From 3e8cec6722ee2236dad2b871f3c5bf9da9574420ec53056d7f4a3b7ec828d60b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=C4=9Bzslav=20=C4=8C=C3=AD=C5=BEek?= Date: Fri, 24 Aug 2018 10:39:49 +0000 Subject: [PATCH] Accepting request 631304 from home:vitezslav_cizek:branches:security:tls - Update to 1.1.1-pre9 (Beta 7) * Support for TLSv1.3 added * Move the display of configuration data to configdata.pm. * Allow GNU style "make variables" to be used with Configure. * Add a STORE module (OSSL_STORE) * Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes * Add multi-prime RSA (RFC 8017) support * Add SM3 implemented according to GB/T 32905-2016 * Add SM4 implemented according to GB/T 32907-2016. * Add 'Maximum Fragment Length' TLS extension negotiation and support * Add ARIA support * Add SHA3 * Rewrite of devcrypto engine * Add support for SipHash * Grand redesign of the OpenSSL random generator - pretend the release is not a Beta, to avoid "OpenSSL version mismatch" with OpenSSH * add openssl-pretend_we_are_not_beta.patch - drop FIPS support * don't build with FIPS mode (not supported in 1.1.1) * don't create the -hmac subpackages - drop FIPS patches * openssl-fips-clearerror.patch * openssl-fips-dont-fall-back-to-default-digest.patch * openssl-fips-dont_run_FIPS_module_installed.patch * openssl-fips-fix-odd-rsakeybits.patch * openssl-fips-rsagen-d-bits.patch * openssl-fips-selftests_in_nonfips_mode.patch * openssl-fips_disallow_ENGINE_loading.patch * openssl-rsakeygen-minimum-distance.patch OBS-URL: https://build.opensuse.org/request/show/631304 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=19 --- ...ntf-implementation-use-glibc-instead.patch | 955 ------------------ ...rom-randfile-when-interrupted-by-a-s.patch | 49 - ...-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch | 47 - ...ack-add-OPENSSL_s390xcap-environment.patch | 112 -- ...y-pack-add-OPENSSL_s390xcap-man-page.patch | 114 --- ...ack-extended-s390x-capability-vector.patch | 220 ---- ....c-add-foundations-for-extended-s390.patch | 220 ---- ...ack-extended-s390x-capability-vector.patch | 73 -- ...s-asm-aes-s390x.pl-add-KMA-code-path.patch | 58 -- ...man3-OPENSSL_s390xcap.pod-update-KMA.patch | 41 - ...es-s390x.pl-add-CFI-annotations-KMA-.patch | 62 -- ...y-pack-add-KMA-code-path-for-aes-gcm.patch | 335 ------ ...es-s390x.pl-add-CFI-annotations-KMA-.patch | 51 - baselibs.conf | 3 - openssl-1.0.1e-add-suse-default-cipher.patch | 36 - ...e-add-test-suse-default-cipher-suite.patch | 27 - openssl-1.1.0i.tar.gz | 3 - openssl-1.1.0i.tar.gz.asc | 11 - openssl-1.1.1-pre9.tar.gz | 3 + openssl-1.1.1-pre9.tar.gz.asc | 11 + openssl-1_1.changes | 56 + openssl-1_1.spec | 123 +-- openssl-CVE-2018-0737-fips.patch | 88 -- openssl-DEFAULT_SUSE_cipher.patch | 65 ++ ..._rsa_keygen_tests_with_small_modulus.patch | 12 - openssl-fips-clearerror.patch | 12 - ...ips-dont-fall-back-to-default-digest.patch | 15 - ...-fips-dont_run_FIPS_module_installed.patch | 16 - openssl-fips-fix-odd-rsakeybits.patch | 14 - openssl-fips-rsagen-d-bits.patch | 39 - openssl-fips-selftests_in_nonfips_mode.patch | 74 -- openssl-fips_disallow_ENGINE_loading.patch | 14 - openssl-no-date.patch | 16 +- openssl-pkgconfig.patch | 12 +- openssl-ppc64-config.patch | 15 +- openssl-pretend_we_are_not_beta.patch | 13 + openssl-rsakeygen-minimum-distance.patch | 47 - openssl-static-deps.patch | 195 ---- openssl-truststore.patch | 8 +- 39 files changed, 204 insertions(+), 3061 deletions(-) delete mode 100644 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch delete mode 100644 0001-Resume-reading-from-randfile-when-interrupted-by-a-s.patch delete mode 100644 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch delete mode 100644 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch delete mode 100644 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch delete mode 100644 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch delete mode 100644 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch delete mode 100644 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch delete mode 100644 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch delete mode 100644 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch delete mode 100644 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch delete mode 100644 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch delete mode 100644 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch delete mode 100644 openssl-1.0.1e-add-suse-default-cipher.patch delete mode 100644 openssl-1.0.1e-add-test-suse-default-cipher-suite.patch delete mode 100644 openssl-1.1.0i.tar.gz delete mode 100644 openssl-1.1.0i.tar.gz.asc create mode 100644 openssl-1.1.1-pre9.tar.gz create mode 100644 openssl-1.1.1-pre9.tar.gz.asc delete mode 100644 openssl-CVE-2018-0737-fips.patch create mode 100644 openssl-DEFAULT_SUSE_cipher.patch delete mode 100644 openssl-disable_rsa_keygen_tests_with_small_modulus.patch delete mode 100644 openssl-fips-clearerror.patch delete mode 100644 openssl-fips-dont-fall-back-to-default-digest.patch delete mode 100644 openssl-fips-dont_run_FIPS_module_installed.patch delete mode 100644 openssl-fips-fix-odd-rsakeybits.patch delete mode 100644 openssl-fips-rsagen-d-bits.patch delete mode 100644 openssl-fips-selftests_in_nonfips_mode.patch delete mode 100644 openssl-fips_disallow_ENGINE_loading.patch create mode 100644 openssl-pretend_we_are_not_beta.patch delete mode 100644 openssl-rsakeygen-minimum-distance.patch delete mode 100644 openssl-static-deps.patch diff --git a/0001-Axe-builtin-printf-implementation-use-glibc-instead.patch b/0001-Axe-builtin-printf-implementation-use-glibc-instead.patch deleted file mode 100644 index 419c9ce..0000000 --- a/0001-Axe-builtin-printf-implementation-use-glibc-instead.patch +++ /dev/null @@ -1,955 +0,0 @@ -From fd708c2242408187cff392e8b0850275ac99376f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= -Date: Sun, 4 May 2014 23:36:54 -0400 -Subject: [PATCH] Axe builtin printf implementation, use glibc instead - - -Index: openssl-1.1.0h/crypto/bio/b_print.c -=================================================================== ---- openssl-1.1.0h.orig/crypto/bio/b_print.c 2018-03-27 15:50:37.000000000 +0200 -+++ openssl-1.1.0h/crypto/bio/b_print.c 2018-03-27 16:31:15.425784205 +0200 -@@ -21,830 +21,6 @@ - * on all source code distributions. - */ - --#ifdef HAVE_LONG_DOUBLE --# define LDOUBLE long double --#else --# define LDOUBLE double --#endif -- --static int fmtstr(char **, char **, size_t *, size_t *, -- const char *, int, int, int); --static int fmtint(char **, char **, size_t *, size_t *, -- int64_t, int, int, int, int); --static int fmtfp(char **, char **, size_t *, size_t *, -- LDOUBLE, int, int, int, int); --static int doapr_outch(char **, char **, size_t *, size_t *, int); --static int _dopr(char **sbuffer, char **buffer, -- size_t *maxlen, size_t *retlen, int *truncated, -- const char *format, va_list args); -- --/* format read states */ --#define DP_S_DEFAULT 0 --#define DP_S_FLAGS 1 --#define DP_S_MIN 2 --#define DP_S_DOT 3 --#define DP_S_MAX 4 --#define DP_S_MOD 5 --#define DP_S_CONV 6 --#define DP_S_DONE 7 -- --/* format flags - Bits */ --/* left-aligned padding */ --#define DP_F_MINUS (1 << 0) --/* print an explicit '+' for a value with positive sign */ --#define DP_F_PLUS (1 << 1) --/* print an explicit ' ' for a value with positive sign */ --#define DP_F_SPACE (1 << 2) --/* print 0/0x prefix for octal/hex and decimal point for floating point */ --#define DP_F_NUM (1 << 3) --/* print leading zeroes */ --#define DP_F_ZERO (1 << 4) --/* print HEX in UPPPERcase */ --#define DP_F_UP (1 << 5) --/* treat value as unsigned */ --#define DP_F_UNSIGNED (1 << 6) -- --/* conversion flags */ --#define DP_C_SHORT 1 --#define DP_C_LONG 2 --#define DP_C_LDOUBLE 3 --#define DP_C_LLONG 4 -- --/* Floating point formats */ --#define F_FORMAT 0 --#define E_FORMAT 1 --#define G_FORMAT 2 -- --/* some handy macros */ --#define char_to_int(p) (p - '0') --#define OSSL_MAX(p,q) ((p >= q) ? p : q) -- --static int --_dopr(char **sbuffer, -- char **buffer, -- size_t *maxlen, -- size_t *retlen, int *truncated, const char *format, va_list args) --{ -- char ch; -- int64_t value; -- LDOUBLE fvalue; -- char *strvalue; -- int min; -- int max; -- int state; -- int flags; -- int cflags; -- size_t currlen; -- -- state = DP_S_DEFAULT; -- flags = currlen = cflags = min = 0; -- max = -1; -- ch = *format++; -- -- while (state != DP_S_DONE) { -- if (ch == '\0' || (buffer == NULL && currlen >= *maxlen)) -- state = DP_S_DONE; -- -- switch (state) { -- case DP_S_DEFAULT: -- if (ch == '%') -- state = DP_S_FLAGS; -- else -- if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch)) -- return 0; -- ch = *format++; -- break; -- case DP_S_FLAGS: -- switch (ch) { -- case '-': -- flags |= DP_F_MINUS; -- ch = *format++; -- break; -- case '+': -- flags |= DP_F_PLUS; -- ch = *format++; -- break; -- case ' ': -- flags |= DP_F_SPACE; -- ch = *format++; -- break; -- case '#': -- flags |= DP_F_NUM; -- ch = *format++; -- break; -- case '0': -- flags |= DP_F_ZERO; -- ch = *format++; -- break; -- default: -- state = DP_S_MIN; -- break; -- } -- break; -- case DP_S_MIN: -- if (isdigit((unsigned char)ch)) { -- min = 10 * min + char_to_int(ch); -- ch = *format++; -- } else if (ch == '*') { -- min = va_arg(args, int); -- ch = *format++; -- state = DP_S_DOT; -- } else -- state = DP_S_DOT; -- break; -- case DP_S_DOT: -- if (ch == '.') { -- state = DP_S_MAX; -- ch = *format++; -- } else -- state = DP_S_MOD; -- break; -- case DP_S_MAX: -- if (isdigit((unsigned char)ch)) { -- if (max < 0) -- max = 0; -- max = 10 * max + char_to_int(ch); -- ch = *format++; -- } else if (ch == '*') { -- max = va_arg(args, int); -- ch = *format++; -- state = DP_S_MOD; -- } else -- state = DP_S_MOD; -- break; -- case DP_S_MOD: -- switch (ch) { -- case 'h': -- cflags = DP_C_SHORT; -- ch = *format++; -- break; -- case 'l': -- if (*format == 'l') { -- cflags = DP_C_LLONG; -- format++; -- } else -- cflags = DP_C_LONG; -- ch = *format++; -- break; -- case 'q': -- cflags = DP_C_LLONG; -- ch = *format++; -- break; -- case 'L': -- cflags = DP_C_LDOUBLE; -- ch = *format++; -- break; -- default: -- break; -- } -- state = DP_S_CONV; -- break; -- case DP_S_CONV: -- switch (ch) { -- case 'd': -- case 'i': -- switch (cflags) { -- case DP_C_SHORT: -- value = (short int)va_arg(args, int); -- break; -- case DP_C_LONG: -- value = va_arg(args, long int); -- break; -- case DP_C_LLONG: -- value = va_arg(args, int64_t); -- break; -- default: -- value = va_arg(args, int); -- break; -- } -- if (!fmtint(sbuffer, buffer, &currlen, maxlen, value, 10, min, -- max, flags)) -- return 0; -- break; -- case 'X': -- flags |= DP_F_UP; -- /* FALLTHROUGH */ -- case 'x': -- case 'o': -- case 'u': -- flags |= DP_F_UNSIGNED; -- switch (cflags) { -- case DP_C_SHORT: -- value = (unsigned short int)va_arg(args, unsigned int); -- break; -- case DP_C_LONG: -- value = va_arg(args, unsigned long int); -- break; -- case DP_C_LLONG: -- value = va_arg(args, uint64_t); -- break; -- default: -- value = va_arg(args, unsigned int); -- break; -- } -- if (!fmtint(sbuffer, buffer, &currlen, maxlen, value, -- ch == 'o' ? 8 : (ch == 'u' ? 10 : 16), -- min, max, flags)) -- return 0; -- break; -- case 'f': -- if (cflags == DP_C_LDOUBLE) -- fvalue = va_arg(args, LDOUBLE); -- else -- fvalue = va_arg(args, double); -- if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max, -- flags, F_FORMAT)) -- return 0; -- break; -- case 'E': -- flags |= DP_F_UP; -- /* fall thru */ -- case 'e': -- if (cflags == DP_C_LDOUBLE) -- fvalue = va_arg(args, LDOUBLE); -- else -- fvalue = va_arg(args, double); -- if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max, -- flags, E_FORMAT)) -- return 0; -- break; -- case 'G': -- flags |= DP_F_UP; -- /* fall thru */ -- case 'g': -- if (cflags == DP_C_LDOUBLE) -- fvalue = va_arg(args, LDOUBLE); -- else -- fvalue = va_arg(args, double); -- if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max, -- flags, G_FORMAT)) -- return 0; -- break; -- case 'c': -- if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, -- va_arg(args, int))) -- return 0; -- break; -- case 's': -- strvalue = va_arg(args, char *); -- if (max < 0) { -- if (buffer) -- max = INT_MAX; -- else -- max = *maxlen; -- } -- if (!fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue, -- flags, min, max)) -- return 0; -- break; -- case 'p': -- value = (size_t)va_arg(args, void *); -- if (!fmtint(sbuffer, buffer, &currlen, maxlen, -- value, 16, min, max, flags | DP_F_NUM)) -- return 0; -- break; -- case 'n': /* XXX */ -- if (cflags == DP_C_SHORT) { -- short int *num; -- num = va_arg(args, short int *); -- *num = currlen; -- } else if (cflags == DP_C_LONG) { /* XXX */ -- long int *num; -- num = va_arg(args, long int *); -- *num = (long int)currlen; -- } else if (cflags == DP_C_LLONG) { /* XXX */ -- int64_t *num; -- num = va_arg(args, int64_t *); -- *num = (int64_t)currlen; -- } else { -- int *num; -- num = va_arg(args, int *); -- *num = currlen; -- } -- break; -- case '%': -- if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch)) -- return 0; -- break; -- case 'w': -- /* not supported yet, treat as next char */ -- ch = *format++; -- break; -- default: -- /* unknown, skip */ -- break; -- } -- ch = *format++; -- state = DP_S_DEFAULT; -- flags = cflags = min = 0; -- max = -1; -- break; -- case DP_S_DONE: -- break; -- default: -- break; -- } -- } -- /* -- * We have to truncate if there is no dynamic buffer and we have filled the -- * static buffer. -- */ -- if (buffer == NULL) { -- *truncated = (currlen > *maxlen - 1); -- if (*truncated) -- currlen = *maxlen - 1; -- } -- if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0')) -- return 0; -- *retlen = currlen - 1; -- return 1; --} -- --static int --fmtstr(char **sbuffer, -- char **buffer, -- size_t *currlen, -- size_t *maxlen, const char *value, int flags, int min, int max) --{ -- int padlen; -- size_t strln; -- int cnt = 0; -- -- if (value == 0) -- value = ""; -- -- strln = OPENSSL_strnlen(value, max < 0 ? SIZE_MAX : (size_t)max); -- -- padlen = min - strln; -- if (min < 0 || padlen < 0) -- padlen = 0; -- if (max >= 0) { -- /* -- * Calculate the maximum output including padding. -- * Make sure max doesn't overflow into negativity -- */ -- if (max < INT_MAX - padlen) -- max += padlen; -- else -- max = INT_MAX; -- } -- if (flags & DP_F_MINUS) -- padlen = -padlen; -- -- while ((padlen > 0) && (max < 0 || cnt < max)) { -- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' ')) -- return 0; -- --padlen; -- ++cnt; -- } -- while (strln > 0 && (max < 0 || cnt < max)) { -- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *value++)) -- return 0; -- --strln; -- ++cnt; -- } -- while ((padlen < 0) && (max < 0 || cnt < max)) { -- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' ')) -- return 0; -- ++padlen; -- ++cnt; -- } -- return 1; --} -- --static int --fmtint(char **sbuffer, -- char **buffer, -- size_t *currlen, -- size_t *maxlen, int64_t value, int base, int min, int max, int flags) --{ -- int signvalue = 0; -- const char *prefix = ""; -- uint64_t uvalue; -- char convert[DECIMAL_SIZE(value) + 3]; -- int place = 0; -- int spadlen = 0; -- int zpadlen = 0; -- int caps = 0; -- -- if (max < 0) -- max = 0; -- uvalue = value; -- if (!