OpenSSL: import 3.5.6
This change adds OpenSSL 3.5.6 from upstream [1]. The 3.5.5 artifact was been verified via PGP key [2] and by SHA256 checksum [3]. This is a security release, but also contains several bugfixes. More information about the release (from a high level) can be found in the release notes [4]. 1. openssl-3.5.6.tar.gz 2. openssl-3.5.6.tar.gz.asc 3. openssl-3.5.6.tar.gz.sha256 4. https://github.com/openssl/openssl/blob/openssl-3.5.6/NEWS.md
This commit is contained in:
+363
-212
@@ -28,6 +28,150 @@ OpenSSL Releases
|
|||||||
OpenSSL 3.5
|
OpenSSL 3.5
|
||||||
-----------
|
-----------
|
||||||
|
|
||||||
|
### Changes between 3.5.5 and 3.5.6 [7 Apr 2026]
|
||||||
|
|
||||||
|
* Fixed incorrect failure handling in RSA KEM RSASVE encapsulation.
|
||||||
|
|
||||||
|
Severity: Moderate
|
||||||
|
|
||||||
|
Issue summary: Applications using RSASVE key encapsulation to establish
|
||||||
|
a secret encryption key can send contents of an uninitialized memory buffer
|
||||||
|
to a malicious peer.
|
||||||
|
|
||||||
|
Impact summary: The uninitialized buffer might contain sensitive data
|
||||||
|
from the previous execution of the application process which leads
|
||||||
|
to sensitive data leakage to an attacker.
|
||||||
|
|
||||||
|
Reported by: Simo Sorce (Red Hat).
|
||||||
|
|
||||||
|
([CVE-2026-31790])
|
||||||
|
|
||||||
|
*Nikola Pajkovsky*
|
||||||
|
|
||||||
|
* Fixed loss of key agreement group tuple structure when the `DEFAULT` keyword
|
||||||
|
is used in the server-side configuration of the key-agreement group list.
|
||||||
|
|
||||||
|
Severity: Low
|
||||||
|
|
||||||
|
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected
|
||||||
|
preferred key exchange group when its key exchange group configuration
|
||||||
|
includes the default by using the 'DEFAULT' keyword.
|
||||||
|
|
||||||
|
Impact summary: A less preferred key exchange may be used even when a more
|
||||||
|
preferred group is supported by both client and server, if the group
|
||||||
|
was not included among the client's initial predicated keyshares.
|
||||||
|
This will sometimes be the case with the new hybrid post-quantum groups,
|
||||||
|
if the client chooses to defer their use until specifically requested by
|
||||||
|
the server.
|
||||||
|
<!-- https://github.com/openssl/openssl/pull/30111 -->
|
||||||
|
|
||||||
|
([CVE-2026-2673])
|
||||||
|
|
||||||
|
*Viktor Dukhovni*
|
||||||
|
|
||||||
|
* Fixed potential use-after-free in DANE client code.
|
||||||
|
|
||||||
|
Severity: Low
|
||||||
|
|
||||||
|
Issue summary: An uncommon configuration of clients performing DANE
|
||||||
|
TLSA-based server authentication, when paired with uncommon server DANE TLSA
|
||||||
|
records, may result in a use-after-free and/or double-free on the client
|
||||||
|
side.
|
||||||
|
|
||||||
|
Impact summary: A use after free can have a range of potential consequences
|
||||||
|
such as the corruption of valid data, crashes, or execution of arbitrary
|
||||||
|
code.
|
||||||
|
|
||||||
|
Reported by: Igor Morgenstern (Aisle Research).
|
||||||
|
|
||||||
|
([CVE-2026-28387])
|
||||||
|
|
||||||
|
*Viktor Dukhovni*
|
||||||
|
|
||||||
|
* Fixed NULL pointer dereference when processing a delta CRL.
|
||||||
|
|
||||||
|
Severity: Low
|
||||||
|
|
||||||
|
Issue summary: When a delta CRL that contains a Delta CRL Indicator extension
|
||||||
|
is processed, a NULL pointer dereference might happen if the required CRL
|
||||||
|
Number extension is missing.
|
||||||
|
|
||||||
|
Impact summary: A NULL pointer dereference can trigger a crash which
|
||||||
|
leads to a Denial of Service for an application.
|
||||||
|
|
||||||
|
Reported by: Igor Morgenstern (Aisle Research).
|
||||||
|
|
||||||
|
([CVE-2026-28388])
|
||||||
|
|
||||||
|
*Igor Morgenstern*
|
||||||
|
|
||||||
|
* Fixed possible NULL dereference when processing CMS KeyAgreeRecipientInfo.
|
||||||
|
|
||||||
|
Severity: Low
|
||||||
|
|
||||||
|
Issue summary: During processing of a crafted CMS EnvelopedData message
|
||||||
|
with KeyAgreeRecipientInfo a NULL pointer dereference can happen.
|
||||||
|
|
||||||
|
Impact summary: Applications that process attacker-controlled CMS data may
|
||||||
|
crash before authentication or cryptographic operations occur resulting in
|
||||||
|
Denial of Service.
|
||||||
|
|
||||||
|
Reported by: Nathan Sportsman (Praetorian), Daniel Rhea,
|
||||||
|
Jaeho Nam (Seoul National University), Muhammad Daffa,
|
||||||
|
Zhanpeng Liu (Tencent Xuanwu Lab), Guannan Wang (Tencent Xuanwu Lab),
|
||||||
|
Guancheng Li (Tencent Xuanwu Lab), and Joshua Rogers.
|
||||||
|
|
||||||
|
([CVE-2026-28389])
|
||||||
|
|
||||||
|
*Neil Horman*
|
||||||
|
|
||||||
|
* Fixed possible NULL dereference when processing CMS
|
||||||
|
KeyTransportRecipientInfo.
|
||||||
|
|
||||||
|
Severity: Low
|
||||||
|
|
||||||
|
Issue summary: During processing of a crafted CMS EnvelopedData message
|
||||||
|
with KeyTransportRecipientInfo a NULL pointer dereference can happen.
|
||||||
|
|
||||||
|
Impact summary: Applications that process attacker-controlled CMS data may
|
||||||
|
crash before authentication or cryptographic operations occur resulting in
|
||||||
|
Denial of Service.
|
||||||
|
|
||||||
|
Reported by: Muhammad Daffa, Zhanpeng Liu (Tencent Xuanwu Lab),
|
||||||
|
Guannan Wang (Tencent Xuanwu Lab), Guancheng Li (Tencent Xuanwu Lab),
|
||||||
|
Joshua Rogers, and Chanho Kim.
|
||||||
|
|
||||||
|
([CVE-2026-28390])
|
||||||
|
|
||||||
|
*Neil Horman*
|
||||||
|
|
||||||
|
* Fixed heap buffer overflow in hexadecimal conversion.
|
||||||
|
|
||||||
|
Severity: Low
|
||||||
|
|
||||||
|
Issue summary: Converting an excessively large OCTET STRING value to
|
||||||
|
a hexadecimal string leads to a heap buffer overflow on 32 bit platforms.
|
||||||
|
|
||||||
|
Impact summary: A heap buffer overflow may lead to a crash or possibly
|
||||||
|
an attacker controlled code execution or other undefined behavior.
|
||||||
|
|
||||||
|
Reported by: Quoc Tran (Xint.io - US Team).
|
||||||
|
|
||||||
|
([CVE-2026-31789])
|
||||||
|
|
||||||
|
*Igor Ustinov*
|
||||||
|
|
||||||
|
* Fixed usage of `openssl s_client -connect HOST -proxy PROXY` with `HOST`
|
||||||
|
containing a raw IPv6 address.
|
||||||
|
<!-- https://github.com/openssl/openssl/pull/30384 -->
|
||||||
|
|
||||||
|
*Peter Zhang*
|
||||||
|
|
||||||
|
* Fixed broken detection of plantext HTTP over TLS.
|
||||||
|
<!-- https://github.com/openssl/openssl/pull/30411 -->
|
||||||
|
|
||||||
|
*Matt Caswell*
|
||||||
|
|
||||||
### Changes between 3.5.4 and 3.5.5 [27 Jan 2026]
|
### Changes between 3.5.4 and 3.5.5 [27 Jan 2026]
|
||||||
|
|
||||||
* Fixed Improper validation of PBMAC1 parameters in PKCS#12 MAC verification.
|
* Fixed Improper validation of PBMAC1 parameters in PKCS#12 MAC verification.
|
||||||
@@ -3461,7 +3605,7 @@ breaking changes, and mappings for the large list of deprecated functions.
|
|||||||
|
|
||||||
*Richard Levitte*
|
*Richard Levitte*
|
||||||
|
|
||||||
* Fixed an overflow bug in the x64_64 Montgomery squaring procedure
|
* Fixed an overflow bug in the x86_64 Montgomery squaring procedure
|
||||||
used in exponentiation with 512-bit moduli. No EC algorithms are
|
used in exponentiation with 512-bit moduli. No EC algorithms are
|
||||||
affected. Analysis suggests that attacks against 2-prime RSA1024,
|
affected. Analysis suggests that attacks against 2-prime RSA1024,
|
||||||
3-prime RSA1536, and DSA1024 as a result of this defect would be very
|
3-prime RSA1536, and DSA1024 as a result of this defect would be very
|
||||||
@@ -21607,216 +21751,223 @@ ndif
|
|||||||
|
|
||||||
<!-- Links -->
|
<!-- Links -->
|
||||||
|
|
||||||
[CVE-2026-22796]: https://www.openssl.org/news/vulnerabilities.html#CVE-2026-22796
|
|
||||||
[CVE-2026-22795]: https://www.openssl.org/news/vulnerabilities.html#CVE-2026-22795
|
|
||||||
[CVE-2025-69421]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-69421
|
|
||||||
[CVE-2025-69420]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-69420
|
|
||||||
[CVE-2025-69419]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-69419
|
|
||||||
[CVE-2025-69418]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-69418
|
|
||||||
[CVE-2025-68160]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-68160
|
|
||||||
[CVE-2025-66199]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-66199
|
|
||||||
[CVE-2025-15469]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-15469
|
|
||||||
[CVE-2025-15468]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-15468
|
|
||||||
[CVE-2025-15467]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-15467
|
|
||||||
[CVE-2025-11187]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-11187
|
|
||||||
[CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232
|
|
||||||
[CVE-2025-9231]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9231
|
|
||||||
[CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230
|
|
||||||
[CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
|
|
||||||
[CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
|
|
||||||
[CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143
|
|
||||||
[CVE-2024-6119]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-6119
|
|
||||||
[CVE-2024-5535]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-5535
|
|
||||||
[CVE-2024-4741]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-4741
|
|
||||||
[CVE-2024-4603]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-4603
|
|
||||||
[CVE-2024-2511]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-2511
|
|
||||||
[CVE-2024-0727]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-0727
|
|
||||||
[CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237
|
|
||||||
[CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
|
|
||||||
[CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
|
|
||||||
[CVE-2023-5363]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5363
|
|
||||||
[CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807
|
|
||||||
[CVE-2023-3817]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3817
|
|
||||||
[CVE-2023-3446]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3446
|
|
||||||
[CVE-2023-2975]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2975
|
|
||||||
[RFC 2578 (STD 58), section 3.5]: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5
|
|
||||||
[CVE-2023-2650]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2650
|
|
||||||
[CVE-2023-1255]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-1255
|
|
||||||
[CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466
|
|
||||||
[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465
|
|
||||||
[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464
|
|
||||||
[CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401
|
|
||||||
[CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286
|
|
||||||
[CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217
|
|
||||||
[CVE-2023-0216]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0216
|
|
||||||
[CVE-2023-0215]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0215
|
|
||||||
[CVE-2022-4450]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-4450
|
|
||||||
[CVE-2022-4304]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-4304
|
|
||||||
[CVE-2022-4203]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-4203
|
|
||||||
[CVE-2022-3996]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-3996
|
|
||||||
[CVE-2022-2274]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274
|
|
||||||
[CVE-2022-2097]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2097
|
|
||||||
[CVE-2020-1971]: https://www.openssl.org/news/vulnerabilities.html#CVE-2020-1971
|
|
||||||
[CVE-2020-1967]: https://www.openssl.org/news/vulnerabilities.html#CVE-2020-1967
|
|
||||||
[CVE-2019-1563]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1563
|
|
||||||
[CVE-2019-1559]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1559
|
|
||||||
[CVE-2019-1552]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1552
|
|
||||||
[CVE-2019-1551]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1551
|
|
||||||
[CVE-2019-1549]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1549
|
|
||||||
[CVE-2019-1547]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1547
|
|
||||||
[CVE-2019-1543]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1543
|
|
||||||
[CVE-2018-5407]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-5407
|
|
||||||
[CVE-2018-0739]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0739
|
|
||||||
[CVE-2018-0737]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0737
|
|
||||||
[CVE-2018-0735]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0735
|
|
||||||
[CVE-2018-0734]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0734
|
|
||||||
[CVE-2018-0733]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0733
|
|
||||||
[CVE-2018-0732]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0732
|
|
||||||
[CVE-2017-3738]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3738
|
|
||||||
[CVE-2017-3737]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3737
|
|
||||||
[CVE-2017-3736]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3736
|
|
||||||
[CVE-2017-3735]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3735
|
|
||||||
[CVE-2017-3733]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3733
|
|
||||||
[CVE-2017-3732]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3732
|
|
||||||
[CVE-2017-3731]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3731
|
|
||||||
[CVE-2017-3730]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3730
|
|
||||||
[CVE-2016-7055]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7055
|
|
||||||
[CVE-2016-7054]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7054
|
|
||||||
[CVE-2016-7053]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7053
|
|
||||||
[CVE-2016-7052]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7052
|
|
||||||
[CVE-2016-6309]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6309
|
|
||||||
[CVE-2016-6308]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6308
|
|
||||||
[CVE-2016-6307]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6307
|
|
||||||
[CVE-2016-6306]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6306
|
|
||||||
[CVE-2016-6305]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6305
|
|
||||||
[CVE-2016-6304]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6304
|
|
||||||
[CVE-2016-6303]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6303
|
|
||||||
[CVE-2016-6302]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6302
|
|
||||||
[CVE-2016-2183]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2183
|
|
||||||
[CVE-2016-2182]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2182
|
|
||||||
[CVE-2016-2181]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2181
|
|
||||||
[CVE-2016-2180]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2180
|
|
||||||
[CVE-2016-2179]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2179
|
|
||||||
[CVE-2016-2178]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2178
|
|
||||||
[CVE-2016-2177]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2177
|
|
||||||
[CVE-2016-2176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2176
|
|
||||||
[CVE-2016-2109]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2109
|
|
||||||
[CVE-2016-2107]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2107
|
|
||||||
[CVE-2016-2106]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2106
|
|
||||||
[CVE-2016-2105]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2105
|
|
||||||
[CVE-2016-0800]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0800
|
|
||||||
[CVE-2016-0799]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0799
|
|
||||||
[CVE-2016-0798]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0798
|
|
||||||
[CVE-2016-0797]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0797
|
|
||||||
[CVE-2016-0705]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0705
|
|
||||||
[CVE-2016-0702]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0702
|
|
||||||
[CVE-2016-0701]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0701
|
|
||||||
[CVE-2015-3197]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3197
|
|
||||||
[CVE-2015-3196]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3196
|
|
||||||
[CVE-2015-3195]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3195
|
|
||||||
[CVE-2015-3194]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3194
|
|
||||||
[CVE-2015-3193]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3193
|
|
||||||
[CVE-2015-1793]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1793
|
|
||||||
[CVE-2015-1792]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1792
|
|
||||||
[CVE-2015-1791]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1791
|
|
||||||
[CVE-2015-1790]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1790
|
|
||||||
[CVE-2015-1789]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1789
|
|
||||||
[CVE-2015-1788]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1788
|
|
||||||
[CVE-2015-1787]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1787
|
|
||||||
[CVE-2015-0293]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0293
|
|
||||||
[CVE-2015-0291]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0291
|
|
||||||
[CVE-2015-0290]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0290
|
|
||||||
[CVE-2015-0289]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0289
|
|
||||||
[CVE-2015-0288]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0288
|
|
||||||
[CVE-2015-0287]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0287
|
|
||||||
[CVE-2015-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0286
|
|
||||||
[CVE-2015-0285]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0285
|
|
||||||
[CVE-2015-0209]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0209
|
|
||||||
[CVE-2015-0208]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0208
|
|
||||||
[CVE-2015-0207]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0207
|
|
||||||
[CVE-2015-0206]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0206
|
|
||||||
[CVE-2015-0205]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0205
|
|
||||||
[CVE-2015-0204]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0204
|
|
||||||
[CVE-2014-8275]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-8275
|
|
||||||
[CVE-2014-5139]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-5139
|
|
||||||
[CVE-2014-3572]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3572
|
|
||||||
[CVE-2014-3571]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3571
|
|
||||||
[CVE-2014-3570]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3570
|
|
||||||
[CVE-2014-3569]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3569
|
|
||||||
[CVE-2014-3568]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3568
|
|
||||||
[CVE-2014-3567]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3567
|
|
||||||
[CVE-2014-3566]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3566
|
|
||||||
[CVE-2014-3513]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3513
|
|
||||||
[CVE-2014-3512]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3512
|
|
||||||
[CVE-2014-3511]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3511
|
|
||||||
[CVE-2014-3510]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3510
|
|
||||||
[CVE-2014-3509]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3509
|
|
||||||
[CVE-2014-3508]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3508
|
|
||||||
[CVE-2014-3507]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3507
|
|
||||||
[CVE-2014-3506]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3506
|
|
||||||
[CVE-2014-3505]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3505
|
|
||||||
[CVE-2014-3470]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3470
|
|
||||||
[CVE-2014-0224]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0224
|
|
||||||
[CVE-2014-0221]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0221
|
|
||||||
[CVE-2014-0195]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0195
|
|
||||||
[CVE-2014-0160]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0160
|
|
||||||
[CVE-2014-0076]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0076
|
|
||||||
[CVE-2013-6450]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-6450
|
|
||||||
[CVE-2013-4353]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-4353
|
|
||||||
[CVE-2013-0169]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-0169
|
|
||||||
[CVE-2013-0166]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-0166
|
|
||||||
[CVE-2012-2686]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-2686
|
|
||||||
[CVE-2012-2333]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-2333
|
|
||||||
[CVE-2012-2110]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-2110
|
|
||||||
[CVE-2012-0884]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-0884
|
|
||||||
[CVE-2012-0050]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-0050
|
|
||||||
[CVE-2012-0027]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-0027
|
|
||||||
[CVE-2011-4619]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4619
|
|
||||||
[CVE-2011-4577]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4577
|
|
||||||
[CVE-2011-4576]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4576
|
|
||||||
[CVE-2011-4109]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4109
|
|
||||||
[CVE-2011-4108]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4108
|
|
||||||
[CVE-2011-3210]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-3210
|
|
||||||
[CVE-2011-3207]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-3207
|
|
||||||
[CVE-2011-0014]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-0014
|
|
||||||
[CVE-2010-4252]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-4252
|
|
||||||
[CVE-2010-4180]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-4180
|
|
||||||
[CVE-2010-3864]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-3864
|
|
||||||
[CVE-2010-1633]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-1633
|
|
||||||
[CVE-2010-0740]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-0740
|
|
||||||
[CVE-2010-0433]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-0433
|
|
||||||
[CVE-2009-4355]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-4355
|
|
||||||
[CVE-2009-3555]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-3555
|
|
||||||
[CVE-2009-3245]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-3245
|
|
||||||
[CVE-2009-1386]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-1386
|
|
||||||
[CVE-2009-1379]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-1379
|
|
||||||
[CVE-2009-1378]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-1378
|
|
||||||
[CVE-2009-1377]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-1377
|
|
||||||
[CVE-2009-0789]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-0789
|
|
||||||
[CVE-2009-0591]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-0591
|
|
||||||
[CVE-2009-0590]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-0590
|
|
||||||
[CVE-2008-5077]: https://www.openssl.org/news/vulnerabilities.html#CVE-2008-5077
|
|
||||||
[CVE-2008-1678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2008-1678
|
|
||||||
[CVE-2008-1672]: https://www.openssl.org/news/vulnerabilities.html#CVE-2008-1672
|
|
||||||
[CVE-2008-0891]: https://www.openssl.org/news/vulnerabilities.html#CVE-2008-0891
|
|
||||||
[CVE-2007-5135]: https://www.openssl.org/news/vulnerabilities.html#CVE-2007-5135
|
|
||||||
[CVE-2007-4995]: https://www.openssl.org/news/vulnerabilities.html#CVE-2007-4995
|
|
||||||
[CVE-2006-4343]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-4343
|
|
||||||
[CVE-2006-4339]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-4339
|
|
||||||
[CVE-2006-3738]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-3738
|
|
||||||
[CVE-2006-2940]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-2940
|
|
||||||
[CVE-2006-2937]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-2937
|
|
||||||
[CVE-2005-2969]: https://www.openssl.org/news/vulnerabilities.html#CVE-2005-2969
|
|
||||||
[CVE-2004-0112]: https://www.openssl.org/news/vulnerabilities.html#CVE-2004-0112
|
|
||||||
[CVE-2004-0079]: https://www.openssl.org/news/vulnerabilities.html#CVE-2004-0079
|
|
||||||
[CVE-2003-0851]: https://www.openssl.org/news/vulnerabilities.html#CVE-2003-0851
|
|
||||||
[CVE-2003-0545]: https://www.openssl.org/news/vulnerabilities.html#CVE-2003-0545
|
|
||||||
[CVE-2003-0544]: https://www.openssl.org/news/vulnerabilities.html#CVE-2003-0544
|
|
||||||
[CVE-2003-0543]: https://www.openssl.org/news/vulnerabilities.html#CVE-2003-0543
|
|
||||||
[CVE-2003-0078]: https://www.openssl.org/news/vulnerabilities.html#CVE-2003-0078
|
|
||||||
[CVE-2002-0659]: https://www.openssl.org/news/vulnerabilities.html#CVE-2002-0659
|
|
||||||
[CVE-2002-0657]: https://www.openssl.org/news/vulnerabilities.html#CVE-2002-0657
|
|
||||||
[CVE-2002-0656]: https://www.openssl.org/news/vulnerabilities.html#CVE-2002-0656
|
|
||||||
[CVE-2002-0655]: https://www.openssl.org/news/vulnerabilities.html#CVE-2002-0655
|
|
||||||
[CMVP]: https://csrc.nist.gov/projects/cryptographic-module-validation-program
|
[CMVP]: https://csrc.nist.gov/projects/cryptographic-module-validation-program
|
||||||
|
[CVE-2002-0655]: https://openssl-library.org/news/vulnerabilities/#CVE-2002-0655
|
||||||
|
[CVE-2002-0656]: https://openssl-library.org/news/vulnerabilities/#CVE-2002-0656
|
||||||
|
[CVE-2002-0657]: https://openssl-library.org/news/vulnerabilities/#CVE-2002-0657
|
||||||
|
[CVE-2002-0659]: https://openssl-library.org/news/vulnerabilities/#CVE-2002-0659
|
||||||
|
[CVE-2003-0078]: https://openssl-library.org/news/vulnerabilities/#CVE-2003-0078
|
||||||
|
[CVE-2003-0543]: https://openssl-library.org/news/vulnerabilities/#CVE-2003-0543
|
||||||
|
[CVE-2003-0544]: https://openssl-library.org/news/vulnerabilities/#CVE-2003-0544
|
||||||
|
[CVE-2003-0545]: https://openssl-library.org/news/vulnerabilities/#CVE-2003-0545
|
||||||
|
[CVE-2003-0851]: https://openssl-library.org/news/vulnerabilities/#CVE-2003-0851
|
||||||
|
[CVE-2004-0079]: https://openssl-library.org/news/vulnerabilities/#CVE-2004-0079
|
||||||
|
[CVE-2004-0112]: https://openssl-library.org/news/vulnerabilities/#CVE-2004-0112
|
||||||
|
[CVE-2005-2969]: https://openssl-library.org/news/vulnerabilities/#CVE-2005-2969
|
||||||
|
[CVE-2006-2937]: https://openssl-library.org/news/vulnerabilities/#CVE-2006-2937
|
||||||
|
[CVE-2006-2940]: https://openssl-library.org/news/vulnerabilities/#CVE-2006-2940
|
||||||
|
[CVE-2006-3738]: https://openssl-library.org/news/vulnerabilities/#CVE-2006-3738
|
||||||
|
[CVE-2006-4339]: https://openssl-library.org/news/vulnerabilities/#CVE-2006-4339
|
||||||
|
[CVE-2006-4343]: https://openssl-library.org/news/vulnerabilities/#CVE-2006-4343
|
||||||
|
[CVE-2007-4995]: https://openssl-library.org/news/vulnerabilities/#CVE-2007-4995
|
||||||
|
[CVE-2007-5135]: https://openssl-library.org/news/vulnerabilities/#CVE-2007-5135
|
||||||
|
[CVE-2008-0891]: https://openssl-library.org/news/vulnerabilities/#CVE-2008-0891
|
||||||
|
[CVE-2008-1672]: https://openssl-library.org/news/vulnerabilities/#CVE-2008-1672
|
||||||
|
[CVE-2008-1678]: https://openssl-library.org/news/vulnerabilities/#CVE-2008-1678
|
||||||
|
[CVE-2008-5077]: https://openssl-library.org/news/vulnerabilities/#CVE-2008-5077
|
||||||
|
[CVE-2009-0590]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-0590
|
||||||
|
[CVE-2009-0591]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-0591
|
||||||
|
[CVE-2009-0789]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-0789
|
||||||
|
[CVE-2009-1377]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-1377
|
||||||
|
[CVE-2009-1378]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-1378
|
||||||
|
[CVE-2009-1379]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-1379
|
||||||
|
[CVE-2009-1386]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-1386
|
||||||
|
[CVE-2009-3245]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-3245
|
||||||
|
[CVE-2009-3555]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-3555
|
||||||
|
[CVE-2009-4355]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-4355
|
||||||
|
[CVE-2010-0433]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-0433
|
||||||
|
[CVE-2010-0740]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-0740
|
||||||
|
[CVE-2010-1633]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-1633
|
||||||
|
[CVE-2010-3864]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-3864
|
||||||
|
[CVE-2010-4180]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-4180
|
||||||
|
[CVE-2010-4252]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-4252
|
||||||
|
[CVE-2011-0014]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-0014
|
||||||
|
[CVE-2011-3207]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-3207
|
||||||
|
[CVE-2011-3210]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-3210
|
||||||
|
[CVE-2011-4108]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-4108
|
||||||
|
[CVE-2011-4109]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-4109
|
||||||
|
[CVE-2011-4576]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-4576
|
||||||
|
[CVE-2011-4577]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-4577
|
||||||
|
[CVE-2011-4619]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-4619
|
||||||
|
[CVE-2012-0027]: https://openssl-library.org/news/vulnerabilities/#CVE-2012-0027
|
||||||
|
[CVE-2012-0050]: https://openssl-library.org/news/vulnerabilities/#CVE-2012-0050
|
||||||
|
[CVE-2012-0884]: https://openssl-library.org/news/vulnerabilities/#CVE-2012-0884
|
||||||
|
[CVE-2012-2110]: https://openssl-library.org/news/vulnerabilities/#CVE-2012-2110
|
||||||
|
[CVE-2012-2333]: https://openssl-library.org/news/vulnerabilities/#CVE-2012-2333
|
||||||
|
[CVE-2012-2686]: https://openssl-library.org/news/vulnerabilities/#CVE-2012-2686
|
||||||
|
[CVE-2013-0166]: https://openssl-library.org/news/vulnerabilities/#CVE-2013-0166
|
||||||
|
[CVE-2013-0169]: https://openssl-library.org/news/vulnerabilities/#CVE-2013-0169
|
||||||
|
[CVE-2013-4353]: https://openssl-library.org/news/vulnerabilities/#CVE-2013-4353
|
||||||
|
[CVE-2013-6450]: https://openssl-library.org/news/vulnerabilities/#CVE-2013-6450
|
||||||
|
[CVE-2014-0076]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-0076
|
||||||
|
[CVE-2014-0160]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-0160
|
||||||
|
[CVE-2014-0195]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-0195
|
||||||
|
[CVE-2014-0221]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-0221
|
||||||
|
[CVE-2014-0224]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-0224
|
||||||
|
[CVE-2014-3470]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3470
|
||||||
|
[CVE-2014-3505]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3505
|
||||||
|
[CVE-2014-3506]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3506
|
||||||
|
[CVE-2014-3507]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3507
|
||||||
|
[CVE-2014-3508]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3508
|
||||||
|
[CVE-2014-3509]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3509
|
||||||
|
[CVE-2014-3510]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3510
|
||||||
|
[CVE-2014-3511]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3511
|
||||||
|
[CVE-2014-3512]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3512
|
||||||
|
[CVE-2014-3513]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3513
|
||||||
|
[CVE-2014-3566]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3566
|
||||||
|
[CVE-2014-3567]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3567
|
||||||
|
[CVE-2014-3568]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3568
|
||||||
|
[CVE-2014-3569]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3569
|
||||||
|
[CVE-2014-3570]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3570
|
||||||
|
[CVE-2014-3571]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3571
|
||||||
|
[CVE-2014-3572]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3572
|
||||||
|
[CVE-2014-5139]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-5139
|
||||||
|
[CVE-2014-8275]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-8275
|
||||||
|
[CVE-2015-0204]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0204
|
||||||
|
[CVE-2015-0205]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0205
|
||||||
|
[CVE-2015-0206]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0206
|
||||||
|
[CVE-2015-0207]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0207
|
||||||
|
[CVE-2015-0208]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0208
|
||||||
|
[CVE-2015-0209]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0209
|
||||||
|
[CVE-2015-0285]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0285
|
||||||
|
[CVE-2015-0286]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0286
|
||||||
|
[CVE-2015-0287]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0287
|
||||||
|
[CVE-2015-0288]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0288
|
||||||
|
[CVE-2015-0289]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0289
|
||||||
|
[CVE-2015-0290]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0290
|
||||||
|
[CVE-2015-0291]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0291
|
||||||
|
[CVE-2015-0293]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0293
|
||||||
|
[CVE-2015-1787]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1787
|
||||||
|
[CVE-2015-1788]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1788
|
||||||
|
[CVE-2015-1789]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1789
|
||||||
|
[CVE-2015-1790]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1790
|
||||||
|
[CVE-2015-1791]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1791
|
||||||
|
[CVE-2015-1792]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1792
|
||||||
|
[CVE-2015-1793]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1793
|
||||||
|
[CVE-2015-3193]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-3193
|
||||||
|
[CVE-2015-3194]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-3194
|
||||||
|
[CVE-2015-3195]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-3195
|
||||||
|
[CVE-2015-3196]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-3196
|
||||||
|
[CVE-2015-3197]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-3197
|
||||||
|
[CVE-2016-0701]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0701
|
||||||
|
[CVE-2016-0702]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0702
|
||||||
|
[CVE-2016-0705]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0705
|
||||||
|
[CVE-2016-0797]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0797
|
||||||
|
[CVE-2016-0798]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0798
|
||||||
|
[CVE-2016-0799]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0799
|
||||||
|
[CVE-2016-0800]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0800
|
||||||
|
[CVE-2016-2105]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2105
|
||||||
|
[CVE-2016-2106]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2106
|
||||||
|
[CVE-2016-2107]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2107
|
||||||
|
[CVE-2016-2109]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2109
|
||||||
|
[CVE-2016-2176]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2176
|
||||||
|
[CVE-2016-2177]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2177
|
||||||
|
[CVE-2016-2178]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2178
|
||||||
|
[CVE-2016-2179]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2179
|
||||||
|
[CVE-2016-2180]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2180
|
||||||
|
[CVE-2016-2181]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2181
|
||||||
|
[CVE-2016-2182]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2182
|
||||||
|
[CVE-2016-2183]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2183
|
||||||
|
[CVE-2016-6302]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6302
|
||||||
|
[CVE-2016-6303]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6303
|
||||||
|
[CVE-2016-6304]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6304
|
||||||
|
[CVE-2016-6305]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6305
|
||||||
|
[CVE-2016-6306]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6306
|
||||||
|
[CVE-2016-6307]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6307
|
||||||
|
[CVE-2016-6308]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6308
|
||||||
|
[CVE-2016-6309]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6309
|
||||||
|
[CVE-2016-7052]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-7052
|
||||||
|
[CVE-2016-7053]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-7053
|
||||||
|
[CVE-2016-7054]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-7054
|
||||||
|
[CVE-2016-7055]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-7055
|
||||||
|
[CVE-2017-3730]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3730
|
||||||
|
[CVE-2017-3731]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3731
|
||||||
|
[CVE-2017-3732]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3732
|
||||||
|
[CVE-2017-3733]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3733
|
||||||
|
[CVE-2017-3735]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3735
|
||||||
|
[CVE-2017-3736]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3736
|
||||||
|
[CVE-2017-3737]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3737
|
||||||
|
[CVE-2017-3738]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3738
|
||||||
|
[CVE-2018-0732]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-0732
|
||||||
|
[CVE-2018-0733]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-0733
|
||||||
|
[CVE-2018-0734]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-0734
|
||||||
|
[CVE-2018-0735]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-0735
|
||||||
|
[CVE-2018-0737]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-0737
|
||||||
|
[CVE-2018-0739]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-0739
|
||||||
|
[CVE-2018-5407]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-5407
|
||||||
|
[CVE-2019-1543]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1543
|
||||||
|
[CVE-2019-1547]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1547
|
||||||
|
[CVE-2019-1549]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1549
|
||||||
|
[CVE-2019-1551]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1551
|
||||||
|
[CVE-2019-1552]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1552
|
||||||
|
[CVE-2019-1559]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1559
|
||||||
|
[CVE-2019-1563]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1563
|
||||||
|
[CVE-2020-1967]: https://openssl-library.org/news/vulnerabilities/#CVE-2020-1967
|
||||||
|
[CVE-2020-1971]: https://openssl-library.org/news/vulnerabilities/#CVE-2020-1971
|
||||||
|
[CVE-2022-2097]: https://openssl-library.org/news/vulnerabilities/#CVE-2022-2097
|
||||||
|
[CVE-2022-2274]: https://openssl-library.org/news/vulnerabilities/#CVE-2022-2274
|
||||||
|
[CVE-2022-3996]: https://openssl-library.org/news/vulnerabilities/#CVE-2022-3996
|
||||||
|
[CVE-2022-4203]: https://openssl-library.org/news/vulnerabilities/#CVE-2022-4203
|
||||||
|
[CVE-2022-4304]: https://openssl-library.org/news/vulnerabilities/#CVE-2022-4304
|
||||||
|
[CVE-2022-4450]: https://openssl-library.org/news/vulnerabilities/#CVE-2022-4450
|
||||||
|
[CVE-2023-0215]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0215
|
||||||
|
[CVE-2023-0216]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0216
|
||||||
|
[CVE-2023-0217]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0217
|
||||||
|
[CVE-2023-0286]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0286
|
||||||
|
[CVE-2023-0401]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0401
|
||||||
|
[CVE-2023-0464]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0464
|
||||||
|
[CVE-2023-0465]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0465
|
||||||
|
[CVE-2023-0466]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0466
|
||||||
|
[CVE-2023-1255]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-1255
|
||||||
|
[CVE-2023-2650]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-2650
|
||||||
|
[CVE-2023-2975]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-2975
|
||||||
|
[CVE-2023-3446]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-3446
|
||||||
|
[CVE-2023-3817]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-3817
|
||||||
|
[CVE-2023-4807]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-4807
|
||||||
|
[CVE-2023-5363]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-5363
|
||||||
|
[CVE-2023-5678]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-5678
|
||||||
|
[CVE-2023-6129]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-6129
|
||||||
|
[CVE-2023-6237]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-6237
|
||||||
|
[CVE-2024-0727]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-0727
|
||||||
|
[CVE-2024-2511]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-2511
|
||||||
|
[CVE-2024-4603]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-4603
|
||||||
|
[CVE-2024-4741]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-4741
|
||||||
|
[CVE-2024-5535]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-5535
|
||||||
|
[CVE-2024-6119]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-6119
|
||||||
|
[CVE-2024-9143]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-9143
|
||||||
|
[CVE-2024-13176]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-13176
|
||||||
|
[CVE-2025-4575]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-4575
|
||||||
|
[CVE-2025-9230]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-9230
|
||||||
|
[CVE-2025-9231]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-9231
|
||||||
|
[CVE-2025-9232]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-9232
|
||||||
|
[CVE-2025-11187]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-11187
|
||||||
|
[CVE-2025-15467]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-15467
|
||||||
|
[CVE-2025-15468]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-15468
|
||||||
|
[CVE-2025-15469]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-15469
|
||||||
|
[CVE-2025-66199]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-66199
|
||||||
|
[CVE-2025-68160]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-68160
|
||||||
|
[CVE-2025-69418]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-69418
|
||||||
|
[CVE-2025-69419]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-69419
|
||||||
|
[CVE-2025-69420]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-69420
|
||||||
|
[CVE-2025-69421]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-69421
|
||||||
|
[CVE-2026-2673]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-2673
|
||||||
|
[CVE-2026-22795]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-22795
|
||||||
|
[CVE-2026-22796]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-22796
|
||||||
|
[CVE-2026-28387]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-28387
|
||||||
|
[CVE-2026-28388]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-28388
|
||||||
|
[CVE-2026-28389]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-28389
|
||||||
|
[CVE-2026-28390]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-28390
|
||||||
|
[CVE-2026-31789]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-31789
|
||||||
|
[CVE-2026-31790]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-31790
|
||||||
[ESV]: https://csrc.nist.gov/Projects/cryptographic-module-validation-program/entropy-validations
|
[ESV]: https://csrc.nist.gov/Projects/cryptographic-module-validation-program/entropy-validations
|
||||||
|
[RFC 2578 (STD 58), section 3.5]: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5
|
||||||
|
|||||||
@@ -27,6 +27,18 @@ communication before submitting many pull requests. In addition,
|
|||||||
contributors should personally evaluate potential patches generated by
|
contributors should personally evaluate potential patches generated by
|
||||||
automated tools.
