pool/openssl-1_1
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 631304 from home:vitezslav_cizek:branches:security:tls

Browse Source 
- Update to 1.1.1-pre9 (Beta 7)
  * Support for TLSv1.3 added
  * Move the display of configuration data to configdata.pm.
  * Allow GNU style "make variables" to be used with Configure.
  * Add a STORE module (OSSL_STORE)
  * Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes
  * Add multi-prime RSA (RFC 8017) support
  * Add SM3 implemented according to GB/T 32905-2016
  * Add SM4 implemented according to GB/T 32907-2016.
  * Add 'Maximum Fragment Length' TLS extension negotiation and support
  * Add ARIA support
  * Add SHA3
  * Rewrite of devcrypto engine
  * Add support for SipHash
  * Grand redesign of the OpenSSL random generator
- pretend the release is not a Beta, to avoid "OpenSSL version mismatch"
  with OpenSSH
  * add openssl-pretend_we_are_not_beta.patch
- drop FIPS support
  * don't build with FIPS mode (not supported in 1.1.1)
  * don't create the -hmac subpackages
  - drop FIPS patches
    * openssl-fips-clearerror.patch
    * openssl-fips-dont-fall-back-to-default-digest.patch
    * openssl-fips-dont_run_FIPS_module_installed.patch
    * openssl-fips-fix-odd-rsakeybits.patch
    * openssl-fips-rsagen-d-bits.patch
    * openssl-fips-selftests_in_nonfips_mode.patch
    * openssl-fips_disallow_ENGINE_loading.patch
    * openssl-rsakeygen-minimum-distance.patch

OBS-URL: https://build.opensuse.org/request/show/631304
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=19
This commit is contained in:
Vítězslav Čížek 2018-08-24 10:39:49 +00:00 committed by Git OBS Bridge
parent 2c20721036
commit 3e8cec6722
39 changed files with 204 additions and 3061 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

955
0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
View File

@ -1,955 +0,0 @@
From fd708c2242408187cff392e8b0850275ac99376f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= <crrodriguez@opensuse.org>
Date: Sun, 4 May 2014 23:36:54 -0400
Subject: [PATCH] Axe builtin printf implementation, use glibc instead
Index: openssl-1.1.0h/crypto/bio/b_print.c
===================================================================
--- openssl-1.1.0h.orig/crypto/bio/b_print.c 2018-03-27 15:50:37.000000000 +0200
+++ openssl-1.1.0h/crypto/bio/b_print.c 2018-03-27 16:31:15.425784205 +0200
@@ -21,830 +21,6 @@
* on all source code distributions.
*/
-#ifdef HAVE_LONG_DOUBLE
-# define LDOUBLE long double
-#else
-# define LDOUBLE double
-#endif
-
-static int fmtstr(char **, char **, size_t *, size_t *,
- const char *, int, int, int);
-static int fmtint(char **, char **, size_t *, size_t *,
- int64_t, int, int, int, int);
-static int fmtfp(char **, char **, size_t *, size_t *,
- LDOUBLE, int, int, int, int);
-static int doapr_outch(char **, char **, size_t *, size_t *, int);
-static int _dopr(char **sbuffer, char **buffer,
- size_t *maxlen, size_t *retlen, int *truncated,
- const char *format, va_list args);
-
-/* format read states */
-#define DP_S_DEFAULT 0
-#define DP_S_FLAGS 1
-#define DP_S_MIN 2
-#define DP_S_DOT 3
-#define DP_S_MAX 4
-#define DP_S_MOD 5
-#define DP_S_CONV 6
-#define DP_S_DONE 7
-
-/* format flags - Bits */
-/* left-aligned padding */
-#define DP_F_MINUS (1 << 0)
-/* print an explicit '+' for a value with positive sign */
-#define DP_F_PLUS (1 << 1)
-/* print an explicit ' ' for a value with positive sign */
-#define DP_F_SPACE (1 << 2)
-/* print 0/0x prefix for octal/hex and decimal point for floating point */
-#define DP_F_NUM (1 << 3)
-/* print leading zeroes */
-#define DP_F_ZERO (1 << 4)
-/* print HEX in UPPPERcase */
-#define DP_F_UP (1 << 5)
-/* treat value as unsigned */
-#define DP_F_UNSIGNED (1 << 6)
-
-/* conversion flags */
-#define DP_C_SHORT 1
-#define DP_C_LONG 2
-#define DP_C_LDOUBLE 3
-#define DP_C_LLONG 4
-
-/* Floating point formats */
-#define F_FORMAT 0
-#define E_FORMAT 1
-#define G_FORMAT 2
-
-/* some handy macros */
-#define char_to_int(p) (p - '0')
-#define OSSL_MAX(p,q) ((p >= q) ? p : q)
-
-static int
-_dopr(char **sbuffer,
- char **buffer,
- size_t *maxlen,
- size_t *retlen, int *truncated, const char *format, va_list args)
-{
- char ch;
- int64_t value;
- LDOUBLE fvalue;
- char *strvalue;
- int min;
- int max;
- int state;
- int flags;
- int cflags;
- size_t currlen;
-
- state = DP_S_DEFAULT;
- flags = currlen = cflags = min = 0;
- max = -1;
- ch = *format++;
-
- while (state != DP_S_DONE) {
- if (ch == '\0' || (buffer == NULL && currlen >= *maxlen))
- state = DP_S_DONE;
-
- switch (state) {
- case DP_S_DEFAULT:
- if (ch == '%')
- state = DP_S_FLAGS;
- else
- if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
- return 0;
- ch = *format++;
- break;
- case DP_S_FLAGS:
- switch (ch) {
- case '-':
- flags |= DP_F_MINUS;
- ch = *format++;
- break;
- case '+':
- flags |= DP_F_PLUS;
- ch = *format++;
- break;
- case ' ':
- flags |= DP_F_SPACE;
- ch = *format++;
- break;
- case '#':
- flags |= DP_F_NUM;
- ch = *format++;
- break;
- case '0':
- flags |= DP_F_ZERO;
- ch = *format++;
- break;
- default:
- state = DP_S_MIN;
- break;
- }
- break;
- case DP_S_MIN:
- if (isdigit((unsigned char)ch)) {
- min = 10 * min + char_to_int(ch);
- ch = *format++;
- } else if (ch == '*') {
- min = va_arg(args, int);
- ch = *format++;
- state = DP_S_DOT;
- } else
- state = DP_S_DOT;
- break;
- case DP_S_DOT:
- if (ch == '.') {
- state = DP_S_MAX;
- ch = *format++;
- } else
- state = DP_S_MOD;
- break;
- case DP_S_MAX:
- if (isdigit((unsigned char)ch)) {
- if (max < 0)
- max = 0;
- max = 10 * max + char_to_int(ch);
- ch = *format++;
- } else if (ch == '*') {
- max = va_arg(args, int);
- ch = *format++;
- state = DP_S_MOD;
- } else
- state = DP_S_MOD;
- break;
- case DP_S_MOD:
- switch (ch) {
- case 'h':
- cflags = DP_C_SHORT;
- ch = *format++;
- break;
- case 'l':
- if (*format == 'l') {
- cflags = DP_C_LLONG;
- format++;
- } else
- cflags = DP_C_LONG;
- ch = *format++;
- break;
- case 'q':
- cflags = DP_C_LLONG;
- ch = *format++;
- break;
- case 'L':
- cflags = DP_C_LDOUBLE;
- ch = *format++;
- break;
- default:
- break;
- }
- state = DP_S_CONV;
- break;
- case DP_S_CONV:
- switch (ch) {
- case 'd':
- case 'i':
- switch (cflags) {
- case DP_C_SHORT:
- value = (short int)va_arg(args, int);
- break;
- case DP_C_LONG:
- value = va_arg(args, long int);
- break;
- case DP_C_LLONG:
- value = va_arg(args, int64_t);
- break;
- default:
- value = va_arg(args, int);
- break;
- }
- if (!fmtint(sbuffer, buffer, &currlen, maxlen, value, 10, min,
- max, flags))
- return 0;
- break;
- case 'X':
- flags |= DP_F_UP;
- /* FALLTHROUGH */
- case 'x':
- case 'o':
- case 'u':
- flags |= DP_F_UNSIGNED;
- switch (cflags) {
- case DP_C_SHORT:
- value = (unsigned short int)va_arg(args, unsigned int);
- break;
- case DP_C_LONG:
- value = va_arg(args, unsigned long int);
- break;
- case DP_C_LLONG:
- value = va_arg(args, uint64_t);
- break;
- default:
- value = va_arg(args, unsigned int);
- break;
- }
- if (!fmtint(sbuffer, buffer, &currlen, maxlen, value,
- ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
- min, max, flags))
- return 0;
- break;
- case 'f':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg(args, LDOUBLE);
- else
- fvalue = va_arg(args, double);
- if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
- flags, F_FORMAT))
- return 0;
- break;
- case 'E':
- flags |= DP_F_UP;
- /* fall thru */
- case 'e':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg(args, LDOUBLE);
- else
- fvalue = va_arg(args, double);
- if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
- flags, E_FORMAT))
- return 0;
- break;
- case 'G':
- flags |= DP_F_UP;
- /* fall thru */
- case 'g':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg(args, LDOUBLE);
- else
- fvalue = va_arg(args, double);
- if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
- flags, G_FORMAT))
- return 0;
- break;
- case 'c':
- if(!doapr_outch(sbuffer, buffer, &currlen, maxlen,
- va_arg(args, int)))
- return 0;
- break;
- case 's':
- strvalue = va_arg(args, char *);
- if (max < 0) {
- if (buffer)
- max = INT_MAX;
- else
- max = *maxlen;
- }
- if (!fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
- flags, min, max))
- return 0;
- break;
- case 'p':
- value = (size_t)va_arg(args, void *);
- if (!fmtint(sbuffer, buffer, &currlen, maxlen,
- value, 16, min, max, flags | DP_F_NUM))
- return 0;
- break;
- case 'n': /* XXX */
- if (cflags == DP_C_SHORT) {
- short int *num;
- num = va_arg(args, short int *);
- *num = currlen;
- } else if (cflags == DP_C_LONG) { /* XXX */
- long int *num;
- num = va_arg(args, long int *);
- *num = (long int)currlen;
- } else if (cflags == DP_C_LLONG) { /* XXX */
- int64_t *num;
- num = va_arg(args, int64_t *);
- *num = (int64_t)currlen;
- } else {
- int *num;
- num = va_arg(args, int *);
- *num = currlen;
- }
- break;
- case '%':
- if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
- return 0;
- break;
- case 'w':
- /* not supported yet, treat as next char */
- ch = *format++;
- break;
- default:
- /* unknown, skip */
- break;
- }
- ch = *format++;
- state = DP_S_DEFAULT;
- flags = cflags = min = 0;
- max = -1;
- break;
- case DP_S_DONE:
- break;
- default:
- break;
- }
- }
- /*
- * We have to truncate if there is no dynamic buffer and we have filled the
- * static buffer.
- */
- if (buffer == NULL) {
- *truncated = (currlen > *maxlen - 1);
- if (*truncated)
- currlen = *maxlen - 1;
- }
- if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'))
- return 0;
- *retlen = currlen - 1;
- return 1;
-}
-
-static int
-fmtstr(char **sbuffer,
- char **buffer,
- size_t *currlen,
- size_t *maxlen, const char *value, int flags, int min, int max)
-{
- int padlen;
- size_t strln;
- int cnt = 0;
-
- if (value == 0)
- value = "<NULL>";
-
- strln = OPENSSL_strnlen(value, max < 0 ? SIZE_MAX : (size_t)max);
-
- padlen = min - strln;
- if (min < 0 || padlen < 0)
- padlen = 0;
- if (max >= 0) {
- /*
- * Calculate the maximum output including padding.
- * Make sure max doesn't overflow into negativity
- */
- if (max < INT_MAX - padlen)
- max += padlen;
- else
- max = INT_MAX;
- }
- if (flags & DP_F_MINUS)
- padlen = -padlen;
-
- while ((padlen > 0) && (max < 0 || cnt < max)) {
- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
- return 0;
- --padlen;
- ++cnt;
- }
- while (strln > 0 && (max < 0 || cnt < max)) {
- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *value++))
- return 0;
- --strln;
- ++cnt;
- }
- while ((padlen < 0) && (max < 0 || cnt < max)) {
- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
- return 0;
- ++padlen;
- ++cnt;
- }
- return 1;
-}
-
-static int
-fmtint(char **sbuffer,
- char **buffer,
- size_t *currlen,
- size_t *maxlen, int64_t value, int base, int min, int max, int flags)
-{
- int signvalue = 0;
- const char *prefix = "";
- uint64_t uvalue;
- char convert[DECIMAL_SIZE(value) + 3];
- int place = 0;
- int spadlen = 0;
- int zpadlen = 0;
- int caps = 0;
-
- if (max < 0)
- max = 0;
- uvalue = value;
- if (!(flags & DP_F_UNSIGNED)) {
- if (value < 0) {
- signvalue = '-';
- uvalue = 0 - (uint64_t)value;
- } else if (flags & DP_F_PLUS)
- signvalue = '+';
- else if (flags & DP_F_SPACE)
- signvalue = ' ';
- }
- if (flags & DP_F_NUM) {
- if (base == 8)
- prefix = "0";
- if (base == 16)
- prefix = "0x";
- }
- if (flags & DP_F_UP)
- caps = 1;
- do {
- convert[place++] = (caps ? "0123456789ABCDEF" : "0123456789abcdef")
- [uvalue % (unsigned)base];
- uvalue = (uvalue / (unsigned)base);
- } while (uvalue && (place < (int)sizeof(convert)));
- if (place == sizeof(convert))
- place--;
- convert[place] = 0;
-
- zpadlen = max - place;
- spadlen =
- min - OSSL_MAX(max, place) - (signvalue ? 1 : 0) - strlen(prefix);
- if (zpadlen < 0)
- zpadlen = 0;
- if (spadlen < 0)
- spadlen = 0;
- if (flags & DP_F_ZERO) {
- zpadlen = OSSL_MAX(zpadlen, spadlen);
- spadlen = 0;
- }
- if (flags & DP_F_MINUS)
- spadlen = -spadlen;
-
- /* spaces */
- while (spadlen > 0) {
- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
- return 0;
- --spadlen;
- }
-
- /* sign */
- if (signvalue)
- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
- return 0;
-
- /* prefix */
- while (*prefix) {
- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix))
- return 0;
- prefix++;
- }
-
- /* zeros */
- if (zpadlen > 0) {
- while (zpadlen > 0) {
- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
- return 0;
- --zpadlen;
- }
- }
- /* digits */
- while (place > 0) {
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]))
- return 0;
- }
-
- /* left justified spaces */
- while (spadlen < 0) {
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
- return 0;
- ++spadlen;
- }
- return 1;
-}
-
-static LDOUBLE abs_val(LDOUBLE value)
-{
- LDOUBLE result = value;
- if (value < 0)
- result = -value;
- return result;
-}
-
-static LDOUBLE pow_10(int in_exp)
-{
- LDOUBLE result = 1;
- while (in_exp) {
- result *= 10;
- in_exp--;
- }
- return result;
-}
-
-static long roundv(LDOUBLE value)
-{
- long intpart;
- intpart = (long)value;
- value = value - intpart;
- if (value >= 0.5)
- intpart++;
- return intpart;
-}
-
-static int
-fmtfp(char **sbuffer,
- char **buffer,
- size_t *currlen,
- size_t *maxlen, LDOUBLE fvalue, int min, int max, int flags, int style)
-{
- int signvalue = 0;
- LDOUBLE ufvalue;
- LDOUBLE tmpvalue;
- char iconvert[20];
- char fconvert[20];
- char econvert[20];
- int iplace = 0;
- int fplace = 0;
- int eplace = 0;
- int padlen = 0;
- int zpadlen = 0;
- long exp = 0;
- unsigned long intpart;
- unsigned long fracpart;
- unsigned long max10;
- int realstyle;
-
- if (max < 0)
- max = 6;
-
- if (fvalue < 0)
- signvalue = '-';
- else if (flags & DP_F_PLUS)
- signvalue = '+';
- else if (flags & DP_F_SPACE)
- signvalue = ' ';
-
- /*
- * G_FORMAT sometimes prints like E_FORMAT and sometimes like F_FORMAT
- * depending on the number to be printed. Work out which one it is and use
- * that from here on.
- */
- if (style == G_FORMAT) {
- if (fvalue == 0.0) {
- realstyle = F_FORMAT;
- } else if (fvalue < 0.0001) {
- realstyle = E_FORMAT;
- } else if ((max == 0 && fvalue >= 10)
- || (max > 0 && fvalue >= pow_10(max))) {
- realstyle = E_FORMAT;
- } else {
- realstyle = F_FORMAT;
- }
- } else {
- realstyle = style;
- }
-
- if (style != F_FORMAT) {
- tmpvalue = fvalue;
- /* Calculate the exponent */
- if (fvalue != 0.0) {
- while (tmpvalue < 1) {
- tmpvalue *= 10;
- exp--;
- }
- while (tmpvalue > 10) {
- tmpvalue /= 10;
- exp++;
- }
- }
- if (style == G_FORMAT) {
- /*
- * In G_FORMAT the "precision" represents significant digits. We
- * always have at least 1 significant digit.
- */
- if (max == 0)
- max = 1;
- /* Now convert significant digits to decimal places */
- if (realstyle == F_FORMAT) {
- max -= (exp + 1);
- if (max < 0) {
- /*
- * Should not happen. If we're in F_FORMAT then exp < max?
- */
- return 0;
- }
- } else {
- /*
- * In E_FORMAT there is always one significant digit in front
- * of the decimal point, so:
- * significant digits == 1 + decimal places
- */
- max--;
- }
- }
- if (realstyle == E_FORMAT)
- fvalue = tmpvalue;
- }
- ufvalue = abs_val(fvalue);
- if (ufvalue > ULONG_MAX) {
- /* Number too big */
- return 0;
- }
- intpart = (unsigned long)ufvalue;
-
- /*
- * sorry, we only support 9 digits past the decimal because of our
- * conversion method
- */
- if (max > 9)
- max = 9;
-
- /*
- * we "cheat" by converting the fractional part to integer by multiplying
- * by a factor of 10
- */
- max10 = roundv(pow_10(max));
- fracpart = roundv(pow_10(max) * (ufvalue - intpart));
-
- if (fracpart >= max10) {
- intpart++;
- fracpart -= max10;
- }
-
- /* convert integer part */
- do {
- iconvert[iplace++] = "0123456789"[intpart % 10];
- intpart = (intpart / 10);
- } while (intpart && (iplace < (int)sizeof(iconvert)));
- if (iplace == sizeof(iconvert))
- iplace--;
- iconvert[iplace] = 0;
-
- /* convert fractional part */
- while (fplace < max) {
- if (style == G_FORMAT && fplace == 0 && (fracpart % 10) == 0) {
- /* We strip trailing zeros in G_FORMAT */
- max--;
- fracpart = fracpart / 10;
- if (fplace < max)
- continue;
- break;
- }
- fconvert[fplace++] = "0123456789"[fracpart % 10];
- fracpart = (fracpart / 10);
- }
-
- if (fplace == sizeof(fconvert))
- fplace--;
- fconvert[fplace] = 0;
-
- /* convert exponent part */
- if (realstyle == E_FORMAT) {
- int tmpexp;
- if (exp < 0)
- tmpexp = -exp;
- else
- tmpexp = exp;
-
- do {
- econvert[eplace++] = "0123456789"[tmpexp % 10];
- tmpexp = (tmpexp / 10);
- } while (tmpexp > 0 && eplace < (int)sizeof(econvert));
- /* Exponent is huge!! Too big to print */
- if (tmpexp > 0)
- return 0;
- /* Add a leading 0 for single digit exponents */
- if (eplace == 1)
- econvert[eplace++] = '0';
- }
-
- /*
- * -1 for decimal point (if we have one, i.e. max > 0),
- * another -1 if we are printing a sign
- */
- padlen = min - iplace - max - (max > 0 ? 1 : 0) - ((signvalue) ? 1 : 0);
- /* Take some off for exponent prefix "+e" and exponent */
- if (realstyle == E_FORMAT)
- padlen -= 2 + eplace;
- zpadlen = max - fplace;
- if (zpadlen < 0)
- zpadlen = 0;
- if (padlen < 0)
- padlen = 0;
- if (flags & DP_F_MINUS)
- padlen = -padlen;
-
- if ((flags & DP_F_ZERO) && (padlen > 0)) {
- if (signvalue) {
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
- return 0;
- --padlen;
- signvalue = 0;
- }
- while (padlen > 0) {
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
- return 0;
- --padlen;
- }
- }
- while (padlen > 0) {
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
- return 0;
- --padlen;
- }
- if (signvalue && !doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
- return 0;
-
- while (iplace > 0) {
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]))
- return 0;
- }
-
- /*
- * Decimal point. This should probably use locale to find the correct
- * char to print out.
- */
- if (max > 0 || (flags & DP_F_NUM)) {
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '.'))
- return 0;
-
- while (fplace > 0) {
- if(!doapr_outch(sbuffer, buffer, currlen, maxlen,
- fconvert[--fplace]))
- return 0;
- }
- }
- while (zpadlen > 0) {
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
- return 0;
- --zpadlen;
- }
- if (realstyle == E_FORMAT) {
- char ech;
-
- if ((flags & DP_F_UP) == 0)
- ech = 'e';
- else
- ech = 'E';
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ech))
- return 0;
- if (exp < 0) {
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '-'))
- return 0;
- } else {
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '+'))
- return 0;
- }
- while (eplace > 0) {
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen,
- econvert[--eplace]))
- return 0;
- }
- }
-
- while (padlen < 0) {
- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
- return 0;
- ++padlen;
- }
- return 1;
-}
-
-#define BUFFER_INC 1024
-
-static int
-doapr_outch(char **sbuffer,
- char **buffer, size_t *currlen, size_t *maxlen, int c)
-{
- /* If we haven't at least one buffer, someone has doe a big booboo */
- OPENSSL_assert(*sbuffer != NULL || buffer != NULL);
-
- /* |currlen| must always be <= |*maxlen| */
- OPENSSL_assert(*currlen <= *maxlen);
-
- if (buffer && *currlen == *maxlen) {
- if (*maxlen > INT_MAX - BUFFER_INC)
- return 0;
-
- *maxlen += BUFFER_INC;
- if (*buffer == NULL) {
- *buffer = OPENSSL_malloc(*maxlen);
- if (*buffer == NULL)
- return 0;
- if (*currlen > 0) {
- OPENSSL_assert(*sbuffer != NULL);
- memcpy(*buffer, *sbuffer, *currlen);
- }
- *sbuffer = NULL;
- } else {
- char *tmpbuf;
- tmpbuf = OPENSSL_realloc(*buffer, *maxlen);
- if (tmpbuf == NULL)
- return 0;
- *buffer = tmpbuf;
- }
- }
-
- if (*currlen < *maxlen) {
- if (*sbuffer)
- (*sbuffer)[(*currlen)++] = (char)c;
- else
- (*buffer)[(*currlen)++] = (char)c;
- }
-
- return 1;
-}
-
-/***************************************************************************/
int BIO_printf(BIO *bio, const char *format, ...)
{
@@ -859,30 +35,36 @@ int BIO_printf(BIO *bio, const char *for
return (ret);
}
+static ssize_t cookie_BIO_write(void *cookie, const char *buf, size_t size)
+{
+ int ret;
+ ret = BIO_write(cookie, buf, size);
+ /* BIO_write may return negative value on error,
+ * but we must return 0 on that case
+ */
+ return (ret < 0) ? 0 : ret;
+}
+
int BIO_vprintf(BIO *bio, const char *format, va_list args)
{
+ FILE *fp;
int ret;
- size_t retlen;
- char hugebuf[1024 * 2]; /* Was previously 10k, which is unreasonable
- * in small-stack environments, like threads
- * or DOS programs. */
- char *hugebufp = hugebuf;
- size_t hugebufsize = sizeof(hugebuf);
- char *dynbuf = NULL;
- int ignored;
-
- dynbuf = NULL;
- if (!_dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format,
- args)) {
- OPENSSL_free(dynbuf);
- return -1;
- }
- if (dynbuf) {
- ret = BIO_write(bio, dynbuf, (int)retlen);
- OPENSSL_free(dynbuf);
- } else {
- ret = BIO_write(bio, hugebuf, (int)retlen);
- }
+
+ cookie_io_functions_t bio_funcs = {
+ .read = NULL,
+ .write = cookie_BIO_write,
+ .seek = NULL,
+ .close = NULL,
+ };
+
+ fp = fopencookie(bio, "w", bio_funcs);
+
+ if (fp == NULL)
+ return -1;
+
+ ret = vfprintf(fp, format, args);
+
+ fclose(fp);
return (ret);
}
@@ -898,29 +80,21 @@ int BIO_snprintf(char *buf, size_t n, co
int ret;
va_start(args, format);
+ ret = vsnprintf(buf, n, format, args);
+ va_end(args);
- ret = BIO_vsnprintf(buf, n, format, args);
+ if (ret >= n || ret == -1) return (-1);
- va_end(args);
return (ret);
}
int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
{
- size_t retlen;
- int truncated;
+ int ret;
+ ret = vsnprintf(buf, n, format, args);
- if(!_dopr(&buf, NULL, &n, &retlen, &truncated, format, args))
- return -1;
+ if (ret >= n || ret == -1)
+ return (-1);
- if (truncated)
- /*
- * In case of truncation, return -1 like traditional snprintf.
- * (Current drafts for ISO/IEC 9899 say snprintf should return the
- * number of characters that would have been written, had the buffer
- * been large enough.)
- */
- return -1;
- else
- return (retlen <= INT_MAX) ? (int)retlen : -1;
+ return (ret);
}
Index: openssl-1.1.0h/test/bioprinttest.c
===================================================================
--- openssl-1.1.0h.orig/test/bioprinttest.c 2018-03-27 15:50:40.000000000 +0200
+++ openssl-1.1.0h/test/bioprinttest.c 2018-03-27 16:30:23.096947435 +0200
@@ -200,13 +200,6 @@ int main(int argc, char **argv)
dofptest(test++, 66666.0 + frac, width, prec, &fail);
}
- /* Test excessively big number. Should fail */
- if (BIO_snprintf(buf, sizeof(buf), "%f\n", 2 * (double)ULONG_MAX) != -1) {
- printf("Test %d failed. Unexpected success return from "
- "BIO_snprintf()\n", test);
- fail = 1;
- }
-
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks_fp(stderr) <= 0)
return 1;

