Accepting request 730187 from home:vitezslav_cizek:branches:security:tls

- Update to 1.1.1d (bsc#1133925, jsc#SLE-6430) * Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. (bsc#1150247, CVE-2019-1549) * Compute ECC cofactors if not provided during EC_GROUP construction. Before this change, EC_GROUP_set_generator would accept order and/or cofactor as NULL. After this change, only the cofactor parameter can be NULL. (bsc#1150003, CVE-2019-1547) * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey. (bsc#1150250, CVE-2019-1563) * For built-in EC curves, ensure an EC_GROUP built from the curve name is used even when parsing explicit parameters, when loading a serialized key or calling EC_GROUP_new_from_ecpkparameters()/EC_GROUP_new_from_ecparameters(). * Early start up entropy quality from the DEVRANDOM seed source has been improved for older Linux systems. * Changed DH_check to accept parameters with order q and 2q subgroups. With order 2q subgroups the bit 0 of the private key is not secret but DH_generate_key works around that by clearing bit 0 of the private key for those. This avoids leaking bit 0 of the private key. * Significantly reduce secure memory usage by the randomness pools. * Revert the DEVRANDOM_WAIT feature for Linux systems - drop 0001-build_SYS_str_reasons-Fix-a-crash-caused-by-overlong.patch (upstream) - refresh patches * openssl-1.1.0-no-html.patch * openssl-jsc-SLE-8789-backport_KDF.patch OBS-URL: https://build.opensuse.org/request/show/730187 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=43
2019-09-11 15:31:50 +00:00 · 2019-09-11 15:31:50 +00:00 · 0d52304a01
commit 0d52304a01
parent 231804ccdd
9 changed files with 222 additions and 281 deletions
--- a/0001-build_SYS_str_reasons-Fix-a-crash-caused-by-overlong.patch
+++ b/0001-build_SYS_str_reasons-Fix-a-crash-caused-by-overlong.patch
@ -1,79 +0,0 @@
-From fac9200a881a83bef038ebed628ebd409786a1a6 Mon Sep 17 00:00:00 2001
-From: Vitezslav Cizek <vcizek@suse.com>
-Date: Tue, 4 Jun 2019 13:24:59 +0200
-Subject: [PATCH] build_SYS_str_reasons: Fix a crash caused by overlong locales
-
-The 4 kB SPACE_SYS_STR_REASONS in crypto/err/err.c isn't enough for some locales.
-The Russian locales consume 6856 bytes, Ukrainian even 7000.
-
-build_SYS_str_reasons() contains an overflow check:
-
-if (cnt > sizeof(strerror_pool))
-    cnt = sizeof(strerror_pool);
-
-But since commit 9f15e5b911ba6053e09578f190354568e01c07d7 it no longer
-works as cnt is incremented once more after the condition.
-
-cnt greater than sizeof(strerror_pool) results in an unbounded
-OPENSSL_strlcpy() in openssl_strerror_r(), eventually causing a crash.
-
-When the first received error string was empty or contained only
-spaces, cur would move in front of the start of the strerror_pool.
-
-Also don't call openssl_strerror_r when the pool is full.
-
-Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
-Reviewed-by: Richard Levitte <levitte@openssl.org>
-Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
-(Merged from https://github.com/openssl/openssl/pull/8966)
---
- crypto/err/err.c | 16 +++++++++-------
- 1 file changed, 9 insertions(+), 7 deletions(-)
-
-diff --git a/crypto/err/err.c b/crypto/err/err.c
-index 57399f82ad..cf3ae4d3b3 100644
--- a/crypto/err/err.c
-+++ b/crypto/err/err.c
-@@ -188,8 +188,8 @@ static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d)
- }
- 
- #ifndef OPENSSL_NO_ERR
-/* A measurement on Linux 2018-11-21 showed about 3.5kib */
-# define SPACE_SYS_STR_REASONS 4 * 1024
-+/* 2019-05-21: Russian and Ukrainian locales on Linux require more than 6,5 kB */
-+# define SPACE_SYS_STR_REASONS 8 * 1024
- # define NUM_SYS_STR_REASONS 127
- 
- static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
-@@ -223,21 +223,23 @@ static void build_SYS_str_reasons(void)
-         ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
- 
-         str->error = ERR_PACK(ERR_LIB_SYS, 0, i);
-        if (str->string == NULL) {
-+        /*
-+         * If we have used up all the space in strerror_pool,
-+         * there's no point in calling openssl_strerror_r()
-+         */
-+        if (str->string == NULL && cnt < sizeof(strerror_pool)) {
-             if (openssl_strerror_r(i, cur, sizeof(strerror_pool) - cnt)) {
-                 size_t l = strlen(cur);
- 
-                 str->string = cur;
-                 cnt += l;
-                if (cnt > sizeof(strerror_pool))
-                    cnt = sizeof(strerror_pool);
-                 cur += l;
- 
-                 /*
-                  * VMS has an unusual quirk of adding spaces at the end of
-                 * some (most? all?) messages.  Lets trim them off.
-+                 * some (most? all?) messages. Lets trim them off.
-                  */
-                while (ossl_isspace(cur[-1])) {
-+                while (cur > strerror_pool && ossl_isspace(cur[-1])) {
-                     cur--;
-                     cnt--;
-                 }
-- 
-2.21.0
-
--- a/openssl-1.1.0-no-html.patch
+++ b/openssl-1.1.0-no-html.patch
@ -1,7 +1,8 @@
-diff -up openssl-1.1.0-pre5/Configurations/unix-Makefile.tmpl.nohtml openssl-1.1.0-pre5/Configurations/unix-Makefile.tmpl
--- openssl-1.1.0-pre5/Configurations/unix-Makefile.tmpl.no-html	2016-04-19 16:57:52.000000000 +0200
-+++ openssl-1.1.0-pre5/Configurations/unix-Makefile.tmpl	2016-07-18 13:58:55.060106243 +0200
-@@ -288,7 +288,7 @@ install_sw: all install_dev install_engi
+Index: openssl-1.1.1d/Configurations/unix-Makefile.tmpl
+===================================================================
+--- openssl-1.1.1d.orig/Configurations/unix-Makefile.tmpl	2019-09-11 15:38:17.788265421 +0200
+++ openssl-1.1.1d/Configurations/unix-Makefile.tmpl	2019-09-11 15:38:35.640368636 +0200
+@@ -544,7 +544,7 @@ install_sw: install_dev install_engines
 
 uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev
 
@ -9,4 +10,4 @@ diff -up openssl-1.1.0-pre5/Configurations/unix-Makefile.tmpl.nohtml openssl-1.1
 +install_docs: install_man_docs
 
