MFV: openssl 3.5.7

This change is a security release which resolves several issues with OpenSSL 3.5,
the highest severity issue being ranked "High". Users are strongly encouraged to
update to this release.

More information about the release (from a high level) can be found in
the release notes [1].

1. https://github.com/openssl/openssl/blob/openssl-3.5.7/NEWS.md

All conflicts were resolved with `--theirs`, taking the release diff
over the local diff; the conflicts occurred due to preemptive security
fixes applied by so@ in e508c343.

MFC after:	3 days (the important security issues have been
preemptively addressed)
Merge commit '3a71a35ad9dad0e5d2cad8efecc8ba9d57c42d43'

Conflicts:
	crypto/openssl/include/internal/quic_channel.h
	crypto/openssl/ssl/quic/quic_channel_local.h
	crypto/openssl/ssl/quic/quic_rx_depack.c
	crypto/openssl/test/cmsapitest.c
	crypto/openssl/test/evp_extra_test.c
This commit is contained in:
Enji Cooper
2026-06-10 08:25:28 -07:00
202 changed files with 7603 additions and 35267 deletions
+316
View File
@@ -28,6 +28,303 @@ OpenSSL Releases
OpenSSL 3.5
-----------
### Changes between 3.5.6 and 3.5.7 [9 Jun 2026]
* Fixed heap use-after-free in `PKCS7_verify()`.
Severity: High
Issue summary: A specially crafted PKCS#7 or S/MIME signed message could
trigger a use-after-free during PKCS#7 signature verification.
Impact summary: A use-after-free may result in process crashes, heap
corruption, or, potentially, remote code execution.
Reported by: Thai Duong (Calif.io in collaboration with Claude
and Anthropic Research).
([CVE-2026-45447])
*Igor Ustinov*
* Fixed CMS `AuthEnvelopedData` processing may accept forged messages.
Severity: Moderate
Issue Summary: Cryptographic Message Services (CMS) processing fails
to perform sufficient input validation on the cipher and tag length fields
of `AuthEnvelopedData` containers, leading to various potential compromises.
Impact Summary: Attackers making use of these vulnerabilities may achieve
key-equivalent functionality for a given CMS recipient and/or bypass
integrity validation for a given message.
Reported by: Asim Viladi Oglu Manizada, Alex Gaynor (Anthropic),
Ying Dong, and Haiyang Huang.
([CVE-2026-34182])
*Neil Horman*
* Fixed unbounded memory growth in the QUIC `PATH_CHALLENGE` handler.
Severity: Moderate
Issue summary: Remote peer may exhaust heap memory of the QUIC server
or client by flooding it with packets containing `PATH_CHALLENGE` frames.
Impact summary: A malicious remote peer can cause an unbounded memory
allocation which can lead to an abnormal termination of the application
acting as a QUIC client or server and a Denial of Service.
Reported by: Abhinav Agarwal.
([CVE-2026-34183])
*Abhinav Agarwal and Alexandr Nedvedicky*
* Fixed NULL pointer dereference in QUIC server initial packet handling.
Severity: Moderate
Issue summary: Receiving a QUIC initial packet with an invalid token
may trigger a NULL pointer dereference in the OpenSSL QUIC server
with address validation disabled.
Impact summary: NULL pointer dereference typically causes abnormal
termination of the affected QUIC server process and a Denial of Service.
Reported by: Sunwoo Lee (KENTECH), Hyuk Lim (KENTECH),
and Seunghyun Yoon (KENTECH).
([CVE-2026-42764])
*Sunwoo Lee (KENTECH), Hyuk Lim (KENTECH), and Seunghyun Yoon (KENTECH)*
* Fixed AES-OCB IV ignored on `EVP_Cipher()` path.
Severity: Moderate
Issue summary: When an application drives an AES-OCB context through
the public `EVP_Cipher()` one-shot interface, the application-supplied
initialisation vector (IV) is silently discarded.
Impact summary: Every message encrypted under the same key uses the same
effective nonce regardless of the IV supplied by the caller, resulting
in `(key, nonce)` reuse and loss of confidentiality. If the same code path
is used to compute the authentication tag, the tag depends only
on the `(key, IV)` pair and not on the plaintext or ciphertext, allowing
universal forgery of arbitrary ciphertext from a single captured message.
Reported by: Alex Gaynor (Anthropic).
([CVE-2026-45445])
*Viktor Dukhovni*
* Fixed possible heap buffer overflow in ASN.1 multibyte string conversion.
Severity: Low
Issue summary: A signed integer overflow when sizing the destination
buffer for Unicode output in `ASN1_mbstring_ncopy()` can lead to a heap
buffer overflow.
Impact summary: A heap buffer overflow may lead to a crash or possibly
attacker controlled code execution or other undefined behaviour.
Reported by: Zehua Qiao and Jinwen He.
([CVE-2026-7383])
*Viktor Dukhovni*
* Fixed out-of-bounds read in CMS password-based decryption.
Severity: Low
Issue summary: When CMS password-based decryption ([RFC 3211]/PWRI key
unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode
KEK cipher can trigger a heap out-of-bounds read in `kek_unwrap_key()`.
Impact summary: A heap buffer over-read may trigger a crash, which leads
to Denial of Service for an application if the input buffer ends at a memory
page boundary and the following page is unmapped. There is no information
disclosure, as the over-read bytes are not revealed to the attacker.
Reported by: Bhabani Sankar Das and Haruki Oyama (Waseda University).
([CVE-2026-9076])
*Nikola Pajkovský*
* Fixed heap buffer over-read in ASN.1 content parsing.
Severity: Low
Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive
element whose content exceeds 2 gigabytes in length may cause a heap buffer
over-read on 64-bit Unix and Unix-like platforms.
Impact summary: The heap buffer over-read may crash the application (Denial
of Service) or to load into the decoded ASN.1 object contents of memory
beyond the end of the input buffer. More typically, such ASN.1 elements
would instead be truncated.
Reported by: Frank Buss.
([CVE-2026-34180])
*Viktor Dukhovni*
* Fixed PKCS#12 files with PBMAC1 are accepted with short HMAC keys.
Severity: Low
Issue Summary: The PKCS#12 file processing fails to perform sufficient input
validation for files that use Password-Based Message Authentication Code 1
(PBMAC1) integrity mechanism allowing a certificate and private key forgery.
Impact Summary: An attacker impersonating a user can cause a service reading
PKCS#12 files to accept forged certificates and private keys with a 1 in 256
probability.
Reported by: Pavol Žáčik (Red Hat) and Alex Gaynor (Anthropic).
([CVE-2026-34181])
*Alicja Kario (Red Hat)*
* Fixed possible NULL dereference in password-dased CMS decryption.
Severity: Low
Issue summary: A specially crafted password-encrypted CMS message
could trigger a NULL pointer dereference during CMS decryption.
Impact summary: This NULL pointer dereference could lead to an application
crash and a Denial of Service.
Reported by: Mayank Jangid, Kushal Khemka, Hari Priandana,
Bhabani Sankar Das, and Qifan Zhang (Palo Alto Networks).
([CVE-2026-42766])
*Igor Ustinov*
* Fixed NULL pointer dereference in CRMF `EncryptedValue` decryption.
Severity: Low
Issue summary: An attacker-controlled CMP (Certificate Management Protocol)
server could trigger a NULL pointer dereference in a CMP client application.
Impact summary: A NULL pointer dereference could cause a crash
of the application and a Denial of Service.
Reported by: Zhanpeng Liu (Tencent Xuanwu Lab),
Guannan Wang (Tencent Xuanwu Lab), and Guancheng Li (Tencent Xuanwu Lab).
([CVE-2026-42767])
*Igor Ustinov*
* Fixed multi-`RecipientInfo` Bleichenbacher Oracle in `CMS_decrypt()`
and `PKCS7_decrypt()`.
Severity: Low
Issue summary: The `CMS_decrypt()` and `PKCS7_decrypt()` functions
are vulnerable to Bleichenbacher-style attack when an attacker is able
to provide CMS or S/MIME messages and observe the error code
and/or decryption output.
Impact summary: The Bleichenbacher-style attack allows an attacker to use
the victim's vulnerable application as a way to decrypt or sign messages
with the victim's private RSA key.
Reported by: Alex Gaynor (Anthropic).
([CVE-2026-42768])
*Dmitry Belyavskiy (Red Hat) and Alicja Kario (Red Hat)*
* Fixed trust anchor substitution via `cert`/`issuer` typo in CMP
`rootCaKeyUpdate`.
Severity: Low
Issue Summary: An error in the callback used to verify the certificate
provided in a Root CA key update Certificate Management Protocol (CMP)
message response rendered the certificate validation ineffectual,
which could lead to escalation of credentials from the Registration
Authority (RA) level to the root Certification Authority (root CA) level.
Impact Summary: The Registration Authority could replace the root CA
certificate for the CMP clients with an arbitrary root CA certificate.
Reported by: Alex Gaynor (Anthropic).
([CVE-2026-42769])
*Alex Gaynor (Anthropic) and Bob Beck*
* Fixed FFC-DH peer validation uses attacker-supplied `q`.
Severity: Low
Issue summary: When `EVP_PKEY_derive_set_peer()` is called with a DHX (X9.42)
peer key, the peer key is not properly checked for the subgroup membership.
Impact summary: A malicious peer which presents an X9.42 key carrying
the victim's `p` and `g` parameters, a forged `q = r` (a small prime factor
of the cofactor `(p 1)/q_local`), and a public value `Y` of order `r` can
recover the victim's private key after a small number of key exchange
attempts.
Reported by: Alex Gaynor (Anthropic).
([CVE-2026-42770])
*Alex Gaynor (Anthropic), Viktor Dukhovni, and Norbert Pócs*
* Fixed incorrect tag processing for empty messages in AES-GCM-SIV
and AES-SIV modes.
Severity: Low
Issue summary: The implementations of AES-SIV ([RFC 5297]) and AES-GCM-SIV
([RFC 8452]) mishandle the authentication of AAD (Additional Authenticated
Data) with an empty ciphertext, allowing forgery of such messages.
Impact summary: An attacker can forge empty messages with arbitrary AAD
to the victim's application using these ciphers.
Reported by: Alex Gaynor (Anthropic).
([CVE-2026-45446])
*Dmitry Belyavskiy (Red Hat)*
* Fixed TLS 1.3 server not sending `NewSessionTicket` message
after ciphersuite mismatch.
<!-- https://github.com/openssl/openssl/pull/30626 -->
*Daniel Kubec*
* Implemented validation of the minimal length of PSK identity
being of at least one byte long, as required per [RFC 8446].
<!-- https://github.com/openssl/openssl/pull/31058 -->
*Matt Caswell*
* Fixed usage of stale application buffer pointer by kTLS implementation
after incomplete writes when `SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER` is set,
that led to invalid memory reads and sending of incorrect data.
<!-- https://github.com/openssl/openssl/pull/31146 -->
*Ilya Maximets*
### Changes between 3.5.5 and 3.5.6 [7 Apr 2026]
* Fixed incorrect failure handling in RSA KEM RSASVE encapsulation.
@@ -21961,6 +22258,8 @@ ndif
[CVE-2025-69420]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-69420
[CVE-2025-69421]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-69421
[CVE-2026-2673]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-2673
[CVE-2026-7383]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-7383
[CVE-2026-9076]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-9076
[CVE-2026-22795]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-22795
[CVE-2026-22796]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-22796
[CVE-2026-28387]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-28387
@@ -21969,5 +22268,22 @@ ndif
[CVE-2026-28390]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-28390
[CVE-2026-31789]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-31789
[CVE-2026-31790]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-31790
[CVE-2026-34180]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-34180
[CVE-2026-34181]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-34181
[CVE-2026-34182]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-34182
[CVE-2026-34183]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-34183
[CVE-2026-42764]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-42764
[CVE-2026-42766]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-42766
[CVE-2026-42767]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-42767
[CVE-2026-42768]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-42768
[CVE-2026-42769]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-42769
[CVE-2026-42770]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-42770
[CVE-2026-45445]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-45445
[CVE-2026-45446]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-45446
[CVE-2026-45447]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-45447
[ESV]: https://csrc.nist.gov/Projects/cryptographic-module-validation-program/entropy-validations
[RFC 2578 (STD 58), section 3.5]: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5
[RFC 3211]: https://datatracker.ietf.org/doc/html/rfc3211
[RFC 5297]: https://datatracker.ietf.org/doc/html/rfc5297
[RFC 8446]: https://datatracker.ietf.org/doc/html/rfc8446
[RFC 8452]: https://datatracker.ietf.org/doc/html/rfc8452
+1 -1
View File
@@ -502,7 +502,7 @@ The build-file template is processed with the perl module
Text::Template, using `{-` and `-}` as delimiters that enclose the
perl code fragments that generate configuration-dependent content.
Those perl fragments have access to all the hash variables from
configdata.pem.
configdata.pm.
The build-file template is expected to define at least the following
perl functions in a perl code fragment enclosed with `{-` and `-}`.
+15 -10
View File
@@ -1,6 +1,6 @@
#! /usr/bin/env perl
# -*- mode: perl; -*-
# Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -221,16 +221,9 @@ our $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";
#
# API compatibility name to version number mapping.
#
# This table expresses when API additions or changes can occur
my $apitable = {
# This table expresses when API additions or changes can occur.
# The numbering used changes from 3.0 and on because we updated
# (solidified) our version numbering scheme at that point.
# From 3.0 and on, we internalise the given version number in decimal
# as MAJOR * 10000 + MINOR * 100 + 0
"3.0.0" => 30000,
"3.0" => 30000,
# Note that before 3.0, we didn't have the same version number scheme.
# Still, the numbering we use here covers what we need.
"1.1.1" => 10101,
@@ -241,6 +234,18 @@ my $apitable = {
"0.9.8" => 908,
};
# From 3.0 and on, we internalise the given version number in decimal
# as MAJOR * 10000 + MINOR * 100 + 0
my @post30_versions = ([3, 0], [3, 1], [3, 2], [3, 3], [3, 4], [3, 5],
);
# The numbering used changes from 3.0 and on because we updated
# (solidified) our version numbering scheme at that point.
foreach (@post30_versions) {
my ($x, $y) = @{$_};
$apitable->{"$x.$y.0"} = $apitable->{"$x.$y"} = $x * 10000 + $y * 100;
}
# For OpenSSL::config::get_platform
my %guess_opts = ();
+71 -1
View File
@@ -23,10 +23,65 @@ OpenSSL Releases
OpenSSL 3.5
-----------
### Major changes between OpenSSL 3.5.6 and OpenSSL 3.5.7 [9 Jun 2026]
OpenSSL 3.5.7 is a security patch release. The most severe CVE fixed
in this release is High.
This release incorporates the following bug fixes and mitigations:
* Fixed heap use-after-free in `PKCS7_verify()`.
([CVE-2026-45447])
* Fixed CMS `AuthEnvelopedData` processing may accept forged messages.
([CVE-2026-34182])
* Fixed unbounded memory growth in the QUIC `PATH_CHALLENGE` handler.
([CVE-2026-34183])
* Fixed NULL pointer dereference in QUIC server initial packet handling.
([CVE-2026-42764])
* Fixed AES-OCB IV ignored on `EVP_Cipher()` path.
([CVE-2026-45445])
* Fixed possible heap buffer overflow in ASN.1 multibyte string conversion.
([CVE-2026-7383])
* Fixed out-of-bounds read in CMS password-based decryption.
([CVE-2026-9076])
* Fixed heap buffer over-read in ASN.1 content parsing.
([CVE-2026-34180])
* Fixed PKCS#12 files with PBMAC1 are accepted with short HMAC keys.
([CVE-2026-34181])
* Fixed possible NULL dereference in password-dased CMS decryption.
([CVE-2026-42766])
* Fixed NULL pointer dereference in CRMF `EncryptedValue` decryption.
([CVE-2026-42767])
* Fixed multi-`RecipientInfo` Bleichenbacher Oracle in `CMS_decrypt()`
and `PKCS7_decrypt()`.
([CVE-2026-42768])
* Fixed trust anchor substitution via `cert`/`issuer` typo in CMP
`rootCaKeyUpdate`.
([CVE-2026-42769])
* Fixed FFC-DH peer validation uses attacker-supplied `q`.
([CVE-2026-42770])
* Fixed incorrect tag processing for empty messages in AES-GCM-SIV
and AES-SIV modes.
([CVE-2026-45446])
### Major changes between OpenSSL 3.5.5 and OpenSSL 3.5.6 [7 Apr 2026]
OpenSSL 3.5.6 is a security patch release. The most severe CVE fixed in this
release is Medium.
release is Moderate.
