openssl: import 3.5.4
This change adds OpenSSL 3.5.4 from upstream [1]. The 3.5.4 artifact was been verified via PGP key [2] and by SHA256 checksum [3]. This is a security release, but also contains several bugfixes. More information about the release (from a high level) can be found in the release notes [4]. 1. https://github.com/openssl/openssl/releases/download/openssl-3.5.4/openssl-3.5.4.tar.gz 2. https://github.com/openssl/openssl/releases/download/openssl-3.5.4/openssl-3.5.4.tar.gz.asc 3. https://github.com/openssl/openssl/releases/download/openssl-3.5.4/openssl-3.5.4.tar.gz.sha256 4. https://github.com/openssl/openssl/blob/openssl-3.5.4/NEWS.md
This commit is contained in:
+69
@@ -28,6 +28,72 @@ OpenSSL Releases
|
||||
OpenSSL 3.5
|
||||
-----------
|
||||
|
||||
### Changes between 3.5.3 and 3.5.4 [30 Sep 2025]
|
||||
|
||||
* Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap
|
||||
|
||||
Issue summary: An application trying to decrypt CMS messages encrypted using
|
||||
password based encryption can trigger an out-of-bounds read and write.
|
||||
|
||||
Impact summary: This out-of-bounds read may trigger a crash which leads to
|
||||
Denial of Service for an application. The out-of-bounds write can cause
|
||||
a memory corruption which can have various consequences including
|
||||
a Denial of Service or Execution of attacker-supplied code.
|
||||
|
||||
The issue was reported by Stanislav Fort (Aisle Research).
|
||||
|
||||
([CVE-2025-9230])
|
||||
|
||||
*Viktor Dukhovni*
|
||||
|
||||
* Fix Timing side-channel in SM2 algorithm on 64 bit ARM
|
||||
|
||||
Issue summary: A timing side-channel which could potentially allow remote
|
||||
recovery of the private key exists in the SM2 algorithm implementation on
|
||||
64 bit ARM platforms.
|
||||
|
||||
Impact summary: A timing side-channel in SM2 signature computations on
|
||||
64 bit ARM platforms could allow recovering the private key by an attacker.
|
||||
|
||||
The issue was reported by Stanislav Fort (Aisle Research).
|
||||
|
||||
([CVE-2025-9231])
|
||||
|
||||
*Stanislav Fort and Tomáš Mráz*
|
||||
|
||||
* Fix Out-of-bounds read in HTTP client no_proxy handling
|
||||
|
||||
Issue summary: An application using the OpenSSL HTTP client API functions
|
||||
may trigger an out-of-bounds read if the "no_proxy" environment variable is
|
||||
set and the host portion of the authority component of the HTTP URL is an
|
||||
IPv6 address.
|
||||
|
||||
Impact summary: An out-of-bounds read can trigger a crash which leads to
|
||||
Denial of Service for an application.
|
||||
|
||||
The issue was reported by Stanislav Fort (Aisle Research).
|
||||
|
||||
([CVE-2025-9232])
|
||||
|
||||
*Stanislav Fort*
|
||||
|
||||
* The FIPS provider no longer performs a PCT on key import for ECX keys
|
||||
(that was introduced in 3.5.2), following the latest update
|
||||
on that requirement in FIPS 140-3 IG 10.3.A additional comment 1.
|
||||
|
||||
*Eugene Syromiatnikov*
|
||||
|
||||
* Fixed the length of the ASN.1 sequence for the SM3 digests of RSA-encrypted
|
||||
signatures.
|
||||
|
||||
*Xiao Lou Dong Feng*
|
||||
|
||||
* Reverted the synthesised `OPENSSL_VERSION_NUMBER` change for the release
|
||||
builds, as it broke some exiting applications that relied on the previous
|
||||
3.x semantics, as documented in `OpenSSL_version(3)`.
|
||||
|
||||
*Richard Levitte*
|
||||
|
||||
### Changes between 3.5.2 and 3.5.3 [16 Sep 2025]
|
||||
|
||||
* Avoided a potential race condition introduced in 3.5.1, where
|
||||
@@ -21284,6 +21350,9 @@ ndif
|
||||
|
||||
<!-- Links -->
|
||||
|
||||
[CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232
|
||||
[CVE-2025-9231]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9231
|
||||
[CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230
|
||||
[CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
|
||||
[CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
|
||||
[CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143
|
||||
|
||||
@@ -23,19 +23,46 @@ OpenSSL Releases
|
||||
OpenSSL 3.5
|
||||
-----------
|
||||
|
||||
### Major changes between OpenSSL 3.5.3 and OpenSSL 3.5.4 [30 Sep 2025]
|
||||
|
||||
OpenSSL 3.5.4 is a security patch release. The most severe CVE fixed in this
|
||||
release is Moderate.
|
||||
|
||||
This release incorporates the following bug fixes and mitigations:
|
||||
|
||||
* Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap.
|
||||
([CVE-2025-9230])
|
||||
|
||||
* Fix Timing side-channel in SM2 algorithm on 64 bit ARM.
|
||||
([CVE-2025-9231])
|
||||
|
||||
* Fix Out-of-bounds read in HTTP client no_proxy handling.
|
||||
([CVE-2025-9232])
|
||||
|
||||
* Reverted the synthesised `OPENSSL_VERSION_NUMBER` change for the release
|
||||
builds, as it broke some exiting applications that relied on the previous
|
||||
3.x semantics, as documented in `OpenSSL_version(3)`.
|
||||
|
||||
### Major changes between OpenSSL 3.5.2 and OpenSSL 3.5.3 [16 Sep 2025]
|
||||
|
||||
OpenSSL 3.5.3 is a bug fix release.
|
||||
|
||||
This release incorporates the following bug fixes and mitigations:
|
||||
|
||||
* Added FIPS 140-3 PCT on DH key generation.
|
||||
|
||||
*Nikola Pajkovsky*
|
||||
|
||||
* Fixed the synthesised `OPENSSL_VERSION_NUMBER`.
|
||||
|
||||
*Richard Levitte*
|
||||
* Removed PCT on key import in the FIPS provider as it is not required by
|
||||
the standard.
|
||||
|
||||
### Major changes between OpenSSL 3.5.1 and OpenSSL 3.5.2 [5 Aug 2025]
|
||||
|
||||
* none
|
||||
OpenSSL 3.5.2 is a bug fix release.
|
||||
|
||||
This release incorporates the following bug fixes and mitigations:
|
||||
|
||||
* The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
|
||||
|
||||
### Major changes between OpenSSL 3.5.0 and OpenSSL 3.5.1 [1 Jul 2025]
|
||||
|
||||
@@ -45,7 +72,7 @@ release is Low.
|
||||
This release incorporates the following bug fixes and mitigations:
|
||||
|
||||
* Fix x509 application adds trusted use instead of rejected use.
|
||||
([CVE-2025-4575])
|
||||
([CVE-2025-4575])
|
||||
|
||||
### Major changes between OpenSSL 3.4 and OpenSSL 3.5.0 [8 Apr 2025]
|
||||
|
||||
@@ -1913,6 +1940,9 @@ OpenSSL 0.9.x
|
||||
* Support for various new platforms
|
||||
|
||||
<!-- Links -->
|
||||
[CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232
|
||||
[CVE-2025-9231]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9231
|
||||
[CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230
|
||||
[CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
|
||||
[CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
|
||||
[CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143
|
||||
|
||||
+2
-2
@@ -1,7 +1,7 @@
|
||||
MAJOR=3
|
||||
MINOR=5
|
||||
PATCH=3
|
||||
PATCH=4
|
||||
PRE_RELEASE_TAG=
|
||||
BUILD_METADATA=
|
||||
RELEASE_DATE="16 Sep 2025"
|
||||
RELEASE_DATE="30 Sep 2025"
|
||||
SHLIB_VERSION=3
|
||||
|
||||
+13
-5
@@ -331,14 +331,22 @@ int storeutl_main(int argc, char *argv[])
|
||||
static int indent_printf(int indent, BIO *bio, const char *format, ...)
|
||||
{
|
||||
va_list args;
|
||||
int ret;
|
||||
int ret, vret;
|
||||
|
||||
ret = BIO_printf(bio, "%*s", indent, "");
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
|
||||
va_start(args, format);
|
||||
|
||||
ret = BIO_printf(bio, "%*s", indent, "") + BIO_vprintf(bio, format, args);
|
||||
|
||||
vret = BIO_vprintf(bio, format, args);
|
||||
va_end(args);
|
||||
return ret;
|
||||
|
||||
if (vret < 0)
|
||||
return vret;
|
||||
if (vret > INT_MAX - ret)
|
||||
return INT_MAX;
|
||||
|
||||
return ret + vret;
|
||||
}
|
||||
|
||||
static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
|
||||
|
||||
@@ -287,7 +287,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
if (fp == NULL) {
|
||||
ERR_raise_data(ERR_LIB_SYS, get_last_sys_error(),
|
||||
"calling fopen(%s, %s)",
|
||||
ptr, p);
|
||||
(const char *)ptr, p);
|
||||
ERR_raise(ERR_LIB_BIO, ERR_R_SYS_LIB);
|
||||
ret = 0;
|
||||
break;
|
||||
|
||||
@@ -242,7 +242,7 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen,
|
||||
/* Check byte failure */
|
||||
goto err;
|
||||
}
|
||||
if (inlen < (size_t)(tmp[0] - 4)) {
|
||||
if (inlen < 4 + (size_t)tmp[0]) {
|
||||
/* Invalid length value */
|
||||
goto err;
|
||||
}
|
||||
|
||||
+4
-99
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2023-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@@ -56,10 +56,6 @@ ALIGN32 static const BN_ULONG def_p[P256_LIMBS] = {
|
||||
0xffffffffffffffff, 0xffffffff00000000,
|
||||
0xffffffffffffffff, 0xfffffffeffffffff
|
||||
};
|
||||
ALIGN32 static const BN_ULONG def_ord[P256_LIMBS] = {
|
||||
0x53bbf40939d54123, 0x7203df6b21c6052b,
|
||||
0xffffffffffffffff, 0xfffffffeffffffff
|
||||
};
|
||||
|
||||
ALIGN32 static const BN_ULONG ONE[P256_LIMBS] = {1, 0, 0, 0};
|
||||
|
||||
@@ -177,13 +173,6 @@ static ossl_inline void ecp_sm2p256_mod_inverse(BN_ULONG* out,
|
||||
BN_MOD_INV(out, in, ecp_sm2p256_div_by_2, ecp_sm2p256_sub, def_p);
|
||||
}
|
||||
|
||||
/* Modular inverse mod order |out| = |in|^(-1) % |ord|. */
|
||||
static ossl_inline void ecp_sm2p256_mod_ord_inverse(BN_ULONG* out,
|
||||
const BN_ULONG* in) {
|
||||
BN_MOD_INV(out, in, ecp_sm2p256_div_by_2_mod_ord, ecp_sm2p256_sub_mod_ord,
|
||||
def_ord);
|
||||
}
|
||||
|
||||
/* Point double: R <- P + P */
|
||||
static void ecp_sm2p256_point_double(P256_POINT *R, const P256_POINT *P)
|
||||
{
|
||||
@@ -454,52 +443,6 @@ static int ecp_sm2p256_is_affine_G(const EC_POINT *generator)
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Convert Jacobian coordinate point into affine coordinate (x,y)
|
||||
*/
|
||||
static int ecp_sm2p256_get_affine(const EC_GROUP *group,
|
||||
const EC_POINT *point,
|
||||
BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
|
||||
{
|
||||
ALIGN32 BN_ULONG z_inv2[P256_LIMBS] = {0};
|
||||
ALIGN32 BN_ULONG z_inv3[P256_LIMBS] = {0};
|
||||
ALIGN32 BN_ULONG x_aff[P256_LIMBS] = {0};
|
||||
ALIGN32 BN_ULONG y_aff[P256_LIMBS] = {0};
|
||||
ALIGN32 BN_ULONG point_x[P256_LIMBS] = {0};
|
||||
ALIGN32 BN_ULONG point_y[P256_LIMBS] = {0};
|
||||
ALIGN32 BN_ULONG point_z[P256_LIMBS] = {0};
|
||||
|
||||
if (EC_POINT_is_at_infinity(group, point)) {
|
||||
ECerr(ERR_LIB_EC, EC_R_POINT_AT_INFINITY);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (ecp_sm2p256_bignum_field_elem(point_x, point->X) <= 0
|
||||
|| ecp_sm2p256_bignum_field_elem(point_y, point->Y) <= 0
|
||||
|| ecp_sm2p256_bignum_field_elem(point_z, point->Z) <= 0) {
|
||||
ECerr(ERR_LIB_EC, EC_R_COORDINATES_OUT_OF_RANGE);
|
||||
return 0;
|
||||
}
|
||||
|
||||
ecp_sm2p256_mod_inverse(z_inv3, point_z);
|
||||
ecp_sm2p256_sqr(z_inv2, z_inv3);
|
||||
|
||||
if (x != NULL) {
|
||||
ecp_sm2p256_mul(x_aff, point_x, z_inv2);
|
||||
if (!bn_set_words(x, x_aff, P256_LIMBS))
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (y != NULL) {
|
||||
ecp_sm2p256_mul(z_inv3, z_inv3, z_inv2);
|
||||
ecp_sm2p256_mul(y_aff, point_y, z_inv3);
|
||||
if (!bn_set_words(y, y_aff, P256_LIMBS))
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* r = sum(scalar[i]*point[i]) */
|
||||
static int ecp_sm2p256_windowed_mul(const EC_GROUP *group,
|
||||
P256_POINT *r,
|
||||
@@ -689,44 +632,6 @@ static int ecp_sm2p256_field_sqr(const EC_GROUP *group, BIGNUM *r,
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int ecp_sm2p256_inv_mod_ord(const EC_GROUP *group, BIGNUM *r,
|
||||
const BIGNUM *x, BN_CTX *ctx)
|
||||
{
|
||||
int ret = 0;
|
||||
ALIGN32 BN_ULONG t[P256_LIMBS] = {0};
|
||||
ALIGN32 BN_ULONG out[P256_LIMBS] = {0};
|
||||
|
||||
if (bn_wexpand(r, P256_LIMBS) == NULL) {
|
||||
ECerr(ERR_LIB_EC, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if ((BN_num_bits(x) > 256) || BN_is_negative(x)) {
|
||||
BIGNUM *tmp;
|
||||
|
||||
if ((tmp = BN_CTX_get(ctx)) == NULL
|
||||
|| !BN_nnmod(tmp, x, group->order, ctx)) {
|
||||
ECerr(ERR_LIB_EC, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
x = tmp;
|
||||
}
|
||||
|
||||
if (!ecp_sm2p256_bignum_field_elem(t, x)) {
|
||||
ECerr(ERR_LIB_EC, EC_R_COORDINATES_OUT_OF_RANGE);
|
||||
goto err;
|
||||
}
|
||||
|
||||
ecp_sm2p256_mod_ord_inverse(out, t);
|
||||
|
||||
if (!bn_set_words(r, out, P256_LIMBS))
|
||||
goto err;
|
||||
|
||||
ret = 1;
|
||||
err:
|
||||
return ret;
|
||||
}
|
||||
|
||||
const EC_METHOD *EC_GFp_sm2p256_method(void)
|
||||
{
|
||||
static const EC_METHOD ret = {
|