49
0001-Resume-reading-from-randfile-when-interrupted-by-a-s.patch
View File

@ -1,49 +0,0 @@
From c5ac41de1511f898301c298b2b28d05372cba817 Mon Sep 17 00:00:00 2001
From: Vitezslav Cizek <vcizek@suse.com>
Date: Thu, 8 Dec 2016 13:10:33 +0100
Subject: [PATCH] Resume reading from randfile when interrupted by a signal.
It was regularly observed with openssh:
sshd: fatal: cannot read from /dev/urandom, Interrupted system call
---
crypto/rand/randfile.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index c96383a..6e39e86 100644
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -104,6 +104,12 @@ static __FILE_ptr32 (*const vms_fopen)(const char *, const char *, ...) =
#define RFILE ".rnd"
+#ifdef EINTR
+# define INTERRUPTED(in) (ferror(in) && errno == EINTR)
+#else
+# define INTERRUPTED (0)
+#endif
+
/*
* Note that these functions are intended for seed files only. Entropy
* devices and EGD sockets are handled in rand_unix.c
@@ -162,9 +168,16 @@ int RAND_load_file(const char *file, long bytes)
n = (bytes < BUFSIZE) ? (int)bytes : BUFSIZE;
else
n = BUFSIZE;
+
i = fread(buf, 1, n, in);
- if (i <= 0)
+ if (i <= 0) {
+ if (INTERRUPTED(in)) {
+ /* Interrupted by a signal, resume reading */
+ clearerr(in);
+ continue;
+ }
break;
+ }
RAND_add(buf, i, (double)i);
ret += i;
--
2.10.2

47
0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch
View File

@ -1,47 +0,0 @@
From 7b46a0ed5938e28d974757db44cc9d299ad5cb4e Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Thu, 23 Feb 2017 14:03:39 +0100
Subject: [PATCH 02/44] crypto/modes/asm/ghash-s390x.pl: fix gcm_gmult_4bit
KIMD code path.
gcm_gmult_4bit KIMD code path assumed that that Xi is processed.
However, with iv lengths not equal to 12, the function is also used to process
Yi, resulting in wrong ghash computation.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
---
crypto/modes/asm/ghash-s390x.pl | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/crypto/modes/asm/ghash-s390x.pl b/crypto/modes/asm/ghash-s390x.pl
index f8b038c708..6dbb8232d6 100644
--- a/crypto/modes/asm/ghash-s390x.pl
+++ b/crypto/modes/asm/ghash-s390x.pl
@@ -95,14 +95,23 @@ $code.=<<___ if(!$softonly && 0); # hardware is slow for single block...
lg %r1,24(%r1) # load second word of kimd capabilities vector
tmhh %r1,0x4000 # check for function 65
jz .Lsoft_gmult
+ lghi %r1,-16
stg %r0,16($sp) # arrange 16 bytes of zero input
stg %r0,24($sp)
+ la $Htbl,0(%r1,$Htbl) # H lies right before Htable
+
lghi %r0,65 # function 65
- la %r1,0($Xi) # H lies right after Xi in gcm128_context
+ la %r1,32($sp)
+ mvc 32(16,$sp),0($Xi) # copy Xi/Yi
+ mvc 48(16,$sp),0($Htbl) # copy H
la $inp,16($sp)
lghi $len,16
.long 0xb93e0004 # kimd %r0,$inp
brc 1,.-4 # pay attention to "partial completion"
+
+ mvc 0(16,$Xi),32($sp)
+ xc 32(32,$sp),32($sp) # wipe stack
+
br %r14
.align 32
.Lsoft_gmult:
--
2.13.6

112
0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch
View File

@ -1,112 +0,0 @@
From 3e1c11dd482dd4626989bb6d84fc708d9bb95219 Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Mon, 30 Jan 2017 17:37:54 +0100
Subject: [PATCH 04/44] s390x assembly pack: add OPENSSL_s390xcap environment
variable.
The OPENSSL_s390xcap environment variable is used to set bits in the s390x
capability vector to zero. This simplifies testing of different code paths.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
---
crypto/s390x_arch.h | 28 ++++++++++++++++++++++++++++
crypto/s390xcap.c | 33 +++++++++++++++++++++++++++++----
2 files changed, 57 insertions(+), 4 deletions(-)
create mode 100644 crypto/s390x_arch.h
Index: openssl-1.1.0g/crypto/s390x_arch.h
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.0g/crypto/s390x_arch.h 2018-01-10 15:26:40.291112320 +0100
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef S390X_ARCH_H
+# define S390X_ARCH_H
+
+# include <stdint.h>
+
+/*
+ * The elements of OPENSSL_s390xcap_P are the doublewords returned by the STFLE
+ * instruction followed by the doubleword pairs returned by instructions' QUERY
+ * functions. If STFLE returns fewer doublewords or an instruction is not
+ * supported, the corresponding element is zero. The order is as follows:
+ *
+ * STFLE:STFLE.KIMD:KIMD:KM:KM:KMC:KMC:KMCTR:KMCTR
+ */
+# define S390X_STFLE_DWORDS 2
+# define S390X_QUERY_DWORDS 8
+# define S390X_CAP_DWORDS (S390X_STFLE_DWORDS + S390X_QUERY_DWORDS)
+extern unsigned long long OPENSSL_s390xcap_P[];
+
+#endif
Index: openssl-1.1.0g/crypto/s390xcap.c
===================================================================
--- openssl-1.1.0g.orig/crypto/s390xcap.c 2017-11-02 15:29:03.000000000 +0100
+++ openssl-1.1.0g/crypto/s390xcap.c 2018-01-10 15:27:42.988113439 +0100
@@ -14,6 +14,7 @@
#include <signal.h>
unsigned long long OPENSSL_s390xcap_P[10];
+#include "s390x_arch.h"
static sigjmp_buf ill_jmp;
static void ill_handler(int sig)
@@ -21,17 +22,21 @@ static void ill_handler(int sig)
siglongjmp(ill_jmp, sig);
}
-unsigned long OPENSSL_s390x_facilities(void);
+void OPENSSL_s390x_facilities(void);
void OPENSSL_cpuid_setup(void)
{
sigset_t oset;
struct sigaction ill_act, oact;
+ uint64_t vec;
+ char *env;
+ int off;
+ int i;
if (OPENSSL_s390xcap_P[0])
return;
- OPENSSL_s390xcap_P[0] = 1UL << (8 * sizeof(unsigned long) - 1);
+ OPENSSL_s390xcap_P[0] = 1ULL << (8 * sizeof(uint64_t) - 1);
memset(&ill_act, 0, sizeof(ill_act));
ill_act.sa_handler = ill_handler;
@@ -47,4 +52,26 @@ void OPENSSL_cpuid_setup(void)
sigaction(SIGILL, &oact, NULL);
sigprocmask(SIG_SETMASK, &oset, NULL);
+
+ if ((env = getenv("OPENSSL_s390xcap")) != NULL) {
+ for (i = 0; i < S390X_CAP_DWORDS; i++) {
+ off = (env[0] == '~') ? 1 : 0;
+
+ if (sscanf(env + off, "%llx", (unsigned long long *)&vec) == 1)
+ OPENSSL_s390xcap_P[i] &= off ? ~vec : vec;
+
+ if (i == S390X_STFLE_DWORDS - 1)
+ env = strchr(env, '.');
+ else
+ env = strpbrk(env, ":.");
+
+ if (env == NULL)
+ break;
+
+ if (env[0] == '.')
+ i = S390X_STFLE_DWORDS - 1;
+
+ env++;
+ }
+ }
}