 uninstall_docs: uninstall_man_docs uninstall_html_docs
- 	$(RM) -r -v $(DESTDIR)$(DOCDIR)
+ 	$(RM) -r $(DESTDIR)$(DOCDIR)
--- a/openssl-1.1.1c.tar.gz
+++ b/openssl-1.1.1c.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f6fb3079ad15076154eda9413fed42877d668e7069d9b87396d0804fdb3f4c90
-size 8864262
--- a/openssl-1.1.1c.tar.gz.asc
+++ b/openssl-1.1.1c.tar.gz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEeVOsH7w9yLOykjk+1enkP3357owFAlztM8IACgkQ1enkP335
-7oxQwQ/9G4kkoJC0pat5P4uNBgVyxmXso63Eea91QYGC39BABSL+KpEzfyJtFwqR
-36EAI8f5L5iGRKuBKerWtP8YUZ9Jc0Yf/a1R7sPGKh/0hor6dWhU1fh5x3HCatBC
-TanYbgXgAQhNHQcwVG6qdvHIwtb9so5NtDB0cKNcegoH6D0IOUtQmYrqXiovsc3K
-DwqgUL2ctUvDmroJVE4lQ6zpz239D3UoeSiTWAVGy/GudpQgx/9v6fqwO91/tyWk
-Grlpf2v320dLCbCXrbbW4lPq7IeoIkTgPwnVlyLMrm4Ht+Ck6KPgbUyRaVpSuJum
-6geA9Miczekv3PhPkF2/ltKwRLUt1TmujBdNTAxYXX6VWw32oh5YSQ2wTVZgvCN/
-HJvSW5N2fuEsO8jYX/0RxZjGrbsGyCXtXqElwmETO8JX+wuc6Rd1IFdDKDszUbLh
-HEtMBdb/Dhv//gNkEwrPHw9tLH8nd+B4dCJNC/4+Au54t6SpRT2sV6FVNA4Ytkpu
-O1OCs2cmIuGFBylDDZCSCWG+1U/dUVoqRh0ufg9PcFDdeicp6Q6cqyBNEVNXG7HU
-g7c5zf0XOT7m3+G+d+pPvvzOsZrTKVlOcsAlI7aiqTFFtUUGpHtjm03OP2SKrakb
-bPjVbZWzjvRe3st8+GXdv2/i0SuVZW0mTE+6+pPd1/6VlRGOqmI=
-=+39w
-----END PGP SIGNATURE-----
--- a/openssl-1.1.1d.tar.gz
+++ b/openssl-1.1.1d.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2
+size 8845861
--- a/openssl-1.1.1d.tar.gz.asc
+++ b/openssl-1.1.1d.tar.gz.asc
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCgAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAl13oWoACgkQ2cTSbQ5g
+RJH0Agf+IekQXtSPsrn/5RMgXFGSyK+S1BpFhyoJRvDocVZAxwgvd4F1fcYkFVXH
+5+Q6o6s6tIDb+VkuIajcDxTQvrFoXKWMbsFsu3NBAan5R0OlYINRYtXULg0ZqQv4
+zxclCSLQTpuMyptuGGbg0/8+9IAhGFk2XSA5EEI+SC6lswRQiT7p6dbULj4CvH3m
+7mqovojAAaEJpgfG8b+L+QBJ4XId99uC6tiLM1tTMCsn1ErLsTd366fzEpC1w12a
+V/gWQ1mVs+bmSRySPx8mO4CpHfhAI+sZrSsWG+UXP9Guf9YKHFLJDiSrX7EmvszR
+B+/LvZqce4iCnwCUoIuYhxM6EybDdQ==
+=v5CI
+-----END PGP SIGNATURE-----
--- a/openssl-1_1.changes
+++ b/openssl-1_1.changes
@ -1,3 +1,35 @@
+-------------------------------------------------------------------
+Wed Sep 11 09:32:16 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
+
+- Update to 1.1.1d (bsc#1133925, jsc#SLE-6430)
+  * Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random
+    number generator (RNG). This was intended to include protection in the
+    event of a fork() system call in order to ensure that the parent and child
+    processes did not share the same RNG state. However this protection was not
+    being used in the default case.
+    (bsc#1150247, CVE-2019-1549)
+  * Compute ECC cofactors if not provided during EC_GROUP construction. Before
+    this change, EC_GROUP_set_generator would accept order and/or cofactor as
+    NULL. After this change, only the cofactor parameter can be NULL.
+    (bsc#1150003, CVE-2019-1547)
+  * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey.
+    (bsc#1150250, CVE-2019-1563)
+  * For built-in EC curves, ensure an EC_GROUP built from the curve name is
+    used even when parsing explicit parameters, when loading a serialized key
+    or calling EC_GROUP_new_from_ecpkparameters()/EC_GROUP_new_from_ecparameters().
+  * Early start up entropy quality from the DEVRANDOM seed source has been
+    improved for older Linux systems.
+  * Changed DH_check to accept parameters with order q and 2q subgroups.
+    With order 2q subgroups the bit 0 of the private key is not secret
+    but DH_generate_key works around that by clearing bit 0 of the
+    private key for those. This avoids leaking bit 0 of the private key.
+  * Significantly reduce secure memory usage by the randomness pools.
+  * Revert the DEVRANDOM_WAIT feature for Linux systems
+- drop 0001-build_SYS_str_reasons-Fix-a-crash-caused-by-overlong.patch (upstream)
+- refresh patches
+  * openssl-1.1.0-no-html.patch
+  * openssl-jsc-SLE-8789-backport_KDF.patch
+
 -------------------------------------------------------------------
 Tue Sep 10 19:26:34 UTC 2019 - Jason Sikes <jsikes@suse.com>

--- a/openssl-1_1.spec
+++ b/openssl-1_1.spec
@ -21,7 +21,7 @@
 %define _rname  openssl
 Name:           openssl-1_1
 # Don't forget to update the version in the "openssl" package!
-Version:        1.1.1c
+Version:        1.1.1d
 Release:        0
 Summary:        Secure Sockets and Transport Layer Security
 License:        OpenSSL
@ -43,8 +43,6 @@ Patch3:         openssl-pkgconfig.patch
 Patch4:         openssl-DEFAULT_SUSE_cipher.patch
 Patch5:         openssl-ppc64-config.patch
 Patch6:         openssl-no-date.patch
-# PATCH-FIX-UPSTREAM https://github.com/openssl/openssl/pull/8966
-Patch7:         0001-build_SYS_str_reasons-Fix-a-crash-caused-by-overlong.patch
 # PATCH-FIX-UPSTREAM jsc#SLE-6126 and jsc#SLE-6129
 Patch8:         0001-s390x-assembly-pack-perlasm-support.patch
 Patch9:         0002-crypto-chacha-asm-chacha-s390x.pl-add-vx-code-path.patch
--- a/openssl-jsc-SLE-8789-backport_KDF.patch
+++ b/openssl-jsc-SLE-8789-backport_KDF.patch
@ -1,7 +1,7 @@
-Index: openssl-1.1.1c/crypto/evp/build.info
+Index: openssl-1.1.1d/crypto/evp/build.info
 ===================================================================
--- openssl-1.1.1c.orig/crypto/evp/build.info
-+++ openssl-1.1.1c/crypto/evp/build.info
+--- openssl-1.1.1d.orig/crypto/evp/build.info	2019-09-11 15:52:54.177320463 +0200
+++ openssl-1.1.1d/crypto/evp/build.info	2019-09-11 15:53:13.513431593 +0200
@@ -9,7 +9,8 @@ SOURCE[../../libcrypto]=\
         p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
         bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
@ -12,10 +12,10 @@ Index: openssl-1.1.1c/crypto/evp/build.info
         e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
         e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \
         e_chacha20_poly1305.c cmeth_lib.c
-Index: openssl-1.1.1c/crypto/evp/e_chacha20_poly1305.c
+Index: openssl-1.1.1d/crypto/evp/e_chacha20_poly1305.c
 ===================================================================
--- openssl-1.1.1c.orig/crypto/evp/e_chacha20_poly1305.c
-+++ openssl-1.1.1c/crypto/evp/e_chacha20_poly1305.c
+--- openssl-1.1.1d.orig/crypto/evp/e_chacha20_poly1305.c	2019-09-11 15:52:54.177320463 +0200
+++ openssl-1.1.1d/crypto/evp/e_chacha20_poly1305.c	2019-09-11 15:53:13.513431593 +0200
@@ -14,8 +14,8 @@
 