||||
@@ -747,7 +652,7 @@ const EC_METHOD *EC_GFp_sm2p256_method(void)
|
||||
ossl_ec_GFp_simple_point_copy,
|
||||
ossl_ec_GFp_simple_point_set_to_infinity,
|
||||
ossl_ec_GFp_simple_point_set_affine_coordinates,
|
||||
ecp_sm2p256_get_affine,
|
||||
ossl_ec_GFp_simple_point_get_affine_coordinates,
|
||||
0, 0, 0,
|
||||
ossl_ec_GFp_simple_add,
|
||||
ossl_ec_GFp_simple_dbl,
|
||||
@@ -763,7 +668,7 @@ const EC_METHOD *EC_GFp_sm2p256_method(void)
|
||||
ecp_sm2p256_field_mul,
|
||||
ecp_sm2p256_field_sqr,
|
||||
0 /* field_div */,
|
||||
0 /* field_inv */,
|
||||
ossl_ec_GFp_simple_field_inv,
|
||||
0 /* field_encode */,
|
||||
0 /* field_decode */,
|
||||
0 /* field_set_to_one */,
|
||||
@@ -779,7 +684,7 @@ const EC_METHOD *EC_GFp_sm2p256_method(void)
|
||||
ossl_ecdsa_simple_sign_setup,
|
||||
ossl_ecdsa_simple_sign_sig,
|
||||
ossl_ecdsa_simple_verify_sig,
|
||||
ecp_sm2p256_inv_mod_ord,
|
||||
0, /* use constant‑time fallback for inverse mod order */
|
||||
0, /* blind_coordinates */
|
||||
0, /* ladder_pre */
|
||||
0, /* ladder_step */
|
||||
|
||||
+14
-11
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@@ -560,7 +560,7 @@ static int block_in(BIO *b)
|
||||
{
|
||||
BIO_OK_CTX *ctx;
|
||||
EVP_MD_CTX *md;
|
||||
unsigned long tl = 0;
|
||||
size_t tl = 0;
|
||||
unsigned char tmp[EVP_MAX_MD_SIZE];
|
||||
int md_size;
|
||||
|
||||
@@ -571,15 +571,18 @@ static int block_in(BIO *b)
|
||||
goto berr;
|
||||
|
||||
assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */
|
||||
tl = ctx->buf[0];
|
||||
tl <<= 8;
|
||||
tl |= ctx->buf[1];
|
||||
tl <<= 8;
|
||||
tl |= ctx->buf[2];
|
||||
tl <<= 8;
|
||||
tl |= ctx->buf[3];
|
||||
tl = ((size_t)ctx->buf[0] << 24)
|
||||
| ((size_t)ctx->buf[1] << 16)
|
||||
| ((size_t)ctx->buf[2] << 8)
|
||||
| ((size_t)ctx->buf[3]);
|
||||
|
||||
if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md_size)
|
||||
if (tl > OK_BLOCK_SIZE)
|
||||
goto berr;
|
||||
|
||||
if (tl > SIZE_MAX - OK_BLOCK_BLOCK - (size_t)md_size)
|
||||
goto berr;
|
||||
|
||||
if (ctx->buf_len < tl + OK_BLOCK_BLOCK + (size_t)md_size)
|
||||
return 1;
|
||||
|
||||
if (!EVP_DigestUpdate(md,
|
||||
@@ -587,7 +590,7 @@ static int block_in(BIO *b)
|
||||
goto berr;
|
||||
if (!EVP_DigestFinal_ex(md, tmp, NULL))
|
||||
goto berr;
|
||||
if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md_size) == 0) {
|
||||
if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, (size_t)md_size) == 0) {
|
||||
/* there might be parts from next block lurking around ! */
|
||||
ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md_size;
|
||||
ctx->buf_len_save = ctx->buf_len;
|
||||
|
||||
@@ -1356,7 +1356,7 @@ static int fix_rsa_padding_mode(enum state state,
|
||||
if (i == OSSL_NELEM(str_value_map)) {
|
||||
ERR_raise_data(ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE,
|
||||
"[action:%d, state:%d] padding name %s",
|
||||
ctx->action_type, state, ctx->p1);
|
||||
ctx->action_type, state, (const char *)ctx->p2);
|
||||
ctx->p1 = ret = -2;
|
||||
} else if (state == POST_CTRL_TO_PARAMS) {
|
||||
/* EVP_PKEY_CTRL_GET_RSA_PADDING weirdness explained further up */
|
||||
|
||||
+7
-8
@@ -1146,15 +1146,14 @@ int EVP_PKEY_can_sign(const EVP_PKEY *pkey)
|
||||
} else {
|
||||
const OSSL_PROVIDER *prov = EVP_KEYMGMT_get0_provider(pkey->keymgmt);
|
||||
OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov);
|
||||
const char *supported_sig =
|
||||
pkey->keymgmt->query_operation_name != NULL
|
||||
? pkey->keymgmt->query_operation_name(OSSL_OP_SIGNATURE)
|
||||
: EVP_KEYMGMT_get0_name(pkey->keymgmt);
|
||||
EVP_SIGNATURE *signature = NULL;
|
||||
EVP_SIGNATURE *sig;
|
||||
const char *name;
|
||||
|
||||
signature = EVP_SIGNATURE_fetch(libctx, supported_sig, NULL);
|
||||
if (signature != NULL) {
|
||||
EVP_SIGNATURE_free(signature);
|
||||
name = evp_keymgmt_util_query_operation_name(pkey->keymgmt,
|
||||
OSSL_OP_SIGNATURE);
|
||||
sig = EVP_SIGNATURE_fetch(libctx, name, NULL);
|
||||
if (sig != NULL) {
|
||||
EVP_SIGNATURE_free(sig);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -263,6 +263,7 @@ static int use_proxy(const char *no_proxy, const char *server)
|
||||
/* strip leading '[' and trailing ']' from escaped IPv6 address */
|
||||
sl -= 2;
|
||||
strncpy(host, server + 1, sl);
|
||||
host[sl] = '\0';
|
||||
server = host;
|
||||
}
|
||||
|
||||
|
||||
+13
-1
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@@ -23,6 +23,9 @@
|
||||
#if defined(__arm__) || defined(__arm) || defined(__aarch64__)
|
||||
# include "arm_arch.h"
|
||||
# define CPU_INFO_STR_LEN 128
|
||||
#elif defined(__powerpc__) || defined(__POWERPC__) || defined(_ARCH_PPC)
|
||||
# include "crypto/ppc_arch.h"
|
||||
# define CPU_INFO_STR_LEN 128
|
||||
#elif defined(__s390__) || defined(__s390x__)
|
||||
# include "s390x_arch.h"
|
||||
# define CPU_INFO_STR_LEN 2048
|
||||
@@ -77,6 +80,15 @@ DEFINE_RUN_ONCE_STATIC(init_info_strings)
|
||||
BIO_snprintf(ossl_cpu_info_str + strlen(ossl_cpu_info_str),
|
||||
sizeof(ossl_cpu_info_str) - strlen(ossl_cpu_info_str),
|
||||
" env:%s", env);
|
||||
# elif defined(__powerpc__) || defined(__POWERPC__) || defined(_ARCH_PPC)
|
||||
const char *env;
|
||||
|
||||
BIO_snprintf(ossl_cpu_info_str, sizeof(ossl_cpu_info_str),
|
||||
CPUINFO_PREFIX "OPENSSL_ppccap=0x%x", OPENSSL_ppccap_P);
|
||||
if ((env = getenv("OPENSSL_ppccap")) != NULL)
|
||||
BIO_snprintf(ossl_cpu_info_str + strlen(ossl_cpu_info_str),
|
||||
sizeof(ossl_cpu_info_str) - strlen(ossl_cpu_info_str),
|
||||
" env:%s", env);
|
||||
# elif defined(__s390__) || defined(__s390x__)
|
||||
const char *env;
|
||||
|
||||
|
||||
@@ -311,6 +311,7 @@ int ossl_ml_dsa_key_has(const ML_DSA_KEY *key, int selection)
|
||||
static int public_from_private(const ML_DSA_KEY *key, EVP_MD_CTX *md_ctx,
|
||||
VECTOR *t1, VECTOR *t0)
|
||||
{
|
||||
int ret = 0;
|
||||
const ML_DSA_PARAMS *params = key->params;
|
||||
uint32_t k = params->k, l = params->l;
|
||||
POLY *polys;
|
||||
@@ -343,9 +344,10 @@ static int public_from_private(const ML_DSA_KEY *key, EVP_MD_CTX *md_ctx,
|
||||
|
||||
/* Zeroize secret */
|
||||
vector_zero(&s1_ntt);
|
||||
ret = 1;
|
||||
err:
|
||||
OPENSSL_free(polys);
|
||||
return 1;
|
||||
return ret;
|
||||
}
|
||||
|
||||
int ossl_ml_dsa_key_public_from_private(ML_DSA_KEY *key)
|
||||
|
||||
@@ -2046,5 +2046,5 @@ int ossl_ml_kem_pubkey_cmp(const ML_KEM_KEY *key1, const ML_KEM_KEY *key2)
|
||||
* No match if just one of the public keys is not available, otherwise both
|
||||
* are unavailable, and for now such keys are considered equal.
|
||||
*/
|
||||
return (ossl_ml_kem_have_pubkey(key1) ^ ossl_ml_kem_have_pubkey(key2));
|
||||
return (!(ossl_ml_kem_have_pubkey(key1) ^ ossl_ml_kem_have_pubkey(key2)));
|
||||
}
|
||||
|
||||
@@ -202,9 +202,12 @@ int ossl_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen,
|
||||
|| !EVP_MAC_final(mac_ctx, ctx->d.byte, &out_len,
|
||||
sizeof(ctx->d.byte))) {
|
||||
EVP_CIPHER_CTX_free(ctx->cipher_ctx);
|
||||
ctx->cipher_ctx = NULL;
|
||||
EVP_MAC_CTX_free(ctx->mac_ctx_init);
|
||||
ctx->mac_ctx_init = NULL;
|
||||
EVP_MAC_CTX_free(mac_ctx);
|
||||
EVP_MAC_free(ctx->mac);
|
||||
ctx->mac = NULL;
|
||||
return 0;
|
||||
}
|
||||
EVP_MAC_CTX_free(mac_ctx);
|
||||
|
||||
@@ -641,7 +641,7 @@ static void put_str(const char *str, char **buf, size_t *remain, size_t *needed)
|
||||
}
|
||||
|
||||
quotes = quote != '\0';
|
||||
if (*remain == 0) {
|
||||
if (*remain <= (size_t)quotes) {
|
||||
*needed += 2 * quotes;
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -734,18 +734,3 @@ static int rsa_keygen_pairwise_test(RSA *rsa, OSSL_CALLBACK *cb, void *cbarg)
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#ifdef FIPS_MODULE
|
||||
int ossl_rsa_key_pairwise_test(RSA *rsa)
|
||||
{
|
||||
OSSL_CALLBACK *stcb;
|
||||
void *stcbarg;
|
||||
int res;
|
||||
|
||||
OSSL_SELF_TEST_get_callback(rsa->libctx, &stcb, &stcbarg);
|
||||
res = rsa_keygen_pairwise_test(rsa, stcb, stcbarg);
|
||||
if (res <= 0)
|
||||
ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT_IMPORT);
|
||||
return res;
|
||||
}
|
||||
#endif /* FIPS_MODULE */
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@@ -129,7 +129,7 @@ static const unsigned char digestinfo_ripemd160_der[] = {
|
||||
# ifndef OPENSSL_NO_SM3
|
||||
/* SM3 (1 2 156 10197 1 401) */
|
||||
static const unsigned char digestinfo_sm3_der[] = {
|
||||
ASN1_SEQUENCE, 0x0f + SM3_DIGEST_LENGTH,
|
||||
ASN1_SEQUENCE, 0x10 + SM3_DIGEST_LENGTH,
|
||||
ASN1_SEQUENCE, 0x0c,
|
||||
ASN1_OID, 0x08, 1 * 40 + 2, 0x81, 0x1c, 0xcf, 0x55, 1, 0x83, 0x78,
|
||||
ASN1_NULL, 0x00,
|
||||
|
||||
@@ -62,8 +62,10 @@ __tsan_mutex_post_lock((x), 0, 0)
|
||||
/*
|
||||
* The Non-Stop KLT thread model currently seems broken in its rwlock
|
||||
* implementation
|
||||
* Likewise is there a problem with the glibc implementation on riscv.
|
||||
*/
|
||||
# if defined(PTHREAD_RWLOCK_INITIALIZER) && !defined(_KLT_MODEL_)
|
||||
# if defined(PTHREAD_RWLOCK_INITIALIZER) && !defined(_KLT_MODEL_) \
|
||||
&& !defined(__riscv)
|
||||
# define USE_RWLOCK
|
||||
# endif
|
||||
|
||||
@@ -279,7 +281,7 @@ static struct rcu_qp *get_hold_current_qp(struct rcu_lock_st *lock)
|
||||
|
||||
/* if the idx hasn't changed, we're good, else try again */
|
||||
if (qp_idx == ATOMIC_LOAD_N(uint32_t, &lock->reader_idx,
|
||||
__ATOMIC_RELAXED))
|
||||
__ATOMIC_ACQUIRE))
|
||||
break;
|
||||
|
||||
ATOMIC_SUB_FETCH(&lock->qp_group[qp_idx].users, (uint64_t)1,
|
||||
@@ -403,8 +405,12 @@ static struct rcu_qp *update_qp(CRYPTO_RCU_LOCK *lock, uint32_t *curr_id)
|
||||
*curr_id = lock->id_ctr;
|
||||
lock->id_ctr++;
|
||||
|
||||
/*
|
||||
* make the current state of everything visible by this release
|
||||
* when get_hold_current_qp acquires the next qp
|
||||
*/
|
||||
ATOMIC_STORE_N(uint32_t, &lock->reader_idx, lock->current_alloc_idx,
|
||||
__ATOMIC_RELAXED);
|
||||
__ATOMIC_RELEASE);
|
||||
|
||||
/*
|
||||
* this should make sure that the new value of reader_idx is visible in
|
||||
|
||||
@@ -219,7 +219,8 @@ int X509_ocspid_print(BIO *bp, X509 *x)
|
||||
goto err;
|
||||
if ((der = dertmp = OPENSSL_malloc(derlen)) == NULL)
|
||||
goto err;
|
||||
i2d_X509_NAME(subj, &dertmp);
|
||||
if (i2d_X509_NAME(subj, &dertmp) < 0)
|
||||
goto err;
|
||||
|
||||
md = EVP_MD_fetch(x->libctx, SN_sha1, x->propq);
|
||||
if (md == NULL)
|
||||
|
||||
@@ -408,7 +408,6 @@ static int x509_store_add(X509_STORE *store, void *x, int crl)
|
||||
}
|
||||
|
||||
if (!X509_STORE_lock(store)) {
|
||||
obj->type = X509_LU_NONE;
|
||||
X509_OBJECT_free(obj);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -170,15 +170,14 @@ B<sk_I<TYPE>_set>() sets element I<idx> of I<sk> to I<ptr> replacing the current
|
||||
element. The new element value is returned or NULL if an error occurred:
|
||||
this will only happen if I<sk> is NULL or I<idx> is out of range.
|
||||
|
||||
B<sk_I<TYPE>_find>() searches I<sk> for the element I<ptr>. In the case
|
||||
where no comparison function has been specified, the function performs
|
||||
a linear search for a pointer equal to I<ptr>. The index of the first
|
||||
matching element is returned or B<-1> if there is no match. In the case
|
||||
where a comparison function has been specified, I<sk> is sorted and
|
||||
B<sk_I<TYPE>_find>() returns the index of a matching element or B<-1> if there
|
||||
is no match. Note that, in this case the comparison function will usually
|
||||
compare the values pointed to rather than the pointers themselves and
|
||||
the order of elements in I<sk> can change.
|
||||
B<sk_I<TYPE>_find>() searches I<sk> for the element I<ptr>. In the
|
||||
case where no comparison function has been specified, the function
|
||||
performs a linear search for a pointer equal to I<ptr>. In the case
|
||||
where a comparison function has been specified, the function performs
|
||||
a search for a element that the comparison function indicates is a
|
||||
match. If the stack is sorted, a binary search is used, otherwise, a
|
||||
linear search is used. B<sk_I<TYPE>_find>() returns the index of a
|
||||
matching element or B<-1> if there is no match.
|
||||
|
||||
B<sk_I<TYPE>_find_ex>() operates like B<sk_I<TYPE>_find>() except when a
|
||||
comparison function has been specified and no matching element is found.
|
||||
@@ -301,7 +300,7 @@ was changed to return 0 in this condition as for other errors.