114
0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch
View File

@ -1,114 +0,0 @@
From 79310b18d90badd58595cf2fff40591ad76c301a Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Tue, 31 Jan 2017 12:43:35 +0100
Subject: [PATCH 05/44] s390x assembly pack: add OPENSSL_s390xcap man page.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
---
doc/man3/OPENSSL_s390xcap.pod | 94 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 94 insertions(+)
create mode 100644 doc/man3/OPENSSL_s390xcap.pod
diff --git a/doc/man3/OPENSSL_s390xcap.pod b/doc/man3/OPENSSL_s390xcap.pod
new file mode 100644
index 0000000000..de56c7cf55
--- /dev/null
+++ b/doc/man3/OPENSSL_s390xcap.pod
@@ -0,0 +1,94 @@
+=pod
+
+=head1 NAME
+
+OPENSSL_s390xcap - the z processor capabilities vector
+
+=head1 SYNOPSIS
+
+ env OPENSSL_s390xcap=... <application>
+
+=head1 DESCRIPTION
+
+libcrypto supports z architecture instruction set extensions. These
+extensions are denoted by individual bits in the capability vector.
+When libcrypto is initialized, the bits returned by the STFLE instruction
+and by the QUERY functions are stored in the vector.
+
+The OPENSSL_s390xcap environment variable can be set before starting an
+application to affect capability detection. It is specified by a
+colon-separated list of 64-bit values in hexadecimal notation, the 0x
+prefix being optional. The ~ prefix means bitwise NOT and a point
+indicates the end of the STFLE bits respectively the beginning of the
+QUERY bits.
+
+After initialization, the capability vector is ANDed bitwise with the
+corresponding parts of the environment variable.
+
+The following bits are significant:
+
+.
+
+=over
+
+=item #60 KIMD-SHA-512
+
+=item #61 KIMD-SHA-256
+
+=item #62 KIMD-SHA-1
+
+=back
+
+:
+
+=over
+
+=item #62 KIMD-GHASH
+
+=back
+
+:
+
+=over
+
+=item #11 KM-XTS-AES-256
+
+=item #13 KM-XTS-AES-128
+
+=item #43 KM-AES-256
+
+=item #44 KM-AES-192
+
+=item #45 KM-AES-128
+
+=back
+
+:
+:
+
+=over
+
+=item #43 KMC-AES-256
+
+=item #44 KMC-AES-192
+
+=item #45 KMC-AES-128
+
+=back
+
+=head1 EXAMPLES
+
+OPENSSL_s390xcap=.0:0 disables KIMD.
+
+OPENSSL_s390xcap=.::~0x2800 disables KM-XTS-AES.
+
+=head1 COPYRIGHT
+
+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
--
2.13.6

220
0006-s390x-assembly-pack-extended-s390x-capability-vector.patch
View File

@ -1,220 +0,0 @@
From 9c59438dadc2b8026c058deb0759da78de1bb7ba Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Fri, 10 Feb 2017 19:43:08 +0100
Subject: [PATCH 06/44] s390x assembly pack: extended s390x capability vector
(STFLE).
Extended the s390x capability vector to store the longer facility list
available from z13 onwards. The bits indicating the vector extensions
are set to zero, if the kernel does not enable the vector facility.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
---
crypto/aes/asm/aes-s390x.pl | 10 +++++-----
crypto/modes/asm/ghash-s390x.pl | 4 ++--
crypto/s390x_arch.h | 9 +++++++--
crypto/s390xcap.c | 31 +++++++++++++++++++++++++++++++
crypto/s390xcpuid.S | 14 +++++++++-----
crypto/sha/asm/sha1-s390x.pl | 4 ++--
crypto/sha/asm/sha512-s390x.pl | 4 ++--
7 files changed, 58 insertions(+), 18 deletions(-)
Index: openssl-1.1.0g/crypto/aes/asm/aes-s390x.pl
===================================================================
--- openssl-1.1.0g.orig/crypto/aes/asm/aes-s390x.pl 2018-01-10 17:13:05.962202226 +0100
+++ openssl-1.1.0g/crypto/aes/asm/aes-s390x.pl 2018-01-10 17:22:31.466891754 +0100
@@ -823,8 +823,8 @@ $code.=<<___ if (!$softonly);
larl %r1,OPENSSL_s390xcap_P
llihh %r0,0x8000
srlg %r0,%r0,0(%r5)
- ng %r0,32(%r1) # check availability of both km...
- ng %r0,48(%r1) # ...and kmc support for given key length
+ ng %r0,40(%r1) # check availability of both km...
+ ng %r0,56(%r1) # ...and kmc support for given key length
jz .Lekey_internal
lmg %r0,%r1,0($inp) # just copy 128 bits...
@@ -1442,7 +1442,7 @@ $code.=<<___ if (!$softonly && 0);# kmct
larl %r1,OPENSSL_s390xcap_P
llihh %r0,0x8000 # check if kmctr supports the function code
srlg %r0,%r0,0($s0)
- ng %r0,64(%r1) # check kmctr capability vector
+ ng %r0,72(%r1) # check kmctr capability vector
lgr %r0,$s0
lgr %r1,$s1
jz .Lctr32_km_loop
@@ -1592,7 +1592,7 @@ $code.=<<___ if(1);
larl %r1,OPENSSL_s390xcap_P
llihh %r0,0x8000
srlg %r0,%r0,32($s1) # check for 32+function code
- ng %r0,32(%r1) # check km capability vector
+ ng %r0,40(%r1) # check km capability vector
lgr %r0,$s0 # restore the function code
la %r1,0($key1) # restore $key1
jz .Lxts_km_vanilla
Index: openssl-1.1.0g/crypto/modes/asm/ghash-s390x.pl
===================================================================
--- openssl-1.1.0g.orig/crypto/modes/asm/ghash-s390x.pl 2018-01-10 17:13:05.962202226 +0100
+++ openssl-1.1.0g/crypto/modes/asm/ghash-s390x.pl 2018-01-10 17:13:07.430224756 +0100
@@ -89,7 +89,7 @@ ___
$code.=<<___ if(!$softonly && 0); # hardware is slow for single block...
larl %r1,OPENSSL_s390xcap_P
lghi %r0,0
- lg %r1,24(%r1) # load second word of kimd capabilities vector
+ lg %r1,32(%r1) # load second word of kimd capabilities vector
tmhh %r1,0x4000 # check for function 65
jz .Lsoft_gmult
lghi %r1,-16
@@ -132,7 +132,7 @@ gcm_ghash_4bit:
___
$code.=<<___ if(!$softonly);
larl %r1,OPENSSL_s390xcap_P
- lg %r0,24(%r1) # load second word of kimd capabilities vector
+ lg %r0,32(%r1) # load second word of kimd capabilities vector
tmhh %r0,0x4000 # check for function 65
jz .Lsoft_ghash
lghi %r0,65 # function 65
Index: openssl-1.1.0g/crypto/s390x_arch.h
===================================================================
--- openssl-1.1.0g.orig/crypto/s390x_arch.h 2018-01-10 17:13:05.962202226 +0100
+++ openssl-1.1.0g/crypto/s390x_arch.h 2018-01-10 17:13:07.430224756 +0100
@@ -18,11 +18,16 @@
* functions. If STFLE returns fewer doublewords or an instruction is not
* supported, the corresponding element is zero. The order is as follows:
*
- * STFLE:STFLE.KIMD:KIMD:KM:KM:KMC:KMC:KMCTR:KMCTR
+ * STFLE:STFLE:STFLE.KIMD:KIMD:KM:KM:KMC:KMC:KMCTR:KMCTR
*/
-# define S390X_STFLE_DWORDS 2
+# define S390X_STFLE_DWORDS 3
# define S390X_QUERY_DWORDS 8
# define S390X_CAP_DWORDS (S390X_STFLE_DWORDS + S390X_QUERY_DWORDS)
extern unsigned long long OPENSSL_s390xcap_P[];
+/* OPENSSL_s390xcap_P[2] flags */
+# define S390X_STFLE_VXE (1ULL << 56)
+# define S390X_STFLE_VXD (1ULL << 57)
+# define S390X_STFLE_VX (1ULL << 62)
+
#endif
Index: openssl-1.1.0g/crypto/s390xcap.c
===================================================================
--- openssl-1.1.0g.orig/crypto/s390xcap.c 2018-01-10 17:13:05.962202226 +0100
+++ openssl-1.1.0g/crypto/s390xcap.c 2018-01-10 17:13:07.430224756 +0100
@@ -22,6 +22,31 @@ static void ill_handler(int sig)
siglongjmp(ill_jmp, sig);
}
+/*-
+ * os-specific function to check if "vector enablement control"-bit and
+ * "AFP register control"-bit in control register 0 are set.
+ */
+static int vx_enabled(void)
+{
+#if defined(OPENSSL_SYS_LINUX)
+ FILE *fd;
+ char buf[4096];
+
+ if ((fd = fopen("/proc/cpuinfo", "r")) == NULL)
+ return 0;
+
+ buf[0] = '\0';
+
+ while ((fgets(buf, sizeof(buf), fd) != NULL)
+ && (strstr(buf, "features") != buf));
+
+ fclose(fd);
+ return (strstr(buf, " vx ") != NULL) ? 1 : 0;
+#else
+ return 0;
+#endif
+}
+
void OPENSSL_s390x_facilities(void);
void OPENSSL_cpuid_setup(void)
@@ -53,6 +78,12 @@ void OPENSSL_cpuid_setup(void)
sigaction(SIGILL, &oact, NULL);
sigprocmask(SIG_SETMASK, &oset, NULL);
+ /* protection against disabled vector facility */
+ if (!vx_enabled()) {
+ OPENSSL_s390xcap_P[2] &= ~(S390X_STFLE_VXE | S390X_STFLE_VXD |
+ S390X_STFLE_VX);
+ }
+
if ((env = getenv("OPENSSL_s390xcap")) != NULL) {
for (i = 0; i < S390X_CAP_DWORDS; i++) {
off = (env[0] == '~') ? 1 : 0;
Index: openssl-1.1.0g/crypto/s390xcpuid.S
===================================================================
--- openssl-1.1.0g.orig/crypto/s390xcpuid.S 2018-01-10 17:13:05.962202226 +0100
+++ openssl-1.1.0g/crypto/s390xcpuid.S 2018-01-10 17:13:07.430224756 +0100
@@ -21,33 +21,37 @@ OPENSSL_s390x_facilities:
stg %r0,56(%r4)
stg %r0,64(%r4)
stg %r0,72(%r4)
+ stg %r0,80(%r4)
.long 0xb2b04000 # stfle 0(%r4)
brc 8,.Ldone
lghi %r0,1
.long 0xb2b04000 # stfle 0(%r4)
+ brc 8,.Ldone
+ lghi %r0,2
+ .long 0xb2b04000 # stfle 0(%r4)
.Ldone:
lmg %r2,%r3,0(%r4)
tmhl %r2,0x4000 # check for message-security-assist
jz .Lret
lghi %r0,0 # query kimd capabilities
- la %r1,16(%r4)
+ la %r1,24(%r4)
.long 0xb93e0002 # kimd %r0,%r2
lghi %r0,0 # query km capability vector
- la %r1,32(%r4)
+ la %r1,40(%r4)
.long 0xb92e0042 # km %r4,%r2
lghi %r0,0 # query kmc capability vector
- la %r1,48(%r4)
+ la %r1,56(%r4)
.long 0xb92f0042 # kmc %r4,%r2
tmhh %r3,0x0004 # check for message-security-assist-4
jz .Lret
lghi %r0,0 # query kmctr capability vector
- la %r1,64(%r4)
+ la %r1,72(%r4)
.long 0xb92d2042 # kmctr %r4,%r2,%r2
.Lret:
Index: openssl-1.1.0g/crypto/sha/asm/sha1-s390x.pl
===================================================================
--- openssl-1.1.0g.orig/crypto/sha/asm/sha1-s390x.pl 2018-01-10 17:13:05.962202226 +0100
+++ openssl-1.1.0g/crypto/sha/asm/sha1-s390x.pl 2018-01-10 17:13:07.430224756 +0100
@@ -172,7 +172,7 @@ sha1_block_data_order:
___
$code.=<<___ if ($kimdfunc);
larl %r1,OPENSSL_s390xcap_P
- lg %r0,16(%r1) # check kimd capabilities
+ lg %r0,24(%r1) # check kimd capabilities
tmhh %r0,`0x8000>>$kimdfunc`
jz .Lsoftware
lghi %r0,$kimdfunc
Index: openssl-1.1.0g/crypto/sha/asm/sha512-s390x.pl
===================================================================
--- openssl-1.1.0g.orig/crypto/sha/asm/sha512-s390x.pl 2018-01-10 17:13:05.962202226 +0100
+++ openssl-1.1.0g/crypto/sha/asm/sha512-s390x.pl 2018-01-10 17:13:07.430224756 +0100
@@ -244,7 +244,7 @@ $Func:
___
$code.=<<___ if ($kimdfunc);
larl %r1,OPENSSL_s390xcap_P
- lg %r0,16(%r1) # check kimd capabilities
+ lg %r0,24(%r1) # check kimd capabilities
tmhh %r0,`0x8000>>$kimdfunc`
jz .Lsoftware
lghi %r0,$kimdfunc