(flags & DP_F_UNSIGNED)) { -- if (value < 0) { -- signvalue = '-'; -- uvalue = 0 - (uint64_t)value; -- } else if (flags & DP_F_PLUS) -- signvalue = '+'; -- else if (flags & DP_F_SPACE) -- signvalue = ' '; -- } -- if (flags & DP_F_NUM) { -- if (base == 8) -- prefix = "0"; -- if (base == 16) -- prefix = "0x"; -- } -- if (flags & DP_F_UP) -- caps = 1; -- do { -- convert[place++] = (caps ? "0123456789ABCDEF" : "0123456789abcdef") -- [uvalue % (unsigned)base]; -- uvalue = (uvalue / (unsigned)base); -- } while (uvalue && (place < (int)sizeof(convert))); -- if (place == sizeof(convert)) -- place--; -- convert[place] = 0; -- -- zpadlen = max - place; -- spadlen = -- min - OSSL_MAX(max, place) - (signvalue ? 1 : 0) - strlen(prefix); -- if (zpadlen < 0) -- zpadlen = 0; -- if (spadlen < 0) -- spadlen = 0; -- if (flags & DP_F_ZERO) { -- zpadlen = OSSL_MAX(zpadlen, spadlen); -- spadlen = 0; -- } -- if (flags & DP_F_MINUS) -- spadlen = -spadlen; -- -- /* spaces */ -- while (spadlen > 0) { -- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' ')) -- return 0; -- --spadlen; -- } -- -- /* sign */ -- if (signvalue) -- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue)) -- return 0; -- -- /* prefix */ -- while (*prefix) { -- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix)) -- return 0; -- prefix++; -- } -- -- /* zeros */ -- if (zpadlen > 0) { -- while (zpadlen > 0) { -- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, '0')) -- return 0; -- --zpadlen; -- } -- } -- /* digits */ -- while (place > 0) { -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place])) -- return 0; -- } -- -- /* left justified spaces */ -- while (spadlen < 0) { -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' ')) -- return 0; -- ++spadlen; -- } -- return 1; --} -- --static LDOUBLE abs_val(LDOUBLE value) --{ -- LDOUBLE result = value; -- if (value < 0) -- result = -value; -- return result; --} -- --static LDOUBLE pow_10(int in_exp) --{ -- LDOUBLE result = 1; -- while (in_exp) { -- result *= 10; -- in_exp--; -- } -- return result; --} -- --static long roundv(LDOUBLE value) --{ -- long intpart; -- intpart = (long)value; -- value = value - intpart; -- if (value >= 0.5) -- intpart++; -- return intpart; --} -- --static int --fmtfp(char **sbuffer, -- char **buffer, -- size_t *currlen, -- size_t *maxlen, LDOUBLE fvalue, int min, int max, int flags, int style) --{ -- int signvalue = 0; -- LDOUBLE ufvalue; -- LDOUBLE tmpvalue; -- char iconvert[20]; -- char fconvert[20]; -- char econvert[20]; -- int iplace = 0; -- int fplace = 0; -- int eplace = 0; -- int padlen = 0; -- int zpadlen = 0; -- long exp = 0; -- unsigned long intpart; -- unsigned long fracpart; -- unsigned long max10; -- int realstyle; -- -- if (max < 0) -- max = 6; -- -- if (fvalue < 0) -- signvalue = '-'; -- else if (flags & DP_F_PLUS) -- signvalue = '+'; -- else if (flags & DP_F_SPACE) -- signvalue = ' '; -- -- /* -- * G_FORMAT sometimes prints like E_FORMAT and sometimes like F_FORMAT -- * depending on the number to be printed. Work out which one it is and use -- * that from here on. -- */ -- if (style == G_FORMAT) { -- if (fvalue == 0.0) { -- realstyle = F_FORMAT; -- } else if (fvalue < 0.0001) { -- realstyle = E_FORMAT; -- } else if ((max == 0 && fvalue >= 10) -- || (max > 0 && fvalue >= pow_10(max))) { -- realstyle = E_FORMAT; -- } else { -- realstyle = F_FORMAT; -- } -- } else { -- realstyle = style; -- } -- -- if (style != F_FORMAT) { -- tmpvalue = fvalue; -- /* Calculate the exponent */ -- if (fvalue != 0.0) { -- while (tmpvalue < 1) { -- tmpvalue *= 10; -- exp--; -- } -- while (tmpvalue > 10) { -- tmpvalue /= 10; -- exp++; -- } -- } -- if (style == G_FORMAT) { -- /* -- * In G_FORMAT the "precision" represents significant digits. We -- * always have at least 1 significant digit. -- */ -- if (max == 0) -- max = 1; -- /* Now convert significant digits to decimal places */ -- if (realstyle == F_FORMAT) { -- max -= (exp + 1); -- if (max < 0) { -- /* -- * Should not happen. If we're in F_FORMAT then exp < max? -- */ -- return 0; -- } -- } else { -- /* -- * In E_FORMAT there is always one significant digit in front -- * of the decimal point, so: -- * significant digits == 1 + decimal places -- */ -- max--; -- } -- } -- if (realstyle == E_FORMAT) -- fvalue = tmpvalue; -- } -- ufvalue = abs_val(fvalue); -- if (ufvalue > ULONG_MAX) { -- /* Number too big */ -- return 0; -- } -- intpart = (unsigned long)ufvalue; -- -- /* -- * sorry, we only support 9 digits past the decimal because of our -- * conversion method -- */ -- if (max > 9) -- max = 9; -- -- /* -- * we "cheat" by converting the fractional part to integer by multiplying -- * by a factor of 10 -- */ -- max10 = roundv(pow_10(max)); -- fracpart = roundv(pow_10(max) * (ufvalue - intpart)); -- -- if (fracpart >= max10) { -- intpart++; -- fracpart -= max10; -- } -- -- /* convert integer part */ -- do { -- iconvert[iplace++] = "0123456789"[intpart % 10]; -- intpart = (intpart / 10); -- } while (intpart && (iplace < (int)sizeof(iconvert))); -- if (iplace == sizeof(iconvert)) -- iplace--; -- iconvert[iplace] = 0; -- -- /* convert fractional part */ -- while (fplace < max) { -- if (style == G_FORMAT && fplace == 0 && (fracpart % 10) == 0) { -- /* We strip trailing zeros in G_FORMAT */ -- max--; -- fracpart = fracpart / 10; -- if (fplace < max) -- continue; -- break; -- } -- fconvert[fplace++] = "0123456789"[fracpart % 10]; -- fracpart = (fracpart / 10); -- } -- -- if (fplace == sizeof(fconvert)) -- fplace--; -- fconvert[fplace] = 0; -- -- /* convert exponent part */ -- if (realstyle == E_FORMAT) { -- int tmpexp; -- if (exp < 0) -- tmpexp = -exp; -- else -- tmpexp = exp; -- -- do { -- econvert[eplace++] = "0123456789"[tmpexp % 10]; -- tmpexp = (tmpexp / 10); -- } while (tmpexp > 0 && eplace < (int)sizeof(econvert)); -- /* Exponent is huge!! Too big to print */ -- if (tmpexp > 0) -- return 0; -- /* Add a leading 0 for single digit exponents */ -- if (eplace == 1) -- econvert[eplace++] = '0'; -- } -- -- /* -- * -1 for decimal point (if we have one, i.e. max > 0), -- * another -1 if we are printing a sign -- */ -- padlen = min - iplace - max - (max > 0 ? 1 : 0) - ((signvalue) ? 1 : 0); -- /* Take some off for exponent prefix "+e" and exponent */ -- if (realstyle == E_FORMAT) -- padlen -= 2 + eplace; -- zpadlen = max - fplace; -- if (zpadlen < 0) -- zpadlen = 0; -- if (padlen < 0) -- padlen = 0; -- if (flags & DP_F_MINUS) -- padlen = -padlen; -- -- if ((flags & DP_F_ZERO) && (padlen > 0)) { -- if (signvalue) { -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue)) -- return 0; -- --padlen; -- signvalue = 0; -- } -- while (padlen > 0) { -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0')) -- return 0; -- --padlen; -- } -- } -- while (padlen > 0) { -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' ')) -- return 0; -- --padlen; -- } -- if (signvalue && !doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue)) -- return 0; -- -- while (iplace > 0) { -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace])) -- return 0; -- } -- -- /* -- * Decimal point. This should probably use locale to find the correct -- * char to print out. -- */ -- if (max > 0 || (flags & DP_F_NUM)) { -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '.')) -- return 0; -- -- while (fplace > 0) { -- if(!doapr_outch(sbuffer, buffer, currlen, maxlen, -- fconvert[--fplace])) -- return 0; -- } -- } -- while (zpadlen > 0) { -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0')) -- return 0; -- --zpadlen; -- } -- if (realstyle == E_FORMAT) { -- char ech; -- -- if ((flags & DP_F_UP) == 0) -- ech = 'e'; -- else -- ech = 'E'; -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ech)) -- return 0; -- if (exp < 0) { -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '-')) -- return 0; -- } else { -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '+')) -- return 0; -- } -- while (eplace > 0) { -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, -- econvert[--eplace])) -- return 0; -- } -- } -- -- while (padlen < 0) { -- if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' ')) -- return 0; -- ++padlen; -- } -- return 1; --} -- --#define BUFFER_INC 1024 -- --static int --doapr_outch(char **sbuffer, -- char **buffer, size_t *currlen, size_t *maxlen, int c) --{ -- /* If we haven't at least one buffer, someone has doe a big booboo */ -- OPENSSL_assert(*sbuffer != NULL || buffer != NULL); -- -- /* |currlen| must always be <= |*maxlen| */ -- OPENSSL_assert(*currlen <= *maxlen); -- -- if (buffer && *currlen == *maxlen) { -- if (*maxlen > INT_MAX - BUFFER_INC) -- return 0; -- -- *maxlen += BUFFER_INC; -- if (*buffer == NULL) { -- *buffer = OPENSSL_malloc(*maxlen); -- if (*buffer == NULL) -- return 0; -- if (*currlen > 0) { -- OPENSSL_assert(*sbuffer != NULL); -- memcpy(*buffer, *sbuffer, *currlen); -- } -- *sbuffer = NULL; -- } else { -- char *tmpbuf; -- tmpbuf = OPENSSL_realloc(*buffer, *maxlen); -- if (tmpbuf == NULL) -- return 0; -- *buffer = tmpbuf; -- } -- } -- -- if (*currlen < *maxlen) { -- if (*sbuffer) -- (*sbuffer)[(*currlen)++] = (char)c; -- else -- (*buffer)[(*currlen)++] = (char)c; -- } -- -- return 1; --} -- --/***************************************************************************/ - - int BIO_printf(BIO *bio, const char *format, ...) - { -@@ -859,30 +35,36 @@ int BIO_printf(BIO *bio, const char *for - return (ret); - } - -+static ssize_t cookie_BIO_write(void *cookie, const char *buf, size_t size) -+{ -+ int ret; -+ ret = BIO_write(cookie, buf, size); -+ /* BIO_write may return negative value on error, -+ * but we must return 0 on that case -+ */ -+ return (ret < 0) ? 0 : ret; -+} -+ - int BIO_vprintf(BIO *bio, const char *format, va_list args) - { -+ FILE *fp; - int ret; -- size_t retlen; -- char hugebuf[1024 * 2]; /* Was previously 10k, which is unreasonable -- * in small-stack environments, like threads -- * or DOS programs. */ -- char *hugebufp = hugebuf; -- size_t hugebufsize = sizeof(hugebuf); -- char *dynbuf = NULL; -- int ignored; -- -- dynbuf = NULL; -- if (!_dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format, -- args)) { -- OPENSSL_free(dynbuf); -- return -1; -- } -- if (dynbuf) { -- ret = BIO_write(bio, dynbuf, (int)retlen); -- OPENSSL_free(dynbuf); -- } else { -- ret = BIO_write(bio, hugebuf, (int)retlen); -- } -+ -+ cookie_io_functions_t bio_funcs = { -+ .read = NULL, -+ .write = cookie_BIO_write, -+ .seek = NULL, -+ .close = NULL, -+ }; -+ -+ fp = fopencookie(bio, "w", bio_funcs); -+ -+ if (fp == NULL) -+ return -1; -+ -+ ret = vfprintf(fp, format, args); -+ -+ fclose(fp); - return (ret); - } - -@@ -898,29 +80,21 @@ int BIO_snprintf(char *buf, size_t n, co - int ret; - - va_start(args, format); -+ ret = vsnprintf(buf, n, format, args); -+ va_end(args); - -- ret = BIO_vsnprintf(buf, n, format, args); -+ if (ret >= n || ret == -1) return (-1); - -- va_end(args); - return (ret); - } - - int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) - { -- size_t retlen; -- int truncated; -+ int ret; -+ ret = vsnprintf(buf, n, format, args); - -- if(!_dopr(&buf, NULL, &n, &retlen, &truncated, format, args)) -- return -1; -+ if (ret >= n || ret == -1) -+ return (-1); - -- if (truncated) -- /* -- * In case of truncation, return -1 like traditional snprintf. -- * (Current drafts for ISO/IEC 9899 say snprintf should return the -- * number of characters that would have been written, had the buffer -- * been large enough.) -- */ -- return -1; -- else -- return (retlen <= INT_MAX) ? (int)retlen : -1; -+ return (ret); - } -Index: openssl-1.1.0h/test/bioprinttest.c -=================================================================== ---- openssl-1.1.0h.orig/test/bioprinttest.c 2018-03-27 15:50:40.000000000 +0200 -+++ openssl-1.1.0h/test/bioprinttest.c 2018-03-27 16:30:23.096947435 +0200 -@@ -200,13 +200,6 @@ int main(int argc, char **argv) - dofptest(test++, 66666.0 + frac, width, prec, &fail); - } - -- /* Test excessively big number. Should fail */ -- if (BIO_snprintf(buf, sizeof(buf), "%f\n", 2 * (double)ULONG_MAX) != -1) { -- printf("Test %d failed. Unexpected success return from " -- "BIO_snprintf()\n", test); -- fail = 1; -- } -- - #ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - return 1; diff --git a/0001-Resume-reading-from-randfile-when-interrupted-by-a-s.patch b/0001-Resume-reading-from-randfile-when-interrupted-by-a-s.patch deleted file mode 100644 index e1c25fe..0000000 --- a/0001-Resume-reading-from-randfile-when-interrupted-by-a-s.patch +++ /dev/null @@ -1,49 +0,0 @@ -From c5ac41de1511f898301c298b2b28d05372cba817 Mon Sep 17 00:00:00 2001 -From: Vitezslav Cizek -Date: Thu, 8 Dec 2016 13:10:33 +0100 -Subject: [PATCH] Resume reading from randfile when interrupted by a signal. - -It was regularly observed with openssh: -sshd: fatal: cannot read from /dev/urandom, Interrupted system call ---- - crypto/rand/randfile.c | 15 ++++++++++++++- - 1 file changed, 14 insertions(+), 1 deletion(-) - -diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c -index c96383a..6e39e86 100644 ---- a/crypto/rand/randfile.c -+++ b/crypto/rand/randfile.c -@@ -104,6 +104,12 @@ static __FILE_ptr32 (*const vms_fopen)(const char *, const char *, ...) = - - #define RFILE ".rnd" - -+#ifdef EINTR -+# define INTERRUPTED(in) (ferror(in) && errno == EINTR) -+#else -+# define INTERRUPTED (0) -+#endif -+ - /* - * Note that these functions are intended for seed files only. Entropy - * devices and EGD sockets are handled in rand_unix.c -@@ -162,9 +168,16 @@ int RAND_load_file(const char *file, long bytes) - n = (bytes < BUFSIZE) ? (int)bytes : BUFSIZE; - else - n = BUFSIZE; -+ - i = fread(buf, 1, n, in); -- if (i <= 0) -+ if (i <= 0) { -+ if (INTERRUPTED(in)) { -+ /* Interrupted by a signal, resume reading */ -+ clearerr(in); -+ continue; -+ } - break; -+ } - - RAND_add(buf, i, (double)i); - ret += i; --- -2.10.2 - diff --git a/0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch b/0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch deleted file mode 100644 index 6c97a7e..0000000 --- a/0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 7b46a0ed5938e28d974757db44cc9d299ad5cb4e Mon Sep 17 00:00:00 2001 -From: Patrick Steuer -Date: Thu, 23 Feb 2017 14:03:39 +0100 -Subject: [PATCH 02/44] crypto/modes/asm/ghash-s390x.pl: fix gcm_gmult_4bit - KIMD code path. - -gcm_gmult_4bit KIMD code path assumed that that Xi is processed. -However, with iv lengths not equal to 12, the function is also used to process -Yi, resulting in wrong ghash computation. - -Signed-off-by: Patrick Steuer ---- - crypto/modes/asm/ghash-s390x.pl | 11 ++++++++++- - 1 file changed, 10 insertions(+), 1 deletion(-) - -diff --git a/crypto/modes/asm/ghash-s390x.pl b/crypto/modes/asm/ghash-s390x.pl -index f8b038c708..6dbb8232d6 100644 ---- a/crypto/modes/asm/ghash-s390x.pl -+++ b/crypto/modes/asm/ghash-s390x.pl -@@ -95,14 +95,23 @@ $code.