Accepting request 790184 from security:tls
OBS-URL: https://build.opensuse.org/request/show/790184 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=16
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
commit
5b13303a59
@ -13,17 +13,10 @@ Reviewed-by: Richard Levitte <levitte@openssl.org>
|
||||
crypto/chacha/build.info | 1 +
|
||||
2 files changed, 558 insertions(+), 259 deletions(-)
|
||||
|
||||
Index: openssl-1.1.1c/crypto/chacha/asm/chacha-s390x.pl
|
||||
Index: openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl
|
||||
===================================================================
|
||||
--- openssl-1.1.1c.orig/crypto/chacha/asm/chacha-s390x.pl 2019-06-06 12:15:57.271195550 +0200
|
||||
+++ openssl-1.1.1c/crypto/chacha/asm/chacha-s390x.pl 2019-06-06 12:16:43.787489780 +0200
|
||||
@@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
-# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
+# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
--- openssl-1.1.1e.orig/crypto/chacha/asm/chacha-s390x.pl 2020-03-19 11:43:25.650616856 +0100
|
||||
+++ openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl 2020-03-19 11:43:40.614692484 +0100
|
||||
@@ -20,41 +20,46 @@
|
||||
#
|
||||
# 3 times faster than compiler-generated code.
|
||||
@ -859,7 +852,7 @@ Index: openssl-1.1.1c/crypto/chacha/asm/chacha-s390x.pl
|
||||
+SIZE ("_s390x_chacha_novx",".-_s390x_chacha_novx");
|
||||
+}
|
||||
}
|
||||
-close STDOUT;
|
||||
-close STDOUT or die "error closing STDOUT: $!";
|
||||
+################
|
||||
+
|
||||
+ALIGN (64);
|
||||
|
||||
@ -942,7 +942,7 @@ index 21ca86055e..390f9eefe7 100755
|
||||
-$code =~ s/\b(srlg\s+)(%r[0-9]+\s*,)\s*([0-9]+)/$1$2$2$3/gm;
|
||||
-
|
||||
-print $code;
|
||||
-close STDOUT;
|
||||
-close STDOUT or die "error closing STDOUT: $!";
|
||||
+GLOBL ("poly1305_emit");
|
||||
+TYPE ("poly1305_emit","\@function");
|
||||
+ALIGN (16);
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
Index: openssl-1.1.1d/Configurations/unix-Makefile.tmpl
|
||||
Index: openssl-1.1.1f/Configurations/unix-Makefile.tmpl
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/Configurations/unix-Makefile.tmpl 2019-09-11 15:38:17.788265421 +0200
|
||||
+++ openssl-1.1.1d/Configurations/unix-Makefile.tmpl 2019-09-11 15:38:35.640368636 +0200
|
||||
--- openssl-1.1.1f.orig/Configurations/unix-Makefile.tmpl 2020-03-31 16:07:11.764502217 +0200
|
||||
+++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl 2020-03-31 16:07:45.036664229 +0200
|
||||
@@ -544,7 +544,7 @@ install_sw: install_dev install_engines
|
||||
|
||||
uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev
|
||||
@ -10,4 +10,4 @@ Index: openssl-1.1.1d/Configurations/unix-Makefile.tmpl
|
||||
+install_docs: install_man_docs
|
||||
|
||||
uninstall_docs: uninstall_man_docs uninstall_html_docs
|
||||
$(RM) -r $(DESTDIR)$(DOCDIR)
|
||||
$(RM) -r "$(DESTDIR)$(DOCDIR)"
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
Index: openssl-1.1.1d/crypto/err/openssl.txt
|
||||
Index: openssl-1.1.1e/crypto/err/openssl.txt
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/err/openssl.txt 2020-01-23 13:45:11.124632385 +0100
|
||||
+++ openssl-1.1.1d/crypto/err/openssl.txt 2020-01-23 13:45:31.704754695 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/err/openssl.txt 2020-03-20 14:37:07.940876078 +0100
|
||||
+++ openssl-1.1.1e/crypto/err/openssl.txt 2020-03-20 16:12:06.574822921 +0100
|
||||
@@ -753,6 +753,9 @@ EVP_F_EVP_DIGESTINIT_EX:128:EVP_DigestIn
|
||||
EVP_F_EVP_ENCRYPTDECRYPTUPDATE:219:evp_EncryptDecryptUpdate
|
||||
EVP_F_EVP_ENCRYPTFINAL_EX:127:EVP_EncryptFinal_ex
|
||||
@ -52,7 +52,7 @@ Index: openssl-1.1.1d/crypto/err/openssl.txt
|
||||
KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg
|
||||
OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object
|
||||
OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid
|
||||
@@ -2280,6 +2303,7 @@ EVP_R_ONLY_ONESHOT_SUPPORTED:177:only on
|
||||
@@ -2284,6 +2307,7 @@ EVP_R_ONLY_ONESHOT_SUPPORTED:177:only on
|
||||
EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\
|
||||
operation not supported for this keytype
|
||||
EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized
|
||||
@ -60,7 +60,7 @@ Index: openssl-1.1.1d/crypto/err/openssl.txt
|
||||
EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers
|
||||
EVP_R_PBKDF2_ERROR:181:pbkdf2 error
|
||||
EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\
|
||||
@@ -2316,6 +2340,7 @@ KDF_R_MISSING_SEED:106:missing seed
|
||||
@@ -2320,6 +2344,7 @@ KDF_R_MISSING_SEED:106:missing seed
|
||||
KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type
|
||||
KDF_R_VALUE_ERROR:108:value error
|
||||
KDF_R_VALUE_MISSING:102:value missing
|
||||
@ -68,10 +68,10 @@ Index: openssl-1.1.1d/crypto/err/openssl.txt
|
||||
OBJ_R_OID_EXISTS:102:oid exists
|
||||
OBJ_R_UNKNOWN_NID:101:unknown nid
|
||||
OCSP_R_CERTIFICATE_VERIFY_ERROR:101:certificate verify error
|
||||
Index: openssl-1.1.1d/crypto/evp/build.info
|
||||
Index: openssl-1.1.1e/crypto/evp/build.info
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/evp/build.info 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/evp/build.info 2020-01-23 13:45:11.468634429 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/evp/build.info 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/evp/build.info 2020-03-20 14:37:08.204877468 +0100
|
||||
@@ -9,7 +9,8 @@ SOURCE[../../libcrypto]=\
|
||||
p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
|
||||
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
|
||||
@ -82,38 +82,10 @@ Index: openssl-1.1.1d/crypto/evp/build.info
|
||||
e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
|
||||
e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \
|
||||
e_chacha20_poly1305.c cmeth_lib.c
|
||||
Index: openssl-1.1.1d/crypto/evp/e_chacha20_poly1305.c
|
||||
Index: openssl-1.1.1e/crypto/evp/evp_err.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/evp/e_chacha20_poly1305.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/evp/e_chacha20_poly1305.c 2020-01-23 13:45:11.468634429 +0100
|
||||
@@ -14,8 +14,8 @@
|
||||
|
||||
# include <openssl/evp.h>
|
||||
# include <openssl/objects.h>
|
||||
-# include "evp_locl.h"
|
||||
# include "internal/evp_int.h"
|
||||
+# include "evp_locl.h"
|
||||
# include "internal/chacha.h"
|
||||
|
||||
typedef struct {
|
||||
Index: openssl-1.1.1d/crypto/evp/encode.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/evp/encode.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/evp/encode.c 2020-01-23 13:45:11.468634429 +0100
|
||||
@@ -11,8 +11,8 @@
|
||||
#include <limits.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/evp.h>
|
||||
-#include "evp_locl.h"
|
||||
#include "internal/evp_int.h"
|
||||
+#include "evp_locl.h"
|
||||
|
||||
static unsigned char conv_ascii2bin(unsigned char a,
|
||||
const unsigned char *table);
|
||||
Index: openssl-1.1.1d/crypto/evp/evp_err.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/evp/evp_err.c 2020-01-23 13:45:11.228633003 +0100
|
||||
+++ openssl-1.1.1d/crypto/evp/evp_err.c 2020-01-23 13:45:11.468634429 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/evp/evp_err.c 2020-03-20 14:37:08.036876583 +0100
|
||||
+++ openssl-1.1.1e/crypto/evp/evp_err.c 2020-03-20 14:37:08.204877468 +0100
|
||||
@@ -60,6 +60,9 @@ static const ERR_STRING_DATA EVP_str_fun
|
||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, 0),
|
||||
"EVP_EncryptFinal_ex"},
|
||||
@ -139,7 +111,7 @@ Index: openssl-1.1.1d/crypto/evp/evp_err.c
|
||||
{ERR_PACK(ERR_LIB_EVP, EVP_F_UPDATE, 0), "update"},
|
||||
{0, NULL}
|
||||
};
|
||||
@@ -240,6 +245,8 @@ static const ERR_STRING_DATA EVP_str_rea
|
||||
@@ -241,6 +246,8 @@ static const ERR_STRING_DATA EVP_str_rea
|
||||
"operation not supported for this keytype"},
|
||||
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED),
|
||||
"operaton not initialized"},
|
||||
@ -148,10 +120,10 @@ Index: openssl-1.1.1d/crypto/evp/evp_err.c
|
||||
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING),
|
||||
"partially overlapping buffers"},
|
||||
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"},
|
||||
Index: openssl-1.1.1d/crypto/evp/evp_locl.h
|
||||
Index: openssl-1.1.1e/crypto/evp/evp_local.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/evp/evp_locl.h 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/evp/evp_locl.h 2020-01-23 13:45:11.468634429 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/evp/evp_local.h 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/evp/evp_local.h 2020-03-20 16:12:26.722928201 +0100
|
||||
@@ -41,6 +41,11 @@ struct evp_cipher_ctx_st {
|
||||
unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */
|
||||
} /* EVP_CIPHER_CTX */ ;
|
||||
@ -164,22 +136,22 @@ Index: openssl-1.1.1d/crypto/evp/evp_locl.h
|
||||
int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
|
||||
int passlen, ASN1_TYPE *param,
|
||||
const EVP_CIPHER *c, const EVP_MD *md,
|
||||
Index: openssl-1.1.1d/crypto/evp/evp_pbe.c
|
||||
Index: openssl-1.1.1e/crypto/evp/evp_pbe.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/evp/evp_pbe.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/evp/evp_pbe.c 2020-01-23 13:45:11.468634429 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/evp/evp_pbe.c 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/evp/evp_pbe.c 2020-03-20 14:37:08.204877468 +0100
|
||||
@@ -12,6 +12,7 @@
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/pkcs12.h>
|
||||
#include <openssl/x509.h>
|
||||
+#include "internal/evp_int.h"
|
||||
#include "evp_locl.h"
|
||||
+#include "crypto/evp.h"
|
||||
#include "evp_local.h"
|
||||
|
||||
/* Password based encryption (PBE) functions */
|
||||
Index: openssl-1.1.1d/crypto/evp/kdf_lib.c
|
||||
Index: openssl-1.1.1e/crypto/evp/kdf_lib.c
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/crypto/evp/kdf_lib.c 2020-01-23 13:45:31.704754695 +0100
|
||||
+++ openssl-1.1.1e/crypto/evp/kdf_lib.c 2020-03-20 16:12:06.574822921 +0100
|
||||
@@ -0,0 +1,165 @@
|
||||
+/*
|
||||
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -198,10 +170,10 @@ Index: openssl-1.1.1d/crypto/evp/kdf_lib.c
|
||||
+#include <openssl/evp.h>
|
||||
+#include <openssl/x509v3.h>
|
||||
+#include <openssl/kdf.h>
|
||||
+#include "internal/asn1_int.h"
|
||||
+#include "internal/evp_int.h"
|
||||
+#include "crypto/asn1.h"
|
||||
+#include "crypto/evp.h"
|
||||
+#include "internal/numbers.h"
|
||||
+#include "evp_locl.h"
|
||||
+#include "evp_local.h"
|
||||
+
|
||||
+typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
|
||||
+
|
||||
@ -346,10 +318,10 @@ Index: openssl-1.1.1d/crypto/evp/kdf_lib.c
|
||||
+ return ctx->kmeth->derive(ctx->impl, key, keylen);