220
0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch
View File

@ -1,220 +0,0 @@
From 29039576b1512a3508d40929dad605cefe806186 Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Thu, 16 Feb 2017 09:05:28 +0100
Subject: [PATCH 07/44] crypto/evp/e_aes.c: add foundations for extended s390x
support.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
---
crypto/evp/e_aes.c | 175 ++++++++++++++++++++++++++++++++++++++++++++++++++++
crypto/s390x_arch.h | 10 +++
2 files changed, 185 insertions(+)
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 802b1d814d..d5932e1c64 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -950,6 +950,181 @@ static const EVP_CIPHER aes_##keylen##_##mode = { \
const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
{ return SPARC_AES_CAPABLE?&aes_t4_##keylen##_##mode:&aes_##keylen##_##mode; }
+#elif defined(OPENSSL_CPUID_OBJ) && defined(__s390__) && !defined(AES_SOFTONLY)
+/*
+ * IBM S390X support
+ */
+# include "s390x_arch.h"
+
+/*-
+ * If KM and KMC support the function code, AES_KEY structure holds
+ * key/function code (instead of key schedule/number of rounds).
+ */
+# define S390X_AES_FC (((AES_KEY *)(key))->rounds)
+
+# define S390X_aes_128_CAPABLE ((OPENSSL_s390xcap_P[5]&S390X_KM_AES_128)&&\
+ (OPENSSL_s390xcap_P[7]&S390X_KMC_AES_128))
+# define S390X_aes_192_CAPABLE ((OPENSSL_s390xcap_P[5]&S390X_KM_AES_192)&&\
+ (OPENSSL_s390xcap_P[7]&S390X_KMC_AES_192))
+# define S390X_aes_256_CAPABLE ((OPENSSL_s390xcap_P[5]&S390X_KM_AES_256)&&\
+ (OPENSSL_s390xcap_P[7]&S390X_KMC_AES_256))
+
+# define s390x_aes_init_key aes_init_key
+static int s390x_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc);
+
+# define S390X_aes_128_cbc_CAPABLE 1 /* checked by callee */
+# define S390X_aes_192_cbc_CAPABLE 1
+# define S390X_aes_256_cbc_CAPABLE 1
+
+# define s390x_aes_cbc_cipher aes_cbc_cipher
+static int s390x_aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define S390X_aes_128_ecb_CAPABLE 0
+# define S390X_aes_192_ecb_CAPABLE 0
+# define S390X_aes_256_ecb_CAPABLE 0
+
+# define s390x_aes_ecb_cipher aes_ecb_cipher
+static int s390x_aes_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define S390X_aes_128_ofb_CAPABLE 0
+# define S390X_aes_192_ofb_CAPABLE 0
+# define S390X_aes_256_ofb_CAPABLE 0
+
+# define s390x_aes_ofb_cipher aes_ofb_cipher
+static int s390x_aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define S390X_aes_128_cfb_CAPABLE 0
+# define S390X_aes_192_cfb_CAPABLE 0
+# define S390X_aes_256_cfb_CAPABLE 0
+
+# define s390x_aes_cfb_cipher aes_cfb_cipher
+static int s390x_aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define S390X_aes_128_cfb8_CAPABLE 0
+# define S390X_aes_192_cfb8_CAPABLE 0
+# define S390X_aes_256_cfb8_CAPABLE 0
+
+# define s390x_aes_cfb8_cipher aes_cfb8_cipher
+static int s390x_aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define S390X_aes_128_cfb1_CAPABLE 0
+# define S390X_aes_192_cfb1_CAPABLE 0
+# define S390X_aes_256_cfb1_CAPABLE 0
+
+# define s390x_aes_cfb1_cipher aes_cfb1_cipher
+static int s390x_aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define S390X_aes_128_ctr_CAPABLE 1 /* checked by callee */
+# define S390X_aes_192_ctr_CAPABLE 1
+# define S390X_aes_256_ctr_CAPABLE 1
+
+# define s390x_aes_ctr_cipher aes_ctr_cipher
+static int s390x_aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define S390X_aes_128_gcm_CAPABLE 0
+# define S390X_aes_192_gcm_CAPABLE 0
+# define S390X_aes_256_gcm_CAPABLE 0
+
+# define s390x_aes_gcm_init_key aes_gcm_init_key
+static int s390x_aes_gcm_init_key(EVP_CIPHER_CTX *ctx,
+ const unsigned char *key,
+ const unsigned char *iv, int enc);
+
+# define s390x_aes_gcm_cipher aes_gcm_cipher
+static int s390x_aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define S390X_aes_128_xts_CAPABLE 1 /* checked by callee */
+# define S390X_aes_256_xts_CAPABLE 1
+
+# define s390x_aes_xts_init_key aes_xts_init_key
+static int s390x_aes_xts_init_key(EVP_CIPHER_CTX *ctx,
+ const unsigned char *key,
+ const unsigned char *iv, int enc);
+
+# define s390x_aes_xts_cipher aes_xts_cipher
+static int s390x_aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# define S390X_aes_128_ccm_CAPABLE 0
+# define S390X_aes_192_ccm_CAPABLE 0
+# define S390X_aes_256_ccm_CAPABLE 0
+
+# define s390x_aes_ccm_init_key aes_ccm_init_key
+static int s390x_aes_ccm_init_key(EVP_CIPHER_CTX *ctx,
+ const unsigned char *key,
+ const unsigned char *iv, int enc);
+
+# define s390x_aes_ccm_cipher aes_ccm_cipher
+static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+# ifndef OPENSSL_NO_OCB
+# define S390X_aes_128_ocb_CAPABLE 0
+# define S390X_aes_192_ocb_CAPABLE 0
+# define S390X_aes_256_ocb_CAPABLE 0
+
+# define s390x_aes_ocb_init_key aes_ocb_init_key
+static int s390x_aes_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc);
+# define s390x_aes_ocb_cipher aes_ocb_cipher
+static int s390x_aes_ocb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+# endif
+
+# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
+static const EVP_CIPHER s390x_aes_##keylen##_##mode = { \
+ nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ s390x_aes_init_key, \
+ s390x_aes_##mode##_cipher, \
+ NULL, \
+ sizeof(EVP_AES_KEY), \
+ NULL,NULL,NULL,NULL }; \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+ nid##_##keylen##_##nmode,blocksize, \
+ keylen/8,ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aes_init_key, \
+ aes_##mode##_cipher, \
+ NULL, \
+ sizeof(EVP_AES_KEY), \
+ NULL,NULL,NULL,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return S390X_aes_##keylen##_##mode##_CAPABLE?&s390x_aes_##keylen##_##mode: \
+ &aes_##keylen##_##mode; }
+
+# define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
+static const EVP_CIPHER s390x_aes_##keylen##_##mode = { \
+ nid##_##keylen##_##mode,blocksize, \
+ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ s390x_aes_##mode##_init_key, \
+ s390x_aes_##mode##_cipher, \
+ aes_##mode##_cleanup, \
+ sizeof(EVP_AES_##MODE##_CTX), \
+ NULL,NULL,aes_##mode##_ctrl,NULL }; \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+ nid##_##keylen##_##mode,blocksize, \
+ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aes_##mode##_init_key, \
+ aes_##mode##_cipher, \
+ aes_##mode##_cleanup, \
+ sizeof(EVP_AES_##MODE##_CTX), \
+ NULL,NULL,aes_##mode##_ctrl,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return S390X_aes_##keylen##_##mode##_CAPABLE?&s390x_aes_##keylen##_##mode: \
+ &aes_##keylen##_##mode; }
+
#else
# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
diff --git a/crypto/s390x_arch.h b/crypto/s390x_arch.h
index 434f8e3f4e..5bf24930ed 100644
--- a/crypto/s390x_arch.h
+++ b/crypto/s390x_arch.h
@@ -30,4 +30,14 @@ extern uint64_t OPENSSL_s390xcap_P[];
# define S390X_STFLE_VXD (1ULL << 57)
# define S390X_STFLE_VX (1ULL << 62)
+/* OPENSSL_s390xcap_P[5] flags */
+# define S390X_KM_AES_256 (1ULL << 43)
+# define S390X_KM_AES_192 (1ULL << 44)
+# define S390X_KM_AES_128 (1ULL << 45)
+
+/* OPENSSL_s390xcap_P[7] flags */
+# define S390X_KMC_AES_256 (1ULL << 43)
+# define S390X_KMC_AES_192 (1ULL << 44)
+# define S390X_KMC_AES_128 (1ULL << 45)
+
#endif
--
2.13.6

73
0008-s390x-assembly-pack-extended-s390x-capability-vector.patch
View File

@ -1,73 +0,0 @@
From 5534badade984ccad7dbe56e17bcf0b2d00820c0 Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Sun, 12 Feb 2017 12:27:00 +0100
Subject: [PATCH 08/44] s390x assembly pack: extended s390x capability vector
(KMA).
Extended the s390x capability vector to store the doubleword pair
returned by the KMA instruction's QUERY function.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
---
crypto/aes/asm/aes-s390x.pl | 2 +-
crypto/s390x_arch.h | 9 +++++++--
crypto/s390xcpuid.S | 12 +++++++++++-
crypto/sha/asm/sha1-s390x.pl | 2 +-
crypto/sha/asm/sha512-s390x.pl | 2 +-
5 files changed, 21 insertions(+), 6 deletions(-)
Index: openssl-1.1.0g/crypto/s390x_arch.h
===================================================================
--- openssl-1.1.0g.orig/crypto/s390x_arch.h 2018-01-10 15:38:21.714301915 +0100
+++ openssl-1.1.0g/crypto/s390x_arch.h 2018-01-10 15:38:28.942417111 +0100
@@ -18,10 +18,10 @@
* functions. If STFLE returns fewer doublewords or an instruction is not
* supported, the corresponding element is zero. The order is as follows:
*
- * STFLE:STFLE:STFLE.KIMD:KIMD:KM:KM:KMC:KMC:KMCTR:KMCTR
+ * STFLE:STFLE:STFLE.KIMD:KIMD:KM:KM:KMC:KMC:KMCTR:KMCTR:KMA:KMA
*/
# define S390X_STFLE_DWORDS 3
-# define S390X_QUERY_DWORDS 8
+# define S390X_QUERY_DWORDS 10
# define S390X_CAP_DWORDS (S390X_STFLE_DWORDS + S390X_QUERY_DWORDS)
extern unsigned long long OPENSSL_s390xcap_P[];
@@ -40,4 +40,9 @@ extern unsigned long long OPENSSL_s390xc
# define S390X_KMC_AES_192 (1ULL << 44)
# define S390X_KMC_AES_128 (1ULL << 45)
+/* OPENSSL_s390xcap_P[11] flags */
+# define S390X_KMA_GCM_AES_256 (1ULL << 43)
+# define S390X_KMA_GCM_AES_192 (1ULL << 44)
+# define S390X_KMA_GCM_AES_128 (1ULL << 45)
+
#endif
Index: openssl-1.1.0g/crypto/s390xcpuid.S
===================================================================
--- openssl-1.1.0g.orig/crypto/s390xcpuid.S 2018-01-10 15:38:21.706301789 +0100
+++ openssl-1.1.0g/crypto/s390xcpuid.S 2018-01-10 15:38:21.722302044 +0100
@@ -22,6 +22,8 @@ OPENSSL_s390x_facilities:
stg %r0,64(%r4)
stg %r0,72(%r4)
stg %r0,80(%r4)
+ stg %r0,88(%r4)
+ stg %r0,96(%r4)
.long 0xb2b04000 # stfle 0(%r4)
brc 8,.Ldone
@@ -54,6 +56,14 @@ OPENSSL_s390x_facilities:
la %r1,72(%r4)
.long 0xb92d2042 # kmctr %r4,%r2,%r2
+ lg %r2,16(%r4)
+ tmhl %r2,0x2000 # check for message-security-assist-8
+ jz .Lret
+
+ lghi %r0,0 # query kma capability vector
+ la %r1,88(%r4)
+ .long 0xb9294022 # kma %r2,%r4,%r2
+
.Lret:
br %r14
.size OPENSSL_s390x_facilities,.-OPENSSL_s390x_facilities

58
0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch
View File

@ -1,58 +0,0 @@
From 6d4165cf2b6c19162fdcc98e0f093b12ce765191 Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Tue, 14 Feb 2017 02:07:37 +0100
Subject: [PATCH 09/44] crypto/aes/asm/aes-s390x.pl: add KMA code path.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
---
crypto/aes/asm/aes-s390x.pl | 34 +++++++++++++++++++++++++++++++++-
1 file changed, 33 insertions(+), 1 deletion(-)
diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl
index b546c16025..750f61e87a 100644
--- a/crypto/aes/asm/aes-s390x.pl
+++ b/crypto/aes/asm/aes-s390x.pl
@@ -1403,7 +1403,39 @@ $code.=<<___ if (!$softonly);
clr %r0,%r1
jl .Lctr32_software
- stm${g} %r6,$s3,6*$SIZE_T($sp)
+ stm${g} $s2,$s3,10*$SIZE_T($sp)
+ llgfr $s2,%r0
+ larl %r1,OPENSSL_s390xcap_P
+ llihh %r0,0x8000 # check if kma supports the function code
+ srlg %r0,%r0,0($s2)
+ ng %r0,88(%r1) # check kma capability vector
+ lgr %r0,$s2
+ jz .Lctr32_nokma
+
+ aghi $sp,-112
+ lhi %r1,0x0600
+ sllg $len,$len,4
+ or %r0,%r1 # set HS and LAAD flags
+ lmg $s2,$s3,0($ivp)
+ la %r1,0($sp) # prepare parameter block
+ ahi $s3,-1 # decrement counter
+ mvc 80(32,$sp),0($key) # copy key
+ stmg $s2,$s3,64($sp) # copy iv
+ st $s3,12($sp) # copy counter
+ lghi $s3,0 # no AAD
+
+ .long 0xb929a042 # kma $out,$s2,$inp
+ brc 1,.-4 # pay attention to "partial completion"
+
+ xc 80(32,$sp),80($sp) # wipe key copy
+ la $sp,112($sp)
+ lm${g} $s2,$s3,10*$SIZE_T($sp)
+ br $ra
+
+.align 16
+.Lctr32_nokma:
+
+ stm${g} %r6,$s1,6*$SIZE_T($sp)
slgr $out,$inp
la %r1,0($key) # %r1 is permanent copy of $key
--
2.13.6

41
0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch
View File

@ -1,41 +0,0 @@
From 98100dfe2659b43c1e80c54e5666e6f5d0330759 Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Mon, 13 Feb 2017 16:43:12 +0100
Subject: [PATCH 10/44] doc/man3/OPENSSL_s390xcap.pod: update (KMA).
List KMA-GCM-AES bits as significant.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
---
doc/man3/OPENSSL_s390xcap.pod | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/doc/man3/OPENSSL_s390xcap.pod b/doc/man3/OPENSSL_s390xcap.pod
index de56c7cf55..adf2c02036 100644
--- a/doc/man3/OPENSSL_s390xcap.pod
+++ b/doc/man3/OPENSSL_s390xcap.pod
@@ -76,6 +76,21 @@ The following bits are significant:
=back
+:
+:
+:
+:
+
+=over
+
+=item #43 KMA-GCM-AES-256
+
+=item #44 KMA-GCM-AES-192
+
+=item #45 KMA-GCM-AES-128
+
+=back
+
=head1 EXAMPLES
OPENSSL_s390xcap=.0:0 disables KIMD.
--
2.13.6

62
0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
View File

@ -1,62 +0,0 @@
From f34474dd00118128ed574e838895167efddf7359 Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Tue, 14 Feb 2017 11:15:51 +0100
Subject: [PATCH 11/44] crypto/aes/asm/aes-s390x.pl: add CFI annotations (KMA
code path).
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
---
crypto/aes/asm/aes-s390x.pl | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl
index 750f61e87a..6cabdf5069 100644
--- a/crypto/aes/asm/aes-s390x.pl
+++ b/crypto/aes/asm/aes-s390x.pl
@@ -1392,6 +1392,7 @@ $code.=<<___;
.type AES_ctr32_encrypt,\@function
.align 16
AES_ctr32_encrypt:
+.cfi_startproc
xgr %r3,%r4 # flip %r3 and %r4, $out and $len
xgr %r4,%r3
xgr %r3,%r4
@@ -1404,6 +1405,8 @@ $code.=<<___ if (!$softonly);
jl .Lctr32_software
stm${g} $s2,$s3,10*$SIZE_T($sp)
+ .cfi_rel_offset $s2,10*$SIZE_T
+ .cfi_rel_offset $s3,11*$SIZE_T
llgfr $s2,%r0
larl %r1,OPENSSL_s390xcap_P
llihh %r0,0x8000 # check if kma supports the function code
@@ -1413,6 +1416,7 @@ $code.=<<___ if (!$softonly);
jz .Lctr32_nokma
aghi $sp,-112
+ .cfi_adjust_cfa_offset 112
lhi %r1,0x0600
sllg $len,$len,4
or %r0,%r1 # set HS and LAAD flags
@@ -1429,7 +1433,10 @@ $code.=<<___ if (!$softonly);
xc 80(32,$sp),80($sp) # wipe key copy
la $sp,112($sp)
+ .cfi_adjust_cfa_offset -112
lm${g} $s2,$s3,10*$SIZE_T($sp)
+ .cfi_restore $s2
+ .cfi_restore $s3
br $ra
.align 16
@@ -1594,6 +1601,7 @@ $code.=<<___;
lm${g} %r6,$ra,6*$SIZE_T($sp)
br $ra
+.cfi_endproc
.size AES_ctr32_encrypt,.-AES_ctr32_encrypt
___
}
--
2.13.6