=<<___ if(!$softonly && 0); # hardware is slow for single block... - lg %r1,24(%r1) # load second word of kimd capabilities vector - tmhh %r1,0x4000 # check for function 65 - jz .Lsoft_gmult -+ lghi %r1,-16 - stg %r0,16($sp) # arrange 16 bytes of zero input - stg %r0,24($sp) -+ la $Htbl,0(%r1,$Htbl) # H lies right before Htable -+ - lghi %r0,65 # function 65 -- la %r1,0($Xi) # H lies right after Xi in gcm128_context -+ la %r1,32($sp) -+ mvc 32(16,$sp),0($Xi) # copy Xi/Yi -+ mvc 48(16,$sp),0($Htbl) # copy H - la $inp,16($sp) - lghi $len,16 - .long 0xb93e0004 # kimd %r0,$inp - brc 1,.-4 # pay attention to "partial completion" -+ -+ mvc 0(16,$Xi),32($sp) -+ xc 32(32,$sp),32($sp) # wipe stack -+ - br %r14 - .align 32 - .Lsoft_gmult: --- -2.13.6 - diff --git a/0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch b/0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch deleted file mode 100644 index 786956a..0000000 --- a/0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch +++ /dev/null @@ -1,112 +0,0 @@ -From 3e1c11dd482dd4626989bb6d84fc708d9bb95219 Mon Sep 17 00:00:00 2001 -From: Patrick Steuer -Date: Mon, 30 Jan 2017 17:37:54 +0100 -Subject: [PATCH 04/44] s390x assembly pack: add OPENSSL_s390xcap environment - variable. - -The OPENSSL_s390xcap environment variable is used to set bits in the s390x -capability vector to zero. This simplifies testing of different code paths. - -Signed-off-by: Patrick Steuer ---- - crypto/s390x_arch.h | 28 ++++++++++++++++++++++++++++ - crypto/s390xcap.c | 33 +++++++++++++++++++++++++++++---- - 2 files changed, 57 insertions(+), 4 deletions(-) - create mode 100644 crypto/s390x_arch.h - -Index: openssl-1.1.0g/crypto/s390x_arch.h -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssl-1.1.0g/crypto/s390x_arch.h 2018-01-10 15:26:40.291112320 +0100 -@@ -0,0 +1,28 @@ -+/* -+ * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the OpenSSL license (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#ifndef S390X_ARCH_H -+# define S390X_ARCH_H -+ -+# include -+ -+/* -+ * The elements of OPENSSL_s390xcap_P are the doublewords returned by the STFLE -+ * instruction followed by the doubleword pairs returned by instructions' QUERY -+ * functions. If STFLE returns fewer doublewords or an instruction is not -+ * supported, the corresponding element is zero. The order is as follows: -+ * -+ * STFLE:STFLE.KIMD:KIMD:KM:KM:KMC:KMC:KMCTR:KMCTR -+ */ -+# define S390X_STFLE_DWORDS 2 -+# define S390X_QUERY_DWORDS 8 -+# define S390X_CAP_DWORDS (S390X_STFLE_DWORDS + S390X_QUERY_DWORDS) -+extern unsigned long long OPENSSL_s390xcap_P[]; -+ -+#endif -Index: openssl-1.1.0g/crypto/s390xcap.c -=================================================================== ---- openssl-1.1.0g.orig/crypto/s390xcap.c 2017-11-02 15:29:03.000000000 +0100 -+++ openssl-1.1.0g/crypto/s390xcap.c 2018-01-10 15:27:42.988113439 +0100 -@@ -14,6 +14,7 @@ - #include - - unsigned long long OPENSSL_s390xcap_P[10]; -+#include "s390x_arch.h" - - static sigjmp_buf ill_jmp; - static void ill_handler(int sig) -@@ -21,17 +22,21 @@ static void ill_handler(int sig) - siglongjmp(ill_jmp, sig); - } - --unsigned long OPENSSL_s390x_facilities(void); -+void OPENSSL_s390x_facilities(void); - - void OPENSSL_cpuid_setup(void) - { - sigset_t oset; - struct sigaction ill_act, oact; -+ uint64_t vec; -+ char *env; -+ int off; -+ int i; - - if (OPENSSL_s390xcap_P[0]) - return; - -- OPENSSL_s390xcap_P[0] = 1UL << (8 * sizeof(unsigned long) - 1); -+ OPENSSL_s390xcap_P[0] = 1ULL << (8 * sizeof(uint64_t) - 1); - - memset(&ill_act, 0, sizeof(ill_act)); - ill_act.sa_handler = ill_handler; -@@ -47,4 +52,26 @@ void OPENSSL_cpuid_setup(void) - - sigaction(SIGILL, &oact, NULL); - sigprocmask(SIG_SETMASK, &oset, NULL); -+ -+ if ((env = getenv("OPENSSL_s390xcap")) != NULL) { -+ for (i = 0; i < S390X_CAP_DWORDS; i++) { -+ off = (env[0] == '~') ? 1 : 0; -+ -+ if (sscanf(env + off, "%llx", (unsigned long long *)&vec) == 1) -+ OPENSSL_s390xcap_P[i] &= off ? ~vec : vec; -+ -+ if (i == S390X_STFLE_DWORDS - 1) -+ env = strchr(env, '.'); -+ else -+ env = strpbrk(env, ":."); -+ -+ if (env == NULL) -+ break; -+ -+ if (env[0] == '.') -+ i = S390X_STFLE_DWORDS - 1; -+ -+ env++; -+ } -+ } - } diff --git a/0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch b/0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch deleted file mode 100644 index 2e4b713..0000000 --- a/0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch +++ /dev/null @@ -1,114 +0,0 @@ -From 79310b18d90badd58595cf2fff40591ad76c301a Mon Sep 17 00:00:00 2001 -From: Patrick Steuer -Date: Tue, 31 Jan 2017 12:43:35 +0100 -Subject: [PATCH 05/44] s390x assembly pack: add OPENSSL_s390xcap man page. - -Signed-off-by: Patrick Steuer ---- - doc/man3/OPENSSL_s390xcap.pod | 94 +++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 94 insertions(+) - create mode 100644 doc/man3/OPENSSL_s390xcap.pod - -diff --git a/doc/man3/OPENSSL_s390xcap.pod b/doc/man3/OPENSSL_s390xcap.pod -new file mode 100644 -index 0000000000..de56c7cf55 ---- /dev/null -+++ b/doc/man3/OPENSSL_s390xcap.pod -@@ -0,0 +1,94 @@ -+=pod -+ -+=head1 NAME -+ -+OPENSSL_s390xcap - the z processor capabilities vector -+ -+=head1 SYNOPSIS -+ -+ env OPENSSL_s390xcap=... -+ -+=head1 DESCRIPTION -+ -+libcrypto supports z architecture instruction set extensions. These -+extensions are denoted by individual bits in the capability vector. -+When libcrypto is initialized, the bits returned by the STFLE instruction -+and by the QUERY functions are stored in the vector. -+ -+The OPENSSL_s390xcap environment variable can be set before starting an -+application to affect capability detection. It is specified by a -+colon-separated list of 64-bit values in hexadecimal notation, the 0x -+prefix being optional. The ~ prefix means bitwise NOT and a point -+indicates the end of the STFLE bits respectively the beginning of the -+QUERY bits. -+ -+After initialization, the capability vector is ANDed bitwise with the -+corresponding parts of the environment variable. -+ -+The following bits are significant: -+ -+. -+ -+=over -+ -+=item #60 KIMD-SHA-512 -+ -+=item #61 KIMD-SHA-256 -+ -+=item #62 KIMD-SHA-1 -+ -+=back -+ -+: -+ -+=over -+ -+=item #62 KIMD-GHASH -+ -+=back -+ -+: -+ -+=over -+ -+=item #11 KM-XTS-AES-256 -+ -+=item #13 KM-XTS-AES-128 -+ -+=item #43 KM-AES-256 -+ -+=item #44 KM-AES-192 -+ -+=item #45 KM-AES-128 -+ -+=back -+ -+: -+: -+ -+=over -+ -+=item #43 KMC-AES-256 -+ -+=item #44 KMC-AES-192 -+ -+=item #45 KMC-AES-128 -+ -+=back -+ -+=head1 EXAMPLES -+ -+OPENSSL_s390xcap=.0:0 disables KIMD. -+ -+OPENSSL_s390xcap=.::~0x2800 disables KM-XTS-AES. -+ -+=head1 COPYRIGHT -+ -+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. -+ -+Licensed under the OpenSSL license (the "License"). You may not use -+this file except in compliance with the License. You can obtain a copy -+in the file LICENSE in the source distribution or at -+L. -+ -+=cut --- -2.13.6 - diff --git a/0006-s390x-assembly-pack-extended-s390x-capability-vector.patch b/0006-s390x-assembly-pack-extended-s390x-capability-vector.patch deleted file mode 100644 index 58301e0..0000000 --- a/0006-s390x-assembly-pack-extended-s390x-capability-vector.patch +++ /dev/null @@ -1,220 +0,0 @@ -From 9c59438dadc2b8026c058deb0759da78de1bb7ba Mon Sep 17 00:00:00 2001 -From: Patrick Steuer -Date: Fri, 10 Feb 2017 19:43:08 +0100 -Subject: [PATCH 06/44] s390x assembly pack: extended s390x capability vector - (STFLE). - -Extended the s390x capability vector to store the longer facility list -available from z13 onwards. The bits indicating the vector extensions -are set to zero, if the kernel does not enable the vector facility. - -Signed-off-by: Patrick Steuer ---- - crypto/aes/asm/aes-s390x.pl | 10 +++++----- - crypto/modes/asm/ghash-s390x.pl | 4 ++-- - crypto/s390x_arch.h | 9 +++++++-- - crypto/s390xcap.c | 31 +++++++++++++++++++++++++++++++ - crypto/s390xcpuid.S | 14 +++++++++----- - crypto/sha/asm/sha1-s390x.pl | 4 ++-- - crypto/sha/asm/sha512-s390x.pl | 4 ++-- - 7 files changed, 58 insertions(+), 18 deletions(-) - -Index: openssl-1.1.0g/crypto/aes/asm/aes-s390x.pl -=================================================================== ---- openssl-1.1.0g.orig/crypto/aes/asm/aes-s390x.pl 2018-01-10 17:13:05.962202226 +0100 -+++ openssl-1.1.0g/crypto/aes/asm/aes-s390x.pl 2018-01-10 17:22:31.466891754 +0100 -@@ -823,8 +823,8 @@ $code.=<<___ if (!$softonly); - larl %r1,OPENSSL_s390xcap_P - llihh %r0,0x8000 - srlg %r0,%r0,0(%r5) -- ng %r0,32(%r1) # check availability of both km... -- ng %r0,48(%r1) # ...and kmc support for given key length -+ ng %r0,40(%r1) # check availability of both km... -+ ng %r0,56(%r1) # ...and kmc support for given key length - jz .Lekey_internal - - lmg %r0,%r1,0($inp) # just copy 128 bits... -@@ -1442,7 +1442,7 @@ $code.=<<___ if (!$softonly && 0);# kmct - larl %r1,OPENSSL_s390xcap_P - llihh %r0,0x8000 # check if kmctr supports the function code - srlg %r0,%r0,0($s0) -- ng %r0,64(%r1) # check kmctr capability vector -+ ng %r0,72(%r1) # check kmctr capability vector - lgr %r0,$s0 - lgr %r1,$s1 - jz .Lctr32_km_loop -@@ -1592,7 +1592,7 @@ $code.=<<___ if(1); - larl %r1,OPENSSL_s390xcap_P - llihh %r0,0x8000 - srlg %r0,%r0,32($s1) # check for 32+function code -- ng %r0,32(%r1) # check km capability vector -+ ng %r0,40(%r1) # check km capability vector - lgr %r0,$s0 # restore the function code - la %r1,0($key1) # restore $key1 - jz .Lxts_km_vanilla -Index: openssl-1.1.0g/crypto/modes/asm/ghash-s390x.pl -=================================================================== ---- openssl-1.1.0g.orig/crypto/modes/asm/ghash-s390x.pl 2018-01-10 17:13:05.962202226 +0100 -+++ openssl-1.1.0g/crypto/modes/asm/ghash-s390x.pl 2018-01-10 17:13:07.430224756 +0100 -@@ -89,7 +89,7 @@ ___ - $code.=<<___ if(!$softonly && 0); # hardware is slow for single block... - larl %r1,OPENSSL_s390xcap_P - lghi %r0,0 -- lg %r1,24(%r1) # load second word of kimd capabilities vector -+ lg %r1,32(%r1) # load second word of kimd capabilities vector - tmhh %r1,0x4000 # check for function 65 - jz .Lsoft_gmult - lghi %r1,-16 -@@ -132,7 +132,7 @@ gcm_ghash_4bit: - ___ - $code.=<<___ if(!$softonly); - larl %r1,OPENSSL_s390xcap_P -- lg %r0,24(%r1) # load second word of kimd capabilities vector -+ lg %r0,32(%r1) # load second word of kimd capabilities vector - tmhh %r0,0x4000 # check for function 65 - jz .Lsoft_ghash - lghi %r0,65 # function 65 -Index: openssl-1.1.0g/crypto/s390x_arch.h -=================================================================== ---- openssl-1.1.0g.orig/crypto/s390x_arch.h 2018-01-10 17:13:05.962202226 +0100 -+++ openssl-1.1.0g/crypto/s390x_arch.h 2018-01-10 17:13:07.430224756 +0100 -@@ -18,11 +18,16 @@ - * functions. If STFLE returns fewer doublewords or an instruction is not - * supported, the corresponding element is zero. The order is as follows: - * -- * STFLE:STFLE.KIMD:KIMD:KM:KM:KMC:KMC:KMCTR:KMCTR -+ * STFLE:STFLE:STFLE.KIMD:KIMD:KM:KM:KMC:KMC:KMCTR:KMCTR - */ --# define S390X_STFLE_DWORDS 2 -+# define S390X_STFLE_DWORDS 3 - # define S390X_QUERY_DWORDS 8 - # define S390X_CAP_DWORDS (S390X_STFLE_DWORDS + S390X_QUERY_DWORDS) - extern unsigned long long OPENSSL_s390xcap_P[]; - -+/* OPENSSL_s390xcap_P[2] flags */ -+# define S390X_STFLE_VXE (1ULL << 56) -+# define S390X_STFLE_VXD (1ULL << 57) -+# define S390X_STFLE_VX (1ULL << 62) -+ - #endif -Index: openssl-1.1.0g/crypto/s390xcap.c -=================================================================== ---- openssl-1.1.0g.orig/crypto/s390xcap.c 2018-01-10 17:13:05.962202226 +0100 -+++ openssl-1.1.0g/crypto/s390xcap.c 2018-01-10 17:13:07.430224756 +0100 -@@ -22,6 +22,31 @@ static void ill_handler(int sig) - siglongjmp(ill_jmp, sig); - } - -+/*- -+ * os-specific function to check if "vector enablement control"-bit and -+ * "AFP register control"-bit in control register 0 are set. -+ */ -+static int vx_enabled(void) -+{ -+#if defined(OPENSSL_SYS_LINUX) -+ FILE *fd; -+ char buf[4096]; -+ -+ if ((fd = fopen("/proc/cpuinfo", "r")) == NULL) -+ return 0; -+ -+ buf[0] = '\0'; -+ -+ while ((fgets(buf, sizeof(buf), fd) != NULL) -+ && (strstr(buf, "features") != buf)); -+ -+ fclose(fd); -+ return (strstr(buf, " vx ") != NULL) ? 1 : 0; -+#else -+ return 0; -+#endif -+} -+ - void OPENSSL_s390x_facilities(void); - - void OPENSSL_cpuid_setup(void) -@@ -53,6 +78,12 @@ void OPENSSL_cpuid_setup(void) - sigaction(SIGILL, &oact, NULL); - sigprocmask(SIG_SETMASK, &oset, NULL); - -+ /* protection against disabled vector facility */ -+ if (!vx_enabled()) { -+ OPENSSL_s390xcap_P[2] &= ~(S390X_STFLE_VXE | S390X_STFLE_VXD | -+ S390X_STFLE_VX); -+ } -+ - if ((env = getenv("OPENSSL_s390xcap")) != NULL) { - for (i = 0; i < S390X_CAP_DWORDS; i++) { - off = (env[0] == '~') ? 1 : 0; -Index: openssl-1.1.0g/crypto/s390xcpuid.S -=================================================================== ---- openssl-1.1.0g.orig/crypto/s390xcpuid.S 2018-01-10 17:13:05.962202226 +0100 -+++ openssl-1.1.0g/crypto/s390xcpuid.S 2018-01-10 17:13:07.430224756 +0100 -@@ -21,33 +21,37 @@ OPENSSL_s390x_facilities: - stg %r0,56(%r4) - stg %r0,64(%r4) - stg %r0,72(%r4) -+ stg %r0,80(%r4) - - .long 0xb2b04000 # stfle 0(%r4) - brc 8,.Ldone - lghi %r0,1 - .long 0xb2b04000 # stfle 0(%r4) -+ brc 8,.Ldone -+ lghi %r0,2 -+ .long 0xb2b04000 # stfle 0(%r4) - .Ldone: - lmg %r2,%r3,0(%r4) - tmhl %r2,0x4000 # check for message-security-assist - jz .Lret - - lghi %r0,0 # query kimd capabilities -- la %r1,16(%r4) -+ la %r1,24(%r4) - .long 0xb93e0002 # kimd %r0,%r2 - - lghi %r0,0 # query km capability vector -- la %r1,32(%r4) -+ la %r1,40(%r4) - .long 0xb92e0042 # km %r4,%r2 - - lghi %r0,0 # query kmc capability vector -- la %r1,48(%r4) -+ la %r1,56(%r4) - .long 0xb92f0042 # kmc %r4,%r2 - - tmhh %r3,0x0004 # check for message-security-assist-4 - jz .Lret - - lghi %r0,0 # query kmctr capability vector -- la %r1,64(%r4) -+ la %r1,72(%r4) - .long 0xb92d2042 # kmctr %r4,%r2,%r2 - - .Lret: -Index: openssl-1.1.0g/crypto/sha/asm/sha1-s390x.pl -=================================================================== ---- openssl-1.1.0g.orig/crypto/sha/asm/sha1-s390x.pl 2018-01-10 17:13:05.962202226 +0100 -+++ openssl-1.1.0g/crypto/sha/asm/sha1-s390x.pl 2018-01-10 17:13:07.430224756 +0100 -@@ -172,7 +172,7 @@ sha1_block_data_order: - ___ - $code.