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.
|
||||
Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
|
||||
@@ -256,9 +256,16 @@ L<crypto(7)>
|
||||
The macros and functions described here were added in OpenSSL 3.0,
|
||||
except for OPENSSL_VERSION_NUMBER and OpenSSL_version_num().
|
||||
|
||||
=head1 BUGS
|
||||
|
||||
There was a discrepancy between this manual and commentary + code
|
||||
in F<< <openssl/opensslv.h> >>, where the latter suggested that the
|
||||
four least significant bits of B<OPENSSL_VERSION_NUMBER> could be
|
||||
C<0x0f> in released OpenSSL versions.
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||
Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
|
||||
@@ -37,7 +37,7 @@ SSL_CIPHER_get_protocol_id
|
||||
int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
|
||||
const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
|
||||
uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
|
||||
uint32_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);
|
||||
uint16_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
@@ -203,7 +203,7 @@ The OPENSSL_cipher_name() function was added in OpenSSL 1.1.1.
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.
|
||||
Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
|
||||
@@ -23,9 +23,10 @@ SSL_SESSION_set1_alpn_selected
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
SSL_SESSION_get0_hostname() retrieves the SNI value that was sent by the
|
||||
client when the session was created if it was accepted by the server. Otherwise
|
||||
NULL is returned.
|
||||
SSL_SESSION_get0_hostname() retrieves the Server Name Indication (SNI) value
|
||||
that was sent by the client when the session was created if the server
|
||||
acknowledged the client's SNI extension by including an empty SNI extension
|
||||
in response. Otherwise NULL is returned.
|
||||
|
||||
The value returned is a pointer to memory maintained within B<s> and
|
||||
should not be free'd.
|
||||
@@ -44,8 +45,7 @@ B<alpn>.
|
||||
|
||||
=head1 RETURN VALUES
|
||||
|
||||
SSL_SESSION_get0_hostname() returns either a string or NULL based on if there
|
||||
is the SNI value sent by client.
|
||||
SSL_SESSION_get0_hostname() returns the SNI string if available, or NULL if not.
|
||||
|
||||
SSL_SESSION_set1_hostname() returns 1 on success or 0 on error.
|
||||
|
||||
|
||||
@@ -124,10 +124,6 @@ ASN1_STRING *ossl_rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx);
|
||||
int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
|
||||
const X509_ALGOR *sigalg, EVP_PKEY *pkey);
|
||||
|
||||
# ifdef FIPS_MODULE
|
||||
int ossl_rsa_key_pairwise_test(RSA *rsa);
|
||||
# endif /* FIPS_MODULE */
|
||||
|
||||
# if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
|
||||
int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]);
|
||||
void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst);
|
||||
|
||||
@@ -89,12 +89,12 @@ extern "C" {
|
||||
|
||||
# define OPENSSL_VERSION_TEXT "OpenSSL {- "$config{full_version} $config{release_date}" -}"
|
||||
|
||||
/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
|
||||
/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PP0L */
|
||||
# define OPENSSL_VERSION_NUMBER \
|
||||
( (OPENSSL_VERSION_MAJOR<<28) \
|
||||
|(OPENSSL_VERSION_MINOR<<20) \
|
||||
|(OPENSSL_VERSION_PATCH<<4) \
|
||||
|{- @config{prerelease} ? "0x0L" : "0xfL" -} )
|
||||
|0x0L )
|
||||
|
||||
# ifdef __cplusplus
|
||||
}
|
||||
|
||||
@@ -250,7 +250,7 @@ c685813be6ad35b0861ba888670ef54aa2b399d003472698e39426de6e52db59 crypto/initthr
|
||||
f866aafae928db1b439ac950dc90744a2397dfe222672fe68b3798396190c8b0 crypto/mem_clr.c
|
||||
18127868d868ca5705444c24f7dc385391ba31154fc04ff54949739e8fa7fdfc crypto/ml_dsa/ml_dsa_encoders.c
|
||||
825105b0a2c4844b2b4229001650ff7e61e1348e52f1072210f70b97cd4adb71 crypto/ml_dsa/ml_dsa_hash.h
|
||||
c82201cf1a17ff2d4b169dcd4402d3d56f4685e460a1447e021db4abd67f7f0e crypto/ml_dsa/ml_dsa_key.c
|
||||
c467f4400d399aad6b51746ef2575d1e04d260a1bf901b35ca55624fe62e650e crypto/ml_dsa/ml_dsa_key.c
|
||||
579c1a12a5c5f014476a6bf695dc271f63074fb187e23ffc3f9ccb5b7ea044f1 crypto/ml_dsa/ml_dsa_key.h
|
||||
3f98eb0467033d0a40867ef1c1036dcfea5d231eeac2321196f7d7c7243edace crypto/ml_dsa/ml_dsa_key_compress.c
|
||||
983d164bfa3dbe8d85ad1fdc24d897e79d9246d96d9c1862855c6c538b387ad9 crypto/ml_dsa/ml_dsa_local.h
|
||||
@@ -263,7 +263,7 @@ ff65c82c56e341f47df03d0c74de7fb537de0e68a4fa23fa07a9fdb51c511f1c crypto/ml_dsa/
|
||||
1d7f57a41034988a4e7d4c9a998760d2ef802c5e90275d09a3ca31c5f3403d94 crypto/ml_dsa/ml_dsa_sign.c
|
||||
5217ef237e21872205703b95577290c34898423466a465c7bd609b2eb4627964 crypto/ml_dsa/ml_dsa_sign.h
|
||||
abd934284bcd8061027a69f437fa4410c6b72cd950be1ebe048244d036371208 crypto/ml_dsa/ml_dsa_vector.h
|
||||
defc2e4e81ff1b78056c795bc0565f4241a259c2957abe84a51bcbc1e4ace3f1 crypto/ml_kem/ml_kem.c
|
||||
8c4f7238f68f959f2ad1e2529c567364c5a8818898355c82818521e03239ea76 crypto/ml_kem/ml_kem.c
|
||||
36e24eae5d38cc9666ae40e4e8a2dc12328e1159fea68447cb19dab174d25adf crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl
|
||||
33357356cd739d4ae89d52f0804b6900e4b94d8829323819c6f64c8908e978df crypto/modes/asm/aes-gcm-armv8_64.pl
|
||||
bcc09bdb474f045d04c983fa09c31a010c5a25513f53a5d3653ade91304f0f96 crypto/modes/asm/aes-gcm-avx512.pl
|
||||
@@ -306,7 +306,7 @@ f50450f7e5f6896fb8e3cde2fdc11cc543124c854ef9d88252a166606ca80081 crypto/params_
|
||||
467c416422ecf61e3b713c5eb259fdbcb4aa73ae8dee61804d0b85cfd3fff4f7 crypto/property/defn_cache.c
|
||||
91c1f1f8eb5588ed9da17386c244ae68a6a81717b1c7ab6c9f1a6a57973a039f crypto/property/property.c
|
||||
66da4f28d408133fb544b14aeb9ad4913e7c5c67e2826e53f0dc5bf4d8fada26 crypto/property/property_local.h
|
||||
d32105cb087d708d0504a787f74bc163cc398c299faf2e98d6bb5ae02f5ce9b7 crypto/property/property_parse.c
|
||||
1e99a3934812f99dad79cbfbb6727ad61b6093711c1a6c74d4b50f9318152611 crypto/property/property_parse.c
|
||||
a7cefda6a117550e2c76e0f307565ce1e11640b11ba10c80e469a837fd1212a3 crypto/property/property_query.c
|
||||
20e69b9d594dfc443075eddbb0e6bcc0ed36ca51993cd50cc5a4f86eb31127f8 crypto/property/property_string.c
|
||||
10644e9d20214660706de58d34edf635c110d4e4f2628cd5284a08c60ed9aff8 crypto/provider_core.c
|
||||
@@ -322,7 +322,7 @@ f0c8792a99132e0b9c027cfa7370f45594a115934cdc9e8f23bdd64abecaf7fd crypto/rsa/rsa
|
||||
1b828f428f0e78b591378f7b780164c4574620c68f9097de041cbd576f811bf6 crypto/rsa/rsa_backend.c
|
||||
38a102cd1da1f6ca5a46e6a22f018237964336274385f5c70cbedcaa6997647e crypto/rsa/rsa_chk.c
|
||||
e762c599b17d5c89f4b1c9eb7d0ca1f04a95d815c86a3e72c30b231ce57fb199 crypto/rsa/rsa_crpt.c
|
||||
0fa3e4687510e2d91c8f4b1c460b1d51375d9855ed825b3d6697620b146b52d1 crypto/rsa/rsa_gen.c
|
||||
a3d20f27ae3cb41af5b62febd0bb19025e59d401b136306d570cdba103b15542 crypto/rsa/rsa_gen.c
|
||||
f22bc4e2c3acab83e67820c906c1caf048ec1f0d4fcb7472c1bec753c75f8e93 crypto/rsa/rsa_lib.c
|
||||
5ae8edaf654645996385fbd420ef73030762fc146bf41deb5294d6d83e257a16 crypto/rsa/rsa_local.h
|
||||
cf0b75cd54b61b9b9a290ef18d0ddce9fb26a029a54eb3f720d9b25188440f00 crypto/rsa/rsa_mp_names.c
|
||||
@@ -416,7 +416,7 @@ a00e16963e1e2a0126c6a8e62da8a14f98de9736027654c925925dadd0ca3cc1 crypto/thread/
|
||||
27ec0090f4243c96e4fbe1babfd4320c2a16615ffa368275433217d50a1ef76c crypto/thread/internal.c
|
||||
67ba8d87fbbb7c9a9e438018e7ecfd1cedd4d00224be05755580d044f5f1317a crypto/threads_lib.c
|
||||
b1a828491d9ce305802662561788facac92dff70cca9ead807f3e28741ff21e0 crypto/threads_none.c
|
||||
c659f7ce5c4b59d2a1cff78485fa8e89c8d20d5798df4afc1b94ff635ffc0262 crypto/threads_pthread.c
|
||||
491e9c29d4a7b4dd627ea25c20ce4a33103565b3108b618c41c6816dfc675569 crypto/threads_pthread.c
|
||||
9c3bf7b4baa302a4017150fbcaa114ee9df935b18d5a3a8c8015003780d4e7de crypto/threads_win.c
|
||||
7edd638df588b14711a50c98d458c4fc83f223ed03bc6c39c7c8edf7915b7cfa crypto/time.c
|
||||
88c5f9f4d2611223d283ebd2ae10ae5ecbb9972d00f747d93fcb74b62641e3f9 crypto/x86_64cpuid.pl
|
||||
@@ -445,7 +445,7 @@ bbe5e52d84e65449a13e42cd2d6adce59b8ed6e73d6950917aa77dc1f3f5dff6 include/crypto
|
||||
6e7762e7fb63f56d25b24f70209f4dc834c59a87f74467531ec81646f565dbe3 include/crypto/modes.h
|
||||
920bc48a4dad3712bdcef188c0ce8e8a8304e0ce332b54843bab366fc5eab472 include/crypto/rand.h
|
||||
71f23915ea74e93971fb0205901031be3abea7ffef2c52e4cc4848515079f68d include/crypto/rand_pool.h
|
||||
b1df067691f9741ef9c42b2e5f12461bcd87b745514fc5701b9c9402fb10b224 include/crypto/rsa.h
|
||||
6f16685ffbc97dc2ac1240bfddf4bbac2dd1ad83fff6da91aee6f3f64c6ee8ff include/crypto/rsa.h
|
||||
32f0149ab1d82fddbdfbbc44e3078b4a4cc6936d35187e0f8d02cc0bc19f2401 include/crypto/security_bits.h
|
||||
80338f3865b7c74aab343879432a6399507b834e2f55dd0e9ee7a5eeba11242a include/crypto/sha.h
|
||||
dc7808729c3231a08bbe470b3e1b562420030f59f7bc05b14d7b516fa77b4f3a include/crypto/slh_dsa.h
|
||||
@@ -546,7 +546,7 @@ a8a45996fd21411cb7ed610bc202dbd06570cdfa0a2d14f7dfc8bfadc820e636 include/openss
|
||||
cb6bca3913c60a57bac39583eee0f789d49c3d29be3ecde9aecc7f3287117aa5 include/openssl/objects.h
|
||||
d25537af264684dff033dd8ae62b0348f868fcfec4aa51fa8f07bcfa4bd807ad include/openssl/objectserr.h
|
||||
fe6acd42c3e90db31aaafc2236a7d30ebfa53c4c07ea4d8265064c7fcb951970 include/openssl/opensslconf.h
|
||||
fc914a750d798ac9fc9287e6359cfa1da214b91651deaaaa7e1a46b595cd0425 include/openssl/opensslv.h.in
|
||||
6c1a8837bbba633db2a8951ff29ccfe09e7d2a24a37ee2af90f2d897c190da9a include/openssl/opensslv.h.in
|
||||
767d9d7d5051c937a3ce8a268c702902fda93eeaa210a94dfde1f45c23277d20 include/openssl/param_build.h
|
||||
1c442aaaa4dda7fbf727a451bc676fb4d855ef617c14dc77ff2a5e958ae33c3e include/openssl/params.h
|
||||
44f178176293c6ce8142890ff9dc2d466364c734e4e811f56bd62010c5403183 include/openssl/pkcs7.h.in
|
||||
@@ -618,8 +618,8 @@ f2581d7b4e105f2bb6d30908f3c2d9959313be08cec6dbeb49030c125a7676d3 providers/fips
|
||||
669f76f742bcaaf28846b057bfab97da7c162d69da244de71b7c743bf16e430f providers/fips/include/fipscommon.h
|
||||
f111fd7e016af8cc6f96cd8059c28227b328dd466ed137ae0c0bc0c3c3eec3ba providers/fips/self_test.c
|
||||
5c2c6c2f69e2eb01b88fa35630f27948e00dd2c2fd351735c74f34ccb2005cbe providers/fips/self_test.h
|
||||
663441de9aba1d1b81ce02b3acded520b88cc460330d4d98adb7450d9664c474 providers/fips/self_test_data.inc
|
||||
2e568e2b161131240e97bd77a730c2299f961c2f1409ea8466422fc07f9be23f providers/fips/self_test_kats.c
|
||||
df83c901ad13675fbbb4708b6087feba6099870ad3dd0e8d09cfdb6798419770 providers/fips/self_test_data.inc
|
||||
6779d5afb3f48d82868b247ffb0a6a572f6e3964738296ad47e7ccafdb263c88 providers/fips/self_test_kats.c
|
||||
dde79dfdedfe0e73006a0cf912fdde1ff109dfbc5ba6ecab319c938bc4275950 providers/implementations/asymciphers/rsa_enc.c
|
||||
c2f1b12c64fc369dfc3b9bc9e76a76de7280e6429adaee55d332eb1971ad1879 providers/implementations/ciphers/cipher_aes.c
|
||||
6ba7d817081cf0d87ba7bfb38cd9d70e41505480bb8bc796ef896f68d4514ea6 providers/implementations/ciphers/cipher_aes.h
|
||||
@@ -699,7 +699,7 @@ c764555b9dc9b273c280514a5d2d44156f82f3e99155a77c627f2c773209bcd7 providers/impl
|
||||
24cc3cc8e8681c77b7f96c83293bd66045fd8ad69f756e673ca7f8ca9e82b0af providers/implementations/keymgmt/dsa_kmgmt.c