This release incorporates the following bug fixes and mitigations:
@@ -2210,6 +2265,8 @@ OpenSSL 0.9.x
[CVE-2025-69420]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-69420
[CVE-2025-69421]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-69421
[CVE-2026-2673]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-2673
[CVE-2026-7383]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-7383
[CVE-2026-9076]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-9076
[CVE-2026-22795]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-22795
[CVE-2026-22796]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-22796
[CVE-2026-28387]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-28387
@@ -2218,6 +2275,19 @@ OpenSSL 0.9.x
[CVE-2026-28390]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-28390
[CVE-2026-31789]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-31789
[CVE-2026-31790]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-31790
[CVE-2026-34180]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-34180
[CVE-2026-34181]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-34181
[CVE-2026-34182]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-34182
[CVE-2026-34183]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-34183
[CVE-2026-42764]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-42764
[CVE-2026-42766]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-42766
[CVE-2026-42767]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-42767
[CVE-2026-42768]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-42768
[CVE-2026-42769]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-42769
[CVE-2026-42770]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-42770
[CVE-2026-45445]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-45445
[CVE-2026-45446]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-45446
[CVE-2026-45447]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-45447
[ESV]: https://csrc.nist.gov/Projects/cryptographic-module-validation-program/entropy-validations
[OpenSSL Guide]: https://www.openssl.org/docs/manmaster/man7/ossl-guide-introduction.html
[README-QUIC.md]: ./README-QUIC.md
+2 -2
View File
@@ -1,7 +1,7 @@
MAJOR=3
MINOR=5
PATCH=6
PATCH=7
PRE_RELEASE_TAG=
BUILD_METADATA=
RELEASE_DATE="7 Apr 2026"
RELEASE_DATE="9 Jun 2026"
SHLIB_VERSION=3
+2 -2
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -716,7 +716,7 @@ int enc_main(int argc, char **argv)
skey = EVP_SKEY_import(app_get0_libctx(), EVP_SKEYMGMT_get0_name(mgmt),
app_get0_propq(), OSSL_SKEYMGMT_SELECT_ALL, params);
OSSL_PARAM_free(params);
app_params_free(params);
if (skey == NULL) {
BIO_printf(bio_err, "Error creating opaque key object for skeymgmt %s\n",
skeymgmt ? skeymgmt : EVP_CIPHER_name(cipher));
+11 -4
View File
@@ -1057,9 +1057,12 @@ int load_key_certs_crls(const char *uri, int format, int maybe_stdin,
if (ok)
pcert = NULL;
} else if (pcerts != NULL) {
ok = X509_add_cert(*pcerts,
OSSL_STORE_INFO_get1_CERT(info),
X509_ADD_FLAG_DEFAULT);
X509 *cert = OSSL_STORE_INFO_get1_CERT(info);
ok = cert != NULL
&& X509_add_cert(*pcerts, cert, X509_ADD_FLAG_DEFAULT);
if (!ok)
X509_free(cert);
}
ncerts += ok;
break;
@@ -1069,7 +1072,11 @@ int load_key_certs_crls(const char *uri, int format, int maybe_stdin,
if (ok)
pcrl = NULL;
} else if (pcrls != NULL) {
ok = sk_X509_CRL_push(*pcrls, OSSL_STORE_INFO_get1_CRL(info));
X509_CRL *crl = OSSL_STORE_INFO_get1_CRL(info);
ok = crl != NULL && sk_X509_CRL_push(*pcrls, crl);
if (!ok)
X509_CRL_free(crl);
}
ncrls += ok;
break;
+3 -1
View File
@@ -345,6 +345,7 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
STACK_OF(ASN1_UTF8STRING) *strs;
ASN1_UTF8STRING *str;
const char *data;
int len;
if (OBJ_obj2nid(obj) == NID_id_it_certProfile) {
if (!OSSL_CMP_ITAV_get0_certProfile(itav, &strs))
@@ -359,7 +360,8 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
ERR_raise(ERR_LIB_CMP, ERR_R_PASSED_INVALID_ARGUMENT);
return NULL;
}
if (strcmp(data, "profile1") != 0) {
if (((len = ASN1_STRING_length(str)) != (int)sizeof("profile1") - 1)
|| memcmp(data, "profile1", len) != 0) {
ERR_raise(ERR_LIB_CMP, CMP_R_UNEXPECTED_CERTPROFILE);
return NULL;
}
+4 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -1490,6 +1490,9 @@ static void list_disabled(void)
#ifdef OPENSSL_NO_DSA
BIO_puts(bio_out, "DSA\n");
#endif
#ifdef OPENSSL_NO_SIPHASH
BIO_puts(bio_out, "SIPHASH\n");
#endif
#if defined(OPENSSL_NO_DTLS)
BIO_puts(bio_out, "DTLS\n");
#endif
+7 -7
View File
@@ -2549,7 +2549,7 @@ int s_client_main(int argc, char **argv)
"xmlns='jabber:%s' to='%s' version='1.0'>",
starttls_proto == PROTO_XMPP ? "client" : "server",
protohost ? protohost : host);
seen = BIO_read(sbio, mbuf, BUFSIZZ);
seen = BIO_read(sbio, mbuf, BUFSIZZ - 1);
if (seen < 0) {
BIO_printf(bio_err, "BIO_read failed\n");
goto end;
@@ -2558,7 +2558,7 @@ int s_client_main(int argc, char **argv)
while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'")
&& !strstr(mbuf,
"<starttls xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"")) {
seen = BIO_read(sbio, mbuf, BUFSIZZ);
seen = BIO_read(sbio, mbuf, BUFSIZZ - 1);
if (seen <= 0)
goto shut;
@@ -2567,7 +2567,7 @@ int s_client_main(int argc, char **argv)
}
BIO_printf(sbio,
"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
seen = BIO_read(sbio, sbuf, BUFSIZZ);
seen = BIO_read(sbio, sbuf, BUFSIZZ - 1);
if (seen < 0) {
BIO_printf(bio_err, "BIO_read failed\n");
goto shut;
@@ -2793,7 +2793,7 @@ int s_client_main(int argc, char **argv)
"Didn't find STARTTLS in server response,"
" trying anyway...\n");
BIO_printf(sbio, "STARTTLS\r\n");
mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ);
mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ - 1);
if (mbuf_len < 0) {
BIO_printf(bio_err, "BIO_read failed\n");
goto end;
@@ -2834,7 +2834,7 @@ int s_client_main(int argc, char **argv)
"Didn't find STARTTLS in server response,"
" trying anyway...\n");
BIO_printf(sbio, "STARTTLS\r\n");
mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ);
mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ - 1);
if (mbuf_len < 0) {
BIO_printf(bio_err, "BIO_read failed\n");
goto end;
@@ -3307,7 +3307,7 @@ int s_client_main(int argc, char **argv)
if (crlf) {
int j, lf_num;
i = raw_read_stdin(cbuf, BUFSIZZ / 2);
i = raw_read_stdin(cbuf, (BUFSIZZ - 1) / 2);
lf_num = 0;
/* both loops are skipped when i <= 0 */
for (j = 0; j < i; j++)
@@ -3323,7 +3323,7 @@ int s_client_main(int argc, char **argv)
}
assert(lf_num == 0);
} else
i = raw_read_stdin(cbuf, BUFSIZZ);
i = raw_read_stdin(cbuf, BUFSIZZ - 1);
#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS)
if (i == 0)
at_eof = 1;
+2 -2
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2025-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -106,7 +106,7 @@ int skeyutl_main(int argc, char **argv)
skey = EVP_SKEY_generate(app_get0_libctx(),
skeymgmt ? skeymgmt : EVP_CIPHER_name(cipher),
app_get0_propq(), params);
OSSL_PARAM_free(params);
app_params_free(params);
if (skey == NULL) {
BIO_printf(bio_err, "Error creating opaque key for skeymgmt %s\n",
skeymgmt ? skeymgmt : EVP_CIPHER_name(cipher));
+4 -3
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -3138,8 +3138,9 @@ int speed_main(int argc, char **argv)
exit(1);
}
if (!EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_AEAD_GET_TAG,
TAG_LEN, &loopargs[k].tag)) {
if (EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_AEAD_GET_TAG,
TAG_LEN, &loopargs[k].tag)
<= 0) {
BIO_printf(bio_err, "\nFailed to get the tag\n");
dofail();
exit(1);
File diff suppressed because it is too large Load Diff
File diff suppressed because it is too large Load Diff
+16 -1
View File
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -479,11 +479,16 @@ aes_fx_cbc_encrypt:
ldd [$end + 24], %f12
movrz $len, 0, $inc
brz,pn $len, .Lcbc_enc_skip_load
nop
fmovd $intail, $in0
ldd [$inp - 8], $in1 ! load next input block
ldda [$inp]0x82, $intail ! non-faulting load
add $inp, $inc, $inp ! inp+=16
.Lcbc_enc_skip_load:
fmovd %f0, %f4
faesencx %f2, %f6, %f0
faesencx %f4, %f8, %f2
@@ -694,11 +699,16 @@ aes_fx_cbc_encrypt:
fmovd $in1, $iv1
movrz $len, 0, $inc
brz,pn $len, .Lcbc_dec_skip_load
nop
fmovd $intail, $in0
ldd [$inp - 8], $in1 ! load next input block
ldda [$inp]0x82, $intail ! non-faulting load
add $inp, $inc, $inp ! inp+=16
.Lcbc_dec_skip_load:
fmovd %f0, %f4
faesdecx %f2, %f10, %f0
faesdecx %f4, %f12, %f2
@@ -953,11 +963,16 @@ aes_fx_ctr32_encrypt_blocks:
fxor $in1, $rllo, %f8
movrz $len, 0, $inc
brz,pn $len, .Lctr32_enc_skip_load
nop
fmovd $intail, $in0
ldd [$inp - 8], $in1 ! load next input block
ldda [$inp]0x82, $intail ! non-faulting load
add $inp, $inc, $inp ! inp+=16
.Lctr32_enc_skip_load:
fmovd %f0, %f4
faesencx %f2, %f10, %f0
faesencx %f4, %f12, %f2
+59 -7
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -104,7 +104,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
}
#endif
#define HEADER_SIZE 8
#define HEADER_SIZE 2
#define ASN1_CHUNK_INITIAL_SIZE (16 * 1024)
int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
{
@@ -138,7 +138,7 @@ int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
goto err;
}
i = BIO_read(in, &(b->data[len]), want);
if (i < 0 && diff == 0) {
if (i <= 0) {
ERR_raise(ERR_LIB_ASN1, ASN1_R_NOT_ENOUGH_DATA);
goto err;
}
@@ -154,12 +154,65 @@ int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
}
/* else data already loaded */
/* make sure there is enough data for a complete header */
p = (unsigned char *)&(b->data[off]);
q = p;
diff = len - off;
if (diff == 0)
if (diff < 2) {
/* Failed sanity check */
ERR_raise(ERR_LIB_ASN1, ASN1_R_NOT_ENOUGH_DATA);
goto err;
inf = ASN1_get_object(&q, &slen, &tag, &xclass, diff);
}
diff--;
if ((*(q++) & V_ASN1_PRIMITIVE_TAG) == V_ASN1_PRIMITIVE_TAG) {
unsigned int n = 0;
/* Multi-byte tag. See if we have the whole thing yet */
do {
if (n > 4) {
/* The tag value must fit into int */
ERR_raise(ERR_LIB_ASN1, ASN1_R_HEADER_TOO_LONG);
goto err;
}
++n;
diff--;
} while (diff > 0 && *(q++) & 0x80);
if (diff == 0) {
/*
* End of current data, will need at least 1 more byte for
* length. 2 if the tag is still incomplete
*/
want = q - p + 2;
if (*q & 0x80) {
want++;
}
continue;
}
}
/* Check the length. This should also work for indefinite length */
diff--;
if (*q & 0x80) {
unsigned int n = *q & 0x7f;
if (n > sizeof(long)) {
ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG);
goto err;
}
if (n > diff) {
want = q - p + n + 1;
continue;
}
}
/*
* We have a complete header now, assuming we didn't hit EOF. Parse the
* tag and length
*/
q = p;
diff = len - off;
inf = ASN1_get_object(&q, &slen, &tag, &xclass, (int)diff);
if (inf & 0x80) {
unsigned long e;
@@ -169,8 +222,7 @@ int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
ERR_pop_to_mark();
ERR_set_mark();
}
i = q - p; /* header length */
off += i; /* end of data */
off += q - p; /* end of data */
if (inf & 1) {
/* no data body so go round again */
+1 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
+2 -2
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -129,7 +129,7 @@ static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
*inf = 0;
i = *p & 0x7f;
if (*p++ & 0x80) {
if (max < i + 1)
if (max < i)
return 0;
/* Skip leading zeroes */
while (i > 0 && *p == 0) {
+9 -7
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -665,16 +665,18 @@ static int multi_split(BIO *bio, int flags, const char *bound, STACK_OF(BIO) **r
#else
1
#endif
|| (flags & SMIME_CRLFEOL) != 0)
BIO_write(bpart, "\r\n", 2);
else
BIO_write(bpart, "\n", 1);
|| (flags & SMIME_CRLFEOL) != 0) {
if (BIO_write(bpart, "\r\n", 2) < 2)
goto err;
} else if (BIO_write(bpart, "\n", 1) < 1)
goto err;
}
eol = next_eol;
if (len > 0)
BIO_write(bpart, linebuf, len);
if (len > 0 && BIO_write(bpart, linebuf, len) < len)
goto err;
}
}
err:
BIO_free(bpart);
return 0;
}
+1 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
+2 -2
View File
@@ -68,8 +68,8 @@
#undef NO_RECVMMSG
#define NO_RECVMMSG
#endif
#if defined(_AIX) && !defined(_AIX72)
/* AIX >= 7.2 provides sendmmsg() and recvmmsg(). */
#if defined(_AIX)
/* AIX header files don't properly expose sendmmsg/recvmmsg declarations */
#undef NO_RECVMMSG
#define NO_RECVMMSG
#endif
+2 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -305,6 +305,7 @@ static int dgram_mem_init(BIO *bio)
b = bio->ptr;
if (ring_buf_init(&b->rbuf, b->req_buf_len) == 0) {
dgram_pair_free(bio);
ERR_raise(ERR_LIB_BIO, ERR_R_BIO_LIB);
return 0;
}
+24 -225
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2005-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -24,102 +24,16 @@
BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
{
static const unsigned char RFC2409_PRIME_768[] = {
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xC9,
0x0F,
0xDA,
0xA2,
0x21,
0x68,
0xC2,
0x34,
0xC4,
0xC6,
0x62,
0x8B,
0x80,
0xDC,
0x1C,
0xD1,
0x29,
0x02,
0x4E,
0x08,
0x8A,
0x67,
0xCC,
0x74,
0x02,
0x0B,
0xBE,
0xA6,
0x3B,
0x13,
0x9B,
0x22,
0x51,
0x4A,
0x08,
0x79,
0x8E,
0x34,
0x04,
0xDD,
0xEF,
0x95,
0x19,
0xB3,
0xCD,
0x3A,
0x43,
0x1B,
0x30,
0x2B,
0x0A,
0x6D,
0xF2,
0x5F,
0x14,
0x37,
0x4F,
0xE1,
0x35,
0x6D,
0x6D,
0x51,
0xC2,
0x45,
0xE4,
0x85,
0xB5,
0x76,
0x62,
0x5E,
0x7E,
0xC6,
0xF4,
0x4C,
0x42,
0xE9,
0xA6,
0x3A,
0x36,
0x20,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F,
0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B,
0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67,
0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF, 0x95,
0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x3A, 0x36, 0x20, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};
return BN_bin2bn(RFC2409_PRIME_768, sizeof(RFC2409_PRIME_768), bn);
}
@@ -136,134 +50,19 @@ BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn)
BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn)
{
static const unsigned char RFC2409_PRIME_1024[] = {
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xC9,
0x0F,
0xDA,
0xA2,
0x21,
0x68,
0xC2,
0x34,
0xC4,
0xC6,
0x62,
0x8B,
0x80,
0xDC,
0x1C,
0xD1,
0x29,
0x02,
0x4E,
0x08,
0x8A,
0x67,
0xCC,
0x74,
0x02,
0x0B,
0xBE,
0xA6,
0x3B,
0x13,
0x9B,
0x22,
0x51,
0x4A,
0x08,
0x79,
0x8E,
0x34,
0x04,
0xDD,
0xEF,
0x95,
0x19,
0xB3,
0xCD,
0x3A,
0x43,
0x1B,
0x30,
0x2B,
0x0A,
0x6D,
0xF2,
0x5F,
0x14,
0x37,
0x4F,
0xE1,
0x35,
0x6D,
0x6D,
0x51,
0xC2,
0x45,
0xE4,
0x85,
0xB5,
0x76,
0x62,
0x5E,
0x7E,
0xC6,
0xF4,
0x4C,
0x42,
0xE9,
0xA6,
0x37,
0xED,
0x6B,
0x0B,
0xFF,
0x5C,
0xB6,
0xF4,
0x06,
0xB7,
0xED,
0xEE,
0x38,
0x6B,
0xFB,
0x5A,
0x89,
0x9F,
0xA5,
0xAE,
0x9F,
0x24,
0x11,
0x7C,
0x4B,
0x1F,
0xE6,
0x49,
0x28,
0x66,
0x51,
0xEC,
0xE6,
0x53,
0x81,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F,
0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B,
0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67,
0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF, 0x95,
0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF,
0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38, 0x6B, 0xFB,
0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B,
0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};
return BN_bin2bn(RFC2409_PRIME_1024, sizeof(RFC2409_PRIME_1024), bn);
}
+7 -7
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1998-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1998-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,24 +11,24 @@
#include "internal/nelem.h"
#include "bn_local.h"
int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
{
/*
* like BN_mod, but returns non-negative remainder (i.e., 0 <= r < |d|
* like BN_mod, but returns non-negative remainder (i.e., 0 <= r < |m|
* always holds)
*/
if (r == d) {
if (r == m) {
ERR_raise(ERR_LIB_BN, ERR_R_PASSED_INVALID_ARGUMENT);
return 0;
}
if (!(BN_mod(r, m, d, ctx)))
if (!(BN_mod(r, a, m, ctx)))
return 0;
if (!r->neg)
return 1;
/* now -|d| < r < 0, so we have to set r := r + |d| */
return (d->neg ? BN_sub : BN_add)(r, r, d);
/* now -|m| < r < 0, so we have to set r := r + |m| */
return (m->neg ? BN_sub : BN_add)(r, r, m);
}
int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
File diff suppressed because it is too large Load Diff
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -501,7 +501,7 @@ my ($xv8,$xv9,$xv10,$xv11,$xv12,$xv13,$xv14,$xv15,$xv16,$xv17) = map("v$_",(8..1
my ($xv18,$xv19,$xv20,$xv21) = map("v$_",(18..21));
my ($xv22,$xv23,$xv24,$xv25,$xv26) = map("v$_",(22..26));
my $FRAME=$LOCALS+64+9*16; # 8*16 is for v24-v31 offload
my $FRAME=$LOCALS+64+9*16+13*8+4*16; # 8*16 for v24-v31 offload, 13*8 for f14-f26, 4*16 for v20-v23
sub VSX_lane_ROUND_8x {
my ($a0,$b0,$c0,$d0,$a4,$b4,$c4,$d4)=@_;
@@ -665,7 +665,28 @@ $code.=<<___;
addi r11,r11,32
stvx v30,r10,$sp
stvx v31,r11,$sp
stw r12,`$FRAME-4`($sp) # save vrsave
stfd f14,`$LOCALS+64+9*16+0*8`($sp) # save FPR14-FPR26 (callee-saved per ELFv2 ABI)
stfd f15,`$LOCALS+64+9*16+1*8`($sp)
stfd f16,`$LOCALS+64+9*16+2*8`($sp)
stfd f17,`$LOCALS+64+9*16+3*8`($sp)
stfd f18,`$LOCALS+64+9*16+4*8`($sp)
stfd f19,`$LOCALS+64+9*16+5*8`($sp)
stfd f20,`$LOCALS+64+9*16+6*8`($sp)
stfd f21,`$LOCALS+64+9*16+7*8`($sp)
stfd f22,`$LOCALS+64+9*16+8*8`($sp)
stfd f23,`$LOCALS+64+9*16+9*8`($sp)
stfd f24,`$LOCALS+64+9*16+10*8`($sp)
stfd f25,`$LOCALS+64+9*16+11*8`($sp)
be?stfd f26,`$LOCALS+64+9*16+12*8`($sp) # BE only
li r10,`$LOCALS+64+9*16+13*8+15`
li r11,`$LOCALS+64+9*16+13*8+31`
stvx v20,r10,$sp # save VMX v20-v23 (callee-saved per ELFv2 ABI)
addi r10,r10,32
stvx v21,r11,$sp
addi r11,r11,32
stvx v22,r10,$sp
stvx v23,r11,$sp
stw r12,`$LOCALS+64+9*16-4`($sp) # save vrsave
li r12,-4096+63
$PUSH r0, `$FRAME+$LRSAVE`($sp)
mtspr 256,r12 # preserve 29 AltiVec registers
@@ -1159,7 +1180,28 @@ $code.=<<___;
bne Loop_outer_vsx_8x
Ldone_vsx_8x:
lwz r12,`$FRAME-4`($sp) # pull vrsave
lwz r12,`$LOCALS+64+9*16-4`($sp) # pull vrsave
lfd f14,`$LOCALS+64+9*16+0*8`($sp) # restore FPR14-FPR26 (callee-saved per ELFv2 ABI)
lfd f15,`$LOCALS+64+9*16+1*8`($sp)
lfd f16,`$LOCALS+64+9*16+2*8`($sp)
lfd f17,`$LOCALS+64+9*16+3*8`($sp)
lfd f18,`$LOCALS+64+9*16+4*8`($sp)
lfd f19,`$LOCALS+64+9*16+5*8`($sp)
lfd f20,`$LOCALS+64+9*16+6*8`($sp)
lfd f21,`$LOCALS+64+9*16+7*8`($sp)
lfd f22,`$LOCALS+64+9*16+8*8`($sp)
lfd f23,`$LOCALS+64+9*16+9*8`($sp)
lfd f24,`$LOCALS+64+9*16+10*8`($sp)
lfd f25,`$LOCALS+64+9*16+11*8`($sp)
be?lfd f26,`$LOCALS+64+9*16+12*8`($sp) # BE only
li r10,`$LOCALS+64+9*16+13*8+15`
li r11,`$LOCALS+64+9*16+13*8+31`
lvx v20,r10,$sp # restore VMX v20-v23 (callee-saved per ELFv2 ABI)
addi r10,r10,32
lvx v21,r11,$sp
addi r11,r11,32
lvx v22,r10,$sp
lvx v23,r11,$sp
li r10,`15+$LOCALS+64`
li r11,`31+$LOCALS+64`
$POP r0, `$FRAME+$LRSAVE`($sp)
+7 -6
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved.