|
automated tools.
|
||||||
|
|
||||||
|
Provide a clear description of the issue or feature being addressed,
|
||||||
|
including any relevant implementation details and, for performance
|
||||||
|
improvements, benchmark results.
|
||||||
|
|
||||||
|
Pull requests and commits should be self-contained, enabling readers to
|
||||||
|
understand what changed and why without needing to reference related
|
||||||
|
issues or having prior knowledge. Commit messages should include all
|
||||||
|
relevant details to help future contributors follow the git history,
|
||||||
|
with clear explanations of what is changing and why. Long descriptions
|
||||||
|
are encouraged if they aid understanding. Commit message titles (their
|
||||||
|
first line) should be kept to 50-70 characters if possible.
|
||||||
|
|
||||||
To make it easier to review and accept your pull request, please follow these
|
To make it easier to review and accept your pull request, please follow these
|
||||||
guidelines:
|
guidelines:
|
||||||
|
|
||||||
|
|||||||
@@ -5,7 +5,8 @@
|
|||||||
my $vc_win64a_info = {};
|
my $vc_win64a_info = {};
|
||||||
sub vc_win64a_info {
|
sub vc_win64a_info {
|
||||||
unless (%$vc_win64a_info) {
|
unless (%$vc_win64a_info) {
|
||||||
if (`nasm -v 2>NUL` =~ /NASM version ([0-9]+\.[0-9]+)/ && $1 >= 2.0) {
|
# Minimum NASM version is 2.09 otherwise SHA3 might be miscompiled
|
||||||
|
if (`nasm -v 2>NUL` =~ /NASM version ([0-9]+)\.([0-9]+)/ && ($1 > 2 || ($1 == 2 && $2 >= 9))) {
|
||||||
$vc_win64a_info = { AS => "nasm",
|
$vc_win64a_info = { AS => "nasm",
|
||||||
ASFLAGS => "-g",
|
ASFLAGS => "-g",
|
||||||
asflags => "-Ox -f win64 -DNEAR",
|
asflags => "-Ox -f win64 -DNEAR",
|
||||||
|
|||||||
@@ -72,6 +72,7 @@ OPTIONS={- $config{options} -}
|
|||||||
CONFIGURE_ARGS=({- join(", ",quotify_l(@{$config{perlargv}})) -})
|
CONFIGURE_ARGS=({- join(", ",quotify_l(@{$config{perlargv}})) -})
|
||||||
SRCDIR={- $config{sourcedir} -}
|
SRCDIR={- $config{sourcedir} -}
|
||||||
BLDDIR={- $config{builddir} -}
|
BLDDIR={- $config{builddir} -}
|
||||||
|
RESULT_D=$(BLDDIR)/test-runs
|
||||||
FIPSKEY={- $config{FIPSKEY} -}
|
FIPSKEY={- $config{FIPSKEY} -}
|
||||||
|
|
||||||
VERSION={- "$config{full_version}" -}
|
VERSION={- "$config{full_version}" -}
|
||||||
@@ -642,7 +643,7 @@ clean: libclean ## Clean the workspace, keep the configuration
|
|||||||
-find . -name '*{- platform->objext() -}' \! -name '.*' \! -type d -exec $(RM) {} \;
|
-find . -name '*{- platform->objext() -}' \! -name '.*' \! -type d -exec $(RM) {} \;
|
||||||
$(RM) core
|
$(RM) core
|
||||||
$(RM) tags TAGS doc-nits md-nits
|
$(RM) tags TAGS doc-nits md-nits
|
||||||
$(RM) -r test/test-runs
|
$(RM) -r $(RESULT_D)
|
||||||
$(RM) providers/fips*.new
|
$(RM) providers/fips*.new
|
||||||
-find . -type l \! -name '.*' -exec $(RM) {} \;
|
-find . -type l \! -name '.*' -exec $(RM) {} \;
|
||||||
|
|
||||||
|
|||||||
@@ -38,6 +38,7 @@
|
|||||||
PLATFORM={- $config{target} -}
|
PLATFORM={- $config{target} -}
|
||||||
SRCDIR={- $config{sourcedir} -}
|
SRCDIR={- $config{sourcedir} -}
|
||||||
BLDDIR={- $config{builddir} -}
|
BLDDIR={- $config{builddir} -}
|
||||||
|
RESULT_D=$(BLDDIR)\test-runs
|
||||||
FIPSKEY={- $config{FIPSKEY} -}
|
FIPSKEY={- $config{FIPSKEY} -}
|
||||||
|
|
||||||
VERSION={- "$config{full_version}" -}
|
VERSION={- "$config{full_version}" -}
|
||||||
@@ -222,7 +223,7 @@ OPENSSLDIR_dir={- canonpath($openssldir_dir) -}
|
|||||||
LIBDIR={- our $libdir = $config{libdir} || "lib";
|
LIBDIR={- our $libdir = $config{libdir} || "lib";
|
||||||
file_name_is_absolute($libdir) ? "" : $libdir -}
|
file_name_is_absolute($libdir) ? "" : $libdir -}
|
||||||
MODULESDIR_dev={- use File::Spec::Functions qw(:DEFAULT splitpath catpath);
|
MODULESDIR_dev={- use File::Spec::Functions qw(:DEFAULT splitpath catpath);
|
||||||
our $modulesprefix = catdir($prefix,$libdir);
|
our $modulesprefix = file_name_is_absolute($libdir) ? $libdir : catdir($prefix,$libdir);
|
||||||
our ($modulesprefix_dev, $modulesprefix_dir,
|
our ($modulesprefix_dev, $modulesprefix_dir,
|
||||||
$modulesprefix_file) =
|
$modulesprefix_file) =
|
||||||
splitpath($modulesprefix, 1);
|
splitpath($modulesprefix, 1);
|
||||||
@@ -484,7 +485,7 @@ clean: libclean
|
|||||||
-del /Q /S /F engines\*.lib engines\*.exp
|
-del /Q /S /F engines\*.lib engines\*.exp
|
||||||
-del /Q /S /F apps\*.lib apps\*.rc apps\*.res apps\*.exp
|
-del /Q /S /F apps\*.lib apps\*.rc apps\*.res apps\*.exp
|
||||||
-del /Q /S /F test\*.exp
|
-del /Q /S /F test\*.exp
|
||||||
-rd /Q /S test\test-runs
|
-@if exist "$(RESULT_D)" rd /Q /S "$(RESULT_D)"
|
||||||
|
|
||||||
distclean: clean
|
distclean: clean
|
||||||
-del /Q /F include\openssl\configuration.h
|
-del /Q /F include\openssl\configuration.h
|
||||||
|
|||||||
@@ -23,6 +23,36 @@ OpenSSL Releases
|
|||||||
OpenSSL 3.5
|
OpenSSL 3.5
|
||||||
-----------
|
-----------
|
||||||
|
|
||||||
|
### Major changes between OpenSSL 3.5.5 and OpenSSL 3.5.6 [7 Apr 2026]
|
||||||
|
|
||||||
|
OpenSSL 3.5.6 is a security patch release. The most severe CVE fixed in this
|
||||||
|
release is Medium.
|
||||||
|
|
||||||
|
This release incorporates the following bug fixes and mitigations:
|
||||||
|
|
||||||
|
* Fixed incorrect failure handling in RSA KEM RSASVE encapsulation.
|
||||||
|
([CVE-2026-31790])
|
||||||
|
|
||||||
|
* Fixed loss of key agreement group tuple structure when the `DEFAULT` keyword
|
||||||
|
is used in the server-side configuration of the key-agreement group list.
|
||||||
|
([CVE-2026-2673])
|
||||||
|
|
||||||
|
* Fixed potential use-after-free in DANE client code.
|
||||||
|
([CVE-2026-28387])
|
||||||
|
|
||||||
|
* Fixed NULL pointer dereference when processing a delta CRL.
|
||||||
|
([CVE-2026-28388])
|
||||||
|
|
||||||
|
* Fixed possible NULL dereference when processing CMS KeyAgreeRecipientInfo.
|
||||||
|
([CVE-2026-28389])
|
||||||
|
|
||||||
|
* Fixed possible NULL dereference when processing CMS
|
||||||
|
KeyTransportRecipientInfo.
|
||||||
|
([CVE-2026-28390])
|
||||||
|
|
||||||
|
* Fixed heap buffer overflow in hexadecimal conversion.
|
||||||
|
([CVE-2026-31789])
|
||||||
|
|
||||||
### Major changes between OpenSSL 3.5.4 and OpenSSL 3.5.5 [27 Jan 2026]
|
### Major changes between OpenSSL 3.5.4 and OpenSSL 3.5.5 [27 Jan 2026]
|
||||||
|
|
||||||
OpenSSL 3.5.5 is a security patch release. The most severe CVE fixed in this
|
OpenSSL 3.5.5 is a security patch release. The most severe CVE fixed in this
|
||||||
@@ -758,7 +788,7 @@ OpenSSL 1.1.1
|
|||||||
|
|
||||||
### Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [17 Mar 2020]
|
### Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [17 Mar 2020]
|
||||||
|
|
||||||
* Fixed an overflow bug in the x64_64 Montgomery squaring procedure
|
* Fixed an overflow bug in the x86_64 Montgomery squaring procedure
|
||||||
used in exponentiation with 512-bit moduli ([CVE-2019-1551])
|
used in exponentiation with 512-bit moduli ([CVE-2019-1551])
|
||||||
|
|
||||||
### Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019]
|
### Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019]
|
||||||
@@ -1988,201 +2018,208 @@ OpenSSL 0.9.x
|
|||||||
* Support for various new platforms
|
* Support for various new platforms
|
||||||
|
|
||||||
<!-- Links -->
|
<!-- Links -->
|
||||||
[CVE-2026-22796]: https://www.openssl.org/news/vulnerabilities.html#CVE-2026-22796
|
|
||||||
[CVE-2026-22795]: https://www.openssl.org/news/vulnerabilities.html#CVE-2026-22795
|
|
||||||
[CVE-2025-69421]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-69421
|
|
||||||
[CVE-2025-69420]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-69420
|
|
||||||
[CVE-2025-69419]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-69419
|
|
||||||
[CVE-2025-69418]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-69418
|
|
||||||
[CVE-2025-68160]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-68160
|
|
||||||
[CVE-2025-66199]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-66199
|
|
||||||
[CVE-2025-15469]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-15469
|
|
||||||
[CVE-2025-15468]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-15468
|
|
||||||
[CVE-2025-15467]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-15467
|
|
||||||
[CVE-2025-11187]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-11187
|
|
||||||
[CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232
|
|
||||||
[CVE-2025-9231]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9231
|
|
||||||
[CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230
|
|
||||||
[CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
|
|
||||||
[CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
|
|
||||||
[CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143
|
|
||||||
[CVE-2024-6119]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-6119
|
|
||||||
[CVE-2024-5535]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-5535
|
|
||||||
[CVE-2024-4741]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-4741
|
|
||||||
[CVE-2024-4603]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-4603
|
|
||||||
[CVE-2024-2511]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-2511
|
|
||||||
[CVE-2024-0727]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-0727
|
|
||||||
[CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237
|
|
||||||
[CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
|
|
||||||
[CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
|
|
||||||
[CVE-2023-5363]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5363
|
|
||||||
[CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807
|
|
||||||
[CVE-2023-3817]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3817
|
|
||||||
[CVE-2023-3446]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3446
|
|
||||||
[CVE-2023-2975]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2975
|
|
||||||
[CVE-2023-2650]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2650
|
|
||||||
[CVE-2023-1255]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-1255
|
|
||||||
[CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466
|
|
||||||
[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465
|
|
||||||
[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464
|
|
||||||
[CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401
|
|
||||||
[CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286
|
|
||||||
[CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217
|
|
||||||
[CVE-2023-0216]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0216
|
|
||||||
[CVE-2023-0215]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0215
|
|
||||||
[CVE-2022-4450]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-4450
|
|
||||||
[CVE-2022-4304]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-4304
|
|
||||||
[CVE-2022-4203]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-4203
|
|
||||||
[CVE-2022-3996]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-3996
|
|
||||||
[CVE-2022-2274]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274
|
|
||||||
[CVE-2022-2097]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2097
|
|
||||||
[CVE-2020-1971]: https://www.openssl.org/news/vulnerabilities.html#CVE-2020-1971
|
|
||||||
[CVE-2020-1967]: https://www.openssl.org/news/vulnerabilities.html#CVE-2020-1967
|
|
||||||
[CVE-2019-1563]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1563
|
|
||||||
[CVE-2019-1559]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1559
|
|
||||||
[CVE-2019-1552]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1552
|
|
||||||
[CVE-2019-1551]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1551
|
|
||||||
[CVE-2019-1549]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1549
|
|
||||||
[CVE-2019-1547]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1547
|
|
||||||
[CVE-2019-1543]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1543
|
|
||||||
[CVE-2018-5407]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-5407
|
|
||||||
[CVE-2018-0739]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0739
|
|
||||||
[CVE-2018-0737]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0737
|
|
||||||
[CVE-2018-0735]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0735
|
|
||||||
[CVE-2018-0734]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0734
|
|
||||||
[CVE-2018-0733]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0733
|
|
||||||
[CVE-2018-0732]: https://www.openssl.org/news/vulnerabilities.html#CVE-2018-0732
|
|
||||||
[CVE-2017-3738]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3738
|
|
||||||
[CVE-2017-3737]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3737
|
|
||||||
[CVE-2017-3736]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3736
|
|
||||||
[CVE-2017-3735]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3735
|
|
||||||
[CVE-2017-3733]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3733
|
|
||||||
[CVE-2017-3732]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3732
|
|
||||||
[CVE-2017-3731]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3731
|
|
||||||
[CVE-2017-3730]: https://www.openssl.org/news/vulnerabilities.html#CVE-2017-3730
|
|
||||||
[CVE-2016-7055]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7055
|
|
||||||
[CVE-2016-7054]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7054
|
|
||||||
[CVE-2016-7053]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7053
|
|
||||||
[CVE-2016-7052]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-7052
|
|
||||||
[CVE-2016-6309]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6309
|
|
||||||
[CVE-2016-6308]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6308
|
|
||||||
[CVE-2016-6307]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6307
|
|
||||||
[CVE-2016-6306]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6306
|
|
||||||
[CVE-2016-6305]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6305
|
|
||||||
[CVE-2016-6304]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6304
|
|
||||||
[CVE-2016-6303]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6303
|
|
||||||
[CVE-2016-6302]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-6302
|
|
||||||
[CVE-2016-2183]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2183
|
|
||||||
[CVE-2016-2182]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2182
|
|
||||||
[CVE-2016-2181]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2181
|
|
||||||
[CVE-2016-2180]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2180
|
|
||||||
[CVE-2016-2179]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2179
|
|
||||||
[CVE-2016-2178]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2178
|
|
||||||
[CVE-2016-2177]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2177
|
|
||||||
[CVE-2016-2176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2176
|
|
||||||
[CVE-2016-2109]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2109
|
|
||||||
[CVE-2016-2107]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2107
|
|
||||||
[CVE-2016-2106]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2106
|
|
||||||
[CVE-2016-2105]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-2105
|
|
||||||
[CVE-2016-0800]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0800
|
|
||||||
[CVE-2016-0799]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0799
|
|
||||||
[CVE-2016-0798]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0798
|
|
||||||
[CVE-2016-0797]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0797
|
|
||||||
[CVE-2016-0705]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0705
|
|
||||||
[CVE-2016-0702]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0702
|
|
||||||
[CVE-2016-0701]: https://www.openssl.org/news/vulnerabilities.html#CVE-2016-0701
|
|
||||||
[CVE-2015-3197]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3197
|
|
||||||
[CVE-2015-3196]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3196
|
|
||||||
[CVE-2015-3195]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3195
|
|
||||||
[CVE-2015-3194]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3194
|
|
||||||
[CVE-2015-3193]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-3193
|
|
||||||
[CVE-2015-1793]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1793
|
|
||||||
[CVE-2015-1792]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1792
|
|
||||||
[CVE-2015-1791]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1791
|
|
||||||
[CVE-2015-1790]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1790
|
|
||||||
[CVE-2015-1789]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1789
|
|
||||||
[CVE-2015-1788]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1788
|
|
||||||
[CVE-2015-1787]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-1787
|
|
||||||
[CVE-2015-0293]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0293
|
|
||||||
[CVE-2015-0291]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0291
|
|
||||||
[CVE-2015-0290]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0290
|
|
||||||
[CVE-2015-0289]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0289
|
|
||||||
[CVE-2015-0288]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0288
|
|
||||||
[CVE-2015-0287]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0287
|
|
||||||
[CVE-2015-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0286
|
|
||||||
[CVE-2015-0285]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0285
|
|
||||||
[CVE-2015-0209]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0209
|
|
||||||
[CVE-2015-0208]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0208
|
|
||||||
[CVE-2015-0207]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0207
|
|
||||||
[CVE-2015-0206]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0206
|
|
||||||
[CVE-2015-0205]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0205
|
|
||||||
[CVE-2015-0204]: https://www.openssl.org/news/vulnerabilities.html#CVE-2015-0204
|
|
||||||
[CVE-2014-8275]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-8275
|
|
||||||
[CVE-2014-5139]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-5139
|
|
||||||
[CVE-2014-3572]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3572
|
|
||||||
[CVE-2014-3571]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3571
|
|
||||||
[CVE-2014-3570]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3570
|
|
||||||
[CVE-2014-3569]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3569
|
|
||||||
[CVE-2014-3568]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3568
|
|
||||||
[CVE-2014-3567]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3567
|
|
||||||
[CVE-2014-3566]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3566
|
|
||||||
[CVE-2014-3513]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3513
|
|
||||||
[CVE-2014-3512]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3512
|
|
||||||
[CVE-2014-3511]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3511
|
|
||||||
[CVE-2014-3510]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3510
|
|
||||||
[CVE-2014-3509]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3509
|
|
||||||
[CVE-2014-3508]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3508
|
|
||||||
[CVE-2014-3507]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3507
|
|
||||||
[CVE-2014-3506]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3506
|
|
||||||
[CVE-2014-3505]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3505
|
|
||||||
[CVE-2014-3470]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-3470
|
|
||||||
[CVE-2014-0224]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0224
|
|
||||||
[CVE-2014-0221]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0221
|
|
||||||
[CVE-2014-0198]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0198
|
|
||||||
[CVE-2014-0195]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0195
|
|
||||||
[CVE-2014-0160]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0160
|
|
||||||
[CVE-2014-0076]: https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0076
|
|
||||||
[CVE-2013-6450]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-6450
|
|
||||||
[CVE-2013-6449]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-6449
|
|
||||||
[CVE-2013-4353]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-4353
|
|
||||||
[CVE-2013-0169]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-0169
|
|
||||||
[CVE-2013-0166]: https://www.openssl.org/news/vulnerabilities.html#CVE-2013-0166
|
|
||||||
[CVE-2012-2686]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-2686
|
|
||||||
[CVE-2012-2333]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-2333
|
|
||||||
[CVE-2012-2110]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-2110
|
|
||||||
[CVE-2012-0884]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-0884
|
|
||||||
[CVE-2012-0050]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-0050
|
|
||||||
[CVE-2012-0027]: https://www.openssl.org/news/vulnerabilities.html#CVE-2012-0027
|
|
||||||
[CVE-2011-4619]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4619
|
|
||||||
[CVE-2011-4577]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4577
|
|
||||||
[CVE-2011-4576]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4576
|
|
||||||
[CVE-2011-4108]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-4108
|
|
||||||
[CVE-2011-3210]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-3210
|
|
||||||
[CVE-2011-3207]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-3207
|
|
||||||
[CVE-2011-0014]: https://www.openssl.org/news/vulnerabilities.html#CVE-2011-0014
|
|
||||||
[CVE-2010-5298]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-5298
|
|
||||||
[CVE-2010-4252]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-4252
|
|
||||||
[CVE-2010-4180]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-4180
|
|
||||||
[CVE-2010-3864]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-3864
|
|
||||||
[CVE-2010-2939]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-2939
|
|
||||||
[CVE-2010-1633]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-1633
|
|
||||||
[CVE-2010-0740]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-0740
|
|
||||||
[CVE-2010-0433]: https://www.openssl.org/news/vulnerabilities.html#CVE-2010-0433
|
|
||||||
[CVE-2009-3555]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-3555
|
|
||||||
[CVE-2009-0789]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-0789
|
|
||||||
[CVE-2009-0591]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-0591
|
|
||||||
[CVE-2009-0590]: https://www.openssl.org/news/vulnerabilities.html#CVE-2009-0590
|
|
||||||
[CVE-2008-5077]: https://www.openssl.org/news/vulnerabilities.html#CVE-2008-5077
|
|
||||||
[CVE-2006-4343]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-4343
|
|
||||||
[CVE-2006-4339]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-4339
|
|
||||||
[CVE-2006-3737]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-3737
|
|
||||||
[CVE-2006-2940]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-2940
|
|
||||||
[CVE-2006-2937]: https://www.openssl.org/news/vulnerabilities.html#CVE-2006-2937
|
|
||||||
[CVE-2005-2969]: https://www.openssl.org/news/vulnerabilities.html#CVE-2005-2969
|
|
||||||
[OpenSSL Guide]: https://www.openssl.org/docs/manmaster/man7/ossl-guide-introduction.html
|
|
||||||
[CHANGES.md]: ./CHANGES.md
|
[CHANGES.md]: ./CHANGES.md
|
||||||
|
[CMVP]: https://csrc.nist.gov/projects/cryptographic-module-validation-program
|
||||||
|
[CVE-2005-2969]: https://openssl-library.org/news/vulnerabilities/#CVE-2005-2969
|
||||||
|
[CVE-2006-2937]: https://openssl-library.org/news/vulnerabilities/#CVE-2006-2937
|
||||||
|
[CVE-2006-2940]: https://openssl-library.org/news/vulnerabilities/#CVE-2006-2940
|
||||||
|
[CVE-2006-3737]: https://openssl-library.org/news/vulnerabilities/#CVE-2006-3737
|
||||||
|
[CVE-2006-4339]: https://openssl-library.org/news/vulnerabilities/#CVE-2006-4339
|
||||||
|
[CVE-2006-4343]: https://openssl-library.org/news/vulnerabilities/#CVE-2006-4343
|
||||||
|
[CVE-2008-5077]: https://openssl-library.org/news/vulnerabilities/#CVE-2008-5077
|
||||||
|
[CVE-2009-0590]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-0590
|
||||||
|
[CVE-2009-0591]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-0591
|
||||||
|
[CVE-2009-0789]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-0789
|
||||||
|
[CVE-2009-3555]: https://openssl-library.org/news/vulnerabilities/#CVE-2009-3555
|
||||||
|
[CVE-2010-0433]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-0433
|
||||||
|
[CVE-2010-0740]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-0740
|
||||||
|
[CVE-2010-1633]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-1633
|
||||||
|
[CVE-2010-2939]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-2939
|
||||||
|
[CVE-2010-3864]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-3864
|
||||||
|
[CVE-2010-4180]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-4180
|
||||||
|
[CVE-2010-4252]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-4252
|
||||||
|
[CVE-2010-5298]: https://openssl-library.org/news/vulnerabilities/#CVE-2010-5298
|
||||||
|
[CVE-2011-0014]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-0014
|
||||||
|
[CVE-2011-3207]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-3207
|
||||||
|
[CVE-2011-3210]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-3210
|
||||||
|
[CVE-2011-4108]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-4108
|
||||||
|
[CVE-2011-4576]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-4576
|
||||||
|
[CVE-2011-4577]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-4577
|
||||||
|
[CVE-2011-4619]: https://openssl-library.org/news/vulnerabilities/#CVE-2011-4619
|
||||||
|
[CVE-2012-0027]: https://openssl-library.org/news/vulnerabilities/#CVE-2012-0027
|
||||||
|
[CVE-2012-0050]: https://openssl-library.org/news/vulnerabilities/#CVE-2012-0050
|
||||||
|
[CVE-2012-0884]: https://openssl-library.org/news/vulnerabilities/#CVE-2012-0884
|
||||||
|
[CVE-2012-2110]: https://openssl-library.org/news/vulnerabilities/#CVE-2012-2110
|
||||||
|
[CVE-2012-2333]: https://openssl-library.org/news/vulnerabilities/#CVE-2012-2333
|
||||||
|
[CVE-2012-2686]: https://openssl-library.org/news/vulnerabilities/#CVE-2012-2686
|
||||||
|
[CVE-2013-0166]: https://openssl-library.org/news/vulnerabilities/#CVE-2013-0166
|
||||||
|
[CVE-2013-0169]: https://openssl-library.org/news/vulnerabilities/#CVE-2013-0169
|
||||||
|
[CVE-2013-4353]: https://openssl-library.org/news/vulnerabilities/#CVE-2013-4353
|
||||||
|
[CVE-2013-6449]: https://openssl-library.org/news/vulnerabilities/#CVE-2013-6449
|
||||||
|
[CVE-2013-6450]: https://openssl-library.org/news/vulnerabilities/#CVE-2013-6450
|
||||||
|
[CVE-2014-0076]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-0076
|
||||||
|
[CVE-2014-0160]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-0160
|
||||||
|
[CVE-2014-0195]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-0195
|
||||||
|
[CVE-2014-0198]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-0198
|
||||||
|
[CVE-2014-0221]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-0221
|
||||||
|
[CVE-2014-0224]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-0224
|
||||||
|
[CVE-2014-3470]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3470
|
||||||
|
[CVE-2014-3505]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3505
|
||||||
|
[CVE-2014-3506]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3506
|
||||||
|
[CVE-2014-3507]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3507
|
||||||
|
[CVE-2014-3508]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3508
|
||||||
|
[CVE-2014-3509]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3509
|
||||||
|
[CVE-2014-3510]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3510
|
||||||
|
[CVE-2014-3511]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3511
|
||||||
|
[CVE-2014-3512]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3512
|
||||||
|
[CVE-2014-3513]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3513
|
||||||
|
[CVE-2014-3566]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3566
|
||||||
|
[CVE-2014-3567]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3567
|
||||||
|
[CVE-2014-3568]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3568
|
||||||
|
[CVE-2014-3569]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3569