 # include <openssl/evp.h>
@ -26,10 +26,10 @@ Index: openssl-1.1.1c/crypto/evp/e_chacha20_poly1305.c
 # include "internal/chacha.h"
 
 typedef struct {
-Index: openssl-1.1.1c/crypto/evp/encode.c
+Index: openssl-1.1.1d/crypto/evp/encode.c
 ===================================================================
--- openssl-1.1.1c.orig/crypto/evp/encode.c
-+++ openssl-1.1.1c/crypto/evp/encode.c
+--- openssl-1.1.1d.orig/crypto/evp/encode.c	2019-09-11 15:52:54.181320486 +0200
+++ openssl-1.1.1d/crypto/evp/encode.c	2019-09-11 15:53:13.513431593 +0200
@@ -11,8 +11,8 @@
 #include <limits.h>
 #include "internal/cryptlib.h"
@ -40,10 +40,10 @@ Index: openssl-1.1.1c/crypto/evp/encode.c
 
 static unsigned char conv_ascii2bin(unsigned char a,
                                     const unsigned char *table);
-Index: openssl-1.1.1c/crypto/evp/evp_locl.h
+Index: openssl-1.1.1d/crypto/evp/evp_locl.h
 ===================================================================
--- openssl-1.1.1c.orig/crypto/evp/evp_locl.h
-+++ openssl-1.1.1c/crypto/evp/evp_locl.h
+--- openssl-1.1.1d.orig/crypto/evp/evp_locl.h	2019-09-11 15:52:54.181320486 +0200
+++ openssl-1.1.1d/crypto/evp/evp_locl.h	2019-09-11 15:53:13.513431593 +0200
@@ -41,6 +41,11 @@ struct evp_cipher_ctx_st {
     unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */
 } /* EVP_CIPHER_CTX */ ;
@ -56,10 +56,10 @@ Index: openssl-1.1.1c/crypto/evp/evp_locl.h
 int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
                              int passlen, ASN1_TYPE *param,
                              const EVP_CIPHER *c, const EVP_MD *md,
-Index: openssl-1.1.1c/crypto/evp/evp_pbe.c
+Index: openssl-1.1.1d/crypto/evp/evp_pbe.c
 ===================================================================
--- openssl-1.1.1c.orig/crypto/evp/evp_pbe.c
-+++ openssl-1.1.1c/crypto/evp/evp_pbe.c
+--- openssl-1.1.1d.orig/crypto/evp/evp_pbe.c	2019-09-11 15:52:54.181320486 +0200
+++ openssl-1.1.1d/crypto/evp/evp_pbe.c	2019-09-11 15:53:13.513431593 +0200
@@ -12,6 +12,7 @@
 #include <openssl/evp.h>
 #include <openssl/pkcs12.h>
@ -68,10 +68,10 @@ Index: openssl-1.1.1c/crypto/evp/evp_pbe.c
 #include "evp_locl.h"
 
 /* Password based encryption (PBE) functions */
-Index: openssl-1.1.1c/crypto/evp/kdf_lib.c
+Index: openssl-1.1.1d/crypto/evp/kdf_lib.c
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/crypto/evp/kdf_lib.c
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/crypto/evp/kdf_lib.c	2019-09-11 15:53:13.513431593 +0200
@@ -0,0 +1,166 @@
 +/*
 + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
@ -239,10 +239,10 @@ Index: openssl-1.1.1c/crypto/evp/kdf_lib.c
 +    return ctx->kmeth->derive(ctx->impl, key, keylen);
 +}
 +
-Index: openssl-1.1.1c/crypto/evp/p5_crpt2.c
+Index: openssl-1.1.1d/crypto/evp/p5_crpt2.c
 ===================================================================
--- openssl-1.1.1c.orig/crypto/evp/p5_crpt2.c
-+++ openssl-1.1.1c/crypto/evp/p5_crpt2.c
+--- openssl-1.1.1d.orig/crypto/evp/p5_crpt2.c	2019-09-11 15:52:54.181320486 +0200
+++ openssl-1.1.1d/crypto/evp/p5_crpt2.c	2019-09-11 15:53:13.513431593 +0200
@@ -10,10 +10,12 @@
 #include <stdio.h>
 #include <stdlib.h>
@ -381,10 +381,10 @@ Index: openssl-1.1.1c/crypto/evp/p5_crpt2.c
 }
 
 int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
-Index: openssl-1.1.1c/crypto/evp/pkey_kdf.c
+Index: openssl-1.1.1d/crypto/evp/pkey_kdf.c
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/crypto/evp/pkey_kdf.c
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/crypto/evp/pkey_kdf.c	2019-09-11 15:53:13.513431593 +0200
@@ -0,0 +1,255 @@
 +/*
 + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
@ -641,10 +641,10 @@ Index: openssl-1.1.1c/crypto/evp/pkey_kdf.c
 +    pkey_kdf_ctrl_str
 +};
 +
-Index: openssl-1.1.1c/crypto/include/internal/evp_int.h
+Index: openssl-1.1.1d/crypto/include/internal/evp_int.h
 ===================================================================
--- openssl-1.1.1c.orig/crypto/include/internal/evp_int.h
-+++ openssl-1.1.1c/crypto/include/internal/evp_int.h
+--- openssl-1.1.1d.orig/crypto/include/internal/evp_int.h	2019-09-11 15:52:54.181320486 +0200
+++ openssl-1.1.1d/crypto/include/internal/evp_int.h	2019-09-11 15:53:13.513431593 +0200
@@ -112,6 +112,25 @@ extern const EVP_PKEY_METHOD hkdf_pkey_m
 extern const EVP_PKEY_METHOD poly1305_pkey_meth;
 extern const EVP_PKEY_METHOD siphash_pkey_meth;
@ -671,19 +671,19 @@ Index: openssl-1.1.1c/crypto/include/internal/evp_int.h
 struct evp_md_st {
     int type;
     int pkey_type;
-Index: openssl-1.1.1c/crypto/kdf/build.info
+Index: openssl-1.1.1d/crypto/kdf/build.info
 ===================================================================
--- openssl-1.1.1c.orig/crypto/kdf/build.info
-+++ openssl-1.1.1c/crypto/kdf/build.info
+--- openssl-1.1.1d.orig/crypto/kdf/build.info	2019-09-11 15:52:54.181320486 +0200
+++ openssl-1.1.1d/crypto/kdf/build.info	2019-09-11 15:53:13.513431593 +0200
@@ -1,3 +1,3 @@
 LIBS=../../libcrypto
 SOURCE[../../libcrypto]=\
 -        tls1_prf.c kdf_err.c hkdf.c scrypt.c
 +	tls1_prf.c kdf_err.c kdf_util.c hkdf.c sshkdf.c scrypt.c pbkdf2.c
-Index: openssl-1.1.1c/crypto/kdf/hkdf.c
+Index: openssl-1.1.1d/crypto/kdf/hkdf.c
 ===================================================================
--- openssl-1.1.1c.orig/crypto/kdf/hkdf.c
-+++ openssl-1.1.1c/crypto/kdf/hkdf.c
+--- openssl-1.1.1d.orig/crypto/kdf/hkdf.c	2019-09-11 15:52:54.181320486 +0200
+++ openssl-1.1.1d/crypto/kdf/hkdf.c	2019-09-11 15:53:13.513431593 +0200
@@ -8,32 +8,33 @@
  */
 
