OpenSSL: Merge OpenSSL 1.1.1s
Merge commit 'b6b67f23b82101d4c04c89f81d726b902ab77106'
This commit is contained in:
@@ -7,6 +7,52 @@
|
|||||||
https://github.com/openssl/openssl/commits/ and pick the appropriate
|
https://github.com/openssl/openssl/commits/ and pick the appropriate
|
||||||
release branch.
|
release branch.
|
||||||
|
|
||||||
|
Changes between 1.1.1r and 1.1.1s [1 Nov 2022]
|
||||||
|
|
||||||
|
*) Fixed a regression introduced in 1.1.1r version not refreshing the
|
||||||
|
certificate data to be signed before signing the certificate.
|
||||||
|
|
||||||
|
[Gibeom Gwon]
|
||||||
|
|
||||||
|
Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
|
||||||
|
|
||||||
|
*) Fixed the linux-mips64 Configure target which was missing the
|
||||||
|
SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
|
||||||
|
platform.
|
||||||
|
[Adam Joseph]
|
||||||
|
|
||||||
|
*) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
|
||||||
|
causing incorrect results in some cases as a result.
|
||||||
|
[Paul Dale]
|
||||||
|
|
||||||
|
*) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
|
||||||
|
report correct results in some cases
|
||||||
|
[Matt Caswell]
|
||||||
|
|
||||||
|
*) Fixed a regression introduced in 1.1.1o for re-signing certificates with
|
||||||
|
different key sizes
|
||||||
|
[Todd Short]
|
||||||
|
|
||||||
|
*) Added the loongarch64 target
|
||||||
|
[Shi Pujin]
|
||||||
|
|
||||||
|
*) Fixed a DRBG seed propagation thread safety issue
|
||||||
|
[Bernd Edlinger]
|
||||||
|
|
||||||
|
*) Fixed a memory leak in tls13_generate_secret
|
||||||
|
[Bernd Edlinger]
|
||||||
|
|
||||||
|
*) Fixed reported performance degradation on aarch64. Restored the
|
||||||
|
implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
|
||||||
|
32-bit lane assignment in CTR mode") for 64bit targets only, since it is
|
||||||
|
reportedly 2-17% slower and the silicon errata only affects 32bit targets.
|
||||||
|
The new algorithm is still used for 32 bit targets.
|
||||||
|
[Bernd Edlinger]
|
||||||
|
|
||||||
|
*) Added a missing header for memcmp that caused compilation failure on some
|
||||||
|
platforms
|
||||||
|
[Gregor Jasny]
|
||||||
|
|
||||||
Changes between 1.1.1p and 1.1.1q [5 Jul 2022]
|
Changes between 1.1.1p and 1.1.1q [5 Jul 2022]
|
||||||
|
|
||||||
*) AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised
|
*) AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised
|
||||||
|
|||||||
@@ -5,6 +5,16 @@
|
|||||||
This file gives a brief overview of the major changes between each OpenSSL
|
This file gives a brief overview of the major changes between each OpenSSL
|
||||||
release. For more details please read the CHANGES file.
|
release. For more details please read the CHANGES file.
|
||||||
|
|
||||||
|
Major changes between OpenSSL 1.1.1r and OpenSSL 1.1.1s [1 Nov 2022]
|
||||||
|
|
||||||
|
o Fixed a regression introduced in OpenSSL 1.1.1r not refreshing the
|
||||||
|
certificate data to be signed before signing the certificate.
|
||||||
|
|
||||||
|
Major changes between OpenSSL 1.1.1q and OpenSSL 1.1.1r [11 Oct 2022]
|
||||||
|
|
||||||
|
o Added a missing header for memcmp that caused compilation failure on
|
||||||
|
some platforms
|
||||||
|
|
||||||
Major changes between OpenSSL 1.1.1p and OpenSSL 1.1.1q [5 Jul 2022]
|
Major changes between OpenSSL 1.1.1p and OpenSSL 1.1.1q [5 Jul 2022]
|
||||||
|
|
||||||
o Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms
|
o Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
|
|
||||||
OpenSSL 1.1.1q 5 Jul 2022
|
OpenSSL 1.1.1s 1 Nov 2022
|
||||||
|
|
||||||
Copyright (c) 1998-2022 The OpenSSL Project
|
Copyright (c) 1998-2022 The OpenSSL Project
|
||||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||||
|
|||||||
@@ -1376,7 +1376,8 @@ static IMPLEMENT_LHASH_HASH_FN(index_name, OPENSSL_CSTRING)
|
|||||||
static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING)
|
static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING)
|
||||||
#undef BSIZE
|
#undef BSIZE
|
||||||
#define BSIZE 256
|
#define BSIZE 256
|
||||||
BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai)
|
BIGNUM *load_serial(const char *serialfile, int *exists, int create,
|
||||||
|
ASN1_INTEGER **retai)
|
||||||
{
|
{
|
||||||
BIO *in = NULL;
|
BIO *in = NULL;
|
||||||
BIGNUM *ret = NULL;
|
BIGNUM *ret = NULL;
|
||||||
@@ -1388,6 +1389,8 @@ BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai)
|
|||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
in = BIO_new_file(serialfile, "r");
|
in = BIO_new_file(serialfile, "r");
|
||||||
|
if (exists != NULL)
|
||||||
|
*exists = in != NULL;
|
||||||
if (in == NULL) {
|
if (in == NULL) {
|
||||||
if (!create) {
|
if (!create) {
|
||||||
perror(serialfile);
|
perror(serialfile);
|
||||||
@@ -1395,8 +1398,14 @@ BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai)
|
|||||||
}
|
}
|
||||||
ERR_clear_error();
|
ERR_clear_error();
|
||||||
ret = BN_new();
|
ret = BN_new();
|
||||||
if (ret == NULL || !rand_serial(ret, ai))
|
if (ret == NULL) {
|
||||||
BIO_printf(bio_err, "Out of memory\n");
|
BIO_printf(bio_err, "Out of memory\n");
|
||||||
|
} else if (!rand_serial(ret, ai)) {
|
||||||
|
BIO_printf(bio_err, "Error creating random number to store in %s\n",
|
||||||
|
serialfile);
|
||||||
|
BN_free(ret);
|
||||||
|
ret = NULL;
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
if (!a2i_ASN1_INTEGER(in, ai, buf, 1024)) {
|
if (!a2i_ASN1_INTEGER(in, ai, buf, 1024)) {
|
||||||
BIO_printf(bio_err, "unable to load number from %s\n",
|
BIO_printf(bio_err, "unable to load number from %s\n",
|
||||||
@@ -1416,6 +1425,8 @@ BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai)
|
|||||||
ai = NULL;
|
ai = NULL;
|
||||||
}
|
}
|
||||||
err:
|
err:
|
||||||
|
if (ret == NULL)
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
BIO_free(in);
|
BIO_free(in);
|
||||||
ASN1_INTEGER_free(ai);
|
ASN1_INTEGER_free(ai);
|
||||||
return ret;
|
return ret;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -527,9 +527,12 @@ typedef struct ca_db_st {
|
|||||||
} CA_DB;
|
} CA_DB;
|
||||||
|
|
||||||
void* app_malloc(int sz, const char *what);
|
void* app_malloc(int sz, const char *what);
|
||||||
BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai);
|
|
||||||
int save_serial(const char *serialfile, const char *suffix, const BIGNUM *serial,
|
/* load_serial, save_serial, and rotate_serial are also used for CRL numbers */
|
||||||
|
BIGNUM *load_serial(const char *serialfile, int *exists, int create,
|
||||||
ASN1_INTEGER **retai);
|
ASN1_INTEGER **retai);
|
||||||
|
int save_serial(const char *serialfile, const char *suffix,
|
||||||
|
const BIGNUM *serial, ASN1_INTEGER **retai);
|
||||||
int rotate_serial(const char *serialfile, const char *new_suffix,
|
int rotate_serial(const char *serialfile, const char *new_suffix,
|
||||||
const char *old_suffix);
|
const char *old_suffix);
|
||||||
int rand_serial(BIGNUM *b, ASN1_INTEGER *ai);
|
int rand_serial(BIGNUM *b, ASN1_INTEGER *ai);
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -842,7 +842,8 @@ int ca_main(int argc, char **argv)
|
|||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if ((serial = load_serial(serialfile, create_ser, NULL)) == NULL) {
|
serial = load_serial(serialfile, NULL, create_ser, NULL);
|
||||||
|
if (serial == NULL) {
|
||||||
BIO_printf(bio_err, "error while loading serial number\n");
|
BIO_printf(bio_err, "error while loading serial number\n");
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
@@ -1078,7 +1079,8 @@ int ca_main(int argc, char **argv)
|
|||||||
|
|
||||||
if ((crlnumberfile = NCONF_get_string(conf, section, ENV_CRLNUMBER))
|
if ((crlnumberfile = NCONF_get_string(conf, section, ENV_CRLNUMBER))
|
||||||
!= NULL)
|
!= NULL)
|
||||||
if ((crlnumber = load_serial(crlnumberfile, 0, NULL)) == NULL) {
|
if ((crlnumber = load_serial(crlnumberfile, NULL, 0, NULL))
|
||||||
|
== NULL) {
|
||||||
BIO_printf(bio_err, "error while loading CRL number\n");
|
BIO_printf(bio_err, "error while loading CRL number\n");
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -176,7 +176,7 @@ const OPTIONS ocsp_options[] = {
|
|||||||
{"no_intern", OPT_NO_INTERN, '-',
|
{"no_intern", OPT_NO_INTERN, '-',
|
||||||
"Don't search certificates contained in response for signer"},
|
"Don't search certificates contained in response for signer"},
|
||||||
{"badsig", OPT_BADSIG, '-',
|
{"badsig", OPT_BADSIG, '-',
|
||||||
"Corrupt last byte of loaded OSCP response signature (for test)"},
|
"Corrupt last byte of loaded OCSP response signature (for test)"},
|
||||||
{"text", OPT_TEXT, '-', "Print text form of request and response"},
|
{"text", OPT_TEXT, '-', "Print text form of request and response"},
|
||||||
{"req_text", OPT_REQ_TEXT, '-', "Print text form of request"},
|
{"req_text", OPT_REQ_TEXT, '-', "Print text form of request"},
|
||||||
{"resp_text", OPT_RESP_TEXT, '-', "Print text form of response"},
|
{"resp_text", OPT_RESP_TEXT, '-', "Print text form of response"},
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -74,22 +74,28 @@ int verify_callback(int ok, X509_STORE_CTX *ctx)
|
|||||||
}
|
}
|
||||||
switch (err) {
|
switch (err) {
|
||||||
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
|
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
|
||||||
|
if (err_cert != NULL) {
|
||||||
BIO_puts(bio_err, "issuer= ");
|
BIO_puts(bio_err, "issuer= ");
|
||||||
X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
|
X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
|
||||||
0, get_nameopt());
|
0, get_nameopt());
|
||||||
BIO_puts(bio_err, "\n");
|
BIO_puts(bio_err, "\n");
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case X509_V_ERR_CERT_NOT_YET_VALID:
|
case X509_V_ERR_CERT_NOT_YET_VALID:
|
||||||
case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
|
case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
|
||||||
|
if (err_cert != NULL) {
|
||||||
BIO_printf(bio_err, "notBefore=");
|
BIO_printf(bio_err, "notBefore=");
|
||||||
ASN1_TIME_print(bio_err, X509_get0_notBefore(err_cert));
|
ASN1_TIME_print(bio_err, X509_get0_notBefore(err_cert));
|
||||||
BIO_printf(bio_err, "\n");
|
BIO_printf(bio_err, "\n");
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case X509_V_ERR_CERT_HAS_EXPIRED:
|
case X509_V_ERR_CERT_HAS_EXPIRED:
|
||||||
case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
|
case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
|
||||||
|
if (err_cert != NULL) {
|
||||||
BIO_printf(bio_err, "notAfter=");
|
BIO_printf(bio_err, "notAfter=");
|
||||||
ASN1_TIME_print(bio_err, X509_get0_notAfter(err_cert));
|
ASN1_TIME_print(bio_err, X509_get0_notAfter(err_cert));
|
||||||
BIO_printf(bio_err, "\n");
|
BIO_printf(bio_err, "\n");
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case X509_V_ERR_NO_EXPLICIT_POLICY:
|
case X509_V_ERR_NO_EXPLICIT_POLICY:
|
||||||
if (!verify_args.quiet)
|
if (!verify_args.quiet)
|
||||||
|
|||||||
@@ -400,7 +400,7 @@ int x509_main(int argc, char **argv)
|
|||||||
aliasout = ++num;
|
aliasout = ++num;
|
||||||
break;
|
break;
|
||||||
case OPT_CACREATESERIAL:
|
case OPT_CACREATESERIAL:
|
||||||
CA_createserial = ++num;
|
CA_createserial = 1;
|
||||||
break;
|
break;
|
||||||
case OPT_CLREXT:
|
case OPT_CLREXT:
|
||||||
clrext = 1;
|
clrext = 1;
|
||||||
@@ -590,7 +590,7 @@ int x509_main(int argc, char **argv)
|
|||||||
xca = load_cert(CAfile, CAformat, "CA Certificate");
|
xca = load_cert(CAfile, CAformat, "CA Certificate");
|
||||||
if (xca == NULL)
|
if (xca == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
if (!X509_set_issuer_name(x, X509_get_subject_name(xca)))
|
if (reqfile && !X509_set_issuer_name(x, X509_get_subject_name(xca)))
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -916,6 +916,7 @@ static ASN1_INTEGER *x509_load_serial(const char *CAfile,
|
|||||||
char *buf = NULL;
|
char *buf = NULL;
|
||||||
ASN1_INTEGER *bs = NULL;
|
ASN1_INTEGER *bs = NULL;
|
||||||
BIGNUM *serial = NULL;
|
BIGNUM *serial = NULL;
|
||||||
|
int defaultfile = 0, file_exists;
|
||||||
|
|
||||||
if (serialfile == NULL) {
|
if (serialfile == NULL) {
|
||||||
const char *p = strrchr(CAfile, '.');
|
const char *p = strrchr(CAfile, '.');
|
||||||
@@ -925,9 +926,10 @@ static ASN1_INTEGER *x509_load_serial(const char *CAfile,