|
||||||
|
[CVE-2014-3570]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3570
|
||||||
|
[CVE-2014-3571]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3571
|
||||||
|
[CVE-2014-3572]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-3572
|
||||||
|
[CVE-2014-5139]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-5139
|
||||||
|
[CVE-2014-8275]: https://openssl-library.org/news/vulnerabilities/#CVE-2014-8275
|
||||||
|
[CVE-2015-0204]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0204
|
||||||
|
[CVE-2015-0205]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0205
|
||||||
|
[CVE-2015-0206]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0206
|
||||||
|
[CVE-2015-0207]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0207
|
||||||
|
[CVE-2015-0208]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0208
|
||||||
|
[CVE-2015-0209]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0209
|
||||||
|
[CVE-2015-0285]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0285
|
||||||
|
[CVE-2015-0286]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0286
|
||||||
|
[CVE-2015-0287]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0287
|
||||||
|
[CVE-2015-0288]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0288
|
||||||
|
[CVE-2015-0289]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0289
|
||||||
|
[CVE-2015-0290]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0290
|
||||||
|
[CVE-2015-0291]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0291
|
||||||
|
[CVE-2015-0293]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-0293
|
||||||
|
[CVE-2015-1787]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1787
|
||||||
|
[CVE-2015-1788]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1788
|
||||||
|
[CVE-2015-1789]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1789
|
||||||
|
[CVE-2015-1790]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1790
|
||||||
|
[CVE-2015-1791]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1791
|
||||||
|
[CVE-2015-1792]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1792
|
||||||
|
[CVE-2015-1793]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-1793
|
||||||
|
[CVE-2015-3193]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-3193
|
||||||
|
[CVE-2015-3194]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-3194
|
||||||
|
[CVE-2015-3195]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-3195
|
||||||
|
[CVE-2015-3196]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-3196
|
||||||
|
[CVE-2015-3197]: https://openssl-library.org/news/vulnerabilities/#CVE-2015-3197
|
||||||
|
[CVE-2016-0701]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0701
|
||||||
|
[CVE-2016-0702]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0702
|
||||||
|
[CVE-2016-0705]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0705
|
||||||
|
[CVE-2016-0797]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0797
|
||||||
|
[CVE-2016-0798]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0798
|
||||||
|
[CVE-2016-0799]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0799
|
||||||
|
[CVE-2016-0800]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-0800
|
||||||
|
[CVE-2016-2105]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2105
|
||||||
|
[CVE-2016-2106]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2106
|
||||||
|
[CVE-2016-2107]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2107
|
||||||
|
[CVE-2016-2109]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2109
|
||||||
|
[CVE-2016-2176]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2176
|
||||||
|
[CVE-2016-2177]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2177
|
||||||
|
[CVE-2016-2178]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2178
|
||||||
|
[CVE-2016-2179]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2179
|
||||||
|
[CVE-2016-2180]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2180
|
||||||
|
[CVE-2016-2181]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2181
|
||||||
|
[CVE-2016-2182]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2182
|
||||||
|
[CVE-2016-2183]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-2183
|
||||||
|
[CVE-2016-6302]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6302
|
||||||
|
[CVE-2016-6303]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6303
|
||||||
|
[CVE-2016-6304]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6304
|
||||||
|
[CVE-2016-6305]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6305
|
||||||
|
[CVE-2016-6306]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6306
|
||||||
|
[CVE-2016-6307]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6307
|
||||||
|
[CVE-2016-6308]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6308
|
||||||
|
[CVE-2016-6309]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-6309
|
||||||
|
[CVE-2016-7052]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-7052
|
||||||
|
[CVE-2016-7053]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-7053
|
||||||
|
[CVE-2016-7054]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-7054
|
||||||
|
[CVE-2016-7055]: https://openssl-library.org/news/vulnerabilities/#CVE-2016-7055
|
||||||
|
[CVE-2017-3730]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3730
|
||||||
|
[CVE-2017-3731]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3731
|
||||||
|
[CVE-2017-3732]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3732
|
||||||
|
[CVE-2017-3733]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3733
|
||||||
|
[CVE-2017-3735]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3735
|
||||||
|
[CVE-2017-3736]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3736
|
||||||
|
[CVE-2017-3737]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3737
|
||||||
|
[CVE-2017-3738]: https://openssl-library.org/news/vulnerabilities/#CVE-2017-3738
|
||||||
|
[CVE-2018-0732]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-0732
|
||||||
|
[CVE-2018-0733]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-0733
|
||||||
|
[CVE-2018-0734]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-0734
|
||||||
|
[CVE-2018-0735]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-0735
|
||||||
|
[CVE-2018-0737]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-0737
|
||||||
|
[CVE-2018-0739]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-0739
|
||||||
|
[CVE-2018-5407]: https://openssl-library.org/news/vulnerabilities/#CVE-2018-5407
|
||||||
|
[CVE-2019-1543]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1543
|
||||||
|
[CVE-2019-1547]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1547
|
||||||
|
[CVE-2019-1549]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1549
|
||||||
|
[CVE-2019-1551]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1551
|
||||||
|
[CVE-2019-1552]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1552
|
||||||
|
[CVE-2019-1559]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1559
|
||||||
|
[CVE-2019-1563]: https://openssl-library.org/news/vulnerabilities/#CVE-2019-1563
|
||||||
|
[CVE-2020-1967]: https://openssl-library.org/news/vulnerabilities/#CVE-2020-1967
|
||||||
|
[CVE-2020-1971]: https://openssl-library.org/news/vulnerabilities/#CVE-2020-1971
|
||||||
|
[CVE-2022-2097]: https://openssl-library.org/news/vulnerabilities/#CVE-2022-2097
|
||||||
|
[CVE-2022-2274]: https://openssl-library.org/news/vulnerabilities/#CVE-2022-2274
|
||||||
|
[CVE-2022-3996]: https://openssl-library.org/news/vulnerabilities/#CVE-2022-3996
|
||||||
|
[CVE-2022-4203]: https://openssl-library.org/news/vulnerabilities/#CVE-2022-4203
|
||||||
|
[CVE-2022-4304]: https://openssl-library.org/news/vulnerabilities/#CVE-2022-4304
|
||||||
|
[CVE-2022-4450]: https://openssl-library.org/news/vulnerabilities/#CVE-2022-4450
|
||||||
|
[CVE-2023-0215]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0215
|
||||||
|
[CVE-2023-0216]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0216
|
||||||
|
[CVE-2023-0217]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0217
|
||||||
|
[CVE-2023-0286]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0286
|
||||||
|
[CVE-2023-0401]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0401
|
||||||
|
[CVE-2023-0464]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0464
|
||||||
|
[CVE-2023-0465]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0465
|
||||||
|
[CVE-2023-0466]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-0466
|
||||||
|
[CVE-2023-1255]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-1255
|
||||||
|
[CVE-2023-2650]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-2650
|
||||||
|
[CVE-2023-2975]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-2975
|
||||||
|
[CVE-2023-3446]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-3446
|
||||||
|
[CVE-2023-3817]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-3817
|
||||||
|
[CVE-2023-4807]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-4807
|
||||||
|
[CVE-2023-5363]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-5363
|
||||||
|
[CVE-2023-5678]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-5678
|
||||||
|
[CVE-2023-6129]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-6129
|
||||||
|
[CVE-2023-6237]: https://openssl-library.org/news/vulnerabilities/#CVE-2023-6237
|
||||||
|
[CVE-2024-0727]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-0727
|
||||||
|
[CVE-2024-2511]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-2511
|
||||||
|
[CVE-2024-4603]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-4603
|
||||||
|
[CVE-2024-4741]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-4741
|
||||||
|
[CVE-2024-5535]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-5535
|
||||||
|
[CVE-2024-6119]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-6119
|
||||||
|
[CVE-2024-9143]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-9143
|
||||||
|
[CVE-2024-13176]: https://openssl-library.org/news/vulnerabilities/#CVE-2024-13176
|
||||||
|
[CVE-2025-4575]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-4575
|
||||||
|
[CVE-2025-9230]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-9230
|
||||||
|
[CVE-2025-9231]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-9231
|
||||||
|
[CVE-2025-9232]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-9232
|
||||||
|
[CVE-2025-11187]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-11187
|
||||||
|
[CVE-2025-15467]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-15467
|
||||||
|
[CVE-2025-15468]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-15468
|
||||||
|
[CVE-2025-15469]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-15469
|
||||||
|
[CVE-2025-66199]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-66199
|
||||||
|
[CVE-2025-68160]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-68160
|
||||||
|
[CVE-2025-69418]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-69418
|
||||||
|
[CVE-2025-69419]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-69419
|
||||||
|
[CVE-2025-69420]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-69420
|
||||||
|
[CVE-2025-69421]: https://openssl-library.org/news/vulnerabilities/#CVE-2025-69421
|
||||||
|
[CVE-2026-2673]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-2673
|
||||||
|
[CVE-2026-22795]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-22795
|
||||||
|
[CVE-2026-22796]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-22796
|
||||||
|
[CVE-2026-28387]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-28387
|
||||||
|
[CVE-2026-28388]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-28388
|
||||||
|
[CVE-2026-28389]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-28389
|
||||||
|
[CVE-2026-28390]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-28390
|
||||||
|
[CVE-2026-31789]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-31789
|
||||||
|
[CVE-2026-31790]: https://openssl-library.org/news/vulnerabilities/#CVE-2026-31790
|
||||||
|
[ESV]: https://csrc.nist.gov/Projects/cryptographic-module-validation-program/entropy-validations
|
||||||
|
[OpenSSL Guide]: https://www.openssl.org/docs/manmaster/man7/ossl-guide-introduction.html
|
||||||
[README-QUIC.md]: ./README-QUIC.md
|
[README-QUIC.md]: ./README-QUIC.md
|
||||||
[issue tracker]: https://github.com/openssl/openssl/issues
|
[issue tracker]: https://github.com/openssl/openssl/issues
|
||||||
[CMVP]: https://csrc.nist.gov/projects/cryptographic-module-validation-program
|
|
||||||
[ESV]: https://csrc.nist.gov/Projects/cryptographic-module-validation-program/entropy-validations
|
|
||||||
[jitterentropy-library]: https://github.com/smuellerDD/jitterentropy-library
|
[jitterentropy-library]: https://github.com/smuellerDD/jitterentropy-library
|
||||||
|
|||||||
+2
-2
@@ -1,7 +1,7 @@
|
|||||||
MAJOR=3
|
MAJOR=3
|
||||||
MINOR=5
|
MINOR=5
|
||||||
PATCH=5
|
PATCH=6
|
||||||
PRE_RELEASE_TAG=
|
PRE_RELEASE_TAG=
|
||||||
BUILD_METADATA=
|
BUILD_METADATA=
|
||||||
RELEASE_DATE="27 Jan 2026"
|
RELEASE_DATE="7 Apr 2026"
|
||||||
SHLIB_VERSION=3
|
SHLIB_VERSION=3
|
||||||
|
|||||||
+13
-5
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2007-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright Nokia 2007-2019
|
* Copyright Nokia 2007-2019
|
||||||
* Copyright Siemens AG 2015-2019
|
* Copyright Siemens AG 2015-2019
|
||||||
*
|
*
|
||||||
@@ -1421,7 +1421,10 @@ static int setup_verification_ctx(OSSL_CMP_CTX *ctx)
|
|||||||
out_vpm = X509_STORE_get0_param(out_trusted);
|
out_vpm = X509_STORE_get0_param(out_trusted);
|
||||||
X509_VERIFY_PARAM_clear_flags(out_vpm, X509_V_FLAG_USE_CHECK_TIME);
|
X509_VERIFY_PARAM_clear_flags(out_vpm, X509_V_FLAG_USE_CHECK_TIME);
|
||||||
|
|
||||||
(void)OSSL_CMP_CTX_set_certConf_cb_arg(ctx, out_trusted);
|
if (!OSSL_CMP_CTX_set_certConf_cb_arg(ctx, out_trusted)) {
|
||||||
|
X509_STORE_free(out_trusted);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (opt_disable_confirm)
|
if (opt_disable_confirm)
|
||||||
@@ -3390,6 +3393,12 @@ static void print_keyspec(OSSL_CMP_ATAVS *keySpec)
|
|||||||
int paramtype;
|
int paramtype;
|
||||||
const void *param;
|
const void *param;
|
||||||
|
|
||||||
|
/* NULL check to prevent dereferencing a NULL pointer when print_keyspec is called */
|
||||||
|
if (alg == NULL) {
|
||||||
|
BIO_puts(mem, "Key algorithm: <absent>\n");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
X509_ALGOR_get0(&oid, ¶mtype, ¶m, alg);
|
X509_ALGOR_get0(&oid, ¶mtype, ¶m, alg);
|
||||||
BIO_printf(mem, "Key algorithm: ");
|
BIO_printf(mem, "Key algorithm: ");
|
||||||
i2a_ASN1_OBJECT(mem, oid);
|
i2a_ASN1_OBJECT(mem, oid);
|
||||||
@@ -3789,8 +3798,7 @@ int cmp_main(int argc, char **argv)
|
|||||||
if (opt_ignore_keyusage)
|
if (opt_ignore_keyusage)
|
||||||
(void)OSSL_CMP_CTX_set_option(cmp_ctx, OSSL_CMP_OPT_IGNORE_KEYUSAGE, 1);
|
(void)OSSL_CMP_CTX_set_option(cmp_ctx, OSSL_CMP_OPT_IGNORE_KEYUSAGE, 1);
|
||||||
if (opt_no_cache_extracerts)
|
if (opt_no_cache_extracerts)
|
||||||
(void)OSSL_CMP_CTX_set_option(cmp_ctx, OSSL_CMP_OPT_NO_CACHE_EXTRACERTS,
|
(void)OSSL_CMP_CTX_set_option(cmp_ctx, OSSL_CMP_OPT_NO_CACHE_EXTRACERTS, 1);
|
||||||
1);
|
|
||||||
|
|
||||||
if (opt_reqout_only == NULL && (opt_use_mock_srv
|
if (opt_reqout_only == NULL && (opt_use_mock_srv
|
||||||
#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
|
#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
|
||||||
@@ -3806,7 +3814,7 @@ int cmp_main(int argc, char **argv)
|
|||||||
|
|
||||||
srv_cmp_ctx = OSSL_CMP_SRV_CTX_get0_cmp_ctx(srv_ctx);
|
srv_cmp_ctx = OSSL_CMP_SRV_CTX_get0_cmp_ctx(srv_ctx);
|
||||||
if (!OSSL_CMP_CTX_set_log_cb(srv_cmp_ctx, print_to_bio_err)) {
|
if (!OSSL_CMP_CTX_set_log_cb(srv_cmp_ctx, print_to_bio_err)) {
|
||||||
CMP_err1("cannot set up error reporting and logging for %s", prog);
|
CMP_err1("cannot set up server-side error reporting and logging for %s", prog);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
OSSL_CMP_CTX_set_log_verbosity(srv_cmp_ctx, opt_verbosity);
|
OSSL_CMP_CTX_set_log_verbosity(srv_cmp_ctx, opt_verbosity);
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2018-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright Siemens AG 2018-2020
|
* Copyright Siemens AG 2018-2020
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
@@ -19,6 +19,8 @@
|
|||||||
OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OSSL_LIB_CTX *libctx,
|
OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OSSL_LIB_CTX *libctx,
|
||||||
const char *propq);
|
const char *propq);
|
||||||
void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx);
|
void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx);
|
||||||
|
OSSL_CMP_MSG *ossl_cmp_mock_server_perform(OSSL_CMP_CTX *ctx,
|
||||||
|
const OSSL_CMP_MSG *req);
|
||||||
|
|
||||||
int ossl_cmp_mock_srv_set1_refCert(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
|
int ossl_cmp_mock_srv_set1_refCert(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
|
||||||
int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
|
int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
|
||||||
@@ -34,6 +36,7 @@ int ossl_cmp_mock_srv_set1_oldWithNew(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
|
|||||||
int ossl_cmp_mock_srv_set_statusInfo(OSSL_CMP_SRV_CTX *srv_ctx, int status,
|
int ossl_cmp_mock_srv_set_statusInfo(OSSL_CMP_SRV_CTX *srv_ctx, int status,
|
||||||
int fail_info, const char *text);
|
int fail_info, const char *text);
|
||||||
int ossl_cmp_mock_srv_set_sendError(OSSL_CMP_SRV_CTX *srv_ctx, int bodytype);
|
int ossl_cmp_mock_srv_set_sendError(OSSL_CMP_SRV_CTX *srv_ctx, int bodytype);
|
||||||
|
int ossl_cmp_mock_srv_set_useBadProtection(OSSL_CMP_SRV_CTX *srv_ctx, int bodytype);
|
||||||
int ossl_cmp_mock_srv_set_pollCount(OSSL_CMP_SRV_CTX *srv_ctx, int count);
|
int ossl_cmp_mock_srv_set_pollCount(OSSL_CMP_SRV_CTX *srv_ctx, int count);
|
||||||
int ossl_cmp_mock_srv_set_checkAfterTime(OSSL_CMP_SRV_CTX *srv_ctx, int sec);
|
int ossl_cmp_mock_srv_set_checkAfterTime(OSSL_CMP_SRV_CTX *srv_ctx, int sec);
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -47,6 +47,7 @@ int app_provider_load(OSSL_LIB_CTX *libctx, const char *provider_name)
|
|||||||
app_providers = sk_OSSL_PROVIDER_new_null();
|
app_providers = sk_OSSL_PROVIDER_new_null();
|
||||||
if (app_providers == NULL
|
if (app_providers == NULL
|
||||||
|| !sk_OSSL_PROVIDER_push(app_providers, prov)) {
|
|| !sk_OSSL_PROVIDER_push(app_providers, prov)) {
|
||||||
|
OSSL_PROVIDER_unload(prov);
|
||||||
app_providers_cleanup();
|
app_providers_cleanup();
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
+10
-5
@@ -191,8 +191,13 @@ int app_passwd(const char *arg1, const char *arg2, char **pass1, char **pass2)
|
|||||||
}
|
}
|
||||||
if (arg2 != NULL) {
|
if (arg2 != NULL) {
|
||||||
*pass2 = app_get_pass(arg2, same ? 2 : 0);
|
*pass2 = app_get_pass(arg2, same ? 2 : 0);
|
||||||
if (*pass2 == NULL)
|
if (*pass2 == NULL) {
|
||||||
|
if (pass1 != NULL) {
|
||||||
|
clear_free(*pass1);
|
||||||
|
*pass1 = NULL;
|
||||||
|
}
|
||||||
return 0;
|
return 0;
|
||||||
|
}
|
||||||
} else if (pass2 != NULL) {
|
} else if (pass2 != NULL) {
|
||||||
*pass2 = NULL;
|
*pass2 = NULL;
|
||||||
}
|
}
|
||||||
@@ -263,15 +268,15 @@ static char *app_get_pass(const char *arg, int keepbio)
|
|||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
/* argument syntax error; do not reveal too much about arg */
|
/* argument syntax error; do not reveal too much about arg */
|
||||||
tmp = strchr(arg, ':');
|
const char *arg_ptr = strchr(arg, ':');
|
||||||
if (tmp == NULL || tmp - arg > PASS_SOURCE_SIZE_MAX)
|
if (arg_ptr == NULL || arg_ptr - arg > PASS_SOURCE_SIZE_MAX)
|
||||||
BIO_printf(bio_err,
|
BIO_printf(bio_err,
|
||||||
"Invalid password argument, missing ':' within the first %d chars\n",
|
"Invalid password argument, missing ':' within the first %d chars\n",
|
||||||
PASS_SOURCE_SIZE_MAX + 1);
|
PASS_SOURCE_SIZE_MAX + 1);
|
||||||
else
|
else
|
||||||
BIO_printf(bio_err,
|
BIO_printf(bio_err,
|
||||||
"Invalid password argument, starting with \"%.*s\"\n",
|
"Invalid password argument, starting with \"%.*s\"\n",
|
||||||
(int)(tmp - arg + 1), arg);
|
(int)(arg_ptr - arg + 1), arg);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -2494,7 +2499,7 @@ static STACK_OF(X509_CRL) *crls_http_cb(const X509_STORE_CTX *ctx,
|
|||||||
|
|
||||||
error:
|
error:
|
||||||
X509_CRL_free(crl);
|
X509_CRL_free(crl);
|
||||||
sk_X509_CRL_free(crls);
|
sk_X509_CRL_pop_free(crls, X509_CRL_free);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+37
-1
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2018-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright Siemens AG 2018-2020
|
* Copyright Siemens AG 2018-2020
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
@@ -10,6 +10,7 @@
|
|||||||
|
|
||||||
#include "apps.h"
|
#include "apps.h"
|
||||||
#include "cmp_mock_srv.h"
|
#include "cmp_mock_srv.h"
|
||||||
|
#include "../../crypto/cmp/cmp_local.h" /* for access to msg->protection */
|
||||||
|
|
||||||
#include <openssl/cmp.h>
|
#include <openssl/cmp.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
@@ -28,6 +29,7 @@ typedef struct {
|
|||||||
X509 *oldWithNew; /* to return in oldWithNew of rootKeyUpdate */
|
X509 *oldWithNew; /* to return in oldWithNew of rootKeyUpdate */
|
||||||
OSSL_CMP_PKISI *statusOut; /* status for ip/cp/kup/rp msg unless polling */
|
OSSL_CMP_PKISI *statusOut; /* status for ip/cp/kup/rp msg unless polling */
|
||||||
int sendError; /* send error response on given request type */
|
int sendError; /* send error response on given request type */
|
||||||
|
int useBadProtection; /* use bad protection on given response type */
|
||||||
OSSL_CMP_MSG *req; /* original request message during polling */
|
OSSL_CMP_MSG *req; /* original request message during polling */
|
||||||
int pollCount; /* number of polls before actual cert response */
|
int pollCount; /* number of polls before actual cert response */
|
||||||
int curr_pollCount; /* number of polls so far for current request */
|
int curr_pollCount; /* number of polls so far for current request */
|
||||||
@@ -59,6 +61,7 @@ static mock_srv_ctx *mock_srv_ctx_new(void)
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
ctx->sendError = -1;
|
ctx->sendError = -1;
|
||||||
|
ctx->useBadProtection = -1;
|
||||||
|
|
||||||
/* all other elements are initialized to 0 or NULL, respectively */
|
/* all other elements are initialized to 0 or NULL, respectively */
|
||||||
return ctx;
|
return ctx;
|
||||||
@@ -187,6 +190,19 @@ int ossl_cmp_mock_srv_set_sendError(OSSL_CMP_SRV_CTX *srv_ctx, int bodytype)
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int ossl_cmp_mock_srv_set_useBadProtection(OSSL_CMP_SRV_CTX *srv_ctx, int bodytype)
|
||||||
|
{
|
||||||
|
mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
|
||||||
|
|
||||||
|
if (ctx == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
/* might check bodytype, but this would require exporting all body types */
|
||||||
|
ctx->useBadProtection = bodytype;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
int ossl_cmp_mock_srv_set_pollCount(OSSL_CMP_SRV_CTX *srv_ctx, int count)
|
int ossl_cmp_mock_srv_set_pollCount(OSSL_CMP_SRV_CTX *srv_ctx, int count)
|
||||||
{
|
{
|
||||||
mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
|
mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
|
||||||
@@ -591,6 +607,7 @@ static int process_genm(OSSL_CMP_SRV_CTX *srv_ctx,
|
|||||||
if (rsp != NULL && sk_OSSL_CMP_ITAV_push(*out, rsp))
|
if (rsp != NULL && sk_OSSL_CMP_ITAV_push(*out, rsp))
|
||||||
return 1;
|
return 1;
|
||||||
sk_OSSL_CMP_ITAV_free(*out);
|
sk_OSSL_CMP_ITAV_free(*out);
|
||||||
|
OSSL_CMP_ITAV_free(rsp);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -712,6 +729,25 @@ static int process_pollReq(OSSL_CMP_SRV_CTX *srv_ctx,
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OSSL_CMP_MSG *ossl_cmp_mock_server_perform(OSSL_CMP_CTX *ctx,
|
||||||
|
const OSSL_CMP_MSG *req)
|
||||||
|
{
|
||||||
|
OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_CTX_get_transfer_cb_arg(ctx);
|
||||||
|
OSSL_CMP_MSG *rsp = OSSL_CMP_CTX_server_perform(ctx, req);
|
||||||
|
|
||||||
|
if (srv_ctx != NULL && rsp != NULL) {
|
||||||
|
mock_srv_ctx *mock_ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
|
||||||
|
|
||||||
|
if (mock_ctx != NULL && OSSL_CMP_MSG_get_bodytype(rsp) == mock_ctx->useBadProtection) {
|
||||||
|
ASN1_BIT_STRING *prot = rsp->protection;
|
||||||
|
|
||||||
|
if (prot != NULL && prot->length != 0 && prot->data != NULL)
|
||||||
|
prot->data[0] ^= 0x80; /* flip most significant bit of the first byte */
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return rsp;
|
||||||
|
}
|
||||||
|
|
||||||
OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OSSL_LIB_CTX *libctx, const char *propq)
|
OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OSSL_LIB_CTX *libctx, const char *propq)
|
||||||
{
|
{
|
||||||
OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new(libctx, propq);
|
OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new(libctx, propq);
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -10,7 +10,6 @@
|
|||||||
#include <windows.h>
|
#include <windows.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <malloc.h>
|
|
||||||
|
|
||||||
#if defined(CP_UTF8)
|
#if defined(CP_UTF8)
|
||||||
|
|
||||||
|
|||||||
+1
-1
@@ -876,7 +876,7 @@ int ocsp_main(int argc, char **argv)
|
|||||||
|
|
||||||
i = OCSP_basic_verify(bs, verify_other, store, verify_flags);
|
i = OCSP_basic_verify(bs, verify_other, store, verify_flags);
|
||||||
if (i <= 0 && issuers) {
|
if (i <= 0 && issuers) {
|
||||||
i = OCSP_basic_verify(bs, issuers, store, OCSP_TRUSTOTHER);
|
i = OCSP_basic_verify(bs, issuers, store, verify_flags);
|
||||||
if (i > 0)
|
if (i > 0)
|
||||||
ERR_clear_error();
|
ERR_clear_error();
|
||||||
}
|
}
|
||||||
|
|||||||
+5
-1
@@ -3892,7 +3892,11 @@ static void user_data_init(struct user_data_st *user_data, SSL *con, char *buf,
|
|||||||
|
|
||||||
static int user_data_add(struct user_data_st *user_data, size_t i)
|
static int user_data_add(struct user_data_st *user_data, size_t i)
|
||||||
{
|
{
|
||||||
if (user_data->buflen != 0 || i > user_data->bufmax)
|
/*
|
||||||
|
* We must allow one byte for a NUL terminator so i must be less than
|
||||||
|
* bufmax
|
||||||
|
*/
|
||||||
|
if (user_data->buflen != 0 || i >= user_data->bufmax)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
user_data->buflen = i;
|
user_data->buflen = i;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2006-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -348,7 +348,7 @@ int ts_main(int argc, char **argv)
|
|||||||
if ((in != NULL) && (queryfile != NULL))
|
if ((in != NULL) && (queryfile != NULL))
|
||||||
goto opthelp;
|
goto opthelp;
|
||||||
if (in == NULL) {
|
if (in == NULL) {
|
||||||
if ((conf == NULL) || (token_in != 0))
|
if (conf == NULL || token_in != 0 || queryfile == NULL)
|
||||||
goto opthelp;
|
goto opthelp;
|
||||||
}
|
}
|
||||||
ret = !reply_command(conf, section, engine, queryfile,
|
ret = !reply_command(conf, section, engine, queryfile,
|
||||||
|
|||||||
+9
-7
@@ -108,12 +108,10 @@ IF[{- $config{target} =~ /^(?:Cygwin|mingw|VC-|BC-)/ -}]
|
|||||||
SHARED_SOURCE[libssl]=libssl.rc
|
SHARED_SOURCE[libssl]=libssl.rc
|
||||||
ENDIF
|
ENDIF
|
||||||
|
|
||||||
# This file sets the build directory up for CMake inclusion
|
# These files set the build directory up for CMake inclusion.
|
||||||
# Note: This generation of OpenSSLConfig[Version].cmake is used
|
# To achieve this, their variables are taken from builddata.pm.
|
||||||
# for building openssl locally, and so the build variables are
|
# These files are not installed; you will find the installable
|
||||||
# taken from builddata.pm rather than installdata.pm. For exportable
|
# versions in the 'exporters' directory.
|
||||||
# versions of these generated files, you'll find them in the exporters
|
|
||||||
# directory
|
|
||||||
GENERATE[OpenSSLConfig.cmake]=exporters/cmake/OpenSSLConfig.cmake.in
|
GENERATE[OpenSSLConfig.cmake]=exporters/cmake/OpenSSLConfig.cmake.in
|
||||||
DEPEND[OpenSSLConfig.cmake]=builddata.pm
|
DEPEND[OpenSSLConfig.cmake]=builddata.pm
|
||||||
GENERATE[OpenSSLConfigVersion.cmake]=exporters/cmake/OpenSSLConfigVersion.cmake.in
|
GENERATE[OpenSSLConfigVersion.cmake]=exporters/cmake/OpenSSLConfigVersion.cmake.in