* Copyright Siemens AG 2022
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -113,8 +113,7 @@ static OSSL_CMP_ITAV *get_genm_itav(OSSL_CMP_CTX *ctx,
for (i = 0; i < n; i++) {
OSSL_CMP_ITAV *itav = sk_OSSL_CMP_ITAV_shift(itavs);
ASN1_OBJECT *obj = OSSL_CMP_ITAV_get0_type(itav);
char name[128] = "genp contains InfoType '";
size_t offset = strlen(name);
char name[128];
if (OBJ_obj2nid(obj) == expected) {
for (i++; i < n; i++)
@@ -123,9 +122,11 @@ static OSSL_CMP_ITAV *get_genm_itav(OSSL_CMP_CTX *ctx,
return itav;
}
if (OBJ_obj2txt(name + offset, sizeof(name) - offset, obj, 0) < 0)
strcat(name, "<unknown>");
ossl_cmp_log2(WARN, ctx, "%s' while expecting 'id-it-%s'", name, desc);
if (OBJ_obj2txt(name, sizeof(name), obj, 0) < 0)
name[0] = '\0';
ossl_cmp_log2(WARN, ctx,
"genp contains InfoType '%s' while expecting 'id-it-%s'",
name[0] == '\0' ? "<unknown>" : name, desc);
OSSL_CMP_ITAV_free(itav);
}
ERR_raise_data(ERR_LIB_CMP, CMP_R_INVALID_GENP,
+1 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
+1 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2008-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
+1 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2009-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2009-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
+1 -1
View File
@@ -1,5 +1,5 @@
/*-
* Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2007-2026 The OpenSSL Project Authors. All Rights Reserved.
* Copyright Nokia 2007-2018
* Copyright Siemens AG 2015-2019
*
+14 -129
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1998-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1998-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -32,134 +32,19 @@
* implementations do.
*/
static const unsigned char con_salt[128] = {
0xD2,
0xD3,
0xD4,
0xD5,
0xD6,
0xD7,
0xD8,
0xD9,
0xDA,
0xDB,
0xDC,
0xDD,
0xDE,
0xDF,
0xE0,
0xE1,
0xE2,
0xE3,
0xE4,
0xE5,
0xE6,
0xE7,
0xE8,
0xE9,
0xEA,
0xEB,
0xEC,
0xED,
0xEE,
0xEF,
0xF0,
0xF1,
0xF2,
0xF3,
0xF4,
0xF5,
0xF6,
0xF7,
0xF8,
0xF9,
0xFA,
0xFB,
0xFC,
0xFD,
0xFE,
0xFF,
0x00,
0x01,
0x02,
0x03,
0x04,
0x05,
0x06,
0x07,
0x08,
0x09,
0x0A,
0x0B,
0x05,
0x06,
0x07,
0x08,
0x09,
0x0A,
0x0B,
0x0C,
0x0D,
0x0E,
0x0F,
0x10,
0x11,
0x12,
0x13,
0x14,
0x15,
0x16,
0x17,
0x18,
0x19,
0x1A,
0x1B,
0x1C,
0x1D,
0x1E,
0x1F,
0x20,
0x21,
0x22,
0x23,
0x24,
0x25,
0x20,
0x21,
0x22,
0x23,
0x24,
0x25,
0x26,
0x27,
0x28,
0x29,
0x2A,
0x2B,
0x2C,
0x2D,
0x2E,
0x2F,
0x30,
0x31,
0x32,
0x33,
0x34,
0x35,
0x36,
0x37,
0x38,
0x39,
0x3A,
0x3B,
0x3C,
0x3D,
0x3E,
0x3F,
0x40,
0x41,
0x42,
0x43,
0x44,
0xD2, 0xD3, 0xD4, 0xD5, 0xD6, 0xD7, 0xD8, 0xD9, 0xDA, 0xDB,
0xDC, 0xDD, 0xDE, 0xDF, 0xE0, 0xE1, 0xE2, 0xE3, 0xE4, 0xE5,
0xE6, 0xE7, 0xE8, 0xE9, 0xEA, 0xEB, 0xEC, 0xED, 0xEE, 0xEF,
0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xF8, 0xF9,
0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF, 0x00, 0x01, 0x02, 0x03,
0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x05, 0x06,
0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A,
0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24,
0x25, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32,
0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C,
0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44
};
static const unsigned char cov_2char[64] = {
+2 -2
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -319,7 +319,7 @@ static char *win32_joiner(DSO *dso, const struct file_st *file_split)
len++; /* 1 for ending \ */
}
len += file_split->dirlen;
if (file_split->dir && file_split->file) {
if (file_split->dir) {
len++; /* 1 for ending \ */
}
len += file_split->filelen;
+2 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017-2026 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2015-2016 Cryptography Research, Inc.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -213,6 +213,7 @@ void ossl_curve448_scalar_halve(curve448_scalar_t out, const curve448_scalar_t a
c448_dword_t chain = 0;
unsigned int i;
mask = value_barrier_c448(mask);
for (i = 0; i < C448_SCALAR_LIMBS; i++) {
chain = (chain + a->limb[i]) + (sc_p->limb[i] & mask);
out->limb[i] = (c448_word_t)chain;
+8 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017-2026 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2014 Cryptography Research, Inc.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -18,6 +18,7 @@
#include <stdlib.h>
#include <openssl/e_os2.h>
#include "curve448utils.h"
#include "internal/constant_time.h"
#ifdef INT128_MAX
#include "arch_64/arch_intrinsics.h"
@@ -53,6 +54,12 @@ typedef int64_t dsword_t;
#error "For now we only support 32- and 64-bit architectures."
#endif
#if C448_WORD_BITS == 64
#define value_barrier_c448(x) value_barrier_64(x)
#elif C448_WORD_BITS == 32
#define value_barrier_c448(x) value_barrier_32(x)
#endif
/*
* The plan on booleans: The external interface uses c448_bool_t, but this
* might be a different size than our particular arch's word_t (and thus
+26 -196
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2002-2026 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -2495,208 +2495,38 @@ static const struct {
unsigned char data[0 + 32 * 6];
} _EC_sm2p256v1 = {
{ NID_X9_62_prime_field, 0, 32, 1 },
{
/* no seed */
{ /* no seed */
/* p */
0xff,
0xff,
0xff,
0xfe,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0x00,
0x00,
0x00,
0x00,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff,
/* a */
0xff,
0xff,
0xff,
0xfe,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0x00,
0x00,
0x00,
0x00,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xfc,
0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xfc,
/* b */
0x28,
0xe9,
0xfa,
0x9e,
0x9d,
0x9f,
0x5e,
0x34,
0x4d,
0x5a,
0x9e,
0x4b,
0xcf,
0x65,
0x09,
0xa7,
0xf3,
0x97,
0x89,
0xf5,
0x15,
0xab,
0x8f,
0x92,
0xdd,
0xbc,
0xbd,
0x41,
0x4d,
0x94,
0x0e,
0x93,
0x28, 0xe9, 0xfa, 0x9e, 0x9d, 0x9f, 0x5e, 0x34, 0x4d, 0x5a,
0x9e, 0x4b, 0xcf, 0x65, 0x09, 0xa7, 0xf3, 0x97, 0x89, 0xf5,
0x15, 0xab, 0x8f, 0x92, 0xdd, 0xbc, 0xbd, 0x41, 0x4d, 0x94,
0x0e, 0x93,
/* x */
0x32,
0xc4,
0xae,
0x2c,
0x1f,
0x19,
0x81,
0x19,
0x5f,
0x99,
0x04,
0x46,
0x6a,
0x39,
0xc9,
0x94,
0x8f,
0xe3,
0x0b,
0xbf,
0xf2,
0x66,
0x0b,
0xe1,
0x71,
0x5a,
0x45,
0x89,
0x33,
0x4c,
0x74,
0xc7,
0x32, 0xc4, 0xae, 0x2c, 0x1f, 0x19, 0x81, 0x19, 0x5f, 0x99,
0x04, 0x46, 0x6a, 0x39, 0xc9, 0x94, 0x8f, 0xe3, 0x0b, 0xbf,
0xf2, 0x66, 0x0b, 0xe1, 0x71, 0x5a, 0x45, 0x89, 0x33, 0x4c,
0x74, 0xc7,
/* y */
0xbc,
0x37,
0x36,
0xa2,
0xf4,
0xf6,
0x77,
0x9c,
0x59,
0xbd,
0xce,
0xe3,
0x6b,
0x69,
0x21,
0x53,
0xd0,
0xa9,
0x87,
0x7c,
0xc6,
0x2a,
0x47,
0x40,
0x02,
0xdf,
0x32,
0xe5,
0x21,
0x39,
0xf0,
0xa0,
0xbc, 0x37, 0x36, 0xa2, 0xf4, 0xf6, 0x77, 0x9c, 0x59, 0xbd,
0xce, 0xe3, 0x6b, 0x69, 0x21, 0x53, 0xd0, 0xa9, 0x87, 0x7c,
0xc6, 0x2a, 0x47, 0x40, 0x02, 0xdf, 0x32, 0xe5, 0x21, 0x39,
0xf0, 0xa0,
/* order */
0xff,
0xff,
0xff,
0xfe,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0x72,
0x03,
0xdf,
0x6b,
0x21,
0xc6,
0x05,
0x2b,
0x53,
0xbb,
0xf4,
0x09,
0x39,
0xd5,
0x41,
0x23,
}
0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x72, 0x03, 0xdf, 0x6b,
0x21, 0xc6, 0x05, 0x2b, 0x53, 0xbb, 0xf4, 0x09, 0x39, 0xd5,
0x41, 0x23 }
};
#endif /* OPENSSL_NO_SM2 */
+2 -1
View File
@@ -1683,7 +1683,8 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[],
/* generator base point */
ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_GENERATOR);
if (ptmp == NULL
|| ptmp->data_type != OSSL_PARAM_OCTET_STRING) {
|| ptmp->data_type != OSSL_PARAM_OCTET_STRING
|| ptmp->data_size == 0) {
ERR_raise(ERR_LIB_EC, EC_R_INVALID_GENERATOR);
goto err;
}
+33 -3
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -142,9 +142,24 @@ static ECDSA_SIG *ecdsa_s390x_nistp_sign_sig(const unsigned char *dgst,
const BIGNUM *privkey;
int off;
if (dgstlen < 0) {
ERR_raise(ERR_LIB_EC, EC_R_INVALID_LENGTH);
return NULL;
}
if (eckey == NULL) {
ERR_raise(ERR_LIB_EC, EC_R_MISSING_PARAMETERS);
return NULL;
}
group = EC_KEY_get0_group(eckey);
if (group == NULL) {
ERR_raise(ERR_LIB_EC, EC_R_MISSING_PARAMETERS);
return NULL;
}
privkey = EC_KEY_get0_private_key(eckey);
if (group == NULL || privkey == NULL) {
if (privkey == NULL) {
ERR_raise(ERR_LIB_EC, EC_R_MISSING_PARAMETERS);
return NULL;
}
@@ -239,9 +254,24 @@ static int ecdsa_s390x_nistp_verify_sig(const unsigned char *dgst, int dgstlen,
const EC_POINT *pubkey;
int off;
if (dgstlen < 0) {
ERR_raise(ERR_LIB_EC, EC_R_INVALID_LENGTH);
return -1;
}
if (sig == NULL || eckey == NULL) {
ERR_raise(ERR_LIB_EC, EC_R_MISSING_PARAMETERS);
return -1;
}
group = EC_KEY_get0_group(eckey);
if (group == NULL) {
ERR_raise(ERR_LIB_EC, EC_R_MISSING_PARAMETERS);
return -1;
}
pubkey = EC_KEY_get0_public_key(eckey);
if (eckey == NULL || group == NULL || pubkey == NULL || sig == NULL) {
if (pubkey == NULL) {
ERR_raise(ERR_LIB_EC, EC_R_MISSING_PARAMETERS);
return -1;
}
+2 -5
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2023-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2023-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -46,10 +46,7 @@ ALIGN32 static const BN_ULONG def_xG[P256_LIMBS] = {
};
ALIGN32 static const BN_ULONG def_yG[P256_LIMBS] = {
0x02df32e52139f0a0,
0xd0a9877cc62a4740,
0x59bdcee36b692153,
0xbc3736a2f4f6779c,
0x02df32e52139f0a0, 0xd0a9877cc62a4740, 0x59bdcee36b692153, 0xbc3736a2f4f6779c
};
#endif
+3 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2006-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -102,7 +102,9 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation,
* iteration we're on.
*/
EVP_ASYM_CIPHER_free(cipher);
cipher = NULL;
EVP_KEYMGMT_free(tmp_keymgmt);
tmp_keymgmt = NULL;
switch (iter) {
case 1:
+1 -1
View File
@@ -1466,7 +1466,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
return 1;
case EVP_CTRL_AEAD_SET_IVLEN:
if (arg <= 0)
if (arg <= 0 || arg > EVP_MAX_IV_LENGTH)
return 0;
if (arg != 12) {
+26 -256
View File
@@ -67,265 +67,35 @@ static const unsigned char srpdata_bin2ascii[65] = "0123456789ABCDEFGHIJKLMNOPQR
#define B64_BASE64(a) (!B64_NOT_BASE64(a))
static const unsigned char data_ascii2bin[128] = {
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xE0,
0xF0,
0xFF,
0xFF,
0xF1,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xE0,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0x3E,
0xFF,
0xF2,
0xFF,
0x3F,
0x34,
0x35,
0x36,
0x37,
0x38,
0x39,
0x3A,
0x3B,
0x3C,
0x3D,
0xFF,
0xFF,
0xFF,
0x00,
0xFF,
0xFF,
0xFF,
0x00,
0x01,
0x02,
0x03,
0x04,
0x05,
0x06,
0x07,
0x08,
0x09,
0x0A,
0x0B,
0x0C,
0x0D,
0x0E,
0x0F,
0x10,
0x11,
0x12,
0x13,
0x14,
0x15,
0x16,
0x17,
0x18,
0x19,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0x1A,
0x1B,
0x1C,
0x1D,
0x1E,
0x1F,
0x20,
0x21,
0x22,
0x23,
0x24,
0x25,
0x26,
0x27,
0x28,
0x29,
0x2A,
0x2B,
0x2C,
0x2D,
0x2E,
0x2F,
0x30,
0x31,
0x32,
0x33,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xE0,
0xF0, 0xFF, 0xFF, 0xF1, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xE0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xF2, 0xFF, 0x3F, 0x34, 0x35,
0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0xFF, 0xFF,
0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04,
0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x1A, 0x1B, 0x1C,
0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};
static const unsigned char srpdata_ascii2bin[128] = {
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xE0,
0xF0,
0xFF,
0xFF,
0xF1,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xE0,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xF2,
0x3E,
0x3F,
0x00,
0x01,
0x02,
0x03,
0x04,
0x05,
0x06,
0x07,
0x08,
0x09,
0xFF,
0xFF,
0xFF,
0x00,
0xFF,
0xFF,
0xFF,
0x0A,
0x0B,
0x0C,
0x0D,
0x0E,
0x0F,
0x10,
0x11,
0x12,
0x13,
0x14,
0x15,
0x16,
0x17,
0x18,
0x19,
0x1A,
0x1B,
0x1C,
0x1D,
0x1E,
0x1F,
0x20,
0x21,
0x22,
0x23,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0x24,
0x25,
0x26,
0x27,
0x28,
0x29,
0x2A,
0x2B,
0x2C,
0x2D,
0x2E,
0x2F,
0x30,
0x31,
0x32,
0x33,
0x34,
0x35,
0x36,
0x37,
0x38,
0x39,
0x3A,
0x3B,
0x3C,
0x3D,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xE0,
0xF0, 0xFF, 0xFF, 0xF1, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xE0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xF2, 0x3E, 0x3F, 0x00, 0x01,
0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0xFF, 0xFF,
0xFF, 0x00, 0xFF, 0xFF, 0xFF, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
0x23, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x24, 0x25, 0x26,
0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A,
0x3B, 0x3C, 0x3D, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};
#ifndef CHARSET_EBCDIC
+1 -1
View File
@@ -297,7 +297,7 @@ int EVP_CIPHER_get_type(const EVP_CIPHER *cipher)
case NID_des_ede3_cfb8:
case NID_des_ede3_cfb1:
return NID_des_cfb64;
return NID_des_ede3_cfb64;
default:
#ifdef FIPS_MODULE
+2
View File
@@ -97,7 +97,9 @@ static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation,
* iteration we're on.