335
0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch
View File

@ -1,335 +0,0 @@
From acef148f0aac18d78c3c857065b3a1274279b2df Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Sat, 25 Feb 2017 10:05:12 +0100
Subject: [PATCH 12/44] s390x assembly pack: add KMA code path for aes-gcm.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
---
crypto/aes/asm/aes-s390x.pl | 52 ++++++++++++
crypto/evp/e_aes.c | 200 ++++++++++++++++++++++++++++++++++++++++++--
crypto/modes/gcm128.c | 4 +
crypto/s390x_arch.h | 5 ++
4 files changed, 253 insertions(+), 8 deletions(-)
Index: openssl-1.1.0g/crypto/aes/asm/aes-s390x.pl
===================================================================
--- openssl-1.1.0g.orig/crypto/aes/asm/aes-s390x.pl 2018-01-09 17:35:12.231011406 +0100
+++ openssl-1.1.0g/crypto/aes/asm/aes-s390x.pl 2018-01-09 17:35:16.795082242 +0100
@@ -2257,6 +2257,58 @@ $code.=<<___;
.size AES_xts_decrypt,.-AES_xts_decrypt
___
}
+
+################
+# void s390x_aes_gcm_blocks(unsigned char *out, GCM128_CONTEXT *ctx,
+# const unsigned char *in, size_t len,
+# const unsigned char *aad, size_t alen,
+# const AES_KEY *key, int enc)
+{
+my ($out,$ctx,$in,$len,$aad,$alen,$key,$enc) = map("%r$_",(2..9));
+$code.=<<___ if (!$softonly);
+.globl s390x_aes_gcm_blocks
+.type s390x_aes_gcm_blocks,\@function
+.align 16
+s390x_aes_gcm_blocks:
+ stm$g $alen,$enc,7*$SIZE_T($sp)
+ lm$g $alen,$enc,$stdframe($sp)
+
+ aghi $sp,-112
+
+ lmg %r0,%r1,0($ctx)
+ ahi %r1,-1
+
+ mvc 16(32,$sp),64($ctx) # copy Xi/H
+ #mvc 48(16,$sp),48($ctx) # copy len
+ mvc 80(32,$sp),0($key) # copy key
+ st %r1,12($sp) # copy Yi
+ stmg %r0,%r1,64($sp)
+
+ lhi %r1,128
+ l %r0,240($key) # kma capability vector checked by caller
+ sll $enc,7
+ xr $enc,%r1
+ or %r0,$enc
+
+ la %r1,0($sp)
+
+ .long 0xb9296024 # kma $out,$aad,$in
+ brc 1,.-4 # pay attention to "partial completion"
+
+ l %r0,12($sp)
+ mvc 64(16,$ctx),16($sp) # update Xi
+ xc 0(112,$sp),0($sp) # wipe stack
+
+ la $sp,112($sp)
+ ahi %r0,1
+ st %r0,12($ctx)
+
+ lm$g $alen,$enc,7*$SIZE_T($sp)
+ br $ra
+.size s390x_aes_gcm_blocks,.-s390x_aes_gcm_blocks
+___
+}
+
$code.=<<___;
.string "AES for s390x, CRYPTOGAMS by <appro\@openssl.org>"
___
Index: openssl-1.1.0g/crypto/evp/e_aes.c
===================================================================
--- openssl-1.1.0g.orig/crypto/evp/e_aes.c 2018-01-09 17:35:12.199010909 +0100
+++ openssl-1.1.0g/crypto/evp/e_aes.c 2018-01-09 17:35:12.239011531 +0100
@@ -960,7 +960,7 @@ const EVP_CIPHER *EVP_aes_##keylen##_##m
* If KM and KMC support the function code, AES_KEY structure holds
* key/function code (instead of key schedule/number of rounds).
*/
-# define S390X_AES_FC (((AES_KEY *)(key))->rounds)
+# define S390X_AES_FC(key) (((AES_KEY *)(key))->rounds)
# define S390X_aes_128_CAPABLE ((OPENSSL_s390xcap_P[5]&S390X_KM_AES_128)&&\
(OPENSSL_s390xcap_P[7]&S390X_KMC_AES_128))
@@ -969,6 +969,11 @@ const EVP_CIPHER *EVP_aes_##keylen##_##m
# define S390X_aes_256_CAPABLE ((OPENSSL_s390xcap_P[5]&S390X_KM_AES_256)&&\
(OPENSSL_s390xcap_P[7]&S390X_KMC_AES_256))
+void s390x_aes_gcm_blocks(unsigned char *out, GCM128_CONTEXT *ctx,
+ const unsigned char *in, size_t len,
+ const unsigned char *aad, size_t alen,
+ const AES_KEY *key, int enc);
+
# define s390x_aes_init_key aes_init_key
static int s390x_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
@@ -1029,18 +1034,197 @@ static int s390x_aes_cfb1_cipher(EVP_CIP
static int s390x_aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len);
-# define S390X_aes_128_gcm_CAPABLE 0
-# define S390X_aes_192_gcm_CAPABLE 0
-# define S390X_aes_256_gcm_CAPABLE 0
+# define S390X_aes_128_gcm_CAPABLE (S390X_aes_128_CAPABLE&&\
+ OPENSSL_s390xcap_P[17]\
+ &S390X_KMA_GCM_AES_128)
+# define S390X_aes_192_gcm_CAPABLE (S390X_aes_192_CAPABLE&&\
+ OPENSSL_s390xcap_P[17]\
+ &S390X_KMA_GCM_AES_192)
+# define S390X_aes_256_gcm_CAPABLE (S390X_aes_256_CAPABLE&&\
+ OPENSSL_s390xcap_P[17]\
+ &S390X_KMA_GCM_AES_256)
+
+static int s390x_aes_gcm(GCM128_CONTEXT *ctx, const unsigned char *in,
+ unsigned char *out, size_t len, int enc)
+{
+ int n;
+ size_t rem;
+ u64 mlen = ctx->len.u[1];
+ unsigned char tmp;
+
+ mlen += len;
+
+ if (mlen > ((1ULL << 36) - 32) || (sizeof(len) == 8 && mlen < len))
+ return -1;
+
+ ctx->len.u[1] = mlen;
+
+ if (ctx->ares) {
+ (*ctx->gmult)(ctx->Xi.u, ctx->Htable);
+ ctx->ares = 0;
+ }
+ S390X_AES_FC(ctx->key) |= S390X_KMA_LAAD;
+ n = ctx->mres;
+
+ if (n) {
+ while (n && len) {
+ tmp = *in;
+ *out = tmp ^ ctx->EKi.c[n];
+ ctx->Xi.c[n] ^= enc ? *out : tmp;
+ n = (n + 1) % AES_BLOCK_SIZE;
+ --len;
+ ++in;
+ ++out;
+ }
+ if (n == 0) {
+ (*ctx->gmult)(ctx->Xi.u, ctx->Htable);
+ } else {
+ ctx->mres = n;
+ return 0;
+ }
+ }
+ rem = len % AES_BLOCK_SIZE;
+ len -= rem;
+
+ s390x_aes_gcm_blocks(out, ctx, in, len, NULL, 0, ctx->key, enc);
+
+ if (rem) {
+ in += len;
+ out += len;
+ (*ctx->block)(ctx->Yi.c, ctx->EKi.c, ctx->key);
+ ++ctx->Yi.d[3];
+ while (rem--) {
+ tmp = in[n];
+ out[n] = tmp ^ ctx->EKi.c[n];
+ ctx->Xi.c[n] ^= enc ? out[n] : tmp;
+ ++n;
+ }
+ }
+
+ ctx->mres = n;
+ return 0;
+}
-# define s390x_aes_gcm_init_key aes_gcm_init_key
static int s390x_aes_gcm_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *key,
- const unsigned char *iv, int enc);
+ const unsigned char *iv, int enc)
+{
+ EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx);
+ const int keybitlen = EVP_CIPHER_CTX_key_length(ctx) * 8;
+
+ if (!iv && !key)
+ return 1;
+
+ if (key) {
+ AES_set_encrypt_key(key, keybitlen, &gctx->ks.ks);
+ CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f)AES_encrypt);
+ S390X_AES_FC(&gctx->ks) |= S390X_KMA_HS;
+
+ if (iv == NULL && gctx->iv_set)
+ iv = gctx->iv;
+
+ if (iv) {
+ CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+ gctx->iv_set = 1;
+ }
+ gctx->key_set = 1;
+ } else {
+ if (gctx->key_set)
+ CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+ else
+ memcpy(gctx->iv, iv, gctx->ivlen);
+
+ gctx->iv_set = 1;
+ gctx->iv_gen = 0;
+ }
+ return 1;
+}
+
+static int s390x_aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx);
+ unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx);
+ int enc = EVP_CIPHER_CTX_encrypting(ctx);
+ int rv = -1;
+
+ if (out != in || len < (EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN))
+ return -1;
+
+ if (EVP_CIPHER_CTX_ctrl(ctx, enc ? EVP_CTRL_GCM_IV_GEN :
+ EVP_CTRL_GCM_SET_IV_INV,
+ EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0)
+ goto err;
+
+ if (CRYPTO_gcm128_aad(&gctx->gcm, buf, gctx->tls_aad_len))
+ goto err;
+
+ in += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ out += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
+
+ if (s390x_aes_gcm(&gctx->gcm, in, out, len, enc))
+ goto err;
+
+ if (enc) {
+ out += len;
+ CRYPTO_gcm128_tag(&gctx->gcm, out, EVP_GCM_TLS_TAG_LEN);
+ rv = len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
+ } else {
+ CRYPTO_gcm128_tag(&gctx->gcm, buf, EVP_GCM_TLS_TAG_LEN);
+
+ if (CRYPTO_memcmp(buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
+ OPENSSL_cleanse(out, len);
+ goto err;
+ }
+ rv = len;
+ }
+ err:
+ gctx->iv_set = 0;
+ gctx->tls_aad_len = -1;
+ return rv;
+}
-# define s390x_aes_gcm_cipher aes_gcm_cipher
static int s390x_aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t len);
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx);
+ unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx);
+ int enc = EVP_CIPHER_CTX_encrypting(ctx);
+
+ if (!gctx->key_set)
+ return -1;
+
+ if (gctx->tls_aad_len >= 0)
+ return s390x_aes_gcm_tls_cipher(ctx, out, in, len);
+
+ if (!gctx->iv_set)
+ return -1;
+
+ if (in) {
+ if (out == NULL) {
+ if (CRYPTO_gcm128_aad(&gctx->gcm, in, len))
+ return -1;
+ } else {
+ if (s390x_aes_gcm(&gctx->gcm, in, out, len, enc))
+ return -1;
+ }
+ return len;
+ } else {
+ if (enc) {
+ gctx->taglen = 16;
+ CRYPTO_gcm128_tag(&gctx->gcm, buf, gctx->taglen);
+ } else {
+ if (gctx->taglen < 0)
+ return -1;
+
+ if (CRYPTO_gcm128_finish(&gctx->gcm, buf, gctx->taglen))
+ return -1;
+ }
+ gctx->iv_set = 0;
+ return 0;
+ }
+}
# define S390X_aes_128_xts_CAPABLE 1 /* checked by callee */
# define S390X_aes_256_xts_CAPABLE 1
Index: openssl-1.1.0g/crypto/modes/gcm128.c
===================================================================
--- openssl-1.1.0g.orig/crypto/modes/gcm128.c 2017-11-02 15:29:03.000000000 +0100
+++ openssl-1.1.0g/crypto/modes/gcm128.c 2018-01-09 17:35:12.239011531 +0100
@@ -817,6 +817,10 @@ void CRYPTO_gcm128_init(GCM128_CONTEXT *
ctx->gmult = gcm_gmult_4bit;
CTX__GHASH(gcm_ghash_4bit);
}
+# elif defined(GHASH_ASM)
+ gcm_init_4bit(ctx->Htable, ctx->H.u);
+ ctx->gmult = gcm_gmult_4bit;
+ CTX__GHASH(gcm_ghash_4bit);
# else
gcm_init_4bit(ctx->Htable, ctx->H.u);
# endif
Index: openssl-1.1.0g/crypto/s390x_arch.h
===================================================================
--- openssl-1.1.0g.orig/crypto/s390x_arch.h 2018-01-09 17:35:12.207011034 +0100
+++ openssl-1.1.0g/crypto/s390x_arch.h 2018-01-09 17:35:12.239011531 +0100
@@ -45,4 +45,9 @@ extern uint64_t OPENSSL_s390xcap_P[];
# define S390X_KMA_GCM_AES_192 (1ULL << 44)
# define S390X_KMA_GCM_AES_128 (1ULL << 45)
+/* %r0 flags */
+# define S390X_KMA_LPC (1ULL << 8)
+# define S390X_KMA_LAAD (1ULL << 9)
+# define S390X_KMA_HS (1ULL << 10)
+
#endif

51
0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
View File

@ -1,51 +0,0 @@
From d137c24cbf25bae932dcfc0b58fa667a9ef63bf0 Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Sun, 26 Feb 2017 22:36:39 +0100
Subject: [PATCH 13/44] crypto/aes/asm/aes-s390x.pl: add CFI annotations
(KMA-gcm code path).
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
---
crypto/aes/asm/aes-s390x.pl | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl
index f23b1231c1..dfe79f84a6 100644
--- a/crypto/aes/asm/aes-s390x.pl
+++ b/crypto/aes/asm/aes-s390x.pl
@@ -2270,10 +2270,15 @@ $code.=<<___ if (!$softonly);
.type s390x_aes_gcm_blocks,\@function
.align 16
s390x_aes_gcm_blocks:
+.cfi_startproc
stm$g $alen,$enc,7*$SIZE_T($sp)
+ .cfi_rel_offset $alen,7*$SIZE_T
+ .cfi_rel_offset $key,8*$SIZE_T
+ .cfi_rel_offset $enc,9*$SIZE_T
lm$g $alen,$enc,$stdframe($sp)
aghi $sp,-112
+ .cfi_adjust_cfa_offset 112
lmg %r0,%r1,0($ctx)
ahi %r1,-1
@@ -2300,11 +2305,16 @@ s390x_aes_gcm_blocks:
xc 0(112,$sp),0($sp) # wipe stack
la $sp,112($sp)
+ .cfi_adjust_cfa_offset -112
ahi %r0,1
st %r0,12($ctx)
lm$g $alen,$enc,7*$SIZE_T($sp)
+ .cfi_restore $alen
+ .cfi_restore $key
+ .cfi_restore $enc
br $ra
+.cfi_endproc
.size s390x_aes_gcm_blocks,.-s390x_aes_gcm_blocks
___
}
--
2.13.6

3
baselibs.conf
View File

@ -5,6 +5,3 @@ libopenssl-1_1-devel
conflicts "otherproviders(libopenssl-devel-<targettype>)"
requires -"openssl-1_1-<targettype>"
requires "libopenssl1_1-<targettype> = <version>"
libopenssl1_1-hmac
requires "libopenssl1_1-<targettype> = <version>-%release"
obsoletes "libopenssl1_1_0-hmac-<targettype>"

