pool/openssl-3
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1129505 from home:ohollmann:branches:security:tls

Browse Source 
- Update to 3.2.0:
  * The BLAKE2b hash algorithm supports a configurable output length
    by setting the "size" parameter.
  * Enable extra Arm64 optimization on Windows for GHASH, RAND and
    AES.
  * Added a function to delete objects from store by URI -
    OSSL_STORE_delete() and the corresponding provider-storemgmt API
    function OSSL_FUNC_store_delete().
  * Added OSSL_FUNC_store_open_ex() provider-storemgmt API function to
    pass a passphrase callback when opening a store.
  * Changed the default salt length used by PBES2 KDF's (PBKDF2 and
    scrypt) from 8 bytes to 16 bytes. The PKCS5 (RFC 8018) standard
    uses a 64 bit salt length for PBE, and recommends a minimum of 64
    bits for PBES2. For FIPS compliance PBKDF2 requires a salt length
    of 128 bits. This affects OpenSSL command line applications such
    as "genrsa" and "pkcs8" and API's such as
    PEM_write_bio_PrivateKey() that are reliant on the default value.
    The additional commandline option 'saltlen' has been added to the
    OpenSSL command line applications for "pkcs8" and "enc" to allow
    the salt length to be set to a non default value.
  * Changed the default value of the ess_cert_id_alg configuration
    option which is used to calculate the TSA's public key
    certificate identifier. The default algorithm is updated to be
    sha256 instead of sha1.
  * Added optimization for SM2 algorithm on aarch64. It uses a huge
    precomputed table for point multiplication of the base point,
    which increases the size of libcrypto from 4.4 MB to 4.9 MB. A
    new configure option no-sm2-precomp has been added to disable the
    precomputed table.
  * Added client side support for QUIC

OBS-URL: https://build.opensuse.org/request/show/1129505
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=80
This commit is contained in:
Otto Hollmann 2023-11-28 11:04:23 +00:00 committed by Git OBS Bridge
parent 737365e2ce
commit 259f0441ec
25 changed files with 476 additions and 4413 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
openssl-3.1.4.tar.gz (Stored with Git LFS)
View File

Binary file not shown.

16
openssl-3.1.4.tar.gz.asc
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE78CkZ9YTy4PH7W0w2JTizos9efUFAmU3yaoACgkQ2JTizos9
efXt8BAAqcF9RBzduklMCXSfG4Rzs2KcWmR1+BB0izxG3KwPr+r54qBbSRCCImHA
U22An//xsDsQZ0K4rrkkkumpJCxLV/4F3TlEBdoCS4wzDXz/LfONzTuZ8Z3QP/Si
ElHTKdqPo2tp6LrDIUSGa9BmK1AsxkhOoC/uJlGpLP0mLJGI3PGo5ordyERAjL/C
hTumE16ErrXY3kHVPAeD6tJlxtV3M9UxsZAOK6LVfnhXLzz8hWMu2H5ZigXZWCDx
NG6ylV4xxfqO9eLxT2wUrJzg24w0VZzmbD+ZeZ24v9aAxGsbl3ZHLgMKkDehNNuP
0ADh3aGq9FkIg5n53UQu0pbOc6aBPgWwVuaNfxOheG2GqBCoca42ikW20QZyJAec
h3uLQ76vnWOjUIjeRCjpw0+OCUaWr0wx5WzzfdgYc813VwN6FaC9ZmB46oaLfIeD
MBAyuUxdTif/7SXmGgUIQDIf4Vxr2H7I0NyyDxD+y+C2gwn+zVvuVcBBc2cNq4QN
UINxZvm75CwaCsys+MDjSneDhpcSlAPqTJqM3DvKf/r3+27buz+sFw463fTHnv0F
FpyBPgvvusY4Z4h/jqLcfkl2MBOxlo+lpZJdPpQoEvGz751GsKmmtb0YgZ7BjrYs
5vFvo0EJ066J9bWLbp6VZd825B9P2Uy7u3sUz+E5nuavT4eHv7o=
=EH33
-----END PGP SIGNATURE-----

3
openssl-3.2.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:14c826f07c7e433706fb5c69fa9e25dab95684844b4c962a2cf1bf183eb4690e
size 17698352

16
openssl-3.2.0.tar.gz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE78CkZ9YTy4PH7W0w2JTizos9efUFAmVfUa8ACgkQ2JTizos9
efX/mg/+NZWf13Ny/NNLImxaTedNHOospiB1zs+lO1MNSoVCTKV+BkOcTAdFVKpb
r20CKwoXHW3wiAtf+Apa/JBp1KImvmCnVpz2/CdpQi4wBIQzXBl9ADDy0YxtFdEe
4Wy2SczSifYmJSLX4vW28gv9PtD96ghiYRqp/BXu5mud4n/zctILrpsZ2vQUWfsi
emRAspQKHVowiZHR35qxVceiscvwcXs2yTJR5aWh6Q50ON2+AUGQN7XvybYV1jyp
3E2ZAhUjCW+5H2RY3HaldFsL5EyJFYN+RIC9hiLdrdE8vPHGWwEXIzJnq4jmukXW
X5hZZGtR2IrYAOKn/j0kKU25II+yGhzRrCLsgW+4ErQXPeCjfzdFmAaOY1EjPwAf
ijSoewnY0iQI/WQDF90c4x3eFFioSAT7Kf8Qff1MOcKzH/Y+bldUA4g0XfutL4p1
Oh66cmSsTyAH57MLgu/4x8H7ixzRsB39D5hmVJMiBgIv3vr8yUxG0JcTxRWeVHVv
DBCKXzdJxhnvy2XV9Dgox1S59yzmGFXBseS2tVGbN167Qn3jZagQWq67GbL2IQTv
Y9OFUNyhbBFZvs3qmov6q/l/F/BEI0lOOA4R3H6QTlnhtfli5wJ5CD89Fo3tpqvE
VHm2hqXynASs1E+6Eik7Xt+g1r8uVf1saCBHM3U6tBzpJk4FDYM=
=rgzJ
-----END PGP SIGNATURE-----

272
openssl-3.changes
View File

@ -1,3 +1,275 @@
-------------------------------------------------------------------
Thu Nov 23 16:07:51 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>
- Update to 3.2.0:
* The BLAKE2b hash algorithm supports a configurable output length
by setting the "size" parameter.
* Enable extra Arm64 optimization on Windows for GHASH, RAND and
AES.
* Added a function to delete objects from store by URI -
OSSL_STORE_delete() and the corresponding provider-storemgmt API
function OSSL_FUNC_store_delete().
* Added OSSL_FUNC_store_open_ex() provider-storemgmt API function to
pass a passphrase callback when opening a store.
* Changed the default salt length used by PBES2 KDF's (PBKDF2 and
scrypt) from 8 bytes to 16 bytes. The PKCS5 (RFC 8018) standard
uses a 64 bit salt length for PBE, and recommends a minimum of 64
bits for PBES2. For FIPS compliance PBKDF2 requires a salt length
of 128 bits. This affects OpenSSL command line applications such
as "genrsa" and "pkcs8" and API's such as
PEM_write_bio_PrivateKey() that are reliant on the default value.
The additional commandline option 'saltlen' has been added to the
OpenSSL command line applications for "pkcs8" and "enc" to allow
the salt length to be set to a non default value.
* Changed the default value of the ess_cert_id_alg configuration
option which is used to calculate the TSA's public key
certificate identifier. The default algorithm is updated to be
sha256 instead of sha1.
* Added optimization for SM2 algorithm on aarch64. It uses a huge
precomputed table for point multiplication of the base point,
which increases the size of libcrypto from 4.4 MB to 4.9 MB. A
new configure option no-sm2-precomp has been added to disable the
precomputed table.
* Added client side support for QUIC
* Added multiple tutorials on the OpenSSL library and in particular
on writing various clients (using TLS and QUIC protocols) with
libssl.
* Added secp384r1 implementation using Solinas' reduction to improve
speed of the NIST P-384 elliptic curve. To enable the
implementation the build option enable-ec_nistp_64_gcc_128 must
be used.
* Improved RFC7468 compliance of the asn1parse command.
* Added SHA256/192 algorithm support.
* Added support for securely getting root CA certificate update in
CMP.
* Improved contention on global write locks by using more read locks
where appropriate.
* Improved performance of OSSL_PARAM lookups in performance critical
provider functions.
* Added the SSL_get0_group_name() function to provide access to the
name of the group used for the TLS key exchange.
* Provide a new configure option no-http that can be used to disable
the HTTP support. Provide new configure options no-apps and
no-docs to disable building the openssl command line application
and the documentation.
* Provide a new configure option no-ecx that can be used to disable
the X25519, X448, and EdDSA support.
* When multiple OSSL_KDF_PARAM_INFO parameters are passed to the
EVP_KDF_CTX_set_params() function they are now concatenated not
just for the HKDF algorithm but also for SSKDF and X9.63 KDF
algorithms.
* Added OSSL_FUNC_keymgmt_im/export_types_ex() provider functions
that get the provider context as a parameter.
* TLS round-trip time calculation was added by a Brigham Young
University Capstone team partnering with Sandia National
Laboratories. A new function in ssl_lib titled
SSL_get_handshake_rtt will calculate and retrieve this value.
* Added the "-quic" option to s_client to enable connectivity to
QUIC servers. QUIC requires the use of ALPN, so this must be
specified via the "-alpn" option. Use of the "advanced" s_client
command command via the "-adv" option is recommended.
* Added an "advanced" command mode to s_client. Use this with
the "-adv" option. The old "basic" command mode recognises
certain letters that must always appear at the start of a line
and cannot be escaped. The advanced command mode enables commands
to be entered anywhere and there is an escaping mechanism. After
starting s_client with "-adv" type "{help}" to show a list of
available commands.
* Add Raw Public Key (RFC7250) support. Authentication is supported
by matching keys against either local policy (TLSA records
synthesised from the expected keys) or DANE (TLSA records
obtained by the application from DNS). TLSA records will also
match the same key in the server certificate, should RPK use not
happen to be negotiated.
* Added support for modular exponentiation and CRT offloading for
the S390x architecture.
* Added further assembler code for the RISC-V architecture.
* Added EC_GROUP_to_params() which creates an OSSL_PARAM array from
a given EC_GROUP.
* Improved support for non-default library contexts and property
queries when parsing PKCS#12 files.
* Implemented support for all five instances of EdDSA from RFC8032:
Ed25519, Ed25519ctx, Ed25519ph, Ed448, and Ed448ph. The streaming
is not yet supported for the HashEdDSA variants (Ed25519ph and
Ed448ph).
* Added SM4 optimization for ARM processors using ASIMD and AES HW
instructions.
* Implemented SM4-XTS support.
* Added platform-agnostic OSSL_sleep() function.
* Implemented deterministic ECDSA signatures (RFC6979) support.
* Implemented AES-GCM-SIV (RFC8452) support.
* Added support for pluggable (provider-based) TLS signature
algorithms. This enables TLS 1.3 authentication operations with
algorithms embedded in providers not included by default in
OpenSSL. In combination with the already available pluggable KEM
and X.509 support, this enables for example suitable providers to
deliver post-quantum or quantum-safe cryptography to OpenSSL
users.
* Added support for pluggable (provider-based) CMS signature
algorithms. This enables CMS sign and verify operations with
algorithms embedded in providers not included by default in
OpenSSL.
* Added support for Hybrid Public Key Encryption (HPKE) as defined
in RFC9180. HPKE is required for TLS Encrypted ClientHello
(ECH), Message Layer Security (MLS) and other IETF
specifications. HPKE can also be used by other applications that
require encrypting "to" an ECDH public key. External APIs are
defined in include/openssl/hpke.h and documented in
doc/man3/OSSL_HPKE_CTX_new.pod
* Implemented HPKE DHKEM support in providers used by HPKE
(RFC9180) API.
* Add support for certificate compression (RFC8879), including
library support for Brotli and Zstandard compression.
* Add the ability to add custom attributes to PKCS12 files. Add a
new API PKCS12_create_ex2, identical to the existing
PKCS12_create_ex but allows for a user specified callback and
optional argument. Added a new PKCS12_SAFEBAG_set0_attr, which
allows for a new attr to be added to the existing STACK_OF
attrs.
* Major refactor of the libssl record layer.
* Add a mac salt length option for the pkcs12 command.
* Add more SRTP protection profiles from RFC8723 and RFC8269.
* Extended Kernel TLS (KTLS) to support TLS 1.3 receive offload.
* Add support for TCP Fast Open (RFC7413) to macOS, Linux, and
FreeBSD where supported and enabled.
* Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK
(RFC 5489) to the list of ciphersuites providing Perfect Forward
Secrecy as required by SECLEVEL >= 3.
* Add new SSL APIs to aid in efficiently implementing TLS/SSL
fingerprinting. The SSL_CTRL_GET_IANA_GROUPS control code,
exposed as the SSL_get0_iana_groups() function-like macro,
retrieves the list of supported groups sent by the peer. The
function SSL_client_hello_get_extension_order() populates a
caller-supplied array with the list of extension types present in
the ClientHello, in order of appearance.
* Fixed PEM_write_bio_PKCS8PrivateKey() and
PEM_write_bio_PKCS8PrivateKey_nid() to make it possible to use
empty passphrase strings.
* The PKCS12_parse() function now supports MAC-less PKCS12 files.
* Added ASYNC_set_mem_functions() and ASYNC_get_mem_functions
() calls to be able to change functions used for allocating the
memory of asynchronous call stack.
* Added support for signed BIGNUMs in the OSSL_PARAM APIs.
* A failure exit code is returned when using the openssl x509
command to check certificate attributes and the checks fail.
* The default SSL/TLS security level has been changed from 1 to 2.
RSA, DSA and DH keys of 1024 bits and above and less than 2048
bits and ECC keys of 160 bits and above and less than 224 bits
were previously accepted by default but are now no longer
allowed. By default TLS compression was already disabled in
previous OpenSSL versions. At security level 2 it cannot be
enabled.
* The SSL_CTX_set_cipher_list family functions now accept ciphers
using their IANA standard names.
* The PVK key derivation function has been moved from b2i_PVK_bio_ex
() into the legacy crypto provider as an EVP_KDF. Applications
requiring this KDF will need to load the legacy crypto provider.
* CCM8 cipher suites in TLS have been downgraded to security level
zero because they use a short authentication tag which lowers
their strength.
* Subject or issuer names in X.509 objects are now displayed as
UTF-8 strings by default.
* Add X.509 certificate codeSigning purpose and related checks on
key usage and extended key usage of the leaf certificate
according to the CA/Browser Forum.
* The x509, ca, and req apps now produce X.509 v3 certificates.
The -x509v1 option of req prefers generation of X.509 v1
certificates. X509_sign() and X509_sign_ctx() make sure that the
certificate has X.509 version 3 if the certificate information
includes X.509 extensions.
* Fix and extend certificate handling and the apps x509, verify etc.
such as adding a trace facility for debugging certificate chain
building.
* Various fixes and extensions to the CMP+CRMF implementation and
the cmp app in particular supporting requests for central key
generation, generalized polling, and various types of genm/genp
exchanges defined in CMP Updates.
* Fixes and extensions to the HTTP client and to the HTTP server in
apps/ like correcting the TLS and proxy support and adding
tracing for debugging.
* Extended the CMS API for handling CMS_SignedData and
CMS_EnvelopedData.
* CMS_add0_cert() and CMS_add1_cert() no longer throw an error if a
certificate to be added is already present. CMS_sign_ex() and
CMS_sign() now ignore any duplicate certificates in their certs
argument and no longer throw an error for them.
* Fixed and extended util/check-format.pl for checking adherence to
the coding style
https://www.openssl.org/policies/technical/coding-style.html. The
checks are meanwhile more complete and yield fewer false
positives.
* Added BIO_s_dgram_pair() and BIO_s_dgram_mem() that provide
memory-based BIOs with datagram semantics and support for
BIO_sendmmsg() and BIO_recvmmsg() calls. They can be used as the
transport BIOs for QUIC.
* Add new BIO_sendmmsg() and BIO_recvmmsg() BIO methods which allow
sending and receiving multiple messages in a single call. An
implementation is provided for BIO_dgram. For further details,
see BIO_sendmmsg(3).
* Support for loading root certificates from the Windows certificate
store has been added. The support is in the form of a store which
recognises the URI string of org.openssl.winstore://. This URI
scheme currently takes no arguments. This store is built by
default and can be disabled using the new compile-time option
no-winstore. This store is not currently used by default and must
be loaded explicitly using the above store URI. It is expected to
be loaded by default in the future.
* Enable KTLS with the TLS 1.3 CCM mode ciphersuites. Note that some
linux kernel versions that support KTLS have a known bug in CCM
processing. That has been fixed in stable releases starting from
5.4.164, 5.10.84, 5.15.7, and all releases since 5.16. KTLS with
CCM ciphersuites should be only used on these releases.
* Added -ktls option to s_server and s_client commands to enable the
KTLS support.
* Zerocopy KTLS sendfile() support on Linux.
* The OBJ_ calls are now thread safe using a global lock.
* New parameter -digest for openssl cms command allowing signing
pre-computed digests and new CMS API functions supporting that
functionality.
* OPENSSL_malloc() and other allocation functions now raise errors
on allocation failures. The callers do not need to explicitly
raise errors unless they want to for tracing purposes.
* Added and enabled by default implicit rejection in RSA PKCS#1 v1.5
decryption as a protection against Bleichenbacher-like attacks.
The RSA decryption API will now return a randomly generated
deterministic message instead of an error in case it detects an
error when checking padding during PKCS#1 v1.5 decryption. This
is a general protection against issues like CVE-2020-25659 and
CVE-2020-25657. This protection can be disabled by calling
EVP_PKEY_CTX_ctrl_str
(ctx, "rsa_pkcs1_implicit_rejection". "0") on the RSA decryption
context.
* Added support for Brainpool curves in TLS-1.3.
* Added OpenBSD specific build targets.
* Support for Argon2d, Argon2i, Argon2id KDFs has been added along
with a basic thread pool implementation for select platforms.
- Revert 0e55c3ab to resolve 'libssl.so: undefined reference to `ossl_safe_getenv'
introduced by our patch openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch
* Add openssl-Revert-Makefile-Call-mknum.pl-on-make-ordinals-only-if.patch
- Remove patches (already upsteram):
* openssl-Add_support_for_Windows_CA_certificate_store.patch
* openssl-ec-Use-static-linkage-on-nistp521-felem_-square-mul-.patch
* openssl-ec-56-bit-Limb-Solinas-Strategy-for-secp384r1.patch
* openssl-ec-powerpc64le-Add-asm-implementation-of-felem_-squa.patch
* openssl-ecc-Remove-extraneous-parentheses-in-secp384r1.patch
* openssl-powerpc-ecc-Fix-stack-allocation-secp384r1-asm.patch
* openssl-Improve-performance-for-6x-unrolling-with-vpermxor-i.patch
* openssl-CVE-2023-5678.patch
- Refresh patches:
* openssl-no-html-docs.patch
* openssl-truststore.patch
* openssl-pkgconfig.patch
* openssl-DEFAULT_SUSE_cipher.patch
* openssl-ppc64-config.patch
* openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch
* openssl-Override-default-paths-for-the-CA-directory-tree.patch
* openssl-Add-FIPS_mode-compatibility-macro.patch
* openssl-Add-Kernel-FIPS-mode-flag-support.patch
- Drop openssl-no-date.patch
Upstream added support for reproducible builds via SOURCE_DATE_EPOCH in
https://github.com/openssl/openssl/commit/8a8d9e190533ee41e8b231b18c7837f98f1ae231
thereby making this patch obsolete as builds *should* still be reproducible.
-------------------------------------------------------------------
Mon Nov 13 09:29:26 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>