*/
EVP_KEM_free(kem);
kem = NULL;
EVP_KEYMGMT_free(tmp_keymgmt);
tmp_keymgmt = NULL;
switch (iter) {
case 1:
+3 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2006-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -139,7 +139,9 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
* iteration we're on.
*/
EVP_SIGNATURE_free(signature);
signature = NULL;
EVP_KEYMGMT_free(tmp_keymgmt);
tmp_keymgmt = NULL;
switch (iter) {
case 1:
+2
View File
@@ -726,7 +726,9 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature,
* iteration we're on.
*/
EVP_SIGNATURE_free(signature);
signature = NULL;
EVP_KEYMGMT_free(tmp_keymgmt);
tmp_keymgmt = NULL;
switch (iter) {
case 1:
+7 -3
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -182,8 +182,10 @@ int ossl_ffc_params_copy(FFC_PARAMS *dst, const FFC_PARAMS *src)
if (!ffc_bn_cpy(&dst->p, src->p)
|| !ffc_bn_cpy(&dst->g, src->g)
|| !ffc_bn_cpy(&dst->q, src->q)
|| !ffc_bn_cpy(&dst->j, src->j))
|| !ffc_bn_cpy(&dst->j, src->j)) {
ossl_ffc_params_cleanup(dst);
return 0;
}
dst->mdname = src->mdname;
dst->mdprops = src->mdprops;
@@ -191,8 +193,10 @@ int ossl_ffc_params_copy(FFC_PARAMS *dst, const FFC_PARAMS *src)
dst->seedlen = src->seedlen;
if (src->seed != NULL) {
dst->seed = OPENSSL_memdup(src->seed, src->seedlen);
if (dst->seed == NULL)
if (dst->seed == NULL) {
ossl_ffc_params_cleanup(dst);
return 0;
}
} else {
dst->seed = NULL;
}
+40 -11
View File
@@ -285,6 +285,7 @@ static int ossl_ht_flush_internal(HT *h)
{
struct ht_mutable_data_st *newmd = NULL;
struct ht_mutable_data_st *oldmd = NULL;
CRYPTO_RCU_CB_ITEM *cbi = NULL;
newmd = OPENSSL_zalloc(sizeof(*newmd));
if (newmd == NULL)
@@ -299,6 +300,13 @@ static int ossl_ht_flush_internal(HT *h)
newmd->neighborhood_mask = DEFAULT_NEIGH_LEN - 1;
cbi = ossl_rcu_cb_item_new();
if (cbi == NULL) {
OPENSSL_free(newmd->neighborhood_ptr_to_free);
OPENSSL_free(newmd);
return 0;
}
/* Swap the old and new mutable data sets */
oldmd = ossl_rcu_deref(&h->md);
ossl_rcu_assign_ptr(&h->md, &newmd);
@@ -307,8 +315,9 @@ static int ossl_ht_flush_internal(HT *h)
h->wpd.value_count = 0;
h->wpd.neighborhood_len = DEFAULT_NEIGH_LEN;
ossl_rcu_call(h->lock, free_oldmd, oldmd);
ossl_rcu_call(h->lock, cbi, free_oldmd, oldmd);
h->wpd.need_sync = 1;
return 1;
}
@@ -319,17 +328,23 @@ int ossl_ht_flush(HT *h)
void ossl_ht_free(HT *h)
{
int flush_ok;
if (h == NULL)
return;
ossl_ht_write_lock(h);
ossl_ht_flush_internal(h);
flush_ok = ossl_ht_flush_internal(h);
ossl_ht_write_unlock(h);
/* Freeing the lock does a final sync for us */
CRYPTO_THREAD_lock_free(h->atomic_lock);
ossl_rcu_lock_free(h->lock);
if (flush_ok) {
OPENSSL_free(h->md->neighborhood_ptr_to_free);
OPENSSL_free(h->md);
} else {
free_oldmd(h->md);
}
OPENSSL_free(h);
return;
}
@@ -423,6 +438,7 @@ static int grow_hashtable(HT *h, size_t oldsize)
{
struct ht_mutable_data_st *newmd;
struct ht_mutable_data_st *oldmd = ossl_rcu_deref(&h->md);
CRYPTO_RCU_CB_ITEM *cbi = NULL;
int rc = 0;
uint64_t oldi, oldj, newi, newj;
uint64_t oldhash;
@@ -469,12 +485,20 @@ static int grow_hashtable(HT *h, size_t oldsize)
}
if (rehashed == 0) {
/* we ran out of space in a neighborhood, grow again */
OPENSSL_free(newmd->neighborhoods);
OPENSSL_free(newmd->neighborhood_ptr_to_free);
OPENSSL_free(newmd);
return grow_hashtable(h, newsize);
}
}
}
/*
* Pre allocate the rcu callback item before assigning the newmd.
*/
cbi = ossl_rcu_cb_item_new();
if (cbi == NULL)
goto out_free;
/*
* Now that our entries are all hashed into the new bucket list
* update our bucket_len and target_max_load
@@ -485,7 +509,7 @@ static int grow_hashtable(HT *h, size_t oldsize)
* Now we replace the old mutable data with the new
*/
ossl_rcu_assign_ptr(&h->md, &newmd);
ossl_rcu_call(h->lock, free_old_neigh_table, oldmd);
ossl_rcu_call(h->lock, cbi, free_old_neigh_table, oldmd);
h->wpd.need_sync = 1;
/*
* And we're done
@@ -495,7 +519,7 @@ static int grow_hashtable(HT *h, size_t oldsize)
out:
return rc;
out_free:
OPENSSL_free(newmd->neighborhoods);
OPENSSL_free(newmd->neighborhood_ptr_to_free);
OPENSSL_free(newmd);
goto out;
}
@@ -539,6 +563,7 @@ static int ossl_ht_insert_locked(HT *h, uint64_t hash,
HT_VALUE *ival;
size_t empty_idx = SIZE_MAX;
int lockless_reads = h->config.lockless_reads;
CRYPTO_RCU_CB_ITEM *cbi;
do {
PREFETCH_NEIGHBORHOOD(md->neighborhoods[neigh_idx]);
@@ -561,13 +586,16 @@ static int ossl_ht_insert_locked(HT *h, uint64_t hash,
return 0;
}
/* Do a replacement */
cbi = ossl_rcu_cb_item_new();
if (cbi == NULL)
return 0;
if (!CRYPTO_atomic_store(&md->neighborhoods[neigh_idx].entries[j].hash,
hash, h->atomic_lock))
return 0;
*olddata = (HT_VALUE *)md->neighborhoods[neigh_idx].entries[j].value;
ossl_rcu_assign_ptr(&md->neighborhoods[neigh_idx].entries[j].value,
&newval);
ossl_rcu_call(h->lock, free_old_ht_value, *olddata);
ossl_rcu_call(h->lock, cbi, free_old_ht_value, *olddata);
h->wpd.need_sync = 1;
return 1;
}
@@ -646,7 +674,7 @@ int ossl_ht_insert(HT *h, HT_KEY *key, HT_VALUE *data, HT_VALUE **olddata)
for (i = 0;
(rc = ossl_ht_insert_locked(h, hash, newval, olddata)) == -1
&& i < 4;
&& i <= (int)NEIGHBORHOOD_LEN;
++i)
if (!grow_hashtable(h, h->wpd.neighborhood_len)) {
rc = -1;
@@ -730,19 +758,20 @@ int ossl_ht_delete(HT *h, HT_KEY *key)
continue;
if (compare_hash(hash, h->md->neighborhoods[neigh_idx].entries[j].hash)
&& match_key(key, &v->value.key)) {
CRYPTO_RCU_CB_ITEM *cbi = ossl_rcu_cb_item_new();
if (cbi == NULL)
break;
if (!CRYPTO_atomic_store(&h->md->neighborhoods[neigh_idx].entries[j].hash,
0, h->atomic_lock))
break;
h->wpd.value_count--;
ossl_rcu_assign_ptr(&h->md->neighborhoods[neigh_idx].entries[j].value,
&nv);
ossl_rcu_call(h->lock, cbi, free_old_entry, v);
h->wpd.need_sync = 1;
rc = 1;
break;
}
}
if (rc == 1) {
ossl_rcu_call(h->lock, free_old_entry, v);
h->wpd.need_sync = 1;
}
return rc;
}
+1 -2
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -406,7 +406,6 @@ EVP_KDF_CTX *ossl_kdf_ctx_create(const char *kdfname, const char *mdname,
if (kctx != NULL && mdname != NULL) {
OSSL_PARAM params[3], *p = params;
if (mdname != NULL)
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
(char *)mdname, 0);
if (propq != NULL)
+24 -4
View File
@@ -95,6 +95,16 @@ struct ossl_http_req_ctx_st {
/* Low-level HTTP API implementation */
static int no_crlf(const char *component, const char *value)
{
if (value != NULL && strpbrk(value, "\r\n") != NULL) {
ERR_raise_data(ERR_LIB_HTTP, ERR_R_PASSED_INVALID_ARGUMENT,
"CR or LF character in %s", component);
return 0;
}
return 1;
}
OSSL_HTTP_REQ_CTX *OSSL_HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio, int buf_size)
{
OSSL_HTTP_REQ_CTX *rctx;
@@ -184,6 +194,10 @@ int OSSL_HTTP_REQ_CTX_set_request_line(OSSL_HTTP_REQ_CTX *rctx, int method_POST,
ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!no_crlf("server", server)
|| !no_crlf("port", port)
|| !no_crlf("path", path))
return 0;
BIO_free(rctx->mem);
if ((rctx->mem = BIO_new(BIO_s_mem())) == NULL)
return 0;
@@ -237,6 +251,9 @@ int OSSL_HTTP_REQ_CTX_add1_header(OSSL_HTTP_REQ_CTX *rctx,
ERR_raise(ERR_LIB_HTTP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (!no_crlf("header name", name)
|| !no_crlf("header value", value))
return 0;
if (BIO_puts(rctx->mem, name) <= 0)
return 0;
@@ -310,7 +327,7 @@ static int set1_content(OSSL_HTTP_REQ_CTX *rctx,
} else {
if (HAS_CASE_PREFIX(content_type, "text/"))
rctx->text = 1;
if (BIO_printf(rctx->mem, "Content-Type: %s\r\n", content_type) <= 0)
if (!OSSL_HTTP_REQ_CTX_add1_header(rctx, "Content-Type", content_type))
return 0;
}
@@ -1442,11 +1459,11 @@ int OSSL_HTTP_proxy_connect(BIO *bio, const char *server, const char *port,
{
#undef BUF_SIZE
#define BUF_SIZE (8 * 1024)
char *mbuf = OPENSSL_malloc(BUF_SIZE);
char *mbuf = NULL;
char *mbufp;
int read_len = 0;
int ret = 0;
BIO *fbio = BIO_new(BIO_f_buffer());
BIO *fbio = NULL;
int rv;
time_t max_time = timeout > 0 ? time(NULL) + timeout : 0;
@@ -1457,8 +1474,11 @@ int OSSL_HTTP_proxy_connect(BIO *bio, const char *server, const char *port,
}
if (port == NULL || *port == '\0')
port = OSSL_HTTPS_PORT;
if (!no_crlf("server", server) || !no_crlf("port", port))
goto end;
if (mbuf == NULL || fbio == NULL) {
if ((mbuf = OPENSSL_malloc(BUF_SIZE)) == NULL
|| (fbio = BIO_new(BIO_f_buffer())) == NULL) {
BIO_printf(bio_err /* may be NULL */, "%s: out of memory", prog);
goto end;
}
+3
View File
@@ -271,6 +271,9 @@ static int use_proxy(const char *no_proxy, const char *server)
server = host;
}
if (sl == 0)
return 1;
/*
* using environment variable names, both lowercase and uppercase variants,
* compatible with other HTTP client implementations like wget, curl and git
+11 -19
View File
@@ -121,6 +121,16 @@ init_get_thread_local(CRYPTO_THREAD_LOCAL *local, int alloc, int keep)
return hands;
}
int CRYPTO_THREAD_init_local(CRYPTO_THREAD_LOCAL *key, void (*cleanup)(void *))
{
#ifndef FIPS_MODULE
if (!ossl_init_thread())
return 0;
#endif
return ossl_thread_init_local(key, cleanup);
}
#ifndef FIPS_MODULE
/*
* Since per-thread-specific-data destructors are not universally
@@ -200,36 +210,18 @@ static void init_thread_destructor(void *hands)
}
static CRYPTO_ONCE ossl_init_thread_runonce = CRYPTO_ONCE_STATIC_INIT;
/* MSVC linker can use other segment for uninitialized (zeroed) variables */
#if defined(OPENSSL_SYS_WINDOWS)
static CRYPTO_THREAD_ID recursion_guard = (CRYPTO_THREAD_ID)-1;
#elif defined(OPENSSL_SYS_TANDEM) && (defined(_PUT_MODEL_) || defined(_KLT_MODEL_))
static CRYPTO_THREAD_ID recursion_guard = { (void *)-1, (short)-1, (short)-1 };
#else
static CRYPTO_THREAD_ID recursion_guard = (CRYPTO_THREAD_ID)0;
#endif
DEFINE_RUN_ONCE_STATIC(ossl_init_thread_once)
{
/* CRYPTO_THREAD_init_local() can call ossl_init_threads() again */
recursion_guard = CRYPTO_THREAD_get_current_id();
if (!CRYPTO_THREAD_init_local(&destructor_key.value,
if (!ossl_thread_init_local(&destructor_key.value,
init_thread_destructor))
return 0;
#if defined(OPENSSL_SYS_TANDEM)
memset(&recursion_guard, 0, sizeof(recursion_guard));
#else
recursion_guard = (CRYPTO_THREAD_ID)0;
#endif
return 1;
}
int ossl_init_thread(void)
{
if (CRYPTO_THREAD_compare_id(recursion_guard,
CRYPTO_THREAD_get_current_id()))
return 1;
if (!RUN_ONCE(&ossl_init_thread_runonce, ossl_init_thread_once))
return 0;
return 1;
+27 -257
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -32,262 +32,32 @@ static void md2_block(MD2_CTX *c, const unsigned char *d);
* a random byte string.
*/
static const MD2_INT S[256] = {
0x29,
0x2E,
0x43,
0xC9,
0xA2,
0xD8,
0x7C,
0x01,
0x3D,
0x36,
0x54,
0xA1,
0xEC,
0xF0,
0x06,
0x13,
0x62,
0xA7,
0x05,
0xF3,
0xC0,
0xC7,
0x73,
0x8C,
0x98,
0x93,
0x2B,
0xD9,
0xBC,
0x4C,
0x82,
0xCA,
0x1E,
0x9B,
0x57,
0x3C,
0xFD,
0xD4,
0xE0,
0x16,
0x67,
0x42,
0x6F,
0x18,
0x8A,
0x17,
0xE5,
0x12,
0xBE,
0x4E,
0xC4,
0xD6,
0xDA,
0x9E,
0xDE,
0x49,
0xA0,
0xFB,
0xF5,
0x8E,
0xBB,
0x2F,
0xEE,
0x7A,
0xA9,
0x68,
0x79,
0x91,
0x15,
0xB2,
0x07,
0x3F,
0x94,
0xC2,
0x10,
0x89,
0x0B,
0x22,
0x5F,
0x21,
0x80,
0x7F,
0x5D,
0x9A,
0x5A,
0x90,
0x32,
0x27,
0x35,
0x3E,
0xCC,
0xE7,
0xBF,
0xF7,
0x97,
0x03,
0xFF,
0x19,
0x30,
0xB3,
0x48,
0xA5,
0xB5,
0xD1,
0xD7,
0x5E,
0x92,
0x2A,
0xAC,
0x56,
0xAA,
0xC6,
0x4F,
0xB8,
0x38,
0xD2,
0x96,
0xA4,
0x7D,
0xB6,
0x76,
0xFC,
0x6B,
0xE2,
0x9C,
0x74,
0x04,
0xF1,
0x45,
0x9D,
0x70,
0x59,
0x64,
0x71,
0x87,
0x20,
0x86,
0x5B,
0xCF,
0x65,
0xE6,
0x2D,
0xA8,
0x02,
0x1B,
0x60,
0x25,
0xAD,
0xAE,
0xB0,
0xB9,
0xF6,
0x1C,
0x46,
0x61,
0x69,
0x34,
0x40,
0x7E,
0x0F,
0x55,
0x47,
0xA3,
0x23,
0xDD,
0x51,
0xAF,
0x3A,
0xC3,
0x5C,
0xF9,
0xCE,
0xBA,
0xC5,
0xEA,
0x26,
0x2C,
0x53,
0x0D,
0x6E,
0x85,
0x28,
0x84,
0x09,
0xD3,
0xDF,
0xCD,
0xF4,
0x41,
0x81,
0x4D,
0x52,
0x6A,
0xDC,
0x37,
0xC8,
0x6C,
0xC1,
0xAB,
0xFA,
0x24,
0xE1,
0x7B,
0x08,
0x0C,
0xBD,
0xB1,
0x4A,
0x78,
0x88,
0x95,
0x8B,
0xE3,
0x63,
0xE8,
0x6D,
0xE9,
0xCB,
0xD5,
0xFE,
0x3B,
0x00,
0x1D,
0x39,
0xF2,
0xEF,
0xB7,
0x0E,
0x66,
0x58,
0xD0,
0xE4,
0xA6,
0x77,
0x72,
0xF8,
0xEB,
0x75,
0x4B,
0x0A,
0x31,
0x44,
0x50,
0xB4,
0x8F,
0xED,
0x1F,
0x1A,
0xDB,
0x99,
0x8D,
0x33,
0x9F,
0x11,
0x83,
0x14,
0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01, 0x3D, 0x36,
0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13, 0x62, 0xA7, 0x05, 0xF3,
0xC0, 0xC7, 0x73, 0x8C, 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C,
0x82, 0xCA, 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12, 0xBE, 0x4E,
0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49, 0xA0, 0xFB, 0xF5, 0x8E,
0xBB, 0x2F, 0xEE, 0x7A, 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2,
0x07, 0x3F, 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27, 0x35, 0x3E,
0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03, 0xFF, 0x19, 0x30, 0xB3,
0x48, 0xA5, 0xB5, 0xD1, 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56,
0xAA, 0xC6, 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1, 0x45, 0x9D,
0x70, 0x59, 0x64, 0x71, 0x87, 0x20, 0x86, 0x5B, 0xCF, 0x65,
0xE6, 0x2D, 0xA8, 0x02, 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0,
0xB9, 0xF6, 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A, 0xC3, 0x5C,
0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26, 0x2C, 0x53, 0x0D, 0x6E,
0x85, 0x28, 0x84, 0x09, 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81,
0x4D, 0x52, 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A, 0x78, 0x88,
0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D, 0xE9, 0xCB, 0xD5, 0xFE,
0x3B, 0x00, 0x1D, 0x39, 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58,
0xD0, 0xE4, 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A, 0xDB, 0x99,
0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14
};
const char *MD2_options(void)
+2 -2
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2024-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -274,7 +274,7 @@ int ossl_ml_dsa_key_equal(const ML_DSA_KEY *key1, const ML_DSA_KEY *key2,
if (!key_checked
&& (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
if (key1->priv_encoding != NULL && key2->priv_encoding != NULL) {
if (memcmp(key1->priv_encoding, key2->priv_encoding,
if (CRYPTO_memcmp(key1->priv_encoding, key2->priv_encoding,
key1->params->sk_len)
!= 0)
return 0;
+5 -10
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2013-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -18,14 +18,7 @@
/** RFC 3394 section 2.2.3.1 Default Initial Value */
static const unsigned char default_iv[] = {
0xA6,
0xA6,
0xA6,
0xA6,
0xA6,
0xA6,
0xA6,
0xA6,
0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6
};
/** RFC 5649 section 3 Alternative Initial Value 32-bit constant */
@@ -178,7 +171,9 @@ size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
*
* @param[in] key Key value.
