EVP_R_EXPECTING_AN_HMAC_KEY 174
@@ -184,15 +184,15 @@ int ERR_load_EVP_strings(void);
# define EVP_R_ONLY_ONESHOT_SUPPORTED 177
# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
# define EVP_R_OPERATON_NOT_INITIALIZED 151
-# define EVP_R_PARAMETER_TOO_LARGE 187
# define EVP_R_OUTPUT_WOULD_OVERFLOW 184
+# define EVP_R_PARAMETER_TOO_LARGE 187
# define EVP_R_PARTIALLY_OVERLAPPING 162
# define EVP_R_PBKDF2_ERROR 181
# define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179
# define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
# define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
# define EVP_R_PUBLIC_KEY_NOT_RSA 106
-# define EVP_R_TOO_LARGE 201
+# define EVP_R_TOO_LARGE 186
# define EVP_R_UNKNOWN_CIPHER 160
# define EVP_R_UNKNOWN_DIGEST 161
# define EVP_R_UNKNOWN_OPTION 169
@@ -208,7 +208,6 @@ int ERR_load_EVP_strings(void);
# define EVP_R_UNSUPPORTED_SALT_TYPE 126
# define EVP_R_WRAP_MODE_NOT_ALLOWED 170
# define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
-# define EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE 191
-# define EVP_R_XTS_DUPLICATED_KEYS 192
+# define EVP_R_XTS_DUPLICATED_KEYS 183
#endif
--- a/include/openssl/rsaerr.h
+++ b/include/openssl/rsaerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,9 +11,7 @@
#ifndef HEADER_RSAERR_H
# define HEADER_RSAERR_H
-# ifndef HEADER_SYMHACKS_H
-# include <openssl/symhacks.h>
-# endif
+# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C"
@@ -25,7 +23,7 @@ int ERR_load_RSA_strings(void);
*/
# define RSA_F_CHECK_PADDING_MD 140
# define RSA_F_ENCODE_PKCS1 146
-# define RSA_F_FIPS_RSA_BUILTIN_KEYGEN 206
+# define RSA_F_FIPS_RSA_BUILTIN_KEYGEN 168
# define RSA_F_INT_RSA_VERIFY 145
# define RSA_F_OLD_RSA_PRIV_DECODE 147
# define RSA_F_PKEY_PSS_INIT 165
@@ -40,8 +38,8 @@ int ERR_load_RSA_strings(void);
# define RSA_F_RSA_CHECK_KEY_EX 160
# define RSA_F_RSA_CMS_DECRYPT 159
# define RSA_F_RSA_CMS_VERIFY 158
-# define RSA_F_RSA_GENERATE_KEY_EX 204
-# define RSA_F_RSA_GENERATE_MULTI_PRIME_KEY 207
+# define RSA_F_RSA_GENERATE_KEY_EX 169
+# define RSA_F_RSA_GENERATE_MULTI_PRIME_KEY 170
# define RSA_F_RSA_ITEM_VERIFY 148
# define RSA_F_RSA_METH_DUP 161
# define RSA_F_RSA_METH_NEW 162
@@ -77,18 +75,18 @@ int ERR_load_RSA_strings(void);
# define RSA_F_RSA_PARAM_DECODE 164
# define RSA_F_RSA_PRINT 115
# define RSA_F_RSA_PRINT_FP 116
+# define RSA_F_RSA_PRIVATE_DECRYPT 171
+# define RSA_F_RSA_PRIVATE_ENCRYPT 172
# define RSA_F_RSA_PRIV_DECODE 150
# define RSA_F_RSA_PRIV_ENCODE 138
-# define RSA_F_RSA_PRIVATE_DECRYPT 200
-# define RSA_F_RSA_PRIVATE_ENCRYPT 201
# define RSA_F_RSA_PSS_GET_PARAM 151
# define RSA_F_RSA_PSS_TO_CTX 155
+# define RSA_F_RSA_PUBLIC_DECRYPT 173
+# define RSA_F_RSA_PUBLIC_ENCRYPT 174
# define RSA_F_RSA_PUB_DECODE 139
-# define RSA_F_RSA_PUBLIC_DECRYPT 202
-# define RSA_F_RSA_PUBLIC_ENCRYPT 203
# define RSA_F_RSA_SETUP_BLINDING 136
-# define RSA_F_RSA_SET_DEFAULT_METHOD 205
-# define RSA_F_RSA_SET_METHOD 204
+# define RSA_F_RSA_SET_DEFAULT_METHOD 175
+# define RSA_F_RSA_SET_METHOD 176
# define RSA_F_RSA_SIGN 117
# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
# define RSA_F_RSA_VERIFY 119
@@ -139,19 +137,19 @@ int ERR_load_RSA_strings(void);
# define RSA_R_KEY_PRIME_NUM_INVALID 165
# define RSA_R_KEY_SIZE_TOO_SMALL 120
# define RSA_R_LAST_OCTET_INVALID 134
-# define RSA_R_MISSING_PRIVATE_KEY 179
# define RSA_R_MGF1_DIGEST_NOT_ALLOWED 152
+# define RSA_R_MISSING_PRIVATE_KEY 179
# define RSA_R_MODULUS_TOO_LARGE 105
# define RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R 168
# define RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D 169
# define RSA_R_MP_R_NOT_PRIME 170
+# define RSA_R_NON_FIPS_RSA_METHOD 171
# define RSA_R_NO_PUBLIC_EXPONENT 140
-# define RSA_R_NON_FIPS_RSA_METHOD 200
# define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
# define RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES 172
# define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
# define RSA_R_OAEP_DECODING_ERROR 121
-# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 201
+# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 173
# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
# define RSA_R_PADDING_CHECK_FAILED 114
# define RSA_R_PKCS_DECODING_ERROR 159
@@ -171,7 +169,7 @@ int ERR_load_RSA_strings(void);
# define RSA_R_UNSUPPORTED_LABEL_SOURCE 163
# define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
# define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
-# define RSA_R_UNSUPPORTED_PARAMETERS 202
+# define RSA_R_UNSUPPORTED_PARAMETERS 174
# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
# define RSA_R_VALUE_MISSING 147
# define RSA_R_WRONG_SIGNATURE_LENGTH 119
Reference in New Issue Copy Permalink