|
||||
+}
|
||||
+
|
||||
Index: openssl-1.1.1d/crypto/evp/p5_crpt2.c
|
||||
Index: openssl-1.1.1e/crypto/evp/p5_crpt2.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/evp/p5_crpt2.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/evp/p5_crpt2.c 2020-01-23 13:45:11.468634429 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/evp/p5_crpt2.c 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/evp/p5_crpt2.c 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -364,13 +336,13 @@ Index: openssl-1.1.1d/crypto/evp/p5_crpt2.c
|
||||
-# include <openssl/x509.h>
|
||||
-# include <openssl/evp.h>
|
||||
-# include <openssl/hmac.h>
|
||||
-# include "evp_locl.h"
|
||||
-# include "evp_local.h"
|
||||
+#include <openssl/x509.h>
|
||||
+#include <openssl/evp.h>
|
||||
+#include <openssl/kdf.h>
|
||||
+#include <openssl/hmac.h>
|
||||
+#include "internal/evp_int.h"
|
||||
+#include "evp_locl.h"
|
||||
+#include "crypto/evp.h"
|
||||
+#include "evp_local.h"
|
||||
|
||||
/* set this to print out info about the keygen algorithm */
|
||||
/* #define OPENSSL_DEBUG_PKCS5V2 */
|
||||
@ -498,10 +470,10 @@ Index: openssl-1.1.1d/crypto/evp/p5_crpt2.c
|
||||
}
|
||||
|
||||
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
|
||||
Index: openssl-1.1.1d/crypto/evp/pbe_scrypt.c
|
||||
Index: openssl-1.1.1e/crypto/evp/pbe_scrypt.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/evp/pbe_scrypt.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/evp/pbe_scrypt.c 2020-01-23 13:45:11.468634429 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/evp/pbe_scrypt.c 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/evp/pbe_scrypt.c 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -7,135 +7,12 @@
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
@ -772,10 +744,10 @@ Index: openssl-1.1.1d/crypto/evp/pbe_scrypt.c
|
||||
}
|
||||
+
|
||||
#endif
|
||||
Index: openssl-1.1.1d/crypto/evp/pkey_kdf.c
|
||||
Index: openssl-1.1.1e/crypto/evp/pkey_kdf.c
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/crypto/evp/pkey_kdf.c 2020-01-23 13:45:11.468634429 +0100
|
||||
+++ openssl-1.1.1e/crypto/evp/pkey_kdf.c 2020-03-20 16:11:56.326769377 +0100
|
||||
@@ -0,0 +1,255 @@
|
||||
+/*
|
||||
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -791,7 +763,7 @@ Index: openssl-1.1.1d/crypto/evp/pkey_kdf.c
|
||||
+#include <openssl/evp.h>
|
||||
+#include <openssl/err.h>
|
||||
+#include <openssl/kdf.h>
|
||||
+#include "internal/evp_int.h"
|
||||
+#include "crypto/evp.h"
|
||||
+
|
||||
+static int pkey_kdf_init(EVP_PKEY_CTX *ctx)
|
||||
+{
|
||||
@ -1032,10 +1004,10 @@ Index: openssl-1.1.1d/crypto/evp/pkey_kdf.c
|
||||
+ pkey_kdf_ctrl_str
|
||||
+};
|
||||
+
|
||||
Index: openssl-1.1.1d/crypto/include/internal/evp_int.h
|
||||
Index: openssl-1.1.1e/include/crypto/evp.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/include/internal/evp_int.h 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/include/internal/evp_int.h 2020-01-23 13:45:31.704754695 +0100
|
||||
--- openssl-1.1.1e.orig/include/crypto/evp.h 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/include/crypto/evp.h 2020-03-20 16:12:06.574822921 +0100
|
||||
@@ -112,6 +112,24 @@ extern const EVP_PKEY_METHOD hkdf_pkey_m
|
||||
extern const EVP_PKEY_METHOD poly1305_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD siphash_pkey_meth;
|
||||
@ -1061,19 +1033,19 @@ Index: openssl-1.1.1d/crypto/include/internal/evp_int.h
|
||||
struct evp_md_st {
|
||||
int type;
|
||||
int pkey_type;
|
||||
Index: openssl-1.1.1d/crypto/kdf/build.info
|
||||
Index: openssl-1.1.1e/crypto/kdf/build.info
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/kdf/build.info 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/kdf/build.info 2020-01-23 13:45:31.704754695 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/kdf/build.info 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/kdf/build.info 2020-03-20 16:12:06.574822921 +0100
|
||||
@@ -1,3 +1,3 @@
|
||||
LIBS=../../libcrypto
|
||||
SOURCE[../../libcrypto]=\
|
||||
- tls1_prf.c kdf_err.c hkdf.c scrypt.c
|
||||
+ tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c
|
||||
Index: openssl-1.1.1d/crypto/kdf/hkdf.c
|
||||
Index: openssl-1.1.1e/crypto/kdf/hkdf.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/kdf/hkdf.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/kdf/hkdf.c 2020-01-23 13:45:11.468634429 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/kdf/hkdf.c 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/kdf/hkdf.c 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -8,32 +8,33 @@
|
||||
*/
|
||||
|
||||
@ -1085,7 +1057,7 @@ Index: openssl-1.1.1d/crypto/kdf/hkdf.c
|
||||
#include <openssl/evp.h>
|
||||
+#include <openssl/kdf.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include "internal/evp_int.h"
|
||||
#include "crypto/evp.h"
|
||||
+#include "kdf_local.h"
|
||||
|
||||
#define HKDF_MAXBUF 1024
|
||||
@ -1540,10 +1512,10 @@ Index: openssl-1.1.1d/crypto/kdf/hkdf.c
|
||||
|
||||
err:
|
||||
OPENSSL_cleanse(prev, sizeof(prev));
|
||||
Index: openssl-1.1.1d/crypto/kdf/kdf_err.c
|
||||
Index: openssl-1.1.1e/crypto/kdf/kdf_err.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/kdf/kdf_err.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/kdf/kdf_err.c 2020-01-23 13:45:31.704754695 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/kdf/kdf_err.c 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/kdf/kdf_err.c 2020-03-20 16:12:06.574822921 +0100
|
||||
@@ -1,6 +1,6 @@
|
||||
/*
|
||||
* Generated by util/mkerr.pl DO NOT EDIT
|
||||
@ -1599,10 +1571,10 @@ Index: openssl-1.1.1d/crypto/kdf/kdf_err.c
|
||||
{0, NULL}
|
||||
};
|
||||
|
||||
Index: openssl-1.1.1d/crypto/kdf/kdf_local.h
|
||||
Index: openssl-1.1.1e/crypto/kdf/kdf_local.h
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/crypto/kdf/kdf_local.h 2020-01-23 13:45:11.468634429 +0100
|
||||
+++ openssl-1.1.1e/crypto/kdf/kdf_local.h 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -0,0 +1,22 @@
|
||||
+/*
|
||||
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -1626,10 +1598,10 @@ Index: openssl-1.1.1d/crypto/kdf/kdf_local.h
|
||||
+ int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
|
||||
+ int cmd, const char *md_name);
|
||||
+
|
||||
Index: openssl-1.1.1d/crypto/kdf/kdf_util.c
|
||||
Index: openssl-1.1.1e/crypto/kdf/kdf_util.c
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/crypto/kdf/kdf_util.c 2020-01-23 13:45:11.468634429 +0100
|
||||
+++ openssl-1.1.1e/crypto/kdf/kdf_util.c 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -0,0 +1,73 @@
|
||||
+/*
|
||||
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -1646,7 +1618,7 @@ Index: openssl-1.1.1d/crypto/kdf/kdf_util.c
|
||||
+#include <openssl/kdf.h>
|
||||
+#include <openssl/evp.h>
|
||||
+#include "internal/cryptlib.h"
|
||||
+#include "internal/evp_int.h"
|
||||
+#include "crypto/evp.h"
|
||||
+#include "internal/numbers.h"
|
||||
+#include "kdf_local.h"
|
||||
+
|
||||
@ -1704,10 +1676,10 @@ Index: openssl-1.1.1d/crypto/kdf/kdf_util.c
|
||||
+ return call_ctrl(ctrl, impl, cmd, md);
|
||||
+}
|
||||
+
|
||||
Index: openssl-1.1.1d/crypto/kdf/pbkdf2.c
|
||||
Index: openssl-1.1.1e/crypto/kdf/pbkdf2.c
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/crypto/kdf/pbkdf2.c 2020-01-23 13:45:11.468634429 +0100
|
||||
+++ openssl-1.1.1e/crypto/kdf/pbkdf2.c 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -0,0 +1,264 @@
|
||||
+/*
|
||||
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -1725,7 +1697,7 @@ Index: openssl-1.1.1d/crypto/kdf/pbkdf2.c
|
||||
+#include <openssl/evp.h>
|
||||
+#include <openssl/kdf.h>
|
||||
+#include "internal/cryptlib.h"
|
||||
+#include "internal/evp_int.h"
|
||||
+#include "crypto/evp.h"
|
||||
+#include "kdf_local.h"
|
||||
+
|
||||
+static void kdf_pbkdf2_reset(EVP_KDF_IMPL *impl);
|
||||
@ -1973,10 +1945,10 @@ Index: openssl-1.1.1d/crypto/kdf/pbkdf2.c
|
||||
+ HMAC_CTX_free(hctx_tpl);
|
||||
+ return ret;
|
||||
+}
|
||||
Index: openssl-1.1.1d/crypto/kdf/scrypt.c
|
||||
Index: openssl-1.1.1e/crypto/kdf/scrypt.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/kdf/scrypt.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/kdf/scrypt.c 2020-01-23 13:45:11.472634451 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/kdf/scrypt.c 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/kdf/scrypt.c 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -8,25 +8,34 @@
|
||||
*/
|
||||
|
||||
@ -1989,7 +1961,7 @@ Index: openssl-1.1.1d/crypto/kdf/scrypt.c
|
||||
-#include "internal/cryptlib.h"
|
||||
+#include <openssl/kdf.h>
|
||||
+#include <openssl/err.h>
|
||||
#include "internal/evp_int.h"
|
||||
#include "crypto/evp.h"
|
||||
+#include "internal/numbers.h"
|
||||
+#include "kdf_local.h"
|
||||
|
||||
@ -2565,10 +2537,10 @@ Index: openssl-1.1.1d/crypto/kdf/scrypt.c
|
||||
+}
|
||||
|
||||
#endif
|
||||
Index: openssl-1.1.1d/crypto/kdf/tls1_prf.c
|
||||
Index: openssl-1.1.1e/crypto/kdf/tls1_prf.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/kdf/tls1_prf.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/kdf/tls1_prf.c 2020-01-23 13:45:11.472634451 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/kdf/tls1_prf.c 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/kdf/tls1_prf.c 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -8,11 +8,15 @@
|
||||
*/
|
||||
|
||||
@ -2579,7 +2551,7 @@ Index: openssl-1.1.1d/crypto/kdf/tls1_prf.c
|
||||
-#include <openssl/kdf.h>
|
||||
#include <openssl/evp.h>
|
||||
+#include <openssl/kdf.h>
|
||||
#include "internal/evp_int.h"
|
||||
#include "crypto/evp.h"
|
||||
+#include "kdf_local.h"
|
||||
|
||||
+static void kdf_tls1_prf_reset(EVP_KDF_IMPL *impl);
|
||||
@ -2852,10 +2824,10 @@ Index: openssl-1.1.1d/crypto/kdf/tls1_prf.c
|
||||
OPENSSL_clear_free(tmp, olen);
|
||||
return 0;
|
||||
}
|
||||
Index: openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod
|
||||
Index: openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod 2020-01-23 13:45:11.472634451 +0100
|
||||
+++ openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -0,0 +1,217 @@
|
||||
+=pod
|
||||
+
|
||||
@ -3074,10 +3046,10 @@ Index: openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod
|
||||
+L<https://www.openssl.org/source/license.html>.
|
||||
+
|
||||
+=cut
|
||||
Index: openssl-1.1.1d/doc/man7/EVP_KDF_HKDF.pod
|
||||
Index: openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/doc/man7/EVP_KDF_HKDF.pod 2020-01-23 13:45:11.472634451 +0100
|
||||
+++ openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -0,0 +1,180 @@
|
||||
+=pod
|
||||
+
|
||||
@ -3259,10 +3231,10 @@ Index: openssl-1.1.1d/doc/man7/EVP_KDF_HKDF.pod
|
||||
+L<https://www.openssl.org/source/license.html>.