|
|||||||
memcpy(buf, CAfile, len);
|
memcpy(buf, CAfile, len);
|
||||||
memcpy(buf + len, POSTFIX, sizeof(POSTFIX));
|
memcpy(buf + len, POSTFIX, sizeof(POSTFIX));
|
||||||
serialfile = buf;
|
serialfile = buf;
|
||||||
|
defaultfile = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
serial = load_serial(serialfile, create, NULL);
|
serial = load_serial(serialfile, &file_exists, create || defaultfile, NULL);
|
||||||
if (serial == NULL)
|
if (serial == NULL)
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
@@ -936,8 +938,10 @@ static ASN1_INTEGER *x509_load_serial(const char *CAfile,
|
|||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!save_serial(serialfile, NULL, serial, &bs))
|
if (file_exists || create)
|
||||||
goto end;
|
save_serial(serialfile, NULL, serial, &bs);
|
||||||
|
else
|
||||||
|
bs = BN_to_ASN1_INTEGER(serial, NULL);
|
||||||
|
|
||||||
end:
|
end:
|
||||||
OPENSSL_free(buf);
|
OPENSSL_free(buf);
|
||||||
@@ -989,6 +993,8 @@ static int x509_certify(X509_STORE *ctx, const char *CAfile, const EVP_MD *diges
|
|||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!X509_set_issuer_name(x, X509_get_subject_name(xca)))
|
||||||
|
goto end;
|
||||||
if (!X509_set_serialNumber(x, bs))
|
if (!X509_set_serialNumber(x, bs))
|
||||||
goto end;
|
goto end;
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
#! /usr/bin/env perl
|
#! /usr/bin/env perl
|
||||||
# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2014-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -740,6 +740,21 @@ $code.=<<___;
|
|||||||
#ifndef __ARMEB__
|
#ifndef __ARMEB__
|
||||||
rev $ctr, $ctr
|
rev $ctr, $ctr
|
||||||
#endif
|
#endif
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($flavour =~ /64/);
|
||||||
|
vorr $dat1,$dat0,$dat0
|
||||||
|
add $tctr1, $ctr, #1
|
||||||
|
vorr $dat2,$dat0,$dat0
|
||||||
|
add $ctr, $ctr, #2
|
||||||
|
vorr $ivec,$dat0,$dat0
|
||||||
|
rev $tctr1, $tctr1
|
||||||
|
vmov.32 ${dat1}[3],$tctr1
|
||||||
|
b.ls .Lctr32_tail
|
||||||
|
rev $tctr2, $ctr
|
||||||
|
sub $len,$len,#3 // bias
|
||||||
|
vmov.32 ${dat2}[3],$tctr2
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($flavour !~ /64/);
|
||||||
add $tctr1, $ctr, #1
|
add $tctr1, $ctr, #1
|
||||||
vorr $ivec,$dat0,$dat0
|
vorr $ivec,$dat0,$dat0
|
||||||
rev $tctr1, $tctr1
|
rev $tctr1, $tctr1
|
||||||
@@ -751,6 +766,8 @@ $code.=<<___;
|
|||||||
vmov.32 ${ivec}[3],$tctr2
|
vmov.32 ${ivec}[3],$tctr2
|
||||||
sub $len,$len,#3 // bias
|
sub $len,$len,#3 // bias
|
||||||
vorr $dat2,$ivec,$ivec
|
vorr $dat2,$ivec,$ivec
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
b .Loop3x_ctr32
|
b .Loop3x_ctr32
|
||||||
|
|
||||||
.align 4
|
.align 4
|
||||||
@@ -777,11 +794,25 @@ $code.=<<___;
|
|||||||
aese $dat1,q8
|
aese $dat1,q8
|
||||||
aesmc $tmp1,$dat1
|
aesmc $tmp1,$dat1
|
||||||
vld1.8 {$in0},[$inp],#16
|
vld1.8 {$in0},[$inp],#16
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($flavour =~ /64/);
|
||||||
|
vorr $dat0,$ivec,$ivec
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($flavour !~ /64/);
|
||||||
add $tctr0,$ctr,#1
|
add $tctr0,$ctr,#1
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
aese $dat2,q8
|
aese $dat2,q8
|
||||||
aesmc $dat2,$dat2
|
aesmc $dat2,$dat2
|
||||||
vld1.8 {$in1},[$inp],#16
|
vld1.8 {$in1},[$inp],#16
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($flavour =~ /64/);
|
||||||
|
vorr $dat1,$ivec,$ivec
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($flavour !~ /64/);
|
||||||
rev $tctr0,$tctr0
|
rev $tctr0,$tctr0
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
aese $tmp0,q9
|
aese $tmp0,q9
|
||||||
aesmc $tmp0,$tmp0
|
aesmc $tmp0,$tmp0
|
||||||
aese $tmp1,q9
|
aese $tmp1,q9
|
||||||
@@ -790,6 +821,12 @@ $code.=<<___;
|
|||||||
mov $key_,$key
|
mov $key_,$key
|
||||||
aese $dat2,q9
|
aese $dat2,q9
|
||||||
aesmc $tmp2,$dat2
|
aesmc $tmp2,$dat2
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($flavour =~ /64/);
|
||||||
|
vorr $dat2,$ivec,$ivec
|
||||||
|
add $tctr0,$ctr,#1
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
aese $tmp0,q12
|
aese $tmp0,q12
|
||||||
aesmc $tmp0,$tmp0
|
aesmc $tmp0,$tmp0
|
||||||
aese $tmp1,q12
|
aese $tmp1,q12
|
||||||
@@ -805,22 +842,47 @@ $code.=<<___;
|
|||||||
aese $tmp1,q13
|
aese $tmp1,q13
|
||||||
aesmc $tmp1,$tmp1
|
aesmc $tmp1,$tmp1
|
||||||
veor $in2,$in2,$rndlast
|
veor $in2,$in2,$rndlast
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($flavour =~ /64/);
|
||||||
|
rev $tctr0,$tctr0
|
||||||
|
aese $tmp2,q13
|
||||||
|
aesmc $tmp2,$tmp2
|
||||||
|
vmov.32 ${dat0}[3], $tctr0
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($flavour !~ /64/);
|
||||||
vmov.32 ${ivec}[3], $tctr0
|
vmov.32 ${ivec}[3], $tctr0
|
||||||
aese $tmp2,q13
|
aese $tmp2,q13
|
||||||
aesmc $tmp2,$tmp2
|
aesmc $tmp2,$tmp2
|
||||||
vorr $dat0,$ivec,$ivec
|
vorr $dat0,$ivec,$ivec
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
rev $tctr1,$tctr1
|
rev $tctr1,$tctr1
|
||||||
aese $tmp0,q14
|
aese $tmp0,q14
|
||||||
aesmc $tmp0,$tmp0
|
aesmc $tmp0,$tmp0
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($flavour !~ /64/);
|
||||||
vmov.32 ${ivec}[3], $tctr1
|
vmov.32 ${ivec}[3], $tctr1
|
||||||
rev $tctr2,$ctr
|
rev $tctr2,$ctr
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
aese $tmp1,q14
|
aese $tmp1,q14
|
||||||
aesmc $tmp1,$tmp1
|
aesmc $tmp1,$tmp1
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($flavour =~ /64/);
|
||||||
|
vmov.32 ${dat1}[3], $tctr1
|
||||||
|
rev $tctr2,$ctr
|
||||||
|
aese $tmp2,q14
|
||||||
|
aesmc $tmp2,$tmp2
|
||||||
|
vmov.32 ${dat2}[3], $tctr2
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($flavour !~ /64/);
|
||||||
vorr $dat1,$ivec,$ivec
|
vorr $dat1,$ivec,$ivec
|
||||||
vmov.32 ${ivec}[3], $tctr2
|
vmov.32 ${ivec}[3], $tctr2
|
||||||
aese $tmp2,q14
|
aese $tmp2,q14
|
||||||
aesmc $tmp2,$tmp2
|
aesmc $tmp2,$tmp2
|
||||||
vorr $dat2,$ivec,$ivec
|
vorr $dat2,$ivec,$ivec
|
||||||
|
___
|
||||||
|
$code.=<<___;
|
||||||
subs $len,$len,#3
|
subs $len,$len,#3
|
||||||
aese $tmp0,q15
|
aese $tmp0,q15
|
||||||
aese $tmp1,q15
|
aese $tmp1,q15
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
#! /usr/bin/env perl
|
#! /usr/bin/env perl
|
||||||
# Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -7,6 +7,9 @@
|
|||||||
# https://www.openssl.org/source/license.html
|
# https://www.openssl.org/source/license.html
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
|
use FindBin;
|
||||||
|
use lib "$FindBin::Bin/../../util/perl";
|
||||||
|
use OpenSSL::copyright;
|
||||||
|
|
||||||
my ($i, @arr);
|
my ($i, @arr);
|
||||||
|
|
||||||
@@ -82,8 +85,8 @@ $arr[ord("?")] |= $PSTRING_CHAR;
|
|||||||
|
|
||||||
# Now generate the C code
|
# Now generate the C code
|
||||||
|
|
||||||
# Output year depends on the year of the script.
|
# Year the file was generated.
|
||||||
my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900;
|
my $YEAR = OpenSSL::copyright::year_of($0);
|
||||||
print <<EOF;
|
print <<EOF;
|
||||||
/*
|
/*
|
||||||
* WARNING: do not edit!
|
* WARNING: do not edit!
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -249,17 +249,28 @@ const BIGNUM *BN_get0_nist_prime_521(void)
|
|||||||
return &_bignum_nist_p_521;
|
return &_bignum_nist_p_521;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void nist_cp_bn_0(BN_ULONG *dst, const BN_ULONG *src, int top, int max)
|
/*
|
||||||
{
|
* To avoid more recent compilers (specifically clang-14) from treating this
|
||||||
int i;
|
* code as a violation of the strict aliasing conditions and omiting it, this
|
||||||
|
* cannot be declared as a function. Moreover, the dst parameter cannot be
|
||||||
#ifdef BN_DEBUG
|
* cached in a local since this no longer references the union and again falls
|
||||||
(void)ossl_assert(top <= max);
|
* foul of the strict aliasing criteria. Refer to #18225 for the initial
|
||||||
#endif
|
* diagnostics and llvm/llvm-project#55255 for the later discussions with the
|
||||||
for (i = 0; i < top; i++)
|
* LLVM developers. The problem boils down to if an array in the union is
|
||||||
dst[i] = src[i];
|
* converted to a pointer or if it is used directly.
|
||||||
for (; i < max; i++)
|
*
|
||||||
dst[i] = 0;
|
* This function was inlined regardless, so there is no space cost to be
|
||||||
|
* paid for making it a macro.
|
||||||
|
*/
|
||||||
|
#define nist_cp_bn_0(dst, src_in, top, max) \
|
||||||
|
{ \
|
||||||
|
int ii; \
|
||||||
|
const BN_ULONG *src = src_in; \
|
||||||
|
\
|
||||||
|
for (ii = 0; ii < top; ii++) \
|
||||||
|
(dst)[ii] = src[ii]; \
|
||||||
|
for (; ii < max; ii++) \
|
||||||
|
(dst)[ii] = 0; \
|
||||||
}
|
}
|
||||||
|
|
||||||
static void nist_cp_bn(BN_ULONG *dst, const BN_ULONG *src, int top)
|
static void nist_cp_bn(BN_ULONG *dst, const BN_ULONG *src, int top)
|
||||||
|
|||||||
@@ -1,13 +1,16 @@
|
|||||||
#! /usr/bin/env perl
|
#! /usr/bin/env perl
|
||||||
# Copyright 1998-2019 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 1998-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
# in the file LICENSE in the source distribution or at
|
# in the file LICENSE in the source distribution or at
|
||||||
# https://www.openssl.org/source/license.html
|
# https://www.openssl.org/source/license.html
|
||||||
|
use FindBin;
|
||||||
|
use lib "$FindBin::Bin/../../util/perl";
|
||||||
|
use OpenSSL::copyright;
|
||||||
|
|
||||||
# Output year depends on the year of the script.
|
# The year the output file is generated.
|
||||||
my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900;
|
my $YEAR = OpenSSL::copyright::year_of($0);
|
||||||
print <<"EOF";
|
print <<"EOF";
|
||||||
/*
|
/*
|
||||||
* WARNING: do not edit!
|
* WARNING: do not edit!
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
#! /usr/bin/env perl
|
#! /usr/bin/env perl
|
||||||
# Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -8,6 +8,9 @@
|
|||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use warnings;
|
use warnings;
|
||||||
|
use FindBin;
|
||||||
|
use lib "$FindBin::Bin/../../util/perl";
|
||||||
|
use OpenSSL::copyright;
|
||||||
|
|
||||||
my $NUMBER = 0x0001;
|
my $NUMBER = 0x0001;
|
||||||
my $UPPER = 0x0002;
|
my $UPPER = 0x0002;
|
||||||
@@ -54,9 +57,8 @@ foreach (0 .. 127) {
|
|||||||
push(@V_w32, $v);
|
push(@V_w32, $v);
|
||||||
}
|
}
|
||||||
|
|
||||||
# Output year depends on the year of the script.
|
# The year the output file is generated.
|
||||||
my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900;
|
my $YEAR = OpenSSL::copyright::year_of($0);
|
||||||
|
|
||||||
print <<"EOF";
|
print <<"EOF";
|
||||||
/*
|
/*
|
||||||
* WARNING: do not edit!
|
* WARNING: do not edit!
|
||||||
|
|||||||
@@ -443,6 +443,16 @@ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key)
|
|||||||
&& key->meth->set_private(key, priv_key) == 0)
|
&& key->meth->set_private(key, priv_key) == 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Return `0` to comply with legacy behavior for this function, see
|
||||||
|
* https://github.com/openssl/openssl/issues/18744#issuecomment-1195175696
|
||||||
|
*/
|
||||||
|
if (priv_key == NULL) {
|
||||||
|
BN_clear_free(key->priv_key);
|
||||||
|
key->priv_key = NULL;
|
||||||
|
return 0; /* intentional for legacy compatibility */
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* We should never leak the bit length of the secret scalar in the key,
|
* We should never leak the bit length of the secret scalar in the key,
|
||||||
* so we always set the `BN_FLG_CONSTTIME` flag on the internal `BIGNUM`
|
* so we always set the `BN_FLG_CONSTTIME` flag on the internal `BIGNUM`
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
#! /usr/bin/env perl
|
#! /usr/bin/env perl
|
||||||
# Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -9,6 +9,9 @@
|
|||||||
use integer;
|
use integer;
|
||||||
use strict;
|
use strict;
|
||||||
use warnings;
|
use warnings;
|
||||||
|
use FindBin;
|
||||||
|
use lib "$FindBin::Bin/../../util/perl";
|
||||||
|
use OpenSSL::copyright;
|
||||||
|
|
||||||
# Generate the DER encoding for the given OID.
|
# Generate the DER encoding for the given OID.
|
||||||
sub der_it
|
sub der_it
|
||||||
@@ -36,10 +39,8 @@ sub der_it
|
|||||||
return $ret;
|
return $ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Output year depends on the year of the script and the input file.