36
openssl-1.0.1e-add-suse-default-cipher.patch
View File

@ -1,36 +0,0 @@
Index: openssl-1.1.0f/ssl/ssl_ciph.c
===================================================================
--- openssl-1.1.0f.orig/ssl/ssl_ciph.c 2017-05-25 14:46:20.000000000 +0200
+++ openssl-1.1.0f/ssl/ssl_ciph.c 2017-09-01 11:54:09.848587297 +0200
@@ -1461,7 +1461,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
*/
ok = 1;
rule_p = rule_str;
- if (strncmp(rule_str, "DEFAULT", 7) == 0) {
+ if (strncmp(rule_str,"DEFAULT_SUSE", 12) == 0) {
+ ok = ssl_cipher_process_rulestr(SSL_DEFAULT_SUSE_CIPHER_LIST,
+ &head, &tail, ca_list, c);
+ rule_p += 12;
+ if (*rule_p == ':')
+ rule_p++;
+ }
+ else if (strncmp(rule_str, "DEFAULT", 7) == 0) {
ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
&head, &tail, ca_list, c);
rule_p += 7;
Index: openssl-1.1.0f/include/openssl/ssl.h
===================================================================
--- openssl-1.1.0f.orig/include/openssl/ssl.h 2017-05-25 14:46:20.000000000 +0200
+++ openssl-1.1.0f/include/openssl/ssl.h 2017-09-01 13:16:59.850407734 +0200
@@ -195,6 +195,11 @@ extern "C" {
* an application-defined cipher list string starts with 'DEFAULT'.
*/
# define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL"
+# define SSL_DEFAULT_SUSE_CIPHER_LIST "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:"\
+ "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:"\
+ "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:"\
+ "DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:"\
+ "AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA"
/*
* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
* starts with a reasonable order, and all we have to do for DEFAULT is

27
openssl-1.0.1e-add-test-suse-default-cipher-suite.patch
View File

@ -1,27 +0,0 @@
Index: openssl-1.1.0c/test/recipes/99-test_suse_default_ciphers.t
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.0c/test/recipes/99-test_suse_default_ciphers.t 2016-12-19 13:59:16.662066548 +0100
@@ -0,0 +1,22 @@
+#! /usr/bin/env perl
+
+use strict;
+use warnings;
+
+use OpenSSL::Test qw/:DEFAULT/;
+use OpenSSL::Test::Utils;
+
+
+setup("test_default_ciphersuites");
+
+plan tests => 4;
+
+my @cipher_suites = ("DEFAULT_SUSE", "DEFAULT");
+
+foreach my $cipherlist (@cipher_suites) {
+ ok(run(app(["openssl", "ciphers", $cipherlist])),
+ "openssl ciphers works with ciphersuite $cipherlist");
+ ok(!grep(/(MD5|RC4|DES)/, run(app(["openssl", "ciphers", "DEFAULT_SUSE"]), capture => 1)),
+ "$cipherlist shouldn't contain MD5, DES or RC4\n");
+}
+

3
openssl-1.1.0i.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ebbfc844a8c8cc0ea5dc10b86c9ce97f401837f3fa08c17b2cdadc118253cf99
size 5453234

11
openssl-1.1.0i.tar.gz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAltyztkACgkQ2cTSbQ5g
RJHKYwf+IDQqU357IUYc6Y6nHtV1S+0Nme2J/FAjGIneHdhDmyNEx7s+yemKU4ri
QbH73/4Mg7pId99TGbQx8P9RAGN7yLbHPwu5Prmyb5OiDGRJ6bGism9CrkIoRXK1
Wq59IvcHK2nhaim8Vjksgvf/uhbeGt1V7b5Q5KF6cqDo+EKJkLpYL7vGlod/bXN/
CzbzGOkSQiWt/nMq6FDTHOzKGyswil877hxUbjyhv8lphphRtvYsWBn376YjYjfG
9WsJ1z8mZg5I83D+8uC51TJrAdX6hMQjk0JhkxLXMghZiKnNy8+8XLXna0OliuLK
W9nqIlbNZiZvhIPqGM7O9cPZeWg96g==
=ueQK
-----END PGP SIGNATURE-----

3
openssl-1.1.1-pre9.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:95ebdfbb05e8451fb01a186ccaa4a7da0eff9a48999ede9fe1a7d90db75ccb4c
size 8411103

11
openssl-1.1.1-pre9.tar.gz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAlt8Ah8ACgkQ2cTSbQ5g
RJG1ZQf+OUe+cQhEUtUrDrNSxyIG1V19YRRCo3phQ3wpSs2rvxo7Ngyk339iGTBL
SWau3y/SJZAl98XeeQO4KCD6/zSgEnqI3zPBhuJ97PPBojqEfbBNPD9ymu/CYlJJ
c9SLqFuJs4mF9mDWOT5lA5b871lnY7Pi/dgx8T6Cue4b182AnbvlqYNphv/Q5Cns
52tsa9vMqazinePxRK0Obs8Mc/dmlOqINr7WjrovWJdUXc6DdAhyslPqZSjzb7s5
1+3MSVKnYl3QReovrg3brLl4m3NRFxGpisaSD8MmCR/BJsJDyiVZa0Q3YJ+cShL4
+bmfg6hTchbZIBg3H/dAgrKdKIXbFw==
=ufCN
-----END PGP SIGNATURE-----

56
openssl-1_1.changes
View File

@ -1,3 +1,59 @@
-------------------------------------------------------------------
Thu Aug 23 13:21:00 UTC 2018 - vcizek@suse.com
- Update to 1.1.1-pre9 (Beta 7)
* Support for TLSv1.3 added
* Move the display of configuration data to configdata.pm.
* Allow GNU style "make variables" to be used with Configure.
* Add a STORE module (OSSL_STORE)
* Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes
* Add multi-prime RSA (RFC 8017) support
* Add SM3 implemented according to GB/T 32905-2016
* Add SM4 implemented according to GB/T 32907-2016.
* Add 'Maximum Fragment Length' TLS extension negotiation and support
* Add ARIA support
* Add SHA3
* Rewrite of devcrypto engine
* Add support for SipHash
* Grand redesign of the OpenSSL random generator
- pretend the release is not a Beta, to avoid "OpenSSL version mismatch"
with OpenSSH
* add openssl-pretend_we_are_not_beta.patch
- drop FIPS support
* don't build with FIPS mode (not supported in 1.1.1)
* don't create the -hmac subpackages
- drop FIPS patches
* openssl-fips-clearerror.patch
* openssl-fips-dont-fall-back-to-default-digest.patch
* openssl-fips-dont_run_FIPS_module_installed.patch
* openssl-fips-fix-odd-rsakeybits.patch
* openssl-fips-rsagen-d-bits.patch
* openssl-fips-selftests_in_nonfips_mode.patch
* openssl-fips_disallow_ENGINE_loading.patch
* openssl-rsakeygen-minimum-distance.patch
* openssl-CVE-2018-0737-fips.patch
- add TLS 1.3 ciphers to DEFAULT_SUSE
- merge openssl-1.0.1e-add-suse-default-cipher.patch and
openssl-1.0.1e-add-test-suse-default-cipher-suite.patch to
openssl-DEFAULT_SUSE_cipher.patch
- drop patches:
* openssl-static-deps.patch (upstream)
* 0001-Resume-reading-from-randfile-when-interrupted-by-a-s.patch
* openssl-disable_rsa_keygen_tests_with_small_modulus.patch
* 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
- drop s390x patches
* 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch
* 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch
* 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch
* 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch
* 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch
* 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch
* 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch
* 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch
* 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
* 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch
* 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
-------------------------------------------------------------------
Tue Aug 14 14:02:22 UTC 2018 - vcizek@suse.com

123
openssl-1_1.spec
View File

@ -19,62 +19,33 @@
%define ssletcdir %{_sysconfdir}/ssl
%define maj_min 1.1
%define _rname openssl
%define pre_version pre9
%define xversion 1.1.1-%{pre_version}
Name: openssl-1_1
Version: 1.1.0i
# Don't forget to update the version in the "openssl" package!
Version: 1.1.1~%{pre_version}
Release: 0
Summary: Secure Sockets and Transport Layer Security
License: OpenSSL
Group: Productivity/Networking/Security
Url: https://www.openssl.org/
Source: https://www.%{_rname}.org/source/%{_rname}-%{version}.tar.gz
URL: https://www.openssl.org/
Source: https://www.%{_rname}.org/source/%{_rname}-%{xversion}.tar.gz
# to get mtime of file:
Source1: %{name}.changes
Source2: baselibs.conf
Source42: https://www.%{_rname}.org/source/%{_rname}-%{version}.tar.gz.asc
Source3: https://www.%{_rname}.org/source/%{_rname}-%{xversion}.tar.gz.asc
# https://www.openssl.org/about/
# http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA2D29B7BF295C759#/openssl.keyring
Source43: %{_rname}.keyring
Source99: showciphers.c
# https://github.com/openssl/openssl/pull/2045
Patch0: 0001-Resume-reading-from-randfile-when-interrupted-by-a-s.patch
# PATCH-FIX-OPENSUSE: upstream won't use glibc
Patch1: 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
Source4: %{_rname}.keyring
Source5: showciphers.c
# PATCH-FIX-OPENSUSE: do not install html mans it takes ages
Patch2: openssl-1.1.0-no-html.patch
# PATCH-FIX-UPSTREAM: patch to allow deps and linking to static libs
# needed for fips and taken from upstream
Patch3: openssl-static-deps.patch
Patch4: openssl-truststore.patch
Patch5: openssl-pkgconfig.patch
Patch6: openssl-1.0.1e-add-suse-default-cipher.patch
Patch7: openssl-1.0.1e-add-test-suse-default-cipher-suite.patch
Patch8: openssl-ppc64-config.patch
Patch9: openssl-no-date.patch
# FIPS patches:
Patch51: openssl-1.1.0-fips.patch
Patch52: openssl-fips-dont_run_FIPS_module_installed.patch
Patch53: openssl-fips_disallow_ENGINE_loading.patch
Patch54: openssl-rsakeygen-minimum-distance.patch
Patch55: openssl-urandom-reseeding.patch
Patch56: openssl-fips-rsagen-d-bits.patch
Patch57: openssl-fips-selftests_in_nonfips_mode.patch
Patch58: openssl-fips-fix-odd-rsakeybits.patch
Patch59: openssl-fips-clearerror.patch
Patch60: openssl-fips-dont-fall-back-to-default-digest.patch
Patch61: openssl-disable_rsa_keygen_tests_with_small_modulus.patch
# FATE#321518 Add support for s390x CPACF enhancements (https://fate.suse.com/321518)
Patch62: 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch
Patch63: 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch
Patch64: 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch
Patch65: 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch
Patch66: 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch
Patch67: 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch
Patch68: 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch
Patch69: 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch
Patch70: 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
Patch71: 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch
Patch72: 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
Patch75: openssl-CVE-2018-0737-fips.patch
Patch1: openssl-1.1.0-no-html.patch
Patch2: openssl-truststore.patch
Patch3: openssl-pkgconfig.patch
Patch4: openssl-DEFAULT_SUSE_cipher.patch
Patch5: openssl-ppc64-config.patch
Patch6: openssl-no-date.patch
Patch7: openssl-pretend_we_are_not_beta.patch
BuildRequires: bc
BuildRequires: ed
BuildRequires: pkgconfig
@ -95,7 +66,6 @@ OpenSSL contains an implementation of the SSL and TLS protocols.
%package -n libopenssl1_1
Summary: Secure Sockets and Transport Layer Security
License: OpenSSL
Group: Productivity/Networking/Security
Recommends: ca-certificates-mozilla
# install libopenssl and libopenssl-hmac close together (bsc#1090765)
@ -111,11 +81,10 @@ OpenSSL contains an implementation of the SSL and TLS protocols.
%package -n libopenssl-1_1-devel
Summary: Development files for OpenSSL
License: OpenSSL
Group: Development/Libraries/C and C++
Recommends: %{name} = %{version}
Requires: libopenssl1_1 = %{version}
Requires: pkgconfig(zlib)
Recommends: %{name} = %{version}
# we need to have around only the exact version we are able to operate with
Conflicts: libopenssl-devel < %{version}
Conflicts: libopenssl-devel > %{version}
@ -128,21 +97,8 @@ Obsoletes: libopenssl-1_1_0-devel
This subpackage contains header files for developing applications
that want to make use of the OpenSSL C API.
%package -n libopenssl1_1-hmac
Summary: HMAC files for FIPS-140-2 integrity checking of the openssl shared libraries
License: BSD-3-Clause
Group: Productivity/Networking/Security
Requires: libopenssl1_1 = %{version}-%{release}
# Needed for clean upgrade from former openssl-1_1_0, boo#1081335
Obsoletes: libopenssl1_1_0-hmac
%description -n libopenssl1_1-hmac
The FIPS compliant operation of the openssl shared libraries is NOT
possible without the HMAC hashes contained in this package!
%package doc
Summary: Additional Package Documentation
License: OpenSSL
Group: Productivity/Networking/Security
Conflicts: openssl-doc
Provides: openssl-doc = %{version}
@ -154,7 +110,7 @@ This package contains optional documentation provided in addition to
this package's base documentation.
%prep
%setup -q -n %{_rname}-%{version}
%setup -q -n %{_rname}-%{xversion}
%autopatch -p1
%build
@ -166,15 +122,12 @@ export MACHINE=armv6l
%endif
./config \
no-rc5 no-idea \
fips \
no-ssl3 \
no-idea \
enable-rfc3779 \
%ifarch x86_64 aarch64 ppc64le
enable-ec_nistp_64_gcc_128 \
%endif
enable-camellia \
zlib \
no-ec2m \
--prefix=%{_prefix} \
--libdir=%{_lib} \
@ -190,6 +143,9 @@ export MACHINE=armv6l
$(getconf LFS_CFLAGS) \
-Wall
# Show build configuration
perl configdata.pm --dump
util/mkdef.pl crypto update
make depend %{?_smp_mflags}
make all %{?_smp_mflags}
@ -199,7 +155,7 @@ export MALLOC_CHECK_=3
export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
LD_LIBRARY_PATH=`pwd` make test -j1
# show cyphers
gcc -o showciphers %{optflags} -I%{buildroot}%{_includedir} %{SOURCE99} -L%{buildroot}%{_libdir} -lssl -lcrypto
gcc -o showciphers %{optflags} -I%{buildroot}%{_includedir} %{SOURCE5} -L%{buildroot}%{_libdir} -lssl -lcrypto
LD_LIBRARY_PATH=%{buildroot}%{_libdir} ./showciphers
%install
@ -244,30 +200,7 @@ set -x
find demos -type f -perm /111 -exec chmod 644 {} \;
# Place showciphers.c for %doc macro
cp %{SOURCE99} .
# the hmac hashes:
#
# this is a hack that re-defines the __os_install_post macro
# for a simple reason: the macro strips the binaries and thereby
# invalidates a HMAC that may have been created earlier.
# solution: create the hashes _after_ the macro runs.
#
# this shows up earlier because otherwise the %expand of
# the macro is too late.
# remark: This is the same as running
# openssl dgst -sha256 -hmac 'ppaksykemnsecgtsttplmamstKMEs'
%{expand:%%global __os_install_post {%__os_install_post
%{buildroot}%{_bindir}/fips_standalone_hmac \
%{buildroot}%{_libdir}/libssl.so.%{maj_min} > \
%{buildroot}%{_libdir}/.libssl.so.%{maj_min}.hmac
%{buildroot}%{_bindir}/fips_standalone_hmac \
%{buildroot}%{_libdir}/libcrypto.so.%{maj_min} > \
%{buildroot}%{_libdir}/.libcrypto.so.%{maj_min}.hmac
}}
cp %{SOURCE5} .
%post -n libopenssl1_1 -p /sbin/ldconfig
%postun -n libopenssl1_1 -p /sbin/ldconfig
@ -278,10 +211,6 @@ cp %{SOURCE99} .
%{_libdir}/libcrypto.so.%{maj_min}
%{_libdir}/engines-%{maj_min}
%files -n libopenssl1_1-hmac
%{_libdir}/.libssl.so.%{maj_min}.hmac
%{_libdir}/.libcrypto.so.%{maj_min}.hmac
%files -n libopenssl-1_1-devel
%{_includedir}/%{_rname}/
%{_includedir}/ssl
@ -300,10 +229,12 @@ cp %{SOURCE99} .
%dir %{ssletcdir}
%config (noreplace) %{ssletcdir}/openssl.cnf
%attr(700,root,root) %{ssletcdir}/private
%{ssletcdir}/ct_log_list.cnf
%{ssletcdir}/ct_log_list.cnf.dist
%dir %{_datadir}/ssl
%{_datadir}/ssl/misc
%{_bindir}/c_rehash
%{_bindir}/fips_standalone_hmac
%{_bindir}/%{_rname}
%changelog

