From c11b71fd2fd6fbbf60bff5c09de3e366172c8c38 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Thu, 19 Mar 2020 17:44:25 +0100 Subject: [PATCH] update to the 1.1.1e release add selftest of the RAND_DRBG implementation fix incorrect error return value from FIPS_selftest_dsa --- .gitignore | 1 + ec_curve.c | 2 +- ectest.c | 106 +++- openssl-1.1.1-aes-asm.patch | 58 -- openssl-1.1.1-evp-kdf.patch | 390 +++++++------- openssl-1.1.1-fips-crng-test.patch | 70 +-- openssl-1.1.1-fips-drbg-selftest.patch | 585 ++++++++++++++++++++ openssl-1.1.1-fips-post-rand.patch | 86 +-- openssl-1.1.1-fips.patch | 704 ++++++++++++------------- openssl-1.1.1-intel-cet.patch | 551 +++---------------- openssl-1.1.1-krb5-kdf.patch | 14 +- openssl-1.1.1-s390x-update.patch | 35 +- openssl-1.1.1-ssh-kdf.patch | 8 +- openssl-1.1.1-upstream-sync.patch | 153 ------ openssl-1.1.1-version-override.patch | 12 +- openssl.spec | 15 +- sources | 2 +- 17 files changed, 1438 insertions(+), 1354 deletions(-) delete mode 100644 openssl-1.1.1-aes-asm.patch create mode 100644 openssl-1.1.1-fips-drbg-selftest.patch delete mode 100644 openssl-1.1.1-upstream-sync.patch diff --git a/.gitignore b/.gitignore index f5aac5a..d7d7167 100644 --- a/.gitignore +++ b/.gitignore @@ -45,3 +45,4 @@ openssl-1.0.0a-usa.tar.bz2 /openssl-1.1.1b-hobbled.tar.xz /openssl-1.1.1c-hobbled.tar.xz /openssl-1.1.1d-hobbled.tar.xz +/openssl-1.1.1e-hobbled.tar.xz diff --git a/ec_curve.c b/ec_curve.c index 342765a..9171ed4 100644 --- a/ec_curve.c +++ b/ec_curve.c @@ -9,7 +9,7 @@ */ #include -#include "ec_lcl.h" +#include "ec_local.h" #include #include #include diff --git a/ectest.c b/ectest.c index ef4e6b9..c16642e 100644 --- a/ectest.c +++ b/ectest.c @@ -1116,7 +1116,8 @@ static int parameter_test(void) unsigned char *buf = NULL; int r = 0, len; - if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_secp384r1)) + /* must use a curve without a special group method */ + if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_secp256k1)) || !TEST_ptr(ecparameters = EC_GROUP_get_ecparameters(group, NULL)) || !TEST_ptr(group2 = EC_GROUP_new_from_ecparameters(ecparameters)) || !TEST_int_eq(EC_GROUP_cmp(group, group2, NULL), 0)) @@ -1324,7 +1325,107 @@ static int cardinality_test(int n) BN_CTX_free(ctx); return ret; } -#endif + +/* + * Helper for ec_point_hex2point_test + * + * Self-tests EC_POINT_point2hex() against EC_POINT_hex2point() for the given + * (group,P) pair. + * + * If P is NULL use point at infinity. + */ +static ossl_inline +int ec_point_hex2point_test_helper(const EC_GROUP *group, const EC_POINT *P, + point_conversion_form_t form, + BN_CTX *bnctx) +{ + int ret = 0; + EC_POINT *Q = NULL, *Pinf = NULL; + char *hex = NULL; + + if (P == NULL) { + /* If P is NULL use point at infinity. */ + if (!TEST_ptr(Pinf = EC_POINT_new(group)) + || !TEST_true(EC_POINT_set_to_infinity(group, Pinf))) + goto err; + P = Pinf; + } + + if (!TEST_ptr(hex = EC_POINT_point2hex(group, P, form, bnctx)) + || !TEST_ptr(Q = EC_POINT_hex2point(group, hex, NULL, bnctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, bnctx))) + goto err; + + /* + * The next check is most likely superfluous, as EC_POINT_cmp should already + * cover this. + * Nonetheless it increases the test coverage for EC_POINT_is_at_infinity, + * so we include it anyway! + */ + if (Pinf != NULL + && !TEST_true(EC_POINT_is_at_infinity(group, Q))) + goto err; + + ret = 1; + + err: + EC_POINT_free(Pinf); + OPENSSL_free(hex); + EC_POINT_free(Q); + + return ret; +} + +/* + * This test self-validates EC_POINT_hex2point() and EC_POINT_point2hex() + */ +static int ec_point_hex2point_test(int id) +{ + int ret = 0, nid; + EC_GROUP *group = NULL; + const EC_POINT *G = NULL; + EC_POINT *P = NULL; + BN_CTX * bnctx = NULL; + + /* Do some setup */ + nid = curves[id].nid; + if (!TEST_ptr(bnctx = BN_CTX_new()) + || !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid)) + || !TEST_ptr(G = EC_GROUP_get0_generator(group)) + || !TEST_ptr(P = EC_POINT_dup(G, group))) + goto err; + + if (!TEST_true(ec_point_hex2point_test_helper(group, P, + POINT_CONVERSION_COMPRESSED, + bnctx)) + || !TEST_true(ec_point_hex2point_test_helper(group, NULL, + POINT_CONVERSION_COMPRESSED, + bnctx)) + || !TEST_true(ec_point_hex2point_test_helper(group, P, + POINT_CONVERSION_UNCOMPRESSED, + bnctx)) + || !TEST_true(ec_point_hex2point_test_helper(group, NULL, + POINT_CONVERSION_UNCOMPRESSED, + bnctx)) + || !TEST_true(ec_point_hex2point_test_helper(group, P, + POINT_CONVERSION_HYBRID, + bnctx)) + || !TEST_true(ec_point_hex2point_test_helper(group, NULL, + POINT_CONVERSION_HYBRID, + bnctx))) + goto err; + + ret = 1; + + err: + EC_POINT_free(P); + EC_GROUP_free(group); + BN_CTX_free(bnctx); + + return ret; +} + +#endif /* OPENSSL_NO_EC */ int setup_tests(void) { @@ -1350,6 +1451,7 @@ int setup_tests(void) ADD_ALL_TESTS(internal_curve_test_method, crv_len); ADD_ALL_TESTS(check_named_curve_from_ecparameters, crv_len); + ADD_ALL_TESTS(ec_point_hex2point_test, crv_len); #endif /* OPENSSL_NO_EC */ return 1; } diff --git a/openssl-1.1.1-aes-asm.patch b/openssl-1.1.1-aes-asm.patch deleted file mode 100644 index 65b8213..0000000 --- a/openssl-1.1.1-aes-asm.patch +++ /dev/null @@ -1,58 +0,0 @@ -commit 61cc715240d2d3f9511ca88043a3e9797c11482f -Author: Richard Levitte -Date: Thu Oct 3 08:28:31 2019 +0200 - - Define AESNI_ASM if AESNI assembler is included, and use it - - Because we have cases where basic assembler support isn't present, but - AESNI asssembler support is, we need a separate macro that indicates - that, and use it. - - Reviewed-by: Tomas Mraz - Reviewed-by: Paul Dale - (Merged from https://github.com/openssl/openssl/pull/10080) - -diff --git a/Configure b/Configure -index 811bee81f5..f498ac2f81 100755 ---- a/Configure -+++ b/Configure -@@ -1376,6 +1376,7 @@ unless ($disabled{asm}) { - } - if ($target{aes_asm_src}) { - push @{$config{lib_defines}}, "AES_ASM" if ($target{aes_asm_src} =~ m/\baes-/);; -+ push @{$config{lib_defines}}, "AESNI_ASM" if ($target{aes_asm_src} =~ m/\baesni-/);; - # aes-ctr.fake is not a real file, only indication that assembler - # module implements AES_ctr32_encrypt... - push @{$config{lib_defines}}, "AES_CTR_ASM" if ($target{aes_asm_src} =~ s/\s*aes-ctr\.fake//); -diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c -index c9f5969162..27c36b46e7 100644 ---- a/crypto/evp/e_aes_cbc_hmac_sha1.c -+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c -@@ -33,7 +33,7 @@ typedef struct { - - #define NO_PAYLOAD_LENGTH ((size_t)-1) - --#if defined(AES_ASM) && ( \ -+#if defined(AESNI_ASM) && ( \ - defined(__x86_64) || defined(__x86_64__) || \ - defined(_M_AMD64) || defined(_M_X64) ) - -diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c -index d5178313ae..cc622b6faa 100644 ---- a/crypto/evp/e_aes_cbc_hmac_sha256.c -+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c -@@ -34,7 +34,7 @@ typedef struct { - - # define NO_PAYLOAD_LENGTH ((size_t)-1) - --#if defined(AES_ASM) && ( \ -+#if defined(AESNI_ASM) && ( \ - defined(__x86_64) || defined(__x86_64__) || \ - defined(_M_AMD64) || defined(_M_X64) ) - -@@ -947,4 +947,4 @@ const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void) - { - return NULL; - } --#endif -+#endif /* AESNI_ASM */ diff --git a/openssl-1.1.1-evp-kdf.patch b/openssl-1.1.1-evp-kdf.patch index b25dffb..f1d7618 100644 --- a/openssl-1.1.1-evp-kdf.patch +++ b/openssl-1.1.1-evp-kdf.patch @@ -1,6 +1,6 @@ -diff -up openssl-1.1.1d/crypto/err/openssl.txt.evp-kdf openssl-1.1.1d/crypto/err/openssl.txt ---- openssl-1.1.1d/crypto/err/openssl.txt.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/err/openssl.txt 2019-09-13 15:45:01.723001323 +0200 +diff -up openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf openssl-1.1.1e/crypto/err/openssl.txt +--- openssl-1.1.1e/crypto/err/openssl.txt.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/err/openssl.txt 2020-03-19 16:04:11.299063517 +0100 @@ -747,6 +747,9 @@ EVP_F_EVP_DIGESTINIT_EX:128:EVP_DigestIn EVP_F_EVP_ENCRYPTDECRYPTUPDATE:219:evp_EncryptDecryptUpdate EVP_F_EVP_ENCRYPTFINAL_EX:127:EVP_EncryptFinal_ex @@ -51,7 +51,7 @@ diff -up openssl-1.1.1d/crypto/err/openssl.txt.evp-kdf openssl-1.1.1d/crypto/err KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid -@@ -2273,6 +2296,7 @@ EVP_R_ONLY_ONESHOT_SUPPORTED:177:only on +@@ -2277,6 +2300,7 @@ EVP_R_ONLY_ONESHOT_SUPPORTED:177:only on EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\ operation not supported for this keytype EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized @@ -59,7 +59,7 @@ diff -up openssl-1.1.1d/crypto/err/openssl.txt.evp-kdf openssl-1.1.1d/crypto/err EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers EVP_R_PBKDF2_ERROR:181:pbkdf2 error EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\ -@@ -2309,6 +2333,7 @@ KDF_R_MISSING_SEED:106:missing seed +@@ -2313,6 +2337,7 @@ KDF_R_MISSING_SEED:106:missing seed KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type KDF_R_VALUE_ERROR:108:value error KDF_R_VALUE_MISSING:102:value missing @@ -67,9 +67,9 @@ diff -up openssl-1.1.1d/crypto/err/openssl.txt.evp-kdf openssl-1.1.1d/crypto/err OBJ_R_OID_EXISTS:102:oid exists OBJ_R_UNKNOWN_NID:101:unknown nid OCSP_R_CERTIFICATE_VERIFY_ERROR:101:certificate verify error -diff -up openssl-1.1.1d/crypto/evp/build.info.evp-kdf openssl-1.1.1d/crypto/evp/build.info ---- openssl-1.1.1d/crypto/evp/build.info.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/build.info 2019-09-13 15:39:20.268982830 +0200 +diff -up openssl-1.1.1e/crypto/evp/build.info.evp-kdf openssl-1.1.1e/crypto/evp/build.info +--- openssl-1.1.1e/crypto/evp/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/build.info 2020-03-19 16:04:11.300063500 +0100 @@ -9,7 +9,8 @@ SOURCE[../../libcrypto]=\ p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ @@ -80,35 +80,36 @@ diff -up openssl-1.1.1d/crypto/evp/build.info.evp-kdf openssl-1.1.1d/crypto/evp/ e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \ e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \ e_chacha20_poly1305.c cmeth_lib.c -diff -up openssl-1.1.1d/crypto/evp/e_chacha20_poly1305.c.evp-kdf openssl-1.1.1d/crypto/evp/e_chacha20_poly1305.c ---- openssl-1.1.1d/crypto/evp/e_chacha20_poly1305.c.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/e_chacha20_poly1305.c 2019-09-13 15:39:20.268982830 +0200 -@@ -14,8 +14,8 @@ +diff -up openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c.evp-kdf openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c +--- openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c.evp-kdf 2020-03-19 16:04:11.300063500 +0100 ++++ openssl-1.1.1e/crypto/evp/e_chacha20_poly1305.c 2020-03-19 16:16:46.497967633 +0100 +@@ -14,9 +14,9 @@ # include # include --# include "evp_locl.h" - # include "internal/evp_int.h" -+# include "evp_locl.h" - # include "internal/chacha.h" +-# include "evp_local.h" + # include "crypto/evp.h" + # include "crypto/chacha.h" ++# include "evp_local.h" typedef struct { -diff -up openssl-1.1.1d/crypto/evp/encode.c.evp-kdf openssl-1.1.1d/crypto/evp/encode.c ---- openssl-1.1.1d/crypto/evp/encode.c.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/encode.c 2019-09-13 15:39:20.268982830 +0200 + union { +diff -up openssl-1.1.1e/crypto/evp/encode.c.evp-kdf openssl-1.1.1e/crypto/evp/encode.c +--- openssl-1.1.1e/crypto/evp/encode.c.evp-kdf 2020-03-19 16:04:11.301063483 +0100 ++++ openssl-1.1.1e/crypto/evp/encode.c 2020-03-19 16:14:13.147628683 +0100 @@ -11,8 +11,8 @@ #include #include "internal/cryptlib.h" #include --#include "evp_locl.h" - #include "internal/evp_int.h" -+#include "evp_locl.h" +-#include "evp_local.h" + #include "crypto/evp.h" ++#include "evp_local.h" static unsigned char conv_ascii2bin(unsigned char a, const unsigned char *table); -diff -up openssl-1.1.1d/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1d/crypto/evp/evp_err.c ---- openssl-1.1.1d/crypto/evp/evp_err.c.evp-kdf 2019-09-13 15:39:20.226983569 +0200 -+++ openssl-1.1.1d/crypto/evp/evp_err.c 2019-09-13 15:44:00.070076961 +0200 +diff -up openssl-1.1.1e/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1e/crypto/evp/evp_err.c +--- openssl-1.1.1e/crypto/evp/evp_err.c.evp-kdf 2020-03-19 16:04:11.218064919 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_err.c 2020-03-19 16:04:11.302063465 +0100 @@ -60,6 +60,9 @@ static const ERR_STRING_DATA EVP_str_fun {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, 0), "EVP_EncryptFinal_ex"}, @@ -134,7 +135,7 @@ diff -up openssl-1.1.1d/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1d/crypto/evp/e {ERR_PACK(ERR_LIB_EVP, EVP_F_UPDATE, 0), "update"}, {0, NULL} }; -@@ -240,6 +245,8 @@ static const ERR_STRING_DATA EVP_str_rea +@@ -241,6 +246,8 @@ static const ERR_STRING_DATA EVP_str_rea "operation not supported for this keytype"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"}, @@ -143,9 +144,9 @@ diff -up openssl-1.1.1d/crypto/evp/evp_err.c.evp-kdf openssl-1.1.1d/crypto/evp/e {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING), "partially overlapping buffers"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"}, -diff -up openssl-1.1.1d/crypto/evp/evp_locl.h.evp-kdf openssl-1.1.1d/crypto/evp/evp_locl.h ---- openssl-1.1.1d/crypto/evp/evp_locl.h.evp-kdf 2019-09-13 15:39:19.820990718 +0200 -+++ openssl-1.1.1d/crypto/evp/evp_locl.h 2019-09-13 15:39:24.144914578 +0200 +diff -up openssl-1.1.1e/crypto/evp/evp_local.h.evp-kdf openssl-1.1.1e/crypto/evp/evp_local.h +--- openssl-1.1.1e/crypto/evp/evp_local.h.evp-kdf 2020-03-19 16:04:10.657074629 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_local.h 2020-03-19 16:04:20.722900404 +0100 @@ -41,6 +41,11 @@ struct evp_cipher_ctx_st { unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */ } /* EVP_CIPHER_CTX */ ; @@ -158,20 +159,20 @@ diff -up openssl-1.1.1d/crypto/evp/evp_locl.h.evp-kdf openssl-1.1.1d/crypto/evp/ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, -diff -up openssl-1.1.1d/crypto/evp/evp_pbe.c.evp-kdf openssl-1.1.1d/crypto/evp/evp_pbe.c ---- openssl-1.1.1d/crypto/evp/evp_pbe.c.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/evp_pbe.c 2019-09-13 15:39:24.145914561 +0200 +diff -up openssl-1.1.1e/crypto/evp/evp_pbe.c.evp-kdf openssl-1.1.1e/crypto/evp/evp_pbe.c +--- openssl-1.1.1e/crypto/evp/evp_pbe.c.evp-kdf 2020-03-19 16:04:20.723900386 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_pbe.c 2020-03-19 16:11:56.425001210 +0100 @@ -12,6 +12,7 @@ #include #include #include -+#include "internal/evp_int.h" - #include "evp_locl.h" ++#include "crypto/evp.h" + #include "evp_local.h" /* Password based encryption (PBE) functions */ -diff -up openssl-1.1.1d/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1d/crypto/evp/kdf_lib.c ---- openssl-1.1.1d/crypto/evp/kdf_lib.c.evp-kdf 2019-09-13 15:39:24.146914543 +0200 -+++ openssl-1.1.1d/crypto/evp/kdf_lib.c 2019-09-13 15:39:24.146914543 +0200 +diff -up openssl-1.1.1e/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1e/crypto/evp/kdf_lib.c +--- openssl-1.1.1e/crypto/evp/kdf_lib.c.evp-kdf 2020-03-19 16:04:20.723900386 +0100 ++++ openssl-1.1.1e/crypto/evp/kdf_lib.c 2020-03-19 16:04:20.723900386 +0100 @@ -0,0 +1,165 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -190,10 +191,10 @@ diff -up openssl-1.1.1d/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1d/crypto/evp/k +#include +#include +#include -+#include "internal/asn1_int.h" -+#include "internal/evp_int.h" ++#include "crypto/asn1.h" ++#include "crypto/evp.h" +#include "internal/numbers.h" -+#include "evp_locl.h" ++#include "evp_local.h" + +typedef int sk_cmp_fn_type(const char *const *a, const char *const *b); + @@ -338,9 +339,9 @@ diff -up openssl-1.1.1d/crypto/evp/kdf_lib.c.evp-kdf openssl-1.1.1d/crypto/evp/k + return ctx->kmeth->derive(ctx->impl, key, keylen); +} + -diff -up openssl-1.1.1d/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1d/crypto/evp/p5_crpt2.c ---- openssl-1.1.1d/crypto/evp/p5_crpt2.c.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/p5_crpt2.c 2019-09-13 15:39:24.147914525 +0200 +diff -up openssl-1.1.1e/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1e/crypto/evp/p5_crpt2.c +--- openssl-1.1.1e/crypto/evp/p5_crpt2.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/p5_crpt2.c 2020-03-19 16:17:48.822886126 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. @@ -355,13 +356,13 @@ diff -up openssl-1.1.1d/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1d/crypto/evp/ -# include -# include -# include --# include "evp_locl.h" +-# include "evp_local.h" +#include +#include +#include +#include -+#include "internal/evp_int.h" -+#include "evp_locl.h" ++#include "crypto/evp.h" ++#include "evp_local.h" /* set this to print out info about the keygen algorithm */ /* #define OPENSSL_DEBUG_PKCS5V2 */ @@ -489,9 +490,9 @@ diff -up openssl-1.1.1d/crypto/evp/p5_crpt2.c.evp-kdf openssl-1.1.1d/crypto/evp/ } int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, -diff -up openssl-1.1.1d/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1d/crypto/evp/pbe_scrypt.c ---- openssl-1.1.1d/crypto/evp/pbe_scrypt.c.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/pbe_scrypt.c 2019-09-13 15:39:24.150914473 +0200 +diff -up openssl-1.1.1e/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1e/crypto/evp/pbe_scrypt.c +--- openssl-1.1.1e/crypto/evp/pbe_scrypt.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/pbe_scrypt.c 2020-03-19 16:04:20.725900352 +0100 @@ -7,135 +7,12 @@ * https://www.openssl.org/source/license.html */ @@ -762,9 +763,9 @@ diff -up openssl-1.1.1d/crypto/evp/pbe_scrypt.c.evp-kdf openssl-1.1.1d/crypto/ev } + #endif -diff -up openssl-1.1.1d/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1d/crypto/evp/pkey_kdf.c ---- openssl-1.1.1d/crypto/evp/pkey_kdf.c.evp-kdf 2019-09-13 15:39:24.154914402 +0200 -+++ openssl-1.1.1d/crypto/evp/pkey_kdf.c 2019-09-13 15:39:24.154914402 +0200 +diff -up openssl-1.1.1e/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1e/crypto/evp/pkey_kdf.c +--- openssl-1.1.1e/crypto/evp/pkey_kdf.c.evp-kdf 2020-03-19 16:04:20.726900334 +0100 ++++ openssl-1.1.1e/crypto/evp/pkey_kdf.c 2020-03-19 16:04:20.725900352 +0100 @@ -0,0 +1,255 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -780,7 +781,7 @@ diff -up openssl-1.1.1d/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1d/crypto/evp/ +#include +#include +#include -+#include "internal/evp_int.h" ++#include "crypto/evp.h" + +static int pkey_kdf_init(EVP_PKEY_CTX *ctx) +{ @@ -1021,45 +1022,17 @@ diff -up openssl-1.1.1d/crypto/evp/pkey_kdf.c.evp-kdf openssl-1.1.1d/crypto/evp/ + pkey_kdf_ctrl_str +}; + -diff -up openssl-1.1.1d/crypto/include/internal/evp_int.h.evp-kdf openssl-1.1.1d/crypto/include/internal/evp_int.h ---- openssl-1.1.1d/crypto/include/internal/evp_int.h.evp-kdf 2019-09-13 15:39:19.873989785 +0200 -+++ openssl-1.1.1d/crypto/include/internal/evp_int.h 2019-09-13 15:39:24.155914384 +0200 -@@ -112,6 +112,24 @@ extern const EVP_PKEY_METHOD hkdf_pkey_m - extern const EVP_PKEY_METHOD poly1305_pkey_meth; - extern const EVP_PKEY_METHOD siphash_pkey_meth; - -+/* struct evp_kdf_impl_st is defined by the implementation */ -+typedef struct evp_kdf_impl_st EVP_KDF_IMPL; -+typedef struct { -+ int type; -+ EVP_KDF_IMPL *(*new) (void); -+ void (*free) (EVP_KDF_IMPL *impl); -+ void (*reset) (EVP_KDF_IMPL *impl); -+ int (*ctrl) (EVP_KDF_IMPL *impl, int cmd, va_list args); -+ int (*ctrl_str) (EVP_KDF_IMPL *impl, const char *type, const char *value); -+ size_t (*size) (EVP_KDF_IMPL *impl); -+ int (*derive) (EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen); -+} EVP_KDF_METHOD; -+ -+extern const EVP_KDF_METHOD pbkdf2_kdf_meth; -+extern const EVP_KDF_METHOD scrypt_kdf_meth; -+extern const EVP_KDF_METHOD tls1_prf_kdf_meth; -+extern const EVP_KDF_METHOD hkdf_kdf_meth; -+ - struct evp_md_st { - int type; - int pkey_type; -diff -up openssl-1.1.1d/crypto/kdf/build.info.evp-kdf openssl-1.1.1d/crypto/kdf/build.info ---- openssl-1.1.1d/crypto/kdf/build.info.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/kdf/build.info 2019-09-13 15:39:24.156914367 +0200 +diff -up openssl-1.1.1e/crypto/kdf/build.info.evp-kdf openssl-1.1.1e/crypto/kdf/build.info +--- openssl-1.1.1e/crypto/kdf/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/build.info 2020-03-19 16:04:32.347699194 +0100 @@ -1,3 +1,3 @@ LIBS=../../libcrypto SOURCE[../../libcrypto]=\ - tls1_prf.c kdf_err.c hkdf.c scrypt.c + tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c -diff -up openssl-1.1.1d/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1d/crypto/kdf/hkdf.c ---- openssl-1.1.1d/crypto/kdf/hkdf.c.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/kdf/hkdf.c 2019-09-13 15:39:24.158914332 +0200 +diff -up openssl-1.1.1e/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1e/crypto/kdf/hkdf.c +--- openssl-1.1.1e/crypto/kdf/hkdf.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/hkdf.c 2020-03-19 16:06:59.757147720 +0100 @@ -8,32 +8,33 @@ */ @@ -1067,11 +1040,10 @@ diff -up openssl-1.1.1d/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1d/crypto/kdf/hkdf +#include #include #include --#include + #include #include -+#include #include "internal/cryptlib.h" - #include "internal/evp_int.h" + #include "crypto/evp.h" +#include "kdf_local.h" #define HKDF_MAXBUF 1024 @@ -1192,18 +1164,18 @@ diff -up openssl-1.1.1d/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1d/crypto/kdf/hkdf return 1; - if (p1 < 0) -- return 0; -- -- if (kctx->salt != NULL) -- OPENSSL_clear_free(kctx->salt, kctx->salt_len); -- -- kctx->salt = OPENSSL_memdup(p2, p1); -- if (kctx->salt == NULL) + OPENSSL_free(impl->salt); + impl->salt = OPENSSL_memdup(p, len); + if (impl->salt == NULL) return 0; +- if (kctx->salt != NULL) +- OPENSSL_clear_free(kctx->salt, kctx->salt_len); +- +- kctx->salt = OPENSSL_memdup(p2, p1); +- if (kctx->salt == NULL) +- return 0; +- - kctx->salt_len = p1; + impl->salt_len = len; return 1; @@ -1321,14 +1293,14 @@ diff -up openssl-1.1.1d/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1d/crypto/kdf/hkdf +static size_t kdf_hkdf_size(EVP_KDF_IMPL *impl) { - HKDF_PKEY_CTX *kctx = ctx->data; -- ++ if (impl->mode != EVP_KDF_HKDF_MODE_EXTRACT_ONLY) ++ return SIZE_MAX; + - OPENSSL_clear_free(kctx->key, kctx->key_len); - OPENSSL_clear_free(kctx->salt, kctx->salt_len); - OPENSSL_cleanse(kctx->info, kctx->info_len); - memset(kctx, 0, sizeof(*kctx)); -+ if (impl->mode != EVP_KDF_HKDF_MODE_EXTRACT_ONLY) -+ return SIZE_MAX; - +- - return 1; + if (impl->md == NULL) { + KDFerr(KDF_F_KDF_HKDF_SIZE, KDF_R_MISSING_MESSAGE_DIGEST); @@ -1526,9 +1498,9 @@ diff -up openssl-1.1.1d/crypto/kdf/hkdf.c.evp-kdf openssl-1.1.1d/crypto/kdf/hkdf err: OPENSSL_cleanse(prev, sizeof(prev)); -diff -up openssl-1.1.1d/crypto/kdf/kdf_err.c.evp-kdf openssl-1.1.1d/crypto/kdf/kdf_err.c ---- openssl-1.1.1d/crypto/kdf/kdf_err.c.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/kdf/kdf_err.c 2019-09-13 15:39:24.159914314 +0200 +diff -up openssl-1.1.1e/crypto/kdf/kdf_err.c.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_err.c +--- openssl-1.1.1e/crypto/kdf/kdf_err.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/kdf_err.c 2020-03-19 16:04:32.349699159 +0100 @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT @@ -1584,9 +1556,9 @@ diff -up openssl-1.1.1d/crypto/kdf/kdf_err.c.evp-kdf openssl-1.1.1d/crypto/kdf/k {0, NULL} }; -diff -up openssl-1.1.1d/crypto/kdf/kdf_local.h.evp-kdf openssl-1.1.1d/crypto/kdf/kdf_local.h ---- openssl-1.1.1d/crypto/kdf/kdf_local.h.evp-kdf 2019-09-13 15:39:24.160914297 +0200 -+++ openssl-1.1.1d/crypto/kdf/kdf_local.h 2019-09-13 15:39:24.160914297 +0200 +diff -up openssl-1.1.1e/crypto/kdf/kdf_local.h.