|
# The year the output file is generated.
|
||||||
my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900;
|
my $YEAR = OpenSSL::copyright::latest(($0, $ARGV[0]));
|
||||||
my $iYEAR = [localtime([stat($ARGV[0])]->[9])]->[5] + 1900;
|
|
||||||
$YEAR = $iYEAR if $iYEAR > $YEAR;
|
|
||||||
|
|
||||||
# Read input, parse all #define's into OID name and value.
|
# Read input, parse all #define's into OID name and value.
|
||||||
# Populate %ln and %sn with long and short names (%dupln and %dupsn)
|
# Populate %ln and %sn with long and short names (%dupln and %dupsn)
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
#! /usr/bin/env perl
|
#! /usr/bin/env perl
|
||||||
# Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -7,16 +7,15 @@
|
|||||||
# https://www.openssl.org/source/license.html
|
# https://www.openssl.org/source/license.html
|
||||||
|
|
||||||
use Getopt::Std;
|
use Getopt::Std;
|
||||||
|
use FindBin;
|
||||||
|
use lib "$FindBin::Bin/../../util/perl";
|
||||||
|
use OpenSSL::copyright;
|
||||||
|
|
||||||
our($opt_n);
|
our($opt_n);
|
||||||
getopts('n');
|
getopts('n');
|
||||||
|
|
||||||
# Output year depends on the year of the script and the input file.
|
# The year the output file is generated.
|
||||||
my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900;
|
my $YEAR = OpenSSL::copyright::latest(($0, $ARGV[1], $ARGV[0]));
|
||||||
my $iYEAR = [localtime([stat($ARGV[0])]->[9])]->[5] + 1900;
|
|
||||||
$YEAR = $iYEAR if $iYEAR > $YEAR;
|
|
||||||
$iYEAR = [localtime([stat($ARGV[1])]->[9])]->[5] + 1900;
|
|
||||||
$YEAR = $iYEAR if $iYEAR > $YEAR;
|
|
||||||
|
|
||||||
open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]";
|
open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]";
|
||||||
$max_nid=0;
|
$max_nid=0;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
#! /usr/bin/env perl
|
#! /usr/bin/env perl
|
||||||
# Copyright 1998-2019 The OpenSSL Project Authors. All Rights Reserved.
|
# Copyright 1998-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
#
|
#
|
||||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
# this file except in compliance with the License. You can obtain a copy
|
# this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -8,18 +8,17 @@
|
|||||||
|
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
|
use FindBin;
|
||||||
|
use lib "$FindBin::Bin/../../util/perl";
|
||||||
|
use OpenSSL::copyright;
|
||||||
|
|
||||||
my %xref_tbl;
|
my %xref_tbl;
|
||||||
my %oid_tbl;
|
my %oid_tbl;
|
||||||
|
|
||||||
my ($mac_file, $xref_file) = @ARGV;
|
my ($mac_file, $xref_file) = @ARGV;
|
||||||
|
|
||||||
# Output year depends on the year of the script and the input file.
|
# The year the output file is generated.
|
||||||
my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900;
|
my $YEAR = OpenSSL::copyright::latest(($0, $mac_file, $xref_file));
|
||||||
my $iYEAR = [localtime([stat($mac_file)]->[9])]->[5] + 1900;
|
|
||||||
$YEAR = $iYEAR if $iYEAR > $YEAR;
|
|
||||||
$iYEAR = [localtime([stat($xref_file)]->[9])]->[5] + 1900;
|
|
||||||
$YEAR = $iYEAR if $iYEAR > $YEAR;
|
|
||||||
|
|
||||||
open(IN, $mac_file) || die "Can't open $mac_file, $!\n";
|
open(IN, $mac_file) || die "Can't open $mac_file, $!\n";
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -621,7 +621,7 @@ int PEM_write_bio(BIO *bp, const char *name, const char *header,
|
|||||||
(BIO_write(bp, "-----\n", 6) != 6))
|
(BIO_write(bp, "-----\n", 6) != 6))
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
i = strlen(header);
|
i = header != NULL ? strlen(header) : 0;
|
||||||
if (i > 0) {
|
if (i > 0) {
|
||||||
if ((BIO_write(bp, header, i) != i) || (BIO_write(bp, "\n", 1) != 1))
|
if ((BIO_write(bp, header, i) != i) || (BIO_write(bp, "\n", 1) != 1))
|
||||||
goto err;
|
goto err;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2011-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -354,13 +354,8 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
|
|||||||
drbg->state = DRBG_READY;
|
drbg->state = DRBG_READY;
|
||||||
drbg->generate_counter = 1;
|
drbg->generate_counter = 1;
|
||||||
drbg->reseed_time = time(NULL);
|
drbg->reseed_time = time(NULL);
|
||||||
if (drbg->enable_reseed_propagation) {
|
if (drbg->enable_reseed_propagation && drbg->parent == NULL)
|
||||||
if (drbg->parent == NULL)
|
|
||||||
tsan_counter(&drbg->reseed_counter);
|
tsan_counter(&drbg->reseed_counter);
|
||||||
else
|
|
||||||
tsan_store(&drbg->reseed_counter,
|
|
||||||
tsan_load(&drbg->parent->reseed_counter));
|
|
||||||
}
|
|
||||||
|
|
||||||
end:
|
end:
|
||||||
if (entropy != NULL && drbg->cleanup_entropy != NULL)
|
if (entropy != NULL && drbg->cleanup_entropy != NULL)
|
||||||
@@ -444,13 +439,8 @@ int RAND_DRBG_reseed(RAND_DRBG *drbg,
|
|||||||
drbg->state = DRBG_READY;
|
drbg->state = DRBG_READY;
|
||||||
drbg->generate_counter = 1;
|
drbg->generate_counter = 1;
|
||||||
drbg->reseed_time = time(NULL);
|
drbg->reseed_time = time(NULL);
|
||||||
if (drbg->enable_reseed_propagation) {
|
if (drbg->enable_reseed_propagation && drbg->parent == NULL)
|
||||||
if (drbg->parent == NULL)
|
|
||||||
tsan_counter(&drbg->reseed_counter);
|
tsan_counter(&drbg->reseed_counter);
|
||||||
else
|
|
||||||
tsan_store(&drbg->reseed_counter,
|
|
||||||
tsan_load(&drbg->parent->reseed_counter));
|
|
||||||
}
|
|
||||||
|
|
||||||
end:
|
end:
|
||||||
if (entropy != NULL && drbg->cleanup_entropy != NULL)
|
if (entropy != NULL && drbg->cleanup_entropy != NULL)
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -172,8 +172,12 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
|
|||||||
if (RAND_DRBG_generate(drbg->parent,
|
if (RAND_DRBG_generate(drbg->parent,
|
||||||
buffer, bytes_needed,
|
buffer, bytes_needed,
|
||||||
prediction_resistance,
|
prediction_resistance,
|
||||||
(unsigned char *)&drbg, sizeof(drbg)) != 0)
|
(unsigned char *)&drbg, sizeof(drbg)) != 0) {
|
||||||
bytes = bytes_needed;
|
bytes = bytes_needed;
|
||||||
|
if (drbg->enable_reseed_propagation)
|
||||||
|
tsan_store(&drbg->reseed_counter,
|
||||||
|
tsan_load(&drbg->parent->reseed_counter));
|
||||||
|
}
|
||||||
rand_drbg_unlock(drbg->parent);
|
rand_drbg_unlock(drbg->parent);
|
||||||
|
|
||||||
rand_pool_add_end(pool, bytes, 8 * bytes);
|
rand_pool_add_end(pool, bytes, 8 * bytes);
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -167,7 +167,9 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
|
|||||||
ext = X509_ATTRIBUTE_get0_type(attr, 0);
|
ext = X509_ATTRIBUTE_get0_type(attr, 0);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (!ext || (ext->type != V_ASN1_SEQUENCE))
|
if (ext == NULL) /* no extensions is not an error */
|
||||||
|
return sk_X509_EXTENSION_new_null();
|
||||||
|
if (ext->type != V_ASN1_SEQUENCE)
|
||||||
return NULL;
|
return NULL;
|
||||||
p = ext->value.sequence->data;
|
p = ext->value.sequence->data;
|
||||||
return (STACK_OF(X509_EXTENSION) *)
|
return (STACK_OF(X509_EXTENSION) *)
|
||||||
@@ -227,44 +229,52 @@ X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc)
|
|||||||
|
|
||||||
X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc)
|
X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc)
|
||||||
{
|
{
|
||||||
return X509at_delete_attr(req->req_info.attributes, loc);
|
X509_ATTRIBUTE *attr = X509at_delete_attr(req->req_info.attributes, loc);
|
||||||
|
|
||||||
|
if (attr != NULL)
|
||||||
|
req->req_info.enc.modified = 1;
|
||||||
|
return attr;
|
||||||
}
|
}
|
||||||
|
|
||||||
int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
|
int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
|
||||||
{
|
{
|
||||||
if (X509at_add1_attr(&req->req_info.attributes, attr))
|
if (!X509at_add1_attr(&req->req_info.attributes, attr))
|
||||||
return 1;
|
|
||||||
return 0;
|
return 0;
|
||||||
|
req->req_info.enc.modified = 1;
|
||||||
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
|
int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
|
||||||
const ASN1_OBJECT *obj, int type,
|
const ASN1_OBJECT *obj, int type,
|
||||||
const unsigned char *bytes, int len)
|
const unsigned char *bytes, int len)
|
||||||
{
|
{
|
||||||
if (X509at_add1_attr_by_OBJ(&req->req_info.attributes, obj,
|
if (!X509at_add1_attr_by_OBJ(&req->req_info.attributes, obj,
|
||||||
type, bytes, len))
|
type, bytes, len))
|
||||||
return 1;
|
|
||||||
return 0;
|
return 0;
|
||||||
|
req->req_info.enc.modified = 1;
|
||||||
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
int X509_REQ_add1_attr_by_NID(X509_REQ *req,
|
int X509_REQ_add1_attr_by_NID(X509_REQ *req,
|
||||||
int nid, int type,
|
int nid, int type,
|
||||||
const unsigned char *bytes, int len)
|
const unsigned char *bytes, int len)
|
||||||
{
|
{
|
||||||
if (X509at_add1_attr_by_NID(&req->req_info.attributes, nid,
|
if (!X509at_add1_attr_by_NID(&req->req_info.attributes, nid,
|
||||||
type, bytes, len))
|
type, bytes, len))
|
||||||
return 1;
|
|
||||||
return 0;
|
return 0;
|
||||||
|
req->req_info.enc.modified = 1;
|
||||||
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
int X509_REQ_add1_attr_by_txt(X509_REQ *req,
|
int X509_REQ_add1_attr_by_txt(X509_REQ *req,
|
||||||
const char *attrname, int type,
|
const char *attrname, int type,
|
||||||
const unsigned char *bytes, int len)
|
const unsigned char *bytes, int len)
|
||||||
{
|
{
|
||||||
if (X509at_add1_attr_by_txt(&req->req_info.attributes, attrname,
|
if (!X509at_add1_attr_by_txt(&req->req_info.attributes, attrname,
|
||||||
type, bytes, len))
|
type, bytes, len))
|
||||||
return 1;
|
|
||||||
return 0;
|
return 0;
|
||||||
|
req->req_info.enc.modified = 1;
|
||||||
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
long X509_REQ_get_version(const X509_REQ *req)
|
long X509_REQ_get_version(const X509_REQ *req)
|
||||||
|
|||||||
@@ -973,14 +973,14 @@ static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
|
|||||||
time_t *ptime;
|
time_t *ptime;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
if (notify)
|
|
||||||
ctx->current_crl = crl;
|
|
||||||
if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
|
if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
|
||||||
ptime = &ctx->param->check_time;
|
ptime = &ctx->param->check_time;
|
||||||
else if (ctx->param->flags & X509_V_FLAG_NO_CHECK_TIME)
|
else if (ctx->param->flags & X509_V_FLAG_NO_CHECK_TIME)
|
||||||
return 1;
|
return 1;
|
||||||
else
|
else
|
||||||
ptime = NULL;
|
ptime = NULL;
|
||||||
|
if (notify)
|
||||||
|
ctx->current_crl = crl;
|
||||||
|
|
||||||
i = X509_cmp_time(X509_CRL_get0_lastUpdate(crl), ptime);
|
i = X509_cmp_time(X509_CRL_get0_lastUpdate(crl), ptime);
|
||||||
if (i == 0) {
|
if (i == 0) {
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -41,6 +41,13 @@ int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
|
|||||||
|
|
||||||
int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
|
int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
|
||||||
{
|
{
|
||||||
|
/*
|
||||||
|
* Setting the modified flag before signing it. This makes the cached
|
||||||
|
* encoding to be ignored, so even if the certificate fields have changed,
|
||||||
|
* they are signed correctly.
|
||||||
|
* The X509_sign_ctx, X509_REQ_sign{,_ctx}, X509_CRL_sign{,_ctx} functions
|
||||||
|
* which exist below are the same.
|
||||||
|
*/
|
||||||
x->cert_info.enc.modified = 1;
|
x->cert_info.enc.modified = 1;
|
||||||
return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), &x->cert_info.signature,
|
return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), &x->cert_info.signature,
|
||||||
&x->sig_alg, &x->signature, &x->cert_info, pkey,
|
&x->sig_alg, &x->signature, &x->cert_info, pkey,
|
||||||
@@ -65,12 +72,14 @@ int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert)
|
|||||||
|
|
||||||
int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
|
int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
|
||||||
{
|
{
|
||||||
|
x->req_info.enc.modified = 1;
|
||||||
return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL,
|
return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL,
|
||||||
x->signature, &x->req_info, pkey, md));
|
x->signature, &x->req_info, pkey, md));
|
||||||
}
|
}
|
||||||
|
|
||||||
int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
|
int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
|
||||||
{
|
{
|
||||||
|
x->req_info.enc.modified = 1;
|
||||||
return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
|
return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
|
||||||
&x->sig_alg, NULL, x->signature, &x->req_info,
|
&x->sig_alg, NULL, x->signature, &x->req_info,
|
||||||
ctx);
|
ctx);
|
||||||
|
|||||||
@@ -392,12 +392,14 @@ static int range_should_be_prefix(const unsigned char *min,
|
|||||||
/*
|
/*
|
||||||
* Construct a prefix.
|
* Construct a prefix.