|
||||||
@@ -121,7 +119,10 @@ DEPEND[OpenSSLConfigVersion.cmake]=builddata.pm
|
|||||||
DEPEND[OpenSSLConfigVersion.cmake]=OpenSSLConfig.cmake
|
DEPEND[OpenSSLConfigVersion.cmake]=OpenSSLConfig.cmake
|
||||||
DEPEND[""]=OpenSSLConfigVersion.cmake
|
DEPEND[""]=OpenSSLConfigVersion.cmake
|
||||||
|
|
||||||
# This file sets the build directory up for pkg-config
|
# These files set the build directory up for pkg-config use.
|
||||||
|
# To achieve this, their variables are taken from builddata.pm.
|
||||||
|
# These files are not installed; you will find the installable
|
||||||
|
# versions in the 'exporters' directory.
|
||||||
GENERATE[libcrypto.pc]=exporters/pkg-config/libcrypto.pc.in
|
GENERATE[libcrypto.pc]=exporters/pkg-config/libcrypto.pc.in
|
||||||
DEPEND[libcrypto.pc]=builddata.pm
|
DEPEND[libcrypto.pc]=builddata.pm
|
||||||
GENERATE[libssl.pc]=exporters/pkg-config/libssl.pc.in
|
GENERATE[libssl.pc]=exporters/pkg-config/libssl.pc.in
|
||||||
@@ -131,6 +132,7 @@ DEPEND[openssl.pc]=builddata.pm
|
|||||||
DEPEND[openssl.pc]=libcrypto.pc libssl.pc
|
DEPEND[openssl.pc]=libcrypto.pc libssl.pc
|
||||||
|
|
||||||
GENERATE[builddata.pm]=util/mkinstallvars.pl \
|
GENERATE[builddata.pm]=util/mkinstallvars.pl \
|
||||||
|
COMMENT="This file should be used when building against this OpenSSL build, and should never be installed" \
|
||||||
PREFIX=. BINDIR=apps APPLINKDIR=ms \
|
PREFIX=. BINDIR=apps APPLINKDIR=ms \
|
||||||
LIBDIR= INCLUDEDIR=include "INCLUDEDIR=$(SRCDIR)/include" \
|
LIBDIR= INCLUDEDIR=include "INCLUDEDIR=$(SRCDIR)/include" \
|
||||||
ENGINESDIR=engines MODULESDIR=providers \
|
ENGINESDIR=engines MODULESDIR=providers \
|
||||||
|
|||||||
@@ -2,7 +2,7 @@
|
|||||||
# This file is dual-licensed, meaning that you can use it under your
|
# This file is dual-licensed, meaning that you can use it under your
|
||||||
# choice of either of the following two licenses:
|
# choice of either of the following two licenses:
|
||||||
#
|
#
|
||||||
# Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License 2.0 (the "License"). You can obtain
|
# Licensed under the Apache License 2.0 (the "License"). You can obtain
|
||||||
# a copy in the file LICENSE in the source distribution or at
|
# a copy in the file LICENSE in the source distribution or at
|
||||||
@@ -704,11 +704,6 @@ sub AES_set_common {
|
|||||||
my ($ke128, $ke192, $ke256) = @_;
|
my ($ke128, $ke192, $ke256) = @_;
|
||||||
my $ret = '';
|
my $ret = '';
|
||||||
$ret .= <<___;
|
$ret .= <<___;
|
||||||
bnez $UKEY,1f # if (!userKey || !key) return -1;
|
|
||||||
bnez $KEYP,1f
|
|
||||||
li a0,-1
|
|
||||||
ret
|
|
||||||
1:
|
|
||||||
# Determine number of rounds from key size in bits
|
# Determine number of rounds from key size in bits
|
||||||
li $T0,128
|
li $T0,128
|
||||||
bne $BITS,$T0,1f
|
bne $BITS,$T0,1f
|
||||||
|
|||||||
@@ -2,7 +2,7 @@
|
|||||||
# This file is dual-licensed, meaning that you can use it under your
|
# This file is dual-licensed, meaning that you can use it under your
|
||||||
# choice of either of the following two licenses:
|
# choice of either of the following two licenses:
|
||||||
#
|
#
|
||||||
# Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License 2.0 (the "License"). You can obtain
|
# Licensed under the Apache License 2.0 (the "License"). You can obtain
|
||||||
# a copy in the file LICENSE in the source distribution or at
|
# a copy in the file LICENSE in the source distribution or at
|
||||||
@@ -392,11 +392,6 @@ sub AES_set_common {
|
|||||||
my ($ke128, $ke192, $ke256) = @_;
|
my ($ke128, $ke192, $ke256) = @_;
|
||||||
my $ret = '';
|
my $ret = '';
|
||||||
$ret .= <<___;
|
$ret .= <<___;
|
||||||
bnez $UKEY,1f # if (!userKey || !key) return -1;
|
|
||||||
bnez $KEYP,1f
|
|
||||||
li a0,-1
|
|
||||||
ret
|
|
||||||
1:
|
|
||||||
# Determine number of rounds from key size in bits
|
# Determine number of rounds from key size in bits
|
||||||
li $T0,128
|
li $T0,128
|
||||||
bne $BITS,$T0,1f
|
bne $BITS,$T0,1f
|
||||||
|
|||||||
@@ -2,7 +2,7 @@
|
|||||||
# This file is dual-licensed, meaning that you can use it under your
|
# This file is dual-licensed, meaning that you can use it under your
|
||||||
# choice of either of the following two licenses:
|
# choice of either of the following two licenses:
|
||||||
#
|
#
|
||||||
# Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2023-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License 2.0 (the "License"). You can obtain
|
# Licensed under the Apache License 2.0 (the "License"). You can obtain
|
||||||
# a copy in the file LICENSE in the source distribution or at
|
# a copy in the file LICENSE in the source distribution or at
|
||||||
@@ -828,9 +828,6 @@ $code .= <<___;
|
|||||||
.globl rv64i_zvkned_set_encrypt_key
|
.globl rv64i_zvkned_set_encrypt_key
|
||||||
.type rv64i_zvkned_set_encrypt_key,\@function
|
.type rv64i_zvkned_set_encrypt_key,\@function
|
||||||
rv64i_zvkned_set_encrypt_key:
|
rv64i_zvkned_set_encrypt_key:
|
||||||
beqz $UKEY, L_fail_m1
|
|
||||||
beqz $KEYP, L_fail_m1
|
|
||||||
|
|
||||||
# Get proper routine for key size
|
# Get proper routine for key size
|
||||||
li $T0, 256
|
li $T0, 256
|
||||||
beq $BITS, $T0, L_set_key_256
|
beq $BITS, $T0, L_set_key_256
|
||||||
@@ -847,9 +844,6 @@ $code .= <<___;
|
|||||||
.globl rv64i_zvkned_set_decrypt_key
|
.globl rv64i_zvkned_set_decrypt_key
|
||||||
.type rv64i_zvkned_set_decrypt_key,\@function
|
.type rv64i_zvkned_set_decrypt_key,\@function
|
||||||
rv64i_zvkned_set_decrypt_key:
|
rv64i_zvkned_set_decrypt_key:
|
||||||
beqz $UKEY, L_fail_m1
|
|
||||||
beqz $KEYP, L_fail_m1
|
|
||||||
|
|
||||||
# Get proper routine for key size
|
# Get proper routine for key size
|
||||||
li $T0, 256
|
li $T0, 256
|
||||||
beq $BITS, $T0, L_set_key_256
|
beq $BITS, $T0, L_set_key_256
|
||||||
@@ -1356,11 +1350,6 @@ ___
|
|||||||
}
|
}
|
||||||
|
|
||||||
$code .= <<___;
|
$code .= <<___;
|
||||||
L_fail_m1:
|
|
||||||
li a0, -1
|
|
||||||
ret
|
|
||||||
.size L_fail_m1,.-L_fail_m1
|
|
||||||
|
|
||||||
L_fail_m2:
|
L_fail_m2:
|
||||||
li a0, -2
|
li a0, -2
|
||||||
ret
|
ret
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
#! /usr/bin/env perl
|
#! /usr/bin/env perl
|
||||||
# Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -773,11 +773,13 @@ AES_set_encrypt_key:
|
|||||||
___
|
___
|
||||||
$code .= save_regs();
|
$code .= save_regs();
|
||||||
$code .= <<___;
|
$code .= <<___;
|
||||||
bnez $UKEY,1f # if (!userKey || !key) return -1;
|
beqz $UKEY,1f # if (!userKey || !key) return -1;
|
||||||
bnez $KEYP,1f
|
beqz $KEYP,1f
|
||||||
|
j 2f
|
||||||
|
1:
|
||||||
li a0,-1
|
li a0,-1
|
||||||
ret
|
ret
|
||||||
1:
|
2:
|
||||||
la $RCON,AES_rcon
|
la $RCON,AES_rcon
|
||||||
la $TBL,AES_Te0
|
la $TBL,AES_Te0
|
||||||
li $T8,128
|
li $T8,128
|
||||||
|
|||||||
@@ -95,7 +95,7 @@ ASN1_SEQUENCE(asn1_int_oct) = {
|
|||||||
ASN1_SIMPLE(asn1_int_oct, oct, ASN1_OCTET_STRING)
|
ASN1_SIMPLE(asn1_int_oct, oct, ASN1_OCTET_STRING)
|
||||||
} static_ASN1_SEQUENCE_END(asn1_int_oct)
|
} static_ASN1_SEQUENCE_END(asn1_int_oct)
|
||||||
|
|
||||||
DECLARE_ASN1_ITEM(asn1_int_oct)
|
DECLARE_ASN1_ITEM(asn1_int_oct)
|
||||||
|
|
||||||
int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
|
int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
|
||||||
int len)
|
int len)
|
||||||
@@ -158,7 +158,7 @@ ASN1_SEQUENCE(asn1_oct_int) = {
|
|||||||
ASN1_EMBED(asn1_oct_int, num, INT32)
|
ASN1_EMBED(asn1_oct_int, num, INT32)
|
||||||
} static_ASN1_SEQUENCE_END(asn1_oct_int)
|
} static_ASN1_SEQUENCE_END(asn1_oct_int)
|
||||||
|
|
||||||
DECLARE_ASN1_ITEM(asn1_oct_int)
|
DECLARE_ASN1_ITEM(asn1_oct_int)
|
||||||
|
|
||||||
int ossl_asn1_type_set_octetstring_int(ASN1_TYPE *a, long num,
|
int ossl_asn1_type_set_octetstring_int(ASN1_TYPE *a, long num,
|
||||||
unsigned char *data, int len)
|
unsigned char *data, int len)
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -52,6 +52,6 @@ ASN1_SEQUENCE(NETSCAPE_PKEY) = {
|
|||||||
ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING)
|
ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING)
|
||||||
} static_ASN1_SEQUENCE_END(NETSCAPE_PKEY)
|
} static_ASN1_SEQUENCE_END(NETSCAPE_PKEY)
|
||||||
|
|
||||||
DECLARE_ASN1_FUNCTIONS(NETSCAPE_PKEY)
|
DECLARE_ASN1_FUNCTIONS(NETSCAPE_PKEY)
|
||||||
DECLARE_ASN1_ENCODE_FUNCTIONS_name(NETSCAPE_PKEY, NETSCAPE_PKEY)
|
DECLARE_ASN1_ENCODE_FUNCTIONS_name(NETSCAPE_PKEY, NETSCAPE_PKEY)
|
||||||
IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_PKEY)
|
IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_PKEY)
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2015-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -44,7 +44,7 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,
|
|||||||
uint64_t p)
|
uint64_t p)
|
||||||
{
|
{
|
||||||
X509_ALGOR *scheme = NULL, *ret = NULL;
|
X509_ALGOR *scheme = NULL, *ret = NULL;
|
||||||
int alg_nid;
|
int alg_nid, ivlen;
|
||||||
size_t keylen = 0;
|
size_t keylen = 0;
|
||||||
EVP_CIPHER_CTX *ctx = NULL;
|
EVP_CIPHER_CTX *ctx = NULL;
|
||||||
unsigned char iv[EVP_MAX_IV_LENGTH];
|
unsigned char iv[EVP_MAX_IV_LENGTH];
|
||||||
@@ -83,10 +83,11 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Create random IV */
|
/* Create random IV */
|
||||||
if (EVP_CIPHER_get_iv_length(cipher)) {
|
ivlen = EVP_CIPHER_get_iv_length(cipher);
|
||||||
|
if (ivlen > 0) {
|
||||||
if (aiv)
|
if (aiv)
|
||||||
memcpy(iv, aiv, EVP_CIPHER_get_iv_length(cipher));
|
memcpy(iv, aiv, ivlen);
|
||||||
else if (RAND_bytes(iv, EVP_CIPHER_get_iv_length(cipher)) <= 0)
|
else if (RAND_bytes(iv, ivlen) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -27,7 +27,7 @@ void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|||||||
unsigned char *ivec, int *num, int encrypt)
|
unsigned char *ivec, int *num, int encrypt)
|
||||||
{
|
{
|
||||||
register BF_LONG v0, v1, t;
|
register BF_LONG v0, v1, t;
|
||||||
register int n = *num;
|
register int n = *num & 0x07;
|
||||||
register long l = length;
|
register long l = length;
|
||||||
BF_LONG ti[2];
|
BF_LONG ti[2];
|
||||||
unsigned char *iv, c, cc;
|
unsigned char *iv, c, cc;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -26,7 +26,7 @@ void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|||||||
unsigned char *ivec, int *num)
|
unsigned char *ivec, int *num)
|
||||||
{
|
{
|
||||||
register BF_LONG v0, v1, t;
|
register BF_LONG v0, v1, t;
|
||||||
register int n = *num;
|
register int n = *num & 0x07;
|
||||||
register long l = length;
|
register long l = length;
|
||||||
unsigned char d[8];
|
unsigned char d[8];
|
||||||
register char *dp;
|
register char *dp;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2005-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2005-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -961,7 +961,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||||||
ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
|
ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
|
||||||
"calling setsockopt()");
|
"calling setsockopt()");
|
||||||
|
|
||||||
#elif defined(OPENSSL_SYS_LINUX) && defined(IPV6_MTU_DISCOVER)
|
#elif defined(OPENSSL_SYS_LINUX) && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_PROBE)
|
||||||
sockopt_val = num ? IPV6_PMTUDISC_PROBE : IPV6_PMTUDISC_DONT;
|
sockopt_val = num ? IPV6_PMTUDISC_PROBE : IPV6_PMTUDISC_DONT;
|
||||||
if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
|
if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
|
||||||
&sockopt_val, sizeof(sockopt_val)))
|
&sockopt_val, sizeof(sockopt_val)))
|
||||||
|
|||||||
+13
-2
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -202,8 +202,19 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||||||
case BIO_CTRL_INFO:
|
case BIO_CTRL_INFO:
|
||||||
if (b->flags & BIO_FLAGS_UPLINK_INTERNAL)
|
if (b->flags & BIO_FLAGS_UPLINK_INTERNAL)
|
||||||
ret = UP_ftell(b->ptr);
|
ret = UP_ftell(b->ptr);
|
||||||
else
|
else {
|
||||||
|
#if defined(OPENSSL_SYS_WINDOWS)
|
||||||
|
/*
|
||||||
|
* On Windows, for non-seekable files (stdin), ftell() is undefined.
|
||||||
|
*/
|
||||||
|
if (GetFileType((HANDLE)_get_osfhandle(_fileno(fp))) != FILE_TYPE_DISK)
|
||||||
|
ret = -1;
|
||||||
|
else
|
||||||
|
ret = ftell(fp);
|
||||||
|
#else
|
||||||
ret = ftell(fp);
|
ret = ftell(fp);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case BIO_C_SET_FILE_PTR:
|
case BIO_C_SET_FILE_PTR:
|
||||||
file_free(b);
|
file_free(b);
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
#! /usr/bin/env perl
|
#! /usr/bin/env perl
|
||||||
# Copyright 2011-2023 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2011-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -37,7 +37,7 @@
|
|||||||
# Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software
|
# Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software
|
||||||
# Polynomial Multiplication on ARM Processors using the NEON Engine.
|
# Polynomial Multiplication on ARM Processors using the NEON Engine.
|
||||||
#
|
#
|
||||||
# http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf
|
# https://conradoplg.modp.net/files/2010/12/mocrysen13.pdf
|
||||||
|
|
||||||
# $output is the last argument if it looks like a file (it has an extension)
|
# $output is the last argument if it looks like a file (it has an extension)
|
||||||
# $flavour is the first argument if it doesn't look like a file
|
# $flavour is the first argument if it doesn't look like a file
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
# Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2024-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
# Copyright (c) 2024, Intel Corporation. All Rights Reserved.
|
# Copyright (c) 2024, Intel Corporation. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
@@ -362,6 +362,23 @@ ossl_rsaz_amm52x20_x1_avxifma256:
|
|||||||
.cfi_push %r14
|
.cfi_push %r14
|
||||||
push %r15
|
push %r15
|
||||||
.cfi_push %r15
|
.cfi_push %r15
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
push %rsi # save non-volatile registers
|
||||||
|
push %rdi
|
||||||
|
lea -168(%rsp), %rsp # 16*10 + (8 bytes to get correct 16-byte SIMD alignment)
|
||||||
|
vmovapd %xmm6, `16*0`(%rsp)
|
||||||
|
vmovapd %xmm7, `16*1`(%rsp)
|
||||||
|
vmovapd %xmm8, `16*2`(%rsp)
|
||||||
|
vmovapd %xmm9, `16*3`(%rsp)
|
||||||
|
vmovapd %xmm10, `16*4`(%rsp)
|
||||||
|
vmovapd %xmm11, `16*5`(%rsp)
|
||||||
|
vmovapd %xmm12, `16*6`(%rsp)
|
||||||
|
vmovapd %xmm13, `16*7`(%rsp)
|
||||||
|
vmovapd %xmm14, `16*8`(%rsp)
|
||||||
|
vmovapd %xmm15, `16*9`(%rsp)
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
.Lossl_rsaz_amm52x20_x1_avxifma256_body:
|
.Lossl_rsaz_amm52x20_x1_avxifma256_body:
|
||||||
|
|
||||||
# Zeroing accumulators
|
# Zeroing accumulators
|
||||||
@@ -401,6 +418,23 @@ $code.=<<___;
|
|||||||
vmovdqu $R2_0, `4*32`($res)
|
vmovdqu $R2_0, `4*32`($res)
|
||||||
|
|
||||||
vzeroupper
|
vzeroupper
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
vmovapd `16*0`(%rsp), %xmm6
|
||||||
|
vmovapd `16*1`(%rsp), %xmm7
|
||||||
|
vmovapd `16*2`(%rsp), %xmm8
|
||||||
|
vmovapd `16*3`(%rsp), %xmm9
|
||||||
|
vmovapd `16*4`(%rsp), %xmm10
|
||||||
|
vmovapd `16*5`(%rsp), %xmm11
|
||||||
|
vmovapd `16*6`(%rsp), %xmm12
|
||||||
|
vmovapd `16*7`(%rsp), %xmm13
|
||||||
|
vmovapd `16*8`(%rsp), %xmm14
|
||||||
|
vmovapd `16*9`(%rsp), %xmm15
|
||||||
|
lea 168(%rsp), %rsp
|
||||||
|
pop %rdi
|
||||||
|
pop %rsi
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
mov 0(%rsp),%r15
|
mov 0(%rsp),%r15
|
||||||
.cfi_restore %r15
|
.cfi_restore %r15
|
||||||
mov 8(%rsp),%r14
|
mov 8(%rsp),%r14
|
||||||
@@ -553,6 +587,23 @@ ossl_rsaz_amm52x20_x2_avxifma256:
|
|||||||
.cfi_push %r14
|
.cfi_push %r14
|
||||||
push %r15
|
push %r15
|
||||||
.cfi_push %r15
|
.cfi_push %r15
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
push %rsi # save non-volatile registers
|
||||||
|
push %rdi
|
||||||
|
lea -168(%rsp), %rsp # 16*10 + (8 bytes to get correct 16-byte SIMD alignment)
|
||||||
|
vmovapd %xmm6, `16*0`(%rsp)
|
||||||
|
vmovapd %xmm7, `16*1`(%rsp)
|
||||||
|
vmovapd %xmm8, `16*2`(%rsp)
|
||||||
|
vmovapd %xmm9, `16*3`(%rsp)
|
||||||
|
vmovapd %xmm10, `16*4`(%rsp)
|
||||||
|
vmovapd %xmm11, `16*5`(%rsp)
|
||||||
|
vmovapd %xmm12, `16*6`(%rsp)
|
||||||
|
vmovapd %xmm13, `16*7`(%rsp)
|
||||||
|
vmovapd %xmm14, `16*8`(%rsp)
|
||||||
|
vmovapd %xmm15, `16*9`(%rsp)
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
.Lossl_rsaz_amm52x20_x2_avxifma256_body:
|
.Lossl_rsaz_amm52x20_x2_avxifma256_body:
|
||||||
|
|
||||||
# Zeroing accumulators
|
# Zeroing accumulators
|
||||||
@@ -604,6 +655,23 @@ $code.=<<___;
|
|||||||
vmovdqu $R2_1, `9*32`($res)
|
vmovdqu $R2_1, `9*32`($res)
|
||||||
|
|
||||||
vzeroupper
|
vzeroupper
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
vmovapd `16*0`(%rsp), %xmm6
|
||||||
|
vmovapd `16*1`(%rsp), %xmm7
|
||||||
|
vmovapd `16*2`(%rsp), %xmm8
|
||||||
|
vmovapd `16*3`(%rsp), %xmm9
|
||||||
|
vmovapd `16*4`(%rsp), %xmm10
|
||||||
|
vmovapd `16*5`(%rsp), %xmm11
|
||||||
|
vmovapd `16*6`(%rsp), %xmm12
|
||||||
|
vmovapd `16*7`(%rsp), %xmm13
|
||||||
|
vmovapd `16*8`(%rsp), %xmm14
|
||||||
|
vmovapd `16*9`(%rsp), %xmm15
|
||||||
|
lea 168(%rsp), %rsp
|
||||||
|
pop %rdi
|
||||||
|
pop %rsi
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
mov 0(%rsp),%r15
|
mov 0(%rsp),%r15
|
||||||
.cfi_restore %r15
|
.cfi_restore %r15
|
||||||
mov 8(%rsp),%r14
|
mov 8(%rsp),%r14
|
||||||
@@ -663,6 +731,23 @@ $code.=<<___;
|
|||||||
ossl_extract_multiplier_2x20_win5_avx:
|
ossl_extract_multiplier_2x20_win5_avx:
|
||||||
.cfi_startproc
|
.cfi_startproc
|
||||||
endbranch
|
endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
push %rsi # save non-volatile registers
|
||||||
|
push %rdi
|
||||||
|
lea -168(%rsp), %rsp # 16*10 + (8 bytes to get correct 16-byte SIMD alignment)
|
||||||
|
vmovapd %xmm6, `16*0`(%rsp)
|
||||||
|
vmovapd %xmm7, `16*1`(%rsp)
|
||||||
|
vmovapd %xmm8, `16*2`(%rsp)
|
||||||
|
vmovapd %xmm9, `16*3`(%rsp)
|
||||||
|
vmovapd %xmm10, `16*4`(%rsp)
|
||||||
|
vmovapd %xmm11, `16*5`(%rsp)
|
||||||
|
vmovapd %xmm12, `16*6`(%rsp)
|
||||||
|
vmovapd %xmm13, `16*7`(%rsp)
|
||||||
|
vmovapd %xmm14, `16*8`(%rsp)
|
||||||
|
vmovapd %xmm15, `16*9`(%rsp)
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
vmovapd .Lones(%rip), $ones # broadcast ones
|
vmovapd .Lones(%rip), $ones # broadcast ones
|
||||||
vmovq $red_tbl_idx1, $tmp_xmm
|
vmovq $red_tbl_idx1, $tmp_xmm
|
||||||
vpbroadcastq $tmp_xmm, $idx1
|
vpbroadcastq $tmp_xmm, $idx1
|
||||||
@@ -708,6 +793,24 @@ ___
|
|||||||
foreach (0..9) {
|
foreach (0..9) {
|
||||||
$code.="vmovdqu $t[$_], `${_}*32`($out) \n";
|
$code.="vmovdqu $t[$_], `${_}*32`($out) \n";
|
||||||
}
|
}
|
||||||
|
$code.=<<___;
|
||||||
|
vzeroupper
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
vmovapd `16*0`(%rsp), %xmm6
|
||||||
|
vmovapd `16*1`(%rsp), %xmm7
|
||||||
|
vmovapd `16*2`(%rsp), %xmm8
|
||||||
|
vmovapd `16*3`(%rsp), %xmm9
|
||||||
|
vmovapd `16*4`(%rsp), %xmm10
|
||||||
|
vmovapd `16*5`(%rsp), %xmm11
|
||||||
|
vmovapd `16*6`(%rsp), %xmm12
|
||||||
|
vmovapd `16*7`(%rsp), %xmm13
|
||||||
|
vmovapd `16*8`(%rsp), %xmm14
|
||||||
|
vmovapd `16*9`(%rsp), %xmm15
|
||||||
|
lea 168(%rsp), %rsp
|
||||||
|
pop %rdi
|
||||||
|
pop %rsi
|
||||||
|
___
|
||||||
$code.=<<___;
|
$code.=<<___;
|
||||||
ret
|
ret
|
||||||
.cfi_endproc
|
.cfi_endproc
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
# Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2024-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
# Copyright (c) 2024, Intel Corporation. All Rights Reserved.
|
# Copyright (c) 2024, Intel Corporation. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
@@ -87,8 +87,6 @@ my ($res,$a,$b,$m,$k0) = @_6_args_universal_ABI;
|
|||||||
my $mask52 = "%rax";
|
my $mask52 = "%rax";
|
||||||
my $acc0_0 = "%r9";
|
my $acc0_0 = "%r9";
|
||||||
my $acc0_0_low = "%r9d";
|
my $acc0_0_low = "%r9d";
|
||||||
my $acc0_1 = "%r15";
|
|
||||||
my $acc0_1_low = "%r15d";
|
|
||||||
my $b_ptr = "%r11";
|
my $b_ptr = "%r11";
|
||||||
|
|
||||||
my $iter = "%ebx";
|
my $iter = "%ebx";
|
||||||
@@ -741,7 +739,7 @@ $code.=<<___;
|
|||||||
vmovdqu $R3_0, `6*32`($res)
|
vmovdqu $R3_0, `6*32`($res)
|
||||||
vmovdqu $R3_0h, `7*32`($res)
|
vmovdqu $R3_0h, `7*32`($res)
|
||||||
|
|
||||||
xorl $acc0_1_low, $acc0_1_low
|
xorl $acc0_0_low, $acc0_0_low
|
||||||
|
|
||||||
lea 16($b_ptr), $b_ptr
|
lea 16($b_ptr), $b_ptr
|
||||||
movq \$0xfffffffffffff, $mask52 # 52-bit mask
|
movq \$0xfffffffffffff, $mask52 # 52-bit mask
|
||||||
@@ -857,6 +855,23 @@ $code.=<<___;
|
|||||||
ossl_extract_multiplier_2x30_win5_avx:
|
ossl_extract_multiplier_2x30_win5_avx:
|
||||||
.cfi_startproc
|
.cfi_startproc
|
||||||
endbranch
|
endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
push %rsi # save non-volatile registers
|
||||||
|
push %rdi
|
||||||
|
lea -168(%rsp), %rsp # 16*10 + (8 bytes to get correct 16-byte SIMD alignment)
|
||||||
|
vmovapd %xmm6, `16*0`(%rsp)
|
||||||
|
vmovapd %xmm7, `16*1`(%rsp)
|
||||||
|
vmovapd %xmm8, `16*2`(%rsp)
|
||||||
|
vmovapd %xmm9, `16*3`(%rsp)
|
||||||
|
vmovapd %xmm10, `16*4`(%rsp)
|
||||||
|
vmovapd %xmm11, `16*5`(%rsp)
|
||||||
|
vmovapd %xmm12, `16*6`(%rsp)
|
||||||
|
vmovapd %xmm13, `16*7`(%rsp)
|
||||||
|
vmovapd %xmm14, `16*8`(%rsp)
|
||||||
|
vmovapd %xmm15, `16*9`(%rsp)
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
vmovapd .Lones(%rip), $ones # broadcast ones
|
vmovapd .Lones(%rip), $ones # broadcast ones
|
||||||
vmovq $red_tbl_idx1, $tmp_xmm
|
vmovq $red_tbl_idx1, $tmp_xmm
|
||||||
vpbroadcastq $tmp_xmm, $idx1
|
vpbroadcastq $tmp_xmm, $idx1
|
||||||
@@ -930,6 +945,24 @@ foreach (8..15) {
|
|||||||
$code.="vmovdqu $t[$_], `${_}*32`($out) \n";
|
$code.="vmovdqu $t[$_], `${_}*32`($out) \n";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$code.=<<___;
|
||||||
|
vzeroupper
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
vmovapd `16*0`(%rsp), %xmm6
|
||||||
|
vmovapd `16*1`(%rsp), %xmm7
|
||||||
|
vmovapd `16*2`(%rsp), %xmm8
|
||||||
|
vmovapd `16*3`(%rsp), %xmm9
|
||||||
|
vmovapd `16*4`(%rsp), %xmm10
|
||||||
|
vmovapd `16*5`(%rsp), %xmm11
|
||||||
|
vmovapd `16*6`(%rsp), %xmm12
|
||||||
|
vmovapd `16*7`(%rsp), %xmm13
|
||||||
|
vmovapd `16*8`(%rsp), %xmm14
|
||||||
|
vmovapd `16*9`(%rsp), %xmm15
|
||||||
|
lea 168(%rsp), %rsp
|
||||||
|
pop %rdi
|
||||||
|
pop %rsi
|
||||||
|
___
|
||||||
|
|
||||||
$code.=<<___;
|
$code.=<<___;
|
||||||
|
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
# Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2024-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