@ -1150,10 +1150,10 @@ Index: openssl-1.1.1c/crypto/kdf/hkdf.c
 
  err:
     OPENSSL_cleanse(prev, sizeof(prev));
-Index: openssl-1.1.1c/crypto/kdf/kdf_local.h
+Index: openssl-1.1.1d/crypto/kdf/kdf_local.h
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/crypto/kdf/kdf_local.h
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/crypto/kdf/kdf_local.h	2019-09-11 15:53:13.513431593 +0200
@@ -0,0 +1,22 @@
 +/*
 + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
@ -1177,10 +1177,10 @@ Index: openssl-1.1.1c/crypto/kdf/kdf_local.h
 +                int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
 +                int cmd, const char *md_name);
 +
-Index: openssl-1.1.1c/crypto/kdf/kdf_util.c
+Index: openssl-1.1.1d/crypto/kdf/kdf_util.c
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/crypto/kdf/kdf_util.c
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/crypto/kdf/kdf_util.c	2019-09-11 15:53:13.513431593 +0200
@@ -0,0 +1,73 @@
 +/*
 + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
@ -1255,10 +1255,10 @@ Index: openssl-1.1.1c/crypto/kdf/kdf_util.c
 +    return call_ctrl(ctrl, impl, cmd, md);
 +}
 +
-Index: openssl-1.1.1c/crypto/kdf/pbkdf2.c
+Index: openssl-1.1.1d/crypto/kdf/pbkdf2.c
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/crypto/kdf/pbkdf2.c
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/crypto/kdf/pbkdf2.c	2019-09-11 15:53:13.513431593 +0200
@@ -0,0 +1,264 @@
 +/*
 + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
@ -1524,10 +1524,10 @@ Index: openssl-1.1.1c/crypto/kdf/pbkdf2.c
 +    HMAC_CTX_free(hctx_tpl);
 +    return ret;
 +}
-Index: openssl-1.1.1c/crypto/kdf/scrypt.c
+Index: openssl-1.1.1d/crypto/kdf/scrypt.c
 ===================================================================
--- openssl-1.1.1c.orig/crypto/kdf/scrypt.c
-+++ openssl-1.1.1c/crypto/kdf/scrypt.c
+--- openssl-1.1.1d.orig/crypto/kdf/scrypt.c	2019-09-11 15:52:54.185320508 +0200
+++ openssl-1.1.1d/crypto/kdf/scrypt.c	2019-09-11 15:53:13.513431593 +0200
@@ -8,25 +8,34 @@
  */
 
@ -2116,10 +2116,10 @@ Index: openssl-1.1.1c/crypto/kdf/scrypt.c
 +}
 
 #endif
-Index: openssl-1.1.1c/crypto/kdf/sshkdf.c
+Index: openssl-1.1.1d/crypto/kdf/sshkdf.c
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/crypto/kdf/sshkdf.c
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/crypto/kdf/sshkdf.c	2019-09-11 15:53:13.513431593 +0200
@@ -0,0 +1,288 @@
 +/*
 + * Copyright 2018-2018 The OpenSSL Project Authors. All Rights Reserved.
@ -2409,10 +2409,10 @@ Index: openssl-1.1.1c/crypto/kdf/sshkdf.c
 +    return ret;
 +}
 +
-Index: openssl-1.1.1c/crypto/kdf/tls1_prf.c
+Index: openssl-1.1.1d/crypto/kdf/tls1_prf.c
 ===================================================================
--- openssl-1.1.1c.orig/crypto/kdf/tls1_prf.c
-+++ openssl-1.1.1c/crypto/kdf/tls1_prf.c
+--- openssl-1.1.1d.orig/crypto/kdf/tls1_prf.c	2019-09-11 15:52:54.185320508 +0200
+++ openssl-1.1.1d/crypto/kdf/tls1_prf.c	2019-09-11 15:53:13.513431593 +0200
@@ -8,10 +8,15 @@
  */
 
@ -2681,11 +2681,11 @@ Index: openssl-1.1.1c/crypto/kdf/tls1_prf.c
     if (EVP_MD_type(md) == NID_md5_sha1) {
         size_t i;
         unsigned char *tmp;
-Index: openssl-1.1.1c/include/openssl/evperr.h
+Index: openssl-1.1.1d/include/openssl/evperr.h
 ===================================================================
--- openssl-1.1.1c.orig/include/openssl/evperr.h
-+++ openssl-1.1.1c/include/openssl/evperr.h
-@@ -50,6 +50,9 @@ int ERR_load_EVP_strings(void);
+--- openssl-1.1.1d.orig/include/openssl/evperr.h	2019-09-11 15:52:54.185320508 +0200
+++ openssl-1.1.1d/include/openssl/evperr.h	2019-09-11 15:55:36.806255073 +0200
+@@ -57,6 +57,9 @@ int ERR_load_EVP_strings(void);
 # define EVP_F_EVP_ENCRYPTDECRYPTUPDATE                   219
 # define EVP_F_EVP_ENCRYPTFINAL_EX                        127
 # define EVP_F_EVP_ENCRYPTUPDATE                          167
@ -2695,7 +2695,7 @@ Index: openssl-1.1.1c/include/openssl/evperr.h
 # define EVP_F_EVP_MD_CTX_COPY_EX                         110
 # define EVP_F_EVP_MD_SIZE                                162
 # define EVP_F_EVP_OPENINIT                               102
-@@ -112,11 +115,13 @@ int ERR_load_EVP_strings(void);
+@@ -119,12 +122,14 @@ int ERR_load_EVP_strings(void);
 # define EVP_F_PKCS5_V2_PBE_KEYIVGEN                      118
 # define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN                   164
 # define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN                   180
@ -2703,13 +2703,14 @@ Index: openssl-1.1.1c/include/openssl/evperr.h
 # define EVP_F_PKEY_SET_TYPE                              158
 # define EVP_F_RC2_MAGIC_TO_METH                          109
 # define EVP_F_RC5_CTRL                                   125
+ # define EVP_F_R_32_12_16_INIT_KEY                        242
 # define EVP_F_S390X_AES_GCM_CTRL                         201
 # define EVP_F_UPDATE                                     173
 +# define EVP_F_SCRYPT_ALG                                 228
 
 /*
  * EVP reason codes.
-@@ -169,6 +174,7 @@ int ERR_load_EVP_strings(void);
+@@ -178,6 +183,7 @@ int ERR_load_EVP_strings(void);
 # define EVP_R_ONLY_ONESHOT_SUPPORTED                     177
 # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   150
 # define EVP_R_OPERATON_NOT_INITIALIZED                   151
@ -2717,10 +2718,10 @@ Index: openssl-1.1.1c/include/openssl/evperr.h
 # define EVP_R_PARTIALLY_OVERLAPPING                      162
 # define EVP_R_PBKDF2_ERROR                               181
 # define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179
-Index: openssl-1.1.1c/include/openssl/kdf.h
+Index: openssl-1.1.1d/include/openssl/kdf.h
 ===================================================================
--- openssl-1.1.1c.orig/include/openssl/kdf.h
-+++ openssl-1.1.1c/include/openssl/kdf.h
+--- openssl-1.1.1d.orig/include/openssl/kdf.h	2019-09-11 15:52:54.185320508 +0200
+++ openssl-1.1.1d/include/openssl/kdf.h	2019-09-11 15:53:13.517431615 +0200
@@ -11,10 +11,61 @@
 # define HEADER_KDF_H
 