|
||||||
*/
|
*/
|
||||||
static int make_addressPrefix(IPAddressOrRange **result,
|
static int make_addressPrefix(IPAddressOrRange **result, unsigned char *addr,
|
||||||
unsigned char *addr, const int prefixlen)
|
const int prefixlen, const int afilen)
|
||||||
{
|
{
|
||||||
int bytelen = (prefixlen + 7) / 8, bitlen = prefixlen % 8;
|
int bytelen = (prefixlen + 7) / 8, bitlen = prefixlen % 8;
|
||||||
IPAddressOrRange *aor = IPAddressOrRange_new();
|
IPAddressOrRange *aor = IPAddressOrRange_new();
|
||||||
|
|
||||||
|
if (prefixlen < 0 || prefixlen > (afilen * 8))
|
||||||
|
return 0;
|
||||||
if (aor == NULL)
|
if (aor == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
aor->type = IPAddressOrRange_addressPrefix;
|
aor->type = IPAddressOrRange_addressPrefix;
|
||||||
@@ -437,7 +439,7 @@ static int make_addressRange(IPAddressOrRange **result,
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if ((prefixlen = range_should_be_prefix(min, max, length)) >= 0)
|
if ((prefixlen = range_should_be_prefix(min, max, length)) >= 0)
|
||||||
return make_addressPrefix(result, min, prefixlen);
|
return make_addressPrefix(result, min, prefixlen, length);
|
||||||
|
|
||||||
if ((aor = IPAddressOrRange_new()) == NULL)
|
if ((aor = IPAddressOrRange_new()) == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
@@ -599,7 +601,9 @@ int X509v3_addr_add_prefix(IPAddrBlocks *addr,
|
|||||||
{
|
{
|
||||||
IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
|
IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
|
||||||
IPAddressOrRange *aor;
|
IPAddressOrRange *aor;
|
||||||
if (aors == NULL || !make_addressPrefix(&aor, a, prefixlen))
|
|
||||||
|
if (aors == NULL
|
||||||
|
|| !make_addressPrefix(&aor, a, prefixlen, length_from_afi(afi)))
|
||||||
return 0;
|
return 0;
|
||||||
if (sk_IPAddressOrRange_push(aors, aor))
|
if (sk_IPAddressOrRange_push(aors, aor))
|
||||||
return 1;
|
return 1;
|
||||||
@@ -996,7 +1000,10 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
|
|||||||
switch (delim) {
|
switch (delim) {
|
||||||
case '/':
|
case '/':
|
||||||
prefixlen = (int)strtoul(s + i2, &t, 10);
|
prefixlen = (int)strtoul(s + i2, &t, 10);
|
||||||
if (t == s + i2 || *t != '\0') {
|
if (t == s + i2
|
||||||
|
|| *t != '\0'
|
||||||
|
|| prefixlen > (length * 8)
|
||||||
|
|| prefixlen < 0) {
|
||||||
X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
|
X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
|
||||||
X509V3_R_EXTENSION_VALUE_ERROR);
|
X509V3_R_EXTENSION_VALUE_ERROR);
|
||||||
X509V3_conf_err(val);
|
X509V3_conf_err(val);
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -242,8 +242,10 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
|
|||||||
}
|
}
|
||||||
/* If delete, just delete it */
|
/* If delete, just delete it */
|
||||||
if (ext_op == X509V3_ADD_DELETE) {
|
if (ext_op == X509V3_ADD_DELETE) {
|
||||||
if (!sk_X509_EXTENSION_delete(*x, extidx))
|
extmp = sk_X509_EXTENSION_delete(*x, extidx);
|
||||||
|
if (extmp == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
X509_EXTENSION_free(extmp);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@@ -1087,12 +1087,17 @@ int a2i_ipadd(unsigned char *ipout, const char *ipasc)
|
|||||||
|
|
||||||
static int ipv4_from_asc(unsigned char *v4, const char *in)
|
static int ipv4_from_asc(unsigned char *v4, const char *in)
|
||||||
{
|
{
|
||||||
int a0, a1, a2, a3;
|
const char *p;
|
||||||
if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4)
|
int a0, a1, a2, a3, n;
|
||||||
|
|
||||||
|
if (sscanf(in, "%d.%d.%d.%d%n", &a0, &a1, &a2, &a3, &n) != 4)
|
||||||
return 0;
|
return 0;
|
||||||
if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255)
|
if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255)
|
||||||
|| (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255))
|
|| (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255))
|
||||||
return 0;
|
return 0;
|
||||||
|
p = in + n;
|
||||||
|
if (!(*p == '\0' || ossl_isspace(*p)))
|
||||||
|
return 0;
|
||||||
v4[0] = a0;
|
v4[0] = a0;
|
||||||
v4[1] = a1;
|
v4[1] = a1;
|
||||||
v4[2] = a2;
|
v4[2] = a2;
|
||||||
|
|||||||
@@ -434,22 +434,26 @@ the CA certificate file.
|
|||||||
|
|
||||||
Sets the CA serial number file to use.
|
Sets the CA serial number file to use.
|
||||||
|
|
||||||
When the B<-CA> option is used to sign a certificate it uses a serial
|
When creating a certificate with this option, and with the B<-CA> option,
|
||||||
number specified in a file. This file consists of one line containing
|
the certificate serial number is stored in the given file.
|
||||||
an even number of hex digits with the serial number to use. After each
|
This file consists of one line containing
|
||||||
use the serial number is incremented and written out to the file again.
|
an even number of hex digits with the serial number used last time.
|
||||||
|
After reading this number, it is incremented and used, and the file is updated.
|
||||||
|
|
||||||
The default filename consists of the CA certificate file base name with
|
The default filename consists of the CA certificate file base name with
|
||||||
".srl" appended. For example if the CA certificate file is called
|
".srl" appended. For example if the CA certificate file is called
|
||||||
"mycacert.pem" it expects to find a serial number file called "mycacert.srl".
|
"mycacert.pem" it expects to find a serial number file called "mycacert.srl".
|
||||||
|
|
||||||
|
If the B<-CA> option is specified and neither <-CAserial> or <-CAcreateserial>
|
||||||
|
is given and the default serial number file does not exist,
|
||||||
|
a random number is generated; this is the recommended practice.
|
||||||
|
|
||||||
=item B<-CAcreateserial>
|
=item B<-CAcreateserial>
|
||||||
|
|
||||||
With this option the CA serial number file is created if it does not exist:
|
With this option and the B<-CA> option
|
||||||
it will contain the serial number "02" and the certificate being signed will
|
the CA serial number file is created if it does not exist.
|
||||||
have the 1 as its serial number. If the B<-CA> option is specified
|
A random number is generated, used for the certificate,
|
||||||
and the serial number file does not exist a random number is generated;
|
and saved into the serial number file determined as described above.
|
||||||
this is the recommended practice.
|
|
||||||
|
|
||||||
=item B<-extfile filename>
|
=item B<-extfile filename>
|
||||||
|
|
||||||
@@ -932,7 +936,7 @@ the old form must have their links rebuilt using B<c_rehash> or similar.
|
|||||||
|
|
||||||
=head1 COPYRIGHT
|
=head1 COPYRIGHT
|
||||||
|
|
||||||
Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
|
Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
|
||||||
Licensed under the OpenSSL license (the "License"). You may not use
|
Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
this file except in compliance with the License. You can obtain a copy
|
this file except in compliance with the License. You can obtain a copy
|
||||||
|
|||||||
@@ -19,25 +19,33 @@ CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_ge
|
|||||||
|
|
||||||
=head1 DESCRIPTION
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
CMS_add0_cert() and CMS_add1_cert() add certificate B<cert> to B<cms>.
|
CMS_add0_cert() and CMS_add1_cert() add certificate I<cert> to I<cms>.
|
||||||
must be of type signed data or enveloped data.
|
I<cms> must be of type signed data or (authenticated) enveloped data.
|
||||||
|
For signed data, such a certificate can be used when signing or verifying
|
||||||
|
to fill in the signer certificate or to provide an extra CA certificate
|
||||||
|
that may be needed for chain building in certificate validation.
|
||||||
|
|
||||||
CMS_get1_certs() returns all certificates in B<cms>.
|
CMS_get1_certs() returns all certificates in I<cms>.
|
||||||
|
|
||||||
CMS_add0_crl() and CMS_add1_crl() add CRL B<crl> to B<cms>. CMS_get1_crls()
|
CMS_add0_crl() and CMS_add1_crl() add CRL I<crl> to I<cms>.
|
||||||
returns any CRLs in B<cms>.
|
I<cms> must be of type signed data or (authenticated) enveloped data.
|
||||||
|
For signed data, such a CRL may be used in certificate validation.
|
||||||
|
It may be given both for inclusion when signing a CMS message
|
||||||
|
and when verifying a signed CMS message.
|
||||||
|
|
||||||
|
CMS_get1_crls() returns all CRLs in I<cms>.
|
||||||
|
|
||||||
=head1 NOTES
|
=head1 NOTES
|
||||||
|
|
||||||
The CMS_ContentInfo structure B<cms> must be of type signed data or enveloped
|
The CMS_ContentInfo structure I<cms> must be of type signed data or enveloped
|
||||||
data or an error will be returned.
|
data or an error will be returned.
|
||||||
|
|
||||||
For signed data certificates and CRLs are added to the B<certificates> and
|
For signed data certificates and CRLs are added to the I<certificates> and
|
||||||
B<crls> fields of SignedData structure. For enveloped data they are added to
|
I<crls> fields of SignedData structure. For enveloped data they are added to
|
||||||
B<OriginatorInfo>.
|
B<OriginatorInfo>.
|
||||||
|
|
||||||
As the B<0> implies CMS_add0_cert() adds B<cert> internally to B<cms> and it
|
As the I<0> implies CMS_add0_cert() adds I<cert> internally to I<cms> and it
|
||||||
must not be freed up after the call as opposed to CMS_add1_cert() where B<cert>
|
must not be freed up after the call as opposed to CMS_add1_cert() where I<cert>
|
||||||
must be freed up.
|
must be freed up.
|
||||||
|
|
||||||
The same certificate or CRL must not be added to the same cms structure more
|
The same certificate or CRL must not be added to the same cms structure more
|
||||||
@@ -50,7 +58,7 @@ CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return
|
|||||||
|
|
||||||
CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs
|
CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs
|
||||||
or NULL if there are none or an error occurs. The only error which will occur
|
or NULL if there are none or an error occurs. The only error which will occur
|
||||||
in practice is if the B<cms> type is invalid.
|
in practice is if the I<cms> type is invalid.
|
||||||
|
|
||||||
=head1 SEE ALSO
|
=head1 SEE ALSO
|
||||||
|
|
||||||
@@ -60,7 +68,7 @@ L<CMS_encrypt(3)>
|
|||||||
|
|
||||||
=head1 COPYRIGHT
|
=head1 COPYRIGHT
|
||||||
|
|
||||||
Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
|
Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
|
||||||
Licensed under the OpenSSL license (the "License"). You may not use
|
Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
this file except in compliance with the License. You can obtain a copy
|
this file except in compliance with the License. You can obtain a copy
|
||||||
|
|||||||
@@ -15,50 +15,58 @@ CMS_verify, CMS_get0_signers - verify a CMS SignedData structure
|
|||||||
|
|
||||||
=head1 DESCRIPTION
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
CMS_verify() verifies a CMS SignedData structure. B<cms> is the CMS_ContentInfo
|
CMS_verify() is very similar to L<PKCS7_verify(3)>. It verifies a
|
||||||
structure to verify. B<certs> is a set of certificates in which to search for
|
B<CMS SignedData> structure contained in a structure of type B<CMS_ContentInfo>.
|
||||||
the signing certificate(s). B<store> is a trusted certificate store used for
|
I<cms> points to the B<CMS_ContentInfo> structure to verify.
|
||||||
chain verification. B<indata> is the detached content if the content is not
|
The optional I<certs> parameter refers to a set of certificates
|
||||||
present in B<cms>. The content is written to B<out> if it is not NULL.
|
in which to search for signing certificates.
|
||||||
|
I<cms> may contain extra untrusted CA certificates that may be used for
|
||||||
|
chain building as well as CRLs that may be used for certificate validation.
|
||||||
|
I<store> may be NULL or point to
|
||||||
|
the trusted certificate store to use for chain verification.
|
||||||
|
I<indata> refers to the signed data if the content is detached from I<cms>.
|
||||||
|
Otherwise I<indata> should be NULL and the signed data must be in I<cms>.
|
||||||
|
The content is written to the BIO I<out> unless it is NULL.
|
||||||
|
I<flags> is an optional set of flags, which can be used to modify the operation.
|
||||||
|
|
||||||
B<flags> is an optional set of flags, which can be used to modify the verify
|
CMS_get0_signers() retrieves the signing certificate(s) from I<cms>, it may only
|
||||||
operation.
|
|
||||||
|
|
||||||
CMS_get0_signers() retrieves the signing certificate(s) from B<cms>, it may only
|
|
||||||
be called after a successful CMS_verify() operation.
|
be called after a successful CMS_verify() operation.
|
||||||
|
|
||||||
=head1 VERIFY PROCESS
|
=head1 VERIFY PROCESS
|
||||||
|
|
||||||
Normally the verify process proceeds as follows.
|
Normally the verify process proceeds as follows.
|
||||||
|
|
||||||
Initially some sanity checks are performed on B<cms>. The type of B<cms> must
|
Initially some sanity checks are performed on I<cms>. The type of I<cms> must
|
||||||
be SignedData. There must be at least one signature on the data and if
|
be SignedData. There must be at least one signature on the data and if
|
||||||
the content is detached B<indata> cannot be B<NULL>.
|
the content is detached I<indata> cannot be NULL.
|
||||||
|
|
||||||
An attempt is made to locate all the signing certificate(s), first looking in
|
An attempt is made to locate all the signing certificate(s), first looking in
|
||||||
the B<certs> parameter (if it is not NULL) and then looking in any
|
the I<certs> parameter (if it is not NULL) and then looking in any
|
||||||
certificates contained in the B<cms> structure itself. If any signing
|
certificates contained in the I<cms> structure unless B<CMS_NOINTERN> is set.
|
||||||
certificate cannot be located the operation fails.
|
If any signing certificate cannot be located the operation fails.
|
||||||
|
|
||||||
Each signing certificate is chain verified using the B<smimesign> purpose and
|
Each signing certificate is chain verified using the I<smimesign> purpose and
|
||||||
the supplied trusted certificate store. Any internal certificates in the message
|
using the trusted certificate store I<store> if supplied.
|
||||||
are used as untrusted CAs. If CRL checking is enabled in B<store> any internal
|
Any internal certificates in the message, which may have been added using
|
||||||
CRLs are used in addition to attempting to look them up in B<store>. If any
|
L<CMS_add1_cert(3)>, are used as untrusted CAs.
|
||||||
chain verify fails an error code is returned.
|
If CRL checking is enabled in I<store> and B<CMS_NOCRL> is not set,
|
||||||
|
any internal CRLs, which may have been added using L<CMS_add1_crl(3)>,
|
||||||
|
are used in addition to attempting to look them up in I<store>.
|
||||||
|
If I<store> is not NULL and any chain verify fails an error code is returned.
|
||||||
|
|
||||||
Finally the signed content is read (and written to B<out> if it is not NULL)
|
Finally the signed content is read (and written to I<out> unless it is NULL)
|
||||||
and the signature's checked.
|
and the signature is checked.
|
||||||
|
|
||||||
If all signature's verify correctly then the function is successful.
|
If all signatures verify correctly then the function is successful.
|
||||||
|
|
||||||
Any of the following flags (ored together) can be passed in the B<flags>
|
Any of the following flags (ored together) can be passed in the I<flags>
|
||||||
parameter to change the default verify behaviour.
|
parameter to change the default verify behaviour.
|
||||||
|
|
||||||
If B<CMS_NOINTERN> is set the certificates in the message itself are not
|
If B<CMS_NOINTERN> is set the certificates in the message itself are not
|
||||||
searched when locating the signing certificate(s). This means that all the
|
searched when locating the signing certificate(s).
|
||||||
signing certificates must be in the B<certs> parameter.
|
This means that all the signing certificates must be in the I<certs> parameter.
|
||||||
|
|
||||||
If B<CMS_NOCRL> is set and CRL checking is enabled in B<store> then any
|
If B<CMS_NOCRL> is set and CRL checking is enabled in I<store> then any
|
||||||
CRLs in the message itself are ignored.
|
CRLs in the message itself are ignored.
|
||||||
|
|
||||||
If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted
|
If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted
|
||||||
@@ -66,7 +74,7 @@ from the content. If the content is not of type B<text/plain> then an error is
|
|||||||
returned.
|
returned.
|
||||||
|
|
||||||
If B<CMS_NO_SIGNER_CERT_VERIFY> is set the signing certificates are not
|
If B<CMS_NO_SIGNER_CERT_VERIFY> is set the signing certificates are not
|
||||||
verified.
|
chain verified.
|
||||||
|
|
||||||
If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not
|
If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not
|
||||||
verified.
|
verified.
|
||||||
@@ -77,20 +85,20 @@ If B<CMS_NO_CONTENT_VERIFY> is set then the content digest is not checked.