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_local.h +--- openssl-1.1.1e/crypto/kdf/kdf_local.h.evp-kdf 2020-03-19 16:04:32.349699159 +0100 ++++ openssl-1.1.1e/crypto/kdf/kdf_local.h 2020-03-19 16:04:32.349699159 +0100 @@ -0,0 +1,22 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -1610,9 +1582,9 @@ diff -up openssl-1.1.1d/crypto/kdf/kdf_local.h.evp-kdf openssl-1.1.1d/crypto/kdf + int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args), + int cmd, const char *md_name); + -diff -up openssl-1.1.1d/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1d/crypto/kdf/kdf_util.c ---- openssl-1.1.1d/crypto/kdf/kdf_util.c.evp-kdf 2019-09-13 15:39:24.161914279 +0200 -+++ openssl-1.1.1d/crypto/kdf/kdf_util.c 2019-09-13 15:39:24.160914297 +0200 +diff -up openssl-1.1.1e/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1e/crypto/kdf/kdf_util.c +--- openssl-1.1.1e/crypto/kdf/kdf_util.c.evp-kdf 2020-03-19 16:04:32.350699142 +0100 ++++ openssl-1.1.1e/crypto/kdf/kdf_util.c 2020-03-19 16:04:32.350699142 +0100 @@ -0,0 +1,73 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -1629,7 +1601,7 @@ diff -up openssl-1.1.1d/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1d/crypto/kdf/ +#include +#include +#include "internal/cryptlib.h" -+#include "internal/evp_int.h" ++#include "crypto/evp.h" +#include "internal/numbers.h" +#include "kdf_local.h" + @@ -1687,9 +1659,9 @@ diff -up openssl-1.1.1d/crypto/kdf/kdf_util.c.evp-kdf openssl-1.1.1d/crypto/kdf/ + return call_ctrl(ctrl, impl, cmd, md); +} + -diff -up openssl-1.1.1d/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1d/crypto/kdf/pbkdf2.c ---- openssl-1.1.1d/crypto/kdf/pbkdf2.c.evp-kdf 2019-09-13 15:39:24.162914261 +0200 -+++ openssl-1.1.1d/crypto/kdf/pbkdf2.c 2019-09-13 15:39:24.162914261 +0200 +diff -up openssl-1.1.1e/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1e/crypto/kdf/pbkdf2.c +--- openssl-1.1.1e/crypto/kdf/pbkdf2.c.evp-kdf 2020-03-19 16:04:32.374698727 +0100 ++++ openssl-1.1.1e/crypto/kdf/pbkdf2.c 2020-03-19 16:04:32.374698727 +0100 @@ -0,0 +1,264 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -1707,7 +1679,7 @@ diff -up openssl-1.1.1d/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1d/crypto/kdf/pb +#include +#include +#include "internal/cryptlib.h" -+#include "internal/evp_int.h" ++#include "crypto/evp.h" +#include "kdf_local.h" + +static void kdf_pbkdf2_reset(EVP_KDF_IMPL *impl); @@ -1955,22 +1927,21 @@ diff -up openssl-1.1.1d/crypto/kdf/pbkdf2.c.evp-kdf openssl-1.1.1d/crypto/kdf/pb + HMAC_CTX_free(hctx_tpl); + return ret; +} -diff -up openssl-1.1.1d/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1d/crypto/kdf/scrypt.c ---- openssl-1.1.1d/crypto/kdf/scrypt.c.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/kdf/scrypt.c 2019-09-13 15:39:24.164914226 +0200 -@@ -8,25 +8,34 @@ +diff -up openssl-1.1.1e/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1e/crypto/kdf/scrypt.c +--- openssl-1.1.1e/crypto/kdf/scrypt.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/scrypt.c 2020-03-19 16:11:06.215872475 +0100 +@@ -8,25 +8,35 @@ */ #include +#include #include --#include --#include + #include + #include #include -#include "internal/cryptlib.h" -+#include +#include - #include "internal/evp_int.h" + #include "crypto/evp.h" +#include "internal/numbers.h" +#include "kdf_local.h" @@ -1999,7 +1970,7 @@ diff -up openssl-1.1.1d/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1d/crypto/kdf/sc /* Custom uint64_t parser since we do not have strtoull */ static int atou64(const char *nptr, uint64_t *result) -@@ -53,51 +62,53 @@ static int atou64(const char *nptr, uint +@@ -53,51 +63,53 @@ static int atou64(const char *nptr, uint return 1; } @@ -2084,7 +2055,7 @@ diff -up openssl-1.1.1d/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1d/crypto/kdf/sc if (new_buflen > 0) { *buffer = OPENSSL_memdup(new_buffer, new_buflen); -@@ -105,7 +116,7 @@ static int pkey_scrypt_set_membuf(unsign +@@ -105,7 +117,7 @@ static int pkey_scrypt_set_membuf(unsign *buffer = OPENSSL_malloc(1); } if (*buffer == NULL) { @@ -2093,7 +2064,7 @@ diff -up openssl-1.1.1d/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1d/crypto/kdf/sc return 0; } -@@ -118,149 +129,378 @@ static int is_power_of_two(uint64_t valu +@@ -118,149 +130,378 @@ static int is_power_of_two(uint64_t valu return (value != 0) && ((value & (value - 1)) == 0); } @@ -2546,9 +2517,9 @@ diff -up openssl-1.1.1d/crypto/kdf/scrypt.c.evp-kdf openssl-1.1.1d/crypto/kdf/sc +} #endif -diff -up openssl-1.1.1d/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1d/crypto/kdf/tls1_prf.c ---- openssl-1.1.1d/crypto/kdf/tls1_prf.c.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/kdf/tls1_prf.c 2019-09-13 15:39:24.167914173 +0200 +diff -up openssl-1.1.1e/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1e/crypto/kdf/tls1_prf.c +--- openssl-1.1.1e/crypto/kdf/tls1_prf.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/kdf/tls1_prf.c 2020-03-19 16:10:32.317460707 +0100 @@ -8,11 +8,15 @@ */ @@ -2556,10 +2527,9 @@ diff -up openssl-1.1.1d/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1d/crypto/kdf/ +#include +#include #include "internal/cryptlib.h" --#include + #include #include -+#include - #include "internal/evp_int.h" + #include "crypto/evp.h" +#include "kdf_local.h" +static void kdf_tls1_prf_reset(EVP_KDF_IMPL *impl); @@ -2659,15 +2629,15 @@ diff -up openssl-1.1.1d/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1d/crypto/kdf/ - kctx->seclen = p1; + + impl->seclen = len; ++ return 1; ++ ++ case EVP_KDF_CTRL_RESET_TLS_SEED: ++ OPENSSL_cleanse(impl->seed, impl->seedlen); ++ impl->seedlen = 0; return 1; - case EVP_PKEY_CTRL_TLS_SEED: - if (p1 == 0 || p2 == NULL) -+ case EVP_KDF_CTRL_RESET_TLS_SEED: -+ OPENSSL_cleanse(impl->seed, impl->seedlen); -+ impl->seedlen = 0; -+ return 1; -+ + case EVP_KDF_CTRL_ADD_TLS_SEED: + p = va_arg(args, const unsigned char *); + len = va_arg(args, size_t); @@ -2832,9 +2802,9 @@ diff -up openssl-1.1.1d/crypto/kdf/tls1_prf.c.evp-kdf openssl-1.1.1d/crypto/kdf/ OPENSSL_clear_free(tmp, olen); return 0; } -diff -up openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod.evp-kdf openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod ---- openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod.evp-kdf 2019-09-13 15:39:24.169914138 +0200 -+++ openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod 2019-09-13 15:39:24.169914138 +0200 +diff -up openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod.evp-kdf openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod +--- openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod.evp-kdf 2020-03-19 16:04:32.377698675 +0100 ++++ openssl-1.1.1e/doc/man3/EVP_KDF_CTX.pod 2020-03-19 16:04:32.377698675 +0100 @@ -0,0 +1,217 @@ +=pod + @@ -3053,9 +3023,9 @@ diff -up openssl-1.1.1d/doc/man3/EVP_KDF_CTX.pod.evp-kdf openssl-1.1.1d/doc/man3 +L. + +=cut -diff -up openssl-1.1.1d/doc/man7/EVP_KDF_HKDF.pod.evp-kdf openssl-1.1.1d/doc/man7/EVP_KDF_HKDF.pod ---- openssl-1.1.1d/doc/man7/EVP_KDF_HKDF.pod.evp-kdf 2019-09-13 15:39:24.171914103 +0200 -+++ openssl-1.1.1d/doc/man7/EVP_KDF_HKDF.pod 2019-09-13 15:39:24.171914103 +0200 +diff -up openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod +--- openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod.evp-kdf 2020-03-19 16:04:32.377698675 +0100 ++++ openssl-1.1.1e/doc/man7/EVP_KDF_HKDF.pod 2020-03-19 16:04:32.377698675 +0100 @@ -0,0 +1,180 @@ +=pod + @@ -3237,9 +3207,9 @@ diff -up openssl-1.1.1d/doc/man7/EVP_KDF_HKDF.pod.evp-kdf openssl-1.1.1d/doc/man +L. + +=cut -diff -up openssl-1.1.1d/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf openssl-1.1.1d/doc/man7/EVP_KDF_PBKDF2.pod ---- openssl-1.1.1d/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf 2019-09-13 15:39:24.172914085 +0200 -+++ openssl-1.1.1d/doc/man7/EVP_KDF_PBKDF2.pod 2019-09-13 15:39:24.172914085 +0200 +diff -up openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod +--- openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100 ++++ openssl-1.1.1e/doc/man7/EVP_KDF_PBKDF2.pod 2020-03-19 16:04:32.378698658 +0100 @@ -0,0 +1,78 @@ +=pod + @@ -3319,9 +3289,9 @@ diff -up openssl-1.1.1d/doc/man7/EVP_KDF_PBKDF2.pod.evp-kdf openssl-1.1.1d/doc/m +L. + +=cut -diff -up openssl-1.1.1d/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf openssl-1.1.1d/doc/man7/EVP_KDF_SCRYPT.pod ---- openssl-1.1.1d/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf 2019-09-13 15:39:24.173914068 +0200 -+++ openssl-1.1.1d/doc/man7/EVP_KDF_SCRYPT.pod 2019-09-13 15:39:24.173914068 +0200 +diff -up openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod +--- openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100 ++++ openssl-1.1.1e/doc/man7/EVP_KDF_SCRYPT.pod 2020-03-19 16:04:32.378698658 +0100 @@ -0,0 +1,149 @@ +=pod + @@ -3472,9 +3442,9 @@ diff -up openssl-1.1.1d/doc/man7/EVP_KDF_SCRYPT.pod.evp-kdf openssl-1.1.1d/doc/m +L. + +=cut -diff -up openssl-1.1.1d/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf openssl-1.1.1d/doc/man7/EVP_KDF_TLS1_PRF.pod ---- openssl-1.1.1d/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf 2019-09-13 15:39:24.174914050 +0200 -+++ openssl-1.1.1d/doc/man7/EVP_KDF_TLS1_PRF.pod 2019-09-13 15:39:24.174914050 +0200 +diff -up openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod +--- openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf 2020-03-19 16:04:32.378698658 +0100 ++++ openssl-1.1.1e/doc/man7/EVP_KDF_TLS1_PRF.pod 2020-03-19 16:04:32.378698658 +0100 @@ -0,0 +1,142 @@ +=pod + @@ -3618,9 +3588,37 @@ diff -up openssl-1.1.1d/doc/man7/EVP_KDF_TLS1_PRF.pod.evp-kdf openssl-1.1.1d/doc +L. + +=cut -diff -up openssl-1.1.1d/include/openssl/evperr.h.evp-kdf openssl-1.1.1d/include/openssl/evperr.h ---- openssl-1.1.1d/include/openssl/evperr.h.evp-kdf 2019-09-13 15:39:20.242983287 +0200 -+++ openssl-1.1.1d/include/openssl/evperr.h 2019-09-13 15:42:42.818424742 +0200 +diff -up openssl-1.1.1e/include/crypto/evp.h.evp-kdf openssl-1.1.1e/include/crypto/evp.h +--- openssl-1.1.1e/include/crypto/evp.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/crypto/evp.h 2020-03-19 16:04:32.347699194 +0100 +@@ -112,6 +112,24 @@ extern const EVP_PKEY_METHOD hkdf_pkey_m + extern const EVP_PKEY_METHOD poly1305_pkey_meth; + extern const EVP_PKEY_METHOD siphash_pkey_meth; + ++/* struct evp_kdf_impl_st is defined by the implementation */ ++typedef struct evp_kdf_impl_st EVP_KDF_IMPL; ++typedef struct { ++ int type; ++ EVP_KDF_IMPL *(*new) (void); ++ void (*free) (EVP_KDF_IMPL *impl); ++ void (*reset) (EVP_KDF_IMPL *impl); ++ int (*ctrl) (EVP_KDF_IMPL *impl, int cmd, va_list args); ++ int (*ctrl_str) (EVP_KDF_IMPL *impl, const char *type, const char *value); ++ size_t (*size) (EVP_KDF_IMPL *impl); ++ int (*derive) (EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen); ++} EVP_KDF_METHOD; ++ ++extern const EVP_KDF_METHOD pbkdf2_kdf_meth; ++extern const EVP_KDF_METHOD scrypt_kdf_meth; ++extern const EVP_KDF_METHOD tls1_prf_kdf_meth; ++extern const EVP_KDF_METHOD hkdf_kdf_meth; ++ + struct evp_md_st { + int type; + int pkey_type; +diff -up openssl-1.1.1e/include/openssl/evperr.h.evp-kdf openssl-1.1.1e/include/openssl/evperr.h +--- openssl-1.1.1e/include/openssl/evperr.h.evp-kdf 2020-03-19 16:04:11.250064365 +0100 ++++ openssl-1.1.1e/include/openssl/evperr.h 2020-03-19 16:04:32.379698640 +0100 @@ -58,6 +58,9 @@ int ERR_load_EVP_strings(void); # define EVP_F_EVP_ENCRYPTDECRYPTUPDATE 219 # define EVP_F_EVP_ENCRYPTFINAL_EX 127 @@ -3645,7 +3643,7 @@ diff -up openssl-1.1.1d/include/openssl/evperr.h.evp-kdf openssl-1.1.1d/include/ # define EVP_F_UPDATE 173 /* -@@ -180,6 +185,7 @@ int ERR_load_EVP_strings(void); +@@ -181,6 +186,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_ONLY_ONESHOT_SUPPORTED 177 # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 # define EVP_R_OPERATON_NOT_INITIALIZED 151 @@ -3653,9 +3651,9 @@ diff -up openssl-1.1.1d/include/openssl/evperr.h.evp-kdf openssl-1.1.1d/include/ # define EVP_R_PARTIALLY_OVERLAPPING 162 # define EVP_R_PBKDF2_ERROR 181 # define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179 -diff -up openssl-1.1.1d/include/openssl/kdferr.h.evp-kdf openssl-1.1.1d/include/openssl/kdferr.h ---- openssl-1.1.1d/include/openssl/kdferr.h.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/kdferr.h 2019-09-13 15:39:34.856725957 +0200 +diff -up openssl-1.1.1e/include/openssl/kdferr.h.evp-kdf openssl-1.1.1e/include/openssl/kdferr.h +--- openssl-1.1.1e/include/openssl/kdferr.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/kdferr.h 2020-03-19 16:04:32.379698640 +0100 @@ -23,6 +23,23 @@ int ERR_load_KDF_strings(void); /* * KDF function codes. @@ -3695,9 +3693,9 @@ diff -up openssl-1.1.1d/include/openssl/kdferr.h.evp-kdf openssl-1.1.1d/include/ +# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112 #endif -diff -up openssl-1.1.1d/include/openssl/kdf.h.evp-kdf openssl-1.1.1d/include/openssl/kdf.h ---- openssl-1.1.1d/include/openssl/kdf.h.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/kdf.h 2019-09-13 15:39:34.857725939 +0200 +diff -up openssl-1.1.1e/include/openssl/kdf.h.evp-kdf openssl-1.1.1e/include/openssl/kdf.h +--- openssl-1.1.1e/include/openssl/kdf.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/kdf.h 2020-03-19 16:04:32.380698623 +0100 @@ -10,10 +10,50 @@ #ifndef HEADER_KDF_H # define HEADER_KDF_H @@ -3776,9 +3774,9 @@ diff -up openssl-1.1.1d/include/openssl/kdf.h.evp-kdf openssl-1.1.1d/include/ope } # endif #endif -diff -up openssl-1.1.1d/include/openssl/ossl_typ.h.evp-kdf openssl-1.1.1d/include/openssl/ossl_typ.h ---- openssl-1.1.1d/include/openssl/ossl_typ.h.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/ossl_typ.h 2019-09-13 15:39:34.858725922 +0200 +diff -up openssl-1.1.1e/include/openssl/ossl_typ.h.evp-kdf openssl-1.1.1e/include/openssl/ossl_typ.h +--- openssl-1.1.1e/include/openssl/ossl_typ.h.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/ossl_typ.h 2020-03-19 16:04:32.381698606 +0100 @@ -97,6 +97,8 @@ typedef struct evp_pkey_asn1_method_st E typedef struct evp_pkey_method_st EVP_PKEY_METHOD; typedef struct evp_pkey_ctx_st EVP_PKEY_CTX; @@ -3788,9 +3786,9 @@ diff -up openssl-1.1.1d/include/openssl/ossl_typ.h.evp-kdf openssl-1.1.1d/includ typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX; typedef struct hmac_ctx_st HMAC_CTX; -diff -up openssl-1.1.1d/test/build.info.evp-kdf openssl-1.1.1d/test/build.info ---- openssl-1.1.1d/test/build.info.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/test/build.info 2019-09-13 15:39:34.861725869 +0200 +diff -up openssl-1.1.1e/test/build.info.evp-kdf openssl-1.1.1e/test/build.info +--- openssl-1.1.1e/test/build.info.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/build.info 2020-03-19 16:04:32.381698606 +0100 @@ -44,7 +44,8 @@ INCLUDE_MAIN___test_libtestutil_OLB = /I ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \ bio_callback_test bio_memleak_test \ @@ -3812,9 +3810,9 @@ diff -up openssl-1.1.1d/test/build.info.evp-kdf openssl-1.1.1d/test/build.info SOURCE[x509_time_test]=x509_time_test.c INCLUDE[x509_time_test]=../include DEPEND[x509_time_test]=../libcrypto libtestutil.a -diff -up openssl-1.1.1d/test/evp_kdf_test.c.evp-kdf openssl-1.1.1d/test/evp_kdf_test.c ---- openssl-1.1.1d/test/evp_kdf_test.c.evp-kdf 2019-09-13 15:39:34.862725851 +0200 -+++ openssl-1.1.1d/test/evp_kdf_test.c 2019-09-13 15:39:34.862725851 +0200 +diff -up openssl-1.1.1e/test/evp_kdf_test.c.evp-kdf openssl-1.1.1e/test/evp_kdf_test.c +--- openssl-1.1.1e/test/evp_kdf_test.c.evp-kdf 2020-03-19 16:04:32.382698588 +0100 ++++ openssl-1.1.1e/test/evp_kdf_test.c 2020-03-19 16:04:32.382698588 +0100 @@ -0,0 +1,237 @@ +/* + * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. @@ -4053,9 +4051,9 @@ diff -up openssl-1.1.1d/test/evp_kdf_test.c.evp-kdf openssl-1.1.1d/test/evp_kdf_ +#endif + return 1; +} -diff -up openssl-1.1.1d/test/evp_test.c.evp-kdf openssl-1.1.1d/test/evp_test.c ---- openssl-1.1.1d/test/evp_test.c.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/test/evp_test.c 2019-09-13 15:39:34.865725798 +0200 +diff -up openssl-1.1.1e/test/evp_test.c.evp-kdf openssl-1.1.1e/test/evp_test.c +--- openssl-1.1.1e/test/evp_test.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/evp_test.c 2020-03-19 16:04:32.383698571 +0100 @@ -1705,13 +1705,14 @@ static const EVP_TEST_METHOD encode_test encode_test_run, }; @@ -4267,9 +4265,9 @@ diff -up openssl-1.1.1d/test/evp_test.c.evp-kdf openssl-1.1.1d/test/evp_test.c &keypair_test_method, &keygen_test_method, &mac_test_method, -diff -up openssl-1.1.1d/test/pkey_meth_kdf_test.c.evp-kdf openssl-1.1.1d/test/pkey_meth_kdf_test.c ---- openssl-1.1.1d/test/pkey_meth_kdf_test.c.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/test/pkey_meth_kdf_test.c 2019-09-13 15:39:34.867725763 +0200 +diff -up openssl-1.1.1e/test/pkey_meth_kdf_test.c.evp-kdf openssl-1.1.1e/test/pkey_meth_kdf_test.c +--- openssl-1.1.1e/test/pkey_meth_kdf_test.c.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/pkey_meth_kdf_test.c 2020-03-19 16:04:32.386698519 +0100 @@ -1,5 +1,5 @@ /* - * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. @@ -4473,9 +4471,9 @@ diff -up openssl-1.1.1d/test/pkey_meth_kdf_test.c.evp-kdf openssl-1.1.1d/test/pk } #endif -diff -up openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt ---- openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt 2019-09-13 15:39:34.870725710 +0200 +diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt +--- openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_data/evpkdf.txt 2020-03-19 16:04:32.388698484 +0100 @@ -1,5 +1,5 @@ # -# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved. @@ -4874,9 +4872,9 @@ diff -up openssl-1.1.1d/test/recipes/30-test_evp_data/evpkdf.txt.evp-kdf openssl +Ctrl.digest = digest:sha512 +Output = 00ef42cdbfc98d29db20976608e455567fdddf14 + -diff -up openssl-1.1.1d/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf openssl-1.1.1d/test/recipes/30-test_evp_data/evppkey_kdf.txt ---- openssl-1.1.1d/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf 2019-09-13 15:39:34.873725658 +0200 -+++ openssl-1.1.1d/test/recipes/30-test_evp_data/evppkey_kdf.txt 2019-09-13 15:39:34.872725675 +0200 +diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt +--- openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf 2020-03-19 16:04:32.389698467 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_data/evppkey_kdf.txt 2020-03-19 16:04:32.389698467 +0100 @@ -0,0 +1,305 @@ +# +# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. @@ -5183,9 +5181,9 @@ diff -up openssl-1.1.1d/test/recipes/30-test_evp_data/evppkey_kdf.txt.evp-kdf op +Ctrl.p = p:1 +Result = INTERNAL_ERROR + -diff -up openssl-1.1.1d/test/recipes/30-test_evp_kdf.t.evp-kdf openssl-1.1.1d/test/recipes/30-test_evp_kdf.t ---- openssl-1.1.1d/test/recipes/30-test_evp_kdf.t.evp-kdf 2019-09-13 15:39:34.875725622 +0200 -+++ openssl-1.1.1d/test/recipes/30-test_evp_kdf.t 2019-09-13 15:39:34.875725622 +0200 +diff -up openssl-1.1.1e/test/recipes/30-test_evp_kdf.t.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp_kdf.t +--- openssl-1.1.1e/test/recipes/30-test_evp_kdf.t.evp-kdf 2020-03-19 16:04:32.390698450 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_kdf.t 2020-03-19 16:04:32.390698450 +0100 @@ -0,0 +1,13 @@ +#! /usr/bin/env perl +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -5200,9 +5198,9 @@ diff -up openssl-1.1.1d/test/recipes/30-test_evp_kdf.t.evp-kdf openssl-1.1.1d/te +use OpenSSL::Test::Simple; + +simple_test("test_evp_kdf", "evp_kdf_test"); -diff -up openssl-1.1.1d/test/recipes/30-test_evp.t.evp-kdf openssl-1.1.1d/test/recipes/30-test_evp.t ---- openssl-1.1.1d/test/recipes/30-test_evp.t.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/test/recipes/30-test_evp.t 2019-09-13 15:39:34.876725605 +0200 +diff -up openssl-1.1.1e/test/recipes/30-test_evp.t.evp-kdf openssl-1.1.1e/test/recipes/30-test_evp.t +--- openssl-1.1.1e/test/recipes/30-test_evp.t.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp.t 2020-03-19 16:04:32.390698450 +0100 @@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT data_file/ setup("test_evp"); @@ -5212,10 +5210,10 @@ diff -up openssl-1.1.1d/test/recipes/30-test_evp.t.evp-kdf openssl-1.1.1d/test/r "evpcase.txt", "evpccmcavs.txt" ); plan tests => scalar(@files); -diff -up openssl-1.1.1d/util/libcrypto.num.evp-kdf openssl-1.1.1d/util/libcrypto.num ---- openssl-1.1.1d/util/libcrypto.num.evp-kdf 2019-09-13 15:39:20.248983182 +0200 -+++ openssl-1.1.1d/util/libcrypto.num 2019-09-13 15:39:34.881725517 +0200 -@@ -4617,3 +4617,11 @@ FIPS_drbg_get_strength +diff -up openssl-1.1.1e/util/libcrypto.num.evp-kdf openssl-1.1.1e/util/libcrypto.num +--- openssl-1.1.1e/util/libcrypto.num.evp-kdf 2020-03-19 16:04:11.263064140 +0100 ++++ openssl-1.1.1e/util/libcrypto.num 2020-03-19 16:04:32.392698415 +0100 +@@ -4622,3 +4622,11 @@ FIPS_drbg_get_strength FIPS_rand_strength 6380 1_1_0g EXIST::FUNCTION: FIPS_drbg_get_blocklength 6381 1_1_0g EXIST::FUNCTION: FIPS_drbg_init 6382 1_1_0g EXIST::FUNCTION: @@ -5227,9 +5225,9 @@ diff -up openssl-1.1.1d/util/libcrypto.num.evp-kdf openssl-1.1.1d/util/libcrypto +EVP_KDF_ctrl_str 6595 1_1_1b EXIST::FUNCTION: +EVP_KDF_size 6596 1_1_1b EXIST::FUNCTION: +EVP_KDF_derive 6597 1_1_1b EXIST::FUNCTION: -diff -up openssl-1.1.1d/util/private.num.evp-kdf openssl-1.1.1d/util/private.num ---- openssl-1.1.1d/util/private.num.evp-kdf 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/util/private.num 2019-09-13 15:39:34.883725481 +0200 +diff -up openssl-1.1.1e/util/private.num.evp-kdf openssl-1.1.1e/util/private.num +--- openssl-1.1.1e/util/private.num.evp-kdf 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/util/private.num 2020-03-19 16:04:32.393698398 +0100 @@ -21,6 +21,7 @@ CRYPTO_EX_dup CRYPTO_EX_free datatype CRYPTO_EX_new datatype diff --git a/openssl-1.1.1-fips-crng-test.patch b/openssl-1.1.1-fips-crng-test.patch index 9be5c30..80daf84 100644 --- a/openssl-1.1.1-fips-crng-test.patch +++ b/openssl-1.1.1-fips-crng-test.patch @@ -1,33 +1,15 @@ -diff -up openssl-1.1.1d/crypto/include/internal/rand_int.h.crng-test openssl-1.1.1d/crypto/include/internal/rand_int.h ---- openssl-1.1.1d/crypto/include/internal/rand_int.h.crng-test 2019-09-13 16:03:54.572238927 +0200 -+++ openssl-1.1.1d/crypto/include/internal/rand_int.h 2019-09-13 16:03:54.966232056 +0200 -@@ -48,6 +48,14 @@ size_t rand_drbg_get_additional_data(RAN - - void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out); - -+/* CRNG test entropy filter callbacks. */ -+size_t rand_crngt_get_entropy(RAND_DRBG *drbg, -+ unsigned char **pout, -+ int entropy, size_t min_len, size_t max_len, -+ int prediction_resistance); -+void rand_crngt_cleanup_entropy(RAND_DRBG *drbg, -+ unsigned char *out, size_t outlen); -+ - /* - * RAND_POOL functions - */ -diff -up openssl-1.1.1d/crypto/rand/build.info.crng-test openssl-1.1.1d/crypto/rand/build.info ---- openssl-1.1.1d/crypto/rand/build.info.crng-test 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rand/build.info 2019-09-13 16:03:54.968232021 +0200 +diff -up openssl-1.1.1e/crypto/rand/build.info.crng-test openssl-1.1.1e/crypto/rand/build.info +--- openssl-1.1.1e/crypto/rand/build.info.crng-test 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rand/build.info 2020-03-19 16:45:52.286627241 +0100 @@ -1,4 +1,4 @@ LIBS=../../libcrypto SOURCE[../../libcrypto]=\ - randfile.c rand_lib.c rand_err.c rand_egd.c \ + randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \ rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c -diff -up openssl-1.1.1d/crypto/rand/drbg_lib.c.crng-test openssl-1.1.1d/crypto/rand/drbg_lib.c ---- openssl-1.1.1d/crypto/rand/drbg_lib.c.crng-test 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rand/drbg_lib.c 2019-09-13 16:03:54.969232004 +0200 +diff -up openssl-1.1.1e/crypto/rand/drbg_lib.c.crng-test openssl-1.1.1e/crypto/rand/drbg_lib.c +--- openssl-1.1.1e/crypto/rand/drbg_lib.c.crng-test 2020-03-19 16:45:52.246627936 +0100 ++++ openssl-1.1.1e/crypto/rand/drbg_lib.c 2020-03-19 16:45:52.286627241 +0100 @@ -67,7 +67,7 @@ static CRYPTO_THREAD_LOCAL private_drbg; @@ -51,9 +33,9 @@ diff -up openssl-1.1.1d/crypto/rand/drbg_lib.c.crng-test openssl-1.1.1d/crypto/r #ifndef RAND_DRBG_GET_RANDOM_NONCE drbg->get_nonce = rand_drbg_get_nonce; drbg->cleanup_nonce = rand_drbg_cleanup_nonce; -diff -up openssl-1.1.1d/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1d/crypto/rand/rand_crng_test.c ---- openssl-1.1.1d/crypto/rand/rand_crng_test.c.crng-test 2019-09-13 16:03:54.969232004 +0200 -+++ openssl-1.1.1d/crypto/rand/rand_crng_test.c 2019-09-13 16:15:20.834271063 +0200 +diff -up openssl-1.1.1e/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1e/crypto/rand/rand_crng_test.c +--- openssl-1.1.1e/crypto/rand/rand_crng_test.c.crng-test 2020-03-19 16:45:52.286627241 +0100 ++++ openssl-1.1.1e/crypto/rand/rand_crng_test.c 2020-03-19 16:45:52.286627241 +0100 @@ -0,0 +1,118 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. @@ -71,9 +53,9 @@ diff -up openssl-1.1.1d/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1d/cr + +#include +#include -+#include "internal/rand_int.h" ++#include "crypto/rand.h" +#include "internal/thread_once.h" -+#include "rand_lcl.h" ++#include "rand_local.h" + +static RAND_POOL *crngt_pool; +static unsigned char crngt_prev[EVP_MAX_MD_SIZE]; @@ -173,9 +155,9 @@ diff -up openssl-1.1.1d/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1d/cr +{ + OPENSSL_secure_clear_free(out, outlen); +} -diff -up openssl-1.1.1d/crypto/rand/rand_lcl.h.crng-test openssl-1.1.1d/crypto/rand/rand_lcl.h ---- openssl-1.1.1d/crypto/rand/rand_lcl.h.crng-test 2019-09-13 16:03:54.653237514 +0200 -+++ openssl-1.1.1d/crypto/rand/rand_lcl.h 2019-09-13 16:03:54.969232004 +0200 +diff -up openssl-1.1.1e/crypto/rand/rand_local.h.crng-test openssl-1.1.1e/crypto/rand/rand_local.h +--- openssl-1.1.1e/crypto/rand/rand_local.h.crng-test 2020-03-19 16:45:51.930633424 +0100 ++++ openssl-1.1.1e/crypto/rand/rand_local.h 2020-03-19 16:46:03.601430727 +0100 @@ -33,7 +33,15 @@ # define MASTER_RESEED_TIME_INTERVAL (60*60) /* 1 hour */ # define SLAVE_RESEED_TIME_INTERVAL (7*60) /* 7 minutes */ @@ -225,9 +207,27 @@ diff -up openssl-1.1.1d/crypto/rand/rand_lcl.h.crng-test openssl-1.1.1d/crypto/r +int rand_crngt_single_init(void); + #endif -diff -up openssl-1.1.1d/test/drbgtest.c.crng-test openssl-1.1.1d/test/drbgtest.c ---- openssl-1.1.1d/test/drbgtest.c.crng-test 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/test/drbgtest.c 2019-09-13 16:03:54.969232004 +0200 +diff -up openssl-1.1.1e/include/crypto/rand.h.crng-test openssl-1.1.1e/include/crypto/rand.h +--- openssl-1.1.1e/include/crypto/rand.h.crng-test 2020-03-19 16:45:52.250627866 +0100 ++++ openssl-1.1.1e/include/crypto/rand.h 2020-03-19 16:45:52.285627258 +0100 +@@ -49,6 +49,14 @@ size_t rand_drbg_get_additional_data(RAN + + void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out); + ++/* CRNG test entropy filter callbacks. */ ++size_t rand_crngt_get_entropy(RAND_DRBG *drbg, ++ unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len, ++ int prediction_resistance); ++void rand_crngt_cleanup_entropy(RAND_DRBG *drbg, ++ unsigned char *out, size_t outlen); ++ + /* + * RAND_POOL functions + */ +diff -up openssl-1.1.1e/test/drbgtest.c.crng-test openssl-1.1.1e/test/drbgtest.c +--- openssl-1.1.1e/test/drbgtest.c.crng-test 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/drbgtest.c 2020-03-19 16:46:03.604430675 +0100 @@ -150,6 +150,31 @@ static size_t kat_nonce(RAND_DRBG *drbg, return t->noncelen; } diff --git a/openssl-1.1.1-fips-drbg-selftest.patch b/openssl-1.1.1-fips-drbg-selftest.patch new file mode 100644 index 0000000..262e7c3 --- /dev/null +++ b/openssl-1.1.1-fips-drbg-selftest.patch @@ -0,0 +1,585 @@ +diff -up openssl-1.1.1e/crypto/fips/fips_post.c.drbg-selftest openssl-1.1.1e/crypto/fips/fips_post.c +--- openssl-1.1.1e/crypto/fips/fips_post.c.drbg-selftest 2020-03-19 17:07:51.096676537 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_post.c 2020-03-19 17:07:51.209674565 +0100 +@@ -67,12 +67,18 @@ + + # include + # include "crypto/fips.h" ++# include "crypto/rand.h" + # include "fips_locl.h" + + /* Run all selftests */ + int FIPS_selftest(void) + { + int rv = 1; ++ if (!rand_drbg_selftest()) { ++ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_TEST_FAILURE); ++ ERR_add_error_data(2, "Type=", "rand_drbg_selftest"); ++ rv = 0; ++ } + if (!FIPS_selftest_drbg()) + rv = 0; + if (!FIPS_selftest_sha1()) +diff -up openssl-1.1.1e/crypto/rand/build.info.drbg-selftest openssl-1.1.1e/crypto/rand/build.info +--- openssl-1.1.1e/crypto/rand/build.info.drbg-selftest 2020-03-19 17:07:51.179675088 +0100 ++++ openssl-1.1.1e/crypto/rand/build.info 2020-03-19 17:08:14.005276610 +0100 +@@ -1,4 +1,4 @@ + LIBS=../../libcrypto + SOURCE[../../libcrypto]=\ + randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \ +- rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c ++ rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c drbg_selftest.c +diff -up openssl-1.1.1e/crypto/rand/drbg_selftest.c.drbg-selftest openssl-1.1.1e/crypto/rand/drbg_selftest.c +--- openssl-1.1.1e/crypto/rand/drbg_selftest.c.drbg-selftest 2020-03-19 17:08:14.011276505 +0100 ++++ openssl-1.1.1e/crypto/rand/drbg_selftest.c 2020-03-19 17:08:14.011276505 +0100 +@@ -0,0 +1,537 @@ ++/* ++ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the OpenSSL license (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include ++#include ++#include "internal/nelem.h" ++#include ++#include ++#include ++#include ++#include "internal/thread_once.h" ++#include "crypto/rand.h" ++ ++typedef struct test_ctx_st { ++ const unsigned char *entropy; ++ size_t entropylen; ++ int entropycnt; ++ const unsigned char *nonce; ++ size_t noncelen; ++ int noncecnt; ++} TEST_CTX; ++ ++static int app_data_index = -1; ++static CRYPTO_ONCE get_index_once = CRYPTO_ONCE_STATIC_INIT; ++DEFINE_RUN_ONCE_STATIC(drbg_app_data_index_init) ++{ ++ app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL); ++ ++ return 1; ++} ++ ++enum drbg_kat_type { ++ NO_RESEED, ++ PR_FALSE, ++ PR_TRUE ++}; ++ ++enum drbg_df { ++ USE_DF, ++ NO_DF, ++ NA ++}; ++ ++struct drbg_kat_no_reseed { ++ size_t count; ++ const unsigned char *entropyin; ++ const unsigned char *nonce; ++ const unsigned char *persstr; ++ const unsigned char *addin1; ++ const unsigned char *addin2; ++ const unsigned char *retbytes; ++}; ++ ++struct drbg_kat_pr_false { ++ size_t count; ++ const unsigned char *entropyin; ++ const unsigned char *nonce; ++ const unsigned char *persstr; ++ const unsigned char *entropyinreseed; ++ const unsigned char *addinreseed; ++ const unsigned char *addin1; ++ const unsigned char *addin2; ++ const unsigned char *retbytes; ++}; ++ ++struct drbg_kat_pr_true { ++ size_t count; ++ const unsigned char *entropyin; ++ const unsigned char *nonce; ++ const unsigned char *persstr; ++ const unsigned char *entropyinpr1; ++ const unsigned char *addin1; ++ const unsigned char *entropyinpr2; ++ const unsigned char *addin2; ++ const unsigned char *retbytes; ++}; ++ ++struct drbg_kat { ++ enum drbg_kat_type type; ++ enum drbg_df df; ++ int nid; ++ ++ size_t entropyinlen; ++ size_t noncelen; ++ size_t persstrlen; ++ size_t addinlen; ++ size_t retbyteslen; ++ ++ const void *t; ++}; ++ ++/* ++ * Excerpt from test/drbg_cavs_data.c ++ * DRBG test vectors from: ++ * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/ ++ */ ++ ++static const unsigned char kat1308_entropyin[] = { ++ 0x7c, 0x5d, 0x90, 0x70, 0x3b, 0x8a, 0xc7, 0x0f, 0x23, 0x73, 0x24, 0x9c, ++ 0xa7, 0x15, 0x41, 0x71, 0x7a, 0x31, 0xea, 0x32, 0xfc, 0x28, 0x0d, 0xd7, ++ 0x5b, 0x09, 0x01, 0x98, 0x1b, 0xe2, 0xa5, 0x53, 0xd9, 0x05, 0x32, 0x97, ++ 0xec, 0xbe, 0x86, 0xfd, 0x1c, 0x1c, 0x71, 0x4c, 0x52, 0x29, 0x9e, 0x52, ++}; ++static const unsigned char kat1308_nonce[] = {0}; ++static const unsigned char kat1308_persstr[] = { ++ 0xdc, 0x07, 0x2f, 0x68, 0xfa, 0x77, 0x03, 0x23, 0x42, 0xb0, 0xf5, 0xa2, ++ 0xd9, 0xad, 0xa1, 0xd0, 0xad, 0xa2, 0x14, 0xb4, 0xd0, 0x8e, 0xfb, 0x39, ++ 0xdd, 0xc2, 0xac, 0xfb, 0x98, 0xdf, 0x7f, 0xce, 0x4c, 0x75, 0x56, 0x45, ++ 0xcd, 0x86, 0x93, 0x74, 0x90, 0x6e, 0xf6, 0x9e, 0x85, 0x7e, 0xfb, 0xc3, ++}; ++static const unsigned char kat1308_addin0[] = { ++ 0x52, 0x25, 0xc4, 0x2f, 0x03, 0xce, 0x29, 0x71, 0xc5, 0x0b, 0xc3, 0x4e, ++ 0xad, 0x8d, 0x6f, 0x17, 0x82, 0xe1, 0xf3, 0xfd, 0xfd, 0x9b, 0x94, 0x9a, ++ 0x1d, 0xac, 0xd0, 0xd4, 0x3f, 0x2b, 0xe3, 0xab, 0x7c, 0x3d, 0x3e, 0x5a, ++ 0x68, 0xbb, 0xa4, 0x74, 0x68, 0x1a, 0xc6, 0x27, 0xff, 0xe0, 0xc0, 0x6c, ++}; ++static const unsigned char kat1308_addin1[] = { ++ 0xdc, 0x91, 0xd7, 0xb7, 0xb9, 0x94, 0x79, 0x0f, 0x06, 0xc4, 0x70, 0x19, ++ 0x33, 0x25, 0x7c, 0x96, 0x01, 0xa0, 0x62, 0xb0, 0x50, 0xe6, 0xc0, 0x3a, ++ 0x56, 0x8f, 0xc5, 0x50, 0x48, 0xc6, 0xf4, 0x49, 0xe5, 0x70, 0x16, 0x2e, ++ 0xae, 0xf2, 0x99, 0xb4, 0x2d, 0x70, 0x18, 0x16, 0xcd, 0xe0, 0x24, 0xe4, ++}; ++static const unsigned char kat1308_retbits[] = { ++ 0xde, 0xf8, 0x91, 0x1b, 0xf1, 0xe1, 0xa9, 0x97, 0xd8, 0x61, 0x84, 0xe2, ++ 0xdb, 0x83, 0x3e, 0x60, 0x45, 0xcd, 0xc8, 0x66, 0x93, 0x28, 0xc8, 0x92, ++ 0xbc, 0x25, 0xae, 0xe8, 0xb0, 0xed, 0xed, 0x16, 0x3d, 0xa5, 0xf9, 0x0f, ++ 0xb3, 0x72, 0x08, 0x84, 0xac, 0x3c, 0x3b, 0xaa, 0x5f, 0xf9, 0x7d, 0x63, ++ 0x3e, 0xde, 0x59, 0x37, 0x0e, 0x40, 0x12, 0x2b, 0xbc, 0x6c, 0x96, 0x53, ++ 0x26, 0x32, 0xd0, 0xb8, ++}; ++static const struct drbg_kat_no_reseed kat1308_t = { ++ 2, kat1308_entropyin, kat1308_nonce, kat1308_persstr, ++ kat1308_addin0, kat1308_addin1, kat1308_retbits ++}; ++static const struct drbg_kat kat1308 = { ++ NO_RESEED, NO_DF, NID_aes_256_ctr, 48, 0, 48, 48, 64, &kat1308_t ++}; ++ ++static const unsigned char kat1465_entropyin[] = { ++ 0xc9, 0x96, 0x3a, 0x15, 0x51, 0x76, 0x4f, 0xe0, 0x45, 0x82, 0x8a, 0x64, ++ 0x87, 0xbe, 0xaa, 0xc0, ++}; ++static const unsigned char kat1465_nonce[] = { ++ 0x08, 0xcd, 0x69, 0x39, 0xf8, 0x58, 0x9a, 0x85, ++}; ++static const unsigned char kat1465_persstr[] = {0}; ++static const unsigned char kat1465_entropyinreseed[] = { ++ 0x16, 0xcc, 0x35, 0x15, 0xb1, 0x17, 0xf5, 0x33, 0x80, 0x9a, 0x80, 0xc5, ++ 0x1f, 0x4b, 0x7b, 0x51, ++}; ++static const unsigned char kat1465_addinreseed[] = { ++ 0xf5, 0x3d, 0xf1, 0x2e, 0xdb, 0x28, 0x1c, 0x00, 0x7b, 0xcb, 0xb6, 0x12, ++ 0x61, 0x9f, 0x26, 0x5f, ++}; ++static const unsigned char kat1465_addin0[] = { ++ 0xe2, 0x67, 0x06, 0x62, 0x09, 0xa7, 0xcf, 0xd6, 0x84, 0x8c, 0x20, 0xf6, ++ 0x10, 0x5a, 0x73, 0x9c, ++}; ++static const unsigned char kat1465_addin1[] = { ++ 0x26, 0xfa, 0x50, 0xe1, 0xb3, 0xcb, 0x65, 0xed, 0xbc, 0x6d, 0xda, 0x18, ++ 0x47, 0x99, 0x1f, 0xeb, ++}; ++static const unsigned char kat1465_retbits[] = { ++ 0xf9, 0x47, 0xc6, 0xb0, 0x58, 0xa8, 0x66, 0x8a, 0xf5, 0x2b, 0x2a, 0x6d, ++ 0x4e, 0x24, 0x6f, 0x65, 0xbf, 0x51, 0x22, 0xbf, 0xe8, 0x8d, 0x6c, 0xeb, ++ 0xf9, 0x68, 0x7f, 0xed, 0x3b, 0xdd, 0x6b, 0xd5, 0x28, 0x47, 0x56, 0x52, ++ 0xda, 0x50, 0xf0, 0x90, 0x73, 0x95, 0x06, 0x58, 0xaf, 0x08, 0x98, 0x6e, ++ 0x24, 0x18, 0xfd, 0x2f, 0x48, 0x72, 0x57, 0xd6, 0x59, 0xab, 0xe9, 0x41, ++ 0x58, 0xdb, 0x27, 0xba, ++}; ++static const struct drbg_kat_pr_false kat1465_t = { ++ 9, kat1465_entropyin, kat1465_nonce, kat1465_persstr, ++ kat1465_entropyinreseed, kat1465_addinreseed, kat1465_addin0, ++ kat1465_addin1, kat1465_retbits ++}; ++static const struct drbg_kat kat1465 = { ++ PR_FALSE, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat1465_t ++}; ++ ++static const unsigned char kat3146_entropyin[] = { ++ 0xd7, 0x08, 0x42, 0x82, 0xc2, 0xd2, 0xd1, 0xde, 0x01, 0xb4, 0x36, 0xb3, ++ 0x7f, 0xbd, 0xd3, 0xdd, 0xb3, 0xc4, 0x31, 0x4f, 0x8f, 0xa7, 0x10, 0xf4, ++}; ++static const unsigned char kat3146_nonce[] = { ++ 0x7b, 0x9e, 0xcd, 0x49, 0x4f, 0x46, 0xa0, 0x08, 0x32, 0xff, 0x2e, 0xc3, ++ 0x50, 0x86, 0xca, 0xca, ++}; ++static const unsigned char kat3146_persstr[] = {0}; ++static const unsigned char kat3146_entropyinpr1[] = { ++ 0x68, 0xd0, 0x7b, 0xa4, 0xe7, 0x22, 0x19, 0xe6, 0xb6, 0x46, 0x6a, 0xda, ++ 0x8e, 0x67, 0xea, 0x63, 0x3f, 0xaf, 0x2f, 0x6c, 0x9d, 0x5e, 0x48, 0x15, ++}; ++static const unsigned char kat3146_addinpr1[] = { ++ 0x70, 0x0f, 0x54, 0xf4, 0x53, 0xde, 0xca, 0x61, 0x5c, 0x49, 0x51, 0xd1, ++ 0x41, 0xc4, 0xf1, 0x2f, 0x65, 0xfb, 0x7e, 0xbc, 0x9b, 0x14, 0xba, 0x90, ++ 0x05, 0x33, 0x7e, 0x64, 0xb7, 0x2b, 0xaf, 0x99, ++}; ++static const unsigned char kat3146_entropyinpr2[] = { ++ 0xeb, 0x77, 0xb0, 0xe9, 0x2d, 0x31, 0xc8, 0x66, 0xc5, 0xc4, 0xa7, 0xf7, ++ 0x6c, 0xb2, 0x74, 0x36, 0x4b, 0x25, 0x78, 0x04, 0xd8, 0xd7, 0xd2, 0x34, ++}; ++static const unsigned char kat3146_addinpr2[] = { ++ 0x05, 0xcd, 0x2a, 0x97, 0x5a, 0x5d, 0xfb, 0x98, 0xc1, 0xf1, 0x00, 0x0c, ++ 0xed, 0xe6, 0x2a, 0xba, 0xf0, 0x89, 0x1f, 0x5a, 0x4f, 0xd7, 0x48, 0xb3, ++ 0x24, 0xc0, 0x8a, 0x3d, 0x60, 0x59, 0x5d, 0xb6, ++}; ++static const unsigned char kat3146_retbits[] = { ++ 0x29, 0x94, 0xa4, 0xa8, 0x17, 0x3e, 0x62, 0x2f, 0x94, 0xdd, 0x40, 0x1f, ++ 0xe3, 0x7e, 0x77, 0xd4, 0x38, 0xbc, 0x0e, 0x49, 0x46, 0xf6, 0x0e, 0x28, ++ 0x91, 0xc6, 0x9c, 0xc4, 0xa6, 0xa1, 0xf8, 0x9a, 0x64, 0x5e, 0x99, 0x76, ++ 0xd0, 0x2d, 0xee, 0xde, 0xe1, 0x2c, 0x93, 0x29, 0x4b, 0x12, 0xcf, 0x87, ++ 0x03, 0x98, 0xb9, 0x74, 0x41, 0xdb, 0x3a, 0x49, 0x9f, 0x92, 0xd0, 0x45, ++ 0xd4, 0x30, 0x73, 0xbb, ++}; ++static const struct drbg_kat_pr_true kat3146_t = { ++ 10, kat3146_entropyin, kat3146_nonce, kat3146_persstr, ++ kat3146_entropyinpr1, kat3146_addinpr1, kat3146_entropyinpr2, ++ kat3146_addinpr2, kat3146_retbits ++}; ++static const struct drbg_kat kat3146 = { ++ PR_TRUE, USE_DF, NID_aes_192_ctr, 24, 16, 0, 32, 64, &kat3146_t ++}; ++ ++static const struct drbg_kat *drbg_test[] = { &kat1308, &kat1465, &kat3146 }; ++ ++static const size_t drbg_test_nelem = OSSL_NELEM(drbg_test); ++ ++static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len, ++ int prediction_resistance) ++{ ++ TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index); ++ ++ t->entropycnt++; ++ *pout = (unsigned char *)t->entropy; ++ return t->entropylen; ++} ++ ++static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout, ++ int entropy, size_t min_len, size_t max_len) ++{ ++ TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index); ++ ++ t->noncecnt++; ++ *pout = (unsigned char *)t->nonce; ++ return t->noncelen; ++} ++ ++/* ++ * Do a single NO_RESEED KAT: ++ * ++ * Instantiate ++ * Generate Random Bits (pr=false) ++ * Generate Random Bits (pr=false) ++ * Uninstantiate ++ * ++ * Return 0 on failure. ++ */ ++static int single_kat_no_reseed(const struct drbg_kat *td) ++{ ++ struct drbg_kat_no_reseed *data = (struct drbg_kat_no_reseed *)td->t; ++ RAND_DRBG *drbg = NULL; ++ unsigned char *buff = NULL; ++ unsigned int flags = 0; ++ int failures = 0; ++ TEST_CTX t; ++ ++ if (td->df != USE_DF) ++ flags |= RAND_DRBG_FLAG_CTR_NO_DF; ++ ++ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) ++ return 0; ++ ++ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, ++ kat_nonce, NULL)) { ++ failures++; ++ goto err; ++ } ++ memset(&t, 0, sizeof(t)); ++ t.entropy = data->entropyin; ++ t.entropylen = td->entropyinlen; ++ t.nonce = data->nonce; ++ t.noncelen = td->noncelen; ++ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); ++ ++ buff = OPENSSL_malloc(td->retbyteslen); ++ if (buff == NULL) { ++ failures++; ++ goto err; ++ } ++ ++ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen) ++ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, ++ data->addin1, td->addinlen) ++ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, ++ data->addin2, td->addinlen) ++ || memcmp(data->retbytes, buff, ++ td->retbyteslen) != 0) ++ failures++; ++ ++err: ++ OPENSSL_free(buff); ++ RAND_DRBG_uninstantiate(drbg); ++ RAND_DRBG_free(drbg); ++ return failures == 0; ++} ++ ++/*- ++ * Do a single PR_FALSE KAT: ++ * ++ * Instantiate ++ * Reseed ++ * Generate Random Bits (pr=false) ++ * Generate Random Bits (pr=false) ++ * Uninstantiate ++ * ++ * Return 0 on failure. ++ */ ++static int single_kat_pr_false(const struct drbg_kat *td) ++{ ++ struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t; ++ RAND_DRBG *drbg = NULL; ++ unsigned char *buff = NULL; ++ unsigned int flags = 0; ++ int failures = 0; ++ TEST_CTX t; ++ ++ if (td->df != USE_DF) ++ flags |= RAND_DRBG_FLAG_CTR_NO_DF; ++ ++ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) ++ return 0; ++ ++ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, ++ kat_nonce, NULL)) { ++ failures++; ++ goto err; ++ } ++ memset(&t, 0, sizeof(t)); ++ t.entropy = data->entropyin; ++ t.entropylen = td->entropyinlen; ++ t.nonce = data->nonce; ++ t.noncelen = td->noncelen; ++ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); ++ ++ buff = OPENSSL_malloc(td->retbyteslen); ++ if (buff == NULL) { ++ failures++; ++ goto err; ++ } ++ ++ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)) ++ failures++; ++ ++ t.entropy = data->entropyinreseed; ++ t.entropylen = td->entropyinlen; ++ ++ if (!RAND_DRBG_reseed(drbg, data->addinreseed, td->addinlen, 0) ++ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, ++ data->addin1, td->addinlen) ++ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0, ++ data->addin2, td->addinlen) ++ || memcmp(data->retbytes, buff, ++ td->retbyteslen) != 0) ++ failures++; ++ ++err: ++ OPENSSL_free(buff); ++ RAND_DRBG_uninstantiate(drbg); ++ RAND_DRBG_free(drbg); ++ return failures == 0; ++} ++ ++/*- ++ * Do a single PR_TRUE KAT: ++ * ++ * Instantiate ++ * Generate Random Bits (pr=true) ++ * Generate Random Bits (pr=true) ++ * Uninstantiate ++ * ++ * Return 0 on failure. ++ */ ++static int single_kat_pr_true(const struct drbg_kat *td) ++{ ++ struct drbg_kat_pr_true *data = (struct drbg_kat_pr_true *)td->t; ++ RAND_DRBG *drbg = NULL; ++ unsigned char *buff = NULL; ++ unsigned int flags = 0; ++ int failures = 0; ++ TEST_CTX t; ++ ++ if (td->df != USE_DF) ++ flags |= RAND_DRBG_FLAG_CTR_NO_DF; ++ ++ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) ++ return 0; ++ ++ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, ++ kat_nonce, NULL)) { ++ failures++; ++ goto err; ++ } ++ memset(&t, 0, sizeof(t)); ++ t.nonce = data->nonce; ++ t.noncelen = td->noncelen; ++ t.entropy = data->entropyin; ++ t.entropylen = td->entropyinlen; ++ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); ++ ++ buff = OPENSSL_malloc(td->retbyteslen); ++ if (buff == NULL) { ++ failures++; ++ goto err; ++ } ++ ++ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)) ++ failures++; ++ ++ t.entropy = data->entropyinpr1; ++ t.entropylen = td->entropyinlen; ++ ++ if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1, ++ data->addin1, td->addinlen)) ++ failures++; ++ ++ t.entropy = data->entropyinpr2; ++ t.entropylen = td->entropyinlen; ++ ++ if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1, ++ data->addin2, td->addinlen) ++ || memcmp(data->retbytes, buff, ++ td->retbyteslen) != 0) ++ failures++; ++ ++err: ++ OPENSSL_free(buff); ++ RAND_DRBG_uninstantiate(drbg); ++ RAND_DRBG_free(drbg); ++ return failures == 0; ++} ++ ++static int test_kats(int i) ++{ ++ const struct drbg_kat *td = drbg_test[i]; ++ int rv = 0; ++ ++ switch (td->type) { ++ case NO_RESEED: ++ if (!single_kat_no_reseed(td)) ++ goto err; ++ break; ++ case PR_FALSE: ++ if (!single_kat_pr_false(td)) ++ goto err; ++ break; ++ case PR_TRUE: ++ if (!single_kat_pr_true(td)) ++ goto err; ++ break; ++ default: /* cant happen */ ++ goto err; ++ } ++ rv = 1; ++err: ++ return rv; ++} ++ ++/*- ++ * Do one expected-error test: ++ * ++ * Instantiate with no entropy supplied ++ * ++ * Return 0 on failure. ++ */ ++static int test_drbg_sanity(const struct drbg_kat *td) ++{ ++ struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t; ++ RAND_DRBG *drbg = NULL; ++ unsigned int flags = 0; ++ int failures = 0; ++ TEST_CTX t; ++ ++ if (td->df != USE_DF) ++ flags |= RAND_DRBG_FLAG_CTR_NO_DF; ++ ++ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL) ++ return 0; ++ ++ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, ++ kat_nonce, NULL)) { ++ failures++; ++ goto err; ++ } ++ memset(&t, 0, sizeof(t)); ++ t.entropy = data->entropyin; ++ t.entropylen = 0; /* No entropy */ ++ t.nonce = data->nonce; ++ t.noncelen = td->noncelen; ++ RAND_DRBG_set_ex_data(drbg, app_data_index, &t); ++ ++ ERR_set_mark(); ++ /* This must fail. */ ++ if (RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)) ++ failures++; ++ RAND_DRBG_uninstantiate(drbg); ++ ERR_pop_to_mark(); ++ ++err: ++ RAND_DRBG_free(drbg); ++ return failures == 0; ++} ++ ++ ++int rand_drbg_selftest(void) ++{ ++ int i; ++ ++ if (!RUN_ONCE(&get_index_once, drbg_app_data_index_init)) ++ return 0; ++ ++ for (i = 0; i < drbg_test_nelem; i++) { ++ if (test_kats(i) <= 0) ++ return 0; ++ } ++ ++ if (test_drbg_sanity(&kat1465) <= 0) ++ return 0; ++ ++ return 1; ++} +diff -up openssl-1.1.1e/include/crypto/rand.h.drbg-selftest openssl-1.1.1e/include/crypto/rand.h +--- openssl-1.1.1e/include/crypto/rand.h.drbg-selftest 2020-03-19 17:07:51.182675036 +0100 ++++ openssl-1.1.1e/include/crypto/rand.h 2020-03-19 17:08:14.004276627 +0100 +@@ -140,4 +140,9 @@ void rand_pool_cleanup(void); + */ + void rand_pool_keep_random_devices_open(int keep); + ++/* ++ * Perform the DRBG KAT selftests ++ */ ++int rand_drbg_selftest(void); ++ + #endif diff --git a/openssl-1.1.1-fips-post-rand.patch b/openssl-1.1.1-fips-post-rand.patch index 02d7df3..18a01fe 100644 --- a/openssl-1.1.1-fips-post-rand.patch +++ b/openssl-1.1.1-fips-post-rand.patch @@ -1,11 +1,11 @@ -diff -up openssl-1.1.1d/crypto/fips/fips.c.fips-post-rand openssl-1.1.1d/crypto/fips/fips.c ---- openssl-1.1.1d/crypto/fips/fips.c.fips-post-rand 2019-09-13 16:15:52.656716089 +0200 -+++ openssl-1.1.1d/crypto/fips/fips.c 2019-09-13 16:44:33.217852364 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand openssl-1.1.1e/crypto/fips/fips.c +--- openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand 2020-03-17 18:06:16.822418854 +0100 ++++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-17 18:06:16.861418172 +0100 @@ -68,6 +68,7 @@ # include # include "internal/thread_once.h" -+# include "internal/rand_int.h" ++# include "crypto/rand.h" # ifndef PATH_MAX # define PATH_MAX 1024 @@ -51,32 +51,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips.c.fips-post-rand openssl-1.1.1d/crypto/ ret = 1; goto end; } -diff -up openssl-1.1.1d/crypto/include/internal/fips_int.h.fips-post-rand openssl-1.1.1d/crypto/include/internal/fips_int.h ---- openssl-1.1.1d/crypto/include/internal/fips_int.h.fips-post-rand 2019-09-13 16:15:52.666715914 +0200 -+++ openssl-1.1.1d/crypto/include/internal/fips_int.h 2019-09-13 16:15:52.690715496 +0200 -@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void); - int FIPS_selftest_drbg(void); - int FIPS_selftest_cmac(void); - -+int fips_in_post(void); -+ - int fips_pkey_signature_test(EVP_PKEY *pkey, - const unsigned char *tbs, int tbslen, - const unsigned char *kat, -diff -up openssl-1.1.1d/crypto/include/internal/rand_int.h.fips-post-rand openssl-1.1.1d/crypto/include/internal/rand_int.h ---- openssl-1.1.1d/crypto/include/internal/rand_int.h.fips-post-rand 2019-09-13 16:15:52.307722175 +0200 -+++ openssl-1.1.1d/crypto/include/internal/rand_int.h 2019-09-13 16:41:47.133736023 +0200 -@@ -24,6 +24,7 @@ - typedef struct rand_pool_st RAND_POOL; - - void rand_cleanup_int(void); -+void rand_force_reseed(void); - void rand_drbg_cleanup_int(void); - void drbg_delete_thread_state(void); - -diff -up openssl-1.1.1d/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1d/crypto/rand/drbg_lib.c ---- openssl-1.1.1d/crypto/rand/drbg_lib.c.fips-post-rand 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rand/drbg_lib.c 2019-09-13 16:44:04.808345620 +0200 +diff -up openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1e/crypto/rand/drbg_lib.c +--- openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rand/drbg_lib.c 2020-03-17 18:07:35.305045521 +0100 @@ -1009,6 +1009,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg return min_entropy > min_entropylen ? min_entropy : min_entropylen; } @@ -98,14 +75,14 @@ diff -up openssl-1.1.1d/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1d/cry /* Implements the default OpenSSL RAND_add() method */ static int drbg_add(const void *buf, int num, double randomness) { -diff -up openssl-1.1.1d/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1d/crypto/rand/rand_unix.c ---- openssl-1.1.1d/crypto/rand/rand_unix.c.fips-post-rand 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rand/rand_unix.c 2019-09-13 16:15:52.690715496 +0200 +diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/crypto/rand/rand_unix.c +--- openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rand/rand_unix.c 2020-03-17 18:09:01.503537189 +0100 @@ -17,10 +17,12 @@ #include - #include "rand_lcl.h" - #include "internal/rand_int.h" -+#include "internal/fips_int.h" + #include "rand_local.h" + #include "crypto/rand.h" ++#include "crypto/fips.h" #include #include "internal/dso.h" #ifdef __linux @@ -114,7 +91,7 @@ diff -up openssl-1.1.1d/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1d/cr # ifdef DEVRANDOM_WAIT # include # include -@@ -295,7 +297,7 @@ static ssize_t sysctl_random(char *buf, +@@ -342,7 +344,7 @@ static ssize_t