* @param[in] icv (Non-standard) IV, 4 bytes. NULL = use default_aiv.
* @param[out] out Ciphertext. Minimal buffer length = (inlen + 15) bytes.
* @param[out] out Ciphertext. Minimal buffer length =
* (inlen rounded up to 8 + 8) bytes, i.e.
* ((inlen + 7) / 8) * 8 + 8.
* Input and output buffers can overlap if block function
* supports that.
* @param[in] in Plaintext as n 64-bit blocks, n >= 2.
+3 -3
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -705,8 +705,8 @@ const void *OBJ_bsearch_ex_(const void *key, const void *base, int num,
*/
if (p == NULL) {
const char *base_ = base;
int l, h, i = 0, c = 0;
char *p1;
int i = 0, c = 0;
const char *p1;
for (i = 0; i < num; ++i) {
p1 = &(base_[i * size]);
+3 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -58,5 +58,7 @@ int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b)
ret = (a->length - b->length);
if (ret)
return ret;
if (a->length == 0)
return 0;
return memcmp(a->data, b->data, a->length);
}
+3 -3
View File
@@ -345,7 +345,7 @@ int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
{
OSSL_PARAM_BLD_DEF *pd;
if (bld == NULL || key == NULL) {
if (bld == NULL || key == NULL || buf == NULL) {
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
@@ -365,7 +365,7 @@ int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
OSSL_PARAM_BLD_DEF *pd;
int secure;
if (bld == NULL || key == NULL || buf == NULL) {
if (bld == NULL || key == NULL || (buf == NULL && bsize != 0)) {
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
@@ -383,7 +383,7 @@ int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
{
OSSL_PARAM_BLD_DEF *pd;
if (bld == NULL || key == NULL) {
if (bld == NULL || key == NULL || (buf == NULL && bsize != 0)) {
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
+6 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -73,6 +73,11 @@ int ossl_param_build_set_bn_pad(OSSL_PARAM_BLD *bld, OSSL_PARAM *p,
return OSSL_PARAM_BLD_push_BN_pad(bld, key, bn, sz);
p = OSSL_PARAM_locate(p, key);
if (p != NULL) {
/* Size probe: NULL data means "report the required size". */
if (p->data == NULL) {
p->return_size = sz;
return 1;
}
if (sz > p->data_size) {
ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER);
return 0;
+1 -1
View File
@@ -103,7 +103,7 @@ unsigned char *PKCS12_pbe_crypt_ex(const X509_ALGOR *algor,
if (EVP_CIPHER_CTX_is_encrypting(ctx)) {
if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
(int)mac_len, out + outlen)
< 0) {
<= 0) {
OPENSSL_free(out);
out = NULL;
ERR_raise(ERR_LIB_PKCS12, ERR_R_INTERNAL_ERROR);
+1 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
+27 -257
View File
@@ -1,5 +1,5 @@
/*
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -17,262 +17,32 @@
#include "rc2_local.h"
static const unsigned char key_table[256] = {
0xd9,
0x78,
0xf9,
0xc4,
0x19,
0xdd,
0xb5,
0xed,
0x28,
0xe9,
0xfd,
0x79,
0x4a,
0xa0,
0xd8,
0x9d,
0xc6,
0x7e,
0x37,
0x83,
0x2b,
0x76,
0x53,
0x8e,
0x62,
0x4c,
0x64,
0x88,
0x44,
0x8b,
0xfb,
0xa2,
0x17,
0x9a,
0x59,
0xf5,
0x87,
0xb3,
0x4f,
0x13,
0x61,
0x45,
0x6d,
0x8d,
0x09,
0x81,
0x7d,
0x32,
0xbd,
0x8f,
0x40,
0xeb,
0x86,
0xb7,
0x7b,
0x0b,
0xf0,
0x95,
0x21,
0x22,
0x5c,
0x6b,
0x4e,
0x82,
0x54,
0xd6,
0x65,
0x93,
0xce,
0x60,
0xb2,
0x1c,
0x73,
0x56,
0xc0,
0x14,
0xa7,
0x8c,
0xf1,
0xdc,
0x12,
0x75,
0xca,
0x1f,
0x3b,
0xbe,
0xe4,
0xd1,
0x42,
0x3d,
0xd4,
0x30,
0xa3,
0x3c,
0xb6,
0x26,
0x6f,
0xbf,
0x0e,
0xda,
0x46,
0x69,
0x07,
0x57,
0x27,
0xf2,
0x1d,
0x9b,
0xbc,
0x94,
0x43,
0x03,
0xf8,
0x11,
0xc7,
0xf6,
0x90,
0xef,
0x3e,
0xe7,
0x06,
0xc3,
0xd5,
0x2f,
0xc8,
0x66,
0x1e,
0xd7,
0x08,
0xe8,
0xea,
0xde,
0x80,
0x52,
0xee,
0xf7,
0x84,
0xaa,
0x72,
0xac,
0x35,
0x4d,
0x6a,
0x2a,
0x96,
0x1a,
0xd2,
0x71,
0x5a,
0x15,
0x49,
0x74,
0x4b,
0x9f,
0xd0,
0x5e,
0x04,
0x18,
0xa4,
0xec,
0xc2,
0xe0,
0x41,
0x6e,
0x0f,
0x51,
0xcb,
0xcc,
0x24,
0x91,
0xaf,
0x50,
0xa1,
0xf4,
0x70,
0x39,
0x99,
0x7c,
0x3a,
0x85,
0x23,
0xb8,
0xb4,
0x7a,
0xfc,
0x02,
0x36,
0x5b,
0x25,
0x55,
0x97,
0x31,
0x2d,
0x5d,
0xfa,
0x98,
0xe3,
0x8a,
0x92,
0xae,
0x05,
0xdf,
0x29,
0x10,
0x67,
0x6c,
0xba,
0xc9,
0xd3,
0x00,
0xe6,
0xcf,
0xe1,
0x9e,
0xa8,
0x2c,
0x63,
0x16,
0x01,
0x3f,
0x58,
0xe2,
0x89,
0xa9,
0x0d,
0x38,
0x34,
0x1b,
0xab,
0x33,
0xff,
0xb0,
0xbb,
0x48,
0x0c,
0x5f,
0xb9,
0xb1,
0xcd,
0x2e,
0xc5,
0xf3,
0xdb,
0x47,
0xe5,
0xa5,
0x9c,
0x77,
0x0a,
0xa6,
0x20,
0x68,
0xfe,
0x7f,
0xc1,
0xad,
0xd9, 0x78, 0xf9, 0xc4, 0x19, 0xdd, 0xb5, 0xed, 0x28, 0xe9,
0xfd, 0x79, 0x4a, 0xa0, 0xd8, 0x9d, 0xc6, 0x7e, 0x37, 0x83,
0x2b, 0x76, 0x53, 0x8e, 0x62, 0x4c, 0x64, 0x88, 0x44, 0x8b,
0xfb, 0xa2, 0x17, 0x9a, 0x59, 0xf5, 0x87, 0xb3, 0x4f, 0x13,
0x61, 0x45, 0x6d, 0x8d, 0x09, 0x81, 0x7d, 0x32, 0xbd, 0x8f,
0x40, 0xeb, 0x86, 0xb7, 0x7b, 0x0b, 0xf0, 0x95, 0x21, 0x22,
0x5c, 0x6b, 0x4e, 0x82, 0x54, 0xd6, 0x65, 0x93, 0xce, 0x60,
0xb2, 0x1c, 0x73, 0x56, 0xc0, 0x14, 0xa7, 0x8c, 0xf1, 0xdc,
0x12, 0x75, 0xca, 0x1f, 0x3b, 0xbe, 0xe4, 0xd1, 0x42, 0x3d,
0xd4, 0x30, 0xa3, 0x3c, 0xb6, 0x26, 0x6f, 0xbf, 0x0e, 0xda,
0x46, 0x69, 0x07, 0x57, 0x27, 0xf2, 0x1d, 0x9b, 0xbc, 0x94,
0x43, 0x03, 0xf8, 0x11, 0xc7, 0xf6, 0x90, 0xef, 0x3e, 0xe7,
0x06, 0xc3, 0xd5, 0x2f, 0xc8, 0x66, 0x1e, 0xd7, 0x08, 0xe8,
0xea, 0xde, 0x80, 0x52, 0xee, 0xf7, 0x84, 0xaa, 0x72, 0xac,
0x35, 0x4d, 0x6a, 0x2a, 0x96, 0x1a, 0xd2, 0x71, 0x5a, 0x15,
0x49, 0x74, 0x4b, 0x9f, 0xd0, 0x5e, 0x04, 0x18, 0xa4, 0xec,
0xc2, 0xe0, 0x41, 0x6e, 0x0f, 0x51, 0xcb, 0xcc, 0x24, 0x91,
0xaf, 0x50, 0xa1, 0xf4, 0x70, 0x39, 0x99, 0x7c, 0x3a, 0x85,
0x23, 0xb8, 0xb4, 0x7a, 0xfc, 0x02, 0x36, 0x5b, 0x25, 0x55,
0x97, 0x31, 0x2d, 0x5d, 0xfa, 0x98, 0xe3, 0x8a, 0x92, 0xae,
0x05, 0xdf, 0x29, 0x10, 0x67, 0x6c, 0xba, 0xc9, 0xd3, 0x00,
0xe6, 0xcf, 0xe1, 0x9e, 0xa8, 0x2c, 0x63, 0x16, 0x01, 0x3f,
0x58, 0xe2, 0x89, 0xa9, 0x0d, 0x38, 0x34, 0x1b, 0xab, 0x33,
0xff, 0xb0, 0xbb, 0x48, 0x0c, 0x5f, 0xb9, 0xb1, 0xcd, 0x2e,
0xc5, 0xf3, 0xdb, 0x47, 0xe5, 0xa5, 0x9c, 0x77, 0x0a, 0xa6,
0x20, 0x68, 0xfe, 0x7f, 0xc1, 0xad
};
#if defined(_MSC_VER) && defined(_ARM_)
+2 -3
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2024-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -62,7 +62,6 @@ static int slh_dsa_key_hash_init(SLH_DSA_KEY *key)
key->hash_func = ossl_slh_get_hash_fn(is_shake);
return 1;
err:
slh_dsa_key_hash_cleanup(key);
return 0;
}
@@ -206,7 +205,7 @@ int ossl_slh_dsa_key_equal(const SLH_DSA_KEY *key1, const SLH_DSA_KEY *key2,
if (!key_checked
&& (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
if (key1->has_priv && key2->has_priv) {
if (memcmp(key1->priv, key2->priv,
if (CRYPTO_memcmp(key1->priv, key2->priv,
key1->params->pk_len)
!= 0)
return 0;
+15 -2
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2017-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017-2026 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017 Ribose Inc. All Rights Reserved.
* Ported from Ribose contributions from Botan.
*
@@ -248,12 +248,23 @@ int ossl_sm2_encrypt(const EC_KEY *key,
goto done;
}
ciphertext_leni = i2d_SM2_Ciphertext(&ctext_struct, &ciphertext_buf);
ciphertext_leni = i2d_SM2_Ciphertext(&ctext_struct, NULL);
/* Ensure cast to size_t is safe */
if (ciphertext_leni < 0) {
ERR_raise(ERR_LIB_SM2, ERR_R_INTERNAL_ERROR);
goto done;
}
if (*ciphertext_len < (size_t)ciphertext_leni) {
ERR_raise(ERR_LIB_SM2, SM2_R_BUFFER_TOO_SMALL);
goto done;
}
ciphertext_leni = i2d_SM2_Ciphertext(&ctext_struct, &ciphertext_buf);
if (ciphertext_leni < 0) {
ERR_raise(ERR_LIB_SM2, ERR_R_INTERNAL_ERROR);
goto done;
}
*ciphertext_len = (size_t)ciphertext_leni;
rc = 1;
@@ -266,6 +277,7 @@ int ossl_sm2_encrypt(const EC_KEY *key,
OPENSSL_free(x2y2);
OPENSSL_free(C3);
EVP_MD_CTX_free(hash);
BN_CTX_end(ctx);
BN_CTX_free(ctx);
EC_POINT_free(kG);
EC_POINT_free(kP);
@@ -406,6 +418,7 @@ int ossl_sm2_decrypt(const EC_KEY *key,
OPENSSL_free(x2y2);
OPENSSL_free(computed_C3);
EC_POINT_free(C1);
BN_CTX_end(ctx);
BN_CTX_free(ctx);
SM2_Ciphertext_free(sm2_ctext);
EVP_MD_CTX_free(hash);
+5 -2
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2017-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017-2026 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017 Ribose Inc. All Rights Reserved.
* Ported from Ribose contributions from Botan.