|
|||||||
|
|
||||||
One application of B<CMS_NOINTERN> is to only accept messages signed by
|
One application of B<CMS_NOINTERN> is to only accept messages signed by
|
||||||
a small number of certificates. The acceptable certificates would be passed
|
a small number of certificates. The acceptable certificates would be passed
|
||||||
in the B<certs> parameter. In this case if the signer is not one of the
|
in the I<certs> parameter. In this case if the signer certificate is not one
|
||||||
certificates supplied in B<certs> then the verify will fail because the
|
of the certificates supplied in I<certs> then the verify will fail because the
|
||||||
signer cannot be found.
|
signer cannot be found.
|
||||||
|
|
||||||
In some cases the standard techniques for looking up and validating
|
In some cases the standard techniques for looking up and validating
|
||||||
certificates are not appropriate: for example an application may wish to
|
certificates are not appropriate: for example an application may wish to
|
||||||
lookup certificates in a database or perform customised verification. This
|
lookup certificates in a database or perform customised verification. This
|
||||||
can be achieved by setting and verifying the signers certificates manually
|
can be achieved by setting and verifying the signer certificates manually
|
||||||
using the signed data utility functions.
|
using the signed data utility functions.
|
||||||
|
|
||||||
Care should be taken when modifying the default verify behaviour, for example
|
Care should be taken when modifying the default verify behaviour, for example
|
||||||
setting B<CMS_NO_CONTENT_VERIFY> will totally disable all content verification
|
setting B<CMS_NO_CONTENT_VERIFY> will totally disable all content verification
|
||||||
and any modified content will be considered valid. This combination is however
|
and any modified content will be considered valid. This combination is however
|
||||||
useful if one merely wishes to write the content to B<out> and its validity
|
useful if one merely wishes to write the content to I<out> and its validity
|
||||||
is not considered important.
|
is not considered important.
|
||||||
|
|
||||||
Chain verification should arguably be performed using the signing time rather
|
Chain verification should arguably be performed using the signing time rather
|
||||||
@@ -100,8 +108,7 @@ timestamp).
|
|||||||
|
|
||||||
=head1 RETURN VALUES
|
=head1 RETURN VALUES
|
||||||
|
|
||||||
CMS_verify() returns 1 for a successful verification and zero if an error
|
CMS_verify() returns 1 for a successful verification and 0 if an error occurred.
|
||||||
occurred.
|
|
||||||
|
|
||||||
CMS_get0_signers() returns all signers or NULL if an error occurred.
|
CMS_get0_signers() returns all signers or NULL if an error occurred.
|
||||||
|
|
||||||
@@ -109,8 +116,8 @@ The error can be obtained from L<ERR_get_error(3)>
|
|||||||
|
|
||||||
=head1 BUGS
|
=head1 BUGS
|
||||||
|
|
||||||
The trusted certificate store is not searched for the signing certificate,
|
The trusted certificate store is not searched for the signing certificate.
|
||||||
this is primarily due to the inadequacies of the current B<X509_STORE>
|
This is primarily due to the inadequacies of the current B<X509_STORE>
|
||||||
functionality.
|
functionality.
|
||||||
|
|
||||||
The lack of single pass processing means that the signed content must all
|
The lack of single pass processing means that the signed content must all
|
||||||
@@ -118,11 +125,13 @@ be held in memory if it is not detached.
|
|||||||
|
|
||||||
=head1 SEE ALSO
|
=head1 SEE ALSO
|
||||||
|
|
||||||
|
L<PKCS7_verify(3)>, L<CMS_add1_cert(3)>, L<CMS_add1_crl(3)>,
|
||||||
|
L<OSSL_ESS_check_signing_certs(3)>,
|
||||||
L<ERR_get_error(3)>, L<CMS_sign(3)>
|
L<ERR_get_error(3)>, L<CMS_sign(3)>
|
||||||
|
|
||||||
=head1 COPYRIGHT
|
=head1 COPYRIGHT
|
||||||
|
|
||||||
Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
|
Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
|
||||||
Licensed under the OpenSSL license (the "License"). You may not use
|
Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
this file except in compliance with the License. You can obtain a copy
|
this file except in compliance with the License. You can obtain a copy
|
||||||
|
|||||||
@@ -33,7 +33,7 @@ EC_KEY objects
|
|||||||
const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
|
const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
|
||||||
int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
|
int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
|
||||||
const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
|
const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
|
||||||
int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
|
int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key);
|
||||||
const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
|
const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
|
||||||
int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
|
int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
|
||||||
point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
|
point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
|
||||||
@@ -102,7 +102,9 @@ that it is valid.
|
|||||||
The functions EC_KEY_get0_group(), EC_KEY_set_group(),
|
The functions EC_KEY_get0_group(), EC_KEY_set_group(),
|
||||||
EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(),
|
EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(),
|
||||||
and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key,
|
and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key,
|
||||||
and the EC_POINT public key for the B<key> respectively.
|
and the EC_POINT public key for the B<key> respectively. The function
|
||||||
|
EC_KEY_set_private_key() accepts NULL as the priv_key argument to securely clear
|
||||||
|
the private key component from the EC_KEY.
|
||||||
|
|
||||||
The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the
|
The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the
|
||||||
point_conversion_form for the B<key>. For a description of
|
point_conversion_form for the B<key>. For a description of
|
||||||
@@ -160,10 +162,14 @@ EC_KEY_copy() returns a pointer to the destination key, or NULL on error.
|
|||||||
|
|
||||||
EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn't set.
|
EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn't set.
|
||||||
|
|
||||||
EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(),
|
EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_public_key(),
|
||||||
EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(),
|
EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(),
|
||||||
EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(),
|
EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and
|
||||||
EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.
|
EC_KEY_oct2priv() return 1 on success or 0 on error.
|
||||||
|
|
||||||
|
EC_KEY_set_private_key() returns 1 on success or 0 on error except when the
|
||||||
|
priv_key argument is NULL, in that case it returns 0, for legacy compatibility,
|
||||||
|
and should not be treated as an error.
|
||||||
|
|
||||||
EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.
|
EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.
|
||||||
|
|
||||||
@@ -184,7 +190,7 @@ L<d2i_ECPKParameters(3)>
|
|||||||
|
|
||||||
=head1 COPYRIGHT
|
=head1 COPYRIGHT
|
||||||
|
|
||||||
Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
|
Copyright 2013-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
|
||||||
Licensed under the OpenSSL license (the "License"). You may not use
|
Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
this file except in compliance with the License. You can obtain a copy
|
this file except in compliance with the License. You can obtain a copy
|
||||||
|
|||||||
@@ -313,7 +313,7 @@ length.
|
|||||||
EVP_CIPHER_CTX_set_padding() always returns 1.
|
EVP_CIPHER_CTX_set_padding() always returns 1.
|
||||||
|
|
||||||
EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
|
EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
|
||||||
length or zero if the cipher does not use an IV.
|
length, zero if the cipher does not use an IV and a negative value on error.
|
||||||
|
|
||||||
EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher's
|
EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher's
|
||||||
OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.
|
OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.
|
||||||
@@ -661,7 +661,7 @@ EVP_CIPHER_CTX_reset().
|
|||||||
|
|
||||||
=head1 COPYRIGHT
|
=head1 COPYRIGHT
|
||||||
|
|
||||||
Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
|
Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
|
||||||
Licensed under the OpenSSL license (the "License"). You may not use
|
Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
this file except in compliance with the License. You can obtain a copy
|
this file except in compliance with the License. You can obtain a copy
|
||||||
|
|||||||
@@ -23,7 +23,7 @@ lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table
|
|||||||
|
|
||||||
TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
|
TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data);
|
||||||
TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
|
TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data);
|
||||||
TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
|
TYPE *lh_TYPE_retrieve(LHASH_OF(TYPE) *table, TYPE *data);
|
||||||
|
|
||||||
void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
|
void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
|
||||||
void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
|
void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,
|
||||||
@@ -229,7 +229,7 @@ type checking.
|
|||||||
|
|
||||||
=head1 COPYRIGHT
|
=head1 COPYRIGHT
|
||||||
|
|
||||||
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
|
Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
|
||||||
Licensed under the OpenSSL license (the "License"). You may not use
|
Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
this file except in compliance with the License. You can obtain a copy
|
this file except in compliance with the License. You can obtain a copy
|
||||||
|
|||||||
@@ -81,7 +81,7 @@ B<OPENSSL_INIT_NO_ADD_ALL_CIPHERS> will be ignored.
|
|||||||
With this option the library will automatically load and make available all
|
With this option the library will automatically load and make available all
|
||||||
libcrypto digests. This option is a default option. Once selected subsequent
|
libcrypto digests. This option is a default option. Once selected subsequent
|
||||||
calls to OPENSSL_init_crypto() with the option
|
calls to OPENSSL_init_crypto() with the option
|
||||||
B<OPENSSL_INIT_NO_ADD_ALL_CIPHERS> will be ignored.
|
B<OPENSSL_INIT_NO_ADD_ALL_DIGESTS> will be ignored.
|
||||||
|
|
||||||
=item OPENSSL_INIT_NO_ADD_ALL_CIPHERS
|
=item OPENSSL_INIT_NO_ADD_ALL_CIPHERS
|
||||||
|
|
||||||
@@ -264,7 +264,7 @@ and OPENSSL_INIT_free() functions were added in OpenSSL 1.1.0.
|
|||||||
|
|
||||||
=head1 COPYRIGHT
|
=head1 COPYRIGHT
|
||||||
|
|
||||||
Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
|
||||||
Licensed under the OpenSSL license (the "License"). You may not use
|
Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
this file except in compliance with the License. You can obtain a copy
|
this file except in compliance with the License. You can obtain a copy
|
||||||
|
|||||||
@@ -13,29 +13,26 @@ PKCS7_sign - create a PKCS#7 signedData structure
|
|||||||
|
|
||||||
=head1 DESCRIPTION
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is
|
PKCS7_sign() creates and returns a PKCS#7 signedData structure.
|
||||||
the certificate to sign with, B<pkey> is the corresponding private key.
|
I<signcert> is the certificate to sign with, I<pkey> is the corresponding
|
||||||
B<certs> is an optional additional set of certificates to include in the PKCS#7
|
private key. I<certs> is an optional set of extra certificates to include
|
||||||
structure (for example any intermediate CAs in the chain).
|
in the PKCS#7 structure (for example any intermediate CAs in the chain).
|
||||||
|
|
||||||
The data to be signed is read from BIO B<data>.
|
The data to be signed is read from BIO I<data>.
|
||||||
|
|
||||||
B<flags> is an optional set of flags.
|
I<flags> is an optional set of flags.
|
||||||
|
|
||||||
=head1 NOTES
|
Any of the following flags (ored together) can be passed in the I<flags>
|
||||||
|
|
||||||
Any of the following flags (ored together) can be passed in the B<flags>
|
|
||||||
parameter.
|
|
||||||
|
|
||||||
Many S/MIME clients expect the signed content to include valid MIME headers. If
|
Many S/MIME clients expect the signed content to include valid MIME headers. If
|
||||||
the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
|
the B<PKCS7_TEXT> flag is set MIME headers for type C<text/plain> are prepended
|
||||||
to the data.
|
to the data.
|
||||||
|
|
||||||
If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
|
If B<PKCS7_NOCERTS> is set the signer's certificate and the extra I<certs>
|
||||||
PKCS7 structure, the signer's certificate must still be supplied in the
|
will not be included in the PKCS7 structure.
|
||||||
B<signcert> parameter though. This can reduce the size of the signature if the
|
The signer's certificate must still be supplied in the I<signcert> parameter
|
||||||
signers certificate can be obtained by other means: for example a previously
|
though. This can reduce the size of the signatures if the signer's certificates
|
||||||
signed message.
|
can be obtained by other means: for example a previously signed message.
|
||||||
|
|
||||||
The data being signed is included in the PKCS7 structure, unless
|
The data being signed is included in the PKCS7 structure, unless
|
||||||
B<PKCS7_DETACHED> is set in which case it is omitted. This is used for PKCS7
|
B<PKCS7_DETACHED> is set in which case it is omitted. This is used for PKCS7
|
||||||
@@ -59,7 +56,7 @@ these algorithms is disabled then it will not be included.
|
|||||||
|
|
||||||
If the flags B<PKCS7_STREAM> is set then the returned B<PKCS7> structure is
|
If the flags B<PKCS7_STREAM> is set then the returned B<PKCS7> structure is
|
||||||
just initialized ready to perform the signing operation. The signing is however
|
just initialized ready to perform the signing operation. The signing is however
|
||||||
B<not> performed and the data to be signed is not read from the B<data>
|
B<not> performed and the data to be signed is not read from the I<data>
|
||||||
parameter. Signing is deferred until after the data has been written. In this
|
parameter. Signing is deferred until after the data has been written. In this
|
||||||
way data can be signed in a single pass.
|
way data can be signed in a single pass.
|
||||||
|
|
||||||
@@ -80,17 +77,17 @@ BIO_new_PKCS7().
|
|||||||
If a signer is specified it will use the default digest for the signing
|
If a signer is specified it will use the default digest for the signing
|
||||||
algorithm. This is B<SHA1> for both RSA and DSA keys.
|
algorithm. This is B<SHA1> for both RSA and DSA keys.
|
||||||
|
|
||||||
The B<certs>, B<signcert> and B<pkey> parameters can all be
|
The I<certs>, I<signcert> and I<pkey> parameters can all be
|
||||||
B<NULL> if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
|
NULL if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
|
||||||
using the function PKCS7_sign_add_signer(). PKCS7_final() must also be
|
using the function PKCS7_sign_add_signer(). PKCS7_final() must also be
|
||||||
called to finalize the structure if streaming is not enabled. Alternative
|
called to finalize the structure if streaming is not enabled. Alternative
|
||||||
signing digests can also be specified using this method.
|
signing digests can also be specified using this method.
|
||||||
|
|
||||||
If B<signcert> and B<pkey> are NULL then a certificates only
|
If I<signcert> and I<pkey> are NULL then a certificates only
|
||||||
PKCS#7 structure is output.
|
PKCS#7 structure is output.
|
||||||
|
|
||||||
In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must
|
In versions of OpenSSL before 1.0.0 the I<signcert> and I<pkey> parameters must
|
||||||
B<NOT> be NULL.
|
not be NULL.
|
||||||
|
|
||||||
=head1 BUGS
|
=head1 BUGS
|
||||||
|
|
||||||
@@ -107,14 +104,14 @@ L<ERR_get_error(3)>, L<PKCS7_verify(3)>
|
|||||||
|
|
||||||
=head1 HISTORY
|
=head1 HISTORY
|
||||||
|
|
||||||
The B<PKCS7_PARTIAL> flag, and the ability for B<certs>, B<signcert>,
|
The B<PKCS7_PARTIAL> flag, and the ability for I<certs>, I<signcert>,
|
||||||
and B<pkey> parameters to be B<NULL> were added in OpenSSL 1.0.0.
|
and I<pkey> parameters to be NULL were added in OpenSSL 1.0.0.
|
||||||
|
|
||||||
The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0.
|
The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0.