=<<___ if ($kimdfunc); - larl %r1,OPENSSL_s390xcap_P -- lg %r0,16(%r1) # check kimd capabilities -+ lg %r0,24(%r1) # check kimd capabilities - tmhh %r0,`0x8000>>$kimdfunc` - jz .Lsoftware - lghi %r0,$kimdfunc -Index: openssl-1.1.0g/crypto/sha/asm/sha512-s390x.pl -=================================================================== ---- openssl-1.1.0g.orig/crypto/sha/asm/sha512-s390x.pl 2018-01-10 17:13:05.962202226 +0100 -+++ openssl-1.1.0g/crypto/sha/asm/sha512-s390x.pl 2018-01-10 17:13:07.430224756 +0100 -@@ -244,7 +244,7 @@ $Func: - ___ - $code.=<<___ if ($kimdfunc); - larl %r1,OPENSSL_s390xcap_P -- lg %r0,16(%r1) # check kimd capabilities -+ lg %r0,24(%r1) # check kimd capabilities - tmhh %r0,`0x8000>>$kimdfunc` - jz .Lsoftware - lghi %r0,$kimdfunc diff --git a/0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch b/0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch deleted file mode 100644 index 4f1e99b..0000000 --- a/0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch +++ /dev/null @@ -1,220 +0,0 @@ -From 29039576b1512a3508d40929dad605cefe806186 Mon Sep 17 00:00:00 2001 -From: Patrick Steuer -Date: Thu, 16 Feb 2017 09:05:28 +0100 -Subject: [PATCH 07/44] crypto/evp/e_aes.c: add foundations for extended s390x - support. - -Signed-off-by: Patrick Steuer ---- - crypto/evp/e_aes.c | 175 ++++++++++++++++++++++++++++++++++++++++++++++++++++ - crypto/s390x_arch.h | 10 +++ - 2 files changed, 185 insertions(+) - -diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c -index 802b1d814d..d5932e1c64 100644 ---- a/crypto/evp/e_aes.c -+++ b/crypto/evp/e_aes.c -@@ -950,6 +950,181 @@ static const EVP_CIPHER aes_##keylen##_##mode = { \ - const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \ - { return SPARC_AES_CAPABLE?&aes_t4_##keylen##_##mode:&aes_##keylen##_##mode; } - -+#elif defined(OPENSSL_CPUID_OBJ) && defined(__s390__) && !defined(AES_SOFTONLY) -+/* -+ * IBM S390X support -+ */ -+# include "s390x_arch.h" -+ -+/*- -+ * If KM and KMC support the function code, AES_KEY structure holds -+ * key/function code (instead of key schedule/number of rounds). -+ */ -+# define S390X_AES_FC (((AES_KEY *)(key))->rounds) -+ -+# define S390X_aes_128_CAPABLE ((OPENSSL_s390xcap_P[5]&S390X_KM_AES_128)&&\ -+ (OPENSSL_s390xcap_P[7]&S390X_KMC_AES_128)) -+# define S390X_aes_192_CAPABLE ((OPENSSL_s390xcap_P[5]&S390X_KM_AES_192)&&\ -+ (OPENSSL_s390xcap_P[7]&S390X_KMC_AES_192)) -+# define S390X_aes_256_CAPABLE ((OPENSSL_s390xcap_P[5]&S390X_KM_AES_256)&&\ -+ (OPENSSL_s390xcap_P[7]&S390X_KMC_AES_256)) -+ -+# define s390x_aes_init_key aes_init_key -+static int s390x_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, -+ const unsigned char *iv, int enc); -+ -+# define S390X_aes_128_cbc_CAPABLE 1 /* checked by callee */ -+# define S390X_aes_192_cbc_CAPABLE 1 -+# define S390X_aes_256_cbc_CAPABLE 1 -+ -+# define s390x_aes_cbc_cipher aes_cbc_cipher -+static int s390x_aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len); -+ -+# define S390X_aes_128_ecb_CAPABLE 0 -+# define S390X_aes_192_ecb_CAPABLE 0 -+# define S390X_aes_256_ecb_CAPABLE 0 -+ -+# define s390x_aes_ecb_cipher aes_ecb_cipher -+static int s390x_aes_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len); -+ -+# define S390X_aes_128_ofb_CAPABLE 0 -+# define S390X_aes_192_ofb_CAPABLE 0 -+# define S390X_aes_256_ofb_CAPABLE 0 -+ -+# define s390x_aes_ofb_cipher aes_ofb_cipher -+static int s390x_aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len); -+ -+# define S390X_aes_128_cfb_CAPABLE 0 -+# define S390X_aes_192_cfb_CAPABLE 0 -+# define S390X_aes_256_cfb_CAPABLE 0 -+ -+# define s390x_aes_cfb_cipher aes_cfb_cipher -+static int s390x_aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len); -+ -+# define S390X_aes_128_cfb8_CAPABLE 0 -+# define S390X_aes_192_cfb8_CAPABLE 0 -+# define S390X_aes_256_cfb8_CAPABLE 0 -+ -+# define s390x_aes_cfb8_cipher aes_cfb8_cipher -+static int s390x_aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len); -+ -+# define S390X_aes_128_cfb1_CAPABLE 0 -+# define S390X_aes_192_cfb1_CAPABLE 0 -+# define S390X_aes_256_cfb1_CAPABLE 0 -+ -+# define s390x_aes_cfb1_cipher aes_cfb1_cipher -+static int s390x_aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len); -+ -+# define S390X_aes_128_ctr_CAPABLE 1 /* checked by callee */ -+# define S390X_aes_192_ctr_CAPABLE 1 -+# define S390X_aes_256_ctr_CAPABLE 1 -+ -+# define s390x_aes_ctr_cipher aes_ctr_cipher -+static int s390x_aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len); -+ -+# define S390X_aes_128_gcm_CAPABLE 0 -+# define S390X_aes_192_gcm_CAPABLE 0 -+# define S390X_aes_256_gcm_CAPABLE 0 -+ -+# define s390x_aes_gcm_init_key aes_gcm_init_key -+static int s390x_aes_gcm_init_key(EVP_CIPHER_CTX *ctx, -+ const unsigned char *key, -+ const unsigned char *iv, int enc); -+ -+# define s390x_aes_gcm_cipher aes_gcm_cipher -+static int s390x_aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len); -+ -+# define S390X_aes_128_xts_CAPABLE 1 /* checked by callee */ -+# define S390X_aes_256_xts_CAPABLE 1 -+ -+# define s390x_aes_xts_init_key aes_xts_init_key -+static int s390x_aes_xts_init_key(EVP_CIPHER_CTX *ctx, -+ const unsigned char *key, -+ const unsigned char *iv, int enc); -+ -+# define s390x_aes_xts_cipher aes_xts_cipher -+static int s390x_aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len); -+ -+# define S390X_aes_128_ccm_CAPABLE 0 -+# define S390X_aes_192_ccm_CAPABLE 0 -+# define S390X_aes_256_ccm_CAPABLE 0 -+ -+# define s390x_aes_ccm_init_key aes_ccm_init_key -+static int s390x_aes_ccm_init_key(EVP_CIPHER_CTX *ctx, -+ const unsigned char *key, -+ const unsigned char *iv, int enc); -+ -+# define s390x_aes_ccm_cipher aes_ccm_cipher -+static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len); -+ -+# ifndef OPENSSL_NO_OCB -+# define S390X_aes_128_ocb_CAPABLE 0 -+# define S390X_aes_192_ocb_CAPABLE 0 -+# define S390X_aes_256_ocb_CAPABLE 0 -+ -+# define s390x_aes_ocb_init_key aes_ocb_init_key -+static int s390x_aes_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, -+ const unsigned char *iv, int enc); -+# define s390x_aes_ocb_cipher aes_ocb_cipher -+static int s390x_aes_ocb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len); -+# endif -+ -+# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ -+static const EVP_CIPHER s390x_aes_##keylen##_##mode = { \ -+ nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \ -+ flags|EVP_CIPH_##MODE##_MODE, \ -+ s390x_aes_init_key, \ -+ s390x_aes_##mode##_cipher, \ -+ NULL, \ -+ sizeof(EVP_AES_KEY), \ -+ NULL,NULL,NULL,NULL }; \ -+static const EVP_CIPHER aes_##keylen##_##mode = { \ -+ nid##_##keylen##_##nmode,blocksize, \ -+ keylen/8,ivlen, \ -+ flags|EVP_CIPH_##MODE##_MODE, \ -+ aes_init_key, \ -+ aes_##mode##_cipher, \ -+ NULL, \ -+ sizeof(EVP_AES_KEY), \ -+ NULL,NULL,NULL,NULL }; \ -+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \ -+{ return S390X_aes_##keylen##_##mode##_CAPABLE?&s390x_aes_##keylen##_##mode: \ -+ &aes_##keylen##_##mode; } -+ -+# define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \ -+static const EVP_CIPHER s390x_aes_##keylen##_##mode = { \ -+ nid##_##keylen##_##mode,blocksize, \ -+ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \ -+ flags|EVP_CIPH_##MODE##_MODE, \ -+ s390x_aes_##mode##_init_key, \ -+ s390x_aes_##mode##_cipher, \ -+ aes_##mode##_cleanup, \ -+ sizeof(EVP_AES_##MODE##_CTX), \ -+ NULL,NULL,aes_##mode##_ctrl,NULL }; \ -+static const EVP_CIPHER aes_##keylen##_##mode = { \ -+ nid##_##keylen##_##mode,blocksize, \ -+ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \ -+ flags|EVP_CIPH_##MODE##_MODE, \ -+ aes_##mode##_init_key, \ -+ aes_##mode##_cipher, \ -+ aes_##mode##_cleanup, \ -+ sizeof(EVP_AES_##MODE##_CTX), \ -+ NULL,NULL,aes_##mode##_ctrl,NULL }; \ -+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \ -+{ return S390X_aes_##keylen##_##mode##_CAPABLE?&s390x_aes_##keylen##_##mode: \ -+ &aes_##keylen##_##mode; } -+ - #else - - # define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ -diff --git a/crypto/s390x_arch.h b/crypto/s390x_arch.h -index 434f8e3f4e..5bf24930ed 100644 ---- a/crypto/s390x_arch.h -+++ b/crypto/s390x_arch.h -@@ -30,4 +30,14 @@ extern uint64_t OPENSSL_s390xcap_P[]; - # define S390X_STFLE_VXD (1ULL << 57) - # define S390X_STFLE_VX (1ULL << 62) - -+/* OPENSSL_s390xcap_P[5] flags */ -+# define S390X_KM_AES_256 (1ULL << 43) -+# define S390X_KM_AES_192 (1ULL << 44) -+# define S390X_KM_AES_128 (1ULL << 45) -+ -+/* OPENSSL_s390xcap_P[7] flags */ -+# define S390X_KMC_AES_256 (1ULL << 43) -+# define S390X_KMC_AES_192 (1ULL << 44) -+# define S390X_KMC_AES_128 (1ULL << 45) -+ - #endif --- -2.13.6 - diff --git a/0008-s390x-assembly-pack-extended-s390x-capability-vector.patch b/0008-s390x-assembly-pack-extended-s390x-capability-vector.patch deleted file mode 100644 index 63d905b..0000000 --- a/0008-s390x-assembly-pack-extended-s390x-capability-vector.patch +++ /dev/null @@ -1,73 +0,0 @@ -From 5534badade984ccad7dbe56e17bcf0b2d00820c0 Mon Sep 17 00:00:00 2001 -From: Patrick Steuer -Date: Sun, 12 Feb 2017 12:27:00 +0100 -Subject: [PATCH 08/44] s390x assembly pack: extended s390x capability vector - (KMA). - -Extended the s390x capability vector to store the doubleword pair -returned by the KMA instruction's QUERY function. - -Signed-off-by: Patrick Steuer ---- - crypto/aes/asm/aes-s390x.pl | 2 +- - crypto/s390x_arch.h | 9 +++++++-- - crypto/s390xcpuid.S | 12 +++++++++++- - crypto/sha/asm/sha1-s390x.pl | 2 +- - crypto/sha/asm/sha512-s390x.pl | 2 +- - 5 files changed, 21 insertions(+), 6 deletions(-) - -Index: openssl-1.1.0g/crypto/s390x_arch.h -=================================================================== ---- openssl-1.1.0g.orig/crypto/s390x_arch.h 2018-01-10 15:38:21.714301915 +0100 -+++ openssl-1.1.0g/crypto/s390x_arch.h 2018-01-10 15:38:28.942417111 +0100 -@@ -18,10 +18,10 @@ - * functions. If STFLE returns fewer doublewords or an instruction is not - * supported, the corresponding element is zero. The order is as follows: - * -- * STFLE:STFLE:STFLE.KIMD:KIMD:KM:KM:KMC:KMC:KMCTR:KMCTR -+ * STFLE:STFLE:STFLE.KIMD:KIMD:KM:KM:KMC:KMC:KMCTR:KMCTR:KMA:KMA - */ - # define S390X_STFLE_DWORDS 3 --# define S390X_QUERY_DWORDS 8 -+# define S390X_QUERY_DWORDS 10 - # define S390X_CAP_DWORDS (S390X_STFLE_DWORDS + S390X_QUERY_DWORDS) - extern unsigned long long OPENSSL_s390xcap_P[]; - -@@ -40,4 +40,9 @@ extern unsigned long long OPENSSL_s390xc - # define S390X_KMC_AES_192 (1ULL << 44) - # define S390X_KMC_AES_128 (1ULL << 45) - -+/* OPENSSL_s390xcap_P[11] flags */ -+# define S390X_KMA_GCM_AES_256 (1ULL << 43) -+# define S390X_KMA_GCM_AES_192 (1ULL << 44) -+# define S390X_KMA_GCM_AES_128 (1ULL << 45) -+ - #endif -Index: openssl-1.1.0g/crypto/s390xcpuid.S -=================================================================== ---- openssl-1.1.0g.orig/crypto/s390xcpuid.S 2018-01-10 15:38:21.706301789 +0100 -+++ openssl-1.1.0g/crypto/s390xcpuid.S 2018-01-10 15:38:21.722302044 +0100 -@@ -22,6 +22,8 @@ OPENSSL_s390x_facilities: - stg %r0,64(%r4) - stg %r0,72(%r4) - stg %r0,80(%r4) -+ stg %r0,88(%r4) -+ stg %r0,96(%r4) - - .long 0xb2b04000 # stfle 0(%r4) - brc 8,.Ldone -@@ -54,6 +56,14 @@ OPENSSL_s390x_facilities: - la %r1,72(%r4) - .long 0xb92d2042 # kmctr %r4,%r2,%r2 - -+ lg %r2,16(%r4) -+ tmhl %r2,0x2000 # check for message-security-assist-8 -+ jz .Lret -+ -+ lghi %r0,0 # query kma capability vector -+ la %r1,88(%r4) -+ .long 0xb9294022 # kma %r2,%r4,%r2 -+ - .Lret: - br %r14 - .size OPENSSL_s390x_facilities,.-OPENSSL_s390x_facilities diff --git a/0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch b/0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch deleted file mode 100644 index c468026..0000000 --- a/0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 6d4165cf2b6c19162fdcc98e0f093b12ce765191 Mon Sep 17 00:00:00 2001 -From: Patrick Steuer -Date: Tue, 14 Feb 2017 02:07:37 +0100 -Subject: [PATCH 09/44] crypto/aes/asm/aes-s390x.pl: add KMA code path. - -Signed-off-by: Patrick Steuer ---- - crypto/aes/asm/aes-s390x.pl | 34 +++++++++++++++++++++++++++++++++- - 1 file changed, 33 insertions(+), 1 deletion(-) - -diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl -index b546c16025..750f61e87a 100644 ---- a/crypto/aes/asm/aes-s390x.pl -+++ b/crypto/aes/asm/aes-s390x.pl -@@ -1403,7 +1403,39 @@ $code.=<<___ if (!$softonly); - clr %r0,%r1 - jl .Lctr32_software - -- stm${g} %r6,$s3,6*$SIZE_T($sp) -+ stm${g} $s2,$s3,10*$SIZE_T($sp) -+ llgfr $s2,%r0 -+ larl %r1,OPENSSL_s390xcap_P -+ llihh %r0,0x8000 # check if kma supports the function code -+ srlg %r0,%r0,0($s2) -+ ng %r0,88(%r1) # check kma capability vector -+ lgr %r0,$s2 -+ jz .Lctr32_nokma -+ -+ aghi $sp,-112 -+ lhi %r1,0x0600 -+ sllg $len,$len,4 -+ or %r0,%r1 # set HS and LAAD flags -+ lmg $s2,$s3,0($ivp) -+ la %r1,0($sp) # prepare parameter block -+ ahi $s3,-1 # decrement counter -+ mvc 80(32,$sp),0($key) # copy key -+ stmg $s2,$s3,64($sp) # copy iv -+ st $s3,12($sp) # copy counter -+ lghi $s3,0 # no AAD -+ -+ .long 0xb929a042 # kma $out,$s2,$inp -+ brc 1,.-4 # pay attention to "partial completion" -+ -+ xc 80(32,$sp),80($sp) # wipe key copy -+ la $sp,112($sp) -+ lm${g} $s2,$s3,10*$SIZE_T($sp) -+ br $ra -+ -+.align 16 -+.Lctr32_nokma: -+ -+ stm${g} %r6,$s1,6*$SIZE_T($sp) - - slgr $out,$inp - la %r1,0($key) # %r1 is permanent copy of $key --- -2.13.6 - diff --git a/0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch b/0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch deleted file mode 100644 index e110b43..0000000 --- a/0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 98100dfe2659b43c1e80c54e5666e6f5d0330759 Mon Sep 17 00:00:00 2001 -From: Patrick Steuer -Date: Mon, 13 Feb 2017 16:43:12 +0100 -Subject: [PATCH 10/44] doc/man3/OPENSSL_s390xcap.pod: update (KMA). - -List KMA-GCM-AES bits as significant. - -Signed-off-by: Patrick Steuer ---- - doc/man3/OPENSSL_s390xcap.pod | 15 +++++++++++++++ - 1 file changed, 15 insertions(+) - -diff --git a/doc/man3/OPENSSL_s390xcap.pod b/doc/man3/OPENSSL_s390xcap.pod -index de56c7cf55..adf2c02036 100644 ---- a/doc/man3/OPENSSL_s390xcap.pod -+++ b/doc/man3/OPENSSL_s390xcap.pod -@@ -76,6 +76,21 @@ The following bits are significant: - - =back - -+: -+: -+: -+: -+ -+=over -+ -+=item #43 KMA-GCM-AES-256 -+ -+=item #44 KMA-GCM-AES-192 -+ -+=item #45 KMA-GCM-AES-128 -+ -+=back -+ - =head1 EXAMPLES - - OPENSSL_s390xcap=.0:0 disables KIMD. --- -2.13.6 - diff --git a/0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch b/0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch deleted file mode 100644 index 0bc0ea7..0000000 --- a/0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch +++ /dev/null @@ -1,62 +0,0 @@ -From f34474dd00118128ed574e838895167efddf7359 Mon Sep 17 00:00:00 2001 -From: Patrick Steuer -Date: Tue, 14 Feb 2017 11:15:51 +0100 -Subject: [PATCH 11/44] crypto/aes/asm/aes-s390x.pl: add CFI annotations (KMA - code path). - -Signed-off-by: Patrick Steuer ---- - crypto/aes/asm/aes-s390x.pl | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl -index 750f61e87a..6cabdf5069 100644 ---- a/crypto/aes/asm/aes-s390x.pl -+++ b/crypto/aes/asm/aes-s390x.pl -@@ -1392,6 +1392,7 @@ $code.