|
||||
36a9c1c8658ce7918453827cb58ed52787e590e3f148c5510deeb2c16c25a29d providers/implementations/keymgmt/ec_kmgmt.c
|
||||
258ae17bb2dd87ed1511a8eb3fe99eed9b77f5c2f757215ff6b3d0e8791fc251 providers/implementations/keymgmt/ec_kmgmt_imexport.inc
|
||||
9728d696d249b2d224724c9872138a60e1998e5cfa5c49f3f48ad0666f7eed34 providers/implementations/keymgmt/ecx_kmgmt.c
|
||||
11c27cc3c9f38885c484f25d11987e93f197aa90bef2fc1d6e8f508c2d014d4d providers/implementations/keymgmt/ecx_kmgmt.c
|
||||
daf35a7ab961ef70aefca981d80407935904c5da39dca6692432d6e6bc98759d providers/implementations/keymgmt/kdf_legacy_kmgmt.c
|
||||
d97d7c8d3410b3e560ef2becaea2a47948e22205be5162f964c5e51a7eef08cb providers/implementations/keymgmt/mac_legacy_kmgmt.c
|
||||
a428de71082fd01e5dcfa030a6fc34f6700b86d037b4e22f015c917862a158ce providers/implementations/keymgmt/ml_dsa_kmgmt.c
|
||||
|
||||
@@ -1 +1 @@
|
||||
8d0c2c2b986f4c98f511c9aa020e98aa984dce5976d8e1966a7721f8b559cda8 providers/fips-sources.checksums
|
||||
c342f9dc7075a6ecd0e4b3c9db06e180765278a7bbae233ec1a65095a0e524ec providers/fips-sources.checksums
|
||||
|
||||
@@ -1308,6 +1308,18 @@ static const ST_KAT_PARAM rsa_priv_key[] = {
|
||||
ST_KAT_PARAM_END()
|
||||
};
|
||||
|
||||
/*-
|
||||
* Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the
|
||||
* ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
|
||||
* HP/UX PA-RISC compilers.
|
||||
*/
|
||||
static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
|
||||
|
||||
static const ST_KAT_PARAM rsa_enc_params[] = {
|
||||
ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),
|
||||
ST_KAT_PARAM_END()
|
||||
};
|
||||
|
||||
static const unsigned char rsa_sig_msg[] = "Hello World!";
|
||||
|
||||
static const unsigned char rsa_expected_sig[256] = {
|
||||
@@ -3497,3 +3509,33 @@ static const ST_KAT_ASYM_KEYGEN st_kat_asym_keygen_tests[] = {
|
||||
# endif
|
||||
};
|
||||
#endif /* !OPENSSL_NO_ML_DSA || !OPENSSL_NO_SLH_DSA */
|
||||
|
||||
static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
|
||||
{
|
||||
OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
|
||||
"RSA",
|
||||
1,
|
||||
rsa_pub_key,
|
||||
rsa_enc_params,
|
||||
ITM(rsa_asym_plaintext_encrypt),
|
||||
ITM(rsa_asym_expected_encrypt),
|
||||
},
|
||||
{
|
||||
OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
|
||||
"RSA",
|
||||
0,
|
||||
rsa_priv_key,
|
||||
rsa_enc_params,
|
||||
ITM(rsa_asym_expected_encrypt),
|
||||
ITM(rsa_asym_plaintext_encrypt),
|
||||
},
|
||||
{
|
||||
OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
|
||||
"RSA",
|
||||
0,
|
||||
rsa_crt_key,
|
||||
rsa_enc_params,
|
||||
ITM(rsa_asym_expected_encrypt),
|
||||
ITM(rsa_asym_plaintext_encrypt),
|
||||
},
|
||||
};
|
||||
|
||||
@@ -812,6 +812,93 @@ static int self_test_kem(const ST_KAT_KEM *t, OSSL_SELF_TEST *st,
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Test an encrypt or decrypt KAT..
|
||||
*
|
||||
* FIPS 140-2 IG D.9 states that separate KAT tests are needed for encrypt
|
||||
* and decrypt..
|
||||
*/
|
||||
static int self_test_asym_cipher(const ST_KAT_ASYM_CIPHER *t, OSSL_SELF_TEST *st,
|
||||
OSSL_LIB_CTX *libctx)
|
||||
{
|
||||
int ret = 0;
|
||||
OSSL_PARAM *keyparams = NULL, *initparams = NULL;
|
||||
OSSL_PARAM_BLD *keybld = NULL, *initbld = NULL;
|
||||
EVP_PKEY_CTX *encctx = NULL, *keyctx = NULL;
|
||||
EVP_PKEY *key = NULL;
|
||||
BN_CTX *bnctx = NULL;
|
||||
unsigned char out[256];
|
||||
size_t outlen = sizeof(out);
|
||||
|
||||
OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER, t->desc);
|
||||
|
||||
bnctx = BN_CTX_new_ex(libctx);
|
||||
if (bnctx == NULL)
|
||||
goto err;
|
||||
|
||||
/* Load a public or private key from data */
|
||||
keybld = OSSL_PARAM_BLD_new();
|
||||
if (keybld == NULL
|
||||
|| !add_params(keybld, t->key, bnctx))
|
||||
goto err;
|
||||
keyparams = OSSL_PARAM_BLD_to_param(keybld);
|
||||
keyctx = EVP_PKEY_CTX_new_from_name(libctx, t->algorithm, NULL);
|
||||
if (keyctx == NULL || keyparams == NULL)
|
||||
goto err;
|
||||
if (EVP_PKEY_fromdata_init(keyctx) <= 0
|
||||
|| EVP_PKEY_fromdata(keyctx, &key, EVP_PKEY_KEYPAIR, keyparams) <= 0)
|
||||
goto err;
|
||||
|
||||
/* Create a EVP_PKEY_CTX to use for the encrypt or decrypt operation */
|
||||
encctx = EVP_PKEY_CTX_new_from_pkey(libctx, key, NULL);
|
||||
if (encctx == NULL
|
||||
|| (t->encrypt && EVP_PKEY_encrypt_init(encctx) <= 0)
|
||||
|| (!t->encrypt && EVP_PKEY_decrypt_init(encctx) <= 0))
|
||||
goto err;
|
||||
|
||||
/* Add any additional parameters such as padding */
|
||||
if (t->postinit != NULL) {
|
||||
initbld = OSSL_PARAM_BLD_new();
|
||||
if (initbld == NULL)
|
||||
goto err;
|
||||
if (!add_params(initbld, t->postinit, bnctx))
|
||||
goto err;
|
||||
initparams = OSSL_PARAM_BLD_to_param(initbld);
|
||||
if (initparams == NULL)
|
||||
goto err;
|
||||
if (EVP_PKEY_CTX_set_params(encctx, initparams) <= 0)
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (t->encrypt) {
|
||||
if (EVP_PKEY_encrypt(encctx, out, &outlen,
|
||||
t->in, t->in_len) <= 0)
|
||||
goto err;
|
||||
} else {
|
||||
if (EVP_PKEY_decrypt(encctx, out, &outlen,
|
||||
t->in, t->in_len) <= 0)
|
||||
goto err;
|
||||
}
|
||||
/* Check the KAT */
|
||||
OSSL_SELF_TEST_oncorrupt_byte(st, out);
|
||||
if (outlen != t->expected_len
|
||||
|| memcmp(out, t->expected, t->expected_len) != 0)
|
||||
goto err;
|
||||
|
||||
ret = 1;
|
||||
err:
|
||||
BN_CTX_free(bnctx);
|
||||
EVP_PKEY_free(key);
|
||||
EVP_PKEY_CTX_free(encctx);
|
||||
EVP_PKEY_CTX_free(keyctx);
|
||||
OSSL_PARAM_free(keyparams);
|
||||
OSSL_PARAM_BLD_free(keybld);
|
||||
OSSL_PARAM_free(initparams);
|
||||
OSSL_PARAM_BLD_free(initbld);
|
||||
OSSL_SELF_TEST_onend(st, ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* Test a data driven list of KAT's for digest algorithms.
|
||||
* All tests are run regardless of if they fail or not.
|
||||
@@ -853,6 +940,17 @@ static int self_test_kems(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int self_test_asym_ciphers(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
|
||||
{
|
||||
int i, ret = 1;
|
||||
|
||||
for (i = 0; i < (int)OSSL_NELEM(st_kat_asym_cipher_tests); ++i) {
|
||||
if (!self_test_asym_cipher(&st_kat_asym_cipher_tests[i], st, libctx))
|
||||
ret = 0;
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int self_test_kdfs(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
|
||||
{
|
||||
int i, ret = 1;
|
||||
@@ -1092,6 +1190,8 @@ int SELF_TEST_kats(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
|
||||
ret = 0;
|
||||
if (!self_test_kems(st, libctx))
|
||||
ret = 0;
|
||||
if (!self_test_asym_ciphers(st, libctx))
|
||||
ret = 0;
|
||||
|
||||
RAND_set0_private(libctx, saved_rand);
|
||||
return ret;
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@@ -350,7 +350,7 @@ static int cipher_init(EVP_CIPHER_CTX *ctx,
|
||||
{
|
||||
int klen, ret;
|
||||
|
||||
ret = EVP_EncryptInit_ex(ctx, cipher, engine, key, NULL);
|
||||
ret = EVP_EncryptInit_ex(ctx, cipher, engine, NULL, NULL);
|
||||
if (!ret)
|
||||
goto out;
|
||||
/* set the key len for the odd variable key len cipher */
|
||||
@@ -362,6 +362,9 @@ static int cipher_init(EVP_CIPHER_CTX *ctx,
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
ret = EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
|
||||
if (!ret)
|
||||
goto out;
|
||||
/* we never want padding, either the length requested is a multiple of
|
||||
* the cipher block size or we are passed a cipher that can cope with
|
||||
* partial blocks via techniques like cipher text stealing */
|
||||
|
||||
@@ -218,14 +218,6 @@ static int ecx_import(void *keydata, int selection, const OSSL_PARAM params[])
|
||||
include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
|
||||
ok = ok && ossl_ecx_key_fromdata(key, params, include_private);
|
||||
|
||||
#ifdef FIPS_MODULE
|
||||
if (ok > 0 && ecx_key_type_is_ed(key->type) && !ossl_fips_self_testing())
|
||||
if (key->haspubkey && key->privkey != NULL) {
|
||||
ok = ecd_fips140_pairwise_test(key, key->type, 1);
|
||||
if (ok <= 0)
|
||||
ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT_IMPORT);
|
||||
}
|
||||
#endif /* FIPS_MODULE */
|
||||
return ok;
|
||||
}
|
||||
|
||||
|
||||
@@ -3197,6 +3197,7 @@ int ossl_quic_conn_stream_conclude(SSL *s)
|
||||
QCTX ctx;
|
||||
QUIC_STREAM *qs;
|
||||
int err;
|
||||
int ret;
|
||||
|
||||
if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, /*io=*/0, &ctx))
|
||||
return 0;
|
||||
@@ -3204,13 +3205,15 @@ int ossl_quic_conn_stream_conclude(SSL *s)
|
||||
qs = ctx.xso->stream;
|
||||
|
||||
if (!quic_mutation_allowed(ctx.qc, /*req_active=*/1)) {
|
||||
ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
|
||||
qctx_unlock(&ctx);
|
||||
return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (!quic_validate_for_write(ctx.xso, &err)) {
|
||||
ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
|
||||
qctx_unlock(&ctx);
|
||||
return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (ossl_quic_sstream_get_final_size(qs->sstream, NULL)) {
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@@ -1093,9 +1093,12 @@ int tls13_common_post_process_record(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec)
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (rl->msg_callback != NULL)
|
||||
rl->msg_callback(0, rl->version, SSL3_RT_INNER_CONTENT_TYPE, &rec->type,
|
||||
1, rl->cbarg);
|
||||
if (rl->msg_callback != NULL) {
|
||||
unsigned char ctype = (unsigned char)rec->type;
|
||||
|
||||
rl->msg_callback(0, rl->version, SSL3_RT_INNER_CONTENT_TYPE, &ctype,
|
||||
1, rl->cbarg);
|
||||
}
|
||||
|
||||
/*
|
||||
* TLSv1.3 alert and handshake records are required to be non-zero in
|
||||
|
||||
+4
-1
@@ -1056,10 +1056,13 @@ static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *pr
|
||||
}
|
||||
}
|
||||
|
||||
if (!X509_up_ref(x509))
|
||||
if (!X509_up_ref(x509)) {
|
||||
OSSL_STACK_OF_X509_free(dup_chain);
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!EVP_PKEY_up_ref(privatekey)) {
|
||||
OSSL_STACK_OF_X509_free(dup_chain);
|
||||
X509_free(x509);
|
||||
goto out;
|
||||
}
|
||||
|
||||
@@ -549,8 +549,12 @@ static const ssl_trace_tbl ssl_groups_tbl[] = {
|
||||
{258, "ffdhe4096"},
|
||||
{259, "ffdhe6144"},
|
||||
{260, "ffdhe8192"},
|
||||
{512, "MLKEM512"},
|
||||
{513, "MLKEM768"},
|
||||
{514, "MLKEM1024"},
|
||||
{4587, "SecP256r1MLKEM768"},
|
||||
{4588, "X25519MLKEM768"},
|
||||
{4589, "SecP384r1MLKEM1024"},
|
||||
{25497, "X25519Kyber768Draft00"},
|
||||
{25498, "SecP256r1Kyber768Draft00"},
|
||||
{0xFF01, "arbitrary_explicit_prime_curves"},
|
||||
|
||||
+2
-1
@@ -31,7 +31,8 @@ IF[{- !$disabled{tests} -}]
|
||||
testutil/format_output.c testutil/load.c testutil/fake_random.c \
|
||||
testutil/test_cleanup.c testutil/main.c testutil/testutil_init.c \
|
||||
testutil/options.c testutil/test_options.c testutil/provider.c \
|
||||
testutil/apps_shims.c testutil/random.c testutil/helper.c $LIBAPPSSRC
|
||||
testutil/apps_shims.c testutil/random.c testutil/helper.c \
|
||||
testutil/compare.c $LIBAPPSSRC
|
||||
INCLUDE[libtestutil.a]=../include ../apps/include ..