@ -2799,11 +2800,11 @@ Index: openssl-1.1.1c/include/openssl/kdf.h
 
 # define EVP_PKEY_CTX_set_tls1_prf_md(pctx, md) \
             EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
-Index: openssl-1.1.1c/include/openssl/kdferr.h
+Index: openssl-1.1.1d/include/openssl/kdferr.h
 ===================================================================
--- openssl-1.1.1c.orig/include/openssl/kdferr.h
-+++ openssl-1.1.1c/include/openssl/kdferr.h
-@@ -31,6 +31,28 @@ int ERR_load_KDF_strings(void);
+--- openssl-1.1.1d.orig/include/openssl/kdferr.h	2019-09-11 15:52:54.185320508 +0200
+++ openssl-1.1.1d/include/openssl/kdferr.h	2019-09-11 15:53:13.517431615 +0200
+@@ -35,6 +35,28 @@ int ERR_load_KDF_strings(void);
 # define KDF_F_PKEY_TLS1_PRF_DERIVE                       101
 # define KDF_F_PKEY_TLS1_PRF_INIT                         110
 # define KDF_F_TLS1_PRF_ALG                               111
@ -2832,7 +2833,7 @@ Index: openssl-1.1.1c/include/openssl/kdferr.h
 
 /*
  * KDF reason codes.
-@@ -47,5 +69,9 @@ int ERR_load_KDF_strings(void);
+@@ -51,5 +73,9 @@ int ERR_load_KDF_strings(void);
 # define KDF_R_UNKNOWN_PARAMETER_TYPE                     103
 # define KDF_R_VALUE_ERROR                                108
 # define KDF_R_VALUE_MISSING                              102
@ -2842,10 +2843,10 @@ Index: openssl-1.1.1c/include/openssl/kdferr.h
 +# define KDF_R_MISSING_XCGHASH                            115
 
 #endif
-Index: openssl-1.1.1c/include/openssl/obj_mac.h
+Index: openssl-1.1.1d/include/openssl/obj_mac.h
 ===================================================================
--- openssl-1.1.1c.orig/include/openssl/obj_mac.h
-+++ openssl-1.1.1c/include/openssl/obj_mac.h
+--- openssl-1.1.1d.orig/include/openssl/obj_mac.h	2019-09-11 15:52:54.189320532 +0200
+++ openssl-1.1.1d/include/openssl/obj_mac.h	2019-09-11 15:53:13.517431615 +0200
@@ -4970,6 +4970,10 @@
 #define LN_hkdf         "hkdf"
 #define NID_hkdf                1036
@ -2857,10 +2858,10 @@ Index: openssl-1.1.1c/include/openssl/obj_mac.h
 #define SN_id_pkinit            "id-pkinit"
 #define NID_id_pkinit           1031
 #define OBJ_id_pkinit           1L,3L,6L,1L,5L,2L,3L
-Index: openssl-1.1.1c/include/openssl/ossl_typ.h
+Index: openssl-1.1.1d/include/openssl/ossl_typ.h
 ===================================================================
--- openssl-1.1.1c.orig/include/openssl/ossl_typ.h
-+++ openssl-1.1.1c/include/openssl/ossl_typ.h
+--- openssl-1.1.1d.orig/include/openssl/ossl_typ.h	2019-09-11 15:52:54.189320532 +0200
+++ openssl-1.1.1d/include/openssl/ossl_typ.h	2019-09-11 15:53:13.517431615 +0200
@@ -97,6 +97,8 @@ typedef struct evp_pkey_asn1_method_st E
 typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
 typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
@ -2870,10 +2871,10 @@ Index: openssl-1.1.1c/include/openssl/ossl_typ.h
 typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX;
 
 typedef struct hmac_ctx_st HMAC_CTX;
-Index: openssl-1.1.1c/test/recipes/30-test_evp.t
+Index: openssl-1.1.1d/test/recipes/30-test_evp.t
 ===================================================================
--- openssl-1.1.1c.orig/test/recipes/30-test_evp.t
-+++ openssl-1.1.1c/test/recipes/30-test_evp.t
+--- openssl-1.1.1d.orig/test/recipes/30-test_evp.t	2019-09-11 15:52:54.189320532 +0200
+++ openssl-1.1.1d/test/recipes/30-test_evp.t	2019-09-11 15:53:13.517431615 +0200
@@ -15,8 +15,8 @@ use OpenSSL::Test qw/:DEFAULT data_file/
 setup("test_evp");
 
@ -2885,10 +2886,10 @@ Index: openssl-1.1.1c/test/recipes/30-test_evp.t
 
 plan tests => scalar(@files);
 
-Index: openssl-1.1.1c/test/recipes/30-test_evp_data/evppkey_kdf.txt
+Index: openssl-1.1.1d/test/recipes/30-test_evp_data/evppkey_kdf.txt
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/test/recipes/30-test_evp_data/evppkey_kdf.txt
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/test/recipes/30-test_evp_data/evppkey_kdf.txt	2019-09-11 15:53:13.517431615 +0200
@@ -0,0 +1,305 @@
 +#
 +# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
@ -3195,10 +3196,10 @@ Index: openssl-1.1.1c/test/recipes/30-test_evp_data/evppkey_kdf.txt
 +Ctrl.p = p:1
 +Result = INTERNAL_ERROR
 +
-Index: openssl-1.1.1c/test/recipes/30-test_evp_data/evpkdf.txt
+Index: openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt
 ===================================================================
--- openssl-1.1.1c.orig/test/recipes/30-test_evp_data/evpkdf.txt
-+++ openssl-1.1.1c/test/recipes/30-test_evp_data/evpkdf.txt
+--- openssl-1.1.1d.orig/test/recipes/30-test_evp_data/evpkdf.txt	2019-09-11 15:52:54.193320554 +0200
+++ openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt	2019-09-11 15:53:13.521431638 +0200
@@ -1,5 +1,5 @@
 #
 -# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
@ -8438,10 +8439,10 @@ Index: openssl-1.1.1c/test/recipes/30-test_evp_data/evpkdf.txt
 +Ctrl.type = type:A
 +Output = FF
 +Result = KDF_MISMATCH
-Index: openssl-1.1.1c/test/evp_kdf_test.c
+Index: openssl-1.1.1d/test/evp_kdf_test.c
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/test/evp_kdf_test.c
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/test/evp_kdf_test.c	2019-09-11 15:53:13.521431638 +0200
@@ -0,0 +1,237 @@
 +/*
 + * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
@ -8680,11 +8681,11 @@ Index: openssl-1.1.1c/test/evp_kdf_test.c
 +#endif
 +    return 1;
 +}
-Index: openssl-1.1.1c/test/evp_test.c
+Index: openssl-1.1.1d/test/evp_test.c
 ===================================================================
--- openssl-1.1.1c.orig/test/evp_test.c
-+++ openssl-1.1.1c/test/evp_test.c
-@@ -1689,7 +1689,7 @@ static const EVP_TEST_METHOD encode_test
+--- openssl-1.1.1d.orig/test/evp_test.c	2019-09-11 15:52:54.193320554 +0200
+++ openssl-1.1.1d/test/evp_test.c	2019-09-11 15:53:13.521431638 +0200
+@@ -1711,7 +1711,7 @@ static const EVP_TEST_METHOD encode_test
 