|
||||
+
|
||||
+=cut
|
||||
Index: openssl-1.1.1d/doc/man7/EVP_KDF_PBKDF2.pod
|
||||
Index: openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/doc/man7/EVP_KDF_PBKDF2.pod 2020-01-23 13:45:11.472634451 +0100
|
||||
+++ openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -0,0 +1,78 @@
|
||||
+=pod
|
||||
+
|
||||
@ -3342,10 +3314,10 @@ Index: openssl-1.1.1d/doc/man7/EVP_KDF_PBKDF2.pod
|
||||
+L<https://www.openssl.org/source/license.html>.
|
||||
+
|
||||
+=cut
|
||||
Index: openssl-1.1.1d/doc/man7/EVP_KDF_SCRYPT.pod
|
||||
Index: openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/doc/man7/EVP_KDF_SCRYPT.pod 2020-01-23 13:45:11.472634451 +0100
|
||||
+++ openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -0,0 +1,149 @@
|
||||
+=pod
|
||||
+
|
||||
@ -3496,10 +3468,10 @@ Index: openssl-1.1.1d/doc/man7/EVP_KDF_SCRYPT.pod
|
||||
+L<https://www.openssl.org/source/license.html>.
|
||||
+
|
||||
+=cut
|
||||
Index: openssl-1.1.1d/doc/man7/EVP_KDF_TLS1_PRF.pod
|
||||
Index: openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/doc/man7/EVP_KDF_TLS1_PRF.pod 2020-01-23 13:45:11.472634451 +0100
|
||||
+++ openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -0,0 +1,142 @@
|
||||
+=pod
|
||||
+
|
||||
@ -3643,10 +3615,10 @@ Index: openssl-1.1.1d/doc/man7/EVP_KDF_TLS1_PRF.pod
|
||||
+L<https://www.openssl.org/source/license.html>.
|
||||
+
|
||||
+=cut
|
||||
Index: openssl-1.1.1d/include/openssl/evperr.h
|
||||
Index: openssl-1.1.1e/include/openssl/evperr.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/include/openssl/evperr.h 2020-01-23 13:45:11.344633691 +0100
|
||||
+++ openssl-1.1.1d/include/openssl/evperr.h 2020-01-23 13:45:11.472634451 +0100
|
||||
--- openssl-1.1.1e.orig/include/openssl/evperr.h 2020-03-20 14:37:08.084876835 +0100
|
||||
+++ openssl-1.1.1e/include/openssl/evperr.h 2020-03-20 14:37:08.208877488 +0100
|
||||
@@ -58,6 +58,9 @@ int ERR_load_EVP_strings(void);
|
||||
# define EVP_F_EVP_ENCRYPTDECRYPTUPDATE 219
|
||||
# define EVP_F_EVP_ENCRYPTFINAL_EX 127
|
||||
@ -3671,7 +3643,7 @@ Index: openssl-1.1.1d/include/openssl/evperr.h
|
||||
# define EVP_F_UPDATE 173
|
||||
|
||||
/*
|
||||
@@ -180,6 +185,7 @@ int ERR_load_EVP_strings(void);
|
||||
@@ -181,6 +186,7 @@ int ERR_load_EVP_strings(void);
|
||||
# define EVP_R_ONLY_ONESHOT_SUPPORTED 177
|
||||
# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
|
||||
# define EVP_R_OPERATON_NOT_INITIALIZED 151
|
||||
@ -3679,10 +3651,10 @@ Index: openssl-1.1.1d/include/openssl/evperr.h
|
||||
# define EVP_R_PARTIALLY_OVERLAPPING 162
|
||||
# define EVP_R_PBKDF2_ERROR 181
|
||||
# define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179
|
||||
Index: openssl-1.1.1d/include/openssl/kdferr.h
|
||||
Index: openssl-1.1.1e/include/openssl/kdferr.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/include/openssl/kdferr.h 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/include/openssl/kdferr.h 2020-01-23 13:45:31.704754695 +0100
|
||||
--- openssl-1.1.1e.orig/include/openssl/kdferr.h 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/include/openssl/kdferr.h 2020-03-20 16:12:06.574822921 +0100
|
||||
@@ -23,6 +23,23 @@ int ERR_load_KDF_strings(void);
|
||||
/*
|
||||
* KDF function codes.
|
||||
@ -3722,10 +3694,10 @@ Index: openssl-1.1.1d/include/openssl/kdferr.h
|
||||
+# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112
|
||||
|
||||
#endif
|
||||
Index: openssl-1.1.1d/include/openssl/kdf.h
|
||||
Index: openssl-1.1.1e/include/openssl/kdf.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/include/openssl/kdf.h 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/include/openssl/kdf.h 2020-01-23 13:45:31.704754695 +0100
|
||||
--- openssl-1.1.1e.orig/include/openssl/kdf.h 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/include/openssl/kdf.h 2020-03-20 16:12:06.574822921 +0100
|
||||
@@ -10,10 +10,50 @@
|
||||
#ifndef HEADER_KDF_H
|
||||
# define HEADER_KDF_H
|
||||
@ -3804,10 +3776,10 @@ Index: openssl-1.1.1d/include/openssl/kdf.h
|
||||
}
|
||||
# endif
|
||||
#endif
|
||||
Index: openssl-1.1.1d/include/openssl/ossl_typ.h
|
||||
Index: openssl-1.1.1e/include/openssl/ossl_typ.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/include/openssl/ossl_typ.h 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/include/openssl/ossl_typ.h 2020-01-23 13:45:11.472634451 +0100
|
||||
--- openssl-1.1.1e.orig/include/openssl/ossl_typ.h 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/include/openssl/ossl_typ.h 2020-03-20 14:37:08.212877511 +0100
|
||||
@@ -97,6 +97,8 @@ typedef struct evp_pkey_asn1_method_st E
|
||||
typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
|
||||
typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
|
||||
@ -3817,10 +3789,10 @@ Index: openssl-1.1.1d/include/openssl/ossl_typ.h
|
||||
typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX;
|
||||
|
||||
typedef struct hmac_ctx_st HMAC_CTX;
|
||||
Index: openssl-1.1.1d/test/build.info
|
||||
Index: openssl-1.1.1e/test/build.info
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/test/build.info 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/test/build.info 2020-01-23 13:45:11.472634451 +0100
|
||||
--- openssl-1.1.1e.orig/test/build.info 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/test/build.info 2020-03-20 14:37:08.212877511 +0100
|
||||
@@ -44,7 +44,8 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I
|
||||
ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \
|
||||
bio_callback_test bio_memleak_test \
|
||||
@ -3842,10 +3814,10 @@ Index: openssl-1.1.1d/test/build.info
|
||||
SOURCE[x509_time_test]=x509_time_test.c
|
||||
INCLUDE[x509_time_test]=../include
|
||||
DEPEND[x509_time_test]=../libcrypto libtestutil.a
|
||||
Index: openssl-1.1.1d/test/evp_kdf_test.c
|
||||
Index: openssl-1.1.1e/test/evp_kdf_test.c
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/test/evp_kdf_test.c 2020-01-23 13:45:11.472634451 +0100
|
||||
+++ openssl-1.1.1e/test/evp_kdf_test.c 2020-03-20 14:37:08.212877511 +0100
|
||||
@@ -0,0 +1,237 @@
|
||||
+/*
|
||||
+ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -4084,10 +4056,10 @@ Index: openssl-1.1.1d/test/evp_kdf_test.c
|
||||
+#endif
|
||||
+ return 1;
|
||||
+}
|
||||
Index: openssl-1.1.1d/test/evp_test.c
|
||||
Index: openssl-1.1.1e/test/evp_test.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/test/evp_test.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/test/evp_test.c 2020-01-23 13:45:11.472634451 +0100
|
||||
--- openssl-1.1.1e.orig/test/evp_test.c 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/test/evp_test.c 2020-03-20 14:37:08.212877511 +0100
|
||||
@@ -1705,13 +1705,14 @@ static const EVP_TEST_METHOD encode_test
|
||||
encode_test_run,
|
||||
};
|
||||
@ -4299,10 +4271,10 @@ Index: openssl-1.1.1d/test/evp_test.c
|
||||
&keypair_test_method,
|
||||
&keygen_test_method,
|
||||
&mac_test_method,
|
||||
Index: openssl-1.1.1d/test/pkey_meth_kdf_test.c
|
||||
Index: openssl-1.1.1e/test/pkey_meth_kdf_test.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/test/pkey_meth_kdf_test.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/test/pkey_meth_kdf_test.c 2020-01-23 13:45:11.472634451 +0100
|
||||
--- openssl-1.1.1e.orig/test/pkey_meth_kdf_test.c 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/test/pkey_meth_kdf_test.c 2020-03-20 14:37:08.212877511 +0100
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -4506,10 +4478,10 @@ Index: openssl-1.1.1d/test/pkey_meth_kdf_test.c
|
||||
}
|
||||
#endif
|
||||
|
||||
Index: openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt
|
||||
Index: openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/test/recipes/30-test_evp_data/evpkdf.txt 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt 2020-01-23 13:45:31.704754695 +0100
|
||||
--- openssl-1.1.1e.orig/test/recipes/30-test_evp_data/evpkdf.txt 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt 2020-03-20 16:12:06.574822921 +0100
|
||||
@@ -1,5 +1,5 @@
|
||||
#
|
||||
-# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -4908,10 +4880,10 @@ Index: openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt
|
||||
+Ctrl.digest = digest:sha512
|
||||
+Output = 00ef42cdbfc98d29db20976608e455567fdddf14
|
||||
+
|
||||
Index: openssl-1.1.1d/test/recipes/30-test_evp_data/evppkey_kdf.txt
|
||||
Index: openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/test/recipes/30-test_evp_data/evppkey_kdf.txt 2020-01-23 13:45:11.476634476 +0100
|
||||
+++ openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt 2020-03-20 14:37:08.212877511 +0100
|
||||
@@ -0,0 +1,305 @@
|
||||
+#
|
||||
+# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -5218,10 +5190,10 @@ Index: openssl-1.1.1d/test/recipes/30-test_evp_data/evppkey_kdf.txt
|
||||
+Ctrl.p = p:1
|
||||
+Result = INTERNAL_ERROR
|
||||
+
|
||||
Index: openssl-1.1.1d/test/recipes/30-test_evp_kdf.t
|
||||
Index: openssl-1.1.1e/test/recipes/30-test_evp_kdf.t
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/test/recipes/30-test_evp_kdf.t 2020-01-23 13:45:11.476634476 +0100
|
||||
+++ openssl-1.1.1e/test/recipes/30-test_evp_kdf.t 2020-03-20 14:37:08.212877511 +0100
|
||||
@@ -0,0 +1,13 @@
|
||||
+#! /usr/bin/env perl
|
||||
+# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -5236,10 +5208,10 @@ Index: openssl-1.1.1d/test/recipes/30-test_evp_kdf.t
|
||||
+use OpenSSL::Test::Simple;
|
||||
+
|
||||
+simple_test("test_evp_kdf", "evp_kdf_test");
|
||||
Index: openssl-1.1.1d/test/recipes/30-test_evp.t
|
||||
Index: openssl-1.1.1e/test/recipes/30-test_evp.t