|
||||
DEPEND[libtestutil.a]=../libcrypto
|
||||
|
||||
|
||||
+3
-1
@@ -35,6 +35,8 @@ static int exptypes_selection;
|
||||
static int query_id;
|
||||
static int key_deleted;
|
||||
|
||||
unsigned fake_rsa_query_operation_name = 0;
|
||||
|
||||
typedef struct {
|
||||
OSSL_LIB_CTX *libctx;
|
||||
} PROV_FAKE_RSA_CTX;
|
||||
@@ -90,7 +92,7 @@ static const char *fake_rsa_keymgmt_query(int id)
|
||||
/* record global for checking */
|
||||
query_id = id;
|
||||
|
||||
return "RSA";
|
||||
return fake_rsa_query_operation_name ? NULL: "RSA";
|
||||
}
|
||||
|
||||
static int fake_rsa_keymgmt_import(void *keydata, int selection,
|
||||
|
||||
+10
-1
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
@@ -14,5 +14,14 @@
|
||||
/* Fake RSA provider implementation */
|
||||
OSSL_PROVIDER *fake_rsa_start(OSSL_LIB_CTX *libctx);
|
||||
void fake_rsa_finish(OSSL_PROVIDER *p);
|
||||
|
||||
OSSL_PARAM *fake_rsa_key_params(int priv);
|
||||
void fake_rsa_restore_store_state(void);
|
||||
|
||||
/*
|
||||
* When fake_rsa_query_operation_name is set to a non-zero value,
|
||||
* query_operation_name() will return NULL.
|
||||
*
|
||||
* By default, it is 0, in which case query_operation_name() will return "RSA".
|
||||
*/
|
||||
extern unsigned fake_rsa_query_operation_name;
|
||||
|
||||
@@ -140,9 +140,19 @@ static int test_ml_kem(void)
|
||||
if (!TEST_int_gt(EVP_PKEY_copy_parameters(bkey, akey), 0))
|
||||
goto err;
|
||||
|
||||
/* Bob's empty key is not equal to Alice's */
|
||||
if (!TEST_false(EVP_PKEY_eq(akey, bkey))
|
||||
|| !TEST_false(EVP_PKEY_eq(bkey, akey)))
|
||||
goto err;
|
||||
|
||||
if (!TEST_true(EVP_PKEY_set1_encoded_public_key(bkey, rawpub, publen)))
|
||||
goto err;
|
||||
|
||||
/* Bob's copy of Alice's public key makes the two equal */
|
||||
if (!TEST_true(EVP_PKEY_eq(akey, bkey))
|
||||
|| !TEST_true(EVP_PKEY_eq(bkey, akey)))
|
||||
goto err;
|
||||
|
||||
/* Encapsulate Bob's key */
|
||||
ctx = EVP_PKEY_CTX_new_from_pkey(testctx, bkey, NULL);
|
||||
if (!TEST_ptr(ctx))
|
||||
|
||||
+18
-1
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
@@ -687,6 +687,22 @@ static int test_property_list_to_string(int i)
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int test_property_list_to_string_bounds(void)
|
||||
{
|
||||
OSSL_PROPERTY_LIST *pl = NULL;
|
||||
char buf[16];
|
||||
int ret = 0;
|
||||
|
||||
if (!TEST_ptr(pl = ossl_parse_query(NULL, "provider='$1'", 1)))
|
||||
goto err;
|
||||
if (!TEST_size_t_eq(ossl_property_list_to_string(NULL, pl, buf, 10), 14))
|
||||
goto err;
|
||||
ret = 1;
|
||||
err:
|
||||
ossl_property_free(pl);
|
||||
return ret;
|
||||
}
|
||||
|
||||
int setup_tests(void)
|
||||
{
|
||||
ADD_TEST(test_property_string);
|
||||
@@ -701,5 +717,6 @@ int setup_tests(void)
|
||||
ADD_TEST(test_query_cache_stochastic);
|
||||
ADD_TEST(test_fips_mode);
|
||||
ADD_ALL_TESTS(test_property_list_to_string, OSSL_NELEM(to_string_tests));
|
||||
ADD_TEST(test_property_list_to_string_bounds);
|
||||
return 1;
|
||||
}
|
||||
|
||||
@@ -239,6 +239,77 @@ static int test_pkey_eq(void)
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int test_pkey_can_sign(void)
|
||||
{
|
||||
OSSL_PROVIDER *fake_rsa = NULL;
|
||||
EVP_PKEY *pkey_fake = NULL;
|
||||
EVP_PKEY_CTX *ctx = NULL;
|
||||
OSSL_PARAM *params = NULL;
|
||||
int ret = 0;
|
||||
|
||||
if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx)))
|
||||
return 0;
|
||||
|
||||
/*
|
||||
* Ensure other tests did not forget to reset fake_rsa_query_operation_name
|
||||
* to its default value: 0
|
||||
*/
|
||||
if (!TEST_int_eq(fake_rsa_query_operation_name, 0))
|
||||
goto end;
|
||||
|
||||
if (!TEST_ptr(params = fake_rsa_key_params(0))
|
||||
|| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA",
|
||||
"provider=fake-rsa"))
|
||||
|| !TEST_true(EVP_PKEY_fromdata_init(ctx))
|
||||
|| !TEST_true(EVP_PKEY_fromdata(ctx, &pkey_fake, EVP_PKEY_PUBLIC_KEY,
|
||||
params))
|
||||
|| !TEST_true(EVP_PKEY_can_sign(pkey_fake))
|
||||
|| !TEST_ptr(pkey_fake))
|
||||
goto end;
|
||||
|
||||
EVP_PKEY_CTX_free(ctx);
|
||||
ctx = NULL;
|
||||
EVP_PKEY_free(pkey_fake);
|
||||
pkey_fake = NULL;
|
||||
OSSL_PARAM_free(params);
|
||||
params = NULL;
|
||||
|
||||
/*
|
||||
* Documented behavior for OSSL_FUNC_keymgmt_query_operation_name()
|
||||
* allows it to return NULL, in which case the fallback should be to use
|
||||
* EVP_KEYMGMT_get0_name(). That is exactly the thing we are testing here.
|
||||
*/
|
||||
fake_rsa_query_operation_name = 1;
|
||||
|
||||
if (!TEST_ptr(params = fake_rsa_key_params(0))
|
||||
|| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA",
|
||||
"provider=fake-rsa"))
|
||||
|| !TEST_true(EVP_PKEY_fromdata_init(ctx))
|
||||
|| !TEST_true(EVP_PKEY_fromdata(ctx, &pkey_fake, EVP_PKEY_PUBLIC_KEY,
|
||||
params))
|
||||
|| !TEST_true(EVP_PKEY_can_sign(pkey_fake))
|
||||
|| !TEST_ptr(pkey_fake))
|
||||
goto end;
|
||||
|
||||
EVP_PKEY_CTX_free(ctx);
|
||||
ctx = NULL;
|
||||
EVP_PKEY_free(pkey_fake);
|
||||
pkey_fake = NULL;
|
||||
OSSL_PARAM_free(params);
|
||||
params = NULL;
|
||||
|
||||
ret = 1;
|
||||
end:
|
||||
|
||||
EVP_PKEY_CTX_free(ctx);
|
||||
EVP_PKEY_free(pkey_fake);
|
||||
OSSL_PARAM_free(params);
|
||||
fake_rsa_query_operation_name = 0;
|
||||
|
||||
fake_rsa_finish(fake_rsa);
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int test_pkey_store(int idx)
|
||||
{
|
||||
OSSL_PROVIDER *deflt = NULL;
|
||||
@@ -719,6 +790,7 @@ int setup_tests(void)
|
||||
ADD_TEST(test_pkey_sig);
|
||||
ADD_TEST(test_alternative_keygen_init);
|
||||
ADD_TEST(test_pkey_eq);
|
||||
ADD_TEST(test_pkey_can_sign);
|
||||
ADD_ALL_TESTS(test_pkey_store, 2);
|
||||
ADD_TEST(test_pkey_delete);
|
||||
ADD_TEST(test_pkey_store_open_ex);
|
||||
|
||||
+9
-86
@@ -428,91 +428,6 @@ static int test_version(void)
|
||||
}
|
||||
|
||||
#if defined(DO_SSL_TRACE_TEST)
|
||||
static void strip_line_ends(char *str)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
for (i = strlen(str);
|
||||
i > 0 && (str[i - 1] == '\n' || str[i - 1] == '\r');
|
||||
i--);
|
||||
|
||||
str[i] = '\0';
|
||||
}
|
||||
|
||||
static int compare_with_file(BIO *membio)
|
||||
{
|
||||
BIO *file = NULL, *newfile = NULL;
|
||||
char buf1[8192], buf2[8192];
|
||||
char *reffile;
|
||||
int ret = 0;
|
||||
size_t i;
|
||||
|
||||
#ifdef OPENSSL_NO_ZLIB
|
||||
reffile = test_mk_file_path(datadir, "ssltraceref.txt");
|
||||
#else
|
||||
reffile = test_mk_file_path(datadir, "ssltraceref-zlib.txt");
|
||||
#endif
|
||||
if (!TEST_ptr(reffile))
|
||||
goto err;
|
||||
|
||||
file = BIO_new_file(reffile, "rb");
|
||||
if (!TEST_ptr(file))
|
||||
goto err;
|
||||
|
||||
newfile = BIO_new_file("ssltraceref-new.txt", "wb");
|
||||
if (!TEST_ptr(newfile))
|
||||
goto err;
|
||||
|
||||
while (BIO_gets(membio, buf2, sizeof(buf2)) > 0)
|
||||
if (BIO_puts(newfile, buf2) <= 0) {
|
||||
TEST_error("Failed writing new file data");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (!TEST_int_ge(BIO_seek(membio, 0), 0))
|
||||
goto err;
|
||||
|
||||
while (BIO_gets(file, buf1, sizeof(buf1)) > 0) {
|
||||
size_t line_len;
|
||||
|
||||
if (BIO_gets(membio, buf2, sizeof(buf2)) <= 0) {
|
||||
TEST_error("Failed reading mem data");
|
||||
goto err;
|
||||
}
|
||||
strip_line_ends(buf1);
|
||||
strip_line_ends(buf2);
|
||||
line_len = strlen(buf1);
|
||||
if (line_len > 0 && buf1[line_len - 1] == '?') {
|
||||
/* Wildcard at the EOL means ignore anything after it */
|
||||
if (strlen(buf2) > line_len)
|
||||
buf2[line_len] = '\0';
|
||||
}
|
||||
if (line_len != strlen(buf2)) {
|
||||
TEST_error("Actual and ref line data length mismatch");
|
||||
TEST_info("%s", buf1);
|
||||
TEST_info("%s", buf2);
|
||||
goto err;
|
||||
}
|
||||
for (i = 0; i < line_len; i++) {
|
||||
/* '?' is a wild card character in the reference text */
|
||||
if (buf1[i] == '?')
|
||||
buf2[i] = '?';
|
||||
}
|
||||
if (!TEST_str_eq(buf1, buf2))
|
||||
goto err;
|
||||
}
|
||||
if (!TEST_true(BIO_eof(file))
|
||||
|| !TEST_true(BIO_eof(membio)))
|
||||
goto err;
|
||||
|
||||
ret = 1;
|
||||
err:
|
||||
OPENSSL_free(reffile);
|
||||
BIO_free(file);
|
||||
BIO_free(newfile);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* Tests that the SSL_trace() msg_callback works as expected with a QUIC
|
||||
* connection. This also provides testing of the msg_callback at the same time.