 typedef struct kdf_data_st {
     /* Context for this operation */
@ -8693,7 +8694,7 @@ Index: openssl-1.1.1c/test/evp_test.c
     /* Expected output */
     unsigned char *output;
     size_t output_len;
-@@ -1716,16 +1716,11 @@ static int kdf_test_init(EVP_TEST *t, co
+@@ -1738,16 +1738,11 @@ static int kdf_test_init(EVP_TEST *t, co
 
     if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
         return 0;
@ -8711,7 +8712,7 @@ Index: openssl-1.1.1c/test/evp_test.c
     t->data = kdata;
     return 1;
 }
-@@ -1734,7 +1729,42 @@ static void kdf_test_cleanup(EVP_TEST *t
+@@ -1756,7 +1751,42 @@ static void kdf_test_cleanup(EVP_TEST *t
 {
     KDF_DATA *kdata = t->data;
     OPENSSL_free(kdata->output);
@ -8755,7 +8756,7 @@ Index: openssl-1.1.1c/test/evp_test.c
 }
 
 static int kdf_test_parse(EVP_TEST *t,
-@@ -1745,7 +1775,7 @@ static int kdf_test_parse(EVP_TEST *t,
+@@ -1767,7 +1797,7 @@ static int kdf_test_parse(EVP_TEST *t,
     if (strcmp(keyword, "Output") == 0)
         return parse_bin(value, &kdata->output, &kdata->output_len);
     if (strncmp(keyword, "Ctrl", 4) == 0)
@ -8764,7 +8765,7 @@ Index: openssl-1.1.1c/test/evp_test.c
     return 0;
 }
 
-@@ -1759,7 +1789,7 @@ static int kdf_test_run(EVP_TEST *t)
+@@ -1781,7 +1811,7 @@ static int kdf_test_run(EVP_TEST *t)
         t->err = "INTERNAL_ERROR";
         goto err;
     }
@ -8773,7 +8774,7 @@ Index: openssl-1.1.1c/test/evp_test.c
         t->err = "KDF_DERIVE_ERROR";
         goto err;
     }
-@@ -1785,6 +1815,106 @@ static const EVP_TEST_METHOD kdf_test_me
+@@ -1807,6 +1837,106 @@ static const EVP_TEST_METHOD kdf_test_me
 
 
 /**
@ -8880,7 +8881,7 @@ Index: openssl-1.1.1c/test/evp_test.c
 ***  KEYPAIR TESTS
 **/
 
-@@ -2288,6 +2418,7 @@ static const EVP_TEST_METHOD *evp_test_l
+@@ -2310,6 +2440,7 @@ static const EVP_TEST_METHOD *evp_test_l
     &digestverify_test_method,
     &encode_test_method,
     &kdf_test_method,
@ -8888,11 +8889,11 @@ Index: openssl-1.1.1c/test/evp_test.c
     &keypair_test_method,
     &keygen_test_method,
     &mac_test_method,
-Index: openssl-1.1.1c/test/build.info
+Index: openssl-1.1.1d/test/build.info
 ===================================================================
--- openssl-1.1.1c.orig/test/build.info
-+++ openssl-1.1.1c/test/build.info
-@@ -43,7 +43,8 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I
+--- openssl-1.1.1d.orig/test/build.info	2019-09-11 15:52:54.193320554 +0200
+++ openssl-1.1.1d/test/build.info	2019-09-11 15:53:13.521431638 +0200
+@@ -44,7 +44,8 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I
           ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \
           bio_callback_test bio_memleak_test \
           bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \
@ -8902,7 +8903,7 @@ Index: openssl-1.1.1c/test/build.info
           asn1_encode_test asn1_decode_test asn1_string_table_test \
           x509_time_test x509_dup_cert_test x509_check_cert_pkey_test \
           recordlentest drbgtest sslbuffertest \
-@@ -335,6 +336,10 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I
+@@ -336,6 +337,10 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I
   INCLUDE[pkey_meth_kdf_test]=../include
   DEPEND[pkey_meth_kdf_test]=../libcrypto libtestutil.a
 
@ -8913,10 +8914,10 @@ Index: openssl-1.1.1c/test/build.info
   SOURCE[x509_time_test]=x509_time_test.c
   INCLUDE[x509_time_test]=../include
   DEPEND[x509_time_test]=../libcrypto libtestutil.a
-Index: openssl-1.1.1c/test/pkey_meth_kdf_test.c
+Index: openssl-1.1.1d/test/pkey_meth_kdf_test.c
 ===================================================================
--- openssl-1.1.1c.orig/test/pkey_meth_kdf_test.c
-+++ openssl-1.1.1c/test/pkey_meth_kdf_test.c
+--- openssl-1.1.1d.orig/test/pkey_meth_kdf_test.c	2019-09-11 15:52:54.193320554 +0200
+++ openssl-1.1.1d/test/pkey_meth_kdf_test.c	2019-09-11 15:53:13.521431638 +0200
@@ -1,5 +1,5 @@
 /*
 - * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
@ -9120,10 +9121,10 @@ Index: openssl-1.1.1c/test/pkey_meth_kdf_test.c
 }
 #endif
 