37
openssl-3.spec
View File

@ -22,7 +22,7 @@
%define man_suffix 3ssl
Name: openssl-3
# Don't forget to update the version in the "openssl" meta-package!
Version: 3.1.4
Version: 3.2.0
Release: 0
Summary: Secure Sockets and Transport Layer Security
License: Apache-2.0
@ -42,26 +42,15 @@ Patch2: openssl-truststore.patch
Patch3: openssl-pkgconfig.patch
Patch4: openssl-DEFAULT_SUSE_cipher.patch
Patch5: openssl-ppc64-config.patch
Patch6: openssl-no-date.patch
# Add crypto-policies support
Patch7: openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch
Patch8: openssl-Override-default-paths-for-the-CA-directory-tree.patch
# PATCH-FIX-UPSTREAM: bsc#1209430 Upgrade OpenSSL from 3.0.8 to 3.1.0 in TW
Patch9: openssl-Add_support_for_Windows_CA_certificate_store.patch
Patch6: openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch
Patch7: openssl-Override-default-paths-for-the-CA-directory-tree.patch
# PATCH-FIX-OPENSUSE: Revert of 0e55c3ab8d702ffc897c9beb51d19b14b789618
# Makefile: Call mknum.pl on 'make ordinals' only if needed
Patch8: openssl-Revert-Makefile-Call-mknum.pl-on-make-ordinals-only-if.patch
# PATCH-FIX-FEDORA Add FIPS_mode compatibility macro and flag support
Patch10: openssl-Add-FIPS_mode-compatibility-macro.patch
Patch11: openssl-Add-Kernel-FIPS-mode-flag-support.patch
# PATCH-FIX-UPSTREAM jsc#PED-5086, jsc#PED-3514
# POWER10 performance enhancements for cryptography
Patch12: openssl-ec-Use-static-linkage-on-nistp521-felem_-square-mul-.patch
Patch13: openssl-ec-56-bit-Limb-Solinas-Strategy-for-secp384r1.patch
Patch14: openssl-ec-powerpc64le-Add-asm-implementation-of-felem_-squa.patch
Patch15: openssl-ecc-Remove-extraneous-parentheses-in-secp384r1.patch
Patch16: openssl-powerpc-ecc-Fix-stack-allocation-secp384r1-asm.patch
Patch17: openssl-Improve-performance-for-6x-unrolling-with-vpermxor-i.patch
# PATCH-FIX-UPSTREAM: bsc#1216922 CVE-2023-5678 Generating excessively long X9.42 DH keys or
# checking excessively long X9.42 DH keys or parameters may be very slow
Patch18: openssl-CVE-2023-5678.patch
Patch9: openssl-Add-FIPS_mode-compatibility-macro.patch
Patch10: openssl-Add-Kernel-FIPS-mode-flag-support.patch
BuildRequires: pkgconfig
BuildRequires: pkgconfig(zlib)
Requires: libopenssl3 = %{version}-%{release}
@ -180,14 +169,18 @@ perl configdata.pm --dump
%check
# Relax the crypto-policies requirements for the regression tests
# Revert patch8 before running tests
patch -p1 -R < %{PATCH8}
# Revert patch7 before running tests
patch -p1 -R < %{PATCH7}
export OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file
export MALLOC_CHECK_=3
export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
# export HARNESS_VERBOSE=yes
#export HARNESS_VERBOSE=yes
%ifarch %{ix86} #Skip test, see issue#22837
LD_LIBRARY_PATH="$PWD" make TESTS='-test_symbol_presence' test -j16
%else
LD_LIBRARY_PATH="$PWD" make test -j16
%endif
# show ciphers
gcc -o showciphers %{optflags} -I%{buildroot}%{_includedir} %{SOURCE5} -L%{buildroot}%{_libdir} -lssl -lcrypto

22
openssl-Add-FIPS_mode-compatibility-macro.patch
View File

@ -14,11 +14,10 @@ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
2 files changed, 40 insertions(+)
create mode 100644 include/openssl/fips.h
diff --git a/include/openssl/fips.h b/include/openssl/fips.h
new file mode 100644
index 0000000000..4162cbf88e
Index: openssl-3.2.0/include/openssl/fips.h
===================================================================
--- /dev/null
+++ b/include/openssl/fips.h
+++ openssl-3.2.0/include/openssl/fips.h
@@ -0,0 +1,26 @@
+/*
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
@ -46,11 +45,11 @@ index 0000000000..4162cbf88e
+}
+# endif
+#endif
diff --git a/test/property_test.c b/test/property_test.c
index 45b1db3e85..8894c1c1cb 100644
--- a/test/property_test.c
+++ b/test/property_test.c
@@ -677,6 +677,19 @@ static int test_property_list_to_string(int i)
Index: openssl-3.2.0/test/property_test.c
===================================================================
--- openssl-3.2.0.orig/test/property_test.c
+++ openssl-3.2.0/test/property_test.c
@@ -680,6 +680,19 @@ static int test_property_list_to_string(
return ret;
}
@ -70,7 +69,7 @@ index 45b1db3e85..8894c1c1cb 100644
int setup_tests(void)
{
ADD_TEST(test_property_string);
@@ -690,6 +703,7 @@ int setup_tests(void)
@@ -693,6 +706,7 @@ int setup_tests(void)
ADD_TEST(test_property);
ADD_TEST(test_query_cache_stochastic);
ADD_TEST(test_fips_mode);
@ -78,6 +77,3 @@ index 45b1db3e85..8894c1c1cb 100644
ADD_ALL_TESTS(test_property_list_to_string, OSSL_NELEM(to_string_tests));
return 1;
}
--
2.41.0

27
openssl-Add-Kernel-FIPS-mode-flag-support.patch
View File

@ -13,12 +13,12 @@ From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
include/internal/provider.h | 3 +++
2 files changed, 39 insertions(+)
diff --git a/crypto/context.c b/crypto/context.c
index e294ea1512..51002ba79a 100644
--- a/crypto/context.c
+++ b/crypto/context.c
@@ -16,6 +16,41 @@
#include "internal/provider.h"
Index: openssl-3.2.0/crypto/context.c
===================================================================
--- openssl-3.2.0.orig/crypto/context.c
+++ openssl-3.2.0/crypto/context.c
@@ -17,6 +17,41 @@
#include "crypto/decoder.h"
#include "crypto/context.h"
+# include <sys/types.h>
@ -59,7 +59,7 @@ index e294ea1512..51002ba79a 100644
struct ossl_lib_ctx_st {
CRYPTO_RWLOCK *lock, *rand_crngt_lock;
OSSL_EX_DATA_GLOBAL global;
@@ -336,6 +371,7 @@ static int default_context_inited = 0;
@@ -368,6 +403,7 @@ static int default_context_inited = 0;
DEFINE_RUN_ONCE_STATIC(default_context_do_init)
{
@ -67,11 +67,11 @@ index e294ea1512..51002ba79a 100644
if (!CRYPTO_THREAD_init_local(&default_context_thread_local, NULL))
goto err;
diff --git a/include/internal/provider.h b/include/internal/provider.h
index 18937f84c7..1446bf7afb 100644
--- a/include/internal/provider.h
+++ b/include/internal/provider.h
@@ -112,6 +112,9 @@ int ossl_provider_init_as_child(OSSL_LIB_CTX *ctx,
Index: openssl-3.2.0/include/internal/provider.h
===================================================================
--- openssl-3.2.0.orig/include/internal/provider.h
+++ openssl-3.2.0/include/internal/provider.h
@@ -112,6 +112,9 @@ int ossl_provider_init_as_child(OSSL_LIB
const OSSL_DISPATCH *in);
void ossl_provider_deinit_child(OSSL_LIB_CTX *ctx);
@ -81,6 +81,3 @@ index 18937f84c7..1446bf7afb 100644
# ifdef __cplusplus
}
# endif
--
2.41.0