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/test/recipes/30-test_evp.t 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/test/recipes/30-test_evp.t 2020-01-23 13:45:11.476634476 +0100
|
||||
--- openssl-1.1.1e.orig/test/recipes/30-test_evp.t 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/test/recipes/30-test_evp.t 2020-03-20 14:37:08.212877511 +0100
|
||||
@@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT data_file/
|
||||
setup("test_evp");
|
||||
|
||||
@ -5249,11 +5221,11 @@ Index: openssl-1.1.1d/test/recipes/30-test_evp.t
|
||||
"evpcase.txt", "evpccmcavs.txt" );
|
||||
|
||||
plan tests => scalar(@files);
|
||||
Index: openssl-1.1.1d/util/libcrypto.num
|
||||
Index: openssl-1.1.1e/util/libcrypto.num
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/util/libcrypto.num 2020-01-23 13:45:11.348633716 +0100
|
||||
+++ openssl-1.1.1d/util/libcrypto.num 2020-01-23 13:45:11.476634476 +0100
|
||||
@@ -4617,3 +4617,11 @@ FIPS_drbg_get_strength
|
||||
--- openssl-1.1.1e.orig/util/libcrypto.num 2020-03-20 14:37:08.088876857 +0100
|
||||
+++ openssl-1.1.1e/util/libcrypto.num 2020-03-20 16:11:58.798782289 +0100
|
||||
@@ -4622,3 +4622,11 @@ FIPS_drbg_get_strength
|
||||
FIPS_rand_strength 6380 1_1_0g EXIST::FUNCTION:
|
||||
FIPS_drbg_get_blocklength 6381 1_1_0g EXIST::FUNCTION:
|
||||
FIPS_drbg_init 6382 1_1_0g EXIST::FUNCTION:
|
||||
@ -5265,10 +5237,10 @@ Index: openssl-1.1.1d/util/libcrypto.num
|
||||
+EVP_KDF_ctrl_str 6595 1_1_1b EXIST::FUNCTION:
|
||||
+EVP_KDF_size 6596 1_1_1b EXIST::FUNCTION:
|
||||
+EVP_KDF_derive 6597 1_1_1b EXIST::FUNCTION:
|
||||
Index: openssl-1.1.1d/util/private.num
|
||||
Index: openssl-1.1.1e/util/private.num
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/util/private.num 2020-01-23 13:45:11.032631836 +0100
|
||||
+++ openssl-1.1.1d/util/private.num 2020-01-23 13:45:11.476634476 +0100
|
||||
--- openssl-1.1.1e.orig/util/private.num 2020-03-20 14:37:07.856875635 +0100
|
||||
+++ openssl-1.1.1e/util/private.num 2020-03-20 14:37:08.212877511 +0100
|
||||
@@ -22,6 +22,7 @@ CRYPTO_EX_dup
|
||||
CRYPTO_EX_free datatype
|
||||
CRYPTO_EX_new datatype
|
||||
@ -5277,3 +5249,31 @@ Index: openssl-1.1.1d/util/private.num
|
||||
EVP_PKEY_gen_cb datatype
|
||||
EVP_PKEY_METHOD datatype
|
||||
EVP_PKEY_ASN1_METHOD datatype
|
||||
Index: openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1e.orig/crypto/evp/e_chacha20_poly1305.c 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c 2020-03-20 16:12:44.271019899 +0100
|
||||
@@ -14,8 +14,8 @@
|
||||
|
||||
# include <openssl/evp.h>
|
||||
# include <openssl/objects.h>
|
||||
-# include "evp_local.h"
|
||||
# include "crypto/evp.h"
|
||||
+# include "evp_local.h"
|
||||
# include "crypto/chacha.h"
|
||||
|
||||
typedef struct {
|
||||
Index: openssl-1.1.1e/crypto/evp/encode.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1e.orig/crypto/evp/encode.c 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/evp/encode.c 2020-03-20 16:15:09.491778701 +0100
|
||||
@@ -11,8 +11,8 @@
|
||||
#include <limits.h>
|
||||
#include "internal/cryptlib.h"
|
||||
#include <openssl/evp.h>
|
||||
-#include "evp_local.h"
|
||||
#include "crypto/evp.h"
|
||||
+#include "evp_local.h"
|
||||
|
||||
static unsigned char conv_ascii2bin(unsigned char a,
|
||||
const unsigned char *table);
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
Index: openssl-1.1.1d/crypto/include/internal/rand_int.h
|
||||
Index: openssl-1.1.1d/include/crypto/rand.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/include/internal/rand_int.h 2020-01-23 13:45:11.368633835 +0100
|
||||
+++ openssl-1.1.1d/crypto/include/internal/rand_int.h 2020-01-23 13:45:11.384633930 +0100
|
||||
--- openssl-1.1.1d.orig/include/crypto/rand.h 2020-01-23 13:45:11.368633835 +0100
|
||||
+++ openssl-1.1.1d/include/crypto/rand.h 2020-01-23 13:45:11.384633930 +0100
|
||||
@@ -49,6 +49,14 @@ size_t rand_drbg_get_additional_data(RAN
|
||||
|
||||
void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out);
|
||||
@ -75,9 +75,9 @@ Index: openssl-1.1.1d/crypto/rand/rand_crng_test.c
|
||||
+
|
||||
+#include <string.h>
|
||||
+#include <openssl/evp.h>
|
||||
+#include "internal/rand_int.h"
|
||||
+#include "crypto/rand.h"
|
||||
+#include "internal/thread_once.h"
|
||||
+#include "rand_lcl.h"
|
||||
+#include "rand_local.h"
|
||||
+
|
||||
+static RAND_POOL *crngt_pool;
|
||||
+static unsigned char crngt_prev[EVP_MAX_MD_SIZE];
|
||||
@ -177,10 +177,10 @@ Index: openssl-1.1.1d/crypto/rand/rand_crng_test.c
|
||||
+{
|
||||
+ OPENSSL_secure_clear_free(out, outlen);
|
||||
+}
|
||||
Index: openssl-1.1.1d/crypto/rand/rand_lcl.h
|
||||
Index: openssl-1.1.1d/crypto/rand/rand_local.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/rand/rand_lcl.h 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/rand/rand_lcl.h 2020-01-23 13:45:11.384633930 +0100
|
||||
--- openssl-1.1.1d.orig/crypto/rand/rand_local.h 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/rand/rand_local.h 2020-01-23 13:45:11.384633930 +0100
|
||||
@@ -33,7 +33,15 @@
|
||||
# define MASTER_RESEED_TIME_INTERVAL (60*60) /* 1 hour */
|
||||
# define SLAVE_RESEED_TIME_INTERVAL (7*60) /* 7 minutes */
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
Index: openssl-1.1.1d/crypto/fips/fips.c
|
||||
Index: openssl-1.1.1e/crypto/fips/fips.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/fips/fips.c 2020-01-23 13:45:11.232633025 +0100
|
||||
+++ openssl-1.1.1d/crypto/fips/fips.c 2020-01-23 13:45:48.216852822 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/fips/fips.c 2020-03-20 14:08:12.235758574 +0100
|
||||
+++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-20 14:08:13.787766679 +0100
|
||||
@@ -68,6 +68,7 @@
|
||||
|
||||
# include <openssl/fips.h>
|
||||
# include "internal/thread_once.h"
|
||||
+# include "internal/rand_int.h"
|
||||
+# include "crypto/rand.h"
|
||||
|
||||
# ifndef PATH_MAX
|
||||
# define PATH_MAX 1024
|
||||
@ -52,10 +52,10 @@ Index: openssl-1.1.1d/crypto/fips/fips.c
|
||||
ret = 1;
|
||||
goto end;
|
||||
}
|
||||
Index: openssl-1.1.1d/crypto/include/internal/fips_int.h
|
||||
Index: openssl-1.1.1e/include/crypto/fips_int.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/include/internal/fips_int.h 2020-01-23 13:45:11.336633643 +0100
|
||||
+++ openssl-1.1.1d/crypto/include/internal/fips_int.h 2020-01-23 13:45:11.368633835 +0100
|
||||
--- openssl-1.1.1e.orig/include/crypto/fips_int.h 2020-03-20 14:08:12.239758595 +0100
|
||||
+++ openssl-1.1.1e/include/crypto/fips_int.h 2020-03-20 14:08:13.787766679 +0100
|
||||
@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void);
|
||||
int FIPS_selftest_drbg(void);
|
||||
int FIPS_selftest_cmac(void);
|
||||
@ -65,10 +65,10 @@ Index: openssl-1.1.1d/crypto/include/internal/fips_int.h
|
||||
int fips_pkey_signature_test(EVP_PKEY *pkey,
|
||||
const unsigned char *tbs, int tbslen,
|
||||
const unsigned char *kat,
|
||||
Index: openssl-1.1.1d/crypto/include/internal/rand_int.h
|
||||
Index: openssl-1.1.1e/include/crypto/rand.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/include/internal/rand_int.h 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/include/internal/rand_int.h 2020-01-23 13:45:53.964886989 +0100
|
||||
--- openssl-1.1.1e.orig/include/crypto/rand.h 2020-03-20 14:08:12.239758595 +0100
|
||||
+++ openssl-1.1.1e/include/crypto/rand.h 2020-03-20 14:08:13.791766699 +0100
|
||||
@@ -24,6 +24,7 @@
|
||||
typedef struct rand_pool_st RAND_POOL;
|
||||
|
||||
@ -77,10 +77,10 @@ Index: openssl-1.1.1d/crypto/include/internal/rand_int.h
|
||||
void rand_drbg_cleanup_int(void);
|
||||
void drbg_delete_thread_state(void);
|
||||
|
||||
Index: openssl-1.1.1d/crypto/rand/drbg_lib.c
|
||||
Index: openssl-1.1.1e/crypto/rand/drbg_lib.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/rand/drbg_lib.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/rand/drbg_lib.c 2020-01-23 13:45:53.964886989 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/rand/drbg_lib.c 2020-03-20 14:08:12.239758595 +0100
|
||||
+++ openssl-1.1.1e/crypto/rand/drbg_lib.c 2020-03-20 14:08:13.791766699 +0100
|
||||
@@ -1009,6 +1009,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg
|
||||
return min_entropy > min_entropylen ? min_entropy : min_entropylen;
|
||||
}
|
||||
@ -102,15 +102,15 @@ Index: openssl-1.1.1d/crypto/rand/drbg_lib.c
|
||||
/* Implements the default OpenSSL RAND_add() method */
|
||||
static int drbg_add(const void *buf, int num, double randomness)
|
||||
{
|
||||
Index: openssl-1.1.1d/crypto/rand/rand_unix.c
|
||||
Index: openssl-1.1.1e/crypto/rand/rand_unix.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/rand/rand_unix.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/crypto/rand/rand_unix.c 2020-01-23 13:45:11.368633835 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/rand/rand_unix.c 2020-03-20 14:08:12.239758595 +0100
|
||||
+++ openssl-1.1.1e/crypto/rand/rand_unix.c 2020-03-20 14:08:41.763912735 +0100
|
||||
@@ -17,10 +17,12 @@
|
||||
#include <openssl/crypto.h>
|
||||
#include "rand_lcl.h"
|
||||
#include "internal/rand_int.h"
|
||||
+#include "internal/fips_int.h"
|
||||
#include "rand_local.h"
|
||||
#include "crypto/rand.h"
|
||||
+#include "crypto/fips_int.h"
|
||||
#include <stdio.h>
|
||||
#include "internal/dso.h"
|
||||
#ifdef __linux
|
||||
@ -119,7 +119,7 @@ Index: openssl-1.1.1d/crypto/rand/rand_unix.c
|
||||
# ifdef DEVRANDOM_WAIT
|
||||
# include <sys/shm.h>
|
||||
# include <sys/utsname.h>
|
||||
@@ -295,7 +297,7 @@ static ssize_t sysctl_random(char *buf,
|
||||
@@ -342,7 +344,7 @@ static ssize_t sysctl_random(char *buf,
|
||||
* syscall_random(): Try to get random data using a system call
|
||||
* returns the number of bytes returned in buf, or < 0 on error.