=<<___; - .type AES_ctr32_encrypt,\@function - .align 16 - AES_ctr32_encrypt: -+.cfi_startproc - xgr %r3,%r4 # flip %r3 and %r4, $out and $len - xgr %r4,%r3 - xgr %r3,%r4 -@@ -1404,6 +1405,8 @@ $code.=<<___ if (!$softonly); - jl .Lctr32_software - - stm${g} $s2,$s3,10*$SIZE_T($sp) -+ .cfi_rel_offset $s2,10*$SIZE_T -+ .cfi_rel_offset $s3,11*$SIZE_T - llgfr $s2,%r0 - larl %r1,OPENSSL_s390xcap_P - llihh %r0,0x8000 # check if kma supports the function code -@@ -1413,6 +1416,7 @@ $code.=<<___ if (!$softonly); - jz .Lctr32_nokma - - aghi $sp,-112 -+ .cfi_adjust_cfa_offset 112 - lhi %r1,0x0600 - sllg $len,$len,4 - or %r0,%r1 # set HS and LAAD flags -@@ -1429,7 +1433,10 @@ $code.=<<___ if (!$softonly); - - xc 80(32,$sp),80($sp) # wipe key copy - la $sp,112($sp) -+ .cfi_adjust_cfa_offset -112 - lm${g} $s2,$s3,10*$SIZE_T($sp) -+ .cfi_restore $s2 -+ .cfi_restore $s3 - br $ra - - .align 16 -@@ -1594,6 +1601,7 @@ $code.=<<___; - - lm${g} %r6,$ra,6*$SIZE_T($sp) - br $ra -+.cfi_endproc - .size AES_ctr32_encrypt,.-AES_ctr32_encrypt - ___ - } --- -2.13.6 - diff --git a/0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch b/0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch deleted file mode 100644 index adc01a7..0000000 --- a/0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch +++ /dev/null @@ -1,335 +0,0 @@ -From acef148f0aac18d78c3c857065b3a1274279b2df Mon Sep 17 00:00:00 2001 -From: Patrick Steuer -Date: Sat, 25 Feb 2017 10:05:12 +0100 -Subject: [PATCH 12/44] s390x assembly pack: add KMA code path for aes-gcm. - -Signed-off-by: Patrick Steuer ---- - crypto/aes/asm/aes-s390x.pl | 52 ++++++++++++ - crypto/evp/e_aes.c | 200 ++++++++++++++++++++++++++++++++++++++++++-- - crypto/modes/gcm128.c | 4 + - crypto/s390x_arch.h | 5 ++ - 4 files changed, 253 insertions(+), 8 deletions(-) - -Index: openssl-1.1.0g/crypto/aes/asm/aes-s390x.pl -=================================================================== ---- openssl-1.1.0g.orig/crypto/aes/asm/aes-s390x.pl 2018-01-09 17:35:12.231011406 +0100 -+++ openssl-1.1.0g/crypto/aes/asm/aes-s390x.pl 2018-01-09 17:35:16.795082242 +0100 -@@ -2257,6 +2257,58 @@ $code.=<<___; - .size AES_xts_decrypt,.-AES_xts_decrypt - ___ - } -+ -+################ -+# void s390x_aes_gcm_blocks(unsigned char *out, GCM128_CONTEXT *ctx, -+# const unsigned char *in, size_t len, -+# const unsigned char *aad, size_t alen, -+# const AES_KEY *key, int enc) -+{ -+my ($out,$ctx,$in,$len,$aad,$alen,$key,$enc) = map("%r$_",(2..9)); -+$code.=<<___ if (!$softonly); -+.globl s390x_aes_gcm_blocks -+.type s390x_aes_gcm_blocks,\@function -+.align 16 -+s390x_aes_gcm_blocks: -+ stm$g $alen,$enc,7*$SIZE_T($sp) -+ lm$g $alen,$enc,$stdframe($sp) -+ -+ aghi $sp,-112 -+ -+ lmg %r0,%r1,0($ctx) -+ ahi %r1,-1 -+ -+ mvc 16(32,$sp),64($ctx) # copy Xi/H -+ #mvc 48(16,$sp),48($ctx) # copy len -+ mvc 80(32,$sp),0($key) # copy key -+ st %r1,12($sp) # copy Yi -+ stmg %r0,%r1,64($sp) -+ -+ lhi %r1,128 -+ l %r0,240($key) # kma capability vector checked by caller -+ sll $enc,7 -+ xr $enc,%r1 -+ or %r0,$enc -+ -+ la %r1,0($sp) -+ -+ .long 0xb9296024 # kma $out,$aad,$in -+ brc 1,.-4 # pay attention to "partial completion" -+ -+ l %r0,12($sp) -+ mvc 64(16,$ctx),16($sp) # update Xi -+ xc 0(112,$sp),0($sp) # wipe stack -+ -+ la $sp,112($sp) -+ ahi %r0,1 -+ st %r0,12($ctx) -+ -+ lm$g $alen,$enc,7*$SIZE_T($sp) -+ br $ra -+.size s390x_aes_gcm_blocks,.-s390x_aes_gcm_blocks -+___ -+} -+ - $code.=<<___; - .string "AES for s390x, CRYPTOGAMS by " - ___ -Index: openssl-1.1.0g/crypto/evp/e_aes.c -=================================================================== ---- openssl-1.1.0g.orig/crypto/evp/e_aes.c 2018-01-09 17:35:12.199010909 +0100 -+++ openssl-1.1.0g/crypto/evp/e_aes.c 2018-01-09 17:35:12.239011531 +0100 -@@ -960,7 +960,7 @@ const EVP_CIPHER *EVP_aes_##keylen##_##m - * If KM and KMC support the function code, AES_KEY structure holds - * key/function code (instead of key schedule/number of rounds). - */ --# define S390X_AES_FC (((AES_KEY *)(key))->rounds) -+# define S390X_AES_FC(key) (((AES_KEY *)(key))->rounds) - - # define S390X_aes_128_CAPABLE ((OPENSSL_s390xcap_P[5]&S390X_KM_AES_128)&&\ - (OPENSSL_s390xcap_P[7]&S390X_KMC_AES_128)) -@@ -969,6 +969,11 @@ const EVP_CIPHER *EVP_aes_##keylen##_##m - # define S390X_aes_256_CAPABLE ((OPENSSL_s390xcap_P[5]&S390X_KM_AES_256)&&\ - (OPENSSL_s390xcap_P[7]&S390X_KMC_AES_256)) - -+void s390x_aes_gcm_blocks(unsigned char *out, GCM128_CONTEXT *ctx, -+ const unsigned char *in, size_t len, -+ const unsigned char *aad, size_t alen, -+ const AES_KEY *key, int enc); -+ - # define s390x_aes_init_key aes_init_key - static int s390x_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -@@ -1029,18 +1034,197 @@ static int s390x_aes_cfb1_cipher(EVP_CIP - static int s390x_aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len); - --# define S390X_aes_128_gcm_CAPABLE 0 --# define S390X_aes_192_gcm_CAPABLE 0 --# define S390X_aes_256_gcm_CAPABLE 0 -+# define S390X_aes_128_gcm_CAPABLE (S390X_aes_128_CAPABLE&&\ -+ OPENSSL_s390xcap_P[17]\ -+ &S390X_KMA_GCM_AES_128) -+# define S390X_aes_192_gcm_CAPABLE (S390X_aes_192_CAPABLE&&\ -+ OPENSSL_s390xcap_P[17]\ -+ &S390X_KMA_GCM_AES_192) -+# define S390X_aes_256_gcm_CAPABLE (S390X_aes_256_CAPABLE&&\ -+ OPENSSL_s390xcap_P[17]\ -+ &S390X_KMA_GCM_AES_256) -+ -+static int s390x_aes_gcm(GCM128_CONTEXT *ctx, const unsigned char *in, -+ unsigned char *out, size_t len, int enc) -+{ -+ int n; -+ size_t rem; -+ u64 mlen = ctx->len.u[1]; -+ unsigned char tmp; -+ -+ mlen += len; -+ -+ if (mlen > ((1ULL << 36) - 32) || (sizeof(len) == 8 && mlen < len)) -+ return -1; -+ -+ ctx->len.u[1] = mlen; -+ -+ if (ctx->ares) { -+ (*ctx->gmult)(ctx->Xi.u, ctx->Htable); -+ ctx->ares = 0; -+ } -+ S390X_AES_FC(ctx->key) |= S390X_KMA_LAAD; -+ n = ctx->mres; -+ -+ if (n) { -+ while (n && len) { -+ tmp = *in; -+ *out = tmp ^ ctx->EKi.c[n]; -+ ctx->Xi.c[n] ^= enc ? *out : tmp; -+ n = (n + 1) % AES_BLOCK_SIZE; -+ --len; -+ ++in; -+ ++out; -+ } -+ if (n == 0) { -+ (*ctx->gmult)(ctx->Xi.u, ctx->Htable); -+ } else { -+ ctx->mres = n; -+ return 0; -+ } -+ } -+ rem = len % AES_BLOCK_SIZE; -+ len -= rem; -+ -+ s390x_aes_gcm_blocks(out, ctx, in, len, NULL, 0, ctx->key, enc); -+ -+ if (rem) { -+ in += len; -+ out += len; -+ (*ctx->block)(ctx->Yi.c, ctx->EKi.c, ctx->key); -+ ++ctx->Yi.d[3]; -+ while (rem--) { -+ tmp = in[n]; -+ out[n] = tmp ^ ctx->EKi.c[n]; -+ ctx->Xi.c[n] ^= enc ? out[n] : tmp; -+ ++n; -+ } -+ } -+ -+ ctx->mres = n; -+ return 0; -+} - --# define s390x_aes_gcm_init_key aes_gcm_init_key - static int s390x_aes_gcm_init_key(EVP_CIPHER_CTX *ctx, - const unsigned char *key, -- const unsigned char *iv, int enc); -+ const unsigned char *iv, int enc) -+{ -+ EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx); -+ const int keybitlen = EVP_CIPHER_CTX_key_length(ctx) * 8; -+ -+ if (!iv && !key) -+ return 1; -+ -+ if (key) { -+ AES_set_encrypt_key(key, keybitlen, &gctx->ks.ks); -+ CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f)AES_encrypt); -+ S390X_AES_FC(&gctx->ks) |= S390X_KMA_HS; -+ -+ if (iv == NULL && gctx->iv_set) -+ iv = gctx->iv; -+ -+ if (iv) { -+ CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen); -+ gctx->iv_set = 1; -+ } -+ gctx->key_set = 1; -+ } else { -+ if (gctx->key_set) -+ CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen); -+ else -+ memcpy(gctx->iv, iv, gctx->ivlen); -+ -+ gctx->iv_set = 1; -+ gctx->iv_gen = 0; -+ } -+ return 1; -+} -+ -+static int s390x_aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -+ const unsigned char *in, size_t len) -+{ -+ EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx); -+ unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx); -+ int enc = EVP_CIPHER_CTX_encrypting(ctx); -+ int rv = -1; -+ -+ if (out != in || len < (EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN)) -+ return -1; -+ -+ if (EVP_CIPHER_CTX_ctrl(ctx, enc ? EVP_CTRL_GCM_IV_GEN : -+ EVP_CTRL_GCM_SET_IV_INV, -+ EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0) -+ goto err; -+ -+ if (CRYPTO_gcm128_aad(&gctx->gcm, buf, gctx->tls_aad_len)) -+ goto err; -+ -+ in += EVP_GCM_TLS_EXPLICIT_IV_LEN; -+ out += EVP_GCM_TLS_EXPLICIT_IV_LEN; -+ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN; -+ -+ if (s390x_aes_gcm(&gctx->gcm, in, out, len, enc)) -+ goto err; -+ -+ if (enc) { -+ out += len; -+ CRYPTO_gcm128_tag(&gctx->gcm, out, EVP_GCM_TLS_TAG_LEN); -+ rv = len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN; -+ } else { -+ CRYPTO_gcm128_tag(&gctx->gcm, buf, EVP_GCM_TLS_TAG_LEN); -+ -+ if (CRYPTO_memcmp(buf, in + len, EVP_GCM_TLS_TAG_LEN)) { -+ OPENSSL_cleanse(out, len); -+ goto err; -+ } -+ rv = len; -+ } -+ err: -+ gctx->iv_set = 0; -+ gctx->tls_aad_len = -1; -+ return rv; -+} - --# define s390x_aes_gcm_cipher aes_gcm_cipher - static int s390x_aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, -- const unsigned char *in, size_t len); -+ const unsigned char *in, size_t len) -+{ -+ EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx); -+ unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx); -+ int enc = EVP_CIPHER_CTX_encrypting(ctx); -+ -+ if (!gctx->key_set) -+ return -1; -+ -+ if (gctx->tls_aad_len >= 0) -+ return s390x_aes_gcm_tls_cipher(ctx, out, in, len); -+ -+ if (!gctx->iv_set) -+ return -1; -+ -+ if (in) { -+ if (out == NULL) { -+ if (CRYPTO_gcm128_aad(&gctx->gcm, in, len)) -+ return -1; -+ } else { -+ if (s390x_aes_gcm(&gctx->gcm, in, out, len, enc)) -+ return -1; -+ } -+ return len; -+ } else { -+ if (enc) { -+ gctx->taglen = 16; -+ CRYPTO_gcm128_tag(&gctx->gcm, buf, gctx->taglen); -+ } else { -+ if (gctx->taglen < 0) -+ return -1; -+ -+ if (CRYPTO_gcm128_finish(&gctx->gcm, buf, gctx->taglen)) -+ return -1; -+ } -+ gctx->iv_set = 0; -+ return 0; -+ } -+} - - # define S390X_aes_128_xts_CAPABLE 1 /* checked by callee */ - # define S390X_aes_256_xts_CAPABLE 1 -Index: openssl-1.1.0g/crypto/modes/gcm128.c -=================================================================== ---- openssl-1.1.0g.orig/crypto/modes/gcm128.c 2017-11-02 15:29:03.000000000 +0100 -+++ openssl-1.1.0g/crypto/modes/gcm128.c 2018-01-09 17:35:12.239011531 +0100 -@@ -817,6 +817,10 @@ void CRYPTO_gcm128_init(GCM128_CONTEXT * - ctx->gmult = gcm_gmult_4bit; - CTX__GHASH(gcm_ghash_4bit); - } -+# elif defined(GHASH_ASM) -+ gcm_init_4bit(ctx->Htable, ctx->H.u); -+ ctx->gmult = gcm_gmult_4bit; -+ CTX__GHASH(gcm_ghash_4bit); - # else - gcm_init_4bit(ctx->Htable, ctx->H.u); - # endif -Index: openssl-1.1.0g/crypto/s390x_arch.h -=================================================================== ---- openssl-1.1.0g.orig/crypto/s390x_arch.h 2018-01-09 17:35:12.207011034 +0100 -+++ openssl-1.1.0g/crypto/s390x_arch.h 2018-01-09 17:35:12.239011531 +0100 -@@ -45,4 +45,9 @@ extern uint64_t OPENSSL_s390xcap_P[]; - # define S390X_KMA_GCM_AES_192 (1ULL << 44) - # define S390X_KMA_GCM_AES_128 (1ULL << 45) - -+/* %r0 flags */ -+# define S390X_KMA_LPC (1ULL << 8) -+# define S390X_KMA_LAAD (1ULL << 9) -+# define S390X_KMA_HS (1ULL << 10) -+ - #endif diff --git a/0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch b/0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch deleted file mode 100644 index 23ac2a8..0000000 --- a/0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch +++ /dev/null @@ -1,51 +0,0 @@ -From d137c24cbf25bae932dcfc0b58fa667a9ef63bf0 Mon Sep 17 00:00:00 2001 -From: Patrick Steuer -Date: Sun, 26 Feb 2017 22:36:39 +0100 -Subject: [PATCH 13/44] crypto/aes/asm/aes-s390x.pl: add CFI annotations - (KMA-gcm code path). - -Signed-off-by: Patrick Steuer ---- - crypto/aes/asm/aes-s390x.pl | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl -index f23b1231c1..dfe79f84a6 100644 ---- a/crypto/aes/asm/aes-s390x.pl -+++ b/crypto/aes/asm/aes-s390x.pl -@@ -2270,10 +2270,15 @@ $code.=<<___ if (!$softonly); - .type s390x_aes_gcm_blocks,\@function - .align 16 - s390x_aes_gcm_blocks: -+.cfi_startproc - stm$g $alen,$enc,7*$SIZE_T($sp) -+ .cfi_rel_offset $alen,7*$SIZE_T -+ .cfi_rel_offset $key,8*$SIZE_T -+ .cfi_rel_offset $enc,9*$SIZE_T - lm$g $alen,$enc,$stdframe($sp) - - aghi $sp,-112 -+ .cfi_adjust_cfa_offset 112 - - lmg %r0,%r1,0($ctx) - ahi %r1,-1 -@@ -2300,11 +2305,16 @@ s390x_aes_gcm_blocks: - xc 0(112,$sp),0($sp) # wipe stack - - la $sp,112($sp) -+ .cfi_adjust_cfa_offset -112 - ahi %r0,1 - st %r0,12($ctx) - - lm$g $alen,$enc,7*$SIZE_T($sp) -+ .cfi_restore $alen -+ .cfi_restore $key -+ .cfi_restore $enc - br $ra -+.cfi_endproc - .size s390x_aes_gcm_blocks,.