109
openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch
View File

@ -15,9 +15,11 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
util/libcrypto.num | 1
8 files changed, 110 insertions(+), 14 deletions(-)
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
@@ -315,6 +315,10 @@ MANDIR=$(INSTALLTOP)/share/man
Index: openssl-3.2.0/Configurations/unix-Makefile.tmpl
===================================================================
--- openssl-3.2.0.orig/Configurations/unix-Makefile.tmpl
+++ openssl-3.2.0/Configurations/unix-Makefile.tmpl
@@ -324,6 +324,10 @@ MANDIR=$(INSTALLTOP)/share/man
DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME)
HTMLDIR=$(DOCDIR)/html
@ -28,7 +30,7 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
# MANSUFFIX is for the benefit of anyone who may want to have a suffix
# appended after the manpage file section number. "ssl" is popular,
# resulting in files such as config.5ssl rather than config.5.
@@ -338,6 +342,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -}
@@ -347,6 +351,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -}
CXX={- $config{CXX} ? "\$(CROSS_COMPILE)$config{CXX}" : '' -}
CPPFLAGS={- our $cppflags1 = join(" ",
(map { "-D".$_} @{$config{CPPDEFINES}}),
@ -36,14 +38,16 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
(map { "-I".$_} @{$config{CPPINCLUDES}}),
@{$config{CPPFLAGS}}) -}
CFLAGS={- join(' ', @{$config{CFLAGS}}) -}
--- a/Configure
+++ b/Configure
Index: openssl-3.2.0/Configure
===================================================================
--- openssl-3.2.0.orig/Configure
+++ openssl-3.2.0/Configure
@@ -27,7 +27,7 @@ use OpenSSL::config;
my $orig_death_handler = $SIG{__DIE__};
$SIG{__DIE__} = \&death_handler;
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
-my $usage="Usage: Configure [no-<feature> ...] [enable-<feature> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]thread-pool] [[no-]default-thread-pool] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
+my $usage="Usage: Configure [no-<feature> ...] [enable-<feature> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]thread-pool] [[no-]default-thread-pool] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
my $banner = <<"EOF";
@ -58,7 +62,7 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
# --banner=".." Output specified text instead of default completion banner
#
# -w Don't wait after showing a Configure warning
@@ -387,6 +391,7 @@ $config{prefix}="";
@@ -394,6 +398,7 @@ $config{prefix}="";
$config{openssldir}="";
$config{processor}="";
$config{libdir}="";
@ -66,7 +70,7 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
my $auto_threads=1; # enable threads automatically? true by default
my $default_ranlib;
@@ -989,6 +994,10 @@ while (@argvcopy)
@@ -1047,6 +1052,10 @@ while (@argvcopy)
die "FIPS key too long (64 bytes max)\n"
if length $1 > 64;
}
@ -77,9 +81,11 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
elsif (/^--banner=(.*)$/)
{
$banner = $1 . "\n";
--- a/doc/man1/openssl-ciphers.pod.in
+++ b/doc/man1/openssl-ciphers.pod.in
@@ -186,6 +186,15 @@ As of OpenSSL 1.0.0, the B<ALL> cipher s
Index: openssl-3.2.0/doc/man1/openssl-ciphers.pod.in
===================================================================
--- openssl-3.2.0.orig/doc/man1/openssl-ciphers.pod.in
+++ openssl-3.2.0/doc/man1/openssl-ciphers.pod.in
@@ -190,6 +190,15 @@ As of OpenSSL 1.0.0, the B<ALL> cipher s
The cipher suites not enabled by B<ALL>, currently B<eNULL>.
@ -95,9 +101,11 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
=item B<HIGH>
"High" encryption cipher suites. This currently means those with key lengths
--- a/include/openssl/ssl.h.in
+++ b/include/openssl/ssl.h.in
@@ -213,6 +213,11 @@ extern "C" {
Index: openssl-3.2.0/include/openssl/ssl.h.in
===================================================================
--- openssl-3.2.0.orig/include/openssl/ssl.h.in
+++ openssl-3.2.0/include/openssl/ssl.h.in
@@ -214,6 +214,11 @@ extern "C" {
* throwing out anonymous and unencrypted ciphersuites! (The latter are not
* actually enabled by ALL, but "ALL:RSA" would enable some of them.)
*/
@ -109,9 +117,11 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
# define SSL_SENT_SHUTDOWN 1
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1443,6 +1443,53 @@ int SSL_set_ciphersuites(SSL *s, const c
Index: openssl-3.2.0/ssl/ssl_ciph.c
===================================================================
--- openssl-3.2.0.orig/ssl/ssl_ciph.c
+++ openssl-3.2.0/ssl/ssl_ciph.c
@@ -1455,6 +1455,53 @@ int SSL_set_ciphersuites(SSL *s, const c
return ret;
}
@ -165,7 +175,7 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
STACK_OF(SSL_CIPHER) *tls13_ciphersuites,
STACK_OF(SSL_CIPHER) **cipher_list,
@@ -1457,15 +1504,25 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
@@ -1469,15 +1516,25 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
const SSL_CIPHER **ca_list = NULL;
const SSL_METHOD *ssl_method = ctx->method;
@ -193,16 +203,16 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
/*
* To reduce the work to do we only want to process the compiled
@@ -1487,7 +1544,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers);
if (co_list == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
- return NULL; /* Failure */
+ goto err;
@@ -1499,7 +1556,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
if (num_of_ciphers > 0) {
co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers);
if (co_list == NULL)
- return NULL; /* Failure */
+ goto err;
}
ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
@@ -1553,8 +1610,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
@@ -1565,8 +1622,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
* in force within each class
*/
if (!ssl_cipher_strength_sort(&head, &tail)) {
@ -212,18 +222,17 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
}
/*
@@ -1598,9 +1654,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
@@ -1610,8 +1666,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max);
if (ca_list == NULL) {
- OPENSSL_free(co_list);
ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
- return NULL; /* Failure */
+ goto err;
}
ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
disabled_mkey, disabled_auth, disabled_enc,
@@ -1633,8 +1688,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
@@ -1644,8 +1699,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
OPENSSL_free(ca_list); /* Not needed anymore */
if (!ok) { /* Rule processing failure */
@ -233,7 +242,7 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
}
/*
@@ -1642,10 +1696,13 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
@@ -1653,10 +1707,13 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
* if we cannot get one.
*/
if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
@ -249,7 +258,7 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
/* Add TLSv1.3 ciphers first - we always prefer those if possible */
for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) {
const SSL_CIPHER *sslc = sk_SSL_CIPHER_value(tls13_ciphersuites, i);
@@ -1697,6 +1754,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
@@ -1708,6 +1765,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
*cipher_list = cipherstack;
return cipherstack;
@ -264,9 +273,11 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
}
char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -661,7 +661,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx
Index: openssl-3.2.0/ssl/ssl_lib.c
===================================================================
--- openssl-3.2.0.orig/ssl/ssl_lib.c
+++ openssl-3.2.0/ssl/ssl_lib.c
@@ -689,7 +689,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx
ctx->tls13_ciphersuites,
&(ctx->cipher_list),
&(ctx->cipher_list_by_id),
@ -275,7 +286,7 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
ERR_raise(ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
return 0;
@@ -3286,7 +3286,7 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *li
@@ -3955,7 +3955,7 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *li
if (!ssl_create_cipher_list(ret,
ret->tls13_ciphersuites,
&ret->cipher_list, &ret->cipher_list_by_id,
@ -283,10 +294,12 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
+ SSL_SYSTEM_DEFAULT_CIPHER_LIST, ret->cert)
|| sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
ERR_raise(ERR_LIB_SSL, SSL_R_LIBRARY_HAS_NO_CIPHERS);
goto err2;
--- a/test/cipherlist_test.c
+++ b/test/cipherlist_test.c
@@ -246,7 +246,9 @@ end:
goto err;
Index: openssl-3.2.0/test/cipherlist_test.c
===================================================================
--- openssl-3.2.0.orig/test/cipherlist_test.c
+++ openssl-3.2.0/test/cipherlist_test.c
@@ -261,7 +261,9 @@ end:
int setup_tests(void)
{
@ -295,11 +308,13 @@ Subject: Add support for PROFILE=SYSTEM system default cipherlist
+#endif
ADD_TEST(test_default_cipherlist_explicit);
ADD_TEST(test_default_cipherlist_clear);
return 1;
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5435,3 +5435,4 @@ EVP_MD_CTX_dup
EVP_CIPHER_CTX_dup 5563 3_1_0 EXIST::FUNCTION:
BN_are_coprime 5564 3_1_0 EXIST::FUNCTION:
OSSL_CMP_MSG_update_recipNonce 5565 3_0_9 EXIST::FUNCTION:CMP
ADD_TEST(test_stdname_cipherlist);
Index: openssl-3.2.0/util/libcrypto.num
===================================================================
--- openssl-3.2.0.orig/util/libcrypto.num
+++ openssl-3.2.0/util/libcrypto.num
@@ -5536,3 +5536,4 @@ X509_STORE_CTX_set_get_crl
X509_STORE_CTX_set_current_reasons 5664 3_2_0 EXIST::FUNCTION:
OSSL_STORE_delete 5665 3_2_0 EXIST::FUNCTION:
BIO_ADDR_copy 5666 3_2_0 EXIST::FUNCTION:SOCK
+ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:

743
openssl-Add_support_for_Windows_CA_certificate_store.patch
View File

@ -1,743 +0,0 @@
From 2a071544f7d2e963a1f68f266f4e375568909d38 Mon Sep 17 00:00:00 2001
From: Hugo Landau <hlandau@openssl.org>
Date: Fri, 8 Apr 2022 13:10:52 +0100
Subject: [PATCH 1/8] Fix URI handling in SSL_CERT_DIR/introduce SSL_CERT_URI
env
Fixes #18068.
---
CHANGES.md | 21
Configure | 7
crypto/x509/by_dir.c | 17
crypto/x509/by_store.c | 14
crypto/x509/x509_def.c | 15
doc/build.info | 6
doc/man3/X509_get_default_cert_file.pod | 113 +++++
include/internal/cryptlib.h | 11
include/internal/e_os.h | 2
include/openssl/x509.h.in | 3
providers/implementations/include/prov/implementations.h | 1
providers/implementations/storemgmt/build.info | 3
providers/implementations/storemgmt/winstore_store.c | 327 +++++++++++++++
providers/stores.inc | 3
util/libcrypto.num | 3
util/missingcrypto.txt | 4
16 files changed, 536 insertions(+), 14 deletions(-)
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -24,6 +24,27 @@ OpenSSL 3.1
### Changes between 3.1.0 and 3.1.1 [30 May 2023]
+ * The `SSL_CERT_PATH` and `SSL_CERT_URI` environment variables are introduced.
+ `SSL_CERT_URI` can be used to specify a URI for a root certificate store. The
+ `SSL_CERT_PATH` environment variable specifies a delimiter-separated list of
+ paths which are searched for root certificates.
+
+ The existing `SSL_CERT_DIR` environment variable is deprecated.
+ `SSL_CERT_DIR` was previously used to specify either a delimiter-separated
+ list of paths or an URI, which is ambiguous. Setting `SSL_CERT_PATH` causes
+ `SSL_CERT_DIR` to be ignored for the purposes of determining root certificate
+ directories, and setting `SSL_CERT_URI` causes `SSL_CERT_DIR` to be ignored
+ for the purposes of determining root certificate stores.
+
+ *Hugo Landau*
+
+ * Support for loading root certificates from the Windows certificate store
+ has been added. The support is in the form of a store which recognises the
+ URI string of `org.openssl.winstore://`. This store is enabled by default and
+ can be disabled using the new compile-time option `no-winstore`.
+
+ *Hugo Landau*
+
* Mitigate for the time it takes for `OBJ_obj2txt` to translate gigantic
OBJECT IDENTIFIER sub-identifiers to canonical numeric text form.
--- a/Configure
+++ b/Configure
@@ -420,6 +420,7 @@ my @disablables = (
"cached-fetch",
"camellia",
"capieng",
+ "winstore",
"cast",
"chacha",
"cmac",
@@ -1726,6 +1727,12 @@ unless ($disabled{ktls}) {
}
}
+unless ($disabled{winstore}) {
+ unless ($target =~ /^(?:Cygwin|mingw|VC-|BC-)/) {
+ disable('not-windows', 'winstore');
+ }
+}
+
push @{$config{openssl_other_defines}}, "OPENSSL_NO_KTLS" if ($disabled{ktls});
# Get the extra flags used when building shared libraries and modules. We
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -88,13 +88,18 @@ static int dir_ctrl(X509_LOOKUP *ctx, in
switch (cmd) {
case X509_L_ADD_DIR:
if (argl == X509_FILETYPE_DEFAULT) {
- const char *dir = ossl_safe_getenv(X509_get_default_cert_dir_env());
+ /* If SSL_CERT_PATH is provided and non-empty, use that. */
+ const char *dir = ossl_safe_getenv(X509_get_default_cert_path_env());
- if (dir)
- ret = add_cert_dir(ld, dir, X509_FILETYPE_PEM);
- else
- ret = add_cert_dir(ld, X509_get_default_cert_dir(),
- X509_FILETYPE_PEM);
+ /* Fallback to SSL_CERT_DIR. */
+ if (dir == NULL)
+ dir = ossl_safe_getenv(X509_get_default_cert_dir_env());
+
+ /* Fallback to built-in default. */
+ if (dir == NULL)
+ dir = X509_get_default_cert_dir();
+
+ ret = add_cert_dir(ld, dir, X509_FILETYPE_PEM);
if (!ret) {
ERR_raise(ERR_LIB_X509, X509_R_LOADING_CERT_DIR);
}
--- a/crypto/x509/by_store.c
+++ b/crypto/x509/by_store.c
@@ -111,11 +111,21 @@ static int by_store_ctrl_ex(X509_LOOKUP
{
switch (cmd) {
case X509_L_ADD_STORE:
- /* If no URI is given, use the default cert dir as default URI */
+ /* First try the newer default cert URI envvar. */
+ if (argp == NULL)
+ argp = ossl_safe_getenv(X509_get_default_cert_uri_env());
+
+ /* If not set, see if we have a URI in the older cert dir envvar. */
if (argp == NULL)
argp = ossl_safe_getenv(X509_get_default_cert_dir_env());
+
+ /* Fallback to default store URI. */
if (argp == NULL)
- argp = X509_get_default_cert_dir();
+ argp = X509_get_default_cert_uri();
+
+ /* No point adding an empty URI. */
+ if (!*argp)
+ return 1;
{
STACK_OF(OPENSSL_STRING) *uris = X509_LOOKUP_get_method_data(ctx);
--- a/crypto/x509/x509_def.c
+++ b/crypto/x509/x509_def.c
@@ -22,6 +22,11 @@ const char *X509_get_default_cert_area(v
return X509_CERT_AREA;
}
+const char *X509_get_default_cert_uri(void)
+{
+ return X509_CERT_URI;
+}
+
const char *X509_get_default_cert_dir(void)
{
return X509_CERT_DIR;
@@ -32,6 +37,16 @@ const char *X509_get_default_cert_file(v
return X509_CERT_FILE;
}
+const char *X509_get_default_cert_uri_env(void)
+{
+ return X509_CERT_URI_EVP;
+}
+
+const char *X509_get_default_cert_path_env(void)
+{
+ return X509_CERT_PATH_EVP;
+}
+
const char *X509_get_default_cert_dir_env(void)
{
return X509_CERT_DIR_EVP;
--- a/doc/build.info
+++ b/doc/build.info
@@ -2791,6 +2791,10 @@ DEPEND[html/man3/X509_get0_uids.html]=ma
GENERATE[html/man3/X509_get0_uids.html]=man3/X509_get0_uids.pod
DEPEND[man/man3/X509_get0_uids.3]=man3/X509_get0_uids.pod
GENERATE[man/man3/X509_get0_uids.3]=man3/X509_get0_uids.pod
+DEPEND[html/man3/X509_get_default_cert_file.html]=man3/X509_get_default_cert_file.pod
+GENERATE[html/man3/X509_get_default_cert_file.html]=man3/X509_get_default_cert_file.pod
+DEPEND[man/man3/X509_get_default_cert_file.3]=man3/X509_get_default_cert_file.pod
+GENERATE[man/man3/X509_get_default_cert_file.3]=man3/X509_get_default_cert_file.pod
DEPEND[html/man3/X509_get_extension_flags.html]=man3/X509_get_extension_flags.pod
GENERATE[html/man3/X509_get_extension_flags.html]=man3/X509_get_extension_flags.pod
DEPEND[man/man3/X509_get_extension_flags.3]=man3/X509_get_extension_flags.pod
@@ -3461,6 +3465,7 @@ html/man3/X509_get0_distinguishing_id.ht
html/man3/X509_get0_notBefore.html \
html/man3/X509_get0_signature.html \
html/man3/X509_get0_uids.html \
+html/man3/X509_get_default_cert_file.html \
html/man3/X509_get_extension_flags.html \
html/man3/X509_get_pubkey.html \
html/man3/X509_get_serialNumber.html \
@@ -4064,6 +4069,7 @@ man/man3/X509_get0_distinguishing_id.3 \
man/man3/X509_get0_notBefore.3 \
man/man3/X509_get0_signature.3 \
man/man3/X509_get0_uids.3 \
+man/man3/X509_get_default_cert_file.3 \
man/man3/X509_get_extension_flags.3 \
man/man3/X509_get_pubkey.3 \
man/man3/X509_get_serialNumber.3 \
--- /dev/null
+++ b/doc/man3/X509_get_default_cert_file.pod
@@ -0,0 +1,113 @@
+=pod
+
+=head1 NAME
+
+X509_get_default_cert_file, X509_get_default_cert_file_env,
+X509_get_default_cert_path_env,
+X509_get_default_cert_dir, X509_get_default_cert_dir_env,
+X509_get_default_cert_uri, X509_get_default_cert_uri_env -
+retrieve default locations for trusted CA certificates
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ const char *X509_get_default_cert_file(void);
+ const char *X509_get_default_cert_dir(void);
+ const char *X509_get_default_cert_uri(void);
+
+ const char *X509_get_default_cert_file_env(void);
+ const char *X509_get_default_cert_path_env(void);
+ const char *X509_get_default_cert_dir_env(void);
+ const char *X509_get_default_cert_uri_env(void);
+
+=head1 DESCRIPTION
+
+The X509_get_default_cert_file() function returns the default path
+to a file containing trusted CA certificates. OpenSSL will use this as
+the default path when it is asked to load trusted CA certificates
+from a file and no other path is specified. If the file exists, CA certificates
+are loaded from the file.
+
+The X509_get_default_cert_dir() function returns a default delimeter-separated
+list of paths to a directories containing trusted CA certificates named in the
+hashed format. OpenSSL will use this as the default list of paths when it is
+asked to load trusted CA certificates from a directory and no other path is
+specified. If a given directory in the list exists, OpenSSL attempts to lookup
+CA certificates in this directory by calculating a filename based on a hash of
+the certificate's subject name.
+
+The X509_get_default_cert_uri() function returns the default URI for a
+certificate store accessed programmatically via an OpenSSL provider. If there is
+no default store applicable to the system for which OpenSSL was compiled, this
+returns an empty string.
+
+X509_get_default_cert_file_env() and X509_get_default_cert_uri_env() return
+environment variable names which are recommended to specify nondefault values to
+be used instead of the values returned by X509_get_default_cert_file() and
+X509_get_default_cert_uri() respectively. The values returned by the latter
+functions are not affected by these environment variables; you must check for
+these environment variables yourself, using these functions to retrieve the
+correct environment variable names. If an environment variable is not set, the
+value returned by the corresponding function above should be used.
+
+X509_get_default_cert_path_env() returns the environment variable name which is
+recommended to specify a nondefault value to be used instead of the value
+returned by X509_get_default_cert_dir(). This environment variable supercedes
+the deprecated environment variable whose name is returned by
+X509_get_default_cert_dir_env(). This environment variable was deprecated as its
+contents can be interpreted ambiguously; see NOTES.
+
+By default, OpenSSL uses the path list specified in the environment variable
+whose name is returned by X509_get_default_cert_path_env() if it is set;
+otherwise, it uses the path list specified in the environment variable whose
+name is returned by X509_get_default_cert_dir_env() if it is set; otherwise, it
+uses the value returned by X509_get_default_cert_dir()).
+
+=head1 NOTES
+
+X509_get_default_cert_uri(), X509_get_default_cert_uri_env() and
+X509_get_default_cert_path_env() were introduced in OpenSSL 3.1. Prior to this
+release, store URIs were expressed via the environment variable returned by
+X509_get_default_cert_dir_env(); this environment variable could be used to
+specify either a list of directories or a store URI. This creates an ambiguity
+in which the environment variable returned by X509_get_default_cert_dir_env() is
+interpreted both as a list of directories and as a store URI.
+
+This usage and the environment variable returned by
+X509_get_default_cert_dir_env() are now deprecated; to specify a store URI, use
+the environment variable returned by X509_get_default_cert_uri_env(), and to
+specify a list of directories, use the environment variable returned by
+X509_get_default_cert_path_env().
+
+=head1 RETURN VALUES
+
+These functions return pointers to constant strings with static storage
+duration.
+
+=head1 SEE ALSO
+
+L<X509_LOOKUP(3)>,
+L<SSL_CTX_set_default_verify_file(3)>,
+L<SSL_CTX_set_default_verify_dir(3)>,
+L<SSL_CTX_set_default_verify_store(3)>,
+L<SSL_CTX_load_verify_file(3)>,
+L<SSL_CTX_load_verify_dir(3)>,
+L<SSL_CTX_load_verify_store(3)>,
+L<SSL_CTX_load_verify_locations(3)>
+
+=head1 HISTORY
+
+X509_get_default_cert_uri(), X509_get_default_cert_path_env() and
+X509_get_default_cert_uri_env() were introduced in OpenSSL 3.1.
+
+=head1 COPYRIGHT
+
+Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
--- a/include/internal/cryptlib.h
+++ b/include/internal/cryptlib.h
@@ -13,6 +13,8 @@
# include <stdlib.h>
# include <string.h>
+# include "openssl/configuration.h"
+# include "internal/e_os.h" /* ossl_inline in many files */
# ifdef OPENSSL_USE_APPLINK
# define BIO_FLAGS_UPLINK_INTERNAL 0x8000
@@ -77,6 +79,14 @@ DEFINE_LHASH_OF_EX(MEM);
# define CTLOG_FILE "OSSL$DATAROOT:[000000]ct_log_list.cnf"
# endif
+#ifndef OPENSSL_NO_WINSTORE
+# define X509_CERT_URI "org.openssl.winstore://"
+#else
+# define X509_CERT_URI ""
+#endif
+
+# define X509_CERT_URI_EVP "SSL_CERT_URI"
+# define X509_CERT_PATH_EVP "SSL_CERT_PATH"
# define X509_CERT_DIR_EVP "SSL_CERT_DIR"
# define X509_CERT_FILE_EVP "SSL_CERT_FILE"
# define CTLOG_FILE_EVP "CTLOG_FILE"
@@ -240,5 +250,4 @@ static ossl_inline int ossl_is_absolute_
# endif
return path[0] == '/';
}
-
#endif
--- a/include/internal/e_os.h
+++ b/include/internal/e_os.h
@@ -249,7 +249,7 @@ FILE *__iob_func();
/***********************************************/
# if defined(OPENSSL_SYS_WINDOWS)
-# if (_MSC_VER >= 1310) && !defined(_WIN32_WCE)
+# if defined(_MSC_VER) && (_MSC_VER >= 1310) && !defined(_WIN32_WCE)
# define open _open
# define fdopen _fdopen
# define close _close
--- a/include/openssl/x509.h.in
+++ b/include/openssl/x509.h.in
@@ -491,8 +491,11 @@ ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s
ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj);
const char *X509_get_default_cert_area(void);
+const char *X509_get_default_cert_uri(void);
const char *X509_get_default_cert_dir(void);
const char *X509_get_default_cert_file(void);
+const char *X509_get_default_cert_uri_env(void);
+const char *X509_get_default_cert_path_env(void);
const char *X509_get_default_cert_dir_env(void);
const char *X509_get_default_cert_file_env(void);
const char *X509_get_default_private_dir(void);
--- a/providers/implementations/include/prov/implementations.h
+++ b/providers/implementations/include/prov/implementations.h
@@ -517,3 +517,4 @@ extern const OSSL_DISPATCH ossl_SubjectP
extern const OSSL_DISPATCH ossl_pem_to_der_decoder_functions[];
extern const OSSL_DISPATCH ossl_file_store_functions[];
+extern const OSSL_DISPATCH ossl_winstore_store_functions[];
--- a/providers/implementations/storemgmt/build.info
+++ b/providers/implementations/storemgmt/build.info
@@ -4,3 +4,6 @@
$STORE_GOAL=../../libdefault.a
SOURCE[$STORE_GOAL]=file_store.c file_store_any2obj.c
+IF[{- !$disabled{winstore} -}]
+ SOURCE[$STORE_GOAL]=winstore_store.c
+ENDIF
--- /dev/null
+++ b/providers/implementations/storemgmt/winstore_store.c
@@ -0,0 +1,327 @@
+/*
+ * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+#include <openssl/store.h>
+#include <openssl/core_dispatch.h>
+#include <openssl/core_names.h>
+#include <openssl/core_object.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/params.h>
+#include <openssl/decoder.h>
+#include <openssl/proverr.h>
+#include <openssl/store.h> /* The OSSL_STORE_INFO type numbers */
+#include "internal/cryptlib.h"
+#include "internal/o_dir.h"
+#include "crypto/decoder.h"
+#include "crypto/ctype.h" /* ossl_isdigit() */
+#include "prov/implementations.h"
+#include "prov/bio.h"
+#include "file_store_local.h"
+
+#include <wincrypt.h>
+
+enum {
+ STATE_IDLE,
+ STATE_READ,
+ STATE_EOF,
+};
+
+struct winstore_ctx_st {
+ void *provctx;
+ char *propq;
+ unsigned char *subject;
+ size_t subject_len;
+
+ HCERTSTORE win_store;
+ const CERT_CONTEXT *win_ctx;
+ int state;
+
+ OSSL_DECODER_CTX *dctx;
+};
+
+static void winstore_win_reset(struct winstore_ctx_st *ctx)
+{
+ if (ctx->win_ctx != NULL) {
+ CertFreeCertificateContext(ctx->win_ctx);
+ ctx->win_ctx = NULL;
+ }
+
+ ctx->state = STATE_IDLE;
+}
+
+static void winstore_win_advance(struct winstore_ctx_st *ctx)
+{
+ CERT_NAME_BLOB name = {0};
+
+ if (ctx->state == STATE_EOF)
+ return;
+
+ name.cbData = ctx->subject_len;
+ name.pbData = ctx->subject;
+
+ ctx->win_ctx = (name.cbData == 0 ? NULL :
+ CertFindCertificateInStore(ctx->win_store,
+ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
+ 0, CERT_FIND_SUBJECT_NAME,
+ &name, ctx->win_ctx));
+
+ ctx->state = (ctx->win_ctx == NULL) ? STATE_EOF : STATE_READ;
+}
+
+static void *winstore_open(void *provctx, const char *uri)
+{
+ struct winstore_ctx_st *ctx = NULL;
+
+ if (!HAS_CASE_PREFIX(uri, "org.openssl.winstore:"))
+ return NULL;
+
+ ctx = OPENSSL_zalloc(sizeof(*ctx));
+ if (ctx == NULL)
+ return NULL;
+
+ ctx->provctx = provctx;
+ ctx->win_store = CertOpenSystemStoreW(0, L"ROOT");
+ if (ctx->win_store == NULL) {
+ OPENSSL_free(ctx);
+ return NULL;
+ }
+
+ winstore_win_reset(ctx);
+ return ctx;
+}
+
+static void *winstore_attach(void *provctx, OSSL_CORE_BIO *cin)
+{
+ return NULL; /* not supported */
+}
+
+static const OSSL_PARAM *winstore_settable_ctx_params(void *loaderctx, const OSSL_PARAM params[])
+{
+ static const OSSL_PARAM known_settable_ctx_params[] = {
+ OSSL_PARAM_octet_string(OSSL_STORE_PARAM_SUBJECT, NULL, 0),
+ OSSL_PARAM_utf8_string(OSSL_STORE_PARAM_PROPERTIES, NULL, 0),
+ OSSL_PARAM_END
+ };
+ return known_settable_ctx_params;
+}
+
+static int winstore_set_ctx_params(void *loaderctx, const OSSL_PARAM params[])
+{
+ struct winstore_ctx_st *ctx = loaderctx;
+ const OSSL_PARAM *p;
+ int do_reset = 0;
+
+ if (params == NULL)
+ return 1;
+
+ p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_PROPERTIES);
+ if (p != NULL) {
+ do_reset = 1;
+ OPENSSL_free(ctx->propq);
+ ctx->propq = NULL;
+ if (!OSSL_PARAM_get_utf8_string(p, &ctx->propq, 0))
+ return 0;
+ }
+
+ p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_SUBJECT);
+ if (p != NULL) {
+ const unsigned char *der = NULL;
+ size_t der_len = 0;
+
+ if (!OSSL_PARAM_get_octet_string_ptr(p, (const void **)&der, &der_len))
+ return 0;
+
+ do_reset = 1;
+
+ OPENSSL_free(ctx->subject);
+
+ ctx->subject = OPENSSL_malloc(der_len);
+ if (ctx->subject == NULL) {
+ ctx->subject_len = 0;
+ return 0;
+ }
+
+ ctx->subject_len = der_len;
+ memcpy(ctx->subject, der, der_len);
+ }
+
+ if (do_reset) {
+ winstore_win_reset(ctx);
+ winstore_win_advance(ctx);
+ }
+
+ return 1;
+}
+
+struct load_data_st {
+ OSSL_CALLBACK *object_cb;
+ void *object_cbarg;
+};
+
+static int load_construct(OSSL_DECODER_INSTANCE *decoder_inst,
+ const OSSL_PARAM *params, void *construct_data)
+{
+ struct load_data_st *data = construct_data;
+ return data->object_cb(params, data->object_cbarg);
+}
+
+static void load_cleanup(void *construct_data)
+{
+ /* No-op. */
+}
+
+static int setup_decoder(struct winstore_ctx_st *ctx)
+{
+ OSSL_LIB_CTX *libctx = ossl_prov_ctx_get0_libctx(ctx->provctx);
+ const OSSL_ALGORITHM *to_algo = NULL;
+
+ if (ctx->dctx != NULL)
+ return 1;
+
+ ctx->dctx = OSSL_DECODER_CTX_new();
+ if (ctx->dctx == NULL) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ if (!OSSL_DECODER_CTX_set_input_type(ctx->dctx, "DER")) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
+ goto err;
+ }
+
+ if (!OSSL_DECODER_CTX_set_input_structure(ctx->dctx, "Certificate")) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
+ goto err;
+ }
+
+ for (to_algo = ossl_any_to_obj_algorithm;
+ to_algo->algorithm_names != NULL;
+ to_algo++) {
+ OSSL_DECODER *to_obj = NULL;
+ OSSL_DECODER_INSTANCE *to_obj_inst = NULL;
+
+ /*
+ * Create the internal last resort decoder implementation
+ * together with a "decoder instance".
+ * The decoder doesn't need any identification or to be
+ * attached to any provider, since it's only used locally.
+ */
+ to_obj = ossl_decoder_from_algorithm(0, to_algo, NULL);
+ if (to_obj != NULL)
+ to_obj_inst = ossl_decoder_instance_new(to_obj, ctx->provctx);
+
+ OSSL_DECODER_free(to_obj);
+ if (to_obj_inst == NULL)
+ goto err;
+
+ if (!ossl_decoder_ctx_add_decoder_inst(ctx->dctx,
+ to_obj_inst)) {
+ ossl_decoder_instance_free(to_obj_inst);
+ ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
+ goto err;
+ }
+ }
+
+ if (!OSSL_DECODER_CTX_add_extra(ctx->dctx, libctx, ctx->propq)) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
+ goto err;
+ }
+
+ if (!OSSL_DECODER_CTX_set_construct(ctx->dctx, load_construct)) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
+ goto err;
+ }
+
+ if (!OSSL_DECODER_CTX_set_cleanup(ctx->dctx, load_cleanup)) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
+ goto err;
+ }
+
+ return 1;
+
+err:
+ OSSL_DECODER_CTX_free(ctx->dctx);
+ ctx->dctx = NULL;
+ return 0;
+}
+
+static int winstore_load_using(struct winstore_ctx_st *ctx,
+ OSSL_CALLBACK *object_cb, void *object_cbarg,
+ OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg,
+ const void *der, size_t der_len)
+{
+ struct load_data_st data;
+ const unsigned char *der_ = der;
+ size_t der_len_ = der_len;
+
+ if (setup_decoder(ctx) == 0)
+ return 0;
+
+ data.object_cb = object_cb;
+ data.object_cbarg = object_cbarg;
+
+ OSSL_DECODER_CTX_set_construct_data(ctx->dctx, &data);
+ OSSL_DECODER_CTX_set_passphrase_cb(ctx->dctx, pw_cb, pw_cbarg);
+
+ if (OSSL_DECODER_from_data(ctx->dctx, &der_, &der_len_) == 0)
+ return 0;
+
+ return 1;
+}
+
+static int winstore_load(void *loaderctx,
+ OSSL_CALLBACK *object_cb, void *object_cbarg,
+ OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
+{
+ int ret = 0;
+ struct winstore_ctx_st *ctx = loaderctx;
+
+ if (ctx->state != STATE_READ)
+ return 0;
+
+ ret = winstore_load_using(ctx, object_cb, object_cbarg, pw_cb, pw_cbarg,
+ ctx->win_ctx->pbCertEncoded,
+ ctx->win_ctx->cbCertEncoded);
+
+ if (ret == 1)
+ winstore_win_advance(ctx);
+
+ return ret;
+}
+
+static int winstore_eof(void *loaderctx)
+{
+ struct winstore_ctx_st *ctx = loaderctx;
+
+ return ctx->state != STATE_READ;
+}
+
+static int winstore_close(void *loaderctx)
+{
+ struct winstore_ctx_st *ctx = loaderctx;
+
+ winstore_win_reset(ctx);
+ CertCloseStore(ctx->win_store, 0);
+ OSSL_DECODER_CTX_free(ctx->dctx);
+ OPENSSL_free(ctx->propq);
+ OPENSSL_free(ctx->subject);
+ OPENSSL_free(ctx);
+ return 1;
+}
+
+const OSSL_DISPATCH ossl_winstore_store_functions[] = {
+ { OSSL_FUNC_STORE_OPEN, (void (*)(void))winstore_open },
+ { OSSL_FUNC_STORE_ATTACH, (void (*)(void))winstore_attach },
+ { OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS, (void (*)(void))winstore_settable_ctx_params },
+ { OSSL_FUNC_STORE_SET_CTX_PARAMS, (void (*)(void))winstore_set_ctx_params },
+ { OSSL_FUNC_STORE_LOAD, (void (*)(void))winstore_load },
+ { OSSL_FUNC_STORE_EOF, (void (*)(void))winstore_eof },
+ { OSSL_FUNC_STORE_CLOSE, (void (*)(void))winstore_close },
+ { 0, NULL },
+};
--- a/providers/stores.inc
+++ b/providers/stores.inc
@@ -12,3 +12,6 @@
#endif
STORE("file", "yes", ossl_file_store_functions)
+#ifndef OPENSSL_NO_WINSTORE
+STORE("org.openssl.winstore", "yes", ossl_winstore_store_functions)
+#endif
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5435,4 +5435,7 @@ EVP_MD_CTX_dup
EVP_CIPHER_CTX_dup 5563 3_1_0 EXIST::FUNCTION:
BN_are_coprime 5564 3_1_0 EXIST::FUNCTION:
OSSL_CMP_MSG_update_recipNonce 5565 3_0_9 EXIST::FUNCTION:CMP
+X509_get_default_cert_uri ? 3_1_0 EXIST::FUNCTION:
+X509_get_default_cert_uri_env ? 3_1_0 EXIST::FUNCTION:
+X509_get_default_cert_path_env ? 3_1_0 EXIST::FUNCTION:
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
--- a/util/missingcrypto.txt
+++ b/util/missingcrypto.txt
@@ -1273,10 +1273,6 @@ X509_get0_trust_objects(3)
X509_get1_email(3)
X509_get1_ocsp(3)
X509_get_default_cert_area(3)
-X509_get_default_cert_dir(3)
-X509_get_default_cert_dir_env(3)
-X509_get_default_cert_file(3)
-X509_get_default_cert_file_env(3)
X509_get_default_private_dir(3)
X509_get_pubkey_parameters(3)
X509_get_signature_type(3)