# Copyright (c) 2024, Intel Corporation. All Rights Reserved.
|
# Copyright (c) 2024, Intel Corporation. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
@@ -84,8 +84,6 @@ my ($res,$a,$b,$m,$k0) = @_6_args_universal_ABI;
|
|||||||
my $mask52 = "%rax";
|
my $mask52 = "%rax";
|
||||||
my $acc0_0 = "%r9";
|
my $acc0_0 = "%r9";
|
||||||
my $acc0_0_low = "%r9d";
|
my $acc0_0_low = "%r9d";
|
||||||
my $acc0_1 = "%r15";
|
|
||||||
my $acc0_1_low = "%r15d";
|
|
||||||
my $b_ptr = "%r11";
|
my $b_ptr = "%r11";
|
||||||
|
|
||||||
my $iter = "%ebx";
|
my $iter = "%ebx";
|
||||||
@@ -834,7 +832,7 @@ $code.=<<___;
|
|||||||
vmovdqu $R4_0, `8*32`($res)
|
vmovdqu $R4_0, `8*32`($res)
|
||||||
vmovdqu $R4_0h, `9*32`($res)
|
vmovdqu $R4_0h, `9*32`($res)
|
||||||
|
|
||||||
xorl $acc0_1_low, $acc0_1_low
|
xorl $acc0_0_low, $acc0_0_low
|
||||||
|
|
||||||
movq \$0xfffffffffffff, $mask52
|
movq \$0xfffffffffffff, $mask52
|
||||||
|
|
||||||
@@ -975,6 +973,23 @@ $code.=<<___;
|
|||||||
ossl_extract_multiplier_2x40_win5_avx:
|
ossl_extract_multiplier_2x40_win5_avx:
|
||||||
.cfi_startproc
|
.cfi_startproc
|
||||||
endbranch
|
endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
push %rsi # save non-volatile registers
|
||||||
|
push %rdi
|
||||||
|
lea -168(%rsp), %rsp # 16*10 + (8 bytes to get correct 16-byte SIMD alignment)
|
||||||
|
vmovapd %xmm6, `16*0`(%rsp)
|
||||||
|
vmovapd %xmm7, `16*1`(%rsp)
|
||||||
|
vmovapd %xmm8, `16*2`(%rsp)
|
||||||
|
vmovapd %xmm9, `16*3`(%rsp)
|
||||||
|
vmovapd %xmm10, `16*4`(%rsp)
|
||||||
|
vmovapd %xmm11, `16*5`(%rsp)
|
||||||
|
vmovapd %xmm12, `16*6`(%rsp)
|
||||||
|
vmovapd %xmm13, `16*7`(%rsp)
|
||||||
|
vmovapd %xmm14, `16*8`(%rsp)
|
||||||
|
vmovapd %xmm15, `16*9`(%rsp)
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
vmovapd .Lones(%rip), $ones # broadcast ones
|
vmovapd .Lones(%rip), $ones # broadcast ones
|
||||||
vmovq $red_tbl_idx1, $tmp_xmm
|
vmovq $red_tbl_idx1, $tmp_xmm
|
||||||
vpbroadcastq $tmp_xmm, $idx1
|
vpbroadcastq $tmp_xmm, $idx1
|
||||||
@@ -1001,6 +1016,24 @@ $code.="movq %r10, $red_tbl \n";
|
|||||||
foreach (0..9) {
|
foreach (0..9) {
|
||||||
$code.="vmovdqu $t[$_], `(10+$_)*32`($out) \n";
|
$code.="vmovdqu $t[$_], `(10+$_)*32`($out) \n";
|
||||||
}
|
}
|
||||||
|
$code.=<<___;
|
||||||
|
vzeroupper
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
vmovapd `16*0`(%rsp), %xmm6
|
||||||
|
vmovapd `16*1`(%rsp), %xmm7
|
||||||
|
vmovapd `16*2`(%rsp), %xmm8
|
||||||
|
vmovapd `16*3`(%rsp), %xmm9
|
||||||
|
vmovapd `16*4`(%rsp), %xmm10
|
||||||
|
vmovapd `16*5`(%rsp), %xmm11
|
||||||
|
vmovapd `16*6`(%rsp), %xmm12
|
||||||
|
vmovapd `16*7`(%rsp), %xmm13
|
||||||
|
vmovapd `16*8`(%rsp), %xmm14
|
||||||
|
vmovapd `16*9`(%rsp), %xmm15
|
||||||
|
lea 168(%rsp), %rsp
|
||||||
|
pop %rdi
|
||||||
|
pop %rsi
|
||||||
|
___
|
||||||
$code.=<<___;
|
$code.=<<___;
|
||||||
|
|
||||||
ret
|
ret
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
#! /usr/bin/env perl
|
#! /usr/bin/env perl
|
||||||
# Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2005-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -394,11 +394,11 @@ $code.=<<___;
|
|||||||
|
|
||||||
mulx $car1,$mul1,$car1
|
mulx $car1,$mul1,$car1
|
||||||
mulx $npj,$mul1,$acc1
|
mulx $npj,$mul1,$acc1
|
||||||
|
add $tmp1,$car0,$car0
|
||||||
add $tmp0,$car1,$car1
|
add $tmp0,$car1,$car1
|
||||||
and $car0,$mask,$acc0
|
and $car0,$mask,$acc0
|
||||||
ld [$np+8],$npj ! np[2]
|
ld [$np+8],$npj ! np[2]
|
||||||
srlx $car1,32,$car1
|
srlx $car1,32,$car1
|
||||||
add $tmp1,$car1,$car1
|
|
||||||
srlx $car0,32,$car0
|
srlx $car0,32,$car0
|
||||||
add $acc0,$car1,$car1
|
add $acc0,$car1,$car1
|
||||||
and $car0,1,$sbit
|
and $car0,1,$sbit
|
||||||
|
|||||||
+32
-32
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2014-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2014-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -14,7 +14,7 @@
|
|||||||
#include "crypto/bn_dh.h"
|
#include "crypto/bn_dh.h"
|
||||||
|
|
||||||
#if BN_BITS2 == 64
|
#if BN_BITS2 == 64
|
||||||
#define BN_DEF(lo, hi) (BN_ULONG) hi << 32 | lo
|
#define BN_DEF(lo, hi) (BN_ULONG)hi << 32 | lo
|
||||||
#else
|
#else
|
||||||
#define BN_DEF(lo, hi) lo, hi
|
#define BN_DEF(lo, hi) lo, hi
|
||||||
#endif
|
#endif
|
||||||
@@ -1387,37 +1387,37 @@ const BIGNUM ossl_bignum_const_2 = {
|
|||||||
};
|
};
|
||||||
|
|
||||||
make_dh_bn(dh1024_160_p)
|
make_dh_bn(dh1024_160_p)
|
||||||
make_dh_bn(dh1024_160_q)
|
make_dh_bn(dh1024_160_q)
|
||||||
make_dh_bn(dh1024_160_g)
|
make_dh_bn(dh1024_160_g)
|
||||||
make_dh_bn(dh2048_224_p)
|
make_dh_bn(dh2048_224_p)
|
||||||
make_dh_bn(dh2048_224_q)
|
make_dh_bn(dh2048_224_q)
|
||||||
make_dh_bn(dh2048_224_g)
|
make_dh_bn(dh2048_224_g)
|
||||||
make_dh_bn(dh2048_256_p)
|
make_dh_bn(dh2048_256_p)
|
||||||
make_dh_bn(dh2048_256_q)
|
make_dh_bn(dh2048_256_q)
|
||||||
make_dh_bn(dh2048_256_g)
|
make_dh_bn(dh2048_256_g)
|
||||||
|
|
||||||
make_dh_bn(ffdhe2048_p)
|
make_dh_bn(ffdhe2048_p)
|
||||||
make_dh_bn(ffdhe2048_q)
|
make_dh_bn(ffdhe2048_q)
|
||||||
make_dh_bn(ffdhe3072_p)
|
make_dh_bn(ffdhe3072_p)
|
||||||
make_dh_bn(ffdhe3072_q)
|
make_dh_bn(ffdhe3072_q)
|
||||||
make_dh_bn(ffdhe4096_p)
|
make_dh_bn(ffdhe4096_p)
|
||||||
make_dh_bn(ffdhe4096_q)
|
make_dh_bn(ffdhe4096_q)
|
||||||
make_dh_bn(ffdhe6144_p)
|
make_dh_bn(ffdhe6144_p)
|
||||||
make_dh_bn(ffdhe6144_q)
|
make_dh_bn(ffdhe6144_q)
|
||||||
make_dh_bn(ffdhe8192_p)
|
make_dh_bn(ffdhe8192_p)
|
||||||
make_dh_bn(ffdhe8192_q)
|
make_dh_bn(ffdhe8192_q)
|
||||||
|
|
||||||
#ifndef FIPS_MODULE
|
#ifndef FIPS_MODULE
|
||||||
make_dh_bn(modp_1536_p)
|
make_dh_bn(modp_1536_p)
|
||||||
make_dh_bn(modp_1536_q)
|
make_dh_bn(modp_1536_q)
|
||||||
#endif
|
#endif
|
||||||
make_dh_bn(modp_2048_p)
|
make_dh_bn(modp_2048_p)
|
||||||
make_dh_bn(modp_2048_q)
|
make_dh_bn(modp_2048_q)
|
||||||
make_dh_bn(modp_3072_p)
|
make_dh_bn(modp_3072_p)
|
||||||
make_dh_bn(modp_3072_q)
|
make_dh_bn(modp_3072_q)
|
||||||
make_dh_bn(modp_4096_p)
|
make_dh_bn(modp_4096_p)
|
||||||
make_dh_bn(modp_4096_q)
|
make_dh_bn(modp_4096_q)
|
||||||
make_dh_bn(modp_6144_p)
|
make_dh_bn(modp_6144_p)
|
||||||
make_dh_bn(modp_6144_q)
|
make_dh_bn(modp_6144_q)
|
||||||
make_dh_bn(modp_8192_p)
|
make_dh_bn(modp_8192_p)
|
||||||
make_dh_bn(modp_8192_q)
|
make_dh_bn(modp_8192_q)
|
||||||
|
|||||||
+17
-17
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -771,16 +771,16 @@ int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||||||
typedef int (*bn_pwr5_mont_f)(BN_ULONG *tp, const BN_ULONG *np,
|
typedef int (*bn_pwr5_mont_f)(BN_ULONG *tp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0, const void *table,
|
const BN_ULONG *n0, const void *table,
|
||||||
int power, int bits);
|
int power, int bits);
|
||||||
int bn_pwr5_mont_t4_8(BN_ULONG * tp, const BN_ULONG *np,
|
int bn_pwr5_mont_t4_8(BN_ULONG *tp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0, const void *table,
|
const BN_ULONG *n0, const void *table,
|
||||||
int power, int bits);
|
int power, int bits);
|
||||||
int bn_pwr5_mont_t4_16(BN_ULONG * tp, const BN_ULONG *np,
|
int bn_pwr5_mont_t4_16(BN_ULONG *tp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0, const void *table,
|
const BN_ULONG *n0, const void *table,
|
||||||
int power, int bits);
|
int power, int bits);
|
||||||
int bn_pwr5_mont_t4_24(BN_ULONG * tp, const BN_ULONG *np,
|
int bn_pwr5_mont_t4_24(BN_ULONG *tp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0, const void *table,
|
const BN_ULONG *n0, const void *table,
|
||||||
int power, int bits);
|
int power, int bits);
|
||||||
int bn_pwr5_mont_t4_32(BN_ULONG * tp, const BN_ULONG *np,
|
int bn_pwr5_mont_t4_32(BN_ULONG *tp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0, const void *table,
|
const BN_ULONG *n0, const void *table,
|
||||||
int power, int bits);
|
int power, int bits);
|
||||||
static const bn_pwr5_mont_f pwr5_funcs[4] = {
|
static const bn_pwr5_mont_f pwr5_funcs[4] = {
|
||||||
@@ -792,15 +792,15 @@ int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||||||
typedef int (*bn_mul_mont_f)(BN_ULONG *rp, const BN_ULONG *ap,
|
typedef int (*bn_mul_mont_f)(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const void *bp, const BN_ULONG *np,
|
const void *bp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0);
|
const BN_ULONG *n0);
|
||||||
int bn_mul_mont_t4_8(BN_ULONG * rp, const BN_ULONG *ap, const void *bp,
|
int bn_mul_mont_t4_8(BN_ULONG *rp, const BN_ULONG *ap, const void *bp,
|
||||||
const BN_ULONG *np, const BN_ULONG *n0);
|
const BN_ULONG *np, const BN_ULONG *n0);
|
||||||
int bn_mul_mont_t4_16(BN_ULONG * rp, const BN_ULONG *ap,
|
int bn_mul_mont_t4_16(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const void *bp, const BN_ULONG *np,
|
const void *bp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0);
|
const BN_ULONG *n0);
|
||||||
int bn_mul_mont_t4_24(BN_ULONG * rp, const BN_ULONG *ap,
|
int bn_mul_mont_t4_24(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const void *bp, const BN_ULONG *np,
|
const void *bp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0);
|
const BN_ULONG *n0);
|
||||||
int bn_mul_mont_t4_32(BN_ULONG * rp, const BN_ULONG *ap,
|
int bn_mul_mont_t4_32(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const void *bp, const BN_ULONG *np,
|
const void *bp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0);
|
const BN_ULONG *n0);
|
||||||
static const bn_mul_mont_f mul_funcs[4] = {
|
static const bn_mul_mont_f mul_funcs[4] = {
|
||||||
@@ -809,20 +809,20 @@ int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||||||
};
|
};
|
||||||
bn_mul_mont_f mul_worker = mul_funcs[top / 16 - 1];
|
bn_mul_mont_f mul_worker = mul_funcs[top / 16 - 1];
|
||||||
|
|
||||||
void bn_mul_mont_vis3(BN_ULONG * rp, const BN_ULONG *ap,
|
void bn_mul_mont_vis3(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const void *bp, const BN_ULONG *np,
|
const void *bp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0, int num);
|
const BN_ULONG *n0, int num);
|
||||||
void bn_mul_mont_t4(BN_ULONG * rp, const BN_ULONG *ap,
|
void bn_mul_mont_t4(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const void *bp, const BN_ULONG *np,
|
const void *bp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0, int num);
|
const BN_ULONG *n0, int num);
|
||||||
void bn_mul_mont_gather5_t4(BN_ULONG * rp, const BN_ULONG *ap,
|
void bn_mul_mont_gather5_t4(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const void *table, const BN_ULONG *np,
|
const void *table, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0, int num, int power);
|
const BN_ULONG *n0, int num, int power);
|
||||||
void bn_flip_n_scatter5_t4(const BN_ULONG *inp, size_t num,
|
void bn_flip_n_scatter5_t4(const BN_ULONG *inp, size_t num,
|
||||||
void *table, size_t power);
|
void *table, size_t power);
|
||||||
void bn_gather5_t4(BN_ULONG * out, size_t num,
|
void bn_gather5_t4(BN_ULONG *out, size_t num,
|
||||||
void *table, size_t power);
|
void *table, size_t power);
|
||||||
void bn_flip_t4(BN_ULONG * dst, BN_ULONG * src, size_t num);
|
void bn_flip_t4(BN_ULONG *dst, BN_ULONG *src, size_t num);
|
||||||
|
|
||||||
BN_ULONG *np = mont->N.d, *n0 = mont->n0;
|
BN_ULONG *np = mont->N.d, *n0 = mont->n0;
|
||||||
int stride = 5 * (6 - (top / 16 - 1)); /* multiple of 5, but less
|
int stride = 5 * (6 - (top / 16 - 1)); /* multiple of 5, but less
|
||||||
@@ -922,13 +922,13 @@ int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
|||||||
* Given those inputs, |bn_mul_mont| may not give reduced
|
* Given those inputs, |bn_mul_mont| may not give reduced
|
||||||
* output, but it will still produce "almost" reduced output.
|
* output, but it will still produce "almost" reduced output.
|
||||||
*/
|
*/
|
||||||
void bn_mul_mont_gather5(BN_ULONG * rp, const BN_ULONG *ap,
|
void bn_mul_mont_gather5(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const void *table, const BN_ULONG *np,
|
const void *table, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0, int num, int power);
|
const BN_ULONG *n0, int num, int power);
|
||||||
void bn_scatter5(const BN_ULONG *inp, size_t num,
|
void bn_scatter5(const BN_ULONG *inp, size_t num,
|
||||||
void *table, size_t power);
|
void *table, size_t power);
|
||||||
void bn_gather5(BN_ULONG * out, size_t num, void *table, size_t power);
|
void bn_gather5(BN_ULONG *out, size_t num, void *table, size_t power);
|
||||||
void bn_power5(BN_ULONG * rp, const BN_ULONG *ap,
|
void bn_power5(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const void *table, const BN_ULONG *np,
|
const void *table, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0, int num, int power);
|
const BN_ULONG *n0, int num, int power);
|
||||||
int bn_get_bits5(const BN_ULONG *ap, int off);
|
int bn_get_bits5(const BN_ULONG *ap, int off);
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -387,7 +387,7 @@ struct bn_gencb_st {
|
|||||||
#elif defined(__alpha) && (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
|
#elif defined(__alpha) && (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
|
||||||
#if defined(__DECC)
|
#if defined(__DECC)
|
||||||
#include <c_asm.h>
|
#include <c_asm.h>
|
||||||
#define BN_UMULT_HIGH(a, b) (BN_ULONG) asm("umulh %a0,%a1,%v0", (a), (b))
|
#define BN_UMULT_HIGH(a, b) (BN_ULONG)asm("umulh %a0,%a1,%v0", (a), (b))
|
||||||
#elif defined(__GNUC__) && __GNUC__ >= 2
|
#elif defined(__GNUC__) && __GNUC__ >= 2
|
||||||
#define BN_UMULT_HIGH(a, b) ({ \
|
#define BN_UMULT_HIGH(a, b) ({ \
|
||||||
register BN_ULONG ret; \
|
register BN_ULONG ret; \
|
||||||
|
|||||||
+4
-5
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -8,10 +8,9 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Details about Montgomery multiplication algorithms can be found at
|
* Details about Montgomery multiplication algorithms can be found in
|
||||||
* http://security.ece.orst.edu/publications.html, e.g.
|
* https://www.microsoft.com/en-us/research/wp-content/uploads/1996/01/j37acmon.pdf
|
||||||
* http://security.ece.orst.edu/koc/papers/j37acmon.pdf and
|
* and https://cetinkayakoc.net/docs/r01.pdf
|
||||||
* sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "internal/cryptlib.h"
|
#include "internal/cryptlib.h"
|
||||||
|
|||||||
+5
-5
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2009-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2009-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -15,14 +15,14 @@
|
|||||||
int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
||||||
const BN_ULONG *np, const BN_ULONG *n0, int num)
|
const BN_ULONG *np, const BN_ULONG *n0, int num)
|
||||||
{
|
{
|
||||||
int bn_mul_mont_int(BN_ULONG * rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
||||||
const BN_ULONG *np, const BN_ULONG *n0, int num);
|
const BN_ULONG *np, const BN_ULONG *n0, int num);
|
||||||
int bn_mul4x_mont_int(BN_ULONG * rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
int bn_mul4x_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
||||||
const BN_ULONG *np, const BN_ULONG *n0, int num);
|
const BN_ULONG *np, const BN_ULONG *n0, int num);
|
||||||
int bn_mul_mont_fixed_n6(BN_ULONG * rp, const BN_ULONG *ap,
|
int bn_mul_mont_fixed_n6(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const BN_ULONG *bp, const BN_ULONG *np,
|
const BN_ULONG *bp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0, int num);
|
const BN_ULONG *n0, int num);
|
||||||
int bn_mul_mont_300_fixed_n6(BN_ULONG * rp, const BN_ULONG *ap,
|
int bn_mul_mont_300_fixed_n6(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const BN_ULONG *bp, const BN_ULONG *np,
|
const BN_ULONG *bp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0, int num);
|
const BN_ULONG *n0, int num);
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -30,7 +30,7 @@ static int bn_is_prime_int(const BIGNUM *w, int checks, BN_CTX *ctx,
|
|||||||
#define square(x) ((BN_ULONG)(x) * (BN_ULONG)(x))
|
#define square(x) ((BN_ULONG)(x) * (BN_ULONG)(x))
|
||||||
|
|
||||||
#if BN_BITS2 == 64
|
#if BN_BITS2 == 64
|
||||||
#define BN_DEF(lo, hi) (BN_ULONG) hi << 32 | lo
|
#define BN_DEF(lo, hi) (BN_ULONG)hi << 32 | lo
|
||||||
#else
|
#else
|
||||||
#define BN_DEF(lo, hi) lo, hi
|
#define BN_DEF(lo, hi) lo, hi
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2018-2023 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2018-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
@@ -29,7 +29,7 @@
|
|||||||
#include "internal/nelem.h"
|
#include "internal/nelem.h"
|
||||||
|
|
||||||
#if BN_BITS2 == 64
|
#if BN_BITS2 == 64
|
||||||
#define BN_DEF(lo, hi) (BN_ULONG) hi << 32 | lo
|
#define BN_DEF(lo, hi) (BN_ULONG)hi << 32 | lo
|
||||||
#else
|
#else
|
||||||
#define BN_DEF(lo, hi) lo, hi
|
#define BN_DEF(lo, hi) lo, hi
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2005-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -16,11 +16,11 @@
|
|||||||
int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
||||||
const BN_ULONG *np, const BN_ULONG *n0, int num)
|
const BN_ULONG *np, const BN_ULONG *n0, int num)
|
||||||
{
|
{
|
||||||
int bn_mul_mont_vis3(BN_ULONG * rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
int bn_mul_mont_vis3(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
||||||
const BN_ULONG *np, const BN_ULONG *n0, int num);
|
const BN_ULONG *np, const BN_ULONG *n0, int num);
|
||||||
int bn_mul_mont_fpu(BN_ULONG * rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
int bn_mul_mont_fpu(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
||||||
const BN_ULONG *np, const BN_ULONG *n0, int num);
|
const BN_ULONG *np, const BN_ULONG *n0, int num);
|
||||||
int bn_mul_mont_int(BN_ULONG * rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
||||||
const BN_ULONG *np, const BN_ULONG *n0, int num);
|
const BN_ULONG *np, const BN_ULONG *n0, int num);
|
||||||
|
|
||||||
if (!(num & 1) && num >= 6) {
|
if (!(num & 1) && num >= 6) {
|
||||||
@@ -29,16 +29,16 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
|||||||
const BN_ULONG *bp,
|
const BN_ULONG *bp,
|
||||||
const BN_ULONG *np,
|
const BN_ULONG *np,
|
||||||
const BN_ULONG *n0);
|
const BN_ULONG *n0);
|
||||||
int bn_mul_mont_t4_8(BN_ULONG * rp, const BN_ULONG *ap,
|
int bn_mul_mont_t4_8(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const BN_ULONG *bp, const BN_ULONG *np,
|
const BN_ULONG *bp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0);
|
const BN_ULONG *n0);
|
||||||
int bn_mul_mont_t4_16(BN_ULONG * rp, const BN_ULONG *ap,
|
int bn_mul_mont_t4_16(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const BN_ULONG *bp, const BN_ULONG *np,
|
const BN_ULONG *bp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0);
|
const BN_ULONG *n0);
|
||||||
int bn_mul_mont_t4_24(BN_ULONG * rp, const BN_ULONG *ap,
|
int bn_mul_mont_t4_24(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const BN_ULONG *bp, const BN_ULONG *np,
|
const BN_ULONG *bp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0);
|
const BN_ULONG *n0);
|
||||||
int bn_mul_mont_t4_32(BN_ULONG * rp, const BN_ULONG *ap,
|
int bn_mul_mont_t4_32(BN_ULONG *rp, const BN_ULONG *ap,
|
||||||
const BN_ULONG *bp, const BN_ULONG *np,
|
const BN_ULONG *bp, const BN_ULONG *np,
|
||||||
const BN_ULONG *n0);
|
const BN_ULONG *n0);
|
||||||
static const bn_mul_mont_f funcs[4] = {
|
static const bn_mul_mont_f funcs[4] = {
|
||||||
|
|||||||
+2
-2
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -23,7 +23,7 @@ const void *ossl_bsearch(const void *key, const void *base, int num,
|
|||||||
l = 0;
|
l = 0;
|
||||||
h = num;
|
h = num;
|
||||||
while (l < h) {
|
while (l < h) {
|
||||||
i = (l + h) / 2;
|
i = l + (h - l) / 2;
|
||||||
p = &(base_[i * size]);
|
p = &(base_[i * size]);
|
||||||
c = (*cmp)(key, p);
|
c = (*cmp)(key, p);
|
||||||
if (c < 0)
|
if (c < 0)
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -27,7 +27,7 @@ void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|||||||
unsigned char *ivec, int *num, int enc)
|
unsigned char *ivec, int *num, int enc)
|
||||||
{
|
{
|
||||||
register CAST_LONG v0, v1, t;
|
register CAST_LONG v0, v1, t;
|
||||||
register int n = *num;
|
register int n = *num & 0x07;
|
||||||
register long l = length;
|
register long l = length;
|
||||||
CAST_LONG ti[2];
|
CAST_LONG ti[2];
|
||||||
unsigned char *iv, c, cc;
|
unsigned char *iv, c, cc;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -26,7 +26,7 @@ void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|||||||
unsigned char *ivec, int *num)
|
unsigned char *ivec, int *num)
|
||||||
{
|
{
|
||||||
register CAST_LONG v0, v1, t;
|
register CAST_LONG v0, v1, t;
|
||||||
register int n = *num;
|
register int n = *num & 0x07;
|
||||||
register long l = length;
|
register long l = length;
|
||||||
unsigned char d[8];
|
unsigned char d[8];
|
||||||
register char *dp;
|
register char *dp;
|
||||||
|
|||||||
+17
-6
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2007-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright Nokia 2007-2019
|
* Copyright Nokia 2007-2019
|
||||||
* Copyright Siemens AG 2015-2019
|
* Copyright Siemens AG 2015-2019
|
||||||
*
|
*
|
||||||
@@ -149,6 +149,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req,
|
|||||||
int time_left;
|
int time_left;
|
||||||
OSSL_CMP_transfer_cb_t transfer_cb = ctx->transfer_cb;
|
OSSL_CMP_transfer_cb_t transfer_cb = ctx->transfer_cb;
|
||||||
|
|
||||||
|
ctx->status = OSSL_CMP_PKISTATUS_trans;
|
||||||
#ifndef OPENSSL_NO_HTTP
|
#ifndef OPENSSL_NO_HTTP
|
||||||
if (transfer_cb == NULL)
|
if (transfer_cb == NULL)
|
||||||
transfer_cb = OSSL_CMP_MSG_http_perform;
|
transfer_cb = OSSL_CMP_MSG_http_perform;
|
||||||
@@ -175,7 +176,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req,
|
|||||||
/* should print error queue since transfer_cb may call ERR_clear_error() */
|
/* should print error queue since transfer_cb may call ERR_clear_error() */
|
||||||
OSSL_CMP_CTX_print_errors(ctx);
|
OSSL_CMP_CTX_print_errors(ctx);
|
||||||
|
|
||||||
if (ctx->server != NULL)
|
if (ctx->server != NULL || ctx->transfer_cb != NULL)
|
||||||
ossl_cmp_log1(INFO, ctx, "sending %s", req_type_str);
|
ossl_cmp_log1(INFO, ctx, "sending %s", req_type_str);
|
||||||
|
|
||||||
*rep = (*transfer_cb)(ctx, req);
|
*rep = (*transfer_cb)(ctx, req);
|
||||||
@@ -189,6 +190,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ctx->status = OSSL_CMP_PKISTATUS_checking_response;
|
||||||
bt = OSSL_CMP_MSG_get_bodytype(*rep);
|
bt = OSSL_CMP_MSG_get_bodytype(*rep);
|
||||||
/*
|
/*
|
||||||
* The body type in the 'bt' variable is not yet verified.
|
* The body type in the 'bt' variable is not yet verified.
|
||||||
@@ -284,11 +286,15 @@ static int poll_for_response(OSSL_CMP_CTX *ctx, int sleep, int rid,
|
|||||||
"received 'waiting' PKIStatus, starting to poll for response");
|
"received 'waiting' PKIStatus, starting to poll for response");
|
||||||
*rep = NULL;
|
*rep = NULL;
|
||||||
for (;;) {
|
for (;;) {
|
||||||
|
int bak = ctx->status;
|
||||||
|
|
||||||
|
ctx->status = OSSL_CMP_PKISTATUS_request;
|
||||||
if ((preq = ossl_cmp_pollReq_new(ctx, rid)) == NULL)
|
if ((preq = ossl_cmp_pollReq_new(ctx, rid)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (!send_receive_check(ctx, preq, &prep, OSSL_CMP_PKIBODY_POLLREP))
|
if (!send_receive_check(ctx, preq, &prep, OSSL_CMP_PKIBODY_POLLREP))
|
||||||
goto err;
|
goto err;
|
||||||
|
ctx->status = bak;
|
||||||
|
|
||||||
/* handle potential pollRep */
|
/* handle potential pollRep */
|
||||||
if (OSSL_CMP_MSG_get_bodytype(prep) == OSSL_CMP_PKIBODY_POLLREP) {
|
if (OSSL_CMP_MSG_get_bodytype(prep) == OSSL_CMP_PKIBODY_POLLREP) {
|
||||||
@@ -344,6 +350,7 @@ static int poll_for_response(OSSL_CMP_CTX *ctx, int sleep, int rid,
|
|||||||
int64_t time_left = (int64_t)(ctx->end_time - exp - time(NULL));
|
int64_t time_left = (int64_t)(ctx->end_time - exp - time(NULL));
|
||||||
|
|
||||||
if (time_left <= 0) {
|
if (time_left <= 0) {
|
||||||
|
ctx->status = OSSL_CMP_PKISTATUS_trans;
|
||||||
ERR_raise(ERR_LIB_CMP, CMP_R_TOTAL_TIMEOUT);
|
ERR_raise(ERR_LIB_CMP, CMP_R_TOTAL_TIMEOUT);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@@ -455,7 +462,9 @@ int ossl_cmp_exchange_certConf(OSSL_CMP_CTX *ctx, int certReqId,
|
|||||||
OSSL_CMP_MSG *certConf;
|
OSSL_CMP_MSG *certConf;
|
||||||
OSSL_CMP_MSG *PKIconf = NULL;
|
OSSL_CMP_MSG *PKIconf = NULL;
|
||||||
int res = 0;
|
int res = 0;
|
||||||
|
int bak = ctx->status;
|
||||||
|
|
||||||
|
ctx->status = OSSL_CMP_PKISTATUS_request;
|
||||||
/* OSSL_CMP_certConf_new() also checks if all necessary options are set */
|
/* OSSL_CMP_certConf_new() also checks if all necessary options are set */
|
||||||
certConf = ossl_cmp_certConf_new(ctx, certReqId, fail_info, txt);
|
certConf = ossl_cmp_certConf_new(ctx, certReqId, fail_info, txt);
|
||||||
if (certConf == NULL)
|
if (certConf == NULL)
|
||||||
@@ -464,6 +473,9 @@ int ossl_cmp_exchange_certConf(OSSL_CMP_CTX *ctx, int certReqId,
|
|||||||
res = send_receive_also_delayed(ctx, certConf, &PKIconf,
|
res = send_receive_also_delayed(ctx, certConf, &PKIconf,
|
||||||
OSSL_CMP_PKIBODY_PKICONF);
|
OSSL_CMP_PKIBODY_PKICONF);
|
||||||
|
|
||||||
|
if (res)
|
||||||
|
ctx->status = bak;
|
||||||
|
|
||||||
err:
|
err:
|
||||||
OSSL_CMP_MSG_free(certConf);
|
OSSL_CMP_MSG_free(certConf);
|
||||||
OSSL_CMP_MSG_free(PKIconf);
|
OSSL_CMP_MSG_free(PKIconf);
|
||||||
@@ -479,6 +491,7 @@ int ossl_cmp_exchange_error(OSSL_CMP_CTX *ctx, int status, int fail_info,
|
|||||||
OSSL_CMP_MSG *PKIconf = NULL;
|
OSSL_CMP_MSG *PKIconf = NULL;
|
||||||
int res = 0;
|
int res = 0;
|
||||||
|
|
||||||
|
ctx->status = OSSL_CMP_PKISTATUS_request;
|
||||||
/* not overwriting ctx->status on error exchange */
|
/* not overwriting ctx->status on error exchange */
|
||||||
if ((si = OSSL_CMP_STATUSINFO_new(status, fail_info, txt)) == NULL)
|
if ((si = OSSL_CMP_STATUSINFO_new(status, fail_info, txt)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
@@ -488,6 +501,7 @@ int ossl_cmp_exchange_error(OSSL_CMP_CTX *ctx, int status, int fail_info,
|
|||||||
|
|
||||||
res = send_receive_also_delayed(ctx, error,
|
res = send_receive_also_delayed(ctx, error,
|
||||||
&PKIconf, OSSL_CMP_PKIBODY_PKICONF);
|
&PKIconf, OSSL_CMP_PKIBODY_PKICONF);
|
||||||
|
ctx->status = OSSL_CMP_PKISTATUS_rejected_by_client;
|
||||||
|
|
||||||
err:
|
err:
|
||||||
OSSL_CMP_MSG_free(error);
|
OSSL_CMP_MSG_free(error);
|
||||||
@@ -790,7 +804,7 @@ static int cert_response(OSSL_CMP_CTX *ctx, int sleep, int rid,
|
|||||||
ERR_raise_data(ERR_LIB_CMP, CMP_R_CERTIFICATE_NOT_ACCEPTED,
|
ERR_raise_data(ERR_LIB_CMP, CMP_R_CERTIFICATE_NOT_ACCEPTED,
|
||||||
"rejecting newly enrolled cert with subject: %s; %s",
|
"rejecting newly enrolled cert with subject: %s; %s",
|
||||||
subj, txt);
|
subj, txt);
|
||||||
ctx->status = OSSL_CMP_PKISTATUS_rejection;
|
ctx->status = OSSL_CMP_PKISTATUS_rejected_by_client;
|
||||||
ret = 0;
|
ret = 0;
|
||||||
}
|
}
|
||||||
OPENSSL_free(subj);
|
OPENSSL_free(subj);
|
||||||
@@ -812,7 +826,6 @@ static int initial_certreq(OSSL_CMP_CTX *ctx,
|
|||||||
if ((req = ossl_cmp_certreq_new(ctx, req_type, crm)) == NULL)
|
if ((req = ossl_cmp_certreq_new(ctx, req_type, crm)) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
ctx->status = OSSL_CMP_PKISTATUS_trans;
|
|
||||||
res = send_receive_check(ctx, req, p_rep, rep_type);
|
res = send_receive_check(ctx, req, p_rep, rep_type);
|
||||||
OSSL_CMP_MSG_free(req);
|
OSSL_CMP_MSG_free(req);
|
||||||
return res;
|
return res;
|
||||||
@@ -918,7 +931,6 @@ int OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx)
|
|||||||
if ((rr = ossl_cmp_rr_new(ctx)) == NULL)
|
if ((rr = ossl_cmp_rr_new(ctx)) == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
ctx->status = OSSL_CMP_PKISTATUS_trans;
|
|
||||||
if (!send_receive_also_delayed(ctx, rr, &rp, OSSL_CMP_PKIBODY_RP))
|
if (!send_receive_also_delayed(ctx, rr, &rp, OSSL_CMP_PKIBODY_RP))
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
@@ -1038,7 +1050,6 @@ STACK_OF(OSSL_CMP_ITAV) *OSSL_CMP_exec_GENM_ses(OSSL_CMP_CTX *ctx)
|
|||||||
if ((genm = ossl_cmp_genm_new(ctx)) == NULL)
|
if ((genm = ossl_cmp_genm_new(ctx)) == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
ctx->status = OSSL_CMP_PKISTATUS_trans;
|
|
||||||
if (!send_receive_also_delayed(ctx, genm, &genp, OSSL_CMP_PKIBODY_GENP))
|
if (!send_receive_also_delayed(ctx, genm, &genp, OSSL_CMP_PKIBODY_GENP))
|
||||||
goto err;
|
goto err;
|
||||||
ctx->status = OSSL_CMP_PKISTATUS_accepted;
|
ctx->status = OSSL_CMP_PKISTATUS_accepted;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2007-2024 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2007-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright Nokia 2007-2019
|
* Copyright Nokia 2007-2019
|
||||||
* Copyright Siemens AG 2015-2019
|
* Copyright Siemens AG 2015-2019
|
||||||
*
|
*
|
||||||
@@ -742,7 +742,7 @@ DEFINE_OSSL_set1_up_ref(OSSL_CMP_CTX, oldCert, X509)
|
|||||||
*/
|
*/
|
||||||
DEFINE_OSSL_set0(ossl_cmp_ctx, newCert, X509)
|
DEFINE_OSSL_set0(ossl_cmp_ctx, newCert, X509)
|
||||||
|
|
||||||
/* Get successfully validated server cert, if any, of current transaction */
|
/* Get successfully validated sender cert, if any, of current transaction */
|
||||||
DEFINE_OSSL_CMP_CTX_get0(validatedSrvCert, X509)
|
DEFINE_OSSL_CMP_CTX_get0(validatedSrvCert, X509)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2007-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright Nokia 2007-2019
|
* Copyright Nokia 2007-2019
|
||||||
* Copyright Siemens AG 2015-2019
|
* Copyright Siemens AG 2015-2019
|
||||||
*
|
*
|
||||||
@@ -66,7 +66,7 @@ struct ossl_cmp_ctx_st {
|
|||||||
int unprotectedErrors;
|
int unprotectedErrors;
|
||||||
int noCacheExtraCerts;
|
int noCacheExtraCerts;
|
||||||
X509 *srvCert; /* certificate used to identify the server */
|
X509 *srvCert; /* certificate used to identify the server */
|
||||||
X509 *validatedSrvCert; /* caches any already validated server cert */
|
X509 *validatedSrvCert; /* caches any already validated sender cert */
|
||||||
X509_NAME *expected_sender; /* expected sender in header of response */
|
X509_NAME *expected_sender; /* expected sender in header of response */
|
||||||
X509_STORE *trusted; /* trust store maybe w CRLs and cert verify callback */
|
X509_STORE *trusted; /* trust store maybe w CRLs and cert verify callback */
|
||||||
STACK_OF(X509) *untrusted; /* untrusted (intermediate CA) certs */
|
STACK_OF(X509) *untrusted; /* untrusted (intermediate CA) certs */
|
||||||
|
|||||||
+14
-11
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2007-2024 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2007-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright Nokia 2007-2020
|
* Copyright Nokia 2007-2020
|
||||||
* Copyright Siemens AG 2015-2020
|
* Copyright Siemens AG 2015-2020
|
||||||
*
|
*
|
||||||
@@ -363,13 +363,12 @@ static int check_cert_path_3gpp(const OSSL_CMP_CTX *ctx,
|
|||||||
return valid;
|
return valid;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* checks protection of msg but not cert revocation nor cert chain */
|
||||||
static int check_msg_given_cert(const OSSL_CMP_CTX *ctx, X509 *cert,
|
static int check_msg_given_cert(const OSSL_CMP_CTX *ctx, X509 *cert,
|
||||||
const OSSL_CMP_MSG *msg)
|
const OSSL_CMP_MSG *msg)
|
||||||
{
|
{
|
||||||
return cert_acceptable(ctx, "previously validated", "sender cert",
|
return cert_acceptable(ctx, "previously validated", "sender cert",
|
||||||
cert, NULL, NULL, msg)
|
cert, NULL, NULL, msg);
|
||||||
&& (check_cert_path(ctx, ctx->trusted, cert)
|
|
||||||
|| check_cert_path_3gpp(ctx, msg, cert));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*-
|
/*-
|
||||||
@@ -479,22 +478,26 @@ static int check_msg_find_cert(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
|
|||||||
(void)ERR_set_mark();
|
(void)ERR_set_mark();
|
||||||
ctx->log_cb = NULL; /* temporarily disable logging */
|
ctx->log_cb = NULL; /* temporarily disable logging */
|
||||||
|
|
||||||
/*
|
|
||||||
* try first cached scrt, used successfully earlier in same transaction,
|
|
||||||
* for validating this and any further msgs where extraCerts may be left out
|
|
||||||
*/
|
|
||||||
if (scrt != NULL) {
|
if (scrt != NULL) {
|
||||||
|
/*-
|
||||||
|
* try first using cached message sender cert (in 'scrt' variable),
|
||||||
|
* which was used successfully earlier in the same transaction
|
||||||
|
* (assuming that the certificate itself was not revoked meanwhile and
|
||||||
|
* is a good guess for use in validating also the current message)