*
@@ -60,6 +60,7 @@ int ossl_sm2_compute_z_digest(uint8_t *out,
goto done;
}
BN_CTX_start(ctx);
p = BN_CTX_get(ctx);
a = BN_CTX_get(ctx);
b = BN_CTX_get(ctx);
@@ -141,6 +142,7 @@ int ossl_sm2_compute_z_digest(uint8_t *out,
done:
OPENSSL_free(buf);
BN_CTX_end(ctx);
BN_CTX_free(ctx);
EVP_MD_CTX_free(hash);
return rc;
@@ -322,6 +324,7 @@ static ECDSA_SIG *sm2_sig_gen(const EC_KEY *key, const BIGNUM *e)
BN_free(s);
}
BN_CTX_end(ctx);
BN_CTX_free(ctx);
EC_POINT_free(kG);
return sig;
@@ -405,8 +408,8 @@ static int sm2_sig_verify(const EC_KEY *key, const ECDSA_SIG *sig,
ret = 1;
done:
BN_CTX_end(ctx);
EC_POINT_free(pt);
BN_CTX_end(ctx);
BN_CTX_free(ctx);
return ret;
}
+15 -15
View File
@@ -73,18 +73,23 @@ void ossl_synchronize_rcu(CRYPTO_RCU_LOCK *lock)
}
}
int ossl_rcu_call(CRYPTO_RCU_LOCK *lock, rcu_cb_fn cb, void *data)
CRYPTO_RCU_CB_ITEM *ossl_rcu_cb_item_new(void)
{
struct rcu_cb_item *new = OPENSSL_zalloc(sizeof(*new));
return OPENSSL_zalloc(sizeof(CRYPTO_RCU_CB_ITEM));
}
if (new == NULL)
return 0;
void ossl_rcu_cb_item_free(CRYPTO_RCU_CB_ITEM *item)
{
OPENSSL_free(item);
}
new->fn = cb;
new->data = data;
new->next = lock->cb_items;
lock->cb_items = new;
return 1;
void ossl_rcu_call(CRYPTO_RCU_LOCK *lock, CRYPTO_RCU_CB_ITEM *item,
rcu_cb_fn cb, void *data)
{
item->fn = cb;
item->data = data;
item->next = lock->cb_items;
lock->cb_items = item;
}
void *ossl_rcu_uptr_deref(void **p)
@@ -162,15 +167,10 @@ struct thread_local_storage_entry {
static struct thread_local_storage_entry thread_local_storage[OPENSSL_CRYPTO_THREAD_LOCAL_KEY_MAX];
int CRYPTO_THREAD_init_local(CRYPTO_THREAD_LOCAL *key, void (*cleanup)(void *))
int ossl_thread_init_local(CRYPTO_THREAD_LOCAL *key, void (*cleanup)(void *))
{
int entry_idx = 0;
#ifndef FIPS_MODULE
if (!ossl_init_thread())
return 0;
#endif
for (entry_idx = 0; entry_idx < OPENSSL_CRYPTO_THREAD_LOCAL_KEY_MAX; entry_idx++) {
if (!thread_local_storage[entry_idx].used)
break;
+17 -19
View File
@@ -501,24 +501,27 @@ void ossl_synchronize_rcu(CRYPTO_RCU_LOCK *lock)
}
}
CRYPTO_RCU_CB_ITEM *ossl_rcu_cb_item_new(void)
{
return OPENSSL_zalloc(sizeof(CRYPTO_RCU_CB_ITEM));
}
void ossl_rcu_cb_item_free(CRYPTO_RCU_CB_ITEM *item)
{
OPENSSL_free(item);
}
/*
* Note: This call assumes its made under the protection of
* ossl_rcu_write_lock
*/
int ossl_rcu_call(CRYPTO_RCU_LOCK *lock, rcu_cb_fn cb, void *data)
void ossl_rcu_call(CRYPTO_RCU_LOCK *lock, CRYPTO_RCU_CB_ITEM *item,
rcu_cb_fn cb, void *data)
{
struct rcu_cb_item *new = OPENSSL_zalloc(sizeof(*new));
if (new == NULL)
return 0;
new->data = data;
new->fn = cb;
new->next = lock->cb_items;
lock->cb_items = new;
return 1;
item->fn = cb;
item->data = data;
item->next = lock->cb_items;
lock->cb_items = item;
}
void *ossl_rcu_uptr_deref(void **p)
@@ -728,14 +731,9 @@ int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void))
return 1;
}
int CRYPTO_THREAD_init_local(CRYPTO_THREAD_LOCAL *key, void (*cleanup)(void *))
int ossl_thread_init_local(CRYPTO_THREAD_LOCAL *key, void (*cleanup)(void *))
{
#ifndef FIPS_MODULE
if (!ossl_init_thread())
return 0;
#endif
if (pthread_key_create(key, cleanup) != 0)
return 0;
+17 -19
View File
@@ -397,23 +397,26 @@ void ossl_synchronize_rcu(CRYPTO_RCU_LOCK *lock)
return;
}
CRYPTO_RCU_CB_ITEM *ossl_rcu_cb_item_new(void)
{
return OPENSSL_zalloc(sizeof(CRYPTO_RCU_CB_ITEM));
}
void ossl_rcu_cb_item_free(CRYPTO_RCU_CB_ITEM *item)
{
OPENSSL_free(item);
}
/*
* Note, must be called under the protection of ossl_rcu_write_lock
*/
int ossl_rcu_call(CRYPTO_RCU_LOCK *lock, rcu_cb_fn cb, void *data)
void ossl_rcu_call(CRYPTO_RCU_LOCK *lock, CRYPTO_RCU_CB_ITEM *item,
rcu_cb_fn cb, void *data)
{
struct rcu_cb_item *new;
new = OPENSSL_zalloc(sizeof(struct rcu_cb_item));
if (new == NULL)
return 0;
new->data = data;
new->fn = cb;
new->next = lock->cb_items;
lock->cb_items = new;
return 1;
item->fn = cb;
item->data = data;
item->next = lock->cb_items;
lock->cb_items = item;
}
void *ossl_rcu_uptr_deref(void **p)
@@ -540,14 +543,9 @@ int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void))
return (*lock == ONCE_DONE);
}
int CRYPTO_THREAD_init_local(CRYPTO_THREAD_LOCAL *key, void (*cleanup)(void *))
int ossl_thread_init_local(CRYPTO_THREAD_LOCAL *key, void (*cleanup)(void *))
{
#ifndef FIPS_MODULE
if (!ossl_init_thread())
return 0;
#endif
*key = TlsAlloc();
if (*key == TLS_OUT_OF_INDEXES)
return 0;
+1 -5
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -48,7 +48,6 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_
continue;
}
if (strcmp(cnf->name, "signTool") == 0) {
ist->signTool = ASN1_UTF8STRING_new();
if (ist->signTool == NULL
|| cnf->value == NULL
|| !ASN1_STRING_set(ist->signTool, cnf->value, strlen(cnf->value))) {
@@ -56,7 +55,6 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_
goto err;
}
} else if (strcmp(cnf->name, "cATool") == 0) {
ist->cATool = ASN1_UTF8STRING_new();
if (ist->cATool == NULL
|| cnf->value == NULL
|| !ASN1_STRING_set(ist->cATool, cnf->value, strlen(cnf->value))) {
@@ -64,7 +62,6 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_
goto err;
}
} else if (strcmp(cnf->name, "signToolCert") == 0) {
ist->signToolCert = ASN1_UTF8STRING_new();
if (ist->signToolCert == NULL
|| cnf->value == NULL
|| !ASN1_STRING_set(ist->signToolCert, cnf->value, strlen(cnf->value))) {
@@ -72,7 +69,6 @@ static ISSUER_SIGN_TOOL *v2i_issuer_sign_tool(X509V3_EXT_METHOD *method, X509V3_
goto err;
}
} else if (strcmp(cnf->name, "cAToolCert") == 0) {
ist->cAToolCert = ASN1_UTF8STRING_new();
if (ist->cAToolCert == NULL
|| cnf->value == NULL
|| !ASN1_STRING_set(ist->cAToolCert, cnf->value, strlen(cnf->value))) {
+11 -89
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -27,102 +27,24 @@ static const unsigned char wrap_key[] = {
/* Unique initialisation vector */
static const unsigned char wrap_iv[] = {
0x99,
0xaa,
0x3e,
0x68,
0xed,
0x81,
0x73,
0xa0,
0xee,
0xd0,
0x66,
0x84,
0x99,
0xaa,
0x3e,
0x68,
0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0,
0x66, 0x84, 0x99, 0xaa, 0x3e, 0x68
};
/* Example plaintext to encrypt */
static const unsigned char wrap_pt[] = {
0xad,
0x4f,
0xc9,
0xfc,
0x77,
0x69,
0xc9,
0xea,
0xfc,
0xdf,
0x00,
0xac,
0x34,
0xec,
0x40,
0xbc,
0x28,
0x3f,
0xa4,
0x5e,
0xd8,
0x99,
0xe4,
0x5d,
0x5e,
0x7a,
0xc4,
0xe6,
0xca,
0x7b,
0xa5,
0xb7,
0xad, 0x4f, 0xc9, 0xfc, 0x77, 0x69, 0xc9, 0xea, 0xfc, 0xdf,
0x00, 0xac, 0x34, 0xec, 0x40, 0xbc, 0x28, 0x3f, 0xa4, 0x5e,
0xd8, 0x99, 0xe4, 0x5d, 0x5e, 0x7a, 0xc4, 0xe6, 0xca, 0x7b,
0xa5, 0xb7
};
/* Expected ciphertext value */
static const unsigned char wrap_ct[] = {
0x97,
0x99,
0x55,
0xca,
0xf6,
0x3e,
0x95,
0x54,
0x39,
0xd6,
0xaf,
0x63,
0xff,
0x2c,
0xe3,
0x96,
0xf7,
0x0d,
0x2c,
0x9c,
0xc7,
0x43,
0xc0,
0xb6,
0x31,
0x43,
0xb9,
0x20,
0xac,
0x6b,
0xd3,
0x67,
0xad,
0x01,
0xaf,
0xa7,
0x32,
0x74,
0x26,
0x92,
0x97, 0x99, 0x55, 0xca, 0xf6, 0x3e, 0x95, 0x54, 0x39, 0xd6,
0xaf, 0x63, 0xff, 0x2c, 0xe3, 0x96, 0xf7, 0x0d, 0x2c, 0x9c,
0xc7, 0x43, 0xc0, 0xb6, 0x31, 0x43, 0xb9, 0x20, 0xac, 0x6b,
0xd3, 0x67, 0xad, 0x01, 0xaf, 0xa7, 0x32, 0x74, 0x26, 0x92
};
/*
+3 -17
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2012-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2012-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -27,22 +27,8 @@ static const unsigned char cbc_key[] = {
/* Unique initialisation vector */
static const unsigned char cbc_iv[] = {
0x99,
0xaa,
0x3e,
0x68,
0xed,
0x81,
0x73,
0xa0,
0xee,
0xd0,
0x66,
0x84,
0x99,
0xaa,
0x3e,
0x68,
0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0,
0x66, 0x84, 0x99, 0xaa, 0x3e, 0x68
};
/* Example plaintext to encrypt */
+8 -65
View File
@@ -1,5 +1,5 @@
/*-
* Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2021-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -62,70 +62,13 @@ static const char *hamlet_2 = "The insolence of Office, and the spurns\n"
/* The known value of the SHA3-512 digest of the above soliloqy */
static const unsigned char known_answer[] = {
0xbb,
0x69,
0xf8,
0x09,
0x9c,
0x2e,
0x00,
0x3d,
0xa4,
0x29,
0x5f,
0x59,
0x4b,
0x89,
0xe4,
0xd9,
0xdb,
0xa2,
0xe5,
0xaf,
0xa5,
0x87,
0x73,
0x9d,
0x83,
0x72,
0xcf,
0xea,
0x84,
0x66,
0xc1,
0xf9,
0xc9,
0x78,
0xef,
0xba,
0x3d,
0xe9,
0xc1,
0xff,
0xa3,
0x75,
0xc7,
0x58,
0x74,
0x8e,
0x9c,
0x1d,
0x14,
0xd9,
0xdd,
0xd1,
0xfd,
0x24,
0x30,
0xd6,
0x81,
0xca,
0x8f,
0x78,
0x29,
0x19,
0x9a,
0xfe,
0xbb, 0x69, 0xf8, 0x09, 0x9c, 0x2e, 0x00, 0x3d, 0xa4, 0x29,
0x5f, 0x59, 0x4b, 0x89, 0xe4, 0xd9, 0xdb, 0xa2, 0xe5, 0xaf,
0xa5, 0x87, 0x73, 0x9d, 0x83, 0x72, 0xcf, 0xea, 0x84, 0x66,
0xc1, 0xf9, 0xc9, 0x78, 0xef, 0xba, 0x3d, 0xe9, 0xc1, 0xff,
0xa3, 0x75, 0xc7, 0x58, 0x74, 0x8e, 0x9c, 0x1d, 0x14, 0xd9,
0xdd, 0xd1, 0xfd, 0x24, 0x30, 0xd6, 0x81, 0xca, 0x8f, 0x78,
0x29, 0x19, 0x9a, 0xfe
};
static int demonstrate_digest(void)
File diff suppressed because it is too large Load Diff
+7 -49
View File
@@ -1,5 +1,5 @@
/*-
* Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -26,38 +26,10 @@
* It is done here solely for educational purposes.
*/
static unsigned char key[] = {
0x6c,
0xde,
0x14,
0xf5,
0xd5,
0x2a,
0x4a,
0xdf,
0x12,
0x39,
0x1e,
0xbf,
0x36,
0xf9,
0x6a,
0x46,
0x48,
0xd0,
0xb6,
0x51,
0x89,
0xfc,
0x24,
0x85,
0xa8,
0x8d,
0xdf,
0x7e,
0x80,
0x14,
0xc8,
0xce,
0x6c, 0xde, 0x14, 0xf5, 0xd5, 0x2a, 0x4a, 0xdf, 0x12, 0x39,
0x1e, 0xbf, 0x36, 0xf9, 0x6a, 0x46, 0x48, 0xd0, 0xb6, 0x51,
0x89, 0xfc, 0x24, 0x85, 0xa8, 0x8d, 0xdf, 0x7e, 0x80, 0x14,
0xc8, 0xce
};
static const unsigned char data[] = "To be, or not to be, that is the question,\n"
@@ -80,22 +52,8 @@ static const unsigned char data[] = "To be, or not to be, that is the question,\
/* The known value of the CMAC/AES256 MAC of the above soliloqy */
static const unsigned char expected_output[] = {
0x67,
0x92,
0x32,
0x23,
0x50,
0x3d,
0xc5,
0xba,
0x78,
0xd4,
0x6d,
0x63,
0xf2,
0x2b,
0xe9,
0x56,
0x67, 0x92, 0x32, 0x23, 0x50, 0x3d, 0xc5, 0xba, 0x78, 0xd4,
0x6d, 0x63, 0xf2, 0x2b, 0xe9, 0x56
};
/*
+15 -129
View File
@@ -1,5 +1,5 @@
/*-
* Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -26,70 +26,13 @@
* It is done here solely for educational purposes.
*/
static unsigned char key[] = {
0x25,
0xfd,
0x12,
0x99,
0xdf,
0xad,
0x1a,
0x03,
0x0a,
0x81,
0x3c,
0x2d,
0xcc,
0x05,
0xd1,
0x5c,
0x17,
0x7a,
0x36,
0x73,
0x17,
0xef,
0x41,
0x75,
0x71,
0x18,
0xe0,
0x1a,
0xda,
0x99,
0xc3,
0x61,
0x38,
0xb5,
0xb1,
0xe0,
0x82,
0x2c,
0x70,
0xa4,
0xc0,
0x8e,
0x5e,
0xf9,
0x93,
0x9f,
0xcf,
0xf7,
0x32,
0x4d,
0x0c,
0xbd,
0x31,
0x12,
0x0f,
0x9a,
0x15,
0xee,
0x82,
0xdb,
0x8d,
0x29,
0x54,
0x14,
0x25, 0xfd, 0x12, 0x99, 0xdf, 0xad, 0x1a, 0x03, 0x0a, 0x81,
0x3c, 0x2d, 0xcc, 0x05, 0xd1, 0x5c, 0x17, 0x7a, 0x36, 0x73,
0x17, 0xef, 0x41, 0x75, 0x71, 0x18, 0xe0, 0x1a, 0xda, 0x99,
0xc3, 0x61, 0x38, 0xb5, 0xb1, 0xe0, 0x82, 0x2c, 0x70, 0xa4,
0xc0, 0x8e, 0x5e, 0xf9, 0x93, 0x9f, 0xcf, 0xf7, 0x32, 0x4d,
0x0c, 0xbd, 0x31, 0x12, 0x0f, 0x9a, 0x15, 0xee, 0x82, 0xdb,
0x8d, 0x29, 0x54, 0x14
};
static const unsigned char data[] = "To be, or not to be, that is the question,\n"
@@ -112,70 +55,13 @@ static const unsigned char data[] = "To be, or not to be, that is the question,\
/* The known value of the HMAC/SHA3-512 MAC of the above soliloqy */
static const unsigned char expected_output[] = {
0x3b,
0x77,
0x5f,
0xf1,
0x4f,
0x9e,
0xb9,
0x23,
0x8f,
0xdc,
0xa0,
0x68,
0x15,
0x7b,
0x8a,
0xf1,
0x96,
0x23,
0xaa,
0x3c,
0x1f,
0xe9,
0xdc,
0x89,
0x11,
0x7d,
0x58,
0x07,
0xe7,
0x96,
0x17,
0xe3,
0x44,
0x8b,
0x03,
0x37,
0x91,
0xc0,
0x6e,
0x06,
0x7c,
0x54,
0xe4,
0xa4,
0xcc,
0xd5,
0x16,
0xbb,
0x5e,
0x4d,
0x64,
0x7d,
0x88,
0x23,
0xc9,
0xb7,
0x25,
0xda,
0xbe,
0x4b,
0xe4,
0xd5,
0x34,
0x30,
0x3b, 0x77, 0x5f, 0xf1, 0x4f, 0x9e, 0xb9, 0x23, 0x8f, 0xdc,
0xa0, 0x68, 0x15, 0x7b, 0x8a, 0xf1, 0x96, 0x23, 0xaa, 0x3c,
0x1f, 0xe9, 0xdc, 0x89, 0x11, 0x7d, 0x58, 0x07, 0xe7, 0x96,
0x17, 0xe3, 0x44, 0x8b, 0x03, 0x37, 0x91, 0xc0, 0x6e, 0x06,
0x7c, 0x54, 0xe4, 0xa4, 0xcc, 0xd5, 0x16, 0xbb, 0x5e, 0x4d,
0x64, 0x7d, 0x88, 0x23, 0xc9, 0xb7, 0x25, 0xda, 0xbe, 0x4b,
0xe4, 0xd5, 0x34, 0x30
};
/*
@@ -1,5 +1,5 @@
/*-
* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2021-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,707 +9,79 @@
/* Signers private EC key */
static const unsigned char priv_key_der[] = {
0x30,
0x82,
0x01,
0x68,
0x02,
0x01,
0x01,
0x04,
0x20,
0x51,
0x77,
0xae,
0xf4,
0x18,
0xf4,
0x6b,
0xc4,
0xe5,
0xbb,
0xe9,
0xe6,
0x9e,
0x6d,
0xb0,
0xea,
0x12,
0xf9,
0xf3,
0xdb,
0x9d,
0x56,
0x59,
0xf7,
0x5a,
0x17,
0xd7,
0xd1,
0xe4,
0xd7,
0x47,
0x28,
0xa0,
0x81,
0xfa,
0x30,
0x81,
0xf7,
0x02,
0x01,
0x01,
0x30,
0x2c,
0x06,
0x07,
0x2a,
0x86,
0x48,
0xce,
0x3d,
0x01,
0x01,
0x02,
0x21,
0x00,
0xff,
0xff,
0xff,
0xff,
0x00,
0x00,
0x00,
0x01,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0x30,
0x5b,
0x04,
0x20,
0xff,
0xff,
0xff,
0xff,
0x00,
0x00,
0x00,
0x01,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xfc,
0x04,
0x20,
0x5a,
0xc6,
0x35,
0xd8,
0xaa,
0x3a,
0x93,
0xe7,
0xb3,
0xeb,
0xbd,
0x55,
0x76,
0x98,
0x86,
0xbc,
0x65,
0x1d,
0x06,
0xb0,
0xcc,
0x53,
0xb0,
0xf6,
0x3b,
0xce,
0x3c,
0x3e,
0x27,
0xd2,
0x60,
0x4b,
0x03,
0x15,
0x00,
0xc4,
0x9d,
0x36,
0x08,
0x86,
0xe7,
0x04,
0x93,
0x6a,
0x66,
0x78,
0xe1,
0x13,
0x9d,
0x26,
0xb7,
0x81,
0x9f,
0x7e,
0x90,
0x04,
0x41,
0x04,
0x6b,
0x17,
0xd1,
0xf2,
0xe1,
0x2c,
0x42,
0x47,
0xf8,
0xbc,
0xe6,
0xe5,
0x63,
0xa4,
0x40,
0xf2,
0x77,
0x03,
0x7d,
0x81,
0x2d,
0xeb,
0x33,
0xa0,
0xf4,
0xa1,
0x39,
0x45,
0xd8,
0x98,
0xc2,
0x96,
0x4f,
0xe3,
0x42,
0xe2,
0xfe,
0x1a,
0x7f,
0x9b,
0x8e,
0xe7,
0xeb,
0x4a,
0x7c,
0x0f,
0x9e,
0x16,
0x2b,
0xce,
0x33,
0x57,
0x6b,
0x31,
0x5e,
0xce,
0xcb,
0xb6,
0x40,
0x68,
0x37,
0xbf,
0x51,
0xf5,
0x02,
0x21,
0x00,
0xff,
0xff,
0xff,
0xff,
0x00,
0x00,
0x00,
0x00,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xbc,
0xe6,
0xfa,
0xad,
0xa7,
0x17,
0x9e,
0x84,
0xf3,
0xb9,
0xca,
0xc2,
0xfc,
0x63,
0x25,
0x51,
0x02,
0x01,
0x01,
0xa1,
0x44,
0x03,
0x42,
0x00,
0x04,
0x4f,
0xe7,
0x7b,
0xb6,
0xbb,
0x54,
0x42,
0x39,
0xed,
0x5d,
0xe5,
0x40,
0xc8,
0xd8,
0x71,
0xca,
0x6d,
0x83,
0x71,
0xd1,
0x88,
0x2a,
0x65,
0x00,
0x6c,
0xc6,
0x2f,
0x01,
0x31,
0x49,
0xbe,
0x76,
0x7a,
0x67,
0x6a,
0x28,
0x33,
0xc7,
0x5b,
0xb9,
0x24,
0x45,
0x24,
0x6e,
0xf0,
0x6d,
0x2f,
0x34,
0x06,
0x53,
0x73,
0x6a,
0xff,
0x90,
0x90,
0xc1,
0x6d,
0x9b,
0x94,
0x0d,
0x0e,
0x1f,
0x95,
0x65,
0x30, 0x82, 0x01, 0x68, 0x02, 0x01, 0x01, 0x04, 0x20, 0x51,
0x77, 0xae, 0xf4, 0x18, 0xf4, 0x6b, 0xc4, 0xe5, 0xbb, 0xe9,
0xe6, 0x9e, 0x6d, 0xb0, 0xea, 0x12, 0xf9, 0xf3, 0xdb, 0x9d,
0x56, 0x59, 0xf7, 0x5a, 0x17, 0xd7, 0xd1, 0xe4, 0xd7, 0x47,
0x28, 0xa0, 0x81, 0xfa, 0x30, 0x81, 0xf7, 0x02, 0x01, 0x01,
0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01,
0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00,
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x30, 0x5b, 0x04, 0x20,
0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xfc, 0x04, 0x20, 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a,
0x93, 0xe7, 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6, 0x3b, 0xce,
0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b, 0x03, 0x15, 0x00, 0xc4,
0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93, 0x6a, 0x66, 0x78,
0xe1, 0x13, 0x9d, 0x26, 0xb7, 0x81, 0x9f, 0x7e, 0x90, 0x04,
0x41, 0x04, 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03,
0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, 0x45,