172
openssl-CVE-2023-5678.patch
View File

@ -1,172 +0,0 @@
From ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Fri, 20 Oct 2023 09:18:19 +0200
Subject: [PATCH] Make DH_check_pub_key() and DH_generate_key() safer yet
We already check for an excessively large P in DH_generate_key(), but not in
DH_check_pub_key(), and none of them check for an excessively large Q.
This change adds all the missing excessive size checks of P and Q.
It's to be noted that behaviours surrounding excessively sized P and Q
differ. DH_check() raises an error on the excessively sized P, but only
sets a flag for the excessively sized Q. This behaviour is mimicked in
DH_check_pub_key().
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22518)
---
crypto/dh/dh_check.c | 12 ++++++++++++
crypto/dh/dh_err.c | 3 ++-
crypto/dh/dh_key.c | 12 ++++++++++++
crypto/err/openssl.txt | 1 +
include/crypto/dherr.h | 2 +-
include/openssl/dh.h | 6 +++---
include/openssl/dherr.h | 3 ++-
7 files changed, 33 insertions(+), 6 deletions(-)
diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
index 7ba2beae7fd6b..e20eb62081c5e 100644
--- a/crypto/dh/dh_check.c
+++ b/crypto/dh/dh_check.c
@@ -249,6 +249,18 @@ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key)
*/
int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
{
+ /* Don't do any checks at all with an excessively large modulus */
+ if (BN_num_bits(dh->params.p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) {
+ ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_LARGE);
+ *ret = DH_MODULUS_TOO_LARGE | DH_CHECK_PUBKEY_INVALID;
+ return 0;
+ }
+
+ if (dh->params.q != NULL && BN_ucmp(dh->params.p, dh->params.q) < 0) {
+ *ret |= DH_CHECK_INVALID_Q_VALUE | DH_CHECK_PUBKEY_INVALID;
+ return 1;
+ }
+
return ossl_ffc_validate_public_key(&dh->params, pub_key, ret);
}
diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
index 4152397426cc9..f76ac0dd1463f 100644
--- a/crypto/dh/dh_err.c
+++ b/crypto/dh/dh_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -54,6 +54,7 @@ static const ERR_STRING_DATA DH_str_reasons[] = {
{ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR),
"parameter encoding error"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"},
+ {ERR_PACK(ERR_LIB_DH, 0, DH_R_Q_TOO_LARGE), "q too large"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_SHARED_INFO_ERROR), "shared info error"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_UNABLE_TO_CHECK_GENERATOR),
"unable to check generator"},
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index d84ea99241b9e..afc49f5cdc87d 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -49,6 +49,12 @@ int ossl_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
goto err;
}
+ if (dh->params.q != NULL
+ && BN_num_bits(dh->params.q) > OPENSSL_DH_MAX_MODULUS_BITS) {
+ ERR_raise(ERR_LIB_DH, DH_R_Q_TOO_LARGE);
+ goto err;
+ }
+
if (BN_num_bits(dh->params.p) < DH_MIN_MODULUS_BITS) {
ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_SMALL);
return 0;
@@ -267,6 +273,12 @@ static int generate_key(DH *dh)
return 0;
}
+ if (dh->params.q != NULL
+ && BN_num_bits(dh->params.q) > OPENSSL_DH_MAX_MODULUS_BITS) {
+ ERR_raise(ERR_LIB_DH, DH_R_Q_TOO_LARGE);
+ return 0;
+ }
+
if (BN_num_bits(dh->params.p) < DH_MIN_MODULUS_BITS) {
ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_SMALL);
return 0;
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index a1e6bbb617fcb..69e4f61aa1801 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -513,6 +513,7 @@ DH_R_NO_PARAMETERS_SET:107:no parameters set
DH_R_NO_PRIVATE_VALUE:100:no private value
DH_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error
DH_R_PEER_KEY_ERROR:111:peer key error
+DH_R_Q_TOO_LARGE:130:q too large
DH_R_SHARED_INFO_ERROR:113:shared info error
DH_R_UNABLE_TO_CHECK_GENERATOR:121:unable to check generator
DSA_R_BAD_FFC_PARAMETERS:114:bad ffc parameters
diff --git a/include/crypto/dherr.h b/include/crypto/dherr.h
index bb24d131eb887..519327f795742 100644
--- a/include/crypto/dherr.h
+++ b/include/crypto/dherr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index 8bc17448a0817..f1c0ed06b375a 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -144,7 +144,7 @@ DECLARE_ASN1_ITEM(DHparams)
# define DH_GENERATOR_3 3
# define DH_GENERATOR_5 5
-/* DH_check error codes */
+/* DH_check error codes, some of them shared with DH_check_pub_key */
/*
* NB: These values must align with the equivalently named macros in
* internal/ffc.h.
@@ -154,10 +154,10 @@ DECLARE_ASN1_ITEM(DHparams)
# define DH_UNABLE_TO_CHECK_GENERATOR 0x04
# define DH_NOT_SUITABLE_GENERATOR 0x08
# define DH_CHECK_Q_NOT_PRIME 0x10
-# define DH_CHECK_INVALID_Q_VALUE 0x20
+# define DH_CHECK_INVALID_Q_VALUE 0x20 /* +DH_check_pub_key */
# define DH_CHECK_INVALID_J_VALUE 0x40
# define DH_MODULUS_TOO_SMALL 0x80
-# define DH_MODULUS_TOO_LARGE 0x100
+# define DH_MODULUS_TOO_LARGE 0x100 /* +DH_check_pub_key */
/* DH_check_pub_key error codes */
# define DH_CHECK_PUBKEY_TOO_SMALL 0x01
diff --git a/include/openssl/dherr.h b/include/openssl/dherr.h
index 5d2a762a96f8c..074a70145f9f5 100644
--- a/include/openssl/dherr.h
+++ b/include/openssl/dherr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -50,6 +50,7 @@
# define DH_R_NO_PRIVATE_VALUE 100
# define DH_R_PARAMETER_ENCODING_ERROR 105
# define DH_R_PEER_KEY_ERROR 111
+# define DH_R_Q_TOO_LARGE 130
# define DH_R_SHARED_INFO_ERROR 113
# define DH_R_UNABLE_TO_CHECK_GENERATOR 121

52
openssl-DEFAULT_SUSE_cipher.patch
View File

@ -1,27 +1,7 @@
Index: openssl-3.0.0-alpha7/ssl/ssl_ciph.c
===================================================================
--- openssl-3.0.0-alpha7.orig/ssl/ssl_ciph.c
+++ openssl-3.0.0-alpha7/ssl/ssl_ciph.c
@@ -1592,7 +1592,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
*/
ok = 1;
rule_p = rule_str;
- if (strncmp(rule_str, "DEFAULT", 7) == 0) {
+ if (strncmp(rule_str,"DEFAULT_SUSE", 12) == 0) {
+ ok = ssl_cipher_process_rulestr(SSL_DEFAULT_SUSE_CIPHER_LIST,
+ &head, &tail, ca_list, c);
+ rule_p += 12;
+ if (*rule_p == ':')
+ rule_p++;
+ }
+ else if (strncmp(rule_str, "DEFAULT", 7) == 0) {
ok = ssl_cipher_process_rulestr(OSSL_default_cipher_list(),
&head, &tail, ca_list, c);
rule_p += 7;
Index: openssl-3.0.0-alpha7/test/recipes/99-test_suse_default_ciphers.t
Index: openssl-3.2.0/test/recipes/99-test_suse_default_ciphers.t
===================================================================
--- /dev/null
+++ openssl-3.0.0-alpha7/test/recipes/99-test_suse_default_ciphers.t
+++ openssl-3.2.0/test/recipes/99-test_suse_default_ciphers.t
@@ -0,0 +1,23 @@
+#! /usr/bin/env perl
+
@ -46,11 +26,11 @@ Index: openssl-3.0.0-alpha7/test/recipes/99-test_suse_default_ciphers.t
+ "$cipherlist should contain TLSv1.3 ciphers\n");
+}
+
Index: openssl-3.0.0-alpha7/include/openssl/ssl.h.in
Index: openssl-3.2.0/include/openssl/ssl.h.in
===================================================================
--- openssl-3.0.0-alpha7.orig/include/openssl/ssl.h.in
+++ openssl-3.0.0-alpha7/include/openssl/ssl.h.in
@@ -189,6 +189,11 @@ extern "C" {
--- openssl-3.2.0.orig/include/openssl/ssl.h.in
+++ openssl-3.2.0/include/openssl/ssl.h.in
@@ -194,6 +194,11 @@ extern "C" {
*/
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL"
@ -62,3 +42,23 @@ Index: openssl-3.0.0-alpha7/include/openssl/ssl.h.in
/*
* This is the default set of TLSv1.3 ciphersuites
* DEPRECATED IN 3.0.0, in favor of OSSL_default_ciphersuites()
Index: openssl-3.2.0/ssl/ssl_ciph.c
===================================================================
--- openssl-3.2.0.orig/ssl/ssl_ciph.c
+++ openssl-3.2.0/ssl/ssl_ciph.c
@@ -1623,7 +1623,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
*/
ok = 1;
rule_p = rule_str;
- if (HAS_PREFIX(rule_str, "DEFAULT")) {
+ if (HAS_PREFIX(rule_str, "DEFAULT_SUSE")) {
+ ok = ssl_cipher_process_rulestr(SSL_DEFAULT_SUSE_CIPHER_LIST,
+ &head, &tail, ca_list, c);
+ rule_p += 12;
+ if (*rule_p == ':')
+ rule_p++;
+ }
+ else if (HAS_PREFIX(rule_str, "DEFAULT")) {
ok = ssl_cipher_process_rulestr(OSSL_default_cipher_list(),
&head, &tail, ca_list, c);
rule_p += 7;