|
||||
*/
|
||||
@ -128,7 +128,7 @@ Index: openssl-1.1.1d/crypto/rand/rand_unix.c
|
||||
{
|
||||
/*
|
||||
* Note: 'buflen' equals the size of the buffer which is used by the
|
||||
@@ -317,6 +319,7 @@ static ssize_t syscall_random(void *buf,
|
||||
@@ -364,6 +366,7 @@ static ssize_t syscall_random(void *buf,
|
||||
* - Linux since 3.17 with glibc 2.25
|
||||
* - FreeBSD since 12.0 (1200061)
|
||||
*/
|
||||
@ -136,7 +136,7 @@ Index: openssl-1.1.1d/crypto/rand/rand_unix.c
|
||||
# if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux)
|
||||
extern int getentropy(void *buffer, size_t length) __attribute__((weak));
|
||||
|
||||
@@ -338,10 +341,10 @@ static ssize_t syscall_random(void *buf,
|
||||
@@ -385,10 +388,10 @@ static ssize_t syscall_random(void *buf,
|
||||
if (p_getentropy.p != NULL)
|
||||
return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1;
|
||||
# endif
|
||||
@ -150,7 +150,7 @@ Index: openssl-1.1.1d/crypto/rand/rand_unix.c
|
||||
# elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)
|
||||
return sysctl_random(buf, buflen);
|
||||
# else
|
||||
@@ -576,6 +579,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||
@@ -623,6 +626,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||
size_t entropy_available;
|
||||
|
||||
# if defined(OPENSSL_RAND_SEED_GETRANDOM)
|
||||
@ -160,7 +160,7 @@ Index: openssl-1.1.1d/crypto/rand/rand_unix.c
|
||||
{
|
||||
size_t bytes_needed;
|
||||
unsigned char *buffer;
|
||||
@@ -586,7 +592,7 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||
@@ -633,7 +639,7 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||
bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
|
||||
while (bytes_needed != 0 && attempts-- > 0) {
|
||||
buffer = rand_pool_add_begin(pool, bytes_needed);
|
||||
@ -169,7 +169,7 @@ Index: openssl-1.1.1d/crypto/rand/rand_unix.c
|
||||
if (bytes > 0) {
|
||||
rand_pool_add_end(pool, bytes, 8 * bytes);
|
||||
bytes_needed -= bytes;
|
||||
@@ -621,8 +627,10 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||
@@ -668,8 +674,10 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||
int attempts = 3;
|
||||
const int fd = get_random_device(i);
|
||||
|
||||
@ -181,7 +181,7 @@ Index: openssl-1.1.1d/crypto/rand/rand_unix.c
|
||||
|
||||
while (bytes_needed != 0 && attempts-- > 0) {
|
||||
buffer = rand_pool_add_begin(pool, bytes_needed);
|
||||
@@ -685,7 +693,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||
@@ -732,7 +740,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||
return entropy_available;
|
||||
}
|
||||
# endif
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -51,10 +51,10 @@ Index: openssl-1.1.1d/crypto/evp/kdf_lib.c
|
||||
};
|
||||
|
||||
DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *,
|
||||
Index: openssl-1.1.1d/crypto/include/internal/evp_int.h
|
||||
Index: openssl-1.1.1d/include/crypto/evp.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/include/internal/evp_int.h 2020-01-23 13:45:11.468634429 +0100
|
||||
+++ openssl-1.1.1d/crypto/include/internal/evp_int.h 2020-01-23 13:45:11.488634548 +0100
|
||||
--- openssl-1.1.1d.orig/include/crypto/evp.h 2020-01-23 13:45:11.468634429 +0100
|
||||
+++ openssl-1.1.1d/include/crypto/evp.h 2020-01-23 13:45:11.488634548 +0100
|
||||
@@ -129,6 +129,7 @@ extern const EVP_KDF_METHOD pbkdf2_kdf_m
|
||||
extern const EVP_KDF_METHOD scrypt_kdf_meth;
|
||||
extern const EVP_KDF_METHOD tls1_prf_kdf_meth;
|
||||
@ -118,7 +118,7 @@ Index: openssl-1.1.1d/crypto/kdf/sshkdf.c
|
||||
+#include <openssl/evp.h>
|
||||
+#include <openssl/kdf.h>
|
||||
+#include "internal/cryptlib.h"
|
||||
+#include "internal/evp_int.h"
|
||||
+#include "crypto/evp.h"
|
||||
+#include "kdf_local.h"
|
||||
+
|
||||
+/* See RFC 4253, Section 7.2 */
|
||||
|
||||
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2
|
||||
size 8845861
|
||||
@ -1,11 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEzBAABCgAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAl13oWoACgkQ2cTSbQ5g
|
||||
RJH0Agf+IekQXtSPsrn/5RMgXFGSyK+S1BpFhyoJRvDocVZAxwgvd4F1fcYkFVXH
|
||||
5+Q6o6s6tIDb+VkuIajcDxTQvrFoXKWMbsFsu3NBAan5R0OlYINRYtXULg0ZqQv4
|
||||
zxclCSLQTpuMyptuGGbg0/8+9IAhGFk2XSA5EEI+SC6lswRQiT7p6dbULj4CvH3m
|
||||
7mqovojAAaEJpgfG8b+L+QBJ4XId99uC6tiLM1tTMCsn1ErLsTd366fzEpC1w12a
|
||||
V/gWQ1mVs+bmSRySPx8mO4CpHfhAI+sZrSsWG+UXP9Guf9YKHFLJDiSrX7EmvszR
|
||||
B+/LvZqce4iCnwCUoIuYhxM6EybDdQ==
|
||||
=v5CI
|
||||
-----END PGP SIGNATURE-----
|
||||
3
openssl-1.1.1f.tar.gz
Normal file
3
openssl-1.1.1f.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:186c6bfe6ecfba7a5b48c47f8a1673d0f3b0e5ba2e25602dd23b629975da3f35
|
||||
size 9792828
|
||||
11
openssl-1.1.1f.tar.gz.asc
Normal file
11
openssl-1.1.1f.tar.gz.asc
Normal file
@ -0,0 +1,11 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEzBAABCAAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAl6DNO8ACgkQ2cTSbQ5g
|
||||
RJEcRQf+PEPY47eqigmUqN26vlOu/QUjYFlB5R9K90DFJvS+UM/KoS4UwdTSuska
|
||||
hk010MFZlhlFKvzFX6pkyq4AHW1Ta3la3VqRwHAv/TYVCWKIsSKpm07tW6Z/aF4w
|
||||
N4JAciN9I1+nsnEYvVZUbDvXw64B35Hxgd6mRc6gRbp8yQwkPNUspZxS6DcUIPPV
|
||||
bgU/s/+aB1kqjG6oBbe7HFBqD8xbnvL8/unsi3OLLxUp2dUvndHDmKX/sW6+T8S2
|
||||
BL3Czskk25hV2fYMZY/97oiUDkTNH3Tfa1WlwLRF/NPAakem2m47biwgJv74mKAm
|
||||
8D6M7om3dh3FsBYMq2JkfHIfUTvhRw==
|
||||
=WoEF
|
||||
-----END PGP SIGNATURE-----
|
||||
File diff suppressed because it is too large
Load Diff
@ -1,3 +1,55 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 31 14:05:24 UTC 2020 - Vítězslav Čížek <vcizek@suse.com>
|
||||
|
||||
- Update to 1.1.1f
|
||||
* Revert the unexpected EOF reporting via SSL_ERROR_SSL
|
||||
- refresh openssl-1.1.0-no-html.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Mar 20 11:58:08 UTC 2020 - Vítězslav Čížek <vcizek@suse.com>
|
||||
|
||||
- Update to 1.1.1e
|
||||
* Properly detect EOF while reading in libssl. Previously if we hit an EOF
|
||||
while reading in libssl then we would report an error back to the
|
||||
application (SSL_ERROR_SYSCALL) but errno would be 0. We now add
|
||||
an error to the stack (which means we instead return SSL_ERROR_SSL) and
|
||||
therefore give a hint as to what went wrong.
|
||||
* Check that ed25519 and ed448 are allowed by the security level. Previously
|
||||
signature algorithms not using an MD were not being checked that they were
|
||||
allowed by the security level.
|
||||
* Fixed SSL_get_servername() behaviour. The behaviour of SSL_get_servername()
|
||||
was not quite right. The behaviour was not consistent between resumption
|
||||
and normal handshakes, and also not quite consistent with historical
|
||||
behaviour. The behaviour in various scenarios has been clarified and
|
||||
it has been updated to make it match historical behaviour as closely as
|
||||
possible.
|
||||
* Corrected the documentation of the return values from the EVP_DigestSign*
|
||||
set of functions. The documentation mentioned negative values for some
|
||||
errors, but this was never the case, so the mention of negative values
|
||||
was removed.
|
||||
* Added a new method to gather entropy on VMS, based on SYS$GET_ENTROPY.
|
||||
The presence of this system service is determined at run-time.
|
||||
* Added newline escaping functionality to a filename when using openssl dgst.
|
||||
This output format is to replicate the output format found in the '*sum'
|
||||
checksum programs. This aims to preserve backward compatibility.
|
||||
* Print all values for a PKCS#12 attribute with 'openssl pkcs12', not just
|
||||
the first value.
|
||||
- Update bunch of patches as the internal crypto headers got reorganized
|
||||
- drop openssl-1_1-CVE-2019-1551.patch (upstream)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Mar 20 10:22:27 UTC 2020 - Vítězslav Čížek <vcizek@suse.com>
|
||||
|
||||
- openssl dgst: default to SHA256 only when called without a digest,
|
||||
not when it couldn't be found (bsc#1166189)
|
||||
* add openssl-unknown_dgst.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 4 08:23:23 UTC 2020 - Vítězslav Čížek <vcizek@suse.com>
|
||||
|
||||
- Limit the DRBG selftests to not deplete entropy (bsc#1165274)
|
||||
* update openssl-fips_selftest_upstream_drbg.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Feb 26 13:28:14 UTC 2020 - Vítězslav Čížek <vcizek@suse.com>