sysctl_random(char *buf, * syscall_random(): Try to get random data using a system call * returns the number of bytes returned in buf, or < 0 on error. */ @@ -123,7 +100,7 @@ diff -up openssl-1.1.1d/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1d/cr { /* * Note: 'buflen' equals the size of the buffer which is used by the -@@ -317,6 +319,7 @@ static ssize_t syscall_random(void *buf, +@@ -364,6 +366,7 @@ static ssize_t syscall_random(void *buf, * - Linux since 3.17 with glibc 2.25 * - FreeBSD since 12.0 (1200061) */ @@ -131,7 +108,7 @@ diff -up openssl-1.1.1d/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1d/cr # if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux) extern int getentropy(void *buffer, size_t length) __attribute__((weak)); -@@ -338,10 +341,10 @@ static ssize_t syscall_random(void *buf, +@@ -385,10 +388,10 @@ static ssize_t syscall_random(void *buf, if (p_getentropy.p != NULL) return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1; # endif @@ -145,7 +122,7 @@ diff -up openssl-1.1.1d/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1d/cr # elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) return sysctl_random(buf, buflen); # else -@@ -576,6 +579,9 @@ size_t rand_pool_acquire_entropy(RAND_PO +@@ -623,6 +626,9 @@ size_t rand_pool_acquire_entropy(RAND_PO size_t entropy_available; # if defined(OPENSSL_RAND_SEED_GETRANDOM) @@ -155,7 +132,7 @@ diff -up openssl-1.1.1d/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1d/cr { size_t bytes_needed; unsigned char *buffer; -@@ -586,7 +592,7 @@ size_t rand_pool_acquire_entropy(RAND_PO +@@ -633,7 +639,7 @@ size_t rand_pool_acquire_entropy(RAND_PO bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); while (bytes_needed != 0 && attempts-- > 0) { buffer = rand_pool_add_begin(pool, bytes_needed); @@ -164,7 +141,7 @@ diff -up openssl-1.1.1d/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1d/cr if (bytes > 0) { rand_pool_add_end(pool, bytes, 8 * bytes); bytes_needed -= bytes; -@@ -621,8 +627,10 @@ size_t rand_pool_acquire_entropy(RAND_PO +@@ -668,8 +674,10 @@ size_t rand_pool_acquire_entropy(RAND_PO int attempts = 3; const int fd = get_random_device(i); @@ -176,7 +153,7 @@ diff -up openssl-1.1.1d/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1d/cr while (bytes_needed != 0 && attempts-- > 0) { buffer = rand_pool_add_begin(pool, bytes_needed); -@@ -685,7 +693,9 @@ size_t rand_pool_acquire_entropy(RAND_PO +@@ -732,7 +740,9 @@ size_t rand_pool_acquire_entropy(RAND_PO return entropy_available; } # endif @@ -187,3 +164,26 @@ diff -up openssl-1.1.1d/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1d/cr return rand_pool_entropy_available(pool); # endif } +diff -up openssl-1.1.1e/include/crypto/fips.h.fips-post-rand openssl-1.1.1e/include/crypto/fips.h +--- openssl-1.1.1e/include/crypto/fips.h.fips-post-rand 2020-03-17 18:06:16.831418696 +0100 ++++ openssl-1.1.1e/include/crypto/fips.h 2020-03-17 18:06:16.861418172 +0100 +@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void); + int FIPS_selftest_drbg(void); + int FIPS_selftest_cmac(void); + ++int fips_in_post(void); ++ + int fips_pkey_signature_test(EVP_PKEY *pkey, + const unsigned char *tbs, int tbslen, + const unsigned char *kat, +diff -up openssl-1.1.1e/include/crypto/rand.h.fips-post-rand openssl-1.1.1e/include/crypto/rand.h +--- openssl-1.1.1e/include/crypto/rand.h.fips-post-rand 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/crypto/rand.h 2020-03-17 18:07:35.303045555 +0100 +@@ -24,6 +24,7 @@ + typedef struct rand_pool_st RAND_POOL; + + void rand_cleanup_int(void); ++void rand_force_reseed(void); + void rand_drbg_cleanup_int(void); + void drbg_delete_thread_state(void); + diff --git a/openssl-1.1.1-fips.patch b/openssl-1.1.1-fips.patch index 4c43d17..c17f6e8 100644 --- a/openssl-1.1.1-fips.patch +++ b/openssl-1.1.1-fips.patch @@ -1,7 +1,7 @@ -diff -up openssl-1.1.1d/apps/pkcs12.c.fips openssl-1.1.1d/apps/pkcs12.c ---- openssl-1.1.1d/apps/pkcs12.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/apps/pkcs12.c 2019-09-13 15:13:11.022525640 +0200 -@@ -126,7 +126,7 @@ int pkcs12_main(int argc, char **argv) +diff -up openssl-1.1.1e/apps/pkcs12.c.fips openssl-1.1.1e/apps/pkcs12.c +--- openssl-1.1.1e/apps/pkcs12.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/apps/pkcs12.c 2020-03-17 17:30:52.020567497 +0100 +@@ -127,7 +127,7 @@ int pkcs12_main(int argc, char **argv) int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0; int iter = PKCS12_DEFAULT_ITER, maciter = PKCS12_DEFAULT_ITER; # ifndef OPENSSL_NO_RC2 @@ -10,10 +10,10 @@ diff -up openssl-1.1.1d/apps/pkcs12.c.fips openssl-1.1.1d/apps/pkcs12.c # else int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; # endif -diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c ---- openssl-1.1.1d/apps/speed.c.fips 2019-10-03 16:51:22.019915908 +0200 -+++ openssl-1.1.1d/apps/speed.c 2019-10-03 17:40:09.909994582 +0200 -@@ -1595,7 +1595,8 @@ int speed_main(int argc, char **argv) +diff -up openssl-1.1.1e/apps/speed.c.fips openssl-1.1.1e/apps/speed.c +--- openssl-1.1.1e/apps/speed.c.fips 2020-03-17 17:30:51.997567897 +0100 ++++ openssl-1.1.1e/apps/speed.c 2020-03-17 17:30:52.021567479 +0100 +@@ -1593,7 +1593,8 @@ int speed_main(int argc, char **argv) continue; if (strcmp(*argv, "rsa") == 0) { for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++) @@ -23,7 +23,7 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c continue; } if (found(*argv, rsa_choices, &i)) { -@@ -1605,7 +1606,9 @@ int speed_main(int argc, char **argv) +@@ -1603,7 +1604,9 @@ int speed_main(int argc, char **argv) #endif #ifndef OPENSSL_NO_DSA if (strcmp(*argv, "dsa") == 0) { @@ -34,7 +34,7 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c dsa_doit[R_DSA_2048] = 1; continue; } -@@ -1636,19 +1639,21 @@ int speed_main(int argc, char **argv) +@@ -1634,19 +1637,21 @@ int speed_main(int argc, char **argv) } if (strcmp(*argv, "ecdh") == 0) { for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++) @@ -60,7 +60,7 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c eddsa_doit[i] = 2; continue; } -@@ -1737,23 +1742,31 @@ int speed_main(int argc, char **argv) +@@ -1735,23 +1740,31 @@ int speed_main(int argc, char **argv) /* No parameters; turn on everything. */ if ((argc == 0) && !doit[D_EVP]) { for (i = 0; i < ALGOR_NUM; i++) @@ -98,7 +98,7 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c #endif } for (i = 0; i < ALGOR_NUM; i++) -@@ -1801,30 +1814,46 @@ int speed_main(int argc, char **argv) +@@ -1799,30 +1812,46 @@ int speed_main(int argc, char **argv) AES_set_encrypt_key(key24, 192, &aes_ks2); AES_set_encrypt_key(key32, 256, &aes_ks3); #ifndef OPENSSL_NO_CAMELLIA @@ -155,7 +155,7 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c #endif #ifndef SIGALRM # ifndef OPENSSL_NO_DES -@@ -2122,6 +2151,7 @@ int speed_main(int argc, char **argv) +@@ -2120,6 +2149,7 @@ int speed_main(int argc, char **argv) for (i = 0; i < loopargs_len; i++) { loopargs[i].hctx = HMAC_CTX_new(); @@ -163,10 +163,10 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c if (loopargs[i].hctx == NULL) { BIO_printf(bio_err, "HMAC malloc failure, exiting..."); exit(1); -diff -up openssl-1.1.1d/Configure.fips openssl-1.1.1d/Configure ---- openssl-1.1.1d/Configure.fips 2019-09-13 15:13:11.017525727 +0200 -+++ openssl-1.1.1d/Configure 2019-09-13 15:13:11.023525622 +0200 -@@ -307,7 +307,7 @@ $config{sdirs} = [ +diff -up openssl-1.1.1e/Configure.fips openssl-1.1.1e/Configure +--- openssl-1.1.1e/Configure.fips 2020-03-17 17:30:52.015567584 +0100 ++++ openssl-1.1.1e/Configure 2020-03-17 17:30:52.022567462 +0100 +@@ -319,7 +319,7 @@ $config{sdirs} = [ "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "blake2", "siphash", "sm3", "des", "aes", "rc2", "rc4", "rc5", "idea", "aria", "bf", "cast", "camellia", "seed", "sm4", "chacha", "modes", "bn", "ec", "rsa", "dsa", "dh", "sm2", "dso", "engine", @@ -175,9 +175,9 @@ diff -up openssl-1.1.1d/Configure.fips openssl-1.1.1d/Configure "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui", "cms", "ts", "srp", "cmac", "ct", "async", "kdf", "store" ]; -diff -up openssl-1.1.1d/crypto/cmac/cm_pmeth.c.fips openssl-1.1.1d/crypto/cmac/cm_pmeth.c ---- openssl-1.1.1d/crypto/cmac/cm_pmeth.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/cmac/cm_pmeth.c 2019-09-13 15:13:11.023525622 +0200 +diff -up openssl-1.1.1e/crypto/cmac/cm_pmeth.c.fips openssl-1.1.1e/crypto/cmac/cm_pmeth.c +--- openssl-1.1.1e/crypto/cmac/cm_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/cmac/cm_pmeth.c 2020-03-17 17:30:52.022567462 +0100 @@ -129,7 +129,7 @@ static int pkey_cmac_ctrl_str(EVP_PKEY_C const EVP_PKEY_METHOD cmac_pkey_meth = { @@ -187,9 +187,9 @@ diff -up openssl-1.1.1d/crypto/cmac/cm_pmeth.c.fips openssl-1.1.1d/crypto/cmac/c pkey_cmac_init, pkey_cmac_copy, pkey_cmac_cleanup, -diff -up openssl-1.1.1d/crypto/dh/dh_err.c.fips openssl-1.1.1d/crypto/dh/dh_err.c ---- openssl-1.1.1d/crypto/dh/dh_err.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dh/dh_err.c 2019-09-13 15:13:11.023525622 +0200 +diff -up openssl-1.1.1e/crypto/dh/dh_err.c.fips openssl-1.1.1e/crypto/dh/dh_err.c +--- openssl-1.1.1e/crypto/dh/dh_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_err.c 2020-03-17 17:30:52.022567462 +0100 @@ -25,6 +25,9 @@ static const ERR_STRING_DATA DH_str_func {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_PEERKEY, 0), "dh_cms_set_peerkey"}, {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_SHARED_INFO, 0), @@ -215,13 +215,13 @@ diff -up openssl-1.1.1d/crypto/dh/dh_err.c.fips openssl-1.1.1d/crypto/dh/dh_err. {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"}, {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"}, -diff -up openssl-1.1.1d/crypto/dh/dh_gen.c.fips openssl-1.1.1d/crypto/dh/dh_gen.c ---- openssl-1.1.1d/crypto/dh/dh_gen.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dh/dh_gen.c 2019-09-13 15:13:11.023525622 +0200 +diff -up openssl-1.1.1e/crypto/dh/dh_gen.c.fips openssl-1.1.1e/crypto/dh/dh_gen.c +--- openssl-1.1.1e/crypto/dh/dh_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_gen.c 2020-03-17 18:03:31.005320382 +0100 @@ -16,6 +16,9 @@ #include "internal/cryptlib.h" #include - #include "dh_locl.h" + #include "dh_local.h" +#ifdef OPENSSL_FIPS +# include +#endif @@ -261,13 +261,13 @@ diff -up openssl-1.1.1d/crypto/dh/dh_gen.c.fips openssl-1.1.1d/crypto/dh/dh_gen. ctx = BN_CTX_new(); if (ctx == NULL) goto err; -diff -up openssl-1.1.1d/crypto/dh/dh_key.c.fips openssl-1.1.1d/crypto/dh/dh_key.c ---- openssl-1.1.1d/crypto/dh/dh_key.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dh/dh_key.c 2019-09-13 15:13:11.024525605 +0200 +diff -up openssl-1.1.1e/crypto/dh/dh_key.c.fips openssl-1.1.1e/crypto/dh/dh_key.c +--- openssl-1.1.1e/crypto/dh/dh_key.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_key.c 2020-03-17 18:03:52.706940641 +0100 @@ -11,6 +11,9 @@ #include "internal/cryptlib.h" - #include "dh_locl.h" - #include "internal/bn_int.h" + #include "dh_local.h" + #include "crypto/bn.h" +#ifdef OPENSSL_FIPS +# include +#endif @@ -347,9 +347,9 @@ diff -up openssl-1.1.1d/crypto/dh/dh_key.c.fips openssl-1.1.1d/crypto/dh/dh_key. dh->flags |= DH_FLAG_CACHE_MONT_P; return 1; } -diff -up openssl-1.1.1d/crypto/dh/dh_pmeth.c.fips openssl-1.1.1d/crypto/dh/dh_pmeth.c ---- openssl-1.1.1d/crypto/dh/dh_pmeth.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dh/dh_pmeth.c 2019-09-13 15:13:11.024525605 +0200 +diff -up openssl-1.1.1e/crypto/dh/dh_pmeth.c.fips openssl-1.1.1e/crypto/dh/dh_pmeth.c +--- openssl-1.1.1e/crypto/dh/dh_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_pmeth.c 2020-03-17 17:30:52.023567444 +0100 @@ -480,7 +480,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX * const EVP_PKEY_METHOD dh_pkey_meth = { @@ -368,9 +368,9 @@ diff -up openssl-1.1.1d/crypto/dh/dh_pmeth.c.fips openssl-1.1.1d/crypto/dh/dh_pm pkey_dh_init, pkey_dh_copy, pkey_dh_cleanup, -diff -up openssl-1.1.1d/crypto/dsa/dsa_err.c.fips openssl-1.1.1d/crypto/dsa/dsa_err.c ---- openssl-1.1.1d/crypto/dsa/dsa_err.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dsa/dsa_err.c 2019-09-13 15:14:33.737079876 +0200 +diff -up openssl-1.1.1e/crypto/dsa/dsa_err.c.fips openssl-1.1.1e/crypto/dsa/dsa_err.c +--- openssl-1.1.1e/crypto/dsa/dsa_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_err.c 2020-03-17 17:30:52.023567444 +0100 @@ -16,12 +16,15 @@ static const ERR_STRING_DATA DSA_str_functs[] = { {ERR_PACK(ERR_LIB_DSA, DSA_F_DSAPARAMS_PRINT, 0), "DSAparams_print"}, @@ -402,13 +402,13 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_err.c.fips openssl-1.1.1d/crypto/dsa/dsa_ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"}, {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_Q_NOT_PRIME), "q not prime"}, -diff -up openssl-1.1.1d/crypto/dsa/dsa_gen.c.fips openssl-1.1.1d/crypto/dsa/dsa_gen.c ---- openssl-1.1.1d/crypto/dsa/dsa_gen.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dsa/dsa_gen.c 2019-09-13 15:13:11.046525220 +0200 +diff -up openssl-1.1.1e/crypto/dsa/dsa_gen.c.fips openssl-1.1.1e/crypto/dsa/dsa_gen.c +--- openssl-1.1.1e/crypto/dsa/dsa_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_gen.c 2020-03-17 18:02:14.626656877 +0100 @@ -22,12 +22,22 @@ #include #include - #include "dsa_locl.h" + #include "dsa_local.h" +#ifdef OPENSSL_FIPS +# include +#endif @@ -566,16 +566,16 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_gen.c.fips openssl-1.1.1d/crypto/dsa/dsa_ +} + +#endif -diff -up openssl-1.1.1d/crypto/dsa/dsa_key.c.fips openssl-1.1.1d/crypto/dsa/dsa_key.c ---- openssl-1.1.1d/crypto/dsa/dsa_key.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dsa/dsa_key.c 2019-09-13 15:13:11.046525220 +0200 +diff -up openssl-1.1.1e/crypto/dsa/dsa_key.c.fips openssl-1.1.1e/crypto/dsa/dsa_key.c +--- openssl-1.1.1e/crypto/dsa/dsa_key.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_key.c 2020-03-17 18:02:51.103018604 +0100 @@ -13,10 +13,49 @@ #include - #include "dsa_locl.h" + #include "dsa_local.h" +#ifdef OPENSSL_FIPS +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" + +static int fips_check_dsa(DSA *dsa) +{ @@ -648,12 +648,12 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_key.c.fips openssl-1.1.1d/crypto/dsa/dsa_ ok = 1; err: -diff -up openssl-1.1.1d/crypto/dsa/dsa_ossl.c.fips openssl-1.1.1d/crypto/dsa/dsa_ossl.c ---- openssl-1.1.1d/crypto/dsa/dsa_ossl.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dsa/dsa_ossl.c 2019-09-13 15:13:11.047525203 +0200 +diff -up openssl-1.1.1e/crypto/dsa/dsa_ossl.c.fips openssl-1.1.1e/crypto/dsa/dsa_ossl.c +--- openssl-1.1.1e/crypto/dsa/dsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_ossl.c 2020-03-19 17:11:22.037994064 +0100 @@ -14,6 +14,9 @@ #include - #include "dsa_locl.h" + #include "dsa_local.h" #include +#ifdef OPENSSL_FIPS +# include @@ -710,10 +710,10 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_ossl.c.fips openssl-1.1.1d/crypto/dsa/dsa dsa->flags |= DSA_FLAG_CACHE_MONT_P; return 1; } -diff -up openssl-1.1.1d/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1d/crypto/dsa/dsa_pmeth.c ---- openssl-1.1.1d/crypto/dsa/dsa_pmeth.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dsa/dsa_pmeth.c 2019-09-13 15:13:11.047525203 +0200 -@@ -215,8 +215,8 @@ static int pkey_dsa_paramgen(EVP_PKEY_CT +diff -up openssl-1.1.1e/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1e/crypto/dsa/dsa_pmeth.c +--- openssl-1.1.1e/crypto/dsa/dsa_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_pmeth.c 2020-03-17 17:30:52.025567409 +0100 +@@ -211,8 +211,8 @@ static int pkey_dsa_paramgen(EVP_PKEY_CT BN_GENCB_free(pcb); return 0; } @@ -724,7 +724,7 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1d/crypto/dsa/ds BN_GENCB_free(pcb); if (ret) EVP_PKEY_assign_DSA(pkey, dsa); -@@ -245,7 +245,7 @@ static int pkey_dsa_keygen(EVP_PKEY_CTX +@@ -241,7 +241,7 @@ static int pkey_dsa_keygen(EVP_PKEY_CTX const EVP_PKEY_METHOD dsa_pkey_meth = { EVP_PKEY_DSA, @@ -733,12 +733,12 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1d/crypto/dsa/ds pkey_dsa_init, pkey_dsa_copy, pkey_dsa_cleanup, -diff -up openssl-1.1.1d/crypto/ec/ecdh_ossl.c.fips openssl-1.1.1d/crypto/ec/ecdh_ossl.c ---- openssl-1.1.1d/crypto/ec/ecdh_ossl.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/ec/ecdh_ossl.c 2019-09-13 15:13:11.047525203 +0200 +diff -up openssl-1.1.1e/crypto/ec/ecdh_ossl.c.fips openssl-1.1.1e/crypto/ec/ecdh_ossl.c +--- openssl-1.1.1e/crypto/ec/ecdh_ossl.c.fips 2020-03-17 17:30:52.025567409 +0100 ++++ openssl-1.1.1e/crypto/ec/ecdh_ossl.c 2020-03-17 18:01:24.704530440 +0100 @@ -19,9 +19,20 @@ #include - #include "ec_lcl.h" + #include "ec_local.h" +#ifdef OPENSSL_FIPS +# include @@ -757,12 +757,12 @@ diff -up openssl-1.1.1d/crypto/ec/ecdh_ossl.c.fips openssl-1.1.1d/crypto/ec/ecdh if (ecdh->group->meth->ecdh_compute_key == NULL) { ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH); return 0; -diff -up openssl-1.1.1d/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.1d/crypto/ec/ecdsa_ossl.c ---- openssl-1.1.1d/crypto/ec/ecdsa_ossl.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/ec/ecdsa_ossl.c 2019-09-13 15:13:11.047525203 +0200 +diff -up openssl-1.1.1e/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.1e/crypto/ec/ecdsa_ossl.c +--- openssl-1.1.1e/crypto/ec/ecdsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/ec/ecdsa_ossl.c 2020-03-17 18:01:41.642234061 +0100 @@ -14,6 +14,10 @@ - #include "internal/bn_int.h" - #include "ec_lcl.h" + #include "crypto/bn.h" + #include "ec_local.h" +#ifdef OPENSSL_FIPS +# include @@ -799,9 +799,9 @@ diff -up openssl-1.1.1d/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.1d/crypto/ec/ecd /* check input values */ if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { -diff -up openssl-1.1.1d/crypto/ec/ec_key.c.fips openssl-1.1.1d/crypto/ec/ec_key.c ---- openssl-1.1.1d/crypto/ec/ec_key.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/ec/ec_key.c 2019-09-13 15:13:11.048525186 +0200 +diff -up openssl-1.1.1e/crypto/ec/ec_key.c.fips openssl-1.1.1e/crypto/ec/ec_key.c +--- openssl-1.1.1e/crypto/ec/ec_key.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/ec/ec_key.c 2020-03-17 17:30:52.026567392 +0100 @@ -178,14 +178,62 @@ ENGINE *EC_KEY_get0_engine(const EC_KEY return eckey->engine; } @@ -809,7 +809,7 @@ diff -up openssl-1.1.1d/crypto/ec/ec_key.c.fips openssl-1.1.1d/crypto/ec/ec_key. +#ifdef OPENSSL_FIPS + +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" + +static int fips_check_ec(EC_KEY *key) +{ @@ -867,9 +867,9 @@ diff -up openssl-1.1.1d/crypto/ec/ec_key.c.fips openssl-1.1.1d/crypto/ec/ec_key. ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_OPERATION_NOT_SUPPORTED); return 0; } -diff -up openssl-1.1.1d/crypto/ec/ec_pmeth.c.fips openssl-1.1.1d/crypto/ec/ec_pmeth.c ---- openssl-1.1.1d/crypto/ec/ec_pmeth.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/ec/ec_pmeth.c 2019-09-13 15:13:11.048525186 +0200 +diff -up openssl-1.1.1e/crypto/ec/ec_pmeth.c.fips openssl-1.1.1e/crypto/ec/ec_pmeth.c +--- openssl-1.1.1e/crypto/ec/ec_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/ec/ec_pmeth.c 2020-03-17 17:30:52.026567392 +0100 @@ -438,7 +438,7 @@ static int pkey_ec_keygen(EVP_PKEY_CTX * const EVP_PKEY_METHOD ec_pkey_meth = { @@ -879,9 +879,9 @@ diff -up openssl-1.1.1d/crypto/ec/ec_pmeth.c.fips openssl-1.1.1d/crypto/ec/ec_pm pkey_ec_init, pkey_ec_copy, pkey_ec_cleanup, -diff -up openssl-1.1.1d/crypto/evp/c_allc.c.fips openssl-1.1.1d/crypto/evp/c_allc.c ---- openssl-1.1.1d/crypto/evp/c_allc.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/c_allc.c 2019-09-13 15:13:11.048525186 +0200 +diff -up openssl-1.1.1e/crypto/evp/c_allc.c.fips openssl-1.1.1e/crypto/evp/c_allc.c +--- openssl-1.1.1e/crypto/evp/c_allc.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/c_allc.c 2020-03-17 17:30:52.027567375 +0100 @@ -17,6 +17,9 @@ void openssl_add_all_ciphers_int(void) { @@ -963,9 +963,9 @@ diff -up openssl-1.1.1d/crypto/evp/c_allc.c.fips openssl-1.1.1d/crypto/evp/c_all + } +#endif } -diff -up openssl-1.1.1d/crypto/evp/c_alld.c.fips openssl-1.1.1d/crypto/evp/c_alld.c ---- openssl-1.1.1d/crypto/evp/c_alld.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/c_alld.c 2019-09-13 15:13:11.048525186 +0200 +diff -up openssl-1.1.1e/crypto/evp/c_alld.c.fips openssl-1.1.1e/crypto/evp/c_alld.c +--- openssl-1.1.1e/crypto/evp/c_alld.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/c_alld.c 2020-03-17 17:30:52.027567375 +0100 @@ -16,6 +16,9 @@ void openssl_add_all_digests_int(void) @@ -1001,13 +1001,13 @@ diff -up openssl-1.1.1d/crypto/evp/c_alld.c.fips openssl-1.1.1d/crypto/evp/c_all + } +#endif } -diff -up openssl-1.1.1d/crypto/evp/digest.c.fips openssl-1.1.1d/crypto/evp/digest.c ---- openssl-1.1.1d/crypto/evp/digest.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/digest.c 2019-09-13 15:13:11.049525168 +0200 +diff -up openssl-1.1.1e/crypto/evp/digest.c.fips openssl-1.1.1e/crypto/evp/digest.c +--- openssl-1.1.1e/crypto/evp/digest.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/digest.c 2020-03-17 17:38:57.528093469 +0100 @@ -14,6 +14,9 @@ #include - #include "internal/evp_int.h" - #include "evp_locl.h" + #include "crypto/evp.h" + #include "evp_local.h" +#ifdef OPENSSL_FIPS +# include +#endif @@ -1064,9 +1064,9 @@ diff -up openssl-1.1.1d/crypto/evp/digest.c.fips openssl-1.1.1d/crypto/evp/diges OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); ret = ctx->digest->final(ctx, md); if (size != NULL) -diff -up openssl-1.1.1d/crypto/evp/e_aes.c.fips openssl-1.1.1d/crypto/evp/e_aes.c ---- openssl-1.1.1d/crypto/evp/e_aes.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/e_aes.c 2019-09-13 17:19:00.558994569 +0200 +diff -up openssl-1.1.1e/crypto/evp/e_aes.c.fips openssl-1.1.1e/crypto/evp/e_aes.c +--- openssl-1.1.1e/crypto/evp/e_aes.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/e_aes.c 2020-03-17 17:30:52.028567357 +0100 @@ -397,7 +397,7 @@ static int aesni_xts_init_key(EVP_CIPHER * This addresses Rogaway's vulnerability. * See comment in aes_xts_init_key() below. @@ -1189,9 +1189,9 @@ diff -up openssl-1.1.1d/crypto/evp/e_aes.c.fips openssl-1.1.1d/crypto/evp/e_aes. | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1) -diff -up openssl-1.1.1d/crypto/evp/e_des3.c.fips openssl-1.1.1d/crypto/evp/e_des3.c ---- openssl-1.1.1d/crypto/evp/e_des3.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/e_des3.c 2019-09-13 15:13:11.050525151 +0200 +diff -up openssl-1.1.1e/crypto/evp/e_des3.c.fips openssl-1.1.1e/crypto/evp/e_des3.c +--- openssl-1.1.1e/crypto/evp/e_des3.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/e_des3.c 2020-03-17 17:30:52.029567340 +0100 @@ -211,16 +211,19 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, # define des_ede3_cbc_cipher des_ede_cbc_cipher # define des_ede3_ecb_cipher des_ede_ecb_cipher @@ -1218,9 +1218,9 @@ diff -up openssl-1.1.1d/crypto/evp/e_des3.c.fips openssl-1.1.1d/crypto/evp/e_des static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) -diff -up openssl-1.1.1d/crypto/evp/e_null.c.fips openssl-1.1.1d/crypto/evp/e_null.c ---- openssl-1.1.1d/crypto/evp/e_null.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/e_null.c 2019-09-13 15:13:11.051525133 +0200 +diff -up openssl-1.1.1e/crypto/evp/e_null.c.fips openssl-1.1.1e/crypto/evp/e_null.c +--- openssl-1.1.1e/crypto/evp/e_null.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/e_null.c 2020-03-17 17:30:52.029567340 +0100 @@ -19,7 +19,8 @@ static int null_cipher(EVP_CIPHER_CTX *c const unsigned char *in, size_t inl); static const EVP_CIPHER n_cipher = { @@ -1231,30 +1231,28 @@ diff -up openssl-1.1.1d/crypto/evp/e_null.c.fips openssl-1.1.1d/crypto/evp/e_nul null_init_key, null_cipher, NULL, -diff -up openssl-1.1.1d/crypto/evp/evp_enc.c.fips openssl-1.1.1d/crypto/evp/evp_enc.c ---- openssl-1.1.1d/crypto/evp/evp_enc.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/evp_enc.c 2019-09-13 15:13:11.051525133 +0200 -@@ -17,10 +17,19 @@ +diff -up openssl-1.1.1e/crypto/evp/evp_enc.c.fips openssl-1.1.1e/crypto/evp/evp_enc.c +--- openssl-1.1.1e/crypto/evp/evp_enc.