495
openssl-Improve-performance-for-6x-unrolling-with-vpermxor-i.patch
View File

@ -1,495 +0,0 @@
From 3d3a7ecd1ae5ab08d22041f7b3b035c34f12fa02 Mon Sep 17 00:00:00 2001
From: Danny Tsen <dtsen@linux.ibm.com>
Date: Tue, 22 Aug 2023 15:58:53 -0400
Subject: [PATCH] Improve performance for 6x unrolling with vpermxor
instruction
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21812)
---
crypto/aes/asm/aesp8-ppc.pl | 145 +++++++++++++++++++++++-------------
1 file changed, 95 insertions(+), 50 deletions(-)
diff --git a/crypto/aes/asm/aesp8-ppc.pl b/crypto/aes/asm/aesp8-ppc.pl
index 60cf86f52aed2..38b9405a283b7 100755
--- a/crypto/aes/asm/aesp8-ppc.pl
+++ b/crypto/aes/asm/aesp8-ppc.pl
@@ -99,11 +99,12 @@
.long 0x1b000000, 0x1b000000, 0x1b000000, 0x1b000000 ?rev
.long 0x0d0e0f0c, 0x0d0e0f0c, 0x0d0e0f0c, 0x0d0e0f0c ?rev
.long 0,0,0,0 ?asis
+.long 0x0f102132, 0x43546576, 0x8798a9ba, 0xcbdcedfe
Lconsts:
mflr r0
bcl 20,31,\$+4
mflr $ptr #vvvvv "distance between . and rcon
- addi $ptr,$ptr,-0x48
+ addi $ptr,$ptr,-0x58
mtlr r0
blr
.long 0
@@ -2405,7 +2406,7 @@ ()
my $key_=$key2;
my ($x00,$x10,$x20,$x30,$x40,$x50,$x60,$x70)=map("r$_",(0,3,26..31));
$x00=0 if ($flavour =~ /osx/);
-my ($in0, $in1, $in2, $in3, $in4, $in5 )=map("v$_",(0..5));
+my ($in0, $in1, $in2, $in3, $in4, $in5)=map("v$_",(0..5));
my ($out0, $out1, $out2, $out3, $out4, $out5)=map("v$_",(7,12..16));
my ($twk0, $twk1, $twk2, $twk3, $twk4, $twk5)=map("v$_",(17..22));
my $rndkey0="v23"; # v24-v25 rotating buffer for first found keys
@@ -2460,6 +2461,18 @@ ()
li $x70,0x70
mtspr 256,r0
+ # Reverse eighty7 to 0x010101..87
+ xxlor 2, 32+$eighty7, 32+$eighty7
+ vsldoi $eighty7,$tmp,$eighty7,1 # 0x010101..87
+ xxlor 1, 32+$eighty7, 32+$eighty7
+
+ # Load XOR contents. 0xf102132435465768798a9bacbdcedfe
+ mr $x70, r6
+ bl Lconsts
+ lxvw4x 0, $x40, r6 # load XOR contents
+ mr r6, $x70
+ li $x70,0x70
+
subi $rounds,$rounds,3 # -4 in total
lvx $rndkey0,$x00,$key1 # load key schedule
@@ -2502,69 +2515,77 @@ ()
?vperm v31,v31,$twk5,$keyperm
lvx v25,$x10,$key_ # pre-load round[2]
+ # Switch to use the following codes with 0x010101..87 to generate tweak.
+ # eighty7 = 0x010101..87
+ # vsrab tmp, tweak, seven # next tweak value, right shift 7 bits
+ # vand tmp, tmp, eighty7 # last byte with carry
+ # vaddubm tweak, tweak, tweak # left shift 1 bit (x2)
+ # xxlor vsx, 0, 0
+ # vpermxor tweak, tweak, tmp, vsx
+
vperm $in0,$inout,$inptail,$inpperm
subi $inp,$inp,31 # undo "caller"
vxor $twk0,$tweak,$rndkey0
vsrab $tmp,$tweak,$seven # next tweak value
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
vand $tmp,$tmp,$eighty7
vxor $out0,$in0,$twk0
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in1, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in1
lvx_u $in1,$x10,$inp
vxor $twk1,$tweak,$rndkey0
vsrab $tmp,$tweak,$seven # next tweak value
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
le?vperm $in1,$in1,$in1,$leperm
vand $tmp,$tmp,$eighty7
vxor $out1,$in1,$twk1
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in2, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in2
lvx_u $in2,$x20,$inp
andi. $taillen,$len,15
vxor $twk2,$tweak,$rndkey0
vsrab $tmp,$tweak,$seven # next tweak value
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
le?vperm $in2,$in2,$in2,$leperm
vand $tmp,$tmp,$eighty7
vxor $out2,$in2,$twk2
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in3, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in3
lvx_u $in3,$x30,$inp
sub $len,$len,$taillen
vxor $twk3,$tweak,$rndkey0
vsrab $tmp,$tweak,$seven # next tweak value
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
le?vperm $in3,$in3,$in3,$leperm
vand $tmp,$tmp,$eighty7
vxor $out3,$in3,$twk3
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in4, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in4
lvx_u $in4,$x40,$inp
subi $len,$len,0x60
vxor $twk4,$tweak,$rndkey0
vsrab $tmp,$tweak,$seven # next tweak value
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
le?vperm $in4,$in4,$in4,$leperm
vand $tmp,$tmp,$eighty7
vxor $out4,$in4,$twk4
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in5, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in5
lvx_u $in5,$x50,$inp
addi $inp,$inp,0x60
vxor $twk5,$tweak,$rndkey0
vsrab $tmp,$tweak,$seven # next tweak value
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
le?vperm $in5,$in5,$in5,$leperm
vand $tmp,$tmp,$eighty7
vxor $out5,$in5,$twk5
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in0, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in0
vxor v31,v31,$rndkey0
mtctr $rounds
@@ -2590,6 +2611,8 @@ ()
lvx v25,$x10,$key_ # round[4]
bdnz Loop_xts_enc6x
+ xxlor 32+$eighty7, 1, 1 # 0x010101..87
+
subic $len,$len,96 # $len-=96
vxor $in0,$twk0,v31 # xor with last round key
vcipher $out0,$out0,v24
@@ -2599,7 +2622,6 @@ ()
vaddubm $tweak,$tweak,$tweak
vcipher $out2,$out2,v24
vcipher $out3,$out3,v24
- vsldoi $tmp,$tmp,$tmp,15
vcipher $out4,$out4,v24
vcipher $out5,$out5,v24
@@ -2607,7 +2629,8 @@ ()
vand $tmp,$tmp,$eighty7
vcipher $out0,$out0,v25
vcipher $out1,$out1,v25
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in1, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in1
vcipher $out2,$out2,v25
vcipher $out3,$out3,v25
vxor $in1,$twk1,v31
@@ -2618,13 +2641,13 @@ ()
and r0,r0,$len
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
vcipher $out0,$out0,v26
vcipher $out1,$out1,v26
vand $tmp,$tmp,$eighty7
vcipher $out2,$out2,v26
vcipher $out3,$out3,v26
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in2, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in2
vcipher $out4,$out4,v26
vcipher $out5,$out5,v26
@@ -2638,7 +2661,6 @@ ()
vaddubm $tweak,$tweak,$tweak
vcipher $out0,$out0,v27
vcipher $out1,$out1,v27
- vsldoi $tmp,$tmp,$tmp,15
vcipher $out2,$out2,v27
vcipher $out3,$out3,v27
vand $tmp,$tmp,$eighty7
@@ -2646,7 +2668,8 @@ ()
vcipher $out5,$out5,v27
addi $key_,$sp,$FRAME+15 # rewind $key_
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in3, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in3
vcipher $out0,$out0,v28
vcipher $out1,$out1,v28
vxor $in3,$twk3,v31
@@ -2655,7 +2678,6 @@ ()
vcipher $out2,$out2,v28
vcipher $out3,$out3,v28
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
vcipher $out4,$out4,v28
vcipher $out5,$out5,v28
lvx v24,$x00,$key_ # re-pre-load round[1]
@@ -2663,7 +2685,8 @@ ()
vcipher $out0,$out0,v29
vcipher $out1,$out1,v29
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in4, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in4
vcipher $out2,$out2,v29
vcipher $out3,$out3,v29
vxor $in4,$twk4,v31
@@ -2673,14 +2696,14 @@ ()
vcipher $out5,$out5,v29
lvx v25,$x10,$key_ # re-pre-load round[2]
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
vcipher $out0,$out0,v30
vcipher $out1,$out1,v30
vand $tmp,$tmp,$eighty7
vcipher $out2,$out2,v30
vcipher $out3,$out3,v30
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in5, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in5
vcipher $out4,$out4,v30
vcipher $out5,$out5,v30
vxor $in5,$twk5,v31
@@ -2690,7 +2713,6 @@ ()
vcipherlast $out0,$out0,$in0
lvx_u $in0,$x00,$inp # load next input block
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
vcipherlast $out1,$out1,$in1
lvx_u $in1,$x10,$inp
vcipherlast $out2,$out2,$in2
@@ -2703,7 +2725,10 @@ ()
vcipherlast $out4,$out4,$in4
le?vperm $in2,$in2,$in2,$leperm
lvx_u $in4,$x40,$inp
- vxor $tweak,$tweak,$tmp
+ xxlor 10, 32+$in0, 32+$in0
+ xxlor 32+$in0, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in0
+ xxlor 32+$in0, 10, 10
vcipherlast $tmp,$out5,$in5 # last block might be needed
# in stealing mode
le?vperm $in3,$in3,$in3,$leperm
@@ -2736,6 +2761,8 @@ ()
mtctr $rounds
beq Loop_xts_enc6x # did $len-=96 borrow?
+ xxlor 32+$eighty7, 2, 2 # 0x870101..01
+
addic. $len,$len,0x60
beq Lxts_enc6x_zero
cmpwi $len,0x20
@@ -3112,6 +3139,18 @@ ()
li $x70,0x70
mtspr 256,r0
+ # Reverse eighty7 to 0x010101..87
+ xxlor 2, 32+$eighty7, 32+$eighty7
+ vsldoi $eighty7,$tmp,$eighty7,1 # 0x010101..87
+ xxlor 1, 32+$eighty7, 32+$eighty7
+
+ # Load XOR contents. 0xf102132435465768798a9bacbdcedfe
+ mr $x70, r6
+ bl Lconsts
+ lxvw4x 0, $x40, r6 # load XOR contents
+ mr r6, $x70
+ li $x70,0x70
+
subi $rounds,$rounds,3 # -4 in total
lvx $rndkey0,$x00,$key1 # load key schedule
@@ -3159,64 +3198,64 @@ ()
vxor $twk0,$tweak,$rndkey0
vsrab $tmp,$tweak,$seven # next tweak value
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
vand $tmp,$tmp,$eighty7
vxor $out0,$in0,$twk0
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in1, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in1
lvx_u $in1,$x10,$inp
vxor $twk1,$tweak,$rndkey0
vsrab $tmp,$tweak,$seven # next tweak value
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
le?vperm $in1,$in1,$in1,$leperm
vand $tmp,$tmp,$eighty7
vxor $out1,$in1,$twk1
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in2, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in2
lvx_u $in2,$x20,$inp
andi. $taillen,$len,15
vxor $twk2,$tweak,$rndkey0
vsrab $tmp,$tweak,$seven # next tweak value
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
le?vperm $in2,$in2,$in2,$leperm
vand $tmp,$tmp,$eighty7
vxor $out2,$in2,$twk2
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in3, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in3
lvx_u $in3,$x30,$inp
sub $len,$len,$taillen
vxor $twk3,$tweak,$rndkey0
vsrab $tmp,$tweak,$seven # next tweak value
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
le?vperm $in3,$in3,$in3,$leperm
vand $tmp,$tmp,$eighty7
vxor $out3,$in3,$twk3
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in4, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in4
lvx_u $in4,$x40,$inp
subi $len,$len,0x60
vxor $twk4,$tweak,$rndkey0
vsrab $tmp,$tweak,$seven # next tweak value
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
le?vperm $in4,$in4,$in4,$leperm
vand $tmp,$tmp,$eighty7
vxor $out4,$in4,$twk4
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in5, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in5
lvx_u $in5,$x50,$inp
addi $inp,$inp,0x60
vxor $twk5,$tweak,$rndkey0
vsrab $tmp,$tweak,$seven # next tweak value
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
le?vperm $in5,$in5,$in5,$leperm
vand $tmp,$tmp,$eighty7
vxor $out5,$in5,$twk5
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in0, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in0
vxor v31,v31,$rndkey0
mtctr $rounds
@@ -3242,6 +3281,8 @@ ()
lvx v25,$x10,$key_ # round[4]
bdnz Loop_xts_dec6x
+ xxlor 32+$eighty7, 1, 1
+
subic $len,$len,96 # $len-=96
vxor $in0,$twk0,v31 # xor with last round key
vncipher $out0,$out0,v24
@@ -3251,7 +3292,6 @@ ()
vaddubm $tweak,$tweak,$tweak
vncipher $out2,$out2,v24
vncipher $out3,$out3,v24
- vsldoi $tmp,$tmp,$tmp,15
vncipher $out4,$out4,v24
vncipher $out5,$out5,v24
@@ -3259,7 +3299,8 @@ ()
vand $tmp,$tmp,$eighty7
vncipher $out0,$out0,v25
vncipher $out1,$out1,v25
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in1, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in1
vncipher $out2,$out2,v25
vncipher $out3,$out3,v25
vxor $in1,$twk1,v31
@@ -3270,13 +3311,13 @@ ()
and r0,r0,$len
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
vncipher $out0,$out0,v26
vncipher $out1,$out1,v26
vand $tmp,$tmp,$eighty7
vncipher $out2,$out2,v26
vncipher $out3,$out3,v26
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in2, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in2
vncipher $out4,$out4,v26
vncipher $out5,$out5,v26
@@ -3290,7 +3331,6 @@ ()
vaddubm $tweak,$tweak,$tweak
vncipher $out0,$out0,v27
vncipher $out1,$out1,v27
- vsldoi $tmp,$tmp,$tmp,15
vncipher $out2,$out2,v27
vncipher $out3,$out3,v27
vand $tmp,$tmp,$eighty7
@@ -3298,7 +3338,8 @@ ()
vncipher $out5,$out5,v27
addi $key_,$sp,$FRAME+15 # rewind $key_
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in3, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in3
vncipher $out0,$out0,v28
vncipher $out1,$out1,v28
vxor $in3,$twk3,v31
@@ -3307,7 +3348,6 @@ ()
vncipher $out2,$out2,v28
vncipher $out3,$out3,v28
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
vncipher $out4,$out4,v28
vncipher $out5,$out5,v28
lvx v24,$x00,$key_ # re-pre-load round[1]
@@ -3315,7 +3355,8 @@ ()
vncipher $out0,$out0,v29
vncipher $out1,$out1,v29
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in4, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in4
vncipher $out2,$out2,v29
vncipher $out3,$out3,v29
vxor $in4,$twk4,v31
@@ -3325,14 +3366,14 @@ ()
vncipher $out5,$out5,v29
lvx v25,$x10,$key_ # re-pre-load round[2]
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
vncipher $out0,$out0,v30
vncipher $out1,$out1,v30
vand $tmp,$tmp,$eighty7
vncipher $out2,$out2,v30
vncipher $out3,$out3,v30
- vxor $tweak,$tweak,$tmp
+ xxlor 32+$in5, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in5
vncipher $out4,$out4,v30
vncipher $out5,$out5,v30
vxor $in5,$twk5,v31
@@ -3342,7 +3383,6 @@ ()
vncipherlast $out0,$out0,$in0
lvx_u $in0,$x00,$inp # load next input block
vaddubm $tweak,$tweak,$tweak
- vsldoi $tmp,$tmp,$tmp,15
vncipherlast $out1,$out1,$in1
lvx_u $in1,$x10,$inp
vncipherlast $out2,$out2,$in2
@@ -3355,7 +3395,10 @@ ()
vncipherlast $out4,$out4,$in4
le?vperm $in2,$in2,$in2,$leperm
lvx_u $in4,$x40,$inp
- vxor $tweak,$tweak,$tmp
+ xxlor 10, 32+$in0, 32+$in0
+ xxlor 32+$in0, 0, 0
+ vpermxor $tweak, $tweak, $tmp, $in0
+ xxlor 32+$in0, 10, 10
vncipherlast $out5,$out5,$in5
le?vperm $in3,$in3,$in3,$leperm
lvx_u $in5,$x50,$inp
@@ -3386,6 +3429,8 @@ ()
mtctr $rounds
beq Loop_xts_dec6x # did $len-=96 borrow?
+ xxlor 32+$eighty7, 2, 2
+
addic. $len,$len,0x60
beq Lxts_dec6x_zero
cmpwi $len,0x20