-Index: openssl-1.1.1c/test/recipes/30-test_evp_kdf.t
+Index: openssl-1.1.1d/test/recipes/30-test_evp_kdf.t
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/test/recipes/30-test_evp_kdf.t
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/test/recipes/30-test_evp_kdf.t	2019-09-11 15:53:13.521431638 +0200
@@ -0,0 +1,13 @@
 +#! /usr/bin/env perl
 +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
@ -9138,26 +9139,26 @@ Index: openssl-1.1.1c/test/recipes/30-test_evp_kdf.t
 +use OpenSSL::Test::Simple;
 +
 +simple_test("test_evp_kdf", "evp_kdf_test");
-Index: openssl-1.1.1c/util/libcrypto.num
+Index: openssl-1.1.1d/util/libcrypto.num
 ===================================================================
--- openssl-1.1.1c.orig/util/libcrypto.num
-+++ openssl-1.1.1c/util/libcrypto.num
-@@ -4580,3 +4580,11 @@ EVP_PKEY_meth_get_digest_custom
- OPENSSL_INIT_set_config_filename        4534	1_1_1b	EXIST::FUNCTION:STDIO
- OPENSSL_INIT_set_config_file_flags      4535	1_1_1b	EXIST::FUNCTION:STDIO
+--- openssl-1.1.1d.orig/util/libcrypto.num	2019-09-11 15:53:13.525431662 +0200
+++ openssl-1.1.1d/util/libcrypto.num	2019-09-11 15:58:08.483126793 +0200
+@@ -4582,3 +4582,11 @@ OPENSSL_INIT_set_config_file_flags
 EVP_PKEY_get0_engine                    4536	1_1_1c	EXIST::FUNCTION:ENGINE
-+EVP_KDF_CTX_new_id                      4537	1_1_1c	EXIST::FUNCTION:
-+EVP_KDF_CTX_free                        4538	1_1_1c	EXIST::FUNCTION:
-+EVP_KDF_reset                           4539	1_1_1c	EXIST::FUNCTION:
-+EVP_KDF_ctrl                            4540	1_1_1c	EXIST::FUNCTION:
-+EVP_KDF_vctrl                           4541	1_1_1c	EXIST::FUNCTION:
-+EVP_KDF_ctrl_str                        4542	1_1_1c	EXIST::FUNCTION:
-+EVP_KDF_size                            4543	1_1_1c	EXIST::FUNCTION:
-+EVP_KDF_derive                          4544	1_1_1c	EXIST::FUNCTION:
-Index: openssl-1.1.1c/util/private.num
+ X509_get0_authority_serial              4537	1_1_1d	EXIST::FUNCTION:
+ X509_get0_authority_issuer              4538	1_1_1d	EXIST::FUNCTION:
+EVP_KDF_CTX_new_id                      4539	1_1_1d	EXIST::FUNCTION:
+EVP_KDF_CTX_free                        4540	1_1_1d	EXIST::FUNCTION:
+EVP_KDF_reset                           4541	1_1_1d	EXIST::FUNCTION:
+EVP_KDF_ctrl                            4542	1_1_1d	EXIST::FUNCTION:
+EVP_KDF_vctrl                           4543	1_1_1d	EXIST::FUNCTION:
+EVP_KDF_ctrl_str                        4544	1_1_1d	EXIST::FUNCTION:
+EVP_KDF_size                            4545	1_1_1d	EXIST::FUNCTION:
+EVP_KDF_derive                          4546	1_1_1d	EXIST::FUNCTION:
+Index: openssl-1.1.1d/util/private.num
 ===================================================================
--- openssl-1.1.1c.orig/util/private.num
-+++ openssl-1.1.1c/util/private.num
+--- openssl-1.1.1d.orig/util/private.num	2019-09-11 15:52:54.197320577 +0200
+++ openssl-1.1.1d/util/private.num	2019-09-11 15:53:13.525431662 +0200
@@ -21,6 +21,7 @@ CRYPTO_EX_dup
 CRYPTO_EX_free                          datatype
 CRYPTO_EX_new                           datatype
@ -9166,19 +9167,11 @@ Index: openssl-1.1.1c/util/private.num
 EVP_PKEY_gen_cb                         datatype
 EVP_PKEY_METHOD                         datatype
 EVP_PKEY_ASN1_METHOD                    datatype
-Index: openssl-1.1.1c/crypto/evp/evp_err.c
+Index: openssl-1.1.1d/crypto/evp/evp_err.c
 ===================================================================
--- openssl-1.1.1c.orig/crypto/evp/evp_err.c
-+++ openssl-1.1.1c/crypto/evp/evp_err.c
-@@ -1,6 +1,6 @@
- /*
-  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
-+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
-  *
-  * Licensed under the OpenSSL license (the "License").  You may not use
-  * this file except in compliance with the License.  You can obtain a copy
-@@ -55,6 +55,9 @@ static const ERR_STRING_DATA EVP_str_fun
+--- openssl-1.1.1d.orig/crypto/evp/evp_err.c	2019-09-10 15:13:07.000000000 +0200
+++ openssl-1.1.1d/crypto/evp/evp_err.c	2019-09-11 15:58:49.675363525 +0200
+@@ -59,6 +59,9 @@ static const ERR_STRING_DATA EVP_str_fun
     {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, 0),
      "EVP_EncryptFinal_ex"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTUPDATE, 0), "EVP_EncryptUpdate"},
@ -9188,20 +9181,21 @@ Index: openssl-1.1.1c/crypto/evp/evp_err.c
     {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_CTX_COPY_EX, 0), "EVP_MD_CTX_copy_ex"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_SIZE, 0), "EVP_MD_size"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_OPENINIT, 0), "EVP_OpenInit"},
-@@ -146,10 +149,12 @@ static const ERR_STRING_DATA EVP_str_fun
-      "PKCS5_v2_PBKDF2_keyivgen"},
+@@ -151,11 +154,13 @@ static const ERR_STRING_DATA EVP_str_fun
     {ERR_PACK(ERR_LIB_EVP, EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN, 0),
      "PKCS5_v2_scrypt_keyivgen"},
-+    {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_KDF_CTRL, 0), "pkey_kdf_ctrl"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_SET_TYPE, 0), "pkey_set_type"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_KDF_CTRL, 0), "pkey_kdf_ctrl"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_RC2_MAGIC_TO_METH, 0), "rc2_magic_to_meth"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_RC5_CTRL, 0), "rc5_ctrl"},
+     {ERR_PACK(ERR_LIB_EVP, EVP_F_R_32_12_16_INIT_KEY, 0),
+      "r_32_12_16_init_key"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_S390X_AES_GCM_CTRL, 0), "s390x_aes_gcm_ctrl"},
 +    {ERR_PACK(ERR_LIB_EVP, EVP_F_SCRYPT_ALG, 0), "scrypt_alg"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_UPDATE, 0), "update"},
     {0, NULL}
 };
-@@ -230,7 +235,9 @@ static const ERR_STRING_DATA EVP_str_rea
+@@ -237,7 +242,9 @@ static const ERR_STRING_DATA EVP_str_rea
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
     "operation not supported for this keytype"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED),
@ -9212,10 +9206,10 @@ Index: openssl-1.1.1c/crypto/evp/evp_err.c
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING),
     "partially overlapping buffers"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"},
-Index: openssl-1.1.1c/crypto/evp/pbe_scrypt.c
+Index: openssl-1.1.1d/crypto/evp/pbe_scrypt.c
 ===================================================================
--- openssl-1.1.1c.orig/crypto/evp/pbe_scrypt.c
-+++ openssl-1.1.1c/crypto/evp/pbe_scrypt.c
+--- openssl-1.1.1d.orig/crypto/evp/pbe_scrypt.c	2019-09-11 15:52:54.197320577 +0200
+++ openssl-1.1.1d/crypto/evp/pbe_scrypt.c	2019-09-11 15:53:13.525431662 +0200
@@ -7,135 +7,12 @@
  * https://www.openssl.org/source/license.html
  */
@ -9484,10 +9478,10 @@ Index: openssl-1.1.1c/crypto/evp/pbe_scrypt.c
 }
 +
 #endif
-Index: openssl-1.1.1c/crypto/kdf/kdf_err.c
+Index: openssl-1.1.1d/crypto/kdf/kdf_err.c
 ===================================================================
--- openssl-1.1.1c.orig/crypto/kdf/kdf_err.c
-+++ openssl-1.1.1c/crypto/kdf/kdf_err.c
+--- openssl-1.1.1d.orig/crypto/kdf/kdf_err.c	2019-09-11 15:52:54.197320577 +0200
+++ openssl-1.1.1d/crypto/kdf/kdf_err.c	2019-09-11 15:53:13.525431662 +0200
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
@ -9555,10 +9549,10 @@ Index: openssl-1.1.1c/crypto/kdf/kdf_err.c
     {0, NULL}
 };
 