|
||||||
|
*/
|
||||||
if (check_msg_given_cert(ctx, scrt, msg)) {
|
if (check_msg_given_cert(ctx, scrt, msg)) {
|
||||||
ctx->log_cb = backup_log_cb;
|
ctx->log_cb = backup_log_cb;
|
||||||
(void)ERR_pop_to_mark();
|
(void)ERR_pop_to_mark();
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
/* cached sender cert has shown to be no more successfully usable */
|
/* cached sender cert has shown to be no more successfully usable */
|
||||||
(void)ossl_cmp_ctx_set1_validatedSrvCert(ctx, NULL);
|
|
||||||
/* re-do the above check (just) for adding diagnostic information */
|
/* re-do the above check (just) for adding diagnostic information */
|
||||||
ossl_cmp_info(ctx,
|
ossl_cmp_info(ctx,
|
||||||
"trying to verify msg signature with previously validated cert");
|
"trying to verify msg signature with previously validated cert");
|
||||||
|
ctx->log_cb = backup_log_cb;
|
||||||
(void)check_msg_given_cert(ctx, scrt, msg);
|
(void)check_msg_given_cert(ctx, scrt, msg);
|
||||||
|
ctx->log_cb = NULL;
|
||||||
|
(void)ossl_cmp_ctx_set1_validatedSrvCert(ctx, NULL); /* this invalidates scrt */
|
||||||
}
|
}
|
||||||
|
|
||||||
res = check_msg_all_certs(ctx, msg, 0 /* using ctx->trusted */)
|
res = check_msg_all_certs(ctx, msg, 0 /* using ctx->trusted */)
|
||||||
@@ -628,7 +631,7 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
|
|||||||
scrt = ctx->srvCert;
|
scrt = ctx->srvCert;
|
||||||
if (scrt == NULL) {
|
if (scrt == NULL) {
|
||||||
if (ctx->trusted == NULL && ctx->secretValue != NULL) {
|
if (ctx->trusted == NULL && ctx->secretValue != NULL) {
|
||||||
ossl_cmp_info(ctx, "no trust store nor pinned server cert available for verifying signature-based CMP message protection");
|
ossl_cmp_info(ctx, "no trust store nor pinned sender cert available for verifying signature-based CMP message protection");
|
||||||
ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_TRUST_ANCHOR);
|
ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_TRUST_ANCHOR);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -642,7 +645,7 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
|
|||||||
/* use ctx->srvCert for signature check even if not acceptable */
|
/* use ctx->srvCert for signature check even if not acceptable */
|
||||||
if (verify_signature(ctx, msg, scrt)) {
|
if (verify_signature(ctx, msg, scrt)) {
|
||||||
ossl_cmp_debug(ctx,
|
ossl_cmp_debug(ctx,
|
||||||
"successfully validated signature-based CMP message protection using pinned server cert");
|
"successfully validated signature-based CMP message protection using pinned sender cert");
|
||||||
return ossl_cmp_ctx_set1_validatedSrvCert(ctx, scrt);
|
return ossl_cmp_ctx_set1_validatedSrvCert(ctx, scrt);
|
||||||
}
|
}
|
||||||
ossl_cmp_warn(ctx, "CMP message signature verification failed");
|
ossl_cmp_warn(ctx, "CMP message signature verification failed");
|
||||||
|
|||||||
+15
-15
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2008-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -23,7 +23,7 @@ ASN1_SEQUENCE(CMS_OtherCertificateFormat) = {
|
|||||||
ASN1_OPT(CMS_OtherCertificateFormat, otherCert, ASN1_ANY)
|
ASN1_OPT(CMS_OtherCertificateFormat, otherCert, ASN1_ANY)
|
||||||
} static_ASN1_SEQUENCE_END(CMS_OtherCertificateFormat)
|
} static_ASN1_SEQUENCE_END(CMS_OtherCertificateFormat)
|
||||||
|
|
||||||
ASN1_CHOICE(CMS_CertificateChoices)
|
ASN1_CHOICE(CMS_CertificateChoices)
|
||||||
= { ASN1_SIMPLE(CMS_CertificateChoices, d.certificate, X509), ASN1_IMP(CMS_CertificateChoices, d.extendedCertificate, ASN1_SEQUENCE, 0), ASN1_IMP(CMS_CertificateChoices, d.v1AttrCert, ASN1_SEQUENCE, 1), ASN1_IMP(CMS_CertificateChoices, d.v2AttrCert, ASN1_SEQUENCE, 2), ASN1_IMP(CMS_CertificateChoices, d.other, CMS_OtherCertificateFormat, 3) } ASN1_CHOICE_END(CMS_CertificateChoices)
|
= { ASN1_SIMPLE(CMS_CertificateChoices, d.certificate, X509), ASN1_IMP(CMS_CertificateChoices, d.extendedCertificate, ASN1_SEQUENCE, 0), ASN1_IMP(CMS_CertificateChoices, d.v1AttrCert, ASN1_SEQUENCE, 1), ASN1_IMP(CMS_CertificateChoices, d.v2AttrCert, ASN1_SEQUENCE, 2), ASN1_IMP(CMS_CertificateChoices, d.other, CMS_OtherCertificateFormat, 3) } ASN1_CHOICE_END(CMS_CertificateChoices)
|
||||||
|
|
||||||
ASN1_CHOICE(CMS_SignerIdentifier) = {
|
ASN1_CHOICE(CMS_SignerIdentifier) = {
|
||||||
@@ -31,11 +31,11 @@ ASN1_CHOICE(CMS_SignerIdentifier) = {
|
|||||||
ASN1_IMP(CMS_SignerIdentifier, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0)
|
ASN1_IMP(CMS_SignerIdentifier, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0)
|
||||||
} static_ASN1_CHOICE_END(CMS_SignerIdentifier)
|
} static_ASN1_CHOICE_END(CMS_SignerIdentifier)
|
||||||
|
|
||||||
ASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo)
|
ASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo)
|
||||||
= { ASN1_SIMPLE(CMS_EncapsulatedContentInfo, eContentType, ASN1_OBJECT), ASN1_NDEF_EXP_OPT(CMS_EncapsulatedContentInfo, eContent, ASN1_OCTET_STRING_NDEF, 0) } static_ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo)
|
= { ASN1_SIMPLE(CMS_EncapsulatedContentInfo, eContentType, ASN1_OBJECT), ASN1_NDEF_EXP_OPT(CMS_EncapsulatedContentInfo, eContent, ASN1_OCTET_STRING_NDEF, 0) } static_ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo)
|
||||||
|
|
||||||
/* Minor tweak to operation: free up signer key, cert */
|
/* Minor tweak to operation: free up signer key, cert */
|
||||||
static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
|
static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
|
||||||
{
|
{
|
||||||
if (operation == ASN1_OP_FREE_POST) {
|
if (operation == ASN1_OP_FREE_POST) {
|
||||||
CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
|
CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
|
||||||
@@ -62,7 +62,7 @@ ASN1_SEQUENCE(CMS_OtherRevocationInfoFormat) = {
|
|||||||
ASN1_OPT(CMS_OtherRevocationInfoFormat, otherRevInfo, ASN1_ANY)
|
ASN1_OPT(CMS_OtherRevocationInfoFormat, otherRevInfo, ASN1_ANY)
|
||||||
} static_ASN1_SEQUENCE_END(CMS_OtherRevocationInfoFormat)
|
} static_ASN1_SEQUENCE_END(CMS_OtherRevocationInfoFormat)
|
||||||
|
|
||||||
ASN1_CHOICE(CMS_RevocationInfoChoice)
|
ASN1_CHOICE(CMS_RevocationInfoChoice)
|
||||||
= { ASN1_SIMPLE(CMS_RevocationInfoChoice, d.crl, X509_CRL), ASN1_IMP(CMS_RevocationInfoChoice, d.other, CMS_OtherRevocationInfoFormat, 1) } ASN1_CHOICE_END(CMS_RevocationInfoChoice)
|
= { ASN1_SIMPLE(CMS_RevocationInfoChoice, d.crl, X509_CRL), ASN1_IMP(CMS_RevocationInfoChoice, d.other, CMS_OtherRevocationInfoFormat, 1) } ASN1_CHOICE_END(CMS_RevocationInfoChoice)
|
||||||
|
|
||||||
ASN1_NDEF_SEQUENCE(CMS_SignedData) = {
|
ASN1_NDEF_SEQUENCE(CMS_SignedData) = {
|
||||||
@@ -80,7 +80,7 @@ ASN1_SEQUENCE(CMS_OriginatorInfo) = {
|
|||||||
ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1)
|
ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1)
|
||||||
} static_ASN1_SEQUENCE_END(CMS_OriginatorInfo)
|
} static_ASN1_SEQUENCE_END(CMS_OriginatorInfo)
|
||||||
|
|
||||||
static int cms_ec_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
|
static int cms_ec_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
|
||||||
{
|
{
|
||||||
CMS_EncryptedContentInfo *ec = (CMS_EncryptedContentInfo *)*pval;
|
CMS_EncryptedContentInfo *ec = (CMS_EncryptedContentInfo *)*pval;
|
||||||
|
|
||||||
@@ -118,7 +118,7 @@ ASN1_CHOICE(CMS_KeyAgreeRecipientIdentifier) = {
|
|||||||
ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0)
|
ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0)
|
||||||
} static_ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier)
|
} static_ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier)
|
||||||
|
|
||||||
static int cms_rek_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
|
static int cms_rek_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
|
||||||
{
|
{
|
||||||
CMS_RecipientEncryptedKey *rek = (CMS_RecipientEncryptedKey *)*pval;
|
CMS_RecipientEncryptedKey *rek = (CMS_RecipientEncryptedKey *)*pval;
|
||||||
if (operation == ASN1_OP_FREE_POST) {
|
if (operation == ASN1_OP_FREE_POST) {
|
||||||
@@ -143,7 +143,7 @@ ASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = {
|
|||||||
ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1)
|
ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1)
|
||||||
} static_ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey)
|
} static_ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey)
|
||||||
|
|
||||||
static int cms_kari_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
|
static int cms_kari_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
|
||||||
{
|
{
|
||||||
CMS_KeyAgreeRecipientInfo *kari = (CMS_KeyAgreeRecipientInfo *)*pval;
|
CMS_KeyAgreeRecipientInfo *kari = (CMS_KeyAgreeRecipientInfo *)*pval;
|
||||||
if (operation == ASN1_OP_NEW_POST) {
|
if (operation == ASN1_OP_NEW_POST) {
|
||||||
@@ -173,7 +173,7 @@ ASN1_SEQUENCE(CMS_KEKIdentifier) = {
|
|||||||
ASN1_OPT(CMS_KEKIdentifier, other, CMS_OtherKeyAttribute)
|
ASN1_OPT(CMS_KEKIdentifier, other, CMS_OtherKeyAttribute)
|
||||||
} static_ASN1_SEQUENCE_END(CMS_KEKIdentifier)
|
} static_ASN1_SEQUENCE_END(CMS_KEKIdentifier)
|
||||||
|
|
||||||
ASN1_SEQUENCE(CMS_KEKRecipientInfo)
|
ASN1_SEQUENCE(CMS_KEKRecipientInfo)
|
||||||
= { ASN1_EMBED(CMS_KEKRecipientInfo, version, INT32), ASN1_SIMPLE(CMS_KEKRecipientInfo, kekid, CMS_KEKIdentifier), ASN1_SIMPLE(CMS_KEKRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), ASN1_SIMPLE(CMS_KEKRecipientInfo, encryptedKey, ASN1_OCTET_STRING) } ASN1_SEQUENCE_END(CMS_KEKRecipientInfo)
|
= { ASN1_EMBED(CMS_KEKRecipientInfo, version, INT32), ASN1_SIMPLE(CMS_KEKRecipientInfo, kekid, CMS_KEKIdentifier), ASN1_SIMPLE(CMS_KEKRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), ASN1_SIMPLE(CMS_KEKRecipientInfo, encryptedKey, ASN1_OCTET_STRING) } ASN1_SEQUENCE_END(CMS_KEKRecipientInfo)
|
||||||
|
|
||||||
ASN1_SEQUENCE(CMS_PasswordRecipientInfo) = {
|
ASN1_SEQUENCE(CMS_PasswordRecipientInfo) = {
|
||||||
@@ -188,8 +188,8 @@ ASN1_SEQUENCE(CMS_OtherRecipientInfo) = {
|
|||||||
ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY)
|
ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY)
|
||||||
} static_ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)
|
} static_ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)
|
||||||
|
|
||||||
/* Free up RecipientInfo additional data */
|
/* Free up RecipientInfo additional data */
|
||||||
static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
|
static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
|
||||||
{
|
{
|
||||||
if (operation == ASN1_OP_FREE_PRE) {
|
if (operation == ASN1_OP_FREE_PRE) {
|
||||||
CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
|
CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
|
||||||
@@ -262,7 +262,7 @@ ASN1_NDEF_SEQUENCE(CMS_AuthenticatedData) = {
|
|||||||
ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, unauthAttrs, X509_ALGOR, 3)
|
ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, unauthAttrs, X509_ALGOR, 3)
|
||||||
} static_ASN1_NDEF_SEQUENCE_END(CMS_AuthenticatedData)
|
} static_ASN1_NDEF_SEQUENCE_END(CMS_AuthenticatedData)
|
||||||
|
|
||||||
ASN1_NDEF_SEQUENCE(CMS_CompressedData)
|
ASN1_NDEF_SEQUENCE(CMS_CompressedData)
|
||||||
= {
|
= {
|
||||||
ASN1_EMBED(CMS_CompressedData, version, INT32),
|
ASN1_EMBED(CMS_CompressedData, version, INT32),
|
||||||
ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR),
|
ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR),
|
||||||
@@ -348,7 +348,7 @@ ASN1_CHOICE(CMS_ReceiptsFrom) = {
|
|||||||
ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1)
|
ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1)
|
||||||
} static_ASN1_CHOICE_END(CMS_ReceiptsFrom)
|
} static_ASN1_CHOICE_END(CMS_ReceiptsFrom)
|
||||||
|
|
||||||
ASN1_SEQUENCE(CMS_ReceiptRequest)
|
ASN1_SEQUENCE(CMS_ReceiptRequest)
|
||||||
= { ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING), ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom), ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES) } ASN1_SEQUENCE_END(CMS_ReceiptRequest)
|
= { ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING), ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom), ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES) } ASN1_SEQUENCE_END(CMS_ReceiptRequest)
|
||||||
|
|
||||||
ASN1_SEQUENCE(CMS_Receipt) = {
|
ASN1_SEQUENCE(CMS_Receipt) = {
|
||||||
@@ -375,7 +375,7 @@ ASN1_SEQUENCE(CMS_SharedInfo) = {
|
|||||||
ASN1_EXP_OPT(CMS_SharedInfo, suppPubInfo, ASN1_OCTET_STRING, 2),
|
ASN1_EXP_OPT(CMS_SharedInfo, suppPubInfo, ASN1_OCTET_STRING, 2),
|
||||||
} static_ASN1_SEQUENCE_END(CMS_SharedInfo)
|
} static_ASN1_SEQUENCE_END(CMS_SharedInfo)
|
||||||
|
|
||||||
int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg, ASN1_OCTET_STRING *ukm, int keylen)
|
int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg, ASN1_OCTET_STRING *ukm, int keylen)
|
||||||
{
|
{
|
||||||
union {
|
union {
|
||||||
CMS_SharedInfo *pecsi;
|
CMS_SharedInfo *pecsi;
|
||||||
|
|||||||
+10
-5
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2006-2024 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -89,16 +89,21 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
|
|||||||
int keylen, plen;
|
int keylen, plen;
|
||||||
EVP_CIPHER *kekcipher = NULL;
|
EVP_CIPHER *kekcipher = NULL;
|
||||||
EVP_CIPHER_CTX *kekctx;
|
EVP_CIPHER_CTX *kekctx;
|
||||||
|
const ASN1_OBJECT *aoid;
|
||||||
|
const void *parameter = NULL;
|
||||||
|
int ptype = 0;
|
||||||
char name[OSSL_MAX_NAME_SIZE];
|
char name[OSSL_MAX_NAME_SIZE];
|
||||||
|
|
||||||
if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
|
if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
|
X509_ALGOR_get0(&aoid, &ptype, ¶meter, alg);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* For DH we only have one OID permissible. If ever any more get defined
|
* For DH we only have one OID permissible. If ever any more get defined
|
||||||
* we will need something cleverer.
|
* we will need something cleverer.
|
||||||
*/
|
*/
|
||||||
if (OBJ_obj2nid(alg->algorithm) != NID_id_smime_alg_ESDH) {
|
if (OBJ_obj2nid(aoid) != NID_id_smime_alg_ESDH) {
|
||||||
ERR_raise(ERR_LIB_CMS, CMS_R_KDF_PARAMETER_ERROR);
|
ERR_raise(ERR_LIB_CMS, CMS_R_KDF_PARAMETER_ERROR);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
@@ -107,11 +112,11 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
|
|||||||
|| EVP_PKEY_CTX_set_dh_kdf_md(pctx, EVP_sha1()) <= 0)
|
|| EVP_PKEY_CTX_set_dh_kdf_md(pctx, EVP_sha1()) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (alg->parameter->type != V_ASN1_SEQUENCE)
|
if (ptype != V_ASN1_SEQUENCE)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
p = alg->parameter->value.sequence->data;
|
p = ASN1_STRING_get0_data(parameter);
|
||||||
plen = alg->parameter->value.sequence->length;
|
plen = ASN1_STRING_length(parameter);
|
||||||
kekalg = d2i_X509_ALGOR(NULL, &p, plen);
|
kekalg = d2i_X509_ALGOR(NULL, &p, plen);
|
||||||
if (kekalg == NULL)
|
if (kekalg == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|||||||
+11
-5
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2006-2023 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -166,21 +166,27 @@ static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
|
|||||||
int plen, keylen;
|
int plen, keylen;
|
||||||
EVP_CIPHER *kekcipher = NULL;
|
EVP_CIPHER *kekcipher = NULL;
|
||||||
EVP_CIPHER_CTX *kekctx;
|
EVP_CIPHER_CTX *kekctx;
|
||||||
|
const ASN1_OBJECT *aoid = NULL;
|
||||||
|
int ptype = 0;
|
||||||
|
const void *parameter = NULL;
|
||||||
|
|
||||||
char name[OSSL_MAX_NAME_SIZE];
|
char name[OSSL_MAX_NAME_SIZE];
|
||||||
|
|
||||||
if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
|
if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if (!ecdh_cms_set_kdf_param(pctx, OBJ_obj2nid(alg->algorithm))) {
|
X509_ALGOR_get0(&aoid, &ptype, ¶meter, alg);
|
||||||
|
|
||||||
|
if (!ecdh_cms_set_kdf_param(pctx, OBJ_obj2nid(aoid))) {
|
||||||
ERR_raise(ERR_LIB_CMS, CMS_R_KDF_PARAMETER_ERROR);
|
ERR_raise(ERR_LIB_CMS, CMS_R_KDF_PARAMETER_ERROR);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (alg->parameter->type != V_ASN1_SEQUENCE)
|
if (ptype != V_ASN1_SEQUENCE)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
p = alg->parameter->value.sequence->data;
|
p = ASN1_STRING_get0_data(parameter);
|
||||||
plen = alg->parameter->value.sequence->length;
|
plen = ASN1_STRING_length(parameter);
|
||||||
kekalg = d2i_X509_ALGOR(NULL, &p, plen);
|
kekalg = d2i_X509_ALGOR(NULL, &p, plen);
|
||||||
if (kekalg == NULL)
|
if (kekalg == NULL)
|
||||||
goto err;
|
goto err;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2008-2024 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2008-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -35,8 +35,7 @@ typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey;
|
|||||||
typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey;
|
typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey;
|
||||||
typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo;
|
typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo;
|
||||||
typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier;
|
typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier;
|
||||||
typedef struct CMS_KeyAgreeRecipientIdentifier_st
|
typedef struct CMS_KeyAgreeRecipientIdentifier_st CMS_KeyAgreeRecipientIdentifier;
|
||||||
CMS_KeyAgreeRecipientIdentifier;
|
|
||||||
typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
|
typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
|
||||||
typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
|
typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
|
||||||
typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
|
typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
|
||||||
|
|||||||
+20
-13
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2006-2023 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -42,10 +42,13 @@ static int rsa_cms_decrypt(CMS_RecipientInfo *ri)
|
|||||||
X509_ALGOR *cmsalg;
|
X509_ALGOR *cmsalg;
|
||||||
int nid;
|
int nid;
|
||||||
int rv = -1;
|
int rv = -1;
|
||||||
unsigned char *label = NULL;
|
const unsigned char *label = NULL;
|
||||||
int labellen = 0;
|
int labellen = 0;
|
||||||
const EVP_MD *mgf1md = NULL, *md = NULL;
|
const EVP_MD *mgf1md = NULL, *md = NULL;
|
||||||
RSA_OAEP_PARAMS *oaep;
|
RSA_OAEP_PARAMS *oaep;
|
||||||
|
const ASN1_OBJECT *aoid;
|
||||||
|
const void *parameter = NULL;
|
||||||
|
int ptype = 0;
|
||||||
|
|
||||||
pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
|
pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
|
||||||
if (pkctx == NULL)
|
if (pkctx == NULL)
|
||||||
@@ -75,21 +78,19 @@ static int rsa_cms_decrypt(CMS_RecipientInfo *ri)
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (oaep->pSourceFunc != NULL) {
|
if (oaep->pSourceFunc != NULL) {
|
||||||
X509_ALGOR *plab = oaep->pSourceFunc;
|
X509_ALGOR_get0(&aoid, &ptype, ¶meter, oaep->pSourceFunc);
|
||||||
|
|
||||||
if (OBJ_obj2nid(plab->algorithm) != NID_pSpecified) {
|
if (OBJ_obj2nid(aoid) != NID_pSpecified) {
|
||||||
ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_LABEL_SOURCE);
|
ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_LABEL_SOURCE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (plab->parameter->type != V_ASN1_OCTET_STRING) {
|
if (ptype != V_ASN1_OCTET_STRING) {
|
||||||
ERR_raise(ERR_LIB_CMS, CMS_R_INVALID_LABEL);
|
ERR_raise(ERR_LIB_CMS, CMS_R_INVALID_LABEL);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
label = plab->parameter->value.octet_string->data;
|
label = ASN1_STRING_get0_data(parameter);
|
||||||
/* Stop label being freed when OAEP parameters are freed */
|
labellen = ASN1_STRING_length(parameter);
|
||||||
plab->parameter->value.octet_string->data = NULL;
|
|
||||||
labellen = plab->parameter->value.octet_string->length;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_OAEP_PADDING) <= 0)
|
if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_OAEP_PADDING) <= 0)
|
||||||
@@ -98,10 +99,16 @@ static int rsa_cms_decrypt(CMS_RecipientInfo *ri)
|
|||||||
goto err;
|
goto err;
|
||||||
if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0)
|
if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
if (label != NULL
|
if (label != NULL) {
|
||||||
&& EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0) {
|
unsigned char *dup_label = OPENSSL_memdup(label, labellen);
|
||||||
OPENSSL_free(label);
|
|
||||||
goto err;
|
if (dup_label == NULL)
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
if (EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, dup_label, labellen) <= 0) {
|
||||||
|
OPENSSL_free(dup_label);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
/* Carry on */
|
/* Carry on */
|
||||||
rv = 1;
|
rv = 1;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2008-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -474,8 +474,10 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
|
|||||||
} else {
|
} else {
|
||||||
if (dcont && (tmpin == dcont))
|
if (dcont && (tmpin == dcont))
|
||||||
do_free_upto(cmsbio, dcont);
|
do_free_upto(cmsbio, dcont);
|
||||||
else
|
else if (cmsbio != NULL)
|
||||||
BIO_free_all(cmsbio);
|
BIO_free_all(cmsbio);
|
||||||
|
else
|
||||||
|
BIO_free(tmpin);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (out != tmpout)
|
if (out != tmpout)
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -314,7 +314,7 @@ char *NCONF_get_string(const CONF *conf, const char *group, const char *name)
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
ERR_raise_data(ERR_LIB_CONF, CONF_R_NO_VALUE,
|
ERR_raise_data(ERR_LIB_CONF, CONF_R_NO_VALUE,
|
||||||
"group=%s name=%s", group, name);
|
"group=%s name=%s", group != NULL ? group : "", name);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2002-2024 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2002-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -395,7 +395,7 @@ static CONF_MODULE *module_find(const char *name)
|
|||||||
{
|
{
|
||||||
CONF_MODULE *tmod;
|
CONF_MODULE *tmod;
|
||||||
int i, nchar;
|
int i, nchar;
|
||||||
char *p;
|
const char *p;
|
||||||
STACK_OF(CONF_MODULE) *mods;
|
STACK_OF(CONF_MODULE) *mods;
|
||||||
|
|
||||||
p = strrchr(name, '.');
|
p = strrchr(name, '.');
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -28,7 +28,7 @@ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|||||||
{
|
{
|
||||||
register DES_LONG v0, v1;
|
register DES_LONG v0, v1;
|
||||||
register long l = length;
|
register long l = length;
|
||||||
register int n = *num;
|
register int n = *num & 0x07;
|
||||||
DES_LONG ti[2];
|
DES_LONG ti[2];
|
||||||
unsigned char *iv, c, cc;
|
unsigned char *iv, c, cc;
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -27,7 +27,7 @@ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|||||||
{
|
{
|
||||||
register DES_LONG v0, v1;
|
register DES_LONG v0, v1;
|
||||||
register long l = length;
|
register long l = length;
|
||||||
register int n = *num;
|
register int n = *num & 0x07;
|
||||||
DES_LONG ti[2];
|
DES_LONG ti[2];
|
||||||
unsigned char *iv, c, cc;
|
unsigned char *iv, c, cc;
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -26,7 +26,7 @@ void DES_ede3_ofb64_encrypt(register const unsigned char *in,
|
|||||||
DES_key_schedule *k3, DES_cblock *ivec, int *num)
|
DES_key_schedule *k3, DES_cblock *ivec, int *num)
|
||||||
{
|
{
|
||||||
register DES_LONG v0, v1;
|
register DES_LONG v0, v1;
|
||||||
register int n = *num;
|
register int n = *num & 0x07;
|
||||||
register long l = length;
|
register long l = length;
|
||||||
DES_cblock d;
|
DES_cblock d;
|
||||||
register char *dp;
|
register char *dp;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -25,7 +25,7 @@ void DES_ofb64_encrypt(register const unsigned char *in,
|
|||||||
DES_key_schedule *schedule, DES_cblock *ivec, int *num)
|
DES_key_schedule *schedule, DES_cblock *ivec, int *num)
|
||||||
{
|
{
|
||||||
register DES_LONG v0, v1, t;
|
register DES_LONG v0, v1, t;
|
||||||
register int n = *num;
|
register int n = *num & 0x07;
|
||||||
register long l = length;
|
register long l = length;
|
||||||
DES_cblock d;
|
DES_cblock d;
|
||||||
register unsigned char *dp;
|
register unsigned char *dp;
|
||||||
|
|||||||
+3
-4
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -76,7 +76,7 @@ ASN1_SEQUENCE(DHvparams) = {
|
|||||||
ASN1_SIMPLE(int_dhvparams, counter, BIGNUM)
|
ASN1_SIMPLE(int_dhvparams, counter, BIGNUM)
|
||||||
} static_ASN1_SEQUENCE_END_name(int_dhvparams, DHvparams)
|
} static_ASN1_SEQUENCE_END_name(int_dhvparams, DHvparams)
|
||||||
|
|
||||||
ASN1_SEQUENCE(DHxparams)
|
ASN1_SEQUENCE(DHxparams)
|
||||||
= {
|
= {
|
||||||
ASN1_SIMPLE(int_dhx942_dh, p, BIGNUM),
|
ASN1_SIMPLE(int_dhx942_dh, p, BIGNUM),
|
||||||
ASN1_SIMPLE(int_dhx942_dh, g, BIGNUM),
|
ASN1_SIMPLE(int_dhx942_dh, g, BIGNUM),
|
||||||
@@ -85,8 +85,7 @@ ASN1_SEQUENCE(DHvparams) = {
|
|||||||
ASN1_OPT(int_dhx942_dh, vparams, DHvparams),
|
ASN1_OPT(int_dhx942_dh, vparams, DHvparams),
|
||||||
} static_ASN1_SEQUENCE_END_name(int_dhx942_dh, DHxparams)
|
} static_ASN1_SEQUENCE_END_name(int_dhx942_dh, DHxparams)
|
||||||
|
|
||||||
int_dhx942_dh
|
int_dhx942_dh *d2i_int_dhx(int_dhx942_dh **a, const unsigned char **pp, long length);
|
||||||
* d2i_int_dhx(int_dhx942_dh * *a, const unsigned char **pp, long length);
|
|
||||||
int i2d_int_dhx(const int_dhx942_dh *a, unsigned char **pp);
|
int i2d_int_dhx(const int_dhx942_dh *a, unsigned char **pp);
|
||||||
|
|
||||||
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(int_dhx942_dh, DHxparams, int_dhx)
|
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(int_dhx942_dh, DHxparams, int_dhx)
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2011-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -43,5 +43,5 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
make_dh(1024_160)
|
make_dh(1024_160)
|
||||||
make_dh(2048_224)
|
make_dh(2048_224)
|
||||||
make_dh(2048_256)
|
make_dh(2048_256)
|
||||||
|
|||||||
+3
-1
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -35,7 +35,9 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
|
|||||||
case DLL_THREAD_ATTACH:
|
case DLL_THREAD_ATTACH:
|
||||||
break;
|
break;
|
||||||
case DLL_THREAD_DETACH:
|
case DLL_THREAD_DETACH:
|
||||||
|
#ifndef __CYGWIN__
|
||||||
OPENSSL_thread_stop();
|
OPENSSL_thread_stop();
|
||||||
|
#endif
|
||||||
break;
|
break;
|
||||||
case DLL_PROCESS_DETACH:
|
case DLL_PROCESS_DETACH:
|
||||||
break;
|
break;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -47,7 +47,7 @@ ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = {
|
|||||||
ASN1_SIMPLE(DSA, priv_key, CBIGNUM)
|
ASN1_SIMPLE(DSA, priv_key, CBIGNUM)
|
||||||
} static_ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey)
|
} static_ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey)
|
||||||
|
|
||||||
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPrivateKey, DSAPrivateKey)
|
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPrivateKey, DSAPrivateKey)
|
||||||
|
|
||||||
ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = {
|
ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = {
|
||||||
ASN1_SIMPLE(DSA, params.p, BIGNUM),
|
ASN1_SIMPLE(DSA, params.p, BIGNUM),
|
||||||
@@ -55,7 +55,7 @@ ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = {
|
|||||||
ASN1_SIMPLE(DSA, params.g, BIGNUM),
|
ASN1_SIMPLE(DSA, params.g, BIGNUM),
|
||||||
} static_ASN1_SEQUENCE_END_cb(DSA, DSAparams)
|
} static_ASN1_SEQUENCE_END_cb(DSA, DSAparams)
|
||||||
|
|
||||||
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAparams, DSAparams)
|
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAparams, DSAparams)
|
||||||
|
|
||||||
ASN1_SEQUENCE_cb(DSAPublicKey, dsa_cb) = {
|
ASN1_SEQUENCE_cb(DSAPublicKey, dsa_cb) = {
|
||||||
ASN1_SIMPLE(DSA, pub_key, BIGNUM),
|
ASN1_SIMPLE(DSA, pub_key, BIGNUM),
|
||||||
@@ -64,7 +64,7 @@ ASN1_SEQUENCE_cb(DSAPublicKey, dsa_cb) = {
|
|||||||
ASN1_SIMPLE(DSA, params.g, BIGNUM)
|
ASN1_SIMPLE(DSA, params.g, BIGNUM)
|
||||||
} static_ASN1_SEQUENCE_END_cb(DSA, DSAPublicKey)
|
} static_ASN1_SEQUENCE_END_cb(DSA, DSAPublicKey)
|
||||||
|
|
||||||
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPublicKey, DSAPublicKey)
|
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPublicKey, DSAPublicKey)
|
||||||
|
|
||||||
DSA *DSAparams_dup(const DSA *dsa)
|
DSA *DSAparams_dup(const DSA *dsa)
|
||||||
{
|
{
|
||||||
|
|||||||
+6
-6
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2002-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -105,7 +105,7 @@ ASN1_SEQUENCE(X9_62_PENTANOMIAL) = {
|
|||||||
ASN1_EMBED(X9_62_PENTANOMIAL, k3, INT32)
|
ASN1_EMBED(X9_62_PENTANOMIAL, k3, INT32)
|
||||||
} static_ASN1_SEQUENCE_END(X9_62_PENTANOMIAL)
|
} static_ASN1_SEQUENCE_END(X9_62_PENTANOMIAL)
|
||||||
|
|
||||||
DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
|
DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
|
||||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
|
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
|
||||||
|
|
||||||
ASN1_ADB_TEMPLATE(char_two_def) = ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.other, ASN1_ANY);
|
ASN1_ADB_TEMPLATE(char_two_def) = ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.other, ASN1_ANY);
|
||||||
@@ -122,7 +122,7 @@ ASN1_SEQUENCE(X9_62_CHARACTERISTIC_TWO) = {
|
|||||||
ASN1_ADB_OBJECT(X9_62_CHARACTERISTIC_TWO)
|
ASN1_ADB_OBJECT(X9_62_CHARACTERISTIC_TWO)
|
||||||
} static_ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO)
|
} static_ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO)
|
||||||
|
|
||||||
DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
|
DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
|
||||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
|
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
|
||||||
|
|
||||||
ASN1_ADB_TEMPLATE(fieldID_def) = ASN1_SIMPLE(X9_62_FIELDID, p.other, ASN1_ANY);
|
ASN1_ADB_TEMPLATE(fieldID_def) = ASN1_SIMPLE(X9_62_FIELDID, p.other, ASN1_ANY);
|
||||||
@@ -137,10 +137,10 @@ ASN1_SEQUENCE(X9_62_FIELDID) = {
|
|||||||
ASN1_ADB_OBJECT(X9_62_FIELDID)
|
ASN1_ADB_OBJECT(X9_62_FIELDID)
|
||||||
} static_ASN1_SEQUENCE_END(X9_62_FIELDID)
|
} static_ASN1_SEQUENCE_END(X9_62_FIELDID)
|
||||||
|
|
||||||
ASN1_SEQUENCE(X9_62_CURVE)
|
ASN1_SEQUENCE(X9_62_CURVE)
|
||||||
= { ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING), ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING), ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING) } static_ASN1_SEQUENCE_END(X9_62_CURVE)
|
= { ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING), ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING), ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING) } static_ASN1_SEQUENCE_END(X9_62_CURVE)
|
||||||
|
|
||||||
ASN1_SEQUENCE(ECPARAMETERS)
|
ASN1_SEQUENCE(ECPARAMETERS)
|
||||||
= { ASN1_EMBED(ECPARAMETERS, version, INT32), ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID), ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE), ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING), ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER), ASN1_OPT(ECPARAMETERS, cofactor, ASN1_INTEGER) } ASN1_SEQUENCE_END(ECPARAMETERS)
|
= { ASN1_EMBED(ECPARAMETERS, version, INT32), ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID), ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE), ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING), ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER), ASN1_OPT(ECPARAMETERS, cofactor, ASN1_INTEGER) } ASN1_SEQUENCE_END(ECPARAMETERS)
|
||||||
|
|
||||||
DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
|
DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
|
||||||
@@ -163,7 +163,7 @@ ASN1_SEQUENCE(EC_PRIVATEKEY) = {
|
|||||||
ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1)
|
ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1)
|
||||||
} static_ASN1_SEQUENCE_END(EC_PRIVATEKEY)
|
} static_ASN1_SEQUENCE_END(EC_PRIVATEKEY)
|
||||||
|
|
||||||
DECLARE_ASN1_FUNCTIONS(EC_PRIVATEKEY)
|
DECLARE_ASN1_FUNCTIONS(EC_PRIVATEKEY)
|
||||||
DECLARE_ASN1_ENCODE_FUNCTIONS_name(EC_PRIVATEKEY, EC_PRIVATEKEY)
|
DECLARE_ASN1_ENCODE_FUNCTIONS_name(EC_PRIVATEKEY, EC_PRIVATEKEY)
|
||||||
IMPLEMENT_ASN1_FUNCTIONS(EC_PRIVATEKEY)
|
IMPLEMENT_ASN1_FUNCTIONS(EC_PRIVATEKEY)
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2002-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -50,7 +50,7 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
|
|||||||
* ECC domain parameter validation.