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_enc.c 2020-03-17 17:39:52.663129373 +0100 +@@ -17,9 +17,18 @@ #include - #include "internal/evp_int.h" - #include "evp_locl.h" + #include "crypto/evp.h" + #include "evp_local.h" +#ifdef OPENSSL_FIPS +# include +#endif int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c) { -- if (c == NULL) +#ifdef OPENSSL_FIPS + if (FIPS_selftest_failed()) { + FIPSerr(FIPS_F_EVP_CIPHER_CTX_RESET, FIPS_R_FIPS_SELFTEST_FAILED); + return 0; + } +#endif -+ if (c == NULL) + if (c == NULL) return 1; if (c->cipher != NULL) { - if (c->cipher->cleanup && !c->cipher->cleanup(c)) @@ -39,6 +48,12 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) @@ -1309,9 +1307,9 @@ diff -up openssl-1.1.1d/crypto/evp/evp_enc.c.fips openssl-1.1.1d/crypto/evp/evp_ if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { if (!ctx->cipher->init(ctx, key, iv, enc)) -diff -up openssl-1.1.1d/crypto/evp/evp_err.c.fips openssl-1.1.1d/crypto/evp/evp_err.c ---- openssl-1.1.1d/crypto/evp/evp_err.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/evp_err.c 2019-09-13 15:25:47.290298192 +0200 +diff -up openssl-1.1.1e/crypto/evp/evp_err.c.fips openssl-1.1.1e/crypto/evp/evp_err.c +--- openssl-1.1.1e/crypto/evp/evp_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_err.c 2020-03-17 17:30:52.030567322 +0100 @@ -23,6 +23,7 @@ static const ERR_STRING_DATA EVP_str_fun {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_T4_XTS_INIT_KEY, 0), "aes_t4_xts_init_key"}, @@ -1328,7 +1326,7 @@ diff -up openssl-1.1.1d/crypto/evp/evp_err.c.fips openssl-1.1.1d/crypto/evp/evp_ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_LOADING_SECTION), "error loading section"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_SETTING_FIPS_MODE), -@@ -248,6 +250,7 @@ static const ERR_STRING_DATA EVP_str_rea +@@ -249,6 +251,7 @@ static const ERR_STRING_DATA EVP_str_rea {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"}, @@ -1336,7 +1334,7 @@ diff -up openssl-1.1.1d/crypto/evp/evp_err.c.fips openssl-1.1.1d/crypto/evp/evp_ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_CIPHER), "unknown cipher"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_DIGEST), "unknown digest"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_OPTION), "unknown option"}, -@@ -273,6 +276,8 @@ static const ERR_STRING_DATA EVP_str_rea +@@ -274,6 +277,8 @@ static const ERR_STRING_DATA EVP_str_rea "wrap mode not allowed"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"}, @@ -1345,9 +1343,9 @@ diff -up openssl-1.1.1d/crypto/evp/evp_err.c.fips openssl-1.1.1d/crypto/evp/evp_ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DUPLICATED_KEYS), "xts duplicated keys"}, {0, NULL} -diff -up openssl-1.1.1d/crypto/evp/evp_lib.c.fips openssl-1.1.1d/crypto/evp/evp_lib.c ---- openssl-1.1.1d/crypto/evp/evp_lib.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/evp_lib.c 2019-09-13 15:13:11.051525133 +0200 +diff -up openssl-1.1.1e/crypto/evp/evp_lib.c.fips openssl-1.1.1e/crypto/evp/evp_lib.c +--- openssl-1.1.1e/crypto/evp/evp_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_lib.c 2020-03-17 17:30:52.030567322 +0100 @@ -192,6 +192,9 @@ int EVP_CIPHER_impl_ctx_size(const EVP_C int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) @@ -1358,9 +1356,9 @@ diff -up openssl-1.1.1d/crypto/evp/evp_lib.c.fips openssl-1.1.1d/crypto/evp/evp_ return ctx->cipher->do_cipher(ctx, out, in, inl); } -diff -up openssl-1.1.1d/crypto/evp/m_sha1.c.fips openssl-1.1.1d/crypto/evp/m_sha1.c ---- openssl-1.1.1d/crypto/evp/m_sha1.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/m_sha1.c 2019-09-13 15:13:11.052525116 +0200 +diff -up openssl-1.1.1e/crypto/evp/m_sha1.c.fips openssl-1.1.1e/crypto/evp/m_sha1.c +--- openssl-1.1.1e/crypto/evp/m_sha1.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/m_sha1.c 2020-03-17 17:30:52.030567322 +0100 @@ -95,7 +95,7 @@ static const EVP_MD sha1_md = { NID_sha1, NID_sha1WithRSAEncryption, @@ -1424,9 +1422,9 @@ diff -up openssl-1.1.1d/crypto/evp/m_sha1.c.fips openssl-1.1.1d/crypto/evp/m_sha init512, update512, final512, -diff -up openssl-1.1.1d/crypto/evp/m_sha3.c.fips openssl-1.1.1d/crypto/evp/m_sha3.c ---- openssl-1.1.1d/crypto/evp/m_sha3.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/m_sha3.c 2019-09-13 15:13:11.052525116 +0200 +diff -up openssl-1.1.1e/crypto/evp/m_sha3.c.fips openssl-1.1.1e/crypto/evp/m_sha3.c +--- openssl-1.1.1e/crypto/evp/m_sha3.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/m_sha3.c 2020-03-17 17:30:52.031567305 +0100 @@ -295,7 +295,7 @@ const EVP_MD *EVP_sha3_##bitlen(void) NID_sha3_##bitlen, \ NID_RSA_SHA3_##bitlen, \ @@ -1481,9 +1479,9 @@ diff -up openssl-1.1.1d/crypto/evp/m_sha3.c.fips openssl-1.1.1d/crypto/evp/m_sha shake_init, \ sha3_update, \ sha3_final, \ -diff -up openssl-1.1.1d/crypto/evp/pmeth_lib.c.fips openssl-1.1.1d/crypto/evp/pmeth_lib.c ---- openssl-1.1.1d/crypto/evp/pmeth_lib.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/pmeth_lib.c 2019-09-13 15:13:11.052525116 +0200 +diff -up openssl-1.1.1e/crypto/evp/pmeth_lib.c.fips openssl-1.1.1e/crypto/evp/pmeth_lib.c +--- openssl-1.1.1e/crypto/evp/pmeth_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/pmeth_lib.c 2020-03-17 17:30:52.031567305 +0100 @@ -131,7 +131,15 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKE pmeth = ENGINE_get_pkey_meth(e, id); else @@ -1500,9 +1498,9 @@ diff -up openssl-1.1.1d/crypto/evp/pmeth_lib.c.fips openssl-1.1.1d/crypto/evp/pm if (pmeth == NULL) { #ifndef OPENSSL_NO_ENGINE -diff -up openssl-1.1.1d/crypto/fips/build.info.fips openssl-1.1.1d/crypto/fips/build.info ---- openssl-1.1.1d/crypto/fips/build.info.fips 2019-09-13 15:13:11.052525116 +0200 -+++ openssl-1.1.1d/crypto/fips/build.info 2019-09-13 15:13:11.052525116 +0200 +diff -up openssl-1.1.1e/crypto/fips/build.info.fips openssl-1.1.1e/crypto/fips/build.info +--- openssl-1.1.1e/crypto/fips/build.info.fips 2020-03-17 17:30:52.032567287 +0100 ++++ openssl-1.1.1e/crypto/fips/build.info 2020-03-17 17:30:52.032567287 +0100 @@ -0,0 +1,15 @@ +LIBS=../../libcrypto +SOURCE[../../libcrypto]=\ @@ -1519,9 +1517,9 @@ diff -up openssl-1.1.1d/crypto/fips/build.info.fips openssl-1.1.1d/crypto/fips/b +SOURCE[fips_standalone_hmac]=fips_standalone_hmac.c +INCLUDE[fips_standalone_hmac]=../../include +DEPEND[fips_standalone_hmac]=../../libcrypto -diff -up openssl-1.1.1d/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_aes_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_aes_selftest.c.fips 2019-09-13 15:13:11.053525098 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_aes_selftest.c 2019-09-13 15:13:11.053525098 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_aes_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_aes_selftest.c.fips 2020-03-17 17:30:52.033567270 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_aes_selftest.c 2020-03-17 17:30:52.033567270 +0100 @@ -0,0 +1,372 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -1576,7 +1574,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1d/cryp +#include +#ifdef OPENSSL_FIPS +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" +#endif + +#ifdef OPENSSL_FIPS @@ -1895,9 +1893,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1d/cryp +} + +#endif -diff -up openssl-1.1.1d/crypto/fips/fips.c.fips openssl-1.1.1d/crypto/fips/fips.c ---- openssl-1.1.1d/crypto/fips/fips.c.fips 2019-09-13 15:13:11.053525098 +0200 -+++ openssl-1.1.1d/crypto/fips/fips.c 2019-09-13 15:13:11.053525098 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips.c.fips openssl-1.1.1e/crypto/fips/fips.c +--- openssl-1.1.1e/crypto/fips/fips.c.fips 2020-03-17 17:30:52.033567270 +0100 ++++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-17 17:30:52.033567270 +0100 @@ -0,0 +1,526 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -2425,9 +2423,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips.c.fips openssl-1.1.1d/crypto/fips/fips. +} + +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_cmac_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_cmac_selftest.c.fips 2019-09-13 15:13:11.053525098 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_cmac_selftest.c 2019-09-13 15:13:11.053525098 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c.fips 2020-03-17 17:30:52.034567253 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c 2020-03-17 17:30:52.033567270 +0100 @@ -0,0 +1,156 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -2481,7 +2479,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1d/cry +#include +#include +#include -+#include "internal/fips_int.h" ++#include "crypto/fips.h" +#include +#include "fips_locl.h" + @@ -2585,9 +2583,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1d/cry + return rv; +} +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_des_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_des_selftest.c.fips 2019-09-13 15:13:11.053525098 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_des_selftest.c 2019-09-13 15:13:11.053525098 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_des_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_des_selftest.c.fips 2020-03-17 17:30:52.034567253 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_des_selftest.c 2020-03-17 17:30:52.034567253 +0100 @@ -0,0 +1,133 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -2642,7 +2640,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1d/cryp +#include +#ifdef OPENSSL_FIPS +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" +#endif +#include + @@ -2722,9 +2720,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1d/cryp + return ret; +} +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_dh_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_dh_selftest.c.fips 2019-09-13 15:13:11.055525063 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_dh_selftest.c 2019-09-13 15:13:11.055525063 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_dh_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_dh_selftest.c.fips 2020-03-17 17:30:52.038567183 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_dh_selftest.c 2020-03-17 17:30:52.038567183 +0100 @@ -0,0 +1,180 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -2906,9 +2904,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1d/crypt + return ret; +} +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.1d/crypto/fips/fips_drbg_ctr.c ---- openssl-1.1.1d/crypto/fips/fips_drbg_ctr.c.fips 2019-09-13 15:13:11.055525063 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_ctr.c 2019-09-13 15:13:11.055525063 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c.fips 2020-03-17 17:30:52.040567148 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c 2020-03-17 17:30:52.039567165 +0100 @@ -0,0 +1,406 @@ +/* fips/rand/fips_drbg_ctr.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -3316,9 +3314,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.1d/crypto/f + + return 1; +} -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1d/crypto/fips/fips_drbg_hash.c ---- openssl-1.1.1d/crypto/fips/fips_drbg_hash.c.fips 2019-09-13 15:13:11.056525046 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_hash.c 2019-09-13 15:13:11.056525046 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_hash.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_hash.c.fips 2020-03-17 17:30:52.041567130 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_hash.c 2020-03-17 17:30:52.040567148 +0100 @@ -0,0 +1,354 @@ +/* fips/rand/fips_drbg_hash.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -3379,7 +3377,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1d/crypto/ +#include +#include +#include -+#include "internal/fips_int.h" ++#include "crypto/fips.h" +#include +#include "fips_rand_lcl.h" + @@ -3674,9 +3672,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1d/crypto/ + + return 1; +} -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.1d/crypto/fips/fips_drbg_hmac.c ---- openssl-1.1.1d/crypto/fips/fips_drbg_hmac.c.fips 2019-09-13 15:13:11.056525046 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_hmac.c 2019-09-13 15:13:11.056525046 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c.fips 2020-03-17 17:30:52.042567113 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c 2020-03-17 17:30:52.042567113 +0100 @@ -0,0 +1,262 @@ +/* fips/rand/fips_drbg_hmac.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -3940,9 +3938,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.1d/crypto/ + + return 1; +} -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1d/crypto/fips/fips_drbg_lib.c ---- openssl-1.1.1d/crypto/fips/fips_drbg_lib.c.fips 2019-09-13 15:13:11.056525046 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_lib.c 2019-09-13 15:13:11.056525046 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_lib.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_lib.c.fips 2020-03-17 17:30:52.043567095 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_lib.c 2020-03-17 17:30:52.043567095 +0100 @@ -0,0 +1,528 @@ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project. @@ -4000,7 +3998,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1d/crypto/f +#include +#include +#include -+#include "internal/fips_int.h" ++#include "crypto/fips.h" +#include +#include "fips_locl.h" +#include "fips_rand_lcl.h" @@ -4472,9 +4470,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1d/crypto/f +{ + /* Just backwards compatibility API call with no effect. */ +} -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.1d/crypto/fips/fips_drbg_rand.c ---- openssl-1.1.1d/crypto/fips/fips_drbg_rand.c.fips 2019-09-13 15:13:11.056525046 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_rand.c 2019-09-13 15:13:11.056525046 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_rand.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_rand.c.fips 2020-03-17 17:30:52.044567078 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_rand.c 2020-03-17 17:30:52.044567078 +0100 @@ -0,0 +1,185 @@ +/* fips/rand/fips_drbg_rand.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -4661,9 +4659,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.1d/crypto/ +{ + return &rand_drbg_meth; +} -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c.fips 2019-09-13 15:13:11.057525028 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c 2019-09-13 15:13:11.057525028 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c.fips 2020-03-17 17:30:52.044567078 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c 2020-03-17 17:30:52.044567078 +0100 @@ -0,0 +1,828 @@ +/* fips/rand/fips_drbg_selftest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -5493,9 +5491,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.1d/cry + FIPS_drbg_free(dctx); + return rv; +} -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.1d/crypto/fips/fips_drbg_selftest.h ---- openssl-1.1.1d/crypto/fips/fips_drbg_selftest.h.fips 2019-09-13 15:13:11.057525028 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_selftest.h 2019-09-13 15:13:11.057525028 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h +--- openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h.fips 2020-03-17 17:30:52.045567061 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h 2020-03-17 17:30:52.045567061 +0100 @@ -0,0 +1,1791 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -7288,9 +7286,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.1d/cry + 0xef, 0x05, 0x9e, 0xb8, 0xc7, 0x52, 0xe4, 0x0e, 0x42, 0xaa, 0x7c, 0x79, + 0xc2, 0xd6, 0xfd, 0xa5 +}; -diff -up openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c.fips 2019-09-13 15:13:11.057525028 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c 2019-09-13 15:13:11.057525028 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c 2020-03-17 17:30:52.046567043 +0100 @@ -0,0 +1,195 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -7345,7 +7343,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1d/cryp +#include +#include +#include -+#include "internal/fips_int.h" ++#include "crypto/fips.h" +#include +#include +#include @@ -7487,9 +7485,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1d/cryp + return ret; +} +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c.fips 2019-09-13 15:13:11.058525011 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c 2019-09-13 15:13:11.058525011 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c 2020-03-17 17:30:52.046567043 +0100 @@ -0,0 +1,242 @@ +/* fips/ecdh/fips_ecdh_selftest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -7644,24 +7642,24 @@ diff -up openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1d/cry + d = BN_bin2bn(ecd->d1, ecd->d1len, d); + + if (!x || !y || !d || !ztmp) { -+ rv = -1; ++ rv = 0; + goto err; + } + + ec1 = EC_KEY_new_by_curve_name(ecd->curve); + if (!ec1) { -+ rv = -1; ++ rv = 0; + goto err; + } + EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH); + + if (!EC_KEY_set_public_key_affine_coordinates(ec1, x, y)) { -+ rv = -1; ++ rv = 0; + goto err; + } + + if (!EC_KEY_set_private_key(ec1, d)) { -+ rv = -1; ++ rv = 0; + goto err; + } + @@ -7669,30 +7667,30 @@ diff -up openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1d/cry + y = BN_bin2bn(ecd->y2, ecd->y2len, y); + + if (!x || !y) { -+ rv = -1; ++ rv = 0; + goto err; + } + + ec2 = EC_KEY_new_by_curve_name(ecd->curve); + if (!ec2) { -+ rv = -1; ++ rv = 0; + goto err; + } + EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH); + + if (!EC_KEY_set_public_key_affine_coordinates(ec2, x, y)) { -+ rv = -1; ++ rv = 0; + goto err; + } + + ecp = EC_KEY_get0_public_key(ec2); + if (!ecp) { -+ rv = -1; ++ rv = 0; + goto err; + } + + if (!ECDH_compute_key(ztmp, ecd->zlen, ecp, ec1, 0)) { -+ rv = -1; ++ rv = 0; + goto err; + } + @@ -7733,9 +7731,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1d/cry +} + +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_ecdsa_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_ecdsa_selftest.c.fips 2019-09-13 15:13:11.058525011 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_ecdsa_selftest.c 2019-09-13 15:13:11.058525011 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c 2020-03-17 17:30:52.046567043 +0100 @@ -0,0 +1,166 @@ +/* fips/ecdsa/fips_ecdsa_selftest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -7798,7 +7796,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1d/cr +#include +#include +#include -+#include "internal/fips_int.h" ++#include "crypto/fips.h" +#include +#include +#include @@ -7903,9 +7901,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1d/cr +} + +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_err.h.fips openssl-1.1.1d/crypto/fips/fips_err.h ---- openssl-1.1.1d/crypto/fips/fips_err.h.fips 2019-09-13 15:13:11.058525011 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_err.h 2019-09-13 15:13:11.058525011 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_err.h.fips openssl-1.1.1e/crypto/fips/fips_err.h +--- openssl-1.1.1e/crypto/fips/fips_err.h.fips 2020-03-17 17:30:52.047567026 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_err.h 2020-03-17 17:30:52.047567026 +0100 @@ -0,0 +1,197 @@ +/* crypto/fips_err.h */ +/* ==================================================================== @@ -8104,9 +8102,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_err.h.fips openssl-1.1.1d/crypto/fips/f +#endif + return 1; +} -diff -up openssl-1.1.1d/crypto/fips/fips_ers.c.fips openssl-1.1.1d/crypto/fips/fips_ers.c ---- openssl-1.1.1d/crypto/fips/fips_ers.c.fips 2019-09-13 15:13:11.058525011 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_ers.c 2019-09-13 15:13:11.058525011 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_ers.c.fips openssl-1.1.1e/crypto/fips/fips_ers.c +--- openssl-1.1.1e/crypto/fips/fips_ers.c.fips 2020-03-17 17:30:52.047567026 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_ers.c 2020-03-17 17:30:52.047567026 +0100 @@ -0,0 +1,7 @@ +#include + @@ -8115,9 +8113,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_ers.c.fips openssl-1.1.1d/crypto/fips/f +#else +static void *dummy = &dummy; +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_hmac_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_hmac_selftest.c.fips 2019-09-13 15:13:11.059524993 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_hmac_selftest.c 2019-09-13 15:13:11.059524993 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c.fips 2020-03-17 17:30:52.047567026 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c 2020-03-17 17:30:52.047567026 +0100 @@ -0,0 +1,134 @@ +/* ==================================================================== + * Copyright (c) 2005 The OpenSSL Project. All rights reserved. @@ -8253,9 +8251,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.1d/cry + return 1; +} +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_locl.h.fips openssl-1.1.1d/crypto/fips/fips_locl.h ---- openssl-1.1.1d/crypto/fips/fips_locl.h.fips 2019-09-13 15:13:11.059524993 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_locl.h 2019-09-13 15:13:11.059524993 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_locl.h.fips openssl-1.1.1e/crypto/fips/fips_locl.h +--- openssl-1.1.1e/crypto/fips/fips_locl.h.fips 2020-03-17 17:30:52.048567008 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_locl.h 2020-03-17 17:30:52.048567008 +0100 @@ -0,0 +1,71 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -8328,9 +8326,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_locl.h.fips openssl-1.1.1d/crypto/fips/ +} +# endif +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_post.c.fips openssl-1.1.1d/crypto/fips/fips_post.c ---- openssl-1.1.1d/crypto/fips/fips_post.c.fips 2019-09-13 15:13:11.059524993 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_post.c 2019-09-13 15:13:11.059524993 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_post.c.fips openssl-1.1.1e/crypto/fips/fips_post.c +--- openssl-1.1.1e/crypto/fips/fips_post.c.fips 2020-03-17 17:30:52.048567008 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_post.c 2020-03-17 17:30:52.048567008 +0100 @@ -0,0 +1,224 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -8400,7 +8398,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_post.c.fips openssl-1.1.1d/crypto/fips/ +/* Power on self test (POST) support functions */ + +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" +# include "fips_locl.h" + +/* Run all selftests */ @@ -8556,9 +8554,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_post.c.fips openssl-1.1.1d/crypto/fips/ + return 1; +} +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.1d/crypto/fips/fips_rand_lcl.h ---- openssl-1.1.1d/crypto/fips/fips_rand_lcl.h.fips 2019-09-13 15:13:11.060524976 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_rand_lcl.h 2019-09-13 15:13:11.060524976 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.1e/crypto/fips/fips_rand_lcl.h +--- openssl-1.1.1e/crypto/fips/fips_rand_lcl.h.fips 2020-03-17 17:30:52.048567008 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_rand_lcl.h 2020-03-17 17:30:52.048567008 +0100 @@ -0,0 +1,203 @@ +/* fips/rand/fips_rand_lcl.h */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -8763,9 +8761,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.1d/crypto/f +#define FIPS_digestupdate EVP_DigestUpdate +#define FIPS_digestfinal EVP_DigestFinal +#define M_EVP_MD_size EVP_MD_size -diff -up openssl-1.1.1d/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1d/crypto/fips/fips_rand_lib.c ---- openssl-1.1.1d/crypto/fips/fips_rand_lib.c.fips 2019-09-13 15:13:11.060524976 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_rand_lib.c 2019-09-13 15:13:11.060524976 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1e/crypto/fips/fips_rand_lib.c +--- openssl-1.1.1e/crypto/fips/fips_rand_lib.c.fips 2020-03-17 17:30:52.049566991 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_rand_lib.c 2020-03-17 17:30:52.049566991 +0100 @@ -0,0 +1,234 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -8827,7 +8825,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1d/crypto/f +#include +#include +#include -+#include "internal/fips_int.h" ++#include "crypto/fips.h" +#include +#include "e_os.h" + @@ -9001,9 +8999,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1d/crypto/f +# endif +} + -diff -up openssl-1.1.1d/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_rsa_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_rsa_selftest.c.fips 2019-09-13 15:13:11.060524976 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_rsa_selftest.c 2019-09-13 15:13:11.060524976 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c.fips 2020-03-17 17:30:52.049566991 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c 2020-03-17 17:30:52.049566991 +0100 @@ -0,0 +1,338 @@ +/* ==================================================================== + * Copyright (c) 2003-2007 The OpenSSL Project. All rights reserved. @@ -9058,7 +9056,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1d/cryp +#include +#ifdef OPENSSL_FIPS +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" +#endif +#include +#include @@ -9343,9 +9341,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1d/cryp +} + +#endif /* def OPENSSL_FIPS */ -diff -up openssl-1.1.1d/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_sha_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_sha_selftest.c.fips 2019-09-13 15:13:11.060524976 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_sha_selftest.c 2019-09-13 15:13:11.060524976 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_sha_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_sha_selftest.c.fips 2020-03-17 17:30:52.050566973 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_sha_selftest.c 2020-03-17 17:30:52.050566973 +0100 @@ -0,0 +1,223 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -9570,9 +9568,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.1d/cryp +} + +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.1d/crypto/fips/fips_standalone_hmac.c ---- openssl-1.1.1d/crypto/fips/fips_standalone_hmac.c.fips 2019-09-13 15:13:11.061524958 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_standalone_hmac.c 2019-09-13 15:13:11.061524958 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c +--- openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c.fips 2020-03-17 17:30:52.050566973 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c 2020-03-17 17:30:52.050566973 +0100 @@ -0,0 +1,127 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -9701,10 +9699,10 @@ diff -up openssl-1.1.1d/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.1d/c +#endif + return 0; +} -diff -up openssl-1.1.1d/crypto/hmac/hmac.c.fips openssl-1.1.1d/crypto/hmac/hmac.c ---- openssl-1.1.1d/crypto/hmac/hmac.