|
||||
@@ -524,6 +439,7 @@ static int test_ssl_trace(void)
|
||||
QUIC_TSERVER *qtserv = NULL;
|
||||
int testresult = 0;
|
||||
BIO *bio = NULL;
|
||||
char *reffile = NULL;
|
||||
|
||||
if (!TEST_ptr(cctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method()))
|
||||
|| !TEST_ptr(bio = BIO_new(BIO_s_mem()))
|
||||
@@ -547,7 +463,13 @@ static int test_ssl_trace(void)
|
||||
if (!TEST_int_gt(BIO_pending(bio), 0))
|
||||
goto err;
|
||||
} else {
|
||||
if (!TEST_true(compare_with_file(bio)))
|
||||
|
||||
# ifdef OPENSSL_NO_ZLIB
|
||||
reffile = test_mk_file_path(datadir, "ssltraceref.txt");
|
||||
# else
|
||||
reffile = test_mk_file_path(datadir, "ssltraceref-zlib.txt");
|
||||
# endif
|
||||
if (!TEST_true(compare_with_reference_file(bio, reffile)))
|
||||
goto err;
|
||||
}
|
||||
|
||||
@@ -557,6 +479,7 @@ static int test_ssl_trace(void)
|
||||
SSL_free(clientquic);
|
||||
SSL_CTX_free(cctx);
|
||||
BIO_free(bio);
|
||||
OPENSSL_free(reffile);
|
||||
|
||||
return testresult;
|
||||
}
|
||||
|
||||
+4
-2
@@ -871,8 +871,10 @@ static int TERP_run(SCRIPT_INFO *script_info, TERP_CONFIG *cfg)
|
||||
}
|
||||
|
||||
GEN_SCRIPT_cleanup(&gen_script);
|
||||
BIO_printf(debug_bio, "Stats:\n Ops executed: %16llu\n\n",
|
||||
(unsigned long long)terp.ops_executed);
|
||||
if (have_terp) {
|
||||
BIO_printf(debug_bio, "Stats:\n Ops executed: %16llu\n\n",
|
||||
(unsigned long long)terp.ops_executed);
|
||||
}
|
||||
SCRIPT_INFO_print(script_info, debug_bio, /*error=*/!ok,
|
||||
ok ? "completed" : "failed, exiting");
|
||||
return ok;
|
||||
|
||||
@@ -63,7 +63,7 @@ my @commandline =
|
||||
( 'x942kdf_key_check', 'x942kdf-key-check' )
|
||||
);
|
||||
|
||||
plan tests => 40 + (scalar @pedantic_okay) + (scalar @pedantic_fail)
|
||||
plan tests => 41 + (scalar @pedantic_okay) + (scalar @pedantic_fail)
|
||||
+ 4 * (scalar @commandline);
|
||||
|
||||
my $infile = bldtop_file('providers', platform->dso('fips'));
|
||||
@@ -392,6 +392,16 @@ SKIP: {
|
||||
"fipsinstall fails when the ML-KEM decapsulate implicit failure result is corrupted");
|
||||
}
|
||||
|
||||
# corrupt an Asymmetric cipher test
|
||||
SKIP: {
|
||||
skip "Skipping Asymmetric RSA corruption test because of no rsa in this build", 1
|
||||
if disabled("rsa") || disabled("fips-post");
|
||||
ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips.cnf', '-module', $infile,
|
||||
'-corrupt_desc', 'RSA_Encrypt',
|
||||
'-corrupt_type', 'KAT_AsymmetricCipher'])),
|
||||
"fipsinstall fails when the asymmetric cipher result is corrupted");
|
||||
}
|
||||
|
||||
# 'local' ensures that this change is only done in this file.
|
||||
local $ENV{OPENSSL_CONF_INCLUDE} = abs2rel(curdir());
|
||||
|
||||
|
||||
@@ -602,9 +602,10 @@ ok(vfy_root("-CAfile", $rootcert), "CAfile");
|
||||
ok(vfy_root("-CAstore", $rootcert), "CAstore");
|
||||
ok(vfy_root("-CAstore", $rootcert, "-CAfile", $rootcert), "CAfile and existing CAstore");
|
||||
ok(!vfy_root("-CAstore", "non-existing", "-CAfile", $rootcert), "CAfile and non-existing CAstore");
|
||||
|
||||
SKIP: {
|
||||
skip "file names with colons aren't supported on Windows and VMS", 2
|
||||
if $^O =~ /^(MsWin32|VMS)$/;
|
||||
skip "file names with colons aren't supported on Windows and VMS", 1
|
||||
if $^O =~ /^(MSWin32|VMS)$/;
|
||||
my $foo_file = "foo:cert.pem";
|
||||
copy($rootcert, $foo_file);
|
||||
ok(vfy_root("-CAstore", $foo_file), "CAstore foo:file");
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
#
|
||||
# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2001-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@@ -129,3 +129,11 @@ Ctrl.cipher = cipher:DES-EDE3-CBC
|
||||
Ctrl.hexkey = hexkey:dce06b1f64c857a11c3db57c51899b2cc1791008ce973b92
|
||||
Ctrl.hexconstant = hexconstant:0000000155
|
||||
Output = 935079d14490a75c3093c4a6e8c3b049c71e6ee705
|
||||
|
||||
#Erroneous key size for the cipher as XTS has double key size
|
||||
KDF = KRB5KDF
|
||||
Ctrl.cipher = cipher:AES-256-XTS
|
||||
Ctrl.hexkey = hexkey:FE697B52BC0D3CE14432BA036A92E65BBB52280990A2FA27883998D72AF30161
|
||||
Ctrl.hexconstant = hexconstant:0000000255
|
||||
Output = 97151B4C76945063E2EB0529DC067D97D7BBA90776D8126D91F34F3101AEA8BA
|
||||
Result = KDF_DERIVE_ERROR
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
#
|
||||
# Copyright 2001-2024 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2001-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@@ -186,4 +186,4 @@ Output = 6a7fc08e9999fc9d50cda476e973a01a06efeb52eece1c78cb1422950476cbff67408c6
|
||||
Availablein = default
|
||||
Sign-Message = RSA-SM3:RSA-2048
|
||||
Input = "Hello World"
|
||||
Output = 92657e22036214c343d8e95d129c0c47430d5a1ae452371a7847a963f533f96e018aa6658958e6a584cf0d380aa9435175cf2de3dfa60100aca893b76aa6d8f0cc9154ee982cb5ea8f19153fe8a9c801aa2da8bb4451c7ec6fd836e81ecdacf022b68294db068efa47decf3a7c548ea7088a16433029b8733b9573053b7e7122ea10b662726fc97bd149c663617434a9707b672b024f95865d91077edfb79c8ed4c8528032204c46c984a6c82b17794cbf9c4dfe4c1af1d59535f7755540ff36d6a2b55accbf046896c4aae9287a33f38c2a269a02abdac46c17b1b55ee89cc9eb3011a84916596f982c5375dd2110633be6dc43532919466d83bd0f3e406978
|
||||
Output = b74e03c18050807541bde949aa0ac91d43fb9730f0b529d5100d5776f4f446d0ca0f0992359dc5f89386ed45bc3bf52cac1f75fbcc088fc2ea77624fd962569d2d317e90886dec424fb6757c4eba1e881ddf4f7942e8003b54e05cc974558dea171ce23a2fc158f71a5621c9a2c3ce45c9af4c706d3f60efe0c0f087a6ec504f771b08e2a1d78e0316c74706c678869bf121d5da00e2e8c8dc1cd273315b4ad8ab9962c62f81cebc5fb393b7f8860ee68545578413feada82b1c2bbfabfa157e298f0354bffc1cc6aa68f058a5d34b6b70ffacd3532c6b2c6a0de059bf605edf392ac8adbf1769555a0a50b2b13c63cae98a461498fae7f0d1729b710f05f39e
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@@ -45,7 +45,10 @@ ok(run(test(["sslapitest", srctop_dir("test", "certs"),
|
||||
srctop_file("test",
|
||||
"recipes",
|
||||
"90-test_sslapi_data",
|
||||
"dhparams.pem")])),
|
||||
"dhparams.pem"),
|
||||
srctop_dir("test",
|
||||
"recipes",
|
||||
"90-test_sslapi_data")])),
|
||||
"running sslapitest");
|
||||
|
||||
SKIP: {
|
||||
@@ -62,7 +65,10 @@ SKIP: {
|
||||
srctop_file("test",
|
||||
"recipes",
|
||||
"90-test_sslapi_data",
|
||||
"dhparams.pem")])),
|
||||
"dhparams.pem"),
|
||||
srctop_dir("test",
|
||||
"recipes",
|
||||
"90-test_sslapi_data")])),
|
||||
"running sslapitest with default fips config");
|
||||
|
||||
run(test(["fips_version_test", "-config", $provconf, ">=3.1.0"]),
|
||||
@@ -140,7 +146,10 @@ SKIP: {
|
||||
srctop_file("test",
|
||||
"recipes",
|
||||
"90-test_sslapi_data",
|
||||
"dhparams.pem")])),
|
||||
"dhparams.pem"),
|
||||
srctop_dir("test",
|
||||
"recipes",
|
||||
"90-test_sslapi_data")])),
|
||||
"running sslapitest with modified fips config");
|
||||
}
|
||||
|
||||
|
||||
@@ -0,0 +1,255 @@
|
||||
Sent TLS Record
|
||||
Header:
|
||||
Version = TLS 1.0 (0x301)
|
||||
Content Type = Handshake (22)
|
||||
Length = ?
|
||||
ClientHello, Length=?
|
||||
client_version=0x303 (TLS 1.2)
|
||||
Random:
|
||||
gmt_unix_time=0x?
|
||||
random_bytes (len=28): ?
|
||||
session_id (len=?
|
||||
cipher_suites (len=2)
|
||||
{0x13, 0x01} TLS_AES_128_GCM_SHA256
|
||||
compression_methods (len=1)
|
||||
No Compression (0x00)
|
||||
extensions, length = ?
|
||||
extension_type=ec_point_formats(11), length=4
|
||||
uncompressed (0)
|
||||
ansiX962_compressed_prime (1)
|
||||
ansiX962_compressed_char2 (2)
|
||||
extension_type=supported_groups(10), length=20
|
||||
MLKEM512 (512)
|
||||
MLKEM768 (513)
|
||||
MLKEM1024 (514)
|
||||
X25519MLKEM768 (4588)
|
||||
SecP256r1MLKEM768 (4587)
|
||||
SecP384r1MLKEM1024 (4589)
|
||||
secp521r1 (P-521) (25)
|
||||
secp384r1 (P-384) (24)
|
||||
secp256r1 (P-256) (23)
|
||||
extension_type=session_ticket(35), length=0
|
||||
extension_type=encrypt_then_mac(22), length=0
|
||||
extension_type=extended_master_secret(23), length=0
|
||||
extension_type=signature_algorithms(13), length=?
|
||||
mldsa65 (0x0905)
|
||||
mldsa87 (0x0906)
|
||||
mldsa44 (0x0904)
|
||||
ecdsa_secp256r1_sha256 (0x0403)
|
||||
ecdsa_secp384r1_sha384 (0x0503)
|
||||
ecdsa_secp521r1_sha512 (0x0603)
|
||||
ed25519 (0x0807)
|
||||
ed448 (0x0808)
|
||||
ecdsa_brainpoolP256r1tls13_sha256 (0x081a)
|
||||
ecdsa_brainpoolP384r1tls13_sha384 (0x081b)
|
||||
ecdsa_brainpoolP512r1tls13_sha512 (0x081c)
|
||||
rsa_pss_pss_sha256 (0x0809)
|
||||
rsa_pss_pss_sha384 (0x080a)
|
||||
rsa_pss_pss_sha512 (0x080b)
|
||||
rsa_pss_rsae_sha256 (0x0804)
|
||||
rsa_pss_rsae_sha384 (0x0805)
|
||||
rsa_pss_rsae_sha512 (0x0806)
|
||||
rsa_pkcs1_sha256 (0x0401)
|
||||
rsa_pkcs1_sha384 (0x0501)
|
||||
rsa_pkcs1_sha512 (0x0601)
|
||||
extension_type=supported_versions(43), length=3
|
||||
TLS 1.3 (772)
|
||||
extension_type=psk_key_exchange_modes(45), length=2
|
||||
psk_dhe_ke (1)
|
||||
extension_type=key_share(51), length=806
|
||||
NamedGroup: MLKEM512 (512)
|
||||
key_exchange: (len=800): ?
|
||||
extension_type=compress_certificate(27), length=3
|
||||
zlib (1)
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = Handshake (22)
|
||||
Length = 858
|
||||
ServerHello, Length=854
|
||||
server_version=0x303 (TLS 1.2)
|
||||
Random:
|
||||
gmt_unix_time=0x?
|
||||
random_bytes (len=28): ?
|
||||
session_id (len=?
|
||||
cipher_suite {0x13, 0x01} TLS_AES_128_GCM_SHA256
|
||||
compression_method: No Compression (0x00)
|
||||
extensions, length = ?
|
||||
extension_type=supported_versions(43), length=2
|
||||
TLS 1.3 (772)
|
||||
extension_type=key_share(51), length=772
|
||||
NamedGroup: MLKEM512 (512)
|
||||
key_exchange: (len=768): ?