-s390x_aes_gcm_blocks - ___ - } --- -2.13.6 - diff --git a/baselibs.conf b/baselibs.conf index 9306c18..c697479 100644 --- a/baselibs.conf +++ b/baselibs.conf @@ -5,6 +5,3 @@ libopenssl-1_1-devel conflicts "otherproviders(libopenssl-devel-)" requires -"openssl-1_1-" requires "libopenssl1_1- = " -libopenssl1_1-hmac - requires "libopenssl1_1- = -%release" - obsoletes "libopenssl1_1_0-hmac-" diff --git a/openssl-1.0.1e-add-suse-default-cipher.patch b/openssl-1.0.1e-add-suse-default-cipher.patch deleted file mode 100644 index 395acb2..0000000 --- a/openssl-1.0.1e-add-suse-default-cipher.patch +++ /dev/null @@ -1,36 +0,0 @@ -Index: openssl-1.1.0f/ssl/ssl_ciph.c -=================================================================== ---- openssl-1.1.0f.orig/ssl/ssl_ciph.c 2017-05-25 14:46:20.000000000 +0200 -+++ openssl-1.1.0f/ssl/ssl_ciph.c 2017-09-01 11:54:09.848587297 +0200 -@@ -1461,7 +1461,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ - */ - ok = 1; - rule_p = rule_str; -- if (strncmp(rule_str, "DEFAULT", 7) == 0) { -+ if (strncmp(rule_str,"DEFAULT_SUSE", 12) == 0) { -+ ok = ssl_cipher_process_rulestr(SSL_DEFAULT_SUSE_CIPHER_LIST, -+ &head, &tail, ca_list, c); -+ rule_p += 12; -+ if (*rule_p == ':') -+ rule_p++; -+ } -+ else if (strncmp(rule_str, "DEFAULT", 7) == 0) { - ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST, - &head, &tail, ca_list, c); - rule_p += 7; -Index: openssl-1.1.0f/include/openssl/ssl.h -=================================================================== ---- openssl-1.1.0f.orig/include/openssl/ssl.h 2017-05-25 14:46:20.000000000 +0200 -+++ openssl-1.1.0f/include/openssl/ssl.h 2017-09-01 13:16:59.850407734 +0200 -@@ -195,6 +195,11 @@ extern "C" { - * an application-defined cipher list string starts with 'DEFAULT'. - */ - # define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL" -+# define SSL_DEFAULT_SUSE_CIPHER_LIST "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:"\ -+ "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:"\ -+ "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:"\ -+ "DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:"\ -+ "AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA" - /* - * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always - * starts with a reasonable order, and all we have to do for DEFAULT is diff --git a/openssl-1.0.1e-add-test-suse-default-cipher-suite.patch b/openssl-1.0.1e-add-test-suse-default-cipher-suite.patch deleted file mode 100644 index 0c78d52..0000000 --- a/openssl-1.0.1e-add-test-suse-default-cipher-suite.patch +++ /dev/null @@ -1,27 +0,0 @@ -Index: openssl-1.1.0c/test/recipes/99-test_suse_default_ciphers.t -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ openssl-1.1.0c/test/recipes/99-test_suse_default_ciphers.t 2016-12-19 13:59:16.662066548 +0100 -@@ -0,0 +1,22 @@ -+#! /usr/bin/env perl -+ -+use strict; -+use warnings; -+ -+use OpenSSL::Test qw/:DEFAULT/; -+use OpenSSL::Test::Utils; -+ -+ -+setup("test_default_ciphersuites"); -+ -+plan tests => 4; -+ -+my @cipher_suites = ("DEFAULT_SUSE", "DEFAULT"); -+ -+foreach my $cipherlist (@cipher_suites) { -+ ok(run(app(["openssl", "ciphers", $cipherlist])), -+ "openssl ciphers works with ciphersuite $cipherlist"); -+ ok(!grep(/(MD5|RC4|DES)/, run(app(["openssl", "ciphers", "DEFAULT_SUSE"]), capture => 1)), -+ "$cipherlist shouldn't contain MD5, DES or RC4\n"); -+} -+ diff --git a/openssl-1.1.0i.tar.gz b/openssl-1.1.0i.tar.gz deleted file mode 100644 index 5eb0dc7..0000000 --- a/openssl-1.1.0i.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ebbfc844a8c8cc0ea5dc10b86c9ce97f401837f3fa08c17b2cdadc118253cf99 -size 5453234 diff --git a/openssl-1.1.0i.tar.gz.asc b/openssl-1.1.0i.tar.gz.asc deleted file mode 100644 index 5f2ac5e..0000000 --- a/openssl-1.1.0i.tar.gz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCgAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAltyztkACgkQ2cTSbQ5g -RJHKYwf+IDQqU357IUYc6Y6nHtV1S+0Nme2J/FAjGIneHdhDmyNEx7s+yemKU4ri -QbH73/4Mg7pId99TGbQx8P9RAGN7yLbHPwu5Prmyb5OiDGRJ6bGism9CrkIoRXK1 -Wq59IvcHK2nhaim8Vjksgvf/uhbeGt1V7b5Q5KF6cqDo+EKJkLpYL7vGlod/bXN/ -CzbzGOkSQiWt/nMq6FDTHOzKGyswil877hxUbjyhv8lphphRtvYsWBn376YjYjfG -9WsJ1z8mZg5I83D+8uC51TJrAdX6hMQjk0JhkxLXMghZiKnNy8+8XLXna0OliuLK -W9nqIlbNZiZvhIPqGM7O9cPZeWg96g== -=ueQK ------END PGP SIGNATURE----- diff --git a/openssl-1.1.1-pre9.tar.gz b/openssl-1.1.1-pre9.tar.gz new file mode 100644 index 0000000..27ae134 --- /dev/null +++ b/openssl-1.1.1-pre9.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:95ebdfbb05e8451fb01a186ccaa4a7da0eff9a48999ede9fe1a7d90db75ccb4c +size 8411103 diff --git a/openssl-1.1.1-pre9.tar.gz.asc b/openssl-1.1.1-pre9.tar.gz.asc new file mode 100644 index 0000000..f666333 --- /dev/null +++ b/openssl-1.1.1-pre9.tar.gz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCgAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAlt8Ah8ACgkQ2cTSbQ5g +RJG1ZQf+OUe+cQhEUtUrDrNSxyIG1V19YRRCo3phQ3wpSs2rvxo7Ngyk339iGTBL +SWau3y/SJZAl98XeeQO4KCD6/zSgEnqI3zPBhuJ97PPBojqEfbBNPD9ymu/CYlJJ +c9SLqFuJs4mF9mDWOT5lA5b871lnY7Pi/dgx8T6Cue4b182AnbvlqYNphv/Q5Cns +52tsa9vMqazinePxRK0Obs8Mc/dmlOqINr7WjrovWJdUXc6DdAhyslPqZSjzb7s5 +1+3MSVKnYl3QReovrg3brLl4m3NRFxGpisaSD8MmCR/BJsJDyiVZa0Q3YJ+cShL4 ++bmfg6hTchbZIBg3H/dAgrKdKIXbFw== +=ufCN +-----END PGP SIGNATURE----- diff --git a/openssl-1_1.changes b/openssl-1_1.changes index fd096b7..7561671 100644 --- a/openssl-1_1.changes +++ b/openssl-1_1.changes @@ -1,3 +1,59 @@ +------------------------------------------------------------------- +Thu Aug 23 13:21:00 UTC 2018 - vcizek@suse.com + +- Update to 1.1.1-pre9 (Beta 7) + * Support for TLSv1.3 added + * Move the display of configuration data to configdata.pm. + * Allow GNU style "make variables" to be used with Configure. + * Add a STORE module (OSSL_STORE) + * Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes + * Add multi-prime RSA (RFC 8017) support + * Add SM3 implemented according to GB/T 32905-2016 + * Add SM4 implemented according to GB/T 32907-2016. + * Add 'Maximum Fragment Length' TLS extension negotiation and support + * Add ARIA support + * Add SHA3 + * Rewrite of devcrypto engine + * Add support for SipHash + * Grand redesign of the OpenSSL random generator +- pretend the release is not a Beta, to avoid "OpenSSL version mismatch" + with OpenSSH + * add openssl-pretend_we_are_not_beta.patch +- drop FIPS support + * don't build with FIPS mode (not supported in 1.1.1) + * don't create the -hmac subpackages + - drop FIPS patches + * openssl-fips-clearerror.patch + * openssl-fips-dont-fall-back-to-default-digest.patch + * openssl-fips-dont_run_FIPS_module_installed.patch + * openssl-fips-fix-odd-rsakeybits.patch + * openssl-fips-rsagen-d-bits.patch + * openssl-fips-selftests_in_nonfips_mode.patch + * openssl-fips_disallow_ENGINE_loading.patch + * openssl-rsakeygen-minimum-distance.patch + * openssl-CVE-2018-0737-fips.patch +- add TLS 1.3 ciphers to DEFAULT_SUSE +- merge openssl-1.0.1e-add-suse-default-cipher.patch and + openssl-1.0.1e-add-test-suse-default-cipher-suite.patch to + openssl-DEFAULT_SUSE_cipher.patch +- drop patches: + * openssl-static-deps.patch (upstream) + * 0001-Resume-reading-from-randfile-when-interrupted-by-a-s.patch + * openssl-disable_rsa_keygen_tests_with_small_modulus.patch + * 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch +- drop s390x patches + * 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch + * 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch + * 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch + * 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch + * 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch + * 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch + * 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch + * 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch + * 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch + * 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch + * 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch + ------------------------------------------------------------------- Tue Aug 14 14:02:22 UTC 2018 - vcizek@suse.com diff --git a/openssl-1_1.spec b/openssl-1_1.spec index e25c59a..11e6f95 100644 --- a/openssl-1_1.spec +++ b/openssl-1_1.spec @@ -19,62 +19,33 @@ %define ssletcdir %{_sysconfdir}/ssl %define maj_min 1.1 %define _rname openssl +%define pre_version pre9 +%define xversion 1.1.1-%{pre_version} Name: openssl-1_1 -Version: 1.1.0i +# Don't forget to update the version in the "openssl" package! +Version: 1.1.1~%{pre_version} Release: 0 Summary: Secure Sockets and Transport Layer Security License: OpenSSL Group: Productivity/Networking/Security -Url: https://www.openssl.org/ -Source: https://www.%{_rname}.org/source/%{_rname}-%{version}.tar.gz +URL: https://www.openssl.org/ +Source: https://www.%{_rname}.org/source/%{_rname}-%{xversion}.tar.gz # to get mtime of file: Source1: %{name}.changes Source2: baselibs.conf -Source42: https://www.%{_rname}.org/source/%{_rname}-%{version}.tar.gz.asc +Source3: https://www.%{_rname}.org/source/%{_rname}-%{xversion}.tar.gz.asc # https://www.openssl.org/about/ # http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA2D29B7BF295C759#/openssl.keyring -Source43: %{_rname}.keyring -Source99: showciphers.c -# https://github.com/openssl/openssl/pull/2045 -Patch0: 0001-Resume-reading-from-randfile-when-interrupted-by-a-s.patch -# PATCH-FIX-OPENSUSE: upstream won't use glibc -Patch1: 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch +Source4: %{_rname}.keyring +Source5: showciphers.c # PATCH-FIX-OPENSUSE: do not install html mans it takes ages -Patch2: openssl-1.1.0-no-html.patch -# PATCH-FIX-UPSTREAM: patch to allow deps and linking to static libs -# needed for fips and taken from upstream -Patch3: openssl-static-deps.patch -Patch4: openssl-truststore.patch -Patch5: openssl-pkgconfig.patch -Patch6: openssl-1.0.1e-add-suse-default-cipher.patch -Patch7: openssl-1.0.1e-add-test-suse-default-cipher-suite.patch -Patch8: openssl-ppc64-config.patch -Patch9: openssl-no-date.patch -# FIPS patches: -Patch51: openssl-1.1.0-fips.patch -Patch52: openssl-fips-dont_run_FIPS_module_installed.patch -Patch53: openssl-fips_disallow_ENGINE_loading.patch -Patch54: openssl-rsakeygen-minimum-distance.patch -Patch55: openssl-urandom-reseeding.patch -Patch56: openssl-fips-rsagen-d-bits.patch -Patch57: openssl-fips-selftests_in_nonfips_mode.patch -Patch58: openssl-fips-fix-odd-rsakeybits.patch -Patch59: openssl-fips-clearerror.patch -Patch60: openssl-fips-dont-fall-back-to-default-digest.patch -Patch61: openssl-disable_rsa_keygen_tests_with_small_modulus.patch -# FATE#321518 Add support for s390x CPACF enhancements (https://fate.suse.com/321518) -Patch62: 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch -Patch63: 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch -Patch64: 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch -Patch65: 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch -Patch66: 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch -Patch67: 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch -Patch68: 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch -Patch69: 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch -Patch70: 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch -Patch71: 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch -Patch72: 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch -Patch75: openssl-CVE-2018-0737-fips.patch +Patch1: openssl-1.1.0-no-html.patch +Patch2: openssl-truststore.patch +Patch3: openssl-pkgconfig.patch +Patch4: openssl-DEFAULT_SUSE_cipher.patch +Patch5: openssl-ppc64-config.patch +Patch6: openssl-no-date.patch +Patch7: openssl-pretend_we_are_not_beta.patch BuildRequires: bc BuildRequires: ed BuildRequires: pkgconfig @@ -95,7 +66,6 @@ OpenSSL contains an implementation of the SSL and TLS protocols. %package -n libopenssl1_1 Summary: Secure Sockets and Transport Layer Security -License: OpenSSL Group: Productivity/Networking/Security Recommends: ca-certificates-mozilla # install libopenssl and libopenssl-hmac close together (bsc#1090765) @@ -111,11 +81,10 @@ OpenSSL contains an implementation of the SSL and TLS protocols. %package -n libopenssl-1_1-devel Summary: Development files for OpenSSL -License: OpenSSL Group: Development/Libraries/C and C++ -Recommends: %{name} = %{version} Requires: libopenssl1_1 = %{version} Requires: pkgconfig(zlib) +Recommends: %{name} = %{version} # we need to have around only the exact version we are able to operate with Conflicts: libopenssl-devel < %{version} Conflicts: libopenssl-devel > %{version} @@ -128,21 +97,8 @@ Obsoletes: libopenssl-1_1_0-devel This subpackage contains header files for developing applications that want to make use of the OpenSSL C API. -%package -n libopenssl1_1-hmac -Summary: HMAC files for FIPS-140-2 integrity checking of the openssl shared libraries -License: BSD-3-Clause -Group: Productivity/Networking/Security -Requires: libopenssl1_1 = %{version}-%{release} -# Needed for clean upgrade from former openssl-1_1_0, boo#1081335 -Obsoletes: libopenssl1_1_0-hmac - -%description -n libopenssl1_1-hmac -The FIPS compliant operation of the openssl shared libraries is NOT -possible without the HMAC hashes contained in this package! - %package doc Summary: Additional Package Documentation -License: OpenSSL Group: Productivity/Networking/Security Conflicts: openssl-doc Provides: openssl-doc = %{version} @@ -154,7 +110,7 @@ This package contains optional documentation provided in addition to this package's base documentation. %prep -%setup -q -n %{_rname}-%{version} +%setup -q -n %{_rname}-%{xversion} %autopatch -p1 %build @@ -166,15 +122,12 @@ export MACHINE=armv6l %endif ./config \ - no-rc5 no-idea \ - fips \ - no-ssl3 \ + no-idea \ enable-rfc3779 \ %ifarch x86_64 aarch64 ppc64le enable-ec_nistp_64_gcc_128 \ %endif enable-camellia \ - zlib \ no-ec2m \ --prefix=%{_prefix} \ --libdir=%{_lib} \ @@ -190,6 +143,9 @@ export MACHINE=armv6l $(getconf LFS_CFLAGS) \ -Wall +# Show build configuration +perl configdata.pm --dump + util/mkdef.pl crypto update make depend %{?_smp_mflags} make all %{?_smp_mflags} @@ -199,7 +155,7 @@ export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) LD_LIBRARY_PATH=`pwd` make test -j1 # show cyphers -gcc -o showciphers %{optflags} -I%{buildroot}%{_includedir} %{SOURCE99} -L%{buildroot}%{_libdir} -lssl -lcrypto +gcc -o showciphers %{optflags} -I%{buildroot}%{_includedir} %{SOURCE5} -L%{buildroot}%{_libdir} -lssl -lcrypto LD_LIBRARY_PATH=%{buildroot}%{_libdir} ./showciphers %install @@ -244,30 +200,7 @@ set -x find demos -type f -perm /111 -exec chmod 644 {} \; # Place showciphers.c for %doc macro -cp %{SOURCE99} . - -# the hmac hashes: -# -# this is a hack that re-defines the __os_install_post macro -# for a simple reason: the macro strips the binaries and thereby -# invalidates a HMAC that may have been created earlier. -# solution: create the hashes _after_ the macro runs. -# -# this shows up earlier because otherwise the %expand of -# the macro is too late. -# remark: This is the same as running -# openssl dgst -sha256 -hmac 'ppaksykemnsecgtsttplmamstKMEs' -%{expand:%%global __os_install_post {%__os_install_post - -%{buildroot}%{_bindir}/fips_standalone_hmac \ - %{buildroot}%{_libdir}/libssl.so.%{maj_min} > \ - %{buildroot}%{_libdir}/.libssl.so.%{maj_min}.hmac - -%{buildroot}%{_bindir}/fips_standalone_hmac \ - %{buildroot}%{_libdir}/libcrypto.so.%{maj_min} > \ - %{buildroot}%{_libdir}/.libcrypto.so.%{maj_min}.hmac - -}} +cp %{SOURCE5} . %post -n libopenssl1_1 -p /sbin/ldconfig %postun -n libopenssl1_1 -p /sbin/ldconfig @@ -278,10 +211,6 @@ cp %{SOURCE99} . %{_libdir}/libcrypto.so.%{maj_min} %{_libdir}/engines-%{maj_min} -%files -n libopenssl1_1-hmac -%{_libdir}/.libssl.so.%{maj_min}.hmac -%{_libdir}/.libcrypto.so.