|
* ECC domain parameter validation.
|
||||||
* See SP800-56A R3 5.5.2 "Assurances of Domain-Parameter Validity" Part 1b.
|
* See SP800-56A R3 5.5.2 "Assurances of Domain-Parameter Validity" Part 1b.
|
||||||
*/
|
*/
|
||||||
return EC_GROUP_check_named_curve(group, 1, ctx) >= 0 ? 1 : 0;
|
return EC_GROUP_check_named_curve(group, 1, ctx) > 0 ? 1 : 0;
|
||||||
#else
|
#else
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
const BIGNUM *order;
|
const BIGNUM *order;
|
||||||
|
|||||||
+3
-1
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2001-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2001-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
@@ -175,6 +175,8 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
|
|||||||
dest->libctx = src->libctx;
|
dest->libctx = src->libctx;
|
||||||
dest->curve_name = src->curve_name;
|
dest->curve_name = src->curve_name;
|
||||||
|
|
||||||
|
EC_pre_comp_free(dest);
|
||||||
|
|
||||||
/* Copy precomputed */
|
/* Copy precomputed */
|
||||||
dest->pre_comp_type = src->pre_comp_type;
|
dest->pre_comp_type = src->pre_comp_type;
|
||||||
switch (src->pre_comp_type) {
|
switch (src->pre_comp_type) {
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -40,6 +40,7 @@
|
|||||||
#include "crypto/cmperr.h"
|
#include "crypto/cmperr.h"
|
||||||
#include "crypto/cterr.h"
|
#include "crypto/cterr.h"
|
||||||
#include "crypto/asyncerr.h"
|
#include "crypto/asyncerr.h"
|
||||||
|
#include "crypto/sm2err.h"
|
||||||
#include "crypto/storeerr.h"
|
#include "crypto/storeerr.h"
|
||||||
#include "crypto/esserr.h"
|
#include "crypto/esserr.h"
|
||||||
#include "internal/propertyerr.h"
|
#include "internal/propertyerr.h"
|
||||||
@@ -104,6 +105,9 @@ int ossl_err_load_crypto_strings(void)
|
|||||||
#endif
|
#endif
|
||||||
|| ossl_err_load_ESS_strings() == 0
|
|| ossl_err_load_ESS_strings() == 0
|
||||||
|| ossl_err_load_ASYNC_strings() == 0
|
|| ossl_err_load_ASYNC_strings() == 0
|
||||||
|
#ifndef OPENSSL_NO_SM2
|
||||||
|
|| ossl_err_load_SM2_strings() == 0
|
||||||
|
#endif
|
||||||
|| ossl_err_load_OSSL_STORE_strings() == 0
|
|| ossl_err_load_OSSL_STORE_strings() == 0
|
||||||
|| ossl_err_load_PROP_strings() == 0
|
|| ossl_err_load_PROP_strings() == 0
|
||||||
|| ossl_err_load_PROV_strings() == 0
|
|| ossl_err_load_PROV_strings() == 0
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
# Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -848,6 +848,7 @@ EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE:191:xts data unit is too large
|
|||||||
EVP_R_XTS_DUPLICATED_KEYS:192:xts duplicated keys
|
EVP_R_XTS_DUPLICATED_KEYS:192:xts duplicated keys
|
||||||
HTTP_R_ASN1_LEN_EXCEEDS_MAX_RESP_LEN:108:asn1 len exceeds max resp len
|
HTTP_R_ASN1_LEN_EXCEEDS_MAX_RESP_LEN:108:asn1 len exceeds max resp len
|
||||||
HTTP_R_CONNECT_FAILURE:100:connect failure
|
HTTP_R_CONNECT_FAILURE:100:connect failure
|
||||||
|
HTTP_R_CONTENT_TYPE_MISMATCH:131:content type mismatch
|
||||||
HTTP_R_ERROR_PARSING_ASN1_LENGTH:109:error parsing asn1 length
|
HTTP_R_ERROR_PARSING_ASN1_LENGTH:109:error parsing asn1 length
|
||||||
HTTP_R_ERROR_PARSING_CONTENT_LENGTH:119:error parsing content length
|
HTTP_R_ERROR_PARSING_CONTENT_LENGTH:119:error parsing content length
|
||||||
HTTP_R_ERROR_PARSING_URL:101:error parsing url
|
HTTP_R_ERROR_PARSING_URL:101:error parsing url
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -21,7 +21,7 @@ ASN1_SEQUENCE(ESS_ISSUER_SERIAL) = {
|
|||||||
ASN1_SIMPLE(ESS_ISSUER_SERIAL, serial, ASN1_INTEGER)
|
ASN1_SIMPLE(ESS_ISSUER_SERIAL, serial, ASN1_INTEGER)
|
||||||
} static_ASN1_SEQUENCE_END(ESS_ISSUER_SERIAL)
|
} static_ASN1_SEQUENCE_END(ESS_ISSUER_SERIAL)
|
||||||
|
|
||||||
IMPLEMENT_ASN1_FUNCTIONS(ESS_ISSUER_SERIAL)
|
IMPLEMENT_ASN1_FUNCTIONS(ESS_ISSUER_SERIAL)
|
||||||
IMPLEMENT_ASN1_DUP_FUNCTION(ESS_ISSUER_SERIAL)
|
IMPLEMENT_ASN1_DUP_FUNCTION(ESS_ISSUER_SERIAL)
|
||||||
|
|
||||||
ASN1_SEQUENCE(ESS_CERT_ID) = {
|
ASN1_SEQUENCE(ESS_CERT_ID) = {
|
||||||
@@ -29,7 +29,7 @@ ASN1_SEQUENCE(ESS_CERT_ID) = {
|
|||||||
ASN1_OPT(ESS_CERT_ID, issuer_serial, ESS_ISSUER_SERIAL)
|
ASN1_OPT(ESS_CERT_ID, issuer_serial, ESS_ISSUER_SERIAL)
|
||||||
} static_ASN1_SEQUENCE_END(ESS_CERT_ID)
|
} static_ASN1_SEQUENCE_END(ESS_CERT_ID)
|
||||||
|
|
||||||
IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID)
|
IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID)
|
||||||
IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID)
|
IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID)
|
||||||
|
|
||||||
ASN1_SEQUENCE(ESS_SIGNING_CERT) = {
|
ASN1_SEQUENCE(ESS_SIGNING_CERT) = {
|
||||||
@@ -46,7 +46,7 @@ ASN1_SEQUENCE(ESS_CERT_ID_V2) = {
|
|||||||
ASN1_OPT(ESS_CERT_ID_V2, issuer_serial, ESS_ISSUER_SERIAL)
|
ASN1_OPT(ESS_CERT_ID_V2, issuer_serial, ESS_ISSUER_SERIAL)
|
||||||
} static_ASN1_SEQUENCE_END(ESS_CERT_ID_V2)
|
} static_ASN1_SEQUENCE_END(ESS_CERT_ID_V2)
|
||||||
|
|
||||||
IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID_V2)
|
IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID_V2)
|
||||||
IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID_V2)
|
IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID_V2)
|
||||||
|
|
||||||
ASN1_SEQUENCE(ESS_SIGNING_CERT_V2) = {
|
ASN1_SEQUENCE(ESS_SIGNING_CERT_V2) = {
|
||||||
|
|||||||
+4
-3
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -872,8 +872,9 @@ const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx)
|
|||||||
if (pctx != NULL
|
if (pctx != NULL
|
||||||
&& (pctx->operation == EVP_PKEY_OP_VERIFYCTX
|
&& (pctx->operation == EVP_PKEY_OP_VERIFYCTX
|
||||||
|| pctx->operation == EVP_PKEY_OP_SIGNCTX)
|
|| pctx->operation == EVP_PKEY_OP_SIGNCTX)
|
||||||
&& pctx->op.sig.algctx != NULL
|
&& pctx->op.sig.signature != NULL
|
||||||
&& pctx->op.sig.signature->gettable_ctx_md_params != NULL)
|
&& pctx->op.sig.signature->gettable_ctx_md_params != NULL
|
||||||
|
&& pctx->op.sig.algctx != NULL)
|
||||||
return pctx->op.sig.signature->gettable_ctx_md_params(
|
return pctx->op.sig.signature->gettable_ctx_md_params(
|
||||||
pctx->op.sig.algctx);
|
pctx->op.sig.algctx);
|
||||||
|
|
||||||
|
|||||||
+28
-28
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2001-2024 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2001-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -2403,14 +2403,14 @@ static int s390x_aes_ocb_ctrl(EVP_CIPHER_CTX *, int type, int arg, void *ptr);
|
|||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define BLOCK_CIPHER_generic_pack(nid, keylen, flags) \
|
#define BLOCK_CIPHER_generic_pack(nid, keylen, flags) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
BLOCK_CIPHER_generic(nid, keylen, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
BLOCK_CIPHER_generic(nid, keylen, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
BLOCK_CIPHER_generic(nid, keylen, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb1, cfb1, CFB, flags) \
|
BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb1, cfb1, CFB, flags) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb8, cfb8, CFB, flags) \
|
BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb8, cfb8, CFB, flags) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags)
|
BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags)
|
||||||
|
|
||||||
static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
@@ -2641,10 +2641,10 @@ static int aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
}
|
}
|
||||||
|
|
||||||
BLOCK_CIPHER_generic_pack(NID_aes, 128, 0)
|
BLOCK_CIPHER_generic_pack(NID_aes, 128, 0)
|
||||||
BLOCK_CIPHER_generic_pack(NID_aes, 192, 0)
|
BLOCK_CIPHER_generic_pack(NID_aes, 192, 0)
|
||||||
BLOCK_CIPHER_generic_pack(NID_aes, 256, 0)
|
BLOCK_CIPHER_generic_pack(NID_aes, 256, 0)
|
||||||
|
|
||||||
static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
|
static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
|
||||||
{
|
{
|
||||||
EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX, c);
|
EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX, c);
|
||||||
if (gctx == NULL)
|
if (gctx == NULL)
|
||||||
@@ -3189,12 +3189,12 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
|
|
||||||
BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM,
|
BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM,
|
||||||
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
||||||
BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM,
|
BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM,
|
||||||
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
||||||
BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM,
|
BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM,
|
||||||
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
||||||
|
|
||||||
static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
|
static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
|
||||||
{
|
{
|
||||||
EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX, c);
|
EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX, c);
|
||||||
|
|
||||||
@@ -3378,9 +3378,9 @@ static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
| EVP_CIPH_CUSTOM_COPY)
|
| EVP_CIPH_CUSTOM_COPY)
|
||||||
|
|
||||||
BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, XTS_FLAGS)
|
BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, XTS_FLAGS)
|
||||||
BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, XTS_FLAGS)
|
BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, XTS_FLAGS)
|
||||||
|
|
||||||
static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
|
static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
|
||||||
{
|
{
|
||||||
EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX, c);
|
EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX, c);
|
||||||
switch (type) {
|
switch (type) {
|
||||||
@@ -3654,12 +3654,12 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
|
|
||||||
BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM,
|
BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM,
|
||||||
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
||||||
BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM,
|
BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM,
|
||||||
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
||||||
BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM,
|
BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM,
|
||||||
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
||||||
|
|
||||||
typedef struct {
|
typedef struct {
|
||||||
union {
|
union {
|
||||||
OSSL_UNION_ALIGN;
|
OSSL_UNION_ALIGN;
|
||||||
AES_KEY ks;
|
AES_KEY ks;
|
||||||
@@ -4146,8 +4146,8 @@ static int aes_ocb_cleanup(EVP_CIPHER_CTX *c)
|
|||||||
|
|
||||||
BLOCK_CIPHER_custom(NID_aes, 128, 16, 12, ocb, OCB,
|
BLOCK_CIPHER_custom(NID_aes, 128, 16, 12, ocb, OCB,
|
||||||
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
||||||
BLOCK_CIPHER_custom(NID_aes, 192, 16, 12, ocb, OCB,
|
BLOCK_CIPHER_custom(NID_aes, 192, 16, 12, ocb, OCB,
|
||||||
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
||||||
BLOCK_CIPHER_custom(NID_aes, 256, 16, 12, ocb, OCB,
|
BLOCK_CIPHER_custom(NID_aes, 256, 16, 12, ocb, OCB,
|
||||||
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
|
||||||
#endif /* OPENSSL_NO_OCB */
|
#endif /* OPENSSL_NO_OCB */
|
||||||
|
|||||||
+11
-11
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2017-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
@@ -194,13 +194,13 @@ static int aria_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
}
|
}
|
||||||
|
|
||||||
BLOCK_CIPHER_generic(NID_aria, 128, 1, 16, ctr, ctr, CTR, 0)
|
BLOCK_CIPHER_generic(NID_aria, 128, 1, 16, ctr, ctr, CTR, 0)
|
||||||
BLOCK_CIPHER_generic(NID_aria, 192, 1, 16, ctr, ctr, CTR, 0)
|
BLOCK_CIPHER_generic(NID_aria, 192, 1, 16, ctr, ctr, CTR, 0)
|
||||||
BLOCK_CIPHER_generic(NID_aria, 256, 1, 16, ctr, ctr, CTR, 0)
|
BLOCK_CIPHER_generic(NID_aria, 256, 1, 16, ctr, ctr, CTR, 0)
|
||||||
|
|
||||||
/* Authenticated cipher modes (GCM/CCM) */
|
/* Authenticated cipher modes (GCM/CCM) */
|
||||||
|
|
||||||
/* increment counter (64-bit int) by 1 */
|
/* increment counter (64-bit int) by 1 */
|
||||||
static void ctr64_inc(unsigned char *counter)
|
static void ctr64_inc(unsigned char *counter)
|
||||||
{
|
{
|
||||||
int n = 8;
|
int n = 8;
|
||||||
unsigned char c;
|
unsigned char c;
|
||||||
@@ -778,11 +778,11 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
}
|
}
|
||||||
|
|
||||||
BLOCK_CIPHER_aead(128, gcm, GCM)
|
BLOCK_CIPHER_aead(128, gcm, GCM)
|
||||||
BLOCK_CIPHER_aead(192, gcm, GCM)
|
BLOCK_CIPHER_aead(192, gcm, GCM)
|
||||||
BLOCK_CIPHER_aead(256, gcm, GCM)
|
BLOCK_CIPHER_aead(256, gcm, GCM)
|
||||||
|
|
||||||
BLOCK_CIPHER_aead(128, ccm, CCM)
|
BLOCK_CIPHER_aead(128, ccm, CCM)
|
||||||
BLOCK_CIPHER_aead(192, ccm, CCM)
|
BLOCK_CIPHER_aead(192, ccm, CCM)
|
||||||
BLOCK_CIPHER_aead(256, ccm, CCM)
|
BLOCK_CIPHER_aead(256, ccm, CCM)
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
+11
-11
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -183,14 +183,14 @@ static int cmll_t4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define BLOCK_CIPHER_generic_pack(nid, keylen, flags) \
|
#define BLOCK_CIPHER_generic_pack(nid, keylen, flags) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
BLOCK_CIPHER_generic(nid, keylen, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
BLOCK_CIPHER_generic(nid, keylen, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
BLOCK_CIPHER_generic(nid, keylen, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb1, cfb1, CFB, flags) \
|
BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb1, cfb1, CFB, flags) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb8, cfb8, CFB, flags) \
|
BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb8, cfb8, CFB, flags) \
|
||||||
BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags)
|
BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags)
|
||||||
|
|
||||||
/* The subkey for Camellia is generated. */
|
/* The subkey for Camellia is generated. */
|
||||||
static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||||
@@ -347,5 +347,5 @@ static int camellia_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
}
|
}
|
||||||
|
|
||||||
BLOCK_CIPHER_generic_pack(NID_camellia, 128, 0)
|
BLOCK_CIPHER_generic_pack(NID_camellia, 128, 0)
|
||||||
BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0)
|
BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0)
|
||||||
BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0)
|
BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0)
|
||||||
|
|||||||
+9
-9
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -197,16 +197,16 @@ BLOCK_CIPHER_defs(des, EVP_DES_KEY, NID_des, 8, 8, 8, 64,
|
|||||||
EVP_CIPH_RAND_KEY, des_init_key, NULL,
|
EVP_CIPH_RAND_KEY, des_init_key, NULL,
|
||||||
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
|
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
|
||||||
|
|
||||||
BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 1,
|
BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 1,
|
||||||
EVP_CIPH_RAND_KEY, des_init_key, NULL,
|
EVP_CIPH_RAND_KEY, des_init_key, NULL,
|
||||||
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
|
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
|
||||||
|
|
||||||
BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 8,
|
BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 8,
|
||||||
EVP_CIPH_RAND_KEY, des_init_key, NULL,
|
EVP_CIPH_RAND_KEY, des_init_key, NULL,
|
||||||
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
|
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
|
||||||
|
|
||||||
static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
DES_cblock *deskey = (DES_cblock *)key;
|
DES_cblock *deskey = (DES_cblock *)key;
|
||||||
EVP_DES_KEY *dat = (EVP_DES_KEY *)EVP_CIPHER_CTX_get_cipher_data(ctx);
|
EVP_DES_KEY *dat = (EVP_DES_KEY *)EVP_CIPHER_CTX_get_cipher_data(ctx);
|
||||||
|
|||||||
+12
-12
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -210,20 +210,20 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
|
|||||||
#define des_ede3_ofb_cipher des_ede_ofb_cipher
|
#define des_ede3_ofb_cipher des_ede_ofb_cipher
|
||||||
#define des_ede3_cbc_cipher des_ede_cbc_cipher
|
#define des_ede3_cbc_cipher des_ede_cbc_cipher
|
||||||
#define des_ede3_ecb_cipher des_ede_ecb_cipher
|
#define des_ede3_ecb_cipher des_ede_ecb_cipher
|
||||||
BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
|
BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
|
||||||
EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1,
|
EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1,
|
||||||
des_ede3_init_key, NULL, NULL, NULL, des3_ctrl)
|
des_ede3_init_key, NULL, NULL, NULL, des3_ctrl)
|
||||||
|
|
||||||
BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1,
|
BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1,
|
||||||
EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1,
|
EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1,
|
||||||
des_ede3_init_key, NULL, NULL, NULL, des3_ctrl)
|
des_ede3_init_key, NULL, NULL, NULL, des3_ctrl)
|
||||||
|
|
||||||
BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8,
|
BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8,
|
||||||
EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1,
|
EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1,
|
||||||
des_ede3_init_key, NULL, NULL, NULL, des3_ctrl)
|
des_ede3_init_key, NULL, NULL, NULL, des3_ctrl)
|
||||||
|
|
||||||
static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
DES_cblock *deskey = (DES_cblock *)key;
|
DES_cblock *deskey = (DES_cblock *)key;
|
||||||
DES_EDE_KEY *dat = data(ctx);
|
DES_EDE_KEY *dat = data(ctx);
|
||||||
|
|||||||
+3
-3
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -54,8 +54,8 @@ BLOCK_CIPHER_func_cbc(idea, IDEA, EVP_IDEA_KEY, ks)
|
|||||||
0, idea_init_key, NULL,
|
0, idea_init_key, NULL,
|
||||||
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
|
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
|
||||||
|
|
||||||
static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
if (!enc) {
|
if (!enc) {
|
||||||
if (EVP_CIPHER_CTX_get_mode(ctx) == EVP_CIPH_OFB_MODE)
|
if (EVP_CIPHER_CTX_get_mode(ctx) == EVP_CIPH_OFB_MODE)
|
||||||
|
|||||||
+7
-7
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2017-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright 2017 Ribose Inc. All Rights Reserved.
|
* Copyright 2017 Ribose Inc. All Rights Reserved.
|
||||||
* Ported from Ribose contributions from Botan.
|
* Ported from Ribose contributions from Botan.