6
openssl-Override-default-paths-for-the-CA-directory-tree.patch
View File

@ -13,10 +13,10 @@ It needs to be reverted before running tests.
apps/openssl.cnf | 20 ++++++++++++++++++--
2 files changed, 19 insertions(+), 3 deletions(-)
Index: openssl-3.0.1/apps/openssl.cnf
Index: openssl-3.2.0/apps/openssl.cnf
===================================================================
--- openssl-3.0.1.orig/apps/openssl.cnf
+++ openssl-3.0.1/apps/openssl.cnf
--- openssl-3.2.0.orig/apps/openssl.cnf
+++ openssl-3.2.0/apps/openssl.cnf
@@ -52,6 +52,8 @@ tsa_policy3 = 1.2.3.4.5.7
[openssl_init]

37
openssl-Revert-Makefile-Call-mknum.pl-on-make-ordinals-only-if.patch Normal file
View File

@ -0,0 +1,37 @@
From 0e55c3ab8d702ffc897c9beb51d19b14b7896182 Mon Sep 17 00:00:00 2001
From: "Dr. David von Oheimb" <David.von.Oheimb@siemens.com>
Date: Tue, 11 May 2021 12:59:03 +0200
Subject: [PATCH] Makefile: Call mknum.pl on 'make ordinals' only if needed
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/15224)
---
Configurations/unix-Makefile.tmpl | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
Index: openssl-3.2.0/Configurations/unix-Makefile.tmpl
===================================================================
--- openssl-3.2.0.orig/Configurations/unix-Makefile.tmpl
+++ openssl-3.2.0/Configurations/unix-Makefile.tmpl
@@ -1368,18 +1368,15 @@ renumber: build_generated
--renumber \
$(SSLHEADERS)
-$(SRCDIR)/util/libcrypto.num: $(CRYPTOHEADERS) $(SRCDIR)/include/openssl/symhacks.h
+ordinals: build_generated
$(PERL) $(SRCDIR)/util/mknum.pl --version $(VERSION_NUMBER) --no-warnings \
--ordinals $(SRCDIR)/util/libcrypto.num \
--symhacks $(SRCDIR)/include/openssl/symhacks.h \
$(CRYPTOHEADERS)
-$(SRCDIR)/util/libssl.num: $(SSLHEADERS) $(SRCDIR)/include/openssl/symhacks.h
$(PERL) $(SRCDIR)/util/mknum.pl --version $(VERSION_NUMBER) --no-warnings \
--ordinals $(SRCDIR)/util/libssl.num \
--symhacks $(SRCDIR)/include/openssl/symhacks.h \
$(SSLHEADERS)
-.PHONY: ordinals
-ordinals: build_generated $(SRCDIR)/util/libcrypto.num $(SRCDIR)/util/libssl.num
test_ordinals:
$(MAKE) run_tests TESTS=test_ordinals

2159
openssl-ec-56-bit-Limb-Solinas-Strategy-for-secp384r1.patch
View File

File diff suppressed because it is too large Load Diff

65
openssl-ec-Use-static-linkage-on-nistp521-felem_-square-mul-.patch
View File

@ -1,65 +0,0 @@
From 3e47a286dc3274bda72a196c3a4030a1fc8302f1 Mon Sep 17 00:00:00 2001
From: Rohan McLure <rohanmclure@linux.ibm.com>
Date: Fri, 23 Jun 2023 16:41:48 +1000
Subject: [PATCH] ec: Use static linkage on nistp521 felem_{square,mul}
wrappers
Runtime selection of implementations for felem_{square,mul} depends on
felem_{square,mul}_wrapper functions, which overwrite function points in
a similar design to that of .plt.got sections used by program loaders
during dynamic linking.
There's no reason why these functions need to have external linkage.
Mark static.
Signed-off-by: Rohan McLure <rohanmclure@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21471)
---
crypto/ec/ecp_nistp521.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
index 97815cac1f13..32a9268ecf17 100644
--- a/crypto/ec/ecp_nistp521.c
+++ b/crypto/ec/ecp_nistp521.c
@@ -676,8 +676,8 @@ static void felem_reduce(felem out, const largefelem in)
}
#if defined(ECP_NISTP521_ASM)
-void felem_square_wrapper(largefelem out, const felem in);
-void felem_mul_wrapper(largefelem out, const felem in1, const felem in2);
+static void felem_square_wrapper(largefelem out, const felem in);
+static void felem_mul_wrapper(largefelem out, const felem in1, const felem in2);
static void (*felem_square_p)(largefelem out, const felem in) =
felem_square_wrapper;
@@ -691,7 +691,7 @@ void p521_felem_mul(largefelem out, const felem in1, const felem in2);
# include "crypto/ppc_arch.h"
# endif
-void felem_select(void)
+static void felem_select(void)
{
# if defined(_ARCH_PPC64)
if ((OPENSSL_ppccap_P & PPC_MADD300) && (OPENSSL_ppccap_P & PPC_ALTIVEC)) {
@@ -707,13 +707,13 @@ void felem_select(void)
felem_mul_p = felem_mul_ref;
}
-void felem_square_wrapper(largefelem out, const felem in)
+static void felem_square_wrapper(largefelem out, const felem in)
{
felem_select();
felem_square_p(out, in);
}
-void felem_mul_wrapper(largefelem out, const felem in1, const felem in2)
+static void felem_mul_wrapper(largefelem out, const felem in1, const felem in2)
{
felem_select();
felem_mul_p(out, in1, in2);

428
openssl-ec-powerpc64le-Add-asm-implementation-of-felem_-squa.patch
View File

@ -1,428 +0,0 @@
From 966047ee13188e8634af25af348940acceb9316d Mon Sep 17 00:00:00 2001
From: Rohan McLure <rohanmclure@linux.ibm.com>
Date: Wed, 31 May 2023 14:32:26 +1000
Subject: [PATCH] ec: powerpc64le: Add asm implementation of felem_{square,mul}
Add an assembly implementation of felem_{square,mul}, which will be
implemented whenever Altivec support is present and the core implements
ISA 3.0 (Power 9) or greater.
Signed-off-by: Rohan McLure <rohanmclure@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21471)
---
crypto/ec/asm/ecp_nistp384-ppc64.pl | 355 ++++++++++++++++++++++++++++
crypto/ec/build.info | 6 +-
crypto/ec/ecp_nistp384.c | 9 +
3 files changed, 368 insertions(+), 2 deletions(-)
create mode 100755 crypto/ec/asm/ecp_nistp384-ppc64.pl
diff --git a/crypto/ec/asm/ecp_nistp384-ppc64.pl b/crypto/ec/asm/ecp_nistp384-ppc64.pl
new file mode 100755
index 000000000000..3f86b391af69
--- /dev/null
+++ b/crypto/ec/asm/ecp_nistp384-ppc64.pl
@@ -0,0 +1,355 @@
+#! /usr/bin/env perl
+# Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+#
+# ====================================================================
+# Written by Rohan McLure <rmclure@linux.ibm.com> for the OpenSSL
+# project.
+# ====================================================================
+#
+# p384 lower-level primitives for PPC64 using vector instructions.
+#
+
+use strict;
+use warnings;
+
+my $flavour = shift;
+my $output = "";
+while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {}
+if (!$output) {
+ $output = "-";
+}
+
+my ($xlate, $dir);
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+my $code = "";
+
+my ($sp, $outp, $savelr, $savesp) = ("r1", "r3", "r10", "r12");
+
+my $vzero = "v32";
+
+sub startproc($)
+{
+ my ($name) = @_;
+
+ $code.=<<___;
+ .globl ${name}
+ .align 5
+${name}:
+
+___
+}
+
+sub endproc($)
+{
+ my ($name) = @_;
+
+ $code.=<<___;
+ blr
+ .size ${name},.-${name}
+
+___
+}
+
+
+sub push_vrs($$)
+{
+ my ($min, $max) = @_;
+
+ my $count = $max - $min + 1;
+
+ $code.=<<___;
+ mr $savesp,$sp
+ stdu $sp,-16*`$count+1`($sp)
+
+___
+ for (my $i = $min; $i <= $max; $i++) {
+ my $mult = $max - $i + 1;
+ $code.=<<___;
+ stxv $i,-16*$mult($savesp)
+___
+
+ }
+
+ $code.=<<___;
+
+___
+}
+
+sub pop_vrs($$)
+{
+ my ($min, $max) = @_;
+
+ $code.=<<___;
+ ld $savesp,0($sp)
+___
+ for (my $i = $min; $i <= $max; $i++) {
+ my $mult = $max - $i + 1;
+ $code.=<<___;
+ lxv $i,-16*$mult($savesp)
+___
+ }
+
+ $code.=<<___;
+ mr $sp,$savesp
+
+___
+}
+
+sub load_vrs($$)
+{
+ my ($pointer, $reg_list) = @_;
+
+ for (my $i = 0; $i <= 6; $i++) {
+ my $offset = $i * 8;
+ $code.=<<___;
+ lxsd $reg_list->[$i],$offset($pointer)
+___
+ }
+
+ $code.=<<___;
+
+___
+}
+
+sub store_vrs($$)
+{
+ my ($pointer, $reg_list) = @_;
+
+ for (my $i = 0; $i <= 12; $i++) {
+ my $offset = $i * 16;
+ $code.=<<___;
+ stxv $reg_list->[$i],$offset($pointer)
+___
+ }
+
+ $code.=<<___;
+
+___
+}
+
+$code.=<<___;
+.machine "any"
+.text
+
+___
+
+{
+ # mul/square common
+ my ($t1, $t2, $t3, $t4) = ("v33", "v34", "v42", "v43");
+ my ($zero, $one) = ("r8", "r9");
+ my $out = "v51";
+
+ {
+ #
+ # p384_felem_mul
+ #
+
+ my ($in1p, $in2p) = ("r4", "r5");
+ my @in1 = map("v$_",(44..50));
+ my @in2 = map("v$_",(35..41));
+
+ startproc("p384_felem_mul");
+
+ push_vrs(52, 63);
+
+ $code.=<<___;
+ vspltisw $vzero,0
+
+___
+
+ load_vrs($in1p, \@in1);
+ load_vrs($in2p, \@in2);
+
+ $code.=<<___;
+ vmsumudm $out,$in1[0],$in2[0],$vzero
+ stxv $out,0($outp)
+
+ xxpermdi $t1,$in1[0],$in1[1],0b00
+ xxpermdi $t2,$in2[1],$in2[0],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ stxv $out,16($outp)
+
+ xxpermdi $t2,$in2[2],$in2[1],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ vmsumudm $out,$in1[2],$in2[0],$out
+ stxv $out,32($outp)
+
+ xxpermdi $t2,$in2[1],$in2[0],0b00
+ xxpermdi $t3,$in1[2],$in1[3],0b00
+ xxpermdi $t4,$in2[3],$in2[2],0b00
+ vmsumudm $out,$t1,$t4,$vzero
+ vmsumudm $out,$t3,$t2,$out
+ stxv $out,48($outp)
+
+ xxpermdi $t2,$in2[4],$in2[3],0b00
+ xxpermdi $t4,$in2[2],$in2[1],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ vmsumudm $out,$t3,$t4,$out
+ vmsumudm $out,$in1[4],$in2[0],$out
+ stxv $out,64($outp)
+
+ xxpermdi $t2,$in2[5],$in2[4],0b00
+ xxpermdi $t4,$in2[3],$in2[2],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ vmsumudm $out,$t3,$t4,$out
+ xxpermdi $t4,$in2[1],$in2[0],0b00
+ xxpermdi $t1,$in1[4],$in1[5],0b00
+ vmsumudm $out,$t1,$t4,$out
+ stxv $out,80($outp)
+
+ xxpermdi $t1,$in1[0],$in1[1],0b00
+ xxpermdi $t2,$in2[6],$in2[5],0b00
+ xxpermdi $t4,$in2[4],$in2[3],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ vmsumudm $out,$t3,$t4,$out
+ xxpermdi $t2,$in2[2],$in2[1],0b00
+ xxpermdi $t1,$in1[4],$in1[5],0b00
+ vmsumudm $out,$t1,$t2,$out
+ vmsumudm $out,$in1[6],$in2[0],$out
+ stxv $out,96($outp)
+
+ xxpermdi $t1,$in1[1],$in1[2],0b00
+ xxpermdi $t2,$in2[6],$in2[5],0b00
+ xxpermdi $t3,$in1[3],$in1[4],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ vmsumudm $out,$t3,$t4,$out
+ xxpermdi $t3,$in2[2],$in2[1],0b00
+ xxpermdi $t1,$in1[5],$in1[6],0b00
+ vmsumudm $out,$t1,$t3,$out
+ stxv $out,112($outp)
+
+ xxpermdi $t1,$in1[2],$in1[3],0b00
+ xxpermdi $t3,$in1[4],$in1[5],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ vmsumudm $out,$t3,$t4,$out
+ vmsumudm $out,$in1[6],$in2[2],$out
+ stxv $out,128($outp)
+
+ xxpermdi $t1,$in1[3],$in1[4],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ xxpermdi $t1,$in1[5],$in1[6],0b00
+ vmsumudm $out,$t1,$t4,$out
+ stxv $out,144($outp)
+
+ vmsumudm $out,$t3,$t2,$vzero
+ vmsumudm $out,$in1[6],$in2[4],$out
+ stxv $out,160($outp)
+
+ vmsumudm $out,$t1,$t2,$vzero
+ stxv $out,176($outp)
+
+ vmsumudm $out,$in1[6],$in2[6],$vzero
+ stxv $out,192($outp)
+___
+
+ endproc("p384_felem_mul");
+ }
+
+ {
+ #
+ # p384_felem_square
+ #
+
+ my ($inp) = ("r4");
+ my @in = map("v$_",(44..50));
+ my @inx2 = map("v$_",(35..41));
+
+ startproc("p384_felem_square");
+
+ push_vrs(52, 63);
+
+ $code.=<<___;
+ vspltisw $vzero,0
+
+___
+
+ load_vrs($inp, \@in);
+
+ $code.=<<___;
+ li $zero,0
+ li $one,1
+ mtvsrdd $t1,$one,$zero
+___
+
+ for (my $i = 0; $i <= 6; $i++) {
+ $code.=<<___;
+ vsld $inx2[$i],$in[$i],$t1
+___
+ }
+
+ $code.=<<___;
+ vmsumudm $out,$in[0],$in[0],$vzero
+ stxv $out,0($outp)
+
+ vmsumudm $out,$in[0],$inx2[1],$vzero
+ stxv $out,16($outp)
+
+ vmsumudm $out,$in[0],$inx2[2],$vzero
+ vmsumudm $out,$in[1],$in[1],$out
+ stxv $out,32($outp)
+
+ xxpermdi $t1,$in[0],$in[1],0b00
+ xxpermdi $t2,$inx2[3],$inx2[2],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ stxv $out,48($outp)
+
+ xxpermdi $t4,$inx2[4],$inx2[3],0b00
+ vmsumudm $out,$t1,$t4,$vzero
+ vmsumudm $out,$in[2],$in[2],$out
+ stxv $out,64($outp)
+
+ xxpermdi $t2,$inx2[5],$inx2[4],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ vmsumudm $out,$in[2],$inx2[3],$out
+ stxv $out,80($outp)
+
+ xxpermdi $t2,$inx2[6],$inx2[5],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ vmsumudm $out,$in[2],$inx2[4],$out
+ vmsumudm $out,$in[3],$in[3],$out
+ stxv $out,96($outp)
+
+ xxpermdi $t3,$in[1],$in[2],0b00
+ vmsumudm $out,$t3,$t2,$vzero
+ vmsumudm $out,$in[3],$inx2[4],$out
+ stxv $out,112($outp)
+
+ xxpermdi $t1,$in[2],$in[3],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ vmsumudm $out,$in[4],$in[4],$out
+ stxv $out,128($outp)
+
+ xxpermdi $t1,$in[3],$in[4],0b00
+ vmsumudm $out,$t1,$t2,$vzero
+ stxv $out,144($outp)
+
+ vmsumudm $out,$in[4],$inx2[6],$vzero
+ vmsumudm $out,$in[5],$in[5],$out
+ stxv $out,160($outp)
+
+ vmsumudm $out,$in[5],$inx2[6],$vzero
+ stxv $out,176($outp)
+
+ vmsumudm $out,$in[6],$in[6],$vzero
+ stxv $out,192($outp)
+___
+
+ endproc("p384_felem_square");
+ }
+}
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/ec/build.info b/crypto/ec/build.info
index 1fa60a1deddd..4077bead7bdb 100644
--- a/crypto/ec/build.info
+++ b/crypto/ec/build.info
@@ -39,8 +39,9 @@ IF[{- !$disabled{asm} -}]
$ECASM_ppc64=ecp_nistz256.c ecp_ppc.c ecp_nistz256-ppc64.s x25519-ppc64.s
$ECDEF_ppc64=ECP_NISTZ256_ASM X25519_ASM
IF[{- !$disabled{'ec_nistp_64_gcc_128'} -}]
- $ECASM_ppc64=$ECASM_ppc64 ecp_nistp521-ppc64.s
- $ECDEF_ppc64=$ECDEF_ppc64 ECP_NISTP521_ASM
+ $ECASM_ppc64=$ECASM_ppc64 ecp_nistp384-ppc64.s ecp_nistp521-ppc64.s
+ $ECDEF_ppc64=$ECDEF_ppc64 ECP_NISTP384_ASM ECP_NISTP521_ASM
+ INCLUDE[ecp_nistp384.o]=..
INCLUDE[ecp_nistp521.o]=..
ENDIF
@@ -119,6 +120,7 @@ GENERATE[ecp_nistz256-armv8.S]=asm/ecp_nistz256-armv8.pl
INCLUDE[ecp_nistz256-armv8.o]=..
GENERATE[ecp_nistz256-ppc64.s]=asm/ecp_nistz256-ppc64.pl
+GENERATE[ecp_nistp384-ppc64.s]=asm/ecp_nistp384-ppc64.pl
GENERATE[ecp_nistp521-ppc64.s]=asm/ecp_nistp521-ppc64.pl
GENERATE[x25519-x86_64.s]=asm/x25519-x86_64.pl
diff --git a/crypto/ec/ecp_nistp384.c b/crypto/ec/ecp_nistp384.c
index a0559487ed4e..14f9530d07c6 100644
--- a/crypto/ec/ecp_nistp384.c
+++ b/crypto/ec/ecp_nistp384.c
@@ -691,6 +691,15 @@ void p384_felem_mul(widefelem out, const felem in1, const felem in2);
static void felem_select(void)
{
+# if defined(_ARCH_PPC64)
+ if ((OPENSSL_ppccap_P & PPC_MADD300) && (OPENSSL_ppccap_P & PPC_ALTIVEC)) {
+ felem_square_p = p384_felem_square;
+ felem_mul_p = p384_felem_mul;
+
+ return;
+ }
+# endif
+
/* Default */
felem_square_p = felem_square_ref;
felem_mul_p = felem_mul_ref;