-Index: openssl-1.1.1c/crypto/objects/obj_dat.h
+Index: openssl-1.1.1d/crypto/objects/obj_dat.h
 ===================================================================
--- openssl-1.1.1c.orig/crypto/objects/obj_dat.h
-+++ openssl-1.1.1c/crypto/objects/obj_dat.h
+--- openssl-1.1.1d.orig/crypto/objects/obj_dat.h	2019-09-11 15:52:54.197320577 +0200
+++ openssl-1.1.1d/crypto/objects/obj_dat.h	2019-09-11 15:53:13.525431662 +0200
@@ -1078,7 +1078,7 @@ static const unsigned char so[7762] = {
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D,       /* [ 7753] OBJ_hmacWithSHA512_256 */
 };
@ -9605,19 +9599,19 @@ Index: openssl-1.1.1c/crypto/objects/obj_dat.h
       16,    /* "stateOrProvinceName" */
      660,    /* "streetAddress" */
      498,    /* "subtreeMaximumQuality" */
-Index: openssl-1.1.1c/crypto/objects/obj_mac.num
+Index: openssl-1.1.1d/crypto/objects/obj_mac.num
 ===================================================================
--- openssl-1.1.1c.orig/crypto/objects/obj_mac.num
-+++ openssl-1.1.1c/crypto/objects/obj_mac.num
+--- openssl-1.1.1d.orig/crypto/objects/obj_mac.num	2019-09-11 15:52:54.261320945 +0200
+++ openssl-1.1.1d/crypto/objects/obj_mac.num	2019-09-11 15:53:13.529431684 +0200
@@ -1192,3 +1192,4 @@ magma_cfb		1191
 magma_mac		1192
 hmacWithSHA512_224		1193
 hmacWithSHA512_256		1194
 +sshkdf		1195
-Index: openssl-1.1.1c/crypto/objects/objects.txt
+Index: openssl-1.1.1d/crypto/objects/objects.txt
 ===================================================================
--- openssl-1.1.1c.orig/crypto/objects/objects.txt
-+++ openssl-1.1.1c/crypto/objects/objects.txt
+--- openssl-1.1.1d.orig/crypto/objects/objects.txt	2019-09-11 15:52:54.265320969 +0200
+++ openssl-1.1.1d/crypto/objects/objects.txt	2019-09-11 15:53:13.529431684 +0200
@@ -1600,6 +1600,9 @@ secg-scheme 14 3 : dhSinglePass-cofactor
 # NID for HKDF
                             : HKDF              : hkdf
@ -9628,10 +9622,10 @@ Index: openssl-1.1.1c/crypto/objects/objects.txt
 # RFC 4556
 1 3 6 1 5 2 3 : id-pkinit
 id-pkinit 4                     : pkInitClientAuth      : PKINIT Client Auth
-Index: openssl-1.1.1c/doc/man3/EVP_KDF_CTX.pod
+Index: openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/doc/man3/EVP_KDF_CTX.pod
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod	2019-09-11 15:53:13.529431684 +0200
@@ -0,0 +1,217 @@
 +=pod
 +
@ -9850,10 +9844,10 @@ Index: openssl-1.1.1c/doc/man3/EVP_KDF_CTX.pod
 +L<https://www.openssl.org/source/license.html>.
 +
 +=cut
-Index: openssl-1.1.1c/doc/man7/EVP_KDF_HKDF.pod
+Index: openssl-1.1.1d/doc/man7/EVP_KDF_HKDF.pod
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/doc/man7/EVP_KDF_HKDF.pod
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/doc/man7/EVP_KDF_HKDF.pod	2019-09-11 15:53:13.529431684 +0200
@@ -0,0 +1,180 @@
 +=pod
 +
@ -10035,10 +10029,10 @@ Index: openssl-1.1.1c/doc/man7/EVP_KDF_HKDF.pod
 +L<https://www.openssl.org/source/license.html>.
 +
 +=cut
-Index: openssl-1.1.1c/doc/man7/EVP_KDF_PBKDF2.pod
+Index: openssl-1.1.1d/doc/man7/EVP_KDF_PBKDF2.pod
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/doc/man7/EVP_KDF_PBKDF2.pod
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/doc/man7/EVP_KDF_PBKDF2.pod	2019-09-11 15:53:13.529431684 +0200
@@ -0,0 +1,78 @@
 +=pod
 +
@ -10118,10 +10112,10 @@ Index: openssl-1.1.1c/doc/man7/EVP_KDF_PBKDF2.pod
 +L<https://www.openssl.org/source/license.html>.
 +
 +=cut
-Index: openssl-1.1.1c/doc/man7/EVP_KDF_SCRYPT.pod
+Index: openssl-1.1.1d/doc/man7/EVP_KDF_SCRYPT.pod
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/doc/man7/EVP_KDF_SCRYPT.pod
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/doc/man7/EVP_KDF_SCRYPT.pod	2019-09-11 15:53:13.529431684 +0200
@@ -0,0 +1,149 @@
 +=pod
 +
@ -10272,10 +10266,10 @@ Index: openssl-1.1.1c/doc/man7/EVP_KDF_SCRYPT.pod
 +L<https://www.openssl.org/source/license.html>.
 +
 +=cut
-Index: openssl-1.1.1c/doc/man7/EVP_KDF_TLS1_PRF.pod
+Index: openssl-1.1.1d/doc/man7/EVP_KDF_TLS1_PRF.pod
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/doc/man7/EVP_KDF_TLS1_PRF.pod
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/doc/man7/EVP_KDF_TLS1_PRF.pod	2019-09-11 15:53:13.529431684 +0200
@@ -0,0 +1,142 @@
 +=pod
 +
@ -10419,10 +10413,10 @@ Index: openssl-1.1.1c/doc/man7/EVP_KDF_TLS1_PRF.pod
 +L<https://www.openssl.org/source/license.html>.
 +
 +=cut
-Index: openssl-1.1.1c/doc/man7/scrypt.pod
+Index: openssl-1.1.1d/doc/man7/scrypt.pod
 ===================================================================
--- openssl-1.1.1c.orig/doc/man7/scrypt.pod
-+++ /dev/null
+--- openssl-1.1.1d.orig/doc/man7/scrypt.pod	2019-09-11 15:53:13.529431684 +0200
+++ /dev/null	1970-01-01 00:00:00.000000000 +0000
@@ -1,115 +0,0 @@
 -=pod
 -
@ -10464,7 +10458,7 @@ Index: openssl-1.1.1c/doc/man7/scrypt.pod
 -The output length of an scrypt key derivation is specified via the
 -length parameter to the L<EVP_PKEY_derive(3)> function.
 -
-=head1 EXAMPLE
+-=head1 EXAMPLES
 -
 -This example derives a 64-byte long test vector using scrypt using the password
 -"password", salt "NaCl" and N = 1024, r = 8, p = 16.
@ -10531,7 +10525,7 @@ Index: openssl-1.1.1c/doc/man7/scrypt.pod
 -
 -=head1 COPYRIGHT
 -
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+-Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 -
 -Licensed under the OpenSSL license (the "License").  You may not use
 -this file except in compliance with the License.  You can obtain a copy
@ -10539,10 +10533,10 @@ Index: openssl-1.1.1c/doc/man7/scrypt.pod
 -L<https://www.openssl.org/source/license.html>.
 -
 -=cut
-Index: openssl-1.1.1c/doc/man7/EVP_KDF_SSHKDF.pod
+Index: openssl-1.1.1d/doc/man7/EVP_KDF_SSHKDF.pod
 ===================================================================
--- /dev/null
-+++ openssl-1.1.1c/doc/man7/EVP_KDF_SSHKDF.pod
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1d/doc/man7/EVP_KDF_SSHKDF.pod	2019-09-11 15:53:13.529431684 +0200
@@ -0,0 +1,175 @@
 +=pod
 +