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ChangeCipherSpec (20)
|
||||
Length = 1
|
||||
change_cipher_spec (1)
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 23
|
||||
Inner Content Type = Handshake (22)
|
||||
EncryptedExtensions, Length=2
|
||||
No extensions
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 839
|
||||
Inner Content Type = Handshake (22)
|
||||
Certificate, Length=818
|
||||
context (len=0):
|
||||
certificate_list, length=814
|
||||
ASN.1Cert, length=809
|
||||
------details-----
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 2 (0x2)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: CN = Root CA
|
||||
Validity
|
||||
Not Before: Jan 14 22:29:46 2016 GMT
|
||||
Not After : Jan 15 22:29:46 2116 GMT
|
||||
Subject: CN = server.example
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (2048 bit)
|
||||
Modulus:
|
||||
00:d5:5d:60:6a:df:fc:61:ee:48:aa:8c:11:48:43:
|
||||
a5:6d:b6:52:5d:aa:98:49:b1:61:92:35:b1:fc:3a:
|
||||
04:25:0c:6d:79:ff:b4:d5:c9:e9:5c:1c:3b:e0:ab:
|
||||
b3:b8:7d:a3:de:6d:bd:e0:dd:d7:5a:bf:14:47:11:
|
||||
42:5e:a6:82:d0:61:c1:7f:dd:13:46:e6:09:85:07:
|
||||
0e:f2:d4:fc:1a:64:d2:0a:ad:20:ab:20:6b:96:f0:
|
||||
ad:cc:c4:19:53:55:dc:01:1d:a4:b3:ef:8a:b4:49:
|
||||
53:5d:8a:05:1c:f1:dc:e1:44:bf:c5:d7:e2:77:19:
|
||||
57:5c:97:0b:75:ee:88:43:71:0f:ca:6c:c1:b4:b2:
|
||||
50:a7:77:46:6c:58:0f:11:bf:f1:76:24:5a:ae:39:
|
||||
42:b7:51:67:29:e1:d0:55:30:6f:17:e4:91:ea:ad:
|
||||
f8:28:c2:43:6f:a2:64:a9:fb:9d:98:92:62:48:3e:
|
||||
eb:0d:4f:82:4a:8a:ff:3f:72:ee:96:b5:ae:a1:c1:
|
||||
98:ba:ef:7d:90:75:6d:ff:5a:52:9e:ab:f5:c0:7e:
|
||||
d0:87:43:db:85:07:07:0f:7d:38:7a:fd:d1:d3:ee:
|
||||
65:1d:d3:ea:39:6a:87:37:ee:4a:d3:e0:0d:6e:f5:
|
||||
70:ac:c2:bd:f1:6e:f3:92:95:5e:a9:f0:a1:65:95:
|
||||
93:8d
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Subject Key Identifier:
|
||||
C0:E7:84:BF:E8:59:27:33:10:B0:52:4F:51:52:2F:06:D6:C0:7A:CD
|
||||
X509v3 Authority Key Identifier:
|
||||
70:7F:2E:AE:83:68:59:98:04:23:2A:CD:EB:3E:17:CD:24:DD:01:49
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
X509v3 Extended Key Usage:
|
||||
TLS Web Server Authentication
|
||||
X509v3 Subject Alternative Name:
|
||||
DNS:server.example
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Signature Value:
|
||||
7b:d3:04:43:75:8a:0f:11:ae:c4:fb:d7:a1:a2:9e:fe:20:18:
|
||||
d5:f4:2f:31:88:46:b6:75:8c:ee:e5:9b:97:a6:b9:a3:cd:60:
|
||||
9a:46:c3:48:97:e5:97:68:f7:5a:86:35:73:d9:69:9e:f9:5f:
|
||||
74:b9:e6:94:13:01:cb:6a:dc:e3:c4:04:e9:65:da:9c:a4:8b:
|
||||
28:f3:f9:9a:7f:bf:97:1f:45:92:e5:05:b1:56:e6:0b:f6:47:
|
||||
de:1e:89:b6:2b:e1:4d:df:4a:7e:01:d3:23:dc:97:8c:47:fe:
|
||||
5f:c7:cc:98:46:0e:c4:83:5b:ca:8a:f1:52:09:be:6b:ec:3f:
|
||||
09:8b:d0:93:02:bf:e1:51:e7:d1:7e:34:56:19:74:d0:ff:28:
|
||||
25:de:b7:9f:56:52:91:7d:20:29:85:0a:80:44:5f:71:32:25:
|
||||
71:0f:c2:16:e2:5f:6b:1d:3f:32:5b:0a:3c:74:1c:b9:62:f1:
|
||||
ed:07:50:a3:6d:b4:b4:31:0a:c0:53:44:6a:3a:88:84:8b:2d:
|
||||
a9:b0:37:8e:e6:18:36:bd:9a:20:40:0f:01:92:8b:3d:aa:61:
|
||||
e7:ae:2c:ed:36:cd:3a:07:86:74:3a:29:b3:d7:3a:b4:00:a9:
|
||||
c2:f5:92:78:0e:e2:0f:a3:fe:bb:be:e0:06:53:84:59:1d:90:
|
||||
69:e5:b6:f9
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDJTCCAg2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
|
||||
IENBMCAXDTE2MDExNDIyMjk0NloYDzIxMTYwMTE1MjIyOTQ2WjAZMRcwFQYDVQQD
|
||||
DA5zZXJ2ZXIuZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
|
||||
ANVdYGrf/GHuSKqMEUhDpW22Ul2qmEmxYZI1sfw6BCUMbXn/tNXJ6VwcO+Crs7h9
|
||||
o95tveDd11q/FEcRQl6mgtBhwX/dE0bmCYUHDvLU/Bpk0gqtIKsga5bwrczEGVNV
|
||||
3AEdpLPvirRJU12KBRzx3OFEv8XX4ncZV1yXC3XuiENxD8pswbSyUKd3RmxYDxG/
|
||||
8XYkWq45QrdRZynh0FUwbxfkkeqt+CjCQ2+iZKn7nZiSYkg+6w1PgkqK/z9y7pa1
|
||||
rqHBmLrvfZB1bf9aUp6r9cB+0IdD24UHBw99OHr90dPuZR3T6jlqhzfuStPgDW71
|
||||
cKzCvfFu85KVXqnwoWWVk40CAwEAAaN9MHswHQYDVR0OBBYEFMDnhL/oWSczELBS
|
||||
T1FSLwbWwHrNMB8GA1UdIwQYMBaAFHB/Lq6DaFmYBCMqzes+F80k3QFJMAkGA1Ud
|
||||
EwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGQYDVR0RBBIwEIIOc2VydmVyLmV4
|
||||
YW1wbGUwDQYJKoZIhvcNAQELBQADggEBAHvTBEN1ig8RrsT716Ginv4gGNX0LzGI
|
||||
RrZ1jO7lm5emuaPNYJpGw0iX5Zdo91qGNXPZaZ75X3S55pQTActq3OPEBOll2pyk
|
||||
iyjz+Zp/v5cfRZLlBbFW5gv2R94eibYr4U3fSn4B0yPcl4xH/l/HzJhGDsSDW8qK
|
||||
8VIJvmvsPwmL0JMCv+FR59F+NFYZdND/KCXet59WUpF9ICmFCoBEX3EyJXEPwhbi
|
||||
X2sdPzJbCjx0HLli8e0HUKNttLQxCsBTRGo6iISLLamwN47mGDa9miBADwGSiz2q
|
||||
YeeuLO02zToHhnQ6KbPXOrQAqcL1kngO4g+j/ru+4AZThFkdkGnltvk=
|
||||
-----END CERTIFICATE-----
|
||||
------------------
|
||||
No extensions
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 281
|
||||
Inner Content Type = Handshake (22)
|
||||
CertificateVerify, Length=260
|
||||
Signature Algorithm: rsa_pss_rsae_sha256 (0x0804)
|
||||
Signature (len=256): ?
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 53
|
||||
Inner Content Type = Handshake (22)
|
||||
Finished, Length=32
|
||||
verify_data (len=32): ?
|
||||
|
||||
Sent TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ChangeCipherSpec (20)
|
||||
Length = 1
|
||||
change_cipher_spec (1)
|
||||
|
||||
Sent TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 53
|
||||
Inner Content Type = Handshake (22)
|
||||
Finished, Length=32
|
||||
verify_data (len=32): ?
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 234
|
||||
Inner Content Type = Handshake (22)
|
||||
NewSessionTicket, Length=213
|
||||
ticket_lifetime_hint=7200
|
||||
ticket_age_add=?
|
||||
ticket_nonce (len=8): ?
|
||||
ticket (len=192): ?
|
||||
No extensions
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 234
|
||||
Inner Content Type = Handshake (22)
|
||||
NewSessionTicket, Length=213
|
||||
ticket_lifetime_hint=7200
|
||||
ticket_age_add=?
|
||||
ticket_nonce (len=8): ?
|
||||
ticket (len=192): ?
|
||||
No extensions
|
||||
|
||||
@@ -0,0 +1,253 @@
|
||||
Sent TLS Record
|
||||
Header:
|
||||
Version = TLS 1.0 (0x301)
|
||||
Content Type = Handshake (22)
|
||||
Length = ?
|
||||
ClientHello, Length=?
|
||||
client_version=0x303 (TLS 1.2)
|
||||
Random:
|
||||
gmt_unix_time=0x?
|
||||
random_bytes (len=28): ?
|
||||
session_id (len=?
|
||||
cipher_suites (len=2)
|
||||
{0x13, 0x01} TLS_AES_128_GCM_SHA256
|
||||
compression_methods (len=1)
|
||||
No Compression (0x00)
|
||||
extensions, length = ?
|
||||
extension_type=ec_point_formats(11), length=4
|
||||
uncompressed (0)
|
||||
ansiX962_compressed_prime (1)
|
||||
ansiX962_compressed_char2 (2)
|
||||
extension_type=supported_groups(10), length=20
|
||||
MLKEM512 (512)
|
||||
MLKEM768 (513)
|
||||
MLKEM1024 (514)
|
||||
X25519MLKEM768 (4588)
|
||||
SecP256r1MLKEM768 (4587)
|
||||
SecP384r1MLKEM1024 (4589)
|
||||
secp521r1 (P-521) (25)
|
||||
secp384r1 (P-384) (24)
|
||||
secp256r1 (P-256) (23)
|
||||
extension_type=session_ticket(35), length=0
|
||||
extension_type=encrypt_then_mac(22), length=0
|
||||
extension_type=extended_master_secret(23), length=0
|
||||
extension_type=signature_algorithms(13), length=?
|
||||
mldsa65 (0x0905)
|
||||
mldsa87 (0x0906)
|
||||
mldsa44 (0x0904)
|
||||
ecdsa_secp256r1_sha256 (0x0403)
|
||||
ecdsa_secp384r1_sha384 (0x0503)
|
||||
ecdsa_secp521r1_sha512 (0x0603)
|
||||
ed25519 (0x0807)
|
||||
ed448 (0x0808)
|
||||
ecdsa_brainpoolP256r1tls13_sha256 (0x081a)
|
||||
ecdsa_brainpoolP384r1tls13_sha384 (0x081b)
|
||||
ecdsa_brainpoolP512r1tls13_sha512 (0x081c)
|
||||
rsa_pss_pss_sha256 (0x0809)
|
||||
rsa_pss_pss_sha384 (0x080a)
|
||||
rsa_pss_pss_sha512 (0x080b)
|
||||
rsa_pss_rsae_sha256 (0x0804)
|
||||
rsa_pss_rsae_sha384 (0x0805)
|
||||
rsa_pss_rsae_sha512 (0x0806)
|
||||
rsa_pkcs1_sha256 (0x0401)
|
||||
rsa_pkcs1_sha384 (0x0501)
|
||||
rsa_pkcs1_sha512 (0x0601)
|
||||
extension_type=supported_versions(43), length=3
|
||||
TLS 1.3 (772)
|
||||
extension_type=psk_key_exchange_modes(45), length=2
|
||||
psk_dhe_ke (1)
|
||||
extension_type=key_share(51), length=806
|
||||
NamedGroup: MLKEM512 (512)
|
||||
key_exchange: (len=800): ?
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = Handshake (22)
|
||||
Length = 858
|
||||
ServerHello, Length=854
|
||||
server_version=0x303 (TLS 1.2)
|
||||
Random:
|
||||
gmt_unix_time=0x?
|
||||
random_bytes (len=28): ?
|
||||
session_id (len=?
|
||||
cipher_suite {0x13, 0x01} TLS_AES_128_GCM_SHA256
|
||||
compression_method: No Compression (0x00)
|
||||
extensions, length = ?
|
||||
extension_type=supported_versions(43), length=2
|
||||
TLS 1.3 (772)
|
||||
extension_type=key_share(51), length=772
|
||||
NamedGroup: MLKEM512 (512)
|
||||
key_exchange: (len=768): ?
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ChangeCipherSpec (20)
|
||||
Length = 1
|
||||
change_cipher_spec (1)
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 23
|
||||
Inner Content Type = Handshake (22)
|
||||
EncryptedExtensions, Length=2
|
||||
No extensions
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 839
|
||||
Inner Content Type = Handshake (22)
|
||||
Certificate, Length=818
|
||||
context (len=0):
|
||||
certificate_list, length=814
|
||||
ASN.1Cert, length=809
|
||||
------details-----
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 2 (0x2)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: CN = Root CA
|
||||
Validity
|
||||
Not Before: Jan 14 22:29:46 2016 GMT
|
||||
Not After : Jan 15 22:29:46 2116 GMT
|
||||
Subject: CN = server.example
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (2048 bit)
|
||||
Modulus:
|
||||
00:d5:5d:60:6a:df:fc:61:ee:48:aa:8c:11:48:43:
|
||||
a5:6d:b6:52:5d:aa:98:49:b1:61:92:35:b1:fc:3a:
|
||||
04:25:0c:6d:79:ff:b4:d5:c9:e9:5c:1c:3b:e0:ab:
|
||||
b3:b8:7d:a3:de:6d:bd:e0:dd:d7:5a:bf:14:47:11:
|
||||
42:5e:a6:82:d0:61:c1:7f:dd:13:46:e6:09:85:07:
|
||||
0e:f2:d4:fc:1a:64:d2:0a:ad:20:ab:20:6b:96:f0:
|
||||
ad:cc:c4:19:53:55:dc:01:1d:a4:b3:ef:8a:b4:49:
|
||||
53:5d:8a:05:1c:f1:dc:e1:44:bf:c5:d7:e2:77:19:
|
||||
57:5c:97:0b:75:ee:88:43:71:0f:ca:6c:c1:b4:b2:
|
||||
50:a7:77:46:6c:58:0f:11:bf:f1:76:24:5a:ae:39:
|
||||
42:b7:51:67:29:e1:d0:55:30:6f:17:e4:91:ea:ad:
|
||||
f8:28:c2:43:6f:a2:64:a9:fb:9d:98:92:62:48:3e:
|
||||
eb:0d:4f:82:4a:8a:ff:3f:72:ee:96:b5:ae:a1:c1:
|
||||
98:ba:ef:7d:90:75:6d:ff:5a:52:9e:ab:f5:c0:7e:
|
||||
d0:87:43:db:85:07:07:0f:7d:38:7a:fd:d1:d3:ee:
|
||||
65:1d:d3:ea:39:6a:87:37:ee:4a:d3:e0:0d:6e:f5:
|
||||
70:ac:c2:bd:f1:6e:f3:92:95:5e:a9:f0:a1:65:95:
|
||||
93:8d
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Subject Key Identifier:
|
||||
C0:E7:84:BF:E8:59:27:33:10:B0:52:4F:51:52:2F:06:D6:C0:7A:CD
|
||||
X509v3 Authority Key Identifier:
|
||||
70:7F:2E:AE:83:68:59:98:04:23:2A:CD:EB:3E:17:CD:24:DD:01:49
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
X509v3 Extended Key Usage:
|
||||
TLS Web Server Authentication
|
||||
X509v3 Subject Alternative Name:
|
||||
DNS:server.example
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Signature Value:
|
||||
7b:d3:04:43:75:8a:0f:11:ae:c4:fb:d7:a1:a2:9e:fe:20:18:
|
||||
d5:f4:2f:31:88:46:b6:75:8c:ee:e5:9b:97:a6:b9:a3:cd:60:
|
||||
9a:46:c3:48:97:e5:97:68:f7:5a:86:35:73:d9:69:9e:f9:5f:
|
||||
74:b9:e6:94:13:01:cb:6a:dc:e3:c4:04:e9:65:da:9c:a4:8b:
|
||||
28:f3:f9:9a:7f:bf:97:1f:45:92:e5:05:b1:56:e6:0b:f6:47:
|
||||
de:1e:89:b6:2b:e1:4d:df:4a:7e:01:d3:23:dc:97:8c:47:fe:
|
||||
5f:c7:cc:98:46:0e:c4:83:5b:ca:8a:f1:52:09:be:6b:ec:3f:
|
||||
09:8b:d0:93:02:bf:e1:51:e7:d1:7e:34:56:19:74:d0:ff:28:
|
||||
25:de:b7:9f:56:52:91:7d:20:29:85:0a:80:44:5f:71:32:25:
|
||||
71:0f:c2:16:e2:5f:6b:1d:3f:32:5b:0a:3c:74:1c:b9:62:f1:
|
||||
ed:07:50:a3:6d:b4:b4:31:0a:c0:53:44:6a:3a:88:84:8b:2d:
|
||||
a9:b0:37:8e:e6:18:36:bd:9a:20:40:0f:01:92:8b:3d:aa:61:
|
||||
e7:ae:2c:ed:36:cd:3a:07:86:74:3a:29:b3:d7:3a:b4:00:a9:
|
||||
c2:f5:92:78:0e:e2:0f:a3:fe:bb:be:e0:06:53:84:59:1d:90:
|
||||
69:e5:b6:f9
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDJTCCAg2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
|
||||
IENBMCAXDTE2MDExNDIyMjk0NloYDzIxMTYwMTE1MjIyOTQ2WjAZMRcwFQYDVQQD
|
||||
DA5zZXJ2ZXIuZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
|
||||
ANVdYGrf/GHuSKqMEUhDpW22Ul2qmEmxYZI1sfw6BCUMbXn/tNXJ6VwcO+Crs7h9
|
||||
o95tveDd11q/FEcRQl6mgtBhwX/dE0bmCYUHDvLU/Bpk0gqtIKsga5bwrczEGVNV
|
||||
3AEdpLPvirRJU12KBRzx3OFEv8XX4ncZV1yXC3XuiENxD8pswbSyUKd3RmxYDxG/
|
||||
8XYkWq45QrdRZynh0FUwbxfkkeqt+CjCQ2+iZKn7nZiSYkg+6w1PgkqK/z9y7pa1
|
||||
rqHBmLrvfZB1bf9aUp6r9cB+0IdD24UHBw99OHr90dPuZR3T6jlqhzfuStPgDW71
|
||||
cKzCvfFu85KVXqnwoWWVk40CAwEAAaN9MHswHQYDVR0OBBYEFMDnhL/oWSczELBS
|
||||
T1FSLwbWwHrNMB8GA1UdIwQYMBaAFHB/Lq6DaFmYBCMqzes+F80k3QFJMAkGA1Ud
|
||||
EwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGQYDVR0RBBIwEIIOc2VydmVyLmV4
|
||||
YW1wbGUwDQYJKoZIhvcNAQELBQADggEBAHvTBEN1ig8RrsT716Ginv4gGNX0LzGI
|
||||
RrZ1jO7lm5emuaPNYJpGw0iX5Zdo91qGNXPZaZ75X3S55pQTActq3OPEBOll2pyk
|
||||
iyjz+Zp/v5cfRZLlBbFW5gv2R94eibYr4U3fSn4B0yPcl4xH/l/HzJhGDsSDW8qK
|
||||
8VIJvmvsPwmL0JMCv+FR59F+NFYZdND/KCXet59WUpF9ICmFCoBEX3EyJXEPwhbi
|
||||
X2sdPzJbCjx0HLli8e0HUKNttLQxCsBTRGo6iISLLamwN47mGDa9miBADwGSiz2q
|
||||
YeeuLO02zToHhnQ6KbPXOrQAqcL1kngO4g+j/ru+4AZThFkdkGnltvk=
|
||||
-----END CERTIFICATE-----
|
||||
------------------
|
||||
No extensions
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 281
|
||||
Inner Content Type = Handshake (22)
|
||||
CertificateVerify, Length=260
|
||||
Signature Algorithm: rsa_pss_rsae_sha256 (0x0804)
|
||||
Signature (len=256): ?