76
openssl-ecc-Remove-extraneous-parentheses-in-secp384r1.patch
View File

@ -1,76 +0,0 @@
From 670e73d9084465384b11ef24802ca4a313e1d2f4 Mon Sep 17 00:00:00 2001
From: Rohan McLure <rohanmclure@linux.ibm.com>
Date: Tue, 15 Aug 2023 15:20:20 +1000
Subject: [PATCH] ecc: Remove extraneous parentheses in secp384r1
Substitutions in the felem_reduce() method feature unecessary
parentheses, remove them.
Signed-off-by: Rohan McLure <rohan.mclure@linux.ibm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21749)
---
crypto/ec/ecp_nistp384.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/crypto/ec/ecp_nistp384.c b/crypto/ec/ecp_nistp384.c
index 14f9530d07c6..ff68f9cc7ad0 100644
--- a/crypto/ec/ecp_nistp384.c
+++ b/crypto/ec/ecp_nistp384.c
@@ -540,7 +540,7 @@ static void felem_reduce(felem out, const widefelem in)
acc[7] += in[12] >> 8;
acc[6] += (in[12] & 0xff) << 48;
acc[6] -= in[12] >> 16;
- acc[5] -= ((in[12] & 0xffff) << 40);
+ acc[5] -= (in[12] & 0xffff) << 40;
acc[6] += in[12] >> 48;
acc[5] += (in[12] & 0xffffffffffff) << 8;
@@ -549,7 +549,7 @@ static void felem_reduce(felem out, const widefelem in)
acc[6] += in[11] >> 8;
acc[5] += (in[11] & 0xff) << 48;
acc[5] -= in[11] >> 16;
- acc[4] -= ((in[11] & 0xffff) << 40);
+ acc[4] -= (in[11] & 0xffff) << 40;
acc[5] += in[11] >> 48;
acc[4] += (in[11] & 0xffffffffffff) << 8;
@@ -558,7 +558,7 @@ static void felem_reduce(felem out, const widefelem in)
acc[5] += in[10] >> 8;
acc[4] += (in[10] & 0xff) << 48;
acc[4] -= in[10] >> 16;
- acc[3] -= ((in[10] & 0xffff) << 40);
+ acc[3] -= (in[10] & 0xffff) << 40;
acc[4] += in[10] >> 48;
acc[3] += (in[10] & 0xffffffffffff) << 8;
@@ -567,7 +567,7 @@ static void felem_reduce(felem out, const widefelem in)
acc[4] += in[9] >> 8;
acc[3] += (in[9] & 0xff) << 48;
acc[3] -= in[9] >> 16;
- acc[2] -= ((in[9] & 0xffff) << 40);
+ acc[2] -= (in[9] & 0xffff) << 40;
acc[3] += in[9] >> 48;
acc[2] += (in[9] & 0xffffffffffff) << 8;
@@ -582,7 +582,7 @@ static void felem_reduce(felem out, const widefelem in)
acc[3] += acc[8] >> 8;
acc[2] += (acc[8] & 0xff) << 48;
acc[2] -= acc[8] >> 16;
- acc[1] -= ((acc[8] & 0xffff) << 40);
+ acc[1] -= (acc[8] & 0xffff) << 40;
acc[2] += acc[8] >> 48;
acc[1] += (acc[8] & 0xffffffffffff) << 8;
@@ -591,7 +591,7 @@ static void felem_reduce(felem out, const widefelem in)
acc[2] += acc[7] >> 8;
acc[1] += (acc[7] & 0xff) << 48;
acc[1] -= acc[7] >> 16;
- acc[0] -= ((acc[7] & 0xffff) << 40);
+ acc[0] -= (acc[7] & 0xffff) << 40;
acc[1] += acc[7] >> 48;
acc[0] += (acc[7] & 0xffffffffffff) << 8;

13
openssl-no-date.patch
View File

@ -1,13 +0,0 @@
Index: openssl-1.1.1-pre1/util/mkbuildinf.pl
===================================================================
--- openssl-1.1.1-pre1.orig/util/mkbuildinf.pl 2018-02-13 16:31:28.011389734 +0100
+++ openssl-1.1.1-pre1/util/mkbuildinf.pl 2018-02-13 16:31:51.539764582 +0100
@@ -28,7 +28,7 @@ print <<"END_OUTPUT";
*/
#define PLATFORM "platform: $platform"
-#define DATE "built on: $date"
+#define DATE ""
/*
* Generate compiler_flags as an array of individual characters. This is a

16
openssl-no-html-docs.patch
View File

@ -1,13 +1,13 @@
Index: openssl-3.1.4/Configurations/unix-Makefile.tmpl
Index: openssl-3.2.0/Configurations/unix-Makefile.tmpl
===================================================================
--- openssl-3.1.4.orig/Configurations/unix-Makefile.tmpl
+++ openssl-3.1.4/Configurations/unix-Makefile.tmpl
@@ -611,7 +611,7 @@ install_sw: install_dev install_engines
--- openssl-3.2.0.orig/Configurations/unix-Makefile.tmpl
+++ openssl-3.2.0/Configurations/unix-Makefile.tmpl
@@ -632,7 +632,7 @@ install_sw: install_dev install_engines
uninstall_sw: uninstall_runtime uninstall_modules uninstall_engines uninstall_dev
uninstall_sw: uninstall_runtime uninstall_modules uninstall_engines uninstall_dev ## Uninstall the software and libraries
-install_docs: install_man_docs install_html_docs
+install_docs: install_man_docs
-install_docs: install_man_docs install_html_docs ## Install manpages and HTML documentation
+install_docs: install_man_docs ## Install manpages and HTML documentation
uninstall_docs: uninstall_man_docs uninstall_html_docs
uninstall_docs: uninstall_man_docs uninstall_html_docs ## Uninstall manpages and HTML documentation
$(RM) -r "$(DESTDIR)$(DOCDIR)"

10
openssl-pkgconfig.patch
View File

@ -1,8 +1,8 @@
Index: openssl-1.1.1-pre3/Configurations/unix-Makefile.tmpl
Index: openssl-3.2.0/Configurations/unix-Makefile.tmpl
===================================================================
--- openssl-1.1.1-pre3.orig/Configurations/unix-Makefile.tmpl 2018-03-20 15:20:03.037124698 +0100
+++ openssl-1.1.1-pre3/Configurations/unix-Makefile.tmpl 2018-03-20 15:21:04.206084731 +0100
@@ -843,7 +843,7 @@ libcrypto.pc:
--- openssl-3.2.0.orig/Configurations/unix-Makefile.tmpl
+++ openssl-3.2.0/Configurations/unix-Makefile.tmpl
@@ -1454,7 +1454,7 @@ libcrypto.pc:
echo 'Version: '$(VERSION); \
echo 'Libs: -L$${libdir} -lcrypto'; \
echo 'Libs.private: $(LIB_EX_LIBS)'; \
@ -11,7 +11,7 @@ Index: openssl-1.1.1-pre3/Configurations/unix-Makefile.tmpl
libssl.pc:
@ ( echo 'prefix=$(INSTALLTOP)'; \
@@ -860,7 +860,7 @@ libssl.pc:
@@ -1471,7 +1471,7 @@ libssl.pc:
echo 'Version: '$(VERSION); \
echo 'Requires.private: libcrypto'; \
echo 'Libs: -L$${libdir} -lssl'; \

96
openssl-powerpc-ecc-Fix-stack-allocation-secp384r1-asm.patch
View File

@ -1,96 +0,0 @@
From 50f8b936b00dc18ce1f622a7a6aa46daf03da48b Mon Sep 17 00:00:00 2001
From: Rohan McLure <rohanmclure@linux.ibm.com>
Date: Wed, 16 Aug 2023 16:52:47 +1000
Subject: [PATCH] powerpc: ecc: Fix stack allocation secp384r1 asm
Assembly acceleration secp384r1 opts to not use any callee-save VSRs, as
VSX enabled systems make extensive use of renaming, and so writebacks in
felem_{mul,square}() can be reordered for best cache effects.
Remove stack allocations. This in turn fixes unmatched push/pops in
felem_{mul,square}().
Signed-off-by: Rohan McLure <rohan.mclure@linux.ibm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21749)
---
crypto/ec/asm/ecp_nistp384-ppc64.pl | 49 -----------------------------
1 file changed, 49 deletions(-)
diff --git a/crypto/ec/asm/ecp_nistp384-ppc64.pl b/crypto/ec/asm/ecp_nistp384-ppc64.pl
index 3f86b391af69..28f4168e5218 100755
--- a/crypto/ec/asm/ecp_nistp384-ppc64.pl
+++ b/crypto/ec/asm/ecp_nistp384-ppc64.pl
@@ -62,51 +62,6 @@ ($)
___
}
-
-sub push_vrs($$)
-{
- my ($min, $max) = @_;
-
- my $count = $max - $min + 1;
-
- $code.=<<___;
- mr $savesp,$sp
- stdu $sp,-16*`$count+1`($sp)
-
-___
- for (my $i = $min; $i <= $max; $i++) {
- my $mult = $max - $i + 1;
- $code.=<<___;
- stxv $i,-16*$mult($savesp)
-___
-
- }
-
- $code.=<<___;
-
-___
-}
-
-sub pop_vrs($$)
-{
- my ($min, $max) = @_;
-
- $code.=<<___;
- ld $savesp,0($sp)
-___
- for (my $i = $min; $i <= $max; $i++) {
- my $mult = $max - $i + 1;
- $code.=<<___;
- lxv $i,-16*$mult($savesp)
-___
- }
-
- $code.=<<___;
- mr $sp,$savesp
-
-___
-}
-
sub load_vrs($$)
{
my ($pointer, $reg_list) = @_;
@@ -162,8 +117,6 @@ ($$)
startproc("p384_felem_mul");
- push_vrs(52, 63);
-
$code.=<<___;
vspltisw $vzero,0
@@ -268,8 +221,6 @@ ($$)
startproc("p384_felem_square");
- push_vrs(52, 63);
-
$code.=<<___;
vspltisw $vzero,0

8
openssl-ppc64-config.patch
View File

@ -1,8 +1,8 @@
Index: openssl-3.0.0-alpha5/util/perl/OpenSSL/config.pm
Index: openssl-3.2.0/util/perl/OpenSSL/config.pm
===================================================================
--- openssl-3.0.0-alpha5.orig/util/perl/OpenSSL/config.pm
+++ openssl-3.0.0-alpha5/util/perl/OpenSSL/config.pm
@@ -525,14 +525,19 @@ EOF
--- openssl-3.2.0.orig/util/perl/OpenSSL/config.pm
+++ openssl-3.2.0/util/perl/OpenSSL/config.pm
@@ -584,14 +584,19 @@ EOF
return { target => "linux-ppc64" } if $KERNEL_BITS eq '64';
my %config = ();

8
openssl-truststore.patch
View File

@ -1,10 +1,10 @@
Don't use the legacy /etc/ssl/certs directory anymore but rather the
p11-kit generated /var/lib/ca-certificates/openssl one (fate#314991)
Index: openssl-1.1.1-pre1/include/internal/cryptlib.h
Index: openssl-3.2.0/include/internal/common.h
===================================================================
--- openssl-1.1.1-pre1.orig/include/internal/cryptlib.h 2018-02-13 14:48:12.000000000 +0100
+++ openssl-1.1.1-pre1/include/internal/cryptlib.h 2018-02-13 16:30:11.738161984 +0100
@@ -59,8 +59,8 @@ DEFINE_LHASH_OF(MEM);
--- openssl-3.2.0.orig/include/internal/common.h
+++ openssl-3.2.0/include/internal/common.h
@@ -82,8 +82,8 @@ __owur static ossl_inline int ossl_asser
# ifndef OPENSSL_SYS_VMS
# define X509_CERT_AREA OPENSSLDIR