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@
|
||||
%define _rname openssl
|
||||
Name: openssl-1_1
|
||||
# Don't forget to update the version in the "openssl" package!
|
||||
Version: 1.1.1d
|
||||
Version: 1.1.1f
|
||||
Release: 0
|
||||
Summary: Secure Sockets and Transport Layer Security
|
||||
License: OpenSSL
|
||||
@ -50,9 +50,6 @@ Patch10: 0003-crypto-poly1305-asm-poly1305-s390x.pl-add-vx-code-pa.patch
|
||||
Patch11: 0004-s390x-assembly-pack-fix-formal-interface-bug-in-chac.patch
|
||||
Patch12: 0005-s390x-assembly-pack-import-chacha-from-cryptogams-re.patch
|
||||
Patch13: 0006-s390x-assembly-pack-import-poly-from-cryptogams-repo.patch
|
||||
# OpenSSL Security Advisory [6 December 2019] bsc#1158809 CVE-2019-1551
|
||||
# PATCH-FIX-UPSTREAM Integer overflow in RSAZ modular exponentiation on x86_64
|
||||
Patch15: openssl-1_1-CVE-2019-1551.patch
|
||||
# PATCH-FIX-UPSTREAM bsc#1152695 jsc#SLE-7861 Support for CPACF enhancements - part 1 (crypto)
|
||||
Patch16: openssl-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch
|
||||
Patch17: openssl-s390x-assembly-pack-add-support-for-pcc-and-kma-inst.patch
|
||||
@ -85,6 +82,7 @@ Patch43: openssl-keep_EVP_KDF_functions_version.patch
|
||||
Patch44: openssl-fips_fix_selftests_return_value.patch
|
||||
Patch45: openssl-fips-add-SHA3-selftest.patch
|
||||
Patch46: openssl-fips_selftest_upstream_drbg.patch
|
||||
Patch47: openssl-unknown_dgst.patch
|
||||
# PATCH-FIX-UPSTREAM jsc#SLE-7403 Support for CPACF enhancements - part 2 (crypto)
|
||||
Patch50: openssl-s390x-assembly-pack-accelerate-X25519-X448-Ed25519-and-Ed448.patch
|
||||
Patch51: openssl-s390x-fix-x448-and-x448-test-vector-ctime-for-x25519-and-x448.patch
|
||||
|
||||
@ -13,7 +13,7 @@ Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
|
||||
(Merged from https://github.com/openssl/openssl/pull/9348)
|
||||
---
|
||||
crypto/ec/ec2_smpl.c | 3 +
|
||||
crypto/ec/ec_lcl.h | 15 +++++
|
||||
crypto/ec/ec_local.h | 15 +++++
|
||||
crypto/ec/ecdsa_ossl.c | 107 ++++++++++++++++++++++++------------
|
||||
crypto/ec/ecp_mont.c | 3 +
|
||||
crypto/ec/ecp_nist.c | 3 +
|
||||
@ -27,10 +27,10 @@ Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
|
||||
include/openssl/ecerr.h | 1 +
|
||||
13 files changed, 119 insertions(+), 36 deletions(-)
|
||||
|
||||
Index: openssl-1.1.1d/crypto/ec/ec2_smpl.c
|
||||
Index: openssl-1.1.1e/crypto/ec/ec2_smpl.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ec2_smpl.c
|
||||
+++ openssl-1.1.1d/crypto/ec/ec2_smpl.c
|
||||
--- openssl-1.1.1e.orig/crypto/ec/ec2_smpl.c 2020-03-20 13:03:13.823258089 +0100
|
||||
+++ openssl-1.1.1e/crypto/ec/ec2_smpl.c 2020-03-20 13:03:17.247276054 +0100
|
||||
@@ -956,6 +956,9 @@ const EC_METHOD *EC_GF2m_simple_method(v
|
||||
0, /* keycopy */
|
||||
0, /* keyfinish */
|
||||
@ -41,10 +41,10 @@ Index: openssl-1.1.1d/crypto/ec/ec2_smpl.c
|
||||
0, /* field_inverse_mod_ord */
|
||||
0, /* blind_coordinates */
|
||||
ec_GF2m_simple_ladder_pre,
|
||||
Index: openssl-1.1.1d/crypto/ec/ec_lcl.h
|
||||
Index: openssl-1.1.1e/crypto/ec/ec_local.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ec_lcl.h
|
||||
+++ openssl-1.1.1d/crypto/ec/ec_lcl.h
|
||||
--- openssl-1.1.1e.orig/crypto/ec/ec_local.h 2020-03-20 13:03:13.823258089 +0100
|
||||
+++ openssl-1.1.1e/crypto/ec/ec_local.h 2020-03-20 13:03:17.251276075 +0100
|
||||
@@ -179,6 +179,14 @@ struct ec_method_st {
|
||||
/* custom ECDH operation */
|
||||
int (*ecdh_compute_key)(unsigned char **pout, size_t *poutlen,
|
||||
@ -74,13 +74,13 @@ Index: openssl-1.1.1d/crypto/ec/ec_lcl.h
|
||||
|
||||
int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len,
|
||||
const uint8_t public_key[32], const uint8_t private_key[32]);
|
||||
Index: openssl-1.1.1d/crypto/ec/ecdsa_ossl.c
|
||||
Index: openssl-1.1.1e/crypto/ec/ecdsa_ossl.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ecdsa_ossl.c
|
||||
+++ openssl-1.1.1d/crypto/ec/ecdsa_ossl.c
|
||||
--- openssl-1.1.1e.orig/crypto/ec/ecdsa_ossl.c 2020-03-20 13:03:13.823258089 +0100
|
||||
+++ openssl-1.1.1e/crypto/ec/ecdsa_ossl.c 2020-03-20 13:03:54.463471314 +0100
|
||||
@@ -14,6 +14,41 @@
|
||||
#include "internal/bn_int.h"
|
||||
#include "ec_lcl.h"
|
||||
#include "crypto/bn.h"
|
||||
#include "ec_local.h"
|
||||
|
||||
+int ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
|
||||
+ BIGNUM **rp)
|
||||
@ -359,10 +359,10 @@ Index: openssl-1.1.1d/crypto/ec/ecdsa_ossl.c
|
||||
goto err;
|
||||
}
|
||||
/* if the signature is correct u1 is equal to sig->r */
|
||||
Index: openssl-1.1.1d/crypto/ec/ecp_mont.c
|
||||
Index: openssl-1.1.1e/crypto/ec/ecp_mont.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ecp_mont.c
|
||||
+++ openssl-1.1.1d/crypto/ec/ecp_mont.c
|
||||
--- openssl-1.1.1e.orig/crypto/ec/ecp_mont.c 2020-03-20 13:03:13.823258089 +0100
|
||||
+++ openssl-1.1.1e/crypto/ec/ecp_mont.c 2020-03-20 13:03:17.251276075 +0100
|
||||
@@ -63,6 +63,9 @@ const EC_METHOD *EC_GFp_mont_method(void
|
||||
0, /* keycopy */
|
||||
0, /* keyfinish */
|
||||
@ -373,10 +373,10 @@ Index: openssl-1.1.1d/crypto/ec/ecp_mont.c
|
||||
0, /* field_inverse_mod_ord */
|
||||
ec_GFp_simple_blind_coordinates,
|
||||
ec_GFp_simple_ladder_pre,
|
||||
Index: openssl-1.1.1d/crypto/ec/ecp_nist.c
|
||||
Index: openssl-1.1.1e/crypto/ec/ecp_nist.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ecp_nist.c
|
||||
+++ openssl-1.1.1d/crypto/ec/ecp_nist.c
|
||||
--- openssl-1.1.1e.orig/crypto/ec/ecp_nist.c 2020-03-20 13:03:13.827258110 +0100
|
||||
+++ openssl-1.1.1e/crypto/ec/ecp_nist.c 2020-03-20 13:03:17.251276075 +0100
|
||||
@@ -65,6 +65,9 @@ const EC_METHOD *EC_GFp_nist_method(void
|
||||
0, /* keycopy */
|
||||
0, /* keyfinish */
|
||||
@ -387,10 +387,10 @@ Index: openssl-1.1.1d/crypto/ec/ecp_nist.c
|
||||
0, /* field_inverse_mod_ord */
|
||||
ec_GFp_simple_blind_coordinates,
|
||||
ec_GFp_simple_ladder_pre,
|
||||
Index: openssl-1.1.1d/crypto/ec/ecp_nistp224.c
|
||||
Index: openssl-1.1.1e/crypto/ec/ecp_nistp224.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ecp_nistp224.c
|
||||
+++ openssl-1.1.1d/crypto/ec/ecp_nistp224.c
|
||||
--- openssl-1.1.1e.orig/crypto/ec/ecp_nistp224.c 2020-03-20 13:03:13.827258110 +0100
|
||||
+++ openssl-1.1.1e/crypto/ec/ecp_nistp224.c 2020-03-20 13:03:17.251276075 +0100
|
||||
@@ -291,6 +291,9 @@ const EC_METHOD *EC_GFp_nistp224_method(
|
||||
ec_key_simple_generate_public_key,
|
||||
0, /* keycopy */
|
||||
@ -401,11 +401,11 @@ Index: openssl-1.1.1d/crypto/ec/ecp_nistp224.c
|
||||
ecdh_simple_compute_key,
|
||||
0, /* field_inverse_mod_ord */
|
||||
0, /* blind_coordinates */
|
||||
Index: openssl-1.1.1d/crypto/ec/ecp_nistp256.c
|
||||
Index: openssl-1.1.1e/crypto/ec/ecp_nistp256.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ecp_nistp256.c
|
||||
+++ openssl-1.1.1d/crypto/ec/ecp_nistp256.c
|
||||
@@ -1809,6 +1809,9 @@ const EC_METHOD *EC_GFp_nistp256_method(
|
||||
--- openssl-1.1.1e.orig/crypto/ec/ecp_nistp256.c 2020-03-20 13:03:13.827258110 +0100
|
||||
+++ openssl-1.1.1e/crypto/ec/ecp_nistp256.c 2020-03-20 13:03:17.251276075 +0100
|
||||
@@ -1829,6 +1829,9 @@ const EC_METHOD *EC_GFp_nistp256_method(
|
||||
0, /* keycopy */
|
||||
0, /* keyfinish */
|
||||
ecdh_simple_compute_key,
|
||||
@ -415,11 +415,11 @@ Index: openssl-1.1.1d/crypto/ec/ecp_nistp256.c
|
||||
0, /* field_inverse_mod_ord */
|
||||
0, /* blind_coordinates */
|
||||
0, /* ladder_pre */
|
||||
Index: openssl-1.1.1d/crypto/ec/ecp_nistp521.c
|
||||
Index: openssl-1.1.1e/crypto/ec/ecp_nistp521.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ecp_nistp521.c
|
||||
+++ openssl-1.1.1d/crypto/ec/ecp_nistp521.c
|
||||
@@ -1651,6 +1651,9 @@ const EC_METHOD *EC_GFp_nistp521_method(
|
||||
--- openssl-1.1.1e.orig/crypto/ec/ecp_nistp521.c 2020-03-20 13:03:13.827258110 +0100
|
||||
+++ openssl-1.1.1e/crypto/ec/ecp_nistp521.c 2020-03-20 13:03:17.251276075 +0100
|
||||
@@ -1669,6 +1669,9 @@ const EC_METHOD *EC_GFp_nistp521_method(
|
||||
0, /* keycopy */
|
||||
0, /* keyfinish */
|
||||
ecdh_simple_compute_key,
|
||||
@ -429,11 +429,11 @@ Index: openssl-1.1.1d/crypto/ec/ecp_nistp521.c
|
||||
0, /* field_inverse_mod_ord */
|
||||
0, /* blind_coordinates */
|
||||
0, /* ladder_pre */
|
||||
Index: openssl-1.1.1d/crypto/ec/ecp_nistz256.c
|
||||
Index: openssl-1.1.1e/crypto/ec/ecp_nistz256.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ecp_nistz256.c
|
||||
+++ openssl-1.1.1d/crypto/ec/ecp_nistz256.c
|
||||
@@ -1689,6 +1689,9 @@ const EC_METHOD *EC_GFp_nistz256_method(
|
||||
--- openssl-1.1.1e.orig/crypto/ec/ecp_nistz256.c 2020-03-20 13:03:13.827258110 +0100
|
||||
+++ openssl-1.1.1e/crypto/ec/ecp_nistz256.c 2020-03-20 13:03:17.251276075 +0100
|
||||
@@ -1720,6 +1720,9 @@ const EC_METHOD *EC_GFp_nistz256_method(
|
||||
0, /* keycopy */
|
||||
0, /* keyfinish */
|
||||
ecdh_simple_compute_key,
|
||||
@ -443,10 +443,10 @@ Index: openssl-1.1.1d/crypto/ec/ecp_nistz256.c
|
||||
ecp_nistz256_inv_mod_ord, /* can be #define-d NULL */
|
||||
0, /* blind_coordinates */
|
||||
0, /* ladder_pre */
|
||||
Index: openssl-1.1.1d/crypto/ec/ecp_s390x_nistp.c
|
||||
Index: openssl-1.1.1e/crypto/ec/ecp_s390x_nistp.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ecp_s390x_nistp.c
|
||||
+++ openssl-1.1.1d/crypto/ec/ecp_s390x_nistp.c
|
||||
--- openssl-1.1.1e.orig/crypto/ec/ecp_s390x_nistp.c 2020-03-20 13:03:13.827258110 +0100
|
||||
+++ openssl-1.1.1e/crypto/ec/ecp_s390x_nistp.c 2020-03-20 13:03:17.251276075 +0100
|
||||
@@ -175,6 +175,9 @@ const EC_METHOD *EC_GFp_s390x_nistp##bit
|
||||
NULL, /* keycopy */ \
|
||||
NULL, /* keyfinish */ \
|
||||
@ -457,10 +457,10 @@ Index: openssl-1.1.1d/crypto/ec/ecp_s390x_nistp.c