|
||||||
*
|
*
|
||||||
@@ -49,12 +49,12 @@ typedef struct {
|
|||||||
return &sm4_##mode; \
|
return &sm4_##mode; \
|
||||||
}
|
}
|
||||||
|
|
||||||
#define DEFINE_BLOCK_CIPHERS(nid, flags) \
|
#define DEFINE_BLOCK_CIPHERS(nid, flags) \
|
||||||
BLOCK_CIPHER_generic(nid, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
BLOCK_CIPHER_generic(nid, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
||||||
BLOCK_CIPHER_generic(nid, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
BLOCK_CIPHER_generic(nid, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
||||||
BLOCK_CIPHER_generic(nid, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
BLOCK_CIPHER_generic(nid, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
||||||
BLOCK_CIPHER_generic(nid, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
BLOCK_CIPHER_generic(nid, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \
|
||||||
BLOCK_CIPHER_generic(nid, 1, 16, ctr, ctr, CTR, flags)
|
BLOCK_CIPHER_generic(nid, 1, 16, ctr, ctr, CTR, flags)
|
||||||
|
|
||||||
static int sm4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
static int sm4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
|
|||||||
+2
-2
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -689,7 +689,7 @@ static int evp_decodeblock_int(EVP_ENCODE_CTX *ctx, unsigned char *t,
|
|||||||
l = ((((unsigned long)a) << 18L) | (((unsigned long)b) << 12L) | (((unsigned long)c) << 6L) | (((unsigned long)d)));
|
l = ((((unsigned long)a) << 18L) | (((unsigned long)b) << 12L) | (((unsigned long)c) << 6L) | (((unsigned long)d)));
|
||||||
|
|
||||||
if (eof == -1)
|
if (eof == -1)
|
||||||
eof = (f[2] == '=') + (f[3] == '=');
|
eof = (c == '=') + (d == '=');
|
||||||
|
|
||||||
switch (eof) {
|
switch (eof) {
|
||||||
case 2:
|
case 2:
|
||||||
|
|||||||
+11
-1
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -979,6 +979,11 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
|
|||||||
size_t soutl, inl_ = (size_t)inl;
|
size_t soutl, inl_ = (size_t)inl;
|
||||||
int blocksize;
|
int blocksize;
|
||||||
|
|
||||||
|
if (inl < 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
if (ossl_likely(outl != NULL)) {
|
if (ossl_likely(outl != NULL)) {
|
||||||
*outl = 0;
|
*outl = 0;
|
||||||
} else {
|
} else {
|
||||||
@@ -1128,6 +1133,11 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
|
|||||||
size_t soutl, inl_ = (size_t)inl;
|
size_t soutl, inl_ = (size_t)inl;
|
||||||
int blocksize;
|
int blocksize;
|
||||||
|
|
||||||
|
if (inl < 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
if (ossl_likely(outl != NULL)) {
|
if (ossl_likely(outl != NULL)) {
|
||||||
*outl = 0;
|
*outl = 0;
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
+2
-2
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -181,7 +181,7 @@ static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation,
|
|||||||
if (provauthkey != NULL && kem->auth_decapsulate_init != NULL) {
|
if (provauthkey != NULL && kem->auth_decapsulate_init != NULL) {
|
||||||
ret = kem->auth_decapsulate_init(ctx->op.encap.algctx, provkey,
|
ret = kem->auth_decapsulate_init(ctx->op.encap.algctx, provkey,
|
||||||
provauthkey, params);
|
provauthkey, params);
|
||||||
} else if (provauthkey == NULL && kem->encapsulate_init != NULL) {
|
} else if (provauthkey == NULL && kem->decapsulate_init != NULL) {
|
||||||
ret = kem->decapsulate_init(ctx->op.encap.algctx, provkey, params);
|
ret = kem->decapsulate_init(ctx->op.encap.algctx, provkey, params);
|
||||||
} else {
|
} else {
|
||||||
ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
|
ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2024-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -82,9 +82,11 @@
|
|||||||
#if defined(__GNUC__) || defined(__CLANG__)
|
#if defined(__GNUC__) || defined(__CLANG__)
|
||||||
#define PREFETCH_NEIGHBORHOOD(x) __builtin_prefetch(x.entries)
|
#define PREFETCH_NEIGHBORHOOD(x) __builtin_prefetch(x.entries)
|
||||||
#define PREFETCH(x) __builtin_prefetch(x)
|
#define PREFETCH(x) __builtin_prefetch(x)
|
||||||
|
#define ALIGN __attribute__((aligned(8)))
|
||||||
#else
|
#else
|
||||||
#define PREFETCH_NEIGHBORHOOD(x)
|
#define PREFETCH_NEIGHBORHOOD(x)
|
||||||
#define PREFETCH(x)
|
#define PREFETCH(x)
|
||||||
|
#define ALIGN
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -112,7 +114,7 @@ struct ht_internal_value_st {
|
|||||||
struct ht_neighborhood_entry_st {
|
struct ht_neighborhood_entry_st {
|
||||||
uint64_t hash;
|
uint64_t hash;
|
||||||
struct ht_internal_value_st *value;
|
struct ht_internal_value_st *value;
|
||||||
};
|
} ALIGN;
|
||||||
|
|
||||||
struct ht_neighborhood_st {
|
struct ht_neighborhood_st {
|
||||||
struct ht_neighborhood_entry_st entries[NEIGHBORHOOD_LEN];
|
struct ht_neighborhood_entry_st entries[NEIGHBORHOOD_LEN];
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2001-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2001-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright Siemens AG 2018-2020
|
* Copyright Siemens AG 2018-2020
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
@@ -551,6 +551,7 @@ static int may_still_retry(time_t max_time, int *ptimeout)
|
|||||||
int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
|
int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
|
||||||
{
|
{
|
||||||
int i, found_expected_ct = 0, found_keep_alive = 0;
|
int i, found_expected_ct = 0, found_keep_alive = 0;
|
||||||
|
int status_code = 0;
|
||||||
int got_text = 1;
|
int got_text = 1;
|
||||||
long n;
|
long n;
|
||||||
size_t resp_len = 0;
|
size_t resp_len = 0;
|
||||||
@@ -751,8 +752,8 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
|
|||||||
|
|
||||||
/* First line in response header */
|
/* First line in response header */
|
||||||
if (rctx->state == OHS_FIRSTLINE) {
|
if (rctx->state == OHS_FIRSTLINE) {
|
||||||
i = parse_http_line1(buf, &found_keep_alive);
|
status_code = parse_http_line1(buf, &found_keep_alive);
|
||||||
switch (i) {
|
switch (status_code) {
|
||||||
case HTTP_STATUS_CODE_OK:
|
case HTTP_STATUS_CODE_OK:
|
||||||
rctx->state = OHS_HEADERS;
|
rctx->state = OHS_HEADERS;
|
||||||
goto next_line;
|
goto next_line;
|
||||||
@@ -767,7 +768,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
|
|||||||
/* fall through */
|
/* fall through */
|
||||||
default:
|
default:
|
||||||
/* must return content if status >= 400 */
|
/* must return content if status >= 400 */
|
||||||
rctx->state = i < HTTP_STATUS_CODES_NONFATAL_ERROR
|
rctx->state = status_code < HTTP_STATUS_CODES_NONFATAL_ERROR
|
||||||
? OHS_HEADERS_ERROR
|
? OHS_HEADERS_ERROR
|
||||||
: OHS_HEADERS;
|
: OHS_HEADERS;
|
||||||
goto next_line; /* continue parsing, also on HTTP error */
|
goto next_line; /* continue parsing, also on HTTP error */
|
||||||
@@ -797,6 +798,17 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
|
|||||||
}
|
}
|
||||||
if (OPENSSL_strcasecmp(key, "Content-Type") == 0) {
|
if (OPENSSL_strcasecmp(key, "Content-Type") == 0) {
|
||||||
got_text = HAS_CASE_PREFIX(value, "text/");
|
got_text = HAS_CASE_PREFIX(value, "text/");
|
||||||
|
if (got_text
|
||||||
|
&& rctx->state == OHS_HEADERS
|
||||||
|
&& rctx->expect_asn1
|
||||||
|
&& (status_code >= HTTP_STATUS_CODES_NONFATAL_ERROR
|
||||||
|
|| status_code == HTTP_STATUS_CODE_OK)) {
|
||||||
|
ERR_raise_data(ERR_LIB_HTTP, HTTP_R_CONTENT_TYPE_MISMATCH,
|
||||||
|
"expected ASN.1 content but got http code %d with Content-Type: %s",
|
||||||
|
status_code, value);
|
||||||
|
rctx->state = OHS_HEADERS_ERROR;
|
||||||
|
goto next_line;
|
||||||
|
}
|
||||||
if (rctx->state == OHS_HEADERS
|
if (rctx->state == OHS_HEADERS
|
||||||
&& rctx->expected_ct != NULL) {
|
&& rctx->expected_ct != NULL) {
|
||||||
const char *semicolon;
|
const char *semicolon;
|
||||||
@@ -1452,7 +1464,11 @@ int OSSL_HTTP_proxy_connect(BIO *bio, const char *server, const char *port,
|
|||||||
}
|
}
|
||||||
BIO_push(fbio, bio);
|
BIO_push(fbio, bio);
|
||||||
|
|
||||||
BIO_printf(fbio, "CONNECT %s:%s " HTTP_1_0 "\r\n", server, port);
|
/* Add square brackets around a naked IPv6 address */
|
||||||
|
if (server[0] != '[' && strchr(server, ':') != NULL)
|
||||||
|
BIO_printf(fbio, "CONNECT [%s]:%s " HTTP_1_0 "\r\n", server, port);
|
||||||
|
else
|
||||||
|
BIO_printf(fbio, "CONNECT %s:%s " HTTP_1_0 "\r\n", server, port);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Workaround for broken proxies which would otherwise close
|
* Workaround for broken proxies which would otherwise close
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
/*
|
/*
|
||||||
* Generated by util/mkerr.pl DO NOT EDIT
|
* Generated by util/mkerr.pl DO NOT EDIT
|
||||||
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -20,6 +20,8 @@ static const ERR_STRING_DATA HTTP_str_reasons[] = {
|
|||||||
{ ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_ASN1_LEN_EXCEEDS_MAX_RESP_LEN),
|
{ ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_ASN1_LEN_EXCEEDS_MAX_RESP_LEN),
|
||||||
"asn1 len exceeds max resp len" },
|
"asn1 len exceeds max resp len" },
|
||||||
{ ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_CONNECT_FAILURE), "connect failure" },
|
{ ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_CONNECT_FAILURE), "connect failure" },
|
||||||
|
{ ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_CONTENT_TYPE_MISMATCH),
|
||||||
|
"content type mismatch" },
|
||||||
{ ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_ERROR_PARSING_ASN1_LENGTH),
|
{ ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_ERROR_PARSING_ASN1_LENGTH),
|
||||||
"error parsing asn1 length" },
|
"error parsing asn1 length" },
|
||||||
{ ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_ERROR_PARSING_CONTENT_LENGTH),
|
{ ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_ERROR_PARSING_CONTENT_LENGTH),
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2001-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2001-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -55,6 +55,7 @@ int OSSL_parse_url(const char *url, char **pscheme, char **puser, char **phost,
|
|||||||
char **ppath, char **pquery, char **pfrag)
|
char **ppath, char **pquery, char **pfrag)
|
||||||
{
|
{
|
||||||
const char *p, *tmp;
|
const char *p, *tmp;
|
||||||
|
const char *authority_end;
|
||||||
const char *scheme, *scheme_end;
|
const char *scheme, *scheme_end;
|
||||||
const char *user, *user_end;
|
const char *user, *user_end;
|
||||||
const char *host, *host_end;
|
const char *host, *host_end;
|
||||||
@@ -92,7 +93,10 @@ int OSSL_parse_url(const char *url, char **pscheme, char **puser, char **phost,
|
|||||||
|
|
||||||
/* parse optional "userinfo@" */
|
/* parse optional "userinfo@" */
|
||||||
user = user_end = host = p;
|
user = user_end = host = p;
|
||||||
host = strchr(p, '@');
|
authority_end = strpbrk(p, "/?#");
|
||||||
|
if (authority_end == NULL)
|
||||||
|
authority_end = p + strlen(p);
|
||||||
|
host = memchr(p, '@', authority_end - p);
|
||||||
if (host != NULL)
|
if (host != NULL)
|
||||||
user_end = host++;
|
user_end = host++;
|
||||||
else
|
else
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -37,6 +37,7 @@ void IDEA_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|||||||
*num = -1;
|
*num = -1;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
n = n & 0x07;
|
||||||
|
|
||||||
iv = (unsigned char *)ivec;
|
iv = (unsigned char *)ivec;
|
||||||
if (encrypt) {
|
if (encrypt) {
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -39,6 +39,7 @@ void IDEA_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|||||||
*num = -1;
|
*num = -1;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
n = n & 0x07;
|
||||||
|
|
||||||
iv = (unsigned char *)ivec;
|
iv = (unsigned char *)ivec;
|
||||||
n2l(iv, v0);
|
n2l(iv, v0);
|
||||||
|
|||||||
+2
-5
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -275,27 +275,24 @@ DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_digests,
|
|||||||
}
|
}
|
||||||
|
|
||||||
static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT;
|
static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT;
|
||||||
static int config_inited = 0;
|
|
||||||
static const OPENSSL_INIT_SETTINGS *conf_settings = NULL;
|
static const OPENSSL_INIT_SETTINGS *conf_settings = NULL;
|
||||||
DEFINE_RUN_ONCE_STATIC(ossl_init_config)
|
DEFINE_RUN_ONCE_STATIC(ossl_init_config)
|
||||||
{
|
{
|
||||||
int ret = ossl_config_int(NULL);
|
int ret = ossl_config_int(NULL);
|
||||||
|
|
||||||
config_inited = 1;
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_config_settings, ossl_init_config)
|
DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_config_settings, ossl_init_config)
|
||||||
{
|
{
|
||||||
int ret = ossl_config_int(conf_settings);
|
int ret = ossl_config_int(conf_settings);
|
||||||
|
|
||||||
config_inited = 1;
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config)
|
DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config)
|
||||||
{
|
{
|
||||||
OSSL_TRACE(INIT, "ossl_no_config_int()\n");
|
OSSL_TRACE(INIT, "ossl_no_config_int()\n");
|
||||||
ossl_no_config_int();
|
ossl_no_config_int();
|
||||||
config_inited = 1;
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+13
-1
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -200,16 +200,28 @@ static void init_thread_destructor(void *hands)
|
|||||||
}
|
}
|
||||||
|
|
||||||
static CRYPTO_ONCE ossl_init_thread_runonce = CRYPTO_ONCE_STATIC_INIT;
|
static CRYPTO_ONCE ossl_init_thread_runonce = CRYPTO_ONCE_STATIC_INIT;
|
||||||
|
/* MSVC linker can use other segment for uninitialized (zeroed) variables */
|
||||||
|
#if defined(OPENSSL_SYS_WINDOWS)
|
||||||
static CRYPTO_THREAD_ID recursion_guard = (CRYPTO_THREAD_ID)-1;
|
static CRYPTO_THREAD_ID recursion_guard = (CRYPTO_THREAD_ID)-1;
|
||||||
|
#elif defined(OPENSSL_SYS_TANDEM) && (defined(_PUT_MODEL_) || defined(_KLT_MODEL_))
|
||||||
|
static CRYPTO_THREAD_ID recursion_guard = { (void *)-1, (short)-1, (short)-1 };
|
||||||
|
#else
|
||||||
|
static CRYPTO_THREAD_ID recursion_guard = (CRYPTO_THREAD_ID)0;
|
||||||
|
#endif
|
||||||
|
|
||||||
DEFINE_RUN_ONCE_STATIC(ossl_init_thread_once)
|
DEFINE_RUN_ONCE_STATIC(ossl_init_thread_once)
|
||||||
{
|
{
|
||||||
|
/* CRYPTO_THREAD_init_local() can call ossl_init_threads() again */
|
||||||
recursion_guard = CRYPTO_THREAD_get_current_id();
|
recursion_guard = CRYPTO_THREAD_get_current_id();
|
||||||
if (!CRYPTO_THREAD_init_local(&destructor_key.value,
|
if (!CRYPTO_THREAD_init_local(&destructor_key.value,
|
||||||
init_thread_destructor))
|
init_thread_destructor))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
#if defined(OPENSSL_SYS_TANDEM)
|
||||||
|
memset(&recursion_guard, 0, sizeof(recursion_guard));
|
||||||
|
#else
|
||||||
recursion_guard = (CRYPTO_THREAD_ID)0;
|
recursion_guard = (CRYPTO_THREAD_ID)0;
|
||||||
|
#endif
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -409,7 +409,6 @@ my $code.=<<___;
|
|||||||
################################################################################
|
################################################################################
|
||||||
.align 4
|
.align 4
|
||||||
aes_gcm_crypt_1x:
|
aes_gcm_crypt_1x:
|
||||||
.localentry aes_gcm_crypt_1x,0
|
|
||||||
|
|
||||||
cmpdi 5, 16
|
cmpdi 5, 16
|
||||||
bge __More_1x
|
bge __More_1x
|
||||||
@@ -492,7 +491,6 @@ __Encrypt_1x:
|
|||||||
################################################################################
|
################################################################################
|
||||||
.align 4
|
.align 4
|
||||||
__Process_partial:
|
__Process_partial:
|
||||||
.localentry __Process_partial,0
|
|
||||||
|
|
||||||
# create partial mask
|
# create partial mask
|
||||||
vspltisb 16, -1
|
vspltisb 16, -1
|
||||||
@@ -564,7 +562,6 @@ __Encrypt_partial:
|
|||||||
.global ppc_aes_gcm_encrypt
|
.global ppc_aes_gcm_encrypt
|
||||||
.align 5
|
.align 5
|
||||||
ppc_aes_gcm_encrypt:
|
ppc_aes_gcm_encrypt:
|
||||||
.localentry ppc_aes_gcm_encrypt,0
|
|
||||||
|
|
||||||
SAVE_REGS
|
SAVE_REGS
|
||||||
LOAD_HASH_TABLE
|
LOAD_HASH_TABLE
|
||||||
@@ -752,7 +749,6 @@ __Process_more_enc:
|
|||||||
.global ppc_aes_gcm_decrypt
|
.global ppc_aes_gcm_decrypt
|
||||||
.align 5
|
.align 5
|
||||||
ppc_aes_gcm_decrypt:
|
ppc_aes_gcm_decrypt:
|
||||||
.localentry ppc_aes_gcm_decrypt, 0
|
|
||||||
|
|
||||||
SAVE_REGS
|
SAVE_REGS
|
||||||
LOAD_HASH_TABLE
|
LOAD_HASH_TABLE
|
||||||
@@ -1032,7 +1028,6 @@ __Process_more_dec:
|
|||||||
.size ppc_aes_gcm_decrypt,.-ppc_aes_gcm_decrypt
|
.size ppc_aes_gcm_decrypt,.-ppc_aes_gcm_decrypt
|
||||||
|
|
||||||
aes_gcm_out:
|
aes_gcm_out:
|
||||||
.localentry aes_gcm_out,0
|
|
||||||
|
|
||||||
mr 3, 11 # return count
|
mr 3, 11 # return count
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
#! /usr/bin/env perl
|
#! /usr/bin/env perl
|
||||||
# Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2010-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -55,7 +55,7 @@
|
|||||||
# Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software
|
# Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software
|
||||||
# Polynomial Multiplication on ARM Processors using the NEON Engine.
|
# Polynomial Multiplication on ARM Processors using the NEON Engine.
|
||||||
#
|
#
|
||||||
# http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf
|
# https://conradoplg.modp.net/files/2010/12/mocrysen13.pdf
|
||||||
|
|
||||||
# ====================================================================
|
# ====================================================================
|
||||||
# Note about "528B" variant. In ARM case it makes lesser sense to
|
# Note about "528B" variant. In ARM case it makes lesser sense to
|
||||||
|
|||||||
@@ -35,7 +35,7 @@ IF[{- !$disabled{asm} -}]
|
|||||||
$MODESASM_ppc32=ghashp8-ppc.s
|
$MODESASM_ppc32=ghashp8-ppc.s
|
||||||
$MODESDEF_ppc32=
|
$MODESDEF_ppc32=
|
||||||
$MODESASM_ppc64=$MODESASM_ppc32
|
$MODESASM_ppc64=$MODESASM_ppc32
|
||||||
IF[{- $target{sys_id} ne "AIX" && $target{sys_id} ne "MACOSX" -}]
|
IF[{- $target{perlasm_scheme} =~ /le$/ -}]
|
||||||
$MODESASM_ppc64=$MODESASM_ppc32 aes-gcm-ppc.s
|
$MODESASM_ppc64=$MODESASM_ppc32 aes-gcm-ppc.s
|
||||||
ENDIF
|
ENDIF
|
||||||
$MODESDEF_ppc64=$MODESDEF_ppc32
|
$MODESDEF_ppc64=$MODESDEF_ppc32
|
||||||
|
|||||||
+13
-2
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2003-2024 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2003-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -296,6 +296,11 @@ static int buf2hexstr_sep(char *str, size_t str_n, size_t *strlength,
|
|||||||
int has_sep = (sep != CH_ZERO);
|
int has_sep = (sep != CH_ZERO);
|
||||||
size_t i, len = has_sep ? buflen * 3 : 1 + buflen * 2;
|
size_t i, len = has_sep ? buflen * 3 : 1 + buflen * 2;
|
||||||
|
|
||||||
|
if (buflen > (has_sep ? SIZE_MAX / 3 : (SIZE_MAX - 1) / 2)) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_BYTES);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
if (len == 0)
|
if (len == 0)
|
||||||
++len;
|
++len;
|
||||||
if (strlength != NULL)
|
if (strlength != NULL)
|
||||||
@@ -339,7 +344,13 @@ char *ossl_buf2hexstr_sep(const unsigned char *buf, long buflen, char sep)
|
|||||||
if (buflen == 0)
|
if (buflen == 0)
|
||||||
return OPENSSL_zalloc(1);
|
return OPENSSL_zalloc(1);
|
||||||
|
|
||||||
tmp_n = (sep != CH_ZERO) ? buflen * 3 : 1 + buflen * 2;
|
if ((sep != CH_ZERO && (size_t)buflen > SIZE_MAX / 3)
|
||||||
|
|| (sep == CH_ZERO && (size_t)buflen > (SIZE_MAX - 1) / 2)) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_BYTES);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
tmp_n = (sep != CH_ZERO) ? (size_t)buflen * 3 : 1 + (size_t)buflen * 2;
|
||||||
if ((tmp = OPENSSL_malloc(tmp_n)) == NULL)
|
if ((tmp = OPENSSL_malloc(tmp_n)) == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
|
|||||||
+103
-5
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
@@ -121,12 +121,22 @@ void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld)
|
|||||||
|
|
||||||
int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num)
|
int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
|
return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
|
||||||
}
|
}
|
||||||
|
|
||||||
int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
|
int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
|
||||||
unsigned int num)
|
unsigned int num)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return param_push_num(bld, key, &num, sizeof(num),
|
return param_push_num(bld, key, &num, sizeof(num),
|
||||||
OSSL_PARAM_UNSIGNED_INTEGER);
|
OSSL_PARAM_UNSIGNED_INTEGER);
|
||||||
}
|
}
|
||||||
@@ -134,12 +144,22 @@ int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD *bld, const char *key,
|
int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD *bld, const char *key,
|
||||||
long int num)
|
long int num)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
|
return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
|
||||||
}
|
}
|
||||||
|
|
||||||
int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
|
int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
|
||||||
unsigned long int num)
|
unsigned long int num)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return param_push_num(bld, key, &num, sizeof(num),
|
return param_push_num(bld, key, &num, sizeof(num),
|
||||||
OSSL_PARAM_UNSIGNED_INTEGER);
|
OSSL_PARAM_UNSIGNED_INTEGER);
|
||||||
}
|
}
|
||||||
@@ -147,12 +167,22 @@ int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD *bld, const char *key,
|
int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD *bld, const char *key,
|
||||||
int32_t num)
|
int32_t num)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
|
return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
|
||||||
}
|
}
|
||||||
|
|
||||||
int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
|
int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
|
||||||
uint32_t num)
|
uint32_t num)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return param_push_num(bld, key, &num, sizeof(num),
|
return param_push_num(bld, key, &num, sizeof(num),
|
||||||
OSSL_PARAM_UNSIGNED_INTEGER);
|
OSSL_PARAM_UNSIGNED_INTEGER);
|
||||||
}
|
}
|
||||||
@@ -160,12 +190,22 @@ int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD *bld, const char *key,
|
int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD *bld, const char *key,
|
||||||
int64_t num)
|
int64_t num)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
|
return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
|
||||||
}
|
}
|
||||||
|
|
||||||
int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
|
int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
|
||||||
uint64_t num)
|
uint64_t num)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return param_push_num(bld, key, &num, sizeof(num),
|
return param_push_num(bld, key, &num, sizeof(num),
|
||||||
OSSL_PARAM_UNSIGNED_INTEGER);
|
OSSL_PARAM_UNSIGNED_INTEGER);
|
||||||
}
|
}
|
||||||
@@ -173,6 +213,11 @@ int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
|
int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
|
||||||
size_t num)
|
size_t num)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return param_push_num(bld, key, &num, sizeof(num),
|
return param_push_num(bld, key, &num, sizeof(num),
|
||||||
OSSL_PARAM_UNSIGNED_INTEGER);
|
OSSL_PARAM_UNSIGNED_INTEGER);
|
||||||
}
|
}
|
||||||
@@ -180,6 +225,11 @@ int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD *bld, const char *key,
|
int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD *bld, const char *key,
|
||||||
time_t num)
|
time_t num)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return param_push_num(bld, key, &num, sizeof(num),
|
return param_push_num(bld, key, &num, sizeof(num),
|
||||||
OSSL_PARAM_INTEGER);
|
OSSL_PARAM_INTEGER);
|
||||||
}
|
}
|
||||||
@@ -187,6 +237,11 @@ int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD *bld, const char *key,
|
int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD *bld, const char *key,
|
||||||
double num)
|
double num)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
|
return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -196,6 +251,11 @@ static int push_BN(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
int n, secure = 0;
|
int n, secure = 0;
|
||||||
OSSL_PARAM_BLD_DEF *pd;
|
OSSL_PARAM_BLD_DEF *pd;
|
||||||
|
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
if (!ossl_assert(type == OSSL_PARAM_UNSIGNED_INTEGER
|
if (!ossl_assert(type == OSSL_PARAM_UNSIGNED_INTEGER
|
||||||
|| type == OSSL_PARAM_INTEGER))
|
|| type == OSSL_PARAM_INTEGER))
|
||||||
return 0;
|
return 0;
|
||||||
@@ -233,6 +293,11 @@ static int push_BN(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key,
|
int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key,
|
||||||
const BIGNUM *bn)
|
const BIGNUM *bn)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
if (bn != NULL && BN_is_negative(bn))
|
if (bn != NULL && BN_is_negative(bn))
|
||||||
return push_BN(bld, key, bn, BN_num_bytes(bn) + 1,
|
return push_BN(bld, key, bn, BN_num_bytes(bn) + 1,
|
||||||
OSSL_PARAM_INTEGER);
|
OSSL_PARAM_INTEGER);
|
||||||
@@ -243,6 +308,11 @@ int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key,
|
int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key,
|
||||||
const BIGNUM *bn, size_t sz)
|
const BIGNUM *bn, size_t sz)
|
||||||
{
|
{
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
if (bn != NULL && BN_is_negative(bn))
|
if (bn != NULL && BN_is_negative(bn))
|
||||||
return push_BN(bld, key, bn, BN_num_bytes(bn),
|
return push_BN(bld, key, bn, BN_num_bytes(bn),
|
||||||
OSSL_PARAM_INTEGER);
|
OSSL_PARAM_INTEGER);
|
||||||
@@ -255,6 +325,11 @@ int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
OSSL_PARAM_BLD_DEF *pd;
|
OSSL_PARAM_BLD_DEF *pd;
|
||||||
int secure;
|
int secure;
|
||||||
|
|
||||||
|
if (bld == NULL || key == NULL || buf == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
if (bsize == 0)
|
if (bsize == 0)
|
||||||
bsize = strlen(buf);
|
bsize = strlen(buf);
|
||||||
secure = CRYPTO_secure_allocated(buf);
|
secure = CRYPTO_secure_allocated(buf);
|
||||||
@@ -270,6 +345,11 @@ int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
{
|
{
|
||||||
OSSL_PARAM_BLD_DEF *pd;
|
OSSL_PARAM_BLD_DEF *pd;
|
||||||
|
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
if (bsize == 0)
|
if (bsize == 0)
|
||||||
bsize = strlen(buf);
|
bsize = strlen(buf);
|
||||||
pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
|
pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
|
||||||
@@ -285,6 +365,11 @@ int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
OSSL_PARAM_BLD_DEF *pd;
|
OSSL_PARAM_BLD_DEF *pd;
|
||||||
int secure;
|
int secure;
|
||||||
|
|
||||||
|
if (bld == NULL || key == NULL || buf == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
secure = CRYPTO_secure_allocated(buf);
|
secure = CRYPTO_secure_allocated(buf);
|
||||||
pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, secure);
|
pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, secure);
|
||||||
if (pd == NULL)
|
if (pd == NULL)
|
||||||
@@ -298,6 +383,11 @@ int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
|
|||||||
{
|
{
|
||||||
OSSL_PARAM_BLD_DEF *pd;
|
OSSL_PARAM_BLD_DEF *pd;
|
||||||
|
|
||||||
|
if (bld == NULL || key == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
|
pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
|
||||||
if (pd == NULL)
|
if (pd == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
@@ -362,10 +452,18 @@ OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld)
|
|||||||
{
|
{
|
||||||
OSSL_PARAM_ALIGNED_BLOCK *blk, *s = NULL;
|
OSSL_PARAM_ALIGNED_BLOCK *blk, *s = NULL;
|
||||||
OSSL_PARAM *params, *last;
|
OSSL_PARAM *params, *last;
|
||||||
const int num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
|
int num;
|
||||||
const size_t p_blks = ossl_param_bytes_to_blocks((1 + num) * sizeof(*params));
|
size_t p_blks, total, ss;
|
||||||
const size_t total = OSSL_PARAM_ALIGN_SIZE * (p_blks + bld->total_blocks);
|
|
||||||
const size_t ss = OSSL_PARAM_ALIGN_SIZE * bld->secure_blocks;
|
if (bld == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
num = sk_OSSL_PARAM_BLD_DEF_num(bld->params);
|
||||||
|
p_blks = ossl_param_bytes_to_blocks((1 + num) * sizeof(*params));
|
||||||
|
total = OSSL_PARAM_ALIGN_SIZE * (p_blks + bld->total_blocks);
|
||||||
|
ss = OSSL_PARAM_ALIGN_SIZE * bld->secure_blocks;
|
||||||
|
|
||||||
if (ss > 0) {
|
if (ss > 0) {
|
||||||
s = OPENSSL_secure_malloc(ss);
|
s = OPENSSL_secure_malloc(ss);
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
#! /usr/bin/env perl
|
#! /usr/bin/env perl
|
||||||
# Copyright 2005-2025 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2005-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -663,8 +663,7 @@ my %globals;
|
|||||||
);
|
);
|
||||||
|
|
||||||
# Following constants are defined in x86_64 ABI supplement, for
|
# Following constants are defined in x86_64 ABI supplement, for
|
||||||
# example available at https://www.uclibc.org/docs/psABI-x86_64.pdf,
|
# example available at https://gitlab.com/x86-psABIs/x86-64-ABI.
|
||||||
# see section 3.7 "Stack Unwind Algorithm".
|
|
||||||
my %DW_reg_idx = (
|
my %DW_reg_idx = (
|
||||||
"%rax"=>0, "%rdx"=>1, "%rcx"=>2, "%rbx"=>3,
|
"%rax"=>0, "%rdx"=>1, "%rcx"=>2, "%rbx"=>3,
|
||||||
"%rsi"=>4, "%rdi"=>5, "%rbp"=>6, "%rsp"=>7,
|
"%rsi"=>4, "%rdi"=>5, "%rbp"=>6, "%rsp"=>7,
|
||||||
|
|||||||
@@ -519,6 +519,8 @@ int PKCS12_set_pbmac1_pbkdf2(PKCS12 *p12, const char *pass, int passlen,
|
|||||||
X509_ALGOR_free(param->messageAuthScheme);
|
X509_ALGOR_free(param->messageAuthScheme);
|
||||||
param->keyDerivationFunc = alg;
|
param->keyDerivationFunc = alg;
|
||||||
param->messageAuthScheme = hmac_alg;
|
param->messageAuthScheme = hmac_alg;
|
||||||
|
alg = NULL;
|
||||||
|
hmac_alg = NULL;
|
||||||
|
|
||||||
X509_SIG_getm(p12->mac->dinfo, &macalg, &macoct);
|
X509_SIG_getm(p12->mac->dinfo, &macalg, &macoct);
|
||||||
if (!ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(PBMAC1PARAM), param, &macalg->parameter))
|
if (!ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(PBMAC1PARAM), param, &macalg->parameter))
|
||||||
@@ -540,6 +542,8 @@ int PKCS12_set_pbmac1_pbkdf2(PKCS12 *p12, const char *pass, int passlen,
|
|||||||
ret = 1;
|
ret = 1;
|
||||||
|
|
||||||
err:
|
err:
|
||||||
|
X509_ALGOR_free(alg);
|
||||||
|
X509_ALGOR_free(hmac_alg);
|
||||||
PBMAC1PARAM_free(param);
|
PBMAC1PARAM_free(param);
|
||||||
OPENSSL_free(known_salt);
|
OPENSSL_free(known_salt);
|
||||||
return ret;
|
return ret;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1999-2023 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -175,7 +175,7 @@ static int bmp_to_utf8(char *str, const unsigned char *utf16, int len)
|
|||||||
utf32chr += 0x10000;
|
utf32chr += 0x10000;
|
||||||
}
|
}
|
||||||
|
|
||||||
return UTF8_putc((unsigned char *)str, len > 4 ? 4 : len, utf32chr);
|
return UTF8_putc((unsigned char *)str, 4, utf32chr);
|
||||||
}
|
}
|
||||||
|
|
||||||
char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen)
|
char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen)
|
||||||
|
|||||||
@@ -831,6 +831,10 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
|
|||||||
break;
|
break;
|
||||||
case NID_pkcs7_signed:
|
case NID_pkcs7_signed:
|
||||||
si_sk = p7->d.sign->signer_info;
|
si_sk = p7->d.sign->signer_info;
|
||||||
|
if (p7->d.sign->contents == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
os = PKCS7_get_octet_string(p7->d.sign->contents);
|
os = PKCS7_get_octet_string(p7->d.sign->contents);
|
||||||
/* If detached data then the content is excluded */
|
/* If detached data then the content is excluded */
|
||||||
if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
|
if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
|
||||||
@@ -841,6 +845,10 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case NID_pkcs7_digest:
|
case NID_pkcs7_digest:
|
||||||
|
if (p7->d.digest->contents == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
os = PKCS7_get_octet_string(p7->d.digest->contents);
|
os = PKCS7_get_octet_string(p7->d.digest->contents);
|
||||||
/* If detached data then the content is excluded */
|
/* If detached data then the content is excluded */
|
||||||
if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) {
|
if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) {
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -48,7 +48,8 @@ long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
|
|||||||
break;
|
break;
|
||||||
case PKCS7_OP_GET_DETACHED_SIGNATURE:
|
case PKCS7_OP_GET_DETACHED_SIGNATURE:
|
||||||
if (nid == NID_pkcs7_signed) {
|
if (nid == NID_pkcs7_signed) {
|
||||||
if (p7->d.sign == NULL || p7->d.sign->contents->d.ptr == NULL)
|
if (p7->d.sign == NULL || p7->d.sign->contents == NULL
|
||||||
|
|| p7->d.sign->contents->d.ptr == NULL)
|
||||||
ret = 1;
|
ret = 1;
|
||||||
else
|
else
|
||||||
ret = 0;
|
ret = 0;
|
||||||
@@ -742,6 +743,10 @@ int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7)
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case NID_pkcs7_signed:
|
case NID_pkcs7_signed:
|
||||||
|
if (p7->d.sign == NULL || p7->d.sign->contents == NULL) {
|
||||||
|
ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
|
||||||
|
break;
|
||||||
|
}
|
||||||
os = p7->d.sign->contents->d.data;
|
os = p7->d.sign->contents->d.data;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
|||||||
+2
-2
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -268,7 +268,7 @@ int ossl_a2ulabel(const char *in, char *out, size_t outlen)
|
|||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
while (1) {
|
while (1) {
|
||||||
char *tmpptr = strchr(inptr, '.');
|
const char *tmpptr = strchr(inptr, '.');
|
||||||
size_t delta = tmpptr != NULL ? (size_t)(tmpptr - inptr) : strlen(inptr);
|
size_t delta = tmpptr != NULL ? (size_t)(tmpptr - inptr) : strlen(inptr);
|
||||||
|
|
||||||
if (!HAS_PREFIX(inptr, "xn--")) {
|
if (!HAS_PREFIX(inptr, "xn--")) {
|
||||||
|
|||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user