0xd8, 0x98, 0xc2, 0x96, 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a,
0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6,
0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5, 0x02, 0x21, 0x00, 0xff,
0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7,
0x17, 0x9e, 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25,
0x51, 0x02, 0x01, 0x01, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04,
0x4f, 0xe7, 0x7b, 0xb6, 0xbb, 0x54, 0x42, 0x39, 0xed, 0x5d,
0xe5, 0x40, 0xc8, 0xd8, 0x71, 0xca, 0x6d, 0x83, 0x71, 0xd1,
0x88, 0x2a, 0x65, 0x00, 0x6c, 0xc6, 0x2f, 0x01, 0x31, 0x49,
0xbe, 0x76, 0x7a, 0x67, 0x6a, 0x28, 0x33, 0xc7, 0x5b, 0xb9,
0x24, 0x45, 0x24, 0x6e, 0xf0, 0x6d, 0x2f, 0x34, 0x06, 0x53,
0x73, 0x6a, 0xff, 0x90, 0x90, 0xc1, 0x6d, 0x9b, 0x94, 0x0d,
0x0e, 0x1f, 0x95, 0x65
};
/* The matching public key used for verifying */
static const unsigned char pub_key_der[] = {
0x30,
0x82,
0x01,
0x4b,
0x30,
0x82,
0x01,
0x03,
0x06,
0x07,
0x2a,
0x86,
0x48,
0xce,
0x3d,
0x02,
0x01,
0x30,
0x81,
0xf7,
0x02,
0x01,
0x01,
0x30,
0x2c,
0x06,
0x07,
0x2a,
0x86,
0x48,
0xce,
0x3d,
0x01,
0x01,
0x02,
0x21,
0x00,
0xff,
0xff,
0xff,
0xff,
0x00,
0x00,
0x00,
0x01,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0x30,
0x5b,
0x04,
0x20,
0xff,
0xff,
0xff,
0xff,
0x00,
0x00,
0x00,
0x01,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0x00,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xfc,
0x04,
0x20,
0x5a,
0xc6,
0x35,
0xd8,
0xaa,
0x3a,
0x93,
0xe7,
0xb3,
0xeb,
0xbd,
0x55,
0x76,
0x98,
0x86,
0xbc,
0x65,
0x1d,
0x06,
0xb0,
0xcc,
0x53,
0xb0,
0xf6,
0x3b,
0xce,
0x3c,
0x3e,
0x27,
0xd2,
0x60,
0x4b,
0x03,
0x15,
0x00,
0xc4,
0x9d,
0x36,
0x08,
0x86,
0xe7,
0x04,
0x93,
0x6a,
0x66,
0x78,
0xe1,
0x13,
0x9d,
0x26,
0xb7,
0x81,
0x9f,
0x7e,
0x90,
0x04,
0x41,
0x04,
0x6b,
0x17,
0xd1,
0xf2,
0xe1,
0x2c,
0x42,
0x47,
0xf8,
0xbc,
0xe6,
0xe5,
0x63,
0xa4,
0x40,
0xf2,
0x77,
0x03,
0x7d,
0x81,
0x2d,
0xeb,
0x33,
0xa0,
0xf4,
0xa1,
0x39,
0x45,
0xd8,
0x98,
0xc2,
0x96,
0x4f,
0xe3,
0x42,
0xe2,
0xfe,
0x1a,
0x7f,
0x9b,
0x8e,
0xe7,
0xeb,
0x4a,
0x7c,
0x0f,
0x9e,
0x16,
0x2b,
0xce,
0x33,
0x57,
0x6b,
0x31,
0x5e,
0xce,
0xcb,
0xb6,
0x40,
0x68,
0x37,
0xbf,
0x51,
0xf5,
0x02,
0x21,
0x00,
0xff,
0xff,
0xff,
0xff,
0x00,
0x00,
0x00,
0x00,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xff,
0xbc,
0xe6,
0xfa,
0xad,
0xa7,
0x17,
0x9e,
0x84,
0xf3,
0xb9,
0xca,
0xc2,
0xfc,
0x63,
0x25,
0x51,
0x02,
0x01,
0x01,
0x03,
0x42,
0x00,
0x04,
0x4f,
0xe7,
0x7b,
0xb6,
0xbb,
0x54,
0x42,
0x39,
0xed,
0x5d,
0xe5,
0x40,
0xc8,
0xd8,
0x71,
0xca,
0x6d,
0x83,
0x71,
0xd1,
0x88,
0x2a,
0x65,
0x00,
0x6c,
0xc6,
0x2f,
0x01,
0x31,
0x49,
0xbe,
0x76,
0x7a,
0x67,
0x6a,
0x28,
0x33,
0xc7,
0x5b,
0xb9,
0x24,
0x45,
0x24,
0x6e,
0xf0,
0x6d,
0x2f,
0x34,
0x06,
0x53,
0x73,
0x6a,
0xff,
0x90,
0x90,
0xc1,
0x6d,
0x9b,
0x94,
0x0d,
0x0e,
0x1f,
0x95,
0x65,
0x30, 0x82, 0x01, 0x4b, 0x30, 0x82, 0x01, 0x03, 0x06, 0x07,
0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x30, 0x81, 0xf7,
0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff,
0xff, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x30,
0x5b, 0x04, 0x20, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xfc, 0x04, 0x20, 0x5a, 0xc6, 0x35,
0xd8, 0xaa, 0x3a, 0x93, 0xe7, 0xb3, 0xeb, 0xbd, 0x55, 0x76,
0x98, 0x86, 0xbc, 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0,
0xf6, 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b, 0x03,
0x15, 0x00, 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7, 0x81, 0x9f,
0x7e, 0x90, 0x04, 0x41, 0x04, 0x6b, 0x17, 0xd1, 0xf2, 0xe1,
0x2c, 0x42, 0x47, 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40,
0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0, 0xf4,
0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96, 0x4f, 0xe3, 0x42,
0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a, 0x7c,
0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e,
0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5, 0x02,
0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbc, 0xe6,
0xfa, 0xad, 0xa7, 0x17, 0x9e, 0x84, 0xf3, 0xb9, 0xca, 0xc2,
0xfc, 0x63, 0x25, 0x51, 0x02, 0x01, 0x01, 0x03, 0x42, 0x00,
0x04, 0x4f, 0xe7, 0x7b, 0xb6, 0xbb, 0x54, 0x42, 0x39, 0xed,
0x5d, 0xe5, 0x40, 0xc8, 0xd8, 0x71, 0xca, 0x6d, 0x83, 0x71,
0xd1, 0x88, 0x2a, 0x65, 0x00, 0x6c, 0xc6, 0x2f, 0x01, 0x31,
0x49, 0xbe, 0x76, 0x7a, 0x67, 0x6a, 0x28, 0x33, 0xc7, 0x5b,
0xb9, 0x24, 0x45, 0x24, 0x6e, 0xf0, 0x6d, 0x2f, 0x34, 0x06,
0x53, 0x73, 0x6a, 0xff, 0x90, 0x90, 0xc1, 0x6d, 0x9b, 0x94,
0x0d, 0x0e, 0x1f, 0x95, 0x65
};
+3
View File
@@ -13,6 +13,9 @@ The following is the list of fingerprints for the keys that are
currently in use to sign OpenSSL distributions:
OpenSSL:
B146 647E 45A7 B339 47AB 226B 2A2C 87D1 6169 2D40
OpenSSL (old keys):
BA54 73A2 B058 7B07 FB27 CF2D 2160 94DF D0CB 81EF
Richard Levitte:
@@ -6,6 +6,7 @@ ossl_rcu_lock_new,
ossl_rcu_lock_free, ossl_rcu_read_lock,
ossl_rcu_read_unlock, ossl_rcu_write_lock,
ossl_rcu_write_unlock, ossl_synchronize_rcu,
ossl_rcu_cb_item_new, ossl_rcu_cb_item_free,
ossl_rcu_call, ossl_rcu_deref,
ossl_rcu_assign_ptr, ossl_rcu_uptr_deref,
ossl_rcu_assign_uptr
@@ -19,7 +20,10 @@ ossl_rcu_assign_uptr
void ossl_rcu_write_unlock(CRYPTO_RCU_LOCK *lock);
void ossl_rcu_read_unlock(CRYPTO_RCU_LOCK *lock);
void ossl_synchronize_rcu(CRYPTO_RCU_LOCK *lock);
void ossl_rcu_call(CRYPTO_RCU_LOCK *lock, rcu_cb_fn cb, void *data);
CRYPTO_RCU_CB_ITEM *ossl_rcu_cb_item_new(void);
void ossl_rcu_cb_item_free(CRYPTO_RCU_CB_ITEM *item);
void ossl_rcu_call(CRYPTO_RCU_LOCK *lock, CRYPTO_RCU_CB_ITEM *item,
rcu_cb_fn cb, void *data);
void *ossl_rcu_deref(void **p);
void ossl_rcu_uptr_deref(void **p);
void ossl_rcu_assign_ptr(void **p, void **v);
@@ -96,10 +100,29 @@ the write side thread is safe to free.
=item *
ossl_rcu_call() enqueues a callback function to the lock, to be called
when the next synchronization completes. Note: It is not guaranteed that the
thread which enqueued the callback will be the thread which executes the
callback
ossl_rcu_cb_item_new() allocates a callback item suitable for use with
ossl_rcu_call(). Returns NULL on allocation failure. The item is owned by
the caller until it is passed to ossl_rcu_call(), at which point ownership
transfers to the lock and the item must not be touched again by the caller.
=item *
ossl_rcu_cb_item_free() frees a callback item that was allocated by
ossl_rcu_cb_item_new() but never passed to ossl_rcu_call(). Use this to
release the item on the failure path of an operation that decided not to
publish its update.
=item *
ossl_rcu_call() enqueues a callback function I<cb> to the lock, to be
called with I<data> when the next synchronization completes. The caller
must provide a callback item I<item> previously obtained from
ossl_rcu_cb_item_new(). After this call the lock owns the item and will
free it after invoking the callback. This function does not allocate and
cannot fail, which lets callers allocate the item before performing any
publish (assign_ptr) and bail cleanly if allocation fails. Note: it is
not guaranteed that the thread which enqueued the callback will be the
thread which executes the callback.
=item *
@@ -121,6 +144,9 @@ ossl_rcu_lock_free() frees an allocated RCU lock
ossl_rcu_lock_new() returns a pointer to a newly created RCU lock structure.
ossl_rcu_cb_item_new() returns a pointer to a newly created callback item,
or NULL on allocation failure.
ossl_rcu_deref() and ossl_rcu_uptr_deref() return the value pointed
to by the passed in value v.
@@ -152,7 +178,7 @@ This example safely initializes and uses a lock.
static void myinit(void)
{
lock = ossl_rcu_lock_new(1);
lock = ossl_rcu_lock_new(1, NULL);
}
static int initlock(void)
@@ -162,10 +188,16 @@ This example safely initializes and uses a lock.
return 1;
}
static void writer_thread()
static void free_old_foo(void *data)
{
OPENSSL_free(data);
}
static int writer_thread(void)
{
struct foo *newfoo;
struct foo *oldfoo;
CRYPTO_RCU_CB_ITEM *cbi;
initlock();
@@ -177,48 +209,60 @@ This example safely initializes and uses a lock.
* 1) create a new shared object
*/
newfoo = OPENSSL_zalloc(sizeof(struct foo));
if (newfoo == NULL)
return 0;
/*
* acquire the write side lock
* 2) Pre allocate the rcu callback item before any publish.
*/
cbi = ossl_rcu_cb_item_new();
if (cbi == NULL) {
OPENSSL_free(newfoo);
return 0;
}
/*
* 3) acquire the write side lock
*/
ossl_rcu_write_lock(lock);
/*
* 2) read the old pointer
* 4) read the old pointer
*/
oldfoo = ossl_rcu_deref(&fooptr);
/*
* 3) Copy the old pointer to the new object, and
* 5) Copy the old pointer to the new object, and
* make any needed adjustments
*/
memcpy(newfoo, oldfoo, sizeof(struct foo));
newfoo->aval++;
/*
* 4) Update the shared pointer to the new value
* 6) Update the shared pointer to the new value
*/
ossl_rcu_assign_ptr(&fooptr, &newfoo);
/*
* 5) Release the write side lock
* 7) Schedule the old pointer to be freed when readers are done.
*/
ossl_rcu_call(lock, cbi, free_old_foo, oldfoo);
/*
* 8) Release the write side lock
*/
ossl_rcu_write_unlock(lock);
/*
* 6) wait for any read side holds on the old data
* to be released
* 9) wait for any read side holds on the old data
* to be released, after which free_old_foo will run
*/
ossl_synchronize_rcu(lock);
/*
* 7) free the old pointer, now that there are no
* further readers
*/
OPENSSL_free(oldfoo);
return 1;
}
static void reader_thread()
static void reader_thread(void)
{
struct foo *myfoo = NULL;
int a;
@@ -249,7 +293,7 @@ L<crypto(7)>, L<openssl-threads(7)>.
=head1 COPYRIGHT
Copyright 2023-2024 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2023-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
+2 -2
View File
@@ -74,7 +74,7 @@ is included.
=item B<-traditional>
When this option is present and B<-topk8> is not a traditional format private
When this option is present and B<-topk8> is not, a traditional format private
key is written.
=item B<-in> I<filename>
@@ -289,7 +289,7 @@ The B<-engine> option was deprecated in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
@@ -49,8 +49,8 @@ directories to be set up like this in order to find certificates.
If any directories are named on the command line, then those are
processed in turn. If not, then the B<SSL_CERT_DIR> environment variable
is consulted; this should be a colon-separated list of directories,
like the Unix B<PATH> variable.
is consulted; this should be a colon-separated list of directories
(or semicolon-separated on Windows), like the B<PATH> variable.
If that is not set then the default directory (installation-specific
but often F</usr/local/ssl/certs>) is processed.
@@ -149,7 +149,7 @@ L<openssl-x509(1)>
=head1 COPYRIGHT
Copyright 2015-2025 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2015-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
@@ -323,6 +323,12 @@ see L<openssl-verify(1)> for more information.
The URI of a store containing trusted certificates to use
for verifying the server's certificate.
When any of B<-verifyCAfile>, B<-verifyCApath>, or B<-verifyCAstore> is
specified, they are loaded into a separate verification store (via
L<SSL_CTX_set1_verify_cert_store(3)>) and used for server certificate
verification instead of the store built from B<-CAfile>, B<-CApath>, and
B<-CAstore>.
=item B<-chainCAfile> I<file>
A file in PEM format containing trusted certificates to use
@@ -680,9 +686,6 @@ The I<protocols> list is a comma-separated list of protocol names that
the client should advertise support for. The list should contain the most
desirable protocols first. Protocol names are printable ASCII strings,
for example "http/1.1" or "spdy/3".
An empty list of protocols is treated specially and will cause the
client to advertise support for the TLS extension but disconnect just
after receiving ServerHello with a list of server supported protocols.
The flag B<-nextprotoneg> cannot be specified if B<-tls1_3> is used.
=item B<-ct>, B<-noct>
@@ -1025,7 +1028,7 @@ options were added in OpenSSL 3.2.
=head1 COPYRIGHT
Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
@@ -334,8 +334,8 @@ Download CRLs from distribution points given in CDP extensions of certificates
=item B<-verifyCAfile> I<filename>
A file in PEM format CA containing trusted certificates to use
for verifying client certificates.
A file in PEM format containing trusted CA certificates (root and/or
intermediate) used to verify the client certificate chain.
=item B<-verifyCApath> I<dir>
@@ -349,6 +349,15 @@ see L<openssl-verify(1)> for more information.
The URI of a store containing trusted certificates to use
for verifying client certificates.
When any of B<-verifyCAfile>, B<-verifyCApath>, or B<-verifyCAstore> is
specified, they are loaded into a separate verification store (via
L<SSL_CTX_set1_verify_cert_store(3)>) and used for client certificate
verification instead of the store built from B<-CAfile>, B<-CApath>, and
B<-CAstore>. Note that B<-CAfile> is the sole source of acceptable issuing
CA names sent to the client in the Certificate Request message during the
handshake; B<-CApath>, B<-CAstore>, and the B<-verifyCA*> options do not
contribute to this list.
=item B<-chainCAfile> I<file>
A file in PEM format containing trusted certificates to use
@@ -763,6 +772,10 @@ has been negotiated, and early data is enabled on the server. A full handshake
is forced if a session ticket is used a second or subsequent time. Any early
data that was sent will be rejected.
Note that the server manages an internal cache of session tickets. If a client
closes the connection without sending the close_notify alert, the
corresponding session ticket is removed and a full handshake is forced.
=item B<-tfo>
Enable acceptance of TCP Fast Open (RFC7413) connections.
@@ -927,7 +940,7 @@ options were added in OpenSSL 3.2.
=head1 COPYRIGHT
Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
+4 -3
View File
@@ -54,8 +54,9 @@ I<recipcert> ...
=head1 DESCRIPTION
This command handles S/MIME mail. It can encrypt, decrypt, sign
and verify S/MIME messages.
This command handles S/MIME according to RFC 2311 (1998) with no CMS support.
It can encrypt, decrypt, sign and verify S/MIME 2.0 messages. For newer messages
use the OpenSSL CMS tool.
=head1 OPTIONS
@@ -479,7 +480,7 @@ The B<-engine> option was deprecated in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
+81 -2
View File
@@ -5,7 +5,8 @@
BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr,
BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair,
BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request,
BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO
BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request,
BIO_nread0, BIO_nread, BIO_nwrite0, BIO_nwrite - BIO pair BIO
=head1 SYNOPSIS
@@ -28,6 +29,11 @@ BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO
size_t BIO_ctrl_get_read_request(BIO *b);
int BIO_ctrl_reset_read_request(BIO *b);
int BIO_nread0(BIO *bio, char **buf);
int BIO_nread(BIO *bio, char **buf, int num);
int BIO_nwrite0(BIO *bio, char **buf);
int BIO_nwrite(BIO *bio, char **buf, int num);
=head1 DESCRIPTION
BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink
@@ -98,6 +104,44 @@ than that returned by BIO_get_write_guarantee().