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/hmac/hmac.c 2019-09-13 15:13:11.061524958 +0200 -@@ -43,6 +43,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo +diff -up openssl-1.1.1e/crypto/hmac/hmac.c.fips openssl-1.1.1e/crypto/hmac/hmac.c +--- openssl-1.1.1e/crypto/hmac/hmac.c.fips 2020-03-17 17:30:52.050566973 +0100 ++++ openssl-1.1.1e/crypto/hmac/hmac.c 2020-03-17 17:38:16.969802663 +0100 +@@ -44,6 +44,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo return 0; if (key != NULL) { @@ -9716,11 +9714,11 @@ diff -up openssl-1.1.1d/crypto/hmac/hmac.c.fips openssl-1.1.1d/crypto/hmac/hmac. + goto err; +#endif reset = 1; + j = EVP_MD_block_size(md); - if (!ossl_assert(j <= (int)sizeof(ctx->key))) -diff -up openssl-1.1.1d/crypto/hmac/hm_pmeth.c.fips openssl-1.1.1d/crypto/hmac/hm_pmeth.c ---- openssl-1.1.1d/crypto/hmac/hm_pmeth.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/hmac/hm_pmeth.c 2019-09-13 15:13:11.061524958 +0200 +diff -up openssl-1.1.1e/crypto/hmac/hm_pmeth.c.fips openssl-1.1.1e/crypto/hmac/hm_pmeth.c +--- openssl-1.1.1e/crypto/hmac/hm_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/hmac/hm_pmeth.c 2020-03-17 17:30:52.051566956 +0100 @@ -180,7 +180,7 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_C const EVP_PKEY_METHOD hmac_pkey_meth = { @@ -9730,9 +9728,9 @@ diff -up openssl-1.1.1d/crypto/hmac/hm_pmeth.c.fips openssl-1.1.1d/crypto/hmac/h pkey_hmac_init, pkey_hmac_copy, pkey_hmac_cleanup, -diff -up openssl-1.1.1d/crypto/include/internal/fips_int.h.fips openssl-1.1.1d/crypto/include/internal/fips_int.h ---- openssl-1.1.1d/crypto/include/internal/fips_int.h.fips 2019-09-13 15:13:11.061524958 +0200 -+++ openssl-1.1.1d/crypto/include/internal/fips_int.h 2019-09-13 15:13:11.061524958 +0200 +diff -up openssl-1.1.1e/include/crypto/fips.h.fips openssl-1.1.1e/include/crypto/fips.h +--- openssl-1.1.1e/include/crypto/fips.h.fips 2020-03-17 17:30:52.051566956 +0100 ++++ openssl-1.1.1e/include/crypto/fips.h 2020-03-17 17:30:52.051566956 +0100 @@ -0,0 +1,98 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -9832,14 +9830,14 @@ diff -up openssl-1.1.1d/crypto/include/internal/fips_int.h.fips openssl-1.1.1d/c +void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr); + +#endif -diff -up openssl-1.1.1d/crypto/o_fips.c.fips openssl-1.1.1d/crypto/o_fips.c ---- openssl-1.1.1d/crypto/o_fips.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/o_fips.c 2019-09-13 15:13:11.061524958 +0200 +diff -up openssl-1.1.1e/crypto/o_fips.c.fips openssl-1.1.1e/crypto/o_fips.c +--- openssl-1.1.1e/crypto/o_fips.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/o_fips.c 2020-03-17 17:30:52.052566939 +0100 @@ -8,17 +8,28 @@ */ #include "internal/cryptlib.h" -+#include "internal/fips_int.h" ++#include "crypto/fips.h" int FIPS_mode(void) { @@ -9864,9 +9862,9 @@ diff -up openssl-1.1.1d/crypto/o_fips.c.fips openssl-1.1.1d/crypto/o_fips.c return 0; +#endif } -diff -up openssl-1.1.1d/crypto/o_init.c.fips openssl-1.1.1d/crypto/o_init.c ---- openssl-1.1.1d/crypto/o_init.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/o_init.c 2019-09-13 15:13:11.062524941 +0200 +diff -up openssl-1.1.1e/crypto/o_init.c.fips openssl-1.1.1e/crypto/o_init.c +--- openssl-1.1.1e/crypto/o_init.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/o_init.c 2020-03-17 17:30:52.052566939 +0100 @@ -7,8 +7,68 @@ * https://www.openssl.org/source/license.html */ @@ -9884,7 +9882,7 @@ diff -up openssl-1.1.1d/crypto/o_init.c.fips openssl-1.1.1d/crypto/o_init.c +# include +# include +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" + +# define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled" + @@ -9936,12 +9934,12 @@ diff -up openssl-1.1.1d/crypto/o_init.c.fips openssl-1.1.1d/crypto/o_init.c /* * Perform any essential OpenSSL initialization operations. Currently does -diff -up openssl-1.1.1d/crypto/rand/rand_lib.c.fips openssl-1.1.1d/crypto/rand/rand_lib.c ---- openssl-1.1.1d/crypto/rand/rand_lib.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rand/rand_lib.c 2019-09-13 15:13:11.062524941 +0200 +diff -up openssl-1.1.1e/crypto/rand/rand_lib.c.fips openssl-1.1.1e/crypto/rand/rand_lib.c +--- openssl-1.1.1e/crypto/rand/rand_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rand/rand_lib.c 2020-03-17 17:35:56.471259207 +0100 @@ -16,6 +16,10 @@ #include "internal/thread_once.h" - #include "rand_lcl.h" + #include "rand_local.h" #include "e_os.h" +#ifdef OPENSSL_FIPS +# include @@ -9950,7 +9948,7 @@ diff -up openssl-1.1.1d/crypto/rand/rand_lib.c.fips openssl-1.1.1d/crypto/rand/r #ifndef OPENSSL_NO_ENGINE /* non-NULL if default_RAND_meth is ENGINE-provided */ -@@ -959,3 +963,15 @@ int RAND_status(void) +@@ -961,3 +965,15 @@ int RAND_status(void) return meth->status(); return 0; } @@ -9966,9 +9964,9 @@ diff -up openssl-1.1.1d/crypto/rand/rand_lib.c.fips openssl-1.1.1d/crypto/rand/r + return 1; +} +#endif -diff -up openssl-1.1.1d/crypto/rsa/rsa_crpt.c.fips openssl-1.1.1d/crypto/rsa/rsa_crpt.c ---- openssl-1.1.1d/crypto/rsa/rsa_crpt.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_crpt.c 2019-09-13 15:13:11.062524941 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_crpt.c.fips openssl-1.1.1e/crypto/rsa/rsa_crpt.c +--- openssl-1.1.1e/crypto/rsa/rsa_crpt.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_crpt.c 2020-03-17 17:30:52.055566886 +0100 @@ -27,24 +27,52 @@ int RSA_size(const RSA *r) int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) @@ -10022,9 +10020,9 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_crpt.c.fips openssl-1.1.1d/crypto/rsa/rsa return rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding); } -diff -up openssl-1.1.1d/crypto/rsa/rsa_err.c.fips openssl-1.1.1d/crypto/rsa/rsa_err.c ---- openssl-1.1.1d/crypto/rsa/rsa_err.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_err.c 2019-09-13 15:13:11.062524941 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_err.c.fips openssl-1.1.1e/crypto/rsa/rsa_err.c +--- openssl-1.1.1e/crypto/rsa/rsa_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_err.c 2020-03-17 17:30:52.055566886 +0100 @@ -16,6 +16,8 @@ static const ERR_STRING_DATA RSA_str_functs[] = { {ERR_PACK(ERR_LIB_RSA, RSA_F_CHECK_PADDING_MD, 0), "check_padding_md"}, @@ -10093,16 +10091,16 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_err.c.fips openssl-1.1.1d/crypto/rsa/rsa_ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_SIGNATURE_TYPE), "unsupported signature type"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_VALUE_MISSING), "value missing"}, -diff -up openssl-1.1.1d/crypto/rsa/rsa_gen.c.fips openssl-1.1.1d/crypto/rsa/rsa_gen.c ---- openssl-1.1.1d/crypto/rsa/rsa_gen.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_gen.c 2019-09-13 15:13:11.063524923 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_gen.c.fips openssl-1.1.1e/crypto/rsa/rsa_gen.c +--- openssl-1.1.1e/crypto/rsa/rsa_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_gen.c 2020-03-17 17:33:55.560367363 +0100 @@ -18,6 +18,76 @@ #include "internal/cryptlib.h" #include - #include "rsa_locl.h" + #include "rsa_local.h" +#ifdef OPENSSL_FIPS +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" + +int fips_check_rsa(RSA *rsa) +{ @@ -10488,9 +10486,9 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_gen.c.fips openssl-1.1.1d/crypto/rsa/rsa_ static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value, BN_GENCB *cb) { -diff -up openssl-1.1.1d/crypto/rsa/rsa_lib.c.fips openssl-1.1.1d/crypto/rsa/rsa_lib.c ---- openssl-1.1.1d/crypto/rsa/rsa_lib.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_lib.c 2019-09-13 15:13:11.063524923 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_lib.c.fips openssl-1.1.1e/crypto/rsa/rsa_lib.c +--- openssl-1.1.1e/crypto/rsa/rsa_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_lib.c 2020-03-17 17:30:52.056566869 +0100 @@ -34,6 +34,12 @@ int RSA_set_method(RSA *rsa, const RSA_M * to deal with which ENGINE it comes from. */ @@ -10533,12 +10531,12 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_lib.c.fips openssl-1.1.1d/crypto/rsa/rsa_ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) { goto err; } -diff -up openssl-1.1.1d/crypto/rsa/rsa_ossl.c.fips openssl-1.1.1d/crypto/rsa/rsa_ossl.c ---- openssl-1.1.1d/crypto/rsa/rsa_ossl.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_ossl.c 2019-09-13 15:13:11.063524923 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_ossl.c.fips openssl-1.1.1e/crypto/rsa/rsa_ossl.c +--- openssl-1.1.1e/crypto/rsa/rsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_ossl.c 2020-03-17 17:34:32.289726964 +0100 @@ -12,6 +12,10 @@ - #include "rsa_locl.h" - #include "internal/constant_time_locl.h" + #include "rsa_local.h" + #include "internal/constant_time.h" +#ifdef OPENSSL_FIPS +# include @@ -10652,9 +10650,9 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_ossl.c.fips openssl-1.1.1d/crypto/rsa/rsa if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { RSAerr(RSA_F_RSA_OSSL_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE); return -1; -diff -up openssl-1.1.1d/crypto/rsa/rsa_pmeth.c.fips openssl-1.1.1d/crypto/rsa/rsa_pmeth.c ---- openssl-1.1.1d/crypto/rsa/rsa_pmeth.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_pmeth.c 2019-09-13 15:13:11.063524923 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_pmeth.c.fips openssl-1.1.1e/crypto/rsa/rsa_pmeth.c +--- openssl-1.1.1e/crypto/rsa/rsa_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_pmeth.c 2020-03-17 17:30:52.056566869 +0100 @@ -756,7 +756,7 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX const EVP_PKEY_METHOD rsa_pkey_meth = { @@ -10673,9 +10671,9 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_pmeth.c.fips openssl-1.1.1d/crypto/rsa/rs pkey_rsa_init, pkey_rsa_copy, pkey_rsa_cleanup, -diff -up openssl-1.1.1d/crypto/rsa/rsa_sign.c.fips openssl-1.1.1d/crypto/rsa/rsa_sign.c ---- openssl-1.1.1d/crypto/rsa/rsa_sign.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_sign.c 2019-09-13 15:13:11.064524906 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_sign.c.fips openssl-1.1.1e/crypto/rsa/rsa_sign.c +--- openssl-1.1.1e/crypto/rsa/rsa_sign.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_sign.c 2020-03-17 17:30:52.057566851 +0100 @@ -73,6 +73,13 @@ int RSA_sign(int type, const unsigned ch unsigned char *tmps = NULL; const unsigned char *encoded = NULL; @@ -10702,9 +10700,9 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_sign.c.fips openssl-1.1.1d/crypto/rsa/rsa if (encrypt_len <= 0) goto err; -diff -up openssl-1.1.1d/crypto/sha/sha256.c.fips openssl-1.1.1d/crypto/sha/sha256.c ---- openssl-1.1.1d/crypto/sha/sha256.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/sha/sha256.c 2019-09-13 15:13:11.064524906 +0200 +diff -up openssl-1.1.1e/crypto/sha/sha256.c.fips openssl-1.1.1e/crypto/sha/sha256.c +--- openssl-1.1.1e/crypto/sha/sha256.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/sha/sha256.c 2020-03-17 17:30:52.057566851 +0100 @@ -18,6 +18,9 @@ int SHA224_Init(SHA256_CTX *c) @@ -10725,9 +10723,9 @@ diff -up openssl-1.1.1d/crypto/sha/sha256.c.fips openssl-1.1.1d/crypto/sha/sha25 memset(c, 0, sizeof(*c)); c->h[0] = 0x6a09e667UL; c->h[1] = 0xbb67ae85UL; -diff -up openssl-1.1.1d/crypto/sha/sha512.c.fips openssl-1.1.1d/crypto/sha/sha512.c ---- openssl-1.1.1d/crypto/sha/sha512.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/sha/sha512.c 2019-09-13 15:13:11.064524906 +0200 +diff -up openssl-1.1.1e/crypto/sha/sha512.c.fips openssl-1.1.1e/crypto/sha/sha512.c +--- openssl-1.1.1e/crypto/sha/sha512.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/sha/sha512.c 2020-03-17 17:30:52.057566851 +0100 @@ -98,6 +98,9 @@ int sha512_256_init(SHA512_CTX *c) int SHA384_Init(SHA512_CTX *c) @@ -10748,9 +10746,9 @@ diff -up openssl-1.1.1d/crypto/sha/sha512.c.fips openssl-1.1.1d/crypto/sha/sha51 c->h[0] = U64(0x6a09e667f3bcc908); c->h[1] = U64(0xbb67ae8584caa73b); c->h[2] = U64(0x3c6ef372fe94f82b); -diff -up openssl-1.1.1d/crypto/sha/sha_locl.h.fips openssl-1.1.1d/crypto/sha/sha_locl.h ---- openssl-1.1.1d/crypto/sha/sha_locl.h.fips 2019-09-13 15:13:10.837528873 +0200 -+++ openssl-1.1.1d/crypto/sha/sha_locl.h 2019-09-13 15:13:11.064524906 +0200 +diff -up openssl-1.1.1e/crypto/sha/sha_local.h.fips openssl-1.1.1e/crypto/sha/sha_local.h +--- openssl-1.1.1e/crypto/sha/sha_local.h.fips 2020-03-17 17:30:51.766571925 +0100 ++++ openssl-1.1.1e/crypto/sha/sha_local.h 2020-03-17 17:31:00.996410998 +0100 @@ -52,6 +52,9 @@ void sha1_block_data_order(SHA_CTX *c, c int HASH_INIT(SHA_CTX *c) @@ -10761,9 +10759,9 @@ diff -up openssl-1.1.1d/crypto/sha/sha_locl.h.fips openssl-1.1.1d/crypto/sha/sha memset(c, 0, sizeof(*c)); c->h0 = INIT_DATA_h0; c->h1 = INIT_DATA_h1; -diff -up openssl-1.1.1d/doc/man3/DSA_generate_parameters.pod.fips openssl-1.1.1d/doc/man3/DSA_generate_parameters.pod ---- openssl-1.1.1d/doc/man3/DSA_generate_parameters.pod.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/doc/man3/DSA_generate_parameters.pod 2019-09-13 15:13:11.064524906 +0200 +diff -up openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod.fips openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod +--- openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod 2020-03-17 17:31:00.996410998 +0100 @@ -30,8 +30,10 @@ B is the length of the prime p to For lengths under 2048 bits, the length of q is 160 bits; for lengths greater than or equal to 2048 bits, the length of q is set to 256 bits. @@ -10777,9 +10775,9 @@ diff -up openssl-1.1.1d/doc/man3/DSA_generate_parameters.pod.fips openssl-1.1.1d DSA_generate_parameters_ex() places the iteration count in *B and a counter used for finding a generator in -diff -up openssl-1.1.1d/include/openssl/crypto.h.fips openssl-1.1.1d/include/openssl/crypto.h ---- openssl-1.1.1d/include/openssl/crypto.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/crypto.h 2019-09-13 15:13:11.065524888 +0200 +diff -up openssl-1.1.1e/include/openssl/crypto.h.fips openssl-1.1.1e/include/openssl/crypto.h +--- openssl-1.1.1e/include/openssl/crypto.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/crypto.h 2020-03-17 17:31:00.997410980 +0100 @@ -331,6 +331,11 @@ int OPENSSL_isservice(void); int FIPS_mode(void); int FIPS_mode_set(int r); @@ -10792,9 +10790,9 @@ diff -up openssl-1.1.1d/include/openssl/crypto.h.fips openssl-1.1.1d/include/ope void OPENSSL_init(void); # ifdef OPENSSL_SYS_UNIX void OPENSSL_fork_prepare(void); -diff -up openssl-1.1.1d/include/openssl/dherr.h.fips openssl-1.1.1d/include/openssl/dherr.h ---- openssl-1.1.1d/include/openssl/dherr.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/dherr.h 2019-09-13 15:13:11.065524888 +0200 +diff -up openssl-1.1.1e/include/openssl/dherr.h.fips openssl-1.1.1e/include/openssl/dherr.h +--- openssl-1.1.1e/include/openssl/dherr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dherr.h 2020-03-17 17:31:00.998410963 +0100 @@ -36,6 +36,9 @@ int ERR_load_DH_strings(void); # define DH_F_DH_CMS_DECRYPT 114 # define DH_F_DH_CMS_SET_PEERKEY 115 @@ -10820,9 +10818,9 @@ diff -up openssl-1.1.1d/include/openssl/dherr.h.fips openssl-1.1.1d/include/open # define DH_R_PARAMETER_ENCODING_ERROR 105 # define DH_R_PEER_KEY_ERROR 111 # define DH_R_SHARED_INFO_ERROR 113 -diff -up openssl-1.1.1d/include/openssl/dh.h.fips openssl-1.1.1d/include/openssl/dh.h ---- openssl-1.1.1d/include/openssl/dh.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/dh.h 2019-09-13 15:13:11.065524888 +0200 +diff -up openssl-1.1.1e/include/openssl/dh.h.fips openssl-1.1.1e/include/openssl/dh.h +--- openssl-1.1.1e/include/openssl/dh.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dh.h 2020-03-17 17:31:00.998410963 +0100 @@ -31,6 +31,7 @@ extern "C" { # endif @@ -10831,9 +10829,9 @@ diff -up openssl-1.1.1d/include/openssl/dh.h.fips openssl-1.1.1d/include/openssl # define DH_FLAG_CACHE_MONT_P 0x01 -diff -up openssl-1.1.1d/include/openssl/dsaerr.h.fips openssl-1.1.1d/include/openssl/dsaerr.h ---- openssl-1.1.1d/include/openssl/dsaerr.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/dsaerr.h 2019-09-13 15:16:32.263008157 +0200 +diff -up openssl-1.1.1e/include/openssl/dsaerr.h.fips openssl-1.1.1e/include/openssl/dsaerr.h +--- openssl-1.1.1e/include/openssl/dsaerr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dsaerr.h 2020-03-17 17:31:00.999410945 +0100 @@ -29,8 +29,11 @@ int ERR_load_DSA_strings(void); */ # define DSA_F_DSAPARAMS_PRINT 100 @@ -10860,9 +10858,9 @@ diff -up openssl-1.1.1d/include/openssl/dsaerr.h.fips openssl-1.1.1d/include/ope # define DSA_R_PARAMETER_ENCODING_ERROR 105 # define DSA_R_Q_NOT_PRIME 113 # define DSA_R_SEED_LEN_SMALL 110 -diff -up openssl-1.1.1d/include/openssl/dsa.h.fips openssl-1.1.1d/include/openssl/dsa.h ---- openssl-1.1.1d/include/openssl/dsa.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/dsa.h 2019-09-13 15:13:11.065524888 +0200 +diff -up openssl-1.1.1e/include/openssl/dsa.h.fips openssl-1.1.1e/include/openssl/dsa.h +--- openssl-1.1.1e/include/openssl/dsa.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dsa.h 2020-03-17 17:31:01.000410928 +0100 @@ -31,6 +31,7 @@ extern "C" { # endif @@ -10871,9 +10869,9 @@ diff -up openssl-1.1.1d/include/openssl/dsa.h.fips openssl-1.1.1d/include/openss # define DSA_FLAG_CACHE_MONT_P 0x01 # if OPENSSL_API_COMPAT < 0x10100000L -diff -up openssl-1.1.1d/include/openssl/evperr.h.fips openssl-1.1.1d/include/openssl/evperr.h ---- openssl-1.1.1d/include/openssl/evperr.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/evperr.h 2019-09-13 15:18:17.552167810 +0200 +diff -up openssl-1.1.1e/include/openssl/evperr.h.fips openssl-1.1.1e/include/openssl/evperr.h +--- openssl-1.1.1e/include/openssl/evperr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/evperr.h 2020-03-17 17:31:01.000410928 +0100 @@ -24,14 +24,15 @@ int ERR_load_EVP_strings(void); * EVP function codes. */ @@ -10901,7 +10899,7 @@ diff -up openssl-1.1.1d/include/openssl/evperr.h.fips openssl-1.1.1d/include/ope # define EVP_R_DIFFERENT_KEY_TYPES 101 # define EVP_R_DIFFERENT_PARAMETERS 153 # define EVP_R_ERROR_LOADING_SECTION 165 -@@ -184,6 +186,7 @@ int ERR_load_EVP_strings(void); +@@ -185,6 +187,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 # define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 # define EVP_R_PUBLIC_KEY_NOT_RSA 106 @@ -10909,7 +10907,7 @@ diff -up openssl-1.1.1d/include/openssl/evperr.h.fips openssl-1.1.1d/include/ope # define EVP_R_UNKNOWN_CIPHER 160 # define EVP_R_UNKNOWN_DIGEST 161 # define EVP_R_UNKNOWN_OPTION 169 -@@ -199,6 +202,7 @@ int ERR_load_EVP_strings(void); +@@ -200,6 +203,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_UNSUPPORTED_SALT_TYPE 126 # define EVP_R_WRAP_MODE_NOT_ALLOWED 170 # define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 @@ -10918,9 +10916,9 @@ diff -up openssl-1.1.1d/include/openssl/evperr.h.fips openssl-1.1.1d/include/ope +# define EVP_R_XTS_DUPLICATED_KEYS 192 #endif -diff -up openssl-1.1.1d/include/openssl/evp.h.fips openssl-1.1.1d/include/openssl/evp.h ---- openssl-1.1.1d/include/openssl/evp.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/evp.h 2019-09-13 15:13:11.066524871 +0200 +diff -up openssl-1.1.1e/include/openssl/evp.h.fips openssl-1.1.1e/include/openssl/evp.h +--- openssl-1.1.1e/include/openssl/evp.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/evp.h 2020-03-17 17:31:01.001410911 +0100 @@ -1324,6 +1324,9 @@ void EVP_PKEY_asn1_set_security_bits(EVP */ # define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4 @@ -10931,9 +10929,9 @@ diff -up openssl-1.1.1d/include/openssl/evp.h.fips openssl-1.1.1d/include/openss const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags); void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, -diff -up openssl-1.1.1d/include/openssl/fips.h.fips openssl-1.1.1d/include/openssl/fips.h ---- openssl-1.1.1d/include/openssl/fips.h.fips 2019-09-13 15:13:11.066524871 +0200 -+++ openssl-1.1.1d/include/openssl/fips.h 2019-09-13 15:13:11.066524871 +0200 +diff -up openssl-1.1.1e/include/openssl/fips.h.fips openssl-1.1.1e/include/openssl/fips.h +--- openssl-1.1.1e/include/openssl/fips.h.fips 2020-03-17 17:31:01.002410893 +0100 ++++ openssl-1.1.1e/include/openssl/fips.h 2020-03-17 17:31:01.002410893 +0100 @@ -0,0 +1,187 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -11122,9 +11120,9 @@ diff -up openssl-1.1.1d/include/openssl/fips.h.fips openssl-1.1.1d/include/opens +} +# endif +#endif -diff -up openssl-1.1.1d/include/openssl/fips_rand.h.fips openssl-1.1.1d/include/openssl/fips_rand.h ---- openssl-1.1.1d/include/openssl/fips_rand.h.fips 2019-09-13 15:13:11.066524871 +0200 -+++ openssl-1.1.1d/include/openssl/fips_rand.h 2019-09-13 15:13:11.066524871 +0200 +diff -up openssl-1.1.1e/include/openssl/fips_rand.h.fips openssl-1.1.1e/include/openssl/fips_rand.h +--- openssl-1.1.1e/include/openssl/fips_rand.h.fips 2020-03-17 17:31:01.003410876 +0100 ++++ openssl-1.1.1e/include/openssl/fips_rand.h 2020-03-17 17:31:01.003410876 +0100 @@ -0,0 +1,145 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -11271,9 +11269,9 @@ diff -up openssl-1.1.1d/include/openssl/fips_rand.h.fips openssl-1.1.1d/include/ +# endif +# endif +#endif -diff -up openssl-1.1.1d/include/openssl/opensslconf.h.in.fips openssl-1.1.1d/include/openssl/opensslconf.h.in ---- openssl-1.1.1d/include/openssl/opensslconf.h.in.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/opensslconf.h.in 2019-09-13 15:13:11.067524853 +0200 +diff -up openssl-1.1.1e/include/openssl/opensslconf.h.in.fips openssl-1.1.1e/include/openssl/opensslconf.h.in +--- openssl-1.1.1e/include/openssl/opensslconf.h.in.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/opensslconf.h.in 2020-03-17 17:31:01.003410876 +0100 @@ -150,6 +150,11 @@ extern "C" { #define RC4_INT {- $config{rc4_int} -} @@ -11286,10 +11284,10 @@ diff -up openssl-1.1.1d/include/openssl/opensslconf.h.in.fips openssl-1.1.1d/inc #ifdef __cplusplus } #endif -diff -up openssl-1.1.1d/include/openssl/randerr.h.fips openssl-1.1.1d/include/openssl/randerr.h ---- openssl-1.1.1d/include/openssl/randerr.