88
openssl-CVE-2018-0737-fips.patch
View File

@ -1,88 +0,0 @@
Adjustments to fips_rsa_builtin_keygen along the lines
of the CVE-2018-0737 fix which consists of commits:
9db724cfede4ba7a3668bff533973ee70145ec07
011f82e66f4bf131c733fd41a8390039859aafb2
7150a4720af7913cae16f2e4eaf768b578c0b298
6939eab03a6e23d2bd2c3f5e34fe1d48e542e787
Index: openssl-1.1.0i/crypto/rsa/rsa_gen.c
===================================================================
--- openssl-1.1.0i.orig/crypto/rsa/rsa_gen.c 2018-08-14 15:50:57.483236547 +0200
+++ openssl-1.1.0i/crypto/rsa/rsa_gen.c 2018-08-14 15:51:07.223299375 +0200
@@ -123,6 +123,7 @@ static int fips_rsa_builtin_keygen(RSA *
int n = 0;
int test = 0;
int pbits = bits / 2;
+ unsigned long error = 0;
if (FIPS_selftest_failed()) {
FIPSerr(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, FIPS_R_FIPS_SELFTEST_FAILED);
@@ -191,6 +192,10 @@ retry:
if (!BN_lshift(r3, r3, pbits - 100))
goto err;
+ BN_set_flags(rsa->p, BN_FLG_CONSTTIME);
+ BN_set_flags(rsa->q, BN_FLG_CONSTTIME);
+ BN_set_flags(r2, BN_FLG_CONSTTIME);
+
/* generate p and q */
for (i = 0; i < 5 * pbits; i++) {
ploop:
@@ -205,9 +210,9 @@ retry:
if (!BN_sub(r2, rsa->p, BN_value_one()))
goto err;
- if (!BN_gcd(r1, r2, rsa->e, ctx))
- goto err;
- if (BN_is_one(r1)) {
+ ERR_set_mark();
+ if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) {
+ /* GCD == 1 since inverse exists */
int r;
r = BN_is_prime_fasttest_ex(rsa->p, pbits > 1024 ? 4 : 5, ctx, 0,
cb);
@@ -217,6 +222,15 @@ retry:
break;
}
+ error = ERR_peek_last_error();
+ if (ERR_GET_LIB(error) == ERR_LIB_BN
+ && ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
+ /* GCD != 1 */
+ ERR_pop_to_mark();
+ } else {
+ goto err;
+ }
+
if (!BN_GENCB_call(cb, 2, n++))
goto err;
}
@@ -248,9 +262,9 @@ retry:
if (!BN_sub(r2, rsa->q, BN_value_one()))
goto err;
- if (!BN_gcd(r1, r2, rsa->e, ctx))
- goto err;
- if (BN_is_one(r1)) {
+ ERR_set_mark();
+ if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) {
+ /* GCD == 1 since inverse exists */
int r;
r = BN_is_prime_fasttest_ex(rsa->q, pbits > 1024 ? 4 : 5, ctx, 0,
cb);
@@ -260,6 +274,15 @@ retry:
break;
}
+ error = ERR_peek_last_error();
+ if (ERR_GET_LIB(error) == ERR_LIB_BN
+ && ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
+ /* GCD != 1 */
+ ERR_pop_to_mark();
+ } else {
+ goto err;
+ }
+
if (!BN_GENCB_call(cb, 2, n++))
goto err;
}

65
openssl-DEFAULT_SUSE_cipher.patch Normal file
View File

@ -0,0 +1,65 @@
Index: openssl-1.1.1-pre9/ssl/ssl_ciph.c
===================================================================
--- openssl-1.1.1-pre9.orig/ssl/ssl_ciph.c 2018-08-21 14:14:15.000000000 +0200
+++ openssl-1.1.1-pre9/ssl/ssl_ciph.c 2018-08-24 11:06:56.552423004 +0200
@@ -1567,7 +1567,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
*/
ok = 1;
rule_p = rule_str;
- if (strncmp(rule_str, "DEFAULT", 7) == 0) {
+ if (strncmp(rule_str,"DEFAULT_SUSE", 12) == 0) {
+ ok = ssl_cipher_process_rulestr(SSL_DEFAULT_SUSE_CIPHER_LIST,
+ &head, &tail, ca_list, c);
+ rule_p += 12;
+ if (*rule_p == ':')
+ rule_p++;
+ }
+ else if (strncmp(rule_str, "DEFAULT", 7) == 0) {
ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
&head, &tail, ca_list, c);
rule_p += 7;
Index: openssl-1.1.1-pre9/include/openssl/ssl.h
===================================================================
--- openssl-1.1.1-pre9.orig/include/openssl/ssl.h 2018-08-21 14:14:15.000000000 +0200
+++ openssl-1.1.1-pre9/include/openssl/ssl.h 2018-08-24 11:14:42.067529045 +0200
@@ -171,6 +171,12 @@ extern "C" {
* This applies to ciphersuites for TLSv1.2 and below.
*/
# define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL"
+# define SSL_DEFAULT_SUSE_CIPHER_LIST "TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:"\
+ "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:"\
+ "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:"\
+ "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:"\
+ "DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:"\
+ "AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA"
/* This is the default set of TLSv1.3 ciphersuites */
# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
Index: openssl-1.1.1-pre9/test/recipes/99-test_suse_default_ciphers.t
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.1.1-pre9/test/recipes/99-test_suse_default_ciphers.t 2018-08-24 11:46:43.464529473 +0200
@@ -0,0 +1,23 @@
+#! /usr/bin/env perl
+
+use strict;
+use warnings;
+
+use OpenSSL::Test qw/:DEFAULT/;
+use OpenSSL::Test::Utils;
+
+setup("test_default_ciphersuites");
+
+plan tests => 6;
+
+my @cipher_suites = ("DEFAULT_SUSE", "DEFAULT");
+
+foreach my $cipherlist (@cipher_suites) {
+ ok(run(app(["openssl", "ciphers", "-s", $cipherlist])),
+ "openssl ciphers works with ciphersuite $cipherlist");
+ ok(!grep(/(MD5|RC4|DES)/, run(app(["openssl", "ciphers", "-s", $cipherlist]), capture => 1)),
+ "$cipherlist shouldn't contain MD5, DES or RC4\n");
+ ok(grep(/(TLSv1.3)/, run(app(["openssl", "ciphers", "-tls1_3", "-s", "-v", $cipherlist]), capture => 1)),
+ "$cipherlist should contain TLSv1.3 ciphers\n");
+}
+

12
openssl-disable_rsa_keygen_tests_with_small_modulus.patch
View File

@ -1,12 +0,0 @@
Index: openssl-1.1.0i/test/recipes/15-test_genrsa.t
===================================================================
--- openssl-1.1.0i.orig/test/recipes/15-test_genrsa.t 2018-08-14 14:45:10.000000000 +0200
+++ openssl-1.1.0i/test/recipes/15-test_genrsa.t 2018-08-14 15:49:16.902587756 +0200
@@ -16,6 +16,7 @@ use OpenSSL::Test::Utils;
setup("test_genrsa");
+plan skip_all => 'Minimal RSA modulus size is 200 bits';
plan tests => 5;
# We want to know that an absurdly small number of bits isn't support

12
openssl-fips-clearerror.patch
View File

@ -1,12 +0,0 @@
Index: openssl-1.0.2g/crypto/o_init.c
===================================================================
--- openssl-1.0.2g.orig/crypto/o_init.c 2016-04-14 10:54:05.763929573 +0200
+++ openssl-1.0.2g/crypto/o_init.c 2016-04-14 10:59:08.366168879 +0200
@@ -91,6 +91,7 @@ static void init_fips_mode(void)
NONFIPS_selftest_check();
/* drop down to non-FIPS mode if it is not requested */
FIPS_mode_set(0);
+ ERR_clear_error();
} else {
/* abort if selftest failed */
FIPS_selftest_check();

15
openssl-fips-dont-fall-back-to-default-digest.patch
View File

@ -1,15 +0,0 @@
Index: openssl-1.1.0e/apps/dgst.c
===================================================================
--- openssl-1.1.0e.orig/apps/dgst.c 2017-04-20 12:31:52.471544178 +0200
+++ openssl-1.1.0e/apps/dgst.c 2017-04-20 12:38:46.669771843 +0200
@@ -94,6 +94,10 @@ int dgst_main(int argc, char **argv)
prog = opt_progname(argv[0]);
buf = app_malloc(BUFSIZE, "I/O buffer");
md = EVP_get_digestbyname(prog);
+ if (md == NULL && strcmp(prog, "dgst") != 0) {
+ BIO_printf(bio_err, "%s is not a known digest\n", prog);
+ goto end;
+ }
prog = opt_init(argc, argv, dgst_options);
while ((o = opt_next()) != OPT_EOF) {

16
openssl-fips-dont_run_FIPS_module_installed.patch
View File

@ -1,16 +0,0 @@
Index: openssl-1.0.2h/crypto/o_init.c
===================================================================
--- openssl-1.0.2h.orig/crypto/o_init.c 2016-06-01 15:26:25.026937000 +0200
+++ openssl-1.0.2h/crypto/o_init.c 2016-06-01 16:23:24.980858697 +0200
@@ -111,9 +111,9 @@ void __attribute__ ((constructor)) OPENS
return;
done = 1;
#ifdef OPENSSL_FIPS
- if (!FIPS_module_installed()) {
+ /*if (!FIPS_module_installed()) {
return;
- }
+ }*/
RAND_init_fips();
init_fips_mode();
if (!FIPS_mode()) {

14
openssl-fips-fix-odd-rsakeybits.patch
View File

@ -1,14 +0,0 @@
Index: openssl-1.0.2g/crypto/rsa/rsa_gen.c
===================================================================
--- openssl-1.0.2g.orig/crypto/rsa/rsa_gen.c 2016-04-14 10:52:34.187646539 +0200
+++ openssl-1.0.2g/crypto/rsa/rsa_gen.c 2016-04-14 10:53:39.335559301 +0200
@@ -465,7 +465,8 @@ static int rsa_builtin_keygen(RSA *rsa,
goto err;
bitsp = (bits + 1) / 2;
- bitsq = bits - bitsp;
+ /* Use the same number of bits for p and q, our checks assume it. */
+ bitsq = bitsp;
/* prepare a maximum for p and q */
/* 0xB504F334 is (sqrt(2)/2)*2^32 */

39
openssl-fips-rsagen-d-bits.patch
View File

@ -1,39 +0,0 @@
Index: openssl-1.1.0c/crypto/rsa/rsa_gen.c
===================================================================
--- openssl-1.1.0c.orig/crypto/rsa/rsa_gen.c 2016-12-08 17:55:15.968669184 +0100
+++ openssl-1.1.0c/crypto/rsa/rsa_gen.c 2016-12-08 17:55:15.976669308 +0100
@@ -173,6 +173,12 @@ static int fips_rsa_builtin_keygen(RSA *
goto err;
}
+ BN_copy(rsa->e, e_value);
+
+ if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q))
+ test = 1;
+
+retry:
/* prepare approximate minimum p and q */
if (!BN_set_word(r0, 0xB504F334))
goto err;
@@ -185,12 +191,6 @@ static int fips_rsa_builtin_keygen(RSA *
if (!BN_lshift(r3, r3, pbits - 100))
goto err;
- BN_copy(rsa->e, e_value);
-
- if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q))
- test = 1;
-
- retry:
/* generate p and q */
for (i = 0; i < 5 * pbits; i++) {
ploop:
@@ -323,6 +323,8 @@ static int fips_rsa_builtin_keygen(RSA *
BN_free(pr0);
}
+ /* test 2^(bits/2) < d < LCM((p-1)*(q-1)) */
+ /* the LCM part is covered due to the generation by modulo above */
if (BN_num_bits(rsa->d) < pbits)
goto retry; /* d is too small */

74
openssl-fips-selftests_in_nonfips_mode.patch
View File

@ -1,74 +0,0 @@
Index: openssl-1.1.0c/crypto/fips/fips.c
===================================================================
--- openssl-1.1.0c.orig/crypto/fips/fips.c 2016-12-09 11:34:28.778291575 +0100
+++ openssl-1.1.0c/crypto/fips/fips.c 2016-12-09 11:37:18.192847119 +0100
@@ -472,6 +472,44 @@ int FIPS_module_mode_set(int onoff)
return ret;
}
+/* In non-FIPS mode, the selftests must succeed if the
+ * checksum files are present
+ */
+void NONFIPS_selftest_check(void)
+{
+ int rv;
+ char *hmacpath;
+ char path[PATH_MAX+1];
+
+ if (fips_selftest_fail)
+ {
+ /* check if the checksum files are installed */
+ rv = get_library_path("libcrypto.so." SHLIB_VERSION_NUMBER, "FIPS_mode_set", path, sizeof(path));
+ if (rv < 0)
+ OpenSSLDie(__FILE__,__LINE__, "FATAL FIPS SELFTEST FAILURE");
+
+ hmacpath = make_hmac_path(path);
+ if (hmacpath == NULL)
+ OpenSSLDie(__FILE__,__LINE__, "FATAL FIPS SELFTEST FAILURE");
+
+ if (access(hmacpath, F_OK))
+ {
+ /* no hmac file is present, ignore the failed selftests */
+ if (errno == ENOENT)
+ {
+ free(hmacpath);
+ return;
+ }
+ /* we fail on any other error */
+ }
+ /* if the file exists, but the selftests failed
+ (eg wrong checksum), we fail too */
+ free(hmacpath);
+ OpenSSLDie(__FILE__,__LINE__, "FATAL FIPS SELFTEST FAILURE");
+ }
+ /* otherwise ok, selftests were successful */
+}
+
static CRYPTO_THREAD_ID fips_threadid;
static int fips_thread_set = 0;
Index: openssl-1.1.0c/crypto/o_init.c
===================================================================
--- openssl-1.1.0c.orig/crypto/o_init.c 2016-12-09 11:34:28.726290785 +0100
+++ openssl-1.1.0c/crypto/o_init.c 2016-12-09 11:34:28.778291575 +0100
@@ -44,6 +44,8 @@ static void init_fips_mode(void)
*/
if (buf[0] != '1') {
+ /* abort if selftest failed and the module is complete */
+ NONFIPS_selftest_check();
/* drop down to non-FIPS mode if it is not requested */
FIPS_mode_set(0);
} else {
Index: openssl-1.1.0c/include/openssl/fips.h
===================================================================
--- openssl-1.1.0c.orig/include/openssl/fips.h 2016-12-09 11:34:28.654289692 +0100
+++ openssl-1.1.0c/include/openssl/fips.h 2016-12-09 11:38:18.553750517 +0100
@@ -65,6 +65,7 @@ extern "C" {
int FIPS_selftest(void);
int FIPS_selftest_failed(void);
int FIPS_selftest_drbg_all(void);
+ void NONFIPS_selftest_check(void);
int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
const EVP_MD *evpmd, const unsigned char *seed_in,

14
openssl-fips_disallow_ENGINE_loading.patch
View File

@ -1,14 +0,0 @@
Index: openssl-1.1.0c/crypto/init.c
===================================================================
--- openssl-1.1.0c.orig/crypto/init.c 2016-12-08 17:36:03.170689184 +0100
+++ openssl-1.1.0c/crypto/init.c 2016-12-08 17:36:14.938873308 +0100
@@ -564,6 +564,9 @@ int OPENSSL_init_crypto(uint64_t opts, c
&& !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand))
return 0;
# endif
+# ifdef OPENSSL_FIPS
+ if (!FIPS_mode())
+# endif
if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC)
&& !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic))
return 0;