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 53
|
||||
Inner Content Type = Handshake (22)
|
||||
Finished, Length=32
|
||||
verify_data (len=32): ?
|
||||
|
||||
Sent TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ChangeCipherSpec (20)
|
||||
Length = 1
|
||||
change_cipher_spec (1)
|
||||
|
||||
Sent TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 53
|
||||
Inner Content Type = Handshake (22)
|
||||
Finished, Length=32
|
||||
verify_data (len=32): ?
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 234
|
||||
Inner Content Type = Handshake (22)
|
||||
NewSessionTicket, Length=213
|
||||
ticket_lifetime_hint=7200
|
||||
ticket_age_add=?
|
||||
ticket_nonce (len=8): ?
|
||||
ticket (len=192): ?
|
||||
No extensions
|
||||
|
||||
Received TLS Record
|
||||
Header:
|
||||
Version = TLS 1.2 (0x303)
|
||||
Content Type = ApplicationData (23)
|
||||
Length = 234
|
||||
Inner Content Type = Handshake (22)
|
||||
NewSessionTicket, Length=213
|
||||
ticket_lifetime_hint=7200
|
||||
ticket_age_add=?
|
||||
ticket_nonce (len=8): ?
|
||||
ticket (len=192): ?
|
||||
No extensions
|
||||
|
||||
@@ -98,6 +98,7 @@ static char *privkey8192 = NULL;
|
||||
static char *srpvfile = NULL;
|
||||
static char *tmpfilename = NULL;
|
||||
static char *dhfile = NULL;
|
||||
static char *datadir = NULL;
|
||||
|
||||
static int is_fips = 0;
|
||||
static int fips_ems_check = 0;
|
||||
@@ -120,6 +121,15 @@ static X509 *ocspcert = NULL;
|
||||
|
||||
#define CLIENT_VERSION_LEN 2
|
||||
|
||||
/* The ssltrace test assumes some options are switched on/off */
|
||||
#if !defined(OPENSSL_NO_SSL_TRACE) \
|
||||
&& defined(OPENSSL_NO_BROTLI) && defined(OPENSSL_NO_ZSTD) \
|
||||
&& !defined(OPENSSL_NO_ECX) && !defined(OPENSSL_NO_DH) \
|
||||
&& !defined(OPENSSL_NO_ML_DSA) && !defined(OPENSSL_NO_ML_KEM) \
|
||||
&& !defined(OPENSSL_NO_TLS1_3)
|
||||
# define DO_SSL_TRACE_TEST
|
||||
#endif
|
||||
|
||||
/*
|
||||
* This structure is used to validate that the correct number of log messages
|
||||
* of various types are emitted when emitting secret logs.
|
||||
@@ -13269,6 +13279,77 @@ static int test_no_renegotiation(int idx)
|
||||
return testresult;
|
||||
}
|
||||
|
||||
#if defined(DO_SSL_TRACE_TEST)
|
||||
/*
|
||||
* Tests that the SSL_trace() msg_callback works as expected with a PQ Groups.
|
||||
*/
|
||||
static int test_ssl_trace(void)
|
||||
{
|
||||
SSL_CTX *sctx = NULL, *cctx = NULL;
|
||||
SSL *serverssl = NULL, *clientssl = NULL;
|
||||
int testresult = 0;
|
||||
BIO *bio = NULL;
|
||||
char *reffile = NULL;
|
||||
char *grouplist = "MLKEM512:MLKEM768:MLKEM1024:X25519MLKEM768:SecP256r1MLKEM768"
|
||||
":SecP384r1MLKEM1024:secp521r1:secp384r1:secp256r1";
|
||||
|
||||
if (!fips_provider_version_ge(libctx, 3, 5, 0))
|
||||
return TEST_skip("FIPS provider does not support MLKEM algorithms");
|
||||
|
||||
if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
|
||||
TLS_client_method(),
|
||||
TLS1_3_VERSION, TLS1_3_VERSION,
|
||||
&sctx, &cctx, cert, privkey))
|
||||
|| !TEST_ptr(bio = BIO_new(BIO_s_mem()))
|
||||
|| !TEST_true(SSL_CTX_set1_groups_list(sctx, grouplist))
|
||||
|| !TEST_true(SSL_CTX_set1_groups_list(cctx, grouplist))
|
||||
|| !TEST_true(SSL_CTX_set_ciphersuites(cctx,
|
||||
"TLS_AES_128_GCM_SHA256"))
|
||||
|| !TEST_true(SSL_CTX_set_ciphersuites(sctx,
|
||||
"TLS_AES_128_GCM_SHA256"))
|
||||
# ifdef SSL_OP_LEGACY_EC_POINT_FORMATS
|
||||
|| !TEST_true(SSL_CTX_set_options(cctx, SSL_OP_LEGACY_EC_POINT_FORMATS))
|
||||
|| !TEST_true(SSL_CTX_set_options(sctx, SSL_OP_LEGACY_EC_POINT_FORMATS))
|
||||
# endif
|
||||
|| !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
|
||||
NULL, NULL)))
|
||||
goto err;
|
||||
|
||||
SSL_set_msg_callback(clientssl, SSL_trace);
|
||||
SSL_set_msg_callback_arg(clientssl, bio);
|
||||
|
||||
if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)))
|
||||
goto err;
|
||||
|
||||
/* Skip the comparison of the trace when the fips provider is used. */
|
||||
if (is_fips) {
|
||||
/* Check whether there was something written. */
|
||||
if (!TEST_int_gt(BIO_pending(bio), 0))
|
||||
goto err;
|
||||
} else {
|
||||
|
||||
# ifdef OPENSSL_NO_ZLIB
|
||||
reffile = test_mk_file_path(datadir, "ssltraceref.txt");
|
||||
# else
|
||||
reffile = test_mk_file_path(datadir, "ssltraceref-zlib.txt");
|
||||
# endif
|
||||
if (!TEST_true(compare_with_reference_file(bio, reffile)))
|
||||
goto err;
|
||||
}
|
||||
|
||||
testresult = 1;
|
||||
err:
|
||||
BIO_free(bio);
|
||||
SSL_free(serverssl);
|
||||
SSL_free(clientssl);
|
||||
SSL_CTX_free(sctx);
|
||||
SSL_CTX_free(cctx);
|
||||
OPENSSL_free(reffile);
|
||||
|
||||
return testresult;
|
||||
}
|
||||
#endif
|
||||
|
||||
OPT_TEST_DECLARE_USAGE("certfile privkeyfile srpvfile tmpfile provider config dhfile\n")
|
||||
|
||||
int setup_tests(void)
|
||||
@@ -13303,6 +13384,8 @@ int setup_tests(void)
|
||||
|| !TEST_ptr(dhfile = test_get_argument(5)))
|
||||
return 0;
|
||||
|
||||
datadir = test_get_argument(6);
|
||||
|
||||
if (!TEST_true(OSSL_LIB_CTX_load_config(libctx, configfile)))
|
||||
return 0;
|
||||
|
||||
@@ -13598,6 +13681,10 @@ int setup_tests(void)
|
||||
ADD_TEST(test_quic_tls_early_data);
|
||||
#endif
|
||||
ADD_ALL_TESTS(test_no_renegotiation, 2);
|
||||
#if defined(DO_SSL_TRACE_TEST)
|
||||
if (datadir != NULL)
|
||||
ADD_TEST(test_ssl_trace);
|
||||
#endif
|
||||
return 1;
|
||||
|
||||
err:
|
||||
|
||||
@@ -652,4 +652,6 @@ X509 *load_cert_der(const unsigned char *bytes, int len);
|
||||
STACK_OF(X509) *load_certs_pem(const char *file);
|
||||
X509_REQ *load_csr_der(const char *file, OSSL_LIB_CTX *libctx);
|
||||
time_t test_asn1_string_to_time_t(const char *asn1_string);
|
||||
|
||||
int compare_with_reference_file(BIO *membio, const char *reffile);
|
||||
#endif /* OSSL_TESTUTIL_H */
|
||||
|
||||
@@ -0,0 +1,88 @@
|
||||
/*
|
||||
* Copyright 2017-2025 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "../testutil.h"
|
||||
|
||||
static void strip_line_ends(char *str)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
for (i = strlen(str);
|
||||
i > 0 && (str[i - 1] == '\n' || str[i - 1] == '\r');
|
||||
i--);
|
||||
|
||||
str[i] = '\0';
|
||||
}
|
||||
|
||||
int compare_with_reference_file(BIO *membio, const char *reffile)
|
||||
{
|
||||
BIO *file = NULL, *newfile = NULL;
|
||||
char buf1[8192], buf2[8192];
|
||||
int ret = 0;
|
||||
size_t i;
|
||||
|
||||
if (!TEST_ptr(reffile))
|
||||
goto err;
|
||||
|
||||
file = BIO_new_file(reffile, "rb");
|
||||
if (!TEST_ptr(file))
|
||||
goto err;
|
||||
|
||||
newfile = BIO_new_file("ssltraceref-new.txt", "wb");
|
||||
if (!TEST_ptr(newfile))
|
||||
goto err;
|
||||
|
||||
while (BIO_gets(membio, buf2, sizeof(buf2)) > 0)
|
||||
if (BIO_puts(newfile, buf2) <= 0) {
|
||||
TEST_error("Failed writing new file data");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (!TEST_int_ge(BIO_seek(membio, 0), 0))
|
||||
goto err;
|
||||
|
||||
while (BIO_gets(file, buf1, sizeof(buf1)) > 0) {
|
||||
size_t line_len;
|
||||
|
||||
if (BIO_gets(membio, buf2, sizeof(buf2)) <= 0) {
|
||||
TEST_error("Failed reading mem data");
|
||||
goto err;
|
||||
}
|
||||
strip_line_ends(buf1);
|
||||
strip_line_ends(buf2);
|
||||
line_len = strlen(buf1);
|
||||
if (line_len > 0 && buf1[line_len - 1] == '?') {
|
||||
/* Wildcard at the EOL means ignore anything after it */
|
||||
if (strlen(buf2) > line_len)
|
||||
buf2[line_len] = '\0';
|
||||
}
|
||||
if (line_len != strlen(buf2)) {
|
||||
TEST_error("Actual and ref line data length mismatch");
|
||||
TEST_info("%s", buf1);
|
||||
TEST_info("%s", buf2);
|
||||
goto err;
|
||||
}
|
||||
for (i = 0; i < line_len; i++) {
|
||||
/* '?' is a wild card character in the reference text */
|
||||
if (buf1[i] == '?')
|
||||
buf2[i] = '?';
|
||||
}
|
||||
if (!TEST_str_eq(buf1, buf2))
|
||||
goto err;
|
||||
}
|
||||
if (!TEST_true(BIO_eof(file))
|
||||
|| !TEST_true(BIO_eof(membio)))
|
||||
goto err;
|
||||
|
||||
ret = 1;
|
||||
err:
|
||||
BIO_free(file);
|
||||
BIO_free(newfile);
|
||||
return ret;
|
||||
}
|
||||
+7
-4
@@ -183,13 +183,16 @@ static void rwreader_fn(int *iterations)
|
||||
CRYPTO_atomic_add(&rwwriter2_done, 0, &lw2, atomiclock);
|
||||
|
||||
count++;
|
||||
if (rwwriter_ptr != NULL && old > *rwwriter_ptr) {
|
||||
TEST_info("rwwriter pointer went backwards\n");
|
||||
rw_torture_result = 0;
|
||||
if (rwwriter_ptr != NULL) {
|
||||
if (old > *rwwriter_ptr) {
|
||||
TEST_info("rwwriter pointer went backwards! %d : %d\n",
|
||||
old, *rwwriter_ptr);
|
||||
rw_torture_result = 0;
|
||||
}
|
||||
old = *rwwriter_ptr;
|
||||
}
|
||||
if (CRYPTO_THREAD_unlock(rwtorturelock) == 0)
|
||||
abort();
|
||||
*iterations = count;
|
||||
if (rw_torture_result == 0) {
|
||||
*iterations = count;
|
||||
return;
|
||||
|
||||
+1
-1
@@ -588,7 +588,7 @@ static int test_WPACKET_quic_vlint_random(void)
|
||||
|
||||
for (i = 0; i < 10000; ++i) {
|
||||
if (!TEST_int_gt(RAND_bytes(rand_data, sizeof(rand_data)), 0))
|
||||
return cleanup(&pkt);
|
||||
return 0;
|
||||
|
||||
memcpy(&expected, rand_data, sizeof(expected));
|
||||
|
||||
|
||||
Reference in New Issue
Block a user