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/randerr.h 2019-09-13 15:13:11.067524853 +0200 -@@ -37,6 +37,7 @@ int ERR_load_RAND_strings(void); +diff -up openssl-1.1.1e/include/openssl/randerr.h.fips openssl-1.1.1e/include/openssl/randerr.h +--- openssl-1.1.1e/include/openssl/randerr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/randerr.h 2020-03-17 17:31:01.004410858 +0100 +@@ -38,6 +38,7 @@ int ERR_load_RAND_strings(void); # define RAND_F_RAND_DRBG_SET 104 # define RAND_F_RAND_DRBG_SET_DEFAULTS 121 # define RAND_F_RAND_DRBG_UNINSTANTIATE 118 @@ -11297,9 +11295,9 @@ diff -up openssl-1.1.1d/include/openssl/randerr.h.fips openssl-1.1.1d/include/op # define RAND_F_RAND_LOAD_FILE 111 # define RAND_F_RAND_POOL_ACQUIRE_ENTROPY 122 # define RAND_F_RAND_POOL_ADD 103 -diff -up openssl-1.1.1d/include/openssl/rand.h.fips openssl-1.1.1d/include/openssl/rand.h ---- openssl-1.1.1d/include/openssl/rand.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/rand.h 2019-09-13 15:13:11.067524853 +0200 +diff -up openssl-1.1.1e/include/openssl/rand.h.fips openssl-1.1.1e/include/openssl/rand.h +--- openssl-1.1.1e/include/openssl/rand.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/rand.h 2020-03-17 17:31:01.004410858 +0100 @@ -69,6 +69,11 @@ DEPRECATEDIN_1_1_0(void RAND_screen(void DEPRECATEDIN_1_1_0(int RAND_event(UINT, WPARAM, LPARAM)) # endif @@ -11312,9 +11310,9 @@ diff -up openssl-1.1.1d/include/openssl/rand.h.fips openssl-1.1.1d/include/opens #ifdef __cplusplus } -diff -up openssl-1.1.1d/include/openssl/rsaerr.h.fips openssl-1.1.1d/include/openssl/rsaerr.h ---- openssl-1.1.1d/include/openssl/rsaerr.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/rsaerr.h 2019-09-13 15:13:11.067524853 +0200 +diff -up openssl-1.1.1e/include/openssl/rsaerr.h.fips openssl-1.1.1e/include/openssl/rsaerr.h +--- openssl-1.1.1e/include/openssl/rsaerr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/rsaerr.h 2020-03-17 17:31:01.005410841 +0100 @@ -25,6 +25,7 @@ int ERR_load_RSA_strings(void); */ # define RSA_F_CHECK_PADDING_MD 140 @@ -11370,9 +11368,9 @@ diff -up openssl-1.1.1d/include/openssl/rsaerr.h.fips openssl-1.1.1d/include/ope # define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155 # define RSA_R_VALUE_MISSING 147 # define RSA_R_WRONG_SIGNATURE_LENGTH 119 -diff -up openssl-1.1.1d/ssl/s3_lib.c.fips openssl-1.1.1d/ssl/s3_lib.c ---- openssl-1.1.1d/ssl/s3_lib.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/ssl/s3_lib.c 2019-10-03 16:53:51.140362311 +0200 +diff -up openssl-1.1.1e/ssl/s3_lib.c.fips openssl-1.1.1e/ssl/s3_lib.c +--- openssl-1.1.1e/ssl/s3_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/ssl/s3_lib.c 2020-03-17 17:31:01.007410806 +0100 @@ -43,7 +43,7 @@ static SSL_CIPHER tls13_ciphers[] = { SSL_AEAD, TLS1_3_VERSION, TLS1_3_VERSION, @@ -11472,9 +11470,9 @@ diff -up openssl-1.1.1d/ssl/s3_lib.c.fips openssl-1.1.1d/ssl/s3_lib.c SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, 256, -diff -up openssl-1.1.1d/ssl/ssl_ciph.c.fips openssl-1.1.1d/ssl/ssl_ciph.c ---- openssl-1.1.1d/ssl/ssl_ciph.c.fips 2019-09-13 15:13:11.019525692 +0200 -+++ openssl-1.1.1d/ssl/ssl_ciph.c 2019-09-13 15:13:11.068524836 +0200 +diff -up openssl-1.1.1e/ssl/ssl_ciph.c.fips openssl-1.1.1e/ssl/ssl_ciph.c +--- openssl-1.1.1e/ssl/ssl_ciph.c.fips 2020-03-17 17:30:52.017567549 +0100 ++++ openssl-1.1.1e/ssl/ssl_ciph.c 2020-03-17 17:31:01.008410788 +0100 @@ -387,7 +387,7 @@ int ssl_load_ciphers(void) } } @@ -11513,9 +11511,9 @@ diff -up openssl-1.1.1d/ssl/ssl_ciph.c.fips openssl-1.1.1d/ssl/ssl_ciph.c if (!sk_SSL_CIPHER_push(cipherstack, curr->cipher)) { OPENSSL_free(co_list); sk_SSL_CIPHER_free(cipherstack); -diff -up openssl-1.1.1d/ssl/ssl_init.c.fips openssl-1.1.1d/ssl/ssl_init.c ---- openssl-1.1.1d/ssl/ssl_init.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/ssl/ssl_init.c 2019-09-13 15:13:11.068524836 +0200 +diff -up openssl-1.1.1e/ssl/ssl_init.c.fips openssl-1.1.1e/ssl/ssl_init.c +--- openssl-1.1.1e/ssl/ssl_init.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/ssl/ssl_init.c 2020-03-17 17:31:01.009410771 +0100 @@ -27,6 +27,10 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_bas fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " "Adding SSL ciphers and digests\n"); @@ -11559,10 +11557,10 @@ diff -up openssl-1.1.1d/ssl/ssl_init.c.fips openssl-1.1.1d/ssl/ssl_init.c #ifndef OPENSSL_NO_COMP # ifdef OPENSSL_INIT_DEBUG fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " -diff -up openssl-1.1.1d/ssl/ssl_lib.c.fips openssl-1.1.1d/ssl/ssl_lib.c ---- openssl-1.1.1d/ssl/ssl_lib.c.fips 2019-09-13 15:13:11.019525692 +0200 -+++ openssl-1.1.1d/ssl/ssl_lib.c 2019-09-13 15:13:11.069524818 +0200 -@@ -2916,6 +2916,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m +diff -up openssl-1.1.1e/ssl/ssl_lib.c.fips openssl-1.1.1e/ssl/ssl_lib.c +--- openssl-1.1.1e/ssl/ssl_lib.c.fips 2020-03-17 17:30:52.018567531 +0100 ++++ openssl-1.1.1e/ssl/ssl_lib.c 2020-03-17 17:31:01.011410736 +0100 +@@ -2970,6 +2970,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL)) return NULL; @@ -11574,7 +11572,7 @@ diff -up openssl-1.1.1d/ssl/ssl_lib.c.fips openssl-1.1.1d/ssl/ssl_lib.c if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); goto err; -@@ -2972,13 +2977,17 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m +@@ -3026,13 +3031,17 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m if (ret->param == NULL) goto err; @@ -11599,9 +11597,9 @@ diff -up openssl-1.1.1d/ssl/ssl_lib.c.fips openssl-1.1.1d/ssl/ssl_lib.c } if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL) -diff -up openssl-1.1.1d/ssl/ssl_locl.h.fips openssl-1.1.1d/ssl/ssl_locl.h ---- openssl-1.1.1d/ssl/ssl_locl.h.fips 2019-09-13 15:13:10.901527755 +0200 -+++ openssl-1.1.1d/ssl/ssl_locl.h 2019-09-13 15:13:11.069524818 +0200 +diff -up openssl-1.1.1e/ssl/ssl_local.h.fips openssl-1.1.1e/ssl/ssl_local.h +--- openssl-1.1.1e/ssl/ssl_local.h.fips 2020-03-17 17:30:51.842570600 +0100 ++++ openssl-1.1.1e/ssl/ssl_local.h 2020-03-17 17:31:10.740241108 +0100 @@ -1516,6 +1516,7 @@ typedef struct tls_group_info_st { # define TLS_CURVE_PRIME 0x0 # define TLS_CURVE_CHAR2 0x1 @@ -11610,10 +11608,10 @@ diff -up openssl-1.1.1d/ssl/ssl_locl.h.fips openssl-1.1.1d/ssl/ssl_locl.h typedef struct cert_pkey_st CERT_PKEY; -diff -up openssl-1.1.1d/ssl/t1_lib.c.fips openssl-1.1.1d/ssl/t1_lib.c ---- openssl-1.1.1d/ssl/t1_lib.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/ssl/t1_lib.c 2019-09-13 15:13:11.069524818 +0200 -@@ -158,11 +158,11 @@ static const TLS_GROUP_INFO nid_list[] = +diff -up openssl-1.1.1e/ssl/t1_lib.c.fips openssl-1.1.1e/ssl/t1_lib.c +--- openssl-1.1.1e/ssl/t1_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/ssl/t1_lib.c 2020-03-17 17:31:10.741241091 +0100 +@@ -159,11 +159,11 @@ static const TLS_GROUP_INFO nid_list[] = {NID_secp192k1, 80, TLS_CURVE_PRIME}, /* secp192k1 (18) */ {NID_X9_62_prime192v1, 80, TLS_CURVE_PRIME}, /* secp192r1 (19) */ {NID_secp224k1, 112, TLS_CURVE_PRIME}, /* secp224k1 (20) */ @@ -11629,7 +11627,7 @@ diff -up openssl-1.1.1d/ssl/t1_lib.c.fips openssl-1.1.1d/ssl/t1_lib.c {NID_brainpoolP256r1, 128, TLS_CURVE_PRIME}, /* brainpoolP256r1 (26) */ {NID_brainpoolP384r1, 192, TLS_CURVE_PRIME}, /* brainpoolP384r1 (27) */ {NID_brainpoolP512r1, 256, TLS_CURVE_PRIME}, /* brainpool512r1 (28) */ -@@ -257,6 +257,8 @@ int tls_curve_allowed(SSL *s, uint16_t c +@@ -258,6 +258,8 @@ int tls_curve_allowed(SSL *s, uint16_t c if (cinfo->flags & TLS_CURVE_CHAR2) return 0; # endif @@ -11638,9 +11636,9 @@ diff -up openssl-1.1.1d/ssl/t1_lib.c.fips openssl-1.1.1d/ssl/t1_lib.c ctmp[0] = curve >> 8; ctmp[1] = curve & 0xff; return ssl_security(s, op, cinfo->secbits, cinfo->nid, (void *)ctmp); -diff -up openssl-1.1.1d/test/dsatest.c.fips openssl-1.1.1d/test/dsatest.c ---- openssl-1.1.1d/test/dsatest.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/test/dsatest.c 2019-09-13 15:13:11.070524801 +0200 +diff -up openssl-1.1.1e/test/dsatest.c.fips openssl-1.1.1e/test/dsatest.c +--- openssl-1.1.1e/test/dsatest.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/dsatest.c 2020-03-17 17:31:10.741241091 +0100 @@ -24,41 +24,42 @@ #ifndef OPENSSL_NO_DSA static int dsa_cb(int p, int n, BN_GENCB *arg); @@ -11723,9 +11721,9 @@ diff -up openssl-1.1.1d/test/dsatest.c.fips openssl-1.1.1d/test/dsatest.c goto end; if (!TEST_int_eq(h, 2)) goto end; -diff -up openssl-1.1.1d/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1.1.1d/test/recipes/30-test_evp_data/evpciph.txt ---- openssl-1.1.1d/test/recipes/30-test_evp_data/evpciph.txt.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/test/recipes/30-test_evp_data/evpciph.txt 2019-09-13 15:13:11.070524801 +0200 +diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt +--- openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt 2020-03-17 17:31:10.742241073 +0100 @@ -1206,6 +1206,7 @@ Key = 0000000000000000000000000000000000 IV = 00000000000000000000000000000000 Plaintext = 0000000000000000000000000000000000000000000000000000000000000000 @@ -11734,13 +11732,13 @@ diff -up openssl-1.1.1d/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1 Cipher = aes-128-xts Key = 1111111111111111111111111111111122222222222222222222222222222222 -diff -up openssl-1.1.1d/util/libcrypto.num.fips openssl-1.1.1d/util/libcrypto.num ---- openssl-1.1.1d/util/libcrypto.num.fips 2019-09-13 15:13:11.071524783 +0200 -+++ openssl-1.1.1d/util/libcrypto.num 2019-09-13 15:15:39.895923481 +0200 -@@ -4582,3 +4582,38 @@ OPENSSL_INIT_set_config_file_flags - EVP_PKEY_get0_engine 4536 1_1_1c EXIST::FUNCTION:ENGINE - X509_get0_authority_serial 4537 1_1_1d EXIST::FUNCTION: - X509_get0_authority_issuer 4538 1_1_1d EXIST::FUNCTION: +diff -up openssl-1.1.1e/util/libcrypto.num.fips openssl-1.1.1e/util/libcrypto.num +--- openssl-1.1.1e/util/libcrypto.num.fips 2020-03-17 17:31:10.744241038 +0100 ++++ openssl-1.1.1e/util/libcrypto.num 2020-03-17 17:32:37.851722261 +0100 +@@ -4587,3 +4587,38 @@ EVP_PKEY_meth_set_digestverify + EVP_PKEY_meth_get_digestverify 4541 1_1_1e EXIST::FUNCTION: + EVP_PKEY_meth_get_digestsign 4542 1_1_1e EXIST::FUNCTION: + RSA_get0_pss_params 4543 1_1_1e EXIST::FUNCTION:RSA +FIPS_drbg_reseed 6348 1_1_0g EXIST::FUNCTION: +FIPS_selftest_check 6349 1_1_0g EXIST::FUNCTION: +FIPS_rand_set_method 6350 1_1_0g EXIST::FUNCTION: diff --git a/openssl-1.1.1-intel-cet.patch b/openssl-1.1.1-intel-cet.patch index c3ce4c6..a95bf9c 100644 --- a/openssl-1.1.1-intel-cet.patch +++ b/openssl-1.1.1-intel-cet.patch @@ -1,6 +1,6 @@ -diff -up openssl-1.1.1d/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1d/crypto/aes/asm/aesni-x86_64.pl ---- openssl-1.1.1d/crypto/aes/asm/aesni-x86_64.pl.intel-cet 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/aes/asm/aesni-x86_64.pl 2020-02-17 12:00:19.011235601 +0100 +diff -up openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl +--- openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl 2020-03-19 17:07:02.626522694 +0100 @@ -275,6 +275,7 @@ $code.=<<___; .align 16 ${PREFIX}_encrypt: @@ -25,41 +25,23 @@ diff -up openssl-1.1.1d/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1d/ ___ $code.=<<___ if ($win64); lea -0x58(%rsp),%rsp -@@ -984,6 +987,8 @@ $code.=<<___; - .type aesni_ccm64_encrypt_blocks,\@function,6 +@@ -985,6 +988,7 @@ $code.=<<___; .align 16 aesni_ccm64_encrypt_blocks: -+.cfi_startproc + .cfi_startproc + endbranch ___ $code.=<<___ if ($win64); lea -0x58(%rsp),%rsp -@@ -1066,6 +1071,7 @@ $code.=<<___ if ($win64); - ___ - $code.=<<___; - ret -+.cfi_endproc - .size aesni_ccm64_encrypt_blocks,.-aesni_ccm64_encrypt_blocks - ___ - ###################################################################### -@@ -1074,6 +1080,8 @@ $code.=<<___; - .type aesni_ccm64_decrypt_blocks,\@function,6 +@@ -1077,6 +1081,7 @@ $code.=<<___; .align 16 aesni_ccm64_decrypt_blocks: -+.cfi_startproc + .cfi_startproc + endbranch ___ $code.=<<___ if ($win64); lea -0x58(%rsp),%rsp -@@ -1173,6 +1181,7 @@ $code.=<<___ if ($win64); - ___ - $code.=<<___; - ret -+.cfi_endproc - .size aesni_ccm64_decrypt_blocks,.-aesni_ccm64_decrypt_blocks - ___ - } -@@ -1199,6 +1208,7 @@ $code.=<<___; +@@ -1203,6 +1208,7 @@ $code.=<<___; .align 16 aesni_ctr32_encrypt_blocks: .cfi_startproc @@ -67,7 +49,7 @@ diff -up openssl-1.1.1d/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1d/ cmp \$1,$len jne .Lctr32_bulk -@@ -1771,6 +1781,7 @@ $code.=<<___; +@@ -1775,6 +1781,7 @@ $code.=<<___; .align 16 aesni_xts_encrypt: .cfi_startproc @@ -75,7 +57,7 @@ diff -up openssl-1.1.1d/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1d/ lea (%rsp),%r11 # frame pointer .cfi_def_cfa_register %r11 push %rbp -@@ -2254,6 +2265,7 @@ $code.=<<___; +@@ -2258,6 +2265,7 @@ $code.=<<___; .align 16 aesni_xts_decrypt: .cfi_startproc @@ -83,7 +65,7 @@ diff -up openssl-1.1.1d/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1d/ lea (%rsp),%r11 # frame pointer .cfi_def_cfa_register %r11 push %rbp -@@ -2779,6 +2791,7 @@ $code.=<<___; +@@ -2783,6 +2791,7 @@ $code.=<<___; .align 32 aesni_ocb_encrypt: .cfi_startproc @@ -91,51 +73,7 @@ diff -up openssl-1.1.1d/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1d/ lea (%rsp),%rax push %rbx .cfi_push %rbx -@@ -3031,6 +3044,7 @@ $code.=<<___; - .type __ocb_encrypt6,\@abi-omnipotent - .align 32 - __ocb_encrypt6: -+.cfi_startproc - pxor $rndkey0l,@offset[5] # offset_i ^ round[0] - movdqu ($L_p,$i1),@offset[1] - movdqa @offset[0],@offset[2] -@@ -3128,11 +3142,13 @@ __ocb_encrypt6: - aesenclast @offset[4],$inout4 - aesenclast @offset[5],$inout5 - ret -+.cfi_endproc - .size __ocb_encrypt6,.-__ocb_encrypt6 - - .type __ocb_encrypt4,\@abi-omnipotent - .align 32 - __ocb_encrypt4: -+.cfi_startproc - pxor $rndkey0l,@offset[5] # offset_i ^ round[0] - movdqu ($L_p,$i1),@offset[1] - movdqa @offset[0],@offset[2] -@@ -3197,11 +3213,13 @@ __ocb_encrypt4: - aesenclast @offset[2],$inout2 - aesenclast @offset[3],$inout3 - ret -+.cfi_endproc - .size __ocb_encrypt4,.-__ocb_encrypt4 - - .type __ocb_encrypt1,\@abi-omnipotent - .align 32 - __ocb_encrypt1: -+.cfi_startproc - pxor @offset[5],$inout5 # offset_i - pxor $rndkey0l,$inout5 # offset_i ^ round[0] - pxor $inout0,$checksum # accumulate checksum -@@ -3232,6 +3250,7 @@ __ocb_encrypt1: - - aesenclast $inout5,$inout0 - ret -+.cfi_endproc - .size __ocb_encrypt1,.-__ocb_encrypt1 - - .globl aesni_ocb_decrypt -@@ -3239,6 +3258,7 @@ __ocb_encrypt1: +@@ -3249,6 +3258,7 @@ __ocb_encrypt1: .align 32 aesni_ocb_decrypt: .cfi_startproc @@ -143,51 +81,7 @@ diff -up openssl-1.1.1d/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1d/ lea (%rsp),%rax push %rbx .cfi_push %rbx -@@ -3513,6 +3533,7 @@ $code.=<<___; - .type __ocb_decrypt6,\@abi-omnipotent - .align 32 - __ocb_decrypt6: -+.cfi_startproc - pxor $rndkey0l,@offset[5] # offset_i ^ round[0] - movdqu ($L_p,$i1),@offset[1] - movdqa @offset[0],@offset[2] -@@ -3604,11 +3625,13 @@ __ocb_decrypt6: - aesdeclast @offset[4],$inout4 - aesdeclast @offset[5],$inout5 - ret -+.cfi_endproc - .size __ocb_decrypt6,.-__ocb_decrypt6 - - .type __ocb_decrypt4,\@abi-omnipotent - .align 32 - __ocb_decrypt4: -+.cfi_startproc - pxor $rndkey0l,@offset[5] # offset_i ^ round[0] - movdqu ($L_p,$i1),@offset[1] - movdqa @offset[0],@offset[2] -@@ -3669,11 +3692,13 @@ __ocb_decrypt4: - aesdeclast @offset[2],$inout2 - aesdeclast @offset[3],$inout3 - ret -+.cfi_endproc - .size __ocb_decrypt4,.-__ocb_decrypt4 - - .type __ocb_decrypt1,\@abi-omnipotent - .align 32 - __ocb_decrypt1: -+.cfi_startproc - pxor @offset[5],$inout5 # offset_i - pxor $rndkey0l,$inout5 # offset_i ^ round[0] - pxor $inout5,$inout0 # input ^ round[0] ^ offset_i -@@ -3703,6 +3728,7 @@ __ocb_decrypt1: - - aesdeclast $inout5,$inout0 - ret -+.cfi_endproc - .size __ocb_decrypt1,.-__ocb_decrypt1 - ___ - } }} -@@ -3721,6 +3747,7 @@ $code.=<<___; +@@ -3737,6 +3747,7 @@ $code.=<<___; .align 16 ${PREFIX}_cbc_encrypt: .cfi_startproc @@ -195,25 +89,9 @@ diff -up openssl-1.1.1d/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1d/ test $len,$len # check length jz .Lcbc_ret -@@ -4637,7 +4664,6 @@ __aesni_set_encrypt_key: - add \$8,%rsp - .cfi_adjust_cfa_offset -8 - ret --.cfi_endproc - .LSEH_end_set_encrypt_key: - - .align 16 -@@ -4708,6 +4734,7 @@ __aesni_set_encrypt_key: - shufps \$0b10101010,%xmm1,%xmm1 # critical path - xorps %xmm1,%xmm2 - ret -+.cfi_endproc - .size ${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key - .size __aesni_set_encrypt_key,.-__aesni_set_encrypt_key - ___ -diff -up openssl-1.1.1d/crypto/aes/asm/vpaes-x86_64.pl.intel-cet openssl-1.1.1d/crypto/aes/asm/vpaes-x86_64.pl ---- openssl-1.1.1d/crypto/aes/asm/vpaes-x86_64.pl.intel-cet 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/aes/asm/vpaes-x86_64.pl 2020-02-17 11:55:07.374557249 +0100 +diff -up openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl +--- openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl 2020-03-19 17:00:15.974621757 +0100 @@ -696,6 +696,7 @@ _vpaes_schedule_mangle: .align 16 ${PREFIX}_set_encrypt_key: @@ -254,9 +132,9 @@ diff -up openssl-1.1.1d/crypto/aes/asm/vpaes-x86_64.pl.intel-cet openssl-1.1.1d/ xchg $key,$len ___ ($len,$key)=($key,$len); -diff -up openssl-1.1.1d/crypto/async/arch/async_posix.c.intel-cet openssl-1.1.1d/crypto/async/arch/async_posix.c ---- openssl-1.1.1d/crypto/async/arch/async_posix.c.intel-cet 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/async/arch/async_posix.c 2020-02-17 11:55:07.374557249 +0100 +diff -up openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.c +--- openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/async/arch/async_posix.c 2020-03-19 17:00:15.974621757 +0100 @@ -34,7 +34,9 @@ void async_local_cleanup(void) int async_fibre_makecontext(async_fibre *fibre) @@ -267,9 +145,9 @@ diff -up openssl-1.1.1d/crypto/async/arch/async_posix.c.intel-cet openssl-1.1.1d if (getcontext(&fibre->fibre) == 0) { fibre->fibre.uc_stack.ss_sp = OPENSSL_malloc(STACKSIZE); if (fibre->fibre.uc_stack.ss_sp != NULL) { -diff -up openssl-1.1.1d/crypto/async/arch/async_posix.h.intel-cet openssl-1.1.1d/crypto/async/arch/async_posix.h ---- openssl-1.1.1d/crypto/async/arch/async_posix.h.intel-cet 2020-02-17 11:55:06.600570492 +0100 -+++ openssl-1.1.1d/crypto/async/arch/async_posix.h 2020-02-17 11:55:07.374557249 +0100 +diff -up openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.h +--- openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet 2020-03-19 17:00:15.435631166 +0100 ++++ openssl-1.1.1e/crypto/async/arch/async_posix.h 2020-03-19 17:00:15.975621739 +0100 @@ -25,17 +25,33 @@ # define ASYNC_POSIX # define ASYNC_ARCH @@ -313,10 +191,10 @@ diff -up openssl-1.1.1d/crypto/async/arch/async_posix.h.intel-cet openssl-1.1.1d return 1; } -diff -up openssl-1.1.1d/crypto/camellia/asm/cmll-x86_64.pl.intel-cet openssl-1.1.1d/crypto/camellia/asm/cmll-x86_64.pl ---- openssl-1.1.1d/crypto/camellia/asm/cmll-x86_64.pl.intel-cet 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/camellia/asm/cmll-x86_64.pl 2020-02-17 11:55:07.375557232 +0100 -@@ -677,6 +677,7 @@ $code.=<<___; +diff -up openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl +--- openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl 2020-03-19 17:00:15.975621739 +0100 +@@ -685,6 +685,7 @@ $code.=<<___; .align 16 Camellia_cbc_encrypt: .cfi_startproc @@ -324,9 +202,9 @@ diff -up openssl-1.1.1d/crypto/camellia/asm/cmll-x86_64.pl.intel-cet openssl-1.1 cmp \$0,%rdx je .Lcbc_abort push %rbx -diff -up openssl-1.1.1d/crypto/modes/asm/ghash-x86_64.pl.intel-cet openssl-1.1.1d/crypto/modes/asm/ghash-x86_64.pl ---- openssl-1.1.1d/crypto/modes/asm/ghash-x86_64.pl.intel-cet 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/modes/asm/ghash-x86_64.pl 2020-02-17 11:55:07.375557232 +0100 +diff -up openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl +--- openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl 2020-03-19 17:00:15.975621739 +0100 @@ -239,6 +239,7 @@ $code=<<___; .align 16 gcm_gmult_4bit: @@ -375,9 +253,9 @@ diff -up openssl-1.1.1d/crypto/modes/asm/ghash-x86_64.pl.intel-cet openssl-1.1.1 ___ if ($avx) { my ($Xip,$Htbl,$inp,$len)=@_4args; -diff -up openssl-1.1.1d/crypto/perlasm/cbc.pl.intel-cet openssl-1.1.1d/crypto/perlasm/cbc.pl ---- openssl-1.1.1d/crypto/perlasm/cbc.pl.intel-cet 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/perlasm/cbc.pl 2020-02-17 11:55:07.375557232 +0100 +diff -up openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet openssl-1.1.1e/crypto/perlasm/cbc.pl +--- openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/perlasm/cbc.pl 2020-03-19 17:00:15.976621722 +0100 @@ -165,21 +165,28 @@ sub cbc &jmp_ptr($count); @@ -407,9 +285,9 @@ diff -up openssl-1.1.1d/crypto/perlasm/cbc.pl.intel-cet openssl-1.1.1d/crypto/pe &movb(&LB("ecx"), &BP(0,$in,"",0)); &set_label("ejend"); -diff -up openssl-1.1.1d/crypto/perlasm/x86_64-xlate.pl.intel-cet openssl-1.1.1d/crypto/perlasm/x86_64-xlate.pl ---- openssl-1.1.1d/crypto/perlasm/x86_64-xlate.pl.intel-cet 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/perlasm/x86_64-xlate.pl 2020-02-17 11:55:07.375557232 +0100 +diff -up openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl +--- openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl 2020-03-19 17:00:15.984621582 +0100 @@ -101,6 +101,33 @@ elsif (!$gas) $decor="\$L\$"; } @@ -452,9 +330,9 @@ diff -up openssl-1.1.1d/crypto/perlasm/x86_64-xlate.pl.intel-cet openssl-1.1.1d/ print "\n$current_segment\tENDS\n" if ($current_segment && $masm); print "END\n" if ($masm); -diff -up openssl-1.1.1d/crypto/perlasm/x86gas.pl.intel-cet openssl-1.1.1d/crypto/perlasm/x86gas.pl ---- openssl-1.1.1d/crypto/perlasm/x86gas.pl.intel-cet 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/perlasm/x86gas.pl 2020-02-17 11:55:07.376557215 +0100 +diff -up openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86gas.pl +--- openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/perlasm/x86gas.pl 2020-03-19 17:00:15.985621565 +0100 @@ -124,6 +124,7 @@ sub ::function_begin_B push(@out,".align\t$align\n"); push(@out,"$func:\n"); @@ -490,292 +368,72 @@ diff -up openssl-1.1.1d/crypto/perlasm/x86gas.pl.intel-cet openssl-1.1.1d/crypto } sub ::data_byte { push(@out,".byte\t".join(',',@_)."\n"); } -diff -up openssl-1.1.1d/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet openssl-1.1.1d/crypto/poly1305/asm/poly1305-x86_64.pl ---- openssl-1.1.1d/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet 2020-02-17 11:55:07.376557215 +0100 -+++ openssl-1.1.1d/crypto/poly1305/asm/poly1305-x86_64.pl 2020-02-17 12:02:12.295308065 +0100 -@@ -90,7 +90,7 @@ if (!$avx && $win64 && ($flavour =~ /mas - $avx = ($1>=10) + ($1>=12); - } - --if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) { -+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) { - $avx = ($2>=3.0) + ($2>3.0); - } - -@@ -168,6 +168,7 @@ $code.=<<___; - .type poly1305_init,\@function,3 - .align 32 - poly1305_init: -+.cfi_startproc - xor %rax,%rax - mov %rax,0($ctx) # initialize hash value - mov %rax,8($ctx) -@@ -219,6 +220,7 @@ $code.=<<___; - mov \$1,%eax - .Lno_key: - ret -+.cfi_endproc - .size poly1305_init,.-poly1305_init - - .type poly1305_blocks,\@function,4 -@@ -298,6 +300,7 @@ $code.=<<___; - .type poly1305_emit,\@function,3 - .align 32 - poly1305_emit: -+.cfi_startproc - .Lemit: - mov 0($ctx),%r8 # load hash value - mov 8($ctx),%r9 -@@ -318,6 +321,7 @@ poly1305_emit: - mov %rcx,8($mac) - - ret -+.cfi_endproc - .size poly1305_emit,.-poly1305_emit - ___ - if ($avx) { -@@ -342,15 +346,18 @@ $code.=<<___; - .type __poly1305_block,\@abi-omnipotent - .align 32 - __poly1305_block: -+.cfi_startproc - ___ - &poly1305_iteration(); - $code.=<<___; - ret -+.cfi_endproc - .size __poly1305_block,.-__poly1305_block - - .type __poly1305_init_avx,\@abi-omnipotent - .align 32 - __poly1305_init_avx: -+.cfi_startproc - mov $r0,$h0 - mov $r1,$h1 - xor $h2,$h2 -@@ -508,6 +515,7 @@ __poly1305_init_avx: - - lea -48-64($ctx),$ctx # size [de-]optimization - ret -+.cfi_endproc - .size __poly1305_init_avx,.-__poly1305_init_avx - - .type poly1305_blocks_avx,\@function,4 -@@ -1373,6 +1381,7 @@ $code.=<<___; - .type poly1305_emit_avx,\@function,3 - .align 32 - poly1305_emit_avx: -+.cfi_startproc - cmpl \$0,20($ctx) # is_base2_26? - je .Lemit - -@@ -1423,6 +1432,7 @@ poly1305_emit_avx: - mov %rcx,8($mac) - - ret -+.cfi_endproc - .size poly1305_emit_avx,.