16
openssl-no-date.patch
View File

@ -1,11 +1,13 @@
Index: openssl-1.1.0f/util/mkbuildinf.pl
Index: openssl-1.1.1-pre1/util/mkbuildinf.pl
===================================================================
--- openssl-1.1.0f.orig/util/mkbuildinf.pl
+++ openssl-1.1.0f/util/mkbuildinf.pl
@@ -37,5 +37,5 @@ print <<"END_OUTPUT";
'\\0'
};
--- openssl-1.1.1-pre1.orig/util/mkbuildinf.pl 2018-02-13 16:31:28.011389734 +0100
+++ openssl-1.1.1-pre1/util/mkbuildinf.pl 2018-02-13 16:31:51.539764582 +0100
@@ -28,7 +28,7 @@ print <<"END_OUTPUT";
*/
#define PLATFORM "platform: $platform"
-#define DATE "built on: $date"
+#define DATE ""
END_OUTPUT
/*
* Generate compiler_flags as an array of individual characters. This is a

12
openssl-pkgconfig.patch
View File

@ -1,17 +1,17 @@
Index: openssl-1.1.0h/Configurations/unix-Makefile.tmpl
Index: openssl-1.1.1-pre3/Configurations/unix-Makefile.tmpl
===================================================================
--- openssl-1.1.0h.orig/Configurations/unix-Makefile.tmpl 2018-03-27 16:32:18.922799218 +0200
+++ openssl-1.1.0h/Configurations/unix-Makefile.tmpl 2018-03-27 16:33:19.307764137 +0200
@@ -710,7 +710,7 @@ libcrypto.pc:
--- openssl-1.1.1-pre3.orig/Configurations/unix-Makefile.tmpl 2018-03-20 15:20:03.037124698 +0100
+++ openssl-1.1.1-pre3/Configurations/unix-Makefile.tmpl 2018-03-20 15:21:04.206084731 +0100
@@ -843,7 +843,7 @@ libcrypto.pc:
echo 'Version: '$(VERSION); \
echo 'Libs: -L$${libdir} -lcrypto'; \
echo 'Libs.private: $(EX_LIBS)'; \
echo 'Libs.private: $(LIB_EX_LIBS)'; \
- echo 'Cflags: -I$${includedir}' ) > libcrypto.pc
+ echo 'Cflags: -DOPENSSL_LOAD_CONF -I$${includedir}' ) > libcrypto.pc
libssl.pc:
@ ( echo 'prefix=$(INSTALLTOP)'; \
@@ -723,7 +723,7 @@ libssl.pc:
@@ -860,7 +860,7 @@ libssl.pc:
echo 'Version: '$(VERSION); \
echo 'Requires.private: libcrypto'; \
echo 'Libs: -L$${libdir} -lssl'; \

15
openssl-ppc64-config.patch
View File

@ -1,12 +1,17 @@
Index: openssl-1.1.0e/config
Index: openssl-1.1.1-pre3/config
===================================================================
--- openssl-1.1.0e.orig/config
+++ openssl-1.1.0e/config
@@ -550,7 +550,7 @@ case "$GUESSOS" in
--- openssl-1.1.1-pre3.orig/config 2018-03-20 15:24:38.037441210 +0100
+++ openssl-1.1.1-pre3/config 2018-03-20 15:26:20.163043492 +0100
@@ -552,12 +552,7 @@ case "$GUESSOS" in
OUT="linux-ppc64"
else
OUT="linux-ppc"
- (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null) || options="$options -m32"
- if (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null); then
- :;
- else
- __CNF_CFLAGS="$__CNF_CFLAGS -m32"
- __CNF_CXXFLAGS="$__CNF_CXXFLAGS -m32"
- fi
+ (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null) || OUT="linux-ppc64"
fi
;;

13
openssl-pretend_we_are_not_beta.patch Normal file
View File

@ -0,0 +1,13 @@
Index: openssl-1.1.1-pre9/include/openssl/opensslv.h
===================================================================
--- openssl-1.1.1-pre9.orig/include/openssl/opensslv.h 2018-08-22 14:07:29.797858054 +0200
+++ openssl-1.1.1-pre9/include/openssl/opensslv.h 2018-08-22 14:07:57.718041454 +0200
@@ -39,7 +39,7 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x10101009L
+# define OPENSSL_VERSION_NUMBER 0x1010100fL
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1-pre9 (beta) 21 Aug 2018"
/*-

47
openssl-rsakeygen-minimum-distance.patch
View File

@ -1,47 +0,0 @@
Index: openssl-1.1.0h/crypto/rsa/rsa_gen.c
===================================================================
--- openssl-1.1.0h.orig/crypto/rsa/rsa_gen.c 2018-03-27 16:34:44.709128590 +0200
+++ openssl-1.1.0h/crypto/rsa/rsa_gen.c 2018-03-27 16:34:44.753129312 +0200
@@ -420,6 +420,19 @@ static int rsa_builtin_keygen(RSA *rsa,
bitsp = (bits + 1) / 2;
bitsq = bits - bitsp;
+ /* prepare a maximum for p and q */
+ /* 0xB504F334 is (sqrt(2)/2)*2^32 */
+ if (!BN_set_word(r0, 0xB504F334))
+ goto err;
+ if (!BN_lshift(r0, r0, bitsp - 32))
+ goto err;
+
+ /* prepare minimum p and q difference */
+ if (!BN_one(r3))
+ goto err;
+ if (!BN_lshift(r3, r3, bitsp - 100))
+ goto err;
+
/* We need the RSA components non-NULL */
if (!rsa->n && ((rsa->n = BN_new()) == NULL))
goto err;
@@ -446,6 +459,8 @@ static int rsa_builtin_keygen(RSA *rsa,
for (;;) {
if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb))
goto err;
+ if (BN_cmp(rsa->p, r0) < 0)
+ continue;
if (!BN_sub(r2, rsa->p, BN_value_one()))
goto err;
ERR_set_mark();
@@ -471,6 +486,13 @@ static int rsa_builtin_keygen(RSA *rsa,
if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
goto err;
} while (BN_cmp(rsa->p, rsa->q) == 0);
+ if (BN_cmp(rsa->q, r0) < 0)
+ continue;
+ /* check for minimum distance between p and q, 2^(bitsp-100) */
+ if (!BN_sub(r2, rsa->q, rsa->p))
+ goto err;
+ if (BN_ucmp(r2, r3) <= 0)
+ continue;
if (!BN_sub(r2, rsa->q, BN_value_one()))
goto err;
ERR_set_mark();

195
openssl-static-deps.patch
View File

@ -1,195 +0,0 @@
From 186a31e510d1326063cfeca17e58fadec236ad2a Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Wed, 9 Nov 2016 20:01:51 +0100
Subject: [PATCH] Building: make it possible to force linking with static
OpenSSL libs
Very simply, support having the .a extension to denote depending on
static libraries. Note that this is not supported on native Windows
when building shared libraries, as there is not static library then,
just an import library with the same name.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1889)
---
Configurations/common.tmpl | 14 +++++++++++---
Configurations/descrip.mms.tmpl | 23 ++++++++++++++---------
Configurations/unix-Makefile.tmpl | 19 ++++++++++++-------
Configurations/windows-makefile.tmpl | 4 +++-
Configure | 7 +++++++
5 files changed, 47 insertions(+), 20 deletions(-)
Index: openssl-1.1.0h/Configurations/common.tmpl
===================================================================
--- openssl-1.1.0h.orig/Configurations/common.tmpl 2018-03-27 15:50:37.000000000 +0200
+++ openssl-1.1.0h/Configurations/common.tmpl 2018-03-27 16:31:37.126131133 +0200
@@ -9,15 +9,22 @@
# there are no duplicate dependencies and that they are in the
# right order. This is especially used to sort the list of
# libraries that a build depends on.
+ sub extensionlesslib {
+ my @result = map { $_ =~ /(\.a)?$/; $` } @_;
+ return @result if wantarray;
+ return $result[0];
+ }
sub resolvedepends {
my $thing = shift;
+ my $extensionlessthing = extensionlesslib($thing);
my @listsofar = @_; # to check if we're looping
- my @list = @{$unified_info{depends}->{$thing}};
+ my @list = @{$unified_info{depends}->{$extensionlessthing}};
my @newlist = ();
if (scalar @list) {
foreach my $item (@list) {
+ my $extensionlessitem = extensionlesslib($item);
# It's time to break off when the dependency list starts looping
- next if grep { $_ eq $item } @listsofar;
+ next if grep { extensionlesslib($_) eq $extensionlessitem } @listsofar;
push @newlist, $item, resolvedepends($item, @listsofar, $item);
}
}
@@ -28,8 +35,9 @@
my @newlist = ();
while (@list) {
my $item = shift @list;
+ my $extensionlessitem = extensionlesslib($item);
push @newlist, $item
- unless grep { $item eq $_ } @list;
+ unless grep { $extensionlessitem eq extensionlesslib($_) } @list;
}
@newlist;
}
Index: openssl-1.1.0h/Configurations/descrip.mms.tmpl
===================================================================
--- openssl-1.1.0h.orig/Configurations/descrip.mms.tmpl 2018-03-27 15:50:37.000000000 +0200
+++ openssl-1.1.0h/Configurations/descrip.mms.tmpl 2018-03-27 16:31:37.126131133 +0200
@@ -537,6 +537,17 @@ configdata.pm : $(SRCDIR)Configure $(SRC
use File::Basename;
use File::Spec::Functions qw/abs2rel rel2abs catfile catdir/;
+ # Helper function to figure out dependencies on libraries
+ # It takes a list of library names and outputs a list of dependencies
+ sub compute_lib_depends {
+ if ($disabled{shared}) {
+ return map { $_ =~ /\.a$/ ? $`.".OLB" : $_.".OLB" } @_;
+ }
+ return map { $_ =~ /\.a$/
+ ? $`.".OLB"
+ : $unified_info{sharednames}->{$_}.".EXE" } @_;
+ }
+
sub generatesrc {
my %args = @_;
my $generator = join(" ", @{$args{generator}});
@@ -632,9 +643,7 @@ EOF
my $libd = dirname($lib);
my $libn = basename($lib);
(my $mkdef_key = $libn) =~ s/^${osslprefix_q}lib([^0-9]*)\d*/$1/i;
- my @deps = map {
- $disabled{shared} ? $_.".OLB"
- : $unified_info{sharednames}->{$_}.".EXE"; } @{$args{deps}};
+ my @deps = compute_lib_depends(@{$args{deps}});
my $deps = join(", -\n\t\t", @deps);
my $shlib_target = $disabled{shared} ? "" : $target{shared_target};
my $ordinalsfile = defined($args{ordinals}) ? $args{ordinals}->[1] : "";
@@ -680,9 +689,7 @@ EOF
my $libn = basename($lib);
(my $libn_nolib = $libn) =~ s/^lib//;
my @objs = map { "$_.OBJ" } @{$args{objs}};
- my @deps = map {
- $disabled{shared} ? $_.".OLB"
- : $unified_info{sharednames}->{$_}.".EXE"; } @{$args{deps}};
+ my @deps = compute_lib_depends(@{$args{deps}});
my $deps = join(", -\n\t\t", @objs, @deps);
my $shlib_target = $disabled{shared} ? "" : $target{shared_target};
my $engine_opt = abs2rel(rel2abs(catfile($config{sourcedir},
@@ -732,9 +739,7 @@ EOF
my $bind = dirname($bin);
my $binn = basename($bin);
my @objs = map { "$_.OBJ" } @{$args{objs}};
- my @deps = map {
- $disabled{shared} ? $_.".OLB"
- : $unified_info{sharednames}->{$_}.".EXE"; } @{$args{deps}};
+ my @deps = compute_lib_depends(@{$args{deps}});
my $deps = join(", -\n\t\t", @objs, @deps);
# The "[]" hack is because in .OPT files, each line inherits the
# previous line's file spec as default, so if no directory spec
Index: openssl-1.1.0h/Configurations/unix-Makefile.tmpl
===================================================================
--- openssl-1.1.0h.orig/Configurations/unix-Makefile.tmpl 2018-03-27 16:31:37.110130877 +0200
+++ openssl-1.1.0h/Configurations/unix-Makefile.tmpl 2018-03-27 16:31:37.126131133 +0200
@@ -755,13 +755,13 @@ configdata.pm: $(SRCDIR)/Configure $(SRC
# It takes a list of library names and outputs a list of dependencies
sub compute_lib_depends {
if ($disabled{shared}) {
- return map { $_.$libext } @_;
+ return map { $_ =~ /\.a$/ ? $`.$libext : $_.$libext } @_;
}
# Depending on shared libraries:
# On Windows POSIX layers, we depend on {libname}.dll.a
# On Unix platforms, we depend on {shlibname}.so
- return map { shlib_simple($_) } @_;
+ return map { $_ =~ /\.a$/ ? $`.$libext : shlib_simple($_) } @_;
}
sub generatesrc {
@@ -976,11 +976,16 @@ EOF
my $binn = basename($bin);
my $objs = join(" ", map { $_.$objext } @{$args{objs}});
my $deps = join(" ",compute_lib_depends(@{$args{deps}}));
- my $linklibs = join("", map { my $d = dirname($_);
- my $f = basename($_);
- $d = "." if $d eq $f;
- (my $l = $f) =~ s/^lib//;
- " -L$d -l$l" } @{$args{deps}});
+ my $linklibs = join("", map { if ($_ =~ /\.a$/) {
+ " $_";
+ } else {
+ my $d = dirname($_);
+ my $f = basename($_);
+ $d = "." if $d eq $f;
+ (my $l = $f) =~ s/^lib//;
+ " -L$d -l$l"
+ }
+ } @{$args{deps}});
my $shlib_target = $disabled{shared} ? "" : $target{shared_target};
return <<"EOF";
$bin$exeext: $objs $deps
Index: openssl-1.1.0h/Configurations/windows-makefile.tmpl
===================================================================
--- openssl-1.1.0h.orig/Configurations/windows-makefile.tmpl 2018-03-27 15:50:37.000000000 +0200
+++ openssl-1.1.0h/Configurations/windows-makefile.tmpl 2018-03-27 16:31:37.126131133 +0200
@@ -361,8 +361,10 @@ configdata.pm: "$(SRCDIR)\Configure" {-
# It takes a list of library names and outputs a list of dependencies
sub compute_lib_depends {
if ($disabled{shared}) {
- return map { $_.$libext } @_;
+ return map { $_ =~ /\.a$/ ? $`.$libext : $_.$libext } @_;
}
+ die "Linking with static OpenSSL libraries is not supported in this configuration\n"
+ if grep /\.a$/, @_;
return map { shlib_import($_) } @_;
}
Index: openssl-1.1.0h/Configure
===================================================================
--- openssl-1.1.0h.orig/Configure 2018-03-27 15:50:37.000000000 +0200
+++ openssl-1.1.0h/Configure 2018-03-27 16:31:37.126131133 +0200
@@ -1844,9 +1844,16 @@ EOF
$d = cleanfile($buildd, $_, $blddir);
}
# Take note if the file to depend on is being renamed
+ # Take extra care with files ending with .a, they should
+ # be treated without that extension, and the extension
+ # should be added back after treatment.
+ $d =~ /(\.a)?$/;
+ my $e = $1 // "";
+ $d = $`;
if ($unified_info{rename}->{$d}) {
$d = $unified_info{rename}->{$d};
}
+ $d .= $e;
$unified_info{depends}->{$ddest}->{$d} = 1;
}
}

8
openssl-truststore.patch
View File

@ -1,10 +1,10 @@
Don't use the legacy /etc/ssl/certs directory anymore but rather the
p11-kit generated /var/lib/ca-certificates/openssl one (fate#314991)
Index: openssl-1.1.0e/crypto/include/internal/cryptlib.h
Index: openssl-1.1.1-pre1/include/internal/cryptlib.h
===================================================================
--- openssl-1.1.0e.orig/crypto/include/internal/cryptlib.h
+++ openssl-1.1.0e/crypto/include/internal/cryptlib.h
@@ -41,8 +41,8 @@ DEFINE_LHASH_OF(MEM);
--- openssl-1.1.1-pre1.orig/include/internal/cryptlib.h 2018-02-13 14:48:12.000000000 +0100
+++ openssl-1.1.1-pre1/include/internal/cryptlib.h 2018-02-13 16:30:11.738161984 +0100
@@ -59,8 +59,8 @@ DEFINE_LHASH_OF(MEM);
# ifndef OPENSSL_SYS_VMS
# define X509_CERT_AREA OPENSSLDIR