|
||||||
|
|
||||||
=head1 COPYRIGHT
|
=head1 COPYRIGHT
|
||||||
|
|
||||||
Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
|
Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
|
||||||
Licensed under the OpenSSL license (the "License"). You may not use
|
Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
this file except in compliance with the License. You can obtain a copy
|
this file except in compliance with the License. You can obtain a copy
|
||||||
|
|||||||
@@ -2,7 +2,8 @@
|
|||||||
|
|
||||||
=head1 NAME
|
=head1 NAME
|
||||||
|
|
||||||
PKCS7_sign_add_signer - add a signer PKCS7 signed data structure
|
PKCS7_sign_add_signer,
|
||||||
|
PKCS7_add_certificate, PKCS7_add_crl - add information to PKCS7 structure
|
||||||
|
|
||||||
=head1 SYNOPSIS
|
=head1 SYNOPSIS
|
||||||
|
|
||||||
@@ -10,22 +11,22 @@ PKCS7_sign_add_signer - add a signer PKCS7 signed data structure
|
|||||||
|
|
||||||
PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert,
|
PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert,
|
||||||
EVP_PKEY *pkey, const EVP_MD *md, int flags);
|
EVP_PKEY *pkey, const EVP_MD *md, int flags);
|
||||||
|
int PKCS7_add_certificate(PKCS7 *p7, X509 *cert);
|
||||||
|
int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl);
|
||||||
|
|
||||||
=head1 DESCRIPTION
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
PKCS7_sign_add_signer() adds a signer with certificate B<signcert> and private
|
PKCS7_sign_add_signer() adds a signer with certificate I<signcert> and private
|
||||||
key B<pkey> using message digest B<md> to a PKCS7 signed data structure
|
key I<pkey> using message digest I<md> to a PKCS7 signed data structure I<p7>.
|
||||||
B<p7>.
|
|
||||||
|
|
||||||
The PKCS7 structure should be obtained from an initial call to PKCS7_sign()
|
The B<PKCS7> structure should be obtained from an initial call to PKCS7_sign()
|
||||||
with the flag B<PKCS7_PARTIAL> set or in the case or re-signing a valid PKCS7
|
with the flag B<PKCS7_PARTIAL> set or in the case or re-signing a valid PKCS#7
|
||||||
signed data structure.
|
signed data structure.
|
||||||
|
|
||||||
If the B<md> parameter is B<NULL> then the default digest for the public
|
If the I<md> parameter is NULL then the default digest for the public
|
||||||
key algorithm will be used.
|
key algorithm will be used.
|
||||||
|
|
||||||
Unless the B<PKCS7_REUSE_DIGEST> flag is set the returned PKCS7 structure
|
Unless the B<PKCS7_REUSE_DIGEST> flag is set the returned B<PKCS7> structure
|
||||||
is not complete and must be finalized either by streaming (if applicable) or
|
is not complete and must be finalized either by streaming (if applicable) or
|
||||||
a call to PKCS7_final().
|
a call to PKCS7_final().
|
||||||
|
|
||||||
@@ -37,13 +38,13 @@ signed data structure where the simpler PKCS7_sign() function defaults are
|
|||||||
not appropriate. For example if multiple signers or non default digest
|
not appropriate. For example if multiple signers or non default digest
|
||||||
algorithms are needed.
|
algorithms are needed.
|
||||||
|
|
||||||
Any of the following flags (ored together) can be passed in the B<flags>
|
Any of the following flags (ored together) can be passed in the I<flags>
|
||||||
parameter.
|
parameter.
|
||||||
|
|
||||||
If B<PKCS7_REUSE_DIGEST> is set then an attempt is made to copy the content
|
If B<PKCS7_REUSE_DIGEST> is set then an attempt is made to copy the content
|
||||||
digest value from the PKCS7 structure: to add a signer to an existing structure.
|
digest value from the B<PKCS7> structure: to add a signer to an existing structure.
|
||||||
An error occurs if a matching digest value cannot be found to copy. The
|
An error occurs if a matching digest value cannot be found to copy. The
|
||||||
returned PKCS7 structure will be valid and finalized when this flag is set.
|
returned B<PKCS7> structure will be valid and finalized when this flag is set.
|
||||||
|
|
||||||
If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the
|
If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the
|
||||||
B<PKCS7_SIGNER_INO> structure will not be finalized so additional attributes
|
B<PKCS7_SIGNER_INO> structure will not be finalized so additional attributes
|
||||||
@@ -51,8 +52,8 @@ can be added. In this case an explicit call to PKCS7_SIGNER_INFO_sign() is
|
|||||||
needed to finalize it.
|
needed to finalize it.
|
||||||
|
|
||||||
If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
|
If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
|
||||||
PKCS7 structure, the signer's certificate must still be supplied in the
|
B<PKCS7> structure, the signer's certificate must still be supplied in the
|
||||||
B<signcert> parameter though. This can reduce the size of the signature if the
|
I<signcert> parameter though. This can reduce the size of the signature if the
|
||||||
signers certificate can be obtained by other means: for example a previously
|
signers certificate can be obtained by other means: for example a previously
|
||||||
signed message.
|
signed message.
|
||||||
|
|
||||||
@@ -66,20 +67,32 @@ If present the SMIMECapabilities attribute indicates support for the following
|
|||||||
algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
|
algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
|
||||||
these algorithms is disabled then it will not be included.
|
these algorithms is disabled then it will not be included.
|
||||||
|
|
||||||
|
PKCS7_sign_add_signers() returns an internal pointer to the B<PKCS7_SIGNER_INFO>
|
||||||
PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
|
structure just added, which can be used to set additional attributes
|
||||||
structure just added, this can be used to set additional attributes
|
|
||||||
before it is finalized.
|
before it is finalized.
|
||||||
|
|
||||||
|
PKCS7_add_certificate() adds to the B<PKCS7> structure I<p7> the certificate
|
||||||
|
I<cert>, which may be an end-entity (signer) certificate
|
||||||
|
or a CA certificate useful for chain building.
|
||||||
|
This is done internally by L<PKCS7_sign_ex(3)> and similar signing functions.
|
||||||
|
It may have to be used before calling L<PKCS7_verify(3)>
|
||||||
|
in order to provide any missing certificate(s) needed for verification.
|
||||||
|
|
||||||
|
PKCS7_add_crl() adds the CRL I<crl> to the B<PKCS7> structure I<p7>.
|
||||||
|
This may be called to provide certificate status information
|
||||||
|
to be included when signing or to use when verifying the B<PKCS7> structure.
|
||||||
|
|
||||||
=head1 RETURN VALUES
|
=head1 RETURN VALUES
|
||||||
|
|
||||||
PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
|
PKCS7_sign_add_signers() returns an internal pointer to the B<PKCS7_SIGNER_INFO>
|
||||||
structure just added or NULL if an error occurs.
|
structure just added or NULL if an error occurs.
|
||||||
|
|
||||||
|
PKCS7_add_certificate() and PKCS7_add_crl() return 1 on success, 0 on error.
|
||||||
|
|
||||||
=head1 SEE ALSO
|
=head1 SEE ALSO
|
||||||
|
|
||||||
L<ERR_get_error(3)>, L<PKCS7_sign(3)>,
|
L<ERR_get_error(3)>, L<PKCS7_sign_ex(3)>,
|
||||||
L<PKCS7_final(3)>,
|
L<PKCS7_final(3)>, L<PKCS7_verify(3)>
|
||||||
|
|
||||||
=head1 HISTORY
|
=head1 HISTORY
|
||||||
|
|
||||||
@@ -87,7 +100,7 @@ The PPKCS7_sign_add_signer() function was added in OpenSSL 1.0.0.
|
|||||||
|
|
||||||
=head1 COPYRIGHT
|
=head1 COPYRIGHT
|
||||||
|
|
||||||
Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
|
Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
|
||||||
Licensed under the OpenSSL license (the "License"). You may not use
|
Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
this file except in compliance with the License. You can obtain a copy
|
this file except in compliance with the License. You can obtain a copy
|
||||||
|
|||||||
@@ -15,64 +15,76 @@ PKCS7_verify, PKCS7_get0_signers - verify a PKCS#7 signedData structure
|
|||||||
|
|
||||||
=head1 DESCRIPTION
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
PKCS7_verify() verifies a PKCS#7 signedData structure. B<p7> is the PKCS7
|
PKCS7_verify() is very similar to L<CMS_verify(3)>.
|
||||||
structure to verify. B<certs> is a set of certificates in which to search for
|
It verifies a PKCS#7 signedData structure given in I<p7>.
|
||||||
the signer's certificate. B<store> is a trusted certificate store (used for
|
The optional I<certs> parameter refers to a set of certificates
|
||||||
chain verification). B<indata> is the signed data if the content is not
|
in which to search for signer's certificates.
|
||||||
present in B<p7> (that is it is detached). The content is written to B<out>
|
I<p7> may contain extra untrusted CA certificates that may be used for
|
||||||
if it is not NULL.
|
chain building as well as CRLs that may be used for certificate validation.
|
||||||
|
I<store> may be NULL or point to
|
||||||
|
the trusted certificate store to use for chain verification.
|
||||||
|
I<indata> refers to the signed data if the content is detached from I<p7>.
|
||||||
|
Otherwise I<indata> should be NULL, and then the signed data must be in I<p7>.
|
||||||
|
The content is written to the BIO I<out> unless it is NULL.
|
||||||
|
I<flags> is an optional set of flags, which can be used to modify the operation.
|
||||||
|
|
||||||
B<flags> is an optional set of flags, which can be used to modify the verify
|
PKCS7_get0_signers() retrieves the signer's certificates from I<p7>, it does
|
||||||
operation.
|
B<not> check their validity or whether any signatures are valid. The I<certs>
|
||||||
|
and I<flags> parameters have the same meanings as in PKCS7_verify().
|
||||||
PKCS7_get0_signers() retrieves the signer's certificates from B<p7>, it does
|
|
||||||
B<not> check their validity or whether any signatures are valid. The B<certs>
|
|
||||||
and B<flags> parameters have the same meanings as in PKCS7_verify().
|
|
||||||
|
|
||||||
=head1 VERIFY PROCESS
|
=head1 VERIFY PROCESS
|
||||||
|
|
||||||
Normally the verify process proceeds as follows.
|
Normally the verify process proceeds as follows.
|
||||||
|
|
||||||
Initially some sanity checks are performed on B<p7>. The type of B<p7> must
|
Initially some sanity checks are performed on I<p7>. The type of I<p7> must
|
||||||
be signedData. There must be at least one signature on the data and if
|
be SignedData. There must be at least one signature on the data and if
|
||||||
the content is detached B<indata> cannot be B<NULL>. If the content is
|
the content is detached I<indata> cannot be NULL. If the content is
|
||||||
not detached and B<indata> is not B<NULL>, then the structure has both
|
not detached and I<indata> is not NULL then the structure has both
|
||||||
embedded and external content. To treat this as an error, use the flag
|
embedded and external content. To treat this as an error, use the flag
|
||||||
B<PKCS7_NO_DUAL_CONTENT>.
|
B<PKCS7_NO_DUAL_CONTENT>.
|
||||||
The default behavior allows this, for compatibility with older
|
The default behavior allows this, for compatibility with older
|
||||||
versions of OpenSSL.
|
versions of OpenSSL.
|
||||||
|
|
||||||
An attempt is made to locate all the signer's certificates, first looking in
|
An attempt is made to locate all the signer's certificates, first looking in
|
||||||
the B<certs> parameter (if it is not B<NULL>) and then looking in any certificates
|
the I<certs> parameter (if it is not NULL). Then they are looked up in any
|
||||||
contained in the B<p7> structure itself. If any signer's certificates cannot be
|
certificates contained in the I<p7> structure unless B<PKCS7_NOINTERN> is set.
|
||||||
located the operation fails.
|
If any signer's certificates cannot be located the operation fails.
|
||||||
|
|
||||||
Each signer's certificate is chain verified using the B<smimesign> purpose and
|
Each signer's certificate is chain verified using the B<smimesign> purpose and
|
||||||
the supplied trusted certificate store. Any internal certificates in the message
|
using the trusted certificate store I<store> if supplied.
|
||||||
are used as untrusted CAs. If any chain verify fails an error code is returned.
|
Any internal certificates in the message, which may have been added using
|
||||||
|
L<PKCS7_add_certificate(3)>, are used as untrusted CAs unless B<PKCS7_NOCHAIN>
|
||||||
|
is set.
|
||||||
|
If CRL checking is enabled in I<store> and B<PKCS7_NOCRL> is not set,
|
||||||
|
any internal CRLs, which may have been added using L<PKCS7_add_crl(3)>,
|
||||||
|
are used in addition to attempting to look them up in I<store>.
|
||||||
|
If I<store> is not NULL and any chain verify fails an error code is returned.
|
||||||
|
|
||||||
Finally the signed content is read (and written to B<out> is it is not NULL) and
|
Finally the signed content is read (and written to I<out> unless it is NULL)
|
||||||
the signature's checked.
|
and the signature is checked.
|
||||||
|
|
||||||
If all signature's verify correctly then the function is successful.
|
If all signatures verify correctly then the function is successful.
|
||||||
|
|
||||||
Any of the following flags (ored together) can be passed in the B<flags> parameter
|
Any of the following flags (ored together) can be passed in the I<flags>
|
||||||
to change the default verify behaviour. Only the flag B<PKCS7_NOINTERN> is
|
parameter to change the default verify behaviour.
|
||||||
meaningful to PKCS7_get0_signers().
|
Only the flag B<PKCS7_NOINTERN> is meaningful to PKCS7_get0_signers().
|
||||||
|
|
||||||
If B<PKCS7_NOINTERN> is set the certificates in the message itself are not
|
If B<PKCS7_NOINTERN> is set the certificates in the message itself are not
|
||||||
searched when locating the signer's certificate. This means that all the signers
|
searched when locating the signer's certificates.
|
||||||
certificates must be in the B<certs> parameter.
|
This means that all the signer's certificates must be in the I<certs> parameter.
|
||||||
|
|
||||||
If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are deleted
|
If B<PKCS7_NOCRL> is set and CRL checking is enabled in I<store> then any
|
||||||
from the content. If the content is not of type B<text/plain> then an error is
|
CRLs in the message itself are ignored.
|
||||||
|
|
||||||
|
If the B<PKCS7_TEXT> flag is set MIME headers for type C<text/plain> are deleted
|
||||||
|
from the content. If the content is not of type C<text/plain> then an error is
|
||||||
returned.
|
returned.
|
||||||
|
|
||||||
If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified.
|
If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified.
|
||||||
|
|
||||||
If B<PKCS7_NOCHAIN> is set then the certificates contained in the message are
|
If B<PKCS7_NOCHAIN> is set then the certificates contained in the message are
|
||||||
not used as untrusted CAs. This means that the whole verify chain (apart from
|
not used as untrusted CAs. This means that the whole verify chain (apart from
|
||||||
the signer's certificate) must be contained in the trusted store.
|
the signer's certificates) must be contained in the trusted store.
|
||||||
|
|
||||||
If B<PKCS7_NOSIGS> is set then the signatures on the data are not checked.
|
If B<PKCS7_NOSIGS> is set then the signatures on the data are not checked.
|
||||||
|
|
||||||
@@ -80,14 +92,14 @@ If B<PKCS7_NOSIGS> is set then the signatures on the data are not checked.