%{maj_min}.hmac - %files -n libopenssl-1_1-devel %{_includedir}/%{_rname}/ %{_includedir}/ssl @@ -300,10 +229,12 @@ cp %{SOURCE99} . %dir %{ssletcdir} %config (noreplace) %{ssletcdir}/openssl.cnf %attr(700,root,root) %{ssletcdir}/private +%{ssletcdir}/ct_log_list.cnf +%{ssletcdir}/ct_log_list.cnf.dist + %dir %{_datadir}/ssl %{_datadir}/ssl/misc %{_bindir}/c_rehash -%{_bindir}/fips_standalone_hmac %{_bindir}/%{_rname} %changelog diff --git a/openssl-CVE-2018-0737-fips.patch b/openssl-CVE-2018-0737-fips.patch deleted file mode 100644 index c244480..0000000 --- a/openssl-CVE-2018-0737-fips.patch +++ /dev/null @@ -1,88 +0,0 @@ -Adjustments to fips_rsa_builtin_keygen along the lines -of the CVE-2018-0737 fix which consists of commits: -9db724cfede4ba7a3668bff533973ee70145ec07 -011f82e66f4bf131c733fd41a8390039859aafb2 -7150a4720af7913cae16f2e4eaf768b578c0b298 -6939eab03a6e23d2bd2c3f5e34fe1d48e542e787 - -Index: openssl-1.1.0i/crypto/rsa/rsa_gen.c -=================================================================== ---- openssl-1.1.0i.orig/crypto/rsa/rsa_gen.c 2018-08-14 15:50:57.483236547 +0200 -+++ openssl-1.1.0i/crypto/rsa/rsa_gen.c 2018-08-14 15:51:07.223299375 +0200 -@@ -123,6 +123,7 @@ static int fips_rsa_builtin_keygen(RSA * - int n = 0; - int test = 0; - int pbits = bits / 2; -+ unsigned long error = 0; - - if (FIPS_selftest_failed()) { - FIPSerr(FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, FIPS_R_FIPS_SELFTEST_FAILED); -@@ -191,6 +192,10 @@ retry: - if (!BN_lshift(r3, r3, pbits - 100)) - goto err; - -+ BN_set_flags(rsa->p, BN_FLG_CONSTTIME); -+ BN_set_flags(rsa->q, BN_FLG_CONSTTIME); -+ BN_set_flags(r2, BN_FLG_CONSTTIME); -+ - /* generate p and q */ - for (i = 0; i < 5 * pbits; i++) { - ploop: -@@ -205,9 +210,9 @@ retry: - - if (!BN_sub(r2, rsa->p, BN_value_one())) - goto err; -- if (!BN_gcd(r1, r2, rsa->e, ctx)) -- goto err; -- if (BN_is_one(r1)) { -+ ERR_set_mark(); -+ if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) { -+ /* GCD == 1 since inverse exists */ - int r; - r = BN_is_prime_fasttest_ex(rsa->p, pbits > 1024 ? 4 : 5, ctx, 0, - cb); -@@ -217,6 +222,15 @@ retry: - break; - } - -+ error = ERR_peek_last_error(); -+ if (ERR_GET_LIB(error) == ERR_LIB_BN -+ && ERR_GET_REASON(error) == BN_R_NO_INVERSE) { -+ /* GCD != 1 */ -+ ERR_pop_to_mark(); -+ } else { -+ goto err; -+ } -+ - if (!BN_GENCB_call(cb, 2, n++)) - goto err; - } -@@ -248,9 +262,9 @@ retry: - - if (!BN_sub(r2, rsa->q, BN_value_one())) - goto err; -- if (!BN_gcd(r1, r2, rsa->e, ctx)) -- goto err; -- if (BN_is_one(r1)) { -+ ERR_set_mark(); -+ if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) { -+ /* GCD == 1 since inverse exists */ - int r; - r = BN_is_prime_fasttest_ex(rsa->q, pbits > 1024 ? 4 : 5, ctx, 0, - cb); -@@ -260,6 +274,15 @@ retry: - break; - } - -+ error = ERR_peek_last_error(); -+ if (ERR_GET_LIB(error) == ERR_LIB_BN -+ && ERR_GET_REASON(error) == BN_R_NO_INVERSE) { -+ /* GCD != 1 */ -+ ERR_pop_to_mark(); -+ } else { -+ goto err; -+ } -+ - if (!BN_GENCB_call(cb, 2, n++)) - goto err; - } diff --git a/openssl-DEFAULT_SUSE_cipher.patch b/openssl-DEFAULT_SUSE_cipher.patch new file mode 100644 index 0000000..bf23b4a --- /dev/null +++ b/openssl-DEFAULT_SUSE_cipher.patch @@ -0,0 +1,65 @@ +Index: openssl-1.1.1-pre9/ssl/ssl_ciph.c +=================================================================== +--- openssl-1.1.1-pre9.orig/ssl/ssl_ciph.c 2018-08-21 14:14:15.000000000 +0200 ++++ openssl-1.1.1-pre9/ssl/ssl_ciph.c 2018-08-24 11:06:56.552423004 +0200 +@@ -1567,7 +1567,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + */ + ok = 1; + rule_p = rule_str; +- if (strncmp(rule_str, "DEFAULT", 7) == 0) { ++ if (strncmp(rule_str,"DEFAULT_SUSE", 12) == 0) { ++ ok = ssl_cipher_process_rulestr(SSL_DEFAULT_SUSE_CIPHER_LIST, ++ &head, &tail, ca_list, c); ++ rule_p += 12; ++ if (*rule_p == ':') ++ rule_p++; ++ } ++ else if (strncmp(rule_str, "DEFAULT", 7) == 0) { + ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST, + &head, &tail, ca_list, c); + rule_p += 7; +Index: openssl-1.1.1-pre9/include/openssl/ssl.h +=================================================================== +--- openssl-1.1.1-pre9.orig/include/openssl/ssl.h 2018-08-21 14:14:15.000000000 +0200 ++++ openssl-1.1.1-pre9/include/openssl/ssl.h 2018-08-24 11:14:42.067529045 +0200 +@@ -171,6 +171,12 @@ extern "C" { + * This applies to ciphersuites for TLSv1.2 and below. + */ + # define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL" ++# define SSL_DEFAULT_SUSE_CIPHER_LIST "TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:"\ ++ "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:"\ ++ "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:"\ ++ "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:"\ ++ "DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:"\ ++ "AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA" + /* This is the default set of TLSv1.3 ciphersuites */ + # if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) + # define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \ +Index: openssl-1.1.1-pre9/test/recipes/99-test_suse_default_ciphers.t +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ openssl-1.1.1-pre9/test/recipes/99-test_suse_default_ciphers.t 2018-08-24 11:46:43.464529473 +0200 +@@ -0,0 +1,23 @@ ++#! /usr/bin/env perl ++ ++use strict; ++use warnings; ++ ++use OpenSSL::Test qw/:DEFAULT/; ++use OpenSSL::Test::Utils; ++ ++setup("test_default_ciphersuites"); ++ ++plan tests => 6; ++ ++my @cipher_suites = ("DEFAULT_SUSE", "DEFAULT"); ++ ++foreach my $cipherlist (@cipher_suites) { ++ ok(run(app(["openssl", "ciphers", "-s", $cipherlist])), ++ "openssl ciphers works with ciphersuite $cipherlist"); ++ ok(!grep(/(MD5|RC4|DES)/, run(app(["openssl", "ciphers", "-s", $cipherlist]), capture => 1)), ++ "$cipherlist shouldn't contain MD5, DES or RC4\n"); ++ ok(grep(/(TLSv1.3)/, run(app(["openssl", "ciphers", "-tls1_3", "-s", "-v", $cipherlist]), capture => 1)), ++ "$cipherlist should contain TLSv1.3 ciphers\n"); ++} ++ diff --git a/openssl-disable_rsa_keygen_tests_with_small_modulus.patch b/openssl-disable_rsa_keygen_tests_with_small_modulus.patch deleted file mode 100644 index be938b3..0000000 --- a/openssl-disable_rsa_keygen_tests_with_small_modulus.patch +++ /dev/null @@ -1,12 +0,0 @@ -Index: openssl-1.1.0i/test/recipes/15-test_genrsa.t -=================================================================== ---- openssl-1.1.0i.orig/test/recipes/15-test_genrsa.t 2018-08-14 14:45:10.000000000 +0200 -+++ openssl-1.1.0i/test/recipes/15-test_genrsa.t 2018-08-14 15:49:16.902587756 +0200 -@@ -16,6 +16,7 @@ use OpenSSL::Test::Utils; - - setup("test_genrsa"); - -+plan skip_all => 'Minimal RSA modulus size is 200 bits'; - plan tests => 5; - - # We want to know that an absurdly small number of bits isn't support diff --git a/openssl-fips-clearerror.patch b/openssl-fips-clearerror.patch deleted file mode 100644 index 42ce4c6..0000000 --- a/openssl-fips-clearerror.patch +++ /dev/null @@ -1,12 +0,0 @@ -Index: openssl-1.0.2g/crypto/o_init.c -=================================================================== ---- openssl-1.0.2g.orig/crypto/o_init.c 2016-04-14 10:54:05.763929573 +0200 -+++ openssl-1.0.2g/crypto/o_init.c 2016-04-14 10:59:08.366168879 +0200 -@@ -91,6 +91,7 @@ static void init_fips_mode(void) - NONFIPS_selftest_check(); - /* drop down to non-FIPS mode if it is not requested */ - FIPS_mode_set(0); -+ ERR_clear_error(); - } else { - /* abort if selftest failed */ - FIPS_selftest_check(); diff --git a/openssl-fips-dont-fall-back-to-default-digest.patch b/openssl-fips-dont-fall-back-to-default-digest.patch deleted file mode 100644 index fc4c321..0000000 --- a/openssl-fips-dont-fall-back-to-default-digest.patch +++ /dev/null @@ -1,15 +0,0 @@ -Index: openssl-1.1.0e/apps/dgst.c -=================================================================== ---- openssl-1.1.0e.orig/apps/dgst.c 2017-04-20 12:31:52.471544178 +0200 -+++ openssl-1.1.0e/apps/dgst.c 2017-04-20 12:38:46.669771843 +0200 -@@ -94,6 +94,10 @@ int dgst_main(int argc, char **argv) - prog = opt_progname(argv[0]); - buf = app_malloc(BUFSIZE, "I/O buffer"); - md = EVP_get_digestbyname(prog); -+ if (md == NULL && strcmp(prog, "dgst") != 0) { -+ BIO_printf(bio_err, "%s is not a known digest\n", prog); -+ goto end; -+ } - - prog = opt_init(argc, argv, dgst_options); - while ((o = opt_next()) != OPT_EOF) { diff --git a/openssl-fips-dont_run_FIPS_module_installed.patch b/openssl-fips-dont_run_FIPS_module_installed.patch deleted file mode 100644 index c315fb1..0000000 --- a/openssl-fips-dont_run_FIPS_module_installed.patch +++ /dev/null @@ -1,16 +0,0 @@ -Index: openssl-1.0.2h/crypto/o_init.c -=================================================================== ---- openssl-1.0.2h.orig/crypto/o_init.c 2016-06-01 15:26:25.026937000 +0200 -+++ openssl-1.0.2h/crypto/o_init.c 2016-06-01 16:23:24.980858697 +0200 -@@ -111,9 +111,9 @@ void __attribute__ ((constructor)) OPENS - return; - done = 1; - #ifdef OPENSSL_FIPS -- if (!FIPS_module_installed()) { -+ /*if (!FIPS_module_installed()) { - return; -- } -+ }*/ - RAND_init_fips(); - init_fips_mode(); - if (!FIPS_mode()) { diff --git a/openssl-fips-fix-odd-rsakeybits.patch b/openssl-fips-fix-odd-rsakeybits.patch deleted file mode 100644 index 2a1475c..0000000 --- a/openssl-fips-fix-odd-rsakeybits.patch +++ /dev/null @@ -1,14 +0,0 @@ -Index: openssl-1.0.2g/crypto/rsa/rsa_gen.c -=================================================================== ---- openssl-1.0.2g.orig/crypto/rsa/rsa_gen.c 2016-04-14 10:52:34.187646539 +0200 -+++ openssl-1.0.2g/crypto/rsa/rsa_gen.c 2016-04-14 10:53:39.335559301 +0200 -@@ -465,7 +465,8 @@ static int rsa_builtin_keygen(RSA *rsa, - goto err; - - bitsp = (bits + 1) / 2; -- bitsq = bits - bitsp; -+ /* Use the same number of bits for p and q, our checks assume it. */ -+ bitsq = bitsp; - - /* prepare a maximum for p and q */ - /* 0xB504F334 is (sqrt(2)/2)*2^32 */ diff --git a/openssl-fips-rsagen-d-bits.patch b/openssl-fips-rsagen-d-bits.patch deleted file mode 100644 index ac8be6c..0000000 --- a/openssl-fips-rsagen-d-bits.patch +++ /dev/null @@ -1,39 +0,0 @@ -Index: openssl-1.1.0c/crypto/rsa/rsa_gen.c -=================================================================== ---- openssl-1.1.0c.orig/crypto/rsa/rsa_gen.c 2016-12-08 17:55:15.968669184 +0100 -+++ openssl-1.1.0c/crypto/rsa/rsa_gen.c 2016-12-08 17:55:15.976669308 +0100 -@@ -173,6 +173,12 @@ static int fips_rsa_builtin_keygen(RSA * - goto err; - } - -+ BN_copy(rsa->e, e_value); -+ -+ if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q)) -+ test = 1; -+ -+retry: - /* prepare approximate minimum p and q */ - if (!BN_set_word(r0, 0xB504F334)) - goto err; -@@ -185,12 +191,6 @@ static int fips_rsa_builtin_keygen(RSA * - if (!BN_lshift(r3, r3, pbits - 100)) - goto err; - -- BN_copy(rsa->e, e_value); -- -- if (!BN_is_zero(rsa->p) && !BN_is_zero(rsa->q)) -- test = 1; -- -- retry: - /* generate p and q */ - for (i = 0; i < 5 * pbits; i++) { - ploop: -@@ -323,6 +323,8 @@ static int fips_rsa_builtin_keygen(RSA * - BN_free(pr0); - } - -+ /* test 2^(bits/2) < d < LCM((p-1)*(q-1)) */ -+ /* the LCM part is covered due to the generation by modulo above */ - if (BN_num_bits(rsa->d) < pbits) - goto retry; /* d is too small */ - diff --git a/openssl-fips-selftests_in_nonfips_mode.patch b/openssl-fips-selftests_in_nonfips_mode.patch deleted file mode 100644 index 4810e57..0000000 --- a/openssl-fips-selftests_in_nonfips_mode.patch +++ /dev/null @@ -1,74 +0,0 @@ -Index: openssl-1.1.0c/crypto/fips/fips.c -=================================================================== ---- openssl-1.1.0c.orig/crypto/fips/fips.c 2016-12-09 11:34:28.778291575 +0100 -+++ openssl-1.1.0c/crypto/fips/fips.c 2016-12-09 11:37:18.192847119 +0100 -@@ -472,6 +472,44 @@ int FIPS_module_mode_set(int onoff) - return ret; - } - -+/* In non-FIPS mode, the selftests must succeed if the -+ * checksum files are present -+ */ -+void NONFIPS_selftest_check(void) -+{ -+ int rv; -+ char *hmacpath; -+ char path[PATH_MAX+1]; -+ -+ if (fips_selftest_fail) -+ { -+ /* check if the checksum files are installed */ -+ rv = get_library_path("libcrypto.so." SHLIB_VERSION_NUMBER, "FIPS_mode_set", path, sizeof(path)); -+ if (rv < 0) -+ OpenSSLDie(__FILE__,__LINE__, "FATAL FIPS SELFTEST FAILURE"); -+ -+ hmacpath = make_hmac_path(path); -+ if (hmacpath == NULL) -+ OpenSSLDie(__FILE__,__LINE__, "FATAL FIPS SELFTEST FAILURE"); -+ -+ if (access(hmacpath, F_OK)) -+ { -+ /* no hmac file is present, ignore the failed selftests */ -+ if (errno == ENOENT) -+ { -+ free(hmacpath); -+ return; -+ } -+ /* we fail on any other error */ -+ } -+ /* if the file exists, but the selftests failed -+ (eg wrong checksum), we fail too */ -+ free(hmacpath); -+ OpenSSLDie(__FILE__,__LINE__, "FATAL FIPS SELFTEST FAILURE"); -+ } -+ /* otherwise ok, selftests were successful */ -+} -+ - static CRYPTO_THREAD_ID fips_threadid; - static int fips_thread_set = 0; - -Index: openssl-1.1.0c/crypto/o_init.c -=================================================================== ---- openssl-1.1.0c.orig/crypto/o_init.c 2016-12-09 11:34:28.726290785 +0100 -+++ openssl-1.1.0c/crypto/o_init.c 2016-12-09 11:34:28.778291575 +0100 -@@ -44,6 +44,8 @@ static void init_fips_mode(void) - */ - - if (buf[0] != '1') { -+ /* abort if selftest failed and the module is complete */ -+ NONFIPS_selftest_check(); - /* drop down to non-FIPS mode if it is not requested */ - FIPS_mode_set(0); - } else { -Index: openssl-1.1.0c/include/openssl/fips.h -=================================================================== ---- openssl-1.1.0c.orig/include/openssl/fips.h 2016-12-09 11:34:28.654289692 +0100 -+++ openssl-1.1.0c/include/openssl/fips.h 2016-12-09 11:38:18.553750517 +0100 -@@ -65,6 +65,7 @@ extern "C" { - int FIPS_selftest(void); - int FIPS_selftest_failed(void); - int FIPS_selftest_drbg_all(void); -+ void NONFIPS_selftest_check(void); - - int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, - const EVP_MD *evpmd, const unsigned char *seed_in, diff --git a/openssl-fips_disallow_ENGINE_loading.patch b/openssl-fips_disallow_ENGINE_loading.patch deleted file mode 100644 index 186f6ea..0000000 --- a/openssl-fips_disallow_ENGINE_loading.patch +++ /dev/null @@ -1,14 +0,0 @@ -Index: openssl-1.1.0c/crypto/init.c -=================================================================== ---- openssl-1.1.0c.orig/crypto/init.c 2016-12-08 17:36:03.170689184 +0100 -+++ openssl-1.1.0c/crypto/init.c 2016-12-08 17:36:14.938873308 +0100 -@@ -564,6 +564,9 @@ int OPENSSL_init_crypto(uint64_t opts, c - && !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand)) - return 0; - # endif -+# ifdef OPENSSL_FIPS -+ if (!FIPS_mode()) -+# endif - if ((opts & OPENSSL_INIT_ENGINE_DYNAMIC) - && !