BIO_ctrl_reset_read_request() can also be used to reset the value returned by
BIO_get_read_request() to zero.
=head2 Non-copying Interface
BIO_nread0(), BIO_nread(), BIO_nwrite0(), and BIO_nwrite() provide a non-copying
interface for reading from and writing to BIO pairs. These functions allow
direct access to the internal buffer, avoiding the overhead of copying data.
BIO_nread0() returns in B<*buf> a pointer to the start of the available data
in the peer's write buffer and returns the number of bytes available.
This allows reading directly from the buffer without copying.
It does not consume the data; a subsequent call to BIO_nread() is needed
to advance the buffer position.
BIO_nread() is similar to BIO_nread0() but also advances the read position
by up to B<num> bytes. The actual number of bytes consumed is returned.
The B<*buf> pointer is set to the start of the data that was consumed.
Since the data is considered consumed after this call, the pointer returned
by BIO_nread() should not be used afterwards unless the caller also
controls the writing side. The typical pattern is to call BIO_nread0() first,
use the data, and then call BIO_nread() to consume it.
BIO_nwrite0() returns in B<*buf> a pointer to the start of the available
space in the write buffer and returns the number of bytes that can be written.
This allows writing directly to the buffer without copying.
It does not commit the data; a subsequent call to BIO_nwrite() is needed
to update the buffer length.
BIO_nwrite() is similar to BIO_nwrite0() but also commits up to B<num> bytes
as written. The actual number of bytes committed is returned.
The B<*buf> pointer is set to the start of the region that was committed.
BIO_nwrite() should only be called after the data has actually been written
to the buffer obtained from BIO_nwrite0(), since committing signals data
availability to the reading side.
Note that due to the ring buffer implementation, if wrapping around would be
required, BIO_nread0() and BIO_nwrite0() may return less than the total
available space. In such cases, a second call may be needed to access the
remaining data or space.
=head1 NOTES
Both halves of a BIO pair should be freed. That is even if one half is implicit
@@ -133,6 +177,17 @@ locations for B<bio1> and B<bio2>. Check the error stack for more information.
[XXXXX: More return values need to be added here]
BIO_nread0() returns the number of bytes available for reading, 0 if the peer
has closed and no data remains (EOF), or -1 if no data is currently available
(retry may be appropriate). If the BIO is not initialized, -2 is returned.
BIO_nwrite0() returns the number of bytes of space available for writing, or -1
if no space is currently available (retry may be appropriate) or the BIO has
been closed. If the BIO is not initialized, -2 is returned.
BIO_nread() and BIO_nwrite() return the number of bytes consumed or committed
respectively, or the same error values as BIO_nread0() and BIO_nwrite0().
=head1 EXAMPLES
The BIO pair can be used to have full control over the network access of an
@@ -176,6 +231,30 @@ and must be transferred to the network. Use BIO_ctrl_get_read_request() to
find out, how many bytes must be written into the buffer before the
SSL_operation() can successfully be continued.
A typical usage pattern for the non-copying write interface is:
int ret;
char *buf;
ret = BIO_nwrite0(bio, &buf);
if (ret > 0) {
/* write up to 'ret' bytes directly to 'buf' */
memcpy(buf, data, len);
BIO_nwrite(bio, &buf, len); /* commit the write */
}
A typical usage pattern for the non-copying read interface is:
int ret;
char *buf;
ret = BIO_nread0(bio, &buf);
if (ret > 0) {
/* read up to 'ret' bytes directly from 'buf' */
process_data(buf, ret);
BIO_nread(bio, &buf, ret); /* consume the data */
}
=head1 WARNINGS
As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ
@@ -191,7 +270,7 @@ L<BIO_should_retry(3)>, L<BIO_read_ex(3)>
=head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
+5 -3
View File
@@ -108,8 +108,10 @@ BN_gcd() computes the greatest common divisor of I<a> and I<b> and
places the result in I<r>. I<r> may be the same B<BIGNUM> as I<a> or
I<b>.
For all functions, I<ctx> is a previously allocated B<BN_CTX> used for
temporary variables; see L<BN_CTX_new(3)>.
For all functions that take a I<ctx> parameter, it must be a previously
allocated B<BN_CTX> used for temporary variables; see L<BN_CTX_new(3)>.
Unless stated otherwise in the documentation for a specific function,
the I<ctx> parameter must not be NULL.
Unless noted otherwise, the result B<BIGNUM> must be different from
the arguments.
@@ -135,7 +137,7 @@ L<BN_add_word(3)>, L<BN_set_bit(3)>
=head1 COPYRIGHT
Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
+1 -1
View File
@@ -112,7 +112,7 @@ were added in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2008-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
+2 -1
View File
@@ -413,7 +413,8 @@ encrypted data.
For most ciphers and modes, the amount of data written can be anything
from zero bytes to (inl + cipher_block_size - 1) bytes.
For wrap cipher modes, the amount of data written can be anything
from zero bytes to (inl + cipher_block_size) bytes.
from zero bytes to (inl rounded up to cipher_block_size + cipher_block_size)
bytes.
For stream ciphers, the amount of data written can be anything from zero
bytes to inl bytes.
Thus, the buffer pointed to by I<out> must contain sufficient room for the
@@ -86,9 +86,12 @@ For backward compatibility, I<path> may begin with C<http://> and thus convey
an absoluteURI. In this case it indicates HTTP proxy use and provides also the
server (and optionally the port) that the proxy shall forward the request to.
In this case the I<server> and I<port> arguments must be NULL.
The I<server>, I<port>, and I<path> arguments must not contain CR or LF
characters.
OSSL_HTTP_REQ_CTX_add1_header() adds header I<name> with value I<value> to the
context I<rctx>. It can be called more than once to add multiple header lines.
The I<name> and I<value> arguments must not contain CR or LF characters.
For example, to add a C<Host> header for C<example.com> you would call:
OSSL_HTTP_REQ_CTX_add1_header(ctx, "Host", "example.com");
@@ -143,6 +146,7 @@ The HTTP header C<Content-Length> is filled out with the length of the request.
I<content_type> must be NULL if I<req> is NULL.
If I<content_type> isn't NULL,
the HTTP header C<Content-Type> is also added with the given string value.
The I<content_type> argument must not contain CR or LF characters.
The header lines are added to the internal memory B<BIO> for the request header.
OSSL_HTTP_REQ_CTX_nbio() attempts to send the request prepared in I<rctx>
@@ -299,7 +303,7 @@ All other functions described here were added in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2015-2025 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2015-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
@@ -32,7 +32,9 @@ see L<openssl_user_macros(7)>:
=head1 DESCRIPTION
OSSL_HTTP_adapt_proxy() takes an optional proxy hostname I<proxy>
OSSL_HTTP_adapt_proxy() determines whether a proxy should be used
when connecting to the given I<server>.
It takes an optional proxy hostname I<proxy>
and returns it transformed according to the optional I<no_proxy> parameter,
I<server>, I<use_ssl>, and the applicable environment variable, as follows.
If I<proxy> is NULL, take any default value from the C<http_proxy>
@@ -40,11 +42,13 @@ environment variable, or from C<https_proxy> if I<use_ssl> is nonzero.
If this still does not yield a proxy hostname,
take any further default value from the C<HTTP_PROXY>
environment variable, or from C<HTTPS_PROXY> if I<use_ssl> is nonzero.
If I<no_proxy> is NULL, take any default exclusion value from the C<no_proxy>
environment variable, or else from C<NO_PROXY>.
Return the determined proxy host unless the exclusion value,
which is a list of proxy hosts separated by C<,> and/or whitespace,
contains I<server>.
Return the determined proxy host if I<server> is the empty string
or I<server> is not in the exclusion list.
The exclusion list is a list of server hosts separated by C<,>
and/or whitespace.
They may be given via the I<no_proxy> parameter.
If it is NULL, the exclusion list is taken from the C<no_proxy>
environment variable if set, otherwise from C<NO_PROXY>.
Otherwise return NULL.
When I<server> is a string delimited by C<[> and C<]>, which are used for IPv6
addresses, the enclosing C<[> and C<]> are stripped prior to comparison.
@@ -102,7 +106,7 @@ OCSP_parse_url() was deprecated in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
@@ -158,6 +158,7 @@ pre-established with a TLS proxy using the HTTP CONNECT method,
optionally using proxy client credentials I<proxyuser> and I<proxypass>,
to connect with TLS protection ultimately to I<server> and I<port>.
If the I<port> argument is NULL or the empty string it defaults to "443".
The I<server> and I<port> arguments must not contain CR or LF characters.
If the I<timeout> parameter is > 0 this indicates the maximum number of
seconds the connection setup is allowed to take.
A value <= 0 enables waiting indefinitely, i.e., no timeout.
@@ -178,6 +179,8 @@ else HTTP POST with the contents of I<req> and optional I<content_type>, where
the length of the data in I<req> does not need to be determined in advance: the
BIO will be read on-the-fly while sending the request, which supports streaming.
The optional list I<headers> may contain additional custom HTTP header lines.
The I<path>, I<headers> names and values, and I<content_type> must not contain
CR or LF characters.
The I<max_resp_len> parameter specifies the maximum allowed
response content length, where the value 0 indicates no limit.
For the meaning of the I<expected_content_type>, I<expect_asn1>, I<timeout>,
@@ -275,7 +278,7 @@ All the functions described here were added in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
+1 -4
View File
@@ -46,16 +46,13 @@ The error can be obtained from ERR_get_error(3)
PKCS7_decrypt() must be passed the correct recipient key and certificate. It would
be better if it could look up the correct key and certificate from a database.
The lack of single pass processing and need to hold all data in memory as
mentioned in PKCS7_sign() also applies to PKCS7_verify().
=head1 SEE ALSO
L<ERR_get_error(3)>, L<PKCS7_encrypt(3)>, L<EVP_PKEY_decrypt(3)>
=head1 COPYRIGHT
Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2002-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
@@ -8,8 +8,8 @@ SSL_CTX_set_session_cache_mode, SSL_CTX_get_session_cache_mode - enable/disable
#include <openssl/ssl.h>
long SSL_CTX_set_session_cache_mode(SSL_CTX ctx, long mode);
long SSL_CTX_get_session_cache_mode(SSL_CTX ctx);
long SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, long mode);
long SSL_CTX_get_session_cache_mode(SSL_CTX *ctx);
=head1 DESCRIPTION
@@ -136,7 +136,7 @@ L<SSL_CTX_flush_sessions(3)>
=head1 COPYRIGHT
Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2001-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
@@ -38,9 +38,6 @@ is set by the SSL/TLS server. The SSL_CTX_set_session_id_context() and
SSL_set_session_id_context() functions are therefore only useful on the
server side.
OpenSSL clients will check the session id context returned by the server
when reusing a session.
The maximum length of the B<sid_ctx> is limited to
B<SSL_MAX_SID_CTX_LENGTH>.
@@ -51,11 +48,24 @@ certificates are used, stored sessions
will not be reused but a fatal error will be flagged and the handshake
will fail.
If a server returns a different session id context to an OpenSSL client
when reusing a session, an error will be flagged and the handshake will
fail. OpenSSL servers will always return the correct session id context,
as an OpenSSL server checks the session id context itself before reusing
a session as described above.
If a client attempts to resume a session and the server detects that the session
id context associated with the session is different to the current session id
context then the resumption will fail. The handshake will continue normally but
no resumption will occur.
It is vital that the session id context is set before any session resumption
occurs. Sessions get created early in the handshake. If the session id context
is not set by the time the session gets created then the session will be
associated with an empty session id context. The already created session will
not get updated if the session id context is later set. In particular the
callback set via the L<SSL_CTX_set_tlsext_servername_callback(3)> function will
be invoked after the session gets created, so if the session id context is set
in the callback then this will be too late for the current handshake and the
session id context setting will be ignored with respect to resumption. Typically
the session id context should be set before the TLS handshake starts, but it may
occur as late as in the callback set via the L<SSL_CTX_set_client_hello_cb(3)>
function.
=head1 RETURN VALUES
@@ -82,7 +92,7 @@ L<ssl(7)>
=head1 COPYRIGHT
Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2001-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
@@ -29,7 +29,11 @@ still necessary in order to acknowledge the servername requested by the client.
SSL_CTX_set_tlsext_servername_callback() sets the application callback B<cb>
used by a server to perform any actions or configuration required based on
the servername extension received in the incoming connection. When B<cb>
is NULL, SNI is not used.
is NULL, SNI is not used. Note that this callback occurs late in the processing
of the ClientHello message. In particular it happens after session resumption
has occurred, and so typically this callback should not call functions such
as L<SSL_set_session_id_context(3)> since it is too late to affect the session
resumption for the current handshake.
The servername callback should return one of the following values:
@@ -169,7 +173,7 @@ NULL.
=head1 COPYRIGHT
Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2017-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
+23 -15
View File
@@ -471,21 +471,29 @@ encoding. Unlike the C structures which can have pointers to sub-objects
within, the DER is a serialized encoding, suitable for sending over the
network, writing to a file, and so on.
B<d2i_I<TYPE>>() attempts to decode I<len> bytes at I<*ppin>. If successful a
pointer to the B<I<TYPE>> structure is returned and I<*ppin> is incremented to
the byte following the parsed data. If I<a> is not NULL then a pointer
to the returned structure is also written to I<*a>. If an error occurred
then NULL is returned. The caller retains ownership of the
returned object and needs to free it when it is no longer needed, e.g.
using X509_free() for X509 objects or DSA_SIG_free() for DSA_SIG objects.
B<d2i_I<TYPE>>() attempts to decode I<len> bytes at I<*ppin>.
When there is no error, a pointer to a B<I<TYPE>> object is returned and I<*ppin> is
incremented to the byte following the parsed data.
The caller owns the returned object and needs to free it when it is no longer needed,
e.g., via X509_free() for B<X509> objects.
On a successful return, if I<*a> is not NULL then it is assumed that I<*a>
contains a valid B<I<TYPE>> structure and an attempt is made to reuse it.
For B<I<TYPE>> structures where it matters it is possible to set up a library
context on the decoded structure this way (see the B<EXAMPLES> section).
However using the "reuse" capability for other purposes is B<strongly
discouraged> (see B<BUGS> below, and the discussion in the B<RETURN VALUES>
section).
If either I<a> or I<*a> is NULL, then fresh storage is allocated for the
returned object, and if I<a> is not NULL then I<*a> is set equal to the
returned pointer.
When both I<a> and I<*a> are not NULL, I<*a> MUST be a pointer to an
existing I<TYPE> object, which is reused to hold the decoded result.
On error (NULL return value), the object is freed and I<*a> is set to NULL.
From OpenSSL 3.x onwards, reuse is only supported when I<*a> points to a newly
allocated, and not otherwise modified, I<TYPE> object.
Allocation can be via one of the various _ex() routines, which make it possible
to associate the allocated object with a chosen I<libctx> (library context)
or I<propq> (property query), see the B<EXAMPLES> section.
No other reuse is supported (see B<BUGS> below, and the discussion in the
B<RETURN VALUES> section).
The returned object is not suitable for another reuse: each reuse attempt MUST
start with a newly allocated object.
B<d2i_I<TYPE>_bio>() is similar to B<d2i_I<TYPE>>() except it attempts
to parse data from BIO I<bp>.
@@ -761,7 +769,7 @@ were added in OpenSSL 3.5.
=head1 COPYRIGHT
Copyright 1998-2025 The OpenSSL Project Authors. All Rights Reserved.
Copyright 1998-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
+5 -1
View File
@@ -69,6 +69,10 @@ The AES-SIV and AES-WRAP mode implementations do not support streaming. That
means to obtain correct results there can be only one L<EVP_EncryptUpdate(3)>
or L<EVP_DecryptUpdate(3)> call after the initialization of the context.
When wrapping with AES-WRAP-PAD ciphers, the output buffer must be at least
I<inl> rounded up to the cipher block size (8 bytes) plus the block size.
That is, the minimum output buffer size is C<((inl + 7) / 8) * 8 + 8> bytes.
The AES-XTS implementations allow streaming to be performed, but each
L<EVP_EncryptUpdate(3)> or L<EVP_DecryptUpdate(3)> call requires each input
to be a multiple of the blocksize. Only the final EVP_EncryptUpdate() or
@@ -86,7 +90,7 @@ The GCM-SIV mode ciphers were added in OpenSSL version 3.2.
=head1 COPYRIGHT
Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2021-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
+2
View File
@@ -168,6 +168,8 @@ See L<RAND_load_file(3)>.
=item B<SSL_CERT_DIR>, B<SSL_CERT_FILE>
Specify the default directory or file containing CA certificates.
B<SSL_CERT_DIR> can contain multiple directories separated by colons
(or semicolons on Windows).
See L<SSL_CTX_load_verify_locations(3)>.
=item B<TSGET>
@@ -38,9 +38,9 @@ provider-asym_cipher - The asym_cipher library E<lt>-E<gt> provider functions
/* Asymmetric Cipher parameters */
int OSSL_FUNC_asym_cipher_get_ctx_params(void *ctx, OSSL_PARAM params[]);
const OSSL_PARAM *OSSL_FUNC_asym_cipher_gettable_ctx_params(void *provctx);
const OSSL_PARAM *OSSL_FUNC_asym_cipher_gettable_ctx_params(void *ctx, void *provctx);
int OSSL_FUNC_asym_cipher_set_ctx_params(void *ctx, const OSSL_PARAM params[]);
const OSSL_PARAM *OSSL_FUNC_asym_cipher_settable_ctx_params(void *provctx);
const OSSL_PARAM *OSSL_FUNC_asym_cipher_settable_ctx_params(void *ctx, void *provctx);
=head1 DESCRIPTION
@@ -291,7 +291,7 @@ were added in OpenSSL 3.4.
=head1 COPYRIGHT
Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
@@ -269,7 +269,6 @@ OSSL_FUNC_signature_gettable_ctx_params() functions,
as well as the "md_params" functions.
The OSSL_FUNC_signature_dupctx() function is optional.
It is not yet used by OpenSSL.
The OSSL_FUNC_signature_query_key_types() function is optional.
When present, it should return a NULL-terminated array of strings
@@ -708,7 +707,7 @@ Deterministic digital signature generation for ECDSA was added to the FIPS provi
=head1 COPYRIGHT
Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
File diff suppressed because it is too large Load Diff

Some files were not shown because too many files have changed in this diff Show More