|
|||||||
|
|
||||||
One application of B<PKCS7_NOINTERN> is to only accept messages signed by
|
One application of B<PKCS7_NOINTERN> is to only accept messages signed by
|
||||||
a small number of certificates. The acceptable certificates would be passed
|
a small number of certificates. The acceptable certificates would be passed
|
||||||
in the B<certs> parameter. In this case if the signer is not one of the
|
in the I<certs> parameter. In this case if the signer's certificate is not one
|
||||||
certificates supplied in B<certs> then the verify will fail because the
|
of the certificates supplied in I<certs> then the verify will fail because the
|
||||||
signer cannot be found.
|
signer cannot be found.
|
||||||
|
|
||||||
Care should be taken when modifying the default verify behaviour, for example
|
Care should be taken when modifying the default verify behaviour, for example
|
||||||
setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification
|
setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification
|
||||||
and any signed message will be considered valid. This combination is however
|
and any signed message will be considered valid. This combination is however
|
||||||
useful if one merely wishes to write the content to B<out> and its validity
|
useful if one merely wishes to write the content to I<out> and its validity
|
||||||
is not considered important.
|
is not considered important.
|
||||||
|
|
||||||
Chain verification should arguably be performed using the signing time rather
|
Chain verification should arguably be performed using the signing time rather
|
||||||
@@ -97,29 +109,29 @@ timestamp).
|
|||||||
|
|
||||||
=head1 RETURN VALUES
|
=head1 RETURN VALUES
|
||||||
|
|
||||||
PKCS7_verify() returns one for a successful verification and zero
|
PKCS7_verify() returns 1 for a successful verification and 0 if an error occurs.
|
||||||
if an error occurs.
|
|
||||||
|
|
||||||
PKCS7_get0_signers() returns all signers or B<NULL> if an error occurred.
|
PKCS7_get0_signers() returns all signers or NULL if an error occurred.
|
||||||
|
|
||||||
The error can be obtained from L<ERR_get_error(3)>
|
The error can be obtained from L<ERR_get_error(3)>.
|
||||||
|
|
||||||
=head1 BUGS
|
=head1 BUGS
|
||||||
|
|
||||||
The trusted certificate store is not searched for the signers certificate,
|
The trusted certificate store is not searched for the signer's certificates.
|
||||||
this is primarily due to the inadequacies of the current B<X509_STORE>
|
This is primarily due to the inadequacies of the current B<X509_STORE>
|
||||||
functionality.
|
functionality.
|
||||||
|
|
||||||
The lack of single pass processing and need to hold all data in memory as
|
The lack of single pass processing means that the signed content must all
|
||||||
mentioned in PKCS7_sign() also applies to PKCS7_verify().
|
be held in memory if it is not detached.
|
||||||
|
|
||||||
=head1 SEE ALSO
|
=head1 SEE ALSO
|
||||||
|
|
||||||
|
L<CMS_verify(3)>, L<PKCS7_add_certificate(3)>, L<PKCS7_add_crl(3)>,
|
||||||
L<ERR_get_error(3)>, L<PKCS7_sign(3)>
|
L<ERR_get_error(3)>, L<PKCS7_sign(3)>
|
||||||
|
|
||||||
=head1 COPYRIGHT
|
=head1 COPYRIGHT
|
||||||
|
|
||||||
Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
|
Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
|
||||||
Licensed under the OpenSSL license (the "License"). You may not use
|
Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
this file except in compliance with the License. You can obtain a copy
|
this file except in compliance with the License. You can obtain a copy
|
||||||
|
|||||||
@@ -175,14 +175,18 @@ It should not normally be necessary for end user applications to call
|
|||||||
X509_STORE_CTX_purpose_inherit() directly. Typically applications should call
|
X509_STORE_CTX_purpose_inherit() directly. Typically applications should call
|
||||||
X509_STORE_CTX_set_purpose() or X509_STORE_CTX_set_trust() instead. Using this
|
X509_STORE_CTX_set_purpose() or X509_STORE_CTX_set_trust() instead. Using this
|
||||||
function it is possible to set the purpose and trust values for the I<ctx> at
|
function it is possible to set the purpose and trust values for the I<ctx> at
|
||||||
the same time. The I<def_purpose> and I<purpose> arguments can have the same
|
the same time.
|
||||||
|
Both I<ctx> and its internal verification parameter pointer must not be NULL.
|
||||||
|
The I<def_purpose> and I<purpose> arguments can have the same
|
||||||
purpose values as described for X509_STORE_CTX_set_purpose() above. The I<trust>
|
purpose values as described for X509_STORE_CTX_set_purpose() above. The I<trust>
|
||||||
argument can have the same trust values as described in
|
argument can have the same trust values as described in
|
||||||
X509_STORE_CTX_set_trust() above. Any of the I<def_purpose>, I<purpose> or
|
X509_STORE_CTX_set_trust() above. Any of the I<def_purpose>, I<purpose> or
|
||||||
I<trust> values may also have the value 0 to indicate that the supplied
|
I<trust> values may also have the value 0 to indicate that the supplied
|
||||||
parameter should be ignored. After calling this function the purpose to be used
|
parameter should be ignored. After calling this function the purpose to be used
|
||||||
for verification is set from the I<purpose> argument, and the trust is set from
|
for verification is set from the I<purpose> argument unless the purpose was
|
||||||
the I<trust> argument. If I<trust> is 0 then the trust value will be set from
|
already set in I<ctx> before, and the trust is set from the I<trust> argument
|
||||||
|
unless the trust was already set in I<ctx> before.
|
||||||
|
If I<trust> is 0 then the trust value will be set from
|
||||||
the default trust value for I<purpose>. If the default trust value for the
|
the default trust value for I<purpose>. If the default trust value for the
|
||||||
purpose is I<X509_TRUST_DEFAULT> and I<trust> is 0 then the default trust value
|
purpose is I<X509_TRUST_DEFAULT> and I<trust> is 0 then the default trust value
|
||||||
associated with the I<def_purpose> value is used for the trust setting instead.
|
associated with the I<def_purpose> value is used for the trust setting instead.
|
||||||
|
|||||||
@@ -39,8 +39,8 @@ extern "C" {
|
|||||||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||||
* major minor fix final patch/beta)
|
* major minor fix final patch/beta)
|
||||||
*/
|
*/
|
||||||
# define OPENSSL_VERSION_NUMBER 0x1010111fL
|
# define OPENSSL_VERSION_NUMBER 0x1010113fL
|
||||||
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1q-freebsd 5 Jul 2022"
|
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1s-freebsd 1 Nov 2022"
|
||||||
|
|
||||||
/*-
|
/*-
|
||||||
* The macros below are to be used for shared library (.so, .dll, ...)
|
* The macros below are to be used for shared library (.so, .dll, ...)
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -161,7 +161,7 @@ int WPACKET_set_flags(WPACKET *pkt, unsigned int flags)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Store the |value| of length |len| at location |data| */
|
/* Store the |value| of length |len| at location |data| */
|
||||||
static int put_value(unsigned char *data, size_t value, size_t len)
|
static int put_value(unsigned char *data, uint64_t value, size_t len)
|
||||||
{
|
{
|
||||||
for (data += len - 1; len > 0; len--) {
|
for (data += len - 1; len > 0; len--) {
|
||||||
*data = (unsigned char)(value & 0xff);
|
*data = (unsigned char)(value & 0xff);
|
||||||
@@ -306,12 +306,12 @@ int WPACKET_start_sub_packet(WPACKET *pkt)
|
|||||||
return WPACKET_start_sub_packet_len__(pkt, 0);
|
return WPACKET_start_sub_packet_len__(pkt, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t size)
|
int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t size)
|
||||||
{
|
{
|
||||||
unsigned char *data;
|
unsigned char *data;
|
||||||
|
|
||||||
/* Internal API, so should not fail */
|
/* Internal API, so should not fail */
|
||||||
if (!ossl_assert(size <= sizeof(unsigned int))
|
if (!ossl_assert(size <= sizeof(uint64_t))
|
||||||
|| !WPACKET_allocate_bytes(pkt, size, &data)
|
|| !WPACKET_allocate_bytes(pkt, size, &data)
|
||||||
|| !put_value(data, val, size))
|
|| !put_value(data, val, size))
|
||||||
return 0;
|
return 0;
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -227,6 +227,28 @@ __owur static ossl_inline int PACKET_peek_net_4(const PACKET *pkt,
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Peek ahead at 8 bytes in network order from |pkt| and store the value in
|
||||||
|
* |*data|
|
||||||
|
*/
|
||||||
|
__owur static ossl_inline int PACKET_peek_net_8(const PACKET *pkt,
|
||||||
|
uint64_t *data)
|
||||||
|
{
|
||||||
|
if (PACKET_remaining(pkt) < 8)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
*data = ((uint64_t)(*pkt->curr)) << 56;
|
||||||
|
*data |= ((uint64_t)(*(pkt->curr + 1))) << 48;
|
||||||
|
*data |= ((uint64_t)(*(pkt->curr + 2))) << 40;
|
||||||
|
*data |= ((uint64_t)(*(pkt->curr + 3))) << 32;
|
||||||
|
*data |= ((uint64_t)(*(pkt->curr + 4))) << 24;
|
||||||
|
*data |= ((uint64_t)(*(pkt->curr + 5))) << 16;
|
||||||
|
*data |= ((uint64_t)(*(pkt->curr + 6))) << 8;
|
||||||
|
*data |= *(pkt->curr + 7);
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
/* Equivalent of n2l */
|
/* Equivalent of n2l */
|
||||||
/* Get 4 bytes in network order from |pkt| and store the value in |*data| */
|
/* Get 4 bytes in network order from |pkt| and store the value in |*data| */
|
||||||
__owur static ossl_inline int PACKET_get_net_4(PACKET *pkt, unsigned long *data)
|
__owur static ossl_inline int PACKET_get_net_4(PACKET *pkt, unsigned long *data)
|
||||||
@@ -251,6 +273,17 @@ __owur static ossl_inline int PACKET_get_net_4_len(PACKET *pkt, size_t *data)
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Get 8 bytes in network order from |pkt| and store the value in |*data| */
|
||||||
|
__owur static ossl_inline int PACKET_get_net_8(PACKET *pkt, uint64_t *data)
|
||||||
|
{
|
||||||
|
if (!PACKET_peek_net_8(pkt, data))
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
packet_forward(pkt, 8);
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
/* Peek ahead at 1 byte from |pkt| and store the value in |*data| */
|
/* Peek ahead at 1 byte from |pkt| and store the value in |*data| */
|
||||||
__owur static ossl_inline int PACKET_peek_1(const PACKET *pkt,
|
__owur static ossl_inline int PACKET_peek_1(const PACKET *pkt,
|
||||||
unsigned int *data)
|
unsigned int *data)
|
||||||
@@ -808,7 +841,7 @@ int WPACKET_sub_reserve_bytes__(WPACKET *pkt, size_t len,
|
|||||||
* 1 byte will fail. Don't call this directly. Use the convenience macros below
|
* 1 byte will fail. Don't call this directly. Use the convenience macros below
|
||||||
* instead.
|
* instead.
|
||||||
*/
|
*/
|
||||||
int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t bytes);
|
int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t bytes);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Convenience macros for calling WPACKET_put_bytes with different
|
* Convenience macros for calling WPACKET_put_bytes with different
|
||||||
@@ -822,6 +855,8 @@ int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t bytes);
|
|||||||
WPACKET_put_bytes__((pkt), (val), 3)
|
WPACKET_put_bytes__((pkt), (val), 3)
|
||||||
#define WPACKET_put_bytes_u32(pkt, val) \
|
#define WPACKET_put_bytes_u32(pkt, val) \
|
||||||
WPACKET_put_bytes__((pkt), (val), 4)
|
WPACKET_put_bytes__((pkt), (val), 4)
|
||||||
|
#define WPACKET_put_bytes_u64(pkt, val) \
|
||||||
|
WPACKET_put_bytes__((pkt), (val), 8)
|
||||||
|
|
||||||
/* Set a maximum size that we will not allow the WPACKET to grow beyond */
|
/* Set a maximum size that we will not allow the WPACKET to grow beyond */
|
||||||
int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize);
|
int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize);
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -115,10 +115,22 @@ size_t ssl3_pending(const SSL *s)
|
|||||||
if (s->rlayer.rstate == SSL_ST_READ_BODY)
|
if (s->rlayer.rstate == SSL_ST_READ_BODY)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
/* Take into account DTLS buffered app data */
|
||||||
|
if (SSL_IS_DTLS(s)) {
|
||||||
|
DTLS1_RECORD_DATA *rdata;
|
||||||
|
pitem *item, *iter;
|
||||||
|
|
||||||
|
iter = pqueue_iterator(s->rlayer.d->buffered_app_data.q);
|
||||||
|
while ((item = pqueue_next(&iter)) != NULL) {
|
||||||
|
rdata = item->data;
|
||||||
|
num += rdata->rrec.length;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
for (i = 0; i < RECORD_LAYER_get_numrpipes(&s->rlayer); i++) {
|
for (i = 0; i < RECORD_LAYER_get_numrpipes(&s->rlayer); i++) {
|
||||||
if (SSL3_RECORD_get_type(&s->rlayer.rrec[i])
|
if (SSL3_RECORD_get_type(&s->rlayer.rrec[i])
|
||||||
!= SSL3_RT_APPLICATION_DATA)
|
!= SSL3_RT_APPLICATION_DATA)
|
||||||
return 0;
|
return num;
|
||||||
num += SSL3_RECORD_get_length(&s->rlayer.rrec[i]);
|
num += SSL3_RECORD_get_length(&s->rlayer.rrec[i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
||||||
* Copyright 2005 Nokia. All rights reserved.
|
* Copyright 2005 Nokia. All rights reserved.
|
||||||
*
|
*
|
||||||
@@ -1026,9 +1026,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
|||||||
* alphanumeric, so we call this an error.
|
* alphanumeric, so we call this an error.
|
||||||
*/
|
*/
|
||||||
SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, SSL_R_INVALID_COMMAND);
|
SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, SSL_R_INVALID_COMMAND);
|
||||||
retval = found = 0;
|
return 0;
|
||||||
l++;
|
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rule == CIPHER_SPECIAL) {
|
if (rule == CIPHER_SPECIAL) {
|
||||||
|
|||||||
@@ -1532,12 +1532,26 @@ int SSL_has_pending(const SSL *s)
|
|||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
* Similar to SSL_pending() but returns a 1 to indicate that we have
|
* Similar to SSL_pending() but returns a 1 to indicate that we have
|
||||||
* unprocessed data available or 0 otherwise (as opposed to the number of
|
* processed or unprocessed data available or 0 otherwise (as opposed to the
|
||||||
* bytes available). Unlike SSL_pending() this will take into account
|
* number of bytes available). Unlike SSL_pending() this will take into
|
||||||
* read_ahead data. A 1 return simply indicates that we have unprocessed
|
* account read_ahead data. A 1 return simply indicates that we have data.
|
||||||
* data. That data may not result in any application data, or we may fail
|
* That data may not result in any application data, or we may fail to parse
|
||||||
* to parse the records for some reason.