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic)) - return 0; diff --git a/openssl-no-date.patch b/openssl-no-date.patch index b326604..c910674 100644 --- a/openssl-no-date.patch +++ b/openssl-no-date.patch @@ -1,11 +1,13 @@ -Index: openssl-1.1.0f/util/mkbuildinf.pl +Index: openssl-1.1.1-pre1/util/mkbuildinf.pl =================================================================== ---- openssl-1.1.0f.orig/util/mkbuildinf.pl -+++ openssl-1.1.0f/util/mkbuildinf.pl -@@ -37,5 +37,5 @@ print <<"END_OUTPUT"; - '\\0' - }; +--- openssl-1.1.1-pre1.orig/util/mkbuildinf.pl 2018-02-13 16:31:28.011389734 +0100 ++++ openssl-1.1.1-pre1/util/mkbuildinf.pl 2018-02-13 16:31:51.539764582 +0100 +@@ -28,7 +28,7 @@ print <<"END_OUTPUT"; + */ + #define PLATFORM "platform: $platform" -#define DATE "built on: $date" +#define DATE "" - END_OUTPUT + + /* + * Generate compiler_flags as an array of individual characters. This is a diff --git a/openssl-pkgconfig.patch b/openssl-pkgconfig.patch index 27c86f4..862be2c 100644 --- a/openssl-pkgconfig.patch +++ b/openssl-pkgconfig.patch @@ -1,17 +1,17 @@ -Index: openssl-1.1.0h/Configurations/unix-Makefile.tmpl +Index: openssl-1.1.1-pre3/Configurations/unix-Makefile.tmpl =================================================================== ---- openssl-1.1.0h.orig/Configurations/unix-Makefile.tmpl 2018-03-27 16:32:18.922799218 +0200 -+++ openssl-1.1.0h/Configurations/unix-Makefile.tmpl 2018-03-27 16:33:19.307764137 +0200 -@@ -710,7 +710,7 @@ libcrypto.pc: +--- openssl-1.1.1-pre3.orig/Configurations/unix-Makefile.tmpl 2018-03-20 15:20:03.037124698 +0100 ++++ openssl-1.1.1-pre3/Configurations/unix-Makefile.tmpl 2018-03-20 15:21:04.206084731 +0100 +@@ -843,7 +843,7 @@ libcrypto.pc: echo 'Version: '$(VERSION); \ echo 'Libs: -L$${libdir} -lcrypto'; \ - echo 'Libs.private: $(EX_LIBS)'; \ + echo 'Libs.private: $(LIB_EX_LIBS)'; \ - echo 'Cflags: -I$${includedir}' ) > libcrypto.pc + echo 'Cflags: -DOPENSSL_LOAD_CONF -I$${includedir}' ) > libcrypto.pc libssl.pc: @ ( echo 'prefix=$(INSTALLTOP)'; \ -@@ -723,7 +723,7 @@ libssl.pc: +@@ -860,7 +860,7 @@ libssl.pc: echo 'Version: '$(VERSION); \ echo 'Requires.private: libcrypto'; \ echo 'Libs: -L$${libdir} -lssl'; \ diff --git a/openssl-ppc64-config.patch b/openssl-ppc64-config.patch index 9152c8e..02724c0 100644 --- a/openssl-ppc64-config.patch +++ b/openssl-ppc64-config.patch @@ -1,12 +1,17 @@ -Index: openssl-1.1.0e/config +Index: openssl-1.1.1-pre3/config =================================================================== ---- openssl-1.1.0e.orig/config -+++ openssl-1.1.0e/config -@@ -550,7 +550,7 @@ case "$GUESSOS" in +--- openssl-1.1.1-pre3.orig/config 2018-03-20 15:24:38.037441210 +0100 ++++ openssl-1.1.1-pre3/config 2018-03-20 15:26:20.163043492 +0100 +@@ -552,12 +552,7 @@ case "$GUESSOS" in OUT="linux-ppc64" else OUT="linux-ppc" -- (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null) || options="$options -m32" +- if (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null); then +- :; +- else +- __CNF_CFLAGS="$__CNF_CFLAGS -m32" +- __CNF_CXXFLAGS="$__CNF_CXXFLAGS -m32" +- fi + (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null) || OUT="linux-ppc64" fi ;; diff --git a/openssl-pretend_we_are_not_beta.patch b/openssl-pretend_we_are_not_beta.patch new file mode 100644 index 0000000..98826d3 --- /dev/null +++ b/openssl-pretend_we_are_not_beta.patch @@ -0,0 +1,13 @@ +Index: openssl-1.1.1-pre9/include/openssl/opensslv.h +=================================================================== +--- openssl-1.1.1-pre9.orig/include/openssl/opensslv.h 2018-08-22 14:07:29.797858054 +0200 ++++ openssl-1.1.1-pre9/include/openssl/opensslv.h 2018-08-22 14:07:57.718041454 +0200 +@@ -39,7 +39,7 @@ extern "C" { + * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for + * major minor fix final patch/beta) + */ +-# define OPENSSL_VERSION_NUMBER 0x10101009L ++# define OPENSSL_VERSION_NUMBER 0x1010100fL + # define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1-pre9 (beta) 21 Aug 2018" + + /*- diff --git a/openssl-rsakeygen-minimum-distance.patch b/openssl-rsakeygen-minimum-distance.patch deleted file mode 100644 index f104e61..0000000 --- a/openssl-rsakeygen-minimum-distance.patch +++ /dev/null @@ -1,47 +0,0 @@ -Index: openssl-1.1.0h/crypto/rsa/rsa_gen.c -=================================================================== ---- openssl-1.1.0h.orig/crypto/rsa/rsa_gen.c 2018-03-27 16:34:44.709128590 +0200 -+++ openssl-1.1.0h/crypto/rsa/rsa_gen.c 2018-03-27 16:34:44.753129312 +0200 -@@ -420,6 +420,19 @@ static int rsa_builtin_keygen(RSA *rsa, - bitsp = (bits + 1) / 2; - bitsq = bits - bitsp; - -+ /* prepare a maximum for p and q */ -+ /* 0xB504F334 is (sqrt(2)/2)*2^32 */ -+ if (!BN_set_word(r0, 0xB504F334)) -+ goto err; -+ if (!BN_lshift(r0, r0, bitsp - 32)) -+ goto err; -+ -+ /* prepare minimum p and q difference */ -+ if (!BN_one(r3)) -+ goto err; -+ if (!BN_lshift(r3, r3, bitsp - 100)) -+ goto err; -+ - /* We need the RSA components non-NULL */ - if (!rsa->n && ((rsa->n = BN_new()) == NULL)) - goto err; -@@ -446,6 +459,8 @@ static int rsa_builtin_keygen(RSA *rsa, - for (;;) { - if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb)) - goto err; -+ if (BN_cmp(rsa->p, r0) < 0) -+ continue; - if (!BN_sub(r2, rsa->p, BN_value_one())) - goto err; - ERR_set_mark(); -@@ -471,6 +486,13 @@ static int rsa_builtin_keygen(RSA *rsa, - if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) - goto err; - } while (BN_cmp(rsa->p, rsa->q) == 0); -+ if (BN_cmp(rsa->q, r0) < 0) -+ continue; -+ /* check for minimum distance between p and q, 2^(bitsp-100) */ -+ if (!BN_sub(r2, rsa->q, rsa->p)) -+ goto err; -+ if (BN_ucmp(r2, r3) <= 0) -+ continue; - if (!BN_sub(r2, rsa->q, BN_value_one())) - goto err; - ERR_set_mark(); diff --git a/openssl-static-deps.patch b/openssl-static-deps.patch deleted file mode 100644 index 4eb6124..0000000 --- a/openssl-static-deps.patch +++ /dev/null @@ -1,195 +0,0 @@ -From 186a31e510d1326063cfeca17e58fadec236ad2a Mon Sep 17 00:00:00 2001 -From: Richard Levitte -Date: Wed, 9 Nov 2016 20:01:51 +0100 -Subject: [PATCH] Building: make it possible to force linking with static - OpenSSL libs - -Very simply, support having the .a extension to denote depending on -static libraries. Note that this is not supported on native Windows -when building shared libraries, as there is not static library then, -just an import library with the same name. - -Reviewed-by: Rich Salz -(Merged from https://github.com/openssl/openssl/pull/1889) ---- - Configurations/common.tmpl | 14 +++++++++++--- - Configurations/descrip.mms.tmpl | 23 ++++++++++++++--------- - Configurations/unix-Makefile.tmpl | 19 ++++++++++++------- - Configurations/windows-makefile.tmpl | 4 +++- - Configure | 7 +++++++ - 5 files changed, 47 insertions(+), 20 deletions(-) - -Index: openssl-1.1.0h/Configurations/common.tmpl -=================================================================== ---- openssl-1.1.0h.orig/Configurations/common.tmpl 2018-03-27 15:50:37.000000000 +0200 -+++ openssl-1.1.0h/Configurations/common.tmpl 2018-03-27 16:31:37.126131133 +0200 -@@ -9,15 +9,22 @@ - # there are no duplicate dependencies and that they are in the - # right order. This is especially used to sort the list of - # libraries that a build depends on. -+ sub extensionlesslib { -+ my @result = map { $_ =~ /(\.a)?$/; $` } @_; -+ return @result if wantarray; -+ return $result[0]; -+ } - sub resolvedepends { - my $thing = shift; -+ my $extensionlessthing = extensionlesslib($thing); - my @listsofar = @_; # to check if we're looping -- my @list = @{$unified_info{depends}->{$thing}}; -+ my @list = @{$unified_info{depends}->{$extensionlessthing}}; - my @newlist = (); - if (scalar @list) { - foreach my $item (@list) { -+ my $extensionlessitem = extensionlesslib($item); - # It's time to break off when the dependency list starts looping -- next if grep { $_ eq $item } @listsofar; -+ next if grep { extensionlesslib($_) eq $extensionlessitem } @listsofar; - push @newlist, $item, resolvedepends($item, @listsofar, $item); - } - } -@@ -28,8 +35,9 @@ - my @newlist = (); - while (@list) { - my $item = shift @list; -+ my $extensionlessitem = extensionlesslib($item); - push @newlist, $item -- unless grep { $item eq $_ } @list; -+ unless grep { $extensionlessitem eq extensionlesslib($_) } @list; - } - @newlist; - } -Index: openssl-1.1.0h/Configurations/descrip.mms.tmpl -=================================================================== ---- openssl-1.1.0h.orig/Configurations/descrip.mms.tmpl 2018-03-27 15:50:37.000000000 +0200 -+++ openssl-1.1.0h/Configurations/descrip.mms.tmpl 2018-03-27 16:31:37.126131133 +0200 -@@ -537,6 +537,17 @@ configdata.pm : $(SRCDIR)Configure $(SRC - use File::Basename; - use File::Spec::Functions qw/abs2rel rel2abs catfile catdir/; - -+ # Helper function to figure out dependencies on libraries -+ # It takes a list of library names and outputs a list of dependencies -+ sub compute_lib_depends { -+ if ($disabled{shared}) { -+ return map { $_ =~ /\.a$/ ? $`.".OLB" : $_.".OLB" } @_; -+ } -+ return map { $_ =~ /\.a$/ -+ ? $`.".OLB" -+ : $unified_info{sharednames}->{$_}.".EXE" } @_; -+ } -+ - sub generatesrc { - my %args = @_; - my $generator = join(" ", @{$args{generator}}); -@@ -632,9 +643,7 @@ EOF - my $libd = dirname($lib); - my $libn = basename($lib); - (my $mkdef_key = $libn) =~ s/^${osslprefix_q}lib([^0-9]*)\d*/$1/i; -- my @deps = map { -- $disabled{shared} ? $_.".OLB" -- : $unified_info{sharednames}->{$_}.".EXE"; } @{$args{deps}}; -+ my @deps = compute_lib_depends(@{$args{deps}}); - my $deps = join(", -\n\t\t", @deps); - my $shlib_target = $disabled{shared} ? "" : $target{shared_target}; - my $ordinalsfile = defined($args{ordinals}) ? $args{ordinals}->[1] : ""; -@@ -680,9 +689,7 @@ EOF - my $libn = basename($lib); - (my $libn_nolib = $libn) =~ s/^lib//; - my @objs = map { "$_.OBJ" } @{$args{objs}}; -- my @deps = map { -- $disabled{shared} ? $_.".OLB" -- : $unified_info{sharednames}->{$_}.".EXE"; } @{$args{deps}}; -+ my @deps = compute_lib_depends(@{$args{deps}}); - my $deps = join(", -\n\t\t", @objs, @deps); - my $shlib_target = $disabled{shared} ? "" : $target{shared_target}; - my $engine_opt = abs2rel(rel2abs(catfile($config{sourcedir}, -@@ -732,9 +739,7 @@ EOF - my $bind = dirname($bin); - my $binn = basename($bin); - my @objs = map { "$_.OBJ" } @{$args{objs}}; -- my @deps = map { -- $disabled{shared} ? $_.".OLB" -- : $unified_info{sharednames}->{$_}.".EXE"; } @{$args{deps}}; -+ my @deps = compute_lib_depends(@{$args{deps}}); - my $deps = join(", -\n\t\t", @objs, @deps); - # The "[]" hack is because in .OPT files, each line inherits the - # previous line's file spec as default, so if no directory spec -Index: openssl-1.1.0h/Configurations/unix-Makefile.tmpl -=================================================================== ---- openssl-1.1.0h.orig/Configurations/unix-Makefile.tmpl 2018-03-27 16:31:37.110130877 +0200 -+++ openssl-1.1.0h/Configurations/unix-Makefile.tmpl 2018-03-27 16:31:37.126131133 +0200 -@@ -755,13 +755,13 @@ configdata.pm: $(SRCDIR)/Configure $(SRC - # It takes a list of library names and outputs a list of dependencies - sub compute_lib_depends { - if ($disabled{shared}) { -- return map { $_.$libext } @_; -+ return map { $_ =~ /\.a$/ ? $`.$libext : $_.$libext } @_; - } - - # Depending on shared libraries: - # On Windows POSIX layers, we depend on {libname}.dll.a - # On Unix platforms, we depend on {shlibname}.so -- return map { shlib_simple($_) } @_; -+ return map { $_ =~ /\.a$/ ? $`.$libext : shlib_simple($_) } @_; - } - - sub generatesrc { -@@ -976,11 +976,16 @@ EOF - my $binn = basename($bin); - my $objs = join(" ", map { $_.$objext } @{$args{objs}}); - my $deps = join(" ",compute_lib_depends(@{$args{deps}})); -- my $linklibs = join("", map { my $d = dirname($_); -- my $f = basename($_); -- $d = "." if $d eq $f; -- (my $l = $f) =~ s/^lib//; -- " -L$d -l$l" } @{$args{deps}}); -+ my $linklibs = join("", map { if ($_ =~ /\.a$/) { -+ " $_"; -+ } else { -+ my $d = dirname($_); -+ my $f = basename($_); -+ $d = "." if $d eq $f; -+ (my $l = $f) =~ s/^lib//; -+ " -L$d -l$l" -+ } -+ } @{$args{deps}}); - my $shlib_target = $disabled{shared} ? "" : $target{shared_target}; - return <<"EOF"; - $bin$exeext: $objs $deps -Index: openssl-1.1.0h/Configurations/windows-makefile.tmpl -=================================================================== ---- openssl-1.1.0h.orig/Configurations/windows-makefile.tmpl 2018-03-27 15:50:37.000000000 +0200 -+++ openssl-1.1.0h/Configurations/windows-makefile.tmpl 2018-03-27 16:31:37.126131133 +0200 -@@ -361,8 +361,10 @@ configdata.pm: "$(SRCDIR)\Configure" {- - # It takes a list of library names and outputs a list of dependencies - sub compute_lib_depends { - if ($disabled{shared}) { -- return map { $_.$libext } @_; -+ return map { $_ =~ /\.a$/ ? $`.$libext : $_.$libext } @_; - } -+ die "Linking with static OpenSSL libraries is not supported in this configuration\n" -+ if grep /\.a$/, @_; - return map { shlib_import($_) } @_; - } - -Index: openssl-1.1.0h/Configure -=================================================================== ---- openssl-1.1.0h.orig/Configure 2018-03-27 15:50:37.000000000 +0200 -+++ openssl-1.1.0h/Configure 2018-03-27 16:31:37.126131133 +0200 -@@ -1844,9 +1844,16 @@ EOF - $d = cleanfile($buildd, $_, $blddir); - } - # Take note if the file to depend on is being renamed -+ # Take extra care with files ending with .a, they should -+ # be treated without that extension, and the extension -+ # should be added back after treatment. -+ $d =~ /(\.a)?$/; -+ my $e = $1 // ""; -+ $d = $`; - if ($unified_info{rename}->{$d}) { - $d = $unified_info{rename}->{$d}; - } -+ $d .= $e; - $unified_info{depends}->{$ddest}->{$d} = 1; - } - } diff --git a/openssl-truststore.patch b/openssl-truststore.patch index 00656d1..e43f30e 100644 --- a/openssl-truststore.patch +++ b/openssl-truststore.patch @@ -1,10 +1,10 @@ Don't use the legacy /etc/ssl/certs directory anymore but rather the p11-kit generated /var/lib/ca-certificates/openssl one (fate#314991) -Index: openssl-1.1.0e/crypto/include/internal/cryptlib.h +Index: openssl-1.1.1-pre1/include/internal/cryptlib.h =================================================================== ---- openssl-1.1.0e.orig/crypto/include/internal/cryptlib.h -+++ openssl-1.1.0e/crypto/include/internal/cryptlib.h -@@ -41,8 +41,8 @@ DEFINE_LHASH_OF(MEM); +--- openssl-1.1.1-pre1.orig/include/internal/cryptlib.h 2018-02-13 14:48:12.000000000 +0100 ++++ openssl-1.1.1-pre1/include/internal/cryptlib.h 2018-02-13 16:30:11.738161984 +0100 +@@ -59,8 +59,8 @@ DEFINE_LHASH_OF(MEM); # ifndef OPENSSL_SYS_VMS # define X509_CERT_AREA OPENSSLDIR