-poly1305_emit_avx - ___ - -@@ -2741,6 +2751,7 @@ $code.=<<___; - .type poly1305_init_base2_44,\@function,3 - .align 32 - poly1305_init_base2_44: -+.cfi_startproc - xor %rax,%rax - mov %rax,0($ctx) # initialize hash value - mov %rax,8($ctx) -@@ -2782,6 +2793,7 @@ ___ - $code.=<<___; - mov \$1,%eax - ret -+.cfi_endproc - .size poly1305_init_base2_44,.-poly1305_init_base2_44 - ___ - { -@@ -2793,6 +2805,8 @@ $code.=<<___; - .type poly1305_blocks_vpmadd52,\@function,4 +diff -up openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl +--- openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet 2020-03-19 17:00:38.185234015 +0100 ++++ openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl 2020-03-19 17:05:46.575850341 +0100 +@@ -2806,6 +2806,7 @@ $code.=<<___; .align 32 poly1305_blocks_vpmadd52: -+.cfi_startproc + .cfi_startproc + endbranch shr \$4,$len jz .Lno_data_vpmadd52 # too short -@@ -2899,6 +2913,7 @@ poly1305_blocks_vpmadd52: - - .Lno_data_vpmadd52: - ret -+.cfi_endproc - .size poly1305_blocks_vpmadd52,.-poly1305_blocks_vpmadd52 - ___ - } -@@ -2916,6 +2931,7 @@ $code.=<<___; - .type poly1305_blocks_vpmadd52_4x,\@function,4 - .align 32 - poly1305_blocks_vpmadd52_4x: -+.cfi_startproc - shr \$4,$len - jz .Lno_data_vpmadd52_4x # too short - -@@ -3340,6 +3356,7 @@ poly1305_blocks_vpmadd52_4x: - - .Lno_data_vpmadd52_4x: - ret -+.cfi_endproc - .size poly1305_blocks_vpmadd52_4x,.-poly1305_blocks_vpmadd52_4x - ___ - } -@@ -3358,6 +3375,7 @@ $code.=<<___; - .type poly1305_blocks_vpmadd52_8x,\@function,4 - .align 32 - poly1305_blocks_vpmadd52_8x: -+.cfi_startproc - shr \$4,$len - jz .Lno_data_vpmadd52_8x # too short - -@@ -3713,6 +3731,7 @@ $code.=<<___; - - .Lno_data_vpmadd52_8x: - ret -+.cfi_endproc - .size poly1305_blocks_vpmadd52_8x,.-poly1305_blocks_vpmadd52_8x - ___ - } -@@ -3720,6 +3739,8 @@ $code.=<<___; - .type poly1305_emit_base2_44,\@function,3 +@@ -3739,6 +3740,7 @@ $code.=<<___; .align 32 poly1305_emit_base2_44: -+.cfi_startproc + .cfi_startproc + endbranch mov 0($ctx),%r8 # load hash value mov 8($ctx),%r9 mov 16($ctx),%r10 -@@ -3750,6 +3771,7 @@ poly1305_emit_base2_44: - mov %rcx,8($mac) - - ret -+.cfi_endproc - .size poly1305_emit_base2_44,.-poly1305_emit_base2_44 - ___ - } } } -@@ -3800,6 +3822,7 @@ $code.=<<___; - .type xor128_encrypt_n_pad,\@abi-omnipotent +diff -up openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl +--- openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet 2020-03-19 17:00:38.190233928 +0100 ++++ openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl 2020-03-19 17:05:02.598618064 +0100 +@@ -140,6 +140,7 @@ $code=<<___; .align 16 - xor128_encrypt_n_pad: -+.cfi_startproc - sub $otp,$inp - sub $otp,$out - mov $len,%r10 # put len aside -@@ -3841,12 +3864,14 @@ xor128_encrypt_n_pad: - .Ldone_enc: - mov $otp,%rax - ret -+.cfi_endproc - .size xor128_encrypt_n_pad,.-xor128_encrypt_n_pad - - .globl xor128_decrypt_n_pad - .type xor128_decrypt_n_pad,\@abi-omnipotent - .align 16 - xor128_decrypt_n_pad: -+.cfi_startproc - sub $otp,$inp - sub $otp,$out - mov $len,%r10 # put len aside -@@ -3892,6 +3917,7 @@ xor128_decrypt_n_pad: - .Ldone_dec: - mov $otp,%rax - ret -+.cfi_endproc - .size xor128_decrypt_n_pad,.-xor128_decrypt_n_pad - ___ - } -diff -up openssl-1.1.1d/crypto/rc4/asm/rc4-x86_64.pl.intel-cet openssl-1.1.1d/crypto/rc4/asm/rc4-x86_64.pl ---- openssl-1.1.1d/crypto/rc4/asm/rc4-x86_64.pl.intel-cet 2020-02-17 11:55:07.377557198 +0100 -+++ openssl-1.1.1d/crypto/rc4/asm/rc4-x86_64.pl 2020-02-17 12:03:09.117341235 +0100 -@@ -138,11 +138,13 @@ $code=<<___; - .globl RC4 - .type RC4,\@function,4 - .align 16 --RC4: or $len,$len -+RC4: -+.cfi_startproc + RC4: + .cfi_startproc + endbranch -+ or $len,$len + or $len,$len jne .Lentry ret - .Lentry: --.cfi_startproc - push %rbx - .cfi_push %rbx - push %r12 -@@ -453,6 +455,8 @@ $code.=<<___; - .type RC4_set_key,\@function,3 +@@ -455,6 +456,7 @@ $code.=<<___; .align 16 RC4_set_key: -+.cfi_startproc + .cfi_startproc + endbranch lea 8($dat),$dat lea ($inp,$len),$inp neg $len -@@ -519,12 +523,15 @@ RC4_set_key: - mov %eax,-8($dat) - mov %eax,-4($dat) - ret -+.cfi_endproc - .size RC4_set_key,.-RC4_set_key - - .globl RC4_options - .type RC4_options,\@abi-omnipotent +@@ -529,6 +531,7 @@ RC4_set_key: .align 16 RC4_options: -+.cfi_startproc + .cfi_startproc + endbranch lea .Lopts(%rip),%rax mov OPENSSL_ia32cap_P(%rip),%edx bt \$20,%edx -@@ -537,6 +544,7 @@ RC4_options: - add \$12,%rax - .Ldone: - ret -+.cfi_endproc - .align 64 - .Lopts: - .asciz "rc4(8x,int)" -diff -up openssl-1.1.1d/crypto/x86_64cpuid.pl.intel-cet openssl-1.1.1d/crypto/x86_64cpuid.pl ---- openssl-1.1.1d/crypto/x86_64cpuid.pl.intel-cet 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/x86_64cpuid.pl 2020-02-17 12:04:04.921391729 +0100 -@@ -39,6 +39,8 @@ print<<___; - .type OPENSSL_atomic_add,\@abi-omnipotent +diff -up openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet openssl-1.1.1e/crypto/x86_64cpuid.pl +--- openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/x86_64cpuid.pl 2020-03-19 17:03:58.172742775 +0100 +@@ -40,6 +40,7 @@ print<<___; .align 16 OPENSSL_atomic_add: -+.cfi_startproc + .cfi_startproc + endbranch movl ($arg1),%eax .Lspin: leaq ($arg2,%rax),%r8 .byte 0xf0 # lock -@@ -47,16 +49,20 @@ OPENSSL_atomic_add: - movl %r8d,%eax - .byte 0x48,0x98 # cltq/cdqe - ret -+.cfi_endproc - .size OPENSSL_atomic_add,.-OPENSSL_atomic_add - - .globl OPENSSL_rdtsc - .type OPENSSL_rdtsc,\@abi-omnipotent +@@ -56,6 +57,7 @@ OPENSSL_atomic_add: .align 16 OPENSSL_rdtsc: -+.cfi_startproc + .cfi_startproc + endbranch rdtsc shl \$32,%rdx or %rdx,%rax - ret -+.cfi_endproc - .size OPENSSL_rdtsc,.-OPENSSL_rdtsc - - .globl OPENSSL_ia32_cpuid -@@ -64,6 +70,7 @@ OPENSSL_rdtsc: +@@ -68,6 +70,7 @@ OPENSSL_rdtsc: .align 16 OPENSSL_ia32_cpuid: .cfi_startproc @@ -783,40 +441,31 @@ diff -up openssl-1.1.1d/crypto/x86_64cpuid.pl.intel-cet openssl-1.1.1d/crypto/x8 mov %rbx,%r8 # save %rbx .cfi_register %rbx,%r8 -@@ -232,6 +239,8 @@ OPENSSL_ia32_cpuid: - .type OPENSSL_cleanse,\@abi-omnipotent +@@ -237,6 +240,7 @@ OPENSSL_ia32_cpuid: .align 16 OPENSSL_cleanse: -+.cfi_startproc + .cfi_startproc + endbranch xor %rax,%rax cmp \$15,$arg2 jae .Lot -@@ -261,12 +270,15 @@ OPENSSL_cleanse: - cmp \$0,$arg2 - jne .Little - ret -+.cfi_endproc - .size OPENSSL_cleanse,.-OPENSSL_cleanse - - .globl CRYPTO_memcmp - .type CRYPTO_memcmp,\@abi-omnipotent +@@ -274,6 +278,7 @@ OPENSSL_cleanse: .align 16 CRYPTO_memcmp: -+.cfi_startproc + .cfi_startproc + endbranch xor %rax,%rax xor %r10,%r10 cmp \$0,$arg3 -@@ -295,6 +307,7 @@ CRYPTO_memcmp: - shr \$63,%rax - .Lno_data: - ret -+.cfi_endproc - .size CRYPTO_memcmp,.-CRYPTO_memcmp - ___ - -@@ -303,6 +316,8 @@ print<<___ if (!$win64); +@@ -312,6 +317,7 @@ print<<___ if (!$win64); + .align 16 + OPENSSL_wipe_cpu: + .cfi_startproc ++ endbranch + pxor %xmm0,%xmm0 + pxor %xmm1,%xmm1 + pxor %xmm2,%xmm2 +@@ -346,6 +352,8 @@ print<<___ if ($win64); .type OPENSSL_wipe_cpu,\@abi-omnipotent .align 16 OPENSSL_wipe_cpu: @@ -825,61 +474,27 @@ diff -up openssl-1.1.1d/crypto/x86_64cpuid.pl.intel-cet openssl-1.1.1d/crypto/x8 pxor %xmm0,%xmm0 pxor %xmm1,%xmm1 pxor %xmm2,%xmm2 -@@ -329,6 +344,7 @@ OPENSSL_wipe_cpu: - xorq %r11,%r11 - leaq 8(%rsp),%rax - ret -+.cfi_endproc - .size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu - ___ - print<<___ if ($win64); -@@ -365,6 +381,8 @@ print<<___; - .type OPENSSL_instrument_bus,\@abi-omnipotent +@@ -376,6 +384,7 @@ print<<___; .align 16 OPENSSL_instrument_bus: -+.cfi_startproc + .cfi_startproc + endbranch mov $arg1,$out # tribute to Win64 mov $arg2,$cnt mov $arg2,$max -@@ -391,12 +409,15 @@ OPENSSL_instrument_bus: - - mov $max,%rax - ret -+.cfi_endproc - .size OPENSSL_instrument_bus,.-OPENSSL_instrument_bus - - .globl OPENSSL_instrument_bus2 - .type OPENSSL_instrument_bus2,\@abi-omnipotent +@@ -410,6 +419,7 @@ OPENSSL_instrument_bus: .align 16 OPENSSL_instrument_bus2: -+.cfi_startproc + .cfi_startproc + endbranch mov $arg1,$out # tribute to Win64 mov $arg2,$cnt mov $arg3,$max -@@ -439,6 +460,7 @@ OPENSSL_instrument_bus2: - mov $redzone(%rsp),%rax - sub $cnt,%rax - ret -+.cfi_endproc - .size OPENSSL_instrument_bus2,.-OPENSSL_instrument_bus2 - ___ - } -@@ -450,6 +472,8 @@ print<<___; - .type OPENSSL_ia32_${rdop}_bytes,\@abi-omnipotent +@@ -465,6 +475,7 @@ print<<___; .align 16 OPENSSL_ia32_${rdop}_bytes: -+.cfi_startproc + .cfi_startproc + endbranch xor %rax, %rax # return value cmp \$0,$arg2 je .Ldone_${rdop}_bytes -@@ -486,6 +510,7 @@ OPENSSL_ia32_${rdop}_bytes: - .Ldone_${rdop}_bytes: - xor %r10,%r10 # Clear sensitive data from register - ret -+.cfi_endproc - .size OPENSSL_ia32_${rdop}_bytes,.-OPENSSL_ia32_${rdop}_bytes - ___ - } diff --git a/openssl-1.1.1-krb5-kdf.patch b/openssl-1.1.1-krb5-kdf.patch index 01afa9c..249a5c5 100644 --- a/openssl-1.1.1-krb5-kdf.patch +++ b/openssl-1.1.1-krb5-kdf.patch @@ -67,9 +67,9 @@ diff -up openssl-1.1.1d/crypto/evp/kdf_lib.c.krb5-kdf openssl-1.1.1d/crypto/evp/ }; DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, -diff -up openssl-1.1.1d/crypto/include/internal/evp_int.h.krb5-kdf openssl-1.1.1d/crypto/include/internal/evp_int.h ---- openssl-1.1.1d/crypto/include/internal/evp_int.h.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 -+++ openssl-1.1.1d/crypto/include/internal/evp_int.h 2019-11-14 15:07:05.342094129 +0100 +diff -up openssl-1.1.1d/include/crypto/evp.h.krb5-kdf openssl-1.1.1d/include/crypto/evp.h +--- openssl-1.1.1d/include/crypto/evp.h.krb5-kdf 2019-11-14 15:07:05.320094521 +0100 ++++ openssl-1.1.1d/include/crypto/evp.h 2019-11-14 15:07:05.342094129 +0100 @@ -130,6 +130,9 @@ extern const EVP_KDF_METHOD scrypt_kdf_m extern const EVP_KDF_METHOD tls1_prf_kdf_meth; extern const EVP_KDF_METHOD hkdf_kdf_meth; @@ -129,7 +129,7 @@ diff -up openssl-1.1.1d/crypto/kdf/kbkdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/kb + +#include "internal/numbers.h" +#include "internal/cryptlib.h" -+#include "internal/evp_int.h" ++#include "crypto/evp.h" +#include "kdf_local.h" + +#include "e_os.h" @@ -741,7 +741,7 @@ diff -up openssl-1.1.1d/crypto/kdf/krb5kdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/ +#include + +#include "internal/cryptlib.h" -+#include "internal/evp_int.h" ++#include "crypto/evp.h" +#include "kdf_local.h" + +/* KRB5 KDF defined in RFC 3961, Section 5.1 */ @@ -1155,7 +1155,7 @@ diff -up openssl-1.1.1d/crypto/kdf/sshkdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/s #include +#include "internal/numbers.h" #include "internal/cryptlib.h" - #include "internal/evp_int.h" + #include "crypto/evp.h" #include "kdf_local.h" @@ -68,6 +69,12 @@ static int kdf_sshkdf_parse_buffer_arg(u p = va_arg(args, const unsigned char *); @@ -1218,7 +1218,7 @@ diff -up openssl-1.1.1d/crypto/kdf/sskdf.c.krb5-kdf openssl-1.1.1d/crypto/kdf/ss +#include +#include +#include "internal/cryptlib.h" -+#include "internal/evp_int.h" ++#include "crypto/evp.h" +#include "kdf_local.h" + +struct evp_kdf_impl_st { diff --git a/openssl-1.1.1-s390x-update.patch b/openssl-1.1.1-s390x-update.patch index f46c1a5..83061af 100644 --- a/openssl-1.1.1-s390x-update.patch +++ b/openssl-1.1.1-s390x-update.patch @@ -1,13 +1,6 @@ -diff -up openssl-1.1.1b/crypto/chacha/asm/chacha-s390x.pl.s390x-update openssl-1.1.1b/crypto/chacha/asm/chacha-s390x.pl ---- openssl-1.1.1b/crypto/chacha/asm/chacha-s390x.pl.s390x-update 2019-02-26 15:15:30.000000000 +0100 -+++ openssl-1.1.1b/crypto/chacha/asm/chacha-s390x.pl 2019-05-06 10:54:00.035367605 +0200 -@@ -1,5 +1,5 @@ - #! /usr/bin/env perl --# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. -+# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. - # - # Licensed under the OpenSSL license (the "License"). You may not use - # this file except in compliance with the License. You can obtain a copy +diff -up openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl.s390x-update openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl +--- openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl.s390x-update 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/chacha/asm/chacha-s390x.pl 2020-03-19 16:45:05.483440129 +0100 @@ -20,41 +20,53 @@ # # 3 times faster than compiler-generated code. @@ -472,7 +465,7 @@ diff -up openssl-1.1.1b/crypto/chacha/asm/chacha-s390x.pl.s390x-update openssl-1 + vsldb (@b[$_],@b[$_],@b[$_],$odd?12:4) for (0..5); + vsldb (@d[$_],@d[$_],@d[$_],$odd?4:12) for (0..5); } --close STDOUT; +-close STDOUT or die "error closing STDOUT: $!"; + +PERLASM_BEGIN($output); + @@ -1290,9 +1283,9 @@ diff -up openssl-1.1.1b/crypto/chacha/asm/chacha-s390x.pl.s390x-update openssl-1 +ALIGN (4); + +PERLASM_END(); -diff -up openssl-1.1.1b/crypto/perlasm/s390x.pm.s390x-update openssl-1.1.1b/crypto/perlasm/s390x.pm ---- openssl-1.1.1b/crypto/perlasm/s390x.pm.s390x-update 2019-05-06 10:54:00.037367571 +0200 -+++ openssl-1.1.1b/crypto/perlasm/s390x.pm 2019-05-06 10:54:00.038367554 +0200 +diff -up openssl-1.1.1e/crypto/perlasm/s390x.pm.s390x-update openssl-1.1.1e/crypto/perlasm/s390x.pm +--- openssl-1.1.1e/crypto/perlasm/s390x.pm.s390x-update 2020-03-19 16:20:22.039227394 +0100 ++++ openssl-1.1.1e/crypto/perlasm/s390x.pm 2020-03-19 16:20:22.039227394 +0100 @@ -0,0 +1,3060 @@ +#!/usr/bin/env perl +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. @@ -4354,9 +4347,9 @@ diff -up openssl-1.1.1b/crypto/perlasm/s390x.pm.s390x-update openssl-1.1.1b/cryp +} + +1; -diff -up openssl-1.1.1b/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update openssl-1.1.1b/crypto/poly1305/asm/poly1305-s390x.pl ---- openssl-1.1.1b/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update 2019-02-26 15:15:30.000000000 +0100 -+++ openssl-1.1.1b/crypto/poly1305/asm/poly1305-s390x.pl 2019-05-06 10:54:00.036367588 +0200 +diff -up openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl +--- openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update 2020-03-19 16:20:22.041227359 +0100 ++++ openssl-1.1.1e/crypto/poly1305/asm/poly1305-s390x.pl 2020-03-19 16:23:22.364098257 +0100 @@ -24,204 +24,961 @@ # # On side note, z13 enables vector base 2^26 implementation... @@ -5494,11 +5487,11 @@ diff -up openssl-1.1.1b/crypto/poly1305/asm/poly1305-s390x.pl.s390x-update opens +STRING ("\"Poly1305 for s390x, CRYPTOGAMS by \""); -print $code; --close STDOUT; +-close STDOUT or die "error closing STDOUT: $!"; +PERLASM_END(); -diff -up openssl-1.1.1b/crypto/poly1305/build.info.s390x-update openssl-1.1.1b/crypto/poly1305/build.info ---- openssl-1.1.1b/crypto/poly1305/build.info.s390x-update 2019-05-06 10:54:00.036367588 +0200 -+++ openssl-1.1.1b/crypto/poly1305/build.info 2019-05-06 10:56:14.964105164 +0200 +diff -up openssl-1.1.1e/crypto/poly1305/build.info.s390x-update openssl-1.1.1e/crypto/poly1305/build.info +--- openssl-1.1.1e/crypto/poly1305/build.info.s390x-update 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/poly1305/build.info 2020-03-19 16:20:22.042227342 +0100 @@ -18,6 +18,7 @@ INCLUDE[poly1305-armv8.o]=.. GENERATE[poly1305-mips.S]=asm/poly1305-mips.pl $(PERLASM_SCHEME) INCLUDE[poly1305-mips.o]=.. diff --git a/openssl-1.1.1-ssh-kdf.patch b/openssl-1.1.1-ssh-kdf.patch index 08f02ac..1bf71c4 100644 --- a/openssl-1.1.1-ssh-kdf.patch +++ b/openssl-1.1.1-ssh-kdf.patch @@ -51,10 +51,10 @@ index 05f5cec3a9..811fe727f6 100644 }; DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *, -diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h +diff --git a/include/crypto/evp.h b/include/crypto/evp.h index a109e561b3..8c313c65ac 100644 ---- a/crypto/include/internal/evp_int.h -+++ b/crypto/include/internal/evp_int.h +--- a/include/crypto/evp.h ++++ b/include/crypto/evp.h @@ -129,6 +129,7 @@ extern const EVP_KDF_METHOD pbkdf2_kdf_meth; extern const EVP_KDF_METHOD scrypt_kdf_meth; extern const EVP_KDF_METHOD tls1_prf_kdf_meth; @@ -119,7 +119,7 @@ index 0000000000..24f37cbed4 +#include +#include +#include "internal/cryptlib.h" -+#include "internal/evp_int.h" ++#include "crypto/evp.h" +#include "kdf_local.h" + +/* See RFC 4253, Section 7.2 */ diff --git a/openssl-1.1.1-upstream-sync.patch b/openssl-1.1.1-upstream-sync.patch deleted file mode 100644 index 86448a0..0000000 --- a/openssl-1.1.1-upstream-sync.patch +++ /dev/null @@ -1,153 +0,0 @@ -commit 515c728dbaa92211d2eafb0041ab9fcd258fdc41 -Author: Bernd Edlinger -Date: Mon Sep 9 19:12:25 2019 +0200 - - Fix potential memory leaks with BN_to_ASN1_INTEGER - - Reviewed-by: Paul Dale - Reviewed-by: Matt Caswell - (Merged from https://github.com/openssl/openssl/pull/9833) - - (cherry picked from commit f28bc7d386b25fb75625d0c62c6b2e6d21de0d09) - -diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c -index 1ce1181fc1..7cbf8de981 100644 ---- a/crypto/ec/ec_asn1.c -+++ b/crypto/ec/ec_asn1.c -@@ -446,6 +446,7 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, - unsigned char *buffer = NULL; - const EC_POINT *point = NULL; - point_conversion_form_t form; -+ ASN1_INTEGER *orig; - - if (params == NULL) { - if ((ret = ECPARAMETERS_new()) == NULL) { -@@ -496,8 +497,9 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, - ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_EC_LIB); - goto err; - } -- ret->order = BN_to_ASN1_INTEGER(tmp, ret->order); -+ ret->order = BN_to_ASN1_INTEGER(tmp, orig = ret->order); - if (ret->order == NULL) { -+ ret->order = orig; - ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB); - goto err; - } -@@ -505,8 +507,9 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, - /* set the cofactor (optional) */ - tmp = EC_GROUP_get0_cofactor(group); - if (tmp != NULL) { -- ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor); -+ ret->cofactor = BN_to_ASN1_INTEGER(tmp, orig = ret->cofactor); - if (ret->cofactor == NULL) { -+ ret->cofactor = orig; - ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB); - goto err; - } -diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c -index 089f2ae29f..ef2d64826f 100644 ---- a/crypto/x509v3/v3_asid.c -+++ b/crypto/x509v3/v3_asid.c -@@ -256,6 +256,7 @@ static int extract_min_max(ASIdOrRange *aor, - static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) - { - ASN1_INTEGER *a_max_plus_one = NULL; -+ ASN1_INTEGER *orig; - BIGNUM *bn = NULL; - int i, ret = 0; - -@@ -298,9 +299,15 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) - */ - if ((bn == NULL && (bn = BN_new()) == NULL) || - ASN1_INTEGER_to_BN(a_max, bn) == NULL || -- !BN_add_word(bn, 1) || -- (a_max_plus_one = -- BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) { -+ !BN_add_word(bn, 1)) { -+ X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL, -+ ERR_R_MALLOC_FAILURE); -+ goto done; -+ } -+ -+ if ((a_max_plus_one = -+ BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { -+ a_max_plus_one = orig; - X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL, - ERR_R_MALLOC_FAILURE); - goto done; -@@ -351,6 +358,7 @@ int X509v3_asid_is_canonical(ASIdentifiers *asid) - static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) - { - ASN1_INTEGER *a_max_plus_one = NULL; -+ ASN1_INTEGER *orig; - BIGNUM *bn = NULL; - int i, ret = 0; - -@@ -416,9 +424,15 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) - */ - if ((bn == NULL && (bn = BN_new()) == NULL) || - ASN1_INTEGER_to_BN(a_max, bn) == NULL || -- !BN_add_word(bn, 1) || -- (a_max_plus_one = -- BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) { -+ !BN_add_word(bn, 1)) { -+ X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, -+ ERR_R_MALLOC_FAILURE); -+ goto done; -+ } -+ -+ if ((a_max_plus_one = -+ BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { -+ a_max_plus_one = orig; - X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, - ERR_R_MALLOC_FAILURE); - goto done; -commit 86ed78676c660b553696cc10c682962522dfeb6c -Author: Tomas Mraz -Date: Thu Sep 12 12:27:36 2019 +0200 - - BIO_f_zlib: Properly handle BIO_CTRL_PENDING and BIO_CTRL_WPENDING calls. - - There can be data to write in output buffer and data to read that were - not yet read in the input stream. - - Fixes #9866 - - Reviewed-by: Richard Levitte - (Merged from https://github.com/openssl/openssl/pull/9877) - - (cherry picked from commit 6beb8b39ba8e4cb005c1fcd2586ba19e17f04b95) - -diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c -index d688deee5f..7c1be358fd 100644 ---- a/crypto/comp/c_zlib.c -+++ b/crypto/comp/c_zlib.c -@@ -598,6 +598,28 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) - BIO_copy_next_retry(b); - break; - -+ case BIO_CTRL_WPENDING: -+ if (ctx->obuf == NULL) -+ return 0; -+ -+ if (ctx->odone) { -+ ret = ctx->ocount; -+ } else { -+ ret = ctx->ocount; -+ if (ret == 0) -+ /* Unknown amount pending but we are not finished */ -+ ret = 1; -+ } -+ if (ret == 0) -+ ret = BIO_ctrl(next, cmd, num, ptr); -+ break; -+ -+ case BIO_CTRL_PENDING: -+ ret = ctx->zin.avail_in; -+ if (ret == 0) -+ ret = BIO_ctrl(next, cmd, num, ptr); -+ break; -+ - default: - ret = BIO_ctrl(next, cmd, num, ptr); - break; diff --git a/openssl-1.1.1-version-override.patch b/openssl-1.1.1-version-override.patch index cbecb90..8404d7f 100644 --- a/openssl-1.1.1-version-override.patch +++ b/openssl-1.1.1-version-override.patch @@ -1,12 +1,12 @@ -diff -up openssl-1.1.1d/include/openssl/opensslv.h.version-override openssl-1.1.1d/include/openssl/opensslv.h ---- openssl-1.1.1d/include/openssl/opensslv.h.version-override 2019-09-13 15:26:32.606500244 +0200 -+++ openssl-1.1.1d/include/openssl/opensslv.h 2019-09-13 15:27:03.805950866 +0200 +diff -up openssl-1.1.1e/include/openssl/opensslv.h.version-override openssl-1.1.1e/include/openssl/opensslv.h +--- openssl-1.1.1e/include/openssl/opensslv.h.version-override 2020-03-17 18:05:00.750749987 +0100 ++++ openssl-1.1.1e/include/openssl/opensslv.h 2020-03-17 18:05:41.404038619 +0100 @@ -40,7 +40,7 @@ extern "C" { * major minor fix final patch/beta) */ - # define OPENSSL_VERSION_NUMBER 0x1010104fL --# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1d 10 Sep 2019" -+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1d FIPS 10 Sep 2019" + # define OPENSSL_VERSION_NUMBER 0x1010105fL +-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1e 17 Mar 2020" ++# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1e FIPS 17 Mar 2020" /*- * The macros below are to be used for shared library (.so, .dll, ...) diff --git a/openssl.spec b/openssl.spec index 91f3492..80af3b9 100644 --- a/openssl.spec +++ b/openssl.spec @@ -21,8 +21,8 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl -Version: 1.1.1d -Release: 7%{?dist} +Version: 1.1.1e +Release: 1%{?dist} Epoch: 1 # We have to remove certain patented algorithms from the openssl source # tarball with the hobble-openssl script which is included below. @@ -64,12 +64,11 @@ Patch49: openssl-1.1.1-evp-kdf.patch Patch50: openssl-1.1.1-ssh-kdf.patch Patch60: openssl-1.1.1-krb5-kdf.patch Patch61: openssl-1.1.1-intel-cet.patch +Patch65: openssl-1.1.1-fips-drbg-selftest.patch # Backported fixes including security fixes -Patch51: openssl-1.1.1-upstream-sync.patch Patch52: openssl-1.1.1-s390x-update.patch Patch53: openssl-1.1.1-fips-crng-test.patch Patch54: openssl-1.1.1-regression-fixes.patch -Patch55: openssl-1.1.1-aes-asm.patch License: OpenSSL URL: http://www.openssl.org/ @@ -167,13 +166,12 @@ cp %{SOURCE13} test/ %patch48 -p1 -b .fips-post-rand %patch49 -p1 -b .evp-kdf %patch50 -p1 -b .ssh-kdf -%patch51 -p1 -b .upstream-sync %patch52 -p1 -b .s390x-update %patch53 -p1 -b .crng-test %patch54 -p1 -b .regression -%patch55 -p1 -b .aes-asm %patch60 -p1 -b .krb5-kdf %patch61 -p1 -b .intel-cet +%patch65 -p1 -b .drbg-selftest %build @@ -460,6 +458,11 @@ export LD_LIBRARY_PATH %ldconfig_scriptlets libs %changelog +* Wed Mar 18 2020 Tomáš Mráz 1.1.1e-1 +- update to the 1.1.1e release +- add selftest of the RAND_DRBG implementation +- fix incorrect error return value from FIPS_selftest_dsa + * Mon Feb 17 2020 Tomáš Mráz 1.1.1d-7 - apply Intel CET support patches by hjl (#1788699) diff --git a/sources b/sources index 787f150..323aa7a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (openssl-1.1.1d-hobbled.tar.xz) = c350e4669b82dcbc7fcc997726e376392e2ee0c92c37a952eb02369f05780a8d1b0c265f6264ce0e7619e44200d2d057e3fdcb0fe22c168dfb28e9381841fc00 +SHA512 (openssl-1.1.1e-hobbled.tar.xz) = b0b415b376e12d7a74eeb915315741a9d4d3cef953969edb632d4683ea088e607ebeba37c4be0c781ca839ec20c108166faf5e228d7642217f86f7ab1a3ef15a