|
* the records for some reason.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
/* Check buffered app data if any first */
|
||||||
|
if (SSL_IS_DTLS(s)) {
|
||||||
|
DTLS1_RECORD_DATA *rdata;
|
||||||
|
pitem *item, *iter;
|
||||||
|
|
||||||
|
iter = pqueue_iterator(s->rlayer.d->buffered_app_data.q);
|
||||||
|
while ((item = pqueue_next(&iter)) != NULL) {
|
||||||
|
rdata = item->data;
|
||||||
|
if (rdata->rrec.length > 0)
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (RECORD_LAYER_processed_read_pending(&s->rlayer))
|
if (RECORD_LAYER_processed_read_pending(&s->rlayer))
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -727,6 +727,34 @@ static int serverinfoex_srv_parse_cb(SSL *s, unsigned int ext_type,
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static size_t extension_contextoff(unsigned int version)
|
||||||
|
{
|
||||||
|
return version == SSL_SERVERINFOV1 ? 4 : 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
static size_t extension_append_length(unsigned int version, size_t extension_length)
|
||||||
|
{
|
||||||
|
return extension_length + extension_contextoff(version);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void extension_append(unsigned int version,
|
||||||
|
const unsigned char *extension,
|
||||||
|
const size_t extension_length,
|
||||||
|
unsigned char *serverinfo)
|
||||||
|
{
|
||||||
|
const size_t contextoff = extension_contextoff(version);
|
||||||
|
|
||||||
|
if (contextoff > 0) {
|
||||||
|
/* We know this only uses the last 2 bytes */
|
||||||
|
serverinfo[0] = 0;
|
||||||
|
serverinfo[1] = 0;
|
||||||
|
serverinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff;
|
||||||
|
serverinfo[3] = SYNTHV1CONTEXT & 0xff;
|
||||||
|
}
|
||||||
|
|
||||||
|
memcpy(serverinfo + contextoff, extension, extension_length);
|
||||||
|
}
|
||||||
|
|
||||||
static int serverinfo_srv_parse_cb(SSL *s, unsigned int ext_type,
|
static int serverinfo_srv_parse_cb(SSL *s, unsigned int ext_type,
|
||||||
const unsigned char *in,
|
const unsigned char *in,
|
||||||
size_t inlen, int *al, void *arg)
|
size_t inlen, int *al, void *arg)
|
||||||
@@ -842,12 +870,36 @@ int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version,
|
|||||||
const unsigned char *serverinfo,
|
const unsigned char *serverinfo,
|
||||||
size_t serverinfo_length)
|
size_t serverinfo_length)
|
||||||
{
|
{
|
||||||
unsigned char *new_serverinfo;
|
unsigned char *new_serverinfo = NULL;
|
||||||
|
|
||||||
if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) {
|
if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) {
|
||||||
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_PASSED_NULL_PARAMETER);
|
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
if (version == SSL_SERVERINFOV1) {
|
||||||
|
/*
|
||||||
|
* Convert serverinfo version v1 to v2 and call yourself recursively
|
||||||
|
* over the converted serverinfo.
|
||||||
|
*/
|
||||||
|
const size_t sinfo_length = extension_append_length(SSL_SERVERINFOV1,
|
||||||
|
serverinfo_length);
|
||||||
|
unsigned char *sinfo;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
sinfo = OPENSSL_malloc(sinfo_length);
|
||||||
|
if (sinfo == NULL) {
|
||||||
|
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_MALLOC_FAILURE);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
extension_append(SSL_SERVERINFOV1, serverinfo, serverinfo_length, sinfo);
|
||||||
|
|
||||||
|
ret = SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV2, sinfo,
|
||||||
|
sinfo_length);
|
||||||
|
|
||||||
|
OPENSSL_free(sinfo);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length,
|
if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length,
|
||||||
NULL)) {
|
NULL)) {
|
||||||
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA);
|
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA);
|
||||||
@@ -899,7 +951,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
|
|||||||
char namePrefix2[] = "SERVERINFOV2 FOR ";
|
char namePrefix2[] = "SERVERINFOV2 FOR ";
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
BIO *bin = NULL;
|
BIO *bin = NULL;
|
||||||
size_t num_extensions = 0, contextoff = 0;
|
size_t num_extensions = 0;
|
||||||
|
|
||||||
if (ctx == NULL || file == NULL) {
|
if (ctx == NULL || file == NULL) {
|
||||||
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PASSED_NULL_PARAMETER);
|
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PASSED_NULL_PARAMETER);
|
||||||
@@ -918,6 +970,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
|
|||||||
|
|
||||||
for (num_extensions = 0;; num_extensions++) {
|
for (num_extensions = 0;; num_extensions++) {
|
||||||
unsigned int version;
|
unsigned int version;
|
||||||
|
size_t append_length;
|
||||||
|
|
||||||
if (PEM_read_bio(bin, &name, &header, &extension, &extension_length)
|
if (PEM_read_bio(bin, &name, &header, &extension, &extension_length)
|
||||||
== 0) {
|
== 0) {
|
||||||
@@ -962,11 +1015,6 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
|
|||||||
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
|
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
/*
|
|
||||||
* File does not have a context value so we must take account of
|
|
||||||
* this later.
|
|
||||||
*/
|
|
||||||
contextoff = 4;
|
|
||||||
} else {
|
} else {
|
||||||
/* 8 byte header: 4 bytes context, 2 bytes type, 2 bytes len */
|
/* 8 byte header: 4 bytes context, 2 bytes type, 2 bytes len */
|
||||||
if (extension_length < 8
|
if (extension_length < 8
|
||||||
@@ -977,25 +1025,16 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* Append the decoded extension to the serverinfo buffer */
|
/* Append the decoded extension to the serverinfo buffer */
|
||||||
tmp = OPENSSL_realloc(serverinfo, serverinfo_length + extension_length
|
append_length = extension_append_length(version, extension_length);
|
||||||
+ contextoff);
|
tmp = OPENSSL_realloc(serverinfo, serverinfo_length + append_length);
|
||||||
if (tmp == NULL) {
|
if (tmp == NULL) {
|
||||||
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
|
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
serverinfo = tmp;
|
serverinfo = tmp;
|
||||||
if (contextoff > 0) {
|
extension_append(version, extension, extension_length,
|
||||||
unsigned char *sinfo = serverinfo + serverinfo_length;
|
serverinfo + serverinfo_length);
|
||||||
|
serverinfo_length += append_length;
|
||||||
/* We know this only uses the last 2 bytes */
|
|
||||||
sinfo[0] = 0;
|
|
||||||
sinfo[1] = 0;
|
|
||||||
sinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff;
|
|
||||||
sinfo[3] = SYNTHV1CONTEXT & 0xff;
|
|
||||||
}
|
|
||||||
memcpy(serverinfo + serverinfo_length + contextoff,
|
|
||||||
extension, extension_length);
|
|
||||||
serverinfo_length += extension_length + contextoff;
|
|
||||||
|
|
||||||
OPENSSL_free(name);
|
OPENSSL_free(name);
|
||||||
name = NULL;
|
name = NULL;
|
||||||
|
|||||||
@@ -1002,7 +1002,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context,
|
|||||||
X509 *x, size_t chainidx)
|
X509 *x, size_t chainidx)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_TLS1_3
|
#ifndef OPENSSL_NO_TLS1_3
|
||||||
uint32_t now, agesec, agems = 0;
|
uint32_t agesec, agems = 0;
|
||||||
size_t reshashsize = 0, pskhashsize = 0, binderoffset, msglen;
|
size_t reshashsize = 0, pskhashsize = 0, binderoffset, msglen;
|
||||||
unsigned char *resbinder = NULL, *pskbinder = NULL, *msgstart = NULL;
|
unsigned char *resbinder = NULL, *pskbinder = NULL, *msgstart = NULL;
|
||||||
const EVP_MD *handmd = NULL, *mdres = NULL, *mdpsk = NULL;
|
const EVP_MD *handmd = NULL, *mdres = NULL, *mdpsk = NULL;
|
||||||
@@ -1059,8 +1059,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context,
|
|||||||
* this in multiple places in the code, so portability shouldn't be an
|
* this in multiple places in the code, so portability shouldn't be an
|
||||||
* issue.
|
* issue.
|
||||||
*/
|
*/
|
||||||
now = (uint32_t)time(NULL);
|
agesec = (uint32_t)(time(NULL) - s->session->time);
|
||||||
agesec = now - (uint32_t)s->session->time;
|
|
||||||
/*
|
/*
|
||||||
* We calculate the age in seconds but the server may work in ms. Due to
|
* We calculate the age in seconds but the server may work in ms. Due to
|
||||||
* rounding errors we could overestimate the age by up to 1s. It is
|
* rounding errors we could overestimate the age by up to 1s. It is
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -12,16 +12,16 @@
|
|||||||
#include "statem_local.h"
|
#include "statem_local.h"
|
||||||
#include "internal/cryptlib.h"
|
#include "internal/cryptlib.h"
|
||||||
|
|
||||||
#define COOKIE_STATE_FORMAT_VERSION 0
|
#define COOKIE_STATE_FORMAT_VERSION 1
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* 2 bytes for packet length, 2 bytes for format version, 2 bytes for
|
* 2 bytes for packet length, 2 bytes for format version, 2 bytes for
|
||||||
* protocol version, 2 bytes for group id, 2 bytes for cipher id, 1 byte for
|
* protocol version, 2 bytes for group id, 2 bytes for cipher id, 1 byte for
|
||||||
* key_share present flag, 4 bytes for timestamp, 2 bytes for the hashlen,
|
* key_share present flag, 8 bytes for timestamp, 2 bytes for the hashlen,
|
||||||
* EVP_MAX_MD_SIZE for transcript hash, 1 byte for app cookie length, app cookie
|
* EVP_MAX_MD_SIZE for transcript hash, 1 byte for app cookie length, app cookie
|
||||||
* length bytes, SHA256_DIGEST_LENGTH bytes for the HMAC of the whole thing.
|
* length bytes, SHA256_DIGEST_LENGTH bytes for the HMAC of the whole thing.
|
||||||
*/
|
*/
|
||||||
#define MAX_COOKIE_SIZE (2 + 2 + 2 + 2 + 2 + 1 + 4 + 2 + EVP_MAX_MD_SIZE + 1 \
|
#define MAX_COOKIE_SIZE (2 + 2 + 2 + 2 + 2 + 1 + 8 + 2 + EVP_MAX_MD_SIZE + 1 \
|
||||||
+ SSL_COOKIE_LENGTH + SHA256_DIGEST_LENGTH)
|
+ SSL_COOKIE_LENGTH + SHA256_DIGEST_LENGTH)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -741,7 +741,7 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
|
|||||||
unsigned char hmac[SHA256_DIGEST_LENGTH];
|
unsigned char hmac[SHA256_DIGEST_LENGTH];
|
||||||
unsigned char hrr[MAX_HRR_SIZE];
|
unsigned char hrr[MAX_HRR_SIZE];
|
||||||
size_t rawlen, hmaclen, hrrlen, ciphlen;
|
size_t rawlen, hmaclen, hrrlen, ciphlen;
|
||||||
unsigned long tm, now;
|
uint64_t tm, now;
|
||||||
|
|
||||||
/* Ignore any cookie if we're not set up to verify it */
|
/* Ignore any cookie if we're not set up to verify it */
|
||||||
if (s->ctx->verify_stateless_cookie_cb == NULL
|
if (s->ctx->verify_stateless_cookie_cb == NULL
|
||||||
@@ -851,7 +851,7 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!PACKET_get_1(&cookie, &key_share)
|
if (!PACKET_get_1(&cookie, &key_share)
|
||||||
|| !PACKET_get_net_4(&cookie, &tm)
|
|| !PACKET_get_net_8(&cookie, &tm)
|
||||||
|| !PACKET_get_length_prefixed_2(&cookie, &chhash)
|
|| !PACKET_get_length_prefixed_2(&cookie, &chhash)
|
||||||
|| !PACKET_get_length_prefixed_1(&cookie, &appcookie)
|
|| !PACKET_get_length_prefixed_1(&cookie, &appcookie)
|
||||||
|| PACKET_remaining(&cookie) != SHA256_DIGEST_LENGTH) {
|
|| PACKET_remaining(&cookie) != SHA256_DIGEST_LENGTH) {
|
||||||
@@ -861,7 +861,7 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* We tolerate a cookie age of up to 10 minutes (= 60 * 10 seconds) */
|
/* We tolerate a cookie age of up to 10 minutes (= 60 * 10 seconds) */
|
||||||
now = (unsigned long)time(NULL);
|
now = time(NULL);
|
||||||
if (tm > now || (now - tm) > 600) {
|
if (tm > now || (now - tm) > 600) {
|
||||||
/* Cookie is stale. Ignore it */
|
/* Cookie is stale. Ignore it */
|
||||||
return 1;
|
return 1;
|
||||||
@@ -1167,7 +1167,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
|
|||||||
s->ext.early_data_ok = 1;
|
s->ext.early_data_ok = 1;
|
||||||
s->ext.ticket_expected = 1;
|
s->ext.ticket_expected = 1;
|
||||||
} else {
|
} else {
|
||||||
uint32_t ticket_age = 0, now, agesec, agems;
|
uint32_t ticket_age = 0, agesec, agems;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -1209,8 +1209,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
|
|||||||
}
|
}
|
||||||
|
|
||||||
ticket_age = (uint32_t)ticket_agel;
|
ticket_age = (uint32_t)ticket_agel;
|
||||||
now = (uint32_t)time(NULL);
|
agesec = (uint32_t)(time(NULL) - sess->time);
|
||||||
agesec = now - (uint32_t)sess->time;
|
|
||||||
agems = agesec * (uint32_t)1000;
|
agems = agesec * (uint32_t)1000;
|
||||||
ticket_age -= sess->ext.tick_age_add;
|
ticket_age -= sess->ext.tick_age_add;
|
||||||
|
|
||||||
@@ -1800,7 +1799,7 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context,
|
|||||||
&ciphlen)
|
&ciphlen)
|
||||||
/* Is there a key_share extension present in this HRR? */
|
/* Is there a key_share extension present in this HRR? */
|
||||||
|| !WPACKET_put_bytes_u8(pkt, s->s3->peer_tmp == NULL)
|
|| !WPACKET_put_bytes_u8(pkt, s->s3->peer_tmp == NULL)
|
||||||
|| !WPACKET_put_bytes_u32(pkt, (unsigned int)time(NULL))
|
|| !WPACKET_put_bytes_u64(pkt, time(NULL))
|
||||||
|| !WPACKET_start_sub_packet_u16(pkt)
|
|| !WPACKET_start_sub_packet_u16(pkt)
|
||||||
|| !WPACKET_reserve_bytes(pkt, EVP_MAX_MD_SIZE, &hashval1)) {
|
|| !WPACKET_reserve_bytes(pkt, EVP_MAX_MD_SIZE, &hashval1)) {
|
||||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE,
|
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE,
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
@@ -192,6 +192,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
|
|||||||
if (!ossl_assert(mdleni >= 0)) {
|
if (!ossl_assert(mdleni >= 0)) {
|
||||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_GENERATE_SECRET,
|
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_GENERATE_SECRET,
|
||||||
ERR_R_INTERNAL_ERROR);
|
ERR_R_INTERNAL_ERROR);
|
||||||
|
EVP_PKEY_CTX_free(pctx);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
mdlen = (size_t)mdleni;
|
mdlen = (size_t)mdleni;
|
||||||
|
|||||||
Reference in New Issue
Block a user