|
||||
NULL, /* field_inverse_mod_ord */ \
|
||||
ec_GFp_simple_blind_coordinates, \
|
||||
ec_GFp_simple_ladder_pre, \
|
||||
Index: openssl-1.1.1d/crypto/ec/ecp_smpl.c
|
||||
Index: openssl-1.1.1e/crypto/ec/ecp_smpl.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ecp_smpl.c
|
||||
+++ openssl-1.1.1d/crypto/ec/ecp_smpl.c
|
||||
--- openssl-1.1.1e.orig/crypto/ec/ecp_smpl.c 2020-03-20 13:03:13.827258110 +0100
|
||||
+++ openssl-1.1.1e/crypto/ec/ecp_smpl.c 2020-03-20 13:03:17.251276075 +0100
|
||||
@@ -64,6 +64,9 @@ const EC_METHOD *EC_GFp_simple_method(vo
|
||||
0, /* keycopy */
|
||||
0, /* keyfinish */
|
||||
@ -471,10 +471,10 @@ Index: openssl-1.1.1d/crypto/ec/ecp_smpl.c
|
||||
0, /* field_inverse_mod_ord */
|
||||
ec_GFp_simple_blind_coordinates,
|
||||
ec_GFp_simple_ladder_pre,
|
||||
Index: openssl-1.1.1d/crypto/err/openssl.txt
|
||||
Index: openssl-1.1.1e/crypto/err/openssl.txt
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/err/openssl.txt
|
||||
+++ openssl-1.1.1d/crypto/err/openssl.txt
|
||||
--- openssl-1.1.1e.orig/crypto/err/openssl.txt 2020-03-20 13:03:13.831258131 +0100
|
||||
+++ openssl-1.1.1e/crypto/err/openssl.txt 2020-03-20 13:03:17.251276075 +0100
|
||||
@@ -496,6 +496,9 @@ EC_F_ECDSA_SIGN_EX:254:ECDSA_sign_ex
|
||||
EC_F_ECDSA_SIGN_SETUP:248:ECDSA_sign_setup
|
||||
EC_F_ECDSA_SIG_NEW:265:ECDSA_SIG_new
|
||||
@ -493,7 +493,7 @@ Index: openssl-1.1.1d/crypto/err/openssl.txt
|
||||
EC_F_OSSL_ECDSA_SIGN_SIG:249:ossl_ecdsa_sign_sig
|
||||
EC_F_OSSL_ECDSA_VERIFY_SIG:250:ossl_ecdsa_verify_sig
|
||||
EC_F_PKEY_ECD_CTRL:271:pkey_ecd_ctrl
|
||||
@@ -2130,6 +2134,7 @@ EC_R_BUFFER_TOO_SMALL:100:buffer too sma
|
||||
@@ -2133,6 +2137,7 @@ EC_R_BUFFER_TOO_SMALL:100:buffer too sma
|
||||
EC_R_CANNOT_INVERT:165:cannot invert
|
||||
EC_R_COORDINATES_OUT_OF_RANGE:146:coordinates out of range
|
||||
EC_R_CURVE_DOES_NOT_SUPPORT_ECDH:160:curve does not support ecdh
|
||||
@ -501,10 +501,10 @@ Index: openssl-1.1.1d/crypto/err/openssl.txt
|
||||
EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING:159:curve does not support signing
|
||||
EC_R_D2I_ECPKPARAMETERS_FAILURE:117:d2i ecpkparameters failure
|
||||
EC_R_DECODE_ERROR:142:decode error
|
||||
Index: openssl-1.1.1d/include/openssl/ecerr.h
|
||||
Index: openssl-1.1.1e/include/openssl/ecerr.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/include/openssl/ecerr.h
|
||||
+++ openssl-1.1.1d/include/openssl/ecerr.h
|
||||
--- openssl-1.1.1e.orig/include/openssl/ecerr.h 2020-03-20 13:03:13.831258131 +0100
|
||||
+++ openssl-1.1.1e/include/openssl/ecerr.h 2020-03-20 13:03:17.251276075 +0100
|
||||
@@ -41,6 +41,9 @@ int ERR_load_EC_strings(void);
|
||||
# define EC_F_ECDSA_SIGN_EX 254
|
||||
# define EC_F_ECDSA_SIGN_SETUP 248
|
||||
@ -515,7 +515,7 @@ Index: openssl-1.1.1d/include/openssl/ecerr.h
|
||||
# define EC_F_ECDSA_VERIFY 253
|
||||
# define EC_F_ECD_ITEM_VERIFY 270
|
||||
# define EC_F_ECKEY_PARAM2TYPE 223
|
||||
@@ -185,6 +186,7 @@ int ERR_load_EC_strings(void);
|
||||
@@ -185,6 +188,7 @@ int ERR_load_EC_strings(void);
|
||||
# define EC_F_O2I_ECPUBLICKEY 152
|
||||
# define EC_F_OLD_EC_PRIV_DECODE 222
|
||||
# define EC_F_OSSL_ECDH_COMPUTE_KEY 247
|
||||
@ -523,7 +523,7 @@ Index: openssl-1.1.1d/include/openssl/ecerr.h
|
||||
# define EC_F_OSSL_ECDSA_SIGN_SIG 249
|
||||
# define EC_F_OSSL_ECDSA_VERIFY_SIG 250
|
||||
# define EC_F_PKEY_ECD_CTRL 271
|
||||
@@ -212,6 +214,7 @@ int ERR_load_EC_strings(void);
|
||||
@@ -212,6 +216,7 @@ int ERR_load_EC_strings(void);
|
||||
# define EC_R_CANNOT_INVERT 165
|
||||
# define EC_R_COORDINATES_OUT_OF_RANGE 146
|
||||
# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH 160
|
||||
|
||||
@ -14,7 +14,7 @@ Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
|
||||
---
|
||||
crypto/ec/build.info | 3 +-
|
||||
crypto/ec/ec_curve.c | 42 +++++---
|
||||
crypto/ec/ec_lcl.h | 5 +
|
||||
crypto/ec/ec_local.h | 5 +
|
||||
crypto/ec/ecp_s390x_nistp.c | 197 ++++++++++++++++++++++++++++++++++++
|
||||
4 files changed, 234 insertions(+), 13 deletions(-)
|
||||
create mode 100644 crypto/ec/ecp_s390x_nistp.c
|
||||
@ -65,10 +65,10 @@ Index: openssl-1.1.1d/crypto/ec/ec_curve.c
|
||||
#elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
|
||||
EC_GFp_nistp256_method,
|
||||
#else
|
||||
Index: openssl-1.1.1d/crypto/ec/ec_lcl.h
|
||||
Index: openssl-1.1.1d/crypto/ec/ec_local.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ec_lcl.h
|
||||
+++ openssl-1.1.1d/crypto/ec/ec_lcl.h
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ec_local.h
|
||||
+++ openssl-1.1.1d/crypto/ec/ec_local.h
|
||||
@@ -587,6 +587,11 @@ int ec_group_simple_order_bits(const EC_
|
||||
*/
|
||||
const EC_METHOD *EC_GFp_nistz256_method(void);
|
||||
@ -98,7 +98,7 @@ Index: openssl-1.1.1d/crypto/ec/ecp_s390x_nistp.c
|
||||
+#include <stdlib.h>
|
||||
+#include <string.h>
|
||||
+#include <openssl/err.h>
|
||||
+#include "ec_lcl.h"
|
||||
+#include "ec_local.h"
|
||||
+#include "s390x_arch.h"
|
||||
+
|
||||
+/* Size of parameter blocks */
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
Index: openssl-1.1.1d/crypto/fips/drbgtest.c
|
||||
Index: openssl-1.1.1e/crypto/fips/drbgtest.c
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/crypto/fips/drbgtest.c 2020-02-26 19:21:37.798616477 +0100
|
||||
+++ openssl-1.1.1e/crypto/fips/drbgtest.c 2020-03-20 14:15:42.114115340 +0100
|
||||
@@ -0,0 +1,1178 @@
|
||||
+/*
|
||||
+ * Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -20,8 +20,8 @@ Index: openssl-1.1.1d/crypto/fips/drbgtest.c
|
||||
+#include <openssl/obj_mac.h>
|
||||
+#include <openssl/evp.h>
|
||||
+#include <openssl/aes.h>
|
||||
+#include "../crypto/rand/rand_lcl.h"
|
||||
+#include "../crypto/include/internal/rand_int.h"
|
||||
+#include "../crypto/rand/rand_local.h"
|
||||
+#include "../include/crypto/rand.h"
|
||||
+
|
||||
+#if defined(_WIN32)
|
||||
+# include <windows.h>
|
||||
@ -1181,10 +1181,10 @@ Index: openssl-1.1.1d/crypto/fips/drbgtest.c
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
Index: openssl-1.1.1d/crypto/fips/drbgtest.h
|
||||
Index: openssl-1.1.1e/crypto/fips/drbgtest.h
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ openssl-1.1.1d/crypto/fips/drbgtest.h 2020-02-26 14:33:10.746715249 +0100
|
||||
+++ openssl-1.1.1e/crypto/fips/drbgtest.h 2020-03-20 14:15:42.114115340 +0100
|
||||
@@ -0,0 +1,579 @@
|
||||
+/*
|
||||
+ * Copyright 2011-2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
@ -1765,10 +1765,10 @@ Index: openssl-1.1.1d/crypto/fips/drbgtest.h
|
||||
+ 0xef, 0xd2, 0xd8, 0x5c, 0xdc, 0x62, 0x25, 0x9f, 0xaa, 0x1e, 0x2c, 0x67,
|
||||
+ 0xf6, 0x02, 0x32, 0xe2
|
||||
+};
|
||||
Index: openssl-1.1.1d/crypto/fips/fips_post.c
|
||||
Index: openssl-1.1.1e/crypto/fips/fips_post.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/fips/fips_post.c 2020-02-26 14:33:10.438713461 +0100
|
||||
+++ openssl-1.1.1d/crypto/fips/fips_post.c 2020-02-26 16:44:09.488165757 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/fips/fips_post.c 2020-03-20 14:15:40.018104341 +0100
|
||||
+++ openssl-1.1.1e/crypto/fips/fips_post.c 2020-03-20 14:15:42.114115340 +0100
|
||||
@@ -51,7 +51,6 @@
|
||||
|
||||
#include <openssl/crypto.h>
|
||||
@ -1777,22 +1777,10 @@ Index: openssl-1.1.1d/crypto/fips/fips_post.c
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/hmac.h>
|
||||
Index: openssl-1.1.1d/crypto/rand/rand_lib.c
|
||||
Index: openssl-1.1.1e/crypto/fips/build.info
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/rand/rand_lib.c 2020-02-26 14:33:10.442713484 +0100
|
||||
+++ openssl-1.1.1d/crypto/rand/rand_lib.c 2020-02-26 16:43:50.992058552 +0100
|
||||
@@ -18,7 +18,6 @@
|
||||
#include "e_os.h"
|
||||
#ifdef OPENSSL_FIPS
|
||||
# include <openssl/fips.h>
|
||||
-# include <openssl/fips_rand.h>
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
Index: openssl-1.1.1d/crypto/fips/build.info
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/fips/build.info 2020-02-26 16:41:37.415284331 +0100
|
||||
+++ openssl-1.1.1d/crypto/fips/build.info 2020-02-26 16:42:55.943739496 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/fips/build.info 2020-03-20 14:15:40.018104341 +0100
|
||||
+++ openssl-1.1.1e/crypto/fips/build.info 2020-03-20 14:15:42.114115340 +0100
|
||||
@@ -2,7 +2,7 @@ LIBS=../../libcrypto
|
||||
SOURCE[../../libcrypto]=\
|
||||
fips_aes_selftest.c fips_des_selftest.c fips_hmac_selftest.c \
|
||||
@ -1802,10 +1790,10 @@ Index: openssl-1.1.1d/crypto/fips/build.info
|
||||
fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \
|
||||
fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c \
|
||||
fips_dh_selftest.c fips_ers.c
|
||||
Index: openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c
|
||||
Index: openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/fips/fips_drbg_selftest.c 2020-02-26 16:41:37.415284331 +0100
|
||||
+++ openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c 2020-02-26 16:42:55.943739496 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/fips/fips_drbg_selftest.c 2020-03-20 14:15:40.018104341 +0100
|
||||
+++ openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c 2020-03-20 14:15:42.114115340 +0100
|
||||
@@ -774,6 +774,7 @@ int FIPS_drbg_health_check(DRBG_CTX *dct
|
||||
return rv;
|
||||
}
|
||||
@ -1822,10 +1810,10 @@ Index: openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c
|
||||
|
||||
int FIPS_selftest_drbg_all(void)
|
||||
{
|
||||
Index: openssl-1.1.1d/crypto/fips/fips.c
|
||||
Index: openssl-1.1.1e/crypto/fips/fips.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/fips/fips.c 2020-02-26 14:33:10.642714645 +0100
|
||||
+++ openssl-1.1.1d/crypto/fips/fips.c 2020-02-26 16:44:16.508206446 +0100
|
||||
--- openssl-1.1.1e.orig/crypto/fips/fips.c 2020-03-20 14:15:40.018104341 +0100
|
||||
+++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-20 14:15:42.114115340 +0100
|
||||
@@ -50,7 +50,6 @@
|
||||
#define _GNU_SOURCE
|
||||
|
||||
|
||||
@ -15,16 +15,16 @@ Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
|
||||
crypto/err/openssl.txt | 2 +
|
||||
2 files changed, 200 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/crypto/ec/ecp_s390x_nistp.c b/crypto/ec/ecp_s390x_nistp.c
|
||||
index 0b03d7fd04..be81f0b8f0 100644
|
||||
--- a/crypto/ec/ecp_s390x_nistp.c
|
||||
+++ b/crypto/ec/ecp_s390x_nistp.c
|
||||
Index: openssl-1.1.1e/crypto/ec/ecp_s390x_nistp.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1e.orig/crypto/ec/ecp_s390x_nistp.c 2020-03-20 13:13:44.618571104 +0100
|
||||
+++ openssl-1.1.1e/crypto/ec/ecp_s390x_nistp.c 2020-03-20 13:14:20.398759363 +0100
|
||||
@@ -10,6 +10,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <openssl/err.h>
|
||||
+#include <openssl/rand.h>
|
||||
#include "ec_lcl.h"
|
||||
#include "ec_local.h"
|
||||
#include "s390x_arch.h"
|
||||
|
||||
@@ -28,6 +29,15 @@
|
||||
@ -207,7 +207,7 @@ index 0b03d7fd04..be81f0b8f0 100644
|
||||
#define EC_GFP_S390X_NISTP_METHOD(bits) \
|
||||
\
|
||||
static int ec_GFp_s390x_nistp##bits##_mul(const EC_GROUP *group, \
|
||||
@@ -122,6 +289,29 @@ static int ec_GFp_s390x_nistp##bits##_mul(const EC_GROUP *group, \
|
||||
@@ -122,6 +289,29 @@ static int ec_GFp_s390x_nistp##bits##_mu
|
||||
S390X_SIZE_P##bits); \
|
||||
} \
|
||||
\
|
||||
@ -237,7 +237,7 @@ index 0b03d7fd04..be81f0b8f0 100644
|
||||
const EC_METHOD *EC_GFp_s390x_nistp##bits##_method(void) \
|
||||
{ \
|
||||
static const EC_METHOD EC_GFp_s390x_nistp##bits##_meth = { \
|
||||
@@ -176,8 +366,8 @@ const EC_METHOD *EC_GFp_s390x_nistp##bits##_method(void) \
|
||||
@@ -176,8 +366,8 @@ const EC_METHOD *EC_GFp_s390x_nistp##bit
|
||||
NULL, /* keyfinish */ \
|
||||
ecdh_simple_compute_key, \
|
||||
ecdsa_simple_sign_setup, \
|
||||
@ -248,7 +248,7 @@ index 0b03d7fd04..be81f0b8f0 100644
|
||||
NULL, /* field_inverse_mod_ord */ \
|
||||
ec_GFp_simple_blind_coordinates, \
|
||||
ec_GFp_simple_ladder_pre, \
|
||||
@@ -186,8 +376,12 @@ const EC_METHOD *EC_GFp_s390x_nistp##bits##_method(void) \
|
||||
@@ -186,8 +376,12 @@ const EC_METHOD *EC_GFp_s390x_nistp##bit
|
||||
}; \
|
||||
static const EC_METHOD *ret; \
|
||||
\
|
||||
@ -263,11 +263,11 @@ index 0b03d7fd04..be81f0b8f0 100644
|
||||
ret = &EC_GFp_s390x_nistp##bits##_meth; \
|
||||
else \
|
||||
ret = EC_GFp_mont_method(); \
|
||||
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
|
||||
index 035bd729f3..5d5981035c 100644
|
||||
--- a/crypto/err/openssl.txt
|
||||
+++ b/crypto/err/openssl.txt
|
||||
@@ -554,6 +554,8 @@ EC_F_ECDSA_VERIFY:253:ECDSA_verify
|
||||
Index: openssl-1.1.1e/crypto/err/openssl.txt
|
||||
===================================================================
|
||||
--- openssl-1.1.1e.orig/crypto/err/openssl.txt 2020-03-20 13:13:44.618571104 +0100
|
||||
+++ openssl-1.1.1e/crypto/err/openssl.txt 2020-03-20 13:14:02.446664907 +0100
|
||||
@@ -499,6 +499,8 @@ EC_F_ECDSA_VERIFY:253:ECDSA_verify
|
||||
EC_F_ECDSA_SIMPLE_SIGN_SETUP:310:ecdsa_simple_sign_setup
|
||||
EC_F_ECDSA_SIMPLE_SIGN_SIG:311:ecdsa_simple_sign_sig
|
||||
EC_F_ECDSA_SIMPLE_VERIFY_SIG:312:ecdsa_simple_verify_sig
|
||||
@ -276,6 +276,3 @@ index 035bd729f3..5d5981035c 100644
|
||||
EC_F_ECD_ITEM_VERIFY:270:ecd_item_verify
|
||||
EC_F_ECKEY_PARAM2TYPE:223:eckey_param2type
|
||||
EC_F_ECKEY_PARAM_DECODE:212:eckey_param_decode
|
||||
--
|
||||
2.24.0
|
||||
|
||||
|
||||
@ -16,7 +16,7 @@ Reviewed-by: Richard Levitte <levitte@openssl.org>
|
||||
crypto/dsa/dsa_pmeth.c | 7 +-
|
||||
crypto/ec/build.info | 2 +-
|
||||
crypto/ec/ec_curve.c | 12 +-
|
||||
crypto/ec/ec_lcl.h | 2 +-
|
||||
crypto/ec/ec_local.h | 2 +-
|
||||
crypto/ec/ec_pmeth.c | 7 +-
|
||||
crypto/ec/ecx_meth.c | 672 +++++++++++++++++++++++++++++-
|
||||
crypto/err/openssl.txt | 6 +
|
||||
@ -122,10 +122,10 @@ Index: openssl-1.1.1d/crypto/ec/ec_curve.c
|
||||
EC_GFp_s390x_nistp256_method,
|
||||
#elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
|
||||
EC_GFp_nistp256_method,
|
||||
Index: openssl-1.1.1d/crypto/ec/ec_lcl.h
|
||||
Index: openssl-1.1.1d/crypto/ec/ec_local.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ec_lcl.h
|
||||
+++ openssl-1.1.1d/crypto/ec/ec_lcl.h
|
||||
--- openssl-1.1.1d.orig/crypto/ec/ec_local.h
|
||||
+++ openssl-1.1.1d/crypto/ec/ec_local.h
|
||||
@@ -595,7 +595,7 @@ int ec_group_simple_order_bits(const EC_
|
||||
*/
|
||||
const EC_METHOD *EC_GFp_nistz256_method(void);
|
||||
@ -938,7 +938,7 @@ Index: openssl-1.1.1d/crypto/evp/pmeth_lib.c
|
||||
--- openssl-1.1.1d.orig/crypto/evp/pmeth_lib.c
|
||||
+++ openssl-1.1.1d/crypto/evp/pmeth_lib.c
|
||||
@@ -17,60 +17,67 @@
|
||||
#include "internal/evp_int.h"
|
||||
#include "crypto/evp.h"
|
||||
#include "internal/numbers.h"
|
||||
|
||||
+typedef const EVP_PKEY_METHOD *(*pmeth_fn)(void);
|
||||
@ -1068,10 +1068,10 @@ Index: openssl-1.1.1d/crypto/evp/pmeth_lib.c
|
||||
if (app_pkey_methods == NULL)
|
||||
return NULL;
|
||||
idx -= OSSL_NELEM(standard_methods);
|
||||
Index: openssl-1.1.1d/crypto/include/internal/evp_int.h
|
||||
Index: openssl-1.1.1d/include/crypto/evp.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/include/internal/evp_int.h
|
||||
+++ openssl-1.1.1d/crypto/include/internal/evp_int.h
|
||||
--- openssl-1.1.1d.orig/include/crypto/evp.h
|
||||
+++ openssl-1.1.1d/include/crypto/evp.h
|
||||
@@ -93,24 +93,24 @@ DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD)
|
||||
|
||||
void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
|
||||
|
||||
@ -19,10 +19,10 @@ Reviewed-by: Richard Levitte <levitte@openssl.org>
|
||||
crypto/s390xcpuid.pl | 31 ++-
|
||||
3 files changed, 556 insertions(+), 13 deletions(-)
|
||||
|
||||
Index: openssl-1.1.1d/crypto/s390x_arch.h
|
||||
Index: openssl-1.1.1e/crypto/s390x_arch.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/s390x_arch.h
|
||||
+++ openssl-1.1.1d/crypto/s390x_arch.h
|
||||
--- openssl-1.1.1e.orig/crypto/s390x_arch.h 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/s390x_arch.h 2020-03-20 17:29:30.459520742 +0100
|
||||
@@ -49,6 +49,9 @@ struct OPENSSL_s390xcap_st {
|
||||
|
||||
extern struct OPENSSL_s390xcap_st OPENSSL_s390xcap_P;
|
||||
@ -75,15 +75,15 @@ Index: openssl-1.1.1d/crypto/s390x_arch.h
|
||||
# define S390X_TRNG 114
|
||||
|
||||
/* Register 0 Flags */
|
||||
Index: openssl-1.1.1d/crypto/s390xcap.c
|
||||
Index: openssl-1.1.1e/crypto/s390xcap.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/s390xcap.c
|
||||
+++ openssl-1.1.1d/crypto/s390xcap.c
|
||||
--- openssl-1.1.1e.orig/crypto/s390xcap.c 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/s390xcap.c 2020-03-20 17:29:58.011664305 +0100
|
||||
@@ -13,15 +13,51 @@
|
||||
#include <setjmp.h>
|
||||
#include <signal.h>
|
||||
#include "internal/cryptlib.h"
|
||||
+#include "internal/ctype.h"
|
||||
+#include "crypto/ctype.h"
|
||||
#include "s390x_arch.h"
|
||||
|
||||
+#define LEN 128
|
||||
@ -636,10 +636,10 @@ Index: openssl-1.1.1d/crypto/s390xcap.c
|
||||
+ free(buff);
|
||||
+ return rc;
|
||||
}
|
||||
Index: openssl-1.1.1d/crypto/s390xcpuid.pl
|
||||
Index: openssl-1.1.1e/crypto/s390xcpuid.pl
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/crypto/s390xcpuid.pl
|
||||
+++ openssl-1.1.1d/crypto/s390xcpuid.pl
|
||||
--- openssl-1.1.1e.orig/crypto/s390xcpuid.pl 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/s390xcpuid.pl 2020-03-20 17:29:30.459520742 +0100
|
||||
@@ -38,7 +38,26 @@ OPENSSL_s390x_facilities:
|
||||
stg %r0,S390X_STFLE+8(%r4) # wipe capability vectors
|
||||
stg %r0,S390X_STFLE+16(%r4)
|
||||
|
||||
@ -6,7 +6,7 @@ Index: openssl-1.1.1d/crypto/ec/ecx_meth.c
|
||||
|
||||
#ifdef S390X_EC_ASM
|
||||
# include "s390x_arch.h"
|
||||
+# include "internal/constant_time_locl.h"
|
||||
+# include "internal/constant_time.h"
|
||||
|
||||
static void s390x_x25519_mod_p(unsigned char u[32])
|
||||
{
|
||||
@ -61,10 +61,10 @@ Index: openssl-1.1.1d/crypto/ec/ecx_meth.c
|
||||
|
||||
s390x_flip_endian64(param.x448.d_src, param.x448.d_src);
|
||||
param.x448.d_src[63] &= 252;
|
||||
Index: openssl-1.1.1d/include/internal/constant_time_locl.h
|
||||
Index: openssl-1.1.1d/include/internal/constant_timeh
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/include/internal/constant_time_locl.h
|
||||
+++ openssl-1.1.1d/include/internal/constant_time_locl.h
|
||||
--- openssl-1.1.1d.orig/include/internal/constant_time.h
|
||||
+++ openssl-1.1.1d/include/internal/constant_time.h
|
||||
@@ -353,6 +353,34 @@ static ossl_inline void constant_time_co
|
||||
}
|
||||
|
||||
|
||||
15
openssl-unknown_dgst.patch
Normal file
15
openssl-unknown_dgst.patch
Normal file
@ -0,0 +1,15 @@
|
||||
Index: openssl-1.1.1d/apps/dgst.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1d.orig/apps/dgst.c 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/apps/dgst.c 2020-03-20 11:20:27.618536409 +0100
|
||||
@@ -95,6 +95,10 @@ int dgst_main(int argc, char **argv)
|
||||
prog = opt_progname(argv[0]);
|
||||
buf = app_malloc(BUFSIZE, "I/O buffer");
|
||||
md = EVP_get_digestbyname(prog);
|
||||
+ if (md == NULL && strcmp(prog, "dgst") != 0) {
|
||||
+ BIO_printf(bio_err, "%s is not a known digest\n", prog);
|
||||
+ goto end;
|
||||
+ }
|
||||
|
||||
prog = opt_init(argc, argv, dgst_options);
|
||||
while ((o = opt_next()) != OPT_EOF) {
|
||||
Loading…
Reference in New Issue
Block a user